Action not permitted
Modal body text goes here.
Modal Title
Modal Body
CVE-2018-16862 (GCVE-0-2018-16862)
Vulnerability from cvelistv5 – Published: 2018-11-26 19:00 – Updated: 2024-08-05 10:32
VLAI?
EPSS
Summary
A security flaw was found in the Linux kernel in a way that the cleancache subsystem clears an inode after the final file truncation (removal). The new file created with the same inode may contain leftover pages from cleancache and the old file data instead of the new one.
Severity ?
5.3 (Medium)
CWE
Assigner
References
| URL | Tags | ||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T10:32:54.234Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "106009",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/106009"
},
{
"name": "USN-3879-2",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU",
"x_transferred"
],
"url": "https://usn.ubuntu.com/3879-2/"
},
{
"name": "[oss-security] 20181123 CVE-2018-16862: Linux kernel: cleancache: deleted files infoleak",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "https://seclists.org/oss-sec/2018/q4/169"
},
{
"name": "USN-3879-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU",
"x_transferred"
],
"url": "https://usn.ubuntu.com/3879-1/"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://lore.kernel.org/patchwork/patch/1011367/"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2018-16862"
},
{
"name": "[debian-lts-announce] 20190315 [SECURITY] [DLA 1715-1] linux-4.9 security update",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "https://lists.debian.org/debian-lts-announce/2019/03/msg00017.html"
},
{
"name": "[debian-lts-announce] 20190327 [SECURITY] [DLA 1731-1] linux security update",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "https://lists.debian.org/debian-lts-announce/2019/03/msg00034.html"
},
{
"name": "[debian-lts-announce] 20190401 [SECURITY] [DLA 1731-2] linux regression update",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "https://lists.debian.org/debian-lts-announce/2019/04/msg00004.html"
},
{
"name": "USN-4094-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU",
"x_transferred"
],
"url": "https://usn.ubuntu.com/4094-1/"
},
{
"name": "USN-4118-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU",
"x_transferred"
],
"url": "https://usn.ubuntu.com/4118-1/"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "kernel:",
"vendor": "[UNKNOWN]",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2018-11-23T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "A security flaw was found in the Linux kernel in a way that the cleancache subsystem clears an inode after the final file truncation (removal). The new file created with the same inode may contain leftover pages from cleancache and the old file data instead of the new one."
}
],
"metrics": [
{
"cvssV3_0": {
"attackComplexity": "HIGH",
"attackVector": "LOCAL",
"availabilityImpact": "NONE",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.0/AV:L/AC:H/PR:N/UI:R/S:U/C:H/I:L/A:N",
"version": "3.0"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-200",
"description": "CWE-200",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2019-09-02T23:06:12",
"orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"shortName": "redhat"
},
"references": [
{
"name": "106009",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/106009"
},
{
"name": "USN-3879-2",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU"
],
"url": "https://usn.ubuntu.com/3879-2/"
},
{
"name": "[oss-security] 20181123 CVE-2018-16862: Linux kernel: cleancache: deleted files infoleak",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "https://seclists.org/oss-sec/2018/q4/169"
},
{
"name": "USN-3879-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU"
],
"url": "https://usn.ubuntu.com/3879-1/"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://lore.kernel.org/patchwork/patch/1011367/"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2018-16862"
},
{
"name": "[debian-lts-announce] 20190315 [SECURITY] [DLA 1715-1] linux-4.9 security update",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "https://lists.debian.org/debian-lts-announce/2019/03/msg00017.html"
},
{
"name": "[debian-lts-announce] 20190327 [SECURITY] [DLA 1731-1] linux security update",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "https://lists.debian.org/debian-lts-announce/2019/03/msg00034.html"
},
{
"name": "[debian-lts-announce] 20190401 [SECURITY] [DLA 1731-2] linux regression update",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "https://lists.debian.org/debian-lts-announce/2019/04/msg00004.html"
},
{
"name": "USN-4094-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU"
],
"url": "https://usn.ubuntu.com/4094-1/"
},
{
"name": "USN-4118-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU"
],
"url": "https://usn.ubuntu.com/4118-1/"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"assignerShortName": "redhat",
"cveId": "CVE-2018-16862",
"datePublished": "2018-11-26T19:00:00",
"dateReserved": "2018-09-11T00:00:00",
"dateUpdated": "2024-08-05T10:32:54.234Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1",
"vulnerability-lookup:meta": {
"fkie_nvd": {
"configurations": "[{\"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*\", \"versionEndIncluding\": \"4.14\", \"matchCriteriaId\": \"C6AEE42C-583E-4CF3-B7F5-281021632835\"}]}]}, {\"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:redhat:enterprise_linux:7.0:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"142AD0DD-4CF3-4D74-9442-459CE3347E3A\"}]}]}, {\"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:lts:*:*:*\", \"matchCriteriaId\": \"B5A6F2F3-4894-4392-8296-3B8DD2679084\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:lts:*:*:*\", \"matchCriteriaId\": \"F7016A2A-8365-4F1A-89A2-7A19F2BCAE5B\"}]}]}, {\"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"C11E6FB0-C8C0-4527-9AA0-CB9B316F8F43\"}]}]}]",
"descriptions": "[{\"lang\": \"en\", \"value\": \"A security flaw was found in the Linux kernel in a way that the cleancache subsystem clears an inode after the final file truncation (removal). The new file created with the same inode may contain leftover pages from cleancache and the old file data instead of the new one.\"}, {\"lang\": \"es\", \"value\": \"Se ha detectado un fallo de seguridad en el kernel de Linux de manera que el subsistema \\\"cleancache\\\" borre un inode despu\\u00e9s del truncado de archivos final (eliminaci\\u00f3n). El nuevo archivo creado con el mismo inode podr\\u00eda contener p\\u00e1ginas restantes del \\\"cleancache\\\" y los datos antiguos del mismo, en vez de los del nuevo archivo.\"}]",
"id": "CVE-2018-16862",
"lastModified": "2024-11-21T03:53:28.293",
"metrics": "{\"cvssMetricV30\": [{\"source\": \"secalert@redhat.com\", \"type\": \"Secondary\", \"cvssData\": {\"version\": \"3.0\", \"vectorString\": \"CVSS:3.0/AV:L/AC:H/PR:N/UI:R/S:U/C:H/I:L/A:N\", \"baseScore\": 5.3, \"baseSeverity\": \"MEDIUM\", \"attackVector\": \"LOCAL\", \"attackComplexity\": \"HIGH\", \"privilegesRequired\": \"NONE\", \"userInteraction\": \"REQUIRED\", \"scope\": \"UNCHANGED\", \"confidentialityImpact\": \"HIGH\", \"integrityImpact\": \"LOW\", \"availabilityImpact\": \"NONE\"}, \"exploitabilityScore\": 1.0, \"impactScore\": 4.2}, {\"source\": \"nvd@nist.gov\", \"type\": \"Primary\", \"cvssData\": {\"version\": \"3.0\", \"vectorString\": \"CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N\", \"baseScore\": 5.5, \"baseSeverity\": \"MEDIUM\", \"attackVector\": \"LOCAL\", \"attackComplexity\": \"LOW\", \"privilegesRequired\": \"LOW\", \"userInteraction\": \"NONE\", \"scope\": \"UNCHANGED\", \"confidentialityImpact\": \"HIGH\", \"integrityImpact\": \"NONE\", \"availabilityImpact\": \"NONE\"}, \"exploitabilityScore\": 1.8, \"impactScore\": 3.6}], \"cvssMetricV2\": [{\"source\": \"nvd@nist.gov\", \"type\": \"Primary\", \"cvssData\": {\"version\": \"2.0\", \"vectorString\": \"AV:L/AC:L/Au:N/C:P/I:N/A:N\", \"baseScore\": 2.1, \"accessVector\": \"LOCAL\", \"accessComplexity\": \"LOW\", \"authentication\": \"NONE\", \"confidentialityImpact\": \"PARTIAL\", \"integrityImpact\": \"NONE\", \"availabilityImpact\": \"NONE\"}, \"baseSeverity\": \"LOW\", \"exploitabilityScore\": 3.9, \"impactScore\": 2.9, \"acInsufInfo\": false, \"obtainAllPrivilege\": false, \"obtainUserPrivilege\": false, \"obtainOtherPrivilege\": false, \"userInteractionRequired\": false}]}",
"published": "2018-11-26T19:29:00.327",
"references": "[{\"url\": \"http://www.securityfocus.com/bid/106009\", \"source\": \"secalert@redhat.com\", \"tags\": [\"Third Party Advisory\", \"VDB Entry\"]}, {\"url\": \"https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2018-16862\", \"source\": \"secalert@redhat.com\", \"tags\": [\"Issue Tracking\", \"Third Party Advisory\"]}, {\"url\": \"https://lists.debian.org/debian-lts-announce/2019/03/msg00017.html\", \"source\": \"secalert@redhat.com\", \"tags\": [\"Mailing List\", \"Third Party Advisory\"]}, {\"url\": \"https://lists.debian.org/debian-lts-announce/2019/03/msg00034.html\", \"source\": \"secalert@redhat.com\", \"tags\": [\"Mailing List\", \"Third Party Advisory\"]}, {\"url\": \"https://lists.debian.org/debian-lts-announce/2019/04/msg00004.html\", \"source\": \"secalert@redhat.com\"}, {\"url\": \"https://lore.kernel.org/patchwork/patch/1011367/\", \"source\": \"secalert@redhat.com\", \"tags\": [\"Issue Tracking\", \"Patch\", \"Vendor Advisory\"]}, {\"url\": \"https://seclists.org/oss-sec/2018/q4/169\", \"source\": \"secalert@redhat.com\", \"tags\": [\"Mailing List\", \"Third Party Advisory\"]}, {\"url\": \"https://usn.ubuntu.com/3879-1/\", \"source\": \"secalert@redhat.com\", \"tags\": [\"Third Party Advisory\"]}, {\"url\": \"https://usn.ubuntu.com/3879-2/\", \"source\": \"secalert@redhat.com\", \"tags\": [\"Third Party Advisory\"]}, {\"url\": \"https://usn.ubuntu.com/4094-1/\", \"source\": \"secalert@redhat.com\"}, {\"url\": \"https://usn.ubuntu.com/4118-1/\", \"source\": \"secalert@redhat.com\"}, {\"url\": \"http://www.securityfocus.com/bid/106009\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Third Party Advisory\", \"VDB Entry\"]}, {\"url\": \"https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2018-16862\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Issue Tracking\", \"Third Party Advisory\"]}, {\"url\": \"https://lists.debian.org/debian-lts-announce/2019/03/msg00017.html\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Mailing List\", \"Third Party Advisory\"]}, {\"url\": \"https://lists.debian.org/debian-lts-announce/2019/03/msg00034.html\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Mailing List\", \"Third Party Advisory\"]}, {\"url\": \"https://lists.debian.org/debian-lts-announce/2019/04/msg00004.html\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"https://lore.kernel.org/patchwork/patch/1011367/\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Issue Tracking\", \"Patch\", \"Vendor Advisory\"]}, {\"url\": \"https://seclists.org/oss-sec/2018/q4/169\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Mailing List\", \"Third Party Advisory\"]}, {\"url\": \"https://usn.ubuntu.com/3879-1/\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Third Party Advisory\"]}, {\"url\": \"https://usn.ubuntu.com/3879-2/\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Third Party Advisory\"]}, {\"url\": \"https://usn.ubuntu.com/4094-1/\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"https://usn.ubuntu.com/4118-1/\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}]",
"sourceIdentifier": "secalert@redhat.com",
"vulnStatus": "Modified",
"weaknesses": "[{\"source\": \"secalert@redhat.com\", \"type\": \"Secondary\", \"description\": [{\"lang\": \"en\", \"value\": \"CWE-200\"}]}, {\"source\": \"nvd@nist.gov\", \"type\": \"Primary\", \"description\": [{\"lang\": \"en\", \"value\": \"CWE-200\"}]}]"
},
"nvd": "{\"cve\":{\"id\":\"CVE-2018-16862\",\"sourceIdentifier\":\"secalert@redhat.com\",\"published\":\"2018-11-26T19:29:00.327\",\"lastModified\":\"2024-11-21T03:53:28.293\",\"vulnStatus\":\"Modified\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"A security flaw was found in the Linux kernel in a way that the cleancache subsystem clears an inode after the final file truncation (removal). The new file created with the same inode may contain leftover pages from cleancache and the old file data instead of the new one.\"},{\"lang\":\"es\",\"value\":\"Se ha detectado un fallo de seguridad en el kernel de Linux de manera que el subsistema \\\"cleancache\\\" borre un inode despu\u00e9s del truncado de archivos final (eliminaci\u00f3n). El nuevo archivo creado con el mismo inode podr\u00eda contener p\u00e1ginas restantes del \\\"cleancache\\\" y los datos antiguos del mismo, en vez de los del nuevo archivo.\"}],\"metrics\":{\"cvssMetricV30\":[{\"source\":\"secalert@redhat.com\",\"type\":\"Secondary\",\"cvssData\":{\"version\":\"3.0\",\"vectorString\":\"CVSS:3.0/AV:L/AC:H/PR:N/UI:R/S:U/C:H/I:L/A:N\",\"baseScore\":5.3,\"baseSeverity\":\"MEDIUM\",\"attackVector\":\"LOCAL\",\"attackComplexity\":\"HIGH\",\"privilegesRequired\":\"NONE\",\"userInteraction\":\"REQUIRED\",\"scope\":\"UNCHANGED\",\"confidentialityImpact\":\"HIGH\",\"integrityImpact\":\"LOW\",\"availabilityImpact\":\"NONE\"},\"exploitabilityScore\":1.0,\"impactScore\":4.2},{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"3.0\",\"vectorString\":\"CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N\",\"baseScore\":5.5,\"baseSeverity\":\"MEDIUM\",\"attackVector\":\"LOCAL\",\"attackComplexity\":\"LOW\",\"privilegesRequired\":\"LOW\",\"userInteraction\":\"NONE\",\"scope\":\"UNCHANGED\",\"confidentialityImpact\":\"HIGH\",\"integrityImpact\":\"NONE\",\"availabilityImpact\":\"NONE\"},\"exploitabilityScore\":1.8,\"impactScore\":3.6}],\"cvssMetricV2\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"2.0\",\"vectorString\":\"AV:L/AC:L/Au:N/C:P/I:N/A:N\",\"baseScore\":2.1,\"accessVector\":\"LOCAL\",\"accessComplexity\":\"LOW\",\"authentication\":\"NONE\",\"confidentialityImpact\":\"PARTIAL\",\"integrityImpact\":\"NONE\",\"availabilityImpact\":\"NONE\"},\"baseSeverity\":\"LOW\",\"exploitabilityScore\":3.9,\"impactScore\":2.9,\"acInsufInfo\":false,\"obtainAllPrivilege\":false,\"obtainUserPrivilege\":false,\"obtainOtherPrivilege\":false,\"userInteractionRequired\":false}]},\"weaknesses\":[{\"source\":\"secalert@redhat.com\",\"type\":\"Secondary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-200\"}]},{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-200\"}]}],\"configurations\":[{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*\",\"versionEndIncluding\":\"4.14\",\"matchCriteriaId\":\"C6AEE42C-583E-4CF3-B7F5-281021632835\"}]}]},{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:redhat:enterprise_linux:7.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"142AD0DD-4CF3-4D74-9442-459CE3347E3A\"}]}]},{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:lts:*:*:*\",\"matchCriteriaId\":\"B5A6F2F3-4894-4392-8296-3B8DD2679084\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:lts:*:*:*\",\"matchCriteriaId\":\"F7016A2A-8365-4F1A-89A2-7A19F2BCAE5B\"}]}]},{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"C11E6FB0-C8C0-4527-9AA0-CB9B316F8F43\"}]}]}],\"references\":[{\"url\":\"http://www.securityfocus.com/bid/106009\",\"source\":\"secalert@redhat.com\",\"tags\":[\"Third Party Advisory\",\"VDB Entry\"]},{\"url\":\"https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2018-16862\",\"source\":\"secalert@redhat.com\",\"tags\":[\"Issue Tracking\",\"Third Party Advisory\"]},{\"url\":\"https://lists.debian.org/debian-lts-announce/2019/03/msg00017.html\",\"source\":\"secalert@redhat.com\",\"tags\":[\"Mailing List\",\"Third Party Advisory\"]},{\"url\":\"https://lists.debian.org/debian-lts-announce/2019/03/msg00034.html\",\"source\":\"secalert@redhat.com\",\"tags\":[\"Mailing List\",\"Third Party Advisory\"]},{\"url\":\"https://lists.debian.org/debian-lts-announce/2019/04/msg00004.html\",\"source\":\"secalert@redhat.com\"},{\"url\":\"https://lore.kernel.org/patchwork/patch/1011367/\",\"source\":\"secalert@redhat.com\",\"tags\":[\"Issue Tracking\",\"Patch\",\"Vendor Advisory\"]},{\"url\":\"https://seclists.org/oss-sec/2018/q4/169\",\"source\":\"secalert@redhat.com\",\"tags\":[\"Mailing List\",\"Third Party Advisory\"]},{\"url\":\"https://usn.ubuntu.com/3879-1/\",\"source\":\"secalert@redhat.com\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://usn.ubuntu.com/3879-2/\",\"source\":\"secalert@redhat.com\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://usn.ubuntu.com/4094-1/\",\"source\":\"secalert@redhat.com\"},{\"url\":\"https://usn.ubuntu.com/4118-1/\",\"source\":\"secalert@redhat.com\"},{\"url\":\"http://www.securityfocus.com/bid/106009\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\",\"VDB Entry\"]},{\"url\":\"https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2018-16862\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Issue Tracking\",\"Third Party Advisory\"]},{\"url\":\"https://lists.debian.org/debian-lts-announce/2019/03/msg00017.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Mailing List\",\"Third Party Advisory\"]},{\"url\":\"https://lists.debian.org/debian-lts-announce/2019/03/msg00034.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Mailing List\",\"Third Party Advisory\"]},{\"url\":\"https://lists.debian.org/debian-lts-announce/2019/04/msg00004.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"https://lore.kernel.org/patchwork/patch/1011367/\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Issue Tracking\",\"Patch\",\"Vendor Advisory\"]},{\"url\":\"https://seclists.org/oss-sec/2018/q4/169\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Mailing List\",\"Third Party Advisory\"]},{\"url\":\"https://usn.ubuntu.com/3879-1/\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://usn.ubuntu.com/3879-2/\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://usn.ubuntu.com/4094-1/\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"https://usn.ubuntu.com/4118-1/\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"}]}}"
}
}
CERTFR-2019-AVI-071
Vulnerability from certfr_avis - Published: - Updated:
De multiples vulnérabilités ont été découvertes dans le noyau Linux de SUSE. Certaines d'entre elles permettent à un attaquant de provoquer un problème de sécurité non spécifié par l'éditeur, un déni de service et une atteinte à la confidentialité des données.
Solution
Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).
NoneImpacted products
| Vendor | Product | Description | ||
|---|---|---|---|---|
| SUSE | SUSE Linux Enterprise Server | SUSE Linux Enterprise Server 12-SP2-LTSS | ||
| SUSE | N/A | SUSE Linux Enterprise High Availability 12-SP2 | ||
| SUSE | N/A | OpenStack Cloud Magnum Orchestration 7 | ||
| SUSE | SUSE Linux Enterprise Server | SUSE Linux Enterprise Server 12-SP2-BCL | ||
| SUSE | N/A | SUSE OpenStack Cloud 7 | ||
| SUSE | N/A | SUSE Enterprise Storage 4 | ||
| SUSE | SUSE Linux Enterprise Server | SUSE Linux Enterprise Server pour SAP 12-SP2 |
References
| Title | Publication Time | Tags | |||
|---|---|---|---|---|---|
|
|||||
{
"$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
"affected_systems": [
{
"description": "SUSE Linux Enterprise Server 12-SP2-LTSS",
"product": {
"name": "SUSE Linux Enterprise Server",
"vendor": {
"name": "SUSE",
"scada": false
}
}
},
{
"description": "SUSE Linux Enterprise High Availability 12-SP2",
"product": {
"name": "N/A",
"vendor": {
"name": "SUSE",
"scada": false
}
}
},
{
"description": "OpenStack Cloud Magnum Orchestration 7",
"product": {
"name": "N/A",
"vendor": {
"name": "SUSE",
"scada": false
}
}
},
{
"description": "SUSE Linux Enterprise Server 12-SP2-BCL",
"product": {
"name": "SUSE Linux Enterprise Server",
"vendor": {
"name": "SUSE",
"scada": false
}
}
},
{
"description": "SUSE OpenStack Cloud 7",
"product": {
"name": "N/A",
"vendor": {
"name": "SUSE",
"scada": false
}
}
},
{
"description": "SUSE Enterprise Storage 4",
"product": {
"name": "N/A",
"vendor": {
"name": "SUSE",
"scada": false
}
}
},
{
"description": "SUSE Linux Enterprise Server pour SAP 12-SP2",
"product": {
"name": "SUSE Linux Enterprise Server",
"vendor": {
"name": "SUSE",
"scada": false
}
}
}
],
"affected_systems_content": null,
"content": "## Solution\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des\ncorrectifs (cf. section Documentation).\n",
"cves": [
{
"name": "CVE-2018-18710",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-18710"
},
{
"name": "CVE-2018-9568",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-9568"
},
{
"name": "CVE-2018-19985",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-19985"
},
{
"name": "CVE-2018-18281",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-18281"
},
{
"name": "CVE-2018-18690",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-18690"
},
{
"name": "CVE-2018-16862",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-16862"
},
{
"name": "CVE-2018-20169",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-20169"
},
{
"name": "CVE-2018-16884",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-16884"
},
{
"name": "CVE-2018-9516",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-9516"
},
{
"name": "CVE-2019-3460",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-3460"
},
{
"name": "CVE-2018-19824",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-19824"
},
{
"name": "CVE-2018-18386",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-18386"
},
{
"name": "CVE-2019-3459",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-3459"
}
],
"links": [],
"reference": "CERTFR-2019-AVI-071",
"revisions": [
{
"description": "Version initiale",
"revision_date": "2019-02-20T00:00:00.000000"
}
],
"risks": [
{
"description": "Non sp\u00e9cifi\u00e9 par l\u0027\u00e9diteur"
},
{
"description": "D\u00e9ni de service"
},
{
"description": "Atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es"
},
{
"description": "\u00c9l\u00e9vation de privil\u00e8ges"
}
],
"summary": "De multiples vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 d\u00e9couvertes dans le noyau Linux de\nSUSE. Certaines d\u0027entre elles permettent \u00e0 un attaquant de provoquer un\nprobl\u00e8me de s\u00e9curit\u00e9 non sp\u00e9cifi\u00e9 par l\u0027\u00e9diteur, un d\u00e9ni de service et\nune atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es.\n",
"title": "Multiples vuln\u00e9rabilit\u00e9s dans le noyau Linux de SUSE",
"vendor_advisories": [
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 SUSE SUSE-SU-2019:0439-1 du 19 f\u00e9vrier 2019",
"url": "https://www.suse.com/support/update/announcement/2019/suse-su-20190439-1/"
}
]
}
CERTFR-2019-AVI-419
Vulnerability from certfr_avis - Published: - Updated:
De multiples vulnérabilités ont été découvertes dans le noyau Linux d'Ubuntu. Elles permettent à un attaquant de provoquer un déni de service et un contournement de la politique de sécurité.
Solution
Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).
NoneImpacted products
References
| Title | Publication Time | Tags | |||
|---|---|---|---|---|---|
|
|||||
{
"$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
"affected_systems": [
{
"description": "Ubuntu 16.04 LTS",
"product": {
"name": "Ubuntu",
"vendor": {
"name": "Ubuntu",
"scada": false
}
}
},
{
"description": "Ubuntu 18.04 LTS",
"product": {
"name": "Ubuntu",
"vendor": {
"name": "Ubuntu",
"scada": false
}
}
},
{
"description": "Ubuntu 19.04",
"product": {
"name": "Ubuntu",
"vendor": {
"name": "Ubuntu",
"scada": false
}
}
}
],
"affected_systems_content": null,
"content": "## Solution\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des\ncorrectifs (cf. section Documentation).\n",
"cves": [
{
"name": "CVE-2018-20784",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-20784"
},
{
"name": "CVE-2019-2024",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-2024"
},
{
"name": "CVE-2019-15221",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-15221"
},
{
"name": "CVE-2018-13100",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-13100"
},
{
"name": "CVE-2019-15215",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-15215"
},
{
"name": "CVE-2018-14615",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-14615"
},
{
"name": "CVE-2018-20856",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-20856"
},
{
"name": "CVE-2019-10207",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-10207"
},
{
"name": "CVE-2019-14763",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-14763"
},
{
"name": "CVE-2018-19985",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-19985"
},
{
"name": "CVE-2019-10638",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-10638"
},
{
"name": "CVE-2019-11810",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-11810"
},
{
"name": "CVE-2019-13648",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-13648"
},
{
"name": "CVE-2019-15292",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-15292"
},
{
"name": "CVE-2019-15214",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-15214"
},
{
"name": "CVE-2018-13053",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-13053"
},
{
"name": "CVE-2018-13093",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-13093"
},
{
"name": "CVE-2019-11833",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-11833"
},
{
"name": "CVE-2018-14613",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-14613"
},
{
"name": "CVE-2019-15212",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-15212"
},
{
"name": "CVE-2018-13096",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-13096"
},
{
"name": "CVE-2019-11085",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-11085"
},
{
"name": "CVE-2019-3846",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-3846"
},
{
"name": "CVE-2018-14609",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-14609"
},
{
"name": "CVE-2019-13272",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-13272"
},
{
"name": "CVE-2018-20511",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-20511"
},
{
"name": "CVE-2019-14284",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-14284"
},
{
"name": "CVE-2018-16862",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-16862"
},
{
"name": "CVE-2019-10639",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-10639"
},
{
"name": "CVE-2018-20169",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-20169"
},
{
"name": "CVE-2018-14616",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-14616"
},
{
"name": "CVE-2019-12984",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-12984"
},
{
"name": "CVE-2019-15220",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-15220"
},
{
"name": "CVE-2019-11884",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-11884"
},
{
"name": "CVE-2019-3819",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-3819"
},
{
"name": "CVE-2018-14617",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-14617"
},
{
"name": "CVE-2019-3701",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-3701"
},
{
"name": "CVE-2019-3900",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-3900"
},
{
"name": "CVE-2019-12818",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-12818"
},
{
"name": "CVE-2019-15211",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-15211"
},
{
"name": "CVE-2019-11815",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-11815"
},
{
"name": "CVE-2018-13097",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-13097"
},
{
"name": "CVE-2019-13233",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-13233"
},
{
"name": "CVE-2019-2101",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-2101"
},
{
"name": "CVE-2018-13099",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-13099"
},
{
"name": "CVE-2019-11599",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-11599"
},
{
"name": "CVE-2018-14614",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-14614"
},
{
"name": "CVE-2019-15218",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-15218"
},
{
"name": "CVE-2018-14610",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-14610"
},
{
"name": "CVE-2018-13098",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-13098"
},
{
"name": "CVE-2018-14612",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-14612"
},
{
"name": "CVE-2019-10126",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-10126"
},
{
"name": "CVE-2019-11487",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-11487"
},
{
"name": "CVE-2019-15090",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-15090"
},
{
"name": "CVE-2019-0136",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-0136"
},
{
"name": "CVE-2019-13631",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-13631"
},
{
"name": "CVE-2019-9506",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-9506"
},
{
"name": "CVE-2018-5383",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-5383"
},
{
"name": "CVE-2019-12819",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-12819"
},
{
"name": "CVE-2018-14611",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-14611"
},
{
"name": "CVE-2019-15216",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-15216"
},
{
"name": "CVE-2019-14283",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-14283"
}
],
"links": [],
"reference": "CERTFR-2019-AVI-419",
"revisions": [
{
"description": "Version initiale",
"revision_date": "2019-09-03T00:00:00.000000"
}
],
"risks": [
{
"description": "D\u00e9ni de service \u00e0 distance"
},
{
"description": "Ex\u00e9cution de code arbitraire"
},
{
"description": "D\u00e9ni de service"
},
{
"description": "Contournement de la politique de s\u00e9curit\u00e9"
},
{
"description": "Atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es"
},
{
"description": "\u00c9l\u00e9vation de privil\u00e8ges"
}
],
"summary": "De multiples vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 d\u00e9couvertes dans le noyau Linux\nd\u0027Ubuntu. Elles permettent \u00e0 un attaquant de provoquer un d\u00e9ni de\nservice et un contournement de la politique de s\u00e9curit\u00e9.\n",
"title": "Multiples vuln\u00e9rabilit\u00e9s dans le noyau Linux d\u0027Ubuntu",
"vendor_advisories": [
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Ubuntu du 02 septembre 2019",
"url": "https://usn.ubuntu.com/4118-1/"
}
]
}
CERTFR-2019-AVI-038
Vulnerability from certfr_avis - Published: - Updated:
De multiples vulnérabilités ont été découvertes dans le noyau Linux de SUSE. Elles permettent à un attaquant de provoquer un problème de sécurité non spécifié par l'éditeur, un déni de service et une élévation de privilèges.
Solution
Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).
NoneImpacted products
| Vendor | Product | Description | ||
|---|---|---|---|---|
| SUSE | SUSE Linux Enterprise Server | SUSE Linux Enterprise Server 11-SP3-LTSS | ||
| SUSE | N/A | SUSE Linux Enterprise Point of Sale 11-SP3 | ||
| SUSE | SUSE Linux Enterprise Desktop | SUSE Linux Enterprise Desktop 12-SP4 | ||
| SUSE | N/A | SUSE Linux Enterprise Software Development Kit 12-SP4 | ||
| SUSE | N/A | SUSE Linux Enterprise Workstation Extension 12-SP4 | ||
| SUSE | N/A | SUSE Linux Enterprise Debuginfo 11-SP3 | ||
| SUSE | SUSE Linux Enterprise Server | SUSE Linux Enterprise Server 12-SP4 | ||
| SUSE | N/A | SUSE Linux Enterprise High Availability 12-SP4 | ||
| SUSE | SUSE Linux Enterprise Live Patching | SUSE Linux Enterprise Live Patching 12-SP4 | ||
| SUSE | SUSE Linux Enterprise Server | SUSE Linux Enterprise Server 11-EXTRA |
References
| Title | Publication Time | Tags | ||||||
|---|---|---|---|---|---|---|---|---|
|
||||||||
{
"$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
"affected_systems": [
{
"description": "SUSE Linux Enterprise Server 11-SP3-LTSS",
"product": {
"name": "SUSE Linux Enterprise Server",
"vendor": {
"name": "SUSE",
"scada": false
}
}
},
{
"description": "SUSE Linux Enterprise Point of Sale 11-SP3",
"product": {
"name": "N/A",
"vendor": {
"name": "SUSE",
"scada": false
}
}
},
{
"description": "SUSE Linux Enterprise Desktop 12-SP4",
"product": {
"name": "SUSE Linux Enterprise Desktop",
"vendor": {
"name": "SUSE",
"scada": false
}
}
},
{
"description": "SUSE Linux Enterprise Software Development Kit 12-SP4",
"product": {
"name": "N/A",
"vendor": {
"name": "SUSE",
"scada": false
}
}
},
{
"description": "SUSE Linux Enterprise Workstation Extension 12-SP4",
"product": {
"name": "N/A",
"vendor": {
"name": "SUSE",
"scada": false
}
}
},
{
"description": "SUSE Linux Enterprise Debuginfo 11-SP3",
"product": {
"name": "N/A",
"vendor": {
"name": "SUSE",
"scada": false
}
}
},
{
"description": "SUSE Linux Enterprise Server 12-SP4",
"product": {
"name": "SUSE Linux Enterprise Server",
"vendor": {
"name": "SUSE",
"scada": false
}
}
},
{
"description": "SUSE Linux Enterprise High Availability 12-SP4",
"product": {
"name": "N/A",
"vendor": {
"name": "SUSE",
"scada": false
}
}
},
{
"description": "SUSE Linux Enterprise Live Patching 12-SP4",
"product": {
"name": "SUSE Linux Enterprise Live Patching",
"vendor": {
"name": "SUSE",
"scada": false
}
}
},
{
"description": "SUSE Linux Enterprise Server 11-EXTRA",
"product": {
"name": "SUSE Linux Enterprise Server",
"vendor": {
"name": "SUSE",
"scada": false
}
}
}
],
"affected_systems_content": null,
"content": "## Solution\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des\ncorrectifs (cf. section Documentation).\n",
"cves": [
{
"name": "CVE-2018-18710",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-18710"
},
{
"name": "CVE-2018-16658",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-16658"
},
{
"name": "CVE-2018-19407",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-19407"
},
{
"name": "CVE-2018-9568",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-9568"
},
{
"name": "CVE-2018-19985",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-19985"
},
{
"name": "CVE-2017-1000407",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-1000407"
},
{
"name": "CVE-2018-12232",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-12232"
},
{
"name": "CVE-2018-14625",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-14625"
},
{
"name": "CVE-2017-7273",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-7273"
},
{
"name": "CVE-2018-18397",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-18397"
},
{
"name": "CVE-2018-18281",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-18281"
},
{
"name": "CVE-2013-2547",
"url": "https://www.cve.org/CVERecord?id=CVE-2013-2547"
},
{
"name": "CVE-2018-16862",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-16862"
},
{
"name": "CVE-2018-20169",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-20169"
},
{
"name": "CVE-2018-19854",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-19854"
},
{
"name": "CVE-2018-16884",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-16884"
},
{
"name": "CVE-2018-9516",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-9516"
},
{
"name": "CVE-2018-19824",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-19824"
},
{
"name": "CVE-2018-10940",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-10940"
},
{
"name": "CVE-2017-16533",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-16533"
},
{
"name": "CVE-2018-18386",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-18386"
}
],
"links": [],
"reference": "CERTFR-2019-AVI-038",
"revisions": [
{
"description": "Version initiale",
"revision_date": "2019-01-30T00:00:00.000000"
}
],
"risks": [
{
"description": "Non sp\u00e9cifi\u00e9 par l\u0027\u00e9diteur"
},
{
"description": "D\u00e9ni de service"
},
{
"description": "\u00c9l\u00e9vation de privil\u00e8ges"
}
],
"summary": "De multiples vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 d\u00e9couvertes dans le noyau Linux de\nSUSE. Elles permettent \u00e0 un attaquant de provoquer un probl\u00e8me de\ns\u00e9curit\u00e9 non sp\u00e9cifi\u00e9 par l\u0027\u00e9diteur, un d\u00e9ni de service et une \u00e9l\u00e9vation\nde privil\u00e8ges.\n",
"title": "Multiples vuln\u00e9rabilit\u00e9s dans le noyau Linux de SUSE",
"vendor_advisories": [
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 SUSE suse-su-201913937-1 du 29 janvier 2019",
"url": "https://www.suse.com/support/update/announcement/2019/suse-su-201913937-1/"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 SUSE suse-su-20190196-1 du 29 janvier 2019",
"url": "https://www.suse.com/support/update/announcement/2019/suse-su-20190196-1/"
}
]
}
CERTFR-2019-AVI-042
Vulnerability from certfr_avis - Published: - Updated:
De multiples vulnérabilités ont été découvertes dans le noyau Linux de SUSE. Certaines d'entre elles permettent à un attaquant de provoquer un déni de service à distance, un déni de service et un contournement de la politique de sécurité.
Solution
Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).
NoneImpacted products
| Vendor | Product | Description | ||
|---|---|---|---|---|
| SUSE | N/A | SUSE Linux Enterprise Module pour Live Patching 15 | ||
| SUSE | N/A | SUSE Linux Enterprise Module pour Open Buildservice Development Tools 15 | ||
| SUSE | N/A | SUSE Linux Enterprise Module pour Basesystem 15 | ||
| SUSE | SUSE Linux Enterprise Live Patching | SUSE Linux Enterprise Live Patching 12-SP3 | ||
| SUSE | N/A | SUSE Linux Enterprise Module pour Legacy Software 15 | ||
| SUSE | N/A | SUSE Linux Enterprise High Availability 15 | ||
| SUSE | N/A | SUSE Linux Enterprise Module pour Development Tools 15 | ||
| SUSE | N/A | SUSE Linux Enterprise Workstation Extension 15 | ||
| SUSE | SUSE Linux Enterprise Server | SUSE Linux Enterprise Server 12-SP4 | ||
| SUSE | SUSE Linux Enterprise Live Patching | SUSE Linux Enterprise Live Patching 12-SP4 |
References
| Title | Publication Time | Tags | ||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||
{
"$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
"affected_systems": [
{
"description": "SUSE Linux Enterprise Module pour Live Patching 15",
"product": {
"name": "N/A",
"vendor": {
"name": "SUSE",
"scada": false
}
}
},
{
"description": "SUSE Linux Enterprise Module pour Open Buildservice Development Tools 15",
"product": {
"name": "N/A",
"vendor": {
"name": "SUSE",
"scada": false
}
}
},
{
"description": "SUSE Linux Enterprise Module pour Basesystem 15",
"product": {
"name": "N/A",
"vendor": {
"name": "SUSE",
"scada": false
}
}
},
{
"description": "SUSE Linux Enterprise Live Patching 12-SP3",
"product": {
"name": "SUSE Linux Enterprise Live Patching",
"vendor": {
"name": "SUSE",
"scada": false
}
}
},
{
"description": "SUSE Linux Enterprise Module pour Legacy Software 15",
"product": {
"name": "N/A",
"vendor": {
"name": "SUSE",
"scada": false
}
}
},
{
"description": "SUSE Linux Enterprise High Availability 15",
"product": {
"name": "N/A",
"vendor": {
"name": "SUSE",
"scada": false
}
}
},
{
"description": "SUSE Linux Enterprise Module pour Development Tools 15",
"product": {
"name": "N/A",
"vendor": {
"name": "SUSE",
"scada": false
}
}
},
{
"description": "SUSE Linux Enterprise Workstation Extension 15",
"product": {
"name": "N/A",
"vendor": {
"name": "SUSE",
"scada": false
}
}
},
{
"description": "SUSE Linux Enterprise Server 12-SP4",
"product": {
"name": "SUSE Linux Enterprise Server",
"vendor": {
"name": "SUSE",
"scada": false
}
}
},
{
"description": "SUSE Linux Enterprise Live Patching 12-SP4",
"product": {
"name": "SUSE Linux Enterprise Live Patching",
"vendor": {
"name": "SUSE",
"scada": false
}
}
}
],
"affected_systems_content": null,
"content": "## Solution\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des\ncorrectifs (cf. section Documentation).\n",
"cves": [
{
"name": "CVE-2018-18710",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-18710"
},
{
"name": "CVE-2018-19407",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-19407"
},
{
"name": "CVE-2018-9568",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-9568"
},
{
"name": "CVE-2018-19985",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-19985"
},
{
"name": "CVE-2018-12232",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-12232"
},
{
"name": "CVE-2018-14625",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-14625"
},
{
"name": "CVE-2018-18397",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-18397"
},
{
"name": "CVE-2018-18281",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-18281"
},
{
"name": "CVE-2017-5753",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-5753"
},
{
"name": "CVE-2018-16862",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-16862"
},
{
"name": "CVE-2018-20169",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-20169"
},
{
"name": "CVE-2018-19854",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-19854"
},
{
"name": "CVE-2018-16884",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-16884"
},
{
"name": "CVE-2018-19824",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-19824"
}
],
"links": [],
"reference": "CERTFR-2019-AVI-042",
"revisions": [
{
"description": "Version initiale",
"revision_date": "2019-02-04T00:00:00.000000"
},
{
"description": "Ajout d\u0027un bulletin de s\u00e9curit\u00e9",
"revision_date": "2019-02-06T00:00:00.000000"
},
{
"description": "Ajout du bulletin de s\u00e9curit\u00e9 SUSE SUSE-SU-2019:0298-1 du 8 f\u00e9vrier 2019",
"revision_date": "2019-02-11T00:00:00.000000"
}
],
"risks": [
{
"description": "D\u00e9ni de service \u00e0 distance"
},
{
"description": "Atteinte \u00e0 l\u0027int\u00e9grit\u00e9 des donn\u00e9es"
},
{
"description": "D\u00e9ni de service"
},
{
"description": "Contournement de la politique de s\u00e9curit\u00e9"
},
{
"description": "Atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es"
},
{
"description": "\u00c9l\u00e9vation de privil\u00e8ges"
}
],
"summary": "De multiples vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 d\u00e9couvertes dans le noyau Linux de\nSUSE. Certaines d\u0027entre elles permettent \u00e0 un attaquant de provoquer un\nd\u00e9ni de service \u00e0 distance, un d\u00e9ni de service et un contournement de la\npolitique de s\u00e9curit\u00e9.\n",
"title": "Multiples vuln\u00e9rabilit\u00e9s dans le noyau Linux de SUSE",
"vendor_advisories": [
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 SUSE SUSE-SU-2019:0298-1 du 8 f\u00e9vrier 2019",
"url": "https://www.suse.com/support/update/announcement/2019/suse-su-20190298-1/"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 SUSE SUSE-SU-2019:0236-1 du 5 f\u00e9vrier 2019",
"url": "https://www.suse.com/support/update/announcement/2019/suse-su-20190236-1/"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 SUSE SUSE-SU-2019:0222-1 du 1 f\u00e9vrier 2019",
"url": "https://www.suse.com/support/update/announcement/2019/suse-su-20190222-1/"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 SUSE SUSE-SU-2019:0224-1 du 1 f\u00e9vrier 2019",
"url": "https://www.suse.com/support/update/announcement/2019/suse-su-20190224-1/"
}
]
}
CERTFR-2019-AVI-044
Vulnerability from certfr_avis - Published: - Updated:
De multiples vulnérabilités ont été découvertes dans le noyau Linux d'Ubuntu. Certaines d'entre elles permettent à un attaquant de provoquer une exécution de code arbitraire, un déni de service et une atteinte à la confidentialité des données.
Solution
Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).
NoneImpacted products
References
| Title | Publication Time | Tags | ||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||||||||||||||||||||
{
"$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
"affected_systems": [
{
"description": "Ubuntu 16.04 LTS",
"product": {
"name": "Ubuntu",
"vendor": {
"name": "Ubuntu",
"scada": false
}
}
},
{
"description": "Ubuntu 18.04 LTS",
"product": {
"name": "Ubuntu",
"vendor": {
"name": "Ubuntu",
"scada": false
}
}
},
{
"description": "Ubuntu 18.10",
"product": {
"name": "Ubuntu",
"vendor": {
"name": "Ubuntu",
"scada": false
}
}
},
{
"description": "Ubuntu 14.04 LTS",
"product": {
"name": "Ubuntu",
"vendor": {
"name": "Ubuntu",
"scada": false
}
}
},
{
"description": "Ubuntu 12.04 ESM",
"product": {
"name": "Ubuntu",
"vendor": {
"name": "Ubuntu",
"scada": false
}
}
}
],
"affected_systems_content": null,
"content": "## Solution\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des\ncorrectifs (cf. section Documentation).\n",
"cves": [
{
"name": "CVE-2018-10883",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-10883"
},
{
"name": "CVE-2018-16882",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-16882"
},
{
"name": "CVE-2018-19407",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-19407"
},
{
"name": "CVE-2018-9568",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-9568"
},
{
"name": "CVE-2018-10879",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-10879"
},
{
"name": "CVE-2018-10880",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-10880"
},
{
"name": "CVE-2018-10878",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-10878"
},
{
"name": "CVE-2018-14625",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-14625"
},
{
"name": "CVE-2018-18281",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-18281"
},
{
"name": "CVE-2018-17972",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-17972"
},
{
"name": "CVE-2018-16862",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-16862"
},
{
"name": "CVE-2018-20169",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-20169"
},
{
"name": "CVE-2018-1066",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-1066"
},
{
"name": "CVE-2018-19854",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-19854"
},
{
"name": "CVE-2018-10877",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-10877"
},
{
"name": "CVE-2018-9516",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-9516"
},
{
"name": "CVE-2018-10882",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-10882"
},
{
"name": "CVE-2018-10876",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-10876"
},
{
"name": "CVE-2018-19824",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-19824"
}
],
"links": [],
"reference": "CERTFR-2019-AVI-044",
"revisions": [
{
"description": "Version initiale",
"revision_date": "2019-02-05T00:00:00.000000"
},
{
"description": "Ajout des bulletins concernant le noyau Azure",
"revision_date": "2019-02-08T00:00:00.000000"
},
{
"description": "Ajout du bulletin de s\u00e9curit\u00e9 Ubuntu USN-3878-3 du 8 f\u00e9vrier 2019",
"revision_date": "2019-02-11T00:00:00.000000"
}
],
"risks": [
{
"description": "Ex\u00e9cution de code arbitraire"
},
{
"description": "D\u00e9ni de service"
},
{
"description": "Atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es"
},
{
"description": "\u00c9l\u00e9vation de privil\u00e8ges"
}
],
"summary": "De multiples vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 d\u00e9couvertes dans le noyau Linux\nd\u0027Ubuntu. Certaines d\u0027entre elles permettent \u00e0 un attaquant de provoquer\nune ex\u00e9cution de code arbitraire, un d\u00e9ni de service et une atteinte \u00e0\nla confidentialit\u00e9 des donn\u00e9es.\n",
"title": "Multiples vuln\u00e9rabilit\u00e9s dans le noyau Linux d\u0027Ubuntu",
"vendor_advisories": [
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Ubuntu USN-3879-1 du 4 f\u00e9vrier 2019",
"url": "https://usn.ubuntu.com/3879-1/"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Ubuntu USN-3871-3 du 4 f\u00e9vrier 2019",
"url": "https://usn.ubuntu.com/3871-3/"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Ubuntu USN-3878-1 du 4 f\u00e9vrier 2019",
"url": "https://usn.ubuntu.com/3878-1/"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Ubuntu USN-3878-4 du 4 f\u00e9vrier 2019",
"url": "https://usn.ubuntu.com/3878-4/"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Ubuntu USN-3871-5 du 7 f\u00e9vrier 2019",
"url": "https://usn.ubuntu.com/3871-5/"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Ubuntu USN-3880-2 du 4 f\u00e9vrier 2019",
"url": "https://usn.ubuntu.com/3880-2/"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Ubuntu USN-3878-2 du 7 f\u00e9vrier 2019",
"url": "https://usn.ubuntu.com/3878-2/"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Ubuntu USN-3880-1 du 4 f\u00e9vrier 2019",
"url": "https://usn.ubuntu.com/3880-1/"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Ubuntu USN-3879-2 du 4 f\u00e9vrier 2019",
"url": "https://usn.ubuntu.com/3879-2/"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Ubuntu USN-3878-3 du 8 f\u00e9vrier 2019",
"url": "https://usn.ubuntu.com/3878-3/"
}
]
}
CERTFR-2019-AVI-071
Vulnerability from certfr_avis - Published: - Updated:
De multiples vulnérabilités ont été découvertes dans le noyau Linux de SUSE. Certaines d'entre elles permettent à un attaquant de provoquer un problème de sécurité non spécifié par l'éditeur, un déni de service et une atteinte à la confidentialité des données.
Solution
Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).
NoneImpacted products
| Vendor | Product | Description | ||
|---|---|---|---|---|
| SUSE | SUSE Linux Enterprise Server | SUSE Linux Enterprise Server 12-SP2-LTSS | ||
| SUSE | N/A | SUSE Linux Enterprise High Availability 12-SP2 | ||
| SUSE | N/A | OpenStack Cloud Magnum Orchestration 7 | ||
| SUSE | SUSE Linux Enterprise Server | SUSE Linux Enterprise Server 12-SP2-BCL | ||
| SUSE | N/A | SUSE OpenStack Cloud 7 | ||
| SUSE | N/A | SUSE Enterprise Storage 4 | ||
| SUSE | SUSE Linux Enterprise Server | SUSE Linux Enterprise Server pour SAP 12-SP2 |
References
| Title | Publication Time | Tags | |||
|---|---|---|---|---|---|
|
|||||
{
"$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
"affected_systems": [
{
"description": "SUSE Linux Enterprise Server 12-SP2-LTSS",
"product": {
"name": "SUSE Linux Enterprise Server",
"vendor": {
"name": "SUSE",
"scada": false
}
}
},
{
"description": "SUSE Linux Enterprise High Availability 12-SP2",
"product": {
"name": "N/A",
"vendor": {
"name": "SUSE",
"scada": false
}
}
},
{
"description": "OpenStack Cloud Magnum Orchestration 7",
"product": {
"name": "N/A",
"vendor": {
"name": "SUSE",
"scada": false
}
}
},
{
"description": "SUSE Linux Enterprise Server 12-SP2-BCL",
"product": {
"name": "SUSE Linux Enterprise Server",
"vendor": {
"name": "SUSE",
"scada": false
}
}
},
{
"description": "SUSE OpenStack Cloud 7",
"product": {
"name": "N/A",
"vendor": {
"name": "SUSE",
"scada": false
}
}
},
{
"description": "SUSE Enterprise Storage 4",
"product": {
"name": "N/A",
"vendor": {
"name": "SUSE",
"scada": false
}
}
},
{
"description": "SUSE Linux Enterprise Server pour SAP 12-SP2",
"product": {
"name": "SUSE Linux Enterprise Server",
"vendor": {
"name": "SUSE",
"scada": false
}
}
}
],
"affected_systems_content": null,
"content": "## Solution\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des\ncorrectifs (cf. section Documentation).\n",
"cves": [
{
"name": "CVE-2018-18710",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-18710"
},
{
"name": "CVE-2018-9568",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-9568"
},
{
"name": "CVE-2018-19985",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-19985"
},
{
"name": "CVE-2018-18281",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-18281"
},
{
"name": "CVE-2018-18690",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-18690"
},
{
"name": "CVE-2018-16862",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-16862"
},
{
"name": "CVE-2018-20169",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-20169"
},
{
"name": "CVE-2018-16884",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-16884"
},
{
"name": "CVE-2018-9516",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-9516"
},
{
"name": "CVE-2019-3460",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-3460"
},
{
"name": "CVE-2018-19824",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-19824"
},
{
"name": "CVE-2018-18386",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-18386"
},
{
"name": "CVE-2019-3459",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-3459"
}
],
"links": [],
"reference": "CERTFR-2019-AVI-071",
"revisions": [
{
"description": "Version initiale",
"revision_date": "2019-02-20T00:00:00.000000"
}
],
"risks": [
{
"description": "Non sp\u00e9cifi\u00e9 par l\u0027\u00e9diteur"
},
{
"description": "D\u00e9ni de service"
},
{
"description": "Atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es"
},
{
"description": "\u00c9l\u00e9vation de privil\u00e8ges"
}
],
"summary": "De multiples vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 d\u00e9couvertes dans le noyau Linux de\nSUSE. Certaines d\u0027entre elles permettent \u00e0 un attaquant de provoquer un\nprobl\u00e8me de s\u00e9curit\u00e9 non sp\u00e9cifi\u00e9 par l\u0027\u00e9diteur, un d\u00e9ni de service et\nune atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es.\n",
"title": "Multiples vuln\u00e9rabilit\u00e9s dans le noyau Linux de SUSE",
"vendor_advisories": [
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 SUSE SUSE-SU-2019:0439-1 du 19 f\u00e9vrier 2019",
"url": "https://www.suse.com/support/update/announcement/2019/suse-su-20190439-1/"
}
]
}
CERTFR-2019-AVI-044
Vulnerability from certfr_avis - Published: - Updated:
De multiples vulnérabilités ont été découvertes dans le noyau Linux d'Ubuntu. Certaines d'entre elles permettent à un attaquant de provoquer une exécution de code arbitraire, un déni de service et une atteinte à la confidentialité des données.
Solution
Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).
NoneImpacted products
References
| Title | Publication Time | Tags | ||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||||||||||||||||||||
{
"$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
"affected_systems": [
{
"description": "Ubuntu 16.04 LTS",
"product": {
"name": "Ubuntu",
"vendor": {
"name": "Ubuntu",
"scada": false
}
}
},
{
"description": "Ubuntu 18.04 LTS",
"product": {
"name": "Ubuntu",
"vendor": {
"name": "Ubuntu",
"scada": false
}
}
},
{
"description": "Ubuntu 18.10",
"product": {
"name": "Ubuntu",
"vendor": {
"name": "Ubuntu",
"scada": false
}
}
},
{
"description": "Ubuntu 14.04 LTS",
"product": {
"name": "Ubuntu",
"vendor": {
"name": "Ubuntu",
"scada": false
}
}
},
{
"description": "Ubuntu 12.04 ESM",
"product": {
"name": "Ubuntu",
"vendor": {
"name": "Ubuntu",
"scada": false
}
}
}
],
"affected_systems_content": null,
"content": "## Solution\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des\ncorrectifs (cf. section Documentation).\n",
"cves": [
{
"name": "CVE-2018-10883",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-10883"
},
{
"name": "CVE-2018-16882",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-16882"
},
{
"name": "CVE-2018-19407",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-19407"
},
{
"name": "CVE-2018-9568",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-9568"
},
{
"name": "CVE-2018-10879",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-10879"
},
{
"name": "CVE-2018-10880",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-10880"
},
{
"name": "CVE-2018-10878",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-10878"
},
{
"name": "CVE-2018-14625",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-14625"
},
{
"name": "CVE-2018-18281",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-18281"
},
{
"name": "CVE-2018-17972",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-17972"
},
{
"name": "CVE-2018-16862",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-16862"
},
{
"name": "CVE-2018-20169",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-20169"
},
{
"name": "CVE-2018-1066",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-1066"
},
{
"name": "CVE-2018-19854",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-19854"
},
{
"name": "CVE-2018-10877",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-10877"
},
{
"name": "CVE-2018-9516",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-9516"
},
{
"name": "CVE-2018-10882",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-10882"
},
{
"name": "CVE-2018-10876",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-10876"
},
{
"name": "CVE-2018-19824",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-19824"
}
],
"links": [],
"reference": "CERTFR-2019-AVI-044",
"revisions": [
{
"description": "Version initiale",
"revision_date": "2019-02-05T00:00:00.000000"
},
{
"description": "Ajout des bulletins concernant le noyau Azure",
"revision_date": "2019-02-08T00:00:00.000000"
},
{
"description": "Ajout du bulletin de s\u00e9curit\u00e9 Ubuntu USN-3878-3 du 8 f\u00e9vrier 2019",
"revision_date": "2019-02-11T00:00:00.000000"
}
],
"risks": [
{
"description": "Ex\u00e9cution de code arbitraire"
},
{
"description": "D\u00e9ni de service"
},
{
"description": "Atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es"
},
{
"description": "\u00c9l\u00e9vation de privil\u00e8ges"
}
],
"summary": "De multiples vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 d\u00e9couvertes dans le noyau Linux\nd\u0027Ubuntu. Certaines d\u0027entre elles permettent \u00e0 un attaquant de provoquer\nune ex\u00e9cution de code arbitraire, un d\u00e9ni de service et une atteinte \u00e0\nla confidentialit\u00e9 des donn\u00e9es.\n",
"title": "Multiples vuln\u00e9rabilit\u00e9s dans le noyau Linux d\u0027Ubuntu",
"vendor_advisories": [
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Ubuntu USN-3879-1 du 4 f\u00e9vrier 2019",
"url": "https://usn.ubuntu.com/3879-1/"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Ubuntu USN-3871-3 du 4 f\u00e9vrier 2019",
"url": "https://usn.ubuntu.com/3871-3/"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Ubuntu USN-3878-1 du 4 f\u00e9vrier 2019",
"url": "https://usn.ubuntu.com/3878-1/"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Ubuntu USN-3878-4 du 4 f\u00e9vrier 2019",
"url": "https://usn.ubuntu.com/3878-4/"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Ubuntu USN-3871-5 du 7 f\u00e9vrier 2019",
"url": "https://usn.ubuntu.com/3871-5/"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Ubuntu USN-3880-2 du 4 f\u00e9vrier 2019",
"url": "https://usn.ubuntu.com/3880-2/"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Ubuntu USN-3878-2 du 7 f\u00e9vrier 2019",
"url": "https://usn.ubuntu.com/3878-2/"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Ubuntu USN-3880-1 du 4 f\u00e9vrier 2019",
"url": "https://usn.ubuntu.com/3880-1/"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Ubuntu USN-3879-2 du 4 f\u00e9vrier 2019",
"url": "https://usn.ubuntu.com/3879-2/"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Ubuntu USN-3878-3 du 8 f\u00e9vrier 2019",
"url": "https://usn.ubuntu.com/3878-3/"
}
]
}
CERTFR-2019-AVI-051
Vulnerability from certfr_avis - Published: - Updated:
De multiples vulnérabilités ont été découvertes dans le noyau Linux de SUSE . Elles permettent à un attaquant de provoquer un déni de service et une élévation de privilèges.
Solution
Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).
NoneImpacted products
| Vendor | Product | Description | ||
|---|---|---|---|---|
| SUSE | SUSE Linux Enterprise Server | SUSE Linux Enterprise Server 12-SP2-LTSS | ||
| SUSE | SUSE Linux Enterprise Server | SUSE Linux Enterprise Server 12-LTSS | ||
| SUSE | SUSE Linux Enterprise Real Time | SUSE Linux Enterprise Real Time Extension 12-SP3 | ||
| SUSE | SUSE Linux Enterprise Server | SUSE Linux Enterprise Server 12-SP1-LTSS | ||
| SUSE | SUSE Linux Enterprise Server | SUSE Linux Enterprise Server for SAP 12-SP2 |
References
| Title | Publication Time | Tags | |||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||
{
"$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
"affected_systems": [
{
"description": "SUSE Linux Enterprise Server 12-SP2-LTSS",
"product": {
"name": "SUSE Linux Enterprise Server",
"vendor": {
"name": "SUSE",
"scada": false
}
}
},
{
"description": "SUSE Linux Enterprise Server 12-LTSS",
"product": {
"name": "SUSE Linux Enterprise Server",
"vendor": {
"name": "SUSE",
"scada": false
}
}
},
{
"description": "SUSE Linux Enterprise Real Time Extension 12-SP3",
"product": {
"name": "SUSE Linux Enterprise Real Time",
"vendor": {
"name": "SUSE",
"scada": false
}
}
},
{
"description": "SUSE Linux Enterprise Server 12-SP1-LTSS",
"product": {
"name": "SUSE Linux Enterprise Server",
"vendor": {
"name": "SUSE",
"scada": false
}
}
},
{
"description": "SUSE Linux Enterprise Server for SAP 12-SP2",
"product": {
"name": "SUSE Linux Enterprise Server",
"vendor": {
"name": "SUSE",
"scada": false
}
}
}
],
"affected_systems_content": null,
"content": "## Solution\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des\ncorrectifs (cf. section Documentation).\n",
"cves": [
{
"name": "CVE-2017-16939",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-16939"
},
{
"name": "CVE-2018-19407",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-19407"
},
{
"name": "CVE-2018-9568",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-9568"
},
{
"name": "CVE-2018-19985",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-19985"
},
{
"name": "CVE-2018-16862",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-16862"
},
{
"name": "CVE-2018-20169",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-20169"
},
{
"name": "CVE-2018-1120",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-1120"
},
{
"name": "CVE-2018-16884",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-16884"
},
{
"name": "CVE-2018-19824",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-19824"
}
],
"links": [],
"reference": "CERTFR-2019-AVI-051",
"revisions": [
{
"description": "Version initiale",
"revision_date": "2019-02-12T00:00:00.000000"
},
{
"description": "Ajout du bulletin de s\u00e9curit\u00e9 le noyau Linux suse-su-20190356-1 de SUSE du 13 f\u00e9vrier 2019",
"revision_date": "2019-02-14T00:00:00.000000"
}
],
"risks": [
{
"description": "D\u00e9ni de service"
},
{
"description": "\u00c9l\u00e9vation de privil\u00e8ges"
}
],
"summary": "De multiples vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 d\u00e9couvertes dans le noyau Linux de\nSUSE . Elles permettent \u00e0 un attaquant de provoquer un d\u00e9ni de service\net une \u00e9l\u00e9vation de privil\u00e8ges.\n",
"title": "Multiples vuln\u00e9rabilit\u00e9s dans le noyau Linux de SUSE",
"vendor_advisories": [
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 le noyau Linux suse-su-20190320-1 de SUSE du 11 f\u00e9vrier 2019",
"url": "https://www.suse.com/support/update/announcement/2019/suse-su-20190320-1/"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 le noyau Linux suse-su-20190356-1 de SUSE du 13 f\u00e9vrier 2019",
"url": "https://www.suse.com/support/update/announcement/2019/suse-su-20190356-1/"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 le noyau Linux suse-su-20190326-1 de SUSE du 11 f\u00e9vrier 2019",
"url": "https://www.suse.com/support/update/announcement/2019/suse-su-20190326-1/"
}
]
}
CERTFR-2019-AVI-419
Vulnerability from certfr_avis - Published: - Updated:
De multiples vulnérabilités ont été découvertes dans le noyau Linux d'Ubuntu. Elles permettent à un attaquant de provoquer un déni de service et un contournement de la politique de sécurité.
Solution
Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).
NoneImpacted products
References
| Title | Publication Time | Tags | |||
|---|---|---|---|---|---|
|
|||||
{
"$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
"affected_systems": [
{
"description": "Ubuntu 16.04 LTS",
"product": {
"name": "Ubuntu",
"vendor": {
"name": "Ubuntu",
"scada": false
}
}
},
{
"description": "Ubuntu 18.04 LTS",
"product": {
"name": "Ubuntu",
"vendor": {
"name": "Ubuntu",
"scada": false
}
}
},
{
"description": "Ubuntu 19.04",
"product": {
"name": "Ubuntu",
"vendor": {
"name": "Ubuntu",
"scada": false
}
}
}
],
"affected_systems_content": null,
"content": "## Solution\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des\ncorrectifs (cf. section Documentation).\n",
"cves": [
{
"name": "CVE-2018-20784",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-20784"
},
{
"name": "CVE-2019-2024",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-2024"
},
{
"name": "CVE-2019-15221",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-15221"
},
{
"name": "CVE-2018-13100",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-13100"
},
{
"name": "CVE-2019-15215",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-15215"
},
{
"name": "CVE-2018-14615",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-14615"
},
{
"name": "CVE-2018-20856",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-20856"
},
{
"name": "CVE-2019-10207",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-10207"
},
{
"name": "CVE-2019-14763",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-14763"
},
{
"name": "CVE-2018-19985",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-19985"
},
{
"name": "CVE-2019-10638",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-10638"
},
{
"name": "CVE-2019-11810",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-11810"
},
{
"name": "CVE-2019-13648",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-13648"
},
{
"name": "CVE-2019-15292",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-15292"
},
{
"name": "CVE-2019-15214",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-15214"
},
{
"name": "CVE-2018-13053",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-13053"
},
{
"name": "CVE-2018-13093",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-13093"
},
{
"name": "CVE-2019-11833",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-11833"
},
{
"name": "CVE-2018-14613",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-14613"
},
{
"name": "CVE-2019-15212",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-15212"
},
{
"name": "CVE-2018-13096",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-13096"
},
{
"name": "CVE-2019-11085",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-11085"
},
{
"name": "CVE-2019-3846",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-3846"
},
{
"name": "CVE-2018-14609",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-14609"
},
{
"name": "CVE-2019-13272",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-13272"
},
{
"name": "CVE-2018-20511",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-20511"
},
{
"name": "CVE-2019-14284",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-14284"
},
{
"name": "CVE-2018-16862",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-16862"
},
{
"name": "CVE-2019-10639",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-10639"
},
{
"name": "CVE-2018-20169",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-20169"
},
{
"name": "CVE-2018-14616",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-14616"
},
{
"name": "CVE-2019-12984",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-12984"
},
{
"name": "CVE-2019-15220",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-15220"
},
{
"name": "CVE-2019-11884",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-11884"
},
{
"name": "CVE-2019-3819",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-3819"
},
{
"name": "CVE-2018-14617",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-14617"
},
{
"name": "CVE-2019-3701",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-3701"
},
{
"name": "CVE-2019-3900",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-3900"
},
{
"name": "CVE-2019-12818",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-12818"
},
{
"name": "CVE-2019-15211",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-15211"
},
{
"name": "CVE-2019-11815",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-11815"
},
{
"name": "CVE-2018-13097",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-13097"
},
{
"name": "CVE-2019-13233",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-13233"
},
{
"name": "CVE-2019-2101",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-2101"
},
{
"name": "CVE-2018-13099",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-13099"
},
{
"name": "CVE-2019-11599",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-11599"
},
{
"name": "CVE-2018-14614",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-14614"
},
{
"name": "CVE-2019-15218",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-15218"
},
{
"name": "CVE-2018-14610",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-14610"
},
{
"name": "CVE-2018-13098",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-13098"
},
{
"name": "CVE-2018-14612",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-14612"
},
{
"name": "CVE-2019-10126",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-10126"
},
{
"name": "CVE-2019-11487",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-11487"
},
{
"name": "CVE-2019-15090",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-15090"
},
{
"name": "CVE-2019-0136",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-0136"
},
{
"name": "CVE-2019-13631",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-13631"
},
{
"name": "CVE-2019-9506",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-9506"
},
{
"name": "CVE-2018-5383",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-5383"
},
{
"name": "CVE-2019-12819",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-12819"
},
{
"name": "CVE-2018-14611",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-14611"
},
{
"name": "CVE-2019-15216",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-15216"
},
{
"name": "CVE-2019-14283",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-14283"
}
],
"links": [],
"reference": "CERTFR-2019-AVI-419",
"revisions": [
{
"description": "Version initiale",
"revision_date": "2019-09-03T00:00:00.000000"
}
],
"risks": [
{
"description": "D\u00e9ni de service \u00e0 distance"
},
{
"description": "Ex\u00e9cution de code arbitraire"
},
{
"description": "D\u00e9ni de service"
},
{
"description": "Contournement de la politique de s\u00e9curit\u00e9"
},
{
"description": "Atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es"
},
{
"description": "\u00c9l\u00e9vation de privil\u00e8ges"
}
],
"summary": "De multiples vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 d\u00e9couvertes dans le noyau Linux\nd\u0027Ubuntu. Elles permettent \u00e0 un attaquant de provoquer un d\u00e9ni de\nservice et un contournement de la politique de s\u00e9curit\u00e9.\n",
"title": "Multiples vuln\u00e9rabilit\u00e9s dans le noyau Linux d\u0027Ubuntu",
"vendor_advisories": [
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Ubuntu du 02 septembre 2019",
"url": "https://usn.ubuntu.com/4118-1/"
}
]
}
CERTFR-2019-AVI-038
Vulnerability from certfr_avis - Published: - Updated:
De multiples vulnérabilités ont été découvertes dans le noyau Linux de SUSE. Elles permettent à un attaquant de provoquer un problème de sécurité non spécifié par l'éditeur, un déni de service et une élévation de privilèges.
Solution
Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).
NoneImpacted products
| Vendor | Product | Description | ||
|---|---|---|---|---|
| SUSE | SUSE Linux Enterprise Server | SUSE Linux Enterprise Server 11-SP3-LTSS | ||
| SUSE | N/A | SUSE Linux Enterprise Point of Sale 11-SP3 | ||
| SUSE | SUSE Linux Enterprise Desktop | SUSE Linux Enterprise Desktop 12-SP4 | ||
| SUSE | N/A | SUSE Linux Enterprise Software Development Kit 12-SP4 | ||
| SUSE | N/A | SUSE Linux Enterprise Workstation Extension 12-SP4 | ||
| SUSE | N/A | SUSE Linux Enterprise Debuginfo 11-SP3 | ||
| SUSE | SUSE Linux Enterprise Server | SUSE Linux Enterprise Server 12-SP4 | ||
| SUSE | N/A | SUSE Linux Enterprise High Availability 12-SP4 | ||
| SUSE | SUSE Linux Enterprise Live Patching | SUSE Linux Enterprise Live Patching 12-SP4 | ||
| SUSE | SUSE Linux Enterprise Server | SUSE Linux Enterprise Server 11-EXTRA |
References
| Title | Publication Time | Tags | ||||||
|---|---|---|---|---|---|---|---|---|
|
||||||||
{
"$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
"affected_systems": [
{
"description": "SUSE Linux Enterprise Server 11-SP3-LTSS",
"product": {
"name": "SUSE Linux Enterprise Server",
"vendor": {
"name": "SUSE",
"scada": false
}
}
},
{
"description": "SUSE Linux Enterprise Point of Sale 11-SP3",
"product": {
"name": "N/A",
"vendor": {
"name": "SUSE",
"scada": false
}
}
},
{
"description": "SUSE Linux Enterprise Desktop 12-SP4",
"product": {
"name": "SUSE Linux Enterprise Desktop",
"vendor": {
"name": "SUSE",
"scada": false
}
}
},
{
"description": "SUSE Linux Enterprise Software Development Kit 12-SP4",
"product": {
"name": "N/A",
"vendor": {
"name": "SUSE",
"scada": false
}
}
},
{
"description": "SUSE Linux Enterprise Workstation Extension 12-SP4",
"product": {
"name": "N/A",
"vendor": {
"name": "SUSE",
"scada": false
}
}
},
{
"description": "SUSE Linux Enterprise Debuginfo 11-SP3",
"product": {
"name": "N/A",
"vendor": {
"name": "SUSE",
"scada": false
}
}
},
{
"description": "SUSE Linux Enterprise Server 12-SP4",
"product": {
"name": "SUSE Linux Enterprise Server",
"vendor": {
"name": "SUSE",
"scada": false
}
}
},
{
"description": "SUSE Linux Enterprise High Availability 12-SP4",
"product": {
"name": "N/A",
"vendor": {
"name": "SUSE",
"scada": false
}
}
},
{
"description": "SUSE Linux Enterprise Live Patching 12-SP4",
"product": {
"name": "SUSE Linux Enterprise Live Patching",
"vendor": {
"name": "SUSE",
"scada": false
}
}
},
{
"description": "SUSE Linux Enterprise Server 11-EXTRA",
"product": {
"name": "SUSE Linux Enterprise Server",
"vendor": {
"name": "SUSE",
"scada": false
}
}
}
],
"affected_systems_content": null,
"content": "## Solution\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des\ncorrectifs (cf. section Documentation).\n",
"cves": [
{
"name": "CVE-2018-18710",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-18710"
},
{
"name": "CVE-2018-16658",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-16658"
},
{
"name": "CVE-2018-19407",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-19407"
},
{
"name": "CVE-2018-9568",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-9568"
},
{
"name": "CVE-2018-19985",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-19985"
},
{
"name": "CVE-2017-1000407",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-1000407"
},
{
"name": "CVE-2018-12232",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-12232"
},
{
"name": "CVE-2018-14625",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-14625"
},
{
"name": "CVE-2017-7273",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-7273"
},
{
"name": "CVE-2018-18397",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-18397"
},
{
"name": "CVE-2018-18281",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-18281"
},
{
"name": "CVE-2013-2547",
"url": "https://www.cve.org/CVERecord?id=CVE-2013-2547"
},
{
"name": "CVE-2018-16862",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-16862"
},
{
"name": "CVE-2018-20169",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-20169"
},
{
"name": "CVE-2018-19854",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-19854"
},
{
"name": "CVE-2018-16884",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-16884"
},
{
"name": "CVE-2018-9516",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-9516"
},
{
"name": "CVE-2018-19824",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-19824"
},
{
"name": "CVE-2018-10940",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-10940"
},
{
"name": "CVE-2017-16533",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-16533"
},
{
"name": "CVE-2018-18386",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-18386"
}
],
"links": [],
"reference": "CERTFR-2019-AVI-038",
"revisions": [
{
"description": "Version initiale",
"revision_date": "2019-01-30T00:00:00.000000"
}
],
"risks": [
{
"description": "Non sp\u00e9cifi\u00e9 par l\u0027\u00e9diteur"
},
{
"description": "D\u00e9ni de service"
},
{
"description": "\u00c9l\u00e9vation de privil\u00e8ges"
}
],
"summary": "De multiples vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 d\u00e9couvertes dans le noyau Linux de\nSUSE. Elles permettent \u00e0 un attaquant de provoquer un probl\u00e8me de\ns\u00e9curit\u00e9 non sp\u00e9cifi\u00e9 par l\u0027\u00e9diteur, un d\u00e9ni de service et une \u00e9l\u00e9vation\nde privil\u00e8ges.\n",
"title": "Multiples vuln\u00e9rabilit\u00e9s dans le noyau Linux de SUSE",
"vendor_advisories": [
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 SUSE suse-su-201913937-1 du 29 janvier 2019",
"url": "https://www.suse.com/support/update/announcement/2019/suse-su-201913937-1/"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 SUSE suse-su-20190196-1 du 29 janvier 2019",
"url": "https://www.suse.com/support/update/announcement/2019/suse-su-20190196-1/"
}
]
}
CERTFR-2019-AVI-391
Vulnerability from certfr_avis - Published: - Updated:
De multiples vulnérabilités ont été découvertes dans le noyau Linux d'Ubuntu. Certaines d'entre elles permettent à un attaquant de provoquer une exécution de code arbitraire à distance, un déni de service à distance et un contournement de la politique de sécurité.
Solution
Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).
NoneImpacted products
References
| Title | Publication Time | Tags | |||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||
{
"$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
"affected_systems": [
{
"description": "Ubuntu 16.04 LTS",
"product": {
"name": "Ubuntu",
"vendor": {
"name": "Ubuntu",
"scada": false
}
}
},
{
"description": "Ubuntu 18.04 LTS",
"product": {
"name": "Ubuntu",
"vendor": {
"name": "Ubuntu",
"scada": false
}
}
},
{
"description": "Ubuntu 19.04",
"product": {
"name": "Ubuntu",
"vendor": {
"name": "Ubuntu",
"scada": false
}
}
},
{
"description": "Ubuntu 14.04 ESM",
"product": {
"name": "Ubuntu",
"vendor": {
"name": "Ubuntu",
"scada": false
}
}
}
],
"affected_systems_content": null,
"content": "## Solution\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des\ncorrectifs (cf. section Documentation).\n",
"cves": [
{
"name": "CVE-2019-12614",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-12614"
},
{
"name": "CVE-2019-1125",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-1125"
},
{
"name": "CVE-2019-2024",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-2024"
},
{
"name": "CVE-2018-13100",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-13100"
},
{
"name": "CVE-2018-14615",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-14615"
},
{
"name": "CVE-2019-9503",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-9503"
},
{
"name": "CVE-2018-20856",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-20856"
},
{
"name": "CVE-2018-13053",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-13053"
},
{
"name": "CVE-2018-13093",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-13093"
},
{
"name": "CVE-2019-11833",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-11833"
},
{
"name": "CVE-2018-14613",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-14613"
},
{
"name": "CVE-2018-13096",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-13096"
},
{
"name": "CVE-2019-3846",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-3846"
},
{
"name": "CVE-2018-14609",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-14609"
},
{
"name": "CVE-2019-13272",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-13272"
},
{
"name": "CVE-2018-20511",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-20511"
},
{
"name": "CVE-2018-16862",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-16862"
},
{
"name": "CVE-2018-20169",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-20169"
},
{
"name": "CVE-2018-14616",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-14616"
},
{
"name": "CVE-2019-12984",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-12984"
},
{
"name": "CVE-2018-14617",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-14617"
},
{
"name": "CVE-2019-2054",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-2054"
},
{
"name": "CVE-2019-12818",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-12818"
},
{
"name": "CVE-2018-13097",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-13097"
},
{
"name": "CVE-2019-13233",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-13233"
},
{
"name": "CVE-2019-2101",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-2101"
},
{
"name": "CVE-2018-13099",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-13099"
},
{
"name": "CVE-2019-11599",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-11599"
},
{
"name": "CVE-2018-14614",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-14614"
},
{
"name": "CVE-2018-14610",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-14610"
},
{
"name": "CVE-2018-13098",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-13098"
},
{
"name": "CVE-2018-14612",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-14612"
},
{
"name": "CVE-2019-10126",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-10126"
},
{
"name": "CVE-2018-5383",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-5383"
},
{
"name": "CVE-2019-12819",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-12819"
},
{
"name": "CVE-2018-14611",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-14611"
}
],
"links": [],
"reference": "CERTFR-2019-AVI-391",
"revisions": [
{
"description": "Version initiale",
"revision_date": "2019-08-14T00:00:00.000000"
}
],
"risks": [
{
"description": "D\u00e9ni de service \u00e0 distance"
},
{
"description": "Ex\u00e9cution de code arbitraire \u00e0 distance"
},
{
"description": "Contournement de la politique de s\u00e9curit\u00e9"
},
{
"description": "Atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es"
},
{
"description": "\u00c9l\u00e9vation de privil\u00e8ges"
}
],
"summary": "De multiples vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 d\u00e9couvertes dans le noyau Linux\nd\u0027Ubuntu. Certaines d\u0027entre elles permettent \u00e0 un attaquant de provoquer\nune ex\u00e9cution de code arbitraire \u00e0 distance, un d\u00e9ni de service \u00e0\ndistance et un contournement de la politique de s\u00e9curit\u00e9.\n",
"title": "Multiples vuln\u00e9rabilit\u00e9s dans le noyau Linux d\u0027Ubuntu",
"vendor_advisories": [
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Ubuntu USN-4094-1 du 13 ao\u00fbt 2019",
"url": "https://usn.ubuntu.com/4094-1/"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Ubuntu USN-4093-1 du 13 ao\u00fbt 2019",
"url": "https://usn.ubuntu.com/4093-1/"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Ubuntu USN-4096-1 du 13 ao\u00fbt 2019",
"url": "https://usn.ubuntu.com/4096-1/"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Ubuntu USN-4095-2 du 13 ao\u00fbt 2019",
"url": "https://usn.ubuntu.com/4095-2/"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Ubuntu USN-4095-1 du 13 ao\u00fbt 2019",
"url": "https://usn.ubuntu.com/4095-1/"
}
]
}
CERTFR-2019-AVI-051
Vulnerability from certfr_avis - Published: - Updated:
De multiples vulnérabilités ont été découvertes dans le noyau Linux de SUSE . Elles permettent à un attaquant de provoquer un déni de service et une élévation de privilèges.
Solution
Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).
NoneImpacted products
| Vendor | Product | Description | ||
|---|---|---|---|---|
| SUSE | SUSE Linux Enterprise Server | SUSE Linux Enterprise Server 12-SP2-LTSS | ||
| SUSE | SUSE Linux Enterprise Server | SUSE Linux Enterprise Server 12-LTSS | ||
| SUSE | SUSE Linux Enterprise Real Time | SUSE Linux Enterprise Real Time Extension 12-SP3 | ||
| SUSE | SUSE Linux Enterprise Server | SUSE Linux Enterprise Server 12-SP1-LTSS | ||
| SUSE | SUSE Linux Enterprise Server | SUSE Linux Enterprise Server for SAP 12-SP2 |
References
| Title | Publication Time | Tags | |||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||
{
"$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
"affected_systems": [
{
"description": "SUSE Linux Enterprise Server 12-SP2-LTSS",
"product": {
"name": "SUSE Linux Enterprise Server",
"vendor": {
"name": "SUSE",
"scada": false
}
}
},
{
"description": "SUSE Linux Enterprise Server 12-LTSS",
"product": {
"name": "SUSE Linux Enterprise Server",
"vendor": {
"name": "SUSE",
"scada": false
}
}
},
{
"description": "SUSE Linux Enterprise Real Time Extension 12-SP3",
"product": {
"name": "SUSE Linux Enterprise Real Time",
"vendor": {
"name": "SUSE",
"scada": false
}
}
},
{
"description": "SUSE Linux Enterprise Server 12-SP1-LTSS",
"product": {
"name": "SUSE Linux Enterprise Server",
"vendor": {
"name": "SUSE",
"scada": false
}
}
},
{
"description": "SUSE Linux Enterprise Server for SAP 12-SP2",
"product": {
"name": "SUSE Linux Enterprise Server",
"vendor": {
"name": "SUSE",
"scada": false
}
}
}
],
"affected_systems_content": null,
"content": "## Solution\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des\ncorrectifs (cf. section Documentation).\n",
"cves": [
{
"name": "CVE-2017-16939",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-16939"
},
{
"name": "CVE-2018-19407",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-19407"
},
{
"name": "CVE-2018-9568",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-9568"
},
{
"name": "CVE-2018-19985",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-19985"
},
{
"name": "CVE-2018-16862",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-16862"
},
{
"name": "CVE-2018-20169",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-20169"
},
{
"name": "CVE-2018-1120",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-1120"
},
{
"name": "CVE-2018-16884",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-16884"
},
{
"name": "CVE-2018-19824",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-19824"
}
],
"links": [],
"reference": "CERTFR-2019-AVI-051",
"revisions": [
{
"description": "Version initiale",
"revision_date": "2019-02-12T00:00:00.000000"
},
{
"description": "Ajout du bulletin de s\u00e9curit\u00e9 le noyau Linux suse-su-20190356-1 de SUSE du 13 f\u00e9vrier 2019",
"revision_date": "2019-02-14T00:00:00.000000"
}
],
"risks": [
{
"description": "D\u00e9ni de service"
},
{
"description": "\u00c9l\u00e9vation de privil\u00e8ges"
}
],
"summary": "De multiples vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 d\u00e9couvertes dans le noyau Linux de\nSUSE . Elles permettent \u00e0 un attaquant de provoquer un d\u00e9ni de service\net une \u00e9l\u00e9vation de privil\u00e8ges.\n",
"title": "Multiples vuln\u00e9rabilit\u00e9s dans le noyau Linux de SUSE",
"vendor_advisories": [
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 le noyau Linux suse-su-20190320-1 de SUSE du 11 f\u00e9vrier 2019",
"url": "https://www.suse.com/support/update/announcement/2019/suse-su-20190320-1/"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 le noyau Linux suse-su-20190356-1 de SUSE du 13 f\u00e9vrier 2019",
"url": "https://www.suse.com/support/update/announcement/2019/suse-su-20190356-1/"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 le noyau Linux suse-su-20190326-1 de SUSE du 11 f\u00e9vrier 2019",
"url": "https://www.suse.com/support/update/announcement/2019/suse-su-20190326-1/"
}
]
}
CERTFR-2019-AVI-042
Vulnerability from certfr_avis - Published: - Updated:
De multiples vulnérabilités ont été découvertes dans le noyau Linux de SUSE. Certaines d'entre elles permettent à un attaquant de provoquer un déni de service à distance, un déni de service et un contournement de la politique de sécurité.
Solution
Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).
NoneImpacted products
| Vendor | Product | Description | ||
|---|---|---|---|---|
| SUSE | N/A | SUSE Linux Enterprise Module pour Live Patching 15 | ||
| SUSE | N/A | SUSE Linux Enterprise Module pour Open Buildservice Development Tools 15 | ||
| SUSE | N/A | SUSE Linux Enterprise Module pour Basesystem 15 | ||
| SUSE | SUSE Linux Enterprise Live Patching | SUSE Linux Enterprise Live Patching 12-SP3 | ||
| SUSE | N/A | SUSE Linux Enterprise Module pour Legacy Software 15 | ||
| SUSE | N/A | SUSE Linux Enterprise High Availability 15 | ||
| SUSE | N/A | SUSE Linux Enterprise Module pour Development Tools 15 | ||
| SUSE | N/A | SUSE Linux Enterprise Workstation Extension 15 | ||
| SUSE | SUSE Linux Enterprise Server | SUSE Linux Enterprise Server 12-SP4 | ||
| SUSE | SUSE Linux Enterprise Live Patching | SUSE Linux Enterprise Live Patching 12-SP4 |
References
| Title | Publication Time | Tags | ||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||
{
"$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
"affected_systems": [
{
"description": "SUSE Linux Enterprise Module pour Live Patching 15",
"product": {
"name": "N/A",
"vendor": {
"name": "SUSE",
"scada": false
}
}
},
{
"description": "SUSE Linux Enterprise Module pour Open Buildservice Development Tools 15",
"product": {
"name": "N/A",
"vendor": {
"name": "SUSE",
"scada": false
}
}
},
{
"description": "SUSE Linux Enterprise Module pour Basesystem 15",
"product": {
"name": "N/A",
"vendor": {
"name": "SUSE",
"scada": false
}
}
},
{
"description": "SUSE Linux Enterprise Live Patching 12-SP3",
"product": {
"name": "SUSE Linux Enterprise Live Patching",
"vendor": {
"name": "SUSE",
"scada": false
}
}
},
{
"description": "SUSE Linux Enterprise Module pour Legacy Software 15",
"product": {
"name": "N/A",
"vendor": {
"name": "SUSE",
"scada": false
}
}
},
{
"description": "SUSE Linux Enterprise High Availability 15",
"product": {
"name": "N/A",
"vendor": {
"name": "SUSE",
"scada": false
}
}
},
{
"description": "SUSE Linux Enterprise Module pour Development Tools 15",
"product": {
"name": "N/A",
"vendor": {
"name": "SUSE",
"scada": false
}
}
},
{
"description": "SUSE Linux Enterprise Workstation Extension 15",
"product": {
"name": "N/A",
"vendor": {
"name": "SUSE",
"scada": false
}
}
},
{
"description": "SUSE Linux Enterprise Server 12-SP4",
"product": {
"name": "SUSE Linux Enterprise Server",
"vendor": {
"name": "SUSE",
"scada": false
}
}
},
{
"description": "SUSE Linux Enterprise Live Patching 12-SP4",
"product": {
"name": "SUSE Linux Enterprise Live Patching",
"vendor": {
"name": "SUSE",
"scada": false
}
}
}
],
"affected_systems_content": null,
"content": "## Solution\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des\ncorrectifs (cf. section Documentation).\n",
"cves": [
{
"name": "CVE-2018-18710",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-18710"
},
{
"name": "CVE-2018-19407",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-19407"
},
{
"name": "CVE-2018-9568",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-9568"
},
{
"name": "CVE-2018-19985",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-19985"
},
{
"name": "CVE-2018-12232",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-12232"
},
{
"name": "CVE-2018-14625",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-14625"
},
{
"name": "CVE-2018-18397",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-18397"
},
{
"name": "CVE-2018-18281",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-18281"
},
{
"name": "CVE-2017-5753",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-5753"
},
{
"name": "CVE-2018-16862",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-16862"
},
{
"name": "CVE-2018-20169",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-20169"
},
{
"name": "CVE-2018-19854",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-19854"
},
{
"name": "CVE-2018-16884",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-16884"
},
{
"name": "CVE-2018-19824",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-19824"
}
],
"links": [],
"reference": "CERTFR-2019-AVI-042",
"revisions": [
{
"description": "Version initiale",
"revision_date": "2019-02-04T00:00:00.000000"
},
{
"description": "Ajout d\u0027un bulletin de s\u00e9curit\u00e9",
"revision_date": "2019-02-06T00:00:00.000000"
},
{
"description": "Ajout du bulletin de s\u00e9curit\u00e9 SUSE SUSE-SU-2019:0298-1 du 8 f\u00e9vrier 2019",
"revision_date": "2019-02-11T00:00:00.000000"
}
],
"risks": [
{
"description": "D\u00e9ni de service \u00e0 distance"
},
{
"description": "Atteinte \u00e0 l\u0027int\u00e9grit\u00e9 des donn\u00e9es"
},
{
"description": "D\u00e9ni de service"
},
{
"description": "Contournement de la politique de s\u00e9curit\u00e9"
},
{
"description": "Atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es"
},
{
"description": "\u00c9l\u00e9vation de privil\u00e8ges"
}
],
"summary": "De multiples vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 d\u00e9couvertes dans le noyau Linux de\nSUSE. Certaines d\u0027entre elles permettent \u00e0 un attaquant de provoquer un\nd\u00e9ni de service \u00e0 distance, un d\u00e9ni de service et un contournement de la\npolitique de s\u00e9curit\u00e9.\n",
"title": "Multiples vuln\u00e9rabilit\u00e9s dans le noyau Linux de SUSE",
"vendor_advisories": [
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 SUSE SUSE-SU-2019:0298-1 du 8 f\u00e9vrier 2019",
"url": "https://www.suse.com/support/update/announcement/2019/suse-su-20190298-1/"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 SUSE SUSE-SU-2019:0236-1 du 5 f\u00e9vrier 2019",
"url": "https://www.suse.com/support/update/announcement/2019/suse-su-20190236-1/"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 SUSE SUSE-SU-2019:0222-1 du 1 f\u00e9vrier 2019",
"url": "https://www.suse.com/support/update/announcement/2019/suse-su-20190222-1/"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 SUSE SUSE-SU-2019:0224-1 du 1 f\u00e9vrier 2019",
"url": "https://www.suse.com/support/update/announcement/2019/suse-su-20190224-1/"
}
]
}
CERTFR-2019-AVI-391
Vulnerability from certfr_avis - Published: - Updated:
De multiples vulnérabilités ont été découvertes dans le noyau Linux d'Ubuntu. Certaines d'entre elles permettent à un attaquant de provoquer une exécution de code arbitraire à distance, un déni de service à distance et un contournement de la politique de sécurité.
Solution
Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).
NoneImpacted products
References
| Title | Publication Time | Tags | |||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||
{
"$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
"affected_systems": [
{
"description": "Ubuntu 16.04 LTS",
"product": {
"name": "Ubuntu",
"vendor": {
"name": "Ubuntu",
"scada": false
}
}
},
{
"description": "Ubuntu 18.04 LTS",
"product": {
"name": "Ubuntu",
"vendor": {
"name": "Ubuntu",
"scada": false
}
}
},
{
"description": "Ubuntu 19.04",
"product": {
"name": "Ubuntu",
"vendor": {
"name": "Ubuntu",
"scada": false
}
}
},
{
"description": "Ubuntu 14.04 ESM",
"product": {
"name": "Ubuntu",
"vendor": {
"name": "Ubuntu",
"scada": false
}
}
}
],
"affected_systems_content": null,
"content": "## Solution\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des\ncorrectifs (cf. section Documentation).\n",
"cves": [
{
"name": "CVE-2019-12614",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-12614"
},
{
"name": "CVE-2019-1125",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-1125"
},
{
"name": "CVE-2019-2024",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-2024"
},
{
"name": "CVE-2018-13100",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-13100"
},
{
"name": "CVE-2018-14615",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-14615"
},
{
"name": "CVE-2019-9503",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-9503"
},
{
"name": "CVE-2018-20856",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-20856"
},
{
"name": "CVE-2018-13053",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-13053"
},
{
"name": "CVE-2018-13093",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-13093"
},
{
"name": "CVE-2019-11833",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-11833"
},
{
"name": "CVE-2018-14613",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-14613"
},
{
"name": "CVE-2018-13096",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-13096"
},
{
"name": "CVE-2019-3846",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-3846"
},
{
"name": "CVE-2018-14609",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-14609"
},
{
"name": "CVE-2019-13272",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-13272"
},
{
"name": "CVE-2018-20511",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-20511"
},
{
"name": "CVE-2018-16862",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-16862"
},
{
"name": "CVE-2018-20169",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-20169"
},
{
"name": "CVE-2018-14616",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-14616"
},
{
"name": "CVE-2019-12984",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-12984"
},
{
"name": "CVE-2018-14617",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-14617"
},
{
"name": "CVE-2019-2054",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-2054"
},
{
"name": "CVE-2019-12818",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-12818"
},
{
"name": "CVE-2018-13097",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-13097"
},
{
"name": "CVE-2019-13233",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-13233"
},
{
"name": "CVE-2019-2101",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-2101"
},
{
"name": "CVE-2018-13099",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-13099"
},
{
"name": "CVE-2019-11599",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-11599"
},
{
"name": "CVE-2018-14614",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-14614"
},
{
"name": "CVE-2018-14610",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-14610"
},
{
"name": "CVE-2018-13098",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-13098"
},
{
"name": "CVE-2018-14612",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-14612"
},
{
"name": "CVE-2019-10126",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-10126"
},
{
"name": "CVE-2018-5383",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-5383"
},
{
"name": "CVE-2019-12819",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-12819"
},
{
"name": "CVE-2018-14611",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-14611"
}
],
"links": [],
"reference": "CERTFR-2019-AVI-391",
"revisions": [
{
"description": "Version initiale",
"revision_date": "2019-08-14T00:00:00.000000"
}
],
"risks": [
{
"description": "D\u00e9ni de service \u00e0 distance"
},
{
"description": "Ex\u00e9cution de code arbitraire \u00e0 distance"
},
{
"description": "Contournement de la politique de s\u00e9curit\u00e9"
},
{
"description": "Atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es"
},
{
"description": "\u00c9l\u00e9vation de privil\u00e8ges"
}
],
"summary": "De multiples vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 d\u00e9couvertes dans le noyau Linux\nd\u0027Ubuntu. Certaines d\u0027entre elles permettent \u00e0 un attaquant de provoquer\nune ex\u00e9cution de code arbitraire \u00e0 distance, un d\u00e9ni de service \u00e0\ndistance et un contournement de la politique de s\u00e9curit\u00e9.\n",
"title": "Multiples vuln\u00e9rabilit\u00e9s dans le noyau Linux d\u0027Ubuntu",
"vendor_advisories": [
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Ubuntu USN-4094-1 du 13 ao\u00fbt 2019",
"url": "https://usn.ubuntu.com/4094-1/"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Ubuntu USN-4093-1 du 13 ao\u00fbt 2019",
"url": "https://usn.ubuntu.com/4093-1/"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Ubuntu USN-4096-1 du 13 ao\u00fbt 2019",
"url": "https://usn.ubuntu.com/4096-1/"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Ubuntu USN-4095-2 du 13 ao\u00fbt 2019",
"url": "https://usn.ubuntu.com/4095-2/"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Ubuntu USN-4095-1 du 13 ao\u00fbt 2019",
"url": "https://usn.ubuntu.com/4095-1/"
}
]
}
GSD-2018-16862
Vulnerability from gsd - Updated: 2023-12-13 01:22Details
A security flaw was found in the Linux kernel in a way that the cleancache subsystem clears an inode after the final file truncation (removal). The new file created with the same inode may contain leftover pages from cleancache and the old file data instead of the new one.
Aliases
Aliases
{
"GSD": {
"alias": "CVE-2018-16862",
"description": "A security flaw was found in the Linux kernel in a way that the cleancache subsystem clears an inode after the final file truncation (removal). The new file created with the same inode may contain leftover pages from cleancache and the old file data instead of the new one.",
"id": "GSD-2018-16862",
"references": [
"https://www.suse.com/security/cve/CVE-2018-16862.html",
"https://ubuntu.com/security/CVE-2018-16862",
"https://advisories.mageia.org/CVE-2018-16862.html",
"https://alas.aws.amazon.com/cve/html/CVE-2018-16862.html",
"https://linux.oracle.com/cve/CVE-2018-16862.html"
]
},
"gsd": {
"metadata": {
"exploitCode": "unknown",
"remediation": "unknown",
"reportConfidence": "confirmed",
"type": "vulnerability"
},
"osvSchema": {
"aliases": [
"CVE-2018-16862"
],
"details": "A security flaw was found in the Linux kernel in a way that the cleancache subsystem clears an inode after the final file truncation (removal). The new file created with the same inode may contain leftover pages from cleancache and the old file data instead of the new one.",
"id": "GSD-2018-16862",
"modified": "2023-12-13T01:22:26.341454Z",
"schema_version": "1.4.0"
}
},
"namespaces": {
"cve.org": {
"CVE_data_meta": {
"ASSIGNER": "secalert@redhat.com",
"ID": "CVE-2018-16862",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "kernel:",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "[UNKNOWN]"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "A security flaw was found in the Linux kernel in a way that the cleancache subsystem clears an inode after the final file truncation (removal). The new file created with the same inode may contain leftover pages from cleancache and the old file data instead of the new one."
}
]
},
"impact": {
"cvss": [
{
"attackComplexity": "HIGH",
"attackVector": "LOCAL",
"availabilityImpact": "NONE",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.0/AV:L/AC:H/PR:N/UI:R/S:U/C:H/I:L/A:N",
"version": "3.0"
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"cweId": "CWE-200",
"lang": "eng",
"value": "CWE-200"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://usn.ubuntu.com/3879-1/",
"refsource": "MISC",
"url": "https://usn.ubuntu.com/3879-1/"
},
{
"name": "https://usn.ubuntu.com/3879-2/",
"refsource": "MISC",
"url": "https://usn.ubuntu.com/3879-2/"
},
{
"name": "http://www.securityfocus.com/bid/106009",
"refsource": "MISC",
"url": "http://www.securityfocus.com/bid/106009"
},
{
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2018-16862",
"refsource": "MISC",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2018-16862"
},
{
"name": "https://lists.debian.org/debian-lts-announce/2019/03/msg00017.html",
"refsource": "MISC",
"url": "https://lists.debian.org/debian-lts-announce/2019/03/msg00017.html"
},
{
"name": "https://lists.debian.org/debian-lts-announce/2019/03/msg00034.html",
"refsource": "MISC",
"url": "https://lists.debian.org/debian-lts-announce/2019/03/msg00034.html"
},
{
"name": "https://lists.debian.org/debian-lts-announce/2019/04/msg00004.html",
"refsource": "MISC",
"url": "https://lists.debian.org/debian-lts-announce/2019/04/msg00004.html"
},
{
"name": "https://lore.kernel.org/patchwork/patch/1011367/",
"refsource": "MISC",
"url": "https://lore.kernel.org/patchwork/patch/1011367/"
},
{
"name": "https://seclists.org/oss-sec/2018/q4/169",
"refsource": "MISC",
"url": "https://seclists.org/oss-sec/2018/q4/169"
},
{
"name": "https://usn.ubuntu.com/4094-1/",
"refsource": "MISC",
"url": "https://usn.ubuntu.com/4094-1/"
},
{
"name": "https://usn.ubuntu.com/4118-1/",
"refsource": "MISC",
"url": "https://usn.ubuntu.com/4118-1/"
}
]
}
},
"nvd.nist.gov": {
"configurations": {
"CVE_data_version": "4.0",
"nodes": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndIncluding": "4.14",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:redhat:enterprise_linux:7.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:lts:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:lts:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
}
]
},
"cve": {
"CVE_data_meta": {
"ASSIGNER": "secalert@redhat.com",
"ID": "CVE-2018-16862"
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "en",
"value": "A security flaw was found in the Linux kernel in a way that the cleancache subsystem clears an inode after the final file truncation (removal). The new file created with the same inode may contain leftover pages from cleancache and the old file data instead of the new one."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "en",
"value": "CWE-200"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "[oss-security] 20181123 CVE-2018-16862: Linux kernel: cleancache: deleted files infoleak",
"refsource": "MLIST",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "https://seclists.org/oss-sec/2018/q4/169"
},
{
"name": "https://lore.kernel.org/patchwork/patch/1011367/",
"refsource": "CONFIRM",
"tags": [
"Issue Tracking",
"Patch",
"Vendor Advisory"
],
"url": "https://lore.kernel.org/patchwork/patch/1011367/"
},
{
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2018-16862",
"refsource": "CONFIRM",
"tags": [
"Issue Tracking",
"Third Party Advisory"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2018-16862"
},
{
"name": "106009",
"refsource": "BID",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/bid/106009"
},
{
"name": "USN-3879-2",
"refsource": "UBUNTU",
"tags": [
"Third Party Advisory"
],
"url": "https://usn.ubuntu.com/3879-2/"
},
{
"name": "USN-3879-1",
"refsource": "UBUNTU",
"tags": [
"Third Party Advisory"
],
"url": "https://usn.ubuntu.com/3879-1/"
},
{
"name": "[debian-lts-announce] 20190315 [SECURITY] [DLA 1715-1] linux-4.9 security update",
"refsource": "MLIST",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "https://lists.debian.org/debian-lts-announce/2019/03/msg00017.html"
},
{
"name": "[debian-lts-announce] 20190327 [SECURITY] [DLA 1731-1] linux security update",
"refsource": "MLIST",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "https://lists.debian.org/debian-lts-announce/2019/03/msg00034.html"
},
{
"name": "[debian-lts-announce] 20190401 [SECURITY] [DLA 1731-2] linux regression update",
"refsource": "MLIST",
"tags": [],
"url": "https://lists.debian.org/debian-lts-announce/2019/04/msg00004.html"
},
{
"name": "USN-4094-1",
"refsource": "UBUNTU",
"tags": [],
"url": "https://usn.ubuntu.com/4094-1/"
},
{
"name": "USN-4118-1",
"refsource": "UBUNTU",
"tags": [],
"url": "https://usn.ubuntu.com/4118-1/"
}
]
}
},
"impact": {
"baseMetricV2": {
"acInsufInfo": false,
"cvssV2": {
"accessComplexity": "LOW",
"accessVector": "LOCAL",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 2.1,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "NONE",
"vectorString": "AV:L/AC:L/Au:N/C:P/I:N/A:N",
"version": "2.0"
},
"exploitabilityScore": 3.9,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"severity": "LOW",
"userInteractionRequired": false
},
"baseMetricV3": {
"cvssV3": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "NONE",
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",
"version": "3.0"
},
"exploitabilityScore": 1.8,
"impactScore": 3.6
}
},
"lastModifiedDate": "2019-04-01T21:29Z",
"publishedDate": "2018-11-26T19:29Z"
}
}
}
SUSE-SU-2019:0196-1
Vulnerability from csaf_suse - Published: 2019-01-29 12:14 - Updated: 2019-01-29 12:14Summary
Security update for the Linux Kernel
Notes
Title of the patch
Security update for the Linux Kernel
Description of the patch
The SUSE Linux Enterprise 12 SP4 kernel was updated to receive various security and bugfixes.
The following security bugs were fixed:
- CVE-2018-9568: In sk_clone_lock of sock.c, there is a possible memory corruption due to type confusion. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation. (bnc#1118319).
- CVE-2018-12232: In net/socket.c in the there is a race condition between fchownat and close in cases where they target the same socket file descriptor, related to the sock_close and sockfs_setattr functions. fchownat did not increment the file descriptor reference count, which allowed close to set the socket to NULL during fchownat's execution, leading to a NULL pointer dereference and system crash (bnc#1097593).
- CVE-2018-14625: A flaw was found where an attacker may be able to have an uncontrolled read to kernel-memory from within a vm guest. A race condition between connect() and close() function may allow an attacker using the AF_VSOCK protocol to gather a 4 byte information leak or possibly intercept or corrupt AF_VSOCK messages destined to other clients (bnc#1106615).
- CVE-2018-16862: A security flaw was found in a way that the cleancache subsystem clears an inode after the final file truncation (removal). The new file created with the same inode may contain leftover pages from cleancache and the old file data instead of the new one (bnc#1117186).
- CVE-2018-16884: NFS41+ shares mounted in different network namespaces at the same time can make bc_svc_process() use wrong back-channel IDs and cause a use-after-free vulnerability. Thus a malicious container user can cause a host kernel memory corruption and a system panic. Due to the nature of the flaw, privilege escalation cannot be fully ruled out (bnc#1119946).
- CVE-2018-18397: The userfaultfd implementation mishandled access control for certain UFFDIO_ ioctl calls, as demonstrated by allowing local users to write data into holes in a tmpfs file (if the user has read-only access to that file, and that file contains holes), related to fs/userfaultfd.c and mm/userfaultfd.c (bnc#1117656).
- CVE-2018-19407: The vcpu_scan_ioapic function in arch/x86/kvm/x86.c allowed local users to cause a denial of service (NULL pointer dereference and BUG) via crafted system calls that reach a situation where ioapic is uninitialized (bnc#1116841).
- CVE-2018-19854: An issue was discovered in the crypto_report_one() and related functions in crypto/crypto_user.c (the crypto user configuration API) do not fully initialize structures that are copied to userspace, potentially leaking sensitive memory to user programs. NOTE: this is a CVE-2013-2547 regression but with easier exploitability because the attacker did not need a capability (however, the system must have the CONFIG_CRYPTO_USER kconfig option) (bnc#1118428).
- CVE-2018-19985: The function hso_probe read if_num from the USB device (as an u8) and used it without a length check to index an array, resulting in an OOB memory read in hso_probe or hso_get_config_data that could be used by local attackers (bnc#1120743).
- CVE-2018-20169: The USB subsystem mishandled size checks during the reading of an extra descriptor, related to __usb_get_extra_descriptor in drivers/usb/core/usb.c (bnc#1119714).
The following non-security bugs were fixed:
- acpi / CPPC: Check for valid PCC subspace only if PCC is used (bsc#1117115).
- acpi / CPPC: Update all pr_(debug/err) messages to log the susbspace id (bsc#1117115).
- aio: fix spectre gadget in lookup_ioctx (bsc#1120594).
- alsa: cs46xx: Potential NULL dereference in probe (bsc#1051510).
- alsa: emu10k1: Fix potential Spectre v1 vulnerabilities (bsc#1051510).
- alsa: emux: Fix potential Spectre v1 vulnerabilities (bsc#1051510).
- alsa: fireface: fix for state to fetch PCM frames (bsc#1051510).
- alsa: fireface: fix reference to wrong register for clock configuration (bsc#1051510).
- alsa: firewire-lib: fix wrong assignment for 'out_packet_without_header' tracepoint (bsc#1051510).
- alsa: firewire-lib: fix wrong handling payload_length as payload_quadlet (bsc#1051510).
- alsa: firewire-lib: use the same print format for 'without_header' tracepoints (bsc#1051510).
- alsa: hda: add mute LED support for HP EliteBook 840 G4 (bsc#1051510).
- alsa: hda: Add support for AMD Stoney Ridge (bsc#1051510).
- alsa: hda/ca0132 - make pci_iounmap() call conditional (bsc#1051510).
- alsa: hda: fix front speakers on Huawei MBXP (bsc#1051510).
- alsa: hda/realtek - Add support for Acer Aspire C24-860 headset mic (bsc#1051510).
- alsa: hda/realtek - Add unplug function into unplug state of Headset Mode for ALC225 (bsc#1051510).
- alsa: hda/realtek: ALC286 mic and headset-mode fixups for Acer Aspire U27-880 (bsc#1051510).
- alsa: hda/realtek: ALC294 mic and headset-mode fixups for ASUS X542UN (bsc#1051510).
- alsa: hda/realtek - Disable headset Mic VREF for headset mode of ALC225 (bsc#1051510).
- alsa: hda/realtek: Enable audio jacks of ASUS UX391UA with ALC294 (bsc#1051510).
- alsa: hda/realtek: Enable audio jacks of ASUS UX433FN/UX333FA with ALC294 (bsc#1051510).
- alsa: hda/realtek: Enable audio jacks of ASUS UX533FD with ALC294 (bsc#1051510).
- alsa: hda/realtek: Enable the headset mic auto detection for ASUS laptops (bsc#1051510).
- alsa: hda/realtek - Fixed headphone issue for ALC700 (bsc#1051510).
- alsa: hda/realtek: Fix mic issue on Acer AIO Veriton Z4660G (bsc#1051510).
- alsa: hda/realtek: Fix mic issue on Acer AIO Veriton Z4860G/Z6860G (bsc#1051510).
- alsa: hda/realtek - Fix speaker output regression on Thinkpad T570 (bsc#1051510).
- alsa: hda/realtek - Fix the mute LED regresion on Lenovo X1 Carbon (bsc#1051510).
- alsa: hda/realtek - Support Dell headset mode for New AIO platform (bsc#1051510).
- alsa: hda/tegra: clear pending irq handlers (bsc#1051510).
- alsa: pcm: Call snd_pcm_unlink() conditionally at closing (bsc#1051510).
- alsa: pcm: Fix interval evaluation with openmin/max (bsc#1051510).
- alsa: pcm: Fix potential Spectre v1 vulnerability (bsc#1051510).
- alsa: pcm: Fix starvation on down_write_nonblock() (bsc#1051510).
- alsa: rme9652: Fix potential Spectre v1 vulnerability (bsc#1051510).
- alsa: trident: Suppress gcc string warning (bsc#1051510).
- alsa: usb-audio: Add SMSL D1 to quirks for native DSD support (bsc#1051510).
- alsa: usb-audio: Add support for Encore mDSD USB DAC (bsc#1051510).
- alsa: usb-audio: Avoid access before bLength check in build_audio_procunit() (bsc#1051510).
- alsa: usb-audio: Fix an out-of-bound read in create_composite_quirks (bsc#1051510).
- alsa: x86: Fix runtime PM for hdmi-lpe-audio (bsc#1051510).
- apparmor: do not try to replace stale label in ptrace access check (git-fixes).
- apparmor: do not try to replace stale label in ptraceme check (git-fixes).
- apparmor: Fix uninitialized value in aa_split_fqname (git-fixes).
- arm64: Add work around for Arm Cortex-A55 Erratum 1024718 (bsc#1120612).
- arm64: atomics: Remove '&' from '+&' asm constraint in lse atomics (bsc#1120613).
- arm64: cpu_errata: include required headers (bsc#1120615).
- arm64: dma-mapping: Fix FORCE_CONTIGUOUS buffer clearing (bsc#1120633).
- arm64: Fix /proc/iomem for reserved but not memory regions (bsc#1120632).
- arm64: lse: Add early clobbers to some input/output asm operands (bsc#1120614).
- arm64: lse: remove -fcall-used-x0 flag (bsc#1120618).
- arm64: mm: always enable CONFIG_HOLES_IN_ZONE (bsc#1120617).
- arm64/numa: Report correct memblock range for the dummy node (bsc#1120620).
- arm64/numa: Unify common error path in numa_init() (bsc#1120621).
- arm64: remove no-op -p linker flag (bsc#1120616).
- ASoC: dapm: Recalculate audio map forcely when card instantiated (bsc#1051510).
- ASoC: intel: cht_bsw_max98090_ti: Add pmc_plt_clk_0 quirk for Chromebook Clapper (bsc#1051510).
- ASoC: intel: cht_bsw_max98090_ti: Add pmc_plt_clk_0 quirk for Chromebook Gnawty (bsc#1051510).
- ASoC: Intel: mrfld: fix uninitialized variable access (bsc#1051510).
- ASoC: omap-abe-twl6040: Fix missing audio card caused by deferred probing (bsc#1051510).
- ASoC: omap-dmic: Add pm_qos handling to avoid overruns with CPU_IDLE (bsc#1051510).
- ASoC: omap-mcbsp: Fix latency value calculation for pm_qos (bsc#1051510).
- ASoC: omap-mcpdm: Add pm_qos handling to avoid under/overruns with CPU_IDLE (bsc#1051510).
- ASoC: rsnd: fixup clock start checker (bsc#1051510).
- ASoC: wm_adsp: Fix dma-unsafe read of scratch registers (bsc#1051510).
- ath10k: do not assume this is a PCI dev in generic code (bsc#1051510).
- ath6kl: Only use match sets when firmware supports it (bsc#1051510).
- b43: Fix error in cordic routine (bsc#1051510).
- bcache: fix miss key refill->end in writeback (Git-fixes).
- bcache: trace missed reading by cache_missed (Git-fixes).
- Blacklist 5182f26f6f74 crypto: ccp - Make function sev_get_firmware() static
- blk-mq: remove synchronize_rcu() from blk_mq_del_queue_tag_set() (Git-fixes).
- block: allow max_discard_segments to be stacked (Git-fixes).
- block: blk_init_allocated_queue() set q->fq as NULL in the fail case (Git-fixes).
- block: really disable runtime-pm for blk-mq (Git-fixes).
- block: reset bi_iter.bi_done after splitting bio (Git-fixes).
- block/swim: Fix array bounds check (Git-fixes).
- bnxt_en: do not try to offload VLAN 'modify' action (bsc#1050242 ).
- bnxt_en: Fix enables field in HWRM_QUEUE_COS2BW_CFG request (bsc#1086282).
- bnxt_en: Fix VNIC reservations on the PF (bsc#1086282 ).
- bnxt_en: get the reduced max_irqs by the ones used by RDMA (bsc#1050242).
- bpf: fix check of allowed specifiers in bpf_trace_printk (bsc#1083647).
- bpf: use per htab salt for bucket hash (git-fixes).
- btrfs: Always try all copies when reading extent buffers (git-fixes).
- btrfs: delete dead code in btrfs_orphan_add() (bsc#1111469).
- btrfs: delete dead code in btrfs_orphan_commit_root() (bsc#1111469).
- btrfs: do not BUG_ON() in btrfs_truncate_inode_items() (bsc#1111469).
- btrfs: do not check inode's runtime flags under root->orphan_lock (bsc#1111469).
- btrfs: do not return ino to ino cache if inode item removal fails (bsc#1111469).
- btrfs: fix ENOSPC caused by orphan items reservations (bsc#1111469).
- btrfs: Fix error handling in btrfs_cleanup_ordered_extents (git-fixes).
- btrfs: fix error handling in btrfs_truncate() (bsc#1111469).
- btrfs: fix error handling in btrfs_truncate_inode_items() (bsc#1111469).
- btrfs: fix fsync of files with multiple hard links in new directories (1120173).
- btrfs: Fix memory barriers usage with device stats counters (git-fixes).
- btrfs: fix use-after-free on root->orphan_block_rsv (bsc#1111469).
- btrfs: get rid of BTRFS_INODE_HAS_ORPHAN_ITEM (bsc#1111469).
- btrfs: get rid of unused orphan infrastructure (bsc#1111469).
- btrfs: move btrfs_truncate_block out of trans handle (bsc#1111469).
- btrfs: qgroup: Dirty all qgroups before rescan (bsc#1120036).
- btrfs: refactor btrfs_evict_inode() reserve refill dance (bsc#1111469).
- btrfs: renumber BTRFS_INODE_ runtime flags and switch to enums (bsc#1111469).
- btrfs: reserve space for O_TMPFILE orphan item deletion (bsc#1111469).
- btrfs: run delayed items before dropping the snapshot (bsc#1121263, bsc#1111188).
- btrfs: stop creating orphan items for truncate (bsc#1111469).
- btrfs: tree-checker: Do not check max block group size as current max chunk size limit is unreliable (fixes for bsc#1102882, bsc#1102896, bsc#1102879, bsc#1102877, bsc#1102875).
- btrfs: update stale comments referencing vmtruncate() (bsc#1111469).
- can: flexcan: flexcan_irq(): fix indention (bsc#1051510).
- cdrom: do not attempt to fiddle with cdo->capability (bsc#1051510).
- ceph: do not update importing cap's mseq when handing cap export (bsc#1121273).
- char_dev: extend dynamic allocation of majors into a higher range (bsc#1121058).
- char_dev: Fix off-by-one bugs in find_dynamic_major() (bsc#1121058).
- clk: mmp: Off by one in mmp_clk_add() (bsc#1051510).
- clk: mvebu: Off by one bugs in cp110_of_clk_get() (bsc#1051510).
- compiler-gcc.h: Add __attribute__((gnu_inline)) to all inline declarations (git-fixes).
- config: arm64: enable erratum 1024718
- cpufeature: avoid warning when compiling with clang (Git-fixes).
- cpufreq / CPPC: Add cpuinfo_cur_freq support for CPPC (bsc#1117115).
- cpufreq: CPPC: fix build in absence of v3 support (bsc#1117115).
- cpupower: remove stringop-truncation waring (git-fixes).
- crypto: bcm - fix normal/non key hash algorithm failure (bsc#1051510).
- crypto: ccp - Add DOWNLOAD_FIRMWARE SEV command ().
- crypto: ccp - Add GET_ID SEV command ().
- crypto: ccp - Add psp enabled message when initialization succeeds ().
- crypto: ccp - Add support for new CCP/PSP device ID ().
- crypto: ccp - Allow SEV firmware to be chosen based on Family and Model ().
- crypto: ccp - Fix static checker warning ().
- crypto: ccp - Remove unused #defines ().
- crypto: ccp - Support register differences between PSP devices ().
- dasd: fix deadlock in dasd_times_out (bsc#1121477, LTC#174111).
- dax: Check page->mapping isn't NULL (bsc#1120054).
- dax: Do not access a freed inode (bsc#1120055).
- device property: Define type of PROPERTY_ENRTY_*() macros (bsc#1051510).
- device property: fix fwnode_graph_get_next_endpoint() documentation (bsc#1051510).
- disable stringop truncation warnings for now (git-fixes).
- dm: allocate struct mapped_device with kvzalloc (Git-fixes).
- dm cache: destroy migration_cache if cache target registration failed (Git-fixes).
- dm cache: fix resize crash if user does not reload cache table (Git-fixes).
- dm cache metadata: ignore hints array being too small during resize (Git-fixes).
- dm cache metadata: save in-core policy_hint_size to on-disk superblock (Git-fixes).
- dm cache metadata: set dirty on all cache blocks after a crash (Git-fixes).
- dm cache: only allow a single io_mode cache feature to be requested (Git-fixes).
- dm crypt: do not decrease device limits (Git-fixes).
- dm: fix report zone remapping to account for partition offset (Git-fixes).
- dm integrity: change 'suspending' variable from bool to int (Git-fixes).
- dm ioctl: harden copy_params()'s copy_from_user() from malicious users (Git-fixes).
- dm linear: eliminate linear_end_io call if CONFIG_DM_ZONED disabled (Git-fixes).
- dm linear: fix linear_end_io conditional definition (Git-fixes).
- dm thin: handle running out of data space vs concurrent discard (Git-fixes).
- dm thin metadata: remove needless work from __commit_transaction (Git-fixes).
- dm thin: stop no_space_timeout worker when switching to write-mode (Git-fixes).
- dm writecache: fix a crash due to reading past end of dirty_bitmap (Git-fixes).
- dm writecache: report start_sector in status line (Git-fixes).
- dm zoned: fix metadata block ref counting (Git-fixes).
- dm zoned: fix various dmz_get_mblock() issues (Git-fixes).
- doc/README.SUSE: correct GIT url No more gitorious, github we use.
- drivers/net/usb: add device id for TP-LINK UE300 USB 3.0 Ethernet (bsc#1119749).
- drivers/net/usb/r8152: remove the unneeded variable 'ret' in rtl8152_system_suspend (bsc#1119749).
- drivers/tty: add missing of_node_put() (bsc#1051510).
- drm/amdgpu/gmc8: update MC firmware for polaris (bsc#1113722)
- drm/amdgpu: update mc firmware image for polaris12 variants (bsc#1113722)
- drm/amdgpu: update SMC firmware image for polaris10 variants (bsc#1113722)
- drm/fb-helper: Ignore the value of fb_var_screeninfo.pixclock (bsc#1113722)
- drm/i915/execlists: Apply a full mb before execution for Braswell (bsc#1113722)
- drm/ioctl: Fix Spectre v1 vulnerabilities (bsc#1113722)
- drm/nouveau/kms: Fix memory leak in nv50_mstm_del() (bsc#1113722)
- drm: rcar-du: Fix external clock error checks (bsc#1113722)
- drm: rcar-du: Fix vblank initialization (bsc#1113722)
- drm/rockchip: psr: do not dereference encoder before it is null (bsc#1113722)
- drm: set is_master to 0 upon drm_new_set_master() failure (bsc#1113722)
- drm/vc4: Set ->is_yuv to false when num_planes == 1 (bsc#1113722)
- drm/vc4: ->x_scaling[1] should never be set to VC4_SCALING_NONE (bsc#1113722)
- dt-bindings: add compatible string for Allwinner V3s SoC (git-fixes).
- dt-bindings: arm: Document SoC compatible value for Armadillo-800 EVA (git-fixes).
- dt-bindings: clock: add rk3399 DDR3 standard speed bins (git-fixes).
- dt-bindings: clock: mediatek: add binding for fixed-factor clock axisel_d4 (git-fixes).
- dt-bindings: iio: update STM32 timers clock names (git-fixes).
- dt-bindings: mfd: axp20x: Add AXP806 to supported list of chips (git-fixes).
- dt-bindings: net: Remove duplicate NSP Ethernet MAC binding document (git-fixes).
- dt-bindings: panel: lvds: Fix path to display timing bindings (git-fixes).
- dt-bindings: phy: sun4i-usb-phy: Add property descriptions for H3 (git-fixes).
- dt-bindings: pwm: renesas: tpu: Fix 'compatible' prop description (git-fixes).
- dt-bindings: pwm: Update STM32 timers clock names (git-fixes).
- dt-bindings: rcar-dmac: Document missing error interrupt (git-fixes).
- efi: Move some sysfs files to be read-only by root (bsc#1051510).
- ethernet: fman: fix wrong of_node_put() in probe function (bsc#1119017).
- exportfs: fix 'passing zero to ERR_PTR()' warning (bsc#1118773).
- ext2: fix potential use after free (bsc#1118775).
- ext4: avoid possible double brelse() in add_new_gdb() on error path (bsc#1118760).
- ext4: fix EXT4_IOC_GROUP_ADD ioctl (bsc#1120604).
- ext4: fix possible use after free in ext4_quota_enable (bsc#1120602).
- ext4: missing unlock/put_page() in ext4_try_to_write_inline_data() (bsc#1120603).
- extable: Consolidate *kernel_text_address() functions (bsc#1120092).
- extable: Enable RCU if it is not watching in kernel_text_address() (bsc#1120092).
- fbdev: fbcon: Fix unregister crash when more than one framebuffer (bsc#1113722)
- fbdev: fbmem: behave better with small rotated displays and many CPUs (bsc#1113722)
- filesystem-dax: Fix dax_layout_busy_page() livelock (bsc#1118787).
- firmware: add firmware_request_nowarn() - load firmware without warnings ().
- Fix tracing sample code warning (git-fixes).
- fscache: Fix race in fscache_op_complete() due to split atomic_sub & read (Git-fixes).
- fscache: Pass the correct cancelled indications to fscache_op_complete() (Git-fixes).
- fs: fix lost error code in dio_complete (bsc#1118762).
- fs/xfs: Use %pS printk format for direct addresses (git-fixes).
- fuse: fix blocked_waitq wakeup (git-fixes).
- fuse: fix leaked notify reply (git-fixes).
- fuse: fix possibly missed wake-up after abort (git-fixes).
- fuse: Fix use-after-free in fuse_dev_do_read() (git-fixes).
- fuse: Fix use-after-free in fuse_dev_do_write() (git-fixes).
- fuse: fix use-after-free in fuse_direct_IO() (git-fixes).
- fuse: set FR_SENT while locked (git-fixes).
- gcc-plugins: Add include required by GCC release 8 (git-fixes).
- gcc-plugins: Use dynamic initializers (git-fixes).
- gfs2: Do not leave s_fs_info pointing to freed memory in init_sbd (bsc#1118769).
- gfs2: Fix loop in gfs2_rbm_find (bsc#1120601).
- gfs2: Get rid of potential double-freeing in gfs2_create_inode (bsc#1120600).
- gfs2_meta: ->mount() can get NULL dev_name (bsc#1118768).
- gfs2: Put bitmap buffers in put_super (bsc#1118772).
- gpio: davinci: Remove unused member of davinci_gpio_controller (git-fixes).
- gpiolib-acpi: Only defer request_irq for GpioInt ACPI event handlers (bsc#1051510).
- gpiolib: Fix return value of gpio_to_desc() stub if !GPIOLIB (bsc#1051510).
- gpio: max7301: fix driver for use with CONFIG_VMAP_STACK (bsc#1051510).
- gpio: mvebu: only fail on missing clk if pwm is actually to be used (bsc#1051510).
- hid: Add quirk for Primax PIXART OEM mice (bsc#1119410).
- hid: input: Ignore battery reported by Symbol DS4308 (bsc#1051510).
- hid: multitouch: Add pointstick support for Cirque Touchpad (bsc#1051510).
- hwpoison, memory_hotplug: allow hwpoisoned pages to be offlined (bnc#1116336).
- i2c: axxia: properly handle master timeout (bsc#1051510).
- i2c: scmi: Fix probe error on devices with an empty SMB0001 ACPI device node (bsc#1051510).
- ib/hfi1: Add mtu check for operational data VLs (bsc#1060463 ).
- ibmvnic: Convert reset work item mutex to spin lock ().
- ibmvnic: Fix non-atomic memory allocation in IRQ context ().
- ib/rxe: support for 802.1q VLAN on the listener (bsc#1082387).
- ieee802154: 6lowpan: set IFLA_LINK (bsc#1051510).
- ieee802154: at86rf230: switch from BUG_ON() to WARN_ON() on problem (bsc#1051510).
- ieee802154: at86rf230: use __func__ macro for debug messages (bsc#1051510).
- ieee802154: fakelb: switch from BUG_ON() to WARN_ON() on problem (bsc#1051510).
- Include modules.fips in kernel-binary as well as kernel-binary-base ().
- initramfs: fix initramfs rebuilds w/ compression after disabling (git-fixes).
- Input: add official Raspberry Pi's touchscreen driver ().
- Input: cros_ec_keyb - fix button/switch capability reports (bsc#1051510).
- Input: elan_i2c - add ACPI ID for Lenovo IdeaPad 330-15ARR (bsc#1051510).
- Input: elan_i2c - add ELAN0620 to the ACPI table (bsc#1051510).
- Input: elan_i2c - add support for ELAN0621 touchpad (bsc#1051510).
- Input: hyper-v - fix wakeup from suspend-to-idle (bsc#1051510).
- Input: matrix_keypad - check for errors from of_get_named_gpio() (bsc#1051510).
- Input: nomadik-ske-keypad - fix a loop timeout test (bsc#1051510).
- Input: omap-keypad - fix keyboard debounce configuration (bsc#1051510).
- Input: synaptics - add PNP ID for ThinkPad P50 to SMBus (bsc#1051510).
- Input: synaptics - enable SMBus for HP 15-ay000 (bsc#1051510).
- Input: xpad - quirk all PDP Xbox One gamepads (bsc#1051510).
- integrity/security: fix digsig.c build error with header file (bsc#1051510).
- intel_th: msu: Fix an off-by-one in attribute store (bsc#1051510).
- iommu/amd: Fix amd_iommu=force_isolation (bsc#1106105).
- iommu/vt-d: Handle domain agaw being less than iommu agaw (bsc#1106105).
- iwlwifi: add new cards for 9560, 9462, 9461 and killer series (bsc#1051510).
- iwlwifi: fix LED command capability bit (bsc#1119086).
- iwlwifi: fix non_shared_ant for 22000 devices (bsc#1119086).
- iwlwifi: fix wrong WGDS_WIFI_DATA_SIZE (bsc#1119086).
- iwlwifi: mvm: do not send GEO_TX_POWER_LIMIT to old firmwares (bsc#1119086).
- iwlwifi: nvm: get num of hw addresses from firmware (bsc#1119086).
- iwlwifi: pcie: do not reset TXQ write pointer (bsc#1051510).
- jffs2: free jffs2_sb_info through jffs2_kill_sb() (bsc#1118767).
- jump_label: Split out code under the hotplug lock (bsc#1106913).
- kabi: hwpoison, memory_hotplug: allow hwpoisoned pages to be offlined (bnc#1116336).
- kabi protect hnae_ae_ops (bsc#1104353).
- kbuild: allow to use GCC toolchain not in Clang search path (git-fixes).
- kbuild: fix linker feature test macros when cross compiling with Clang (git-fixes).
- kbuild: make missing $DEPMOD a Warning instead of an Error (git-fixes).
- kbuild: rpm-pkg: keep spec file until make mrproper (git-fixes).
- kbuild: suppress packed-not-aligned warning for default setting only (git-fixes).
- kbuild: verify that $DEPMOD is installed (git-fixes).
- kdb: use memmove instead of overlapping memcpy (bsc#1120954).
- kernfs: Replace strncpy with memcpy (bsc#1120053).
- keys: Fix the use of the C++ keyword 'private' in uapi/linux/keyctl.h (Git-fixes).
- kobject: Replace strncpy with memcpy (git-fixes).
- kprobes: Make list and blacklist root user read only (git-fixes).
- kvm: PPC: Book3S PR: Enable use on POWER9 inside HPT-mode guests (bsc#1118484).
- libata: whitelist all SAMSUNG MZ7KM* solid-state disks (bsc#1051510).
- libertas_tf: prevent underflow in process_cmdrequest() (bsc#1119086).
- libnvdimm, pfn: Pad pfn namespaces relative to other regions (bsc#1118962).
- libnvdimm, pmem: Fix badblocks population for 'raw' namespaces (bsc#1118788).
- lib/raid6: Fix arm64 test build (bsc#1051510).
- lib/ubsan.c: do not mark __ubsan_handle_builtin_unreachable as noreturn (bsc#1051510).
- Limit max FW API version for QCA9377 (bsc#1121714, bsc#1121715).
- linux/bitmap.h: fix type of nbits in bitmap_shift_right() (bsc#1051510).
- locking/barriers: Convert users of lockless_dereference() to READ_ONCE() (Git-fixes).
- locking/static_keys: Improve uninitialized key warning (bsc#1106913).
- mac80211: Clear beacon_int in ieee80211_do_stop (bsc#1051510).
- mac80211: fix reordering of buffered broadcast packets (bsc#1051510).
- mac80211_hwsim: fix module init error paths for netlink (bsc#1051510).
- mac80211_hwsim: Timer should be initialized before device registered (bsc#1051510).
- mac80211: ignore NullFunc frames in the duplicate detection (bsc#1051510).
- mac80211: ignore tx status for PS stations in ieee80211_tx_status_ext (bsc#1051510).
- Mark HI and TASKLET softirq synchronous (git-fixes).
- md: fix raid10 hang issue caused by barrier (git-fixes).
- media: em28xx: Fix use-after-free when disconnecting (bsc#1051510).
- media: em28xx: make v4l2-compliance happier by starting sequence on zero (bsc#1051510).
- media: omap3isp: Unregister media device as first (bsc#1051510).
- mmc: bcm2835: reset host on timeout (bsc#1051510).
- mmc: core: Allow BKOPS and CACHE ctrl even if no HPI support (bsc#1051510).
- mmc: core: Reset HPI enabled state during re-init and in case of errors (bsc#1051510).
- mmc: core: Use a minimum 1600ms timeout when enabling CACHE ctrl (bsc#1051510).
- mmc: dw_mmc-bluefield: Add driver extension (bsc#1118752).
- mmc: dw_mmc-k3: add sd support for hi3660 (bsc#1118752).
- MMC: OMAP: fix broken MMC on OMAP15XX/OMAP5910/OMAP310 (bsc#1051510).
- mmc: omap_hsmmc: fix DMA API warning (bsc#1051510).
- mmc: sdhci: fix the timeout check window for clock and reset (bsc#1051510).
- mm: do not miss the last page because of round-off error (bnc#1118798).
- mm: do not warn about large allocations for slab (git fixes (slab)).
- mm/huge_memory.c: reorder operations in __split_huge_page_tail() (VM Functionality bsc#1119962).
- mm/huge_memory: fix lockdep complaint on 32-bit i_size_read() (VM Functionality, bsc#1121599).
- mm/huge_memory: rename freeze_page() to unmap_page() (VM Functionality, bsc#1121599).
- mm/huge_memory: splitting set mapping+index before unfreeze (VM Functionality, bsc#1121599).
- mm: hugetlb: yield when prepping struct pages (git fixes (memory initialisation)).
- mm/khugepaged: collapse_shmem() do not crash on Compound (VM Functionality, bsc#1121599).
- mm/khugepaged: collapse_shmem() remember to clear holes (VM Functionality, bsc#1121599).
- mm/khugepaged: collapse_shmem() stop if punched or truncated (VM Functionality, bsc#1121599).
- mm/khugepaged: collapse_shmem() without freezing new_page (VM Functionality, bsc#1121599).
- mm/khugepaged: fix crashes due to misaccounted holes (VM Functionality, bsc#1121599).
- mm/khugepaged: minor reorderings in collapse_shmem() (VM Functionality, bsc#1121599).
- mm: lower the printk loglevel for __dump_page messages (generic hotplug debugability).
- mm, memory_hotplug: be more verbose for memory offline failures (generic hotplug debugability).
- mm, memory_hotplug: drop pointless block alignment checks from __offline_pages (generic hotplug debugability).
- mm, memory_hotplug: print reason for the offlining failure (generic hotplug debugability).
- mm: migration: fix migration of huge PMD shared pages (bnc#1086423).
- mm: only report isolation failures when offlining memory (generic hotplug debugability).
- mm: print more information about mapping in __dump_page (generic hotplug debugability).
- mm: put_and_wait_on_page_locked() while page is migrated (bnc#1109272).
- mm: sections are not offlined during memory hotremove (bnc#1119968).
- mm: shmem.c: Correctly annotate new inodes for lockdep (Git fixes: shmem).
- mm/vmstat.c: fix NUMA statistics updates (git fixes).
- Move dell_rbu fix to sorted section (bsc#1087978).
- mtd: cfi: convert inline functions to macros (git-fixes).
- mtd: Fix comparison in map_word_andequal() (git-fixes).
- namei: allow restricted O_CREAT of FIFOs and regular files (bsc#1118766).
- nbd: do not allow invalid blocksize settings (Git-fixes).
- net: bgmac: Fix endian access in bgmac_dma_tx_ring_free() (bsc#1051510).
- net: dsa: mv88e6xxx: Fix binding documentation for MDIO busses (git-fixes).
- net: dsa: qca8k: Add QCA8334 binding documentation (git-fixes).
- net: ena: fix crash during ena_remove() (bsc#1111696 bsc#1117561).
- net: ena: update driver version from 2.0.1 to 2.0.2 (bsc#1111696 bsc#1117561).
- net: hns3: Add nic state check before calling netif_tx_wake_queue (bsc#1104353).
- net: hns3: Add support for hns3_nic_netdev_ops.ndo_do_ioctl (bsc#1104353).
- net: hns3: bugfix for buffer not free problem during resetting (bsc#1104353).
- net: hns3: bugfix for handling mailbox while the command queue reinitialized (bsc#1104353).
- net: hns3: bugfix for hclge_mdio_write and hclge_mdio_read (bsc#1104353).
- net: hns3: bugfix for is_valid_csq_clean_head() (bsc#1104353 ).
- net: hns3: bugfix for reporting unknown vector0 interrupt repeatly problem (bsc#1104353).
- net: hns3: bugfix for rtnl_lock's range in the hclgevf_reset() (bsc#1104353).
- net: hns3: bugfix for the initialization of command queue's spin lock (bsc#1104353).
- net: hns3: Check hdev state when getting link status (bsc#1104353).
- net: hns3: Clear client pointer when initialize client failed or unintialize finished (bsc#1104353).
- net: hns3: Fix cmdq registers initialization issue for vf (bsc#1104353).
- net: hns3: Fix error of checking used vlan id (bsc#1104353 ).
- net: hns3: Fix ets validate issue (bsc#1104353).
- net: hns3: Fix for netdev not up problem when setting mtu (bsc#1104353).
- net: hns3: Fix for out-of-bounds access when setting pfc back pressure (bsc#1104353).
- net: hns3: Fix for packet buffer setting bug (bsc#1104353 ).
- net: hns3: Fix for rx vlan id handle to support Rev 0x21 hardware (bsc#1104353).
- net: hns3: Fix for setting speed for phy failed problem (bsc#1104353).
- net: hns3: Fix for vf vlan delete failed problem (bsc#1104353 ).
- net: hns3: Fix loss of coal configuration while doing reset (bsc#1104353).
- net: hns3: Fix parameter type for q_id in hclge_tm_q_to_qs_map_cfg() (bsc#1104353).
- net: hns3: Fix ping exited problem when doing lp selftest (bsc#1104353).
- net: hns3: Preserve vlan 0 in hardware table (bsc#1104353 ).
- net: hns3: remove unnecessary queue reset in the hns3_uninit_all_ring() (bsc#1104353).
- net: hns3: Set STATE_DOWN bit of hdev state when stopping net (bsc#1104353).
- net/mlx4_core: Correctly set PFC param if global pause is turned off (bsc#1046299).
- net: usb: r8152: constify usb_device_id (bsc#1119749).
- net: usb: r8152: use irqsave() in USB's complete callback (bsc#1119749).
- nospec: Allow index argument to have const-qualified type (git-fixes)
- nospec: Kill array_index_nospec_mask_check() (git-fixes).
- nvme-fc: resolve io failures during connect (bsc#1116803).
- nvme-multipath: zero out ANA log buffer (bsc#1105168).
- nvme: validate controller state before rescheduling keep alive (bsc#1103257).
- objtool: Detect RIP-relative switch table references (bsc#1058115).
- objtool: Detect RIP-relative switch table references, part 2 (bsc#1058115).
- objtool: Fix another switch table detection issue (bsc#1058115).
- objtool: Fix double-free in .cold detection error path (bsc#1058115).
- objtool: Fix GCC 8 cold subfunction detection for aliased functions (bsc#1058115).
- objtool: Fix 'noreturn' detection for recursive sibling calls (bsc#1058115).
- objtool: Fix segfault in .cold detection with -ffunction-sections (bsc#1058115).
- objtool: Support GCC 8's cold subfunctions (bsc#1058115).
- objtool: Support GCC 8 switch tables (bsc#1058115).
- panic: avoid deadlocks in re-entrant console drivers (bsc#1088386).
- pci: Add ACS quirk for Ampere root ports (bsc#1120058).
- pci: Add ACS quirk for APM X-Gene devices (bsc#1120058).
- pci: Convert device-specific ACS quirks from NULL termination to ARRAY_SIZE (bsc#1120058).
- pci: Delay after FLR of Intel DC P3700 NVMe (bsc#1120058).
- pci: Disable Samsung SM961/PM961 NVMe before FLR (bsc#1120058).
- pci: Export pcie_has_flr() (bsc#1120058).
- pci: iproc: Activate PAXC bridge quirk for more devices (bsc#1120058).
- pci: Mark Ceton InfiniTV4 INTx masking as broken (bsc#1120058).
- pci: Mark fall-through switch cases before enabling -Wimplicit-fallthrough (bsc#1120058).
- pci: Mark Intel XXV710 NIC INTx masking as broken (bsc#1120058).
- perf tools: Fix tracing_path_mount proper path (git-fixes).
- platform-msi: Free descriptors in platform_msi_domain_free() (bsc#1051510).
- powerpc/64s: consolidate MCE counter increment (bsc#1094244).
- powerpc/64s/radix: Fix process table entry cache invalidation (bsc#1055186, git-fixes).
- powerpc/boot: Expose Kconfig symbols to wrapper (bsc#1065729).
- powerpc/boot: Fix build failures with -j 1 (bsc#1065729).
- powerpc/pkeys: Fix handling of pkey state across fork() (bsc#1078248, git-fixes).
- powerpc/powernv: Fix save/restore of SPRG3 on entry/exit from stop (idle) (bsc#1055121).
- powerpc/pseries: Track LMB nid instead of using device tree (bsc#1108270).
- powerpc/traps: restore recoverability of machine_check interrupts (bsc#1094244).
- power: supply: olpc_battery: correct the temperature units (bsc#1051510).
- ptrace: Remove unused ptrace_may_access_sched() and MODE_IBRS (bsc#1106913).
- qed: Add driver support for 20G link speed (bsc#1110558).
- qed: Add support for virtual link (bsc#1111795).
- qede: Add driver support for 20G link speed (bsc#1110558).
- r8152: add byte_enable for ocp_read_word function (bsc#1119749).
- r8152: add Linksys USB3GIGV1 id (bsc#1119749).
- r8152: add r8153_phy_status function (bsc#1119749).
- r8152: adjust lpm settings for RTL8153 (bsc#1119749).
- r8152: adjust rtl8153_runtime_enable function (bsc#1119749).
- r8152: adjust the settings about MAC clock speed down for RTL8153 (bsc#1119749).
- r8152: adjust U2P3 for RTL8153 (bsc#1119749).
- r8152: avoid rx queue more than 1000 packets (bsc#1119749).
- r8152: check if disabling ALDPS is finished (bsc#1119749).
- r8152: correct the definition (bsc#1119749).
- r8152: disable RX aggregation on Dell TB16 dock (bsc#1119749).
- r8152: disable RX aggregation on new Dell TB16 dock (bsc#1119749).
- r8152: fix wrong checksum status for received IPv4 packets (bsc#1119749).
- r8152: move calling delay_autosuspend function (bsc#1119749).
- r8152: move the default coalesce setting for RTL8153 (bsc#1119749).
- r8152: move the initialization to reset_resume function (bsc#1119749).
- r8152: move the setting of rx aggregation (bsc#1119749).
- r8152: replace napi_complete with napi_complete_done (bsc#1119749).
- r8152: set rx mode early when linking on (bsc#1119749).
- r8152: split rtl8152_resume function (bsc#1119749).
- r8152: support new chip 8050 (bsc#1119749).
- r8152: support RTL8153B (bsc#1119749).
- rbd: whitelist RBD_FEATURE_OPERATIONS feature bit (Git-fixes).
- rcu: Allow for page faults in NMI handlers (bsc#1120092).
- rdma/bnxt_re: Add missing spin lock initialization (bsc#1050244 ).
- rdma/bnxt_re: Avoid accessing the device structure after it is freed (bsc#1050244).
- rdma/bnxt_re: Avoid NULL check after accessing the pointer (bsc#1086283).
- rdma/bnxt_re: Fix system hang when registration with L2 driver fails (bsc#1086283).
- rdma/hns: Bugfix pbl configuration for rereg mr (bsc#1104427 ).
- rdma_rxe: make rxe work over 802.1q VLAN devices (bsc#1082387).
- reset: remove remaining WARN_ON() in <linux/reset.h> (Git-fixes).
- Revert commit ef9209b642f 'staging: rtl8723bs: Fix indenting errors and an off-by-one mistake in core/rtw_mlme_ext.c' (bsc#1051510).
- Revert 'iommu/io-pgtable-arm: Check for v7s-incapable systems' (bsc#1106105).
- Revert 'PCI/ASPM: Do not initialize link state when aspm_disabled is set' (bsc#1051510).
- Revert 'scsi: lpfc: ls_rjt erroneus FLOGIs' (bsc#1119322).
- ring-buffer: Allow for rescheduling when removing pages (bsc#1120238).
- ring-buffer: Do no reuse reader page if still in use (bsc#1120096).
- ring-buffer: Mask out the info bits when returning buffer page length (bsc#1120094).
- rtc: hctosys: Add missing range error reporting (bsc#1051510).
- rtc: m41t80: Correct alarm month range with RTC reads (bsc#1051510).
- rtc: pcf2127: fix a kmemleak caused in pcf2127_i2c_gather_write (bsc#1051510).
- rtc: snvs: Add timeouts to avoid kernel lockups (bsc#1051510).
- rtl8xxxu: Fix missing break in switch (bsc#1051510).
- s390/dasd: simplify locking in dasd_times_out (bsc#1104967,).
- s390/kdump: Fix elfcorehdr size calculation (bsc#1117953, LTC#171112).
- s390/kdump: Make elfcorehdr size calculation ABI compliant (bsc#1117953, LTC#171112).
- s390/qeth: fix length check in SNMP processing (bsc#1117953, LTC#173657).
- s390/qeth: remove outdated portname debug msg (bsc#1117953, LTC#172960).
- s390/qeth: sanitize strings in debug messages (bsc#1117953, LTC#172960).
- sbitmap: fix race in wait batch accounting (Git-fixes).
- sched/core: Fix cpu.max vs. cpuhotplug deadlock (bsc#1106913).
- sched/smt: Expose sched_smt_present static key (bsc#1106913).
- sched/smt: Make sched_smt_present track topology (bsc#1106913).
- sched, tracing: Fix trace_sched_pi_setprio() for deboosting (bsc#1120228).
- scsi: lpfc: Cap NPIV vports to 256 (bsc#1118215).
- scsi: lpfc: Correct code setting non existent bits in sli4 ABORT WQE (bsc#1118215).
- scsi: lpfc: Correct topology type reporting on G7 adapters (bsc#1118215).
- scsi: lpfc: Defer LS_ACC to FLOGI on point to point logins (bsc#1118215).
- scsi: lpfc: Enable Management features for IF_TYPE=6 (bsc#1119322).
- scsi: lpfc: Fix a duplicate 0711 log message number (bsc#1118215).
- scsi: lpfc: fix block guard enablement on SLI3 adapters (bsc#1079935).
- scsi: lpfc: Fix dif and first burst use in write commands (bsc#1118215).
- scsi: lpfc: Fix discovery failures during port failovers with lots of vports (bsc#1118215).
- scsi: lpfc: Fix driver release of fw-logging buffers (bsc#1118215).
- scsi: lpfc: Fix kernel Oops due to null pring pointers (bsc#1118215).
- scsi: lpfc: Fix panic when FW-log buffsize is not initialized (bsc#1118215).
- scsi: lpfc: ls_rjt erroneus FLOGIs (bsc#1118215).
- scsi: lpfc: refactor mailbox structure context fields (bsc#1118215).
- scsi: lpfc: rport port swap discovery issue (bsc#1118215).
- scsi: lpfc: update driver version to 12.0.0.9 (bsc#1118215).
- scsi: lpfc: update manufacturer attribute to reflect Broadcom (bsc#1118215).
- scsi: target: add emulate_pr backstore attr to toggle PR support (bsc#1091405).
- scsi: target: drop unused pi_prot_format attribute storage (bsc#1091405).
- scsi: zfcp: fix posting too many status read buffers leading to adapter shutdown (bsc#1121483, LTC#174588).
- shmem: introduce shmem_inode_acct_block (VM Functionality, bsc#1121599).
- shmem: shmem_charge: verify max_block is not exceeded before inode update (VM Functionality, bsc#1121599).
- skd: Avoid that module unloading triggers a use-after-free (Git-fixes).
- skd: Submit requests to firmware before triggering the doorbell (Git-fixes).
- soc: bcm2835: sync firmware properties with downstream ()
- spi: bcm2835: Avoid finishing transfer prematurely in IRQ mode (bsc#1051510).
- spi: bcm2835: Fix book-keeping of DMA termination (bsc#1051510).
- spi: bcm2835: Fix race on DMA termination (bsc#1051510).
- spi: bcm2835: Unbreak the build of esoteric configs (bsc#1051510).
- splice: do not read more than available pipe space (bsc#1119212).
- staging: bcm2835-camera: Abort probe if there is no camera (bsc#1051510).
- staging: rtl8712: Fix possible buffer overrun (bsc#1051510).
- staging: rtl8723bs: Add missing return for cfg80211_rtw_get_station (bsc#1051510).
- staging: rts5208: fix gcc-8 logic error warning (bsc#1051510).
- staging: wilc1000: fix missing read_write setting when reading data (bsc#1051510).
- supported.conf: add raspberrypi-ts driver
- supported.conf: whitelist bluefield eMMC driver
- target/iscsi: avoid NULL dereference in CHAP auth error path (bsc#1117165).
- target: se_dev_attrib.emulate_pr ABI stability (bsc#1091405).
- team: no need to do team_notify_peers or team_mcast_rejoin when disabling port (bsc#1051510).
- termios, tty/tty_baudrate.c: fix buffer overrun (bsc#1051510).
- test_hexdump: use memcpy instead of strncpy (bsc#1051510).
- tmpfs: make lseek(SEEK_DATA/SEK_HOLE) return ENXIO with a negative offset (bsc#1051510).
- tools: hv: fcopy: set 'error' in case an unknown operation was requested (git-fixes).
- Tools: hv: Fix a bug in the key delete code (git-fixes).
- tools: hv: include string.h in hv_fcopy_daemon (git-fixes).
- tools/lib/lockdep: Rename 'trywlock' into 'trywrlock' (bsc#1121973).
- tools/power/cpupower: fix compilation with STATIC=true (git-fixes).
- tools/power turbostat: fix possible sprintf buffer overflow (git-fixes).
- tracing/blktrace: Fix to allow setting same value (Git-fixes).
- tracing: Fix bad use of igrab in trace_uprobe.c (bsc#1120046).
- tracing: Fix crash when freeing instances with event triggers (bsc#1120230).
- tracing: Fix crash when it fails to alloc ring buffer (bsc#1120097).
- tracing: Fix double free of event_trigger_data (bsc#1120234).
- tracing: Fix missing return symbol in function_graph output (bsc#1120232).
- tracing: Fix possible double free in event_enable_trigger_func() (bsc#1120235).
- tracing: Fix possible double free on failure of allocating trace buffer (bsc#1120214).
- tracing: Fix regex_match_front() to not over compare the test string (bsc#1120223).
- tracing: Fix trace_pipe behavior for instance traces (bsc#1120088).
- tracing: Remove RCU work arounds from stack tracer (bsc#1120092).
- tracing/samples: Fix creation and deletion of simple_thread_fn creation (git-fixes).
- tty: Do not hold ldisc lock in tty_reopen() if ldisc present (bsc#1051510).
- tty: Do not return -EAGAIN in blocking read (bsc#1116040).
- tty: do not set TTY_IO_ERROR flag if console port (bsc#1051510).
- tty: serial: 8250_mtk: always resume the device in probe (bsc#1051510).
- ubifs: Handle re-linking of inodes correctly while recovery (bsc#1120598).
- ubifs-Handle-re-linking-of-inodes-correctly-while-re.patch: Fixup compilation failure due to different ubifs_assert() prototype.
- udf: Allow mounting volumes with incorrect identification strings (bsc#1118774).
- unifdef: use memcpy instead of strncpy (bsc#1051510).
- usb: appledisplay: Add 27' Apple Cinema Display (bsc#1051510).
- usb: core: quirks: add RESET_RESUME quirk for Cherry G230 Stream series (bsc#1051510).
- usb: dwc2: host: use hrtimer for NAK retries (git-fixes).
- usb: hso: Fix OOB memory access in hso_probe/hso_get_config_data (bsc#1051510).
- usbip: vhci_hcd: check rhport before using in vhci_hub_control() (bsc#1090888).
- usb: omap_udc: fix crashes on probe error and module removal (bsc#1051510).
- usb: omap_udc: fix omap_udc_start() on 15xx machines (bsc#1051510).
- usb: omap_udc: fix USB gadget functionality on Palm Tungsten E (bsc#1051510).
- usb: omap_udc: use devm_request_irq() (bsc#1051510).
- usb: quirk: add no-LPM quirk on SanDisk Ultra Flair device (bsc#1051510).
- usb: serial: option: add Fibocom NL668 series (bsc#1051510).
- usb: serial: option: add GosunCn ZTE WeLink ME3630 (bsc#1051510).
- usb: serial: option: add HP lt4132 (bsc#1051510).
- usb: serial: option: add Simcom SIM7500/SIM7600 (MBIM mode) (bsc#1051510).
- usb: serial: option: add Telit LN940 series (bsc#1051510).
- usb: usbip: Fix BUG: KASAN: slab-out-of-bounds in vhci_hub_control() (bsc#1106110).
- usb: usb-storage: Add new IDs to ums-realtek (bsc#1051510).
- usb: xhci: fix uninitialized completion when USB3 port got wrong status (bsc#1051510).
- usb: xhci: Prevent bus suspend if a port connect change or polling state is detected (bsc#1051510).
- userfaultfd: clear the vma->vm_userfaultfd_ctx if UFFD_EVENT_FORK fails (bsc#1118761).
- userfaultfd: remove uffd flags from vma->vm_flags if UFFD_EVENT_FORK fails (bsc#1118809).
- v9fs_dir_readdir: fix double-free on p9stat_read error (bsc#1118771).
- vfs: Avoid softlockups in drop_pagecache_sb() (bsc#1118505).
- watchdog/core: Add missing prototypes for weak functions (git-fixes).
- wireless: airo: potential buffer overflow in sprintf() (bsc#1051510).
- wlcore: Fix the return value in case of error in 'wlcore_vendor_cmd_smart_config_start()' (bsc#1051510).
- x86/bugs: Add AMD's SPEC_CTRL MSR usage (bsc#1106913).
- x86/bugs: Fix the AMD SSBD usage of the SPEC_CTRL MSR (bsc#1106913).
- x86/bugs: Switch the selection of mitigation from CPU vendor to CPU features (bsc#1106913).
- x86/decoder: Fix and update the opcodes map (bsc#1058115).
- x86/kabi: Fix cpu_tlbstate issue (bsc#1106913).
- x86/l1tf: Show actual SMT state (bsc#1106913).
- x86/mm: Fix decoy address handling vs 32-bit builds (bsc#1120606).
- x86/pci: Add additional VMD device root ports to VMD AER quirk (bsc#1120058).
- x86/pci: Add 'pci=big_root_window' option for AMD 64-bit windows (bsc#1120058).
- x86/pci: Apply VMD's AERSID fixup generically (bsc#1120058).
- x86/pci: Avoid AMD SB7xx EHCI USB wakeup defect (bsc#1120058).
- x86/pci: Enable a 64bit BAR on AMD Family 15h (Models 00-1f, 30-3f, 60-7f) (bsc#1120058).
- x86/pci: Enable AMD 64-bit window on resume (bsc#1120058).
- x86/pci: Fix infinite loop in search for 64bit BAR placement (bsc#1120058).
- x86/pci: Move and shrink AMD 64-bit window to avoid conflict (bsc#1120058).
- x86/pci: Move VMD quirk to x86 fixups (bsc#1120058).
- x86/pci: Only enable a 64bit BAR on single-socket AMD Family 15h (bsc#1120058).
- x86/pci: Use is_vmd() rather than relying on the domain number (bsc#1120058).
- x86/process: Consolidate and simplify switch_to_xtra() code (bsc#1106913).
- x86/pti: Document fix wrong index (git-fixes).
- x86/retpoline: Make CONFIG_RETPOLINE depend on compiler support (bsc#1106913).
- x86/retpoline: Remove minimal retpoline support (bsc#1106913).
- x86/speculataion: Mark command line parser data __initdata (bsc#1106913).
- x86/speculation: Add command line control for indirect branch speculation (bsc#1106913).
- x86/speculation: Add prctl() control for indirect branch speculation (bsc#1106913).
- x86/speculation: Add seccomp Spectre v2 user space protection mode (bsc#1106913).
- x86/speculation: Apply IBPB more strictly to avoid cross-process data leak (bsc#1106913).
- x86/speculation: Avoid __switch_to_xtra() calls (bsc#1106913).
- x86/speculation: Clean up spectre_v2_parse_cmdline() (bsc#1106913).
- x86/speculation: Disable STIBP when enhanced IBRS is in use (bsc#1106913).
- x86/speculation: Enable cross-hyperthread spectre v2 STIBP mitigation (bsc#1106913).
- x86/speculation: Enable prctl mode for spectre_v2_user (bsc#1106913).
- x86/speculation/l1tf: Drop the swap storage limit restriction when l1tf=off (bnc#1114871).
- x86/speculation: Mark string arrays const correctly (bsc#1106913).
- x86/speculation: Move STIPB/IBPB string conditionals out of cpu_show_common() (bsc#1106913).
- x86/speculation: Prepare arch_smt_update() for PRCTL mode (bsc#1106913).
- x86/speculation: Prepare for conditional IBPB in switch_mm() (bsc#1106913).
- x86/speculation: Prepare for per task indirect branch speculation control (bsc#1106913).
- x86/speculation: Prevent stale SPEC_CTRL msr content (bsc#1106913).
- x86/speculation: Propagate information about RSB filling mitigation to sysfs (bsc#1106913).
- x86/speculation: Provide IBPB always command line options (bsc#1106913).
- x86/speculation: Remove unnecessary ret variable in cpu_show_common() (bsc#1106913).
- x86/speculation: Rename SSBD update functions (bsc#1106913).
- x86/speculation: Reorder the spec_v2 code (bsc#1106913).
- x86/speculation: Reorganize speculation control MSRs update (bsc#1106913).
- x86/speculation: Rework SMT state change (bsc#1106913).
- x86/speculation: Split out TIF update (bsc#1106913).
- x86/speculation: Unify conditional spectre v2 print functions (bsc#1106913).
- x86/speculation: Update the TIF_SSBD comment (bsc#1106913).
- xen/netfront: tolerate frags with no data (bnc#1119804).
- xfs: Align compat attrlist_by_handle with native implementation (git-fixes).
- xfs: fix quotacheck dquot id overflow infinite loop (bsc#1121621).
- xfs: Fix xqmstats offsets in /proc/fs/xfs/xqmstat (git-fixes).
- xfs: xfs_buf: drop useless LIST_HEAD (git-fixes).
- xhci: Add quirk to workaround the errata seen on Cavium Thunder-X2 Soc (bsc#1117162).
- xhci: Do not prevent USB2 bus suspend in state check intended for USB3 only (bsc#1051510).
- xhci: Prevent U1/U2 link pm states if exit latency is too long (bsc#1051510).
Patchnames
SUSE-2019-196,SUSE-SLE-DESKTOP-12-SP4-2019-196,SUSE-SLE-HA-12-SP4-2019-196,SUSE-SLE-Live-Patching-12-SP4-2019-196,SUSE-SLE-SDK-12-SP4-2019-196,SUSE-SLE-SERVER-12-SP4-2019-196,SUSE-SLE-WE-12-SP4-2019-196
Terms of use
CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).
{
"document": {
"aggregate_severity": {
"namespace": "https://www.suse.com/support/security/rating/",
"text": "important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright 2024 SUSE LLC. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "Security update for the Linux Kernel",
"title": "Title of the patch"
},
{
"category": "description",
"text": "\n\nThe SUSE Linux Enterprise 12 SP4 kernel was updated to receive various security and bugfixes.\n\nThe following security bugs were fixed:\n\n- CVE-2018-9568: In sk_clone_lock of sock.c, there is a possible memory corruption due to type confusion. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation. (bnc#1118319).\n- CVE-2018-12232: In net/socket.c in the there is a race condition between fchownat and close in cases where they target the same socket file descriptor, related to the sock_close and sockfs_setattr functions. fchownat did not increment the file descriptor reference count, which allowed close to set the socket to NULL during fchownat\u0027s execution, leading to a NULL pointer dereference and system crash (bnc#1097593).\n- CVE-2018-14625: A flaw was found where an attacker may be able to have an uncontrolled read to kernel-memory from within a vm guest. A race condition between connect() and close() function may allow an attacker using the AF_VSOCK protocol to gather a 4 byte information leak or possibly intercept or corrupt AF_VSOCK messages destined to other clients (bnc#1106615).\n- CVE-2018-16862: A security flaw was found in a way that the cleancache subsystem clears an inode after the final file truncation (removal). The new file created with the same inode may contain leftover pages from cleancache and the old file data instead of the new one (bnc#1117186).\n- CVE-2018-16884: NFS41+ shares mounted in different network namespaces at the same time can make bc_svc_process() use wrong back-channel IDs and cause a use-after-free vulnerability. Thus a malicious container user can cause a host kernel memory corruption and a system panic. Due to the nature of the flaw, privilege escalation cannot be fully ruled out (bnc#1119946).\n- CVE-2018-18397: The userfaultfd implementation mishandled access control for certain UFFDIO_ ioctl calls, as demonstrated by allowing local users to write data into holes in a tmpfs file (if the user has read-only access to that file, and that file contains holes), related to fs/userfaultfd.c and mm/userfaultfd.c (bnc#1117656).\n- CVE-2018-19407: The vcpu_scan_ioapic function in arch/x86/kvm/x86.c allowed local users to cause a denial of service (NULL pointer dereference and BUG) via crafted system calls that reach a situation where ioapic is uninitialized (bnc#1116841).\n- CVE-2018-19854: An issue was discovered in the crypto_report_one() and related functions in crypto/crypto_user.c (the crypto user configuration API) do not fully initialize structures that are copied to userspace, potentially leaking sensitive memory to user programs. NOTE: this is a CVE-2013-2547 regression but with easier exploitability because the attacker did not need a capability (however, the system must have the CONFIG_CRYPTO_USER kconfig option) (bnc#1118428).\n- CVE-2018-19985: The function hso_probe read if_num from the USB device (as an u8) and used it without a length check to index an array, resulting in an OOB memory read in hso_probe or hso_get_config_data that could be used by local attackers (bnc#1120743).\n- CVE-2018-20169: The USB subsystem mishandled size checks during the reading of an extra descriptor, related to __usb_get_extra_descriptor in drivers/usb/core/usb.c (bnc#1119714).\n\nThe following non-security bugs were fixed:\n\n- acpi / CPPC: Check for valid PCC subspace only if PCC is used (bsc#1117115).\n- acpi / CPPC: Update all pr_(debug/err) messages to log the susbspace id (bsc#1117115).\n- aio: fix spectre gadget in lookup_ioctx (bsc#1120594).\n- alsa: cs46xx: Potential NULL dereference in probe (bsc#1051510).\n- alsa: emu10k1: Fix potential Spectre v1 vulnerabilities (bsc#1051510).\n- alsa: emux: Fix potential Spectre v1 vulnerabilities (bsc#1051510).\n- alsa: fireface: fix for state to fetch PCM frames (bsc#1051510).\n- alsa: fireface: fix reference to wrong register for clock configuration (bsc#1051510).\n- alsa: firewire-lib: fix wrong assignment for \u0027out_packet_without_header\u0027 tracepoint (bsc#1051510).\n- alsa: firewire-lib: fix wrong handling payload_length as payload_quadlet (bsc#1051510).\n- alsa: firewire-lib: use the same print format for \u0027without_header\u0027 tracepoints (bsc#1051510).\n- alsa: hda: add mute LED support for HP EliteBook 840 G4 (bsc#1051510).\n- alsa: hda: Add support for AMD Stoney Ridge (bsc#1051510).\n- alsa: hda/ca0132 - make pci_iounmap() call conditional (bsc#1051510).\n- alsa: hda: fix front speakers on Huawei MBXP (bsc#1051510).\n- alsa: hda/realtek - Add support for Acer Aspire C24-860 headset mic (bsc#1051510).\n- alsa: hda/realtek - Add unplug function into unplug state of Headset Mode for ALC225 (bsc#1051510).\n- alsa: hda/realtek: ALC286 mic and headset-mode fixups for Acer Aspire U27-880 (bsc#1051510).\n- alsa: hda/realtek: ALC294 mic and headset-mode fixups for ASUS X542UN (bsc#1051510).\n- alsa: hda/realtek - Disable headset Mic VREF for headset mode of ALC225 (bsc#1051510).\n- alsa: hda/realtek: Enable audio jacks of ASUS UX391UA with ALC294 (bsc#1051510).\n- alsa: hda/realtek: Enable audio jacks of ASUS UX433FN/UX333FA with ALC294 (bsc#1051510).\n- alsa: hda/realtek: Enable audio jacks of ASUS UX533FD with ALC294 (bsc#1051510).\n- alsa: hda/realtek: Enable the headset mic auto detection for ASUS laptops (bsc#1051510).\n- alsa: hda/realtek - Fixed headphone issue for ALC700 (bsc#1051510).\n- alsa: hda/realtek: Fix mic issue on Acer AIO Veriton Z4660G (bsc#1051510).\n- alsa: hda/realtek: Fix mic issue on Acer AIO Veriton Z4860G/Z6860G (bsc#1051510).\n- alsa: hda/realtek - Fix speaker output regression on Thinkpad T570 (bsc#1051510).\n- alsa: hda/realtek - Fix the mute LED regresion on Lenovo X1 Carbon (bsc#1051510).\n- alsa: hda/realtek - Support Dell headset mode for New AIO platform (bsc#1051510).\n- alsa: hda/tegra: clear pending irq handlers (bsc#1051510).\n- alsa: pcm: Call snd_pcm_unlink() conditionally at closing (bsc#1051510).\n- alsa: pcm: Fix interval evaluation with openmin/max (bsc#1051510).\n- alsa: pcm: Fix potential Spectre v1 vulnerability (bsc#1051510).\n- alsa: pcm: Fix starvation on down_write_nonblock() (bsc#1051510).\n- alsa: rme9652: Fix potential Spectre v1 vulnerability (bsc#1051510).\n- alsa: trident: Suppress gcc string warning (bsc#1051510).\n- alsa: usb-audio: Add SMSL D1 to quirks for native DSD support (bsc#1051510).\n- alsa: usb-audio: Add support for Encore mDSD USB DAC (bsc#1051510).\n- alsa: usb-audio: Avoid access before bLength check in build_audio_procunit() (bsc#1051510).\n- alsa: usb-audio: Fix an out-of-bound read in create_composite_quirks (bsc#1051510).\n- alsa: x86: Fix runtime PM for hdmi-lpe-audio (bsc#1051510).\n- apparmor: do not try to replace stale label in ptrace access check (git-fixes).\n- apparmor: do not try to replace stale label in ptraceme check (git-fixes).\n- apparmor: Fix uninitialized value in aa_split_fqname (git-fixes).\n- arm64: Add work around for Arm Cortex-A55 Erratum 1024718 (bsc#1120612).\n- arm64: atomics: Remove \u0027\u0026\u0027 from \u0027+\u0026\u0027 asm constraint in lse atomics (bsc#1120613).\n- arm64: cpu_errata: include required headers (bsc#1120615).\n- arm64: dma-mapping: Fix FORCE_CONTIGUOUS buffer clearing (bsc#1120633).\n- arm64: Fix /proc/iomem for reserved but not memory regions (bsc#1120632).\n- arm64: lse: Add early clobbers to some input/output asm operands (bsc#1120614).\n- arm64: lse: remove -fcall-used-x0 flag (bsc#1120618).\n- arm64: mm: always enable CONFIG_HOLES_IN_ZONE (bsc#1120617).\n- arm64/numa: Report correct memblock range for the dummy node (bsc#1120620).\n- arm64/numa: Unify common error path in numa_init() (bsc#1120621).\n- arm64: remove no-op -p linker flag (bsc#1120616).\n- ASoC: dapm: Recalculate audio map forcely when card instantiated (bsc#1051510).\n- ASoC: intel: cht_bsw_max98090_ti: Add pmc_plt_clk_0 quirk for Chromebook Clapper (bsc#1051510).\n- ASoC: intel: cht_bsw_max98090_ti: Add pmc_plt_clk_0 quirk for Chromebook Gnawty (bsc#1051510).\n- ASoC: Intel: mrfld: fix uninitialized variable access (bsc#1051510).\n- ASoC: omap-abe-twl6040: Fix missing audio card caused by deferred probing (bsc#1051510).\n- ASoC: omap-dmic: Add pm_qos handling to avoid overruns with CPU_IDLE (bsc#1051510).\n- ASoC: omap-mcbsp: Fix latency value calculation for pm_qos (bsc#1051510).\n- ASoC: omap-mcpdm: Add pm_qos handling to avoid under/overruns with CPU_IDLE (bsc#1051510).\n- ASoC: rsnd: fixup clock start checker (bsc#1051510).\n- ASoC: wm_adsp: Fix dma-unsafe read of scratch registers (bsc#1051510).\n- ath10k: do not assume this is a PCI dev in generic code (bsc#1051510).\n- ath6kl: Only use match sets when firmware supports it (bsc#1051510).\n- b43: Fix error in cordic routine (bsc#1051510).\n- bcache: fix miss key refill-\u003eend in writeback (Git-fixes).\n- bcache: trace missed reading by cache_missed (Git-fixes).\n- Blacklist 5182f26f6f74 crypto: ccp - Make function sev_get_firmware() static\n- blk-mq: remove synchronize_rcu() from blk_mq_del_queue_tag_set() (Git-fixes).\n- block: allow max_discard_segments to be stacked (Git-fixes).\n- block: blk_init_allocated_queue() set q-\u003efq as NULL in the fail case (Git-fixes).\n- block: really disable runtime-pm for blk-mq (Git-fixes).\n- block: reset bi_iter.bi_done after splitting bio (Git-fixes).\n- block/swim: Fix array bounds check (Git-fixes).\n- bnxt_en: do not try to offload VLAN \u0027modify\u0027 action (bsc#1050242 ).\n- bnxt_en: Fix enables field in HWRM_QUEUE_COS2BW_CFG request (bsc#1086282).\n- bnxt_en: Fix VNIC reservations on the PF (bsc#1086282 ).\n- bnxt_en: get the reduced max_irqs by the ones used by RDMA (bsc#1050242).\n- bpf: fix check of allowed specifiers in bpf_trace_printk (bsc#1083647).\n- bpf: use per htab salt for bucket hash (git-fixes).\n- btrfs: Always try all copies when reading extent buffers (git-fixes).\n- btrfs: delete dead code in btrfs_orphan_add() (bsc#1111469).\n- btrfs: delete dead code in btrfs_orphan_commit_root() (bsc#1111469).\n- btrfs: do not BUG_ON() in btrfs_truncate_inode_items() (bsc#1111469).\n- btrfs: do not check inode\u0027s runtime flags under root-\u003eorphan_lock (bsc#1111469).\n- btrfs: do not return ino to ino cache if inode item removal fails (bsc#1111469).\n- btrfs: fix ENOSPC caused by orphan items reservations (bsc#1111469).\n- btrfs: Fix error handling in btrfs_cleanup_ordered_extents (git-fixes).\n- btrfs: fix error handling in btrfs_truncate() (bsc#1111469).\n- btrfs: fix error handling in btrfs_truncate_inode_items() (bsc#1111469).\n- btrfs: fix fsync of files with multiple hard links in new directories (1120173).\n- btrfs: Fix memory barriers usage with device stats counters (git-fixes).\n- btrfs: fix use-after-free on root-\u003eorphan_block_rsv (bsc#1111469).\n- btrfs: get rid of BTRFS_INODE_HAS_ORPHAN_ITEM (bsc#1111469).\n- btrfs: get rid of unused orphan infrastructure (bsc#1111469).\n- btrfs: move btrfs_truncate_block out of trans handle (bsc#1111469).\n- btrfs: qgroup: Dirty all qgroups before rescan (bsc#1120036).\n- btrfs: refactor btrfs_evict_inode() reserve refill dance (bsc#1111469).\n- btrfs: renumber BTRFS_INODE_ runtime flags and switch to enums (bsc#1111469).\n- btrfs: reserve space for O_TMPFILE orphan item deletion (bsc#1111469).\n- btrfs: run delayed items before dropping the snapshot (bsc#1121263, bsc#1111188).\n- btrfs: stop creating orphan items for truncate (bsc#1111469).\n- btrfs: tree-checker: Do not check max block group size as current max chunk size limit is unreliable (fixes for bsc#1102882, bsc#1102896, bsc#1102879, bsc#1102877, bsc#1102875).\n- btrfs: update stale comments referencing vmtruncate() (bsc#1111469).\n- can: flexcan: flexcan_irq(): fix indention (bsc#1051510).\n- cdrom: do not attempt to fiddle with cdo-\u003ecapability (bsc#1051510).\n- ceph: do not update importing cap\u0027s mseq when handing cap export (bsc#1121273).\n- char_dev: extend dynamic allocation of majors into a higher range (bsc#1121058).\n- char_dev: Fix off-by-one bugs in find_dynamic_major() (bsc#1121058).\n- clk: mmp: Off by one in mmp_clk_add() (bsc#1051510).\n- clk: mvebu: Off by one bugs in cp110_of_clk_get() (bsc#1051510).\n- compiler-gcc.h: Add __attribute__((gnu_inline)) to all inline declarations (git-fixes).\n- config: arm64: enable erratum 1024718\n- cpufeature: avoid warning when compiling with clang (Git-fixes).\n- cpufreq / CPPC: Add cpuinfo_cur_freq support for CPPC (bsc#1117115).\n- cpufreq: CPPC: fix build in absence of v3 support (bsc#1117115).\n- cpupower: remove stringop-truncation waring (git-fixes).\n- crypto: bcm - fix normal/non key hash algorithm failure (bsc#1051510).\n- crypto: ccp - Add DOWNLOAD_FIRMWARE SEV command ().\n- crypto: ccp - Add GET_ID SEV command ().\n- crypto: ccp - Add psp enabled message when initialization succeeds ().\n- crypto: ccp - Add support for new CCP/PSP device ID ().\n- crypto: ccp - Allow SEV firmware to be chosen based on Family and Model ().\n- crypto: ccp - Fix static checker warning ().\n- crypto: ccp - Remove unused #defines ().\n- crypto: ccp - Support register differences between PSP devices ().\n- dasd: fix deadlock in dasd_times_out (bsc#1121477, LTC#174111).\n- dax: Check page-\u003emapping isn\u0027t NULL (bsc#1120054).\n- dax: Do not access a freed inode (bsc#1120055).\n- device property: Define type of PROPERTY_ENRTY_*() macros (bsc#1051510).\n- device property: fix fwnode_graph_get_next_endpoint() documentation (bsc#1051510).\n- disable stringop truncation warnings for now (git-fixes).\n- dm: allocate struct mapped_device with kvzalloc (Git-fixes).\n- dm cache: destroy migration_cache if cache target registration failed (Git-fixes).\n- dm cache: fix resize crash if user does not reload cache table (Git-fixes).\n- dm cache metadata: ignore hints array being too small during resize (Git-fixes).\n- dm cache metadata: save in-core policy_hint_size to on-disk superblock (Git-fixes).\n- dm cache metadata: set dirty on all cache blocks after a crash (Git-fixes).\n- dm cache: only allow a single io_mode cache feature to be requested (Git-fixes).\n- dm crypt: do not decrease device limits (Git-fixes).\n- dm: fix report zone remapping to account for partition offset (Git-fixes).\n- dm integrity: change \u0027suspending\u0027 variable from bool to int (Git-fixes).\n- dm ioctl: harden copy_params()\u0027s copy_from_user() from malicious users (Git-fixes).\n- dm linear: eliminate linear_end_io call if CONFIG_DM_ZONED disabled (Git-fixes).\n- dm linear: fix linear_end_io conditional definition (Git-fixes).\n- dm thin: handle running out of data space vs concurrent discard (Git-fixes).\n- dm thin metadata: remove needless work from __commit_transaction (Git-fixes).\n- dm thin: stop no_space_timeout worker when switching to write-mode (Git-fixes).\n- dm writecache: fix a crash due to reading past end of dirty_bitmap (Git-fixes).\n- dm writecache: report start_sector in status line (Git-fixes).\n- dm zoned: fix metadata block ref counting (Git-fixes).\n- dm zoned: fix various dmz_get_mblock() issues (Git-fixes).\n- doc/README.SUSE: correct GIT url No more gitorious, github we use.\n- drivers/net/usb: add device id for TP-LINK UE300 USB 3.0 Ethernet (bsc#1119749).\n- drivers/net/usb/r8152: remove the unneeded variable \u0027ret\u0027 in rtl8152_system_suspend (bsc#1119749).\n- drivers/tty: add missing of_node_put() (bsc#1051510).\n- drm/amdgpu/gmc8: update MC firmware for polaris (bsc#1113722)\n- drm/amdgpu: update mc firmware image for polaris12 variants (bsc#1113722)\n- drm/amdgpu: update SMC firmware image for polaris10 variants (bsc#1113722)\n- drm/fb-helper: Ignore the value of fb_var_screeninfo.pixclock (bsc#1113722)\n- drm/i915/execlists: Apply a full mb before execution for Braswell (bsc#1113722)\n- drm/ioctl: Fix Spectre v1 vulnerabilities (bsc#1113722)\n- drm/nouveau/kms: Fix memory leak in nv50_mstm_del() (bsc#1113722)\n- drm: rcar-du: Fix external clock error checks (bsc#1113722)\n- drm: rcar-du: Fix vblank initialization (bsc#1113722)\n- drm/rockchip: psr: do not dereference encoder before it is null (bsc#1113722)\n- drm: set is_master to 0 upon drm_new_set_master() failure (bsc#1113722)\n- drm/vc4: Set -\u003eis_yuv to false when num_planes == 1 (bsc#1113722)\n- drm/vc4: -\u003ex_scaling[1] should never be set to VC4_SCALING_NONE (bsc#1113722)\n- dt-bindings: add compatible string for Allwinner V3s SoC (git-fixes).\n- dt-bindings: arm: Document SoC compatible value for Armadillo-800 EVA (git-fixes).\n- dt-bindings: clock: add rk3399 DDR3 standard speed bins (git-fixes).\n- dt-bindings: clock: mediatek: add binding for fixed-factor clock axisel_d4 (git-fixes).\n- dt-bindings: iio: update STM32 timers clock names (git-fixes).\n- dt-bindings: mfd: axp20x: Add AXP806 to supported list of chips (git-fixes).\n- dt-bindings: net: Remove duplicate NSP Ethernet MAC binding document (git-fixes).\n- dt-bindings: panel: lvds: Fix path to display timing bindings (git-fixes).\n- dt-bindings: phy: sun4i-usb-phy: Add property descriptions for H3 (git-fixes).\n- dt-bindings: pwm: renesas: tpu: Fix \u0027compatible\u0027 prop description (git-fixes).\n- dt-bindings: pwm: Update STM32 timers clock names (git-fixes).\n- dt-bindings: rcar-dmac: Document missing error interrupt (git-fixes).\n- efi: Move some sysfs files to be read-only by root (bsc#1051510).\n- ethernet: fman: fix wrong of_node_put() in probe function (bsc#1119017).\n- exportfs: fix \u0027passing zero to ERR_PTR()\u0027 warning (bsc#1118773).\n- ext2: fix potential use after free (bsc#1118775).\n- ext4: avoid possible double brelse() in add_new_gdb() on error path (bsc#1118760).\n- ext4: fix EXT4_IOC_GROUP_ADD ioctl (bsc#1120604).\n- ext4: fix possible use after free in ext4_quota_enable (bsc#1120602).\n- ext4: missing unlock/put_page() in ext4_try_to_write_inline_data() (bsc#1120603).\n- extable: Consolidate *kernel_text_address() functions (bsc#1120092).\n- extable: Enable RCU if it is not watching in kernel_text_address() (bsc#1120092).\n- fbdev: fbcon: Fix unregister crash when more than one framebuffer (bsc#1113722)\n- fbdev: fbmem: behave better with small rotated displays and many CPUs (bsc#1113722)\n- filesystem-dax: Fix dax_layout_busy_page() livelock (bsc#1118787).\n- firmware: add firmware_request_nowarn() - load firmware without warnings ().\n- Fix tracing sample code warning (git-fixes).\n- fscache: Fix race in fscache_op_complete() due to split atomic_sub \u0026 read (Git-fixes).\n- fscache: Pass the correct cancelled indications to fscache_op_complete() (Git-fixes).\n- fs: fix lost error code in dio_complete (bsc#1118762).\n- fs/xfs: Use %pS printk format for direct addresses (git-fixes).\n- fuse: fix blocked_waitq wakeup (git-fixes).\n- fuse: fix leaked notify reply (git-fixes).\n- fuse: fix possibly missed wake-up after abort (git-fixes).\n- fuse: Fix use-after-free in fuse_dev_do_read() (git-fixes).\n- fuse: Fix use-after-free in fuse_dev_do_write() (git-fixes).\n- fuse: fix use-after-free in fuse_direct_IO() (git-fixes).\n- fuse: set FR_SENT while locked (git-fixes).\n- gcc-plugins: Add include required by GCC release 8 (git-fixes).\n- gcc-plugins: Use dynamic initializers (git-fixes).\n- gfs2: Do not leave s_fs_info pointing to freed memory in init_sbd (bsc#1118769).\n- gfs2: Fix loop in gfs2_rbm_find (bsc#1120601).\n- gfs2: Get rid of potential double-freeing in gfs2_create_inode (bsc#1120600).\n- gfs2_meta: -\u003emount() can get NULL dev_name (bsc#1118768).\n- gfs2: Put bitmap buffers in put_super (bsc#1118772).\n- gpio: davinci: Remove unused member of davinci_gpio_controller (git-fixes).\n- gpiolib-acpi: Only defer request_irq for GpioInt ACPI event handlers (bsc#1051510).\n- gpiolib: Fix return value of gpio_to_desc() stub if !GPIOLIB (bsc#1051510).\n- gpio: max7301: fix driver for use with CONFIG_VMAP_STACK (bsc#1051510).\n- gpio: mvebu: only fail on missing clk if pwm is actually to be used (bsc#1051510).\n- hid: Add quirk for Primax PIXART OEM mice (bsc#1119410).\n- hid: input: Ignore battery reported by Symbol DS4308 (bsc#1051510).\n- hid: multitouch: Add pointstick support for Cirque Touchpad (bsc#1051510).\n- hwpoison, memory_hotplug: allow hwpoisoned pages to be offlined (bnc#1116336).\n- i2c: axxia: properly handle master timeout (bsc#1051510).\n- i2c: scmi: Fix probe error on devices with an empty SMB0001 ACPI device node (bsc#1051510).\n- ib/hfi1: Add mtu check for operational data VLs (bsc#1060463 ).\n- ibmvnic: Convert reset work item mutex to spin lock ().\n- ibmvnic: Fix non-atomic memory allocation in IRQ context ().\n- ib/rxe: support for 802.1q VLAN on the listener (bsc#1082387).\n- ieee802154: 6lowpan: set IFLA_LINK (bsc#1051510).\n- ieee802154: at86rf230: switch from BUG_ON() to WARN_ON() on problem (bsc#1051510).\n- ieee802154: at86rf230: use __func__ macro for debug messages (bsc#1051510).\n- ieee802154: fakelb: switch from BUG_ON() to WARN_ON() on problem (bsc#1051510).\n- Include modules.fips in kernel-binary as well as kernel-binary-base ().\n- initramfs: fix initramfs rebuilds w/ compression after disabling (git-fixes).\n- Input: add official Raspberry Pi\u0027s touchscreen driver ().\n- Input: cros_ec_keyb - fix button/switch capability reports (bsc#1051510).\n- Input: elan_i2c - add ACPI ID for Lenovo IdeaPad 330-15ARR (bsc#1051510).\n- Input: elan_i2c - add ELAN0620 to the ACPI table (bsc#1051510).\n- Input: elan_i2c - add support for ELAN0621 touchpad (bsc#1051510).\n- Input: hyper-v - fix wakeup from suspend-to-idle (bsc#1051510).\n- Input: matrix_keypad - check for errors from of_get_named_gpio() (bsc#1051510).\n- Input: nomadik-ske-keypad - fix a loop timeout test (bsc#1051510).\n- Input: omap-keypad - fix keyboard debounce configuration (bsc#1051510).\n- Input: synaptics - add PNP ID for ThinkPad P50 to SMBus (bsc#1051510).\n- Input: synaptics - enable SMBus for HP 15-ay000 (bsc#1051510).\n- Input: xpad - quirk all PDP Xbox One gamepads (bsc#1051510).\n- integrity/security: fix digsig.c build error with header file (bsc#1051510).\n- intel_th: msu: Fix an off-by-one in attribute store (bsc#1051510).\n- iommu/amd: Fix amd_iommu=force_isolation (bsc#1106105).\n- iommu/vt-d: Handle domain agaw being less than iommu agaw (bsc#1106105).\n- iwlwifi: add new cards for 9560, 9462, 9461 and killer series (bsc#1051510).\n- iwlwifi: fix LED command capability bit (bsc#1119086).\n- iwlwifi: fix non_shared_ant for 22000 devices (bsc#1119086).\n- iwlwifi: fix wrong WGDS_WIFI_DATA_SIZE (bsc#1119086).\n- iwlwifi: mvm: do not send GEO_TX_POWER_LIMIT to old firmwares (bsc#1119086).\n- iwlwifi: nvm: get num of hw addresses from firmware (bsc#1119086).\n- iwlwifi: pcie: do not reset TXQ write pointer (bsc#1051510).\n- jffs2: free jffs2_sb_info through jffs2_kill_sb() (bsc#1118767).\n- jump_label: Split out code under the hotplug lock (bsc#1106913).\n- kabi: hwpoison, memory_hotplug: allow hwpoisoned pages to be offlined (bnc#1116336).\n- kabi protect hnae_ae_ops (bsc#1104353).\n- kbuild: allow to use GCC toolchain not in Clang search path (git-fixes).\n- kbuild: fix linker feature test macros when cross compiling with Clang (git-fixes).\n- kbuild: make missing $DEPMOD a Warning instead of an Error (git-fixes).\n- kbuild: rpm-pkg: keep spec file until make mrproper (git-fixes).\n- kbuild: suppress packed-not-aligned warning for default setting only (git-fixes).\n- kbuild: verify that $DEPMOD is installed (git-fixes).\n- kdb: use memmove instead of overlapping memcpy (bsc#1120954).\n- kernfs: Replace strncpy with memcpy (bsc#1120053).\n- keys: Fix the use of the C++ keyword \u0027private\u0027 in uapi/linux/keyctl.h (Git-fixes).\n- kobject: Replace strncpy with memcpy (git-fixes).\n- kprobes: Make list and blacklist root user read only (git-fixes).\n- kvm: PPC: Book3S PR: Enable use on POWER9 inside HPT-mode guests (bsc#1118484).\n- libata: whitelist all SAMSUNG MZ7KM* solid-state disks (bsc#1051510).\n- libertas_tf: prevent underflow in process_cmdrequest() (bsc#1119086).\n- libnvdimm, pfn: Pad pfn namespaces relative to other regions (bsc#1118962).\n- libnvdimm, pmem: Fix badblocks population for \u0027raw\u0027 namespaces (bsc#1118788).\n- lib/raid6: Fix arm64 test build (bsc#1051510).\n- lib/ubsan.c: do not mark __ubsan_handle_builtin_unreachable as noreturn (bsc#1051510).\n- Limit max FW API version for QCA9377 (bsc#1121714, bsc#1121715).\n- linux/bitmap.h: fix type of nbits in bitmap_shift_right() (bsc#1051510).\n- locking/barriers: Convert users of lockless_dereference() to READ_ONCE() (Git-fixes).\n- locking/static_keys: Improve uninitialized key warning (bsc#1106913).\n- mac80211: Clear beacon_int in ieee80211_do_stop (bsc#1051510).\n- mac80211: fix reordering of buffered broadcast packets (bsc#1051510).\n- mac80211_hwsim: fix module init error paths for netlink (bsc#1051510).\n- mac80211_hwsim: Timer should be initialized before device registered (bsc#1051510).\n- mac80211: ignore NullFunc frames in the duplicate detection (bsc#1051510).\n- mac80211: ignore tx status for PS stations in ieee80211_tx_status_ext (bsc#1051510).\n- Mark HI and TASKLET softirq synchronous (git-fixes).\n- md: fix raid10 hang issue caused by barrier (git-fixes).\n- media: em28xx: Fix use-after-free when disconnecting (bsc#1051510).\n- media: em28xx: make v4l2-compliance happier by starting sequence on zero (bsc#1051510).\n- media: omap3isp: Unregister media device as first (bsc#1051510).\n- mmc: bcm2835: reset host on timeout (bsc#1051510).\n- mmc: core: Allow BKOPS and CACHE ctrl even if no HPI support (bsc#1051510).\n- mmc: core: Reset HPI enabled state during re-init and in case of errors (bsc#1051510).\n- mmc: core: Use a minimum 1600ms timeout when enabling CACHE ctrl (bsc#1051510).\n- mmc: dw_mmc-bluefield: Add driver extension (bsc#1118752).\n- mmc: dw_mmc-k3: add sd support for hi3660 (bsc#1118752).\n- MMC: OMAP: fix broken MMC on OMAP15XX/OMAP5910/OMAP310 (bsc#1051510).\n- mmc: omap_hsmmc: fix DMA API warning (bsc#1051510).\n- mmc: sdhci: fix the timeout check window for clock and reset (bsc#1051510).\n- mm: do not miss the last page because of round-off error (bnc#1118798).\n- mm: do not warn about large allocations for slab (git fixes (slab)).\n- mm/huge_memory.c: reorder operations in __split_huge_page_tail() (VM Functionality bsc#1119962).\n- mm/huge_memory: fix lockdep complaint on 32-bit i_size_read() (VM Functionality, bsc#1121599).\n- mm/huge_memory: rename freeze_page() to unmap_page() (VM Functionality, bsc#1121599).\n- mm/huge_memory: splitting set mapping+index before unfreeze (VM Functionality, bsc#1121599).\n- mm: hugetlb: yield when prepping struct pages (git fixes (memory initialisation)).\n- mm/khugepaged: collapse_shmem() do not crash on Compound (VM Functionality, bsc#1121599).\n- mm/khugepaged: collapse_shmem() remember to clear holes (VM Functionality, bsc#1121599).\n- mm/khugepaged: collapse_shmem() stop if punched or truncated (VM Functionality, bsc#1121599).\n- mm/khugepaged: collapse_shmem() without freezing new_page (VM Functionality, bsc#1121599).\n- mm/khugepaged: fix crashes due to misaccounted holes (VM Functionality, bsc#1121599).\n- mm/khugepaged: minor reorderings in collapse_shmem() (VM Functionality, bsc#1121599).\n- mm: lower the printk loglevel for __dump_page messages (generic hotplug debugability).\n- mm, memory_hotplug: be more verbose for memory offline failures (generic hotplug debugability).\n- mm, memory_hotplug: drop pointless block alignment checks from __offline_pages (generic hotplug debugability).\n- mm, memory_hotplug: print reason for the offlining failure (generic hotplug debugability).\n- mm: migration: fix migration of huge PMD shared pages (bnc#1086423).\n- mm: only report isolation failures when offlining memory (generic hotplug debugability).\n- mm: print more information about mapping in __dump_page (generic hotplug debugability).\n- mm: put_and_wait_on_page_locked() while page is migrated (bnc#1109272).\n- mm: sections are not offlined during memory hotremove (bnc#1119968).\n- mm: shmem.c: Correctly annotate new inodes for lockdep (Git fixes: shmem).\n- mm/vmstat.c: fix NUMA statistics updates (git fixes).\n- Move dell_rbu fix to sorted section (bsc#1087978).\n- mtd: cfi: convert inline functions to macros (git-fixes).\n- mtd: Fix comparison in map_word_andequal() (git-fixes).\n- namei: allow restricted O_CREAT of FIFOs and regular files (bsc#1118766).\n- nbd: do not allow invalid blocksize settings (Git-fixes).\n- net: bgmac: Fix endian access in bgmac_dma_tx_ring_free() (bsc#1051510).\n- net: dsa: mv88e6xxx: Fix binding documentation for MDIO busses (git-fixes).\n- net: dsa: qca8k: Add QCA8334 binding documentation (git-fixes).\n- net: ena: fix crash during ena_remove() (bsc#1111696 bsc#1117561).\n- net: ena: update driver version from 2.0.1 to 2.0.2 (bsc#1111696 bsc#1117561).\n- net: hns3: Add nic state check before calling netif_tx_wake_queue (bsc#1104353).\n- net: hns3: Add support for hns3_nic_netdev_ops.ndo_do_ioctl (bsc#1104353).\n- net: hns3: bugfix for buffer not free problem during resetting (bsc#1104353).\n- net: hns3: bugfix for handling mailbox while the command queue reinitialized (bsc#1104353).\n- net: hns3: bugfix for hclge_mdio_write and hclge_mdio_read (bsc#1104353).\n- net: hns3: bugfix for is_valid_csq_clean_head() (bsc#1104353 ).\n- net: hns3: bugfix for reporting unknown vector0 interrupt repeatly problem (bsc#1104353).\n- net: hns3: bugfix for rtnl_lock\u0027s range in the hclgevf_reset() (bsc#1104353).\n- net: hns3: bugfix for the initialization of command queue\u0027s spin lock (bsc#1104353).\n- net: hns3: Check hdev state when getting link status (bsc#1104353).\n- net: hns3: Clear client pointer when initialize client failed or unintialize finished (bsc#1104353).\n- net: hns3: Fix cmdq registers initialization issue for vf (bsc#1104353).\n- net: hns3: Fix error of checking used vlan id (bsc#1104353 ).\n- net: hns3: Fix ets validate issue (bsc#1104353).\n- net: hns3: Fix for netdev not up problem when setting mtu (bsc#1104353).\n- net: hns3: Fix for out-of-bounds access when setting pfc back pressure (bsc#1104353).\n- net: hns3: Fix for packet buffer setting bug (bsc#1104353 ).\n- net: hns3: Fix for rx vlan id handle to support Rev 0x21 hardware (bsc#1104353).\n- net: hns3: Fix for setting speed for phy failed problem (bsc#1104353).\n- net: hns3: Fix for vf vlan delete failed problem (bsc#1104353 ).\n- net: hns3: Fix loss of coal configuration while doing reset (bsc#1104353).\n- net: hns3: Fix parameter type for q_id in hclge_tm_q_to_qs_map_cfg() (bsc#1104353).\n- net: hns3: Fix ping exited problem when doing lp selftest (bsc#1104353).\n- net: hns3: Preserve vlan 0 in hardware table (bsc#1104353 ).\n- net: hns3: remove unnecessary queue reset in the hns3_uninit_all_ring() (bsc#1104353).\n- net: hns3: Set STATE_DOWN bit of hdev state when stopping net (bsc#1104353).\n- net/mlx4_core: Correctly set PFC param if global pause is turned off (bsc#1046299).\n- net: usb: r8152: constify usb_device_id (bsc#1119749).\n- net: usb: r8152: use irqsave() in USB\u0027s complete callback (bsc#1119749).\n- nospec: Allow index argument to have const-qualified type (git-fixes)\n- nospec: Kill array_index_nospec_mask_check() (git-fixes).\n- nvme-fc: resolve io failures during connect (bsc#1116803).\n- nvme-multipath: zero out ANA log buffer (bsc#1105168).\n- nvme: validate controller state before rescheduling keep alive (bsc#1103257).\n- objtool: Detect RIP-relative switch table references (bsc#1058115).\n- objtool: Detect RIP-relative switch table references, part 2 (bsc#1058115).\n- objtool: Fix another switch table detection issue (bsc#1058115).\n- objtool: Fix double-free in .cold detection error path (bsc#1058115).\n- objtool: Fix GCC 8 cold subfunction detection for aliased functions (bsc#1058115).\n- objtool: Fix \u0027noreturn\u0027 detection for recursive sibling calls (bsc#1058115).\n- objtool: Fix segfault in .cold detection with -ffunction-sections (bsc#1058115).\n- objtool: Support GCC 8\u0027s cold subfunctions (bsc#1058115).\n- objtool: Support GCC 8 switch tables (bsc#1058115).\n- panic: avoid deadlocks in re-entrant console drivers (bsc#1088386).\n- pci: Add ACS quirk for Ampere root ports (bsc#1120058).\n- pci: Add ACS quirk for APM X-Gene devices (bsc#1120058).\n- pci: Convert device-specific ACS quirks from NULL termination to ARRAY_SIZE (bsc#1120058).\n- pci: Delay after FLR of Intel DC P3700 NVMe (bsc#1120058).\n- pci: Disable Samsung SM961/PM961 NVMe before FLR (bsc#1120058).\n- pci: Export pcie_has_flr() (bsc#1120058).\n- pci: iproc: Activate PAXC bridge quirk for more devices (bsc#1120058).\n- pci: Mark Ceton InfiniTV4 INTx masking as broken (bsc#1120058).\n- pci: Mark fall-through switch cases before enabling -Wimplicit-fallthrough (bsc#1120058).\n- pci: Mark Intel XXV710 NIC INTx masking as broken (bsc#1120058).\n- perf tools: Fix tracing_path_mount proper path (git-fixes).\n- platform-msi: Free descriptors in platform_msi_domain_free() (bsc#1051510).\n- powerpc/64s: consolidate MCE counter increment (bsc#1094244).\n- powerpc/64s/radix: Fix process table entry cache invalidation (bsc#1055186, git-fixes).\n- powerpc/boot: Expose Kconfig symbols to wrapper (bsc#1065729).\n- powerpc/boot: Fix build failures with -j 1 (bsc#1065729).\n- powerpc/pkeys: Fix handling of pkey state across fork() (bsc#1078248, git-fixes).\n- powerpc/powernv: Fix save/restore of SPRG3 on entry/exit from stop (idle) (bsc#1055121).\n- powerpc/pseries: Track LMB nid instead of using device tree (bsc#1108270).\n- powerpc/traps: restore recoverability of machine_check interrupts (bsc#1094244).\n- power: supply: olpc_battery: correct the temperature units (bsc#1051510).\n- ptrace: Remove unused ptrace_may_access_sched() and MODE_IBRS (bsc#1106913).\n- qed: Add driver support for 20G link speed (bsc#1110558).\n- qed: Add support for virtual link (bsc#1111795).\n- qede: Add driver support for 20G link speed (bsc#1110558).\n- r8152: add byte_enable for ocp_read_word function (bsc#1119749).\n- r8152: add Linksys USB3GIGV1 id (bsc#1119749).\n- r8152: add r8153_phy_status function (bsc#1119749).\n- r8152: adjust lpm settings for RTL8153 (bsc#1119749).\n- r8152: adjust rtl8153_runtime_enable function (bsc#1119749).\n- r8152: adjust the settings about MAC clock speed down for RTL8153 (bsc#1119749).\n- r8152: adjust U2P3 for RTL8153 (bsc#1119749).\n- r8152: avoid rx queue more than 1000 packets (bsc#1119749).\n- r8152: check if disabling ALDPS is finished (bsc#1119749).\n- r8152: correct the definition (bsc#1119749).\n- r8152: disable RX aggregation on Dell TB16 dock (bsc#1119749).\n- r8152: disable RX aggregation on new Dell TB16 dock (bsc#1119749).\n- r8152: fix wrong checksum status for received IPv4 packets (bsc#1119749).\n- r8152: move calling delay_autosuspend function (bsc#1119749).\n- r8152: move the default coalesce setting for RTL8153 (bsc#1119749).\n- r8152: move the initialization to reset_resume function (bsc#1119749).\n- r8152: move the setting of rx aggregation (bsc#1119749).\n- r8152: replace napi_complete with napi_complete_done (bsc#1119749).\n- r8152: set rx mode early when linking on (bsc#1119749).\n- r8152: split rtl8152_resume function (bsc#1119749).\n- r8152: support new chip 8050 (bsc#1119749).\n- r8152: support RTL8153B (bsc#1119749).\n- rbd: whitelist RBD_FEATURE_OPERATIONS feature bit (Git-fixes).\n- rcu: Allow for page faults in NMI handlers (bsc#1120092).\n- rdma/bnxt_re: Add missing spin lock initialization (bsc#1050244 ).\n- rdma/bnxt_re: Avoid accessing the device structure after it is freed (bsc#1050244).\n- rdma/bnxt_re: Avoid NULL check after accessing the pointer (bsc#1086283).\n- rdma/bnxt_re: Fix system hang when registration with L2 driver fails (bsc#1086283).\n- rdma/hns: Bugfix pbl configuration for rereg mr (bsc#1104427 ).\n- rdma_rxe: make rxe work over 802.1q VLAN devices (bsc#1082387).\n- reset: remove remaining WARN_ON() in \u003clinux/reset.h\u003e (Git-fixes).\n- Revert commit ef9209b642f \u0027staging: rtl8723bs: Fix indenting errors and an off-by-one mistake in core/rtw_mlme_ext.c\u0027 (bsc#1051510).\n- Revert \u0027iommu/io-pgtable-arm: Check for v7s-incapable systems\u0027 (bsc#1106105).\n- Revert \u0027PCI/ASPM: Do not initialize link state when aspm_disabled is set\u0027 (bsc#1051510).\n- Revert \u0027scsi: lpfc: ls_rjt erroneus FLOGIs\u0027 (bsc#1119322).\n- ring-buffer: Allow for rescheduling when removing pages (bsc#1120238).\n- ring-buffer: Do no reuse reader page if still in use (bsc#1120096).\n- ring-buffer: Mask out the info bits when returning buffer page length (bsc#1120094).\n- rtc: hctosys: Add missing range error reporting (bsc#1051510).\n- rtc: m41t80: Correct alarm month range with RTC reads (bsc#1051510).\n- rtc: pcf2127: fix a kmemleak caused in pcf2127_i2c_gather_write (bsc#1051510).\n- rtc: snvs: Add timeouts to avoid kernel lockups (bsc#1051510).\n- rtl8xxxu: Fix missing break in switch (bsc#1051510).\n- s390/dasd: simplify locking in dasd_times_out (bsc#1104967,).\n- s390/kdump: Fix elfcorehdr size calculation (bsc#1117953, LTC#171112).\n- s390/kdump: Make elfcorehdr size calculation ABI compliant (bsc#1117953, LTC#171112).\n- s390/qeth: fix length check in SNMP processing (bsc#1117953, LTC#173657).\n- s390/qeth: remove outdated portname debug msg (bsc#1117953, LTC#172960).\n- s390/qeth: sanitize strings in debug messages (bsc#1117953, LTC#172960).\n- sbitmap: fix race in wait batch accounting (Git-fixes).\n- sched/core: Fix cpu.max vs. cpuhotplug deadlock (bsc#1106913).\n- sched/smt: Expose sched_smt_present static key (bsc#1106913).\n- sched/smt: Make sched_smt_present track topology (bsc#1106913).\n- sched, tracing: Fix trace_sched_pi_setprio() for deboosting (bsc#1120228).\n- scsi: lpfc: Cap NPIV vports to 256 (bsc#1118215).\n- scsi: lpfc: Correct code setting non existent bits in sli4 ABORT WQE (bsc#1118215).\n- scsi: lpfc: Correct topology type reporting on G7 adapters (bsc#1118215).\n- scsi: lpfc: Defer LS_ACC to FLOGI on point to point logins (bsc#1118215).\n- scsi: lpfc: Enable Management features for IF_TYPE=6 (bsc#1119322).\n- scsi: lpfc: Fix a duplicate 0711 log message number (bsc#1118215).\n- scsi: lpfc: fix block guard enablement on SLI3 adapters (bsc#1079935).\n- scsi: lpfc: Fix dif and first burst use in write commands (bsc#1118215).\n- scsi: lpfc: Fix discovery failures during port failovers with lots of vports (bsc#1118215).\n- scsi: lpfc: Fix driver release of fw-logging buffers (bsc#1118215).\n- scsi: lpfc: Fix kernel Oops due to null pring pointers (bsc#1118215).\n- scsi: lpfc: Fix panic when FW-log buffsize is not initialized (bsc#1118215).\n- scsi: lpfc: ls_rjt erroneus FLOGIs (bsc#1118215).\n- scsi: lpfc: refactor mailbox structure context fields (bsc#1118215).\n- scsi: lpfc: rport port swap discovery issue (bsc#1118215).\n- scsi: lpfc: update driver version to 12.0.0.9 (bsc#1118215).\n- scsi: lpfc: update manufacturer attribute to reflect Broadcom (bsc#1118215).\n- scsi: target: add emulate_pr backstore attr to toggle PR support (bsc#1091405).\n- scsi: target: drop unused pi_prot_format attribute storage (bsc#1091405).\n- scsi: zfcp: fix posting too many status read buffers leading to adapter shutdown (bsc#1121483, LTC#174588).\n- shmem: introduce shmem_inode_acct_block (VM Functionality, bsc#1121599).\n- shmem: shmem_charge: verify max_block is not exceeded before inode update (VM Functionality, bsc#1121599).\n- skd: Avoid that module unloading triggers a use-after-free (Git-fixes).\n- skd: Submit requests to firmware before triggering the doorbell (Git-fixes).\n- soc: bcm2835: sync firmware properties with downstream ()\n- spi: bcm2835: Avoid finishing transfer prematurely in IRQ mode (bsc#1051510).\n- spi: bcm2835: Fix book-keeping of DMA termination (bsc#1051510).\n- spi: bcm2835: Fix race on DMA termination (bsc#1051510).\n- spi: bcm2835: Unbreak the build of esoteric configs (bsc#1051510).\n- splice: do not read more than available pipe space (bsc#1119212).\n- staging: bcm2835-camera: Abort probe if there is no camera (bsc#1051510).\n- staging: rtl8712: Fix possible buffer overrun (bsc#1051510).\n- staging: rtl8723bs: Add missing return for cfg80211_rtw_get_station (bsc#1051510).\n- staging: rts5208: fix gcc-8 logic error warning (bsc#1051510).\n- staging: wilc1000: fix missing read_write setting when reading data (bsc#1051510).\n- supported.conf: add raspberrypi-ts driver\n- supported.conf: whitelist bluefield eMMC driver\n- target/iscsi: avoid NULL dereference in CHAP auth error path (bsc#1117165).\n- target: se_dev_attrib.emulate_pr ABI stability (bsc#1091405).\n- team: no need to do team_notify_peers or team_mcast_rejoin when disabling port (bsc#1051510).\n- termios, tty/tty_baudrate.c: fix buffer overrun (bsc#1051510).\n- test_hexdump: use memcpy instead of strncpy (bsc#1051510).\n- tmpfs: make lseek(SEEK_DATA/SEK_HOLE) return ENXIO with a negative offset (bsc#1051510).\n- tools: hv: fcopy: set \u0027error\u0027 in case an unknown operation was requested (git-fixes).\n- Tools: hv: Fix a bug in the key delete code (git-fixes).\n- tools: hv: include string.h in hv_fcopy_daemon (git-fixes).\n- tools/lib/lockdep: Rename \u0027trywlock\u0027 into \u0027trywrlock\u0027 (bsc#1121973).\n- tools/power/cpupower: fix compilation with STATIC=true (git-fixes).\n- tools/power turbostat: fix possible sprintf buffer overflow (git-fixes).\n- tracing/blktrace: Fix to allow setting same value (Git-fixes).\n- tracing: Fix bad use of igrab in trace_uprobe.c (bsc#1120046).\n- tracing: Fix crash when freeing instances with event triggers (bsc#1120230).\n- tracing: Fix crash when it fails to alloc ring buffer (bsc#1120097).\n- tracing: Fix double free of event_trigger_data (bsc#1120234).\n- tracing: Fix missing return symbol in function_graph output (bsc#1120232).\n- tracing: Fix possible double free in event_enable_trigger_func() (bsc#1120235).\n- tracing: Fix possible double free on failure of allocating trace buffer (bsc#1120214).\n- tracing: Fix regex_match_front() to not over compare the test string (bsc#1120223).\n- tracing: Fix trace_pipe behavior for instance traces (bsc#1120088).\n- tracing: Remove RCU work arounds from stack tracer (bsc#1120092).\n- tracing/samples: Fix creation and deletion of simple_thread_fn creation (git-fixes).\n- tty: Do not hold ldisc lock in tty_reopen() if ldisc present (bsc#1051510).\n- tty: Do not return -EAGAIN in blocking read (bsc#1116040).\n- tty: do not set TTY_IO_ERROR flag if console port (bsc#1051510).\n- tty: serial: 8250_mtk: always resume the device in probe (bsc#1051510).\n- ubifs: Handle re-linking of inodes correctly while recovery (bsc#1120598).\n- ubifs-Handle-re-linking-of-inodes-correctly-while-re.patch: Fixup compilation failure due to different ubifs_assert() prototype.\n- udf: Allow mounting volumes with incorrect identification strings (bsc#1118774).\n- unifdef: use memcpy instead of strncpy (bsc#1051510).\n- usb: appledisplay: Add 27\u0027 Apple Cinema Display (bsc#1051510).\n- usb: core: quirks: add RESET_RESUME quirk for Cherry G230 Stream series (bsc#1051510).\n- usb: dwc2: host: use hrtimer for NAK retries (git-fixes).\n- usb: hso: Fix OOB memory access in hso_probe/hso_get_config_data (bsc#1051510).\n- usbip: vhci_hcd: check rhport before using in vhci_hub_control() (bsc#1090888).\n- usb: omap_udc: fix crashes on probe error and module removal (bsc#1051510).\n- usb: omap_udc: fix omap_udc_start() on 15xx machines (bsc#1051510).\n- usb: omap_udc: fix USB gadget functionality on Palm Tungsten E (bsc#1051510).\n- usb: omap_udc: use devm_request_irq() (bsc#1051510).\n- usb: quirk: add no-LPM quirk on SanDisk Ultra Flair device (bsc#1051510).\n- usb: serial: option: add Fibocom NL668 series (bsc#1051510).\n- usb: serial: option: add GosunCn ZTE WeLink ME3630 (bsc#1051510).\n- usb: serial: option: add HP lt4132 (bsc#1051510).\n- usb: serial: option: add Simcom SIM7500/SIM7600 (MBIM mode) (bsc#1051510).\n- usb: serial: option: add Telit LN940 series (bsc#1051510).\n- usb: usbip: Fix BUG: KASAN: slab-out-of-bounds in vhci_hub_control() (bsc#1106110).\n- usb: usb-storage: Add new IDs to ums-realtek (bsc#1051510).\n- usb: xhci: fix uninitialized completion when USB3 port got wrong status (bsc#1051510).\n- usb: xhci: Prevent bus suspend if a port connect change or polling state is detected (bsc#1051510).\n- userfaultfd: clear the vma-\u003evm_userfaultfd_ctx if UFFD_EVENT_FORK fails (bsc#1118761).\n- userfaultfd: remove uffd flags from vma-\u003evm_flags if UFFD_EVENT_FORK fails (bsc#1118809).\n- v9fs_dir_readdir: fix double-free on p9stat_read error (bsc#1118771).\n- vfs: Avoid softlockups in drop_pagecache_sb() (bsc#1118505).\n- watchdog/core: Add missing prototypes for weak functions (git-fixes).\n- wireless: airo: potential buffer overflow in sprintf() (bsc#1051510).\n- wlcore: Fix the return value in case of error in \u0027wlcore_vendor_cmd_smart_config_start()\u0027 (bsc#1051510).\n- x86/bugs: Add AMD\u0027s SPEC_CTRL MSR usage (bsc#1106913).\n- x86/bugs: Fix the AMD SSBD usage of the SPEC_CTRL MSR (bsc#1106913).\n- x86/bugs: Switch the selection of mitigation from CPU vendor to CPU features (bsc#1106913).\n- x86/decoder: Fix and update the opcodes map (bsc#1058115).\n- x86/kabi: Fix cpu_tlbstate issue (bsc#1106913).\n- x86/l1tf: Show actual SMT state (bsc#1106913).\n- x86/mm: Fix decoy address handling vs 32-bit builds (bsc#1120606).\n- x86/pci: Add additional VMD device root ports to VMD AER quirk (bsc#1120058).\n- x86/pci: Add \u0027pci=big_root_window\u0027 option for AMD 64-bit windows (bsc#1120058).\n- x86/pci: Apply VMD\u0027s AERSID fixup generically (bsc#1120058).\n- x86/pci: Avoid AMD SB7xx EHCI USB wakeup defect (bsc#1120058).\n- x86/pci: Enable a 64bit BAR on AMD Family 15h (Models 00-1f, 30-3f, 60-7f) (bsc#1120058).\n- x86/pci: Enable AMD 64-bit window on resume (bsc#1120058).\n- x86/pci: Fix infinite loop in search for 64bit BAR placement (bsc#1120058).\n- x86/pci: Move and shrink AMD 64-bit window to avoid conflict (bsc#1120058).\n- x86/pci: Move VMD quirk to x86 fixups (bsc#1120058).\n- x86/pci: Only enable a 64bit BAR on single-socket AMD Family 15h (bsc#1120058).\n- x86/pci: Use is_vmd() rather than relying on the domain number (bsc#1120058).\n- x86/process: Consolidate and simplify switch_to_xtra() code (bsc#1106913).\n- x86/pti: Document fix wrong index (git-fixes).\n- x86/retpoline: Make CONFIG_RETPOLINE depend on compiler support (bsc#1106913).\n- x86/retpoline: Remove minimal retpoline support (bsc#1106913).\n- x86/speculataion: Mark command line parser data __initdata (bsc#1106913).\n- x86/speculation: Add command line control for indirect branch speculation (bsc#1106913).\n- x86/speculation: Add prctl() control for indirect branch speculation (bsc#1106913).\n- x86/speculation: Add seccomp Spectre v2 user space protection mode (bsc#1106913).\n- x86/speculation: Apply IBPB more strictly to avoid cross-process data leak (bsc#1106913).\n- x86/speculation: Avoid __switch_to_xtra() calls (bsc#1106913).\n- x86/speculation: Clean up spectre_v2_parse_cmdline() (bsc#1106913).\n- x86/speculation: Disable STIBP when enhanced IBRS is in use (bsc#1106913).\n- x86/speculation: Enable cross-hyperthread spectre v2 STIBP mitigation (bsc#1106913).\n- x86/speculation: Enable prctl mode for spectre_v2_user (bsc#1106913).\n- x86/speculation/l1tf: Drop the swap storage limit restriction when l1tf=off (bnc#1114871).\n- x86/speculation: Mark string arrays const correctly (bsc#1106913).\n- x86/speculation: Move STIPB/IBPB string conditionals out of cpu_show_common() (bsc#1106913).\n- x86/speculation: Prepare arch_smt_update() for PRCTL mode (bsc#1106913).\n- x86/speculation: Prepare for conditional IBPB in switch_mm() (bsc#1106913).\n- x86/speculation: Prepare for per task indirect branch speculation control (bsc#1106913).\n- x86/speculation: Prevent stale SPEC_CTRL msr content (bsc#1106913).\n- x86/speculation: Propagate information about RSB filling mitigation to sysfs (bsc#1106913).\n- x86/speculation: Provide IBPB always command line options (bsc#1106913).\n- x86/speculation: Remove unnecessary ret variable in cpu_show_common() (bsc#1106913).\n- x86/speculation: Rename SSBD update functions (bsc#1106913).\n- x86/speculation: Reorder the spec_v2 code (bsc#1106913).\n- x86/speculation: Reorganize speculation control MSRs update (bsc#1106913).\n- x86/speculation: Rework SMT state change (bsc#1106913).\n- x86/speculation: Split out TIF update (bsc#1106913).\n- x86/speculation: Unify conditional spectre v2 print functions (bsc#1106913).\n- x86/speculation: Update the TIF_SSBD comment (bsc#1106913).\n- xen/netfront: tolerate frags with no data (bnc#1119804).\n- xfs: Align compat attrlist_by_handle with native implementation (git-fixes).\n- xfs: fix quotacheck dquot id overflow infinite loop (bsc#1121621).\n- xfs: Fix xqmstats offsets in /proc/fs/xfs/xqmstat (git-fixes).\n- xfs: xfs_buf: drop useless LIST_HEAD (git-fixes).\n- xhci: Add quirk to workaround the errata seen on Cavium Thunder-X2 Soc (bsc#1117162).\n- xhci: Do not prevent USB2 bus suspend in state check intended for USB3 only (bsc#1051510).\n- xhci: Prevent U1/U2 link pm states if exit latency is too long (bsc#1051510).\n",
"title": "Description of the patch"
},
{
"category": "details",
"text": "SUSE-2019-196,SUSE-SLE-DESKTOP-12-SP4-2019-196,SUSE-SLE-HA-12-SP4-2019-196,SUSE-SLE-Live-Patching-12-SP4-2019-196,SUSE-SLE-SDK-12-SP4-2019-196,SUSE-SLE-SERVER-12-SP4-2019-196,SUSE-SLE-WE-12-SP4-2019-196",
"title": "Patchnames"
},
{
"category": "legal_disclaimer",
"text": "CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).",
"title": "Terms of use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://www.suse.com/support/security/contact/",
"name": "SUSE Product Security Team",
"namespace": "https://www.suse.com/"
},
"references": [
{
"category": "external",
"summary": "SUSE ratings",
"url": "https://www.suse.com/support/security/rating/"
},
{
"category": "self",
"summary": "URL of this CSAF notice",
"url": "https://ftp.suse.com/pub/projects/security/csaf/suse-su-2019_0196-1.json"
},
{
"category": "self",
"summary": "URL for SUSE-SU-2019:0196-1",
"url": "https://www.suse.com/support/update/announcement/2019/suse-su-20190196-1/"
},
{
"category": "self",
"summary": "E-Mail link for SUSE-SU-2019:0196-1",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2019-January/005066.html"
},
{
"category": "self",
"summary": "SUSE Bug 1024718",
"url": "https://bugzilla.suse.com/1024718"
},
{
"category": "self",
"summary": "SUSE Bug 1046299",
"url": "https://bugzilla.suse.com/1046299"
},
{
"category": "self",
"summary": "SUSE Bug 1050242",
"url": "https://bugzilla.suse.com/1050242"
},
{
"category": "self",
"summary": "SUSE Bug 1050244",
"url": "https://bugzilla.suse.com/1050244"
},
{
"category": "self",
"summary": "SUSE Bug 1051510",
"url": "https://bugzilla.suse.com/1051510"
},
{
"category": "self",
"summary": "SUSE Bug 1055121",
"url": "https://bugzilla.suse.com/1055121"
},
{
"category": "self",
"summary": "SUSE Bug 1055186",
"url": "https://bugzilla.suse.com/1055186"
},
{
"category": "self",
"summary": "SUSE Bug 1058115",
"url": "https://bugzilla.suse.com/1058115"
},
{
"category": "self",
"summary": "SUSE Bug 1060463",
"url": "https://bugzilla.suse.com/1060463"
},
{
"category": "self",
"summary": "SUSE Bug 1065729",
"url": "https://bugzilla.suse.com/1065729"
},
{
"category": "self",
"summary": "SUSE Bug 1078248",
"url": "https://bugzilla.suse.com/1078248"
},
{
"category": "self",
"summary": "SUSE Bug 1079935",
"url": "https://bugzilla.suse.com/1079935"
},
{
"category": "self",
"summary": "SUSE Bug 1082387",
"url": "https://bugzilla.suse.com/1082387"
},
{
"category": "self",
"summary": "SUSE Bug 1083647",
"url": "https://bugzilla.suse.com/1083647"
},
{
"category": "self",
"summary": "SUSE Bug 1086282",
"url": "https://bugzilla.suse.com/1086282"
},
{
"category": "self",
"summary": "SUSE Bug 1086283",
"url": "https://bugzilla.suse.com/1086283"
},
{
"category": "self",
"summary": "SUSE Bug 1086423",
"url": "https://bugzilla.suse.com/1086423"
},
{
"category": "self",
"summary": "SUSE Bug 1087084",
"url": "https://bugzilla.suse.com/1087084"
},
{
"category": "self",
"summary": "SUSE Bug 1087978",
"url": "https://bugzilla.suse.com/1087978"
},
{
"category": "self",
"summary": "SUSE Bug 1088386",
"url": "https://bugzilla.suse.com/1088386"
},
{
"category": "self",
"summary": "SUSE Bug 1090888",
"url": "https://bugzilla.suse.com/1090888"
},
{
"category": "self",
"summary": "SUSE Bug 1091405",
"url": "https://bugzilla.suse.com/1091405"
},
{
"category": "self",
"summary": "SUSE Bug 1094244",
"url": "https://bugzilla.suse.com/1094244"
},
{
"category": "self",
"summary": "SUSE Bug 1097593",
"url": "https://bugzilla.suse.com/1097593"
},
{
"category": "self",
"summary": "SUSE Bug 1102875",
"url": "https://bugzilla.suse.com/1102875"
},
{
"category": "self",
"summary": "SUSE Bug 1102877",
"url": "https://bugzilla.suse.com/1102877"
},
{
"category": "self",
"summary": "SUSE Bug 1102879",
"url": "https://bugzilla.suse.com/1102879"
},
{
"category": "self",
"summary": "SUSE Bug 1102882",
"url": "https://bugzilla.suse.com/1102882"
},
{
"category": "self",
"summary": "SUSE Bug 1102896",
"url": "https://bugzilla.suse.com/1102896"
},
{
"category": "self",
"summary": "SUSE Bug 1103257",
"url": "https://bugzilla.suse.com/1103257"
},
{
"category": "self",
"summary": "SUSE Bug 1104353",
"url": "https://bugzilla.suse.com/1104353"
},
{
"category": "self",
"summary": "SUSE Bug 1104427",
"url": "https://bugzilla.suse.com/1104427"
},
{
"category": "self",
"summary": "SUSE Bug 1104967",
"url": "https://bugzilla.suse.com/1104967"
},
{
"category": "self",
"summary": "SUSE Bug 1105168",
"url": "https://bugzilla.suse.com/1105168"
},
{
"category": "self",
"summary": "SUSE Bug 1106105",
"url": "https://bugzilla.suse.com/1106105"
},
{
"category": "self",
"summary": "SUSE Bug 1106110",
"url": "https://bugzilla.suse.com/1106110"
},
{
"category": "self",
"summary": "SUSE Bug 1106615",
"url": "https://bugzilla.suse.com/1106615"
},
{
"category": "self",
"summary": "SUSE Bug 1106913",
"url": "https://bugzilla.suse.com/1106913"
},
{
"category": "self",
"summary": "SUSE Bug 1108270",
"url": "https://bugzilla.suse.com/1108270"
},
{
"category": "self",
"summary": "SUSE Bug 1109272",
"url": "https://bugzilla.suse.com/1109272"
},
{
"category": "self",
"summary": "SUSE Bug 1110558",
"url": "https://bugzilla.suse.com/1110558"
},
{
"category": "self",
"summary": "SUSE Bug 1111188",
"url": "https://bugzilla.suse.com/1111188"
},
{
"category": "self",
"summary": "SUSE Bug 1111469",
"url": "https://bugzilla.suse.com/1111469"
},
{
"category": "self",
"summary": "SUSE Bug 1111696",
"url": "https://bugzilla.suse.com/1111696"
},
{
"category": "self",
"summary": "SUSE Bug 1111795",
"url": "https://bugzilla.suse.com/1111795"
},
{
"category": "self",
"summary": "SUSE Bug 1112128",
"url": "https://bugzilla.suse.com/1112128"
},
{
"category": "self",
"summary": "SUSE Bug 1113722",
"url": "https://bugzilla.suse.com/1113722"
},
{
"category": "self",
"summary": "SUSE Bug 1114648",
"url": "https://bugzilla.suse.com/1114648"
},
{
"category": "self",
"summary": "SUSE Bug 1114871",
"url": "https://bugzilla.suse.com/1114871"
},
{
"category": "self",
"summary": "SUSE Bug 1116040",
"url": "https://bugzilla.suse.com/1116040"
},
{
"category": "self",
"summary": "SUSE Bug 1116336",
"url": "https://bugzilla.suse.com/1116336"
},
{
"category": "self",
"summary": "SUSE Bug 1116803",
"url": "https://bugzilla.suse.com/1116803"
},
{
"category": "self",
"summary": "SUSE Bug 1116841",
"url": "https://bugzilla.suse.com/1116841"
},
{
"category": "self",
"summary": "SUSE Bug 1117115",
"url": "https://bugzilla.suse.com/1117115"
},
{
"category": "self",
"summary": "SUSE Bug 1117162",
"url": "https://bugzilla.suse.com/1117162"
},
{
"category": "self",
"summary": "SUSE Bug 1117165",
"url": "https://bugzilla.suse.com/1117165"
},
{
"category": "self",
"summary": "SUSE Bug 1117186",
"url": "https://bugzilla.suse.com/1117186"
},
{
"category": "self",
"summary": "SUSE Bug 1117561",
"url": "https://bugzilla.suse.com/1117561"
},
{
"category": "self",
"summary": "SUSE Bug 1117656",
"url": "https://bugzilla.suse.com/1117656"
},
{
"category": "self",
"summary": "SUSE Bug 1117953",
"url": "https://bugzilla.suse.com/1117953"
},
{
"category": "self",
"summary": "SUSE Bug 1118215",
"url": "https://bugzilla.suse.com/1118215"
},
{
"category": "self",
"summary": "SUSE Bug 1118319",
"url": "https://bugzilla.suse.com/1118319"
},
{
"category": "self",
"summary": "SUSE Bug 1118428",
"url": "https://bugzilla.suse.com/1118428"
},
{
"category": "self",
"summary": "SUSE Bug 1118484",
"url": "https://bugzilla.suse.com/1118484"
},
{
"category": "self",
"summary": "SUSE Bug 1118505",
"url": "https://bugzilla.suse.com/1118505"
},
{
"category": "self",
"summary": "SUSE Bug 1118752",
"url": "https://bugzilla.suse.com/1118752"
},
{
"category": "self",
"summary": "SUSE Bug 1118760",
"url": "https://bugzilla.suse.com/1118760"
},
{
"category": "self",
"summary": "SUSE Bug 1118761",
"url": "https://bugzilla.suse.com/1118761"
},
{
"category": "self",
"summary": "SUSE Bug 1118762",
"url": "https://bugzilla.suse.com/1118762"
},
{
"category": "self",
"summary": "SUSE Bug 1118766",
"url": "https://bugzilla.suse.com/1118766"
},
{
"category": "self",
"summary": "SUSE Bug 1118767",
"url": "https://bugzilla.suse.com/1118767"
},
{
"category": "self",
"summary": "SUSE Bug 1118768",
"url": "https://bugzilla.suse.com/1118768"
},
{
"category": "self",
"summary": "SUSE Bug 1118769",
"url": "https://bugzilla.suse.com/1118769"
},
{
"category": "self",
"summary": "SUSE Bug 1118771",
"url": "https://bugzilla.suse.com/1118771"
},
{
"category": "self",
"summary": "SUSE Bug 1118772",
"url": "https://bugzilla.suse.com/1118772"
},
{
"category": "self",
"summary": "SUSE Bug 1118773",
"url": "https://bugzilla.suse.com/1118773"
},
{
"category": "self",
"summary": "SUSE Bug 1118774",
"url": "https://bugzilla.suse.com/1118774"
},
{
"category": "self",
"summary": "SUSE Bug 1118775",
"url": "https://bugzilla.suse.com/1118775"
},
{
"category": "self",
"summary": "SUSE Bug 1118787",
"url": "https://bugzilla.suse.com/1118787"
},
{
"category": "self",
"summary": "SUSE Bug 1118788",
"url": "https://bugzilla.suse.com/1118788"
},
{
"category": "self",
"summary": "SUSE Bug 1118798",
"url": "https://bugzilla.suse.com/1118798"
},
{
"category": "self",
"summary": "SUSE Bug 1118809",
"url": "https://bugzilla.suse.com/1118809"
},
{
"category": "self",
"summary": "SUSE Bug 1118962",
"url": "https://bugzilla.suse.com/1118962"
},
{
"category": "self",
"summary": "SUSE Bug 1119017",
"url": "https://bugzilla.suse.com/1119017"
},
{
"category": "self",
"summary": "SUSE Bug 1119086",
"url": "https://bugzilla.suse.com/1119086"
},
{
"category": "self",
"summary": "SUSE Bug 1119212",
"url": "https://bugzilla.suse.com/1119212"
},
{
"category": "self",
"summary": "SUSE Bug 1119322",
"url": "https://bugzilla.suse.com/1119322"
},
{
"category": "self",
"summary": "SUSE Bug 1119410",
"url": "https://bugzilla.suse.com/1119410"
},
{
"category": "self",
"summary": "SUSE Bug 1119714",
"url": "https://bugzilla.suse.com/1119714"
},
{
"category": "self",
"summary": "SUSE Bug 1119749",
"url": "https://bugzilla.suse.com/1119749"
},
{
"category": "self",
"summary": "SUSE Bug 1119804",
"url": "https://bugzilla.suse.com/1119804"
},
{
"category": "self",
"summary": "SUSE Bug 1119946",
"url": "https://bugzilla.suse.com/1119946"
},
{
"category": "self",
"summary": "SUSE Bug 1119962",
"url": "https://bugzilla.suse.com/1119962"
},
{
"category": "self",
"summary": "SUSE Bug 1119968",
"url": "https://bugzilla.suse.com/1119968"
},
{
"category": "self",
"summary": "SUSE Bug 1120036",
"url": "https://bugzilla.suse.com/1120036"
},
{
"category": "self",
"summary": "SUSE Bug 1120046",
"url": "https://bugzilla.suse.com/1120046"
},
{
"category": "self",
"summary": "SUSE Bug 1120053",
"url": "https://bugzilla.suse.com/1120053"
},
{
"category": "self",
"summary": "SUSE Bug 1120054",
"url": "https://bugzilla.suse.com/1120054"
},
{
"category": "self",
"summary": "SUSE Bug 1120055",
"url": "https://bugzilla.suse.com/1120055"
},
{
"category": "self",
"summary": "SUSE Bug 1120058",
"url": "https://bugzilla.suse.com/1120058"
},
{
"category": "self",
"summary": "SUSE Bug 1120088",
"url": "https://bugzilla.suse.com/1120088"
},
{
"category": "self",
"summary": "SUSE Bug 1120092",
"url": "https://bugzilla.suse.com/1120092"
},
{
"category": "self",
"summary": "SUSE Bug 1120094",
"url": "https://bugzilla.suse.com/1120094"
},
{
"category": "self",
"summary": "SUSE Bug 1120096",
"url": "https://bugzilla.suse.com/1120096"
},
{
"category": "self",
"summary": "SUSE Bug 1120097",
"url": "https://bugzilla.suse.com/1120097"
},
{
"category": "self",
"summary": "SUSE Bug 1120173",
"url": "https://bugzilla.suse.com/1120173"
},
{
"category": "self",
"summary": "SUSE Bug 1120214",
"url": "https://bugzilla.suse.com/1120214"
},
{
"category": "self",
"summary": "SUSE Bug 1120223",
"url": "https://bugzilla.suse.com/1120223"
},
{
"category": "self",
"summary": "SUSE Bug 1120228",
"url": "https://bugzilla.suse.com/1120228"
},
{
"category": "self",
"summary": "SUSE Bug 1120230",
"url": "https://bugzilla.suse.com/1120230"
},
{
"category": "self",
"summary": "SUSE Bug 1120232",
"url": "https://bugzilla.suse.com/1120232"
},
{
"category": "self",
"summary": "SUSE Bug 1120234",
"url": "https://bugzilla.suse.com/1120234"
},
{
"category": "self",
"summary": "SUSE Bug 1120235",
"url": "https://bugzilla.suse.com/1120235"
},
{
"category": "self",
"summary": "SUSE Bug 1120238",
"url": "https://bugzilla.suse.com/1120238"
},
{
"category": "self",
"summary": "SUSE Bug 1120594",
"url": "https://bugzilla.suse.com/1120594"
},
{
"category": "self",
"summary": "SUSE Bug 1120598",
"url": "https://bugzilla.suse.com/1120598"
},
{
"category": "self",
"summary": "SUSE Bug 1120600",
"url": "https://bugzilla.suse.com/1120600"
},
{
"category": "self",
"summary": "SUSE Bug 1120601",
"url": "https://bugzilla.suse.com/1120601"
},
{
"category": "self",
"summary": "SUSE Bug 1120602",
"url": "https://bugzilla.suse.com/1120602"
},
{
"category": "self",
"summary": "SUSE Bug 1120603",
"url": "https://bugzilla.suse.com/1120603"
},
{
"category": "self",
"summary": "SUSE Bug 1120604",
"url": "https://bugzilla.suse.com/1120604"
},
{
"category": "self",
"summary": "SUSE Bug 1120606",
"url": "https://bugzilla.suse.com/1120606"
},
{
"category": "self",
"summary": "SUSE Bug 1120612",
"url": "https://bugzilla.suse.com/1120612"
},
{
"category": "self",
"summary": "SUSE Bug 1120613",
"url": "https://bugzilla.suse.com/1120613"
},
{
"category": "self",
"summary": "SUSE Bug 1120614",
"url": "https://bugzilla.suse.com/1120614"
},
{
"category": "self",
"summary": "SUSE Bug 1120615",
"url": "https://bugzilla.suse.com/1120615"
},
{
"category": "self",
"summary": "SUSE Bug 1120616",
"url": "https://bugzilla.suse.com/1120616"
},
{
"category": "self",
"summary": "SUSE Bug 1120617",
"url": "https://bugzilla.suse.com/1120617"
},
{
"category": "self",
"summary": "SUSE Bug 1120618",
"url": "https://bugzilla.suse.com/1120618"
},
{
"category": "self",
"summary": "SUSE Bug 1120620",
"url": "https://bugzilla.suse.com/1120620"
},
{
"category": "self",
"summary": "SUSE Bug 1120621",
"url": "https://bugzilla.suse.com/1120621"
},
{
"category": "self",
"summary": "SUSE Bug 1120632",
"url": "https://bugzilla.suse.com/1120632"
},
{
"category": "self",
"summary": "SUSE Bug 1120633",
"url": "https://bugzilla.suse.com/1120633"
},
{
"category": "self",
"summary": "SUSE Bug 1120743",
"url": "https://bugzilla.suse.com/1120743"
},
{
"category": "self",
"summary": "SUSE Bug 1120954",
"url": "https://bugzilla.suse.com/1120954"
},
{
"category": "self",
"summary": "SUSE Bug 1121017",
"url": "https://bugzilla.suse.com/1121017"
},
{
"category": "self",
"summary": "SUSE Bug 1121058",
"url": "https://bugzilla.suse.com/1121058"
},
{
"category": "self",
"summary": "SUSE Bug 1121263",
"url": "https://bugzilla.suse.com/1121263"
},
{
"category": "self",
"summary": "SUSE Bug 1121273",
"url": "https://bugzilla.suse.com/1121273"
},
{
"category": "self",
"summary": "SUSE Bug 1121477",
"url": "https://bugzilla.suse.com/1121477"
},
{
"category": "self",
"summary": "SUSE Bug 1121483",
"url": "https://bugzilla.suse.com/1121483"
},
{
"category": "self",
"summary": "SUSE Bug 1121599",
"url": "https://bugzilla.suse.com/1121599"
},
{
"category": "self",
"summary": "SUSE Bug 1121621",
"url": "https://bugzilla.suse.com/1121621"
},
{
"category": "self",
"summary": "SUSE Bug 1121714",
"url": "https://bugzilla.suse.com/1121714"
},
{
"category": "self",
"summary": "SUSE Bug 1121715",
"url": "https://bugzilla.suse.com/1121715"
},
{
"category": "self",
"summary": "SUSE Bug 1121973",
"url": "https://bugzilla.suse.com/1121973"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2018-12232 page",
"url": "https://www.suse.com/security/cve/CVE-2018-12232/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2018-14625 page",
"url": "https://www.suse.com/security/cve/CVE-2018-14625/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2018-16862 page",
"url": "https://www.suse.com/security/cve/CVE-2018-16862/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2018-16884 page",
"url": "https://www.suse.com/security/cve/CVE-2018-16884/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2018-18397 page",
"url": "https://www.suse.com/security/cve/CVE-2018-18397/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2018-19407 page",
"url": "https://www.suse.com/security/cve/CVE-2018-19407/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2018-19854 page",
"url": "https://www.suse.com/security/cve/CVE-2018-19854/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2018-19985 page",
"url": "https://www.suse.com/security/cve/CVE-2018-19985/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2018-20169 page",
"url": "https://www.suse.com/security/cve/CVE-2018-20169/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2018-9568 page",
"url": "https://www.suse.com/security/cve/CVE-2018-9568/"
}
],
"title": "Security update for the Linux Kernel",
"tracking": {
"current_release_date": "2019-01-29T12:14:56Z",
"generator": {
"date": "2019-01-29T12:14:56Z",
"engine": {
"name": "cve-database.git:bin/generate-csaf.pl",
"version": "1"
}
},
"id": "SUSE-SU-2019:0196-1",
"initial_release_date": "2019-01-29T12:14:56Z",
"revision_history": [
{
"date": "2019-01-29T12:14:56Z",
"number": "1",
"summary": "Current version"
}
],
"status": "final",
"version": "1"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_version",
"name": "cluster-md-kmp-default-4.12.14-95.6.1.aarch64",
"product": {
"name": "cluster-md-kmp-default-4.12.14-95.6.1.aarch64",
"product_id": "cluster-md-kmp-default-4.12.14-95.6.1.aarch64"
}
},
{
"category": "product_version",
"name": "dlm-kmp-default-4.12.14-95.6.1.aarch64",
"product": {
"name": "dlm-kmp-default-4.12.14-95.6.1.aarch64",
"product_id": "dlm-kmp-default-4.12.14-95.6.1.aarch64"
}
},
{
"category": "product_version",
"name": "dtb-al-4.12.14-95.6.1.aarch64",
"product": {
"name": "dtb-al-4.12.14-95.6.1.aarch64",
"product_id": "dtb-al-4.12.14-95.6.1.aarch64"
}
},
{
"category": "product_version",
"name": "dtb-allwinner-4.12.14-95.6.1.aarch64",
"product": {
"name": "dtb-allwinner-4.12.14-95.6.1.aarch64",
"product_id": "dtb-allwinner-4.12.14-95.6.1.aarch64"
}
},
{
"category": "product_version",
"name": "dtb-altera-4.12.14-95.6.1.aarch64",
"product": {
"name": "dtb-altera-4.12.14-95.6.1.aarch64",
"product_id": "dtb-altera-4.12.14-95.6.1.aarch64"
}
},
{
"category": "product_version",
"name": "dtb-amd-4.12.14-95.6.1.aarch64",
"product": {
"name": "dtb-amd-4.12.14-95.6.1.aarch64",
"product_id": "dtb-amd-4.12.14-95.6.1.aarch64"
}
},
{
"category": "product_version",
"name": "dtb-amlogic-4.12.14-95.6.1.aarch64",
"product": {
"name": "dtb-amlogic-4.12.14-95.6.1.aarch64",
"product_id": "dtb-amlogic-4.12.14-95.6.1.aarch64"
}
},
{
"category": "product_version",
"name": "dtb-apm-4.12.14-95.6.1.aarch64",
"product": {
"name": "dtb-apm-4.12.14-95.6.1.aarch64",
"product_id": "dtb-apm-4.12.14-95.6.1.aarch64"
}
},
{
"category": "product_version",
"name": "dtb-arm-4.12.14-95.6.1.aarch64",
"product": {
"name": "dtb-arm-4.12.14-95.6.1.aarch64",
"product_id": "dtb-arm-4.12.14-95.6.1.aarch64"
}
},
{
"category": "product_version",
"name": "dtb-broadcom-4.12.14-95.6.1.aarch64",
"product": {
"name": "dtb-broadcom-4.12.14-95.6.1.aarch64",
"product_id": "dtb-broadcom-4.12.14-95.6.1.aarch64"
}
},
{
"category": "product_version",
"name": "dtb-cavium-4.12.14-95.6.1.aarch64",
"product": {
"name": "dtb-cavium-4.12.14-95.6.1.aarch64",
"product_id": "dtb-cavium-4.12.14-95.6.1.aarch64"
}
},
{
"category": "product_version",
"name": "dtb-exynos-4.12.14-95.6.1.aarch64",
"product": {
"name": "dtb-exynos-4.12.14-95.6.1.aarch64",
"product_id": "dtb-exynos-4.12.14-95.6.1.aarch64"
}
},
{
"category": "product_version",
"name": "dtb-freescale-4.12.14-95.6.1.aarch64",
"product": {
"name": "dtb-freescale-4.12.14-95.6.1.aarch64",
"product_id": "dtb-freescale-4.12.14-95.6.1.aarch64"
}
},
{
"category": "product_version",
"name": "dtb-hisilicon-4.12.14-95.6.1.aarch64",
"product": {
"name": "dtb-hisilicon-4.12.14-95.6.1.aarch64",
"product_id": "dtb-hisilicon-4.12.14-95.6.1.aarch64"
}
},
{
"category": "product_version",
"name": "dtb-lg-4.12.14-95.6.1.aarch64",
"product": {
"name": "dtb-lg-4.12.14-95.6.1.aarch64",
"product_id": "dtb-lg-4.12.14-95.6.1.aarch64"
}
},
{
"category": "product_version",
"name": "dtb-marvell-4.12.14-95.6.1.aarch64",
"product": {
"name": "dtb-marvell-4.12.14-95.6.1.aarch64",
"product_id": "dtb-marvell-4.12.14-95.6.1.aarch64"
}
},
{
"category": "product_version",
"name": "dtb-mediatek-4.12.14-95.6.1.aarch64",
"product": {
"name": "dtb-mediatek-4.12.14-95.6.1.aarch64",
"product_id": "dtb-mediatek-4.12.14-95.6.1.aarch64"
}
},
{
"category": "product_version",
"name": "dtb-nvidia-4.12.14-95.6.1.aarch64",
"product": {
"name": "dtb-nvidia-4.12.14-95.6.1.aarch64",
"product_id": "dtb-nvidia-4.12.14-95.6.1.aarch64"
}
},
{
"category": "product_version",
"name": "dtb-qcom-4.12.14-95.6.1.aarch64",
"product": {
"name": "dtb-qcom-4.12.14-95.6.1.aarch64",
"product_id": "dtb-qcom-4.12.14-95.6.1.aarch64"
}
},
{
"category": "product_version",
"name": "dtb-renesas-4.12.14-95.6.1.aarch64",
"product": {
"name": "dtb-renesas-4.12.14-95.6.1.aarch64",
"product_id": "dtb-renesas-4.12.14-95.6.1.aarch64"
}
},
{
"category": "product_version",
"name": "dtb-rockchip-4.12.14-95.6.1.aarch64",
"product": {
"name": "dtb-rockchip-4.12.14-95.6.1.aarch64",
"product_id": "dtb-rockchip-4.12.14-95.6.1.aarch64"
}
},
{
"category": "product_version",
"name": "dtb-socionext-4.12.14-95.6.1.aarch64",
"product": {
"name": "dtb-socionext-4.12.14-95.6.1.aarch64",
"product_id": "dtb-socionext-4.12.14-95.6.1.aarch64"
}
},
{
"category": "product_version",
"name": "dtb-sprd-4.12.14-95.6.1.aarch64",
"product": {
"name": "dtb-sprd-4.12.14-95.6.1.aarch64",
"product_id": "dtb-sprd-4.12.14-95.6.1.aarch64"
}
},
{
"category": "product_version",
"name": "dtb-xilinx-4.12.14-95.6.1.aarch64",
"product": {
"name": "dtb-xilinx-4.12.14-95.6.1.aarch64",
"product_id": "dtb-xilinx-4.12.14-95.6.1.aarch64"
}
},
{
"category": "product_version",
"name": "dtb-zte-4.12.14-95.6.1.aarch64",
"product": {
"name": "dtb-zte-4.12.14-95.6.1.aarch64",
"product_id": "dtb-zte-4.12.14-95.6.1.aarch64"
}
},
{
"category": "product_version",
"name": "gfs2-kmp-default-4.12.14-95.6.1.aarch64",
"product": {
"name": "gfs2-kmp-default-4.12.14-95.6.1.aarch64",
"product_id": "gfs2-kmp-default-4.12.14-95.6.1.aarch64"
}
},
{
"category": "product_version",
"name": "kernel-default-4.12.14-95.6.1.aarch64",
"product": {
"name": "kernel-default-4.12.14-95.6.1.aarch64",
"product_id": "kernel-default-4.12.14-95.6.1.aarch64"
}
},
{
"category": "product_version",
"name": "kernel-default-base-4.12.14-95.6.1.aarch64",
"product": {
"name": "kernel-default-base-4.12.14-95.6.1.aarch64",
"product_id": "kernel-default-base-4.12.14-95.6.1.aarch64"
}
},
{
"category": "product_version",
"name": "kernel-default-devel-4.12.14-95.6.1.aarch64",
"product": {
"name": "kernel-default-devel-4.12.14-95.6.1.aarch64",
"product_id": "kernel-default-devel-4.12.14-95.6.1.aarch64"
}
},
{
"category": "product_version",
"name": "kernel-default-extra-4.12.14-95.6.1.aarch64",
"product": {
"name": "kernel-default-extra-4.12.14-95.6.1.aarch64",
"product_id": "kernel-default-extra-4.12.14-95.6.1.aarch64"
}
},
{
"category": "product_version",
"name": "kernel-default-livepatch-4.12.14-95.6.1.aarch64",
"product": {
"name": "kernel-default-livepatch-4.12.14-95.6.1.aarch64",
"product_id": "kernel-default-livepatch-4.12.14-95.6.1.aarch64"
}
},
{
"category": "product_version",
"name": "kernel-obs-build-4.12.14-95.6.1.aarch64",
"product": {
"name": "kernel-obs-build-4.12.14-95.6.1.aarch64",
"product_id": "kernel-obs-build-4.12.14-95.6.1.aarch64"
}
},
{
"category": "product_version",
"name": "kernel-obs-qa-4.12.14-95.6.1.aarch64",
"product": {
"name": "kernel-obs-qa-4.12.14-95.6.1.aarch64",
"product_id": "kernel-obs-qa-4.12.14-95.6.1.aarch64"
}
},
{
"category": "product_version",
"name": "kernel-syms-4.12.14-95.6.1.aarch64",
"product": {
"name": "kernel-syms-4.12.14-95.6.1.aarch64",
"product_id": "kernel-syms-4.12.14-95.6.1.aarch64"
}
},
{
"category": "product_version",
"name": "kernel-vanilla-4.12.14-95.6.1.aarch64",
"product": {
"name": "kernel-vanilla-4.12.14-95.6.1.aarch64",
"product_id": "kernel-vanilla-4.12.14-95.6.1.aarch64"
}
},
{
"category": "product_version",
"name": "kernel-vanilla-base-4.12.14-95.6.1.aarch64",
"product": {
"name": "kernel-vanilla-base-4.12.14-95.6.1.aarch64",
"product_id": "kernel-vanilla-base-4.12.14-95.6.1.aarch64"
}
},
{
"category": "product_version",
"name": "kernel-vanilla-devel-4.12.14-95.6.1.aarch64",
"product": {
"name": "kernel-vanilla-devel-4.12.14-95.6.1.aarch64",
"product_id": "kernel-vanilla-devel-4.12.14-95.6.1.aarch64"
}
},
{
"category": "product_version",
"name": "kselftests-kmp-default-4.12.14-95.6.1.aarch64",
"product": {
"name": "kselftests-kmp-default-4.12.14-95.6.1.aarch64",
"product_id": "kselftests-kmp-default-4.12.14-95.6.1.aarch64"
}
},
{
"category": "product_version",
"name": "ocfs2-kmp-default-4.12.14-95.6.1.aarch64",
"product": {
"name": "ocfs2-kmp-default-4.12.14-95.6.1.aarch64",
"product_id": "ocfs2-kmp-default-4.12.14-95.6.1.aarch64"
}
}
],
"category": "architecture",
"name": "aarch64"
},
{
"branches": [
{
"category": "product_version",
"name": "kernel-devel-4.12.14-95.6.1.noarch",
"product": {
"name": "kernel-devel-4.12.14-95.6.1.noarch",
"product_id": "kernel-devel-4.12.14-95.6.1.noarch"
}
},
{
"category": "product_version",
"name": "kernel-docs-4.12.14-95.6.1.noarch",
"product": {
"name": "kernel-docs-4.12.14-95.6.1.noarch",
"product_id": "kernel-docs-4.12.14-95.6.1.noarch"
}
},
{
"category": "product_version",
"name": "kernel-docs-html-4.12.14-95.6.1.noarch",
"product": {
"name": "kernel-docs-html-4.12.14-95.6.1.noarch",
"product_id": "kernel-docs-html-4.12.14-95.6.1.noarch"
}
},
{
"category": "product_version",
"name": "kernel-macros-4.12.14-95.6.1.noarch",
"product": {
"name": "kernel-macros-4.12.14-95.6.1.noarch",
"product_id": "kernel-macros-4.12.14-95.6.1.noarch"
}
},
{
"category": "product_version",
"name": "kernel-source-4.12.14-95.6.1.noarch",
"product": {
"name": "kernel-source-4.12.14-95.6.1.noarch",
"product_id": "kernel-source-4.12.14-95.6.1.noarch"
}
},
{
"category": "product_version",
"name": "kernel-source-vanilla-4.12.14-95.6.1.noarch",
"product": {
"name": "kernel-source-vanilla-4.12.14-95.6.1.noarch",
"product_id": "kernel-source-vanilla-4.12.14-95.6.1.noarch"
}
}
],
"category": "architecture",
"name": "noarch"
},
{
"branches": [
{
"category": "product_version",
"name": "cluster-md-kmp-debug-4.12.14-95.6.1.ppc64le",
"product": {
"name": "cluster-md-kmp-debug-4.12.14-95.6.1.ppc64le",
"product_id": "cluster-md-kmp-debug-4.12.14-95.6.1.ppc64le"
}
},
{
"category": "product_version",
"name": "cluster-md-kmp-default-4.12.14-95.6.1.ppc64le",
"product": {
"name": "cluster-md-kmp-default-4.12.14-95.6.1.ppc64le",
"product_id": "cluster-md-kmp-default-4.12.14-95.6.1.ppc64le"
}
},
{
"category": "product_version",
"name": "dlm-kmp-debug-4.12.14-95.6.1.ppc64le",
"product": {
"name": "dlm-kmp-debug-4.12.14-95.6.1.ppc64le",
"product_id": "dlm-kmp-debug-4.12.14-95.6.1.ppc64le"
}
},
{
"category": "product_version",
"name": "dlm-kmp-default-4.12.14-95.6.1.ppc64le",
"product": {
"name": "dlm-kmp-default-4.12.14-95.6.1.ppc64le",
"product_id": "dlm-kmp-default-4.12.14-95.6.1.ppc64le"
}
},
{
"category": "product_version",
"name": "gfs2-kmp-debug-4.12.14-95.6.1.ppc64le",
"product": {
"name": "gfs2-kmp-debug-4.12.14-95.6.1.ppc64le",
"product_id": "gfs2-kmp-debug-4.12.14-95.6.1.ppc64le"
}
},
{
"category": "product_version",
"name": "gfs2-kmp-default-4.12.14-95.6.1.ppc64le",
"product": {
"name": "gfs2-kmp-default-4.12.14-95.6.1.ppc64le",
"product_id": "gfs2-kmp-default-4.12.14-95.6.1.ppc64le"
}
},
{
"category": "product_version",
"name": "kernel-debug-4.12.14-95.6.1.ppc64le",
"product": {
"name": "kernel-debug-4.12.14-95.6.1.ppc64le",
"product_id": "kernel-debug-4.12.14-95.6.1.ppc64le"
}
},
{
"category": "product_version",
"name": "kernel-debug-base-4.12.14-95.6.1.ppc64le",
"product": {
"name": "kernel-debug-base-4.12.14-95.6.1.ppc64le",
"product_id": "kernel-debug-base-4.12.14-95.6.1.ppc64le"
}
},
{
"category": "product_version",
"name": "kernel-debug-devel-4.12.14-95.6.1.ppc64le",
"product": {
"name": "kernel-debug-devel-4.12.14-95.6.1.ppc64le",
"product_id": "kernel-debug-devel-4.12.14-95.6.1.ppc64le"
}
},
{
"category": "product_version",
"name": "kernel-debug-extra-4.12.14-95.6.1.ppc64le",
"product": {
"name": "kernel-debug-extra-4.12.14-95.6.1.ppc64le",
"product_id": "kernel-debug-extra-4.12.14-95.6.1.ppc64le"
}
},
{
"category": "product_version",
"name": "kernel-debug-livepatch-4.12.14-95.6.1.ppc64le",
"product": {
"name": "kernel-debug-livepatch-4.12.14-95.6.1.ppc64le",
"product_id": "kernel-debug-livepatch-4.12.14-95.6.1.ppc64le"
}
},
{
"category": "product_version",
"name": "kernel-default-4.12.14-95.6.1.ppc64le",
"product": {
"name": "kernel-default-4.12.14-95.6.1.ppc64le",
"product_id": "kernel-default-4.12.14-95.6.1.ppc64le"
}
},
{
"category": "product_version",
"name": "kernel-default-base-4.12.14-95.6.1.ppc64le",
"product": {
"name": "kernel-default-base-4.12.14-95.6.1.ppc64le",
"product_id": "kernel-default-base-4.12.14-95.6.1.ppc64le"
}
},
{
"category": "product_version",
"name": "kernel-default-devel-4.12.14-95.6.1.ppc64le",
"product": {
"name": "kernel-default-devel-4.12.14-95.6.1.ppc64le",
"product_id": "kernel-default-devel-4.12.14-95.6.1.ppc64le"
}
},
{
"category": "product_version",
"name": "kernel-default-extra-4.12.14-95.6.1.ppc64le",
"product": {
"name": "kernel-default-extra-4.12.14-95.6.1.ppc64le",
"product_id": "kernel-default-extra-4.12.14-95.6.1.ppc64le"
}
},
{
"category": "product_version",
"name": "kernel-default-livepatch-4.12.14-95.6.1.ppc64le",
"product": {
"name": "kernel-default-livepatch-4.12.14-95.6.1.ppc64le",
"product_id": "kernel-default-livepatch-4.12.14-95.6.1.ppc64le"
}
},
{
"category": "product_version",
"name": "kernel-obs-build-4.12.14-95.6.1.ppc64le",
"product": {
"name": "kernel-obs-build-4.12.14-95.6.1.ppc64le",
"product_id": "kernel-obs-build-4.12.14-95.6.1.ppc64le"
}
},
{
"category": "product_version",
"name": "kernel-obs-qa-4.12.14-95.6.1.ppc64le",
"product": {
"name": "kernel-obs-qa-4.12.14-95.6.1.ppc64le",
"product_id": "kernel-obs-qa-4.12.14-95.6.1.ppc64le"
}
},
{
"category": "product_version",
"name": "kernel-syms-4.12.14-95.6.1.ppc64le",
"product": {
"name": "kernel-syms-4.12.14-95.6.1.ppc64le",
"product_id": "kernel-syms-4.12.14-95.6.1.ppc64le"
}
},
{
"category": "product_version",
"name": "kernel-vanilla-4.12.14-95.6.1.ppc64le",
"product": {
"name": "kernel-vanilla-4.12.14-95.6.1.ppc64le",
"product_id": "kernel-vanilla-4.12.14-95.6.1.ppc64le"
}
},
{
"category": "product_version",
"name": "kernel-vanilla-base-4.12.14-95.6.1.ppc64le",
"product": {
"name": "kernel-vanilla-base-4.12.14-95.6.1.ppc64le",
"product_id": "kernel-vanilla-base-4.12.14-95.6.1.ppc64le"
}
},
{
"category": "product_version",
"name": "kernel-vanilla-devel-4.12.14-95.6.1.ppc64le",
"product": {
"name": "kernel-vanilla-devel-4.12.14-95.6.1.ppc64le",
"product_id": "kernel-vanilla-devel-4.12.14-95.6.1.ppc64le"
}
},
{
"category": "product_version",
"name": "kgraft-patch-4_12_14-95_6-default-1-6.3.1.ppc64le",
"product": {
"name": "kgraft-patch-4_12_14-95_6-default-1-6.3.1.ppc64le",
"product_id": "kgraft-patch-4_12_14-95_6-default-1-6.3.1.ppc64le"
}
},
{
"category": "product_version",
"name": "kselftests-kmp-debug-4.12.14-95.6.1.ppc64le",
"product": {
"name": "kselftests-kmp-debug-4.12.14-95.6.1.ppc64le",
"product_id": "kselftests-kmp-debug-4.12.14-95.6.1.ppc64le"
}
},
{
"category": "product_version",
"name": "kselftests-kmp-default-4.12.14-95.6.1.ppc64le",
"product": {
"name": "kselftests-kmp-default-4.12.14-95.6.1.ppc64le",
"product_id": "kselftests-kmp-default-4.12.14-95.6.1.ppc64le"
}
},
{
"category": "product_version",
"name": "ocfs2-kmp-debug-4.12.14-95.6.1.ppc64le",
"product": {
"name": "ocfs2-kmp-debug-4.12.14-95.6.1.ppc64le",
"product_id": "ocfs2-kmp-debug-4.12.14-95.6.1.ppc64le"
}
},
{
"category": "product_version",
"name": "ocfs2-kmp-default-4.12.14-95.6.1.ppc64le",
"product": {
"name": "ocfs2-kmp-default-4.12.14-95.6.1.ppc64le",
"product_id": "ocfs2-kmp-default-4.12.14-95.6.1.ppc64le"
}
}
],
"category": "architecture",
"name": "ppc64le"
},
{
"branches": [
{
"category": "product_version",
"name": "cluster-md-kmp-default-4.12.14-95.6.1.s390x",
"product": {
"name": "cluster-md-kmp-default-4.12.14-95.6.1.s390x",
"product_id": "cluster-md-kmp-default-4.12.14-95.6.1.s390x"
}
},
{
"category": "product_version",
"name": "dlm-kmp-default-4.12.14-95.6.1.s390x",
"product": {
"name": "dlm-kmp-default-4.12.14-95.6.1.s390x",
"product_id": "dlm-kmp-default-4.12.14-95.6.1.s390x"
}
},
{
"category": "product_version",
"name": "gfs2-kmp-default-4.12.14-95.6.1.s390x",
"product": {
"name": "gfs2-kmp-default-4.12.14-95.6.1.s390x",
"product_id": "gfs2-kmp-default-4.12.14-95.6.1.s390x"
}
},
{
"category": "product_version",
"name": "kernel-default-4.12.14-95.6.1.s390x",
"product": {
"name": "kernel-default-4.12.14-95.6.1.s390x",
"product_id": "kernel-default-4.12.14-95.6.1.s390x"
}
},
{
"category": "product_version",
"name": "kernel-default-base-4.12.14-95.6.1.s390x",
"product": {
"name": "kernel-default-base-4.12.14-95.6.1.s390x",
"product_id": "kernel-default-base-4.12.14-95.6.1.s390x"
}
},
{
"category": "product_version",
"name": "kernel-default-devel-4.12.14-95.6.1.s390x",
"product": {
"name": "kernel-default-devel-4.12.14-95.6.1.s390x",
"product_id": "kernel-default-devel-4.12.14-95.6.1.s390x"
}
},
{
"category": "product_version",
"name": "kernel-default-extra-4.12.14-95.6.1.s390x",
"product": {
"name": "kernel-default-extra-4.12.14-95.6.1.s390x",
"product_id": "kernel-default-extra-4.12.14-95.6.1.s390x"
}
},
{
"category": "product_version",
"name": "kernel-default-livepatch-4.12.14-95.6.1.s390x",
"product": {
"name": "kernel-default-livepatch-4.12.14-95.6.1.s390x",
"product_id": "kernel-default-livepatch-4.12.14-95.6.1.s390x"
}
},
{
"category": "product_version",
"name": "kernel-default-man-4.12.14-95.6.1.s390x",
"product": {
"name": "kernel-default-man-4.12.14-95.6.1.s390x",
"product_id": "kernel-default-man-4.12.14-95.6.1.s390x"
}
},
{
"category": "product_version",
"name": "kernel-obs-build-4.12.14-95.6.1.s390x",
"product": {
"name": "kernel-obs-build-4.12.14-95.6.1.s390x",
"product_id": "kernel-obs-build-4.12.14-95.6.1.s390x"
}
},
{
"category": "product_version",
"name": "kernel-obs-qa-4.12.14-95.6.1.s390x",
"product": {
"name": "kernel-obs-qa-4.12.14-95.6.1.s390x",
"product_id": "kernel-obs-qa-4.12.14-95.6.1.s390x"
}
},
{
"category": "product_version",
"name": "kernel-syms-4.12.14-95.6.1.s390x",
"product": {
"name": "kernel-syms-4.12.14-95.6.1.s390x",
"product_id": "kernel-syms-4.12.14-95.6.1.s390x"
}
},
{
"category": "product_version",
"name": "kernel-vanilla-4.12.14-95.6.1.s390x",
"product": {
"name": "kernel-vanilla-4.12.14-95.6.1.s390x",
"product_id": "kernel-vanilla-4.12.14-95.6.1.s390x"
}
},
{
"category": "product_version",
"name": "kernel-vanilla-base-4.12.14-95.6.1.s390x",
"product": {
"name": "kernel-vanilla-base-4.12.14-95.6.1.s390x",
"product_id": "kernel-vanilla-base-4.12.14-95.6.1.s390x"
}
},
{
"category": "product_version",
"name": "kernel-vanilla-devel-4.12.14-95.6.1.s390x",
"product": {
"name": "kernel-vanilla-devel-4.12.14-95.6.1.s390x",
"product_id": "kernel-vanilla-devel-4.12.14-95.6.1.s390x"
}
},
{
"category": "product_version",
"name": "kernel-zfcpdump-4.12.14-95.6.1.s390x",
"product": {
"name": "kernel-zfcpdump-4.12.14-95.6.1.s390x",
"product_id": "kernel-zfcpdump-4.12.14-95.6.1.s390x"
}
},
{
"category": "product_version",
"name": "kernel-zfcpdump-man-4.12.14-95.6.1.s390x",
"product": {
"name": "kernel-zfcpdump-man-4.12.14-95.6.1.s390x",
"product_id": "kernel-zfcpdump-man-4.12.14-95.6.1.s390x"
}
},
{
"category": "product_version",
"name": "kselftests-kmp-default-4.12.14-95.6.1.s390x",
"product": {
"name": "kselftests-kmp-default-4.12.14-95.6.1.s390x",
"product_id": "kselftests-kmp-default-4.12.14-95.6.1.s390x"
}
},
{
"category": "product_version",
"name": "ocfs2-kmp-default-4.12.14-95.6.1.s390x",
"product": {
"name": "ocfs2-kmp-default-4.12.14-95.6.1.s390x",
"product_id": "ocfs2-kmp-default-4.12.14-95.6.1.s390x"
}
}
],
"category": "architecture",
"name": "s390x"
},
{
"branches": [
{
"category": "product_version",
"name": "cluster-md-kmp-debug-4.12.14-95.6.1.x86_64",
"product": {
"name": "cluster-md-kmp-debug-4.12.14-95.6.1.x86_64",
"product_id": "cluster-md-kmp-debug-4.12.14-95.6.1.x86_64"
}
},
{
"category": "product_version",
"name": "cluster-md-kmp-default-4.12.14-95.6.1.x86_64",
"product": {
"name": "cluster-md-kmp-default-4.12.14-95.6.1.x86_64",
"product_id": "cluster-md-kmp-default-4.12.14-95.6.1.x86_64"
}
},
{
"category": "product_version",
"name": "dlm-kmp-debug-4.12.14-95.6.1.x86_64",
"product": {
"name": "dlm-kmp-debug-4.12.14-95.6.1.x86_64",
"product_id": "dlm-kmp-debug-4.12.14-95.6.1.x86_64"
}
},
{
"category": "product_version",
"name": "dlm-kmp-default-4.12.14-95.6.1.x86_64",
"product": {
"name": "dlm-kmp-default-4.12.14-95.6.1.x86_64",
"product_id": "dlm-kmp-default-4.12.14-95.6.1.x86_64"
}
},
{
"category": "product_version",
"name": "gfs2-kmp-debug-4.12.14-95.6.1.x86_64",
"product": {
"name": "gfs2-kmp-debug-4.12.14-95.6.1.x86_64",
"product_id": "gfs2-kmp-debug-4.12.14-95.6.1.x86_64"
}
},
{
"category": "product_version",
"name": "gfs2-kmp-default-4.12.14-95.6.1.x86_64",
"product": {
"name": "gfs2-kmp-default-4.12.14-95.6.1.x86_64",
"product_id": "gfs2-kmp-default-4.12.14-95.6.1.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-debug-4.12.14-95.6.1.x86_64",
"product": {
"name": "kernel-debug-4.12.14-95.6.1.x86_64",
"product_id": "kernel-debug-4.12.14-95.6.1.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-debug-base-4.12.14-95.6.1.x86_64",
"product": {
"name": "kernel-debug-base-4.12.14-95.6.1.x86_64",
"product_id": "kernel-debug-base-4.12.14-95.6.1.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-debug-devel-4.12.14-95.6.1.x86_64",
"product": {
"name": "kernel-debug-devel-4.12.14-95.6.1.x86_64",
"product_id": "kernel-debug-devel-4.12.14-95.6.1.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-debug-extra-4.12.14-95.6.1.x86_64",
"product": {
"name": "kernel-debug-extra-4.12.14-95.6.1.x86_64",
"product_id": "kernel-debug-extra-4.12.14-95.6.1.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-debug-livepatch-4.12.14-95.6.1.x86_64",
"product": {
"name": "kernel-debug-livepatch-4.12.14-95.6.1.x86_64",
"product_id": "kernel-debug-livepatch-4.12.14-95.6.1.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-default-4.12.14-95.6.1.x86_64",
"product": {
"name": "kernel-default-4.12.14-95.6.1.x86_64",
"product_id": "kernel-default-4.12.14-95.6.1.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-default-base-4.12.14-95.6.1.x86_64",
"product": {
"name": "kernel-default-base-4.12.14-95.6.1.x86_64",
"product_id": "kernel-default-base-4.12.14-95.6.1.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-default-devel-4.12.14-95.6.1.x86_64",
"product": {
"name": "kernel-default-devel-4.12.14-95.6.1.x86_64",
"product_id": "kernel-default-devel-4.12.14-95.6.1.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-default-extra-4.12.14-95.6.1.x86_64",
"product": {
"name": "kernel-default-extra-4.12.14-95.6.1.x86_64",
"product_id": "kernel-default-extra-4.12.14-95.6.1.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-default-livepatch-4.12.14-95.6.1.x86_64",
"product": {
"name": "kernel-default-livepatch-4.12.14-95.6.1.x86_64",
"product_id": "kernel-default-livepatch-4.12.14-95.6.1.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-kvmsmall-4.12.14-95.6.1.x86_64",
"product": {
"name": "kernel-kvmsmall-4.12.14-95.6.1.x86_64",
"product_id": "kernel-kvmsmall-4.12.14-95.6.1.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-kvmsmall-base-4.12.14-95.6.1.x86_64",
"product": {
"name": "kernel-kvmsmall-base-4.12.14-95.6.1.x86_64",
"product_id": "kernel-kvmsmall-base-4.12.14-95.6.1.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-kvmsmall-devel-4.12.14-95.6.1.x86_64",
"product": {
"name": "kernel-kvmsmall-devel-4.12.14-95.6.1.x86_64",
"product_id": "kernel-kvmsmall-devel-4.12.14-95.6.1.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-obs-build-4.12.14-95.6.1.x86_64",
"product": {
"name": "kernel-obs-build-4.12.14-95.6.1.x86_64",
"product_id": "kernel-obs-build-4.12.14-95.6.1.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-obs-qa-4.12.14-95.6.1.x86_64",
"product": {
"name": "kernel-obs-qa-4.12.14-95.6.1.x86_64",
"product_id": "kernel-obs-qa-4.12.14-95.6.1.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-syms-4.12.14-95.6.1.x86_64",
"product": {
"name": "kernel-syms-4.12.14-95.6.1.x86_64",
"product_id": "kernel-syms-4.12.14-95.6.1.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-vanilla-4.12.14-95.6.1.x86_64",
"product": {
"name": "kernel-vanilla-4.12.14-95.6.1.x86_64",
"product_id": "kernel-vanilla-4.12.14-95.6.1.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-vanilla-base-4.12.14-95.6.1.x86_64",
"product": {
"name": "kernel-vanilla-base-4.12.14-95.6.1.x86_64",
"product_id": "kernel-vanilla-base-4.12.14-95.6.1.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-vanilla-devel-4.12.14-95.6.1.x86_64",
"product": {
"name": "kernel-vanilla-devel-4.12.14-95.6.1.x86_64",
"product_id": "kernel-vanilla-devel-4.12.14-95.6.1.x86_64"
}
},
{
"category": "product_version",
"name": "kgraft-patch-4_12_14-95_6-default-1-6.3.1.x86_64",
"product": {
"name": "kgraft-patch-4_12_14-95_6-default-1-6.3.1.x86_64",
"product_id": "kgraft-patch-4_12_14-95_6-default-1-6.3.1.x86_64"
}
},
{
"category": "product_version",
"name": "kselftests-kmp-debug-4.12.14-95.6.1.x86_64",
"product": {
"name": "kselftests-kmp-debug-4.12.14-95.6.1.x86_64",
"product_id": "kselftests-kmp-debug-4.12.14-95.6.1.x86_64"
}
},
{
"category": "product_version",
"name": "kselftests-kmp-default-4.12.14-95.6.1.x86_64",
"product": {
"name": "kselftests-kmp-default-4.12.14-95.6.1.x86_64",
"product_id": "kselftests-kmp-default-4.12.14-95.6.1.x86_64"
}
},
{
"category": "product_version",
"name": "ocfs2-kmp-debug-4.12.14-95.6.1.x86_64",
"product": {
"name": "ocfs2-kmp-debug-4.12.14-95.6.1.x86_64",
"product_id": "ocfs2-kmp-debug-4.12.14-95.6.1.x86_64"
}
},
{
"category": "product_version",
"name": "ocfs2-kmp-default-4.12.14-95.6.1.x86_64",
"product": {
"name": "ocfs2-kmp-default-4.12.14-95.6.1.x86_64",
"product_id": "ocfs2-kmp-default-4.12.14-95.6.1.x86_64"
}
}
],
"category": "architecture",
"name": "x86_64"
},
{
"branches": [
{
"category": "product_name",
"name": "SUSE Linux Enterprise Desktop 12 SP4",
"product": {
"name": "SUSE Linux Enterprise Desktop 12 SP4",
"product_id": "SUSE Linux Enterprise Desktop 12 SP4",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sled:12:sp4"
}
}
},
{
"category": "product_name",
"name": "SUSE Linux Enterprise High Availability Extension 12 SP4",
"product": {
"name": "SUSE Linux Enterprise High Availability Extension 12 SP4",
"product_id": "SUSE Linux Enterprise High Availability Extension 12 SP4",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sle-ha:12:sp4"
}
}
},
{
"category": "product_name",
"name": "SUSE Linux Enterprise Live Patching 12 SP4",
"product": {
"name": "SUSE Linux Enterprise Live Patching 12 SP4",
"product_id": "SUSE Linux Enterprise Live Patching 12 SP4",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sle-live-patching:12:sp4"
}
}
},
{
"category": "product_name",
"name": "SUSE Linux Enterprise Software Development Kit 12 SP4",
"product": {
"name": "SUSE Linux Enterprise Software Development Kit 12 SP4",
"product_id": "SUSE Linux Enterprise Software Development Kit 12 SP4",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sle-sdk:12:sp4"
}
}
},
{
"category": "product_name",
"name": "SUSE Linux Enterprise Server 12 SP4",
"product": {
"name": "SUSE Linux Enterprise Server 12 SP4",
"product_id": "SUSE Linux Enterprise Server 12 SP4",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sles:12:sp4"
}
}
},
{
"category": "product_name",
"name": "SUSE Linux Enterprise Server for SAP Applications 12 SP4",
"product": {
"name": "SUSE Linux Enterprise Server for SAP Applications 12 SP4",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 12 SP4",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sles_sap:12:sp4"
}
}
},
{
"category": "product_name",
"name": "SUSE Linux Enterprise Workstation Extension 12 SP4",
"product": {
"name": "SUSE Linux Enterprise Workstation Extension 12 SP4",
"product_id": "SUSE Linux Enterprise Workstation Extension 12 SP4",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sle-we:12:sp4"
}
}
}
],
"category": "product_family",
"name": "SUSE Linux Enterprise"
}
],
"category": "vendor",
"name": "SUSE"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-default-4.12.14-95.6.1.x86_64 as component of SUSE Linux Enterprise Desktop 12 SP4",
"product_id": "SUSE Linux Enterprise Desktop 12 SP4:kernel-default-4.12.14-95.6.1.x86_64"
},
"product_reference": "kernel-default-4.12.14-95.6.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Desktop 12 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-default-devel-4.12.14-95.6.1.x86_64 as component of SUSE Linux Enterprise Desktop 12 SP4",
"product_id": "SUSE Linux Enterprise Desktop 12 SP4:kernel-default-devel-4.12.14-95.6.1.x86_64"
},
"product_reference": "kernel-default-devel-4.12.14-95.6.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Desktop 12 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-default-extra-4.12.14-95.6.1.x86_64 as component of SUSE Linux Enterprise Desktop 12 SP4",
"product_id": "SUSE Linux Enterprise Desktop 12 SP4:kernel-default-extra-4.12.14-95.6.1.x86_64"
},
"product_reference": "kernel-default-extra-4.12.14-95.6.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Desktop 12 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-devel-4.12.14-95.6.1.noarch as component of SUSE Linux Enterprise Desktop 12 SP4",
"product_id": "SUSE Linux Enterprise Desktop 12 SP4:kernel-devel-4.12.14-95.6.1.noarch"
},
"product_reference": "kernel-devel-4.12.14-95.6.1.noarch",
"relates_to_product_reference": "SUSE Linux Enterprise Desktop 12 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-macros-4.12.14-95.6.1.noarch as component of SUSE Linux Enterprise Desktop 12 SP4",
"product_id": "SUSE Linux Enterprise Desktop 12 SP4:kernel-macros-4.12.14-95.6.1.noarch"
},
"product_reference": "kernel-macros-4.12.14-95.6.1.noarch",
"relates_to_product_reference": "SUSE Linux Enterprise Desktop 12 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-source-4.12.14-95.6.1.noarch as component of SUSE Linux Enterprise Desktop 12 SP4",
"product_id": "SUSE Linux Enterprise Desktop 12 SP4:kernel-source-4.12.14-95.6.1.noarch"
},
"product_reference": "kernel-source-4.12.14-95.6.1.noarch",
"relates_to_product_reference": "SUSE Linux Enterprise Desktop 12 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-syms-4.12.14-95.6.1.x86_64 as component of SUSE Linux Enterprise Desktop 12 SP4",
"product_id": "SUSE Linux Enterprise Desktop 12 SP4:kernel-syms-4.12.14-95.6.1.x86_64"
},
"product_reference": "kernel-syms-4.12.14-95.6.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Desktop 12 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "cluster-md-kmp-default-4.12.14-95.6.1.ppc64le as component of SUSE Linux Enterprise High Availability Extension 12 SP4",
"product_id": "SUSE Linux Enterprise High Availability Extension 12 SP4:cluster-md-kmp-default-4.12.14-95.6.1.ppc64le"
},
"product_reference": "cluster-md-kmp-default-4.12.14-95.6.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise High Availability Extension 12 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "cluster-md-kmp-default-4.12.14-95.6.1.s390x as component of SUSE Linux Enterprise High Availability Extension 12 SP4",
"product_id": "SUSE Linux Enterprise High Availability Extension 12 SP4:cluster-md-kmp-default-4.12.14-95.6.1.s390x"
},
"product_reference": "cluster-md-kmp-default-4.12.14-95.6.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise High Availability Extension 12 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "cluster-md-kmp-default-4.12.14-95.6.1.x86_64 as component of SUSE Linux Enterprise High Availability Extension 12 SP4",
"product_id": "SUSE Linux Enterprise High Availability Extension 12 SP4:cluster-md-kmp-default-4.12.14-95.6.1.x86_64"
},
"product_reference": "cluster-md-kmp-default-4.12.14-95.6.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise High Availability Extension 12 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "dlm-kmp-default-4.12.14-95.6.1.ppc64le as component of SUSE Linux Enterprise High Availability Extension 12 SP4",
"product_id": "SUSE Linux Enterprise High Availability Extension 12 SP4:dlm-kmp-default-4.12.14-95.6.1.ppc64le"
},
"product_reference": "dlm-kmp-default-4.12.14-95.6.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise High Availability Extension 12 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "dlm-kmp-default-4.12.14-95.6.1.s390x as component of SUSE Linux Enterprise High Availability Extension 12 SP4",
"product_id": "SUSE Linux Enterprise High Availability Extension 12 SP4:dlm-kmp-default-4.12.14-95.6.1.s390x"
},
"product_reference": "dlm-kmp-default-4.12.14-95.6.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise High Availability Extension 12 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "dlm-kmp-default-4.12.14-95.6.1.x86_64 as component of SUSE Linux Enterprise High Availability Extension 12 SP4",
"product_id": "SUSE Linux Enterprise High Availability Extension 12 SP4:dlm-kmp-default-4.12.14-95.6.1.x86_64"
},
"product_reference": "dlm-kmp-default-4.12.14-95.6.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise High Availability Extension 12 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gfs2-kmp-default-4.12.14-95.6.1.ppc64le as component of SUSE Linux Enterprise High Availability Extension 12 SP4",
"product_id": "SUSE Linux Enterprise High Availability Extension 12 SP4:gfs2-kmp-default-4.12.14-95.6.1.ppc64le"
},
"product_reference": "gfs2-kmp-default-4.12.14-95.6.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise High Availability Extension 12 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gfs2-kmp-default-4.12.14-95.6.1.s390x as component of SUSE Linux Enterprise High Availability Extension 12 SP4",
"product_id": "SUSE Linux Enterprise High Availability Extension 12 SP4:gfs2-kmp-default-4.12.14-95.6.1.s390x"
},
"product_reference": "gfs2-kmp-default-4.12.14-95.6.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise High Availability Extension 12 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gfs2-kmp-default-4.12.14-95.6.1.x86_64 as component of SUSE Linux Enterprise High Availability Extension 12 SP4",
"product_id": "SUSE Linux Enterprise High Availability Extension 12 SP4:gfs2-kmp-default-4.12.14-95.6.1.x86_64"
},
"product_reference": "gfs2-kmp-default-4.12.14-95.6.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise High Availability Extension 12 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ocfs2-kmp-default-4.12.14-95.6.1.ppc64le as component of SUSE Linux Enterprise High Availability Extension 12 SP4",
"product_id": "SUSE Linux Enterprise High Availability Extension 12 SP4:ocfs2-kmp-default-4.12.14-95.6.1.ppc64le"
},
"product_reference": "ocfs2-kmp-default-4.12.14-95.6.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise High Availability Extension 12 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ocfs2-kmp-default-4.12.14-95.6.1.s390x as component of SUSE Linux Enterprise High Availability Extension 12 SP4",
"product_id": "SUSE Linux Enterprise High Availability Extension 12 SP4:ocfs2-kmp-default-4.12.14-95.6.1.s390x"
},
"product_reference": "ocfs2-kmp-default-4.12.14-95.6.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise High Availability Extension 12 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ocfs2-kmp-default-4.12.14-95.6.1.x86_64 as component of SUSE Linux Enterprise High Availability Extension 12 SP4",
"product_id": "SUSE Linux Enterprise High Availability Extension 12 SP4:ocfs2-kmp-default-4.12.14-95.6.1.x86_64"
},
"product_reference": "ocfs2-kmp-default-4.12.14-95.6.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise High Availability Extension 12 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kgraft-patch-4_12_14-95_6-default-1-6.3.1.ppc64le as component of SUSE Linux Enterprise Live Patching 12 SP4",
"product_id": "SUSE Linux Enterprise Live Patching 12 SP4:kgraft-patch-4_12_14-95_6-default-1-6.3.1.ppc64le"
},
"product_reference": "kgraft-patch-4_12_14-95_6-default-1-6.3.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Live Patching 12 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kgraft-patch-4_12_14-95_6-default-1-6.3.1.x86_64 as component of SUSE Linux Enterprise Live Patching 12 SP4",
"product_id": "SUSE Linux Enterprise Live Patching 12 SP4:kgraft-patch-4_12_14-95_6-default-1-6.3.1.x86_64"
},
"product_reference": "kgraft-patch-4_12_14-95_6-default-1-6.3.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Live Patching 12 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-docs-4.12.14-95.6.1.noarch as component of SUSE Linux Enterprise Software Development Kit 12 SP4",
"product_id": "SUSE Linux Enterprise Software Development Kit 12 SP4:kernel-docs-4.12.14-95.6.1.noarch"
},
"product_reference": "kernel-docs-4.12.14-95.6.1.noarch",
"relates_to_product_reference": "SUSE Linux Enterprise Software Development Kit 12 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-obs-build-4.12.14-95.6.1.aarch64 as component of SUSE Linux Enterprise Software Development Kit 12 SP4",
"product_id": "SUSE Linux Enterprise Software Development Kit 12 SP4:kernel-obs-build-4.12.14-95.6.1.aarch64"
},
"product_reference": "kernel-obs-build-4.12.14-95.6.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Software Development Kit 12 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-obs-build-4.12.14-95.6.1.ppc64le as component of SUSE Linux Enterprise Software Development Kit 12 SP4",
"product_id": "SUSE Linux Enterprise Software Development Kit 12 SP4:kernel-obs-build-4.12.14-95.6.1.ppc64le"
},
"product_reference": "kernel-obs-build-4.12.14-95.6.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Software Development Kit 12 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-obs-build-4.12.14-95.6.1.s390x as component of SUSE Linux Enterprise Software Development Kit 12 SP4",
"product_id": "SUSE Linux Enterprise Software Development Kit 12 SP4:kernel-obs-build-4.12.14-95.6.1.s390x"
},
"product_reference": "kernel-obs-build-4.12.14-95.6.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Software Development Kit 12 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-obs-build-4.12.14-95.6.1.x86_64 as component of SUSE Linux Enterprise Software Development Kit 12 SP4",
"product_id": "SUSE Linux Enterprise Software Development Kit 12 SP4:kernel-obs-build-4.12.14-95.6.1.x86_64"
},
"product_reference": "kernel-obs-build-4.12.14-95.6.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Software Development Kit 12 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-default-4.12.14-95.6.1.aarch64 as component of SUSE Linux Enterprise Server 12 SP4",
"product_id": "SUSE Linux Enterprise Server 12 SP4:kernel-default-4.12.14-95.6.1.aarch64"
},
"product_reference": "kernel-default-4.12.14-95.6.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-default-4.12.14-95.6.1.ppc64le as component of SUSE Linux Enterprise Server 12 SP4",
"product_id": "SUSE Linux Enterprise Server 12 SP4:kernel-default-4.12.14-95.6.1.ppc64le"
},
"product_reference": "kernel-default-4.12.14-95.6.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-default-4.12.14-95.6.1.s390x as component of SUSE Linux Enterprise Server 12 SP4",
"product_id": "SUSE Linux Enterprise Server 12 SP4:kernel-default-4.12.14-95.6.1.s390x"
},
"product_reference": "kernel-default-4.12.14-95.6.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-default-4.12.14-95.6.1.x86_64 as component of SUSE Linux Enterprise Server 12 SP4",
"product_id": "SUSE Linux Enterprise Server 12 SP4:kernel-default-4.12.14-95.6.1.x86_64"
},
"product_reference": "kernel-default-4.12.14-95.6.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-default-base-4.12.14-95.6.1.aarch64 as component of SUSE Linux Enterprise Server 12 SP4",
"product_id": "SUSE Linux Enterprise Server 12 SP4:kernel-default-base-4.12.14-95.6.1.aarch64"
},
"product_reference": "kernel-default-base-4.12.14-95.6.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-default-base-4.12.14-95.6.1.ppc64le as component of SUSE Linux Enterprise Server 12 SP4",
"product_id": "SUSE Linux Enterprise Server 12 SP4:kernel-default-base-4.12.14-95.6.1.ppc64le"
},
"product_reference": "kernel-default-base-4.12.14-95.6.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-default-base-4.12.14-95.6.1.s390x as component of SUSE Linux Enterprise Server 12 SP4",
"product_id": "SUSE Linux Enterprise Server 12 SP4:kernel-default-base-4.12.14-95.6.1.s390x"
},
"product_reference": "kernel-default-base-4.12.14-95.6.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-default-base-4.12.14-95.6.1.x86_64 as component of SUSE Linux Enterprise Server 12 SP4",
"product_id": "SUSE Linux Enterprise Server 12 SP4:kernel-default-base-4.12.14-95.6.1.x86_64"
},
"product_reference": "kernel-default-base-4.12.14-95.6.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-default-devel-4.12.14-95.6.1.aarch64 as component of SUSE Linux Enterprise Server 12 SP4",
"product_id": "SUSE Linux Enterprise Server 12 SP4:kernel-default-devel-4.12.14-95.6.1.aarch64"
},
"product_reference": "kernel-default-devel-4.12.14-95.6.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-default-devel-4.12.14-95.6.1.ppc64le as component of SUSE Linux Enterprise Server 12 SP4",
"product_id": "SUSE Linux Enterprise Server 12 SP4:kernel-default-devel-4.12.14-95.6.1.ppc64le"
},
"product_reference": "kernel-default-devel-4.12.14-95.6.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-default-devel-4.12.14-95.6.1.s390x as component of SUSE Linux Enterprise Server 12 SP4",
"product_id": "SUSE Linux Enterprise Server 12 SP4:kernel-default-devel-4.12.14-95.6.1.s390x"
},
"product_reference": "kernel-default-devel-4.12.14-95.6.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-default-devel-4.12.14-95.6.1.x86_64 as component of SUSE Linux Enterprise Server 12 SP4",
"product_id": "SUSE Linux Enterprise Server 12 SP4:kernel-default-devel-4.12.14-95.6.1.x86_64"
},
"product_reference": "kernel-default-devel-4.12.14-95.6.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-default-man-4.12.14-95.6.1.s390x as component of SUSE Linux Enterprise Server 12 SP4",
"product_id": "SUSE Linux Enterprise Server 12 SP4:kernel-default-man-4.12.14-95.6.1.s390x"
},
"product_reference": "kernel-default-man-4.12.14-95.6.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-devel-4.12.14-95.6.1.noarch as component of SUSE Linux Enterprise Server 12 SP4",
"product_id": "SUSE Linux Enterprise Server 12 SP4:kernel-devel-4.12.14-95.6.1.noarch"
},
"product_reference": "kernel-devel-4.12.14-95.6.1.noarch",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-macros-4.12.14-95.6.1.noarch as component of SUSE Linux Enterprise Server 12 SP4",
"product_id": "SUSE Linux Enterprise Server 12 SP4:kernel-macros-4.12.14-95.6.1.noarch"
},
"product_reference": "kernel-macros-4.12.14-95.6.1.noarch",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-source-4.12.14-95.6.1.noarch as component of SUSE Linux Enterprise Server 12 SP4",
"product_id": "SUSE Linux Enterprise Server 12 SP4:kernel-source-4.12.14-95.6.1.noarch"
},
"product_reference": "kernel-source-4.12.14-95.6.1.noarch",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-syms-4.12.14-95.6.1.aarch64 as component of SUSE Linux Enterprise Server 12 SP4",
"product_id": "SUSE Linux Enterprise Server 12 SP4:kernel-syms-4.12.14-95.6.1.aarch64"
},
"product_reference": "kernel-syms-4.12.14-95.6.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-syms-4.12.14-95.6.1.ppc64le as component of SUSE Linux Enterprise Server 12 SP4",
"product_id": "SUSE Linux Enterprise Server 12 SP4:kernel-syms-4.12.14-95.6.1.ppc64le"
},
"product_reference": "kernel-syms-4.12.14-95.6.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-syms-4.12.14-95.6.1.s390x as component of SUSE Linux Enterprise Server 12 SP4",
"product_id": "SUSE Linux Enterprise Server 12 SP4:kernel-syms-4.12.14-95.6.1.s390x"
},
"product_reference": "kernel-syms-4.12.14-95.6.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-syms-4.12.14-95.6.1.x86_64 as component of SUSE Linux Enterprise Server 12 SP4",
"product_id": "SUSE Linux Enterprise Server 12 SP4:kernel-syms-4.12.14-95.6.1.x86_64"
},
"product_reference": "kernel-syms-4.12.14-95.6.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-default-4.12.14-95.6.1.aarch64 as component of SUSE Linux Enterprise Server for SAP Applications 12 SP4",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-default-4.12.14-95.6.1.aarch64"
},
"product_reference": "kernel-default-4.12.14-95.6.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 12 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-default-4.12.14-95.6.1.ppc64le as component of SUSE Linux Enterprise Server for SAP Applications 12 SP4",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-default-4.12.14-95.6.1.ppc64le"
},
"product_reference": "kernel-default-4.12.14-95.6.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 12 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-default-4.12.14-95.6.1.s390x as component of SUSE Linux Enterprise Server for SAP Applications 12 SP4",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-default-4.12.14-95.6.1.s390x"
},
"product_reference": "kernel-default-4.12.14-95.6.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 12 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-default-4.12.14-95.6.1.x86_64 as component of SUSE Linux Enterprise Server for SAP Applications 12 SP4",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-default-4.12.14-95.6.1.x86_64"
},
"product_reference": "kernel-default-4.12.14-95.6.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 12 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-default-base-4.12.14-95.6.1.aarch64 as component of SUSE Linux Enterprise Server for SAP Applications 12 SP4",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-default-base-4.12.14-95.6.1.aarch64"
},
"product_reference": "kernel-default-base-4.12.14-95.6.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 12 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-default-base-4.12.14-95.6.1.ppc64le as component of SUSE Linux Enterprise Server for SAP Applications 12 SP4",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-default-base-4.12.14-95.6.1.ppc64le"
},
"product_reference": "kernel-default-base-4.12.14-95.6.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 12 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-default-base-4.12.14-95.6.1.s390x as component of SUSE Linux Enterprise Server for SAP Applications 12 SP4",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-default-base-4.12.14-95.6.1.s390x"
},
"product_reference": "kernel-default-base-4.12.14-95.6.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 12 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-default-base-4.12.14-95.6.1.x86_64 as component of SUSE Linux Enterprise Server for SAP Applications 12 SP4",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-default-base-4.12.14-95.6.1.x86_64"
},
"product_reference": "kernel-default-base-4.12.14-95.6.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 12 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-default-devel-4.12.14-95.6.1.aarch64 as component of SUSE Linux Enterprise Server for SAP Applications 12 SP4",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-default-devel-4.12.14-95.6.1.aarch64"
},
"product_reference": "kernel-default-devel-4.12.14-95.6.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 12 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-default-devel-4.12.14-95.6.1.ppc64le as component of SUSE Linux Enterprise Server for SAP Applications 12 SP4",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-default-devel-4.12.14-95.6.1.ppc64le"
},
"product_reference": "kernel-default-devel-4.12.14-95.6.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 12 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-default-devel-4.12.14-95.6.1.s390x as component of SUSE Linux Enterprise Server for SAP Applications 12 SP4",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-default-devel-4.12.14-95.6.1.s390x"
},
"product_reference": "kernel-default-devel-4.12.14-95.6.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 12 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-default-devel-4.12.14-95.6.1.x86_64 as component of SUSE Linux Enterprise Server for SAP Applications 12 SP4",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-default-devel-4.12.14-95.6.1.x86_64"
},
"product_reference": "kernel-default-devel-4.12.14-95.6.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 12 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-default-man-4.12.14-95.6.1.s390x as component of SUSE Linux Enterprise Server for SAP Applications 12 SP4",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-default-man-4.12.14-95.6.1.s390x"
},
"product_reference": "kernel-default-man-4.12.14-95.6.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 12 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-devel-4.12.14-95.6.1.noarch as component of SUSE Linux Enterprise Server for SAP Applications 12 SP4",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-devel-4.12.14-95.6.1.noarch"
},
"product_reference": "kernel-devel-4.12.14-95.6.1.noarch",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 12 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-macros-4.12.14-95.6.1.noarch as component of SUSE Linux Enterprise Server for SAP Applications 12 SP4",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-macros-4.12.14-95.6.1.noarch"
},
"product_reference": "kernel-macros-4.12.14-95.6.1.noarch",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 12 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-source-4.12.14-95.6.1.noarch as component of SUSE Linux Enterprise Server for SAP Applications 12 SP4",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-source-4.12.14-95.6.1.noarch"
},
"product_reference": "kernel-source-4.12.14-95.6.1.noarch",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 12 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-syms-4.12.14-95.6.1.aarch64 as component of SUSE Linux Enterprise Server for SAP Applications 12 SP4",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-syms-4.12.14-95.6.1.aarch64"
},
"product_reference": "kernel-syms-4.12.14-95.6.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 12 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-syms-4.12.14-95.6.1.ppc64le as component of SUSE Linux Enterprise Server for SAP Applications 12 SP4",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-syms-4.12.14-95.6.1.ppc64le"
},
"product_reference": "kernel-syms-4.12.14-95.6.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 12 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-syms-4.12.14-95.6.1.s390x as component of SUSE Linux Enterprise Server for SAP Applications 12 SP4",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-syms-4.12.14-95.6.1.s390x"
},
"product_reference": "kernel-syms-4.12.14-95.6.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 12 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-syms-4.12.14-95.6.1.x86_64 as component of SUSE Linux Enterprise Server for SAP Applications 12 SP4",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-syms-4.12.14-95.6.1.x86_64"
},
"product_reference": "kernel-syms-4.12.14-95.6.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 12 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-default-extra-4.12.14-95.6.1.x86_64 as component of SUSE Linux Enterprise Workstation Extension 12 SP4",
"product_id": "SUSE Linux Enterprise Workstation Extension 12 SP4:kernel-default-extra-4.12.14-95.6.1.x86_64"
},
"product_reference": "kernel-default-extra-4.12.14-95.6.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Workstation Extension 12 SP4"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2018-12232",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2018-12232"
}
],
"notes": [
{
"category": "general",
"text": "In net/socket.c in the Linux kernel through 4.17.1, there is a race condition between fchownat and close in cases where they target the same socket file descriptor, related to the sock_close and sockfs_setattr functions. fchownat does not increment the file descriptor reference count, which allows close to set the socket to NULL during fchownat\u0027s execution, leading to a NULL pointer dereference and system crash.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Desktop 12 SP4:kernel-default-4.12.14-95.6.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP4:kernel-default-devel-4.12.14-95.6.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP4:kernel-default-extra-4.12.14-95.6.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP4:kernel-devel-4.12.14-95.6.1.noarch",
"SUSE Linux Enterprise Desktop 12 SP4:kernel-macros-4.12.14-95.6.1.noarch",
"SUSE Linux Enterprise Desktop 12 SP4:kernel-source-4.12.14-95.6.1.noarch",
"SUSE Linux Enterprise Desktop 12 SP4:kernel-syms-4.12.14-95.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP4:cluster-md-kmp-default-4.12.14-95.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP4:cluster-md-kmp-default-4.12.14-95.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP4:cluster-md-kmp-default-4.12.14-95.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP4:dlm-kmp-default-4.12.14-95.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP4:dlm-kmp-default-4.12.14-95.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP4:dlm-kmp-default-4.12.14-95.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP4:gfs2-kmp-default-4.12.14-95.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP4:gfs2-kmp-default-4.12.14-95.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP4:gfs2-kmp-default-4.12.14-95.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP4:ocfs2-kmp-default-4.12.14-95.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP4:ocfs2-kmp-default-4.12.14-95.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP4:ocfs2-kmp-default-4.12.14-95.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP4:kgraft-patch-4_12_14-95_6-default-1-6.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP4:kgraft-patch-4_12_14-95_6-default-1-6.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP4:kernel-default-4.12.14-95.6.1.aarch64",
"SUSE Linux Enterprise Server 12 SP4:kernel-default-4.12.14-95.6.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP4:kernel-default-4.12.14-95.6.1.s390x",
"SUSE Linux Enterprise Server 12 SP4:kernel-default-4.12.14-95.6.1.x86_64",
"SUSE Linux Enterprise Server 12 SP4:kernel-default-base-4.12.14-95.6.1.aarch64",
"SUSE Linux Enterprise Server 12 SP4:kernel-default-base-4.12.14-95.6.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP4:kernel-default-base-4.12.14-95.6.1.s390x",
"SUSE Linux Enterprise Server 12 SP4:kernel-default-base-4.12.14-95.6.1.x86_64",
"SUSE Linux Enterprise Server 12 SP4:kernel-default-devel-4.12.14-95.6.1.aarch64",
"SUSE Linux Enterprise Server 12 SP4:kernel-default-devel-4.12.14-95.6.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP4:kernel-default-devel-4.12.14-95.6.1.s390x",
"SUSE Linux Enterprise Server 12 SP4:kernel-default-devel-4.12.14-95.6.1.x86_64",
"SUSE Linux Enterprise Server 12 SP4:kernel-default-man-4.12.14-95.6.1.s390x",
"SUSE Linux Enterprise Server 12 SP4:kernel-devel-4.12.14-95.6.1.noarch",
"SUSE Linux Enterprise Server 12 SP4:kernel-macros-4.12.14-95.6.1.noarch",
"SUSE Linux Enterprise Server 12 SP4:kernel-source-4.12.14-95.6.1.noarch",
"SUSE Linux Enterprise Server 12 SP4:kernel-syms-4.12.14-95.6.1.aarch64",
"SUSE Linux Enterprise Server 12 SP4:kernel-syms-4.12.14-95.6.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP4:kernel-syms-4.12.14-95.6.1.s390x",
"SUSE Linux Enterprise Server 12 SP4:kernel-syms-4.12.14-95.6.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-default-4.12.14-95.6.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-default-4.12.14-95.6.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-default-4.12.14-95.6.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-default-4.12.14-95.6.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-default-base-4.12.14-95.6.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-default-base-4.12.14-95.6.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-default-base-4.12.14-95.6.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-default-base-4.12.14-95.6.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-default-devel-4.12.14-95.6.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-default-devel-4.12.14-95.6.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-default-devel-4.12.14-95.6.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-default-devel-4.12.14-95.6.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-default-man-4.12.14-95.6.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-devel-4.12.14-95.6.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-macros-4.12.14-95.6.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-source-4.12.14-95.6.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-syms-4.12.14-95.6.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-syms-4.12.14-95.6.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-syms-4.12.14-95.6.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-syms-4.12.14-95.6.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP4:kernel-docs-4.12.14-95.6.1.noarch",
"SUSE Linux Enterprise Software Development Kit 12 SP4:kernel-obs-build-4.12.14-95.6.1.aarch64",
"SUSE Linux Enterprise Software Development Kit 12 SP4:kernel-obs-build-4.12.14-95.6.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP4:kernel-obs-build-4.12.14-95.6.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP4:kernel-obs-build-4.12.14-95.6.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 12 SP4:kernel-default-extra-4.12.14-95.6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2018-12232",
"url": "https://www.suse.com/security/cve/CVE-2018-12232"
},
{
"category": "external",
"summary": "SUSE Bug 1087082 for CVE-2018-12232",
"url": "https://bugzilla.suse.com/1087082"
},
{
"category": "external",
"summary": "SUSE Bug 1097593 for CVE-2018-12232",
"url": "https://bugzilla.suse.com/1097593"
},
{
"category": "external",
"summary": "SUSE Bug 1125907 for CVE-2018-12232",
"url": "https://bugzilla.suse.com/1125907"
},
{
"category": "external",
"summary": "SUSE Bug 1127757 for CVE-2018-12232",
"url": "https://bugzilla.suse.com/1127757"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Desktop 12 SP4:kernel-default-4.12.14-95.6.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP4:kernel-default-devel-4.12.14-95.6.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP4:kernel-default-extra-4.12.14-95.6.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP4:kernel-devel-4.12.14-95.6.1.noarch",
"SUSE Linux Enterprise Desktop 12 SP4:kernel-macros-4.12.14-95.6.1.noarch",
"SUSE Linux Enterprise Desktop 12 SP4:kernel-source-4.12.14-95.6.1.noarch",
"SUSE Linux Enterprise Desktop 12 SP4:kernel-syms-4.12.14-95.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP4:cluster-md-kmp-default-4.12.14-95.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP4:cluster-md-kmp-default-4.12.14-95.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP4:cluster-md-kmp-default-4.12.14-95.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP4:dlm-kmp-default-4.12.14-95.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP4:dlm-kmp-default-4.12.14-95.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP4:dlm-kmp-default-4.12.14-95.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP4:gfs2-kmp-default-4.12.14-95.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP4:gfs2-kmp-default-4.12.14-95.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP4:gfs2-kmp-default-4.12.14-95.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP4:ocfs2-kmp-default-4.12.14-95.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP4:ocfs2-kmp-default-4.12.14-95.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP4:ocfs2-kmp-default-4.12.14-95.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP4:kgraft-patch-4_12_14-95_6-default-1-6.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP4:kgraft-patch-4_12_14-95_6-default-1-6.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP4:kernel-default-4.12.14-95.6.1.aarch64",
"SUSE Linux Enterprise Server 12 SP4:kernel-default-4.12.14-95.6.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP4:kernel-default-4.12.14-95.6.1.s390x",
"SUSE Linux Enterprise Server 12 SP4:kernel-default-4.12.14-95.6.1.x86_64",
"SUSE Linux Enterprise Server 12 SP4:kernel-default-base-4.12.14-95.6.1.aarch64",
"SUSE Linux Enterprise Server 12 SP4:kernel-default-base-4.12.14-95.6.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP4:kernel-default-base-4.12.14-95.6.1.s390x",
"SUSE Linux Enterprise Server 12 SP4:kernel-default-base-4.12.14-95.6.1.x86_64",
"SUSE Linux Enterprise Server 12 SP4:kernel-default-devel-4.12.14-95.6.1.aarch64",
"SUSE Linux Enterprise Server 12 SP4:kernel-default-devel-4.12.14-95.6.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP4:kernel-default-devel-4.12.14-95.6.1.s390x",
"SUSE Linux Enterprise Server 12 SP4:kernel-default-devel-4.12.14-95.6.1.x86_64",
"SUSE Linux Enterprise Server 12 SP4:kernel-default-man-4.12.14-95.6.1.s390x",
"SUSE Linux Enterprise Server 12 SP4:kernel-devel-4.12.14-95.6.1.noarch",
"SUSE Linux Enterprise Server 12 SP4:kernel-macros-4.12.14-95.6.1.noarch",
"SUSE Linux Enterprise Server 12 SP4:kernel-source-4.12.14-95.6.1.noarch",
"SUSE Linux Enterprise Server 12 SP4:kernel-syms-4.12.14-95.6.1.aarch64",
"SUSE Linux Enterprise Server 12 SP4:kernel-syms-4.12.14-95.6.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP4:kernel-syms-4.12.14-95.6.1.s390x",
"SUSE Linux Enterprise Server 12 SP4:kernel-syms-4.12.14-95.6.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-default-4.12.14-95.6.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-default-4.12.14-95.6.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-default-4.12.14-95.6.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-default-4.12.14-95.6.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-default-base-4.12.14-95.6.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-default-base-4.12.14-95.6.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-default-base-4.12.14-95.6.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-default-base-4.12.14-95.6.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-default-devel-4.12.14-95.6.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-default-devel-4.12.14-95.6.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-default-devel-4.12.14-95.6.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-default-devel-4.12.14-95.6.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-default-man-4.12.14-95.6.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-devel-4.12.14-95.6.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-macros-4.12.14-95.6.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-source-4.12.14-95.6.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-syms-4.12.14-95.6.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-syms-4.12.14-95.6.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-syms-4.12.14-95.6.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-syms-4.12.14-95.6.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP4:kernel-docs-4.12.14-95.6.1.noarch",
"SUSE Linux Enterprise Software Development Kit 12 SP4:kernel-obs-build-4.12.14-95.6.1.aarch64",
"SUSE Linux Enterprise Software Development Kit 12 SP4:kernel-obs-build-4.12.14-95.6.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP4:kernel-obs-build-4.12.14-95.6.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP4:kernel-obs-build-4.12.14-95.6.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 12 SP4:kernel-default-extra-4.12.14-95.6.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.0"
},
"products": [
"SUSE Linux Enterprise Desktop 12 SP4:kernel-default-4.12.14-95.6.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP4:kernel-default-devel-4.12.14-95.6.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP4:kernel-default-extra-4.12.14-95.6.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP4:kernel-devel-4.12.14-95.6.1.noarch",
"SUSE Linux Enterprise Desktop 12 SP4:kernel-macros-4.12.14-95.6.1.noarch",
"SUSE Linux Enterprise Desktop 12 SP4:kernel-source-4.12.14-95.6.1.noarch",
"SUSE Linux Enterprise Desktop 12 SP4:kernel-syms-4.12.14-95.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP4:cluster-md-kmp-default-4.12.14-95.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP4:cluster-md-kmp-default-4.12.14-95.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP4:cluster-md-kmp-default-4.12.14-95.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP4:dlm-kmp-default-4.12.14-95.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP4:dlm-kmp-default-4.12.14-95.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP4:dlm-kmp-default-4.12.14-95.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP4:gfs2-kmp-default-4.12.14-95.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP4:gfs2-kmp-default-4.12.14-95.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP4:gfs2-kmp-default-4.12.14-95.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP4:ocfs2-kmp-default-4.12.14-95.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP4:ocfs2-kmp-default-4.12.14-95.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP4:ocfs2-kmp-default-4.12.14-95.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP4:kgraft-patch-4_12_14-95_6-default-1-6.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP4:kgraft-patch-4_12_14-95_6-default-1-6.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP4:kernel-default-4.12.14-95.6.1.aarch64",
"SUSE Linux Enterprise Server 12 SP4:kernel-default-4.12.14-95.6.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP4:kernel-default-4.12.14-95.6.1.s390x",
"SUSE Linux Enterprise Server 12 SP4:kernel-default-4.12.14-95.6.1.x86_64",
"SUSE Linux Enterprise Server 12 SP4:kernel-default-base-4.12.14-95.6.1.aarch64",
"SUSE Linux Enterprise Server 12 SP4:kernel-default-base-4.12.14-95.6.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP4:kernel-default-base-4.12.14-95.6.1.s390x",
"SUSE Linux Enterprise Server 12 SP4:kernel-default-base-4.12.14-95.6.1.x86_64",
"SUSE Linux Enterprise Server 12 SP4:kernel-default-devel-4.12.14-95.6.1.aarch64",
"SUSE Linux Enterprise Server 12 SP4:kernel-default-devel-4.12.14-95.6.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP4:kernel-default-devel-4.12.14-95.6.1.s390x",
"SUSE Linux Enterprise Server 12 SP4:kernel-default-devel-4.12.14-95.6.1.x86_64",
"SUSE Linux Enterprise Server 12 SP4:kernel-default-man-4.12.14-95.6.1.s390x",
"SUSE Linux Enterprise Server 12 SP4:kernel-devel-4.12.14-95.6.1.noarch",
"SUSE Linux Enterprise Server 12 SP4:kernel-macros-4.12.14-95.6.1.noarch",
"SUSE Linux Enterprise Server 12 SP4:kernel-source-4.12.14-95.6.1.noarch",
"SUSE Linux Enterprise Server 12 SP4:kernel-syms-4.12.14-95.6.1.aarch64",
"SUSE Linux Enterprise Server 12 SP4:kernel-syms-4.12.14-95.6.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP4:kernel-syms-4.12.14-95.6.1.s390x",
"SUSE Linux Enterprise Server 12 SP4:kernel-syms-4.12.14-95.6.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-default-4.12.14-95.6.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-default-4.12.14-95.6.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-default-4.12.14-95.6.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-default-4.12.14-95.6.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-default-base-4.12.14-95.6.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-default-base-4.12.14-95.6.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-default-base-4.12.14-95.6.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-default-base-4.12.14-95.6.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-default-devel-4.12.14-95.6.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-default-devel-4.12.14-95.6.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-default-devel-4.12.14-95.6.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-default-devel-4.12.14-95.6.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-default-man-4.12.14-95.6.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-devel-4.12.14-95.6.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-macros-4.12.14-95.6.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-source-4.12.14-95.6.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-syms-4.12.14-95.6.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-syms-4.12.14-95.6.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-syms-4.12.14-95.6.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-syms-4.12.14-95.6.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP4:kernel-docs-4.12.14-95.6.1.noarch",
"SUSE Linux Enterprise Software Development Kit 12 SP4:kernel-obs-build-4.12.14-95.6.1.aarch64",
"SUSE Linux Enterprise Software Development Kit 12 SP4:kernel-obs-build-4.12.14-95.6.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP4:kernel-obs-build-4.12.14-95.6.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP4:kernel-obs-build-4.12.14-95.6.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 12 SP4:kernel-default-extra-4.12.14-95.6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2019-01-29T12:14:56Z",
"details": "important"
}
],
"title": "CVE-2018-12232"
},
{
"cve": "CVE-2018-14625",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2018-14625"
}
],
"notes": [
{
"category": "general",
"text": "A flaw was found in the Linux Kernel where an attacker may be able to have an uncontrolled read to kernel-memory from within a vm guest. A race condition between connect() and close() function may allow an attacker using the AF_VSOCK protocol to gather a 4 byte information leak or possibly intercept or corrupt AF_VSOCK messages destined to other clients.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Desktop 12 SP4:kernel-default-4.12.14-95.6.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP4:kernel-default-devel-4.12.14-95.6.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP4:kernel-default-extra-4.12.14-95.6.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP4:kernel-devel-4.12.14-95.6.1.noarch",
"SUSE Linux Enterprise Desktop 12 SP4:kernel-macros-4.12.14-95.6.1.noarch",
"SUSE Linux Enterprise Desktop 12 SP4:kernel-source-4.12.14-95.6.1.noarch",
"SUSE Linux Enterprise Desktop 12 SP4:kernel-syms-4.12.14-95.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP4:cluster-md-kmp-default-4.12.14-95.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP4:cluster-md-kmp-default-4.12.14-95.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP4:cluster-md-kmp-default-4.12.14-95.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP4:dlm-kmp-default-4.12.14-95.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP4:dlm-kmp-default-4.12.14-95.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP4:dlm-kmp-default-4.12.14-95.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP4:gfs2-kmp-default-4.12.14-95.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP4:gfs2-kmp-default-4.12.14-95.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP4:gfs2-kmp-default-4.12.14-95.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP4:ocfs2-kmp-default-4.12.14-95.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP4:ocfs2-kmp-default-4.12.14-95.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP4:ocfs2-kmp-default-4.12.14-95.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP4:kgraft-patch-4_12_14-95_6-default-1-6.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP4:kgraft-patch-4_12_14-95_6-default-1-6.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP4:kernel-default-4.12.14-95.6.1.aarch64",
"SUSE Linux Enterprise Server 12 SP4:kernel-default-4.12.14-95.6.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP4:kernel-default-4.12.14-95.6.1.s390x",
"SUSE Linux Enterprise Server 12 SP4:kernel-default-4.12.14-95.6.1.x86_64",
"SUSE Linux Enterprise Server 12 SP4:kernel-default-base-4.12.14-95.6.1.aarch64",
"SUSE Linux Enterprise Server 12 SP4:kernel-default-base-4.12.14-95.6.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP4:kernel-default-base-4.12.14-95.6.1.s390x",
"SUSE Linux Enterprise Server 12 SP4:kernel-default-base-4.12.14-95.6.1.x86_64",
"SUSE Linux Enterprise Server 12 SP4:kernel-default-devel-4.12.14-95.6.1.aarch64",
"SUSE Linux Enterprise Server 12 SP4:kernel-default-devel-4.12.14-95.6.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP4:kernel-default-devel-4.12.14-95.6.1.s390x",
"SUSE Linux Enterprise Server 12 SP4:kernel-default-devel-4.12.14-95.6.1.x86_64",
"SUSE Linux Enterprise Server 12 SP4:kernel-default-man-4.12.14-95.6.1.s390x",
"SUSE Linux Enterprise Server 12 SP4:kernel-devel-4.12.14-95.6.1.noarch",
"SUSE Linux Enterprise Server 12 SP4:kernel-macros-4.12.14-95.6.1.noarch",
"SUSE Linux Enterprise Server 12 SP4:kernel-source-4.12.14-95.6.1.noarch",
"SUSE Linux Enterprise Server 12 SP4:kernel-syms-4.12.14-95.6.1.aarch64",
"SUSE Linux Enterprise Server 12 SP4:kernel-syms-4.12.14-95.6.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP4:kernel-syms-4.12.14-95.6.1.s390x",
"SUSE Linux Enterprise Server 12 SP4:kernel-syms-4.12.14-95.6.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-default-4.12.14-95.6.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-default-4.12.14-95.6.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-default-4.12.14-95.6.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-default-4.12.14-95.6.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-default-base-4.12.14-95.6.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-default-base-4.12.14-95.6.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-default-base-4.12.14-95.6.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-default-base-4.12.14-95.6.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-default-devel-4.12.14-95.6.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-default-devel-4.12.14-95.6.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-default-devel-4.12.14-95.6.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-default-devel-4.12.14-95.6.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-default-man-4.12.14-95.6.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-devel-4.12.14-95.6.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-macros-4.12.14-95.6.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-source-4.12.14-95.6.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-syms-4.12.14-95.6.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-syms-4.12.14-95.6.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-syms-4.12.14-95.6.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-syms-4.12.14-95.6.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP4:kernel-docs-4.12.14-95.6.1.noarch",
"SUSE Linux Enterprise Software Development Kit 12 SP4:kernel-obs-build-4.12.14-95.6.1.aarch64",
"SUSE Linux Enterprise Software Development Kit 12 SP4:kernel-obs-build-4.12.14-95.6.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP4:kernel-obs-build-4.12.14-95.6.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP4:kernel-obs-build-4.12.14-95.6.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 12 SP4:kernel-default-extra-4.12.14-95.6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2018-14625",
"url": "https://www.suse.com/security/cve/CVE-2018-14625"
},
{
"category": "external",
"summary": "SUSE Bug 1106615 for CVE-2018-14625",
"url": "https://bugzilla.suse.com/1106615"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Desktop 12 SP4:kernel-default-4.12.14-95.6.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP4:kernel-default-devel-4.12.14-95.6.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP4:kernel-default-extra-4.12.14-95.6.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP4:kernel-devel-4.12.14-95.6.1.noarch",
"SUSE Linux Enterprise Desktop 12 SP4:kernel-macros-4.12.14-95.6.1.noarch",
"SUSE Linux Enterprise Desktop 12 SP4:kernel-source-4.12.14-95.6.1.noarch",
"SUSE Linux Enterprise Desktop 12 SP4:kernel-syms-4.12.14-95.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP4:cluster-md-kmp-default-4.12.14-95.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP4:cluster-md-kmp-default-4.12.14-95.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP4:cluster-md-kmp-default-4.12.14-95.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP4:dlm-kmp-default-4.12.14-95.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP4:dlm-kmp-default-4.12.14-95.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP4:dlm-kmp-default-4.12.14-95.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP4:gfs2-kmp-default-4.12.14-95.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP4:gfs2-kmp-default-4.12.14-95.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP4:gfs2-kmp-default-4.12.14-95.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP4:ocfs2-kmp-default-4.12.14-95.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP4:ocfs2-kmp-default-4.12.14-95.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP4:ocfs2-kmp-default-4.12.14-95.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP4:kgraft-patch-4_12_14-95_6-default-1-6.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP4:kgraft-patch-4_12_14-95_6-default-1-6.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP4:kernel-default-4.12.14-95.6.1.aarch64",
"SUSE Linux Enterprise Server 12 SP4:kernel-default-4.12.14-95.6.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP4:kernel-default-4.12.14-95.6.1.s390x",
"SUSE Linux Enterprise Server 12 SP4:kernel-default-4.12.14-95.6.1.x86_64",
"SUSE Linux Enterprise Server 12 SP4:kernel-default-base-4.12.14-95.6.1.aarch64",
"SUSE Linux Enterprise Server 12 SP4:kernel-default-base-4.12.14-95.6.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP4:kernel-default-base-4.12.14-95.6.1.s390x",
"SUSE Linux Enterprise Server 12 SP4:kernel-default-base-4.12.14-95.6.1.x86_64",
"SUSE Linux Enterprise Server 12 SP4:kernel-default-devel-4.12.14-95.6.1.aarch64",
"SUSE Linux Enterprise Server 12 SP4:kernel-default-devel-4.12.14-95.6.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP4:kernel-default-devel-4.12.14-95.6.1.s390x",
"SUSE Linux Enterprise Server 12 SP4:kernel-default-devel-4.12.14-95.6.1.x86_64",
"SUSE Linux Enterprise Server 12 SP4:kernel-default-man-4.12.14-95.6.1.s390x",
"SUSE Linux Enterprise Server 12 SP4:kernel-devel-4.12.14-95.6.1.noarch",
"SUSE Linux Enterprise Server 12 SP4:kernel-macros-4.12.14-95.6.1.noarch",
"SUSE Linux Enterprise Server 12 SP4:kernel-source-4.12.14-95.6.1.noarch",
"SUSE Linux Enterprise Server 12 SP4:kernel-syms-4.12.14-95.6.1.aarch64",
"SUSE Linux Enterprise Server 12 SP4:kernel-syms-4.12.14-95.6.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP4:kernel-syms-4.12.14-95.6.1.s390x",
"SUSE Linux Enterprise Server 12 SP4:kernel-syms-4.12.14-95.6.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-default-4.12.14-95.6.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-default-4.12.14-95.6.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-default-4.12.14-95.6.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-default-4.12.14-95.6.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-default-base-4.12.14-95.6.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-default-base-4.12.14-95.6.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-default-base-4.12.14-95.6.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-default-base-4.12.14-95.6.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-default-devel-4.12.14-95.6.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-default-devel-4.12.14-95.6.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-default-devel-4.12.14-95.6.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-default-devel-4.12.14-95.6.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-default-man-4.12.14-95.6.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-devel-4.12.14-95.6.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-macros-4.12.14-95.6.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-source-4.12.14-95.6.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-syms-4.12.14-95.6.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-syms-4.12.14-95.6.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-syms-4.12.14-95.6.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-syms-4.12.14-95.6.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP4:kernel-docs-4.12.14-95.6.1.noarch",
"SUSE Linux Enterprise Software Development Kit 12 SP4:kernel-obs-build-4.12.14-95.6.1.aarch64",
"SUSE Linux Enterprise Software Development Kit 12 SP4:kernel-obs-build-4.12.14-95.6.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP4:kernel-obs-build-4.12.14-95.6.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP4:kernel-obs-build-4.12.14-95.6.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 12 SP4:kernel-default-extra-4.12.14-95.6.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:L/A:H",
"version": "3.0"
},
"products": [
"SUSE Linux Enterprise Desktop 12 SP4:kernel-default-4.12.14-95.6.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP4:kernel-default-devel-4.12.14-95.6.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP4:kernel-default-extra-4.12.14-95.6.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP4:kernel-devel-4.12.14-95.6.1.noarch",
"SUSE Linux Enterprise Desktop 12 SP4:kernel-macros-4.12.14-95.6.1.noarch",
"SUSE Linux Enterprise Desktop 12 SP4:kernel-source-4.12.14-95.6.1.noarch",
"SUSE Linux Enterprise Desktop 12 SP4:kernel-syms-4.12.14-95.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP4:cluster-md-kmp-default-4.12.14-95.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP4:cluster-md-kmp-default-4.12.14-95.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP4:cluster-md-kmp-default-4.12.14-95.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP4:dlm-kmp-default-4.12.14-95.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP4:dlm-kmp-default-4.12.14-95.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP4:dlm-kmp-default-4.12.14-95.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP4:gfs2-kmp-default-4.12.14-95.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP4:gfs2-kmp-default-4.12.14-95.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP4:gfs2-kmp-default-4.12.14-95.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP4:ocfs2-kmp-default-4.12.14-95.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP4:ocfs2-kmp-default-4.12.14-95.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP4:ocfs2-kmp-default-4.12.14-95.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP4:kgraft-patch-4_12_14-95_6-default-1-6.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP4:kgraft-patch-4_12_14-95_6-default-1-6.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP4:kernel-default-4.12.14-95.6.1.aarch64",
"SUSE Linux Enterprise Server 12 SP4:kernel-default-4.12.14-95.6.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP4:kernel-default-4.12.14-95.6.1.s390x",
"SUSE Linux Enterprise Server 12 SP4:kernel-default-4.12.14-95.6.1.x86_64",
"SUSE Linux Enterprise Server 12 SP4:kernel-default-base-4.12.14-95.6.1.aarch64",
"SUSE Linux Enterprise Server 12 SP4:kernel-default-base-4.12.14-95.6.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP4:kernel-default-base-4.12.14-95.6.1.s390x",
"SUSE Linux Enterprise Server 12 SP4:kernel-default-base-4.12.14-95.6.1.x86_64",
"SUSE Linux Enterprise Server 12 SP4:kernel-default-devel-4.12.14-95.6.1.aarch64",
"SUSE Linux Enterprise Server 12 SP4:kernel-default-devel-4.12.14-95.6.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP4:kernel-default-devel-4.12.14-95.6.1.s390x",
"SUSE Linux Enterprise Server 12 SP4:kernel-default-devel-4.12.14-95.6.1.x86_64",
"SUSE Linux Enterprise Server 12 SP4:kernel-default-man-4.12.14-95.6.1.s390x",
"SUSE Linux Enterprise Server 12 SP4:kernel-devel-4.12.14-95.6.1.noarch",
"SUSE Linux Enterprise Server 12 SP4:kernel-macros-4.12.14-95.6.1.noarch",
"SUSE Linux Enterprise Server 12 SP4:kernel-source-4.12.14-95.6.1.noarch",
"SUSE Linux Enterprise Server 12 SP4:kernel-syms-4.12.14-95.6.1.aarch64",
"SUSE Linux Enterprise Server 12 SP4:kernel-syms-4.12.14-95.6.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP4:kernel-syms-4.12.14-95.6.1.s390x",
"SUSE Linux Enterprise Server 12 SP4:kernel-syms-4.12.14-95.6.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-default-4.12.14-95.6.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-default-4.12.14-95.6.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-default-4.12.14-95.6.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-default-4.12.14-95.6.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-default-base-4.12.14-95.6.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-default-base-4.12.14-95.6.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-default-base-4.12.14-95.6.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-default-base-4.12.14-95.6.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-default-devel-4.12.14-95.6.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-default-devel-4.12.14-95.6.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-default-devel-4.12.14-95.6.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-default-devel-4.12.14-95.6.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-default-man-4.12.14-95.6.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-devel-4.12.14-95.6.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-macros-4.12.14-95.6.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-source-4.12.14-95.6.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-syms-4.12.14-95.6.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-syms-4.12.14-95.6.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-syms-4.12.14-95.6.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-syms-4.12.14-95.6.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP4:kernel-docs-4.12.14-95.6.1.noarch",
"SUSE Linux Enterprise Software Development Kit 12 SP4:kernel-obs-build-4.12.14-95.6.1.aarch64",
"SUSE Linux Enterprise Software Development Kit 12 SP4:kernel-obs-build-4.12.14-95.6.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP4:kernel-obs-build-4.12.14-95.6.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP4:kernel-obs-build-4.12.14-95.6.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 12 SP4:kernel-default-extra-4.12.14-95.6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2019-01-29T12:14:56Z",
"details": "moderate"
}
],
"title": "CVE-2018-14625"
},
{
"cve": "CVE-2018-16862",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2018-16862"
}
],
"notes": [
{
"category": "general",
"text": "A security flaw was found in the Linux kernel in a way that the cleancache subsystem clears an inode after the final file truncation (removal). The new file created with the same inode may contain leftover pages from cleancache and the old file data instead of the new one.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Desktop 12 SP4:kernel-default-4.12.14-95.6.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP4:kernel-default-devel-4.12.14-95.6.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP4:kernel-default-extra-4.12.14-95.6.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP4:kernel-devel-4.12.14-95.6.1.noarch",
"SUSE Linux Enterprise Desktop 12 SP4:kernel-macros-4.12.14-95.6.1.noarch",
"SUSE Linux Enterprise Desktop 12 SP4:kernel-source-4.12.14-95.6.1.noarch",
"SUSE Linux Enterprise Desktop 12 SP4:kernel-syms-4.12.14-95.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP4:cluster-md-kmp-default-4.12.14-95.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP4:cluster-md-kmp-default-4.12.14-95.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP4:cluster-md-kmp-default-4.12.14-95.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP4:dlm-kmp-default-4.12.14-95.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP4:dlm-kmp-default-4.12.14-95.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP4:dlm-kmp-default-4.12.14-95.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP4:gfs2-kmp-default-4.12.14-95.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP4:gfs2-kmp-default-4.12.14-95.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP4:gfs2-kmp-default-4.12.14-95.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP4:ocfs2-kmp-default-4.12.14-95.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP4:ocfs2-kmp-default-4.12.14-95.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP4:ocfs2-kmp-default-4.12.14-95.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP4:kgraft-patch-4_12_14-95_6-default-1-6.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP4:kgraft-patch-4_12_14-95_6-default-1-6.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP4:kernel-default-4.12.14-95.6.1.aarch64",
"SUSE Linux Enterprise Server 12 SP4:kernel-default-4.12.14-95.6.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP4:kernel-default-4.12.14-95.6.1.s390x",
"SUSE Linux Enterprise Server 12 SP4:kernel-default-4.12.14-95.6.1.x86_64",
"SUSE Linux Enterprise Server 12 SP4:kernel-default-base-4.12.14-95.6.1.aarch64",
"SUSE Linux Enterprise Server 12 SP4:kernel-default-base-4.12.14-95.6.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP4:kernel-default-base-4.12.14-95.6.1.s390x",
"SUSE Linux Enterprise Server 12 SP4:kernel-default-base-4.12.14-95.6.1.x86_64",
"SUSE Linux Enterprise Server 12 SP4:kernel-default-devel-4.12.14-95.6.1.aarch64",
"SUSE Linux Enterprise Server 12 SP4:kernel-default-devel-4.12.14-95.6.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP4:kernel-default-devel-4.12.14-95.6.1.s390x",
"SUSE Linux Enterprise Server 12 SP4:kernel-default-devel-4.12.14-95.6.1.x86_64",
"SUSE Linux Enterprise Server 12 SP4:kernel-default-man-4.12.14-95.6.1.s390x",
"SUSE Linux Enterprise Server 12 SP4:kernel-devel-4.12.14-95.6.1.noarch",
"SUSE Linux Enterprise Server 12 SP4:kernel-macros-4.12.14-95.6.1.noarch",
"SUSE Linux Enterprise Server 12 SP4:kernel-source-4.12.14-95.6.1.noarch",
"SUSE Linux Enterprise Server 12 SP4:kernel-syms-4.12.14-95.6.1.aarch64",
"SUSE Linux Enterprise Server 12 SP4:kernel-syms-4.12.14-95.6.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP4:kernel-syms-4.12.14-95.6.1.s390x",
"SUSE Linux Enterprise Server 12 SP4:kernel-syms-4.12.14-95.6.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-default-4.12.14-95.6.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-default-4.12.14-95.6.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-default-4.12.14-95.6.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-default-4.12.14-95.6.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-default-base-4.12.14-95.6.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-default-base-4.12.14-95.6.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-default-base-4.12.14-95.6.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-default-base-4.12.14-95.6.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-default-devel-4.12.14-95.6.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-default-devel-4.12.14-95.6.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-default-devel-4.12.14-95.6.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-default-devel-4.12.14-95.6.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-default-man-4.12.14-95.6.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-devel-4.12.14-95.6.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-macros-4.12.14-95.6.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-source-4.12.14-95.6.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-syms-4.12.14-95.6.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-syms-4.12.14-95.6.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-syms-4.12.14-95.6.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-syms-4.12.14-95.6.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP4:kernel-docs-4.12.14-95.6.1.noarch",
"SUSE Linux Enterprise Software Development Kit 12 SP4:kernel-obs-build-4.12.14-95.6.1.aarch64",
"SUSE Linux Enterprise Software Development Kit 12 SP4:kernel-obs-build-4.12.14-95.6.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP4:kernel-obs-build-4.12.14-95.6.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP4:kernel-obs-build-4.12.14-95.6.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 12 SP4:kernel-default-extra-4.12.14-95.6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2018-16862",
"url": "https://www.suse.com/security/cve/CVE-2018-16862"
},
{
"category": "external",
"summary": "SUSE Bug 1117186 for CVE-2018-16862",
"url": "https://bugzilla.suse.com/1117186"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Desktop 12 SP4:kernel-default-4.12.14-95.6.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP4:kernel-default-devel-4.12.14-95.6.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP4:kernel-default-extra-4.12.14-95.6.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP4:kernel-devel-4.12.14-95.6.1.noarch",
"SUSE Linux Enterprise Desktop 12 SP4:kernel-macros-4.12.14-95.6.1.noarch",
"SUSE Linux Enterprise Desktop 12 SP4:kernel-source-4.12.14-95.6.1.noarch",
"SUSE Linux Enterprise Desktop 12 SP4:kernel-syms-4.12.14-95.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP4:cluster-md-kmp-default-4.12.14-95.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP4:cluster-md-kmp-default-4.12.14-95.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP4:cluster-md-kmp-default-4.12.14-95.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP4:dlm-kmp-default-4.12.14-95.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP4:dlm-kmp-default-4.12.14-95.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP4:dlm-kmp-default-4.12.14-95.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP4:gfs2-kmp-default-4.12.14-95.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP4:gfs2-kmp-default-4.12.14-95.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP4:gfs2-kmp-default-4.12.14-95.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP4:ocfs2-kmp-default-4.12.14-95.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP4:ocfs2-kmp-default-4.12.14-95.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP4:ocfs2-kmp-default-4.12.14-95.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP4:kgraft-patch-4_12_14-95_6-default-1-6.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP4:kgraft-patch-4_12_14-95_6-default-1-6.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP4:kernel-default-4.12.14-95.6.1.aarch64",
"SUSE Linux Enterprise Server 12 SP4:kernel-default-4.12.14-95.6.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP4:kernel-default-4.12.14-95.6.1.s390x",
"SUSE Linux Enterprise Server 12 SP4:kernel-default-4.12.14-95.6.1.x86_64",
"SUSE Linux Enterprise Server 12 SP4:kernel-default-base-4.12.14-95.6.1.aarch64",
"SUSE Linux Enterprise Server 12 SP4:kernel-default-base-4.12.14-95.6.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP4:kernel-default-base-4.12.14-95.6.1.s390x",
"SUSE Linux Enterprise Server 12 SP4:kernel-default-base-4.12.14-95.6.1.x86_64",
"SUSE Linux Enterprise Server 12 SP4:kernel-default-devel-4.12.14-95.6.1.aarch64",
"SUSE Linux Enterprise Server 12 SP4:kernel-default-devel-4.12.14-95.6.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP4:kernel-default-devel-4.12.14-95.6.1.s390x",
"SUSE Linux Enterprise Server 12 SP4:kernel-default-devel-4.12.14-95.6.1.x86_64",
"SUSE Linux Enterprise Server 12 SP4:kernel-default-man-4.12.14-95.6.1.s390x",
"SUSE Linux Enterprise Server 12 SP4:kernel-devel-4.12.14-95.6.1.noarch",
"SUSE Linux Enterprise Server 12 SP4:kernel-macros-4.12.14-95.6.1.noarch",
"SUSE Linux Enterprise Server 12 SP4:kernel-source-4.12.14-95.6.1.noarch",
"SUSE Linux Enterprise Server 12 SP4:kernel-syms-4.12.14-95.6.1.aarch64",
"SUSE Linux Enterprise Server 12 SP4:kernel-syms-4.12.14-95.6.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP4:kernel-syms-4.12.14-95.6.1.s390x",
"SUSE Linux Enterprise Server 12 SP4:kernel-syms-4.12.14-95.6.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-default-4.12.14-95.6.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-default-4.12.14-95.6.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-default-4.12.14-95.6.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-default-4.12.14-95.6.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-default-base-4.12.14-95.6.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-default-base-4.12.14-95.6.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-default-base-4.12.14-95.6.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-default-base-4.12.14-95.6.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-default-devel-4.12.14-95.6.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-default-devel-4.12.14-95.6.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-default-devel-4.12.14-95.6.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-default-devel-4.12.14-95.6.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-default-man-4.12.14-95.6.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-devel-4.12.14-95.6.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-macros-4.12.14-95.6.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-source-4.12.14-95.6.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-syms-4.12.14-95.6.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-syms-4.12.14-95.6.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-syms-4.12.14-95.6.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-syms-4.12.14-95.6.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP4:kernel-docs-4.12.14-95.6.1.noarch",
"SUSE Linux Enterprise Software Development Kit 12 SP4:kernel-obs-build-4.12.14-95.6.1.aarch64",
"SUSE Linux Enterprise Software Development Kit 12 SP4:kernel-obs-build-4.12.14-95.6.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP4:kernel-obs-build-4.12.14-95.6.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP4:kernel-obs-build-4.12.14-95.6.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 12 SP4:kernel-default-extra-4.12.14-95.6.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.0/AV:L/AC:H/PR:N/UI:R/S:U/C:H/I:L/A:N",
"version": "3.0"
},
"products": [
"SUSE Linux Enterprise Desktop 12 SP4:kernel-default-4.12.14-95.6.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP4:kernel-default-devel-4.12.14-95.6.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP4:kernel-default-extra-4.12.14-95.6.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP4:kernel-devel-4.12.14-95.6.1.noarch",
"SUSE Linux Enterprise Desktop 12 SP4:kernel-macros-4.12.14-95.6.1.noarch",
"SUSE Linux Enterprise Desktop 12 SP4:kernel-source-4.12.14-95.6.1.noarch",
"SUSE Linux Enterprise Desktop 12 SP4:kernel-syms-4.12.14-95.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP4:cluster-md-kmp-default-4.12.14-95.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP4:cluster-md-kmp-default-4.12.14-95.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP4:cluster-md-kmp-default-4.12.14-95.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP4:dlm-kmp-default-4.12.14-95.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP4:dlm-kmp-default-4.12.14-95.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP4:dlm-kmp-default-4.12.14-95.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP4:gfs2-kmp-default-4.12.14-95.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP4:gfs2-kmp-default-4.12.14-95.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP4:gfs2-kmp-default-4.12.14-95.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP4:ocfs2-kmp-default-4.12.14-95.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP4:ocfs2-kmp-default-4.12.14-95.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP4:ocfs2-kmp-default-4.12.14-95.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP4:kgraft-patch-4_12_14-95_6-default-1-6.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP4:kgraft-patch-4_12_14-95_6-default-1-6.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP4:kernel-default-4.12.14-95.6.1.aarch64",
"SUSE Linux Enterprise Server 12 SP4:kernel-default-4.12.14-95.6.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP4:kernel-default-4.12.14-95.6.1.s390x",
"SUSE Linux Enterprise Server 12 SP4:kernel-default-4.12.14-95.6.1.x86_64",
"SUSE Linux Enterprise Server 12 SP4:kernel-default-base-4.12.14-95.6.1.aarch64",
"SUSE Linux Enterprise Server 12 SP4:kernel-default-base-4.12.14-95.6.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP4:kernel-default-base-4.12.14-95.6.1.s390x",
"SUSE Linux Enterprise Server 12 SP4:kernel-default-base-4.12.14-95.6.1.x86_64",
"SUSE Linux Enterprise Server 12 SP4:kernel-default-devel-4.12.14-95.6.1.aarch64",
"SUSE Linux Enterprise Server 12 SP4:kernel-default-devel-4.12.14-95.6.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP4:kernel-default-devel-4.12.14-95.6.1.s390x",
"SUSE Linux Enterprise Server 12 SP4:kernel-default-devel-4.12.14-95.6.1.x86_64",
"SUSE Linux Enterprise Server 12 SP4:kernel-default-man-4.12.14-95.6.1.s390x",
"SUSE Linux Enterprise Server 12 SP4:kernel-devel-4.12.14-95.6.1.noarch",
"SUSE Linux Enterprise Server 12 SP4:kernel-macros-4.12.14-95.6.1.noarch",
"SUSE Linux Enterprise Server 12 SP4:kernel-source-4.12.14-95.6.1.noarch",
"SUSE Linux Enterprise Server 12 SP4:kernel-syms-4.12.14-95.6.1.aarch64",
"SUSE Linux Enterprise Server 12 SP4:kernel-syms-4.12.14-95.6.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP4:kernel-syms-4.12.14-95.6.1.s390x",
"SUSE Linux Enterprise Server 12 SP4:kernel-syms-4.12.14-95.6.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-default-4.12.14-95.6.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-default-4.12.14-95.6.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-default-4.12.14-95.6.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-default-4.12.14-95.6.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-default-base-4.12.14-95.6.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-default-base-4.12.14-95.6.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-default-base-4.12.14-95.6.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-default-base-4.12.14-95.6.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-default-devel-4.12.14-95.6.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-default-devel-4.12.14-95.6.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-default-devel-4.12.14-95.6.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-default-devel-4.12.14-95.6.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-default-man-4.12.14-95.6.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-devel-4.12.14-95.6.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-macros-4.12.14-95.6.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-source-4.12.14-95.6.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-syms-4.12.14-95.6.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-syms-4.12.14-95.6.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-syms-4.12.14-95.6.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-syms-4.12.14-95.6.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP4:kernel-docs-4.12.14-95.6.1.noarch",
"SUSE Linux Enterprise Software Development Kit 12 SP4:kernel-obs-build-4.12.14-95.6.1.aarch64",
"SUSE Linux Enterprise Software Development Kit 12 SP4:kernel-obs-build-4.12.14-95.6.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP4:kernel-obs-build-4.12.14-95.6.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP4:kernel-obs-build-4.12.14-95.6.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 12 SP4:kernel-default-extra-4.12.14-95.6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2019-01-29T12:14:56Z",
"details": "moderate"
}
],
"title": "CVE-2018-16862"
},
{
"cve": "CVE-2018-16884",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2018-16884"
}
],
"notes": [
{
"category": "general",
"text": "A flaw was found in the Linux kernel\u0027s NFS41+ subsystem. NFS41+ shares mounted in different network namespaces at the same time can make bc_svc_process() use wrong back-channel IDs and cause a use-after-free vulnerability. Thus a malicious container user can cause a host kernel memory corruption and a system panic. Due to the nature of the flaw, privilege escalation cannot be fully ruled out.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Desktop 12 SP4:kernel-default-4.12.14-95.6.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP4:kernel-default-devel-4.12.14-95.6.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP4:kernel-default-extra-4.12.14-95.6.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP4:kernel-devel-4.12.14-95.6.1.noarch",
"SUSE Linux Enterprise Desktop 12 SP4:kernel-macros-4.12.14-95.6.1.noarch",
"SUSE Linux Enterprise Desktop 12 SP4:kernel-source-4.12.14-95.6.1.noarch",
"SUSE Linux Enterprise Desktop 12 SP4:kernel-syms-4.12.14-95.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP4:cluster-md-kmp-default-4.12.14-95.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP4:cluster-md-kmp-default-4.12.14-95.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP4:cluster-md-kmp-default-4.12.14-95.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP4:dlm-kmp-default-4.12.14-95.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP4:dlm-kmp-default-4.12.14-95.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP4:dlm-kmp-default-4.12.14-95.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP4:gfs2-kmp-default-4.12.14-95.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP4:gfs2-kmp-default-4.12.14-95.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP4:gfs2-kmp-default-4.12.14-95.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP4:ocfs2-kmp-default-4.12.14-95.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP4:ocfs2-kmp-default-4.12.14-95.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP4:ocfs2-kmp-default-4.12.14-95.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP4:kgraft-patch-4_12_14-95_6-default-1-6.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP4:kgraft-patch-4_12_14-95_6-default-1-6.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP4:kernel-default-4.12.14-95.6.1.aarch64",
"SUSE Linux Enterprise Server 12 SP4:kernel-default-4.12.14-95.6.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP4:kernel-default-4.12.14-95.6.1.s390x",
"SUSE Linux Enterprise Server 12 SP4:kernel-default-4.12.14-95.6.1.x86_64",
"SUSE Linux Enterprise Server 12 SP4:kernel-default-base-4.12.14-95.6.1.aarch64",
"SUSE Linux Enterprise Server 12 SP4:kernel-default-base-4.12.14-95.6.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP4:kernel-default-base-4.12.14-95.6.1.s390x",
"SUSE Linux Enterprise Server 12 SP4:kernel-default-base-4.12.14-95.6.1.x86_64",
"SUSE Linux Enterprise Server 12 SP4:kernel-default-devel-4.12.14-95.6.1.aarch64",
"SUSE Linux Enterprise Server 12 SP4:kernel-default-devel-4.12.14-95.6.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP4:kernel-default-devel-4.12.14-95.6.1.s390x",
"SUSE Linux Enterprise Server 12 SP4:kernel-default-devel-4.12.14-95.6.1.x86_64",
"SUSE Linux Enterprise Server 12 SP4:kernel-default-man-4.12.14-95.6.1.s390x",
"SUSE Linux Enterprise Server 12 SP4:kernel-devel-4.12.14-95.6.1.noarch",
"SUSE Linux Enterprise Server 12 SP4:kernel-macros-4.12.14-95.6.1.noarch",
"SUSE Linux Enterprise Server 12 SP4:kernel-source-4.12.14-95.6.1.noarch",
"SUSE Linux Enterprise Server 12 SP4:kernel-syms-4.12.14-95.6.1.aarch64",
"SUSE Linux Enterprise Server 12 SP4:kernel-syms-4.12.14-95.6.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP4:kernel-syms-4.12.14-95.6.1.s390x",
"SUSE Linux Enterprise Server 12 SP4:kernel-syms-4.12.14-95.6.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-default-4.12.14-95.6.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-default-4.12.14-95.6.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-default-4.12.14-95.6.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-default-4.12.14-95.6.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-default-base-4.12.14-95.6.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-default-base-4.12.14-95.6.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-default-base-4.12.14-95.6.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-default-base-4.12.14-95.6.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-default-devel-4.12.14-95.6.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-default-devel-4.12.14-95.6.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-default-devel-4.12.14-95.6.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-default-devel-4.12.14-95.6.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-default-man-4.12.14-95.6.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-devel-4.12.14-95.6.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-macros-4.12.14-95.6.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-source-4.12.14-95.6.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-syms-4.12.14-95.6.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-syms-4.12.14-95.6.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-syms-4.12.14-95.6.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-syms-4.12.14-95.6.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP4:kernel-docs-4.12.14-95.6.1.noarch",
"SUSE Linux Enterprise Software Development Kit 12 SP4:kernel-obs-build-4.12.14-95.6.1.aarch64",
"SUSE Linux Enterprise Software Development Kit 12 SP4:kernel-obs-build-4.12.14-95.6.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP4:kernel-obs-build-4.12.14-95.6.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP4:kernel-obs-build-4.12.14-95.6.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 12 SP4:kernel-default-extra-4.12.14-95.6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2018-16884",
"url": "https://www.suse.com/security/cve/CVE-2018-16884"
},
{
"category": "external",
"summary": "SUSE Bug 1119946 for CVE-2018-16884",
"url": "https://bugzilla.suse.com/1119946"
},
{
"category": "external",
"summary": "SUSE Bug 1119947 for CVE-2018-16884",
"url": "https://bugzilla.suse.com/1119947"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Desktop 12 SP4:kernel-default-4.12.14-95.6.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP4:kernel-default-devel-4.12.14-95.6.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP4:kernel-default-extra-4.12.14-95.6.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP4:kernel-devel-4.12.14-95.6.1.noarch",
"SUSE Linux Enterprise Desktop 12 SP4:kernel-macros-4.12.14-95.6.1.noarch",
"SUSE Linux Enterprise Desktop 12 SP4:kernel-source-4.12.14-95.6.1.noarch",
"SUSE Linux Enterprise Desktop 12 SP4:kernel-syms-4.12.14-95.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP4:cluster-md-kmp-default-4.12.14-95.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP4:cluster-md-kmp-default-4.12.14-95.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP4:cluster-md-kmp-default-4.12.14-95.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP4:dlm-kmp-default-4.12.14-95.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP4:dlm-kmp-default-4.12.14-95.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP4:dlm-kmp-default-4.12.14-95.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP4:gfs2-kmp-default-4.12.14-95.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP4:gfs2-kmp-default-4.12.14-95.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP4:gfs2-kmp-default-4.12.14-95.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP4:ocfs2-kmp-default-4.12.14-95.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP4:ocfs2-kmp-default-4.12.14-95.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP4:ocfs2-kmp-default-4.12.14-95.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP4:kgraft-patch-4_12_14-95_6-default-1-6.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP4:kgraft-patch-4_12_14-95_6-default-1-6.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP4:kernel-default-4.12.14-95.6.1.aarch64",
"SUSE Linux Enterprise Server 12 SP4:kernel-default-4.12.14-95.6.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP4:kernel-default-4.12.14-95.6.1.s390x",
"SUSE Linux Enterprise Server 12 SP4:kernel-default-4.12.14-95.6.1.x86_64",
"SUSE Linux Enterprise Server 12 SP4:kernel-default-base-4.12.14-95.6.1.aarch64",
"SUSE Linux Enterprise Server 12 SP4:kernel-default-base-4.12.14-95.6.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP4:kernel-default-base-4.12.14-95.6.1.s390x",
"SUSE Linux Enterprise Server 12 SP4:kernel-default-base-4.12.14-95.6.1.x86_64",
"SUSE Linux Enterprise Server 12 SP4:kernel-default-devel-4.12.14-95.6.1.aarch64",
"SUSE Linux Enterprise Server 12 SP4:kernel-default-devel-4.12.14-95.6.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP4:kernel-default-devel-4.12.14-95.6.1.s390x",
"SUSE Linux Enterprise Server 12 SP4:kernel-default-devel-4.12.14-95.6.1.x86_64",
"SUSE Linux Enterprise Server 12 SP4:kernel-default-man-4.12.14-95.6.1.s390x",
"SUSE Linux Enterprise Server 12 SP4:kernel-devel-4.12.14-95.6.1.noarch",
"SUSE Linux Enterprise Server 12 SP4:kernel-macros-4.12.14-95.6.1.noarch",
"SUSE Linux Enterprise Server 12 SP4:kernel-source-4.12.14-95.6.1.noarch",
"SUSE Linux Enterprise Server 12 SP4:kernel-syms-4.12.14-95.6.1.aarch64",
"SUSE Linux Enterprise Server 12 SP4:kernel-syms-4.12.14-95.6.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP4:kernel-syms-4.12.14-95.6.1.s390x",
"SUSE Linux Enterprise Server 12 SP4:kernel-syms-4.12.14-95.6.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-default-4.12.14-95.6.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-default-4.12.14-95.6.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-default-4.12.14-95.6.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-default-4.12.14-95.6.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-default-base-4.12.14-95.6.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-default-base-4.12.14-95.6.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-default-base-4.12.14-95.6.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-default-base-4.12.14-95.6.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-default-devel-4.12.14-95.6.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-default-devel-4.12.14-95.6.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-default-devel-4.12.14-95.6.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-default-devel-4.12.14-95.6.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-default-man-4.12.14-95.6.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-devel-4.12.14-95.6.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-macros-4.12.14-95.6.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-source-4.12.14-95.6.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-syms-4.12.14-95.6.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-syms-4.12.14-95.6.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-syms-4.12.14-95.6.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-syms-4.12.14-95.6.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP4:kernel-docs-4.12.14-95.6.1.noarch",
"SUSE Linux Enterprise Software Development Kit 12 SP4:kernel-obs-build-4.12.14-95.6.1.aarch64",
"SUSE Linux Enterprise Software Development Kit 12 SP4:kernel-obs-build-4.12.14-95.6.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP4:kernel-obs-build-4.12.14-95.6.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP4:kernel-obs-build-4.12.14-95.6.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 12 SP4:kernel-default-extra-4.12.14-95.6.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"products": [
"SUSE Linux Enterprise Desktop 12 SP4:kernel-default-4.12.14-95.6.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP4:kernel-default-devel-4.12.14-95.6.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP4:kernel-default-extra-4.12.14-95.6.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP4:kernel-devel-4.12.14-95.6.1.noarch",
"SUSE Linux Enterprise Desktop 12 SP4:kernel-macros-4.12.14-95.6.1.noarch",
"SUSE Linux Enterprise Desktop 12 SP4:kernel-source-4.12.14-95.6.1.noarch",
"SUSE Linux Enterprise Desktop 12 SP4:kernel-syms-4.12.14-95.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP4:cluster-md-kmp-default-4.12.14-95.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP4:cluster-md-kmp-default-4.12.14-95.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP4:cluster-md-kmp-default-4.12.14-95.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP4:dlm-kmp-default-4.12.14-95.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP4:dlm-kmp-default-4.12.14-95.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP4:dlm-kmp-default-4.12.14-95.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP4:gfs2-kmp-default-4.12.14-95.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP4:gfs2-kmp-default-4.12.14-95.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP4:gfs2-kmp-default-4.12.14-95.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP4:ocfs2-kmp-default-4.12.14-95.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP4:ocfs2-kmp-default-4.12.14-95.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP4:ocfs2-kmp-default-4.12.14-95.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP4:kgraft-patch-4_12_14-95_6-default-1-6.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP4:kgraft-patch-4_12_14-95_6-default-1-6.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP4:kernel-default-4.12.14-95.6.1.aarch64",
"SUSE Linux Enterprise Server 12 SP4:kernel-default-4.12.14-95.6.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP4:kernel-default-4.12.14-95.6.1.s390x",
"SUSE Linux Enterprise Server 12 SP4:kernel-default-4.12.14-95.6.1.x86_64",
"SUSE Linux Enterprise Server 12 SP4:kernel-default-base-4.12.14-95.6.1.aarch64",
"SUSE Linux Enterprise Server 12 SP4:kernel-default-base-4.12.14-95.6.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP4:kernel-default-base-4.12.14-95.6.1.s390x",
"SUSE Linux Enterprise Server 12 SP4:kernel-default-base-4.12.14-95.6.1.x86_64",
"SUSE Linux Enterprise Server 12 SP4:kernel-default-devel-4.12.14-95.6.1.aarch64",
"SUSE Linux Enterprise Server 12 SP4:kernel-default-devel-4.12.14-95.6.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP4:kernel-default-devel-4.12.14-95.6.1.s390x",
"SUSE Linux Enterprise Server 12 SP4:kernel-default-devel-4.12.14-95.6.1.x86_64",
"SUSE Linux Enterprise Server 12 SP4:kernel-default-man-4.12.14-95.6.1.s390x",
"SUSE Linux Enterprise Server 12 SP4:kernel-devel-4.12.14-95.6.1.noarch",
"SUSE Linux Enterprise Server 12 SP4:kernel-macros-4.12.14-95.6.1.noarch",
"SUSE Linux Enterprise Server 12 SP4:kernel-source-4.12.14-95.6.1.noarch",
"SUSE Linux Enterprise Server 12 SP4:kernel-syms-4.12.14-95.6.1.aarch64",
"SUSE Linux Enterprise Server 12 SP4:kernel-syms-4.12.14-95.6.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP4:kernel-syms-4.12.14-95.6.1.s390x",
"SUSE Linux Enterprise Server 12 SP4:kernel-syms-4.12.14-95.6.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-default-4.12.14-95.6.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-default-4.12.14-95.6.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-default-4.12.14-95.6.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-default-4.12.14-95.6.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-default-base-4.12.14-95.6.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-default-base-4.12.14-95.6.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-default-base-4.12.14-95.6.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-default-base-4.12.14-95.6.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-default-devel-4.12.14-95.6.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-default-devel-4.12.14-95.6.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-default-devel-4.12.14-95.6.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-default-devel-4.12.14-95.6.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-default-man-4.12.14-95.6.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-devel-4.12.14-95.6.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-macros-4.12.14-95.6.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-source-4.12.14-95.6.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-syms-4.12.14-95.6.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-syms-4.12.14-95.6.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-syms-4.12.14-95.6.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-syms-4.12.14-95.6.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP4:kernel-docs-4.12.14-95.6.1.noarch",
"SUSE Linux Enterprise Software Development Kit 12 SP4:kernel-obs-build-4.12.14-95.6.1.aarch64",
"SUSE Linux Enterprise Software Development Kit 12 SP4:kernel-obs-build-4.12.14-95.6.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP4:kernel-obs-build-4.12.14-95.6.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP4:kernel-obs-build-4.12.14-95.6.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 12 SP4:kernel-default-extra-4.12.14-95.6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2019-01-29T12:14:56Z",
"details": "important"
}
],
"title": "CVE-2018-16884"
},
{
"cve": "CVE-2018-18397",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2018-18397"
}
],
"notes": [
{
"category": "general",
"text": "The userfaultfd implementation in the Linux kernel before 4.19.7 mishandles access control for certain UFFDIO_ ioctl calls, as demonstrated by allowing local users to write data into holes in a tmpfs file (if the user has read-only access to that file, and that file contains holes), related to fs/userfaultfd.c and mm/userfaultfd.c.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Desktop 12 SP4:kernel-default-4.12.14-95.6.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP4:kernel-default-devel-4.12.14-95.6.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP4:kernel-default-extra-4.12.14-95.6.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP4:kernel-devel-4.12.14-95.6.1.noarch",
"SUSE Linux Enterprise Desktop 12 SP4:kernel-macros-4.12.14-95.6.1.noarch",
"SUSE Linux Enterprise Desktop 12 SP4:kernel-source-4.12.14-95.6.1.noarch",
"SUSE Linux Enterprise Desktop 12 SP4:kernel-syms-4.12.14-95.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP4:cluster-md-kmp-default-4.12.14-95.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP4:cluster-md-kmp-default-4.12.14-95.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP4:cluster-md-kmp-default-4.12.14-95.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP4:dlm-kmp-default-4.12.14-95.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP4:dlm-kmp-default-4.12.14-95.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP4:dlm-kmp-default-4.12.14-95.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP4:gfs2-kmp-default-4.12.14-95.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP4:gfs2-kmp-default-4.12.14-95.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP4:gfs2-kmp-default-4.12.14-95.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP4:ocfs2-kmp-default-4.12.14-95.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP4:ocfs2-kmp-default-4.12.14-95.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP4:ocfs2-kmp-default-4.12.14-95.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP4:kgraft-patch-4_12_14-95_6-default-1-6.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP4:kgraft-patch-4_12_14-95_6-default-1-6.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP4:kernel-default-4.12.14-95.6.1.aarch64",
"SUSE Linux Enterprise Server 12 SP4:kernel-default-4.12.14-95.6.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP4:kernel-default-4.12.14-95.6.1.s390x",
"SUSE Linux Enterprise Server 12 SP4:kernel-default-4.12.14-95.6.1.x86_64",
"SUSE Linux Enterprise Server 12 SP4:kernel-default-base-4.12.14-95.6.1.aarch64",
"SUSE Linux Enterprise Server 12 SP4:kernel-default-base-4.12.14-95.6.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP4:kernel-default-base-4.12.14-95.6.1.s390x",
"SUSE Linux Enterprise Server 12 SP4:kernel-default-base-4.12.14-95.6.1.x86_64",
"SUSE Linux Enterprise Server 12 SP4:kernel-default-devel-4.12.14-95.6.1.aarch64",
"SUSE Linux Enterprise Server 12 SP4:kernel-default-devel-4.12.14-95.6.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP4:kernel-default-devel-4.12.14-95.6.1.s390x",
"SUSE Linux Enterprise Server 12 SP4:kernel-default-devel-4.12.14-95.6.1.x86_64",
"SUSE Linux Enterprise Server 12 SP4:kernel-default-man-4.12.14-95.6.1.s390x",
"SUSE Linux Enterprise Server 12 SP4:kernel-devel-4.12.14-95.6.1.noarch",
"SUSE Linux Enterprise Server 12 SP4:kernel-macros-4.12.14-95.6.1.noarch",
"SUSE Linux Enterprise Server 12 SP4:kernel-source-4.12.14-95.6.1.noarch",
"SUSE Linux Enterprise Server 12 SP4:kernel-syms-4.12.14-95.6.1.aarch64",
"SUSE Linux Enterprise Server 12 SP4:kernel-syms-4.12.14-95.6.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP4:kernel-syms-4.12.14-95.6.1.s390x",
"SUSE Linux Enterprise Server 12 SP4:kernel-syms-4.12.14-95.6.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-default-4.12.14-95.6.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-default-4.12.14-95.6.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-default-4.12.14-95.6.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-default-4.12.14-95.6.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-default-base-4.12.14-95.6.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-default-base-4.12.14-95.6.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-default-base-4.12.14-95.6.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-default-base-4.12.14-95.6.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-default-devel-4.12.14-95.6.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-default-devel-4.12.14-95.6.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-default-devel-4.12.14-95.6.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-default-devel-4.12.14-95.6.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-default-man-4.12.14-95.6.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-devel-4.12.14-95.6.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-macros-4.12.14-95.6.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-source-4.12.14-95.6.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-syms-4.12.14-95.6.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-syms-4.12.14-95.6.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-syms-4.12.14-95.6.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-syms-4.12.14-95.6.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP4:kernel-docs-4.12.14-95.6.1.noarch",
"SUSE Linux Enterprise Software Development Kit 12 SP4:kernel-obs-build-4.12.14-95.6.1.aarch64",
"SUSE Linux Enterprise Software Development Kit 12 SP4:kernel-obs-build-4.12.14-95.6.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP4:kernel-obs-build-4.12.14-95.6.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP4:kernel-obs-build-4.12.14-95.6.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 12 SP4:kernel-default-extra-4.12.14-95.6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2018-18397",
"url": "https://www.suse.com/security/cve/CVE-2018-18397"
},
{
"category": "external",
"summary": "SUSE Bug 1117656 for CVE-2018-18397",
"url": "https://bugzilla.suse.com/1117656"
},
{
"category": "external",
"summary": "SUSE Bug 1171522 for CVE-2018-18397",
"url": "https://bugzilla.suse.com/1171522"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Desktop 12 SP4:kernel-default-4.12.14-95.6.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP4:kernel-default-devel-4.12.14-95.6.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP4:kernel-default-extra-4.12.14-95.6.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP4:kernel-devel-4.12.14-95.6.1.noarch",
"SUSE Linux Enterprise Desktop 12 SP4:kernel-macros-4.12.14-95.6.1.noarch",
"SUSE Linux Enterprise Desktop 12 SP4:kernel-source-4.12.14-95.6.1.noarch",
"SUSE Linux Enterprise Desktop 12 SP4:kernel-syms-4.12.14-95.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP4:cluster-md-kmp-default-4.12.14-95.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP4:cluster-md-kmp-default-4.12.14-95.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP4:cluster-md-kmp-default-4.12.14-95.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP4:dlm-kmp-default-4.12.14-95.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP4:dlm-kmp-default-4.12.14-95.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP4:dlm-kmp-default-4.12.14-95.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP4:gfs2-kmp-default-4.12.14-95.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP4:gfs2-kmp-default-4.12.14-95.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP4:gfs2-kmp-default-4.12.14-95.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP4:ocfs2-kmp-default-4.12.14-95.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP4:ocfs2-kmp-default-4.12.14-95.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP4:ocfs2-kmp-default-4.12.14-95.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP4:kgraft-patch-4_12_14-95_6-default-1-6.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP4:kgraft-patch-4_12_14-95_6-default-1-6.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP4:kernel-default-4.12.14-95.6.1.aarch64",
"SUSE Linux Enterprise Server 12 SP4:kernel-default-4.12.14-95.6.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP4:kernel-default-4.12.14-95.6.1.s390x",
"SUSE Linux Enterprise Server 12 SP4:kernel-default-4.12.14-95.6.1.x86_64",
"SUSE Linux Enterprise Server 12 SP4:kernel-default-base-4.12.14-95.6.1.aarch64",
"SUSE Linux Enterprise Server 12 SP4:kernel-default-base-4.12.14-95.6.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP4:kernel-default-base-4.12.14-95.6.1.s390x",
"SUSE Linux Enterprise Server 12 SP4:kernel-default-base-4.12.14-95.6.1.x86_64",
"SUSE Linux Enterprise Server 12 SP4:kernel-default-devel-4.12.14-95.6.1.aarch64",
"SUSE Linux Enterprise Server 12 SP4:kernel-default-devel-4.12.14-95.6.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP4:kernel-default-devel-4.12.14-95.6.1.s390x",
"SUSE Linux Enterprise Server 12 SP4:kernel-default-devel-4.12.14-95.6.1.x86_64",
"SUSE Linux Enterprise Server 12 SP4:kernel-default-man-4.12.14-95.6.1.s390x",
"SUSE Linux Enterprise Server 12 SP4:kernel-devel-4.12.14-95.6.1.noarch",
"SUSE Linux Enterprise Server 12 SP4:kernel-macros-4.12.14-95.6.1.noarch",
"SUSE Linux Enterprise Server 12 SP4:kernel-source-4.12.14-95.6.1.noarch",
"SUSE Linux Enterprise Server 12 SP4:kernel-syms-4.12.14-95.6.1.aarch64",
"SUSE Linux Enterprise Server 12 SP4:kernel-syms-4.12.14-95.6.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP4:kernel-syms-4.12.14-95.6.1.s390x",
"SUSE Linux Enterprise Server 12 SP4:kernel-syms-4.12.14-95.6.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-default-4.12.14-95.6.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-default-4.12.14-95.6.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-default-4.12.14-95.6.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-default-4.12.14-95.6.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-default-base-4.12.14-95.6.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-default-base-4.12.14-95.6.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-default-base-4.12.14-95.6.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-default-base-4.12.14-95.6.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-default-devel-4.12.14-95.6.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-default-devel-4.12.14-95.6.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-default-devel-4.12.14-95.6.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-default-devel-4.12.14-95.6.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-default-man-4.12.14-95.6.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-devel-4.12.14-95.6.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-macros-4.12.14-95.6.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-source-4.12.14-95.6.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-syms-4.12.14-95.6.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-syms-4.12.14-95.6.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-syms-4.12.14-95.6.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-syms-4.12.14-95.6.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP4:kernel-docs-4.12.14-95.6.1.noarch",
"SUSE Linux Enterprise Software Development Kit 12 SP4:kernel-obs-build-4.12.14-95.6.1.aarch64",
"SUSE Linux Enterprise Software Development Kit 12 SP4:kernel-obs-build-4.12.14-95.6.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP4:kernel-obs-build-4.12.14-95.6.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP4:kernel-obs-build-4.12.14-95.6.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 12 SP4:kernel-default-extra-4.12.14-95.6.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:H/A:N",
"version": "3.0"
},
"products": [
"SUSE Linux Enterprise Desktop 12 SP4:kernel-default-4.12.14-95.6.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP4:kernel-default-devel-4.12.14-95.6.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP4:kernel-default-extra-4.12.14-95.6.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP4:kernel-devel-4.12.14-95.6.1.noarch",
"SUSE Linux Enterprise Desktop 12 SP4:kernel-macros-4.12.14-95.6.1.noarch",
"SUSE Linux Enterprise Desktop 12 SP4:kernel-source-4.12.14-95.6.1.noarch",
"SUSE Linux Enterprise Desktop 12 SP4:kernel-syms-4.12.14-95.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP4:cluster-md-kmp-default-4.12.14-95.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP4:cluster-md-kmp-default-4.12.14-95.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP4:cluster-md-kmp-default-4.12.14-95.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP4:dlm-kmp-default-4.12.14-95.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP4:dlm-kmp-default-4.12.14-95.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP4:dlm-kmp-default-4.12.14-95.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP4:gfs2-kmp-default-4.12.14-95.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP4:gfs2-kmp-default-4.12.14-95.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP4:gfs2-kmp-default-4.12.14-95.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP4:ocfs2-kmp-default-4.12.14-95.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP4:ocfs2-kmp-default-4.12.14-95.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP4:ocfs2-kmp-default-4.12.14-95.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP4:kgraft-patch-4_12_14-95_6-default-1-6.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP4:kgraft-patch-4_12_14-95_6-default-1-6.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP4:kernel-default-4.12.14-95.6.1.aarch64",
"SUSE Linux Enterprise Server 12 SP4:kernel-default-4.12.14-95.6.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP4:kernel-default-4.12.14-95.6.1.s390x",
"SUSE Linux Enterprise Server 12 SP4:kernel-default-4.12.14-95.6.1.x86_64",
"SUSE Linux Enterprise Server 12 SP4:kernel-default-base-4.12.14-95.6.1.aarch64",
"SUSE Linux Enterprise Server 12 SP4:kernel-default-base-4.12.14-95.6.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP4:kernel-default-base-4.12.14-95.6.1.s390x",
"SUSE Linux Enterprise Server 12 SP4:kernel-default-base-4.12.14-95.6.1.x86_64",
"SUSE Linux Enterprise Server 12 SP4:kernel-default-devel-4.12.14-95.6.1.aarch64",
"SUSE Linux Enterprise Server 12 SP4:kernel-default-devel-4.12.14-95.6.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP4:kernel-default-devel-4.12.14-95.6.1.s390x",
"SUSE Linux Enterprise Server 12 SP4:kernel-default-devel-4.12.14-95.6.1.x86_64",
"SUSE Linux Enterprise Server 12 SP4:kernel-default-man-4.12.14-95.6.1.s390x",
"SUSE Linux Enterprise Server 12 SP4:kernel-devel-4.12.14-95.6.1.noarch",
"SUSE Linux Enterprise Server 12 SP4:kernel-macros-4.12.14-95.6.1.noarch",
"SUSE Linux Enterprise Server 12 SP4:kernel-source-4.12.14-95.6.1.noarch",
"SUSE Linux Enterprise Server 12 SP4:kernel-syms-4.12.14-95.6.1.aarch64",
"SUSE Linux Enterprise Server 12 SP4:kernel-syms-4.12.14-95.6.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP4:kernel-syms-4.12.14-95.6.1.s390x",
"SUSE Linux Enterprise Server 12 SP4:kernel-syms-4.12.14-95.6.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-default-4.12.14-95.6.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-default-4.12.14-95.6.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-default-4.12.14-95.6.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-default-4.12.14-95.6.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-default-base-4.12.14-95.6.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-default-base-4.12.14-95.6.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-default-base-4.12.14-95.6.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-default-base-4.12.14-95.6.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-default-devel-4.12.14-95.6.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-default-devel-4.12.14-95.6.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-default-devel-4.12.14-95.6.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-default-devel-4.12.14-95.6.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-default-man-4.12.14-95.6.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-devel-4.12.14-95.6.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-macros-4.12.14-95.6.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-source-4.12.14-95.6.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-syms-4.12.14-95.6.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-syms-4.12.14-95.6.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-syms-4.12.14-95.6.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-syms-4.12.14-95.6.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP4:kernel-docs-4.12.14-95.6.1.noarch",
"SUSE Linux Enterprise Software Development Kit 12 SP4:kernel-obs-build-4.12.14-95.6.1.aarch64",
"SUSE Linux Enterprise Software Development Kit 12 SP4:kernel-obs-build-4.12.14-95.6.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP4:kernel-obs-build-4.12.14-95.6.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP4:kernel-obs-build-4.12.14-95.6.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 12 SP4:kernel-default-extra-4.12.14-95.6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2019-01-29T12:14:56Z",
"details": "moderate"
}
],
"title": "CVE-2018-18397"
},
{
"cve": "CVE-2018-19407",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2018-19407"
}
],
"notes": [
{
"category": "general",
"text": "The vcpu_scan_ioapic function in arch/x86/kvm/x86.c in the Linux kernel through 4.19.2 allows local users to cause a denial of service (NULL pointer dereference and BUG) via crafted system calls that reach a situation where ioapic is uninitialized.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Desktop 12 SP4:kernel-default-4.12.14-95.6.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP4:kernel-default-devel-4.12.14-95.6.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP4:kernel-default-extra-4.12.14-95.6.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP4:kernel-devel-4.12.14-95.6.1.noarch",
"SUSE Linux Enterprise Desktop 12 SP4:kernel-macros-4.12.14-95.6.1.noarch",
"SUSE Linux Enterprise Desktop 12 SP4:kernel-source-4.12.14-95.6.1.noarch",
"SUSE Linux Enterprise Desktop 12 SP4:kernel-syms-4.12.14-95.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP4:cluster-md-kmp-default-4.12.14-95.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP4:cluster-md-kmp-default-4.12.14-95.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP4:cluster-md-kmp-default-4.12.14-95.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP4:dlm-kmp-default-4.12.14-95.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP4:dlm-kmp-default-4.12.14-95.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP4:dlm-kmp-default-4.12.14-95.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP4:gfs2-kmp-default-4.12.14-95.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP4:gfs2-kmp-default-4.12.14-95.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP4:gfs2-kmp-default-4.12.14-95.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP4:ocfs2-kmp-default-4.12.14-95.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP4:ocfs2-kmp-default-4.12.14-95.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP4:ocfs2-kmp-default-4.12.14-95.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP4:kgraft-patch-4_12_14-95_6-default-1-6.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP4:kgraft-patch-4_12_14-95_6-default-1-6.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP4:kernel-default-4.12.14-95.6.1.aarch64",
"SUSE Linux Enterprise Server 12 SP4:kernel-default-4.12.14-95.6.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP4:kernel-default-4.12.14-95.6.1.s390x",
"SUSE Linux Enterprise Server 12 SP4:kernel-default-4.12.14-95.6.1.x86_64",
"SUSE Linux Enterprise Server 12 SP4:kernel-default-base-4.12.14-95.6.1.aarch64",
"SUSE Linux Enterprise Server 12 SP4:kernel-default-base-4.12.14-95.6.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP4:kernel-default-base-4.12.14-95.6.1.s390x",
"SUSE Linux Enterprise Server 12 SP4:kernel-default-base-4.12.14-95.6.1.x86_64",
"SUSE Linux Enterprise Server 12 SP4:kernel-default-devel-4.12.14-95.6.1.aarch64",
"SUSE Linux Enterprise Server 12 SP4:kernel-default-devel-4.12.14-95.6.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP4:kernel-default-devel-4.12.14-95.6.1.s390x",
"SUSE Linux Enterprise Server 12 SP4:kernel-default-devel-4.12.14-95.6.1.x86_64",
"SUSE Linux Enterprise Server 12 SP4:kernel-default-man-4.12.14-95.6.1.s390x",
"SUSE Linux Enterprise Server 12 SP4:kernel-devel-4.12.14-95.6.1.noarch",
"SUSE Linux Enterprise Server 12 SP4:kernel-macros-4.12.14-95.6.1.noarch",
"SUSE Linux Enterprise Server 12 SP4:kernel-source-4.12.14-95.6.1.noarch",
"SUSE Linux Enterprise Server 12 SP4:kernel-syms-4.12.14-95.6.1.aarch64",
"SUSE Linux Enterprise Server 12 SP4:kernel-syms-4.12.14-95.6.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP4:kernel-syms-4.12.14-95.6.1.s390x",
"SUSE Linux Enterprise Server 12 SP4:kernel-syms-4.12.14-95.6.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-default-4.12.14-95.6.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-default-4.12.14-95.6.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-default-4.12.14-95.6.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-default-4.12.14-95.6.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-default-base-4.12.14-95.6.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-default-base-4.12.14-95.6.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-default-base-4.12.14-95.6.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-default-base-4.12.14-95.6.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-default-devel-4.12.14-95.6.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-default-devel-4.12.14-95.6.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-default-devel-4.12.14-95.6.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-default-devel-4.12.14-95.6.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-default-man-4.12.14-95.6.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-devel-4.12.14-95.6.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-macros-4.12.14-95.6.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-source-4.12.14-95.6.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-syms-4.12.14-95.6.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-syms-4.12.14-95.6.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-syms-4.12.14-95.6.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-syms-4.12.14-95.6.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP4:kernel-docs-4.12.14-95.6.1.noarch",
"SUSE Linux Enterprise Software Development Kit 12 SP4:kernel-obs-build-4.12.14-95.6.1.aarch64",
"SUSE Linux Enterprise Software Development Kit 12 SP4:kernel-obs-build-4.12.14-95.6.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP4:kernel-obs-build-4.12.14-95.6.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP4:kernel-obs-build-4.12.14-95.6.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 12 SP4:kernel-default-extra-4.12.14-95.6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2018-19407",
"url": "https://www.suse.com/security/cve/CVE-2018-19407"
},
{
"category": "external",
"summary": "SUSE Bug 1116841 for CVE-2018-19407",
"url": "https://bugzilla.suse.com/1116841"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Desktop 12 SP4:kernel-default-4.12.14-95.6.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP4:kernel-default-devel-4.12.14-95.6.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP4:kernel-default-extra-4.12.14-95.6.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP4:kernel-devel-4.12.14-95.6.1.noarch",
"SUSE Linux Enterprise Desktop 12 SP4:kernel-macros-4.12.14-95.6.1.noarch",
"SUSE Linux Enterprise Desktop 12 SP4:kernel-source-4.12.14-95.6.1.noarch",
"SUSE Linux Enterprise Desktop 12 SP4:kernel-syms-4.12.14-95.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP4:cluster-md-kmp-default-4.12.14-95.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP4:cluster-md-kmp-default-4.12.14-95.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP4:cluster-md-kmp-default-4.12.14-95.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP4:dlm-kmp-default-4.12.14-95.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP4:dlm-kmp-default-4.12.14-95.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP4:dlm-kmp-default-4.12.14-95.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP4:gfs2-kmp-default-4.12.14-95.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP4:gfs2-kmp-default-4.12.14-95.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP4:gfs2-kmp-default-4.12.14-95.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP4:ocfs2-kmp-default-4.12.14-95.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP4:ocfs2-kmp-default-4.12.14-95.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP4:ocfs2-kmp-default-4.12.14-95.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP4:kgraft-patch-4_12_14-95_6-default-1-6.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP4:kgraft-patch-4_12_14-95_6-default-1-6.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP4:kernel-default-4.12.14-95.6.1.aarch64",
"SUSE Linux Enterprise Server 12 SP4:kernel-default-4.12.14-95.6.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP4:kernel-default-4.12.14-95.6.1.s390x",
"SUSE Linux Enterprise Server 12 SP4:kernel-default-4.12.14-95.6.1.x86_64",
"SUSE Linux Enterprise Server 12 SP4:kernel-default-base-4.12.14-95.6.1.aarch64",
"SUSE Linux Enterprise Server 12 SP4:kernel-default-base-4.12.14-95.6.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP4:kernel-default-base-4.12.14-95.6.1.s390x",
"SUSE Linux Enterprise Server 12 SP4:kernel-default-base-4.12.14-95.6.1.x86_64",
"SUSE Linux Enterprise Server 12 SP4:kernel-default-devel-4.12.14-95.6.1.aarch64",
"SUSE Linux Enterprise Server 12 SP4:kernel-default-devel-4.12.14-95.6.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP4:kernel-default-devel-4.12.14-95.6.1.s390x",
"SUSE Linux Enterprise Server 12 SP4:kernel-default-devel-4.12.14-95.6.1.x86_64",
"SUSE Linux Enterprise Server 12 SP4:kernel-default-man-4.12.14-95.6.1.s390x",
"SUSE Linux Enterprise Server 12 SP4:kernel-devel-4.12.14-95.6.1.noarch",
"SUSE Linux Enterprise Server 12 SP4:kernel-macros-4.12.14-95.6.1.noarch",
"SUSE Linux Enterprise Server 12 SP4:kernel-source-4.12.14-95.6.1.noarch",
"SUSE Linux Enterprise Server 12 SP4:kernel-syms-4.12.14-95.6.1.aarch64",
"SUSE Linux Enterprise Server 12 SP4:kernel-syms-4.12.14-95.6.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP4:kernel-syms-4.12.14-95.6.1.s390x",
"SUSE Linux Enterprise Server 12 SP4:kernel-syms-4.12.14-95.6.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-default-4.12.14-95.6.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-default-4.12.14-95.6.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-default-4.12.14-95.6.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-default-4.12.14-95.6.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-default-base-4.12.14-95.6.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-default-base-4.12.14-95.6.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-default-base-4.12.14-95.6.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-default-base-4.12.14-95.6.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-default-devel-4.12.14-95.6.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-default-devel-4.12.14-95.6.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-default-devel-4.12.14-95.6.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-default-devel-4.12.14-95.6.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-default-man-4.12.14-95.6.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-devel-4.12.14-95.6.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-macros-4.12.14-95.6.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-source-4.12.14-95.6.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-syms-4.12.14-95.6.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-syms-4.12.14-95.6.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-syms-4.12.14-95.6.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-syms-4.12.14-95.6.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP4:kernel-docs-4.12.14-95.6.1.noarch",
"SUSE Linux Enterprise Software Development Kit 12 SP4:kernel-obs-build-4.12.14-95.6.1.aarch64",
"SUSE Linux Enterprise Software Development Kit 12 SP4:kernel-obs-build-4.12.14-95.6.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP4:kernel-obs-build-4.12.14-95.6.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP4:kernel-obs-build-4.12.14-95.6.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 12 SP4:kernel-default-extra-4.12.14-95.6.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.0"
},
"products": [
"SUSE Linux Enterprise Desktop 12 SP4:kernel-default-4.12.14-95.6.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP4:kernel-default-devel-4.12.14-95.6.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP4:kernel-default-extra-4.12.14-95.6.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP4:kernel-devel-4.12.14-95.6.1.noarch",
"SUSE Linux Enterprise Desktop 12 SP4:kernel-macros-4.12.14-95.6.1.noarch",
"SUSE Linux Enterprise Desktop 12 SP4:kernel-source-4.12.14-95.6.1.noarch",
"SUSE Linux Enterprise Desktop 12 SP4:kernel-syms-4.12.14-95.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP4:cluster-md-kmp-default-4.12.14-95.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP4:cluster-md-kmp-default-4.12.14-95.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP4:cluster-md-kmp-default-4.12.14-95.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP4:dlm-kmp-default-4.12.14-95.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP4:dlm-kmp-default-4.12.14-95.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP4:dlm-kmp-default-4.12.14-95.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP4:gfs2-kmp-default-4.12.14-95.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP4:gfs2-kmp-default-4.12.14-95.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP4:gfs2-kmp-default-4.12.14-95.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP4:ocfs2-kmp-default-4.12.14-95.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP4:ocfs2-kmp-default-4.12.14-95.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP4:ocfs2-kmp-default-4.12.14-95.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP4:kgraft-patch-4_12_14-95_6-default-1-6.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP4:kgraft-patch-4_12_14-95_6-default-1-6.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP4:kernel-default-4.12.14-95.6.1.aarch64",
"SUSE Linux Enterprise Server 12 SP4:kernel-default-4.12.14-95.6.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP4:kernel-default-4.12.14-95.6.1.s390x",
"SUSE Linux Enterprise Server 12 SP4:kernel-default-4.12.14-95.6.1.x86_64",
"SUSE Linux Enterprise Server 12 SP4:kernel-default-base-4.12.14-95.6.1.aarch64",
"SUSE Linux Enterprise Server 12 SP4:kernel-default-base-4.12.14-95.6.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP4:kernel-default-base-4.12.14-95.6.1.s390x",
"SUSE Linux Enterprise Server 12 SP4:kernel-default-base-4.12.14-95.6.1.x86_64",
"SUSE Linux Enterprise Server 12 SP4:kernel-default-devel-4.12.14-95.6.1.aarch64",
"SUSE Linux Enterprise Server 12 SP4:kernel-default-devel-4.12.14-95.6.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP4:kernel-default-devel-4.12.14-95.6.1.s390x",
"SUSE Linux Enterprise Server 12 SP4:kernel-default-devel-4.12.14-95.6.1.x86_64",
"SUSE Linux Enterprise Server 12 SP4:kernel-default-man-4.12.14-95.6.1.s390x",
"SUSE Linux Enterprise Server 12 SP4:kernel-devel-4.12.14-95.6.1.noarch",
"SUSE Linux Enterprise Server 12 SP4:kernel-macros-4.12.14-95.6.1.noarch",
"SUSE Linux Enterprise Server 12 SP4:kernel-source-4.12.14-95.6.1.noarch",
"SUSE Linux Enterprise Server 12 SP4:kernel-syms-4.12.14-95.6.1.aarch64",
"SUSE Linux Enterprise Server 12 SP4:kernel-syms-4.12.14-95.6.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP4:kernel-syms-4.12.14-95.6.1.s390x",
"SUSE Linux Enterprise Server 12 SP4:kernel-syms-4.12.14-95.6.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-default-4.12.14-95.6.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-default-4.12.14-95.6.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-default-4.12.14-95.6.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-default-4.12.14-95.6.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-default-base-4.12.14-95.6.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-default-base-4.12.14-95.6.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-default-base-4.12.14-95.6.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-default-base-4.12.14-95.6.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-default-devel-4.12.14-95.6.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-default-devel-4.12.14-95.6.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-default-devel-4.12.14-95.6.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-default-devel-4.12.14-95.6.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-default-man-4.12.14-95.6.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-devel-4.12.14-95.6.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-macros-4.12.14-95.6.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-source-4.12.14-95.6.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-syms-4.12.14-95.6.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-syms-4.12.14-95.6.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-syms-4.12.14-95.6.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-syms-4.12.14-95.6.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP4:kernel-docs-4.12.14-95.6.1.noarch",
"SUSE Linux Enterprise Software Development Kit 12 SP4:kernel-obs-build-4.12.14-95.6.1.aarch64",
"SUSE Linux Enterprise Software Development Kit 12 SP4:kernel-obs-build-4.12.14-95.6.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP4:kernel-obs-build-4.12.14-95.6.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP4:kernel-obs-build-4.12.14-95.6.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 12 SP4:kernel-default-extra-4.12.14-95.6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2019-01-29T12:14:56Z",
"details": "moderate"
}
],
"title": "CVE-2018-19407"
},
{
"cve": "CVE-2018-19854",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2018-19854"
}
],
"notes": [
{
"category": "general",
"text": "An issue was discovered in the Linux kernel before 4.19.3. crypto_report_one() and related functions in crypto/crypto_user.c (the crypto user configuration API) do not fully initialize structures that are copied to userspace, potentially leaking sensitive memory to user programs. NOTE: this is a CVE-2013-2547 regression but with easier exploitability because the attacker does not need a capability (however, the system must have the CONFIG_CRYPTO_USER kconfig option).",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Desktop 12 SP4:kernel-default-4.12.14-95.6.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP4:kernel-default-devel-4.12.14-95.6.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP4:kernel-default-extra-4.12.14-95.6.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP4:kernel-devel-4.12.14-95.6.1.noarch",
"SUSE Linux Enterprise Desktop 12 SP4:kernel-macros-4.12.14-95.6.1.noarch",
"SUSE Linux Enterprise Desktop 12 SP4:kernel-source-4.12.14-95.6.1.noarch",
"SUSE Linux Enterprise Desktop 12 SP4:kernel-syms-4.12.14-95.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP4:cluster-md-kmp-default-4.12.14-95.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP4:cluster-md-kmp-default-4.12.14-95.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP4:cluster-md-kmp-default-4.12.14-95.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP4:dlm-kmp-default-4.12.14-95.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP4:dlm-kmp-default-4.12.14-95.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP4:dlm-kmp-default-4.12.14-95.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP4:gfs2-kmp-default-4.12.14-95.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP4:gfs2-kmp-default-4.12.14-95.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP4:gfs2-kmp-default-4.12.14-95.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP4:ocfs2-kmp-default-4.12.14-95.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP4:ocfs2-kmp-default-4.12.14-95.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP4:ocfs2-kmp-default-4.12.14-95.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP4:kgraft-patch-4_12_14-95_6-default-1-6.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP4:kgraft-patch-4_12_14-95_6-default-1-6.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP4:kernel-default-4.12.14-95.6.1.aarch64",
"SUSE Linux Enterprise Server 12 SP4:kernel-default-4.12.14-95.6.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP4:kernel-default-4.12.14-95.6.1.s390x",
"SUSE Linux Enterprise Server 12 SP4:kernel-default-4.12.14-95.6.1.x86_64",
"SUSE Linux Enterprise Server 12 SP4:kernel-default-base-4.12.14-95.6.1.aarch64",
"SUSE Linux Enterprise Server 12 SP4:kernel-default-base-4.12.14-95.6.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP4:kernel-default-base-4.12.14-95.6.1.s390x",
"SUSE Linux Enterprise Server 12 SP4:kernel-default-base-4.12.14-95.6.1.x86_64",
"SUSE Linux Enterprise Server 12 SP4:kernel-default-devel-4.12.14-95.6.1.aarch64",
"SUSE Linux Enterprise Server 12 SP4:kernel-default-devel-4.12.14-95.6.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP4:kernel-default-devel-4.12.14-95.6.1.s390x",
"SUSE Linux Enterprise Server 12 SP4:kernel-default-devel-4.12.14-95.6.1.x86_64",
"SUSE Linux Enterprise Server 12 SP4:kernel-default-man-4.12.14-95.6.1.s390x",
"SUSE Linux Enterprise Server 12 SP4:kernel-devel-4.12.14-95.6.1.noarch",
"SUSE Linux Enterprise Server 12 SP4:kernel-macros-4.12.14-95.6.1.noarch",
"SUSE Linux Enterprise Server 12 SP4:kernel-source-4.12.14-95.6.1.noarch",
"SUSE Linux Enterprise Server 12 SP4:kernel-syms-4.12.14-95.6.1.aarch64",
"SUSE Linux Enterprise Server 12 SP4:kernel-syms-4.12.14-95.6.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP4:kernel-syms-4.12.14-95.6.1.s390x",
"SUSE Linux Enterprise Server 12 SP4:kernel-syms-4.12.14-95.6.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-default-4.12.14-95.6.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-default-4.12.14-95.6.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-default-4.12.14-95.6.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-default-4.12.14-95.6.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-default-base-4.12.14-95.6.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-default-base-4.12.14-95.6.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-default-base-4.12.14-95.6.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-default-base-4.12.14-95.6.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-default-devel-4.12.14-95.6.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-default-devel-4.12.14-95.6.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-default-devel-4.12.14-95.6.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-default-devel-4.12.14-95.6.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-default-man-4.12.14-95.6.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-devel-4.12.14-95.6.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-macros-4.12.14-95.6.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-source-4.12.14-95.6.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-syms-4.12.14-95.6.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-syms-4.12.14-95.6.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-syms-4.12.14-95.6.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-syms-4.12.14-95.6.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP4:kernel-docs-4.12.14-95.6.1.noarch",
"SUSE Linux Enterprise Software Development Kit 12 SP4:kernel-obs-build-4.12.14-95.6.1.aarch64",
"SUSE Linux Enterprise Software Development Kit 12 SP4:kernel-obs-build-4.12.14-95.6.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP4:kernel-obs-build-4.12.14-95.6.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP4:kernel-obs-build-4.12.14-95.6.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 12 SP4:kernel-default-extra-4.12.14-95.6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2018-19854",
"url": "https://www.suse.com/security/cve/CVE-2018-19854"
},
{
"category": "external",
"summary": "SUSE Bug 1118428 for CVE-2018-19854",
"url": "https://bugzilla.suse.com/1118428"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Desktop 12 SP4:kernel-default-4.12.14-95.6.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP4:kernel-default-devel-4.12.14-95.6.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP4:kernel-default-extra-4.12.14-95.6.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP4:kernel-devel-4.12.14-95.6.1.noarch",
"SUSE Linux Enterprise Desktop 12 SP4:kernel-macros-4.12.14-95.6.1.noarch",
"SUSE Linux Enterprise Desktop 12 SP4:kernel-source-4.12.14-95.6.1.noarch",
"SUSE Linux Enterprise Desktop 12 SP4:kernel-syms-4.12.14-95.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP4:cluster-md-kmp-default-4.12.14-95.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP4:cluster-md-kmp-default-4.12.14-95.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP4:cluster-md-kmp-default-4.12.14-95.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP4:dlm-kmp-default-4.12.14-95.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP4:dlm-kmp-default-4.12.14-95.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP4:dlm-kmp-default-4.12.14-95.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP4:gfs2-kmp-default-4.12.14-95.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP4:gfs2-kmp-default-4.12.14-95.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP4:gfs2-kmp-default-4.12.14-95.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP4:ocfs2-kmp-default-4.12.14-95.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP4:ocfs2-kmp-default-4.12.14-95.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP4:ocfs2-kmp-default-4.12.14-95.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP4:kgraft-patch-4_12_14-95_6-default-1-6.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP4:kgraft-patch-4_12_14-95_6-default-1-6.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP4:kernel-default-4.12.14-95.6.1.aarch64",
"SUSE Linux Enterprise Server 12 SP4:kernel-default-4.12.14-95.6.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP4:kernel-default-4.12.14-95.6.1.s390x",
"SUSE Linux Enterprise Server 12 SP4:kernel-default-4.12.14-95.6.1.x86_64",
"SUSE Linux Enterprise Server 12 SP4:kernel-default-base-4.12.14-95.6.1.aarch64",
"SUSE Linux Enterprise Server 12 SP4:kernel-default-base-4.12.14-95.6.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP4:kernel-default-base-4.12.14-95.6.1.s390x",
"SUSE Linux Enterprise Server 12 SP4:kernel-default-base-4.12.14-95.6.1.x86_64",
"SUSE Linux Enterprise Server 12 SP4:kernel-default-devel-4.12.14-95.6.1.aarch64",
"SUSE Linux Enterprise Server 12 SP4:kernel-default-devel-4.12.14-95.6.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP4:kernel-default-devel-4.12.14-95.6.1.s390x",
"SUSE Linux Enterprise Server 12 SP4:kernel-default-devel-4.12.14-95.6.1.x86_64",
"SUSE Linux Enterprise Server 12 SP4:kernel-default-man-4.12.14-95.6.1.s390x",
"SUSE Linux Enterprise Server 12 SP4:kernel-devel-4.12.14-95.6.1.noarch",
"SUSE Linux Enterprise Server 12 SP4:kernel-macros-4.12.14-95.6.1.noarch",
"SUSE Linux Enterprise Server 12 SP4:kernel-source-4.12.14-95.6.1.noarch",
"SUSE Linux Enterprise Server 12 SP4:kernel-syms-4.12.14-95.6.1.aarch64",
"SUSE Linux Enterprise Server 12 SP4:kernel-syms-4.12.14-95.6.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP4:kernel-syms-4.12.14-95.6.1.s390x",
"SUSE Linux Enterprise Server 12 SP4:kernel-syms-4.12.14-95.6.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-default-4.12.14-95.6.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-default-4.12.14-95.6.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-default-4.12.14-95.6.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-default-4.12.14-95.6.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-default-base-4.12.14-95.6.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-default-base-4.12.14-95.6.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-default-base-4.12.14-95.6.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-default-base-4.12.14-95.6.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-default-devel-4.12.14-95.6.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-default-devel-4.12.14-95.6.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-default-devel-4.12.14-95.6.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-default-devel-4.12.14-95.6.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-default-man-4.12.14-95.6.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-devel-4.12.14-95.6.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-macros-4.12.14-95.6.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-source-4.12.14-95.6.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-syms-4.12.14-95.6.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-syms-4.12.14-95.6.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-syms-4.12.14-95.6.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-syms-4.12.14-95.6.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP4:kernel-docs-4.12.14-95.6.1.noarch",
"SUSE Linux Enterprise Software Development Kit 12 SP4:kernel-obs-build-4.12.14-95.6.1.aarch64",
"SUSE Linux Enterprise Software Development Kit 12 SP4:kernel-obs-build-4.12.14-95.6.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP4:kernel-obs-build-4.12.14-95.6.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP4:kernel-obs-build-4.12.14-95.6.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 12 SP4:kernel-default-extra-4.12.14-95.6.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N",
"version": "3.0"
},
"products": [
"SUSE Linux Enterprise Desktop 12 SP4:kernel-default-4.12.14-95.6.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP4:kernel-default-devel-4.12.14-95.6.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP4:kernel-default-extra-4.12.14-95.6.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP4:kernel-devel-4.12.14-95.6.1.noarch",
"SUSE Linux Enterprise Desktop 12 SP4:kernel-macros-4.12.14-95.6.1.noarch",
"SUSE Linux Enterprise Desktop 12 SP4:kernel-source-4.12.14-95.6.1.noarch",
"SUSE Linux Enterprise Desktop 12 SP4:kernel-syms-4.12.14-95.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP4:cluster-md-kmp-default-4.12.14-95.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP4:cluster-md-kmp-default-4.12.14-95.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP4:cluster-md-kmp-default-4.12.14-95.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP4:dlm-kmp-default-4.12.14-95.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP4:dlm-kmp-default-4.12.14-95.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP4:dlm-kmp-default-4.12.14-95.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP4:gfs2-kmp-default-4.12.14-95.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP4:gfs2-kmp-default-4.12.14-95.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP4:gfs2-kmp-default-4.12.14-95.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP4:ocfs2-kmp-default-4.12.14-95.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP4:ocfs2-kmp-default-4.12.14-95.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP4:ocfs2-kmp-default-4.12.14-95.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP4:kgraft-patch-4_12_14-95_6-default-1-6.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP4:kgraft-patch-4_12_14-95_6-default-1-6.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP4:kernel-default-4.12.14-95.6.1.aarch64",
"SUSE Linux Enterprise Server 12 SP4:kernel-default-4.12.14-95.6.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP4:kernel-default-4.12.14-95.6.1.s390x",
"SUSE Linux Enterprise Server 12 SP4:kernel-default-4.12.14-95.6.1.x86_64",
"SUSE Linux Enterprise Server 12 SP4:kernel-default-base-4.12.14-95.6.1.aarch64",
"SUSE Linux Enterprise Server 12 SP4:kernel-default-base-4.12.14-95.6.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP4:kernel-default-base-4.12.14-95.6.1.s390x",
"SUSE Linux Enterprise Server 12 SP4:kernel-default-base-4.12.14-95.6.1.x86_64",
"SUSE Linux Enterprise Server 12 SP4:kernel-default-devel-4.12.14-95.6.1.aarch64",
"SUSE Linux Enterprise Server 12 SP4:kernel-default-devel-4.12.14-95.6.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP4:kernel-default-devel-4.12.14-95.6.1.s390x",
"SUSE Linux Enterprise Server 12 SP4:kernel-default-devel-4.12.14-95.6.1.x86_64",
"SUSE Linux Enterprise Server 12 SP4:kernel-default-man-4.12.14-95.6.1.s390x",
"SUSE Linux Enterprise Server 12 SP4:kernel-devel-4.12.14-95.6.1.noarch",
"SUSE Linux Enterprise Server 12 SP4:kernel-macros-4.12.14-95.6.1.noarch",
"SUSE Linux Enterprise Server 12 SP4:kernel-source-4.12.14-95.6.1.noarch",
"SUSE Linux Enterprise Server 12 SP4:kernel-syms-4.12.14-95.6.1.aarch64",
"SUSE Linux Enterprise Server 12 SP4:kernel-syms-4.12.14-95.6.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP4:kernel-syms-4.12.14-95.6.1.s390x",
"SUSE Linux Enterprise Server 12 SP4:kernel-syms-4.12.14-95.6.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-default-4.12.14-95.6.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-default-4.12.14-95.6.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-default-4.12.14-95.6.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-default-4.12.14-95.6.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-default-base-4.12.14-95.6.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-default-base-4.12.14-95.6.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-default-base-4.12.14-95.6.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-default-base-4.12.14-95.6.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-default-devel-4.12.14-95.6.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-default-devel-4.12.14-95.6.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-default-devel-4.12.14-95.6.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-default-devel-4.12.14-95.6.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-default-man-4.12.14-95.6.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-devel-4.12.14-95.6.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-macros-4.12.14-95.6.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-source-4.12.14-95.6.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-syms-4.12.14-95.6.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-syms-4.12.14-95.6.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-syms-4.12.14-95.6.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-syms-4.12.14-95.6.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP4:kernel-docs-4.12.14-95.6.1.noarch",
"SUSE Linux Enterprise Software Development Kit 12 SP4:kernel-obs-build-4.12.14-95.6.1.aarch64",
"SUSE Linux Enterprise Software Development Kit 12 SP4:kernel-obs-build-4.12.14-95.6.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP4:kernel-obs-build-4.12.14-95.6.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP4:kernel-obs-build-4.12.14-95.6.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 12 SP4:kernel-default-extra-4.12.14-95.6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2019-01-29T12:14:56Z",
"details": "low"
}
],
"title": "CVE-2018-19854"
},
{
"cve": "CVE-2018-19985",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2018-19985"
}
],
"notes": [
{
"category": "general",
"text": "The function hso_get_config_data in drivers/net/usb/hso.c in the Linux kernel through 4.19.8 reads if_num from the USB device (as a u8) and uses it to index a small array, resulting in an object out-of-bounds (OOB) read that potentially allows arbitrary read in the kernel address space.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Desktop 12 SP4:kernel-default-4.12.14-95.6.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP4:kernel-default-devel-4.12.14-95.6.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP4:kernel-default-extra-4.12.14-95.6.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP4:kernel-devel-4.12.14-95.6.1.noarch",
"SUSE Linux Enterprise Desktop 12 SP4:kernel-macros-4.12.14-95.6.1.noarch",
"SUSE Linux Enterprise Desktop 12 SP4:kernel-source-4.12.14-95.6.1.noarch",
"SUSE Linux Enterprise Desktop 12 SP4:kernel-syms-4.12.14-95.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP4:cluster-md-kmp-default-4.12.14-95.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP4:cluster-md-kmp-default-4.12.14-95.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP4:cluster-md-kmp-default-4.12.14-95.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP4:dlm-kmp-default-4.12.14-95.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP4:dlm-kmp-default-4.12.14-95.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP4:dlm-kmp-default-4.12.14-95.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP4:gfs2-kmp-default-4.12.14-95.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP4:gfs2-kmp-default-4.12.14-95.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP4:gfs2-kmp-default-4.12.14-95.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP4:ocfs2-kmp-default-4.12.14-95.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP4:ocfs2-kmp-default-4.12.14-95.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP4:ocfs2-kmp-default-4.12.14-95.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP4:kgraft-patch-4_12_14-95_6-default-1-6.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP4:kgraft-patch-4_12_14-95_6-default-1-6.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP4:kernel-default-4.12.14-95.6.1.aarch64",
"SUSE Linux Enterprise Server 12 SP4:kernel-default-4.12.14-95.6.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP4:kernel-default-4.12.14-95.6.1.s390x",
"SUSE Linux Enterprise Server 12 SP4:kernel-default-4.12.14-95.6.1.x86_64",
"SUSE Linux Enterprise Server 12 SP4:kernel-default-base-4.12.14-95.6.1.aarch64",
"SUSE Linux Enterprise Server 12 SP4:kernel-default-base-4.12.14-95.6.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP4:kernel-default-base-4.12.14-95.6.1.s390x",
"SUSE Linux Enterprise Server 12 SP4:kernel-default-base-4.12.14-95.6.1.x86_64",
"SUSE Linux Enterprise Server 12 SP4:kernel-default-devel-4.12.14-95.6.1.aarch64",
"SUSE Linux Enterprise Server 12 SP4:kernel-default-devel-4.12.14-95.6.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP4:kernel-default-devel-4.12.14-95.6.1.s390x",
"SUSE Linux Enterprise Server 12 SP4:kernel-default-devel-4.12.14-95.6.1.x86_64",
"SUSE Linux Enterprise Server 12 SP4:kernel-default-man-4.12.14-95.6.1.s390x",
"SUSE Linux Enterprise Server 12 SP4:kernel-devel-4.12.14-95.6.1.noarch",
"SUSE Linux Enterprise Server 12 SP4:kernel-macros-4.12.14-95.6.1.noarch",
"SUSE Linux Enterprise Server 12 SP4:kernel-source-4.12.14-95.6.1.noarch",
"SUSE Linux Enterprise Server 12 SP4:kernel-syms-4.12.14-95.6.1.aarch64",
"SUSE Linux Enterprise Server 12 SP4:kernel-syms-4.12.14-95.6.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP4:kernel-syms-4.12.14-95.6.1.s390x",
"SUSE Linux Enterprise Server 12 SP4:kernel-syms-4.12.14-95.6.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-default-4.12.14-95.6.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-default-4.12.14-95.6.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-default-4.12.14-95.6.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-default-4.12.14-95.6.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-default-base-4.12.14-95.6.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-default-base-4.12.14-95.6.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-default-base-4.12.14-95.6.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-default-base-4.12.14-95.6.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-default-devel-4.12.14-95.6.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-default-devel-4.12.14-95.6.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-default-devel-4.12.14-95.6.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-default-devel-4.12.14-95.6.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-default-man-4.12.14-95.6.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-devel-4.12.14-95.6.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-macros-4.12.14-95.6.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-source-4.12.14-95.6.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-syms-4.12.14-95.6.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-syms-4.12.14-95.6.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-syms-4.12.14-95.6.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-syms-4.12.14-95.6.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP4:kernel-docs-4.12.14-95.6.1.noarch",
"SUSE Linux Enterprise Software Development Kit 12 SP4:kernel-obs-build-4.12.14-95.6.1.aarch64",
"SUSE Linux Enterprise Software Development Kit 12 SP4:kernel-obs-build-4.12.14-95.6.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP4:kernel-obs-build-4.12.14-95.6.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP4:kernel-obs-build-4.12.14-95.6.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 12 SP4:kernel-default-extra-4.12.14-95.6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2018-19985",
"url": "https://www.suse.com/security/cve/CVE-2018-19985"
},
{
"category": "external",
"summary": "SUSE Bug 1120743 for CVE-2018-19985",
"url": "https://bugzilla.suse.com/1120743"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Desktop 12 SP4:kernel-default-4.12.14-95.6.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP4:kernel-default-devel-4.12.14-95.6.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP4:kernel-default-extra-4.12.14-95.6.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP4:kernel-devel-4.12.14-95.6.1.noarch",
"SUSE Linux Enterprise Desktop 12 SP4:kernel-macros-4.12.14-95.6.1.noarch",
"SUSE Linux Enterprise Desktop 12 SP4:kernel-source-4.12.14-95.6.1.noarch",
"SUSE Linux Enterprise Desktop 12 SP4:kernel-syms-4.12.14-95.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP4:cluster-md-kmp-default-4.12.14-95.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP4:cluster-md-kmp-default-4.12.14-95.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP4:cluster-md-kmp-default-4.12.14-95.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP4:dlm-kmp-default-4.12.14-95.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP4:dlm-kmp-default-4.12.14-95.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP4:dlm-kmp-default-4.12.14-95.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP4:gfs2-kmp-default-4.12.14-95.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP4:gfs2-kmp-default-4.12.14-95.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP4:gfs2-kmp-default-4.12.14-95.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP4:ocfs2-kmp-default-4.12.14-95.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP4:ocfs2-kmp-default-4.12.14-95.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP4:ocfs2-kmp-default-4.12.14-95.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP4:kgraft-patch-4_12_14-95_6-default-1-6.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP4:kgraft-patch-4_12_14-95_6-default-1-6.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP4:kernel-default-4.12.14-95.6.1.aarch64",
"SUSE Linux Enterprise Server 12 SP4:kernel-default-4.12.14-95.6.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP4:kernel-default-4.12.14-95.6.1.s390x",
"SUSE Linux Enterprise Server 12 SP4:kernel-default-4.12.14-95.6.1.x86_64",
"SUSE Linux Enterprise Server 12 SP4:kernel-default-base-4.12.14-95.6.1.aarch64",
"SUSE Linux Enterprise Server 12 SP4:kernel-default-base-4.12.14-95.6.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP4:kernel-default-base-4.12.14-95.6.1.s390x",
"SUSE Linux Enterprise Server 12 SP4:kernel-default-base-4.12.14-95.6.1.x86_64",
"SUSE Linux Enterprise Server 12 SP4:kernel-default-devel-4.12.14-95.6.1.aarch64",
"SUSE Linux Enterprise Server 12 SP4:kernel-default-devel-4.12.14-95.6.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP4:kernel-default-devel-4.12.14-95.6.1.s390x",
"SUSE Linux Enterprise Server 12 SP4:kernel-default-devel-4.12.14-95.6.1.x86_64",
"SUSE Linux Enterprise Server 12 SP4:kernel-default-man-4.12.14-95.6.1.s390x",
"SUSE Linux Enterprise Server 12 SP4:kernel-devel-4.12.14-95.6.1.noarch",
"SUSE Linux Enterprise Server 12 SP4:kernel-macros-4.12.14-95.6.1.noarch",
"SUSE Linux Enterprise Server 12 SP4:kernel-source-4.12.14-95.6.1.noarch",
"SUSE Linux Enterprise Server 12 SP4:kernel-syms-4.12.14-95.6.1.aarch64",
"SUSE Linux Enterprise Server 12 SP4:kernel-syms-4.12.14-95.6.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP4:kernel-syms-4.12.14-95.6.1.s390x",
"SUSE Linux Enterprise Server 12 SP4:kernel-syms-4.12.14-95.6.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-default-4.12.14-95.6.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-default-4.12.14-95.6.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-default-4.12.14-95.6.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-default-4.12.14-95.6.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-default-base-4.12.14-95.6.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-default-base-4.12.14-95.6.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-default-base-4.12.14-95.6.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-default-base-4.12.14-95.6.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-default-devel-4.12.14-95.6.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-default-devel-4.12.14-95.6.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-default-devel-4.12.14-95.6.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-default-devel-4.12.14-95.6.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-default-man-4.12.14-95.6.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-devel-4.12.14-95.6.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-macros-4.12.14-95.6.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-source-4.12.14-95.6.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-syms-4.12.14-95.6.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-syms-4.12.14-95.6.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-syms-4.12.14-95.6.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-syms-4.12.14-95.6.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP4:kernel-docs-4.12.14-95.6.1.noarch",
"SUSE Linux Enterprise Software Development Kit 12 SP4:kernel-obs-build-4.12.14-95.6.1.aarch64",
"SUSE Linux Enterprise Software Development Kit 12 SP4:kernel-obs-build-4.12.14-95.6.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP4:kernel-obs-build-4.12.14-95.6.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP4:kernel-obs-build-4.12.14-95.6.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 12 SP4:kernel-default-extra-4.12.14-95.6.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N",
"version": "3.0"
},
"products": [
"SUSE Linux Enterprise Desktop 12 SP4:kernel-default-4.12.14-95.6.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP4:kernel-default-devel-4.12.14-95.6.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP4:kernel-default-extra-4.12.14-95.6.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP4:kernel-devel-4.12.14-95.6.1.noarch",
"SUSE Linux Enterprise Desktop 12 SP4:kernel-macros-4.12.14-95.6.1.noarch",
"SUSE Linux Enterprise Desktop 12 SP4:kernel-source-4.12.14-95.6.1.noarch",
"SUSE Linux Enterprise Desktop 12 SP4:kernel-syms-4.12.14-95.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP4:cluster-md-kmp-default-4.12.14-95.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP4:cluster-md-kmp-default-4.12.14-95.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP4:cluster-md-kmp-default-4.12.14-95.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP4:dlm-kmp-default-4.12.14-95.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP4:dlm-kmp-default-4.12.14-95.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP4:dlm-kmp-default-4.12.14-95.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP4:gfs2-kmp-default-4.12.14-95.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP4:gfs2-kmp-default-4.12.14-95.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP4:gfs2-kmp-default-4.12.14-95.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP4:ocfs2-kmp-default-4.12.14-95.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP4:ocfs2-kmp-default-4.12.14-95.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP4:ocfs2-kmp-default-4.12.14-95.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP4:kgraft-patch-4_12_14-95_6-default-1-6.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP4:kgraft-patch-4_12_14-95_6-default-1-6.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP4:kernel-default-4.12.14-95.6.1.aarch64",
"SUSE Linux Enterprise Server 12 SP4:kernel-default-4.12.14-95.6.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP4:kernel-default-4.12.14-95.6.1.s390x",
"SUSE Linux Enterprise Server 12 SP4:kernel-default-4.12.14-95.6.1.x86_64",
"SUSE Linux Enterprise Server 12 SP4:kernel-default-base-4.12.14-95.6.1.aarch64",
"SUSE Linux Enterprise Server 12 SP4:kernel-default-base-4.12.14-95.6.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP4:kernel-default-base-4.12.14-95.6.1.s390x",
"SUSE Linux Enterprise Server 12 SP4:kernel-default-base-4.12.14-95.6.1.x86_64",
"SUSE Linux Enterprise Server 12 SP4:kernel-default-devel-4.12.14-95.6.1.aarch64",
"SUSE Linux Enterprise Server 12 SP4:kernel-default-devel-4.12.14-95.6.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP4:kernel-default-devel-4.12.14-95.6.1.s390x",
"SUSE Linux Enterprise Server 12 SP4:kernel-default-devel-4.12.14-95.6.1.x86_64",
"SUSE Linux Enterprise Server 12 SP4:kernel-default-man-4.12.14-95.6.1.s390x",
"SUSE Linux Enterprise Server 12 SP4:kernel-devel-4.12.14-95.6.1.noarch",
"SUSE Linux Enterprise Server 12 SP4:kernel-macros-4.12.14-95.6.1.noarch",
"SUSE Linux Enterprise Server 12 SP4:kernel-source-4.12.14-95.6.1.noarch",
"SUSE Linux Enterprise Server 12 SP4:kernel-syms-4.12.14-95.6.1.aarch64",
"SUSE Linux Enterprise Server 12 SP4:kernel-syms-4.12.14-95.6.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP4:kernel-syms-4.12.14-95.6.1.s390x",
"SUSE Linux Enterprise Server 12 SP4:kernel-syms-4.12.14-95.6.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-default-4.12.14-95.6.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-default-4.12.14-95.6.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-default-4.12.14-95.6.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-default-4.12.14-95.6.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-default-base-4.12.14-95.6.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-default-base-4.12.14-95.6.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-default-base-4.12.14-95.6.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-default-base-4.12.14-95.6.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-default-devel-4.12.14-95.6.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-default-devel-4.12.14-95.6.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-default-devel-4.12.14-95.6.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-default-devel-4.12.14-95.6.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-default-man-4.12.14-95.6.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-devel-4.12.14-95.6.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-macros-4.12.14-95.6.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-source-4.12.14-95.6.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-syms-4.12.14-95.6.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-syms-4.12.14-95.6.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-syms-4.12.14-95.6.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-syms-4.12.14-95.6.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP4:kernel-docs-4.12.14-95.6.1.noarch",
"SUSE Linux Enterprise Software Development Kit 12 SP4:kernel-obs-build-4.12.14-95.6.1.aarch64",
"SUSE Linux Enterprise Software Development Kit 12 SP4:kernel-obs-build-4.12.14-95.6.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP4:kernel-obs-build-4.12.14-95.6.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP4:kernel-obs-build-4.12.14-95.6.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 12 SP4:kernel-default-extra-4.12.14-95.6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2019-01-29T12:14:56Z",
"details": "low"
}
],
"title": "CVE-2018-19985"
},
{
"cve": "CVE-2018-20169",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2018-20169"
}
],
"notes": [
{
"category": "general",
"text": "An issue was discovered in the Linux kernel before 4.19.9. The USB subsystem mishandles size checks during the reading of an extra descriptor, related to __usb_get_extra_descriptor in drivers/usb/core/usb.c.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Desktop 12 SP4:kernel-default-4.12.14-95.6.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP4:kernel-default-devel-4.12.14-95.6.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP4:kernel-default-extra-4.12.14-95.6.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP4:kernel-devel-4.12.14-95.6.1.noarch",
"SUSE Linux Enterprise Desktop 12 SP4:kernel-macros-4.12.14-95.6.1.noarch",
"SUSE Linux Enterprise Desktop 12 SP4:kernel-source-4.12.14-95.6.1.noarch",
"SUSE Linux Enterprise Desktop 12 SP4:kernel-syms-4.12.14-95.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP4:cluster-md-kmp-default-4.12.14-95.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP4:cluster-md-kmp-default-4.12.14-95.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP4:cluster-md-kmp-default-4.12.14-95.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP4:dlm-kmp-default-4.12.14-95.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP4:dlm-kmp-default-4.12.14-95.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP4:dlm-kmp-default-4.12.14-95.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP4:gfs2-kmp-default-4.12.14-95.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP4:gfs2-kmp-default-4.12.14-95.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP4:gfs2-kmp-default-4.12.14-95.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP4:ocfs2-kmp-default-4.12.14-95.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP4:ocfs2-kmp-default-4.12.14-95.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP4:ocfs2-kmp-default-4.12.14-95.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP4:kgraft-patch-4_12_14-95_6-default-1-6.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP4:kgraft-patch-4_12_14-95_6-default-1-6.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP4:kernel-default-4.12.14-95.6.1.aarch64",
"SUSE Linux Enterprise Server 12 SP4:kernel-default-4.12.14-95.6.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP4:kernel-default-4.12.14-95.6.1.s390x",
"SUSE Linux Enterprise Server 12 SP4:kernel-default-4.12.14-95.6.1.x86_64",
"SUSE Linux Enterprise Server 12 SP4:kernel-default-base-4.12.14-95.6.1.aarch64",
"SUSE Linux Enterprise Server 12 SP4:kernel-default-base-4.12.14-95.6.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP4:kernel-default-base-4.12.14-95.6.1.s390x",
"SUSE Linux Enterprise Server 12 SP4:kernel-default-base-4.12.14-95.6.1.x86_64",
"SUSE Linux Enterprise Server 12 SP4:kernel-default-devel-4.12.14-95.6.1.aarch64",
"SUSE Linux Enterprise Server 12 SP4:kernel-default-devel-4.12.14-95.6.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP4:kernel-default-devel-4.12.14-95.6.1.s390x",
"SUSE Linux Enterprise Server 12 SP4:kernel-default-devel-4.12.14-95.6.1.x86_64",
"SUSE Linux Enterprise Server 12 SP4:kernel-default-man-4.12.14-95.6.1.s390x",
"SUSE Linux Enterprise Server 12 SP4:kernel-devel-4.12.14-95.6.1.noarch",
"SUSE Linux Enterprise Server 12 SP4:kernel-macros-4.12.14-95.6.1.noarch",
"SUSE Linux Enterprise Server 12 SP4:kernel-source-4.12.14-95.6.1.noarch",
"SUSE Linux Enterprise Server 12 SP4:kernel-syms-4.12.14-95.6.1.aarch64",
"SUSE Linux Enterprise Server 12 SP4:kernel-syms-4.12.14-95.6.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP4:kernel-syms-4.12.14-95.6.1.s390x",
"SUSE Linux Enterprise Server 12 SP4:kernel-syms-4.12.14-95.6.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-default-4.12.14-95.6.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-default-4.12.14-95.6.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-default-4.12.14-95.6.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-default-4.12.14-95.6.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-default-base-4.12.14-95.6.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-default-base-4.12.14-95.6.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-default-base-4.12.14-95.6.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-default-base-4.12.14-95.6.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-default-devel-4.12.14-95.6.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-default-devel-4.12.14-95.6.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-default-devel-4.12.14-95.6.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-default-devel-4.12.14-95.6.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-default-man-4.12.14-95.6.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-devel-4.12.14-95.6.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-macros-4.12.14-95.6.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-source-4.12.14-95.6.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-syms-4.12.14-95.6.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-syms-4.12.14-95.6.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-syms-4.12.14-95.6.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-syms-4.12.14-95.6.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP4:kernel-docs-4.12.14-95.6.1.noarch",
"SUSE Linux Enterprise Software Development Kit 12 SP4:kernel-obs-build-4.12.14-95.6.1.aarch64",
"SUSE Linux Enterprise Software Development Kit 12 SP4:kernel-obs-build-4.12.14-95.6.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP4:kernel-obs-build-4.12.14-95.6.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP4:kernel-obs-build-4.12.14-95.6.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 12 SP4:kernel-default-extra-4.12.14-95.6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2018-20169",
"url": "https://www.suse.com/security/cve/CVE-2018-20169"
},
{
"category": "external",
"summary": "SUSE Bug 1119714 for CVE-2018-20169",
"url": "https://bugzilla.suse.com/1119714"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Desktop 12 SP4:kernel-default-4.12.14-95.6.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP4:kernel-default-devel-4.12.14-95.6.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP4:kernel-default-extra-4.12.14-95.6.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP4:kernel-devel-4.12.14-95.6.1.noarch",
"SUSE Linux Enterprise Desktop 12 SP4:kernel-macros-4.12.14-95.6.1.noarch",
"SUSE Linux Enterprise Desktop 12 SP4:kernel-source-4.12.14-95.6.1.noarch",
"SUSE Linux Enterprise Desktop 12 SP4:kernel-syms-4.12.14-95.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP4:cluster-md-kmp-default-4.12.14-95.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP4:cluster-md-kmp-default-4.12.14-95.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP4:cluster-md-kmp-default-4.12.14-95.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP4:dlm-kmp-default-4.12.14-95.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP4:dlm-kmp-default-4.12.14-95.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP4:dlm-kmp-default-4.12.14-95.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP4:gfs2-kmp-default-4.12.14-95.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP4:gfs2-kmp-default-4.12.14-95.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP4:gfs2-kmp-default-4.12.14-95.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP4:ocfs2-kmp-default-4.12.14-95.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP4:ocfs2-kmp-default-4.12.14-95.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP4:ocfs2-kmp-default-4.12.14-95.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP4:kgraft-patch-4_12_14-95_6-default-1-6.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP4:kgraft-patch-4_12_14-95_6-default-1-6.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP4:kernel-default-4.12.14-95.6.1.aarch64",
"SUSE Linux Enterprise Server 12 SP4:kernel-default-4.12.14-95.6.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP4:kernel-default-4.12.14-95.6.1.s390x",
"SUSE Linux Enterprise Server 12 SP4:kernel-default-4.12.14-95.6.1.x86_64",
"SUSE Linux Enterprise Server 12 SP4:kernel-default-base-4.12.14-95.6.1.aarch64",
"SUSE Linux Enterprise Server 12 SP4:kernel-default-base-4.12.14-95.6.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP4:kernel-default-base-4.12.14-95.6.1.s390x",
"SUSE Linux Enterprise Server 12 SP4:kernel-default-base-4.12.14-95.6.1.x86_64",
"SUSE Linux Enterprise Server 12 SP4:kernel-default-devel-4.12.14-95.6.1.aarch64",
"SUSE Linux Enterprise Server 12 SP4:kernel-default-devel-4.12.14-95.6.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP4:kernel-default-devel-4.12.14-95.6.1.s390x",
"SUSE Linux Enterprise Server 12 SP4:kernel-default-devel-4.12.14-95.6.1.x86_64",
"SUSE Linux Enterprise Server 12 SP4:kernel-default-man-4.12.14-95.6.1.s390x",
"SUSE Linux Enterprise Server 12 SP4:kernel-devel-4.12.14-95.6.1.noarch",
"SUSE Linux Enterprise Server 12 SP4:kernel-macros-4.12.14-95.6.1.noarch",
"SUSE Linux Enterprise Server 12 SP4:kernel-source-4.12.14-95.6.1.noarch",
"SUSE Linux Enterprise Server 12 SP4:kernel-syms-4.12.14-95.6.1.aarch64",
"SUSE Linux Enterprise Server 12 SP4:kernel-syms-4.12.14-95.6.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP4:kernel-syms-4.12.14-95.6.1.s390x",
"SUSE Linux Enterprise Server 12 SP4:kernel-syms-4.12.14-95.6.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-default-4.12.14-95.6.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-default-4.12.14-95.6.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-default-4.12.14-95.6.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-default-4.12.14-95.6.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-default-base-4.12.14-95.6.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-default-base-4.12.14-95.6.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-default-base-4.12.14-95.6.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-default-base-4.12.14-95.6.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-default-devel-4.12.14-95.6.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-default-devel-4.12.14-95.6.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-default-devel-4.12.14-95.6.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-default-devel-4.12.14-95.6.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-default-man-4.12.14-95.6.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-devel-4.12.14-95.6.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-macros-4.12.14-95.6.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-source-4.12.14-95.6.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-syms-4.12.14-95.6.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-syms-4.12.14-95.6.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-syms-4.12.14-95.6.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-syms-4.12.14-95.6.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP4:kernel-docs-4.12.14-95.6.1.noarch",
"SUSE Linux Enterprise Software Development Kit 12 SP4:kernel-obs-build-4.12.14-95.6.1.aarch64",
"SUSE Linux Enterprise Software Development Kit 12 SP4:kernel-obs-build-4.12.14-95.6.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP4:kernel-obs-build-4.12.14-95.6.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP4:kernel-obs-build-4.12.14-95.6.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 12 SP4:kernel-default-extra-4.12.14-95.6.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.0/AV:P/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"products": [
"SUSE Linux Enterprise Desktop 12 SP4:kernel-default-4.12.14-95.6.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP4:kernel-default-devel-4.12.14-95.6.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP4:kernel-default-extra-4.12.14-95.6.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP4:kernel-devel-4.12.14-95.6.1.noarch",
"SUSE Linux Enterprise Desktop 12 SP4:kernel-macros-4.12.14-95.6.1.noarch",
"SUSE Linux Enterprise Desktop 12 SP4:kernel-source-4.12.14-95.6.1.noarch",
"SUSE Linux Enterprise Desktop 12 SP4:kernel-syms-4.12.14-95.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP4:cluster-md-kmp-default-4.12.14-95.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP4:cluster-md-kmp-default-4.12.14-95.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP4:cluster-md-kmp-default-4.12.14-95.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP4:dlm-kmp-default-4.12.14-95.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP4:dlm-kmp-default-4.12.14-95.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP4:dlm-kmp-default-4.12.14-95.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP4:gfs2-kmp-default-4.12.14-95.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP4:gfs2-kmp-default-4.12.14-95.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP4:gfs2-kmp-default-4.12.14-95.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP4:ocfs2-kmp-default-4.12.14-95.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP4:ocfs2-kmp-default-4.12.14-95.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP4:ocfs2-kmp-default-4.12.14-95.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP4:kgraft-patch-4_12_14-95_6-default-1-6.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP4:kgraft-patch-4_12_14-95_6-default-1-6.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP4:kernel-default-4.12.14-95.6.1.aarch64",
"SUSE Linux Enterprise Server 12 SP4:kernel-default-4.12.14-95.6.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP4:kernel-default-4.12.14-95.6.1.s390x",
"SUSE Linux Enterprise Server 12 SP4:kernel-default-4.12.14-95.6.1.x86_64",
"SUSE Linux Enterprise Server 12 SP4:kernel-default-base-4.12.14-95.6.1.aarch64",
"SUSE Linux Enterprise Server 12 SP4:kernel-default-base-4.12.14-95.6.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP4:kernel-default-base-4.12.14-95.6.1.s390x",
"SUSE Linux Enterprise Server 12 SP4:kernel-default-base-4.12.14-95.6.1.x86_64",
"SUSE Linux Enterprise Server 12 SP4:kernel-default-devel-4.12.14-95.6.1.aarch64",
"SUSE Linux Enterprise Server 12 SP4:kernel-default-devel-4.12.14-95.6.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP4:kernel-default-devel-4.12.14-95.6.1.s390x",
"SUSE Linux Enterprise Server 12 SP4:kernel-default-devel-4.12.14-95.6.1.x86_64",
"SUSE Linux Enterprise Server 12 SP4:kernel-default-man-4.12.14-95.6.1.s390x",
"SUSE Linux Enterprise Server 12 SP4:kernel-devel-4.12.14-95.6.1.noarch",
"SUSE Linux Enterprise Server 12 SP4:kernel-macros-4.12.14-95.6.1.noarch",
"SUSE Linux Enterprise Server 12 SP4:kernel-source-4.12.14-95.6.1.noarch",
"SUSE Linux Enterprise Server 12 SP4:kernel-syms-4.12.14-95.6.1.aarch64",
"SUSE Linux Enterprise Server 12 SP4:kernel-syms-4.12.14-95.6.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP4:kernel-syms-4.12.14-95.6.1.s390x",
"SUSE Linux Enterprise Server 12 SP4:kernel-syms-4.12.14-95.6.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-default-4.12.14-95.6.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-default-4.12.14-95.6.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-default-4.12.14-95.6.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-default-4.12.14-95.6.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-default-base-4.12.14-95.6.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-default-base-4.12.14-95.6.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-default-base-4.12.14-95.6.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-default-base-4.12.14-95.6.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-default-devel-4.12.14-95.6.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-default-devel-4.12.14-95.6.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-default-devel-4.12.14-95.6.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-default-devel-4.12.14-95.6.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-default-man-4.12.14-95.6.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-devel-4.12.14-95.6.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-macros-4.12.14-95.6.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-source-4.12.14-95.6.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-syms-4.12.14-95.6.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-syms-4.12.14-95.6.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-syms-4.12.14-95.6.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-syms-4.12.14-95.6.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP4:kernel-docs-4.12.14-95.6.1.noarch",
"SUSE Linux Enterprise Software Development Kit 12 SP4:kernel-obs-build-4.12.14-95.6.1.aarch64",
"SUSE Linux Enterprise Software Development Kit 12 SP4:kernel-obs-build-4.12.14-95.6.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP4:kernel-obs-build-4.12.14-95.6.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP4:kernel-obs-build-4.12.14-95.6.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 12 SP4:kernel-default-extra-4.12.14-95.6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2019-01-29T12:14:56Z",
"details": "moderate"
}
],
"title": "CVE-2018-20169"
},
{
"cve": "CVE-2018-9568",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2018-9568"
}
],
"notes": [
{
"category": "general",
"text": "In sk_clone_lock of sock.c, there is a possible memory corruption due to type confusion. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation. Product: Android. Versions: Android kernel. Android ID: A-113509306. References: Upstream kernel.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Desktop 12 SP4:kernel-default-4.12.14-95.6.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP4:kernel-default-devel-4.12.14-95.6.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP4:kernel-default-extra-4.12.14-95.6.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP4:kernel-devel-4.12.14-95.6.1.noarch",
"SUSE Linux Enterprise Desktop 12 SP4:kernel-macros-4.12.14-95.6.1.noarch",
"SUSE Linux Enterprise Desktop 12 SP4:kernel-source-4.12.14-95.6.1.noarch",
"SUSE Linux Enterprise Desktop 12 SP4:kernel-syms-4.12.14-95.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP4:cluster-md-kmp-default-4.12.14-95.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP4:cluster-md-kmp-default-4.12.14-95.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP4:cluster-md-kmp-default-4.12.14-95.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP4:dlm-kmp-default-4.12.14-95.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP4:dlm-kmp-default-4.12.14-95.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP4:dlm-kmp-default-4.12.14-95.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP4:gfs2-kmp-default-4.12.14-95.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP4:gfs2-kmp-default-4.12.14-95.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP4:gfs2-kmp-default-4.12.14-95.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP4:ocfs2-kmp-default-4.12.14-95.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP4:ocfs2-kmp-default-4.12.14-95.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP4:ocfs2-kmp-default-4.12.14-95.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP4:kgraft-patch-4_12_14-95_6-default-1-6.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP4:kgraft-patch-4_12_14-95_6-default-1-6.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP4:kernel-default-4.12.14-95.6.1.aarch64",
"SUSE Linux Enterprise Server 12 SP4:kernel-default-4.12.14-95.6.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP4:kernel-default-4.12.14-95.6.1.s390x",
"SUSE Linux Enterprise Server 12 SP4:kernel-default-4.12.14-95.6.1.x86_64",
"SUSE Linux Enterprise Server 12 SP4:kernel-default-base-4.12.14-95.6.1.aarch64",
"SUSE Linux Enterprise Server 12 SP4:kernel-default-base-4.12.14-95.6.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP4:kernel-default-base-4.12.14-95.6.1.s390x",
"SUSE Linux Enterprise Server 12 SP4:kernel-default-base-4.12.14-95.6.1.x86_64",
"SUSE Linux Enterprise Server 12 SP4:kernel-default-devel-4.12.14-95.6.1.aarch64",
"SUSE Linux Enterprise Server 12 SP4:kernel-default-devel-4.12.14-95.6.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP4:kernel-default-devel-4.12.14-95.6.1.s390x",
"SUSE Linux Enterprise Server 12 SP4:kernel-default-devel-4.12.14-95.6.1.x86_64",
"SUSE Linux Enterprise Server 12 SP4:kernel-default-man-4.12.14-95.6.1.s390x",
"SUSE Linux Enterprise Server 12 SP4:kernel-devel-4.12.14-95.6.1.noarch",
"SUSE Linux Enterprise Server 12 SP4:kernel-macros-4.12.14-95.6.1.noarch",
"SUSE Linux Enterprise Server 12 SP4:kernel-source-4.12.14-95.6.1.noarch",
"SUSE Linux Enterprise Server 12 SP4:kernel-syms-4.12.14-95.6.1.aarch64",
"SUSE Linux Enterprise Server 12 SP4:kernel-syms-4.12.14-95.6.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP4:kernel-syms-4.12.14-95.6.1.s390x",
"SUSE Linux Enterprise Server 12 SP4:kernel-syms-4.12.14-95.6.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-default-4.12.14-95.6.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-default-4.12.14-95.6.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-default-4.12.14-95.6.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-default-4.12.14-95.6.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-default-base-4.12.14-95.6.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-default-base-4.12.14-95.6.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-default-base-4.12.14-95.6.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-default-base-4.12.14-95.6.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-default-devel-4.12.14-95.6.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-default-devel-4.12.14-95.6.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-default-devel-4.12.14-95.6.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-default-devel-4.12.14-95.6.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-default-man-4.12.14-95.6.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-devel-4.12.14-95.6.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-macros-4.12.14-95.6.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-source-4.12.14-95.6.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-syms-4.12.14-95.6.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-syms-4.12.14-95.6.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-syms-4.12.14-95.6.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-syms-4.12.14-95.6.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP4:kernel-docs-4.12.14-95.6.1.noarch",
"SUSE Linux Enterprise Software Development Kit 12 SP4:kernel-obs-build-4.12.14-95.6.1.aarch64",
"SUSE Linux Enterprise Software Development Kit 12 SP4:kernel-obs-build-4.12.14-95.6.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP4:kernel-obs-build-4.12.14-95.6.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP4:kernel-obs-build-4.12.14-95.6.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 12 SP4:kernel-default-extra-4.12.14-95.6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2018-9568",
"url": "https://www.suse.com/security/cve/CVE-2018-9568"
},
{
"category": "external",
"summary": "SUSE Bug 1118319 for CVE-2018-9568",
"url": "https://bugzilla.suse.com/1118319"
},
{
"category": "external",
"summary": "SUSE Bug 1118320 for CVE-2018-9568",
"url": "https://bugzilla.suse.com/1118320"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Desktop 12 SP4:kernel-default-4.12.14-95.6.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP4:kernel-default-devel-4.12.14-95.6.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP4:kernel-default-extra-4.12.14-95.6.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP4:kernel-devel-4.12.14-95.6.1.noarch",
"SUSE Linux Enterprise Desktop 12 SP4:kernel-macros-4.12.14-95.6.1.noarch",
"SUSE Linux Enterprise Desktop 12 SP4:kernel-source-4.12.14-95.6.1.noarch",
"SUSE Linux Enterprise Desktop 12 SP4:kernel-syms-4.12.14-95.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP4:cluster-md-kmp-default-4.12.14-95.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP4:cluster-md-kmp-default-4.12.14-95.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP4:cluster-md-kmp-default-4.12.14-95.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP4:dlm-kmp-default-4.12.14-95.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP4:dlm-kmp-default-4.12.14-95.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP4:dlm-kmp-default-4.12.14-95.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP4:gfs2-kmp-default-4.12.14-95.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP4:gfs2-kmp-default-4.12.14-95.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP4:gfs2-kmp-default-4.12.14-95.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP4:ocfs2-kmp-default-4.12.14-95.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP4:ocfs2-kmp-default-4.12.14-95.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP4:ocfs2-kmp-default-4.12.14-95.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP4:kgraft-patch-4_12_14-95_6-default-1-6.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP4:kgraft-patch-4_12_14-95_6-default-1-6.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP4:kernel-default-4.12.14-95.6.1.aarch64",
"SUSE Linux Enterprise Server 12 SP4:kernel-default-4.12.14-95.6.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP4:kernel-default-4.12.14-95.6.1.s390x",
"SUSE Linux Enterprise Server 12 SP4:kernel-default-4.12.14-95.6.1.x86_64",
"SUSE Linux Enterprise Server 12 SP4:kernel-default-base-4.12.14-95.6.1.aarch64",
"SUSE Linux Enterprise Server 12 SP4:kernel-default-base-4.12.14-95.6.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP4:kernel-default-base-4.12.14-95.6.1.s390x",
"SUSE Linux Enterprise Server 12 SP4:kernel-default-base-4.12.14-95.6.1.x86_64",
"SUSE Linux Enterprise Server 12 SP4:kernel-default-devel-4.12.14-95.6.1.aarch64",
"SUSE Linux Enterprise Server 12 SP4:kernel-default-devel-4.12.14-95.6.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP4:kernel-default-devel-4.12.14-95.6.1.s390x",
"SUSE Linux Enterprise Server 12 SP4:kernel-default-devel-4.12.14-95.6.1.x86_64",
"SUSE Linux Enterprise Server 12 SP4:kernel-default-man-4.12.14-95.6.1.s390x",
"SUSE Linux Enterprise Server 12 SP4:kernel-devel-4.12.14-95.6.1.noarch",
"SUSE Linux Enterprise Server 12 SP4:kernel-macros-4.12.14-95.6.1.noarch",
"SUSE Linux Enterprise Server 12 SP4:kernel-source-4.12.14-95.6.1.noarch",
"SUSE Linux Enterprise Server 12 SP4:kernel-syms-4.12.14-95.6.1.aarch64",
"SUSE Linux Enterprise Server 12 SP4:kernel-syms-4.12.14-95.6.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP4:kernel-syms-4.12.14-95.6.1.s390x",
"SUSE Linux Enterprise Server 12 SP4:kernel-syms-4.12.14-95.6.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-default-4.12.14-95.6.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-default-4.12.14-95.6.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-default-4.12.14-95.6.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-default-4.12.14-95.6.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-default-base-4.12.14-95.6.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-default-base-4.12.14-95.6.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-default-base-4.12.14-95.6.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-default-base-4.12.14-95.6.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-default-devel-4.12.14-95.6.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-default-devel-4.12.14-95.6.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-default-devel-4.12.14-95.6.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-default-devel-4.12.14-95.6.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-default-man-4.12.14-95.6.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-devel-4.12.14-95.6.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-macros-4.12.14-95.6.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-source-4.12.14-95.6.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-syms-4.12.14-95.6.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-syms-4.12.14-95.6.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-syms-4.12.14-95.6.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-syms-4.12.14-95.6.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP4:kernel-docs-4.12.14-95.6.1.noarch",
"SUSE Linux Enterprise Software Development Kit 12 SP4:kernel-obs-build-4.12.14-95.6.1.aarch64",
"SUSE Linux Enterprise Software Development Kit 12 SP4:kernel-obs-build-4.12.14-95.6.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP4:kernel-obs-build-4.12.14-95.6.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP4:kernel-obs-build-4.12.14-95.6.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 12 SP4:kernel-default-extra-4.12.14-95.6.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.4,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.0/AV:L/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"products": [
"SUSE Linux Enterprise Desktop 12 SP4:kernel-default-4.12.14-95.6.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP4:kernel-default-devel-4.12.14-95.6.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP4:kernel-default-extra-4.12.14-95.6.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP4:kernel-devel-4.12.14-95.6.1.noarch",
"SUSE Linux Enterprise Desktop 12 SP4:kernel-macros-4.12.14-95.6.1.noarch",
"SUSE Linux Enterprise Desktop 12 SP4:kernel-source-4.12.14-95.6.1.noarch",
"SUSE Linux Enterprise Desktop 12 SP4:kernel-syms-4.12.14-95.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP4:cluster-md-kmp-default-4.12.14-95.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP4:cluster-md-kmp-default-4.12.14-95.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP4:cluster-md-kmp-default-4.12.14-95.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP4:dlm-kmp-default-4.12.14-95.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP4:dlm-kmp-default-4.12.14-95.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP4:dlm-kmp-default-4.12.14-95.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP4:gfs2-kmp-default-4.12.14-95.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP4:gfs2-kmp-default-4.12.14-95.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP4:gfs2-kmp-default-4.12.14-95.6.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP4:ocfs2-kmp-default-4.12.14-95.6.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP4:ocfs2-kmp-default-4.12.14-95.6.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP4:ocfs2-kmp-default-4.12.14-95.6.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP4:kgraft-patch-4_12_14-95_6-default-1-6.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP4:kgraft-patch-4_12_14-95_6-default-1-6.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP4:kernel-default-4.12.14-95.6.1.aarch64",
"SUSE Linux Enterprise Server 12 SP4:kernel-default-4.12.14-95.6.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP4:kernel-default-4.12.14-95.6.1.s390x",
"SUSE Linux Enterprise Server 12 SP4:kernel-default-4.12.14-95.6.1.x86_64",
"SUSE Linux Enterprise Server 12 SP4:kernel-default-base-4.12.14-95.6.1.aarch64",
"SUSE Linux Enterprise Server 12 SP4:kernel-default-base-4.12.14-95.6.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP4:kernel-default-base-4.12.14-95.6.1.s390x",
"SUSE Linux Enterprise Server 12 SP4:kernel-default-base-4.12.14-95.6.1.x86_64",
"SUSE Linux Enterprise Server 12 SP4:kernel-default-devel-4.12.14-95.6.1.aarch64",
"SUSE Linux Enterprise Server 12 SP4:kernel-default-devel-4.12.14-95.6.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP4:kernel-default-devel-4.12.14-95.6.1.s390x",
"SUSE Linux Enterprise Server 12 SP4:kernel-default-devel-4.12.14-95.6.1.x86_64",
"SUSE Linux Enterprise Server 12 SP4:kernel-default-man-4.12.14-95.6.1.s390x",
"SUSE Linux Enterprise Server 12 SP4:kernel-devel-4.12.14-95.6.1.noarch",
"SUSE Linux Enterprise Server 12 SP4:kernel-macros-4.12.14-95.6.1.noarch",
"SUSE Linux Enterprise Server 12 SP4:kernel-source-4.12.14-95.6.1.noarch",
"SUSE Linux Enterprise Server 12 SP4:kernel-syms-4.12.14-95.6.1.aarch64",
"SUSE Linux Enterprise Server 12 SP4:kernel-syms-4.12.14-95.6.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP4:kernel-syms-4.12.14-95.6.1.s390x",
"SUSE Linux Enterprise Server 12 SP4:kernel-syms-4.12.14-95.6.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-default-4.12.14-95.6.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-default-4.12.14-95.6.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-default-4.12.14-95.6.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-default-4.12.14-95.6.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-default-base-4.12.14-95.6.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-default-base-4.12.14-95.6.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-default-base-4.12.14-95.6.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-default-base-4.12.14-95.6.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-default-devel-4.12.14-95.6.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-default-devel-4.12.14-95.6.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-default-devel-4.12.14-95.6.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-default-devel-4.12.14-95.6.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-default-man-4.12.14-95.6.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-devel-4.12.14-95.6.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-macros-4.12.14-95.6.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-source-4.12.14-95.6.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-syms-4.12.14-95.6.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-syms-4.12.14-95.6.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-syms-4.12.14-95.6.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-syms-4.12.14-95.6.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP4:kernel-docs-4.12.14-95.6.1.noarch",
"SUSE Linux Enterprise Software Development Kit 12 SP4:kernel-obs-build-4.12.14-95.6.1.aarch64",
"SUSE Linux Enterprise Software Development Kit 12 SP4:kernel-obs-build-4.12.14-95.6.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP4:kernel-obs-build-4.12.14-95.6.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP4:kernel-obs-build-4.12.14-95.6.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 12 SP4:kernel-default-extra-4.12.14-95.6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2019-01-29T12:14:56Z",
"details": "moderate"
}
],
"title": "CVE-2018-9568"
}
]
}
SUSE-SU-2019:0439-1
Vulnerability from csaf_suse - Published: 2019-02-19 14:35 - Updated: 2019-02-19 14:35Summary
Security update for the Linux Kernel
Notes
Title of the patch
Security update for the Linux Kernel
Description of the patch
The SUSE Linux Enterprise 12 SP2 kernel was updated to receive various security and bugfixes.
The following security bugs were fixed:
- CVE-2018-19985: The function hso_probe read if_num from the USB device (as an u8) and used it without a length check to index an array, resulting in an OOB memory read in hso_probe or hso_get_config_data that could be used by local attackers (bnc#1120743).
- CVE-2018-16884: NFS41+ shares mounted in different network namespaces at the same time can make bc_svc_process() use wrong back-channel IDs and cause a use-after-free vulnerability. Thus a malicious container user can cause a host kernel memory corruption and a system panic. Due to the nature of the flaw, privilege escalation cannot be fully ruled out (bnc#1119946).
- CVE-2018-20169: The USB subsystem mishandled size checks during the reading of an extra descriptor, related to __usb_get_extra_descriptor in drivers/usb/core/usb.c (bnc#1119714).
- CVE-2018-9568: In sk_clone_lock of sock.c, there is a possible memory corruption due to type confusion. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation. (bnc#1118319).
- CVE-2018-16862: A security flaw was found in a way that the cleancache subsystem clears an inode after the final file truncation (removal). The new file created with the same inode may contain leftover pages from cleancache and the old file data instead of the new one (bnc#1117186).
- CVE-2018-19824: A local user could exploit a use-after-free in the ALSA driver by supplying a malicious USB Sound device (with zero interfaces) that is mishandled in usb_audio_probe in sound/usb/card.c (bnc#1118152).
- CVE-2018-18281: The mremap() syscall performs TLB flushes after dropping pagetable locks. If a syscall such as ftruncate() removes entries from the pagetables of a task that is in the middle of mremap(), a stale TLB entry can remain for a short time that permits access to a physical page after it has been released back to the page allocator and reused. (bnc#1113769).
- CVE-2018-18710: An information leak in cdrom_ioctl_select_disc in drivers/cdrom/cdrom.c could be used by local attackers to read kernel memory because a cast from unsigned long to int interferes with bounds checking. This is similar to CVE-2018-10940 and CVE-2018-16658 (bnc#1113751).
- CVE-2018-18690: A local attacker able to set attributes on an xfs filesystem could make this filesystem non-operational until the next mount by triggering an unchecked error condition during an xfs attribute change, because xfs_attr_shortform_addname in fs/xfs/libxfs/xfs_attr.c mishandled ATTR_REPLACE operations with conversion of an attr from short to long form (bnc#1105025).
- CVE-2018-18386: drivers/tty/n_tty.c allowed local attackers (who are able to access pseudo terminals) to hang/block further usage of any pseudo terminal devices due to an EXTPROC versus ICANON confusion in TIOCINQ (bnc#1094825).
- CVE-2018-9516: In hid_debug_events_read of drivers/hid/hid-debug.c, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. (bnc#1108498).
- CVE-2019-3459, CVE-2019-3460: The Blutooth stack suffered from two remote information leak vulnerabilities in the code that handles incoming L2cap configuration packets (bsc#1120758).
The following non-security bugs were fixed:
- aio: hold an extra file reference over AIO read/write operations (bsc#1116027).
- ata: Fix racy link clearance (bsc#1107866).
- btrfs: Fix wrong first_key parameter in replace_path (follow up fixes for bsc#1084721).
- cgroup, netclassid: add a preemption point to write_classid (bnc#1098996).
- cifs: Fix infinite loop when using hard mount option (bsc#1091171).
- dm round robin: revert 'use percpu 'repeat_count' and 'current_path'' (bsc#1113192)
- fscache: fix race between enablement and dropping of object (bsc#1107385).
- ibmvnic: fix index in release_rx_pools (bsc#1115440).
- ip: hash fragments consistently (bsc#1042286 bsc#1108145).
- ipv4: ipv6: netfilter: Adjust the frag mem limit when truesize changes (bsc#1110286).
- ipv6: set rt6i_protocol properly in the route when it is installed (bsc#1114190).
- ipv6: set rt6i_protocol properly in the route when it is installed (bsc#1114190).
- ixgbe: Add function for checking to see if we can reuse page (bsc#1100105).
- ixgbe: Add support for build_skb (bsc#1100105).
- ixgbe: Add support for padding packet (bsc#1100105).
- ixgbe: Break out Rx buffer page management (bsc#1100105).
- ixgbe: Fix output from ixgbe_dump (bsc#1100105).
- ixgbe: Make use of order 1 pages and 3K buffers independent of FCoE (bsc#1100105).
- ixgbe: Only DMA sync frame length (bsc#1100105).
- ixgbe: Update code to better handle incrementing page count (bsc#1100105).
- ixgbe: Update driver to make use of DMA attributes in Rx path (bsc#1100105).
- ixgbe: Use length to determine if descriptor is done (bsc#1100105).
- libfc: sync strings with upstream versions (bsc#1114763).
- md: reorder flag_bits to match upstream commits The ordering in the patches was backward.
- mm: add support for releasing multiple instances of a page (bsc#1100105).
- mm: rename __page_frag functions to __page_frag_cache, drop order from drain (bsc#1100105).
- net: ipv4: do not handle duplicate fragments as overlapping (bsc#1116345).
- NFS: add nostatflush mount option (bsc#1065726).
- nospec: Include <asm/barrier.h> dependency (bsc#1114648).
- ovl: after setting xattributes, you need to copy the attributes in order to make sure the mode and ctime/mtime is set (bsc#1107299).
- powerpc/boot: Request no dynamic linker for boot wrapper (bsc#1070805).
- Revert 'kabi/severities: Ignore missing cpu_tss_tramp (bsc#1099597)' This reverts commit 54da5757cbbb39ab15b3cd09cf922a8a9e32209c.
- rps: flow_dissector: Fix uninitialized flow_keys used in __skb_get_hash possibly (bsc#1042286 bsc#1108145).
- scsi: devinfo: apply to HP XP the same flags as Hitachi VSP (bnc#1091197).
- scsi: libfc: check fc_frame_payload_get() return value for null (bsc#1103624, bsc#1104731).
- sd: disable logical block provisioning if 'lpbme' is not set (bsc#1086095).
- tcp: prevent bogus FRTO undos with non-SACK flows (bsc#1086535).
- Update ibmvnic: Fix RX queue buffer cleanup (bsc#1115440, bsc#1115433).
- x86/asm/entry/32: Simplify pushes of zeroed pt_regs->REGs (bsc#1105931).
- x86/entry/64: Clear registers for exceptions/interrupts, to reduce speculation attack surface (bsc#1105931).
- x86/entry/64/compat: Clear registers for compat syscalls, to reduce speculation attack surface (bsc#1105931).
- x86/entry/64: sanitize extra registers on syscall entry (bsc#1105931).
- x86/kaiser: Avoid loosing NMIs when using trampoline stack (bsc#1106293 bsc#1099597).
- x86,sched: Allow topologies where NUMA nodes share an LLC (bsc#1091158, bsc#1101555, bsc#1117187).
- xen/blkfront: avoid NULL blkfront_info dereference on device removal (bsc#1111062).
- xen/blkfront: correct purging of persistent grants (bnc#1065600).
- xen: fix race in xen_qlock_wait() (bnc#1107256).
- xen: fix xen_qlock_wait() (bnc#1107256).
- xen: make xen_qlock_wait() nestable (bnc#1107256).
- xen/netback: dont overflow meta array (bnc#1099523).
- xen/netfront: do not bug in case of too many frags (bnc#1012382).
- xen/netfront: do not cache skb_shinfo() (bnc#1012382).
- xen/x86: add diagnostic printout to xen_mc_flush() in case of error (bnc#1116183).
- xfrm: use complete IPv6 addresses for hash (bsc#1109330).
- xfs/dmapi: restore event in xfs_getbmap (bsc#1095344, bsc#1114763).
- xfs: fix quotacheck dquot id overflow infinite loop (bsc#1121621).
Patchnames
SUSE-2019-439,SUSE-OpenStack-Cloud-7-2019-439,SUSE-OpenStack-Cloud-Magnum-Orchestration-7-2019-439,SUSE-SLE-HA-12-SP2-2019-439,SUSE-SLE-SAP-12-SP2-2019-439,SUSE-SLE-SERVER-12-SP2-2019-439,SUSE-SLE-SERVER-12-SP2-BCL-2019-439,SUSE-Storage-4-2019-439
Terms of use
CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).
{
"document": {
"aggregate_severity": {
"namespace": "https://www.suse.com/support/security/rating/",
"text": "important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright 2024 SUSE LLC. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "Security update for the Linux Kernel",
"title": "Title of the patch"
},
{
"category": "description",
"text": "The SUSE Linux Enterprise 12 SP2 kernel was updated to receive various security and bugfixes.\n\nThe following security bugs were fixed:\n\n- CVE-2018-19985: The function hso_probe read if_num from the USB device (as an u8) and used it without a length check to index an array, resulting in an OOB memory read in hso_probe or hso_get_config_data that could be used by local attackers (bnc#1120743).\n- CVE-2018-16884: NFS41+ shares mounted in different network namespaces at the same time can make bc_svc_process() use wrong back-channel IDs and cause a use-after-free vulnerability. Thus a malicious container user can cause a host kernel memory corruption and a system panic. Due to the nature of the flaw, privilege escalation cannot be fully ruled out (bnc#1119946).\n- CVE-2018-20169: The USB subsystem mishandled size checks during the reading of an extra descriptor, related to __usb_get_extra_descriptor in drivers/usb/core/usb.c (bnc#1119714).\n- CVE-2018-9568: In sk_clone_lock of sock.c, there is a possible memory corruption due to type confusion. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation. (bnc#1118319).\n- CVE-2018-16862: A security flaw was found in a way that the cleancache subsystem clears an inode after the final file truncation (removal). The new file created with the same inode may contain leftover pages from cleancache and the old file data instead of the new one (bnc#1117186).\n- CVE-2018-19824: A local user could exploit a use-after-free in the ALSA driver by supplying a malicious USB Sound device (with zero interfaces) that is mishandled in usb_audio_probe in sound/usb/card.c (bnc#1118152).\n- CVE-2018-18281: The mremap() syscall performs TLB flushes after dropping pagetable locks. If a syscall such as ftruncate() removes entries from the pagetables of a task that is in the middle of mremap(), a stale TLB entry can remain for a short time that permits access to a physical page after it has been released back to the page allocator and reused. (bnc#1113769).\n- CVE-2018-18710: An information leak in cdrom_ioctl_select_disc in drivers/cdrom/cdrom.c could be used by local attackers to read kernel memory because a cast from unsigned long to int interferes with bounds checking. This is similar to CVE-2018-10940 and CVE-2018-16658 (bnc#1113751).\n- CVE-2018-18690: A local attacker able to set attributes on an xfs filesystem could make this filesystem non-operational until the next mount by triggering an unchecked error condition during an xfs attribute change, because xfs_attr_shortform_addname in fs/xfs/libxfs/xfs_attr.c mishandled ATTR_REPLACE operations with conversion of an attr from short to long form (bnc#1105025).\n- CVE-2018-18386: drivers/tty/n_tty.c allowed local attackers (who are able to access pseudo terminals) to hang/block further usage of any pseudo terminal devices due to an EXTPROC versus ICANON confusion in TIOCINQ (bnc#1094825).\n- CVE-2018-9516: In hid_debug_events_read of drivers/hid/hid-debug.c, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. (bnc#1108498).\n- CVE-2019-3459, CVE-2019-3460: The Blutooth stack suffered from two remote information leak vulnerabilities in the code that handles incoming L2cap configuration packets (bsc#1120758).\n\nThe following non-security bugs were fixed:\n\n- aio: hold an extra file reference over AIO read/write operations (bsc#1116027).\n- ata: Fix racy link clearance (bsc#1107866).\n- btrfs: Fix wrong first_key parameter in replace_path (follow up fixes for bsc#1084721).\n- cgroup, netclassid: add a preemption point to write_classid (bnc#1098996).\n- cifs: Fix infinite loop when using hard mount option (bsc#1091171).\n- dm round robin: revert \u0027use percpu \u0027repeat_count\u0027 and \u0027current_path\u0027\u0027 (bsc#1113192)\n- fscache: fix race between enablement and dropping of object (bsc#1107385).\n- ibmvnic: fix index in release_rx_pools (bsc#1115440).\n- ip: hash fragments consistently (bsc#1042286 bsc#1108145).\n- ipv4: ipv6: netfilter: Adjust the frag mem limit when truesize changes (bsc#1110286).\n- ipv6: set rt6i_protocol properly in the route when it is installed (bsc#1114190).\n- ipv6: set rt6i_protocol properly in the route when it is installed (bsc#1114190).\n- ixgbe: Add function for checking to see if we can reuse page (bsc#1100105).\n- ixgbe: Add support for build_skb (bsc#1100105).\n- ixgbe: Add support for padding packet (bsc#1100105).\n- ixgbe: Break out Rx buffer page management (bsc#1100105).\n- ixgbe: Fix output from ixgbe_dump (bsc#1100105).\n- ixgbe: Make use of order 1 pages and 3K buffers independent of FCoE (bsc#1100105).\n- ixgbe: Only DMA sync frame length (bsc#1100105).\n- ixgbe: Update code to better handle incrementing page count (bsc#1100105).\n- ixgbe: Update driver to make use of DMA attributes in Rx path (bsc#1100105).\n- ixgbe: Use length to determine if descriptor is done (bsc#1100105).\n- libfc: sync strings with upstream versions (bsc#1114763).\n- md: reorder flag_bits to match upstream commits The ordering in the patches was backward.\n- mm: add support for releasing multiple instances of a page (bsc#1100105).\n- mm: rename __page_frag functions to __page_frag_cache, drop order from drain (bsc#1100105).\n- net: ipv4: do not handle duplicate fragments as overlapping (bsc#1116345).\n- NFS: add nostatflush mount option (bsc#1065726).\n- nospec: Include \u003casm/barrier.h\u003e dependency (bsc#1114648).\n- ovl: after setting xattributes, you need to copy the attributes in order to make sure the mode and ctime/mtime is set (bsc#1107299).\n- powerpc/boot: Request no dynamic linker for boot wrapper (bsc#1070805).\n- Revert \u0027kabi/severities: Ignore missing cpu_tss_tramp (bsc#1099597)\u0027 This reverts commit 54da5757cbbb39ab15b3cd09cf922a8a9e32209c.\n- rps: flow_dissector: Fix uninitialized flow_keys used in __skb_get_hash possibly (bsc#1042286 bsc#1108145).\n- scsi: devinfo: apply to HP XP the same flags as Hitachi VSP (bnc#1091197).\n- scsi: libfc: check fc_frame_payload_get() return value for null (bsc#1103624, bsc#1104731).\n- sd: disable logical block provisioning if \u0027lpbme\u0027 is not set (bsc#1086095).\n- tcp: prevent bogus FRTO undos with non-SACK flows (bsc#1086535).\n- Update ibmvnic: Fix RX queue buffer cleanup (bsc#1115440, bsc#1115433).\n- x86/asm/entry/32: Simplify pushes of zeroed pt_regs-\u003eREGs (bsc#1105931).\n- x86/entry/64: Clear registers for exceptions/interrupts, to reduce speculation attack surface (bsc#1105931).\n- x86/entry/64/compat: Clear registers for compat syscalls, to reduce speculation attack surface (bsc#1105931).\n- x86/entry/64: sanitize extra registers on syscall entry (bsc#1105931).\n- x86/kaiser: Avoid loosing NMIs when using trampoline stack (bsc#1106293 bsc#1099597).\n- x86,sched: Allow topologies where NUMA nodes share an LLC (bsc#1091158, bsc#1101555, bsc#1117187).\n- xen/blkfront: avoid NULL blkfront_info dereference on device removal (bsc#1111062).\n- xen/blkfront: correct purging of persistent grants (bnc#1065600).\n- xen: fix race in xen_qlock_wait() (bnc#1107256).\n- xen: fix xen_qlock_wait() (bnc#1107256).\n- xen: make xen_qlock_wait() nestable (bnc#1107256).\n- xen/netback: dont overflow meta array (bnc#1099523).\n- xen/netfront: do not bug in case of too many frags (bnc#1012382).\n- xen/netfront: do not cache skb_shinfo() (bnc#1012382).\n- xen/x86: add diagnostic printout to xen_mc_flush() in case of error (bnc#1116183).\n- xfrm: use complete IPv6 addresses for hash (bsc#1109330).\n- xfs/dmapi: restore event in xfs_getbmap (bsc#1095344, bsc#1114763).\n- xfs: fix quotacheck dquot id overflow infinite loop (bsc#1121621).\n",
"title": "Description of the patch"
},
{
"category": "details",
"text": "SUSE-2019-439,SUSE-OpenStack-Cloud-7-2019-439,SUSE-OpenStack-Cloud-Magnum-Orchestration-7-2019-439,SUSE-SLE-HA-12-SP2-2019-439,SUSE-SLE-SAP-12-SP2-2019-439,SUSE-SLE-SERVER-12-SP2-2019-439,SUSE-SLE-SERVER-12-SP2-BCL-2019-439,SUSE-Storage-4-2019-439",
"title": "Patchnames"
},
{
"category": "legal_disclaimer",
"text": "CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).",
"title": "Terms of use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://www.suse.com/support/security/contact/",
"name": "SUSE Product Security Team",
"namespace": "https://www.suse.com/"
},
"references": [
{
"category": "external",
"summary": "SUSE ratings",
"url": "https://www.suse.com/support/security/rating/"
},
{
"category": "self",
"summary": "URL of this CSAF notice",
"url": "https://ftp.suse.com/pub/projects/security/csaf/suse-su-2019_0439-1.json"
},
{
"category": "self",
"summary": "URL for SUSE-SU-2019:0439-1",
"url": "https://www.suse.com/support/update/announcement/2019/suse-su-20190439-1/"
},
{
"category": "self",
"summary": "E-Mail link for SUSE-SU-2019:0439-1",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2019-February/005138.html"
},
{
"category": "self",
"summary": "SUSE Bug 1012382",
"url": "https://bugzilla.suse.com/1012382"
},
{
"category": "self",
"summary": "SUSE Bug 1023175",
"url": "https://bugzilla.suse.com/1023175"
},
{
"category": "self",
"summary": "SUSE Bug 1042286",
"url": "https://bugzilla.suse.com/1042286"
},
{
"category": "self",
"summary": "SUSE Bug 1065600",
"url": "https://bugzilla.suse.com/1065600"
},
{
"category": "self",
"summary": "SUSE Bug 1065726",
"url": "https://bugzilla.suse.com/1065726"
},
{
"category": "self",
"summary": "SUSE Bug 1070805",
"url": "https://bugzilla.suse.com/1070805"
},
{
"category": "self",
"summary": "SUSE Bug 1084721",
"url": "https://bugzilla.suse.com/1084721"
},
{
"category": "self",
"summary": "SUSE Bug 1086095",
"url": "https://bugzilla.suse.com/1086095"
},
{
"category": "self",
"summary": "SUSE Bug 1086535",
"url": "https://bugzilla.suse.com/1086535"
},
{
"category": "self",
"summary": "SUSE Bug 1091158",
"url": "https://bugzilla.suse.com/1091158"
},
{
"category": "self",
"summary": "SUSE Bug 1091171",
"url": "https://bugzilla.suse.com/1091171"
},
{
"category": "self",
"summary": "SUSE Bug 1091197",
"url": "https://bugzilla.suse.com/1091197"
},
{
"category": "self",
"summary": "SUSE Bug 1094825",
"url": "https://bugzilla.suse.com/1094825"
},
{
"category": "self",
"summary": "SUSE Bug 1095344",
"url": "https://bugzilla.suse.com/1095344"
},
{
"category": "self",
"summary": "SUSE Bug 1098996",
"url": "https://bugzilla.suse.com/1098996"
},
{
"category": "self",
"summary": "SUSE Bug 1099523",
"url": "https://bugzilla.suse.com/1099523"
},
{
"category": "self",
"summary": "SUSE Bug 1099597",
"url": "https://bugzilla.suse.com/1099597"
},
{
"category": "self",
"summary": "SUSE Bug 1100105",
"url": "https://bugzilla.suse.com/1100105"
},
{
"category": "self",
"summary": "SUSE Bug 1101555",
"url": "https://bugzilla.suse.com/1101555"
},
{
"category": "self",
"summary": "SUSE Bug 1103624",
"url": "https://bugzilla.suse.com/1103624"
},
{
"category": "self",
"summary": "SUSE Bug 1104731",
"url": "https://bugzilla.suse.com/1104731"
},
{
"category": "self",
"summary": "SUSE Bug 1105025",
"url": "https://bugzilla.suse.com/1105025"
},
{
"category": "self",
"summary": "SUSE Bug 1105931",
"url": "https://bugzilla.suse.com/1105931"
},
{
"category": "self",
"summary": "SUSE Bug 1106293",
"url": "https://bugzilla.suse.com/1106293"
},
{
"category": "self",
"summary": "SUSE Bug 1107256",
"url": "https://bugzilla.suse.com/1107256"
},
{
"category": "self",
"summary": "SUSE Bug 1107299",
"url": "https://bugzilla.suse.com/1107299"
},
{
"category": "self",
"summary": "SUSE Bug 1107385",
"url": "https://bugzilla.suse.com/1107385"
},
{
"category": "self",
"summary": "SUSE Bug 1107866",
"url": "https://bugzilla.suse.com/1107866"
},
{
"category": "self",
"summary": "SUSE Bug 1108145",
"url": "https://bugzilla.suse.com/1108145"
},
{
"category": "self",
"summary": "SUSE Bug 1108498",
"url": "https://bugzilla.suse.com/1108498"
},
{
"category": "self",
"summary": "SUSE Bug 1109330",
"url": "https://bugzilla.suse.com/1109330"
},
{
"category": "self",
"summary": "SUSE Bug 1110286",
"url": "https://bugzilla.suse.com/1110286"
},
{
"category": "self",
"summary": "SUSE Bug 1110837",
"url": "https://bugzilla.suse.com/1110837"
},
{
"category": "self",
"summary": "SUSE Bug 1111062",
"url": "https://bugzilla.suse.com/1111062"
},
{
"category": "self",
"summary": "SUSE Bug 1113192",
"url": "https://bugzilla.suse.com/1113192"
},
{
"category": "self",
"summary": "SUSE Bug 1113751",
"url": "https://bugzilla.suse.com/1113751"
},
{
"category": "self",
"summary": "SUSE Bug 1113769",
"url": "https://bugzilla.suse.com/1113769"
},
{
"category": "self",
"summary": "SUSE Bug 1114190",
"url": "https://bugzilla.suse.com/1114190"
},
{
"category": "self",
"summary": "SUSE Bug 1114648",
"url": "https://bugzilla.suse.com/1114648"
},
{
"category": "self",
"summary": "SUSE Bug 1114763",
"url": "https://bugzilla.suse.com/1114763"
},
{
"category": "self",
"summary": "SUSE Bug 1115433",
"url": "https://bugzilla.suse.com/1115433"
},
{
"category": "self",
"summary": "SUSE Bug 1115440",
"url": "https://bugzilla.suse.com/1115440"
},
{
"category": "self",
"summary": "SUSE Bug 1116027",
"url": "https://bugzilla.suse.com/1116027"
},
{
"category": "self",
"summary": "SUSE Bug 1116183",
"url": "https://bugzilla.suse.com/1116183"
},
{
"category": "self",
"summary": "SUSE Bug 1116345",
"url": "https://bugzilla.suse.com/1116345"
},
{
"category": "self",
"summary": "SUSE Bug 1117186",
"url": "https://bugzilla.suse.com/1117186"
},
{
"category": "self",
"summary": "SUSE Bug 1117187",
"url": "https://bugzilla.suse.com/1117187"
},
{
"category": "self",
"summary": "SUSE Bug 1118152",
"url": "https://bugzilla.suse.com/1118152"
},
{
"category": "self",
"summary": "SUSE Bug 1118319",
"url": "https://bugzilla.suse.com/1118319"
},
{
"category": "self",
"summary": "SUSE Bug 1119714",
"url": "https://bugzilla.suse.com/1119714"
},
{
"category": "self",
"summary": "SUSE Bug 1119946",
"url": "https://bugzilla.suse.com/1119946"
},
{
"category": "self",
"summary": "SUSE Bug 1119947",
"url": "https://bugzilla.suse.com/1119947"
},
{
"category": "self",
"summary": "SUSE Bug 1120743",
"url": "https://bugzilla.suse.com/1120743"
},
{
"category": "self",
"summary": "SUSE Bug 1120758",
"url": "https://bugzilla.suse.com/1120758"
},
{
"category": "self",
"summary": "SUSE Bug 1121621",
"url": "https://bugzilla.suse.com/1121621"
},
{
"category": "self",
"summary": "SUSE Bug 1123161",
"url": "https://bugzilla.suse.com/1123161"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2018-16862 page",
"url": "https://www.suse.com/security/cve/CVE-2018-16862/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2018-16884 page",
"url": "https://www.suse.com/security/cve/CVE-2018-16884/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2018-18281 page",
"url": "https://www.suse.com/security/cve/CVE-2018-18281/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2018-18386 page",
"url": "https://www.suse.com/security/cve/CVE-2018-18386/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2018-18690 page",
"url": "https://www.suse.com/security/cve/CVE-2018-18690/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2018-18710 page",
"url": "https://www.suse.com/security/cve/CVE-2018-18710/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2018-19824 page",
"url": "https://www.suse.com/security/cve/CVE-2018-19824/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2018-19985 page",
"url": "https://www.suse.com/security/cve/CVE-2018-19985/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2018-20169 page",
"url": "https://www.suse.com/security/cve/CVE-2018-20169/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2018-9516 page",
"url": "https://www.suse.com/security/cve/CVE-2018-9516/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2018-9568 page",
"url": "https://www.suse.com/security/cve/CVE-2018-9568/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2019-3459 page",
"url": "https://www.suse.com/security/cve/CVE-2019-3459/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2019-3460 page",
"url": "https://www.suse.com/security/cve/CVE-2019-3460/"
}
],
"title": "Security update for the Linux Kernel",
"tracking": {
"current_release_date": "2019-02-19T14:35:53Z",
"generator": {
"date": "2019-02-19T14:35:53Z",
"engine": {
"name": "cve-database.git:bin/generate-csaf.pl",
"version": "1"
}
},
"id": "SUSE-SU-2019:0439-1",
"initial_release_date": "2019-02-19T14:35:53Z",
"revision_history": [
{
"date": "2019-02-19T14:35:53Z",
"number": "1",
"summary": "Current version"
}
],
"status": "final",
"version": "1"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_version",
"name": "cluster-md-kmp-default-4.4.121-92.101.1.aarch64",
"product": {
"name": "cluster-md-kmp-default-4.4.121-92.101.1.aarch64",
"product_id": "cluster-md-kmp-default-4.4.121-92.101.1.aarch64"
}
},
{
"category": "product_version",
"name": "cluster-md-kmp-vanilla-4.4.121-92.101.1.aarch64",
"product": {
"name": "cluster-md-kmp-vanilla-4.4.121-92.101.1.aarch64",
"product_id": "cluster-md-kmp-vanilla-4.4.121-92.101.1.aarch64"
}
},
{
"category": "product_version",
"name": "cluster-network-kmp-default-4.4.121-92.101.1.aarch64",
"product": {
"name": "cluster-network-kmp-default-4.4.121-92.101.1.aarch64",
"product_id": "cluster-network-kmp-default-4.4.121-92.101.1.aarch64"
}
},
{
"category": "product_version",
"name": "cluster-network-kmp-vanilla-4.4.121-92.101.1.aarch64",
"product": {
"name": "cluster-network-kmp-vanilla-4.4.121-92.101.1.aarch64",
"product_id": "cluster-network-kmp-vanilla-4.4.121-92.101.1.aarch64"
}
},
{
"category": "product_version",
"name": "dlm-kmp-default-4.4.121-92.101.1.aarch64",
"product": {
"name": "dlm-kmp-default-4.4.121-92.101.1.aarch64",
"product_id": "dlm-kmp-default-4.4.121-92.101.1.aarch64"
}
},
{
"category": "product_version",
"name": "dlm-kmp-vanilla-4.4.121-92.101.1.aarch64",
"product": {
"name": "dlm-kmp-vanilla-4.4.121-92.101.1.aarch64",
"product_id": "dlm-kmp-vanilla-4.4.121-92.101.1.aarch64"
}
},
{
"category": "product_version",
"name": "gfs2-kmp-default-4.4.121-92.101.1.aarch64",
"product": {
"name": "gfs2-kmp-default-4.4.121-92.101.1.aarch64",
"product_id": "gfs2-kmp-default-4.4.121-92.101.1.aarch64"
}
},
{
"category": "product_version",
"name": "gfs2-kmp-vanilla-4.4.121-92.101.1.aarch64",
"product": {
"name": "gfs2-kmp-vanilla-4.4.121-92.101.1.aarch64",
"product_id": "gfs2-kmp-vanilla-4.4.121-92.101.1.aarch64"
}
},
{
"category": "product_version",
"name": "kernel-default-4.4.121-92.101.1.aarch64",
"product": {
"name": "kernel-default-4.4.121-92.101.1.aarch64",
"product_id": "kernel-default-4.4.121-92.101.1.aarch64"
}
},
{
"category": "product_version",
"name": "kernel-default-base-4.4.121-92.101.1.aarch64",
"product": {
"name": "kernel-default-base-4.4.121-92.101.1.aarch64",
"product_id": "kernel-default-base-4.4.121-92.101.1.aarch64"
}
},
{
"category": "product_version",
"name": "kernel-default-devel-4.4.121-92.101.1.aarch64",
"product": {
"name": "kernel-default-devel-4.4.121-92.101.1.aarch64",
"product_id": "kernel-default-devel-4.4.121-92.101.1.aarch64"
}
},
{
"category": "product_version",
"name": "kernel-default-extra-4.4.121-92.101.1.aarch64",
"product": {
"name": "kernel-default-extra-4.4.121-92.101.1.aarch64",
"product_id": "kernel-default-extra-4.4.121-92.101.1.aarch64"
}
},
{
"category": "product_version",
"name": "kernel-default-kgraft-4.4.121-92.101.1.aarch64",
"product": {
"name": "kernel-default-kgraft-4.4.121-92.101.1.aarch64",
"product_id": "kernel-default-kgraft-4.4.121-92.101.1.aarch64"
}
},
{
"category": "product_version",
"name": "kernel-obs-build-4.4.121-92.101.1.aarch64",
"product": {
"name": "kernel-obs-build-4.4.121-92.101.1.aarch64",
"product_id": "kernel-obs-build-4.4.121-92.101.1.aarch64"
}
},
{
"category": "product_version",
"name": "kernel-obs-qa-4.4.121-92.101.1.aarch64",
"product": {
"name": "kernel-obs-qa-4.4.121-92.101.1.aarch64",
"product_id": "kernel-obs-qa-4.4.121-92.101.1.aarch64"
}
},
{
"category": "product_version",
"name": "kernel-syms-4.4.121-92.101.1.aarch64",
"product": {
"name": "kernel-syms-4.4.121-92.101.1.aarch64",
"product_id": "kernel-syms-4.4.121-92.101.1.aarch64"
}
},
{
"category": "product_version",
"name": "kernel-vanilla-4.4.121-92.101.1.aarch64",
"product": {
"name": "kernel-vanilla-4.4.121-92.101.1.aarch64",
"product_id": "kernel-vanilla-4.4.121-92.101.1.aarch64"
}
},
{
"category": "product_version",
"name": "kernel-vanilla-base-4.4.121-92.101.1.aarch64",
"product": {
"name": "kernel-vanilla-base-4.4.121-92.101.1.aarch64",
"product_id": "kernel-vanilla-base-4.4.121-92.101.1.aarch64"
}
},
{
"category": "product_version",
"name": "kernel-vanilla-devel-4.4.121-92.101.1.aarch64",
"product": {
"name": "kernel-vanilla-devel-4.4.121-92.101.1.aarch64",
"product_id": "kernel-vanilla-devel-4.4.121-92.101.1.aarch64"
}
},
{
"category": "product_version",
"name": "ocfs2-kmp-default-4.4.121-92.101.1.aarch64",
"product": {
"name": "ocfs2-kmp-default-4.4.121-92.101.1.aarch64",
"product_id": "ocfs2-kmp-default-4.4.121-92.101.1.aarch64"
}
},
{
"category": "product_version",
"name": "ocfs2-kmp-vanilla-4.4.121-92.101.1.aarch64",
"product": {
"name": "ocfs2-kmp-vanilla-4.4.121-92.101.1.aarch64",
"product_id": "ocfs2-kmp-vanilla-4.4.121-92.101.1.aarch64"
}
}
],
"category": "architecture",
"name": "aarch64"
},
{
"branches": [
{
"category": "product_version",
"name": "kernel-devel-4.4.121-92.101.1.noarch",
"product": {
"name": "kernel-devel-4.4.121-92.101.1.noarch",
"product_id": "kernel-devel-4.4.121-92.101.1.noarch"
}
},
{
"category": "product_version",
"name": "kernel-docs-4.4.121-92.101.1.noarch",
"product": {
"name": "kernel-docs-4.4.121-92.101.1.noarch",
"product_id": "kernel-docs-4.4.121-92.101.1.noarch"
}
},
{
"category": "product_version",
"name": "kernel-docs-html-4.4.121-92.101.1.noarch",
"product": {
"name": "kernel-docs-html-4.4.121-92.101.1.noarch",
"product_id": "kernel-docs-html-4.4.121-92.101.1.noarch"
}
},
{
"category": "product_version",
"name": "kernel-docs-pdf-4.4.121-92.101.1.noarch",
"product": {
"name": "kernel-docs-pdf-4.4.121-92.101.1.noarch",
"product_id": "kernel-docs-pdf-4.4.121-92.101.1.noarch"
}
},
{
"category": "product_version",
"name": "kernel-macros-4.4.121-92.101.1.noarch",
"product": {
"name": "kernel-macros-4.4.121-92.101.1.noarch",
"product_id": "kernel-macros-4.4.121-92.101.1.noarch"
}
},
{
"category": "product_version",
"name": "kernel-source-4.4.121-92.101.1.noarch",
"product": {
"name": "kernel-source-4.4.121-92.101.1.noarch",
"product_id": "kernel-source-4.4.121-92.101.1.noarch"
}
},
{
"category": "product_version",
"name": "kernel-source-vanilla-4.4.121-92.101.1.noarch",
"product": {
"name": "kernel-source-vanilla-4.4.121-92.101.1.noarch",
"product_id": "kernel-source-vanilla-4.4.121-92.101.1.noarch"
}
}
],
"category": "architecture",
"name": "noarch"
},
{
"branches": [
{
"category": "product_version",
"name": "cluster-md-kmp-debug-4.4.121-92.101.1.ppc64le",
"product": {
"name": "cluster-md-kmp-debug-4.4.121-92.101.1.ppc64le",
"product_id": "cluster-md-kmp-debug-4.4.121-92.101.1.ppc64le"
}
},
{
"category": "product_version",
"name": "cluster-md-kmp-default-4.4.121-92.101.1.ppc64le",
"product": {
"name": "cluster-md-kmp-default-4.4.121-92.101.1.ppc64le",
"product_id": "cluster-md-kmp-default-4.4.121-92.101.1.ppc64le"
}
},
{
"category": "product_version",
"name": "cluster-md-kmp-vanilla-4.4.121-92.101.1.ppc64le",
"product": {
"name": "cluster-md-kmp-vanilla-4.4.121-92.101.1.ppc64le",
"product_id": "cluster-md-kmp-vanilla-4.4.121-92.101.1.ppc64le"
}
},
{
"category": "product_version",
"name": "cluster-network-kmp-debug-4.4.121-92.101.1.ppc64le",
"product": {
"name": "cluster-network-kmp-debug-4.4.121-92.101.1.ppc64le",
"product_id": "cluster-network-kmp-debug-4.4.121-92.101.1.ppc64le"
}
},
{
"category": "product_version",
"name": "cluster-network-kmp-default-4.4.121-92.101.1.ppc64le",
"product": {
"name": "cluster-network-kmp-default-4.4.121-92.101.1.ppc64le",
"product_id": "cluster-network-kmp-default-4.4.121-92.101.1.ppc64le"
}
},
{
"category": "product_version",
"name": "cluster-network-kmp-vanilla-4.4.121-92.101.1.ppc64le",
"product": {
"name": "cluster-network-kmp-vanilla-4.4.121-92.101.1.ppc64le",
"product_id": "cluster-network-kmp-vanilla-4.4.121-92.101.1.ppc64le"
}
},
{
"category": "product_version",
"name": "dlm-kmp-debug-4.4.121-92.101.1.ppc64le",
"product": {
"name": "dlm-kmp-debug-4.4.121-92.101.1.ppc64le",
"product_id": "dlm-kmp-debug-4.4.121-92.101.1.ppc64le"
}
},
{
"category": "product_version",
"name": "dlm-kmp-default-4.4.121-92.101.1.ppc64le",
"product": {
"name": "dlm-kmp-default-4.4.121-92.101.1.ppc64le",
"product_id": "dlm-kmp-default-4.4.121-92.101.1.ppc64le"
}
},
{
"category": "product_version",
"name": "dlm-kmp-vanilla-4.4.121-92.101.1.ppc64le",
"product": {
"name": "dlm-kmp-vanilla-4.4.121-92.101.1.ppc64le",
"product_id": "dlm-kmp-vanilla-4.4.121-92.101.1.ppc64le"
}
},
{
"category": "product_version",
"name": "gfs2-kmp-debug-4.4.121-92.101.1.ppc64le",
"product": {
"name": "gfs2-kmp-debug-4.4.121-92.101.1.ppc64le",
"product_id": "gfs2-kmp-debug-4.4.121-92.101.1.ppc64le"
}
},
{
"category": "product_version",
"name": "gfs2-kmp-default-4.4.121-92.101.1.ppc64le",
"product": {
"name": "gfs2-kmp-default-4.4.121-92.101.1.ppc64le",
"product_id": "gfs2-kmp-default-4.4.121-92.101.1.ppc64le"
}
},
{
"category": "product_version",
"name": "gfs2-kmp-vanilla-4.4.121-92.101.1.ppc64le",
"product": {
"name": "gfs2-kmp-vanilla-4.4.121-92.101.1.ppc64le",
"product_id": "gfs2-kmp-vanilla-4.4.121-92.101.1.ppc64le"
}
},
{
"category": "product_version",
"name": "kernel-debug-4.4.121-92.101.1.ppc64le",
"product": {
"name": "kernel-debug-4.4.121-92.101.1.ppc64le",
"product_id": "kernel-debug-4.4.121-92.101.1.ppc64le"
}
},
{
"category": "product_version",
"name": "kernel-debug-base-4.4.121-92.101.1.ppc64le",
"product": {
"name": "kernel-debug-base-4.4.121-92.101.1.ppc64le",
"product_id": "kernel-debug-base-4.4.121-92.101.1.ppc64le"
}
},
{
"category": "product_version",
"name": "kernel-debug-devel-4.4.121-92.101.1.ppc64le",
"product": {
"name": "kernel-debug-devel-4.4.121-92.101.1.ppc64le",
"product_id": "kernel-debug-devel-4.4.121-92.101.1.ppc64le"
}
},
{
"category": "product_version",
"name": "kernel-debug-extra-4.4.121-92.101.1.ppc64le",
"product": {
"name": "kernel-debug-extra-4.4.121-92.101.1.ppc64le",
"product_id": "kernel-debug-extra-4.4.121-92.101.1.ppc64le"
}
},
{
"category": "product_version",
"name": "kernel-debug-kgraft-4.4.121-92.101.1.ppc64le",
"product": {
"name": "kernel-debug-kgraft-4.4.121-92.101.1.ppc64le",
"product_id": "kernel-debug-kgraft-4.4.121-92.101.1.ppc64le"
}
},
{
"category": "product_version",
"name": "kernel-default-4.4.121-92.101.1.ppc64le",
"product": {
"name": "kernel-default-4.4.121-92.101.1.ppc64le",
"product_id": "kernel-default-4.4.121-92.101.1.ppc64le"
}
},
{
"category": "product_version",
"name": "kernel-default-base-4.4.121-92.101.1.ppc64le",
"product": {
"name": "kernel-default-base-4.4.121-92.101.1.ppc64le",
"product_id": "kernel-default-base-4.4.121-92.101.1.ppc64le"
}
},
{
"category": "product_version",
"name": "kernel-default-devel-4.4.121-92.101.1.ppc64le",
"product": {
"name": "kernel-default-devel-4.4.121-92.101.1.ppc64le",
"product_id": "kernel-default-devel-4.4.121-92.101.1.ppc64le"
}
},
{
"category": "product_version",
"name": "kernel-default-extra-4.4.121-92.101.1.ppc64le",
"product": {
"name": "kernel-default-extra-4.4.121-92.101.1.ppc64le",
"product_id": "kernel-default-extra-4.4.121-92.101.1.ppc64le"
}
},
{
"category": "product_version",
"name": "kernel-default-kgraft-4.4.121-92.101.1.ppc64le",
"product": {
"name": "kernel-default-kgraft-4.4.121-92.101.1.ppc64le",
"product_id": "kernel-default-kgraft-4.4.121-92.101.1.ppc64le"
}
},
{
"category": "product_version",
"name": "kernel-obs-build-4.4.121-92.101.1.ppc64le",
"product": {
"name": "kernel-obs-build-4.4.121-92.101.1.ppc64le",
"product_id": "kernel-obs-build-4.4.121-92.101.1.ppc64le"
}
},
{
"category": "product_version",
"name": "kernel-obs-qa-4.4.121-92.101.1.ppc64le",
"product": {
"name": "kernel-obs-qa-4.4.121-92.101.1.ppc64le",
"product_id": "kernel-obs-qa-4.4.121-92.101.1.ppc64le"
}
},
{
"category": "product_version",
"name": "kernel-syms-4.4.121-92.101.1.ppc64le",
"product": {
"name": "kernel-syms-4.4.121-92.101.1.ppc64le",
"product_id": "kernel-syms-4.4.121-92.101.1.ppc64le"
}
},
{
"category": "product_version",
"name": "kernel-vanilla-4.4.121-92.101.1.ppc64le",
"product": {
"name": "kernel-vanilla-4.4.121-92.101.1.ppc64le",
"product_id": "kernel-vanilla-4.4.121-92.101.1.ppc64le"
}
},
{
"category": "product_version",
"name": "kernel-vanilla-base-4.4.121-92.101.1.ppc64le",
"product": {
"name": "kernel-vanilla-base-4.4.121-92.101.1.ppc64le",
"product_id": "kernel-vanilla-base-4.4.121-92.101.1.ppc64le"
}
},
{
"category": "product_version",
"name": "kernel-vanilla-devel-4.4.121-92.101.1.ppc64le",
"product": {
"name": "kernel-vanilla-devel-4.4.121-92.101.1.ppc64le",
"product_id": "kernel-vanilla-devel-4.4.121-92.101.1.ppc64le"
}
},
{
"category": "product_version",
"name": "kgraft-patch-4_4_121-92_101-default-1-3.3.1.ppc64le",
"product": {
"name": "kgraft-patch-4_4_121-92_101-default-1-3.3.1.ppc64le",
"product_id": "kgraft-patch-4_4_121-92_101-default-1-3.3.1.ppc64le"
}
},
{
"category": "product_version",
"name": "ocfs2-kmp-debug-4.4.121-92.101.1.ppc64le",
"product": {
"name": "ocfs2-kmp-debug-4.4.121-92.101.1.ppc64le",
"product_id": "ocfs2-kmp-debug-4.4.121-92.101.1.ppc64le"
}
},
{
"category": "product_version",
"name": "ocfs2-kmp-default-4.4.121-92.101.1.ppc64le",
"product": {
"name": "ocfs2-kmp-default-4.4.121-92.101.1.ppc64le",
"product_id": "ocfs2-kmp-default-4.4.121-92.101.1.ppc64le"
}
},
{
"category": "product_version",
"name": "ocfs2-kmp-vanilla-4.4.121-92.101.1.ppc64le",
"product": {
"name": "ocfs2-kmp-vanilla-4.4.121-92.101.1.ppc64le",
"product_id": "ocfs2-kmp-vanilla-4.4.121-92.101.1.ppc64le"
}
}
],
"category": "architecture",
"name": "ppc64le"
},
{
"branches": [
{
"category": "product_version",
"name": "cluster-md-kmp-default-4.4.121-92.101.1.s390x",
"product": {
"name": "cluster-md-kmp-default-4.4.121-92.101.1.s390x",
"product_id": "cluster-md-kmp-default-4.4.121-92.101.1.s390x"
}
},
{
"category": "product_version",
"name": "cluster-md-kmp-vanilla-4.4.121-92.101.1.s390x",
"product": {
"name": "cluster-md-kmp-vanilla-4.4.121-92.101.1.s390x",
"product_id": "cluster-md-kmp-vanilla-4.4.121-92.101.1.s390x"
}
},
{
"category": "product_version",
"name": "cluster-network-kmp-default-4.4.121-92.101.1.s390x",
"product": {
"name": "cluster-network-kmp-default-4.4.121-92.101.1.s390x",
"product_id": "cluster-network-kmp-default-4.4.121-92.101.1.s390x"
}
},
{
"category": "product_version",
"name": "cluster-network-kmp-vanilla-4.4.121-92.101.1.s390x",
"product": {
"name": "cluster-network-kmp-vanilla-4.4.121-92.101.1.s390x",
"product_id": "cluster-network-kmp-vanilla-4.4.121-92.101.1.s390x"
}
},
{
"category": "product_version",
"name": "dlm-kmp-default-4.4.121-92.101.1.s390x",
"product": {
"name": "dlm-kmp-default-4.4.121-92.101.1.s390x",
"product_id": "dlm-kmp-default-4.4.121-92.101.1.s390x"
}
},
{
"category": "product_version",
"name": "dlm-kmp-vanilla-4.4.121-92.101.1.s390x",
"product": {
"name": "dlm-kmp-vanilla-4.4.121-92.101.1.s390x",
"product_id": "dlm-kmp-vanilla-4.4.121-92.101.1.s390x"
}
},
{
"category": "product_version",
"name": "gfs2-kmp-default-4.4.121-92.101.1.s390x",
"product": {
"name": "gfs2-kmp-default-4.4.121-92.101.1.s390x",
"product_id": "gfs2-kmp-default-4.4.121-92.101.1.s390x"
}
},
{
"category": "product_version",
"name": "gfs2-kmp-vanilla-4.4.121-92.101.1.s390x",
"product": {
"name": "gfs2-kmp-vanilla-4.4.121-92.101.1.s390x",
"product_id": "gfs2-kmp-vanilla-4.4.121-92.101.1.s390x"
}
},
{
"category": "product_version",
"name": "kernel-default-4.4.121-92.101.1.s390x",
"product": {
"name": "kernel-default-4.4.121-92.101.1.s390x",
"product_id": "kernel-default-4.4.121-92.101.1.s390x"
}
},
{
"category": "product_version",
"name": "kernel-default-base-4.4.121-92.101.1.s390x",
"product": {
"name": "kernel-default-base-4.4.121-92.101.1.s390x",
"product_id": "kernel-default-base-4.4.121-92.101.1.s390x"
}
},
{
"category": "product_version",
"name": "kernel-default-devel-4.4.121-92.101.1.s390x",
"product": {
"name": "kernel-default-devel-4.4.121-92.101.1.s390x",
"product_id": "kernel-default-devel-4.4.121-92.101.1.s390x"
}
},
{
"category": "product_version",
"name": "kernel-default-extra-4.4.121-92.101.1.s390x",
"product": {
"name": "kernel-default-extra-4.4.121-92.101.1.s390x",
"product_id": "kernel-default-extra-4.4.121-92.101.1.s390x"
}
},
{
"category": "product_version",
"name": "kernel-default-kgraft-4.4.121-92.101.1.s390x",
"product": {
"name": "kernel-default-kgraft-4.4.121-92.101.1.s390x",
"product_id": "kernel-default-kgraft-4.4.121-92.101.1.s390x"
}
},
{
"category": "product_version",
"name": "kernel-default-man-4.4.121-92.101.1.s390x",
"product": {
"name": "kernel-default-man-4.4.121-92.101.1.s390x",
"product_id": "kernel-default-man-4.4.121-92.101.1.s390x"
}
},
{
"category": "product_version",
"name": "kernel-obs-build-4.4.121-92.101.1.s390x",
"product": {
"name": "kernel-obs-build-4.4.121-92.101.1.s390x",
"product_id": "kernel-obs-build-4.4.121-92.101.1.s390x"
}
},
{
"category": "product_version",
"name": "kernel-obs-qa-4.4.121-92.101.1.s390x",
"product": {
"name": "kernel-obs-qa-4.4.121-92.101.1.s390x",
"product_id": "kernel-obs-qa-4.4.121-92.101.1.s390x"
}
},
{
"category": "product_version",
"name": "kernel-syms-4.4.121-92.101.1.s390x",
"product": {
"name": "kernel-syms-4.4.121-92.101.1.s390x",
"product_id": "kernel-syms-4.4.121-92.101.1.s390x"
}
},
{
"category": "product_version",
"name": "kernel-vanilla-4.4.121-92.101.1.s390x",
"product": {
"name": "kernel-vanilla-4.4.121-92.101.1.s390x",
"product_id": "kernel-vanilla-4.4.121-92.101.1.s390x"
}
},
{
"category": "product_version",
"name": "kernel-vanilla-base-4.4.121-92.101.1.s390x",
"product": {
"name": "kernel-vanilla-base-4.4.121-92.101.1.s390x",
"product_id": "kernel-vanilla-base-4.4.121-92.101.1.s390x"
}
},
{
"category": "product_version",
"name": "kernel-vanilla-devel-4.4.121-92.101.1.s390x",
"product": {
"name": "kernel-vanilla-devel-4.4.121-92.101.1.s390x",
"product_id": "kernel-vanilla-devel-4.4.121-92.101.1.s390x"
}
},
{
"category": "product_version",
"name": "kernel-zfcpdump-4.4.121-92.101.1.s390x",
"product": {
"name": "kernel-zfcpdump-4.4.121-92.101.1.s390x",
"product_id": "kernel-zfcpdump-4.4.121-92.101.1.s390x"
}
},
{
"category": "product_version",
"name": "ocfs2-kmp-default-4.4.121-92.101.1.s390x",
"product": {
"name": "ocfs2-kmp-default-4.4.121-92.101.1.s390x",
"product_id": "ocfs2-kmp-default-4.4.121-92.101.1.s390x"
}
},
{
"category": "product_version",
"name": "ocfs2-kmp-vanilla-4.4.121-92.101.1.s390x",
"product": {
"name": "ocfs2-kmp-vanilla-4.4.121-92.101.1.s390x",
"product_id": "ocfs2-kmp-vanilla-4.4.121-92.101.1.s390x"
}
}
],
"category": "architecture",
"name": "s390x"
},
{
"branches": [
{
"category": "product_version",
"name": "cluster-md-kmp-debug-4.4.121-92.101.1.x86_64",
"product": {
"name": "cluster-md-kmp-debug-4.4.121-92.101.1.x86_64",
"product_id": "cluster-md-kmp-debug-4.4.121-92.101.1.x86_64"
}
},
{
"category": "product_version",
"name": "cluster-md-kmp-default-4.4.121-92.101.1.x86_64",
"product": {
"name": "cluster-md-kmp-default-4.4.121-92.101.1.x86_64",
"product_id": "cluster-md-kmp-default-4.4.121-92.101.1.x86_64"
}
},
{
"category": "product_version",
"name": "cluster-md-kmp-vanilla-4.4.121-92.101.1.x86_64",
"product": {
"name": "cluster-md-kmp-vanilla-4.4.121-92.101.1.x86_64",
"product_id": "cluster-md-kmp-vanilla-4.4.121-92.101.1.x86_64"
}
},
{
"category": "product_version",
"name": "cluster-network-kmp-debug-4.4.121-92.101.1.x86_64",
"product": {
"name": "cluster-network-kmp-debug-4.4.121-92.101.1.x86_64",
"product_id": "cluster-network-kmp-debug-4.4.121-92.101.1.x86_64"
}
},
{
"category": "product_version",
"name": "cluster-network-kmp-default-4.4.121-92.101.1.x86_64",
"product": {
"name": "cluster-network-kmp-default-4.4.121-92.101.1.x86_64",
"product_id": "cluster-network-kmp-default-4.4.121-92.101.1.x86_64"
}
},
{
"category": "product_version",
"name": "cluster-network-kmp-vanilla-4.4.121-92.101.1.x86_64",
"product": {
"name": "cluster-network-kmp-vanilla-4.4.121-92.101.1.x86_64",
"product_id": "cluster-network-kmp-vanilla-4.4.121-92.101.1.x86_64"
}
},
{
"category": "product_version",
"name": "dlm-kmp-debug-4.4.121-92.101.1.x86_64",
"product": {
"name": "dlm-kmp-debug-4.4.121-92.101.1.x86_64",
"product_id": "dlm-kmp-debug-4.4.121-92.101.1.x86_64"
}
},
{
"category": "product_version",
"name": "dlm-kmp-default-4.4.121-92.101.1.x86_64",
"product": {
"name": "dlm-kmp-default-4.4.121-92.101.1.x86_64",
"product_id": "dlm-kmp-default-4.4.121-92.101.1.x86_64"
}
},
{
"category": "product_version",
"name": "dlm-kmp-vanilla-4.4.121-92.101.1.x86_64",
"product": {
"name": "dlm-kmp-vanilla-4.4.121-92.101.1.x86_64",
"product_id": "dlm-kmp-vanilla-4.4.121-92.101.1.x86_64"
}
},
{
"category": "product_version",
"name": "gfs2-kmp-debug-4.4.121-92.101.1.x86_64",
"product": {
"name": "gfs2-kmp-debug-4.4.121-92.101.1.x86_64",
"product_id": "gfs2-kmp-debug-4.4.121-92.101.1.x86_64"
}
},
{
"category": "product_version",
"name": "gfs2-kmp-default-4.4.121-92.101.1.x86_64",
"product": {
"name": "gfs2-kmp-default-4.4.121-92.101.1.x86_64",
"product_id": "gfs2-kmp-default-4.4.121-92.101.1.x86_64"
}
},
{
"category": "product_version",
"name": "gfs2-kmp-vanilla-4.4.121-92.101.1.x86_64",
"product": {
"name": "gfs2-kmp-vanilla-4.4.121-92.101.1.x86_64",
"product_id": "gfs2-kmp-vanilla-4.4.121-92.101.1.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-debug-4.4.121-92.101.1.x86_64",
"product": {
"name": "kernel-debug-4.4.121-92.101.1.x86_64",
"product_id": "kernel-debug-4.4.121-92.101.1.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-debug-base-4.4.121-92.101.1.x86_64",
"product": {
"name": "kernel-debug-base-4.4.121-92.101.1.x86_64",
"product_id": "kernel-debug-base-4.4.121-92.101.1.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-debug-devel-4.4.121-92.101.1.x86_64",
"product": {
"name": "kernel-debug-devel-4.4.121-92.101.1.x86_64",
"product_id": "kernel-debug-devel-4.4.121-92.101.1.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-debug-extra-4.4.121-92.101.1.x86_64",
"product": {
"name": "kernel-debug-extra-4.4.121-92.101.1.x86_64",
"product_id": "kernel-debug-extra-4.4.121-92.101.1.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-debug-kgraft-4.4.121-92.101.1.x86_64",
"product": {
"name": "kernel-debug-kgraft-4.4.121-92.101.1.x86_64",
"product_id": "kernel-debug-kgraft-4.4.121-92.101.1.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-default-4.4.121-92.101.1.x86_64",
"product": {
"name": "kernel-default-4.4.121-92.101.1.x86_64",
"product_id": "kernel-default-4.4.121-92.101.1.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-default-base-4.4.121-92.101.1.x86_64",
"product": {
"name": "kernel-default-base-4.4.121-92.101.1.x86_64",
"product_id": "kernel-default-base-4.4.121-92.101.1.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-default-devel-4.4.121-92.101.1.x86_64",
"product": {
"name": "kernel-default-devel-4.4.121-92.101.1.x86_64",
"product_id": "kernel-default-devel-4.4.121-92.101.1.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-default-extra-4.4.121-92.101.1.x86_64",
"product": {
"name": "kernel-default-extra-4.4.121-92.101.1.x86_64",
"product_id": "kernel-default-extra-4.4.121-92.101.1.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-default-kgraft-4.4.121-92.101.1.x86_64",
"product": {
"name": "kernel-default-kgraft-4.4.121-92.101.1.x86_64",
"product_id": "kernel-default-kgraft-4.4.121-92.101.1.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-obs-build-4.4.121-92.101.1.x86_64",
"product": {
"name": "kernel-obs-build-4.4.121-92.101.1.x86_64",
"product_id": "kernel-obs-build-4.4.121-92.101.1.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-obs-qa-4.4.121-92.101.1.x86_64",
"product": {
"name": "kernel-obs-qa-4.4.121-92.101.1.x86_64",
"product_id": "kernel-obs-qa-4.4.121-92.101.1.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-syms-4.4.121-92.101.1.x86_64",
"product": {
"name": "kernel-syms-4.4.121-92.101.1.x86_64",
"product_id": "kernel-syms-4.4.121-92.101.1.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-vanilla-4.4.121-92.101.1.x86_64",
"product": {
"name": "kernel-vanilla-4.4.121-92.101.1.x86_64",
"product_id": "kernel-vanilla-4.4.121-92.101.1.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-vanilla-base-4.4.121-92.101.1.x86_64",
"product": {
"name": "kernel-vanilla-base-4.4.121-92.101.1.x86_64",
"product_id": "kernel-vanilla-base-4.4.121-92.101.1.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-vanilla-devel-4.4.121-92.101.1.x86_64",
"product": {
"name": "kernel-vanilla-devel-4.4.121-92.101.1.x86_64",
"product_id": "kernel-vanilla-devel-4.4.121-92.101.1.x86_64"
}
},
{
"category": "product_version",
"name": "kgraft-patch-4_4_121-92_101-default-1-3.3.1.x86_64",
"product": {
"name": "kgraft-patch-4_4_121-92_101-default-1-3.3.1.x86_64",
"product_id": "kgraft-patch-4_4_121-92_101-default-1-3.3.1.x86_64"
}
},
{
"category": "product_version",
"name": "ocfs2-kmp-debug-4.4.121-92.101.1.x86_64",
"product": {
"name": "ocfs2-kmp-debug-4.4.121-92.101.1.x86_64",
"product_id": "ocfs2-kmp-debug-4.4.121-92.101.1.x86_64"
}
},
{
"category": "product_version",
"name": "ocfs2-kmp-default-4.4.121-92.101.1.x86_64",
"product": {
"name": "ocfs2-kmp-default-4.4.121-92.101.1.x86_64",
"product_id": "ocfs2-kmp-default-4.4.121-92.101.1.x86_64"
}
},
{
"category": "product_version",
"name": "ocfs2-kmp-vanilla-4.4.121-92.101.1.x86_64",
"product": {
"name": "ocfs2-kmp-vanilla-4.4.121-92.101.1.x86_64",
"product_id": "ocfs2-kmp-vanilla-4.4.121-92.101.1.x86_64"
}
}
],
"category": "architecture",
"name": "x86_64"
},
{
"branches": [
{
"category": "product_name",
"name": "SUSE OpenStack Cloud 7",
"product": {
"name": "SUSE OpenStack Cloud 7",
"product_id": "SUSE OpenStack Cloud 7",
"product_identification_helper": {
"cpe": "cpe:/o:suse:suse-openstack-cloud:7"
}
}
},
{
"category": "product_name",
"name": "SUSE Linux Enterprise High Availability Extension 12 SP2",
"product": {
"name": "SUSE Linux Enterprise High Availability Extension 12 SP2",
"product_id": "SUSE Linux Enterprise High Availability Extension 12 SP2",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sle-ha:12:sp2"
}
}
},
{
"category": "product_name",
"name": "SUSE Linux Enterprise Server for SAP Applications 12 SP2",
"product": {
"name": "SUSE Linux Enterprise Server for SAP Applications 12 SP2",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 12 SP2",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sles_sap:12:sp2"
}
}
},
{
"category": "product_name",
"name": "SUSE Linux Enterprise Server 12 SP2-LTSS",
"product": {
"name": "SUSE Linux Enterprise Server 12 SP2-LTSS",
"product_id": "SUSE Linux Enterprise Server 12 SP2-LTSS",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sles-ltss:12:sp2"
}
}
},
{
"category": "product_name",
"name": "SUSE Linux Enterprise Server 12 SP2-BCL",
"product": {
"name": "SUSE Linux Enterprise Server 12 SP2-BCL",
"product_id": "SUSE Linux Enterprise Server 12 SP2-BCL",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sles-bcl:12:sp2"
}
}
},
{
"category": "product_name",
"name": "SUSE Enterprise Storage 4",
"product": {
"name": "SUSE Enterprise Storage 4",
"product_id": "SUSE Enterprise Storage 4",
"product_identification_helper": {
"cpe": "cpe:/o:suse:ses:4"
}
}
}
],
"category": "product_family",
"name": "SUSE Linux Enterprise"
}
],
"category": "vendor",
"name": "SUSE"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-default-4.4.121-92.101.1.s390x as component of SUSE OpenStack Cloud 7",
"product_id": "SUSE OpenStack Cloud 7:kernel-default-4.4.121-92.101.1.s390x"
},
"product_reference": "kernel-default-4.4.121-92.101.1.s390x",
"relates_to_product_reference": "SUSE OpenStack Cloud 7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-default-4.4.121-92.101.1.x86_64 as component of SUSE OpenStack Cloud 7",
"product_id": "SUSE OpenStack Cloud 7:kernel-default-4.4.121-92.101.1.x86_64"
},
"product_reference": "kernel-default-4.4.121-92.101.1.x86_64",
"relates_to_product_reference": "SUSE OpenStack Cloud 7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-default-base-4.4.121-92.101.1.s390x as component of SUSE OpenStack Cloud 7",
"product_id": "SUSE OpenStack Cloud 7:kernel-default-base-4.4.121-92.101.1.s390x"
},
"product_reference": "kernel-default-base-4.4.121-92.101.1.s390x",
"relates_to_product_reference": "SUSE OpenStack Cloud 7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-default-base-4.4.121-92.101.1.x86_64 as component of SUSE OpenStack Cloud 7",
"product_id": "SUSE OpenStack Cloud 7:kernel-default-base-4.4.121-92.101.1.x86_64"
},
"product_reference": "kernel-default-base-4.4.121-92.101.1.x86_64",
"relates_to_product_reference": "SUSE OpenStack Cloud 7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-default-devel-4.4.121-92.101.1.s390x as component of SUSE OpenStack Cloud 7",
"product_id": "SUSE OpenStack Cloud 7:kernel-default-devel-4.4.121-92.101.1.s390x"
},
"product_reference": "kernel-default-devel-4.4.121-92.101.1.s390x",
"relates_to_product_reference": "SUSE OpenStack Cloud 7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-default-devel-4.4.121-92.101.1.x86_64 as component of SUSE OpenStack Cloud 7",
"product_id": "SUSE OpenStack Cloud 7:kernel-default-devel-4.4.121-92.101.1.x86_64"
},
"product_reference": "kernel-default-devel-4.4.121-92.101.1.x86_64",
"relates_to_product_reference": "SUSE OpenStack Cloud 7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-default-man-4.4.121-92.101.1.s390x as component of SUSE OpenStack Cloud 7",
"product_id": "SUSE OpenStack Cloud 7:kernel-default-man-4.4.121-92.101.1.s390x"
},
"product_reference": "kernel-default-man-4.4.121-92.101.1.s390x",
"relates_to_product_reference": "SUSE OpenStack Cloud 7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-devel-4.4.121-92.101.1.noarch as component of SUSE OpenStack Cloud 7",
"product_id": "SUSE OpenStack Cloud 7:kernel-devel-4.4.121-92.101.1.noarch"
},
"product_reference": "kernel-devel-4.4.121-92.101.1.noarch",
"relates_to_product_reference": "SUSE OpenStack Cloud 7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-macros-4.4.121-92.101.1.noarch as component of SUSE OpenStack Cloud 7",
"product_id": "SUSE OpenStack Cloud 7:kernel-macros-4.4.121-92.101.1.noarch"
},
"product_reference": "kernel-macros-4.4.121-92.101.1.noarch",
"relates_to_product_reference": "SUSE OpenStack Cloud 7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-source-4.4.121-92.101.1.noarch as component of SUSE OpenStack Cloud 7",
"product_id": "SUSE OpenStack Cloud 7:kernel-source-4.4.121-92.101.1.noarch"
},
"product_reference": "kernel-source-4.4.121-92.101.1.noarch",
"relates_to_product_reference": "SUSE OpenStack Cloud 7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-syms-4.4.121-92.101.1.s390x as component of SUSE OpenStack Cloud 7",
"product_id": "SUSE OpenStack Cloud 7:kernel-syms-4.4.121-92.101.1.s390x"
},
"product_reference": "kernel-syms-4.4.121-92.101.1.s390x",
"relates_to_product_reference": "SUSE OpenStack Cloud 7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-syms-4.4.121-92.101.1.x86_64 as component of SUSE OpenStack Cloud 7",
"product_id": "SUSE OpenStack Cloud 7:kernel-syms-4.4.121-92.101.1.x86_64"
},
"product_reference": "kernel-syms-4.4.121-92.101.1.x86_64",
"relates_to_product_reference": "SUSE OpenStack Cloud 7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kgraft-patch-4_4_121-92_101-default-1-3.3.1.x86_64 as component of SUSE OpenStack Cloud 7",
"product_id": "SUSE OpenStack Cloud 7:kgraft-patch-4_4_121-92_101-default-1-3.3.1.x86_64"
},
"product_reference": "kgraft-patch-4_4_121-92_101-default-1-3.3.1.x86_64",
"relates_to_product_reference": "SUSE OpenStack Cloud 7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "cluster-md-kmp-default-4.4.121-92.101.1.ppc64le as component of SUSE Linux Enterprise High Availability Extension 12 SP2",
"product_id": "SUSE Linux Enterprise High Availability Extension 12 SP2:cluster-md-kmp-default-4.4.121-92.101.1.ppc64le"
},
"product_reference": "cluster-md-kmp-default-4.4.121-92.101.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise High Availability Extension 12 SP2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "cluster-md-kmp-default-4.4.121-92.101.1.s390x as component of SUSE Linux Enterprise High Availability Extension 12 SP2",
"product_id": "SUSE Linux Enterprise High Availability Extension 12 SP2:cluster-md-kmp-default-4.4.121-92.101.1.s390x"
},
"product_reference": "cluster-md-kmp-default-4.4.121-92.101.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise High Availability Extension 12 SP2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "cluster-md-kmp-default-4.4.121-92.101.1.x86_64 as component of SUSE Linux Enterprise High Availability Extension 12 SP2",
"product_id": "SUSE Linux Enterprise High Availability Extension 12 SP2:cluster-md-kmp-default-4.4.121-92.101.1.x86_64"
},
"product_reference": "cluster-md-kmp-default-4.4.121-92.101.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise High Availability Extension 12 SP2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "cluster-network-kmp-default-4.4.121-92.101.1.ppc64le as component of SUSE Linux Enterprise High Availability Extension 12 SP2",
"product_id": "SUSE Linux Enterprise High Availability Extension 12 SP2:cluster-network-kmp-default-4.4.121-92.101.1.ppc64le"
},
"product_reference": "cluster-network-kmp-default-4.4.121-92.101.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise High Availability Extension 12 SP2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "cluster-network-kmp-default-4.4.121-92.101.1.s390x as component of SUSE Linux Enterprise High Availability Extension 12 SP2",
"product_id": "SUSE Linux Enterprise High Availability Extension 12 SP2:cluster-network-kmp-default-4.4.121-92.101.1.s390x"
},
"product_reference": "cluster-network-kmp-default-4.4.121-92.101.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise High Availability Extension 12 SP2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "cluster-network-kmp-default-4.4.121-92.101.1.x86_64 as component of SUSE Linux Enterprise High Availability Extension 12 SP2",
"product_id": "SUSE Linux Enterprise High Availability Extension 12 SP2:cluster-network-kmp-default-4.4.121-92.101.1.x86_64"
},
"product_reference": "cluster-network-kmp-default-4.4.121-92.101.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise High Availability Extension 12 SP2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "dlm-kmp-default-4.4.121-92.101.1.ppc64le as component of SUSE Linux Enterprise High Availability Extension 12 SP2",
"product_id": "SUSE Linux Enterprise High Availability Extension 12 SP2:dlm-kmp-default-4.4.121-92.101.1.ppc64le"
},
"product_reference": "dlm-kmp-default-4.4.121-92.101.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise High Availability Extension 12 SP2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "dlm-kmp-default-4.4.121-92.101.1.s390x as component of SUSE Linux Enterprise High Availability Extension 12 SP2",
"product_id": "SUSE Linux Enterprise High Availability Extension 12 SP2:dlm-kmp-default-4.4.121-92.101.1.s390x"
},
"product_reference": "dlm-kmp-default-4.4.121-92.101.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise High Availability Extension 12 SP2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "dlm-kmp-default-4.4.121-92.101.1.x86_64 as component of SUSE Linux Enterprise High Availability Extension 12 SP2",
"product_id": "SUSE Linux Enterprise High Availability Extension 12 SP2:dlm-kmp-default-4.4.121-92.101.1.x86_64"
},
"product_reference": "dlm-kmp-default-4.4.121-92.101.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise High Availability Extension 12 SP2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gfs2-kmp-default-4.4.121-92.101.1.ppc64le as component of SUSE Linux Enterprise High Availability Extension 12 SP2",
"product_id": "SUSE Linux Enterprise High Availability Extension 12 SP2:gfs2-kmp-default-4.4.121-92.101.1.ppc64le"
},
"product_reference": "gfs2-kmp-default-4.4.121-92.101.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise High Availability Extension 12 SP2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gfs2-kmp-default-4.4.121-92.101.1.s390x as component of SUSE Linux Enterprise High Availability Extension 12 SP2",
"product_id": "SUSE Linux Enterprise High Availability Extension 12 SP2:gfs2-kmp-default-4.4.121-92.101.1.s390x"
},
"product_reference": "gfs2-kmp-default-4.4.121-92.101.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise High Availability Extension 12 SP2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gfs2-kmp-default-4.4.121-92.101.1.x86_64 as component of SUSE Linux Enterprise High Availability Extension 12 SP2",
"product_id": "SUSE Linux Enterprise High Availability Extension 12 SP2:gfs2-kmp-default-4.4.121-92.101.1.x86_64"
},
"product_reference": "gfs2-kmp-default-4.4.121-92.101.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise High Availability Extension 12 SP2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ocfs2-kmp-default-4.4.121-92.101.1.ppc64le as component of SUSE Linux Enterprise High Availability Extension 12 SP2",
"product_id": "SUSE Linux Enterprise High Availability Extension 12 SP2:ocfs2-kmp-default-4.4.121-92.101.1.ppc64le"
},
"product_reference": "ocfs2-kmp-default-4.4.121-92.101.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise High Availability Extension 12 SP2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ocfs2-kmp-default-4.4.121-92.101.1.s390x as component of SUSE Linux Enterprise High Availability Extension 12 SP2",
"product_id": "SUSE Linux Enterprise High Availability Extension 12 SP2:ocfs2-kmp-default-4.4.121-92.101.1.s390x"
},
"product_reference": "ocfs2-kmp-default-4.4.121-92.101.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise High Availability Extension 12 SP2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ocfs2-kmp-default-4.4.121-92.101.1.x86_64 as component of SUSE Linux Enterprise High Availability Extension 12 SP2",
"product_id": "SUSE Linux Enterprise High Availability Extension 12 SP2:ocfs2-kmp-default-4.4.121-92.101.1.x86_64"
},
"product_reference": "ocfs2-kmp-default-4.4.121-92.101.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise High Availability Extension 12 SP2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-default-4.4.121-92.101.1.ppc64le as component of SUSE Linux Enterprise Server for SAP Applications 12 SP2",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-4.4.121-92.101.1.ppc64le"
},
"product_reference": "kernel-default-4.4.121-92.101.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 12 SP2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-default-4.4.121-92.101.1.x86_64 as component of SUSE Linux Enterprise Server for SAP Applications 12 SP2",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-4.4.121-92.101.1.x86_64"
},
"product_reference": "kernel-default-4.4.121-92.101.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 12 SP2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-default-base-4.4.121-92.101.1.ppc64le as component of SUSE Linux Enterprise Server for SAP Applications 12 SP2",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-base-4.4.121-92.101.1.ppc64le"
},
"product_reference": "kernel-default-base-4.4.121-92.101.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 12 SP2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-default-base-4.4.121-92.101.1.x86_64 as component of SUSE Linux Enterprise Server for SAP Applications 12 SP2",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-base-4.4.121-92.101.1.x86_64"
},
"product_reference": "kernel-default-base-4.4.121-92.101.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 12 SP2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-default-devel-4.4.121-92.101.1.ppc64le as component of SUSE Linux Enterprise Server for SAP Applications 12 SP2",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-devel-4.4.121-92.101.1.ppc64le"
},
"product_reference": "kernel-default-devel-4.4.121-92.101.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 12 SP2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-default-devel-4.4.121-92.101.1.x86_64 as component of SUSE Linux Enterprise Server for SAP Applications 12 SP2",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-devel-4.4.121-92.101.1.x86_64"
},
"product_reference": "kernel-default-devel-4.4.121-92.101.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 12 SP2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-devel-4.4.121-92.101.1.noarch as component of SUSE Linux Enterprise Server for SAP Applications 12 SP2",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-devel-4.4.121-92.101.1.noarch"
},
"product_reference": "kernel-devel-4.4.121-92.101.1.noarch",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 12 SP2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-macros-4.4.121-92.101.1.noarch as component of SUSE Linux Enterprise Server for SAP Applications 12 SP2",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-macros-4.4.121-92.101.1.noarch"
},
"product_reference": "kernel-macros-4.4.121-92.101.1.noarch",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 12 SP2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-source-4.4.121-92.101.1.noarch as component of SUSE Linux Enterprise Server for SAP Applications 12 SP2",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-source-4.4.121-92.101.1.noarch"
},
"product_reference": "kernel-source-4.4.121-92.101.1.noarch",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 12 SP2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-syms-4.4.121-92.101.1.ppc64le as component of SUSE Linux Enterprise Server for SAP Applications 12 SP2",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-syms-4.4.121-92.101.1.ppc64le"
},
"product_reference": "kernel-syms-4.4.121-92.101.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 12 SP2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-syms-4.4.121-92.101.1.x86_64 as component of SUSE Linux Enterprise Server for SAP Applications 12 SP2",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-syms-4.4.121-92.101.1.x86_64"
},
"product_reference": "kernel-syms-4.4.121-92.101.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 12 SP2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kgraft-patch-4_4_121-92_101-default-1-3.3.1.ppc64le as component of SUSE Linux Enterprise Server for SAP Applications 12 SP2",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kgraft-patch-4_4_121-92_101-default-1-3.3.1.ppc64le"
},
"product_reference": "kgraft-patch-4_4_121-92_101-default-1-3.3.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 12 SP2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kgraft-patch-4_4_121-92_101-default-1-3.3.1.x86_64 as component of SUSE Linux Enterprise Server for SAP Applications 12 SP2",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kgraft-patch-4_4_121-92_101-default-1-3.3.1.x86_64"
},
"product_reference": "kgraft-patch-4_4_121-92_101-default-1-3.3.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 12 SP2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-default-4.4.121-92.101.1.ppc64le as component of SUSE Linux Enterprise Server 12 SP2-LTSS",
"product_id": "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-4.4.121-92.101.1.ppc64le"
},
"product_reference": "kernel-default-4.4.121-92.101.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP2-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-default-4.4.121-92.101.1.s390x as component of SUSE Linux Enterprise Server 12 SP2-LTSS",
"product_id": "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-4.4.121-92.101.1.s390x"
},
"product_reference": "kernel-default-4.4.121-92.101.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP2-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-default-4.4.121-92.101.1.x86_64 as component of SUSE Linux Enterprise Server 12 SP2-LTSS",
"product_id": "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-4.4.121-92.101.1.x86_64"
},
"product_reference": "kernel-default-4.4.121-92.101.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP2-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-default-base-4.4.121-92.101.1.ppc64le as component of SUSE Linux Enterprise Server 12 SP2-LTSS",
"product_id": "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-base-4.4.121-92.101.1.ppc64le"
},
"product_reference": "kernel-default-base-4.4.121-92.101.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP2-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-default-base-4.4.121-92.101.1.s390x as component of SUSE Linux Enterprise Server 12 SP2-LTSS",
"product_id": "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-base-4.4.121-92.101.1.s390x"
},
"product_reference": "kernel-default-base-4.4.121-92.101.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP2-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-default-base-4.4.121-92.101.1.x86_64 as component of SUSE Linux Enterprise Server 12 SP2-LTSS",
"product_id": "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-base-4.4.121-92.101.1.x86_64"
},
"product_reference": "kernel-default-base-4.4.121-92.101.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP2-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-default-devel-4.4.121-92.101.1.ppc64le as component of SUSE Linux Enterprise Server 12 SP2-LTSS",
"product_id": "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-devel-4.4.121-92.101.1.ppc64le"
},
"product_reference": "kernel-default-devel-4.4.121-92.101.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP2-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-default-devel-4.4.121-92.101.1.s390x as component of SUSE Linux Enterprise Server 12 SP2-LTSS",
"product_id": "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-devel-4.4.121-92.101.1.s390x"
},
"product_reference": "kernel-default-devel-4.4.121-92.101.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP2-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-default-devel-4.4.121-92.101.1.x86_64 as component of SUSE Linux Enterprise Server 12 SP2-LTSS",
"product_id": "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-devel-4.4.121-92.101.1.x86_64"
},
"product_reference": "kernel-default-devel-4.4.121-92.101.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP2-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-default-man-4.4.121-92.101.1.s390x as component of SUSE Linux Enterprise Server 12 SP2-LTSS",
"product_id": "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-man-4.4.121-92.101.1.s390x"
},
"product_reference": "kernel-default-man-4.4.121-92.101.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP2-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-devel-4.4.121-92.101.1.noarch as component of SUSE Linux Enterprise Server 12 SP2-LTSS",
"product_id": "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-devel-4.4.121-92.101.1.noarch"
},
"product_reference": "kernel-devel-4.4.121-92.101.1.noarch",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP2-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-macros-4.4.121-92.101.1.noarch as component of SUSE Linux Enterprise Server 12 SP2-LTSS",
"product_id": "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-macros-4.4.121-92.101.1.noarch"
},
"product_reference": "kernel-macros-4.4.121-92.101.1.noarch",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP2-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-source-4.4.121-92.101.1.noarch as component of SUSE Linux Enterprise Server 12 SP2-LTSS",
"product_id": "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-source-4.4.121-92.101.1.noarch"
},
"product_reference": "kernel-source-4.4.121-92.101.1.noarch",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP2-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-syms-4.4.121-92.101.1.ppc64le as component of SUSE Linux Enterprise Server 12 SP2-LTSS",
"product_id": "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-syms-4.4.121-92.101.1.ppc64le"
},
"product_reference": "kernel-syms-4.4.121-92.101.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP2-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-syms-4.4.121-92.101.1.s390x as component of SUSE Linux Enterprise Server 12 SP2-LTSS",
"product_id": "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-syms-4.4.121-92.101.1.s390x"
},
"product_reference": "kernel-syms-4.4.121-92.101.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP2-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-syms-4.4.121-92.101.1.x86_64 as component of SUSE Linux Enterprise Server 12 SP2-LTSS",
"product_id": "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-syms-4.4.121-92.101.1.x86_64"
},
"product_reference": "kernel-syms-4.4.121-92.101.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP2-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kgraft-patch-4_4_121-92_101-default-1-3.3.1.ppc64le as component of SUSE Linux Enterprise Server 12 SP2-LTSS",
"product_id": "SUSE Linux Enterprise Server 12 SP2-LTSS:kgraft-patch-4_4_121-92_101-default-1-3.3.1.ppc64le"
},
"product_reference": "kgraft-patch-4_4_121-92_101-default-1-3.3.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP2-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kgraft-patch-4_4_121-92_101-default-1-3.3.1.x86_64 as component of SUSE Linux Enterprise Server 12 SP2-LTSS",
"product_id": "SUSE Linux Enterprise Server 12 SP2-LTSS:kgraft-patch-4_4_121-92_101-default-1-3.3.1.x86_64"
},
"product_reference": "kgraft-patch-4_4_121-92_101-default-1-3.3.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP2-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-default-4.4.121-92.101.1.x86_64 as component of SUSE Linux Enterprise Server 12 SP2-BCL",
"product_id": "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-default-4.4.121-92.101.1.x86_64"
},
"product_reference": "kernel-default-4.4.121-92.101.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP2-BCL"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-default-base-4.4.121-92.101.1.x86_64 as component of SUSE Linux Enterprise Server 12 SP2-BCL",
"product_id": "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-default-base-4.4.121-92.101.1.x86_64"
},
"product_reference": "kernel-default-base-4.4.121-92.101.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP2-BCL"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-default-devel-4.4.121-92.101.1.x86_64 as component of SUSE Linux Enterprise Server 12 SP2-BCL",
"product_id": "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-default-devel-4.4.121-92.101.1.x86_64"
},
"product_reference": "kernel-default-devel-4.4.121-92.101.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP2-BCL"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-devel-4.4.121-92.101.1.noarch as component of SUSE Linux Enterprise Server 12 SP2-BCL",
"product_id": "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-devel-4.4.121-92.101.1.noarch"
},
"product_reference": "kernel-devel-4.4.121-92.101.1.noarch",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP2-BCL"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-macros-4.4.121-92.101.1.noarch as component of SUSE Linux Enterprise Server 12 SP2-BCL",
"product_id": "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-macros-4.4.121-92.101.1.noarch"
},
"product_reference": "kernel-macros-4.4.121-92.101.1.noarch",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP2-BCL"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-source-4.4.121-92.101.1.noarch as component of SUSE Linux Enterprise Server 12 SP2-BCL",
"product_id": "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-source-4.4.121-92.101.1.noarch"
},
"product_reference": "kernel-source-4.4.121-92.101.1.noarch",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP2-BCL"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-syms-4.4.121-92.101.1.x86_64 as component of SUSE Linux Enterprise Server 12 SP2-BCL",
"product_id": "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-syms-4.4.121-92.101.1.x86_64"
},
"product_reference": "kernel-syms-4.4.121-92.101.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP2-BCL"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-default-4.4.121-92.101.1.x86_64 as component of SUSE Enterprise Storage 4",
"product_id": "SUSE Enterprise Storage 4:kernel-default-4.4.121-92.101.1.x86_64"
},
"product_reference": "kernel-default-4.4.121-92.101.1.x86_64",
"relates_to_product_reference": "SUSE Enterprise Storage 4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-default-base-4.4.121-92.101.1.x86_64 as component of SUSE Enterprise Storage 4",
"product_id": "SUSE Enterprise Storage 4:kernel-default-base-4.4.121-92.101.1.x86_64"
},
"product_reference": "kernel-default-base-4.4.121-92.101.1.x86_64",
"relates_to_product_reference": "SUSE Enterprise Storage 4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-default-devel-4.4.121-92.101.1.x86_64 as component of SUSE Enterprise Storage 4",
"product_id": "SUSE Enterprise Storage 4:kernel-default-devel-4.4.121-92.101.1.x86_64"
},
"product_reference": "kernel-default-devel-4.4.121-92.101.1.x86_64",
"relates_to_product_reference": "SUSE Enterprise Storage 4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-devel-4.4.121-92.101.1.noarch as component of SUSE Enterprise Storage 4",
"product_id": "SUSE Enterprise Storage 4:kernel-devel-4.4.121-92.101.1.noarch"
},
"product_reference": "kernel-devel-4.4.121-92.101.1.noarch",
"relates_to_product_reference": "SUSE Enterprise Storage 4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-macros-4.4.121-92.101.1.noarch as component of SUSE Enterprise Storage 4",
"product_id": "SUSE Enterprise Storage 4:kernel-macros-4.4.121-92.101.1.noarch"
},
"product_reference": "kernel-macros-4.4.121-92.101.1.noarch",
"relates_to_product_reference": "SUSE Enterprise Storage 4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-source-4.4.121-92.101.1.noarch as component of SUSE Enterprise Storage 4",
"product_id": "SUSE Enterprise Storage 4:kernel-source-4.4.121-92.101.1.noarch"
},
"product_reference": "kernel-source-4.4.121-92.101.1.noarch",
"relates_to_product_reference": "SUSE Enterprise Storage 4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-syms-4.4.121-92.101.1.x86_64 as component of SUSE Enterprise Storage 4",
"product_id": "SUSE Enterprise Storage 4:kernel-syms-4.4.121-92.101.1.x86_64"
},
"product_reference": "kernel-syms-4.4.121-92.101.1.x86_64",
"relates_to_product_reference": "SUSE Enterprise Storage 4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kgraft-patch-4_4_121-92_101-default-1-3.3.1.x86_64 as component of SUSE Enterprise Storage 4",
"product_id": "SUSE Enterprise Storage 4:kgraft-patch-4_4_121-92_101-default-1-3.3.1.x86_64"
},
"product_reference": "kgraft-patch-4_4_121-92_101-default-1-3.3.1.x86_64",
"relates_to_product_reference": "SUSE Enterprise Storage 4"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2018-16862",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2018-16862"
}
],
"notes": [
{
"category": "general",
"text": "A security flaw was found in the Linux kernel in a way that the cleancache subsystem clears an inode after the final file truncation (removal). The new file created with the same inode may contain leftover pages from cleancache and the old file data instead of the new one.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Enterprise Storage 4:kernel-default-4.4.121-92.101.1.x86_64",
"SUSE Enterprise Storage 4:kernel-default-base-4.4.121-92.101.1.x86_64",
"SUSE Enterprise Storage 4:kernel-default-devel-4.4.121-92.101.1.x86_64",
"SUSE Enterprise Storage 4:kernel-devel-4.4.121-92.101.1.noarch",
"SUSE Enterprise Storage 4:kernel-macros-4.4.121-92.101.1.noarch",
"SUSE Enterprise Storage 4:kernel-source-4.4.121-92.101.1.noarch",
"SUSE Enterprise Storage 4:kernel-syms-4.4.121-92.101.1.x86_64",
"SUSE Enterprise Storage 4:kgraft-patch-4_4_121-92_101-default-1-3.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP2:cluster-md-kmp-default-4.4.121-92.101.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP2:cluster-md-kmp-default-4.4.121-92.101.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP2:cluster-md-kmp-default-4.4.121-92.101.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP2:cluster-network-kmp-default-4.4.121-92.101.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP2:cluster-network-kmp-default-4.4.121-92.101.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP2:cluster-network-kmp-default-4.4.121-92.101.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP2:dlm-kmp-default-4.4.121-92.101.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP2:dlm-kmp-default-4.4.121-92.101.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP2:dlm-kmp-default-4.4.121-92.101.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP2:gfs2-kmp-default-4.4.121-92.101.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP2:gfs2-kmp-default-4.4.121-92.101.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP2:gfs2-kmp-default-4.4.121-92.101.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP2:ocfs2-kmp-default-4.4.121-92.101.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP2:ocfs2-kmp-default-4.4.121-92.101.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP2:ocfs2-kmp-default-4.4.121-92.101.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-BCL:kernel-default-4.4.121-92.101.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-BCL:kernel-default-base-4.4.121-92.101.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-BCL:kernel-default-devel-4.4.121-92.101.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-BCL:kernel-devel-4.4.121-92.101.1.noarch",
"SUSE Linux Enterprise Server 12 SP2-BCL:kernel-macros-4.4.121-92.101.1.noarch",
"SUSE Linux Enterprise Server 12 SP2-BCL:kernel-source-4.4.121-92.101.1.noarch",
"SUSE Linux Enterprise Server 12 SP2-BCL:kernel-syms-4.4.121-92.101.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-4.4.121-92.101.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-4.4.121-92.101.1.s390x",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-4.4.121-92.101.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-base-4.4.121-92.101.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-base-4.4.121-92.101.1.s390x",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-base-4.4.121-92.101.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-devel-4.4.121-92.101.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-devel-4.4.121-92.101.1.s390x",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-devel-4.4.121-92.101.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-man-4.4.121-92.101.1.s390x",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-devel-4.4.121-92.101.1.noarch",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-macros-4.4.121-92.101.1.noarch",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-source-4.4.121-92.101.1.noarch",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-syms-4.4.121-92.101.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-syms-4.4.121-92.101.1.s390x",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-syms-4.4.121-92.101.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kgraft-patch-4_4_121-92_101-default-1-3.3.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kgraft-patch-4_4_121-92_101-default-1-3.3.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-4.4.121-92.101.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-4.4.121-92.101.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-base-4.4.121-92.101.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-base-4.4.121-92.101.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-devel-4.4.121-92.101.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-devel-4.4.121-92.101.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-devel-4.4.121-92.101.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-macros-4.4.121-92.101.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-source-4.4.121-92.101.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-syms-4.4.121-92.101.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-syms-4.4.121-92.101.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kgraft-patch-4_4_121-92_101-default-1-3.3.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kgraft-patch-4_4_121-92_101-default-1-3.3.1.x86_64",
"SUSE OpenStack Cloud 7:kernel-default-4.4.121-92.101.1.s390x",
"SUSE OpenStack Cloud 7:kernel-default-4.4.121-92.101.1.x86_64",
"SUSE OpenStack Cloud 7:kernel-default-base-4.4.121-92.101.1.s390x",
"SUSE OpenStack Cloud 7:kernel-default-base-4.4.121-92.101.1.x86_64",
"SUSE OpenStack Cloud 7:kernel-default-devel-4.4.121-92.101.1.s390x",
"SUSE OpenStack Cloud 7:kernel-default-devel-4.4.121-92.101.1.x86_64",
"SUSE OpenStack Cloud 7:kernel-default-man-4.4.121-92.101.1.s390x",
"SUSE OpenStack Cloud 7:kernel-devel-4.4.121-92.101.1.noarch",
"SUSE OpenStack Cloud 7:kernel-macros-4.4.121-92.101.1.noarch",
"SUSE OpenStack Cloud 7:kernel-source-4.4.121-92.101.1.noarch",
"SUSE OpenStack Cloud 7:kernel-syms-4.4.121-92.101.1.s390x",
"SUSE OpenStack Cloud 7:kernel-syms-4.4.121-92.101.1.x86_64",
"SUSE OpenStack Cloud 7:kgraft-patch-4_4_121-92_101-default-1-3.3.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2018-16862",
"url": "https://www.suse.com/security/cve/CVE-2018-16862"
},
{
"category": "external",
"summary": "SUSE Bug 1117186 for CVE-2018-16862",
"url": "https://bugzilla.suse.com/1117186"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Enterprise Storage 4:kernel-default-4.4.121-92.101.1.x86_64",
"SUSE Enterprise Storage 4:kernel-default-base-4.4.121-92.101.1.x86_64",
"SUSE Enterprise Storage 4:kernel-default-devel-4.4.121-92.101.1.x86_64",
"SUSE Enterprise Storage 4:kernel-devel-4.4.121-92.101.1.noarch",
"SUSE Enterprise Storage 4:kernel-macros-4.4.121-92.101.1.noarch",
"SUSE Enterprise Storage 4:kernel-source-4.4.121-92.101.1.noarch",
"SUSE Enterprise Storage 4:kernel-syms-4.4.121-92.101.1.x86_64",
"SUSE Enterprise Storage 4:kgraft-patch-4_4_121-92_101-default-1-3.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP2:cluster-md-kmp-default-4.4.121-92.101.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP2:cluster-md-kmp-default-4.4.121-92.101.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP2:cluster-md-kmp-default-4.4.121-92.101.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP2:cluster-network-kmp-default-4.4.121-92.101.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP2:cluster-network-kmp-default-4.4.121-92.101.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP2:cluster-network-kmp-default-4.4.121-92.101.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP2:dlm-kmp-default-4.4.121-92.101.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP2:dlm-kmp-default-4.4.121-92.101.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP2:dlm-kmp-default-4.4.121-92.101.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP2:gfs2-kmp-default-4.4.121-92.101.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP2:gfs2-kmp-default-4.4.121-92.101.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP2:gfs2-kmp-default-4.4.121-92.101.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP2:ocfs2-kmp-default-4.4.121-92.101.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP2:ocfs2-kmp-default-4.4.121-92.101.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP2:ocfs2-kmp-default-4.4.121-92.101.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-BCL:kernel-default-4.4.121-92.101.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-BCL:kernel-default-base-4.4.121-92.101.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-BCL:kernel-default-devel-4.4.121-92.101.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-BCL:kernel-devel-4.4.121-92.101.1.noarch",
"SUSE Linux Enterprise Server 12 SP2-BCL:kernel-macros-4.4.121-92.101.1.noarch",
"SUSE Linux Enterprise Server 12 SP2-BCL:kernel-source-4.4.121-92.101.1.noarch",
"SUSE Linux Enterprise Server 12 SP2-BCL:kernel-syms-4.4.121-92.101.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-4.4.121-92.101.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-4.4.121-92.101.1.s390x",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-4.4.121-92.101.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-base-4.4.121-92.101.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-base-4.4.121-92.101.1.s390x",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-base-4.4.121-92.101.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-devel-4.4.121-92.101.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-devel-4.4.121-92.101.1.s390x",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-devel-4.4.121-92.101.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-man-4.4.121-92.101.1.s390x",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-devel-4.4.121-92.101.1.noarch",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-macros-4.4.121-92.101.1.noarch",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-source-4.4.121-92.101.1.noarch",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-syms-4.4.121-92.101.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-syms-4.4.121-92.101.1.s390x",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-syms-4.4.121-92.101.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kgraft-patch-4_4_121-92_101-default-1-3.3.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kgraft-patch-4_4_121-92_101-default-1-3.3.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-4.4.121-92.101.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-4.4.121-92.101.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-base-4.4.121-92.101.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-base-4.4.121-92.101.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-devel-4.4.121-92.101.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-devel-4.4.121-92.101.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-devel-4.4.121-92.101.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-macros-4.4.121-92.101.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-source-4.4.121-92.101.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-syms-4.4.121-92.101.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-syms-4.4.121-92.101.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kgraft-patch-4_4_121-92_101-default-1-3.3.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kgraft-patch-4_4_121-92_101-default-1-3.3.1.x86_64",
"SUSE OpenStack Cloud 7:kernel-default-4.4.121-92.101.1.s390x",
"SUSE OpenStack Cloud 7:kernel-default-4.4.121-92.101.1.x86_64",
"SUSE OpenStack Cloud 7:kernel-default-base-4.4.121-92.101.1.s390x",
"SUSE OpenStack Cloud 7:kernel-default-base-4.4.121-92.101.1.x86_64",
"SUSE OpenStack Cloud 7:kernel-default-devel-4.4.121-92.101.1.s390x",
"SUSE OpenStack Cloud 7:kernel-default-devel-4.4.121-92.101.1.x86_64",
"SUSE OpenStack Cloud 7:kernel-default-man-4.4.121-92.101.1.s390x",
"SUSE OpenStack Cloud 7:kernel-devel-4.4.121-92.101.1.noarch",
"SUSE OpenStack Cloud 7:kernel-macros-4.4.121-92.101.1.noarch",
"SUSE OpenStack Cloud 7:kernel-source-4.4.121-92.101.1.noarch",
"SUSE OpenStack Cloud 7:kernel-syms-4.4.121-92.101.1.s390x",
"SUSE OpenStack Cloud 7:kernel-syms-4.4.121-92.101.1.x86_64",
"SUSE OpenStack Cloud 7:kgraft-patch-4_4_121-92_101-default-1-3.3.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.0/AV:L/AC:H/PR:N/UI:R/S:U/C:H/I:L/A:N",
"version": "3.0"
},
"products": [
"SUSE Enterprise Storage 4:kernel-default-4.4.121-92.101.1.x86_64",
"SUSE Enterprise Storage 4:kernel-default-base-4.4.121-92.101.1.x86_64",
"SUSE Enterprise Storage 4:kernel-default-devel-4.4.121-92.101.1.x86_64",
"SUSE Enterprise Storage 4:kernel-devel-4.4.121-92.101.1.noarch",
"SUSE Enterprise Storage 4:kernel-macros-4.4.121-92.101.1.noarch",
"SUSE Enterprise Storage 4:kernel-source-4.4.121-92.101.1.noarch",
"SUSE Enterprise Storage 4:kernel-syms-4.4.121-92.101.1.x86_64",
"SUSE Enterprise Storage 4:kgraft-patch-4_4_121-92_101-default-1-3.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP2:cluster-md-kmp-default-4.4.121-92.101.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP2:cluster-md-kmp-default-4.4.121-92.101.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP2:cluster-md-kmp-default-4.4.121-92.101.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP2:cluster-network-kmp-default-4.4.121-92.101.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP2:cluster-network-kmp-default-4.4.121-92.101.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP2:cluster-network-kmp-default-4.4.121-92.101.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP2:dlm-kmp-default-4.4.121-92.101.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP2:dlm-kmp-default-4.4.121-92.101.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP2:dlm-kmp-default-4.4.121-92.101.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP2:gfs2-kmp-default-4.4.121-92.101.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP2:gfs2-kmp-default-4.4.121-92.101.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP2:gfs2-kmp-default-4.4.121-92.101.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP2:ocfs2-kmp-default-4.4.121-92.101.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP2:ocfs2-kmp-default-4.4.121-92.101.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP2:ocfs2-kmp-default-4.4.121-92.101.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-BCL:kernel-default-4.4.121-92.101.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-BCL:kernel-default-base-4.4.121-92.101.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-BCL:kernel-default-devel-4.4.121-92.101.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-BCL:kernel-devel-4.4.121-92.101.1.noarch",
"SUSE Linux Enterprise Server 12 SP2-BCL:kernel-macros-4.4.121-92.101.1.noarch",
"SUSE Linux Enterprise Server 12 SP2-BCL:kernel-source-4.4.121-92.101.1.noarch",
"SUSE Linux Enterprise Server 12 SP2-BCL:kernel-syms-4.4.121-92.101.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-4.4.121-92.101.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-4.4.121-92.101.1.s390x",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-4.4.121-92.101.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-base-4.4.121-92.101.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-base-4.4.121-92.101.1.s390x",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-base-4.4.121-92.101.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-devel-4.4.121-92.101.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-devel-4.4.121-92.101.1.s390x",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-devel-4.4.121-92.101.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-man-4.4.121-92.101.1.s390x",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-devel-4.4.121-92.101.1.noarch",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-macros-4.4.121-92.101.1.noarch",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-source-4.4.121-92.101.1.noarch",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-syms-4.4.121-92.101.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-syms-4.4.121-92.101.1.s390x",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-syms-4.4.121-92.101.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kgraft-patch-4_4_121-92_101-default-1-3.3.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kgraft-patch-4_4_121-92_101-default-1-3.3.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-4.4.121-92.101.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-4.4.121-92.101.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-base-4.4.121-92.101.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-base-4.4.121-92.101.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-devel-4.4.121-92.101.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-devel-4.4.121-92.101.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-devel-4.4.121-92.101.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-macros-4.4.121-92.101.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-source-4.4.121-92.101.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-syms-4.4.121-92.101.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-syms-4.4.121-92.101.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kgraft-patch-4_4_121-92_101-default-1-3.3.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kgraft-patch-4_4_121-92_101-default-1-3.3.1.x86_64",
"SUSE OpenStack Cloud 7:kernel-default-4.4.121-92.101.1.s390x",
"SUSE OpenStack Cloud 7:kernel-default-4.4.121-92.101.1.x86_64",
"SUSE OpenStack Cloud 7:kernel-default-base-4.4.121-92.101.1.s390x",
"SUSE OpenStack Cloud 7:kernel-default-base-4.4.121-92.101.1.x86_64",
"SUSE OpenStack Cloud 7:kernel-default-devel-4.4.121-92.101.1.s390x",
"SUSE OpenStack Cloud 7:kernel-default-devel-4.4.121-92.101.1.x86_64",
"SUSE OpenStack Cloud 7:kernel-default-man-4.4.121-92.101.1.s390x",
"SUSE OpenStack Cloud 7:kernel-devel-4.4.121-92.101.1.noarch",
"SUSE OpenStack Cloud 7:kernel-macros-4.4.121-92.101.1.noarch",
"SUSE OpenStack Cloud 7:kernel-source-4.4.121-92.101.1.noarch",
"SUSE OpenStack Cloud 7:kernel-syms-4.4.121-92.101.1.s390x",
"SUSE OpenStack Cloud 7:kernel-syms-4.4.121-92.101.1.x86_64",
"SUSE OpenStack Cloud 7:kgraft-patch-4_4_121-92_101-default-1-3.3.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2019-02-19T14:35:53Z",
"details": "moderate"
}
],
"title": "CVE-2018-16862"
},
{
"cve": "CVE-2018-16884",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2018-16884"
}
],
"notes": [
{
"category": "general",
"text": "A flaw was found in the Linux kernel\u0027s NFS41+ subsystem. NFS41+ shares mounted in different network namespaces at the same time can make bc_svc_process() use wrong back-channel IDs and cause a use-after-free vulnerability. Thus a malicious container user can cause a host kernel memory corruption and a system panic. Due to the nature of the flaw, privilege escalation cannot be fully ruled out.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Enterprise Storage 4:kernel-default-4.4.121-92.101.1.x86_64",
"SUSE Enterprise Storage 4:kernel-default-base-4.4.121-92.101.1.x86_64",
"SUSE Enterprise Storage 4:kernel-default-devel-4.4.121-92.101.1.x86_64",
"SUSE Enterprise Storage 4:kernel-devel-4.4.121-92.101.1.noarch",
"SUSE Enterprise Storage 4:kernel-macros-4.4.121-92.101.1.noarch",
"SUSE Enterprise Storage 4:kernel-source-4.4.121-92.101.1.noarch",
"SUSE Enterprise Storage 4:kernel-syms-4.4.121-92.101.1.x86_64",
"SUSE Enterprise Storage 4:kgraft-patch-4_4_121-92_101-default-1-3.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP2:cluster-md-kmp-default-4.4.121-92.101.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP2:cluster-md-kmp-default-4.4.121-92.101.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP2:cluster-md-kmp-default-4.4.121-92.101.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP2:cluster-network-kmp-default-4.4.121-92.101.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP2:cluster-network-kmp-default-4.4.121-92.101.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP2:cluster-network-kmp-default-4.4.121-92.101.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP2:dlm-kmp-default-4.4.121-92.101.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP2:dlm-kmp-default-4.4.121-92.101.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP2:dlm-kmp-default-4.4.121-92.101.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP2:gfs2-kmp-default-4.4.121-92.101.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP2:gfs2-kmp-default-4.4.121-92.101.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP2:gfs2-kmp-default-4.4.121-92.101.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP2:ocfs2-kmp-default-4.4.121-92.101.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP2:ocfs2-kmp-default-4.4.121-92.101.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP2:ocfs2-kmp-default-4.4.121-92.101.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-BCL:kernel-default-4.4.121-92.101.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-BCL:kernel-default-base-4.4.121-92.101.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-BCL:kernel-default-devel-4.4.121-92.101.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-BCL:kernel-devel-4.4.121-92.101.1.noarch",
"SUSE Linux Enterprise Server 12 SP2-BCL:kernel-macros-4.4.121-92.101.1.noarch",
"SUSE Linux Enterprise Server 12 SP2-BCL:kernel-source-4.4.121-92.101.1.noarch",
"SUSE Linux Enterprise Server 12 SP2-BCL:kernel-syms-4.4.121-92.101.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-4.4.121-92.101.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-4.4.121-92.101.1.s390x",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-4.4.121-92.101.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-base-4.4.121-92.101.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-base-4.4.121-92.101.1.s390x",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-base-4.4.121-92.101.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-devel-4.4.121-92.101.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-devel-4.4.121-92.101.1.s390x",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-devel-4.4.121-92.101.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-man-4.4.121-92.101.1.s390x",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-devel-4.4.121-92.101.1.noarch",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-macros-4.4.121-92.101.1.noarch",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-source-4.4.121-92.101.1.noarch",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-syms-4.4.121-92.101.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-syms-4.4.121-92.101.1.s390x",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-syms-4.4.121-92.101.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kgraft-patch-4_4_121-92_101-default-1-3.3.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kgraft-patch-4_4_121-92_101-default-1-3.3.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-4.4.121-92.101.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-4.4.121-92.101.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-base-4.4.121-92.101.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-base-4.4.121-92.101.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-devel-4.4.121-92.101.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-devel-4.4.121-92.101.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-devel-4.4.121-92.101.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-macros-4.4.121-92.101.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-source-4.4.121-92.101.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-syms-4.4.121-92.101.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-syms-4.4.121-92.101.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kgraft-patch-4_4_121-92_101-default-1-3.3.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kgraft-patch-4_4_121-92_101-default-1-3.3.1.x86_64",
"SUSE OpenStack Cloud 7:kernel-default-4.4.121-92.101.1.s390x",
"SUSE OpenStack Cloud 7:kernel-default-4.4.121-92.101.1.x86_64",
"SUSE OpenStack Cloud 7:kernel-default-base-4.4.121-92.101.1.s390x",
"SUSE OpenStack Cloud 7:kernel-default-base-4.4.121-92.101.1.x86_64",
"SUSE OpenStack Cloud 7:kernel-default-devel-4.4.121-92.101.1.s390x",
"SUSE OpenStack Cloud 7:kernel-default-devel-4.4.121-92.101.1.x86_64",
"SUSE OpenStack Cloud 7:kernel-default-man-4.4.121-92.101.1.s390x",
"SUSE OpenStack Cloud 7:kernel-devel-4.4.121-92.101.1.noarch",
"SUSE OpenStack Cloud 7:kernel-macros-4.4.121-92.101.1.noarch",
"SUSE OpenStack Cloud 7:kernel-source-4.4.121-92.101.1.noarch",
"SUSE OpenStack Cloud 7:kernel-syms-4.4.121-92.101.1.s390x",
"SUSE OpenStack Cloud 7:kernel-syms-4.4.121-92.101.1.x86_64",
"SUSE OpenStack Cloud 7:kgraft-patch-4_4_121-92_101-default-1-3.3.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2018-16884",
"url": "https://www.suse.com/security/cve/CVE-2018-16884"
},
{
"category": "external",
"summary": "SUSE Bug 1119946 for CVE-2018-16884",
"url": "https://bugzilla.suse.com/1119946"
},
{
"category": "external",
"summary": "SUSE Bug 1119947 for CVE-2018-16884",
"url": "https://bugzilla.suse.com/1119947"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Enterprise Storage 4:kernel-default-4.4.121-92.101.1.x86_64",
"SUSE Enterprise Storage 4:kernel-default-base-4.4.121-92.101.1.x86_64",
"SUSE Enterprise Storage 4:kernel-default-devel-4.4.121-92.101.1.x86_64",
"SUSE Enterprise Storage 4:kernel-devel-4.4.121-92.101.1.noarch",
"SUSE Enterprise Storage 4:kernel-macros-4.4.121-92.101.1.noarch",
"SUSE Enterprise Storage 4:kernel-source-4.4.121-92.101.1.noarch",
"SUSE Enterprise Storage 4:kernel-syms-4.4.121-92.101.1.x86_64",
"SUSE Enterprise Storage 4:kgraft-patch-4_4_121-92_101-default-1-3.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP2:cluster-md-kmp-default-4.4.121-92.101.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP2:cluster-md-kmp-default-4.4.121-92.101.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP2:cluster-md-kmp-default-4.4.121-92.101.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP2:cluster-network-kmp-default-4.4.121-92.101.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP2:cluster-network-kmp-default-4.4.121-92.101.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP2:cluster-network-kmp-default-4.4.121-92.101.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP2:dlm-kmp-default-4.4.121-92.101.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP2:dlm-kmp-default-4.4.121-92.101.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP2:dlm-kmp-default-4.4.121-92.101.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP2:gfs2-kmp-default-4.4.121-92.101.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP2:gfs2-kmp-default-4.4.121-92.101.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP2:gfs2-kmp-default-4.4.121-92.101.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP2:ocfs2-kmp-default-4.4.121-92.101.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP2:ocfs2-kmp-default-4.4.121-92.101.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP2:ocfs2-kmp-default-4.4.121-92.101.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-BCL:kernel-default-4.4.121-92.101.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-BCL:kernel-default-base-4.4.121-92.101.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-BCL:kernel-default-devel-4.4.121-92.101.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-BCL:kernel-devel-4.4.121-92.101.1.noarch",
"SUSE Linux Enterprise Server 12 SP2-BCL:kernel-macros-4.4.121-92.101.1.noarch",
"SUSE Linux Enterprise Server 12 SP2-BCL:kernel-source-4.4.121-92.101.1.noarch",
"SUSE Linux Enterprise Server 12 SP2-BCL:kernel-syms-4.4.121-92.101.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-4.4.121-92.101.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-4.4.121-92.101.1.s390x",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-4.4.121-92.101.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-base-4.4.121-92.101.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-base-4.4.121-92.101.1.s390x",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-base-4.4.121-92.101.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-devel-4.4.121-92.101.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-devel-4.4.121-92.101.1.s390x",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-devel-4.4.121-92.101.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-man-4.4.121-92.101.1.s390x",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-devel-4.4.121-92.101.1.noarch",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-macros-4.4.121-92.101.1.noarch",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-source-4.4.121-92.101.1.noarch",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-syms-4.4.121-92.101.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-syms-4.4.121-92.101.1.s390x",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-syms-4.4.121-92.101.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kgraft-patch-4_4_121-92_101-default-1-3.3.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kgraft-patch-4_4_121-92_101-default-1-3.3.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-4.4.121-92.101.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-4.4.121-92.101.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-base-4.4.121-92.101.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-base-4.4.121-92.101.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-devel-4.4.121-92.101.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-devel-4.4.121-92.101.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-devel-4.4.121-92.101.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-macros-4.4.121-92.101.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-source-4.4.121-92.101.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-syms-4.4.121-92.101.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-syms-4.4.121-92.101.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kgraft-patch-4_4_121-92_101-default-1-3.3.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kgraft-patch-4_4_121-92_101-default-1-3.3.1.x86_64",
"SUSE OpenStack Cloud 7:kernel-default-4.4.121-92.101.1.s390x",
"SUSE OpenStack Cloud 7:kernel-default-4.4.121-92.101.1.x86_64",
"SUSE OpenStack Cloud 7:kernel-default-base-4.4.121-92.101.1.s390x",
"SUSE OpenStack Cloud 7:kernel-default-base-4.4.121-92.101.1.x86_64",
"SUSE OpenStack Cloud 7:kernel-default-devel-4.4.121-92.101.1.s390x",
"SUSE OpenStack Cloud 7:kernel-default-devel-4.4.121-92.101.1.x86_64",
"SUSE OpenStack Cloud 7:kernel-default-man-4.4.121-92.101.1.s390x",
"SUSE OpenStack Cloud 7:kernel-devel-4.4.121-92.101.1.noarch",
"SUSE OpenStack Cloud 7:kernel-macros-4.4.121-92.101.1.noarch",
"SUSE OpenStack Cloud 7:kernel-source-4.4.121-92.101.1.noarch",
"SUSE OpenStack Cloud 7:kernel-syms-4.4.121-92.101.1.s390x",
"SUSE OpenStack Cloud 7:kernel-syms-4.4.121-92.101.1.x86_64",
"SUSE OpenStack Cloud 7:kgraft-patch-4_4_121-92_101-default-1-3.3.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"products": [
"SUSE Enterprise Storage 4:kernel-default-4.4.121-92.101.1.x86_64",
"SUSE Enterprise Storage 4:kernel-default-base-4.4.121-92.101.1.x86_64",
"SUSE Enterprise Storage 4:kernel-default-devel-4.4.121-92.101.1.x86_64",
"SUSE Enterprise Storage 4:kernel-devel-4.4.121-92.101.1.noarch",
"SUSE Enterprise Storage 4:kernel-macros-4.4.121-92.101.1.noarch",
"SUSE Enterprise Storage 4:kernel-source-4.4.121-92.101.1.noarch",
"SUSE Enterprise Storage 4:kernel-syms-4.4.121-92.101.1.x86_64",
"SUSE Enterprise Storage 4:kgraft-patch-4_4_121-92_101-default-1-3.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP2:cluster-md-kmp-default-4.4.121-92.101.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP2:cluster-md-kmp-default-4.4.121-92.101.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP2:cluster-md-kmp-default-4.4.121-92.101.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP2:cluster-network-kmp-default-4.4.121-92.101.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP2:cluster-network-kmp-default-4.4.121-92.101.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP2:cluster-network-kmp-default-4.4.121-92.101.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP2:dlm-kmp-default-4.4.121-92.101.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP2:dlm-kmp-default-4.4.121-92.101.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP2:dlm-kmp-default-4.4.121-92.101.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP2:gfs2-kmp-default-4.4.121-92.101.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP2:gfs2-kmp-default-4.4.121-92.101.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP2:gfs2-kmp-default-4.4.121-92.101.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP2:ocfs2-kmp-default-4.4.121-92.101.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP2:ocfs2-kmp-default-4.4.121-92.101.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP2:ocfs2-kmp-default-4.4.121-92.101.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-BCL:kernel-default-4.4.121-92.101.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-BCL:kernel-default-base-4.4.121-92.101.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-BCL:kernel-default-devel-4.4.121-92.101.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-BCL:kernel-devel-4.4.121-92.101.1.noarch",
"SUSE Linux Enterprise Server 12 SP2-BCL:kernel-macros-4.4.121-92.101.1.noarch",
"SUSE Linux Enterprise Server 12 SP2-BCL:kernel-source-4.4.121-92.101.1.noarch",
"SUSE Linux Enterprise Server 12 SP2-BCL:kernel-syms-4.4.121-92.101.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-4.4.121-92.101.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-4.4.121-92.101.1.s390x",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-4.4.121-92.101.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-base-4.4.121-92.101.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-base-4.4.121-92.101.1.s390x",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-base-4.4.121-92.101.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-devel-4.4.121-92.101.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-devel-4.4.121-92.101.1.s390x",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-devel-4.4.121-92.101.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-man-4.4.121-92.101.1.s390x",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-devel-4.4.121-92.101.1.noarch",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-macros-4.4.121-92.101.1.noarch",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-source-4.4.121-92.101.1.noarch",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-syms-4.4.121-92.101.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-syms-4.4.121-92.101.1.s390x",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-syms-4.4.121-92.101.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kgraft-patch-4_4_121-92_101-default-1-3.3.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kgraft-patch-4_4_121-92_101-default-1-3.3.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-4.4.121-92.101.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-4.4.121-92.101.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-base-4.4.121-92.101.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-base-4.4.121-92.101.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-devel-4.4.121-92.101.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-devel-4.4.121-92.101.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-devel-4.4.121-92.101.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-macros-4.4.121-92.101.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-source-4.4.121-92.101.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-syms-4.4.121-92.101.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-syms-4.4.121-92.101.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kgraft-patch-4_4_121-92_101-default-1-3.3.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kgraft-patch-4_4_121-92_101-default-1-3.3.1.x86_64",
"SUSE OpenStack Cloud 7:kernel-default-4.4.121-92.101.1.s390x",
"SUSE OpenStack Cloud 7:kernel-default-4.4.121-92.101.1.x86_64",
"SUSE OpenStack Cloud 7:kernel-default-base-4.4.121-92.101.1.s390x",
"SUSE OpenStack Cloud 7:kernel-default-base-4.4.121-92.101.1.x86_64",
"SUSE OpenStack Cloud 7:kernel-default-devel-4.4.121-92.101.1.s390x",
"SUSE OpenStack Cloud 7:kernel-default-devel-4.4.121-92.101.1.x86_64",
"SUSE OpenStack Cloud 7:kernel-default-man-4.4.121-92.101.1.s390x",
"SUSE OpenStack Cloud 7:kernel-devel-4.4.121-92.101.1.noarch",
"SUSE OpenStack Cloud 7:kernel-macros-4.4.121-92.101.1.noarch",
"SUSE OpenStack Cloud 7:kernel-source-4.4.121-92.101.1.noarch",
"SUSE OpenStack Cloud 7:kernel-syms-4.4.121-92.101.1.s390x",
"SUSE OpenStack Cloud 7:kernel-syms-4.4.121-92.101.1.x86_64",
"SUSE OpenStack Cloud 7:kgraft-patch-4_4_121-92_101-default-1-3.3.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2019-02-19T14:35:53Z",
"details": "important"
}
],
"title": "CVE-2018-16884"
},
{
"cve": "CVE-2018-18281",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2018-18281"
}
],
"notes": [
{
"category": "general",
"text": "Since Linux kernel version 3.2, the mremap() syscall performs TLB flushes after dropping pagetable locks. If a syscall such as ftruncate() removes entries from the pagetables of a task that is in the middle of mremap(), a stale TLB entry can remain for a short time that permits access to a physical page after it has been released back to the page allocator and reused. This is fixed in the following kernel versions: 4.9.135, 4.14.78, 4.18.16, 4.19.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Enterprise Storage 4:kernel-default-4.4.121-92.101.1.x86_64",
"SUSE Enterprise Storage 4:kernel-default-base-4.4.121-92.101.1.x86_64",
"SUSE Enterprise Storage 4:kernel-default-devel-4.4.121-92.101.1.x86_64",
"SUSE Enterprise Storage 4:kernel-devel-4.4.121-92.101.1.noarch",
"SUSE Enterprise Storage 4:kernel-macros-4.4.121-92.101.1.noarch",
"SUSE Enterprise Storage 4:kernel-source-4.4.121-92.101.1.noarch",
"SUSE Enterprise Storage 4:kernel-syms-4.4.121-92.101.1.x86_64",
"SUSE Enterprise Storage 4:kgraft-patch-4_4_121-92_101-default-1-3.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP2:cluster-md-kmp-default-4.4.121-92.101.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP2:cluster-md-kmp-default-4.4.121-92.101.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP2:cluster-md-kmp-default-4.4.121-92.101.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP2:cluster-network-kmp-default-4.4.121-92.101.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP2:cluster-network-kmp-default-4.4.121-92.101.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP2:cluster-network-kmp-default-4.4.121-92.101.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP2:dlm-kmp-default-4.4.121-92.101.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP2:dlm-kmp-default-4.4.121-92.101.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP2:dlm-kmp-default-4.4.121-92.101.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP2:gfs2-kmp-default-4.4.121-92.101.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP2:gfs2-kmp-default-4.4.121-92.101.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP2:gfs2-kmp-default-4.4.121-92.101.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP2:ocfs2-kmp-default-4.4.121-92.101.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP2:ocfs2-kmp-default-4.4.121-92.101.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP2:ocfs2-kmp-default-4.4.121-92.101.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-BCL:kernel-default-4.4.121-92.101.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-BCL:kernel-default-base-4.4.121-92.101.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-BCL:kernel-default-devel-4.4.121-92.101.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-BCL:kernel-devel-4.4.121-92.101.1.noarch",
"SUSE Linux Enterprise Server 12 SP2-BCL:kernel-macros-4.4.121-92.101.1.noarch",
"SUSE Linux Enterprise Server 12 SP2-BCL:kernel-source-4.4.121-92.101.1.noarch",
"SUSE Linux Enterprise Server 12 SP2-BCL:kernel-syms-4.4.121-92.101.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-4.4.121-92.101.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-4.4.121-92.101.1.s390x",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-4.4.121-92.101.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-base-4.4.121-92.101.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-base-4.4.121-92.101.1.s390x",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-base-4.4.121-92.101.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-devel-4.4.121-92.101.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-devel-4.4.121-92.101.1.s390x",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-devel-4.4.121-92.101.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-man-4.4.121-92.101.1.s390x",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-devel-4.4.121-92.101.1.noarch",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-macros-4.4.121-92.101.1.noarch",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-source-4.4.121-92.101.1.noarch",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-syms-4.4.121-92.101.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-syms-4.4.121-92.101.1.s390x",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-syms-4.4.121-92.101.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kgraft-patch-4_4_121-92_101-default-1-3.3.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kgraft-patch-4_4_121-92_101-default-1-3.3.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-4.4.121-92.101.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-4.4.121-92.101.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-base-4.4.121-92.101.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-base-4.4.121-92.101.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-devel-4.4.121-92.101.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-devel-4.4.121-92.101.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-devel-4.4.121-92.101.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-macros-4.4.121-92.101.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-source-4.4.121-92.101.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-syms-4.4.121-92.101.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-syms-4.4.121-92.101.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kgraft-patch-4_4_121-92_101-default-1-3.3.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kgraft-patch-4_4_121-92_101-default-1-3.3.1.x86_64",
"SUSE OpenStack Cloud 7:kernel-default-4.4.121-92.101.1.s390x",
"SUSE OpenStack Cloud 7:kernel-default-4.4.121-92.101.1.x86_64",
"SUSE OpenStack Cloud 7:kernel-default-base-4.4.121-92.101.1.s390x",
"SUSE OpenStack Cloud 7:kernel-default-base-4.4.121-92.101.1.x86_64",
"SUSE OpenStack Cloud 7:kernel-default-devel-4.4.121-92.101.1.s390x",
"SUSE OpenStack Cloud 7:kernel-default-devel-4.4.121-92.101.1.x86_64",
"SUSE OpenStack Cloud 7:kernel-default-man-4.4.121-92.101.1.s390x",
"SUSE OpenStack Cloud 7:kernel-devel-4.4.121-92.101.1.noarch",
"SUSE OpenStack Cloud 7:kernel-macros-4.4.121-92.101.1.noarch",
"SUSE OpenStack Cloud 7:kernel-source-4.4.121-92.101.1.noarch",
"SUSE OpenStack Cloud 7:kernel-syms-4.4.121-92.101.1.s390x",
"SUSE OpenStack Cloud 7:kernel-syms-4.4.121-92.101.1.x86_64",
"SUSE OpenStack Cloud 7:kgraft-patch-4_4_121-92_101-default-1-3.3.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2018-18281",
"url": "https://www.suse.com/security/cve/CVE-2018-18281"
},
{
"category": "external",
"summary": "SUSE Bug 1113769 for CVE-2018-18281",
"url": "https://bugzilla.suse.com/1113769"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Enterprise Storage 4:kernel-default-4.4.121-92.101.1.x86_64",
"SUSE Enterprise Storage 4:kernel-default-base-4.4.121-92.101.1.x86_64",
"SUSE Enterprise Storage 4:kernel-default-devel-4.4.121-92.101.1.x86_64",
"SUSE Enterprise Storage 4:kernel-devel-4.4.121-92.101.1.noarch",
"SUSE Enterprise Storage 4:kernel-macros-4.4.121-92.101.1.noarch",
"SUSE Enterprise Storage 4:kernel-source-4.4.121-92.101.1.noarch",
"SUSE Enterprise Storage 4:kernel-syms-4.4.121-92.101.1.x86_64",
"SUSE Enterprise Storage 4:kgraft-patch-4_4_121-92_101-default-1-3.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP2:cluster-md-kmp-default-4.4.121-92.101.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP2:cluster-md-kmp-default-4.4.121-92.101.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP2:cluster-md-kmp-default-4.4.121-92.101.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP2:cluster-network-kmp-default-4.4.121-92.101.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP2:cluster-network-kmp-default-4.4.121-92.101.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP2:cluster-network-kmp-default-4.4.121-92.101.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP2:dlm-kmp-default-4.4.121-92.101.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP2:dlm-kmp-default-4.4.121-92.101.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP2:dlm-kmp-default-4.4.121-92.101.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP2:gfs2-kmp-default-4.4.121-92.101.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP2:gfs2-kmp-default-4.4.121-92.101.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP2:gfs2-kmp-default-4.4.121-92.101.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP2:ocfs2-kmp-default-4.4.121-92.101.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP2:ocfs2-kmp-default-4.4.121-92.101.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP2:ocfs2-kmp-default-4.4.121-92.101.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-BCL:kernel-default-4.4.121-92.101.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-BCL:kernel-default-base-4.4.121-92.101.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-BCL:kernel-default-devel-4.4.121-92.101.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-BCL:kernel-devel-4.4.121-92.101.1.noarch",
"SUSE Linux Enterprise Server 12 SP2-BCL:kernel-macros-4.4.121-92.101.1.noarch",
"SUSE Linux Enterprise Server 12 SP2-BCL:kernel-source-4.4.121-92.101.1.noarch",
"SUSE Linux Enterprise Server 12 SP2-BCL:kernel-syms-4.4.121-92.101.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-4.4.121-92.101.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-4.4.121-92.101.1.s390x",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-4.4.121-92.101.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-base-4.4.121-92.101.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-base-4.4.121-92.101.1.s390x",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-base-4.4.121-92.101.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-devel-4.4.121-92.101.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-devel-4.4.121-92.101.1.s390x",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-devel-4.4.121-92.101.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-man-4.4.121-92.101.1.s390x",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-devel-4.4.121-92.101.1.noarch",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-macros-4.4.121-92.101.1.noarch",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-source-4.4.121-92.101.1.noarch",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-syms-4.4.121-92.101.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-syms-4.4.121-92.101.1.s390x",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-syms-4.4.121-92.101.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kgraft-patch-4_4_121-92_101-default-1-3.3.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kgraft-patch-4_4_121-92_101-default-1-3.3.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-4.4.121-92.101.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-4.4.121-92.101.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-base-4.4.121-92.101.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-base-4.4.121-92.101.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-devel-4.4.121-92.101.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-devel-4.4.121-92.101.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-devel-4.4.121-92.101.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-macros-4.4.121-92.101.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-source-4.4.121-92.101.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-syms-4.4.121-92.101.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-syms-4.4.121-92.101.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kgraft-patch-4_4_121-92_101-default-1-3.3.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kgraft-patch-4_4_121-92_101-default-1-3.3.1.x86_64",
"SUSE OpenStack Cloud 7:kernel-default-4.4.121-92.101.1.s390x",
"SUSE OpenStack Cloud 7:kernel-default-4.4.121-92.101.1.x86_64",
"SUSE OpenStack Cloud 7:kernel-default-base-4.4.121-92.101.1.s390x",
"SUSE OpenStack Cloud 7:kernel-default-base-4.4.121-92.101.1.x86_64",
"SUSE OpenStack Cloud 7:kernel-default-devel-4.4.121-92.101.1.s390x",
"SUSE OpenStack Cloud 7:kernel-default-devel-4.4.121-92.101.1.x86_64",
"SUSE OpenStack Cloud 7:kernel-default-man-4.4.121-92.101.1.s390x",
"SUSE OpenStack Cloud 7:kernel-devel-4.4.121-92.101.1.noarch",
"SUSE OpenStack Cloud 7:kernel-macros-4.4.121-92.101.1.noarch",
"SUSE OpenStack Cloud 7:kernel-source-4.4.121-92.101.1.noarch",
"SUSE OpenStack Cloud 7:kernel-syms-4.4.121-92.101.1.s390x",
"SUSE OpenStack Cloud 7:kernel-syms-4.4.121-92.101.1.x86_64",
"SUSE OpenStack Cloud 7:kgraft-patch-4_4_121-92_101-default-1-3.3.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.6,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:N/A:N",
"version": "3.0"
},
"products": [
"SUSE Enterprise Storage 4:kernel-default-4.4.121-92.101.1.x86_64",
"SUSE Enterprise Storage 4:kernel-default-base-4.4.121-92.101.1.x86_64",
"SUSE Enterprise Storage 4:kernel-default-devel-4.4.121-92.101.1.x86_64",
"SUSE Enterprise Storage 4:kernel-devel-4.4.121-92.101.1.noarch",
"SUSE Enterprise Storage 4:kernel-macros-4.4.121-92.101.1.noarch",
"SUSE Enterprise Storage 4:kernel-source-4.4.121-92.101.1.noarch",
"SUSE Enterprise Storage 4:kernel-syms-4.4.121-92.101.1.x86_64",
"SUSE Enterprise Storage 4:kgraft-patch-4_4_121-92_101-default-1-3.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP2:cluster-md-kmp-default-4.4.121-92.101.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP2:cluster-md-kmp-default-4.4.121-92.101.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP2:cluster-md-kmp-default-4.4.121-92.101.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP2:cluster-network-kmp-default-4.4.121-92.101.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP2:cluster-network-kmp-default-4.4.121-92.101.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP2:cluster-network-kmp-default-4.4.121-92.101.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP2:dlm-kmp-default-4.4.121-92.101.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP2:dlm-kmp-default-4.4.121-92.101.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP2:dlm-kmp-default-4.4.121-92.101.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP2:gfs2-kmp-default-4.4.121-92.101.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP2:gfs2-kmp-default-4.4.121-92.101.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP2:gfs2-kmp-default-4.4.121-92.101.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP2:ocfs2-kmp-default-4.4.121-92.101.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP2:ocfs2-kmp-default-4.4.121-92.101.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP2:ocfs2-kmp-default-4.4.121-92.101.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-BCL:kernel-default-4.4.121-92.101.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-BCL:kernel-default-base-4.4.121-92.101.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-BCL:kernel-default-devel-4.4.121-92.101.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-BCL:kernel-devel-4.4.121-92.101.1.noarch",
"SUSE Linux Enterprise Server 12 SP2-BCL:kernel-macros-4.4.121-92.101.1.noarch",
"SUSE Linux Enterprise Server 12 SP2-BCL:kernel-source-4.4.121-92.101.1.noarch",
"SUSE Linux Enterprise Server 12 SP2-BCL:kernel-syms-4.4.121-92.101.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-4.4.121-92.101.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-4.4.121-92.101.1.s390x",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-4.4.121-92.101.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-base-4.4.121-92.101.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-base-4.4.121-92.101.1.s390x",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-base-4.4.121-92.101.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-devel-4.4.121-92.101.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-devel-4.4.121-92.101.1.s390x",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-devel-4.4.121-92.101.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-man-4.4.121-92.101.1.s390x",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-devel-4.4.121-92.101.1.noarch",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-macros-4.4.121-92.101.1.noarch",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-source-4.4.121-92.101.1.noarch",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-syms-4.4.121-92.101.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-syms-4.4.121-92.101.1.s390x",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-syms-4.4.121-92.101.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kgraft-patch-4_4_121-92_101-default-1-3.3.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kgraft-patch-4_4_121-92_101-default-1-3.3.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-4.4.121-92.101.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-4.4.121-92.101.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-base-4.4.121-92.101.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-base-4.4.121-92.101.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-devel-4.4.121-92.101.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-devel-4.4.121-92.101.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-devel-4.4.121-92.101.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-macros-4.4.121-92.101.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-source-4.4.121-92.101.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-syms-4.4.121-92.101.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-syms-4.4.121-92.101.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kgraft-patch-4_4_121-92_101-default-1-3.3.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kgraft-patch-4_4_121-92_101-default-1-3.3.1.x86_64",
"SUSE OpenStack Cloud 7:kernel-default-4.4.121-92.101.1.s390x",
"SUSE OpenStack Cloud 7:kernel-default-4.4.121-92.101.1.x86_64",
"SUSE OpenStack Cloud 7:kernel-default-base-4.4.121-92.101.1.s390x",
"SUSE OpenStack Cloud 7:kernel-default-base-4.4.121-92.101.1.x86_64",
"SUSE OpenStack Cloud 7:kernel-default-devel-4.4.121-92.101.1.s390x",
"SUSE OpenStack Cloud 7:kernel-default-devel-4.4.121-92.101.1.x86_64",
"SUSE OpenStack Cloud 7:kernel-default-man-4.4.121-92.101.1.s390x",
"SUSE OpenStack Cloud 7:kernel-devel-4.4.121-92.101.1.noarch",
"SUSE OpenStack Cloud 7:kernel-macros-4.4.121-92.101.1.noarch",
"SUSE OpenStack Cloud 7:kernel-source-4.4.121-92.101.1.noarch",
"SUSE OpenStack Cloud 7:kernel-syms-4.4.121-92.101.1.s390x",
"SUSE OpenStack Cloud 7:kernel-syms-4.4.121-92.101.1.x86_64",
"SUSE OpenStack Cloud 7:kgraft-patch-4_4_121-92_101-default-1-3.3.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2019-02-19T14:35:53Z",
"details": "moderate"
}
],
"title": "CVE-2018-18281"
},
{
"cve": "CVE-2018-18386",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2018-18386"
}
],
"notes": [
{
"category": "general",
"text": "drivers/tty/n_tty.c in the Linux kernel before 4.14.11 allows local attackers (who are able to access pseudo terminals) to hang/block further usage of any pseudo terminal devices due to an EXTPROC versus ICANON confusion in TIOCINQ.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Enterprise Storage 4:kernel-default-4.4.121-92.101.1.x86_64",
"SUSE Enterprise Storage 4:kernel-default-base-4.4.121-92.101.1.x86_64",
"SUSE Enterprise Storage 4:kernel-default-devel-4.4.121-92.101.1.x86_64",
"SUSE Enterprise Storage 4:kernel-devel-4.4.121-92.101.1.noarch",
"SUSE Enterprise Storage 4:kernel-macros-4.4.121-92.101.1.noarch",
"SUSE Enterprise Storage 4:kernel-source-4.4.121-92.101.1.noarch",
"SUSE Enterprise Storage 4:kernel-syms-4.4.121-92.101.1.x86_64",
"SUSE Enterprise Storage 4:kgraft-patch-4_4_121-92_101-default-1-3.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP2:cluster-md-kmp-default-4.4.121-92.101.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP2:cluster-md-kmp-default-4.4.121-92.101.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP2:cluster-md-kmp-default-4.4.121-92.101.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP2:cluster-network-kmp-default-4.4.121-92.101.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP2:cluster-network-kmp-default-4.4.121-92.101.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP2:cluster-network-kmp-default-4.4.121-92.101.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP2:dlm-kmp-default-4.4.121-92.101.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP2:dlm-kmp-default-4.4.121-92.101.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP2:dlm-kmp-default-4.4.121-92.101.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP2:gfs2-kmp-default-4.4.121-92.101.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP2:gfs2-kmp-default-4.4.121-92.101.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP2:gfs2-kmp-default-4.4.121-92.101.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP2:ocfs2-kmp-default-4.4.121-92.101.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP2:ocfs2-kmp-default-4.4.121-92.101.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP2:ocfs2-kmp-default-4.4.121-92.101.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-BCL:kernel-default-4.4.121-92.101.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-BCL:kernel-default-base-4.4.121-92.101.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-BCL:kernel-default-devel-4.4.121-92.101.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-BCL:kernel-devel-4.4.121-92.101.1.noarch",
"SUSE Linux Enterprise Server 12 SP2-BCL:kernel-macros-4.4.121-92.101.1.noarch",
"SUSE Linux Enterprise Server 12 SP2-BCL:kernel-source-4.4.121-92.101.1.noarch",
"SUSE Linux Enterprise Server 12 SP2-BCL:kernel-syms-4.4.121-92.101.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-4.4.121-92.101.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-4.4.121-92.101.1.s390x",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-4.4.121-92.101.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-base-4.4.121-92.101.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-base-4.4.121-92.101.1.s390x",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-base-4.4.121-92.101.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-devel-4.4.121-92.101.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-devel-4.4.121-92.101.1.s390x",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-devel-4.4.121-92.101.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-man-4.4.121-92.101.1.s390x",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-devel-4.4.121-92.101.1.noarch",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-macros-4.4.121-92.101.1.noarch",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-source-4.4.121-92.101.1.noarch",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-syms-4.4.121-92.101.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-syms-4.4.121-92.101.1.s390x",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-syms-4.4.121-92.101.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kgraft-patch-4_4_121-92_101-default-1-3.3.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kgraft-patch-4_4_121-92_101-default-1-3.3.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-4.4.121-92.101.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-4.4.121-92.101.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-base-4.4.121-92.101.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-base-4.4.121-92.101.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-devel-4.4.121-92.101.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-devel-4.4.121-92.101.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-devel-4.4.121-92.101.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-macros-4.4.121-92.101.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-source-4.4.121-92.101.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-syms-4.4.121-92.101.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-syms-4.4.121-92.101.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kgraft-patch-4_4_121-92_101-default-1-3.3.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kgraft-patch-4_4_121-92_101-default-1-3.3.1.x86_64",
"SUSE OpenStack Cloud 7:kernel-default-4.4.121-92.101.1.s390x",
"SUSE OpenStack Cloud 7:kernel-default-4.4.121-92.101.1.x86_64",
"SUSE OpenStack Cloud 7:kernel-default-base-4.4.121-92.101.1.s390x",
"SUSE OpenStack Cloud 7:kernel-default-base-4.4.121-92.101.1.x86_64",
"SUSE OpenStack Cloud 7:kernel-default-devel-4.4.121-92.101.1.s390x",
"SUSE OpenStack Cloud 7:kernel-default-devel-4.4.121-92.101.1.x86_64",
"SUSE OpenStack Cloud 7:kernel-default-man-4.4.121-92.101.1.s390x",
"SUSE OpenStack Cloud 7:kernel-devel-4.4.121-92.101.1.noarch",
"SUSE OpenStack Cloud 7:kernel-macros-4.4.121-92.101.1.noarch",
"SUSE OpenStack Cloud 7:kernel-source-4.4.121-92.101.1.noarch",
"SUSE OpenStack Cloud 7:kernel-syms-4.4.121-92.101.1.s390x",
"SUSE OpenStack Cloud 7:kernel-syms-4.4.121-92.101.1.x86_64",
"SUSE OpenStack Cloud 7:kgraft-patch-4_4_121-92_101-default-1-3.3.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2018-18386",
"url": "https://www.suse.com/security/cve/CVE-2018-18386"
},
{
"category": "external",
"summary": "SUSE Bug 1094825 for CVE-2018-18386",
"url": "https://bugzilla.suse.com/1094825"
},
{
"category": "external",
"summary": "SUSE Bug 1112039 for CVE-2018-18386",
"url": "https://bugzilla.suse.com/1112039"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Enterprise Storage 4:kernel-default-4.4.121-92.101.1.x86_64",
"SUSE Enterprise Storage 4:kernel-default-base-4.4.121-92.101.1.x86_64",
"SUSE Enterprise Storage 4:kernel-default-devel-4.4.121-92.101.1.x86_64",
"SUSE Enterprise Storage 4:kernel-devel-4.4.121-92.101.1.noarch",
"SUSE Enterprise Storage 4:kernel-macros-4.4.121-92.101.1.noarch",
"SUSE Enterprise Storage 4:kernel-source-4.4.121-92.101.1.noarch",
"SUSE Enterprise Storage 4:kernel-syms-4.4.121-92.101.1.x86_64",
"SUSE Enterprise Storage 4:kgraft-patch-4_4_121-92_101-default-1-3.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP2:cluster-md-kmp-default-4.4.121-92.101.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP2:cluster-md-kmp-default-4.4.121-92.101.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP2:cluster-md-kmp-default-4.4.121-92.101.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP2:cluster-network-kmp-default-4.4.121-92.101.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP2:cluster-network-kmp-default-4.4.121-92.101.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP2:cluster-network-kmp-default-4.4.121-92.101.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP2:dlm-kmp-default-4.4.121-92.101.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP2:dlm-kmp-default-4.4.121-92.101.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP2:dlm-kmp-default-4.4.121-92.101.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP2:gfs2-kmp-default-4.4.121-92.101.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP2:gfs2-kmp-default-4.4.121-92.101.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP2:gfs2-kmp-default-4.4.121-92.101.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP2:ocfs2-kmp-default-4.4.121-92.101.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP2:ocfs2-kmp-default-4.4.121-92.101.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP2:ocfs2-kmp-default-4.4.121-92.101.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-BCL:kernel-default-4.4.121-92.101.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-BCL:kernel-default-base-4.4.121-92.101.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-BCL:kernel-default-devel-4.4.121-92.101.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-BCL:kernel-devel-4.4.121-92.101.1.noarch",
"SUSE Linux Enterprise Server 12 SP2-BCL:kernel-macros-4.4.121-92.101.1.noarch",
"SUSE Linux Enterprise Server 12 SP2-BCL:kernel-source-4.4.121-92.101.1.noarch",
"SUSE Linux Enterprise Server 12 SP2-BCL:kernel-syms-4.4.121-92.101.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-4.4.121-92.101.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-4.4.121-92.101.1.s390x",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-4.4.121-92.101.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-base-4.4.121-92.101.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-base-4.4.121-92.101.1.s390x",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-base-4.4.121-92.101.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-devel-4.4.121-92.101.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-devel-4.4.121-92.101.1.s390x",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-devel-4.4.121-92.101.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-man-4.4.121-92.101.1.s390x",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-devel-4.4.121-92.101.1.noarch",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-macros-4.4.121-92.101.1.noarch",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-source-4.4.121-92.101.1.noarch",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-syms-4.4.121-92.101.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-syms-4.4.121-92.101.1.s390x",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-syms-4.4.121-92.101.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kgraft-patch-4_4_121-92_101-default-1-3.3.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kgraft-patch-4_4_121-92_101-default-1-3.3.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-4.4.121-92.101.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-4.4.121-92.101.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-base-4.4.121-92.101.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-base-4.4.121-92.101.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-devel-4.4.121-92.101.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-devel-4.4.121-92.101.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-devel-4.4.121-92.101.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-macros-4.4.121-92.101.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-source-4.4.121-92.101.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-syms-4.4.121-92.101.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-syms-4.4.121-92.101.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kgraft-patch-4_4_121-92_101-default-1-3.3.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kgraft-patch-4_4_121-92_101-default-1-3.3.1.x86_64",
"SUSE OpenStack Cloud 7:kernel-default-4.4.121-92.101.1.s390x",
"SUSE OpenStack Cloud 7:kernel-default-4.4.121-92.101.1.x86_64",
"SUSE OpenStack Cloud 7:kernel-default-base-4.4.121-92.101.1.s390x",
"SUSE OpenStack Cloud 7:kernel-default-base-4.4.121-92.101.1.x86_64",
"SUSE OpenStack Cloud 7:kernel-default-devel-4.4.121-92.101.1.s390x",
"SUSE OpenStack Cloud 7:kernel-default-devel-4.4.121-92.101.1.x86_64",
"SUSE OpenStack Cloud 7:kernel-default-man-4.4.121-92.101.1.s390x",
"SUSE OpenStack Cloud 7:kernel-devel-4.4.121-92.101.1.noarch",
"SUSE OpenStack Cloud 7:kernel-macros-4.4.121-92.101.1.noarch",
"SUSE OpenStack Cloud 7:kernel-source-4.4.121-92.101.1.noarch",
"SUSE OpenStack Cloud 7:kernel-syms-4.4.121-92.101.1.s390x",
"SUSE OpenStack Cloud 7:kernel-syms-4.4.121-92.101.1.x86_64",
"SUSE OpenStack Cloud 7:kgraft-patch-4_4_121-92_101-default-1-3.3.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.2,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.0"
},
"products": [
"SUSE Enterprise Storage 4:kernel-default-4.4.121-92.101.1.x86_64",
"SUSE Enterprise Storage 4:kernel-default-base-4.4.121-92.101.1.x86_64",
"SUSE Enterprise Storage 4:kernel-default-devel-4.4.121-92.101.1.x86_64",
"SUSE Enterprise Storage 4:kernel-devel-4.4.121-92.101.1.noarch",
"SUSE Enterprise Storage 4:kernel-macros-4.4.121-92.101.1.noarch",
"SUSE Enterprise Storage 4:kernel-source-4.4.121-92.101.1.noarch",
"SUSE Enterprise Storage 4:kernel-syms-4.4.121-92.101.1.x86_64",
"SUSE Enterprise Storage 4:kgraft-patch-4_4_121-92_101-default-1-3.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP2:cluster-md-kmp-default-4.4.121-92.101.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP2:cluster-md-kmp-default-4.4.121-92.101.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP2:cluster-md-kmp-default-4.4.121-92.101.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP2:cluster-network-kmp-default-4.4.121-92.101.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP2:cluster-network-kmp-default-4.4.121-92.101.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP2:cluster-network-kmp-default-4.4.121-92.101.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP2:dlm-kmp-default-4.4.121-92.101.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP2:dlm-kmp-default-4.4.121-92.101.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP2:dlm-kmp-default-4.4.121-92.101.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP2:gfs2-kmp-default-4.4.121-92.101.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP2:gfs2-kmp-default-4.4.121-92.101.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP2:gfs2-kmp-default-4.4.121-92.101.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP2:ocfs2-kmp-default-4.4.121-92.101.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP2:ocfs2-kmp-default-4.4.121-92.101.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP2:ocfs2-kmp-default-4.4.121-92.101.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-BCL:kernel-default-4.4.121-92.101.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-BCL:kernel-default-base-4.4.121-92.101.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-BCL:kernel-default-devel-4.4.121-92.101.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-BCL:kernel-devel-4.4.121-92.101.1.noarch",
"SUSE Linux Enterprise Server 12 SP2-BCL:kernel-macros-4.4.121-92.101.1.noarch",
"SUSE Linux Enterprise Server 12 SP2-BCL:kernel-source-4.4.121-92.101.1.noarch",
"SUSE Linux Enterprise Server 12 SP2-BCL:kernel-syms-4.4.121-92.101.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-4.4.121-92.101.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-4.4.121-92.101.1.s390x",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-4.4.121-92.101.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-base-4.4.121-92.101.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-base-4.4.121-92.101.1.s390x",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-base-4.4.121-92.101.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-devel-4.4.121-92.101.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-devel-4.4.121-92.101.1.s390x",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-devel-4.4.121-92.101.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-man-4.4.121-92.101.1.s390x",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-devel-4.4.121-92.101.1.noarch",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-macros-4.4.121-92.101.1.noarch",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-source-4.4.121-92.101.1.noarch",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-syms-4.4.121-92.101.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-syms-4.4.121-92.101.1.s390x",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-syms-4.4.121-92.101.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kgraft-patch-4_4_121-92_101-default-1-3.3.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kgraft-patch-4_4_121-92_101-default-1-3.3.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-4.4.121-92.101.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-4.4.121-92.101.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-base-4.4.121-92.101.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-base-4.4.121-92.101.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-devel-4.4.121-92.101.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-devel-4.4.121-92.101.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-devel-4.4.121-92.101.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-macros-4.4.121-92.101.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-source-4.4.121-92.101.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-syms-4.4.121-92.101.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-syms-4.4.121-92.101.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kgraft-patch-4_4_121-92_101-default-1-3.3.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kgraft-patch-4_4_121-92_101-default-1-3.3.1.x86_64",
"SUSE OpenStack Cloud 7:kernel-default-4.4.121-92.101.1.s390x",
"SUSE OpenStack Cloud 7:kernel-default-4.4.121-92.101.1.x86_64",
"SUSE OpenStack Cloud 7:kernel-default-base-4.4.121-92.101.1.s390x",
"SUSE OpenStack Cloud 7:kernel-default-base-4.4.121-92.101.1.x86_64",
"SUSE OpenStack Cloud 7:kernel-default-devel-4.4.121-92.101.1.s390x",
"SUSE OpenStack Cloud 7:kernel-default-devel-4.4.121-92.101.1.x86_64",
"SUSE OpenStack Cloud 7:kernel-default-man-4.4.121-92.101.1.s390x",
"SUSE OpenStack Cloud 7:kernel-devel-4.4.121-92.101.1.noarch",
"SUSE OpenStack Cloud 7:kernel-macros-4.4.121-92.101.1.noarch",
"SUSE OpenStack Cloud 7:kernel-source-4.4.121-92.101.1.noarch",
"SUSE OpenStack Cloud 7:kernel-syms-4.4.121-92.101.1.s390x",
"SUSE OpenStack Cloud 7:kernel-syms-4.4.121-92.101.1.x86_64",
"SUSE OpenStack Cloud 7:kgraft-patch-4_4_121-92_101-default-1-3.3.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2019-02-19T14:35:53Z",
"details": "moderate"
}
],
"title": "CVE-2018-18386"
},
{
"cve": "CVE-2018-18690",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2018-18690"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel before 4.17, a local attacker able to set attributes on an xfs filesystem could make this filesystem non-operational until the next mount by triggering an unchecked error condition during an xfs attribute change, because xfs_attr_shortform_addname in fs/xfs/libxfs/xfs_attr.c mishandles ATTR_REPLACE operations with conversion of an attr from short to long form.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Enterprise Storage 4:kernel-default-4.4.121-92.101.1.x86_64",
"SUSE Enterprise Storage 4:kernel-default-base-4.4.121-92.101.1.x86_64",
"SUSE Enterprise Storage 4:kernel-default-devel-4.4.121-92.101.1.x86_64",
"SUSE Enterprise Storage 4:kernel-devel-4.4.121-92.101.1.noarch",
"SUSE Enterprise Storage 4:kernel-macros-4.4.121-92.101.1.noarch",
"SUSE Enterprise Storage 4:kernel-source-4.4.121-92.101.1.noarch",
"SUSE Enterprise Storage 4:kernel-syms-4.4.121-92.101.1.x86_64",
"SUSE Enterprise Storage 4:kgraft-patch-4_4_121-92_101-default-1-3.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP2:cluster-md-kmp-default-4.4.121-92.101.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP2:cluster-md-kmp-default-4.4.121-92.101.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP2:cluster-md-kmp-default-4.4.121-92.101.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP2:cluster-network-kmp-default-4.4.121-92.101.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP2:cluster-network-kmp-default-4.4.121-92.101.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP2:cluster-network-kmp-default-4.4.121-92.101.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP2:dlm-kmp-default-4.4.121-92.101.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP2:dlm-kmp-default-4.4.121-92.101.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP2:dlm-kmp-default-4.4.121-92.101.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP2:gfs2-kmp-default-4.4.121-92.101.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP2:gfs2-kmp-default-4.4.121-92.101.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP2:gfs2-kmp-default-4.4.121-92.101.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP2:ocfs2-kmp-default-4.4.121-92.101.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP2:ocfs2-kmp-default-4.4.121-92.101.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP2:ocfs2-kmp-default-4.4.121-92.101.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-BCL:kernel-default-4.4.121-92.101.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-BCL:kernel-default-base-4.4.121-92.101.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-BCL:kernel-default-devel-4.4.121-92.101.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-BCL:kernel-devel-4.4.121-92.101.1.noarch",
"SUSE Linux Enterprise Server 12 SP2-BCL:kernel-macros-4.4.121-92.101.1.noarch",
"SUSE Linux Enterprise Server 12 SP2-BCL:kernel-source-4.4.121-92.101.1.noarch",
"SUSE Linux Enterprise Server 12 SP2-BCL:kernel-syms-4.4.121-92.101.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-4.4.121-92.101.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-4.4.121-92.101.1.s390x",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-4.4.121-92.101.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-base-4.4.121-92.101.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-base-4.4.121-92.101.1.s390x",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-base-4.4.121-92.101.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-devel-4.4.121-92.101.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-devel-4.4.121-92.101.1.s390x",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-devel-4.4.121-92.101.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-man-4.4.121-92.101.1.s390x",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-devel-4.4.121-92.101.1.noarch",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-macros-4.4.121-92.101.1.noarch",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-source-4.4.121-92.101.1.noarch",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-syms-4.4.121-92.101.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-syms-4.4.121-92.101.1.s390x",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-syms-4.4.121-92.101.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kgraft-patch-4_4_121-92_101-default-1-3.3.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kgraft-patch-4_4_121-92_101-default-1-3.3.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-4.4.121-92.101.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-4.4.121-92.101.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-base-4.4.121-92.101.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-base-4.4.121-92.101.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-devel-4.4.121-92.101.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-devel-4.4.121-92.101.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-devel-4.4.121-92.101.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-macros-4.4.121-92.101.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-source-4.4.121-92.101.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-syms-4.4.121-92.101.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-syms-4.4.121-92.101.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kgraft-patch-4_4_121-92_101-default-1-3.3.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kgraft-patch-4_4_121-92_101-default-1-3.3.1.x86_64",
"SUSE OpenStack Cloud 7:kernel-default-4.4.121-92.101.1.s390x",
"SUSE OpenStack Cloud 7:kernel-default-4.4.121-92.101.1.x86_64",
"SUSE OpenStack Cloud 7:kernel-default-base-4.4.121-92.101.1.s390x",
"SUSE OpenStack Cloud 7:kernel-default-base-4.4.121-92.101.1.x86_64",
"SUSE OpenStack Cloud 7:kernel-default-devel-4.4.121-92.101.1.s390x",
"SUSE OpenStack Cloud 7:kernel-default-devel-4.4.121-92.101.1.x86_64",
"SUSE OpenStack Cloud 7:kernel-default-man-4.4.121-92.101.1.s390x",
"SUSE OpenStack Cloud 7:kernel-devel-4.4.121-92.101.1.noarch",
"SUSE OpenStack Cloud 7:kernel-macros-4.4.121-92.101.1.noarch",
"SUSE OpenStack Cloud 7:kernel-source-4.4.121-92.101.1.noarch",
"SUSE OpenStack Cloud 7:kernel-syms-4.4.121-92.101.1.s390x",
"SUSE OpenStack Cloud 7:kernel-syms-4.4.121-92.101.1.x86_64",
"SUSE OpenStack Cloud 7:kgraft-patch-4_4_121-92_101-default-1-3.3.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2018-18690",
"url": "https://www.suse.com/security/cve/CVE-2018-18690"
},
{
"category": "external",
"summary": "SUSE Bug 1105025 for CVE-2018-18690",
"url": "https://bugzilla.suse.com/1105025"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Enterprise Storage 4:kernel-default-4.4.121-92.101.1.x86_64",
"SUSE Enterprise Storage 4:kernel-default-base-4.4.121-92.101.1.x86_64",
"SUSE Enterprise Storage 4:kernel-default-devel-4.4.121-92.101.1.x86_64",
"SUSE Enterprise Storage 4:kernel-devel-4.4.121-92.101.1.noarch",
"SUSE Enterprise Storage 4:kernel-macros-4.4.121-92.101.1.noarch",
"SUSE Enterprise Storage 4:kernel-source-4.4.121-92.101.1.noarch",
"SUSE Enterprise Storage 4:kernel-syms-4.4.121-92.101.1.x86_64",
"SUSE Enterprise Storage 4:kgraft-patch-4_4_121-92_101-default-1-3.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP2:cluster-md-kmp-default-4.4.121-92.101.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP2:cluster-md-kmp-default-4.4.121-92.101.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP2:cluster-md-kmp-default-4.4.121-92.101.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP2:cluster-network-kmp-default-4.4.121-92.101.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP2:cluster-network-kmp-default-4.4.121-92.101.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP2:cluster-network-kmp-default-4.4.121-92.101.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP2:dlm-kmp-default-4.4.121-92.101.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP2:dlm-kmp-default-4.4.121-92.101.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP2:dlm-kmp-default-4.4.121-92.101.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP2:gfs2-kmp-default-4.4.121-92.101.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP2:gfs2-kmp-default-4.4.121-92.101.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP2:gfs2-kmp-default-4.4.121-92.101.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP2:ocfs2-kmp-default-4.4.121-92.101.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP2:ocfs2-kmp-default-4.4.121-92.101.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP2:ocfs2-kmp-default-4.4.121-92.101.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-BCL:kernel-default-4.4.121-92.101.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-BCL:kernel-default-base-4.4.121-92.101.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-BCL:kernel-default-devel-4.4.121-92.101.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-BCL:kernel-devel-4.4.121-92.101.1.noarch",
"SUSE Linux Enterprise Server 12 SP2-BCL:kernel-macros-4.4.121-92.101.1.noarch",
"SUSE Linux Enterprise Server 12 SP2-BCL:kernel-source-4.4.121-92.101.1.noarch",
"SUSE Linux Enterprise Server 12 SP2-BCL:kernel-syms-4.4.121-92.101.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-4.4.121-92.101.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-4.4.121-92.101.1.s390x",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-4.4.121-92.101.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-base-4.4.121-92.101.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-base-4.4.121-92.101.1.s390x",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-base-4.4.121-92.101.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-devel-4.4.121-92.101.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-devel-4.4.121-92.101.1.s390x",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-devel-4.4.121-92.101.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-man-4.4.121-92.101.1.s390x",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-devel-4.4.121-92.101.1.noarch",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-macros-4.4.121-92.101.1.noarch",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-source-4.4.121-92.101.1.noarch",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-syms-4.4.121-92.101.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-syms-4.4.121-92.101.1.s390x",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-syms-4.4.121-92.101.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kgraft-patch-4_4_121-92_101-default-1-3.3.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kgraft-patch-4_4_121-92_101-default-1-3.3.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-4.4.121-92.101.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-4.4.121-92.101.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-base-4.4.121-92.101.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-base-4.4.121-92.101.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-devel-4.4.121-92.101.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-devel-4.4.121-92.101.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-devel-4.4.121-92.101.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-macros-4.4.121-92.101.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-source-4.4.121-92.101.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-syms-4.4.121-92.101.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-syms-4.4.121-92.101.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kgraft-patch-4_4_121-92_101-default-1-3.3.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kgraft-patch-4_4_121-92_101-default-1-3.3.1.x86_64",
"SUSE OpenStack Cloud 7:kernel-default-4.4.121-92.101.1.s390x",
"SUSE OpenStack Cloud 7:kernel-default-4.4.121-92.101.1.x86_64",
"SUSE OpenStack Cloud 7:kernel-default-base-4.4.121-92.101.1.s390x",
"SUSE OpenStack Cloud 7:kernel-default-base-4.4.121-92.101.1.x86_64",
"SUSE OpenStack Cloud 7:kernel-default-devel-4.4.121-92.101.1.s390x",
"SUSE OpenStack Cloud 7:kernel-default-devel-4.4.121-92.101.1.x86_64",
"SUSE OpenStack Cloud 7:kernel-default-man-4.4.121-92.101.1.s390x",
"SUSE OpenStack Cloud 7:kernel-devel-4.4.121-92.101.1.noarch",
"SUSE OpenStack Cloud 7:kernel-macros-4.4.121-92.101.1.noarch",
"SUSE OpenStack Cloud 7:kernel-source-4.4.121-92.101.1.noarch",
"SUSE OpenStack Cloud 7:kernel-syms-4.4.121-92.101.1.s390x",
"SUSE OpenStack Cloud 7:kernel-syms-4.4.121-92.101.1.x86_64",
"SUSE OpenStack Cloud 7:kgraft-patch-4_4_121-92_101-default-1-3.3.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.0"
},
"products": [
"SUSE Enterprise Storage 4:kernel-default-4.4.121-92.101.1.x86_64",
"SUSE Enterprise Storage 4:kernel-default-base-4.4.121-92.101.1.x86_64",
"SUSE Enterprise Storage 4:kernel-default-devel-4.4.121-92.101.1.x86_64",
"SUSE Enterprise Storage 4:kernel-devel-4.4.121-92.101.1.noarch",
"SUSE Enterprise Storage 4:kernel-macros-4.4.121-92.101.1.noarch",
"SUSE Enterprise Storage 4:kernel-source-4.4.121-92.101.1.noarch",
"SUSE Enterprise Storage 4:kernel-syms-4.4.121-92.101.1.x86_64",
"SUSE Enterprise Storage 4:kgraft-patch-4_4_121-92_101-default-1-3.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP2:cluster-md-kmp-default-4.4.121-92.101.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP2:cluster-md-kmp-default-4.4.121-92.101.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP2:cluster-md-kmp-default-4.4.121-92.101.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP2:cluster-network-kmp-default-4.4.121-92.101.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP2:cluster-network-kmp-default-4.4.121-92.101.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP2:cluster-network-kmp-default-4.4.121-92.101.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP2:dlm-kmp-default-4.4.121-92.101.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP2:dlm-kmp-default-4.4.121-92.101.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP2:dlm-kmp-default-4.4.121-92.101.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP2:gfs2-kmp-default-4.4.121-92.101.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP2:gfs2-kmp-default-4.4.121-92.101.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP2:gfs2-kmp-default-4.4.121-92.101.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP2:ocfs2-kmp-default-4.4.121-92.101.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP2:ocfs2-kmp-default-4.4.121-92.101.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP2:ocfs2-kmp-default-4.4.121-92.101.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-BCL:kernel-default-4.4.121-92.101.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-BCL:kernel-default-base-4.4.121-92.101.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-BCL:kernel-default-devel-4.4.121-92.101.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-BCL:kernel-devel-4.4.121-92.101.1.noarch",
"SUSE Linux Enterprise Server 12 SP2-BCL:kernel-macros-4.4.121-92.101.1.noarch",
"SUSE Linux Enterprise Server 12 SP2-BCL:kernel-source-4.4.121-92.101.1.noarch",
"SUSE Linux Enterprise Server 12 SP2-BCL:kernel-syms-4.4.121-92.101.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-4.4.121-92.101.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-4.4.121-92.101.1.s390x",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-4.4.121-92.101.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-base-4.4.121-92.101.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-base-4.4.121-92.101.1.s390x",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-base-4.4.121-92.101.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-devel-4.4.121-92.101.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-devel-4.4.121-92.101.1.s390x",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-devel-4.4.121-92.101.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-man-4.4.121-92.101.1.s390x",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-devel-4.4.121-92.101.1.noarch",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-macros-4.4.121-92.101.1.noarch",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-source-4.4.121-92.101.1.noarch",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-syms-4.4.121-92.101.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-syms-4.4.121-92.101.1.s390x",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-syms-4.4.121-92.101.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kgraft-patch-4_4_121-92_101-default-1-3.3.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kgraft-patch-4_4_121-92_101-default-1-3.3.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-4.4.121-92.101.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-4.4.121-92.101.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-base-4.4.121-92.101.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-base-4.4.121-92.101.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-devel-4.4.121-92.101.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-devel-4.4.121-92.101.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-devel-4.4.121-92.101.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-macros-4.4.121-92.101.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-source-4.4.121-92.101.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-syms-4.4.121-92.101.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-syms-4.4.121-92.101.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kgraft-patch-4_4_121-92_101-default-1-3.3.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kgraft-patch-4_4_121-92_101-default-1-3.3.1.x86_64",
"SUSE OpenStack Cloud 7:kernel-default-4.4.121-92.101.1.s390x",
"SUSE OpenStack Cloud 7:kernel-default-4.4.121-92.101.1.x86_64",
"SUSE OpenStack Cloud 7:kernel-default-base-4.4.121-92.101.1.s390x",
"SUSE OpenStack Cloud 7:kernel-default-base-4.4.121-92.101.1.x86_64",
"SUSE OpenStack Cloud 7:kernel-default-devel-4.4.121-92.101.1.s390x",
"SUSE OpenStack Cloud 7:kernel-default-devel-4.4.121-92.101.1.x86_64",
"SUSE OpenStack Cloud 7:kernel-default-man-4.4.121-92.101.1.s390x",
"SUSE OpenStack Cloud 7:kernel-devel-4.4.121-92.101.1.noarch",
"SUSE OpenStack Cloud 7:kernel-macros-4.4.121-92.101.1.noarch",
"SUSE OpenStack Cloud 7:kernel-source-4.4.121-92.101.1.noarch",
"SUSE OpenStack Cloud 7:kernel-syms-4.4.121-92.101.1.s390x",
"SUSE OpenStack Cloud 7:kernel-syms-4.4.121-92.101.1.x86_64",
"SUSE OpenStack Cloud 7:kgraft-patch-4_4_121-92_101-default-1-3.3.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2019-02-19T14:35:53Z",
"details": "moderate"
}
],
"title": "CVE-2018-18690"
},
{
"cve": "CVE-2018-18710",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2018-18710"
}
],
"notes": [
{
"category": "general",
"text": "An issue was discovered in the Linux kernel through 4.19. An information leak in cdrom_ioctl_select_disc in drivers/cdrom/cdrom.c could be used by local attackers to read kernel memory because a cast from unsigned long to int interferes with bounds checking. This is similar to CVE-2018-10940 and CVE-2018-16658.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Enterprise Storage 4:kernel-default-4.4.121-92.101.1.x86_64",
"SUSE Enterprise Storage 4:kernel-default-base-4.4.121-92.101.1.x86_64",
"SUSE Enterprise Storage 4:kernel-default-devel-4.4.121-92.101.1.x86_64",
"SUSE Enterprise Storage 4:kernel-devel-4.4.121-92.101.1.noarch",
"SUSE Enterprise Storage 4:kernel-macros-4.4.121-92.101.1.noarch",
"SUSE Enterprise Storage 4:kernel-source-4.4.121-92.101.1.noarch",
"SUSE Enterprise Storage 4:kernel-syms-4.4.121-92.101.1.x86_64",
"SUSE Enterprise Storage 4:kgraft-patch-4_4_121-92_101-default-1-3.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP2:cluster-md-kmp-default-4.4.121-92.101.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP2:cluster-md-kmp-default-4.4.121-92.101.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP2:cluster-md-kmp-default-4.4.121-92.101.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP2:cluster-network-kmp-default-4.4.121-92.101.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP2:cluster-network-kmp-default-4.4.121-92.101.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP2:cluster-network-kmp-default-4.4.121-92.101.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP2:dlm-kmp-default-4.4.121-92.101.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP2:dlm-kmp-default-4.4.121-92.101.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP2:dlm-kmp-default-4.4.121-92.101.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP2:gfs2-kmp-default-4.4.121-92.101.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP2:gfs2-kmp-default-4.4.121-92.101.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP2:gfs2-kmp-default-4.4.121-92.101.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP2:ocfs2-kmp-default-4.4.121-92.101.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP2:ocfs2-kmp-default-4.4.121-92.101.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP2:ocfs2-kmp-default-4.4.121-92.101.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-BCL:kernel-default-4.4.121-92.101.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-BCL:kernel-default-base-4.4.121-92.101.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-BCL:kernel-default-devel-4.4.121-92.101.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-BCL:kernel-devel-4.4.121-92.101.1.noarch",
"SUSE Linux Enterprise Server 12 SP2-BCL:kernel-macros-4.4.121-92.101.1.noarch",
"SUSE Linux Enterprise Server 12 SP2-BCL:kernel-source-4.4.121-92.101.1.noarch",
"SUSE Linux Enterprise Server 12 SP2-BCL:kernel-syms-4.4.121-92.101.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-4.4.121-92.101.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-4.4.121-92.101.1.s390x",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-4.4.121-92.101.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-base-4.4.121-92.101.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-base-4.4.121-92.101.1.s390x",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-base-4.4.121-92.101.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-devel-4.4.121-92.101.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-devel-4.4.121-92.101.1.s390x",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-devel-4.4.121-92.101.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-man-4.4.121-92.101.1.s390x",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-devel-4.4.121-92.101.1.noarch",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-macros-4.4.121-92.101.1.noarch",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-source-4.4.121-92.101.1.noarch",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-syms-4.4.121-92.101.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-syms-4.4.121-92.101.1.s390x",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-syms-4.4.121-92.101.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kgraft-patch-4_4_121-92_101-default-1-3.3.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kgraft-patch-4_4_121-92_101-default-1-3.3.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-4.4.121-92.101.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-4.4.121-92.101.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-base-4.4.121-92.101.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-base-4.4.121-92.101.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-devel-4.4.121-92.101.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-devel-4.4.121-92.101.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-devel-4.4.121-92.101.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-macros-4.4.121-92.101.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-source-4.4.121-92.101.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-syms-4.4.121-92.101.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-syms-4.4.121-92.101.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kgraft-patch-4_4_121-92_101-default-1-3.3.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kgraft-patch-4_4_121-92_101-default-1-3.3.1.x86_64",
"SUSE OpenStack Cloud 7:kernel-default-4.4.121-92.101.1.s390x",
"SUSE OpenStack Cloud 7:kernel-default-4.4.121-92.101.1.x86_64",
"SUSE OpenStack Cloud 7:kernel-default-base-4.4.121-92.101.1.s390x",
"SUSE OpenStack Cloud 7:kernel-default-base-4.4.121-92.101.1.x86_64",
"SUSE OpenStack Cloud 7:kernel-default-devel-4.4.121-92.101.1.s390x",
"SUSE OpenStack Cloud 7:kernel-default-devel-4.4.121-92.101.1.x86_64",
"SUSE OpenStack Cloud 7:kernel-default-man-4.4.121-92.101.1.s390x",
"SUSE OpenStack Cloud 7:kernel-devel-4.4.121-92.101.1.noarch",
"SUSE OpenStack Cloud 7:kernel-macros-4.4.121-92.101.1.noarch",
"SUSE OpenStack Cloud 7:kernel-source-4.4.121-92.101.1.noarch",
"SUSE OpenStack Cloud 7:kernel-syms-4.4.121-92.101.1.s390x",
"SUSE OpenStack Cloud 7:kernel-syms-4.4.121-92.101.1.x86_64",
"SUSE OpenStack Cloud 7:kgraft-patch-4_4_121-92_101-default-1-3.3.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2018-18710",
"url": "https://www.suse.com/security/cve/CVE-2018-18710"
},
{
"category": "external",
"summary": "SUSE Bug 1113751 for CVE-2018-18710",
"url": "https://bugzilla.suse.com/1113751"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Enterprise Storage 4:kernel-default-4.4.121-92.101.1.x86_64",
"SUSE Enterprise Storage 4:kernel-default-base-4.4.121-92.101.1.x86_64",
"SUSE Enterprise Storage 4:kernel-default-devel-4.4.121-92.101.1.x86_64",
"SUSE Enterprise Storage 4:kernel-devel-4.4.121-92.101.1.noarch",
"SUSE Enterprise Storage 4:kernel-macros-4.4.121-92.101.1.noarch",
"SUSE Enterprise Storage 4:kernel-source-4.4.121-92.101.1.noarch",
"SUSE Enterprise Storage 4:kernel-syms-4.4.121-92.101.1.x86_64",
"SUSE Enterprise Storage 4:kgraft-patch-4_4_121-92_101-default-1-3.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP2:cluster-md-kmp-default-4.4.121-92.101.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP2:cluster-md-kmp-default-4.4.121-92.101.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP2:cluster-md-kmp-default-4.4.121-92.101.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP2:cluster-network-kmp-default-4.4.121-92.101.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP2:cluster-network-kmp-default-4.4.121-92.101.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP2:cluster-network-kmp-default-4.4.121-92.101.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP2:dlm-kmp-default-4.4.121-92.101.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP2:dlm-kmp-default-4.4.121-92.101.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP2:dlm-kmp-default-4.4.121-92.101.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP2:gfs2-kmp-default-4.4.121-92.101.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP2:gfs2-kmp-default-4.4.121-92.101.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP2:gfs2-kmp-default-4.4.121-92.101.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP2:ocfs2-kmp-default-4.4.121-92.101.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP2:ocfs2-kmp-default-4.4.121-92.101.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP2:ocfs2-kmp-default-4.4.121-92.101.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-BCL:kernel-default-4.4.121-92.101.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-BCL:kernel-default-base-4.4.121-92.101.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-BCL:kernel-default-devel-4.4.121-92.101.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-BCL:kernel-devel-4.4.121-92.101.1.noarch",
"SUSE Linux Enterprise Server 12 SP2-BCL:kernel-macros-4.4.121-92.101.1.noarch",
"SUSE Linux Enterprise Server 12 SP2-BCL:kernel-source-4.4.121-92.101.1.noarch",
"SUSE Linux Enterprise Server 12 SP2-BCL:kernel-syms-4.4.121-92.101.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-4.4.121-92.101.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-4.4.121-92.101.1.s390x",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-4.4.121-92.101.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-base-4.4.121-92.101.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-base-4.4.121-92.101.1.s390x",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-base-4.4.121-92.101.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-devel-4.4.121-92.101.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-devel-4.4.121-92.101.1.s390x",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-devel-4.4.121-92.101.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-man-4.4.121-92.101.1.s390x",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-devel-4.4.121-92.101.1.noarch",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-macros-4.4.121-92.101.1.noarch",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-source-4.4.121-92.101.1.noarch",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-syms-4.4.121-92.101.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-syms-4.4.121-92.101.1.s390x",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-syms-4.4.121-92.101.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kgraft-patch-4_4_121-92_101-default-1-3.3.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kgraft-patch-4_4_121-92_101-default-1-3.3.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-4.4.121-92.101.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-4.4.121-92.101.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-base-4.4.121-92.101.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-base-4.4.121-92.101.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-devel-4.4.121-92.101.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-devel-4.4.121-92.101.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-devel-4.4.121-92.101.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-macros-4.4.121-92.101.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-source-4.4.121-92.101.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-syms-4.4.121-92.101.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-syms-4.4.121-92.101.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kgraft-patch-4_4_121-92_101-default-1-3.3.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kgraft-patch-4_4_121-92_101-default-1-3.3.1.x86_64",
"SUSE OpenStack Cloud 7:kernel-default-4.4.121-92.101.1.s390x",
"SUSE OpenStack Cloud 7:kernel-default-4.4.121-92.101.1.x86_64",
"SUSE OpenStack Cloud 7:kernel-default-base-4.4.121-92.101.1.s390x",
"SUSE OpenStack Cloud 7:kernel-default-base-4.4.121-92.101.1.x86_64",
"SUSE OpenStack Cloud 7:kernel-default-devel-4.4.121-92.101.1.s390x",
"SUSE OpenStack Cloud 7:kernel-default-devel-4.4.121-92.101.1.x86_64",
"SUSE OpenStack Cloud 7:kernel-default-man-4.4.121-92.101.1.s390x",
"SUSE OpenStack Cloud 7:kernel-devel-4.4.121-92.101.1.noarch",
"SUSE OpenStack Cloud 7:kernel-macros-4.4.121-92.101.1.noarch",
"SUSE OpenStack Cloud 7:kernel-source-4.4.121-92.101.1.noarch",
"SUSE OpenStack Cloud 7:kernel-syms-4.4.121-92.101.1.s390x",
"SUSE OpenStack Cloud 7:kernel-syms-4.4.121-92.101.1.x86_64",
"SUSE OpenStack Cloud 7:kgraft-patch-4_4_121-92_101-default-1-3.3.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",
"version": "3.0"
},
"products": [
"SUSE Enterprise Storage 4:kernel-default-4.4.121-92.101.1.x86_64",
"SUSE Enterprise Storage 4:kernel-default-base-4.4.121-92.101.1.x86_64",
"SUSE Enterprise Storage 4:kernel-default-devel-4.4.121-92.101.1.x86_64",
"SUSE Enterprise Storage 4:kernel-devel-4.4.121-92.101.1.noarch",
"SUSE Enterprise Storage 4:kernel-macros-4.4.121-92.101.1.noarch",
"SUSE Enterprise Storage 4:kernel-source-4.4.121-92.101.1.noarch",
"SUSE Enterprise Storage 4:kernel-syms-4.4.121-92.101.1.x86_64",
"SUSE Enterprise Storage 4:kgraft-patch-4_4_121-92_101-default-1-3.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP2:cluster-md-kmp-default-4.4.121-92.101.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP2:cluster-md-kmp-default-4.4.121-92.101.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP2:cluster-md-kmp-default-4.4.121-92.101.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP2:cluster-network-kmp-default-4.4.121-92.101.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP2:cluster-network-kmp-default-4.4.121-92.101.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP2:cluster-network-kmp-default-4.4.121-92.101.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP2:dlm-kmp-default-4.4.121-92.101.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP2:dlm-kmp-default-4.4.121-92.101.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP2:dlm-kmp-default-4.4.121-92.101.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP2:gfs2-kmp-default-4.4.121-92.101.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP2:gfs2-kmp-default-4.4.121-92.101.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP2:gfs2-kmp-default-4.4.121-92.101.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP2:ocfs2-kmp-default-4.4.121-92.101.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP2:ocfs2-kmp-default-4.4.121-92.101.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP2:ocfs2-kmp-default-4.4.121-92.101.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-BCL:kernel-default-4.4.121-92.101.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-BCL:kernel-default-base-4.4.121-92.101.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-BCL:kernel-default-devel-4.4.121-92.101.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-BCL:kernel-devel-4.4.121-92.101.1.noarch",
"SUSE Linux Enterprise Server 12 SP2-BCL:kernel-macros-4.4.121-92.101.1.noarch",
"SUSE Linux Enterprise Server 12 SP2-BCL:kernel-source-4.4.121-92.101.1.noarch",
"SUSE Linux Enterprise Server 12 SP2-BCL:kernel-syms-4.4.121-92.101.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-4.4.121-92.101.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-4.4.121-92.101.1.s390x",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-4.4.121-92.101.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-base-4.4.121-92.101.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-base-4.4.121-92.101.1.s390x",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-base-4.4.121-92.101.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-devel-4.4.121-92.101.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-devel-4.4.121-92.101.1.s390x",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-devel-4.4.121-92.101.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-man-4.4.121-92.101.1.s390x",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-devel-4.4.121-92.101.1.noarch",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-macros-4.4.121-92.101.1.noarch",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-source-4.4.121-92.101.1.noarch",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-syms-4.4.121-92.101.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-syms-4.4.121-92.101.1.s390x",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-syms-4.4.121-92.101.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kgraft-patch-4_4_121-92_101-default-1-3.3.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kgraft-patch-4_4_121-92_101-default-1-3.3.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-4.4.121-92.101.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-4.4.121-92.101.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-base-4.4.121-92.101.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-base-4.4.121-92.101.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-devel-4.4.121-92.101.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-devel-4.4.121-92.101.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-devel-4.4.121-92.101.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-macros-4.4.121-92.101.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-source-4.4.121-92.101.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-syms-4.4.121-92.101.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-syms-4.4.121-92.101.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kgraft-patch-4_4_121-92_101-default-1-3.3.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kgraft-patch-4_4_121-92_101-default-1-3.3.1.x86_64",
"SUSE OpenStack Cloud 7:kernel-default-4.4.121-92.101.1.s390x",
"SUSE OpenStack Cloud 7:kernel-default-4.4.121-92.101.1.x86_64",
"SUSE OpenStack Cloud 7:kernel-default-base-4.4.121-92.101.1.s390x",
"SUSE OpenStack Cloud 7:kernel-default-base-4.4.121-92.101.1.x86_64",
"SUSE OpenStack Cloud 7:kernel-default-devel-4.4.121-92.101.1.s390x",
"SUSE OpenStack Cloud 7:kernel-default-devel-4.4.121-92.101.1.x86_64",
"SUSE OpenStack Cloud 7:kernel-default-man-4.4.121-92.101.1.s390x",
"SUSE OpenStack Cloud 7:kernel-devel-4.4.121-92.101.1.noarch",
"SUSE OpenStack Cloud 7:kernel-macros-4.4.121-92.101.1.noarch",
"SUSE OpenStack Cloud 7:kernel-source-4.4.121-92.101.1.noarch",
"SUSE OpenStack Cloud 7:kernel-syms-4.4.121-92.101.1.s390x",
"SUSE OpenStack Cloud 7:kernel-syms-4.4.121-92.101.1.x86_64",
"SUSE OpenStack Cloud 7:kgraft-patch-4_4_121-92_101-default-1-3.3.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2019-02-19T14:35:53Z",
"details": "moderate"
}
],
"title": "CVE-2018-18710"
},
{
"cve": "CVE-2018-19824",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2018-19824"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel through 4.19.6, a local user could exploit a use-after-free in the ALSA driver by supplying a malicious USB Sound device (with zero interfaces) that is mishandled in usb_audio_probe in sound/usb/card.c.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Enterprise Storage 4:kernel-default-4.4.121-92.101.1.x86_64",
"SUSE Enterprise Storage 4:kernel-default-base-4.4.121-92.101.1.x86_64",
"SUSE Enterprise Storage 4:kernel-default-devel-4.4.121-92.101.1.x86_64",
"SUSE Enterprise Storage 4:kernel-devel-4.4.121-92.101.1.noarch",
"SUSE Enterprise Storage 4:kernel-macros-4.4.121-92.101.1.noarch",
"SUSE Enterprise Storage 4:kernel-source-4.4.121-92.101.1.noarch",
"SUSE Enterprise Storage 4:kernel-syms-4.4.121-92.101.1.x86_64",
"SUSE Enterprise Storage 4:kgraft-patch-4_4_121-92_101-default-1-3.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP2:cluster-md-kmp-default-4.4.121-92.101.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP2:cluster-md-kmp-default-4.4.121-92.101.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP2:cluster-md-kmp-default-4.4.121-92.101.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP2:cluster-network-kmp-default-4.4.121-92.101.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP2:cluster-network-kmp-default-4.4.121-92.101.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP2:cluster-network-kmp-default-4.4.121-92.101.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP2:dlm-kmp-default-4.4.121-92.101.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP2:dlm-kmp-default-4.4.121-92.101.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP2:dlm-kmp-default-4.4.121-92.101.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP2:gfs2-kmp-default-4.4.121-92.101.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP2:gfs2-kmp-default-4.4.121-92.101.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP2:gfs2-kmp-default-4.4.121-92.101.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP2:ocfs2-kmp-default-4.4.121-92.101.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP2:ocfs2-kmp-default-4.4.121-92.101.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP2:ocfs2-kmp-default-4.4.121-92.101.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-BCL:kernel-default-4.4.121-92.101.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-BCL:kernel-default-base-4.4.121-92.101.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-BCL:kernel-default-devel-4.4.121-92.101.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-BCL:kernel-devel-4.4.121-92.101.1.noarch",
"SUSE Linux Enterprise Server 12 SP2-BCL:kernel-macros-4.4.121-92.101.1.noarch",
"SUSE Linux Enterprise Server 12 SP2-BCL:kernel-source-4.4.121-92.101.1.noarch",
"SUSE Linux Enterprise Server 12 SP2-BCL:kernel-syms-4.4.121-92.101.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-4.4.121-92.101.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-4.4.121-92.101.1.s390x",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-4.4.121-92.101.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-base-4.4.121-92.101.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-base-4.4.121-92.101.1.s390x",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-base-4.4.121-92.101.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-devel-4.4.121-92.101.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-devel-4.4.121-92.101.1.s390x",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-devel-4.4.121-92.101.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-man-4.4.121-92.101.1.s390x",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-devel-4.4.121-92.101.1.noarch",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-macros-4.4.121-92.101.1.noarch",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-source-4.4.121-92.101.1.noarch",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-syms-4.4.121-92.101.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-syms-4.4.121-92.101.1.s390x",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-syms-4.4.121-92.101.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kgraft-patch-4_4_121-92_101-default-1-3.3.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kgraft-patch-4_4_121-92_101-default-1-3.3.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-4.4.121-92.101.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-4.4.121-92.101.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-base-4.4.121-92.101.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-base-4.4.121-92.101.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-devel-4.4.121-92.101.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-devel-4.4.121-92.101.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-devel-4.4.121-92.101.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-macros-4.4.121-92.101.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-source-4.4.121-92.101.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-syms-4.4.121-92.101.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-syms-4.4.121-92.101.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kgraft-patch-4_4_121-92_101-default-1-3.3.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kgraft-patch-4_4_121-92_101-default-1-3.3.1.x86_64",
"SUSE OpenStack Cloud 7:kernel-default-4.4.121-92.101.1.s390x",
"SUSE OpenStack Cloud 7:kernel-default-4.4.121-92.101.1.x86_64",
"SUSE OpenStack Cloud 7:kernel-default-base-4.4.121-92.101.1.s390x",
"SUSE OpenStack Cloud 7:kernel-default-base-4.4.121-92.101.1.x86_64",
"SUSE OpenStack Cloud 7:kernel-default-devel-4.4.121-92.101.1.s390x",
"SUSE OpenStack Cloud 7:kernel-default-devel-4.4.121-92.101.1.x86_64",
"SUSE OpenStack Cloud 7:kernel-default-man-4.4.121-92.101.1.s390x",
"SUSE OpenStack Cloud 7:kernel-devel-4.4.121-92.101.1.noarch",
"SUSE OpenStack Cloud 7:kernel-macros-4.4.121-92.101.1.noarch",
"SUSE OpenStack Cloud 7:kernel-source-4.4.121-92.101.1.noarch",
"SUSE OpenStack Cloud 7:kernel-syms-4.4.121-92.101.1.s390x",
"SUSE OpenStack Cloud 7:kernel-syms-4.4.121-92.101.1.x86_64",
"SUSE OpenStack Cloud 7:kgraft-patch-4_4_121-92_101-default-1-3.3.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2018-19824",
"url": "https://www.suse.com/security/cve/CVE-2018-19824"
},
{
"category": "external",
"summary": "SUSE Bug 1118152 for CVE-2018-19824",
"url": "https://bugzilla.suse.com/1118152"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Enterprise Storage 4:kernel-default-4.4.121-92.101.1.x86_64",
"SUSE Enterprise Storage 4:kernel-default-base-4.4.121-92.101.1.x86_64",
"SUSE Enterprise Storage 4:kernel-default-devel-4.4.121-92.101.1.x86_64",
"SUSE Enterprise Storage 4:kernel-devel-4.4.121-92.101.1.noarch",
"SUSE Enterprise Storage 4:kernel-macros-4.4.121-92.101.1.noarch",
"SUSE Enterprise Storage 4:kernel-source-4.4.121-92.101.1.noarch",
"SUSE Enterprise Storage 4:kernel-syms-4.4.121-92.101.1.x86_64",
"SUSE Enterprise Storage 4:kgraft-patch-4_4_121-92_101-default-1-3.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP2:cluster-md-kmp-default-4.4.121-92.101.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP2:cluster-md-kmp-default-4.4.121-92.101.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP2:cluster-md-kmp-default-4.4.121-92.101.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP2:cluster-network-kmp-default-4.4.121-92.101.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP2:cluster-network-kmp-default-4.4.121-92.101.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP2:cluster-network-kmp-default-4.4.121-92.101.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP2:dlm-kmp-default-4.4.121-92.101.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP2:dlm-kmp-default-4.4.121-92.101.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP2:dlm-kmp-default-4.4.121-92.101.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP2:gfs2-kmp-default-4.4.121-92.101.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP2:gfs2-kmp-default-4.4.121-92.101.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP2:gfs2-kmp-default-4.4.121-92.101.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP2:ocfs2-kmp-default-4.4.121-92.101.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP2:ocfs2-kmp-default-4.4.121-92.101.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP2:ocfs2-kmp-default-4.4.121-92.101.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-BCL:kernel-default-4.4.121-92.101.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-BCL:kernel-default-base-4.4.121-92.101.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-BCL:kernel-default-devel-4.4.121-92.101.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-BCL:kernel-devel-4.4.121-92.101.1.noarch",
"SUSE Linux Enterprise Server 12 SP2-BCL:kernel-macros-4.4.121-92.101.1.noarch",
"SUSE Linux Enterprise Server 12 SP2-BCL:kernel-source-4.4.121-92.101.1.noarch",
"SUSE Linux Enterprise Server 12 SP2-BCL:kernel-syms-4.4.121-92.101.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-4.4.121-92.101.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-4.4.121-92.101.1.s390x",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-4.4.121-92.101.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-base-4.4.121-92.101.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-base-4.4.121-92.101.1.s390x",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-base-4.4.121-92.101.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-devel-4.4.121-92.101.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-devel-4.4.121-92.101.1.s390x",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-devel-4.4.121-92.101.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-man-4.4.121-92.101.1.s390x",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-devel-4.4.121-92.101.1.noarch",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-macros-4.4.121-92.101.1.noarch",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-source-4.4.121-92.101.1.noarch",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-syms-4.4.121-92.101.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-syms-4.4.121-92.101.1.s390x",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-syms-4.4.121-92.101.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kgraft-patch-4_4_121-92_101-default-1-3.3.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kgraft-patch-4_4_121-92_101-default-1-3.3.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-4.4.121-92.101.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-4.4.121-92.101.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-base-4.4.121-92.101.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-base-4.4.121-92.101.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-devel-4.4.121-92.101.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-devel-4.4.121-92.101.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-devel-4.4.121-92.101.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-macros-4.4.121-92.101.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-source-4.4.121-92.101.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-syms-4.4.121-92.101.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-syms-4.4.121-92.101.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kgraft-patch-4_4_121-92_101-default-1-3.3.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kgraft-patch-4_4_121-92_101-default-1-3.3.1.x86_64",
"SUSE OpenStack Cloud 7:kernel-default-4.4.121-92.101.1.s390x",
"SUSE OpenStack Cloud 7:kernel-default-4.4.121-92.101.1.x86_64",
"SUSE OpenStack Cloud 7:kernel-default-base-4.4.121-92.101.1.s390x",
"SUSE OpenStack Cloud 7:kernel-default-base-4.4.121-92.101.1.x86_64",
"SUSE OpenStack Cloud 7:kernel-default-devel-4.4.121-92.101.1.s390x",
"SUSE OpenStack Cloud 7:kernel-default-devel-4.4.121-92.101.1.x86_64",
"SUSE OpenStack Cloud 7:kernel-default-man-4.4.121-92.101.1.s390x",
"SUSE OpenStack Cloud 7:kernel-devel-4.4.121-92.101.1.noarch",
"SUSE OpenStack Cloud 7:kernel-macros-4.4.121-92.101.1.noarch",
"SUSE OpenStack Cloud 7:kernel-source-4.4.121-92.101.1.noarch",
"SUSE OpenStack Cloud 7:kernel-syms-4.4.121-92.101.1.s390x",
"SUSE OpenStack Cloud 7:kernel-syms-4.4.121-92.101.1.x86_64",
"SUSE OpenStack Cloud 7:kgraft-patch-4_4_121-92_101-default-1-3.3.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.6,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.0/AV:P/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"products": [
"SUSE Enterprise Storage 4:kernel-default-4.4.121-92.101.1.x86_64",
"SUSE Enterprise Storage 4:kernel-default-base-4.4.121-92.101.1.x86_64",
"SUSE Enterprise Storage 4:kernel-default-devel-4.4.121-92.101.1.x86_64",
"SUSE Enterprise Storage 4:kernel-devel-4.4.121-92.101.1.noarch",
"SUSE Enterprise Storage 4:kernel-macros-4.4.121-92.101.1.noarch",
"SUSE Enterprise Storage 4:kernel-source-4.4.121-92.101.1.noarch",
"SUSE Enterprise Storage 4:kernel-syms-4.4.121-92.101.1.x86_64",
"SUSE Enterprise Storage 4:kgraft-patch-4_4_121-92_101-default-1-3.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP2:cluster-md-kmp-default-4.4.121-92.101.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP2:cluster-md-kmp-default-4.4.121-92.101.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP2:cluster-md-kmp-default-4.4.121-92.101.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP2:cluster-network-kmp-default-4.4.121-92.101.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP2:cluster-network-kmp-default-4.4.121-92.101.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP2:cluster-network-kmp-default-4.4.121-92.101.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP2:dlm-kmp-default-4.4.121-92.101.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP2:dlm-kmp-default-4.4.121-92.101.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP2:dlm-kmp-default-4.4.121-92.101.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP2:gfs2-kmp-default-4.4.121-92.101.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP2:gfs2-kmp-default-4.4.121-92.101.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP2:gfs2-kmp-default-4.4.121-92.101.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP2:ocfs2-kmp-default-4.4.121-92.101.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP2:ocfs2-kmp-default-4.4.121-92.101.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP2:ocfs2-kmp-default-4.4.121-92.101.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-BCL:kernel-default-4.4.121-92.101.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-BCL:kernel-default-base-4.4.121-92.101.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-BCL:kernel-default-devel-4.4.121-92.101.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-BCL:kernel-devel-4.4.121-92.101.1.noarch",
"SUSE Linux Enterprise Server 12 SP2-BCL:kernel-macros-4.4.121-92.101.1.noarch",
"SUSE Linux Enterprise Server 12 SP2-BCL:kernel-source-4.4.121-92.101.1.noarch",
"SUSE Linux Enterprise Server 12 SP2-BCL:kernel-syms-4.4.121-92.101.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-4.4.121-92.101.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-4.4.121-92.101.1.s390x",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-4.4.121-92.101.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-base-4.4.121-92.101.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-base-4.4.121-92.101.1.s390x",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-base-4.4.121-92.101.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-devel-4.4.121-92.101.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-devel-4.4.121-92.101.1.s390x",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-devel-4.4.121-92.101.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-man-4.4.121-92.101.1.s390x",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-devel-4.4.121-92.101.1.noarch",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-macros-4.4.121-92.101.1.noarch",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-source-4.4.121-92.101.1.noarch",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-syms-4.4.121-92.101.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-syms-4.4.121-92.101.1.s390x",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-syms-4.4.121-92.101.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kgraft-patch-4_4_121-92_101-default-1-3.3.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kgraft-patch-4_4_121-92_101-default-1-3.3.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-4.4.121-92.101.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-4.4.121-92.101.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-base-4.4.121-92.101.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-base-4.4.121-92.101.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-devel-4.4.121-92.101.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-devel-4.4.121-92.101.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-devel-4.4.121-92.101.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-macros-4.4.121-92.101.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-source-4.4.121-92.101.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-syms-4.4.121-92.101.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-syms-4.4.121-92.101.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kgraft-patch-4_4_121-92_101-default-1-3.3.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kgraft-patch-4_4_121-92_101-default-1-3.3.1.x86_64",
"SUSE OpenStack Cloud 7:kernel-default-4.4.121-92.101.1.s390x",
"SUSE OpenStack Cloud 7:kernel-default-4.4.121-92.101.1.x86_64",
"SUSE OpenStack Cloud 7:kernel-default-base-4.4.121-92.101.1.s390x",
"SUSE OpenStack Cloud 7:kernel-default-base-4.4.121-92.101.1.x86_64",
"SUSE OpenStack Cloud 7:kernel-default-devel-4.4.121-92.101.1.s390x",
"SUSE OpenStack Cloud 7:kernel-default-devel-4.4.121-92.101.1.x86_64",
"SUSE OpenStack Cloud 7:kernel-default-man-4.4.121-92.101.1.s390x",
"SUSE OpenStack Cloud 7:kernel-devel-4.4.121-92.101.1.noarch",
"SUSE OpenStack Cloud 7:kernel-macros-4.4.121-92.101.1.noarch",
"SUSE OpenStack Cloud 7:kernel-source-4.4.121-92.101.1.noarch",
"SUSE OpenStack Cloud 7:kernel-syms-4.4.121-92.101.1.s390x",
"SUSE OpenStack Cloud 7:kernel-syms-4.4.121-92.101.1.x86_64",
"SUSE OpenStack Cloud 7:kgraft-patch-4_4_121-92_101-default-1-3.3.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2019-02-19T14:35:53Z",
"details": "moderate"
}
],
"title": "CVE-2018-19824"
},
{
"cve": "CVE-2018-19985",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2018-19985"
}
],
"notes": [
{
"category": "general",
"text": "The function hso_get_config_data in drivers/net/usb/hso.c in the Linux kernel through 4.19.8 reads if_num from the USB device (as a u8) and uses it to index a small array, resulting in an object out-of-bounds (OOB) read that potentially allows arbitrary read in the kernel address space.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Enterprise Storage 4:kernel-default-4.4.121-92.101.1.x86_64",
"SUSE Enterprise Storage 4:kernel-default-base-4.4.121-92.101.1.x86_64",
"SUSE Enterprise Storage 4:kernel-default-devel-4.4.121-92.101.1.x86_64",
"SUSE Enterprise Storage 4:kernel-devel-4.4.121-92.101.1.noarch",
"SUSE Enterprise Storage 4:kernel-macros-4.4.121-92.101.1.noarch",
"SUSE Enterprise Storage 4:kernel-source-4.4.121-92.101.1.noarch",
"SUSE Enterprise Storage 4:kernel-syms-4.4.121-92.101.1.x86_64",
"SUSE Enterprise Storage 4:kgraft-patch-4_4_121-92_101-default-1-3.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP2:cluster-md-kmp-default-4.4.121-92.101.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP2:cluster-md-kmp-default-4.4.121-92.101.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP2:cluster-md-kmp-default-4.4.121-92.101.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP2:cluster-network-kmp-default-4.4.121-92.101.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP2:cluster-network-kmp-default-4.4.121-92.101.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP2:cluster-network-kmp-default-4.4.121-92.101.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP2:dlm-kmp-default-4.4.121-92.101.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP2:dlm-kmp-default-4.4.121-92.101.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP2:dlm-kmp-default-4.4.121-92.101.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP2:gfs2-kmp-default-4.4.121-92.101.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP2:gfs2-kmp-default-4.4.121-92.101.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP2:gfs2-kmp-default-4.4.121-92.101.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP2:ocfs2-kmp-default-4.4.121-92.101.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP2:ocfs2-kmp-default-4.4.121-92.101.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP2:ocfs2-kmp-default-4.4.121-92.101.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-BCL:kernel-default-4.4.121-92.101.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-BCL:kernel-default-base-4.4.121-92.101.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-BCL:kernel-default-devel-4.4.121-92.101.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-BCL:kernel-devel-4.4.121-92.101.1.noarch",
"SUSE Linux Enterprise Server 12 SP2-BCL:kernel-macros-4.4.121-92.101.1.noarch",
"SUSE Linux Enterprise Server 12 SP2-BCL:kernel-source-4.4.121-92.101.1.noarch",
"SUSE Linux Enterprise Server 12 SP2-BCL:kernel-syms-4.4.121-92.101.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-4.4.121-92.101.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-4.4.121-92.101.1.s390x",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-4.4.121-92.101.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-base-4.4.121-92.101.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-base-4.4.121-92.101.1.s390x",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-base-4.4.121-92.101.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-devel-4.4.121-92.101.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-devel-4.4.121-92.101.1.s390x",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-devel-4.4.121-92.101.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-man-4.4.121-92.101.1.s390x",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-devel-4.4.121-92.101.1.noarch",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-macros-4.4.121-92.101.1.noarch",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-source-4.4.121-92.101.1.noarch",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-syms-4.4.121-92.101.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-syms-4.4.121-92.101.1.s390x",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-syms-4.4.121-92.101.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kgraft-patch-4_4_121-92_101-default-1-3.3.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kgraft-patch-4_4_121-92_101-default-1-3.3.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-4.4.121-92.101.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-4.4.121-92.101.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-base-4.4.121-92.101.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-base-4.4.121-92.101.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-devel-4.4.121-92.101.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-devel-4.4.121-92.101.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-devel-4.4.121-92.101.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-macros-4.4.121-92.101.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-source-4.4.121-92.101.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-syms-4.4.121-92.101.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-syms-4.4.121-92.101.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kgraft-patch-4_4_121-92_101-default-1-3.3.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kgraft-patch-4_4_121-92_101-default-1-3.3.1.x86_64",
"SUSE OpenStack Cloud 7:kernel-default-4.4.121-92.101.1.s390x",
"SUSE OpenStack Cloud 7:kernel-default-4.4.121-92.101.1.x86_64",
"SUSE OpenStack Cloud 7:kernel-default-base-4.4.121-92.101.1.s390x",
"SUSE OpenStack Cloud 7:kernel-default-base-4.4.121-92.101.1.x86_64",
"SUSE OpenStack Cloud 7:kernel-default-devel-4.4.121-92.101.1.s390x",
"SUSE OpenStack Cloud 7:kernel-default-devel-4.4.121-92.101.1.x86_64",
"SUSE OpenStack Cloud 7:kernel-default-man-4.4.121-92.101.1.s390x",
"SUSE OpenStack Cloud 7:kernel-devel-4.4.121-92.101.1.noarch",
"SUSE OpenStack Cloud 7:kernel-macros-4.4.121-92.101.1.noarch",
"SUSE OpenStack Cloud 7:kernel-source-4.4.121-92.101.1.noarch",
"SUSE OpenStack Cloud 7:kernel-syms-4.4.121-92.101.1.s390x",
"SUSE OpenStack Cloud 7:kernel-syms-4.4.121-92.101.1.x86_64",
"SUSE OpenStack Cloud 7:kgraft-patch-4_4_121-92_101-default-1-3.3.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2018-19985",
"url": "https://www.suse.com/security/cve/CVE-2018-19985"
},
{
"category": "external",
"summary": "SUSE Bug 1120743 for CVE-2018-19985",
"url": "https://bugzilla.suse.com/1120743"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Enterprise Storage 4:kernel-default-4.4.121-92.101.1.x86_64",
"SUSE Enterprise Storage 4:kernel-default-base-4.4.121-92.101.1.x86_64",
"SUSE Enterprise Storage 4:kernel-default-devel-4.4.121-92.101.1.x86_64",
"SUSE Enterprise Storage 4:kernel-devel-4.4.121-92.101.1.noarch",
"SUSE Enterprise Storage 4:kernel-macros-4.4.121-92.101.1.noarch",
"SUSE Enterprise Storage 4:kernel-source-4.4.121-92.101.1.noarch",
"SUSE Enterprise Storage 4:kernel-syms-4.4.121-92.101.1.x86_64",
"SUSE Enterprise Storage 4:kgraft-patch-4_4_121-92_101-default-1-3.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP2:cluster-md-kmp-default-4.4.121-92.101.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP2:cluster-md-kmp-default-4.4.121-92.101.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP2:cluster-md-kmp-default-4.4.121-92.101.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP2:cluster-network-kmp-default-4.4.121-92.101.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP2:cluster-network-kmp-default-4.4.121-92.101.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP2:cluster-network-kmp-default-4.4.121-92.101.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP2:dlm-kmp-default-4.4.121-92.101.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP2:dlm-kmp-default-4.4.121-92.101.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP2:dlm-kmp-default-4.4.121-92.101.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP2:gfs2-kmp-default-4.4.121-92.101.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP2:gfs2-kmp-default-4.4.121-92.101.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP2:gfs2-kmp-default-4.4.121-92.101.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP2:ocfs2-kmp-default-4.4.121-92.101.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP2:ocfs2-kmp-default-4.4.121-92.101.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP2:ocfs2-kmp-default-4.4.121-92.101.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-BCL:kernel-default-4.4.121-92.101.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-BCL:kernel-default-base-4.4.121-92.101.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-BCL:kernel-default-devel-4.4.121-92.101.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-BCL:kernel-devel-4.4.121-92.101.1.noarch",
"SUSE Linux Enterprise Server 12 SP2-BCL:kernel-macros-4.4.121-92.101.1.noarch",
"SUSE Linux Enterprise Server 12 SP2-BCL:kernel-source-4.4.121-92.101.1.noarch",
"SUSE Linux Enterprise Server 12 SP2-BCL:kernel-syms-4.4.121-92.101.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-4.4.121-92.101.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-4.4.121-92.101.1.s390x",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-4.4.121-92.101.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-base-4.4.121-92.101.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-base-4.4.121-92.101.1.s390x",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-base-4.4.121-92.101.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-devel-4.4.121-92.101.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-devel-4.4.121-92.101.1.s390x",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-devel-4.4.121-92.101.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-man-4.4.121-92.101.1.s390x",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-devel-4.4.121-92.101.1.noarch",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-macros-4.4.121-92.101.1.noarch",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-source-4.4.121-92.101.1.noarch",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-syms-4.4.121-92.101.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-syms-4.4.121-92.101.1.s390x",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-syms-4.4.121-92.101.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kgraft-patch-4_4_121-92_101-default-1-3.3.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kgraft-patch-4_4_121-92_101-default-1-3.3.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-4.4.121-92.101.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-4.4.121-92.101.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-base-4.4.121-92.101.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-base-4.4.121-92.101.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-devel-4.4.121-92.101.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-devel-4.4.121-92.101.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-devel-4.4.121-92.101.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-macros-4.4.121-92.101.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-source-4.4.121-92.101.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-syms-4.4.121-92.101.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-syms-4.4.121-92.101.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kgraft-patch-4_4_121-92_101-default-1-3.3.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kgraft-patch-4_4_121-92_101-default-1-3.3.1.x86_64",
"SUSE OpenStack Cloud 7:kernel-default-4.4.121-92.101.1.s390x",
"SUSE OpenStack Cloud 7:kernel-default-4.4.121-92.101.1.x86_64",
"SUSE OpenStack Cloud 7:kernel-default-base-4.4.121-92.101.1.s390x",
"SUSE OpenStack Cloud 7:kernel-default-base-4.4.121-92.101.1.x86_64",
"SUSE OpenStack Cloud 7:kernel-default-devel-4.4.121-92.101.1.s390x",
"SUSE OpenStack Cloud 7:kernel-default-devel-4.4.121-92.101.1.x86_64",
"SUSE OpenStack Cloud 7:kernel-default-man-4.4.121-92.101.1.s390x",
"SUSE OpenStack Cloud 7:kernel-devel-4.4.121-92.101.1.noarch",
"SUSE OpenStack Cloud 7:kernel-macros-4.4.121-92.101.1.noarch",
"SUSE OpenStack Cloud 7:kernel-source-4.4.121-92.101.1.noarch",
"SUSE OpenStack Cloud 7:kernel-syms-4.4.121-92.101.1.s390x",
"SUSE OpenStack Cloud 7:kernel-syms-4.4.121-92.101.1.x86_64",
"SUSE OpenStack Cloud 7:kgraft-patch-4_4_121-92_101-default-1-3.3.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N",
"version": "3.0"
},
"products": [
"SUSE Enterprise Storage 4:kernel-default-4.4.121-92.101.1.x86_64",
"SUSE Enterprise Storage 4:kernel-default-base-4.4.121-92.101.1.x86_64",
"SUSE Enterprise Storage 4:kernel-default-devel-4.4.121-92.101.1.x86_64",
"SUSE Enterprise Storage 4:kernel-devel-4.4.121-92.101.1.noarch",
"SUSE Enterprise Storage 4:kernel-macros-4.4.121-92.101.1.noarch",
"SUSE Enterprise Storage 4:kernel-source-4.4.121-92.101.1.noarch",
"SUSE Enterprise Storage 4:kernel-syms-4.4.121-92.101.1.x86_64",
"SUSE Enterprise Storage 4:kgraft-patch-4_4_121-92_101-default-1-3.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP2:cluster-md-kmp-default-4.4.121-92.101.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP2:cluster-md-kmp-default-4.4.121-92.101.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP2:cluster-md-kmp-default-4.4.121-92.101.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP2:cluster-network-kmp-default-4.4.121-92.101.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP2:cluster-network-kmp-default-4.4.121-92.101.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP2:cluster-network-kmp-default-4.4.121-92.101.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP2:dlm-kmp-default-4.4.121-92.101.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP2:dlm-kmp-default-4.4.121-92.101.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP2:dlm-kmp-default-4.4.121-92.101.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP2:gfs2-kmp-default-4.4.121-92.101.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP2:gfs2-kmp-default-4.4.121-92.101.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP2:gfs2-kmp-default-4.4.121-92.101.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP2:ocfs2-kmp-default-4.4.121-92.101.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP2:ocfs2-kmp-default-4.4.121-92.101.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP2:ocfs2-kmp-default-4.4.121-92.101.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-BCL:kernel-default-4.4.121-92.101.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-BCL:kernel-default-base-4.4.121-92.101.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-BCL:kernel-default-devel-4.4.121-92.101.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-BCL:kernel-devel-4.4.121-92.101.1.noarch",
"SUSE Linux Enterprise Server 12 SP2-BCL:kernel-macros-4.4.121-92.101.1.noarch",
"SUSE Linux Enterprise Server 12 SP2-BCL:kernel-source-4.4.121-92.101.1.noarch",
"SUSE Linux Enterprise Server 12 SP2-BCL:kernel-syms-4.4.121-92.101.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-4.4.121-92.101.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-4.4.121-92.101.1.s390x",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-4.4.121-92.101.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-base-4.4.121-92.101.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-base-4.4.121-92.101.1.s390x",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-base-4.4.121-92.101.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-devel-4.4.121-92.101.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-devel-4.4.121-92.101.1.s390x",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-devel-4.4.121-92.101.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-man-4.4.121-92.101.1.s390x",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-devel-4.4.121-92.101.1.noarch",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-macros-4.4.121-92.101.1.noarch",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-source-4.4.121-92.101.1.noarch",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-syms-4.4.121-92.101.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-syms-4.4.121-92.101.1.s390x",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-syms-4.4.121-92.101.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kgraft-patch-4_4_121-92_101-default-1-3.3.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kgraft-patch-4_4_121-92_101-default-1-3.3.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-4.4.121-92.101.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-4.4.121-92.101.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-base-4.4.121-92.101.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-base-4.4.121-92.101.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-devel-4.4.121-92.101.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-devel-4.4.121-92.101.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-devel-4.4.121-92.101.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-macros-4.4.121-92.101.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-source-4.4.121-92.101.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-syms-4.4.121-92.101.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-syms-4.4.121-92.101.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kgraft-patch-4_4_121-92_101-default-1-3.3.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kgraft-patch-4_4_121-92_101-default-1-3.3.1.x86_64",
"SUSE OpenStack Cloud 7:kernel-default-4.4.121-92.101.1.s390x",
"SUSE OpenStack Cloud 7:kernel-default-4.4.121-92.101.1.x86_64",
"SUSE OpenStack Cloud 7:kernel-default-base-4.4.121-92.101.1.s390x",
"SUSE OpenStack Cloud 7:kernel-default-base-4.4.121-92.101.1.x86_64",
"SUSE OpenStack Cloud 7:kernel-default-devel-4.4.121-92.101.1.s390x",
"SUSE OpenStack Cloud 7:kernel-default-devel-4.4.121-92.101.1.x86_64",
"SUSE OpenStack Cloud 7:kernel-default-man-4.4.121-92.101.1.s390x",
"SUSE OpenStack Cloud 7:kernel-devel-4.4.121-92.101.1.noarch",
"SUSE OpenStack Cloud 7:kernel-macros-4.4.121-92.101.1.noarch",
"SUSE OpenStack Cloud 7:kernel-source-4.4.121-92.101.1.noarch",
"SUSE OpenStack Cloud 7:kernel-syms-4.4.121-92.101.1.s390x",
"SUSE OpenStack Cloud 7:kernel-syms-4.4.121-92.101.1.x86_64",
"SUSE OpenStack Cloud 7:kgraft-patch-4_4_121-92_101-default-1-3.3.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2019-02-19T14:35:53Z",
"details": "low"
}
],
"title": "CVE-2018-19985"
},
{
"cve": "CVE-2018-20169",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2018-20169"
}
],
"notes": [
{
"category": "general",
"text": "An issue was discovered in the Linux kernel before 4.19.9. The USB subsystem mishandles size checks during the reading of an extra descriptor, related to __usb_get_extra_descriptor in drivers/usb/core/usb.c.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Enterprise Storage 4:kernel-default-4.4.121-92.101.1.x86_64",
"SUSE Enterprise Storage 4:kernel-default-base-4.4.121-92.101.1.x86_64",
"SUSE Enterprise Storage 4:kernel-default-devel-4.4.121-92.101.1.x86_64",
"SUSE Enterprise Storage 4:kernel-devel-4.4.121-92.101.1.noarch",
"SUSE Enterprise Storage 4:kernel-macros-4.4.121-92.101.1.noarch",
"SUSE Enterprise Storage 4:kernel-source-4.4.121-92.101.1.noarch",
"SUSE Enterprise Storage 4:kernel-syms-4.4.121-92.101.1.x86_64",
"SUSE Enterprise Storage 4:kgraft-patch-4_4_121-92_101-default-1-3.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP2:cluster-md-kmp-default-4.4.121-92.101.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP2:cluster-md-kmp-default-4.4.121-92.101.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP2:cluster-md-kmp-default-4.4.121-92.101.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP2:cluster-network-kmp-default-4.4.121-92.101.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP2:cluster-network-kmp-default-4.4.121-92.101.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP2:cluster-network-kmp-default-4.4.121-92.101.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP2:dlm-kmp-default-4.4.121-92.101.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP2:dlm-kmp-default-4.4.121-92.101.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP2:dlm-kmp-default-4.4.121-92.101.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP2:gfs2-kmp-default-4.4.121-92.101.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP2:gfs2-kmp-default-4.4.121-92.101.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP2:gfs2-kmp-default-4.4.121-92.101.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP2:ocfs2-kmp-default-4.4.121-92.101.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP2:ocfs2-kmp-default-4.4.121-92.101.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP2:ocfs2-kmp-default-4.4.121-92.101.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-BCL:kernel-default-4.4.121-92.101.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-BCL:kernel-default-base-4.4.121-92.101.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-BCL:kernel-default-devel-4.4.121-92.101.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-BCL:kernel-devel-4.4.121-92.101.1.noarch",
"SUSE Linux Enterprise Server 12 SP2-BCL:kernel-macros-4.4.121-92.101.1.noarch",
"SUSE Linux Enterprise Server 12 SP2-BCL:kernel-source-4.4.121-92.101.1.noarch",
"SUSE Linux Enterprise Server 12 SP2-BCL:kernel-syms-4.4.121-92.101.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-4.4.121-92.101.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-4.4.121-92.101.1.s390x",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-4.4.121-92.101.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-base-4.4.121-92.101.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-base-4.4.121-92.101.1.s390x",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-base-4.4.121-92.101.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-devel-4.4.121-92.101.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-devel-4.4.121-92.101.1.s390x",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-devel-4.4.121-92.101.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-man-4.4.121-92.101.1.s390x",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-devel-4.4.121-92.101.1.noarch",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-macros-4.4.121-92.101.1.noarch",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-source-4.4.121-92.101.1.noarch",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-syms-4.4.121-92.101.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-syms-4.4.121-92.101.1.s390x",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-syms-4.4.121-92.101.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kgraft-patch-4_4_121-92_101-default-1-3.3.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kgraft-patch-4_4_121-92_101-default-1-3.3.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-4.4.121-92.101.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-4.4.121-92.101.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-base-4.4.121-92.101.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-base-4.4.121-92.101.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-devel-4.4.121-92.101.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-devel-4.4.121-92.101.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-devel-4.4.121-92.101.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-macros-4.4.121-92.101.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-source-4.4.121-92.101.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-syms-4.4.121-92.101.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-syms-4.4.121-92.101.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kgraft-patch-4_4_121-92_101-default-1-3.3.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kgraft-patch-4_4_121-92_101-default-1-3.3.1.x86_64",
"SUSE OpenStack Cloud 7:kernel-default-4.4.121-92.101.1.s390x",
"SUSE OpenStack Cloud 7:kernel-default-4.4.121-92.101.1.x86_64",
"SUSE OpenStack Cloud 7:kernel-default-base-4.4.121-92.101.1.s390x",
"SUSE OpenStack Cloud 7:kernel-default-base-4.4.121-92.101.1.x86_64",
"SUSE OpenStack Cloud 7:kernel-default-devel-4.4.121-92.101.1.s390x",
"SUSE OpenStack Cloud 7:kernel-default-devel-4.4.121-92.101.1.x86_64",
"SUSE OpenStack Cloud 7:kernel-default-man-4.4.121-92.101.1.s390x",
"SUSE OpenStack Cloud 7:kernel-devel-4.4.121-92.101.1.noarch",
"SUSE OpenStack Cloud 7:kernel-macros-4.4.121-92.101.1.noarch",
"SUSE OpenStack Cloud 7:kernel-source-4.4.121-92.101.1.noarch",
"SUSE OpenStack Cloud 7:kernel-syms-4.4.121-92.101.1.s390x",
"SUSE OpenStack Cloud 7:kernel-syms-4.4.121-92.101.1.x86_64",
"SUSE OpenStack Cloud 7:kgraft-patch-4_4_121-92_101-default-1-3.3.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2018-20169",
"url": "https://www.suse.com/security/cve/CVE-2018-20169"
},
{
"category": "external",
"summary": "SUSE Bug 1119714 for CVE-2018-20169",
"url": "https://bugzilla.suse.com/1119714"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Enterprise Storage 4:kernel-default-4.4.121-92.101.1.x86_64",
"SUSE Enterprise Storage 4:kernel-default-base-4.4.121-92.101.1.x86_64",
"SUSE Enterprise Storage 4:kernel-default-devel-4.4.121-92.101.1.x86_64",
"SUSE Enterprise Storage 4:kernel-devel-4.4.121-92.101.1.noarch",
"SUSE Enterprise Storage 4:kernel-macros-4.4.121-92.101.1.noarch",
"SUSE Enterprise Storage 4:kernel-source-4.4.121-92.101.1.noarch",
"SUSE Enterprise Storage 4:kernel-syms-4.4.121-92.101.1.x86_64",
"SUSE Enterprise Storage 4:kgraft-patch-4_4_121-92_101-default-1-3.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP2:cluster-md-kmp-default-4.4.121-92.101.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP2:cluster-md-kmp-default-4.4.121-92.101.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP2:cluster-md-kmp-default-4.4.121-92.101.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP2:cluster-network-kmp-default-4.4.121-92.101.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP2:cluster-network-kmp-default-4.4.121-92.101.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP2:cluster-network-kmp-default-4.4.121-92.101.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP2:dlm-kmp-default-4.4.121-92.101.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP2:dlm-kmp-default-4.4.121-92.101.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP2:dlm-kmp-default-4.4.121-92.101.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP2:gfs2-kmp-default-4.4.121-92.101.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP2:gfs2-kmp-default-4.4.121-92.101.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP2:gfs2-kmp-default-4.4.121-92.101.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP2:ocfs2-kmp-default-4.4.121-92.101.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP2:ocfs2-kmp-default-4.4.121-92.101.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP2:ocfs2-kmp-default-4.4.121-92.101.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-BCL:kernel-default-4.4.121-92.101.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-BCL:kernel-default-base-4.4.121-92.101.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-BCL:kernel-default-devel-4.4.121-92.101.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-BCL:kernel-devel-4.4.121-92.101.1.noarch",
"SUSE Linux Enterprise Server 12 SP2-BCL:kernel-macros-4.4.121-92.101.1.noarch",
"SUSE Linux Enterprise Server 12 SP2-BCL:kernel-source-4.4.121-92.101.1.noarch",
"SUSE Linux Enterprise Server 12 SP2-BCL:kernel-syms-4.4.121-92.101.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-4.4.121-92.101.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-4.4.121-92.101.1.s390x",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-4.4.121-92.101.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-base-4.4.121-92.101.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-base-4.4.121-92.101.1.s390x",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-base-4.4.121-92.101.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-devel-4.4.121-92.101.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-devel-4.4.121-92.101.1.s390x",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-devel-4.4.121-92.101.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-man-4.4.121-92.101.1.s390x",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-devel-4.4.121-92.101.1.noarch",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-macros-4.4.121-92.101.1.noarch",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-source-4.4.121-92.101.1.noarch",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-syms-4.4.121-92.101.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-syms-4.4.121-92.101.1.s390x",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-syms-4.4.121-92.101.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kgraft-patch-4_4_121-92_101-default-1-3.3.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kgraft-patch-4_4_121-92_101-default-1-3.3.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-4.4.121-92.101.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-4.4.121-92.101.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-base-4.4.121-92.101.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-base-4.4.121-92.101.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-devel-4.4.121-92.101.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-devel-4.4.121-92.101.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-devel-4.4.121-92.101.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-macros-4.4.121-92.101.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-source-4.4.121-92.101.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-syms-4.4.121-92.101.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-syms-4.4.121-92.101.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kgraft-patch-4_4_121-92_101-default-1-3.3.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kgraft-patch-4_4_121-92_101-default-1-3.3.1.x86_64",
"SUSE OpenStack Cloud 7:kernel-default-4.4.121-92.101.1.s390x",
"SUSE OpenStack Cloud 7:kernel-default-4.4.121-92.101.1.x86_64",
"SUSE OpenStack Cloud 7:kernel-default-base-4.4.121-92.101.1.s390x",
"SUSE OpenStack Cloud 7:kernel-default-base-4.4.121-92.101.1.x86_64",
"SUSE OpenStack Cloud 7:kernel-default-devel-4.4.121-92.101.1.s390x",
"SUSE OpenStack Cloud 7:kernel-default-devel-4.4.121-92.101.1.x86_64",
"SUSE OpenStack Cloud 7:kernel-default-man-4.4.121-92.101.1.s390x",
"SUSE OpenStack Cloud 7:kernel-devel-4.4.121-92.101.1.noarch",
"SUSE OpenStack Cloud 7:kernel-macros-4.4.121-92.101.1.noarch",
"SUSE OpenStack Cloud 7:kernel-source-4.4.121-92.101.1.noarch",
"SUSE OpenStack Cloud 7:kernel-syms-4.4.121-92.101.1.s390x",
"SUSE OpenStack Cloud 7:kernel-syms-4.4.121-92.101.1.x86_64",
"SUSE OpenStack Cloud 7:kgraft-patch-4_4_121-92_101-default-1-3.3.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.0/AV:P/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"products": [
"SUSE Enterprise Storage 4:kernel-default-4.4.121-92.101.1.x86_64",
"SUSE Enterprise Storage 4:kernel-default-base-4.4.121-92.101.1.x86_64",
"SUSE Enterprise Storage 4:kernel-default-devel-4.4.121-92.101.1.x86_64",
"SUSE Enterprise Storage 4:kernel-devel-4.4.121-92.101.1.noarch",
"SUSE Enterprise Storage 4:kernel-macros-4.4.121-92.101.1.noarch",
"SUSE Enterprise Storage 4:kernel-source-4.4.121-92.101.1.noarch",
"SUSE Enterprise Storage 4:kernel-syms-4.4.121-92.101.1.x86_64",
"SUSE Enterprise Storage 4:kgraft-patch-4_4_121-92_101-default-1-3.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP2:cluster-md-kmp-default-4.4.121-92.101.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP2:cluster-md-kmp-default-4.4.121-92.101.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP2:cluster-md-kmp-default-4.4.121-92.101.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP2:cluster-network-kmp-default-4.4.121-92.101.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP2:cluster-network-kmp-default-4.4.121-92.101.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP2:cluster-network-kmp-default-4.4.121-92.101.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP2:dlm-kmp-default-4.4.121-92.101.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP2:dlm-kmp-default-4.4.121-92.101.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP2:dlm-kmp-default-4.4.121-92.101.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP2:gfs2-kmp-default-4.4.121-92.101.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP2:gfs2-kmp-default-4.4.121-92.101.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP2:gfs2-kmp-default-4.4.121-92.101.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP2:ocfs2-kmp-default-4.4.121-92.101.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP2:ocfs2-kmp-default-4.4.121-92.101.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP2:ocfs2-kmp-default-4.4.121-92.101.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-BCL:kernel-default-4.4.121-92.101.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-BCL:kernel-default-base-4.4.121-92.101.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-BCL:kernel-default-devel-4.4.121-92.101.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-BCL:kernel-devel-4.4.121-92.101.1.noarch",
"SUSE Linux Enterprise Server 12 SP2-BCL:kernel-macros-4.4.121-92.101.1.noarch",
"SUSE Linux Enterprise Server 12 SP2-BCL:kernel-source-4.4.121-92.101.1.noarch",
"SUSE Linux Enterprise Server 12 SP2-BCL:kernel-syms-4.4.121-92.101.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-4.4.121-92.101.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-4.4.121-92.101.1.s390x",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-4.4.121-92.101.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-base-4.4.121-92.101.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-base-4.4.121-92.101.1.s390x",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-base-4.4.121-92.101.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-devel-4.4.121-92.101.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-devel-4.4.121-92.101.1.s390x",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-devel-4.4.121-92.101.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-man-4.4.121-92.101.1.s390x",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-devel-4.4.121-92.101.1.noarch",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-macros-4.4.121-92.101.1.noarch",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-source-4.4.121-92.101.1.noarch",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-syms-4.4.121-92.101.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-syms-4.4.121-92.101.1.s390x",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-syms-4.4.121-92.101.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kgraft-patch-4_4_121-92_101-default-1-3.3.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kgraft-patch-4_4_121-92_101-default-1-3.3.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-4.4.121-92.101.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-4.4.121-92.101.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-base-4.4.121-92.101.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-base-4.4.121-92.101.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-devel-4.4.121-92.101.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-devel-4.4.121-92.101.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-devel-4.4.121-92.101.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-macros-4.4.121-92.101.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-source-4.4.121-92.101.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-syms-4.4.121-92.101.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-syms-4.4.121-92.101.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kgraft-patch-4_4_121-92_101-default-1-3.3.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kgraft-patch-4_4_121-92_101-default-1-3.3.1.x86_64",
"SUSE OpenStack Cloud 7:kernel-default-4.4.121-92.101.1.s390x",
"SUSE OpenStack Cloud 7:kernel-default-4.4.121-92.101.1.x86_64",
"SUSE OpenStack Cloud 7:kernel-default-base-4.4.121-92.101.1.s390x",
"SUSE OpenStack Cloud 7:kernel-default-base-4.4.121-92.101.1.x86_64",
"SUSE OpenStack Cloud 7:kernel-default-devel-4.4.121-92.101.1.s390x",
"SUSE OpenStack Cloud 7:kernel-default-devel-4.4.121-92.101.1.x86_64",
"SUSE OpenStack Cloud 7:kernel-default-man-4.4.121-92.101.1.s390x",
"SUSE OpenStack Cloud 7:kernel-devel-4.4.121-92.101.1.noarch",
"SUSE OpenStack Cloud 7:kernel-macros-4.4.121-92.101.1.noarch",
"SUSE OpenStack Cloud 7:kernel-source-4.4.121-92.101.1.noarch",
"SUSE OpenStack Cloud 7:kernel-syms-4.4.121-92.101.1.s390x",
"SUSE OpenStack Cloud 7:kernel-syms-4.4.121-92.101.1.x86_64",
"SUSE OpenStack Cloud 7:kgraft-patch-4_4_121-92_101-default-1-3.3.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2019-02-19T14:35:53Z",
"details": "moderate"
}
],
"title": "CVE-2018-20169"
},
{
"cve": "CVE-2018-9516",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2018-9516"
}
],
"notes": [
{
"category": "general",
"text": "In hid_debug_events_read of drivers/hid/hid-debug.c, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Product: Android Versions: Android kernel Android ID: A-71361580.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Enterprise Storage 4:kernel-default-4.4.121-92.101.1.x86_64",
"SUSE Enterprise Storage 4:kernel-default-base-4.4.121-92.101.1.x86_64",
"SUSE Enterprise Storage 4:kernel-default-devel-4.4.121-92.101.1.x86_64",
"SUSE Enterprise Storage 4:kernel-devel-4.4.121-92.101.1.noarch",
"SUSE Enterprise Storage 4:kernel-macros-4.4.121-92.101.1.noarch",
"SUSE Enterprise Storage 4:kernel-source-4.4.121-92.101.1.noarch",
"SUSE Enterprise Storage 4:kernel-syms-4.4.121-92.101.1.x86_64",
"SUSE Enterprise Storage 4:kgraft-patch-4_4_121-92_101-default-1-3.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP2:cluster-md-kmp-default-4.4.121-92.101.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP2:cluster-md-kmp-default-4.4.121-92.101.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP2:cluster-md-kmp-default-4.4.121-92.101.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP2:cluster-network-kmp-default-4.4.121-92.101.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP2:cluster-network-kmp-default-4.4.121-92.101.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP2:cluster-network-kmp-default-4.4.121-92.101.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP2:dlm-kmp-default-4.4.121-92.101.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP2:dlm-kmp-default-4.4.121-92.101.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP2:dlm-kmp-default-4.4.121-92.101.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP2:gfs2-kmp-default-4.4.121-92.101.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP2:gfs2-kmp-default-4.4.121-92.101.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP2:gfs2-kmp-default-4.4.121-92.101.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP2:ocfs2-kmp-default-4.4.121-92.101.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP2:ocfs2-kmp-default-4.4.121-92.101.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP2:ocfs2-kmp-default-4.4.121-92.101.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-BCL:kernel-default-4.4.121-92.101.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-BCL:kernel-default-base-4.4.121-92.101.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-BCL:kernel-default-devel-4.4.121-92.101.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-BCL:kernel-devel-4.4.121-92.101.1.noarch",
"SUSE Linux Enterprise Server 12 SP2-BCL:kernel-macros-4.4.121-92.101.1.noarch",
"SUSE Linux Enterprise Server 12 SP2-BCL:kernel-source-4.4.121-92.101.1.noarch",
"SUSE Linux Enterprise Server 12 SP2-BCL:kernel-syms-4.4.121-92.101.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-4.4.121-92.101.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-4.4.121-92.101.1.s390x",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-4.4.121-92.101.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-base-4.4.121-92.101.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-base-4.4.121-92.101.1.s390x",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-base-4.4.121-92.101.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-devel-4.4.121-92.101.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-devel-4.4.121-92.101.1.s390x",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-devel-4.4.121-92.101.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-man-4.4.121-92.101.1.s390x",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-devel-4.4.121-92.101.1.noarch",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-macros-4.4.121-92.101.1.noarch",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-source-4.4.121-92.101.1.noarch",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-syms-4.4.121-92.101.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-syms-4.4.121-92.101.1.s390x",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-syms-4.4.121-92.101.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kgraft-patch-4_4_121-92_101-default-1-3.3.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kgraft-patch-4_4_121-92_101-default-1-3.3.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-4.4.121-92.101.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-4.4.121-92.101.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-base-4.4.121-92.101.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-base-4.4.121-92.101.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-devel-4.4.121-92.101.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-devel-4.4.121-92.101.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-devel-4.4.121-92.101.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-macros-4.4.121-92.101.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-source-4.4.121-92.101.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-syms-4.4.121-92.101.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-syms-4.4.121-92.101.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kgraft-patch-4_4_121-92_101-default-1-3.3.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kgraft-patch-4_4_121-92_101-default-1-3.3.1.x86_64",
"SUSE OpenStack Cloud 7:kernel-default-4.4.121-92.101.1.s390x",
"SUSE OpenStack Cloud 7:kernel-default-4.4.121-92.101.1.x86_64",
"SUSE OpenStack Cloud 7:kernel-default-base-4.4.121-92.101.1.s390x",
"SUSE OpenStack Cloud 7:kernel-default-base-4.4.121-92.101.1.x86_64",
"SUSE OpenStack Cloud 7:kernel-default-devel-4.4.121-92.101.1.s390x",
"SUSE OpenStack Cloud 7:kernel-default-devel-4.4.121-92.101.1.x86_64",
"SUSE OpenStack Cloud 7:kernel-default-man-4.4.121-92.101.1.s390x",
"SUSE OpenStack Cloud 7:kernel-devel-4.4.121-92.101.1.noarch",
"SUSE OpenStack Cloud 7:kernel-macros-4.4.121-92.101.1.noarch",
"SUSE OpenStack Cloud 7:kernel-source-4.4.121-92.101.1.noarch",
"SUSE OpenStack Cloud 7:kernel-syms-4.4.121-92.101.1.s390x",
"SUSE OpenStack Cloud 7:kernel-syms-4.4.121-92.101.1.x86_64",
"SUSE OpenStack Cloud 7:kgraft-patch-4_4_121-92_101-default-1-3.3.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2018-9516",
"url": "https://www.suse.com/security/cve/CVE-2018-9516"
},
{
"category": "external",
"summary": "SUSE Bug 1108498 for CVE-2018-9516",
"url": "https://bugzilla.suse.com/1108498"
},
{
"category": "external",
"summary": "SUSE Bug 1123161 for CVE-2018-9516",
"url": "https://bugzilla.suse.com/1123161"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Enterprise Storage 4:kernel-default-4.4.121-92.101.1.x86_64",
"SUSE Enterprise Storage 4:kernel-default-base-4.4.121-92.101.1.x86_64",
"SUSE Enterprise Storage 4:kernel-default-devel-4.4.121-92.101.1.x86_64",
"SUSE Enterprise Storage 4:kernel-devel-4.4.121-92.101.1.noarch",
"SUSE Enterprise Storage 4:kernel-macros-4.4.121-92.101.1.noarch",
"SUSE Enterprise Storage 4:kernel-source-4.4.121-92.101.1.noarch",
"SUSE Enterprise Storage 4:kernel-syms-4.4.121-92.101.1.x86_64",
"SUSE Enterprise Storage 4:kgraft-patch-4_4_121-92_101-default-1-3.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP2:cluster-md-kmp-default-4.4.121-92.101.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP2:cluster-md-kmp-default-4.4.121-92.101.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP2:cluster-md-kmp-default-4.4.121-92.101.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP2:cluster-network-kmp-default-4.4.121-92.101.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP2:cluster-network-kmp-default-4.4.121-92.101.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP2:cluster-network-kmp-default-4.4.121-92.101.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP2:dlm-kmp-default-4.4.121-92.101.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP2:dlm-kmp-default-4.4.121-92.101.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP2:dlm-kmp-default-4.4.121-92.101.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP2:gfs2-kmp-default-4.4.121-92.101.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP2:gfs2-kmp-default-4.4.121-92.101.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP2:gfs2-kmp-default-4.4.121-92.101.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP2:ocfs2-kmp-default-4.4.121-92.101.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP2:ocfs2-kmp-default-4.4.121-92.101.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP2:ocfs2-kmp-default-4.4.121-92.101.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-BCL:kernel-default-4.4.121-92.101.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-BCL:kernel-default-base-4.4.121-92.101.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-BCL:kernel-default-devel-4.4.121-92.101.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-BCL:kernel-devel-4.4.121-92.101.1.noarch",
"SUSE Linux Enterprise Server 12 SP2-BCL:kernel-macros-4.4.121-92.101.1.noarch",
"SUSE Linux Enterprise Server 12 SP2-BCL:kernel-source-4.4.121-92.101.1.noarch",
"SUSE Linux Enterprise Server 12 SP2-BCL:kernel-syms-4.4.121-92.101.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-4.4.121-92.101.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-4.4.121-92.101.1.s390x",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-4.4.121-92.101.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-base-4.4.121-92.101.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-base-4.4.121-92.101.1.s390x",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-base-4.4.121-92.101.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-devel-4.4.121-92.101.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-devel-4.4.121-92.101.1.s390x",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-devel-4.4.121-92.101.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-man-4.4.121-92.101.1.s390x",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-devel-4.4.121-92.101.1.noarch",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-macros-4.4.121-92.101.1.noarch",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-source-4.4.121-92.101.1.noarch",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-syms-4.4.121-92.101.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-syms-4.4.121-92.101.1.s390x",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-syms-4.4.121-92.101.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kgraft-patch-4_4_121-92_101-default-1-3.3.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kgraft-patch-4_4_121-92_101-default-1-3.3.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-4.4.121-92.101.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-4.4.121-92.101.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-base-4.4.121-92.101.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-base-4.4.121-92.101.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-devel-4.4.121-92.101.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-devel-4.4.121-92.101.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-devel-4.4.121-92.101.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-macros-4.4.121-92.101.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-source-4.4.121-92.101.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-syms-4.4.121-92.101.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-syms-4.4.121-92.101.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kgraft-patch-4_4_121-92_101-default-1-3.3.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kgraft-patch-4_4_121-92_101-default-1-3.3.1.x86_64",
"SUSE OpenStack Cloud 7:kernel-default-4.4.121-92.101.1.s390x",
"SUSE OpenStack Cloud 7:kernel-default-4.4.121-92.101.1.x86_64",
"SUSE OpenStack Cloud 7:kernel-default-base-4.4.121-92.101.1.s390x",
"SUSE OpenStack Cloud 7:kernel-default-base-4.4.121-92.101.1.x86_64",
"SUSE OpenStack Cloud 7:kernel-default-devel-4.4.121-92.101.1.s390x",
"SUSE OpenStack Cloud 7:kernel-default-devel-4.4.121-92.101.1.x86_64",
"SUSE OpenStack Cloud 7:kernel-default-man-4.4.121-92.101.1.s390x",
"SUSE OpenStack Cloud 7:kernel-devel-4.4.121-92.101.1.noarch",
"SUSE OpenStack Cloud 7:kernel-macros-4.4.121-92.101.1.noarch",
"SUSE OpenStack Cloud 7:kernel-source-4.4.121-92.101.1.noarch",
"SUSE OpenStack Cloud 7:kernel-syms-4.4.121-92.101.1.s390x",
"SUSE OpenStack Cloud 7:kernel-syms-4.4.121-92.101.1.x86_64",
"SUSE OpenStack Cloud 7:kgraft-patch-4_4_121-92_101-default-1-3.3.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.7,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"products": [
"SUSE Enterprise Storage 4:kernel-default-4.4.121-92.101.1.x86_64",
"SUSE Enterprise Storage 4:kernel-default-base-4.4.121-92.101.1.x86_64",
"SUSE Enterprise Storage 4:kernel-default-devel-4.4.121-92.101.1.x86_64",
"SUSE Enterprise Storage 4:kernel-devel-4.4.121-92.101.1.noarch",
"SUSE Enterprise Storage 4:kernel-macros-4.4.121-92.101.1.noarch",
"SUSE Enterprise Storage 4:kernel-source-4.4.121-92.101.1.noarch",
"SUSE Enterprise Storage 4:kernel-syms-4.4.121-92.101.1.x86_64",
"SUSE Enterprise Storage 4:kgraft-patch-4_4_121-92_101-default-1-3.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP2:cluster-md-kmp-default-4.4.121-92.101.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP2:cluster-md-kmp-default-4.4.121-92.101.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP2:cluster-md-kmp-default-4.4.121-92.101.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP2:cluster-network-kmp-default-4.4.121-92.101.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP2:cluster-network-kmp-default-4.4.121-92.101.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP2:cluster-network-kmp-default-4.4.121-92.101.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP2:dlm-kmp-default-4.4.121-92.101.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP2:dlm-kmp-default-4.4.121-92.101.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP2:dlm-kmp-default-4.4.121-92.101.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP2:gfs2-kmp-default-4.4.121-92.101.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP2:gfs2-kmp-default-4.4.121-92.101.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP2:gfs2-kmp-default-4.4.121-92.101.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP2:ocfs2-kmp-default-4.4.121-92.101.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP2:ocfs2-kmp-default-4.4.121-92.101.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP2:ocfs2-kmp-default-4.4.121-92.101.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-BCL:kernel-default-4.4.121-92.101.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-BCL:kernel-default-base-4.4.121-92.101.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-BCL:kernel-default-devel-4.4.121-92.101.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-BCL:kernel-devel-4.4.121-92.101.1.noarch",
"SUSE Linux Enterprise Server 12 SP2-BCL:kernel-macros-4.4.121-92.101.1.noarch",
"SUSE Linux Enterprise Server 12 SP2-BCL:kernel-source-4.4.121-92.101.1.noarch",
"SUSE Linux Enterprise Server 12 SP2-BCL:kernel-syms-4.4.121-92.101.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-4.4.121-92.101.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-4.4.121-92.101.1.s390x",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-4.4.121-92.101.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-base-4.4.121-92.101.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-base-4.4.121-92.101.1.s390x",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-base-4.4.121-92.101.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-devel-4.4.121-92.101.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-devel-4.4.121-92.101.1.s390x",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-devel-4.4.121-92.101.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-man-4.4.121-92.101.1.s390x",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-devel-4.4.121-92.101.1.noarch",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-macros-4.4.121-92.101.1.noarch",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-source-4.4.121-92.101.1.noarch",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-syms-4.4.121-92.101.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-syms-4.4.121-92.101.1.s390x",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-syms-4.4.121-92.101.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kgraft-patch-4_4_121-92_101-default-1-3.3.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kgraft-patch-4_4_121-92_101-default-1-3.3.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-4.4.121-92.101.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-4.4.121-92.101.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-base-4.4.121-92.101.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-base-4.4.121-92.101.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-devel-4.4.121-92.101.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-devel-4.4.121-92.101.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-devel-4.4.121-92.101.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-macros-4.4.121-92.101.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-source-4.4.121-92.101.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-syms-4.4.121-92.101.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-syms-4.4.121-92.101.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kgraft-patch-4_4_121-92_101-default-1-3.3.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kgraft-patch-4_4_121-92_101-default-1-3.3.1.x86_64",
"SUSE OpenStack Cloud 7:kernel-default-4.4.121-92.101.1.s390x",
"SUSE OpenStack Cloud 7:kernel-default-4.4.121-92.101.1.x86_64",
"SUSE OpenStack Cloud 7:kernel-default-base-4.4.121-92.101.1.s390x",
"SUSE OpenStack Cloud 7:kernel-default-base-4.4.121-92.101.1.x86_64",
"SUSE OpenStack Cloud 7:kernel-default-devel-4.4.121-92.101.1.s390x",
"SUSE OpenStack Cloud 7:kernel-default-devel-4.4.121-92.101.1.x86_64",
"SUSE OpenStack Cloud 7:kernel-default-man-4.4.121-92.101.1.s390x",
"SUSE OpenStack Cloud 7:kernel-devel-4.4.121-92.101.1.noarch",
"SUSE OpenStack Cloud 7:kernel-macros-4.4.121-92.101.1.noarch",
"SUSE OpenStack Cloud 7:kernel-source-4.4.121-92.101.1.noarch",
"SUSE OpenStack Cloud 7:kernel-syms-4.4.121-92.101.1.s390x",
"SUSE OpenStack Cloud 7:kernel-syms-4.4.121-92.101.1.x86_64",
"SUSE OpenStack Cloud 7:kgraft-patch-4_4_121-92_101-default-1-3.3.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2019-02-19T14:35:53Z",
"details": "moderate"
}
],
"title": "CVE-2018-9516"
},
{
"cve": "CVE-2018-9568",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2018-9568"
}
],
"notes": [
{
"category": "general",
"text": "In sk_clone_lock of sock.c, there is a possible memory corruption due to type confusion. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation. Product: Android. Versions: Android kernel. Android ID: A-113509306. References: Upstream kernel.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Enterprise Storage 4:kernel-default-4.4.121-92.101.1.x86_64",
"SUSE Enterprise Storage 4:kernel-default-base-4.4.121-92.101.1.x86_64",
"SUSE Enterprise Storage 4:kernel-default-devel-4.4.121-92.101.1.x86_64",
"SUSE Enterprise Storage 4:kernel-devel-4.4.121-92.101.1.noarch",
"SUSE Enterprise Storage 4:kernel-macros-4.4.121-92.101.1.noarch",
"SUSE Enterprise Storage 4:kernel-source-4.4.121-92.101.1.noarch",
"SUSE Enterprise Storage 4:kernel-syms-4.4.121-92.101.1.x86_64",
"SUSE Enterprise Storage 4:kgraft-patch-4_4_121-92_101-default-1-3.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP2:cluster-md-kmp-default-4.4.121-92.101.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP2:cluster-md-kmp-default-4.4.121-92.101.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP2:cluster-md-kmp-default-4.4.121-92.101.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP2:cluster-network-kmp-default-4.4.121-92.101.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP2:cluster-network-kmp-default-4.4.121-92.101.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP2:cluster-network-kmp-default-4.4.121-92.101.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP2:dlm-kmp-default-4.4.121-92.101.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP2:dlm-kmp-default-4.4.121-92.101.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP2:dlm-kmp-default-4.4.121-92.101.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP2:gfs2-kmp-default-4.4.121-92.101.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP2:gfs2-kmp-default-4.4.121-92.101.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP2:gfs2-kmp-default-4.4.121-92.101.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP2:ocfs2-kmp-default-4.4.121-92.101.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP2:ocfs2-kmp-default-4.4.121-92.101.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP2:ocfs2-kmp-default-4.4.121-92.101.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-BCL:kernel-default-4.4.121-92.101.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-BCL:kernel-default-base-4.4.121-92.101.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-BCL:kernel-default-devel-4.4.121-92.101.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-BCL:kernel-devel-4.4.121-92.101.1.noarch",
"SUSE Linux Enterprise Server 12 SP2-BCL:kernel-macros-4.4.121-92.101.1.noarch",
"SUSE Linux Enterprise Server 12 SP2-BCL:kernel-source-4.4.121-92.101.1.noarch",
"SUSE Linux Enterprise Server 12 SP2-BCL:kernel-syms-4.4.121-92.101.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-4.4.121-92.101.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-4.4.121-92.101.1.s390x",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-4.4.121-92.101.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-base-4.4.121-92.101.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-base-4.4.121-92.101.1.s390x",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-base-4.4.121-92.101.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-devel-4.4.121-92.101.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-devel-4.4.121-92.101.1.s390x",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-devel-4.4.121-92.101.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-man-4.4.121-92.101.1.s390x",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-devel-4.4.121-92.101.1.noarch",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-macros-4.4.121-92.101.1.noarch",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-source-4.4.121-92.101.1.noarch",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-syms-4.4.121-92.101.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-syms-4.4.121-92.101.1.s390x",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-syms-4.4.121-92.101.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kgraft-patch-4_4_121-92_101-default-1-3.3.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kgraft-patch-4_4_121-92_101-default-1-3.3.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-4.4.121-92.101.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-4.4.121-92.101.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-base-4.4.121-92.101.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-base-4.4.121-92.101.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-devel-4.4.121-92.101.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-devel-4.4.121-92.101.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-devel-4.4.121-92.101.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-macros-4.4.121-92.101.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-source-4.4.121-92.101.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-syms-4.4.121-92.101.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-syms-4.4.121-92.101.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kgraft-patch-4_4_121-92_101-default-1-3.3.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kgraft-patch-4_4_121-92_101-default-1-3.3.1.x86_64",
"SUSE OpenStack Cloud 7:kernel-default-4.4.121-92.101.1.s390x",
"SUSE OpenStack Cloud 7:kernel-default-4.4.121-92.101.1.x86_64",
"SUSE OpenStack Cloud 7:kernel-default-base-4.4.121-92.101.1.s390x",
"SUSE OpenStack Cloud 7:kernel-default-base-4.4.121-92.101.1.x86_64",
"SUSE OpenStack Cloud 7:kernel-default-devel-4.4.121-92.101.1.s390x",
"SUSE OpenStack Cloud 7:kernel-default-devel-4.4.121-92.101.1.x86_64",
"SUSE OpenStack Cloud 7:kernel-default-man-4.4.121-92.101.1.s390x",
"SUSE OpenStack Cloud 7:kernel-devel-4.4.121-92.101.1.noarch",
"SUSE OpenStack Cloud 7:kernel-macros-4.4.121-92.101.1.noarch",
"SUSE OpenStack Cloud 7:kernel-source-4.4.121-92.101.1.noarch",
"SUSE OpenStack Cloud 7:kernel-syms-4.4.121-92.101.1.s390x",
"SUSE OpenStack Cloud 7:kernel-syms-4.4.121-92.101.1.x86_64",
"SUSE OpenStack Cloud 7:kgraft-patch-4_4_121-92_101-default-1-3.3.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2018-9568",
"url": "https://www.suse.com/security/cve/CVE-2018-9568"
},
{
"category": "external",
"summary": "SUSE Bug 1118319 for CVE-2018-9568",
"url": "https://bugzilla.suse.com/1118319"
},
{
"category": "external",
"summary": "SUSE Bug 1118320 for CVE-2018-9568",
"url": "https://bugzilla.suse.com/1118320"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Enterprise Storage 4:kernel-default-4.4.121-92.101.1.x86_64",
"SUSE Enterprise Storage 4:kernel-default-base-4.4.121-92.101.1.x86_64",
"SUSE Enterprise Storage 4:kernel-default-devel-4.4.121-92.101.1.x86_64",
"SUSE Enterprise Storage 4:kernel-devel-4.4.121-92.101.1.noarch",
"SUSE Enterprise Storage 4:kernel-macros-4.4.121-92.101.1.noarch",
"SUSE Enterprise Storage 4:kernel-source-4.4.121-92.101.1.noarch",
"SUSE Enterprise Storage 4:kernel-syms-4.4.121-92.101.1.x86_64",
"SUSE Enterprise Storage 4:kgraft-patch-4_4_121-92_101-default-1-3.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP2:cluster-md-kmp-default-4.4.121-92.101.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP2:cluster-md-kmp-default-4.4.121-92.101.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP2:cluster-md-kmp-default-4.4.121-92.101.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP2:cluster-network-kmp-default-4.4.121-92.101.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP2:cluster-network-kmp-default-4.4.121-92.101.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP2:cluster-network-kmp-default-4.4.121-92.101.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP2:dlm-kmp-default-4.4.121-92.101.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP2:dlm-kmp-default-4.4.121-92.101.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP2:dlm-kmp-default-4.4.121-92.101.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP2:gfs2-kmp-default-4.4.121-92.101.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP2:gfs2-kmp-default-4.4.121-92.101.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP2:gfs2-kmp-default-4.4.121-92.101.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP2:ocfs2-kmp-default-4.4.121-92.101.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP2:ocfs2-kmp-default-4.4.121-92.101.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP2:ocfs2-kmp-default-4.4.121-92.101.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-BCL:kernel-default-4.4.121-92.101.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-BCL:kernel-default-base-4.4.121-92.101.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-BCL:kernel-default-devel-4.4.121-92.101.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-BCL:kernel-devel-4.4.121-92.101.1.noarch",
"SUSE Linux Enterprise Server 12 SP2-BCL:kernel-macros-4.4.121-92.101.1.noarch",
"SUSE Linux Enterprise Server 12 SP2-BCL:kernel-source-4.4.121-92.101.1.noarch",
"SUSE Linux Enterprise Server 12 SP2-BCL:kernel-syms-4.4.121-92.101.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-4.4.121-92.101.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-4.4.121-92.101.1.s390x",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-4.4.121-92.101.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-base-4.4.121-92.101.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-base-4.4.121-92.101.1.s390x",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-base-4.4.121-92.101.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-devel-4.4.121-92.101.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-devel-4.4.121-92.101.1.s390x",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-devel-4.4.121-92.101.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-man-4.4.121-92.101.1.s390x",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-devel-4.4.121-92.101.1.noarch",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-macros-4.4.121-92.101.1.noarch",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-source-4.4.121-92.101.1.noarch",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-syms-4.4.121-92.101.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-syms-4.4.121-92.101.1.s390x",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-syms-4.4.121-92.101.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kgraft-patch-4_4_121-92_101-default-1-3.3.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kgraft-patch-4_4_121-92_101-default-1-3.3.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-4.4.121-92.101.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-4.4.121-92.101.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-base-4.4.121-92.101.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-base-4.4.121-92.101.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-devel-4.4.121-92.101.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-devel-4.4.121-92.101.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-devel-4.4.121-92.101.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-macros-4.4.121-92.101.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-source-4.4.121-92.101.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-syms-4.4.121-92.101.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-syms-4.4.121-92.101.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kgraft-patch-4_4_121-92_101-default-1-3.3.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kgraft-patch-4_4_121-92_101-default-1-3.3.1.x86_64",
"SUSE OpenStack Cloud 7:kernel-default-4.4.121-92.101.1.s390x",
"SUSE OpenStack Cloud 7:kernel-default-4.4.121-92.101.1.x86_64",
"SUSE OpenStack Cloud 7:kernel-default-base-4.4.121-92.101.1.s390x",
"SUSE OpenStack Cloud 7:kernel-default-base-4.4.121-92.101.1.x86_64",
"SUSE OpenStack Cloud 7:kernel-default-devel-4.4.121-92.101.1.s390x",
"SUSE OpenStack Cloud 7:kernel-default-devel-4.4.121-92.101.1.x86_64",
"SUSE OpenStack Cloud 7:kernel-default-man-4.4.121-92.101.1.s390x",
"SUSE OpenStack Cloud 7:kernel-devel-4.4.121-92.101.1.noarch",
"SUSE OpenStack Cloud 7:kernel-macros-4.4.121-92.101.1.noarch",
"SUSE OpenStack Cloud 7:kernel-source-4.4.121-92.101.1.noarch",
"SUSE OpenStack Cloud 7:kernel-syms-4.4.121-92.101.1.s390x",
"SUSE OpenStack Cloud 7:kernel-syms-4.4.121-92.101.1.x86_64",
"SUSE OpenStack Cloud 7:kgraft-patch-4_4_121-92_101-default-1-3.3.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.4,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.0/AV:L/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"products": [
"SUSE Enterprise Storage 4:kernel-default-4.4.121-92.101.1.x86_64",
"SUSE Enterprise Storage 4:kernel-default-base-4.4.121-92.101.1.x86_64",
"SUSE Enterprise Storage 4:kernel-default-devel-4.4.121-92.101.1.x86_64",
"SUSE Enterprise Storage 4:kernel-devel-4.4.121-92.101.1.noarch",
"SUSE Enterprise Storage 4:kernel-macros-4.4.121-92.101.1.noarch",
"SUSE Enterprise Storage 4:kernel-source-4.4.121-92.101.1.noarch",
"SUSE Enterprise Storage 4:kernel-syms-4.4.121-92.101.1.x86_64",
"SUSE Enterprise Storage 4:kgraft-patch-4_4_121-92_101-default-1-3.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP2:cluster-md-kmp-default-4.4.121-92.101.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP2:cluster-md-kmp-default-4.4.121-92.101.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP2:cluster-md-kmp-default-4.4.121-92.101.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP2:cluster-network-kmp-default-4.4.121-92.101.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP2:cluster-network-kmp-default-4.4.121-92.101.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP2:cluster-network-kmp-default-4.4.121-92.101.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP2:dlm-kmp-default-4.4.121-92.101.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP2:dlm-kmp-default-4.4.121-92.101.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP2:dlm-kmp-default-4.4.121-92.101.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP2:gfs2-kmp-default-4.4.121-92.101.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP2:gfs2-kmp-default-4.4.121-92.101.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP2:gfs2-kmp-default-4.4.121-92.101.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP2:ocfs2-kmp-default-4.4.121-92.101.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP2:ocfs2-kmp-default-4.4.121-92.101.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP2:ocfs2-kmp-default-4.4.121-92.101.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-BCL:kernel-default-4.4.121-92.101.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-BCL:kernel-default-base-4.4.121-92.101.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-BCL:kernel-default-devel-4.4.121-92.101.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-BCL:kernel-devel-4.4.121-92.101.1.noarch",
"SUSE Linux Enterprise Server 12 SP2-BCL:kernel-macros-4.4.121-92.101.1.noarch",
"SUSE Linux Enterprise Server 12 SP2-BCL:kernel-source-4.4.121-92.101.1.noarch",
"SUSE Linux Enterprise Server 12 SP2-BCL:kernel-syms-4.4.121-92.101.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-4.4.121-92.101.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-4.4.121-92.101.1.s390x",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-4.4.121-92.101.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-base-4.4.121-92.101.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-base-4.4.121-92.101.1.s390x",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-base-4.4.121-92.101.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-devel-4.4.121-92.101.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-devel-4.4.121-92.101.1.s390x",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-devel-4.4.121-92.101.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-man-4.4.121-92.101.1.s390x",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-devel-4.4.121-92.101.1.noarch",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-macros-4.4.121-92.101.1.noarch",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-source-4.4.121-92.101.1.noarch",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-syms-4.4.121-92.101.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-syms-4.4.121-92.101.1.s390x",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-syms-4.4.121-92.101.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kgraft-patch-4_4_121-92_101-default-1-3.3.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kgraft-patch-4_4_121-92_101-default-1-3.3.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-4.4.121-92.101.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-4.4.121-92.101.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-base-4.4.121-92.101.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-base-4.4.121-92.101.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-devel-4.4.121-92.101.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-devel-4.4.121-92.101.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-devel-4.4.121-92.101.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-macros-4.4.121-92.101.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-source-4.4.121-92.101.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-syms-4.4.121-92.101.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-syms-4.4.121-92.101.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kgraft-patch-4_4_121-92_101-default-1-3.3.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kgraft-patch-4_4_121-92_101-default-1-3.3.1.x86_64",
"SUSE OpenStack Cloud 7:kernel-default-4.4.121-92.101.1.s390x",
"SUSE OpenStack Cloud 7:kernel-default-4.4.121-92.101.1.x86_64",
"SUSE OpenStack Cloud 7:kernel-default-base-4.4.121-92.101.1.s390x",
"SUSE OpenStack Cloud 7:kernel-default-base-4.4.121-92.101.1.x86_64",
"SUSE OpenStack Cloud 7:kernel-default-devel-4.4.121-92.101.1.s390x",
"SUSE OpenStack Cloud 7:kernel-default-devel-4.4.121-92.101.1.x86_64",
"SUSE OpenStack Cloud 7:kernel-default-man-4.4.121-92.101.1.s390x",
"SUSE OpenStack Cloud 7:kernel-devel-4.4.121-92.101.1.noarch",
"SUSE OpenStack Cloud 7:kernel-macros-4.4.121-92.101.1.noarch",
"SUSE OpenStack Cloud 7:kernel-source-4.4.121-92.101.1.noarch",
"SUSE OpenStack Cloud 7:kernel-syms-4.4.121-92.101.1.s390x",
"SUSE OpenStack Cloud 7:kernel-syms-4.4.121-92.101.1.x86_64",
"SUSE OpenStack Cloud 7:kgraft-patch-4_4_121-92_101-default-1-3.3.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2019-02-19T14:35:53Z",
"details": "moderate"
}
],
"title": "CVE-2018-9568"
},
{
"cve": "CVE-2019-3459",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2019-3459"
}
],
"notes": [
{
"category": "general",
"text": "A heap address information leak while using L2CAP_GET_CONF_OPT was discovered in the Linux kernel before 5.1-rc1.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Enterprise Storage 4:kernel-default-4.4.121-92.101.1.x86_64",
"SUSE Enterprise Storage 4:kernel-default-base-4.4.121-92.101.1.x86_64",
"SUSE Enterprise Storage 4:kernel-default-devel-4.4.121-92.101.1.x86_64",
"SUSE Enterprise Storage 4:kernel-devel-4.4.121-92.101.1.noarch",
"SUSE Enterprise Storage 4:kernel-macros-4.4.121-92.101.1.noarch",
"SUSE Enterprise Storage 4:kernel-source-4.4.121-92.101.1.noarch",
"SUSE Enterprise Storage 4:kernel-syms-4.4.121-92.101.1.x86_64",
"SUSE Enterprise Storage 4:kgraft-patch-4_4_121-92_101-default-1-3.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP2:cluster-md-kmp-default-4.4.121-92.101.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP2:cluster-md-kmp-default-4.4.121-92.101.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP2:cluster-md-kmp-default-4.4.121-92.101.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP2:cluster-network-kmp-default-4.4.121-92.101.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP2:cluster-network-kmp-default-4.4.121-92.101.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP2:cluster-network-kmp-default-4.4.121-92.101.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP2:dlm-kmp-default-4.4.121-92.101.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP2:dlm-kmp-default-4.4.121-92.101.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP2:dlm-kmp-default-4.4.121-92.101.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP2:gfs2-kmp-default-4.4.121-92.101.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP2:gfs2-kmp-default-4.4.121-92.101.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP2:gfs2-kmp-default-4.4.121-92.101.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP2:ocfs2-kmp-default-4.4.121-92.101.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP2:ocfs2-kmp-default-4.4.121-92.101.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP2:ocfs2-kmp-default-4.4.121-92.101.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-BCL:kernel-default-4.4.121-92.101.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-BCL:kernel-default-base-4.4.121-92.101.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-BCL:kernel-default-devel-4.4.121-92.101.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-BCL:kernel-devel-4.4.121-92.101.1.noarch",
"SUSE Linux Enterprise Server 12 SP2-BCL:kernel-macros-4.4.121-92.101.1.noarch",
"SUSE Linux Enterprise Server 12 SP2-BCL:kernel-source-4.4.121-92.101.1.noarch",
"SUSE Linux Enterprise Server 12 SP2-BCL:kernel-syms-4.4.121-92.101.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-4.4.121-92.101.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-4.4.121-92.101.1.s390x",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-4.4.121-92.101.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-base-4.4.121-92.101.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-base-4.4.121-92.101.1.s390x",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-base-4.4.121-92.101.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-devel-4.4.121-92.101.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-devel-4.4.121-92.101.1.s390x",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-devel-4.4.121-92.101.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-man-4.4.121-92.101.1.s390x",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-devel-4.4.121-92.101.1.noarch",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-macros-4.4.121-92.101.1.noarch",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-source-4.4.121-92.101.1.noarch",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-syms-4.4.121-92.101.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-syms-4.4.121-92.101.1.s390x",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-syms-4.4.121-92.101.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kgraft-patch-4_4_121-92_101-default-1-3.3.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kgraft-patch-4_4_121-92_101-default-1-3.3.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-4.4.121-92.101.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-4.4.121-92.101.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-base-4.4.121-92.101.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-base-4.4.121-92.101.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-devel-4.4.121-92.101.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-devel-4.4.121-92.101.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-devel-4.4.121-92.101.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-macros-4.4.121-92.101.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-source-4.4.121-92.101.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-syms-4.4.121-92.101.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-syms-4.4.121-92.101.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kgraft-patch-4_4_121-92_101-default-1-3.3.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kgraft-patch-4_4_121-92_101-default-1-3.3.1.x86_64",
"SUSE OpenStack Cloud 7:kernel-default-4.4.121-92.101.1.s390x",
"SUSE OpenStack Cloud 7:kernel-default-4.4.121-92.101.1.x86_64",
"SUSE OpenStack Cloud 7:kernel-default-base-4.4.121-92.101.1.s390x",
"SUSE OpenStack Cloud 7:kernel-default-base-4.4.121-92.101.1.x86_64",
"SUSE OpenStack Cloud 7:kernel-default-devel-4.4.121-92.101.1.s390x",
"SUSE OpenStack Cloud 7:kernel-default-devel-4.4.121-92.101.1.x86_64",
"SUSE OpenStack Cloud 7:kernel-default-man-4.4.121-92.101.1.s390x",
"SUSE OpenStack Cloud 7:kernel-devel-4.4.121-92.101.1.noarch",
"SUSE OpenStack Cloud 7:kernel-macros-4.4.121-92.101.1.noarch",
"SUSE OpenStack Cloud 7:kernel-source-4.4.121-92.101.1.noarch",
"SUSE OpenStack Cloud 7:kernel-syms-4.4.121-92.101.1.s390x",
"SUSE OpenStack Cloud 7:kernel-syms-4.4.121-92.101.1.x86_64",
"SUSE OpenStack Cloud 7:kgraft-patch-4_4_121-92_101-default-1-3.3.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2019-3459",
"url": "https://www.suse.com/security/cve/CVE-2019-3459"
},
{
"category": "external",
"summary": "SUSE Bug 1120758 for CVE-2019-3459",
"url": "https://bugzilla.suse.com/1120758"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Enterprise Storage 4:kernel-default-4.4.121-92.101.1.x86_64",
"SUSE Enterprise Storage 4:kernel-default-base-4.4.121-92.101.1.x86_64",
"SUSE Enterprise Storage 4:kernel-default-devel-4.4.121-92.101.1.x86_64",
"SUSE Enterprise Storage 4:kernel-devel-4.4.121-92.101.1.noarch",
"SUSE Enterprise Storage 4:kernel-macros-4.4.121-92.101.1.noarch",
"SUSE Enterprise Storage 4:kernel-source-4.4.121-92.101.1.noarch",
"SUSE Enterprise Storage 4:kernel-syms-4.4.121-92.101.1.x86_64",
"SUSE Enterprise Storage 4:kgraft-patch-4_4_121-92_101-default-1-3.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP2:cluster-md-kmp-default-4.4.121-92.101.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP2:cluster-md-kmp-default-4.4.121-92.101.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP2:cluster-md-kmp-default-4.4.121-92.101.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP2:cluster-network-kmp-default-4.4.121-92.101.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP2:cluster-network-kmp-default-4.4.121-92.101.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP2:cluster-network-kmp-default-4.4.121-92.101.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP2:dlm-kmp-default-4.4.121-92.101.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP2:dlm-kmp-default-4.4.121-92.101.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP2:dlm-kmp-default-4.4.121-92.101.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP2:gfs2-kmp-default-4.4.121-92.101.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP2:gfs2-kmp-default-4.4.121-92.101.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP2:gfs2-kmp-default-4.4.121-92.101.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP2:ocfs2-kmp-default-4.4.121-92.101.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP2:ocfs2-kmp-default-4.4.121-92.101.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP2:ocfs2-kmp-default-4.4.121-92.101.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-BCL:kernel-default-4.4.121-92.101.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-BCL:kernel-default-base-4.4.121-92.101.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-BCL:kernel-default-devel-4.4.121-92.101.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-BCL:kernel-devel-4.4.121-92.101.1.noarch",
"SUSE Linux Enterprise Server 12 SP2-BCL:kernel-macros-4.4.121-92.101.1.noarch",
"SUSE Linux Enterprise Server 12 SP2-BCL:kernel-source-4.4.121-92.101.1.noarch",
"SUSE Linux Enterprise Server 12 SP2-BCL:kernel-syms-4.4.121-92.101.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-4.4.121-92.101.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-4.4.121-92.101.1.s390x",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-4.4.121-92.101.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-base-4.4.121-92.101.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-base-4.4.121-92.101.1.s390x",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-base-4.4.121-92.101.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-devel-4.4.121-92.101.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-devel-4.4.121-92.101.1.s390x",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-devel-4.4.121-92.101.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-man-4.4.121-92.101.1.s390x",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-devel-4.4.121-92.101.1.noarch",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-macros-4.4.121-92.101.1.noarch",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-source-4.4.121-92.101.1.noarch",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-syms-4.4.121-92.101.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-syms-4.4.121-92.101.1.s390x",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-syms-4.4.121-92.101.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kgraft-patch-4_4_121-92_101-default-1-3.3.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kgraft-patch-4_4_121-92_101-default-1-3.3.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-4.4.121-92.101.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-4.4.121-92.101.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-base-4.4.121-92.101.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-base-4.4.121-92.101.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-devel-4.4.121-92.101.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-devel-4.4.121-92.101.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-devel-4.4.121-92.101.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-macros-4.4.121-92.101.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-source-4.4.121-92.101.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-syms-4.4.121-92.101.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-syms-4.4.121-92.101.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kgraft-patch-4_4_121-92_101-default-1-3.3.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kgraft-patch-4_4_121-92_101-default-1-3.3.1.x86_64",
"SUSE OpenStack Cloud 7:kernel-default-4.4.121-92.101.1.s390x",
"SUSE OpenStack Cloud 7:kernel-default-4.4.121-92.101.1.x86_64",
"SUSE OpenStack Cloud 7:kernel-default-base-4.4.121-92.101.1.s390x",
"SUSE OpenStack Cloud 7:kernel-default-base-4.4.121-92.101.1.x86_64",
"SUSE OpenStack Cloud 7:kernel-default-devel-4.4.121-92.101.1.s390x",
"SUSE OpenStack Cloud 7:kernel-default-devel-4.4.121-92.101.1.x86_64",
"SUSE OpenStack Cloud 7:kernel-default-man-4.4.121-92.101.1.s390x",
"SUSE OpenStack Cloud 7:kernel-devel-4.4.121-92.101.1.noarch",
"SUSE OpenStack Cloud 7:kernel-macros-4.4.121-92.101.1.noarch",
"SUSE OpenStack Cloud 7:kernel-source-4.4.121-92.101.1.noarch",
"SUSE OpenStack Cloud 7:kernel-syms-4.4.121-92.101.1.s390x",
"SUSE OpenStack Cloud 7:kernel-syms-4.4.121-92.101.1.x86_64",
"SUSE OpenStack Cloud 7:kgraft-patch-4_4_121-92_101-default-1-3.3.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 2.6,
"baseSeverity": "LOW",
"vectorString": "CVSS:3.0/AV:A/AC:H/PR:N/UI:R/S:U/C:N/I:N/A:L",
"version": "3.0"
},
"products": [
"SUSE Enterprise Storage 4:kernel-default-4.4.121-92.101.1.x86_64",
"SUSE Enterprise Storage 4:kernel-default-base-4.4.121-92.101.1.x86_64",
"SUSE Enterprise Storage 4:kernel-default-devel-4.4.121-92.101.1.x86_64",
"SUSE Enterprise Storage 4:kernel-devel-4.4.121-92.101.1.noarch",
"SUSE Enterprise Storage 4:kernel-macros-4.4.121-92.101.1.noarch",
"SUSE Enterprise Storage 4:kernel-source-4.4.121-92.101.1.noarch",
"SUSE Enterprise Storage 4:kernel-syms-4.4.121-92.101.1.x86_64",
"SUSE Enterprise Storage 4:kgraft-patch-4_4_121-92_101-default-1-3.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP2:cluster-md-kmp-default-4.4.121-92.101.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP2:cluster-md-kmp-default-4.4.121-92.101.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP2:cluster-md-kmp-default-4.4.121-92.101.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP2:cluster-network-kmp-default-4.4.121-92.101.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP2:cluster-network-kmp-default-4.4.121-92.101.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP2:cluster-network-kmp-default-4.4.121-92.101.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP2:dlm-kmp-default-4.4.121-92.101.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP2:dlm-kmp-default-4.4.121-92.101.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP2:dlm-kmp-default-4.4.121-92.101.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP2:gfs2-kmp-default-4.4.121-92.101.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP2:gfs2-kmp-default-4.4.121-92.101.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP2:gfs2-kmp-default-4.4.121-92.101.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP2:ocfs2-kmp-default-4.4.121-92.101.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP2:ocfs2-kmp-default-4.4.121-92.101.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP2:ocfs2-kmp-default-4.4.121-92.101.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-BCL:kernel-default-4.4.121-92.101.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-BCL:kernel-default-base-4.4.121-92.101.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-BCL:kernel-default-devel-4.4.121-92.101.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-BCL:kernel-devel-4.4.121-92.101.1.noarch",
"SUSE Linux Enterprise Server 12 SP2-BCL:kernel-macros-4.4.121-92.101.1.noarch",
"SUSE Linux Enterprise Server 12 SP2-BCL:kernel-source-4.4.121-92.101.1.noarch",
"SUSE Linux Enterprise Server 12 SP2-BCL:kernel-syms-4.4.121-92.101.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-4.4.121-92.101.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-4.4.121-92.101.1.s390x",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-4.4.121-92.101.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-base-4.4.121-92.101.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-base-4.4.121-92.101.1.s390x",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-base-4.4.121-92.101.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-devel-4.4.121-92.101.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-devel-4.4.121-92.101.1.s390x",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-devel-4.4.121-92.101.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-man-4.4.121-92.101.1.s390x",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-devel-4.4.121-92.101.1.noarch",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-macros-4.4.121-92.101.1.noarch",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-source-4.4.121-92.101.1.noarch",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-syms-4.4.121-92.101.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-syms-4.4.121-92.101.1.s390x",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-syms-4.4.121-92.101.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kgraft-patch-4_4_121-92_101-default-1-3.3.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kgraft-patch-4_4_121-92_101-default-1-3.3.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-4.4.121-92.101.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-4.4.121-92.101.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-base-4.4.121-92.101.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-base-4.4.121-92.101.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-devel-4.4.121-92.101.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-devel-4.4.121-92.101.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-devel-4.4.121-92.101.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-macros-4.4.121-92.101.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-source-4.4.121-92.101.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-syms-4.4.121-92.101.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-syms-4.4.121-92.101.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kgraft-patch-4_4_121-92_101-default-1-3.3.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kgraft-patch-4_4_121-92_101-default-1-3.3.1.x86_64",
"SUSE OpenStack Cloud 7:kernel-default-4.4.121-92.101.1.s390x",
"SUSE OpenStack Cloud 7:kernel-default-4.4.121-92.101.1.x86_64",
"SUSE OpenStack Cloud 7:kernel-default-base-4.4.121-92.101.1.s390x",
"SUSE OpenStack Cloud 7:kernel-default-base-4.4.121-92.101.1.x86_64",
"SUSE OpenStack Cloud 7:kernel-default-devel-4.4.121-92.101.1.s390x",
"SUSE OpenStack Cloud 7:kernel-default-devel-4.4.121-92.101.1.x86_64",
"SUSE OpenStack Cloud 7:kernel-default-man-4.4.121-92.101.1.s390x",
"SUSE OpenStack Cloud 7:kernel-devel-4.4.121-92.101.1.noarch",
"SUSE OpenStack Cloud 7:kernel-macros-4.4.121-92.101.1.noarch",
"SUSE OpenStack Cloud 7:kernel-source-4.4.121-92.101.1.noarch",
"SUSE OpenStack Cloud 7:kernel-syms-4.4.121-92.101.1.s390x",
"SUSE OpenStack Cloud 7:kernel-syms-4.4.121-92.101.1.x86_64",
"SUSE OpenStack Cloud 7:kgraft-patch-4_4_121-92_101-default-1-3.3.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2019-02-19T14:35:53Z",
"details": "moderate"
}
],
"title": "CVE-2019-3459"
},
{
"cve": "CVE-2019-3460",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2019-3460"
}
],
"notes": [
{
"category": "general",
"text": "A heap data infoleak in multiple locations including L2CAP_PARSE_CONF_RSP was found in the Linux kernel before 5.1-rc1.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Enterprise Storage 4:kernel-default-4.4.121-92.101.1.x86_64",
"SUSE Enterprise Storage 4:kernel-default-base-4.4.121-92.101.1.x86_64",
"SUSE Enterprise Storage 4:kernel-default-devel-4.4.121-92.101.1.x86_64",
"SUSE Enterprise Storage 4:kernel-devel-4.4.121-92.101.1.noarch",
"SUSE Enterprise Storage 4:kernel-macros-4.4.121-92.101.1.noarch",
"SUSE Enterprise Storage 4:kernel-source-4.4.121-92.101.1.noarch",
"SUSE Enterprise Storage 4:kernel-syms-4.4.121-92.101.1.x86_64",
"SUSE Enterprise Storage 4:kgraft-patch-4_4_121-92_101-default-1-3.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP2:cluster-md-kmp-default-4.4.121-92.101.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP2:cluster-md-kmp-default-4.4.121-92.101.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP2:cluster-md-kmp-default-4.4.121-92.101.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP2:cluster-network-kmp-default-4.4.121-92.101.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP2:cluster-network-kmp-default-4.4.121-92.101.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP2:cluster-network-kmp-default-4.4.121-92.101.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP2:dlm-kmp-default-4.4.121-92.101.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP2:dlm-kmp-default-4.4.121-92.101.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP2:dlm-kmp-default-4.4.121-92.101.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP2:gfs2-kmp-default-4.4.121-92.101.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP2:gfs2-kmp-default-4.4.121-92.101.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP2:gfs2-kmp-default-4.4.121-92.101.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP2:ocfs2-kmp-default-4.4.121-92.101.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP2:ocfs2-kmp-default-4.4.121-92.101.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP2:ocfs2-kmp-default-4.4.121-92.101.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-BCL:kernel-default-4.4.121-92.101.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-BCL:kernel-default-base-4.4.121-92.101.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-BCL:kernel-default-devel-4.4.121-92.101.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-BCL:kernel-devel-4.4.121-92.101.1.noarch",
"SUSE Linux Enterprise Server 12 SP2-BCL:kernel-macros-4.4.121-92.101.1.noarch",
"SUSE Linux Enterprise Server 12 SP2-BCL:kernel-source-4.4.121-92.101.1.noarch",
"SUSE Linux Enterprise Server 12 SP2-BCL:kernel-syms-4.4.121-92.101.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-4.4.121-92.101.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-4.4.121-92.101.1.s390x",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-4.4.121-92.101.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-base-4.4.121-92.101.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-base-4.4.121-92.101.1.s390x",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-base-4.4.121-92.101.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-devel-4.4.121-92.101.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-devel-4.4.121-92.101.1.s390x",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-devel-4.4.121-92.101.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-man-4.4.121-92.101.1.s390x",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-devel-4.4.121-92.101.1.noarch",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-macros-4.4.121-92.101.1.noarch",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-source-4.4.121-92.101.1.noarch",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-syms-4.4.121-92.101.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-syms-4.4.121-92.101.1.s390x",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-syms-4.4.121-92.101.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kgraft-patch-4_4_121-92_101-default-1-3.3.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kgraft-patch-4_4_121-92_101-default-1-3.3.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-4.4.121-92.101.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-4.4.121-92.101.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-base-4.4.121-92.101.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-base-4.4.121-92.101.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-devel-4.4.121-92.101.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-devel-4.4.121-92.101.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-devel-4.4.121-92.101.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-macros-4.4.121-92.101.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-source-4.4.121-92.101.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-syms-4.4.121-92.101.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-syms-4.4.121-92.101.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kgraft-patch-4_4_121-92_101-default-1-3.3.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kgraft-patch-4_4_121-92_101-default-1-3.3.1.x86_64",
"SUSE OpenStack Cloud 7:kernel-default-4.4.121-92.101.1.s390x",
"SUSE OpenStack Cloud 7:kernel-default-4.4.121-92.101.1.x86_64",
"SUSE OpenStack Cloud 7:kernel-default-base-4.4.121-92.101.1.s390x",
"SUSE OpenStack Cloud 7:kernel-default-base-4.4.121-92.101.1.x86_64",
"SUSE OpenStack Cloud 7:kernel-default-devel-4.4.121-92.101.1.s390x",
"SUSE OpenStack Cloud 7:kernel-default-devel-4.4.121-92.101.1.x86_64",
"SUSE OpenStack Cloud 7:kernel-default-man-4.4.121-92.101.1.s390x",
"SUSE OpenStack Cloud 7:kernel-devel-4.4.121-92.101.1.noarch",
"SUSE OpenStack Cloud 7:kernel-macros-4.4.121-92.101.1.noarch",
"SUSE OpenStack Cloud 7:kernel-source-4.4.121-92.101.1.noarch",
"SUSE OpenStack Cloud 7:kernel-syms-4.4.121-92.101.1.s390x",
"SUSE OpenStack Cloud 7:kernel-syms-4.4.121-92.101.1.x86_64",
"SUSE OpenStack Cloud 7:kgraft-patch-4_4_121-92_101-default-1-3.3.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2019-3460",
"url": "https://www.suse.com/security/cve/CVE-2019-3460"
},
{
"category": "external",
"summary": "SUSE Bug 1120758 for CVE-2019-3460",
"url": "https://bugzilla.suse.com/1120758"
},
{
"category": "external",
"summary": "SUSE Bug 1155131 for CVE-2019-3460",
"url": "https://bugzilla.suse.com/1155131"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Enterprise Storage 4:kernel-default-4.4.121-92.101.1.x86_64",
"SUSE Enterprise Storage 4:kernel-default-base-4.4.121-92.101.1.x86_64",
"SUSE Enterprise Storage 4:kernel-default-devel-4.4.121-92.101.1.x86_64",
"SUSE Enterprise Storage 4:kernel-devel-4.4.121-92.101.1.noarch",
"SUSE Enterprise Storage 4:kernel-macros-4.4.121-92.101.1.noarch",
"SUSE Enterprise Storage 4:kernel-source-4.4.121-92.101.1.noarch",
"SUSE Enterprise Storage 4:kernel-syms-4.4.121-92.101.1.x86_64",
"SUSE Enterprise Storage 4:kgraft-patch-4_4_121-92_101-default-1-3.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP2:cluster-md-kmp-default-4.4.121-92.101.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP2:cluster-md-kmp-default-4.4.121-92.101.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP2:cluster-md-kmp-default-4.4.121-92.101.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP2:cluster-network-kmp-default-4.4.121-92.101.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP2:cluster-network-kmp-default-4.4.121-92.101.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP2:cluster-network-kmp-default-4.4.121-92.101.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP2:dlm-kmp-default-4.4.121-92.101.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP2:dlm-kmp-default-4.4.121-92.101.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP2:dlm-kmp-default-4.4.121-92.101.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP2:gfs2-kmp-default-4.4.121-92.101.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP2:gfs2-kmp-default-4.4.121-92.101.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP2:gfs2-kmp-default-4.4.121-92.101.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP2:ocfs2-kmp-default-4.4.121-92.101.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP2:ocfs2-kmp-default-4.4.121-92.101.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP2:ocfs2-kmp-default-4.4.121-92.101.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-BCL:kernel-default-4.4.121-92.101.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-BCL:kernel-default-base-4.4.121-92.101.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-BCL:kernel-default-devel-4.4.121-92.101.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-BCL:kernel-devel-4.4.121-92.101.1.noarch",
"SUSE Linux Enterprise Server 12 SP2-BCL:kernel-macros-4.4.121-92.101.1.noarch",
"SUSE Linux Enterprise Server 12 SP2-BCL:kernel-source-4.4.121-92.101.1.noarch",
"SUSE Linux Enterprise Server 12 SP2-BCL:kernel-syms-4.4.121-92.101.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-4.4.121-92.101.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-4.4.121-92.101.1.s390x",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-4.4.121-92.101.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-base-4.4.121-92.101.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-base-4.4.121-92.101.1.s390x",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-base-4.4.121-92.101.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-devel-4.4.121-92.101.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-devel-4.4.121-92.101.1.s390x",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-devel-4.4.121-92.101.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-man-4.4.121-92.101.1.s390x",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-devel-4.4.121-92.101.1.noarch",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-macros-4.4.121-92.101.1.noarch",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-source-4.4.121-92.101.1.noarch",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-syms-4.4.121-92.101.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-syms-4.4.121-92.101.1.s390x",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-syms-4.4.121-92.101.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kgraft-patch-4_4_121-92_101-default-1-3.3.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kgraft-patch-4_4_121-92_101-default-1-3.3.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-4.4.121-92.101.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-4.4.121-92.101.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-base-4.4.121-92.101.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-base-4.4.121-92.101.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-devel-4.4.121-92.101.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-devel-4.4.121-92.101.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-devel-4.4.121-92.101.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-macros-4.4.121-92.101.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-source-4.4.121-92.101.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-syms-4.4.121-92.101.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-syms-4.4.121-92.101.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kgraft-patch-4_4_121-92_101-default-1-3.3.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kgraft-patch-4_4_121-92_101-default-1-3.3.1.x86_64",
"SUSE OpenStack Cloud 7:kernel-default-4.4.121-92.101.1.s390x",
"SUSE OpenStack Cloud 7:kernel-default-4.4.121-92.101.1.x86_64",
"SUSE OpenStack Cloud 7:kernel-default-base-4.4.121-92.101.1.s390x",
"SUSE OpenStack Cloud 7:kernel-default-base-4.4.121-92.101.1.x86_64",
"SUSE OpenStack Cloud 7:kernel-default-devel-4.4.121-92.101.1.s390x",
"SUSE OpenStack Cloud 7:kernel-default-devel-4.4.121-92.101.1.x86_64",
"SUSE OpenStack Cloud 7:kernel-default-man-4.4.121-92.101.1.s390x",
"SUSE OpenStack Cloud 7:kernel-devel-4.4.121-92.101.1.noarch",
"SUSE OpenStack Cloud 7:kernel-macros-4.4.121-92.101.1.noarch",
"SUSE OpenStack Cloud 7:kernel-source-4.4.121-92.101.1.noarch",
"SUSE OpenStack Cloud 7:kernel-syms-4.4.121-92.101.1.s390x",
"SUSE OpenStack Cloud 7:kernel-syms-4.4.121-92.101.1.x86_64",
"SUSE OpenStack Cloud 7:kgraft-patch-4_4_121-92_101-default-1-3.3.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 2.6,
"baseSeverity": "LOW",
"vectorString": "CVSS:3.0/AV:A/AC:H/PR:N/UI:R/S:U/C:N/I:N/A:L",
"version": "3.0"
},
"products": [
"SUSE Enterprise Storage 4:kernel-default-4.4.121-92.101.1.x86_64",
"SUSE Enterprise Storage 4:kernel-default-base-4.4.121-92.101.1.x86_64",
"SUSE Enterprise Storage 4:kernel-default-devel-4.4.121-92.101.1.x86_64",
"SUSE Enterprise Storage 4:kernel-devel-4.4.121-92.101.1.noarch",
"SUSE Enterprise Storage 4:kernel-macros-4.4.121-92.101.1.noarch",
"SUSE Enterprise Storage 4:kernel-source-4.4.121-92.101.1.noarch",
"SUSE Enterprise Storage 4:kernel-syms-4.4.121-92.101.1.x86_64",
"SUSE Enterprise Storage 4:kgraft-patch-4_4_121-92_101-default-1-3.3.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP2:cluster-md-kmp-default-4.4.121-92.101.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP2:cluster-md-kmp-default-4.4.121-92.101.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP2:cluster-md-kmp-default-4.4.121-92.101.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP2:cluster-network-kmp-default-4.4.121-92.101.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP2:cluster-network-kmp-default-4.4.121-92.101.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP2:cluster-network-kmp-default-4.4.121-92.101.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP2:dlm-kmp-default-4.4.121-92.101.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP2:dlm-kmp-default-4.4.121-92.101.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP2:dlm-kmp-default-4.4.121-92.101.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP2:gfs2-kmp-default-4.4.121-92.101.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP2:gfs2-kmp-default-4.4.121-92.101.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP2:gfs2-kmp-default-4.4.121-92.101.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP2:ocfs2-kmp-default-4.4.121-92.101.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP2:ocfs2-kmp-default-4.4.121-92.101.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP2:ocfs2-kmp-default-4.4.121-92.101.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-BCL:kernel-default-4.4.121-92.101.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-BCL:kernel-default-base-4.4.121-92.101.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-BCL:kernel-default-devel-4.4.121-92.101.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-BCL:kernel-devel-4.4.121-92.101.1.noarch",
"SUSE Linux Enterprise Server 12 SP2-BCL:kernel-macros-4.4.121-92.101.1.noarch",
"SUSE Linux Enterprise Server 12 SP2-BCL:kernel-source-4.4.121-92.101.1.noarch",
"SUSE Linux Enterprise Server 12 SP2-BCL:kernel-syms-4.4.121-92.101.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-4.4.121-92.101.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-4.4.121-92.101.1.s390x",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-4.4.121-92.101.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-base-4.4.121-92.101.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-base-4.4.121-92.101.1.s390x",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-base-4.4.121-92.101.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-devel-4.4.121-92.101.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-devel-4.4.121-92.101.1.s390x",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-devel-4.4.121-92.101.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-man-4.4.121-92.101.1.s390x",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-devel-4.4.121-92.101.1.noarch",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-macros-4.4.121-92.101.1.noarch",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-source-4.4.121-92.101.1.noarch",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-syms-4.4.121-92.101.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-syms-4.4.121-92.101.1.s390x",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-syms-4.4.121-92.101.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kgraft-patch-4_4_121-92_101-default-1-3.3.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP2-LTSS:kgraft-patch-4_4_121-92_101-default-1-3.3.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-4.4.121-92.101.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-4.4.121-92.101.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-base-4.4.121-92.101.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-base-4.4.121-92.101.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-devel-4.4.121-92.101.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-devel-4.4.121-92.101.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-devel-4.4.121-92.101.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-macros-4.4.121-92.101.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-source-4.4.121-92.101.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-syms-4.4.121-92.101.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-syms-4.4.121-92.101.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kgraft-patch-4_4_121-92_101-default-1-3.3.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:kgraft-patch-4_4_121-92_101-default-1-3.3.1.x86_64",
"SUSE OpenStack Cloud 7:kernel-default-4.4.121-92.101.1.s390x",
"SUSE OpenStack Cloud 7:kernel-default-4.4.121-92.101.1.x86_64",
"SUSE OpenStack Cloud 7:kernel-default-base-4.4.121-92.101.1.s390x",
"SUSE OpenStack Cloud 7:kernel-default-base-4.4.121-92.101.1.x86_64",
"SUSE OpenStack Cloud 7:kernel-default-devel-4.4.121-92.101.1.s390x",
"SUSE OpenStack Cloud 7:kernel-default-devel-4.4.121-92.101.1.x86_64",
"SUSE OpenStack Cloud 7:kernel-default-man-4.4.121-92.101.1.s390x",
"SUSE OpenStack Cloud 7:kernel-devel-4.4.121-92.101.1.noarch",
"SUSE OpenStack Cloud 7:kernel-macros-4.4.121-92.101.1.noarch",
"SUSE OpenStack Cloud 7:kernel-source-4.4.121-92.101.1.noarch",
"SUSE OpenStack Cloud 7:kernel-syms-4.4.121-92.101.1.s390x",
"SUSE OpenStack Cloud 7:kernel-syms-4.4.121-92.101.1.x86_64",
"SUSE OpenStack Cloud 7:kgraft-patch-4_4_121-92_101-default-1-3.3.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2019-02-19T14:35:53Z",
"details": "moderate"
}
],
"title": "CVE-2019-3460"
}
]
}
SUSE-SU-2019:0222-1
Vulnerability from csaf_suse - Published: 2019-02-01 14:42 - Updated: 2019-02-01 14:42Summary
Security update for the Linux Kernel
Notes
Title of the patch
Security update for the Linux Kernel
Description of the patch
The SUSE Linux Enterprise 12 SP4 kernel for Azure was updated to receive various security and bugfixes.
The following security bugs were fixed:
- CVE-2018-19407: The vcpu_scan_ioapic function in arch/x86/kvm/x86.c allowed local users to cause a denial of service (NULL pointer dereference and BUG) via crafted system calls that reach a situation where ioapic was uninitialized (bnc#1116841).
- CVE-2018-16884: NFS41+ shares mounted in different network namespaces at the same time can make bc_svc_process() use wrong back-channel IDs and cause a use-after-free vulnerability. Thus a malicious container user can cause a host kernel memory corruption and a system panic. Due to the nature of the flaw, privilege escalation cannot be fully ruled out (bnc#1119946).
- CVE-2018-20169: The USB subsystem mishandled size checks during the reading of an extra descriptor, related to __usb_get_extra_descriptor in drivers/usb/core/usb.c (bnc#1119714).
- CVE-2018-9568: In sk_clone_lock of sock.c, there is a possible memory corruption due to type confusion. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation (bnc#1118319).
- CVE-2018-16862: A security flaw was found in the way that the cleancache subsystem clears an inode after the final file truncation (removal). The new file created with the same inode may contain leftover pages from cleancache and the old file data instead of the new one (bnc#1117186).
- CVE-2018-14625: A flaw was found where an attacker may be able to have an uncontrolled read to kernel-memory from within a vm guest. A race condition between connect() and close() function may allow an attacker using the AF_VSOCK protocol to gather a 4 byte information leak or possibly intercept or corrupt AF_VSOCK messages destined to other clients (bnc#1106615).
- CVE-2018-19985: The function hso_probe read if_num from the USB device (as an u8) and used it without a length check to index an array, resulting in an OOB memory read in hso_probe or hso_get_config_data that could be used by local attackers (bnc#1120743).
- CVE-2018-12232: In net/socket.c there is a race condition between fchownat and close in cases where they target the same socket file descriptor, related to the sock_close and sockfs_setattr functions. fchownat did not increment the file descriptor reference count, which allowed close to set the socket to NULL during fchownat's execution, leading to a NULL pointer dereference and system crash (bnc#1097593).
- CVE-2018-18397: The userfaultfd implementation mishandled access control for certain UFFDIO_ ioctl calls, as demonstrated by allowing local users to write data into holes in a tmpfs file (if the user has read-only access to that file, and that file contains holes), related to fs/userfaultfd.c and mm/userfaultfd.c (bnc#1117656).
- CVE-2018-19854: An issue was discovered in the crypto_report_one() and related functions in crypto/crypto_user.c (the crypto user configuration API) do not fully initialize structures that are copied to userspace, potentially leaking sensitive memory to user programs. NOTE: this is a CVE-2013-2547 regression but with easier exploitability because the attacker did not need a capability (however, the system must have the CONFIG_CRYPTO_USER kconfig option) (bnc#1118428).
- CVE-2018-19824: A local user could exploit a use-after-free in the ALSA driver by supplying a malicious USB Sound device (with zero interfaces) that is mishandled in usb_audio_probe in sound/usb/card.c (bnc#1118152).
- CVE-2018-18281: The mremap() syscall performs TLB flushes after dropping pagetable locks. If a syscall such as ftruncate() removes entries from the pagetables of a task that is in the middle of mremap(), a stale TLB entry can remain for a short time that permits access to a physical page after it has been released back to the page allocator and reused. (bnc#1113769).
- CVE-2017-5753: Systems with microprocessors utilizing speculative execution and branch prediction may allow unauthorized disclosure of information to an attacker with local user access via a side-channel analysis (bnc#1074578)
The following non-security bugs were fixed:
- ACPI/APEI: Handle GSIV and GPIO notification types (bsc#1115567).
- ACPICA: Tables: Add WSMT support (bsc#1089350).
- ACPI/CPPC: Check for valid PCC subspace only if PCC is used (bsc#1117115).
- ACPI/CPPC: Update all pr_(debug/err) messages to log the susbspace id (bsc#1117115).
- ACPI/IORT: Fix iort_get_platform_device_domain() uninitialized pointer value (bsc#1051510).
- ACPI/LPSS: Add alternative ACPI HIDs for Cherry Trail DMA controllers (bsc#1051510).
- ACPI/NFTI: Fix ARS overflow continuation (bsc#1116895).
- ACPI/NFIT: x86/mce: Handle only uncorrectable machine checks (bsc#1114279).
- ACPI/NFIT: x86/mce: Validate a MCE's address before using it (bsc#1114279).
- ACPI/platform: Add SMB0001 HID to forbidden_id_list (bsc#1051510).
- ACPI/watchdog: Prefer iTCO_wdt always when WDAT table uses RTC SRAM (bsc#1051510).
- act_ife: fix a potential use-after-free (networking-stable-18_09_11).
- Add the cherry-picked dup id for PCI dwc fix
- aio: fix spectre gadget in lookup_ioctx (bsc#1120594).
- ALSA: ac97: Fix incorrect bit shift at AC97-SPSA control write (bsc#1051510).
- ALSA: ca0106: Disable IZD on SB0570 DAC to fix audio pops (bsc#1051510).
- ALSA: control: Fix race between adding and removing a user element (bsc#1051510).
- ALSA: cs46xx: Potential NULL dereference in probe (bsc#1051510).
- ALSA: emu10k1: Fix potential Spectre v1 vulnerabilities (bsc#1051510).
- ALSA: emux: Fix potential Spectre v1 vulnerabilities (bsc#1051510).
- ALSA: fireface: fix for state to fetch PCM frames (bsc#1051510).
- ALSA: fireface: fix reference to wrong register for clock configuration (bsc#1051510).
- ALSA: firewire-lib: fix wrong assignment for 'out_packet_without_header' tracepoint (bsc#1051510).
- ALSA: firewire-lib: fix wrong handling payload_length as payload_quadlet (bsc#1051510).
- ALSA: firewire-lib: use the same print format for 'without_header' tracepoints (bsc#1051510).
- ALSA: hda: Add ASRock N68C-S UCC the power_save blacklist (bsc#1051510).
- ALSA: hda: add mute LED support for HP EliteBook 840 G4 (bsc#1051510).
- ALSA: hda: Add support for AMD Stoney Ridge (bsc#1051510).
- ALSA: hda/ca0132 - Call pci_iounmap() instead of iounmap() (bsc#1051510).
- ALSA: hda/ca0132 - make pci_iounmap() call conditional (bsc#1051510).
- ALSA: hda: fix front speakers on Huawei MBXP (bsc#1051510).
- ALSA: hda/realtek - Add auto-mute quirk for HP Spectre x360 laptop (bsc#1051510).
- ALSA: hda/realtek - Add GPIO data update helper (bsc#1051510).
- ALSA: hda/realtek - Add support for Acer Aspire C24-860 headset mic (bsc#1051510).
- ALSA: hda/realtek - Add unplug function into unplug state of Headset Mode for ALC225 (bsc#1051510).
- ALSA: hda/realtek: ALC286 mic and headset-mode fixups for Acer Aspire U27-880 (bsc#1051510).
- ALSA: hda/realtek: ALC294 mic and headset-mode fixups for ASUS X542UN (bsc#1051510).
- ALSA: hda/realtek - Allow skipping spec->init_amp detection (bsc#1051510).
- ALSA: hda/realtek - Disable headset Mic VREF for headset mode of ALC225 (bsc#1051510).
- ALSA: hda/realtek: Enable audio jacks of ASUS UX391UA with ALC294 (bsc#1051510).
- ALSA: hda/realtek: Enable audio jacks of ASUS UX433FN/UX333FA with ALC294 (bsc#1051510).
- ALSA: hda/realtek: Enable audio jacks of ASUS UX533FD with ALC294 (bsc#1051510).
- ALSA: hda/realtek: Enable the headset mic auto detection for ASUS laptops (bsc#1051510).
- ALSA: hda/realtek - Fixed headphone issue for ALC700 (bsc#1051510).
- ALSA: hda/realtek - fix headset mic detection for MSI MS-B171 (bsc#1051510).
- ALSA: hda/realtek - Fix HP Headset Mic can't record (bsc#1051510).
- ALSA: hda/realtek: Fix mic issue on Acer AIO Veriton Z4660G (bsc#1051510).
- ALSA: hda/realtek: Fix mic issue on Acer AIO Veriton Z4860G/Z6860G (bsc#1051510).
- ALSA: hda/realtek - Fix speaker output regression on Thinkpad T570 (bsc#1051510).
- ALSA: hda/realtek - Fix the mute LED regresion on Lenovo X1 Carbon (bsc#1051510).
- ALSA: hda/realtek - fix the pop noise on headphone for lenovo laptops (bsc#1051510).
- ALSA: hda/realtek - Manage GPIO bits commonly (bsc#1051510).
- ALSA: hda/realtek - Simplify Dell XPS13 GPIO handling (bsc#1051510).
- ALSA: hda/realtek - Support ALC300 (bsc#1051510).
- ALSA: hda/realtek - Support Dell headset mode for New AIO platform (bsc#1051510).
- ALSA: hda/tegra: clear pending irq handlers (bsc#1051510).
- ALSA: oss: Use kvzalloc() for local buffer allocations (bsc#1051510).
- ALSA: pcm: Call snd_pcm_unlink() conditionally at closing (bsc#1051510).
- ALSA: pcm: Fix interval evaluation with openmin/max (bsc#1051510).
- ALSA: pcm: Fix potential Spectre v1 vulnerability (bsc#1051510).
- ALSA: pcm: Fix starvation on down_write_nonblock() (bsc#1051510).
- ALSA: rme9652: Fix potential Spectre v1 vulnerability (bsc#1051510).
- ALSA: sparc: Fix invalid snd_free_pages() at error path (bsc#1051510).
- ALSA: trident: Suppress gcc string warning (bsc#1051510).
- ALSA: usb-audio: Add SMSL D1 to quirks for native DSD support (bsc#1051510).
- ALSA: usb-audio: Add support for Encore mDSD USB DAC (bsc#1051510).
- ALSA: usb-audio: Add vendor and product name for Dell WD19 Dock (bsc#1051510).
- ALSA: usb-audio: Avoid access before bLength check in build_audio_procunit() (bsc#1051510).
- ALSA: usb-audio: Fix an out-of-bound read in create_composite_quirks (bsc#1051510).
- ALSA: wss: Fix invalid snd_free_pages() at error path (bsc#1051510).
- ALSA: x86: Fix runtime PM for hdmi-lpe-audio (bsc#1051510).
- amd/iommu: Fix Guest Virtual APIC Log Tail Address Register (bsc#1106105).
- apparmor: do not try to replace stale label in ptrace access check (git-fixes).
- apparmor: do not try to replace stale label in ptraceme check (git-fixes).
- apparmor: Fix uninitialized value in aa_split_fqname (git-fixes).
- arm64: Add work around for Arm Cortex-A55 Erratum 1024718 (bsc#1120612).
- arm64: atomics: Remove '&' from '+&' asm constraint in lse atomics (bsc#1120613).
- arm64: cpu_errata: include required headers (bsc#1120615).
- arm64: dma-mapping: Fix FORCE_CONTIGUOUS buffer clearing (bsc#1120633).
- arm64: Fix /proc/iomem for reserved but not memory regions (bsc#1120632).
- arm64: KVM: Move CPU ID reg trap setup off the world switch path (bsc#1110998).
- arm64: KVM: Sanitize PSTATE.M when being set from userspace (bsc#1110998).
- arm64: KVM: Tighten guest core register access from userspace (bsc#1110998).
- arm64: lse: Add early clobbers to some input/output asm operands (bsc#1120614).
- arm64: lse: remove -fcall-used-x0 flag (bsc#1120618).
- arm64: mm: always enable CONFIG_HOLES_IN_ZONE (bsc#1120617).
- arm64/numa: Report correct memblock range for the dummy node (bsc#1120620).
- arm64/numa: Unify common error path in numa_init() (bsc#1120621).
- arm64: remove no-op -p linker flag (bsc#1120616).
- arm: dts: at91: add new compatibility string for macb on sama5d3 (bsc#1051510).
- ASoC: dapm: Recalculate audio map forcely when card instantiated (bsc#1051510).
- ASoC: dwc: Added a quirk DW_I2S_QUIRK_16BIT_IDX_OVERRIDE to dwc (bsc#1085535)
- ASoC: Intel: cht_bsw_max98090: add support for Baytrail (bsc#1051510).
- ASoC: intel: cht_bsw_max98090_ti: Add pmc_plt_clk_0 quirk for Chromebook Clapper (bsc#1051510).
- ASoC: intel: cht_bsw_max98090_ti: Add pmc_plt_clk_0 quirk for Chromebook Gnawty (bsc#1051510).
- ASoC: intel: cht_bsw_max98090_ti: Add quirk for boards using pmc_plt_clk_0 (bsc#1051510).
- ASoC: Intel: mrfld: fix uninitialized variable access (bsc#1051510).
- ASoC: omap-abe-twl6040: Fix missing audio card caused by deferred probing (bsc#1051510).
- ASoC: omap-dmic: Add pm_qos handling to avoid overruns with CPU_IDLE (bsc#1051510).
- ASoC: omap-mcbsp: Fix latency value calculation for pm_qos (bsc#1051510).
- ASoC: omap-mcpdm: Add pm_qos handling to avoid under/overruns with CPU_IDLE (bsc#1051510).
- ASoC: rsnd: fixup clock start checker (bsc#1051510).
- ASoC: sun8i-codec: fix crash on module removal (bsc#1051510).
- ASoC: wm_adsp: Fix dma-unsafe read of scratch registers (bsc#1051510).
- ata: Fix racy link clearance (bsc#1107866).
- ataflop: fix error handling during setup (bsc#1051510).
- ath10k: do not assume this is a PCI dev in generic code (bsc#1051510).
- ath10k: schedule hardware restart if WMI command times out (bsc#1051510).
- ath6kl: Only use match sets when firmware supports it (bsc#1051510).
- b43: Fix error in cordic routine (bsc#1051510).
- batman-adv: Expand merged fragment buffer for full packet (bsc#1051510).
- batman-adv: Use explicit tvlv padding for ELP packets (bsc#1051510).
- bcache: fix miss key refill->end in writeback (Git-fixes).
- bcache: trace missed reading by cache_missed (Git-fixes).
- bitops: protect variables in bit_clear_unless() macro (bsc#1051510).
- bitops: protect variables in set_mask_bits() macro (bsc#1051510).
- blk-mq: remove synchronize_rcu() from blk_mq_del_queue_tag_set() (Git-fixes).
- block: allow max_discard_segments to be stacked (Git-fixes).
- block: blk_init_allocated_queue() set q->fq as NULL in the fail case (Git-fixes).
- block: copy ioprio in __bio_clone_fast() (bsc#1082653).
- block: really disable runtime-pm for blk-mq (Git-fixes).
- block: reset bi_iter.bi_done after splitting bio (Git-fixes).
- block: respect virtual boundary mask in bvecs (bsc#1113412).
- block/swim: Fix array bounds check (Git-fixes).
- Bluetooth: btbcm: Add entry for BCM4335C0 UART bluetooth (bsc#1051510).
- Bluetooth: SMP: fix crash in unpairing (bsc#1051510).
- bnxt_en: do not try to offload VLAN 'modify' action (bsc#1050242 ).
- bnxt_en: Fix enables field in HWRM_QUEUE_COS2BW_CFG request (bsc#1086282).
- bnxt_en: Fix TX timeout during netpoll (networking-stable-18_10_16).
- bnxt_en: Fix VNIC reservations on the PF (bsc#1086282 ).
- bnxt_en: free hwrm resources, if driver probe fails (networking-stable-18_10_16).
- bnxt_en: get the reduced max_irqs by the ones used by RDMA (bsc#1050242).
- bonding: avoid possible dead-lock (networking-stable-18_10_16).
- bonding: fix length of actor system (networking-stable-18_11_02).
- bonding: fix warning message (networking-stable-18_10_16).
- bonding: pass link-local packets to bonding master also (networking-stable-18_10_16).
- bpf: fix check of allowed specifiers in bpf_trace_printk (bsc#1083647).
- bpf: fix partial copy of map_ptr when dst is scalar (bsc#1083647).
- bpf, net: add skb_mac_header_len helper (networking-stable-18_09_24).
- bpf: use per htab salt for bucket hash (git-fixes).
- bpf: wait for running BPF programs when updating map-in-map (bsc#1083647).
- brcmfmac: fix for proper support of 160MHz bandwidth (bsc#1051510).
- brcmfmac: fix reporting support for 160 MHz channels (bsc#1051510).
- brcmutil: really fix decoding channel info for 160 MHz bandwidth (bsc#1051510).
- bridge: do not add port to router list when receives query with source 0.0.0.0 (networking-stable-18_11_02).
- Btrfs: Always try all copies when reading extent buffers (git-fixes).
- Btrfs: delete dead code in btrfs_orphan_add() (bsc#1111469).
- Btrfs: delete dead code in btrfs_orphan_commit_root() (bsc#1111469).
- Btrfs: do not BUG_ON() in btrfs_truncate_inode_items() (bsc#1111469).
- Btrfs: do not check inode's runtime flags under root->orphan_lock (bsc#1111469).
- Btrfs: do not return ino to ino cache if inode item removal fails (bsc#1111469).
- Btrfs: fix assertion failure during fsync in no-holes mode (bsc#1118136).
- Btrfs: fix assertion on fsync of regular file when using no-holes feature (bsc#1118137).
- Btrfs: fix cur_offset in the error case for nocow (bsc#1118140).
- Btrfs: fix data corruption due to cloning of eof block (bsc#1116878).
- Btrfs: fix deadlock on tree root leaf when finding free extent (bsc#1116876).
- Btrfs: fix deadlock when writing out free space caches (bsc#1116700).
- Btrfs: fix ENOSPC caused by orphan items reservations (bsc#1111469).
- btrfs: Fix error handling in btrfs_cleanup_ordered_extents (git-fixes).
- Btrfs: fix error handling in btrfs_truncate() (bsc#1111469).
- Btrfs: fix error handling in btrfs_truncate_inode_items() (bsc#1111469).
- Btrfs: fix fsync of files with multiple hard links in new directories (1120173).
- Btrfs: fix infinite loop on inode eviction after deduplication of eof block (bsc#1116877).
- Btrfs: Fix memory barriers usage with device stats counters (git-fixes).
- Btrfs: fix null pointer dereference on compressed write path error (bsc#1116698).
- Btrfs: fix use-after-free during inode eviction (bsc#1116701).
- Btrfs: fix use-after-free on root->orphan_block_rsv (bsc#1111469).
- Btrfs: fix use-after-free when dumping free space (bsc#1116862).
- Btrfs: fix warning when replaying log after fsync of a tmpfile (bsc#1116692).
- Btrfs: fix wrong dentries after fsync of file that got its parent replaced (bsc#1116693).
- Btrfs: get rid of BTRFS_INODE_HAS_ORPHAN_ITEM (bsc#1111469).
- Btrfs: get rid of unused orphan infrastructure (bsc#1111469).
- Btrfs: make sure we create all new block groups (bsc#1116699).
- Btrfs: move btrfs_truncate_block out of trans handle (bsc#1111469).
- Btrfs: protect space cache inode alloc with GFP_NOFS (bsc#1116863).
- Btrfs: qgroup: Dirty all qgroups before rescan (bsc#1120036).
- Btrfs: refactor btrfs_evict_inode() reserve refill dance (bsc#1111469).
- Btrfs: renumber BTRFS_INODE_ runtime flags and switch to enums (bsc#1111469).
- Btrfs: reserve space for O_TMPFILE orphan item deletion (bsc#1111469).
- btrfs: run delayed items before dropping the snapshot (bsc#1121263, bsc#1111188).
- Btrfs: send, fix infinite loop due to directory rename dependencies (bsc#1118138).
- Btrfs: stop creating orphan items for truncate (bsc#1111469).
- Btrfs: tree-checker: Do not check max block group size as current max chunk size limit is unreliable (fixes for bsc#1102882, bsc#1102896, bsc#1102879, bsc#1102877, bsc#1102875).
- Btrfs: update stale comments referencing vmtruncate() (bsc#1111469).
- cachefiles: fix the race between cachefiles_bury_object() and rmdir(2) (bsc#1051510).
- can: dev: __can_get_echo_skb(): Do not crash the kernel if can_priv::echo_skb is accessed out of bounds (bsc#1051510).
- can: dev: can_get_echo_skb(): factor out non sending code to __can_get_echo_skb() (bsc#1051510).
- can: dev: __can_get_echo_skb(): print error message, if trying to echo non existing skb (bsc#1051510).
- can: dev: __can_get_echo_skb(): replace struct can_frame by canfd_frame to access frame length (bsc#1051510).
- can: flexcan: flexcan_irq(): fix indention (bsc#1051510).
- can: hi311x: Use level-triggered interrupt (bsc#1051510).
- can: raw: check for CAN FD capable netdev in raw_sendmsg() (bsc#1051510).
- can: rcar_can: Fix erroneous registration (bsc#1051510).
- can: rx-offload: introduce can_rx_offload_get_echo_skb() and can_rx_offload_queue_sorted() functions (bsc#1051510).
- cdc-acm: correct counting of UART states in serial state notification (bsc#1051510).
- cdc-acm: do not reset notification buffer index upon urb unlinking (bsc#1051510).
- cdrom: do not attempt to fiddle with cdo->capability (bsc#1051510).
- ceph: do not update importing cap's mseq when handing cap export (bsc#1121273).
- ceph: fix dentry leak in ceph_readdir_prepopulate (bsc#1114839).
- ceph: quota: fix null pointer dereference in quota check (bsc#1114839).
- cfg80211: Address some corner cases in scan result channel updating (bsc#1051510).
- cfg80211: fix use-after-free in reg_process_hint() (bsc#1051510).
- char_dev: extend dynamic allocation of majors into a higher range (bsc#1121058).
- char_dev: Fix off-by-one bugs in find_dynamic_major() (bsc#1121058).
- clk: at91: Fix division by zero in PLL recalc_rate() (bsc#1051510).
- clk: fixed-factor: fix of_node_get-put imbalance (bsc#1051510).
- clk: fixed-rate: fix of_node_get-put imbalance (bsc#1051510).
- clk: mmp2: fix the clock id for sdh2_clk and sdh3_clk (bsc#1051510).
- clk: mmp: Off by one in mmp_clk_add() (bsc#1051510).
- clk: mvebu: Off by one bugs in cp110_of_clk_get() (bsc#1051510).
- clk: rockchip: Fix static checker warning in rockchip_ddrclk_get_parent call (bsc#1051510).
- clk: s2mps11: Add used attribute to s2mps11_dt_match (bsc#1051510).
- clk: s2mps11: Fix matching when built as module and DT node contains compatible (bsc#1051510).
- clk: samsung: exynos5420: Enable PERIS clocks for suspend (bsc#1051510).
- clockevents/drivers/i8253: Add support for PIT shutdown quirk (bsc#1051510).
- compiler-gcc.h: Add __attribute__((gnu_inline)) to all inline declarations (git-fixes).
- config: arm64: enable erratum 1024718
- configfs: replace strncpy with memcpy (bsc#1051510).
- cpufeature: avoid warning when compiling with clang (Git-fixes).
- cpufreq / CPPC: Add cpuinfo_cur_freq support for CPPC (bsc#1117115).
- cpufreq: CPPC: fix build in absence of v3 support (bsc#1117115).
- cpupower: remove stringop-truncation waring (git-fixes).
- crypto: bcm - fix normal/non key hash algorithm failure (bsc#1051510).
- crypto: ccp - Add DOWNLOAD_FIRMWARE SEV command ().
- crypto: ccp - Add GET_ID SEV command ().
- crypto: ccp - Add psp enabled message when initialization succeeds ().
- crypto: ccp - Add support for new CCP/PSP device ID ().
- crypto: ccp - Allow SEV firmware to be chosen based on Family and Model ().
- crypto: ccp - Fix static checker warning ().
- crypto: ccp - Remove unused #defines ().
- crypto: ccp - Support register differences between PSP devices ().
- crypto: simd - correctly take reqsize of wrapped skcipher into account (bsc#1051510).
- dasd: fix deadlock in dasd_times_out (bsc#1121477, LTC#174111).
- dax: Check page->mapping isn't NULL (bsc#1120054).
- dax: Do not access a freed inode (bsc#1120055).
- device property: Define type of PROPERTY_ENRTY_*() macros (bsc#1051510).
- device property: fix fwnode_graph_get_next_endpoint() documentation (bsc#1051510).
- disable INFINIBAND_USNIC
- disable SERIAL_NONSTANDARD
- disable stringop truncation warnings for now (git-fixes).
- dm: allocate struct mapped_device with kvzalloc (Git-fixes).
- dm cache: destroy migration_cache if cache target registration failed (Git-fixes).
- dm cache: fix resize crash if user does not reload cache table (Git-fixes).
- dm cache metadata: ignore hints array being too small during resize (Git-fixes).
- dm cache metadata: save in-core policy_hint_size to on-disk superblock (Git-fixes).
- dm cache metadata: set dirty on all cache blocks after a crash (Git-fixes).
- dm cache: only allow a single io_mode cache feature to be requested (Git-fixes).
- dm crypt: do not decrease device limits (Git-fixes).
- dm: fix report zone remapping to account for partition offset (Git-fixes).
- dm integrity: change 'suspending' variable from bool to int (Git-fixes).
- dm ioctl: harden copy_params()'s copy_from_user() from malicious users (Git-fixes).
- dm linear: eliminate linear_end_io call if CONFIG_DM_ZONED disabled (Git-fixes).
- dm linear: fix linear_end_io conditional definition (Git-fixes).
- dm thin: handle running out of data space vs concurrent discard (Git-fixes).
- dm thin metadata: remove needless work from __commit_transaction (Git-fixes).
- dm thin: stop no_space_timeout worker when switching to write-mode (Git-fixes).
- dm writecache: fix a crash due to reading past end of dirty_bitmap (Git-fixes).
- dm writecache: report start_sector in status line (Git-fixes).
- dm zoned: fix metadata block ref counting (Git-fixes).
- dm zoned: fix various dmz_get_mblock() issues (Git-fixes).
- doc/README.SUSE: correct GIT url No more gitorious, github we use.
- Documentation/l1tf: Fix typos (bsc#1051510).
- Documentation/l1tf: Remove Yonah processors from not vulnerable list (bsc#1051510).
- driver/dma/ioat: Call del_timer_sync() without holding prep_lock (bsc#1051510).
- Drivers: HV: Send one page worth of kmsg dump over Hyper-V during panic (bsc#1107207).
- Drivers: hv: vmbus: Add comments on ring buffer signaling (bsc#1107207).
- Drivers: hv: vmbus: add numa_node to sysfs (bsc#1107207).
- Drivers: hv: vmbus: Cleanup synic memory free path (bsc#1107207).
- Drivers: hv: vmbus: enable VMBus protocol version 5.0 (bsc#1107207).
- Drivers: hv: vmbus: Fix the issue with freeing up hv_ctl_table_hdr (bsc#1107207).
- Drivers: hv: vmbus: Get rid of MSR access from vmbus_drv.c (bsc#1107207).
- Drivers: hv: vmbus: Implement Direct Mode for stimer0 (bsc#1107207).
- Drivers: hv: vmbus: Make TLFS #define names architecture neutral (bsc#1107207).
- Drivers: hv: vmbus: Removed an unnecessary cast from void * (bsc#1107207).
- Drivers: hv: vmbus: Remove use of slow_virt_to_phys() (bsc#1107207).
- Drivers: hv: vmbus: Remove x86-isms from arch independent drivers (bsc#1107207).
- Drivers: hv: vmbus: Remove x86 MSR refs in arch independent code (bsc#1107207).
- Drivers: hv: vmbus: Reset the channel callback in vmbus_onoffer_rescind() (bsc#1107207).
- Drivers: hv: vmbus: respect what we get from hv_get_synint_state() (bsc#1107207).
- Drivers: hv: vmbus: Use get/put_cpu() in vmbus_connect() (bsc#1107207).
- Drivers: hv: vmus: Fix the check for return value from kmsg get dump buffer (bsc#1107207).
- Drivers/net/usb: add device id for TP-LINK UE300 USB 3.0 Ethernet (bsc#1119749).
- Drivers/net/usb/r8152: remove the unneeded variable 'ret' in rtl8152_system_suspend (bsc#1119749).
- Drivers/tty: add missing of_node_put() (bsc#1051510).
- drm/amdgpu: add missing CHIP_HAINAN in amdgpu_ucode_get_load_type (bsc#1051510).
- drm/amdgpu/gmc8: update MC firmware for polaris (bsc#1113722)
- drm/amdgpu: update mc firmware image for polaris12 variants (bsc#1113722)
- drm/amdgpu: update SMC firmware image for polaris10 variants (bsc#1113722)
- drm/ast: change resolution may cause screen blurred (boo#1112963).
- drm/ast: fixed cursor may disappear sometimes (bsc#1051510).
- drm/ast: Fix incorrect free on ioregs (bsc#1051510).
- drm/ast: Remove existing framebuffers before loading driver (boo#1112963)
- drm/dp_mst: Check if primary mstb is null (bsc#1051510).
- drm/dp_mst: Skip validating ports during destruction, just ref (bsc#1051510).
- drm/edid: Add 6 bpc quirk for BOE panel (bsc#1051510).
- drm/edid: Add 6 bpc quirk for BOE panel in HP Pavilion 15-n233sl (bsc#1113722)
- drm/fb-helper: Ignore the value of fb_var_screeninfo.pixclock (bsc#1113722)
- drm: fb-helper: Reject all pixel format changing requests (bsc#1113722)
- drm/i915: Do not oops during modeset shutdown after lpe audio deinit (bsc#1051510).
- drm/i915: Do not unset intel_connector->mst_port (bsc#1051510).
- drm/i915/execlists: Apply a full mb before execution for Braswell (bsc#1113722)
- drm/i915/execlists: Force write serialisation into context image vs execution (bsc#1051510).
- drm/i915: Fix ilk+ watermarks when disabling pipes (bsc#1051510).
- drm/i915/glk: Remove 99% limitation (bsc#1051510).
- drm/i915/hdmi: Add HDMI 2.0 audio clock recovery N values (bsc#1051510).
- drm/i915: Large page offsets for pread/pwrite (bsc#1051510).
- drm/i915: Mark pin flags as u64 (bsc#1051510).
- drm/i915: Skip vcpi allocation for MSTB ports that are gone (bsc#1051510).
- drm/i915: Write GPU relocs harder with gen3 (bsc#1051510).
- drm/ioctl: Fix Spectre v1 vulnerabilities (bsc#1113722)
- drm/meson: add support for 1080p25 mode (bsc#1051510).
- drm/meson: Enable fast_io in meson_dw_hdmi_regmap_config (bsc#1051510).
- drm/meson: Fix OOB memory accesses in meson_viu_set_osd_lut() (bsc#1051510).
- drm/nouveau: Check backlight IDs are >= 0, not > 0 (bsc#1051510).
- drm/nouveau/kms: Fix memory leak in nv50_mstm_del() (bsc#1113722)
- drm/omap: fix memory barrier bug in DMM driver (bsc#1051510).
- drm: rcar-du: Fix external clock error checks (bsc#1113722)
- drm: rcar-du: Fix vblank initialization (bsc#1113722)
- drm/rockchip: Allow driver to be shutdown on reboot/kexec (bsc#1051510).
- drm/rockchip: psr: do not dereference encoder before it is null (bsc#1113722)
- drm: set is_master to 0 upon drm_new_set_master() failure (bsc#1113722)
- drm/vc4: Set ->is_yuv to false when num_planes == 1 (bsc#1113722)
- drm/vc4: ->x_scaling[1] should never be set to VC4_SCALING_NONE (bsc#1113722)
- dt-bindings: add compatible string for Allwinner V3s SoC (git-fixes).
- dt-bindings: arm: Document SoC compatible value for Armadillo-800 EVA (git-fixes).
- dt-bindings: clock: add rk3399 DDR3 standard speed bins (git-fixes).
- dt-bindings: clock: mediatek: add binding for fixed-factor clock axisel_d4 (git-fixes).
- dt-bindings: iio: update STM32 timers clock names (git-fixes).
- dt-bindings: mfd: axp20x: Add AXP806 to supported list of chips (git-fixes).
- dt-bindings: net: Remove duplicate NSP Ethernet MAC binding document (git-fixes).
- dt-bindings: panel: lvds: Fix path to display timing bindings (git-fixes).
- dt-bindings: phy: sun4i-usb-phy: Add property descriptions for H3 (git-fixes).
- dt-bindings: pwm: renesas: tpu: Fix 'compatible' prop description (git-fixes).
- dt-bindings: pwm: Update STM32 timers clock names (git-fixes).
- dt-bindings: rcar-dmac: Document missing error interrupt (git-fixes).
- EDAC, {i7core,sb,skx}_edac: Fix uncorrected error counting (bsc#1114279).
- EDAC, skx_edac: Fix logical channel intermediate decoding (bsc#1114279).
- efi: Move some sysfs files to be read-only by root (bsc#1051510).
- enable CONFIG_SCSI_MQ_DEFAULT (bsc#1107207)
- ethernet: fman: fix wrong of_node_put() in probe function (bsc#1119017).
- exportfs: fix 'passing zero to ERR_PTR()' warning (bsc#1118773).
- ext2: fix potential use after free (bsc#1118775).
- ext4: add missing brelse() add_new_gdb_meta_bg()'s error path (bsc#1117795).
- ext4: add missing brelse() in set_flexbg_block_bitmap()'s error path (bsc#1117794).
- ext4: add missing brelse() update_backups()'s error path (bsc#1117796).
- ext4: avoid buffer leak in ext4_orphan_add() after prior errors (bsc#1117802).
- ext4: avoid buffer leak on shutdown in ext4_mark_iloc_dirty() (bsc#1117801).
- ext4: avoid possible double brelse() in add_new_gdb() on error path (bsc#1118760).
- ext4: avoid potential extra brelse in setup_new_flex_group_blocks() (bsc#1117792).
- ext4: fix buffer leak in __ext4_read_dirblock() on error path (bsc#1117807).
- ext4: fix buffer leak in ext4_xattr_move_to_block() on error path (bsc#1117806).
- ext4: fix EXT4_IOC_GROUP_ADD ioctl (bsc#1120604).
- ext4: fix missing cleanup if ext4_alloc_flex_bg_array() fails while resizing (bsc#1117798).
- ext4: fix possible inode leak in the retry loop of ext4_resize_fs() (bsc#1117799).
- ext4: fix possible leak of sbi->s_group_desc_leak in error path (bsc#1117803).
- ext4: fix possible leak of s_journal_flag_rwsem in error path (bsc#1117804).
- ext4: fix possible use after free in ext4_quota_enable (bsc#1120602).
- ext4: fix setattr project check in fssetxattr ioctl (bsc#1117789).
- ext4: fix use-after-free race in ext4_remount()'s error path (bsc#1117791).
- ext4: initialize retries variable in ext4_da_write_inline_data_begin() (bsc#1117788).
- ext4: missing unlock/put_page() in ext4_try_to_write_inline_data() (bsc#1120603).
- ext4: propagate error from dquot_initialize() in EXT4_IOC_FSSETXATTR (bsc#1117790).
- ext4: release bs.bh before re-using in ext4_xattr_block_find() (bsc#1117805).
- extable: Consolidate *kernel_text_address() functions (bsc#1120092).
- extable: Enable RCU if it is not watching in kernel_text_address() (bsc#1120092).
- fanotify: fix handling of events on child sub-directory (bsc#1122019).
- fbdev: fbcon: Fix unregister crash when more than one framebuffer (bsc#1113722)
- fbdev: fbmem: behave better with small rotated displays and many CPUs (bsc#1113722)
- fbdev: fix broken menu dependencies (bsc#1113722)
- filesystem-dax: Fix dax_layout_busy_page() livelock (bsc#1118787).
- firmware: add firmware_request_nowarn() - load firmware without warnings ().
- firmware: dcdbas: Add support for WSMT ACPI table (bsc#1089350 ).
- firmware: dcdbas: include linux/io.h (bsc#1089350).
- Fix kABI for 'Ensure we commit after writeback is complete' (bsc#1111809).
- Fix the breakage of KMP build on x86_64 (bsc#1121017) The backport of the commit 4cd24de3a098 broke KMP builds because of the failure of make kernelrelease call in spec file. Clear the blacklist and backport the fix from the upstream.
- Fix tracing sample code warning (git-fixes).
- floppy: fix race condition in __floppy_read_block_0() (bsc#1051510).
- flow_dissector: do not dissect l4 ports for fragments (networking-stable-18_11_21).
- fscache: fix race between enablement and dropping of object (bsc#1107385).
- fscache: Fix race in fscache_op_complete() due to split atomic_sub & read (Git-fixes).
- fscache: Pass the correct cancelled indications to fscache_op_complete() (Git-fixes).
- fs: fix lost error code in dio_complete (bsc#1118762).
- fs: Make extension of struct super_block transparent (bsc#1117822).
- fsnotify: Fix busy inodes during unmount (bsc#1117822).
- fsnotify: fix ignore mask logic in fsnotify() (bsc#1115074).
- fs/xfs: Use %pS printk format for direct addresses (git-fixes).
- ftrace: Fix debug preempt config name in stack_tracer_{en,dis}able (bsc#1117172).
- ftrace: Fix kmemleak in unregister_ftrace_graph (bsc#1117181).
- ftrace: Fix memleak when unregistering dynamic ops when tracing disabled (bsc#1117174).
- ftrace: Remove incorrect setting of glob search field (bsc#1117184).
- fuse: fix blocked_waitq wakeup (git-fixes).
- fuse: fix leaked notify reply (git-fixes).
- fuse: fix possibly missed wake-up after abort (git-fixes).
- fuse: Fix use-after-free in fuse_dev_do_read() (git-fixes).
- fuse: Fix use-after-free in fuse_dev_do_write() (git-fixes).
- fuse: fix use-after-free in fuse_direct_IO() (git-fixes).
- fuse: set FR_SENT while locked (git-fixes).
- gcc-plugins: Add include required by GCC release 8 (git-fixes).
- gcc-plugins: Use dynamic initializers (git-fixes).
- genirq: Fix race on spurious interrupt detection (bsc#1051510).
- gfs2: Do not leave s_fs_info pointing to freed memory in init_sbd (bsc#1118769).
- gfs2: Fix loop in gfs2_rbm_find (bsc#1120601).
- gfs2: Get rid of potential double-freeing in gfs2_create_inode (bsc#1120600).
- gfs2_meta: ->mount() can get NULL dev_name (bsc#1118768).
- gfs2: Put bitmap buffers in put_super (bsc#1118772).
- git_sort.py: Remove non-existent remote tj/libata
- gpio: davinci: Remove unused member of davinci_gpio_controller (git-fixes).
- gpio: do not free unallocated ida on gpiochip_add_data_with_key() error path (bsc#1051510).
- gpiolib-acpi: Only defer request_irq for GpioInt ACPI event handlers (bsc#1051510).
- gpiolib: Fix return value of gpio_to_desc() stub if !GPIOLIB (bsc#1051510).
- gpio: max7301: fix driver for use with CONFIG_VMAP_STACK (bsc#1051510).
- gpio: mvebu: only fail on missing clk if pwm is actually to be used (bsc#1051510).
- grace: replace BUG_ON by WARN_ONCE in exit_net hook (git-fixes).
- gso_segment: Reset skb->mac_len after modifying network header (networking-stable-18_09_24).
- HID: Add quirk for Primax PIXART OEM mice (bsc#1119410).
- HID: hiddev: fix potential Spectre v1 (bsc#1051510).
- HID: input: Ignore battery reported by Symbol DS4308 (bsc#1051510).
- HID: multitouch: Add pointstick support for Cirque Touchpad (bsc#1051510).
- HID: uhid: forbid UHID_CREATE under KERNEL_DS or elevated privileges (bsc#1051510).
- hv: add SPDX license id to Kconfig (bsc#1107207).
- hv: add SPDX license to trace (bsc#1107207).
- hv_balloon: trace post_status (bsc#1107207).
- hv_netvsc: Add handlers for ethtool get/set msg level (bsc#1107207).
- hv_netvsc: Add NetVSP v6 and v6.1 into version negotiation (bsc#1107207).
- hv_netvsc: Add per-cpu ethtool stats for netvsc (bsc#1107207).
- hv_netvsc: Add range checking for rx packet offset and length (bsc#1107207).
- hv_netvsc: add trace points (bsc#1107207).
- hv_netvsc: Clean up extra parameter from rndis_filter_receive_data() (bsc#1107207).
- hv_netvsc: fix bogus ifalias on network device (bsc#1107207).
- hv_netvsc: fix network namespace issues with VF support (bsc#1107207).
- hv_netvsc: Fix the return status in RX path (bsc#1107207).
- hv_netvsc: Fix the variable sizes in ipsecv2 and rsc offload (bsc#1107207).
- hv_netvsc: fix vf serial matching with pci slot info (bsc#1107207).
- hv_netvsc: ignore devices that are not PCI (networking-stable-18_09_11).
- hv_netvsc: move VF to same namespace as netvsc device (bsc#1107207).
- hv_netvsc: pair VF based on serial number (bsc#1107207).
- hv_netvsc: Pass net_device parameter to revoke and teardown functions (bsc#1107207).
- hv_netvsc: pass netvsc_device to rndis halt (bsc#1107207).
- hv_netvsc: propogate Hyper-V friendly name into interface alias (bsc#1107207).
- hv_netvsc: select needed ucs2_string routine (bsc#1107207).
- hv_netvsc: simplify receive side calling arguments (bsc#1107207).
- hv_netvsc: typo in NDIS RSS parameters structure (bsc#1107207).
- hv: Synthetic typo correction (bsc#1107207).
- hv_vmbus: Correct the stale comments regarding cpu affinity (bsc#1107207).
- hwmon: (core) Fix double-free in __hwmon_device_register() (bsc#1051510).
- hwmon: (ibmpowernv) Remove bogus __init annotations (bsc#1051510).
- hwmon: (ina2xx) Fix current value calculation (bsc#1051510).
- hwmon (ina2xx) Fix NULL id pointer in probe() (bsc#1051510).
- hwmon: (nct6775) Fix potential Spectre v1 (bsc#1051510).
- hwmon: (pmbus) Fix page count auto-detection (bsc#1051510).
- hwmon: (pwm-fan) Set fan speed to 0 on suspend (bsc#1051510).
- hwmon: (raspberrypi) Fix initial notify (bsc#1051510).
- hwmon: (w83795) temp4_type has writable permission (bsc#1051510).
- hwpoison, memory_hotplug: allow hwpoisoned pages to be offlined (bnc#1116336).
- hyper-v: use GFP_KERNEL for hv_context.hv_numa_map (bsc#1107207).
- i2c: axxia: properly handle master timeout (bsc#1051510).
- i2c: scmi: Fix probe error on devices with an empty SMB0001 ACPI device node (bsc#1051510).
- IB/hfi1: Add mtu check for operational data VLs (bsc#1060463 ).
- ibmvnic: Convert reset work item mutex to spin lock ().
- ibmvnic: fix accelerated VLAN handling ().
- ibmvnic: fix index in release_rx_pools (bsc#1115440, bsc#1115433).
- ibmvnic: Fix non-atomic memory allocation in IRQ context ().
- ibmvnic: remove ndo_poll_controller ().
- ibmvnic: Update driver queues after change in ring size support ().
- IB/rxe: support for 802.1q VLAN on the listener (bsc#1082387).
- ieee802154: 6lowpan: set IFLA_LINK (bsc#1051510).
- ieee802154: at86rf230: switch from BUG_ON() to WARN_ON() on problem (bsc#1051510).
- ieee802154: at86rf230: use __func__ macro for debug messages (bsc#1051510).
- ieee802154: fakelb: switch from BUG_ON() to WARN_ON() on problem (bsc#1051510).
- iio: accel: adxl345: convert address field usage in iio_chan_spec (bsc#1051510).
- iio: ad5064: Fix regulator handling (bsc#1051510).
- iio:st_magn: Fix enable device after trigger (bsc#1051510).
- ima: fix showing large 'violations' or 'runtime_measurements_count' (bsc#1051510).
- include/linux/pfn_t.h: force '~' to be parsed as an unary operator (bsc#1051510).
- include modules.fips in kernel-binary as well as kernel-binary-base ().
- inet: make sure to grab rcu_read_lock before using ireq->ireq_opt (networking-stable-18_10_16).
- initramfs: fix initramfs rebuilds w/ compression after disabling (git-fixes).
- Input: add official Raspberry Pi's touchscreen driver ().
- Input: cros_ec_keyb - fix button/switch capability reports (bsc#1051510).
- Input: elan_i2c - add ACPI ID for Lenovo IdeaPad 330-15ARR (bsc#1051510).
- Input: elan_i2c - add ACPI ID for Lenovo IdeaPad 330-15IGM (bsc#1051510).
- Input: elan_i2c - add ELAN0620 to the ACPI table (bsc#1051510).
- Input: elan_i2c - add support for ELAN0621 touchpad (bsc#1051510).
- Input: hyper-v - fix wakeup from suspend-to-idle (bsc#1051510).
- Input: matrix_keypad - check for errors from of_get_named_gpio() (bsc#1051510).
- Input: nomadik-ske-keypad - fix a loop timeout test (bsc#1051510).
- Input: omap-keypad - fix keyboard debounce configuration (bsc#1051510).
- Input: synaptics - add PNP ID for ThinkPad P50 to SMBus (bsc#1051510).
- Input: synaptics - avoid using uninitialized variable when probing (bsc#1051510).
- Input: synaptics - enable SMBus for HP 15-ay000 (bsc#1051510).
- Input: xpad - add PDP device id 0x02a4 (bsc#1051510).
- Input: xpad - add support for Xbox1 PDP Camo series gamepad (bsc#1051510).
- Input: xpad - avoid using __set_bit() for capabilities (bsc#1051510).
- Input: xpad - fix some coding style issues (bsc#1051510).
- Input: xpad - quirk all PDP Xbox One gamepads (bsc#1051510).
- integrity/security: fix digsig.c build error with header file (bsc#1051510).
- intel_th: msu: Fix an off-by-one in attribute store (bsc#1051510).
- iommu/amd: Fix amd_iommu=force_isolation (bsc#1106105).
- iommu/arm-smmu: Ensure that page-table updates are visible before TLBI (bsc#1106237).
- iommu/ipmmu-vmsa: Fix crash on early domain free (bsc#1106105).
- iommu/vt-d: Fix NULL pointer dereference in prq_event_thread() (bsc#1106105).
- iommu/vt-d: Handle domain agaw being less than iommu agaw (bsc#1106105).
- iommu/vt-d: Use memunmap to free memremap (bsc#1106105).
- ip6_tunnel: be careful when accessing the inner header (networking-stable-18_10_16).
- ip6_tunnel: Fix encapsulation layout (networking-stable-18_11_02).
- ip6_vti: fix a null pointer deference when destroy vti6 tunnel (networking-stable-18_09_11).
- ipmi: Fix timer race with module unload (bsc#1051510).
- ip_tunnel: be careful when accessing the inner header (networking-stable-18_10_16).
- ip_tunnel: do not force DF when MTU is locked (networking-stable-18_11_21).
- ipv4: lock mtu in fnhe when received PMTU < net.ipv4.route.min_pmtu (networking-stable-18_11_21).
- ipv4: tcp: send zero IPID for RST and ACK sent in SYN-RECV and TIME-WAIT state (networking-stable-18_09_11).
- ipv6: Fix PMTU updates for UDP/raw sockets in presence of VRF (networking-stable-18_11_21).
- ipv6: fix possible use-after-free in ip6_xmit() (networking-stable-18_09_24).
- ipv6: mcast: fix a use-after-free in inet6_mc_check (networking-stable-18_11_02).
- ipv6/ndisc: Preserve IPv6 control buffer if protocol error handlers are called (networking-stable-18_11_02).
- ipv6: take rcu lock in rawv6_send_hdrinc() (networking-stable-18_10_16).
- iwlwifi: add new cards for 9560, 9462, 9461 and killer series (bsc#1051510).
- iwlwifi: dbg: allow wrt collection before ALIVE (bsc#1051510).
- iwlwifi: do not WARN on trying to dump dead firmware (bsc#1051510).
- iwlwifi: fix LED command capability bit (bsc#1119086).
- iwlwifi: fix non_shared_ant for 22000 devices (bsc#1119086).
- iwlwifi: fix wrong WGDS_WIFI_DATA_SIZE (bsc#1119086).
- iwlwifi: mvm: check for short GI only for OFDM (bsc#1051510).
- iwlwifi: mvm: check return value of rs_rate_from_ucode_rate() (bsc#1051510).
- iwlwifi: mvm: do not send GEO_TX_POWER_LIMIT to old firmwares (bsc#1119086).
- iwlwifi: mvm: do not use SAR Geo if basic SAR is not used (bsc#1051510).
- iwlwifi: mvm: fix BAR seq ctrl reporting (bsc#1051510).
- iwlwifi: mvm: fix regulatory domain update when the firmware starts (bsc#1051510).
- iwlwifi: mvm: support sta_statistics() even on older firmware (bsc#1051510).
- iwlwifi: nvm: get num of hw addresses from firmware (bsc#1119086).
- iwlwifi: pcie: avoid empty free RB queue (bsc#1051510).
- iwlwifi: pcie: do not reset TXQ write pointer (bsc#1051510).
- jffs2: free jffs2_sb_info through jffs2_kill_sb() (bsc#1118767).
- jump_label: Split out code under the hotplug lock (bsc#1106913).
- KABI fix for 'NFSv4.1: Fix up replays of interrupted requests' (git-fixes).
- KABI: hwpoison, memory_hotplug: allow hwpoisoned pages to be offlined (bnc#1116336).
- KABI: mask raw in struct bpf_reg_state (bsc#1083647).
- KABI: powerpc: Revert npu callback signature change (bsc#1055120).
- KABI protect hnae_ae_ops (bsc#1104353).
- KABI: protect struct fib_nh_exception (kabi).
- KABI: protect struct rtable (kabi).
- kbuild: allow to use GCC toolchain not in Clang search path (git-fixes).
- kbuild: fix kernel/bounds.c 'W=1' warning (bsc#1051510).
- kbuild: fix linker feature test macros when cross compiling with Clang (git-fixes).
- kbuild: make missing $DEPMOD a Warning instead of an Error (git-fixes).
- kbuild: move '_all' target out of $(KBUILD_SRC) conditional (bsc#1114279).
- kbuild: rpm-pkg: keep spec file until make mrproper (git-fixes).
- Kbuild: suppress packed-not-aligned warning for default setting only (git-fixes).
- kbuild: verify that $DEPMOD is installed (git-fixes).
- kdb: use memmove instead of overlapping memcpy (bsc#1120954).
- kernfs: Replace strncpy with memcpy (bsc#1120053).
- keys: Fix the use of the C++ keyword 'private' in uapi/linux/keyctl.h (Git-fixes).
- kgdboc: Passing ekgdboc to command line causes panic (bsc#1051510).
- kobject: Replace strncpy with memcpy (git-fixes).
- kprobes: Make list and blacklist root user read only (git-fixes).
- KVM: arm/arm64: Introduce vcpu_el1_is_32bit (bsc#1110998).
- KVM: hyperv: idr_find needs RCU protection (bsc#1107207).
- KVM: introduce kvm_make_vcpus_request_mask() API (bsc#1107207).
- KVM: nVMX: Always reflect #NM VM-exits to L1 (bsc#1106240).
- KVM: nVMX: move check_vmentry_postreqs() call to nested_vmx_enter_non_root_mode() (bsc#1106240).
- KVM: PPC: Book3S PR: Enable use on POWER9 inside HPT-mode guests (bsc#1118484).
- KVM: s390: vsie: copy wrapping keys to right place (git-fixes).
- KVM: svm: Ensure an IBPB on all affected CPUs when freeing a vmcb (bsc#1114279).
- KVM: VMX: re-add ple_gap module parameter (bsc#1106240).
- KVM: x86: ensure all MSRs can always be KVM_GET/SET_MSR'd (bsc#1107207).
- KVM: x86: factor out kvm.arch.hyperv (de)init (bsc#1107207).
- KVM: x86: Fix kernel info-leak in KVM_HC_CLOCK_PAIRING hypercall (bsc#1106240).
- KVM: x86: hyperv: delete dead code in kvm_hv_hypercall() (bsc#1107207).
- KVM: x86: hyperv: do rep check for each hypercall separately (bsc#1107207).
- KVM: x86: hyperv: guest->host event signaling via eventfd (bsc#1107207).
- KVM: x86: hyperv: simplistic HVCALL_FLUSH_VIRTUAL_ADDRESS_{LIST,SPACE}_EX implementation (bsc#1107207).
- KVM: x86: hyperv: simplistic HVCALL_FLUSH_VIRTUAL_ADDRESS_{LIST,SPACE} implementation (bsc#1107207).
- KVM: x86: hyperv: use defines when parsing hypercall parameters (bsc#1107207).
- KVM: x86: VMX: hyper-v: Enlightened MSR-Bitmap support (bsc#1107207).
- libata: whitelist all SAMSUNG MZ7KM* solid-state disks (bsc#1051510).
- libceph: bump CEPH_MSG_MAX_DATA_LEN (bsc#1114839).
- libceph: fall back to sendmsg for slab pages (bsc#1118316).
- libertas: do not set URB_ZERO_PACKET on IN USB transfer (bsc#1051510).
- libertas_tf: prevent underflow in process_cmdrequest() (bsc#1119086).
- libnvdimm: Hold reference on parent while scheduling async init (bsc#1116891).
- libnvdimm, pfn: Pad pfn namespaces relative to other regions (bsc#1118962).
- libnvdimm, pmem: Fix badblocks population for 'raw' namespaces (bsc#1118788).
- libnvdimm, region: Fail badblocks listing for inactive regions (bsc#1116899).
- lib/raid6: Fix arm64 test build (bsc#1051510).
- lib/ubsan.c: do not mark __ubsan_handle_builtin_unreachable as noreturn (bsc#1051510).
- Limit max FW API version for QCA9377 (bsc#1121714, bsc#1121715).
- linux/bitmap.h: fix type of nbits in bitmap_shift_right() (bsc#1051510).
- llc: set SOCK_RCU_FREE in llc_sap_add_socket() (networking-stable-18_11_02).
- locking/barriers: Convert users of lockless_dereference() to READ_ONCE() (Git-fixes).
- locking/static_keys: Improve uninitialized key warning (bsc#1106913).
- mac80211: Always report TX status (bsc#1051510).
- mac80211: Clear beacon_int in ieee80211_do_stop (bsc#1051510).
- mac80211: fix reordering of buffered broadcast packets (bsc#1051510).
- mac80211: fix TX status reporting for ieee80211s (bsc#1051510).
- mac80211_hwsim: do not omit multicast announce of first added radio (bsc#1051510).
- mac80211_hwsim: fix module init error paths for netlink (bsc#1051510).
- mac80211_hwsim: Timer should be initialized before device registered (bsc#1051510).
- mac80211: ignore NullFunc frames in the duplicate detection (bsc#1051510).
- mac80211: ignore tx status for PS stations in ieee80211_tx_status_ext (bsc#1051510).
- mac80211: TDLS: fix skb queue/priority assignment (bsc#1051510).
- mach64: fix display corruption on big endian machines (bsc#1113722)
- mach64: fix image corruption due to reading accelerator registers (bsc#1113722)
- mailbox: PCC: handle parse error (bsc#1051510).
- Mark HI and TASKLET softirq synchronous (git-fixes).
- md: allow metadata updates while suspending an array - fix (git-fixes).
- MD: fix invalid stored role for a disk - try2 (git-fixes).
- md: fix raid10 hang issue caused by barrier (git-fixes).
- media: em28xx: Fix use-after-free when disconnecting (bsc#1051510).
- media: em28xx: make v4l2-compliance happier by starting sequence on zero (bsc#1051510).
- media: omap3isp: Unregister media device as first (bsc#1051510).
- memory_hotplug: cond_resched in __remove_pages (bnc#1114178).
- mfd: menelaus: Fix possible race condition and leak (bsc#1051510).
- mfd: omap-usb-host: Fix dts probe of children (bsc#1051510).
- mlxsw: spectrum: Fix IP2ME CPU policer configuration (networking-stable-18_11_21).
- mmc: bcm2835: reset host on timeout (bsc#1051510).
- mmc: core: Allow BKOPS and CACHE ctrl even if no HPI support (bsc#1051510).
- mmc: core: Reset HPI enabled state during re-init and in case of errors (bsc#1051510).
- mmc: core: Use a minimum 1600ms timeout when enabling CACHE ctrl (bsc#1051510).
- mmc: dw_mmc-bluefield: Add driver extension (bsc#1118752).
- mmc: dw_mmc-k3: add sd support for hi3660 (bsc#1118752).
- mmc: dw_mmc-rockchip: correct property names in debug (bsc#1051510).
- MMC: OMAP: fix broken MMC on OMAP15XX/OMAP5910/OMAP310 (bsc#1051510).
- mmc: omap_hsmmc: fix DMA API warning (bsc#1051510).
- mmc: sdhci: fix the timeout check window for clock and reset (bsc#1051510).
- mmc: sdhci-pci-o2micro: Add quirk for O2 Micro dev 0x8620 rev 0x01 (bsc#1051510).
- mm: do not miss the last page because of round-off error (bnc#1118798).
- mm: do not warn about large allocations for slab (git fixes (slab)).
- mm: handle no memcg case in memcg_kmem_charge() properly (bnc#1113677).
- mm/huge_memory.c: reorder operations in __split_huge_page_tail() (VM Functionality bsc#1119962).
- mm/huge_memory: fix lockdep complaint on 32-bit i_size_read() (VM Functionality, bsc#1121599).
- mm/huge_memory: rename freeze_page() to unmap_page() (VM Functionality, bsc#1121599).
- mm/huge_memory: splitting set mapping+index before unfreeze (VM Functionality, bsc#1121599).
- mm: hugetlb: yield when prepping struct pages (git fixes (memory initialisation)).
- mm/khugepaged: collapse_shmem() do not crash on Compound (VM Functionality, bsc#1121599).
- mm/khugepaged: collapse_shmem() remember to clear holes (VM Functionality, bsc#1121599).
- mm/khugepaged: collapse_shmem() stop if punched or truncated (VM Functionality, bsc#1121599).
- mm/khugepaged: collapse_shmem() without freezing new_page (VM Functionality, bsc#1121599).
- mm/khugepaged: fix crashes due to misaccounted holes (VM Functionality, bsc#1121599).
- mm/khugepaged: minor reorderings in collapse_shmem() (VM Functionality, bsc#1121599).
- mm: lower the printk loglevel for __dump_page messages (generic hotplug debugability).
- mm, memory_hotplug: be more verbose for memory offline failures (generic hotplug debugability).
- mm, memory_hotplug: drop pointless block alignment checks from __offline_pages (generic hotplug debugability).
- mm, memory_hotplug: print reason for the offlining failure (generic hotplug debugability).
- mm: migration: fix migration of huge PMD shared pages (bnc#1086423).
- mm: only report isolation failures when offlining memory (generic hotplug debugability).
- mm: print more information about mapping in __dump_page (generic hotplug debugability).
- mm: put_and_wait_on_page_locked() while page is migrated (bnc#1109272).
- mm: rework memcg kernel stack accounting (bnc#1113677).
- mm: sections are not offlined during memory hotremove (bnc#1119968).
- mm: shmem.c: Correctly annotate new inodes for lockdep (Git fixes: shmem).
- mm/vmstat.c: fix NUMA statistics updates (git fixes).
- mount: Do not allow copying MNT_UNBINDABLE|MNT_LOCKED mounts (bsc#1117819).
- mount: Prevent MNT_DETACH from disconnecting locked mounts (bsc#1117820).
- mount: Retest MNT_LOCKED in do_umount (bsc#1117818).
- Move dell_rbu fix to sorted section (bsc#1087978).
- Move USB-audio UAF fix patch to sorted section
- mtd: cfi: convert inline functions to macros (git-fixes).
- mtd: Fix comparison in map_word_andequal() (git-fixes).
- namei: allow restricted O_CREAT of FIFOs and regular files (bsc#1118766).
- nbd: do not allow invalid blocksize settings (Git-fixes).
- neighbour: confirm neigh entries when ARP packet is received (networking-stable-18_09_24).
- net/af_iucv: drop inbound packets with invalid flags (bnc#1113501, LTC#172679).
- net/af_iucv: fix skb handling on HiperTransport xmit error (bnc#1113501, LTC#172679).
- net/appletalk: fix minor pointer leak to userspace in SIOCFINDIPDDPRT (networking-stable-18_09_24).
- net: aquantia: memory corruption on jumbo frames (networking-stable-18_10_16).
- net: bcmgenet: Poll internal PHY for GENETv5 (networking-stable-18_11_02).
- net: bcmgenet: protect stop from timeout (networking-stable-18_11_21).
- net: bcmgenet: use MAC link status for fixed phy (networking-stable-18_09_11).
- net: bgmac: Fix endian access in bgmac_dma_tx_ring_free() (bsc#1051510).
- net: bridge: remove ipv6 zero address check in mcast queries (git-fixes).
- net: dsa: bcm_sf2: Call setup during switch resume (networking-stable-18_10_16).
- net: dsa: bcm_sf2: Fix unbind ordering (networking-stable-18_10_16).
- net: dsa: mv88e6xxx: Fix binding documentation for MDIO busses (git-fixes).
- net: dsa: qca8k: Add QCA8334 binding documentation (git-fixes).
- net: ena: add functions for handling Low Latency Queues in ena_com (bsc#1111696 bsc#1117561).
- net: ena: add functions for handling Low Latency Queues in ena_netdev (bsc#1111696 bsc#1117561).
- net: ena: change rx copybreak default to reduce kernel memory pressure (bsc#1111696 bsc#1117561).
- net: ena: complete host info to match latest ENA spec (bsc#1111696 bsc#1117561).
- net: ena: enable Low Latency Queues (bsc#1111696 bsc#1117561).
- net: ena: explicit casting and initialization, and clearer error handling (bsc#1111696 bsc#1117561).
- net: ena: fix auto casting to boolean (bsc#1111696 bsc#1117561).
- net: ena: fix compilation error in xtensa architecture (bsc#1111696 bsc#1117561).
- net: ena: fix crash during ena_remove() (bsc#1111696 bsc#1117561).
- net: ena: fix crash during failed resume from hibernation (bsc#1111696 bsc#1117561).
- net: ena: fix indentations in ena_defs for better readability (bsc#1111696 bsc#1117561).
- net: ena: Fix Kconfig dependency on X86 (bsc#1111696 bsc#1117561).
- net: ena: fix NULL dereference due to untimely napi initialization (bsc#1111696 bsc#1117561).
- net: ena: fix rare bug when failed restart/resume is followed by driver removal (bsc#1111696 bsc#1117561).
- net: ena: fix warning in rmmod caused by double iounmap (bsc#1111696 bsc#1117561).
- net: ena: introduce Low Latency Queues data structures according to ENA spec (bsc#1111696 bsc#1117561).
- net: ena: limit refill Rx threshold to 256 to avoid latency issues (bsc#1111696 bsc#1117561).
- net: ena: minor performance improvement (bsc#1111696 bsc#1117561).
- net: ena: remove ndo_poll_controller (bsc#1111696 bsc#1117561).
- net: ena: remove redundant parameter in ena_com_admin_init() (bsc#1111696 bsc#1117561).
- net: ena: update driver version from 2.0.1 to 2.0.2 (bsc#1111696 bsc#1117561).
- net: ena: update driver version to 2.0.1 (bsc#1111696 bsc#1117561).
- net: ena: use CSUM_CHECKED device indication to report skb's checksum status (bsc#1111696 bsc#1117561).
- net: fec: do not dump RX FIFO register when not available (networking-stable-18_11_02).
- net-gro: reset skb->pkt_type in napi_reuse_skb() (networking-stable-18_11_21).
- net: hns3: Add nic state check before calling netif_tx_wake_queue (bsc#1104353).
- net: hns3: Add support for hns3_nic_netdev_ops.ndo_do_ioctl (bsc#1104353).
- net: hns3: bugfix for buffer not free problem during resetting (bsc#1104353).
- net: hns3: bugfix for handling mailbox while the command queue reinitialized (bsc#1104353).
- net: hns3: bugfix for hclge_mdio_write and hclge_mdio_read (bsc#1104353).
- net: hns3: bugfix for is_valid_csq_clean_head() (bsc#1104353 ).
- net: hns3: bugfix for reporting unknown vector0 interrupt repeatly problem (bsc#1104353).
- net: hns3: bugfix for rtnl_lock's range in the hclgevf_reset() (bsc#1104353).
- net: hns3: bugfix for the initialization of command queue's spin lock (bsc#1104353).
- net: hns3: Check hdev state when getting link status (bsc#1104353).
- net: hns3: Clear client pointer when initialize client failed or unintialize finished (bsc#1104353).
- net: hns3: Fix cmdq registers initialization issue for vf (bsc#1104353).
- net: hns3: Fix error of checking used vlan id (bsc#1104353 ).
- net: hns3: Fix ets validate issue (bsc#1104353).
- net: hns3: Fix for netdev not up problem when setting mtu (bsc#1104353).
- net: hns3: Fix for out-of-bounds access when setting pfc back pressure (bsc#1104353).
- net: hns3: Fix for packet buffer setting bug (bsc#1104353 ).
- net: hns3: Fix for rx vlan id handle to support Rev 0x21 hardware (bsc#1104353).
- net: hns3: Fix for setting speed for phy failed problem (bsc#1104353).
- net: hns3: Fix for vf vlan delete failed problem (bsc#1104353 ).
- net: hns3: Fix loss of coal configuration while doing reset (bsc#1104353).
- net: hns3: Fix parameter type for q_id in hclge_tm_q_to_qs_map_cfg() (bsc#1104353).
- net: hns3: Fix ping exited problem when doing lp selftest (bsc#1104353).
- net: hns3: Preserve vlan 0 in hardware table (bsc#1104353 ).
- net: hns3: remove unnecessary queue reset in the hns3_uninit_all_ring() (bsc#1104353).
- net: hns3: Set STATE_DOWN bit of hdev state when stopping net (bsc#1104353).
- net: hns: fix for unmapping problem when SMMU is on (networking-stable-18_10_16).
- net: hp100: fix always-true check for link up state (networking-stable-18_09_24).
- net: ibm: fix return type of ndo_start_xmit function ().
- net/ibmnvic: Fix deadlock problem in reset ().
- net/ibmvnic: Fix RTNL deadlock during device reset (bnc#1115431).
- net: ipmr: fix unresolved entry dumps (networking-stable-18_11_02).
- net: ipv4: do not let PMTU updates increase route MTU (git-fixes).
- net/ipv6: Display all addresses in output of /proc/net/if_inet6 (networking-stable-18_10_16).
- net/ipv6: Fix index counter for unicast addresses in in6_dump_addrs (networking-stable-18_11_02).
- netlabel: check for IPV4MASK in addrinfo_get (networking-stable-18_10_16).
- net: macb: do not disable MDIO bus at open/close time (networking-stable-18_09_11).
- net/mlx4_core: Correctly set PFC param if global pause is turned off (bsc#1046299).
- net/mlx5: Check for error in mlx5_attach_interface (networking-stable-18_09_18).
- net/mlx5e: Fix selftest for small MTUs (networking-stable-18_11_21).
- net/mlx5e: Set vlan masks for all offloaded TC rules (networking-stable-18_10_16).
- net/mlx5: E-Switch, Fix memory leak when creating switchdev mode FDB tables (networking-stable-18_09_18).
- net/mlx5: E-Switch, Fix out of bound access when setting vport rate (networking-stable-18_10_16).
- net/mlx5: Fix debugfs cleanup in the device init/remove flow (networking-stable-18_09_18).
- net/mlx5: Fix use-after-free in self-healing flow (networking-stable-18_09_18).
- net/mlx5: Take only bit 24-26 of wqe.pftype_wq for page fault type (networking-stable-18_11_02).
- net: mvpp2: Extract the correct ethtype from the skb for tx csum offload (networking-stable-18_10_16).
- net: mvpp2: fix a txq_done race condition (networking-stable-18_10_16).
- net/packet: fix packet drop as of virtio gso (networking-stable-18_10_16).
- net: phy: mdio-gpio: Fix working over slow can_sleep GPIOs (networking-stable-18_11_21).
- net: qca_spi: Fix race condition in spi transfers (networking-stable-18_09_18).
- net: qmi_wwan: add Wistron Neweb D19Q1 (bsc#1051510).
- net: sched: action_ife: take reference to meta module (networking-stable-18_09_11).
- net/sched: act_pedit: fix dump of extended layered op (networking-stable-18_09_11).
- net/sched: act_sample: fix NULL dereference in the data path (networking-stable-18_09_24).
- net: sched: Fix for duplicate class dump (networking-stable-18_11_02).
- net: sched: Fix memory exposure from short TCA_U32_SEL (networking-stable-18_09_11).
- net: sched: gred: pass the right attribute to gred_change_table_def() (networking-stable-18_11_02).
- net: smsc95xx: Fix MTU range (networking-stable-18_11_21).
- net: socket: fix a missing-check bug (networking-stable-18_11_02).
- net: stmmac: Fix stmmac_mdio_reset() when building stmmac as modules (networking-stable-18_11_02).
- net: stmmac: Fixup the tail addr setting in xmit path (networking-stable-18_10_16).
- net: systemport: Fix wake-up interrupt race during resume (networking-stable-18_10_16).
- net: systemport: Protect stop from timeout (networking-stable-18_11_21).
- net: udp: fix handling of CHECKSUM_COMPLETE packets (networking-stable-18_11_02).
- net/usb: cancel pending work when unbinding smsc75xx (networking-stable-18_10_16).
- net: usb: r8152: constify usb_device_id (bsc#1119749).
- net: usb: r8152: use irqsave() in USB's complete callback (bsc#1119749).
- nfp: wait for posted reconfigs when disabling the device (networking-stable-18_09_11).
- nfs: Avoid RCU usage in tracepoints (git-fixes).
- nfs: commit direct writes even if they fail partially (git-fixes).
- nfsd4: permit layoutget of executable-only files (git-fixes).
- nfsd: check for use of the closed special stateid (git-fixes).
- nfsd: CLOSE SHOULD return the invalid special stateid for NFSv4.x (x>0) (git-fixes).
- nfsd: deal with revoked delegations appropriately (git-fixes).
- nfsd: Ensure we check stateid validity in the seqid operation checks (git-fixes).
- nfsd: Fix another OPEN stateid race (git-fixes).
- nfsd: fix corrupted reply to badly ordered compound (git-fixes).
- nfsd: fix potential use-after-free in nfsd4_decode_getdeviceinfo (git-fixes).
- nfsd: Fix stateid races between OPEN and CLOSE (git-fixes).
- nfs: do not wait on commit in nfs_commit_inode() if there were no commit requests (git-fixes).
- nfsd: restrict rd_maxcount to svc_max_payload in nfsd_encode_readdir (git-fixes).
- nfs: Ensure we commit after writeback is complete (bsc#1111809).
- nfs: Fix an incorrect type in struct nfs_direct_req (git-fixes).
- nfs: Fix a typo in nfs_rename() (git-fixes).
- nfs: Fix typo in nomigration mount option (git-fixes).
- nfs: Fix unstable write completion (git-fixes).
- nfsv4.0 fix client reference leak in callback (git-fixes).
- nfsv4.1: Fix a potential layoutget/layoutrecall deadlock (git-fixes).
- nfsv4.1 fix infinite loop on I/O (git-fixes).
- nfsv4.1: Fix the client behaviour on NFS4ERR_SEQ_FALSE_RETRY (git-fixes).
- nfsv4.1: Fix up replays of interrupted requests (git-fixes).
- nfsv4: Fix a typo in nfs41_sequence_process (git-fixes).
- nl80211: Fix possible Spectre-v1 for CQM RSSI thresholds (bsc#1051510).
- nl80211: Fix possible Spectre-v1 for NL80211_TXRATE_HT (bsc#1051510).
- nospec: Allow index argument to have const-qualified type (git-fixes)
- nospec: Include <asm/barrier.h> dependency (bsc#1114279).
- nospec: Kill array_index_nospec_mask_check() (git-fixes).
- nvme-fc: resolve io failures during connect (bsc#1116803).
- nvme: Free ctrl device name on init failure ().
- nvme-multipath: zero out ANA log buffer (bsc#1105168).
- nvme: validate controller state before rescheduling keep alive (bsc#1103257).
- objtool: Detect RIP-relative switch table references (bsc#1058115).
- objtool: Detect RIP-relative switch table references, part 2 (bsc#1058115).
- objtool: Fix another switch table detection issue (bsc#1058115).
- objtool: Fix double-free in .cold detection error path (bsc#1058115).
- objtool: Fix GCC 8 cold subfunction detection for aliased functions (bsc#1058115).
- objtool: Fix 'noreturn' detection for recursive sibling calls (bsc#1058115).
- objtool: Fix segfault in .cold detection with -ffunction-sections (bsc#1058115).
- objtool: Support GCC 8's cold subfunctions (bsc#1058115).
- objtool: Support GCC 8 switch tables (bsc#1058115).
- ocfs2: fix a misuse a of brelse after failing ocfs2_check_dir_entry (bsc#1117817).
- ocfs2: fix locking for res->tracking and dlm->tracking_list (bsc#1117816).
- ocfs2: fix ocfs2 read block panic (bsc#1117815).
- ocfs2: free up write context when direct IO failed (bsc#1117821).
- ocfs2: subsystem.su_mutex is required while accessing the item->ci_parent (bsc#1117808).
- openvswitch: Fix push/pop ethernet validation (networking-stable-18_11_02).
- panic: avoid deadlocks in re-entrant console drivers (bsc#1088386).
- PCI: Add ACS quirk for Ampere root ports (bsc#1120058).
- PCI: Add ACS quirk for APM X-Gene devices (bsc#1120058).
- PCI: Add Device IDs for Intel GPU 'spurious interrupt' quirk (bsc#1051510).
- PCI/ASPM: Do not initialize link state when aspm_disabled is set (bsc#1051510).
- PCI: Convert device-specific ACS quirks from NULL termination to ARRAY_SIZE (bsc#1120058).
- PCI: Delay after FLR of Intel DC P3700 NVMe (bsc#1120058).
- PCI: Disable Samsung SM961/PM961 NVMe before FLR (bsc#1120058).
- PCI: dwc: remove duplicate fix References: bsc#1115269 Patch has been already applied by the following commit: 9f73db8b7c PCI: dwc: Fix enumeration end when reaching root subordinate (bsc#1051510)
- PCI: Export pcie_has_flr() (bsc#1120058).
- PCI: hv: Convert remove_lock to refcount (bsc#1107207).
- PCI: hv: Fix return value check in hv_pci_assign_slots() (bsc#1107207).
- PCI: hv: Remove unused reason for refcount handler (bsc#1107207).
- PCI: hv: Replace GFP_ATOMIC with GFP_KERNEL in new_pcichild_device() (bsc#1107207).
- PCI: hv: support reporting serial number as slot information (bsc#1107207).
- PCI: hv: Use effective affinity mask (bsc#1109772).
- PCI: hv: Use list_for_each_entry() (bsc#1107207).
- PCI: imx6: Fix link training status detection in link up check (bsc#1109806).
- PCI: iproc: Activate PAXC bridge quirk for more devices (bsc#1120058).
- PCI: iproc: Remove PAXC slot check to allow VF support (bsc#1109806).
- PCI: Mark Ceton InfiniTV4 INTx masking as broken (bsc#1120058).
- PCI: Mark fall-through switch cases before enabling -Wimplicit-fallthrough (bsc#1120058).
- PCI: Mark Intel XXV710 NIC INTx masking as broken (bsc#1120058).
- PCI/MSI: Warn and return error if driver enables MSI/MSI-X twice (bsc#1051510).
- PCI: vmd: Assign vector zero to all bridges (bsc#1109806).
- PCI: vmd: Detach resources after stopping root bus (bsc#1109806).
- PCI: vmd: White list for fast interrupt handlers (bsc#1109806).
- pcmcia: Implement CLKRUN protocol disabling for Ricoh bridges (bsc#1051510).
- percpu: make this_cpu_generic_read() atomic w.r.t. interrupts (bsc#1114279).
- perf: fix invalid bit in diagnostic entry (git-fixes).
- perf tools: Fix tracing_path_mount proper path (git-fixes).
- pinctrl: at91-pio4: fix has_config check in atmel_pctl_dt_subnode_to_map() (bsc#1051510).
- pinctrl: meson: fix pinconf bias disable (bsc#1051510).
- pinctrl: qcom: spmi-mpp: Fix drive strength setting (bsc#1051510).
- pinctrl: qcom: spmi-mpp: Fix err handling of pmic_mpp_set_mux (bsc#1051510).
- pinctrl: spmi-mpp: Fix pmic_mpp_config_get() to be compliant (bsc#1051510).
- pinctrl: ssbi-gpio: Fix pm8xxx_pin_config_get() to be compliant (bsc#1051510).
- platform-msi: Free descriptors in platform_msi_domain_free() (bsc#1051510).
- platform/x86: acerhdf: Add BIOS entry for Gateway LT31 v1.3307 (bsc#1051510).
- platform/x86: intel_telemetry: report debugfs failure (bsc#1051510).
- pNFS: Always free the session slot on error in nfs4_layoutget_handle_exception (git-fixes).
- pNFS: Do not release the sequence slot until we've processed layoutget on open (git-fixes).
- pNFS: Prevent the layout header refcount going to zero in pnfs_roc() (git-fixes).
- powerpc/64s: consolidate MCE counter increment (bsc#1094244).
- powerpc/64s/hash: Do not use PPC_INVALIDATE_ERAT on CPUs before POWER9 (bsc#1065729).
- powerpc/64s/radix: Fix process table entry cache invalidation (bsc#1055186, git-fixes).
- powerpc/boot: Expose Kconfig symbols to wrapper (bsc#1065729).
- powerpc/boot: Fix build failures with -j 1 (bsc#1065729).
- powerpc/boot: Fix opal console in boot wrapper (bsc#1065729).
- powerpc/mm: Fix typo in comments (bsc#1065729).
- powerpc/mm/keys: Move pte bits to correct headers (bsc#1078248).
- powerpc/npu-dma.c: Fix crash after __mmu_notifier_register failure (bsc#1055120).
- powerpc/perf: Update raw-event code encoding comment for power8 (bsc#1065729).
- powerpc/pkeys: Fix handling of pkey state across fork() (bsc#1078248, git-fixes).
- powerpc/powernv: Do not select the cpufreq governors (bsc#1065729).
- powerpc/powernv: Fix concurrency issue with npu->mmio_atsd_usage (bsc#1055120).
- powerpc/powernv: Fix opal_event_shutdown() called with interrupts disabled (bsc#1065729).
- powerpc/powernv: Fix save/restore of SPRG3 on entry/exit from stop (idle) (bsc#1055121).
- powerpc/powernv/npu: Add lock to prevent race in concurrent context init/destroy (bsc#1055120).
- powerpc/powernv/npu: Do not explicitly flush nmmu tlb (bsc#1055120).
- powerpc/powernv/npu: Fix deadlock in mmio_invalidate() (bsc#1055120).
- powerpc/powernv/npu: Prevent overwriting of pnv_npu2_init_contex() callback parameters (bsc#1055120).
- powerpc/powernv/npu: Use flush_all_mm() instead of flush_tlb_mm() (bsc#1055120).
- powerpc/powernv/pci: Work around races in PCI bridge enabling (bsc#1055120).
- powerpc/pseries: Fix DTL buffer registration (bsc#1065729).
- powerpc/pseries: Fix how we iterate over the DTL entries (bsc#1065729).
- powerpc/pseries/mobility: Extend start/stop topology update scope (bsc#1116950, bsc#1115709).
- powerpc/pseries: Track LMB nid instead of using device tree (bsc#1108270).
- powerpc/traps: restore recoverability of machine_check interrupts (bsc#1094244).
- power: supply: max8998-charger: Fix platform data retrieval (bsc#1051510).
- power: supply: olpc_battery: correct the temperature units (bsc#1051510).
- pppoe: fix reception of frames with no mac header (networking-stable-18_09_24).
- printk: Fix panic caused by passing log_buf_len to command line (bsc#1117168).
- provide linux/set_memory.h (bsc#1113295).
- ptp: fix Spectre v1 vulnerability (bsc#1051510).
- ptrace: Remove unused ptrace_may_access_sched() and MODE_IBRS (bsc#1106913).
- pwm: lpss: Release runtime-pm reference from the driver's remove callback (bsc#1051510).
- pxa168fb: prepare the clock (bsc#1051510).
- qed: Add driver support for 20G link speed (bsc#1110558).
- qed: Add support for virtual link (bsc#1111795).
- qede: Add driver support for 20G link speed (bsc#1110558).
- qmi_wwan: apply SET_DTR quirk to the SIMCOM shared device ID (bsc#1051510).
- qmi_wwan: Support dynamic config on Quectel EP06 (bsc#1051510).
- r8152: add byte_enable for ocp_read_word function (bsc#1119749).
- r8152: add Linksys USB3GIGV1 id (bsc#1119749).
- r8152: add r8153_phy_status function (bsc#1119749).
- r8152: adjust lpm settings for RTL8153 (bsc#1119749).
- r8152: adjust rtl8153_runtime_enable function (bsc#1119749).
- r8152: adjust the settings about MAC clock speed down for RTL8153 (bsc#1119749).
- r8152: adjust U2P3 for RTL8153 (bsc#1119749).
- r8152: avoid rx queue more than 1000 packets (bsc#1119749).
- r8152: check if disabling ALDPS is finished (bsc#1119749).
- r8152: correct the definition (bsc#1119749).
- r8152: disable RX aggregation on Dell TB16 dock (bsc#1119749).
- r8152: disable RX aggregation on new Dell TB16 dock (bsc#1119749).
- r8152: fix wrong checksum status for received IPv4 packets (bsc#1119749).
- r8152: move calling delay_autosuspend function (bsc#1119749).
- r8152: move the default coalesce setting for RTL8153 (bsc#1119749).
- r8152: move the initialization to reset_resume function (bsc#1119749).
- r8152: move the setting of rx aggregation (bsc#1119749).
- r8152: replace napi_complete with napi_complete_done (bsc#1119749).
- r8152: set rx mode early when linking on (bsc#1119749).
- r8152: split rtl8152_resume function (bsc#1119749).
- r8152: support new chip 8050 (bsc#1119749).
- r8152: support RTL8153B (bsc#1119749).
- r8169: fix NAPI handling under high load (networking-stable-18_11_02).
- rbd: whitelist RBD_FEATURE_OPERATIONS feature bit (Git-fixes).
- rcu: Allow for page faults in NMI handlers (bsc#1120092).
- RDMA/bnxt_re: Add missing spin lock initialization (bsc#1050244 ).
- RDMA/bnxt_re: Avoid accessing the device structure after it is freed (bsc#1050244).
- RDMA/bnxt_re: Avoid NULL check after accessing the pointer (bsc#1086283).
- RDMA/bnxt_re: Fix system hang when registration with L2 driver fails (bsc#1086283).
- RDMA/hns: Bugfix pbl configuration for rereg mr (bsc#1104427 ).
- RDMA/RXE: make rxe work over 802.1q VLAN devices (bsc#1082387).
- rds: fix two RCU related problems (networking-stable-18_09_18).
- README: Clean-up trailing whitespace
- Reenable support for KVM guest Earlier trimming of config-azure disabled also KVM. But since parts of QA are done within KVM guests, this flavor must be able to run within such guest type.
- remoteproc: qcom: Fix potential device node leaks (bsc#1051510).
- reset: hisilicon: fix potential NULL pointer dereference (bsc#1051510).
- reset: imx7: Fix always writing bits as 0 (bsc#1051510).
- reset: remove remaining WARN_ON() in <linux/reset.h> (Git-fixes).
- Revert 'ceph: fix dentry leak in splice_dentry()' (bsc#1114839).
- Revert commit ef9209b642f 'staging: rtl8723bs: Fix indenting errors and an off-by-one mistake in core/rtw_mlme_ext.c' (bsc#1051510).
- Revert 'iommu/io-pgtable-arm: Check for v7s-incapable systems' (bsc#1106105).
- Revert 'PCI/ASPM: Do not initialize link state when aspm_disabled is set' (bsc#1051510).
- Revert 'powerpc/64: Fix checksum folding in csum_add()' (bsc#1065729).
- Revert 'rpm/kernel-binary.spec.in: allow unsupported modules for -extra' This reverts commit 0d585a8c2d17de86869cc695fc7a5d10c6b96abb.
- Revert 'scsi: lpfc: ls_rjt erroneus FLOGIs' (bsc#1119322).
- Revert 'usb: dwc3: gadget: skip Set/Clear Halt when invalid' (bsc#1051510).
- Revert wlcore patch to follow stable tree develpment
- ring-buffer: Allow for rescheduling when removing pages (bsc#1120238).
- ring-buffer: Do no reuse reader page if still in use (bsc#1120096).
- ring-buffer: Mask out the info bits when returning buffer page length (bsc#1120094).
- rpm/kernel-binary.spec.in: add macros.s into kernel-*-devel Starting with 4.20-rc1, file arch/*/kernel/macros.s is needed to build out of tree modules. Add it to kernel-${flavor}-devel packages if it exists.
- rpm: use syncconfig instead of silentoldconfig where available Since mainline commit 0085b4191f3e ('kconfig: remove silentoldconfig target'), 'make silentoldconfig' can be no longer used. Use 'make syncconfig' instead if available.
- rtc: hctosys: Add missing range error reporting (bsc#1051510).
- rtc: m41t80: Correct alarm month range with RTC reads (bsc#1051510).
- rtc: pcf2127: fix a kmemleak caused in pcf2127_i2c_gather_write (bsc#1051510).
- rtc: snvs: Add timeouts to avoid kernel lockups (bsc#1051510).
- rtl8xxxu: Fix missing break in switch (bsc#1051510).
- rtnetlink: Disallow FDB configuration for non-Ethernet device (networking-stable-18_11_02).
- rtnetlink: fix rtnl_fdb_dump() for ndmsg header (networking-stable-18_10_16).
- rtnl: limit IFLA_NUM_TX_QUEUES and IFLA_NUM_RX_QUEUES to 4096 (networking-stable-18_10_16).
- s390/cpum_sf: Add data entry sizes to sampling trailer entry (git-fixes).
- s390/dasd: simplify locking in dasd_times_out (bsc#1104967,).
- s390/kdump: Fix elfcorehdr size calculation (bsc#1117953, LTC#171112).
- s390/kdump: Make elfcorehdr size calculation ABI compliant (bsc#1117953, LTC#171112).
- s390/kvm: fix deadlock when killed by oom (bnc#1113501, LTC#172235).
- s390/mm: Check for valid vma before zapping in gmap_discard (git-fixes).
- s390/mm: correct allocate_pgste proc_handler callback (git-fixes).
- s390: qeth_core_mpc: Use ARRAY_SIZE instead of reimplementing its function (bnc#1113501, LTC#172682).
- s390/qeth: fix HiperSockets sniffer (bnc#1113501, LTC#172953).
- s390/qeth: fix length check in SNMP processing (bsc#1117953, LTC#173657).
- s390: qeth: Fix potential array overrun in cmd/rc lookup (bnc#1113501, LTC#172682).
- s390/qeth: handle failure on workqueue creation (git-fixes).
- s390/qeth: remove outdated portname debug msg (bsc#1117953, LTC#172960).
- s390/qeth: report 25Gbit link speed (bnc#1113501, LTC#172959).
- s390/qeth: sanitize strings in debug messages (bsc#1117953, LTC#172960).
- s390: revert ELF_ET_DYN_BASE base changes (git-fixes).
- s390/sclp_tty: enable line mode tty even if there is an ascii console (git-fixes).
- s390/sthyi: add cache to store hypervisor info (LTC#160415, bsc#1068273).
- s390/sthyi: add s390_sthyi system call (LTC#160415, bsc#1068273).
- s390/sthyi: reorganize sthyi implementation (LTC#160415, bsc#1068273).
- sbitmap: fix race in wait batch accounting (Git-fixes).
- sched/core: Fix cpu.max vs. cpuhotplug deadlock (bsc#1106913).
- sched/fair: Fix infinite loop in update_blocked_averages() by reverting a9e7f6544b9c (Git fixes (scheduler)).
- sched/isolcpus: Fix 'isolcpus=' boot parameter handling when !CONFIG_CPUMASK_OFFSTACK (bsc#1107207).
- sched/smt: Expose sched_smt_present static key (bsc#1106913).
- sched/smt: Make sched_smt_present track topology (bsc#1106913).
- sched, tracing: Fix trace_sched_pi_setprio() for deboosting (bsc#1120228).
- scripts/git-pre-commit: make executable.
- scripts/git_sort/git_sort.py: add mkp/scsi.git 4.21/scsi-queue
- scripts/git_sort/git_sort.py: change SCSI git repos to make series sorting more failsafe.
- scsi: core: Avoid that SCSI device removal through sysfs triggers a deadlock (bsc#1114578).
- scsi: libsas: remove irq save in sas_ata_qc_issue() (bsc#1114580).
- scsi: lpfc: add support to retrieve firmware logs (bsc#1114015).
- scsi: lpfc: add Trunking support (bsc#1114015).
- scsi: lpfc: Cap NPIV vports to 256 (bsc#1118215).
- scsi: lpfc: Correct code setting non existent bits in sli4 ABORT WQE (bsc#1118215).
- scsi: lpfc: Correct errors accessing fw log (bsc#1114015).
- scsi: lpfc: Correct invalid EQ doorbell write on if_type=6 (bsc#1114015).
- scsi: lpfc: Correct irq handling via locks when taking adapter offline (bsc#1114015).
- scsi: lpfc: Correct LCB RJT handling (bsc#1114015).
- scsi: lpfc: Correct loss of fc4 type on remote port address change (bsc#1114015).
- scsi: lpfc: Correct race with abort on completion path (bsc#1114015).
- scsi: lpfc: Correct soft lockup when running mds diagnostics (bsc#1114015).
- scsi: lpfc: Correct speeds on SFP swap (bsc#1114015).
- scsi: lpfc: Correct topology type reporting on G7 adapters (bsc#1118215).
- scsi: lpfc: Defer LS_ACC to FLOGI on point to point logins (bsc#1118215).
- scsi: lpfc: Enable Management features for IF_TYPE=6 (bsc#1119322).
- scsi: lpfc: fcoe: Fix link down issue after 1000+ link bounces (bsc#1114015).
- scsi: lpfc: Fix a duplicate 0711 log message number (bsc#1118215).
- scsi: lpfc: fix block guard enablement on SLI3 adapters (bsc#1079935).
- scsi: lpfc: Fix dif and first burst use in write commands (bsc#1118215).
- scsi: lpfc: Fix discovery failures during port failovers with lots of vports (bsc#1118215).
- scsi: lpfc: Fix driver release of fw-logging buffers (bsc#1118215).
- scsi: lpfc: Fix errors in log messages (bsc#1114015).
- scsi: lpfc: Fix GFT_ID and PRLI logic for RSCN (bsc#1114015).
- scsi: lpfc: Fix kernel Oops due to null pring pointers (bsc#1118215).
- scsi: lpfc: Fix LOGO/PLOGI handling when triggerd by ABTS Timeout event (bsc#1114015).
- scsi: lpfc: Fix lpfc_sli4_read_config return value check (bsc#1114015).
- scsi: lpfc: Fix odd recovery in duplicate FLOGIs in point-to-point (bsc#1114015).
- scsi: lpfc: Fix panic when FW-log buffsize is not initialized (bsc#1118215).
- scsi: lpfc: Implement GID_PT on Nameserver query to support faster failover (bsc#1114015).
- scsi: lpfc: ls_rjt erroneus FLOGIs (bsc#1118215).
- scsi: lpfc: Raise nvme defaults to support a larger io and more connectivity (bsc#1114015).
- scsi: lpfc: raise sg count for nvme to use available sg resources (bsc#1114015).
- scsi: lpfc: reduce locking when updating statistics (bsc#1114015).
- scsi: lpfc: refactor mailbox structure context fields (bsc#1118215).
- scsi: lpfc: Remove set but not used variable 'sgl_size' (bsc#1114015).
- scsi: lpfc: Reset link or adapter instead of doing infinite nameserver PLOGI retry (bsc#1114015).
- scsi: lpfc: rport port swap discovery issue (bsc#1118215).
- scsi: lpfc: Synchronize access to remoteport via rport (bsc#1114015).
- scsi: lpfc: update driver version to 12.0.0.7 (bsc#1114015).
- scsi: lpfc: update driver version to 12.0.0.8 (bsc#1114015).
- scsi: lpfc: update driver version to 12.0.0.9 (bsc#1118215).
- scsi: lpfc: update manufacturer attribute to reflect Broadcom (bsc#1118215).
- scsi: netvsc: Use the vmbus function to calculate ring buffer percentage (bsc#1107207).
- scsi: qlogicpti: Fix an error handling path in 'qpti_sbus_probe()' (bsc#1114581).
- scsi: scsi_transport_srp: Fix shost to rport translation (bsc#1114582).
- scsi: sg: fix minor memory leak in error path (bsc#1114584).
- scsi: storsvc: do not set a bounce limit (bsc#1107207).
- scsi: storvsc: Avoid allocating memory for temp cpumasks (bsc#1107207).
- scsi: storvsc: Select channel based on available percentage of ring buffer to write (bsc#1107207).
- scsi: storvsc: Set up correct queue depth values for IDE devices (bsc#1107207).
- scsi: sysfs: Introduce sysfs_{un,}break_active_protection() (bsc#1114578).
- scsi: target: add emulate_pr backstore attr to toggle PR support (bsc#1091405).
- scsi: target: drop unused pi_prot_format attribute storage (bsc#1091405).
- scsi: target: Fix fortify_panic kernel exception (bsc#1114576).
- scsi: target/tcm_loop: Avoid that static checkers warn about dead code (bsc#1114577).
- scsi: target: tcmu: add read length support (bsc#1097755).
- scsi: vmbus: Add function to report available ring buffer to write in total ring size percentage (bsc#1107207).
- scsi: zfcp: fix posting too many status read buffers leading to adapter shutdown (bsc#1121483, LTC#174588).
- sctp: fix race on sctp_id2asoc (networking-stable-18_11_02).
- sctp: fix strchange_flags name for Stream Change Event (networking-stable-18_11_21).
- sctp: hold transport before accessing its asoc in sctp_transport_get_next (networking-stable-18_09_11).
- sctp: not allow to set asoc prsctp_enable by sockopt (networking-stable-18_11_21).
- sctp: not increase stream's incnt before sending addstrm_in request (networking-stable-18_11_21).
- sctp: update dst pmtu with the correct daddr (networking-stable-18_10_16).
- shmem: introduce shmem_inode_acct_block (VM Functionality, bsc#1121599).
- shmem: shmem_charge: verify max_block is not exceeded before inode update (VM Functionality, bsc#1121599).
- skd: Avoid that module unloading triggers a use-after-free (Git-fixes).
- skd: Submit requests to firmware before triggering the doorbell (Git-fixes).
- skip LAYOUTRETURN if layout is invalid (git-fixes).
- soc: bcm2835: sync firmware properties with downstream ()
- soc: fsl: qbman: qman: avoid allocating from non existing gen_pool (bsc#1051510).
- soc: ti: QMSS: Fix usage of irq_set_affinity_hint (bsc#1051510).
- spi: bcm2835: Avoid finishing transfer prematurely in IRQ mode (bsc#1051510).
- spi: bcm2835: Fix book-keeping of DMA termination (bsc#1051510).
- spi: bcm2835: Fix race on DMA termination (bsc#1051510).
- spi: bcm2835: Unbreak the build of esoteric configs (bsc#1051510).
- splice: do not read more than available pipe space (bsc#1119212).
- staging: bcm2835-camera: Abort probe if there is no camera (bsc#1051510).
- staging:iio:ad7606: fix voltage scales (bsc#1051510).
- staging: rtl8712: Fix possible buffer overrun (bsc#1051510).
- staging: rtl8723bs: Add missing return for cfg80211_rtw_get_station (bsc#1051510).
- staging: rtl8723bs: Fix the return value in case of error in 'rtw_wx_read32()' (bsc#1051510).
- staging: rts5208: fix gcc-8 logic error warning (bsc#1051510).
- staging: vchiq_arm: fix compat VCHIQ_IOC_AWAIT_COMPLETION (bsc#1051510).
- staging: wilc1000: fix missing read_write setting when reading data (bsc#1051510).
- SUNRPC: Allow connect to return EHOSTUNREACH (git-fixes).
- sunrpc: Do not use stack buffer with scatterlist (git-fixes).
- sunrpc: Fix rpc_task_begin trace point (git-fixes).
- SUNRPC: Fix tracepoint storage issues with svc_recv and svc_rqst_status (git-fixes).
- supported.conf: add raspberrypi-ts driver
- supported.conf: whitelist bluefield eMMC driver
- target: fix buffer offset in core_scsi3_pri_read_full_status (bsc1117349).
- target/iscsi: avoid NULL dereference in CHAP auth error path (bsc#1117165).
- target: se_dev_attrib.emulate_pr ABI stability (bsc#1091405).
- tcp: do not restart timewait timer on rst reception (networking-stable-18_09_11).
- team: no need to do team_notify_peers or team_mcast_rejoin when disabling port (bsc#1051510).
- termios, tty/tty_baudrate.c: fix buffer overrun (bsc#1051510).
- test_firmware: fix error return getting clobbered (bsc#1051510).
- test_hexdump: use memcpy instead of strncpy (bsc#1051510).
- tg3: Add PHY reset for 5717/5719/5720 in change ring and flow control paths (networking-stable-18_11_21).
- thermal: bcm2835: enable hwmon explicitly (bsc#1108468).
- thermal: da9062/61: Prevent hardware access during system suspend (bsc#1051510).
- thermal: rcar_thermal: Prevent hardware access during system suspend (bsc#1051510).
- tipc: do not assume linear buffer when reading ancillary data (networking-stable-18_11_21).
- tipc: fix a missing rhashtable_walk_exit() (networking-stable-18_09_11).
- tipc: fix flow control accounting for implicit connect (networking-stable-18_10_16).
- tmpfs: make lseek(SEEK_DATA/SEK_HOLE) return ENXIO with a negative offset (bsc#1051510).
- tools: hv: fcopy: set 'error' in case an unknown operation was requested (bsc#1107207).
- tools: hv: fcopy: set 'error' in case an unknown operation was requested (git-fixes).
- tools: hv: Fix a bug in the key delete code (bsc#1107207).
- tools: hv: Fix a bug in the key delete code (git-fixes).
- tools: hv: fix compiler warnings about major/target_fname (bsc#1107207).
- tools/hv: Fix IP reporting by KVP daemon with SRIOV (bsc#1107207).
- tools: hv: include string.h in hv_fcopy_daemon (bsc#1107207).
- tools: hv: include string.h in hv_fcopy_daemon (git-fixes).
- tools: hv: update lsvmbus to be compatible with python3 (bsc#1107207).
- tools/lib/lockdep: Rename 'trywlock' into 'trywrlock' (bsc#1121973).
- tools/power/cpupower: fix compilation with STATIC=true (git-fixes).
- tools/power turbostat: fix possible sprintf buffer overflow (git-fixes).
- tpm2-cmd: allow more attempts for selftest execution (bsc#1082555).
- tpm: add retry logic (bsc#1082555).
- tpm: consolidate the TPM startup code (bsc#1082555).
- tpm: do not suspend/resume if power stays on (bsc#1082555).
- tpm: fix intermittent failure with self tests (bsc#1082555).
- tpm: fix response size validation in tpm_get_random() (bsc#1082555).
- tpm: move endianness conversion of ordinals to tpm_input_header (bsc#1082555).
- tpm: move endianness conversion of TPM_TAG_RQU_COMMAND to tpm_input_header (bsc#1082555).
- tpm: move the delay_msec increment after sleep in tpm_transmit() (bsc#1082555).
- tpm: React correctly to RC_TESTING from TPM 2.0 self tests (bsc#1082555).
- tpm: replace msleep() with usleep_range() in TPM 1.2/2.0 generic drivers (bsc#1082555).
- tpm: Restore functionality to xen vtpm driver (bsc#1082555).
- tpm: self test failure should not cause suspend to fail (bsc#1082555).
- tpm: tpm-interface: fix tpm_transmit/_cmd kdoc (bsc#1082555).
- tpm: Trigger only missing TPM 2.0 self tests (bsc#1082555).
- tpm: Use dynamic delay to wait for TPM 2.0 self test result (bsc#1082555).
- tpm: use tpm2_pcr_read() in tpm2_do_selftest() (bsc#1082555).
- tpm: use tpm_buf functions in tpm2_pcr_read() (bsc#1082555).
- tracing: Apply trace_clock changes to instance max buffer (bsc#1117188).
- tracing/blktrace: Fix to allow setting same value (Git-fixes).
- tracing: Erase irqsoff trace with empty write (bsc#1117189).
- tracing: Fix bad use of igrab in trace_uprobe.c (bsc#1120046).
- tracing: Fix crash when freeing instances with event triggers (bsc#1120230).
- tracing: Fix crash when it fails to alloc ring buffer (bsc#1120097).
- tracing: Fix double free of event_trigger_data (bsc#1120234).
- tracing: Fix missing return symbol in function_graph output (bsc#1120232).
- tracing: Fix possible double free in event_enable_trigger_func() (bsc#1120235).
- tracing: Fix possible double free on failure of allocating trace buffer (bsc#1120214).
- tracing: Fix regex_match_front() to not over compare the test string (bsc#1120223).
- tracing: Fix trace_pipe behavior for instance traces (bsc#1120088).
- tracing: Remove RCU work arounds from stack tracer (bsc#1120092).
- tracing/samples: Fix creation and deletion of simple_thread_fn creation (git-fixes).
- tty: check name length in tty_find_polling_driver() (bsc#1051510).
- tty: Do not hold ldisc lock in tty_reopen() if ldisc present (bsc#1051510).
- tty: Do not return -EAGAIN in blocking read (bsc#1116040).
- tty: do not set TTY_IO_ERROR flag if console port (bsc#1051510).
- tty: serial: 8250_mtk: always resume the device in probe (bsc#1051510).
- tty: wipe buffer (bsc#1051510).
- tty: wipe buffer if not echoing data (bsc#1051510).
- tun: Consistently configure generic netdev params via rtnetlink (bsc#1051510).
- tuntap: fix multiqueue rx (networking-stable-18_11_21).
- ubifs: Fixup compilation failure due to different ubifs_assert() prototype.
- ubifs: Handle re-linking of inodes correctly while recovery (bsc#1120598).
- udf: Allow mounting volumes with incorrect identification strings (bsc#1118774).
- udp4: fix IP_CMSG_CHECKSUM for connected sockets (networking-stable-18_09_24).
- udp6: add missing checks on edumux packet processing (networking-stable-18_09_24).
- udp6: fix encap return code for resubmitting (git-fixes).
- uio: ensure class is registered before devices (bsc#1051510).
- uio: Fix an Oops on load (bsc#1051510).
- uio_hv_generic: fix subchannel ring mmap (bsc#1107207).
- uio_hv_generic: make ring buffer attribute for primary channel (bsc#1107207).
- uio_hv_generic: set size of ring buffer attribute (bsc#1107207).
- uio_hv_generic: support sub-channels (bsc#1107207).
- uio_hv_generic: use correct channel in isr (bsc#1107207).
- uio: make symbol 'uio_class_registered' static (bsc#1051510).
- unifdef: use memcpy instead of strncpy (bsc#1051510).
- usb: appledisplay: Add 27' Apple Cinema Display (bsc#1051510).
- usb: cdc-acm: add entry for Hiro (Conexant) modem (bsc#1051510).
- usb: core: Fix hub port connection events lost (bsc#1051510).
- usb: core: quirks: add RESET_RESUME quirk for Cherry G230 Stream series (bsc#1051510).
- usb: dwc2: host: do not delay retries for CONTROL IN transfers (bsc#1114385).
- usb: dwc2: host: Do not retry NAKed transactions right away (bsc#1114385).
- usb: dwc2: host: use hrtimer for NAK retries (git-fixes).
- usb: dwc3: core: Clean up ULPI device (bsc#1051510).
- usb: dwc3: gadget: fix ISOC TRB type on unaligned transfers (bsc#1051510).
- usb: dwc3: gadget: Properly check last unaligned/zero chain TRB (bsc#1051510).
- usb: gadget: storage: Fix Spectre v1 vulnerability (bsc#1051510).
- usb: gadget: udc: atmel: handle at91sam9rl PMC (bsc#1051510).
- usb: gadget: u_ether: fix unsafe list iteration (bsc#1051510).
- usb: host: ohci-at91: fix request of irq for optional gpio (bsc#1051510).
- usb: hso: Fix OOB memory access in hso_probe/hso_get_config_data (bsc#1051510).
- usbip: vhci_hcd: check rhport before using in vhci_hub_control() (bsc#1090888).
- usbip:vudc: BUG kmalloc-2048 (Not tainted): Poison overwritten (bsc#1051510).
- usb: misc: appledisplay: add 20' Apple Cinema Display (bsc#1051510).
- usbnet: smsc95xx: disable carrier check while suspending (bsc#1051510).
- usb: omap_udc: fix crashes on probe error and module removal (bsc#1051510).
- usb: omap_udc: fix omap_udc_start() on 15xx machines (bsc#1051510).
- usb: omap_udc: fix rejection of out transfers when DMA is used (bsc#1051510).
- usb: omap_udc: fix USB gadget functionality on Palm Tungsten E (bsc#1051510).
- usb: omap_udc: use devm_request_irq() (bsc#1051510).
- usb: quirk: add no-LPM quirk on SanDisk Ultra Flair device (bsc#1051510).
- usb: quirks: Add delay-init quirk for Corsair K70 LUX RGB (bsc#1051510).
- usb: quirks: Add no-lpm quirk for Raydium touchscreens (bsc#1051510).
- usb: serial: option: add Fibocom NL668 series (bsc#1051510).
- usb: serial: option: add GosunCn ZTE WeLink ME3630 (bsc#1051510).
- usb: serial: option: add HP lt4132 (bsc#1051510).
- usb: serial: option: add Simcom SIM7500/SIM7600 (MBIM mode) (bsc#1051510).
- usb: serial: option: add Telit LN940 series (bsc#1051510).
- usb: serial: option: add two-endpoints device-id flag (bsc#1051510).
- usb: serial: option: drop redundant interface-class test (bsc#1051510).
- usb: serial: option: improve Quectel EP06 detection (bsc#1051510).
- usb: usbip: Fix BUG: KASAN: slab-out-of-bounds in vhci_hub_control() (bsc#1106110).
- usb: usb-storage: Add new IDs to ums-realtek (bsc#1051510).
- usb: xhci: fix timeout for transition from RExit to U0 (bsc#1051510).
- usb: xhci: fix uninitialized completion when USB3 port got wrong status (bsc#1051510).
- usb: xhci: Prevent bus suspend if a port connect change or polling state is detected (bsc#1051510).
- userfaultfd: clear the vma->vm_userfaultfd_ctx if UFFD_EVENT_FORK fails (bsc#1118761).
- userfaultfd: remove uffd flags from vma->vm_flags if UFFD_EVENT_FORK fails (bsc#1118809).
- v9fs_dir_readdir: fix double-free on p9stat_read error (bsc#1118771).
- vfs: Avoid softlockups in drop_pagecache_sb() (bsc#1118505).
- vhost: Fix Spectre V1 vulnerability (bsc#1051510).
- vhost/scsi: truncate T10 PI iov_iter to prot_bytes (bsc#1051510).
- virtio_net: avoid using netif_tx_disable() for serializing tx routine (networking-stable-18_11_02).
- VMCI: Resource wildcard match fixed (bsc#1051510).
- w1: omap-hdq: fix missing bus unregister at removal (bsc#1051510).
- watchdog/core: Add missing prototypes for weak functions (git-fixes).
- wireless: airo: potential buffer overflow in sprintf() (bsc#1051510).
- wlcore: Fix the return value in case of error in 'wlcore_vendor_cmd_smart_config_start()' (bsc#1051510).
- x86/bugs: Add AMD's SPEC_CTRL MSR usage (bsc#1106913).
- x86/bugs: Fix the AMD SSBD usage of the SPEC_CTRL MSR (bsc#1106913).
- x86/bugs: Switch the selection of mitigation from CPU vendor to CPU features (bsc#1106913).
- x86/corruption-check: Fix panic in memory_corruption_check() when boot option without value is provided (bsc#1110006).
- x86/cpu/vmware: Do not trace vmware_sched_clock() (bsc#1114279).
- x86/decoder: Fix and update the opcodes map (bsc#1058115).
- x86/headers/UAPI: Use __u64 instead of u64 in <uapi/asm/hyperv.h> (bsc#1107207).
- x86, hibernate: Fix nosave_regions setup for hibernation (bsc#1110006).
- x86/hyperv: Add a function to read both TSC and TSC page value simulateneously (bsc#1107207).
- x86/hyper-v: Add flush HvFlushGuestPhysicalAddressSpace hypercall support (bsc#1107207).
- x86/hyper-v: Add hyperv_nested_flush_guest_mapping ftrace support (bsc#1107207).
- x86/hyperv: Add interrupt handler annotations (bsc#1107207).
- x86/hyper-v: allocate and use Virtual Processor Assist Pages (bsc#1107207).
- x86/hyper-v: Allocate the IDT entry early in boot (bsc#1107207).
- x86/hyper-v: Check cpumask_to_vpset() return value in hyperv_flush_tlb_others_ex() (bsc#1107207).
- x86/hyper-v: Check for VP_INVAL in hyperv_flush_tlb_others() (bsc#1107207).
- x86/hyper-v: Consolidate code for converting cpumask to vpset (bsc#1107207).
- x86/hyper-v: Consolidate the allocation of the hypercall input page (bsc#1107207).
- x86/hyper-v: define struct hv_enlightened_vmcs and clean field bits (bsc#1107207).
- x86/hyper-v: detect nested features (bsc#1107207).
- x86/hyper-v: Enable IPI enlightenments (bsc#1107207).
- x86/hyper-v: Enhanced IPI enlightenment (bsc#1107207).
- x86/hyper-v: Enlighten APIC access (bsc#1107207).
- x86/hyper-v: Fix the circular dependency in IPI enlightenment (bsc#1107207).
- x86/hyper-v: Fix wrong merge conflict resolution (bsc#1107207).
- x86/hyper-v/hv_apic: Build the Hyper-V APIC conditionally (bsc#1107207).
- x86/hyper-v/hv_apic: Include asm/apic.h (bsc#1107207).
- x86/hyper-v: Implement hv_do_fast_hypercall16 (bsc#1107207).
- x86/hyper-v: move definitions from TLFS to hyperv-tlfs.h (bsc#1107207).
- x86/hyper-v: move hyperv.h out of uapi (bsc#1107207).
- x86/hyper-v: move struct hv_flush_pcpu{,ex} definitions to common header (bsc#1107207).
- x86/hyperv: Redirect reenlightment notifications on CPU offlining (bsc#1107207).
- x86/hyperv: Reenlightenment notifications support (bsc#1107207).
- x86/hyper-v: rename ipi_arg_{ex,non_ex} structures (bsc#1107207).
- x86/hyper-v: Trace PV IPI send (bsc#1107207).
- x86/hyper-v: Use cheaper HVCALL_FLUSH_VIRTUAL_ADDRESS_{LIST,SPACE} hypercalls when possible (bsc#1107207).
- x86/hyper-v: Use cheaper HVCALL_SEND_IPI hypercall when possible (bsc#1107207).
- x86/hyper-v: Use 'fast' hypercall for HVCALL_SEND_IPI (bsc#1107207).
- x86/irq: Count Hyper-V reenlightenment interrupts (bsc#1107207).
- x86/irq: implement irq_data_get_effective_affinity_mask() for v4.12 (bsc#1109772).
- x86/kabi: Fix cpu_tlbstate issue (bsc#1106913).
- x86/kvm/hyper-v: add reenlightenment MSRs support (bsc#1107207).
- x86/kvm/hyper-v: inject #GP only when invalid SINTx vector is unmasked (bsc#1107207).
- x86/kvm/hyper-v: remove stale entries from vec_bitmap/auto_eoi_bitmap on vector change (bsc#1107207).
- x86/kvm: rename HV_X64_MSR_APIC_ASSIST_PAGE to HV_X64_MSR_VP_ASSIST_PAGE (bsc#1107207).
- x86/l1tf: Show actual SMT state (bsc#1106913).
- x86/ldt: Remove unused variable in map_ldt_struct() (bsc#1114279).
- x86/ldt: Split out sanity check in map_ldt_struct() (bsc#1114279).
- x86/ldt: Unmap PTEs for the slot before freeing LDT pages (bsc#1114279).
- x86/MCE/AMD: Fix the thresholding machinery initialization order (bsc#1114279).
- x86/MCE: Make correctable error detection look at the Deferred bit (bsc#1114279).
- x86/mm: Fix decoy address handling vs 32-bit builds (bsc#1120606).
- x86/mm/pat: Disable preemption around __flush_tlb_all() (bsc#1114279).
- x86/PCI: Add additional VMD device root ports to VMD AER quirk (bsc#1120058).
- x86/PCI: Add 'pci=big_root_window' option for AMD 64-bit windows (bsc#1120058).
- x86/PCI: Apply VMD's AERSID fixup generically (bsc#1120058).
- x86/PCI: Avoid AMD SB7xx EHCI USB wakeup defect (bsc#1120058).
- x86/PCI: Enable a 64bit BAR on AMD Family 15h (Models 00-1f, 30-3f, 60-7f) (bsc#1120058).
- x86/PCI: Enable AMD 64-bit window on resume (bsc#1120058).
- x86/PCI: Fix infinite loop in search for 64bit BAR placement (bsc#1120058).
- x86/PCI: Move and shrink AMD 64-bit window to avoid conflict (bsc#1120058).
- x86/PCI: Move VMD quirk to x86 fixups (bsc#1120058).
- x86/PCI: Only enable a 64bit BAR on single-socket AMD Family 15h (bsc#1120058).
- x86/PCI: Use is_vmd() rather than relying on the domain number (bsc#1120058).
- x86/process: Consolidate and simplify switch_to_xtra() code (bsc#1106913).
- x86/pti: Document fix wrong index (git-fixes).
- x86/retpoline: Make CONFIG_RETPOLINE depend on compiler support (bsc#1106913).
- x86/retpoline: Remove minimal retpoline support (bsc#1106913).
- x86/speculataion: Mark command line parser data __initdata (bsc#1106913).
- x86/speculation: Add command line control for indirect branch speculation (bsc#1106913).
- x86/speculation: Add prctl() control for indirect branch speculation (bsc#1106913).
- x86/speculation: Add seccomp Spectre v2 user space protection mode (bsc#1106913).
- x86/speculation: Apply IBPB more strictly to avoid cross-process data leak (bsc#1106913).
- x86/speculation: Avoid __switch_to_xtra() calls (bsc#1106913).
- x86/speculation: Clean up spectre_v2_parse_cmdline() (bsc#1106913).
- x86/speculation: Disable STIBP when enhanced IBRS is in use (bsc#1106913).
- x86/speculation: Enable cross-hyperthread spectre v2 STIBP mitigation (bsc#1106913).
- x86/speculation: Enable prctl mode for spectre_v2_user (bsc#1106913).
- x86/speculation/l1tf: Drop the swap storage limit restriction when l1tf=off (bnc#1114871).
- x86/speculation: Mark string arrays const correctly (bsc#1106913).
- x86/speculation: Move STIPB/IBPB string conditionals out of cpu_show_common() (bsc#1106913).
- x86/speculation: Prepare arch_smt_update() for PRCTL mode (bsc#1106913).
- x86/speculation: Prepare for conditional IBPB in switch_mm() (bsc#1106913).
- x86/speculation: Prepare for per task indirect branch speculation control (bsc#1106913).
- x86/speculation: Prevent stale SPEC_CTRL msr content (bsc#1106913).
- x86/speculation: Propagate information about RSB filling mitigation to sysfs (bsc#1106913).
- x86/speculation: Provide IBPB always command line options (bsc#1106913).
- x86/speculation: Remove unnecessary ret variable in cpu_show_common() (bsc#1106913).
- x86/speculation: Rename SSBD update functions (bsc#1106913).
- x86/speculation: Reorder the spec_v2 code (bsc#1106913).
- x86/speculation: Reorganize speculation control MSRs update (bsc#1106913).
- x86/speculation: Rework SMT state change (bsc#1106913).
- x86/speculation: Split out TIF update (bsc#1106913).
- x86/speculation: Support Enhanced IBRS on future CPUs ().
- x86/speculation: Unify conditional spectre v2 print functions (bsc#1106913).
- x86/speculation: Update the TIF_SSBD comment (bsc#1106913).
- x86/xen: Fix boot loader version reported for PVH guests (bnc#1065600).
- xen/balloon: Support xend-based toolstack (bnc#1065600).
- xen/blkfront: avoid NULL blkfront_info dereference on device removal (bsc#1111062).
- xen: fix race in xen_qlock_wait() (bnc#1107256).
- xen: fix xen_qlock_wait() (bnc#1107256).
- xen: make xen_qlock_wait() nestable (bnc#1107256).
- xen/netfront: do not bug in case of too many frags (bnc#1104824).
- xen/netfront: tolerate frags with no data (bnc#1119804).
- xen/pvh: do not try to unplug emulated devices (bnc#1065600).
- xen/pvh: increase early stack size (bnc#1065600).
- xen-swiotlb: use actually allocated size on check physical continuous (bnc#1065600).
- xen/x86: add diagnostic printout to xen_mc_flush() in case of error (bnc#1116183).
- xfs: Align compat attrlist_by_handle with native implementation (git-fixes).
- xfs: Fix error code in 'xfs_ioc_getbmap()' (git-fixes).
- xfs: fix quotacheck dquot id overflow infinite loop (bsc#1121621).
- xfs: Fix xqmstats offsets in /proc/fs/xfs/xqmstat (git-fixes).
- xfs: Properly detect when DAX won't be used on any device (bsc#1115976).
- xfs: xfs_buf: drop useless LIST_HEAD (git-fixes).
- xhci: Add check for invalid byte size error when UAS devices are connected (bsc#1051510).
- xhci: Add quirk to workaround the errata seen on Cavium Thunder-X2 Soc (bsc#1117162).
- xhci: Do not prevent USB2 bus suspend in state check intended for USB3 only (bsc#1051510).
- xhci: Fix leaking USB3 shared_hcd at xhci removal (bsc#1051510).
- xhci: Prevent U1/U2 link pm states if exit latency is too long (bsc#1051510).
- xprtrdma: Do not defer fencing an async RPC's chunks (git-fixes).
Patchnames
SUSE-2019-222,SUSE-SLE-SERVER-12-SP4-2019-222
Terms of use
CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).
{
"document": {
"aggregate_severity": {
"namespace": "https://www.suse.com/support/security/rating/",
"text": "important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright 2024 SUSE LLC. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "Security update for the Linux Kernel",
"title": "Title of the patch"
},
{
"category": "description",
"text": "The SUSE Linux Enterprise 12 SP4 kernel for Azure was updated to receive various security and bugfixes.\n\nThe following security bugs were fixed:\n\n- CVE-2018-19407: The vcpu_scan_ioapic function in arch/x86/kvm/x86.c allowed local users to cause a denial of service (NULL pointer dereference and BUG) via crafted system calls that reach a situation where ioapic was uninitialized (bnc#1116841).\n- CVE-2018-16884: NFS41+ shares mounted in different network namespaces at the same time can make bc_svc_process() use wrong back-channel IDs and cause a use-after-free vulnerability. Thus a malicious container user can cause a host kernel memory corruption and a system panic. Due to the nature of the flaw, privilege escalation cannot be fully ruled out (bnc#1119946).\n- CVE-2018-20169: The USB subsystem mishandled size checks during the reading of an extra descriptor, related to __usb_get_extra_descriptor in drivers/usb/core/usb.c (bnc#1119714).\n- CVE-2018-9568: In sk_clone_lock of sock.c, there is a possible memory corruption due to type confusion. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation (bnc#1118319).\n- CVE-2018-16862: A security flaw was found in the way that the cleancache subsystem clears an inode after the final file truncation (removal). The new file created with the same inode may contain leftover pages from cleancache and the old file data instead of the new one (bnc#1117186).\n- CVE-2018-14625: A flaw was found where an attacker may be able to have an uncontrolled read to kernel-memory from within a vm guest. A race condition between connect() and close() function may allow an attacker using the AF_VSOCK protocol to gather a 4 byte information leak or possibly intercept or corrupt AF_VSOCK messages destined to other clients (bnc#1106615).\n- CVE-2018-19985: The function hso_probe read if_num from the USB device (as an u8) and used it without a length check to index an array, resulting in an OOB memory read in hso_probe or hso_get_config_data that could be used by local attackers (bnc#1120743).\n- CVE-2018-12232: In net/socket.c there is a race condition between fchownat and close in cases where they target the same socket file descriptor, related to the sock_close and sockfs_setattr functions. fchownat did not increment the file descriptor reference count, which allowed close to set the socket to NULL during fchownat\u0027s execution, leading to a NULL pointer dereference and system crash (bnc#1097593).\n- CVE-2018-18397: The userfaultfd implementation mishandled access control for certain UFFDIO_ ioctl calls, as demonstrated by allowing local users to write data into holes in a tmpfs file (if the user has read-only access to that file, and that file contains holes), related to fs/userfaultfd.c and mm/userfaultfd.c (bnc#1117656).\n- CVE-2018-19854: An issue was discovered in the crypto_report_one() and related functions in crypto/crypto_user.c (the crypto user configuration API) do not fully initialize structures that are copied to userspace, potentially leaking sensitive memory to user programs. NOTE: this is a CVE-2013-2547 regression but with easier exploitability because the attacker did not need a capability (however, the system must have the CONFIG_CRYPTO_USER kconfig option) (bnc#1118428).\n- CVE-2018-19824: A local user could exploit a use-after-free in the ALSA driver by supplying a malicious USB Sound device (with zero interfaces) that is mishandled in usb_audio_probe in sound/usb/card.c (bnc#1118152).\n- CVE-2018-18281: The mremap() syscall performs TLB flushes after dropping pagetable locks. If a syscall such as ftruncate() removes entries from the pagetables of a task that is in the middle of mremap(), a stale TLB entry can remain for a short time that permits access to a physical page after it has been released back to the page allocator and reused. (bnc#1113769).\n- CVE-2017-5753: Systems with microprocessors utilizing speculative execution and branch prediction may allow unauthorized disclosure of information to an attacker with local user access via a side-channel analysis (bnc#1074578)\n\nThe following non-security bugs were fixed:\n\n- ACPI/APEI: Handle GSIV and GPIO notification types (bsc#1115567).\n- ACPICA: Tables: Add WSMT support (bsc#1089350).\n- ACPI/CPPC: Check for valid PCC subspace only if PCC is used (bsc#1117115).\n- ACPI/CPPC: Update all pr_(debug/err) messages to log the susbspace id (bsc#1117115).\n- ACPI/IORT: Fix iort_get_platform_device_domain() uninitialized pointer value (bsc#1051510).\n- ACPI/LPSS: Add alternative ACPI HIDs for Cherry Trail DMA controllers (bsc#1051510).\n- ACPI/NFTI: Fix ARS overflow continuation (bsc#1116895).\n- ACPI/NFIT: x86/mce: Handle only uncorrectable machine checks (bsc#1114279).\n- ACPI/NFIT: x86/mce: Validate a MCE\u0027s address before using it (bsc#1114279).\n- ACPI/platform: Add SMB0001 HID to forbidden_id_list (bsc#1051510).\n- ACPI/watchdog: Prefer iTCO_wdt always when WDAT table uses RTC SRAM (bsc#1051510).\n- act_ife: fix a potential use-after-free (networking-stable-18_09_11).\n- Add the cherry-picked dup id for PCI dwc fix\n- aio: fix spectre gadget in lookup_ioctx (bsc#1120594).\n- ALSA: ac97: Fix incorrect bit shift at AC97-SPSA control write (bsc#1051510).\n- ALSA: ca0106: Disable IZD on SB0570 DAC to fix audio pops (bsc#1051510).\n- ALSA: control: Fix race between adding and removing a user element (bsc#1051510).\n- ALSA: cs46xx: Potential NULL dereference in probe (bsc#1051510).\n- ALSA: emu10k1: Fix potential Spectre v1 vulnerabilities (bsc#1051510).\n- ALSA: emux: Fix potential Spectre v1 vulnerabilities (bsc#1051510).\n- ALSA: fireface: fix for state to fetch PCM frames (bsc#1051510).\n- ALSA: fireface: fix reference to wrong register for clock configuration (bsc#1051510).\n- ALSA: firewire-lib: fix wrong assignment for \u0027out_packet_without_header\u0027 tracepoint (bsc#1051510).\n- ALSA: firewire-lib: fix wrong handling payload_length as payload_quadlet (bsc#1051510).\n- ALSA: firewire-lib: use the same print format for \u0027without_header\u0027 tracepoints (bsc#1051510).\n- ALSA: hda: Add ASRock N68C-S UCC the power_save blacklist (bsc#1051510).\n- ALSA: hda: add mute LED support for HP EliteBook 840 G4 (bsc#1051510).\n- ALSA: hda: Add support for AMD Stoney Ridge (bsc#1051510).\n- ALSA: hda/ca0132 - Call pci_iounmap() instead of iounmap() (bsc#1051510).\n- ALSA: hda/ca0132 - make pci_iounmap() call conditional (bsc#1051510).\n- ALSA: hda: fix front speakers on Huawei MBXP (bsc#1051510).\n- ALSA: hda/realtek - Add auto-mute quirk for HP Spectre x360 laptop (bsc#1051510).\n- ALSA: hda/realtek - Add GPIO data update helper (bsc#1051510).\n- ALSA: hda/realtek - Add support for Acer Aspire C24-860 headset mic (bsc#1051510).\n- ALSA: hda/realtek - Add unplug function into unplug state of Headset Mode for ALC225 (bsc#1051510).\n- ALSA: hda/realtek: ALC286 mic and headset-mode fixups for Acer Aspire U27-880 (bsc#1051510).\n- ALSA: hda/realtek: ALC294 mic and headset-mode fixups for ASUS X542UN (bsc#1051510).\n- ALSA: hda/realtek - Allow skipping spec-\u003einit_amp detection (bsc#1051510).\n- ALSA: hda/realtek - Disable headset Mic VREF for headset mode of ALC225 (bsc#1051510).\n- ALSA: hda/realtek: Enable audio jacks of ASUS UX391UA with ALC294 (bsc#1051510).\n- ALSA: hda/realtek: Enable audio jacks of ASUS UX433FN/UX333FA with ALC294 (bsc#1051510).\n- ALSA: hda/realtek: Enable audio jacks of ASUS UX533FD with ALC294 (bsc#1051510).\n- ALSA: hda/realtek: Enable the headset mic auto detection for ASUS laptops (bsc#1051510).\n- ALSA: hda/realtek - Fixed headphone issue for ALC700 (bsc#1051510).\n- ALSA: hda/realtek - fix headset mic detection for MSI MS-B171 (bsc#1051510).\n- ALSA: hda/realtek - Fix HP Headset Mic can\u0027t record (bsc#1051510).\n- ALSA: hda/realtek: Fix mic issue on Acer AIO Veriton Z4660G (bsc#1051510).\n- ALSA: hda/realtek: Fix mic issue on Acer AIO Veriton Z4860G/Z6860G (bsc#1051510).\n- ALSA: hda/realtek - Fix speaker output regression on Thinkpad T570 (bsc#1051510).\n- ALSA: hda/realtek - Fix the mute LED regresion on Lenovo X1 Carbon (bsc#1051510).\n- ALSA: hda/realtek - fix the pop noise on headphone for lenovo laptops (bsc#1051510).\n- ALSA: hda/realtek - Manage GPIO bits commonly (bsc#1051510).\n- ALSA: hda/realtek - Simplify Dell XPS13 GPIO handling (bsc#1051510).\n- ALSA: hda/realtek - Support ALC300 (bsc#1051510).\n- ALSA: hda/realtek - Support Dell headset mode for New AIO platform (bsc#1051510).\n- ALSA: hda/tegra: clear pending irq handlers (bsc#1051510).\n- ALSA: oss: Use kvzalloc() for local buffer allocations (bsc#1051510).\n- ALSA: pcm: Call snd_pcm_unlink() conditionally at closing (bsc#1051510).\n- ALSA: pcm: Fix interval evaluation with openmin/max (bsc#1051510).\n- ALSA: pcm: Fix potential Spectre v1 vulnerability (bsc#1051510).\n- ALSA: pcm: Fix starvation on down_write_nonblock() (bsc#1051510).\n- ALSA: rme9652: Fix potential Spectre v1 vulnerability (bsc#1051510).\n- ALSA: sparc: Fix invalid snd_free_pages() at error path (bsc#1051510).\n- ALSA: trident: Suppress gcc string warning (bsc#1051510).\n- ALSA: usb-audio: Add SMSL D1 to quirks for native DSD support (bsc#1051510).\n- ALSA: usb-audio: Add support for Encore mDSD USB DAC (bsc#1051510).\n- ALSA: usb-audio: Add vendor and product name for Dell WD19 Dock (bsc#1051510).\n- ALSA: usb-audio: Avoid access before bLength check in build_audio_procunit() (bsc#1051510).\n- ALSA: usb-audio: Fix an out-of-bound read in create_composite_quirks (bsc#1051510).\n- ALSA: wss: Fix invalid snd_free_pages() at error path (bsc#1051510).\n- ALSA: x86: Fix runtime PM for hdmi-lpe-audio (bsc#1051510).\n- amd/iommu: Fix Guest Virtual APIC Log Tail Address Register (bsc#1106105).\n- apparmor: do not try to replace stale label in ptrace access check (git-fixes).\n- apparmor: do not try to replace stale label in ptraceme check (git-fixes).\n- apparmor: Fix uninitialized value in aa_split_fqname (git-fixes).\n- arm64: Add work around for Arm Cortex-A55 Erratum 1024718 (bsc#1120612).\n- arm64: atomics: Remove \u0027\u0026\u0027 from \u0027+\u0026\u0027 asm constraint in lse atomics (bsc#1120613).\n- arm64: cpu_errata: include required headers (bsc#1120615).\n- arm64: dma-mapping: Fix FORCE_CONTIGUOUS buffer clearing (bsc#1120633).\n- arm64: Fix /proc/iomem for reserved but not memory regions (bsc#1120632).\n- arm64: KVM: Move CPU ID reg trap setup off the world switch path (bsc#1110998).\n- arm64: KVM: Sanitize PSTATE.M when being set from userspace (bsc#1110998).\n- arm64: KVM: Tighten guest core register access from userspace (bsc#1110998).\n- arm64: lse: Add early clobbers to some input/output asm operands (bsc#1120614).\n- arm64: lse: remove -fcall-used-x0 flag (bsc#1120618).\n- arm64: mm: always enable CONFIG_HOLES_IN_ZONE (bsc#1120617).\n- arm64/numa: Report correct memblock range for the dummy node (bsc#1120620).\n- arm64/numa: Unify common error path in numa_init() (bsc#1120621).\n- arm64: remove no-op -p linker flag (bsc#1120616).\n- arm: dts: at91: add new compatibility string for macb on sama5d3 (bsc#1051510).\n- ASoC: dapm: Recalculate audio map forcely when card instantiated (bsc#1051510).\n- ASoC: dwc: Added a quirk DW_I2S_QUIRK_16BIT_IDX_OVERRIDE to dwc (bsc#1085535)\n- ASoC: Intel: cht_bsw_max98090: add support for Baytrail (bsc#1051510).\n- ASoC: intel: cht_bsw_max98090_ti: Add pmc_plt_clk_0 quirk for Chromebook Clapper (bsc#1051510).\n- ASoC: intel: cht_bsw_max98090_ti: Add pmc_plt_clk_0 quirk for Chromebook Gnawty (bsc#1051510).\n- ASoC: intel: cht_bsw_max98090_ti: Add quirk for boards using pmc_plt_clk_0 (bsc#1051510).\n- ASoC: Intel: mrfld: fix uninitialized variable access (bsc#1051510).\n- ASoC: omap-abe-twl6040: Fix missing audio card caused by deferred probing (bsc#1051510).\n- ASoC: omap-dmic: Add pm_qos handling to avoid overruns with CPU_IDLE (bsc#1051510).\n- ASoC: omap-mcbsp: Fix latency value calculation for pm_qos (bsc#1051510).\n- ASoC: omap-mcpdm: Add pm_qos handling to avoid under/overruns with CPU_IDLE (bsc#1051510).\n- ASoC: rsnd: fixup clock start checker (bsc#1051510).\n- ASoC: sun8i-codec: fix crash on module removal (bsc#1051510).\n- ASoC: wm_adsp: Fix dma-unsafe read of scratch registers (bsc#1051510).\n- ata: Fix racy link clearance (bsc#1107866).\n- ataflop: fix error handling during setup (bsc#1051510).\n- ath10k: do not assume this is a PCI dev in generic code (bsc#1051510).\n- ath10k: schedule hardware restart if WMI command times out (bsc#1051510).\n- ath6kl: Only use match sets when firmware supports it (bsc#1051510).\n- b43: Fix error in cordic routine (bsc#1051510).\n- batman-adv: Expand merged fragment buffer for full packet (bsc#1051510).\n- batman-adv: Use explicit tvlv padding for ELP packets (bsc#1051510).\n- bcache: fix miss key refill-\u003eend in writeback (Git-fixes).\n- bcache: trace missed reading by cache_missed (Git-fixes).\n- bitops: protect variables in bit_clear_unless() macro (bsc#1051510).\n- bitops: protect variables in set_mask_bits() macro (bsc#1051510).\n- blk-mq: remove synchronize_rcu() from blk_mq_del_queue_tag_set() (Git-fixes).\n- block: allow max_discard_segments to be stacked (Git-fixes).\n- block: blk_init_allocated_queue() set q-\u003efq as NULL in the fail case (Git-fixes).\n- block: copy ioprio in __bio_clone_fast() (bsc#1082653).\n- block: really disable runtime-pm for blk-mq (Git-fixes).\n- block: reset bi_iter.bi_done after splitting bio (Git-fixes).\n- block: respect virtual boundary mask in bvecs (bsc#1113412).\n- block/swim: Fix array bounds check (Git-fixes).\n- Bluetooth: btbcm: Add entry for BCM4335C0 UART bluetooth (bsc#1051510).\n- Bluetooth: SMP: fix crash in unpairing (bsc#1051510).\n- bnxt_en: do not try to offload VLAN \u0027modify\u0027 action (bsc#1050242 ).\n- bnxt_en: Fix enables field in HWRM_QUEUE_COS2BW_CFG request (bsc#1086282).\n- bnxt_en: Fix TX timeout during netpoll (networking-stable-18_10_16).\n- bnxt_en: Fix VNIC reservations on the PF (bsc#1086282 ).\n- bnxt_en: free hwrm resources, if driver probe fails (networking-stable-18_10_16).\n- bnxt_en: get the reduced max_irqs by the ones used by RDMA (bsc#1050242).\n- bonding: avoid possible dead-lock (networking-stable-18_10_16).\n- bonding: fix length of actor system (networking-stable-18_11_02).\n- bonding: fix warning message (networking-stable-18_10_16).\n- bonding: pass link-local packets to bonding master also (networking-stable-18_10_16).\n- bpf: fix check of allowed specifiers in bpf_trace_printk (bsc#1083647).\n- bpf: fix partial copy of map_ptr when dst is scalar (bsc#1083647).\n- bpf, net: add skb_mac_header_len helper (networking-stable-18_09_24).\n- bpf: use per htab salt for bucket hash (git-fixes).\n- bpf: wait for running BPF programs when updating map-in-map (bsc#1083647).\n- brcmfmac: fix for proper support of 160MHz bandwidth (bsc#1051510).\n- brcmfmac: fix reporting support for 160 MHz channels (bsc#1051510).\n- brcmutil: really fix decoding channel info for 160 MHz bandwidth (bsc#1051510).\n- bridge: do not add port to router list when receives query with source 0.0.0.0 (networking-stable-18_11_02).\n- Btrfs: Always try all copies when reading extent buffers (git-fixes).\n- Btrfs: delete dead code in btrfs_orphan_add() (bsc#1111469).\n- Btrfs: delete dead code in btrfs_orphan_commit_root() (bsc#1111469).\n- Btrfs: do not BUG_ON() in btrfs_truncate_inode_items() (bsc#1111469).\n- Btrfs: do not check inode\u0027s runtime flags under root-\u003eorphan_lock (bsc#1111469).\n- Btrfs: do not return ino to ino cache if inode item removal fails (bsc#1111469).\n- Btrfs: fix assertion failure during fsync in no-holes mode (bsc#1118136).\n- Btrfs: fix assertion on fsync of regular file when using no-holes feature (bsc#1118137).\n- Btrfs: fix cur_offset in the error case for nocow (bsc#1118140).\n- Btrfs: fix data corruption due to cloning of eof block (bsc#1116878).\n- Btrfs: fix deadlock on tree root leaf when finding free extent (bsc#1116876).\n- Btrfs: fix deadlock when writing out free space caches (bsc#1116700).\n- Btrfs: fix ENOSPC caused by orphan items reservations (bsc#1111469).\n- btrfs: Fix error handling in btrfs_cleanup_ordered_extents (git-fixes).\n- Btrfs: fix error handling in btrfs_truncate() (bsc#1111469).\n- Btrfs: fix error handling in btrfs_truncate_inode_items() (bsc#1111469).\n- Btrfs: fix fsync of files with multiple hard links in new directories (1120173).\n- Btrfs: fix infinite loop on inode eviction after deduplication of eof block (bsc#1116877).\n- Btrfs: Fix memory barriers usage with device stats counters (git-fixes).\n- Btrfs: fix null pointer dereference on compressed write path error (bsc#1116698).\n- Btrfs: fix use-after-free during inode eviction (bsc#1116701).\n- Btrfs: fix use-after-free on root-\u003eorphan_block_rsv (bsc#1111469).\n- Btrfs: fix use-after-free when dumping free space (bsc#1116862).\n- Btrfs: fix warning when replaying log after fsync of a tmpfile (bsc#1116692).\n- Btrfs: fix wrong dentries after fsync of file that got its parent replaced (bsc#1116693).\n- Btrfs: get rid of BTRFS_INODE_HAS_ORPHAN_ITEM (bsc#1111469).\n- Btrfs: get rid of unused orphan infrastructure (bsc#1111469).\n- Btrfs: make sure we create all new block groups (bsc#1116699).\n- Btrfs: move btrfs_truncate_block out of trans handle (bsc#1111469).\n- Btrfs: protect space cache inode alloc with GFP_NOFS (bsc#1116863).\n- Btrfs: qgroup: Dirty all qgroups before rescan (bsc#1120036).\n- Btrfs: refactor btrfs_evict_inode() reserve refill dance (bsc#1111469).\n- Btrfs: renumber BTRFS_INODE_ runtime flags and switch to enums (bsc#1111469).\n- Btrfs: reserve space for O_TMPFILE orphan item deletion (bsc#1111469).\n- btrfs: run delayed items before dropping the snapshot (bsc#1121263, bsc#1111188).\n- Btrfs: send, fix infinite loop due to directory rename dependencies (bsc#1118138).\n- Btrfs: stop creating orphan items for truncate (bsc#1111469).\n- Btrfs: tree-checker: Do not check max block group size as current max chunk size limit is unreliable (fixes for bsc#1102882, bsc#1102896, bsc#1102879, bsc#1102877, bsc#1102875).\n- Btrfs: update stale comments referencing vmtruncate() (bsc#1111469).\n- cachefiles: fix the race between cachefiles_bury_object() and rmdir(2) (bsc#1051510).\n- can: dev: __can_get_echo_skb(): Do not crash the kernel if can_priv::echo_skb is accessed out of bounds (bsc#1051510).\n- can: dev: can_get_echo_skb(): factor out non sending code to __can_get_echo_skb() (bsc#1051510).\n- can: dev: __can_get_echo_skb(): print error message, if trying to echo non existing skb (bsc#1051510).\n- can: dev: __can_get_echo_skb(): replace struct can_frame by canfd_frame to access frame length (bsc#1051510).\n- can: flexcan: flexcan_irq(): fix indention (bsc#1051510).\n- can: hi311x: Use level-triggered interrupt (bsc#1051510).\n- can: raw: check for CAN FD capable netdev in raw_sendmsg() (bsc#1051510).\n- can: rcar_can: Fix erroneous registration (bsc#1051510).\n- can: rx-offload: introduce can_rx_offload_get_echo_skb() and can_rx_offload_queue_sorted() functions (bsc#1051510).\n- cdc-acm: correct counting of UART states in serial state notification (bsc#1051510).\n- cdc-acm: do not reset notification buffer index upon urb unlinking (bsc#1051510).\n- cdrom: do not attempt to fiddle with cdo-\u003ecapability (bsc#1051510).\n- ceph: do not update importing cap\u0027s mseq when handing cap export (bsc#1121273).\n- ceph: fix dentry leak in ceph_readdir_prepopulate (bsc#1114839).\n- ceph: quota: fix null pointer dereference in quota check (bsc#1114839).\n- cfg80211: Address some corner cases in scan result channel updating (bsc#1051510).\n- cfg80211: fix use-after-free in reg_process_hint() (bsc#1051510).\n- char_dev: extend dynamic allocation of majors into a higher range (bsc#1121058).\n- char_dev: Fix off-by-one bugs in find_dynamic_major() (bsc#1121058).\n- clk: at91: Fix division by zero in PLL recalc_rate() (bsc#1051510).\n- clk: fixed-factor: fix of_node_get-put imbalance (bsc#1051510).\n- clk: fixed-rate: fix of_node_get-put imbalance (bsc#1051510).\n- clk: mmp2: fix the clock id for sdh2_clk and sdh3_clk (bsc#1051510).\n- clk: mmp: Off by one in mmp_clk_add() (bsc#1051510).\n- clk: mvebu: Off by one bugs in cp110_of_clk_get() (bsc#1051510).\n- clk: rockchip: Fix static checker warning in rockchip_ddrclk_get_parent call (bsc#1051510).\n- clk: s2mps11: Add used attribute to s2mps11_dt_match (bsc#1051510).\n- clk: s2mps11: Fix matching when built as module and DT node contains compatible (bsc#1051510).\n- clk: samsung: exynos5420: Enable PERIS clocks for suspend (bsc#1051510).\n- clockevents/drivers/i8253: Add support for PIT shutdown quirk (bsc#1051510).\n- compiler-gcc.h: Add __attribute__((gnu_inline)) to all inline declarations (git-fixes).\n- config: arm64: enable erratum 1024718\n- configfs: replace strncpy with memcpy (bsc#1051510).\n- cpufeature: avoid warning when compiling with clang (Git-fixes).\n- cpufreq / CPPC: Add cpuinfo_cur_freq support for CPPC (bsc#1117115).\n- cpufreq: CPPC: fix build in absence of v3 support (bsc#1117115).\n- cpupower: remove stringop-truncation waring (git-fixes).\n- crypto: bcm - fix normal/non key hash algorithm failure (bsc#1051510).\n- crypto: ccp - Add DOWNLOAD_FIRMWARE SEV command ().\n- crypto: ccp - Add GET_ID SEV command ().\n- crypto: ccp - Add psp enabled message when initialization succeeds ().\n- crypto: ccp - Add support for new CCP/PSP device ID ().\n- crypto: ccp - Allow SEV firmware to be chosen based on Family and Model ().\n- crypto: ccp - Fix static checker warning ().\n- crypto: ccp - Remove unused #defines ().\n- crypto: ccp - Support register differences between PSP devices ().\n- crypto: simd - correctly take reqsize of wrapped skcipher into account (bsc#1051510).\n- dasd: fix deadlock in dasd_times_out (bsc#1121477, LTC#174111).\n- dax: Check page-\u003emapping isn\u0027t NULL (bsc#1120054).\n- dax: Do not access a freed inode (bsc#1120055).\n- device property: Define type of PROPERTY_ENRTY_*() macros (bsc#1051510).\n- device property: fix fwnode_graph_get_next_endpoint() documentation (bsc#1051510).\n- disable INFINIBAND_USNIC\n- disable SERIAL_NONSTANDARD\n- disable stringop truncation warnings for now (git-fixes).\n- dm: allocate struct mapped_device with kvzalloc (Git-fixes).\n- dm cache: destroy migration_cache if cache target registration failed (Git-fixes).\n- dm cache: fix resize crash if user does not reload cache table (Git-fixes).\n- dm cache metadata: ignore hints array being too small during resize (Git-fixes).\n- dm cache metadata: save in-core policy_hint_size to on-disk superblock (Git-fixes).\n- dm cache metadata: set dirty on all cache blocks after a crash (Git-fixes).\n- dm cache: only allow a single io_mode cache feature to be requested (Git-fixes).\n- dm crypt: do not decrease device limits (Git-fixes).\n- dm: fix report zone remapping to account for partition offset (Git-fixes).\n- dm integrity: change \u0027suspending\u0027 variable from bool to int (Git-fixes).\n- dm ioctl: harden copy_params()\u0027s copy_from_user() from malicious users (Git-fixes).\n- dm linear: eliminate linear_end_io call if CONFIG_DM_ZONED disabled (Git-fixes).\n- dm linear: fix linear_end_io conditional definition (Git-fixes).\n- dm thin: handle running out of data space vs concurrent discard (Git-fixes).\n- dm thin metadata: remove needless work from __commit_transaction (Git-fixes).\n- dm thin: stop no_space_timeout worker when switching to write-mode (Git-fixes).\n- dm writecache: fix a crash due to reading past end of dirty_bitmap (Git-fixes).\n- dm writecache: report start_sector in status line (Git-fixes).\n- dm zoned: fix metadata block ref counting (Git-fixes).\n- dm zoned: fix various dmz_get_mblock() issues (Git-fixes).\n- doc/README.SUSE: correct GIT url No more gitorious, github we use.\n- Documentation/l1tf: Fix typos (bsc#1051510).\n- Documentation/l1tf: Remove Yonah processors from not vulnerable list (bsc#1051510).\n- driver/dma/ioat: Call del_timer_sync() without holding prep_lock (bsc#1051510).\n- Drivers: HV: Send one page worth of kmsg dump over Hyper-V during panic (bsc#1107207).\n- Drivers: hv: vmbus: Add comments on ring buffer signaling (bsc#1107207).\n- Drivers: hv: vmbus: add numa_node to sysfs (bsc#1107207).\n- Drivers: hv: vmbus: Cleanup synic memory free path (bsc#1107207).\n- Drivers: hv: vmbus: enable VMBus protocol version 5.0 (bsc#1107207).\n- Drivers: hv: vmbus: Fix the issue with freeing up hv_ctl_table_hdr (bsc#1107207).\n- Drivers: hv: vmbus: Get rid of MSR access from vmbus_drv.c (bsc#1107207).\n- Drivers: hv: vmbus: Implement Direct Mode for stimer0 (bsc#1107207).\n- Drivers: hv: vmbus: Make TLFS #define names architecture neutral (bsc#1107207).\n- Drivers: hv: vmbus: Removed an unnecessary cast from void * (bsc#1107207).\n- Drivers: hv: vmbus: Remove use of slow_virt_to_phys() (bsc#1107207).\n- Drivers: hv: vmbus: Remove x86-isms from arch independent drivers (bsc#1107207).\n- Drivers: hv: vmbus: Remove x86 MSR refs in arch independent code (bsc#1107207).\n- Drivers: hv: vmbus: Reset the channel callback in vmbus_onoffer_rescind() (bsc#1107207).\n- Drivers: hv: vmbus: respect what we get from hv_get_synint_state() (bsc#1107207).\n- Drivers: hv: vmbus: Use get/put_cpu() in vmbus_connect() (bsc#1107207).\n- Drivers: hv: vmus: Fix the check for return value from kmsg get dump buffer (bsc#1107207).\n- Drivers/net/usb: add device id for TP-LINK UE300 USB 3.0 Ethernet (bsc#1119749).\n- Drivers/net/usb/r8152: remove the unneeded variable \u0027ret\u0027 in rtl8152_system_suspend (bsc#1119749).\n- Drivers/tty: add missing of_node_put() (bsc#1051510).\n- drm/amdgpu: add missing CHIP_HAINAN in amdgpu_ucode_get_load_type (bsc#1051510).\n- drm/amdgpu/gmc8: update MC firmware for polaris (bsc#1113722)\n- drm/amdgpu: update mc firmware image for polaris12 variants (bsc#1113722)\n- drm/amdgpu: update SMC firmware image for polaris10 variants (bsc#1113722)\n- drm/ast: change resolution may cause screen blurred (boo#1112963).\n- drm/ast: fixed cursor may disappear sometimes (bsc#1051510).\n- drm/ast: Fix incorrect free on ioregs (bsc#1051510).\n- drm/ast: Remove existing framebuffers before loading driver (boo#1112963)\n- drm/dp_mst: Check if primary mstb is null (bsc#1051510).\n- drm/dp_mst: Skip validating ports during destruction, just ref (bsc#1051510).\n- drm/edid: Add 6 bpc quirk for BOE panel (bsc#1051510).\n- drm/edid: Add 6 bpc quirk for BOE panel in HP Pavilion 15-n233sl (bsc#1113722)\n- drm/fb-helper: Ignore the value of fb_var_screeninfo.pixclock (bsc#1113722)\n- drm: fb-helper: Reject all pixel format changing requests (bsc#1113722)\n- drm/i915: Do not oops during modeset shutdown after lpe audio deinit (bsc#1051510).\n- drm/i915: Do not unset intel_connector-\u003emst_port (bsc#1051510).\n- drm/i915/execlists: Apply a full mb before execution for Braswell (bsc#1113722)\n- drm/i915/execlists: Force write serialisation into context image vs execution (bsc#1051510).\n- drm/i915: Fix ilk+ watermarks when disabling pipes (bsc#1051510).\n- drm/i915/glk: Remove 99% limitation (bsc#1051510).\n- drm/i915/hdmi: Add HDMI 2.0 audio clock recovery N values (bsc#1051510).\n- drm/i915: Large page offsets for pread/pwrite (bsc#1051510).\n- drm/i915: Mark pin flags as u64 (bsc#1051510).\n- drm/i915: Skip vcpi allocation for MSTB ports that are gone (bsc#1051510).\n- drm/i915: Write GPU relocs harder with gen3 (bsc#1051510).\n- drm/ioctl: Fix Spectre v1 vulnerabilities (bsc#1113722)\n- drm/meson: add support for 1080p25 mode (bsc#1051510).\n- drm/meson: Enable fast_io in meson_dw_hdmi_regmap_config (bsc#1051510).\n- drm/meson: Fix OOB memory accesses in meson_viu_set_osd_lut() (bsc#1051510).\n- drm/nouveau: Check backlight IDs are \u003e= 0, not \u003e 0 (bsc#1051510).\n- drm/nouveau/kms: Fix memory leak in nv50_mstm_del() (bsc#1113722)\n- drm/omap: fix memory barrier bug in DMM driver (bsc#1051510).\n- drm: rcar-du: Fix external clock error checks (bsc#1113722)\n- drm: rcar-du: Fix vblank initialization (bsc#1113722)\n- drm/rockchip: Allow driver to be shutdown on reboot/kexec (bsc#1051510).\n- drm/rockchip: psr: do not dereference encoder before it is null (bsc#1113722)\n- drm: set is_master to 0 upon drm_new_set_master() failure (bsc#1113722)\n- drm/vc4: Set -\u003eis_yuv to false when num_planes == 1 (bsc#1113722)\n- drm/vc4: -\u003ex_scaling[1] should never be set to VC4_SCALING_NONE (bsc#1113722)\n- dt-bindings: add compatible string for Allwinner V3s SoC (git-fixes).\n- dt-bindings: arm: Document SoC compatible value for Armadillo-800 EVA (git-fixes).\n- dt-bindings: clock: add rk3399 DDR3 standard speed bins (git-fixes).\n- dt-bindings: clock: mediatek: add binding for fixed-factor clock axisel_d4 (git-fixes).\n- dt-bindings: iio: update STM32 timers clock names (git-fixes).\n- dt-bindings: mfd: axp20x: Add AXP806 to supported list of chips (git-fixes).\n- dt-bindings: net: Remove duplicate NSP Ethernet MAC binding document (git-fixes).\n- dt-bindings: panel: lvds: Fix path to display timing bindings (git-fixes).\n- dt-bindings: phy: sun4i-usb-phy: Add property descriptions for H3 (git-fixes).\n- dt-bindings: pwm: renesas: tpu: Fix \u0027compatible\u0027 prop description (git-fixes).\n- dt-bindings: pwm: Update STM32 timers clock names (git-fixes).\n- dt-bindings: rcar-dmac: Document missing error interrupt (git-fixes).\n- EDAC, {i7core,sb,skx}_edac: Fix uncorrected error counting (bsc#1114279).\n- EDAC, skx_edac: Fix logical channel intermediate decoding (bsc#1114279).\n- efi: Move some sysfs files to be read-only by root (bsc#1051510).\n- enable CONFIG_SCSI_MQ_DEFAULT (bsc#1107207)\n- ethernet: fman: fix wrong of_node_put() in probe function (bsc#1119017).\n- exportfs: fix \u0027passing zero to ERR_PTR()\u0027 warning (bsc#1118773).\n- ext2: fix potential use after free (bsc#1118775).\n- ext4: add missing brelse() add_new_gdb_meta_bg()\u0027s error path (bsc#1117795).\n- ext4: add missing brelse() in set_flexbg_block_bitmap()\u0027s error path (bsc#1117794).\n- ext4: add missing brelse() update_backups()\u0027s error path (bsc#1117796).\n- ext4: avoid buffer leak in ext4_orphan_add() after prior errors (bsc#1117802).\n- ext4: avoid buffer leak on shutdown in ext4_mark_iloc_dirty() (bsc#1117801).\n- ext4: avoid possible double brelse() in add_new_gdb() on error path (bsc#1118760).\n- ext4: avoid potential extra brelse in setup_new_flex_group_blocks() (bsc#1117792).\n- ext4: fix buffer leak in __ext4_read_dirblock() on error path (bsc#1117807).\n- ext4: fix buffer leak in ext4_xattr_move_to_block() on error path (bsc#1117806).\n- ext4: fix EXT4_IOC_GROUP_ADD ioctl (bsc#1120604).\n- ext4: fix missing cleanup if ext4_alloc_flex_bg_array() fails while resizing (bsc#1117798).\n- ext4: fix possible inode leak in the retry loop of ext4_resize_fs() (bsc#1117799).\n- ext4: fix possible leak of sbi-\u003es_group_desc_leak in error path (bsc#1117803).\n- ext4: fix possible leak of s_journal_flag_rwsem in error path (bsc#1117804).\n- ext4: fix possible use after free in ext4_quota_enable (bsc#1120602).\n- ext4: fix setattr project check in fssetxattr ioctl (bsc#1117789).\n- ext4: fix use-after-free race in ext4_remount()\u0027s error path (bsc#1117791).\n- ext4: initialize retries variable in ext4_da_write_inline_data_begin() (bsc#1117788).\n- ext4: missing unlock/put_page() in ext4_try_to_write_inline_data() (bsc#1120603).\n- ext4: propagate error from dquot_initialize() in EXT4_IOC_FSSETXATTR (bsc#1117790).\n- ext4: release bs.bh before re-using in ext4_xattr_block_find() (bsc#1117805).\n- extable: Consolidate *kernel_text_address() functions (bsc#1120092).\n- extable: Enable RCU if it is not watching in kernel_text_address() (bsc#1120092).\n- fanotify: fix handling of events on child sub-directory (bsc#1122019).\n- fbdev: fbcon: Fix unregister crash when more than one framebuffer (bsc#1113722)\n- fbdev: fbmem: behave better with small rotated displays and many CPUs (bsc#1113722)\n- fbdev: fix broken menu dependencies (bsc#1113722)\n- filesystem-dax: Fix dax_layout_busy_page() livelock (bsc#1118787).\n- firmware: add firmware_request_nowarn() - load firmware without warnings ().\n- firmware: dcdbas: Add support for WSMT ACPI table (bsc#1089350 ).\n- firmware: dcdbas: include linux/io.h (bsc#1089350).\n- Fix kABI for \u0027Ensure we commit after writeback is complete\u0027 (bsc#1111809).\n- Fix the breakage of KMP build on x86_64 (bsc#1121017) The backport of the commit 4cd24de3a098 broke KMP builds because of the failure of make kernelrelease call in spec file. Clear the blacklist and backport the fix from the upstream.\n- Fix tracing sample code warning (git-fixes).\n- floppy: fix race condition in __floppy_read_block_0() (bsc#1051510).\n- flow_dissector: do not dissect l4 ports for fragments (networking-stable-18_11_21).\n- fscache: fix race between enablement and dropping of object (bsc#1107385).\n- fscache: Fix race in fscache_op_complete() due to split atomic_sub \u0026 read (Git-fixes).\n- fscache: Pass the correct cancelled indications to fscache_op_complete() (Git-fixes).\n- fs: fix lost error code in dio_complete (bsc#1118762).\n- fs: Make extension of struct super_block transparent (bsc#1117822).\n- fsnotify: Fix busy inodes during unmount (bsc#1117822).\n- fsnotify: fix ignore mask logic in fsnotify() (bsc#1115074).\n- fs/xfs: Use %pS printk format for direct addresses (git-fixes).\n- ftrace: Fix debug preempt config name in stack_tracer_{en,dis}able (bsc#1117172).\n- ftrace: Fix kmemleak in unregister_ftrace_graph (bsc#1117181).\n- ftrace: Fix memleak when unregistering dynamic ops when tracing disabled (bsc#1117174).\n- ftrace: Remove incorrect setting of glob search field (bsc#1117184).\n- fuse: fix blocked_waitq wakeup (git-fixes).\n- fuse: fix leaked notify reply (git-fixes).\n- fuse: fix possibly missed wake-up after abort (git-fixes).\n- fuse: Fix use-after-free in fuse_dev_do_read() (git-fixes).\n- fuse: Fix use-after-free in fuse_dev_do_write() (git-fixes).\n- fuse: fix use-after-free in fuse_direct_IO() (git-fixes).\n- fuse: set FR_SENT while locked (git-fixes).\n- gcc-plugins: Add include required by GCC release 8 (git-fixes).\n- gcc-plugins: Use dynamic initializers (git-fixes).\n- genirq: Fix race on spurious interrupt detection (bsc#1051510).\n- gfs2: Do not leave s_fs_info pointing to freed memory in init_sbd (bsc#1118769).\n- gfs2: Fix loop in gfs2_rbm_find (bsc#1120601).\n- gfs2: Get rid of potential double-freeing in gfs2_create_inode (bsc#1120600).\n- gfs2_meta: -\u003emount() can get NULL dev_name (bsc#1118768).\n- gfs2: Put bitmap buffers in put_super (bsc#1118772).\n- git_sort.py: Remove non-existent remote tj/libata\n- gpio: davinci: Remove unused member of davinci_gpio_controller (git-fixes).\n- gpio: do not free unallocated ida on gpiochip_add_data_with_key() error path (bsc#1051510).\n- gpiolib-acpi: Only defer request_irq for GpioInt ACPI event handlers (bsc#1051510).\n- gpiolib: Fix return value of gpio_to_desc() stub if !GPIOLIB (bsc#1051510).\n- gpio: max7301: fix driver for use with CONFIG_VMAP_STACK (bsc#1051510).\n- gpio: mvebu: only fail on missing clk if pwm is actually to be used (bsc#1051510).\n- grace: replace BUG_ON by WARN_ONCE in exit_net hook (git-fixes).\n- gso_segment: Reset skb-\u003emac_len after modifying network header (networking-stable-18_09_24).\n- HID: Add quirk for Primax PIXART OEM mice (bsc#1119410).\n- HID: hiddev: fix potential Spectre v1 (bsc#1051510).\n- HID: input: Ignore battery reported by Symbol DS4308 (bsc#1051510).\n- HID: multitouch: Add pointstick support for Cirque Touchpad (bsc#1051510).\n- HID: uhid: forbid UHID_CREATE under KERNEL_DS or elevated privileges (bsc#1051510).\n- hv: add SPDX license id to Kconfig (bsc#1107207).\n- hv: add SPDX license to trace (bsc#1107207).\n- hv_balloon: trace post_status (bsc#1107207).\n- hv_netvsc: Add handlers for ethtool get/set msg level (bsc#1107207).\n- hv_netvsc: Add NetVSP v6 and v6.1 into version negotiation (bsc#1107207).\n- hv_netvsc: Add per-cpu ethtool stats for netvsc (bsc#1107207).\n- hv_netvsc: Add range checking for rx packet offset and length (bsc#1107207).\n- hv_netvsc: add trace points (bsc#1107207).\n- hv_netvsc: Clean up extra parameter from rndis_filter_receive_data() (bsc#1107207).\n- hv_netvsc: fix bogus ifalias on network device (bsc#1107207).\n- hv_netvsc: fix network namespace issues with VF support (bsc#1107207).\n- hv_netvsc: Fix the return status in RX path (bsc#1107207).\n- hv_netvsc: Fix the variable sizes in ipsecv2 and rsc offload (bsc#1107207).\n- hv_netvsc: fix vf serial matching with pci slot info (bsc#1107207).\n- hv_netvsc: ignore devices that are not PCI (networking-stable-18_09_11).\n- hv_netvsc: move VF to same namespace as netvsc device (bsc#1107207).\n- hv_netvsc: pair VF based on serial number (bsc#1107207).\n- hv_netvsc: Pass net_device parameter to revoke and teardown functions (bsc#1107207).\n- hv_netvsc: pass netvsc_device to rndis halt (bsc#1107207).\n- hv_netvsc: propogate Hyper-V friendly name into interface alias (bsc#1107207).\n- hv_netvsc: select needed ucs2_string routine (bsc#1107207).\n- hv_netvsc: simplify receive side calling arguments (bsc#1107207).\n- hv_netvsc: typo in NDIS RSS parameters structure (bsc#1107207).\n- hv: Synthetic typo correction (bsc#1107207).\n- hv_vmbus: Correct the stale comments regarding cpu affinity (bsc#1107207).\n- hwmon: (core) Fix double-free in __hwmon_device_register() (bsc#1051510).\n- hwmon: (ibmpowernv) Remove bogus __init annotations (bsc#1051510).\n- hwmon: (ina2xx) Fix current value calculation (bsc#1051510).\n- hwmon (ina2xx) Fix NULL id pointer in probe() (bsc#1051510).\n- hwmon: (nct6775) Fix potential Spectre v1 (bsc#1051510).\n- hwmon: (pmbus) Fix page count auto-detection (bsc#1051510).\n- hwmon: (pwm-fan) Set fan speed to 0 on suspend (bsc#1051510).\n- hwmon: (raspberrypi) Fix initial notify (bsc#1051510).\n- hwmon: (w83795) temp4_type has writable permission (bsc#1051510).\n- hwpoison, memory_hotplug: allow hwpoisoned pages to be offlined (bnc#1116336).\n- hyper-v: use GFP_KERNEL for hv_context.hv_numa_map (bsc#1107207).\n- i2c: axxia: properly handle master timeout (bsc#1051510).\n- i2c: scmi: Fix probe error on devices with an empty SMB0001 ACPI device node (bsc#1051510).\n- IB/hfi1: Add mtu check for operational data VLs (bsc#1060463 ).\n- ibmvnic: Convert reset work item mutex to spin lock ().\n- ibmvnic: fix accelerated VLAN handling ().\n- ibmvnic: fix index in release_rx_pools (bsc#1115440, bsc#1115433).\n- ibmvnic: Fix non-atomic memory allocation in IRQ context ().\n- ibmvnic: remove ndo_poll_controller ().\n- ibmvnic: Update driver queues after change in ring size support ().\n- IB/rxe: support for 802.1q VLAN on the listener (bsc#1082387).\n- ieee802154: 6lowpan: set IFLA_LINK (bsc#1051510).\n- ieee802154: at86rf230: switch from BUG_ON() to WARN_ON() on problem (bsc#1051510).\n- ieee802154: at86rf230: use __func__ macro for debug messages (bsc#1051510).\n- ieee802154: fakelb: switch from BUG_ON() to WARN_ON() on problem (bsc#1051510).\n- iio: accel: adxl345: convert address field usage in iio_chan_spec (bsc#1051510).\n- iio: ad5064: Fix regulator handling (bsc#1051510).\n- iio:st_magn: Fix enable device after trigger (bsc#1051510).\n- ima: fix showing large \u0027violations\u0027 or \u0027runtime_measurements_count\u0027 (bsc#1051510).\n- include/linux/pfn_t.h: force \u0027~\u0027 to be parsed as an unary operator (bsc#1051510).\n- include modules.fips in kernel-binary as well as kernel-binary-base ().\n- inet: make sure to grab rcu_read_lock before using ireq-\u003eireq_opt (networking-stable-18_10_16).\n- initramfs: fix initramfs rebuilds w/ compression after disabling (git-fixes).\n- Input: add official Raspberry Pi\u0027s touchscreen driver ().\n- Input: cros_ec_keyb - fix button/switch capability reports (bsc#1051510).\n- Input: elan_i2c - add ACPI ID for Lenovo IdeaPad 330-15ARR (bsc#1051510).\n- Input: elan_i2c - add ACPI ID for Lenovo IdeaPad 330-15IGM (bsc#1051510).\n- Input: elan_i2c - add ELAN0620 to the ACPI table (bsc#1051510).\n- Input: elan_i2c - add support for ELAN0621 touchpad (bsc#1051510).\n- Input: hyper-v - fix wakeup from suspend-to-idle (bsc#1051510).\n- Input: matrix_keypad - check for errors from of_get_named_gpio() (bsc#1051510).\n- Input: nomadik-ske-keypad - fix a loop timeout test (bsc#1051510).\n- Input: omap-keypad - fix keyboard debounce configuration (bsc#1051510).\n- Input: synaptics - add PNP ID for ThinkPad P50 to SMBus (bsc#1051510).\n- Input: synaptics - avoid using uninitialized variable when probing (bsc#1051510).\n- Input: synaptics - enable SMBus for HP 15-ay000 (bsc#1051510).\n- Input: xpad - add PDP device id 0x02a4 (bsc#1051510).\n- Input: xpad - add support for Xbox1 PDP Camo series gamepad (bsc#1051510).\n- Input: xpad - avoid using __set_bit() for capabilities (bsc#1051510).\n- Input: xpad - fix some coding style issues (bsc#1051510).\n- Input: xpad - quirk all PDP Xbox One gamepads (bsc#1051510).\n- integrity/security: fix digsig.c build error with header file (bsc#1051510).\n- intel_th: msu: Fix an off-by-one in attribute store (bsc#1051510).\n- iommu/amd: Fix amd_iommu=force_isolation (bsc#1106105).\n- iommu/arm-smmu: Ensure that page-table updates are visible before TLBI (bsc#1106237).\n- iommu/ipmmu-vmsa: Fix crash on early domain free (bsc#1106105).\n- iommu/vt-d: Fix NULL pointer dereference in prq_event_thread() (bsc#1106105).\n- iommu/vt-d: Handle domain agaw being less than iommu agaw (bsc#1106105).\n- iommu/vt-d: Use memunmap to free memremap (bsc#1106105).\n- ip6_tunnel: be careful when accessing the inner header (networking-stable-18_10_16).\n- ip6_tunnel: Fix encapsulation layout (networking-stable-18_11_02).\n- ip6_vti: fix a null pointer deference when destroy vti6 tunnel (networking-stable-18_09_11).\n- ipmi: Fix timer race with module unload (bsc#1051510).\n- ip_tunnel: be careful when accessing the inner header (networking-stable-18_10_16).\n- ip_tunnel: do not force DF when MTU is locked (networking-stable-18_11_21).\n- ipv4: lock mtu in fnhe when received PMTU \u0026lt; net.ipv4.route.min_pmtu (networking-stable-18_11_21).\n- ipv4: tcp: send zero IPID for RST and ACK sent in SYN-RECV and TIME-WAIT state (networking-stable-18_09_11).\n- ipv6: Fix PMTU updates for UDP/raw sockets in presence of VRF (networking-stable-18_11_21).\n- ipv6: fix possible use-after-free in ip6_xmit() (networking-stable-18_09_24).\n- ipv6: mcast: fix a use-after-free in inet6_mc_check (networking-stable-18_11_02).\n- ipv6/ndisc: Preserve IPv6 control buffer if protocol error handlers are called (networking-stable-18_11_02).\n- ipv6: take rcu lock in rawv6_send_hdrinc() (networking-stable-18_10_16).\n- iwlwifi: add new cards for 9560, 9462, 9461 and killer series (bsc#1051510).\n- iwlwifi: dbg: allow wrt collection before ALIVE (bsc#1051510).\n- iwlwifi: do not WARN on trying to dump dead firmware (bsc#1051510).\n- iwlwifi: fix LED command capability bit (bsc#1119086).\n- iwlwifi: fix non_shared_ant for 22000 devices (bsc#1119086).\n- iwlwifi: fix wrong WGDS_WIFI_DATA_SIZE (bsc#1119086).\n- iwlwifi: mvm: check for short GI only for OFDM (bsc#1051510).\n- iwlwifi: mvm: check return value of rs_rate_from_ucode_rate() (bsc#1051510).\n- iwlwifi: mvm: do not send GEO_TX_POWER_LIMIT to old firmwares (bsc#1119086).\n- iwlwifi: mvm: do not use SAR Geo if basic SAR is not used (bsc#1051510).\n- iwlwifi: mvm: fix BAR seq ctrl reporting (bsc#1051510).\n- iwlwifi: mvm: fix regulatory domain update when the firmware starts (bsc#1051510).\n- iwlwifi: mvm: support sta_statistics() even on older firmware (bsc#1051510).\n- iwlwifi: nvm: get num of hw addresses from firmware (bsc#1119086).\n- iwlwifi: pcie: avoid empty free RB queue (bsc#1051510).\n- iwlwifi: pcie: do not reset TXQ write pointer (bsc#1051510).\n- jffs2: free jffs2_sb_info through jffs2_kill_sb() (bsc#1118767).\n- jump_label: Split out code under the hotplug lock (bsc#1106913).\n- KABI fix for \u0027NFSv4.1: Fix up replays of interrupted requests\u0027 (git-fixes).\n- KABI: hwpoison, memory_hotplug: allow hwpoisoned pages to be offlined (bnc#1116336).\n- KABI: mask raw in struct bpf_reg_state (bsc#1083647).\n- KABI: powerpc: Revert npu callback signature change (bsc#1055120).\n- KABI protect hnae_ae_ops (bsc#1104353).\n- KABI: protect struct fib_nh_exception (kabi).\n- KABI: protect struct rtable (kabi).\n- kbuild: allow to use GCC toolchain not in Clang search path (git-fixes).\n- kbuild: fix kernel/bounds.c \u0027W=1\u0027 warning (bsc#1051510).\n- kbuild: fix linker feature test macros when cross compiling with Clang (git-fixes).\n- kbuild: make missing $DEPMOD a Warning instead of an Error (git-fixes).\n- kbuild: move \u0027_all\u0027 target out of $(KBUILD_SRC) conditional (bsc#1114279).\n- kbuild: rpm-pkg: keep spec file until make mrproper (git-fixes).\n- Kbuild: suppress packed-not-aligned warning for default setting only (git-fixes).\n- kbuild: verify that $DEPMOD is installed (git-fixes).\n- kdb: use memmove instead of overlapping memcpy (bsc#1120954).\n- kernfs: Replace strncpy with memcpy (bsc#1120053).\n- keys: Fix the use of the C++ keyword \u0027private\u0027 in uapi/linux/keyctl.h (Git-fixes).\n- kgdboc: Passing ekgdboc to command line causes panic (bsc#1051510).\n- kobject: Replace strncpy with memcpy (git-fixes).\n- kprobes: Make list and blacklist root user read only (git-fixes).\n- KVM: arm/arm64: Introduce vcpu_el1_is_32bit (bsc#1110998).\n- KVM: hyperv: idr_find needs RCU protection (bsc#1107207).\n- KVM: introduce kvm_make_vcpus_request_mask() API (bsc#1107207).\n- KVM: nVMX: Always reflect #NM VM-exits to L1 (bsc#1106240).\n- KVM: nVMX: move check_vmentry_postreqs() call to nested_vmx_enter_non_root_mode() (bsc#1106240).\n- KVM: PPC: Book3S PR: Enable use on POWER9 inside HPT-mode guests (bsc#1118484).\n- KVM: s390: vsie: copy wrapping keys to right place (git-fixes).\n- KVM: svm: Ensure an IBPB on all affected CPUs when freeing a vmcb (bsc#1114279).\n- KVM: VMX: re-add ple_gap module parameter (bsc#1106240).\n- KVM: x86: ensure all MSRs can always be KVM_GET/SET_MSR\u0027d (bsc#1107207).\n- KVM: x86: factor out kvm.arch.hyperv (de)init (bsc#1107207).\n- KVM: x86: Fix kernel info-leak in KVM_HC_CLOCK_PAIRING hypercall (bsc#1106240).\n- KVM: x86: hyperv: delete dead code in kvm_hv_hypercall() (bsc#1107207).\n- KVM: x86: hyperv: do rep check for each hypercall separately (bsc#1107207).\n- KVM: x86: hyperv: guest-\u003ehost event signaling via eventfd (bsc#1107207).\n- KVM: x86: hyperv: simplistic HVCALL_FLUSH_VIRTUAL_ADDRESS_{LIST,SPACE}_EX implementation (bsc#1107207).\n- KVM: x86: hyperv: simplistic HVCALL_FLUSH_VIRTUAL_ADDRESS_{LIST,SPACE} implementation (bsc#1107207).\n- KVM: x86: hyperv: use defines when parsing hypercall parameters (bsc#1107207).\n- KVM: x86: VMX: hyper-v: Enlightened MSR-Bitmap support (bsc#1107207).\n- libata: whitelist all SAMSUNG MZ7KM* solid-state disks (bsc#1051510).\n- libceph: bump CEPH_MSG_MAX_DATA_LEN (bsc#1114839).\n- libceph: fall back to sendmsg for slab pages (bsc#1118316).\n- libertas: do not set URB_ZERO_PACKET on IN USB transfer (bsc#1051510).\n- libertas_tf: prevent underflow in process_cmdrequest() (bsc#1119086).\n- libnvdimm: Hold reference on parent while scheduling async init (bsc#1116891).\n- libnvdimm, pfn: Pad pfn namespaces relative to other regions (bsc#1118962).\n- libnvdimm, pmem: Fix badblocks population for \u0027raw\u0027 namespaces (bsc#1118788).\n- libnvdimm, region: Fail badblocks listing for inactive regions (bsc#1116899).\n- lib/raid6: Fix arm64 test build (bsc#1051510).\n- lib/ubsan.c: do not mark __ubsan_handle_builtin_unreachable as noreturn (bsc#1051510).\n- Limit max FW API version for QCA9377 (bsc#1121714, bsc#1121715).\n- linux/bitmap.h: fix type of nbits in bitmap_shift_right() (bsc#1051510).\n- llc: set SOCK_RCU_FREE in llc_sap_add_socket() (networking-stable-18_11_02).\n- locking/barriers: Convert users of lockless_dereference() to READ_ONCE() (Git-fixes).\n- locking/static_keys: Improve uninitialized key warning (bsc#1106913).\n- mac80211: Always report TX status (bsc#1051510).\n- mac80211: Clear beacon_int in ieee80211_do_stop (bsc#1051510).\n- mac80211: fix reordering of buffered broadcast packets (bsc#1051510).\n- mac80211: fix TX status reporting for ieee80211s (bsc#1051510).\n- mac80211_hwsim: do not omit multicast announce of first added radio (bsc#1051510).\n- mac80211_hwsim: fix module init error paths for netlink (bsc#1051510).\n- mac80211_hwsim: Timer should be initialized before device registered (bsc#1051510).\n- mac80211: ignore NullFunc frames in the duplicate detection (bsc#1051510).\n- mac80211: ignore tx status for PS stations in ieee80211_tx_status_ext (bsc#1051510).\n- mac80211: TDLS: fix skb queue/priority assignment (bsc#1051510).\n- mach64: fix display corruption on big endian machines (bsc#1113722)\n- mach64: fix image corruption due to reading accelerator registers (bsc#1113722)\n- mailbox: PCC: handle parse error (bsc#1051510).\n- Mark HI and TASKLET softirq synchronous (git-fixes).\n- md: allow metadata updates while suspending an array - fix (git-fixes).\n- MD: fix invalid stored role for a disk - try2 (git-fixes).\n- md: fix raid10 hang issue caused by barrier (git-fixes).\n- media: em28xx: Fix use-after-free when disconnecting (bsc#1051510).\n- media: em28xx: make v4l2-compliance happier by starting sequence on zero (bsc#1051510).\n- media: omap3isp: Unregister media device as first (bsc#1051510).\n- memory_hotplug: cond_resched in __remove_pages (bnc#1114178).\n- mfd: menelaus: Fix possible race condition and leak (bsc#1051510).\n- mfd: omap-usb-host: Fix dts probe of children (bsc#1051510).\n- mlxsw: spectrum: Fix IP2ME CPU policer configuration (networking-stable-18_11_21).\n- mmc: bcm2835: reset host on timeout (bsc#1051510).\n- mmc: core: Allow BKOPS and CACHE ctrl even if no HPI support (bsc#1051510).\n- mmc: core: Reset HPI enabled state during re-init and in case of errors (bsc#1051510).\n- mmc: core: Use a minimum 1600ms timeout when enabling CACHE ctrl (bsc#1051510).\n- mmc: dw_mmc-bluefield: Add driver extension (bsc#1118752).\n- mmc: dw_mmc-k3: add sd support for hi3660 (bsc#1118752).\n- mmc: dw_mmc-rockchip: correct property names in debug (bsc#1051510).\n- MMC: OMAP: fix broken MMC on OMAP15XX/OMAP5910/OMAP310 (bsc#1051510).\n- mmc: omap_hsmmc: fix DMA API warning (bsc#1051510).\n- mmc: sdhci: fix the timeout check window for clock and reset (bsc#1051510).\n- mmc: sdhci-pci-o2micro: Add quirk for O2 Micro dev 0x8620 rev 0x01 (bsc#1051510).\n- mm: do not miss the last page because of round-off error (bnc#1118798).\n- mm: do not warn about large allocations for slab (git fixes (slab)).\n- mm: handle no memcg case in memcg_kmem_charge() properly (bnc#1113677).\n- mm/huge_memory.c: reorder operations in __split_huge_page_tail() (VM Functionality bsc#1119962).\n- mm/huge_memory: fix lockdep complaint on 32-bit i_size_read() (VM Functionality, bsc#1121599).\n- mm/huge_memory: rename freeze_page() to unmap_page() (VM Functionality, bsc#1121599).\n- mm/huge_memory: splitting set mapping+index before unfreeze (VM Functionality, bsc#1121599).\n- mm: hugetlb: yield when prepping struct pages (git fixes (memory initialisation)).\n- mm/khugepaged: collapse_shmem() do not crash on Compound (VM Functionality, bsc#1121599).\n- mm/khugepaged: collapse_shmem() remember to clear holes (VM Functionality, bsc#1121599).\n- mm/khugepaged: collapse_shmem() stop if punched or truncated (VM Functionality, bsc#1121599).\n- mm/khugepaged: collapse_shmem() without freezing new_page (VM Functionality, bsc#1121599).\n- mm/khugepaged: fix crashes due to misaccounted holes (VM Functionality, bsc#1121599).\n- mm/khugepaged: minor reorderings in collapse_shmem() (VM Functionality, bsc#1121599).\n- mm: lower the printk loglevel for __dump_page messages (generic hotplug debugability).\n- mm, memory_hotplug: be more verbose for memory offline failures (generic hotplug debugability).\n- mm, memory_hotplug: drop pointless block alignment checks from __offline_pages (generic hotplug debugability).\n- mm, memory_hotplug: print reason for the offlining failure (generic hotplug debugability).\n- mm: migration: fix migration of huge PMD shared pages (bnc#1086423).\n- mm: only report isolation failures when offlining memory (generic hotplug debugability).\n- mm: print more information about mapping in __dump_page (generic hotplug debugability).\n- mm: put_and_wait_on_page_locked() while page is migrated (bnc#1109272).\n- mm: rework memcg kernel stack accounting (bnc#1113677).\n- mm: sections are not offlined during memory hotremove (bnc#1119968).\n- mm: shmem.c: Correctly annotate new inodes for lockdep (Git fixes: shmem).\n- mm/vmstat.c: fix NUMA statistics updates (git fixes).\n- mount: Do not allow copying MNT_UNBINDABLE|MNT_LOCKED mounts (bsc#1117819).\n- mount: Prevent MNT_DETACH from disconnecting locked mounts (bsc#1117820).\n- mount: Retest MNT_LOCKED in do_umount (bsc#1117818).\n- Move dell_rbu fix to sorted section (bsc#1087978).\n- Move USB-audio UAF fix patch to sorted section\n- mtd: cfi: convert inline functions to macros (git-fixes).\n- mtd: Fix comparison in map_word_andequal() (git-fixes).\n- namei: allow restricted O_CREAT of FIFOs and regular files (bsc#1118766).\n- nbd: do not allow invalid blocksize settings (Git-fixes).\n- neighbour: confirm neigh entries when ARP packet is received (networking-stable-18_09_24).\n- net/af_iucv: drop inbound packets with invalid flags (bnc#1113501, LTC#172679).\n- net/af_iucv: fix skb handling on HiperTransport xmit error (bnc#1113501, LTC#172679).\n- net/appletalk: fix minor pointer leak to userspace in SIOCFINDIPDDPRT (networking-stable-18_09_24).\n- net: aquantia: memory corruption on jumbo frames (networking-stable-18_10_16).\n- net: bcmgenet: Poll internal PHY for GENETv5 (networking-stable-18_11_02).\n- net: bcmgenet: protect stop from timeout (networking-stable-18_11_21).\n- net: bcmgenet: use MAC link status for fixed phy (networking-stable-18_09_11).\n- net: bgmac: Fix endian access in bgmac_dma_tx_ring_free() (bsc#1051510).\n- net: bridge: remove ipv6 zero address check in mcast queries (git-fixes).\n- net: dsa: bcm_sf2: Call setup during switch resume (networking-stable-18_10_16).\n- net: dsa: bcm_sf2: Fix unbind ordering (networking-stable-18_10_16).\n- net: dsa: mv88e6xxx: Fix binding documentation for MDIO busses (git-fixes).\n- net: dsa: qca8k: Add QCA8334 binding documentation (git-fixes).\n- net: ena: add functions for handling Low Latency Queues in ena_com (bsc#1111696 bsc#1117561).\n- net: ena: add functions for handling Low Latency Queues in ena_netdev (bsc#1111696 bsc#1117561).\n- net: ena: change rx copybreak default to reduce kernel memory pressure (bsc#1111696 bsc#1117561).\n- net: ena: complete host info to match latest ENA spec (bsc#1111696 bsc#1117561).\n- net: ena: enable Low Latency Queues (bsc#1111696 bsc#1117561).\n- net: ena: explicit casting and initialization, and clearer error handling (bsc#1111696 bsc#1117561).\n- net: ena: fix auto casting to boolean (bsc#1111696 bsc#1117561).\n- net: ena: fix compilation error in xtensa architecture (bsc#1111696 bsc#1117561).\n- net: ena: fix crash during ena_remove() (bsc#1111696 bsc#1117561).\n- net: ena: fix crash during failed resume from hibernation (bsc#1111696 bsc#1117561).\n- net: ena: fix indentations in ena_defs for better readability (bsc#1111696 bsc#1117561).\n- net: ena: Fix Kconfig dependency on X86 (bsc#1111696 bsc#1117561).\n- net: ena: fix NULL dereference due to untimely napi initialization (bsc#1111696 bsc#1117561).\n- net: ena: fix rare bug when failed restart/resume is followed by driver removal (bsc#1111696 bsc#1117561).\n- net: ena: fix warning in rmmod caused by double iounmap (bsc#1111696 bsc#1117561).\n- net: ena: introduce Low Latency Queues data structures according to ENA spec (bsc#1111696 bsc#1117561).\n- net: ena: limit refill Rx threshold to 256 to avoid latency issues (bsc#1111696 bsc#1117561).\n- net: ena: minor performance improvement (bsc#1111696 bsc#1117561).\n- net: ena: remove ndo_poll_controller (bsc#1111696 bsc#1117561).\n- net: ena: remove redundant parameter in ena_com_admin_init() (bsc#1111696 bsc#1117561).\n- net: ena: update driver version from 2.0.1 to 2.0.2 (bsc#1111696 bsc#1117561).\n- net: ena: update driver version to 2.0.1 (bsc#1111696 bsc#1117561).\n- net: ena: use CSUM_CHECKED device indication to report skb\u0027s checksum status (bsc#1111696 bsc#1117561).\n- net: fec: do not dump RX FIFO register when not available (networking-stable-18_11_02).\n- net-gro: reset skb-\u003epkt_type in napi_reuse_skb() (networking-stable-18_11_21).\n- net: hns3: Add nic state check before calling netif_tx_wake_queue (bsc#1104353).\n- net: hns3: Add support for hns3_nic_netdev_ops.ndo_do_ioctl (bsc#1104353).\n- net: hns3: bugfix for buffer not free problem during resetting (bsc#1104353).\n- net: hns3: bugfix for handling mailbox while the command queue reinitialized (bsc#1104353).\n- net: hns3: bugfix for hclge_mdio_write and hclge_mdio_read (bsc#1104353).\n- net: hns3: bugfix for is_valid_csq_clean_head() (bsc#1104353 ).\n- net: hns3: bugfix for reporting unknown vector0 interrupt repeatly problem (bsc#1104353).\n- net: hns3: bugfix for rtnl_lock\u0027s range in the hclgevf_reset() (bsc#1104353).\n- net: hns3: bugfix for the initialization of command queue\u0027s spin lock (bsc#1104353).\n- net: hns3: Check hdev state when getting link status (bsc#1104353).\n- net: hns3: Clear client pointer when initialize client failed or unintialize finished (bsc#1104353).\n- net: hns3: Fix cmdq registers initialization issue for vf (bsc#1104353).\n- net: hns3: Fix error of checking used vlan id (bsc#1104353 ).\n- net: hns3: Fix ets validate issue (bsc#1104353).\n- net: hns3: Fix for netdev not up problem when setting mtu (bsc#1104353).\n- net: hns3: Fix for out-of-bounds access when setting pfc back pressure (bsc#1104353).\n- net: hns3: Fix for packet buffer setting bug (bsc#1104353 ).\n- net: hns3: Fix for rx vlan id handle to support Rev 0x21 hardware (bsc#1104353).\n- net: hns3: Fix for setting speed for phy failed problem (bsc#1104353).\n- net: hns3: Fix for vf vlan delete failed problem (bsc#1104353 ).\n- net: hns3: Fix loss of coal configuration while doing reset (bsc#1104353).\n- net: hns3: Fix parameter type for q_id in hclge_tm_q_to_qs_map_cfg() (bsc#1104353).\n- net: hns3: Fix ping exited problem when doing lp selftest (bsc#1104353).\n- net: hns3: Preserve vlan 0 in hardware table (bsc#1104353 ).\n- net: hns3: remove unnecessary queue reset in the hns3_uninit_all_ring() (bsc#1104353).\n- net: hns3: Set STATE_DOWN bit of hdev state when stopping net (bsc#1104353).\n- net: hns: fix for unmapping problem when SMMU is on (networking-stable-18_10_16).\n- net: hp100: fix always-true check for link up state (networking-stable-18_09_24).\n- net: ibm: fix return type of ndo_start_xmit function ().\n- net/ibmnvic: Fix deadlock problem in reset ().\n- net/ibmvnic: Fix RTNL deadlock during device reset (bnc#1115431).\n- net: ipmr: fix unresolved entry dumps (networking-stable-18_11_02).\n- net: ipv4: do not let PMTU updates increase route MTU (git-fixes).\n- net/ipv6: Display all addresses in output of /proc/net/if_inet6 (networking-stable-18_10_16).\n- net/ipv6: Fix index counter for unicast addresses in in6_dump_addrs (networking-stable-18_11_02).\n- netlabel: check for IPV4MASK in addrinfo_get (networking-stable-18_10_16).\n- net: macb: do not disable MDIO bus at open/close time (networking-stable-18_09_11).\n- net/mlx4_core: Correctly set PFC param if global pause is turned off (bsc#1046299).\n- net/mlx5: Check for error in mlx5_attach_interface (networking-stable-18_09_18).\n- net/mlx5e: Fix selftest for small MTUs (networking-stable-18_11_21).\n- net/mlx5e: Set vlan masks for all offloaded TC rules (networking-stable-18_10_16).\n- net/mlx5: E-Switch, Fix memory leak when creating switchdev mode FDB tables (networking-stable-18_09_18).\n- net/mlx5: E-Switch, Fix out of bound access when setting vport rate (networking-stable-18_10_16).\n- net/mlx5: Fix debugfs cleanup in the device init/remove flow (networking-stable-18_09_18).\n- net/mlx5: Fix use-after-free in self-healing flow (networking-stable-18_09_18).\n- net/mlx5: Take only bit 24-26 of wqe.pftype_wq for page fault type (networking-stable-18_11_02).\n- net: mvpp2: Extract the correct ethtype from the skb for tx csum offload (networking-stable-18_10_16).\n- net: mvpp2: fix a txq_done race condition (networking-stable-18_10_16).\n- net/packet: fix packet drop as of virtio gso (networking-stable-18_10_16).\n- net: phy: mdio-gpio: Fix working over slow can_sleep GPIOs (networking-stable-18_11_21).\n- net: qca_spi: Fix race condition in spi transfers (networking-stable-18_09_18).\n- net: qmi_wwan: add Wistron Neweb D19Q1 (bsc#1051510).\n- net: sched: action_ife: take reference to meta module (networking-stable-18_09_11).\n- net/sched: act_pedit: fix dump of extended layered op (networking-stable-18_09_11).\n- net/sched: act_sample: fix NULL dereference in the data path (networking-stable-18_09_24).\n- net: sched: Fix for duplicate class dump (networking-stable-18_11_02).\n- net: sched: Fix memory exposure from short TCA_U32_SEL (networking-stable-18_09_11).\n- net: sched: gred: pass the right attribute to gred_change_table_def() (networking-stable-18_11_02).\n- net: smsc95xx: Fix MTU range (networking-stable-18_11_21).\n- net: socket: fix a missing-check bug (networking-stable-18_11_02).\n- net: stmmac: Fix stmmac_mdio_reset() when building stmmac as modules (networking-stable-18_11_02).\n- net: stmmac: Fixup the tail addr setting in xmit path (networking-stable-18_10_16).\n- net: systemport: Fix wake-up interrupt race during resume (networking-stable-18_10_16).\n- net: systemport: Protect stop from timeout (networking-stable-18_11_21).\n- net: udp: fix handling of CHECKSUM_COMPLETE packets (networking-stable-18_11_02).\n- net/usb: cancel pending work when unbinding smsc75xx (networking-stable-18_10_16).\n- net: usb: r8152: constify usb_device_id (bsc#1119749).\n- net: usb: r8152: use irqsave() in USB\u0027s complete callback (bsc#1119749).\n- nfp: wait for posted reconfigs when disabling the device (networking-stable-18_09_11).\n- nfs: Avoid RCU usage in tracepoints (git-fixes).\n- nfs: commit direct writes even if they fail partially (git-fixes).\n- nfsd4: permit layoutget of executable-only files (git-fixes).\n- nfsd: check for use of the closed special stateid (git-fixes).\n- nfsd: CLOSE SHOULD return the invalid special stateid for NFSv4.x (x\u003e0) (git-fixes).\n- nfsd: deal with revoked delegations appropriately (git-fixes).\n- nfsd: Ensure we check stateid validity in the seqid operation checks (git-fixes).\n- nfsd: Fix another OPEN stateid race (git-fixes).\n- nfsd: fix corrupted reply to badly ordered compound (git-fixes).\n- nfsd: fix potential use-after-free in nfsd4_decode_getdeviceinfo (git-fixes).\n- nfsd: Fix stateid races between OPEN and CLOSE (git-fixes).\n- nfs: do not wait on commit in nfs_commit_inode() if there were no commit requests (git-fixes).\n- nfsd: restrict rd_maxcount to svc_max_payload in nfsd_encode_readdir (git-fixes).\n- nfs: Ensure we commit after writeback is complete (bsc#1111809).\n- nfs: Fix an incorrect type in struct nfs_direct_req (git-fixes).\n- nfs: Fix a typo in nfs_rename() (git-fixes).\n- nfs: Fix typo in nomigration mount option (git-fixes).\n- nfs: Fix unstable write completion (git-fixes).\n- nfsv4.0 fix client reference leak in callback (git-fixes).\n- nfsv4.1: Fix a potential layoutget/layoutrecall deadlock (git-fixes).\n- nfsv4.1 fix infinite loop on I/O (git-fixes).\n- nfsv4.1: Fix the client behaviour on NFS4ERR_SEQ_FALSE_RETRY (git-fixes).\n- nfsv4.1: Fix up replays of interrupted requests (git-fixes).\n- nfsv4: Fix a typo in nfs41_sequence_process (git-fixes).\n- nl80211: Fix possible Spectre-v1 for CQM RSSI thresholds (bsc#1051510).\n- nl80211: Fix possible Spectre-v1 for NL80211_TXRATE_HT (bsc#1051510).\n- nospec: Allow index argument to have const-qualified type (git-fixes)\n- nospec: Include \u0026lt;asm/barrier.h\u003e dependency (bsc#1114279).\n- nospec: Kill array_index_nospec_mask_check() (git-fixes).\n- nvme-fc: resolve io failures during connect (bsc#1116803).\n- nvme: Free ctrl device name on init failure ().\n- nvme-multipath: zero out ANA log buffer (bsc#1105168).\n- nvme: validate controller state before rescheduling keep alive (bsc#1103257).\n- objtool: Detect RIP-relative switch table references (bsc#1058115).\n- objtool: Detect RIP-relative switch table references, part 2 (bsc#1058115).\n- objtool: Fix another switch table detection issue (bsc#1058115).\n- objtool: Fix double-free in .cold detection error path (bsc#1058115).\n- objtool: Fix GCC 8 cold subfunction detection for aliased functions (bsc#1058115).\n- objtool: Fix \u0027noreturn\u0027 detection for recursive sibling calls (bsc#1058115).\n- objtool: Fix segfault in .cold detection with -ffunction-sections (bsc#1058115).\n- objtool: Support GCC 8\u0027s cold subfunctions (bsc#1058115).\n- objtool: Support GCC 8 switch tables (bsc#1058115).\n- ocfs2: fix a misuse a of brelse after failing ocfs2_check_dir_entry (bsc#1117817).\n- ocfs2: fix locking for res-\u003etracking and dlm-\u003etracking_list (bsc#1117816).\n- ocfs2: fix ocfs2 read block panic (bsc#1117815).\n- ocfs2: free up write context when direct IO failed (bsc#1117821).\n- ocfs2: subsystem.su_mutex is required while accessing the item-\u003eci_parent (bsc#1117808).\n- openvswitch: Fix push/pop ethernet validation (networking-stable-18_11_02).\n- panic: avoid deadlocks in re-entrant console drivers (bsc#1088386).\n- PCI: Add ACS quirk for Ampere root ports (bsc#1120058).\n- PCI: Add ACS quirk for APM X-Gene devices (bsc#1120058).\n- PCI: Add Device IDs for Intel GPU \u0027spurious interrupt\u0027 quirk (bsc#1051510).\n- PCI/ASPM: Do not initialize link state when aspm_disabled is set (bsc#1051510).\n- PCI: Convert device-specific ACS quirks from NULL termination to ARRAY_SIZE (bsc#1120058).\n- PCI: Delay after FLR of Intel DC P3700 NVMe (bsc#1120058).\n- PCI: Disable Samsung SM961/PM961 NVMe before FLR (bsc#1120058).\n- PCI: dwc: remove duplicate fix References: bsc#1115269 Patch has been already applied by the following commit: 9f73db8b7c PCI: dwc: Fix enumeration end when reaching root subordinate (bsc#1051510)\n- PCI: Export pcie_has_flr() (bsc#1120058).\n- PCI: hv: Convert remove_lock to refcount (bsc#1107207).\n- PCI: hv: Fix return value check in hv_pci_assign_slots() (bsc#1107207).\n- PCI: hv: Remove unused reason for refcount handler (bsc#1107207).\n- PCI: hv: Replace GFP_ATOMIC with GFP_KERNEL in new_pcichild_device() (bsc#1107207).\n- PCI: hv: support reporting serial number as slot information (bsc#1107207).\n- PCI: hv: Use effective affinity mask (bsc#1109772).\n- PCI: hv: Use list_for_each_entry() (bsc#1107207).\n- PCI: imx6: Fix link training status detection in link up check (bsc#1109806).\n- PCI: iproc: Activate PAXC bridge quirk for more devices (bsc#1120058).\n- PCI: iproc: Remove PAXC slot check to allow VF support (bsc#1109806).\n- PCI: Mark Ceton InfiniTV4 INTx masking as broken (bsc#1120058).\n- PCI: Mark fall-through switch cases before enabling -Wimplicit-fallthrough (bsc#1120058).\n- PCI: Mark Intel XXV710 NIC INTx masking as broken (bsc#1120058).\n- PCI/MSI: Warn and return error if driver enables MSI/MSI-X twice (bsc#1051510).\n- PCI: vmd: Assign vector zero to all bridges (bsc#1109806).\n- PCI: vmd: Detach resources after stopping root bus (bsc#1109806).\n- PCI: vmd: White list for fast interrupt handlers (bsc#1109806).\n- pcmcia: Implement CLKRUN protocol disabling for Ricoh bridges (bsc#1051510).\n- percpu: make this_cpu_generic_read() atomic w.r.t. interrupts (bsc#1114279).\n- perf: fix invalid bit in diagnostic entry (git-fixes).\n- perf tools: Fix tracing_path_mount proper path (git-fixes).\n- pinctrl: at91-pio4: fix has_config check in atmel_pctl_dt_subnode_to_map() (bsc#1051510).\n- pinctrl: meson: fix pinconf bias disable (bsc#1051510).\n- pinctrl: qcom: spmi-mpp: Fix drive strength setting (bsc#1051510).\n- pinctrl: qcom: spmi-mpp: Fix err handling of pmic_mpp_set_mux (bsc#1051510).\n- pinctrl: spmi-mpp: Fix pmic_mpp_config_get() to be compliant (bsc#1051510).\n- pinctrl: ssbi-gpio: Fix pm8xxx_pin_config_get() to be compliant (bsc#1051510).\n- platform-msi: Free descriptors in platform_msi_domain_free() (bsc#1051510).\n- platform/x86: acerhdf: Add BIOS entry for Gateway LT31 v1.3307 (bsc#1051510).\n- platform/x86: intel_telemetry: report debugfs failure (bsc#1051510).\n- pNFS: Always free the session slot on error in nfs4_layoutget_handle_exception (git-fixes).\n- pNFS: Do not release the sequence slot until we\u0027ve processed layoutget on open (git-fixes).\n- pNFS: Prevent the layout header refcount going to zero in pnfs_roc() (git-fixes).\n- powerpc/64s: consolidate MCE counter increment (bsc#1094244).\n- powerpc/64s/hash: Do not use PPC_INVALIDATE_ERAT on CPUs before POWER9 (bsc#1065729).\n- powerpc/64s/radix: Fix process table entry cache invalidation (bsc#1055186, git-fixes).\n- powerpc/boot: Expose Kconfig symbols to wrapper (bsc#1065729).\n- powerpc/boot: Fix build failures with -j 1 (bsc#1065729).\n- powerpc/boot: Fix opal console in boot wrapper (bsc#1065729).\n- powerpc/mm: Fix typo in comments (bsc#1065729).\n- powerpc/mm/keys: Move pte bits to correct headers (bsc#1078248).\n- powerpc/npu-dma.c: Fix crash after __mmu_notifier_register failure (bsc#1055120).\n- powerpc/perf: Update raw-event code encoding comment for power8 (bsc#1065729).\n- powerpc/pkeys: Fix handling of pkey state across fork() (bsc#1078248, git-fixes).\n- powerpc/powernv: Do not select the cpufreq governors (bsc#1065729).\n- powerpc/powernv: Fix concurrency issue with npu-\u003emmio_atsd_usage (bsc#1055120).\n- powerpc/powernv: Fix opal_event_shutdown() called with interrupts disabled (bsc#1065729).\n- powerpc/powernv: Fix save/restore of SPRG3 on entry/exit from stop (idle) (bsc#1055121).\n- powerpc/powernv/npu: Add lock to prevent race in concurrent context init/destroy (bsc#1055120).\n- powerpc/powernv/npu: Do not explicitly flush nmmu tlb (bsc#1055120).\n- powerpc/powernv/npu: Fix deadlock in mmio_invalidate() (bsc#1055120).\n- powerpc/powernv/npu: Prevent overwriting of pnv_npu2_init_contex() callback parameters (bsc#1055120).\n- powerpc/powernv/npu: Use flush_all_mm() instead of flush_tlb_mm() (bsc#1055120).\n- powerpc/powernv/pci: Work around races in PCI bridge enabling (bsc#1055120).\n- powerpc/pseries: Fix DTL buffer registration (bsc#1065729).\n- powerpc/pseries: Fix how we iterate over the DTL entries (bsc#1065729).\n- powerpc/pseries/mobility: Extend start/stop topology update scope (bsc#1116950, bsc#1115709).\n- powerpc/pseries: Track LMB nid instead of using device tree (bsc#1108270).\n- powerpc/traps: restore recoverability of machine_check interrupts (bsc#1094244).\n- power: supply: max8998-charger: Fix platform data retrieval (bsc#1051510).\n- power: supply: olpc_battery: correct the temperature units (bsc#1051510).\n- pppoe: fix reception of frames with no mac header (networking-stable-18_09_24).\n- printk: Fix panic caused by passing log_buf_len to command line (bsc#1117168).\n- provide linux/set_memory.h (bsc#1113295).\n- ptp: fix Spectre v1 vulnerability (bsc#1051510).\n- ptrace: Remove unused ptrace_may_access_sched() and MODE_IBRS (bsc#1106913).\n- pwm: lpss: Release runtime-pm reference from the driver\u0027s remove callback (bsc#1051510).\n- pxa168fb: prepare the clock (bsc#1051510).\n- qed: Add driver support for 20G link speed (bsc#1110558).\n- qed: Add support for virtual link (bsc#1111795).\n- qede: Add driver support for 20G link speed (bsc#1110558).\n- qmi_wwan: apply SET_DTR quirk to the SIMCOM shared device ID (bsc#1051510).\n- qmi_wwan: Support dynamic config on Quectel EP06 (bsc#1051510).\n- r8152: add byte_enable for ocp_read_word function (bsc#1119749).\n- r8152: add Linksys USB3GIGV1 id (bsc#1119749).\n- r8152: add r8153_phy_status function (bsc#1119749).\n- r8152: adjust lpm settings for RTL8153 (bsc#1119749).\n- r8152: adjust rtl8153_runtime_enable function (bsc#1119749).\n- r8152: adjust the settings about MAC clock speed down for RTL8153 (bsc#1119749).\n- r8152: adjust U2P3 for RTL8153 (bsc#1119749).\n- r8152: avoid rx queue more than 1000 packets (bsc#1119749).\n- r8152: check if disabling ALDPS is finished (bsc#1119749).\n- r8152: correct the definition (bsc#1119749).\n- r8152: disable RX aggregation on Dell TB16 dock (bsc#1119749).\n- r8152: disable RX aggregation on new Dell TB16 dock (bsc#1119749).\n- r8152: fix wrong checksum status for received IPv4 packets (bsc#1119749).\n- r8152: move calling delay_autosuspend function (bsc#1119749).\n- r8152: move the default coalesce setting for RTL8153 (bsc#1119749).\n- r8152: move the initialization to reset_resume function (bsc#1119749).\n- r8152: move the setting of rx aggregation (bsc#1119749).\n- r8152: replace napi_complete with napi_complete_done (bsc#1119749).\n- r8152: set rx mode early when linking on (bsc#1119749).\n- r8152: split rtl8152_resume function (bsc#1119749).\n- r8152: support new chip 8050 (bsc#1119749).\n- r8152: support RTL8153B (bsc#1119749).\n- r8169: fix NAPI handling under high load (networking-stable-18_11_02).\n- rbd: whitelist RBD_FEATURE_OPERATIONS feature bit (Git-fixes).\n- rcu: Allow for page faults in NMI handlers (bsc#1120092).\n- RDMA/bnxt_re: Add missing spin lock initialization (bsc#1050244 ).\n- RDMA/bnxt_re: Avoid accessing the device structure after it is freed (bsc#1050244).\n- RDMA/bnxt_re: Avoid NULL check after accessing the pointer (bsc#1086283).\n- RDMA/bnxt_re: Fix system hang when registration with L2 driver fails (bsc#1086283).\n- RDMA/hns: Bugfix pbl configuration for rereg mr (bsc#1104427 ).\n- RDMA/RXE: make rxe work over 802.1q VLAN devices (bsc#1082387).\n- rds: fix two RCU related problems (networking-stable-18_09_18).\n- README: Clean-up trailing whitespace\n- Reenable support for KVM guest Earlier trimming of config-azure disabled also KVM. But since parts of QA are done within KVM guests, this flavor must be able to run within such guest type.\n- remoteproc: qcom: Fix potential device node leaks (bsc#1051510).\n- reset: hisilicon: fix potential NULL pointer dereference (bsc#1051510).\n- reset: imx7: Fix always writing bits as 0 (bsc#1051510).\n- reset: remove remaining WARN_ON() in \u0026lt;linux/reset.h\u003e (Git-fixes).\n- Revert \u0027ceph: fix dentry leak in splice_dentry()\u0027 (bsc#1114839).\n- Revert commit ef9209b642f \u0027staging: rtl8723bs: Fix indenting errors and an off-by-one mistake in core/rtw_mlme_ext.c\u0027 (bsc#1051510).\n- Revert \u0027iommu/io-pgtable-arm: Check for v7s-incapable systems\u0027 (bsc#1106105).\n- Revert \u0027PCI/ASPM: Do not initialize link state when aspm_disabled is set\u0027 (bsc#1051510).\n- Revert \u0027powerpc/64: Fix checksum folding in csum_add()\u0027 (bsc#1065729).\n- Revert \u0027rpm/kernel-binary.spec.in: allow unsupported modules for -extra\u0027 This reverts commit 0d585a8c2d17de86869cc695fc7a5d10c6b96abb.\n- Revert \u0027scsi: lpfc: ls_rjt erroneus FLOGIs\u0027 (bsc#1119322).\n- Revert \u0027usb: dwc3: gadget: skip Set/Clear Halt when invalid\u0027 (bsc#1051510).\n- Revert wlcore patch to follow stable tree develpment\n- ring-buffer: Allow for rescheduling when removing pages (bsc#1120238).\n- ring-buffer: Do no reuse reader page if still in use (bsc#1120096).\n- ring-buffer: Mask out the info bits when returning buffer page length (bsc#1120094).\n- rpm/kernel-binary.spec.in: add macros.s into kernel-*-devel Starting with 4.20-rc1, file arch/*/kernel/macros.s is needed to build out of tree modules. Add it to kernel-${flavor}-devel packages if it exists.\n- rpm: use syncconfig instead of silentoldconfig where available Since mainline commit 0085b4191f3e (\u0027kconfig: remove silentoldconfig target\u0027), \u0027make silentoldconfig\u0027 can be no longer used. Use \u0027make syncconfig\u0027 instead if available.\n- rtc: hctosys: Add missing range error reporting (bsc#1051510).\n- rtc: m41t80: Correct alarm month range with RTC reads (bsc#1051510).\n- rtc: pcf2127: fix a kmemleak caused in pcf2127_i2c_gather_write (bsc#1051510).\n- rtc: snvs: Add timeouts to avoid kernel lockups (bsc#1051510).\n- rtl8xxxu: Fix missing break in switch (bsc#1051510).\n- rtnetlink: Disallow FDB configuration for non-Ethernet device (networking-stable-18_11_02).\n- rtnetlink: fix rtnl_fdb_dump() for ndmsg header (networking-stable-18_10_16).\n- rtnl: limit IFLA_NUM_TX_QUEUES and IFLA_NUM_RX_QUEUES to 4096 (networking-stable-18_10_16).\n- s390/cpum_sf: Add data entry sizes to sampling trailer entry (git-fixes).\n- s390/dasd: simplify locking in dasd_times_out (bsc#1104967,).\n- s390/kdump: Fix elfcorehdr size calculation (bsc#1117953, LTC#171112).\n- s390/kdump: Make elfcorehdr size calculation ABI compliant (bsc#1117953, LTC#171112).\n- s390/kvm: fix deadlock when killed by oom (bnc#1113501, LTC#172235).\n- s390/mm: Check for valid vma before zapping in gmap_discard (git-fixes).\n- s390/mm: correct allocate_pgste proc_handler callback (git-fixes).\n- s390: qeth_core_mpc: Use ARRAY_SIZE instead of reimplementing its function (bnc#1113501, LTC#172682).\n- s390/qeth: fix HiperSockets sniffer (bnc#1113501, LTC#172953).\n- s390/qeth: fix length check in SNMP processing (bsc#1117953, LTC#173657).\n- s390: qeth: Fix potential array overrun in cmd/rc lookup (bnc#1113501, LTC#172682).\n- s390/qeth: handle failure on workqueue creation (git-fixes).\n- s390/qeth: remove outdated portname debug msg (bsc#1117953, LTC#172960).\n- s390/qeth: report 25Gbit link speed (bnc#1113501, LTC#172959).\n- s390/qeth: sanitize strings in debug messages (bsc#1117953, LTC#172960).\n- s390: revert ELF_ET_DYN_BASE base changes (git-fixes).\n- s390/sclp_tty: enable line mode tty even if there is an ascii console (git-fixes).\n- s390/sthyi: add cache to store hypervisor info (LTC#160415, bsc#1068273).\n- s390/sthyi: add s390_sthyi system call (LTC#160415, bsc#1068273).\n- s390/sthyi: reorganize sthyi implementation (LTC#160415, bsc#1068273).\n- sbitmap: fix race in wait batch accounting (Git-fixes).\n- sched/core: Fix cpu.max vs. cpuhotplug deadlock (bsc#1106913).\n- sched/fair: Fix infinite loop in update_blocked_averages() by reverting a9e7f6544b9c (Git fixes (scheduler)).\n- sched/isolcpus: Fix \u0027isolcpus=\u0027 boot parameter handling when !CONFIG_CPUMASK_OFFSTACK (bsc#1107207).\n- sched/smt: Expose sched_smt_present static key (bsc#1106913).\n- sched/smt: Make sched_smt_present track topology (bsc#1106913).\n- sched, tracing: Fix trace_sched_pi_setprio() for deboosting (bsc#1120228).\n- scripts/git-pre-commit: make executable.\n- scripts/git_sort/git_sort.py: add mkp/scsi.git 4.21/scsi-queue\n- scripts/git_sort/git_sort.py: change SCSI git repos to make series sorting more failsafe.\n- scsi: core: Avoid that SCSI device removal through sysfs triggers a deadlock (bsc#1114578).\n- scsi: libsas: remove irq save in sas_ata_qc_issue() (bsc#1114580).\n- scsi: lpfc: add support to retrieve firmware logs (bsc#1114015).\n- scsi: lpfc: add Trunking support (bsc#1114015).\n- scsi: lpfc: Cap NPIV vports to 256 (bsc#1118215).\n- scsi: lpfc: Correct code setting non existent bits in sli4 ABORT WQE (bsc#1118215).\n- scsi: lpfc: Correct errors accessing fw log (bsc#1114015).\n- scsi: lpfc: Correct invalid EQ doorbell write on if_type=6 (bsc#1114015).\n- scsi: lpfc: Correct irq handling via locks when taking adapter offline (bsc#1114015).\n- scsi: lpfc: Correct LCB RJT handling (bsc#1114015).\n- scsi: lpfc: Correct loss of fc4 type on remote port address change (bsc#1114015).\n- scsi: lpfc: Correct race with abort on completion path (bsc#1114015).\n- scsi: lpfc: Correct soft lockup when running mds diagnostics (bsc#1114015).\n- scsi: lpfc: Correct speeds on SFP swap (bsc#1114015).\n- scsi: lpfc: Correct topology type reporting on G7 adapters (bsc#1118215).\n- scsi: lpfc: Defer LS_ACC to FLOGI on point to point logins (bsc#1118215).\n- scsi: lpfc: Enable Management features for IF_TYPE=6 (bsc#1119322).\n- scsi: lpfc: fcoe: Fix link down issue after 1000+ link bounces (bsc#1114015).\n- scsi: lpfc: Fix a duplicate 0711 log message number (bsc#1118215).\n- scsi: lpfc: fix block guard enablement on SLI3 adapters (bsc#1079935).\n- scsi: lpfc: Fix dif and first burst use in write commands (bsc#1118215).\n- scsi: lpfc: Fix discovery failures during port failovers with lots of vports (bsc#1118215).\n- scsi: lpfc: Fix driver release of fw-logging buffers (bsc#1118215).\n- scsi: lpfc: Fix errors in log messages (bsc#1114015).\n- scsi: lpfc: Fix GFT_ID and PRLI logic for RSCN (bsc#1114015).\n- scsi: lpfc: Fix kernel Oops due to null pring pointers (bsc#1118215).\n- scsi: lpfc: Fix LOGO/PLOGI handling when triggerd by ABTS Timeout event (bsc#1114015).\n- scsi: lpfc: Fix lpfc_sli4_read_config return value check (bsc#1114015).\n- scsi: lpfc: Fix odd recovery in duplicate FLOGIs in point-to-point (bsc#1114015).\n- scsi: lpfc: Fix panic when FW-log buffsize is not initialized (bsc#1118215).\n- scsi: lpfc: Implement GID_PT on Nameserver query to support faster failover (bsc#1114015).\n- scsi: lpfc: ls_rjt erroneus FLOGIs (bsc#1118215).\n- scsi: lpfc: Raise nvme defaults to support a larger io and more connectivity (bsc#1114015).\n- scsi: lpfc: raise sg count for nvme to use available sg resources (bsc#1114015).\n- scsi: lpfc: reduce locking when updating statistics (bsc#1114015).\n- scsi: lpfc: refactor mailbox structure context fields (bsc#1118215).\n- scsi: lpfc: Remove set but not used variable \u0027sgl_size\u0027 (bsc#1114015).\n- scsi: lpfc: Reset link or adapter instead of doing infinite nameserver PLOGI retry (bsc#1114015).\n- scsi: lpfc: rport port swap discovery issue (bsc#1118215).\n- scsi: lpfc: Synchronize access to remoteport via rport (bsc#1114015).\n- scsi: lpfc: update driver version to 12.0.0.7 (bsc#1114015).\n- scsi: lpfc: update driver version to 12.0.0.8 (bsc#1114015).\n- scsi: lpfc: update driver version to 12.0.0.9 (bsc#1118215).\n- scsi: lpfc: update manufacturer attribute to reflect Broadcom (bsc#1118215).\n- scsi: netvsc: Use the vmbus function to calculate ring buffer percentage (bsc#1107207).\n- scsi: qlogicpti: Fix an error handling path in \u0027qpti_sbus_probe()\u0027 (bsc#1114581).\n- scsi: scsi_transport_srp: Fix shost to rport translation (bsc#1114582).\n- scsi: sg: fix minor memory leak in error path (bsc#1114584).\n- scsi: storsvc: do not set a bounce limit (bsc#1107207).\n- scsi: storvsc: Avoid allocating memory for temp cpumasks (bsc#1107207).\n- scsi: storvsc: Select channel based on available percentage of ring buffer to write (bsc#1107207).\n- scsi: storvsc: Set up correct queue depth values for IDE devices (bsc#1107207).\n- scsi: sysfs: Introduce sysfs_{un,}break_active_protection() (bsc#1114578).\n- scsi: target: add emulate_pr backstore attr to toggle PR support (bsc#1091405).\n- scsi: target: drop unused pi_prot_format attribute storage (bsc#1091405).\n- scsi: target: Fix fortify_panic kernel exception (bsc#1114576).\n- scsi: target/tcm_loop: Avoid that static checkers warn about dead code (bsc#1114577).\n- scsi: target: tcmu: add read length support (bsc#1097755).\n- scsi: vmbus: Add function to report available ring buffer to write in total ring size percentage (bsc#1107207).\n- scsi: zfcp: fix posting too many status read buffers leading to adapter shutdown (bsc#1121483, LTC#174588).\n- sctp: fix race on sctp_id2asoc (networking-stable-18_11_02).\n- sctp: fix strchange_flags name for Stream Change Event (networking-stable-18_11_21).\n- sctp: hold transport before accessing its asoc in sctp_transport_get_next (networking-stable-18_09_11).\n- sctp: not allow to set asoc prsctp_enable by sockopt (networking-stable-18_11_21).\n- sctp: not increase stream\u0027s incnt before sending addstrm_in request (networking-stable-18_11_21).\n- sctp: update dst pmtu with the correct daddr (networking-stable-18_10_16).\n- shmem: introduce shmem_inode_acct_block (VM Functionality, bsc#1121599).\n- shmem: shmem_charge: verify max_block is not exceeded before inode update (VM Functionality, bsc#1121599).\n- skd: Avoid that module unloading triggers a use-after-free (Git-fixes).\n- skd: Submit requests to firmware before triggering the doorbell (Git-fixes).\n- skip LAYOUTRETURN if layout is invalid (git-fixes).\n- soc: bcm2835: sync firmware properties with downstream ()\n- soc: fsl: qbman: qman: avoid allocating from non existing gen_pool (bsc#1051510).\n- soc: ti: QMSS: Fix usage of irq_set_affinity_hint (bsc#1051510).\n- spi: bcm2835: Avoid finishing transfer prematurely in IRQ mode (bsc#1051510).\n- spi: bcm2835: Fix book-keeping of DMA termination (bsc#1051510).\n- spi: bcm2835: Fix race on DMA termination (bsc#1051510).\n- spi: bcm2835: Unbreak the build of esoteric configs (bsc#1051510).\n- splice: do not read more than available pipe space (bsc#1119212).\n- staging: bcm2835-camera: Abort probe if there is no camera (bsc#1051510).\n- staging:iio:ad7606: fix voltage scales (bsc#1051510).\n- staging: rtl8712: Fix possible buffer overrun (bsc#1051510).\n- staging: rtl8723bs: Add missing return for cfg80211_rtw_get_station (bsc#1051510).\n- staging: rtl8723bs: Fix the return value in case of error in \u0027rtw_wx_read32()\u0027 (bsc#1051510).\n- staging: rts5208: fix gcc-8 logic error warning (bsc#1051510).\n- staging: vchiq_arm: fix compat VCHIQ_IOC_AWAIT_COMPLETION (bsc#1051510).\n- staging: wilc1000: fix missing read_write setting when reading data (bsc#1051510).\n- SUNRPC: Allow connect to return EHOSTUNREACH (git-fixes).\n- sunrpc: Do not use stack buffer with scatterlist (git-fixes).\n- sunrpc: Fix rpc_task_begin trace point (git-fixes).\n- SUNRPC: Fix tracepoint storage issues with svc_recv and svc_rqst_status (git-fixes).\n- supported.conf: add raspberrypi-ts driver\n- supported.conf: whitelist bluefield eMMC driver\n- target: fix buffer offset in core_scsi3_pri_read_full_status (bsc1117349).\n- target/iscsi: avoid NULL dereference in CHAP auth error path (bsc#1117165).\n- target: se_dev_attrib.emulate_pr ABI stability (bsc#1091405).\n- tcp: do not restart timewait timer on rst reception (networking-stable-18_09_11).\n- team: no need to do team_notify_peers or team_mcast_rejoin when disabling port (bsc#1051510).\n- termios, tty/tty_baudrate.c: fix buffer overrun (bsc#1051510).\n- test_firmware: fix error return getting clobbered (bsc#1051510).\n- test_hexdump: use memcpy instead of strncpy (bsc#1051510).\n- tg3: Add PHY reset for 5717/5719/5720 in change ring and flow control paths (networking-stable-18_11_21).\n- thermal: bcm2835: enable hwmon explicitly (bsc#1108468).\n- thermal: da9062/61: Prevent hardware access during system suspend (bsc#1051510).\n- thermal: rcar_thermal: Prevent hardware access during system suspend (bsc#1051510).\n- tipc: do not assume linear buffer when reading ancillary data (networking-stable-18_11_21).\n- tipc: fix a missing rhashtable_walk_exit() (networking-stable-18_09_11).\n- tipc: fix flow control accounting for implicit connect (networking-stable-18_10_16).\n- tmpfs: make lseek(SEEK_DATA/SEK_HOLE) return ENXIO with a negative offset (bsc#1051510).\n- tools: hv: fcopy: set \u0027error\u0027 in case an unknown operation was requested (bsc#1107207).\n- tools: hv: fcopy: set \u0027error\u0027 in case an unknown operation was requested (git-fixes).\n- tools: hv: Fix a bug in the key delete code (bsc#1107207).\n- tools: hv: Fix a bug in the key delete code (git-fixes).\n- tools: hv: fix compiler warnings about major/target_fname (bsc#1107207).\n- tools/hv: Fix IP reporting by KVP daemon with SRIOV (bsc#1107207).\n- tools: hv: include string.h in hv_fcopy_daemon (bsc#1107207).\n- tools: hv: include string.h in hv_fcopy_daemon (git-fixes).\n- tools: hv: update lsvmbus to be compatible with python3 (bsc#1107207).\n- tools/lib/lockdep: Rename \u0027trywlock\u0027 into \u0027trywrlock\u0027 (bsc#1121973).\n- tools/power/cpupower: fix compilation with STATIC=true (git-fixes).\n- tools/power turbostat: fix possible sprintf buffer overflow (git-fixes).\n- tpm2-cmd: allow more attempts for selftest execution (bsc#1082555).\n- tpm: add retry logic (bsc#1082555).\n- tpm: consolidate the TPM startup code (bsc#1082555).\n- tpm: do not suspend/resume if power stays on (bsc#1082555).\n- tpm: fix intermittent failure with self tests (bsc#1082555).\n- tpm: fix response size validation in tpm_get_random() (bsc#1082555).\n- tpm: move endianness conversion of ordinals to tpm_input_header (bsc#1082555).\n- tpm: move endianness conversion of TPM_TAG_RQU_COMMAND to tpm_input_header (bsc#1082555).\n- tpm: move the delay_msec increment after sleep in tpm_transmit() (bsc#1082555).\n- tpm: React correctly to RC_TESTING from TPM 2.0 self tests (bsc#1082555).\n- tpm: replace msleep() with usleep_range() in TPM 1.2/2.0 generic drivers (bsc#1082555).\n- tpm: Restore functionality to xen vtpm driver (bsc#1082555).\n- tpm: self test failure should not cause suspend to fail (bsc#1082555).\n- tpm: tpm-interface: fix tpm_transmit/_cmd kdoc (bsc#1082555).\n- tpm: Trigger only missing TPM 2.0 self tests (bsc#1082555).\n- tpm: Use dynamic delay to wait for TPM 2.0 self test result (bsc#1082555).\n- tpm: use tpm2_pcr_read() in tpm2_do_selftest() (bsc#1082555).\n- tpm: use tpm_buf functions in tpm2_pcr_read() (bsc#1082555).\n- tracing: Apply trace_clock changes to instance max buffer (bsc#1117188).\n- tracing/blktrace: Fix to allow setting same value (Git-fixes).\n- tracing: Erase irqsoff trace with empty write (bsc#1117189).\n- tracing: Fix bad use of igrab in trace_uprobe.c (bsc#1120046).\n- tracing: Fix crash when freeing instances with event triggers (bsc#1120230).\n- tracing: Fix crash when it fails to alloc ring buffer (bsc#1120097).\n- tracing: Fix double free of event_trigger_data (bsc#1120234).\n- tracing: Fix missing return symbol in function_graph output (bsc#1120232).\n- tracing: Fix possible double free in event_enable_trigger_func() (bsc#1120235).\n- tracing: Fix possible double free on failure of allocating trace buffer (bsc#1120214).\n- tracing: Fix regex_match_front() to not over compare the test string (bsc#1120223).\n- tracing: Fix trace_pipe behavior for instance traces (bsc#1120088).\n- tracing: Remove RCU work arounds from stack tracer (bsc#1120092).\n- tracing/samples: Fix creation and deletion of simple_thread_fn creation (git-fixes).\n- tty: check name length in tty_find_polling_driver() (bsc#1051510).\n- tty: Do not hold ldisc lock in tty_reopen() if ldisc present (bsc#1051510).\n- tty: Do not return -EAGAIN in blocking read (bsc#1116040).\n- tty: do not set TTY_IO_ERROR flag if console port (bsc#1051510).\n- tty: serial: 8250_mtk: always resume the device in probe (bsc#1051510).\n- tty: wipe buffer (bsc#1051510).\n- tty: wipe buffer if not echoing data (bsc#1051510).\n- tun: Consistently configure generic netdev params via rtnetlink (bsc#1051510).\n- tuntap: fix multiqueue rx (networking-stable-18_11_21).\n- ubifs: Fixup compilation failure due to different ubifs_assert() prototype.\n- ubifs: Handle re-linking of inodes correctly while recovery (bsc#1120598).\n- udf: Allow mounting volumes with incorrect identification strings (bsc#1118774).\n- udp4: fix IP_CMSG_CHECKSUM for connected sockets (networking-stable-18_09_24).\n- udp6: add missing checks on edumux packet processing (networking-stable-18_09_24).\n- udp6: fix encap return code for resubmitting (git-fixes).\n- uio: ensure class is registered before devices (bsc#1051510).\n- uio: Fix an Oops on load (bsc#1051510).\n- uio_hv_generic: fix subchannel ring mmap (bsc#1107207).\n- uio_hv_generic: make ring buffer attribute for primary channel (bsc#1107207).\n- uio_hv_generic: set size of ring buffer attribute (bsc#1107207).\n- uio_hv_generic: support sub-channels (bsc#1107207).\n- uio_hv_generic: use correct channel in isr (bsc#1107207).\n- uio: make symbol \u0027uio_class_registered\u0027 static (bsc#1051510).\n- unifdef: use memcpy instead of strncpy (bsc#1051510).\n- usb: appledisplay: Add 27\u0027 Apple Cinema Display (bsc#1051510).\n- usb: cdc-acm: add entry for Hiro (Conexant) modem (bsc#1051510).\n- usb: core: Fix hub port connection events lost (bsc#1051510).\n- usb: core: quirks: add RESET_RESUME quirk for Cherry G230 Stream series (bsc#1051510).\n- usb: dwc2: host: do not delay retries for CONTROL IN transfers (bsc#1114385).\n- usb: dwc2: host: Do not retry NAKed transactions right away (bsc#1114385).\n- usb: dwc2: host: use hrtimer for NAK retries (git-fixes).\n- usb: dwc3: core: Clean up ULPI device (bsc#1051510).\n- usb: dwc3: gadget: fix ISOC TRB type on unaligned transfers (bsc#1051510).\n- usb: dwc3: gadget: Properly check last unaligned/zero chain TRB (bsc#1051510).\n- usb: gadget: storage: Fix Spectre v1 vulnerability (bsc#1051510).\n- usb: gadget: udc: atmel: handle at91sam9rl PMC (bsc#1051510).\n- usb: gadget: u_ether: fix unsafe list iteration (bsc#1051510).\n- usb: host: ohci-at91: fix request of irq for optional gpio (bsc#1051510).\n- usb: hso: Fix OOB memory access in hso_probe/hso_get_config_data (bsc#1051510).\n- usbip: vhci_hcd: check rhport before using in vhci_hub_control() (bsc#1090888).\n- usbip:vudc: BUG kmalloc-2048 (Not tainted): Poison overwritten (bsc#1051510).\n- usb: misc: appledisplay: add 20\u0027 Apple Cinema Display (bsc#1051510).\n- usbnet: smsc95xx: disable carrier check while suspending (bsc#1051510).\n- usb: omap_udc: fix crashes on probe error and module removal (bsc#1051510).\n- usb: omap_udc: fix omap_udc_start() on 15xx machines (bsc#1051510).\n- usb: omap_udc: fix rejection of out transfers when DMA is used (bsc#1051510).\n- usb: omap_udc: fix USB gadget functionality on Palm Tungsten E (bsc#1051510).\n- usb: omap_udc: use devm_request_irq() (bsc#1051510).\n- usb: quirk: add no-LPM quirk on SanDisk Ultra Flair device (bsc#1051510).\n- usb: quirks: Add delay-init quirk for Corsair K70 LUX RGB (bsc#1051510).\n- usb: quirks: Add no-lpm quirk for Raydium touchscreens (bsc#1051510).\n- usb: serial: option: add Fibocom NL668 series (bsc#1051510).\n- usb: serial: option: add GosunCn ZTE WeLink ME3630 (bsc#1051510).\n- usb: serial: option: add HP lt4132 (bsc#1051510).\n- usb: serial: option: add Simcom SIM7500/SIM7600 (MBIM mode) (bsc#1051510).\n- usb: serial: option: add Telit LN940 series (bsc#1051510).\n- usb: serial: option: add two-endpoints device-id flag (bsc#1051510).\n- usb: serial: option: drop redundant interface-class test (bsc#1051510).\n- usb: serial: option: improve Quectel EP06 detection (bsc#1051510).\n- usb: usbip: Fix BUG: KASAN: slab-out-of-bounds in vhci_hub_control() (bsc#1106110).\n- usb: usb-storage: Add new IDs to ums-realtek (bsc#1051510).\n- usb: xhci: fix timeout for transition from RExit to U0 (bsc#1051510).\n- usb: xhci: fix uninitialized completion when USB3 port got wrong status (bsc#1051510).\n- usb: xhci: Prevent bus suspend if a port connect change or polling state is detected (bsc#1051510).\n- userfaultfd: clear the vma-\u003evm_userfaultfd_ctx if UFFD_EVENT_FORK fails (bsc#1118761).\n- userfaultfd: remove uffd flags from vma-\u003evm_flags if UFFD_EVENT_FORK fails (bsc#1118809).\n- v9fs_dir_readdir: fix double-free on p9stat_read error (bsc#1118771).\n- vfs: Avoid softlockups in drop_pagecache_sb() (bsc#1118505).\n- vhost: Fix Spectre V1 vulnerability (bsc#1051510).\n- vhost/scsi: truncate T10 PI iov_iter to prot_bytes (bsc#1051510).\n- virtio_net: avoid using netif_tx_disable() for serializing tx routine (networking-stable-18_11_02).\n- VMCI: Resource wildcard match fixed (bsc#1051510).\n- w1: omap-hdq: fix missing bus unregister at removal (bsc#1051510).\n- watchdog/core: Add missing prototypes for weak functions (git-fixes).\n- wireless: airo: potential buffer overflow in sprintf() (bsc#1051510).\n- wlcore: Fix the return value in case of error in \u0027wlcore_vendor_cmd_smart_config_start()\u0027 (bsc#1051510).\n- x86/bugs: Add AMD\u0027s SPEC_CTRL MSR usage (bsc#1106913).\n- x86/bugs: Fix the AMD SSBD usage of the SPEC_CTRL MSR (bsc#1106913).\n- x86/bugs: Switch the selection of mitigation from CPU vendor to CPU features (bsc#1106913).\n- x86/corruption-check: Fix panic in memory_corruption_check() when boot option without value is provided (bsc#1110006).\n- x86/cpu/vmware: Do not trace vmware_sched_clock() (bsc#1114279).\n- x86/decoder: Fix and update the opcodes map (bsc#1058115).\n- x86/headers/UAPI: Use __u64 instead of u64 in \u0026lt;uapi/asm/hyperv.h\u003e (bsc#1107207).\n- x86, hibernate: Fix nosave_regions setup for hibernation (bsc#1110006).\n- x86/hyperv: Add a function to read both TSC and TSC page value simulateneously (bsc#1107207).\n- x86/hyper-v: Add flush HvFlushGuestPhysicalAddressSpace hypercall support (bsc#1107207).\n- x86/hyper-v: Add hyperv_nested_flush_guest_mapping ftrace support (bsc#1107207).\n- x86/hyperv: Add interrupt handler annotations (bsc#1107207).\n- x86/hyper-v: allocate and use Virtual Processor Assist Pages (bsc#1107207).\n- x86/hyper-v: Allocate the IDT entry early in boot (bsc#1107207).\n- x86/hyper-v: Check cpumask_to_vpset() return value in hyperv_flush_tlb_others_ex() (bsc#1107207).\n- x86/hyper-v: Check for VP_INVAL in hyperv_flush_tlb_others() (bsc#1107207).\n- x86/hyper-v: Consolidate code for converting cpumask to vpset (bsc#1107207).\n- x86/hyper-v: Consolidate the allocation of the hypercall input page (bsc#1107207).\n- x86/hyper-v: define struct hv_enlightened_vmcs and clean field bits (bsc#1107207).\n- x86/hyper-v: detect nested features (bsc#1107207).\n- x86/hyper-v: Enable IPI enlightenments (bsc#1107207).\n- x86/hyper-v: Enhanced IPI enlightenment (bsc#1107207).\n- x86/hyper-v: Enlighten APIC access (bsc#1107207).\n- x86/hyper-v: Fix the circular dependency in IPI enlightenment (bsc#1107207).\n- x86/hyper-v: Fix wrong merge conflict resolution (bsc#1107207).\n- x86/hyper-v/hv_apic: Build the Hyper-V APIC conditionally (bsc#1107207).\n- x86/hyper-v/hv_apic: Include asm/apic.h (bsc#1107207).\n- x86/hyper-v: Implement hv_do_fast_hypercall16 (bsc#1107207).\n- x86/hyper-v: move definitions from TLFS to hyperv-tlfs.h (bsc#1107207).\n- x86/hyper-v: move hyperv.h out of uapi (bsc#1107207).\n- x86/hyper-v: move struct hv_flush_pcpu{,ex} definitions to common header (bsc#1107207).\n- x86/hyperv: Redirect reenlightment notifications on CPU offlining (bsc#1107207).\n- x86/hyperv: Reenlightenment notifications support (bsc#1107207).\n- x86/hyper-v: rename ipi_arg_{ex,non_ex} structures (bsc#1107207).\n- x86/hyper-v: Trace PV IPI send (bsc#1107207).\n- x86/hyper-v: Use cheaper HVCALL_FLUSH_VIRTUAL_ADDRESS_{LIST,SPACE} hypercalls when possible (bsc#1107207).\n- x86/hyper-v: Use cheaper HVCALL_SEND_IPI hypercall when possible (bsc#1107207).\n- x86/hyper-v: Use \u0027fast\u0027 hypercall for HVCALL_SEND_IPI (bsc#1107207).\n- x86/irq: Count Hyper-V reenlightenment interrupts (bsc#1107207).\n- x86/irq: implement irq_data_get_effective_affinity_mask() for v4.12 (bsc#1109772).\n- x86/kabi: Fix cpu_tlbstate issue (bsc#1106913).\n- x86/kvm/hyper-v: add reenlightenment MSRs support (bsc#1107207).\n- x86/kvm/hyper-v: inject #GP only when invalid SINTx vector is unmasked (bsc#1107207).\n- x86/kvm/hyper-v: remove stale entries from vec_bitmap/auto_eoi_bitmap on vector change (bsc#1107207).\n- x86/kvm: rename HV_X64_MSR_APIC_ASSIST_PAGE to HV_X64_MSR_VP_ASSIST_PAGE (bsc#1107207).\n- x86/l1tf: Show actual SMT state (bsc#1106913).\n- x86/ldt: Remove unused variable in map_ldt_struct() (bsc#1114279).\n- x86/ldt: Split out sanity check in map_ldt_struct() (bsc#1114279).\n- x86/ldt: Unmap PTEs for the slot before freeing LDT pages (bsc#1114279).\n- x86/MCE/AMD: Fix the thresholding machinery initialization order (bsc#1114279).\n- x86/MCE: Make correctable error detection look at the Deferred bit (bsc#1114279).\n- x86/mm: Fix decoy address handling vs 32-bit builds (bsc#1120606).\n- x86/mm/pat: Disable preemption around __flush_tlb_all() (bsc#1114279).\n- x86/PCI: Add additional VMD device root ports to VMD AER quirk (bsc#1120058).\n- x86/PCI: Add \u0027pci=big_root_window\u0027 option for AMD 64-bit windows (bsc#1120058).\n- x86/PCI: Apply VMD\u0027s AERSID fixup generically (bsc#1120058).\n- x86/PCI: Avoid AMD SB7xx EHCI USB wakeup defect (bsc#1120058).\n- x86/PCI: Enable a 64bit BAR on AMD Family 15h (Models 00-1f, 30-3f, 60-7f) (bsc#1120058).\n- x86/PCI: Enable AMD 64-bit window on resume (bsc#1120058).\n- x86/PCI: Fix infinite loop in search for 64bit BAR placement (bsc#1120058).\n- x86/PCI: Move and shrink AMD 64-bit window to avoid conflict (bsc#1120058).\n- x86/PCI: Move VMD quirk to x86 fixups (bsc#1120058).\n- x86/PCI: Only enable a 64bit BAR on single-socket AMD Family 15h (bsc#1120058).\n- x86/PCI: Use is_vmd() rather than relying on the domain number (bsc#1120058).\n- x86/process: Consolidate and simplify switch_to_xtra() code (bsc#1106913).\n- x86/pti: Document fix wrong index (git-fixes).\n- x86/retpoline: Make CONFIG_RETPOLINE depend on compiler support (bsc#1106913).\n- x86/retpoline: Remove minimal retpoline support (bsc#1106913).\n- x86/speculataion: Mark command line parser data __initdata (bsc#1106913).\n- x86/speculation: Add command line control for indirect branch speculation (bsc#1106913).\n- x86/speculation: Add prctl() control for indirect branch speculation (bsc#1106913).\n- x86/speculation: Add seccomp Spectre v2 user space protection mode (bsc#1106913).\n- x86/speculation: Apply IBPB more strictly to avoid cross-process data leak (bsc#1106913).\n- x86/speculation: Avoid __switch_to_xtra() calls (bsc#1106913).\n- x86/speculation: Clean up spectre_v2_parse_cmdline() (bsc#1106913).\n- x86/speculation: Disable STIBP when enhanced IBRS is in use (bsc#1106913).\n- x86/speculation: Enable cross-hyperthread spectre v2 STIBP mitigation (bsc#1106913).\n- x86/speculation: Enable prctl mode for spectre_v2_user (bsc#1106913).\n- x86/speculation/l1tf: Drop the swap storage limit restriction when l1tf=off (bnc#1114871).\n- x86/speculation: Mark string arrays const correctly (bsc#1106913).\n- x86/speculation: Move STIPB/IBPB string conditionals out of cpu_show_common() (bsc#1106913).\n- x86/speculation: Prepare arch_smt_update() for PRCTL mode (bsc#1106913).\n- x86/speculation: Prepare for conditional IBPB in switch_mm() (bsc#1106913).\n- x86/speculation: Prepare for per task indirect branch speculation control (bsc#1106913).\n- x86/speculation: Prevent stale SPEC_CTRL msr content (bsc#1106913).\n- x86/speculation: Propagate information about RSB filling mitigation to sysfs (bsc#1106913).\n- x86/speculation: Provide IBPB always command line options (bsc#1106913).\n- x86/speculation: Remove unnecessary ret variable in cpu_show_common() (bsc#1106913).\n- x86/speculation: Rename SSBD update functions (bsc#1106913).\n- x86/speculation: Reorder the spec_v2 code (bsc#1106913).\n- x86/speculation: Reorganize speculation control MSRs update (bsc#1106913).\n- x86/speculation: Rework SMT state change (bsc#1106913).\n- x86/speculation: Split out TIF update (bsc#1106913).\n- x86/speculation: Support Enhanced IBRS on future CPUs ().\n- x86/speculation: Unify conditional spectre v2 print functions (bsc#1106913).\n- x86/speculation: Update the TIF_SSBD comment (bsc#1106913).\n- x86/xen: Fix boot loader version reported for PVH guests (bnc#1065600).\n- xen/balloon: Support xend-based toolstack (bnc#1065600).\n- xen/blkfront: avoid NULL blkfront_info dereference on device removal (bsc#1111062).\n- xen: fix race in xen_qlock_wait() (bnc#1107256).\n- xen: fix xen_qlock_wait() (bnc#1107256).\n- xen: make xen_qlock_wait() nestable (bnc#1107256).\n- xen/netfront: do not bug in case of too many frags (bnc#1104824).\n- xen/netfront: tolerate frags with no data (bnc#1119804).\n- xen/pvh: do not try to unplug emulated devices (bnc#1065600).\n- xen/pvh: increase early stack size (bnc#1065600).\n- xen-swiotlb: use actually allocated size on check physical continuous (bnc#1065600).\n- xen/x86: add diagnostic printout to xen_mc_flush() in case of error (bnc#1116183).\n- xfs: Align compat attrlist_by_handle with native implementation (git-fixes).\n- xfs: Fix error code in \u0027xfs_ioc_getbmap()\u0027 (git-fixes).\n- xfs: fix quotacheck dquot id overflow infinite loop (bsc#1121621).\n- xfs: Fix xqmstats offsets in /proc/fs/xfs/xqmstat (git-fixes).\n- xfs: Properly detect when DAX won\u0027t be used on any device (bsc#1115976).\n- xfs: xfs_buf: drop useless LIST_HEAD (git-fixes).\n- xhci: Add check for invalid byte size error when UAS devices are connected (bsc#1051510).\n- xhci: Add quirk to workaround the errata seen on Cavium Thunder-X2 Soc (bsc#1117162).\n- xhci: Do not prevent USB2 bus suspend in state check intended for USB3 only (bsc#1051510).\n- xhci: Fix leaking USB3 shared_hcd at xhci removal (bsc#1051510).\n- xhci: Prevent U1/U2 link pm states if exit latency is too long (bsc#1051510).\n- xprtrdma: Do not defer fencing an async RPC\u0027s chunks (git-fixes).\n",
"title": "Description of the patch"
},
{
"category": "details",
"text": "SUSE-2019-222,SUSE-SLE-SERVER-12-SP4-2019-222",
"title": "Patchnames"
},
{
"category": "legal_disclaimer",
"text": "CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).",
"title": "Terms of use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://www.suse.com/support/security/contact/",
"name": "SUSE Product Security Team",
"namespace": "https://www.suse.com/"
},
"references": [
{
"category": "external",
"summary": "SUSE ratings",
"url": "https://www.suse.com/support/security/rating/"
},
{
"category": "self",
"summary": "URL of this CSAF notice",
"url": "https://ftp.suse.com/pub/projects/security/csaf/suse-su-2019_0222-1.json"
},
{
"category": "self",
"summary": "URL for SUSE-SU-2019:0222-1",
"url": "https://www.suse.com/support/update/announcement/2019/suse-su-20190222-1/"
},
{
"category": "self",
"summary": "E-Mail link for SUSE-SU-2019:0222-1",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2019-February/005074.html"
},
{
"category": "self",
"summary": "SUSE Bug 1024718",
"url": "https://bugzilla.suse.com/1024718"
},
{
"category": "self",
"summary": "SUSE Bug 1046299",
"url": "https://bugzilla.suse.com/1046299"
},
{
"category": "self",
"summary": "SUSE Bug 1050242",
"url": "https://bugzilla.suse.com/1050242"
},
{
"category": "self",
"summary": "SUSE Bug 1050244",
"url": "https://bugzilla.suse.com/1050244"
},
{
"category": "self",
"summary": "SUSE Bug 1051510",
"url": "https://bugzilla.suse.com/1051510"
},
{
"category": "self",
"summary": "SUSE Bug 1055120",
"url": "https://bugzilla.suse.com/1055120"
},
{
"category": "self",
"summary": "SUSE Bug 1055121",
"url": "https://bugzilla.suse.com/1055121"
},
{
"category": "self",
"summary": "SUSE Bug 1055186",
"url": "https://bugzilla.suse.com/1055186"
},
{
"category": "self",
"summary": "SUSE Bug 1058115",
"url": "https://bugzilla.suse.com/1058115"
},
{
"category": "self",
"summary": "SUSE Bug 1060463",
"url": "https://bugzilla.suse.com/1060463"
},
{
"category": "self",
"summary": "SUSE Bug 1065600",
"url": "https://bugzilla.suse.com/1065600"
},
{
"category": "self",
"summary": "SUSE Bug 1065729",
"url": "https://bugzilla.suse.com/1065729"
},
{
"category": "self",
"summary": "SUSE Bug 1068032",
"url": "https://bugzilla.suse.com/1068032"
},
{
"category": "self",
"summary": "SUSE Bug 1068273",
"url": "https://bugzilla.suse.com/1068273"
},
{
"category": "self",
"summary": "SUSE Bug 1074562",
"url": "https://bugzilla.suse.com/1074562"
},
{
"category": "self",
"summary": "SUSE Bug 1074578",
"url": "https://bugzilla.suse.com/1074578"
},
{
"category": "self",
"summary": "SUSE Bug 1074701",
"url": "https://bugzilla.suse.com/1074701"
},
{
"category": "self",
"summary": "SUSE Bug 1075006",
"url": "https://bugzilla.suse.com/1075006"
},
{
"category": "self",
"summary": "SUSE Bug 1075419",
"url": "https://bugzilla.suse.com/1075419"
},
{
"category": "self",
"summary": "SUSE Bug 1075748",
"url": "https://bugzilla.suse.com/1075748"
},
{
"category": "self",
"summary": "SUSE Bug 1078248",
"url": "https://bugzilla.suse.com/1078248"
},
{
"category": "self",
"summary": "SUSE Bug 1079935",
"url": "https://bugzilla.suse.com/1079935"
},
{
"category": "self",
"summary": "SUSE Bug 1080039",
"url": "https://bugzilla.suse.com/1080039"
},
{
"category": "self",
"summary": "SUSE Bug 1082387",
"url": "https://bugzilla.suse.com/1082387"
},
{
"category": "self",
"summary": "SUSE Bug 1082555",
"url": "https://bugzilla.suse.com/1082555"
},
{
"category": "self",
"summary": "SUSE Bug 1082653",
"url": "https://bugzilla.suse.com/1082653"
},
{
"category": "self",
"summary": "SUSE Bug 1083647",
"url": "https://bugzilla.suse.com/1083647"
},
{
"category": "self",
"summary": "SUSE Bug 1085535",
"url": "https://bugzilla.suse.com/1085535"
},
{
"category": "self",
"summary": "SUSE Bug 1086282",
"url": "https://bugzilla.suse.com/1086282"
},
{
"category": "self",
"summary": "SUSE Bug 1086283",
"url": "https://bugzilla.suse.com/1086283"
},
{
"category": "self",
"summary": "SUSE Bug 1086423",
"url": "https://bugzilla.suse.com/1086423"
},
{
"category": "self",
"summary": "SUSE Bug 1087082",
"url": "https://bugzilla.suse.com/1087082"
},
{
"category": "self",
"summary": "SUSE Bug 1087084",
"url": "https://bugzilla.suse.com/1087084"
},
{
"category": "self",
"summary": "SUSE Bug 1087939",
"url": "https://bugzilla.suse.com/1087939"
},
{
"category": "self",
"summary": "SUSE Bug 1087978",
"url": "https://bugzilla.suse.com/1087978"
},
{
"category": "self",
"summary": "SUSE Bug 1088386",
"url": "https://bugzilla.suse.com/1088386"
},
{
"category": "self",
"summary": "SUSE Bug 1089350",
"url": "https://bugzilla.suse.com/1089350"
},
{
"category": "self",
"summary": "SUSE Bug 1090888",
"url": "https://bugzilla.suse.com/1090888"
},
{
"category": "self",
"summary": "SUSE Bug 1091405",
"url": "https://bugzilla.suse.com/1091405"
},
{
"category": "self",
"summary": "SUSE Bug 1094244",
"url": "https://bugzilla.suse.com/1094244"
},
{
"category": "self",
"summary": "SUSE Bug 1097593",
"url": "https://bugzilla.suse.com/1097593"
},
{
"category": "self",
"summary": "SUSE Bug 1097755",
"url": "https://bugzilla.suse.com/1097755"
},
{
"category": "self",
"summary": "SUSE Bug 1102055",
"url": "https://bugzilla.suse.com/1102055"
},
{
"category": "self",
"summary": "SUSE Bug 1102875",
"url": "https://bugzilla.suse.com/1102875"
},
{
"category": "self",
"summary": "SUSE Bug 1102877",
"url": "https://bugzilla.suse.com/1102877"
},
{
"category": "self",
"summary": "SUSE Bug 1102879",
"url": "https://bugzilla.suse.com/1102879"
},
{
"category": "self",
"summary": "SUSE Bug 1102882",
"url": "https://bugzilla.suse.com/1102882"
},
{
"category": "self",
"summary": "SUSE Bug 1102896",
"url": "https://bugzilla.suse.com/1102896"
},
{
"category": "self",
"summary": "SUSE Bug 1103257",
"url": "https://bugzilla.suse.com/1103257"
},
{
"category": "self",
"summary": "SUSE Bug 1104353",
"url": "https://bugzilla.suse.com/1104353"
},
{
"category": "self",
"summary": "SUSE Bug 1104427",
"url": "https://bugzilla.suse.com/1104427"
},
{
"category": "self",
"summary": "SUSE Bug 1104824",
"url": "https://bugzilla.suse.com/1104824"
},
{
"category": "self",
"summary": "SUSE Bug 1104967",
"url": "https://bugzilla.suse.com/1104967"
},
{
"category": "self",
"summary": "SUSE Bug 1105168",
"url": "https://bugzilla.suse.com/1105168"
},
{
"category": "self",
"summary": "SUSE Bug 1106105",
"url": "https://bugzilla.suse.com/1106105"
},
{
"category": "self",
"summary": "SUSE Bug 1106110",
"url": "https://bugzilla.suse.com/1106110"
},
{
"category": "self",
"summary": "SUSE Bug 1106237",
"url": "https://bugzilla.suse.com/1106237"
},
{
"category": "self",
"summary": "SUSE Bug 1106240",
"url": "https://bugzilla.suse.com/1106240"
},
{
"category": "self",
"summary": "SUSE Bug 1106615",
"url": "https://bugzilla.suse.com/1106615"
},
{
"category": "self",
"summary": "SUSE Bug 1106913",
"url": "https://bugzilla.suse.com/1106913"
},
{
"category": "self",
"summary": "SUSE Bug 1107207",
"url": "https://bugzilla.suse.com/1107207"
},
{
"category": "self",
"summary": "SUSE Bug 1107256",
"url": "https://bugzilla.suse.com/1107256"
},
{
"category": "self",
"summary": "SUSE Bug 1107385",
"url": "https://bugzilla.suse.com/1107385"
},
{
"category": "self",
"summary": "SUSE Bug 1107866",
"url": "https://bugzilla.suse.com/1107866"
},
{
"category": "self",
"summary": "SUSE Bug 1108270",
"url": "https://bugzilla.suse.com/1108270"
},
{
"category": "self",
"summary": "SUSE Bug 1108468",
"url": "https://bugzilla.suse.com/1108468"
},
{
"category": "self",
"summary": "SUSE Bug 1109272",
"url": "https://bugzilla.suse.com/1109272"
},
{
"category": "self",
"summary": "SUSE Bug 1109772",
"url": "https://bugzilla.suse.com/1109772"
},
{
"category": "self",
"summary": "SUSE Bug 1109806",
"url": "https://bugzilla.suse.com/1109806"
},
{
"category": "self",
"summary": "SUSE Bug 1110006",
"url": "https://bugzilla.suse.com/1110006"
},
{
"category": "self",
"summary": "SUSE Bug 1110558",
"url": "https://bugzilla.suse.com/1110558"
},
{
"category": "self",
"summary": "SUSE Bug 1110998",
"url": "https://bugzilla.suse.com/1110998"
},
{
"category": "self",
"summary": "SUSE Bug 1111062",
"url": "https://bugzilla.suse.com/1111062"
},
{
"category": "self",
"summary": "SUSE Bug 1111174",
"url": "https://bugzilla.suse.com/1111174"
},
{
"category": "self",
"summary": "SUSE Bug 1111188",
"url": "https://bugzilla.suse.com/1111188"
},
{
"category": "self",
"summary": "SUSE Bug 1111469",
"url": "https://bugzilla.suse.com/1111469"
},
{
"category": "self",
"summary": "SUSE Bug 1111696",
"url": "https://bugzilla.suse.com/1111696"
},
{
"category": "self",
"summary": "SUSE Bug 1111795",
"url": "https://bugzilla.suse.com/1111795"
},
{
"category": "self",
"summary": "SUSE Bug 1111809",
"url": "https://bugzilla.suse.com/1111809"
},
{
"category": "self",
"summary": "SUSE Bug 1112128",
"url": "https://bugzilla.suse.com/1112128"
},
{
"category": "self",
"summary": "SUSE Bug 1112963",
"url": "https://bugzilla.suse.com/1112963"
},
{
"category": "self",
"summary": "SUSE Bug 1113295",
"url": "https://bugzilla.suse.com/1113295"
},
{
"category": "self",
"summary": "SUSE Bug 1113412",
"url": "https://bugzilla.suse.com/1113412"
},
{
"category": "self",
"summary": "SUSE Bug 1113501",
"url": "https://bugzilla.suse.com/1113501"
},
{
"category": "self",
"summary": "SUSE Bug 1113677",
"url": "https://bugzilla.suse.com/1113677"
},
{
"category": "self",
"summary": "SUSE Bug 1113722",
"url": "https://bugzilla.suse.com/1113722"
},
{
"category": "self",
"summary": "SUSE Bug 1113769",
"url": "https://bugzilla.suse.com/1113769"
},
{
"category": "self",
"summary": "SUSE Bug 1114015",
"url": "https://bugzilla.suse.com/1114015"
},
{
"category": "self",
"summary": "SUSE Bug 1114178",
"url": "https://bugzilla.suse.com/1114178"
},
{
"category": "self",
"summary": "SUSE Bug 1114279",
"url": "https://bugzilla.suse.com/1114279"
},
{
"category": "self",
"summary": "SUSE Bug 1114385",
"url": "https://bugzilla.suse.com/1114385"
},
{
"category": "self",
"summary": "SUSE Bug 1114576",
"url": "https://bugzilla.suse.com/1114576"
},
{
"category": "self",
"summary": "SUSE Bug 1114577",
"url": "https://bugzilla.suse.com/1114577"
},
{
"category": "self",
"summary": "SUSE Bug 1114578",
"url": "https://bugzilla.suse.com/1114578"
},
{
"category": "self",
"summary": "SUSE Bug 1114579",
"url": "https://bugzilla.suse.com/1114579"
},
{
"category": "self",
"summary": "SUSE Bug 1114580",
"url": "https://bugzilla.suse.com/1114580"
},
{
"category": "self",
"summary": "SUSE Bug 1114581",
"url": "https://bugzilla.suse.com/1114581"
},
{
"category": "self",
"summary": "SUSE Bug 1114582",
"url": "https://bugzilla.suse.com/1114582"
},
{
"category": "self",
"summary": "SUSE Bug 1114583",
"url": "https://bugzilla.suse.com/1114583"
},
{
"category": "self",
"summary": "SUSE Bug 1114584",
"url": "https://bugzilla.suse.com/1114584"
},
{
"category": "self",
"summary": "SUSE Bug 1114585",
"url": "https://bugzilla.suse.com/1114585"
},
{
"category": "self",
"summary": "SUSE Bug 1114648",
"url": "https://bugzilla.suse.com/1114648"
},
{
"category": "self",
"summary": "SUSE Bug 1114839",
"url": "https://bugzilla.suse.com/1114839"
},
{
"category": "self",
"summary": "SUSE Bug 1114871",
"url": "https://bugzilla.suse.com/1114871"
},
{
"category": "self",
"summary": "SUSE Bug 1115074",
"url": "https://bugzilla.suse.com/1115074"
},
{
"category": "self",
"summary": "SUSE Bug 1115269",
"url": "https://bugzilla.suse.com/1115269"
},
{
"category": "self",
"summary": "SUSE Bug 1115431",
"url": "https://bugzilla.suse.com/1115431"
},
{
"category": "self",
"summary": "SUSE Bug 1115433",
"url": "https://bugzilla.suse.com/1115433"
},
{
"category": "self",
"summary": "SUSE Bug 1115440",
"url": "https://bugzilla.suse.com/1115440"
},
{
"category": "self",
"summary": "SUSE Bug 1115567",
"url": "https://bugzilla.suse.com/1115567"
},
{
"category": "self",
"summary": "SUSE Bug 1115709",
"url": "https://bugzilla.suse.com/1115709"
},
{
"category": "self",
"summary": "SUSE Bug 1115976",
"url": "https://bugzilla.suse.com/1115976"
},
{
"category": "self",
"summary": "SUSE Bug 1116040",
"url": "https://bugzilla.suse.com/1116040"
},
{
"category": "self",
"summary": "SUSE Bug 1116183",
"url": "https://bugzilla.suse.com/1116183"
},
{
"category": "self",
"summary": "SUSE Bug 1116336",
"url": "https://bugzilla.suse.com/1116336"
},
{
"category": "self",
"summary": "SUSE Bug 1116692",
"url": "https://bugzilla.suse.com/1116692"
},
{
"category": "self",
"summary": "SUSE Bug 1116693",
"url": "https://bugzilla.suse.com/1116693"
},
{
"category": "self",
"summary": "SUSE Bug 1116698",
"url": "https://bugzilla.suse.com/1116698"
},
{
"category": "self",
"summary": "SUSE Bug 1116699",
"url": "https://bugzilla.suse.com/1116699"
},
{
"category": "self",
"summary": "SUSE Bug 1116700",
"url": "https://bugzilla.suse.com/1116700"
},
{
"category": "self",
"summary": "SUSE Bug 1116701",
"url": "https://bugzilla.suse.com/1116701"
},
{
"category": "self",
"summary": "SUSE Bug 1116803",
"url": "https://bugzilla.suse.com/1116803"
},
{
"category": "self",
"summary": "SUSE Bug 1116841",
"url": "https://bugzilla.suse.com/1116841"
},
{
"category": "self",
"summary": "SUSE Bug 1116862",
"url": "https://bugzilla.suse.com/1116862"
},
{
"category": "self",
"summary": "SUSE Bug 1116863",
"url": "https://bugzilla.suse.com/1116863"
},
{
"category": "self",
"summary": "SUSE Bug 1116876",
"url": "https://bugzilla.suse.com/1116876"
},
{
"category": "self",
"summary": "SUSE Bug 1116877",
"url": "https://bugzilla.suse.com/1116877"
},
{
"category": "self",
"summary": "SUSE Bug 1116878",
"url": "https://bugzilla.suse.com/1116878"
},
{
"category": "self",
"summary": "SUSE Bug 1116891",
"url": "https://bugzilla.suse.com/1116891"
},
{
"category": "self",
"summary": "SUSE Bug 1116895",
"url": "https://bugzilla.suse.com/1116895"
},
{
"category": "self",
"summary": "SUSE Bug 1116899",
"url": "https://bugzilla.suse.com/1116899"
},
{
"category": "self",
"summary": "SUSE Bug 1116950",
"url": "https://bugzilla.suse.com/1116950"
},
{
"category": "self",
"summary": "SUSE Bug 1117115",
"url": "https://bugzilla.suse.com/1117115"
},
{
"category": "self",
"summary": "SUSE Bug 1117162",
"url": "https://bugzilla.suse.com/1117162"
},
{
"category": "self",
"summary": "SUSE Bug 1117165",
"url": "https://bugzilla.suse.com/1117165"
},
{
"category": "self",
"summary": "SUSE Bug 1117168",
"url": "https://bugzilla.suse.com/1117168"
},
{
"category": "self",
"summary": "SUSE Bug 1117172",
"url": "https://bugzilla.suse.com/1117172"
},
{
"category": "self",
"summary": "SUSE Bug 1117174",
"url": "https://bugzilla.suse.com/1117174"
},
{
"category": "self",
"summary": "SUSE Bug 1117181",
"url": "https://bugzilla.suse.com/1117181"
},
{
"category": "self",
"summary": "SUSE Bug 1117184",
"url": "https://bugzilla.suse.com/1117184"
},
{
"category": "self",
"summary": "SUSE Bug 1117186",
"url": "https://bugzilla.suse.com/1117186"
},
{
"category": "self",
"summary": "SUSE Bug 1117188",
"url": "https://bugzilla.suse.com/1117188"
},
{
"category": "self",
"summary": "SUSE Bug 1117189",
"url": "https://bugzilla.suse.com/1117189"
},
{
"category": "self",
"summary": "SUSE Bug 1117349",
"url": "https://bugzilla.suse.com/1117349"
},
{
"category": "self",
"summary": "SUSE Bug 1117561",
"url": "https://bugzilla.suse.com/1117561"
},
{
"category": "self",
"summary": "SUSE Bug 1117656",
"url": "https://bugzilla.suse.com/1117656"
},
{
"category": "self",
"summary": "SUSE Bug 1117788",
"url": "https://bugzilla.suse.com/1117788"
},
{
"category": "self",
"summary": "SUSE Bug 1117789",
"url": "https://bugzilla.suse.com/1117789"
},
{
"category": "self",
"summary": "SUSE Bug 1117790",
"url": "https://bugzilla.suse.com/1117790"
},
{
"category": "self",
"summary": "SUSE Bug 1117791",
"url": "https://bugzilla.suse.com/1117791"
},
{
"category": "self",
"summary": "SUSE Bug 1117792",
"url": "https://bugzilla.suse.com/1117792"
},
{
"category": "self",
"summary": "SUSE Bug 1117794",
"url": "https://bugzilla.suse.com/1117794"
},
{
"category": "self",
"summary": "SUSE Bug 1117795",
"url": "https://bugzilla.suse.com/1117795"
},
{
"category": "self",
"summary": "SUSE Bug 1117796",
"url": "https://bugzilla.suse.com/1117796"
},
{
"category": "self",
"summary": "SUSE Bug 1117798",
"url": "https://bugzilla.suse.com/1117798"
},
{
"category": "self",
"summary": "SUSE Bug 1117799",
"url": "https://bugzilla.suse.com/1117799"
},
{
"category": "self",
"summary": "SUSE Bug 1117801",
"url": "https://bugzilla.suse.com/1117801"
},
{
"category": "self",
"summary": "SUSE Bug 1117802",
"url": "https://bugzilla.suse.com/1117802"
},
{
"category": "self",
"summary": "SUSE Bug 1117803",
"url": "https://bugzilla.suse.com/1117803"
},
{
"category": "self",
"summary": "SUSE Bug 1117804",
"url": "https://bugzilla.suse.com/1117804"
},
{
"category": "self",
"summary": "SUSE Bug 1117805",
"url": "https://bugzilla.suse.com/1117805"
},
{
"category": "self",
"summary": "SUSE Bug 1117806",
"url": "https://bugzilla.suse.com/1117806"
},
{
"category": "self",
"summary": "SUSE Bug 1117807",
"url": "https://bugzilla.suse.com/1117807"
},
{
"category": "self",
"summary": "SUSE Bug 1117808",
"url": "https://bugzilla.suse.com/1117808"
},
{
"category": "self",
"summary": "SUSE Bug 1117815",
"url": "https://bugzilla.suse.com/1117815"
},
{
"category": "self",
"summary": "SUSE Bug 1117816",
"url": "https://bugzilla.suse.com/1117816"
},
{
"category": "self",
"summary": "SUSE Bug 1117817",
"url": "https://bugzilla.suse.com/1117817"
},
{
"category": "self",
"summary": "SUSE Bug 1117818",
"url": "https://bugzilla.suse.com/1117818"
},
{
"category": "self",
"summary": "SUSE Bug 1117819",
"url": "https://bugzilla.suse.com/1117819"
},
{
"category": "self",
"summary": "SUSE Bug 1117820",
"url": "https://bugzilla.suse.com/1117820"
},
{
"category": "self",
"summary": "SUSE Bug 1117821",
"url": "https://bugzilla.suse.com/1117821"
},
{
"category": "self",
"summary": "SUSE Bug 1117822",
"url": "https://bugzilla.suse.com/1117822"
},
{
"category": "self",
"summary": "SUSE Bug 1117953",
"url": "https://bugzilla.suse.com/1117953"
},
{
"category": "self",
"summary": "SUSE Bug 1118102",
"url": "https://bugzilla.suse.com/1118102"
},
{
"category": "self",
"summary": "SUSE Bug 1118136",
"url": "https://bugzilla.suse.com/1118136"
},
{
"category": "self",
"summary": "SUSE Bug 1118137",
"url": "https://bugzilla.suse.com/1118137"
},
{
"category": "self",
"summary": "SUSE Bug 1118138",
"url": "https://bugzilla.suse.com/1118138"
},
{
"category": "self",
"summary": "SUSE Bug 1118140",
"url": "https://bugzilla.suse.com/1118140"
},
{
"category": "self",
"summary": "SUSE Bug 1118152",
"url": "https://bugzilla.suse.com/1118152"
},
{
"category": "self",
"summary": "SUSE Bug 1118215",
"url": "https://bugzilla.suse.com/1118215"
},
{
"category": "self",
"summary": "SUSE Bug 1118316",
"url": "https://bugzilla.suse.com/1118316"
},
{
"category": "self",
"summary": "SUSE Bug 1118319",
"url": "https://bugzilla.suse.com/1118319"
},
{
"category": "self",
"summary": "SUSE Bug 1118320",
"url": "https://bugzilla.suse.com/1118320"
},
{
"category": "self",
"summary": "SUSE Bug 1118428",
"url": "https://bugzilla.suse.com/1118428"
},
{
"category": "self",
"summary": "SUSE Bug 1118484",
"url": "https://bugzilla.suse.com/1118484"
},
{
"category": "self",
"summary": "SUSE Bug 1118505",
"url": "https://bugzilla.suse.com/1118505"
},
{
"category": "self",
"summary": "SUSE Bug 1118752",
"url": "https://bugzilla.suse.com/1118752"
},
{
"category": "self",
"summary": "SUSE Bug 1118760",
"url": "https://bugzilla.suse.com/1118760"
},
{
"category": "self",
"summary": "SUSE Bug 1118761",
"url": "https://bugzilla.suse.com/1118761"
},
{
"category": "self",
"summary": "SUSE Bug 1118762",
"url": "https://bugzilla.suse.com/1118762"
},
{
"category": "self",
"summary": "SUSE Bug 1118766",
"url": "https://bugzilla.suse.com/1118766"
},
{
"category": "self",
"summary": "SUSE Bug 1118767",
"url": "https://bugzilla.suse.com/1118767"
},
{
"category": "self",
"summary": "SUSE Bug 1118768",
"url": "https://bugzilla.suse.com/1118768"
},
{
"category": "self",
"summary": "SUSE Bug 1118769",
"url": "https://bugzilla.suse.com/1118769"
},
{
"category": "self",
"summary": "SUSE Bug 1118771",
"url": "https://bugzilla.suse.com/1118771"
},
{
"category": "self",
"summary": "SUSE Bug 1118772",
"url": "https://bugzilla.suse.com/1118772"
},
{
"category": "self",
"summary": "SUSE Bug 1118773",
"url": "https://bugzilla.suse.com/1118773"
},
{
"category": "self",
"summary": "SUSE Bug 1118774",
"url": "https://bugzilla.suse.com/1118774"
},
{
"category": "self",
"summary": "SUSE Bug 1118775",
"url": "https://bugzilla.suse.com/1118775"
},
{
"category": "self",
"summary": "SUSE Bug 1118787",
"url": "https://bugzilla.suse.com/1118787"
},
{
"category": "self",
"summary": "SUSE Bug 1118788",
"url": "https://bugzilla.suse.com/1118788"
},
{
"category": "self",
"summary": "SUSE Bug 1118798",
"url": "https://bugzilla.suse.com/1118798"
},
{
"category": "self",
"summary": "SUSE Bug 1118809",
"url": "https://bugzilla.suse.com/1118809"
},
{
"category": "self",
"summary": "SUSE Bug 1118962",
"url": "https://bugzilla.suse.com/1118962"
},
{
"category": "self",
"summary": "SUSE Bug 1119017",
"url": "https://bugzilla.suse.com/1119017"
},
{
"category": "self",
"summary": "SUSE Bug 1119086",
"url": "https://bugzilla.suse.com/1119086"
},
{
"category": "self",
"summary": "SUSE Bug 1119212",
"url": "https://bugzilla.suse.com/1119212"
},
{
"category": "self",
"summary": "SUSE Bug 1119322",
"url": "https://bugzilla.suse.com/1119322"
},
{
"category": "self",
"summary": "SUSE Bug 1119410",
"url": "https://bugzilla.suse.com/1119410"
},
{
"category": "self",
"summary": "SUSE Bug 1119714",
"url": "https://bugzilla.suse.com/1119714"
},
{
"category": "self",
"summary": "SUSE Bug 1119749",
"url": "https://bugzilla.suse.com/1119749"
},
{
"category": "self",
"summary": "SUSE Bug 1119804",
"url": "https://bugzilla.suse.com/1119804"
},
{
"category": "self",
"summary": "SUSE Bug 1119946",
"url": "https://bugzilla.suse.com/1119946"
},
{
"category": "self",
"summary": "SUSE Bug 1119947",
"url": "https://bugzilla.suse.com/1119947"
},
{
"category": "self",
"summary": "SUSE Bug 1119962",
"url": "https://bugzilla.suse.com/1119962"
},
{
"category": "self",
"summary": "SUSE Bug 1119968",
"url": "https://bugzilla.suse.com/1119968"
},
{
"category": "self",
"summary": "SUSE Bug 1119974",
"url": "https://bugzilla.suse.com/1119974"
},
{
"category": "self",
"summary": "SUSE Bug 1120036",
"url": "https://bugzilla.suse.com/1120036"
},
{
"category": "self",
"summary": "SUSE Bug 1120046",
"url": "https://bugzilla.suse.com/1120046"
},
{
"category": "self",
"summary": "SUSE Bug 1120053",
"url": "https://bugzilla.suse.com/1120053"
},
{
"category": "self",
"summary": "SUSE Bug 1120054",
"url": "https://bugzilla.suse.com/1120054"
},
{
"category": "self",
"summary": "SUSE Bug 1120055",
"url": "https://bugzilla.suse.com/1120055"
},
{
"category": "self",
"summary": "SUSE Bug 1120058",
"url": "https://bugzilla.suse.com/1120058"
},
{
"category": "self",
"summary": "SUSE Bug 1120088",
"url": "https://bugzilla.suse.com/1120088"
},
{
"category": "self",
"summary": "SUSE Bug 1120092",
"url": "https://bugzilla.suse.com/1120092"
},
{
"category": "self",
"summary": "SUSE Bug 1120094",
"url": "https://bugzilla.suse.com/1120094"
},
{
"category": "self",
"summary": "SUSE Bug 1120096",
"url": "https://bugzilla.suse.com/1120096"
},
{
"category": "self",
"summary": "SUSE Bug 1120097",
"url": "https://bugzilla.suse.com/1120097"
},
{
"category": "self",
"summary": "SUSE Bug 1120173",
"url": "https://bugzilla.suse.com/1120173"
},
{
"category": "self",
"summary": "SUSE Bug 1120214",
"url": "https://bugzilla.suse.com/1120214"
},
{
"category": "self",
"summary": "SUSE Bug 1120223",
"url": "https://bugzilla.suse.com/1120223"
},
{
"category": "self",
"summary": "SUSE Bug 1120228",
"url": "https://bugzilla.suse.com/1120228"
},
{
"category": "self",
"summary": "SUSE Bug 1120230",
"url": "https://bugzilla.suse.com/1120230"
},
{
"category": "self",
"summary": "SUSE Bug 1120232",
"url": "https://bugzilla.suse.com/1120232"
},
{
"category": "self",
"summary": "SUSE Bug 1120234",
"url": "https://bugzilla.suse.com/1120234"
},
{
"category": "self",
"summary": "SUSE Bug 1120235",
"url": "https://bugzilla.suse.com/1120235"
},
{
"category": "self",
"summary": "SUSE Bug 1120238",
"url": "https://bugzilla.suse.com/1120238"
},
{
"category": "self",
"summary": "SUSE Bug 1120594",
"url": "https://bugzilla.suse.com/1120594"
},
{
"category": "self",
"summary": "SUSE Bug 1120598",
"url": "https://bugzilla.suse.com/1120598"
},
{
"category": "self",
"summary": "SUSE Bug 1120600",
"url": "https://bugzilla.suse.com/1120600"
},
{
"category": "self",
"summary": "SUSE Bug 1120601",
"url": "https://bugzilla.suse.com/1120601"
},
{
"category": "self",
"summary": "SUSE Bug 1120602",
"url": "https://bugzilla.suse.com/1120602"
},
{
"category": "self",
"summary": "SUSE Bug 1120603",
"url": "https://bugzilla.suse.com/1120603"
},
{
"category": "self",
"summary": "SUSE Bug 1120604",
"url": "https://bugzilla.suse.com/1120604"
},
{
"category": "self",
"summary": "SUSE Bug 1120606",
"url": "https://bugzilla.suse.com/1120606"
},
{
"category": "self",
"summary": "SUSE Bug 1120612",
"url": "https://bugzilla.suse.com/1120612"
},
{
"category": "self",
"summary": "SUSE Bug 1120613",
"url": "https://bugzilla.suse.com/1120613"
},
{
"category": "self",
"summary": "SUSE Bug 1120614",
"url": "https://bugzilla.suse.com/1120614"
},
{
"category": "self",
"summary": "SUSE Bug 1120615",
"url": "https://bugzilla.suse.com/1120615"
},
{
"category": "self",
"summary": "SUSE Bug 1120616",
"url": "https://bugzilla.suse.com/1120616"
},
{
"category": "self",
"summary": "SUSE Bug 1120617",
"url": "https://bugzilla.suse.com/1120617"
},
{
"category": "self",
"summary": "SUSE Bug 1120618",
"url": "https://bugzilla.suse.com/1120618"
},
{
"category": "self",
"summary": "SUSE Bug 1120620",
"url": "https://bugzilla.suse.com/1120620"
},
{
"category": "self",
"summary": "SUSE Bug 1120621",
"url": "https://bugzilla.suse.com/1120621"
},
{
"category": "self",
"summary": "SUSE Bug 1120632",
"url": "https://bugzilla.suse.com/1120632"
},
{
"category": "self",
"summary": "SUSE Bug 1120633",
"url": "https://bugzilla.suse.com/1120633"
},
{
"category": "self",
"summary": "SUSE Bug 1120743",
"url": "https://bugzilla.suse.com/1120743"
},
{
"category": "self",
"summary": "SUSE Bug 1120954",
"url": "https://bugzilla.suse.com/1120954"
},
{
"category": "self",
"summary": "SUSE Bug 1121017",
"url": "https://bugzilla.suse.com/1121017"
},
{
"category": "self",
"summary": "SUSE Bug 1121058",
"url": "https://bugzilla.suse.com/1121058"
},
{
"category": "self",
"summary": "SUSE Bug 1121263",
"url": "https://bugzilla.suse.com/1121263"
},
{
"category": "self",
"summary": "SUSE Bug 1121273",
"url": "https://bugzilla.suse.com/1121273"
},
{
"category": "self",
"summary": "SUSE Bug 1121477",
"url": "https://bugzilla.suse.com/1121477"
},
{
"category": "self",
"summary": "SUSE Bug 1121483",
"url": "https://bugzilla.suse.com/1121483"
},
{
"category": "self",
"summary": "SUSE Bug 1121599",
"url": "https://bugzilla.suse.com/1121599"
},
{
"category": "self",
"summary": "SUSE Bug 1121621",
"url": "https://bugzilla.suse.com/1121621"
},
{
"category": "self",
"summary": "SUSE Bug 1121714",
"url": "https://bugzilla.suse.com/1121714"
},
{
"category": "self",
"summary": "SUSE Bug 1121715",
"url": "https://bugzilla.suse.com/1121715"
},
{
"category": "self",
"summary": "SUSE Bug 1121973",
"url": "https://bugzilla.suse.com/1121973"
},
{
"category": "self",
"summary": "SUSE Bug 1122019",
"url": "https://bugzilla.suse.com/1122019"
},
{
"category": "self",
"summary": "SUSE Bug 1122292",
"url": "https://bugzilla.suse.com/1122292"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2017-5753 page",
"url": "https://www.suse.com/security/cve/CVE-2017-5753/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2018-12232 page",
"url": "https://www.suse.com/security/cve/CVE-2018-12232/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2018-14625 page",
"url": "https://www.suse.com/security/cve/CVE-2018-14625/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2018-16862 page",
"url": "https://www.suse.com/security/cve/CVE-2018-16862/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2018-16884 page",
"url": "https://www.suse.com/security/cve/CVE-2018-16884/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2018-18281 page",
"url": "https://www.suse.com/security/cve/CVE-2018-18281/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2018-18397 page",
"url": "https://www.suse.com/security/cve/CVE-2018-18397/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2018-19407 page",
"url": "https://www.suse.com/security/cve/CVE-2018-19407/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2018-19824 page",
"url": "https://www.suse.com/security/cve/CVE-2018-19824/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2018-19854 page",
"url": "https://www.suse.com/security/cve/CVE-2018-19854/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2018-19985 page",
"url": "https://www.suse.com/security/cve/CVE-2018-19985/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2018-20169 page",
"url": "https://www.suse.com/security/cve/CVE-2018-20169/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2018-9568 page",
"url": "https://www.suse.com/security/cve/CVE-2018-9568/"
}
],
"title": "Security update for the Linux Kernel",
"tracking": {
"current_release_date": "2019-02-01T14:42:08Z",
"generator": {
"date": "2019-02-01T14:42:08Z",
"engine": {
"name": "cve-database.git:bin/generate-csaf.pl",
"version": "1"
}
},
"id": "SUSE-SU-2019:0222-1",
"initial_release_date": "2019-02-01T14:42:08Z",
"revision_history": [
{
"date": "2019-02-01T14:42:08Z",
"number": "1",
"summary": "Current version"
}
],
"status": "final",
"version": "1"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_version",
"name": "kernel-devel-azure-4.12.14-6.6.2.noarch",
"product": {
"name": "kernel-devel-azure-4.12.14-6.6.2.noarch",
"product_id": "kernel-devel-azure-4.12.14-6.6.2.noarch"
}
},
{
"category": "product_version",
"name": "kernel-source-azure-4.12.14-6.6.2.noarch",
"product": {
"name": "kernel-source-azure-4.12.14-6.6.2.noarch",
"product_id": "kernel-source-azure-4.12.14-6.6.2.noarch"
}
}
],
"category": "architecture",
"name": "noarch"
},
{
"branches": [
{
"category": "product_version",
"name": "cluster-md-kmp-azure-4.12.14-6.6.2.x86_64",
"product": {
"name": "cluster-md-kmp-azure-4.12.14-6.6.2.x86_64",
"product_id": "cluster-md-kmp-azure-4.12.14-6.6.2.x86_64"
}
},
{
"category": "product_version",
"name": "dlm-kmp-azure-4.12.14-6.6.2.x86_64",
"product": {
"name": "dlm-kmp-azure-4.12.14-6.6.2.x86_64",
"product_id": "dlm-kmp-azure-4.12.14-6.6.2.x86_64"
}
},
{
"category": "product_version",
"name": "gfs2-kmp-azure-4.12.14-6.6.2.x86_64",
"product": {
"name": "gfs2-kmp-azure-4.12.14-6.6.2.x86_64",
"product_id": "gfs2-kmp-azure-4.12.14-6.6.2.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-azure-4.12.14-6.6.2.x86_64",
"product": {
"name": "kernel-azure-4.12.14-6.6.2.x86_64",
"product_id": "kernel-azure-4.12.14-6.6.2.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-azure-base-4.12.14-6.6.2.x86_64",
"product": {
"name": "kernel-azure-base-4.12.14-6.6.2.x86_64",
"product_id": "kernel-azure-base-4.12.14-6.6.2.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-azure-devel-4.12.14-6.6.2.x86_64",
"product": {
"name": "kernel-azure-devel-4.12.14-6.6.2.x86_64",
"product_id": "kernel-azure-devel-4.12.14-6.6.2.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-azure-extra-4.12.14-6.6.2.x86_64",
"product": {
"name": "kernel-azure-extra-4.12.14-6.6.2.x86_64",
"product_id": "kernel-azure-extra-4.12.14-6.6.2.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-azure-livepatch-4.12.14-6.6.2.x86_64",
"product": {
"name": "kernel-azure-livepatch-4.12.14-6.6.2.x86_64",
"product_id": "kernel-azure-livepatch-4.12.14-6.6.2.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-syms-azure-4.12.14-6.6.2.x86_64",
"product": {
"name": "kernel-syms-azure-4.12.14-6.6.2.x86_64",
"product_id": "kernel-syms-azure-4.12.14-6.6.2.x86_64"
}
},
{
"category": "product_version",
"name": "kselftests-kmp-azure-4.12.14-6.6.2.x86_64",
"product": {
"name": "kselftests-kmp-azure-4.12.14-6.6.2.x86_64",
"product_id": "kselftests-kmp-azure-4.12.14-6.6.2.x86_64"
}
},
{
"category": "product_version",
"name": "ocfs2-kmp-azure-4.12.14-6.6.2.x86_64",
"product": {
"name": "ocfs2-kmp-azure-4.12.14-6.6.2.x86_64",
"product_id": "ocfs2-kmp-azure-4.12.14-6.6.2.x86_64"
}
}
],
"category": "architecture",
"name": "x86_64"
},
{
"branches": [
{
"category": "product_name",
"name": "SUSE Linux Enterprise Server 12 SP4",
"product": {
"name": "SUSE Linux Enterprise Server 12 SP4",
"product_id": "SUSE Linux Enterprise Server 12 SP4",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sles:12:sp4"
}
}
},
{
"category": "product_name",
"name": "SUSE Linux Enterprise Server for SAP Applications 12 SP4",
"product": {
"name": "SUSE Linux Enterprise Server for SAP Applications 12 SP4",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 12 SP4",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sles_sap:12:sp4"
}
}
}
],
"category": "product_family",
"name": "SUSE Linux Enterprise"
}
],
"category": "vendor",
"name": "SUSE"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-azure-4.12.14-6.6.2.x86_64 as component of SUSE Linux Enterprise Server 12 SP4",
"product_id": "SUSE Linux Enterprise Server 12 SP4:kernel-azure-4.12.14-6.6.2.x86_64"
},
"product_reference": "kernel-azure-4.12.14-6.6.2.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-azure-base-4.12.14-6.6.2.x86_64 as component of SUSE Linux Enterprise Server 12 SP4",
"product_id": "SUSE Linux Enterprise Server 12 SP4:kernel-azure-base-4.12.14-6.6.2.x86_64"
},
"product_reference": "kernel-azure-base-4.12.14-6.6.2.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-azure-devel-4.12.14-6.6.2.x86_64 as component of SUSE Linux Enterprise Server 12 SP4",
"product_id": "SUSE Linux Enterprise Server 12 SP4:kernel-azure-devel-4.12.14-6.6.2.x86_64"
},
"product_reference": "kernel-azure-devel-4.12.14-6.6.2.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-devel-azure-4.12.14-6.6.2.noarch as component of SUSE Linux Enterprise Server 12 SP4",
"product_id": "SUSE Linux Enterprise Server 12 SP4:kernel-devel-azure-4.12.14-6.6.2.noarch"
},
"product_reference": "kernel-devel-azure-4.12.14-6.6.2.noarch",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-source-azure-4.12.14-6.6.2.noarch as component of SUSE Linux Enterprise Server 12 SP4",
"product_id": "SUSE Linux Enterprise Server 12 SP4:kernel-source-azure-4.12.14-6.6.2.noarch"
},
"product_reference": "kernel-source-azure-4.12.14-6.6.2.noarch",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-syms-azure-4.12.14-6.6.2.x86_64 as component of SUSE Linux Enterprise Server 12 SP4",
"product_id": "SUSE Linux Enterprise Server 12 SP4:kernel-syms-azure-4.12.14-6.6.2.x86_64"
},
"product_reference": "kernel-syms-azure-4.12.14-6.6.2.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-azure-4.12.14-6.6.2.x86_64 as component of SUSE Linux Enterprise Server for SAP Applications 12 SP4",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-azure-4.12.14-6.6.2.x86_64"
},
"product_reference": "kernel-azure-4.12.14-6.6.2.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 12 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-azure-base-4.12.14-6.6.2.x86_64 as component of SUSE Linux Enterprise Server for SAP Applications 12 SP4",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-azure-base-4.12.14-6.6.2.x86_64"
},
"product_reference": "kernel-azure-base-4.12.14-6.6.2.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 12 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-azure-devel-4.12.14-6.6.2.x86_64 as component of SUSE Linux Enterprise Server for SAP Applications 12 SP4",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-azure-devel-4.12.14-6.6.2.x86_64"
},
"product_reference": "kernel-azure-devel-4.12.14-6.6.2.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 12 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-devel-azure-4.12.14-6.6.2.noarch as component of SUSE Linux Enterprise Server for SAP Applications 12 SP4",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-devel-azure-4.12.14-6.6.2.noarch"
},
"product_reference": "kernel-devel-azure-4.12.14-6.6.2.noarch",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 12 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-source-azure-4.12.14-6.6.2.noarch as component of SUSE Linux Enterprise Server for SAP Applications 12 SP4",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-source-azure-4.12.14-6.6.2.noarch"
},
"product_reference": "kernel-source-azure-4.12.14-6.6.2.noarch",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 12 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-syms-azure-4.12.14-6.6.2.x86_64 as component of SUSE Linux Enterprise Server for SAP Applications 12 SP4",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-syms-azure-4.12.14-6.6.2.x86_64"
},
"product_reference": "kernel-syms-azure-4.12.14-6.6.2.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 12 SP4"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2017-5753",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2017-5753"
}
],
"notes": [
{
"category": "general",
"text": "Systems with microprocessors utilizing speculative execution and branch prediction may allow unauthorized disclosure of information to an attacker with local user access via a side-channel analysis.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Server 12 SP4:kernel-azure-4.12.14-6.6.2.x86_64",
"SUSE Linux Enterprise Server 12 SP4:kernel-azure-base-4.12.14-6.6.2.x86_64",
"SUSE Linux Enterprise Server 12 SP4:kernel-azure-devel-4.12.14-6.6.2.x86_64",
"SUSE Linux Enterprise Server 12 SP4:kernel-devel-azure-4.12.14-6.6.2.noarch",
"SUSE Linux Enterprise Server 12 SP4:kernel-source-azure-4.12.14-6.6.2.noarch",
"SUSE Linux Enterprise Server 12 SP4:kernel-syms-azure-4.12.14-6.6.2.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-azure-4.12.14-6.6.2.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-azure-base-4.12.14-6.6.2.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-azure-devel-4.12.14-6.6.2.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-devel-azure-4.12.14-6.6.2.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-source-azure-4.12.14-6.6.2.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-syms-azure-4.12.14-6.6.2.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2017-5753",
"url": "https://www.suse.com/security/cve/CVE-2017-5753"
},
{
"category": "external",
"summary": "SUSE Bug 1068032 for CVE-2017-5753",
"url": "https://bugzilla.suse.com/1068032"
},
{
"category": "external",
"summary": "SUSE Bug 1074562 for CVE-2017-5753",
"url": "https://bugzilla.suse.com/1074562"
},
{
"category": "external",
"summary": "SUSE Bug 1074578 for CVE-2017-5753",
"url": "https://bugzilla.suse.com/1074578"
},
{
"category": "external",
"summary": "SUSE Bug 1074701 for CVE-2017-5753",
"url": "https://bugzilla.suse.com/1074701"
},
{
"category": "external",
"summary": "SUSE Bug 1075006 for CVE-2017-5753",
"url": "https://bugzilla.suse.com/1075006"
},
{
"category": "external",
"summary": "SUSE Bug 1075419 for CVE-2017-5753",
"url": "https://bugzilla.suse.com/1075419"
},
{
"category": "external",
"summary": "SUSE Bug 1075748 for CVE-2017-5753",
"url": "https://bugzilla.suse.com/1075748"
},
{
"category": "external",
"summary": "SUSE Bug 1080039 for CVE-2017-5753",
"url": "https://bugzilla.suse.com/1080039"
},
{
"category": "external",
"summary": "SUSE Bug 1087084 for CVE-2017-5753",
"url": "https://bugzilla.suse.com/1087084"
},
{
"category": "external",
"summary": "SUSE Bug 1087939 for CVE-2017-5753",
"url": "https://bugzilla.suse.com/1087939"
},
{
"category": "external",
"summary": "SUSE Bug 1089055 for CVE-2017-5753",
"url": "https://bugzilla.suse.com/1089055"
},
{
"category": "external",
"summary": "SUSE Bug 1136865 for CVE-2017-5753",
"url": "https://bugzilla.suse.com/1136865"
},
{
"category": "external",
"summary": "SUSE Bug 1178658 for CVE-2017-5753",
"url": "https://bugzilla.suse.com/1178658"
},
{
"category": "external",
"summary": "SUSE Bug 1201877 for CVE-2017-5753",
"url": "https://bugzilla.suse.com/1201877"
},
{
"category": "external",
"summary": "SUSE Bug 1209547 for CVE-2017-5753",
"url": "https://bugzilla.suse.com/1209547"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Server 12 SP4:kernel-azure-4.12.14-6.6.2.x86_64",
"SUSE Linux Enterprise Server 12 SP4:kernel-azure-base-4.12.14-6.6.2.x86_64",
"SUSE Linux Enterprise Server 12 SP4:kernel-azure-devel-4.12.14-6.6.2.x86_64",
"SUSE Linux Enterprise Server 12 SP4:kernel-devel-azure-4.12.14-6.6.2.noarch",
"SUSE Linux Enterprise Server 12 SP4:kernel-source-azure-4.12.14-6.6.2.noarch",
"SUSE Linux Enterprise Server 12 SP4:kernel-syms-azure-4.12.14-6.6.2.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-azure-4.12.14-6.6.2.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-azure-base-4.12.14-6.6.2.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-azure-devel-4.12.14-6.6.2.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-devel-azure-4.12.14-6.6.2.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-source-azure-4.12.14-6.6.2.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-syms-azure-4.12.14-6.6.2.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.6,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:N/A:N",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Server 12 SP4:kernel-azure-4.12.14-6.6.2.x86_64",
"SUSE Linux Enterprise Server 12 SP4:kernel-azure-base-4.12.14-6.6.2.x86_64",
"SUSE Linux Enterprise Server 12 SP4:kernel-azure-devel-4.12.14-6.6.2.x86_64",
"SUSE Linux Enterprise Server 12 SP4:kernel-devel-azure-4.12.14-6.6.2.noarch",
"SUSE Linux Enterprise Server 12 SP4:kernel-source-azure-4.12.14-6.6.2.noarch",
"SUSE Linux Enterprise Server 12 SP4:kernel-syms-azure-4.12.14-6.6.2.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-azure-4.12.14-6.6.2.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-azure-base-4.12.14-6.6.2.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-azure-devel-4.12.14-6.6.2.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-devel-azure-4.12.14-6.6.2.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-source-azure-4.12.14-6.6.2.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-syms-azure-4.12.14-6.6.2.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2019-02-01T14:42:08Z",
"details": "important"
}
],
"title": "CVE-2017-5753"
},
{
"cve": "CVE-2018-12232",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2018-12232"
}
],
"notes": [
{
"category": "general",
"text": "In net/socket.c in the Linux kernel through 4.17.1, there is a race condition between fchownat and close in cases where they target the same socket file descriptor, related to the sock_close and sockfs_setattr functions. fchownat does not increment the file descriptor reference count, which allows close to set the socket to NULL during fchownat\u0027s execution, leading to a NULL pointer dereference and system crash.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Server 12 SP4:kernel-azure-4.12.14-6.6.2.x86_64",
"SUSE Linux Enterprise Server 12 SP4:kernel-azure-base-4.12.14-6.6.2.x86_64",
"SUSE Linux Enterprise Server 12 SP4:kernel-azure-devel-4.12.14-6.6.2.x86_64",
"SUSE Linux Enterprise Server 12 SP4:kernel-devel-azure-4.12.14-6.6.2.noarch",
"SUSE Linux Enterprise Server 12 SP4:kernel-source-azure-4.12.14-6.6.2.noarch",
"SUSE Linux Enterprise Server 12 SP4:kernel-syms-azure-4.12.14-6.6.2.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-azure-4.12.14-6.6.2.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-azure-base-4.12.14-6.6.2.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-azure-devel-4.12.14-6.6.2.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-devel-azure-4.12.14-6.6.2.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-source-azure-4.12.14-6.6.2.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-syms-azure-4.12.14-6.6.2.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2018-12232",
"url": "https://www.suse.com/security/cve/CVE-2018-12232"
},
{
"category": "external",
"summary": "SUSE Bug 1087082 for CVE-2018-12232",
"url": "https://bugzilla.suse.com/1087082"
},
{
"category": "external",
"summary": "SUSE Bug 1097593 for CVE-2018-12232",
"url": "https://bugzilla.suse.com/1097593"
},
{
"category": "external",
"summary": "SUSE Bug 1125907 for CVE-2018-12232",
"url": "https://bugzilla.suse.com/1125907"
},
{
"category": "external",
"summary": "SUSE Bug 1127757 for CVE-2018-12232",
"url": "https://bugzilla.suse.com/1127757"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Server 12 SP4:kernel-azure-4.12.14-6.6.2.x86_64",
"SUSE Linux Enterprise Server 12 SP4:kernel-azure-base-4.12.14-6.6.2.x86_64",
"SUSE Linux Enterprise Server 12 SP4:kernel-azure-devel-4.12.14-6.6.2.x86_64",
"SUSE Linux Enterprise Server 12 SP4:kernel-devel-azure-4.12.14-6.6.2.noarch",
"SUSE Linux Enterprise Server 12 SP4:kernel-source-azure-4.12.14-6.6.2.noarch",
"SUSE Linux Enterprise Server 12 SP4:kernel-syms-azure-4.12.14-6.6.2.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-azure-4.12.14-6.6.2.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-azure-base-4.12.14-6.6.2.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-azure-devel-4.12.14-6.6.2.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-devel-azure-4.12.14-6.6.2.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-source-azure-4.12.14-6.6.2.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-syms-azure-4.12.14-6.6.2.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.0"
},
"products": [
"SUSE Linux Enterprise Server 12 SP4:kernel-azure-4.12.14-6.6.2.x86_64",
"SUSE Linux Enterprise Server 12 SP4:kernel-azure-base-4.12.14-6.6.2.x86_64",
"SUSE Linux Enterprise Server 12 SP4:kernel-azure-devel-4.12.14-6.6.2.x86_64",
"SUSE Linux Enterprise Server 12 SP4:kernel-devel-azure-4.12.14-6.6.2.noarch",
"SUSE Linux Enterprise Server 12 SP4:kernel-source-azure-4.12.14-6.6.2.noarch",
"SUSE Linux Enterprise Server 12 SP4:kernel-syms-azure-4.12.14-6.6.2.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-azure-4.12.14-6.6.2.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-azure-base-4.12.14-6.6.2.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-azure-devel-4.12.14-6.6.2.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-devel-azure-4.12.14-6.6.2.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-source-azure-4.12.14-6.6.2.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-syms-azure-4.12.14-6.6.2.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2019-02-01T14:42:08Z",
"details": "important"
}
],
"title": "CVE-2018-12232"
},
{
"cve": "CVE-2018-14625",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2018-14625"
}
],
"notes": [
{
"category": "general",
"text": "A flaw was found in the Linux Kernel where an attacker may be able to have an uncontrolled read to kernel-memory from within a vm guest. A race condition between connect() and close() function may allow an attacker using the AF_VSOCK protocol to gather a 4 byte information leak or possibly intercept or corrupt AF_VSOCK messages destined to other clients.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Server 12 SP4:kernel-azure-4.12.14-6.6.2.x86_64",
"SUSE Linux Enterprise Server 12 SP4:kernel-azure-base-4.12.14-6.6.2.x86_64",
"SUSE Linux Enterprise Server 12 SP4:kernel-azure-devel-4.12.14-6.6.2.x86_64",
"SUSE Linux Enterprise Server 12 SP4:kernel-devel-azure-4.12.14-6.6.2.noarch",
"SUSE Linux Enterprise Server 12 SP4:kernel-source-azure-4.12.14-6.6.2.noarch",
"SUSE Linux Enterprise Server 12 SP4:kernel-syms-azure-4.12.14-6.6.2.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-azure-4.12.14-6.6.2.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-azure-base-4.12.14-6.6.2.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-azure-devel-4.12.14-6.6.2.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-devel-azure-4.12.14-6.6.2.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-source-azure-4.12.14-6.6.2.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-syms-azure-4.12.14-6.6.2.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2018-14625",
"url": "https://www.suse.com/security/cve/CVE-2018-14625"
},
{
"category": "external",
"summary": "SUSE Bug 1106615 for CVE-2018-14625",
"url": "https://bugzilla.suse.com/1106615"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Server 12 SP4:kernel-azure-4.12.14-6.6.2.x86_64",
"SUSE Linux Enterprise Server 12 SP4:kernel-azure-base-4.12.14-6.6.2.x86_64",
"SUSE Linux Enterprise Server 12 SP4:kernel-azure-devel-4.12.14-6.6.2.x86_64",
"SUSE Linux Enterprise Server 12 SP4:kernel-devel-azure-4.12.14-6.6.2.noarch",
"SUSE Linux Enterprise Server 12 SP4:kernel-source-azure-4.12.14-6.6.2.noarch",
"SUSE Linux Enterprise Server 12 SP4:kernel-syms-azure-4.12.14-6.6.2.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-azure-4.12.14-6.6.2.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-azure-base-4.12.14-6.6.2.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-azure-devel-4.12.14-6.6.2.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-devel-azure-4.12.14-6.6.2.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-source-azure-4.12.14-6.6.2.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-syms-azure-4.12.14-6.6.2.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:L/A:H",
"version": "3.0"
},
"products": [
"SUSE Linux Enterprise Server 12 SP4:kernel-azure-4.12.14-6.6.2.x86_64",
"SUSE Linux Enterprise Server 12 SP4:kernel-azure-base-4.12.14-6.6.2.x86_64",
"SUSE Linux Enterprise Server 12 SP4:kernel-azure-devel-4.12.14-6.6.2.x86_64",
"SUSE Linux Enterprise Server 12 SP4:kernel-devel-azure-4.12.14-6.6.2.noarch",
"SUSE Linux Enterprise Server 12 SP4:kernel-source-azure-4.12.14-6.6.2.noarch",
"SUSE Linux Enterprise Server 12 SP4:kernel-syms-azure-4.12.14-6.6.2.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-azure-4.12.14-6.6.2.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-azure-base-4.12.14-6.6.2.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-azure-devel-4.12.14-6.6.2.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-devel-azure-4.12.14-6.6.2.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-source-azure-4.12.14-6.6.2.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-syms-azure-4.12.14-6.6.2.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2019-02-01T14:42:08Z",
"details": "moderate"
}
],
"title": "CVE-2018-14625"
},
{
"cve": "CVE-2018-16862",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2018-16862"
}
],
"notes": [
{
"category": "general",
"text": "A security flaw was found in the Linux kernel in a way that the cleancache subsystem clears an inode after the final file truncation (removal). The new file created with the same inode may contain leftover pages from cleancache and the old file data instead of the new one.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Server 12 SP4:kernel-azure-4.12.14-6.6.2.x86_64",
"SUSE Linux Enterprise Server 12 SP4:kernel-azure-base-4.12.14-6.6.2.x86_64",
"SUSE Linux Enterprise Server 12 SP4:kernel-azure-devel-4.12.14-6.6.2.x86_64",
"SUSE Linux Enterprise Server 12 SP4:kernel-devel-azure-4.12.14-6.6.2.noarch",
"SUSE Linux Enterprise Server 12 SP4:kernel-source-azure-4.12.14-6.6.2.noarch",
"SUSE Linux Enterprise Server 12 SP4:kernel-syms-azure-4.12.14-6.6.2.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-azure-4.12.14-6.6.2.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-azure-base-4.12.14-6.6.2.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-azure-devel-4.12.14-6.6.2.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-devel-azure-4.12.14-6.6.2.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-source-azure-4.12.14-6.6.2.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-syms-azure-4.12.14-6.6.2.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2018-16862",
"url": "https://www.suse.com/security/cve/CVE-2018-16862"
},
{
"category": "external",
"summary": "SUSE Bug 1117186 for CVE-2018-16862",
"url": "https://bugzilla.suse.com/1117186"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Server 12 SP4:kernel-azure-4.12.14-6.6.2.x86_64",
"SUSE Linux Enterprise Server 12 SP4:kernel-azure-base-4.12.14-6.6.2.x86_64",
"SUSE Linux Enterprise Server 12 SP4:kernel-azure-devel-4.12.14-6.6.2.x86_64",
"SUSE Linux Enterprise Server 12 SP4:kernel-devel-azure-4.12.14-6.6.2.noarch",
"SUSE Linux Enterprise Server 12 SP4:kernel-source-azure-4.12.14-6.6.2.noarch",
"SUSE Linux Enterprise Server 12 SP4:kernel-syms-azure-4.12.14-6.6.2.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-azure-4.12.14-6.6.2.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-azure-base-4.12.14-6.6.2.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-azure-devel-4.12.14-6.6.2.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-devel-azure-4.12.14-6.6.2.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-source-azure-4.12.14-6.6.2.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-syms-azure-4.12.14-6.6.2.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.0/AV:L/AC:H/PR:N/UI:R/S:U/C:H/I:L/A:N",
"version": "3.0"
},
"products": [
"SUSE Linux Enterprise Server 12 SP4:kernel-azure-4.12.14-6.6.2.x86_64",
"SUSE Linux Enterprise Server 12 SP4:kernel-azure-base-4.12.14-6.6.2.x86_64",
"SUSE Linux Enterprise Server 12 SP4:kernel-azure-devel-4.12.14-6.6.2.x86_64",
"SUSE Linux Enterprise Server 12 SP4:kernel-devel-azure-4.12.14-6.6.2.noarch",
"SUSE Linux Enterprise Server 12 SP4:kernel-source-azure-4.12.14-6.6.2.noarch",
"SUSE Linux Enterprise Server 12 SP4:kernel-syms-azure-4.12.14-6.6.2.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-azure-4.12.14-6.6.2.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-azure-base-4.12.14-6.6.2.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-azure-devel-4.12.14-6.6.2.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-devel-azure-4.12.14-6.6.2.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-source-azure-4.12.14-6.6.2.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-syms-azure-4.12.14-6.6.2.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2019-02-01T14:42:08Z",
"details": "moderate"
}
],
"title": "CVE-2018-16862"
},
{
"cve": "CVE-2018-16884",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2018-16884"
}
],
"notes": [
{
"category": "general",
"text": "A flaw was found in the Linux kernel\u0027s NFS41+ subsystem. NFS41+ shares mounted in different network namespaces at the same time can make bc_svc_process() use wrong back-channel IDs and cause a use-after-free vulnerability. Thus a malicious container user can cause a host kernel memory corruption and a system panic. Due to the nature of the flaw, privilege escalation cannot be fully ruled out.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Server 12 SP4:kernel-azure-4.12.14-6.6.2.x86_64",
"SUSE Linux Enterprise Server 12 SP4:kernel-azure-base-4.12.14-6.6.2.x86_64",
"SUSE Linux Enterprise Server 12 SP4:kernel-azure-devel-4.12.14-6.6.2.x86_64",
"SUSE Linux Enterprise Server 12 SP4:kernel-devel-azure-4.12.14-6.6.2.noarch",
"SUSE Linux Enterprise Server 12 SP4:kernel-source-azure-4.12.14-6.6.2.noarch",
"SUSE Linux Enterprise Server 12 SP4:kernel-syms-azure-4.12.14-6.6.2.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-azure-4.12.14-6.6.2.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-azure-base-4.12.14-6.6.2.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-azure-devel-4.12.14-6.6.2.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-devel-azure-4.12.14-6.6.2.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-source-azure-4.12.14-6.6.2.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-syms-azure-4.12.14-6.6.2.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2018-16884",
"url": "https://www.suse.com/security/cve/CVE-2018-16884"
},
{
"category": "external",
"summary": "SUSE Bug 1119946 for CVE-2018-16884",
"url": "https://bugzilla.suse.com/1119946"
},
{
"category": "external",
"summary": "SUSE Bug 1119947 for CVE-2018-16884",
"url": "https://bugzilla.suse.com/1119947"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Server 12 SP4:kernel-azure-4.12.14-6.6.2.x86_64",
"SUSE Linux Enterprise Server 12 SP4:kernel-azure-base-4.12.14-6.6.2.x86_64",
"SUSE Linux Enterprise Server 12 SP4:kernel-azure-devel-4.12.14-6.6.2.x86_64",
"SUSE Linux Enterprise Server 12 SP4:kernel-devel-azure-4.12.14-6.6.2.noarch",
"SUSE Linux Enterprise Server 12 SP4:kernel-source-azure-4.12.14-6.6.2.noarch",
"SUSE Linux Enterprise Server 12 SP4:kernel-syms-azure-4.12.14-6.6.2.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-azure-4.12.14-6.6.2.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-azure-base-4.12.14-6.6.2.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-azure-devel-4.12.14-6.6.2.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-devel-azure-4.12.14-6.6.2.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-source-azure-4.12.14-6.6.2.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-syms-azure-4.12.14-6.6.2.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"products": [
"SUSE Linux Enterprise Server 12 SP4:kernel-azure-4.12.14-6.6.2.x86_64",
"SUSE Linux Enterprise Server 12 SP4:kernel-azure-base-4.12.14-6.6.2.x86_64",
"SUSE Linux Enterprise Server 12 SP4:kernel-azure-devel-4.12.14-6.6.2.x86_64",
"SUSE Linux Enterprise Server 12 SP4:kernel-devel-azure-4.12.14-6.6.2.noarch",
"SUSE Linux Enterprise Server 12 SP4:kernel-source-azure-4.12.14-6.6.2.noarch",
"SUSE Linux Enterprise Server 12 SP4:kernel-syms-azure-4.12.14-6.6.2.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-azure-4.12.14-6.6.2.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-azure-base-4.12.14-6.6.2.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-azure-devel-4.12.14-6.6.2.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-devel-azure-4.12.14-6.6.2.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-source-azure-4.12.14-6.6.2.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-syms-azure-4.12.14-6.6.2.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2019-02-01T14:42:08Z",
"details": "important"
}
],
"title": "CVE-2018-16884"
},
{
"cve": "CVE-2018-18281",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2018-18281"
}
],
"notes": [
{
"category": "general",
"text": "Since Linux kernel version 3.2, the mremap() syscall performs TLB flushes after dropping pagetable locks. If a syscall such as ftruncate() removes entries from the pagetables of a task that is in the middle of mremap(), a stale TLB entry can remain for a short time that permits access to a physical page after it has been released back to the page allocator and reused. This is fixed in the following kernel versions: 4.9.135, 4.14.78, 4.18.16, 4.19.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Server 12 SP4:kernel-azure-4.12.14-6.6.2.x86_64",
"SUSE Linux Enterprise Server 12 SP4:kernel-azure-base-4.12.14-6.6.2.x86_64",
"SUSE Linux Enterprise Server 12 SP4:kernel-azure-devel-4.12.14-6.6.2.x86_64",
"SUSE Linux Enterprise Server 12 SP4:kernel-devel-azure-4.12.14-6.6.2.noarch",
"SUSE Linux Enterprise Server 12 SP4:kernel-source-azure-4.12.14-6.6.2.noarch",
"SUSE Linux Enterprise Server 12 SP4:kernel-syms-azure-4.12.14-6.6.2.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-azure-4.12.14-6.6.2.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-azure-base-4.12.14-6.6.2.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-azure-devel-4.12.14-6.6.2.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-devel-azure-4.12.14-6.6.2.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-source-azure-4.12.14-6.6.2.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-syms-azure-4.12.14-6.6.2.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2018-18281",
"url": "https://www.suse.com/security/cve/CVE-2018-18281"
},
{
"category": "external",
"summary": "SUSE Bug 1113769 for CVE-2018-18281",
"url": "https://bugzilla.suse.com/1113769"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Server 12 SP4:kernel-azure-4.12.14-6.6.2.x86_64",
"SUSE Linux Enterprise Server 12 SP4:kernel-azure-base-4.12.14-6.6.2.x86_64",
"SUSE Linux Enterprise Server 12 SP4:kernel-azure-devel-4.12.14-6.6.2.x86_64",
"SUSE Linux Enterprise Server 12 SP4:kernel-devel-azure-4.12.14-6.6.2.noarch",
"SUSE Linux Enterprise Server 12 SP4:kernel-source-azure-4.12.14-6.6.2.noarch",
"SUSE Linux Enterprise Server 12 SP4:kernel-syms-azure-4.12.14-6.6.2.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-azure-4.12.14-6.6.2.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-azure-base-4.12.14-6.6.2.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-azure-devel-4.12.14-6.6.2.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-devel-azure-4.12.14-6.6.2.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-source-azure-4.12.14-6.6.2.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-syms-azure-4.12.14-6.6.2.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.6,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:N/A:N",
"version": "3.0"
},
"products": [
"SUSE Linux Enterprise Server 12 SP4:kernel-azure-4.12.14-6.6.2.x86_64",
"SUSE Linux Enterprise Server 12 SP4:kernel-azure-base-4.12.14-6.6.2.x86_64",
"SUSE Linux Enterprise Server 12 SP4:kernel-azure-devel-4.12.14-6.6.2.x86_64",
"SUSE Linux Enterprise Server 12 SP4:kernel-devel-azure-4.12.14-6.6.2.noarch",
"SUSE Linux Enterprise Server 12 SP4:kernel-source-azure-4.12.14-6.6.2.noarch",
"SUSE Linux Enterprise Server 12 SP4:kernel-syms-azure-4.12.14-6.6.2.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-azure-4.12.14-6.6.2.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-azure-base-4.12.14-6.6.2.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-azure-devel-4.12.14-6.6.2.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-devel-azure-4.12.14-6.6.2.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-source-azure-4.12.14-6.6.2.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-syms-azure-4.12.14-6.6.2.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2019-02-01T14:42:08Z",
"details": "moderate"
}
],
"title": "CVE-2018-18281"
},
{
"cve": "CVE-2018-18397",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2018-18397"
}
],
"notes": [
{
"category": "general",
"text": "The userfaultfd implementation in the Linux kernel before 4.19.7 mishandles access control for certain UFFDIO_ ioctl calls, as demonstrated by allowing local users to write data into holes in a tmpfs file (if the user has read-only access to that file, and that file contains holes), related to fs/userfaultfd.c and mm/userfaultfd.c.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Server 12 SP4:kernel-azure-4.12.14-6.6.2.x86_64",
"SUSE Linux Enterprise Server 12 SP4:kernel-azure-base-4.12.14-6.6.2.x86_64",
"SUSE Linux Enterprise Server 12 SP4:kernel-azure-devel-4.12.14-6.6.2.x86_64",
"SUSE Linux Enterprise Server 12 SP4:kernel-devel-azure-4.12.14-6.6.2.noarch",
"SUSE Linux Enterprise Server 12 SP4:kernel-source-azure-4.12.14-6.6.2.noarch",
"SUSE Linux Enterprise Server 12 SP4:kernel-syms-azure-4.12.14-6.6.2.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-azure-4.12.14-6.6.2.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-azure-base-4.12.14-6.6.2.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-azure-devel-4.12.14-6.6.2.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-devel-azure-4.12.14-6.6.2.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-source-azure-4.12.14-6.6.2.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-syms-azure-4.12.14-6.6.2.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2018-18397",
"url": "https://www.suse.com/security/cve/CVE-2018-18397"
},
{
"category": "external",
"summary": "SUSE Bug 1117656 for CVE-2018-18397",
"url": "https://bugzilla.suse.com/1117656"
},
{
"category": "external",
"summary": "SUSE Bug 1171522 for CVE-2018-18397",
"url": "https://bugzilla.suse.com/1171522"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Server 12 SP4:kernel-azure-4.12.14-6.6.2.x86_64",
"SUSE Linux Enterprise Server 12 SP4:kernel-azure-base-4.12.14-6.6.2.x86_64",
"SUSE Linux Enterprise Server 12 SP4:kernel-azure-devel-4.12.14-6.6.2.x86_64",
"SUSE Linux Enterprise Server 12 SP4:kernel-devel-azure-4.12.14-6.6.2.noarch",
"SUSE Linux Enterprise Server 12 SP4:kernel-source-azure-4.12.14-6.6.2.noarch",
"SUSE Linux Enterprise Server 12 SP4:kernel-syms-azure-4.12.14-6.6.2.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-azure-4.12.14-6.6.2.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-azure-base-4.12.14-6.6.2.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-azure-devel-4.12.14-6.6.2.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-devel-azure-4.12.14-6.6.2.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-source-azure-4.12.14-6.6.2.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-syms-azure-4.12.14-6.6.2.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:H/A:N",
"version": "3.0"
},
"products": [
"SUSE Linux Enterprise Server 12 SP4:kernel-azure-4.12.14-6.6.2.x86_64",
"SUSE Linux Enterprise Server 12 SP4:kernel-azure-base-4.12.14-6.6.2.x86_64",
"SUSE Linux Enterprise Server 12 SP4:kernel-azure-devel-4.12.14-6.6.2.x86_64",
"SUSE Linux Enterprise Server 12 SP4:kernel-devel-azure-4.12.14-6.6.2.noarch",
"SUSE Linux Enterprise Server 12 SP4:kernel-source-azure-4.12.14-6.6.2.noarch",
"SUSE Linux Enterprise Server 12 SP4:kernel-syms-azure-4.12.14-6.6.2.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-azure-4.12.14-6.6.2.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-azure-base-4.12.14-6.6.2.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-azure-devel-4.12.14-6.6.2.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-devel-azure-4.12.14-6.6.2.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-source-azure-4.12.14-6.6.2.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-syms-azure-4.12.14-6.6.2.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2019-02-01T14:42:08Z",
"details": "moderate"
}
],
"title": "CVE-2018-18397"
},
{
"cve": "CVE-2018-19407",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2018-19407"
}
],
"notes": [
{
"category": "general",
"text": "The vcpu_scan_ioapic function in arch/x86/kvm/x86.c in the Linux kernel through 4.19.2 allows local users to cause a denial of service (NULL pointer dereference and BUG) via crafted system calls that reach a situation where ioapic is uninitialized.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Server 12 SP4:kernel-azure-4.12.14-6.6.2.x86_64",
"SUSE Linux Enterprise Server 12 SP4:kernel-azure-base-4.12.14-6.6.2.x86_64",
"SUSE Linux Enterprise Server 12 SP4:kernel-azure-devel-4.12.14-6.6.2.x86_64",
"SUSE Linux Enterprise Server 12 SP4:kernel-devel-azure-4.12.14-6.6.2.noarch",
"SUSE Linux Enterprise Server 12 SP4:kernel-source-azure-4.12.14-6.6.2.noarch",
"SUSE Linux Enterprise Server 12 SP4:kernel-syms-azure-4.12.14-6.6.2.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-azure-4.12.14-6.6.2.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-azure-base-4.12.14-6.6.2.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-azure-devel-4.12.14-6.6.2.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-devel-azure-4.12.14-6.6.2.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-source-azure-4.12.14-6.6.2.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-syms-azure-4.12.14-6.6.2.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2018-19407",
"url": "https://www.suse.com/security/cve/CVE-2018-19407"
},
{
"category": "external",
"summary": "SUSE Bug 1116841 for CVE-2018-19407",
"url": "https://bugzilla.suse.com/1116841"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Server 12 SP4:kernel-azure-4.12.14-6.6.2.x86_64",
"SUSE Linux Enterprise Server 12 SP4:kernel-azure-base-4.12.14-6.6.2.x86_64",
"SUSE Linux Enterprise Server 12 SP4:kernel-azure-devel-4.12.14-6.6.2.x86_64",
"SUSE Linux Enterprise Server 12 SP4:kernel-devel-azure-4.12.14-6.6.2.noarch",
"SUSE Linux Enterprise Server 12 SP4:kernel-source-azure-4.12.14-6.6.2.noarch",
"SUSE Linux Enterprise Server 12 SP4:kernel-syms-azure-4.12.14-6.6.2.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-azure-4.12.14-6.6.2.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-azure-base-4.12.14-6.6.2.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-azure-devel-4.12.14-6.6.2.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-devel-azure-4.12.14-6.6.2.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-source-azure-4.12.14-6.6.2.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-syms-azure-4.12.14-6.6.2.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.0"
},
"products": [
"SUSE Linux Enterprise Server 12 SP4:kernel-azure-4.12.14-6.6.2.x86_64",
"SUSE Linux Enterprise Server 12 SP4:kernel-azure-base-4.12.14-6.6.2.x86_64",
"SUSE Linux Enterprise Server 12 SP4:kernel-azure-devel-4.12.14-6.6.2.x86_64",
"SUSE Linux Enterprise Server 12 SP4:kernel-devel-azure-4.12.14-6.6.2.noarch",
"SUSE Linux Enterprise Server 12 SP4:kernel-source-azure-4.12.14-6.6.2.noarch",
"SUSE Linux Enterprise Server 12 SP4:kernel-syms-azure-4.12.14-6.6.2.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-azure-4.12.14-6.6.2.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-azure-base-4.12.14-6.6.2.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-azure-devel-4.12.14-6.6.2.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-devel-azure-4.12.14-6.6.2.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-source-azure-4.12.14-6.6.2.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-syms-azure-4.12.14-6.6.2.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2019-02-01T14:42:08Z",
"details": "moderate"
}
],
"title": "CVE-2018-19407"
},
{
"cve": "CVE-2018-19824",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2018-19824"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel through 4.19.6, a local user could exploit a use-after-free in the ALSA driver by supplying a malicious USB Sound device (with zero interfaces) that is mishandled in usb_audio_probe in sound/usb/card.c.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Server 12 SP4:kernel-azure-4.12.14-6.6.2.x86_64",
"SUSE Linux Enterprise Server 12 SP4:kernel-azure-base-4.12.14-6.6.2.x86_64",
"SUSE Linux Enterprise Server 12 SP4:kernel-azure-devel-4.12.14-6.6.2.x86_64",
"SUSE Linux Enterprise Server 12 SP4:kernel-devel-azure-4.12.14-6.6.2.noarch",
"SUSE Linux Enterprise Server 12 SP4:kernel-source-azure-4.12.14-6.6.2.noarch",
"SUSE Linux Enterprise Server 12 SP4:kernel-syms-azure-4.12.14-6.6.2.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-azure-4.12.14-6.6.2.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-azure-base-4.12.14-6.6.2.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-azure-devel-4.12.14-6.6.2.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-devel-azure-4.12.14-6.6.2.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-source-azure-4.12.14-6.6.2.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-syms-azure-4.12.14-6.6.2.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2018-19824",
"url": "https://www.suse.com/security/cve/CVE-2018-19824"
},
{
"category": "external",
"summary": "SUSE Bug 1118152 for CVE-2018-19824",
"url": "https://bugzilla.suse.com/1118152"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Server 12 SP4:kernel-azure-4.12.14-6.6.2.x86_64",
"SUSE Linux Enterprise Server 12 SP4:kernel-azure-base-4.12.14-6.6.2.x86_64",
"SUSE Linux Enterprise Server 12 SP4:kernel-azure-devel-4.12.14-6.6.2.x86_64",
"SUSE Linux Enterprise Server 12 SP4:kernel-devel-azure-4.12.14-6.6.2.noarch",
"SUSE Linux Enterprise Server 12 SP4:kernel-source-azure-4.12.14-6.6.2.noarch",
"SUSE Linux Enterprise Server 12 SP4:kernel-syms-azure-4.12.14-6.6.2.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-azure-4.12.14-6.6.2.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-azure-base-4.12.14-6.6.2.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-azure-devel-4.12.14-6.6.2.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-devel-azure-4.12.14-6.6.2.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-source-azure-4.12.14-6.6.2.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-syms-azure-4.12.14-6.6.2.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.6,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.0/AV:P/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"products": [
"SUSE Linux Enterprise Server 12 SP4:kernel-azure-4.12.14-6.6.2.x86_64",
"SUSE Linux Enterprise Server 12 SP4:kernel-azure-base-4.12.14-6.6.2.x86_64",
"SUSE Linux Enterprise Server 12 SP4:kernel-azure-devel-4.12.14-6.6.2.x86_64",
"SUSE Linux Enterprise Server 12 SP4:kernel-devel-azure-4.12.14-6.6.2.noarch",
"SUSE Linux Enterprise Server 12 SP4:kernel-source-azure-4.12.14-6.6.2.noarch",
"SUSE Linux Enterprise Server 12 SP4:kernel-syms-azure-4.12.14-6.6.2.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-azure-4.12.14-6.6.2.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-azure-base-4.12.14-6.6.2.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-azure-devel-4.12.14-6.6.2.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-devel-azure-4.12.14-6.6.2.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-source-azure-4.12.14-6.6.2.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-syms-azure-4.12.14-6.6.2.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2019-02-01T14:42:08Z",
"details": "moderate"
}
],
"title": "CVE-2018-19824"
},
{
"cve": "CVE-2018-19854",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2018-19854"
}
],
"notes": [
{
"category": "general",
"text": "An issue was discovered in the Linux kernel before 4.19.3. crypto_report_one() and related functions in crypto/crypto_user.c (the crypto user configuration API) do not fully initialize structures that are copied to userspace, potentially leaking sensitive memory to user programs. NOTE: this is a CVE-2013-2547 regression but with easier exploitability because the attacker does not need a capability (however, the system must have the CONFIG_CRYPTO_USER kconfig option).",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Server 12 SP4:kernel-azure-4.12.14-6.6.2.x86_64",
"SUSE Linux Enterprise Server 12 SP4:kernel-azure-base-4.12.14-6.6.2.x86_64",
"SUSE Linux Enterprise Server 12 SP4:kernel-azure-devel-4.12.14-6.6.2.x86_64",
"SUSE Linux Enterprise Server 12 SP4:kernel-devel-azure-4.12.14-6.6.2.noarch",
"SUSE Linux Enterprise Server 12 SP4:kernel-source-azure-4.12.14-6.6.2.noarch",
"SUSE Linux Enterprise Server 12 SP4:kernel-syms-azure-4.12.14-6.6.2.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-azure-4.12.14-6.6.2.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-azure-base-4.12.14-6.6.2.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-azure-devel-4.12.14-6.6.2.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-devel-azure-4.12.14-6.6.2.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-source-azure-4.12.14-6.6.2.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-syms-azure-4.12.14-6.6.2.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2018-19854",
"url": "https://www.suse.com/security/cve/CVE-2018-19854"
},
{
"category": "external",
"summary": "SUSE Bug 1118428 for CVE-2018-19854",
"url": "https://bugzilla.suse.com/1118428"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Server 12 SP4:kernel-azure-4.12.14-6.6.2.x86_64",
"SUSE Linux Enterprise Server 12 SP4:kernel-azure-base-4.12.14-6.6.2.x86_64",
"SUSE Linux Enterprise Server 12 SP4:kernel-azure-devel-4.12.14-6.6.2.x86_64",
"SUSE Linux Enterprise Server 12 SP4:kernel-devel-azure-4.12.14-6.6.2.noarch",
"SUSE Linux Enterprise Server 12 SP4:kernel-source-azure-4.12.14-6.6.2.noarch",
"SUSE Linux Enterprise Server 12 SP4:kernel-syms-azure-4.12.14-6.6.2.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-azure-4.12.14-6.6.2.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-azure-base-4.12.14-6.6.2.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-azure-devel-4.12.14-6.6.2.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-devel-azure-4.12.14-6.6.2.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-source-azure-4.12.14-6.6.2.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-syms-azure-4.12.14-6.6.2.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N",
"version": "3.0"
},
"products": [
"SUSE Linux Enterprise Server 12 SP4:kernel-azure-4.12.14-6.6.2.x86_64",
"SUSE Linux Enterprise Server 12 SP4:kernel-azure-base-4.12.14-6.6.2.x86_64",
"SUSE Linux Enterprise Server 12 SP4:kernel-azure-devel-4.12.14-6.6.2.x86_64",
"SUSE Linux Enterprise Server 12 SP4:kernel-devel-azure-4.12.14-6.6.2.noarch",
"SUSE Linux Enterprise Server 12 SP4:kernel-source-azure-4.12.14-6.6.2.noarch",
"SUSE Linux Enterprise Server 12 SP4:kernel-syms-azure-4.12.14-6.6.2.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-azure-4.12.14-6.6.2.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-azure-base-4.12.14-6.6.2.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-azure-devel-4.12.14-6.6.2.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-devel-azure-4.12.14-6.6.2.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-source-azure-4.12.14-6.6.2.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-syms-azure-4.12.14-6.6.2.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2019-02-01T14:42:08Z",
"details": "low"
}
],
"title": "CVE-2018-19854"
},
{
"cve": "CVE-2018-19985",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2018-19985"
}
],
"notes": [
{
"category": "general",
"text": "The function hso_get_config_data in drivers/net/usb/hso.c in the Linux kernel through 4.19.8 reads if_num from the USB device (as a u8) and uses it to index a small array, resulting in an object out-of-bounds (OOB) read that potentially allows arbitrary read in the kernel address space.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Server 12 SP4:kernel-azure-4.12.14-6.6.2.x86_64",
"SUSE Linux Enterprise Server 12 SP4:kernel-azure-base-4.12.14-6.6.2.x86_64",
"SUSE Linux Enterprise Server 12 SP4:kernel-azure-devel-4.12.14-6.6.2.x86_64",
"SUSE Linux Enterprise Server 12 SP4:kernel-devel-azure-4.12.14-6.6.2.noarch",
"SUSE Linux Enterprise Server 12 SP4:kernel-source-azure-4.12.14-6.6.2.noarch",
"SUSE Linux Enterprise Server 12 SP4:kernel-syms-azure-4.12.14-6.6.2.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-azure-4.12.14-6.6.2.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-azure-base-4.12.14-6.6.2.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-azure-devel-4.12.14-6.6.2.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-devel-azure-4.12.14-6.6.2.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-source-azure-4.12.14-6.6.2.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-syms-azure-4.12.14-6.6.2.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2018-19985",
"url": "https://www.suse.com/security/cve/CVE-2018-19985"
},
{
"category": "external",
"summary": "SUSE Bug 1120743 for CVE-2018-19985",
"url": "https://bugzilla.suse.com/1120743"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Server 12 SP4:kernel-azure-4.12.14-6.6.2.x86_64",
"SUSE Linux Enterprise Server 12 SP4:kernel-azure-base-4.12.14-6.6.2.x86_64",
"SUSE Linux Enterprise Server 12 SP4:kernel-azure-devel-4.12.14-6.6.2.x86_64",
"SUSE Linux Enterprise Server 12 SP4:kernel-devel-azure-4.12.14-6.6.2.noarch",
"SUSE Linux Enterprise Server 12 SP4:kernel-source-azure-4.12.14-6.6.2.noarch",
"SUSE Linux Enterprise Server 12 SP4:kernel-syms-azure-4.12.14-6.6.2.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-azure-4.12.14-6.6.2.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-azure-base-4.12.14-6.6.2.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-azure-devel-4.12.14-6.6.2.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-devel-azure-4.12.14-6.6.2.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-source-azure-4.12.14-6.6.2.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-syms-azure-4.12.14-6.6.2.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N",
"version": "3.0"
},
"products": [
"SUSE Linux Enterprise Server 12 SP4:kernel-azure-4.12.14-6.6.2.x86_64",
"SUSE Linux Enterprise Server 12 SP4:kernel-azure-base-4.12.14-6.6.2.x86_64",
"SUSE Linux Enterprise Server 12 SP4:kernel-azure-devel-4.12.14-6.6.2.x86_64",
"SUSE Linux Enterprise Server 12 SP4:kernel-devel-azure-4.12.14-6.6.2.noarch",
"SUSE Linux Enterprise Server 12 SP4:kernel-source-azure-4.12.14-6.6.2.noarch",
"SUSE Linux Enterprise Server 12 SP4:kernel-syms-azure-4.12.14-6.6.2.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-azure-4.12.14-6.6.2.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-azure-base-4.12.14-6.6.2.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-azure-devel-4.12.14-6.6.2.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-devel-azure-4.12.14-6.6.2.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-source-azure-4.12.14-6.6.2.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-syms-azure-4.12.14-6.6.2.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2019-02-01T14:42:08Z",
"details": "low"
}
],
"title": "CVE-2018-19985"
},
{
"cve": "CVE-2018-20169",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2018-20169"
}
],
"notes": [
{
"category": "general",
"text": "An issue was discovered in the Linux kernel before 4.19.9. The USB subsystem mishandles size checks during the reading of an extra descriptor, related to __usb_get_extra_descriptor in drivers/usb/core/usb.c.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Server 12 SP4:kernel-azure-4.12.14-6.6.2.x86_64",
"SUSE Linux Enterprise Server 12 SP4:kernel-azure-base-4.12.14-6.6.2.x86_64",
"SUSE Linux Enterprise Server 12 SP4:kernel-azure-devel-4.12.14-6.6.2.x86_64",
"SUSE Linux Enterprise Server 12 SP4:kernel-devel-azure-4.12.14-6.6.2.noarch",
"SUSE Linux Enterprise Server 12 SP4:kernel-source-azure-4.12.14-6.6.2.noarch",
"SUSE Linux Enterprise Server 12 SP4:kernel-syms-azure-4.12.14-6.6.2.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-azure-4.12.14-6.6.2.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-azure-base-4.12.14-6.6.2.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-azure-devel-4.12.14-6.6.2.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-devel-azure-4.12.14-6.6.2.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-source-azure-4.12.14-6.6.2.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-syms-azure-4.12.14-6.6.2.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2018-20169",
"url": "https://www.suse.com/security/cve/CVE-2018-20169"
},
{
"category": "external",
"summary": "SUSE Bug 1119714 for CVE-2018-20169",
"url": "https://bugzilla.suse.com/1119714"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Server 12 SP4:kernel-azure-4.12.14-6.6.2.x86_64",
"SUSE Linux Enterprise Server 12 SP4:kernel-azure-base-4.12.14-6.6.2.x86_64",
"SUSE Linux Enterprise Server 12 SP4:kernel-azure-devel-4.12.14-6.6.2.x86_64",
"SUSE Linux Enterprise Server 12 SP4:kernel-devel-azure-4.12.14-6.6.2.noarch",
"SUSE Linux Enterprise Server 12 SP4:kernel-source-azure-4.12.14-6.6.2.noarch",
"SUSE Linux Enterprise Server 12 SP4:kernel-syms-azure-4.12.14-6.6.2.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-azure-4.12.14-6.6.2.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-azure-base-4.12.14-6.6.2.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-azure-devel-4.12.14-6.6.2.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-devel-azure-4.12.14-6.6.2.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-source-azure-4.12.14-6.6.2.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-syms-azure-4.12.14-6.6.2.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.0/AV:P/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"products": [
"SUSE Linux Enterprise Server 12 SP4:kernel-azure-4.12.14-6.6.2.x86_64",
"SUSE Linux Enterprise Server 12 SP4:kernel-azure-base-4.12.14-6.6.2.x86_64",
"SUSE Linux Enterprise Server 12 SP4:kernel-azure-devel-4.12.14-6.6.2.x86_64",
"SUSE Linux Enterprise Server 12 SP4:kernel-devel-azure-4.12.14-6.6.2.noarch",
"SUSE Linux Enterprise Server 12 SP4:kernel-source-azure-4.12.14-6.6.2.noarch",
"SUSE Linux Enterprise Server 12 SP4:kernel-syms-azure-4.12.14-6.6.2.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-azure-4.12.14-6.6.2.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-azure-base-4.12.14-6.6.2.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-azure-devel-4.12.14-6.6.2.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-devel-azure-4.12.14-6.6.2.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-source-azure-4.12.14-6.6.2.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-syms-azure-4.12.14-6.6.2.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2019-02-01T14:42:08Z",
"details": "moderate"
}
],
"title": "CVE-2018-20169"
},
{
"cve": "CVE-2018-9568",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2018-9568"
}
],
"notes": [
{
"category": "general",
"text": "In sk_clone_lock of sock.c, there is a possible memory corruption due to type confusion. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation. Product: Android. Versions: Android kernel. Android ID: A-113509306. References: Upstream kernel.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Server 12 SP4:kernel-azure-4.12.14-6.6.2.x86_64",
"SUSE Linux Enterprise Server 12 SP4:kernel-azure-base-4.12.14-6.6.2.x86_64",
"SUSE Linux Enterprise Server 12 SP4:kernel-azure-devel-4.12.14-6.6.2.x86_64",
"SUSE Linux Enterprise Server 12 SP4:kernel-devel-azure-4.12.14-6.6.2.noarch",
"SUSE Linux Enterprise Server 12 SP4:kernel-source-azure-4.12.14-6.6.2.noarch",
"SUSE Linux Enterprise Server 12 SP4:kernel-syms-azure-4.12.14-6.6.2.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-azure-4.12.14-6.6.2.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-azure-base-4.12.14-6.6.2.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-azure-devel-4.12.14-6.6.2.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-devel-azure-4.12.14-6.6.2.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-source-azure-4.12.14-6.6.2.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-syms-azure-4.12.14-6.6.2.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2018-9568",
"url": "https://www.suse.com/security/cve/CVE-2018-9568"
},
{
"category": "external",
"summary": "SUSE Bug 1118319 for CVE-2018-9568",
"url": "https://bugzilla.suse.com/1118319"
},
{
"category": "external",
"summary": "SUSE Bug 1118320 for CVE-2018-9568",
"url": "https://bugzilla.suse.com/1118320"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Server 12 SP4:kernel-azure-4.12.14-6.6.2.x86_64",
"SUSE Linux Enterprise Server 12 SP4:kernel-azure-base-4.12.14-6.6.2.x86_64",
"SUSE Linux Enterprise Server 12 SP4:kernel-azure-devel-4.12.14-6.6.2.x86_64",
"SUSE Linux Enterprise Server 12 SP4:kernel-devel-azure-4.12.14-6.6.2.noarch",
"SUSE Linux Enterprise Server 12 SP4:kernel-source-azure-4.12.14-6.6.2.noarch",
"SUSE Linux Enterprise Server 12 SP4:kernel-syms-azure-4.12.14-6.6.2.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-azure-4.12.14-6.6.2.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-azure-base-4.12.14-6.6.2.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-azure-devel-4.12.14-6.6.2.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-devel-azure-4.12.14-6.6.2.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-source-azure-4.12.14-6.6.2.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-syms-azure-4.12.14-6.6.2.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.4,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.0/AV:L/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"products": [
"SUSE Linux Enterprise Server 12 SP4:kernel-azure-4.12.14-6.6.2.x86_64",
"SUSE Linux Enterprise Server 12 SP4:kernel-azure-base-4.12.14-6.6.2.x86_64",
"SUSE Linux Enterprise Server 12 SP4:kernel-azure-devel-4.12.14-6.6.2.x86_64",
"SUSE Linux Enterprise Server 12 SP4:kernel-devel-azure-4.12.14-6.6.2.noarch",
"SUSE Linux Enterprise Server 12 SP4:kernel-source-azure-4.12.14-6.6.2.noarch",
"SUSE Linux Enterprise Server 12 SP4:kernel-syms-azure-4.12.14-6.6.2.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-azure-4.12.14-6.6.2.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-azure-base-4.12.14-6.6.2.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-azure-devel-4.12.14-6.6.2.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-devel-azure-4.12.14-6.6.2.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-source-azure-4.12.14-6.6.2.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-syms-azure-4.12.14-6.6.2.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2019-02-01T14:42:08Z",
"details": "moderate"
}
],
"title": "CVE-2018-9568"
}
]
}
SUSE-SU-2019:0541-1
Vulnerability from csaf_suse - Published: 2019-03-04 16:45 - Updated: 2019-03-04 16:45Summary
Security update for the Linux Kernel
Notes
Title of the patch
Security update for the Linux Kernel
Description of the patch
The SUSE Linux Enterprise 12 SP3 kernel was updated to 4.4.175 to receive various security and bugfixes.
The following security bugs were fixed:
- CVE-2019-6974: kvm_ioctl_create_device in virt/kvm/kvm_main.c mishandled reference counting because of a race condition, leading to a use-after-free. (bnc#1124728)
- CVE-2019-7221: Fixed a user-after-free vulnerability in the KVM hypervisor related to the emulation of a preemption timer, allowing an guest user/process to crash the host kernel. (bsc#1124732).
- CVE-2019-7222: Fixed an information leakage in the KVM hypervisor related to handling page fault exceptions, which allowed a guest user/process to use this flaw to leak the host's stack memory contents to a guest (bsc#1124735).
- CVE-2018-1120: By mmap()ing a FUSE-backed file onto a process's memory containing command line arguments (or environment strings), an attacker could have caused utilities from psutils or procps (such as ps, w) or any other program which made a read() call to the /proc/<pid>/cmdline (or /proc/<pid>/environ) files to block indefinitely (denial of service) or for some controlled time (as a synchronization primitive for other attacks) (bnc#1093158).
- CVE-2018-16862: A security flaw was found in a way that the cleancache subsystem clears an inode after the final file truncation (removal). The new file created with the same inode may contain leftover pages from cleancache and the old file data instead of the new one (bnc#1117186).
- CVE-2018-16884: NFS41+ shares mounted in different network namespaces at the same time can make bc_svc_process() use wrong back-channel IDs and cause a use-after-free vulnerability. Thus a malicious container user can cause a host kernel memory corruption and a system panic. Due to the nature of the flaw, privilege escalation cannot be fully ruled out (bnc#1119946).
- CVE-2018-19407: The vcpu_scan_ioapic function in arch/x86/kvm/x86.c allowed local users to cause a denial of service (NULL pointer dereference and BUG) via crafted system calls that reach a situation where ioapic is uninitialized (bnc#1116841).
- CVE-2018-19824: A local user could exploit a use-after-free in the ALSA driver by supplying a malicious USB Sound device (with zero interfaces) that is mishandled in usb_audio_probe in sound/usb/card.c (bnc#1118152).
- CVE-2018-19985: The function hso_probe read if_num from the USB device (as an u8) and used it without a length check to index an array, resulting in an OOB memory read in hso_probe or hso_get_config_data that could be used by local attackers (bnc#1120743).
- CVE-2018-20169: The USB subsystem mishandled size checks during the reading of an extra descriptor, related to __usb_get_extra_descriptor in drivers/usb/core/usb.c (bnc#1119714).
- CVE-2018-5391: The Linux kernel was vulnerable to a denial of service attack with low rates of specially modified packets targeting IP fragment re-assembly. An attacker may cause a denial of service condition by sending specially crafted IP fragments. Various vulnerabilities in IP fragmentation have been discovered and fixed over the years. The current vulnerability (CVE-2018-5391) became exploitable in the Linux kernel with the increase of the IP fragment reassembly queue size (bnc#1103097).
- CVE-2018-9568: In sk_clone_lock of sock.c, there is a possible memory corruption due to type confusion. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation. (bnc#1118319).
- CVE-2019-3459,CVE-2019-3460: Two remote information leak vulnerabilities in the Bluetooth stack were fixed that could potentially leak kernel information (bsc#1120758)
The following non-security bugs were fixed:
- 9p: clear dangling pointers in p9stat_free (bnc#1012382).
- 9p locks: fix glock.client_id leak in do_lock (bnc#1012382).
- 9p/net: put a lower bound on msize (bnc#1012382).
- acpi/iort: Fix iort_get_platform_device_domain() uninitialized pointer value (bsc#1121239).
- acpi/lpss: Add alternative ACPI HIDs for Cherry Trail DMA controllers (bnc#1012382).
- acpi/nfit: Block function zero DSMs (bsc#1123321).
- acpi/nfit: Fix ARS overflow continuation (bsc#1125000).
- acpi/nfit: fix cmd_rc for acpi_nfit_ctl to always return a value (bsc#1124775).
- acpi/nfit: Fix command-supported detection (bsc#1123323).
- acpi/nfit, x86/mce: Handle only uncorrectable machine checks (bsc#1114648).
- acpi/nfit, x86/mce: Validate a MCE's address before using it (bsc#1114648).
- acpi/platform: Add SMB0001 HID to forbidden_id_list (bnc#1012382).
- acpi/power: Skip duplicate power resource references in _PRx (bnc#1012382).
- acpi/processor: Fix the return value of acpi_processor_ids_walk() (git fixes (acpi)).
- af_iucv: Move sockaddr length checks to before accessing sa_family in bind and connect handlers (bnc#1012382).
- ahci: do not ignore result code of ahci_reset_controller() (bnc#1012382).
- aio: fix spectre gadget in lookup_ioctx (bnc#1012382).
- aio: hold an extra file reference over AIO read/write operations (bsc#1116027).
- alpha: Fix Eiger NR_IRQS to 128 (bnc#1012382).
- alpha: fix page fault handling for r16-r18 targets (bnc#1012382).
- ALSA: ac97: Fix incorrect bit shift at AC97-SPSA control write (bnc#1012382).
- ALSA: bebob: fix model-id of unit for Apogee Ensemble (bnc#1012382).
- ALSA: ca0106: Disable IZD on SB0570 DAC to fix audio pops (bnc#1012382).
- ALSA: compress: Fix stop handling on compressed capture streams (bnc#1012382).
- ALSA: control: Fix race between adding and removing a user element (bnc#1012382).
- ALSA: cs46xx: Potential NULL dereference in probe (bnc#1012382).
- ALSA: emu10k1: Fix potential Spectre v1 vulnerabilities (bnc#1012382).
- ALSA: emux: Fix potential Spectre v1 vulnerabilities (bnc#1012382).
- ALSA: hda - Add mic quirk for the Lenovo G50-30 (17aa:3905) (bnc#1012382).
- ALSA: hda: add mute LED support for HP EliteBook 840 G4 (bnc#1012382).
- ALSA: hda - Add quirk for HP EliteBook 840 G5 (bnc#1012382).
- ALSA: hda: Add support for AMD Stoney Ridge (bnc#1012382).
- ALSA: hda: Check the non-cached stream buffers more explicitly (bnc#1012382).
- ALSA: hda/realtek - Disable headset Mic VREF for headset mode of ALC225 (bnc#1012382).
- ALSA: hda - Serialize codec registrations (bnc#1012382).
- ALSA: hda/tegra: clear pending irq handlers (bnc#1012382).
- ALSA: isa/wavefront: prevent some out of bound writes (bnc#1012382).
- ALSA: pcm: Call snd_pcm_unlink() conditionally at closing (bnc#1012382).
- ALSA: pcm: Fix interval evaluation with openmin/max (bnc#1012382).
- ALSA: pcm: Fix potential Spectre v1 vulnerability (bnc#1012382).
- ALSA: pcm: Fix starvation on down_write_nonblock() (bnc#1012382).
- ALSA: pcm: remove SNDRV_PCM_IOCTL1_INFO internal command (bnc#1012382).
- ALSA: rme9652: Fix potential Spectre v1 vulnerability (bnc#1012382).
- ALSA: sparc: Fix invalid snd_free_pages() at error path (bnc#1012382).
- ALSA: timer: Fix zero-division by continue of uninitialized instance (bnc#1012382).
- ALSA: trident: Suppress gcc string warning (bnc#1012382).
- ALSA: usb-audio: Avoid access before bLength check in build_audio_procunit() (bnc#1012382).
- ALSA: usb-audio: Fix an out-of-bound read in create_composite_quirks (bnc#1012382).
- ALSA: usb-audio: Fix implicit fb endpoint setup by quirk (bnc#1012382).
- ALSA: wss: Fix invalid snd_free_pages() at error path (bnc#1012382).
- amd/iommu: Fix Guest Virtual APIC Log Tail Address Register (bsc#1106105).
- arc: change defconfig defaults to ARCv2 (bnc#1012382).
- arc: [devboards] Add support of NFSv3 ACL (bnc#1012382).
- arch/alpha, termios: implement BOTHER, IBSHIFT and termios2 (bnc#1012382).
- arc: io.h: Implement reads{x}()/writes{x}() (bnc#1012382).
- arc: perf: map generic branches to correct hardware condition (bnc#1012382).
- arm64: Disable asm-operand-width warning for clang (bnc#1012382).
- arm64: Do not trap host pointer auth use to EL2 (bnc#1012382).
- arm64: dts: stratix10: Correct System Manager register size (bnc#1012382).
- arm64: Enabled ENA (Amazon network driver) for arm64
- arm64: ftrace: do not adjust the LR value (bnc#1012382).
- arm64: hardcode rodata_enabled=true earlier in the series (bsc#1114763).
- arm64: hyp-stub: Forbid kprobing of the hyp-stub (bnc#1012382).
- arm64/kvm: consistently handle host HCR_EL2 flags (bnc#1012382).
- arm64: kvm: Skip MMIO insn after emulation (bnc#1012382).
- arm64: PCI: ACPI support for legacy IRQs parsing and consolidation with DT code (bsc#985031).
- arm64: percpu: Initialize ret in the default case (bnc#1012382).
- arm64: perf: set suppress_bind_attrs flag to true (bnc#1012382).
- arm64: remove no-op -p linker flag (bnc#1012382).
- arm: 8799/1: mm: fix pci_ioremap_io() offset check (bnc#1012382).
- arm: 8808/1: kexec:offline panic_smp_self_stop CPU (bnc#1012382).
- arm: 8814/1: mm: improve/fix ARM v7_dma_inv_range() unaligned address handling (bnc#1012382).
- arm: cns3xxx: Fix writing to wrong PCI config registers after alignment (bnc#1012382).
- arm: dts: apq8064: add ahci ports-implemented mask (bnc#1012382).
- arm: dts: da850-evm: Correct the sound card name (bnc#1012382).
- arm: dts: Fix OMAP4430 SDP Ethernet startup (bnc#1012382).
- arm: dts: imx53-qsb: disable 1.2GHz OPP (bnc#1012382).
- arm: dts: kirkwood: Fix polarity of GPIO fan lines (bnc#1012382).
- arm: dts: mmp2: fix TWSI2 (bnc#1012382).
- arm: fix mis-applied iommu identity check (bsc#1116924).
- arm: imx: update the cpu power up timing setting on i.mx6sx (bnc#1012382).
- arm: iop32x/n2100: fix PCI IRQ mapping (bnc#1012382).
- arm: kvm: fix building with gcc-8 (bsc#1121241).
- arm: OMAP1: ams-delta: Fix possible use of uninitialized field (bnc#1012382).
- arm: OMAP2+: hwmod: Fix some section annotations (bnc#1012382).
- arm: OMAP2+: prm44xx: Fix section annotation on omap44xx_prm_enable_io_wakeup (bnc#1012382).
- arm: pxa: avoid section mismatch warning (bnc#1012382).
- asix: Check for supported Wake-on-LAN modes (bnc#1012382).
- ASoC: ak4613: Enable cache usage to fix crashes on resume (bnc#1012382).
- ASoC: atom: fix a missing check of snd_pcm_lib_malloc_pages (bnc#1012382).
- ASoC: dapm: Recalculate audio map forcely when card instantiated (bnc#1012382).
- ASoC: fsl: Fix SND_SOC_EUKREA_TLV320 build error on i.MX8M (bnc#1012382).
- ASoC: Intel: mrfld: fix uninitialized variable access (bnc#1012382).
- ASoC: omap-dmic: Add pm_qos handling to avoid overruns with CPU_IDLE (bnc#1012382).
- ASoC: omap-mcpdm: Add pm_qos handling to avoid under/overruns with CPU_IDLE (bnc#1012382).
- ASoC: spear: fix error return code in spdif_in_probe() (bnc#1012382).
- ASoC: wm8940: Enable cache usage to fix crashes on resume (bnc#1012382).
- ata: Fix racy link clearance (bsc#1107866).
- ataflop: fix error handling during setup (bnc#1012382).
- ath10k: fix kernel panic due to race in accessing arvif list (bnc#1012382).
- ath10k: schedule hardware restart if WMI command times out (bnc#1012382).
- ax25: fix a use-after-free in ax25_fillin_cb() (bnc#1012382).
- ax88179_178a: Check for supported Wake-on-LAN modes (bnc#1012382).
- b43: Fix error in cordic routine (bnc#1012382).
- batman-adv: Avoid WARN on net_device without parent in netns (bnc#1012382).
- batman-adv: Expand merged fragment buffer for full packet (bnc#1012382).
- batman-adv: Force mac header to start of data on xmit (bnc#1012382).
- bcache: fix miss key refill->end in writeback (bnc#1012382).
- bfs: add sanity check at bfs_fill_super() (bnc#1012382).
- binfmt_elf: fix calculations for bss padding (bnc#1012382).
- bitops: protect variables in bit_clear_unless() macro (bsc#1116285).
- block: fix inheriting request priority from bio (bsc#1116924).
- block/loop: Use global lock for ioctl() operation (bnc#1012382).
- block: respect virtual boundary mask in bvecs (bsc#1113412).
- block/swim3: Fix -EBUSY error when re-opening device after unmount (Git-fixes).
- Bluetooth: btbcm: Add entry for BCM4335C0 UART bluetooth (bnc#1012382).
- Bluetooth: Fix unnecessary error message for HCI request completion (bnc#1012382).
- Bluetooth: SMP: fix crash in unpairing (bnc#1012382).
- bna: ethtool: Avoid reading past end of buffer (bnc#1012382).
- bnx2x: Assign unique DMAE channel number for FW DMAE transactions (bnc#1012382).
- bnxt_re: Fix couple of memory leaks that could lead to IOMMU call traces (bsc#1020413).
- bonding: fix 802.3ad state sent to partner when unbinding slave (bnc#1012382).
- bpf: fix check of allowed specifiers in bpf_trace_printk (bnc#1012382).
- bpf: generally move prog destruction to RCU deferral (bnc#1012382).
- bpf: support 8-byte metafield access (bnc#1012382).
- bpf, trace: check event type in bpf_perf_event_read (bsc#1119970).
- bpf, trace: use READ_ONCE for retrieving file ptr (bsc#1119967).
- bpf/verifier: Add spi variable to check_stack_write() (bnc#1012382).
- bpf/verifier: Pass instruction index to check_mem_access() and check_xadd() (bnc#1012382).
- bridge: do not add port to router list when receives query with source 0.0.0.0 (bnc#1012382).
- btrfs: Always try all copies when reading extent buffers (bnc#1012382).
- btrfs: do not attempt to trim devices that do not support it (bnc#1012382).
- btrfs: ensure path name is null terminated at btrfs_control_ioctl (bnc#1012382).
- btrfs: fix backport error in submit_stripe_bio (bsc#1114763).
- btrfs: fix data corruption due to cloning of eof block (bnc#1012382).
- btrfs: Fix memory barriers usage with device stats counters (git-fixes).
- btrfs: fix null pointer dereference on compressed write path error (bnc#1012382).
- btrfs: fix pinned underflow after transaction aborted (bnc#1012382).
- btrfs: fix use-after-free when dumping free space (bnc#1012382).
- btrfs: fix wrong dentries after fsync of file that got its parent replaced (bnc#1012382).
- btrfs: Handle error from btrfs_uuid_tree_rem call in _btrfs_ioctl_set_received_subvol (git-fixes).
- btrfs: Handle owner mismatch gracefully when walking up tree (bnc#1012382).
- btrfs: iterate all devices during trim, instead of fs_devices::alloc_list (bnc#1012382).
- btrfs: locking: Add extra check in btrfs_init_new_buffer() to avoid deadlock (bnc#1012382).
- btrfs: make sure we create all new block groups (bnc#1012382).
- btrfs: qgroup: Dirty all qgroups before rescan (bnc#1012382).
- btrfs: release metadata before running delayed refs (bnc#1012382).
- btrfs: reset max_extent_size on clear in a bitmap (bnc#1012382).
- btrfs: send, fix infinite loop due to directory rename dependencies (bnc#1012382).
- btrfs: set max_extent_size properly (bnc#1012382).
- btrfs: tree-checker: Check level for leaves and nodes (bnc#1012382).
- btrfs: tree-checker: Do not check max block group size as current max chunk size limit is unreliable (fixes for bnc#1012382 bsc#1102875 bsc#1102877 bsc#1102879 bsc#1102882 bsc#1102896).
- btrfs: tree-checker: Fix misleading group system information (bnc#1012382).
- btrfs: tree-check: reduce stack consumption in check_dir_item (bnc#1012382).
- btrfs: validate type when reading a chunk (bnc#1012382).
- btrfs: wait on caching when putting the bg cache (bnc#1012382).
- btrfs: wait on ordered extents on abort cleanup (bnc#1012382).
- cachefiles: fix the race between cachefiles_bury_object() and rmdir(2) (bnc#1012382).
- can: bcm: check timer values before ktime conversion (bnc#1012382).
- can: dev: __can_get_echo_skb(): Do not crash the kernel if can_priv::echo_skb is accessed out of bounds (bnc#1012382).
- can: dev: can_get_echo_skb(): factor out non sending code to __can_get_echo_skb() (bnc#1012382).
- can: dev: __can_get_echo_skb(): fix bogous check for non-existing skb by removing it (bnc#1012382).
- can: dev: __can_get_echo_skb(): print error message, if trying to echo non existing skb (bnc#1012382).
- can: dev: __can_get_echo_skb(): replace struct can_frame by canfd_frame to access frame length (bnc#1012382).
- can: gw: ensure DLC boundaries after CAN frame modification (bnc#1012382).
- can: rcar_can: Fix erroneous registration (bnc#1012382).
- cdc-acm: correct counting of UART states in serial state notification (bnc#1012382).
- cdc-acm: fix abnormal DATA RX issue for Mediatek Preloader (bnc#1012382).
- ceph: call setattr_prepare from ceph_setattr instead of inode_change_ok (bsc#1114763).
- ceph: clear inode pointer when snap realm gets dropped by its inode (bsc#1125809).
- ceph: do not update importing cap's mseq when handing cap export (bsc#1121275).
- ceph: fix dentry leak in ceph_readdir_prepopulate (bsc#1114839).
- ceph: quota: fix null pointer dereference in quota check (bsc#1114839).
- cfg80211: reg: Init wiphy_idx in regulatory_hint_core() (bnc#1012382).
- char/mwave: fix potential Spectre v1 vulnerability (bnc#1012382).
- checkstack.pl: fix for aarch64 (bnc#1012382).
- cifs: Always resolve hostname before reconnecting (bnc#1012382).
- cifs: check ntwrk_buf_start for NULL before dereferencing it (bnc#1012382).
- cifs: Do not count -ENODATA as failure for query directory (bnc#1012382).
- cifs: Do not hide EINTR after sending network packets (bnc#1012382).
- cifs: Fix error mapping for SMB2_LOCK command which caused OFD lock problem (bnc#1012382).
- cifs: Fix possible hang during async MTU reads and writes (bnc#1012382).
- cifs: Fix potential OOB access of lock element array (bnc#1012382).
- cifs: Fix separator when building path from dentry (bnc#1012382).
- cifs: handle guest access errors to Windows shares (bnc#1012382).
- cifs: In Kconfig CONFIG_CIFS_POSIX needs depends on legacy (insecure cifs) (bnc#1012382).
- cifs: Limit memory used by lock request calls to a page (bnc#1012382).
- clk: imx6q: reset exclusive gates on init (bnc#1012382).
- clk: imx6sl: ensure MMDC CH0 handshake is bypassed (bnc#1012382).
- clk: mmp: Off by one in mmp_clk_add() (bnc#1012382).
- clk: s2mps11: Add used attribute to s2mps11_dt_match (git-fixes).
- clk: s2mps11: Fix matching when built as module and DT node contains compatible (bnc#1012382).
- clk: samsung: exynos5420: Enable PERIS clocks for suspend (bnc#1012382).
- clockevents/drivers/i8253: Add support for PIT shutdown quirk (bnc#1012382).
- configfs: replace strncpy with memcpy (bnc#1012382).
- cpufeature: avoid warning when compiling with clang (Git-fixes).
- cpufreq: imx6q: add return value check for voltage scale (bnc#1012382).
- cpufreq: intel_pstate: Fix HWP on boot CPU after system resume (bsc#1120017).
- cpuidle: big.LITTLE: fix refcount leak (bnc#1012382).
- cpuidle: Do not access cpuidle_devices when !CONFIG_CPU_IDLE (bnc#1012382).
- cramfs: fix abad comparison when wrap-arounds occur (bnc#1012382).
- crypto: arm64/sha - avoid non-standard inline asm tricks (bnc#1012382).
- crypto: authencesn - Avoid twice completion call in decrypt path (bnc#1012382).
- crypto: authenc - fix parsing key with misaligned rta_len (bnc#1012382).
- crypto: cts - fix crash on short inputs (bnc#1012382).
- crypto: lrw - Fix out-of bounds access on counter overflow (bnc#1012382).
- crypto: shash - Fix a sleep-in-atomic bug in shash_setkey_unaligned (bnc#1012382).
- crypto: user - support incremental algorithm dumps (bsc#1120902).
- crypto: ux500 - Use proper enum in cryp_set_dma_transfer (bnc#1012382).
- crypto: ux500 - Use proper enum in hash_set_dma_transfer (bnc#1012382).
- crypto, x86: aesni - fix token pasting for clang (bnc#1012382).
- crypto: x86/chacha20 - avoid sleeping with preemption disabled (bnc#1012382).
- cw1200: Do not leak memory if krealloc failes (bnc#1012382).
- cw1200: Fix concurrency use-after-free bugs in cw1200_hw_scan() (bnc#1012382).
- cxgb4: Add support for new flash parts (bsc#1102439).
- cxgb4: assume flash part size to be 4MB, if it can't be determined (bsc#1102439).
- cxgb4: Fix FW flash errors (bsc#1102439).
- cxgb4: fix missing break in switch and indent return statements (bsc#1102439).
- cxgb4: support new ISSI flash parts (bsc#1102439).
- dccp: fool proof ccid_hc_[rt]x_parse_options() (bnc#1012382).
- debugfs: fix debugfs_rename parameter checking (bnc#1012382).
- debugobjects: avoid recursive calls with kmemleak (bnc#1012382).
- disable stringop truncation warnings for now (bnc#1012382).
- dlm: Do not swamp the CPU with callbacks queued during recovery (bnc#1012382).
- dlm: fixed memory leaks after failed ls_remove_names allocation (bnc#1012382).
- dlm: lost put_lkb on error path in receive_convert() and receive_unlock() (bnc#1012382).
- dlm: memory leaks on error path in dlm_user_request() (bnc#1012382).
- dlm: possible memory leak on error path in create_lkb() (bnc#1012382).
- dmaengine: at_hdmac: fix memory leak in at_dma_xlate() (bnc#1012382).
- dmaengine: at_hdmac: fix module unloading (bnc#1012382).
- dmaengine: dma-jz4780: Return error if not probed from DT (bnc#1012382).
- dmaengine: imx-dma: fix wrong callback invoke (bnc#1012382).
- dm cache metadata: ignore hints array being too small during resize (Git-fixes).
- dm crypt: add cryptographic data integrity protection (authenticated encryption) (Git-fixes).
- dm crypt: factor IV constructor out to separate function (Git-fixes).
- dm crypt: fix crash by adding missing check for auth key size (git-fixes).
- dm crypt: fix error return code in crypt_ctr() (git-fixes).
- dm crypt: fix memory leak in crypt_ctr_cipher_old() (git-fixes).
- dm crypt: introduce new format of cipher with 'capi:' prefix (Git-fixes).
- dm crypt: wipe kernel key copy after IV initialization (Git-fixes).
- dm: do not allow readahead to limit IO size (git fixes (readahead)).
- dm ioctl: harden copy_params()'s copy_from_user() from malicious users (bnc#1012382).
- dm kcopyd: Fix bug causing workqueue stalls (bnc#1012382).
- dm-multipath: do not assign cmd_flags in setup_clone() (bsc#1103156).
- dm raid: stop using BUG() in __rdev_sectors() (bsc#1046264).
- dm snapshot: Fix excessive memory usage and workqueue stalls (bnc#1012382).
- dm thin: fix bug where bio that overwrites thin block ignores FUA (bnc#1012382).
- dm thin: stop no_space_timeout worker when switching to write-mode (Git-fixes).
- Documentation/network: reword kernel version reference (bnc#1012382).
- dpaa_eth: fix dpaa_get_stats64 to match prototype (bsc#1114763).
- drbd: Avoid Clang warning about pointless switch statment (bnc#1012382).
- drbd: disconnect, if the wrong UUIDs are attached on a connected peer (bnc#1012382).
- drbd: narrow rcu_read_lock in drbd_sync_handshake (bnc#1012382).
- drbd: skip spurious timeout (ping-timeo) when failing promote (bnc#1012382).
- driver/dma/ioat: Call del_timer_sync() without holding prep_lock (bnc#1012382).
- drivers: core: Remove glue dirs from sysfs earlier (bnc#1012382).
- drivers: hv: vmbus: check the creation_status in vmbus_establish_gpadl() (bsc#1104098).
- drivers: hv: vmbus: Return -EINVAL for the sys files for unopened channels (bnc#1012382).
- drivers/misc/sgi-gru: fix Spectre v1 vulnerability (bnc#1012382).
- drivers/sbus/char: add of_node_put() (bnc#1012382).
- drivers/tty: add missing of_node_put() (bnc#1012382).
- drm/ast: change resolution may cause screen blurred (bnc#1012382).
- drm/ast: fixed cursor may disappear sometimes (bnc#1012382).
- drm/ast: fixed reading monitor EDID not stable issue (bnc#1012382).
- drm/ast: Fix incorrect free on ioregs (bsc#1106929)
- drm/ast: Remove existing framebuffers before loading driver (boo#1112963)
- drm/bufs: Fix Spectre v1 vulnerability (bnc#1012382).
- drm/dp_mst: Check if primary mstb is null (bnc#1012382).
- drm/fb-helper: Ignore the value of fb_var_screeninfo.pixclock (bsc#1106929)
- drm/hisilicon: hibmc: Do not carry error code in HiBMC framebuffer (bsc#1113766)
- drm/hisilicon: hibmc: Do not overwrite fb helper surface depth (bsc#1113766)
- drm/i915: Block fbdev HPD processing during suspend (bsc#1106929)
- drm/i915/hdmi: Add HDMI 2.0 audio clock recovery N values (bnc#1012382).
- drm/i915: Prevent a race during I915_GEM_MMAP ioctl with WC set (bsc#1106929)
- drm/ioctl: Fix Spectre v1 vulnerabilities (bnc#1012382).
- drm/modes: Prevent division by zero htotal (bnc#1012382).
- drm/msm: Grab a vblank reference when waiting for commit_done (bnc#1012382).
- drm/nouveau/fbcon: fix oops without fbdev emulation (bnc#1012382).
- drm/omap: fix memory barrier bug in DMM driver (bnc#1012382).
- drm: rcar-du: Fix external clock error checks (bsc#1106929)
- drm: rcar-du: Fix vblank initialization (bsc#1106929)
- drm/rockchip: Allow driver to be shutdown on reboot/kexec (bnc#1012382).
- drm/vmwgfx: Fix setting of dma masks (bsc#1106929)
- drm/vmwgfx: Return error code from vmw_execbuf_copy_fence_user (bsc#1106929)
- e1000: avoid null pointer dereference on invalid stat type (bnc#1012382).
- e1000e: allow non-monotonic SYSTIM readings (bnc#1012382).
- e1000: fix race condition between e1000_down() and e1000_watchdog (bnc#1012382).
- edac: Raise the maximum number of memory controllers (bsc#1120722).
- efi/libstub/arm64: Force 'hidden' visibility for section markers (bnc#1012382).
- efi/libstub/arm64: Set -fpie when building the EFI stub (bnc#1012382).
- efi/libstub/arm64: Use hidden attribute for struct screen_info reference (bsc#1122650).
- enic: fix checksum validation for IPv6 (bnc#1012382).
- exec: avoid gcc-8 warning for get_task_comm (bnc#1012382).
- exec: load_script: do not blindly truncate shebang string (bnc#1012382).
- exportfs: do not read dentry after free (bnc#1012382).
- ext2: fix potential use after free (bnc#1012382).
- ext4: add missing brelse() add_new_gdb_meta_bg()'s error path (bnc#1012382).
- ext4: add missing brelse() in set_flexbg_block_bitmap()'s error path (bnc#1012382).
- ext4: add missing brelse() update_backups()'s error path (bnc#1012382).
- ext4: avoid buffer leak in ext4_orphan_add() after prior errors (bnc#1012382).
- ext4: avoid possible double brelse() in add_new_gdb() on error path (bnc#1012382).
- ext4: avoid potential extra brelse in setup_new_flex_group_blocks() (bnc#1012382).
- ext4: fix a potential fiemap/page fault deadlock w/ inline_data (bnc#1012382).
- ext4: fix argument checking in EXT4_IOC_MOVE_EXT (bnc#1012382).
- ext4: fix buffer leak in __ext4_read_dirblock() on error path (bnc#1012382).
- ext4: fix buffer leak in ext4_xattr_move_to_block() on error path (bnc#1012382).
- ext4: Fix crash during online resizing (bsc#1122779).
- ext4: fix EXT4_IOC_GROUP_ADD ioctl (bnc#1012382).
- ext4: fix missing cleanup if ext4_alloc_flex_bg_array() fails while resizing (bnc#1012382).
- ext4: fix possible inode leak in the retry loop of ext4_resize_fs() (bnc#1012382).
- ext4: fix possible leak of sbi->s_group_desc_leak in error path (bnc#1012382).
- ext4: fix possible use after free in ext4_quota_enable (bnc#1012382).
- ext4: force inode writes when nfsd calls commit_metadata() (bnc#1012382).
- ext4: initialize retries variable in ext4_da_write_inline_data_begin() (bnc#1012382).
- ext4: missing unlock/put_page() in ext4_try_to_write_inline_data() (bnc#1012382).
- ext4: release bs.bh before re-using in ext4_xattr_block_find() (bnc#1012382).
- f2fs: Add sanity_check_inode() function (bnc#1012382).
- f2fs: avoid unneeded loop in build_sit_entries (bnc#1012382).
- f2fs: check blkaddr more accuratly before issue a bio (bnc#1012382).
- f2fs: clean up argument of recover_data (bnc#1012382).
- f2fs: clean up with is_valid_blkaddr() (bnc#1012382).
- f2fs: detect wrong layout (bnc#1012382).
- f2fs: enhance sanity_check_raw_super() to avoid potential overflow (bnc#1012382).
- f2fs: factor out fsync inode entry operations (bnc#1012382).
- f2fs: fix inode cache leak (bnc#1012382).
- f2fs: fix invalid memory access (bnc#1012382).
- f2fs: fix missing up_read (bnc#1012382).
- f2fs: fix to avoid reading out encrypted data in page cache (bnc#1012382).
- f2fs: fix to convert inline directory correctly (bnc#1012382).
- f2fs: fix to determine start_cp_addr by sbi->cur_cp_pack (bnc#1012382).
- f2fs: fix to do sanity check with block address in main area (bnc#1012382).
- f2fs: fix to do sanity check with block address in main area v2 (bnc#1012382).
- f2fs: fix to do sanity check with cp_pack_start_sum (bnc#1012382).
- f2fs: fix to do sanity check with node footer and iblocks (bnc#1012382).
- f2fs: fix to do sanity check with reserved blkaddr of inline inode (bnc#1012382).
- f2fs: fix to do sanity check with secs_per_zone (bnc#1012382).
- f2fs: fix to do sanity check with user_block_count (bnc#1012382).
- f2fs: fix validation of the block count in sanity_check_raw_super (bnc#1012382).
- f2fs: fix wrong return value of f2fs_acl_create (bnc#1012382).
- f2fs: free meta pages if sanity check for ckpt is failed (bnc#1012382).
- f2fs: give -EINVAL for norecovery and rw mount (bnc#1012382).
- f2fs: introduce and spread verify_blkaddr (bnc#1012382).
- f2fs: introduce get_checkpoint_version for cleanup (bnc#1012382).
- f2fs: move dir data flush to write checkpoint process (bnc#1012382).
- f2fs: move sanity checking of cp into get_valid_checkpoint (bnc#1012382).
- f2fs: not allow to write illegal blkaddr (bnc#1012382).
- f2fs: put directory inodes before checkpoint in roll-forward recovery (bnc#1012382).
- f2fs: read page index before freeing (bnc#1012382).
- f2fs: remove an obsolete variable (bnc#1012382).
- f2fs: return error during fill_super (bnc#1012382).
- f2fs: sanity check on sit entry (bnc#1012382).
- f2fs: use crc and cp version to determine roll-forward recovery (bnc#1012382).
- fbdev: fbcon: Fix unregister crash when more than one framebuffer (bsc#1106929)
- fbdev: fbmem: behave better with small rotated displays and many CPUs (bsc#1106929)
- fcoe: remove duplicate debugging message in fcoe_ctlr_vn_add (bsc#1114763).
- Fix kabi for 'Ensure we commit after writeback is complete' (bsc#1111809).
- Fix problem with sharetransport= and NFSv4 (bsc#1114893).
- floppy: fix race condition in __floppy_read_block_0() (Git-fixes).
- flow_dissector: do not dissect l4 ports for fragments (bnc#1012382).
- fork: record start_time late (bnc#1012382).
- fs: add the fsnotify call to vfs_iter_write (bnc#1012382).
- fscache, cachefiles: remove redundant variable 'cache' (bnc#1012382).
- fscache: fix race between enablement and dropping of object (bsc#1107385).
- fscache: Fix race in fscache_op_complete() due to split atomic_sub & read (Git-fixes).
- fscache: Pass the correct cancelled indications to fscache_op_complete() (Git-fixes).
- fs/dcache: Fix incorrect nr_dentry_unused accounting in shrink_dcache_sb() (bnc#1012382).
- fs: do not scan the inode cache before SB_BORN is set (bnc#1012382).
- fs, elf: make sure to page align bss in load_elf_library (bnc#1012382).
- fs/epoll: drop ovflist branch prediction (bnc#1012382).
- fs/exofs: fix potential memory leak in mount option parsing (bnc#1012382).
- fs/fat/fatent.c: add cond_resched() to fat_count_free_clusters() (bnc#1012382).
- fs: fix lost error code in dio_complete (bsc#1117744).
- fuse: call pipe_buf_release() under pipe lock (bnc#1012382).
- fuse: decrement NR_WRITEBACK_TEMP on the right page (bnc#1012382).
- fuse: Dont call set_page_dirty_lock() for ITER_BVEC pages for async_dio (bnc#1012382).
- fuse: fix blocked_waitq wakeup (bnc#1012382).
- fuse: fix leaked notify reply (bnc#1012382).
- fuse: Fix use-after-free in fuse_dev_do_read() (bnc#1012382).
- fuse: Fix use-after-free in fuse_dev_do_write() (bnc#1012382).
- fuse: handle zero sized retrieve correctly (bnc#1012382).
- fuse: set FR_SENT while locked (bnc#1012382).
- futex: Fix (possible) missed wakeup (bsc#1050549).
- gdrom: fix a memory leak bug (bnc#1012382).
- genirq: Fix race on spurious interrupt detection (bnc#1012382).
- genwqe: Fix size check (bnc#1012382).
- gfs2: Do not leave s_fs_info pointing to freed memory in init_sbd (bnc#1012382).
- gfs2: Fix loop in gfs2_rbm_find (bnc#1012382).
- gfs2_meta: ->mount() can get NULL dev_name (bnc#1012382).
- gfs2: Put bitmap buffers in put_super (bnc#1012382).
- gfs2: Revert 'Fix loop in gfs2_rbm_find' (bnc#1012382).
- git_sort.py: Remove non-existent remote tj/libata
- gpiolib: Fix return value of gpio_to_desc() stub if !GPIOLIB (Git-fixes).
- gpio: max7301: fix driver for use with CONFIG_VMAP_STACK (bnc#1012382).
- gpio: msic: fix error return code in platform_msic_gpio_probe() (bnc#1012382).
- gpio: pl061: handle failed allocations (bnc#1012382).
- gpu: host1x: fix error return code in host1x_probe() (bnc#1012382).
- gpu: ipu-v3: Fix CSI offsets for imx53 (bsc#1106929)
- gpu: ipu-v3: Fix i.MX51 CSI control registers offset (bsc#1106929)
- gro_cell: add napi_disable in gro_cells_destroy (bnc#1012382).
- hfs: do not free node before using (bnc#1012382).
- hfsplus: do not free node before using (bnc#1012382).
- hfsplus: prevent btree data loss on root split (bnc#1012382).
- hfs: prevent btree data loss on root split (bnc#1012382).
- hid: debug: fix the ring buffer implementation (bnc#1012382).
- hid: hiddev: fix potential Spectre v1 (bnc#1012382).
- hid: lenovo: Add checks to fix of_led_classdev_register (bnc#1012382).
- hid: uhid: forbid UHID_CREATE under KERNEL_DS or elevated privileges (bnc#1012382).
- hpwdt add dynamic debugging (bsc#1114417).
- hpwdt calculate reload value on each use (bsc#1114417).
- hugetlbfs: dirty pages as they are added to pagecache (bnc#1012382).
- hugetlbfs: fix bug in pgoff overflow checking (bnc#1012382).
- hugetlbfs: fix kernel BUG at fs/hugetlbfs/inode.c:444! (bnc#1012382).
- hwmon: (ibmpowernv) Remove bogus __init annotations (bnc#1012382).
- hwmon: (ina2xx) Fix current value calculation (bnc#1012382).
- hwmon: (lm80) fix a missing check of bus read in lm80 probe (bnc#1012382).
- hwmon: (lm80) fix a missing check of the status of SMBus read (bnc#1012382).
- hwmon: (lm80) Fix missing unlock on error in set_fan_div() (git-fixes).
- hwmon: (pmbus) Fix page count auto-detection (bnc#1012382).
- hwmon: (w83795) temp4_type has writable permission (bnc#1012382).
- hwpoison, memory_hotplug: allow hwpoisoned pages to be offlined (bnc#1116336).
- i2c-axxia: check for error conditions first (bnc#1012382).
- i2c: axxia: properly handle master timeout (bnc#1012382).
- i2c: dev: prevent adapter retries and timeout being set as minus value (bnc#1012382).
- i2c: scmi: Fix probe error on devices with an empty SMB0001 ACPI device node (bnc#1012382).
- IB/core: type promotion bug in rdma_rw_init_one_mr() ().
- IB/hfi1: Fix an out-of-bounds access in get_hw_stats ().
- ibmveth: Do not process frames after calling napi_reschedule (bcs#1123357).
- ibmveth: fix DMA unmap error in ibmveth_xmit_start error path (bnc#1012382).
- ibmvnic: Add ethtool private flag for driver-defined queue limits (bsc#1121726).
- ibmvnic: Convert reset work item mutex to spin lock ().
- ibmvnic: fix accelerated VLAN handling ().
- ibmvnic: fix index in release_rx_pools (bsc#1115440).
- ibmvnic: Fix non-atomic memory allocation in IRQ context ().
- ibmvnic: Increase maximum queue size limit (bsc#1121726).
- ibmvnic: Introduce driver limits for ring sizes (bsc#1121726).
- ibmvnic: remove ndo_poll_controller ().
- ibmvnic: Update driver queues after change in ring size support ().
- ib/rxe: Fix incorrect cache cleanup in error flow ().
- ib/rxe: replace kvfree with vfree ().
- ib/ucm: Fix Spectre v1 vulnerability (bnc#1012382).
- ide: pmac: add of_node_put() (bnc#1012382).
- ieee802154: lowpan_header_create check must check daddr (bnc#1012382).
- igb: Fix an issue that PME is not enabled during runtime suspend (bnc#1012382).
- igb: Remove superfluous reset to PHY and page 0 selection (bnc#1012382).
- iio: adc: at91: fix acking DRDY irq on simple conversions (bnc#1012382).
- iio: adc: at91: fix wrong channel number in triggered buffer mode (bnc#1012382).
- ima: fix showing large 'violations' or 'runtime_measurements_count' (bnc#1012382).
- inet: frags: add a pointer to struct netns_frags (bnc#1012382).
- inet: frags: better deal with smp races (bnc#1012382).
- inet: frags: break the 2GB limit for frags storage (bnc#1012382).
- inet: frags: change inet_frags_init_net() return value (bnc#1012382).
- inet: frags: do not clone skb in ip_expire() (bnc#1012382).
- inet: frags: fix ip6frag_low_thresh boundary (bnc#1012382).
- inet: frags: get rid of ipfrag_skb_cb/FRAG_CB (bnc#1012382).
- inet: frags: get rif of inet_frag_evicting() (bnc#1012382).
- inet: frags: refactor ipfrag_init() (bnc#1012382).
- inet: frags: refactor ipv6_frag_init() (bnc#1012382).
- inet: frags: refactor lowpan_net_frag_init() (bnc#1012382).
- inet: frags: remove inet_frag_maybe_warn_overflow() (bnc#1012382).
- inet: frags: remove some helpers (bnc#1012382).
- inet: frags: reorganize struct netns_frags (bnc#1012382).
- inet: frags: use rhashtables for reassembly units (bnc#1012382).
- Input: bma150 - register input device after setting private data (bnc#1012382).
- Input: elan_i2c - add ACPI ID for Lenovo IdeaPad 330-15ARR (bnc#1012382).
- Input: elan_i2c - add ACPI ID for Lenovo IdeaPad 330-15IGM (bnc#1012382).
- Input: elan_i2c - add ACPI ID for touchpad in ASUS Aspire F5-573G (bnc#1012382).
- Input: elan_i2c - add ACPI ID for touchpad in Lenovo V330-15ISK (bnc#1012382).
- Input: elan_i2c - add ELAN0620 to the ACPI table (bnc#1012382).
- Input: elan_i2c - add support for ELAN0621 touchpad (bnc#1012382).
- Input: elantech - enable 3rd button support on Fujitsu CELSIUS H780 (bnc#1012382).
- Input: matrix_keypad - check for errors from of_get_named_gpio() (bnc#1012382).
- Input: omap-keypad - fix idle configuration to not block SoC idle states (bnc#1012382).
- Input: omap-keypad - fix keyboard debounce configuration (bnc#1012382).
- Input: restore EV_ABS ABS_RESERVED (bnc#1012382).
- Input: xpad - add GPD Win 2 Controller USB IDs (bnc#1012382).
- Input: xpad - add Mad Catz FightStick TE 2 VID/PID (bnc#1012382).
- Input: xpad - add more third-party controllers (bnc#1012382).
- Input: xpad - add PDP device id 0x02a4 (bnc#1012382).
- Input: xpad - add product ID for Xbox One S pad (bnc#1012382).
- Input: xpad - add support for PDP Xbox One controllers (bnc#1012382).
- Input: xpad - add support for SteelSeries Stratus Duo (bnc#1012382).
- Input: xpad - add support for Xbox1 PDP Camo series gamepad (bnc#1012382).
- Input: xpad - add USB IDs for Mad Catz Brawlstick and Razer Sabertooth (bnc#1012382).
- Input: xpad - avoid using __set_bit() for capabilities (bnc#1012382).
- Input: xpad - constify usb_device_id (bnc#1012382).
- Input: xpad - correctly sort vendor id's (bnc#1012382).
- Input: xpad - correct xbox one pad device name (bnc#1012382).
- Input: xpad - do not depend on endpoint order (bnc#1012382).
- Input: xpad - fix GPD Win 2 controller name (bnc#1012382).
- Input: xpad - fix PowerA init quirk for some gamepad models (bnc#1012382).
- Input: xpad - fix rumble on Xbox One controllers with 2015 firmware (bnc#1012382).
- Input: xpad - fix some coding style issues (bnc#1012382).
- Input: xpad - fix stuck mode button on Xbox One S pad (bnc#1012382).
- Input: xpad - fix Xbox One rumble stopping after 2.5 secs (bnc#1012382).
- Input: xpad - handle 'present' and 'gone' correctly (bnc#1012382).
- Input: xpad - move reporting xbox one home button to common function (bnc#1012382).
- Input: xpad - power off wireless 360 controllers on suspend (bnc#1012382).
- Input: xpad - prevent spurious input from wired Xbox 360 controllers (bnc#1012382).
- Input: xpad - quirk all PDP Xbox One gamepads (bnc#1012382).
- Input: xpad - remove spurious events of wireless xpad 360 controller (bnc#1012382).
- Input: xpad - remove unused function (bnc#1012382).
- Input: xpad - restore LED state after device resume (bnc#1012382).
- Input: xpad - simplify error condition in init_output (bnc#1012382).
- Input: xpad - sort supported devices by USB ID (bnc#1012382).
- Input: xpad - support some quirky Xbox One pads (bnc#1012382).
- Input: xpad - sync supported devices with 360Controller (bnc#1012382).
- Input: xpad - sync supported devices with XBCD (bnc#1012382).
- Input: xpad - sync supported devices with xboxdrv (bnc#1012382).
- Input: xpad - update Xbox One Force Feedback Support (bnc#1012382).
- Input: xpad - use LED API when identifying wireless controllers (bnc#1012382).
- Input: xpad - validate USB endpoint type during probe (bnc#1012382).
- Input: xpad - workaround dead irq_out after suspend/ resume (bnc#1012382).
- Input: xpad - xbox one elite controller support (bnc#1012382).
- intel_pstate: Update frequencies of policy->cpus only from ->set_policy() (bsc#1120017).
- intel_th: msu: Fix an off-by-one in attribute store (bnc#1012382).
- iommu/amd: Call free_iova_fast with pfn in map_sg (bsc#1106105).
- iommu/amd: Fix amd_iommu=force_isolation (bsc#1106105).
- iommu/amd: Fix IOMMU page flush when detach device from a domain (bsc#1106105).
- iommu/amd: Unmap all mapped pages in error path of map_sg (bsc#1106105).
- iommu/arm-smmu: Ensure that page-table updates are visible before TLBI (bsc#1106237).
- iommu/arm-smmu-v3: Use explicit mb() when moving cons pointer (bnc#1012382).
- iommu/ipmmu-vmsa: Fix crash on early domain free (bsc#1106105).
- iommu/vt-d: Fix memory leak in intel_iommu_put_resv_regions() (bsc#1106105).
- iommu/vt-d: Fix NULL pointer dereference in prq_event_thread() (bsc#1106105).
- iommu/vt-d: Handle domain agaw being less than iommu agaw (bsc#1106105).
- iommu/vt-d: Use memunmap to free memremap (bsc#1106105).
- ip6mr: Fix potential Spectre v1 vulnerability (bnc#1012382).
- ip: add helpers to process in-order fragments faster (bnc#1012382).
- ipfrag: really prevent allocation on netns exit (bnc#1012382).
- ip: frags: fix crash in ip_do_fragment() (bnc#1012382).
- ipmi: Fix timer race with module unload (bnc#1012382).
- ipmi:ssif: Fix handling of multi-part return messages (bnc#1012382).
- ip: on queued skb use skb_header_pointer instead of pskb_may_pull (bnc#1012382).
- ip: process in-order fragments efficiently (bnc#1012382).
- ip_tunnel: do not force DF when MTU is locked (bnc#1012382).
- ip_tunnel: Fix name string concatenate in __ip_tunnel_create() (bnc#1012382).
- ip: use rb trees for IP frag queue (bnc#1012382).
- ipv4: Fix potential Spectre v1 vulnerability (bnc#1012382).
- ipv4: frags: precedence bug in ip_expire() (bnc#1012382).
- ipv4: ipv6: netfilter: Adjust the frag mem limit when truesize changes (bsc#1110286).
- ipv6: Check available headroom in ip6_xmit() even without options (bnc#1012382).
- ipv6: Consider sk_bound_dev_if when binding a socket to an address (bnc#1012382).
- ipv6: Consider sk_bound_dev_if when binding a socket to a v4 mapped address (bnc#1012382).
- ipv6: explicitly initialize udp6_addr in udp_sock_create6() (bnc#1012382).
- ipv6: fix kernel-infoleak in ipv6_local_error() (bnc#1012382).
- ipv6: Fix PMTU updates for UDP/raw sockets in presence of VRF (bnc#1012382).
- ipv6: frags: rewrite ip6_expire_frag_queue() (bnc#1012382).
- ipv6: mcast: fix a use-after-free in inet6_mc_check (bnc#1012382).
- ipv6/ndisc: Preserve IPv6 control buffer if protocol error handlers are called (bnc#1012382).
- ipv6: orphan skbs in reassembly unit (bnc#1012382).
- ipv6: set rt6i_protocol properly in the route when it is installed (bsc#1114190).
- ipv6: suppress sparse warnings in IP6_ECN_set_ce() (bnc#1012382).
- ipv6: Take rcu_read_lock in __inet6_bind for mapped addresses (bnc#1012382).
- irqchip/gic-v3-its: Align PCI Multi-MSI allocation on their size (bnc#1012382).
- isdn: fix kernel-infoleak in capi_unlocked_ioctl (bnc#1012382).
- isdn: hisax: hfc_pci: Fix a possible concurrency use-after-free bug in HFCPCI_l1hw() (bnc#1012382).
- iser: set sector for ambiguous mr status errors (bnc#1012382).
- iwlwifi: mvm: fix regulatory domain update when the firmware starts (bnc#1012382).
- iwlwifi: mvm: support sta_statistics() even on older firmware (bnc#1012382).
- ixgbe: Add function for checking to see if we can reuse page (bsc#1100105).
- ixgbe: Add support for build_skb (bsc#1100105).
- ixgbe: Add support for padding packet (bsc#1100105).
- ixgbe: Break out Rx buffer page management (bsc#1100105).
- ixgbe: Fix output from ixgbe_dump (bsc#1100105).
- ixgbe: fix possible race in reset subtask (bsc#1101557).
- ixgbe: Make use of order 1 pages and 3K buffers independent of FCoE (bsc#1100105).
- ixgbe: Only DMA sync frame length (bsc#1100105).
- ixgbe: recognize 1000BaseLX SFP modules as 1Gbps (bnc#1012382).
- ixgbe: Refactor queue disable logic to take completion time into account (bsc#1101557).
- ixgbe: Reorder Tx/Rx shutdown to reduce time needed to stop device (bsc#1101557).
- ixgbe: Update code to better handle incrementing page count (bsc#1100105).
- ixgbe: Update driver to make use of DMA attributes in Rx path (bsc#1100105).
- ixgbe: Use length to determine if descriptor is done (bsc#1100105).
- jbd2: fix use after free in jbd2_log_do_checkpoint() (bnc#1012382).
- jffs2: Fix use of uninitialized delayed_work, lockdep breakage (bnc#1012382).
- jffs2: free jffs2_sb_info through jffs2_kill_sb() (bnc#1012382).
- kabi: hwpoison, memory_hotplug: allow hwpoisoned pages to be offlined (bnc#1116336).
- kabi: protect get_vaddr_frames (kabi).
- kabi: protect linux/kfifo.h include in hid-debug (kabi).
- kabi: protect struct azx (kabi).
- kabi: protect struct cfs_bandwidth (kabi).
- kabi: protect struct esp (kabi).
- kabi: protect struct fuse_io_priv (kabi).
- kabi: protect struct hda_bus (kabi).
- kabi: protect __usb_get_extra_descriptor (kabi).
- kabi: protect xen/xen-ops.h include in xlate_mmu.c (kabi).
- kabi: reorder new slabinfo fields in struct kmem_cache_node (bnc#1116653).
- kabi: revert sig change on pnfs_read_resend_pnfs (git-fixes).
- kaweth: use skb_cow_head() to deal with cloned skbs (bnc#1012382).
- kbuild: Add better clang cross build support (bnc#1012382).
- kbuild: Add __cc-option macro (bnc#1012382).
- kbuild: Add support to generate LLVM assembly files (bnc#1012382).
- kbuild: allow to use GCC toolchain not in Clang search path (bnc#1012382).
- kbuild: clang: add -no-integrated-as to KBUILD_[AC]FLAGS (bnc#1012382).
- kbuild: clang: Disable 'address-of-packed-member' warning (bnc#1012382).
- kbuild: clang: disable unused variable warnings only when constant (bnc#1012382).
- kbuild: clang: fix build failures with sparse check (bnc#1012382).
- kbuild: clang: remove crufty HOSTCFLAGS (bnc#1012382).
- kbuild: Consolidate header generation from ASM offset information (bnc#1012382).
- kbuild: consolidate redundant sed script ASM offset generation (bnc#1012382).
- kbuild: drop -Wno-unknown-warning-option from clang options (bnc#1012382).
- kbuild: fix asm-offset generation to work with clang (bnc#1012382).
- kbuild: fix kernel/bounds.c 'W=1' warning (bnc#1012382).
- kbuild: fix linker feature test macros when cross compiling with Clang (bnc#1012382).
- kbuild, LLVMLinux: Add -Werror to cc-option to support clang (bnc#1012382).
- kbuild: move cc-option and cc-disable-warning after incl. arch Makefile (bnc#1012382).
- kbuild: Set KBUILD_CFLAGS before incl. arch Makefile (bnc#1012382).
- kbuild: set no-integrated-as before incl. arch Makefile (bnc#1012382).
- kbuild: suppress packed-not-aligned warning for default setting only (bnc#1012382).
- kbuild: use -Oz instead of -Os when using clang (bnc#1012382).
- kconfig: fix file name and line number of warn_ignored_character() (bnc#1012382).
- kconfig: fix memory leak when EOF is encountered in quotation (bnc#1012382).
- kdb: use memmove instead of overlapping memcpy (bnc#1012382).
- kdb: Use strscpy with destination buffer size (bnc#1012382).
- kernel/exit.c: release ptraced tasks before zap_pid_ns_processes (bnc#1012382).
- kernel/hung_task.c: break RCU locks based on jiffies (bnc#1012382).
- kernel-source.spec: Align source numbering.
- kernfs: Replace strncpy with memcpy (bnc#1012382).
- keys: put keyring if install_session_keyring_to_cred() fails (bnc#1012382).
- kgdboc: fix KASAN global-out-of-bounds bug in param_set_kgdboc_var() (bnc#1012382).
- kgdboc: Fix restrict error (bnc#1012382).
- kgdboc: Fix warning with module build (bnc#1012382).
- kgdboc: Passing ekgdboc to command line causes panic (bnc#1012382).
- kobject: Replace strncpy with memcpy (bnc#1012382).
- kprobes: Return error if we fail to reuse kprobe instead of BUG_ON() (bnc#1012382).
- kvm/arm64: Fix caching of host MDCR_EL2 value (bsc#1121242).
- kvm/arm: Restore banked registers and physical timer access on hyp_panic() (bsc#1121240).
- kvm/mmu: Fix race in emulated page table writes (bnc#1012382).
- kvm/nvmx: Always reflect #NM VM-exits to L1 (bsc#1106240).
- kvm/nvmx: Eliminate vmcs02 pool (bnc#1012382).
- kvm/nvmx: mark vmcs12 pages dirty on L2 exit (bnc#1012382).
- kvm/ppc: Move and undef TRACE_INCLUDE_PATH/FILE (bnc#1012382).
- kvm/svm: Allow direct access to MSR_IA32_SPEC_CTRL (bnc#1012382 bsc#1068032).
- kvm/svm: Ensure an IBPB on all affected CPUs when freeing a vmcb (bsc#1114648).
- kvm/vmx: Allow direct access to MSR_IA32_SPEC_CTRL (bnc#1012382 bsc#1068032 bsc#1096242 bsc#1096281).
- kvm/vmx: Emulate MSR_IA32_ARCH_CAPABILITIES (bnc#1012382).
- kvm/vmx: Fix x2apic check in vmx_msr_bitmap_mode() (bsc#1124166).
- kvm/vmx: introduce alloc_loaded_vmcs (bnc#1012382).
- kvm/vmx: make MSR bitmaps per-VCPU (bnc#1012382).
- kvm/vmx: Missing part of upstream commit 904e14fb7cb9 (bsc#1124166).
- kvm/x86: Add IBPB support (bnc#1012382 bsc#1068032 bsc#1068032).
- kvm/x86: fix empty-body warnings (bnc#1012382).
- kvm/x86: Fix single-step debugging (bnc#1012382).
- kvm/x86: Remove indirect MSR op calls from SPEC_CTRL (bnc#1012382).
- kvm/x86: svm: report MSR_IA32_MCG_EXT_CTL as unsupported (bnc#1012382).
- kvm/x86: Use jmp to invoke kvm_spurious_fault() from .fixup (bnc#1012382).
- l2tp: copy 4 more bytes to linear part if necessary (bnc#1012382).
- l2tp: fix reading optional fields of L2TPv3 (bnc#1012382).
- l2tp: remove l2specific_len dependency in l2tp_core (bnc#1012382).
- lan78xx: Check for supported Wake-on-LAN modes (bnc#1012382).
- leds: call led_pwm_set() in leds-pwm to enforce default LED_OFF (bnc#1012382).
- leds: leds-gpio: Fix return value check in create_gpio_led() (bnc#1012382).
- leds: turn off the LED and wait for completion on unregistering LED class device (bnc#1012382).
- libata: whitelist all SAMSUNG MZ7KM* solid-state disks (bnc#1012382).
- libceph: avoid KEEPALIVE_PENDING races in ceph_con_keepalive() (bsc#1125810).
- libceph: bump CEPH_MSG_MAX_DATA_LEN (bsc#1114839).
- libceph: fall back to sendmsg for slab pages (bsc#1118316).
- libfc: sync strings with upstream versions (bsc#1114763).
- lib/interval_tree_test.c: allow full tree search (bnc#1012382).
- lib/interval_tree_test.c: allow users to limit scope of endpoint (bnc#1012382).
- lib/interval_tree_test.c: make test options module parameters (bnc#1012382).
- libnvdimm, {btt, blk}: do integrity setup before add_disk() (bsc#1118926).
- libnvdimm, dimm: fix dpa reservation vs uninitialized label area (bsc#1118936).
- libnvdimm: fix ars_status output length calculation (bsc#1124777).
- libnvdimm: fix integer overflow static analysis warning (bsc#1118922).
- libnvdimm: fix nvdimm_bus_lock() vs device_lock() ordering (bsc#1118915).
- libnvdimm: Hold reference on parent while scheduling async init (bnc#1012382).
- libnvdimm, pfn: Pad pfn namespaces relative to other regions (bsc#1124811).
- libnvdimm: Use max contiguous area for namespace size (bsc#1124780).
- lib/raid6: Fix arm64 test build (bnc#1012382).
- lib/rbtree_test.c: make input module parameters (bnc#1012382).
- lib/rbtree-test: lower default params (bnc#1012382).
- llc: do not use sk_eat_skb() (bnc#1012382).
- lockd: fix access beyond unterminated strings in prints (bnc#1012382).
- locking/lockdep: Fix debug_locks off performance problem (bnc#1012382).
- locking/rwsem: Fix (possible) missed wakeup (bsc#1050549).
- loop: Fix double mutex_unlock(&loop_ctl_mutex) in loop_control_ioctl() (bnc#1012382).
- loop: Fold __loop_release into loop_release (bnc#1012382).
- loop: Get rid of loop_index_mutex (bnc#1012382).
- lsm: Check for NULL cred-security on free (bnc#1012382).
- mac80211: Always report TX status (bnc#1012382).
- mac80211: Clear beacon_int in ieee80211_do_stop (bnc#1012382).
- mac80211: ensure that mgmt tx skbs have tailroom for encryption (bnc#1012382).
- mac80211: fix radiotap vendor presence bitmap handling (bnc#1012382).
- mac80211: fix reordering of buffered broadcast packets (bnc#1012382).
- mac80211_hwsim: do not omit multicast announce of first added radio (bnc#1012382).
- mac80211_hwsim: fix module init error paths for netlink (bnc#1012382).
- mac80211_hwsim: Timer should be initialized before device registered (bnc#1012382).
- mac80211: ignore NullFunc frames in the duplicate detection (bnc#1012382).
- mac80211: ignore tx status for PS stations in ieee80211_tx_status_ext (bnc#1012382).
- mach64: fix display corruption on big endian machines (bnc#1012382).
- mach64: fix image corruption due to reading accelerator registers (bnc#1012382).
- matroxfb: fix size of memcpy (bnc#1012382).
- md: batch flush requests (bsc#1119680).
- md: do not check MD_SB_CHANGE_CLEAN in md_allow_write (Git-fixes).
- md: fix invalid stored role for a disk (bnc#1012382).
- md: fix invalid stored role for a disk - try2 (bnc#1012382).
- md: reorder flag_bits to match upstream commits
- media: DaVinci-VPBE: fix error handling in vpbe_initialize() (bnc#1012382).
- media: dvb-frontends: fix i2c access helpers for KASAN (bnc#1012382).
- media: em28xx: fix input name for Terratec AV 350 (bnc#1012382).
- media: em28xx: Fix misplaced reset of dev->v4l::field_count (bnc#1012382).
- media: em28xx: Fix use-after-free when disconnecting (bnc#1012382).
- media: em28xx: make v4l2-compliance happier by starting sequence on zero (bnc#1012382).
- media: em28xx: use a default format if TRY_FMT fails (bnc#1012382).
- media: firewire: Fix app_info parameter type in avc_ca{,_app}_info (bnc#1012382).
- media: pci: cx23885: handle adding to list failure (bnc#1012382).
- media: tvp5150: fix width alignment during set_selection() (bnc#1012382).
- media: v4l: event: Add subscription to list before calling 'add' operation (bnc#1012382).
- media: vb2: be sure to unlock mutex on errors (bnc#1012382).
- media: vb2: vb2_mmap: move lock up (bnc#1012382).
- media: vivid: fix error handling of kthread_run (bnc#1012382).
- media: vivid: free bitmap_cap when updating std/timings/etc (bnc#1012382).
- media: vivid: set min width/height to a value > 0 (bnc#1012382).
- memstick: Prevent memstick host from getting runtime suspended during card detection (bnc#1012382).
- mfd: tps6586x: Handle interrupts on suspend (bnc#1012382).
- mips: bpf: fix encoding bug for mm_srlv32_op (bnc#1012382).
- mips: cm: reprime error cause (bnc#1012382).
- mips: fix n32 compat_ipc_parse_version (bnc#1012382).
- mips: OCTEON: do not set octeon_dma_bar_type if PCI is disabled (bnc#1012382).
- mips: SiByte: Enable swiotlb for SWARM, LittleSur and BigSur (bnc#1012382).
- mips: VDSO: Include $(ccflags-vdso) in o32,n32 .lds builds (bnc#1012382).
- misc: atmel-ssc: Fix section annotation on atmel_ssc_get_driver_data (bnc#1012382).
- misc: mic/scif: fix copy-paste error in scif_create_remote_lookup (bnc#1012382).
- misc: vexpress: Off by one in vexpress_syscfg_exec() (bnc#1012382).
- mmc: atmel-mci: do not assume idle after atmci_request_end (bnc#1012382).
- mmc: bcm2835: Fix DMA channel leak on probe error (bsc#1120902).
- mmc: core: Reset HPI enabled state during re-init and in case of errors (bnc#1012382).
- mm: cleancache: fix corruption on missed inode invalidation (bnc#1012382).
- mmc: OMAP: fix broken MMC on OMAP15XX/OMAP5910/OMAP310 (bnc#1012382).
- mmc: omap_hsmmc: fix DMA API warning (bnc#1012382).
- mmc: sdhci-iproc: handle mmc_of_parse() errors during probe (bnc#1012382).
- mmc: sdhci-pci-o2micro: Add quirk for O2 Micro dev 0x8620 rev 0x01 (bnc#1012382).
- mm, devm_memremap_pages: kill mapping 'System RAM' support (bnc#1012382).
- mm: do not bug_on on incorrect length in __mm_populate() (bnc#1012382).
- mm: do not miss the last page because of round-off error (bnc#1118798).
- mm, elf: handle vm_brk error (bnc#1012382).
- mm, hugetlb: fix huge_pte_alloc BUG_ON (bsc#1119204).
- mm: hwpoison: call shake_page() after try_to_unmap() for mlocked page (bnc#1116336).
- mm: lower the printk loglevel for __dump_page messages (generic hotplug debugability).
- mm, memory_hotplug: be more verbose for memory offline failures (generic hotplug debugability).
- mm, memory_hotplug: drop pointless block alignment checks from __offline_pages (generic hotplug debugability).
- mm, memory_hotplug: print reason for the offlining failure (generic hotplug debugability).
- mm: migrate: do not rely on __PageMovable() of newpage after unlocking it (bnc#1012382).
- mm: migration: fix migration of huge PMD shared pages (bnc#1012382).
- mm: mlock: avoid increase mm->locked_vm on mlock() when already mlock2(,MLOCK_ONFAULT) (bnc#1012382).
- mm/nommu.c: Switch __get_user_pages_unlocked() to use __get_user_pages() (bnc#1012382).
- mm: only report isolation failures when offlining memory (generic hotplug debugability).
- mm, oom: fix use-after-free in oom_kill_process (bnc#1012382).
- mm, page_alloc: drop should_suppress_show_mem (bnc#1125892, bnc#1106061).
- mm/page-writeback.c: do not break integrity writeback on ->writepage() error (bnc#1012382).
- mm: Preserve _PAGE_DEVMAP across mprotect() calls (bsc#1118790).
- mm: print more information about mapping in __dump_page (generic hotplug debugability).
- mm, proc: be more verbose about unstable VMA flags in /proc/<pid>/smaps (bnc#1012382).
- mm: put_and_wait_on_page_locked() while page is migrated (bnc#1109272).
- mm: refuse wrapped vm_brk requests (bnc#1012382).
- mm: remove write/force parameters from __get_user_pages_locked() (bnc#1012382 bsc#1027260).
- mm: remove write/force parameters from __get_user_pages_unlocked() (bnc#1012382 bsc#1027260).
- mm: replace __access_remote_vm() write parameter with gup_flags (bnc#1012382).
- mm: replace access_remote_vm() write parameter with gup_flags (bnc#1012382).
- mm: replace get_user_pages_locked() write/force parameters with gup_flags (bnc#1012382 bsc#1027260).
- mm: replace get_user_pages_unlocked() write/force parameters with gup_flags (bnc#1012382 bsc#1027260).
- mm: replace get_user_pages() write/force parameters with gup_flags (bnc#1012382 bsc#1027260).
- mm: replace get_vaddr_frames() write/force parameters with gup_flags (bnc#1012382).
- mm, slab: faster active and free stats (bsc#1116653, VM Performance).
- mm/slab: improve performance of gathering slabinfo stats (bsc#1116653, VM Performance).
- mm, slab: maintain total slab count instead of active count (bsc#1116653, VM Performance).
- mm: thp: relax __GFP_THISNODE for MADV_HUGEPAGE mappings (bnc#1012382).
- modpost: validate symbol names also in find_elf_symbol (bnc#1012382).
- modules: mark __inittest/__exittest as __maybe_unused (bnc#1012382).
- mount: Do not allow copying MNT_UNBINDABLE|MNT_LOCKED mounts (bnc#1012382).
- mount: Prevent MNT_DETACH from disconnecting locked mounts (bnc#1012382).
- mount: Retest MNT_LOCKED in do_umount (bnc#1012382).
- Move patches to sorted range, p1
- Move /proc/sys/vm/procfs-drop-fd-dentries to /proc/sys/fs/procfs-drop-fd-dentries (bsc#1086652) This was incorrectly put in /proc/sys/vm.
- msi: Disable MSI also when pcie-octeon.pcie_disable on (bnc#1012382).
- mtd: docg3: do not set conflicting BCH_CONST_PARAMS option (bnc#1012382).
- mtd: rawnand: gpmi: fix MX28 bus master lockup problem (bnc#1012382).
- mtd: spi-nor: Add support for is25wp series chips (bnc#1012382).
- mv88e6060: disable hardware level MAC learning (bnc#1012382).
- mwifiex: Fix NULL pointer dereference in skb_dequeue() (bnc#1012382).
- mwifiex: fix p2p device does not find in scan problem (bnc#1012382).
- namei: allow restricted O_CREAT of FIFOs and regular files (bnc#1012382).
- neighbour: Avoid writing before skb->head in neigh_hh_output() (bnc#1012382).
- net: 8139cp: fix a BUG triggered by changing mtu with network traffic (bnc#1012382).
- net/af_iucv: drop inbound packets with invalid flags (bnc#1114475, LTC#172679).
- net/af_iucv: fix skb handling on HiperTransport xmit error (bnc#1114475, LTC#172679).
- net: amd: add missing of_node_put() (bnc#1012382).
- net: bcmgenet: fix OF child-node lookup (bnc#1012382).
- net: bridge: fix a bug on using a neighbour cache entry without checking its state (bnc#1012382).
- net: bridge: Fix ethernet header pointer before check skb forwardable (bnc#1012382).
- net: bridge: remove ipv6 zero address check in mcast queries (bnc#1012382).
- net: call sk_dst_reset when set SO_DONTROUTE (bnc#1012382).
- net: cxgb3_main: fix a missing-check bug (bnc#1012382).
- net: dp83640: expire old TX-skb (bnc#1012382).
- net: drop skb on failure in ip_check_defrag() (bnc#1012382).
- net: drop write-only stack variable (bnc#1012382).
- net: dsa: slave: Do not propagate flag changes on down slave interfaces (bnc#1012382).
- net: ena: add functions for handling Low Latency Queues in ena_com (bsc#1117562).
- net: ena: add functions for handling Low Latency Queues in ena_netdev (bsc#1117562).
- net: ena: change rx copybreak default to reduce kernel memory pressure (bsc#1117562).
- net: ena: complete host info to match latest ENA spec (bsc#1117562).
- net: ena: enable Low Latency Queues (bsc#1117562).
- net: ena: explicit casting and initialization, and clearer error handling (bsc#1117562).
- net: ena: fix auto casting to boolean (bsc#1117562).
- net: ena: fix compilation error in xtensa architecture (bsc#1117562).
- net: ena: fix crash during ena_remove() (bsc#1108240).
- net: ena: fix crash during failed resume from hibernation (bsc#1117562).
- net: ena: fix indentations in ena_defs for better readability (bsc#1117562).
- net: ena: Fix Kconfig dependency on X86 (bsc#1117562).
- net: ena: fix NULL dereference due to untimely napi initialization (bsc#1117562).
- net: ena: fix rare bug when failed restart/resume is followed by driver removal (bsc#1117562).
- net: ena: fix warning in rmmod caused by double iounmap (bsc#1117562).
- net: ena: introduce Low Latency Queues data structures according to ENA spec (bsc#1117562).
- net: ena: limit refill Rx threshold to 256 to avoid latency issues (bsc#1117562).
- net: ena: minor performance improvement (bsc#1117562).
- net: ena: remove ndo_poll_controller (bsc#1117562).
- net: ena: remove redundant parameter in ena_com_admin_init() (bsc#1117562).
- net: ena: update driver version from 2.0.1 to 2.0.2 (bsc#1108240).
- net: ena: update driver version to 2.0.1 (bsc#1117562).
- net: ena: use CSUM_CHECKED device indication to report skb's checksum status (bsc#1117562).
- net: faraday: ftmac100: remove netif_running(netdev) check before disabling interrupts (bnc#1012382).
- netfilter: ipset: actually allow allowable CIDR 0 in hash:net,port,net (bnc#1012382).
- netfilter: ipset: Correct rcu_dereference() call in ip_set_put_comment() (bnc#1012382).
- netfilter: nf_tables: fix oops when inserting an element into a verdict map (bnc#1012382).
- netfilter: xt_IDLETIMER: add sysfs filename checking routine (bnc#1012382).
- net: fix pskb_trim_rcsum_slow() with odd trim offset (bnc#1012382).
- net: Fix usage of pskb_trim_rcsum (bnc#1012382).
- net-gro: reset skb->pkt_type in napi_reuse_skb() (bnc#1012382).
- net: hisilicon: remove unexpected free_netdev (bnc#1012382).
- net: ibm: fix return type of ndo_start_xmit function ().
- net/ibmnvic: Fix deadlock problem in reset ().
- net/ibmvnic: Fix RTNL deadlock during device reset (bnc#1115431).
- net: ieee802154: 6lowpan: fix frag reassembly (bnc#1012382).
- net/ipv4: defensive cipso option parsing (bnc#1012382).
- net: ipv4: do not handle duplicate fragments as overlapping (bnc#1012382 bsc#1116345).
- net: ipv4: do not handle duplicate fragments as overlapping (bsc#1116345).
- net: ipv4: Fix memory leak in network namespace dismantle (bnc#1012382).
- net/ipv6: Fix index counter for unicast addresses in in6_dump_addrs (bnc#1012382).
- net/mlx4_core: Add masking for a few queries on HCA caps (bnc#1012382).
- net/mlx4_core: Correctly set PFC param if global pause is turned off (bsc#1015336 bsc#1015337 bsc#1015340).
- net/mlx4_core: Fix uninitialized variable compilation warning (bnc#1012382).
- net/mlx4_core: Zero out lkey field in SW2HW_MPT fw command (bnc#1012382).
- net/mlx4: Fix UBSAN warning of signed integer overflow (bnc#1012382).
- net: modify skb_rbtree_purge to return the truesize of all purged skbs (bnc#1012382).
- net: phy: do not allow __set_phy_supported to add unsupported modes (bnc#1012382).
- net: Prevent invalid access to skb->prev in __qdisc_drop_all (bnc#1012382).
- net: pskb_trim_rcsum() and CHECKSUM_COMPLETE are friends (bnc#1012382).
- net: qla3xxx: Remove overflowing shift statement (bnc#1012382).
- netrom: fix locking in nr_find_socket() (bnc#1012382).
- netrom: switch to sock timer API (bnc#1012382).
- net/rose: fix NULL ax25_cb kernel panic (bnc#1012382).
- net: sched: gred: pass the right attribute to gred_change_table_def() (bnc#1012382).
- net_sched: refetch skb protocol for each filter (bnc#1012382).
- net: socket: fix a missing-check bug (bnc#1012382).
- net: speed up skb_rbtree_purge() (bnc#1012382).
- net: stmmac: Fix stmmac_mdio_reset() when building stmmac as modules (bnc#1012382).
- net: systemport: Fix WoL with password after deep sleep (bnc#1012382).
- net: thunderx: fix NULL pointer dereference in nic_remove (bnc#1012382).
- new helper: uaccess_kernel() (bnc#1012382).
- nfc: nfcmrvl_uart: fix OF child-node lookup (bnc#1012382).
- nfc: nxp-nci: Include unaligned.h instead of access_ok.h (bnc#1012382).
- nfit: fix unchecked dereference in acpi_nfit_ctl (bsc#1125014).
- nfit: skip region registration for incomplete control regions (bsc#1118930).
- nfsd4: fix crash on writing v4_end_grace before nfsd startup (bnc#1012382).
- nfsd: Fix an Oops in free_session() (bnc#1012382).
- nfs: Ensure we commit after writeback is complete (bsc#1111809).
- nfs: nfs_compare_mount_options always compare auth flavors (bnc#1012382).
- nfsv4.1: Fix the r/wsize checking (bnc#1012382).
- nfsv4: Do not exit the state manager without clearing NFS4CLNT_MANAGER_RUNNING (git-fixes).
- niu: fix missing checks of niu_pci_eeprom_read (bnc#1012382).
- nvme: validate controller state before rescheduling keep alive (bsc#1103257).
- ocfs2: do not clear bh uptodate for block read (bnc#1012382).
- ocfs2: fix a misuse a of brelse after failing ocfs2_check_dir_entry (bnc#1012382).
- ocfs2: fix deadlock caused by ocfs2_defrag_extent() (bnc#1012382).
- ocfs2: fix panic due to unrecovered local alloc (bnc#1012382).
- ocfs2: fix potential use after free (bnc#1012382).
- of: add helper to lookup compatible child node (bnc#1012382).
- omap2fb: Fix stack memory disclosure (bsc#1106929)
- openvswitch: Avoid OOB read when parsing flow nlattrs (bnc#1012382).
- packet: Do not leak dev refcounts on error exit (bnc#1012382).
- packet: validate address length (bnc#1012382).
- packet: validate address length if non-zero (bnc#1012382).
- parisc: Fix address in HPMC IVA (bnc#1012382).
- parisc: Fix map_pages() to not overwrite existing pte entries (bnc#1012382).
- pci: Add Device IDs for Intel GPU 'spurious interrupt' quirk (bnc#1012382).
- pci: altera: Check link status before retrain link (bnc#1012382).
- pci: altera: Fix altera_pcie_link_is_up() (bnc#1012382).
- pci: altera: Move retrain from fixup to altera_pcie_host_init() (bnc#1012382).
- pci: altera: Poll for link training status after retraining the link (bnc#1012382).
- pci: altera: Poll for link up status after retraining the link (bnc#1012382).
- pci: altera: Reorder read/write functions (bnc#1012382).
- pci: altera: Rework config accessors for use without a struct pci_bus (bnc#1012382).
- pci/ASPM: Do not initialize link state when aspm_disabled is set (bsc#1109806).
- pci/ASPM: Fix link_state teardown on device removal (bsc#1109806).
- pci: vmd: Detach resources after stopping root bus (bsc#1106105).
- pcmcia: Implement CLKRUN protocol disabling for Ricoh bridges (bnc#1012382).
- perf/bpf: Convert perf_event_array to use struct file (bsc#1119967).
- perf/core: Do not leak event in the syscall error path (bnc#1012382).
- perf/core: Do not WARN() for impossible ring-buffer sizes (bnc#1012382).
- perf/core: Fix impossible ring-buffer sizes warning (bnc#1012382).
- perf intel-pt: Fix error with config term 'pt=0' (bnc#1012382).
- perf parse-events: Fix unchecked usage of strncpy() (bnc#1012382).
- perf pmu: Suppress potential format-truncation warning (bnc#1012382).
- perf/ring_buffer: Prevent concurent ring buffer access (bnc#1012382).
- perf svghelper: Fix unchecked usage of strncpy() (bnc#1012382).
- perf tests evsel-tp-sched: Fix bitwise operator (bnc#1012382).
- perf tools: Add Hygon Dhyana support (bnc#1012382).
- perf tools: Cleanup trace-event-info 'tdata' leak (bnc#1012382).
- perf tools: Disable parallelism for 'make clean' (bnc#1012382).
- perf tools: Free temporary 'sys' string in read_event_files() (bnc#1012382).
- perf unwind: Take pgoff into account when reporting elf to libdwfl (bnc#1012382).
- perf unwind: Unwind with libdw does not take symfs into account (bnc#1012382).
- perf/x86/intel/uncore: Add Node ID mask (bnc#1012382).
- pinctrl: msm: fix gpio-hog related boot issues (bnc#1012382).
- pinctrl: qcom: spmi-mpp: Fix drive strength setting (bnc#1012382).
- pinctrl: qcom: spmi-mpp: Fix err handling of pmic_mpp_set_mux (bnc#1012382).
- pinctrl: spmi-mpp: Fix pmic_mpp_config_get() to be compliant (bnc#1012382).
- pinctrl: ssbi-gpio: Fix pm8xxx_pin_config_get() to be compliant (bnc#1012382).
- pinctrl: sunxi: a83t: Fix IRQ offset typo for PH11 (bnc#1012382).
- platform/x86: acerhdf: Add BIOS entry for Gateway LT31 v1.3307 (bnc#1012382).
- platform/x86: asus-nb-wmi: Drop mapping of 0x33 and 0x34 scan codes (bnc#1012382).
- platform/x86: asus-nb-wmi: Map 0x35 to KEY_SCREENLOCK (bnc#1012382).
- platform/x86: asus-wmi: Tell the EC the OS will handle the display off hotkey (bnc#1012382).
- platform/x86: thinkpad_acpi: Proper model/release matching (bsc#1099810).
- pm / devfreq: tegra: fix error return code in tegra_devfreq_probe() (bnc#1012382).
- pNFS: Fix a deadlock between read resends and layoutreturn (git-fixes).
- pNFS/flexfiles: Fix up the ff_layout_write_pagelist failure path (git-fixes).
- pNFS/flexfiles: When checking for available DSes, conditionally check for MDS io (git-fixes).
- pnfs: set NFS_IOHDR_REDO in pnfs_read_resend_pnfs (git-fixes).
- powerpc/64s: consolidate MCE counter increment (bsc#1094244).
- powerpc/boot: Ensure _zimage_start is a weak symbol (bnc#1012382).
- powerpc/boot: Fix random libfdt related build errors (bnc#1012382).
- powerpc/boot: Request no dynamic linker for boot wrapper (bsc#1070805).
- powerpc/cacheinfo: Report the correct shared_cpu_map on big-cores (bsc#1109695).
- powerpc: Detect the presence of big-cores via 'ibm, thread-groups' (bsc#1109695).
- powerpc: Fix COFF zImage booting on old powermacs (bnc#1012382).
- powerpc: handle RFI (exrfi and fallback area) and STF (exrfi).
- powerpc, hotplug: Avoid to touch non-existent cpumasks (bsc#1109695).
- powerpc: make use of for_each_node_by_type() instead of open-coding it (bsc#1109695).
- powerpc/mm/radix: Use mm->task_size for boundary checking instead of addr_limit (bsc#1027457).
- powerpc/msi: Fix compile error on mpc83xx (bnc#1012382).
- powerpc/msi: Fix NULL pointer access in teardown code (bnc#1012382).
- powerpc/nohash: fix undefined behaviour when testing page size support (bnc#1012382).
- powerpc/numa: Suppress 'VPHN is not supported' messages (bnc#1012382).
- powerpc/powernv: Do not select the cpufreq governors (bsc#1066223).
- powerpc/powernv: Fix opal_event_shutdown() called with interrupts disabled (bsc#1066223).
- powerpc/powernv/pci: Work around races in PCI bridge enabling (bsc#1066223).
- powerpc/pseries: add of_node_put() in dlpar_detach_node() (bnc#1012382).
- powerpc/pseries/cpuidle: Fix preempt warning (bnc#1012382).
- powerpc/pseries: Fix DTL buffer registration (bsc#1066223).
- powerpc/pseries: Fix how we iterate over the DTL entries (bsc#1066223).
- powerpc/pseries/mobility: Extend start/stop topology update scope (bsc#1116950, bsc#1115709).
- powerpc/setup: Add cpu_to_phys_id array (bsc#1109695).
- powerpc/smp: Add cpu_l2_cache_map (bsc#1109695).
- powerpc/smp: Add Power9 scheduler topology (bsc#1109695).
- powerpc/smp: Rework CPU topology construction (bsc#1109695).
- powerpc/smp: Use cpu_to_chip_id() to find core siblings (bsc#1109695).
- powerpc/traps: restore recoverability of machine_check interrupts (bsc#1094244).
- powerpc/uaccess: fix warning/error with access_ok() (bnc#1012382).
- powerpc: Use cpu_smallcore_sibling_mask at SMT level on bigcores (bsc#1109695).
- powerpc/xmon: Fix invocation inside lock region (bsc#1122885).
- power: supply: olpc_battery: correct the temperature units (bnc#1012382).
- printk: Fix panic caused by passing log_buf_len to command line (bnc#1012382).
- proc: Remove empty line in /proc/self/status (bnc#1012382 bsc#1094823).
- Provide a temporary fix for STIBP on-by-default See bsc#1116497 for details.
- pstore: Convert console write to use ->write_buf (bnc#1012382).
- pstore/ram: Do not treat empty buffers as valid (bnc#1012382).
- ptp: check gettime64 return code in PTP_SYS_OFFSET ioctl (bnc#1012382).
- ptp: fix Spectre v1 vulnerability (bnc#1012382).
- pxa168fb: prepare the clock (bnc#1012382).
- qed: Fix bitmap_weight() check (bsc#1019695).
- qed: Fix PTT leak in qed_drain() (bnc#1012382).
- qed: Fix QM getters to always return a valid pq (bsc#1019695 ).
- qed: Fix reading wrong value in loop condition (bnc#1012382).
- r8152: Check for supported Wake-on-LAN Modes (bnc#1012382).
- r8169: Add support for new Realtek Ethernet (bnc#1012382).
- r8169: fix NAPI handling under high load (bnc#1012382).
- rapidio/rionet: do not free skb before reading its length (bnc#1012382).
- rbd: do not return 0 on unmap if RBD_DEV_FLAG_REMOVING is set (bsc#1125808).
- rcu: Force boolean subscript for expedited stall warnings (bnc#1012382).
- RDMA/bnxt_re: Fix a couple off by one bugs (bsc#1020413, ).
- RDMA/bnxt_re: Synchronize destroy_qp with poll_cq (bsc#1125446).
- RDMA/ucma: Fix Spectre v1 vulnerability (bnc#1012382).
- Refresh patches.kabi/x86-cpufeature-preserve-numbers.patch. (bsc#1122651)
- reiserfs: propagate errors from fill_with_dentries() properly (bnc#1012382).
- Revert 'Bluetooth: h5: Fix missing dependency on BT_HCIUART_SERDEV' (bnc#1012382).
- Revert 'ceph: fix dentry leak in splice_dentry()' (bsc#1114839).
- Revert 'cifs: In Kconfig CONFIG_CIFS_POSIX needs depends on legacy (insecure cifs)' (bnc#1012382).
- Revert 'drm/rockchip: Allow driver to be shutdown on reboot/kexec' (bsc#1106929)
- Revert 'exec: load_script: do not blindly truncate shebang string' (bnc#1012382).
- Revert 'Input: elan_i2c - add ACPI ID for touchpad in ASUS Aspire F5-573G' (bnc#1012382).
- Revert 'iommu/io-pgtable-arm: Check for v7s-incapable systems' (bsc#1106105).
- Revert 'loop: Fix double mutex_unlock(&loop_ctl_mutex) in loop_control_ioctl()' (bnc#1012382).
- Revert 'loop: Fold __loop_release into loop_release' (bnc#1012382).
- Revert 'loop: Get rid of loop_index_mutex' (bnc#1012382).
- Revert 'media: videobuf2-core: do not call memop 'finish' when queueing' (bnc#1012382).
- Revert 'mmc: bcm2835: Fix DMA channel leak on probe error (bsc#1120902).' The backport patch does not built properly.
- Revert 'PCI/ASPM: Do not initialize link state when aspm_disabled is set' (bsc#1106105).
- Revert 'usb: musb: musb_host: Enable HCD_BH flag to handle urb return in bottom half' (bsc#1047487).
- Revert 'wlcore: Add missing PM call for wlcore_cmd_wait_for_event_or_timeout()' (bnc#1012382).
- rhashtable: Add rhashtable_lookup() (bnc#1012382).
- rhashtable: add rhashtable_lookup_get_insert_key() (bnc#1012382 bsc#1042286).
- rhashtable: add schedule points (bnc#1012382).
- rhashtable: reorganize struct rhashtable layout (bnc#1012382).
- rocker: fix rocker_tlv_put_* functions for KASAN (bnc#1012382).
- rpcrdma: Add RPCRDMA_HDRLEN_ERR (git-fixes).
- rps: flow_dissector: Fix uninitialized flow_keys used in __skb_get_hash possibly (bsc#1042286 bsc#1108145).
- rtc: hctosys: Add missing range error reporting (bnc#1012382).
- rtc: snvs: add a missing write sync (bnc#1012382).
- rtc: snvs: Add timeouts to avoid kernel lockups (bnc#1012382).
- rtnetlink: Disallow FDB configuration for non-Ethernet device (bnc#1012382).
- rtnetlink: ndo_dflt_fdb_dump() only work for ARPHRD_ETHER devices (bnc#1012382).
- s390/cpum_cf: Reject request for sampling in event initialization (bnc#1012382).
- s390/early: improve machine detection (bnc#1012382).
- s390/mm: Check for valid vma before zapping in gmap_discard (bnc#1012382).
- s390/mm: Fix ERROR: '__node_distance' undefined! (bnc#1012382).
- s390: qeth_core_mpc: Use ARRAY_SIZE instead of reimplementing its function (bnc#1114475, LTC#172682).
- s390/qeth: fix HiperSockets sniffer (bnc#1114475, LTC#172953).
- s390/qeth: fix length check in SNMP processing (bnc#1012382).
- s390: qeth: Fix potential array overrun in cmd/rc lookup (bnc#1114475, LTC#172682).
- s390/smp: Fix calling smp_call_ipl_cpu() from ipl CPU (bnc#1012382).
- s390/smp: fix CPU hotplug deadlock with CPU rescan (bnc#1012382).
- s390/vdso: add missing FORCE to build targets (bnc#1012382).
- sata_rcar: fix deferred probing (bnc#1012382).
- sbus: char: add of_node_put() (bnc#1012382).
- sc16is7xx: Fix for multi-channel stall (bnc#1012382).
- sched/cgroup: Fix cgroup entity load tracking tear-down (bnc#1012382).
- sched/fair: Fix throttle_list starvation with low CFS quota (bnc#1012382).
- sched/wake_q: Document wake_q_add() (bsc#1050549).
- sched/wake_q: Fix wakeup ordering for wake_q (bsc#1050549).
- sched/wake_q: Reduce reference counting for special users (bsc#1050549).
- sch_red: update backlog as well (bnc#1012382).
- scripts/decode_stacktrace: only strip base path when a prefix of the path (bnc#1012382).
- scripts/git_sort/git_sort.py: Add mkp/scsi 5.0/scsi-fixes
- scsi: aacraid: Fix typo in blink status (bnc#1012382).
- scsi: bfa: convert to strlcpy/strlcat (bnc#1012382 bsc#1019683, ).
- scsi: bnx2fc: Fix NULL dereference in error handling (bnc#1012382).
- scsi: core: Allow state transitions from OFFLINE to BLOCKED (bsc#1112246).
- scsi: Create two versions of scsi_internal_device_unblock() (bsc#1119877).
- scsi: csiostor: Avoid content leaks and casts (bnc#1012382).
- scsi: esp_scsi: Track residual for PIO transfers (bnc#1012382).
- scsi: Introduce scsi_start_queue() (bsc#1119877).
- scsi: libfc: check fc_frame_payload_get() return value for null (bsc#1103624, bsc#1104731).
- scsi: libfc: retry PRLI if we cannot analyse the payload (bsc#1104731).
- scsi: libiscsi: Fix NULL pointer dereference in iscsi_eh_session_reset (bnc#1012382).
- scsi: lpfc: Add Buffer overflow check, when nvme_info larger than PAGE_SIZE (bsc#1102660).
- scsi: lpfc: Correct LCB RJT handling (bnc#1012382).
- scsi: lpfc: Correct MDS diag and nvmet configuration (bsc#1125796).
- scsi: lpfc: Correct soft lockup when running mds diagnostics (bnc#1012382).
- scsi: lpfc: devloss timeout race condition caused null pointer reference (bsc#1102660).
- scsi: lpfc: Fix abort error path for NVMET (bsc#1102660).
- scsi: lpfc: fix block guard enablement on SLI3 adapters (bsc#1079935).
- scsi: lpfc: Fix driver crash when re-registering NVME rports (bsc#1102660).
- scsi: lpfc: Fix ELS abort on SLI-3 adapters (bsc#1102660).
- scsi: lpfc: Fix list corruption on the completion queue (bsc#1102660).
- scsi: lpfc: Fix NVME Target crash in defer rcv logic (bsc#1102660).
- scsi: lpfc: Fix panic if driver unloaded when port is offline (bsc#1102660).
- scsi: lpfc: update driver version to 11.4.0.7-5 (bsc#1102660).
- scsi: Make __scsi_remove_device go straight from BLOCKED to DEL (bsc#1119877).
- scsi: megaraid: fix out-of-bound array accesses (bnc#1012382).
- scsi: megaraid_sas: fix a missing-check bug (bnc#1012382).
- scsi: mpt3sas: Add an I/O barrier (bsc#1117108).
- scsi: mpt3sas: Added support for nvme encapsulated request message (bsc#1117108).
- scsi: mpt3sas: Added support for SAS Device Discovery Error Event (bsc#1117108).
- scsi: mpt3sas: Adding support for SAS3616 HBA device (bsc#1117108).
- scsi: mpt3sas: Add ioc_<level> logging macros (bsc#1117108).
- scsi: mpt3sas: Add nvme device support in slave alloc, target alloc and probe (bsc#1117108).
- scsi: mpt3sas: Add PCI device ID for Andromeda (bsc#1117108).
- scsi: mpt3sas: Add-Task-management-debug-info-for-NVMe-drives (bsc#1117108).
- scsi: mpt3sas: Allow processing of events during driver unload (bsc#1117108).
- scsi: mpt3sas: always use first reserved smid for ioctl passthrough (bsc#1117108).
- scsi: mpt3sas: Annotate switch/case fall-through (bsc#1117108).
- scsi: mpt3sas: API's to remove nvme drive from sml (bsc#1117108).
- scsi: mpt3sas: API 's to support NVMe drive addition to SML (bsc#1117108).
- scsi: mpt3sas: As per MPI-spec, use combined reply queue for SAS3.5 controllers when HBA supports more than 16 MSI-x vectors (bsc#1117108).
- scsi: mpt3sas: Bug fix for big endian systems (bsc#1117108).
- scsi: mpt3sas: Bump mpt3sas driver version to v16.100.00.00 (bsc#1117108).
- scsi: mpt3sas: Cache enclosure pages during enclosure add (bsc#1117108).
- scsi: mpt3sas: check command status before attempting abort (bsc#1117108).
- scsi: mpt3sas: clarify mmio pointer types (bsc#1117108).
- scsi: mpt3sas: cleanup _scsih_pcie_enumeration_event() (bsc#1117108).
- scsi: mpt3sas: Configure reply post queue depth, DMA and sgl tablesize (bsc#1117108).
- scsi: mpt3sas: Convert logging uses with MPT3SAS_FMT and reply_q_name to %s: (bsc#1117108).
- scsi: mpt3sas: Convert logging uses with MPT3SAS_FMT without logging levels (bsc#1117108).
- scsi: mpt3sas: Convert mlsleading uses of pr_<level> with MPT3SAS_FMT (bsc#1117108).
- scsi: mpt3sas: Convert uses of pr_<level> with MPT3SAS_FMT to ioc_<level> (bsc#1117108).
- scsi: mpt3sas: Display chassis slot information of the drive (bsc#1117108).
- scsi: mpt3sas: Do not abort I/Os issued to NVMe drives while processing Async Broadcast primitive event (bsc#1117108).
- scsi: mpt3sas: Do not access the structure after decrementing it's instance reference count (bsc#1117108).
- scsi: mpt3sas: Do not use 32-bit atomic request descriptor for Ventura controllers (bsc#1117108).
- scsi: mpt3sas: Enhanced handling of Sense Buffer (bsc#1117108).
- scsi: mpt3sas: fix an out of bound write (bsc#1117108).
- scsi: mpt3sas: Fix a race condition in mpt3sas_base_hard_reset_handler() (bsc#1117108).
- scsi: mpt3sas: Fix calltrace observed while running IO & reset (bsc#1117108).
- scsi: mpt3sas: fix dma_addr_t casts (bsc#1117108).
- scsi: mpt3sas: Fixed memory leaks in driver (bsc#1117108).
- scsi: mpt3sas: Fix, False timeout prints for ioctl and other internal commands during controller reset (bsc#1117108).
- scsi: mpt3sas: fix format overflow warning (bsc#1117108).
- scsi: mpt3sas: Fix indentation (bsc#1117108).
- scsi: mpt3sas: Fix memory allocation failure test in 'mpt3sas_base_attach()' (bsc#1117108).
- scsi: mpt3sas: Fix nvme drives checking for tlr (bsc#1117108).
- scsi: mpt3sas: fix oops in error handlers after shutdown/unload (bsc#1117108).
- scsi: mpt3sas: Fix possibility of using invalid Enclosure Handle for SAS device after host reset (bsc#1117108).
- scsi: mpt3sas: fix possible memory leak (bsc#1117108).
- scsi: mpt3sas: fix pr_info message continuation (bsc#1117108).
- scsi: mpt3sas: Fix removal and addition of vSES device during host reset (bsc#1117108).
- scsi: mpt3sas: Fix sparse warnings (bsc#1117108).
- scsi: mpt3sas: fix spelling mistake: 'disbale' -> 'disable' (bsc#1117108).
- scsi: mpt3sas: For NVME device, issue a protocol level reset (bsc#1117108).
- scsi: mpt3sas: Handle NVMe PCIe device related events generated from firmware (bsc#1117108).
- scsi: mpt3sas: Improve kernel-doc headers (bsc#1117108).
- scsi: mpt3sas: Incorrect command status was set/marked as not used (bsc#1117108).
- scsi: mpt3sas: Increase event log buffer to support 24 port HBA's (bsc#1117108).
- scsi: mpt3sas: Introduce API to get BAR0 mapped buffer address (bsc#1117108).
- scsi: mpt3sas: Introduce Base function for cloning (bsc#1117108).
- scsi: mpt3sas: Introduce function to clone mpi reply (bsc#1117108).
- scsi: mpt3sas: Introduce function to clone mpi request (bsc#1117108).
- scsi: mpt3sas: Introduce mpt3sas_get_st_from_smid() (bsc#1117108).
- scsi: mpt3sas: Introduce struct mpt3sas_nvme_cmd (bsc#1117108).
- scsi: mpt3sas: Lockless access for chain buffers (bsc#1117108).
- scsi: mpt3sas: lockless command submission (bsc#1117108).
- scsi: mpt3sas: make function _get_st_from_smid static (bsc#1117108).
- scsi: mpt3sas: NVMe drive support for BTDHMAPPING ioctl command and log info (bsc#1117108).
- scsi: mpt3sas: open-code _scsih_scsi_lookup_get() (bsc#1117108).
- scsi: mpt3sas: Optimize I/O memory consumption in driver (bsc#1117108).
- scsi: mpt3sas: Pre-allocate RDPQ Array at driver boot time (bsc#1117108).
- scsi: mpt3sas: Processing of Cable Exception events (bsc#1117108).
- scsi: mpt3sas: Reduce memory footprint in kdump kernel (bsc#1117108).
- scsi: mpt3sas: remove a stray KERN_INFO (bsc#1117108).
- scsi: mpt3sas: Remove KERN_WARNING from panic uses (bsc#1117108).
- scsi: mpt3sas: remove redundant copy_from_user in _ctl_getiocinfo (bsc#1117108).
- scsi: mpt3sas: remove redundant wmb (bsc#1117108).
- scsi: mpt3sas: Remove set-but-not-used variables (bsc#1117108).
- scsi: mpt3sas: Remove unnecessary parentheses and simplify null checks (bsc#1117108).
- scsi: mpt3sas: Remove unused macro MPT3SAS_FMT (bsc#1117108).
- scsi: mpt3sas: Remove unused variable requeue_event (bsc#1117108).
- scsi: mpt3sas: Replace PCI pool old API (bsc#1117108).
- scsi: mpt3sas: Replace PCI pool old API (bsc#1117108).
- scsi: mpt3sas: Report Firmware Package Version from HBA Driver (bsc#1117108).
- scsi: mpt3sas: scan and add nvme device after controller reset (bsc#1117108).
- scsi: mpt3sas: separate out _base_recovery_check() (bsc#1117108).
- scsi: mpt3sas: set default value for cb_idx (bsc#1117108).
- scsi: mpt3sas: Set NVMe device queue depth as 128 (bsc#1117108).
- scsi: mpt3sas: SGL to PRP Translation for I/Os to NVMe devices (bsc#1117108).
- scsi: mpt3sas: simplify mpt3sas_scsi_issue_tm() (bsc#1117108).
- scsi: mpt3sas: simplify task management functions (bsc#1117108).
- scsi: mpt3sas: simplify _wait_for_commands_to_complete() (bsc#1117108).
- scsi: mpt3sas: Split _base_reset_handler(), mpt3sas_scsih_reset_handler() and mpt3sas_ctl_reset_handler() (bsc#1117108).
- scsi: mpt3sas: Swap I/O memory read value back to cpu endianness (bsc#1117108).
- scsi: mpt3sas: switch to generic DMA API (bsc#1117108).
- scsi: mpt3sas: switch to pci_alloc_irq_vectors (bsc#1117108).
- scsi: mpt3sas: Updated MPI headers to v2.00.48 (bsc#1117108).
- scsi: mpt3sas: Update driver version '25.100.00.00' (bsc#1117108).
- scsi: mpt3sas: Update driver version '26.100.00.00' (bsc#1117108).
- scsi: mpt3sas: Update MPI Headers (bsc#1117108).
- scsi: mpt3sas: Update mpt3sas driver version (bsc#1117108).
- scsi: mpt3sas: Use dma_pool_zalloc (bsc#1117108).
- scsi: mpt3sas: use list_splice_init() (bsc#1117108).
- scsi: mpt3sas: wait for and flush running commands on shutdown/unload (bsc#1117108).
- scsi: Protect SCSI device state changes with a mutex (bsc#1119877).
- scsi: qedi: Add ISCSI_BOOT_SYSFS to Kconfig (bsc#1043083).
- scsi: qla2xxx: Fix crashes in qla2x00_probe_one on probe failure (bsc#1094973).
- scsi: qla2xxx: Fix deadlock between ATIO and HW lock (bsc#1125794).
- scsi: qla2xxx: Fix incorrect port speed being set for FC adapters (bnc#1012382).
- scsi: qla2xxx: Fix small memory leak in qla2x00_probe_one on probe failure (bsc#1094973).
- scsi: Re-export scsi_internal_device_{,un}_block() (bsc#1119877).
- scsi: sd: Fix cache_type_store() (bnc#1012382).
- scsi: Split scsi_internal_device_block() (bsc#1119877).
- scsi: target: add emulate_pr backstore attr to toggle PR support (bsc#1091405).
- scsi: target: drop unused pi_prot_format attribute storage (bsc#1091405).
- scsi: target: make the pi_prot_format ConfigFS path readable (bsc#1123933).
- scsi: target: use consistent left-aligned ASCII INQUIRY data (bnc#1012382).
- scsi: ufs: fix bugs related to null pointer access and array size (bnc#1012382).
- scsi: ufs: fix race between clock gating and devfreq scaling work (bnc#1012382).
- scsi: ufshcd: Fix race between clk scaling and ungate work (bnc#1012382).
- scsi: ufshcd: release resources if probe fails (bnc#1012382).
- scsi: use 'inquiry_mutex' instead of 'state_mutex' (bsc#1119877).
- scsi: vmw_pscsi: Rearrange code to avoid multiple calls to free_irq during unload (bnc#1012382).
- scsi: zfcp: fix posting too many status read buffers leading to adapter shutdown (bnc#1012382).
- sctp: allocate sctp_sockaddr_entry with kzalloc (bnc#1012382).
- sctp: clear the transport of some out_chunk_list chunks in sctp_assoc_rm_peer (bnc#1012382).
- sctp: fix race on sctp_id2asoc (bnc#1012382).
- sctp: initialize sin6_flowinfo for ipv6 addrs in sctp_inet6addr_event (bnc#1012382).
- sd: disable logical block provisioning if 'lbpme' is not set (bsc#1086095 bsc#1078355).
- selftests: ftrace: Add synthetic event syntax testcase (bnc#1012382).
- selftests: Move networking/timestamping from Documentation (bnc#1012382).
- selinux: fix GPF on invalid policy (bnc#1012382).
- seq_buf: Make seq_buf_puts() null-terminate the buffer (bnc#1012382).
- seq_file: fix incomplete reset on read from zero offset (Git-fixes).
- ser_gigaset: use container_of() instead of detour (bnc#1012382).
- serial: fsl_lpuart: clear parity enable bit when disable parity (bnc#1012382).
- signal: Always deliver the kernel's SIGKILL and SIGSTOP to a pid namespace init (bnc#1012382).
- signal: Always notice exiting tasks (bnc#1012382).
- signal: Better detection of synchronous signals (bnc#1012382).
- signal/GenWQE: Fix sending of SIGKILL (bnc#1012382).
- signal: Restore the stop PTRACE_EVENT_EXIT (bnc#1012382).
- skge: potential memory corruption in skge_get_regs() (bnc#1012382).
- slab: alien caches must not be initialized if the allocation of the alien cache failed (bnc#1012382).
- smack: fix access permissions for keyring (bnc#1012382).
- smb3: allow stats which track session and share reconnects to be reset (bnc#1012382).
- smb3: do not attempt cifs operation in smb3 query info error path (bnc#1012382).
- smb3: on kerberos mount if server does not specify auth type use krb5 (bnc#1012382).
- smsc75xx: Check for Wake-on-LAN modes (bnc#1012382).
- smsc95xx: Check for Wake-on-LAN modes (bnc#1012382).
- smsc95xx: Use skb_cow_head to deal with cloned skbs (bnc#1012382).
- sock: Make sock->sk_stamp thread-safe (bnc#1012382).
- soc/tegra: Do not leak device tree node reference (bnc#1012382).
- soc/tegra: pmc: Fix child-node lookup (bnc#1012382).
- sparc64: Fix exception handling in UltraSPARC-III memcpy (bnc#1012382).
- sparc64 mm: Fix more TSB sizing issues (bnc#1012382).
- sparc: Fix single-pcr perf event counter management (bnc#1012382).
- sparc/pci: Refactor dev_archdata initialization into pci_init_dev_archdata (bnc#1012382).
- spi: bcm2835: Avoid finishing transfer prematurely in IRQ mode (bnc#1012382).
- spi: bcm2835: Fix book-keeping of DMA termination (bnc#1012382).
- spi: bcm2835: Fix race on DMA termination (bnc#1012382).
- spi: bcm2835: Unbreak the build of esoteric configs (bnc#1012382).
- spi/bcm63xx: fix error return code in bcm63xx_spi_probe() (bnc#1012382).
- spi/bcm63xx-hspi: fix error return code in bcm63xx_hsspi_probe() (bnc#1012382).
- spi: xlp: fix error return code in xlp_spi_probe() (bnc#1012382).
- sr9800: Check for supported Wake-on-LAN modes (bnc#1012382).
- sr: pass down correctly sized SCSI sense buffer (bnc#1012382).
- staging:iio:ad2s90: Make probe handle spi_setup failure (bnc#1012382).
- staging: iio: ad7780: update voltage on read (bnc#1012382).
- staging: iio: adc: ad7280a: handle error from __ad7280_read32() (bnc#1012382).
- staging: lustre: remove two build warnings (bnc#1012382).
- staging: rtl8188eu: Add device code for D-Link DWA-121 rev B1 (bnc#1012382).
- staging: rts5208: fix gcc-8 logic error warning (bnc#1012382).
- staging: speakup: Replace strncpy with memcpy (bnc#1012382).
- sunrpc: correct the computation for page_ptr when truncating (bnc#1012382).
- sunrpc: drop pointless static qualifier in xdr_get_next_encode_buffer() (bnc#1012382).
- sunrpc: Fix a bogus get/put in generic_key_to_expire() (bnc#1012382).
- sunrpc: Fix a potential race in xprt_connect() (git-fixes).
- sunrpc: fix cache_head leak due to queued request (bnc#1012382).
- sunrpc: Fix leak of krb5p encode pages (bnc#1012382).
- sunrpc: handle ENOMEM in rpcb_getport_async (bnc#1012382).
- sunvdc: Do not spin in an infinite loop when vio_ldc_send() returns EAGAIN (bnc#1012382).
- svcrdma: Remove unused variable in rdma_copy_tail() (git-fixes).
- swim: fix cleanup on setup error (bnc#1012382).
- swiotlb: clean up reporting (bnc#1012382).
- sysfs: Disable lockdep for driver bind/unbind files (bnc#1012382).
- sysv: return 'err' instead of 0 in __sysv_write_inode (bnc#1012382).
- target/iscsi: avoid NULL dereference in CHAP auth error path (bsc#1117165).
- target: se_dev_attrib.emulate_pr ABI stability (bsc#1091405).
- tcp: fix NULL ref in tail loss probe (bnc#1012382).
- TC: Set DMA masks for devices (bnc#1012382).
- termios, tty/tty_baudrate.c: fix buffer overrun (bnc#1012382).
- test_hexdump: use memcpy instead of strncpy (bnc#1012382).
- tg3: Add PHY reset for 5717/5719/5720 in change ring and flow control paths (bnc#1012382).
- thermal: allow spear-thermal driver to be a module (bnc#1012382).
- thermal: allow u8500-thermal driver to be a module (bnc#1012382).
- thermal: hwmon: inline helpers when CONFIG_THERMAL_HWMON is not set (bnc#1012382).
- timekeeping: Use proper seqcount initializer (bnc#1012382).
- timer/debug: Change /proc/timer_list from 0444 to 0400 (bnc#1012382).
- tipc: fix uninit-value in tipc_nl_compat_bearer_enable (bnc#1012382).
- tipc: fix uninit-value in tipc_nl_compat_doit (bnc#1012382).
- tipc: fix uninit-value in tipc_nl_compat_link_reset_stats (bnc#1012382).
- tipc: fix uninit-value in tipc_nl_compat_link_set (bnc#1012382).
- tipc: fix uninit-value in tipc_nl_compat_name_table_dump (bnc#1012382).
- tipc: use destination length for copy string (bnc#1012382).
- tmpfs: make lseek(SEEK_DATA/SEK_HOLE) return ENXIO with a negative offset (bnc#1012382).
- tpm: fix response size validation in tpm_get_random() (bsc#1020645, git-fixes).
- tpm: suppress transmit cmd error logs when TPM 1.2 is disabled/deactivated (bnc#1012382).
- tracing: Fix bad use of igrab in trace_uprobe.c (bsc#1120046).
- tracing: Fix memory leak in set_trigger_filter() (bnc#1012382).
- tracing: Fix memory leak of instance function hash filters (bnc#1012382).
- tracing: Skip more functions when doing stack tracing of events (bnc#1012382).
- tracing/uprobes: Fix output for multiple string arguments (bnc#1012382).
- tty: check name length in tty_find_polling_driver() (bnc#1012382).
- tty: Do not block on IO when ldisc change is pending (bnc#1105428).
- tty: Do not hold ldisc lock in tty_reopen() if ldisc present (bnc#1105428).
- tty: fix data race between tty_init_dev and flush of buf (bnc#1105428).
- tty: Handle problem if line discipline does not have receive_buf (bnc#1012382).
- tty: Hold tty_ldisc_lock() during tty_reopen() (bnc#1105428).
- tty/ldsem: Add lockdep asserts for ldisc_sem (bnc#1105428).
- tty/ldsem: Convert to regular lockdep annotations (bnc#1105428).
- tty/ldsem: Decrement wait_readers on timeouted down_read() (bnc#1105428).
- tty/ldsem: Wake up readers after timed out down_write() (bnc#1012382).
- tty/n_hdlc: fix __might_sleep warning (bnc#1012382).
- tty: serial: 8250_mtk: always resume the device in probe (bnc#1012382).
- tty: serial: samsung: Properly set flags in autoCTS mode (bnc#1012382).
- tty: serial: sprd: fix error return code in sprd_probe() (bnc#1012382).
- tty: Simplify tty->count math in tty_reopen() (bnc#1105428).
- tty: wipe buffer (bnc#1012382).
- tty: wipe buffer if not echoing data (bnc#1012382).
- tun: Consistently configure generic netdev params via rtnetlink (bnc#1012382).
- tun: forbid iface creation with rtnl ops (bnc#1012382).
- uapi/if_ether.h: move __UAPI_DEF_ETHHDR libc define (bnc#1012382).
- uapi/if_ether.h: prevent redefinition of struct ethhdr (bnc#1012382).
- ucc_geth: Reset BQL queue when stopping device (bnc#1012382).
- udf: Fix BUG on corrupted inode (bnc#1012382).
- uio: ensure class is registered before devices (bnc#1012382).
- uio: Fix an Oops on load (bnc#1012382).
- uio: make symbol 'uio_class_registered' static (git-fixes).
- um: Avoid longjmp/setjmp symbol clashes with libpthread.a (bnc#1012382).
- um: Avoid marking pages with 'changed protection' (bnc#1012382).
- um: Give start_idle_thread() a return code (bnc#1012382).
- unifdef: use memcpy instead of strncpy (bnc#1012382).
- Update ibmvnic: Fix RX queue buffer cleanup (bsc#1115440, bsc#1115433).
- uprobes: Fix handle_swbp() vs. unregister() + register() race once more (bnc#1012382).
- usb: Add USB_QUIRK_DELAY_CTRL_MSG quirk for Corsair K70 RGB (bnc#1012382).
- usb: appledisplay: Add 27' Apple Cinema Display (bnc#1012382).
- usb: cdc-acm: add entry for Hiro (Conexant) modem (bnc#1012382).
- usb: cdc-acm: send ZLP for Telit 3G Intel based modems (bnc#1012382).
- usb: check usb_get_extra_descriptor for proper size (bnc#1012382).
- usb: chipidea: Prevent unbalanced IRQ disable (bnc#1012382).
- usb: core: Fix hub port connection events lost (bnc#1012382).
- usb: core: quirks: add RESET_RESUME quirk for Cherry G230 Stream series (bnc#1012382).
- usb: dwc2: Remove unnecessary kfree (bnc#1012382).
- usb: dwc3: omap: fix error return code in dwc3_omap_probe() (bnc#1012382).
- usb: ehci-omap: fix error return code in ehci_hcd_omap_probe() (bnc#1012382).
- usb: fix the usbfs flag sanitization for control transfers (bnc#1012382).
- usb: gadget: dummy: fix nonsensical comparisons (bnc#1012382).
- usb: gadget: storage: Fix Spectre v1 vulnerability (bnc#1012382).
- usb: gadget: udc: net2272: Fix bitwise and boolean operations (bnc#1012382).
- usb: hub: delay hub autosuspend if USB3 port is still link training (bnc#1012382).
- usb: imx21-hcd: fix error return code in imx21_probe() (bnc#1012382).
- usb: misc: appledisplay: add 20' Apple Cinema Display (bnc#1012382).
- usbnet: ipheth: fix potential recvmsg bug and recvmsg bug 2 (bnc#1012382).
- usb: omap_udc: fix crashes on probe error and module removal (bnc#1012382).
- usb: omap_udc: fix omap_udc_start() on 15xx machines (bnc#1012382).
- usb: omap_udc: fix USB gadget functionality on Palm Tungsten E (bnc#1012382).
- usb: omap_udc: use devm_request_irq() (bnc#1012382).
- usb: phy: am335x: fix race condition in _probe (bnc#1012382).
- usb: quirk: add no-LPM quirk on SanDisk Ultra Flair device (bnc#1012382).
- usb: quirks: Add delay-init quirk for Corsair K70 LUX RGB (bnc#1012382).
- usb: quirks: Add no-lpm quirk for Raydium touchscreens (bnc#1012382).
- usb: r8a66597: Fix a possible concurrency use-after-free bug in r8a66597_endpoint_disable() (bnc#1012382).
- usb: serial: option: add Fibocom NL668 series (bnc#1012382).
- usb: serial: option: add Fibocom NL678 series (bnc#1012382).
- usb: serial: option: add GosunCn ZTE WeLink ME3630 (bnc#1012382).
- usb: serial: option: add HP lt4132 (bnc#1012382).
- usb: serial: option: add Simcom SIM7500/SIM7600 (MBIM mode) (bnc#1012382).
- usb: serial: option: add Telit LN940 series (bnc#1012382).
- usb: serial: pl2303: add ids for Hewlett-Packard HP POS pole displays (bnc#1012382).
- usb: serial: pl2303: add new PID to support PL2303TB (bnc#1012382).
- usb: serial: simple: add Motorola Tetra TPG2200 device id (bnc#1012382).
- usb: storage: add quirk for SMI SM3350 (bnc#1012382).
- usb: storage: do not insert sane sense for SPC3+ when bad sense specified (bnc#1012382).
- usb-storage: fix bogus hardware error messages for ATA pass-thru devices (bnc#1012382).
- usb: usb-storage: Add new IDs to ums-realtek (bnc#1012382).
- usb: xhci: fix timeout for transition from RExit to U0 (bnc#1012382).
- usb: xhci: fix uninitialized completion when USB3 port got wrong status (bnc#1012382).
- usb: xhci: Prevent bus suspend if a port connect change or polling state is detected (bnc#1012382).
- v9fs_dir_readdir: fix double-free on p9stat_read error (bnc#1012382).
- vfs: Avoid softlockups in drop_pagecache_sb() (bsc#1118505).
- vhost: Fix Spectre V1 vulnerability (bnc#1012382).
- vhost: make sure used idx is seen before log in vhost_add_used_n() (bnc#1012382).
- vhost/scsi: truncate T10 PI iov_iter to prot_bytes (bnc#1012382).
- video: clps711x-fb: release disp device node in probe() (bnc#1012382).
- video: fbdev: pxa3xx_gcu: fix error return code in pxa3xx_gcu_probe() (bnc#1012382).
- virtio/s390: avoid race on vcdev->config (bnc#1012382).
- virtio/s390: fix race in ccw_io_helper() (bnc#1012382).
- VSOCK: Send reset control packet when socket is partially bound (bnc#1012382).
- vti6: flush x-netns xfrm cache when vti interface is removed (bnc#1012382).
- vt: invoke notifier on screen size change (bnc#1012382).
- w1: omap-hdq: fix missing bus unregister at removal (bnc#1012382).
- writeback: do not decrement wb->refcnt if !wb->bdi (git fixes (writeback)).
- x86/a.out: Clear the dump structure initially (bnc#1012382).
- x86: boot: Fix EFI stub alignment (bnc#1012382).
- x86/boot: #undef memcpy() et al in string.c (bnc#1012382).
- x86/build: Fix stack alignment for CLang (bnc#1012382).
- x86/build: Specify stack alignment for clang (bnc#1012382).
- x86/build: Use __cc-option for boot code compiler options (bnc#1012382).
- x86/build: Use cc-option to validate stack alignment parameter (bnc#1012382).
- x86/corruption-check: Fix panic in memory_corruption_check() when boot option without value is provided (bnc#1012382).
- x86/earlyprintk/efi: Fix infinite loop on some screen widths (bnc#1012382).
- x86/entry: spell EBX register correctly in documentation (bnc#1012382).
- x86/fpu: Add might_fault() to user_insn() (bnc#1012382).
- x86/kaslr: Fix incorrect i8254 outb() parameters (bnc#1012382).
- x86/kbuild: Use cc-option to enable -falign-{jumps/loops} (bnc#1012382).
- x86/kconfig: Fall back to ticket spinlocks (bnc#1012382).
- x86/MCE: Export memory_error() (bsc#1114648).
- x86/MCE: Initialize mce.bank in the case of a fatal error in mce_no_way_out() (bnc#1012382).
- x86/MCE: Make correctable error detection look at the Deferred bit (bsc#1114648).
- x86/mm/kaslr: Use the _ASM_MUL macro for multiplication to work around Clang incompatibility (bnc#1012382).
- x86/mm/pat: Prevent hang during boot when mapping pages (bnc#1012382).
- x86/mtrr: Do not copy uninitialized gentry fields back to userspace (bnc#1012382).
- x86/PCI: Fix Broadcom CNB20LE unintended sign extension (redux) (bnc#1012382).
- x86/pkeys: Properly copy pkey state at fork() (bsc#1106105).
- x86/platform/UV: Use efi_runtime_lock to serialise BIOS calls (bnc#1012382).
- x86: respect memory size limiting via mem= parameter (bsc#1117645).
- x86/speculation/l1tf: Drop the swap storage limit restriction when l1tf=off (bnc#1114871).
- x86/speculation: Use synthetic bits for IBRS/IBPB/STIBP (bnc#1012382).
- x86/xen: dont add memory above max allowed allocation (bsc#1117645).
- xen/balloon: Support xend-based toolstack (bnc#1065600).
- xen/blkfront: avoid NULL blkfront_info dereference on device removal (bsc#1111062).
- xen: fix race in xen_qlock_wait() (bnc#1012382).
- xen: fix xen_qlock_wait() (bnc#1012382).
- xen: make xen_qlock_wait() nestable (bnc#1012382).
- xen/netback: dont overflow meta array (bnc#1099523).
- xen/netfront: tolerate frags with no data (bnc#1012382).
- xen-swiotlb: use actually allocated size on check physical continuous (bnc#1012382).
- xen/x86: add diagnostic printout to xen_mc_flush() in case of error (bnc#1116183).
- xen: xlate_mmu: add missing header to fix 'W=1' warning (bnc#1012382).
- xfrm6: call kfree_skb when skb is toobig (bnc#1012382).
- xfrm6_tunnel: Fix spi check in __xfrm6_tunnel_alloc_spi (bnc#1012382).
- xfrm: Clear sk_dst_cache when applying per-socket policy (bnc#1012382).
- xfrm: Fix bucket count reported to userspace (bnc#1012382).
- xfrm: use complete IPv6 addresses for hash (bsc#1109330).
- xfrm: Validate address prefix lengths in the xfrm selector (bnc#1012382).
- xfrm: validate template mode (bnc#1012382).
- xfs: Align compat attrlist_by_handle with native implementation (git-fixes).
- xfs/dmapi: restore event in xfs_getbmap (bsc#1114763).
- xfs: Fix error code in 'xfs_ioc_getbmap()' (git-fixes).
- xfs: fix quotacheck dquot id overflow infinite loop (bsc#1121621).
- xhci: Add quirk to workaround the errata seen on Cavium Thunder-X2 Soc (bsc#1117162).
- xhci: Do not prevent USB2 bus suspend in state check intended for USB3 only (bnc#1012382).
- xhci: Prevent U1/U2 link pm states if exit latency is too long (bnc#1012382).
- xprtrdma: checking for NULL instead of IS_ERR() (git-fixes).
- xprtrdma: Disable pad optimization by default (git-fixes).
- xprtrdma: Disable RPC/RDMA backchannel debugging messages (git-fixes).
- xprtrdma: Fix additional uses of spin_lock_irqsave(rb_lock) (git-fixes).
- xprtrdma: Fix backchannel allocation of extra rpcrdma_reps (git-fixes).
- xprtrdma: Fix Read chunk padding (git-fixes).
- xprtrdma: Fix receive buffer accounting (git-fixes).
- xprtrdma: Reset credit grant properly after a disconnect (git-fixes).
- xprtrdma: rpcrdma_bc_receive_call() should init rq_private_buf.len (git-fixes).
- xprtrdma: Serialize credit accounting again (git-fixes).
- xprtrdma: xprt_rdma_free() must not release backchannel reqs (git-fixes).
- xtensa: add NOTES section to the linker script (bnc#1012382).
- xtensa: enable coprocessors that are being flushed (bnc#1012382).
- xtensa: fix boot parameters address translation (bnc#1012382).
- xtensa: fix coprocessor context offset definitions (bnc#1012382).
- xtensa: make sure bFLT stack is 16 byte aligned (bnc#1012382).
- yama: Check for pid death before checking ancestry (bnc#1012382).
- zram: close udev startup race condition as default groups (bnc#1012382).
- xfrm: refine validation of template and selector families (bnc#1012382).
Patchnames
SUSE-2019-541,SUSE-SLE-DESKTOP-12-SP3-2019-541,SUSE-SLE-HA-12-SP3-2019-541,SUSE-SLE-Live-Patching-12-SP3-2019-541,SUSE-SLE-SDK-12-SP3-2019-541,SUSE-SLE-SERVER-12-SP3-2019-541,SUSE-SLE-WE-12-SP3-2019-541
Terms of use
CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).
{
"document": {
"aggregate_severity": {
"namespace": "https://www.suse.com/support/security/rating/",
"text": "important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright 2024 SUSE LLC. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "Security update for the Linux Kernel",
"title": "Title of the patch"
},
{
"category": "description",
"text": "\n\nThe SUSE Linux Enterprise 12 SP3 kernel was updated to 4.4.175 to receive various security and bugfixes.\n\nThe following security bugs were fixed:\n\n- CVE-2019-6974: kvm_ioctl_create_device in virt/kvm/kvm_main.c mishandled reference counting because of a race condition, leading to a use-after-free. (bnc#1124728)\n- CVE-2019-7221: Fixed a user-after-free vulnerability in the KVM hypervisor related to the emulation of a preemption timer, allowing an guest user/process to crash the host kernel. (bsc#1124732).\n- CVE-2019-7222: Fixed an information leakage in the KVM hypervisor related to handling page fault exceptions, which allowed a guest user/process to use this flaw to leak the host\u0027s stack memory contents to a guest (bsc#1124735).\n- CVE-2018-1120: By mmap()ing a FUSE-backed file onto a process\u0027s memory containing command line arguments (or environment strings), an attacker could have caused utilities from psutils or procps (such as ps, w) or any other program which made a read() call to the /proc/\u003cpid\u003e/cmdline (or /proc/\u003cpid\u003e/environ) files to block indefinitely (denial of service) or for some controlled time (as a synchronization primitive for other attacks) (bnc#1093158).\n- CVE-2018-16862: A security flaw was found in a way that the cleancache subsystem clears an inode after the final file truncation (removal). The new file created with the same inode may contain leftover pages from cleancache and the old file data instead of the new one (bnc#1117186).\n- CVE-2018-16884: NFS41+ shares mounted in different network namespaces at the same time can make bc_svc_process() use wrong back-channel IDs and cause a use-after-free vulnerability. Thus a malicious container user can cause a host kernel memory corruption and a system panic. Due to the nature of the flaw, privilege escalation cannot be fully ruled out (bnc#1119946).\n- CVE-2018-19407: The vcpu_scan_ioapic function in arch/x86/kvm/x86.c allowed local users to cause a denial of service (NULL pointer dereference and BUG) via crafted system calls that reach a situation where ioapic is uninitialized (bnc#1116841).\n- CVE-2018-19824: A local user could exploit a use-after-free in the ALSA driver by supplying a malicious USB Sound device (with zero interfaces) that is mishandled in usb_audio_probe in sound/usb/card.c (bnc#1118152).\n- CVE-2018-19985: The function hso_probe read if_num from the USB device (as an u8) and used it without a length check to index an array, resulting in an OOB memory read in hso_probe or hso_get_config_data that could be used by local attackers (bnc#1120743).\n- CVE-2018-20169: The USB subsystem mishandled size checks during the reading of an extra descriptor, related to __usb_get_extra_descriptor in drivers/usb/core/usb.c (bnc#1119714).\n- CVE-2018-5391: The Linux kernel was vulnerable to a denial of service attack with low rates of specially modified packets targeting IP fragment re-assembly. An attacker may cause a denial of service condition by sending specially crafted IP fragments. Various vulnerabilities in IP fragmentation have been discovered and fixed over the years. The current vulnerability (CVE-2018-5391) became exploitable in the Linux kernel with the increase of the IP fragment reassembly queue size (bnc#1103097).\n- CVE-2018-9568: In sk_clone_lock of sock.c, there is a possible memory corruption due to type confusion. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation. (bnc#1118319).\n- CVE-2019-3459,CVE-2019-3460: Two remote information leak vulnerabilities in the Bluetooth stack were fixed that could potentially leak kernel information (bsc#1120758)\n\nThe following non-security bugs were fixed:\n\n- 9p: clear dangling pointers in p9stat_free (bnc#1012382).\n- 9p locks: fix glock.client_id leak in do_lock (bnc#1012382).\n- 9p/net: put a lower bound on msize (bnc#1012382).\n- acpi/iort: Fix iort_get_platform_device_domain() uninitialized pointer value (bsc#1121239).\n- acpi/lpss: Add alternative ACPI HIDs for Cherry Trail DMA controllers (bnc#1012382).\n- acpi/nfit: Block function zero DSMs (bsc#1123321).\n- acpi/nfit: Fix ARS overflow continuation (bsc#1125000).\n- acpi/nfit: fix cmd_rc for acpi_nfit_ctl to always return a value (bsc#1124775).\n- acpi/nfit: Fix command-supported detection (bsc#1123323).\n- acpi/nfit, x86/mce: Handle only uncorrectable machine checks (bsc#1114648).\n- acpi/nfit, x86/mce: Validate a MCE\u0027s address before using it (bsc#1114648).\n- acpi/platform: Add SMB0001 HID to forbidden_id_list (bnc#1012382).\n- acpi/power: Skip duplicate power resource references in _PRx (bnc#1012382).\n- acpi/processor: Fix the return value of acpi_processor_ids_walk() (git fixes (acpi)).\n- af_iucv: Move sockaddr length checks to before accessing sa_family in bind and connect handlers (bnc#1012382).\n- ahci: do not ignore result code of ahci_reset_controller() (bnc#1012382).\n- aio: fix spectre gadget in lookup_ioctx (bnc#1012382).\n- aio: hold an extra file reference over AIO read/write operations (bsc#1116027).\n- alpha: Fix Eiger NR_IRQS to 128 (bnc#1012382).\n- alpha: fix page fault handling for r16-r18 targets (bnc#1012382).\n- ALSA: ac97: Fix incorrect bit shift at AC97-SPSA control write (bnc#1012382).\n- ALSA: bebob: fix model-id of unit for Apogee Ensemble (bnc#1012382).\n- ALSA: ca0106: Disable IZD on SB0570 DAC to fix audio pops (bnc#1012382).\n- ALSA: compress: Fix stop handling on compressed capture streams (bnc#1012382).\n- ALSA: control: Fix race between adding and removing a user element (bnc#1012382).\n- ALSA: cs46xx: Potential NULL dereference in probe (bnc#1012382).\n- ALSA: emu10k1: Fix potential Spectre v1 vulnerabilities (bnc#1012382).\n- ALSA: emux: Fix potential Spectre v1 vulnerabilities (bnc#1012382).\n- ALSA: hda - Add mic quirk for the Lenovo G50-30 (17aa:3905) (bnc#1012382).\n- ALSA: hda: add mute LED support for HP EliteBook 840 G4 (bnc#1012382).\n- ALSA: hda - Add quirk for HP EliteBook 840 G5 (bnc#1012382).\n- ALSA: hda: Add support for AMD Stoney Ridge (bnc#1012382).\n- ALSA: hda: Check the non-cached stream buffers more explicitly (bnc#1012382).\n- ALSA: hda/realtek - Disable headset Mic VREF for headset mode of ALC225 (bnc#1012382).\n- ALSA: hda - Serialize codec registrations (bnc#1012382).\n- ALSA: hda/tegra: clear pending irq handlers (bnc#1012382).\n- ALSA: isa/wavefront: prevent some out of bound writes (bnc#1012382).\n- ALSA: pcm: Call snd_pcm_unlink() conditionally at closing (bnc#1012382).\n- ALSA: pcm: Fix interval evaluation with openmin/max (bnc#1012382).\n- ALSA: pcm: Fix potential Spectre v1 vulnerability (bnc#1012382).\n- ALSA: pcm: Fix starvation on down_write_nonblock() (bnc#1012382).\n- ALSA: pcm: remove SNDRV_PCM_IOCTL1_INFO internal command (bnc#1012382).\n- ALSA: rme9652: Fix potential Spectre v1 vulnerability (bnc#1012382).\n- ALSA: sparc: Fix invalid snd_free_pages() at error path (bnc#1012382).\n- ALSA: timer: Fix zero-division by continue of uninitialized instance (bnc#1012382).\n- ALSA: trident: Suppress gcc string warning (bnc#1012382).\n- ALSA: usb-audio: Avoid access before bLength check in build_audio_procunit() (bnc#1012382).\n- ALSA: usb-audio: Fix an out-of-bound read in create_composite_quirks (bnc#1012382).\n- ALSA: usb-audio: Fix implicit fb endpoint setup by quirk (bnc#1012382).\n- ALSA: wss: Fix invalid snd_free_pages() at error path (bnc#1012382).\n- amd/iommu: Fix Guest Virtual APIC Log Tail Address Register (bsc#1106105).\n- arc: change defconfig defaults to ARCv2 (bnc#1012382).\n- arc: [devboards] Add support of NFSv3 ACL (bnc#1012382).\n- arch/alpha, termios: implement BOTHER, IBSHIFT and termios2 (bnc#1012382).\n- arc: io.h: Implement reads{x}()/writes{x}() (bnc#1012382).\n- arc: perf: map generic branches to correct hardware condition (bnc#1012382).\n- arm64: Disable asm-operand-width warning for clang (bnc#1012382).\n- arm64: Do not trap host pointer auth use to EL2 (bnc#1012382).\n- arm64: dts: stratix10: Correct System Manager register size (bnc#1012382).\n- arm64: Enabled ENA (Amazon network driver) for arm64\n- arm64: ftrace: do not adjust the LR value (bnc#1012382).\n- arm64: hardcode rodata_enabled=true earlier in the series (bsc#1114763).\n- arm64: hyp-stub: Forbid kprobing of the hyp-stub (bnc#1012382).\n- arm64/kvm: consistently handle host HCR_EL2 flags (bnc#1012382).\n- arm64: kvm: Skip MMIO insn after emulation (bnc#1012382).\n- arm64: PCI: ACPI support for legacy IRQs parsing and consolidation with DT code (bsc#985031).\n- arm64: percpu: Initialize ret in the default case (bnc#1012382).\n- arm64: perf: set suppress_bind_attrs flag to true (bnc#1012382).\n- arm64: remove no-op -p linker flag (bnc#1012382).\n- arm: 8799/1: mm: fix pci_ioremap_io() offset check (bnc#1012382).\n- arm: 8808/1: kexec:offline panic_smp_self_stop CPU (bnc#1012382).\n- arm: 8814/1: mm: improve/fix ARM v7_dma_inv_range() unaligned address handling (bnc#1012382).\n- arm: cns3xxx: Fix writing to wrong PCI config registers after alignment (bnc#1012382).\n- arm: dts: apq8064: add ahci ports-implemented mask (bnc#1012382).\n- arm: dts: da850-evm: Correct the sound card name (bnc#1012382).\n- arm: dts: Fix OMAP4430 SDP Ethernet startup (bnc#1012382).\n- arm: dts: imx53-qsb: disable 1.2GHz OPP (bnc#1012382).\n- arm: dts: kirkwood: Fix polarity of GPIO fan lines (bnc#1012382).\n- arm: dts: mmp2: fix TWSI2 (bnc#1012382).\n- arm: fix mis-applied iommu identity check (bsc#1116924).\n- arm: imx: update the cpu power up timing setting on i.mx6sx (bnc#1012382).\n- arm: iop32x/n2100: fix PCI IRQ mapping (bnc#1012382).\n- arm: kvm: fix building with gcc-8 (bsc#1121241).\n- arm: OMAP1: ams-delta: Fix possible use of uninitialized field (bnc#1012382).\n- arm: OMAP2+: hwmod: Fix some section annotations (bnc#1012382).\n- arm: OMAP2+: prm44xx: Fix section annotation on omap44xx_prm_enable_io_wakeup (bnc#1012382).\n- arm: pxa: avoid section mismatch warning (bnc#1012382).\n- asix: Check for supported Wake-on-LAN modes (bnc#1012382).\n- ASoC: ak4613: Enable cache usage to fix crashes on resume (bnc#1012382).\n- ASoC: atom: fix a missing check of snd_pcm_lib_malloc_pages (bnc#1012382).\n- ASoC: dapm: Recalculate audio map forcely when card instantiated (bnc#1012382).\n- ASoC: fsl: Fix SND_SOC_EUKREA_TLV320 build error on i.MX8M (bnc#1012382).\n- ASoC: Intel: mrfld: fix uninitialized variable access (bnc#1012382).\n- ASoC: omap-dmic: Add pm_qos handling to avoid overruns with CPU_IDLE (bnc#1012382).\n- ASoC: omap-mcpdm: Add pm_qos handling to avoid under/overruns with CPU_IDLE (bnc#1012382).\n- ASoC: spear: fix error return code in spdif_in_probe() (bnc#1012382).\n- ASoC: wm8940: Enable cache usage to fix crashes on resume (bnc#1012382).\n- ata: Fix racy link clearance (bsc#1107866).\n- ataflop: fix error handling during setup (bnc#1012382).\n- ath10k: fix kernel panic due to race in accessing arvif list (bnc#1012382).\n- ath10k: schedule hardware restart if WMI command times out (bnc#1012382).\n- ax25: fix a use-after-free in ax25_fillin_cb() (bnc#1012382).\n- ax88179_178a: Check for supported Wake-on-LAN modes (bnc#1012382).\n- b43: Fix error in cordic routine (bnc#1012382).\n- batman-adv: Avoid WARN on net_device without parent in netns (bnc#1012382).\n- batman-adv: Expand merged fragment buffer for full packet (bnc#1012382).\n- batman-adv: Force mac header to start of data on xmit (bnc#1012382).\n- bcache: fix miss key refill-\u003eend in writeback (bnc#1012382).\n- bfs: add sanity check at bfs_fill_super() (bnc#1012382).\n- binfmt_elf: fix calculations for bss padding (bnc#1012382).\n- bitops: protect variables in bit_clear_unless() macro (bsc#1116285).\n- block: fix inheriting request priority from bio (bsc#1116924).\n- block/loop: Use global lock for ioctl() operation (bnc#1012382).\n- block: respect virtual boundary mask in bvecs (bsc#1113412).\n- block/swim3: Fix -EBUSY error when re-opening device after unmount (Git-fixes).\n- Bluetooth: btbcm: Add entry for BCM4335C0 UART bluetooth (bnc#1012382).\n- Bluetooth: Fix unnecessary error message for HCI request completion (bnc#1012382).\n- Bluetooth: SMP: fix crash in unpairing (bnc#1012382).\n- bna: ethtool: Avoid reading past end of buffer (bnc#1012382).\n- bnx2x: Assign unique DMAE channel number for FW DMAE transactions (bnc#1012382).\n- bnxt_re: Fix couple of memory leaks that could lead to IOMMU call traces (bsc#1020413).\n- bonding: fix 802.3ad state sent to partner when unbinding slave (bnc#1012382).\n- bpf: fix check of allowed specifiers in bpf_trace_printk (bnc#1012382).\n- bpf: generally move prog destruction to RCU deferral (bnc#1012382).\n- bpf: support 8-byte metafield access (bnc#1012382).\n- bpf, trace: check event type in bpf_perf_event_read (bsc#1119970).\n- bpf, trace: use READ_ONCE for retrieving file ptr (bsc#1119967).\n- bpf/verifier: Add spi variable to check_stack_write() (bnc#1012382).\n- bpf/verifier: Pass instruction index to check_mem_access() and check_xadd() (bnc#1012382).\n- bridge: do not add port to router list when receives query with source 0.0.0.0 (bnc#1012382).\n- btrfs: Always try all copies when reading extent buffers (bnc#1012382).\n- btrfs: do not attempt to trim devices that do not support it (bnc#1012382).\n- btrfs: ensure path name is null terminated at btrfs_control_ioctl (bnc#1012382).\n- btrfs: fix backport error in submit_stripe_bio (bsc#1114763).\n- btrfs: fix data corruption due to cloning of eof block (bnc#1012382).\n- btrfs: Fix memory barriers usage with device stats counters (git-fixes).\n- btrfs: fix null pointer dereference on compressed write path error (bnc#1012382).\n- btrfs: fix pinned underflow after transaction aborted (bnc#1012382).\n- btrfs: fix use-after-free when dumping free space (bnc#1012382).\n- btrfs: fix wrong dentries after fsync of file that got its parent replaced (bnc#1012382).\n- btrfs: Handle error from btrfs_uuid_tree_rem call in _btrfs_ioctl_set_received_subvol (git-fixes).\n- btrfs: Handle owner mismatch gracefully when walking up tree (bnc#1012382).\n- btrfs: iterate all devices during trim, instead of fs_devices::alloc_list (bnc#1012382).\n- btrfs: locking: Add extra check in btrfs_init_new_buffer() to avoid deadlock (bnc#1012382).\n- btrfs: make sure we create all new block groups (bnc#1012382).\n- btrfs: qgroup: Dirty all qgroups before rescan (bnc#1012382).\n- btrfs: release metadata before running delayed refs (bnc#1012382).\n- btrfs: reset max_extent_size on clear in a bitmap (bnc#1012382).\n- btrfs: send, fix infinite loop due to directory rename dependencies (bnc#1012382).\n- btrfs: set max_extent_size properly (bnc#1012382).\n- btrfs: tree-checker: Check level for leaves and nodes (bnc#1012382).\n- btrfs: tree-checker: Do not check max block group size as current max chunk size limit is unreliable (fixes for bnc#1012382 bsc#1102875 bsc#1102877 bsc#1102879 bsc#1102882 bsc#1102896).\n- btrfs: tree-checker: Fix misleading group system information (bnc#1012382).\n- btrfs: tree-check: reduce stack consumption in check_dir_item (bnc#1012382).\n- btrfs: validate type when reading a chunk (bnc#1012382).\n- btrfs: wait on caching when putting the bg cache (bnc#1012382).\n- btrfs: wait on ordered extents on abort cleanup (bnc#1012382).\n- cachefiles: fix the race between cachefiles_bury_object() and rmdir(2) (bnc#1012382).\n- can: bcm: check timer values before ktime conversion (bnc#1012382).\n- can: dev: __can_get_echo_skb(): Do not crash the kernel if can_priv::echo_skb is accessed out of bounds (bnc#1012382).\n- can: dev: can_get_echo_skb(): factor out non sending code to __can_get_echo_skb() (bnc#1012382).\n- can: dev: __can_get_echo_skb(): fix bogous check for non-existing skb by removing it (bnc#1012382).\n- can: dev: __can_get_echo_skb(): print error message, if trying to echo non existing skb (bnc#1012382).\n- can: dev: __can_get_echo_skb(): replace struct can_frame by canfd_frame to access frame length (bnc#1012382).\n- can: gw: ensure DLC boundaries after CAN frame modification (bnc#1012382).\n- can: rcar_can: Fix erroneous registration (bnc#1012382).\n- cdc-acm: correct counting of UART states in serial state notification (bnc#1012382).\n- cdc-acm: fix abnormal DATA RX issue for Mediatek Preloader (bnc#1012382).\n- ceph: call setattr_prepare from ceph_setattr instead of inode_change_ok (bsc#1114763).\n- ceph: clear inode pointer when snap realm gets dropped by its inode (bsc#1125809).\n- ceph: do not update importing cap\u0027s mseq when handing cap export (bsc#1121275).\n- ceph: fix dentry leak in ceph_readdir_prepopulate (bsc#1114839).\n- ceph: quota: fix null pointer dereference in quota check (bsc#1114839).\n- cfg80211: reg: Init wiphy_idx in regulatory_hint_core() (bnc#1012382).\n- char/mwave: fix potential Spectre v1 vulnerability (bnc#1012382).\n- checkstack.pl: fix for aarch64 (bnc#1012382).\n- cifs: Always resolve hostname before reconnecting (bnc#1012382).\n- cifs: check ntwrk_buf_start for NULL before dereferencing it (bnc#1012382).\n- cifs: Do not count -ENODATA as failure for query directory (bnc#1012382).\n- cifs: Do not hide EINTR after sending network packets (bnc#1012382).\n- cifs: Fix error mapping for SMB2_LOCK command which caused OFD lock problem (bnc#1012382).\n- cifs: Fix possible hang during async MTU reads and writes (bnc#1012382).\n- cifs: Fix potential OOB access of lock element array (bnc#1012382).\n- cifs: Fix separator when building path from dentry (bnc#1012382).\n- cifs: handle guest access errors to Windows shares (bnc#1012382).\n- cifs: In Kconfig CONFIG_CIFS_POSIX needs depends on legacy (insecure cifs) (bnc#1012382).\n- cifs: Limit memory used by lock request calls to a page (bnc#1012382).\n- clk: imx6q: reset exclusive gates on init (bnc#1012382).\n- clk: imx6sl: ensure MMDC CH0 handshake is bypassed (bnc#1012382).\n- clk: mmp: Off by one in mmp_clk_add() (bnc#1012382).\n- clk: s2mps11: Add used attribute to s2mps11_dt_match (git-fixes).\n- clk: s2mps11: Fix matching when built as module and DT node contains compatible (bnc#1012382).\n- clk: samsung: exynos5420: Enable PERIS clocks for suspend (bnc#1012382).\n- clockevents/drivers/i8253: Add support for PIT shutdown quirk (bnc#1012382).\n- configfs: replace strncpy with memcpy (bnc#1012382).\n- cpufeature: avoid warning when compiling with clang (Git-fixes).\n- cpufreq: imx6q: add return value check for voltage scale (bnc#1012382).\n- cpufreq: intel_pstate: Fix HWP on boot CPU after system resume (bsc#1120017).\n- cpuidle: big.LITTLE: fix refcount leak (bnc#1012382).\n- cpuidle: Do not access cpuidle_devices when !CONFIG_CPU_IDLE (bnc#1012382).\n- cramfs: fix abad comparison when wrap-arounds occur (bnc#1012382).\n- crypto: arm64/sha - avoid non-standard inline asm tricks (bnc#1012382).\n- crypto: authencesn - Avoid twice completion call in decrypt path (bnc#1012382).\n- crypto: authenc - fix parsing key with misaligned rta_len (bnc#1012382).\n- crypto: cts - fix crash on short inputs (bnc#1012382).\n- crypto: lrw - Fix out-of bounds access on counter overflow (bnc#1012382).\n- crypto: shash - Fix a sleep-in-atomic bug in shash_setkey_unaligned (bnc#1012382).\n- crypto: user - support incremental algorithm dumps (bsc#1120902).\n- crypto: ux500 - Use proper enum in cryp_set_dma_transfer (bnc#1012382).\n- crypto: ux500 - Use proper enum in hash_set_dma_transfer (bnc#1012382).\n- crypto, x86: aesni - fix token pasting for clang (bnc#1012382).\n- crypto: x86/chacha20 - avoid sleeping with preemption disabled (bnc#1012382).\n- cw1200: Do not leak memory if krealloc failes (bnc#1012382).\n- cw1200: Fix concurrency use-after-free bugs in cw1200_hw_scan() (bnc#1012382).\n- cxgb4: Add support for new flash parts (bsc#1102439).\n- cxgb4: assume flash part size to be 4MB, if it can\u0027t be determined (bsc#1102439).\n- cxgb4: Fix FW flash errors (bsc#1102439).\n- cxgb4: fix missing break in switch and indent return statements (bsc#1102439).\n- cxgb4: support new ISSI flash parts (bsc#1102439).\n- dccp: fool proof ccid_hc_[rt]x_parse_options() (bnc#1012382).\n- debugfs: fix debugfs_rename parameter checking (bnc#1012382).\n- debugobjects: avoid recursive calls with kmemleak (bnc#1012382).\n- disable stringop truncation warnings for now (bnc#1012382).\n- dlm: Do not swamp the CPU with callbacks queued during recovery (bnc#1012382).\n- dlm: fixed memory leaks after failed ls_remove_names allocation (bnc#1012382).\n- dlm: lost put_lkb on error path in receive_convert() and receive_unlock() (bnc#1012382).\n- dlm: memory leaks on error path in dlm_user_request() (bnc#1012382).\n- dlm: possible memory leak on error path in create_lkb() (bnc#1012382).\n- dmaengine: at_hdmac: fix memory leak in at_dma_xlate() (bnc#1012382).\n- dmaengine: at_hdmac: fix module unloading (bnc#1012382).\n- dmaengine: dma-jz4780: Return error if not probed from DT (bnc#1012382).\n- dmaengine: imx-dma: fix wrong callback invoke (bnc#1012382).\n- dm cache metadata: ignore hints array being too small during resize (Git-fixes).\n- dm crypt: add cryptographic data integrity protection (authenticated encryption) (Git-fixes).\n- dm crypt: factor IV constructor out to separate function (Git-fixes).\n- dm crypt: fix crash by adding missing check for auth key size (git-fixes).\n- dm crypt: fix error return code in crypt_ctr() (git-fixes).\n- dm crypt: fix memory leak in crypt_ctr_cipher_old() (git-fixes).\n- dm crypt: introduce new format of cipher with \u0027capi:\u0027 prefix (Git-fixes).\n- dm crypt: wipe kernel key copy after IV initialization (Git-fixes).\n- dm: do not allow readahead to limit IO size (git fixes (readahead)).\n- dm ioctl: harden copy_params()\u0027s copy_from_user() from malicious users (bnc#1012382).\n- dm kcopyd: Fix bug causing workqueue stalls (bnc#1012382).\n- dm-multipath: do not assign cmd_flags in setup_clone() (bsc#1103156).\n- dm raid: stop using BUG() in __rdev_sectors() (bsc#1046264).\n- dm snapshot: Fix excessive memory usage and workqueue stalls (bnc#1012382).\n- dm thin: fix bug where bio that overwrites thin block ignores FUA (bnc#1012382).\n- dm thin: stop no_space_timeout worker when switching to write-mode (Git-fixes).\n- Documentation/network: reword kernel version reference (bnc#1012382).\n- dpaa_eth: fix dpaa_get_stats64 to match prototype (bsc#1114763).\n- drbd: Avoid Clang warning about pointless switch statment (bnc#1012382).\n- drbd: disconnect, if the wrong UUIDs are attached on a connected peer (bnc#1012382).\n- drbd: narrow rcu_read_lock in drbd_sync_handshake (bnc#1012382).\n- drbd: skip spurious timeout (ping-timeo) when failing promote (bnc#1012382).\n- driver/dma/ioat: Call del_timer_sync() without holding prep_lock (bnc#1012382).\n- drivers: core: Remove glue dirs from sysfs earlier (bnc#1012382).\n- drivers: hv: vmbus: check the creation_status in vmbus_establish_gpadl() (bsc#1104098).\n- drivers: hv: vmbus: Return -EINVAL for the sys files for unopened channels (bnc#1012382).\n- drivers/misc/sgi-gru: fix Spectre v1 vulnerability (bnc#1012382).\n- drivers/sbus/char: add of_node_put() (bnc#1012382).\n- drivers/tty: add missing of_node_put() (bnc#1012382).\n- drm/ast: change resolution may cause screen blurred (bnc#1012382).\n- drm/ast: fixed cursor may disappear sometimes (bnc#1012382).\n- drm/ast: fixed reading monitor EDID not stable issue (bnc#1012382).\n- drm/ast: Fix incorrect free on ioregs (bsc#1106929)\n- drm/ast: Remove existing framebuffers before loading driver (boo#1112963)\n- drm/bufs: Fix Spectre v1 vulnerability (bnc#1012382).\n- drm/dp_mst: Check if primary mstb is null (bnc#1012382).\n- drm/fb-helper: Ignore the value of fb_var_screeninfo.pixclock (bsc#1106929)\n- drm/hisilicon: hibmc: Do not carry error code in HiBMC framebuffer (bsc#1113766)\n- drm/hisilicon: hibmc: Do not overwrite fb helper surface depth (bsc#1113766)\n- drm/i915: Block fbdev HPD processing during suspend (bsc#1106929)\n- drm/i915/hdmi: Add HDMI 2.0 audio clock recovery N values (bnc#1012382).\n- drm/i915: Prevent a race during I915_GEM_MMAP ioctl with WC set (bsc#1106929)\n- drm/ioctl: Fix Spectre v1 vulnerabilities (bnc#1012382).\n- drm/modes: Prevent division by zero htotal (bnc#1012382).\n- drm/msm: Grab a vblank reference when waiting for commit_done (bnc#1012382).\n- drm/nouveau/fbcon: fix oops without fbdev emulation (bnc#1012382).\n- drm/omap: fix memory barrier bug in DMM driver (bnc#1012382).\n- drm: rcar-du: Fix external clock error checks (bsc#1106929)\n- drm: rcar-du: Fix vblank initialization (bsc#1106929)\n- drm/rockchip: Allow driver to be shutdown on reboot/kexec (bnc#1012382).\n- drm/vmwgfx: Fix setting of dma masks (bsc#1106929)\n- drm/vmwgfx: Return error code from vmw_execbuf_copy_fence_user (bsc#1106929)\n- e1000: avoid null pointer dereference on invalid stat type (bnc#1012382).\n- e1000e: allow non-monotonic SYSTIM readings (bnc#1012382).\n- e1000: fix race condition between e1000_down() and e1000_watchdog (bnc#1012382).\n- edac: Raise the maximum number of memory controllers (bsc#1120722).\n- efi/libstub/arm64: Force \u0027hidden\u0027 visibility for section markers (bnc#1012382).\n- efi/libstub/arm64: Set -fpie when building the EFI stub (bnc#1012382).\n- efi/libstub/arm64: Use hidden attribute for struct screen_info reference (bsc#1122650).\n- enic: fix checksum validation for IPv6 (bnc#1012382).\n- exec: avoid gcc-8 warning for get_task_comm (bnc#1012382).\n- exec: load_script: do not blindly truncate shebang string (bnc#1012382).\n- exportfs: do not read dentry after free (bnc#1012382).\n- ext2: fix potential use after free (bnc#1012382).\n- ext4: add missing brelse() add_new_gdb_meta_bg()\u0027s error path (bnc#1012382).\n- ext4: add missing brelse() in set_flexbg_block_bitmap()\u0027s error path (bnc#1012382).\n- ext4: add missing brelse() update_backups()\u0027s error path (bnc#1012382).\n- ext4: avoid buffer leak in ext4_orphan_add() after prior errors (bnc#1012382).\n- ext4: avoid possible double brelse() in add_new_gdb() on error path (bnc#1012382).\n- ext4: avoid potential extra brelse in setup_new_flex_group_blocks() (bnc#1012382).\n- ext4: fix a potential fiemap/page fault deadlock w/ inline_data (bnc#1012382).\n- ext4: fix argument checking in EXT4_IOC_MOVE_EXT (bnc#1012382).\n- ext4: fix buffer leak in __ext4_read_dirblock() on error path (bnc#1012382).\n- ext4: fix buffer leak in ext4_xattr_move_to_block() on error path (bnc#1012382).\n- ext4: Fix crash during online resizing (bsc#1122779).\n- ext4: fix EXT4_IOC_GROUP_ADD ioctl (bnc#1012382).\n- ext4: fix missing cleanup if ext4_alloc_flex_bg_array() fails while resizing (bnc#1012382).\n- ext4: fix possible inode leak in the retry loop of ext4_resize_fs() (bnc#1012382).\n- ext4: fix possible leak of sbi-\u003es_group_desc_leak in error path (bnc#1012382).\n- ext4: fix possible use after free in ext4_quota_enable (bnc#1012382).\n- ext4: force inode writes when nfsd calls commit_metadata() (bnc#1012382).\n- ext4: initialize retries variable in ext4_da_write_inline_data_begin() (bnc#1012382).\n- ext4: missing unlock/put_page() in ext4_try_to_write_inline_data() (bnc#1012382).\n- ext4: release bs.bh before re-using in ext4_xattr_block_find() (bnc#1012382).\n- f2fs: Add sanity_check_inode() function (bnc#1012382).\n- f2fs: avoid unneeded loop in build_sit_entries (bnc#1012382).\n- f2fs: check blkaddr more accuratly before issue a bio (bnc#1012382).\n- f2fs: clean up argument of recover_data (bnc#1012382).\n- f2fs: clean up with is_valid_blkaddr() (bnc#1012382).\n- f2fs: detect wrong layout (bnc#1012382).\n- f2fs: enhance sanity_check_raw_super() to avoid potential overflow (bnc#1012382).\n- f2fs: factor out fsync inode entry operations (bnc#1012382).\n- f2fs: fix inode cache leak (bnc#1012382).\n- f2fs: fix invalid memory access (bnc#1012382).\n- f2fs: fix missing up_read (bnc#1012382).\n- f2fs: fix to avoid reading out encrypted data in page cache (bnc#1012382).\n- f2fs: fix to convert inline directory correctly (bnc#1012382).\n- f2fs: fix to determine start_cp_addr by sbi-\u003ecur_cp_pack (bnc#1012382).\n- f2fs: fix to do sanity check with block address in main area (bnc#1012382).\n- f2fs: fix to do sanity check with block address in main area v2 (bnc#1012382).\n- f2fs: fix to do sanity check with cp_pack_start_sum (bnc#1012382).\n- f2fs: fix to do sanity check with node footer and iblocks (bnc#1012382).\n- f2fs: fix to do sanity check with reserved blkaddr of inline inode (bnc#1012382).\n- f2fs: fix to do sanity check with secs_per_zone (bnc#1012382).\n- f2fs: fix to do sanity check with user_block_count (bnc#1012382).\n- f2fs: fix validation of the block count in sanity_check_raw_super (bnc#1012382).\n- f2fs: fix wrong return value of f2fs_acl_create (bnc#1012382).\n- f2fs: free meta pages if sanity check for ckpt is failed (bnc#1012382).\n- f2fs: give -EINVAL for norecovery and rw mount (bnc#1012382).\n- f2fs: introduce and spread verify_blkaddr (bnc#1012382).\n- f2fs: introduce get_checkpoint_version for cleanup (bnc#1012382).\n- f2fs: move dir data flush to write checkpoint process (bnc#1012382).\n- f2fs: move sanity checking of cp into get_valid_checkpoint (bnc#1012382).\n- f2fs: not allow to write illegal blkaddr (bnc#1012382).\n- f2fs: put directory inodes before checkpoint in roll-forward recovery (bnc#1012382).\n- f2fs: read page index before freeing (bnc#1012382).\n- f2fs: remove an obsolete variable (bnc#1012382).\n- f2fs: return error during fill_super (bnc#1012382).\n- f2fs: sanity check on sit entry (bnc#1012382).\n- f2fs: use crc and cp version to determine roll-forward recovery (bnc#1012382).\n- fbdev: fbcon: Fix unregister crash when more than one framebuffer (bsc#1106929)\n- fbdev: fbmem: behave better with small rotated displays and many CPUs (bsc#1106929)\n- fcoe: remove duplicate debugging message in fcoe_ctlr_vn_add (bsc#1114763).\n- Fix kabi for \u0027Ensure we commit after writeback is complete\u0027 (bsc#1111809).\n- Fix problem with sharetransport= and NFSv4 (bsc#1114893).\n- floppy: fix race condition in __floppy_read_block_0() (Git-fixes).\n- flow_dissector: do not dissect l4 ports for fragments (bnc#1012382).\n- fork: record start_time late (bnc#1012382).\n- fs: add the fsnotify call to vfs_iter_write (bnc#1012382).\n- fscache, cachefiles: remove redundant variable \u0027cache\u0027 (bnc#1012382).\n- fscache: fix race between enablement and dropping of object (bsc#1107385).\n- fscache: Fix race in fscache_op_complete() due to split atomic_sub \u0026 read (Git-fixes).\n- fscache: Pass the correct cancelled indications to fscache_op_complete() (Git-fixes).\n- fs/dcache: Fix incorrect nr_dentry_unused accounting in shrink_dcache_sb() (bnc#1012382).\n- fs: do not scan the inode cache before SB_BORN is set (bnc#1012382).\n- fs, elf: make sure to page align bss in load_elf_library (bnc#1012382).\n- fs/epoll: drop ovflist branch prediction (bnc#1012382).\n- fs/exofs: fix potential memory leak in mount option parsing (bnc#1012382).\n- fs/fat/fatent.c: add cond_resched() to fat_count_free_clusters() (bnc#1012382).\n- fs: fix lost error code in dio_complete (bsc#1117744).\n- fuse: call pipe_buf_release() under pipe lock (bnc#1012382).\n- fuse: decrement NR_WRITEBACK_TEMP on the right page (bnc#1012382).\n- fuse: Dont call set_page_dirty_lock() for ITER_BVEC pages for async_dio (bnc#1012382).\n- fuse: fix blocked_waitq wakeup (bnc#1012382).\n- fuse: fix leaked notify reply (bnc#1012382).\n- fuse: Fix use-after-free in fuse_dev_do_read() (bnc#1012382).\n- fuse: Fix use-after-free in fuse_dev_do_write() (bnc#1012382).\n- fuse: handle zero sized retrieve correctly (bnc#1012382).\n- fuse: set FR_SENT while locked (bnc#1012382).\n- futex: Fix (possible) missed wakeup (bsc#1050549).\n- gdrom: fix a memory leak bug (bnc#1012382).\n- genirq: Fix race on spurious interrupt detection (bnc#1012382).\n- genwqe: Fix size check (bnc#1012382).\n- gfs2: Do not leave s_fs_info pointing to freed memory in init_sbd (bnc#1012382).\n- gfs2: Fix loop in gfs2_rbm_find (bnc#1012382).\n- gfs2_meta: -\u003emount() can get NULL dev_name (bnc#1012382).\n- gfs2: Put bitmap buffers in put_super (bnc#1012382).\n- gfs2: Revert \u0027Fix loop in gfs2_rbm_find\u0027 (bnc#1012382).\n- git_sort.py: Remove non-existent remote tj/libata\n- gpiolib: Fix return value of gpio_to_desc() stub if !GPIOLIB (Git-fixes).\n- gpio: max7301: fix driver for use with CONFIG_VMAP_STACK (bnc#1012382).\n- gpio: msic: fix error return code in platform_msic_gpio_probe() (bnc#1012382).\n- gpio: pl061: handle failed allocations (bnc#1012382).\n- gpu: host1x: fix error return code in host1x_probe() (bnc#1012382).\n- gpu: ipu-v3: Fix CSI offsets for imx53 (bsc#1106929)\n- gpu: ipu-v3: Fix i.MX51 CSI control registers offset (bsc#1106929)\n- gro_cell: add napi_disable in gro_cells_destroy (bnc#1012382).\n- hfs: do not free node before using (bnc#1012382).\n- hfsplus: do not free node before using (bnc#1012382).\n- hfsplus: prevent btree data loss on root split (bnc#1012382).\n- hfs: prevent btree data loss on root split (bnc#1012382).\n- hid: debug: fix the ring buffer implementation (bnc#1012382).\n- hid: hiddev: fix potential Spectre v1 (bnc#1012382).\n- hid: lenovo: Add checks to fix of_led_classdev_register (bnc#1012382).\n- hid: uhid: forbid UHID_CREATE under KERNEL_DS or elevated privileges (bnc#1012382).\n- hpwdt add dynamic debugging (bsc#1114417).\n- hpwdt calculate reload value on each use (bsc#1114417).\n- hugetlbfs: dirty pages as they are added to pagecache (bnc#1012382).\n- hugetlbfs: fix bug in pgoff overflow checking (bnc#1012382).\n- hugetlbfs: fix kernel BUG at fs/hugetlbfs/inode.c:444! (bnc#1012382).\n- hwmon: (ibmpowernv) Remove bogus __init annotations (bnc#1012382).\n- hwmon: (ina2xx) Fix current value calculation (bnc#1012382).\n- hwmon: (lm80) fix a missing check of bus read in lm80 probe (bnc#1012382).\n- hwmon: (lm80) fix a missing check of the status of SMBus read (bnc#1012382).\n- hwmon: (lm80) Fix missing unlock on error in set_fan_div() (git-fixes).\n- hwmon: (pmbus) Fix page count auto-detection (bnc#1012382).\n- hwmon: (w83795) temp4_type has writable permission (bnc#1012382).\n- hwpoison, memory_hotplug: allow hwpoisoned pages to be offlined (bnc#1116336).\n- i2c-axxia: check for error conditions first (bnc#1012382).\n- i2c: axxia: properly handle master timeout (bnc#1012382).\n- i2c: dev: prevent adapter retries and timeout being set as minus value (bnc#1012382).\n- i2c: scmi: Fix probe error on devices with an empty SMB0001 ACPI device node (bnc#1012382).\n- IB/core: type promotion bug in rdma_rw_init_one_mr() ().\n- IB/hfi1: Fix an out-of-bounds access in get_hw_stats ().\n- ibmveth: Do not process frames after calling napi_reschedule (bcs#1123357).\n- ibmveth: fix DMA unmap error in ibmveth_xmit_start error path (bnc#1012382).\n- ibmvnic: Add ethtool private flag for driver-defined queue limits (bsc#1121726).\n- ibmvnic: Convert reset work item mutex to spin lock ().\n- ibmvnic: fix accelerated VLAN handling ().\n- ibmvnic: fix index in release_rx_pools (bsc#1115440).\n- ibmvnic: Fix non-atomic memory allocation in IRQ context ().\n- ibmvnic: Increase maximum queue size limit (bsc#1121726).\n- ibmvnic: Introduce driver limits for ring sizes (bsc#1121726).\n- ibmvnic: remove ndo_poll_controller ().\n- ibmvnic: Update driver queues after change in ring size support ().\n- ib/rxe: Fix incorrect cache cleanup in error flow ().\n- ib/rxe: replace kvfree with vfree ().\n- ib/ucm: Fix Spectre v1 vulnerability (bnc#1012382).\n- ide: pmac: add of_node_put() (bnc#1012382).\n- ieee802154: lowpan_header_create check must check daddr (bnc#1012382).\n- igb: Fix an issue that PME is not enabled during runtime suspend (bnc#1012382).\n- igb: Remove superfluous reset to PHY and page 0 selection (bnc#1012382).\n- iio: adc: at91: fix acking DRDY irq on simple conversions (bnc#1012382).\n- iio: adc: at91: fix wrong channel number in triggered buffer mode (bnc#1012382).\n- ima: fix showing large \u0027violations\u0027 or \u0027runtime_measurements_count\u0027 (bnc#1012382).\n- inet: frags: add a pointer to struct netns_frags (bnc#1012382).\n- inet: frags: better deal with smp races (bnc#1012382).\n- inet: frags: break the 2GB limit for frags storage (bnc#1012382).\n- inet: frags: change inet_frags_init_net() return value (bnc#1012382).\n- inet: frags: do not clone skb in ip_expire() (bnc#1012382).\n- inet: frags: fix ip6frag_low_thresh boundary (bnc#1012382).\n- inet: frags: get rid of ipfrag_skb_cb/FRAG_CB (bnc#1012382).\n- inet: frags: get rif of inet_frag_evicting() (bnc#1012382).\n- inet: frags: refactor ipfrag_init() (bnc#1012382).\n- inet: frags: refactor ipv6_frag_init() (bnc#1012382).\n- inet: frags: refactor lowpan_net_frag_init() (bnc#1012382).\n- inet: frags: remove inet_frag_maybe_warn_overflow() (bnc#1012382).\n- inet: frags: remove some helpers (bnc#1012382).\n- inet: frags: reorganize struct netns_frags (bnc#1012382).\n- inet: frags: use rhashtables for reassembly units (bnc#1012382).\n- Input: bma150 - register input device after setting private data (bnc#1012382).\n- Input: elan_i2c - add ACPI ID for Lenovo IdeaPad 330-15ARR (bnc#1012382).\n- Input: elan_i2c - add ACPI ID for Lenovo IdeaPad 330-15IGM (bnc#1012382).\n- Input: elan_i2c - add ACPI ID for touchpad in ASUS Aspire F5-573G (bnc#1012382).\n- Input: elan_i2c - add ACPI ID for touchpad in Lenovo V330-15ISK (bnc#1012382).\n- Input: elan_i2c - add ELAN0620 to the ACPI table (bnc#1012382).\n- Input: elan_i2c - add support for ELAN0621 touchpad (bnc#1012382).\n- Input: elantech - enable 3rd button support on Fujitsu CELSIUS H780 (bnc#1012382).\n- Input: matrix_keypad - check for errors from of_get_named_gpio() (bnc#1012382).\n- Input: omap-keypad - fix idle configuration to not block SoC idle states (bnc#1012382).\n- Input: omap-keypad - fix keyboard debounce configuration (bnc#1012382).\n- Input: restore EV_ABS ABS_RESERVED (bnc#1012382).\n- Input: xpad - add GPD Win 2 Controller USB IDs (bnc#1012382).\n- Input: xpad - add Mad Catz FightStick TE 2 VID/PID (bnc#1012382).\n- Input: xpad - add more third-party controllers (bnc#1012382).\n- Input: xpad - add PDP device id 0x02a4 (bnc#1012382).\n- Input: xpad - add product ID for Xbox One S pad (bnc#1012382).\n- Input: xpad - add support for PDP Xbox One controllers (bnc#1012382).\n- Input: xpad - add support for SteelSeries Stratus Duo (bnc#1012382).\n- Input: xpad - add support for Xbox1 PDP Camo series gamepad (bnc#1012382).\n- Input: xpad - add USB IDs for Mad Catz Brawlstick and Razer Sabertooth (bnc#1012382).\n- Input: xpad - avoid using __set_bit() for capabilities (bnc#1012382).\n- Input: xpad - constify usb_device_id (bnc#1012382).\n- Input: xpad - correctly sort vendor id\u0027s (bnc#1012382).\n- Input: xpad - correct xbox one pad device name (bnc#1012382).\n- Input: xpad - do not depend on endpoint order (bnc#1012382).\n- Input: xpad - fix GPD Win 2 controller name (bnc#1012382).\n- Input: xpad - fix PowerA init quirk for some gamepad models (bnc#1012382).\n- Input: xpad - fix rumble on Xbox One controllers with 2015 firmware (bnc#1012382).\n- Input: xpad - fix some coding style issues (bnc#1012382).\n- Input: xpad - fix stuck mode button on Xbox One S pad (bnc#1012382).\n- Input: xpad - fix Xbox One rumble stopping after 2.5 secs (bnc#1012382).\n- Input: xpad - handle \u0027present\u0027 and \u0027gone\u0027 correctly (bnc#1012382).\n- Input: xpad - move reporting xbox one home button to common function (bnc#1012382).\n- Input: xpad - power off wireless 360 controllers on suspend (bnc#1012382).\n- Input: xpad - prevent spurious input from wired Xbox 360 controllers (bnc#1012382).\n- Input: xpad - quirk all PDP Xbox One gamepads (bnc#1012382).\n- Input: xpad - remove spurious events of wireless xpad 360 controller (bnc#1012382).\n- Input: xpad - remove unused function (bnc#1012382).\n- Input: xpad - restore LED state after device resume (bnc#1012382).\n- Input: xpad - simplify error condition in init_output (bnc#1012382).\n- Input: xpad - sort supported devices by USB ID (bnc#1012382).\n- Input: xpad - support some quirky Xbox One pads (bnc#1012382).\n- Input: xpad - sync supported devices with 360Controller (bnc#1012382).\n- Input: xpad - sync supported devices with XBCD (bnc#1012382).\n- Input: xpad - sync supported devices with xboxdrv (bnc#1012382).\n- Input: xpad - update Xbox One Force Feedback Support (bnc#1012382).\n- Input: xpad - use LED API when identifying wireless controllers (bnc#1012382).\n- Input: xpad - validate USB endpoint type during probe (bnc#1012382).\n- Input: xpad - workaround dead irq_out after suspend/ resume (bnc#1012382).\n- Input: xpad - xbox one elite controller support (bnc#1012382).\n- intel_pstate: Update frequencies of policy-\u003ecpus only from -\u003eset_policy() (bsc#1120017).\n- intel_th: msu: Fix an off-by-one in attribute store (bnc#1012382).\n- iommu/amd: Call free_iova_fast with pfn in map_sg (bsc#1106105).\n- iommu/amd: Fix amd_iommu=force_isolation (bsc#1106105).\n- iommu/amd: Fix IOMMU page flush when detach device from a domain (bsc#1106105).\n- iommu/amd: Unmap all mapped pages in error path of map_sg (bsc#1106105).\n- iommu/arm-smmu: Ensure that page-table updates are visible before TLBI (bsc#1106237).\n- iommu/arm-smmu-v3: Use explicit mb() when moving cons pointer (bnc#1012382).\n- iommu/ipmmu-vmsa: Fix crash on early domain free (bsc#1106105).\n- iommu/vt-d: Fix memory leak in intel_iommu_put_resv_regions() (bsc#1106105).\n- iommu/vt-d: Fix NULL pointer dereference in prq_event_thread() (bsc#1106105).\n- iommu/vt-d: Handle domain agaw being less than iommu agaw (bsc#1106105).\n- iommu/vt-d: Use memunmap to free memremap (bsc#1106105).\n- ip6mr: Fix potential Spectre v1 vulnerability (bnc#1012382).\n- ip: add helpers to process in-order fragments faster (bnc#1012382).\n- ipfrag: really prevent allocation on netns exit (bnc#1012382).\n- ip: frags: fix crash in ip_do_fragment() (bnc#1012382).\n- ipmi: Fix timer race with module unload (bnc#1012382).\n- ipmi:ssif: Fix handling of multi-part return messages (bnc#1012382).\n- ip: on queued skb use skb_header_pointer instead of pskb_may_pull (bnc#1012382).\n- ip: process in-order fragments efficiently (bnc#1012382).\n- ip_tunnel: do not force DF when MTU is locked (bnc#1012382).\n- ip_tunnel: Fix name string concatenate in __ip_tunnel_create() (bnc#1012382).\n- ip: use rb trees for IP frag queue (bnc#1012382).\n- ipv4: Fix potential Spectre v1 vulnerability (bnc#1012382).\n- ipv4: frags: precedence bug in ip_expire() (bnc#1012382).\n- ipv4: ipv6: netfilter: Adjust the frag mem limit when truesize changes (bsc#1110286).\n- ipv6: Check available headroom in ip6_xmit() even without options (bnc#1012382).\n- ipv6: Consider sk_bound_dev_if when binding a socket to an address (bnc#1012382).\n- ipv6: Consider sk_bound_dev_if when binding a socket to a v4 mapped address (bnc#1012382).\n- ipv6: explicitly initialize udp6_addr in udp_sock_create6() (bnc#1012382).\n- ipv6: fix kernel-infoleak in ipv6_local_error() (bnc#1012382).\n- ipv6: Fix PMTU updates for UDP/raw sockets in presence of VRF (bnc#1012382).\n- ipv6: frags: rewrite ip6_expire_frag_queue() (bnc#1012382).\n- ipv6: mcast: fix a use-after-free in inet6_mc_check (bnc#1012382).\n- ipv6/ndisc: Preserve IPv6 control buffer if protocol error handlers are called (bnc#1012382).\n- ipv6: orphan skbs in reassembly unit (bnc#1012382).\n- ipv6: set rt6i_protocol properly in the route when it is installed (bsc#1114190).\n- ipv6: suppress sparse warnings in IP6_ECN_set_ce() (bnc#1012382).\n- ipv6: Take rcu_read_lock in __inet6_bind for mapped addresses (bnc#1012382).\n- irqchip/gic-v3-its: Align PCI Multi-MSI allocation on their size (bnc#1012382).\n- isdn: fix kernel-infoleak in capi_unlocked_ioctl (bnc#1012382).\n- isdn: hisax: hfc_pci: Fix a possible concurrency use-after-free bug in HFCPCI_l1hw() (bnc#1012382).\n- iser: set sector for ambiguous mr status errors (bnc#1012382).\n- iwlwifi: mvm: fix regulatory domain update when the firmware starts (bnc#1012382).\n- iwlwifi: mvm: support sta_statistics() even on older firmware (bnc#1012382).\n- ixgbe: Add function for checking to see if we can reuse page (bsc#1100105).\n- ixgbe: Add support for build_skb (bsc#1100105).\n- ixgbe: Add support for padding packet (bsc#1100105).\n- ixgbe: Break out Rx buffer page management (bsc#1100105).\n- ixgbe: Fix output from ixgbe_dump (bsc#1100105).\n- ixgbe: fix possible race in reset subtask (bsc#1101557).\n- ixgbe: Make use of order 1 pages and 3K buffers independent of FCoE (bsc#1100105).\n- ixgbe: Only DMA sync frame length (bsc#1100105).\n- ixgbe: recognize 1000BaseLX SFP modules as 1Gbps (bnc#1012382).\n- ixgbe: Refactor queue disable logic to take completion time into account (bsc#1101557).\n- ixgbe: Reorder Tx/Rx shutdown to reduce time needed to stop device (bsc#1101557).\n- ixgbe: Update code to better handle incrementing page count (bsc#1100105).\n- ixgbe: Update driver to make use of DMA attributes in Rx path (bsc#1100105).\n- ixgbe: Use length to determine if descriptor is done (bsc#1100105).\n- jbd2: fix use after free in jbd2_log_do_checkpoint() (bnc#1012382).\n- jffs2: Fix use of uninitialized delayed_work, lockdep breakage (bnc#1012382).\n- jffs2: free jffs2_sb_info through jffs2_kill_sb() (bnc#1012382).\n- kabi: hwpoison, memory_hotplug: allow hwpoisoned pages to be offlined (bnc#1116336).\n- kabi: protect get_vaddr_frames (kabi).\n- kabi: protect linux/kfifo.h include in hid-debug (kabi).\n- kabi: protect struct azx (kabi).\n- kabi: protect struct cfs_bandwidth (kabi).\n- kabi: protect struct esp (kabi).\n- kabi: protect struct fuse_io_priv (kabi).\n- kabi: protect struct hda_bus (kabi).\n- kabi: protect __usb_get_extra_descriptor (kabi).\n- kabi: protect xen/xen-ops.h include in xlate_mmu.c (kabi).\n- kabi: reorder new slabinfo fields in struct kmem_cache_node (bnc#1116653).\n- kabi: revert sig change on pnfs_read_resend_pnfs (git-fixes).\n- kaweth: use skb_cow_head() to deal with cloned skbs (bnc#1012382).\n- kbuild: Add better clang cross build support (bnc#1012382).\n- kbuild: Add __cc-option macro (bnc#1012382).\n- kbuild: Add support to generate LLVM assembly files (bnc#1012382).\n- kbuild: allow to use GCC toolchain not in Clang search path (bnc#1012382).\n- kbuild: clang: add -no-integrated-as to KBUILD_[AC]FLAGS (bnc#1012382).\n- kbuild: clang: Disable \u0027address-of-packed-member\u0027 warning (bnc#1012382).\n- kbuild: clang: disable unused variable warnings only when constant (bnc#1012382).\n- kbuild: clang: fix build failures with sparse check (bnc#1012382).\n- kbuild: clang: remove crufty HOSTCFLAGS (bnc#1012382).\n- kbuild: Consolidate header generation from ASM offset information (bnc#1012382).\n- kbuild: consolidate redundant sed script ASM offset generation (bnc#1012382).\n- kbuild: drop -Wno-unknown-warning-option from clang options (bnc#1012382).\n- kbuild: fix asm-offset generation to work with clang (bnc#1012382).\n- kbuild: fix kernel/bounds.c \u0027W=1\u0027 warning (bnc#1012382).\n- kbuild: fix linker feature test macros when cross compiling with Clang (bnc#1012382).\n- kbuild, LLVMLinux: Add -Werror to cc-option to support clang (bnc#1012382).\n- kbuild: move cc-option and cc-disable-warning after incl. arch Makefile (bnc#1012382).\n- kbuild: Set KBUILD_CFLAGS before incl. arch Makefile (bnc#1012382).\n- kbuild: set no-integrated-as before incl. arch Makefile (bnc#1012382).\n- kbuild: suppress packed-not-aligned warning for default setting only (bnc#1012382).\n- kbuild: use -Oz instead of -Os when using clang (bnc#1012382).\n- kconfig: fix file name and line number of warn_ignored_character() (bnc#1012382).\n- kconfig: fix memory leak when EOF is encountered in quotation (bnc#1012382).\n- kdb: use memmove instead of overlapping memcpy (bnc#1012382).\n- kdb: Use strscpy with destination buffer size (bnc#1012382).\n- kernel/exit.c: release ptraced tasks before zap_pid_ns_processes (bnc#1012382).\n- kernel/hung_task.c: break RCU locks based on jiffies (bnc#1012382).\n- kernel-source.spec: Align source numbering.\n- kernfs: Replace strncpy with memcpy (bnc#1012382).\n- keys: put keyring if install_session_keyring_to_cred() fails (bnc#1012382).\n- kgdboc: fix KASAN global-out-of-bounds bug in param_set_kgdboc_var() (bnc#1012382).\n- kgdboc: Fix restrict error (bnc#1012382).\n- kgdboc: Fix warning with module build (bnc#1012382).\n- kgdboc: Passing ekgdboc to command line causes panic (bnc#1012382).\n- kobject: Replace strncpy with memcpy (bnc#1012382).\n- kprobes: Return error if we fail to reuse kprobe instead of BUG_ON() (bnc#1012382).\n- kvm/arm64: Fix caching of host MDCR_EL2 value (bsc#1121242).\n- kvm/arm: Restore banked registers and physical timer access on hyp_panic() (bsc#1121240).\n- kvm/mmu: Fix race in emulated page table writes (bnc#1012382).\n- kvm/nvmx: Always reflect #NM VM-exits to L1 (bsc#1106240).\n- kvm/nvmx: Eliminate vmcs02 pool (bnc#1012382).\n- kvm/nvmx: mark vmcs12 pages dirty on L2 exit (bnc#1012382).\n- kvm/ppc: Move and undef TRACE_INCLUDE_PATH/FILE (bnc#1012382).\n- kvm/svm: Allow direct access to MSR_IA32_SPEC_CTRL (bnc#1012382 bsc#1068032).\n- kvm/svm: Ensure an IBPB on all affected CPUs when freeing a vmcb (bsc#1114648).\n- kvm/vmx: Allow direct access to MSR_IA32_SPEC_CTRL (bnc#1012382 bsc#1068032 bsc#1096242 bsc#1096281).\n- kvm/vmx: Emulate MSR_IA32_ARCH_CAPABILITIES (bnc#1012382).\n- kvm/vmx: Fix x2apic check in vmx_msr_bitmap_mode() (bsc#1124166).\n- kvm/vmx: introduce alloc_loaded_vmcs (bnc#1012382).\n- kvm/vmx: make MSR bitmaps per-VCPU (bnc#1012382).\n- kvm/vmx: Missing part of upstream commit 904e14fb7cb9 (bsc#1124166).\n- kvm/x86: Add IBPB support (bnc#1012382 bsc#1068032 bsc#1068032).\n- kvm/x86: fix empty-body warnings (bnc#1012382).\n- kvm/x86: Fix single-step debugging (bnc#1012382).\n- kvm/x86: Remove indirect MSR op calls from SPEC_CTRL (bnc#1012382).\n- kvm/x86: svm: report MSR_IA32_MCG_EXT_CTL as unsupported (bnc#1012382).\n- kvm/x86: Use jmp to invoke kvm_spurious_fault() from .fixup (bnc#1012382).\n- l2tp: copy 4 more bytes to linear part if necessary (bnc#1012382).\n- l2tp: fix reading optional fields of L2TPv3 (bnc#1012382).\n- l2tp: remove l2specific_len dependency in l2tp_core (bnc#1012382).\n- lan78xx: Check for supported Wake-on-LAN modes (bnc#1012382).\n- leds: call led_pwm_set() in leds-pwm to enforce default LED_OFF (bnc#1012382).\n- leds: leds-gpio: Fix return value check in create_gpio_led() (bnc#1012382).\n- leds: turn off the LED and wait for completion on unregistering LED class device (bnc#1012382).\n- libata: whitelist all SAMSUNG MZ7KM* solid-state disks (bnc#1012382).\n- libceph: avoid KEEPALIVE_PENDING races in ceph_con_keepalive() (bsc#1125810).\n- libceph: bump CEPH_MSG_MAX_DATA_LEN (bsc#1114839).\n- libceph: fall back to sendmsg for slab pages (bsc#1118316).\n- libfc: sync strings with upstream versions (bsc#1114763).\n- lib/interval_tree_test.c: allow full tree search (bnc#1012382).\n- lib/interval_tree_test.c: allow users to limit scope of endpoint (bnc#1012382).\n- lib/interval_tree_test.c: make test options module parameters (bnc#1012382).\n- libnvdimm, {btt, blk}: do integrity setup before add_disk() (bsc#1118926).\n- libnvdimm, dimm: fix dpa reservation vs uninitialized label area (bsc#1118936).\n- libnvdimm: fix ars_status output length calculation (bsc#1124777).\n- libnvdimm: fix integer overflow static analysis warning (bsc#1118922).\n- libnvdimm: fix nvdimm_bus_lock() vs device_lock() ordering (bsc#1118915).\n- libnvdimm: Hold reference on parent while scheduling async init (bnc#1012382).\n- libnvdimm, pfn: Pad pfn namespaces relative to other regions (bsc#1124811).\n- libnvdimm: Use max contiguous area for namespace size (bsc#1124780).\n- lib/raid6: Fix arm64 test build (bnc#1012382).\n- lib/rbtree_test.c: make input module parameters (bnc#1012382).\n- lib/rbtree-test: lower default params (bnc#1012382).\n- llc: do not use sk_eat_skb() (bnc#1012382).\n- lockd: fix access beyond unterminated strings in prints (bnc#1012382).\n- locking/lockdep: Fix debug_locks off performance problem (bnc#1012382).\n- locking/rwsem: Fix (possible) missed wakeup (bsc#1050549).\n- loop: Fix double mutex_unlock(\u0026loop_ctl_mutex) in loop_control_ioctl() (bnc#1012382).\n- loop: Fold __loop_release into loop_release (bnc#1012382).\n- loop: Get rid of loop_index_mutex (bnc#1012382).\n- lsm: Check for NULL cred-security on free (bnc#1012382).\n- mac80211: Always report TX status (bnc#1012382).\n- mac80211: Clear beacon_int in ieee80211_do_stop (bnc#1012382).\n- mac80211: ensure that mgmt tx skbs have tailroom for encryption (bnc#1012382).\n- mac80211: fix radiotap vendor presence bitmap handling (bnc#1012382).\n- mac80211: fix reordering of buffered broadcast packets (bnc#1012382).\n- mac80211_hwsim: do not omit multicast announce of first added radio (bnc#1012382).\n- mac80211_hwsim: fix module init error paths for netlink (bnc#1012382).\n- mac80211_hwsim: Timer should be initialized before device registered (bnc#1012382).\n- mac80211: ignore NullFunc frames in the duplicate detection (bnc#1012382).\n- mac80211: ignore tx status for PS stations in ieee80211_tx_status_ext (bnc#1012382).\n- mach64: fix display corruption on big endian machines (bnc#1012382).\n- mach64: fix image corruption due to reading accelerator registers (bnc#1012382).\n- matroxfb: fix size of memcpy (bnc#1012382).\n- md: batch flush requests (bsc#1119680).\n- md: do not check MD_SB_CHANGE_CLEAN in md_allow_write (Git-fixes).\n- md: fix invalid stored role for a disk (bnc#1012382).\n- md: fix invalid stored role for a disk - try2 (bnc#1012382).\n- md: reorder flag_bits to match upstream commits\n- media: DaVinci-VPBE: fix error handling in vpbe_initialize() (bnc#1012382).\n- media: dvb-frontends: fix i2c access helpers for KASAN (bnc#1012382).\n- media: em28xx: fix input name for Terratec AV 350 (bnc#1012382).\n- media: em28xx: Fix misplaced reset of dev-\u003ev4l::field_count (bnc#1012382).\n- media: em28xx: Fix use-after-free when disconnecting (bnc#1012382).\n- media: em28xx: make v4l2-compliance happier by starting sequence on zero (bnc#1012382).\n- media: em28xx: use a default format if TRY_FMT fails (bnc#1012382).\n- media: firewire: Fix app_info parameter type in avc_ca{,_app}_info (bnc#1012382).\n- media: pci: cx23885: handle adding to list failure (bnc#1012382).\n- media: tvp5150: fix width alignment during set_selection() (bnc#1012382).\n- media: v4l: event: Add subscription to list before calling \u0027add\u0027 operation (bnc#1012382).\n- media: vb2: be sure to unlock mutex on errors (bnc#1012382).\n- media: vb2: vb2_mmap: move lock up (bnc#1012382).\n- media: vivid: fix error handling of kthread_run (bnc#1012382).\n- media: vivid: free bitmap_cap when updating std/timings/etc (bnc#1012382).\n- media: vivid: set min width/height to a value \u003e 0 (bnc#1012382).\n- memstick: Prevent memstick host from getting runtime suspended during card detection (bnc#1012382).\n- mfd: tps6586x: Handle interrupts on suspend (bnc#1012382).\n- mips: bpf: fix encoding bug for mm_srlv32_op (bnc#1012382).\n- mips: cm: reprime error cause (bnc#1012382).\n- mips: fix n32 compat_ipc_parse_version (bnc#1012382).\n- mips: OCTEON: do not set octeon_dma_bar_type if PCI is disabled (bnc#1012382).\n- mips: SiByte: Enable swiotlb for SWARM, LittleSur and BigSur (bnc#1012382).\n- mips: VDSO: Include $(ccflags-vdso) in o32,n32 .lds builds (bnc#1012382).\n- misc: atmel-ssc: Fix section annotation on atmel_ssc_get_driver_data (bnc#1012382).\n- misc: mic/scif: fix copy-paste error in scif_create_remote_lookup (bnc#1012382).\n- misc: vexpress: Off by one in vexpress_syscfg_exec() (bnc#1012382).\n- mmc: atmel-mci: do not assume idle after atmci_request_end (bnc#1012382).\n- mmc: bcm2835: Fix DMA channel leak on probe error (bsc#1120902).\n- mmc: core: Reset HPI enabled state during re-init and in case of errors (bnc#1012382).\n- mm: cleancache: fix corruption on missed inode invalidation (bnc#1012382).\n- mmc: OMAP: fix broken MMC on OMAP15XX/OMAP5910/OMAP310 (bnc#1012382).\n- mmc: omap_hsmmc: fix DMA API warning (bnc#1012382).\n- mmc: sdhci-iproc: handle mmc_of_parse() errors during probe (bnc#1012382).\n- mmc: sdhci-pci-o2micro: Add quirk for O2 Micro dev 0x8620 rev 0x01 (bnc#1012382).\n- mm, devm_memremap_pages: kill mapping \u0027System RAM\u0027 support (bnc#1012382).\n- mm: do not bug_on on incorrect length in __mm_populate() (bnc#1012382).\n- mm: do not miss the last page because of round-off error (bnc#1118798).\n- mm, elf: handle vm_brk error (bnc#1012382).\n- mm, hugetlb: fix huge_pte_alloc BUG_ON (bsc#1119204).\n- mm: hwpoison: call shake_page() after try_to_unmap() for mlocked page (bnc#1116336).\n- mm: lower the printk loglevel for __dump_page messages (generic hotplug debugability).\n- mm, memory_hotplug: be more verbose for memory offline failures (generic hotplug debugability).\n- mm, memory_hotplug: drop pointless block alignment checks from __offline_pages (generic hotplug debugability).\n- mm, memory_hotplug: print reason for the offlining failure (generic hotplug debugability).\n- mm: migrate: do not rely on __PageMovable() of newpage after unlocking it (bnc#1012382).\n- mm: migration: fix migration of huge PMD shared pages (bnc#1012382).\n- mm: mlock: avoid increase mm-\u003elocked_vm on mlock() when already mlock2(,MLOCK_ONFAULT) (bnc#1012382).\n- mm/nommu.c: Switch __get_user_pages_unlocked() to use __get_user_pages() (bnc#1012382).\n- mm: only report isolation failures when offlining memory (generic hotplug debugability).\n- mm, oom: fix use-after-free in oom_kill_process (bnc#1012382).\n- mm, page_alloc: drop should_suppress_show_mem (bnc#1125892, bnc#1106061).\n- mm/page-writeback.c: do not break integrity writeback on -\u003ewritepage() error (bnc#1012382).\n- mm: Preserve _PAGE_DEVMAP across mprotect() calls (bsc#1118790).\n- mm: print more information about mapping in __dump_page (generic hotplug debugability).\n- mm, proc: be more verbose about unstable VMA flags in /proc/\u0026lt;pid\u003e/smaps (bnc#1012382).\n- mm: put_and_wait_on_page_locked() while page is migrated (bnc#1109272).\n- mm: refuse wrapped vm_brk requests (bnc#1012382).\n- mm: remove write/force parameters from __get_user_pages_locked() (bnc#1012382 bsc#1027260).\n- mm: remove write/force parameters from __get_user_pages_unlocked() (bnc#1012382 bsc#1027260).\n- mm: replace __access_remote_vm() write parameter with gup_flags (bnc#1012382).\n- mm: replace access_remote_vm() write parameter with gup_flags (bnc#1012382).\n- mm: replace get_user_pages_locked() write/force parameters with gup_flags (bnc#1012382 bsc#1027260).\n- mm: replace get_user_pages_unlocked() write/force parameters with gup_flags (bnc#1012382 bsc#1027260).\n- mm: replace get_user_pages() write/force parameters with gup_flags (bnc#1012382 bsc#1027260).\n- mm: replace get_vaddr_frames() write/force parameters with gup_flags (bnc#1012382).\n- mm, slab: faster active and free stats (bsc#1116653, VM Performance).\n- mm/slab: improve performance of gathering slabinfo stats (bsc#1116653, VM Performance).\n- mm, slab: maintain total slab count instead of active count (bsc#1116653, VM Performance).\n- mm: thp: relax __GFP_THISNODE for MADV_HUGEPAGE mappings (bnc#1012382).\n- modpost: validate symbol names also in find_elf_symbol (bnc#1012382).\n- modules: mark __inittest/__exittest as __maybe_unused (bnc#1012382).\n- mount: Do not allow copying MNT_UNBINDABLE|MNT_LOCKED mounts (bnc#1012382).\n- mount: Prevent MNT_DETACH from disconnecting locked mounts (bnc#1012382).\n- mount: Retest MNT_LOCKED in do_umount (bnc#1012382).\n- Move patches to sorted range, p1\n- Move /proc/sys/vm/procfs-drop-fd-dentries to /proc/sys/fs/procfs-drop-fd-dentries (bsc#1086652) This was incorrectly put in /proc/sys/vm.\n- msi: Disable MSI also when pcie-octeon.pcie_disable on (bnc#1012382).\n- mtd: docg3: do not set conflicting BCH_CONST_PARAMS option (bnc#1012382).\n- mtd: rawnand: gpmi: fix MX28 bus master lockup problem (bnc#1012382).\n- mtd: spi-nor: Add support for is25wp series chips (bnc#1012382).\n- mv88e6060: disable hardware level MAC learning (bnc#1012382).\n- mwifiex: Fix NULL pointer dereference in skb_dequeue() (bnc#1012382).\n- mwifiex: fix p2p device does not find in scan problem (bnc#1012382).\n- namei: allow restricted O_CREAT of FIFOs and regular files (bnc#1012382).\n- neighbour: Avoid writing before skb-\u003ehead in neigh_hh_output() (bnc#1012382).\n- net: 8139cp: fix a BUG triggered by changing mtu with network traffic (bnc#1012382).\n- net/af_iucv: drop inbound packets with invalid flags (bnc#1114475, LTC#172679).\n- net/af_iucv: fix skb handling on HiperTransport xmit error (bnc#1114475, LTC#172679).\n- net: amd: add missing of_node_put() (bnc#1012382).\n- net: bcmgenet: fix OF child-node lookup (bnc#1012382).\n- net: bridge: fix a bug on using a neighbour cache entry without checking its state (bnc#1012382).\n- net: bridge: Fix ethernet header pointer before check skb forwardable (bnc#1012382).\n- net: bridge: remove ipv6 zero address check in mcast queries (bnc#1012382).\n- net: call sk_dst_reset when set SO_DONTROUTE (bnc#1012382).\n- net: cxgb3_main: fix a missing-check bug (bnc#1012382).\n- net: dp83640: expire old TX-skb (bnc#1012382).\n- net: drop skb on failure in ip_check_defrag() (bnc#1012382).\n- net: drop write-only stack variable (bnc#1012382).\n- net: dsa: slave: Do not propagate flag changes on down slave interfaces (bnc#1012382).\n- net: ena: add functions for handling Low Latency Queues in ena_com (bsc#1117562).\n- net: ena: add functions for handling Low Latency Queues in ena_netdev (bsc#1117562).\n- net: ena: change rx copybreak default to reduce kernel memory pressure (bsc#1117562).\n- net: ena: complete host info to match latest ENA spec (bsc#1117562).\n- net: ena: enable Low Latency Queues (bsc#1117562).\n- net: ena: explicit casting and initialization, and clearer error handling (bsc#1117562).\n- net: ena: fix auto casting to boolean (bsc#1117562).\n- net: ena: fix compilation error in xtensa architecture (bsc#1117562).\n- net: ena: fix crash during ena_remove() (bsc#1108240).\n- net: ena: fix crash during failed resume from hibernation (bsc#1117562).\n- net: ena: fix indentations in ena_defs for better readability (bsc#1117562).\n- net: ena: Fix Kconfig dependency on X86 (bsc#1117562).\n- net: ena: fix NULL dereference due to untimely napi initialization (bsc#1117562).\n- net: ena: fix rare bug when failed restart/resume is followed by driver removal (bsc#1117562).\n- net: ena: fix warning in rmmod caused by double iounmap (bsc#1117562).\n- net: ena: introduce Low Latency Queues data structures according to ENA spec (bsc#1117562).\n- net: ena: limit refill Rx threshold to 256 to avoid latency issues (bsc#1117562).\n- net: ena: minor performance improvement (bsc#1117562).\n- net: ena: remove ndo_poll_controller (bsc#1117562).\n- net: ena: remove redundant parameter in ena_com_admin_init() (bsc#1117562).\n- net: ena: update driver version from 2.0.1 to 2.0.2 (bsc#1108240).\n- net: ena: update driver version to 2.0.1 (bsc#1117562).\n- net: ena: use CSUM_CHECKED device indication to report skb\u0027s checksum status (bsc#1117562).\n- net: faraday: ftmac100: remove netif_running(netdev) check before disabling interrupts (bnc#1012382).\n- netfilter: ipset: actually allow allowable CIDR 0 in hash:net,port,net (bnc#1012382).\n- netfilter: ipset: Correct rcu_dereference() call in ip_set_put_comment() (bnc#1012382).\n- netfilter: nf_tables: fix oops when inserting an element into a verdict map (bnc#1012382).\n- netfilter: xt_IDLETIMER: add sysfs filename checking routine (bnc#1012382).\n- net: fix pskb_trim_rcsum_slow() with odd trim offset (bnc#1012382).\n- net: Fix usage of pskb_trim_rcsum (bnc#1012382).\n- net-gro: reset skb-\u003epkt_type in napi_reuse_skb() (bnc#1012382).\n- net: hisilicon: remove unexpected free_netdev (bnc#1012382).\n- net: ibm: fix return type of ndo_start_xmit function ().\n- net/ibmnvic: Fix deadlock problem in reset ().\n- net/ibmvnic: Fix RTNL deadlock during device reset (bnc#1115431).\n- net: ieee802154: 6lowpan: fix frag reassembly (bnc#1012382).\n- net/ipv4: defensive cipso option parsing (bnc#1012382).\n- net: ipv4: do not handle duplicate fragments as overlapping (bnc#1012382 bsc#1116345).\n- net: ipv4: do not handle duplicate fragments as overlapping (bsc#1116345).\n- net: ipv4: Fix memory leak in network namespace dismantle (bnc#1012382).\n- net/ipv6: Fix index counter for unicast addresses in in6_dump_addrs (bnc#1012382).\n- net/mlx4_core: Add masking for a few queries on HCA caps (bnc#1012382).\n- net/mlx4_core: Correctly set PFC param if global pause is turned off (bsc#1015336 bsc#1015337 bsc#1015340).\n- net/mlx4_core: Fix uninitialized variable compilation warning (bnc#1012382).\n- net/mlx4_core: Zero out lkey field in SW2HW_MPT fw command (bnc#1012382).\n- net/mlx4: Fix UBSAN warning of signed integer overflow (bnc#1012382).\n- net: modify skb_rbtree_purge to return the truesize of all purged skbs (bnc#1012382).\n- net: phy: do not allow __set_phy_supported to add unsupported modes (bnc#1012382).\n- net: Prevent invalid access to skb-\u003eprev in __qdisc_drop_all (bnc#1012382).\n- net: pskb_trim_rcsum() and CHECKSUM_COMPLETE are friends (bnc#1012382).\n- net: qla3xxx: Remove overflowing shift statement (bnc#1012382).\n- netrom: fix locking in nr_find_socket() (bnc#1012382).\n- netrom: switch to sock timer API (bnc#1012382).\n- net/rose: fix NULL ax25_cb kernel panic (bnc#1012382).\n- net: sched: gred: pass the right attribute to gred_change_table_def() (bnc#1012382).\n- net_sched: refetch skb protocol for each filter (bnc#1012382).\n- net: socket: fix a missing-check bug (bnc#1012382).\n- net: speed up skb_rbtree_purge() (bnc#1012382).\n- net: stmmac: Fix stmmac_mdio_reset() when building stmmac as modules (bnc#1012382).\n- net: systemport: Fix WoL with password after deep sleep (bnc#1012382).\n- net: thunderx: fix NULL pointer dereference in nic_remove (bnc#1012382).\n- new helper: uaccess_kernel() (bnc#1012382).\n- nfc: nfcmrvl_uart: fix OF child-node lookup (bnc#1012382).\n- nfc: nxp-nci: Include unaligned.h instead of access_ok.h (bnc#1012382).\n- nfit: fix unchecked dereference in acpi_nfit_ctl (bsc#1125014).\n- nfit: skip region registration for incomplete control regions (bsc#1118930).\n- nfsd4: fix crash on writing v4_end_grace before nfsd startup (bnc#1012382).\n- nfsd: Fix an Oops in free_session() (bnc#1012382).\n- nfs: Ensure we commit after writeback is complete (bsc#1111809).\n- nfs: nfs_compare_mount_options always compare auth flavors (bnc#1012382).\n- nfsv4.1: Fix the r/wsize checking (bnc#1012382).\n- nfsv4: Do not exit the state manager without clearing NFS4CLNT_MANAGER_RUNNING (git-fixes).\n- niu: fix missing checks of niu_pci_eeprom_read (bnc#1012382).\n- nvme: validate controller state before rescheduling keep alive (bsc#1103257).\n- ocfs2: do not clear bh uptodate for block read (bnc#1012382).\n- ocfs2: fix a misuse a of brelse after failing ocfs2_check_dir_entry (bnc#1012382).\n- ocfs2: fix deadlock caused by ocfs2_defrag_extent() (bnc#1012382).\n- ocfs2: fix panic due to unrecovered local alloc (bnc#1012382).\n- ocfs2: fix potential use after free (bnc#1012382).\n- of: add helper to lookup compatible child node (bnc#1012382).\n- omap2fb: Fix stack memory disclosure (bsc#1106929)\n- openvswitch: Avoid OOB read when parsing flow nlattrs (bnc#1012382).\n- packet: Do not leak dev refcounts on error exit (bnc#1012382).\n- packet: validate address length (bnc#1012382).\n- packet: validate address length if non-zero (bnc#1012382).\n- parisc: Fix address in HPMC IVA (bnc#1012382).\n- parisc: Fix map_pages() to not overwrite existing pte entries (bnc#1012382).\n- pci: Add Device IDs for Intel GPU \u0027spurious interrupt\u0027 quirk (bnc#1012382).\n- pci: altera: Check link status before retrain link (bnc#1012382).\n- pci: altera: Fix altera_pcie_link_is_up() (bnc#1012382).\n- pci: altera: Move retrain from fixup to altera_pcie_host_init() (bnc#1012382).\n- pci: altera: Poll for link training status after retraining the link (bnc#1012382).\n- pci: altera: Poll for link up status after retraining the link (bnc#1012382).\n- pci: altera: Reorder read/write functions (bnc#1012382).\n- pci: altera: Rework config accessors for use without a struct pci_bus (bnc#1012382).\n- pci/ASPM: Do not initialize link state when aspm_disabled is set (bsc#1109806).\n- pci/ASPM: Fix link_state teardown on device removal (bsc#1109806).\n- pci: vmd: Detach resources after stopping root bus (bsc#1106105).\n- pcmcia: Implement CLKRUN protocol disabling for Ricoh bridges (bnc#1012382).\n- perf/bpf: Convert perf_event_array to use struct file (bsc#1119967).\n- perf/core: Do not leak event in the syscall error path (bnc#1012382).\n- perf/core: Do not WARN() for impossible ring-buffer sizes (bnc#1012382).\n- perf/core: Fix impossible ring-buffer sizes warning (bnc#1012382).\n- perf intel-pt: Fix error with config term \u0027pt=0\u0027 (bnc#1012382).\n- perf parse-events: Fix unchecked usage of strncpy() (bnc#1012382).\n- perf pmu: Suppress potential format-truncation warning (bnc#1012382).\n- perf/ring_buffer: Prevent concurent ring buffer access (bnc#1012382).\n- perf svghelper: Fix unchecked usage of strncpy() (bnc#1012382).\n- perf tests evsel-tp-sched: Fix bitwise operator (bnc#1012382).\n- perf tools: Add Hygon Dhyana support (bnc#1012382).\n- perf tools: Cleanup trace-event-info \u0027tdata\u0027 leak (bnc#1012382).\n- perf tools: Disable parallelism for \u0027make clean\u0027 (bnc#1012382).\n- perf tools: Free temporary \u0027sys\u0027 string in read_event_files() (bnc#1012382).\n- perf unwind: Take pgoff into account when reporting elf to libdwfl (bnc#1012382).\n- perf unwind: Unwind with libdw does not take symfs into account (bnc#1012382).\n- perf/x86/intel/uncore: Add Node ID mask (bnc#1012382).\n- pinctrl: msm: fix gpio-hog related boot issues (bnc#1012382).\n- pinctrl: qcom: spmi-mpp: Fix drive strength setting (bnc#1012382).\n- pinctrl: qcom: spmi-mpp: Fix err handling of pmic_mpp_set_mux (bnc#1012382).\n- pinctrl: spmi-mpp: Fix pmic_mpp_config_get() to be compliant (bnc#1012382).\n- pinctrl: ssbi-gpio: Fix pm8xxx_pin_config_get() to be compliant (bnc#1012382).\n- pinctrl: sunxi: a83t: Fix IRQ offset typo for PH11 (bnc#1012382).\n- platform/x86: acerhdf: Add BIOS entry for Gateway LT31 v1.3307 (bnc#1012382).\n- platform/x86: asus-nb-wmi: Drop mapping of 0x33 and 0x34 scan codes (bnc#1012382).\n- platform/x86: asus-nb-wmi: Map 0x35 to KEY_SCREENLOCK (bnc#1012382).\n- platform/x86: asus-wmi: Tell the EC the OS will handle the display off hotkey (bnc#1012382).\n- platform/x86: thinkpad_acpi: Proper model/release matching (bsc#1099810).\n- pm / devfreq: tegra: fix error return code in tegra_devfreq_probe() (bnc#1012382).\n- pNFS: Fix a deadlock between read resends and layoutreturn (git-fixes).\n- pNFS/flexfiles: Fix up the ff_layout_write_pagelist failure path (git-fixes).\n- pNFS/flexfiles: When checking for available DSes, conditionally check for MDS io (git-fixes).\n- pnfs: set NFS_IOHDR_REDO in pnfs_read_resend_pnfs (git-fixes).\n- powerpc/64s: consolidate MCE counter increment (bsc#1094244).\n- powerpc/boot: Ensure _zimage_start is a weak symbol (bnc#1012382).\n- powerpc/boot: Fix random libfdt related build errors (bnc#1012382).\n- powerpc/boot: Request no dynamic linker for boot wrapper (bsc#1070805).\n- powerpc/cacheinfo: Report the correct shared_cpu_map on big-cores (bsc#1109695).\n- powerpc: Detect the presence of big-cores via \u0027ibm, thread-groups\u0027 (bsc#1109695).\n- powerpc: Fix COFF zImage booting on old powermacs (bnc#1012382).\n- powerpc: handle RFI (exrfi and fallback area) and STF (exrfi).\n- powerpc, hotplug: Avoid to touch non-existent cpumasks (bsc#1109695).\n- powerpc: make use of for_each_node_by_type() instead of open-coding it (bsc#1109695).\n- powerpc/mm/radix: Use mm-\u003etask_size for boundary checking instead of addr_limit (bsc#1027457).\n- powerpc/msi: Fix compile error on mpc83xx (bnc#1012382).\n- powerpc/msi: Fix NULL pointer access in teardown code (bnc#1012382).\n- powerpc/nohash: fix undefined behaviour when testing page size support (bnc#1012382).\n- powerpc/numa: Suppress \u0027VPHN is not supported\u0027 messages (bnc#1012382).\n- powerpc/powernv: Do not select the cpufreq governors (bsc#1066223).\n- powerpc/powernv: Fix opal_event_shutdown() called with interrupts disabled (bsc#1066223).\n- powerpc/powernv/pci: Work around races in PCI bridge enabling (bsc#1066223).\n- powerpc/pseries: add of_node_put() in dlpar_detach_node() (bnc#1012382).\n- powerpc/pseries/cpuidle: Fix preempt warning (bnc#1012382).\n- powerpc/pseries: Fix DTL buffer registration (bsc#1066223).\n- powerpc/pseries: Fix how we iterate over the DTL entries (bsc#1066223).\n- powerpc/pseries/mobility: Extend start/stop topology update scope (bsc#1116950, bsc#1115709).\n- powerpc/setup: Add cpu_to_phys_id array (bsc#1109695).\n- powerpc/smp: Add cpu_l2_cache_map (bsc#1109695).\n- powerpc/smp: Add Power9 scheduler topology (bsc#1109695).\n- powerpc/smp: Rework CPU topology construction (bsc#1109695).\n- powerpc/smp: Use cpu_to_chip_id() to find core siblings (bsc#1109695).\n- powerpc/traps: restore recoverability of machine_check interrupts (bsc#1094244).\n- powerpc/uaccess: fix warning/error with access_ok() (bnc#1012382).\n- powerpc: Use cpu_smallcore_sibling_mask at SMT level on bigcores (bsc#1109695).\n- powerpc/xmon: Fix invocation inside lock region (bsc#1122885).\n- power: supply: olpc_battery: correct the temperature units (bnc#1012382).\n- printk: Fix panic caused by passing log_buf_len to command line (bnc#1012382).\n- proc: Remove empty line in /proc/self/status (bnc#1012382 bsc#1094823).\n- Provide a temporary fix for STIBP on-by-default See bsc#1116497 for details.\n- pstore: Convert console write to use -\u003ewrite_buf (bnc#1012382).\n- pstore/ram: Do not treat empty buffers as valid (bnc#1012382).\n- ptp: check gettime64 return code in PTP_SYS_OFFSET ioctl (bnc#1012382).\n- ptp: fix Spectre v1 vulnerability (bnc#1012382).\n- pxa168fb: prepare the clock (bnc#1012382).\n- qed: Fix bitmap_weight() check (bsc#1019695).\n- qed: Fix PTT leak in qed_drain() (bnc#1012382).\n- qed: Fix QM getters to always return a valid pq (bsc#1019695 ).\n- qed: Fix reading wrong value in loop condition (bnc#1012382).\n- r8152: Check for supported Wake-on-LAN Modes (bnc#1012382).\n- r8169: Add support for new Realtek Ethernet (bnc#1012382).\n- r8169: fix NAPI handling under high load (bnc#1012382).\n- rapidio/rionet: do not free skb before reading its length (bnc#1012382).\n- rbd: do not return 0 on unmap if RBD_DEV_FLAG_REMOVING is set (bsc#1125808).\n- rcu: Force boolean subscript for expedited stall warnings (bnc#1012382).\n- RDMA/bnxt_re: Fix a couple off by one bugs (bsc#1020413, ).\n- RDMA/bnxt_re: Synchronize destroy_qp with poll_cq (bsc#1125446).\n- RDMA/ucma: Fix Spectre v1 vulnerability (bnc#1012382).\n- Refresh patches.kabi/x86-cpufeature-preserve-numbers.patch. (bsc#1122651)\n- reiserfs: propagate errors from fill_with_dentries() properly (bnc#1012382).\n- Revert \u0027Bluetooth: h5: Fix missing dependency on BT_HCIUART_SERDEV\u0027 (bnc#1012382).\n- Revert \u0027ceph: fix dentry leak in splice_dentry()\u0027 (bsc#1114839).\n- Revert \u0027cifs: In Kconfig CONFIG_CIFS_POSIX needs depends on legacy (insecure cifs)\u0027 (bnc#1012382).\n- Revert \u0027drm/rockchip: Allow driver to be shutdown on reboot/kexec\u0027 (bsc#1106929)\n- Revert \u0027exec: load_script: do not blindly truncate shebang string\u0027 (bnc#1012382).\n- Revert \u0027Input: elan_i2c - add ACPI ID for touchpad in ASUS Aspire F5-573G\u0027 (bnc#1012382).\n- Revert \u0027iommu/io-pgtable-arm: Check for v7s-incapable systems\u0027 (bsc#1106105).\n- Revert \u0027loop: Fix double mutex_unlock(\u0026loop_ctl_mutex) in loop_control_ioctl()\u0027 (bnc#1012382).\n- Revert \u0027loop: Fold __loop_release into loop_release\u0027 (bnc#1012382).\n- Revert \u0027loop: Get rid of loop_index_mutex\u0027 (bnc#1012382).\n- Revert \u0027media: videobuf2-core: do not call memop \u0027finish\u0027 when queueing\u0027 (bnc#1012382).\n- Revert \u0027mmc: bcm2835: Fix DMA channel leak on probe error (bsc#1120902).\u0027 The backport patch does not built properly.\n- Revert \u0027PCI/ASPM: Do not initialize link state when aspm_disabled is set\u0027 (bsc#1106105).\n- Revert \u0027usb: musb: musb_host: Enable HCD_BH flag to handle urb return in bottom half\u0027 (bsc#1047487).\n- Revert \u0027wlcore: Add missing PM call for wlcore_cmd_wait_for_event_or_timeout()\u0027 (bnc#1012382).\n- rhashtable: Add rhashtable_lookup() (bnc#1012382).\n- rhashtable: add rhashtable_lookup_get_insert_key() (bnc#1012382 bsc#1042286).\n- rhashtable: add schedule points (bnc#1012382).\n- rhashtable: reorganize struct rhashtable layout (bnc#1012382).\n- rocker: fix rocker_tlv_put_* functions for KASAN (bnc#1012382).\n- rpcrdma: Add RPCRDMA_HDRLEN_ERR (git-fixes).\n- rps: flow_dissector: Fix uninitialized flow_keys used in __skb_get_hash possibly (bsc#1042286 bsc#1108145).\n- rtc: hctosys: Add missing range error reporting (bnc#1012382).\n- rtc: snvs: add a missing write sync (bnc#1012382).\n- rtc: snvs: Add timeouts to avoid kernel lockups (bnc#1012382).\n- rtnetlink: Disallow FDB configuration for non-Ethernet device (bnc#1012382).\n- rtnetlink: ndo_dflt_fdb_dump() only work for ARPHRD_ETHER devices (bnc#1012382).\n- s390/cpum_cf: Reject request for sampling in event initialization (bnc#1012382).\n- s390/early: improve machine detection (bnc#1012382).\n- s390/mm: Check for valid vma before zapping in gmap_discard (bnc#1012382).\n- s390/mm: Fix ERROR: \u0027__node_distance\u0027 undefined! (bnc#1012382).\n- s390: qeth_core_mpc: Use ARRAY_SIZE instead of reimplementing its function (bnc#1114475, LTC#172682).\n- s390/qeth: fix HiperSockets sniffer (bnc#1114475, LTC#172953).\n- s390/qeth: fix length check in SNMP processing (bnc#1012382).\n- s390: qeth: Fix potential array overrun in cmd/rc lookup (bnc#1114475, LTC#172682).\n- s390/smp: Fix calling smp_call_ipl_cpu() from ipl CPU (bnc#1012382).\n- s390/smp: fix CPU hotplug deadlock with CPU rescan (bnc#1012382).\n- s390/vdso: add missing FORCE to build targets (bnc#1012382).\n- sata_rcar: fix deferred probing (bnc#1012382).\n- sbus: char: add of_node_put() (bnc#1012382).\n- sc16is7xx: Fix for multi-channel stall (bnc#1012382).\n- sched/cgroup: Fix cgroup entity load tracking tear-down (bnc#1012382).\n- sched/fair: Fix throttle_list starvation with low CFS quota (bnc#1012382).\n- sched/wake_q: Document wake_q_add() (bsc#1050549).\n- sched/wake_q: Fix wakeup ordering for wake_q (bsc#1050549).\n- sched/wake_q: Reduce reference counting for special users (bsc#1050549).\n- sch_red: update backlog as well (bnc#1012382).\n- scripts/decode_stacktrace: only strip base path when a prefix of the path (bnc#1012382).\n- scripts/git_sort/git_sort.py: Add mkp/scsi 5.0/scsi-fixes\n- scsi: aacraid: Fix typo in blink status (bnc#1012382).\n- scsi: bfa: convert to strlcpy/strlcat (bnc#1012382 bsc#1019683, ).\n- scsi: bnx2fc: Fix NULL dereference in error handling (bnc#1012382).\n- scsi: core: Allow state transitions from OFFLINE to BLOCKED (bsc#1112246).\n- scsi: Create two versions of scsi_internal_device_unblock() (bsc#1119877).\n- scsi: csiostor: Avoid content leaks and casts (bnc#1012382).\n- scsi: esp_scsi: Track residual for PIO transfers (bnc#1012382).\n- scsi: Introduce scsi_start_queue() (bsc#1119877).\n- scsi: libfc: check fc_frame_payload_get() return value for null (bsc#1103624, bsc#1104731).\n- scsi: libfc: retry PRLI if we cannot analyse the payload (bsc#1104731).\n- scsi: libiscsi: Fix NULL pointer dereference in iscsi_eh_session_reset (bnc#1012382).\n- scsi: lpfc: Add Buffer overflow check, when nvme_info larger than PAGE_SIZE (bsc#1102660).\n- scsi: lpfc: Correct LCB RJT handling (bnc#1012382).\n- scsi: lpfc: Correct MDS diag and nvmet configuration (bsc#1125796).\n- scsi: lpfc: Correct soft lockup when running mds diagnostics (bnc#1012382).\n- scsi: lpfc: devloss timeout race condition caused null pointer reference (bsc#1102660).\n- scsi: lpfc: Fix abort error path for NVMET (bsc#1102660).\n- scsi: lpfc: fix block guard enablement on SLI3 adapters (bsc#1079935).\n- scsi: lpfc: Fix driver crash when re-registering NVME rports (bsc#1102660).\n- scsi: lpfc: Fix ELS abort on SLI-3 adapters (bsc#1102660).\n- scsi: lpfc: Fix list corruption on the completion queue (bsc#1102660).\n- scsi: lpfc: Fix NVME Target crash in defer rcv logic (bsc#1102660).\n- scsi: lpfc: Fix panic if driver unloaded when port is offline (bsc#1102660).\n- scsi: lpfc: update driver version to 11.4.0.7-5 (bsc#1102660).\n- scsi: Make __scsi_remove_device go straight from BLOCKED to DEL (bsc#1119877).\n- scsi: megaraid: fix out-of-bound array accesses (bnc#1012382).\n- scsi: megaraid_sas: fix a missing-check bug (bnc#1012382).\n- scsi: mpt3sas: Add an I/O barrier (bsc#1117108).\n- scsi: mpt3sas: Added support for nvme encapsulated request message (bsc#1117108).\n- scsi: mpt3sas: Added support for SAS Device Discovery Error Event (bsc#1117108).\n- scsi: mpt3sas: Adding support for SAS3616 HBA device (bsc#1117108).\n- scsi: mpt3sas: Add ioc_\u003clevel\u003e logging macros (bsc#1117108).\n- scsi: mpt3sas: Add nvme device support in slave alloc, target alloc and probe (bsc#1117108).\n- scsi: mpt3sas: Add PCI device ID for Andromeda (bsc#1117108).\n- scsi: mpt3sas: Add-Task-management-debug-info-for-NVMe-drives (bsc#1117108).\n- scsi: mpt3sas: Allow processing of events during driver unload (bsc#1117108).\n- scsi: mpt3sas: always use first reserved smid for ioctl passthrough (bsc#1117108).\n- scsi: mpt3sas: Annotate switch/case fall-through (bsc#1117108).\n- scsi: mpt3sas: API\u0027s to remove nvme drive from sml (bsc#1117108).\n- scsi: mpt3sas: API \u0027s to support NVMe drive addition to SML (bsc#1117108).\n- scsi: mpt3sas: As per MPI-spec, use combined reply queue for SAS3.5 controllers when HBA supports more than 16 MSI-x vectors (bsc#1117108).\n- scsi: mpt3sas: Bug fix for big endian systems (bsc#1117108).\n- scsi: mpt3sas: Bump mpt3sas driver version to v16.100.00.00 (bsc#1117108).\n- scsi: mpt3sas: Cache enclosure pages during enclosure add (bsc#1117108).\n- scsi: mpt3sas: check command status before attempting abort (bsc#1117108).\n- scsi: mpt3sas: clarify mmio pointer types (bsc#1117108).\n- scsi: mpt3sas: cleanup _scsih_pcie_enumeration_event() (bsc#1117108).\n- scsi: mpt3sas: Configure reply post queue depth, DMA and sgl tablesize (bsc#1117108).\n- scsi: mpt3sas: Convert logging uses with MPT3SAS_FMT and reply_q_name to %s: (bsc#1117108).\n- scsi: mpt3sas: Convert logging uses with MPT3SAS_FMT without logging levels (bsc#1117108).\n- scsi: mpt3sas: Convert mlsleading uses of pr_\u003clevel\u003e with MPT3SAS_FMT (bsc#1117108).\n- scsi: mpt3sas: Convert uses of pr_\u003clevel\u003e with MPT3SAS_FMT to ioc_\u003clevel\u003e (bsc#1117108).\n- scsi: mpt3sas: Display chassis slot information of the drive (bsc#1117108).\n- scsi: mpt3sas: Do not abort I/Os issued to NVMe drives while processing Async Broadcast primitive event (bsc#1117108).\n- scsi: mpt3sas: Do not access the structure after decrementing it\u0027s instance reference count (bsc#1117108).\n- scsi: mpt3sas: Do not use 32-bit atomic request descriptor for Ventura controllers (bsc#1117108).\n- scsi: mpt3sas: Enhanced handling of Sense Buffer (bsc#1117108).\n- scsi: mpt3sas: fix an out of bound write (bsc#1117108).\n- scsi: mpt3sas: Fix a race condition in mpt3sas_base_hard_reset_handler() (bsc#1117108).\n- scsi: mpt3sas: Fix calltrace observed while running IO \u0026 reset (bsc#1117108).\n- scsi: mpt3sas: fix dma_addr_t casts (bsc#1117108).\n- scsi: mpt3sas: Fixed memory leaks in driver (bsc#1117108).\n- scsi: mpt3sas: Fix, False timeout prints for ioctl and other internal commands during controller reset (bsc#1117108).\n- scsi: mpt3sas: fix format overflow warning (bsc#1117108).\n- scsi: mpt3sas: Fix indentation (bsc#1117108).\n- scsi: mpt3sas: Fix memory allocation failure test in \u0027mpt3sas_base_attach()\u0027 (bsc#1117108).\n- scsi: mpt3sas: Fix nvme drives checking for tlr (bsc#1117108).\n- scsi: mpt3sas: fix oops in error handlers after shutdown/unload (bsc#1117108).\n- scsi: mpt3sas: Fix possibility of using invalid Enclosure Handle for SAS device after host reset (bsc#1117108).\n- scsi: mpt3sas: fix possible memory leak (bsc#1117108).\n- scsi: mpt3sas: fix pr_info message continuation (bsc#1117108).\n- scsi: mpt3sas: Fix removal and addition of vSES device during host reset (bsc#1117108).\n- scsi: mpt3sas: Fix sparse warnings (bsc#1117108).\n- scsi: mpt3sas: fix spelling mistake: \u0027disbale\u0027 -\u003e \u0027disable\u0027 (bsc#1117108).\n- scsi: mpt3sas: For NVME device, issue a protocol level reset (bsc#1117108).\n- scsi: mpt3sas: Handle NVMe PCIe device related events generated from firmware (bsc#1117108).\n- scsi: mpt3sas: Improve kernel-doc headers (bsc#1117108).\n- scsi: mpt3sas: Incorrect command status was set/marked as not used (bsc#1117108).\n- scsi: mpt3sas: Increase event log buffer to support 24 port HBA\u0027s (bsc#1117108).\n- scsi: mpt3sas: Introduce API to get BAR0 mapped buffer address (bsc#1117108).\n- scsi: mpt3sas: Introduce Base function for cloning (bsc#1117108).\n- scsi: mpt3sas: Introduce function to clone mpi reply (bsc#1117108).\n- scsi: mpt3sas: Introduce function to clone mpi request (bsc#1117108).\n- scsi: mpt3sas: Introduce mpt3sas_get_st_from_smid() (bsc#1117108).\n- scsi: mpt3sas: Introduce struct mpt3sas_nvme_cmd (bsc#1117108).\n- scsi: mpt3sas: Lockless access for chain buffers (bsc#1117108).\n- scsi: mpt3sas: lockless command submission (bsc#1117108).\n- scsi: mpt3sas: make function _get_st_from_smid static (bsc#1117108).\n- scsi: mpt3sas: NVMe drive support for BTDHMAPPING ioctl command and log info (bsc#1117108).\n- scsi: mpt3sas: open-code _scsih_scsi_lookup_get() (bsc#1117108).\n- scsi: mpt3sas: Optimize I/O memory consumption in driver (bsc#1117108).\n- scsi: mpt3sas: Pre-allocate RDPQ Array at driver boot time (bsc#1117108).\n- scsi: mpt3sas: Processing of Cable Exception events (bsc#1117108).\n- scsi: mpt3sas: Reduce memory footprint in kdump kernel (bsc#1117108).\n- scsi: mpt3sas: remove a stray KERN_INFO (bsc#1117108).\n- scsi: mpt3sas: Remove KERN_WARNING from panic uses (bsc#1117108).\n- scsi: mpt3sas: remove redundant copy_from_user in _ctl_getiocinfo (bsc#1117108).\n- scsi: mpt3sas: remove redundant wmb (bsc#1117108).\n- scsi: mpt3sas: Remove set-but-not-used variables (bsc#1117108).\n- scsi: mpt3sas: Remove unnecessary parentheses and simplify null checks (bsc#1117108).\n- scsi: mpt3sas: Remove unused macro MPT3SAS_FMT (bsc#1117108).\n- scsi: mpt3sas: Remove unused variable requeue_event (bsc#1117108).\n- scsi: mpt3sas: Replace PCI pool old API (bsc#1117108).\n- scsi: mpt3sas: Replace PCI pool old API (bsc#1117108).\n- scsi: mpt3sas: Report Firmware Package Version from HBA Driver (bsc#1117108).\n- scsi: mpt3sas: scan and add nvme device after controller reset (bsc#1117108).\n- scsi: mpt3sas: separate out _base_recovery_check() (bsc#1117108).\n- scsi: mpt3sas: set default value for cb_idx (bsc#1117108).\n- scsi: mpt3sas: Set NVMe device queue depth as 128 (bsc#1117108).\n- scsi: mpt3sas: SGL to PRP Translation for I/Os to NVMe devices (bsc#1117108).\n- scsi: mpt3sas: simplify mpt3sas_scsi_issue_tm() (bsc#1117108).\n- scsi: mpt3sas: simplify task management functions (bsc#1117108).\n- scsi: mpt3sas: simplify _wait_for_commands_to_complete() (bsc#1117108).\n- scsi: mpt3sas: Split _base_reset_handler(), mpt3sas_scsih_reset_handler() and mpt3sas_ctl_reset_handler() (bsc#1117108).\n- scsi: mpt3sas: Swap I/O memory read value back to cpu endianness (bsc#1117108).\n- scsi: mpt3sas: switch to generic DMA API (bsc#1117108).\n- scsi: mpt3sas: switch to pci_alloc_irq_vectors (bsc#1117108).\n- scsi: mpt3sas: Updated MPI headers to v2.00.48 (bsc#1117108).\n- scsi: mpt3sas: Update driver version \u002725.100.00.00\u0027 (bsc#1117108).\n- scsi: mpt3sas: Update driver version \u002726.100.00.00\u0027 (bsc#1117108).\n- scsi: mpt3sas: Update MPI Headers (bsc#1117108).\n- scsi: mpt3sas: Update mpt3sas driver version (bsc#1117108).\n- scsi: mpt3sas: Use dma_pool_zalloc (bsc#1117108).\n- scsi: mpt3sas: use list_splice_init() (bsc#1117108).\n- scsi: mpt3sas: wait for and flush running commands on shutdown/unload (bsc#1117108).\n- scsi: Protect SCSI device state changes with a mutex (bsc#1119877).\n- scsi: qedi: Add ISCSI_BOOT_SYSFS to Kconfig (bsc#1043083).\n- scsi: qla2xxx: Fix crashes in qla2x00_probe_one on probe failure (bsc#1094973).\n- scsi: qla2xxx: Fix deadlock between ATIO and HW lock (bsc#1125794).\n- scsi: qla2xxx: Fix incorrect port speed being set for FC adapters (bnc#1012382).\n- scsi: qla2xxx: Fix small memory leak in qla2x00_probe_one on probe failure (bsc#1094973).\n- scsi: Re-export scsi_internal_device_{,un}_block() (bsc#1119877).\n- scsi: sd: Fix cache_type_store() (bnc#1012382).\n- scsi: Split scsi_internal_device_block() (bsc#1119877).\n- scsi: target: add emulate_pr backstore attr to toggle PR support (bsc#1091405).\n- scsi: target: drop unused pi_prot_format attribute storage (bsc#1091405).\n- scsi: target: make the pi_prot_format ConfigFS path readable (bsc#1123933).\n- scsi: target: use consistent left-aligned ASCII INQUIRY data (bnc#1012382).\n- scsi: ufs: fix bugs related to null pointer access and array size (bnc#1012382).\n- scsi: ufs: fix race between clock gating and devfreq scaling work (bnc#1012382).\n- scsi: ufshcd: Fix race between clk scaling and ungate work (bnc#1012382).\n- scsi: ufshcd: release resources if probe fails (bnc#1012382).\n- scsi: use \u0027inquiry_mutex\u0027 instead of \u0027state_mutex\u0027 (bsc#1119877).\n- scsi: vmw_pscsi: Rearrange code to avoid multiple calls to free_irq during unload (bnc#1012382).\n- scsi: zfcp: fix posting too many status read buffers leading to adapter shutdown (bnc#1012382).\n- sctp: allocate sctp_sockaddr_entry with kzalloc (bnc#1012382).\n- sctp: clear the transport of some out_chunk_list chunks in sctp_assoc_rm_peer (bnc#1012382).\n- sctp: fix race on sctp_id2asoc (bnc#1012382).\n- sctp: initialize sin6_flowinfo for ipv6 addrs in sctp_inet6addr_event (bnc#1012382).\n- sd: disable logical block provisioning if \u0027lbpme\u0027 is not set (bsc#1086095 bsc#1078355).\n- selftests: ftrace: Add synthetic event syntax testcase (bnc#1012382).\n- selftests: Move networking/timestamping from Documentation (bnc#1012382).\n- selinux: fix GPF on invalid policy (bnc#1012382).\n- seq_buf: Make seq_buf_puts() null-terminate the buffer (bnc#1012382).\n- seq_file: fix incomplete reset on read from zero offset (Git-fixes).\n- ser_gigaset: use container_of() instead of detour (bnc#1012382).\n- serial: fsl_lpuart: clear parity enable bit when disable parity (bnc#1012382).\n- signal: Always deliver the kernel\u0027s SIGKILL and SIGSTOP to a pid namespace init (bnc#1012382).\n- signal: Always notice exiting tasks (bnc#1012382).\n- signal: Better detection of synchronous signals (bnc#1012382).\n- signal/GenWQE: Fix sending of SIGKILL (bnc#1012382).\n- signal: Restore the stop PTRACE_EVENT_EXIT (bnc#1012382).\n- skge: potential memory corruption in skge_get_regs() (bnc#1012382).\n- slab: alien caches must not be initialized if the allocation of the alien cache failed (bnc#1012382).\n- smack: fix access permissions for keyring (bnc#1012382).\n- smb3: allow stats which track session and share reconnects to be reset (bnc#1012382).\n- smb3: do not attempt cifs operation in smb3 query info error path (bnc#1012382).\n- smb3: on kerberos mount if server does not specify auth type use krb5 (bnc#1012382).\n- smsc75xx: Check for Wake-on-LAN modes (bnc#1012382).\n- smsc95xx: Check for Wake-on-LAN modes (bnc#1012382).\n- smsc95xx: Use skb_cow_head to deal with cloned skbs (bnc#1012382).\n- sock: Make sock-\u003esk_stamp thread-safe (bnc#1012382).\n- soc/tegra: Do not leak device tree node reference (bnc#1012382).\n- soc/tegra: pmc: Fix child-node lookup (bnc#1012382).\n- sparc64: Fix exception handling in UltraSPARC-III memcpy (bnc#1012382).\n- sparc64 mm: Fix more TSB sizing issues (bnc#1012382).\n- sparc: Fix single-pcr perf event counter management (bnc#1012382).\n- sparc/pci: Refactor dev_archdata initialization into pci_init_dev_archdata (bnc#1012382).\n- spi: bcm2835: Avoid finishing transfer prematurely in IRQ mode (bnc#1012382).\n- spi: bcm2835: Fix book-keeping of DMA termination (bnc#1012382).\n- spi: bcm2835: Fix race on DMA termination (bnc#1012382).\n- spi: bcm2835: Unbreak the build of esoteric configs (bnc#1012382).\n- spi/bcm63xx: fix error return code in bcm63xx_spi_probe() (bnc#1012382).\n- spi/bcm63xx-hspi: fix error return code in bcm63xx_hsspi_probe() (bnc#1012382).\n- spi: xlp: fix error return code in xlp_spi_probe() (bnc#1012382).\n- sr9800: Check for supported Wake-on-LAN modes (bnc#1012382).\n- sr: pass down correctly sized SCSI sense buffer (bnc#1012382).\n- staging:iio:ad2s90: Make probe handle spi_setup failure (bnc#1012382).\n- staging: iio: ad7780: update voltage on read (bnc#1012382).\n- staging: iio: adc: ad7280a: handle error from __ad7280_read32() (bnc#1012382).\n- staging: lustre: remove two build warnings (bnc#1012382).\n- staging: rtl8188eu: Add device code for D-Link DWA-121 rev B1 (bnc#1012382).\n- staging: rts5208: fix gcc-8 logic error warning (bnc#1012382).\n- staging: speakup: Replace strncpy with memcpy (bnc#1012382).\n- sunrpc: correct the computation for page_ptr when truncating (bnc#1012382).\n- sunrpc: drop pointless static qualifier in xdr_get_next_encode_buffer() (bnc#1012382).\n- sunrpc: Fix a bogus get/put in generic_key_to_expire() (bnc#1012382).\n- sunrpc: Fix a potential race in xprt_connect() (git-fixes).\n- sunrpc: fix cache_head leak due to queued request (bnc#1012382).\n- sunrpc: Fix leak of krb5p encode pages (bnc#1012382).\n- sunrpc: handle ENOMEM in rpcb_getport_async (bnc#1012382).\n- sunvdc: Do not spin in an infinite loop when vio_ldc_send() returns EAGAIN (bnc#1012382).\n- svcrdma: Remove unused variable in rdma_copy_tail() (git-fixes).\n- swim: fix cleanup on setup error (bnc#1012382).\n- swiotlb: clean up reporting (bnc#1012382).\n- sysfs: Disable lockdep for driver bind/unbind files (bnc#1012382).\n- sysv: return \u0027err\u0027 instead of 0 in __sysv_write_inode (bnc#1012382).\n- target/iscsi: avoid NULL dereference in CHAP auth error path (bsc#1117165).\n- target: se_dev_attrib.emulate_pr ABI stability (bsc#1091405).\n- tcp: fix NULL ref in tail loss probe (bnc#1012382).\n- TC: Set DMA masks for devices (bnc#1012382).\n- termios, tty/tty_baudrate.c: fix buffer overrun (bnc#1012382).\n- test_hexdump: use memcpy instead of strncpy (bnc#1012382).\n- tg3: Add PHY reset for 5717/5719/5720 in change ring and flow control paths (bnc#1012382).\n- thermal: allow spear-thermal driver to be a module (bnc#1012382).\n- thermal: allow u8500-thermal driver to be a module (bnc#1012382).\n- thermal: hwmon: inline helpers when CONFIG_THERMAL_HWMON is not set (bnc#1012382).\n- timekeeping: Use proper seqcount initializer (bnc#1012382).\n- timer/debug: Change /proc/timer_list from 0444 to 0400 (bnc#1012382).\n- tipc: fix uninit-value in tipc_nl_compat_bearer_enable (bnc#1012382).\n- tipc: fix uninit-value in tipc_nl_compat_doit (bnc#1012382).\n- tipc: fix uninit-value in tipc_nl_compat_link_reset_stats (bnc#1012382).\n- tipc: fix uninit-value in tipc_nl_compat_link_set (bnc#1012382).\n- tipc: fix uninit-value in tipc_nl_compat_name_table_dump (bnc#1012382).\n- tipc: use destination length for copy string (bnc#1012382).\n- tmpfs: make lseek(SEEK_DATA/SEK_HOLE) return ENXIO with a negative offset (bnc#1012382).\n- tpm: fix response size validation in tpm_get_random() (bsc#1020645, git-fixes).\n- tpm: suppress transmit cmd error logs when TPM 1.2 is disabled/deactivated (bnc#1012382).\n- tracing: Fix bad use of igrab in trace_uprobe.c (bsc#1120046).\n- tracing: Fix memory leak in set_trigger_filter() (bnc#1012382).\n- tracing: Fix memory leak of instance function hash filters (bnc#1012382).\n- tracing: Skip more functions when doing stack tracing of events (bnc#1012382).\n- tracing/uprobes: Fix output for multiple string arguments (bnc#1012382).\n- tty: check name length in tty_find_polling_driver() (bnc#1012382).\n- tty: Do not block on IO when ldisc change is pending (bnc#1105428).\n- tty: Do not hold ldisc lock in tty_reopen() if ldisc present (bnc#1105428).\n- tty: fix data race between tty_init_dev and flush of buf (bnc#1105428).\n- tty: Handle problem if line discipline does not have receive_buf (bnc#1012382).\n- tty: Hold tty_ldisc_lock() during tty_reopen() (bnc#1105428).\n- tty/ldsem: Add lockdep asserts for ldisc_sem (bnc#1105428).\n- tty/ldsem: Convert to regular lockdep annotations (bnc#1105428).\n- tty/ldsem: Decrement wait_readers on timeouted down_read() (bnc#1105428).\n- tty/ldsem: Wake up readers after timed out down_write() (bnc#1012382).\n- tty/n_hdlc: fix __might_sleep warning (bnc#1012382).\n- tty: serial: 8250_mtk: always resume the device in probe (bnc#1012382).\n- tty: serial: samsung: Properly set flags in autoCTS mode (bnc#1012382).\n- tty: serial: sprd: fix error return code in sprd_probe() (bnc#1012382).\n- tty: Simplify tty-\u003ecount math in tty_reopen() (bnc#1105428).\n- tty: wipe buffer (bnc#1012382).\n- tty: wipe buffer if not echoing data (bnc#1012382).\n- tun: Consistently configure generic netdev params via rtnetlink (bnc#1012382).\n- tun: forbid iface creation with rtnl ops (bnc#1012382).\n- uapi/if_ether.h: move __UAPI_DEF_ETHHDR libc define (bnc#1012382).\n- uapi/if_ether.h: prevent redefinition of struct ethhdr (bnc#1012382).\n- ucc_geth: Reset BQL queue when stopping device (bnc#1012382).\n- udf: Fix BUG on corrupted inode (bnc#1012382).\n- uio: ensure class is registered before devices (bnc#1012382).\n- uio: Fix an Oops on load (bnc#1012382).\n- uio: make symbol \u0027uio_class_registered\u0027 static (git-fixes).\n- um: Avoid longjmp/setjmp symbol clashes with libpthread.a (bnc#1012382).\n- um: Avoid marking pages with \u0027changed protection\u0027 (bnc#1012382).\n- um: Give start_idle_thread() a return code (bnc#1012382).\n- unifdef: use memcpy instead of strncpy (bnc#1012382).\n- Update ibmvnic: Fix RX queue buffer cleanup (bsc#1115440, bsc#1115433).\n- uprobes: Fix handle_swbp() vs. unregister() + register() race once more (bnc#1012382).\n- usb: Add USB_QUIRK_DELAY_CTRL_MSG quirk for Corsair K70 RGB (bnc#1012382).\n- usb: appledisplay: Add 27\u0027 Apple Cinema Display (bnc#1012382).\n- usb: cdc-acm: add entry for Hiro (Conexant) modem (bnc#1012382).\n- usb: cdc-acm: send ZLP for Telit 3G Intel based modems (bnc#1012382).\n- usb: check usb_get_extra_descriptor for proper size (bnc#1012382).\n- usb: chipidea: Prevent unbalanced IRQ disable (bnc#1012382).\n- usb: core: Fix hub port connection events lost (bnc#1012382).\n- usb: core: quirks: add RESET_RESUME quirk for Cherry G230 Stream series (bnc#1012382).\n- usb: dwc2: Remove unnecessary kfree (bnc#1012382).\n- usb: dwc3: omap: fix error return code in dwc3_omap_probe() (bnc#1012382).\n- usb: ehci-omap: fix error return code in ehci_hcd_omap_probe() (bnc#1012382).\n- usb: fix the usbfs flag sanitization for control transfers (bnc#1012382).\n- usb: gadget: dummy: fix nonsensical comparisons (bnc#1012382).\n- usb: gadget: storage: Fix Spectre v1 vulnerability (bnc#1012382).\n- usb: gadget: udc: net2272: Fix bitwise and boolean operations (bnc#1012382).\n- usb: hub: delay hub autosuspend if USB3 port is still link training (bnc#1012382).\n- usb: imx21-hcd: fix error return code in imx21_probe() (bnc#1012382).\n- usb: misc: appledisplay: add 20\u0027 Apple Cinema Display (bnc#1012382).\n- usbnet: ipheth: fix potential recvmsg bug and recvmsg bug 2 (bnc#1012382).\n- usb: omap_udc: fix crashes on probe error and module removal (bnc#1012382).\n- usb: omap_udc: fix omap_udc_start() on 15xx machines (bnc#1012382).\n- usb: omap_udc: fix USB gadget functionality on Palm Tungsten E (bnc#1012382).\n- usb: omap_udc: use devm_request_irq() (bnc#1012382).\n- usb: phy: am335x: fix race condition in _probe (bnc#1012382).\n- usb: quirk: add no-LPM quirk on SanDisk Ultra Flair device (bnc#1012382).\n- usb: quirks: Add delay-init quirk for Corsair K70 LUX RGB (bnc#1012382).\n- usb: quirks: Add no-lpm quirk for Raydium touchscreens (bnc#1012382).\n- usb: r8a66597: Fix a possible concurrency use-after-free bug in r8a66597_endpoint_disable() (bnc#1012382).\n- usb: serial: option: add Fibocom NL668 series (bnc#1012382).\n- usb: serial: option: add Fibocom NL678 series (bnc#1012382).\n- usb: serial: option: add GosunCn ZTE WeLink ME3630 (bnc#1012382).\n- usb: serial: option: add HP lt4132 (bnc#1012382).\n- usb: serial: option: add Simcom SIM7500/SIM7600 (MBIM mode) (bnc#1012382).\n- usb: serial: option: add Telit LN940 series (bnc#1012382).\n- usb: serial: pl2303: add ids for Hewlett-Packard HP POS pole displays (bnc#1012382).\n- usb: serial: pl2303: add new PID to support PL2303TB (bnc#1012382).\n- usb: serial: simple: add Motorola Tetra TPG2200 device id (bnc#1012382).\n- usb: storage: add quirk for SMI SM3350 (bnc#1012382).\n- usb: storage: do not insert sane sense for SPC3+ when bad sense specified (bnc#1012382).\n- usb-storage: fix bogus hardware error messages for ATA pass-thru devices (bnc#1012382).\n- usb: usb-storage: Add new IDs to ums-realtek (bnc#1012382).\n- usb: xhci: fix timeout for transition from RExit to U0 (bnc#1012382).\n- usb: xhci: fix uninitialized completion when USB3 port got wrong status (bnc#1012382).\n- usb: xhci: Prevent bus suspend if a port connect change or polling state is detected (bnc#1012382).\n- v9fs_dir_readdir: fix double-free on p9stat_read error (bnc#1012382).\n- vfs: Avoid softlockups in drop_pagecache_sb() (bsc#1118505).\n- vhost: Fix Spectre V1 vulnerability (bnc#1012382).\n- vhost: make sure used idx is seen before log in vhost_add_used_n() (bnc#1012382).\n- vhost/scsi: truncate T10 PI iov_iter to prot_bytes (bnc#1012382).\n- video: clps711x-fb: release disp device node in probe() (bnc#1012382).\n- video: fbdev: pxa3xx_gcu: fix error return code in pxa3xx_gcu_probe() (bnc#1012382).\n- virtio/s390: avoid race on vcdev-\u003econfig (bnc#1012382).\n- virtio/s390: fix race in ccw_io_helper() (bnc#1012382).\n- VSOCK: Send reset control packet when socket is partially bound (bnc#1012382).\n- vti6: flush x-netns xfrm cache when vti interface is removed (bnc#1012382).\n- vt: invoke notifier on screen size change (bnc#1012382).\n- w1: omap-hdq: fix missing bus unregister at removal (bnc#1012382).\n- writeback: do not decrement wb-\u003erefcnt if !wb-\u003ebdi (git fixes (writeback)).\n- x86/a.out: Clear the dump structure initially (bnc#1012382).\n- x86: boot: Fix EFI stub alignment (bnc#1012382).\n- x86/boot: #undef memcpy() et al in string.c (bnc#1012382).\n- x86/build: Fix stack alignment for CLang (bnc#1012382).\n- x86/build: Specify stack alignment for clang (bnc#1012382).\n- x86/build: Use __cc-option for boot code compiler options (bnc#1012382).\n- x86/build: Use cc-option to validate stack alignment parameter (bnc#1012382).\n- x86/corruption-check: Fix panic in memory_corruption_check() when boot option without value is provided (bnc#1012382).\n- x86/earlyprintk/efi: Fix infinite loop on some screen widths (bnc#1012382).\n- x86/entry: spell EBX register correctly in documentation (bnc#1012382).\n- x86/fpu: Add might_fault() to user_insn() (bnc#1012382).\n- x86/kaslr: Fix incorrect i8254 outb() parameters (bnc#1012382).\n- x86/kbuild: Use cc-option to enable -falign-{jumps/loops} (bnc#1012382).\n- x86/kconfig: Fall back to ticket spinlocks (bnc#1012382).\n- x86/MCE: Export memory_error() (bsc#1114648).\n- x86/MCE: Initialize mce.bank in the case of a fatal error in mce_no_way_out() (bnc#1012382).\n- x86/MCE: Make correctable error detection look at the Deferred bit (bsc#1114648).\n- x86/mm/kaslr: Use the _ASM_MUL macro for multiplication to work around Clang incompatibility (bnc#1012382).\n- x86/mm/pat: Prevent hang during boot when mapping pages (bnc#1012382).\n- x86/mtrr: Do not copy uninitialized gentry fields back to userspace (bnc#1012382).\n- x86/PCI: Fix Broadcom CNB20LE unintended sign extension (redux) (bnc#1012382).\n- x86/pkeys: Properly copy pkey state at fork() (bsc#1106105).\n- x86/platform/UV: Use efi_runtime_lock to serialise BIOS calls (bnc#1012382).\n- x86: respect memory size limiting via mem= parameter (bsc#1117645).\n- x86/speculation/l1tf: Drop the swap storage limit restriction when l1tf=off (bnc#1114871).\n- x86/speculation: Use synthetic bits for IBRS/IBPB/STIBP (bnc#1012382).\n- x86/xen: dont add memory above max allowed allocation (bsc#1117645).\n- xen/balloon: Support xend-based toolstack (bnc#1065600).\n- xen/blkfront: avoid NULL blkfront_info dereference on device removal (bsc#1111062).\n- xen: fix race in xen_qlock_wait() (bnc#1012382).\n- xen: fix xen_qlock_wait() (bnc#1012382).\n- xen: make xen_qlock_wait() nestable (bnc#1012382).\n- xen/netback: dont overflow meta array (bnc#1099523).\n- xen/netfront: tolerate frags with no data (bnc#1012382).\n- xen-swiotlb: use actually allocated size on check physical continuous (bnc#1012382).\n- xen/x86: add diagnostic printout to xen_mc_flush() in case of error (bnc#1116183).\n- xen: xlate_mmu: add missing header to fix \u0027W=1\u0027 warning (bnc#1012382).\n- xfrm6: call kfree_skb when skb is toobig (bnc#1012382).\n- xfrm6_tunnel: Fix spi check in __xfrm6_tunnel_alloc_spi (bnc#1012382).\n- xfrm: Clear sk_dst_cache when applying per-socket policy (bnc#1012382).\n- xfrm: Fix bucket count reported to userspace (bnc#1012382).\n- xfrm: use complete IPv6 addresses for hash (bsc#1109330).\n- xfrm: Validate address prefix lengths in the xfrm selector (bnc#1012382).\n- xfrm: validate template mode (bnc#1012382).\n- xfs: Align compat attrlist_by_handle with native implementation (git-fixes).\n- xfs/dmapi: restore event in xfs_getbmap (bsc#1114763).\n- xfs: Fix error code in \u0027xfs_ioc_getbmap()\u0027 (git-fixes).\n- xfs: fix quotacheck dquot id overflow infinite loop (bsc#1121621).\n- xhci: Add quirk to workaround the errata seen on Cavium Thunder-X2 Soc (bsc#1117162).\n- xhci: Do not prevent USB2 bus suspend in state check intended for USB3 only (bnc#1012382).\n- xhci: Prevent U1/U2 link pm states if exit latency is too long (bnc#1012382).\n- xprtrdma: checking for NULL instead of IS_ERR() (git-fixes).\n- xprtrdma: Disable pad optimization by default (git-fixes).\n- xprtrdma: Disable RPC/RDMA backchannel debugging messages (git-fixes).\n- xprtrdma: Fix additional uses of spin_lock_irqsave(rb_lock) (git-fixes).\n- xprtrdma: Fix backchannel allocation of extra rpcrdma_reps (git-fixes).\n- xprtrdma: Fix Read chunk padding (git-fixes).\n- xprtrdma: Fix receive buffer accounting (git-fixes).\n- xprtrdma: Reset credit grant properly after a disconnect (git-fixes).\n- xprtrdma: rpcrdma_bc_receive_call() should init rq_private_buf.len (git-fixes).\n- xprtrdma: Serialize credit accounting again (git-fixes).\n- xprtrdma: xprt_rdma_free() must not release backchannel reqs (git-fixes).\n- xtensa: add NOTES section to the linker script (bnc#1012382).\n- xtensa: enable coprocessors that are being flushed (bnc#1012382).\n- xtensa: fix boot parameters address translation (bnc#1012382).\n- xtensa: fix coprocessor context offset definitions (bnc#1012382).\n- xtensa: make sure bFLT stack is 16 byte aligned (bnc#1012382).\n- yama: Check for pid death before checking ancestry (bnc#1012382).\n- zram: close udev startup race condition as default groups (bnc#1012382).\n- xfrm: refine validation of template and selector families (bnc#1012382).\n",
"title": "Description of the patch"
},
{
"category": "details",
"text": "SUSE-2019-541,SUSE-SLE-DESKTOP-12-SP3-2019-541,SUSE-SLE-HA-12-SP3-2019-541,SUSE-SLE-Live-Patching-12-SP3-2019-541,SUSE-SLE-SDK-12-SP3-2019-541,SUSE-SLE-SERVER-12-SP3-2019-541,SUSE-SLE-WE-12-SP3-2019-541",
"title": "Patchnames"
},
{
"category": "legal_disclaimer",
"text": "CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).",
"title": "Terms of use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://www.suse.com/support/security/contact/",
"name": "SUSE Product Security Team",
"namespace": "https://www.suse.com/"
},
"references": [
{
"category": "external",
"summary": "SUSE ratings",
"url": "https://www.suse.com/support/security/rating/"
},
{
"category": "self",
"summary": "URL of this CSAF notice",
"url": "https://ftp.suse.com/pub/projects/security/csaf/suse-su-2019_0541-1.json"
},
{
"category": "self",
"summary": "URL for SUSE-SU-2019:0541-1",
"url": "https://www.suse.com/support/update/announcement/2019/suse-su-20190541-1/"
},
{
"category": "self",
"summary": "E-Mail link for SUSE-SU-2019:0541-1",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2019-March/005168.html"
},
{
"category": "self",
"summary": "SUSE Bug 1012382",
"url": "https://bugzilla.suse.com/1012382"
},
{
"category": "self",
"summary": "SUSE Bug 1015336",
"url": "https://bugzilla.suse.com/1015336"
},
{
"category": "self",
"summary": "SUSE Bug 1015337",
"url": "https://bugzilla.suse.com/1015337"
},
{
"category": "self",
"summary": "SUSE Bug 1015340",
"url": "https://bugzilla.suse.com/1015340"
},
{
"category": "self",
"summary": "SUSE Bug 1019683",
"url": "https://bugzilla.suse.com/1019683"
},
{
"category": "self",
"summary": "SUSE Bug 1019695",
"url": "https://bugzilla.suse.com/1019695"
},
{
"category": "self",
"summary": "SUSE Bug 1020413",
"url": "https://bugzilla.suse.com/1020413"
},
{
"category": "self",
"summary": "SUSE Bug 1020645",
"url": "https://bugzilla.suse.com/1020645"
},
{
"category": "self",
"summary": "SUSE Bug 1023175",
"url": "https://bugzilla.suse.com/1023175"
},
{
"category": "self",
"summary": "SUSE Bug 1027260",
"url": "https://bugzilla.suse.com/1027260"
},
{
"category": "self",
"summary": "SUSE Bug 1027457",
"url": "https://bugzilla.suse.com/1027457"
},
{
"category": "self",
"summary": "SUSE Bug 1031492",
"url": "https://bugzilla.suse.com/1031492"
},
{
"category": "self",
"summary": "SUSE Bug 1042286",
"url": "https://bugzilla.suse.com/1042286"
},
{
"category": "self",
"summary": "SUSE Bug 1043083",
"url": "https://bugzilla.suse.com/1043083"
},
{
"category": "self",
"summary": "SUSE Bug 1046264",
"url": "https://bugzilla.suse.com/1046264"
},
{
"category": "self",
"summary": "SUSE Bug 1047487",
"url": "https://bugzilla.suse.com/1047487"
},
{
"category": "self",
"summary": "SUSE Bug 1048916",
"url": "https://bugzilla.suse.com/1048916"
},
{
"category": "self",
"summary": "SUSE Bug 1050549",
"url": "https://bugzilla.suse.com/1050549"
},
{
"category": "self",
"summary": "SUSE Bug 1065600",
"url": "https://bugzilla.suse.com/1065600"
},
{
"category": "self",
"summary": "SUSE Bug 1066223",
"url": "https://bugzilla.suse.com/1066223"
},
{
"category": "self",
"summary": "SUSE Bug 1068032",
"url": "https://bugzilla.suse.com/1068032"
},
{
"category": "self",
"summary": "SUSE Bug 1070805",
"url": "https://bugzilla.suse.com/1070805"
},
{
"category": "self",
"summary": "SUSE Bug 1078355",
"url": "https://bugzilla.suse.com/1078355"
},
{
"category": "self",
"summary": "SUSE Bug 1079935",
"url": "https://bugzilla.suse.com/1079935"
},
{
"category": "self",
"summary": "SUSE Bug 1086095",
"url": "https://bugzilla.suse.com/1086095"
},
{
"category": "self",
"summary": "SUSE Bug 1086423",
"url": "https://bugzilla.suse.com/1086423"
},
{
"category": "self",
"summary": "SUSE Bug 1086652",
"url": "https://bugzilla.suse.com/1086652"
},
{
"category": "self",
"summary": "SUSE Bug 1091405",
"url": "https://bugzilla.suse.com/1091405"
},
{
"category": "self",
"summary": "SUSE Bug 1093158",
"url": "https://bugzilla.suse.com/1093158"
},
{
"category": "self",
"summary": "SUSE Bug 1094244",
"url": "https://bugzilla.suse.com/1094244"
},
{
"category": "self",
"summary": "SUSE Bug 1094823",
"url": "https://bugzilla.suse.com/1094823"
},
{
"category": "self",
"summary": "SUSE Bug 1094973",
"url": "https://bugzilla.suse.com/1094973"
},
{
"category": "self",
"summary": "SUSE Bug 1096242",
"url": "https://bugzilla.suse.com/1096242"
},
{
"category": "self",
"summary": "SUSE Bug 1096281",
"url": "https://bugzilla.suse.com/1096281"
},
{
"category": "self",
"summary": "SUSE Bug 1099523",
"url": "https://bugzilla.suse.com/1099523"
},
{
"category": "self",
"summary": "SUSE Bug 1099810",
"url": "https://bugzilla.suse.com/1099810"
},
{
"category": "self",
"summary": "SUSE Bug 1100105",
"url": "https://bugzilla.suse.com/1100105"
},
{
"category": "self",
"summary": "SUSE Bug 1101557",
"url": "https://bugzilla.suse.com/1101557"
},
{
"category": "self",
"summary": "SUSE Bug 1102439",
"url": "https://bugzilla.suse.com/1102439"
},
{
"category": "self",
"summary": "SUSE Bug 1102660",
"url": "https://bugzilla.suse.com/1102660"
},
{
"category": "self",
"summary": "SUSE Bug 1102875",
"url": "https://bugzilla.suse.com/1102875"
},
{
"category": "self",
"summary": "SUSE Bug 1102877",
"url": "https://bugzilla.suse.com/1102877"
},
{
"category": "self",
"summary": "SUSE Bug 1102879",
"url": "https://bugzilla.suse.com/1102879"
},
{
"category": "self",
"summary": "SUSE Bug 1102882",
"url": "https://bugzilla.suse.com/1102882"
},
{
"category": "self",
"summary": "SUSE Bug 1102896",
"url": "https://bugzilla.suse.com/1102896"
},
{
"category": "self",
"summary": "SUSE Bug 1103097",
"url": "https://bugzilla.suse.com/1103097"
},
{
"category": "self",
"summary": "SUSE Bug 1103156",
"url": "https://bugzilla.suse.com/1103156"
},
{
"category": "self",
"summary": "SUSE Bug 1103257",
"url": "https://bugzilla.suse.com/1103257"
},
{
"category": "self",
"summary": "SUSE Bug 1103624",
"url": "https://bugzilla.suse.com/1103624"
},
{
"category": "self",
"summary": "SUSE Bug 1104098",
"url": "https://bugzilla.suse.com/1104098"
},
{
"category": "self",
"summary": "SUSE Bug 1104731",
"url": "https://bugzilla.suse.com/1104731"
},
{
"category": "self",
"summary": "SUSE Bug 1105428",
"url": "https://bugzilla.suse.com/1105428"
},
{
"category": "self",
"summary": "SUSE Bug 1106061",
"url": "https://bugzilla.suse.com/1106061"
},
{
"category": "self",
"summary": "SUSE Bug 1106105",
"url": "https://bugzilla.suse.com/1106105"
},
{
"category": "self",
"summary": "SUSE Bug 1106237",
"url": "https://bugzilla.suse.com/1106237"
},
{
"category": "self",
"summary": "SUSE Bug 1106240",
"url": "https://bugzilla.suse.com/1106240"
},
{
"category": "self",
"summary": "SUSE Bug 1106929",
"url": "https://bugzilla.suse.com/1106929"
},
{
"category": "self",
"summary": "SUSE Bug 1107385",
"url": "https://bugzilla.suse.com/1107385"
},
{
"category": "self",
"summary": "SUSE Bug 1107866",
"url": "https://bugzilla.suse.com/1107866"
},
{
"category": "self",
"summary": "SUSE Bug 1108145",
"url": "https://bugzilla.suse.com/1108145"
},
{
"category": "self",
"summary": "SUSE Bug 1108240",
"url": "https://bugzilla.suse.com/1108240"
},
{
"category": "self",
"summary": "SUSE Bug 1109272",
"url": "https://bugzilla.suse.com/1109272"
},
{
"category": "self",
"summary": "SUSE Bug 1109330",
"url": "https://bugzilla.suse.com/1109330"
},
{
"category": "self",
"summary": "SUSE Bug 1109695",
"url": "https://bugzilla.suse.com/1109695"
},
{
"category": "self",
"summary": "SUSE Bug 1109806",
"url": "https://bugzilla.suse.com/1109806"
},
{
"category": "self",
"summary": "SUSE Bug 1110286",
"url": "https://bugzilla.suse.com/1110286"
},
{
"category": "self",
"summary": "SUSE Bug 1111062",
"url": "https://bugzilla.suse.com/1111062"
},
{
"category": "self",
"summary": "SUSE Bug 1111174",
"url": "https://bugzilla.suse.com/1111174"
},
{
"category": "self",
"summary": "SUSE Bug 1111809",
"url": "https://bugzilla.suse.com/1111809"
},
{
"category": "self",
"summary": "SUSE Bug 1112246",
"url": "https://bugzilla.suse.com/1112246"
},
{
"category": "self",
"summary": "SUSE Bug 1112963",
"url": "https://bugzilla.suse.com/1112963"
},
{
"category": "self",
"summary": "SUSE Bug 1113412",
"url": "https://bugzilla.suse.com/1113412"
},
{
"category": "self",
"summary": "SUSE Bug 1113766",
"url": "https://bugzilla.suse.com/1113766"
},
{
"category": "self",
"summary": "SUSE Bug 1114190",
"url": "https://bugzilla.suse.com/1114190"
},
{
"category": "self",
"summary": "SUSE Bug 1114417",
"url": "https://bugzilla.suse.com/1114417"
},
{
"category": "self",
"summary": "SUSE Bug 1114475",
"url": "https://bugzilla.suse.com/1114475"
},
{
"category": "self",
"summary": "SUSE Bug 1114648",
"url": "https://bugzilla.suse.com/1114648"
},
{
"category": "self",
"summary": "SUSE Bug 1114763",
"url": "https://bugzilla.suse.com/1114763"
},
{
"category": "self",
"summary": "SUSE Bug 1114839",
"url": "https://bugzilla.suse.com/1114839"
},
{
"category": "self",
"summary": "SUSE Bug 1114871",
"url": "https://bugzilla.suse.com/1114871"
},
{
"category": "self",
"summary": "SUSE Bug 1114893",
"url": "https://bugzilla.suse.com/1114893"
},
{
"category": "self",
"summary": "SUSE Bug 1115431",
"url": "https://bugzilla.suse.com/1115431"
},
{
"category": "self",
"summary": "SUSE Bug 1115433",
"url": "https://bugzilla.suse.com/1115433"
},
{
"category": "self",
"summary": "SUSE Bug 1115440",
"url": "https://bugzilla.suse.com/1115440"
},
{
"category": "self",
"summary": "SUSE Bug 1115482",
"url": "https://bugzilla.suse.com/1115482"
},
{
"category": "self",
"summary": "SUSE Bug 1115709",
"url": "https://bugzilla.suse.com/1115709"
},
{
"category": "self",
"summary": "SUSE Bug 1116027",
"url": "https://bugzilla.suse.com/1116027"
},
{
"category": "self",
"summary": "SUSE Bug 1116183",
"url": "https://bugzilla.suse.com/1116183"
},
{
"category": "self",
"summary": "SUSE Bug 1116285",
"url": "https://bugzilla.suse.com/1116285"
},
{
"category": "self",
"summary": "SUSE Bug 1116336",
"url": "https://bugzilla.suse.com/1116336"
},
{
"category": "self",
"summary": "SUSE Bug 1116345",
"url": "https://bugzilla.suse.com/1116345"
},
{
"category": "self",
"summary": "SUSE Bug 1116497",
"url": "https://bugzilla.suse.com/1116497"
},
{
"category": "self",
"summary": "SUSE Bug 1116653",
"url": "https://bugzilla.suse.com/1116653"
},
{
"category": "self",
"summary": "SUSE Bug 1116841",
"url": "https://bugzilla.suse.com/1116841"
},
{
"category": "self",
"summary": "SUSE Bug 1116924",
"url": "https://bugzilla.suse.com/1116924"
},
{
"category": "self",
"summary": "SUSE Bug 1116950",
"url": "https://bugzilla.suse.com/1116950"
},
{
"category": "self",
"summary": "SUSE Bug 1116962",
"url": "https://bugzilla.suse.com/1116962"
},
{
"category": "self",
"summary": "SUSE Bug 1117108",
"url": "https://bugzilla.suse.com/1117108"
},
{
"category": "self",
"summary": "SUSE Bug 1117162",
"url": "https://bugzilla.suse.com/1117162"
},
{
"category": "self",
"summary": "SUSE Bug 1117165",
"url": "https://bugzilla.suse.com/1117165"
},
{
"category": "self",
"summary": "SUSE Bug 1117186",
"url": "https://bugzilla.suse.com/1117186"
},
{
"category": "self",
"summary": "SUSE Bug 1117562",
"url": "https://bugzilla.suse.com/1117562"
},
{
"category": "self",
"summary": "SUSE Bug 1117645",
"url": "https://bugzilla.suse.com/1117645"
},
{
"category": "self",
"summary": "SUSE Bug 1117744",
"url": "https://bugzilla.suse.com/1117744"
},
{
"category": "self",
"summary": "SUSE Bug 1118152",
"url": "https://bugzilla.suse.com/1118152"
},
{
"category": "self",
"summary": "SUSE Bug 1118316",
"url": "https://bugzilla.suse.com/1118316"
},
{
"category": "self",
"summary": "SUSE Bug 1118319",
"url": "https://bugzilla.suse.com/1118319"
},
{
"category": "self",
"summary": "SUSE Bug 1118505",
"url": "https://bugzilla.suse.com/1118505"
},
{
"category": "self",
"summary": "SUSE Bug 1118790",
"url": "https://bugzilla.suse.com/1118790"
},
{
"category": "self",
"summary": "SUSE Bug 1118798",
"url": "https://bugzilla.suse.com/1118798"
},
{
"category": "self",
"summary": "SUSE Bug 1118915",
"url": "https://bugzilla.suse.com/1118915"
},
{
"category": "self",
"summary": "SUSE Bug 1118922",
"url": "https://bugzilla.suse.com/1118922"
},
{
"category": "self",
"summary": "SUSE Bug 1118926",
"url": "https://bugzilla.suse.com/1118926"
},
{
"category": "self",
"summary": "SUSE Bug 1118930",
"url": "https://bugzilla.suse.com/1118930"
},
{
"category": "self",
"summary": "SUSE Bug 1118936",
"url": "https://bugzilla.suse.com/1118936"
},
{
"category": "self",
"summary": "SUSE Bug 1119204",
"url": "https://bugzilla.suse.com/1119204"
},
{
"category": "self",
"summary": "SUSE Bug 1119680",
"url": "https://bugzilla.suse.com/1119680"
},
{
"category": "self",
"summary": "SUSE Bug 1119714",
"url": "https://bugzilla.suse.com/1119714"
},
{
"category": "self",
"summary": "SUSE Bug 1119877",
"url": "https://bugzilla.suse.com/1119877"
},
{
"category": "self",
"summary": "SUSE Bug 1119946",
"url": "https://bugzilla.suse.com/1119946"
},
{
"category": "self",
"summary": "SUSE Bug 1119967",
"url": "https://bugzilla.suse.com/1119967"
},
{
"category": "self",
"summary": "SUSE Bug 1119970",
"url": "https://bugzilla.suse.com/1119970"
},
{
"category": "self",
"summary": "SUSE Bug 1120017",
"url": "https://bugzilla.suse.com/1120017"
},
{
"category": "self",
"summary": "SUSE Bug 1120046",
"url": "https://bugzilla.suse.com/1120046"
},
{
"category": "self",
"summary": "SUSE Bug 1120722",
"url": "https://bugzilla.suse.com/1120722"
},
{
"category": "self",
"summary": "SUSE Bug 1120743",
"url": "https://bugzilla.suse.com/1120743"
},
{
"category": "self",
"summary": "SUSE Bug 1120758",
"url": "https://bugzilla.suse.com/1120758"
},
{
"category": "self",
"summary": "SUSE Bug 1120902",
"url": "https://bugzilla.suse.com/1120902"
},
{
"category": "self",
"summary": "SUSE Bug 1120950",
"url": "https://bugzilla.suse.com/1120950"
},
{
"category": "self",
"summary": "SUSE Bug 1121239",
"url": "https://bugzilla.suse.com/1121239"
},
{
"category": "self",
"summary": "SUSE Bug 1121240",
"url": "https://bugzilla.suse.com/1121240"
},
{
"category": "self",
"summary": "SUSE Bug 1121241",
"url": "https://bugzilla.suse.com/1121241"
},
{
"category": "self",
"summary": "SUSE Bug 1121242",
"url": "https://bugzilla.suse.com/1121242"
},
{
"category": "self",
"summary": "SUSE Bug 1121275",
"url": "https://bugzilla.suse.com/1121275"
},
{
"category": "self",
"summary": "SUSE Bug 1121621",
"url": "https://bugzilla.suse.com/1121621"
},
{
"category": "self",
"summary": "SUSE Bug 1121726",
"url": "https://bugzilla.suse.com/1121726"
},
{
"category": "self",
"summary": "SUSE Bug 1122650",
"url": "https://bugzilla.suse.com/1122650"
},
{
"category": "self",
"summary": "SUSE Bug 1122651",
"url": "https://bugzilla.suse.com/1122651"
},
{
"category": "self",
"summary": "SUSE Bug 1122779",
"url": "https://bugzilla.suse.com/1122779"
},
{
"category": "self",
"summary": "SUSE Bug 1122885",
"url": "https://bugzilla.suse.com/1122885"
},
{
"category": "self",
"summary": "SUSE Bug 1123321",
"url": "https://bugzilla.suse.com/1123321"
},
{
"category": "self",
"summary": "SUSE Bug 1123323",
"url": "https://bugzilla.suse.com/1123323"
},
{
"category": "self",
"summary": "SUSE Bug 1123357",
"url": "https://bugzilla.suse.com/1123357"
},
{
"category": "self",
"summary": "SUSE Bug 1123933",
"url": "https://bugzilla.suse.com/1123933"
},
{
"category": "self",
"summary": "SUSE Bug 1124166",
"url": "https://bugzilla.suse.com/1124166"
},
{
"category": "self",
"summary": "SUSE Bug 1124728",
"url": "https://bugzilla.suse.com/1124728"
},
{
"category": "self",
"summary": "SUSE Bug 1124732",
"url": "https://bugzilla.suse.com/1124732"
},
{
"category": "self",
"summary": "SUSE Bug 1124735",
"url": "https://bugzilla.suse.com/1124735"
},
{
"category": "self",
"summary": "SUSE Bug 1124775",
"url": "https://bugzilla.suse.com/1124775"
},
{
"category": "self",
"summary": "SUSE Bug 1124777",
"url": "https://bugzilla.suse.com/1124777"
},
{
"category": "self",
"summary": "SUSE Bug 1124780",
"url": "https://bugzilla.suse.com/1124780"
},
{
"category": "self",
"summary": "SUSE Bug 1124811",
"url": "https://bugzilla.suse.com/1124811"
},
{
"category": "self",
"summary": "SUSE Bug 1125000",
"url": "https://bugzilla.suse.com/1125000"
},
{
"category": "self",
"summary": "SUSE Bug 1125014",
"url": "https://bugzilla.suse.com/1125014"
},
{
"category": "self",
"summary": "SUSE Bug 1125446",
"url": "https://bugzilla.suse.com/1125446"
},
{
"category": "self",
"summary": "SUSE Bug 1125794",
"url": "https://bugzilla.suse.com/1125794"
},
{
"category": "self",
"summary": "SUSE Bug 1125796",
"url": "https://bugzilla.suse.com/1125796"
},
{
"category": "self",
"summary": "SUSE Bug 1125808",
"url": "https://bugzilla.suse.com/1125808"
},
{
"category": "self",
"summary": "SUSE Bug 1125809",
"url": "https://bugzilla.suse.com/1125809"
},
{
"category": "self",
"summary": "SUSE Bug 1125810",
"url": "https://bugzilla.suse.com/1125810"
},
{
"category": "self",
"summary": "SUSE Bug 1125892",
"url": "https://bugzilla.suse.com/1125892"
},
{
"category": "self",
"summary": "SUSE Bug 985031",
"url": "https://bugzilla.suse.com/985031"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2018-1120 page",
"url": "https://www.suse.com/security/cve/CVE-2018-1120/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2018-16862 page",
"url": "https://www.suse.com/security/cve/CVE-2018-16862/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2018-16884 page",
"url": "https://www.suse.com/security/cve/CVE-2018-16884/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2018-19407 page",
"url": "https://www.suse.com/security/cve/CVE-2018-19407/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2018-19824 page",
"url": "https://www.suse.com/security/cve/CVE-2018-19824/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2018-19985 page",
"url": "https://www.suse.com/security/cve/CVE-2018-19985/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2018-20169 page",
"url": "https://www.suse.com/security/cve/CVE-2018-20169/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2018-5391 page",
"url": "https://www.suse.com/security/cve/CVE-2018-5391/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2018-9568 page",
"url": "https://www.suse.com/security/cve/CVE-2018-9568/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2019-3459 page",
"url": "https://www.suse.com/security/cve/CVE-2019-3459/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2019-3460 page",
"url": "https://www.suse.com/security/cve/CVE-2019-3460/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2019-6974 page",
"url": "https://www.suse.com/security/cve/CVE-2019-6974/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2019-7221 page",
"url": "https://www.suse.com/security/cve/CVE-2019-7221/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2019-7222 page",
"url": "https://www.suse.com/security/cve/CVE-2019-7222/"
}
],
"title": "Security update for the Linux Kernel",
"tracking": {
"current_release_date": "2019-03-04T16:45:36Z",
"generator": {
"date": "2019-03-04T16:45:36Z",
"engine": {
"name": "cve-database.git:bin/generate-csaf.pl",
"version": "1"
}
},
"id": "SUSE-SU-2019:0541-1",
"initial_release_date": "2019-03-04T16:45:36Z",
"revision_history": [
{
"date": "2019-03-04T16:45:36Z",
"number": "1",
"summary": "Current version"
}
],
"status": "final",
"version": "1"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_version",
"name": "cluster-md-kmp-default-4.4.175-94.79.1.aarch64",
"product": {
"name": "cluster-md-kmp-default-4.4.175-94.79.1.aarch64",
"product_id": "cluster-md-kmp-default-4.4.175-94.79.1.aarch64"
}
},
{
"category": "product_version",
"name": "dlm-kmp-default-4.4.175-94.79.1.aarch64",
"product": {
"name": "dlm-kmp-default-4.4.175-94.79.1.aarch64",
"product_id": "dlm-kmp-default-4.4.175-94.79.1.aarch64"
}
},
{
"category": "product_version",
"name": "gfs2-kmp-default-4.4.175-94.79.1.aarch64",
"product": {
"name": "gfs2-kmp-default-4.4.175-94.79.1.aarch64",
"product_id": "gfs2-kmp-default-4.4.175-94.79.1.aarch64"
}
},
{
"category": "product_version",
"name": "kernel-default-4.4.175-94.79.1.aarch64",
"product": {
"name": "kernel-default-4.4.175-94.79.1.aarch64",
"product_id": "kernel-default-4.4.175-94.79.1.aarch64"
}
},
{
"category": "product_version",
"name": "kernel-default-base-4.4.175-94.79.1.aarch64",
"product": {
"name": "kernel-default-base-4.4.175-94.79.1.aarch64",
"product_id": "kernel-default-base-4.4.175-94.79.1.aarch64"
}
},
{
"category": "product_version",
"name": "kernel-default-devel-4.4.175-94.79.1.aarch64",
"product": {
"name": "kernel-default-devel-4.4.175-94.79.1.aarch64",
"product_id": "kernel-default-devel-4.4.175-94.79.1.aarch64"
}
},
{
"category": "product_version",
"name": "kernel-default-extra-4.4.175-94.79.1.aarch64",
"product": {
"name": "kernel-default-extra-4.4.175-94.79.1.aarch64",
"product_id": "kernel-default-extra-4.4.175-94.79.1.aarch64"
}
},
{
"category": "product_version",
"name": "kernel-default-kgraft-4.4.175-94.79.1.aarch64",
"product": {
"name": "kernel-default-kgraft-4.4.175-94.79.1.aarch64",
"product_id": "kernel-default-kgraft-4.4.175-94.79.1.aarch64"
}
},
{
"category": "product_version",
"name": "kernel-obs-build-4.4.175-94.79.1.aarch64",
"product": {
"name": "kernel-obs-build-4.4.175-94.79.1.aarch64",
"product_id": "kernel-obs-build-4.4.175-94.79.1.aarch64"
}
},
{
"category": "product_version",
"name": "kernel-obs-qa-4.4.175-94.79.2.aarch64",
"product": {
"name": "kernel-obs-qa-4.4.175-94.79.2.aarch64",
"product_id": "kernel-obs-qa-4.4.175-94.79.2.aarch64"
}
},
{
"category": "product_version",
"name": "kernel-syms-4.4.175-94.79.1.aarch64",
"product": {
"name": "kernel-syms-4.4.175-94.79.1.aarch64",
"product_id": "kernel-syms-4.4.175-94.79.1.aarch64"
}
},
{
"category": "product_version",
"name": "kernel-vanilla-4.4.175-94.79.1.aarch64",
"product": {
"name": "kernel-vanilla-4.4.175-94.79.1.aarch64",
"product_id": "kernel-vanilla-4.4.175-94.79.1.aarch64"
}
},
{
"category": "product_version",
"name": "kernel-vanilla-base-4.4.175-94.79.1.aarch64",
"product": {
"name": "kernel-vanilla-base-4.4.175-94.79.1.aarch64",
"product_id": "kernel-vanilla-base-4.4.175-94.79.1.aarch64"
}
},
{
"category": "product_version",
"name": "kernel-vanilla-devel-4.4.175-94.79.1.aarch64",
"product": {
"name": "kernel-vanilla-devel-4.4.175-94.79.1.aarch64",
"product_id": "kernel-vanilla-devel-4.4.175-94.79.1.aarch64"
}
},
{
"category": "product_version",
"name": "kselftests-kmp-default-4.4.175-94.79.1.aarch64",
"product": {
"name": "kselftests-kmp-default-4.4.175-94.79.1.aarch64",
"product_id": "kselftests-kmp-default-4.4.175-94.79.1.aarch64"
}
},
{
"category": "product_version",
"name": "ocfs2-kmp-default-4.4.175-94.79.1.aarch64",
"product": {
"name": "ocfs2-kmp-default-4.4.175-94.79.1.aarch64",
"product_id": "ocfs2-kmp-default-4.4.175-94.79.1.aarch64"
}
}
],
"category": "architecture",
"name": "aarch64"
},
{
"branches": [
{
"category": "product_version",
"name": "kernel-devel-4.4.175-94.79.1.noarch",
"product": {
"name": "kernel-devel-4.4.175-94.79.1.noarch",
"product_id": "kernel-devel-4.4.175-94.79.1.noarch"
}
},
{
"category": "product_version",
"name": "kernel-docs-4.4.175-94.79.1.noarch",
"product": {
"name": "kernel-docs-4.4.175-94.79.1.noarch",
"product_id": "kernel-docs-4.4.175-94.79.1.noarch"
}
},
{
"category": "product_version",
"name": "kernel-docs-html-4.4.175-94.79.1.noarch",
"product": {
"name": "kernel-docs-html-4.4.175-94.79.1.noarch",
"product_id": "kernel-docs-html-4.4.175-94.79.1.noarch"
}
},
{
"category": "product_version",
"name": "kernel-docs-pdf-4.4.175-94.79.1.noarch",
"product": {
"name": "kernel-docs-pdf-4.4.175-94.79.1.noarch",
"product_id": "kernel-docs-pdf-4.4.175-94.79.1.noarch"
}
},
{
"category": "product_version",
"name": "kernel-macros-4.4.175-94.79.1.noarch",
"product": {
"name": "kernel-macros-4.4.175-94.79.1.noarch",
"product_id": "kernel-macros-4.4.175-94.79.1.noarch"
}
},
{
"category": "product_version",
"name": "kernel-source-4.4.175-94.79.1.noarch",
"product": {
"name": "kernel-source-4.4.175-94.79.1.noarch",
"product_id": "kernel-source-4.4.175-94.79.1.noarch"
}
},
{
"category": "product_version",
"name": "kernel-source-vanilla-4.4.175-94.79.1.noarch",
"product": {
"name": "kernel-source-vanilla-4.4.175-94.79.1.noarch",
"product_id": "kernel-source-vanilla-4.4.175-94.79.1.noarch"
}
}
],
"category": "architecture",
"name": "noarch"
},
{
"branches": [
{
"category": "product_version",
"name": "cluster-md-kmp-debug-4.4.175-94.79.1.ppc64le",
"product": {
"name": "cluster-md-kmp-debug-4.4.175-94.79.1.ppc64le",
"product_id": "cluster-md-kmp-debug-4.4.175-94.79.1.ppc64le"
}
},
{
"category": "product_version",
"name": "cluster-md-kmp-default-4.4.175-94.79.1.ppc64le",
"product": {
"name": "cluster-md-kmp-default-4.4.175-94.79.1.ppc64le",
"product_id": "cluster-md-kmp-default-4.4.175-94.79.1.ppc64le"
}
},
{
"category": "product_version",
"name": "dlm-kmp-debug-4.4.175-94.79.1.ppc64le",
"product": {
"name": "dlm-kmp-debug-4.4.175-94.79.1.ppc64le",
"product_id": "dlm-kmp-debug-4.4.175-94.79.1.ppc64le"
}
},
{
"category": "product_version",
"name": "dlm-kmp-default-4.4.175-94.79.1.ppc64le",
"product": {
"name": "dlm-kmp-default-4.4.175-94.79.1.ppc64le",
"product_id": "dlm-kmp-default-4.4.175-94.79.1.ppc64le"
}
},
{
"category": "product_version",
"name": "gfs2-kmp-debug-4.4.175-94.79.1.ppc64le",
"product": {
"name": "gfs2-kmp-debug-4.4.175-94.79.1.ppc64le",
"product_id": "gfs2-kmp-debug-4.4.175-94.79.1.ppc64le"
}
},
{
"category": "product_version",
"name": "gfs2-kmp-default-4.4.175-94.79.1.ppc64le",
"product": {
"name": "gfs2-kmp-default-4.4.175-94.79.1.ppc64le",
"product_id": "gfs2-kmp-default-4.4.175-94.79.1.ppc64le"
}
},
{
"category": "product_version",
"name": "kernel-debug-4.4.175-94.79.1.ppc64le",
"product": {
"name": "kernel-debug-4.4.175-94.79.1.ppc64le",
"product_id": "kernel-debug-4.4.175-94.79.1.ppc64le"
}
},
{
"category": "product_version",
"name": "kernel-debug-base-4.4.175-94.79.1.ppc64le",
"product": {
"name": "kernel-debug-base-4.4.175-94.79.1.ppc64le",
"product_id": "kernel-debug-base-4.4.175-94.79.1.ppc64le"
}
},
{
"category": "product_version",
"name": "kernel-debug-devel-4.4.175-94.79.1.ppc64le",
"product": {
"name": "kernel-debug-devel-4.4.175-94.79.1.ppc64le",
"product_id": "kernel-debug-devel-4.4.175-94.79.1.ppc64le"
}
},
{
"category": "product_version",
"name": "kernel-debug-extra-4.4.175-94.79.1.ppc64le",
"product": {
"name": "kernel-debug-extra-4.4.175-94.79.1.ppc64le",
"product_id": "kernel-debug-extra-4.4.175-94.79.1.ppc64le"
}
},
{
"category": "product_version",
"name": "kernel-debug-kgraft-4.4.175-94.79.1.ppc64le",
"product": {
"name": "kernel-debug-kgraft-4.4.175-94.79.1.ppc64le",
"product_id": "kernel-debug-kgraft-4.4.175-94.79.1.ppc64le"
}
},
{
"category": "product_version",
"name": "kernel-default-4.4.175-94.79.1.ppc64le",
"product": {
"name": "kernel-default-4.4.175-94.79.1.ppc64le",
"product_id": "kernel-default-4.4.175-94.79.1.ppc64le"
}
},
{
"category": "product_version",
"name": "kernel-default-base-4.4.175-94.79.1.ppc64le",
"product": {
"name": "kernel-default-base-4.4.175-94.79.1.ppc64le",
"product_id": "kernel-default-base-4.4.175-94.79.1.ppc64le"
}
},
{
"category": "product_version",
"name": "kernel-default-devel-4.4.175-94.79.1.ppc64le",
"product": {
"name": "kernel-default-devel-4.4.175-94.79.1.ppc64le",
"product_id": "kernel-default-devel-4.4.175-94.79.1.ppc64le"
}
},
{
"category": "product_version",
"name": "kernel-default-extra-4.4.175-94.79.1.ppc64le",
"product": {
"name": "kernel-default-extra-4.4.175-94.79.1.ppc64le",
"product_id": "kernel-default-extra-4.4.175-94.79.1.ppc64le"
}
},
{
"category": "product_version",
"name": "kernel-default-kgraft-4.4.175-94.79.1.ppc64le",
"product": {
"name": "kernel-default-kgraft-4.4.175-94.79.1.ppc64le",
"product_id": "kernel-default-kgraft-4.4.175-94.79.1.ppc64le"
}
},
{
"category": "product_version",
"name": "kernel-obs-build-4.4.175-94.79.1.ppc64le",
"product": {
"name": "kernel-obs-build-4.4.175-94.79.1.ppc64le",
"product_id": "kernel-obs-build-4.4.175-94.79.1.ppc64le"
}
},
{
"category": "product_version",
"name": "kernel-obs-qa-4.4.175-94.79.2.ppc64le",
"product": {
"name": "kernel-obs-qa-4.4.175-94.79.2.ppc64le",
"product_id": "kernel-obs-qa-4.4.175-94.79.2.ppc64le"
}
},
{
"category": "product_version",
"name": "kernel-syms-4.4.175-94.79.1.ppc64le",
"product": {
"name": "kernel-syms-4.4.175-94.79.1.ppc64le",
"product_id": "kernel-syms-4.4.175-94.79.1.ppc64le"
}
},
{
"category": "product_version",
"name": "kernel-vanilla-4.4.175-94.79.1.ppc64le",
"product": {
"name": "kernel-vanilla-4.4.175-94.79.1.ppc64le",
"product_id": "kernel-vanilla-4.4.175-94.79.1.ppc64le"
}
},
{
"category": "product_version",
"name": "kernel-vanilla-base-4.4.175-94.79.1.ppc64le",
"product": {
"name": "kernel-vanilla-base-4.4.175-94.79.1.ppc64le",
"product_id": "kernel-vanilla-base-4.4.175-94.79.1.ppc64le"
}
},
{
"category": "product_version",
"name": "kernel-vanilla-devel-4.4.175-94.79.1.ppc64le",
"product": {
"name": "kernel-vanilla-devel-4.4.175-94.79.1.ppc64le",
"product_id": "kernel-vanilla-devel-4.4.175-94.79.1.ppc64le"
}
},
{
"category": "product_version",
"name": "kgraft-patch-4_4_175-94_79-default-1-4.7.1.ppc64le",
"product": {
"name": "kgraft-patch-4_4_175-94_79-default-1-4.7.1.ppc64le",
"product_id": "kgraft-patch-4_4_175-94_79-default-1-4.7.1.ppc64le"
}
},
{
"category": "product_version",
"name": "kselftests-kmp-debug-4.4.175-94.79.1.ppc64le",
"product": {
"name": "kselftests-kmp-debug-4.4.175-94.79.1.ppc64le",
"product_id": "kselftests-kmp-debug-4.4.175-94.79.1.ppc64le"
}
},
{
"category": "product_version",
"name": "kselftests-kmp-default-4.4.175-94.79.1.ppc64le",
"product": {
"name": "kselftests-kmp-default-4.4.175-94.79.1.ppc64le",
"product_id": "kselftests-kmp-default-4.4.175-94.79.1.ppc64le"
}
},
{
"category": "product_version",
"name": "ocfs2-kmp-debug-4.4.175-94.79.1.ppc64le",
"product": {
"name": "ocfs2-kmp-debug-4.4.175-94.79.1.ppc64le",
"product_id": "ocfs2-kmp-debug-4.4.175-94.79.1.ppc64le"
}
},
{
"category": "product_version",
"name": "ocfs2-kmp-default-4.4.175-94.79.1.ppc64le",
"product": {
"name": "ocfs2-kmp-default-4.4.175-94.79.1.ppc64le",
"product_id": "ocfs2-kmp-default-4.4.175-94.79.1.ppc64le"
}
}
],
"category": "architecture",
"name": "ppc64le"
},
{
"branches": [
{
"category": "product_version",
"name": "cluster-md-kmp-default-4.4.175-94.79.1.s390x",
"product": {
"name": "cluster-md-kmp-default-4.4.175-94.79.1.s390x",
"product_id": "cluster-md-kmp-default-4.4.175-94.79.1.s390x"
}
},
{
"category": "product_version",
"name": "dlm-kmp-default-4.4.175-94.79.1.s390x",
"product": {
"name": "dlm-kmp-default-4.4.175-94.79.1.s390x",
"product_id": "dlm-kmp-default-4.4.175-94.79.1.s390x"
}
},
{
"category": "product_version",
"name": "gfs2-kmp-default-4.4.175-94.79.1.s390x",
"product": {
"name": "gfs2-kmp-default-4.4.175-94.79.1.s390x",
"product_id": "gfs2-kmp-default-4.4.175-94.79.1.s390x"
}
},
{
"category": "product_version",
"name": "kernel-default-4.4.175-94.79.1.s390x",
"product": {
"name": "kernel-default-4.4.175-94.79.1.s390x",
"product_id": "kernel-default-4.4.175-94.79.1.s390x"
}
},
{
"category": "product_version",
"name": "kernel-default-base-4.4.175-94.79.1.s390x",
"product": {
"name": "kernel-default-base-4.4.175-94.79.1.s390x",
"product_id": "kernel-default-base-4.4.175-94.79.1.s390x"
}
},
{
"category": "product_version",
"name": "kernel-default-devel-4.4.175-94.79.1.s390x",
"product": {
"name": "kernel-default-devel-4.4.175-94.79.1.s390x",
"product_id": "kernel-default-devel-4.4.175-94.79.1.s390x"
}
},
{
"category": "product_version",
"name": "kernel-default-extra-4.4.175-94.79.1.s390x",
"product": {
"name": "kernel-default-extra-4.4.175-94.79.1.s390x",
"product_id": "kernel-default-extra-4.4.175-94.79.1.s390x"
}
},
{
"category": "product_version",
"name": "kernel-default-kgraft-4.4.175-94.79.1.s390x",
"product": {
"name": "kernel-default-kgraft-4.4.175-94.79.1.s390x",
"product_id": "kernel-default-kgraft-4.4.175-94.79.1.s390x"
}
},
{
"category": "product_version",
"name": "kernel-default-man-4.4.175-94.79.1.s390x",
"product": {
"name": "kernel-default-man-4.4.175-94.79.1.s390x",
"product_id": "kernel-default-man-4.4.175-94.79.1.s390x"
}
},
{
"category": "product_version",
"name": "kernel-obs-build-4.4.175-94.79.1.s390x",
"product": {
"name": "kernel-obs-build-4.4.175-94.79.1.s390x",
"product_id": "kernel-obs-build-4.4.175-94.79.1.s390x"
}
},
{
"category": "product_version",
"name": "kernel-obs-qa-4.4.175-94.79.2.s390x",
"product": {
"name": "kernel-obs-qa-4.4.175-94.79.2.s390x",
"product_id": "kernel-obs-qa-4.4.175-94.79.2.s390x"
}
},
{
"category": "product_version",
"name": "kernel-syms-4.4.175-94.79.1.s390x",
"product": {
"name": "kernel-syms-4.4.175-94.79.1.s390x",
"product_id": "kernel-syms-4.4.175-94.79.1.s390x"
}
},
{
"category": "product_version",
"name": "kernel-vanilla-4.4.175-94.79.1.s390x",
"product": {
"name": "kernel-vanilla-4.4.175-94.79.1.s390x",
"product_id": "kernel-vanilla-4.4.175-94.79.1.s390x"
}
},
{
"category": "product_version",
"name": "kernel-vanilla-base-4.4.175-94.79.1.s390x",
"product": {
"name": "kernel-vanilla-base-4.4.175-94.79.1.s390x",
"product_id": "kernel-vanilla-base-4.4.175-94.79.1.s390x"
}
},
{
"category": "product_version",
"name": "kernel-vanilla-devel-4.4.175-94.79.1.s390x",
"product": {
"name": "kernel-vanilla-devel-4.4.175-94.79.1.s390x",
"product_id": "kernel-vanilla-devel-4.4.175-94.79.1.s390x"
}
},
{
"category": "product_version",
"name": "kernel-zfcpdump-4.4.175-94.79.1.s390x",
"product": {
"name": "kernel-zfcpdump-4.4.175-94.79.1.s390x",
"product_id": "kernel-zfcpdump-4.4.175-94.79.1.s390x"
}
},
{
"category": "product_version",
"name": "kselftests-kmp-default-4.4.175-94.79.1.s390x",
"product": {
"name": "kselftests-kmp-default-4.4.175-94.79.1.s390x",
"product_id": "kselftests-kmp-default-4.4.175-94.79.1.s390x"
}
},
{
"category": "product_version",
"name": "ocfs2-kmp-default-4.4.175-94.79.1.s390x",
"product": {
"name": "ocfs2-kmp-default-4.4.175-94.79.1.s390x",
"product_id": "ocfs2-kmp-default-4.4.175-94.79.1.s390x"
}
}
],
"category": "architecture",
"name": "s390x"
},
{
"branches": [
{
"category": "product_version",
"name": "cluster-md-kmp-debug-4.4.175-94.79.1.x86_64",
"product": {
"name": "cluster-md-kmp-debug-4.4.175-94.79.1.x86_64",
"product_id": "cluster-md-kmp-debug-4.4.175-94.79.1.x86_64"
}
},
{
"category": "product_version",
"name": "cluster-md-kmp-default-4.4.175-94.79.1.x86_64",
"product": {
"name": "cluster-md-kmp-default-4.4.175-94.79.1.x86_64",
"product_id": "cluster-md-kmp-default-4.4.175-94.79.1.x86_64"
}
},
{
"category": "product_version",
"name": "dlm-kmp-debug-4.4.175-94.79.1.x86_64",
"product": {
"name": "dlm-kmp-debug-4.4.175-94.79.1.x86_64",
"product_id": "dlm-kmp-debug-4.4.175-94.79.1.x86_64"
}
},
{
"category": "product_version",
"name": "dlm-kmp-default-4.4.175-94.79.1.x86_64",
"product": {
"name": "dlm-kmp-default-4.4.175-94.79.1.x86_64",
"product_id": "dlm-kmp-default-4.4.175-94.79.1.x86_64"
}
},
{
"category": "product_version",
"name": "gfs2-kmp-debug-4.4.175-94.79.1.x86_64",
"product": {
"name": "gfs2-kmp-debug-4.4.175-94.79.1.x86_64",
"product_id": "gfs2-kmp-debug-4.4.175-94.79.1.x86_64"
}
},
{
"category": "product_version",
"name": "gfs2-kmp-default-4.4.175-94.79.1.x86_64",
"product": {
"name": "gfs2-kmp-default-4.4.175-94.79.1.x86_64",
"product_id": "gfs2-kmp-default-4.4.175-94.79.1.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-debug-4.4.175-94.79.1.x86_64",
"product": {
"name": "kernel-debug-4.4.175-94.79.1.x86_64",
"product_id": "kernel-debug-4.4.175-94.79.1.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-debug-base-4.4.175-94.79.1.x86_64",
"product": {
"name": "kernel-debug-base-4.4.175-94.79.1.x86_64",
"product_id": "kernel-debug-base-4.4.175-94.79.1.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-debug-devel-4.4.175-94.79.1.x86_64",
"product": {
"name": "kernel-debug-devel-4.4.175-94.79.1.x86_64",
"product_id": "kernel-debug-devel-4.4.175-94.79.1.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-debug-extra-4.4.175-94.79.1.x86_64",
"product": {
"name": "kernel-debug-extra-4.4.175-94.79.1.x86_64",
"product_id": "kernel-debug-extra-4.4.175-94.79.1.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-debug-kgraft-4.4.175-94.79.1.x86_64",
"product": {
"name": "kernel-debug-kgraft-4.4.175-94.79.1.x86_64",
"product_id": "kernel-debug-kgraft-4.4.175-94.79.1.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-default-4.4.175-94.79.1.x86_64",
"product": {
"name": "kernel-default-4.4.175-94.79.1.x86_64",
"product_id": "kernel-default-4.4.175-94.79.1.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-default-base-4.4.175-94.79.1.x86_64",
"product": {
"name": "kernel-default-base-4.4.175-94.79.1.x86_64",
"product_id": "kernel-default-base-4.4.175-94.79.1.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-default-devel-4.4.175-94.79.1.x86_64",
"product": {
"name": "kernel-default-devel-4.4.175-94.79.1.x86_64",
"product_id": "kernel-default-devel-4.4.175-94.79.1.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-default-extra-4.4.175-94.79.1.x86_64",
"product": {
"name": "kernel-default-extra-4.4.175-94.79.1.x86_64",
"product_id": "kernel-default-extra-4.4.175-94.79.1.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-default-kgraft-4.4.175-94.79.1.x86_64",
"product": {
"name": "kernel-default-kgraft-4.4.175-94.79.1.x86_64",
"product_id": "kernel-default-kgraft-4.4.175-94.79.1.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-obs-build-4.4.175-94.79.1.x86_64",
"product": {
"name": "kernel-obs-build-4.4.175-94.79.1.x86_64",
"product_id": "kernel-obs-build-4.4.175-94.79.1.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-obs-qa-4.4.175-94.79.2.x86_64",
"product": {
"name": "kernel-obs-qa-4.4.175-94.79.2.x86_64",
"product_id": "kernel-obs-qa-4.4.175-94.79.2.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-syms-4.4.175-94.79.1.x86_64",
"product": {
"name": "kernel-syms-4.4.175-94.79.1.x86_64",
"product_id": "kernel-syms-4.4.175-94.79.1.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-vanilla-4.4.175-94.79.1.x86_64",
"product": {
"name": "kernel-vanilla-4.4.175-94.79.1.x86_64",
"product_id": "kernel-vanilla-4.4.175-94.79.1.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-vanilla-base-4.4.175-94.79.1.x86_64",
"product": {
"name": "kernel-vanilla-base-4.4.175-94.79.1.x86_64",
"product_id": "kernel-vanilla-base-4.4.175-94.79.1.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-vanilla-devel-4.4.175-94.79.1.x86_64",
"product": {
"name": "kernel-vanilla-devel-4.4.175-94.79.1.x86_64",
"product_id": "kernel-vanilla-devel-4.4.175-94.79.1.x86_64"
}
},
{
"category": "product_version",
"name": "kgraft-patch-4_4_175-94_79-default-1-4.7.1.x86_64",
"product": {
"name": "kgraft-patch-4_4_175-94_79-default-1-4.7.1.x86_64",
"product_id": "kgraft-patch-4_4_175-94_79-default-1-4.7.1.x86_64"
}
},
{
"category": "product_version",
"name": "kselftests-kmp-debug-4.4.175-94.79.1.x86_64",
"product": {
"name": "kselftests-kmp-debug-4.4.175-94.79.1.x86_64",
"product_id": "kselftests-kmp-debug-4.4.175-94.79.1.x86_64"
}
},
{
"category": "product_version",
"name": "kselftests-kmp-default-4.4.175-94.79.1.x86_64",
"product": {
"name": "kselftests-kmp-default-4.4.175-94.79.1.x86_64",
"product_id": "kselftests-kmp-default-4.4.175-94.79.1.x86_64"
}
},
{
"category": "product_version",
"name": "ocfs2-kmp-debug-4.4.175-94.79.1.x86_64",
"product": {
"name": "ocfs2-kmp-debug-4.4.175-94.79.1.x86_64",
"product_id": "ocfs2-kmp-debug-4.4.175-94.79.1.x86_64"
}
},
{
"category": "product_version",
"name": "ocfs2-kmp-default-4.4.175-94.79.1.x86_64",
"product": {
"name": "ocfs2-kmp-default-4.4.175-94.79.1.x86_64",
"product_id": "ocfs2-kmp-default-4.4.175-94.79.1.x86_64"
}
}
],
"category": "architecture",
"name": "x86_64"
},
{
"branches": [
{
"category": "product_name",
"name": "SUSE Linux Enterprise Desktop 12 SP3",
"product": {
"name": "SUSE Linux Enterprise Desktop 12 SP3",
"product_id": "SUSE Linux Enterprise Desktop 12 SP3",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sled:12:sp3"
}
}
},
{
"category": "product_name",
"name": "SUSE Linux Enterprise High Availability Extension 12 SP3",
"product": {
"name": "SUSE Linux Enterprise High Availability Extension 12 SP3",
"product_id": "SUSE Linux Enterprise High Availability Extension 12 SP3",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sle-ha:12:sp3"
}
}
},
{
"category": "product_name",
"name": "SUSE Linux Enterprise Live Patching 12 SP3",
"product": {
"name": "SUSE Linux Enterprise Live Patching 12 SP3",
"product_id": "SUSE Linux Enterprise Live Patching 12 SP3",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sle-live-patching:12:sp3"
}
}
},
{
"category": "product_name",
"name": "SUSE Linux Enterprise Software Development Kit 12 SP3",
"product": {
"name": "SUSE Linux Enterprise Software Development Kit 12 SP3",
"product_id": "SUSE Linux Enterprise Software Development Kit 12 SP3",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sle-sdk:12:sp3"
}
}
},
{
"category": "product_name",
"name": "SUSE Linux Enterprise Server 12 SP3",
"product": {
"name": "SUSE Linux Enterprise Server 12 SP3",
"product_id": "SUSE Linux Enterprise Server 12 SP3",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sles:12:sp3"
}
}
},
{
"category": "product_name",
"name": "SUSE Linux Enterprise Server for SAP Applications 12 SP3",
"product": {
"name": "SUSE Linux Enterprise Server for SAP Applications 12 SP3",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 12 SP3",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sles_sap:12:sp3"
}
}
},
{
"category": "product_name",
"name": "SUSE Linux Enterprise Workstation Extension 12 SP3",
"product": {
"name": "SUSE Linux Enterprise Workstation Extension 12 SP3",
"product_id": "SUSE Linux Enterprise Workstation Extension 12 SP3",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sle-we:12:sp3"
}
}
}
],
"category": "product_family",
"name": "SUSE Linux Enterprise"
}
],
"category": "vendor",
"name": "SUSE"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-default-4.4.175-94.79.1.x86_64 as component of SUSE Linux Enterprise Desktop 12 SP3",
"product_id": "SUSE Linux Enterprise Desktop 12 SP3:kernel-default-4.4.175-94.79.1.x86_64"
},
"product_reference": "kernel-default-4.4.175-94.79.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Desktop 12 SP3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-default-devel-4.4.175-94.79.1.x86_64 as component of SUSE Linux Enterprise Desktop 12 SP3",
"product_id": "SUSE Linux Enterprise Desktop 12 SP3:kernel-default-devel-4.4.175-94.79.1.x86_64"
},
"product_reference": "kernel-default-devel-4.4.175-94.79.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Desktop 12 SP3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-default-extra-4.4.175-94.79.1.x86_64 as component of SUSE Linux Enterprise Desktop 12 SP3",
"product_id": "SUSE Linux Enterprise Desktop 12 SP3:kernel-default-extra-4.4.175-94.79.1.x86_64"
},
"product_reference": "kernel-default-extra-4.4.175-94.79.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Desktop 12 SP3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-devel-4.4.175-94.79.1.noarch as component of SUSE Linux Enterprise Desktop 12 SP3",
"product_id": "SUSE Linux Enterprise Desktop 12 SP3:kernel-devel-4.4.175-94.79.1.noarch"
},
"product_reference": "kernel-devel-4.4.175-94.79.1.noarch",
"relates_to_product_reference": "SUSE Linux Enterprise Desktop 12 SP3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-macros-4.4.175-94.79.1.noarch as component of SUSE Linux Enterprise Desktop 12 SP3",
"product_id": "SUSE Linux Enterprise Desktop 12 SP3:kernel-macros-4.4.175-94.79.1.noarch"
},
"product_reference": "kernel-macros-4.4.175-94.79.1.noarch",
"relates_to_product_reference": "SUSE Linux Enterprise Desktop 12 SP3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-source-4.4.175-94.79.1.noarch as component of SUSE Linux Enterprise Desktop 12 SP3",
"product_id": "SUSE Linux Enterprise Desktop 12 SP3:kernel-source-4.4.175-94.79.1.noarch"
},
"product_reference": "kernel-source-4.4.175-94.79.1.noarch",
"relates_to_product_reference": "SUSE Linux Enterprise Desktop 12 SP3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-syms-4.4.175-94.79.1.x86_64 as component of SUSE Linux Enterprise Desktop 12 SP3",
"product_id": "SUSE Linux Enterprise Desktop 12 SP3:kernel-syms-4.4.175-94.79.1.x86_64"
},
"product_reference": "kernel-syms-4.4.175-94.79.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Desktop 12 SP3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "cluster-md-kmp-default-4.4.175-94.79.1.ppc64le as component of SUSE Linux Enterprise High Availability Extension 12 SP3",
"product_id": "SUSE Linux Enterprise High Availability Extension 12 SP3:cluster-md-kmp-default-4.4.175-94.79.1.ppc64le"
},
"product_reference": "cluster-md-kmp-default-4.4.175-94.79.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise High Availability Extension 12 SP3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "cluster-md-kmp-default-4.4.175-94.79.1.s390x as component of SUSE Linux Enterprise High Availability Extension 12 SP3",
"product_id": "SUSE Linux Enterprise High Availability Extension 12 SP3:cluster-md-kmp-default-4.4.175-94.79.1.s390x"
},
"product_reference": "cluster-md-kmp-default-4.4.175-94.79.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise High Availability Extension 12 SP3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "cluster-md-kmp-default-4.4.175-94.79.1.x86_64 as component of SUSE Linux Enterprise High Availability Extension 12 SP3",
"product_id": "SUSE Linux Enterprise High Availability Extension 12 SP3:cluster-md-kmp-default-4.4.175-94.79.1.x86_64"
},
"product_reference": "cluster-md-kmp-default-4.4.175-94.79.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise High Availability Extension 12 SP3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "dlm-kmp-default-4.4.175-94.79.1.ppc64le as component of SUSE Linux Enterprise High Availability Extension 12 SP3",
"product_id": "SUSE Linux Enterprise High Availability Extension 12 SP3:dlm-kmp-default-4.4.175-94.79.1.ppc64le"
},
"product_reference": "dlm-kmp-default-4.4.175-94.79.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise High Availability Extension 12 SP3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "dlm-kmp-default-4.4.175-94.79.1.s390x as component of SUSE Linux Enterprise High Availability Extension 12 SP3",
"product_id": "SUSE Linux Enterprise High Availability Extension 12 SP3:dlm-kmp-default-4.4.175-94.79.1.s390x"
},
"product_reference": "dlm-kmp-default-4.4.175-94.79.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise High Availability Extension 12 SP3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "dlm-kmp-default-4.4.175-94.79.1.x86_64 as component of SUSE Linux Enterprise High Availability Extension 12 SP3",
"product_id": "SUSE Linux Enterprise High Availability Extension 12 SP3:dlm-kmp-default-4.4.175-94.79.1.x86_64"
},
"product_reference": "dlm-kmp-default-4.4.175-94.79.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise High Availability Extension 12 SP3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gfs2-kmp-default-4.4.175-94.79.1.ppc64le as component of SUSE Linux Enterprise High Availability Extension 12 SP3",
"product_id": "SUSE Linux Enterprise High Availability Extension 12 SP3:gfs2-kmp-default-4.4.175-94.79.1.ppc64le"
},
"product_reference": "gfs2-kmp-default-4.4.175-94.79.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise High Availability Extension 12 SP3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gfs2-kmp-default-4.4.175-94.79.1.s390x as component of SUSE Linux Enterprise High Availability Extension 12 SP3",
"product_id": "SUSE Linux Enterprise High Availability Extension 12 SP3:gfs2-kmp-default-4.4.175-94.79.1.s390x"
},
"product_reference": "gfs2-kmp-default-4.4.175-94.79.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise High Availability Extension 12 SP3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gfs2-kmp-default-4.4.175-94.79.1.x86_64 as component of SUSE Linux Enterprise High Availability Extension 12 SP3",
"product_id": "SUSE Linux Enterprise High Availability Extension 12 SP3:gfs2-kmp-default-4.4.175-94.79.1.x86_64"
},
"product_reference": "gfs2-kmp-default-4.4.175-94.79.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise High Availability Extension 12 SP3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ocfs2-kmp-default-4.4.175-94.79.1.ppc64le as component of SUSE Linux Enterprise High Availability Extension 12 SP3",
"product_id": "SUSE Linux Enterprise High Availability Extension 12 SP3:ocfs2-kmp-default-4.4.175-94.79.1.ppc64le"
},
"product_reference": "ocfs2-kmp-default-4.4.175-94.79.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise High Availability Extension 12 SP3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ocfs2-kmp-default-4.4.175-94.79.1.s390x as component of SUSE Linux Enterprise High Availability Extension 12 SP3",
"product_id": "SUSE Linux Enterprise High Availability Extension 12 SP3:ocfs2-kmp-default-4.4.175-94.79.1.s390x"
},
"product_reference": "ocfs2-kmp-default-4.4.175-94.79.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise High Availability Extension 12 SP3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ocfs2-kmp-default-4.4.175-94.79.1.x86_64 as component of SUSE Linux Enterprise High Availability Extension 12 SP3",
"product_id": "SUSE Linux Enterprise High Availability Extension 12 SP3:ocfs2-kmp-default-4.4.175-94.79.1.x86_64"
},
"product_reference": "ocfs2-kmp-default-4.4.175-94.79.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise High Availability Extension 12 SP3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kgraft-patch-4_4_175-94_79-default-1-4.7.1.ppc64le as component of SUSE Linux Enterprise Live Patching 12 SP3",
"product_id": "SUSE Linux Enterprise Live Patching 12 SP3:kgraft-patch-4_4_175-94_79-default-1-4.7.1.ppc64le"
},
"product_reference": "kgraft-patch-4_4_175-94_79-default-1-4.7.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Live Patching 12 SP3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kgraft-patch-4_4_175-94_79-default-1-4.7.1.x86_64 as component of SUSE Linux Enterprise Live Patching 12 SP3",
"product_id": "SUSE Linux Enterprise Live Patching 12 SP3:kgraft-patch-4_4_175-94_79-default-1-4.7.1.x86_64"
},
"product_reference": "kgraft-patch-4_4_175-94_79-default-1-4.7.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Live Patching 12 SP3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-docs-4.4.175-94.79.1.noarch as component of SUSE Linux Enterprise Software Development Kit 12 SP3",
"product_id": "SUSE Linux Enterprise Software Development Kit 12 SP3:kernel-docs-4.4.175-94.79.1.noarch"
},
"product_reference": "kernel-docs-4.4.175-94.79.1.noarch",
"relates_to_product_reference": "SUSE Linux Enterprise Software Development Kit 12 SP3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-obs-build-4.4.175-94.79.1.aarch64 as component of SUSE Linux Enterprise Software Development Kit 12 SP3",
"product_id": "SUSE Linux Enterprise Software Development Kit 12 SP3:kernel-obs-build-4.4.175-94.79.1.aarch64"
},
"product_reference": "kernel-obs-build-4.4.175-94.79.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Software Development Kit 12 SP3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-obs-build-4.4.175-94.79.1.ppc64le as component of SUSE Linux Enterprise Software Development Kit 12 SP3",
"product_id": "SUSE Linux Enterprise Software Development Kit 12 SP3:kernel-obs-build-4.4.175-94.79.1.ppc64le"
},
"product_reference": "kernel-obs-build-4.4.175-94.79.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Software Development Kit 12 SP3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-obs-build-4.4.175-94.79.1.s390x as component of SUSE Linux Enterprise Software Development Kit 12 SP3",
"product_id": "SUSE Linux Enterprise Software Development Kit 12 SP3:kernel-obs-build-4.4.175-94.79.1.s390x"
},
"product_reference": "kernel-obs-build-4.4.175-94.79.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Software Development Kit 12 SP3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-obs-build-4.4.175-94.79.1.x86_64 as component of SUSE Linux Enterprise Software Development Kit 12 SP3",
"product_id": "SUSE Linux Enterprise Software Development Kit 12 SP3:kernel-obs-build-4.4.175-94.79.1.x86_64"
},
"product_reference": "kernel-obs-build-4.4.175-94.79.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Software Development Kit 12 SP3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-default-4.4.175-94.79.1.aarch64 as component of SUSE Linux Enterprise Server 12 SP3",
"product_id": "SUSE Linux Enterprise Server 12 SP3:kernel-default-4.4.175-94.79.1.aarch64"
},
"product_reference": "kernel-default-4.4.175-94.79.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-default-4.4.175-94.79.1.ppc64le as component of SUSE Linux Enterprise Server 12 SP3",
"product_id": "SUSE Linux Enterprise Server 12 SP3:kernel-default-4.4.175-94.79.1.ppc64le"
},
"product_reference": "kernel-default-4.4.175-94.79.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-default-4.4.175-94.79.1.s390x as component of SUSE Linux Enterprise Server 12 SP3",
"product_id": "SUSE Linux Enterprise Server 12 SP3:kernel-default-4.4.175-94.79.1.s390x"
},
"product_reference": "kernel-default-4.4.175-94.79.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-default-4.4.175-94.79.1.x86_64 as component of SUSE Linux Enterprise Server 12 SP3",
"product_id": "SUSE Linux Enterprise Server 12 SP3:kernel-default-4.4.175-94.79.1.x86_64"
},
"product_reference": "kernel-default-4.4.175-94.79.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-default-base-4.4.175-94.79.1.aarch64 as component of SUSE Linux Enterprise Server 12 SP3",
"product_id": "SUSE Linux Enterprise Server 12 SP3:kernel-default-base-4.4.175-94.79.1.aarch64"
},
"product_reference": "kernel-default-base-4.4.175-94.79.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-default-base-4.4.175-94.79.1.ppc64le as component of SUSE Linux Enterprise Server 12 SP3",
"product_id": "SUSE Linux Enterprise Server 12 SP3:kernel-default-base-4.4.175-94.79.1.ppc64le"
},
"product_reference": "kernel-default-base-4.4.175-94.79.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-default-base-4.4.175-94.79.1.s390x as component of SUSE Linux Enterprise Server 12 SP3",
"product_id": "SUSE Linux Enterprise Server 12 SP3:kernel-default-base-4.4.175-94.79.1.s390x"
},
"product_reference": "kernel-default-base-4.4.175-94.79.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-default-base-4.4.175-94.79.1.x86_64 as component of SUSE Linux Enterprise Server 12 SP3",
"product_id": "SUSE Linux Enterprise Server 12 SP3:kernel-default-base-4.4.175-94.79.1.x86_64"
},
"product_reference": "kernel-default-base-4.4.175-94.79.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-default-devel-4.4.175-94.79.1.aarch64 as component of SUSE Linux Enterprise Server 12 SP3",
"product_id": "SUSE Linux Enterprise Server 12 SP3:kernel-default-devel-4.4.175-94.79.1.aarch64"
},
"product_reference": "kernel-default-devel-4.4.175-94.79.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-default-devel-4.4.175-94.79.1.ppc64le as component of SUSE Linux Enterprise Server 12 SP3",
"product_id": "SUSE Linux Enterprise Server 12 SP3:kernel-default-devel-4.4.175-94.79.1.ppc64le"
},
"product_reference": "kernel-default-devel-4.4.175-94.79.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-default-devel-4.4.175-94.79.1.s390x as component of SUSE Linux Enterprise Server 12 SP3",
"product_id": "SUSE Linux Enterprise Server 12 SP3:kernel-default-devel-4.4.175-94.79.1.s390x"
},
"product_reference": "kernel-default-devel-4.4.175-94.79.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-default-devel-4.4.175-94.79.1.x86_64 as component of SUSE Linux Enterprise Server 12 SP3",
"product_id": "SUSE Linux Enterprise Server 12 SP3:kernel-default-devel-4.4.175-94.79.1.x86_64"
},
"product_reference": "kernel-default-devel-4.4.175-94.79.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-default-man-4.4.175-94.79.1.s390x as component of SUSE Linux Enterprise Server 12 SP3",
"product_id": "SUSE Linux Enterprise Server 12 SP3:kernel-default-man-4.4.175-94.79.1.s390x"
},
"product_reference": "kernel-default-man-4.4.175-94.79.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-devel-4.4.175-94.79.1.noarch as component of SUSE Linux Enterprise Server 12 SP3",
"product_id": "SUSE Linux Enterprise Server 12 SP3:kernel-devel-4.4.175-94.79.1.noarch"
},
"product_reference": "kernel-devel-4.4.175-94.79.1.noarch",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-macros-4.4.175-94.79.1.noarch as component of SUSE Linux Enterprise Server 12 SP3",
"product_id": "SUSE Linux Enterprise Server 12 SP3:kernel-macros-4.4.175-94.79.1.noarch"
},
"product_reference": "kernel-macros-4.4.175-94.79.1.noarch",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-source-4.4.175-94.79.1.noarch as component of SUSE Linux Enterprise Server 12 SP3",
"product_id": "SUSE Linux Enterprise Server 12 SP3:kernel-source-4.4.175-94.79.1.noarch"
},
"product_reference": "kernel-source-4.4.175-94.79.1.noarch",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-syms-4.4.175-94.79.1.aarch64 as component of SUSE Linux Enterprise Server 12 SP3",
"product_id": "SUSE Linux Enterprise Server 12 SP3:kernel-syms-4.4.175-94.79.1.aarch64"
},
"product_reference": "kernel-syms-4.4.175-94.79.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-syms-4.4.175-94.79.1.ppc64le as component of SUSE Linux Enterprise Server 12 SP3",
"product_id": "SUSE Linux Enterprise Server 12 SP3:kernel-syms-4.4.175-94.79.1.ppc64le"
},
"product_reference": "kernel-syms-4.4.175-94.79.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-syms-4.4.175-94.79.1.s390x as component of SUSE Linux Enterprise Server 12 SP3",
"product_id": "SUSE Linux Enterprise Server 12 SP3:kernel-syms-4.4.175-94.79.1.s390x"
},
"product_reference": "kernel-syms-4.4.175-94.79.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-syms-4.4.175-94.79.1.x86_64 as component of SUSE Linux Enterprise Server 12 SP3",
"product_id": "SUSE Linux Enterprise Server 12 SP3:kernel-syms-4.4.175-94.79.1.x86_64"
},
"product_reference": "kernel-syms-4.4.175-94.79.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-default-4.4.175-94.79.1.aarch64 as component of SUSE Linux Enterprise Server for SAP Applications 12 SP3",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-4.4.175-94.79.1.aarch64"
},
"product_reference": "kernel-default-4.4.175-94.79.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 12 SP3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-default-4.4.175-94.79.1.ppc64le as component of SUSE Linux Enterprise Server for SAP Applications 12 SP3",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-4.4.175-94.79.1.ppc64le"
},
"product_reference": "kernel-default-4.4.175-94.79.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 12 SP3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-default-4.4.175-94.79.1.s390x as component of SUSE Linux Enterprise Server for SAP Applications 12 SP3",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-4.4.175-94.79.1.s390x"
},
"product_reference": "kernel-default-4.4.175-94.79.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 12 SP3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-default-4.4.175-94.79.1.x86_64 as component of SUSE Linux Enterprise Server for SAP Applications 12 SP3",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-4.4.175-94.79.1.x86_64"
},
"product_reference": "kernel-default-4.4.175-94.79.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 12 SP3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-default-base-4.4.175-94.79.1.aarch64 as component of SUSE Linux Enterprise Server for SAP Applications 12 SP3",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-base-4.4.175-94.79.1.aarch64"
},
"product_reference": "kernel-default-base-4.4.175-94.79.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 12 SP3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-default-base-4.4.175-94.79.1.ppc64le as component of SUSE Linux Enterprise Server for SAP Applications 12 SP3",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-base-4.4.175-94.79.1.ppc64le"
},
"product_reference": "kernel-default-base-4.4.175-94.79.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 12 SP3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-default-base-4.4.175-94.79.1.s390x as component of SUSE Linux Enterprise Server for SAP Applications 12 SP3",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-base-4.4.175-94.79.1.s390x"
},
"product_reference": "kernel-default-base-4.4.175-94.79.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 12 SP3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-default-base-4.4.175-94.79.1.x86_64 as component of SUSE Linux Enterprise Server for SAP Applications 12 SP3",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-base-4.4.175-94.79.1.x86_64"
},
"product_reference": "kernel-default-base-4.4.175-94.79.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 12 SP3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-default-devel-4.4.175-94.79.1.aarch64 as component of SUSE Linux Enterprise Server for SAP Applications 12 SP3",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-devel-4.4.175-94.79.1.aarch64"
},
"product_reference": "kernel-default-devel-4.4.175-94.79.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 12 SP3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-default-devel-4.4.175-94.79.1.ppc64le as component of SUSE Linux Enterprise Server for SAP Applications 12 SP3",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-devel-4.4.175-94.79.1.ppc64le"
},
"product_reference": "kernel-default-devel-4.4.175-94.79.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 12 SP3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-default-devel-4.4.175-94.79.1.s390x as component of SUSE Linux Enterprise Server for SAP Applications 12 SP3",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-devel-4.4.175-94.79.1.s390x"
},
"product_reference": "kernel-default-devel-4.4.175-94.79.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 12 SP3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-default-devel-4.4.175-94.79.1.x86_64 as component of SUSE Linux Enterprise Server for SAP Applications 12 SP3",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-devel-4.4.175-94.79.1.x86_64"
},
"product_reference": "kernel-default-devel-4.4.175-94.79.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 12 SP3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-default-man-4.4.175-94.79.1.s390x as component of SUSE Linux Enterprise Server for SAP Applications 12 SP3",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-man-4.4.175-94.79.1.s390x"
},
"product_reference": "kernel-default-man-4.4.175-94.79.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 12 SP3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-devel-4.4.175-94.79.1.noarch as component of SUSE Linux Enterprise Server for SAP Applications 12 SP3",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-devel-4.4.175-94.79.1.noarch"
},
"product_reference": "kernel-devel-4.4.175-94.79.1.noarch",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 12 SP3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-macros-4.4.175-94.79.1.noarch as component of SUSE Linux Enterprise Server for SAP Applications 12 SP3",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-macros-4.4.175-94.79.1.noarch"
},
"product_reference": "kernel-macros-4.4.175-94.79.1.noarch",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 12 SP3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-source-4.4.175-94.79.1.noarch as component of SUSE Linux Enterprise Server for SAP Applications 12 SP3",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-source-4.4.175-94.79.1.noarch"
},
"product_reference": "kernel-source-4.4.175-94.79.1.noarch",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 12 SP3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-syms-4.4.175-94.79.1.aarch64 as component of SUSE Linux Enterprise Server for SAP Applications 12 SP3",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-syms-4.4.175-94.79.1.aarch64"
},
"product_reference": "kernel-syms-4.4.175-94.79.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 12 SP3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-syms-4.4.175-94.79.1.ppc64le as component of SUSE Linux Enterprise Server for SAP Applications 12 SP3",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-syms-4.4.175-94.79.1.ppc64le"
},
"product_reference": "kernel-syms-4.4.175-94.79.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 12 SP3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-syms-4.4.175-94.79.1.s390x as component of SUSE Linux Enterprise Server for SAP Applications 12 SP3",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-syms-4.4.175-94.79.1.s390x"
},
"product_reference": "kernel-syms-4.4.175-94.79.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 12 SP3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-syms-4.4.175-94.79.1.x86_64 as component of SUSE Linux Enterprise Server for SAP Applications 12 SP3",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-syms-4.4.175-94.79.1.x86_64"
},
"product_reference": "kernel-syms-4.4.175-94.79.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 12 SP3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-default-extra-4.4.175-94.79.1.x86_64 as component of SUSE Linux Enterprise Workstation Extension 12 SP3",
"product_id": "SUSE Linux Enterprise Workstation Extension 12 SP3:kernel-default-extra-4.4.175-94.79.1.x86_64"
},
"product_reference": "kernel-default-extra-4.4.175-94.79.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Workstation Extension 12 SP3"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2018-1120",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2018-1120"
}
],
"notes": [
{
"category": "general",
"text": "A flaw was found affecting the Linux kernel before version 4.17. By mmap()ing a FUSE-backed file onto a process\u0027s memory containing command line arguments (or environment strings), an attacker can cause utilities from psutils or procps (such as ps, w) or any other program which makes a read() call to the /proc/\u003cpid\u003e/cmdline (or /proc/\u003cpid\u003e/environ) files to block indefinitely (denial of service) or for some controlled time (as a synchronization primitive for other attacks).",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Desktop 12 SP3:kernel-default-4.4.175-94.79.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP3:kernel-default-devel-4.4.175-94.79.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP3:kernel-default-extra-4.4.175-94.79.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP3:kernel-devel-4.4.175-94.79.1.noarch",
"SUSE Linux Enterprise Desktop 12 SP3:kernel-macros-4.4.175-94.79.1.noarch",
"SUSE Linux Enterprise Desktop 12 SP3:kernel-source-4.4.175-94.79.1.noarch",
"SUSE Linux Enterprise Desktop 12 SP3:kernel-syms-4.4.175-94.79.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP3:cluster-md-kmp-default-4.4.175-94.79.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP3:cluster-md-kmp-default-4.4.175-94.79.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP3:cluster-md-kmp-default-4.4.175-94.79.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP3:dlm-kmp-default-4.4.175-94.79.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP3:dlm-kmp-default-4.4.175-94.79.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP3:dlm-kmp-default-4.4.175-94.79.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP3:gfs2-kmp-default-4.4.175-94.79.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP3:gfs2-kmp-default-4.4.175-94.79.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP3:gfs2-kmp-default-4.4.175-94.79.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP3:ocfs2-kmp-default-4.4.175-94.79.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP3:ocfs2-kmp-default-4.4.175-94.79.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP3:ocfs2-kmp-default-4.4.175-94.79.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP3:kgraft-patch-4_4_175-94_79-default-1-4.7.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP3:kgraft-patch-4_4_175-94_79-default-1-4.7.1.x86_64",
"SUSE Linux Enterprise Server 12 SP3:kernel-default-4.4.175-94.79.1.aarch64",
"SUSE Linux Enterprise Server 12 SP3:kernel-default-4.4.175-94.79.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP3:kernel-default-4.4.175-94.79.1.s390x",
"SUSE Linux Enterprise Server 12 SP3:kernel-default-4.4.175-94.79.1.x86_64",
"SUSE Linux Enterprise Server 12 SP3:kernel-default-base-4.4.175-94.79.1.aarch64",
"SUSE Linux Enterprise Server 12 SP3:kernel-default-base-4.4.175-94.79.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP3:kernel-default-base-4.4.175-94.79.1.s390x",
"SUSE Linux Enterprise Server 12 SP3:kernel-default-base-4.4.175-94.79.1.x86_64",
"SUSE Linux Enterprise Server 12 SP3:kernel-default-devel-4.4.175-94.79.1.aarch64",
"SUSE Linux Enterprise Server 12 SP3:kernel-default-devel-4.4.175-94.79.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP3:kernel-default-devel-4.4.175-94.79.1.s390x",
"SUSE Linux Enterprise Server 12 SP3:kernel-default-devel-4.4.175-94.79.1.x86_64",
"SUSE Linux Enterprise Server 12 SP3:kernel-default-man-4.4.175-94.79.1.s390x",
"SUSE Linux Enterprise Server 12 SP3:kernel-devel-4.4.175-94.79.1.noarch",
"SUSE Linux Enterprise Server 12 SP3:kernel-macros-4.4.175-94.79.1.noarch",
"SUSE Linux Enterprise Server 12 SP3:kernel-source-4.4.175-94.79.1.noarch",
"SUSE Linux Enterprise Server 12 SP3:kernel-syms-4.4.175-94.79.1.aarch64",
"SUSE Linux Enterprise Server 12 SP3:kernel-syms-4.4.175-94.79.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP3:kernel-syms-4.4.175-94.79.1.s390x",
"SUSE Linux Enterprise Server 12 SP3:kernel-syms-4.4.175-94.79.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-4.4.175-94.79.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-4.4.175-94.79.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-4.4.175-94.79.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-4.4.175-94.79.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-base-4.4.175-94.79.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-base-4.4.175-94.79.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-base-4.4.175-94.79.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-base-4.4.175-94.79.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-devel-4.4.175-94.79.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-devel-4.4.175-94.79.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-devel-4.4.175-94.79.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-devel-4.4.175-94.79.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-man-4.4.175-94.79.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-devel-4.4.175-94.79.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-macros-4.4.175-94.79.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-source-4.4.175-94.79.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-syms-4.4.175-94.79.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-syms-4.4.175-94.79.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-syms-4.4.175-94.79.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-syms-4.4.175-94.79.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP3:kernel-docs-4.4.175-94.79.1.noarch",
"SUSE Linux Enterprise Software Development Kit 12 SP3:kernel-obs-build-4.4.175-94.79.1.aarch64",
"SUSE Linux Enterprise Software Development Kit 12 SP3:kernel-obs-build-4.4.175-94.79.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP3:kernel-obs-build-4.4.175-94.79.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP3:kernel-obs-build-4.4.175-94.79.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 12 SP3:kernel-default-extra-4.4.175-94.79.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2018-1120",
"url": "https://www.suse.com/security/cve/CVE-2018-1120"
},
{
"category": "external",
"summary": "SUSE Bug 1087082 for CVE-2018-1120",
"url": "https://bugzilla.suse.com/1087082"
},
{
"category": "external",
"summary": "SUSE Bug 1092100 for CVE-2018-1120",
"url": "https://bugzilla.suse.com/1092100"
},
{
"category": "external",
"summary": "SUSE Bug 1093158 for CVE-2018-1120",
"url": "https://bugzilla.suse.com/1093158"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Desktop 12 SP3:kernel-default-4.4.175-94.79.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP3:kernel-default-devel-4.4.175-94.79.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP3:kernel-default-extra-4.4.175-94.79.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP3:kernel-devel-4.4.175-94.79.1.noarch",
"SUSE Linux Enterprise Desktop 12 SP3:kernel-macros-4.4.175-94.79.1.noarch",
"SUSE Linux Enterprise Desktop 12 SP3:kernel-source-4.4.175-94.79.1.noarch",
"SUSE Linux Enterprise Desktop 12 SP3:kernel-syms-4.4.175-94.79.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP3:cluster-md-kmp-default-4.4.175-94.79.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP3:cluster-md-kmp-default-4.4.175-94.79.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP3:cluster-md-kmp-default-4.4.175-94.79.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP3:dlm-kmp-default-4.4.175-94.79.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP3:dlm-kmp-default-4.4.175-94.79.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP3:dlm-kmp-default-4.4.175-94.79.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP3:gfs2-kmp-default-4.4.175-94.79.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP3:gfs2-kmp-default-4.4.175-94.79.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP3:gfs2-kmp-default-4.4.175-94.79.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP3:ocfs2-kmp-default-4.4.175-94.79.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP3:ocfs2-kmp-default-4.4.175-94.79.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP3:ocfs2-kmp-default-4.4.175-94.79.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP3:kgraft-patch-4_4_175-94_79-default-1-4.7.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP3:kgraft-patch-4_4_175-94_79-default-1-4.7.1.x86_64",
"SUSE Linux Enterprise Server 12 SP3:kernel-default-4.4.175-94.79.1.aarch64",
"SUSE Linux Enterprise Server 12 SP3:kernel-default-4.4.175-94.79.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP3:kernel-default-4.4.175-94.79.1.s390x",
"SUSE Linux Enterprise Server 12 SP3:kernel-default-4.4.175-94.79.1.x86_64",
"SUSE Linux Enterprise Server 12 SP3:kernel-default-base-4.4.175-94.79.1.aarch64",
"SUSE Linux Enterprise Server 12 SP3:kernel-default-base-4.4.175-94.79.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP3:kernel-default-base-4.4.175-94.79.1.s390x",
"SUSE Linux Enterprise Server 12 SP3:kernel-default-base-4.4.175-94.79.1.x86_64",
"SUSE Linux Enterprise Server 12 SP3:kernel-default-devel-4.4.175-94.79.1.aarch64",
"SUSE Linux Enterprise Server 12 SP3:kernel-default-devel-4.4.175-94.79.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP3:kernel-default-devel-4.4.175-94.79.1.s390x",
"SUSE Linux Enterprise Server 12 SP3:kernel-default-devel-4.4.175-94.79.1.x86_64",
"SUSE Linux Enterprise Server 12 SP3:kernel-default-man-4.4.175-94.79.1.s390x",
"SUSE Linux Enterprise Server 12 SP3:kernel-devel-4.4.175-94.79.1.noarch",
"SUSE Linux Enterprise Server 12 SP3:kernel-macros-4.4.175-94.79.1.noarch",
"SUSE Linux Enterprise Server 12 SP3:kernel-source-4.4.175-94.79.1.noarch",
"SUSE Linux Enterprise Server 12 SP3:kernel-syms-4.4.175-94.79.1.aarch64",
"SUSE Linux Enterprise Server 12 SP3:kernel-syms-4.4.175-94.79.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP3:kernel-syms-4.4.175-94.79.1.s390x",
"SUSE Linux Enterprise Server 12 SP3:kernel-syms-4.4.175-94.79.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-4.4.175-94.79.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-4.4.175-94.79.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-4.4.175-94.79.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-4.4.175-94.79.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-base-4.4.175-94.79.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-base-4.4.175-94.79.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-base-4.4.175-94.79.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-base-4.4.175-94.79.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-devel-4.4.175-94.79.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-devel-4.4.175-94.79.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-devel-4.4.175-94.79.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-devel-4.4.175-94.79.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-man-4.4.175-94.79.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-devel-4.4.175-94.79.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-macros-4.4.175-94.79.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-source-4.4.175-94.79.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-syms-4.4.175-94.79.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-syms-4.4.175-94.79.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-syms-4.4.175-94.79.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-syms-4.4.175-94.79.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP3:kernel-docs-4.4.175-94.79.1.noarch",
"SUSE Linux Enterprise Software Development Kit 12 SP3:kernel-obs-build-4.4.175-94.79.1.aarch64",
"SUSE Linux Enterprise Software Development Kit 12 SP3:kernel-obs-build-4.4.175-94.79.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP3:kernel-obs-build-4.4.175-94.79.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP3:kernel-obs-build-4.4.175-94.79.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 12 SP3:kernel-default-extra-4.4.175-94.79.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 3.3,
"baseSeverity": "LOW",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L",
"version": "3.0"
},
"products": [
"SUSE Linux Enterprise Desktop 12 SP3:kernel-default-4.4.175-94.79.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP3:kernel-default-devel-4.4.175-94.79.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP3:kernel-default-extra-4.4.175-94.79.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP3:kernel-devel-4.4.175-94.79.1.noarch",
"SUSE Linux Enterprise Desktop 12 SP3:kernel-macros-4.4.175-94.79.1.noarch",
"SUSE Linux Enterprise Desktop 12 SP3:kernel-source-4.4.175-94.79.1.noarch",
"SUSE Linux Enterprise Desktop 12 SP3:kernel-syms-4.4.175-94.79.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP3:cluster-md-kmp-default-4.4.175-94.79.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP3:cluster-md-kmp-default-4.4.175-94.79.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP3:cluster-md-kmp-default-4.4.175-94.79.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP3:dlm-kmp-default-4.4.175-94.79.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP3:dlm-kmp-default-4.4.175-94.79.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP3:dlm-kmp-default-4.4.175-94.79.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP3:gfs2-kmp-default-4.4.175-94.79.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP3:gfs2-kmp-default-4.4.175-94.79.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP3:gfs2-kmp-default-4.4.175-94.79.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP3:ocfs2-kmp-default-4.4.175-94.79.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP3:ocfs2-kmp-default-4.4.175-94.79.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP3:ocfs2-kmp-default-4.4.175-94.79.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP3:kgraft-patch-4_4_175-94_79-default-1-4.7.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP3:kgraft-patch-4_4_175-94_79-default-1-4.7.1.x86_64",
"SUSE Linux Enterprise Server 12 SP3:kernel-default-4.4.175-94.79.1.aarch64",
"SUSE Linux Enterprise Server 12 SP3:kernel-default-4.4.175-94.79.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP3:kernel-default-4.4.175-94.79.1.s390x",
"SUSE Linux Enterprise Server 12 SP3:kernel-default-4.4.175-94.79.1.x86_64",
"SUSE Linux Enterprise Server 12 SP3:kernel-default-base-4.4.175-94.79.1.aarch64",
"SUSE Linux Enterprise Server 12 SP3:kernel-default-base-4.4.175-94.79.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP3:kernel-default-base-4.4.175-94.79.1.s390x",
"SUSE Linux Enterprise Server 12 SP3:kernel-default-base-4.4.175-94.79.1.x86_64",
"SUSE Linux Enterprise Server 12 SP3:kernel-default-devel-4.4.175-94.79.1.aarch64",
"SUSE Linux Enterprise Server 12 SP3:kernel-default-devel-4.4.175-94.79.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP3:kernel-default-devel-4.4.175-94.79.1.s390x",
"SUSE Linux Enterprise Server 12 SP3:kernel-default-devel-4.4.175-94.79.1.x86_64",
"SUSE Linux Enterprise Server 12 SP3:kernel-default-man-4.4.175-94.79.1.s390x",
"SUSE Linux Enterprise Server 12 SP3:kernel-devel-4.4.175-94.79.1.noarch",
"SUSE Linux Enterprise Server 12 SP3:kernel-macros-4.4.175-94.79.1.noarch",
"SUSE Linux Enterprise Server 12 SP3:kernel-source-4.4.175-94.79.1.noarch",
"SUSE Linux Enterprise Server 12 SP3:kernel-syms-4.4.175-94.79.1.aarch64",
"SUSE Linux Enterprise Server 12 SP3:kernel-syms-4.4.175-94.79.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP3:kernel-syms-4.4.175-94.79.1.s390x",
"SUSE Linux Enterprise Server 12 SP3:kernel-syms-4.4.175-94.79.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-4.4.175-94.79.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-4.4.175-94.79.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-4.4.175-94.79.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-4.4.175-94.79.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-base-4.4.175-94.79.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-base-4.4.175-94.79.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-base-4.4.175-94.79.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-base-4.4.175-94.79.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-devel-4.4.175-94.79.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-devel-4.4.175-94.79.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-devel-4.4.175-94.79.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-devel-4.4.175-94.79.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-man-4.4.175-94.79.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-devel-4.4.175-94.79.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-macros-4.4.175-94.79.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-source-4.4.175-94.79.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-syms-4.4.175-94.79.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-syms-4.4.175-94.79.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-syms-4.4.175-94.79.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-syms-4.4.175-94.79.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP3:kernel-docs-4.4.175-94.79.1.noarch",
"SUSE Linux Enterprise Software Development Kit 12 SP3:kernel-obs-build-4.4.175-94.79.1.aarch64",
"SUSE Linux Enterprise Software Development Kit 12 SP3:kernel-obs-build-4.4.175-94.79.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP3:kernel-obs-build-4.4.175-94.79.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP3:kernel-obs-build-4.4.175-94.79.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 12 SP3:kernel-default-extra-4.4.175-94.79.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2019-03-04T16:45:36Z",
"details": "low"
}
],
"title": "CVE-2018-1120"
},
{
"cve": "CVE-2018-16862",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2018-16862"
}
],
"notes": [
{
"category": "general",
"text": "A security flaw was found in the Linux kernel in a way that the cleancache subsystem clears an inode after the final file truncation (removal). The new file created with the same inode may contain leftover pages from cleancache and the old file data instead of the new one.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Desktop 12 SP3:kernel-default-4.4.175-94.79.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP3:kernel-default-devel-4.4.175-94.79.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP3:kernel-default-extra-4.4.175-94.79.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP3:kernel-devel-4.4.175-94.79.1.noarch",
"SUSE Linux Enterprise Desktop 12 SP3:kernel-macros-4.4.175-94.79.1.noarch",
"SUSE Linux Enterprise Desktop 12 SP3:kernel-source-4.4.175-94.79.1.noarch",
"SUSE Linux Enterprise Desktop 12 SP3:kernel-syms-4.4.175-94.79.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP3:cluster-md-kmp-default-4.4.175-94.79.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP3:cluster-md-kmp-default-4.4.175-94.79.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP3:cluster-md-kmp-default-4.4.175-94.79.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP3:dlm-kmp-default-4.4.175-94.79.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP3:dlm-kmp-default-4.4.175-94.79.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP3:dlm-kmp-default-4.4.175-94.79.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP3:gfs2-kmp-default-4.4.175-94.79.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP3:gfs2-kmp-default-4.4.175-94.79.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP3:gfs2-kmp-default-4.4.175-94.79.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP3:ocfs2-kmp-default-4.4.175-94.79.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP3:ocfs2-kmp-default-4.4.175-94.79.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP3:ocfs2-kmp-default-4.4.175-94.79.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP3:kgraft-patch-4_4_175-94_79-default-1-4.7.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP3:kgraft-patch-4_4_175-94_79-default-1-4.7.1.x86_64",
"SUSE Linux Enterprise Server 12 SP3:kernel-default-4.4.175-94.79.1.aarch64",
"SUSE Linux Enterprise Server 12 SP3:kernel-default-4.4.175-94.79.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP3:kernel-default-4.4.175-94.79.1.s390x",
"SUSE Linux Enterprise Server 12 SP3:kernel-default-4.4.175-94.79.1.x86_64",
"SUSE Linux Enterprise Server 12 SP3:kernel-default-base-4.4.175-94.79.1.aarch64",
"SUSE Linux Enterprise Server 12 SP3:kernel-default-base-4.4.175-94.79.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP3:kernel-default-base-4.4.175-94.79.1.s390x",
"SUSE Linux Enterprise Server 12 SP3:kernel-default-base-4.4.175-94.79.1.x86_64",
"SUSE Linux Enterprise Server 12 SP3:kernel-default-devel-4.4.175-94.79.1.aarch64",
"SUSE Linux Enterprise Server 12 SP3:kernel-default-devel-4.4.175-94.79.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP3:kernel-default-devel-4.4.175-94.79.1.s390x",
"SUSE Linux Enterprise Server 12 SP3:kernel-default-devel-4.4.175-94.79.1.x86_64",
"SUSE Linux Enterprise Server 12 SP3:kernel-default-man-4.4.175-94.79.1.s390x",
"SUSE Linux Enterprise Server 12 SP3:kernel-devel-4.4.175-94.79.1.noarch",
"SUSE Linux Enterprise Server 12 SP3:kernel-macros-4.4.175-94.79.1.noarch",
"SUSE Linux Enterprise Server 12 SP3:kernel-source-4.4.175-94.79.1.noarch",
"SUSE Linux Enterprise Server 12 SP3:kernel-syms-4.4.175-94.79.1.aarch64",
"SUSE Linux Enterprise Server 12 SP3:kernel-syms-4.4.175-94.79.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP3:kernel-syms-4.4.175-94.79.1.s390x",
"SUSE Linux Enterprise Server 12 SP3:kernel-syms-4.4.175-94.79.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-4.4.175-94.79.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-4.4.175-94.79.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-4.4.175-94.79.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-4.4.175-94.79.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-base-4.4.175-94.79.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-base-4.4.175-94.79.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-base-4.4.175-94.79.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-base-4.4.175-94.79.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-devel-4.4.175-94.79.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-devel-4.4.175-94.79.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-devel-4.4.175-94.79.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-devel-4.4.175-94.79.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-man-4.4.175-94.79.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-devel-4.4.175-94.79.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-macros-4.4.175-94.79.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-source-4.4.175-94.79.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-syms-4.4.175-94.79.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-syms-4.4.175-94.79.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-syms-4.4.175-94.79.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-syms-4.4.175-94.79.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP3:kernel-docs-4.4.175-94.79.1.noarch",
"SUSE Linux Enterprise Software Development Kit 12 SP3:kernel-obs-build-4.4.175-94.79.1.aarch64",
"SUSE Linux Enterprise Software Development Kit 12 SP3:kernel-obs-build-4.4.175-94.79.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP3:kernel-obs-build-4.4.175-94.79.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP3:kernel-obs-build-4.4.175-94.79.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 12 SP3:kernel-default-extra-4.4.175-94.79.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2018-16862",
"url": "https://www.suse.com/security/cve/CVE-2018-16862"
},
{
"category": "external",
"summary": "SUSE Bug 1117186 for CVE-2018-16862",
"url": "https://bugzilla.suse.com/1117186"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Desktop 12 SP3:kernel-default-4.4.175-94.79.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP3:kernel-default-devel-4.4.175-94.79.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP3:kernel-default-extra-4.4.175-94.79.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP3:kernel-devel-4.4.175-94.79.1.noarch",
"SUSE Linux Enterprise Desktop 12 SP3:kernel-macros-4.4.175-94.79.1.noarch",
"SUSE Linux Enterprise Desktop 12 SP3:kernel-source-4.4.175-94.79.1.noarch",
"SUSE Linux Enterprise Desktop 12 SP3:kernel-syms-4.4.175-94.79.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP3:cluster-md-kmp-default-4.4.175-94.79.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP3:cluster-md-kmp-default-4.4.175-94.79.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP3:cluster-md-kmp-default-4.4.175-94.79.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP3:dlm-kmp-default-4.4.175-94.79.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP3:dlm-kmp-default-4.4.175-94.79.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP3:dlm-kmp-default-4.4.175-94.79.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP3:gfs2-kmp-default-4.4.175-94.79.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP3:gfs2-kmp-default-4.4.175-94.79.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP3:gfs2-kmp-default-4.4.175-94.79.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP3:ocfs2-kmp-default-4.4.175-94.79.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP3:ocfs2-kmp-default-4.4.175-94.79.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP3:ocfs2-kmp-default-4.4.175-94.79.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP3:kgraft-patch-4_4_175-94_79-default-1-4.7.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP3:kgraft-patch-4_4_175-94_79-default-1-4.7.1.x86_64",
"SUSE Linux Enterprise Server 12 SP3:kernel-default-4.4.175-94.79.1.aarch64",
"SUSE Linux Enterprise Server 12 SP3:kernel-default-4.4.175-94.79.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP3:kernel-default-4.4.175-94.79.1.s390x",
"SUSE Linux Enterprise Server 12 SP3:kernel-default-4.4.175-94.79.1.x86_64",
"SUSE Linux Enterprise Server 12 SP3:kernel-default-base-4.4.175-94.79.1.aarch64",
"SUSE Linux Enterprise Server 12 SP3:kernel-default-base-4.4.175-94.79.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP3:kernel-default-base-4.4.175-94.79.1.s390x",
"SUSE Linux Enterprise Server 12 SP3:kernel-default-base-4.4.175-94.79.1.x86_64",
"SUSE Linux Enterprise Server 12 SP3:kernel-default-devel-4.4.175-94.79.1.aarch64",
"SUSE Linux Enterprise Server 12 SP3:kernel-default-devel-4.4.175-94.79.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP3:kernel-default-devel-4.4.175-94.79.1.s390x",
"SUSE Linux Enterprise Server 12 SP3:kernel-default-devel-4.4.175-94.79.1.x86_64",
"SUSE Linux Enterprise Server 12 SP3:kernel-default-man-4.4.175-94.79.1.s390x",
"SUSE Linux Enterprise Server 12 SP3:kernel-devel-4.4.175-94.79.1.noarch",
"SUSE Linux Enterprise Server 12 SP3:kernel-macros-4.4.175-94.79.1.noarch",
"SUSE Linux Enterprise Server 12 SP3:kernel-source-4.4.175-94.79.1.noarch",
"SUSE Linux Enterprise Server 12 SP3:kernel-syms-4.4.175-94.79.1.aarch64",
"SUSE Linux Enterprise Server 12 SP3:kernel-syms-4.4.175-94.79.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP3:kernel-syms-4.4.175-94.79.1.s390x",
"SUSE Linux Enterprise Server 12 SP3:kernel-syms-4.4.175-94.79.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-4.4.175-94.79.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-4.4.175-94.79.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-4.4.175-94.79.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-4.4.175-94.79.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-base-4.4.175-94.79.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-base-4.4.175-94.79.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-base-4.4.175-94.79.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-base-4.4.175-94.79.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-devel-4.4.175-94.79.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-devel-4.4.175-94.79.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-devel-4.4.175-94.79.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-devel-4.4.175-94.79.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-man-4.4.175-94.79.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-devel-4.4.175-94.79.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-macros-4.4.175-94.79.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-source-4.4.175-94.79.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-syms-4.4.175-94.79.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-syms-4.4.175-94.79.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-syms-4.4.175-94.79.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-syms-4.4.175-94.79.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP3:kernel-docs-4.4.175-94.79.1.noarch",
"SUSE Linux Enterprise Software Development Kit 12 SP3:kernel-obs-build-4.4.175-94.79.1.aarch64",
"SUSE Linux Enterprise Software Development Kit 12 SP3:kernel-obs-build-4.4.175-94.79.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP3:kernel-obs-build-4.4.175-94.79.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP3:kernel-obs-build-4.4.175-94.79.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 12 SP3:kernel-default-extra-4.4.175-94.79.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.0/AV:L/AC:H/PR:N/UI:R/S:U/C:H/I:L/A:N",
"version": "3.0"
},
"products": [
"SUSE Linux Enterprise Desktop 12 SP3:kernel-default-4.4.175-94.79.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP3:kernel-default-devel-4.4.175-94.79.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP3:kernel-default-extra-4.4.175-94.79.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP3:kernel-devel-4.4.175-94.79.1.noarch",
"SUSE Linux Enterprise Desktop 12 SP3:kernel-macros-4.4.175-94.79.1.noarch",
"SUSE Linux Enterprise Desktop 12 SP3:kernel-source-4.4.175-94.79.1.noarch",
"SUSE Linux Enterprise Desktop 12 SP3:kernel-syms-4.4.175-94.79.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP3:cluster-md-kmp-default-4.4.175-94.79.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP3:cluster-md-kmp-default-4.4.175-94.79.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP3:cluster-md-kmp-default-4.4.175-94.79.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP3:dlm-kmp-default-4.4.175-94.79.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP3:dlm-kmp-default-4.4.175-94.79.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP3:dlm-kmp-default-4.4.175-94.79.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP3:gfs2-kmp-default-4.4.175-94.79.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP3:gfs2-kmp-default-4.4.175-94.79.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP3:gfs2-kmp-default-4.4.175-94.79.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP3:ocfs2-kmp-default-4.4.175-94.79.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP3:ocfs2-kmp-default-4.4.175-94.79.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP3:ocfs2-kmp-default-4.4.175-94.79.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP3:kgraft-patch-4_4_175-94_79-default-1-4.7.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP3:kgraft-patch-4_4_175-94_79-default-1-4.7.1.x86_64",
"SUSE Linux Enterprise Server 12 SP3:kernel-default-4.4.175-94.79.1.aarch64",
"SUSE Linux Enterprise Server 12 SP3:kernel-default-4.4.175-94.79.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP3:kernel-default-4.4.175-94.79.1.s390x",
"SUSE Linux Enterprise Server 12 SP3:kernel-default-4.4.175-94.79.1.x86_64",
"SUSE Linux Enterprise Server 12 SP3:kernel-default-base-4.4.175-94.79.1.aarch64",
"SUSE Linux Enterprise Server 12 SP3:kernel-default-base-4.4.175-94.79.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP3:kernel-default-base-4.4.175-94.79.1.s390x",
"SUSE Linux Enterprise Server 12 SP3:kernel-default-base-4.4.175-94.79.1.x86_64",
"SUSE Linux Enterprise Server 12 SP3:kernel-default-devel-4.4.175-94.79.1.aarch64",
"SUSE Linux Enterprise Server 12 SP3:kernel-default-devel-4.4.175-94.79.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP3:kernel-default-devel-4.4.175-94.79.1.s390x",
"SUSE Linux Enterprise Server 12 SP3:kernel-default-devel-4.4.175-94.79.1.x86_64",
"SUSE Linux Enterprise Server 12 SP3:kernel-default-man-4.4.175-94.79.1.s390x",
"SUSE Linux Enterprise Server 12 SP3:kernel-devel-4.4.175-94.79.1.noarch",
"SUSE Linux Enterprise Server 12 SP3:kernel-macros-4.4.175-94.79.1.noarch",
"SUSE Linux Enterprise Server 12 SP3:kernel-source-4.4.175-94.79.1.noarch",
"SUSE Linux Enterprise Server 12 SP3:kernel-syms-4.4.175-94.79.1.aarch64",
"SUSE Linux Enterprise Server 12 SP3:kernel-syms-4.4.175-94.79.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP3:kernel-syms-4.4.175-94.79.1.s390x",
"SUSE Linux Enterprise Server 12 SP3:kernel-syms-4.4.175-94.79.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-4.4.175-94.79.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-4.4.175-94.79.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-4.4.175-94.79.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-4.4.175-94.79.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-base-4.4.175-94.79.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-base-4.4.175-94.79.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-base-4.4.175-94.79.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-base-4.4.175-94.79.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-devel-4.4.175-94.79.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-devel-4.4.175-94.79.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-devel-4.4.175-94.79.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-devel-4.4.175-94.79.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-man-4.4.175-94.79.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-devel-4.4.175-94.79.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-macros-4.4.175-94.79.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-source-4.4.175-94.79.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-syms-4.4.175-94.79.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-syms-4.4.175-94.79.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-syms-4.4.175-94.79.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-syms-4.4.175-94.79.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP3:kernel-docs-4.4.175-94.79.1.noarch",
"SUSE Linux Enterprise Software Development Kit 12 SP3:kernel-obs-build-4.4.175-94.79.1.aarch64",
"SUSE Linux Enterprise Software Development Kit 12 SP3:kernel-obs-build-4.4.175-94.79.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP3:kernel-obs-build-4.4.175-94.79.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP3:kernel-obs-build-4.4.175-94.79.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 12 SP3:kernel-default-extra-4.4.175-94.79.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2019-03-04T16:45:36Z",
"details": "moderate"
}
],
"title": "CVE-2018-16862"
},
{
"cve": "CVE-2018-16884",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2018-16884"
}
],
"notes": [
{
"category": "general",
"text": "A flaw was found in the Linux kernel\u0027s NFS41+ subsystem. NFS41+ shares mounted in different network namespaces at the same time can make bc_svc_process() use wrong back-channel IDs and cause a use-after-free vulnerability. Thus a malicious container user can cause a host kernel memory corruption and a system panic. Due to the nature of the flaw, privilege escalation cannot be fully ruled out.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Desktop 12 SP3:kernel-default-4.4.175-94.79.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP3:kernel-default-devel-4.4.175-94.79.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP3:kernel-default-extra-4.4.175-94.79.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP3:kernel-devel-4.4.175-94.79.1.noarch",
"SUSE Linux Enterprise Desktop 12 SP3:kernel-macros-4.4.175-94.79.1.noarch",
"SUSE Linux Enterprise Desktop 12 SP3:kernel-source-4.4.175-94.79.1.noarch",
"SUSE Linux Enterprise Desktop 12 SP3:kernel-syms-4.4.175-94.79.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP3:cluster-md-kmp-default-4.4.175-94.79.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP3:cluster-md-kmp-default-4.4.175-94.79.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP3:cluster-md-kmp-default-4.4.175-94.79.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP3:dlm-kmp-default-4.4.175-94.79.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP3:dlm-kmp-default-4.4.175-94.79.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP3:dlm-kmp-default-4.4.175-94.79.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP3:gfs2-kmp-default-4.4.175-94.79.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP3:gfs2-kmp-default-4.4.175-94.79.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP3:gfs2-kmp-default-4.4.175-94.79.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP3:ocfs2-kmp-default-4.4.175-94.79.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP3:ocfs2-kmp-default-4.4.175-94.79.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP3:ocfs2-kmp-default-4.4.175-94.79.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP3:kgraft-patch-4_4_175-94_79-default-1-4.7.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP3:kgraft-patch-4_4_175-94_79-default-1-4.7.1.x86_64",
"SUSE Linux Enterprise Server 12 SP3:kernel-default-4.4.175-94.79.1.aarch64",
"SUSE Linux Enterprise Server 12 SP3:kernel-default-4.4.175-94.79.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP3:kernel-default-4.4.175-94.79.1.s390x",
"SUSE Linux Enterprise Server 12 SP3:kernel-default-4.4.175-94.79.1.x86_64",
"SUSE Linux Enterprise Server 12 SP3:kernel-default-base-4.4.175-94.79.1.aarch64",
"SUSE Linux Enterprise Server 12 SP3:kernel-default-base-4.4.175-94.79.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP3:kernel-default-base-4.4.175-94.79.1.s390x",
"SUSE Linux Enterprise Server 12 SP3:kernel-default-base-4.4.175-94.79.1.x86_64",
"SUSE Linux Enterprise Server 12 SP3:kernel-default-devel-4.4.175-94.79.1.aarch64",
"SUSE Linux Enterprise Server 12 SP3:kernel-default-devel-4.4.175-94.79.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP3:kernel-default-devel-4.4.175-94.79.1.s390x",
"SUSE Linux Enterprise Server 12 SP3:kernel-default-devel-4.4.175-94.79.1.x86_64",
"SUSE Linux Enterprise Server 12 SP3:kernel-default-man-4.4.175-94.79.1.s390x",
"SUSE Linux Enterprise Server 12 SP3:kernel-devel-4.4.175-94.79.1.noarch",
"SUSE Linux Enterprise Server 12 SP3:kernel-macros-4.4.175-94.79.1.noarch",
"SUSE Linux Enterprise Server 12 SP3:kernel-source-4.4.175-94.79.1.noarch",
"SUSE Linux Enterprise Server 12 SP3:kernel-syms-4.4.175-94.79.1.aarch64",
"SUSE Linux Enterprise Server 12 SP3:kernel-syms-4.4.175-94.79.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP3:kernel-syms-4.4.175-94.79.1.s390x",
"SUSE Linux Enterprise Server 12 SP3:kernel-syms-4.4.175-94.79.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-4.4.175-94.79.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-4.4.175-94.79.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-4.4.175-94.79.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-4.4.175-94.79.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-base-4.4.175-94.79.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-base-4.4.175-94.79.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-base-4.4.175-94.79.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-base-4.4.175-94.79.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-devel-4.4.175-94.79.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-devel-4.4.175-94.79.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-devel-4.4.175-94.79.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-devel-4.4.175-94.79.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-man-4.4.175-94.79.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-devel-4.4.175-94.79.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-macros-4.4.175-94.79.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-source-4.4.175-94.79.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-syms-4.4.175-94.79.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-syms-4.4.175-94.79.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-syms-4.4.175-94.79.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-syms-4.4.175-94.79.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP3:kernel-docs-4.4.175-94.79.1.noarch",
"SUSE Linux Enterprise Software Development Kit 12 SP3:kernel-obs-build-4.4.175-94.79.1.aarch64",
"SUSE Linux Enterprise Software Development Kit 12 SP3:kernel-obs-build-4.4.175-94.79.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP3:kernel-obs-build-4.4.175-94.79.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP3:kernel-obs-build-4.4.175-94.79.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 12 SP3:kernel-default-extra-4.4.175-94.79.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2018-16884",
"url": "https://www.suse.com/security/cve/CVE-2018-16884"
},
{
"category": "external",
"summary": "SUSE Bug 1119946 for CVE-2018-16884",
"url": "https://bugzilla.suse.com/1119946"
},
{
"category": "external",
"summary": "SUSE Bug 1119947 for CVE-2018-16884",
"url": "https://bugzilla.suse.com/1119947"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Desktop 12 SP3:kernel-default-4.4.175-94.79.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP3:kernel-default-devel-4.4.175-94.79.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP3:kernel-default-extra-4.4.175-94.79.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP3:kernel-devel-4.4.175-94.79.1.noarch",
"SUSE Linux Enterprise Desktop 12 SP3:kernel-macros-4.4.175-94.79.1.noarch",
"SUSE Linux Enterprise Desktop 12 SP3:kernel-source-4.4.175-94.79.1.noarch",
"SUSE Linux Enterprise Desktop 12 SP3:kernel-syms-4.4.175-94.79.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP3:cluster-md-kmp-default-4.4.175-94.79.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP3:cluster-md-kmp-default-4.4.175-94.79.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP3:cluster-md-kmp-default-4.4.175-94.79.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP3:dlm-kmp-default-4.4.175-94.79.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP3:dlm-kmp-default-4.4.175-94.79.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP3:dlm-kmp-default-4.4.175-94.79.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP3:gfs2-kmp-default-4.4.175-94.79.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP3:gfs2-kmp-default-4.4.175-94.79.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP3:gfs2-kmp-default-4.4.175-94.79.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP3:ocfs2-kmp-default-4.4.175-94.79.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP3:ocfs2-kmp-default-4.4.175-94.79.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP3:ocfs2-kmp-default-4.4.175-94.79.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP3:kgraft-patch-4_4_175-94_79-default-1-4.7.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP3:kgraft-patch-4_4_175-94_79-default-1-4.7.1.x86_64",
"SUSE Linux Enterprise Server 12 SP3:kernel-default-4.4.175-94.79.1.aarch64",
"SUSE Linux Enterprise Server 12 SP3:kernel-default-4.4.175-94.79.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP3:kernel-default-4.4.175-94.79.1.s390x",
"SUSE Linux Enterprise Server 12 SP3:kernel-default-4.4.175-94.79.1.x86_64",
"SUSE Linux Enterprise Server 12 SP3:kernel-default-base-4.4.175-94.79.1.aarch64",
"SUSE Linux Enterprise Server 12 SP3:kernel-default-base-4.4.175-94.79.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP3:kernel-default-base-4.4.175-94.79.1.s390x",
"SUSE Linux Enterprise Server 12 SP3:kernel-default-base-4.4.175-94.79.1.x86_64",
"SUSE Linux Enterprise Server 12 SP3:kernel-default-devel-4.4.175-94.79.1.aarch64",
"SUSE Linux Enterprise Server 12 SP3:kernel-default-devel-4.4.175-94.79.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP3:kernel-default-devel-4.4.175-94.79.1.s390x",
"SUSE Linux Enterprise Server 12 SP3:kernel-default-devel-4.4.175-94.79.1.x86_64",
"SUSE Linux Enterprise Server 12 SP3:kernel-default-man-4.4.175-94.79.1.s390x",
"SUSE Linux Enterprise Server 12 SP3:kernel-devel-4.4.175-94.79.1.noarch",
"SUSE Linux Enterprise Server 12 SP3:kernel-macros-4.4.175-94.79.1.noarch",
"SUSE Linux Enterprise Server 12 SP3:kernel-source-4.4.175-94.79.1.noarch",
"SUSE Linux Enterprise Server 12 SP3:kernel-syms-4.4.175-94.79.1.aarch64",
"SUSE Linux Enterprise Server 12 SP3:kernel-syms-4.4.175-94.79.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP3:kernel-syms-4.4.175-94.79.1.s390x",
"SUSE Linux Enterprise Server 12 SP3:kernel-syms-4.4.175-94.79.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-4.4.175-94.79.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-4.4.175-94.79.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-4.4.175-94.79.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-4.4.175-94.79.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-base-4.4.175-94.79.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-base-4.4.175-94.79.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-base-4.4.175-94.79.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-base-4.4.175-94.79.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-devel-4.4.175-94.79.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-devel-4.4.175-94.79.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-devel-4.4.175-94.79.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-devel-4.4.175-94.79.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-man-4.4.175-94.79.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-devel-4.4.175-94.79.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-macros-4.4.175-94.79.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-source-4.4.175-94.79.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-syms-4.4.175-94.79.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-syms-4.4.175-94.79.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-syms-4.4.175-94.79.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-syms-4.4.175-94.79.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP3:kernel-docs-4.4.175-94.79.1.noarch",
"SUSE Linux Enterprise Software Development Kit 12 SP3:kernel-obs-build-4.4.175-94.79.1.aarch64",
"SUSE Linux Enterprise Software Development Kit 12 SP3:kernel-obs-build-4.4.175-94.79.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP3:kernel-obs-build-4.4.175-94.79.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP3:kernel-obs-build-4.4.175-94.79.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 12 SP3:kernel-default-extra-4.4.175-94.79.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"products": [
"SUSE Linux Enterprise Desktop 12 SP3:kernel-default-4.4.175-94.79.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP3:kernel-default-devel-4.4.175-94.79.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP3:kernel-default-extra-4.4.175-94.79.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP3:kernel-devel-4.4.175-94.79.1.noarch",
"SUSE Linux Enterprise Desktop 12 SP3:kernel-macros-4.4.175-94.79.1.noarch",
"SUSE Linux Enterprise Desktop 12 SP3:kernel-source-4.4.175-94.79.1.noarch",
"SUSE Linux Enterprise Desktop 12 SP3:kernel-syms-4.4.175-94.79.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP3:cluster-md-kmp-default-4.4.175-94.79.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP3:cluster-md-kmp-default-4.4.175-94.79.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP3:cluster-md-kmp-default-4.4.175-94.79.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP3:dlm-kmp-default-4.4.175-94.79.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP3:dlm-kmp-default-4.4.175-94.79.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP3:dlm-kmp-default-4.4.175-94.79.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP3:gfs2-kmp-default-4.4.175-94.79.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP3:gfs2-kmp-default-4.4.175-94.79.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP3:gfs2-kmp-default-4.4.175-94.79.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP3:ocfs2-kmp-default-4.4.175-94.79.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP3:ocfs2-kmp-default-4.4.175-94.79.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP3:ocfs2-kmp-default-4.4.175-94.79.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP3:kgraft-patch-4_4_175-94_79-default-1-4.7.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP3:kgraft-patch-4_4_175-94_79-default-1-4.7.1.x86_64",
"SUSE Linux Enterprise Server 12 SP3:kernel-default-4.4.175-94.79.1.aarch64",
"SUSE Linux Enterprise Server 12 SP3:kernel-default-4.4.175-94.79.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP3:kernel-default-4.4.175-94.79.1.s390x",
"SUSE Linux Enterprise Server 12 SP3:kernel-default-4.4.175-94.79.1.x86_64",
"SUSE Linux Enterprise Server 12 SP3:kernel-default-base-4.4.175-94.79.1.aarch64",
"SUSE Linux Enterprise Server 12 SP3:kernel-default-base-4.4.175-94.79.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP3:kernel-default-base-4.4.175-94.79.1.s390x",
"SUSE Linux Enterprise Server 12 SP3:kernel-default-base-4.4.175-94.79.1.x86_64",
"SUSE Linux Enterprise Server 12 SP3:kernel-default-devel-4.4.175-94.79.1.aarch64",
"SUSE Linux Enterprise Server 12 SP3:kernel-default-devel-4.4.175-94.79.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP3:kernel-default-devel-4.4.175-94.79.1.s390x",
"SUSE Linux Enterprise Server 12 SP3:kernel-default-devel-4.4.175-94.79.1.x86_64",
"SUSE Linux Enterprise Server 12 SP3:kernel-default-man-4.4.175-94.79.1.s390x",
"SUSE Linux Enterprise Server 12 SP3:kernel-devel-4.4.175-94.79.1.noarch",
"SUSE Linux Enterprise Server 12 SP3:kernel-macros-4.4.175-94.79.1.noarch",
"SUSE Linux Enterprise Server 12 SP3:kernel-source-4.4.175-94.79.1.noarch",
"SUSE Linux Enterprise Server 12 SP3:kernel-syms-4.4.175-94.79.1.aarch64",
"SUSE Linux Enterprise Server 12 SP3:kernel-syms-4.4.175-94.79.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP3:kernel-syms-4.4.175-94.79.1.s390x",
"SUSE Linux Enterprise Server 12 SP3:kernel-syms-4.4.175-94.79.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-4.4.175-94.79.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-4.4.175-94.79.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-4.4.175-94.79.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-4.4.175-94.79.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-base-4.4.175-94.79.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-base-4.4.175-94.79.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-base-4.4.175-94.79.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-base-4.4.175-94.79.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-devel-4.4.175-94.79.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-devel-4.4.175-94.79.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-devel-4.4.175-94.79.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-devel-4.4.175-94.79.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-man-4.4.175-94.79.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-devel-4.4.175-94.79.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-macros-4.4.175-94.79.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-source-4.4.175-94.79.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-syms-4.4.175-94.79.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-syms-4.4.175-94.79.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-syms-4.4.175-94.79.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-syms-4.4.175-94.79.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP3:kernel-docs-4.4.175-94.79.1.noarch",
"SUSE Linux Enterprise Software Development Kit 12 SP3:kernel-obs-build-4.4.175-94.79.1.aarch64",
"SUSE Linux Enterprise Software Development Kit 12 SP3:kernel-obs-build-4.4.175-94.79.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP3:kernel-obs-build-4.4.175-94.79.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP3:kernel-obs-build-4.4.175-94.79.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 12 SP3:kernel-default-extra-4.4.175-94.79.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2019-03-04T16:45:36Z",
"details": "important"
}
],
"title": "CVE-2018-16884"
},
{
"cve": "CVE-2018-19407",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2018-19407"
}
],
"notes": [
{
"category": "general",
"text": "The vcpu_scan_ioapic function in arch/x86/kvm/x86.c in the Linux kernel through 4.19.2 allows local users to cause a denial of service (NULL pointer dereference and BUG) via crafted system calls that reach a situation where ioapic is uninitialized.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Desktop 12 SP3:kernel-default-4.4.175-94.79.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP3:kernel-default-devel-4.4.175-94.79.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP3:kernel-default-extra-4.4.175-94.79.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP3:kernel-devel-4.4.175-94.79.1.noarch",
"SUSE Linux Enterprise Desktop 12 SP3:kernel-macros-4.4.175-94.79.1.noarch",
"SUSE Linux Enterprise Desktop 12 SP3:kernel-source-4.4.175-94.79.1.noarch",
"SUSE Linux Enterprise Desktop 12 SP3:kernel-syms-4.4.175-94.79.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP3:cluster-md-kmp-default-4.4.175-94.79.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP3:cluster-md-kmp-default-4.4.175-94.79.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP3:cluster-md-kmp-default-4.4.175-94.79.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP3:dlm-kmp-default-4.4.175-94.79.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP3:dlm-kmp-default-4.4.175-94.79.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP3:dlm-kmp-default-4.4.175-94.79.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP3:gfs2-kmp-default-4.4.175-94.79.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP3:gfs2-kmp-default-4.4.175-94.79.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP3:gfs2-kmp-default-4.4.175-94.79.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP3:ocfs2-kmp-default-4.4.175-94.79.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP3:ocfs2-kmp-default-4.4.175-94.79.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP3:ocfs2-kmp-default-4.4.175-94.79.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP3:kgraft-patch-4_4_175-94_79-default-1-4.7.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP3:kgraft-patch-4_4_175-94_79-default-1-4.7.1.x86_64",
"SUSE Linux Enterprise Server 12 SP3:kernel-default-4.4.175-94.79.1.aarch64",
"SUSE Linux Enterprise Server 12 SP3:kernel-default-4.4.175-94.79.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP3:kernel-default-4.4.175-94.79.1.s390x",
"SUSE Linux Enterprise Server 12 SP3:kernel-default-4.4.175-94.79.1.x86_64",
"SUSE Linux Enterprise Server 12 SP3:kernel-default-base-4.4.175-94.79.1.aarch64",
"SUSE Linux Enterprise Server 12 SP3:kernel-default-base-4.4.175-94.79.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP3:kernel-default-base-4.4.175-94.79.1.s390x",
"SUSE Linux Enterprise Server 12 SP3:kernel-default-base-4.4.175-94.79.1.x86_64",
"SUSE Linux Enterprise Server 12 SP3:kernel-default-devel-4.4.175-94.79.1.aarch64",
"SUSE Linux Enterprise Server 12 SP3:kernel-default-devel-4.4.175-94.79.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP3:kernel-default-devel-4.4.175-94.79.1.s390x",
"SUSE Linux Enterprise Server 12 SP3:kernel-default-devel-4.4.175-94.79.1.x86_64",
"SUSE Linux Enterprise Server 12 SP3:kernel-default-man-4.4.175-94.79.1.s390x",
"SUSE Linux Enterprise Server 12 SP3:kernel-devel-4.4.175-94.79.1.noarch",
"SUSE Linux Enterprise Server 12 SP3:kernel-macros-4.4.175-94.79.1.noarch",
"SUSE Linux Enterprise Server 12 SP3:kernel-source-4.4.175-94.79.1.noarch",
"SUSE Linux Enterprise Server 12 SP3:kernel-syms-4.4.175-94.79.1.aarch64",
"SUSE Linux Enterprise Server 12 SP3:kernel-syms-4.4.175-94.79.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP3:kernel-syms-4.4.175-94.79.1.s390x",
"SUSE Linux Enterprise Server 12 SP3:kernel-syms-4.4.175-94.79.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-4.4.175-94.79.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-4.4.175-94.79.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-4.4.175-94.79.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-4.4.175-94.79.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-base-4.4.175-94.79.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-base-4.4.175-94.79.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-base-4.4.175-94.79.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-base-4.4.175-94.79.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-devel-4.4.175-94.79.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-devel-4.4.175-94.79.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-devel-4.4.175-94.79.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-devel-4.4.175-94.79.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-man-4.4.175-94.79.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-devel-4.4.175-94.79.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-macros-4.4.175-94.79.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-source-4.4.175-94.79.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-syms-4.4.175-94.79.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-syms-4.4.175-94.79.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-syms-4.4.175-94.79.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-syms-4.4.175-94.79.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP3:kernel-docs-4.4.175-94.79.1.noarch",
"SUSE Linux Enterprise Software Development Kit 12 SP3:kernel-obs-build-4.4.175-94.79.1.aarch64",
"SUSE Linux Enterprise Software Development Kit 12 SP3:kernel-obs-build-4.4.175-94.79.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP3:kernel-obs-build-4.4.175-94.79.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP3:kernel-obs-build-4.4.175-94.79.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 12 SP3:kernel-default-extra-4.4.175-94.79.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2018-19407",
"url": "https://www.suse.com/security/cve/CVE-2018-19407"
},
{
"category": "external",
"summary": "SUSE Bug 1116841 for CVE-2018-19407",
"url": "https://bugzilla.suse.com/1116841"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Desktop 12 SP3:kernel-default-4.4.175-94.79.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP3:kernel-default-devel-4.4.175-94.79.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP3:kernel-default-extra-4.4.175-94.79.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP3:kernel-devel-4.4.175-94.79.1.noarch",
"SUSE Linux Enterprise Desktop 12 SP3:kernel-macros-4.4.175-94.79.1.noarch",
"SUSE Linux Enterprise Desktop 12 SP3:kernel-source-4.4.175-94.79.1.noarch",
"SUSE Linux Enterprise Desktop 12 SP3:kernel-syms-4.4.175-94.79.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP3:cluster-md-kmp-default-4.4.175-94.79.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP3:cluster-md-kmp-default-4.4.175-94.79.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP3:cluster-md-kmp-default-4.4.175-94.79.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP3:dlm-kmp-default-4.4.175-94.79.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP3:dlm-kmp-default-4.4.175-94.79.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP3:dlm-kmp-default-4.4.175-94.79.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP3:gfs2-kmp-default-4.4.175-94.79.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP3:gfs2-kmp-default-4.4.175-94.79.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP3:gfs2-kmp-default-4.4.175-94.79.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP3:ocfs2-kmp-default-4.4.175-94.79.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP3:ocfs2-kmp-default-4.4.175-94.79.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP3:ocfs2-kmp-default-4.4.175-94.79.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP3:kgraft-patch-4_4_175-94_79-default-1-4.7.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP3:kgraft-patch-4_4_175-94_79-default-1-4.7.1.x86_64",
"SUSE Linux Enterprise Server 12 SP3:kernel-default-4.4.175-94.79.1.aarch64",
"SUSE Linux Enterprise Server 12 SP3:kernel-default-4.4.175-94.79.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP3:kernel-default-4.4.175-94.79.1.s390x",
"SUSE Linux Enterprise Server 12 SP3:kernel-default-4.4.175-94.79.1.x86_64",
"SUSE Linux Enterprise Server 12 SP3:kernel-default-base-4.4.175-94.79.1.aarch64",
"SUSE Linux Enterprise Server 12 SP3:kernel-default-base-4.4.175-94.79.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP3:kernel-default-base-4.4.175-94.79.1.s390x",
"SUSE Linux Enterprise Server 12 SP3:kernel-default-base-4.4.175-94.79.1.x86_64",
"SUSE Linux Enterprise Server 12 SP3:kernel-default-devel-4.4.175-94.79.1.aarch64",
"SUSE Linux Enterprise Server 12 SP3:kernel-default-devel-4.4.175-94.79.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP3:kernel-default-devel-4.4.175-94.79.1.s390x",
"SUSE Linux Enterprise Server 12 SP3:kernel-default-devel-4.4.175-94.79.1.x86_64",
"SUSE Linux Enterprise Server 12 SP3:kernel-default-man-4.4.175-94.79.1.s390x",
"SUSE Linux Enterprise Server 12 SP3:kernel-devel-4.4.175-94.79.1.noarch",
"SUSE Linux Enterprise Server 12 SP3:kernel-macros-4.4.175-94.79.1.noarch",
"SUSE Linux Enterprise Server 12 SP3:kernel-source-4.4.175-94.79.1.noarch",
"SUSE Linux Enterprise Server 12 SP3:kernel-syms-4.4.175-94.79.1.aarch64",
"SUSE Linux Enterprise Server 12 SP3:kernel-syms-4.4.175-94.79.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP3:kernel-syms-4.4.175-94.79.1.s390x",
"SUSE Linux Enterprise Server 12 SP3:kernel-syms-4.4.175-94.79.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-4.4.175-94.79.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-4.4.175-94.79.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-4.4.175-94.79.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-4.4.175-94.79.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-base-4.4.175-94.79.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-base-4.4.175-94.79.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-base-4.4.175-94.79.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-base-4.4.175-94.79.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-devel-4.4.175-94.79.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-devel-4.4.175-94.79.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-devel-4.4.175-94.79.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-devel-4.4.175-94.79.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-man-4.4.175-94.79.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-devel-4.4.175-94.79.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-macros-4.4.175-94.79.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-source-4.4.175-94.79.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-syms-4.4.175-94.79.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-syms-4.4.175-94.79.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-syms-4.4.175-94.79.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-syms-4.4.175-94.79.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP3:kernel-docs-4.4.175-94.79.1.noarch",
"SUSE Linux Enterprise Software Development Kit 12 SP3:kernel-obs-build-4.4.175-94.79.1.aarch64",
"SUSE Linux Enterprise Software Development Kit 12 SP3:kernel-obs-build-4.4.175-94.79.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP3:kernel-obs-build-4.4.175-94.79.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP3:kernel-obs-build-4.4.175-94.79.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 12 SP3:kernel-default-extra-4.4.175-94.79.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.0"
},
"products": [
"SUSE Linux Enterprise Desktop 12 SP3:kernel-default-4.4.175-94.79.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP3:kernel-default-devel-4.4.175-94.79.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP3:kernel-default-extra-4.4.175-94.79.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP3:kernel-devel-4.4.175-94.79.1.noarch",
"SUSE Linux Enterprise Desktop 12 SP3:kernel-macros-4.4.175-94.79.1.noarch",
"SUSE Linux Enterprise Desktop 12 SP3:kernel-source-4.4.175-94.79.1.noarch",
"SUSE Linux Enterprise Desktop 12 SP3:kernel-syms-4.4.175-94.79.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP3:cluster-md-kmp-default-4.4.175-94.79.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP3:cluster-md-kmp-default-4.4.175-94.79.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP3:cluster-md-kmp-default-4.4.175-94.79.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP3:dlm-kmp-default-4.4.175-94.79.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP3:dlm-kmp-default-4.4.175-94.79.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP3:dlm-kmp-default-4.4.175-94.79.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP3:gfs2-kmp-default-4.4.175-94.79.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP3:gfs2-kmp-default-4.4.175-94.79.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP3:gfs2-kmp-default-4.4.175-94.79.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP3:ocfs2-kmp-default-4.4.175-94.79.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP3:ocfs2-kmp-default-4.4.175-94.79.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP3:ocfs2-kmp-default-4.4.175-94.79.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP3:kgraft-patch-4_4_175-94_79-default-1-4.7.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP3:kgraft-patch-4_4_175-94_79-default-1-4.7.1.x86_64",
"SUSE Linux Enterprise Server 12 SP3:kernel-default-4.4.175-94.79.1.aarch64",
"SUSE Linux Enterprise Server 12 SP3:kernel-default-4.4.175-94.79.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP3:kernel-default-4.4.175-94.79.1.s390x",
"SUSE Linux Enterprise Server 12 SP3:kernel-default-4.4.175-94.79.1.x86_64",
"SUSE Linux Enterprise Server 12 SP3:kernel-default-base-4.4.175-94.79.1.aarch64",
"SUSE Linux Enterprise Server 12 SP3:kernel-default-base-4.4.175-94.79.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP3:kernel-default-base-4.4.175-94.79.1.s390x",
"SUSE Linux Enterprise Server 12 SP3:kernel-default-base-4.4.175-94.79.1.x86_64",
"SUSE Linux Enterprise Server 12 SP3:kernel-default-devel-4.4.175-94.79.1.aarch64",
"SUSE Linux Enterprise Server 12 SP3:kernel-default-devel-4.4.175-94.79.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP3:kernel-default-devel-4.4.175-94.79.1.s390x",
"SUSE Linux Enterprise Server 12 SP3:kernel-default-devel-4.4.175-94.79.1.x86_64",
"SUSE Linux Enterprise Server 12 SP3:kernel-default-man-4.4.175-94.79.1.s390x",
"SUSE Linux Enterprise Server 12 SP3:kernel-devel-4.4.175-94.79.1.noarch",
"SUSE Linux Enterprise Server 12 SP3:kernel-macros-4.4.175-94.79.1.noarch",
"SUSE Linux Enterprise Server 12 SP3:kernel-source-4.4.175-94.79.1.noarch",
"SUSE Linux Enterprise Server 12 SP3:kernel-syms-4.4.175-94.79.1.aarch64",
"SUSE Linux Enterprise Server 12 SP3:kernel-syms-4.4.175-94.79.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP3:kernel-syms-4.4.175-94.79.1.s390x",
"SUSE Linux Enterprise Server 12 SP3:kernel-syms-4.4.175-94.79.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-4.4.175-94.79.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-4.4.175-94.79.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-4.4.175-94.79.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-4.4.175-94.79.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-base-4.4.175-94.79.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-base-4.4.175-94.79.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-base-4.4.175-94.79.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-base-4.4.175-94.79.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-devel-4.4.175-94.79.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-devel-4.4.175-94.79.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-devel-4.4.175-94.79.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-devel-4.4.175-94.79.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-man-4.4.175-94.79.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-devel-4.4.175-94.79.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-macros-4.4.175-94.79.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-source-4.4.175-94.79.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-syms-4.4.175-94.79.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-syms-4.4.175-94.79.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-syms-4.4.175-94.79.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-syms-4.4.175-94.79.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP3:kernel-docs-4.4.175-94.79.1.noarch",
"SUSE Linux Enterprise Software Development Kit 12 SP3:kernel-obs-build-4.4.175-94.79.1.aarch64",
"SUSE Linux Enterprise Software Development Kit 12 SP3:kernel-obs-build-4.4.175-94.79.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP3:kernel-obs-build-4.4.175-94.79.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP3:kernel-obs-build-4.4.175-94.79.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 12 SP3:kernel-default-extra-4.4.175-94.79.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2019-03-04T16:45:36Z",
"details": "moderate"
}
],
"title": "CVE-2018-19407"
},
{
"cve": "CVE-2018-19824",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2018-19824"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel through 4.19.6, a local user could exploit a use-after-free in the ALSA driver by supplying a malicious USB Sound device (with zero interfaces) that is mishandled in usb_audio_probe in sound/usb/card.c.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Desktop 12 SP3:kernel-default-4.4.175-94.79.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP3:kernel-default-devel-4.4.175-94.79.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP3:kernel-default-extra-4.4.175-94.79.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP3:kernel-devel-4.4.175-94.79.1.noarch",
"SUSE Linux Enterprise Desktop 12 SP3:kernel-macros-4.4.175-94.79.1.noarch",
"SUSE Linux Enterprise Desktop 12 SP3:kernel-source-4.4.175-94.79.1.noarch",
"SUSE Linux Enterprise Desktop 12 SP3:kernel-syms-4.4.175-94.79.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP3:cluster-md-kmp-default-4.4.175-94.79.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP3:cluster-md-kmp-default-4.4.175-94.79.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP3:cluster-md-kmp-default-4.4.175-94.79.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP3:dlm-kmp-default-4.4.175-94.79.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP3:dlm-kmp-default-4.4.175-94.79.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP3:dlm-kmp-default-4.4.175-94.79.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP3:gfs2-kmp-default-4.4.175-94.79.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP3:gfs2-kmp-default-4.4.175-94.79.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP3:gfs2-kmp-default-4.4.175-94.79.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP3:ocfs2-kmp-default-4.4.175-94.79.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP3:ocfs2-kmp-default-4.4.175-94.79.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP3:ocfs2-kmp-default-4.4.175-94.79.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP3:kgraft-patch-4_4_175-94_79-default-1-4.7.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP3:kgraft-patch-4_4_175-94_79-default-1-4.7.1.x86_64",
"SUSE Linux Enterprise Server 12 SP3:kernel-default-4.4.175-94.79.1.aarch64",
"SUSE Linux Enterprise Server 12 SP3:kernel-default-4.4.175-94.79.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP3:kernel-default-4.4.175-94.79.1.s390x",
"SUSE Linux Enterprise Server 12 SP3:kernel-default-4.4.175-94.79.1.x86_64",
"SUSE Linux Enterprise Server 12 SP3:kernel-default-base-4.4.175-94.79.1.aarch64",
"SUSE Linux Enterprise Server 12 SP3:kernel-default-base-4.4.175-94.79.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP3:kernel-default-base-4.4.175-94.79.1.s390x",
"SUSE Linux Enterprise Server 12 SP3:kernel-default-base-4.4.175-94.79.1.x86_64",
"SUSE Linux Enterprise Server 12 SP3:kernel-default-devel-4.4.175-94.79.1.aarch64",
"SUSE Linux Enterprise Server 12 SP3:kernel-default-devel-4.4.175-94.79.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP3:kernel-default-devel-4.4.175-94.79.1.s390x",
"SUSE Linux Enterprise Server 12 SP3:kernel-default-devel-4.4.175-94.79.1.x86_64",
"SUSE Linux Enterprise Server 12 SP3:kernel-default-man-4.4.175-94.79.1.s390x",
"SUSE Linux Enterprise Server 12 SP3:kernel-devel-4.4.175-94.79.1.noarch",
"SUSE Linux Enterprise Server 12 SP3:kernel-macros-4.4.175-94.79.1.noarch",
"SUSE Linux Enterprise Server 12 SP3:kernel-source-4.4.175-94.79.1.noarch",
"SUSE Linux Enterprise Server 12 SP3:kernel-syms-4.4.175-94.79.1.aarch64",
"SUSE Linux Enterprise Server 12 SP3:kernel-syms-4.4.175-94.79.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP3:kernel-syms-4.4.175-94.79.1.s390x",
"SUSE Linux Enterprise Server 12 SP3:kernel-syms-4.4.175-94.79.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-4.4.175-94.79.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-4.4.175-94.79.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-4.4.175-94.79.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-4.4.175-94.79.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-base-4.4.175-94.79.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-base-4.4.175-94.79.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-base-4.4.175-94.79.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-base-4.4.175-94.79.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-devel-4.4.175-94.79.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-devel-4.4.175-94.79.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-devel-4.4.175-94.79.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-devel-4.4.175-94.79.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-man-4.4.175-94.79.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-devel-4.4.175-94.79.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-macros-4.4.175-94.79.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-source-4.4.175-94.79.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-syms-4.4.175-94.79.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-syms-4.4.175-94.79.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-syms-4.4.175-94.79.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-syms-4.4.175-94.79.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP3:kernel-docs-4.4.175-94.79.1.noarch",
"SUSE Linux Enterprise Software Development Kit 12 SP3:kernel-obs-build-4.4.175-94.79.1.aarch64",
"SUSE Linux Enterprise Software Development Kit 12 SP3:kernel-obs-build-4.4.175-94.79.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP3:kernel-obs-build-4.4.175-94.79.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP3:kernel-obs-build-4.4.175-94.79.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 12 SP3:kernel-default-extra-4.4.175-94.79.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2018-19824",
"url": "https://www.suse.com/security/cve/CVE-2018-19824"
},
{
"category": "external",
"summary": "SUSE Bug 1118152 for CVE-2018-19824",
"url": "https://bugzilla.suse.com/1118152"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Desktop 12 SP3:kernel-default-4.4.175-94.79.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP3:kernel-default-devel-4.4.175-94.79.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP3:kernel-default-extra-4.4.175-94.79.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP3:kernel-devel-4.4.175-94.79.1.noarch",
"SUSE Linux Enterprise Desktop 12 SP3:kernel-macros-4.4.175-94.79.1.noarch",
"SUSE Linux Enterprise Desktop 12 SP3:kernel-source-4.4.175-94.79.1.noarch",
"SUSE Linux Enterprise Desktop 12 SP3:kernel-syms-4.4.175-94.79.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP3:cluster-md-kmp-default-4.4.175-94.79.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP3:cluster-md-kmp-default-4.4.175-94.79.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP3:cluster-md-kmp-default-4.4.175-94.79.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP3:dlm-kmp-default-4.4.175-94.79.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP3:dlm-kmp-default-4.4.175-94.79.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP3:dlm-kmp-default-4.4.175-94.79.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP3:gfs2-kmp-default-4.4.175-94.79.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP3:gfs2-kmp-default-4.4.175-94.79.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP3:gfs2-kmp-default-4.4.175-94.79.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP3:ocfs2-kmp-default-4.4.175-94.79.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP3:ocfs2-kmp-default-4.4.175-94.79.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP3:ocfs2-kmp-default-4.4.175-94.79.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP3:kgraft-patch-4_4_175-94_79-default-1-4.7.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP3:kgraft-patch-4_4_175-94_79-default-1-4.7.1.x86_64",
"SUSE Linux Enterprise Server 12 SP3:kernel-default-4.4.175-94.79.1.aarch64",
"SUSE Linux Enterprise Server 12 SP3:kernel-default-4.4.175-94.79.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP3:kernel-default-4.4.175-94.79.1.s390x",
"SUSE Linux Enterprise Server 12 SP3:kernel-default-4.4.175-94.79.1.x86_64",
"SUSE Linux Enterprise Server 12 SP3:kernel-default-base-4.4.175-94.79.1.aarch64",
"SUSE Linux Enterprise Server 12 SP3:kernel-default-base-4.4.175-94.79.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP3:kernel-default-base-4.4.175-94.79.1.s390x",
"SUSE Linux Enterprise Server 12 SP3:kernel-default-base-4.4.175-94.79.1.x86_64",
"SUSE Linux Enterprise Server 12 SP3:kernel-default-devel-4.4.175-94.79.1.aarch64",
"SUSE Linux Enterprise Server 12 SP3:kernel-default-devel-4.4.175-94.79.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP3:kernel-default-devel-4.4.175-94.79.1.s390x",
"SUSE Linux Enterprise Server 12 SP3:kernel-default-devel-4.4.175-94.79.1.x86_64",
"SUSE Linux Enterprise Server 12 SP3:kernel-default-man-4.4.175-94.79.1.s390x",
"SUSE Linux Enterprise Server 12 SP3:kernel-devel-4.4.175-94.79.1.noarch",
"SUSE Linux Enterprise Server 12 SP3:kernel-macros-4.4.175-94.79.1.noarch",
"SUSE Linux Enterprise Server 12 SP3:kernel-source-4.4.175-94.79.1.noarch",
"SUSE Linux Enterprise Server 12 SP3:kernel-syms-4.4.175-94.79.1.aarch64",
"SUSE Linux Enterprise Server 12 SP3:kernel-syms-4.4.175-94.79.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP3:kernel-syms-4.4.175-94.79.1.s390x",
"SUSE Linux Enterprise Server 12 SP3:kernel-syms-4.4.175-94.79.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-4.4.175-94.79.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-4.4.175-94.79.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-4.4.175-94.79.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-4.4.175-94.79.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-base-4.4.175-94.79.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-base-4.4.175-94.79.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-base-4.4.175-94.79.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-base-4.4.175-94.79.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-devel-4.4.175-94.79.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-devel-4.4.175-94.79.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-devel-4.4.175-94.79.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-devel-4.4.175-94.79.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-man-4.4.175-94.79.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-devel-4.4.175-94.79.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-macros-4.4.175-94.79.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-source-4.4.175-94.79.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-syms-4.4.175-94.79.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-syms-4.4.175-94.79.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-syms-4.4.175-94.79.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-syms-4.4.175-94.79.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP3:kernel-docs-4.4.175-94.79.1.noarch",
"SUSE Linux Enterprise Software Development Kit 12 SP3:kernel-obs-build-4.4.175-94.79.1.aarch64",
"SUSE Linux Enterprise Software Development Kit 12 SP3:kernel-obs-build-4.4.175-94.79.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP3:kernel-obs-build-4.4.175-94.79.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP3:kernel-obs-build-4.4.175-94.79.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 12 SP3:kernel-default-extra-4.4.175-94.79.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.6,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.0/AV:P/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"products": [
"SUSE Linux Enterprise Desktop 12 SP3:kernel-default-4.4.175-94.79.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP3:kernel-default-devel-4.4.175-94.79.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP3:kernel-default-extra-4.4.175-94.79.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP3:kernel-devel-4.4.175-94.79.1.noarch",
"SUSE Linux Enterprise Desktop 12 SP3:kernel-macros-4.4.175-94.79.1.noarch",
"SUSE Linux Enterprise Desktop 12 SP3:kernel-source-4.4.175-94.79.1.noarch",
"SUSE Linux Enterprise Desktop 12 SP3:kernel-syms-4.4.175-94.79.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP3:cluster-md-kmp-default-4.4.175-94.79.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP3:cluster-md-kmp-default-4.4.175-94.79.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP3:cluster-md-kmp-default-4.4.175-94.79.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP3:dlm-kmp-default-4.4.175-94.79.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP3:dlm-kmp-default-4.4.175-94.79.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP3:dlm-kmp-default-4.4.175-94.79.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP3:gfs2-kmp-default-4.4.175-94.79.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP3:gfs2-kmp-default-4.4.175-94.79.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP3:gfs2-kmp-default-4.4.175-94.79.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP3:ocfs2-kmp-default-4.4.175-94.79.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP3:ocfs2-kmp-default-4.4.175-94.79.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP3:ocfs2-kmp-default-4.4.175-94.79.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP3:kgraft-patch-4_4_175-94_79-default-1-4.7.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP3:kgraft-patch-4_4_175-94_79-default-1-4.7.1.x86_64",
"SUSE Linux Enterprise Server 12 SP3:kernel-default-4.4.175-94.79.1.aarch64",
"SUSE Linux Enterprise Server 12 SP3:kernel-default-4.4.175-94.79.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP3:kernel-default-4.4.175-94.79.1.s390x",
"SUSE Linux Enterprise Server 12 SP3:kernel-default-4.4.175-94.79.1.x86_64",
"SUSE Linux Enterprise Server 12 SP3:kernel-default-base-4.4.175-94.79.1.aarch64",
"SUSE Linux Enterprise Server 12 SP3:kernel-default-base-4.4.175-94.79.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP3:kernel-default-base-4.4.175-94.79.1.s390x",
"SUSE Linux Enterprise Server 12 SP3:kernel-default-base-4.4.175-94.79.1.x86_64",
"SUSE Linux Enterprise Server 12 SP3:kernel-default-devel-4.4.175-94.79.1.aarch64",
"SUSE Linux Enterprise Server 12 SP3:kernel-default-devel-4.4.175-94.79.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP3:kernel-default-devel-4.4.175-94.79.1.s390x",
"SUSE Linux Enterprise Server 12 SP3:kernel-default-devel-4.4.175-94.79.1.x86_64",
"SUSE Linux Enterprise Server 12 SP3:kernel-default-man-4.4.175-94.79.1.s390x",
"SUSE Linux Enterprise Server 12 SP3:kernel-devel-4.4.175-94.79.1.noarch",
"SUSE Linux Enterprise Server 12 SP3:kernel-macros-4.4.175-94.79.1.noarch",
"SUSE Linux Enterprise Server 12 SP3:kernel-source-4.4.175-94.79.1.noarch",
"SUSE Linux Enterprise Server 12 SP3:kernel-syms-4.4.175-94.79.1.aarch64",
"SUSE Linux Enterprise Server 12 SP3:kernel-syms-4.4.175-94.79.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP3:kernel-syms-4.4.175-94.79.1.s390x",
"SUSE Linux Enterprise Server 12 SP3:kernel-syms-4.4.175-94.79.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-4.4.175-94.79.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-4.4.175-94.79.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-4.4.175-94.79.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-4.4.175-94.79.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-base-4.4.175-94.79.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-base-4.4.175-94.79.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-base-4.4.175-94.79.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-base-4.4.175-94.79.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-devel-4.4.175-94.79.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-devel-4.4.175-94.79.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-devel-4.4.175-94.79.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-devel-4.4.175-94.79.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-man-4.4.175-94.79.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-devel-4.4.175-94.79.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-macros-4.4.175-94.79.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-source-4.4.175-94.79.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-syms-4.4.175-94.79.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-syms-4.4.175-94.79.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-syms-4.4.175-94.79.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-syms-4.4.175-94.79.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP3:kernel-docs-4.4.175-94.79.1.noarch",
"SUSE Linux Enterprise Software Development Kit 12 SP3:kernel-obs-build-4.4.175-94.79.1.aarch64",
"SUSE Linux Enterprise Software Development Kit 12 SP3:kernel-obs-build-4.4.175-94.79.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP3:kernel-obs-build-4.4.175-94.79.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP3:kernel-obs-build-4.4.175-94.79.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 12 SP3:kernel-default-extra-4.4.175-94.79.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2019-03-04T16:45:36Z",
"details": "moderate"
}
],
"title": "CVE-2018-19824"
},
{
"cve": "CVE-2018-19985",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2018-19985"
}
],
"notes": [
{
"category": "general",
"text": "The function hso_get_config_data in drivers/net/usb/hso.c in the Linux kernel through 4.19.8 reads if_num from the USB device (as a u8) and uses it to index a small array, resulting in an object out-of-bounds (OOB) read that potentially allows arbitrary read in the kernel address space.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Desktop 12 SP3:kernel-default-4.4.175-94.79.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP3:kernel-default-devel-4.4.175-94.79.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP3:kernel-default-extra-4.4.175-94.79.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP3:kernel-devel-4.4.175-94.79.1.noarch",
"SUSE Linux Enterprise Desktop 12 SP3:kernel-macros-4.4.175-94.79.1.noarch",
"SUSE Linux Enterprise Desktop 12 SP3:kernel-source-4.4.175-94.79.1.noarch",
"SUSE Linux Enterprise Desktop 12 SP3:kernel-syms-4.4.175-94.79.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP3:cluster-md-kmp-default-4.4.175-94.79.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP3:cluster-md-kmp-default-4.4.175-94.79.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP3:cluster-md-kmp-default-4.4.175-94.79.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP3:dlm-kmp-default-4.4.175-94.79.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP3:dlm-kmp-default-4.4.175-94.79.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP3:dlm-kmp-default-4.4.175-94.79.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP3:gfs2-kmp-default-4.4.175-94.79.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP3:gfs2-kmp-default-4.4.175-94.79.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP3:gfs2-kmp-default-4.4.175-94.79.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP3:ocfs2-kmp-default-4.4.175-94.79.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP3:ocfs2-kmp-default-4.4.175-94.79.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP3:ocfs2-kmp-default-4.4.175-94.79.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP3:kgraft-patch-4_4_175-94_79-default-1-4.7.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP3:kgraft-patch-4_4_175-94_79-default-1-4.7.1.x86_64",
"SUSE Linux Enterprise Server 12 SP3:kernel-default-4.4.175-94.79.1.aarch64",
"SUSE Linux Enterprise Server 12 SP3:kernel-default-4.4.175-94.79.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP3:kernel-default-4.4.175-94.79.1.s390x",
"SUSE Linux Enterprise Server 12 SP3:kernel-default-4.4.175-94.79.1.x86_64",
"SUSE Linux Enterprise Server 12 SP3:kernel-default-base-4.4.175-94.79.1.aarch64",
"SUSE Linux Enterprise Server 12 SP3:kernel-default-base-4.4.175-94.79.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP3:kernel-default-base-4.4.175-94.79.1.s390x",
"SUSE Linux Enterprise Server 12 SP3:kernel-default-base-4.4.175-94.79.1.x86_64",
"SUSE Linux Enterprise Server 12 SP3:kernel-default-devel-4.4.175-94.79.1.aarch64",
"SUSE Linux Enterprise Server 12 SP3:kernel-default-devel-4.4.175-94.79.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP3:kernel-default-devel-4.4.175-94.79.1.s390x",
"SUSE Linux Enterprise Server 12 SP3:kernel-default-devel-4.4.175-94.79.1.x86_64",
"SUSE Linux Enterprise Server 12 SP3:kernel-default-man-4.4.175-94.79.1.s390x",
"SUSE Linux Enterprise Server 12 SP3:kernel-devel-4.4.175-94.79.1.noarch",
"SUSE Linux Enterprise Server 12 SP3:kernel-macros-4.4.175-94.79.1.noarch",
"SUSE Linux Enterprise Server 12 SP3:kernel-source-4.4.175-94.79.1.noarch",
"SUSE Linux Enterprise Server 12 SP3:kernel-syms-4.4.175-94.79.1.aarch64",
"SUSE Linux Enterprise Server 12 SP3:kernel-syms-4.4.175-94.79.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP3:kernel-syms-4.4.175-94.79.1.s390x",
"SUSE Linux Enterprise Server 12 SP3:kernel-syms-4.4.175-94.79.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-4.4.175-94.79.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-4.4.175-94.79.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-4.4.175-94.79.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-4.4.175-94.79.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-base-4.4.175-94.79.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-base-4.4.175-94.79.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-base-4.4.175-94.79.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-base-4.4.175-94.79.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-devel-4.4.175-94.79.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-devel-4.4.175-94.79.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-devel-4.4.175-94.79.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-devel-4.4.175-94.79.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-man-4.4.175-94.79.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-devel-4.4.175-94.79.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-macros-4.4.175-94.79.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-source-4.4.175-94.79.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-syms-4.4.175-94.79.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-syms-4.4.175-94.79.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-syms-4.4.175-94.79.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-syms-4.4.175-94.79.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP3:kernel-docs-4.4.175-94.79.1.noarch",
"SUSE Linux Enterprise Software Development Kit 12 SP3:kernel-obs-build-4.4.175-94.79.1.aarch64",
"SUSE Linux Enterprise Software Development Kit 12 SP3:kernel-obs-build-4.4.175-94.79.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP3:kernel-obs-build-4.4.175-94.79.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP3:kernel-obs-build-4.4.175-94.79.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 12 SP3:kernel-default-extra-4.4.175-94.79.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2018-19985",
"url": "https://www.suse.com/security/cve/CVE-2018-19985"
},
{
"category": "external",
"summary": "SUSE Bug 1120743 for CVE-2018-19985",
"url": "https://bugzilla.suse.com/1120743"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Desktop 12 SP3:kernel-default-4.4.175-94.79.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP3:kernel-default-devel-4.4.175-94.79.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP3:kernel-default-extra-4.4.175-94.79.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP3:kernel-devel-4.4.175-94.79.1.noarch",
"SUSE Linux Enterprise Desktop 12 SP3:kernel-macros-4.4.175-94.79.1.noarch",
"SUSE Linux Enterprise Desktop 12 SP3:kernel-source-4.4.175-94.79.1.noarch",
"SUSE Linux Enterprise Desktop 12 SP3:kernel-syms-4.4.175-94.79.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP3:cluster-md-kmp-default-4.4.175-94.79.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP3:cluster-md-kmp-default-4.4.175-94.79.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP3:cluster-md-kmp-default-4.4.175-94.79.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP3:dlm-kmp-default-4.4.175-94.79.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP3:dlm-kmp-default-4.4.175-94.79.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP3:dlm-kmp-default-4.4.175-94.79.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP3:gfs2-kmp-default-4.4.175-94.79.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP3:gfs2-kmp-default-4.4.175-94.79.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP3:gfs2-kmp-default-4.4.175-94.79.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP3:ocfs2-kmp-default-4.4.175-94.79.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP3:ocfs2-kmp-default-4.4.175-94.79.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP3:ocfs2-kmp-default-4.4.175-94.79.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP3:kgraft-patch-4_4_175-94_79-default-1-4.7.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP3:kgraft-patch-4_4_175-94_79-default-1-4.7.1.x86_64",
"SUSE Linux Enterprise Server 12 SP3:kernel-default-4.4.175-94.79.1.aarch64",
"SUSE Linux Enterprise Server 12 SP3:kernel-default-4.4.175-94.79.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP3:kernel-default-4.4.175-94.79.1.s390x",
"SUSE Linux Enterprise Server 12 SP3:kernel-default-4.4.175-94.79.1.x86_64",
"SUSE Linux Enterprise Server 12 SP3:kernel-default-base-4.4.175-94.79.1.aarch64",
"SUSE Linux Enterprise Server 12 SP3:kernel-default-base-4.4.175-94.79.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP3:kernel-default-base-4.4.175-94.79.1.s390x",
"SUSE Linux Enterprise Server 12 SP3:kernel-default-base-4.4.175-94.79.1.x86_64",
"SUSE Linux Enterprise Server 12 SP3:kernel-default-devel-4.4.175-94.79.1.aarch64",
"SUSE Linux Enterprise Server 12 SP3:kernel-default-devel-4.4.175-94.79.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP3:kernel-default-devel-4.4.175-94.79.1.s390x",
"SUSE Linux Enterprise Server 12 SP3:kernel-default-devel-4.4.175-94.79.1.x86_64",
"SUSE Linux Enterprise Server 12 SP3:kernel-default-man-4.4.175-94.79.1.s390x",
"SUSE Linux Enterprise Server 12 SP3:kernel-devel-4.4.175-94.79.1.noarch",
"SUSE Linux Enterprise Server 12 SP3:kernel-macros-4.4.175-94.79.1.noarch",
"SUSE Linux Enterprise Server 12 SP3:kernel-source-4.4.175-94.79.1.noarch",
"SUSE Linux Enterprise Server 12 SP3:kernel-syms-4.4.175-94.79.1.aarch64",
"SUSE Linux Enterprise Server 12 SP3:kernel-syms-4.4.175-94.79.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP3:kernel-syms-4.4.175-94.79.1.s390x",
"SUSE Linux Enterprise Server 12 SP3:kernel-syms-4.4.175-94.79.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-4.4.175-94.79.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-4.4.175-94.79.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-4.4.175-94.79.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-4.4.175-94.79.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-base-4.4.175-94.79.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-base-4.4.175-94.79.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-base-4.4.175-94.79.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-base-4.4.175-94.79.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-devel-4.4.175-94.79.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-devel-4.4.175-94.79.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-devel-4.4.175-94.79.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-devel-4.4.175-94.79.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-man-4.4.175-94.79.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-devel-4.4.175-94.79.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-macros-4.4.175-94.79.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-source-4.4.175-94.79.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-syms-4.4.175-94.79.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-syms-4.4.175-94.79.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-syms-4.4.175-94.79.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-syms-4.4.175-94.79.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP3:kernel-docs-4.4.175-94.79.1.noarch",
"SUSE Linux Enterprise Software Development Kit 12 SP3:kernel-obs-build-4.4.175-94.79.1.aarch64",
"SUSE Linux Enterprise Software Development Kit 12 SP3:kernel-obs-build-4.4.175-94.79.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP3:kernel-obs-build-4.4.175-94.79.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP3:kernel-obs-build-4.4.175-94.79.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 12 SP3:kernel-default-extra-4.4.175-94.79.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N",
"version": "3.0"
},
"products": [
"SUSE Linux Enterprise Desktop 12 SP3:kernel-default-4.4.175-94.79.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP3:kernel-default-devel-4.4.175-94.79.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP3:kernel-default-extra-4.4.175-94.79.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP3:kernel-devel-4.4.175-94.79.1.noarch",
"SUSE Linux Enterprise Desktop 12 SP3:kernel-macros-4.4.175-94.79.1.noarch",
"SUSE Linux Enterprise Desktop 12 SP3:kernel-source-4.4.175-94.79.1.noarch",
"SUSE Linux Enterprise Desktop 12 SP3:kernel-syms-4.4.175-94.79.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP3:cluster-md-kmp-default-4.4.175-94.79.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP3:cluster-md-kmp-default-4.4.175-94.79.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP3:cluster-md-kmp-default-4.4.175-94.79.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP3:dlm-kmp-default-4.4.175-94.79.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP3:dlm-kmp-default-4.4.175-94.79.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP3:dlm-kmp-default-4.4.175-94.79.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP3:gfs2-kmp-default-4.4.175-94.79.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP3:gfs2-kmp-default-4.4.175-94.79.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP3:gfs2-kmp-default-4.4.175-94.79.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP3:ocfs2-kmp-default-4.4.175-94.79.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP3:ocfs2-kmp-default-4.4.175-94.79.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP3:ocfs2-kmp-default-4.4.175-94.79.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP3:kgraft-patch-4_4_175-94_79-default-1-4.7.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP3:kgraft-patch-4_4_175-94_79-default-1-4.7.1.x86_64",
"SUSE Linux Enterprise Server 12 SP3:kernel-default-4.4.175-94.79.1.aarch64",
"SUSE Linux Enterprise Server 12 SP3:kernel-default-4.4.175-94.79.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP3:kernel-default-4.4.175-94.79.1.s390x",
"SUSE Linux Enterprise Server 12 SP3:kernel-default-4.4.175-94.79.1.x86_64",
"SUSE Linux Enterprise Server 12 SP3:kernel-default-base-4.4.175-94.79.1.aarch64",
"SUSE Linux Enterprise Server 12 SP3:kernel-default-base-4.4.175-94.79.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP3:kernel-default-base-4.4.175-94.79.1.s390x",
"SUSE Linux Enterprise Server 12 SP3:kernel-default-base-4.4.175-94.79.1.x86_64",
"SUSE Linux Enterprise Server 12 SP3:kernel-default-devel-4.4.175-94.79.1.aarch64",
"SUSE Linux Enterprise Server 12 SP3:kernel-default-devel-4.4.175-94.79.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP3:kernel-default-devel-4.4.175-94.79.1.s390x",
"SUSE Linux Enterprise Server 12 SP3:kernel-default-devel-4.4.175-94.79.1.x86_64",
"SUSE Linux Enterprise Server 12 SP3:kernel-default-man-4.4.175-94.79.1.s390x",
"SUSE Linux Enterprise Server 12 SP3:kernel-devel-4.4.175-94.79.1.noarch",
"SUSE Linux Enterprise Server 12 SP3:kernel-macros-4.4.175-94.79.1.noarch",
"SUSE Linux Enterprise Server 12 SP3:kernel-source-4.4.175-94.79.1.noarch",
"SUSE Linux Enterprise Server 12 SP3:kernel-syms-4.4.175-94.79.1.aarch64",
"SUSE Linux Enterprise Server 12 SP3:kernel-syms-4.4.175-94.79.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP3:kernel-syms-4.4.175-94.79.1.s390x",
"SUSE Linux Enterprise Server 12 SP3:kernel-syms-4.4.175-94.79.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-4.4.175-94.79.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-4.4.175-94.79.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-4.4.175-94.79.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-4.4.175-94.79.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-base-4.4.175-94.79.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-base-4.4.175-94.79.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-base-4.4.175-94.79.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-base-4.4.175-94.79.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-devel-4.4.175-94.79.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-devel-4.4.175-94.79.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-devel-4.4.175-94.79.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-devel-4.4.175-94.79.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-man-4.4.175-94.79.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-devel-4.4.175-94.79.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-macros-4.4.175-94.79.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-source-4.4.175-94.79.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-syms-4.4.175-94.79.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-syms-4.4.175-94.79.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-syms-4.4.175-94.79.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-syms-4.4.175-94.79.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP3:kernel-docs-4.4.175-94.79.1.noarch",
"SUSE Linux Enterprise Software Development Kit 12 SP3:kernel-obs-build-4.4.175-94.79.1.aarch64",
"SUSE Linux Enterprise Software Development Kit 12 SP3:kernel-obs-build-4.4.175-94.79.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP3:kernel-obs-build-4.4.175-94.79.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP3:kernel-obs-build-4.4.175-94.79.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 12 SP3:kernel-default-extra-4.4.175-94.79.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2019-03-04T16:45:36Z",
"details": "low"
}
],
"title": "CVE-2018-19985"
},
{
"cve": "CVE-2018-20169",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2018-20169"
}
],
"notes": [
{
"category": "general",
"text": "An issue was discovered in the Linux kernel before 4.19.9. The USB subsystem mishandles size checks during the reading of an extra descriptor, related to __usb_get_extra_descriptor in drivers/usb/core/usb.c.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Desktop 12 SP3:kernel-default-4.4.175-94.79.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP3:kernel-default-devel-4.4.175-94.79.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP3:kernel-default-extra-4.4.175-94.79.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP3:kernel-devel-4.4.175-94.79.1.noarch",
"SUSE Linux Enterprise Desktop 12 SP3:kernel-macros-4.4.175-94.79.1.noarch",
"SUSE Linux Enterprise Desktop 12 SP3:kernel-source-4.4.175-94.79.1.noarch",
"SUSE Linux Enterprise Desktop 12 SP3:kernel-syms-4.4.175-94.79.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP3:cluster-md-kmp-default-4.4.175-94.79.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP3:cluster-md-kmp-default-4.4.175-94.79.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP3:cluster-md-kmp-default-4.4.175-94.79.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP3:dlm-kmp-default-4.4.175-94.79.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP3:dlm-kmp-default-4.4.175-94.79.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP3:dlm-kmp-default-4.4.175-94.79.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP3:gfs2-kmp-default-4.4.175-94.79.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP3:gfs2-kmp-default-4.4.175-94.79.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP3:gfs2-kmp-default-4.4.175-94.79.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP3:ocfs2-kmp-default-4.4.175-94.79.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP3:ocfs2-kmp-default-4.4.175-94.79.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP3:ocfs2-kmp-default-4.4.175-94.79.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP3:kgraft-patch-4_4_175-94_79-default-1-4.7.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP3:kgraft-patch-4_4_175-94_79-default-1-4.7.1.x86_64",
"SUSE Linux Enterprise Server 12 SP3:kernel-default-4.4.175-94.79.1.aarch64",
"SUSE Linux Enterprise Server 12 SP3:kernel-default-4.4.175-94.79.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP3:kernel-default-4.4.175-94.79.1.s390x",
"SUSE Linux Enterprise Server 12 SP3:kernel-default-4.4.175-94.79.1.x86_64",
"SUSE Linux Enterprise Server 12 SP3:kernel-default-base-4.4.175-94.79.1.aarch64",
"SUSE Linux Enterprise Server 12 SP3:kernel-default-base-4.4.175-94.79.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP3:kernel-default-base-4.4.175-94.79.1.s390x",
"SUSE Linux Enterprise Server 12 SP3:kernel-default-base-4.4.175-94.79.1.x86_64",
"SUSE Linux Enterprise Server 12 SP3:kernel-default-devel-4.4.175-94.79.1.aarch64",
"SUSE Linux Enterprise Server 12 SP3:kernel-default-devel-4.4.175-94.79.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP3:kernel-default-devel-4.4.175-94.79.1.s390x",
"SUSE Linux Enterprise Server 12 SP3:kernel-default-devel-4.4.175-94.79.1.x86_64",
"SUSE Linux Enterprise Server 12 SP3:kernel-default-man-4.4.175-94.79.1.s390x",
"SUSE Linux Enterprise Server 12 SP3:kernel-devel-4.4.175-94.79.1.noarch",
"SUSE Linux Enterprise Server 12 SP3:kernel-macros-4.4.175-94.79.1.noarch",
"SUSE Linux Enterprise Server 12 SP3:kernel-source-4.4.175-94.79.1.noarch",
"SUSE Linux Enterprise Server 12 SP3:kernel-syms-4.4.175-94.79.1.aarch64",
"SUSE Linux Enterprise Server 12 SP3:kernel-syms-4.4.175-94.79.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP3:kernel-syms-4.4.175-94.79.1.s390x",
"SUSE Linux Enterprise Server 12 SP3:kernel-syms-4.4.175-94.79.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-4.4.175-94.79.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-4.4.175-94.79.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-4.4.175-94.79.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-4.4.175-94.79.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-base-4.4.175-94.79.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-base-4.4.175-94.79.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-base-4.4.175-94.79.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-base-4.4.175-94.79.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-devel-4.4.175-94.79.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-devel-4.4.175-94.79.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-devel-4.4.175-94.79.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-devel-4.4.175-94.79.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-man-4.4.175-94.79.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-devel-4.4.175-94.79.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-macros-4.4.175-94.79.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-source-4.4.175-94.79.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-syms-4.4.175-94.79.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-syms-4.4.175-94.79.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-syms-4.4.175-94.79.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-syms-4.4.175-94.79.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP3:kernel-docs-4.4.175-94.79.1.noarch",
"SUSE Linux Enterprise Software Development Kit 12 SP3:kernel-obs-build-4.4.175-94.79.1.aarch64",
"SUSE Linux Enterprise Software Development Kit 12 SP3:kernel-obs-build-4.4.175-94.79.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP3:kernel-obs-build-4.4.175-94.79.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP3:kernel-obs-build-4.4.175-94.79.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 12 SP3:kernel-default-extra-4.4.175-94.79.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2018-20169",
"url": "https://www.suse.com/security/cve/CVE-2018-20169"
},
{
"category": "external",
"summary": "SUSE Bug 1119714 for CVE-2018-20169",
"url": "https://bugzilla.suse.com/1119714"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Desktop 12 SP3:kernel-default-4.4.175-94.79.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP3:kernel-default-devel-4.4.175-94.79.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP3:kernel-default-extra-4.4.175-94.79.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP3:kernel-devel-4.4.175-94.79.1.noarch",
"SUSE Linux Enterprise Desktop 12 SP3:kernel-macros-4.4.175-94.79.1.noarch",
"SUSE Linux Enterprise Desktop 12 SP3:kernel-source-4.4.175-94.79.1.noarch",
"SUSE Linux Enterprise Desktop 12 SP3:kernel-syms-4.4.175-94.79.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP3:cluster-md-kmp-default-4.4.175-94.79.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP3:cluster-md-kmp-default-4.4.175-94.79.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP3:cluster-md-kmp-default-4.4.175-94.79.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP3:dlm-kmp-default-4.4.175-94.79.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP3:dlm-kmp-default-4.4.175-94.79.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP3:dlm-kmp-default-4.4.175-94.79.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP3:gfs2-kmp-default-4.4.175-94.79.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP3:gfs2-kmp-default-4.4.175-94.79.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP3:gfs2-kmp-default-4.4.175-94.79.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP3:ocfs2-kmp-default-4.4.175-94.79.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP3:ocfs2-kmp-default-4.4.175-94.79.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP3:ocfs2-kmp-default-4.4.175-94.79.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP3:kgraft-patch-4_4_175-94_79-default-1-4.7.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP3:kgraft-patch-4_4_175-94_79-default-1-4.7.1.x86_64",
"SUSE Linux Enterprise Server 12 SP3:kernel-default-4.4.175-94.79.1.aarch64",
"SUSE Linux Enterprise Server 12 SP3:kernel-default-4.4.175-94.79.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP3:kernel-default-4.4.175-94.79.1.s390x",
"SUSE Linux Enterprise Server 12 SP3:kernel-default-4.4.175-94.79.1.x86_64",
"SUSE Linux Enterprise Server 12 SP3:kernel-default-base-4.4.175-94.79.1.aarch64",
"SUSE Linux Enterprise Server 12 SP3:kernel-default-base-4.4.175-94.79.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP3:kernel-default-base-4.4.175-94.79.1.s390x",
"SUSE Linux Enterprise Server 12 SP3:kernel-default-base-4.4.175-94.79.1.x86_64",
"SUSE Linux Enterprise Server 12 SP3:kernel-default-devel-4.4.175-94.79.1.aarch64",
"SUSE Linux Enterprise Server 12 SP3:kernel-default-devel-4.4.175-94.79.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP3:kernel-default-devel-4.4.175-94.79.1.s390x",
"SUSE Linux Enterprise Server 12 SP3:kernel-default-devel-4.4.175-94.79.1.x86_64",
"SUSE Linux Enterprise Server 12 SP3:kernel-default-man-4.4.175-94.79.1.s390x",
"SUSE Linux Enterprise Server 12 SP3:kernel-devel-4.4.175-94.79.1.noarch",
"SUSE Linux Enterprise Server 12 SP3:kernel-macros-4.4.175-94.79.1.noarch",
"SUSE Linux Enterprise Server 12 SP3:kernel-source-4.4.175-94.79.1.noarch",
"SUSE Linux Enterprise Server 12 SP3:kernel-syms-4.4.175-94.79.1.aarch64",
"SUSE Linux Enterprise Server 12 SP3:kernel-syms-4.4.175-94.79.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP3:kernel-syms-4.4.175-94.79.1.s390x",
"SUSE Linux Enterprise Server 12 SP3:kernel-syms-4.4.175-94.79.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-4.4.175-94.79.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-4.4.175-94.79.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-4.4.175-94.79.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-4.4.175-94.79.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-base-4.4.175-94.79.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-base-4.4.175-94.79.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-base-4.4.175-94.79.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-base-4.4.175-94.79.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-devel-4.4.175-94.79.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-devel-4.4.175-94.79.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-devel-4.4.175-94.79.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-devel-4.4.175-94.79.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-man-4.4.175-94.79.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-devel-4.4.175-94.79.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-macros-4.4.175-94.79.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-source-4.4.175-94.79.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-syms-4.4.175-94.79.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-syms-4.4.175-94.79.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-syms-4.4.175-94.79.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-syms-4.4.175-94.79.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP3:kernel-docs-4.4.175-94.79.1.noarch",
"SUSE Linux Enterprise Software Development Kit 12 SP3:kernel-obs-build-4.4.175-94.79.1.aarch64",
"SUSE Linux Enterprise Software Development Kit 12 SP3:kernel-obs-build-4.4.175-94.79.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP3:kernel-obs-build-4.4.175-94.79.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP3:kernel-obs-build-4.4.175-94.79.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 12 SP3:kernel-default-extra-4.4.175-94.79.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.0/AV:P/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"products": [
"SUSE Linux Enterprise Desktop 12 SP3:kernel-default-4.4.175-94.79.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP3:kernel-default-devel-4.4.175-94.79.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP3:kernel-default-extra-4.4.175-94.79.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP3:kernel-devel-4.4.175-94.79.1.noarch",
"SUSE Linux Enterprise Desktop 12 SP3:kernel-macros-4.4.175-94.79.1.noarch",
"SUSE Linux Enterprise Desktop 12 SP3:kernel-source-4.4.175-94.79.1.noarch",
"SUSE Linux Enterprise Desktop 12 SP3:kernel-syms-4.4.175-94.79.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP3:cluster-md-kmp-default-4.4.175-94.79.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP3:cluster-md-kmp-default-4.4.175-94.79.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP3:cluster-md-kmp-default-4.4.175-94.79.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP3:dlm-kmp-default-4.4.175-94.79.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP3:dlm-kmp-default-4.4.175-94.79.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP3:dlm-kmp-default-4.4.175-94.79.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP3:gfs2-kmp-default-4.4.175-94.79.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP3:gfs2-kmp-default-4.4.175-94.79.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP3:gfs2-kmp-default-4.4.175-94.79.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP3:ocfs2-kmp-default-4.4.175-94.79.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP3:ocfs2-kmp-default-4.4.175-94.79.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP3:ocfs2-kmp-default-4.4.175-94.79.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP3:kgraft-patch-4_4_175-94_79-default-1-4.7.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP3:kgraft-patch-4_4_175-94_79-default-1-4.7.1.x86_64",
"SUSE Linux Enterprise Server 12 SP3:kernel-default-4.4.175-94.79.1.aarch64",
"SUSE Linux Enterprise Server 12 SP3:kernel-default-4.4.175-94.79.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP3:kernel-default-4.4.175-94.79.1.s390x",
"SUSE Linux Enterprise Server 12 SP3:kernel-default-4.4.175-94.79.1.x86_64",
"SUSE Linux Enterprise Server 12 SP3:kernel-default-base-4.4.175-94.79.1.aarch64",
"SUSE Linux Enterprise Server 12 SP3:kernel-default-base-4.4.175-94.79.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP3:kernel-default-base-4.4.175-94.79.1.s390x",
"SUSE Linux Enterprise Server 12 SP3:kernel-default-base-4.4.175-94.79.1.x86_64",
"SUSE Linux Enterprise Server 12 SP3:kernel-default-devel-4.4.175-94.79.1.aarch64",
"SUSE Linux Enterprise Server 12 SP3:kernel-default-devel-4.4.175-94.79.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP3:kernel-default-devel-4.4.175-94.79.1.s390x",
"SUSE Linux Enterprise Server 12 SP3:kernel-default-devel-4.4.175-94.79.1.x86_64",
"SUSE Linux Enterprise Server 12 SP3:kernel-default-man-4.4.175-94.79.1.s390x",
"SUSE Linux Enterprise Server 12 SP3:kernel-devel-4.4.175-94.79.1.noarch",
"SUSE Linux Enterprise Server 12 SP3:kernel-macros-4.4.175-94.79.1.noarch",
"SUSE Linux Enterprise Server 12 SP3:kernel-source-4.4.175-94.79.1.noarch",
"SUSE Linux Enterprise Server 12 SP3:kernel-syms-4.4.175-94.79.1.aarch64",
"SUSE Linux Enterprise Server 12 SP3:kernel-syms-4.4.175-94.79.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP3:kernel-syms-4.4.175-94.79.1.s390x",
"SUSE Linux Enterprise Server 12 SP3:kernel-syms-4.4.175-94.79.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-4.4.175-94.79.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-4.4.175-94.79.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-4.4.175-94.79.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-4.4.175-94.79.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-base-4.4.175-94.79.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-base-4.4.175-94.79.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-base-4.4.175-94.79.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-base-4.4.175-94.79.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-devel-4.4.175-94.79.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-devel-4.4.175-94.79.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-devel-4.4.175-94.79.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-devel-4.4.175-94.79.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-man-4.4.175-94.79.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-devel-4.4.175-94.79.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-macros-4.4.175-94.79.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-source-4.4.175-94.79.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-syms-4.4.175-94.79.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-syms-4.4.175-94.79.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-syms-4.4.175-94.79.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-syms-4.4.175-94.79.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP3:kernel-docs-4.4.175-94.79.1.noarch",
"SUSE Linux Enterprise Software Development Kit 12 SP3:kernel-obs-build-4.4.175-94.79.1.aarch64",
"SUSE Linux Enterprise Software Development Kit 12 SP3:kernel-obs-build-4.4.175-94.79.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP3:kernel-obs-build-4.4.175-94.79.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP3:kernel-obs-build-4.4.175-94.79.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 12 SP3:kernel-default-extra-4.4.175-94.79.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2019-03-04T16:45:36Z",
"details": "moderate"
}
],
"title": "CVE-2018-20169"
},
{
"cve": "CVE-2018-5391",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2018-5391"
}
],
"notes": [
{
"category": "general",
"text": "The Linux kernel, versions 3.9+, is vulnerable to a denial of service attack with low rates of specially modified packets targeting IP fragment re-assembly. An attacker may cause a denial of service condition by sending specially crafted IP fragments. Various vulnerabilities in IP fragmentation have been discovered and fixed over the years. The current vulnerability (CVE-2018-5391) became exploitable in the Linux kernel with the increase of the IP fragment reassembly queue size.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Desktop 12 SP3:kernel-default-4.4.175-94.79.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP3:kernel-default-devel-4.4.175-94.79.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP3:kernel-default-extra-4.4.175-94.79.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP3:kernel-devel-4.4.175-94.79.1.noarch",
"SUSE Linux Enterprise Desktop 12 SP3:kernel-macros-4.4.175-94.79.1.noarch",
"SUSE Linux Enterprise Desktop 12 SP3:kernel-source-4.4.175-94.79.1.noarch",
"SUSE Linux Enterprise Desktop 12 SP3:kernel-syms-4.4.175-94.79.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP3:cluster-md-kmp-default-4.4.175-94.79.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP3:cluster-md-kmp-default-4.4.175-94.79.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP3:cluster-md-kmp-default-4.4.175-94.79.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP3:dlm-kmp-default-4.4.175-94.79.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP3:dlm-kmp-default-4.4.175-94.79.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP3:dlm-kmp-default-4.4.175-94.79.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP3:gfs2-kmp-default-4.4.175-94.79.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP3:gfs2-kmp-default-4.4.175-94.79.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP3:gfs2-kmp-default-4.4.175-94.79.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP3:ocfs2-kmp-default-4.4.175-94.79.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP3:ocfs2-kmp-default-4.4.175-94.79.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP3:ocfs2-kmp-default-4.4.175-94.79.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP3:kgraft-patch-4_4_175-94_79-default-1-4.7.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP3:kgraft-patch-4_4_175-94_79-default-1-4.7.1.x86_64",
"SUSE Linux Enterprise Server 12 SP3:kernel-default-4.4.175-94.79.1.aarch64",
"SUSE Linux Enterprise Server 12 SP3:kernel-default-4.4.175-94.79.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP3:kernel-default-4.4.175-94.79.1.s390x",
"SUSE Linux Enterprise Server 12 SP3:kernel-default-4.4.175-94.79.1.x86_64",
"SUSE Linux Enterprise Server 12 SP3:kernel-default-base-4.4.175-94.79.1.aarch64",
"SUSE Linux Enterprise Server 12 SP3:kernel-default-base-4.4.175-94.79.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP3:kernel-default-base-4.4.175-94.79.1.s390x",
"SUSE Linux Enterprise Server 12 SP3:kernel-default-base-4.4.175-94.79.1.x86_64",
"SUSE Linux Enterprise Server 12 SP3:kernel-default-devel-4.4.175-94.79.1.aarch64",
"SUSE Linux Enterprise Server 12 SP3:kernel-default-devel-4.4.175-94.79.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP3:kernel-default-devel-4.4.175-94.79.1.s390x",
"SUSE Linux Enterprise Server 12 SP3:kernel-default-devel-4.4.175-94.79.1.x86_64",
"SUSE Linux Enterprise Server 12 SP3:kernel-default-man-4.4.175-94.79.1.s390x",
"SUSE Linux Enterprise Server 12 SP3:kernel-devel-4.4.175-94.79.1.noarch",
"SUSE Linux Enterprise Server 12 SP3:kernel-macros-4.4.175-94.79.1.noarch",
"SUSE Linux Enterprise Server 12 SP3:kernel-source-4.4.175-94.79.1.noarch",
"SUSE Linux Enterprise Server 12 SP3:kernel-syms-4.4.175-94.79.1.aarch64",
"SUSE Linux Enterprise Server 12 SP3:kernel-syms-4.4.175-94.79.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP3:kernel-syms-4.4.175-94.79.1.s390x",
"SUSE Linux Enterprise Server 12 SP3:kernel-syms-4.4.175-94.79.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-4.4.175-94.79.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-4.4.175-94.79.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-4.4.175-94.79.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-4.4.175-94.79.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-base-4.4.175-94.79.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-base-4.4.175-94.79.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-base-4.4.175-94.79.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-base-4.4.175-94.79.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-devel-4.4.175-94.79.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-devel-4.4.175-94.79.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-devel-4.4.175-94.79.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-devel-4.4.175-94.79.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-man-4.4.175-94.79.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-devel-4.4.175-94.79.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-macros-4.4.175-94.79.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-source-4.4.175-94.79.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-syms-4.4.175-94.79.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-syms-4.4.175-94.79.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-syms-4.4.175-94.79.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-syms-4.4.175-94.79.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP3:kernel-docs-4.4.175-94.79.1.noarch",
"SUSE Linux Enterprise Software Development Kit 12 SP3:kernel-obs-build-4.4.175-94.79.1.aarch64",
"SUSE Linux Enterprise Software Development Kit 12 SP3:kernel-obs-build-4.4.175-94.79.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP3:kernel-obs-build-4.4.175-94.79.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP3:kernel-obs-build-4.4.175-94.79.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 12 SP3:kernel-default-extra-4.4.175-94.79.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2018-5391",
"url": "https://www.suse.com/security/cve/CVE-2018-5391"
},
{
"category": "external",
"summary": "SUSE Bug 1087082 for CVE-2018-5391",
"url": "https://bugzilla.suse.com/1087082"
},
{
"category": "external",
"summary": "SUSE Bug 1102340 for CVE-2018-5391",
"url": "https://bugzilla.suse.com/1102340"
},
{
"category": "external",
"summary": "SUSE Bug 1103097 for CVE-2018-5391",
"url": "https://bugzilla.suse.com/1103097"
},
{
"category": "external",
"summary": "SUSE Bug 1103098 for CVE-2018-5391",
"url": "https://bugzilla.suse.com/1103098"
},
{
"category": "external",
"summary": "SUSE Bug 1108654 for CVE-2018-5391",
"url": "https://bugzilla.suse.com/1108654"
},
{
"category": "external",
"summary": "SUSE Bug 1114071 for CVE-2018-5391",
"url": "https://bugzilla.suse.com/1114071"
},
{
"category": "external",
"summary": "SUSE Bug 1121102 for CVE-2018-5391",
"url": "https://bugzilla.suse.com/1121102"
},
{
"category": "external",
"summary": "SUSE Bug 1134140 for CVE-2018-5391",
"url": "https://bugzilla.suse.com/1134140"
},
{
"category": "external",
"summary": "SUSE Bug 1181460 for CVE-2018-5391",
"url": "https://bugzilla.suse.com/1181460"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Desktop 12 SP3:kernel-default-4.4.175-94.79.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP3:kernel-default-devel-4.4.175-94.79.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP3:kernel-default-extra-4.4.175-94.79.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP3:kernel-devel-4.4.175-94.79.1.noarch",
"SUSE Linux Enterprise Desktop 12 SP3:kernel-macros-4.4.175-94.79.1.noarch",
"SUSE Linux Enterprise Desktop 12 SP3:kernel-source-4.4.175-94.79.1.noarch",
"SUSE Linux Enterprise Desktop 12 SP3:kernel-syms-4.4.175-94.79.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP3:cluster-md-kmp-default-4.4.175-94.79.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP3:cluster-md-kmp-default-4.4.175-94.79.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP3:cluster-md-kmp-default-4.4.175-94.79.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP3:dlm-kmp-default-4.4.175-94.79.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP3:dlm-kmp-default-4.4.175-94.79.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP3:dlm-kmp-default-4.4.175-94.79.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP3:gfs2-kmp-default-4.4.175-94.79.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP3:gfs2-kmp-default-4.4.175-94.79.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP3:gfs2-kmp-default-4.4.175-94.79.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP3:ocfs2-kmp-default-4.4.175-94.79.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP3:ocfs2-kmp-default-4.4.175-94.79.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP3:ocfs2-kmp-default-4.4.175-94.79.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP3:kgraft-patch-4_4_175-94_79-default-1-4.7.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP3:kgraft-patch-4_4_175-94_79-default-1-4.7.1.x86_64",
"SUSE Linux Enterprise Server 12 SP3:kernel-default-4.4.175-94.79.1.aarch64",
"SUSE Linux Enterprise Server 12 SP3:kernel-default-4.4.175-94.79.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP3:kernel-default-4.4.175-94.79.1.s390x",
"SUSE Linux Enterprise Server 12 SP3:kernel-default-4.4.175-94.79.1.x86_64",
"SUSE Linux Enterprise Server 12 SP3:kernel-default-base-4.4.175-94.79.1.aarch64",
"SUSE Linux Enterprise Server 12 SP3:kernel-default-base-4.4.175-94.79.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP3:kernel-default-base-4.4.175-94.79.1.s390x",
"SUSE Linux Enterprise Server 12 SP3:kernel-default-base-4.4.175-94.79.1.x86_64",
"SUSE Linux Enterprise Server 12 SP3:kernel-default-devel-4.4.175-94.79.1.aarch64",
"SUSE Linux Enterprise Server 12 SP3:kernel-default-devel-4.4.175-94.79.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP3:kernel-default-devel-4.4.175-94.79.1.s390x",
"SUSE Linux Enterprise Server 12 SP3:kernel-default-devel-4.4.175-94.79.1.x86_64",
"SUSE Linux Enterprise Server 12 SP3:kernel-default-man-4.4.175-94.79.1.s390x",
"SUSE Linux Enterprise Server 12 SP3:kernel-devel-4.4.175-94.79.1.noarch",
"SUSE Linux Enterprise Server 12 SP3:kernel-macros-4.4.175-94.79.1.noarch",
"SUSE Linux Enterprise Server 12 SP3:kernel-source-4.4.175-94.79.1.noarch",
"SUSE Linux Enterprise Server 12 SP3:kernel-syms-4.4.175-94.79.1.aarch64",
"SUSE Linux Enterprise Server 12 SP3:kernel-syms-4.4.175-94.79.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP3:kernel-syms-4.4.175-94.79.1.s390x",
"SUSE Linux Enterprise Server 12 SP3:kernel-syms-4.4.175-94.79.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-4.4.175-94.79.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-4.4.175-94.79.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-4.4.175-94.79.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-4.4.175-94.79.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-base-4.4.175-94.79.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-base-4.4.175-94.79.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-base-4.4.175-94.79.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-base-4.4.175-94.79.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-devel-4.4.175-94.79.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-devel-4.4.175-94.79.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-devel-4.4.175-94.79.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-devel-4.4.175-94.79.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-man-4.4.175-94.79.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-devel-4.4.175-94.79.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-macros-4.4.175-94.79.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-source-4.4.175-94.79.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-syms-4.4.175-94.79.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-syms-4.4.175-94.79.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-syms-4.4.175-94.79.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-syms-4.4.175-94.79.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP3:kernel-docs-4.4.175-94.79.1.noarch",
"SUSE Linux Enterprise Software Development Kit 12 SP3:kernel-obs-build-4.4.175-94.79.1.aarch64",
"SUSE Linux Enterprise Software Development Kit 12 SP3:kernel-obs-build-4.4.175-94.79.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP3:kernel-obs-build-4.4.175-94.79.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP3:kernel-obs-build-4.4.175-94.79.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 12 SP3:kernel-default-extra-4.4.175-94.79.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.0"
},
"products": [
"SUSE Linux Enterprise Desktop 12 SP3:kernel-default-4.4.175-94.79.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP3:kernel-default-devel-4.4.175-94.79.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP3:kernel-default-extra-4.4.175-94.79.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP3:kernel-devel-4.4.175-94.79.1.noarch",
"SUSE Linux Enterprise Desktop 12 SP3:kernel-macros-4.4.175-94.79.1.noarch",
"SUSE Linux Enterprise Desktop 12 SP3:kernel-source-4.4.175-94.79.1.noarch",
"SUSE Linux Enterprise Desktop 12 SP3:kernel-syms-4.4.175-94.79.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP3:cluster-md-kmp-default-4.4.175-94.79.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP3:cluster-md-kmp-default-4.4.175-94.79.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP3:cluster-md-kmp-default-4.4.175-94.79.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP3:dlm-kmp-default-4.4.175-94.79.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP3:dlm-kmp-default-4.4.175-94.79.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP3:dlm-kmp-default-4.4.175-94.79.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP3:gfs2-kmp-default-4.4.175-94.79.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP3:gfs2-kmp-default-4.4.175-94.79.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP3:gfs2-kmp-default-4.4.175-94.79.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP3:ocfs2-kmp-default-4.4.175-94.79.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP3:ocfs2-kmp-default-4.4.175-94.79.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP3:ocfs2-kmp-default-4.4.175-94.79.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP3:kgraft-patch-4_4_175-94_79-default-1-4.7.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP3:kgraft-patch-4_4_175-94_79-default-1-4.7.1.x86_64",
"SUSE Linux Enterprise Server 12 SP3:kernel-default-4.4.175-94.79.1.aarch64",
"SUSE Linux Enterprise Server 12 SP3:kernel-default-4.4.175-94.79.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP3:kernel-default-4.4.175-94.79.1.s390x",
"SUSE Linux Enterprise Server 12 SP3:kernel-default-4.4.175-94.79.1.x86_64",
"SUSE Linux Enterprise Server 12 SP3:kernel-default-base-4.4.175-94.79.1.aarch64",
"SUSE Linux Enterprise Server 12 SP3:kernel-default-base-4.4.175-94.79.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP3:kernel-default-base-4.4.175-94.79.1.s390x",
"SUSE Linux Enterprise Server 12 SP3:kernel-default-base-4.4.175-94.79.1.x86_64",
"SUSE Linux Enterprise Server 12 SP3:kernel-default-devel-4.4.175-94.79.1.aarch64",
"SUSE Linux Enterprise Server 12 SP3:kernel-default-devel-4.4.175-94.79.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP3:kernel-default-devel-4.4.175-94.79.1.s390x",
"SUSE Linux Enterprise Server 12 SP3:kernel-default-devel-4.4.175-94.79.1.x86_64",
"SUSE Linux Enterprise Server 12 SP3:kernel-default-man-4.4.175-94.79.1.s390x",
"SUSE Linux Enterprise Server 12 SP3:kernel-devel-4.4.175-94.79.1.noarch",
"SUSE Linux Enterprise Server 12 SP3:kernel-macros-4.4.175-94.79.1.noarch",
"SUSE Linux Enterprise Server 12 SP3:kernel-source-4.4.175-94.79.1.noarch",
"SUSE Linux Enterprise Server 12 SP3:kernel-syms-4.4.175-94.79.1.aarch64",
"SUSE Linux Enterprise Server 12 SP3:kernel-syms-4.4.175-94.79.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP3:kernel-syms-4.4.175-94.79.1.s390x",
"SUSE Linux Enterprise Server 12 SP3:kernel-syms-4.4.175-94.79.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-4.4.175-94.79.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-4.4.175-94.79.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-4.4.175-94.79.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-4.4.175-94.79.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-base-4.4.175-94.79.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-base-4.4.175-94.79.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-base-4.4.175-94.79.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-base-4.4.175-94.79.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-devel-4.4.175-94.79.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-devel-4.4.175-94.79.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-devel-4.4.175-94.79.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-devel-4.4.175-94.79.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-man-4.4.175-94.79.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-devel-4.4.175-94.79.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-macros-4.4.175-94.79.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-source-4.4.175-94.79.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-syms-4.4.175-94.79.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-syms-4.4.175-94.79.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-syms-4.4.175-94.79.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-syms-4.4.175-94.79.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP3:kernel-docs-4.4.175-94.79.1.noarch",
"SUSE Linux Enterprise Software Development Kit 12 SP3:kernel-obs-build-4.4.175-94.79.1.aarch64",
"SUSE Linux Enterprise Software Development Kit 12 SP3:kernel-obs-build-4.4.175-94.79.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP3:kernel-obs-build-4.4.175-94.79.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP3:kernel-obs-build-4.4.175-94.79.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 12 SP3:kernel-default-extra-4.4.175-94.79.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2019-03-04T16:45:36Z",
"details": "moderate"
}
],
"title": "CVE-2018-5391"
},
{
"cve": "CVE-2018-9568",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2018-9568"
}
],
"notes": [
{
"category": "general",
"text": "In sk_clone_lock of sock.c, there is a possible memory corruption due to type confusion. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation. Product: Android. Versions: Android kernel. Android ID: A-113509306. References: Upstream kernel.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Desktop 12 SP3:kernel-default-4.4.175-94.79.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP3:kernel-default-devel-4.4.175-94.79.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP3:kernel-default-extra-4.4.175-94.79.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP3:kernel-devel-4.4.175-94.79.1.noarch",
"SUSE Linux Enterprise Desktop 12 SP3:kernel-macros-4.4.175-94.79.1.noarch",
"SUSE Linux Enterprise Desktop 12 SP3:kernel-source-4.4.175-94.79.1.noarch",
"SUSE Linux Enterprise Desktop 12 SP3:kernel-syms-4.4.175-94.79.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP3:cluster-md-kmp-default-4.4.175-94.79.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP3:cluster-md-kmp-default-4.4.175-94.79.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP3:cluster-md-kmp-default-4.4.175-94.79.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP3:dlm-kmp-default-4.4.175-94.79.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP3:dlm-kmp-default-4.4.175-94.79.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP3:dlm-kmp-default-4.4.175-94.79.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP3:gfs2-kmp-default-4.4.175-94.79.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP3:gfs2-kmp-default-4.4.175-94.79.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP3:gfs2-kmp-default-4.4.175-94.79.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP3:ocfs2-kmp-default-4.4.175-94.79.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP3:ocfs2-kmp-default-4.4.175-94.79.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP3:ocfs2-kmp-default-4.4.175-94.79.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP3:kgraft-patch-4_4_175-94_79-default-1-4.7.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP3:kgraft-patch-4_4_175-94_79-default-1-4.7.1.x86_64",
"SUSE Linux Enterprise Server 12 SP3:kernel-default-4.4.175-94.79.1.aarch64",
"SUSE Linux Enterprise Server 12 SP3:kernel-default-4.4.175-94.79.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP3:kernel-default-4.4.175-94.79.1.s390x",
"SUSE Linux Enterprise Server 12 SP3:kernel-default-4.4.175-94.79.1.x86_64",
"SUSE Linux Enterprise Server 12 SP3:kernel-default-base-4.4.175-94.79.1.aarch64",
"SUSE Linux Enterprise Server 12 SP3:kernel-default-base-4.4.175-94.79.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP3:kernel-default-base-4.4.175-94.79.1.s390x",
"SUSE Linux Enterprise Server 12 SP3:kernel-default-base-4.4.175-94.79.1.x86_64",
"SUSE Linux Enterprise Server 12 SP3:kernel-default-devel-4.4.175-94.79.1.aarch64",
"SUSE Linux Enterprise Server 12 SP3:kernel-default-devel-4.4.175-94.79.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP3:kernel-default-devel-4.4.175-94.79.1.s390x",
"SUSE Linux Enterprise Server 12 SP3:kernel-default-devel-4.4.175-94.79.1.x86_64",
"SUSE Linux Enterprise Server 12 SP3:kernel-default-man-4.4.175-94.79.1.s390x",
"SUSE Linux Enterprise Server 12 SP3:kernel-devel-4.4.175-94.79.1.noarch",
"SUSE Linux Enterprise Server 12 SP3:kernel-macros-4.4.175-94.79.1.noarch",
"SUSE Linux Enterprise Server 12 SP3:kernel-source-4.4.175-94.79.1.noarch",
"SUSE Linux Enterprise Server 12 SP3:kernel-syms-4.4.175-94.79.1.aarch64",
"SUSE Linux Enterprise Server 12 SP3:kernel-syms-4.4.175-94.79.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP3:kernel-syms-4.4.175-94.79.1.s390x",
"SUSE Linux Enterprise Server 12 SP3:kernel-syms-4.4.175-94.79.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-4.4.175-94.79.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-4.4.175-94.79.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-4.4.175-94.79.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-4.4.175-94.79.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-base-4.4.175-94.79.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-base-4.4.175-94.79.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-base-4.4.175-94.79.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-base-4.4.175-94.79.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-devel-4.4.175-94.79.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-devel-4.4.175-94.79.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-devel-4.4.175-94.79.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-devel-4.4.175-94.79.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-man-4.4.175-94.79.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-devel-4.4.175-94.79.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-macros-4.4.175-94.79.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-source-4.4.175-94.79.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-syms-4.4.175-94.79.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-syms-4.4.175-94.79.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-syms-4.4.175-94.79.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-syms-4.4.175-94.79.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP3:kernel-docs-4.4.175-94.79.1.noarch",
"SUSE Linux Enterprise Software Development Kit 12 SP3:kernel-obs-build-4.4.175-94.79.1.aarch64",
"SUSE Linux Enterprise Software Development Kit 12 SP3:kernel-obs-build-4.4.175-94.79.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP3:kernel-obs-build-4.4.175-94.79.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP3:kernel-obs-build-4.4.175-94.79.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 12 SP3:kernel-default-extra-4.4.175-94.79.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2018-9568",
"url": "https://www.suse.com/security/cve/CVE-2018-9568"
},
{
"category": "external",
"summary": "SUSE Bug 1118319 for CVE-2018-9568",
"url": "https://bugzilla.suse.com/1118319"
},
{
"category": "external",
"summary": "SUSE Bug 1118320 for CVE-2018-9568",
"url": "https://bugzilla.suse.com/1118320"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Desktop 12 SP3:kernel-default-4.4.175-94.79.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP3:kernel-default-devel-4.4.175-94.79.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP3:kernel-default-extra-4.4.175-94.79.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP3:kernel-devel-4.4.175-94.79.1.noarch",
"SUSE Linux Enterprise Desktop 12 SP3:kernel-macros-4.4.175-94.79.1.noarch",
"SUSE Linux Enterprise Desktop 12 SP3:kernel-source-4.4.175-94.79.1.noarch",
"SUSE Linux Enterprise Desktop 12 SP3:kernel-syms-4.4.175-94.79.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP3:cluster-md-kmp-default-4.4.175-94.79.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP3:cluster-md-kmp-default-4.4.175-94.79.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP3:cluster-md-kmp-default-4.4.175-94.79.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP3:dlm-kmp-default-4.4.175-94.79.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP3:dlm-kmp-default-4.4.175-94.79.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP3:dlm-kmp-default-4.4.175-94.79.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP3:gfs2-kmp-default-4.4.175-94.79.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP3:gfs2-kmp-default-4.4.175-94.79.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP3:gfs2-kmp-default-4.4.175-94.79.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP3:ocfs2-kmp-default-4.4.175-94.79.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP3:ocfs2-kmp-default-4.4.175-94.79.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP3:ocfs2-kmp-default-4.4.175-94.79.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP3:kgraft-patch-4_4_175-94_79-default-1-4.7.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP3:kgraft-patch-4_4_175-94_79-default-1-4.7.1.x86_64",
"SUSE Linux Enterprise Server 12 SP3:kernel-default-4.4.175-94.79.1.aarch64",
"SUSE Linux Enterprise Server 12 SP3:kernel-default-4.4.175-94.79.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP3:kernel-default-4.4.175-94.79.1.s390x",
"SUSE Linux Enterprise Server 12 SP3:kernel-default-4.4.175-94.79.1.x86_64",
"SUSE Linux Enterprise Server 12 SP3:kernel-default-base-4.4.175-94.79.1.aarch64",
"SUSE Linux Enterprise Server 12 SP3:kernel-default-base-4.4.175-94.79.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP3:kernel-default-base-4.4.175-94.79.1.s390x",
"SUSE Linux Enterprise Server 12 SP3:kernel-default-base-4.4.175-94.79.1.x86_64",
"SUSE Linux Enterprise Server 12 SP3:kernel-default-devel-4.4.175-94.79.1.aarch64",
"SUSE Linux Enterprise Server 12 SP3:kernel-default-devel-4.4.175-94.79.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP3:kernel-default-devel-4.4.175-94.79.1.s390x",
"SUSE Linux Enterprise Server 12 SP3:kernel-default-devel-4.4.175-94.79.1.x86_64",
"SUSE Linux Enterprise Server 12 SP3:kernel-default-man-4.4.175-94.79.1.s390x",
"SUSE Linux Enterprise Server 12 SP3:kernel-devel-4.4.175-94.79.1.noarch",
"SUSE Linux Enterprise Server 12 SP3:kernel-macros-4.4.175-94.79.1.noarch",
"SUSE Linux Enterprise Server 12 SP3:kernel-source-4.4.175-94.79.1.noarch",
"SUSE Linux Enterprise Server 12 SP3:kernel-syms-4.4.175-94.79.1.aarch64",
"SUSE Linux Enterprise Server 12 SP3:kernel-syms-4.4.175-94.79.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP3:kernel-syms-4.4.175-94.79.1.s390x",
"SUSE Linux Enterprise Server 12 SP3:kernel-syms-4.4.175-94.79.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-4.4.175-94.79.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-4.4.175-94.79.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-4.4.175-94.79.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-4.4.175-94.79.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-base-4.4.175-94.79.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-base-4.4.175-94.79.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-base-4.4.175-94.79.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-base-4.4.175-94.79.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-devel-4.4.175-94.79.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-devel-4.4.175-94.79.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-devel-4.4.175-94.79.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-devel-4.4.175-94.79.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-man-4.4.175-94.79.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-devel-4.4.175-94.79.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-macros-4.4.175-94.79.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-source-4.4.175-94.79.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-syms-4.4.175-94.79.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-syms-4.4.175-94.79.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-syms-4.4.175-94.79.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-syms-4.4.175-94.79.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP3:kernel-docs-4.4.175-94.79.1.noarch",
"SUSE Linux Enterprise Software Development Kit 12 SP3:kernel-obs-build-4.4.175-94.79.1.aarch64",
"SUSE Linux Enterprise Software Development Kit 12 SP3:kernel-obs-build-4.4.175-94.79.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP3:kernel-obs-build-4.4.175-94.79.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP3:kernel-obs-build-4.4.175-94.79.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 12 SP3:kernel-default-extra-4.4.175-94.79.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.4,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.0/AV:L/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"products": [
"SUSE Linux Enterprise Desktop 12 SP3:kernel-default-4.4.175-94.79.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP3:kernel-default-devel-4.4.175-94.79.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP3:kernel-default-extra-4.4.175-94.79.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP3:kernel-devel-4.4.175-94.79.1.noarch",
"SUSE Linux Enterprise Desktop 12 SP3:kernel-macros-4.4.175-94.79.1.noarch",
"SUSE Linux Enterprise Desktop 12 SP3:kernel-source-4.4.175-94.79.1.noarch",
"SUSE Linux Enterprise Desktop 12 SP3:kernel-syms-4.4.175-94.79.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP3:cluster-md-kmp-default-4.4.175-94.79.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP3:cluster-md-kmp-default-4.4.175-94.79.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP3:cluster-md-kmp-default-4.4.175-94.79.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP3:dlm-kmp-default-4.4.175-94.79.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP3:dlm-kmp-default-4.4.175-94.79.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP3:dlm-kmp-default-4.4.175-94.79.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP3:gfs2-kmp-default-4.4.175-94.79.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP3:gfs2-kmp-default-4.4.175-94.79.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP3:gfs2-kmp-default-4.4.175-94.79.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP3:ocfs2-kmp-default-4.4.175-94.79.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP3:ocfs2-kmp-default-4.4.175-94.79.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP3:ocfs2-kmp-default-4.4.175-94.79.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP3:kgraft-patch-4_4_175-94_79-default-1-4.7.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP3:kgraft-patch-4_4_175-94_79-default-1-4.7.1.x86_64",
"SUSE Linux Enterprise Server 12 SP3:kernel-default-4.4.175-94.79.1.aarch64",
"SUSE Linux Enterprise Server 12 SP3:kernel-default-4.4.175-94.79.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP3:kernel-default-4.4.175-94.79.1.s390x",
"SUSE Linux Enterprise Server 12 SP3:kernel-default-4.4.175-94.79.1.x86_64",
"SUSE Linux Enterprise Server 12 SP3:kernel-default-base-4.4.175-94.79.1.aarch64",
"SUSE Linux Enterprise Server 12 SP3:kernel-default-base-4.4.175-94.79.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP3:kernel-default-base-4.4.175-94.79.1.s390x",
"SUSE Linux Enterprise Server 12 SP3:kernel-default-base-4.4.175-94.79.1.x86_64",
"SUSE Linux Enterprise Server 12 SP3:kernel-default-devel-4.4.175-94.79.1.aarch64",
"SUSE Linux Enterprise Server 12 SP3:kernel-default-devel-4.4.175-94.79.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP3:kernel-default-devel-4.4.175-94.79.1.s390x",
"SUSE Linux Enterprise Server 12 SP3:kernel-default-devel-4.4.175-94.79.1.x86_64",
"SUSE Linux Enterprise Server 12 SP3:kernel-default-man-4.4.175-94.79.1.s390x",
"SUSE Linux Enterprise Server 12 SP3:kernel-devel-4.4.175-94.79.1.noarch",
"SUSE Linux Enterprise Server 12 SP3:kernel-macros-4.4.175-94.79.1.noarch",
"SUSE Linux Enterprise Server 12 SP3:kernel-source-4.4.175-94.79.1.noarch",
"SUSE Linux Enterprise Server 12 SP3:kernel-syms-4.4.175-94.79.1.aarch64",
"SUSE Linux Enterprise Server 12 SP3:kernel-syms-4.4.175-94.79.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP3:kernel-syms-4.4.175-94.79.1.s390x",
"SUSE Linux Enterprise Server 12 SP3:kernel-syms-4.4.175-94.79.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-4.4.175-94.79.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-4.4.175-94.79.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-4.4.175-94.79.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-4.4.175-94.79.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-base-4.4.175-94.79.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-base-4.4.175-94.79.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-base-4.4.175-94.79.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-base-4.4.175-94.79.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-devel-4.4.175-94.79.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-devel-4.4.175-94.79.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-devel-4.4.175-94.79.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-devel-4.4.175-94.79.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-man-4.4.175-94.79.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-devel-4.4.175-94.79.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-macros-4.4.175-94.79.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-source-4.4.175-94.79.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-syms-4.4.175-94.79.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-syms-4.4.175-94.79.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-syms-4.4.175-94.79.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-syms-4.4.175-94.79.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP3:kernel-docs-4.4.175-94.79.1.noarch",
"SUSE Linux Enterprise Software Development Kit 12 SP3:kernel-obs-build-4.4.175-94.79.1.aarch64",
"SUSE Linux Enterprise Software Development Kit 12 SP3:kernel-obs-build-4.4.175-94.79.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP3:kernel-obs-build-4.4.175-94.79.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP3:kernel-obs-build-4.4.175-94.79.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 12 SP3:kernel-default-extra-4.4.175-94.79.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2019-03-04T16:45:36Z",
"details": "moderate"
}
],
"title": "CVE-2018-9568"
},
{
"cve": "CVE-2019-3459",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2019-3459"
}
],
"notes": [
{
"category": "general",
"text": "A heap address information leak while using L2CAP_GET_CONF_OPT was discovered in the Linux kernel before 5.1-rc1.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Desktop 12 SP3:kernel-default-4.4.175-94.79.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP3:kernel-default-devel-4.4.175-94.79.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP3:kernel-default-extra-4.4.175-94.79.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP3:kernel-devel-4.4.175-94.79.1.noarch",
"SUSE Linux Enterprise Desktop 12 SP3:kernel-macros-4.4.175-94.79.1.noarch",
"SUSE Linux Enterprise Desktop 12 SP3:kernel-source-4.4.175-94.79.1.noarch",
"SUSE Linux Enterprise Desktop 12 SP3:kernel-syms-4.4.175-94.79.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP3:cluster-md-kmp-default-4.4.175-94.79.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP3:cluster-md-kmp-default-4.4.175-94.79.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP3:cluster-md-kmp-default-4.4.175-94.79.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP3:dlm-kmp-default-4.4.175-94.79.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP3:dlm-kmp-default-4.4.175-94.79.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP3:dlm-kmp-default-4.4.175-94.79.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP3:gfs2-kmp-default-4.4.175-94.79.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP3:gfs2-kmp-default-4.4.175-94.79.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP3:gfs2-kmp-default-4.4.175-94.79.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP3:ocfs2-kmp-default-4.4.175-94.79.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP3:ocfs2-kmp-default-4.4.175-94.79.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP3:ocfs2-kmp-default-4.4.175-94.79.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP3:kgraft-patch-4_4_175-94_79-default-1-4.7.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP3:kgraft-patch-4_4_175-94_79-default-1-4.7.1.x86_64",
"SUSE Linux Enterprise Server 12 SP3:kernel-default-4.4.175-94.79.1.aarch64",
"SUSE Linux Enterprise Server 12 SP3:kernel-default-4.4.175-94.79.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP3:kernel-default-4.4.175-94.79.1.s390x",
"SUSE Linux Enterprise Server 12 SP3:kernel-default-4.4.175-94.79.1.x86_64",
"SUSE Linux Enterprise Server 12 SP3:kernel-default-base-4.4.175-94.79.1.aarch64",
"SUSE Linux Enterprise Server 12 SP3:kernel-default-base-4.4.175-94.79.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP3:kernel-default-base-4.4.175-94.79.1.s390x",
"SUSE Linux Enterprise Server 12 SP3:kernel-default-base-4.4.175-94.79.1.x86_64",
"SUSE Linux Enterprise Server 12 SP3:kernel-default-devel-4.4.175-94.79.1.aarch64",
"SUSE Linux Enterprise Server 12 SP3:kernel-default-devel-4.4.175-94.79.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP3:kernel-default-devel-4.4.175-94.79.1.s390x",
"SUSE Linux Enterprise Server 12 SP3:kernel-default-devel-4.4.175-94.79.1.x86_64",
"SUSE Linux Enterprise Server 12 SP3:kernel-default-man-4.4.175-94.79.1.s390x",
"SUSE Linux Enterprise Server 12 SP3:kernel-devel-4.4.175-94.79.1.noarch",
"SUSE Linux Enterprise Server 12 SP3:kernel-macros-4.4.175-94.79.1.noarch",
"SUSE Linux Enterprise Server 12 SP3:kernel-source-4.4.175-94.79.1.noarch",
"SUSE Linux Enterprise Server 12 SP3:kernel-syms-4.4.175-94.79.1.aarch64",
"SUSE Linux Enterprise Server 12 SP3:kernel-syms-4.4.175-94.79.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP3:kernel-syms-4.4.175-94.79.1.s390x",
"SUSE Linux Enterprise Server 12 SP3:kernel-syms-4.4.175-94.79.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-4.4.175-94.79.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-4.4.175-94.79.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-4.4.175-94.79.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-4.4.175-94.79.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-base-4.4.175-94.79.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-base-4.4.175-94.79.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-base-4.4.175-94.79.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-base-4.4.175-94.79.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-devel-4.4.175-94.79.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-devel-4.4.175-94.79.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-devel-4.4.175-94.79.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-devel-4.4.175-94.79.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-man-4.4.175-94.79.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-devel-4.4.175-94.79.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-macros-4.4.175-94.79.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-source-4.4.175-94.79.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-syms-4.4.175-94.79.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-syms-4.4.175-94.79.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-syms-4.4.175-94.79.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-syms-4.4.175-94.79.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP3:kernel-docs-4.4.175-94.79.1.noarch",
"SUSE Linux Enterprise Software Development Kit 12 SP3:kernel-obs-build-4.4.175-94.79.1.aarch64",
"SUSE Linux Enterprise Software Development Kit 12 SP3:kernel-obs-build-4.4.175-94.79.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP3:kernel-obs-build-4.4.175-94.79.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP3:kernel-obs-build-4.4.175-94.79.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 12 SP3:kernel-default-extra-4.4.175-94.79.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2019-3459",
"url": "https://www.suse.com/security/cve/CVE-2019-3459"
},
{
"category": "external",
"summary": "SUSE Bug 1120758 for CVE-2019-3459",
"url": "https://bugzilla.suse.com/1120758"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Desktop 12 SP3:kernel-default-4.4.175-94.79.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP3:kernel-default-devel-4.4.175-94.79.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP3:kernel-default-extra-4.4.175-94.79.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP3:kernel-devel-4.4.175-94.79.1.noarch",
"SUSE Linux Enterprise Desktop 12 SP3:kernel-macros-4.4.175-94.79.1.noarch",
"SUSE Linux Enterprise Desktop 12 SP3:kernel-source-4.4.175-94.79.1.noarch",
"SUSE Linux Enterprise Desktop 12 SP3:kernel-syms-4.4.175-94.79.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP3:cluster-md-kmp-default-4.4.175-94.79.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP3:cluster-md-kmp-default-4.4.175-94.79.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP3:cluster-md-kmp-default-4.4.175-94.79.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP3:dlm-kmp-default-4.4.175-94.79.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP3:dlm-kmp-default-4.4.175-94.79.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP3:dlm-kmp-default-4.4.175-94.79.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP3:gfs2-kmp-default-4.4.175-94.79.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP3:gfs2-kmp-default-4.4.175-94.79.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP3:gfs2-kmp-default-4.4.175-94.79.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP3:ocfs2-kmp-default-4.4.175-94.79.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP3:ocfs2-kmp-default-4.4.175-94.79.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP3:ocfs2-kmp-default-4.4.175-94.79.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP3:kgraft-patch-4_4_175-94_79-default-1-4.7.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP3:kgraft-patch-4_4_175-94_79-default-1-4.7.1.x86_64",
"SUSE Linux Enterprise Server 12 SP3:kernel-default-4.4.175-94.79.1.aarch64",
"SUSE Linux Enterprise Server 12 SP3:kernel-default-4.4.175-94.79.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP3:kernel-default-4.4.175-94.79.1.s390x",
"SUSE Linux Enterprise Server 12 SP3:kernel-default-4.4.175-94.79.1.x86_64",
"SUSE Linux Enterprise Server 12 SP3:kernel-default-base-4.4.175-94.79.1.aarch64",
"SUSE Linux Enterprise Server 12 SP3:kernel-default-base-4.4.175-94.79.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP3:kernel-default-base-4.4.175-94.79.1.s390x",
"SUSE Linux Enterprise Server 12 SP3:kernel-default-base-4.4.175-94.79.1.x86_64",
"SUSE Linux Enterprise Server 12 SP3:kernel-default-devel-4.4.175-94.79.1.aarch64",
"SUSE Linux Enterprise Server 12 SP3:kernel-default-devel-4.4.175-94.79.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP3:kernel-default-devel-4.4.175-94.79.1.s390x",
"SUSE Linux Enterprise Server 12 SP3:kernel-default-devel-4.4.175-94.79.1.x86_64",
"SUSE Linux Enterprise Server 12 SP3:kernel-default-man-4.4.175-94.79.1.s390x",
"SUSE Linux Enterprise Server 12 SP3:kernel-devel-4.4.175-94.79.1.noarch",
"SUSE Linux Enterprise Server 12 SP3:kernel-macros-4.4.175-94.79.1.noarch",
"SUSE Linux Enterprise Server 12 SP3:kernel-source-4.4.175-94.79.1.noarch",
"SUSE Linux Enterprise Server 12 SP3:kernel-syms-4.4.175-94.79.1.aarch64",
"SUSE Linux Enterprise Server 12 SP3:kernel-syms-4.4.175-94.79.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP3:kernel-syms-4.4.175-94.79.1.s390x",
"SUSE Linux Enterprise Server 12 SP3:kernel-syms-4.4.175-94.79.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-4.4.175-94.79.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-4.4.175-94.79.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-4.4.175-94.79.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-4.4.175-94.79.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-base-4.4.175-94.79.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-base-4.4.175-94.79.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-base-4.4.175-94.79.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-base-4.4.175-94.79.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-devel-4.4.175-94.79.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-devel-4.4.175-94.79.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-devel-4.4.175-94.79.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-devel-4.4.175-94.79.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-man-4.4.175-94.79.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-devel-4.4.175-94.79.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-macros-4.4.175-94.79.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-source-4.4.175-94.79.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-syms-4.4.175-94.79.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-syms-4.4.175-94.79.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-syms-4.4.175-94.79.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-syms-4.4.175-94.79.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP3:kernel-docs-4.4.175-94.79.1.noarch",
"SUSE Linux Enterprise Software Development Kit 12 SP3:kernel-obs-build-4.4.175-94.79.1.aarch64",
"SUSE Linux Enterprise Software Development Kit 12 SP3:kernel-obs-build-4.4.175-94.79.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP3:kernel-obs-build-4.4.175-94.79.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP3:kernel-obs-build-4.4.175-94.79.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 12 SP3:kernel-default-extra-4.4.175-94.79.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 2.6,
"baseSeverity": "LOW",
"vectorString": "CVSS:3.0/AV:A/AC:H/PR:N/UI:R/S:U/C:N/I:N/A:L",
"version": "3.0"
},
"products": [
"SUSE Linux Enterprise Desktop 12 SP3:kernel-default-4.4.175-94.79.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP3:kernel-default-devel-4.4.175-94.79.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP3:kernel-default-extra-4.4.175-94.79.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP3:kernel-devel-4.4.175-94.79.1.noarch",
"SUSE Linux Enterprise Desktop 12 SP3:kernel-macros-4.4.175-94.79.1.noarch",
"SUSE Linux Enterprise Desktop 12 SP3:kernel-source-4.4.175-94.79.1.noarch",
"SUSE Linux Enterprise Desktop 12 SP3:kernel-syms-4.4.175-94.79.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP3:cluster-md-kmp-default-4.4.175-94.79.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP3:cluster-md-kmp-default-4.4.175-94.79.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP3:cluster-md-kmp-default-4.4.175-94.79.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP3:dlm-kmp-default-4.4.175-94.79.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP3:dlm-kmp-default-4.4.175-94.79.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP3:dlm-kmp-default-4.4.175-94.79.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP3:gfs2-kmp-default-4.4.175-94.79.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP3:gfs2-kmp-default-4.4.175-94.79.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP3:gfs2-kmp-default-4.4.175-94.79.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP3:ocfs2-kmp-default-4.4.175-94.79.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP3:ocfs2-kmp-default-4.4.175-94.79.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP3:ocfs2-kmp-default-4.4.175-94.79.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP3:kgraft-patch-4_4_175-94_79-default-1-4.7.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP3:kgraft-patch-4_4_175-94_79-default-1-4.7.1.x86_64",
"SUSE Linux Enterprise Server 12 SP3:kernel-default-4.4.175-94.79.1.aarch64",
"SUSE Linux Enterprise Server 12 SP3:kernel-default-4.4.175-94.79.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP3:kernel-default-4.4.175-94.79.1.s390x",
"SUSE Linux Enterprise Server 12 SP3:kernel-default-4.4.175-94.79.1.x86_64",
"SUSE Linux Enterprise Server 12 SP3:kernel-default-base-4.4.175-94.79.1.aarch64",
"SUSE Linux Enterprise Server 12 SP3:kernel-default-base-4.4.175-94.79.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP3:kernel-default-base-4.4.175-94.79.1.s390x",
"SUSE Linux Enterprise Server 12 SP3:kernel-default-base-4.4.175-94.79.1.x86_64",
"SUSE Linux Enterprise Server 12 SP3:kernel-default-devel-4.4.175-94.79.1.aarch64",
"SUSE Linux Enterprise Server 12 SP3:kernel-default-devel-4.4.175-94.79.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP3:kernel-default-devel-4.4.175-94.79.1.s390x",
"SUSE Linux Enterprise Server 12 SP3:kernel-default-devel-4.4.175-94.79.1.x86_64",
"SUSE Linux Enterprise Server 12 SP3:kernel-default-man-4.4.175-94.79.1.s390x",
"SUSE Linux Enterprise Server 12 SP3:kernel-devel-4.4.175-94.79.1.noarch",
"SUSE Linux Enterprise Server 12 SP3:kernel-macros-4.4.175-94.79.1.noarch",
"SUSE Linux Enterprise Server 12 SP3:kernel-source-4.4.175-94.79.1.noarch",
"SUSE Linux Enterprise Server 12 SP3:kernel-syms-4.4.175-94.79.1.aarch64",
"SUSE Linux Enterprise Server 12 SP3:kernel-syms-4.4.175-94.79.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP3:kernel-syms-4.4.175-94.79.1.s390x",
"SUSE Linux Enterprise Server 12 SP3:kernel-syms-4.4.175-94.79.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-4.4.175-94.79.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-4.4.175-94.79.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-4.4.175-94.79.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-4.4.175-94.79.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-base-4.4.175-94.79.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-base-4.4.175-94.79.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-base-4.4.175-94.79.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-base-4.4.175-94.79.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-devel-4.4.175-94.79.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-devel-4.4.175-94.79.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-devel-4.4.175-94.79.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-devel-4.4.175-94.79.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-man-4.4.175-94.79.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-devel-4.4.175-94.79.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-macros-4.4.175-94.79.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-source-4.4.175-94.79.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-syms-4.4.175-94.79.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-syms-4.4.175-94.79.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-syms-4.4.175-94.79.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-syms-4.4.175-94.79.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP3:kernel-docs-4.4.175-94.79.1.noarch",
"SUSE Linux Enterprise Software Development Kit 12 SP3:kernel-obs-build-4.4.175-94.79.1.aarch64",
"SUSE Linux Enterprise Software Development Kit 12 SP3:kernel-obs-build-4.4.175-94.79.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP3:kernel-obs-build-4.4.175-94.79.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP3:kernel-obs-build-4.4.175-94.79.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 12 SP3:kernel-default-extra-4.4.175-94.79.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2019-03-04T16:45:36Z",
"details": "moderate"
}
],
"title": "CVE-2019-3459"
},
{
"cve": "CVE-2019-3460",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2019-3460"
}
],
"notes": [
{
"category": "general",
"text": "A heap data infoleak in multiple locations including L2CAP_PARSE_CONF_RSP was found in the Linux kernel before 5.1-rc1.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Desktop 12 SP3:kernel-default-4.4.175-94.79.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP3:kernel-default-devel-4.4.175-94.79.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP3:kernel-default-extra-4.4.175-94.79.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP3:kernel-devel-4.4.175-94.79.1.noarch",
"SUSE Linux Enterprise Desktop 12 SP3:kernel-macros-4.4.175-94.79.1.noarch",
"SUSE Linux Enterprise Desktop 12 SP3:kernel-source-4.4.175-94.79.1.noarch",
"SUSE Linux Enterprise Desktop 12 SP3:kernel-syms-4.4.175-94.79.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP3:cluster-md-kmp-default-4.4.175-94.79.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP3:cluster-md-kmp-default-4.4.175-94.79.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP3:cluster-md-kmp-default-4.4.175-94.79.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP3:dlm-kmp-default-4.4.175-94.79.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP3:dlm-kmp-default-4.4.175-94.79.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP3:dlm-kmp-default-4.4.175-94.79.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP3:gfs2-kmp-default-4.4.175-94.79.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP3:gfs2-kmp-default-4.4.175-94.79.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP3:gfs2-kmp-default-4.4.175-94.79.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP3:ocfs2-kmp-default-4.4.175-94.79.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP3:ocfs2-kmp-default-4.4.175-94.79.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP3:ocfs2-kmp-default-4.4.175-94.79.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP3:kgraft-patch-4_4_175-94_79-default-1-4.7.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP3:kgraft-patch-4_4_175-94_79-default-1-4.7.1.x86_64",
"SUSE Linux Enterprise Server 12 SP3:kernel-default-4.4.175-94.79.1.aarch64",
"SUSE Linux Enterprise Server 12 SP3:kernel-default-4.4.175-94.79.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP3:kernel-default-4.4.175-94.79.1.s390x",
"SUSE Linux Enterprise Server 12 SP3:kernel-default-4.4.175-94.79.1.x86_64",
"SUSE Linux Enterprise Server 12 SP3:kernel-default-base-4.4.175-94.79.1.aarch64",
"SUSE Linux Enterprise Server 12 SP3:kernel-default-base-4.4.175-94.79.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP3:kernel-default-base-4.4.175-94.79.1.s390x",
"SUSE Linux Enterprise Server 12 SP3:kernel-default-base-4.4.175-94.79.1.x86_64",
"SUSE Linux Enterprise Server 12 SP3:kernel-default-devel-4.4.175-94.79.1.aarch64",
"SUSE Linux Enterprise Server 12 SP3:kernel-default-devel-4.4.175-94.79.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP3:kernel-default-devel-4.4.175-94.79.1.s390x",
"SUSE Linux Enterprise Server 12 SP3:kernel-default-devel-4.4.175-94.79.1.x86_64",
"SUSE Linux Enterprise Server 12 SP3:kernel-default-man-4.4.175-94.79.1.s390x",
"SUSE Linux Enterprise Server 12 SP3:kernel-devel-4.4.175-94.79.1.noarch",
"SUSE Linux Enterprise Server 12 SP3:kernel-macros-4.4.175-94.79.1.noarch",
"SUSE Linux Enterprise Server 12 SP3:kernel-source-4.4.175-94.79.1.noarch",
"SUSE Linux Enterprise Server 12 SP3:kernel-syms-4.4.175-94.79.1.aarch64",
"SUSE Linux Enterprise Server 12 SP3:kernel-syms-4.4.175-94.79.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP3:kernel-syms-4.4.175-94.79.1.s390x",
"SUSE Linux Enterprise Server 12 SP3:kernel-syms-4.4.175-94.79.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-4.4.175-94.79.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-4.4.175-94.79.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-4.4.175-94.79.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-4.4.175-94.79.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-base-4.4.175-94.79.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-base-4.4.175-94.79.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-base-4.4.175-94.79.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-base-4.4.175-94.79.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-devel-4.4.175-94.79.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-devel-4.4.175-94.79.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-devel-4.4.175-94.79.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-devel-4.4.175-94.79.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-man-4.4.175-94.79.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-devel-4.4.175-94.79.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-macros-4.4.175-94.79.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-source-4.4.175-94.79.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-syms-4.4.175-94.79.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-syms-4.4.175-94.79.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-syms-4.4.175-94.79.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-syms-4.4.175-94.79.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP3:kernel-docs-4.4.175-94.79.1.noarch",
"SUSE Linux Enterprise Software Development Kit 12 SP3:kernel-obs-build-4.4.175-94.79.1.aarch64",
"SUSE Linux Enterprise Software Development Kit 12 SP3:kernel-obs-build-4.4.175-94.79.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP3:kernel-obs-build-4.4.175-94.79.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP3:kernel-obs-build-4.4.175-94.79.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 12 SP3:kernel-default-extra-4.4.175-94.79.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2019-3460",
"url": "https://www.suse.com/security/cve/CVE-2019-3460"
},
{
"category": "external",
"summary": "SUSE Bug 1120758 for CVE-2019-3460",
"url": "https://bugzilla.suse.com/1120758"
},
{
"category": "external",
"summary": "SUSE Bug 1155131 for CVE-2019-3460",
"url": "https://bugzilla.suse.com/1155131"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Desktop 12 SP3:kernel-default-4.4.175-94.79.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP3:kernel-default-devel-4.4.175-94.79.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP3:kernel-default-extra-4.4.175-94.79.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP3:kernel-devel-4.4.175-94.79.1.noarch",
"SUSE Linux Enterprise Desktop 12 SP3:kernel-macros-4.4.175-94.79.1.noarch",
"SUSE Linux Enterprise Desktop 12 SP3:kernel-source-4.4.175-94.79.1.noarch",
"SUSE Linux Enterprise Desktop 12 SP3:kernel-syms-4.4.175-94.79.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP3:cluster-md-kmp-default-4.4.175-94.79.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP3:cluster-md-kmp-default-4.4.175-94.79.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP3:cluster-md-kmp-default-4.4.175-94.79.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP3:dlm-kmp-default-4.4.175-94.79.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP3:dlm-kmp-default-4.4.175-94.79.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP3:dlm-kmp-default-4.4.175-94.79.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP3:gfs2-kmp-default-4.4.175-94.79.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP3:gfs2-kmp-default-4.4.175-94.79.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP3:gfs2-kmp-default-4.4.175-94.79.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP3:ocfs2-kmp-default-4.4.175-94.79.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP3:ocfs2-kmp-default-4.4.175-94.79.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP3:ocfs2-kmp-default-4.4.175-94.79.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP3:kgraft-patch-4_4_175-94_79-default-1-4.7.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP3:kgraft-patch-4_4_175-94_79-default-1-4.7.1.x86_64",
"SUSE Linux Enterprise Server 12 SP3:kernel-default-4.4.175-94.79.1.aarch64",
"SUSE Linux Enterprise Server 12 SP3:kernel-default-4.4.175-94.79.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP3:kernel-default-4.4.175-94.79.1.s390x",
"SUSE Linux Enterprise Server 12 SP3:kernel-default-4.4.175-94.79.1.x86_64",
"SUSE Linux Enterprise Server 12 SP3:kernel-default-base-4.4.175-94.79.1.aarch64",
"SUSE Linux Enterprise Server 12 SP3:kernel-default-base-4.4.175-94.79.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP3:kernel-default-base-4.4.175-94.79.1.s390x",
"SUSE Linux Enterprise Server 12 SP3:kernel-default-base-4.4.175-94.79.1.x86_64",
"SUSE Linux Enterprise Server 12 SP3:kernel-default-devel-4.4.175-94.79.1.aarch64",
"SUSE Linux Enterprise Server 12 SP3:kernel-default-devel-4.4.175-94.79.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP3:kernel-default-devel-4.4.175-94.79.1.s390x",
"SUSE Linux Enterprise Server 12 SP3:kernel-default-devel-4.4.175-94.79.1.x86_64",
"SUSE Linux Enterprise Server 12 SP3:kernel-default-man-4.4.175-94.79.1.s390x",
"SUSE Linux Enterprise Server 12 SP3:kernel-devel-4.4.175-94.79.1.noarch",
"SUSE Linux Enterprise Server 12 SP3:kernel-macros-4.4.175-94.79.1.noarch",
"SUSE Linux Enterprise Server 12 SP3:kernel-source-4.4.175-94.79.1.noarch",
"SUSE Linux Enterprise Server 12 SP3:kernel-syms-4.4.175-94.79.1.aarch64",
"SUSE Linux Enterprise Server 12 SP3:kernel-syms-4.4.175-94.79.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP3:kernel-syms-4.4.175-94.79.1.s390x",
"SUSE Linux Enterprise Server 12 SP3:kernel-syms-4.4.175-94.79.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-4.4.175-94.79.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-4.4.175-94.79.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-4.4.175-94.79.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-4.4.175-94.79.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-base-4.4.175-94.79.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-base-4.4.175-94.79.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-base-4.4.175-94.79.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-base-4.4.175-94.79.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-devel-4.4.175-94.79.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-devel-4.4.175-94.79.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-devel-4.4.175-94.79.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-devel-4.4.175-94.79.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-man-4.4.175-94.79.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-devel-4.4.175-94.79.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-macros-4.4.175-94.79.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-source-4.4.175-94.79.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-syms-4.4.175-94.79.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-syms-4.4.175-94.79.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-syms-4.4.175-94.79.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-syms-4.4.175-94.79.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP3:kernel-docs-4.4.175-94.79.1.noarch",
"SUSE Linux Enterprise Software Development Kit 12 SP3:kernel-obs-build-4.4.175-94.79.1.aarch64",
"SUSE Linux Enterprise Software Development Kit 12 SP3:kernel-obs-build-4.4.175-94.79.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP3:kernel-obs-build-4.4.175-94.79.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP3:kernel-obs-build-4.4.175-94.79.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 12 SP3:kernel-default-extra-4.4.175-94.79.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 2.6,
"baseSeverity": "LOW",
"vectorString": "CVSS:3.0/AV:A/AC:H/PR:N/UI:R/S:U/C:N/I:N/A:L",
"version": "3.0"
},
"products": [
"SUSE Linux Enterprise Desktop 12 SP3:kernel-default-4.4.175-94.79.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP3:kernel-default-devel-4.4.175-94.79.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP3:kernel-default-extra-4.4.175-94.79.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP3:kernel-devel-4.4.175-94.79.1.noarch",
"SUSE Linux Enterprise Desktop 12 SP3:kernel-macros-4.4.175-94.79.1.noarch",
"SUSE Linux Enterprise Desktop 12 SP3:kernel-source-4.4.175-94.79.1.noarch",
"SUSE Linux Enterprise Desktop 12 SP3:kernel-syms-4.4.175-94.79.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP3:cluster-md-kmp-default-4.4.175-94.79.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP3:cluster-md-kmp-default-4.4.175-94.79.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP3:cluster-md-kmp-default-4.4.175-94.79.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP3:dlm-kmp-default-4.4.175-94.79.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP3:dlm-kmp-default-4.4.175-94.79.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP3:dlm-kmp-default-4.4.175-94.79.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP3:gfs2-kmp-default-4.4.175-94.79.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP3:gfs2-kmp-default-4.4.175-94.79.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP3:gfs2-kmp-default-4.4.175-94.79.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP3:ocfs2-kmp-default-4.4.175-94.79.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP3:ocfs2-kmp-default-4.4.175-94.79.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP3:ocfs2-kmp-default-4.4.175-94.79.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP3:kgraft-patch-4_4_175-94_79-default-1-4.7.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP3:kgraft-patch-4_4_175-94_79-default-1-4.7.1.x86_64",
"SUSE Linux Enterprise Server 12 SP3:kernel-default-4.4.175-94.79.1.aarch64",
"SUSE Linux Enterprise Server 12 SP3:kernel-default-4.4.175-94.79.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP3:kernel-default-4.4.175-94.79.1.s390x",
"SUSE Linux Enterprise Server 12 SP3:kernel-default-4.4.175-94.79.1.x86_64",
"SUSE Linux Enterprise Server 12 SP3:kernel-default-base-4.4.175-94.79.1.aarch64",
"SUSE Linux Enterprise Server 12 SP3:kernel-default-base-4.4.175-94.79.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP3:kernel-default-base-4.4.175-94.79.1.s390x",
"SUSE Linux Enterprise Server 12 SP3:kernel-default-base-4.4.175-94.79.1.x86_64",
"SUSE Linux Enterprise Server 12 SP3:kernel-default-devel-4.4.175-94.79.1.aarch64",
"SUSE Linux Enterprise Server 12 SP3:kernel-default-devel-4.4.175-94.79.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP3:kernel-default-devel-4.4.175-94.79.1.s390x",
"SUSE Linux Enterprise Server 12 SP3:kernel-default-devel-4.4.175-94.79.1.x86_64",
"SUSE Linux Enterprise Server 12 SP3:kernel-default-man-4.4.175-94.79.1.s390x",
"SUSE Linux Enterprise Server 12 SP3:kernel-devel-4.4.175-94.79.1.noarch",
"SUSE Linux Enterprise Server 12 SP3:kernel-macros-4.4.175-94.79.1.noarch",
"SUSE Linux Enterprise Server 12 SP3:kernel-source-4.4.175-94.79.1.noarch",
"SUSE Linux Enterprise Server 12 SP3:kernel-syms-4.4.175-94.79.1.aarch64",
"SUSE Linux Enterprise Server 12 SP3:kernel-syms-4.4.175-94.79.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP3:kernel-syms-4.4.175-94.79.1.s390x",
"SUSE Linux Enterprise Server 12 SP3:kernel-syms-4.4.175-94.79.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-4.4.175-94.79.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-4.4.175-94.79.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-4.4.175-94.79.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-4.4.175-94.79.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-base-4.4.175-94.79.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-base-4.4.175-94.79.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-base-4.4.175-94.79.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-base-4.4.175-94.79.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-devel-4.4.175-94.79.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-devel-4.4.175-94.79.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-devel-4.4.175-94.79.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-devel-4.4.175-94.79.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-man-4.4.175-94.79.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-devel-4.4.175-94.79.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-macros-4.4.175-94.79.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-source-4.4.175-94.79.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-syms-4.4.175-94.79.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-syms-4.4.175-94.79.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-syms-4.4.175-94.79.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-syms-4.4.175-94.79.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP3:kernel-docs-4.4.175-94.79.1.noarch",
"SUSE Linux Enterprise Software Development Kit 12 SP3:kernel-obs-build-4.4.175-94.79.1.aarch64",
"SUSE Linux Enterprise Software Development Kit 12 SP3:kernel-obs-build-4.4.175-94.79.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP3:kernel-obs-build-4.4.175-94.79.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP3:kernel-obs-build-4.4.175-94.79.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 12 SP3:kernel-default-extra-4.4.175-94.79.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2019-03-04T16:45:36Z",
"details": "moderate"
}
],
"title": "CVE-2019-3460"
},
{
"cve": "CVE-2019-6974",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2019-6974"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel before 4.20.8, kvm_ioctl_create_device in virt/kvm/kvm_main.c mishandles reference counting because of a race condition, leading to a use-after-free.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Desktop 12 SP3:kernel-default-4.4.175-94.79.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP3:kernel-default-devel-4.4.175-94.79.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP3:kernel-default-extra-4.4.175-94.79.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP3:kernel-devel-4.4.175-94.79.1.noarch",
"SUSE Linux Enterprise Desktop 12 SP3:kernel-macros-4.4.175-94.79.1.noarch",
"SUSE Linux Enterprise Desktop 12 SP3:kernel-source-4.4.175-94.79.1.noarch",
"SUSE Linux Enterprise Desktop 12 SP3:kernel-syms-4.4.175-94.79.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP3:cluster-md-kmp-default-4.4.175-94.79.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP3:cluster-md-kmp-default-4.4.175-94.79.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP3:cluster-md-kmp-default-4.4.175-94.79.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP3:dlm-kmp-default-4.4.175-94.79.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP3:dlm-kmp-default-4.4.175-94.79.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP3:dlm-kmp-default-4.4.175-94.79.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP3:gfs2-kmp-default-4.4.175-94.79.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP3:gfs2-kmp-default-4.4.175-94.79.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP3:gfs2-kmp-default-4.4.175-94.79.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP3:ocfs2-kmp-default-4.4.175-94.79.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP3:ocfs2-kmp-default-4.4.175-94.79.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP3:ocfs2-kmp-default-4.4.175-94.79.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP3:kgraft-patch-4_4_175-94_79-default-1-4.7.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP3:kgraft-patch-4_4_175-94_79-default-1-4.7.1.x86_64",
"SUSE Linux Enterprise Server 12 SP3:kernel-default-4.4.175-94.79.1.aarch64",
"SUSE Linux Enterprise Server 12 SP3:kernel-default-4.4.175-94.79.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP3:kernel-default-4.4.175-94.79.1.s390x",
"SUSE Linux Enterprise Server 12 SP3:kernel-default-4.4.175-94.79.1.x86_64",
"SUSE Linux Enterprise Server 12 SP3:kernel-default-base-4.4.175-94.79.1.aarch64",
"SUSE Linux Enterprise Server 12 SP3:kernel-default-base-4.4.175-94.79.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP3:kernel-default-base-4.4.175-94.79.1.s390x",
"SUSE Linux Enterprise Server 12 SP3:kernel-default-base-4.4.175-94.79.1.x86_64",
"SUSE Linux Enterprise Server 12 SP3:kernel-default-devel-4.4.175-94.79.1.aarch64",
"SUSE Linux Enterprise Server 12 SP3:kernel-default-devel-4.4.175-94.79.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP3:kernel-default-devel-4.4.175-94.79.1.s390x",
"SUSE Linux Enterprise Server 12 SP3:kernel-default-devel-4.4.175-94.79.1.x86_64",
"SUSE Linux Enterprise Server 12 SP3:kernel-default-man-4.4.175-94.79.1.s390x",
"SUSE Linux Enterprise Server 12 SP3:kernel-devel-4.4.175-94.79.1.noarch",
"SUSE Linux Enterprise Server 12 SP3:kernel-macros-4.4.175-94.79.1.noarch",
"SUSE Linux Enterprise Server 12 SP3:kernel-source-4.4.175-94.79.1.noarch",
"SUSE Linux Enterprise Server 12 SP3:kernel-syms-4.4.175-94.79.1.aarch64",
"SUSE Linux Enterprise Server 12 SP3:kernel-syms-4.4.175-94.79.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP3:kernel-syms-4.4.175-94.79.1.s390x",
"SUSE Linux Enterprise Server 12 SP3:kernel-syms-4.4.175-94.79.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-4.4.175-94.79.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-4.4.175-94.79.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-4.4.175-94.79.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-4.4.175-94.79.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-base-4.4.175-94.79.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-base-4.4.175-94.79.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-base-4.4.175-94.79.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-base-4.4.175-94.79.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-devel-4.4.175-94.79.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-devel-4.4.175-94.79.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-devel-4.4.175-94.79.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-devel-4.4.175-94.79.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-man-4.4.175-94.79.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-devel-4.4.175-94.79.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-macros-4.4.175-94.79.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-source-4.4.175-94.79.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-syms-4.4.175-94.79.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-syms-4.4.175-94.79.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-syms-4.4.175-94.79.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-syms-4.4.175-94.79.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP3:kernel-docs-4.4.175-94.79.1.noarch",
"SUSE Linux Enterprise Software Development Kit 12 SP3:kernel-obs-build-4.4.175-94.79.1.aarch64",
"SUSE Linux Enterprise Software Development Kit 12 SP3:kernel-obs-build-4.4.175-94.79.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP3:kernel-obs-build-4.4.175-94.79.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP3:kernel-obs-build-4.4.175-94.79.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 12 SP3:kernel-default-extra-4.4.175-94.79.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2019-6974",
"url": "https://www.suse.com/security/cve/CVE-2019-6974"
},
{
"category": "external",
"summary": "SUSE Bug 1124728 for CVE-2019-6974",
"url": "https://bugzilla.suse.com/1124728"
},
{
"category": "external",
"summary": "SUSE Bug 1124729 for CVE-2019-6974",
"url": "https://bugzilla.suse.com/1124729"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Desktop 12 SP3:kernel-default-4.4.175-94.79.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP3:kernel-default-devel-4.4.175-94.79.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP3:kernel-default-extra-4.4.175-94.79.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP3:kernel-devel-4.4.175-94.79.1.noarch",
"SUSE Linux Enterprise Desktop 12 SP3:kernel-macros-4.4.175-94.79.1.noarch",
"SUSE Linux Enterprise Desktop 12 SP3:kernel-source-4.4.175-94.79.1.noarch",
"SUSE Linux Enterprise Desktop 12 SP3:kernel-syms-4.4.175-94.79.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP3:cluster-md-kmp-default-4.4.175-94.79.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP3:cluster-md-kmp-default-4.4.175-94.79.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP3:cluster-md-kmp-default-4.4.175-94.79.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP3:dlm-kmp-default-4.4.175-94.79.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP3:dlm-kmp-default-4.4.175-94.79.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP3:dlm-kmp-default-4.4.175-94.79.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP3:gfs2-kmp-default-4.4.175-94.79.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP3:gfs2-kmp-default-4.4.175-94.79.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP3:gfs2-kmp-default-4.4.175-94.79.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP3:ocfs2-kmp-default-4.4.175-94.79.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP3:ocfs2-kmp-default-4.4.175-94.79.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP3:ocfs2-kmp-default-4.4.175-94.79.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP3:kgraft-patch-4_4_175-94_79-default-1-4.7.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP3:kgraft-patch-4_4_175-94_79-default-1-4.7.1.x86_64",
"SUSE Linux Enterprise Server 12 SP3:kernel-default-4.4.175-94.79.1.aarch64",
"SUSE Linux Enterprise Server 12 SP3:kernel-default-4.4.175-94.79.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP3:kernel-default-4.4.175-94.79.1.s390x",
"SUSE Linux Enterprise Server 12 SP3:kernel-default-4.4.175-94.79.1.x86_64",
"SUSE Linux Enterprise Server 12 SP3:kernel-default-base-4.4.175-94.79.1.aarch64",
"SUSE Linux Enterprise Server 12 SP3:kernel-default-base-4.4.175-94.79.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP3:kernel-default-base-4.4.175-94.79.1.s390x",
"SUSE Linux Enterprise Server 12 SP3:kernel-default-base-4.4.175-94.79.1.x86_64",
"SUSE Linux Enterprise Server 12 SP3:kernel-default-devel-4.4.175-94.79.1.aarch64",
"SUSE Linux Enterprise Server 12 SP3:kernel-default-devel-4.4.175-94.79.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP3:kernel-default-devel-4.4.175-94.79.1.s390x",
"SUSE Linux Enterprise Server 12 SP3:kernel-default-devel-4.4.175-94.79.1.x86_64",
"SUSE Linux Enterprise Server 12 SP3:kernel-default-man-4.4.175-94.79.1.s390x",
"SUSE Linux Enterprise Server 12 SP3:kernel-devel-4.4.175-94.79.1.noarch",
"SUSE Linux Enterprise Server 12 SP3:kernel-macros-4.4.175-94.79.1.noarch",
"SUSE Linux Enterprise Server 12 SP3:kernel-source-4.4.175-94.79.1.noarch",
"SUSE Linux Enterprise Server 12 SP3:kernel-syms-4.4.175-94.79.1.aarch64",
"SUSE Linux Enterprise Server 12 SP3:kernel-syms-4.4.175-94.79.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP3:kernel-syms-4.4.175-94.79.1.s390x",
"SUSE Linux Enterprise Server 12 SP3:kernel-syms-4.4.175-94.79.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-4.4.175-94.79.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-4.4.175-94.79.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-4.4.175-94.79.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-4.4.175-94.79.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-base-4.4.175-94.79.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-base-4.4.175-94.79.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-base-4.4.175-94.79.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-base-4.4.175-94.79.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-devel-4.4.175-94.79.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-devel-4.4.175-94.79.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-devel-4.4.175-94.79.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-devel-4.4.175-94.79.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-man-4.4.175-94.79.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-devel-4.4.175-94.79.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-macros-4.4.175-94.79.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-source-4.4.175-94.79.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-syms-4.4.175-94.79.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-syms-4.4.175-94.79.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-syms-4.4.175-94.79.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-syms-4.4.175-94.79.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP3:kernel-docs-4.4.175-94.79.1.noarch",
"SUSE Linux Enterprise Software Development Kit 12 SP3:kernel-obs-build-4.4.175-94.79.1.aarch64",
"SUSE Linux Enterprise Software Development Kit 12 SP3:kernel-obs-build-4.4.175-94.79.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP3:kernel-obs-build-4.4.175-94.79.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP3:kernel-obs-build-4.4.175-94.79.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 12 SP3:kernel-default-extra-4.4.175-94.79.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H",
"version": "3.0"
},
"products": [
"SUSE Linux Enterprise Desktop 12 SP3:kernel-default-4.4.175-94.79.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP3:kernel-default-devel-4.4.175-94.79.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP3:kernel-default-extra-4.4.175-94.79.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP3:kernel-devel-4.4.175-94.79.1.noarch",
"SUSE Linux Enterprise Desktop 12 SP3:kernel-macros-4.4.175-94.79.1.noarch",
"SUSE Linux Enterprise Desktop 12 SP3:kernel-source-4.4.175-94.79.1.noarch",
"SUSE Linux Enterprise Desktop 12 SP3:kernel-syms-4.4.175-94.79.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP3:cluster-md-kmp-default-4.4.175-94.79.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP3:cluster-md-kmp-default-4.4.175-94.79.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP3:cluster-md-kmp-default-4.4.175-94.79.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP3:dlm-kmp-default-4.4.175-94.79.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP3:dlm-kmp-default-4.4.175-94.79.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP3:dlm-kmp-default-4.4.175-94.79.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP3:gfs2-kmp-default-4.4.175-94.79.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP3:gfs2-kmp-default-4.4.175-94.79.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP3:gfs2-kmp-default-4.4.175-94.79.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP3:ocfs2-kmp-default-4.4.175-94.79.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP3:ocfs2-kmp-default-4.4.175-94.79.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP3:ocfs2-kmp-default-4.4.175-94.79.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP3:kgraft-patch-4_4_175-94_79-default-1-4.7.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP3:kgraft-patch-4_4_175-94_79-default-1-4.7.1.x86_64",
"SUSE Linux Enterprise Server 12 SP3:kernel-default-4.4.175-94.79.1.aarch64",
"SUSE Linux Enterprise Server 12 SP3:kernel-default-4.4.175-94.79.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP3:kernel-default-4.4.175-94.79.1.s390x",
"SUSE Linux Enterprise Server 12 SP3:kernel-default-4.4.175-94.79.1.x86_64",
"SUSE Linux Enterprise Server 12 SP3:kernel-default-base-4.4.175-94.79.1.aarch64",
"SUSE Linux Enterprise Server 12 SP3:kernel-default-base-4.4.175-94.79.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP3:kernel-default-base-4.4.175-94.79.1.s390x",
"SUSE Linux Enterprise Server 12 SP3:kernel-default-base-4.4.175-94.79.1.x86_64",
"SUSE Linux Enterprise Server 12 SP3:kernel-default-devel-4.4.175-94.79.1.aarch64",
"SUSE Linux Enterprise Server 12 SP3:kernel-default-devel-4.4.175-94.79.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP3:kernel-default-devel-4.4.175-94.79.1.s390x",
"SUSE Linux Enterprise Server 12 SP3:kernel-default-devel-4.4.175-94.79.1.x86_64",
"SUSE Linux Enterprise Server 12 SP3:kernel-default-man-4.4.175-94.79.1.s390x",
"SUSE Linux Enterprise Server 12 SP3:kernel-devel-4.4.175-94.79.1.noarch",
"SUSE Linux Enterprise Server 12 SP3:kernel-macros-4.4.175-94.79.1.noarch",
"SUSE Linux Enterprise Server 12 SP3:kernel-source-4.4.175-94.79.1.noarch",
"SUSE Linux Enterprise Server 12 SP3:kernel-syms-4.4.175-94.79.1.aarch64",
"SUSE Linux Enterprise Server 12 SP3:kernel-syms-4.4.175-94.79.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP3:kernel-syms-4.4.175-94.79.1.s390x",
"SUSE Linux Enterprise Server 12 SP3:kernel-syms-4.4.175-94.79.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-4.4.175-94.79.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-4.4.175-94.79.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-4.4.175-94.79.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-4.4.175-94.79.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-base-4.4.175-94.79.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-base-4.4.175-94.79.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-base-4.4.175-94.79.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-base-4.4.175-94.79.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-devel-4.4.175-94.79.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-devel-4.4.175-94.79.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-devel-4.4.175-94.79.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-devel-4.4.175-94.79.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-man-4.4.175-94.79.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-devel-4.4.175-94.79.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-macros-4.4.175-94.79.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-source-4.4.175-94.79.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-syms-4.4.175-94.79.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-syms-4.4.175-94.79.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-syms-4.4.175-94.79.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-syms-4.4.175-94.79.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP3:kernel-docs-4.4.175-94.79.1.noarch",
"SUSE Linux Enterprise Software Development Kit 12 SP3:kernel-obs-build-4.4.175-94.79.1.aarch64",
"SUSE Linux Enterprise Software Development Kit 12 SP3:kernel-obs-build-4.4.175-94.79.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP3:kernel-obs-build-4.4.175-94.79.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP3:kernel-obs-build-4.4.175-94.79.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 12 SP3:kernel-default-extra-4.4.175-94.79.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2019-03-04T16:45:36Z",
"details": "moderate"
}
],
"title": "CVE-2019-6974"
},
{
"cve": "CVE-2019-7221",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2019-7221"
}
],
"notes": [
{
"category": "general",
"text": "The KVM implementation in the Linux kernel through 4.20.5 has a Use-after-Free.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Desktop 12 SP3:kernel-default-4.4.175-94.79.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP3:kernel-default-devel-4.4.175-94.79.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP3:kernel-default-extra-4.4.175-94.79.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP3:kernel-devel-4.4.175-94.79.1.noarch",
"SUSE Linux Enterprise Desktop 12 SP3:kernel-macros-4.4.175-94.79.1.noarch",
"SUSE Linux Enterprise Desktop 12 SP3:kernel-source-4.4.175-94.79.1.noarch",
"SUSE Linux Enterprise Desktop 12 SP3:kernel-syms-4.4.175-94.79.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP3:cluster-md-kmp-default-4.4.175-94.79.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP3:cluster-md-kmp-default-4.4.175-94.79.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP3:cluster-md-kmp-default-4.4.175-94.79.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP3:dlm-kmp-default-4.4.175-94.79.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP3:dlm-kmp-default-4.4.175-94.79.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP3:dlm-kmp-default-4.4.175-94.79.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP3:gfs2-kmp-default-4.4.175-94.79.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP3:gfs2-kmp-default-4.4.175-94.79.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP3:gfs2-kmp-default-4.4.175-94.79.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP3:ocfs2-kmp-default-4.4.175-94.79.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP3:ocfs2-kmp-default-4.4.175-94.79.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP3:ocfs2-kmp-default-4.4.175-94.79.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP3:kgraft-patch-4_4_175-94_79-default-1-4.7.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP3:kgraft-patch-4_4_175-94_79-default-1-4.7.1.x86_64",
"SUSE Linux Enterprise Server 12 SP3:kernel-default-4.4.175-94.79.1.aarch64",
"SUSE Linux Enterprise Server 12 SP3:kernel-default-4.4.175-94.79.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP3:kernel-default-4.4.175-94.79.1.s390x",
"SUSE Linux Enterprise Server 12 SP3:kernel-default-4.4.175-94.79.1.x86_64",
"SUSE Linux Enterprise Server 12 SP3:kernel-default-base-4.4.175-94.79.1.aarch64",
"SUSE Linux Enterprise Server 12 SP3:kernel-default-base-4.4.175-94.79.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP3:kernel-default-base-4.4.175-94.79.1.s390x",
"SUSE Linux Enterprise Server 12 SP3:kernel-default-base-4.4.175-94.79.1.x86_64",
"SUSE Linux Enterprise Server 12 SP3:kernel-default-devel-4.4.175-94.79.1.aarch64",
"SUSE Linux Enterprise Server 12 SP3:kernel-default-devel-4.4.175-94.79.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP3:kernel-default-devel-4.4.175-94.79.1.s390x",
"SUSE Linux Enterprise Server 12 SP3:kernel-default-devel-4.4.175-94.79.1.x86_64",
"SUSE Linux Enterprise Server 12 SP3:kernel-default-man-4.4.175-94.79.1.s390x",
"SUSE Linux Enterprise Server 12 SP3:kernel-devel-4.4.175-94.79.1.noarch",
"SUSE Linux Enterprise Server 12 SP3:kernel-macros-4.4.175-94.79.1.noarch",
"SUSE Linux Enterprise Server 12 SP3:kernel-source-4.4.175-94.79.1.noarch",
"SUSE Linux Enterprise Server 12 SP3:kernel-syms-4.4.175-94.79.1.aarch64",
"SUSE Linux Enterprise Server 12 SP3:kernel-syms-4.4.175-94.79.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP3:kernel-syms-4.4.175-94.79.1.s390x",
"SUSE Linux Enterprise Server 12 SP3:kernel-syms-4.4.175-94.79.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-4.4.175-94.79.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-4.4.175-94.79.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-4.4.175-94.79.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-4.4.175-94.79.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-base-4.4.175-94.79.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-base-4.4.175-94.79.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-base-4.4.175-94.79.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-base-4.4.175-94.79.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-devel-4.4.175-94.79.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-devel-4.4.175-94.79.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-devel-4.4.175-94.79.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-devel-4.4.175-94.79.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-man-4.4.175-94.79.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-devel-4.4.175-94.79.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-macros-4.4.175-94.79.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-source-4.4.175-94.79.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-syms-4.4.175-94.79.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-syms-4.4.175-94.79.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-syms-4.4.175-94.79.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-syms-4.4.175-94.79.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP3:kernel-docs-4.4.175-94.79.1.noarch",
"SUSE Linux Enterprise Software Development Kit 12 SP3:kernel-obs-build-4.4.175-94.79.1.aarch64",
"SUSE Linux Enterprise Software Development Kit 12 SP3:kernel-obs-build-4.4.175-94.79.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP3:kernel-obs-build-4.4.175-94.79.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP3:kernel-obs-build-4.4.175-94.79.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 12 SP3:kernel-default-extra-4.4.175-94.79.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2019-7221",
"url": "https://www.suse.com/security/cve/CVE-2019-7221"
},
{
"category": "external",
"summary": "SUSE Bug 1124732 for CVE-2019-7221",
"url": "https://bugzilla.suse.com/1124732"
},
{
"category": "external",
"summary": "SUSE Bug 1124734 for CVE-2019-7221",
"url": "https://bugzilla.suse.com/1124734"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Desktop 12 SP3:kernel-default-4.4.175-94.79.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP3:kernel-default-devel-4.4.175-94.79.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP3:kernel-default-extra-4.4.175-94.79.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP3:kernel-devel-4.4.175-94.79.1.noarch",
"SUSE Linux Enterprise Desktop 12 SP3:kernel-macros-4.4.175-94.79.1.noarch",
"SUSE Linux Enterprise Desktop 12 SP3:kernel-source-4.4.175-94.79.1.noarch",
"SUSE Linux Enterprise Desktop 12 SP3:kernel-syms-4.4.175-94.79.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP3:cluster-md-kmp-default-4.4.175-94.79.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP3:cluster-md-kmp-default-4.4.175-94.79.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP3:cluster-md-kmp-default-4.4.175-94.79.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP3:dlm-kmp-default-4.4.175-94.79.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP3:dlm-kmp-default-4.4.175-94.79.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP3:dlm-kmp-default-4.4.175-94.79.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP3:gfs2-kmp-default-4.4.175-94.79.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP3:gfs2-kmp-default-4.4.175-94.79.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP3:gfs2-kmp-default-4.4.175-94.79.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP3:ocfs2-kmp-default-4.4.175-94.79.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP3:ocfs2-kmp-default-4.4.175-94.79.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP3:ocfs2-kmp-default-4.4.175-94.79.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP3:kgraft-patch-4_4_175-94_79-default-1-4.7.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP3:kgraft-patch-4_4_175-94_79-default-1-4.7.1.x86_64",
"SUSE Linux Enterprise Server 12 SP3:kernel-default-4.4.175-94.79.1.aarch64",
"SUSE Linux Enterprise Server 12 SP3:kernel-default-4.4.175-94.79.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP3:kernel-default-4.4.175-94.79.1.s390x",
"SUSE Linux Enterprise Server 12 SP3:kernel-default-4.4.175-94.79.1.x86_64",
"SUSE Linux Enterprise Server 12 SP3:kernel-default-base-4.4.175-94.79.1.aarch64",
"SUSE Linux Enterprise Server 12 SP3:kernel-default-base-4.4.175-94.79.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP3:kernel-default-base-4.4.175-94.79.1.s390x",
"SUSE Linux Enterprise Server 12 SP3:kernel-default-base-4.4.175-94.79.1.x86_64",
"SUSE Linux Enterprise Server 12 SP3:kernel-default-devel-4.4.175-94.79.1.aarch64",
"SUSE Linux Enterprise Server 12 SP3:kernel-default-devel-4.4.175-94.79.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP3:kernel-default-devel-4.4.175-94.79.1.s390x",
"SUSE Linux Enterprise Server 12 SP3:kernel-default-devel-4.4.175-94.79.1.x86_64",
"SUSE Linux Enterprise Server 12 SP3:kernel-default-man-4.4.175-94.79.1.s390x",
"SUSE Linux Enterprise Server 12 SP3:kernel-devel-4.4.175-94.79.1.noarch",
"SUSE Linux Enterprise Server 12 SP3:kernel-macros-4.4.175-94.79.1.noarch",
"SUSE Linux Enterprise Server 12 SP3:kernel-source-4.4.175-94.79.1.noarch",
"SUSE Linux Enterprise Server 12 SP3:kernel-syms-4.4.175-94.79.1.aarch64",
"SUSE Linux Enterprise Server 12 SP3:kernel-syms-4.4.175-94.79.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP3:kernel-syms-4.4.175-94.79.1.s390x",
"SUSE Linux Enterprise Server 12 SP3:kernel-syms-4.4.175-94.79.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-4.4.175-94.79.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-4.4.175-94.79.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-4.4.175-94.79.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-4.4.175-94.79.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-base-4.4.175-94.79.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-base-4.4.175-94.79.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-base-4.4.175-94.79.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-base-4.4.175-94.79.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-devel-4.4.175-94.79.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-devel-4.4.175-94.79.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-devel-4.4.175-94.79.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-devel-4.4.175-94.79.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-man-4.4.175-94.79.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-devel-4.4.175-94.79.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-macros-4.4.175-94.79.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-source-4.4.175-94.79.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-syms-4.4.175-94.79.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-syms-4.4.175-94.79.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-syms-4.4.175-94.79.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-syms-4.4.175-94.79.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP3:kernel-docs-4.4.175-94.79.1.noarch",
"SUSE Linux Enterprise Software Development Kit 12 SP3:kernel-obs-build-4.4.175-94.79.1.aarch64",
"SUSE Linux Enterprise Software Development Kit 12 SP3:kernel-obs-build-4.4.175-94.79.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP3:kernel-obs-build-4.4.175-94.79.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP3:kernel-obs-build-4.4.175-94.79.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 12 SP3:kernel-default-extra-4.4.175-94.79.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.0/AV:L/AC:H/PR:H/UI:N/S:C/C:H/I:H/A:H",
"version": "3.0"
},
"products": [
"SUSE Linux Enterprise Desktop 12 SP3:kernel-default-4.4.175-94.79.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP3:kernel-default-devel-4.4.175-94.79.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP3:kernel-default-extra-4.4.175-94.79.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP3:kernel-devel-4.4.175-94.79.1.noarch",
"SUSE Linux Enterprise Desktop 12 SP3:kernel-macros-4.4.175-94.79.1.noarch",
"SUSE Linux Enterprise Desktop 12 SP3:kernel-source-4.4.175-94.79.1.noarch",
"SUSE Linux Enterprise Desktop 12 SP3:kernel-syms-4.4.175-94.79.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP3:cluster-md-kmp-default-4.4.175-94.79.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP3:cluster-md-kmp-default-4.4.175-94.79.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP3:cluster-md-kmp-default-4.4.175-94.79.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP3:dlm-kmp-default-4.4.175-94.79.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP3:dlm-kmp-default-4.4.175-94.79.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP3:dlm-kmp-default-4.4.175-94.79.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP3:gfs2-kmp-default-4.4.175-94.79.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP3:gfs2-kmp-default-4.4.175-94.79.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP3:gfs2-kmp-default-4.4.175-94.79.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP3:ocfs2-kmp-default-4.4.175-94.79.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP3:ocfs2-kmp-default-4.4.175-94.79.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP3:ocfs2-kmp-default-4.4.175-94.79.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP3:kgraft-patch-4_4_175-94_79-default-1-4.7.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP3:kgraft-patch-4_4_175-94_79-default-1-4.7.1.x86_64",
"SUSE Linux Enterprise Server 12 SP3:kernel-default-4.4.175-94.79.1.aarch64",
"SUSE Linux Enterprise Server 12 SP3:kernel-default-4.4.175-94.79.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP3:kernel-default-4.4.175-94.79.1.s390x",
"SUSE Linux Enterprise Server 12 SP3:kernel-default-4.4.175-94.79.1.x86_64",
"SUSE Linux Enterprise Server 12 SP3:kernel-default-base-4.4.175-94.79.1.aarch64",
"SUSE Linux Enterprise Server 12 SP3:kernel-default-base-4.4.175-94.79.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP3:kernel-default-base-4.4.175-94.79.1.s390x",
"SUSE Linux Enterprise Server 12 SP3:kernel-default-base-4.4.175-94.79.1.x86_64",
"SUSE Linux Enterprise Server 12 SP3:kernel-default-devel-4.4.175-94.79.1.aarch64",
"SUSE Linux Enterprise Server 12 SP3:kernel-default-devel-4.4.175-94.79.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP3:kernel-default-devel-4.4.175-94.79.1.s390x",
"SUSE Linux Enterprise Server 12 SP3:kernel-default-devel-4.4.175-94.79.1.x86_64",
"SUSE Linux Enterprise Server 12 SP3:kernel-default-man-4.4.175-94.79.1.s390x",
"SUSE Linux Enterprise Server 12 SP3:kernel-devel-4.4.175-94.79.1.noarch",
"SUSE Linux Enterprise Server 12 SP3:kernel-macros-4.4.175-94.79.1.noarch",
"SUSE Linux Enterprise Server 12 SP3:kernel-source-4.4.175-94.79.1.noarch",
"SUSE Linux Enterprise Server 12 SP3:kernel-syms-4.4.175-94.79.1.aarch64",
"SUSE Linux Enterprise Server 12 SP3:kernel-syms-4.4.175-94.79.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP3:kernel-syms-4.4.175-94.79.1.s390x",
"SUSE Linux Enterprise Server 12 SP3:kernel-syms-4.4.175-94.79.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-4.4.175-94.79.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-4.4.175-94.79.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-4.4.175-94.79.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-4.4.175-94.79.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-base-4.4.175-94.79.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-base-4.4.175-94.79.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-base-4.4.175-94.79.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-base-4.4.175-94.79.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-devel-4.4.175-94.79.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-devel-4.4.175-94.79.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-devel-4.4.175-94.79.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-devel-4.4.175-94.79.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-man-4.4.175-94.79.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-devel-4.4.175-94.79.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-macros-4.4.175-94.79.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-source-4.4.175-94.79.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-syms-4.4.175-94.79.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-syms-4.4.175-94.79.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-syms-4.4.175-94.79.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-syms-4.4.175-94.79.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP3:kernel-docs-4.4.175-94.79.1.noarch",
"SUSE Linux Enterprise Software Development Kit 12 SP3:kernel-obs-build-4.4.175-94.79.1.aarch64",
"SUSE Linux Enterprise Software Development Kit 12 SP3:kernel-obs-build-4.4.175-94.79.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP3:kernel-obs-build-4.4.175-94.79.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP3:kernel-obs-build-4.4.175-94.79.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 12 SP3:kernel-default-extra-4.4.175-94.79.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2019-03-04T16:45:36Z",
"details": "moderate"
}
],
"title": "CVE-2019-7221"
},
{
"cve": "CVE-2019-7222",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2019-7222"
}
],
"notes": [
{
"category": "general",
"text": "The KVM implementation in the Linux kernel through 4.20.5 has an Information Leak.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Desktop 12 SP3:kernel-default-4.4.175-94.79.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP3:kernel-default-devel-4.4.175-94.79.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP3:kernel-default-extra-4.4.175-94.79.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP3:kernel-devel-4.4.175-94.79.1.noarch",
"SUSE Linux Enterprise Desktop 12 SP3:kernel-macros-4.4.175-94.79.1.noarch",
"SUSE Linux Enterprise Desktop 12 SP3:kernel-source-4.4.175-94.79.1.noarch",
"SUSE Linux Enterprise Desktop 12 SP3:kernel-syms-4.4.175-94.79.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP3:cluster-md-kmp-default-4.4.175-94.79.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP3:cluster-md-kmp-default-4.4.175-94.79.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP3:cluster-md-kmp-default-4.4.175-94.79.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP3:dlm-kmp-default-4.4.175-94.79.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP3:dlm-kmp-default-4.4.175-94.79.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP3:dlm-kmp-default-4.4.175-94.79.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP3:gfs2-kmp-default-4.4.175-94.79.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP3:gfs2-kmp-default-4.4.175-94.79.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP3:gfs2-kmp-default-4.4.175-94.79.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP3:ocfs2-kmp-default-4.4.175-94.79.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP3:ocfs2-kmp-default-4.4.175-94.79.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP3:ocfs2-kmp-default-4.4.175-94.79.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP3:kgraft-patch-4_4_175-94_79-default-1-4.7.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP3:kgraft-patch-4_4_175-94_79-default-1-4.7.1.x86_64",
"SUSE Linux Enterprise Server 12 SP3:kernel-default-4.4.175-94.79.1.aarch64",
"SUSE Linux Enterprise Server 12 SP3:kernel-default-4.4.175-94.79.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP3:kernel-default-4.4.175-94.79.1.s390x",
"SUSE Linux Enterprise Server 12 SP3:kernel-default-4.4.175-94.79.1.x86_64",
"SUSE Linux Enterprise Server 12 SP3:kernel-default-base-4.4.175-94.79.1.aarch64",
"SUSE Linux Enterprise Server 12 SP3:kernel-default-base-4.4.175-94.79.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP3:kernel-default-base-4.4.175-94.79.1.s390x",
"SUSE Linux Enterprise Server 12 SP3:kernel-default-base-4.4.175-94.79.1.x86_64",
"SUSE Linux Enterprise Server 12 SP3:kernel-default-devel-4.4.175-94.79.1.aarch64",
"SUSE Linux Enterprise Server 12 SP3:kernel-default-devel-4.4.175-94.79.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP3:kernel-default-devel-4.4.175-94.79.1.s390x",
"SUSE Linux Enterprise Server 12 SP3:kernel-default-devel-4.4.175-94.79.1.x86_64",
"SUSE Linux Enterprise Server 12 SP3:kernel-default-man-4.4.175-94.79.1.s390x",
"SUSE Linux Enterprise Server 12 SP3:kernel-devel-4.4.175-94.79.1.noarch",
"SUSE Linux Enterprise Server 12 SP3:kernel-macros-4.4.175-94.79.1.noarch",
"SUSE Linux Enterprise Server 12 SP3:kernel-source-4.4.175-94.79.1.noarch",
"SUSE Linux Enterprise Server 12 SP3:kernel-syms-4.4.175-94.79.1.aarch64",
"SUSE Linux Enterprise Server 12 SP3:kernel-syms-4.4.175-94.79.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP3:kernel-syms-4.4.175-94.79.1.s390x",
"SUSE Linux Enterprise Server 12 SP3:kernel-syms-4.4.175-94.79.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-4.4.175-94.79.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-4.4.175-94.79.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-4.4.175-94.79.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-4.4.175-94.79.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-base-4.4.175-94.79.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-base-4.4.175-94.79.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-base-4.4.175-94.79.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-base-4.4.175-94.79.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-devel-4.4.175-94.79.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-devel-4.4.175-94.79.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-devel-4.4.175-94.79.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-devel-4.4.175-94.79.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-man-4.4.175-94.79.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-devel-4.4.175-94.79.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-macros-4.4.175-94.79.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-source-4.4.175-94.79.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-syms-4.4.175-94.79.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-syms-4.4.175-94.79.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-syms-4.4.175-94.79.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-syms-4.4.175-94.79.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP3:kernel-docs-4.4.175-94.79.1.noarch",
"SUSE Linux Enterprise Software Development Kit 12 SP3:kernel-obs-build-4.4.175-94.79.1.aarch64",
"SUSE Linux Enterprise Software Development Kit 12 SP3:kernel-obs-build-4.4.175-94.79.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP3:kernel-obs-build-4.4.175-94.79.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP3:kernel-obs-build-4.4.175-94.79.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 12 SP3:kernel-default-extra-4.4.175-94.79.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2019-7222",
"url": "https://www.suse.com/security/cve/CVE-2019-7222"
},
{
"category": "external",
"summary": "SUSE Bug 1124735 for CVE-2019-7222",
"url": "https://bugzilla.suse.com/1124735"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Desktop 12 SP3:kernel-default-4.4.175-94.79.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP3:kernel-default-devel-4.4.175-94.79.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP3:kernel-default-extra-4.4.175-94.79.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP3:kernel-devel-4.4.175-94.79.1.noarch",
"SUSE Linux Enterprise Desktop 12 SP3:kernel-macros-4.4.175-94.79.1.noarch",
"SUSE Linux Enterprise Desktop 12 SP3:kernel-source-4.4.175-94.79.1.noarch",
"SUSE Linux Enterprise Desktop 12 SP3:kernel-syms-4.4.175-94.79.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP3:cluster-md-kmp-default-4.4.175-94.79.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP3:cluster-md-kmp-default-4.4.175-94.79.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP3:cluster-md-kmp-default-4.4.175-94.79.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP3:dlm-kmp-default-4.4.175-94.79.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP3:dlm-kmp-default-4.4.175-94.79.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP3:dlm-kmp-default-4.4.175-94.79.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP3:gfs2-kmp-default-4.4.175-94.79.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP3:gfs2-kmp-default-4.4.175-94.79.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP3:gfs2-kmp-default-4.4.175-94.79.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP3:ocfs2-kmp-default-4.4.175-94.79.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP3:ocfs2-kmp-default-4.4.175-94.79.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP3:ocfs2-kmp-default-4.4.175-94.79.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP3:kgraft-patch-4_4_175-94_79-default-1-4.7.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP3:kgraft-patch-4_4_175-94_79-default-1-4.7.1.x86_64",
"SUSE Linux Enterprise Server 12 SP3:kernel-default-4.4.175-94.79.1.aarch64",
"SUSE Linux Enterprise Server 12 SP3:kernel-default-4.4.175-94.79.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP3:kernel-default-4.4.175-94.79.1.s390x",
"SUSE Linux Enterprise Server 12 SP3:kernel-default-4.4.175-94.79.1.x86_64",
"SUSE Linux Enterprise Server 12 SP3:kernel-default-base-4.4.175-94.79.1.aarch64",
"SUSE Linux Enterprise Server 12 SP3:kernel-default-base-4.4.175-94.79.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP3:kernel-default-base-4.4.175-94.79.1.s390x",
"SUSE Linux Enterprise Server 12 SP3:kernel-default-base-4.4.175-94.79.1.x86_64",
"SUSE Linux Enterprise Server 12 SP3:kernel-default-devel-4.4.175-94.79.1.aarch64",
"SUSE Linux Enterprise Server 12 SP3:kernel-default-devel-4.4.175-94.79.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP3:kernel-default-devel-4.4.175-94.79.1.s390x",
"SUSE Linux Enterprise Server 12 SP3:kernel-default-devel-4.4.175-94.79.1.x86_64",
"SUSE Linux Enterprise Server 12 SP3:kernel-default-man-4.4.175-94.79.1.s390x",
"SUSE Linux Enterprise Server 12 SP3:kernel-devel-4.4.175-94.79.1.noarch",
"SUSE Linux Enterprise Server 12 SP3:kernel-macros-4.4.175-94.79.1.noarch",
"SUSE Linux Enterprise Server 12 SP3:kernel-source-4.4.175-94.79.1.noarch",
"SUSE Linux Enterprise Server 12 SP3:kernel-syms-4.4.175-94.79.1.aarch64",
"SUSE Linux Enterprise Server 12 SP3:kernel-syms-4.4.175-94.79.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP3:kernel-syms-4.4.175-94.79.1.s390x",
"SUSE Linux Enterprise Server 12 SP3:kernel-syms-4.4.175-94.79.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-4.4.175-94.79.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-4.4.175-94.79.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-4.4.175-94.79.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-4.4.175-94.79.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-base-4.4.175-94.79.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-base-4.4.175-94.79.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-base-4.4.175-94.79.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-base-4.4.175-94.79.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-devel-4.4.175-94.79.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-devel-4.4.175-94.79.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-devel-4.4.175-94.79.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-devel-4.4.175-94.79.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-man-4.4.175-94.79.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-devel-4.4.175-94.79.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-macros-4.4.175-94.79.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-source-4.4.175-94.79.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-syms-4.4.175-94.79.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-syms-4.4.175-94.79.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-syms-4.4.175-94.79.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-syms-4.4.175-94.79.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP3:kernel-docs-4.4.175-94.79.1.noarch",
"SUSE Linux Enterprise Software Development Kit 12 SP3:kernel-obs-build-4.4.175-94.79.1.aarch64",
"SUSE Linux Enterprise Software Development Kit 12 SP3:kernel-obs-build-4.4.175-94.79.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP3:kernel-obs-build-4.4.175-94.79.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP3:kernel-obs-build-4.4.175-94.79.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 12 SP3:kernel-default-extra-4.4.175-94.79.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 2.8,
"baseSeverity": "LOW",
"vectorString": "CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:C/C:L/I:N/A:N",
"version": "3.0"
},
"products": [
"SUSE Linux Enterprise Desktop 12 SP3:kernel-default-4.4.175-94.79.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP3:kernel-default-devel-4.4.175-94.79.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP3:kernel-default-extra-4.4.175-94.79.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP3:kernel-devel-4.4.175-94.79.1.noarch",
"SUSE Linux Enterprise Desktop 12 SP3:kernel-macros-4.4.175-94.79.1.noarch",
"SUSE Linux Enterprise Desktop 12 SP3:kernel-source-4.4.175-94.79.1.noarch",
"SUSE Linux Enterprise Desktop 12 SP3:kernel-syms-4.4.175-94.79.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP3:cluster-md-kmp-default-4.4.175-94.79.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP3:cluster-md-kmp-default-4.4.175-94.79.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP3:cluster-md-kmp-default-4.4.175-94.79.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP3:dlm-kmp-default-4.4.175-94.79.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP3:dlm-kmp-default-4.4.175-94.79.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP3:dlm-kmp-default-4.4.175-94.79.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP3:gfs2-kmp-default-4.4.175-94.79.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP3:gfs2-kmp-default-4.4.175-94.79.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP3:gfs2-kmp-default-4.4.175-94.79.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP3:ocfs2-kmp-default-4.4.175-94.79.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP3:ocfs2-kmp-default-4.4.175-94.79.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP3:ocfs2-kmp-default-4.4.175-94.79.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP3:kgraft-patch-4_4_175-94_79-default-1-4.7.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP3:kgraft-patch-4_4_175-94_79-default-1-4.7.1.x86_64",
"SUSE Linux Enterprise Server 12 SP3:kernel-default-4.4.175-94.79.1.aarch64",
"SUSE Linux Enterprise Server 12 SP3:kernel-default-4.4.175-94.79.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP3:kernel-default-4.4.175-94.79.1.s390x",
"SUSE Linux Enterprise Server 12 SP3:kernel-default-4.4.175-94.79.1.x86_64",
"SUSE Linux Enterprise Server 12 SP3:kernel-default-base-4.4.175-94.79.1.aarch64",
"SUSE Linux Enterprise Server 12 SP3:kernel-default-base-4.4.175-94.79.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP3:kernel-default-base-4.4.175-94.79.1.s390x",
"SUSE Linux Enterprise Server 12 SP3:kernel-default-base-4.4.175-94.79.1.x86_64",
"SUSE Linux Enterprise Server 12 SP3:kernel-default-devel-4.4.175-94.79.1.aarch64",
"SUSE Linux Enterprise Server 12 SP3:kernel-default-devel-4.4.175-94.79.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP3:kernel-default-devel-4.4.175-94.79.1.s390x",
"SUSE Linux Enterprise Server 12 SP3:kernel-default-devel-4.4.175-94.79.1.x86_64",
"SUSE Linux Enterprise Server 12 SP3:kernel-default-man-4.4.175-94.79.1.s390x",
"SUSE Linux Enterprise Server 12 SP3:kernel-devel-4.4.175-94.79.1.noarch",
"SUSE Linux Enterprise Server 12 SP3:kernel-macros-4.4.175-94.79.1.noarch",
"SUSE Linux Enterprise Server 12 SP3:kernel-source-4.4.175-94.79.1.noarch",
"SUSE Linux Enterprise Server 12 SP3:kernel-syms-4.4.175-94.79.1.aarch64",
"SUSE Linux Enterprise Server 12 SP3:kernel-syms-4.4.175-94.79.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP3:kernel-syms-4.4.175-94.79.1.s390x",
"SUSE Linux Enterprise Server 12 SP3:kernel-syms-4.4.175-94.79.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-4.4.175-94.79.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-4.4.175-94.79.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-4.4.175-94.79.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-4.4.175-94.79.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-base-4.4.175-94.79.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-base-4.4.175-94.79.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-base-4.4.175-94.79.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-base-4.4.175-94.79.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-devel-4.4.175-94.79.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-devel-4.4.175-94.79.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-devel-4.4.175-94.79.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-devel-4.4.175-94.79.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-man-4.4.175-94.79.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-devel-4.4.175-94.79.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-macros-4.4.175-94.79.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-source-4.4.175-94.79.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-syms-4.4.175-94.79.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-syms-4.4.175-94.79.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-syms-4.4.175-94.79.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-syms-4.4.175-94.79.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP3:kernel-docs-4.4.175-94.79.1.noarch",
"SUSE Linux Enterprise Software Development Kit 12 SP3:kernel-obs-build-4.4.175-94.79.1.aarch64",
"SUSE Linux Enterprise Software Development Kit 12 SP3:kernel-obs-build-4.4.175-94.79.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP3:kernel-obs-build-4.4.175-94.79.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP3:kernel-obs-build-4.4.175-94.79.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 12 SP3:kernel-default-extra-4.4.175-94.79.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2019-03-04T16:45:36Z",
"details": "low"
}
],
"title": "CVE-2019-7222"
}
]
}
SUSE-SU-2019:0148-1
Vulnerability from csaf_suse - Published: 2019-01-23 16:57 - Updated: 2019-01-23 16:57Summary
Security update for the Linux Kernel
Notes
Title of the patch
Security update for the Linux Kernel
Description of the patch
The SUSE Linux Enterprise 12 SP3 kernel for Azure was updated to receive various security and bugfixes.
The following security bugs were fixed:
- CVE-2018-19407: The vcpu_scan_ioapic function in arch/x86/kvm/x86.c allowed local users to cause a denial of service (NULL pointer dereference and BUG) via crafted system calls that reach a situation where ioapic was uninitialized (bnc#1116841).
- CVE-2018-19985: The function hso_probe read if_num from the USB device (as an u8) and used it without a length check to index an array, resulting in an OOB memory read in hso_probe or hso_get_config_data that could be used by local attackers (bnc#1120743).
- CVE-2018-3639: Systems with microprocessors utilizing speculative execution and speculative execution of memory reads before the addresses of all prior memory writes are known may allow unauthorized disclosure of information to an attacker with local user access via a side-channel analysis, aka Speculative Store Bypass (SSB), Variant 4 (bnc#1087082).
- CVE-2018-1120: By mmap()ing a FUSE-backed file onto a process's memory containing command line arguments (or environment strings), an attacker can cause utilities from psutils or procps (such as ps, w) or any other program which made a read() call to the /proc/<pid>/cmdline (or /proc/<pid>/environ) files to block indefinitely (denial of service) or for some controlled time (as a synchronization primitive for other attacks) (bnc#1093158).
- CVE-2017-16939: The XFRM dump policy implementation in net/xfrm/xfrm_user.c allowed local users to gain privileges or cause a denial of service (use-after-free) via a crafted SO_RCVBUF setsockopt system call in conjunction with XFRM_MSG_GETPOLICY Netlink messages (bnc#1069702).
- CVE-2018-16884: NFS41+ shares mounted in different network namespaces at the same time can make bc_svc_process() use wrong back-channel IDs and cause a use-after-free vulnerability. Thus a malicious container user can cause a host kernel memory corruption and a system panic. Due to the nature of the flaw, privilege escalation cannot be fully ruled out (bnc#1119946).
- CVE-2018-20169: The USB subsystem mishandled size checks during the reading of an extra descriptor, related to __usb_get_extra_descriptor in drivers/usb/core/usb.c (bnc#1119714).
- CVE-2018-9568: In sk_clone_lock of sock.c, there is a possible memory corruption due to type confusion. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation (bnc#1118319).
- CVE-2018-16862: A security flaw was found in the way that the cleancache subsystem clears an inode after the final file truncation (removal). The new file created with the same inode may contain leftover pages from cleancache and the old file data instead of the new one (bnc#1117186).
- CVE-2018-19824: A local user could exploit a use-after-free in the ALSA driver by supplying a malicious USB Sound device (with zero interfaces) that is mishandled in usb_audio_probe in sound/usb/card.c (bnc#1118152).
The following non-security bugs were fixed:
- 9p: clear dangling pointers in p9stat_free (bnc#1012382).
- 9p locks: fix glock.client_id leak in do_lock (bnc#1012382).
- 9p/net: put a lower bound on msize (bnc#1012382).
- ACPI/IORT: Fix iort_get_platform_device_domain() uninitialized pointer value (bsc#1121239).
- ACPI/LPSS: Add alternative ACPI HIDs for Cherry Trail DMA controllers (bnc#1012382).
- ACPI/nfit, x86/mce: Handle only uncorrectable machine checks (bsc#1114648).
- ACPI/nfit, x86/mce: Validate a MCE's address before using it (bsc#1114648).
- ACPI/platform: Add SMB0001 HID to forbidden_id_list (bnc#1012382).
- af_iucv: Move sockaddr length checks to before accessing sa_family in bind and connect handlers (bnc#1012382).
- ahci: do not ignore result code of ahci_reset_controller() (bnc#1012382).
- aio: fix spectre gadget in lookup_ioctx (bnc#1012382).
- aio: hold an extra file reference over AIO read/write operations (bsc#1116027).
- ALSA: ac97: Fix incorrect bit shift at AC97-SPSA control write (bnc#1012382).
- ALSA: ca0106: Disable IZD on SB0570 DAC to fix audio pops (bnc#1012382).
- ALSA: control: Fix race between adding and removing a user element (bnc#1012382).
- ALSA: cs46xx: Potential NULL dereference in probe (bnc#1012382).
- ALSA: emu10k1: Fix potential Spectre v1 vulnerabilities (bnc#1012382).
- ALSA: emux: Fix potential Spectre v1 vulnerabilities (bnc#1012382).
- ALSA: hda - Add mic quirk for the Lenovo G50-30 (17aa:3905) (bnc#1012382).
- ALSA: hda: add mute LED support for HP EliteBook 840 G4 (bnc#1012382).
- ALSA: hda: Add support for AMD Stoney Ridge (bnc#1012382).
- ALSA: hda: Check the non-cached stream buffers more explicitly (bnc#1012382).
- ALSA: hda/tegra: clear pending irq handlers (bnc#1012382).
- ALSA: isa/wavefront: prevent some out of bound writes (bnc#1012382).
- ALSA: pcm: Call snd_pcm_unlink() conditionally at closing (bnc#1012382).
- ALSA: pcm: Fix interval evaluation with openmin/max (bnc#1012382).
- ALSA: pcm: Fix potential Spectre v1 vulnerability (bnc#1012382).
- ALSA: pcm: Fix starvation on down_write_nonblock() (bnc#1012382).
- ALSA: pcm: remove SNDRV_PCM_IOCTL1_INFO internal command (bnc#1012382).
- ALSA: rme9652: Fix potential Spectre v1 vulnerability (bnc#1012382).
- ALSA: sparc: Fix invalid snd_free_pages() at error path (bnc#1012382).
- ALSA: timer: Fix zero-division by continue of uninitialized instance (bnc#1012382).
- ALSA: trident: Suppress gcc string warning (bnc#1012382).
- ALSA: usb-audio: Avoid access before bLength check in build_audio_procunit() (bnc#1012382).
- ALSA: usb-audio: Fix an out-of-bound read in create_composite_quirks (bnc#1012382).
- ALSA: wss: Fix invalid snd_free_pages() at error path (bnc#1012382).
- amd/iommu: Fix Guest Virtual APIC Log Tail Address Register (bsc#1106105).
- ARC: change defconfig defaults to ARCv2 (bnc#1012382).
- ARC: [devboards] Add support of NFSv3 ACL (bnc#1012382).
- arch/alpha, termios: implement BOTHER, IBSHIFT and termios2 (bnc#1012382).
- ARC: io.h: Implement reads{x}()/writes{x}() (bnc#1012382).
- ARM64: Disable asm-operand-width warning for clang (bnc#1012382).
- ARM64: dts: stratix10: Correct System Manager register size (bnc#1012382).
- ARM64: Enabled ENA (Amazon network driver)
- ARM64: hardcode rodata_enabled=true earlier in the series (bsc#1114763).
- ARM64: PCI: ACPI support for legacy IRQs parsing and consolidation with DT code.
- ARM64: percpu: Initialize ret in the default case (bnc#1012382).
- ARM64: remove no-op -p linker flag (bnc#1012382).
- ARM: 8799/1: mm: fix pci_ioremap_io() offset check (bnc#1012382).
- ARM: 8814/1: mm: improve/fix ARM v7_dma_inv_range() unaligned address handling (bnc#1012382).
- ARM: dts: apq8064: add ahci ports-implemented mask (bnc#1012382).
- ARM: dts: imx53-qsb: disable 1.2GHz OPP (bnc#1012382).
- ARM: fix mis-applied iommu identity check (bsc#1116924).
- ARM: imx: update the cpu power up timing setting on i.mx6sx (bnc#1012382).
- ARM: kvm: fix building with gcc-8 (bsc#1121241).
- ARM: OMAP1: ams-delta: Fix possible use of uninitialized field (bnc#1012382).
- ARM: OMAP2+: prm44xx: Fix section annotation on omap44xx_prm_enable_io_wakeup (bnc#1012382).
- asix: Check for supported Wake-on-LAN modes (bnc#1012382).
- ASoC: ak4613: Enable cache usage to fix crashes on resume (bnc#1012382).
- ASoC: dapm: Recalculate audio map forcely when card instantiated (bnc#1012382).
- ASoC: omap-dmic: Add pm_qos handling to avoid overruns with CPU_IDLE (bnc#1012382).
- ASoC: omap-mcpdm: Add pm_qos handling to avoid under/overruns with CPU_IDLE (bnc#1012382).
- ASoC: spear: fix error return code in spdif_in_probe() (bnc#1012382).
- ASoC: wm8940: Enable cache usage to fix crashes on resume (bnc#1012382).
- ataflop: fix error handling during setup (bnc#1012382).
- ath10k: fix kernel panic due to race in accessing arvif list (bnc#1012382).
- ath10k: schedule hardware restart if WMI command times out (bnc#1012382).
- ax25: fix a use-after-free in ax25_fillin_cb() (bnc#1012382).
- ax88179_178a: Check for supported Wake-on-LAN modes (bnc#1012382).
- b43: Fix error in cordic routine (bnc#1012382).
- batman-adv: Expand merged fragment buffer for full packet (bnc#1012382).
- bcache: fix miss key refill->end in writeback (bnc#1012382).
- bfs: add sanity check at bfs_fill_super() (bnc#1012382).
- binfmt_elf: fix calculations for bss padding (bnc#1012382).
- bitops: protect variables in bit_clear_unless() macro (bsc#1116285).
- block: fix inheriting request priority from bio (bsc#1116924).
- block: respect virtual boundary mask in bvecs (bsc#1113412).
- Bluetooth: btbcm: Add entry for BCM4335C0 UART bluetooth (bnc#1012382).
- Bluetooth: SMP: fix crash in unpairing (bnc#1012382).
- bna: ethtool: Avoid reading past end of buffer (bnc#1012382).
- bnx2x: Assign unique DMAE channel number for FW DMAE transactions (bnc#1012382).
- bonding: fix 802.3ad state sent to partner when unbinding slave (bnc#1012382).
- bpf: fix check of allowed specifiers in bpf_trace_printk (bnc#1012382).
- bpf: generally move prog destruction to RCU deferral (bnc#1012382).
- bpf: support 8-byte metafield access (bnc#1012382).
- bpf, trace: check event type in bpf_perf_event_read (bsc#1119970).
- bpf, trace: use READ_ONCE for retrieving file ptr (bsc#1119967).
- bpf/verifier: Add spi variable to check_stack_write() (bnc#1012382).
- bpf/verifier: Pass instruction index to check_mem_access() and check_xadd() (bnc#1012382).
- bridge: do not add port to router list when receives query with source 0.0.0.0 (bnc#1012382).
- btrfs: Always try all copies when reading extent buffers (bnc#1012382).
- btrfs: do not attempt to trim devices that do not support it (bnc#1012382).
- btrfs: ensure path name is null terminated at btrfs_control_ioctl (bnc#1012382).
- btrfs: fix backport error in submit_stripe_bio (bsc#1114763).
- btrfs: fix data corruption due to cloning of eof block (bnc#1012382).
- btrfs: Fix memory barriers usage with device stats counters.
- btrfs: fix null pointer dereference on compressed write path error (bnc#1012382).
- btrfs: fix pinned underflow after transaction aborted (bnc#1012382).
- btrfs: fix use-after-free when dumping free space (bnc#1012382).
- btrfs: fix wrong dentries after fsync of file that got its parent replaced (bnc#1012382).
- btrfs: Handle error from btrfs_uuid_tree_rem call in _btrfs_ioctl_set_received_subvol.
- btrfs: Handle owner mismatch gracefully when walking up tree (bnc#1012382).
- btrfs: iterate all devices during trim, instead of fs_devices::alloc_list (bnc#1012382).
- btrfs: locking: Add extra check in btrfs_init_new_buffer() to avoid deadlock (bnc#1012382).
- btrfs: make sure we create all new block groups (bnc#1012382).
- btrfs: qgroup: Dirty all qgroups before rescan (bnc#1012382).
- btrfs: release metadata before running delayed refs (bnc#1012382).
- btrfs: reset max_extent_size on clear in a bitmap (bnc#1012382).
- btrfs: send, fix infinite loop due to directory rename dependencies (bnc#1012382).
- btrfs: set max_extent_size properly (bnc#1012382).
- btrfs: wait on caching when putting the bg cache (bnc#1012382).
- cachefiles: fix the race between cachefiles_bury_object() and rmdir(2) (bnc#1012382).
- can: dev: __can_get_echo_skb(): Do not crash the kernel if can_priv::echo_skb is accessed out of bounds (bnc#1012382).
- can: dev: can_get_echo_skb(): factor out non sending code to __can_get_echo_skb() (bnc#1012382).
- can: dev: __can_get_echo_skb(): print error message, if trying to echo non existing skb (bnc#1012382).
- can: dev: __can_get_echo_skb(): replace struct can_frame by canfd_frame to access frame length (bnc#1012382).
- can: rcar_can: Fix erroneous registration (bnc#1012382).
- cdc-acm: correct counting of UART states in serial state notification (bnc#1012382).
- cdc-acm: fix abnormal DATA RX issue for Mediatek Preloader (bnc#1012382).
- ceph: call setattr_prepare from ceph_setattr instead of inode_change_ok (bsc#1114763).
- ceph: do not update importing cap's mseq when handing cap export (bsc#1121275).
- ceph: fix dentry leak in ceph_readdir_prepopulate (bsc#1114839).
- ceph: quota: fix null pointer dereference in quota check (bsc#1114839).
- cfg80211: reg: Init wiphy_idx in regulatory_hint_core() (bnc#1012382).
- checkstack.pl: fix for aarch64 (bnc#1012382).
- CIFS: Fix error mapping for SMB2_LOCK command which caused OFD lock problem (bnc#1012382).
- CIFS: Fix separator when building path from dentry (bnc#1012382).
- CIFS: handle guest access errors to Windows shares (bnc#1012382).
- CIFS: In Kconfig CONFIG_CIFS_POSIX needs depends on legacy (insecure cifs) (bnc#1012382).
- clk: mmp: Off by one in mmp_clk_add() (bnc#1012382).
- clk: s2mps11: Add used attribute to s2mps11_dt_match.
- clk: s2mps11: Fix matching when built as module and DT node contains compatible (bnc#1012382).
- clk: samsung: exynos5420: Enable PERIS clocks for suspend (bnc#1012382).
- clockevents/drivers/i8253: Add support for PIT shutdown quirk (bnc#1012382).
- configfs: replace strncpy with memcpy (bnc#1012382).
- cpufeature: avoid warning when compiling with clang.
- cpufreq: imx6q: add return value check for voltage scale (bnc#1012382).
- cpuidle: Do not access cpuidle_devices when !CONFIG_CPU_IDLE (bnc#1012382).
- Cramfs: fix abad comparison when wrap-arounds occur (bnc#1012382).
- crypto: arm64/sha - avoid non-standard inline asm tricks (bnc#1012382).
- crypto: lrw - Fix out-of bounds access on counter overflow (bnc#1012382).
- crypto: shash - Fix a sleep-in-atomic bug in shash_setkey_unaligned (bnc#1012382).
- crypto, x86: aesni - fix token pasting for clang (bnc#1012382).
- crypto: x86/chacha20 - avoid sleeping with preemption disabled (bnc#1012382).
- cw1200: Do not leak memory if krealloc failes (bnc#1012382).
- cxgb4: Add support for new flash parts (bsc#1102439).
- cxgb4: assume flash part size to be 4MB, if it can't be determined (bsc#1102439).
- cxgb4: Fix FW flash errors (bsc#1102439).
- cxgb4: fix missing break in switch and indent return statements (bsc#1102439).
- cxgb4: support new ISSI flash parts (bsc#1102439).
- debugobjects: avoid recursive calls with kmemleak (bnc#1012382).
- disable stringop truncation warnings for now (bnc#1012382).
- dlm: fixed memory leaks after failed ls_remove_names allocation (bnc#1012382).
- dlm: lost put_lkb on error path in receive_convert() and receive_unlock() (bnc#1012382).
- dlm: memory leaks on error path in dlm_user_request() (bnc#1012382).
- dlm: possible memory leak on error path in create_lkb() (bnc#1012382).
- dmaengine: at_hdmac: fix memory leak in at_dma_xlate() (bnc#1012382).
- dmaengine: at_hdmac: fix module unloading (bnc#1012382).
- dmaengine: dma-jz4780: Return error if not probed from DT (bnc#1012382).
- dm cache metadata: ignore hints array being too small during resize.
- dm ioctl: harden copy_params()'s copy_from_user() from malicious users (bnc#1012382).
- dm-multipath: do not assign cmd_flags in setup_clone() (bsc#1103156).
- dm raid: stop using BUG() in __rdev_sectors() (bsc#1046264).
- dm thin: stop no_space_timeout worker when switching to write-mode.
- dpaa_eth: fix dpaa_get_stats64 to match prototype (bsc#1114763).
- driver/dma/ioat: Call del_timer_sync() without holding prep_lock (bnc#1012382).
- drivers: hv: vmbus: check the creation_status in vmbus_establish_gpadl() (bsc#1104098).
- drivers: hv: vmbus: Return -EINVAL for the sys files for unopened channels (bnc#1012382).
- drivers/misc/sgi-gru: fix Spectre v1 vulnerability (bnc#1012382).
- drivers/sbus/char: add of_node_put() (bnc#1012382).
- drivers/tty: add missing of_node_put() (bnc#1012382).
- drm/ast: change resolution may cause screen blurred (bnc#1012382).
- drm/ast: fixed cursor may disappear sometimes (bnc#1012382).
- drm/ast: fixed reading monitor EDID not stable issue (bnc#1012382).
- drm/ast: Fix incorrect free on ioregs (bsc#1106929)
- drm/ast: Remove existing framebuffers before loading driver (boo#1112963)
- drm/dp_mst: Check if primary mstb is null (bnc#1012382).
- drm/fb-helper: Ignore the value of fb_var_screeninfo.pixclock (bsc#1106929)
- drm/i915/hdmi: Add HDMI 2.0 audio clock recovery N values (bnc#1012382).
- drm/ioctl: Fix Spectre v1 vulnerabilities (bnc#1012382).
- drm/msm: Grab a vblank reference when waiting for commit_done (bnc#1012382).
- drm/nouveau/fbcon: fix oops without fbdev emulation (bnc#1012382).
- drm/omap: fix memory barrier bug in DMM driver (bnc#1012382).
- drm: rcar-du: Fix external clock error checks (bsc#1106929)
- drm: rcar-du: Fix vblank initialization (bsc#1106929)
- drm/rockchip: Allow driver to be shutdown on reboot/kexec (bnc#1012382).
- e1000: avoid null pointer dereference on invalid stat type (bnc#1012382).
- e1000: fix race condition between e1000_down() and e1000_watchdog (bnc#1012382).
- efi/libstub/arm64: Force 'hidden' visibility for section markers (bnc#1012382).
- efi/libstub/arm64: Set -fpie when building the EFI stub (bnc#1012382).
- exec: avoid gcc-8 warning for get_task_comm (bnc#1012382).
- exportfs: do not read dentry after free (bnc#1012382).
- ext2: fix potential use after free (bnc#1012382).
- ext4: add missing brelse() add_new_gdb_meta_bg()'s error path (bnc#1012382).
- ext4: add missing brelse() in set_flexbg_block_bitmap()'s error path (bnc#1012382).
- ext4: add missing brelse() update_backups()'s error path (bnc#1012382).
- ext4: avoid buffer leak in ext4_orphan_add() after prior errors (bnc#1012382).
- ext4: avoid possible double brelse() in add_new_gdb() on error path (bnc#1012382).
- ext4: avoid potential extra brelse in setup_new_flex_group_blocks() (bnc#1012382).
- ext4: fix argument checking in EXT4_IOC_MOVE_EXT (bnc#1012382).
- ext4: fix buffer leak in __ext4_read_dirblock() on error path (bnc#1012382).
- ext4: fix buffer leak in ext4_xattr_move_to_block() on error path (bnc#1012382).
- ext4: fix EXT4_IOC_GROUP_ADD ioctl (bnc#1012382).
- ext4: fix missing cleanup if ext4_alloc_flex_bg_array() fails while resizing (bnc#1012382).
- ext4: fix possible inode leak in the retry loop of ext4_resize_fs() (bnc#1012382).
- ext4: fix possible leak of sbi->s_group_desc_leak in error path (bnc#1012382).
- ext4: fix possible use after free in ext4_quota_enable (bnc#1012382).
- ext4: force inode writes when nfsd calls commit_metadata() (bnc#1012382).
- ext4: initialize retries variable in ext4_da_write_inline_data_begin() (bnc#1012382).
- ext4: missing unlock/put_page() in ext4_try_to_write_inline_data() (bnc#1012382).
- ext4: release bs.bh before re-using in ext4_xattr_block_find() (bnc#1012382).
- fbdev: fbcon: Fix unregister crash when more than one framebuffer (bsc#1106929)
- fbdev: fbmem: behave better with small rotated displays and many CPUs (bsc#1106929)
- fcoe: remove duplicate debugging message in fcoe_ctlr_vn_add (bsc#1114763).
- Fix kABI for 'Ensure we commit after writeback is complete' (bsc#1111809).
- floppy: fix race condition in __floppy_read_block_0().
- flow_dissector: do not dissect l4 ports for fragments (bnc#1012382).
- fork: record start_time late (bnc#1012382).
- fscache, cachefiles: remove redundant variable 'cache' (bnc#1012382).
- fscache: fix race between enablement and dropping of object (bsc#1107385).
- fscache: Fix race in fscache_op_complete() due to split atomic_sub & read .
- fscache: Pass the correct cancelled indications to fscache_op_complete().
- fs, elf: make sure to page align bss in load_elf_library (bnc#1012382).
- fs/exofs: fix potential memory leak in mount option parsing (bnc#1012382).
- fs/fat/fatent.c: add cond_resched() to fat_count_free_clusters() (bnc#1012382).
- fuse: Dont call set_page_dirty_lock() for ITER_BVEC pages for async_dio (bnc#1012382).
- fuse: fix blocked_waitq wakeup (bnc#1012382).
- fuse: fix leaked notify reply (bnc#1012382).
- fuse: Fix use-after-free in fuse_dev_do_read() (bnc#1012382).
- fuse: Fix use-after-free in fuse_dev_do_write() (bnc#1012382).
- fuse: set FR_SENT while locked (bnc#1012382).
- genirq: Fix race on spurious interrupt detection (bnc#1012382).
- genwqe: Fix size check (bnc#1012382).
- gfs2: Do not leave s_fs_info pointing to freed memory in init_sbd (bnc#1012382).
- gfs2: Fix loop in gfs2_rbm_find (bnc#1012382).
- gfs2_meta: ->mount() can get NULL dev_name (bnc#1012382).
- gfs2: Put bitmap buffers in put_super (bnc#1012382).
- git_sort.py: Remove non-existent remote tj/libata
- gpio: max7301: fix driver for use with CONFIG_VMAP_STACK (bnc#1012382).
- gpio: msic: fix error return code in platform_msic_gpio_probe() (bnc#1012382).
- gpu: host1x: fix error return code in host1x_probe() (bnc#1012382).
- gro_cell: add napi_disable in gro_cells_destroy (bnc#1012382).
- hfs: do not free node before using (bnc#1012382).
- hfsplus: do not free node before using (bnc#1012382).
- hfsplus: prevent btree data loss on root split (bnc#1012382).
- hfs: prevent btree data loss on root split (bnc#1012382).
- HID: hiddev: fix potential Spectre v1 (bnc#1012382).
- HID: uhid: forbid UHID_CREATE under KERNEL_DS or elevated privileges (bnc#1012382).
- hpwdt add dynamic debugging (bsc#1114417).
- hpwdt calculate reload value on each use (bsc#1114417).
- hugetlbfs: dirty pages as they are added to pagecache (bnc#1012382).
- hugetlbfs: fix bug in pgoff overflow checking (bnc#1012382).
- hugetlbfs: fix kernel BUG at fs/hugetlbfs/inode.c:444! (bnc#1012382).
- hwmon: (ibmpowernv) Remove bogus __init annotations (bnc#1012382).
- hwmon: (ina2xx) Fix current value calculation (bnc#1012382).
- hwmon: (pmbus) Fix page count auto-detection (bnc#1012382).
- hwmon: (w83795) temp4_type has writable permission (bnc#1012382).
- hwpoison, memory_hotplug: allow hwpoisoned pages to be offlined (bnc#1116336).
- i2c: axxia: properly handle master timeout (bnc#1012382).
- i2c: scmi: Fix probe error on devices with an empty SMB0001 ACPI device node (bnc#1012382).
- IB/hfi1: Fix an out-of-bounds access in get_hw_stats ().
- ibmveth: fix DMA unmap error in ibmveth_xmit_start error path (bnc#1012382).
- ibmvnic: Convert reset work item mutex to spin lock ().
- ibmvnic: fix accelerated VLAN handling ().
- ibmvnic: fix index in release_rx_pools (bsc#1115440).
- ibmvnic: Fix non-atomic memory allocation in IRQ context ().
- ibmvnic: Fix RX queue buffer cleanup (bsc#1115440, bsc#1115433).
- ibmvnic: remove ndo_poll_controller ().
- ibmvnic: Update driver queues after change in ring size support ().
- IB/ucm: Fix Spectre v1 vulnerability (bnc#1012382).
- ide: pmac: add of_node_put() (bnc#1012382).
- ieee802154: lowpan_header_create check must check daddr (bnc#1012382).
- igb: Remove superfluous reset to PHY and page 0 selection (bnc#1012382).
- iio: adc: at91: fix acking DRDY irq on simple conversions (bnc#1012382).
- iio: adc: at91: fix wrong channel number in triggered buffer mode (bnc#1012382).
- ima: fix showing large 'violations' or 'runtime_measurements_count' (bnc#1012382).
- Input: elan_i2c - add ACPI ID for Lenovo IdeaPad 330-15ARR (bnc#1012382).
- Input: elan_i2c - add ACPI ID for Lenovo IdeaPad 330-15IGM (bnc#1012382).
- Input: elan_i2c - add ACPI ID for touchpad in ASUS Aspire F5-573G (bnc#1012382).
- Input: elan_i2c - add ELAN0620 to the ACPI table (bnc#1012382).
- Input: elan_i2c - add support for ELAN0621 touchpad (bnc#1012382).
- Input: matrix_keypad - check for errors from of_get_named_gpio() (bnc#1012382).
- Input: omap-keypad - fix idle configuration to not block SoC idle states (bnc#1012382).
- Input: omap-keypad - fix keyboard debounce configuration (bnc#1012382).
- Input: restore EV_ABS ABS_RESERVED (bnc#1012382).
- Input: xpad - add GPD Win 2 Controller USB IDs (bnc#1012382).
- Input: xpad - add Mad Catz FightStick TE 2 VID/PID (bnc#1012382).
- Input: xpad - add more third-party controllers (bnc#1012382).
- Input: xpad - add PDP device id 0x02a4 (bnc#1012382).
- Input: xpad - add product ID for Xbox One S pad (bnc#1012382).
- Input: xpad - add support for PDP Xbox One controllers (bnc#1012382).
- Input: xpad - add support for Xbox1 PDP Camo series gamepad (bnc#1012382).
- Input: xpad - add USB IDs for Mad Catz Brawlstick and Razer Sabertooth (bnc#1012382).
- Input: xpad - avoid using __set_bit() for capabilities (bnc#1012382).
- Input: xpad - constify usb_device_id (bnc#1012382).
- Input: xpad - correctly sort vendor id's (bnc#1012382).
- Input: xpad - correct xbox one pad device name (bnc#1012382).
- Input: xpad - do not depend on endpoint order (bnc#1012382).
- Input: xpad - fix GPD Win 2 controller name (bnc#1012382).
- Input: xpad - fix PowerA init quirk for some gamepad models (bnc#1012382).
- Input: xpad - fix rumble on Xbox One controllers with 2015 firmware (bnc#1012382).
- Input: xpad - fix some coding style issues (bnc#1012382).
- Input: xpad - fix stuck mode button on Xbox One S pad (bnc#1012382).
- Input: xpad - fix Xbox One rumble stopping after 2.5 secs (bnc#1012382).
- Input: xpad - handle 'present' and 'gone' correctly (bnc#1012382).
- Input: xpad - move reporting xbox one home button to common function (bnc#1012382).
- Input: xpad - power off wireless 360 controllers on suspend (bnc#1012382).
- Input: xpad - prevent spurious input from wired Xbox 360 controllers (bnc#1012382).
- Input: xpad - quirk all PDP Xbox One gamepads (bnc#1012382).
- Input: xpad - remove spurious events of wireless xpad 360 controller (bnc#1012382).
- Input: xpad - remove unused function (bnc#1012382).
- Input: xpad - restore LED state after device resume (bnc#1012382).
- Input: xpad - simplify error condition in init_output (bnc#1012382).
- Input: xpad - sort supported devices by USB ID (bnc#1012382).
- Input: xpad - support some quirky Xbox One pads (bnc#1012382).
- Input: xpad - sync supported devices with 360Controller (bnc#1012382).
- Input: xpad - sync supported devices with XBCD (bnc#1012382).
- Input: xpad - sync supported devices with xboxdrv (bnc#1012382).
- Input: xpad - update Xbox One Force Feedback Support (bnc#1012382).
- Input: xpad - use LED API when identifying wireless controllers (bnc#1012382).
- Input: xpad - validate USB endpoint type during probe (bnc#1012382).
- Input: xpad - workaround dead irq_out after suspend/ resume (bnc#1012382).
- Input: xpad - xbox one elite controller support (bnc#1012382).
- intel_th: msu: Fix an off-by-one in attribute store (bnc#1012382).
- iommu/amd: Fix amd_iommu=force_isolation (bsc#1106105).
- iommu/arm-smmu: Ensure that page-table updates are visible before TLBI (bsc#1106237).
- iommu/ipmmu-vmsa: Fix crash on early domain free (bsc#1106105).
- iommu/vt-d: Fix NULL pointer dereference in prq_event_thread() (bsc#1106105).
- iommu/vt-d: Handle domain agaw being less than iommu agaw (bsc#1106105).
- iommu/vt-d: Use memunmap to free memremap (bsc#1106105).
- ip6mr: Fix potential Spectre v1 vulnerability (bnc#1012382).
- ipmi: Fix timer race with module unload (bnc#1012382).
- ip_tunnel: do not force DF when MTU is locked (bnc#1012382).
- ip_tunnel: Fix name string concatenate in __ip_tunnel_create() (bnc#1012382).
- ipv4: Fix potential Spectre v1 vulnerability (bnc#1012382).
- ipv4: ipv6: netfilter: Adjust the frag mem limit when truesize changes (bsc#1110286).
- ipv6: Check available headroom in ip6_xmit() even without options (bnc#1012382).
- ipv6: explicitly initialize udp6_addr in udp_sock_create6() (bnc#1012382).
- ipv6: Fix PMTU updates for UDP/raw sockets in presence of VRF (bnc#1012382).
- ipv6: mcast: fix a use-after-free in inet6_mc_check (bnc#1012382).
- ipv6/ndisc: Preserve IPv6 control buffer if protocol error handlers are called (bnc#1012382).
- ipv6: orphan skbs in reassembly unit (bnc#1012382).
- ipv6: set rt6i_protocol properly in the route when it is installed (bsc#1114190).
- ipv6: suppress sparse warnings in IP6_ECN_set_ce() (bnc#1012382).
- isdn: fix kernel-infoleak in capi_unlocked_ioctl (bnc#1012382).
- iser: set sector for ambiguous mr status errors (bnc#1012382).
- iwlwifi: mvm: fix regulatory domain update when the firmware starts (bnc#1012382).
- iwlwifi: mvm: support sta_statistics() even on older firmware (bnc#1012382).
- ixgbe: Add function for checking to see if we can reuse page (bsc#1100105).
- ixgbe: Add support for build_skb (bsc#1100105).
- ixgbe: Add support for padding packet (bsc#1100105).
- ixgbe: Break out Rx buffer page management (bsc#1100105).
- ixgbe: Fix output from ixgbe_dump (bsc#1100105).
- ixgbe: fix possible race in reset subtask (bsc#1101557).
- ixgbe: Make use of order 1 pages and 3K buffers independent of FCoE (bsc#1100105).
- ixgbe: Only DMA sync frame length (bsc#1100105).
- ixgbe: recognize 1000BaseLX SFP modules as 1Gbps (bnc#1012382).
- ixgbe: Refactor queue disable logic to take completion time into account (bsc#1101557).
- ixgbe: Reorder Tx/Rx shutdown to reduce time needed to stop device (bsc#1101557).
- ixgbe: Update code to better handle incrementing page count (bsc#1100105).
- ixgbe: Update driver to make use of DMA attributes in Rx path (bsc#1100105).
- ixgbe: Use length to determine if descriptor is done (bsc#1100105).
- jbd2: fix use after free in jbd2_log_do_checkpoint() (bnc#1012382).
- jffs2: free jffs2_sb_info through jffs2_kill_sb() (bnc#1012382).
- kabi: hwpoison, memory_hotplug: allow hwpoisoned pages to be offlined (bnc#1116336).
- kABI: protect get_vaddr_frames (kabi).
- kABI: protect struct azx (kabi).
- kABI: protect struct cfs_bandwidth (kabi).
- kABI: protect struct esp (kabi).
- kABI: protect struct fuse_io_priv (kabi).
- kABI: protect __usb_get_extra_descriptor (kabi).
- kABI: protect xen/xen-ops.h include in xlate_mmu.c (kabi).
- kabi: revert sig change on pnfs_read_resend_pnfs.
- kbuild: Add better clang cross build support (bnc#1012382).
- kbuild: Add __cc-option macro (bnc#1012382).
- kbuild: Add support to generate LLVM assembly files (bnc#1012382).
- kbuild: allow to use GCC toolchain not in Clang search path (bnc#1012382).
- kbuild: clang: add -no-integrated-as to KBUILD_[AC]FLAGS (bnc#1012382).
- kbuild: clang: Disable 'address-of-packed-member' warning (bnc#1012382).
- kbuild: clang: disable unused variable warnings only when constant (bnc#1012382).
- kbuild: clang: fix build failures with sparse check (bnc#1012382).
- kbuild: clang: remove crufty HOSTCFLAGS (bnc#1012382).
- kbuild: Consolidate header generation from ASM offset information (bnc#1012382).
- kbuild: consolidate redundant sed script ASM offset generation (bnc#1012382).
- kbuild: drop -Wno-unknown-warning-option from clang options (bnc#1012382).
- kbuild: fix asm-offset generation to work with clang (bnc#1012382).
- kbuild: fix kernel/bounds.c 'W=1' warning (bnc#1012382).
- kbuild: fix linker feature test macros when cross compiling with Clang (bnc#1012382).
- kbuild, LLVMLinux: Add -Werror to cc-option to support clang (bnc#1012382).
- kbuild: move cc-option and cc-disable-warning after incl. arch Makefile (bnc#1012382).
- kbuild: Set KBUILD_CFLAGS before incl. arch Makefile (bnc#1012382).
- kbuild: set no-integrated-as before incl. arch Makefile (bnc#1012382).
- kbuild: suppress packed-not-aligned warning for default setting only (bnc#1012382).
- kbuild: use -Oz instead of -Os when using clang (bnc#1012382).
- kdb: use memmove instead of overlapping memcpy (bnc#1012382).
- kdb: Use strscpy with destination buffer size (bnc#1012382).
- kernfs: Replace strncpy with memcpy (bnc#1012382).
- KEYS: put keyring if install_session_keyring_to_cred() fails (bnc#1012382).
- kgdboc: fix KASAN global-out-of-bounds bug in param_set_kgdboc_var() (bnc#1012382).
- kgdboc: Fix restrict error (bnc#1012382).
- kgdboc: Fix warning with module build (bnc#1012382).
- kgdboc: Passing ekgdboc to command line causes panic (bnc#1012382).
- kobject: Replace strncpy with memcpy (bnc#1012382).
- kprobes: Return error if we fail to reuse kprobe instead of BUG_ON() (bnc#1012382).
- KVM: arm64: Fix caching of host MDCR_EL2 value (bsc#1121242).
- KVM: arm: Restore banked registers and physical timer access on hyp_panic() (bsc#1121240).
- KVM: mmu: Fix race in emulated page table writes (bnc#1012382).
- KVM: nVMX: Always reflect #NM VM-exits to L1 (bsc#1106240).
- KVM: nVMX: Eliminate vmcs02 pool (bnc#1012382).
- KVM: nVMX: mark vmcs12 pages dirty on L2 exit (bnc#1012382).
- KVM: PPC: Move and undef TRACE_INCLUDE_PATH/FILE (bnc#1012382).
- KVM/SVM: Allow direct access to MSR_IA32_SPEC_CTRL (bnc#1012382 bsc#1068032).
- KVM/SVM: Ensure an IBPB on all affected CPUs when freeing a vmcb (bsc#1114648).
- KVM/VMX: Allow direct access to MSR_IA32_SPEC_CTRL (bnc#1012382 bsc#1068032 bsc#1096242 bsc#1096281).
- KVM/VMX: Emulate MSR_IA32_ARCH_CAPABILITIES (bnc#1012382).
- KVM/VMX: introduce alloc_loaded_vmcs (bnc#1012382).
- KVM/VMX: make MSR bitmaps per-VCPU (bnc#1012382).
- KVM/x86: Add IBPB support (bnc#1012382 bsc#1068032 bsc#1068032).
- KVM/x86: fix empty-body warnings (bnc#1012382).
- KVM/x86: Remove indirect MSR op calls from SPEC_CTRL (bnc#1012382).
- KVM/x86: Use jmp to invoke kvm_spurious_fault() from .fixup (bnc#1012382).
- lan78xx: Check for supported Wake-on-LAN modes (bnc#1012382).
- leds: call led_pwm_set() in leds-pwm to enforce default LED_OFF (bnc#1012382).
- leds: leds-gpio: Fix return value check in create_gpio_led() (bnc#1012382).
- leds: turn off the LED and wait for completion on unregistering LED class device (bnc#1012382).
- libata: whitelist all SAMSUNG MZ7KM* solid-state disks (bnc#1012382).
- libceph: bump CEPH_MSG_MAX_DATA_LEN (bsc#1114839).
- libceph: fall back to sendmsg for slab pages (bsc#1118316).
- libfc: sync strings with upstream versions (bsc#1114763).
- lib/interval_tree_test.c: allow full tree search (bnc#1012382).
- lib/interval_tree_test.c: allow users to limit scope of endpoint (bnc#1012382).
- lib/interval_tree_test.c: make test options module parameters (bnc#1012382).
- libnvdimm, {btt, blk}: do integrity setup before add_disk() (bsc#1118926).
- libnvdimm, dimm: fix dpa reservation vs uninitialized label area (bsc#1118936).
- libnvdimm: fix integer overflow static analysis warning (bsc#1118922).
- libnvdimm: fix nvdimm_bus_lock() vs device_lock() ordering (bsc#1118915).
- libnvdimm: Hold reference on parent while scheduling async init (bnc#1012382).
- lib/raid6: Fix arm64 test build (bnc#1012382).
- lib/rbtree_test.c: make input module parameters (bnc#1012382).
- lib/rbtree-test: lower default params (bnc#1012382).
- llc: do not use sk_eat_skb() (bnc#1012382).
- lockd: fix access beyond unterminated strings in prints (bnc#1012382).
- locking/lockdep: Fix debug_locks off performance problem (bnc#1012382).
- mac80211: Always report TX status (bnc#1012382).
- mac80211: Clear beacon_int in ieee80211_do_stop (bnc#1012382).
- mac80211: fix reordering of buffered broadcast packets (bnc#1012382).
- mac80211_hwsim: do not omit multicast announce of first added radio (bnc#1012382).
- mac80211_hwsim: fix module init error paths for netlink (bnc#1012382).
- mac80211_hwsim: Timer should be initialized before device registered (bnc#1012382).
- mac80211: ignore NullFunc frames in the duplicate detection (bnc#1012382).
- mac80211: ignore tx status for PS stations in ieee80211_tx_status_ext (bnc#1012382).
- mach64: fix display corruption on big endian machines (bnc#1012382).
- mach64: fix image corruption due to reading accelerator registers (bnc#1012382).
- matroxfb: fix size of memcpy (bnc#1012382).
- MD: do not check MD_SB_CHANGE_CLEAN in md_allow_write.
- MD: fix invalid stored role for a disk (bnc#1012382).
- MD: fix invalid stored role for a disk - try2 (bnc#1012382).
- media: dvb-frontends: fix i2c access helpers for KASAN (bnc#1012382).
- media: em28xx: fix input name for Terratec AV 350 (bnc#1012382).
- media: em28xx: Fix use-after-free when disconnecting (bnc#1012382).
- media: em28xx: make v4l2-compliance happier by starting sequence on zero (bnc#1012382).
- media: em28xx: use a default format if TRY_FMT fails (bnc#1012382).
- media: pci: cx23885: handle adding to list failure (bnc#1012382).
- media: tvp5150: fix width alignment during set_selection() (bnc#1012382).
- media: v4l: event: Add subscription to list before calling 'add' operation (bnc#1012382).
- media: vivid: free bitmap_cap when updating std/timings/etc (bnc#1012382).
- MIPS: Align kernel load address to 64KB (bnc#1012382).
- MIPS: DEC: Fix an int-handler.S CPU_DADDI_WORKAROUNDS regression (bnc#1012382).
- MIPS: Ensure pmd_present() returns false after pmd_mknotpresent() (bnc#1012382).
- MIPS: Fix FCSR Cause bit handling for correct SIGFPE issue (bnc#1012382).
- MIPS: fix mips_get_syscall_arg o32 check (bnc#1012382).
- MIPS: Handle non word sized instructions when examining frame (bnc#1012382).
- MIPS: kexec: Mark CPU offline before disabling local IRQ (bnc#1012382).
- MIPS: Loongson-3: Fix BRIDGE irq delivery problem (bnc#1012382).
- MIPS: Loongson-3: Fix CPU UART irq delivery problem (bnc#1012382).
- MIPS: microMIPS: Fix decoding of swsp16 instruction (bnc#1012382).
- MIPS: OCTEON: fix out of bounds array access on CN68XX (bnc#1012382).
- MIPS: ralink: Fix mt7620 nd_sd pinmux (bnc#1012382).
- misc: atmel-ssc: Fix section annotation on atmel_ssc_get_driver_data (bnc#1012382).
- misc: mic/scif: fix copy-paste error in scif_create_remote_lookup (bnc#1012382).
- mmc: core: Reset HPI enabled state during re-init and in case of errors (bnc#1012382).
- mm: cleancache: fix corruption on missed inode invalidation (bnc#1012382).
- mmc: OMAP: fix broken MMC on OMAP15XX/OMAP5910/OMAP310 (bnc#1012382).
- mmc: omap_hsmmc: fix DMA API warning (bnc#1012382).
- mmc: sdhci-pci-o2micro: Add quirk for O2 Micro dev 0x8620 rev 0x01 (bnc#1012382).
- mm, devm_memremap_pages: kill mapping 'System RAM' support (bnc#1012382).
- mm: do not bug_on on incorrect length in __mm_populate() (bnc#1012382).
- mm: do not miss the last page because of round-off error (bnc#1118798).
- mm, elf: handle vm_brk error (bnc#1012382).
- mm, hugetlb: fix huge_pte_alloc BUG_ON (bsc#1119204).
- mm: hwpoison: call shake_page() after try_to_unmap() for mlocked page (bnc#1116336).
- mm: lower the printk loglevel for __dump_page messages (generic hotplug debugability).
- mm, memory_hotplug: be more verbose for memory offline failures (generic hotplug debugability).
- mm, memory_hotplug: drop pointless block alignment checks from __offline_pages (generic hotplug debugability).
- mm, memory_hotplug: print reason for the offlining failure (generic hotplug debugability).
- mm: migration: fix migration of huge PMD shared pages (bnc#1012382).
- mm: mlock: avoid increase mm->locked_vm on mlock() when already mlock2(,MLOCK_ONFAULT) (bnc#1012382).
- mm/nommu.c: Switch __get_user_pages_unlocked() to use __get_user_pages() (bnc#1012382).
- mm: Preserve _PAGE_DEVMAP across mprotect() calls (bsc#1118790).
- mm: print more information about mapping in __dump_page (generic hotplug debugability).
- mm: put_and_wait_on_page_locked() while page is migrated (bnc#1109272).
- mm: refuse wrapped vm_brk requests (bnc#1012382).
- mm: remove write/force parameters from __get_user_pages_locked() (bnc#1012382 bsc#1027260).
- mm: remove write/force parameters from __get_user_pages_unlocked() (bnc#1012382 bsc#1027260).
- mm: replace __access_remote_vm() write parameter with gup_flags (bnc#1012382).
- mm: replace access_remote_vm() write parameter with gup_flags (bnc#1012382).
- mm: replace get_user_pages_locked() write/force parameters with gup_flags (bnc#1012382 bsc#1027260).
- mm: replace get_user_pages_unlocked() write/force parameters with gup_flags (bnc#1012382 bsc#1027260).
- mm: replace get_user_pages() write/force parameters with gup_flags (bnc#1012382 bsc#1027260).
- mm: replace get_vaddr_frames() write/force parameters with gup_flags (bnc#1012382).
- mm: thp: relax __GFP_THISNODE for MADV_HUGEPAGE mappings (bnc#1012382).
- modules: mark __inittest/__exittest as __maybe_unused (bnc#1012382).
- mount: Do not allow copying MNT_UNBINDABLE|MNT_LOCKED mounts (bnc#1012382).
- mount: Prevent MNT_DETACH from disconnecting locked mounts (bnc#1012382).
- mount: Retest MNT_LOCKED in do_umount (bnc#1012382).
- Move usb-audio UAF fix into sorted section
- mtd: docg3: do not set conflicting BCH_CONST_PARAMS option (bnc#1012382).
- mtd: spi-nor: Add support for is25wp series chips (bnc#1012382).
- mv88e6060: disable hardware level MAC learning (bnc#1012382).
- mwifiex: Fix NULL pointer dereference in skb_dequeue() (bnc#1012382).
- mwifiex: fix p2p device does not find in scan problem (bnc#1012382).
- namei: allow restricted O_CREAT of FIFOs and regular files (bnc#1012382).
- neighbour: Avoid writing before skb->head in neigh_hh_output() (bnc#1012382).
- net: 8139cp: fix a BUG triggered by changing mtu with network traffic (bnc#1012382).
- net/af_iucv: drop inbound packets with invalid flags (bnc#1114475, LTC#172679).
- net/af_iucv: fix skb handling on HiperTransport xmit error (bnc#1114475, LTC#172679).
- net: amd: add missing of_node_put() (bnc#1012382).
- net: bcmgenet: fix OF child-node lookup (bnc#1012382).
- net: bridge: remove ipv6 zero address check in mcast queries (bnc#1012382).
- net: cxgb3_main: fix a missing-check bug (bnc#1012382).
- net: drop skb on failure in ip_check_defrag() (bnc#1012382).
- net: drop write-only stack variable (bnc#1012382).
- net: ena: add functions for handling Low Latency Queues in ena_com (bsc#1117562).
- net: ena: add functions for handling Low Latency Queues in ena_netdev (bsc#1117562).
- net: ena: change rx copybreak default to reduce kernel memory pressure (bsc#1117562).
- net: ena: complete host info to match latest ENA spec (bsc#1117562).
- net: ena: enable Low Latency Queues (bsc#1117562).
- net: ena: explicit casting and initialization, and clearer error handling (bsc#1117562).
- net: ena: fix auto casting to boolean (bsc#1117562).
- net: ena: fix compilation error in xtensa architecture (bsc#1117562).
- net: ena: fix crash during ena_remove() (bsc#1108240).
- net: ena: fix crash during failed resume from hibernation (bsc#1117562).
- net: ena: fix indentations in ena_defs for better readability (bsc#1117562).
- net: ena: Fix Kconfig dependency on X86 (bsc#1117562).
- net: ena: fix NULL dereference due to untimely napi initialization (bsc#1117562).
- net: ena: fix rare bug when failed restart/resume is followed by driver removal (bsc#1117562).
- net: ena: fix warning in rmmod caused by double iounmap (bsc#1117562).
- net: ena: introduce Low Latency Queues data structures according to ENA spec (bsc#1117562).
- net: ena: limit refill Rx threshold to 256 to avoid latency issues (bsc#1117562).
- net: ena: minor performance improvement (bsc#1117562).
- net: ena: remove ndo_poll_controller (bsc#1117562).
- net: ena: remove redundant parameter in ena_com_admin_init() (bsc#1117562).
- net: ena: update driver version from 2.0.1 to 2.0.2 (bsc#1108240).
- net: ena: update driver version to 2.0.1 (bsc#1117562).
- net: ena: use CSUM_CHECKED device indication to report skb's checksum status (bsc#1117562).
- net: faraday: ftmac100: remove netif_running(netdev) check before disabling interrupts (bnc#1012382).
- netfilter: ipset: actually allow allowable CIDR 0 in hash:net,port,net (bnc#1012382).
- netfilter: ipset: Correct rcu_dereference() call in ip_set_put_comment() (bnc#1012382).
- netfilter: nf_tables: fix oops when inserting an element into a verdict map (bnc#1012382).
- netfilter: xt_IDLETIMER: add sysfs filename checking routine (bnc#1012382).
- net-gro: reset skb->pkt_type in napi_reuse_skb() (bnc#1012382).
- net: hisilicon: remove unexpected free_netdev (bnc#1012382).
- net: ibm: fix return type of ndo_start_xmit function ().
- net/ibmnvic: Fix deadlock problem in reset ().
- net/ibmvnic: Fix RTNL deadlock during device reset (bnc#1115431).
- net/ipv4: defensive cipso option parsing (bnc#1012382).
- net/ipv4: do not handle duplicate fragments as overlapping (bsc#1116345).
- net/ipv6: Fix index counter for unicast addresses in in6_dump_addrs (bnc#1012382).
- net/mlx4_core: Correctly set PFC param if global pause is turned off (bsc#1015336 bsc#1015337 bsc#1015340).
- net/mlx4_core: Fix uninitialized variable compilation warning (bnc#1012382).
- net/mlx4_core: Zero out lkey field in SW2HW_MPT fw command (bnc#1012382).
- net/mlx4: Fix UBSAN warning of signed integer overflow (bnc#1012382).
- net: phy: do not allow __set_phy_supported to add unsupported modes (bnc#1012382).
- net: Prevent invalid access to skb->prev in __qdisc_drop_all (bnc#1012382).
- net: qla3xxx: Remove overflowing shift statement (bnc#1012382).
- netrom: fix locking in nr_find_socket() (bnc#1012382).
- net: sched: gred: pass the right attribute to gred_change_table_def() (bnc#1012382).
- net: socket: fix a missing-check bug (bnc#1012382).
- net: stmmac: Fix stmmac_mdio_reset() when building stmmac as modules (bnc#1012382).
- net: thunderx: fix NULL pointer dereference in nic_remove (bnc#1012382).
- new helper: uaccess_kernel() (bnc#1012382).
- NFC: nfcmrvl_uart: fix OF child-node lookup (bnc#1012382).
- nfit: skip region registration for incomplete control regions (bsc#1118930).
- nfsd: Fix an Oops in free_session() (bnc#1012382).
- NFS: Ensure we commit after writeback is complete (bsc#1111809).
- NFSv4.1: Fix the r/wsize checking (bnc#1012382).
- NFSv4: Do not exit the state manager without clearing NFS4CLNT_MANAGER_RUNNING.
- nvme: validate controller state before rescheduling keep alive (bsc#1103257).
- ocfs2: fix a misuse a of brelse after failing ocfs2_check_dir_entry (bnc#1012382).
- ocfs2: fix deadlock caused by ocfs2_defrag_extent() (bnc#1012382).
- ocfs2: fix potential use after free (bnc#1012382).
- of: add helper to lookup compatible child node (bnc#1012382).
- packet: validate address length (bnc#1012382).
- packet: validate address length if non-zero (bnc#1012382).
- parisc: Fix address in HPMC IVA (bnc#1012382).
- parisc: Fix map_pages() to not overwrite existing pte entries (bnc#1012382).
- PCI: Add Device IDs for Intel GPU 'spurious interrupt' quirk (bnc#1012382).
- PCI/ASPM: Do not initialize link state when aspm_disabled is set (bsc#1109806).
- PCI/ASPM: Fix link_state teardown on device removal (bsc#1109806).
- PCI: vmd: Detach resources after stopping root bus (bsc#1106105).
- pcmcia: Implement CLKRUN protocol disabling for Ricoh bridges (bnc#1012382).
- perf/bpf: Convert perf_event_array to use struct file (bsc#1119967).
- perf/core: Do not leak event in the syscall error path (bnc#1012382).
- perf pmu: Suppress potential format-truncation warning (bnc#1012382).
- perf/ring_buffer: Prevent concurent ring buffer access (bnc#1012382).
- perf tools: Cleanup trace-event-info 'tdata' leak (bnc#1012382).
- perf tools: Disable parallelism for 'make clean' (bnc#1012382).
- perf tools: Free temporary 'sys' string in read_event_files() (bnc#1012382).
- pinctrl: qcom: spmi-mpp: Fix drive strength setting (bnc#1012382).
- pinctrl: qcom: spmi-mpp: Fix err handling of pmic_mpp_set_mux (bnc#1012382).
- pinctrl: spmi-mpp: Fix pmic_mpp_config_get() to be compliant (bnc#1012382).
- pinctrl: ssbi-gpio: Fix pm8xxx_pin_config_get() to be compliant (bnc#1012382).
- pinctrl: sunxi: a83t: Fix IRQ offset typo for PH11 (bnc#1012382).
- platform/x86: acerhdf: Add BIOS entry for Gateway LT31 v1.3307 (bnc#1012382).
- PM / devfreq: tegra: fix error return code in tegra_devfreq_probe() (bnc#1012382).
- pNFS: Fix a deadlock between read resends and layoutreturn.
- pNFS/flexfiles: Fix up the ff_layout_write_pagelist failure path.
- pNFS/flexfiles: When checking for available DSes, conditionally check for MDS io.
- pnfs: set NFS_IOHDR_REDO in pnfs_read_resend_pnfs.
- powerpc/64s: consolidate MCE counter increment (bsc#1094244).
- powerpc/boot: Ensure _zimage_start is a weak symbol (bnc#1012382).
- powerpc/boot: Fix random libfdt related build errors (bnc#1012382).
- powerpc/boot: Request no dynamic linker for boot wrapper (bsc#1070805).
- powerpc: Fix COFF zImage booting on old powermacs (bnc#1012382).
- powerpc/mm/radix: Use mm->task_size for boundary checking instead of addr_limit (bsc#1027457).
- powerpc/msi: Fix compile error on mpc83xx (bnc#1012382).
- powerpc/msi: Fix NULL pointer access in teardown code (bnc#1012382).
- powerpc/nohash: fix undefined behaviour when testing page size support (bnc#1012382).
- powerpc/numa: Suppress 'VPHN is not supported' messages (bnc#1012382).
- powerpc/powernv: Do not select the cpufreq governors (bsc#1066223).
- powerpc/powernv: Fix opal_event_shutdown() called with interrupts disabled (bsc#1066223).
- powerpc/powernv/pci: Work around races in PCI bridge enabling (bsc#1066223).
- powerpc/pseries: Fix DTL buffer registration (bsc#1066223).
- powerpc/pseries: Fix how we iterate over the DTL entries (bsc#1066223).
- powerpc/pseries/mobility: Extend start/stop topology update scope (bsc#1116950, bsc#1115709).
- powerpc/traps: restore recoverability of machine_check interrupts (bsc#1094244).
- power: supply: olpc_battery: correct the temperature units (bnc#1012382).
- printk: Fix panic caused by passing log_buf_len to command line (bnc#1012382).
- Provide a temporary fix for STIBP on-by-default (bsc#1116497).
- pstore: Convert console write to use ->write_buf (bnc#1012382).
- ptp: fix Spectre v1 vulnerability (bnc#1012382).
- pxa168fb: prepare the clock (bnc#1012382).
- qed: Fix bitmap_weight() check (bsc#1019695).
- qed: Fix PTT leak in qed_drain() (bnc#1012382).
- qed: Fix QM getters to always return a valid pq (bsc#1019695 ).
- qed: Fix reading wrong value in loop condition (bnc#1012382).
- r8152: Check for supported Wake-on-LAN Modes (bnc#1012382).
- r8169: fix NAPI handling under high load (bnc#1012382).
- rapidio/rionet: do not free skb before reading its length (bnc#1012382).
- RDMA/ucma: Fix Spectre v1 vulnerability (bnc#1012382).
- reiserfs: propagate errors from fill_with_dentries() properly (bnc#1012382).
- Reorder a few commits in kGraft out of tree section
- Revert 'Bluetooth: h5: Fix missing dependency on BT_HCIUART_SERDEV' (bnc#1012382).
- Revert 'ceph: fix dentry leak in splice_dentry()' (bsc#1114839).
- Revert 'drm/rockchip: Allow driver to be shutdown on reboot/kexec' (bsc#1106929)
- Revert 'exec: avoid gcc-8 warning for get_task_comm' (kabi).
- Revert 'iommu/io-pgtable-arm: Check for v7s-incapable systems' (bsc#1106105).
- Revert 'media: v4l: event: Add subscription to list before calling 'add' operation' (kabi).
- Revert 'media: videobuf2-core: do not call memop 'finish' when queueing' (bnc#1012382).
- Revert 'PCI/ASPM: Do not initialize link state when aspm_disabled is set' (bsc#1106105).
- Revert 'usb: musb: musb_host: Enable HCD_BH flag to handle urb return in bottom half' (bsc#1047487).
- Revert 'wlcore: Add missing PM call for wlcore_cmd_wait_for_event_or_timeout()' (bnc#1012382).
- Revert 'x86/kconfig: Fall back to ticket spinlocks' (kabi).
- rocker: fix rocker_tlv_put_* functions for KASAN (bnc#1012382).
- rpcrdma: Add RPCRDMA_HDRLEN_ERR.
- rpm/kernel-binary.spec.in: Add missing export BRP_SIGN_FILES (bsc#1115587).
- rps: flow_dissector: Fix uninitialized flow_keys used in __skb_get_hash possibly (bsc#1042286 bsc#1108145).
- rtc: hctosys: Add missing range error reporting (bnc#1012382).
- rtc: snvs: add a missing write sync (bnc#1012382).
- rtc: snvs: Add timeouts to avoid kernel lockups (bnc#1012382).
- rtnetlink: Disallow FDB configuration for non-Ethernet device (bnc#1012382).
- rtnetlink: ndo_dflt_fdb_dump() only work for ARPHRD_ETHER devices (bnc#1012382).
- s390/cpum_cf: Reject request for sampling in event initialization (bnc#1012382).
- s390/mm: Check for valid vma before zapping in gmap_discard (bnc#1012382).
- s390/mm: Fix ERROR: '__node_distance' undefined! (bnc#1012382).
- s390: qeth_core_mpc: Use ARRAY_SIZE instead of reimplementing its function (bnc#1114475, LTC#172682).
- s390/qeth: fix HiperSockets sniffer (bnc#1114475, LTC#172953).
- s390/qeth: fix length check in SNMP processing (bnc#1012382).
- s390: qeth: Fix potential array overrun in cmd/rc lookup (bnc#1114475, LTC#172682).
- s390/vdso: add missing FORCE to build targets (bnc#1012382).
- sbus: char: add of_node_put() (bnc#1012382).
- sc16is7xx: Fix for multi-channel stall (bnc#1012382).
- sched/cgroup: Fix cgroup entity load tracking tear-down (bnc#1012382).
- sched/fair: Fix throttle_list starvation with low CFS quota (bnc#1012382).
- sch_red: update backlog as well (bnc#1012382).
- scsi: aacraid: Fix typo in blink status (bnc#1012382).
- scsi: bfa: convert to strlcpy/strlcat (bnc#1012382 bsc#1019683, ).
- scsi: bnx2fc: Fix NULL dereference in error handling (bnc#1012382).
- scsi: core: Allow state transitions from OFFLINE to BLOCKED (bsc#1112246).
- scsi: Create two versions of scsi_internal_device_unblock() (bsc#1119877).
- scsi: csiostor: Avoid content leaks and casts (bnc#1012382).
- scsi: esp_scsi: Track residual for PIO transfers (bnc#1012382).
- scsi: Introduce scsi_start_queue() (bsc#1119877).
- scsi: libfc: check fc_frame_payload_get() return value for null (bsc#1103624, bsc#1104731).
- scsi: libfc: retry PRLI if we cannot analyse the payload (bsc#1104731).
- scsi: libiscsi: Fix NULL pointer dereference in iscsi_eh_session_reset (bnc#1012382).
- scsi: lpfc: Add Buffer overflow check, when nvme_info larger than PAGE_SIZE (bsc#1102660).
- scsi: lpfc: Correct soft lockup when running mds diagnostics (bnc#1012382).
- scsi: lpfc: devloss timeout race condition caused null pointer reference (bsc#1102660).
- scsi: lpfc: Fix abort error path for NVMET (bsc#1102660).
- scsi: lpfc: fix block guard enablement on SLI3 adapters (bsc#1079935).
- scsi: lpfc: Fix driver crash when re-registering NVME rports (bsc#1102660).
- scsi: lpfc: Fix ELS abort on SLI-3 adapters (bsc#1102660).
- scsi: lpfc: Fix list corruption on the completion queue (bsc#1102660).
- scsi: lpfc: Fix NVME Target crash in defer rcv logic (bsc#1102660).
- scsi: lpfc: Fix panic if driver unloaded when port is offline (bsc#1102660).
- scsi: lpfc: update driver version to 11.4.0.7-5 (bsc#1102660).
- scsi: Make __scsi_remove_device go straight from BLOCKED to DEL (bsc#1119877).
- scsi: megaraid_sas: fix a missing-check bug (bnc#1012382).
- scsi: Protect SCSI device state changes with a mutex (bsc#1119877).
- scsi: qedi: Add ISCSI_BOOT_SYSFS to Kconfig (bsc#1043083).
- scsi: qla2xxx: Fix crashes in qla2x00_probe_one on probe failure (bsc#1094973).
- scsi: qla2xxx: Fix incorrect port speed being set for FC adapters (bnc#1012382).
- scsi: qla2xxx: Fix small memory leak in qla2x00_probe_one on probe failure (bsc#1094973).
- scsi: Re-export scsi_internal_device_{,un}_block() (bsc#1119877).
- scsi: Split scsi_internal_device_block() (bsc#1119877).
- scsi: target: add emulate_pr backstore attr to toggle PR support (bsc#1091405).
- scsi: target: drop unused pi_prot_format attribute storage (bsc#1091405).
- scsi: ufs: fix bugs related to null pointer access and array size (bnc#1012382).
- scsi: ufs: fix race between clock gating and devfreq scaling work (bnc#1012382).
- scsi: ufshcd: Fix race between clk scaling and ungate work (bnc#1012382).
- scsi: ufshcd: release resources if probe fails (bnc#1012382).
- scsi: use 'inquiry_mutex' instead of 'state_mutex' (bsc#1119877).
- scsi: vmw_pscsi: Rearrange code to avoid multiple calls to free_irq during unload (bnc#1012382).
- scsi: zfcp: fix posting too many status read buffers leading to adapter shutdown (bnc#1012382).
- sctp: clear the transport of some out_chunk_list chunks in sctp_assoc_rm_peer (bnc#1012382).
- sctp: fix race on sctp_id2asoc (bnc#1012382).
- sctp: initialize sin6_flowinfo for ipv6 addrs in sctp_inet6addr_event (bnc#1012382).
- selftests: ftrace: Add synthetic event syntax testcase (bnc#1012382).
- selftests: Move networking/timestamping from Documentation (bnc#1012382).
- seq_file: fix incomplete reset on read from zero offset.
- ser_gigaset: use container_of() instead of detour (bnc#1012382).
- signal: Always deliver the kernel's SIGKILL and SIGSTOP to a pid namespace init (bnc#1012382).
- signal/GenWQE: Fix sending of SIGKILL (bnc#1012382).
- smb3: allow stats which track session and share reconnects to be reset (bnc#1012382).
- smb3: do not attempt cifs operation in smb3 query info error path (bnc#1012382).
- smb3: on kerberos mount if server does not specify auth type use krb5 (bnc#1012382).
- smsc75xx: Check for Wake-on-LAN modes (bnc#1012382).
- smsc95xx: Check for Wake-on-LAN modes (bnc#1012382).
- sock: Make sock->sk_stamp thread-safe (bnc#1012382).
- soc/tegra: pmc: Fix child-node lookup (bnc#1012382).
- sparc64: Fix exception handling in UltraSPARC-III memcpy (bnc#1012382).
- sparc64 mm: Fix more TSB sizing issues (bnc#1012382).
- sparc: Fix single-pcr perf event counter management (bnc#1012382).
- sparc/pci: Refactor dev_archdata initialization into pci_init_dev_archdata (bnc#1012382).
- spi: bcm2835: Avoid finishing transfer prematurely in IRQ mode (bnc#1012382).
- spi: bcm2835: Fix book-keeping of DMA termination (bnc#1012382).
- spi: bcm2835: Fix race on DMA termination (bnc#1012382).
- spi: bcm2835: Unbreak the build of esoteric configs (bnc#1012382).
- spi/bcm63xx: fix error return code in bcm63xx_spi_probe() (bnc#1012382).
- spi/bcm63xx-hspi: fix error return code in bcm63xx_hsspi_probe() (bnc#1012382).
- spi: xlp: fix error return code in xlp_spi_probe() (bnc#1012382).
- sr9800: Check for supported Wake-on-LAN modes (bnc#1012382).
- sr: pass down correctly sized SCSI sense buffer (bnc#1012382).
- Staging: lustre: remove two build warnings (bnc#1012382).
- staging: rts5208: fix gcc-8 logic error warning (bnc#1012382).
- staging: speakup: Replace strncpy with memcpy (bnc#1012382).
- sunrpc: correct the computation for page_ptr when truncating (bnc#1012382).
- SUNRPC: drop pointless static qualifier in xdr_get_next_encode_buffer() (bnc#1012382).
- SUNRPC: Fix a bogus get/put in generic_key_to_expire() (bnc#1012382).
- SUNRPC: Fix a potential race in xprt_connect().
- SUNRPC: fix cache_head leak due to queued request (bnc#1012382).
- SUNRPC: Fix leak of krb5p encode pages (bnc#1012382).
- svcrdma: Remove unused variable in rdma_copy_tail().
- swim: fix cleanup on setup error (bnc#1012382).
- swiotlb: clean up reporting (bnc#1012382).
- sysv: return 'err' instead of 0 in __sysv_write_inode (bnc#1012382).
- target/iscsi: avoid NULL dereference in CHAP auth error path (bsc#1117165).
- target: se_dev_attrib.emulate_pr ABI stability (bsc#1091405).
- tcp: fix NULL ref in tail loss probe (bnc#1012382).
- TC: Set DMA masks for devices (bnc#1012382).
- termios, tty/tty_baudrate.c: fix buffer overrun (bnc#1012382).
- tg3: Add PHY reset for 5717/5719/5720 in change ring and flow control paths (bnc#1012382).
- thermal: allow spear-thermal driver to be a module (bnc#1012382).
- thermal: allow u8500-thermal driver to be a module (bnc#1012382).
- timer/debug: Change /proc/timer_list from 0444 to 0400 (bnc#1012382).
- tmpfs: make lseek(SEEK_DATA/SEK_HOLE) return ENXIO with a negative offset (bnc#1012382).
- tpm: fix response size validation in tpm_get_random() (bsc#1020645).
- tpm: suppress transmit cmd error logs when TPM 1.2 is disabled/deactivated (bnc#1012382).
- tracing: Fix bad use of igrab in trace_uprobe.c (bsc#1120046).
- tracing: Fix memory leak in set_trigger_filter() (bnc#1012382).
- tracing: Fix memory leak of instance function hash filters (bnc#1012382).
- tracing: Skip more functions when doing stack tracing of events (bnc#1012382).
- tty: check name length in tty_find_polling_driver() (bnc#1012382).
- tty: serial: 8250_mtk: always resume the device in probe (bnc#1012382).
- tty: serial: sprd: fix error return code in sprd_probe() (bnc#1012382).
- tty: wipe buffer (bnc#1012382).
- tty: wipe buffer if not echoing data (bnc#1012382).
- tun: Consistently configure generic netdev params via rtnetlink (bnc#1012382).
- tun: forbid iface creation with rtnl ops (bnc#1012382).
- uio: ensure class is registered before devices (bnc#1012382).
- uio: Fix an Oops on load (bnc#1012382).
- uio: make symbol 'uio_class_registered' static.
- um: Avoid longjmp/setjmp symbol clashes with libpthread.a (bnc#1012382).
- um: Give start_idle_thread() a return code (bnc#1012382).
- unifdef: use memcpy instead of strncpy (bnc#1012382).
- uprobes: Fix handle_swbp() vs. unregister() + register() race once more (bnc#1012382).
- usb: appledisplay: Add 27' Apple Cinema Display (bnc#1012382).
- usb: cdc-acm: add entry for Hiro (Conexant) modem (bnc#1012382).
- usb: check usb_get_extra_descriptor for proper size (bnc#1012382).
- usb: chipidea: Prevent unbalanced IRQ disable (bnc#1012382).
- usb: core: Fix hub port connection events lost (bnc#1012382).
- usb: core: quirks: add RESET_RESUME quirk for Cherry G230 Stream series (bnc#1012382).
- usb: dwc3: omap: fix error return code in dwc3_omap_probe() (bnc#1012382).
- usb: ehci-omap: fix error return code in ehci_hcd_omap_probe() (bnc#1012382).
- usb: fix the usbfs flag sanitization for control transfers (bnc#1012382).
- usb: gadget: dummy: fix nonsensical comparisons (bnc#1012382).
- usb: gadget: storage: Fix Spectre v1 vulnerability (bnc#1012382).
- usb: imx21-hcd: fix error return code in imx21_probe() (bnc#1012382).
- usb: misc: appledisplay: add 20' Apple Cinema Display (bnc#1012382).
- usbnet: ipheth: fix potential recvmsg bug and recvmsg bug 2 (bnc#1012382).
- usb: omap_udc: fix crashes on probe error and module removal (bnc#1012382).
- usb: omap_udc: fix omap_udc_start() on 15xx machines (bnc#1012382).
- usb: omap_udc: fix USB gadget functionality on Palm Tungsten E (bnc#1012382).
- usb: omap_udc: use devm_request_irq() (bnc#1012382).
- usb: quirk: add no-LPM quirk on SanDisk Ultra Flair device (bnc#1012382).
- usb: quirks: Add delay-init quirk for Corsair K70 LUX RGB (bnc#1012382).
- usb: quirks: Add no-lpm quirk for Raydium touchscreens (bnc#1012382).
- usb: r8a66597: Fix a possible concurrency use-after-free bug in r8a66597_endpoint_disable() (bnc#1012382).
- usb: serial: option: add Fibocom NL678 series (bnc#1012382).
- usb: serial: option: add GosunCn ZTE WeLink ME3630 (bnc#1012382).
- usb: serial: option: add HP lt4132 (bnc#1012382).
- usb: serial: option: add Simcom SIM7500/SIM7600 (MBIM mode) (bnc#1012382).
- usb: serial: option: add Telit LN940 series (bnc#1012382).
- usb: serial: pl2303: add ids for Hewlett-Packard HP POS pole displays (bnc#1012382).
- usb-storage: fix bogus hardware error messages for ATA pass-thru devices (bnc#1012382).
- usb: usb-storage: Add new IDs to ums-realtek (bnc#1012382).
- usb: xhci: fix timeout for transition from RExit to U0 (bnc#1012382).
- usb: xhci: fix uninitialized completion when USB3 port got wrong status (bnc#1012382).
- usb: xhci: Prevent bus suspend if a port connect change or polling state is detected (bnc#1012382).
- v9fs_dir_readdir: fix double-free on p9stat_read error (bnc#1012382).
- vfs: Avoid softlockups in drop_pagecache_sb() (bsc#1118505).
- vhost: Fix Spectre V1 vulnerability (bnc#1012382).
- vhost: make sure used idx is seen before log in vhost_add_used_n() (bnc#1012382).
- vhost/scsi: truncate T10 PI iov_iter to prot_bytes (bnc#1012382).
- video: fbdev: pxa3xx_gcu: fix error return code in pxa3xx_gcu_probe() (bnc#1012382).
- virtio/s390: avoid race on vcdev->config (bnc#1012382).
- virtio/s390: fix race in ccw_io_helper() (bnc#1012382).
- VSOCK: Send reset control packet when socket is partially bound (bnc#1012382).
- vti6: flush x-netns xfrm cache when vti interface is removed (bnc#1012382).
- w1: omap-hdq: fix missing bus unregister at removal (bnc#1012382).
- x86: boot: Fix EFI stub alignment (bnc#1012382).
- x86/boot: #undef memcpy() et al in string.c (bnc#1012382).
- x86/build: Fix stack alignment for CLang (bnc#1012382).
- x86/build: Specify stack alignment for clang (bnc#1012382).
- x86/build: Use __cc-option for boot code compiler options (bnc#1012382).
- x86/build: Use cc-option to validate stack alignment parameter (bnc#1012382).
- x86/corruption-check: Fix panic in memory_corruption_check() when boot option without value is provided (bnc#1012382).
- x86/earlyprintk/efi: Fix infinite loop on some screen widths (bnc#1012382).
- x86/entry: spell EBX register correctly in documentation (bnc#1012382).
- x86/kbuild: Use cc-option to enable -falign-{jumps/loops} (bnc#1012382).
- x86/kconfig: Fall back to ticket spinlocks (bnc#1012382).
- x86/MCE: Export memory_error() (bsc#1114648).
- x86/MCE: Make correctable error detection look at the Deferred bit (bsc#1114648).
- x86/mm/kaslr: Use the _ASM_MUL macro for multiplication to work around Clang incompatibility (bnc#1012382).
- x86/mm/pat: Prevent hang during boot when mapping pages (bnc#1012382).
- x86/mtrr: Do not copy uninitialized gentry fields back to userspace (bnc#1012382).
- x86/speculation/l1tf: Drop the swap storage limit restriction when l1tf=off (bnc#1114871).
- x86/speculation: Use synthetic bits for IBRS/IBPB/STIBP (bnc#1012382).
- xen/balloon: Support xend-based toolstack (bnc#1065600).
- xen/blkfront: avoid NULL blkfront_info dereference on device removal (bsc#1111062).
- xen: fix race in xen_qlock_wait() (bnc#1012382).
- xen: fix xen_qlock_wait() (bnc#1012382).
- xen: make xen_qlock_wait() nestable (bnc#1012382).
- xen/netback: dont overflow meta array (bnc#1099523).
- xen/netfront: tolerate frags with no data (bnc#1012382).
- xen-swiotlb: use actually allocated size on check physical continuous (bnc#1012382).
- xen/x86: add diagnostic printout to xen_mc_flush() in case of error (bnc#1116183).
- xen: xlate_mmu: add missing header to fix 'W=1' warning (bnc#1012382).
- xfrm6: call kfree_skb when skb is toobig (bnc#1012382).
- xfrm: Clear sk_dst_cache when applying per-socket policy (bnc#1012382).
- xfrm: Fix bucket count reported to userspace (bnc#1012382).
- xfrm: use complete IPv6 addresses for hash (bsc#1109330).
- xfrm: Validate address prefix lengths in the xfrm selector (bnc#1012382).
- xfrm: validate template mode (bnc#1012382).
- xfs: Align compat attrlist_by_handle with native implementation.
- xfs/dmapi: restore event in xfs_getbmap (bsc#1114763).
- xfs: Fix error code in 'xfs_ioc_getbmap()'.
- xfs: fix quotacheck dquot id overflow infinite loop (bsc#1121621).
- xhci: Add quirk to workaround the errata seen on Cavium Thunder-X2 Soc (bsc#1117162).
- xhci: Do not prevent USB2 bus suspend in state check intended for USB3 only (bnc#1012382).
- xhci: Prevent U1/U2 link pm states if exit latency is too long (bnc#1012382).
- xprtrdma: checking for NULL instead of IS_ERR().
- xprtrdma: Disable pad optimization by default.
- xprtrdma: Disable RPC/RDMA backchannel debugging messages.
- xprtrdma: Fix additional uses of spin_lock_irqsave(rb_lock).
- xprtrdma: Fix backchannel allocation of extra rpcrdma_reps.
- xprtrdma: Fix Read chunk padding.
- xprtrdma: Fix receive buffer accounting.
- xprtrdma: Reset credit grant properly after a disconnect.
- xprtrdma: rpcrdma_bc_receive_call() should init rq_private_buf.len.
- xprtrdma: Serialize credit accounting again.
- xprtrdma: xprt_rdma_free() must not release backchannel reqs.
- xtensa: add NOTES section to the linker script (bnc#1012382).
- xtensa: enable coprocessors that are being flushed (bnc#1012382).
- xtensa: fix boot parameters address translation (bnc#1012382).
- xtensa: fix coprocessor context offset definitions (bnc#1012382).
- xtensa: make sure bFLT stack is 16 byte aligned (bnc#1012382).
- zram: close udev startup race condition as default groups (bnc#1012382).
Patchnames
SUSE-2019-148,SUSE-SLE-SERVER-12-SP3-2019-148
Terms of use
CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).
{
"document": {
"aggregate_severity": {
"namespace": "https://www.suse.com/support/security/rating/",
"text": "important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright 2024 SUSE LLC. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "Security update for the Linux Kernel",
"title": "Title of the patch"
},
{
"category": "description",
"text": " The SUSE Linux Enterprise 12 SP3 kernel for Azure was updated to receive various security and bugfixes.\n\nThe following security bugs were fixed:\n\n- CVE-2018-19407: The vcpu_scan_ioapic function in arch/x86/kvm/x86.c allowed local users to cause a denial of service (NULL pointer dereference and BUG) via crafted system calls that reach a situation where ioapic was uninitialized (bnc#1116841).\n- CVE-2018-19985: The function hso_probe read if_num from the USB device (as an u8) and used it without a length check to index an array, resulting in an OOB memory read in hso_probe or hso_get_config_data that could be used by local attackers (bnc#1120743).\n- CVE-2018-3639: Systems with microprocessors utilizing speculative execution and speculative execution of memory reads before the addresses of all prior memory writes are known may allow unauthorized disclosure of information to an attacker with local user access via a side-channel analysis, aka Speculative Store Bypass (SSB), Variant 4 (bnc#1087082).\n- CVE-2018-1120: By mmap()ing a FUSE-backed file onto a process\u0027s memory containing command line arguments (or environment strings), an attacker can cause utilities from psutils or procps (such as ps, w) or any other program which made a read() call to the /proc/\u003cpid\u003e/cmdline (or /proc/\u003cpid\u003e/environ) files to block indefinitely (denial of service) or for some controlled time (as a synchronization primitive for other attacks) (bnc#1093158).\n- CVE-2017-16939: The XFRM dump policy implementation in net/xfrm/xfrm_user.c allowed local users to gain privileges or cause a denial of service (use-after-free) via a crafted SO_RCVBUF setsockopt system call in conjunction with XFRM_MSG_GETPOLICY Netlink messages (bnc#1069702).\n- CVE-2018-16884: NFS41+ shares mounted in different network namespaces at the same time can make bc_svc_process() use wrong back-channel IDs and cause a use-after-free vulnerability. Thus a malicious container user can cause a host kernel memory corruption and a system panic. Due to the nature of the flaw, privilege escalation cannot be fully ruled out (bnc#1119946).\n- CVE-2018-20169: The USB subsystem mishandled size checks during the reading of an extra descriptor, related to __usb_get_extra_descriptor in drivers/usb/core/usb.c (bnc#1119714).\n- CVE-2018-9568: In sk_clone_lock of sock.c, there is a possible memory corruption due to type confusion. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation (bnc#1118319).\n- CVE-2018-16862: A security flaw was found in the way that the cleancache subsystem clears an inode after the final file truncation (removal). The new file created with the same inode may contain leftover pages from cleancache and the old file data instead of the new one (bnc#1117186).\n- CVE-2018-19824: A local user could exploit a use-after-free in the ALSA driver by supplying a malicious USB Sound device (with zero interfaces) that is mishandled in usb_audio_probe in sound/usb/card.c (bnc#1118152).\n\nThe following non-security bugs were fixed:\n\n- 9p: clear dangling pointers in p9stat_free (bnc#1012382).\n- 9p locks: fix glock.client_id leak in do_lock (bnc#1012382).\n- 9p/net: put a lower bound on msize (bnc#1012382).\n- ACPI/IORT: Fix iort_get_platform_device_domain() uninitialized pointer value (bsc#1121239).\n- ACPI/LPSS: Add alternative ACPI HIDs for Cherry Trail DMA controllers (bnc#1012382).\n- ACPI/nfit, x86/mce: Handle only uncorrectable machine checks (bsc#1114648).\n- ACPI/nfit, x86/mce: Validate a MCE\u0027s address before using it (bsc#1114648).\n- ACPI/platform: Add SMB0001 HID to forbidden_id_list (bnc#1012382).\n- af_iucv: Move sockaddr length checks to before accessing sa_family in bind and connect handlers (bnc#1012382).\n- ahci: do not ignore result code of ahci_reset_controller() (bnc#1012382).\n- aio: fix spectre gadget in lookup_ioctx (bnc#1012382).\n- aio: hold an extra file reference over AIO read/write operations (bsc#1116027).\n- ALSA: ac97: Fix incorrect bit shift at AC97-SPSA control write (bnc#1012382).\n- ALSA: ca0106: Disable IZD on SB0570 DAC to fix audio pops (bnc#1012382).\n- ALSA: control: Fix race between adding and removing a user element (bnc#1012382).\n- ALSA: cs46xx: Potential NULL dereference in probe (bnc#1012382).\n- ALSA: emu10k1: Fix potential Spectre v1 vulnerabilities (bnc#1012382).\n- ALSA: emux: Fix potential Spectre v1 vulnerabilities (bnc#1012382).\n- ALSA: hda - Add mic quirk for the Lenovo G50-30 (17aa:3905) (bnc#1012382).\n- ALSA: hda: add mute LED support for HP EliteBook 840 G4 (bnc#1012382).\n- ALSA: hda: Add support for AMD Stoney Ridge (bnc#1012382).\n- ALSA: hda: Check the non-cached stream buffers more explicitly (bnc#1012382).\n- ALSA: hda/tegra: clear pending irq handlers (bnc#1012382).\n- ALSA: isa/wavefront: prevent some out of bound writes (bnc#1012382).\n- ALSA: pcm: Call snd_pcm_unlink() conditionally at closing (bnc#1012382).\n- ALSA: pcm: Fix interval evaluation with openmin/max (bnc#1012382).\n- ALSA: pcm: Fix potential Spectre v1 vulnerability (bnc#1012382).\n- ALSA: pcm: Fix starvation on down_write_nonblock() (bnc#1012382).\n- ALSA: pcm: remove SNDRV_PCM_IOCTL1_INFO internal command (bnc#1012382).\n- ALSA: rme9652: Fix potential Spectre v1 vulnerability (bnc#1012382).\n- ALSA: sparc: Fix invalid snd_free_pages() at error path (bnc#1012382).\n- ALSA: timer: Fix zero-division by continue of uninitialized instance (bnc#1012382).\n- ALSA: trident: Suppress gcc string warning (bnc#1012382).\n- ALSA: usb-audio: Avoid access before bLength check in build_audio_procunit() (bnc#1012382).\n- ALSA: usb-audio: Fix an out-of-bound read in create_composite_quirks (bnc#1012382).\n- ALSA: wss: Fix invalid snd_free_pages() at error path (bnc#1012382).\n- amd/iommu: Fix Guest Virtual APIC Log Tail Address Register (bsc#1106105).\n- ARC: change defconfig defaults to ARCv2 (bnc#1012382).\n- ARC: [devboards] Add support of NFSv3 ACL (bnc#1012382).\n- arch/alpha, termios: implement BOTHER, IBSHIFT and termios2 (bnc#1012382).\n- ARC: io.h: Implement reads{x}()/writes{x}() (bnc#1012382).\n- ARM64: Disable asm-operand-width warning for clang (bnc#1012382).\n- ARM64: dts: stratix10: Correct System Manager register size (bnc#1012382).\n- ARM64: Enabled ENA (Amazon network driver)\n- ARM64: hardcode rodata_enabled=true earlier in the series (bsc#1114763). \n- ARM64: PCI: ACPI support for legacy IRQs parsing and consolidation with DT code.\n- ARM64: percpu: Initialize ret in the default case (bnc#1012382).\n- ARM64: remove no-op -p linker flag (bnc#1012382).\n- ARM: 8799/1: mm: fix pci_ioremap_io() offset check (bnc#1012382).\n- ARM: 8814/1: mm: improve/fix ARM v7_dma_inv_range() unaligned address handling (bnc#1012382).\n- ARM: dts: apq8064: add ahci ports-implemented mask (bnc#1012382).\n- ARM: dts: imx53-qsb: disable 1.2GHz OPP (bnc#1012382).\n- ARM: fix mis-applied iommu identity check (bsc#1116924).\n- ARM: imx: update the cpu power up timing setting on i.mx6sx (bnc#1012382).\n- ARM: kvm: fix building with gcc-8 (bsc#1121241).\n- ARM: OMAP1: ams-delta: Fix possible use of uninitialized field (bnc#1012382).\n- ARM: OMAP2+: prm44xx: Fix section annotation on omap44xx_prm_enable_io_wakeup (bnc#1012382).\n- asix: Check for supported Wake-on-LAN modes (bnc#1012382).\n- ASoC: ak4613: Enable cache usage to fix crashes on resume (bnc#1012382).\n- ASoC: dapm: Recalculate audio map forcely when card instantiated (bnc#1012382).\n- ASoC: omap-dmic: Add pm_qos handling to avoid overruns with CPU_IDLE (bnc#1012382).\n- ASoC: omap-mcpdm: Add pm_qos handling to avoid under/overruns with CPU_IDLE (bnc#1012382).\n- ASoC: spear: fix error return code in spdif_in_probe() (bnc#1012382).\n- ASoC: wm8940: Enable cache usage to fix crashes on resume (bnc#1012382).\n- ataflop: fix error handling during setup (bnc#1012382).\n- ath10k: fix kernel panic due to race in accessing arvif list (bnc#1012382).\n- ath10k: schedule hardware restart if WMI command times out (bnc#1012382).\n- ax25: fix a use-after-free in ax25_fillin_cb() (bnc#1012382).\n- ax88179_178a: Check for supported Wake-on-LAN modes (bnc#1012382).\n- b43: Fix error in cordic routine (bnc#1012382).\n- batman-adv: Expand merged fragment buffer for full packet (bnc#1012382).\n- bcache: fix miss key refill-\u003eend in writeback (bnc#1012382).\n- bfs: add sanity check at bfs_fill_super() (bnc#1012382).\n- binfmt_elf: fix calculations for bss padding (bnc#1012382).\n- bitops: protect variables in bit_clear_unless() macro (bsc#1116285).\n- block: fix inheriting request priority from bio (bsc#1116924).\n- block: respect virtual boundary mask in bvecs (bsc#1113412).\n- Bluetooth: btbcm: Add entry for BCM4335C0 UART bluetooth (bnc#1012382).\n- Bluetooth: SMP: fix crash in unpairing (bnc#1012382).\n- bna: ethtool: Avoid reading past end of buffer (bnc#1012382).\n- bnx2x: Assign unique DMAE channel number for FW DMAE transactions (bnc#1012382).\n- bonding: fix 802.3ad state sent to partner when unbinding slave (bnc#1012382).\n- bpf: fix check of allowed specifiers in bpf_trace_printk (bnc#1012382).\n- bpf: generally move prog destruction to RCU deferral (bnc#1012382).\n- bpf: support 8-byte metafield access (bnc#1012382).\n- bpf, trace: check event type in bpf_perf_event_read (bsc#1119970).\n- bpf, trace: use READ_ONCE for retrieving file ptr (bsc#1119967).\n- bpf/verifier: Add spi variable to check_stack_write() (bnc#1012382).\n- bpf/verifier: Pass instruction index to check_mem_access() and check_xadd() (bnc#1012382).\n- bridge: do not add port to router list when receives query with source 0.0.0.0 (bnc#1012382).\n- btrfs: Always try all copies when reading extent buffers (bnc#1012382).\n- btrfs: do not attempt to trim devices that do not support it (bnc#1012382).\n- btrfs: ensure path name is null terminated at btrfs_control_ioctl (bnc#1012382).\n- btrfs: fix backport error in submit_stripe_bio (bsc#1114763).\n- btrfs: fix data corruption due to cloning of eof block (bnc#1012382).\n- btrfs: Fix memory barriers usage with device stats counters.\n- btrfs: fix null pointer dereference on compressed write path error (bnc#1012382).\n- btrfs: fix pinned underflow after transaction aborted (bnc#1012382).\n- btrfs: fix use-after-free when dumping free space (bnc#1012382).\n- btrfs: fix wrong dentries after fsync of file that got its parent replaced (bnc#1012382).\n- btrfs: Handle error from btrfs_uuid_tree_rem call in _btrfs_ioctl_set_received_subvol.\n- btrfs: Handle owner mismatch gracefully when walking up tree (bnc#1012382).\n- btrfs: iterate all devices during trim, instead of fs_devices::alloc_list (bnc#1012382).\n- btrfs: locking: Add extra check in btrfs_init_new_buffer() to avoid deadlock (bnc#1012382).\n- btrfs: make sure we create all new block groups (bnc#1012382).\n- btrfs: qgroup: Dirty all qgroups before rescan (bnc#1012382).\n- btrfs: release metadata before running delayed refs (bnc#1012382).\n- btrfs: reset max_extent_size on clear in a bitmap (bnc#1012382).\n- btrfs: send, fix infinite loop due to directory rename dependencies (bnc#1012382).\n- btrfs: set max_extent_size properly (bnc#1012382).\n- btrfs: wait on caching when putting the bg cache (bnc#1012382).\n- cachefiles: fix the race between cachefiles_bury_object() and rmdir(2) (bnc#1012382).\n- can: dev: __can_get_echo_skb(): Do not crash the kernel if can_priv::echo_skb is accessed out of bounds (bnc#1012382).\n- can: dev: can_get_echo_skb(): factor out non sending code to __can_get_echo_skb() (bnc#1012382).\n- can: dev: __can_get_echo_skb(): print error message, if trying to echo non existing skb (bnc#1012382).\n- can: dev: __can_get_echo_skb(): replace struct can_frame by canfd_frame to access frame length (bnc#1012382).\n- can: rcar_can: Fix erroneous registration (bnc#1012382).\n- cdc-acm: correct counting of UART states in serial state notification (bnc#1012382).\n- cdc-acm: fix abnormal DATA RX issue for Mediatek Preloader (bnc#1012382).\n- ceph: call setattr_prepare from ceph_setattr instead of inode_change_ok (bsc#1114763).\n- ceph: do not update importing cap\u0027s mseq when handing cap export (bsc#1121275).\n- ceph: fix dentry leak in ceph_readdir_prepopulate (bsc#1114839).\n- ceph: quota: fix null pointer dereference in quota check (bsc#1114839).\n- cfg80211: reg: Init wiphy_idx in regulatory_hint_core() (bnc#1012382).\n- checkstack.pl: fix for aarch64 (bnc#1012382).\n- CIFS: Fix error mapping for SMB2_LOCK command which caused OFD lock problem (bnc#1012382).\n- CIFS: Fix separator when building path from dentry (bnc#1012382).\n- CIFS: handle guest access errors to Windows shares (bnc#1012382).\n- CIFS: In Kconfig CONFIG_CIFS_POSIX needs depends on legacy (insecure cifs) (bnc#1012382).\n- clk: mmp: Off by one in mmp_clk_add() (bnc#1012382).\n- clk: s2mps11: Add used attribute to s2mps11_dt_match.\n- clk: s2mps11: Fix matching when built as module and DT node contains compatible (bnc#1012382).\n- clk: samsung: exynos5420: Enable PERIS clocks for suspend (bnc#1012382).\n- clockevents/drivers/i8253: Add support for PIT shutdown quirk (bnc#1012382).\n- configfs: replace strncpy with memcpy (bnc#1012382).\n- cpufeature: avoid warning when compiling with clang.\n- cpufreq: imx6q: add return value check for voltage scale (bnc#1012382).\n- cpuidle: Do not access cpuidle_devices when !CONFIG_CPU_IDLE (bnc#1012382).\n- Cramfs: fix abad comparison when wrap-arounds occur (bnc#1012382).\n- crypto: arm64/sha - avoid non-standard inline asm tricks (bnc#1012382).\n- crypto: lrw - Fix out-of bounds access on counter overflow (bnc#1012382).\n- crypto: shash - Fix a sleep-in-atomic bug in shash_setkey_unaligned (bnc#1012382).\n- crypto, x86: aesni - fix token pasting for clang (bnc#1012382).\n- crypto: x86/chacha20 - avoid sleeping with preemption disabled (bnc#1012382).\n- cw1200: Do not leak memory if krealloc failes (bnc#1012382).\n- cxgb4: Add support for new flash parts (bsc#1102439).\n- cxgb4: assume flash part size to be 4MB, if it can\u0027t be determined (bsc#1102439).\n- cxgb4: Fix FW flash errors (bsc#1102439).\n- cxgb4: fix missing break in switch and indent return statements (bsc#1102439).\n- cxgb4: support new ISSI flash parts (bsc#1102439).\n- debugobjects: avoid recursive calls with kmemleak (bnc#1012382).\n- disable stringop truncation warnings for now (bnc#1012382).\n- dlm: fixed memory leaks after failed ls_remove_names allocation (bnc#1012382).\n- dlm: lost put_lkb on error path in receive_convert() and receive_unlock() (bnc#1012382).\n- dlm: memory leaks on error path in dlm_user_request() (bnc#1012382).\n- dlm: possible memory leak on error path in create_lkb() (bnc#1012382).\n- dmaengine: at_hdmac: fix memory leak in at_dma_xlate() (bnc#1012382).\n- dmaengine: at_hdmac: fix module unloading (bnc#1012382).\n- dmaengine: dma-jz4780: Return error if not probed from DT (bnc#1012382).\n- dm cache metadata: ignore hints array being too small during resize.\n- dm ioctl: harden copy_params()\u0027s copy_from_user() from malicious users (bnc#1012382).\n- dm-multipath: do not assign cmd_flags in setup_clone() (bsc#1103156).\n- dm raid: stop using BUG() in __rdev_sectors() (bsc#1046264).\n- dm thin: stop no_space_timeout worker when switching to write-mode.\n- dpaa_eth: fix dpaa_get_stats64 to match prototype (bsc#1114763).\n- driver/dma/ioat: Call del_timer_sync() without holding prep_lock (bnc#1012382).\n- drivers: hv: vmbus: check the creation_status in vmbus_establish_gpadl() (bsc#1104098).\n- drivers: hv: vmbus: Return -EINVAL for the sys files for unopened channels (bnc#1012382).\n- drivers/misc/sgi-gru: fix Spectre v1 vulnerability (bnc#1012382).\n- drivers/sbus/char: add of_node_put() (bnc#1012382).\n- drivers/tty: add missing of_node_put() (bnc#1012382).\n- drm/ast: change resolution may cause screen blurred (bnc#1012382).\n- drm/ast: fixed cursor may disappear sometimes (bnc#1012382).\n- drm/ast: fixed reading monitor EDID not stable issue (bnc#1012382).\n- drm/ast: Fix incorrect free on ioregs (bsc#1106929)\n- drm/ast: Remove existing framebuffers before loading driver (boo#1112963)\n- drm/dp_mst: Check if primary mstb is null (bnc#1012382).\n- drm/fb-helper: Ignore the value of fb_var_screeninfo.pixclock (bsc#1106929)\n- drm/i915/hdmi: Add HDMI 2.0 audio clock recovery N values (bnc#1012382).\n- drm/ioctl: Fix Spectre v1 vulnerabilities (bnc#1012382).\n- drm/msm: Grab a vblank reference when waiting for commit_done (bnc#1012382).\n- drm/nouveau/fbcon: fix oops without fbdev emulation (bnc#1012382).\n- drm/omap: fix memory barrier bug in DMM driver (bnc#1012382).\n- drm: rcar-du: Fix external clock error checks (bsc#1106929)\n- drm: rcar-du: Fix vblank initialization (bsc#1106929)\n- drm/rockchip: Allow driver to be shutdown on reboot/kexec (bnc#1012382).\n- e1000: avoid null pointer dereference on invalid stat type (bnc#1012382).\n- e1000: fix race condition between e1000_down() and e1000_watchdog (bnc#1012382).\n- efi/libstub/arm64: Force \u0027hidden\u0027 visibility for section markers (bnc#1012382).\n- efi/libstub/arm64: Set -fpie when building the EFI stub (bnc#1012382).\n- exec: avoid gcc-8 warning for get_task_comm (bnc#1012382).\n- exportfs: do not read dentry after free (bnc#1012382).\n- ext2: fix potential use after free (bnc#1012382).\n- ext4: add missing brelse() add_new_gdb_meta_bg()\u0027s error path (bnc#1012382).\n- ext4: add missing brelse() in set_flexbg_block_bitmap()\u0027s error path (bnc#1012382).\n- ext4: add missing brelse() update_backups()\u0027s error path (bnc#1012382).\n- ext4: avoid buffer leak in ext4_orphan_add() after prior errors (bnc#1012382).\n- ext4: avoid possible double brelse() in add_new_gdb() on error path (bnc#1012382).\n- ext4: avoid potential extra brelse in setup_new_flex_group_blocks() (bnc#1012382).\n- ext4: fix argument checking in EXT4_IOC_MOVE_EXT (bnc#1012382).\n- ext4: fix buffer leak in __ext4_read_dirblock() on error path (bnc#1012382).\n- ext4: fix buffer leak in ext4_xattr_move_to_block() on error path (bnc#1012382).\n- ext4: fix EXT4_IOC_GROUP_ADD ioctl (bnc#1012382).\n- ext4: fix missing cleanup if ext4_alloc_flex_bg_array() fails while resizing (bnc#1012382).\n- ext4: fix possible inode leak in the retry loop of ext4_resize_fs() (bnc#1012382).\n- ext4: fix possible leak of sbi-\u003es_group_desc_leak in error path (bnc#1012382).\n- ext4: fix possible use after free in ext4_quota_enable (bnc#1012382).\n- ext4: force inode writes when nfsd calls commit_metadata() (bnc#1012382).\n- ext4: initialize retries variable in ext4_da_write_inline_data_begin() (bnc#1012382).\n- ext4: missing unlock/put_page() in ext4_try_to_write_inline_data() (bnc#1012382).\n- ext4: release bs.bh before re-using in ext4_xattr_block_find() (bnc#1012382).\n- fbdev: fbcon: Fix unregister crash when more than one framebuffer (bsc#1106929)\n- fbdev: fbmem: behave better with small rotated displays and many CPUs (bsc#1106929)\n- fcoe: remove duplicate debugging message in fcoe_ctlr_vn_add (bsc#1114763).\n- Fix kABI for \u0027Ensure we commit after writeback is complete\u0027 (bsc#1111809).\n- floppy: fix race condition in __floppy_read_block_0().\n- flow_dissector: do not dissect l4 ports for fragments (bnc#1012382).\n- fork: record start_time late (bnc#1012382).\n- fscache, cachefiles: remove redundant variable \u0027cache\u0027 (bnc#1012382).\n- fscache: fix race between enablement and dropping of object (bsc#1107385).\n- fscache: Fix race in fscache_op_complete() due to split atomic_sub \u0026 read .\n- fscache: Pass the correct cancelled indications to fscache_op_complete().\n- fs, elf: make sure to page align bss in load_elf_library (bnc#1012382).\n- fs/exofs: fix potential memory leak in mount option parsing (bnc#1012382).\n- fs/fat/fatent.c: add cond_resched() to fat_count_free_clusters() (bnc#1012382).\n- fuse: Dont call set_page_dirty_lock() for ITER_BVEC pages for async_dio (bnc#1012382).\n- fuse: fix blocked_waitq wakeup (bnc#1012382).\n- fuse: fix leaked notify reply (bnc#1012382).\n- fuse: Fix use-after-free in fuse_dev_do_read() (bnc#1012382).\n- fuse: Fix use-after-free in fuse_dev_do_write() (bnc#1012382).\n- fuse: set FR_SENT while locked (bnc#1012382).\n- genirq: Fix race on spurious interrupt detection (bnc#1012382).\n- genwqe: Fix size check (bnc#1012382).\n- gfs2: Do not leave s_fs_info pointing to freed memory in init_sbd (bnc#1012382).\n- gfs2: Fix loop in gfs2_rbm_find (bnc#1012382).\n- gfs2_meta: -\u003emount() can get NULL dev_name (bnc#1012382).\n- gfs2: Put bitmap buffers in put_super (bnc#1012382).\n- git_sort.py: Remove non-existent remote tj/libata\n- gpio: max7301: fix driver for use with CONFIG_VMAP_STACK (bnc#1012382).\n- gpio: msic: fix error return code in platform_msic_gpio_probe() (bnc#1012382).\n- gpu: host1x: fix error return code in host1x_probe() (bnc#1012382).\n- gro_cell: add napi_disable in gro_cells_destroy (bnc#1012382).\n- hfs: do not free node before using (bnc#1012382).\n- hfsplus: do not free node before using (bnc#1012382).\n- hfsplus: prevent btree data loss on root split (bnc#1012382).\n- hfs: prevent btree data loss on root split (bnc#1012382).\n- HID: hiddev: fix potential Spectre v1 (bnc#1012382).\n- HID: uhid: forbid UHID_CREATE under KERNEL_DS or elevated privileges (bnc#1012382).\n- hpwdt add dynamic debugging (bsc#1114417).\n- hpwdt calculate reload value on each use (bsc#1114417).\n- hugetlbfs: dirty pages as they are added to pagecache (bnc#1012382).\n- hugetlbfs: fix bug in pgoff overflow checking (bnc#1012382).\n- hugetlbfs: fix kernel BUG at fs/hugetlbfs/inode.c:444! (bnc#1012382).\n- hwmon: (ibmpowernv) Remove bogus __init annotations (bnc#1012382).\n- hwmon: (ina2xx) Fix current value calculation (bnc#1012382).\n- hwmon: (pmbus) Fix page count auto-detection (bnc#1012382).\n- hwmon: (w83795) temp4_type has writable permission (bnc#1012382).\n- hwpoison, memory_hotplug: allow hwpoisoned pages to be offlined (bnc#1116336).\n- i2c: axxia: properly handle master timeout (bnc#1012382).\n- i2c: scmi: Fix probe error on devices with an empty SMB0001 ACPI device node (bnc#1012382).\n- IB/hfi1: Fix an out-of-bounds access in get_hw_stats ().\n- ibmveth: fix DMA unmap error in ibmveth_xmit_start error path (bnc#1012382).\n- ibmvnic: Convert reset work item mutex to spin lock ().\n- ibmvnic: fix accelerated VLAN handling ().\n- ibmvnic: fix index in release_rx_pools (bsc#1115440).\n- ibmvnic: Fix non-atomic memory allocation in IRQ context ().\n- ibmvnic: Fix RX queue buffer cleanup (bsc#1115440, bsc#1115433).\n- ibmvnic: remove ndo_poll_controller ().\n- ibmvnic: Update driver queues after change in ring size support ().\n- IB/ucm: Fix Spectre v1 vulnerability (bnc#1012382).\n- ide: pmac: add of_node_put() (bnc#1012382).\n- ieee802154: lowpan_header_create check must check daddr (bnc#1012382).\n- igb: Remove superfluous reset to PHY and page 0 selection (bnc#1012382).\n- iio: adc: at91: fix acking DRDY irq on simple conversions (bnc#1012382).\n- iio: adc: at91: fix wrong channel number in triggered buffer mode (bnc#1012382).\n- ima: fix showing large \u0027violations\u0027 or \u0027runtime_measurements_count\u0027 (bnc#1012382).\n- Input: elan_i2c - add ACPI ID for Lenovo IdeaPad 330-15ARR (bnc#1012382).\n- Input: elan_i2c - add ACPI ID for Lenovo IdeaPad 330-15IGM (bnc#1012382).\n- Input: elan_i2c - add ACPI ID for touchpad in ASUS Aspire F5-573G (bnc#1012382).\n- Input: elan_i2c - add ELAN0620 to the ACPI table (bnc#1012382).\n- Input: elan_i2c - add support for ELAN0621 touchpad (bnc#1012382).\n- Input: matrix_keypad - check for errors from of_get_named_gpio() (bnc#1012382).\n- Input: omap-keypad - fix idle configuration to not block SoC idle states (bnc#1012382).\n- Input: omap-keypad - fix keyboard debounce configuration (bnc#1012382).\n- Input: restore EV_ABS ABS_RESERVED (bnc#1012382).\n- Input: xpad - add GPD Win 2 Controller USB IDs (bnc#1012382).\n- Input: xpad - add Mad Catz FightStick TE 2 VID/PID (bnc#1012382).\n- Input: xpad - add more third-party controllers (bnc#1012382).\n- Input: xpad - add PDP device id 0x02a4 (bnc#1012382).\n- Input: xpad - add product ID for Xbox One S pad (bnc#1012382).\n- Input: xpad - add support for PDP Xbox One controllers (bnc#1012382).\n- Input: xpad - add support for Xbox1 PDP Camo series gamepad (bnc#1012382).\n- Input: xpad - add USB IDs for Mad Catz Brawlstick and Razer Sabertooth (bnc#1012382).\n- Input: xpad - avoid using __set_bit() for capabilities (bnc#1012382).\n- Input: xpad - constify usb_device_id (bnc#1012382).\n- Input: xpad - correctly sort vendor id\u0027s (bnc#1012382).\n- Input: xpad - correct xbox one pad device name (bnc#1012382).\n- Input: xpad - do not depend on endpoint order (bnc#1012382).\n- Input: xpad - fix GPD Win 2 controller name (bnc#1012382).\n- Input: xpad - fix PowerA init quirk for some gamepad models (bnc#1012382).\n- Input: xpad - fix rumble on Xbox One controllers with 2015 firmware (bnc#1012382).\n- Input: xpad - fix some coding style issues (bnc#1012382).\n- Input: xpad - fix stuck mode button on Xbox One S pad (bnc#1012382).\n- Input: xpad - fix Xbox One rumble stopping after 2.5 secs (bnc#1012382).\n- Input: xpad - handle \u0027present\u0027 and \u0027gone\u0027 correctly (bnc#1012382).\n- Input: xpad - move reporting xbox one home button to common function (bnc#1012382).\n- Input: xpad - power off wireless 360 controllers on suspend (bnc#1012382).\n- Input: xpad - prevent spurious input from wired Xbox 360 controllers (bnc#1012382).\n- Input: xpad - quirk all PDP Xbox One gamepads (bnc#1012382).\n- Input: xpad - remove spurious events of wireless xpad 360 controller (bnc#1012382).\n- Input: xpad - remove unused function (bnc#1012382).\n- Input: xpad - restore LED state after device resume (bnc#1012382).\n- Input: xpad - simplify error condition in init_output (bnc#1012382).\n- Input: xpad - sort supported devices by USB ID (bnc#1012382).\n- Input: xpad - support some quirky Xbox One pads (bnc#1012382).\n- Input: xpad - sync supported devices with 360Controller (bnc#1012382).\n- Input: xpad - sync supported devices with XBCD (bnc#1012382).\n- Input: xpad - sync supported devices with xboxdrv (bnc#1012382).\n- Input: xpad - update Xbox One Force Feedback Support (bnc#1012382).\n- Input: xpad - use LED API when identifying wireless controllers (bnc#1012382).\n- Input: xpad - validate USB endpoint type during probe (bnc#1012382).\n- Input: xpad - workaround dead irq_out after suspend/ resume (bnc#1012382).\n- Input: xpad - xbox one elite controller support (bnc#1012382).\n- intel_th: msu: Fix an off-by-one in attribute store (bnc#1012382).\n- iommu/amd: Fix amd_iommu=force_isolation (bsc#1106105).\n- iommu/arm-smmu: Ensure that page-table updates are visible before TLBI (bsc#1106237).\n- iommu/ipmmu-vmsa: Fix crash on early domain free (bsc#1106105).\n- iommu/vt-d: Fix NULL pointer dereference in prq_event_thread() (bsc#1106105).\n- iommu/vt-d: Handle domain agaw being less than iommu agaw (bsc#1106105).\n- iommu/vt-d: Use memunmap to free memremap (bsc#1106105).\n- ip6mr: Fix potential Spectre v1 vulnerability (bnc#1012382).\n- ipmi: Fix timer race with module unload (bnc#1012382).\n- ip_tunnel: do not force DF when MTU is locked (bnc#1012382).\n- ip_tunnel: Fix name string concatenate in __ip_tunnel_create() (bnc#1012382).\n- ipv4: Fix potential Spectre v1 vulnerability (bnc#1012382).\n- ipv4: ipv6: netfilter: Adjust the frag mem limit when truesize changes (bsc#1110286).\n- ipv6: Check available headroom in ip6_xmit() even without options (bnc#1012382).\n- ipv6: explicitly initialize udp6_addr in udp_sock_create6() (bnc#1012382).\n- ipv6: Fix PMTU updates for UDP/raw sockets in presence of VRF (bnc#1012382).\n- ipv6: mcast: fix a use-after-free in inet6_mc_check (bnc#1012382).\n- ipv6/ndisc: Preserve IPv6 control buffer if protocol error handlers are called (bnc#1012382).\n- ipv6: orphan skbs in reassembly unit (bnc#1012382).\n- ipv6: set rt6i_protocol properly in the route when it is installed (bsc#1114190).\n- ipv6: suppress sparse warnings in IP6_ECN_set_ce() (bnc#1012382).\n- isdn: fix kernel-infoleak in capi_unlocked_ioctl (bnc#1012382).\n- iser: set sector for ambiguous mr status errors (bnc#1012382).\n- iwlwifi: mvm: fix regulatory domain update when the firmware starts (bnc#1012382).\n- iwlwifi: mvm: support sta_statistics() even on older firmware (bnc#1012382).\n- ixgbe: Add function for checking to see if we can reuse page (bsc#1100105).\n- ixgbe: Add support for build_skb (bsc#1100105).\n- ixgbe: Add support for padding packet (bsc#1100105).\n- ixgbe: Break out Rx buffer page management (bsc#1100105).\n- ixgbe: Fix output from ixgbe_dump (bsc#1100105).\n- ixgbe: fix possible race in reset subtask (bsc#1101557).\n- ixgbe: Make use of order 1 pages and 3K buffers independent of FCoE (bsc#1100105).\n- ixgbe: Only DMA sync frame length (bsc#1100105).\n- ixgbe: recognize 1000BaseLX SFP modules as 1Gbps (bnc#1012382).\n- ixgbe: Refactor queue disable logic to take completion time into account (bsc#1101557).\n- ixgbe: Reorder Tx/Rx shutdown to reduce time needed to stop device (bsc#1101557).\n- ixgbe: Update code to better handle incrementing page count (bsc#1100105).\n- ixgbe: Update driver to make use of DMA attributes in Rx path (bsc#1100105).\n- ixgbe: Use length to determine if descriptor is done (bsc#1100105).\n- jbd2: fix use after free in jbd2_log_do_checkpoint() (bnc#1012382).\n- jffs2: free jffs2_sb_info through jffs2_kill_sb() (bnc#1012382).\n- kabi: hwpoison, memory_hotplug: allow hwpoisoned pages to be offlined (bnc#1116336).\n- kABI: protect get_vaddr_frames (kabi).\n- kABI: protect struct azx (kabi).\n- kABI: protect struct cfs_bandwidth (kabi).\n- kABI: protect struct esp (kabi).\n- kABI: protect struct fuse_io_priv (kabi).\n- kABI: protect __usb_get_extra_descriptor (kabi).\n- kABI: protect xen/xen-ops.h include in xlate_mmu.c (kabi).\n- kabi: revert sig change on pnfs_read_resend_pnfs.\n- kbuild: Add better clang cross build support (bnc#1012382).\n- kbuild: Add __cc-option macro (bnc#1012382).\n- kbuild: Add support to generate LLVM assembly files (bnc#1012382).\n- kbuild: allow to use GCC toolchain not in Clang search path (bnc#1012382).\n- kbuild: clang: add -no-integrated-as to KBUILD_[AC]FLAGS (bnc#1012382).\n- kbuild: clang: Disable \u0027address-of-packed-member\u0027 warning (bnc#1012382).\n- kbuild: clang: disable unused variable warnings only when constant (bnc#1012382).\n- kbuild: clang: fix build failures with sparse check (bnc#1012382).\n- kbuild: clang: remove crufty HOSTCFLAGS (bnc#1012382).\n- kbuild: Consolidate header generation from ASM offset information (bnc#1012382).\n- kbuild: consolidate redundant sed script ASM offset generation (bnc#1012382).\n- kbuild: drop -Wno-unknown-warning-option from clang options (bnc#1012382).\n- kbuild: fix asm-offset generation to work with clang (bnc#1012382).\n- kbuild: fix kernel/bounds.c \u0027W=1\u0027 warning (bnc#1012382).\n- kbuild: fix linker feature test macros when cross compiling with Clang (bnc#1012382).\n- kbuild, LLVMLinux: Add -Werror to cc-option to support clang (bnc#1012382).\n- kbuild: move cc-option and cc-disable-warning after incl. arch Makefile (bnc#1012382).\n- kbuild: Set KBUILD_CFLAGS before incl. arch Makefile (bnc#1012382).\n- kbuild: set no-integrated-as before incl. arch Makefile (bnc#1012382).\n- kbuild: suppress packed-not-aligned warning for default setting only (bnc#1012382).\n- kbuild: use -Oz instead of -Os when using clang (bnc#1012382).\n- kdb: use memmove instead of overlapping memcpy (bnc#1012382).\n- kdb: Use strscpy with destination buffer size (bnc#1012382).\n- kernfs: Replace strncpy with memcpy (bnc#1012382).\n- KEYS: put keyring if install_session_keyring_to_cred() fails (bnc#1012382).\n- kgdboc: fix KASAN global-out-of-bounds bug in param_set_kgdboc_var() (bnc#1012382).\n- kgdboc: Fix restrict error (bnc#1012382).\n- kgdboc: Fix warning with module build (bnc#1012382).\n- kgdboc: Passing ekgdboc to command line causes panic (bnc#1012382).\n- kobject: Replace strncpy with memcpy (bnc#1012382).\n- kprobes: Return error if we fail to reuse kprobe instead of BUG_ON() (bnc#1012382).\n- KVM: arm64: Fix caching of host MDCR_EL2 value (bsc#1121242).\n- KVM: arm: Restore banked registers and physical timer access on hyp_panic() (bsc#1121240).\n- KVM: mmu: Fix race in emulated page table writes (bnc#1012382).\n- KVM: nVMX: Always reflect #NM VM-exits to L1 (bsc#1106240).\n- KVM: nVMX: Eliminate vmcs02 pool (bnc#1012382).\n- KVM: nVMX: mark vmcs12 pages dirty on L2 exit (bnc#1012382).\n- KVM: PPC: Move and undef TRACE_INCLUDE_PATH/FILE (bnc#1012382).\n- KVM/SVM: Allow direct access to MSR_IA32_SPEC_CTRL (bnc#1012382 bsc#1068032).\n- KVM/SVM: Ensure an IBPB on all affected CPUs when freeing a vmcb (bsc#1114648).\n- KVM/VMX: Allow direct access to MSR_IA32_SPEC_CTRL (bnc#1012382 bsc#1068032 bsc#1096242 bsc#1096281).\n- KVM/VMX: Emulate MSR_IA32_ARCH_CAPABILITIES (bnc#1012382).\n- KVM/VMX: introduce alloc_loaded_vmcs (bnc#1012382).\n- KVM/VMX: make MSR bitmaps per-VCPU (bnc#1012382).\n- KVM/x86: Add IBPB support (bnc#1012382 bsc#1068032 bsc#1068032).\n- KVM/x86: fix empty-body warnings (bnc#1012382).\n- KVM/x86: Remove indirect MSR op calls from SPEC_CTRL (bnc#1012382).\n- KVM/x86: Use jmp to invoke kvm_spurious_fault() from .fixup (bnc#1012382).\n- lan78xx: Check for supported Wake-on-LAN modes (bnc#1012382).\n- leds: call led_pwm_set() in leds-pwm to enforce default LED_OFF (bnc#1012382).\n- leds: leds-gpio: Fix return value check in create_gpio_led() (bnc#1012382).\n- leds: turn off the LED and wait for completion on unregistering LED class device (bnc#1012382).\n- libata: whitelist all SAMSUNG MZ7KM* solid-state disks (bnc#1012382).\n- libceph: bump CEPH_MSG_MAX_DATA_LEN (bsc#1114839).\n- libceph: fall back to sendmsg for slab pages (bsc#1118316).\n- libfc: sync strings with upstream versions (bsc#1114763).\n- lib/interval_tree_test.c: allow full tree search (bnc#1012382).\n- lib/interval_tree_test.c: allow users to limit scope of endpoint (bnc#1012382).\n- lib/interval_tree_test.c: make test options module parameters (bnc#1012382).\n- libnvdimm, {btt, blk}: do integrity setup before add_disk() (bsc#1118926).\n- libnvdimm, dimm: fix dpa reservation vs uninitialized label area (bsc#1118936).\n- libnvdimm: fix integer overflow static analysis warning (bsc#1118922).\n- libnvdimm: fix nvdimm_bus_lock() vs device_lock() ordering (bsc#1118915).\n- libnvdimm: Hold reference on parent while scheduling async init (bnc#1012382).\n- lib/raid6: Fix arm64 test build (bnc#1012382).\n- lib/rbtree_test.c: make input module parameters (bnc#1012382).\n- lib/rbtree-test: lower default params (bnc#1012382).\n- llc: do not use sk_eat_skb() (bnc#1012382).\n- lockd: fix access beyond unterminated strings in prints (bnc#1012382).\n- locking/lockdep: Fix debug_locks off performance problem (bnc#1012382).\n- mac80211: Always report TX status (bnc#1012382).\n- mac80211: Clear beacon_int in ieee80211_do_stop (bnc#1012382).\n- mac80211: fix reordering of buffered broadcast packets (bnc#1012382).\n- mac80211_hwsim: do not omit multicast announce of first added radio (bnc#1012382).\n- mac80211_hwsim: fix module init error paths for netlink (bnc#1012382).\n- mac80211_hwsim: Timer should be initialized before device registered (bnc#1012382).\n- mac80211: ignore NullFunc frames in the duplicate detection (bnc#1012382).\n- mac80211: ignore tx status for PS stations in ieee80211_tx_status_ext (bnc#1012382).\n- mach64: fix display corruption on big endian machines (bnc#1012382).\n- mach64: fix image corruption due to reading accelerator registers (bnc#1012382).\n- matroxfb: fix size of memcpy (bnc#1012382).\n- MD: do not check MD_SB_CHANGE_CLEAN in md_allow_write.\n- MD: fix invalid stored role for a disk (bnc#1012382).\n- MD: fix invalid stored role for a disk - try2 (bnc#1012382).\n- media: dvb-frontends: fix i2c access helpers for KASAN (bnc#1012382).\n- media: em28xx: fix input name for Terratec AV 350 (bnc#1012382).\n- media: em28xx: Fix use-after-free when disconnecting (bnc#1012382).\n- media: em28xx: make v4l2-compliance happier by starting sequence on zero (bnc#1012382).\n- media: em28xx: use a default format if TRY_FMT fails (bnc#1012382).\n- media: pci: cx23885: handle adding to list failure (bnc#1012382).\n- media: tvp5150: fix width alignment during set_selection() (bnc#1012382).\n- media: v4l: event: Add subscription to list before calling \u0027add\u0027 operation (bnc#1012382).\n- media: vivid: free bitmap_cap when updating std/timings/etc (bnc#1012382).\n- MIPS: Align kernel load address to 64KB (bnc#1012382).\n- MIPS: DEC: Fix an int-handler.S CPU_DADDI_WORKAROUNDS regression (bnc#1012382).\n- MIPS: Ensure pmd_present() returns false after pmd_mknotpresent() (bnc#1012382).\n- MIPS: Fix FCSR Cause bit handling for correct SIGFPE issue (bnc#1012382).\n- MIPS: fix mips_get_syscall_arg o32 check (bnc#1012382).\n- MIPS: Handle non word sized instructions when examining frame (bnc#1012382).\n- MIPS: kexec: Mark CPU offline before disabling local IRQ (bnc#1012382).\n- MIPS: Loongson-3: Fix BRIDGE irq delivery problem (bnc#1012382).\n- MIPS: Loongson-3: Fix CPU UART irq delivery problem (bnc#1012382).\n- MIPS: microMIPS: Fix decoding of swsp16 instruction (bnc#1012382).\n- MIPS: OCTEON: fix out of bounds array access on CN68XX (bnc#1012382).\n- MIPS: ralink: Fix mt7620 nd_sd pinmux (bnc#1012382).\n- misc: atmel-ssc: Fix section annotation on atmel_ssc_get_driver_data (bnc#1012382).\n- misc: mic/scif: fix copy-paste error in scif_create_remote_lookup (bnc#1012382).\n- mmc: core: Reset HPI enabled state during re-init and in case of errors (bnc#1012382).\n- mm: cleancache: fix corruption on missed inode invalidation (bnc#1012382).\n- mmc: OMAP: fix broken MMC on OMAP15XX/OMAP5910/OMAP310 (bnc#1012382).\n- mmc: omap_hsmmc: fix DMA API warning (bnc#1012382).\n- mmc: sdhci-pci-o2micro: Add quirk for O2 Micro dev 0x8620 rev 0x01 (bnc#1012382).\n- mm, devm_memremap_pages: kill mapping \u0027System RAM\u0027 support (bnc#1012382).\n- mm: do not bug_on on incorrect length in __mm_populate() (bnc#1012382).\n- mm: do not miss the last page because of round-off error (bnc#1118798).\n- mm, elf: handle vm_brk error (bnc#1012382).\n- mm, hugetlb: fix huge_pte_alloc BUG_ON (bsc#1119204).\n- mm: hwpoison: call shake_page() after try_to_unmap() for mlocked page (bnc#1116336).\n- mm: lower the printk loglevel for __dump_page messages (generic hotplug debugability).\n- mm, memory_hotplug: be more verbose for memory offline failures (generic hotplug debugability).\n- mm, memory_hotplug: drop pointless block alignment checks from __offline_pages (generic hotplug debugability).\n- mm, memory_hotplug: print reason for the offlining failure (generic hotplug debugability).\n- mm: migration: fix migration of huge PMD shared pages (bnc#1012382).\n- mm: mlock: avoid increase mm-\u003elocked_vm on mlock() when already mlock2(,MLOCK_ONFAULT) (bnc#1012382).\n- mm/nommu.c: Switch __get_user_pages_unlocked() to use __get_user_pages() (bnc#1012382).\n- mm: Preserve _PAGE_DEVMAP across mprotect() calls (bsc#1118790).\n- mm: print more information about mapping in __dump_page (generic hotplug debugability).\n- mm: put_and_wait_on_page_locked() while page is migrated (bnc#1109272).\n- mm: refuse wrapped vm_brk requests (bnc#1012382).\n- mm: remove write/force parameters from __get_user_pages_locked() (bnc#1012382 bsc#1027260).\n- mm: remove write/force parameters from __get_user_pages_unlocked() (bnc#1012382 bsc#1027260).\n- mm: replace __access_remote_vm() write parameter with gup_flags (bnc#1012382).\n- mm: replace access_remote_vm() write parameter with gup_flags (bnc#1012382).\n- mm: replace get_user_pages_locked() write/force parameters with gup_flags (bnc#1012382 bsc#1027260).\n- mm: replace get_user_pages_unlocked() write/force parameters with gup_flags (bnc#1012382 bsc#1027260).\n- mm: replace get_user_pages() write/force parameters with gup_flags (bnc#1012382 bsc#1027260).\n- mm: replace get_vaddr_frames() write/force parameters with gup_flags (bnc#1012382).\n- mm: thp: relax __GFP_THISNODE for MADV_HUGEPAGE mappings (bnc#1012382).\n- modules: mark __inittest/__exittest as __maybe_unused (bnc#1012382).\n- mount: Do not allow copying MNT_UNBINDABLE|MNT_LOCKED mounts (bnc#1012382).\n- mount: Prevent MNT_DETACH from disconnecting locked mounts (bnc#1012382).\n- mount: Retest MNT_LOCKED in do_umount (bnc#1012382).\n- Move usb-audio UAF fix into sorted section\n- mtd: docg3: do not set conflicting BCH_CONST_PARAMS option (bnc#1012382).\n- mtd: spi-nor: Add support for is25wp series chips (bnc#1012382).\n- mv88e6060: disable hardware level MAC learning (bnc#1012382).\n- mwifiex: Fix NULL pointer dereference in skb_dequeue() (bnc#1012382).\n- mwifiex: fix p2p device does not find in scan problem (bnc#1012382).\n- namei: allow restricted O_CREAT of FIFOs and regular files (bnc#1012382).\n- neighbour: Avoid writing before skb-\u003ehead in neigh_hh_output() (bnc#1012382).\n- net: 8139cp: fix a BUG triggered by changing mtu with network traffic (bnc#1012382).\n- net/af_iucv: drop inbound packets with invalid flags (bnc#1114475, LTC#172679).\n- net/af_iucv: fix skb handling on HiperTransport xmit error (bnc#1114475, LTC#172679).\n- net: amd: add missing of_node_put() (bnc#1012382).\n- net: bcmgenet: fix OF child-node lookup (bnc#1012382).\n- net: bridge: remove ipv6 zero address check in mcast queries (bnc#1012382).\n- net: cxgb3_main: fix a missing-check bug (bnc#1012382).\n- net: drop skb on failure in ip_check_defrag() (bnc#1012382).\n- net: drop write-only stack variable (bnc#1012382).\n- net: ena: add functions for handling Low Latency Queues in ena_com (bsc#1117562).\n- net: ena: add functions for handling Low Latency Queues in ena_netdev (bsc#1117562).\n- net: ena: change rx copybreak default to reduce kernel memory pressure (bsc#1117562).\n- net: ena: complete host info to match latest ENA spec (bsc#1117562).\n- net: ena: enable Low Latency Queues (bsc#1117562).\n- net: ena: explicit casting and initialization, and clearer error handling (bsc#1117562).\n- net: ena: fix auto casting to boolean (bsc#1117562).\n- net: ena: fix compilation error in xtensa architecture (bsc#1117562).\n- net: ena: fix crash during ena_remove() (bsc#1108240).\n- net: ena: fix crash during failed resume from hibernation (bsc#1117562).\n- net: ena: fix indentations in ena_defs for better readability (bsc#1117562).\n- net: ena: Fix Kconfig dependency on X86 (bsc#1117562).\n- net: ena: fix NULL dereference due to untimely napi initialization (bsc#1117562).\n- net: ena: fix rare bug when failed restart/resume is followed by driver removal (bsc#1117562).\n- net: ena: fix warning in rmmod caused by double iounmap (bsc#1117562).\n- net: ena: introduce Low Latency Queues data structures according to ENA spec (bsc#1117562).\n- net: ena: limit refill Rx threshold to 256 to avoid latency issues (bsc#1117562).\n- net: ena: minor performance improvement (bsc#1117562).\n- net: ena: remove ndo_poll_controller (bsc#1117562).\n- net: ena: remove redundant parameter in ena_com_admin_init() (bsc#1117562).\n- net: ena: update driver version from 2.0.1 to 2.0.2 (bsc#1108240).\n- net: ena: update driver version to 2.0.1 (bsc#1117562).\n- net: ena: use CSUM_CHECKED device indication to report skb\u0027s checksum status (bsc#1117562).\n- net: faraday: ftmac100: remove netif_running(netdev) check before disabling interrupts (bnc#1012382).\n- netfilter: ipset: actually allow allowable CIDR 0 in hash:net,port,net (bnc#1012382).\n- netfilter: ipset: Correct rcu_dereference() call in ip_set_put_comment() (bnc#1012382).\n- netfilter: nf_tables: fix oops when inserting an element into a verdict map (bnc#1012382).\n- netfilter: xt_IDLETIMER: add sysfs filename checking routine (bnc#1012382).\n- net-gro: reset skb-\u003epkt_type in napi_reuse_skb() (bnc#1012382).\n- net: hisilicon: remove unexpected free_netdev (bnc#1012382).\n- net: ibm: fix return type of ndo_start_xmit function ().\n- net/ibmnvic: Fix deadlock problem in reset ().\n- net/ibmvnic: Fix RTNL deadlock during device reset (bnc#1115431).\n- net/ipv4: defensive cipso option parsing (bnc#1012382).\n- net/ipv4: do not handle duplicate fragments as overlapping (bsc#1116345).\n- net/ipv6: Fix index counter for unicast addresses in in6_dump_addrs (bnc#1012382).\n- net/mlx4_core: Correctly set PFC param if global pause is turned off (bsc#1015336 bsc#1015337 bsc#1015340).\n- net/mlx4_core: Fix uninitialized variable compilation warning (bnc#1012382).\n- net/mlx4_core: Zero out lkey field in SW2HW_MPT fw command (bnc#1012382).\n- net/mlx4: Fix UBSAN warning of signed integer overflow (bnc#1012382).\n- net: phy: do not allow __set_phy_supported to add unsupported modes (bnc#1012382).\n- net: Prevent invalid access to skb-\u003eprev in __qdisc_drop_all (bnc#1012382).\n- net: qla3xxx: Remove overflowing shift statement (bnc#1012382).\n- netrom: fix locking in nr_find_socket() (bnc#1012382).\n- net: sched: gred: pass the right attribute to gred_change_table_def() (bnc#1012382).\n- net: socket: fix a missing-check bug (bnc#1012382).\n- net: stmmac: Fix stmmac_mdio_reset() when building stmmac as modules (bnc#1012382).\n- net: thunderx: fix NULL pointer dereference in nic_remove (bnc#1012382).\n- new helper: uaccess_kernel() (bnc#1012382).\n- NFC: nfcmrvl_uart: fix OF child-node lookup (bnc#1012382).\n- nfit: skip region registration for incomplete control regions (bsc#1118930).\n- nfsd: Fix an Oops in free_session() (bnc#1012382).\n- NFS: Ensure we commit after writeback is complete (bsc#1111809).\n- NFSv4.1: Fix the r/wsize checking (bnc#1012382).\n- NFSv4: Do not exit the state manager without clearing NFS4CLNT_MANAGER_RUNNING.\n- nvme: validate controller state before rescheduling keep alive (bsc#1103257).\n- ocfs2: fix a misuse a of brelse after failing ocfs2_check_dir_entry (bnc#1012382).\n- ocfs2: fix deadlock caused by ocfs2_defrag_extent() (bnc#1012382).\n- ocfs2: fix potential use after free (bnc#1012382).\n- of: add helper to lookup compatible child node (bnc#1012382).\n- packet: validate address length (bnc#1012382).\n- packet: validate address length if non-zero (bnc#1012382).\n- parisc: Fix address in HPMC IVA (bnc#1012382).\n- parisc: Fix map_pages() to not overwrite existing pte entries (bnc#1012382).\n- PCI: Add Device IDs for Intel GPU \u0027spurious interrupt\u0027 quirk (bnc#1012382).\n- PCI/ASPM: Do not initialize link state when aspm_disabled is set (bsc#1109806).\n- PCI/ASPM: Fix link_state teardown on device removal (bsc#1109806).\n- PCI: vmd: Detach resources after stopping root bus (bsc#1106105).\n- pcmcia: Implement CLKRUN protocol disabling for Ricoh bridges (bnc#1012382).\n- perf/bpf: Convert perf_event_array to use struct file (bsc#1119967).\n- perf/core: Do not leak event in the syscall error path (bnc#1012382).\n- perf pmu: Suppress potential format-truncation warning (bnc#1012382).\n- perf/ring_buffer: Prevent concurent ring buffer access (bnc#1012382).\n- perf tools: Cleanup trace-event-info \u0027tdata\u0027 leak (bnc#1012382).\n- perf tools: Disable parallelism for \u0027make clean\u0027 (bnc#1012382).\n- perf tools: Free temporary \u0027sys\u0027 string in read_event_files() (bnc#1012382).\n- pinctrl: qcom: spmi-mpp: Fix drive strength setting (bnc#1012382).\n- pinctrl: qcom: spmi-mpp: Fix err handling of pmic_mpp_set_mux (bnc#1012382).\n- pinctrl: spmi-mpp: Fix pmic_mpp_config_get() to be compliant (bnc#1012382).\n- pinctrl: ssbi-gpio: Fix pm8xxx_pin_config_get() to be compliant (bnc#1012382).\n- pinctrl: sunxi: a83t: Fix IRQ offset typo for PH11 (bnc#1012382).\n- platform/x86: acerhdf: Add BIOS entry for Gateway LT31 v1.3307 (bnc#1012382).\n- PM / devfreq: tegra: fix error return code in tegra_devfreq_probe() (bnc#1012382).\n- pNFS: Fix a deadlock between read resends and layoutreturn.\n- pNFS/flexfiles: Fix up the ff_layout_write_pagelist failure path.\n- pNFS/flexfiles: When checking for available DSes, conditionally check for MDS io.\n- pnfs: set NFS_IOHDR_REDO in pnfs_read_resend_pnfs.\n- powerpc/64s: consolidate MCE counter increment (bsc#1094244).\n- powerpc/boot: Ensure _zimage_start is a weak symbol (bnc#1012382).\n- powerpc/boot: Fix random libfdt related build errors (bnc#1012382).\n- powerpc/boot: Request no dynamic linker for boot wrapper (bsc#1070805).\n- powerpc: Fix COFF zImage booting on old powermacs (bnc#1012382).\n- powerpc/mm/radix: Use mm-\u003etask_size for boundary checking instead of addr_limit (bsc#1027457).\n- powerpc/msi: Fix compile error on mpc83xx (bnc#1012382).\n- powerpc/msi: Fix NULL pointer access in teardown code (bnc#1012382).\n- powerpc/nohash: fix undefined behaviour when testing page size support (bnc#1012382).\n- powerpc/numa: Suppress \u0027VPHN is not supported\u0027 messages (bnc#1012382).\n- powerpc/powernv: Do not select the cpufreq governors (bsc#1066223).\n- powerpc/powernv: Fix opal_event_shutdown() called with interrupts disabled (bsc#1066223).\n- powerpc/powernv/pci: Work around races in PCI bridge enabling (bsc#1066223).\n- powerpc/pseries: Fix DTL buffer registration (bsc#1066223).\n- powerpc/pseries: Fix how we iterate over the DTL entries (bsc#1066223).\n- powerpc/pseries/mobility: Extend start/stop topology update scope (bsc#1116950, bsc#1115709).\n- powerpc/traps: restore recoverability of machine_check interrupts (bsc#1094244).\n- power: supply: olpc_battery: correct the temperature units (bnc#1012382).\n- printk: Fix panic caused by passing log_buf_len to command line (bnc#1012382).\n- Provide a temporary fix for STIBP on-by-default (bsc#1116497).\n- pstore: Convert console write to use -\u003ewrite_buf (bnc#1012382).\n- ptp: fix Spectre v1 vulnerability (bnc#1012382).\n- pxa168fb: prepare the clock (bnc#1012382).\n- qed: Fix bitmap_weight() check (bsc#1019695).\n- qed: Fix PTT leak in qed_drain() (bnc#1012382).\n- qed: Fix QM getters to always return a valid pq (bsc#1019695 ).\n- qed: Fix reading wrong value in loop condition (bnc#1012382).\n- r8152: Check for supported Wake-on-LAN Modes (bnc#1012382).\n- r8169: fix NAPI handling under high load (bnc#1012382).\n- rapidio/rionet: do not free skb before reading its length (bnc#1012382).\n- RDMA/ucma: Fix Spectre v1 vulnerability (bnc#1012382).\n- reiserfs: propagate errors from fill_with_dentries() properly (bnc#1012382).\n- Reorder a few commits in kGraft out of tree section\n- Revert \u0027Bluetooth: h5: Fix missing dependency on BT_HCIUART_SERDEV\u0027 (bnc#1012382).\n- Revert \u0027ceph: fix dentry leak in splice_dentry()\u0027 (bsc#1114839).\n- Revert \u0027drm/rockchip: Allow driver to be shutdown on reboot/kexec\u0027 (bsc#1106929)\n- Revert \u0027exec: avoid gcc-8 warning for get_task_comm\u0027 (kabi).\n- Revert \u0027iommu/io-pgtable-arm: Check for v7s-incapable systems\u0027 (bsc#1106105).\n- Revert \u0027media: v4l: event: Add subscription to list before calling \u0027add\u0027 operation\u0027 (kabi).\n- Revert \u0027media: videobuf2-core: do not call memop \u0027finish\u0027 when queueing\u0027 (bnc#1012382).\n- Revert \u0027PCI/ASPM: Do not initialize link state when aspm_disabled is set\u0027 (bsc#1106105).\n- Revert \u0027usb: musb: musb_host: Enable HCD_BH flag to handle urb return in bottom half\u0027 (bsc#1047487).\n- Revert \u0027wlcore: Add missing PM call for wlcore_cmd_wait_for_event_or_timeout()\u0027 (bnc#1012382).\n- Revert \u0027x86/kconfig: Fall back to ticket spinlocks\u0027 (kabi).\n- rocker: fix rocker_tlv_put_* functions for KASAN (bnc#1012382).\n- rpcrdma: Add RPCRDMA_HDRLEN_ERR.\n- rpm/kernel-binary.spec.in: Add missing export BRP_SIGN_FILES (bsc#1115587). \n- rps: flow_dissector: Fix uninitialized flow_keys used in __skb_get_hash possibly (bsc#1042286 bsc#1108145).\n- rtc: hctosys: Add missing range error reporting (bnc#1012382).\n- rtc: snvs: add a missing write sync (bnc#1012382).\n- rtc: snvs: Add timeouts to avoid kernel lockups (bnc#1012382).\n- rtnetlink: Disallow FDB configuration for non-Ethernet device (bnc#1012382).\n- rtnetlink: ndo_dflt_fdb_dump() only work for ARPHRD_ETHER devices (bnc#1012382).\n- s390/cpum_cf: Reject request for sampling in event initialization (bnc#1012382).\n- s390/mm: Check for valid vma before zapping in gmap_discard (bnc#1012382).\n- s390/mm: Fix ERROR: \u0027__node_distance\u0027 undefined! (bnc#1012382).\n- s390: qeth_core_mpc: Use ARRAY_SIZE instead of reimplementing its function (bnc#1114475, LTC#172682).\n- s390/qeth: fix HiperSockets sniffer (bnc#1114475, LTC#172953).\n- s390/qeth: fix length check in SNMP processing (bnc#1012382).\n- s390: qeth: Fix potential array overrun in cmd/rc lookup (bnc#1114475, LTC#172682).\n- s390/vdso: add missing FORCE to build targets (bnc#1012382).\n- sbus: char: add of_node_put() (bnc#1012382).\n- sc16is7xx: Fix for multi-channel stall (bnc#1012382).\n- sched/cgroup: Fix cgroup entity load tracking tear-down (bnc#1012382).\n- sched/fair: Fix throttle_list starvation with low CFS quota (bnc#1012382).\n- sch_red: update backlog as well (bnc#1012382).\n- scsi: aacraid: Fix typo in blink status (bnc#1012382).\n- scsi: bfa: convert to strlcpy/strlcat (bnc#1012382 bsc#1019683, ).\n- scsi: bnx2fc: Fix NULL dereference in error handling (bnc#1012382).\n- scsi: core: Allow state transitions from OFFLINE to BLOCKED (bsc#1112246).\n- scsi: Create two versions of scsi_internal_device_unblock() (bsc#1119877).\n- scsi: csiostor: Avoid content leaks and casts (bnc#1012382).\n- scsi: esp_scsi: Track residual for PIO transfers (bnc#1012382).\n- scsi: Introduce scsi_start_queue() (bsc#1119877).\n- scsi: libfc: check fc_frame_payload_get() return value for null (bsc#1103624, bsc#1104731).\n- scsi: libfc: retry PRLI if we cannot analyse the payload (bsc#1104731).\n- scsi: libiscsi: Fix NULL pointer dereference in iscsi_eh_session_reset (bnc#1012382).\n- scsi: lpfc: Add Buffer overflow check, when nvme_info larger than PAGE_SIZE (bsc#1102660).\n- scsi: lpfc: Correct soft lockup when running mds diagnostics (bnc#1012382).\n- scsi: lpfc: devloss timeout race condition caused null pointer reference (bsc#1102660).\n- scsi: lpfc: Fix abort error path for NVMET (bsc#1102660).\n- scsi: lpfc: fix block guard enablement on SLI3 adapters (bsc#1079935).\n- scsi: lpfc: Fix driver crash when re-registering NVME rports (bsc#1102660).\n- scsi: lpfc: Fix ELS abort on SLI-3 adapters (bsc#1102660).\n- scsi: lpfc: Fix list corruption on the completion queue (bsc#1102660).\n- scsi: lpfc: Fix NVME Target crash in defer rcv logic (bsc#1102660).\n- scsi: lpfc: Fix panic if driver unloaded when port is offline (bsc#1102660).\n- scsi: lpfc: update driver version to 11.4.0.7-5 (bsc#1102660).\n- scsi: Make __scsi_remove_device go straight from BLOCKED to DEL (bsc#1119877).\n- scsi: megaraid_sas: fix a missing-check bug (bnc#1012382).\n- scsi: Protect SCSI device state changes with a mutex (bsc#1119877).\n- scsi: qedi: Add ISCSI_BOOT_SYSFS to Kconfig (bsc#1043083).\n- scsi: qla2xxx: Fix crashes in qla2x00_probe_one on probe failure (bsc#1094973).\n- scsi: qla2xxx: Fix incorrect port speed being set for FC adapters (bnc#1012382).\n- scsi: qla2xxx: Fix small memory leak in qla2x00_probe_one on probe failure (bsc#1094973).\n- scsi: Re-export scsi_internal_device_{,un}_block() (bsc#1119877).\n- scsi: Split scsi_internal_device_block() (bsc#1119877).\n- scsi: target: add emulate_pr backstore attr to toggle PR support (bsc#1091405).\n- scsi: target: drop unused pi_prot_format attribute storage (bsc#1091405).\n- scsi: ufs: fix bugs related to null pointer access and array size (bnc#1012382).\n- scsi: ufs: fix race between clock gating and devfreq scaling work (bnc#1012382).\n- scsi: ufshcd: Fix race between clk scaling and ungate work (bnc#1012382).\n- scsi: ufshcd: release resources if probe fails (bnc#1012382).\n- scsi: use \u0027inquiry_mutex\u0027 instead of \u0027state_mutex\u0027 (bsc#1119877).\n- scsi: vmw_pscsi: Rearrange code to avoid multiple calls to free_irq during unload (bnc#1012382).\n- scsi: zfcp: fix posting too many status read buffers leading to adapter shutdown (bnc#1012382).\n- sctp: clear the transport of some out_chunk_list chunks in sctp_assoc_rm_peer (bnc#1012382).\n- sctp: fix race on sctp_id2asoc (bnc#1012382).\n- sctp: initialize sin6_flowinfo for ipv6 addrs in sctp_inet6addr_event (bnc#1012382).\n- selftests: ftrace: Add synthetic event syntax testcase (bnc#1012382).\n- selftests: Move networking/timestamping from Documentation (bnc#1012382).\n- seq_file: fix incomplete reset on read from zero offset.\n- ser_gigaset: use container_of() instead of detour (bnc#1012382).\n- signal: Always deliver the kernel\u0027s SIGKILL and SIGSTOP to a pid namespace init (bnc#1012382).\n- signal/GenWQE: Fix sending of SIGKILL (bnc#1012382).\n- smb3: allow stats which track session and share reconnects to be reset (bnc#1012382).\n- smb3: do not attempt cifs operation in smb3 query info error path (bnc#1012382).\n- smb3: on kerberos mount if server does not specify auth type use krb5 (bnc#1012382).\n- smsc75xx: Check for Wake-on-LAN modes (bnc#1012382).\n- smsc95xx: Check for Wake-on-LAN modes (bnc#1012382).\n- sock: Make sock-\u003esk_stamp thread-safe (bnc#1012382).\n- soc/tegra: pmc: Fix child-node lookup (bnc#1012382).\n- sparc64: Fix exception handling in UltraSPARC-III memcpy (bnc#1012382).\n- sparc64 mm: Fix more TSB sizing issues (bnc#1012382).\n- sparc: Fix single-pcr perf event counter management (bnc#1012382).\n- sparc/pci: Refactor dev_archdata initialization into pci_init_dev_archdata (bnc#1012382).\n- spi: bcm2835: Avoid finishing transfer prematurely in IRQ mode (bnc#1012382).\n- spi: bcm2835: Fix book-keeping of DMA termination (bnc#1012382).\n- spi: bcm2835: Fix race on DMA termination (bnc#1012382).\n- spi: bcm2835: Unbreak the build of esoteric configs (bnc#1012382).\n- spi/bcm63xx: fix error return code in bcm63xx_spi_probe() (bnc#1012382).\n- spi/bcm63xx-hspi: fix error return code in bcm63xx_hsspi_probe() (bnc#1012382).\n- spi: xlp: fix error return code in xlp_spi_probe() (bnc#1012382).\n- sr9800: Check for supported Wake-on-LAN modes (bnc#1012382).\n- sr: pass down correctly sized SCSI sense buffer (bnc#1012382).\n- Staging: lustre: remove two build warnings (bnc#1012382).\n- staging: rts5208: fix gcc-8 logic error warning (bnc#1012382).\n- staging: speakup: Replace strncpy with memcpy (bnc#1012382).\n- sunrpc: correct the computation for page_ptr when truncating (bnc#1012382).\n- SUNRPC: drop pointless static qualifier in xdr_get_next_encode_buffer() (bnc#1012382).\n- SUNRPC: Fix a bogus get/put in generic_key_to_expire() (bnc#1012382).\n- SUNRPC: Fix a potential race in xprt_connect().\n- SUNRPC: fix cache_head leak due to queued request (bnc#1012382).\n- SUNRPC: Fix leak of krb5p encode pages (bnc#1012382).\n- svcrdma: Remove unused variable in rdma_copy_tail().\n- swim: fix cleanup on setup error (bnc#1012382).\n- swiotlb: clean up reporting (bnc#1012382).\n- sysv: return \u0027err\u0027 instead of 0 in __sysv_write_inode (bnc#1012382).\n- target/iscsi: avoid NULL dereference in CHAP auth error path (bsc#1117165).\n- target: se_dev_attrib.emulate_pr ABI stability (bsc#1091405).\n- tcp: fix NULL ref in tail loss probe (bnc#1012382).\n- TC: Set DMA masks for devices (bnc#1012382).\n- termios, tty/tty_baudrate.c: fix buffer overrun (bnc#1012382).\n- tg3: Add PHY reset for 5717/5719/5720 in change ring and flow control paths (bnc#1012382).\n- thermal: allow spear-thermal driver to be a module (bnc#1012382).\n- thermal: allow u8500-thermal driver to be a module (bnc#1012382).\n- timer/debug: Change /proc/timer_list from 0444 to 0400 (bnc#1012382).\n- tmpfs: make lseek(SEEK_DATA/SEK_HOLE) return ENXIO with a negative offset (bnc#1012382).\n- tpm: fix response size validation in tpm_get_random() (bsc#1020645).\n- tpm: suppress transmit cmd error logs when TPM 1.2 is disabled/deactivated (bnc#1012382).\n- tracing: Fix bad use of igrab in trace_uprobe.c (bsc#1120046).\n- tracing: Fix memory leak in set_trigger_filter() (bnc#1012382).\n- tracing: Fix memory leak of instance function hash filters (bnc#1012382).\n- tracing: Skip more functions when doing stack tracing of events (bnc#1012382).\n- tty: check name length in tty_find_polling_driver() (bnc#1012382).\n- tty: serial: 8250_mtk: always resume the device in probe (bnc#1012382).\n- tty: serial: sprd: fix error return code in sprd_probe() (bnc#1012382).\n- tty: wipe buffer (bnc#1012382).\n- tty: wipe buffer if not echoing data (bnc#1012382).\n- tun: Consistently configure generic netdev params via rtnetlink (bnc#1012382).\n- tun: forbid iface creation with rtnl ops (bnc#1012382).\n- uio: ensure class is registered before devices (bnc#1012382).\n- uio: Fix an Oops on load (bnc#1012382).\n- uio: make symbol \u0027uio_class_registered\u0027 static.\n- um: Avoid longjmp/setjmp symbol clashes with libpthread.a (bnc#1012382).\n- um: Give start_idle_thread() a return code (bnc#1012382).\n- unifdef: use memcpy instead of strncpy (bnc#1012382).\n- uprobes: Fix handle_swbp() vs. unregister() + register() race once more (bnc#1012382).\n- usb: appledisplay: Add 27\u0027 Apple Cinema Display (bnc#1012382).\n- usb: cdc-acm: add entry for Hiro (Conexant) modem (bnc#1012382).\n- usb: check usb_get_extra_descriptor for proper size (bnc#1012382).\n- usb: chipidea: Prevent unbalanced IRQ disable (bnc#1012382).\n- usb: core: Fix hub port connection events lost (bnc#1012382).\n- usb: core: quirks: add RESET_RESUME quirk for Cherry G230 Stream series (bnc#1012382).\n- usb: dwc3: omap: fix error return code in dwc3_omap_probe() (bnc#1012382).\n- usb: ehci-omap: fix error return code in ehci_hcd_omap_probe() (bnc#1012382).\n- usb: fix the usbfs flag sanitization for control transfers (bnc#1012382).\n- usb: gadget: dummy: fix nonsensical comparisons (bnc#1012382).\n- usb: gadget: storage: Fix Spectre v1 vulnerability (bnc#1012382).\n- usb: imx21-hcd: fix error return code in imx21_probe() (bnc#1012382).\n- usb: misc: appledisplay: add 20\u0027 Apple Cinema Display (bnc#1012382).\n- usbnet: ipheth: fix potential recvmsg bug and recvmsg bug 2 (bnc#1012382).\n- usb: omap_udc: fix crashes on probe error and module removal (bnc#1012382).\n- usb: omap_udc: fix omap_udc_start() on 15xx machines (bnc#1012382).\n- usb: omap_udc: fix USB gadget functionality on Palm Tungsten E (bnc#1012382).\n- usb: omap_udc: use devm_request_irq() (bnc#1012382).\n- usb: quirk: add no-LPM quirk on SanDisk Ultra Flair device (bnc#1012382).\n- usb: quirks: Add delay-init quirk for Corsair K70 LUX RGB (bnc#1012382).\n- usb: quirks: Add no-lpm quirk for Raydium touchscreens (bnc#1012382).\n- usb: r8a66597: Fix a possible concurrency use-after-free bug in r8a66597_endpoint_disable() (bnc#1012382).\n- usb: serial: option: add Fibocom NL678 series (bnc#1012382).\n- usb: serial: option: add GosunCn ZTE WeLink ME3630 (bnc#1012382).\n- usb: serial: option: add HP lt4132 (bnc#1012382).\n- usb: serial: option: add Simcom SIM7500/SIM7600 (MBIM mode) (bnc#1012382).\n- usb: serial: option: add Telit LN940 series (bnc#1012382).\n- usb: serial: pl2303: add ids for Hewlett-Packard HP POS pole displays (bnc#1012382).\n- usb-storage: fix bogus hardware error messages for ATA pass-thru devices (bnc#1012382).\n- usb: usb-storage: Add new IDs to ums-realtek (bnc#1012382).\n- usb: xhci: fix timeout for transition from RExit to U0 (bnc#1012382).\n- usb: xhci: fix uninitialized completion when USB3 port got wrong status (bnc#1012382).\n- usb: xhci: Prevent bus suspend if a port connect change or polling state is detected (bnc#1012382).\n- v9fs_dir_readdir: fix double-free on p9stat_read error (bnc#1012382).\n- vfs: Avoid softlockups in drop_pagecache_sb() (bsc#1118505).\n- vhost: Fix Spectre V1 vulnerability (bnc#1012382).\n- vhost: make sure used idx is seen before log in vhost_add_used_n() (bnc#1012382).\n- vhost/scsi: truncate T10 PI iov_iter to prot_bytes (bnc#1012382).\n- video: fbdev: pxa3xx_gcu: fix error return code in pxa3xx_gcu_probe() (bnc#1012382).\n- virtio/s390: avoid race on vcdev-\u003econfig (bnc#1012382).\n- virtio/s390: fix race in ccw_io_helper() (bnc#1012382).\n- VSOCK: Send reset control packet when socket is partially bound (bnc#1012382).\n- vti6: flush x-netns xfrm cache when vti interface is removed (bnc#1012382).\n- w1: omap-hdq: fix missing bus unregister at removal (bnc#1012382).\n- x86: boot: Fix EFI stub alignment (bnc#1012382).\n- x86/boot: #undef memcpy() et al in string.c (bnc#1012382).\n- x86/build: Fix stack alignment for CLang (bnc#1012382).\n- x86/build: Specify stack alignment for clang (bnc#1012382).\n- x86/build: Use __cc-option for boot code compiler options (bnc#1012382).\n- x86/build: Use cc-option to validate stack alignment parameter (bnc#1012382).\n- x86/corruption-check: Fix panic in memory_corruption_check() when boot option without value is provided (bnc#1012382).\n- x86/earlyprintk/efi: Fix infinite loop on some screen widths (bnc#1012382).\n- x86/entry: spell EBX register correctly in documentation (bnc#1012382).\n- x86/kbuild: Use cc-option to enable -falign-{jumps/loops} (bnc#1012382).\n- x86/kconfig: Fall back to ticket spinlocks (bnc#1012382).\n- x86/MCE: Export memory_error() (bsc#1114648).\n- x86/MCE: Make correctable error detection look at the Deferred bit (bsc#1114648).\n- x86/mm/kaslr: Use the _ASM_MUL macro for multiplication to work around Clang incompatibility (bnc#1012382).\n- x86/mm/pat: Prevent hang during boot when mapping pages (bnc#1012382).\n- x86/mtrr: Do not copy uninitialized gentry fields back to userspace (bnc#1012382).\n- x86/speculation/l1tf: Drop the swap storage limit restriction when l1tf=off (bnc#1114871).\n- x86/speculation: Use synthetic bits for IBRS/IBPB/STIBP (bnc#1012382).\n- xen/balloon: Support xend-based toolstack (bnc#1065600).\n- xen/blkfront: avoid NULL blkfront_info dereference on device removal (bsc#1111062).\n- xen: fix race in xen_qlock_wait() (bnc#1012382).\n- xen: fix xen_qlock_wait() (bnc#1012382).\n- xen: make xen_qlock_wait() nestable (bnc#1012382).\n- xen/netback: dont overflow meta array (bnc#1099523).\n- xen/netfront: tolerate frags with no data (bnc#1012382).\n- xen-swiotlb: use actually allocated size on check physical continuous (bnc#1012382).\n- xen/x86: add diagnostic printout to xen_mc_flush() in case of error (bnc#1116183).\n- xen: xlate_mmu: add missing header to fix \u0027W=1\u0027 warning (bnc#1012382).\n- xfrm6: call kfree_skb when skb is toobig (bnc#1012382).\n- xfrm: Clear sk_dst_cache when applying per-socket policy (bnc#1012382).\n- xfrm: Fix bucket count reported to userspace (bnc#1012382).\n- xfrm: use complete IPv6 addresses for hash (bsc#1109330).\n- xfrm: Validate address prefix lengths in the xfrm selector (bnc#1012382).\n- xfrm: validate template mode (bnc#1012382).\n- xfs: Align compat attrlist_by_handle with native implementation.\n- xfs/dmapi: restore event in xfs_getbmap (bsc#1114763).\n- xfs: Fix error code in \u0027xfs_ioc_getbmap()\u0027.\n- xfs: fix quotacheck dquot id overflow infinite loop (bsc#1121621).\n- xhci: Add quirk to workaround the errata seen on Cavium Thunder-X2 Soc (bsc#1117162).\n- xhci: Do not prevent USB2 bus suspend in state check intended for USB3 only (bnc#1012382).\n- xhci: Prevent U1/U2 link pm states if exit latency is too long (bnc#1012382).\n- xprtrdma: checking for NULL instead of IS_ERR().\n- xprtrdma: Disable pad optimization by default.\n- xprtrdma: Disable RPC/RDMA backchannel debugging messages.\n- xprtrdma: Fix additional uses of spin_lock_irqsave(rb_lock).\n- xprtrdma: Fix backchannel allocation of extra rpcrdma_reps.\n- xprtrdma: Fix Read chunk padding.\n- xprtrdma: Fix receive buffer accounting.\n- xprtrdma: Reset credit grant properly after a disconnect.\n- xprtrdma: rpcrdma_bc_receive_call() should init rq_private_buf.len.\n- xprtrdma: Serialize credit accounting again.\n- xprtrdma: xprt_rdma_free() must not release backchannel reqs.\n- xtensa: add NOTES section to the linker script (bnc#1012382).\n- xtensa: enable coprocessors that are being flushed (bnc#1012382).\n- xtensa: fix boot parameters address translation (bnc#1012382).\n- xtensa: fix coprocessor context offset definitions (bnc#1012382).\n- xtensa: make sure bFLT stack is 16 byte aligned (bnc#1012382).\n- zram: close udev startup race condition as default groups (bnc#1012382).\n",
"title": "Description of the patch"
},
{
"category": "details",
"text": "SUSE-2019-148,SUSE-SLE-SERVER-12-SP3-2019-148",
"title": "Patchnames"
},
{
"category": "legal_disclaimer",
"text": "CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).",
"title": "Terms of use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://www.suse.com/support/security/contact/",
"name": "SUSE Product Security Team",
"namespace": "https://www.suse.com/"
},
"references": [
{
"category": "external",
"summary": "SUSE ratings",
"url": "https://www.suse.com/support/security/rating/"
},
{
"category": "self",
"summary": "URL of this CSAF notice",
"url": "https://ftp.suse.com/pub/projects/security/csaf/suse-su-2019_0148-1.json"
},
{
"category": "self",
"summary": "URL for SUSE-SU-2019:0148-1",
"url": "https://www.suse.com/support/update/announcement/2019/suse-su-20190148-1/"
},
{
"category": "self",
"summary": "E-Mail link for SUSE-SU-2019:0148-1",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2019-January/005060.html"
},
{
"category": "self",
"summary": "SUSE Bug 1012382",
"url": "https://bugzilla.suse.com/1012382"
},
{
"category": "self",
"summary": "SUSE Bug 1015336",
"url": "https://bugzilla.suse.com/1015336"
},
{
"category": "self",
"summary": "SUSE Bug 1015337",
"url": "https://bugzilla.suse.com/1015337"
},
{
"category": "self",
"summary": "SUSE Bug 1015340",
"url": "https://bugzilla.suse.com/1015340"
},
{
"category": "self",
"summary": "SUSE Bug 1019683",
"url": "https://bugzilla.suse.com/1019683"
},
{
"category": "self",
"summary": "SUSE Bug 1019695",
"url": "https://bugzilla.suse.com/1019695"
},
{
"category": "self",
"summary": "SUSE Bug 1020645",
"url": "https://bugzilla.suse.com/1020645"
},
{
"category": "self",
"summary": "SUSE Bug 1027260",
"url": "https://bugzilla.suse.com/1027260"
},
{
"category": "self",
"summary": "SUSE Bug 1027457",
"url": "https://bugzilla.suse.com/1027457"
},
{
"category": "self",
"summary": "SUSE Bug 1042286",
"url": "https://bugzilla.suse.com/1042286"
},
{
"category": "self",
"summary": "SUSE Bug 1043083",
"url": "https://bugzilla.suse.com/1043083"
},
{
"category": "self",
"summary": "SUSE Bug 1046264",
"url": "https://bugzilla.suse.com/1046264"
},
{
"category": "self",
"summary": "SUSE Bug 1047487",
"url": "https://bugzilla.suse.com/1047487"
},
{
"category": "self",
"summary": "SUSE Bug 1048916",
"url": "https://bugzilla.suse.com/1048916"
},
{
"category": "self",
"summary": "SUSE Bug 1065600",
"url": "https://bugzilla.suse.com/1065600"
},
{
"category": "self",
"summary": "SUSE Bug 1066223",
"url": "https://bugzilla.suse.com/1066223"
},
{
"category": "self",
"summary": "SUSE Bug 1068032",
"url": "https://bugzilla.suse.com/1068032"
},
{
"category": "self",
"summary": "SUSE Bug 1069702",
"url": "https://bugzilla.suse.com/1069702"
},
{
"category": "self",
"summary": "SUSE Bug 1070805",
"url": "https://bugzilla.suse.com/1070805"
},
{
"category": "self",
"summary": "SUSE Bug 1079935",
"url": "https://bugzilla.suse.com/1079935"
},
{
"category": "self",
"summary": "SUSE Bug 1087082",
"url": "https://bugzilla.suse.com/1087082"
},
{
"category": "self",
"summary": "SUSE Bug 1091405",
"url": "https://bugzilla.suse.com/1091405"
},
{
"category": "self",
"summary": "SUSE Bug 1093158",
"url": "https://bugzilla.suse.com/1093158"
},
{
"category": "self",
"summary": "SUSE Bug 1094244",
"url": "https://bugzilla.suse.com/1094244"
},
{
"category": "self",
"summary": "SUSE Bug 1094973",
"url": "https://bugzilla.suse.com/1094973"
},
{
"category": "self",
"summary": "SUSE Bug 1096242",
"url": "https://bugzilla.suse.com/1096242"
},
{
"category": "self",
"summary": "SUSE Bug 1096281",
"url": "https://bugzilla.suse.com/1096281"
},
{
"category": "self",
"summary": "SUSE Bug 1099523",
"url": "https://bugzilla.suse.com/1099523"
},
{
"category": "self",
"summary": "SUSE Bug 1100105",
"url": "https://bugzilla.suse.com/1100105"
},
{
"category": "self",
"summary": "SUSE Bug 1101557",
"url": "https://bugzilla.suse.com/1101557"
},
{
"category": "self",
"summary": "SUSE Bug 1102439",
"url": "https://bugzilla.suse.com/1102439"
},
{
"category": "self",
"summary": "SUSE Bug 1102660",
"url": "https://bugzilla.suse.com/1102660"
},
{
"category": "self",
"summary": "SUSE Bug 1103156",
"url": "https://bugzilla.suse.com/1103156"
},
{
"category": "self",
"summary": "SUSE Bug 1103257",
"url": "https://bugzilla.suse.com/1103257"
},
{
"category": "self",
"summary": "SUSE Bug 1103624",
"url": "https://bugzilla.suse.com/1103624"
},
{
"category": "self",
"summary": "SUSE Bug 1104098",
"url": "https://bugzilla.suse.com/1104098"
},
{
"category": "self",
"summary": "SUSE Bug 1104731",
"url": "https://bugzilla.suse.com/1104731"
},
{
"category": "self",
"summary": "SUSE Bug 1105412",
"url": "https://bugzilla.suse.com/1105412"
},
{
"category": "self",
"summary": "SUSE Bug 1106105",
"url": "https://bugzilla.suse.com/1106105"
},
{
"category": "self",
"summary": "SUSE Bug 1106237",
"url": "https://bugzilla.suse.com/1106237"
},
{
"category": "self",
"summary": "SUSE Bug 1106240",
"url": "https://bugzilla.suse.com/1106240"
},
{
"category": "self",
"summary": "SUSE Bug 1106929",
"url": "https://bugzilla.suse.com/1106929"
},
{
"category": "self",
"summary": "SUSE Bug 1107385",
"url": "https://bugzilla.suse.com/1107385"
},
{
"category": "self",
"summary": "SUSE Bug 1108145",
"url": "https://bugzilla.suse.com/1108145"
},
{
"category": "self",
"summary": "SUSE Bug 1108240",
"url": "https://bugzilla.suse.com/1108240"
},
{
"category": "self",
"summary": "SUSE Bug 1109272",
"url": "https://bugzilla.suse.com/1109272"
},
{
"category": "self",
"summary": "SUSE Bug 1109330",
"url": "https://bugzilla.suse.com/1109330"
},
{
"category": "self",
"summary": "SUSE Bug 1109806",
"url": "https://bugzilla.suse.com/1109806"
},
{
"category": "self",
"summary": "SUSE Bug 1110286",
"url": "https://bugzilla.suse.com/1110286"
},
{
"category": "self",
"summary": "SUSE Bug 1111062",
"url": "https://bugzilla.suse.com/1111062"
},
{
"category": "self",
"summary": "SUSE Bug 1111809",
"url": "https://bugzilla.suse.com/1111809"
},
{
"category": "self",
"summary": "SUSE Bug 1112246",
"url": "https://bugzilla.suse.com/1112246"
},
{
"category": "self",
"summary": "SUSE Bug 1112963",
"url": "https://bugzilla.suse.com/1112963"
},
{
"category": "self",
"summary": "SUSE Bug 1113412",
"url": "https://bugzilla.suse.com/1113412"
},
{
"category": "self",
"summary": "SUSE Bug 1114190",
"url": "https://bugzilla.suse.com/1114190"
},
{
"category": "self",
"summary": "SUSE Bug 1114417",
"url": "https://bugzilla.suse.com/1114417"
},
{
"category": "self",
"summary": "SUSE Bug 1114475",
"url": "https://bugzilla.suse.com/1114475"
},
{
"category": "self",
"summary": "SUSE Bug 1114648",
"url": "https://bugzilla.suse.com/1114648"
},
{
"category": "self",
"summary": "SUSE Bug 1114763",
"url": "https://bugzilla.suse.com/1114763"
},
{
"category": "self",
"summary": "SUSE Bug 1114839",
"url": "https://bugzilla.suse.com/1114839"
},
{
"category": "self",
"summary": "SUSE Bug 1114871",
"url": "https://bugzilla.suse.com/1114871"
},
{
"category": "self",
"summary": "SUSE Bug 1115431",
"url": "https://bugzilla.suse.com/1115431"
},
{
"category": "self",
"summary": "SUSE Bug 1115433",
"url": "https://bugzilla.suse.com/1115433"
},
{
"category": "self",
"summary": "SUSE Bug 1115440",
"url": "https://bugzilla.suse.com/1115440"
},
{
"category": "self",
"summary": "SUSE Bug 1115587",
"url": "https://bugzilla.suse.com/1115587"
},
{
"category": "self",
"summary": "SUSE Bug 1115709",
"url": "https://bugzilla.suse.com/1115709"
},
{
"category": "self",
"summary": "SUSE Bug 1116027",
"url": "https://bugzilla.suse.com/1116027"
},
{
"category": "self",
"summary": "SUSE Bug 1116183",
"url": "https://bugzilla.suse.com/1116183"
},
{
"category": "self",
"summary": "SUSE Bug 1116285",
"url": "https://bugzilla.suse.com/1116285"
},
{
"category": "self",
"summary": "SUSE Bug 1116336",
"url": "https://bugzilla.suse.com/1116336"
},
{
"category": "self",
"summary": "SUSE Bug 1116345",
"url": "https://bugzilla.suse.com/1116345"
},
{
"category": "self",
"summary": "SUSE Bug 1116497",
"url": "https://bugzilla.suse.com/1116497"
},
{
"category": "self",
"summary": "SUSE Bug 1116841",
"url": "https://bugzilla.suse.com/1116841"
},
{
"category": "self",
"summary": "SUSE Bug 1116924",
"url": "https://bugzilla.suse.com/1116924"
},
{
"category": "self",
"summary": "SUSE Bug 1116950",
"url": "https://bugzilla.suse.com/1116950"
},
{
"category": "self",
"summary": "SUSE Bug 1117162",
"url": "https://bugzilla.suse.com/1117162"
},
{
"category": "self",
"summary": "SUSE Bug 1117165",
"url": "https://bugzilla.suse.com/1117165"
},
{
"category": "self",
"summary": "SUSE Bug 1117186",
"url": "https://bugzilla.suse.com/1117186"
},
{
"category": "self",
"summary": "SUSE Bug 1117562",
"url": "https://bugzilla.suse.com/1117562"
},
{
"category": "self",
"summary": "SUSE Bug 1118152",
"url": "https://bugzilla.suse.com/1118152"
},
{
"category": "self",
"summary": "SUSE Bug 1118316",
"url": "https://bugzilla.suse.com/1118316"
},
{
"category": "self",
"summary": "SUSE Bug 1118319",
"url": "https://bugzilla.suse.com/1118319"
},
{
"category": "self",
"summary": "SUSE Bug 1118505",
"url": "https://bugzilla.suse.com/1118505"
},
{
"category": "self",
"summary": "SUSE Bug 1118790",
"url": "https://bugzilla.suse.com/1118790"
},
{
"category": "self",
"summary": "SUSE Bug 1118798",
"url": "https://bugzilla.suse.com/1118798"
},
{
"category": "self",
"summary": "SUSE Bug 1118915",
"url": "https://bugzilla.suse.com/1118915"
},
{
"category": "self",
"summary": "SUSE Bug 1118922",
"url": "https://bugzilla.suse.com/1118922"
},
{
"category": "self",
"summary": "SUSE Bug 1118926",
"url": "https://bugzilla.suse.com/1118926"
},
{
"category": "self",
"summary": "SUSE Bug 1118930",
"url": "https://bugzilla.suse.com/1118930"
},
{
"category": "self",
"summary": "SUSE Bug 1118936",
"url": "https://bugzilla.suse.com/1118936"
},
{
"category": "self",
"summary": "SUSE Bug 1119204",
"url": "https://bugzilla.suse.com/1119204"
},
{
"category": "self",
"summary": "SUSE Bug 1119714",
"url": "https://bugzilla.suse.com/1119714"
},
{
"category": "self",
"summary": "SUSE Bug 1119877",
"url": "https://bugzilla.suse.com/1119877"
},
{
"category": "self",
"summary": "SUSE Bug 1119946",
"url": "https://bugzilla.suse.com/1119946"
},
{
"category": "self",
"summary": "SUSE Bug 1119967",
"url": "https://bugzilla.suse.com/1119967"
},
{
"category": "self",
"summary": "SUSE Bug 1119970",
"url": "https://bugzilla.suse.com/1119970"
},
{
"category": "self",
"summary": "SUSE Bug 1120046",
"url": "https://bugzilla.suse.com/1120046"
},
{
"category": "self",
"summary": "SUSE Bug 1120743",
"url": "https://bugzilla.suse.com/1120743"
},
{
"category": "self",
"summary": "SUSE Bug 1121239",
"url": "https://bugzilla.suse.com/1121239"
},
{
"category": "self",
"summary": "SUSE Bug 1121240",
"url": "https://bugzilla.suse.com/1121240"
},
{
"category": "self",
"summary": "SUSE Bug 1121241",
"url": "https://bugzilla.suse.com/1121241"
},
{
"category": "self",
"summary": "SUSE Bug 1121242",
"url": "https://bugzilla.suse.com/1121242"
},
{
"category": "self",
"summary": "SUSE Bug 1121275",
"url": "https://bugzilla.suse.com/1121275"
},
{
"category": "self",
"summary": "SUSE Bug 1121621",
"url": "https://bugzilla.suse.com/1121621"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2017-16939 page",
"url": "https://www.suse.com/security/cve/CVE-2017-16939/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2018-1120 page",
"url": "https://www.suse.com/security/cve/CVE-2018-1120/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2018-16862 page",
"url": "https://www.suse.com/security/cve/CVE-2018-16862/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2018-16884 page",
"url": "https://www.suse.com/security/cve/CVE-2018-16884/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2018-19407 page",
"url": "https://www.suse.com/security/cve/CVE-2018-19407/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2018-19824 page",
"url": "https://www.suse.com/security/cve/CVE-2018-19824/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2018-19985 page",
"url": "https://www.suse.com/security/cve/CVE-2018-19985/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2018-20169 page",
"url": "https://www.suse.com/security/cve/CVE-2018-20169/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2018-3639 page",
"url": "https://www.suse.com/security/cve/CVE-2018-3639/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2018-9568 page",
"url": "https://www.suse.com/security/cve/CVE-2018-9568/"
}
],
"title": "Security update for the Linux Kernel",
"tracking": {
"current_release_date": "2019-01-23T16:57:46Z",
"generator": {
"date": "2019-01-23T16:57:46Z",
"engine": {
"name": "cve-database.git:bin/generate-csaf.pl",
"version": "1"
}
},
"id": "SUSE-SU-2019:0148-1",
"initial_release_date": "2019-01-23T16:57:46Z",
"revision_history": [
{
"date": "2019-01-23T16:57:46Z",
"number": "1",
"summary": "Current version"
}
],
"status": "final",
"version": "1"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_version",
"name": "kernel-devel-azure-4.4.170-4.22.1.noarch",
"product": {
"name": "kernel-devel-azure-4.4.170-4.22.1.noarch",
"product_id": "kernel-devel-azure-4.4.170-4.22.1.noarch"
}
},
{
"category": "product_version",
"name": "kernel-source-azure-4.4.170-4.22.1.noarch",
"product": {
"name": "kernel-source-azure-4.4.170-4.22.1.noarch",
"product_id": "kernel-source-azure-4.4.170-4.22.1.noarch"
}
}
],
"category": "architecture",
"name": "noarch"
},
{
"branches": [
{
"category": "product_version",
"name": "cluster-md-kmp-azure-4.4.170-4.22.1.x86_64",
"product": {
"name": "cluster-md-kmp-azure-4.4.170-4.22.1.x86_64",
"product_id": "cluster-md-kmp-azure-4.4.170-4.22.1.x86_64"
}
},
{
"category": "product_version",
"name": "dlm-kmp-azure-4.4.170-4.22.1.x86_64",
"product": {
"name": "dlm-kmp-azure-4.4.170-4.22.1.x86_64",
"product_id": "dlm-kmp-azure-4.4.170-4.22.1.x86_64"
}
},
{
"category": "product_version",
"name": "gfs2-kmp-azure-4.4.170-4.22.1.x86_64",
"product": {
"name": "gfs2-kmp-azure-4.4.170-4.22.1.x86_64",
"product_id": "gfs2-kmp-azure-4.4.170-4.22.1.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-azure-4.4.170-4.22.1.x86_64",
"product": {
"name": "kernel-azure-4.4.170-4.22.1.x86_64",
"product_id": "kernel-azure-4.4.170-4.22.1.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-azure-base-4.4.170-4.22.1.x86_64",
"product": {
"name": "kernel-azure-base-4.4.170-4.22.1.x86_64",
"product_id": "kernel-azure-base-4.4.170-4.22.1.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-azure-devel-4.4.170-4.22.1.x86_64",
"product": {
"name": "kernel-azure-devel-4.4.170-4.22.1.x86_64",
"product_id": "kernel-azure-devel-4.4.170-4.22.1.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-azure-extra-4.4.170-4.22.1.x86_64",
"product": {
"name": "kernel-azure-extra-4.4.170-4.22.1.x86_64",
"product_id": "kernel-azure-extra-4.4.170-4.22.1.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-azure-kgraft-4.4.170-4.22.1.x86_64",
"product": {
"name": "kernel-azure-kgraft-4.4.170-4.22.1.x86_64",
"product_id": "kernel-azure-kgraft-4.4.170-4.22.1.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-syms-azure-4.4.170-4.22.1.x86_64",
"product": {
"name": "kernel-syms-azure-4.4.170-4.22.1.x86_64",
"product_id": "kernel-syms-azure-4.4.170-4.22.1.x86_64"
}
},
{
"category": "product_version",
"name": "kselftests-kmp-azure-4.4.170-4.22.1.x86_64",
"product": {
"name": "kselftests-kmp-azure-4.4.170-4.22.1.x86_64",
"product_id": "kselftests-kmp-azure-4.4.170-4.22.1.x86_64"
}
},
{
"category": "product_version",
"name": "ocfs2-kmp-azure-4.4.170-4.22.1.x86_64",
"product": {
"name": "ocfs2-kmp-azure-4.4.170-4.22.1.x86_64",
"product_id": "ocfs2-kmp-azure-4.4.170-4.22.1.x86_64"
}
}
],
"category": "architecture",
"name": "x86_64"
},
{
"branches": [
{
"category": "product_name",
"name": "SUSE Linux Enterprise Server 12 SP3",
"product": {
"name": "SUSE Linux Enterprise Server 12 SP3",
"product_id": "SUSE Linux Enterprise Server 12 SP3",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sles:12:sp3"
}
}
},
{
"category": "product_name",
"name": "SUSE Linux Enterprise Server for SAP Applications 12 SP3",
"product": {
"name": "SUSE Linux Enterprise Server for SAP Applications 12 SP3",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 12 SP3",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sles_sap:12:sp3"
}
}
}
],
"category": "product_family",
"name": "SUSE Linux Enterprise"
}
],
"category": "vendor",
"name": "SUSE"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-azure-4.4.170-4.22.1.x86_64 as component of SUSE Linux Enterprise Server 12 SP3",
"product_id": "SUSE Linux Enterprise Server 12 SP3:kernel-azure-4.4.170-4.22.1.x86_64"
},
"product_reference": "kernel-azure-4.4.170-4.22.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-azure-base-4.4.170-4.22.1.x86_64 as component of SUSE Linux Enterprise Server 12 SP3",
"product_id": "SUSE Linux Enterprise Server 12 SP3:kernel-azure-base-4.4.170-4.22.1.x86_64"
},
"product_reference": "kernel-azure-base-4.4.170-4.22.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-azure-devel-4.4.170-4.22.1.x86_64 as component of SUSE Linux Enterprise Server 12 SP3",
"product_id": "SUSE Linux Enterprise Server 12 SP3:kernel-azure-devel-4.4.170-4.22.1.x86_64"
},
"product_reference": "kernel-azure-devel-4.4.170-4.22.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-devel-azure-4.4.170-4.22.1.noarch as component of SUSE Linux Enterprise Server 12 SP3",
"product_id": "SUSE Linux Enterprise Server 12 SP3:kernel-devel-azure-4.4.170-4.22.1.noarch"
},
"product_reference": "kernel-devel-azure-4.4.170-4.22.1.noarch",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-source-azure-4.4.170-4.22.1.noarch as component of SUSE Linux Enterprise Server 12 SP3",
"product_id": "SUSE Linux Enterprise Server 12 SP3:kernel-source-azure-4.4.170-4.22.1.noarch"
},
"product_reference": "kernel-source-azure-4.4.170-4.22.1.noarch",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-syms-azure-4.4.170-4.22.1.x86_64 as component of SUSE Linux Enterprise Server 12 SP3",
"product_id": "SUSE Linux Enterprise Server 12 SP3:kernel-syms-azure-4.4.170-4.22.1.x86_64"
},
"product_reference": "kernel-syms-azure-4.4.170-4.22.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-azure-4.4.170-4.22.1.x86_64 as component of SUSE Linux Enterprise Server for SAP Applications 12 SP3",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-azure-4.4.170-4.22.1.x86_64"
},
"product_reference": "kernel-azure-4.4.170-4.22.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 12 SP3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-azure-base-4.4.170-4.22.1.x86_64 as component of SUSE Linux Enterprise Server for SAP Applications 12 SP3",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-azure-base-4.4.170-4.22.1.x86_64"
},
"product_reference": "kernel-azure-base-4.4.170-4.22.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 12 SP3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-azure-devel-4.4.170-4.22.1.x86_64 as component of SUSE Linux Enterprise Server for SAP Applications 12 SP3",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-azure-devel-4.4.170-4.22.1.x86_64"
},
"product_reference": "kernel-azure-devel-4.4.170-4.22.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 12 SP3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-devel-azure-4.4.170-4.22.1.noarch as component of SUSE Linux Enterprise Server for SAP Applications 12 SP3",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-devel-azure-4.4.170-4.22.1.noarch"
},
"product_reference": "kernel-devel-azure-4.4.170-4.22.1.noarch",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 12 SP3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-source-azure-4.4.170-4.22.1.noarch as component of SUSE Linux Enterprise Server for SAP Applications 12 SP3",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-source-azure-4.4.170-4.22.1.noarch"
},
"product_reference": "kernel-source-azure-4.4.170-4.22.1.noarch",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 12 SP3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-syms-azure-4.4.170-4.22.1.x86_64 as component of SUSE Linux Enterprise Server for SAP Applications 12 SP3",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-syms-azure-4.4.170-4.22.1.x86_64"
},
"product_reference": "kernel-syms-azure-4.4.170-4.22.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 12 SP3"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2017-16939",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2017-16939"
}
],
"notes": [
{
"category": "general",
"text": "The XFRM dump policy implementation in net/xfrm/xfrm_user.c in the Linux kernel before 4.13.11 allows local users to gain privileges or cause a denial of service (use-after-free) via a crafted SO_RCVBUF setsockopt system call in conjunction with XFRM_MSG_GETPOLICY Netlink messages.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Server 12 SP3:kernel-azure-4.4.170-4.22.1.x86_64",
"SUSE Linux Enterprise Server 12 SP3:kernel-azure-base-4.4.170-4.22.1.x86_64",
"SUSE Linux Enterprise Server 12 SP3:kernel-azure-devel-4.4.170-4.22.1.x86_64",
"SUSE Linux Enterprise Server 12 SP3:kernel-devel-azure-4.4.170-4.22.1.noarch",
"SUSE Linux Enterprise Server 12 SP3:kernel-source-azure-4.4.170-4.22.1.noarch",
"SUSE Linux Enterprise Server 12 SP3:kernel-syms-azure-4.4.170-4.22.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-azure-4.4.170-4.22.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-azure-base-4.4.170-4.22.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-azure-devel-4.4.170-4.22.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-devel-azure-4.4.170-4.22.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-source-azure-4.4.170-4.22.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-syms-azure-4.4.170-4.22.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2017-16939",
"url": "https://www.suse.com/security/cve/CVE-2017-16939"
},
{
"category": "external",
"summary": "SUSE Bug 1069702 for CVE-2017-16939",
"url": "https://bugzilla.suse.com/1069702"
},
{
"category": "external",
"summary": "SUSE Bug 1069708 for CVE-2017-16939",
"url": "https://bugzilla.suse.com/1069708"
},
{
"category": "external",
"summary": "SUSE Bug 1115893 for CVE-2017-16939",
"url": "https://bugzilla.suse.com/1115893"
},
{
"category": "external",
"summary": "SUSE Bug 1120260 for CVE-2017-16939",
"url": "https://bugzilla.suse.com/1120260"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Server 12 SP3:kernel-azure-4.4.170-4.22.1.x86_64",
"SUSE Linux Enterprise Server 12 SP3:kernel-azure-base-4.4.170-4.22.1.x86_64",
"SUSE Linux Enterprise Server 12 SP3:kernel-azure-devel-4.4.170-4.22.1.x86_64",
"SUSE Linux Enterprise Server 12 SP3:kernel-devel-azure-4.4.170-4.22.1.noarch",
"SUSE Linux Enterprise Server 12 SP3:kernel-source-azure-4.4.170-4.22.1.noarch",
"SUSE Linux Enterprise Server 12 SP3:kernel-syms-azure-4.4.170-4.22.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-azure-4.4.170-4.22.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-azure-base-4.4.170-4.22.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-azure-devel-4.4.170-4.22.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-devel-azure-4.4.170-4.22.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-source-azure-4.4.170-4.22.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-syms-azure-4.4.170-4.22.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"products": [
"SUSE Linux Enterprise Server 12 SP3:kernel-azure-4.4.170-4.22.1.x86_64",
"SUSE Linux Enterprise Server 12 SP3:kernel-azure-base-4.4.170-4.22.1.x86_64",
"SUSE Linux Enterprise Server 12 SP3:kernel-azure-devel-4.4.170-4.22.1.x86_64",
"SUSE Linux Enterprise Server 12 SP3:kernel-devel-azure-4.4.170-4.22.1.noarch",
"SUSE Linux Enterprise Server 12 SP3:kernel-source-azure-4.4.170-4.22.1.noarch",
"SUSE Linux Enterprise Server 12 SP3:kernel-syms-azure-4.4.170-4.22.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-azure-4.4.170-4.22.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-azure-base-4.4.170-4.22.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-azure-devel-4.4.170-4.22.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-devel-azure-4.4.170-4.22.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-source-azure-4.4.170-4.22.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-syms-azure-4.4.170-4.22.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2019-01-23T16:57:46Z",
"details": "moderate"
}
],
"title": "CVE-2017-16939"
},
{
"cve": "CVE-2018-1120",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2018-1120"
}
],
"notes": [
{
"category": "general",
"text": "A flaw was found affecting the Linux kernel before version 4.17. By mmap()ing a FUSE-backed file onto a process\u0027s memory containing command line arguments (or environment strings), an attacker can cause utilities from psutils or procps (such as ps, w) or any other program which makes a read() call to the /proc/\u003cpid\u003e/cmdline (or /proc/\u003cpid\u003e/environ) files to block indefinitely (denial of service) or for some controlled time (as a synchronization primitive for other attacks).",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Server 12 SP3:kernel-azure-4.4.170-4.22.1.x86_64",
"SUSE Linux Enterprise Server 12 SP3:kernel-azure-base-4.4.170-4.22.1.x86_64",
"SUSE Linux Enterprise Server 12 SP3:kernel-azure-devel-4.4.170-4.22.1.x86_64",
"SUSE Linux Enterprise Server 12 SP3:kernel-devel-azure-4.4.170-4.22.1.noarch",
"SUSE Linux Enterprise Server 12 SP3:kernel-source-azure-4.4.170-4.22.1.noarch",
"SUSE Linux Enterprise Server 12 SP3:kernel-syms-azure-4.4.170-4.22.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-azure-4.4.170-4.22.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-azure-base-4.4.170-4.22.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-azure-devel-4.4.170-4.22.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-devel-azure-4.4.170-4.22.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-source-azure-4.4.170-4.22.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-syms-azure-4.4.170-4.22.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2018-1120",
"url": "https://www.suse.com/security/cve/CVE-2018-1120"
},
{
"category": "external",
"summary": "SUSE Bug 1087082 for CVE-2018-1120",
"url": "https://bugzilla.suse.com/1087082"
},
{
"category": "external",
"summary": "SUSE Bug 1092100 for CVE-2018-1120",
"url": "https://bugzilla.suse.com/1092100"
},
{
"category": "external",
"summary": "SUSE Bug 1093158 for CVE-2018-1120",
"url": "https://bugzilla.suse.com/1093158"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Server 12 SP3:kernel-azure-4.4.170-4.22.1.x86_64",
"SUSE Linux Enterprise Server 12 SP3:kernel-azure-base-4.4.170-4.22.1.x86_64",
"SUSE Linux Enterprise Server 12 SP3:kernel-azure-devel-4.4.170-4.22.1.x86_64",
"SUSE Linux Enterprise Server 12 SP3:kernel-devel-azure-4.4.170-4.22.1.noarch",
"SUSE Linux Enterprise Server 12 SP3:kernel-source-azure-4.4.170-4.22.1.noarch",
"SUSE Linux Enterprise Server 12 SP3:kernel-syms-azure-4.4.170-4.22.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-azure-4.4.170-4.22.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-azure-base-4.4.170-4.22.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-azure-devel-4.4.170-4.22.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-devel-azure-4.4.170-4.22.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-source-azure-4.4.170-4.22.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-syms-azure-4.4.170-4.22.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 3.3,
"baseSeverity": "LOW",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L",
"version": "3.0"
},
"products": [
"SUSE Linux Enterprise Server 12 SP3:kernel-azure-4.4.170-4.22.1.x86_64",
"SUSE Linux Enterprise Server 12 SP3:kernel-azure-base-4.4.170-4.22.1.x86_64",
"SUSE Linux Enterprise Server 12 SP3:kernel-azure-devel-4.4.170-4.22.1.x86_64",
"SUSE Linux Enterprise Server 12 SP3:kernel-devel-azure-4.4.170-4.22.1.noarch",
"SUSE Linux Enterprise Server 12 SP3:kernel-source-azure-4.4.170-4.22.1.noarch",
"SUSE Linux Enterprise Server 12 SP3:kernel-syms-azure-4.4.170-4.22.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-azure-4.4.170-4.22.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-azure-base-4.4.170-4.22.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-azure-devel-4.4.170-4.22.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-devel-azure-4.4.170-4.22.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-source-azure-4.4.170-4.22.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-syms-azure-4.4.170-4.22.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2019-01-23T16:57:46Z",
"details": "low"
}
],
"title": "CVE-2018-1120"
},
{
"cve": "CVE-2018-16862",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2018-16862"
}
],
"notes": [
{
"category": "general",
"text": "A security flaw was found in the Linux kernel in a way that the cleancache subsystem clears an inode after the final file truncation (removal). The new file created with the same inode may contain leftover pages from cleancache and the old file data instead of the new one.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Server 12 SP3:kernel-azure-4.4.170-4.22.1.x86_64",
"SUSE Linux Enterprise Server 12 SP3:kernel-azure-base-4.4.170-4.22.1.x86_64",
"SUSE Linux Enterprise Server 12 SP3:kernel-azure-devel-4.4.170-4.22.1.x86_64",
"SUSE Linux Enterprise Server 12 SP3:kernel-devel-azure-4.4.170-4.22.1.noarch",
"SUSE Linux Enterprise Server 12 SP3:kernel-source-azure-4.4.170-4.22.1.noarch",
"SUSE Linux Enterprise Server 12 SP3:kernel-syms-azure-4.4.170-4.22.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-azure-4.4.170-4.22.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-azure-base-4.4.170-4.22.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-azure-devel-4.4.170-4.22.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-devel-azure-4.4.170-4.22.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-source-azure-4.4.170-4.22.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-syms-azure-4.4.170-4.22.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2018-16862",
"url": "https://www.suse.com/security/cve/CVE-2018-16862"
},
{
"category": "external",
"summary": "SUSE Bug 1117186 for CVE-2018-16862",
"url": "https://bugzilla.suse.com/1117186"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Server 12 SP3:kernel-azure-4.4.170-4.22.1.x86_64",
"SUSE Linux Enterprise Server 12 SP3:kernel-azure-base-4.4.170-4.22.1.x86_64",
"SUSE Linux Enterprise Server 12 SP3:kernel-azure-devel-4.4.170-4.22.1.x86_64",
"SUSE Linux Enterprise Server 12 SP3:kernel-devel-azure-4.4.170-4.22.1.noarch",
"SUSE Linux Enterprise Server 12 SP3:kernel-source-azure-4.4.170-4.22.1.noarch",
"SUSE Linux Enterprise Server 12 SP3:kernel-syms-azure-4.4.170-4.22.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-azure-4.4.170-4.22.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-azure-base-4.4.170-4.22.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-azure-devel-4.4.170-4.22.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-devel-azure-4.4.170-4.22.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-source-azure-4.4.170-4.22.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-syms-azure-4.4.170-4.22.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.0/AV:L/AC:H/PR:N/UI:R/S:U/C:H/I:L/A:N",
"version": "3.0"
},
"products": [
"SUSE Linux Enterprise Server 12 SP3:kernel-azure-4.4.170-4.22.1.x86_64",
"SUSE Linux Enterprise Server 12 SP3:kernel-azure-base-4.4.170-4.22.1.x86_64",
"SUSE Linux Enterprise Server 12 SP3:kernel-azure-devel-4.4.170-4.22.1.x86_64",
"SUSE Linux Enterprise Server 12 SP3:kernel-devel-azure-4.4.170-4.22.1.noarch",
"SUSE Linux Enterprise Server 12 SP3:kernel-source-azure-4.4.170-4.22.1.noarch",
"SUSE Linux Enterprise Server 12 SP3:kernel-syms-azure-4.4.170-4.22.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-azure-4.4.170-4.22.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-azure-base-4.4.170-4.22.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-azure-devel-4.4.170-4.22.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-devel-azure-4.4.170-4.22.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-source-azure-4.4.170-4.22.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-syms-azure-4.4.170-4.22.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2019-01-23T16:57:46Z",
"details": "moderate"
}
],
"title": "CVE-2018-16862"
},
{
"cve": "CVE-2018-16884",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2018-16884"
}
],
"notes": [
{
"category": "general",
"text": "A flaw was found in the Linux kernel\u0027s NFS41+ subsystem. NFS41+ shares mounted in different network namespaces at the same time can make bc_svc_process() use wrong back-channel IDs and cause a use-after-free vulnerability. Thus a malicious container user can cause a host kernel memory corruption and a system panic. Due to the nature of the flaw, privilege escalation cannot be fully ruled out.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Server 12 SP3:kernel-azure-4.4.170-4.22.1.x86_64",
"SUSE Linux Enterprise Server 12 SP3:kernel-azure-base-4.4.170-4.22.1.x86_64",
"SUSE Linux Enterprise Server 12 SP3:kernel-azure-devel-4.4.170-4.22.1.x86_64",
"SUSE Linux Enterprise Server 12 SP3:kernel-devel-azure-4.4.170-4.22.1.noarch",
"SUSE Linux Enterprise Server 12 SP3:kernel-source-azure-4.4.170-4.22.1.noarch",
"SUSE Linux Enterprise Server 12 SP3:kernel-syms-azure-4.4.170-4.22.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-azure-4.4.170-4.22.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-azure-base-4.4.170-4.22.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-azure-devel-4.4.170-4.22.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-devel-azure-4.4.170-4.22.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-source-azure-4.4.170-4.22.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-syms-azure-4.4.170-4.22.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2018-16884",
"url": "https://www.suse.com/security/cve/CVE-2018-16884"
},
{
"category": "external",
"summary": "SUSE Bug 1119946 for CVE-2018-16884",
"url": "https://bugzilla.suse.com/1119946"
},
{
"category": "external",
"summary": "SUSE Bug 1119947 for CVE-2018-16884",
"url": "https://bugzilla.suse.com/1119947"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Server 12 SP3:kernel-azure-4.4.170-4.22.1.x86_64",
"SUSE Linux Enterprise Server 12 SP3:kernel-azure-base-4.4.170-4.22.1.x86_64",
"SUSE Linux Enterprise Server 12 SP3:kernel-azure-devel-4.4.170-4.22.1.x86_64",
"SUSE Linux Enterprise Server 12 SP3:kernel-devel-azure-4.4.170-4.22.1.noarch",
"SUSE Linux Enterprise Server 12 SP3:kernel-source-azure-4.4.170-4.22.1.noarch",
"SUSE Linux Enterprise Server 12 SP3:kernel-syms-azure-4.4.170-4.22.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-azure-4.4.170-4.22.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-azure-base-4.4.170-4.22.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-azure-devel-4.4.170-4.22.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-devel-azure-4.4.170-4.22.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-source-azure-4.4.170-4.22.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-syms-azure-4.4.170-4.22.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"products": [
"SUSE Linux Enterprise Server 12 SP3:kernel-azure-4.4.170-4.22.1.x86_64",
"SUSE Linux Enterprise Server 12 SP3:kernel-azure-base-4.4.170-4.22.1.x86_64",
"SUSE Linux Enterprise Server 12 SP3:kernel-azure-devel-4.4.170-4.22.1.x86_64",
"SUSE Linux Enterprise Server 12 SP3:kernel-devel-azure-4.4.170-4.22.1.noarch",
"SUSE Linux Enterprise Server 12 SP3:kernel-source-azure-4.4.170-4.22.1.noarch",
"SUSE Linux Enterprise Server 12 SP3:kernel-syms-azure-4.4.170-4.22.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-azure-4.4.170-4.22.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-azure-base-4.4.170-4.22.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-azure-devel-4.4.170-4.22.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-devel-azure-4.4.170-4.22.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-source-azure-4.4.170-4.22.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-syms-azure-4.4.170-4.22.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2019-01-23T16:57:46Z",
"details": "important"
}
],
"title": "CVE-2018-16884"
},
{
"cve": "CVE-2018-19407",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2018-19407"
}
],
"notes": [
{
"category": "general",
"text": "The vcpu_scan_ioapic function in arch/x86/kvm/x86.c in the Linux kernel through 4.19.2 allows local users to cause a denial of service (NULL pointer dereference and BUG) via crafted system calls that reach a situation where ioapic is uninitialized.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Server 12 SP3:kernel-azure-4.4.170-4.22.1.x86_64",
"SUSE Linux Enterprise Server 12 SP3:kernel-azure-base-4.4.170-4.22.1.x86_64",
"SUSE Linux Enterprise Server 12 SP3:kernel-azure-devel-4.4.170-4.22.1.x86_64",
"SUSE Linux Enterprise Server 12 SP3:kernel-devel-azure-4.4.170-4.22.1.noarch",
"SUSE Linux Enterprise Server 12 SP3:kernel-source-azure-4.4.170-4.22.1.noarch",
"SUSE Linux Enterprise Server 12 SP3:kernel-syms-azure-4.4.170-4.22.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-azure-4.4.170-4.22.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-azure-base-4.4.170-4.22.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-azure-devel-4.4.170-4.22.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-devel-azure-4.4.170-4.22.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-source-azure-4.4.170-4.22.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-syms-azure-4.4.170-4.22.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2018-19407",
"url": "https://www.suse.com/security/cve/CVE-2018-19407"
},
{
"category": "external",
"summary": "SUSE Bug 1116841 for CVE-2018-19407",
"url": "https://bugzilla.suse.com/1116841"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Server 12 SP3:kernel-azure-4.4.170-4.22.1.x86_64",
"SUSE Linux Enterprise Server 12 SP3:kernel-azure-base-4.4.170-4.22.1.x86_64",
"SUSE Linux Enterprise Server 12 SP3:kernel-azure-devel-4.4.170-4.22.1.x86_64",
"SUSE Linux Enterprise Server 12 SP3:kernel-devel-azure-4.4.170-4.22.1.noarch",
"SUSE Linux Enterprise Server 12 SP3:kernel-source-azure-4.4.170-4.22.1.noarch",
"SUSE Linux Enterprise Server 12 SP3:kernel-syms-azure-4.4.170-4.22.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-azure-4.4.170-4.22.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-azure-base-4.4.170-4.22.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-azure-devel-4.4.170-4.22.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-devel-azure-4.4.170-4.22.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-source-azure-4.4.170-4.22.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-syms-azure-4.4.170-4.22.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.0"
},
"products": [
"SUSE Linux Enterprise Server 12 SP3:kernel-azure-4.4.170-4.22.1.x86_64",
"SUSE Linux Enterprise Server 12 SP3:kernel-azure-base-4.4.170-4.22.1.x86_64",
"SUSE Linux Enterprise Server 12 SP3:kernel-azure-devel-4.4.170-4.22.1.x86_64",
"SUSE Linux Enterprise Server 12 SP3:kernel-devel-azure-4.4.170-4.22.1.noarch",
"SUSE Linux Enterprise Server 12 SP3:kernel-source-azure-4.4.170-4.22.1.noarch",
"SUSE Linux Enterprise Server 12 SP3:kernel-syms-azure-4.4.170-4.22.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-azure-4.4.170-4.22.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-azure-base-4.4.170-4.22.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-azure-devel-4.4.170-4.22.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-devel-azure-4.4.170-4.22.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-source-azure-4.4.170-4.22.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-syms-azure-4.4.170-4.22.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2019-01-23T16:57:46Z",
"details": "moderate"
}
],
"title": "CVE-2018-19407"
},
{
"cve": "CVE-2018-19824",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2018-19824"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel through 4.19.6, a local user could exploit a use-after-free in the ALSA driver by supplying a malicious USB Sound device (with zero interfaces) that is mishandled in usb_audio_probe in sound/usb/card.c.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Server 12 SP3:kernel-azure-4.4.170-4.22.1.x86_64",
"SUSE Linux Enterprise Server 12 SP3:kernel-azure-base-4.4.170-4.22.1.x86_64",
"SUSE Linux Enterprise Server 12 SP3:kernel-azure-devel-4.4.170-4.22.1.x86_64",
"SUSE Linux Enterprise Server 12 SP3:kernel-devel-azure-4.4.170-4.22.1.noarch",
"SUSE Linux Enterprise Server 12 SP3:kernel-source-azure-4.4.170-4.22.1.noarch",
"SUSE Linux Enterprise Server 12 SP3:kernel-syms-azure-4.4.170-4.22.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-azure-4.4.170-4.22.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-azure-base-4.4.170-4.22.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-azure-devel-4.4.170-4.22.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-devel-azure-4.4.170-4.22.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-source-azure-4.4.170-4.22.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-syms-azure-4.4.170-4.22.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2018-19824",
"url": "https://www.suse.com/security/cve/CVE-2018-19824"
},
{
"category": "external",
"summary": "SUSE Bug 1118152 for CVE-2018-19824",
"url": "https://bugzilla.suse.com/1118152"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Server 12 SP3:kernel-azure-4.4.170-4.22.1.x86_64",
"SUSE Linux Enterprise Server 12 SP3:kernel-azure-base-4.4.170-4.22.1.x86_64",
"SUSE Linux Enterprise Server 12 SP3:kernel-azure-devel-4.4.170-4.22.1.x86_64",
"SUSE Linux Enterprise Server 12 SP3:kernel-devel-azure-4.4.170-4.22.1.noarch",
"SUSE Linux Enterprise Server 12 SP3:kernel-source-azure-4.4.170-4.22.1.noarch",
"SUSE Linux Enterprise Server 12 SP3:kernel-syms-azure-4.4.170-4.22.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-azure-4.4.170-4.22.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-azure-base-4.4.170-4.22.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-azure-devel-4.4.170-4.22.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-devel-azure-4.4.170-4.22.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-source-azure-4.4.170-4.22.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-syms-azure-4.4.170-4.22.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.6,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.0/AV:P/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"products": [
"SUSE Linux Enterprise Server 12 SP3:kernel-azure-4.4.170-4.22.1.x86_64",
"SUSE Linux Enterprise Server 12 SP3:kernel-azure-base-4.4.170-4.22.1.x86_64",
"SUSE Linux Enterprise Server 12 SP3:kernel-azure-devel-4.4.170-4.22.1.x86_64",
"SUSE Linux Enterprise Server 12 SP3:kernel-devel-azure-4.4.170-4.22.1.noarch",
"SUSE Linux Enterprise Server 12 SP3:kernel-source-azure-4.4.170-4.22.1.noarch",
"SUSE Linux Enterprise Server 12 SP3:kernel-syms-azure-4.4.170-4.22.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-azure-4.4.170-4.22.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-azure-base-4.4.170-4.22.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-azure-devel-4.4.170-4.22.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-devel-azure-4.4.170-4.22.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-source-azure-4.4.170-4.22.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-syms-azure-4.4.170-4.22.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2019-01-23T16:57:46Z",
"details": "moderate"
}
],
"title": "CVE-2018-19824"
},
{
"cve": "CVE-2018-19985",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2018-19985"
}
],
"notes": [
{
"category": "general",
"text": "The function hso_get_config_data in drivers/net/usb/hso.c in the Linux kernel through 4.19.8 reads if_num from the USB device (as a u8) and uses it to index a small array, resulting in an object out-of-bounds (OOB) read that potentially allows arbitrary read in the kernel address space.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Server 12 SP3:kernel-azure-4.4.170-4.22.1.x86_64",
"SUSE Linux Enterprise Server 12 SP3:kernel-azure-base-4.4.170-4.22.1.x86_64",
"SUSE Linux Enterprise Server 12 SP3:kernel-azure-devel-4.4.170-4.22.1.x86_64",
"SUSE Linux Enterprise Server 12 SP3:kernel-devel-azure-4.4.170-4.22.1.noarch",
"SUSE Linux Enterprise Server 12 SP3:kernel-source-azure-4.4.170-4.22.1.noarch",
"SUSE Linux Enterprise Server 12 SP3:kernel-syms-azure-4.4.170-4.22.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-azure-4.4.170-4.22.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-azure-base-4.4.170-4.22.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-azure-devel-4.4.170-4.22.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-devel-azure-4.4.170-4.22.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-source-azure-4.4.170-4.22.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-syms-azure-4.4.170-4.22.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2018-19985",
"url": "https://www.suse.com/security/cve/CVE-2018-19985"
},
{
"category": "external",
"summary": "SUSE Bug 1120743 for CVE-2018-19985",
"url": "https://bugzilla.suse.com/1120743"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Server 12 SP3:kernel-azure-4.4.170-4.22.1.x86_64",
"SUSE Linux Enterprise Server 12 SP3:kernel-azure-base-4.4.170-4.22.1.x86_64",
"SUSE Linux Enterprise Server 12 SP3:kernel-azure-devel-4.4.170-4.22.1.x86_64",
"SUSE Linux Enterprise Server 12 SP3:kernel-devel-azure-4.4.170-4.22.1.noarch",
"SUSE Linux Enterprise Server 12 SP3:kernel-source-azure-4.4.170-4.22.1.noarch",
"SUSE Linux Enterprise Server 12 SP3:kernel-syms-azure-4.4.170-4.22.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-azure-4.4.170-4.22.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-azure-base-4.4.170-4.22.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-azure-devel-4.4.170-4.22.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-devel-azure-4.4.170-4.22.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-source-azure-4.4.170-4.22.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-syms-azure-4.4.170-4.22.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N",
"version": "3.0"
},
"products": [
"SUSE Linux Enterprise Server 12 SP3:kernel-azure-4.4.170-4.22.1.x86_64",
"SUSE Linux Enterprise Server 12 SP3:kernel-azure-base-4.4.170-4.22.1.x86_64",
"SUSE Linux Enterprise Server 12 SP3:kernel-azure-devel-4.4.170-4.22.1.x86_64",
"SUSE Linux Enterprise Server 12 SP3:kernel-devel-azure-4.4.170-4.22.1.noarch",
"SUSE Linux Enterprise Server 12 SP3:kernel-source-azure-4.4.170-4.22.1.noarch",
"SUSE Linux Enterprise Server 12 SP3:kernel-syms-azure-4.4.170-4.22.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-azure-4.4.170-4.22.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-azure-base-4.4.170-4.22.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-azure-devel-4.4.170-4.22.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-devel-azure-4.4.170-4.22.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-source-azure-4.4.170-4.22.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-syms-azure-4.4.170-4.22.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2019-01-23T16:57:46Z",
"details": "low"
}
],
"title": "CVE-2018-19985"
},
{
"cve": "CVE-2018-20169",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2018-20169"
}
],
"notes": [
{
"category": "general",
"text": "An issue was discovered in the Linux kernel before 4.19.9. The USB subsystem mishandles size checks during the reading of an extra descriptor, related to __usb_get_extra_descriptor in drivers/usb/core/usb.c.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Server 12 SP3:kernel-azure-4.4.170-4.22.1.x86_64",
"SUSE Linux Enterprise Server 12 SP3:kernel-azure-base-4.4.170-4.22.1.x86_64",
"SUSE Linux Enterprise Server 12 SP3:kernel-azure-devel-4.4.170-4.22.1.x86_64",
"SUSE Linux Enterprise Server 12 SP3:kernel-devel-azure-4.4.170-4.22.1.noarch",
"SUSE Linux Enterprise Server 12 SP3:kernel-source-azure-4.4.170-4.22.1.noarch",
"SUSE Linux Enterprise Server 12 SP3:kernel-syms-azure-4.4.170-4.22.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-azure-4.4.170-4.22.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-azure-base-4.4.170-4.22.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-azure-devel-4.4.170-4.22.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-devel-azure-4.4.170-4.22.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-source-azure-4.4.170-4.22.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-syms-azure-4.4.170-4.22.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2018-20169",
"url": "https://www.suse.com/security/cve/CVE-2018-20169"
},
{
"category": "external",
"summary": "SUSE Bug 1119714 for CVE-2018-20169",
"url": "https://bugzilla.suse.com/1119714"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Server 12 SP3:kernel-azure-4.4.170-4.22.1.x86_64",
"SUSE Linux Enterprise Server 12 SP3:kernel-azure-base-4.4.170-4.22.1.x86_64",
"SUSE Linux Enterprise Server 12 SP3:kernel-azure-devel-4.4.170-4.22.1.x86_64",
"SUSE Linux Enterprise Server 12 SP3:kernel-devel-azure-4.4.170-4.22.1.noarch",
"SUSE Linux Enterprise Server 12 SP3:kernel-source-azure-4.4.170-4.22.1.noarch",
"SUSE Linux Enterprise Server 12 SP3:kernel-syms-azure-4.4.170-4.22.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-azure-4.4.170-4.22.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-azure-base-4.4.170-4.22.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-azure-devel-4.4.170-4.22.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-devel-azure-4.4.170-4.22.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-source-azure-4.4.170-4.22.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-syms-azure-4.4.170-4.22.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.0/AV:P/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"products": [
"SUSE Linux Enterprise Server 12 SP3:kernel-azure-4.4.170-4.22.1.x86_64",
"SUSE Linux Enterprise Server 12 SP3:kernel-azure-base-4.4.170-4.22.1.x86_64",
"SUSE Linux Enterprise Server 12 SP3:kernel-azure-devel-4.4.170-4.22.1.x86_64",
"SUSE Linux Enterprise Server 12 SP3:kernel-devel-azure-4.4.170-4.22.1.noarch",
"SUSE Linux Enterprise Server 12 SP3:kernel-source-azure-4.4.170-4.22.1.noarch",
"SUSE Linux Enterprise Server 12 SP3:kernel-syms-azure-4.4.170-4.22.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-azure-4.4.170-4.22.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-azure-base-4.4.170-4.22.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-azure-devel-4.4.170-4.22.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-devel-azure-4.4.170-4.22.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-source-azure-4.4.170-4.22.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-syms-azure-4.4.170-4.22.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2019-01-23T16:57:46Z",
"details": "moderate"
}
],
"title": "CVE-2018-20169"
},
{
"cve": "CVE-2018-3639",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2018-3639"
}
],
"notes": [
{
"category": "general",
"text": "Systems with microprocessors utilizing speculative execution and speculative execution of memory reads before the addresses of all prior memory writes are known may allow unauthorized disclosure of information to an attacker with local user access via a side-channel analysis, aka Speculative Store Bypass (SSB), Variant 4.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Server 12 SP3:kernel-azure-4.4.170-4.22.1.x86_64",
"SUSE Linux Enterprise Server 12 SP3:kernel-azure-base-4.4.170-4.22.1.x86_64",
"SUSE Linux Enterprise Server 12 SP3:kernel-azure-devel-4.4.170-4.22.1.x86_64",
"SUSE Linux Enterprise Server 12 SP3:kernel-devel-azure-4.4.170-4.22.1.noarch",
"SUSE Linux Enterprise Server 12 SP3:kernel-source-azure-4.4.170-4.22.1.noarch",
"SUSE Linux Enterprise Server 12 SP3:kernel-syms-azure-4.4.170-4.22.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-azure-4.4.170-4.22.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-azure-base-4.4.170-4.22.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-azure-devel-4.4.170-4.22.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-devel-azure-4.4.170-4.22.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-source-azure-4.4.170-4.22.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-syms-azure-4.4.170-4.22.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2018-3639",
"url": "https://www.suse.com/security/cve/CVE-2018-3639"
},
{
"category": "external",
"summary": "SUSE Bug 1074701 for CVE-2018-3639",
"url": "https://bugzilla.suse.com/1074701"
},
{
"category": "external",
"summary": "SUSE Bug 1085235 for CVE-2018-3639",
"url": "https://bugzilla.suse.com/1085235"
},
{
"category": "external",
"summary": "SUSE Bug 1085308 for CVE-2018-3639",
"url": "https://bugzilla.suse.com/1085308"
},
{
"category": "external",
"summary": "SUSE Bug 1087078 for CVE-2018-3639",
"url": "https://bugzilla.suse.com/1087078"
},
{
"category": "external",
"summary": "SUSE Bug 1087082 for CVE-2018-3639",
"url": "https://bugzilla.suse.com/1087082"
},
{
"category": "external",
"summary": "SUSE Bug 1092631 for CVE-2018-3639",
"url": "https://bugzilla.suse.com/1092631"
},
{
"category": "external",
"summary": "SUSE Bug 1092885 for CVE-2018-3639",
"url": "https://bugzilla.suse.com/1092885"
},
{
"category": "external",
"summary": "SUSE Bug 1094912 for CVE-2018-3639",
"url": "https://bugzilla.suse.com/1094912"
},
{
"category": "external",
"summary": "SUSE Bug 1098813 for CVE-2018-3639",
"url": "https://bugzilla.suse.com/1098813"
},
{
"category": "external",
"summary": "SUSE Bug 1100394 for CVE-2018-3639",
"url": "https://bugzilla.suse.com/1100394"
},
{
"category": "external",
"summary": "SUSE Bug 1102640 for CVE-2018-3639",
"url": "https://bugzilla.suse.com/1102640"
},
{
"category": "external",
"summary": "SUSE Bug 1105412 for CVE-2018-3639",
"url": "https://bugzilla.suse.com/1105412"
},
{
"category": "external",
"summary": "SUSE Bug 1111963 for CVE-2018-3639",
"url": "https://bugzilla.suse.com/1111963"
},
{
"category": "external",
"summary": "SUSE Bug 1172781 for CVE-2018-3639",
"url": "https://bugzilla.suse.com/1172781"
},
{
"category": "external",
"summary": "SUSE Bug 1172782 for CVE-2018-3639",
"url": "https://bugzilla.suse.com/1172782"
},
{
"category": "external",
"summary": "SUSE Bug 1172783 for CVE-2018-3639",
"url": "https://bugzilla.suse.com/1172783"
},
{
"category": "external",
"summary": "SUSE Bug 1173489 for CVE-2018-3639",
"url": "https://bugzilla.suse.com/1173489"
},
{
"category": "external",
"summary": "SUSE Bug 1178658 for CVE-2018-3639",
"url": "https://bugzilla.suse.com/1178658"
},
{
"category": "external",
"summary": "SUSE Bug 1201877 for CVE-2018-3639",
"url": "https://bugzilla.suse.com/1201877"
},
{
"category": "external",
"summary": "SUSE Bug 1215674 for CVE-2018-3639",
"url": "https://bugzilla.suse.com/1215674"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Server 12 SP3:kernel-azure-4.4.170-4.22.1.x86_64",
"SUSE Linux Enterprise Server 12 SP3:kernel-azure-base-4.4.170-4.22.1.x86_64",
"SUSE Linux Enterprise Server 12 SP3:kernel-azure-devel-4.4.170-4.22.1.x86_64",
"SUSE Linux Enterprise Server 12 SP3:kernel-devel-azure-4.4.170-4.22.1.noarch",
"SUSE Linux Enterprise Server 12 SP3:kernel-source-azure-4.4.170-4.22.1.noarch",
"SUSE Linux Enterprise Server 12 SP3:kernel-syms-azure-4.4.170-4.22.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-azure-4.4.170-4.22.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-azure-base-4.4.170-4.22.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-azure-devel-4.4.170-4.22.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-devel-azure-4.4.170-4.22.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-source-azure-4.4.170-4.22.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-syms-azure-4.4.170-4.22.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:C/C:L/I:N/A:N",
"version": "3.0"
},
"products": [
"SUSE Linux Enterprise Server 12 SP3:kernel-azure-4.4.170-4.22.1.x86_64",
"SUSE Linux Enterprise Server 12 SP3:kernel-azure-base-4.4.170-4.22.1.x86_64",
"SUSE Linux Enterprise Server 12 SP3:kernel-azure-devel-4.4.170-4.22.1.x86_64",
"SUSE Linux Enterprise Server 12 SP3:kernel-devel-azure-4.4.170-4.22.1.noarch",
"SUSE Linux Enterprise Server 12 SP3:kernel-source-azure-4.4.170-4.22.1.noarch",
"SUSE Linux Enterprise Server 12 SP3:kernel-syms-azure-4.4.170-4.22.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-azure-4.4.170-4.22.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-azure-base-4.4.170-4.22.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-azure-devel-4.4.170-4.22.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-devel-azure-4.4.170-4.22.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-source-azure-4.4.170-4.22.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-syms-azure-4.4.170-4.22.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2019-01-23T16:57:46Z",
"details": "moderate"
}
],
"title": "CVE-2018-3639"
},
{
"cve": "CVE-2018-9568",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2018-9568"
}
],
"notes": [
{
"category": "general",
"text": "In sk_clone_lock of sock.c, there is a possible memory corruption due to type confusion. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation. Product: Android. Versions: Android kernel. Android ID: A-113509306. References: Upstream kernel.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Server 12 SP3:kernel-azure-4.4.170-4.22.1.x86_64",
"SUSE Linux Enterprise Server 12 SP3:kernel-azure-base-4.4.170-4.22.1.x86_64",
"SUSE Linux Enterprise Server 12 SP3:kernel-azure-devel-4.4.170-4.22.1.x86_64",
"SUSE Linux Enterprise Server 12 SP3:kernel-devel-azure-4.4.170-4.22.1.noarch",
"SUSE Linux Enterprise Server 12 SP3:kernel-source-azure-4.4.170-4.22.1.noarch",
"SUSE Linux Enterprise Server 12 SP3:kernel-syms-azure-4.4.170-4.22.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-azure-4.4.170-4.22.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-azure-base-4.4.170-4.22.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-azure-devel-4.4.170-4.22.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-devel-azure-4.4.170-4.22.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-source-azure-4.4.170-4.22.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-syms-azure-4.4.170-4.22.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2018-9568",
"url": "https://www.suse.com/security/cve/CVE-2018-9568"
},
{
"category": "external",
"summary": "SUSE Bug 1118319 for CVE-2018-9568",
"url": "https://bugzilla.suse.com/1118319"
},
{
"category": "external",
"summary": "SUSE Bug 1118320 for CVE-2018-9568",
"url": "https://bugzilla.suse.com/1118320"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Server 12 SP3:kernel-azure-4.4.170-4.22.1.x86_64",
"SUSE Linux Enterprise Server 12 SP3:kernel-azure-base-4.4.170-4.22.1.x86_64",
"SUSE Linux Enterprise Server 12 SP3:kernel-azure-devel-4.4.170-4.22.1.x86_64",
"SUSE Linux Enterprise Server 12 SP3:kernel-devel-azure-4.4.170-4.22.1.noarch",
"SUSE Linux Enterprise Server 12 SP3:kernel-source-azure-4.4.170-4.22.1.noarch",
"SUSE Linux Enterprise Server 12 SP3:kernel-syms-azure-4.4.170-4.22.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-azure-4.4.170-4.22.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-azure-base-4.4.170-4.22.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-azure-devel-4.4.170-4.22.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-devel-azure-4.4.170-4.22.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-source-azure-4.4.170-4.22.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-syms-azure-4.4.170-4.22.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.4,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.0/AV:L/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"products": [
"SUSE Linux Enterprise Server 12 SP3:kernel-azure-4.4.170-4.22.1.x86_64",
"SUSE Linux Enterprise Server 12 SP3:kernel-azure-base-4.4.170-4.22.1.x86_64",
"SUSE Linux Enterprise Server 12 SP3:kernel-azure-devel-4.4.170-4.22.1.x86_64",
"SUSE Linux Enterprise Server 12 SP3:kernel-devel-azure-4.4.170-4.22.1.noarch",
"SUSE Linux Enterprise Server 12 SP3:kernel-source-azure-4.4.170-4.22.1.noarch",
"SUSE Linux Enterprise Server 12 SP3:kernel-syms-azure-4.4.170-4.22.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-azure-4.4.170-4.22.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-azure-base-4.4.170-4.22.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-azure-devel-4.4.170-4.22.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-devel-azure-4.4.170-4.22.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-source-azure-4.4.170-4.22.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-syms-azure-4.4.170-4.22.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2019-01-23T16:57:46Z",
"details": "moderate"
}
],
"title": "CVE-2018-9568"
}
]
}
SUSE-SU-2019:0150-1
Vulnerability from csaf_suse - Published: 2019-01-23 16:58 - Updated: 2019-01-23 16:58Summary
Security update for the Linux Kernel
Notes
Title of the patch
Security update for the Linux Kernel
Description of the patch
The SUSE Linux Enterprise 15 kernel for Azure was updated to receive various security and bugfixes.
The following security bugs were fixed:
- CVE-2018-9568: In sk_clone_lock of sock.c, there is a possible memory corruption due to type confusion. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation. (bnc#1118319).
- CVE-2018-12232: In net/socket.c there is a race condition between fchownat and close in cases where they target the same socket file descriptor, related to the sock_close and sockfs_setattr functions. fchownat did not increment the file descriptor reference count, which allowed close to set the socket to NULL during fchownat's execution, leading to a NULL pointer dereference and system crash (bnc#1097593).
- CVE-2018-14625: A flaw was found where an attacker may be able to have an uncontrolled read to kernel-memory from within a vm guest. A race condition between connect() and close() function may allow an attacker using the AF_VSOCK protocol to gather a 4 byte information leak or possibly intercept or corrupt AF_VSOCK messages destined to other clients (bnc#1106615).
- CVE-2018-16862: A security flaw was found in the way that the cleancache subsystem clears an inode after the final file truncation (removal). The new file created with the same inode may contain leftover pages from cleancache and the old file data instead of the new one (bnc#1117186).
- CVE-2018-16884: NFS41+ shares mounted in different network namespaces at the same time can make bc_svc_process() use wrong back-channel IDs and cause a use-after-free vulnerability. Thus a malicious container user can cause a host kernel memory corruption and a system panic. Due to the nature of the flaw, privilege escalation cannot be fully ruled out (bnc#1119946).
- CVE-2018-18281: The mremap() syscall performs TLB flushes after dropping pagetable locks. If a syscall such as ftruncate() removes entries from the pagetables of a task that is in the middle of mremap(), a stale TLB entry can remain for a short time that permits access to a physical page after it has been released back to the page allocator and reused. (bnc#1113769).
- CVE-2018-18397: The userfaultfd implementation mishandled access control for certain UFFDIO_ ioctl calls, as demonstrated by allowing local users to write data into holes in a tmpfs file (if the user has read-only access to that file, and that file contains holes), related to fs/userfaultfd.c and mm/userfaultfd.c (bnc#1117656).
- CVE-2018-19407: The vcpu_scan_ioapic function in arch/x86/kvm/x86.c allowed local users to cause a denial of service (NULL pointer dereference and BUG) via crafted system calls that reach a situation where ioapic is uninitialized (bnc#1116841).
- CVE-2018-19824: A local user could exploit a use-after-free in the ALSA driver by supplying a malicious USB Sound device (with zero interfaces) that is mishandled in usb_audio_probe in sound/usb/card.c (bnc#1118152).
- CVE-2018-19854: An issue was discovered in the crypto_report_one() and related functions in crypto/crypto_user.c (the crypto user configuration API) do not fully initialize structures that are copied to userspace, potentially leaking sensitive memory to user programs. NOTE: this is a CVE-2013-2547 regression but with easier exploitability because the attacker did not need a capability (however, the system must have the CONFIG_CRYPTO_USER kconfig option) (bnc#1118428).
- CVE-2018-19985: The function hso_probe read if_num from the USB device (as an u8) and used it without a length check to index an array, resulting in an OOB memory read in hso_probe or hso_get_config_data that could be used by local attackers (bnc#1120743).
- CVE-2018-20169: The USB subsystem mishandled size checks during the reading of an extra descriptor, related to __usb_get_extra_descriptor in drivers/usb/core/usb.c (bnc#1119714).
The following non-security bugs were fixed:
- ACPI/APEI: Handle GSIV and GPIO notification types (bsc#1115567).
- ACPICA: Tables: Add WSMT support (bsc#1089350).
- ACPI / CPPC: Check for valid PCC subspace only if PCC is used (bsc#1117115).
- ACPI / CPPC: Update all pr_(debug/err) messages to log the susbspace id (bsc#1117115).
- ACPI/IORT: Fix iort_get_platform_device_domain() uninitialized pointer value (bsc#1051510).
- ACPI / LPSS: Add alternative ACPI HIDs for Cherry Trail DMA controllers (bsc#1051510).
- ACPI, nfit: Fix ARS overflow continuation (bsc#1116895).
- ACPI/nfit, x86/mce: Handle only uncorrectable machine checks (bsc#1114279).
- ACPI/nfit, x86/mce: Validate a MCE's address before using it (bsc#1114279).
- ACPI / platform: Add SMB0001 HID to forbidden_id_list (bsc#1051510).
- ACPI / watchdog: Prefer iTCO_wdt always when WDAT table uses RTC SRAM (bsc#1051510).
- act_ife: fix a potential use-after-free (networking-stable-18_09_11).
- aio: fix spectre gadget in lookup_ioctx (bsc#1120594).
- ALSA: ac97: Fix incorrect bit shift at AC97-SPSA control write (bsc#1051510).
- ALSA: ca0106: Disable IZD on SB0570 DAC to fix audio pops (bsc#1051510).
- ALSA: control: Fix race between adding and removing a user element (bsc#1051510).
- ALSA: cs46xx: Potential NULL dereference in probe (bsc#1051510).
- ALSA: emu10k1: Fix potential Spectre v1 vulnerabilities (bsc#1051510).
- ALSA: emux: Fix potential Spectre v1 vulnerabilities (bsc#1051510).
- ALSA: fireface: fix for state to fetch PCM frames (bsc#1051510).
- ALSA: fireface: fix reference to wrong register for clock configuration (bsc#1051510).
- ALSA: firewire-lib: fix wrong assignment for 'out_packet_without_header' tracepoint (bsc#1051510).
- ALSA: firewire-lib: fix wrong handling payload_length as payload_quadlet (bsc#1051510).
- ALSA: firewire-lib: use the same print format for 'without_header' tracepoints (bsc#1051510).
- ALSA: hda: Add ASRock N68C-S UCC the power_save blacklist (bsc#1051510).
- ALSA: hda: add mute LED support for HP EliteBook 840 G4 (bsc#1051510).
- ALSA: hda: Add support for AMD Stoney Ridge (bsc#1051510).
- ALSA: hda/ca0132 - Call pci_iounmap() instead of iounmap() (bsc#1051510).
- ALSA: hda/ca0132 - make pci_iounmap() call conditional (bsc#1051510).
- ALSA: hda: fix front speakers on Huawei MBXP (bsc#1051510).
- ALSA: hda/realtek - Add auto-mute quirk for HP Spectre x360 laptop (bsc#1051510).
- ALSA: hda/realtek - Add GPIO data update helper (bsc#1051510).
- ALSA: hda/realtek - Add support for Acer Aspire C24-860 headset mic (bsc#1051510).
- ALSA: hda/realtek - Add unplug function into unplug state of Headset Mode for ALC225 (bsc#1051510).
- ALSA: hda/realtek: ALC286 mic and headset-mode fixups for Acer Aspire U27-880 (bsc#1051510).
- ALSA: hda/realtek: ALC294 mic and headset-mode fixups for ASUS X542UN (bsc#1051510).
- ALSA: hda/realtek - Allow skipping spec->init_amp detection (bsc#1051510).
- ALSA: hda/realtek - Disable headset Mic VREF for headset mode of ALC225 (bsc#1051510).
- ALSA: hda/realtek: Enable audio jacks of ASUS UX391UA with ALC294 (bsc#1051510).
- ALSA: hda/realtek: Enable audio jacks of ASUS UX433FN/UX333FA with ALC294 (bsc#1051510).
- ALSA: hda/realtek: Enable audio jacks of ASUS UX533FD with ALC294 (bsc#1051510).
- ALSA: hda/realtek: Enable the headset mic auto detection for ASUS laptops (bsc#1051510).
- ALSA: hda/realtek - Fixed headphone issue for ALC700 (bsc#1051510).
- ALSA: hda/realtek - fix headset mic detection for MSI MS-B171 (bsc#1051510).
- ALSA: hda/realtek - Fix HP Headset Mic can't record (bsc#1051510).
- ALSA: hda/realtek: Fix mic issue on Acer AIO Veriton Z4660G (bsc#1051510).
- ALSA: hda/realtek: Fix mic issue on Acer AIO Veriton Z4860G/Z6860G (bsc#1051510).
- ALSA: hda/realtek - Fix speaker output regression on Thinkpad T570 (bsc#1051510).
- ALSA: hda/realtek - Fix the mute LED regresion on Lenovo X1 Carbon (bsc#1051510).
- ALSA: hda/realtek - fix the pop noise on headphone for lenovo laptops (bsc#1051510).
- ALSA: hda/realtek - Manage GPIO bits commonly (bsc#1051510).
- ALSA: hda/realtek - Simplify Dell XPS13 GPIO handling (bsc#1051510).
- ALSA: hda/realtek - Support ALC300 (bsc#1051510).
- ALSA: hda/realtek - Support Dell headset mode for New AIO platform (bsc#1051510).
- ALSA: hda/tegra: clear pending irq handlers (bsc#1051510).
- ALSA: oss: Use kvzalloc() for local buffer allocations (bsc#1051510).
- ALSA: pcm: Call snd_pcm_unlink() conditionally at closing (bsc#1051510).
- ALSA: pcm: Fix interval evaluation with openmin/max (bsc#1051510).
- ALSA: pcm: Fix potential Spectre v1 vulnerability (bsc#1051510).
- ALSA: pcm: Fix starvation on down_write_nonblock() (bsc#1051510).
- ALSA: rme9652: Fix potential Spectre v1 vulnerability (bsc#1051510).
- ALSA: sparc: Fix invalid snd_free_pages() at error path (bsc#1051510).
- ALSA: trident: Suppress gcc string warning (bsc#1051510).
- ALSA: usb-audio: Add SMSL D1 to quirks for native DSD support (bsc#1051510).
- ALSA: usb-audio: Add support for Encore mDSD USB DAC (bsc#1051510).
- ALSA: usb-audio: Add vendor and product name for Dell WD19 Dock (bsc#1051510).
- ALSA: usb-audio: Avoid access before bLength check in build_audio_procunit() (bsc#1051510).
- ALSA: usb-audio: Fix an out-of-bound read in create_composite_quirks (bsc#1051510).
- ALSA: wss: Fix invalid snd_free_pages() at error path (bsc#1051510).
- ALSA: x86: Fix runtime PM for hdmi-lpe-audio (bsc#1051510).
- amd/iommu: Fix Guest Virtual APIC Log Tail Address Register (bsc#1106105).
- apparmor: do not try to replace stale label in ptrace access check (git-fixes).
- apparmor: do not try to replace stale label in ptraceme check (git-fixes).
- apparmor: Fix uninitialized value in aa_split_fqname (git-fixes).
- arm64: Add work around for Arm Cortex-A55 Erratum 1024718 (bsc#1120612).
- arm64: atomics: Remove '&' from '+&' asm constraint in lse atomics (bsc#1120613).
- arm64: cpu_errata: include required headers (bsc#1120615).
- arm64: dma-mapping: Fix FORCE_CONTIGUOUS buffer clearing (bsc#1120633).
- arm64: Fix /proc/iomem for reserved but not memory regions (bsc#1120632).
- arm64: KVM: Move CPU ID reg trap setup off the world switch path (bsc#1110998).
- arm64: KVM: Sanitize PSTATE.M when being set from userspace (bsc#1110998).
- arm64: KVM: Tighten guest core register access from userspace (bsc#1110998).
- arm64: lse: Add early clobbers to some input/output asm operands (bsc#1120614).
- arm64: lse: remove -fcall-used-x0 flag (bsc#1120618).
- arm64: mm: always enable CONFIG_HOLES_IN_ZONE (bsc#1120617).
- arm64/numa: Report correct memblock range for the dummy node (bsc#1120620).
- arm64/numa: Unify common error path in numa_init() (bsc#1120621).
- arm64: remove no-op -p linker flag (bsc#1120616).
- arm: dts: at91: add new compatibility string for macb on sama5d3 (bsc#1051510).
- ASoC: dapm: Recalculate audio map forcely when card instantiated (bsc#1051510).
- ASoC: dwc: Added a quirk DW_I2S_QUIRK_16BIT_IDX_OVERRIDE to dwc (bsc#1085535)
- ASoC: Intel: cht_bsw_max98090: add support for Baytrail (bsc#1051510).
- ASoC: intel: cht_bsw_max98090_ti: Add pmc_plt_clk_0 quirk for Chromebook Clapper (bsc#1051510).
- ASoC: intel: cht_bsw_max98090_ti: Add pmc_plt_clk_0 quirk for Chromebook Gnawty (bsc#1051510).
- ASoC: intel: cht_bsw_max98090_ti: Add quirk for boards using pmc_plt_clk_0 (bsc#1051510).
- ASoC: Intel: mrfld: fix uninitialized variable access (bsc#1051510).
- ASoC: omap-abe-twl6040: Fix missing audio card caused by deferred probing (bsc#1051510).
- ASoC: omap-dmic: Add pm_qos handling to avoid overruns with CPU_IDLE (bsc#1051510).
- ASoC: omap-mcbsp: Fix latency value calculation for pm_qos (bsc#1051510).
- ASoC: omap-mcpdm: Add pm_qos handling to avoid under/overruns with CPU_IDLE (bsc#1051510).
- ASoC: rsnd: fixup clock start checker (bsc#1051510).
- ASoC: sun8i-codec: fix crash on module removal (bsc#1051510).
- ASoC: wm_adsp: Fix dma-unsafe read of scratch registers (bsc#1051510).
- ata: Fix racy link clearance (bsc#1107866).
- ataflop: fix error handling during setup (bsc#1051510).
- ath10k: do not assume this is a PCI dev in generic code (bsc#1051510).
- ath10k: schedule hardware restart if WMI command times out (bsc#1051510).
- ath6kl: Only use match sets when firmware supports it (bsc#1051510).
- b43: Fix error in cordic routine (bsc#1051510).
- batman-adv: Expand merged fragment buffer for full packet (bsc#1051510).
- batman-adv: Use explicit tvlv padding for ELP packets (bsc#1051510).
- bcache: fix miss key refill->end in writeback (Git-fixes).
- bcache: trace missed reading by cache_missed (Git-fixes).
- bitops: protect variables in bit_clear_unless() macro (bsc#1051510).
- bitops: protect variables in set_mask_bits() macro (bsc#1051510).
- blk-mq: remove synchronize_rcu() from blk_mq_del_queue_tag_set() (Git-fixes).
- block: allow max_discard_segments to be stacked (Git-fixes).
- block: blk_init_allocated_queue() set q->fq as NULL in the fail case (Git-fixes).
- block: copy ioprio in __bio_clone_fast() (bsc#1082653).
- block: really disable runtime-pm for blk-mq (Git-fixes).
- block: reset bi_iter.bi_done after splitting bio (Git-fixes).
- block: respect virtual boundary mask in bvecs (bsc#1113412).
- block/swim: Fix array bounds check (Git-fixes).
- Bluetooth: btbcm: Add entry for BCM4335C0 UART bluetooth (bsc#1051510).
- Bluetooth: SMP: fix crash in unpairing (bsc#1051510).
- bnxt_en: do not try to offload VLAN 'modify' action (bsc#1050242 ).
- bnxt_en: Fix enables field in HWRM_QUEUE_COS2BW_CFG request (bsc#1086282).
- bnxt_en: Fix TX timeout during netpoll (networking-stable-18_10_16).
- bnxt_en: Fix VNIC reservations on the PF (bsc#1086282 ).
- bnxt_en: free hwrm resources, if driver probe fails (networking-stable-18_10_16).
- bnxt_en: get the reduced max_irqs by the ones used by RDMA (bsc#1050242).
- bonding: avoid possible dead-lock (networking-stable-18_10_16).
- bonding: fix length of actor system (networking-stable-18_11_02).
- bonding: fix warning message (networking-stable-18_10_16).
- bonding: pass link-local packets to bonding master also (networking-stable-18_10_16).
- bpf: fix check of allowed specifiers in bpf_trace_printk (bsc#1083647).
- bpf: fix partial copy of map_ptr when dst is scalar (bsc#1083647).
- bpf, net: add skb_mac_header_len helper (networking-stable-18_09_24).
- bpf: use per htab salt for bucket hash (git-fixes).
- bpf: wait for running BPF programs when updating map-in-map (bsc#1083647).
- brcmfmac: fix for proper support of 160MHz bandwidth (bsc#1051510).
- brcmfmac: fix reporting support for 160 MHz channels (bsc#1051510).
- brcmutil: really fix decoding channel info for 160 MHz bandwidth (bsc#1051510).
- bridge: do not add port to router list when receives query with source 0.0.0.0 (networking-stable-18_11_02).
- Btrfs: Always try all copies when reading extent buffers (git-fixes).
- Btrfs: delete dead code in btrfs_orphan_add() (bsc#1111469).
- Btrfs: delete dead code in btrfs_orphan_commit_root() (bsc#1111469).
- Btrfs: do not BUG_ON() in btrfs_truncate_inode_items() (bsc#1111469).
- Btrfs: do not check inode's runtime flags under root->orphan_lock (bsc#1111469).
- Btrfs: do not return ino to ino cache if inode item removal fails (bsc#1111469).
- Btrfs: fix assertion failure during fsync in no-holes mode (bsc#1118136).
- Btrfs: fix assertion on fsync of regular file when using no-holes feature (bsc#1118137).
- Btrfs: fix cur_offset in the error case for nocow (bsc#1118140).
- Btrfs: fix data corruption due to cloning of eof block (bsc#1116878).
- Btrfs: fix deadlock on tree root leaf when finding free extent (bsc#1116876).
- Btrfs: fix deadlock when writing out free space caches (bsc#1116700).
- Btrfs: fix ENOSPC caused by orphan items reservations (bsc#1111469).
- Btrfs: Fix error handling in btrfs_cleanup_ordered_extents (git-fixes).
- Btrfs: fix error handling in btrfs_truncate() (bsc#1111469).
- Btrfs: fix error handling in btrfs_truncate_inode_items() (bsc#1111469).
- Btrfs: fix fsync of files with multiple hard links in new directories (1120173).
- Btrfs: fix infinite loop on inode eviction after deduplication of eof block (bsc#1116877).
- Btrfs: Fix memory barriers usage with device stats counters (git-fixes).
- Btrfs: fix null pointer dereference on compressed write path error (bsc#1116698).
- Btrfs: fix use-after-free during inode eviction (bsc#1116701).
- Btrfs: fix use-after-free on root->orphan_block_rsv (bsc#1111469).
- Btrfs: fix use-after-free when dumping free space (bsc#1116862).
- Btrfs: fix warning when replaying log after fsync of a tmpfile (bsc#1116692).
- Btrfs: fix wrong dentries after fsync of file that got its parent replaced (bsc#1116693).
- Btrfs: get rid of BTRFS_INODE_HAS_ORPHAN_ITEM (bsc#1111469).
- Btrfs: get rid of unused orphan infrastructure (bsc#1111469).
- Btrfs: make sure we create all new block groups (bsc#1116699).
- Btrfs: move btrfs_truncate_block out of trans handle (bsc#1111469).
- Btrfs: protect space cache inode alloc with GFP_NOFS (bsc#1116863).
- Btrfs: qgroup: Dirty all qgroups before rescan (bsc#1120036).
- Btrfs: refactor btrfs_evict_inode() reserve refill dance (bsc#1111469).
- Btrfs: renumber BTRFS_INODE_ runtime flags and switch to enums (bsc#1111469).
- Btrfs: reserve space for O_TMPFILE orphan item deletion (bsc#1111469).
- Btrfs: run delayed items before dropping the snapshot (bsc#1121263, bsc#1111188).
- Btrfs: send, fix infinite loop due to directory rename dependencies (bsc#1118138).
- Btrfs: stop creating orphan items for truncate (bsc#1111469).
- Btrfs: tree-checker: Do not check max block group size as current max chunk size limit is unreliable (fixes for bsc#1102882, bsc#1102896, bsc#1102879, bsc#1102877, bsc#1102875).
- Btrfs: update stale comments referencing vmtruncate() (bsc#1111469).
- cachefiles: fix the race between cachefiles_bury_object() and rmdir(2) (bsc#1051510).
- can: dev: __can_get_echo_skb(): Do not crash the kernel if can_priv::echo_skb is accessed out of bounds (bsc#1051510).
- can: dev: can_get_echo_skb(): factor out non sending code to __can_get_echo_skb() (bsc#1051510).
- can: dev: __can_get_echo_skb(): print error message, if trying to echo non existing skb (bsc#1051510).
- can: dev: __can_get_echo_skb(): replace struct can_frame by canfd_frame to access frame length (bsc#1051510).
- can: flexcan: flexcan_irq(): fix indention (bsc#1051510).
- can: hi311x: Use level-triggered interrupt (bsc#1051510).
- can: raw: check for CAN FD capable netdev in raw_sendmsg() (bsc#1051510).
- can: rcar_can: Fix erroneous registration (bsc#1051510).
- can: rx-offload: introduce can_rx_offload_get_echo_skb() and can_rx_offload_queue_sorted() functions (bsc#1051510).
- cdc-acm: correct counting of UART states in serial state notification (bsc#1051510).
- cdc-acm: do not reset notification buffer index upon urb unlinking (bsc#1051510).
- cdrom: do not attempt to fiddle with cdo->capability (bsc#1051510).
- ceph: do not update importing cap's mseq when handing cap export (bsc#1121273).
- ceph: fix dentry leak in ceph_readdir_prepopulate (bsc#1114839).
- ceph: quota: fix null pointer dereference in quota check (bsc#1114839).
- cfg80211: Address some corner cases in scan result channel updating (bsc#1051510).
- cfg80211: fix use-after-free in reg_process_hint() (bsc#1051510).
- char_dev: extend dynamic allocation of majors into a higher range (bsc#1121058).
- char_dev: Fix off-by-one bugs in find_dynamic_major() (bsc#1121058).
- clk: at91: Fix division by zero in PLL recalc_rate() (bsc#1051510).
- clk: fixed-factor: fix of_node_get-put imbalance (bsc#1051510).
- clk: fixed-rate: fix of_node_get-put imbalance (bsc#1051510).
- clk: mmp2: fix the clock id for sdh2_clk and sdh3_clk (bsc#1051510).
- clk: mmp: Off by one in mmp_clk_add() (bsc#1051510).
- clk: mvebu: Off by one bugs in cp110_of_clk_get() (bsc#1051510).
- clk: rockchip: Fix static checker warning in rockchip_ddrclk_get_parent call (bsc#1051510).
- clk: s2mps11: Add used attribute to s2mps11_dt_match (bsc#1051510).
- clk: s2mps11: Fix matching when built as module and DT node contains compatible (bsc#1051510).
- clk: samsung: exynos5420: Enable PERIS clocks for suspend (bsc#1051510).
- clockevents/drivers/i8253: Add support for PIT shutdown quirk (bsc#1051510).
- compiler-gcc.h: Add __attribute__((gnu_inline)) to all inline declarations (git-fixes).
- config: arm64: enable erratum 1024718
- configfs: replace strncpy with memcpy (bsc#1051510).
- cpufeature: avoid warning when compiling with clang (Git-fixes).
- cpufreq / CPPC: Add cpuinfo_cur_freq support for CPPC (bsc#1117115).
- cpufreq: CPPC: fix build in absence of v3 support (bsc#1117115).
- cpupower: remove stringop-truncation waring (git-fixes).
- crypto: bcm - fix normal/non key hash algorithm failure (bsc#1051510).
- crypto: ccp - Add DOWNLOAD_FIRMWARE SEV command ().
- crypto: ccp - Add GET_ID SEV command ().
- crypto: ccp - Add psp enabled message when initialization succeeds ().
- crypto: ccp - Add support for new CCP/PSP device ID ().
- crypto: ccp - Allow SEV firmware to be chosen based on Family and Model ().
- crypto: ccp - Fix static checker warning ().
- crypto: ccp - Remove unused #defines ().
- crypto: ccp - Support register differences between PSP devices ().
- crypto: simd - correctly take reqsize of wrapped skcipher into account (bsc#1051510).
- dasd: fix deadlock in dasd_times_out (bsc#1121477, LTC#174111).
- dax: Check page->mapping isn't NULL (bsc#1120054).
- dax: Do not access a freed inode (bsc#1120055).
- device property: Define type of PROPERTY_ENRTY_*() macros (bsc#1051510).
- device property: fix fwnode_graph_get_next_endpoint() documentation (bsc#1051510).
- disable stringop truncation warnings for now (git-fixes).
- dm: allocate struct mapped_device with kvzalloc (Git-fixes).
- dm cache: destroy migration_cache if cache target registration failed (Git-fixes).
- dm cache: fix resize crash if user does not reload cache table (Git-fixes).
- dm cache metadata: ignore hints array being too small during resize (Git-fixes).
- dm cache metadata: save in-core policy_hint_size to on-disk superblock (Git-fixes).
- dm cache metadata: set dirty on all cache blocks after a crash (Git-fixes).
- dm cache: only allow a single io_mode cache feature to be requested (Git-fixes).
- dm crypt: do not decrease device limits (Git-fixes).
- dm: fix report zone remapping to account for partition offset (Git-fixes).
- dm integrity: change 'suspending' variable from bool to int (Git-fixes).
- dm ioctl: harden copy_params()'s copy_from_user() from malicious users (Git-fixes).
- dm linear: eliminate linear_end_io call if CONFIG_DM_ZONED disabled (Git-fixes).
- dm linear: fix linear_end_io conditional definition (Git-fixes).
- dm thin: handle running out of data space vs concurrent discard (Git-fixes).
- dm thin metadata: remove needless work from __commit_transaction (Git-fixes).
- dm thin: stop no_space_timeout worker when switching to write-mode (Git-fixes).
- dm writecache: fix a crash due to reading past end of dirty_bitmap (Git-fixes).
- dm writecache: report start_sector in status line (Git-fixes).
- dm zoned: fix metadata block ref counting (Git-fixes).
- dm zoned: fix various dmz_get_mblock() issues (Git-fixes).
- doc/README.SUSE: correct GIT url No more gitorious, github we use.
- Documentation/l1tf: Fix typos (bsc#1051510).
- Documentation/l1tf: Remove Yonah processors from not vulnerable list (bsc#1051510).
- driver/dma/ioat: Call del_timer_sync() without holding prep_lock (bsc#1051510).
- drivers/net/usb: add device id for TP-LINK UE300 USB 3.0 Ethernet (bsc#1119749).
- drivers/net/usb/r8152: remove the unneeded variable 'ret' in rtl8152_system_suspend (bsc#1119749).
- drivers/tty: add missing of_node_put() (bsc#1051510).
- drm/amdgpu: add missing CHIP_HAINAN in amdgpu_ucode_get_load_type (bsc#1051510).
- drm/amdgpu/gmc8: update MC firmware for polaris (bsc#1113722)
- drm/amdgpu: update mc firmware image for polaris12 variants (bsc#1113722)
- drm/amdgpu: update SMC firmware image for polaris10 variants (bsc#1113722)
- drm/ast: change resolution may cause screen blurred (boo#1112963).
- drm/ast: fixed cursor may disappear sometimes (bsc#1051510).
- drm/ast: Fix incorrect free on ioregs (bsc#1051510).
- drm/ast: Remove existing framebuffers before loading driver (boo#1112963)
- drm/dp_mst: Check if primary mstb is null (bsc#1051510).
- drm/dp_mst: Skip validating ports during destruction, just ref (bsc#1051510).
- drm/edid: Add 6 bpc quirk for BOE panel (bsc#1051510).
- drm/edid: Add 6 bpc quirk for BOE panel in HP Pavilion 15-n233sl (bsc#1113722)
- drm/fb-helper: Ignore the value of fb_var_screeninfo.pixclock (bsc#1113722)
- drm: fb-helper: Reject all pixel format changing requests (bsc#1113722)
- drm/i915: Do not oops during modeset shutdown after lpe audio deinit (bsc#1051510).
- drm/i915: Do not unset intel_connector->mst_port (bsc#1051510).
- drm/i915/execlists: Apply a full mb before execution for Braswell (bsc#1113722)
- drm/i915/execlists: Force write serialisation into context image vs execution (bsc#1051510).
- drm/i915: Fix ilk+ watermarks when disabling pipes (bsc#1051510).
- drm/i915/glk: Remove 99% limitation (bsc#1051510).
- drm/i915/hdmi: Add HDMI 2.0 audio clock recovery N values (bsc#1051510).
- drm/i915: Large page offsets for pread/pwrite (bsc#1051510).
- drm/i915: Mark pin flags as u64 (bsc#1051510).
- drm/i915: Skip vcpi allocation for MSTB ports that are gone (bsc#1051510).
- drm/i915: Write GPU relocs harder with gen3 (bsc#1051510).
- drm/ioctl: Fix Spectre v1 vulnerabilities (bsc#1113722)
- drm/meson: add support for 1080p25 mode (bsc#1051510).
- drm/meson: Enable fast_io in meson_dw_hdmi_regmap_config (bsc#1051510).
- drm/meson: Fix OOB memory accesses in meson_viu_set_osd_lut() (bsc#1051510).
- drm/nouveau: Check backlight IDs are >= 0, not > 0 (bsc#1051510).
- drm/nouveau/kms: Fix memory leak in nv50_mstm_del() (bsc#1113722)
- drm/omap: fix memory barrier bug in DMM driver (bsc#1051510).
- drm: rcar-du: Fix external clock error checks (bsc#1113722)
- drm: rcar-du: Fix vblank initialization (bsc#1113722)
- drm/rockchip: Allow driver to be shutdown on reboot/kexec (bsc#1051510).
- drm/rockchip: psr: do not dereference encoder before it is null (bsc#1113722)
- drm: set is_master to 0 upon drm_new_set_master() failure (bsc#1113722)
- drm/vc4: Set ->is_yuv to false when num_planes == 1 (bsc#1113722)
- drm/vc4: ->x_scaling[1] should never be set to VC4_SCALING_NONE (bsc#1113722)
- dt-bindings: add compatible string for Allwinner V3s SoC (git-fixes).
- dt-bindings: arm: Document SoC compatible value for Armadillo-800 EVA (git-fixes).
- dt-bindings: clock: add rk3399 DDR3 standard speed bins (git-fixes).
- dt-bindings: clock: mediatek: add binding for fixed-factor clock axisel_d4 (git-fixes).
- dt-bindings: iio: update STM32 timers clock names (git-fixes).
- dt-bindings: mfd: axp20x: Add AXP806 to supported list of chips (git-fixes).
- dt-bindings: net: Remove duplicate NSP Ethernet MAC binding document (git-fixes).
- dt-bindings: panel: lvds: Fix path to display timing bindings (git-fixes).
- dt-bindings: phy: sun4i-usb-phy: Add property descriptions for H3 (git-fixes).
- dt-bindings: pwm: renesas: tpu: Fix 'compatible' prop description (git-fixes).
- dt-bindings: pwm: Update STM32 timers clock names (git-fixes).
- dt-bindings: rcar-dmac: Document missing error interrupt (git-fixes).
- EDAC, {i7core,sb,skx}_edac: Fix uncorrected error counting (bsc#1114279).
- EDAC, skx_edac: Fix logical channel intermediate decoding (bsc#1114279).
- efi: Move some sysfs files to be read-only by root (bsc#1051510).
- ethernet: fman: fix wrong of_node_put() in probe function (bsc#1119017).
- exportfs: fix 'passing zero to ERR_PTR()' warning (bsc#1118773).
- ext2: fix potential use after free (bsc#1118775).
- ext4: add missing brelse() add_new_gdb_meta_bg()'s error path (bsc#1117795).
- ext4: add missing brelse() in set_flexbg_block_bitmap()'s error path (bsc#1117794).
- ext4: add missing brelse() update_backups()'s error path (bsc#1117796).
- ext4: avoid buffer leak in ext4_orphan_add() after prior errors (bsc#1117802).
- ext4: avoid buffer leak on shutdown in ext4_mark_iloc_dirty() (bsc#1117801).
- ext4: avoid possible double brelse() in add_new_gdb() on error path (bsc#1118760).
- ext4: avoid potential extra brelse in setup_new_flex_group_blocks() (bsc#1117792).
- ext4: fix buffer leak in __ext4_read_dirblock() on error path (bsc#1117807).
- ext4: fix buffer leak in ext4_xattr_move_to_block() on error path (bsc#1117806).
- ext4: fix EXT4_IOC_GROUP_ADD ioctl (bsc#1120604).
- ext4: fix missing cleanup if ext4_alloc_flex_bg_array() fails while resizing (bsc#1117798).
- ext4: fix possible inode leak in the retry loop of ext4_resize_fs() (bsc#1117799).
- ext4: fix possible leak of sbi->s_group_desc_leak in error path (bsc#1117803).
- ext4: fix possible leak of s_journal_flag_rwsem in error path (bsc#1117804).
- ext4: fix possible use after free in ext4_quota_enable (bsc#1120602).
- ext4: fix setattr project check in fssetxattr ioctl (bsc#1117789).
- ext4: fix use-after-free race in ext4_remount()'s error path (bsc#1117791).
- ext4: initialize retries variable in ext4_da_write_inline_data_begin() (bsc#1117788).
- ext4: missing unlock/put_page() in ext4_try_to_write_inline_data() (bsc#1120603).
- ext4: propagate error from dquot_initialize() in EXT4_IOC_FSSETXATTR (bsc#1117790).
- ext4: release bs.bh before re-using in ext4_xattr_block_find() (bsc#1117805).
- extable: Consolidate *kernel_text_address() functions (bsc#1120092).
- extable: Enable RCU if it is not watching in kernel_text_address() (bsc#1120092).
- fbdev: fbcon: Fix unregister crash when more than one framebuffer (bsc#1113722)
- fbdev: fbmem: behave better with small rotated displays and many CPUs (bsc#1113722)
- fbdev: fix broken menu dependencies (bsc#1113722)
- firmware: add firmware_request_nowarn() - load firmware without warnings ().
- firmware: dcdbas: Add support for WSMT ACPI table (bsc#1089350 ).
- firmware: dcdbas: include linux/io.h (bsc#1089350).
- Fix kABI for 'Ensure we commit after writeback is complete' (bsc#1111809).
- Fix the breakage of KMP build on x86_64 (bsc#1121017) The backport of the commit 4cd24de3a098 broke KMP builds because of the failure of make kernelrelease call in spec file. Clear the blacklist and backport the fix from the upstream.
- Fix tracing sample code warning (git-fixes).
- floppy: fix race condition in __floppy_read_block_0() (bsc#1051510).
- flow_dissector: do not dissect l4 ports for fragments (networking-stable-18_11_21).
- fscache: fix race between enablement and dropping of object (bsc#1107385).
- fscache: Fix race in fscache_op_complete() due to split atomic_sub & read (Git-fixes).
- fscache: Pass the correct cancelled indications to fscache_op_complete() (Git-fixes).
- fs: fix lost error code in dio_complete (bsc#1118762).
- fs: Make extension of struct super_block transparent (bsc#1117822).
- fsnotify: Fix busy inodes during unmount (bsc#1117822).
- fsnotify: fix ignore mask logic in fsnotify() (bsc#1115074).
- fs/xfs: Use %pS printk format for direct addresses (git-fixes).
- ftrace: Fix debug preempt config name in stack_tracer_{en,dis}able (bsc#1117172).
- ftrace: Fix kmemleak in unregister_ftrace_graph (bsc#1117181).
- ftrace: Fix memleak when unregistering dynamic ops when tracing disabled (bsc#1117174).
- ftrace: Remove incorrect setting of glob search field (bsc#1117184).
- fuse: fix blocked_waitq wakeup (git-fixes).
- fuse: fix leaked notify reply (git-fixes).
- fuse: fix possibly missed wake-up after abort (git-fixes).
- fuse: Fix use-after-free in fuse_dev_do_read() (git-fixes).
- fuse: Fix use-after-free in fuse_dev_do_write() (git-fixes).
- fuse: fix use-after-free in fuse_direct_IO() (git-fixes).
- fuse: set FR_SENT while locked (git-fixes).
- gcc-plugins: Add include required by GCC release 8 (git-fixes).
- gcc-plugins: Use dynamic initializers (git-fixes).
- genirq: Fix race on spurious interrupt detection (bsc#1051510).
- gfs2: Do not leave s_fs_info pointing to freed memory in init_sbd (bsc#1118769).
- gfs2: Fix loop in gfs2_rbm_find (bsc#1120601).
- gfs2: Get rid of potential double-freeing in gfs2_create_inode (bsc#1120600).
- gfs2_meta: ->mount() can get NULL dev_name (bsc#1118768).
- gfs2: Put bitmap buffers in put_super (bsc#1118772).
- git_sort.py: Remove non-existent remote tj/libata
- gpio: davinci: Remove unused member of davinci_gpio_controller (git-fixes).
- gpio: do not free unallocated ida on gpiochip_add_data_with_key() error path (bsc#1051510).
- gpiolib-acpi: Only defer request_irq for GpioInt ACPI event handlers (bsc#1051510).
- gpiolib: Fix return value of gpio_to_desc() stub if !GPIOLIB (bsc#1051510).
- gpio: max7301: fix driver for use with CONFIG_VMAP_STACK (bsc#1051510).
- gpio: mvebu: only fail on missing clk if pwm is actually to be used (bsc#1051510).
- grace: replace BUG_ON by WARN_ONCE in exit_net hook (git-fixes).
- gso_segment: Reset skb->mac_len after modifying network header (networking-stable-18_09_24).
- HID: Add quirk for Primax PIXART OEM mice (bsc#1119410).
- HID: hiddev: fix potential Spectre v1 (bsc#1051510).
- HID: input: Ignore battery reported by Symbol DS4308 (bsc#1051510).
- HID: multitouch: Add pointstick support for Cirque Touchpad (bsc#1051510).
- HID: uhid: forbid UHID_CREATE under KERNEL_DS or elevated privileges (bsc#1051510).
- hv_netvsc: ignore devices that are not PCI (networking-stable-18_09_11).
- hwmon: (core) Fix double-free in __hwmon_device_register() (bsc#1051510).
- hwmon: (ibmpowernv) Remove bogus __init annotations (bsc#1051510).
- hwmon: (ina2xx) Fix current value calculation (bsc#1051510).
- hwmon (ina2xx) Fix NULL id pointer in probe() (bsc#1051510).
- hwmon: (nct6775) Fix potential Spectre v1 (bsc#1051510).
- hwmon: (pmbus) Fix page count auto-detection (bsc#1051510).
- hwmon: (pwm-fan) Set fan speed to 0 on suspend (bsc#1051510).
- hwmon: (raspberrypi) Fix initial notify (bsc#1051510).
- hwmon: (w83795) temp4_type has writable permission (bsc#1051510).
- hwpoison, memory_hotplug: allow hwpoisoned pages to be offlined (bnc#1116336).
- i2c: axxia: properly handle master timeout (bsc#1051510).
- i2c: scmi: Fix probe error on devices with an empty SMB0001 ACPI device node (bsc#1051510).
- IB/hfi1: Add mtu check for operational data VLs (bsc#1060463 ).
- ibmvnic: Convert reset work item mutex to spin lock ().
- ibmvnic: fix accelerated VLAN handling ().
- ibmvnic: fix index in release_rx_pools (bsc#1115440, bsc#1115433).
- ibmvnic: Fix non-atomic memory allocation in IRQ context ().
- ibmvnic: remove ndo_poll_controller ().
- ibmvnic: Update driver queues after change in ring size support ().
- IB/rxe: support for 802.1q VLAN on the listener (bsc#1082387).
- ieee802154: 6lowpan: set IFLA_LINK (bsc#1051510).
- ieee802154: at86rf230: switch from BUG_ON() to WARN_ON() on problem (bsc#1051510).
- ieee802154: at86rf230: use __func__ macro for debug messages (bsc#1051510).
- ieee802154: fakelb: switch from BUG_ON() to WARN_ON() on problem (bsc#1051510).
- iio: accel: adxl345: convert address field usage in iio_chan_spec (bsc#1051510).
- iio: ad5064: Fix regulator handling (bsc#1051510).
- iio:st_magn: Fix enable device after trigger (bsc#1051510).
- ima: fix showing large 'violations' or 'runtime_measurements_count' (bsc#1051510).
- include/linux/pfn_t.h: force '~' to be parsed as an unary operator (bsc#1051510).
- Include modules.fips in kernel-binary as well as kernel-binary-base ().
- inet: make sure to grab rcu_read_lock before using ireq->ireq_opt (networking-stable-18_10_16).
- initramfs: fix initramfs rebuilds w/ compression after disabling (git-fixes).
- Input: add official Raspberry Pi's touchscreen driver ().
- Input: cros_ec_keyb - fix button/switch capability reports (bsc#1051510).
- Input: elan_i2c - add ACPI ID for Lenovo IdeaPad 330-15ARR (bsc#1051510).
- Input: elan_i2c - add ACPI ID for Lenovo IdeaPad 330-15IGM (bsc#1051510).
- Input: elan_i2c - add ELAN0620 to the ACPI table (bsc#1051510).
- Input: elan_i2c - add support for ELAN0621 touchpad (bsc#1051510).
- Input: hyper-v - fix wakeup from suspend-to-idle (bsc#1051510).
- Input: matrix_keypad - check for errors from of_get_named_gpio() (bsc#1051510).
- Input: nomadik-ske-keypad - fix a loop timeout test (bsc#1051510).
- Input: omap-keypad - fix keyboard debounce configuration (bsc#1051510).
- Input: synaptics - add PNP ID for ThinkPad P50 to SMBus (bsc#1051510).
- Input: synaptics - avoid using uninitialized variable when probing (bsc#1051510).
- Input: synaptics - enable SMBus for HP 15-ay000 (bsc#1051510).
- Input: xpad - add PDP device id 0x02a4 (bsc#1051510).
- Input: xpad - add support for Xbox1 PDP Camo series gamepad (bsc#1051510).
- Input: xpad - avoid using __set_bit() for capabilities (bsc#1051510).
- Input: xpad - fix some coding style issues (bsc#1051510).
- Input: xpad - quirk all PDP Xbox One gamepads (bsc#1051510).
- integrity/security: fix digsig.c build error with header file (bsc#1051510).
- intel_th: msu: Fix an off-by-one in attribute store (bsc#1051510).
- iommu/amd: Fix amd_iommu=force_isolation (bsc#1106105).
- iommu/arm-smmu: Ensure that page-table updates are visible before TLBI (bsc#1106237).
- iommu/ipmmu-vmsa: Fix crash on early domain free (bsc#1106105).
- iommu/vt-d: Fix NULL pointer dereference in prq_event_thread() (bsc#1106105).
- iommu/vt-d: Handle domain agaw being less than iommu agaw (bsc#1106105).
- iommu/vt-d: Use memunmap to free memremap (bsc#1106105).
- ip6_tunnel: be careful when accessing the inner header (networking-stable-18_10_16).
- ip6_tunnel: Fix encapsulation layout (networking-stable-18_11_02).
- ip6_vti: fix a null pointer deference when destroy vti6 tunnel (networking-stable-18_09_11).
- ipmi: Fix timer race with module unload (bsc#1051510).
- ip_tunnel: be careful when accessing the inner header (networking-stable-18_10_16).
- ip_tunnel: do not force DF when MTU is locked (networking-stable-18_11_21).
- ipv4: lock mtu in fnhe when received PMTU < net.ipv4.route.min_pmtu (networking-stable-18_11_21).
- ipv4: tcp: send zero IPID for RST and ACK sent in SYN-RECV and TIME-WAIT state (networking-stable-18_09_11).
- ipv6: Fix PMTU updates for UDP/raw sockets in presence of VRF (networking-stable-18_11_21).
- ipv6: fix possible use-after-free in ip6_xmit() (networking-stable-18_09_24).
- ipv6: mcast: fix a use-after-free in inet6_mc_check (networking-stable-18_11_02).
- ipv6/ndisc: Preserve IPv6 control buffer if protocol error handlers are called (networking-stable-18_11_02).
- ipv6: take rcu lock in rawv6_send_hdrinc() (networking-stable-18_10_16).
- iwlwifi: add new cards for 9560, 9462, 9461 and killer series (bsc#1051510).
- iwlwifi: dbg: allow wrt collection before ALIVE (bsc#1051510).
- iwlwifi: do not WARN on trying to dump dead firmware (bsc#1051510).
- iwlwifi: fix LED command capability bit (bsc#1119086).
- iwlwifi: fix non_shared_ant for 22000 devices (bsc#1119086).
- iwlwifi: fix wrong WGDS_WIFI_DATA_SIZE (bsc#1119086).
- iwlwifi: mvm: check for short GI only for OFDM (bsc#1051510).
- iwlwifi: mvm: check return value of rs_rate_from_ucode_rate() (bsc#1051510).
- iwlwifi: mvm: do not send GEO_TX_POWER_LIMIT to old firmwares (bsc#1119086).
- iwlwifi: mvm: do not use SAR Geo if basic SAR is not used (bsc#1051510).
- iwlwifi: mvm: fix BAR seq ctrl reporting (bsc#1051510).
- iwlwifi: mvm: fix regulatory domain update when the firmware starts (bsc#1051510).
- iwlwifi: mvm: support sta_statistics() even on older firmware (bsc#1051510).
- iwlwifi: nvm: get num of hw addresses from firmware (bsc#1119086).
- iwlwifi: pcie: avoid empty free RB queue (bsc#1051510).
- iwlwifi: pcie: do not reset TXQ write pointer (bsc#1051510).
- jffs2: free jffs2_sb_info through jffs2_kill_sb() (bsc#1118767).
- jump_label: Split out code under the hotplug lock (bsc#1106913).
- kabi fix for 'NFSv4.1: Fix up replays of interrupted requests' (git-fixes).
- kabi: hwpoison, memory_hotplug: allow hwpoisoned pages to be offlined (bnc#1116336).
- kabi: mask raw in struct bpf_reg_state (bsc#1083647).
- kabi: powerpc: Revert npu callback signature change (bsc#1055120).
- kabi protect hnae_ae_ops (bsc#1104353).
- kabi: protect struct fib_nh_exception (kabi).
- kabi: protect struct rtable (kabi).
- kbuild: allow to use GCC toolchain not in Clang search path (git-fixes).
- kbuild: fix kernel/bounds.c 'W=1' warning (bsc#1051510).
- kbuild: fix linker feature test macros when cross compiling with Clang (git-fixes).
- kbuild: make missing $DEPMOD a Warning instead of an Error (git-fixes).
- kbuild: move '_all' target out of $(KBUILD_SRC) conditional (bsc#1114279).
- kbuild: rpm-pkg: keep spec file until make mrproper (git-fixes).
- Kbuild: suppress packed-not-aligned warning for default setting only (git-fixes).
- kbuild: verify that $DEPMOD is installed (git-fixes).
- kdb: use memmove instead of overlapping memcpy (bsc#1120954).
- kernfs: Replace strncpy with memcpy (bsc#1120053).
- keys: Fix the use of the C++ keyword 'private' in uapi/linux/keyctl.h (Git-fixes).
- kgdboc: Passing ekgdboc to command line causes panic (bsc#1051510).
- kobject: Replace strncpy with memcpy (git-fixes).
- kprobes: Make list and blacklist root user read only (git-fixes).
- KVM: arm/arm64: Introduce vcpu_el1_is_32bit (bsc#1110998).
- KVM: nVMX: Always reflect #NM VM-exits to L1 (bsc#1106240).
- KVM: nVMX: move check_vmentry_postreqs() call to nested_vmx_enter_non_root_mode() (bsc#1106240).
- KVM: PPC: Book3S PR: Enable use on POWER9 inside HPT-mode guests (bsc#1118484).
- KVM: s390: vsie: copy wrapping keys to right place (git-fixes).
- KVM: svm: Ensure an IBPB on all affected CPUs when freeing a vmcb (bsc#1114279).
- KVM: VMX: re-add ple_gap module parameter (bsc#1106240).
- KVM: x86: Fix kernel info-leak in KVM_HC_CLOCK_PAIRING hypercall (bsc#1106240).
- libata: whitelist all SAMSUNG MZ7KM* solid-state disks (bsc#1051510).
- libceph: bump CEPH_MSG_MAX_DATA_LEN (bsc#1114839).
- libceph: fall back to sendmsg for slab pages (bsc#1118316).
- libertas: do not set URB_ZERO_PACKET on IN USB transfer (bsc#1051510).
- libertas_tf: prevent underflow in process_cmdrequest() (bsc#1119086).
- libnvdimm: Hold reference on parent while scheduling async init (bsc#1116891).
- libnvdimm, pfn: Pad pfn namespaces relative to other regions (bsc#1118962).
- libnvdimm, region: Fail badblocks listing for inactive regions (bsc#1116899).
- lib/raid6: Fix arm64 test build (bsc#1051510).
- lib/ubsan.c: do not mark __ubsan_handle_builtin_unreachable as noreturn (bsc#1051510).
- Limit max FW API version for QCA9377 (bsc#1121714, bsc#1121715).
- linux/bitmap.h: fix type of nbits in bitmap_shift_right() (bsc#1051510).
- llc: set SOCK_RCU_FREE in llc_sap_add_socket() (networking-stable-18_11_02).
- locking/barriers: Convert users of lockless_dereference() to READ_ONCE() (Git-fixes).
- locking/static_keys: Improve uninitialized key warning (bsc#1106913).
- mac80211: Always report TX status (bsc#1051510).
- mac80211: Clear beacon_int in ieee80211_do_stop (bsc#1051510).
- mac80211: fix reordering of buffered broadcast packets (bsc#1051510).
- mac80211: fix TX status reporting for ieee80211s (bsc#1051510).
- mac80211_hwsim: do not omit multicast announce of first added radio (bsc#1051510).
- mac80211_hwsim: fix module init error paths for netlink (bsc#1051510).
- mac80211_hwsim: Timer should be initialized before device registered (bsc#1051510).
- mac80211: ignore NullFunc frames in the duplicate detection (bsc#1051510).
- mac80211: ignore tx status for PS stations in ieee80211_tx_status_ext (bsc#1051510).
- mac80211: TDLS: fix skb queue/priority assignment (bsc#1051510).
- mach64: fix display corruption on big endian machines (bsc#1113722)
- mach64: fix image corruption due to reading accelerator registers (bsc#1113722)
- mailbox: PCC: handle parse error (bsc#1051510).
- Mark HI and TASKLET softirq synchronous (git-fixes).
- md: allow metadata updates while suspending an array - fix (git-fixes).
- MD: fix invalid stored role for a disk - try2 (git-fixes).
- md: fix raid10 hang issue caused by barrier (git-fixes).
- media: em28xx: Fix use-after-free when disconnecting (bsc#1051510).
- media: em28xx: make v4l2-compliance happier by starting sequence on zero (bsc#1051510).
- media: omap3isp: Unregister media device as first (bsc#1051510).
- memory_hotplug: cond_resched in __remove_pages (bnc#1114178).
- mfd: menelaus: Fix possible race condition and leak (bsc#1051510).
- mfd: omap-usb-host: Fix dts probe of children (bsc#1051510).
- mlxsw: spectrum: Fix IP2ME CPU policer configuration (networking-stable-18_11_21).
- mmc: bcm2835: reset host on timeout (bsc#1051510).
- mmc: core: Allow BKOPS and CACHE ctrl even if no HPI support (bsc#1051510).
- mmc: core: Reset HPI enabled state during re-init and in case of errors (bsc#1051510).
- mmc: core: Use a minimum 1600ms timeout when enabling CACHE ctrl (bsc#1051510).
- mmc: dw_mmc-bluefield: Add driver extension (bsc#1118752).
- mmc: dw_mmc-k3: add sd support for hi3660 (bsc#1118752).
- mmc: dw_mmc-rockchip: correct property names in debug (bsc#1051510).
- mmc: OMAP: fix broken MMC on OMAP15XX/OMAP5910/OMAP310 (bsc#1051510).
- mmc: omap_hsmmc: fix DMA API warning (bsc#1051510).
- mmc: sdhci: fix the timeout check window for clock and reset (bsc#1051510).
- mmc: sdhci-pci-o2micro: Add quirk for O2 Micro dev 0x8620 rev 0x01 (bsc#1051510).
- mm: do not miss the last page because of round-off error (bnc#1118798).
- mm: do not warn about large allocations for slab (git fixes (slab)).
- mm: handle no memcg case in memcg_kmem_charge() properly (bnc#1113677).
- mm/huge_memory.c: reorder operations in __split_huge_page_tail() (VM Functionality bsc#1119962).
- mm/huge_memory: fix lockdep complaint on 32-bit i_size_read() (VM Functionality, bsc#1121599).
- mm/huge_memory: rename freeze_page() to unmap_page() (VM Functionality, bsc#1121599).
- mm/huge_memory: splitting set mapping+index before unfreeze (VM Functionality, bsc#1121599).
- mm: hugetlb: yield when prepping struct pages (git fixes (memory initialisation)).
- mm/khugepaged: collapse_shmem() do not crash on Compound (VM Functionality, bsc#1121599).
- mm/khugepaged: collapse_shmem() remember to clear holes (VM Functionality, bsc#1121599).
- mm/khugepaged: collapse_shmem() stop if punched or truncated (VM Functionality, bsc#1121599).
- mm/khugepaged: collapse_shmem() without freezing new_page (VM Functionality, bsc#1121599).
- mm/khugepaged: fix crashes due to misaccounted holes (VM Functionality, bsc#1121599).
- mm/khugepaged: minor reorderings in collapse_shmem() (VM Functionality, bsc#1121599).
- mm: lower the printk loglevel for __dump_page messages (generic hotplug debugability).
- mm, memory_hotplug: be more verbose for memory offline failures (generic hotplug debugability).
- mm, memory_hotplug: drop pointless block alignment checks from __offline_pages (generic hotplug debugability).
- mm, memory_hotplug: print reason for the offlining failure (generic hotplug debugability).
- mm: migration: fix migration of huge PMD shared pages (bnc#1086423).
- mm: only report isolation failures when offlining memory (generic hotplug debugability).
- mm: print more information about mapping in __dump_page (generic hotplug debugability).
- mm: put_and_wait_on_page_locked() while page is migrated (bnc#1109272).
- mm: rework memcg kernel stack accounting (bnc#1113677).
- mm: sections are not offlined during memory hotremove (bnc#1119968).
- mm: shmem.c: Correctly annotate new inodes for lockdep (Git fixes: shmem).
- mm/vmstat.c: fix NUMA statistics updates (git fixes).
- mount: Do not allow copying MNT_UNBINDABLE|MNT_LOCKED mounts (bsc#1117819).
- mount: Prevent MNT_DETACH from disconnecting locked mounts (bsc#1117820).
- mount: Retest MNT_LOCKED in do_umount (bsc#1117818).
- Move dell_rbu fix to sorted section (bsc#1087978).
- mtd: cfi: convert inline functions to macros (git-fixes).
- mtd: Fix comparison in map_word_andequal() (git-fixes).
- namei: allow restricted O_CREAT of FIFOs and regular files (bsc#1118766).
- nbd: do not allow invalid blocksize settings (Git-fixes).
- neighbour: confirm neigh entries when ARP packet is received (networking-stable-18_09_24).
- net/af_iucv: drop inbound packets with invalid flags (bnc#1113501, LTC#172679).
- net/af_iucv: fix skb handling on HiperTransport xmit error (bnc#1113501, LTC#172679).
- net/appletalk: fix minor pointer leak to userspace in SIOCFINDIPDDPRT (networking-stable-18_09_24).
- net: aquantia: memory corruption on jumbo frames (networking-stable-18_10_16).
- net: bcmgenet: Poll internal PHY for GENETv5 (networking-stable-18_11_02).
- net: bcmgenet: protect stop from timeout (networking-stable-18_11_21).
- net: bcmgenet: use MAC link status for fixed phy (networking-stable-18_09_11).
- net: bgmac: Fix endian access in bgmac_dma_tx_ring_free() (bsc#1051510).
- net: bridge: remove ipv6 zero address check in mcast queries (git-fixes).
- net: dsa: bcm_sf2: Call setup during switch resume (networking-stable-18_10_16).
- net: dsa: bcm_sf2: Fix unbind ordering (networking-stable-18_10_16).
- net: dsa: mv88e6xxx: Fix binding documentation for MDIO busses (git-fixes).
- net: dsa: qca8k: Add QCA8334 binding documentation (git-fixes).
- net: ena: add functions for handling Low Latency Queues in ena_com (bsc#1111696 bsc#1117561).
- net: ena: add functions for handling Low Latency Queues in ena_netdev (bsc#1111696 bsc#1117561).
- net: ena: change rx copybreak default to reduce kernel memory pressure (bsc#1111696 bsc#1117561).
- net: ena: complete host info to match latest ENA spec (bsc#1111696 bsc#1117561).
- net: ena: enable Low Latency Queues (bsc#1111696 bsc#1117561).
- net: ena: explicit casting and initialization, and clearer error handling (bsc#1111696 bsc#1117561).
- net: ena: fix auto casting to boolean (bsc#1111696 bsc#1117561).
- net: ena: fix compilation error in xtensa architecture (bsc#1111696 bsc#1117561).
- net: ena: fix crash during ena_remove() (bsc#1111696 bsc#1117561).
- net: ena: fix crash during failed resume from hibernation (bsc#1111696 bsc#1117561).
- net: ena: fix indentations in ena_defs for better readability (bsc#1111696 bsc#1117561).
- net: ena: Fix Kconfig dependency on X86 (bsc#1111696 bsc#1117561).
- net: ena: fix NULL dereference due to untimely napi initialization (bsc#1111696 bsc#1117561).
- net: ena: fix rare bug when failed restart/resume is followed by driver removal (bsc#1111696 bsc#1117561).
- net: ena: fix warning in rmmod caused by double iounmap (bsc#1111696 bsc#1117561).
- net: ena: introduce Low Latency Queues data structures according to ENA spec (bsc#1111696 bsc#1117561).
- net: ena: limit refill Rx threshold to 256 to avoid latency issues (bsc#1111696 bsc#1117561).
- net: ena: minor performance improvement (bsc#1111696 bsc#1117561).
- net: ena: remove ndo_poll_controller (bsc#1111696 bsc#1117561).
- net: ena: remove redundant parameter in ena_com_admin_init() (bsc#1111696 bsc#1117561).
- net: ena: update driver version from 2.0.1 to 2.0.2 (bsc#1111696 bsc#1117561).
- net: ena: update driver version to 2.0.1 (bsc#1111696 bsc#1117561).
- net: ena: use CSUM_CHECKED device indication to report skb's checksum status (bsc#1111696 bsc#1117561).
- net: fec: do not dump RX FIFO register when not available (networking-stable-18_11_02).
- net-gro: reset skb->pkt_type in napi_reuse_skb() (networking-stable-18_11_21).
- net: hns3: Add nic state check before calling netif_tx_wake_queue (bsc#1104353).
- net: hns3: Add support for hns3_nic_netdev_ops.ndo_do_ioctl (bsc#1104353).
- net: hns3: bugfix for buffer not free problem during resetting (bsc#1104353).
- net: hns3: bugfix for handling mailbox while the command queue reinitialized (bsc#1104353).
- net: hns3: bugfix for hclge_mdio_write and hclge_mdio_read (bsc#1104353).
- net: hns3: bugfix for is_valid_csq_clean_head() (bsc#1104353 ).
- net: hns3: bugfix for reporting unknown vector0 interrupt repeatly problem (bsc#1104353).
- net: hns3: bugfix for rtnl_lock's range in the hclgevf_reset() (bsc#1104353).
- net: hns3: bugfix for the initialization of command queue's spin lock (bsc#1104353).
- net: hns3: Check hdev state when getting link status (bsc#1104353).
- net: hns3: Clear client pointer when initialize client failed or unintialize finished (bsc#1104353).
- net: hns3: Fix cmdq registers initialization issue for vf (bsc#1104353).
- net: hns3: Fix error of checking used vlan id (bsc#1104353 ).
- net: hns3: Fix ets validate issue (bsc#1104353).
- net: hns3: Fix for netdev not up problem when setting mtu (bsc#1104353).
- net: hns3: Fix for out-of-bounds access when setting pfc back pressure (bsc#1104353).
- net: hns3: Fix for packet buffer setting bug (bsc#1104353 ).
- net: hns3: Fix for rx vlan id handle to support Rev 0x21 hardware (bsc#1104353).
- net: hns3: Fix for setting speed for phy failed problem (bsc#1104353).
- net: hns3: Fix for vf vlan delete failed problem (bsc#1104353 ).
- net: hns3: Fix loss of coal configuration while doing reset (bsc#1104353).
- net: hns3: Fix parameter type for q_id in hclge_tm_q_to_qs_map_cfg() (bsc#1104353).
- net: hns3: Fix ping exited problem when doing lp selftest (bsc#1104353).
- net: hns3: Preserve vlan 0 in hardware table (bsc#1104353 ).
- net: hns3: remove unnecessary queue reset in the hns3_uninit_all_ring() (bsc#1104353).
- net: hns3: Set STATE_DOWN bit of hdev state when stopping net (bsc#1104353).
- net: hns: fix for unmapping problem when SMMU is on (networking-stable-18_10_16).
- net: hp100: fix always-true check for link up state (networking-stable-18_09_24).
- net: ibm: fix return type of ndo_start_xmit function ().
- net/ibmnvic: Fix deadlock problem in reset ().
- net/ibmvnic: Fix RTNL deadlock during device reset (bnc#1115431).
- net: ipmr: fix unresolved entry dumps (networking-stable-18_11_02).
- net: ipv4: do not let PMTU updates increase route MTU (git-fixes).
- net/ipv6: Display all addresses in output of /proc/net/if_inet6 (networking-stable-18_10_16).
- net/ipv6: Fix index counter for unicast addresses in in6_dump_addrs (networking-stable-18_11_02).
- netlabel: check for IPV4MASK in addrinfo_get (networking-stable-18_10_16).
- net: macb: do not disable MDIO bus at open/close time (networking-stable-18_09_11).
- net/mlx4_core: Correctly set PFC param if global pause is turned off (bsc#1046299).
- net/mlx5: Check for error in mlx5_attach_interface (networking-stable-18_09_18).
- net/mlx5e: Fix selftest for small MTUs (networking-stable-18_11_21).
- net/mlx5e: Set vlan masks for all offloaded TC rules (networking-stable-18_10_16).
- net/mlx5: E-Switch, Fix memory leak when creating switchdev mode FDB tables (networking-stable-18_09_18).
- net/mlx5: E-Switch, Fix out of bound access when setting vport rate (networking-stable-18_10_16).
- net/mlx5: Fix debugfs cleanup in the device init/remove flow (networking-stable-18_09_18).
- net/mlx5: Fix use-after-free in self-healing flow (networking-stable-18_09_18).
- net/mlx5: Take only bit 24-26 of wqe.pftype_wq for page fault type (networking-stable-18_11_02).
- net: mvpp2: Extract the correct ethtype from the skb for tx csum offload (networking-stable-18_10_16).
- net: mvpp2: fix a txq_done race condition (networking-stable-18_10_16).
- net/packet: fix packet drop as of virtio gso (networking-stable-18_10_16).
- net: phy: mdio-gpio: Fix working over slow can_sleep GPIOs (networking-stable-18_11_21).
- net: qca_spi: Fix race condition in spi transfers (networking-stable-18_09_18).
- net: qmi_wwan: add Wistron Neweb D19Q1 (bsc#1051510).
- net: sched: action_ife: take reference to meta module (networking-stable-18_09_11).
- net/sched: act_pedit: fix dump of extended layered op (networking-stable-18_09_11).
- net/sched: act_sample: fix NULL dereference in the data path (networking-stable-18_09_24).
- net: sched: Fix for duplicate class dump (networking-stable-18_11_02).
- net: sched: Fix memory exposure from short TCA_U32_SEL (networking-stable-18_09_11).
- net: sched: gred: pass the right attribute to gred_change_table_def() (networking-stable-18_11_02).
- net: smsc95xx: Fix MTU range (networking-stable-18_11_21).
- net: socket: fix a missing-check bug (networking-stable-18_11_02).
- net: stmmac: Fix stmmac_mdio_reset() when building stmmac as modules (networking-stable-18_11_02).
- net: stmmac: Fixup the tail addr setting in xmit path (networking-stable-18_10_16).
- net: systemport: Fix wake-up interrupt race during resume (networking-stable-18_10_16).
- net: systemport: Protect stop from timeout (networking-stable-18_11_21).
- net: udp: fix handling of CHECKSUM_COMPLETE packets (networking-stable-18_11_02).
- net/usb: cancel pending work when unbinding smsc75xx (networking-stable-18_10_16).
- net: usb: r8152: constify usb_device_id (bsc#1119749).
- net: usb: r8152: use irqsave() in USB's complete callback (bsc#1119749).
- nfp: wait for posted reconfigs when disabling the device (networking-stable-18_09_11).
- nfs: Avoid RCU usage in tracepoints (git-fixes).
- nfs: commit direct writes even if they fail partially (git-fixes).
- nfsd4: permit layoutget of executable-only files (git-fixes).
- nfsd: check for use of the closed special stateid (git-fixes).
- nfsd: CLOSE SHOULD return the invalid special stateid for NFSv4.x (x>0) (git-fixes).
- nfsd: deal with revoked delegations appropriately (git-fixes).
- nfsd: Ensure we check stateid validity in the seqid operation checks (git-fixes).
- nfsd: Fix another OPEN stateid race (git-fixes).
- nfsd: fix corrupted reply to badly ordered compound (git-fixes).
- nfsd: fix potential use-after-free in nfsd4_decode_getdeviceinfo (git-fixes).
- nfsd: Fix stateid races between OPEN and CLOSE (git-fixes).
- nfs: do not wait on commit in nfs_commit_inode() if there were no commit requests (git-fixes).
- nfsd: restrict rd_maxcount to svc_max_payload in nfsd_encode_readdir (git-fixes).
- nfs: Ensure we commit after writeback is complete (bsc#1111809).
- nfs: Fix an incorrect type in struct nfs_direct_req (git-fixes).
- nfs: Fix a typo in nfs_rename() (git-fixes).
- nfs: Fix typo in nomigration mount option (git-fixes).
- nfs: Fix unstable write completion (git-fixes).
- nfsv4.0 fix client reference leak in callback (git-fixes).
- nfsv4.1: Fix a potential layoutget/layoutrecall deadlock (git-fixes).
- nfsv4.1 fix infinite loop on I/O (git-fixes).
- nfsv4.1: Fix the client behaviour on NFS4ERR_SEQ_FALSE_RETRY (git-fixes).
- nfsv4.1: Fix up replays of interrupted requests (git-fixes).
- nfsv4: Fix a typo in nfs41_sequence_process (git-fixes).
- nl80211: Fix possible Spectre-v1 for CQM RSSI thresholds (bsc#1051510).
- nl80211: Fix possible Spectre-v1 for NL80211_TXRATE_HT (bsc#1051510).
- nospec: Allow index argument to have const-qualified type (git-fixes)
- nospec: Include <asm/barrier.h> dependency (bsc#1114279).
- nospec: Kill array_index_nospec_mask_check() (git-fixes).
- nvme-fc: resolve io failures during connect (bsc#1116803).
- nvme: Free ctrl device name on init failure ().
- nvme-multipath: zero out ANA log buffer (bsc#1105168).
- nvme: validate controller state before rescheduling keep alive (bsc#1103257).
- objtool: Detect RIP-relative switch table references (bsc#1058115).
- objtool: Detect RIP-relative switch table references, part 2 (bsc#1058115).
- objtool: Fix another switch table detection issue (bsc#1058115).
- objtool: Fix double-free in .cold detection error path (bsc#1058115).
- objtool: Fix GCC 8 cold subfunction detection for aliased functions (bsc#1058115).
- objtool: Fix 'noreturn' detection for recursive sibling calls (bsc#1058115).
- objtool: Fix segfault in .cold detection with -ffunction-sections (bsc#1058115).
- objtool: Support GCC 8's cold subfunctions (bsc#1058115).
- objtool: Support GCC 8 switch tables (bsc#1058115).
- ocfs2: fix a misuse a of brelse after failing ocfs2_check_dir_entry (bsc#1117817).
- ocfs2: fix locking for res->tracking and dlm->tracking_list (bsc#1117816).
- ocfs2: fix ocfs2 read block panic (bsc#1117815).
- ocfs2: free up write context when direct IO failed (bsc#1117821).
- ocfs2: subsystem.su_mutex is required while accessing the item->ci_parent (bsc#1117808).
- openvswitch: Fix push/pop ethernet validation (networking-stable-18_11_02).
- panic: avoid deadlocks in re-entrant console drivers (bsc#1088386).
- PCI: Add ACS quirk for Ampere root ports (bsc#1120058).
- PCI: Add ACS quirk for APM X-Gene devices (bsc#1120058).
- PCI: Add Device IDs for Intel GPU 'spurious interrupt' quirk (bsc#1051510).
- PCI/ASPM: Do not initialize link state when aspm_disabled is set (bsc#1051510).
- PCI: Convert device-specific ACS quirks from NULL termination to ARRAY_SIZE (bsc#1120058).
- PCI: Delay after FLR of Intel DC P3700 NVMe (bsc#1120058).
- PCI: Disable Samsung SM961/PM961 NVMe before FLR (bsc#1120058).
- PCI: dwc: remove duplicate fix References: bsc#1115269 Patch has been already applied by the following commit: 9f73db8b7c PCI: dwc: Fix enumeration end when reaching root subordinate (bsc#1051510)
- PCI: Export pcie_has_flr() (bsc#1120058).
- PCI: hv: Use effective affinity mask (bsc#1109772).
- PCI: imx6: Fix link training status detection in link up check (bsc#1109806).
- PCI: iproc: Activate PAXC bridge quirk for more devices (bsc#1120058).
- PCI: iproc: Remove PAXC slot check to allow VF support (bsc#1109806).
- PCI: Mark Ceton InfiniTV4 INTx masking as broken (bsc#1120058).
- PCI: Mark fall-through switch cases before enabling -Wimplicit-fallthrough (bsc#1120058).
- PCI: Mark Intel XXV710 NIC INTx masking as broken (bsc#1120058).
- PCI/MSI: Warn and return error if driver enables MSI/MSI-X twice (bsc#1051510).
- PCI: vmd: Assign vector zero to all bridges (bsc#1109806).
- PCI: vmd: Detach resources after stopping root bus (bsc#1109806).
- PCI: vmd: White list for fast interrupt handlers (bsc#1109806).
- pcmcia: Implement CLKRUN protocol disabling for Ricoh bridges (bsc#1051510).
- percpu: make this_cpu_generic_read() atomic w.r.t. interrupts (bsc#1114279).
- perf: fix invalid bit in diagnostic entry (git-fixes).
- perf tools: Fix tracing_path_mount proper path (git-fixes).
- pinctrl: at91-pio4: fix has_config check in atmel_pctl_dt_subnode_to_map() (bsc#1051510).
- pinctrl: meson: fix pinconf bias disable (bsc#1051510).
- pinctrl: qcom: spmi-mpp: Fix drive strength setting (bsc#1051510).
- pinctrl: qcom: spmi-mpp: Fix err handling of pmic_mpp_set_mux (bsc#1051510).
- pinctrl: spmi-mpp: Fix pmic_mpp_config_get() to be compliant (bsc#1051510).
- pinctrl: ssbi-gpio: Fix pm8xxx_pin_config_get() to be compliant (bsc#1051510).
- platform-msi: Free descriptors in platform_msi_domain_free() (bsc#1051510).
- platform/x86: acerhdf: Add BIOS entry for Gateway LT31 v1.3307 (bsc#1051510).
- platform/x86: intel_telemetry: report debugfs failure (bsc#1051510).
- pNFS: Always free the session slot on error in nfs4_layoutget_handle_exception (git-fixes).
- pNFS: Do not release the sequence slot until we've processed layoutget on open (git-fixes).
- pNFS: Prevent the layout header refcount going to zero in pnfs_roc() (git-fixes).
- powerpc/64s: consolidate MCE counter increment (bsc#1094244).
- powerpc/64s/hash: Do not use PPC_INVALIDATE_ERAT on CPUs before POWER9 (bsc#1065729).
- powerpc/64s/radix: Fix process table entry cache invalidation (bsc#1055186, git-fixes).
- powerpc/boot: Expose Kconfig symbols to wrapper (bsc#1065729).
- powerpc/boot: Fix build failures with -j 1 (bsc#1065729).
- powerpc/boot: Fix opal console in boot wrapper (bsc#1065729).
- powerpc/mm: Fix typo in comments (bsc#1065729).
- powerpc/mm/keys: Move pte bits to correct headers (bsc#1078248).
- powerpc/npu-dma.c: Fix crash after __mmu_notifier_register failure (bsc#1055120).
- powerpc/perf: Update raw-event code encoding comment for power8 (bsc#1065729).
- powerpc/pkeys: Fix handling of pkey state across fork() (bsc#1078248, git-fixes).
- powerpc/powernv: Do not select the cpufreq governors (bsc#1065729).
- powerpc/powernv: Fix concurrency issue with npu->mmio_atsd_usage (bsc#1055120).
- powerpc/powernv: Fix opal_event_shutdown() called with interrupts disabled (bsc#1065729).
- powerpc/powernv: Fix save/restore of SPRG3 on entry/exit from stop (idle) (bsc#1055121).
- powerpc/powernv/npu: Add lock to prevent race in concurrent context init/destroy (bsc#1055120).
- powerpc/powernv/npu: Do not explicitly flush nmmu tlb (bsc#1055120).
- powerpc/powernv/npu: Fix deadlock in mmio_invalidate() (bsc#1055120).
- powerpc/powernv/npu: Prevent overwriting of pnv_npu2_init_contex() callback parameters (bsc#1055120).
- powerpc/powernv/npu: Use flush_all_mm() instead of flush_tlb_mm() (bsc#1055120).
- powerpc/powernv/pci: Work around races in PCI bridge enabling (bsc#1055120).
- powerpc/pseries: Fix DTL buffer registration (bsc#1065729).
- powerpc/pseries: Fix how we iterate over the DTL entries (bsc#1065729).
- powerpc/pseries/mobility: Extend start/stop topology update scope (bsc#1116950, bsc#1115709).
- powerpc/pseries: Track LMB nid instead of using device tree (bsc#1108270).
- powerpc/traps: restore recoverability of machine_check interrupts (bsc#1094244).
- power: supply: max8998-charger: Fix platform data retrieval (bsc#1051510).
- power: supply: olpc_battery: correct the temperature units (bsc#1051510).
- pppoe: fix reception of frames with no mac header (networking-stable-18_09_24).
- printk: Fix panic caused by passing log_buf_len to command line (bsc#1117168).
- provide linux/set_memory.h (bsc#1113295).
- ptp: fix Spectre v1 vulnerability (bsc#1051510).
- ptrace: Remove unused ptrace_may_access_sched() and MODE_IBRS (bsc#1106913).
- pwm: lpss: Release runtime-pm reference from the driver's remove callback (bsc#1051510).
- pxa168fb: prepare the clock (bsc#1051510).
- qed: Add driver support for 20G link speed (bsc#1110558).
- qed: Add support for virtual link (bsc#1111795).
- qede: Add driver support for 20G link speed (bsc#1110558).
- qmi_wwan: apply SET_DTR quirk to the SIMCOM shared device ID (bsc#1051510).
- qmi_wwan: Support dynamic config on Quectel EP06 (bsc#1051510).
- r8152: add byte_enable for ocp_read_word function (bsc#1119749).
- r8152: add Linksys USB3GIGV1 id (bsc#1119749).
- r8152: add r8153_phy_status function (bsc#1119749).
- r8152: adjust lpm settings for RTL8153 (bsc#1119749).
- r8152: adjust rtl8153_runtime_enable function (bsc#1119749).
- r8152: adjust the settings about MAC clock speed down for RTL8153 (bsc#1119749).
- r8152: adjust U2P3 for RTL8153 (bsc#1119749).
- r8152: avoid rx queue more than 1000 packets (bsc#1119749).
- r8152: check if disabling ALDPS is finished (bsc#1119749).
- r8152: correct the definition (bsc#1119749).
- r8152: disable RX aggregation on Dell TB16 dock (bsc#1119749).
- r8152: disable RX aggregation on new Dell TB16 dock (bsc#1119749).
- r8152: fix wrong checksum status for received IPv4 packets (bsc#1119749).
- r8152: move calling delay_autosuspend function (bsc#1119749).
- r8152: move the default coalesce setting for RTL8153 (bsc#1119749).
- r8152: move the initialization to reset_resume function (bsc#1119749).
- r8152: move the setting of rx aggregation (bsc#1119749).
- r8152: replace napi_complete with napi_complete_done (bsc#1119749).
- r8152: set rx mode early when linking on (bsc#1119749).
- r8152: split rtl8152_resume function (bsc#1119749).
- r8152: support new chip 8050 (bsc#1119749).
- r8152: support RTL8153B (bsc#1119749).
- r8169: fix NAPI handling under high load (networking-stable-18_11_02).
- rbd: whitelist RBD_FEATURE_OPERATIONS feature bit (Git-fixes).
- rcu: Allow for page faults in NMI handlers (bsc#1120092).
- RDMA/bnxt_re: Add missing spin lock initialization (bsc#1050244 ).
- RDMA/bnxt_re: Avoid accessing the device structure after it is freed (bsc#1050244).
- RDMA/bnxt_re: Avoid NULL check after accessing the pointer (bsc#1086283).
- RDMA/bnxt_re: Fix system hang when registration with L2 driver fails (bsc#1086283).
- RDMA/hns: Bugfix pbl configuration for rereg mr (bsc#1104427 ).
- rdma_rxe: make rxe work over 802.1q VLAN devices (bsc#1082387).
- rds: fix two RCU related problems (networking-stable-18_09_18).
- remoteproc: qcom: Fix potential device node leaks (bsc#1051510).
- reset: hisilicon: fix potential NULL pointer dereference (bsc#1051510).
- reset: imx7: Fix always writing bits as 0 (bsc#1051510).
- reset: remove remaining WARN_ON() in <linux/reset.h> (Git-fixes).
- Revert 'ceph: fix dentry leak in splice_dentry()' (bsc#1114839).
- Revert commit ef9209b642f 'staging: rtl8723bs: Fix indenting errors and an off-by-one mistake in core/rtw_mlme_ext.c' (bsc#1051510).
- Revert 'iommu/io-pgtable-arm: Check for v7s-incapable systems' (bsc#1106105).
- Revert 'PCI/ASPM: Do not initialize link state when aspm_disabled is set' (bsc#1051510).
- Revert 'powerpc/64: Fix checksum folding in csum_add()' (bsc#1065729).
- Revert 'scsi: lpfc: ls_rjt erroneus FLOGIs' (bsc#1119322).
- Revert 'usb: dwc3: gadget: skip Set/Clear Halt when invalid' (bsc#1051510).
- Revert wlcore patch to follow stable tree develpment
- ring-buffer: Allow for rescheduling when removing pages (bsc#1120238).
- ring-buffer: Do no reuse reader page if still in use (bsc#1120096).
- ring-buffer: Mask out the info bits when returning buffer page length (bsc#1120094).
- rpm/kernel-binary.spec.in: add macros.s into kernel-*-devel Starting with 4.20-rc1, file arch/*/kernel/macros.s is needed to build out of tree modules. Add it to kernel-${flavor}-devel packages if it exists.
- rpm/kernel-binary.spec.in: allow unsupported modules for -extra (bsc#1111183). SLE-15 and later only.
- rpm: use syncconfig instead of silentoldconfig where available Since mainline commit 0085b4191f3e ('kconfig: remove silentoldconfig target'), 'make silentoldconfig' can be no longer used. Use 'make syncconfig' instead if available.
- rtc: hctosys: Add missing range error reporting (bsc#1051510).
- rtc: m41t80: Correct alarm month range with RTC reads (bsc#1051510).
- rtc: pcf2127: fix a kmemleak caused in pcf2127_i2c_gather_write (bsc#1051510).
- rtc: snvs: Add timeouts to avoid kernel lockups (bsc#1051510).
- rtl8xxxu: Fix missing break in switch (bsc#1051510).
- rtnetlink: Disallow FDB configuration for non-Ethernet device (networking-stable-18_11_02).
- rtnetlink: fix rtnl_fdb_dump() for ndmsg header (networking-stable-18_10_16).
- rtnl: limit IFLA_NUM_TX_QUEUES and IFLA_NUM_RX_QUEUES to 4096 (networking-stable-18_10_16).
- s390/cpum_sf: Add data entry sizes to sampling trailer entry (git-fixes).
- s390/dasd: simplify locking in dasd_times_out (bsc#1104967,).
- s390/kdump: Fix elfcorehdr size calculation (bsc#1117953, LTC#171112).
- s390/kdump: Make elfcorehdr size calculation ABI compliant (bsc#1117953, LTC#171112).
- s390/kvm: fix deadlock when killed by oom (bnc#1113501, LTC#172235).
- s390/mm: Check for valid vma before zapping in gmap_discard (git-fixes).
- s390/mm: correct allocate_pgste proc_handler callback (git-fixes).
- s390: qeth_core_mpc: Use ARRAY_SIZE instead of reimplementing its function (bnc#1113501, LTC#172682).
- s390/qeth: fix HiperSockets sniffer (bnc#1113501, LTC#172953).
- s390/qeth: fix length check in SNMP processing (bsc#1117953, LTC#173657).
- s390: qeth: Fix potential array overrun in cmd/rc lookup (bnc#1113501, LTC#172682).
- s390/qeth: handle failure on workqueue creation (git-fixes).
- s390/qeth: remove outdated portname debug msg (bsc#1117953, LTC#172960).
- s390/qeth: report 25Gbit link speed (bnc#1113501, LTC#172959).
- s390/qeth: sanitize strings in debug messages (bsc#1117953, LTC#172960).
- s390: revert ELF_ET_DYN_BASE base changes (git-fixes).
- s390/sclp_tty: enable line mode tty even if there is an ascii console (git-fixes).
- s390/sthyi: add cache to store hypervisor info (LTC#160415, bsc#1068273).
- s390/sthyi: add s390_sthyi system call (LTC#160415, bsc#1068273).
- s390/sthyi: reorganize sthyi implementation (LTC#160415, bsc#1068273).
- sbitmap: fix race in wait batch accounting (Git-fixes).
- sched/core: Fix cpu.max vs. cpuhotplug deadlock (bsc#1106913).
- sched/fair: Fix infinite loop in update_blocked_averages() by reverting a9e7f6544b9c (Git fixes (scheduler)).
- sched/smt: Expose sched_smt_present static key (bsc#1106913).
- sched/smt: Make sched_smt_present track topology (bsc#1106913).
- sched, tracing: Fix trace_sched_pi_setprio() for deboosting (bsc#1120228).
- scripts/git-pre-commit: make executable.
- scripts/git_sort/git_sort.py: add mkp/scsi.git 4.21/scsi-queue
- scripts/git_sort/git_sort.py: change SCSI git repos to make series sorting more failsafe.
- scsi: core: Avoid that SCSI device removal through sysfs triggers a deadlock (bsc#1114578).
- scsi: libsas: remove irq save in sas_ata_qc_issue() (bsc#1114580).
- scsi: lpfc: add support to retrieve firmware logs (bsc#1114015).
- scsi: lpfc: add Trunking support (bsc#1114015).
- scsi: lpfc: Cap NPIV vports to 256 (bsc#1118215).
- scsi: lpfc: Correct code setting non existent bits in sli4 ABORT WQE (bsc#1118215).
- scsi: lpfc: Correct errors accessing fw log (bsc#1114015).
- scsi: lpfc: Correct invalid EQ doorbell write on if_type=6 (bsc#1114015).
- scsi: lpfc: Correct irq handling via locks when taking adapter offline (bsc#1114015).
- scsi: lpfc: Correct LCB RJT handling (bsc#1114015).
- scsi: lpfc: Correct loss of fc4 type on remote port address change (bsc#1114015).
- scsi: lpfc: Correct race with abort on completion path (bsc#1114015).
- scsi: lpfc: Correct soft lockup when running mds diagnostics (bsc#1114015).
- scsi: lpfc: Correct speeds on SFP swap (bsc#1114015).
- scsi: lpfc: Correct topology type reporting on G7 adapters (bsc#1118215).
- scsi: lpfc: Defer LS_ACC to FLOGI on point to point logins (bsc#1118215).
- scsi: lpfc: Enable Management features for IF_TYPE=6 (bsc#1119322).
- scsi: lpfc: fcoe: Fix link down issue after 1000+ link bounces (bsc#1114015).
- scsi: lpfc: Fix a duplicate 0711 log message number (bsc#1118215).
- scsi: lpfc: fix block guard enablement on SLI3 adapters (bsc#1079935).
- scsi: lpfc: Fix dif and first burst use in write commands (bsc#1118215).
- scsi: lpfc: Fix discovery failures during port failovers with lots of vports (bsc#1118215).
- scsi: lpfc: Fix driver release of fw-logging buffers (bsc#1118215).
- scsi: lpfc: Fix errors in log messages (bsc#1114015).
- scsi: lpfc: Fix GFT_ID and PRLI logic for RSCN (bsc#1114015).
- scsi: lpfc: Fix kernel Oops due to null pring pointers (bsc#1118215).
- scsi: lpfc: Fix LOGO/PLOGI handling when triggerd by ABTS Timeout event (bsc#1114015).
- scsi: lpfc: Fix lpfc_sli4_read_config return value check (bsc#1114015).
- scsi: lpfc: Fix odd recovery in duplicate FLOGIs in point-to-point (bsc#1114015).
- scsi: lpfc: Fix panic when FW-log buffsize is not initialized (bsc#1118215).
- scsi: lpfc: Implement GID_PT on Nameserver query to support faster failover (bsc#1114015).
- scsi: lpfc: ls_rjt erroneus FLOGIs (bsc#1118215).
- scsi: lpfc: Raise nvme defaults to support a larger io and more connectivity (bsc#1114015).
- scsi: lpfc: raise sg count for nvme to use available sg resources (bsc#1114015).
- scsi: lpfc: reduce locking when updating statistics (bsc#1114015).
- scsi: lpfc: refactor mailbox structure context fields (bsc#1118215).
- scsi: lpfc: Remove set but not used variable 'sgl_size' (bsc#1114015).
- scsi: lpfc: Reset link or adapter instead of doing infinite nameserver PLOGI retry (bsc#1114015).
- scsi: lpfc: rport port swap discovery issue (bsc#1118215).
- scsi: lpfc: Synchronize access to remoteport via rport (bsc#1114015).
- scsi: lpfc: update driver version to 12.0.0.7 (bsc#1114015).
- scsi: lpfc: update driver version to 12.0.0.8 (bsc#1114015).
- scsi: lpfc: update driver version to 12.0.0.9 (bsc#1118215).
- scsi: lpfc: update manufacturer attribute to reflect Broadcom (bsc#1118215).
- scsi: qlogicpti: Fix an error handling path in 'qpti_sbus_probe()' (bsc#1114581).
- scsi: scsi_transport_srp: Fix shost to rport translation (bsc#1114582).
- scsi: sg: fix minor memory leak in error path (bsc#1114584).
- scsi: sysfs: Introduce sysfs_{un,}break_active_protection() (bsc#1114578).
- scsi: target: add emulate_pr backstore attr to toggle PR support (bsc#1091405).
- scsi: target: drop unused pi_prot_format attribute storage (bsc#1091405).
- scsi: target: Fix fortify_panic kernel exception (bsc#1114576).
- scsi: target/tcm_loop: Avoid that static checkers warn about dead code (bsc#1114577).
- scsi: target: tcmu: add read length support (bsc#1097755).
- scsi: zfcp: fix posting too many status read buffers leading to adapter shutdown (bsc#1121483, LTC#174588).
- sctp: fix race on sctp_id2asoc (networking-stable-18_11_02).
- sctp: fix strchange_flags name for Stream Change Event (networking-stable-18_11_21).
- sctp: hold transport before accessing its asoc in sctp_transport_get_next (networking-stable-18_09_11).
- sctp: not allow to set asoc prsctp_enable by sockopt (networking-stable-18_11_21).
- sctp: not increase stream's incnt before sending addstrm_in request (networking-stable-18_11_21).
- sctp: update dst pmtu with the correct daddr (networking-stable-18_10_16).
- shmem: introduce shmem_inode_acct_block (VM Functionality, bsc#1121599).
- shmem: shmem_charge: verify max_block is not exceeded before inode update (VM Functionality, bsc#1121599).
- skd: Avoid that module unloading triggers a use-after-free (Git-fixes).
- skd: Submit requests to firmware before triggering the doorbell (Git-fixes).
- skip LAYOUTRETURN if layout is invalid (git-fixes).
- soc: bcm2835: sync firmware properties with downstream ()
- soc: fsl: qbman: qman: avoid allocating from non existing gen_pool (bsc#1051510).
- soc: ti: QMSS: Fix usage of irq_set_affinity_hint (bsc#1051510).
- spi: bcm2835: Avoid finishing transfer prematurely in IRQ mode (bsc#1051510).
- spi: bcm2835: Fix book-keeping of DMA termination (bsc#1051510).
- spi: bcm2835: Fix race on DMA termination (bsc#1051510).
- spi: bcm2835: Unbreak the build of esoteric configs (bsc#1051510).
- splice: do not read more than available pipe space (bsc#1119212).
- staging: bcm2835-camera: Abort probe if there is no camera (bsc#1051510).
- staging:iio:ad7606: fix voltage scales (bsc#1051510).
- staging: rtl8712: Fix possible buffer overrun (bsc#1051510).
- staging: rtl8723bs: Add missing return for cfg80211_rtw_get_station (bsc#1051510).
- staging: rtl8723bs: Fix the return value in case of error in 'rtw_wx_read32()' (bsc#1051510).
- staging: rts5208: fix gcc-8 logic error warning (bsc#1051510).
- staging: vchiq_arm: fix compat VCHIQ_IOC_AWAIT_COMPLETION (bsc#1051510).
- staging: wilc1000: fix missing read_write setting when reading data (bsc#1051510).
- SUNRPC: Allow connect to return EHOSTUNREACH (git-fixes).
- sunrpc: Do not use stack buffer with scatterlist (git-fixes).
- sunrpc: Fix rpc_task_begin trace point (git-fixes).
- SUNRPC: Fix tracepoint storage issues with svc_recv and svc_rqst_status (git-fixes).
- supported.conf: add raspberrypi-ts driver
- supported.conf: whitelist bluefield eMMC driver
- target: fix buffer offset in core_scsi3_pri_read_full_status (bsc1117349).
- target/iscsi: avoid NULL dereference in CHAP auth error path (bsc#1117165).
- target: se_dev_attrib.emulate_pr ABI stability (bsc#1091405).
- tcp: do not restart timewait timer on rst reception (networking-stable-18_09_11).
- team: no need to do team_notify_peers or team_mcast_rejoin when disabling port (bsc#1051510).
- termios, tty/tty_baudrate.c: fix buffer overrun (bsc#1051510).
- test_firmware: fix error return getting clobbered (bsc#1051510).
- test_hexdump: use memcpy instead of strncpy (bsc#1051510).
- tg3: Add PHY reset for 5717/5719/5720 in change ring and flow control paths (networking-stable-18_11_21).
- thermal: bcm2835: enable hwmon explicitly (bsc#1108468).
- thermal: da9062/61: Prevent hardware access during system suspend (bsc#1051510).
- thermal: rcar_thermal: Prevent hardware access during system suspend (bsc#1051510).
- tipc: do not assume linear buffer when reading ancillary data (networking-stable-18_11_21).
- tipc: fix a missing rhashtable_walk_exit() (networking-stable-18_09_11).
- tipc: fix flow control accounting for implicit connect (networking-stable-18_10_16).
- tmpfs: make lseek(SEEK_DATA/SEK_HOLE) return ENXIO with a negative offset (bsc#1051510).
- tools: hv: fcopy: set 'error' in case an unknown operation was requested (git-fixes).
- tools: hv: include string.h in hv_fcopy_daemon (git-fixes).
- tools/lib/lockdep: Rename 'trywlock' into 'trywrlock' (bsc#1121973).
- tools/power/cpupower: fix compilation with STATIC=true (git-fixes).
- tools/power turbostat: fix possible sprintf buffer overflow (git-fixes).
- tpm2-cmd: allow more attempts for selftest execution (bsc#1082555).
- tpm: add retry logic (bsc#1082555).
- tpm: consolidate the TPM startup code (bsc#1082555).
- tpm: do not suspend/resume if power stays on (bsc#1082555).
- tpm: fix intermittent failure with self tests (bsc#1082555).
- tpm: fix response size validation in tpm_get_random() (bsc#1082555).
- tpm: move endianness conversion of ordinals to tpm_input_header (bsc#1082555).
- tpm: move endianness conversion of TPM_TAG_RQU_COMMAND to tpm_input_header (bsc#1082555).
- tpm: move the delay_msec increment after sleep in tpm_transmit() (bsc#1082555).
- tpm: React correctly to RC_TESTING from TPM 2.0 self tests (bsc#1082555).
- tpm: replace msleep() with usleep_range() in TPM 1.2/2.0 generic drivers (bsc#1082555).
- tpm: Restore functionality to xen vtpm driver (bsc#1082555).
- tpm: self test failure should not cause suspend to fail (bsc#1082555).
- tpm: tpm-interface: fix tpm_transmit/_cmd kdoc (bsc#1082555).
- tpm: Trigger only missing TPM 2.0 self tests (bsc#1082555).
- tpm: Use dynamic delay to wait for TPM 2.0 self test result (bsc#1082555).
- tpm: use tpm2_pcr_read() in tpm2_do_selftest() (bsc#1082555).
- tpm: use tpm_buf functions in tpm2_pcr_read() (bsc#1082555).
- tracing: Apply trace_clock changes to instance max buffer (bsc#1117188).
- tracing/blktrace: Fix to allow setting same value (Git-fixes).
- tracing: Erase irqsoff trace with empty write (bsc#1117189).
- tracing: Fix bad use of igrab in trace_uprobe.c (bsc#1120046).
- tracing: Fix crash when freeing instances with event triggers (bsc#1120230).
- tracing: Fix crash when it fails to alloc ring buffer (bsc#1120097).
- tracing: Fix double free of event_trigger_data (bsc#1120234).
- tracing: Fix missing return symbol in function_graph output (bsc#1120232).
- tracing: Fix possible double free in event_enable_trigger_func() (bsc#1120235).
- tracing: Fix possible double free on failure of allocating trace buffer (bsc#1120214).
- tracing: Fix regex_match_front() to not over compare the test string (bsc#1120223).
- tracing: Fix trace_pipe behavior for instance traces (bsc#1120088).
- tracing: Remove RCU work arounds from stack tracer (bsc#1120092).
- tracing/samples: Fix creation and deletion of simple_thread_fn creation (git-fixes).
- tty: check name length in tty_find_polling_driver() (bsc#1051510).
- tty: Do not hold ldisc lock in tty_reopen() if ldisc present (bsc#1051510).
- tty: Do not return -EAGAIN in blocking read (bsc#1116040).
- tty: do not set TTY_IO_ERROR flag if console port (bsc#1051510).
- tty: serial: 8250_mtk: always resume the device in probe (bsc#1051510).
- tty: wipe buffer (bsc#1051510).
- tty: wipe buffer if not echoing data (bsc#1051510).
- tun: Consistently configure generic netdev params via rtnetlink (bsc#1051510).
- tuntap: fix multiqueue rx (networking-stable-18_11_21).
- ubifs: Handle re-linking of inodes correctly while recovery (bsc#1120598).
- udf: Allow mounting volumes with incorrect identification strings (bsc#1118774).
- udp4: fix IP_CMSG_CHECKSUM for connected sockets (networking-stable-18_09_24).
- udp6: add missing checks on edumux packet processing (networking-stable-18_09_24).
- udp6: fix encap return code for resubmitting (git-fixes).
- uio: ensure class is registered before devices (bsc#1051510).
- uio: Fix an Oops on load (bsc#1051510).
- uio: make symbol 'uio_class_registered' static (bsc#1051510).
- unifdef: use memcpy instead of strncpy (bsc#1051510).
- Update config files. Enabled ENA (Amazon network driver) for arm64.
- usb: appledisplay: Add 27' Apple Cinema Display (bsc#1051510).
- usb: cdc-acm: add entry for Hiro (Conexant) modem (bsc#1051510).
- usb: core: Fix hub port connection events lost (bsc#1051510).
- usb: core: quirks: add RESET_RESUME quirk for Cherry G230 Stream series (bsc#1051510).
- usb: dwc2: host: do not delay retries for CONTROL IN transfers (bsc#1114385).
- usb: dwc2: host: Do not retry NAKed transactions right away (bsc#1114385).
- usb: dwc2: host: use hrtimer for NAK retries (git-fixes).
- usb: dwc3: core: Clean up ULPI device (bsc#1051510).
- usb: dwc3: gadget: fix ISOC TRB type on unaligned transfers (bsc#1051510).
- usb: dwc3: gadget: Properly check last unaligned/zero chain TRB (bsc#1051510).
- usb: gadget: storage: Fix Spectre v1 vulnerability (bsc#1051510).
- usb: gadget: udc: atmel: handle at91sam9rl PMC (bsc#1051510).
- usb: gadget: u_ether: fix unsafe list iteration (bsc#1051510).
- usb: host: ohci-at91: fix request of irq for optional gpio (bsc#1051510).
- usb: hso: Fix OOB memory access in hso_probe/hso_get_config_data (bsc#1051510).
- usbip: vhci_hcd: check rhport before using in vhci_hub_control() (bsc#1090888).
- usbip:vudc: BUG kmalloc-2048 (Not tainted): Poison overwritten (bsc#1051510).
- usb: misc: appledisplay: add 20' Apple Cinema Display (bsc#1051510).
- usbnet: smsc95xx: disable carrier check while suspending (bsc#1051510).
- usb: omap_udc: fix crashes on probe error and module removal (bsc#1051510).
- usb: omap_udc: fix omap_udc_start() on 15xx machines (bsc#1051510).
- usb: omap_udc: fix rejection of out transfers when DMA is used (bsc#1051510).
- usb: omap_udc: fix USB gadget functionality on Palm Tungsten E (bsc#1051510).
- usb: omap_udc: use devm_request_irq() (bsc#1051510).
- usb: quirk: add no-LPM quirk on SanDisk Ultra Flair device (bsc#1051510).
- usb: quirks: Add delay-init quirk for Corsair K70 LUX RGB (bsc#1051510).
- usb: quirks: Add no-lpm quirk for Raydium touchscreens (bsc#1051510).
- usb: serial: option: add Fibocom NL668 series (bsc#1051510).
- usb: serial: option: add GosunCn ZTE WeLink ME3630 (bsc#1051510).
- usb: serial: option: add HP lt4132 (bsc#1051510).
- usb: serial: option: add Simcom SIM7500/SIM7600 (MBIM mode) (bsc#1051510).
- usb: serial: option: add Telit LN940 series (bsc#1051510).
- usb: serial: option: add two-endpoints device-id flag (bsc#1051510).
- usb: serial: option: drop redundant interface-class test (bsc#1051510).
- usb: serial: option: improve Quectel EP06 detection (bsc#1051510).
- usb: usbip: Fix BUG: KASAN: slab-out-of-bounds in vhci_hub_control() (bsc#1106110).
- usb: usb-storage: Add new IDs to ums-realtek (bsc#1051510).
- usb: xhci: fix timeout for transition from RExit to U0 (bsc#1051510).
- usb: xhci: fix uninitialized completion when USB3 port got wrong status (bsc#1051510).
- usb: xhci: Prevent bus suspend if a port connect change or polling state is detected (bsc#1051510).
- userfaultfd: clear the vma->vm_userfaultfd_ctx if UFFD_EVENT_FORK fails (bsc#1118761).
- userfaultfd: remove uffd flags from vma->vm_flags if UFFD_EVENT_FORK fails (bsc#1118809).
- v9fs_dir_readdir: fix double-free on p9stat_read error (bsc#1118771).
- vfs: Avoid softlockups in drop_pagecache_sb() (bsc#1118505).
- vhost: Fix Spectre V1 vulnerability (bsc#1051510).
- vhost/scsi: truncate T10 PI iov_iter to prot_bytes (bsc#1051510).
- virtio_net: avoid using netif_tx_disable() for serializing tx routine (networking-stable-18_11_02).
- VMCI: Resource wildcard match fixed (bsc#1051510).
- w1: omap-hdq: fix missing bus unregister at removal (bsc#1051510).
- watchdog/core: Add missing prototypes for weak functions (git-fixes).
- wireless: airo: potential buffer overflow in sprintf() (bsc#1051510).
- wlcore: Fix the return value in case of error in 'wlcore_vendor_cmd_smart_config_start()' (bsc#1051510).
- x86/bugs: Add AMD's SPEC_CTRL MSR usage (bsc#1106913).
- x86/bugs: Fix the AMD SSBD usage of the SPEC_CTRL MSR (bsc#1106913).
- x86/bugs: Switch the selection of mitigation from CPU vendor to CPU features (bsc#1106913).
- x86/corruption-check: Fix panic in memory_corruption_check() when boot option without value is provided (bsc#1110006).
- x86/cpu/vmware: Do not trace vmware_sched_clock() (bsc#1114279).
- x86/decoder: Fix and update the opcodes map (bsc#1058115).
- x86, hibernate: Fix nosave_regions setup for hibernation (bsc#1110006).
- x86/irq: implement irq_data_get_effective_affinity_mask() for v4.12 (bsc#1109772).
- x86/kabi: Fix cpu_tlbstate issue (bsc#1106913).
- x86/l1tf: Show actual SMT state (bsc#1106913).
- x86/ldt: Remove unused variable in map_ldt_struct() (bsc#1114279).
- x86/ldt: Split out sanity check in map_ldt_struct() (bsc#1114279).
- x86/ldt: Unmap PTEs for the slot before freeing LDT pages (bsc#1114279).
- x86/MCE/AMD: Fix the thresholding machinery initialization order (bsc#1114279).
- x86/MCE: Make correctable error detection look at the Deferred bit (bsc#1114279).
- x86/mm: Fix decoy address handling vs 32-bit builds (bsc#1120606).
- x86/mm/pat: Disable preemption around __flush_tlb_all() (bsc#1114279).
- x86/PCI: Add additional VMD device root ports to VMD AER quirk (bsc#1120058).
- x86/PCI: Add 'pci=big_root_window' option for AMD 64-bit windows (bsc#1120058).
- x86/PCI: Apply VMD's AERSID fixup generically (bsc#1120058).
- x86/PCI: Avoid AMD SB7xx EHCI USB wakeup defect (bsc#1120058).
- x86/PCI: Enable a 64bit BAR on AMD Family 15h (Models 00-1f, 30-3f, 60-7f) (bsc#1120058).
- x86/PCI: Enable AMD 64-bit window on resume (bsc#1120058).
- x86/PCI: Fix infinite loop in search for 64bit BAR placement (bsc#1120058).
- x86/PCI: Move and shrink AMD 64-bit window to avoid conflict (bsc#1120058).
- x86/PCI: Move VMD quirk to x86 fixups (bsc#1120058).
- x86/PCI: Only enable a 64bit BAR on single-socket AMD Family 15h (bsc#1120058).
- x86/PCI: Use is_vmd() rather than relying on the domain number (bsc#1120058).
- x86/process: Consolidate and simplify switch_to_xtra() code (bsc#1106913).
- x86/pti: Document fix wrong index (git-fixes).
- x86/retpoline: Make CONFIG_RETPOLINE depend on compiler support (bsc#1106913).
- x86/retpoline: Remove minimal retpoline support (bsc#1106913).
- x86/speculataion: Mark command line parser data __initdata (bsc#1106913).
- x86/speculation: Add command line control for indirect branch speculation (bsc#1106913).
- x86/speculation: Add prctl() control for indirect branch speculation (bsc#1106913).
- x86/speculation: Add seccomp Spectre v2 user space protection mode (bsc#1106913).
- x86/speculation: Apply IBPB more strictly to avoid cross-process data leak (bsc#1106913).
- x86/speculation: Avoid __switch_to_xtra() calls (bsc#1106913).
- x86/speculation: Clean up spectre_v2_parse_cmdline() (bsc#1106913).
- x86/speculation: Disable STIBP when enhanced IBRS is in use (bsc#1106913).
- x86/speculation: Enable cross-hyperthread spectre v2 STIBP mitigation (bsc#1106913).
- x86/speculation: Enable prctl mode for spectre_v2_user (bsc#1106913).
- x86/speculation/l1tf: Drop the swap storage limit restriction when l1tf=off (bnc#1114871).
- x86/speculation: Mark string arrays const correctly (bsc#1106913).
- x86/speculation: Move STIPB/IBPB string conditionals out of cpu_show_common() (bsc#1106913).
- x86/speculation: Prepare arch_smt_update() for PRCTL mode (bsc#1106913).
- x86/speculation: Prepare for conditional IBPB in switch_mm() (bsc#1106913).
- x86/speculation: Prepare for per task indirect branch speculation control (bsc#1106913).
- x86/speculation: Prevent stale SPEC_CTRL msr content (bsc#1106913).
- x86/speculation: Propagate information about RSB filling mitigation to sysfs (bsc#1106913).
- x86/speculation: Provide IBPB always command line options (bsc#1106913).
- x86/speculation: Remove unnecessary ret variable in cpu_show_common() (bsc#1106913).
- x86/speculation: Rename SSBD update functions (bsc#1106913).
- x86/speculation: Reorder the spec_v2 code (bsc#1106913).
- x86/speculation: Reorganize speculation control MSRs update (bsc#1106913).
- x86/speculation: Rework SMT state change (bsc#1106913).
- x86/speculation: Split out TIF update (bsc#1106913).
- x86/speculation: Support Enhanced IBRS on future CPUs ().
- x86/speculation: Unify conditional spectre v2 print functions (bsc#1106913).
- x86/speculation: Update the TIF_SSBD comment (bsc#1106913).
- x86/xen: Fix boot loader version reported for PVH guests (bnc#1065600).
- xen/balloon: Support xend-based toolstack (bnc#1065600).
- xen/blkfront: avoid NULL blkfront_info dereference on device removal (bsc#1111062).
- xen: fix race in xen_qlock_wait() (bnc#1107256).
- xen: fix xen_qlock_wait() (bnc#1107256).
- xen: make xen_qlock_wait() nestable (bnc#1107256).
- xen/netfront: do not bug in case of too many frags (bnc#1104824).
- xen/netfront: tolerate frags with no data (bnc#1119804).
- xen/pvh: do not try to unplug emulated devices (bnc#1065600).
- xen/pvh: increase early stack size (bnc#1065600).
- xen-swiotlb: use actually allocated size on check physical continuous (bnc#1065600).
- xen/x86: add diagnostic printout to xen_mc_flush() in case of error (bnc#1116183).
- xfs: Align compat attrlist_by_handle with native implementation (git-fixes).
- xfs: Fix error code in 'xfs_ioc_getbmap()' (git-fixes).
- xfs: fix quotacheck dquot id overflow infinite loop (bsc#1121621).
- xfs: Fix xqmstats offsets in /proc/fs/xfs/xqmstat (git-fixes).
- xfs: Properly detect when DAX won't be used on any device (bsc#1115976).
- xfs: xfs_buf: drop useless LIST_HEAD (git-fixes).
- xhci: Add check for invalid byte size error when UAS devices are connected (bsc#1051510).
- xhci: Add quirk to workaround the errata seen on Cavium Thunder-X2 Soc (bsc#1117162).
- xhci: Do not prevent USB2 bus suspend in state check intended for USB3 only (bsc#1051510).
- xhci: Fix leaking USB3 shared_hcd at xhci removal (bsc#1051510).
- xhci: Prevent U1/U2 link pm states if exit latency is too long (bsc#1051510).
- xprtrdma: Do not defer fencing an async RPC's chunks (git-fixes).
Patchnames
SUSE-2019-150,SUSE-SLE-Module-Public-Cloud-15-2019-150
Terms of use
CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).
{
"document": {
"aggregate_severity": {
"namespace": "https://www.suse.com/support/security/rating/",
"text": "important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright 2024 SUSE LLC. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "Security update for the Linux Kernel",
"title": "Title of the patch"
},
{
"category": "description",
"text": "The SUSE Linux Enterprise 15 kernel for Azure was updated to receive various security and bugfixes.\n\nThe following security bugs were fixed:\n\n- CVE-2018-9568: In sk_clone_lock of sock.c, there is a possible memory corruption due to type confusion. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation. (bnc#1118319).\n- CVE-2018-12232: In net/socket.c there is a race condition between fchownat and close in cases where they target the same socket file descriptor, related to the sock_close and sockfs_setattr functions. fchownat did not increment the file descriptor reference count, which allowed close to set the socket to NULL during fchownat\u0027s execution, leading to a NULL pointer dereference and system crash (bnc#1097593).\n- CVE-2018-14625: A flaw was found where an attacker may be able to have an uncontrolled read to kernel-memory from within a vm guest. A race condition between connect() and close() function may allow an attacker using the AF_VSOCK protocol to gather a 4 byte information leak or possibly intercept or corrupt AF_VSOCK messages destined to other clients (bnc#1106615).\n- CVE-2018-16862: A security flaw was found in the way that the cleancache subsystem clears an inode after the final file truncation (removal). The new file created with the same inode may contain leftover pages from cleancache and the old file data instead of the new one (bnc#1117186).\n- CVE-2018-16884: NFS41+ shares mounted in different network namespaces at the same time can make bc_svc_process() use wrong back-channel IDs and cause a use-after-free vulnerability. Thus a malicious container user can cause a host kernel memory corruption and a system panic. Due to the nature of the flaw, privilege escalation cannot be fully ruled out (bnc#1119946).\n- CVE-2018-18281: The mremap() syscall performs TLB flushes after dropping pagetable locks. If a syscall such as ftruncate() removes entries from the pagetables of a task that is in the middle of mremap(), a stale TLB entry can remain for a short time that permits access to a physical page after it has been released back to the page allocator and reused. (bnc#1113769).\n- CVE-2018-18397: The userfaultfd implementation mishandled access control for certain UFFDIO_ ioctl calls, as demonstrated by allowing local users to write data into holes in a tmpfs file (if the user has read-only access to that file, and that file contains holes), related to fs/userfaultfd.c and mm/userfaultfd.c (bnc#1117656).\n- CVE-2018-19407: The vcpu_scan_ioapic function in arch/x86/kvm/x86.c allowed local users to cause a denial of service (NULL pointer dereference and BUG) via crafted system calls that reach a situation where ioapic is uninitialized (bnc#1116841).\n- CVE-2018-19824: A local user could exploit a use-after-free in the ALSA driver by supplying a malicious USB Sound device (with zero interfaces) that is mishandled in usb_audio_probe in sound/usb/card.c (bnc#1118152).\n- CVE-2018-19854: An issue was discovered in the crypto_report_one() and related functions in crypto/crypto_user.c (the crypto user configuration API) do not fully initialize structures that are copied to userspace, potentially leaking sensitive memory to user programs. NOTE: this is a CVE-2013-2547 regression but with easier exploitability because the attacker did not need a capability (however, the system must have the CONFIG_CRYPTO_USER kconfig option) (bnc#1118428).\n- CVE-2018-19985: The function hso_probe read if_num from the USB device (as an u8) and used it without a length check to index an array, resulting in an OOB memory read in hso_probe or hso_get_config_data that could be used by local attackers (bnc#1120743).\n- CVE-2018-20169: The USB subsystem mishandled size checks during the reading of an extra descriptor, related to __usb_get_extra_descriptor in drivers/usb/core/usb.c (bnc#1119714).\n\nThe following non-security bugs were fixed:\n\n- ACPI/APEI: Handle GSIV and GPIO notification types (bsc#1115567).\n- ACPICA: Tables: Add WSMT support (bsc#1089350).\n- ACPI / CPPC: Check for valid PCC subspace only if PCC is used (bsc#1117115).\n- ACPI / CPPC: Update all pr_(debug/err) messages to log the susbspace id (bsc#1117115).\n- ACPI/IORT: Fix iort_get_platform_device_domain() uninitialized pointer value (bsc#1051510).\n- ACPI / LPSS: Add alternative ACPI HIDs for Cherry Trail DMA controllers (bsc#1051510).\n- ACPI, nfit: Fix ARS overflow continuation (bsc#1116895).\n- ACPI/nfit, x86/mce: Handle only uncorrectable machine checks (bsc#1114279).\n- ACPI/nfit, x86/mce: Validate a MCE\u0027s address before using it (bsc#1114279).\n- ACPI / platform: Add SMB0001 HID to forbidden_id_list (bsc#1051510).\n- ACPI / watchdog: Prefer iTCO_wdt always when WDAT table uses RTC SRAM (bsc#1051510).\n- act_ife: fix a potential use-after-free (networking-stable-18_09_11).\n- aio: fix spectre gadget in lookup_ioctx (bsc#1120594).\n- ALSA: ac97: Fix incorrect bit shift at AC97-SPSA control write (bsc#1051510).\n- ALSA: ca0106: Disable IZD on SB0570 DAC to fix audio pops (bsc#1051510).\n- ALSA: control: Fix race between adding and removing a user element (bsc#1051510).\n- ALSA: cs46xx: Potential NULL dereference in probe (bsc#1051510).\n- ALSA: emu10k1: Fix potential Spectre v1 vulnerabilities (bsc#1051510).\n- ALSA: emux: Fix potential Spectre v1 vulnerabilities (bsc#1051510).\n- ALSA: fireface: fix for state to fetch PCM frames (bsc#1051510).\n- ALSA: fireface: fix reference to wrong register for clock configuration (bsc#1051510).\n- ALSA: firewire-lib: fix wrong assignment for \u0027out_packet_without_header\u0027 tracepoint (bsc#1051510).\n- ALSA: firewire-lib: fix wrong handling payload_length as payload_quadlet (bsc#1051510).\n- ALSA: firewire-lib: use the same print format for \u0027without_header\u0027 tracepoints (bsc#1051510).\n- ALSA: hda: Add ASRock N68C-S UCC the power_save blacklist (bsc#1051510).\n- ALSA: hda: add mute LED support for HP EliteBook 840 G4 (bsc#1051510).\n- ALSA: hda: Add support for AMD Stoney Ridge (bsc#1051510).\n- ALSA: hda/ca0132 - Call pci_iounmap() instead of iounmap() (bsc#1051510).\n- ALSA: hda/ca0132 - make pci_iounmap() call conditional (bsc#1051510).\n- ALSA: hda: fix front speakers on Huawei MBXP (bsc#1051510).\n- ALSA: hda/realtek - Add auto-mute quirk for HP Spectre x360 laptop (bsc#1051510).\n- ALSA: hda/realtek - Add GPIO data update helper (bsc#1051510).\n- ALSA: hda/realtek - Add support for Acer Aspire C24-860 headset mic (bsc#1051510).\n- ALSA: hda/realtek - Add unplug function into unplug state of Headset Mode for ALC225 (bsc#1051510).\n- ALSA: hda/realtek: ALC286 mic and headset-mode fixups for Acer Aspire U27-880 (bsc#1051510).\n- ALSA: hda/realtek: ALC294 mic and headset-mode fixups for ASUS X542UN (bsc#1051510).\n- ALSA: hda/realtek - Allow skipping spec-\u003einit_amp detection (bsc#1051510).\n- ALSA: hda/realtek - Disable headset Mic VREF for headset mode of ALC225 (bsc#1051510).\n- ALSA: hda/realtek: Enable audio jacks of ASUS UX391UA with ALC294 (bsc#1051510).\n- ALSA: hda/realtek: Enable audio jacks of ASUS UX433FN/UX333FA with ALC294 (bsc#1051510).\n- ALSA: hda/realtek: Enable audio jacks of ASUS UX533FD with ALC294 (bsc#1051510).\n- ALSA: hda/realtek: Enable the headset mic auto detection for ASUS laptops (bsc#1051510).\n- ALSA: hda/realtek - Fixed headphone issue for ALC700 (bsc#1051510).\n- ALSA: hda/realtek - fix headset mic detection for MSI MS-B171 (bsc#1051510).\n- ALSA: hda/realtek - Fix HP Headset Mic can\u0027t record (bsc#1051510).\n- ALSA: hda/realtek: Fix mic issue on Acer AIO Veriton Z4660G (bsc#1051510).\n- ALSA: hda/realtek: Fix mic issue on Acer AIO Veriton Z4860G/Z6860G (bsc#1051510).\n- ALSA: hda/realtek - Fix speaker output regression on Thinkpad T570 (bsc#1051510).\n- ALSA: hda/realtek - Fix the mute LED regresion on Lenovo X1 Carbon (bsc#1051510).\n- ALSA: hda/realtek - fix the pop noise on headphone for lenovo laptops (bsc#1051510).\n- ALSA: hda/realtek - Manage GPIO bits commonly (bsc#1051510).\n- ALSA: hda/realtek - Simplify Dell XPS13 GPIO handling (bsc#1051510).\n- ALSA: hda/realtek - Support ALC300 (bsc#1051510).\n- ALSA: hda/realtek - Support Dell headset mode for New AIO platform (bsc#1051510).\n- ALSA: hda/tegra: clear pending irq handlers (bsc#1051510).\n- ALSA: oss: Use kvzalloc() for local buffer allocations (bsc#1051510).\n- ALSA: pcm: Call snd_pcm_unlink() conditionally at closing (bsc#1051510).\n- ALSA: pcm: Fix interval evaluation with openmin/max (bsc#1051510).\n- ALSA: pcm: Fix potential Spectre v1 vulnerability (bsc#1051510).\n- ALSA: pcm: Fix starvation on down_write_nonblock() (bsc#1051510).\n- ALSA: rme9652: Fix potential Spectre v1 vulnerability (bsc#1051510).\n- ALSA: sparc: Fix invalid snd_free_pages() at error path (bsc#1051510).\n- ALSA: trident: Suppress gcc string warning (bsc#1051510).\n- ALSA: usb-audio: Add SMSL D1 to quirks for native DSD support (bsc#1051510).\n- ALSA: usb-audio: Add support for Encore mDSD USB DAC (bsc#1051510).\n- ALSA: usb-audio: Add vendor and product name for Dell WD19 Dock (bsc#1051510).\n- ALSA: usb-audio: Avoid access before bLength check in build_audio_procunit() (bsc#1051510).\n- ALSA: usb-audio: Fix an out-of-bound read in create_composite_quirks (bsc#1051510).\n- ALSA: wss: Fix invalid snd_free_pages() at error path (bsc#1051510).\n- ALSA: x86: Fix runtime PM for hdmi-lpe-audio (bsc#1051510).\n- amd/iommu: Fix Guest Virtual APIC Log Tail Address Register (bsc#1106105).\n- apparmor: do not try to replace stale label in ptrace access check (git-fixes).\n- apparmor: do not try to replace stale label in ptraceme check (git-fixes).\n- apparmor: Fix uninitialized value in aa_split_fqname (git-fixes).\n- arm64: Add work around for Arm Cortex-A55 Erratum 1024718 (bsc#1120612).\n- arm64: atomics: Remove \u0027\u0026\u0027 from \u0027+\u0026\u0027 asm constraint in lse atomics (bsc#1120613).\n- arm64: cpu_errata: include required headers (bsc#1120615).\n- arm64: dma-mapping: Fix FORCE_CONTIGUOUS buffer clearing (bsc#1120633).\n- arm64: Fix /proc/iomem for reserved but not memory regions (bsc#1120632).\n- arm64: KVM: Move CPU ID reg trap setup off the world switch path (bsc#1110998).\n- arm64: KVM: Sanitize PSTATE.M when being set from userspace (bsc#1110998).\n- arm64: KVM: Tighten guest core register access from userspace (bsc#1110998).\n- arm64: lse: Add early clobbers to some input/output asm operands (bsc#1120614).\n- arm64: lse: remove -fcall-used-x0 flag (bsc#1120618).\n- arm64: mm: always enable CONFIG_HOLES_IN_ZONE (bsc#1120617).\n- arm64/numa: Report correct memblock range for the dummy node (bsc#1120620).\n- arm64/numa: Unify common error path in numa_init() (bsc#1120621).\n- arm64: remove no-op -p linker flag (bsc#1120616).\n- arm: dts: at91: add new compatibility string for macb on sama5d3 (bsc#1051510).\n- ASoC: dapm: Recalculate audio map forcely when card instantiated (bsc#1051510).\n- ASoC: dwc: Added a quirk DW_I2S_QUIRK_16BIT_IDX_OVERRIDE to dwc (bsc#1085535)\n- ASoC: Intel: cht_bsw_max98090: add support for Baytrail (bsc#1051510).\n- ASoC: intel: cht_bsw_max98090_ti: Add pmc_plt_clk_0 quirk for Chromebook Clapper (bsc#1051510).\n- ASoC: intel: cht_bsw_max98090_ti: Add pmc_plt_clk_0 quirk for Chromebook Gnawty (bsc#1051510).\n- ASoC: intel: cht_bsw_max98090_ti: Add quirk for boards using pmc_plt_clk_0 (bsc#1051510).\n- ASoC: Intel: mrfld: fix uninitialized variable access (bsc#1051510).\n- ASoC: omap-abe-twl6040: Fix missing audio card caused by deferred probing (bsc#1051510).\n- ASoC: omap-dmic: Add pm_qos handling to avoid overruns with CPU_IDLE (bsc#1051510).\n- ASoC: omap-mcbsp: Fix latency value calculation for pm_qos (bsc#1051510).\n- ASoC: omap-mcpdm: Add pm_qos handling to avoid under/overruns with CPU_IDLE (bsc#1051510).\n- ASoC: rsnd: fixup clock start checker (bsc#1051510).\n- ASoC: sun8i-codec: fix crash on module removal (bsc#1051510).\n- ASoC: wm_adsp: Fix dma-unsafe read of scratch registers (bsc#1051510).\n- ata: Fix racy link clearance (bsc#1107866).\n- ataflop: fix error handling during setup (bsc#1051510).\n- ath10k: do not assume this is a PCI dev in generic code (bsc#1051510).\n- ath10k: schedule hardware restart if WMI command times out (bsc#1051510).\n- ath6kl: Only use match sets when firmware supports it (bsc#1051510).\n- b43: Fix error in cordic routine (bsc#1051510).\n- batman-adv: Expand merged fragment buffer for full packet (bsc#1051510).\n- batman-adv: Use explicit tvlv padding for ELP packets (bsc#1051510).\n- bcache: fix miss key refill-\u003eend in writeback (Git-fixes).\n- bcache: trace missed reading by cache_missed (Git-fixes).\n- bitops: protect variables in bit_clear_unless() macro (bsc#1051510).\n- bitops: protect variables in set_mask_bits() macro (bsc#1051510).\n- blk-mq: remove synchronize_rcu() from blk_mq_del_queue_tag_set() (Git-fixes).\n- block: allow max_discard_segments to be stacked (Git-fixes).\n- block: blk_init_allocated_queue() set q-\u003efq as NULL in the fail case (Git-fixes).\n- block: copy ioprio in __bio_clone_fast() (bsc#1082653).\n- block: really disable runtime-pm for blk-mq (Git-fixes).\n- block: reset bi_iter.bi_done after splitting bio (Git-fixes).\n- block: respect virtual boundary mask in bvecs (bsc#1113412).\n- block/swim: Fix array bounds check (Git-fixes).\n- Bluetooth: btbcm: Add entry for BCM4335C0 UART bluetooth (bsc#1051510).\n- Bluetooth: SMP: fix crash in unpairing (bsc#1051510).\n- bnxt_en: do not try to offload VLAN \u0027modify\u0027 action (bsc#1050242 ).\n- bnxt_en: Fix enables field in HWRM_QUEUE_COS2BW_CFG request (bsc#1086282).\n- bnxt_en: Fix TX timeout during netpoll (networking-stable-18_10_16).\n- bnxt_en: Fix VNIC reservations on the PF (bsc#1086282 ).\n- bnxt_en: free hwrm resources, if driver probe fails (networking-stable-18_10_16).\n- bnxt_en: get the reduced max_irqs by the ones used by RDMA (bsc#1050242).\n- bonding: avoid possible dead-lock (networking-stable-18_10_16).\n- bonding: fix length of actor system (networking-stable-18_11_02).\n- bonding: fix warning message (networking-stable-18_10_16).\n- bonding: pass link-local packets to bonding master also (networking-stable-18_10_16).\n- bpf: fix check of allowed specifiers in bpf_trace_printk (bsc#1083647).\n- bpf: fix partial copy of map_ptr when dst is scalar (bsc#1083647).\n- bpf, net: add skb_mac_header_len helper (networking-stable-18_09_24).\n- bpf: use per htab salt for bucket hash (git-fixes).\n- bpf: wait for running BPF programs when updating map-in-map (bsc#1083647).\n- brcmfmac: fix for proper support of 160MHz bandwidth (bsc#1051510).\n- brcmfmac: fix reporting support for 160 MHz channels (bsc#1051510).\n- brcmutil: really fix decoding channel info for 160 MHz bandwidth (bsc#1051510).\n- bridge: do not add port to router list when receives query with source 0.0.0.0 (networking-stable-18_11_02).\n- Btrfs: Always try all copies when reading extent buffers (git-fixes).\n- Btrfs: delete dead code in btrfs_orphan_add() (bsc#1111469).\n- Btrfs: delete dead code in btrfs_orphan_commit_root() (bsc#1111469).\n- Btrfs: do not BUG_ON() in btrfs_truncate_inode_items() (bsc#1111469).\n- Btrfs: do not check inode\u0027s runtime flags under root-\u003eorphan_lock (bsc#1111469).\n- Btrfs: do not return ino to ino cache if inode item removal fails (bsc#1111469).\n- Btrfs: fix assertion failure during fsync in no-holes mode (bsc#1118136).\n- Btrfs: fix assertion on fsync of regular file when using no-holes feature (bsc#1118137).\n- Btrfs: fix cur_offset in the error case for nocow (bsc#1118140).\n- Btrfs: fix data corruption due to cloning of eof block (bsc#1116878).\n- Btrfs: fix deadlock on tree root leaf when finding free extent (bsc#1116876).\n- Btrfs: fix deadlock when writing out free space caches (bsc#1116700).\n- Btrfs: fix ENOSPC caused by orphan items reservations (bsc#1111469).\n- Btrfs: Fix error handling in btrfs_cleanup_ordered_extents (git-fixes).\n- Btrfs: fix error handling in btrfs_truncate() (bsc#1111469).\n- Btrfs: fix error handling in btrfs_truncate_inode_items() (bsc#1111469).\n- Btrfs: fix fsync of files with multiple hard links in new directories (1120173).\n- Btrfs: fix infinite loop on inode eviction after deduplication of eof block (bsc#1116877).\n- Btrfs: Fix memory barriers usage with device stats counters (git-fixes).\n- Btrfs: fix null pointer dereference on compressed write path error (bsc#1116698).\n- Btrfs: fix use-after-free during inode eviction (bsc#1116701).\n- Btrfs: fix use-after-free on root-\u003eorphan_block_rsv (bsc#1111469).\n- Btrfs: fix use-after-free when dumping free space (bsc#1116862).\n- Btrfs: fix warning when replaying log after fsync of a tmpfile (bsc#1116692).\n- Btrfs: fix wrong dentries after fsync of file that got its parent replaced (bsc#1116693).\n- Btrfs: get rid of BTRFS_INODE_HAS_ORPHAN_ITEM (bsc#1111469).\n- Btrfs: get rid of unused orphan infrastructure (bsc#1111469).\n- Btrfs: make sure we create all new block groups (bsc#1116699).\n- Btrfs: move btrfs_truncate_block out of trans handle (bsc#1111469).\n- Btrfs: protect space cache inode alloc with GFP_NOFS (bsc#1116863).\n- Btrfs: qgroup: Dirty all qgroups before rescan (bsc#1120036).\n- Btrfs: refactor btrfs_evict_inode() reserve refill dance (bsc#1111469).\n- Btrfs: renumber BTRFS_INODE_ runtime flags and switch to enums (bsc#1111469).\n- Btrfs: reserve space for O_TMPFILE orphan item deletion (bsc#1111469).\n- Btrfs: run delayed items before dropping the snapshot (bsc#1121263, bsc#1111188).\n- Btrfs: send, fix infinite loop due to directory rename dependencies (bsc#1118138).\n- Btrfs: stop creating orphan items for truncate (bsc#1111469).\n- Btrfs: tree-checker: Do not check max block group size as current max chunk size limit is unreliable (fixes for bsc#1102882, bsc#1102896, bsc#1102879, bsc#1102877, bsc#1102875).\n- Btrfs: update stale comments referencing vmtruncate() (bsc#1111469).\n- cachefiles: fix the race between cachefiles_bury_object() and rmdir(2) (bsc#1051510).\n- can: dev: __can_get_echo_skb(): Do not crash the kernel if can_priv::echo_skb is accessed out of bounds (bsc#1051510).\n- can: dev: can_get_echo_skb(): factor out non sending code to __can_get_echo_skb() (bsc#1051510).\n- can: dev: __can_get_echo_skb(): print error message, if trying to echo non existing skb (bsc#1051510).\n- can: dev: __can_get_echo_skb(): replace struct can_frame by canfd_frame to access frame length (bsc#1051510).\n- can: flexcan: flexcan_irq(): fix indention (bsc#1051510).\n- can: hi311x: Use level-triggered interrupt (bsc#1051510).\n- can: raw: check for CAN FD capable netdev in raw_sendmsg() (bsc#1051510).\n- can: rcar_can: Fix erroneous registration (bsc#1051510).\n- can: rx-offload: introduce can_rx_offload_get_echo_skb() and can_rx_offload_queue_sorted() functions (bsc#1051510).\n- cdc-acm: correct counting of UART states in serial state notification (bsc#1051510).\n- cdc-acm: do not reset notification buffer index upon urb unlinking (bsc#1051510).\n- cdrom: do not attempt to fiddle with cdo-\u003ecapability (bsc#1051510).\n- ceph: do not update importing cap\u0027s mseq when handing cap export (bsc#1121273).\n- ceph: fix dentry leak in ceph_readdir_prepopulate (bsc#1114839).\n- ceph: quota: fix null pointer dereference in quota check (bsc#1114839).\n- cfg80211: Address some corner cases in scan result channel updating (bsc#1051510).\n- cfg80211: fix use-after-free in reg_process_hint() (bsc#1051510).\n- char_dev: extend dynamic allocation of majors into a higher range (bsc#1121058).\n- char_dev: Fix off-by-one bugs in find_dynamic_major() (bsc#1121058).\n- clk: at91: Fix division by zero in PLL recalc_rate() (bsc#1051510).\n- clk: fixed-factor: fix of_node_get-put imbalance (bsc#1051510).\n- clk: fixed-rate: fix of_node_get-put imbalance (bsc#1051510).\n- clk: mmp2: fix the clock id for sdh2_clk and sdh3_clk (bsc#1051510).\n- clk: mmp: Off by one in mmp_clk_add() (bsc#1051510).\n- clk: mvebu: Off by one bugs in cp110_of_clk_get() (bsc#1051510).\n- clk: rockchip: Fix static checker warning in rockchip_ddrclk_get_parent call (bsc#1051510).\n- clk: s2mps11: Add used attribute to s2mps11_dt_match (bsc#1051510).\n- clk: s2mps11: Fix matching when built as module and DT node contains compatible (bsc#1051510).\n- clk: samsung: exynos5420: Enable PERIS clocks for suspend (bsc#1051510).\n- clockevents/drivers/i8253: Add support for PIT shutdown quirk (bsc#1051510).\n- compiler-gcc.h: Add __attribute__((gnu_inline)) to all inline declarations (git-fixes).\n- config: arm64: enable erratum 1024718\n- configfs: replace strncpy with memcpy (bsc#1051510).\n- cpufeature: avoid warning when compiling with clang (Git-fixes).\n- cpufreq / CPPC: Add cpuinfo_cur_freq support for CPPC (bsc#1117115).\n- cpufreq: CPPC: fix build in absence of v3 support (bsc#1117115).\n- cpupower: remove stringop-truncation waring (git-fixes).\n- crypto: bcm - fix normal/non key hash algorithm failure (bsc#1051510).\n- crypto: ccp - Add DOWNLOAD_FIRMWARE SEV command ().\n- crypto: ccp - Add GET_ID SEV command ().\n- crypto: ccp - Add psp enabled message when initialization succeeds ().\n- crypto: ccp - Add support for new CCP/PSP device ID ().\n- crypto: ccp - Allow SEV firmware to be chosen based on Family and Model ().\n- crypto: ccp - Fix static checker warning ().\n- crypto: ccp - Remove unused #defines ().\n- crypto: ccp - Support register differences between PSP devices ().\n- crypto: simd - correctly take reqsize of wrapped skcipher into account (bsc#1051510).\n- dasd: fix deadlock in dasd_times_out (bsc#1121477, LTC#174111).\n- dax: Check page-\u003emapping isn\u0027t NULL (bsc#1120054).\n- dax: Do not access a freed inode (bsc#1120055).\n- device property: Define type of PROPERTY_ENRTY_*() macros (bsc#1051510).\n- device property: fix fwnode_graph_get_next_endpoint() documentation (bsc#1051510).\n- disable stringop truncation warnings for now (git-fixes).\n- dm: allocate struct mapped_device with kvzalloc (Git-fixes).\n- dm cache: destroy migration_cache if cache target registration failed (Git-fixes).\n- dm cache: fix resize crash if user does not reload cache table (Git-fixes).\n- dm cache metadata: ignore hints array being too small during resize (Git-fixes).\n- dm cache metadata: save in-core policy_hint_size to on-disk superblock (Git-fixes).\n- dm cache metadata: set dirty on all cache blocks after a crash (Git-fixes).\n- dm cache: only allow a single io_mode cache feature to be requested (Git-fixes).\n- dm crypt: do not decrease device limits (Git-fixes).\n- dm: fix report zone remapping to account for partition offset (Git-fixes).\n- dm integrity: change \u0027suspending\u0027 variable from bool to int (Git-fixes).\n- dm ioctl: harden copy_params()\u0027s copy_from_user() from malicious users (Git-fixes).\n- dm linear: eliminate linear_end_io call if CONFIG_DM_ZONED disabled (Git-fixes).\n- dm linear: fix linear_end_io conditional definition (Git-fixes).\n- dm thin: handle running out of data space vs concurrent discard (Git-fixes).\n- dm thin metadata: remove needless work from __commit_transaction (Git-fixes).\n- dm thin: stop no_space_timeout worker when switching to write-mode (Git-fixes).\n- dm writecache: fix a crash due to reading past end of dirty_bitmap (Git-fixes).\n- dm writecache: report start_sector in status line (Git-fixes).\n- dm zoned: fix metadata block ref counting (Git-fixes).\n- dm zoned: fix various dmz_get_mblock() issues (Git-fixes).\n- doc/README.SUSE: correct GIT url No more gitorious, github we use.\n- Documentation/l1tf: Fix typos (bsc#1051510).\n- Documentation/l1tf: Remove Yonah processors from not vulnerable list (bsc#1051510).\n- driver/dma/ioat: Call del_timer_sync() without holding prep_lock (bsc#1051510).\n- drivers/net/usb: add device id for TP-LINK UE300 USB 3.0 Ethernet (bsc#1119749).\n- drivers/net/usb/r8152: remove the unneeded variable \u0027ret\u0027 in rtl8152_system_suspend (bsc#1119749).\n- drivers/tty: add missing of_node_put() (bsc#1051510).\n- drm/amdgpu: add missing CHIP_HAINAN in amdgpu_ucode_get_load_type (bsc#1051510).\n- drm/amdgpu/gmc8: update MC firmware for polaris (bsc#1113722)\n- drm/amdgpu: update mc firmware image for polaris12 variants (bsc#1113722)\n- drm/amdgpu: update SMC firmware image for polaris10 variants (bsc#1113722)\n- drm/ast: change resolution may cause screen blurred (boo#1112963).\n- drm/ast: fixed cursor may disappear sometimes (bsc#1051510).\n- drm/ast: Fix incorrect free on ioregs (bsc#1051510).\n- drm/ast: Remove existing framebuffers before loading driver (boo#1112963)\n- drm/dp_mst: Check if primary mstb is null (bsc#1051510).\n- drm/dp_mst: Skip validating ports during destruction, just ref (bsc#1051510).\n- drm/edid: Add 6 bpc quirk for BOE panel (bsc#1051510).\n- drm/edid: Add 6 bpc quirk for BOE panel in HP Pavilion 15-n233sl (bsc#1113722)\n- drm/fb-helper: Ignore the value of fb_var_screeninfo.pixclock (bsc#1113722)\n- drm: fb-helper: Reject all pixel format changing requests (bsc#1113722)\n- drm/i915: Do not oops during modeset shutdown after lpe audio deinit (bsc#1051510).\n- drm/i915: Do not unset intel_connector-\u003emst_port (bsc#1051510).\n- drm/i915/execlists: Apply a full mb before execution for Braswell (bsc#1113722)\n- drm/i915/execlists: Force write serialisation into context image vs execution (bsc#1051510).\n- drm/i915: Fix ilk+ watermarks when disabling pipes (bsc#1051510).\n- drm/i915/glk: Remove 99% limitation (bsc#1051510).\n- drm/i915/hdmi: Add HDMI 2.0 audio clock recovery N values (bsc#1051510).\n- drm/i915: Large page offsets for pread/pwrite (bsc#1051510).\n- drm/i915: Mark pin flags as u64 (bsc#1051510).\n- drm/i915: Skip vcpi allocation for MSTB ports that are gone (bsc#1051510).\n- drm/i915: Write GPU relocs harder with gen3 (bsc#1051510).\n- drm/ioctl: Fix Spectre v1 vulnerabilities (bsc#1113722)\n- drm/meson: add support for 1080p25 mode (bsc#1051510).\n- drm/meson: Enable fast_io in meson_dw_hdmi_regmap_config (bsc#1051510).\n- drm/meson: Fix OOB memory accesses in meson_viu_set_osd_lut() (bsc#1051510).\n- drm/nouveau: Check backlight IDs are \u003e= 0, not \u003e 0 (bsc#1051510).\n- drm/nouveau/kms: Fix memory leak in nv50_mstm_del() (bsc#1113722)\n- drm/omap: fix memory barrier bug in DMM driver (bsc#1051510).\n- drm: rcar-du: Fix external clock error checks (bsc#1113722)\n- drm: rcar-du: Fix vblank initialization (bsc#1113722)\n- drm/rockchip: Allow driver to be shutdown on reboot/kexec (bsc#1051510).\n- drm/rockchip: psr: do not dereference encoder before it is null (bsc#1113722)\n- drm: set is_master to 0 upon drm_new_set_master() failure (bsc#1113722)\n- drm/vc4: Set -\u003eis_yuv to false when num_planes == 1 (bsc#1113722)\n- drm/vc4: -\u003ex_scaling[1] should never be set to VC4_SCALING_NONE (bsc#1113722)\n- dt-bindings: add compatible string for Allwinner V3s SoC (git-fixes).\n- dt-bindings: arm: Document SoC compatible value for Armadillo-800 EVA (git-fixes).\n- dt-bindings: clock: add rk3399 DDR3 standard speed bins (git-fixes).\n- dt-bindings: clock: mediatek: add binding for fixed-factor clock axisel_d4 (git-fixes).\n- dt-bindings: iio: update STM32 timers clock names (git-fixes).\n- dt-bindings: mfd: axp20x: Add AXP806 to supported list of chips (git-fixes).\n- dt-bindings: net: Remove duplicate NSP Ethernet MAC binding document (git-fixes).\n- dt-bindings: panel: lvds: Fix path to display timing bindings (git-fixes).\n- dt-bindings: phy: sun4i-usb-phy: Add property descriptions for H3 (git-fixes).\n- dt-bindings: pwm: renesas: tpu: Fix \u0027compatible\u0027 prop description (git-fixes).\n- dt-bindings: pwm: Update STM32 timers clock names (git-fixes).\n- dt-bindings: rcar-dmac: Document missing error interrupt (git-fixes).\n- EDAC, {i7core,sb,skx}_edac: Fix uncorrected error counting (bsc#1114279).\n- EDAC, skx_edac: Fix logical channel intermediate decoding (bsc#1114279).\n- efi: Move some sysfs files to be read-only by root (bsc#1051510).\n- ethernet: fman: fix wrong of_node_put() in probe function (bsc#1119017).\n- exportfs: fix \u0027passing zero to ERR_PTR()\u0027 warning (bsc#1118773).\n- ext2: fix potential use after free (bsc#1118775).\n- ext4: add missing brelse() add_new_gdb_meta_bg()\u0027s error path (bsc#1117795).\n- ext4: add missing brelse() in set_flexbg_block_bitmap()\u0027s error path (bsc#1117794).\n- ext4: add missing brelse() update_backups()\u0027s error path (bsc#1117796).\n- ext4: avoid buffer leak in ext4_orphan_add() after prior errors (bsc#1117802).\n- ext4: avoid buffer leak on shutdown in ext4_mark_iloc_dirty() (bsc#1117801).\n- ext4: avoid possible double brelse() in add_new_gdb() on error path (bsc#1118760).\n- ext4: avoid potential extra brelse in setup_new_flex_group_blocks() (bsc#1117792).\n- ext4: fix buffer leak in __ext4_read_dirblock() on error path (bsc#1117807).\n- ext4: fix buffer leak in ext4_xattr_move_to_block() on error path (bsc#1117806).\n- ext4: fix EXT4_IOC_GROUP_ADD ioctl (bsc#1120604).\n- ext4: fix missing cleanup if ext4_alloc_flex_bg_array() fails while resizing (bsc#1117798).\n- ext4: fix possible inode leak in the retry loop of ext4_resize_fs() (bsc#1117799).\n- ext4: fix possible leak of sbi-\u003es_group_desc_leak in error path (bsc#1117803).\n- ext4: fix possible leak of s_journal_flag_rwsem in error path (bsc#1117804).\n- ext4: fix possible use after free in ext4_quota_enable (bsc#1120602).\n- ext4: fix setattr project check in fssetxattr ioctl (bsc#1117789).\n- ext4: fix use-after-free race in ext4_remount()\u0027s error path (bsc#1117791).\n- ext4: initialize retries variable in ext4_da_write_inline_data_begin() (bsc#1117788).\n- ext4: missing unlock/put_page() in ext4_try_to_write_inline_data() (bsc#1120603).\n- ext4: propagate error from dquot_initialize() in EXT4_IOC_FSSETXATTR (bsc#1117790).\n- ext4: release bs.bh before re-using in ext4_xattr_block_find() (bsc#1117805).\n- extable: Consolidate *kernel_text_address() functions (bsc#1120092).\n- extable: Enable RCU if it is not watching in kernel_text_address() (bsc#1120092).\n- fbdev: fbcon: Fix unregister crash when more than one framebuffer (bsc#1113722)\n- fbdev: fbmem: behave better with small rotated displays and many CPUs (bsc#1113722)\n- fbdev: fix broken menu dependencies (bsc#1113722)\n- firmware: add firmware_request_nowarn() - load firmware without warnings ().\n- firmware: dcdbas: Add support for WSMT ACPI table (bsc#1089350 ).\n- firmware: dcdbas: include linux/io.h (bsc#1089350).\n- Fix kABI for \u0027Ensure we commit after writeback is complete\u0027 (bsc#1111809).\n- Fix the breakage of KMP build on x86_64 (bsc#1121017) The backport of the commit 4cd24de3a098 broke KMP builds because of the failure of make kernelrelease call in spec file. Clear the blacklist and backport the fix from the upstream.\n- Fix tracing sample code warning (git-fixes).\n- floppy: fix race condition in __floppy_read_block_0() (bsc#1051510).\n- flow_dissector: do not dissect l4 ports for fragments (networking-stable-18_11_21).\n- fscache: fix race between enablement and dropping of object (bsc#1107385).\n- fscache: Fix race in fscache_op_complete() due to split atomic_sub \u0026 read (Git-fixes).\n- fscache: Pass the correct cancelled indications to fscache_op_complete() (Git-fixes).\n- fs: fix lost error code in dio_complete (bsc#1118762).\n- fs: Make extension of struct super_block transparent (bsc#1117822).\n- fsnotify: Fix busy inodes during unmount (bsc#1117822).\n- fsnotify: fix ignore mask logic in fsnotify() (bsc#1115074).\n- fs/xfs: Use %pS printk format for direct addresses (git-fixes).\n- ftrace: Fix debug preempt config name in stack_tracer_{en,dis}able (bsc#1117172).\n- ftrace: Fix kmemleak in unregister_ftrace_graph (bsc#1117181).\n- ftrace: Fix memleak when unregistering dynamic ops when tracing disabled (bsc#1117174).\n- ftrace: Remove incorrect setting of glob search field (bsc#1117184).\n- fuse: fix blocked_waitq wakeup (git-fixes).\n- fuse: fix leaked notify reply (git-fixes).\n- fuse: fix possibly missed wake-up after abort (git-fixes).\n- fuse: Fix use-after-free in fuse_dev_do_read() (git-fixes).\n- fuse: Fix use-after-free in fuse_dev_do_write() (git-fixes).\n- fuse: fix use-after-free in fuse_direct_IO() (git-fixes).\n- fuse: set FR_SENT while locked (git-fixes).\n- gcc-plugins: Add include required by GCC release 8 (git-fixes).\n- gcc-plugins: Use dynamic initializers (git-fixes).\n- genirq: Fix race on spurious interrupt detection (bsc#1051510).\n- gfs2: Do not leave s_fs_info pointing to freed memory in init_sbd (bsc#1118769).\n- gfs2: Fix loop in gfs2_rbm_find (bsc#1120601).\n- gfs2: Get rid of potential double-freeing in gfs2_create_inode (bsc#1120600).\n- gfs2_meta: -\u003emount() can get NULL dev_name (bsc#1118768).\n- gfs2: Put bitmap buffers in put_super (bsc#1118772).\n- git_sort.py: Remove non-existent remote tj/libata\n- gpio: davinci: Remove unused member of davinci_gpio_controller (git-fixes).\n- gpio: do not free unallocated ida on gpiochip_add_data_with_key() error path (bsc#1051510).\n- gpiolib-acpi: Only defer request_irq for GpioInt ACPI event handlers (bsc#1051510).\n- gpiolib: Fix return value of gpio_to_desc() stub if !GPIOLIB (bsc#1051510).\n- gpio: max7301: fix driver for use with CONFIG_VMAP_STACK (bsc#1051510).\n- gpio: mvebu: only fail on missing clk if pwm is actually to be used (bsc#1051510).\n- grace: replace BUG_ON by WARN_ONCE in exit_net hook (git-fixes).\n- gso_segment: Reset skb-\u003emac_len after modifying network header (networking-stable-18_09_24).\n- HID: Add quirk for Primax PIXART OEM mice (bsc#1119410).\n- HID: hiddev: fix potential Spectre v1 (bsc#1051510).\n- HID: input: Ignore battery reported by Symbol DS4308 (bsc#1051510).\n- HID: multitouch: Add pointstick support for Cirque Touchpad (bsc#1051510).\n- HID: uhid: forbid UHID_CREATE under KERNEL_DS or elevated privileges (bsc#1051510).\n- hv_netvsc: ignore devices that are not PCI (networking-stable-18_09_11).\n- hwmon: (core) Fix double-free in __hwmon_device_register() (bsc#1051510).\n- hwmon: (ibmpowernv) Remove bogus __init annotations (bsc#1051510).\n- hwmon: (ina2xx) Fix current value calculation (bsc#1051510).\n- hwmon (ina2xx) Fix NULL id pointer in probe() (bsc#1051510).\n- hwmon: (nct6775) Fix potential Spectre v1 (bsc#1051510).\n- hwmon: (pmbus) Fix page count auto-detection (bsc#1051510).\n- hwmon: (pwm-fan) Set fan speed to 0 on suspend (bsc#1051510).\n- hwmon: (raspberrypi) Fix initial notify (bsc#1051510).\n- hwmon: (w83795) temp4_type has writable permission (bsc#1051510).\n- hwpoison, memory_hotplug: allow hwpoisoned pages to be offlined (bnc#1116336).\n- i2c: axxia: properly handle master timeout (bsc#1051510).\n- i2c: scmi: Fix probe error on devices with an empty SMB0001 ACPI device node (bsc#1051510).\n- IB/hfi1: Add mtu check for operational data VLs (bsc#1060463 ).\n- ibmvnic: Convert reset work item mutex to spin lock ().\n- ibmvnic: fix accelerated VLAN handling ().\n- ibmvnic: fix index in release_rx_pools (bsc#1115440, bsc#1115433).\n- ibmvnic: Fix non-atomic memory allocation in IRQ context ().\n- ibmvnic: remove ndo_poll_controller ().\n- ibmvnic: Update driver queues after change in ring size support ().\n- IB/rxe: support for 802.1q VLAN on the listener (bsc#1082387).\n- ieee802154: 6lowpan: set IFLA_LINK (bsc#1051510).\n- ieee802154: at86rf230: switch from BUG_ON() to WARN_ON() on problem (bsc#1051510).\n- ieee802154: at86rf230: use __func__ macro for debug messages (bsc#1051510).\n- ieee802154: fakelb: switch from BUG_ON() to WARN_ON() on problem (bsc#1051510).\n- iio: accel: adxl345: convert address field usage in iio_chan_spec (bsc#1051510).\n- iio: ad5064: Fix regulator handling (bsc#1051510).\n- iio:st_magn: Fix enable device after trigger (bsc#1051510).\n- ima: fix showing large \u0027violations\u0027 or \u0027runtime_measurements_count\u0027 (bsc#1051510).\n- include/linux/pfn_t.h: force \u0027~\u0027 to be parsed as an unary operator (bsc#1051510).\n- Include modules.fips in kernel-binary as well as kernel-binary-base ().\n- inet: make sure to grab rcu_read_lock before using ireq-\u003eireq_opt (networking-stable-18_10_16).\n- initramfs: fix initramfs rebuilds w/ compression after disabling (git-fixes).\n- Input: add official Raspberry Pi\u0027s touchscreen driver ().\n- Input: cros_ec_keyb - fix button/switch capability reports (bsc#1051510).\n- Input: elan_i2c - add ACPI ID for Lenovo IdeaPad 330-15ARR (bsc#1051510).\n- Input: elan_i2c - add ACPI ID for Lenovo IdeaPad 330-15IGM (bsc#1051510).\n- Input: elan_i2c - add ELAN0620 to the ACPI table (bsc#1051510).\n- Input: elan_i2c - add support for ELAN0621 touchpad (bsc#1051510).\n- Input: hyper-v - fix wakeup from suspend-to-idle (bsc#1051510).\n- Input: matrix_keypad - check for errors from of_get_named_gpio() (bsc#1051510).\n- Input: nomadik-ske-keypad - fix a loop timeout test (bsc#1051510).\n- Input: omap-keypad - fix keyboard debounce configuration (bsc#1051510).\n- Input: synaptics - add PNP ID for ThinkPad P50 to SMBus (bsc#1051510).\n- Input: synaptics - avoid using uninitialized variable when probing (bsc#1051510).\n- Input: synaptics - enable SMBus for HP 15-ay000 (bsc#1051510).\n- Input: xpad - add PDP device id 0x02a4 (bsc#1051510).\n- Input: xpad - add support for Xbox1 PDP Camo series gamepad (bsc#1051510).\n- Input: xpad - avoid using __set_bit() for capabilities (bsc#1051510).\n- Input: xpad - fix some coding style issues (bsc#1051510).\n- Input: xpad - quirk all PDP Xbox One gamepads (bsc#1051510).\n- integrity/security: fix digsig.c build error with header file (bsc#1051510).\n- intel_th: msu: Fix an off-by-one in attribute store (bsc#1051510).\n- iommu/amd: Fix amd_iommu=force_isolation (bsc#1106105).\n- iommu/arm-smmu: Ensure that page-table updates are visible before TLBI (bsc#1106237).\n- iommu/ipmmu-vmsa: Fix crash on early domain free (bsc#1106105).\n- iommu/vt-d: Fix NULL pointer dereference in prq_event_thread() (bsc#1106105).\n- iommu/vt-d: Handle domain agaw being less than iommu agaw (bsc#1106105).\n- iommu/vt-d: Use memunmap to free memremap (bsc#1106105).\n- ip6_tunnel: be careful when accessing the inner header (networking-stable-18_10_16).\n- ip6_tunnel: Fix encapsulation layout (networking-stable-18_11_02).\n- ip6_vti: fix a null pointer deference when destroy vti6 tunnel (networking-stable-18_09_11).\n- ipmi: Fix timer race with module unload (bsc#1051510).\n- ip_tunnel: be careful when accessing the inner header (networking-stable-18_10_16).\n- ip_tunnel: do not force DF when MTU is locked (networking-stable-18_11_21).\n- ipv4: lock mtu in fnhe when received PMTU \u0026lt; net.ipv4.route.min_pmtu (networking-stable-18_11_21).\n- ipv4: tcp: send zero IPID for RST and ACK sent in SYN-RECV and TIME-WAIT state (networking-stable-18_09_11).\n- ipv6: Fix PMTU updates for UDP/raw sockets in presence of VRF (networking-stable-18_11_21).\n- ipv6: fix possible use-after-free in ip6_xmit() (networking-stable-18_09_24).\n- ipv6: mcast: fix a use-after-free in inet6_mc_check (networking-stable-18_11_02).\n- ipv6/ndisc: Preserve IPv6 control buffer if protocol error handlers are called (networking-stable-18_11_02).\n- ipv6: take rcu lock in rawv6_send_hdrinc() (networking-stable-18_10_16).\n- iwlwifi: add new cards for 9560, 9462, 9461 and killer series (bsc#1051510).\n- iwlwifi: dbg: allow wrt collection before ALIVE (bsc#1051510).\n- iwlwifi: do not WARN on trying to dump dead firmware (bsc#1051510).\n- iwlwifi: fix LED command capability bit (bsc#1119086).\n- iwlwifi: fix non_shared_ant for 22000 devices (bsc#1119086).\n- iwlwifi: fix wrong WGDS_WIFI_DATA_SIZE (bsc#1119086).\n- iwlwifi: mvm: check for short GI only for OFDM (bsc#1051510).\n- iwlwifi: mvm: check return value of rs_rate_from_ucode_rate() (bsc#1051510).\n- iwlwifi: mvm: do not send GEO_TX_POWER_LIMIT to old firmwares (bsc#1119086).\n- iwlwifi: mvm: do not use SAR Geo if basic SAR is not used (bsc#1051510).\n- iwlwifi: mvm: fix BAR seq ctrl reporting (bsc#1051510).\n- iwlwifi: mvm: fix regulatory domain update when the firmware starts (bsc#1051510).\n- iwlwifi: mvm: support sta_statistics() even on older firmware (bsc#1051510).\n- iwlwifi: nvm: get num of hw addresses from firmware (bsc#1119086).\n- iwlwifi: pcie: avoid empty free RB queue (bsc#1051510).\n- iwlwifi: pcie: do not reset TXQ write pointer (bsc#1051510).\n- jffs2: free jffs2_sb_info through jffs2_kill_sb() (bsc#1118767).\n- jump_label: Split out code under the hotplug lock (bsc#1106913).\n- kabi fix for \u0027NFSv4.1: Fix up replays of interrupted requests\u0027 (git-fixes).\n- kabi: hwpoison, memory_hotplug: allow hwpoisoned pages to be offlined (bnc#1116336).\n- kabi: mask raw in struct bpf_reg_state (bsc#1083647).\n- kabi: powerpc: Revert npu callback signature change (bsc#1055120).\n- kabi protect hnae_ae_ops (bsc#1104353).\n- kabi: protect struct fib_nh_exception (kabi).\n- kabi: protect struct rtable (kabi).\n- kbuild: allow to use GCC toolchain not in Clang search path (git-fixes).\n- kbuild: fix kernel/bounds.c \u0027W=1\u0027 warning (bsc#1051510).\n- kbuild: fix linker feature test macros when cross compiling with Clang (git-fixes).\n- kbuild: make missing $DEPMOD a Warning instead of an Error (git-fixes).\n- kbuild: move \u0027_all\u0027 target out of $(KBUILD_SRC) conditional (bsc#1114279).\n- kbuild: rpm-pkg: keep spec file until make mrproper (git-fixes).\n- Kbuild: suppress packed-not-aligned warning for default setting only (git-fixes).\n- kbuild: verify that $DEPMOD is installed (git-fixes).\n- kdb: use memmove instead of overlapping memcpy (bsc#1120954).\n- kernfs: Replace strncpy with memcpy (bsc#1120053).\n- keys: Fix the use of the C++ keyword \u0027private\u0027 in uapi/linux/keyctl.h (Git-fixes).\n- kgdboc: Passing ekgdboc to command line causes panic (bsc#1051510).\n- kobject: Replace strncpy with memcpy (git-fixes).\n- kprobes: Make list and blacklist root user read only (git-fixes).\n- KVM: arm/arm64: Introduce vcpu_el1_is_32bit (bsc#1110998).\n- KVM: nVMX: Always reflect #NM VM-exits to L1 (bsc#1106240).\n- KVM: nVMX: move check_vmentry_postreqs() call to nested_vmx_enter_non_root_mode() (bsc#1106240).\n- KVM: PPC: Book3S PR: Enable use on POWER9 inside HPT-mode guests (bsc#1118484).\n- KVM: s390: vsie: copy wrapping keys to right place (git-fixes).\n- KVM: svm: Ensure an IBPB on all affected CPUs when freeing a vmcb (bsc#1114279).\n- KVM: VMX: re-add ple_gap module parameter (bsc#1106240).\n- KVM: x86: Fix kernel info-leak in KVM_HC_CLOCK_PAIRING hypercall (bsc#1106240).\n- libata: whitelist all SAMSUNG MZ7KM* solid-state disks (bsc#1051510).\n- libceph: bump CEPH_MSG_MAX_DATA_LEN (bsc#1114839).\n- libceph: fall back to sendmsg for slab pages (bsc#1118316).\n- libertas: do not set URB_ZERO_PACKET on IN USB transfer (bsc#1051510).\n- libertas_tf: prevent underflow in process_cmdrequest() (bsc#1119086).\n- libnvdimm: Hold reference on parent while scheduling async init (bsc#1116891).\n- libnvdimm, pfn: Pad pfn namespaces relative to other regions (bsc#1118962).\n- libnvdimm, region: Fail badblocks listing for inactive regions (bsc#1116899).\n- lib/raid6: Fix arm64 test build (bsc#1051510).\n- lib/ubsan.c: do not mark __ubsan_handle_builtin_unreachable as noreturn (bsc#1051510).\n- Limit max FW API version for QCA9377 (bsc#1121714, bsc#1121715).\n- linux/bitmap.h: fix type of nbits in bitmap_shift_right() (bsc#1051510).\n- llc: set SOCK_RCU_FREE in llc_sap_add_socket() (networking-stable-18_11_02).\n- locking/barriers: Convert users of lockless_dereference() to READ_ONCE() (Git-fixes).\n- locking/static_keys: Improve uninitialized key warning (bsc#1106913).\n- mac80211: Always report TX status (bsc#1051510).\n- mac80211: Clear beacon_int in ieee80211_do_stop (bsc#1051510).\n- mac80211: fix reordering of buffered broadcast packets (bsc#1051510).\n- mac80211: fix TX status reporting for ieee80211s (bsc#1051510).\n- mac80211_hwsim: do not omit multicast announce of first added radio (bsc#1051510).\n- mac80211_hwsim: fix module init error paths for netlink (bsc#1051510).\n- mac80211_hwsim: Timer should be initialized before device registered (bsc#1051510).\n- mac80211: ignore NullFunc frames in the duplicate detection (bsc#1051510).\n- mac80211: ignore tx status for PS stations in ieee80211_tx_status_ext (bsc#1051510).\n- mac80211: TDLS: fix skb queue/priority assignment (bsc#1051510).\n- mach64: fix display corruption on big endian machines (bsc#1113722)\n- mach64: fix image corruption due to reading accelerator registers (bsc#1113722)\n- mailbox: PCC: handle parse error (bsc#1051510).\n- Mark HI and TASKLET softirq synchronous (git-fixes).\n- md: allow metadata updates while suspending an array - fix (git-fixes).\n- MD: fix invalid stored role for a disk - try2 (git-fixes).\n- md: fix raid10 hang issue caused by barrier (git-fixes).\n- media: em28xx: Fix use-after-free when disconnecting (bsc#1051510).\n- media: em28xx: make v4l2-compliance happier by starting sequence on zero (bsc#1051510).\n- media: omap3isp: Unregister media device as first (bsc#1051510).\n- memory_hotplug: cond_resched in __remove_pages (bnc#1114178).\n- mfd: menelaus: Fix possible race condition and leak (bsc#1051510).\n- mfd: omap-usb-host: Fix dts probe of children (bsc#1051510).\n- mlxsw: spectrum: Fix IP2ME CPU policer configuration (networking-stable-18_11_21).\n- mmc: bcm2835: reset host on timeout (bsc#1051510).\n- mmc: core: Allow BKOPS and CACHE ctrl even if no HPI support (bsc#1051510).\n- mmc: core: Reset HPI enabled state during re-init and in case of errors (bsc#1051510).\n- mmc: core: Use a minimum 1600ms timeout when enabling CACHE ctrl (bsc#1051510).\n- mmc: dw_mmc-bluefield: Add driver extension (bsc#1118752).\n- mmc: dw_mmc-k3: add sd support for hi3660 (bsc#1118752).\n- mmc: dw_mmc-rockchip: correct property names in debug (bsc#1051510).\n- mmc: OMAP: fix broken MMC on OMAP15XX/OMAP5910/OMAP310 (bsc#1051510).\n- mmc: omap_hsmmc: fix DMA API warning (bsc#1051510).\n- mmc: sdhci: fix the timeout check window for clock and reset (bsc#1051510).\n- mmc: sdhci-pci-o2micro: Add quirk for O2 Micro dev 0x8620 rev 0x01 (bsc#1051510).\n- mm: do not miss the last page because of round-off error (bnc#1118798).\n- mm: do not warn about large allocations for slab (git fixes (slab)).\n- mm: handle no memcg case in memcg_kmem_charge() properly (bnc#1113677).\n- mm/huge_memory.c: reorder operations in __split_huge_page_tail() (VM Functionality bsc#1119962).\n- mm/huge_memory: fix lockdep complaint on 32-bit i_size_read() (VM Functionality, bsc#1121599).\n- mm/huge_memory: rename freeze_page() to unmap_page() (VM Functionality, bsc#1121599).\n- mm/huge_memory: splitting set mapping+index before unfreeze (VM Functionality, bsc#1121599).\n- mm: hugetlb: yield when prepping struct pages (git fixes (memory initialisation)).\n- mm/khugepaged: collapse_shmem() do not crash on Compound (VM Functionality, bsc#1121599).\n- mm/khugepaged: collapse_shmem() remember to clear holes (VM Functionality, bsc#1121599).\n- mm/khugepaged: collapse_shmem() stop if punched or truncated (VM Functionality, bsc#1121599).\n- mm/khugepaged: collapse_shmem() without freezing new_page (VM Functionality, bsc#1121599).\n- mm/khugepaged: fix crashes due to misaccounted holes (VM Functionality, bsc#1121599).\n- mm/khugepaged: minor reorderings in collapse_shmem() (VM Functionality, bsc#1121599).\n- mm: lower the printk loglevel for __dump_page messages (generic hotplug debugability).\n- mm, memory_hotplug: be more verbose for memory offline failures (generic hotplug debugability).\n- mm, memory_hotplug: drop pointless block alignment checks from __offline_pages (generic hotplug debugability).\n- mm, memory_hotplug: print reason for the offlining failure (generic hotplug debugability).\n- mm: migration: fix migration of huge PMD shared pages (bnc#1086423).\n- mm: only report isolation failures when offlining memory (generic hotplug debugability).\n- mm: print more information about mapping in __dump_page (generic hotplug debugability).\n- mm: put_and_wait_on_page_locked() while page is migrated (bnc#1109272).\n- mm: rework memcg kernel stack accounting (bnc#1113677).\n- mm: sections are not offlined during memory hotremove (bnc#1119968).\n- mm: shmem.c: Correctly annotate new inodes for lockdep (Git fixes: shmem).\n- mm/vmstat.c: fix NUMA statistics updates (git fixes).\n- mount: Do not allow copying MNT_UNBINDABLE|MNT_LOCKED mounts (bsc#1117819).\n- mount: Prevent MNT_DETACH from disconnecting locked mounts (bsc#1117820).\n- mount: Retest MNT_LOCKED in do_umount (bsc#1117818).\n- Move dell_rbu fix to sorted section (bsc#1087978).\n- mtd: cfi: convert inline functions to macros (git-fixes).\n- mtd: Fix comparison in map_word_andequal() (git-fixes).\n- namei: allow restricted O_CREAT of FIFOs and regular files (bsc#1118766).\n- nbd: do not allow invalid blocksize settings (Git-fixes).\n- neighbour: confirm neigh entries when ARP packet is received (networking-stable-18_09_24).\n- net/af_iucv: drop inbound packets with invalid flags (bnc#1113501, LTC#172679).\n- net/af_iucv: fix skb handling on HiperTransport xmit error (bnc#1113501, LTC#172679).\n- net/appletalk: fix minor pointer leak to userspace in SIOCFINDIPDDPRT (networking-stable-18_09_24).\n- net: aquantia: memory corruption on jumbo frames (networking-stable-18_10_16).\n- net: bcmgenet: Poll internal PHY for GENETv5 (networking-stable-18_11_02).\n- net: bcmgenet: protect stop from timeout (networking-stable-18_11_21).\n- net: bcmgenet: use MAC link status for fixed phy (networking-stable-18_09_11).\n- net: bgmac: Fix endian access in bgmac_dma_tx_ring_free() (bsc#1051510).\n- net: bridge: remove ipv6 zero address check in mcast queries (git-fixes).\n- net: dsa: bcm_sf2: Call setup during switch resume (networking-stable-18_10_16).\n- net: dsa: bcm_sf2: Fix unbind ordering (networking-stable-18_10_16).\n- net: dsa: mv88e6xxx: Fix binding documentation for MDIO busses (git-fixes).\n- net: dsa: qca8k: Add QCA8334 binding documentation (git-fixes).\n- net: ena: add functions for handling Low Latency Queues in ena_com (bsc#1111696 bsc#1117561).\n- net: ena: add functions for handling Low Latency Queues in ena_netdev (bsc#1111696 bsc#1117561).\n- net: ena: change rx copybreak default to reduce kernel memory pressure (bsc#1111696 bsc#1117561).\n- net: ena: complete host info to match latest ENA spec (bsc#1111696 bsc#1117561).\n- net: ena: enable Low Latency Queues (bsc#1111696 bsc#1117561).\n- net: ena: explicit casting and initialization, and clearer error handling (bsc#1111696 bsc#1117561).\n- net: ena: fix auto casting to boolean (bsc#1111696 bsc#1117561).\n- net: ena: fix compilation error in xtensa architecture (bsc#1111696 bsc#1117561).\n- net: ena: fix crash during ena_remove() (bsc#1111696 bsc#1117561).\n- net: ena: fix crash during failed resume from hibernation (bsc#1111696 bsc#1117561).\n- net: ena: fix indentations in ena_defs for better readability (bsc#1111696 bsc#1117561).\n- net: ena: Fix Kconfig dependency on X86 (bsc#1111696 bsc#1117561).\n- net: ena: fix NULL dereference due to untimely napi initialization (bsc#1111696 bsc#1117561).\n- net: ena: fix rare bug when failed restart/resume is followed by driver removal (bsc#1111696 bsc#1117561).\n- net: ena: fix warning in rmmod caused by double iounmap (bsc#1111696 bsc#1117561).\n- net: ena: introduce Low Latency Queues data structures according to ENA spec (bsc#1111696 bsc#1117561).\n- net: ena: limit refill Rx threshold to 256 to avoid latency issues (bsc#1111696 bsc#1117561).\n- net: ena: minor performance improvement (bsc#1111696 bsc#1117561).\n- net: ena: remove ndo_poll_controller (bsc#1111696 bsc#1117561).\n- net: ena: remove redundant parameter in ena_com_admin_init() (bsc#1111696 bsc#1117561).\n- net: ena: update driver version from 2.0.1 to 2.0.2 (bsc#1111696 bsc#1117561).\n- net: ena: update driver version to 2.0.1 (bsc#1111696 bsc#1117561).\n- net: ena: use CSUM_CHECKED device indication to report skb\u0027s checksum status (bsc#1111696 bsc#1117561).\n- net: fec: do not dump RX FIFO register when not available (networking-stable-18_11_02).\n- net-gro: reset skb-\u003epkt_type in napi_reuse_skb() (networking-stable-18_11_21).\n- net: hns3: Add nic state check before calling netif_tx_wake_queue (bsc#1104353).\n- net: hns3: Add support for hns3_nic_netdev_ops.ndo_do_ioctl (bsc#1104353).\n- net: hns3: bugfix for buffer not free problem during resetting (bsc#1104353).\n- net: hns3: bugfix for handling mailbox while the command queue reinitialized (bsc#1104353).\n- net: hns3: bugfix for hclge_mdio_write and hclge_mdio_read (bsc#1104353).\n- net: hns3: bugfix for is_valid_csq_clean_head() (bsc#1104353 ).\n- net: hns3: bugfix for reporting unknown vector0 interrupt repeatly problem (bsc#1104353).\n- net: hns3: bugfix for rtnl_lock\u0027s range in the hclgevf_reset() (bsc#1104353).\n- net: hns3: bugfix for the initialization of command queue\u0027s spin lock (bsc#1104353).\n- net: hns3: Check hdev state when getting link status (bsc#1104353).\n- net: hns3: Clear client pointer when initialize client failed or unintialize finished (bsc#1104353).\n- net: hns3: Fix cmdq registers initialization issue for vf (bsc#1104353).\n- net: hns3: Fix error of checking used vlan id (bsc#1104353 ).\n- net: hns3: Fix ets validate issue (bsc#1104353).\n- net: hns3: Fix for netdev not up problem when setting mtu (bsc#1104353).\n- net: hns3: Fix for out-of-bounds access when setting pfc back pressure (bsc#1104353).\n- net: hns3: Fix for packet buffer setting bug (bsc#1104353 ).\n- net: hns3: Fix for rx vlan id handle to support Rev 0x21 hardware (bsc#1104353).\n- net: hns3: Fix for setting speed for phy failed problem (bsc#1104353).\n- net: hns3: Fix for vf vlan delete failed problem (bsc#1104353 ).\n- net: hns3: Fix loss of coal configuration while doing reset (bsc#1104353).\n- net: hns3: Fix parameter type for q_id in hclge_tm_q_to_qs_map_cfg() (bsc#1104353).\n- net: hns3: Fix ping exited problem when doing lp selftest (bsc#1104353).\n- net: hns3: Preserve vlan 0 in hardware table (bsc#1104353 ).\n- net: hns3: remove unnecessary queue reset in the hns3_uninit_all_ring() (bsc#1104353).\n- net: hns3: Set STATE_DOWN bit of hdev state when stopping net (bsc#1104353).\n- net: hns: fix for unmapping problem when SMMU is on (networking-stable-18_10_16).\n- net: hp100: fix always-true check for link up state (networking-stable-18_09_24).\n- net: ibm: fix return type of ndo_start_xmit function ().\n- net/ibmnvic: Fix deadlock problem in reset ().\n- net/ibmvnic: Fix RTNL deadlock during device reset (bnc#1115431).\n- net: ipmr: fix unresolved entry dumps (networking-stable-18_11_02).\n- net: ipv4: do not let PMTU updates increase route MTU (git-fixes).\n- net/ipv6: Display all addresses in output of /proc/net/if_inet6 (networking-stable-18_10_16).\n- net/ipv6: Fix index counter for unicast addresses in in6_dump_addrs (networking-stable-18_11_02).\n- netlabel: check for IPV4MASK in addrinfo_get (networking-stable-18_10_16).\n- net: macb: do not disable MDIO bus at open/close time (networking-stable-18_09_11).\n- net/mlx4_core: Correctly set PFC param if global pause is turned off (bsc#1046299).\n- net/mlx5: Check for error in mlx5_attach_interface (networking-stable-18_09_18).\n- net/mlx5e: Fix selftest for small MTUs (networking-stable-18_11_21).\n- net/mlx5e: Set vlan masks for all offloaded TC rules (networking-stable-18_10_16).\n- net/mlx5: E-Switch, Fix memory leak when creating switchdev mode FDB tables (networking-stable-18_09_18).\n- net/mlx5: E-Switch, Fix out of bound access when setting vport rate (networking-stable-18_10_16).\n- net/mlx5: Fix debugfs cleanup in the device init/remove flow (networking-stable-18_09_18).\n- net/mlx5: Fix use-after-free in self-healing flow (networking-stable-18_09_18).\n- net/mlx5: Take only bit 24-26 of wqe.pftype_wq for page fault type (networking-stable-18_11_02).\n- net: mvpp2: Extract the correct ethtype from the skb for tx csum offload (networking-stable-18_10_16).\n- net: mvpp2: fix a txq_done race condition (networking-stable-18_10_16).\n- net/packet: fix packet drop as of virtio gso (networking-stable-18_10_16).\n- net: phy: mdio-gpio: Fix working over slow can_sleep GPIOs (networking-stable-18_11_21).\n- net: qca_spi: Fix race condition in spi transfers (networking-stable-18_09_18).\n- net: qmi_wwan: add Wistron Neweb D19Q1 (bsc#1051510).\n- net: sched: action_ife: take reference to meta module (networking-stable-18_09_11).\n- net/sched: act_pedit: fix dump of extended layered op (networking-stable-18_09_11).\n- net/sched: act_sample: fix NULL dereference in the data path (networking-stable-18_09_24).\n- net: sched: Fix for duplicate class dump (networking-stable-18_11_02).\n- net: sched: Fix memory exposure from short TCA_U32_SEL (networking-stable-18_09_11).\n- net: sched: gred: pass the right attribute to gred_change_table_def() (networking-stable-18_11_02).\n- net: smsc95xx: Fix MTU range (networking-stable-18_11_21).\n- net: socket: fix a missing-check bug (networking-stable-18_11_02).\n- net: stmmac: Fix stmmac_mdio_reset() when building stmmac as modules (networking-stable-18_11_02).\n- net: stmmac: Fixup the tail addr setting in xmit path (networking-stable-18_10_16).\n- net: systemport: Fix wake-up interrupt race during resume (networking-stable-18_10_16).\n- net: systemport: Protect stop from timeout (networking-stable-18_11_21).\n- net: udp: fix handling of CHECKSUM_COMPLETE packets (networking-stable-18_11_02).\n- net/usb: cancel pending work when unbinding smsc75xx (networking-stable-18_10_16).\n- net: usb: r8152: constify usb_device_id (bsc#1119749).\n- net: usb: r8152: use irqsave() in USB\u0027s complete callback (bsc#1119749).\n- nfp: wait for posted reconfigs when disabling the device (networking-stable-18_09_11).\n- nfs: Avoid RCU usage in tracepoints (git-fixes).\n- nfs: commit direct writes even if they fail partially (git-fixes).\n- nfsd4: permit layoutget of executable-only files (git-fixes).\n- nfsd: check for use of the closed special stateid (git-fixes).\n- nfsd: CLOSE SHOULD return the invalid special stateid for NFSv4.x (x\u003e0) (git-fixes).\n- nfsd: deal with revoked delegations appropriately (git-fixes).\n- nfsd: Ensure we check stateid validity in the seqid operation checks (git-fixes).\n- nfsd: Fix another OPEN stateid race (git-fixes).\n- nfsd: fix corrupted reply to badly ordered compound (git-fixes).\n- nfsd: fix potential use-after-free in nfsd4_decode_getdeviceinfo (git-fixes).\n- nfsd: Fix stateid races between OPEN and CLOSE (git-fixes).\n- nfs: do not wait on commit in nfs_commit_inode() if there were no commit requests (git-fixes).\n- nfsd: restrict rd_maxcount to svc_max_payload in nfsd_encode_readdir (git-fixes).\n- nfs: Ensure we commit after writeback is complete (bsc#1111809).\n- nfs: Fix an incorrect type in struct nfs_direct_req (git-fixes).\n- nfs: Fix a typo in nfs_rename() (git-fixes).\n- nfs: Fix typo in nomigration mount option (git-fixes).\n- nfs: Fix unstable write completion (git-fixes).\n- nfsv4.0 fix client reference leak in callback (git-fixes).\n- nfsv4.1: Fix a potential layoutget/layoutrecall deadlock (git-fixes).\n- nfsv4.1 fix infinite loop on I/O (git-fixes).\n- nfsv4.1: Fix the client behaviour on NFS4ERR_SEQ_FALSE_RETRY (git-fixes).\n- nfsv4.1: Fix up replays of interrupted requests (git-fixes).\n- nfsv4: Fix a typo in nfs41_sequence_process (git-fixes).\n- nl80211: Fix possible Spectre-v1 for CQM RSSI thresholds (bsc#1051510).\n- nl80211: Fix possible Spectre-v1 for NL80211_TXRATE_HT (bsc#1051510).\n- nospec: Allow index argument to have const-qualified type (git-fixes)\n- nospec: Include \u0026lt;asm/barrier.h\u003e dependency (bsc#1114279).\n- nospec: Kill array_index_nospec_mask_check() (git-fixes).\n- nvme-fc: resolve io failures during connect (bsc#1116803).\n- nvme: Free ctrl device name on init failure ().\n- nvme-multipath: zero out ANA log buffer (bsc#1105168).\n- nvme: validate controller state before rescheduling keep alive (bsc#1103257).\n- objtool: Detect RIP-relative switch table references (bsc#1058115).\n- objtool: Detect RIP-relative switch table references, part 2 (bsc#1058115).\n- objtool: Fix another switch table detection issue (bsc#1058115).\n- objtool: Fix double-free in .cold detection error path (bsc#1058115).\n- objtool: Fix GCC 8 cold subfunction detection for aliased functions (bsc#1058115).\n- objtool: Fix \u0027noreturn\u0027 detection for recursive sibling calls (bsc#1058115).\n- objtool: Fix segfault in .cold detection with -ffunction-sections (bsc#1058115).\n- objtool: Support GCC 8\u0027s cold subfunctions (bsc#1058115).\n- objtool: Support GCC 8 switch tables (bsc#1058115).\n- ocfs2: fix a misuse a of brelse after failing ocfs2_check_dir_entry (bsc#1117817).\n- ocfs2: fix locking for res-\u003etracking and dlm-\u003etracking_list (bsc#1117816).\n- ocfs2: fix ocfs2 read block panic (bsc#1117815).\n- ocfs2: free up write context when direct IO failed (bsc#1117821).\n- ocfs2: subsystem.su_mutex is required while accessing the item-\u003eci_parent (bsc#1117808).\n- openvswitch: Fix push/pop ethernet validation (networking-stable-18_11_02).\n- panic: avoid deadlocks in re-entrant console drivers (bsc#1088386).\n- PCI: Add ACS quirk for Ampere root ports (bsc#1120058).\n- PCI: Add ACS quirk for APM X-Gene devices (bsc#1120058).\n- PCI: Add Device IDs for Intel GPU \u0027spurious interrupt\u0027 quirk (bsc#1051510).\n- PCI/ASPM: Do not initialize link state when aspm_disabled is set (bsc#1051510).\n- PCI: Convert device-specific ACS quirks from NULL termination to ARRAY_SIZE (bsc#1120058).\n- PCI: Delay after FLR of Intel DC P3700 NVMe (bsc#1120058).\n- PCI: Disable Samsung SM961/PM961 NVMe before FLR (bsc#1120058).\n- PCI: dwc: remove duplicate fix References: bsc#1115269 Patch has been already applied by the following commit: 9f73db8b7c PCI: dwc: Fix enumeration end when reaching root subordinate (bsc#1051510)\n- PCI: Export pcie_has_flr() (bsc#1120058).\n- PCI: hv: Use effective affinity mask (bsc#1109772).\n- PCI: imx6: Fix link training status detection in link up check (bsc#1109806).\n- PCI: iproc: Activate PAXC bridge quirk for more devices (bsc#1120058).\n- PCI: iproc: Remove PAXC slot check to allow VF support (bsc#1109806).\n- PCI: Mark Ceton InfiniTV4 INTx masking as broken (bsc#1120058).\n- PCI: Mark fall-through switch cases before enabling -Wimplicit-fallthrough (bsc#1120058).\n- PCI: Mark Intel XXV710 NIC INTx masking as broken (bsc#1120058).\n- PCI/MSI: Warn and return error if driver enables MSI/MSI-X twice (bsc#1051510).\n- PCI: vmd: Assign vector zero to all bridges (bsc#1109806).\n- PCI: vmd: Detach resources after stopping root bus (bsc#1109806).\n- PCI: vmd: White list for fast interrupt handlers (bsc#1109806).\n- pcmcia: Implement CLKRUN protocol disabling for Ricoh bridges (bsc#1051510).\n- percpu: make this_cpu_generic_read() atomic w.r.t. interrupts (bsc#1114279).\n- perf: fix invalid bit in diagnostic entry (git-fixes).\n- perf tools: Fix tracing_path_mount proper path (git-fixes).\n- pinctrl: at91-pio4: fix has_config check in atmel_pctl_dt_subnode_to_map() (bsc#1051510).\n- pinctrl: meson: fix pinconf bias disable (bsc#1051510).\n- pinctrl: qcom: spmi-mpp: Fix drive strength setting (bsc#1051510).\n- pinctrl: qcom: spmi-mpp: Fix err handling of pmic_mpp_set_mux (bsc#1051510).\n- pinctrl: spmi-mpp: Fix pmic_mpp_config_get() to be compliant (bsc#1051510).\n- pinctrl: ssbi-gpio: Fix pm8xxx_pin_config_get() to be compliant (bsc#1051510).\n- platform-msi: Free descriptors in platform_msi_domain_free() (bsc#1051510).\n- platform/x86: acerhdf: Add BIOS entry for Gateway LT31 v1.3307 (bsc#1051510).\n- platform/x86: intel_telemetry: report debugfs failure (bsc#1051510).\n- pNFS: Always free the session slot on error in nfs4_layoutget_handle_exception (git-fixes).\n- pNFS: Do not release the sequence slot until we\u0027ve processed layoutget on open (git-fixes).\n- pNFS: Prevent the layout header refcount going to zero in pnfs_roc() (git-fixes).\n- powerpc/64s: consolidate MCE counter increment (bsc#1094244).\n- powerpc/64s/hash: Do not use PPC_INVALIDATE_ERAT on CPUs before POWER9 (bsc#1065729).\n- powerpc/64s/radix: Fix process table entry cache invalidation (bsc#1055186, git-fixes).\n- powerpc/boot: Expose Kconfig symbols to wrapper (bsc#1065729).\n- powerpc/boot: Fix build failures with -j 1 (bsc#1065729).\n- powerpc/boot: Fix opal console in boot wrapper (bsc#1065729).\n- powerpc/mm: Fix typo in comments (bsc#1065729).\n- powerpc/mm/keys: Move pte bits to correct headers (bsc#1078248).\n- powerpc/npu-dma.c: Fix crash after __mmu_notifier_register failure (bsc#1055120).\n- powerpc/perf: Update raw-event code encoding comment for power8 (bsc#1065729).\n- powerpc/pkeys: Fix handling of pkey state across fork() (bsc#1078248, git-fixes).\n- powerpc/powernv: Do not select the cpufreq governors (bsc#1065729).\n- powerpc/powernv: Fix concurrency issue with npu-\u003emmio_atsd_usage (bsc#1055120).\n- powerpc/powernv: Fix opal_event_shutdown() called with interrupts disabled (bsc#1065729).\n- powerpc/powernv: Fix save/restore of SPRG3 on entry/exit from stop (idle) (bsc#1055121).\n- powerpc/powernv/npu: Add lock to prevent race in concurrent context init/destroy (bsc#1055120).\n- powerpc/powernv/npu: Do not explicitly flush nmmu tlb (bsc#1055120).\n- powerpc/powernv/npu: Fix deadlock in mmio_invalidate() (bsc#1055120).\n- powerpc/powernv/npu: Prevent overwriting of pnv_npu2_init_contex() callback parameters (bsc#1055120).\n- powerpc/powernv/npu: Use flush_all_mm() instead of flush_tlb_mm() (bsc#1055120).\n- powerpc/powernv/pci: Work around races in PCI bridge enabling (bsc#1055120).\n- powerpc/pseries: Fix DTL buffer registration (bsc#1065729).\n- powerpc/pseries: Fix how we iterate over the DTL entries (bsc#1065729).\n- powerpc/pseries/mobility: Extend start/stop topology update scope (bsc#1116950, bsc#1115709).\n- powerpc/pseries: Track LMB nid instead of using device tree (bsc#1108270).\n- powerpc/traps: restore recoverability of machine_check interrupts (bsc#1094244).\n- power: supply: max8998-charger: Fix platform data retrieval (bsc#1051510).\n- power: supply: olpc_battery: correct the temperature units (bsc#1051510).\n- pppoe: fix reception of frames with no mac header (networking-stable-18_09_24).\n- printk: Fix panic caused by passing log_buf_len to command line (bsc#1117168).\n- provide linux/set_memory.h (bsc#1113295).\n- ptp: fix Spectre v1 vulnerability (bsc#1051510).\n- ptrace: Remove unused ptrace_may_access_sched() and MODE_IBRS (bsc#1106913).\n- pwm: lpss: Release runtime-pm reference from the driver\u0027s remove callback (bsc#1051510).\n- pxa168fb: prepare the clock (bsc#1051510).\n- qed: Add driver support for 20G link speed (bsc#1110558).\n- qed: Add support for virtual link (bsc#1111795).\n- qede: Add driver support for 20G link speed (bsc#1110558).\n- qmi_wwan: apply SET_DTR quirk to the SIMCOM shared device ID (bsc#1051510).\n- qmi_wwan: Support dynamic config on Quectel EP06 (bsc#1051510).\n- r8152: add byte_enable for ocp_read_word function (bsc#1119749).\n- r8152: add Linksys USB3GIGV1 id (bsc#1119749).\n- r8152: add r8153_phy_status function (bsc#1119749).\n- r8152: adjust lpm settings for RTL8153 (bsc#1119749).\n- r8152: adjust rtl8153_runtime_enable function (bsc#1119749).\n- r8152: adjust the settings about MAC clock speed down for RTL8153 (bsc#1119749).\n- r8152: adjust U2P3 for RTL8153 (bsc#1119749).\n- r8152: avoid rx queue more than 1000 packets (bsc#1119749).\n- r8152: check if disabling ALDPS is finished (bsc#1119749).\n- r8152: correct the definition (bsc#1119749).\n- r8152: disable RX aggregation on Dell TB16 dock (bsc#1119749).\n- r8152: disable RX aggregation on new Dell TB16 dock (bsc#1119749).\n- r8152: fix wrong checksum status for received IPv4 packets (bsc#1119749).\n- r8152: move calling delay_autosuspend function (bsc#1119749).\n- r8152: move the default coalesce setting for RTL8153 (bsc#1119749).\n- r8152: move the initialization to reset_resume function (bsc#1119749).\n- r8152: move the setting of rx aggregation (bsc#1119749).\n- r8152: replace napi_complete with napi_complete_done (bsc#1119749).\n- r8152: set rx mode early when linking on (bsc#1119749).\n- r8152: split rtl8152_resume function (bsc#1119749).\n- r8152: support new chip 8050 (bsc#1119749).\n- r8152: support RTL8153B (bsc#1119749).\n- r8169: fix NAPI handling under high load (networking-stable-18_11_02).\n- rbd: whitelist RBD_FEATURE_OPERATIONS feature bit (Git-fixes).\n- rcu: Allow for page faults in NMI handlers (bsc#1120092).\n- RDMA/bnxt_re: Add missing spin lock initialization (bsc#1050244 ).\n- RDMA/bnxt_re: Avoid accessing the device structure after it is freed (bsc#1050244).\n- RDMA/bnxt_re: Avoid NULL check after accessing the pointer (bsc#1086283).\n- RDMA/bnxt_re: Fix system hang when registration with L2 driver fails (bsc#1086283).\n- RDMA/hns: Bugfix pbl configuration for rereg mr (bsc#1104427 ).\n- rdma_rxe: make rxe work over 802.1q VLAN devices (bsc#1082387).\n- rds: fix two RCU related problems (networking-stable-18_09_18).\n- remoteproc: qcom: Fix potential device node leaks (bsc#1051510).\n- reset: hisilicon: fix potential NULL pointer dereference (bsc#1051510).\n- reset: imx7: Fix always writing bits as 0 (bsc#1051510).\n- reset: remove remaining WARN_ON() in \u0026lt;linux/reset.h\u003e (Git-fixes).\n- Revert \u0027ceph: fix dentry leak in splice_dentry()\u0027 (bsc#1114839).\n- Revert commit ef9209b642f \u0027staging: rtl8723bs: Fix indenting errors and an off-by-one mistake in core/rtw_mlme_ext.c\u0027 (bsc#1051510).\n- Revert \u0027iommu/io-pgtable-arm: Check for v7s-incapable systems\u0027 (bsc#1106105).\n- Revert \u0027PCI/ASPM: Do not initialize link state when aspm_disabled is set\u0027 (bsc#1051510).\n- Revert \u0027powerpc/64: Fix checksum folding in csum_add()\u0027 (bsc#1065729).\n- Revert \u0027scsi: lpfc: ls_rjt erroneus FLOGIs\u0027 (bsc#1119322).\n- Revert \u0027usb: dwc3: gadget: skip Set/Clear Halt when invalid\u0027 (bsc#1051510).\n- Revert wlcore patch to follow stable tree develpment\n- ring-buffer: Allow for rescheduling when removing pages (bsc#1120238).\n- ring-buffer: Do no reuse reader page if still in use (bsc#1120096).\n- ring-buffer: Mask out the info bits when returning buffer page length (bsc#1120094).\n- rpm/kernel-binary.spec.in: add macros.s into kernel-*-devel Starting with 4.20-rc1, file arch/*/kernel/macros.s is needed to build out of tree modules. Add it to kernel-${flavor}-devel packages if it exists.\n- rpm/kernel-binary.spec.in: allow unsupported modules for -extra (bsc#1111183). SLE-15 and later only.\n- rpm: use syncconfig instead of silentoldconfig where available Since mainline commit 0085b4191f3e (\u0027kconfig: remove silentoldconfig target\u0027), \u0027make silentoldconfig\u0027 can be no longer used. Use \u0027make syncconfig\u0027 instead if available.\n- rtc: hctosys: Add missing range error reporting (bsc#1051510).\n- rtc: m41t80: Correct alarm month range with RTC reads (bsc#1051510).\n- rtc: pcf2127: fix a kmemleak caused in pcf2127_i2c_gather_write (bsc#1051510).\n- rtc: snvs: Add timeouts to avoid kernel lockups (bsc#1051510).\n- rtl8xxxu: Fix missing break in switch (bsc#1051510).\n- rtnetlink: Disallow FDB configuration for non-Ethernet device (networking-stable-18_11_02).\n- rtnetlink: fix rtnl_fdb_dump() for ndmsg header (networking-stable-18_10_16).\n- rtnl: limit IFLA_NUM_TX_QUEUES and IFLA_NUM_RX_QUEUES to 4096 (networking-stable-18_10_16).\n- s390/cpum_sf: Add data entry sizes to sampling trailer entry (git-fixes).\n- s390/dasd: simplify locking in dasd_times_out (bsc#1104967,).\n- s390/kdump: Fix elfcorehdr size calculation (bsc#1117953, LTC#171112).\n- s390/kdump: Make elfcorehdr size calculation ABI compliant (bsc#1117953, LTC#171112).\n- s390/kvm: fix deadlock when killed by oom (bnc#1113501, LTC#172235).\n- s390/mm: Check for valid vma before zapping in gmap_discard (git-fixes).\n- s390/mm: correct allocate_pgste proc_handler callback (git-fixes).\n- s390: qeth_core_mpc: Use ARRAY_SIZE instead of reimplementing its function (bnc#1113501, LTC#172682).\n- s390/qeth: fix HiperSockets sniffer (bnc#1113501, LTC#172953).\n- s390/qeth: fix length check in SNMP processing (bsc#1117953, LTC#173657).\n- s390: qeth: Fix potential array overrun in cmd/rc lookup (bnc#1113501, LTC#172682).\n- s390/qeth: handle failure on workqueue creation (git-fixes).\n- s390/qeth: remove outdated portname debug msg (bsc#1117953, LTC#172960).\n- s390/qeth: report 25Gbit link speed (bnc#1113501, LTC#172959).\n- s390/qeth: sanitize strings in debug messages (bsc#1117953, LTC#172960).\n- s390: revert ELF_ET_DYN_BASE base changes (git-fixes).\n- s390/sclp_tty: enable line mode tty even if there is an ascii console (git-fixes).\n- s390/sthyi: add cache to store hypervisor info (LTC#160415, bsc#1068273).\n- s390/sthyi: add s390_sthyi system call (LTC#160415, bsc#1068273).\n- s390/sthyi: reorganize sthyi implementation (LTC#160415, bsc#1068273).\n- sbitmap: fix race in wait batch accounting (Git-fixes).\n- sched/core: Fix cpu.max vs. cpuhotplug deadlock (bsc#1106913).\n- sched/fair: Fix infinite loop in update_blocked_averages() by reverting a9e7f6544b9c (Git fixes (scheduler)).\n- sched/smt: Expose sched_smt_present static key (bsc#1106913).\n- sched/smt: Make sched_smt_present track topology (bsc#1106913).\n- sched, tracing: Fix trace_sched_pi_setprio() for deboosting (bsc#1120228).\n- scripts/git-pre-commit: make executable.\n- scripts/git_sort/git_sort.py: add mkp/scsi.git 4.21/scsi-queue\n- scripts/git_sort/git_sort.py: change SCSI git repos to make series sorting more failsafe.\n- scsi: core: Avoid that SCSI device removal through sysfs triggers a deadlock (bsc#1114578).\n- scsi: libsas: remove irq save in sas_ata_qc_issue() (bsc#1114580).\n- scsi: lpfc: add support to retrieve firmware logs (bsc#1114015).\n- scsi: lpfc: add Trunking support (bsc#1114015).\n- scsi: lpfc: Cap NPIV vports to 256 (bsc#1118215).\n- scsi: lpfc: Correct code setting non existent bits in sli4 ABORT WQE (bsc#1118215).\n- scsi: lpfc: Correct errors accessing fw log (bsc#1114015).\n- scsi: lpfc: Correct invalid EQ doorbell write on if_type=6 (bsc#1114015).\n- scsi: lpfc: Correct irq handling via locks when taking adapter offline (bsc#1114015).\n- scsi: lpfc: Correct LCB RJT handling (bsc#1114015).\n- scsi: lpfc: Correct loss of fc4 type on remote port address change (bsc#1114015).\n- scsi: lpfc: Correct race with abort on completion path (bsc#1114015).\n- scsi: lpfc: Correct soft lockup when running mds diagnostics (bsc#1114015).\n- scsi: lpfc: Correct speeds on SFP swap (bsc#1114015).\n- scsi: lpfc: Correct topology type reporting on G7 adapters (bsc#1118215).\n- scsi: lpfc: Defer LS_ACC to FLOGI on point to point logins (bsc#1118215).\n- scsi: lpfc: Enable Management features for IF_TYPE=6 (bsc#1119322).\n- scsi: lpfc: fcoe: Fix link down issue after 1000+ link bounces (bsc#1114015).\n- scsi: lpfc: Fix a duplicate 0711 log message number (bsc#1118215).\n- scsi: lpfc: fix block guard enablement on SLI3 adapters (bsc#1079935).\n- scsi: lpfc: Fix dif and first burst use in write commands (bsc#1118215).\n- scsi: lpfc: Fix discovery failures during port failovers with lots of vports (bsc#1118215).\n- scsi: lpfc: Fix driver release of fw-logging buffers (bsc#1118215).\n- scsi: lpfc: Fix errors in log messages (bsc#1114015).\n- scsi: lpfc: Fix GFT_ID and PRLI logic for RSCN (bsc#1114015).\n- scsi: lpfc: Fix kernel Oops due to null pring pointers (bsc#1118215).\n- scsi: lpfc: Fix LOGO/PLOGI handling when triggerd by ABTS Timeout event (bsc#1114015).\n- scsi: lpfc: Fix lpfc_sli4_read_config return value check (bsc#1114015).\n- scsi: lpfc: Fix odd recovery in duplicate FLOGIs in point-to-point (bsc#1114015).\n- scsi: lpfc: Fix panic when FW-log buffsize is not initialized (bsc#1118215).\n- scsi: lpfc: Implement GID_PT on Nameserver query to support faster failover (bsc#1114015).\n- scsi: lpfc: ls_rjt erroneus FLOGIs (bsc#1118215).\n- scsi: lpfc: Raise nvme defaults to support a larger io and more connectivity (bsc#1114015).\n- scsi: lpfc: raise sg count for nvme to use available sg resources (bsc#1114015).\n- scsi: lpfc: reduce locking when updating statistics (bsc#1114015).\n- scsi: lpfc: refactor mailbox structure context fields (bsc#1118215).\n- scsi: lpfc: Remove set but not used variable \u0027sgl_size\u0027 (bsc#1114015).\n- scsi: lpfc: Reset link or adapter instead of doing infinite nameserver PLOGI retry (bsc#1114015).\n- scsi: lpfc: rport port swap discovery issue (bsc#1118215).\n- scsi: lpfc: Synchronize access to remoteport via rport (bsc#1114015).\n- scsi: lpfc: update driver version to 12.0.0.7 (bsc#1114015).\n- scsi: lpfc: update driver version to 12.0.0.8 (bsc#1114015).\n- scsi: lpfc: update driver version to 12.0.0.9 (bsc#1118215).\n- scsi: lpfc: update manufacturer attribute to reflect Broadcom (bsc#1118215).\n- scsi: qlogicpti: Fix an error handling path in \u0027qpti_sbus_probe()\u0027 (bsc#1114581).\n- scsi: scsi_transport_srp: Fix shost to rport translation (bsc#1114582).\n- scsi: sg: fix minor memory leak in error path (bsc#1114584).\n- scsi: sysfs: Introduce sysfs_{un,}break_active_protection() (bsc#1114578).\n- scsi: target: add emulate_pr backstore attr to toggle PR support (bsc#1091405).\n- scsi: target: drop unused pi_prot_format attribute storage (bsc#1091405).\n- scsi: target: Fix fortify_panic kernel exception (bsc#1114576).\n- scsi: target/tcm_loop: Avoid that static checkers warn about dead code (bsc#1114577).\n- scsi: target: tcmu: add read length support (bsc#1097755).\n- scsi: zfcp: fix posting too many status read buffers leading to adapter shutdown (bsc#1121483, LTC#174588).\n- sctp: fix race on sctp_id2asoc (networking-stable-18_11_02).\n- sctp: fix strchange_flags name for Stream Change Event (networking-stable-18_11_21).\n- sctp: hold transport before accessing its asoc in sctp_transport_get_next (networking-stable-18_09_11).\n- sctp: not allow to set asoc prsctp_enable by sockopt (networking-stable-18_11_21).\n- sctp: not increase stream\u0027s incnt before sending addstrm_in request (networking-stable-18_11_21).\n- sctp: update dst pmtu with the correct daddr (networking-stable-18_10_16).\n- shmem: introduce shmem_inode_acct_block (VM Functionality, bsc#1121599).\n- shmem: shmem_charge: verify max_block is not exceeded before inode update (VM Functionality, bsc#1121599).\n- skd: Avoid that module unloading triggers a use-after-free (Git-fixes).\n- skd: Submit requests to firmware before triggering the doorbell (Git-fixes).\n- skip LAYOUTRETURN if layout is invalid (git-fixes).\n- soc: bcm2835: sync firmware properties with downstream ()\n- soc: fsl: qbman: qman: avoid allocating from non existing gen_pool (bsc#1051510).\n- soc: ti: QMSS: Fix usage of irq_set_affinity_hint (bsc#1051510).\n- spi: bcm2835: Avoid finishing transfer prematurely in IRQ mode (bsc#1051510).\n- spi: bcm2835: Fix book-keeping of DMA termination (bsc#1051510).\n- spi: bcm2835: Fix race on DMA termination (bsc#1051510).\n- spi: bcm2835: Unbreak the build of esoteric configs (bsc#1051510).\n- splice: do not read more than available pipe space (bsc#1119212).\n- staging: bcm2835-camera: Abort probe if there is no camera (bsc#1051510).\n- staging:iio:ad7606: fix voltage scales (bsc#1051510).\n- staging: rtl8712: Fix possible buffer overrun (bsc#1051510).\n- staging: rtl8723bs: Add missing return for cfg80211_rtw_get_station (bsc#1051510).\n- staging: rtl8723bs: Fix the return value in case of error in \u0027rtw_wx_read32()\u0027 (bsc#1051510).\n- staging: rts5208: fix gcc-8 logic error warning (bsc#1051510).\n- staging: vchiq_arm: fix compat VCHIQ_IOC_AWAIT_COMPLETION (bsc#1051510).\n- staging: wilc1000: fix missing read_write setting when reading data (bsc#1051510).\n- SUNRPC: Allow connect to return EHOSTUNREACH (git-fixes).\n- sunrpc: Do not use stack buffer with scatterlist (git-fixes).\n- sunrpc: Fix rpc_task_begin trace point (git-fixes).\n- SUNRPC: Fix tracepoint storage issues with svc_recv and svc_rqst_status (git-fixes).\n- supported.conf: add raspberrypi-ts driver\n- supported.conf: whitelist bluefield eMMC driver\n- target: fix buffer offset in core_scsi3_pri_read_full_status (bsc1117349).\n- target/iscsi: avoid NULL dereference in CHAP auth error path (bsc#1117165).\n- target: se_dev_attrib.emulate_pr ABI stability (bsc#1091405).\n- tcp: do not restart timewait timer on rst reception (networking-stable-18_09_11).\n- team: no need to do team_notify_peers or team_mcast_rejoin when disabling port (bsc#1051510).\n- termios, tty/tty_baudrate.c: fix buffer overrun (bsc#1051510).\n- test_firmware: fix error return getting clobbered (bsc#1051510).\n- test_hexdump: use memcpy instead of strncpy (bsc#1051510).\n- tg3: Add PHY reset for 5717/5719/5720 in change ring and flow control paths (networking-stable-18_11_21).\n- thermal: bcm2835: enable hwmon explicitly (bsc#1108468).\n- thermal: da9062/61: Prevent hardware access during system suspend (bsc#1051510).\n- thermal: rcar_thermal: Prevent hardware access during system suspend (bsc#1051510).\n- tipc: do not assume linear buffer when reading ancillary data (networking-stable-18_11_21).\n- tipc: fix a missing rhashtable_walk_exit() (networking-stable-18_09_11).\n- tipc: fix flow control accounting for implicit connect (networking-stable-18_10_16).\n- tmpfs: make lseek(SEEK_DATA/SEK_HOLE) return ENXIO with a negative offset (bsc#1051510).\n- tools: hv: fcopy: set \u0027error\u0027 in case an unknown operation was requested (git-fixes).\n- tools: hv: include string.h in hv_fcopy_daemon (git-fixes).\n- tools/lib/lockdep: Rename \u0027trywlock\u0027 into \u0027trywrlock\u0027 (bsc#1121973).\n- tools/power/cpupower: fix compilation with STATIC=true (git-fixes).\n- tools/power turbostat: fix possible sprintf buffer overflow (git-fixes).\n- tpm2-cmd: allow more attempts for selftest execution (bsc#1082555).\n- tpm: add retry logic (bsc#1082555).\n- tpm: consolidate the TPM startup code (bsc#1082555).\n- tpm: do not suspend/resume if power stays on (bsc#1082555).\n- tpm: fix intermittent failure with self tests (bsc#1082555).\n- tpm: fix response size validation in tpm_get_random() (bsc#1082555).\n- tpm: move endianness conversion of ordinals to tpm_input_header (bsc#1082555).\n- tpm: move endianness conversion of TPM_TAG_RQU_COMMAND to tpm_input_header (bsc#1082555).\n- tpm: move the delay_msec increment after sleep in tpm_transmit() (bsc#1082555).\n- tpm: React correctly to RC_TESTING from TPM 2.0 self tests (bsc#1082555).\n- tpm: replace msleep() with usleep_range() in TPM 1.2/2.0 generic drivers (bsc#1082555).\n- tpm: Restore functionality to xen vtpm driver (bsc#1082555).\n- tpm: self test failure should not cause suspend to fail (bsc#1082555).\n- tpm: tpm-interface: fix tpm_transmit/_cmd kdoc (bsc#1082555).\n- tpm: Trigger only missing TPM 2.0 self tests (bsc#1082555).\n- tpm: Use dynamic delay to wait for TPM 2.0 self test result (bsc#1082555).\n- tpm: use tpm2_pcr_read() in tpm2_do_selftest() (bsc#1082555).\n- tpm: use tpm_buf functions in tpm2_pcr_read() (bsc#1082555).\n- tracing: Apply trace_clock changes to instance max buffer (bsc#1117188).\n- tracing/blktrace: Fix to allow setting same value (Git-fixes).\n- tracing: Erase irqsoff trace with empty write (bsc#1117189).\n- tracing: Fix bad use of igrab in trace_uprobe.c (bsc#1120046).\n- tracing: Fix crash when freeing instances with event triggers (bsc#1120230).\n- tracing: Fix crash when it fails to alloc ring buffer (bsc#1120097).\n- tracing: Fix double free of event_trigger_data (bsc#1120234).\n- tracing: Fix missing return symbol in function_graph output (bsc#1120232).\n- tracing: Fix possible double free in event_enable_trigger_func() (bsc#1120235).\n- tracing: Fix possible double free on failure of allocating trace buffer (bsc#1120214).\n- tracing: Fix regex_match_front() to not over compare the test string (bsc#1120223).\n- tracing: Fix trace_pipe behavior for instance traces (bsc#1120088).\n- tracing: Remove RCU work arounds from stack tracer (bsc#1120092).\n- tracing/samples: Fix creation and deletion of simple_thread_fn creation (git-fixes).\n- tty: check name length in tty_find_polling_driver() (bsc#1051510).\n- tty: Do not hold ldisc lock in tty_reopen() if ldisc present (bsc#1051510).\n- tty: Do not return -EAGAIN in blocking read (bsc#1116040).\n- tty: do not set TTY_IO_ERROR flag if console port (bsc#1051510).\n- tty: serial: 8250_mtk: always resume the device in probe (bsc#1051510).\n- tty: wipe buffer (bsc#1051510).\n- tty: wipe buffer if not echoing data (bsc#1051510).\n- tun: Consistently configure generic netdev params via rtnetlink (bsc#1051510).\n- tuntap: fix multiqueue rx (networking-stable-18_11_21).\n- ubifs: Handle re-linking of inodes correctly while recovery (bsc#1120598).\n- udf: Allow mounting volumes with incorrect identification strings (bsc#1118774).\n- udp4: fix IP_CMSG_CHECKSUM for connected sockets (networking-stable-18_09_24).\n- udp6: add missing checks on edumux packet processing (networking-stable-18_09_24).\n- udp6: fix encap return code for resubmitting (git-fixes).\n- uio: ensure class is registered before devices (bsc#1051510).\n- uio: Fix an Oops on load (bsc#1051510).\n- uio: make symbol \u0027uio_class_registered\u0027 static (bsc#1051510).\n- unifdef: use memcpy instead of strncpy (bsc#1051510).\n- Update config files. Enabled ENA (Amazon network driver) for arm64.\n- usb: appledisplay: Add 27\u0027 Apple Cinema Display (bsc#1051510).\n- usb: cdc-acm: add entry for Hiro (Conexant) modem (bsc#1051510).\n- usb: core: Fix hub port connection events lost (bsc#1051510).\n- usb: core: quirks: add RESET_RESUME quirk for Cherry G230 Stream series (bsc#1051510).\n- usb: dwc2: host: do not delay retries for CONTROL IN transfers (bsc#1114385).\n- usb: dwc2: host: Do not retry NAKed transactions right away (bsc#1114385).\n- usb: dwc2: host: use hrtimer for NAK retries (git-fixes).\n- usb: dwc3: core: Clean up ULPI device (bsc#1051510).\n- usb: dwc3: gadget: fix ISOC TRB type on unaligned transfers (bsc#1051510).\n- usb: dwc3: gadget: Properly check last unaligned/zero chain TRB (bsc#1051510).\n- usb: gadget: storage: Fix Spectre v1 vulnerability (bsc#1051510).\n- usb: gadget: udc: atmel: handle at91sam9rl PMC (bsc#1051510).\n- usb: gadget: u_ether: fix unsafe list iteration (bsc#1051510).\n- usb: host: ohci-at91: fix request of irq for optional gpio (bsc#1051510).\n- usb: hso: Fix OOB memory access in hso_probe/hso_get_config_data (bsc#1051510).\n- usbip: vhci_hcd: check rhport before using in vhci_hub_control() (bsc#1090888).\n- usbip:vudc: BUG kmalloc-2048 (Not tainted): Poison overwritten (bsc#1051510).\n- usb: misc: appledisplay: add 20\u0027 Apple Cinema Display (bsc#1051510).\n- usbnet: smsc95xx: disable carrier check while suspending (bsc#1051510).\n- usb: omap_udc: fix crashes on probe error and module removal (bsc#1051510).\n- usb: omap_udc: fix omap_udc_start() on 15xx machines (bsc#1051510).\n- usb: omap_udc: fix rejection of out transfers when DMA is used (bsc#1051510).\n- usb: omap_udc: fix USB gadget functionality on Palm Tungsten E (bsc#1051510).\n- usb: omap_udc: use devm_request_irq() (bsc#1051510).\n- usb: quirk: add no-LPM quirk on SanDisk Ultra Flair device (bsc#1051510).\n- usb: quirks: Add delay-init quirk for Corsair K70 LUX RGB (bsc#1051510).\n- usb: quirks: Add no-lpm quirk for Raydium touchscreens (bsc#1051510).\n- usb: serial: option: add Fibocom NL668 series (bsc#1051510).\n- usb: serial: option: add GosunCn ZTE WeLink ME3630 (bsc#1051510).\n- usb: serial: option: add HP lt4132 (bsc#1051510).\n- usb: serial: option: add Simcom SIM7500/SIM7600 (MBIM mode) (bsc#1051510).\n- usb: serial: option: add Telit LN940 series (bsc#1051510).\n- usb: serial: option: add two-endpoints device-id flag (bsc#1051510).\n- usb: serial: option: drop redundant interface-class test (bsc#1051510).\n- usb: serial: option: improve Quectel EP06 detection (bsc#1051510).\n- usb: usbip: Fix BUG: KASAN: slab-out-of-bounds in vhci_hub_control() (bsc#1106110).\n- usb: usb-storage: Add new IDs to ums-realtek (bsc#1051510).\n- usb: xhci: fix timeout for transition from RExit to U0 (bsc#1051510).\n- usb: xhci: fix uninitialized completion when USB3 port got wrong status (bsc#1051510).\n- usb: xhci: Prevent bus suspend if a port connect change or polling state is detected (bsc#1051510).\n- userfaultfd: clear the vma-\u003evm_userfaultfd_ctx if UFFD_EVENT_FORK fails (bsc#1118761).\n- userfaultfd: remove uffd flags from vma-\u003evm_flags if UFFD_EVENT_FORK fails (bsc#1118809).\n- v9fs_dir_readdir: fix double-free on p9stat_read error (bsc#1118771).\n- vfs: Avoid softlockups in drop_pagecache_sb() (bsc#1118505).\n- vhost: Fix Spectre V1 vulnerability (bsc#1051510).\n- vhost/scsi: truncate T10 PI iov_iter to prot_bytes (bsc#1051510).\n- virtio_net: avoid using netif_tx_disable() for serializing tx routine (networking-stable-18_11_02).\n- VMCI: Resource wildcard match fixed (bsc#1051510).\n- w1: omap-hdq: fix missing bus unregister at removal (bsc#1051510).\n- watchdog/core: Add missing prototypes for weak functions (git-fixes).\n- wireless: airo: potential buffer overflow in sprintf() (bsc#1051510).\n- wlcore: Fix the return value in case of error in \u0027wlcore_vendor_cmd_smart_config_start()\u0027 (bsc#1051510).\n- x86/bugs: Add AMD\u0027s SPEC_CTRL MSR usage (bsc#1106913).\n- x86/bugs: Fix the AMD SSBD usage of the SPEC_CTRL MSR (bsc#1106913).\n- x86/bugs: Switch the selection of mitigation from CPU vendor to CPU features (bsc#1106913).\n- x86/corruption-check: Fix panic in memory_corruption_check() when boot option without value is provided (bsc#1110006).\n- x86/cpu/vmware: Do not trace vmware_sched_clock() (bsc#1114279).\n- x86/decoder: Fix and update the opcodes map (bsc#1058115).\n- x86, hibernate: Fix nosave_regions setup for hibernation (bsc#1110006).\n- x86/irq: implement irq_data_get_effective_affinity_mask() for v4.12 (bsc#1109772).\n- x86/kabi: Fix cpu_tlbstate issue (bsc#1106913).\n- x86/l1tf: Show actual SMT state (bsc#1106913).\n- x86/ldt: Remove unused variable in map_ldt_struct() (bsc#1114279).\n- x86/ldt: Split out sanity check in map_ldt_struct() (bsc#1114279).\n- x86/ldt: Unmap PTEs for the slot before freeing LDT pages (bsc#1114279).\n- x86/MCE/AMD: Fix the thresholding machinery initialization order (bsc#1114279).\n- x86/MCE: Make correctable error detection look at the Deferred bit (bsc#1114279).\n- x86/mm: Fix decoy address handling vs 32-bit builds (bsc#1120606).\n- x86/mm/pat: Disable preemption around __flush_tlb_all() (bsc#1114279).\n- x86/PCI: Add additional VMD device root ports to VMD AER quirk (bsc#1120058).\n- x86/PCI: Add \u0027pci=big_root_window\u0027 option for AMD 64-bit windows (bsc#1120058).\n- x86/PCI: Apply VMD\u0027s AERSID fixup generically (bsc#1120058).\n- x86/PCI: Avoid AMD SB7xx EHCI USB wakeup defect (bsc#1120058).\n- x86/PCI: Enable a 64bit BAR on AMD Family 15h (Models 00-1f, 30-3f, 60-7f) (bsc#1120058).\n- x86/PCI: Enable AMD 64-bit window on resume (bsc#1120058).\n- x86/PCI: Fix infinite loop in search for 64bit BAR placement (bsc#1120058).\n- x86/PCI: Move and shrink AMD 64-bit window to avoid conflict (bsc#1120058).\n- x86/PCI: Move VMD quirk to x86 fixups (bsc#1120058).\n- x86/PCI: Only enable a 64bit BAR on single-socket AMD Family 15h (bsc#1120058).\n- x86/PCI: Use is_vmd() rather than relying on the domain number (bsc#1120058).\n- x86/process: Consolidate and simplify switch_to_xtra() code (bsc#1106913).\n- x86/pti: Document fix wrong index (git-fixes).\n- x86/retpoline: Make CONFIG_RETPOLINE depend on compiler support (bsc#1106913).\n- x86/retpoline: Remove minimal retpoline support (bsc#1106913).\n- x86/speculataion: Mark command line parser data __initdata (bsc#1106913).\n- x86/speculation: Add command line control for indirect branch speculation (bsc#1106913).\n- x86/speculation: Add prctl() control for indirect branch speculation (bsc#1106913).\n- x86/speculation: Add seccomp Spectre v2 user space protection mode (bsc#1106913).\n- x86/speculation: Apply IBPB more strictly to avoid cross-process data leak (bsc#1106913).\n- x86/speculation: Avoid __switch_to_xtra() calls (bsc#1106913).\n- x86/speculation: Clean up spectre_v2_parse_cmdline() (bsc#1106913).\n- x86/speculation: Disable STIBP when enhanced IBRS is in use (bsc#1106913).\n- x86/speculation: Enable cross-hyperthread spectre v2 STIBP mitigation (bsc#1106913).\n- x86/speculation: Enable prctl mode for spectre_v2_user (bsc#1106913).\n- x86/speculation/l1tf: Drop the swap storage limit restriction when l1tf=off (bnc#1114871).\n- x86/speculation: Mark string arrays const correctly (bsc#1106913).\n- x86/speculation: Move STIPB/IBPB string conditionals out of cpu_show_common() (bsc#1106913).\n- x86/speculation: Prepare arch_smt_update() for PRCTL mode (bsc#1106913).\n- x86/speculation: Prepare for conditional IBPB in switch_mm() (bsc#1106913).\n- x86/speculation: Prepare for per task indirect branch speculation control (bsc#1106913).\n- x86/speculation: Prevent stale SPEC_CTRL msr content (bsc#1106913).\n- x86/speculation: Propagate information about RSB filling mitigation to sysfs (bsc#1106913).\n- x86/speculation: Provide IBPB always command line options (bsc#1106913).\n- x86/speculation: Remove unnecessary ret variable in cpu_show_common() (bsc#1106913).\n- x86/speculation: Rename SSBD update functions (bsc#1106913).\n- x86/speculation: Reorder the spec_v2 code (bsc#1106913).\n- x86/speculation: Reorganize speculation control MSRs update (bsc#1106913).\n- x86/speculation: Rework SMT state change (bsc#1106913).\n- x86/speculation: Split out TIF update (bsc#1106913).\n- x86/speculation: Support Enhanced IBRS on future CPUs ().\n- x86/speculation: Unify conditional spectre v2 print functions (bsc#1106913).\n- x86/speculation: Update the TIF_SSBD comment (bsc#1106913).\n- x86/xen: Fix boot loader version reported for PVH guests (bnc#1065600).\n- xen/balloon: Support xend-based toolstack (bnc#1065600).\n- xen/blkfront: avoid NULL blkfront_info dereference on device removal (bsc#1111062).\n- xen: fix race in xen_qlock_wait() (bnc#1107256).\n- xen: fix xen_qlock_wait() (bnc#1107256).\n- xen: make xen_qlock_wait() nestable (bnc#1107256).\n- xen/netfront: do not bug in case of too many frags (bnc#1104824).\n- xen/netfront: tolerate frags with no data (bnc#1119804).\n- xen/pvh: do not try to unplug emulated devices (bnc#1065600).\n- xen/pvh: increase early stack size (bnc#1065600).\n- xen-swiotlb: use actually allocated size on check physical continuous (bnc#1065600).\n- xen/x86: add diagnostic printout to xen_mc_flush() in case of error (bnc#1116183).\n- xfs: Align compat attrlist_by_handle with native implementation (git-fixes).\n- xfs: Fix error code in \u0027xfs_ioc_getbmap()\u0027 (git-fixes).\n- xfs: fix quotacheck dquot id overflow infinite loop (bsc#1121621).\n- xfs: Fix xqmstats offsets in /proc/fs/xfs/xqmstat (git-fixes).\n- xfs: Properly detect when DAX won\u0027t be used on any device (bsc#1115976).\n- xfs: xfs_buf: drop useless LIST_HEAD (git-fixes).\n- xhci: Add check for invalid byte size error when UAS devices are connected (bsc#1051510).\n- xhci: Add quirk to workaround the errata seen on Cavium Thunder-X2 Soc (bsc#1117162).\n- xhci: Do not prevent USB2 bus suspend in state check intended for USB3 only (bsc#1051510).\n- xhci: Fix leaking USB3 shared_hcd at xhci removal (bsc#1051510).\n- xhci: Prevent U1/U2 link pm states if exit latency is too long (bsc#1051510).\n- xprtrdma: Do not defer fencing an async RPC\u0027s chunks (git-fixes).\n",
"title": "Description of the patch"
},
{
"category": "details",
"text": "SUSE-2019-150,SUSE-SLE-Module-Public-Cloud-15-2019-150",
"title": "Patchnames"
},
{
"category": "legal_disclaimer",
"text": "CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).",
"title": "Terms of use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://www.suse.com/support/security/contact/",
"name": "SUSE Product Security Team",
"namespace": "https://www.suse.com/"
},
"references": [
{
"category": "external",
"summary": "SUSE ratings",
"url": "https://www.suse.com/support/security/rating/"
},
{
"category": "self",
"summary": "URL of this CSAF notice",
"url": "https://ftp.suse.com/pub/projects/security/csaf/suse-su-2019_0150-1.json"
},
{
"category": "self",
"summary": "URL for SUSE-SU-2019:0150-1",
"url": "https://www.suse.com/support/update/announcement/2019/suse-su-20190150-1/"
},
{
"category": "self",
"summary": "E-Mail link for SUSE-SU-2019:0150-1",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2019-January/005059.html"
},
{
"category": "self",
"summary": "SUSE Bug 1024718",
"url": "https://bugzilla.suse.com/1024718"
},
{
"category": "self",
"summary": "SUSE Bug 1046299",
"url": "https://bugzilla.suse.com/1046299"
},
{
"category": "self",
"summary": "SUSE Bug 1050242",
"url": "https://bugzilla.suse.com/1050242"
},
{
"category": "self",
"summary": "SUSE Bug 1050244",
"url": "https://bugzilla.suse.com/1050244"
},
{
"category": "self",
"summary": "SUSE Bug 1051510",
"url": "https://bugzilla.suse.com/1051510"
},
{
"category": "self",
"summary": "SUSE Bug 1055120",
"url": "https://bugzilla.suse.com/1055120"
},
{
"category": "self",
"summary": "SUSE Bug 1055121",
"url": "https://bugzilla.suse.com/1055121"
},
{
"category": "self",
"summary": "SUSE Bug 1055186",
"url": "https://bugzilla.suse.com/1055186"
},
{
"category": "self",
"summary": "SUSE Bug 1058115",
"url": "https://bugzilla.suse.com/1058115"
},
{
"category": "self",
"summary": "SUSE Bug 1060463",
"url": "https://bugzilla.suse.com/1060463"
},
{
"category": "self",
"summary": "SUSE Bug 1065600",
"url": "https://bugzilla.suse.com/1065600"
},
{
"category": "self",
"summary": "SUSE Bug 1065729",
"url": "https://bugzilla.suse.com/1065729"
},
{
"category": "self",
"summary": "SUSE Bug 1068273",
"url": "https://bugzilla.suse.com/1068273"
},
{
"category": "self",
"summary": "SUSE Bug 1078248",
"url": "https://bugzilla.suse.com/1078248"
},
{
"category": "self",
"summary": "SUSE Bug 1079935",
"url": "https://bugzilla.suse.com/1079935"
},
{
"category": "self",
"summary": "SUSE Bug 1082387",
"url": "https://bugzilla.suse.com/1082387"
},
{
"category": "self",
"summary": "SUSE Bug 1082555",
"url": "https://bugzilla.suse.com/1082555"
},
{
"category": "self",
"summary": "SUSE Bug 1082653",
"url": "https://bugzilla.suse.com/1082653"
},
{
"category": "self",
"summary": "SUSE Bug 1083647",
"url": "https://bugzilla.suse.com/1083647"
},
{
"category": "self",
"summary": "SUSE Bug 1085535",
"url": "https://bugzilla.suse.com/1085535"
},
{
"category": "self",
"summary": "SUSE Bug 1086282",
"url": "https://bugzilla.suse.com/1086282"
},
{
"category": "self",
"summary": "SUSE Bug 1086283",
"url": "https://bugzilla.suse.com/1086283"
},
{
"category": "self",
"summary": "SUSE Bug 1086423",
"url": "https://bugzilla.suse.com/1086423"
},
{
"category": "self",
"summary": "SUSE Bug 1087082",
"url": "https://bugzilla.suse.com/1087082"
},
{
"category": "self",
"summary": "SUSE Bug 1087978",
"url": "https://bugzilla.suse.com/1087978"
},
{
"category": "self",
"summary": "SUSE Bug 1088386",
"url": "https://bugzilla.suse.com/1088386"
},
{
"category": "self",
"summary": "SUSE Bug 1089350",
"url": "https://bugzilla.suse.com/1089350"
},
{
"category": "self",
"summary": "SUSE Bug 1090888",
"url": "https://bugzilla.suse.com/1090888"
},
{
"category": "self",
"summary": "SUSE Bug 1091405",
"url": "https://bugzilla.suse.com/1091405"
},
{
"category": "self",
"summary": "SUSE Bug 1094244",
"url": "https://bugzilla.suse.com/1094244"
},
{
"category": "self",
"summary": "SUSE Bug 1097593",
"url": "https://bugzilla.suse.com/1097593"
},
{
"category": "self",
"summary": "SUSE Bug 1097755",
"url": "https://bugzilla.suse.com/1097755"
},
{
"category": "self",
"summary": "SUSE Bug 1102875",
"url": "https://bugzilla.suse.com/1102875"
},
{
"category": "self",
"summary": "SUSE Bug 1102877",
"url": "https://bugzilla.suse.com/1102877"
},
{
"category": "self",
"summary": "SUSE Bug 1102879",
"url": "https://bugzilla.suse.com/1102879"
},
{
"category": "self",
"summary": "SUSE Bug 1102882",
"url": "https://bugzilla.suse.com/1102882"
},
{
"category": "self",
"summary": "SUSE Bug 1102896",
"url": "https://bugzilla.suse.com/1102896"
},
{
"category": "self",
"summary": "SUSE Bug 1103257",
"url": "https://bugzilla.suse.com/1103257"
},
{
"category": "self",
"summary": "SUSE Bug 1104353",
"url": "https://bugzilla.suse.com/1104353"
},
{
"category": "self",
"summary": "SUSE Bug 1104427",
"url": "https://bugzilla.suse.com/1104427"
},
{
"category": "self",
"summary": "SUSE Bug 1104824",
"url": "https://bugzilla.suse.com/1104824"
},
{
"category": "self",
"summary": "SUSE Bug 1104967",
"url": "https://bugzilla.suse.com/1104967"
},
{
"category": "self",
"summary": "SUSE Bug 1105168",
"url": "https://bugzilla.suse.com/1105168"
},
{
"category": "self",
"summary": "SUSE Bug 1106105",
"url": "https://bugzilla.suse.com/1106105"
},
{
"category": "self",
"summary": "SUSE Bug 1106110",
"url": "https://bugzilla.suse.com/1106110"
},
{
"category": "self",
"summary": "SUSE Bug 1106237",
"url": "https://bugzilla.suse.com/1106237"
},
{
"category": "self",
"summary": "SUSE Bug 1106240",
"url": "https://bugzilla.suse.com/1106240"
},
{
"category": "self",
"summary": "SUSE Bug 1106615",
"url": "https://bugzilla.suse.com/1106615"
},
{
"category": "self",
"summary": "SUSE Bug 1106913",
"url": "https://bugzilla.suse.com/1106913"
},
{
"category": "self",
"summary": "SUSE Bug 1107256",
"url": "https://bugzilla.suse.com/1107256"
},
{
"category": "self",
"summary": "SUSE Bug 1107385",
"url": "https://bugzilla.suse.com/1107385"
},
{
"category": "self",
"summary": "SUSE Bug 1107866",
"url": "https://bugzilla.suse.com/1107866"
},
{
"category": "self",
"summary": "SUSE Bug 1108270",
"url": "https://bugzilla.suse.com/1108270"
},
{
"category": "self",
"summary": "SUSE Bug 1108468",
"url": "https://bugzilla.suse.com/1108468"
},
{
"category": "self",
"summary": "SUSE Bug 1109272",
"url": "https://bugzilla.suse.com/1109272"
},
{
"category": "self",
"summary": "SUSE Bug 1109772",
"url": "https://bugzilla.suse.com/1109772"
},
{
"category": "self",
"summary": "SUSE Bug 1109806",
"url": "https://bugzilla.suse.com/1109806"
},
{
"category": "self",
"summary": "SUSE Bug 1110006",
"url": "https://bugzilla.suse.com/1110006"
},
{
"category": "self",
"summary": "SUSE Bug 1110558",
"url": "https://bugzilla.suse.com/1110558"
},
{
"category": "self",
"summary": "SUSE Bug 1110998",
"url": "https://bugzilla.suse.com/1110998"
},
{
"category": "self",
"summary": "SUSE Bug 1111062",
"url": "https://bugzilla.suse.com/1111062"
},
{
"category": "self",
"summary": "SUSE Bug 1111174",
"url": "https://bugzilla.suse.com/1111174"
},
{
"category": "self",
"summary": "SUSE Bug 1111183",
"url": "https://bugzilla.suse.com/1111183"
},
{
"category": "self",
"summary": "SUSE Bug 1111188",
"url": "https://bugzilla.suse.com/1111188"
},
{
"category": "self",
"summary": "SUSE Bug 1111469",
"url": "https://bugzilla.suse.com/1111469"
},
{
"category": "self",
"summary": "SUSE Bug 1111696",
"url": "https://bugzilla.suse.com/1111696"
},
{
"category": "self",
"summary": "SUSE Bug 1111795",
"url": "https://bugzilla.suse.com/1111795"
},
{
"category": "self",
"summary": "SUSE Bug 1111809",
"url": "https://bugzilla.suse.com/1111809"
},
{
"category": "self",
"summary": "SUSE Bug 1112963",
"url": "https://bugzilla.suse.com/1112963"
},
{
"category": "self",
"summary": "SUSE Bug 1113295",
"url": "https://bugzilla.suse.com/1113295"
},
{
"category": "self",
"summary": "SUSE Bug 1113412",
"url": "https://bugzilla.suse.com/1113412"
},
{
"category": "self",
"summary": "SUSE Bug 1113501",
"url": "https://bugzilla.suse.com/1113501"
},
{
"category": "self",
"summary": "SUSE Bug 1113677",
"url": "https://bugzilla.suse.com/1113677"
},
{
"category": "self",
"summary": "SUSE Bug 1113722",
"url": "https://bugzilla.suse.com/1113722"
},
{
"category": "self",
"summary": "SUSE Bug 1113769",
"url": "https://bugzilla.suse.com/1113769"
},
{
"category": "self",
"summary": "SUSE Bug 1114015",
"url": "https://bugzilla.suse.com/1114015"
},
{
"category": "self",
"summary": "SUSE Bug 1114178",
"url": "https://bugzilla.suse.com/1114178"
},
{
"category": "self",
"summary": "SUSE Bug 1114279",
"url": "https://bugzilla.suse.com/1114279"
},
{
"category": "self",
"summary": "SUSE Bug 1114385",
"url": "https://bugzilla.suse.com/1114385"
},
{
"category": "self",
"summary": "SUSE Bug 1114576",
"url": "https://bugzilla.suse.com/1114576"
},
{
"category": "self",
"summary": "SUSE Bug 1114577",
"url": "https://bugzilla.suse.com/1114577"
},
{
"category": "self",
"summary": "SUSE Bug 1114578",
"url": "https://bugzilla.suse.com/1114578"
},
{
"category": "self",
"summary": "SUSE Bug 1114579",
"url": "https://bugzilla.suse.com/1114579"
},
{
"category": "self",
"summary": "SUSE Bug 1114580",
"url": "https://bugzilla.suse.com/1114580"
},
{
"category": "self",
"summary": "SUSE Bug 1114581",
"url": "https://bugzilla.suse.com/1114581"
},
{
"category": "self",
"summary": "SUSE Bug 1114582",
"url": "https://bugzilla.suse.com/1114582"
},
{
"category": "self",
"summary": "SUSE Bug 1114583",
"url": "https://bugzilla.suse.com/1114583"
},
{
"category": "self",
"summary": "SUSE Bug 1114584",
"url": "https://bugzilla.suse.com/1114584"
},
{
"category": "self",
"summary": "SUSE Bug 1114585",
"url": "https://bugzilla.suse.com/1114585"
},
{
"category": "self",
"summary": "SUSE Bug 1114839",
"url": "https://bugzilla.suse.com/1114839"
},
{
"category": "self",
"summary": "SUSE Bug 1114871",
"url": "https://bugzilla.suse.com/1114871"
},
{
"category": "self",
"summary": "SUSE Bug 1115074",
"url": "https://bugzilla.suse.com/1115074"
},
{
"category": "self",
"summary": "SUSE Bug 1115269",
"url": "https://bugzilla.suse.com/1115269"
},
{
"category": "self",
"summary": "SUSE Bug 1115431",
"url": "https://bugzilla.suse.com/1115431"
},
{
"category": "self",
"summary": "SUSE Bug 1115433",
"url": "https://bugzilla.suse.com/1115433"
},
{
"category": "self",
"summary": "SUSE Bug 1115440",
"url": "https://bugzilla.suse.com/1115440"
},
{
"category": "self",
"summary": "SUSE Bug 1115567",
"url": "https://bugzilla.suse.com/1115567"
},
{
"category": "self",
"summary": "SUSE Bug 1115709",
"url": "https://bugzilla.suse.com/1115709"
},
{
"category": "self",
"summary": "SUSE Bug 1115976",
"url": "https://bugzilla.suse.com/1115976"
},
{
"category": "self",
"summary": "SUSE Bug 1116040",
"url": "https://bugzilla.suse.com/1116040"
},
{
"category": "self",
"summary": "SUSE Bug 1116183",
"url": "https://bugzilla.suse.com/1116183"
},
{
"category": "self",
"summary": "SUSE Bug 1116336",
"url": "https://bugzilla.suse.com/1116336"
},
{
"category": "self",
"summary": "SUSE Bug 1116692",
"url": "https://bugzilla.suse.com/1116692"
},
{
"category": "self",
"summary": "SUSE Bug 1116693",
"url": "https://bugzilla.suse.com/1116693"
},
{
"category": "self",
"summary": "SUSE Bug 1116698",
"url": "https://bugzilla.suse.com/1116698"
},
{
"category": "self",
"summary": "SUSE Bug 1116699",
"url": "https://bugzilla.suse.com/1116699"
},
{
"category": "self",
"summary": "SUSE Bug 1116700",
"url": "https://bugzilla.suse.com/1116700"
},
{
"category": "self",
"summary": "SUSE Bug 1116701",
"url": "https://bugzilla.suse.com/1116701"
},
{
"category": "self",
"summary": "SUSE Bug 1116803",
"url": "https://bugzilla.suse.com/1116803"
},
{
"category": "self",
"summary": "SUSE Bug 1116841",
"url": "https://bugzilla.suse.com/1116841"
},
{
"category": "self",
"summary": "SUSE Bug 1116862",
"url": "https://bugzilla.suse.com/1116862"
},
{
"category": "self",
"summary": "SUSE Bug 1116863",
"url": "https://bugzilla.suse.com/1116863"
},
{
"category": "self",
"summary": "SUSE Bug 1116876",
"url": "https://bugzilla.suse.com/1116876"
},
{
"category": "self",
"summary": "SUSE Bug 1116877",
"url": "https://bugzilla.suse.com/1116877"
},
{
"category": "self",
"summary": "SUSE Bug 1116878",
"url": "https://bugzilla.suse.com/1116878"
},
{
"category": "self",
"summary": "SUSE Bug 1116891",
"url": "https://bugzilla.suse.com/1116891"
},
{
"category": "self",
"summary": "SUSE Bug 1116895",
"url": "https://bugzilla.suse.com/1116895"
},
{
"category": "self",
"summary": "SUSE Bug 1116899",
"url": "https://bugzilla.suse.com/1116899"
},
{
"category": "self",
"summary": "SUSE Bug 1116950",
"url": "https://bugzilla.suse.com/1116950"
},
{
"category": "self",
"summary": "SUSE Bug 1117115",
"url": "https://bugzilla.suse.com/1117115"
},
{
"category": "self",
"summary": "SUSE Bug 1117162",
"url": "https://bugzilla.suse.com/1117162"
},
{
"category": "self",
"summary": "SUSE Bug 1117165",
"url": "https://bugzilla.suse.com/1117165"
},
{
"category": "self",
"summary": "SUSE Bug 1117168",
"url": "https://bugzilla.suse.com/1117168"
},
{
"category": "self",
"summary": "SUSE Bug 1117172",
"url": "https://bugzilla.suse.com/1117172"
},
{
"category": "self",
"summary": "SUSE Bug 1117174",
"url": "https://bugzilla.suse.com/1117174"
},
{
"category": "self",
"summary": "SUSE Bug 1117181",
"url": "https://bugzilla.suse.com/1117181"
},
{
"category": "self",
"summary": "SUSE Bug 1117184",
"url": "https://bugzilla.suse.com/1117184"
},
{
"category": "self",
"summary": "SUSE Bug 1117186",
"url": "https://bugzilla.suse.com/1117186"
},
{
"category": "self",
"summary": "SUSE Bug 1117188",
"url": "https://bugzilla.suse.com/1117188"
},
{
"category": "self",
"summary": "SUSE Bug 1117189",
"url": "https://bugzilla.suse.com/1117189"
},
{
"category": "self",
"summary": "SUSE Bug 1117349",
"url": "https://bugzilla.suse.com/1117349"
},
{
"category": "self",
"summary": "SUSE Bug 1117561",
"url": "https://bugzilla.suse.com/1117561"
},
{
"category": "self",
"summary": "SUSE Bug 1117656",
"url": "https://bugzilla.suse.com/1117656"
},
{
"category": "self",
"summary": "SUSE Bug 1117788",
"url": "https://bugzilla.suse.com/1117788"
},
{
"category": "self",
"summary": "SUSE Bug 1117789",
"url": "https://bugzilla.suse.com/1117789"
},
{
"category": "self",
"summary": "SUSE Bug 1117790",
"url": "https://bugzilla.suse.com/1117790"
},
{
"category": "self",
"summary": "SUSE Bug 1117791",
"url": "https://bugzilla.suse.com/1117791"
},
{
"category": "self",
"summary": "SUSE Bug 1117792",
"url": "https://bugzilla.suse.com/1117792"
},
{
"category": "self",
"summary": "SUSE Bug 1117794",
"url": "https://bugzilla.suse.com/1117794"
},
{
"category": "self",
"summary": "SUSE Bug 1117795",
"url": "https://bugzilla.suse.com/1117795"
},
{
"category": "self",
"summary": "SUSE Bug 1117796",
"url": "https://bugzilla.suse.com/1117796"
},
{
"category": "self",
"summary": "SUSE Bug 1117798",
"url": "https://bugzilla.suse.com/1117798"
},
{
"category": "self",
"summary": "SUSE Bug 1117799",
"url": "https://bugzilla.suse.com/1117799"
},
{
"category": "self",
"summary": "SUSE Bug 1117801",
"url": "https://bugzilla.suse.com/1117801"
},
{
"category": "self",
"summary": "SUSE Bug 1117802",
"url": "https://bugzilla.suse.com/1117802"
},
{
"category": "self",
"summary": "SUSE Bug 1117803",
"url": "https://bugzilla.suse.com/1117803"
},
{
"category": "self",
"summary": "SUSE Bug 1117804",
"url": "https://bugzilla.suse.com/1117804"
},
{
"category": "self",
"summary": "SUSE Bug 1117805",
"url": "https://bugzilla.suse.com/1117805"
},
{
"category": "self",
"summary": "SUSE Bug 1117806",
"url": "https://bugzilla.suse.com/1117806"
},
{
"category": "self",
"summary": "SUSE Bug 1117807",
"url": "https://bugzilla.suse.com/1117807"
},
{
"category": "self",
"summary": "SUSE Bug 1117808",
"url": "https://bugzilla.suse.com/1117808"
},
{
"category": "self",
"summary": "SUSE Bug 1117815",
"url": "https://bugzilla.suse.com/1117815"
},
{
"category": "self",
"summary": "SUSE Bug 1117816",
"url": "https://bugzilla.suse.com/1117816"
},
{
"category": "self",
"summary": "SUSE Bug 1117817",
"url": "https://bugzilla.suse.com/1117817"
},
{
"category": "self",
"summary": "SUSE Bug 1117818",
"url": "https://bugzilla.suse.com/1117818"
},
{
"category": "self",
"summary": "SUSE Bug 1117819",
"url": "https://bugzilla.suse.com/1117819"
},
{
"category": "self",
"summary": "SUSE Bug 1117820",
"url": "https://bugzilla.suse.com/1117820"
},
{
"category": "self",
"summary": "SUSE Bug 1117821",
"url": "https://bugzilla.suse.com/1117821"
},
{
"category": "self",
"summary": "SUSE Bug 1117822",
"url": "https://bugzilla.suse.com/1117822"
},
{
"category": "self",
"summary": "SUSE Bug 1117953",
"url": "https://bugzilla.suse.com/1117953"
},
{
"category": "self",
"summary": "SUSE Bug 1118102",
"url": "https://bugzilla.suse.com/1118102"
},
{
"category": "self",
"summary": "SUSE Bug 1118136",
"url": "https://bugzilla.suse.com/1118136"
},
{
"category": "self",
"summary": "SUSE Bug 1118137",
"url": "https://bugzilla.suse.com/1118137"
},
{
"category": "self",
"summary": "SUSE Bug 1118138",
"url": "https://bugzilla.suse.com/1118138"
},
{
"category": "self",
"summary": "SUSE Bug 1118140",
"url": "https://bugzilla.suse.com/1118140"
},
{
"category": "self",
"summary": "SUSE Bug 1118152",
"url": "https://bugzilla.suse.com/1118152"
},
{
"category": "self",
"summary": "SUSE Bug 1118215",
"url": "https://bugzilla.suse.com/1118215"
},
{
"category": "self",
"summary": "SUSE Bug 1118316",
"url": "https://bugzilla.suse.com/1118316"
},
{
"category": "self",
"summary": "SUSE Bug 1118319",
"url": "https://bugzilla.suse.com/1118319"
},
{
"category": "self",
"summary": "SUSE Bug 1118320",
"url": "https://bugzilla.suse.com/1118320"
},
{
"category": "self",
"summary": "SUSE Bug 1118428",
"url": "https://bugzilla.suse.com/1118428"
},
{
"category": "self",
"summary": "SUSE Bug 1118484",
"url": "https://bugzilla.suse.com/1118484"
},
{
"category": "self",
"summary": "SUSE Bug 1118505",
"url": "https://bugzilla.suse.com/1118505"
},
{
"category": "self",
"summary": "SUSE Bug 1118752",
"url": "https://bugzilla.suse.com/1118752"
},
{
"category": "self",
"summary": "SUSE Bug 1118760",
"url": "https://bugzilla.suse.com/1118760"
},
{
"category": "self",
"summary": "SUSE Bug 1118761",
"url": "https://bugzilla.suse.com/1118761"
},
{
"category": "self",
"summary": "SUSE Bug 1118762",
"url": "https://bugzilla.suse.com/1118762"
},
{
"category": "self",
"summary": "SUSE Bug 1118766",
"url": "https://bugzilla.suse.com/1118766"
},
{
"category": "self",
"summary": "SUSE Bug 1118767",
"url": "https://bugzilla.suse.com/1118767"
},
{
"category": "self",
"summary": "SUSE Bug 1118768",
"url": "https://bugzilla.suse.com/1118768"
},
{
"category": "self",
"summary": "SUSE Bug 1118769",
"url": "https://bugzilla.suse.com/1118769"
},
{
"category": "self",
"summary": "SUSE Bug 1118771",
"url": "https://bugzilla.suse.com/1118771"
},
{
"category": "self",
"summary": "SUSE Bug 1118772",
"url": "https://bugzilla.suse.com/1118772"
},
{
"category": "self",
"summary": "SUSE Bug 1118773",
"url": "https://bugzilla.suse.com/1118773"
},
{
"category": "self",
"summary": "SUSE Bug 1118774",
"url": "https://bugzilla.suse.com/1118774"
},
{
"category": "self",
"summary": "SUSE Bug 1118775",
"url": "https://bugzilla.suse.com/1118775"
},
{
"category": "self",
"summary": "SUSE Bug 1118798",
"url": "https://bugzilla.suse.com/1118798"
},
{
"category": "self",
"summary": "SUSE Bug 1118809",
"url": "https://bugzilla.suse.com/1118809"
},
{
"category": "self",
"summary": "SUSE Bug 1118962",
"url": "https://bugzilla.suse.com/1118962"
},
{
"category": "self",
"summary": "SUSE Bug 1119017",
"url": "https://bugzilla.suse.com/1119017"
},
{
"category": "self",
"summary": "SUSE Bug 1119086",
"url": "https://bugzilla.suse.com/1119086"
},
{
"category": "self",
"summary": "SUSE Bug 1119212",
"url": "https://bugzilla.suse.com/1119212"
},
{
"category": "self",
"summary": "SUSE Bug 1119322",
"url": "https://bugzilla.suse.com/1119322"
},
{
"category": "self",
"summary": "SUSE Bug 1119410",
"url": "https://bugzilla.suse.com/1119410"
},
{
"category": "self",
"summary": "SUSE Bug 1119714",
"url": "https://bugzilla.suse.com/1119714"
},
{
"category": "self",
"summary": "SUSE Bug 1119749",
"url": "https://bugzilla.suse.com/1119749"
},
{
"category": "self",
"summary": "SUSE Bug 1119804",
"url": "https://bugzilla.suse.com/1119804"
},
{
"category": "self",
"summary": "SUSE Bug 1119946",
"url": "https://bugzilla.suse.com/1119946"
},
{
"category": "self",
"summary": "SUSE Bug 1119947",
"url": "https://bugzilla.suse.com/1119947"
},
{
"category": "self",
"summary": "SUSE Bug 1119962",
"url": "https://bugzilla.suse.com/1119962"
},
{
"category": "self",
"summary": "SUSE Bug 1119968",
"url": "https://bugzilla.suse.com/1119968"
},
{
"category": "self",
"summary": "SUSE Bug 1119974",
"url": "https://bugzilla.suse.com/1119974"
},
{
"category": "self",
"summary": "SUSE Bug 1120036",
"url": "https://bugzilla.suse.com/1120036"
},
{
"category": "self",
"summary": "SUSE Bug 1120053",
"url": "https://bugzilla.suse.com/1120053"
},
{
"category": "self",
"summary": "SUSE Bug 1120054",
"url": "https://bugzilla.suse.com/1120054"
},
{
"category": "self",
"summary": "SUSE Bug 1120055",
"url": "https://bugzilla.suse.com/1120055"
},
{
"category": "self",
"summary": "SUSE Bug 1120058",
"url": "https://bugzilla.suse.com/1120058"
},
{
"category": "self",
"summary": "SUSE Bug 1120088",
"url": "https://bugzilla.suse.com/1120088"
},
{
"category": "self",
"summary": "SUSE Bug 1120092",
"url": "https://bugzilla.suse.com/1120092"
},
{
"category": "self",
"summary": "SUSE Bug 1120094",
"url": "https://bugzilla.suse.com/1120094"
},
{
"category": "self",
"summary": "SUSE Bug 1120096",
"url": "https://bugzilla.suse.com/1120096"
},
{
"category": "self",
"summary": "SUSE Bug 1120097",
"url": "https://bugzilla.suse.com/1120097"
},
{
"category": "self",
"summary": "SUSE Bug 1120173",
"url": "https://bugzilla.suse.com/1120173"
},
{
"category": "self",
"summary": "SUSE Bug 1120214",
"url": "https://bugzilla.suse.com/1120214"
},
{
"category": "self",
"summary": "SUSE Bug 1120223",
"url": "https://bugzilla.suse.com/1120223"
},
{
"category": "self",
"summary": "SUSE Bug 1120228",
"url": "https://bugzilla.suse.com/1120228"
},
{
"category": "self",
"summary": "SUSE Bug 1120230",
"url": "https://bugzilla.suse.com/1120230"
},
{
"category": "self",
"summary": "SUSE Bug 1120232",
"url": "https://bugzilla.suse.com/1120232"
},
{
"category": "self",
"summary": "SUSE Bug 1120234",
"url": "https://bugzilla.suse.com/1120234"
},
{
"category": "self",
"summary": "SUSE Bug 1120235",
"url": "https://bugzilla.suse.com/1120235"
},
{
"category": "self",
"summary": "SUSE Bug 1120238",
"url": "https://bugzilla.suse.com/1120238"
},
{
"category": "self",
"summary": "SUSE Bug 1120594",
"url": "https://bugzilla.suse.com/1120594"
},
{
"category": "self",
"summary": "SUSE Bug 1120598",
"url": "https://bugzilla.suse.com/1120598"
},
{
"category": "self",
"summary": "SUSE Bug 1120600",
"url": "https://bugzilla.suse.com/1120600"
},
{
"category": "self",
"summary": "SUSE Bug 1120601",
"url": "https://bugzilla.suse.com/1120601"
},
{
"category": "self",
"summary": "SUSE Bug 1120602",
"url": "https://bugzilla.suse.com/1120602"
},
{
"category": "self",
"summary": "SUSE Bug 1120603",
"url": "https://bugzilla.suse.com/1120603"
},
{
"category": "self",
"summary": "SUSE Bug 1120604",
"url": "https://bugzilla.suse.com/1120604"
},
{
"category": "self",
"summary": "SUSE Bug 1120606",
"url": "https://bugzilla.suse.com/1120606"
},
{
"category": "self",
"summary": "SUSE Bug 1120612",
"url": "https://bugzilla.suse.com/1120612"
},
{
"category": "self",
"summary": "SUSE Bug 1120613",
"url": "https://bugzilla.suse.com/1120613"
},
{
"category": "self",
"summary": "SUSE Bug 1120614",
"url": "https://bugzilla.suse.com/1120614"
},
{
"category": "self",
"summary": "SUSE Bug 1120615",
"url": "https://bugzilla.suse.com/1120615"
},
{
"category": "self",
"summary": "SUSE Bug 1120616",
"url": "https://bugzilla.suse.com/1120616"
},
{
"category": "self",
"summary": "SUSE Bug 1120617",
"url": "https://bugzilla.suse.com/1120617"
},
{
"category": "self",
"summary": "SUSE Bug 1120618",
"url": "https://bugzilla.suse.com/1120618"
},
{
"category": "self",
"summary": "SUSE Bug 1120620",
"url": "https://bugzilla.suse.com/1120620"
},
{
"category": "self",
"summary": "SUSE Bug 1120621",
"url": "https://bugzilla.suse.com/1120621"
},
{
"category": "self",
"summary": "SUSE Bug 1120632",
"url": "https://bugzilla.suse.com/1120632"
},
{
"category": "self",
"summary": "SUSE Bug 1120633",
"url": "https://bugzilla.suse.com/1120633"
},
{
"category": "self",
"summary": "SUSE Bug 1120743",
"url": "https://bugzilla.suse.com/1120743"
},
{
"category": "self",
"summary": "SUSE Bug 1120954",
"url": "https://bugzilla.suse.com/1120954"
},
{
"category": "self",
"summary": "SUSE Bug 1121017",
"url": "https://bugzilla.suse.com/1121017"
},
{
"category": "self",
"summary": "SUSE Bug 1121058",
"url": "https://bugzilla.suse.com/1121058"
},
{
"category": "self",
"summary": "SUSE Bug 1121263",
"url": "https://bugzilla.suse.com/1121263"
},
{
"category": "self",
"summary": "SUSE Bug 1121273",
"url": "https://bugzilla.suse.com/1121273"
},
{
"category": "self",
"summary": "SUSE Bug 1121477",
"url": "https://bugzilla.suse.com/1121477"
},
{
"category": "self",
"summary": "SUSE Bug 1121483",
"url": "https://bugzilla.suse.com/1121483"
},
{
"category": "self",
"summary": "SUSE Bug 1121599",
"url": "https://bugzilla.suse.com/1121599"
},
{
"category": "self",
"summary": "SUSE Bug 1121621",
"url": "https://bugzilla.suse.com/1121621"
},
{
"category": "self",
"summary": "SUSE Bug 1121714",
"url": "https://bugzilla.suse.com/1121714"
},
{
"category": "self",
"summary": "SUSE Bug 1121715",
"url": "https://bugzilla.suse.com/1121715"
},
{
"category": "self",
"summary": "SUSE Bug 1121973",
"url": "https://bugzilla.suse.com/1121973"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2018-12232 page",
"url": "https://www.suse.com/security/cve/CVE-2018-12232/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2018-14625 page",
"url": "https://www.suse.com/security/cve/CVE-2018-14625/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2018-16862 page",
"url": "https://www.suse.com/security/cve/CVE-2018-16862/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2018-16884 page",
"url": "https://www.suse.com/security/cve/CVE-2018-16884/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2018-18281 page",
"url": "https://www.suse.com/security/cve/CVE-2018-18281/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2018-18397 page",
"url": "https://www.suse.com/security/cve/CVE-2018-18397/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2018-19407 page",
"url": "https://www.suse.com/security/cve/CVE-2018-19407/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2018-19824 page",
"url": "https://www.suse.com/security/cve/CVE-2018-19824/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2018-19854 page",
"url": "https://www.suse.com/security/cve/CVE-2018-19854/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2018-19985 page",
"url": "https://www.suse.com/security/cve/CVE-2018-19985/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2018-20169 page",
"url": "https://www.suse.com/security/cve/CVE-2018-20169/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2018-9568 page",
"url": "https://www.suse.com/security/cve/CVE-2018-9568/"
}
],
"title": "Security update for the Linux Kernel",
"tracking": {
"current_release_date": "2019-01-23T16:58:46Z",
"generator": {
"date": "2019-01-23T16:58:46Z",
"engine": {
"name": "cve-database.git:bin/generate-csaf.pl",
"version": "1"
}
},
"id": "SUSE-SU-2019:0150-1",
"initial_release_date": "2019-01-23T16:58:46Z",
"revision_history": [
{
"date": "2019-01-23T16:58:46Z",
"number": "1",
"summary": "Current version"
}
],
"status": "final",
"version": "1"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_version",
"name": "kernel-devel-azure-4.12.14-5.19.1.noarch",
"product": {
"name": "kernel-devel-azure-4.12.14-5.19.1.noarch",
"product_id": "kernel-devel-azure-4.12.14-5.19.1.noarch"
}
},
{
"category": "product_version",
"name": "kernel-source-azure-4.12.14-5.19.1.noarch",
"product": {
"name": "kernel-source-azure-4.12.14-5.19.1.noarch",
"product_id": "kernel-source-azure-4.12.14-5.19.1.noarch"
}
}
],
"category": "architecture",
"name": "noarch"
},
{
"branches": [
{
"category": "product_version",
"name": "cluster-md-kmp-azure-4.12.14-5.19.1.x86_64",
"product": {
"name": "cluster-md-kmp-azure-4.12.14-5.19.1.x86_64",
"product_id": "cluster-md-kmp-azure-4.12.14-5.19.1.x86_64"
}
},
{
"category": "product_version",
"name": "dlm-kmp-azure-4.12.14-5.19.1.x86_64",
"product": {
"name": "dlm-kmp-azure-4.12.14-5.19.1.x86_64",
"product_id": "dlm-kmp-azure-4.12.14-5.19.1.x86_64"
}
},
{
"category": "product_version",
"name": "gfs2-kmp-azure-4.12.14-5.19.1.x86_64",
"product": {
"name": "gfs2-kmp-azure-4.12.14-5.19.1.x86_64",
"product_id": "gfs2-kmp-azure-4.12.14-5.19.1.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-azure-4.12.14-5.19.1.x86_64",
"product": {
"name": "kernel-azure-4.12.14-5.19.1.x86_64",
"product_id": "kernel-azure-4.12.14-5.19.1.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-azure-base-4.12.14-5.19.1.x86_64",
"product": {
"name": "kernel-azure-base-4.12.14-5.19.1.x86_64",
"product_id": "kernel-azure-base-4.12.14-5.19.1.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-azure-devel-4.12.14-5.19.1.x86_64",
"product": {
"name": "kernel-azure-devel-4.12.14-5.19.1.x86_64",
"product_id": "kernel-azure-devel-4.12.14-5.19.1.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-azure-extra-4.12.14-5.19.1.x86_64",
"product": {
"name": "kernel-azure-extra-4.12.14-5.19.1.x86_64",
"product_id": "kernel-azure-extra-4.12.14-5.19.1.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-azure-livepatch-4.12.14-5.19.1.x86_64",
"product": {
"name": "kernel-azure-livepatch-4.12.14-5.19.1.x86_64",
"product_id": "kernel-azure-livepatch-4.12.14-5.19.1.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-syms-azure-4.12.14-5.19.1.x86_64",
"product": {
"name": "kernel-syms-azure-4.12.14-5.19.1.x86_64",
"product_id": "kernel-syms-azure-4.12.14-5.19.1.x86_64"
}
},
{
"category": "product_version",
"name": "kselftests-kmp-azure-4.12.14-5.19.1.x86_64",
"product": {
"name": "kselftests-kmp-azure-4.12.14-5.19.1.x86_64",
"product_id": "kselftests-kmp-azure-4.12.14-5.19.1.x86_64"
}
},
{
"category": "product_version",
"name": "ocfs2-kmp-azure-4.12.14-5.19.1.x86_64",
"product": {
"name": "ocfs2-kmp-azure-4.12.14-5.19.1.x86_64",
"product_id": "ocfs2-kmp-azure-4.12.14-5.19.1.x86_64"
}
},
{
"category": "product_version",
"name": "reiserfs-kmp-azure-4.12.14-5.19.1.x86_64",
"product": {
"name": "reiserfs-kmp-azure-4.12.14-5.19.1.x86_64",
"product_id": "reiserfs-kmp-azure-4.12.14-5.19.1.x86_64"
}
}
],
"category": "architecture",
"name": "x86_64"
},
{
"branches": [
{
"category": "product_name",
"name": "SUSE Linux Enterprise Module for Public Cloud 15",
"product": {
"name": "SUSE Linux Enterprise Module for Public Cloud 15",
"product_id": "SUSE Linux Enterprise Module for Public Cloud 15",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sle-module-public-cloud:15"
}
}
}
],
"category": "product_family",
"name": "SUSE Linux Enterprise"
}
],
"category": "vendor",
"name": "SUSE"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-azure-4.12.14-5.19.1.x86_64 as component of SUSE Linux Enterprise Module for Public Cloud 15",
"product_id": "SUSE Linux Enterprise Module for Public Cloud 15:kernel-azure-4.12.14-5.19.1.x86_64"
},
"product_reference": "kernel-azure-4.12.14-5.19.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Public Cloud 15"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-azure-base-4.12.14-5.19.1.x86_64 as component of SUSE Linux Enterprise Module for Public Cloud 15",
"product_id": "SUSE Linux Enterprise Module for Public Cloud 15:kernel-azure-base-4.12.14-5.19.1.x86_64"
},
"product_reference": "kernel-azure-base-4.12.14-5.19.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Public Cloud 15"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-azure-devel-4.12.14-5.19.1.x86_64 as component of SUSE Linux Enterprise Module for Public Cloud 15",
"product_id": "SUSE Linux Enterprise Module for Public Cloud 15:kernel-azure-devel-4.12.14-5.19.1.x86_64"
},
"product_reference": "kernel-azure-devel-4.12.14-5.19.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Public Cloud 15"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-devel-azure-4.12.14-5.19.1.noarch as component of SUSE Linux Enterprise Module for Public Cloud 15",
"product_id": "SUSE Linux Enterprise Module for Public Cloud 15:kernel-devel-azure-4.12.14-5.19.1.noarch"
},
"product_reference": "kernel-devel-azure-4.12.14-5.19.1.noarch",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Public Cloud 15"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-source-azure-4.12.14-5.19.1.noarch as component of SUSE Linux Enterprise Module for Public Cloud 15",
"product_id": "SUSE Linux Enterprise Module for Public Cloud 15:kernel-source-azure-4.12.14-5.19.1.noarch"
},
"product_reference": "kernel-source-azure-4.12.14-5.19.1.noarch",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Public Cloud 15"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-syms-azure-4.12.14-5.19.1.x86_64 as component of SUSE Linux Enterprise Module for Public Cloud 15",
"product_id": "SUSE Linux Enterprise Module for Public Cloud 15:kernel-syms-azure-4.12.14-5.19.1.x86_64"
},
"product_reference": "kernel-syms-azure-4.12.14-5.19.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Public Cloud 15"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2018-12232",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2018-12232"
}
],
"notes": [
{
"category": "general",
"text": "In net/socket.c in the Linux kernel through 4.17.1, there is a race condition between fchownat and close in cases where they target the same socket file descriptor, related to the sock_close and sockfs_setattr functions. fchownat does not increment the file descriptor reference count, which allows close to set the socket to NULL during fchownat\u0027s execution, leading to a NULL pointer dereference and system crash.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15:kernel-azure-4.12.14-5.19.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15:kernel-azure-base-4.12.14-5.19.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15:kernel-azure-devel-4.12.14-5.19.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15:kernel-devel-azure-4.12.14-5.19.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15:kernel-source-azure-4.12.14-5.19.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15:kernel-syms-azure-4.12.14-5.19.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2018-12232",
"url": "https://www.suse.com/security/cve/CVE-2018-12232"
},
{
"category": "external",
"summary": "SUSE Bug 1087082 for CVE-2018-12232",
"url": "https://bugzilla.suse.com/1087082"
},
{
"category": "external",
"summary": "SUSE Bug 1097593 for CVE-2018-12232",
"url": "https://bugzilla.suse.com/1097593"
},
{
"category": "external",
"summary": "SUSE Bug 1125907 for CVE-2018-12232",
"url": "https://bugzilla.suse.com/1125907"
},
{
"category": "external",
"summary": "SUSE Bug 1127757 for CVE-2018-12232",
"url": "https://bugzilla.suse.com/1127757"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15:kernel-azure-4.12.14-5.19.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15:kernel-azure-base-4.12.14-5.19.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15:kernel-azure-devel-4.12.14-5.19.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15:kernel-devel-azure-4.12.14-5.19.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15:kernel-source-azure-4.12.14-5.19.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15:kernel-syms-azure-4.12.14-5.19.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.0"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15:kernel-azure-4.12.14-5.19.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15:kernel-azure-base-4.12.14-5.19.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15:kernel-azure-devel-4.12.14-5.19.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15:kernel-devel-azure-4.12.14-5.19.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15:kernel-source-azure-4.12.14-5.19.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15:kernel-syms-azure-4.12.14-5.19.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2019-01-23T16:58:46Z",
"details": "important"
}
],
"title": "CVE-2018-12232"
},
{
"cve": "CVE-2018-14625",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2018-14625"
}
],
"notes": [
{
"category": "general",
"text": "A flaw was found in the Linux Kernel where an attacker may be able to have an uncontrolled read to kernel-memory from within a vm guest. A race condition between connect() and close() function may allow an attacker using the AF_VSOCK protocol to gather a 4 byte information leak or possibly intercept or corrupt AF_VSOCK messages destined to other clients.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15:kernel-azure-4.12.14-5.19.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15:kernel-azure-base-4.12.14-5.19.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15:kernel-azure-devel-4.12.14-5.19.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15:kernel-devel-azure-4.12.14-5.19.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15:kernel-source-azure-4.12.14-5.19.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15:kernel-syms-azure-4.12.14-5.19.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2018-14625",
"url": "https://www.suse.com/security/cve/CVE-2018-14625"
},
{
"category": "external",
"summary": "SUSE Bug 1106615 for CVE-2018-14625",
"url": "https://bugzilla.suse.com/1106615"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15:kernel-azure-4.12.14-5.19.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15:kernel-azure-base-4.12.14-5.19.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15:kernel-azure-devel-4.12.14-5.19.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15:kernel-devel-azure-4.12.14-5.19.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15:kernel-source-azure-4.12.14-5.19.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15:kernel-syms-azure-4.12.14-5.19.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:L/A:H",
"version": "3.0"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15:kernel-azure-4.12.14-5.19.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15:kernel-azure-base-4.12.14-5.19.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15:kernel-azure-devel-4.12.14-5.19.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15:kernel-devel-azure-4.12.14-5.19.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15:kernel-source-azure-4.12.14-5.19.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15:kernel-syms-azure-4.12.14-5.19.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2019-01-23T16:58:46Z",
"details": "moderate"
}
],
"title": "CVE-2018-14625"
},
{
"cve": "CVE-2018-16862",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2018-16862"
}
],
"notes": [
{
"category": "general",
"text": "A security flaw was found in the Linux kernel in a way that the cleancache subsystem clears an inode after the final file truncation (removal). The new file created with the same inode may contain leftover pages from cleancache and the old file data instead of the new one.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15:kernel-azure-4.12.14-5.19.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15:kernel-azure-base-4.12.14-5.19.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15:kernel-azure-devel-4.12.14-5.19.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15:kernel-devel-azure-4.12.14-5.19.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15:kernel-source-azure-4.12.14-5.19.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15:kernel-syms-azure-4.12.14-5.19.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2018-16862",
"url": "https://www.suse.com/security/cve/CVE-2018-16862"
},
{
"category": "external",
"summary": "SUSE Bug 1117186 for CVE-2018-16862",
"url": "https://bugzilla.suse.com/1117186"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15:kernel-azure-4.12.14-5.19.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15:kernel-azure-base-4.12.14-5.19.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15:kernel-azure-devel-4.12.14-5.19.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15:kernel-devel-azure-4.12.14-5.19.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15:kernel-source-azure-4.12.14-5.19.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15:kernel-syms-azure-4.12.14-5.19.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.0/AV:L/AC:H/PR:N/UI:R/S:U/C:H/I:L/A:N",
"version": "3.0"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15:kernel-azure-4.12.14-5.19.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15:kernel-azure-base-4.12.14-5.19.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15:kernel-azure-devel-4.12.14-5.19.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15:kernel-devel-azure-4.12.14-5.19.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15:kernel-source-azure-4.12.14-5.19.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15:kernel-syms-azure-4.12.14-5.19.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2019-01-23T16:58:46Z",
"details": "moderate"
}
],
"title": "CVE-2018-16862"
},
{
"cve": "CVE-2018-16884",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2018-16884"
}
],
"notes": [
{
"category": "general",
"text": "A flaw was found in the Linux kernel\u0027s NFS41+ subsystem. NFS41+ shares mounted in different network namespaces at the same time can make bc_svc_process() use wrong back-channel IDs and cause a use-after-free vulnerability. Thus a malicious container user can cause a host kernel memory corruption and a system panic. Due to the nature of the flaw, privilege escalation cannot be fully ruled out.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15:kernel-azure-4.12.14-5.19.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15:kernel-azure-base-4.12.14-5.19.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15:kernel-azure-devel-4.12.14-5.19.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15:kernel-devel-azure-4.12.14-5.19.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15:kernel-source-azure-4.12.14-5.19.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15:kernel-syms-azure-4.12.14-5.19.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2018-16884",
"url": "https://www.suse.com/security/cve/CVE-2018-16884"
},
{
"category": "external",
"summary": "SUSE Bug 1119946 for CVE-2018-16884",
"url": "https://bugzilla.suse.com/1119946"
},
{
"category": "external",
"summary": "SUSE Bug 1119947 for CVE-2018-16884",
"url": "https://bugzilla.suse.com/1119947"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15:kernel-azure-4.12.14-5.19.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15:kernel-azure-base-4.12.14-5.19.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15:kernel-azure-devel-4.12.14-5.19.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15:kernel-devel-azure-4.12.14-5.19.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15:kernel-source-azure-4.12.14-5.19.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15:kernel-syms-azure-4.12.14-5.19.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15:kernel-azure-4.12.14-5.19.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15:kernel-azure-base-4.12.14-5.19.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15:kernel-azure-devel-4.12.14-5.19.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15:kernel-devel-azure-4.12.14-5.19.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15:kernel-source-azure-4.12.14-5.19.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15:kernel-syms-azure-4.12.14-5.19.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2019-01-23T16:58:46Z",
"details": "important"
}
],
"title": "CVE-2018-16884"
},
{
"cve": "CVE-2018-18281",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2018-18281"
}
],
"notes": [
{
"category": "general",
"text": "Since Linux kernel version 3.2, the mremap() syscall performs TLB flushes after dropping pagetable locks. If a syscall such as ftruncate() removes entries from the pagetables of a task that is in the middle of mremap(), a stale TLB entry can remain for a short time that permits access to a physical page after it has been released back to the page allocator and reused. This is fixed in the following kernel versions: 4.9.135, 4.14.78, 4.18.16, 4.19.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15:kernel-azure-4.12.14-5.19.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15:kernel-azure-base-4.12.14-5.19.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15:kernel-azure-devel-4.12.14-5.19.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15:kernel-devel-azure-4.12.14-5.19.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15:kernel-source-azure-4.12.14-5.19.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15:kernel-syms-azure-4.12.14-5.19.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2018-18281",
"url": "https://www.suse.com/security/cve/CVE-2018-18281"
},
{
"category": "external",
"summary": "SUSE Bug 1113769 for CVE-2018-18281",
"url": "https://bugzilla.suse.com/1113769"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15:kernel-azure-4.12.14-5.19.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15:kernel-azure-base-4.12.14-5.19.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15:kernel-azure-devel-4.12.14-5.19.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15:kernel-devel-azure-4.12.14-5.19.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15:kernel-source-azure-4.12.14-5.19.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15:kernel-syms-azure-4.12.14-5.19.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.6,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:N/A:N",
"version": "3.0"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15:kernel-azure-4.12.14-5.19.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15:kernel-azure-base-4.12.14-5.19.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15:kernel-azure-devel-4.12.14-5.19.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15:kernel-devel-azure-4.12.14-5.19.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15:kernel-source-azure-4.12.14-5.19.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15:kernel-syms-azure-4.12.14-5.19.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2019-01-23T16:58:46Z",
"details": "moderate"
}
],
"title": "CVE-2018-18281"
},
{
"cve": "CVE-2018-18397",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2018-18397"
}
],
"notes": [
{
"category": "general",
"text": "The userfaultfd implementation in the Linux kernel before 4.19.7 mishandles access control for certain UFFDIO_ ioctl calls, as demonstrated by allowing local users to write data into holes in a tmpfs file (if the user has read-only access to that file, and that file contains holes), related to fs/userfaultfd.c and mm/userfaultfd.c.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15:kernel-azure-4.12.14-5.19.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15:kernel-azure-base-4.12.14-5.19.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15:kernel-azure-devel-4.12.14-5.19.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15:kernel-devel-azure-4.12.14-5.19.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15:kernel-source-azure-4.12.14-5.19.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15:kernel-syms-azure-4.12.14-5.19.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2018-18397",
"url": "https://www.suse.com/security/cve/CVE-2018-18397"
},
{
"category": "external",
"summary": "SUSE Bug 1117656 for CVE-2018-18397",
"url": "https://bugzilla.suse.com/1117656"
},
{
"category": "external",
"summary": "SUSE Bug 1171522 for CVE-2018-18397",
"url": "https://bugzilla.suse.com/1171522"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15:kernel-azure-4.12.14-5.19.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15:kernel-azure-base-4.12.14-5.19.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15:kernel-azure-devel-4.12.14-5.19.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15:kernel-devel-azure-4.12.14-5.19.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15:kernel-source-azure-4.12.14-5.19.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15:kernel-syms-azure-4.12.14-5.19.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:H/A:N",
"version": "3.0"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15:kernel-azure-4.12.14-5.19.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15:kernel-azure-base-4.12.14-5.19.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15:kernel-azure-devel-4.12.14-5.19.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15:kernel-devel-azure-4.12.14-5.19.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15:kernel-source-azure-4.12.14-5.19.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15:kernel-syms-azure-4.12.14-5.19.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2019-01-23T16:58:46Z",
"details": "moderate"
}
],
"title": "CVE-2018-18397"
},
{
"cve": "CVE-2018-19407",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2018-19407"
}
],
"notes": [
{
"category": "general",
"text": "The vcpu_scan_ioapic function in arch/x86/kvm/x86.c in the Linux kernel through 4.19.2 allows local users to cause a denial of service (NULL pointer dereference and BUG) via crafted system calls that reach a situation where ioapic is uninitialized.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15:kernel-azure-4.12.14-5.19.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15:kernel-azure-base-4.12.14-5.19.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15:kernel-azure-devel-4.12.14-5.19.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15:kernel-devel-azure-4.12.14-5.19.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15:kernel-source-azure-4.12.14-5.19.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15:kernel-syms-azure-4.12.14-5.19.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2018-19407",
"url": "https://www.suse.com/security/cve/CVE-2018-19407"
},
{
"category": "external",
"summary": "SUSE Bug 1116841 for CVE-2018-19407",
"url": "https://bugzilla.suse.com/1116841"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15:kernel-azure-4.12.14-5.19.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15:kernel-azure-base-4.12.14-5.19.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15:kernel-azure-devel-4.12.14-5.19.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15:kernel-devel-azure-4.12.14-5.19.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15:kernel-source-azure-4.12.14-5.19.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15:kernel-syms-azure-4.12.14-5.19.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.0"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15:kernel-azure-4.12.14-5.19.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15:kernel-azure-base-4.12.14-5.19.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15:kernel-azure-devel-4.12.14-5.19.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15:kernel-devel-azure-4.12.14-5.19.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15:kernel-source-azure-4.12.14-5.19.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15:kernel-syms-azure-4.12.14-5.19.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2019-01-23T16:58:46Z",
"details": "moderate"
}
],
"title": "CVE-2018-19407"
},
{
"cve": "CVE-2018-19824",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2018-19824"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel through 4.19.6, a local user could exploit a use-after-free in the ALSA driver by supplying a malicious USB Sound device (with zero interfaces) that is mishandled in usb_audio_probe in sound/usb/card.c.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15:kernel-azure-4.12.14-5.19.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15:kernel-azure-base-4.12.14-5.19.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15:kernel-azure-devel-4.12.14-5.19.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15:kernel-devel-azure-4.12.14-5.19.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15:kernel-source-azure-4.12.14-5.19.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15:kernel-syms-azure-4.12.14-5.19.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2018-19824",
"url": "https://www.suse.com/security/cve/CVE-2018-19824"
},
{
"category": "external",
"summary": "SUSE Bug 1118152 for CVE-2018-19824",
"url": "https://bugzilla.suse.com/1118152"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15:kernel-azure-4.12.14-5.19.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15:kernel-azure-base-4.12.14-5.19.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15:kernel-azure-devel-4.12.14-5.19.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15:kernel-devel-azure-4.12.14-5.19.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15:kernel-source-azure-4.12.14-5.19.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15:kernel-syms-azure-4.12.14-5.19.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.6,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.0/AV:P/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15:kernel-azure-4.12.14-5.19.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15:kernel-azure-base-4.12.14-5.19.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15:kernel-azure-devel-4.12.14-5.19.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15:kernel-devel-azure-4.12.14-5.19.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15:kernel-source-azure-4.12.14-5.19.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15:kernel-syms-azure-4.12.14-5.19.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2019-01-23T16:58:46Z",
"details": "moderate"
}
],
"title": "CVE-2018-19824"
},
{
"cve": "CVE-2018-19854",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2018-19854"
}
],
"notes": [
{
"category": "general",
"text": "An issue was discovered in the Linux kernel before 4.19.3. crypto_report_one() and related functions in crypto/crypto_user.c (the crypto user configuration API) do not fully initialize structures that are copied to userspace, potentially leaking sensitive memory to user programs. NOTE: this is a CVE-2013-2547 regression but with easier exploitability because the attacker does not need a capability (however, the system must have the CONFIG_CRYPTO_USER kconfig option).",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15:kernel-azure-4.12.14-5.19.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15:kernel-azure-base-4.12.14-5.19.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15:kernel-azure-devel-4.12.14-5.19.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15:kernel-devel-azure-4.12.14-5.19.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15:kernel-source-azure-4.12.14-5.19.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15:kernel-syms-azure-4.12.14-5.19.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2018-19854",
"url": "https://www.suse.com/security/cve/CVE-2018-19854"
},
{
"category": "external",
"summary": "SUSE Bug 1118428 for CVE-2018-19854",
"url": "https://bugzilla.suse.com/1118428"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15:kernel-azure-4.12.14-5.19.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15:kernel-azure-base-4.12.14-5.19.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15:kernel-azure-devel-4.12.14-5.19.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15:kernel-devel-azure-4.12.14-5.19.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15:kernel-source-azure-4.12.14-5.19.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15:kernel-syms-azure-4.12.14-5.19.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N",
"version": "3.0"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15:kernel-azure-4.12.14-5.19.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15:kernel-azure-base-4.12.14-5.19.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15:kernel-azure-devel-4.12.14-5.19.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15:kernel-devel-azure-4.12.14-5.19.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15:kernel-source-azure-4.12.14-5.19.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15:kernel-syms-azure-4.12.14-5.19.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2019-01-23T16:58:46Z",
"details": "low"
}
],
"title": "CVE-2018-19854"
},
{
"cve": "CVE-2018-19985",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2018-19985"
}
],
"notes": [
{
"category": "general",
"text": "The function hso_get_config_data in drivers/net/usb/hso.c in the Linux kernel through 4.19.8 reads if_num from the USB device (as a u8) and uses it to index a small array, resulting in an object out-of-bounds (OOB) read that potentially allows arbitrary read in the kernel address space.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15:kernel-azure-4.12.14-5.19.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15:kernel-azure-base-4.12.14-5.19.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15:kernel-azure-devel-4.12.14-5.19.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15:kernel-devel-azure-4.12.14-5.19.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15:kernel-source-azure-4.12.14-5.19.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15:kernel-syms-azure-4.12.14-5.19.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2018-19985",
"url": "https://www.suse.com/security/cve/CVE-2018-19985"
},
{
"category": "external",
"summary": "SUSE Bug 1120743 for CVE-2018-19985",
"url": "https://bugzilla.suse.com/1120743"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15:kernel-azure-4.12.14-5.19.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15:kernel-azure-base-4.12.14-5.19.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15:kernel-azure-devel-4.12.14-5.19.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15:kernel-devel-azure-4.12.14-5.19.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15:kernel-source-azure-4.12.14-5.19.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15:kernel-syms-azure-4.12.14-5.19.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N",
"version": "3.0"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15:kernel-azure-4.12.14-5.19.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15:kernel-azure-base-4.12.14-5.19.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15:kernel-azure-devel-4.12.14-5.19.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15:kernel-devel-azure-4.12.14-5.19.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15:kernel-source-azure-4.12.14-5.19.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15:kernel-syms-azure-4.12.14-5.19.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2019-01-23T16:58:46Z",
"details": "low"
}
],
"title": "CVE-2018-19985"
},
{
"cve": "CVE-2018-20169",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2018-20169"
}
],
"notes": [
{
"category": "general",
"text": "An issue was discovered in the Linux kernel before 4.19.9. The USB subsystem mishandles size checks during the reading of an extra descriptor, related to __usb_get_extra_descriptor in drivers/usb/core/usb.c.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15:kernel-azure-4.12.14-5.19.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15:kernel-azure-base-4.12.14-5.19.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15:kernel-azure-devel-4.12.14-5.19.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15:kernel-devel-azure-4.12.14-5.19.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15:kernel-source-azure-4.12.14-5.19.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15:kernel-syms-azure-4.12.14-5.19.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2018-20169",
"url": "https://www.suse.com/security/cve/CVE-2018-20169"
},
{
"category": "external",
"summary": "SUSE Bug 1119714 for CVE-2018-20169",
"url": "https://bugzilla.suse.com/1119714"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15:kernel-azure-4.12.14-5.19.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15:kernel-azure-base-4.12.14-5.19.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15:kernel-azure-devel-4.12.14-5.19.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15:kernel-devel-azure-4.12.14-5.19.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15:kernel-source-azure-4.12.14-5.19.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15:kernel-syms-azure-4.12.14-5.19.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.0/AV:P/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15:kernel-azure-4.12.14-5.19.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15:kernel-azure-base-4.12.14-5.19.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15:kernel-azure-devel-4.12.14-5.19.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15:kernel-devel-azure-4.12.14-5.19.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15:kernel-source-azure-4.12.14-5.19.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15:kernel-syms-azure-4.12.14-5.19.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2019-01-23T16:58:46Z",
"details": "moderate"
}
],
"title": "CVE-2018-20169"
},
{
"cve": "CVE-2018-9568",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2018-9568"
}
],
"notes": [
{
"category": "general",
"text": "In sk_clone_lock of sock.c, there is a possible memory corruption due to type confusion. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation. Product: Android. Versions: Android kernel. Android ID: A-113509306. References: Upstream kernel.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15:kernel-azure-4.12.14-5.19.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15:kernel-azure-base-4.12.14-5.19.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15:kernel-azure-devel-4.12.14-5.19.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15:kernel-devel-azure-4.12.14-5.19.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15:kernel-source-azure-4.12.14-5.19.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15:kernel-syms-azure-4.12.14-5.19.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2018-9568",
"url": "https://www.suse.com/security/cve/CVE-2018-9568"
},
{
"category": "external",
"summary": "SUSE Bug 1118319 for CVE-2018-9568",
"url": "https://bugzilla.suse.com/1118319"
},
{
"category": "external",
"summary": "SUSE Bug 1118320 for CVE-2018-9568",
"url": "https://bugzilla.suse.com/1118320"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15:kernel-azure-4.12.14-5.19.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15:kernel-azure-base-4.12.14-5.19.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15:kernel-azure-devel-4.12.14-5.19.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15:kernel-devel-azure-4.12.14-5.19.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15:kernel-source-azure-4.12.14-5.19.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15:kernel-syms-azure-4.12.14-5.19.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.4,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.0/AV:L/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15:kernel-azure-4.12.14-5.19.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15:kernel-azure-base-4.12.14-5.19.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15:kernel-azure-devel-4.12.14-5.19.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15:kernel-devel-azure-4.12.14-5.19.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15:kernel-source-azure-4.12.14-5.19.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15:kernel-syms-azure-4.12.14-5.19.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2019-01-23T16:58:46Z",
"details": "moderate"
}
],
"title": "CVE-2018-9568"
}
]
}
SUSE-SU-2019:0224-1
Vulnerability from csaf_suse - Published: 2019-02-01 18:55 - Updated: 2019-02-01 18:55Summary
Security update for the Linux Kernel
Notes
Title of the patch
Security update for the Linux Kernel
Description of the patch
The SUSE Linux Enterprise 15 kernel was updated to receive various security and bugfixes.
This update brings following features:
- Support for Enhanced-IBRS on new Intel CPUs (fate#326564)
The following security bugs were fixed:
- CVE-2018-9568: In sk_clone_lock of sock.c, there is a possible memory corruption due to type confusion. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation. (bnc#1118319).
- CVE-2018-12232: In net/socket.c there is a race condition between fchownat and close in cases where they target the same socket file descriptor, related to the sock_close and sockfs_setattr functions. fchownat did not increment the file descriptor reference count, which allowed close to set the socket to NULL during fchownat's execution, leading to a NULL pointer dereference and system crash (bnc#1097593).
- CVE-2018-14625: A flaw was found where an attacker may be able to have an uncontrolled read to kernel-memory from within a vm guest. A race condition between connect() and close() function may allow an attacker using the AF_VSOCK protocol to gather a 4 byte information leak or possibly intercept or corrupt AF_VSOCK messages destined to other clients (bnc#1106615).
- CVE-2018-16862: A security flaw was found in the way that the cleancache subsystem clears an inode after the final file truncation (removal). The new file created with the same inode may contain leftover pages from cleancache and the old file data instead of the new one (bnc#1117186).
- CVE-2018-16884: NFS41+ shares mounted in different network namespaces at the same time can make bc_svc_process() use wrong back-channel IDs and cause a use-after-free vulnerability. Thus a malicious container user can cause a host kernel memory corruption and a system panic. Due to the nature of the flaw, privilege escalation cannot be fully ruled out (bnc#1119946).
- CVE-2018-18281: The mremap() syscall performs TLB flushes after dropping pagetable locks. If a syscall such as ftruncate() removes entries from the pagetables of a task that is in the middle of mremap(), a stale TLB entry can remain for a short time that permits access to a physical page after it has been released back to the page allocator and reused. (bnc#1113769).
- CVE-2018-18397: The userfaultfd implementation mishandled access control for certain UFFDIO_ ioctl calls, as demonstrated by allowing local users to write data into holes in a tmpfs file (if the user has read-only access to that file, and that file contains holes), related to fs/userfaultfd.c and mm/userfaultfd.c (bnc#1117656).
- CVE-2018-18710: An information leak in cdrom_ioctl_select_disc in drivers/cdrom/cdrom.c could be used by local attackers to read kernel memory because a cast from unsigned long to int interferes with bounds checking. This is similar to CVE-2018-10940 and CVE-2018-16658 (bnc#1113751).
- CVE-2018-19407: The vcpu_scan_ioapic function in arch/x86/kvm/x86.c allowed local users to cause a denial of service (NULL pointer dereference and BUG) via crafted system calls that reach a situation where ioapic is uninitialized (bnc#1116841).
- CVE-2018-19824: A local user could exploit a use-after-free in the ALSA driver by supplying a malicious USB Sound device (with zero interfaces) that is mishandled in usb_audio_probe in sound/usb/card.c (bnc#1118152).
- CVE-2018-19854: An issue was discovered in the crypto_report_one() and related functions in crypto/crypto_user.c (the crypto user configuration API) do not fully initialize structures that are copied to userspace, potentially leaking sensitive memory to user programs. NOTE: this is a CVE-2013-2547 regression but with easier exploitability because the attacker did not need a capability (however, the system must have the CONFIG_CRYPTO_USER kconfig option) (bnc#1118428).
- CVE-2018-19985: The function hso_probe read if_num from the USB device (as an u8) and used it without a length check to index an array, resulting in an OOB memory read in hso_probe or hso_get_config_data that could be used by local attackers (bnc#1120743).
- CVE-2018-20169: The USB subsystem mishandled size checks during the reading of an extra descriptor, related to __usb_get_extra_descriptor in drivers/usb/core/usb.c (bnc#1119714).
The following non-security bugs were fixed:
- acpi/apei: Handle GSIV and GPIO notification types (bsc#1115567).
- acpica: Tables: Add WSMT support (bsc#1089350).
- acpi/cpcc: Check for valid PCC subspace only if PCC is used (bsc#1117115).
- acpi/cpcc: Update all pr_(debug/err) messages to log the susbspace id (bsc#1117115).
- acpi/iort: Fix iort_get_platform_device_domain() uninitialized pointer value (bsc#1051510).
- acpi/LPSS: Add alternative ACPI HIDs for Cherry Trail DMA controllers (bsc#1051510).
- acpi/nfit: Fix ARS overflow continuation (bsc#1116895).
- acpi/nfit, x86/mce: Handle only uncorrectable machine checks (bsc#1114279).
- acpi/nfit, x86/mce: Validate a MCE's address before using it (bsc#1114279).
- acpi/platform: Add SMB0001 HID to forbidden_id_list (bsc#1051510).
- acpi/watchdog: Prefer iTCO_wdt always when WDAT table uses RTC SRAM (bsc#1051510).
- act_ife: fix a potential use-after-free (networking-stable-18_09_11).
- aio: fix spectre gadget in lookup_ioctx (bsc#1120594).
- alsa: ac97: Fix incorrect bit shift at AC97-SPSA control write (bsc#1051510).
- alsa: ca0106: Disable IZD on SB0570 DAC to fix audio pops (bsc#1051510).
- alsa: control: Fix race between adding and removing a user element (bsc#1051510).
- alsa: cs46xx: Potential NULL dereference in probe (bsc#1051510).
- alsa: emu10k1: Fix potential Spectre v1 vulnerabilities (bsc#1051510).
- alsa: emux: Fix potential Spectre v1 vulnerabilities (bsc#1051510).
- alsa: fireface: fix for state to fetch PCM frames (bsc#1051510).
- alsa: fireface: fix reference to wrong register for clock configuration (bsc#1051510).
- alsa: firewire-lib: fix wrong assignment for 'out_packet_without_header' tracepoint (bsc#1051510).
- alsa: firewire-lib: fix wrong handling payload_length as payload_quadlet (bsc#1051510).
- alsa: firewire-lib: use the same print format for 'without_header' tracepoints (bsc#1051510).
- alsa: hda: Add 2 more models to the power_save blacklist (bsc#1051510).
- alsa: hda: Add ASRock N68C-S UCC the power_save blacklist (bsc#1051510).
- alsa: hda - Add mic quirk for the Lenovo G50-30 (17aa:3905) (bsc#1051510).
- alsa: hda: add mute LED support for HP EliteBook 840 G4 (bsc#1051510).
- alsa: hda - Add quirk for ASUS G751 laptop (bsc#1051510).
- alsa: hda: Add support for AMD Stoney Ridge (bsc#1051510).
- alsa: hda/ca0132 - Call pci_iounmap() instead of iounmap() (bsc#1051510).
- alsa: hda/ca0132 - make pci_iounmap() call conditional (bsc#1051510).
- alsa: hda: fix front speakers on Huawei MBXP (bsc#1051510).
- alsa: hda - Fix headphone pin config for ASUS G751 (bsc#1051510).
- alsa: hda: fix unused variable warning (bsc#1051510).
- alsa: hda/realtek - Add auto-mute quirk for HP Spectre x360 laptop (bsc#1051510).
- alsa: hda/realtek - Add GPIO data update helper (bsc#1051510).
- alsa: hda/realtek - Add support for Acer Aspire C24-860 headset mic (bsc#1051510).
- alsa: hda/realtek - Add unplug function into unplug state of Headset Mode for ALC225 (bsc#1051510).
- alsa: hda/realtek: ALC286 mic and headset-mode fixups for Acer Aspire U27-880 (bsc#1051510).
- alsa: hda/realtek: ALC294 mic and headset-mode fixups for ASUS X542UN (bsc#1051510).
- alsa: hda/realtek - Allow skipping spec->init_amp detection (bsc#1051510).
- alsa: hda/realtek - Disable headset Mic VREF for headset mode of ALC225 (bsc#1051510).
- alsa: hda/realtek: Enable audio jacks of ASUS UX391UA with ALC294 (bsc#1051510).
- alsa: hda/realtek: Enable audio jacks of ASUS UX433FN/UX333FA with ALC294 (bsc#1051510).
- alsa: hda/realtek: Enable audio jacks of ASUS UX533FD with ALC294 (bsc#1051510).
- alsa: hda/realtek: Enable the headset mic auto detection for ASUS laptops (bsc#1051510).
- alsa: hda/realtek - Fixed headphone issue for ALC700 (bsc#1051510).
- alsa: hda/realtek - fix headset mic detection for MSI MS-B171 (bsc#1051510).
- alsa: hda/realtek - Fix HP Headset Mic can't record (bsc#1051510).
- alsa: hda/realtek: Fix mic issue on Acer AIO Veriton Z4660G (bsc#1051510).
- alsa: hda/realtek: Fix mic issue on Acer AIO Veriton Z4860G/Z6860G (bsc#1051510).
- alsa: hda/realtek - Fix speaker output regression on Thinkpad T570 (bsc#1051510).
- alsa: hda/realtek - Fix the mute LED regresion on Lenovo X1 Carbon (bsc#1051510).
- alsa: hda/realtek - fix the pop noise on headphone for lenovo laptops (bsc#1051510).
- alsa: hda/realtek - Fix the problem of the front MIC on the Lenovo M715 (bsc#1051510).
- alsa: hda/realtek - Manage GPIO bits commonly (bsc#1051510).
- alsa: hda/realtek - Simplify Dell XPS13 GPIO handling (bsc#1051510).
- alsa: hda/realtek - Support ALC300 (bsc#1051510).
- alsa: hda/realtek - Support Dell headset mode for New AIO platform (bsc#1051510).
- alsa: hda/tegra: clear pending irq handlers (bsc#1051510).
- alsa: oss: Use kvzalloc() for local buffer allocations (bsc#1051510).
- alsa: pcm: Call snd_pcm_unlink() conditionally at closing (bsc#1051510).
- alsa: pcm: Fix interval evaluation with openmin/max (bsc#1051510).
- alsa: pcm: Fix potential Spectre v1 vulnerability (bsc#1051510).
- alsa: pcm: Fix starvation on down_write_nonblock() (bsc#1051510).
- alsa: rme9652: Fix potential Spectre v1 vulnerability (bsc#1051510).
- alsa: sparc: Fix invalid snd_free_pages() at error path (bsc#1051510).
- alsa: trident: Suppress gcc string warning (bsc#1051510).
- alsa: usb-audio: Add SMSL D1 to quirks for native DSD support (bsc#1051510).
- alsa: usb-audio: Add support for Encore mDSD USB DAC (bsc#1051510).
- alsa: usb-audio: Add vendor and product name for Dell WD19 Dock (bsc#1051510).
- alsa: usb-audio: Avoid access before bLength check in build_audio_procunit() (bsc#1051510).
- alsa: usb-audio: Fix an out-of-bound read in create_composite_quirks (bsc#1051510).
- alsa: usb-audio: update quirk for B&W PX to remove microphone (bsc#1051510).
- alsa: wss: Fix invalid snd_free_pages() at error path (bsc#1051510).
- alsa: x86: Fix runtime PM for hdmi-lpe-audio (bsc#1051510).
- amd/iommu: Fix Guest Virtual APIC Log Tail Address Register (bsc#1106105).
- apparmor: do not try to replace stale label in ptrace access check (git-fixes).
- apparmor: do not try to replace stale label in ptraceme check (git-fixes).
- apparmor: Fix uninitialized value in aa_split_fqname (git-fixes).
- arm64: Add work around for Arm Cortex-A55 Erratum 1024718 (bsc#1120612).
- arm64: atomics: Remove '&' from '+&' asm constraint in lse atomics (bsc#1120613).
- arm64: cpu_errata: include required headers (bsc#1120615).
- arm64: dma-mapping: Fix FORCE_CONTIGUOUS buffer clearing (bsc#1120633).
- arm64: Enabled ENA (Amazon network driver) for arm64.
- arm64: Fix /proc/iomem for reserved but not memory regions (bsc#1120632).
- arm64: kvm: Move CPU ID reg trap setup off the world switch path (bsc#1110998).
- arm64: kvm: Sanitize PSTATE.M when being set from userspace (bsc#1110998).
- arm64: kvm: Tighten guest core register access from userspace (bsc#1110998).
- arm64: lse: Add early clobbers to some input/output asm operands (bsc#1120614).
- arm64: lse: remove -fcall-used-x0 flag (bsc#1120618).
- arm64: mm: always enable CONFIG_HOLES_IN_ZONE (bsc#1120617).
- arm64/numa: Report correct memblock range for the dummy node (bsc#1120620).
- arm64/numa: Unify common error path in numa_init() (bsc#1120621).
- arm64: remove no-op -p linker flag (bsc#1120616).
- arm: dts: at91: add new compatibility string for macb on sama5d3 (bsc#1051510).
- ASoC: dapm: Recalculate audio map forcely when card instantiated (bsc#1051510).
- ASoC: dwc: Added a quirk DW_I2S_QUIRK_16BIT_IDX_OVERRIDE to dwc (bsc#1085535)
- ASoC: Intel: cht_bsw_max98090: add support for Baytrail (bsc#1051510).
- ASoC: intel: cht_bsw_max98090_ti: Add pmc_plt_clk_0 quirk for Chromebook Clapper (bsc#1051510).
- ASoC: intel: cht_bsw_max98090_ti: Add pmc_plt_clk_0 quirk for Chromebook Gnawty (bsc#1051510).
- ASoC: intel: cht_bsw_max98090_ti: Add quirk for boards using pmc_plt_clk_0 (bsc#1051510).
- ASoC: Intel: mrfld: fix uninitialized variable access (bsc#1051510).
- ASoC: intel: skylake: Add missing break in skl_tplg_get_token() (bsc#1051510).
- ASoC: omap-abe-twl6040: Fix missing audio card caused by deferred probing (bsc#1051510).
- ASoC: omap-dmic: Add pm_qos handling to avoid overruns with CPU_IDLE (bsc#1051510).
- ASoC: omap-mcbsp: Fix latency value calculation for pm_qos (bsc#1051510).
- ASoC: omap-mcpdm: Add pm_qos handling to avoid under/overruns with CPU_IDLE (bsc#1051510).
- ASoC: rsnd: fixup clock start checker (bsc#1051510).
- ASoC: sun8i-codec: fix crash on module removal (bsc#1051510).
- ASoC: wm_adsp: Fix dma-unsafe read of scratch registers (bsc#1051510).
- ata: Fix racy link clearance (bsc#1107866).
- ataflop: fix error handling during setup (bsc#1051510).
- ath10k: do not assume this is a PCI dev in generic code (bsc#1051510).
- ath10k: schedule hardware restart if WMI command times out (bsc#1051510).
- ath6kl: Only use match sets when firmware supports it (bsc#1051510).
- autofs: fix autofs_sbi() does not check super block type (git-fixes).
- autofs: fix slab out of bounds read in getname_kernel() (git-fixes).
- autofs: mount point create should honour passed in mode (git-fixes).
- b43: Fix error in cordic routine (bsc#1051510).
- badblocks: fix wrong return value in badblocks_set if badblocks are disabled (git-fixes).
- batman-adv: Expand merged fragment buffer for full packet (bsc#1051510).
- batman-adv: Use explicit tvlv padding for ELP packets (bsc#1051510).
- bcache: fix miss key refill->end in writeback (Git-fixes).
- bcache: trace missed reading by cache_missed (Git-fixes).
- bitops: protect variables in bit_clear_unless() macro (bsc#1051510).
- bitops: protect variables in set_mask_bits() macro (bsc#1051510).
- blk-mq: remove synchronize_rcu() from blk_mq_del_queue_tag_set() (Git-fixes).
- block: allow max_discard_segments to be stacked (Git-fixes).
- block: blk_init_allocated_queue() set q->fq as NULL in the fail case (Git-fixes).
- block: copy ioprio in __bio_clone_fast() (bsc#1082653).
- block: really disable runtime-pm for blk-mq (Git-fixes).
- block: reset bi_iter.bi_done after splitting bio (Git-fixes).
- block: respect virtual boundary mask in bvecs (bsc#1113412).
- block/swim: Fix array bounds check (Git-fixes).
- bluetooth: btbcm: Add entry for BCM4335C0 UART bluetooth (bsc#1051510).
- bluetooth: SMP: fix crash in unpairing (bsc#1051510).
- bnxt_en: do not try to offload VLAN 'modify' action (bsc#1050242 ).
- bnxt_en: Fix enables field in HWRM_QUEUE_COS2BW_CFG request (bsc#1086282).
- bnxt_en: Fix TX timeout during netpoll (networking-stable-18_10_16).
- bnxt_en: Fix VNIC reservations on the PF (bsc#1086282 ).
- bnxt_en: free hwrm resources, if driver probe fails (networking-stable-18_10_16).
- bnxt_en: get the reduced max_irqs by the ones used by RDMA (bsc#1050242).
- bonding: avoid possible dead-lock (networking-stable-18_10_16).
- bonding: fix length of actor system (networking-stable-18_11_02).
- bonding: fix warning message (networking-stable-18_10_16).
- bonding: pass link-local packets to bonding master also (networking-stable-18_10_16).
- bpf: fix check of allowed specifiers in bpf_trace_printk (bsc#1083647).
- bpf: fix partial copy of map_ptr when dst is scalar (bsc#1083647).
- bpf, net: add skb_mac_header_len helper (networking-stable-18_09_24).
- bpf: use per htab salt for bucket hash (git-fixes).
- bpf: wait for running BPF programs when updating map-in-map (bsc#1083647).
- brcmfmac: fix for proper support of 160MHz bandwidth (bsc#1051510).
- brcmfmac: fix reporting support for 160 MHz channels (bsc#1051510).
- brcmutil: really fix decoding channel info for 160 MHz bandwidth (bsc#1051510).
- bridge: do not add port to router list when receives query with source 0.0.0.0 (networking-stable-18_11_02).
- btrfs: Always try all copies when reading extent buffers (git-fixes).
- btrfs: delete dead code in btrfs_orphan_add() (bsc#1111469).
- btrfs: delete dead code in btrfs_orphan_commit_root() (bsc#1111469).
- btrfs: do not BUG_ON() in btrfs_truncate_inode_items() (bsc#1111469).
- btrfs: do not check inode's runtime flags under root->orphan_lock (bsc#1111469).
- btrfs: do not return ino to ino cache if inode item removal fails (bsc#1111469).
- btrfs: Enhance btrfs_trim_fs function to handle error better (Dependency for bsc#1113667).
- btrfs: Ensure btrfs_trim_fs can trim the whole filesystem (bsc#1113667).
- btrfs: fix assertion failure during fsync in no-holes mode (bsc#1118136).
- btrfs: fix assertion on fsync of regular file when using no-holes feature (bsc#1118137).
- btrfs: fix cur_offset in the error case for nocow (bsc#1118140).
- btrfs: fix data corruption due to cloning of eof block (bsc#1116878).
- btrfs: fix deadlock on tree root leaf when finding free extent (bsc#1116876).
- btrfs: fix deadlock when writing out free space caches (bsc#1116700).
- btrfs: fix ENOSPC caused by orphan items reservations (bsc#1111469).
- btrfs: Fix error handling in btrfs_cleanup_ordered_extents (git-fixes).
- btrfs: fix error handling in btrfs_truncate() (bsc#1111469).
- btrfs: fix error handling in btrfs_truncate_inode_items() (bsc#1111469).
- btrfs: fix fsync of files with multiple hard links in new directories (1120173).
- btrfs: fix infinite loop on inode eviction after deduplication of eof block (bsc#1116877).
- btrfs: Fix memory barriers usage with device stats counters (git-fixes).
- btrfs: fix null pointer dereference on compressed write path error (bsc#1116698).
- btrfs: fix use-after-free during inode eviction (bsc#1116701).
- btrfs: fix use-after-free on root->orphan_block_rsv (bsc#1111469).
- btrfs: fix use-after-free when dumping free space (bsc#1116862).
- btrfs: fix warning when replaying log after fsync of a tmpfile (bsc#1116692).
- btrfs: fix wrong dentries after fsync of file that got its parent replaced (bsc#1116693).
- btrfs: get rid of BTRFS_INODE_HAS_ORPHAN_ITEM (bsc#1111469).
- btrfs: get rid of unused orphan infrastructure (bsc#1111469).
- btrfs: make sure we create all new block groups (bsc#1116699).
- btrfs: move btrfs_truncate_block out of trans handle (bsc#1111469).
- btrfs: protect space cache inode alloc with GFP_NOFS (bsc#1116863).
- btrfs: qgroup: Dirty all qgroups before rescan (bsc#1120036).
- btrfs: refactor btrfs_evict_inode() reserve refill dance (bsc#1111469).
- btrfs: renumber BTRFS_INODE_ runtime flags and switch to enums (bsc#1111469).
- btrfs: reserve space for O_TMPFILE orphan item deletion (bsc#1111469).
- btrfs: run delayed items before dropping the snapshot (bsc#1121263, bsc#1111188).
- btrfs: send, fix infinite loop due to directory rename dependencies (bsc#1118138).
- btrfs: stop creating orphan items for truncate (bsc#1111469).
- btrfs: tree-checker: Do not check max block group size as current max chunk size limit is unreliable (fixes for bsc#1102882, bsc#1102896, bsc#1102879, bsc#1102877, bsc#1102875).
- btrfs: update stale comments referencing vmtruncate() (bsc#1111469).
- cachefiles: fix the race between cachefiles_bury_object() and rmdir(2) (bsc#1051510).
- can: dev: __can_get_echo_skb(): Do not crash the kernel if can_priv::echo_skb is accessed out of bounds (bsc#1051510).
- can: dev: can_get_echo_skb(): factor out non sending code to __can_get_echo_skb() (bsc#1051510).
- can: dev: __can_get_echo_skb(): print error message, if trying to echo non existing skb (bsc#1051510).
- can: dev: __can_get_echo_skb(): replace struct can_frame by canfd_frame to access frame length (bsc#1051510).
- can: flexcan: flexcan_irq(): fix indention (bsc#1051510).
- can: hi311x: Use level-triggered interrupt (bsc#1051510).
- can: raw: check for CAN FD capable netdev in raw_sendmsg() (bsc#1051510).
- can: rcar_can: Fix erroneous registration (bsc#1051510).
- can: rx-offload: introduce can_rx_offload_get_echo_skb() and can_rx_offload_queue_sorted() functions (bsc#1051510).
- cdc-acm: correct counting of UART states in serial state notification (bsc#1051510).
- cdc-acm: do not reset notification buffer index upon urb unlinking (bsc#1051510).
- cdrom: do not attempt to fiddle with cdo->capability (bsc#1051510).
- ceph: do not update importing cap's mseq when handing cap export (bsc#1121273).
- ceph: fix dentry leak in ceph_readdir_prepopulate (bsc#1114839).
- ceph: quota: fix null pointer dereference in quota check (bsc#1114839).
- cfg80211: Address some corner cases in scan result channel updating (bsc#1051510).
- cfg80211: fix use-after-free in reg_process_hint() (bsc#1051510).
- char_dev: extend dynamic allocation of majors into a higher range (bsc#1121058).
- char_dev: Fix off-by-one bugs in find_dynamic_major() (bsc#1121058).
- clk: at91: Fix division by zero in PLL recalc_rate() (bsc#1051510).
- clk: fixed-factor: fix of_node_get-put imbalance (bsc#1051510).
- clk: fixed-rate: fix of_node_get-put imbalance (bsc#1051510).
- clk: mmp2: fix the clock id for sdh2_clk and sdh3_clk (bsc#1051510).
- clk: mmp: Off by one in mmp_clk_add() (bsc#1051510).
- clk: mvebu: Off by one bugs in cp110_of_clk_get() (bsc#1051510).
- clk: rockchip: Fix static checker warning in rockchip_ddrclk_get_parent call (bsc#1051510).
- clk: s2mps11: Add used attribute to s2mps11_dt_match (bsc#1051510).
- clk: s2mps11: Fix matching when built as module and DT node contains compatible (bsc#1051510).
- clk: samsung: exynos5420: Enable PERIS clocks for suspend (bsc#1051510).
- clockevents/drivers/i8253: Add support for PIT shutdown quirk (bsc#1051510).
- compiler-gcc.h: Add __attribute__((gnu_inline)) to all inline declarations (git-fixes).
- config: arm64: enable erratum 1024718
- configfs: replace strncpy with memcpy (bsc#1051510).
- cpufeature: avoid warning when compiling with clang (Git-fixes).
- cpufreq / CPPC: Add cpuinfo_cur_freq support for CPPC (bsc#1117115).
- cpufreq: CPPC: fix build in absence of v3 support (bsc#1117115).
- cpupower: remove stringop-truncation waring (git-fixes).
- crypto: bcm - fix normal/non key hash algorithm failure (bsc#1051510).
- crypto: caam - fix implicit casts in endianness helpers (bsc#1051510).
- crypto: ccp - Add DOWNLOAD_FIRMWARE SEV command ().
- crypto: ccp - Add GET_ID SEV command ().
- crypto: ccp - Add psp enabled message when initialization succeeds ().
- crypto: ccp - Add support for new CCP/PSP device ID ().
- crypto: ccp - Allow SEV firmware to be chosen based on Family and Model ().
- crypto: ccp - Fix static checker warning ().
- crypto: ccp - Remove unused #defines ().
- crypto: ccp - Support register differences between PSP devices ().
- crypto: lrw - Fix out-of bounds access on counter overflow (bsc#1051510).
- crypto: simd - correctly take reqsize of wrapped skcipher into account (bsc#1051510).
- crypto: tcrypt - fix ghash-generic speed test (bsc#1051510).
- dasd: fix deadlock in dasd_times_out (bsc#1121477, LTC#174111).
- dax: Check page->mapping isn't NULL (bsc#1120054).
- dax: Do not access a freed inode (bsc#1120055).
- device property: Define type of PROPERTY_ENRTY_*() macros (bsc#1051510).
- device property: fix fwnode_graph_get_next_endpoint() documentation (bsc#1051510).
- disable stringop truncation warnings for now (git-fixes).
- dm: allocate struct mapped_device with kvzalloc (Git-fixes).
- dm cache: destroy migration_cache if cache target registration failed (Git-fixes).
- dm cache: fix resize crash if user does not reload cache table (Git-fixes).
- dm cache metadata: ignore hints array being too small during resize (Git-fixes).
- dm cache metadata: save in-core policy_hint_size to on-disk superblock (Git-fixes).
- dm cache metadata: set dirty on all cache blocks after a crash (Git-fixes).
- dm cache: only allow a single io_mode cache feature to be requested (Git-fixes).
- dm crypt: do not decrease device limits (Git-fixes).
- dm: fix report zone remapping to account for partition offset (Git-fixes).
- dm integrity: change 'suspending' variable from bool to int (Git-fixes).
- dm ioctl: harden copy_params()'s copy_from_user() from malicious users (Git-fixes).
- dm linear: eliminate linear_end_io call if CONFIG_DM_ZONED disabled (Git-fixes).
- dm linear: fix linear_end_io conditional definition (Git-fixes).
- dm thin: handle running out of data space vs concurrent discard (Git-fixes).
- dm thin metadata: remove needless work from __commit_transaction (Git-fixes).
- dm thin: stop no_space_timeout worker when switching to write-mode (Git-fixes).
- dm writecache: fix a crash due to reading past end of dirty_bitmap (Git-fixes).
- dm writecache: report start_sector in status line (Git-fixes).
- dm zoned: fix metadata block ref counting (Git-fixes).
- dm zoned: fix various dmz_get_mblock() issues (Git-fixes).
- doc/README.SUSE: correct GIT url No more gitorious, github we use.
- Documentation/l1tf: Fix small spelling typo (bsc#1051510).
- Documentation/l1tf: Fix typos (bsc#1051510).
- Documentation/l1tf: Remove Yonah processors from not vulnerable list (bsc#1051510).
- do d_instantiate/unlock_new_inode combinations safely (git-fixes).
- driver/dma/ioat: Call del_timer_sync() without holding prep_lock (bsc#1051510).
- drivers/net/usb: add device id for TP-LINK UE300 USB 3.0 Ethernet (bsc#1119749).
- drivers/net/usb/r8152: remove the unneeded variable 'ret' in rtl8152_system_suspend (bsc#1119749).
- drivers/tty: add missing of_node_put() (bsc#1051510).
- drm/amdgpu: add missing CHIP_HAINAN in amdgpu_ucode_get_load_type (bsc#1051510).
- drm/amdgpu/gmc8: update MC firmware for polaris (bsc#1113722)
- drm/amdgpu/powerplay: fix missing break in switch statements (bsc#1113722)
- drm/amdgpu: update mc firmware image for polaris12 variants (bsc#1113722)
- drm/amdgpu: update SMC firmware image for polaris10 variants (bsc#1113722)
- drm/ast: change resolution may cause screen blurred (boo#1112963).
- drm/ast: fixed cursor may disappear sometimes (bsc#1051510).
- drm/ast: Fix incorrect free on ioregs (bsc#1051510).
- drm/ast: Remove existing framebuffers before loading driver (boo#1112963)
- drm/dp_mst: Check if primary mstb is null (bsc#1051510).
- drm/dp_mst: Skip validating ports during destruction, just ref (bsc#1051510).
- drm/edid: Add 6 bpc quirk for BOE panel (bsc#1051510).
- drm/edid: Add 6 bpc quirk for BOE panel in HP Pavilion 15-n233sl (bsc#1113722)
- drm/fb-helper: Ignore the value of fb_var_screeninfo.pixclock (bsc#1113722)
- drm: fb-helper: Reject all pixel format changing requests (bsc#1113722)
- drm/hisilicon: hibmc: Do not carry error code in HiBMC framebuffer (bsc#1113722)
- drm/hisilicon: hibmc: Do not overwrite fb helper surface depth (bsc#1113722)
- drm/i915/audio: Hook up component bindings even if displays are (bsc#1113722)
- drm/i915: Do not oops during modeset shutdown after lpe audio deinit (bsc#1051510).
- drm/i915: Do not unset intel_connector->mst_port (bsc#1051510).
- drm/i915/dp: Link train Fallback on eDP only if fallback link BW can fit panel's native mode (bsc#1051510).
- drm/i915/execlists: Apply a full mb before execution for Braswell (bsc#1113722)
- drm/i915/execlists: Force write serialisation into context image vs execution (bsc#1051510).
- drm/i915: Fix ilk+ watermarks when disabling pipes (bsc#1051510).
- drm/i915/gen9+: Fix initial readout for Y tiled framebuffers (bsc#1113722)
- drm/i915/glk: Remove 99% limitation (bsc#1051510).
- drm/i915/hdmi: Add HDMI 2.0 audio clock recovery N values (bsc#1051510).
- drm/i915: Large page offsets for pread/pwrite (bsc#1051510).
- drm/i915: Mark pin flags as u64 (bsc#1051510).
- drm/i915: Restore vblank interrupts earlier (bsc#1051510).
- drm/i915: Skip vcpi allocation for MSTB ports that are gone (bsc#1051510).
- drm/i915: Write GPU relocs harder with gen3 (bsc#1051510).
- drm/ioctl: Fix Spectre v1 vulnerabilities (bsc#1113722)
- drm/mediatek: fix OF sibling-node lookup (bsc#1106110)
- drm/meson: add support for 1080p25 mode (bsc#1051510).
- drm/meson: Enable fast_io in meson_dw_hdmi_regmap_config (bsc#1051510).
- drm/meson: Fix OOB memory accesses in meson_viu_set_osd_lut() (bsc#1051510).
- drm/msm: fix OF child-node lookup (bsc#1106110)
- drm/nouveau: Check backlight IDs are >= 0, not > 0 (bsc#1051510).
- drm/nouveau: Do not disable polling in fallback mode (bsc#1103356).
- drm/nouveau/kms: Fix memory leak in nv50_mstm_del() (bsc#1113722)
- drm/omap: fix memory barrier bug in DMM driver (bsc#1051510).
- drm: rcar-du: Fix external clock error checks (bsc#1113722)
- drm: rcar-du: Fix vblank initialization (bsc#1113722)
- drm/rockchip: Allow driver to be shutdown on reboot/kexec (bsc#1051510).
- drm/rockchip: psr: do not dereference encoder before it is null (bsc#1113722)
- drm: set is_master to 0 upon drm_new_set_master() failure (bsc#1113722)
- drm/sti: do not remove the drm_bridge that was never added (bsc#1100132)
- drm/vc4: Set ->is_yuv to false when num_planes == 1 (bsc#1113722)
- drm/vc4: ->x_scaling[1] should never be set to VC4_SCALING_NONE (bsc#1113722)
- drm/virtio: fix bounds check in virtio_gpu_cmd_get_capset() (bsc#1113722)
- dt-bindings: add compatible string for Allwinner V3s SoC (git-fixes).
- dt-bindings: arm: Document SoC compatible value for Armadillo-800 EVA (git-fixes).
- dt-bindings: clock: add rk3399 DDR3 standard speed bins (git-fixes).
- dt-bindings: clock: mediatek: add binding for fixed-factor clock axisel_d4 (git-fixes).
- dt-bindings: iio: update STM32 timers clock names (git-fixes).
- dt-bindings: mfd: axp20x: Add AXP806 to supported list of chips (git-fixes).
- dt-bindings: net: Remove duplicate NSP Ethernet MAC binding document (git-fixes).
- dt-bindings: panel: lvds: Fix path to display timing bindings (git-fixes).
- dt-bindings: phy: sun4i-usb-phy: Add property descriptions for H3 (git-fixes).
- dt-bindings: pwm: renesas: tpu: Fix 'compatible' prop description (git-fixes).
- dt-bindings: rcar-dmac: Document missing error interrupt (git-fixes).
- EDAC, {i7core,sb,skx}_edac: Fix uncorrected error counting (bsc#1114279).
- EDAC: Raise the maximum number of memory controllers (bsc#1113780).
- EDAC, skx_edac: Fix logical channel intermediate decoding (bsc#1114279).
- EDAC, thunderx: Fix memory leak in thunderx_l2c_threaded_isr() (bsc#1114279).
- efi: Move some sysfs files to be read-only by root (bsc#1051510).
- ethernet: fman: fix wrong of_node_put() in probe function (bsc#1119017).
- exportfs: fix 'passing zero to ERR_PTR()' warning (bsc#1118773).
- ext2: fix potential use after free (bsc#1118775).
- ext4: add missing brelse() add_new_gdb_meta_bg()'s error path (bsc#1117795).
- ext4: add missing brelse() in set_flexbg_block_bitmap()'s error path (bsc#1117794).
- ext4: add missing brelse() update_backups()'s error path (bsc#1117796).
- ext4: avoid buffer leak in ext4_orphan_add() after prior errors (bsc#1117802).
- ext4: avoid buffer leak on shutdown in ext4_mark_iloc_dirty() (bsc#1117801).
- ext4: avoid possible double brelse() in add_new_gdb() on error path (bsc#1118760).
- ext4: avoid potential extra brelse in setup_new_flex_group_blocks() (bsc#1117792).
- ext4: fix buffer leak in __ext4_read_dirblock() on error path (bsc#1117807).
- ext4: fix buffer leak in ext4_xattr_move_to_block() on error path (bsc#1117806).
- ext4: fix EXT4_IOC_GROUP_ADD ioctl (bsc#1120604).
- ext4: fix missing cleanup if ext4_alloc_flex_bg_array() fails while resizing (bsc#1117798).
- ext4: fix possible inode leak in the retry loop of ext4_resize_fs() (bsc#1117799).
- ext4: fix possible leak of sbi->s_group_desc_leak in error path (bsc#1117803).
- ext4: fix possible leak of s_journal_flag_rwsem in error path (bsc#1117804).
- ext4: fix possible use after free in ext4_quota_enable (bsc#1120602).
- ext4: fix setattr project check in fssetxattr ioctl (bsc#1117789).
- ext4: fix use-after-free race in ext4_remount()'s error path (bsc#1117791).
- ext4: initialize retries variable in ext4_da_write_inline_data_begin() (bsc#1117788).
- ext4: missing unlock/put_page() in ext4_try_to_write_inline_data() (bsc#1120603).
- ext4: propagate error from dquot_initialize() in EXT4_IOC_FSSETXATTR (bsc#1117790).
- ext4: release bs.bh before re-using in ext4_xattr_block_find() (bsc#1117805).
- extable: Consolidate *kernel_text_address() functions (bsc#1120092).
- extable: Enable RCU if it is not watching in kernel_text_address() (bsc#1120092).
- fbdev: fbcon: Fix unregister crash when more than one framebuffer (bsc#1113722)
- fbdev: fbmem: behave better with small rotated displays and many CPUs (bsc#1113722)
- fbdev: fix broken menu dependencies (bsc#1113722)
- firmware: add firmware_request_nowarn() - load firmware without warnings ().
- firmware: dcdbas: Add support for WSMT ACPI table (bsc#1089350 ).
- firmware: dcdbas: include linux/io.h (bsc#1089350).
- Fix the breakage of KMP build on x86_64 (bsc#1121017).
- Fix tracing sample code warning (git-fixes).
- floppy: fix race condition in __floppy_read_block_0() (bsc#1051510).
- flow_dissector: do not dissect l4 ports for fragments (networking-stable-18_11_21).
- fscache: fix race between enablement and dropping of object (bsc#1107385).
- fscache: Fix race in fscache_op_complete() due to split atomic_sub & read (Git-fixes).
- fscache: Pass the correct cancelled indications to fscache_op_complete() (Git-fixes).
- fs: dcache: Avoid livelock between d_alloc_parallel and __d_add (git-fixes).
- fs/dcache.c: fix kmemcheck splat at take_dentry_name_snapshot() (git-fixes).
- fs: dcache: Use READ_ONCE when accessing i_dir_seq (git-fixes).
- fs: Do not leak MNT_INTERNAL away from internal mounts (git-fixes).
- fs: fix lost error code in dio_complete (bsc#1118762).
- fs: Make extension of struct super_block transparent (bsc#1117822).
- fsnotify: Fix busy inodes during unmount (bsc#1117822).
- fsnotify: fix ignore mask logic in fsnotify() (bsc#1115074).
- fs/xfs: Use %pS printk format for direct addresses (git-fixes).
- ftrace: Fix debug preempt config name in stack_tracer_{en,dis}able (bsc#1117172).
- ftrace: Fix kmemleak in unregister_ftrace_graph (bsc#1117181).
- ftrace: Fix memleak when unregistering dynamic ops when tracing disabled (bsc#1117174).
- ftrace: Remove incorrect setting of glob search field (bsc#1117184).
- fuse: fix blocked_waitq wakeup (git-fixes).
- fuse: fix leaked notify reply (git-fixes).
- fuse: fix possibly missed wake-up after abort (git-fixes).
- fuse: Fix use-after-free in fuse_dev_do_read() (git-fixes).
- fuse: Fix use-after-free in fuse_dev_do_write() (git-fixes).
- fuse: fix use-after-free in fuse_direct_IO() (git-fixes).
- fuse: set FR_SENT while locked (git-fixes).
- gcc-plugins: Add include required by GCC release 8 (git-fixes).
- gcc-plugins: Use dynamic initializers (git-fixes).
- genirq: Fix race on spurious interrupt detection (bsc#1051510).
- getname_kernel() needs to make sure that ->name != ->iname in long case (git-fixes).
- gfs2: Do not leave s_fs_info pointing to freed memory in init_sbd (bsc#1118769).
- gfs2: Fix loop in gfs2_rbm_find (bsc#1120601).
- gfs2: Get rid of potential double-freeing in gfs2_create_inode (bsc#1120600).
- gfs2_meta: ->mount() can get NULL dev_name (bsc#1118768).
- gfs2: Put bitmap buffers in put_super (bsc#1118772).
- git_sort.py: Remove non-existent remote tj/libata
- gpio: davinci: Remove unused member of davinci_gpio_controller (git-fixes).
- gpio: do not free unallocated ida on gpiochip_add_data_with_key() error path (bsc#1051510).
- gpiolib-acpi: Only defer request_irq for GpioInt ACPI event handlers (bsc#1051510).
- gpiolib: Fix return value of gpio_to_desc() stub if !GPIOLIB (bsc#1051510).
- gpio: max7301: fix driver for use with CONFIG_VMAP_STACK (bsc#1051510).
- gpio: mvebu: only fail on missing clk if pwm is actually to be used (bsc#1051510).
- grace: replace BUG_ON by WARN_ONCE in exit_net hook (git-fixes).
- gso_segment: Reset skb->mac_len after modifying network header (networking-stable-18_09_24).
- hid: Add quirk for Primax PIXART OEM mice (bsc#1119410).
- hid: hiddev: fix potential Spectre v1 (bsc#1051510).
- hid: input: Ignore battery reported by Symbol DS4308 (bsc#1051510).
- hid: multitouch: Add pointstick support for Cirque Touchpad (bsc#1051510).
- hid: uhid: forbid UHID_CREATE under KERNEL_DS or elevated privileges (bsc#1051510).
- hv_netvsc: ignore devices that are not PCI (networking-stable-18_09_11).
- hwmon: (core) Fix double-free in __hwmon_device_register() (bsc#1051510).
- hwmon: (ibmpowernv) Remove bogus __init annotations (bsc#1051510).
- hwmon: (ina2xx) Fix current value calculation (bsc#1051510).
- hwmon (ina2xx) Fix NULL id pointer in probe() (bsc#1051510).
- hwmon: (nct6775) Fix potential Spectre v1 (bsc#1051510).
- hwmon: (pmbus) Fix page count auto-detection (bsc#1051510).
- hwmon: (pwm-fan) Set fan speed to 0 on suspend (bsc#1051510).
- hwmon: (raspberrypi) Fix initial notify (bsc#1051510).
- hwmon: (w83795) temp4_type has writable permission (bsc#1051510).
- hwpoison, memory_hotplug: allow hwpoisoned pages to be offlined (bnc#1116336).
- hwrng: core - document the quality field (bsc#1051510).
- i2c: axxia: properly handle master timeout (bsc#1051510).
- i2c: scmi: Fix probe error on devices with an empty SMB0001 ACPI device node (bsc#1051510).
- IB/hfi1: Add mtu check for operational data VLs (bsc#1060463 ).
- ibmvnic: Convert reset work item mutex to spin lock ().
- ibmvnic: fix accelerated VLAN handling ().
- ibmvnic: fix index in release_rx_pools (bsc#1115440, bsc#1115433).
- ibmvnic: Fix non-atomic memory allocation in IRQ context ().
- ibmvnic: remove ndo_poll_controller ().
- ibmvnic: Update driver queues after change in ring size support ().
- IB/rxe: support for 802.1q VLAN on the listener (bsc#1082387).
- ieee802154: 6lowpan: set IFLA_LINK (bsc#1051510).
- ieee802154: at86rf230: switch from BUG_ON() to WARN_ON() on problem (bsc#1051510).
- ieee802154: at86rf230: use __func__ macro for debug messages (bsc#1051510).
- ieee802154: fakelb: switch from BUG_ON() to WARN_ON() on problem (bsc#1051510).
- iio: accel: adxl345: convert address field usage in iio_chan_spec (bsc#1051510).
- iio: ad5064: Fix regulator handling (bsc#1051510).
- iio: adc: at91: fix acking DRDY irq on simple conversions (bsc#1051510).
- iio: adc: at91: fix wrong channel number in triggered buffer mode (bsc#1051510).
- iio: adc: imx25-gcq: Fix leak of device_node in mx25_gcq_setup_cfgs() (bsc#1051510).
- iio:st_magn: Fix enable device after trigger (bsc#1051510).
- ima: fix showing large 'violations' or 'runtime_measurements_count' (bsc#1051510).
- include/linux/pfn_t.h: force '~' to be parsed as an unary operator (bsc#1051510).
- Include modules.fips in kernel-binary as well as kernel-binary-base ().
- inet: make sure to grab rcu_read_lock before using ireq->ireq_opt (networking-stable-18_10_16).
- initramfs: fix initramfs rebuilds w/ compression after disabling (git-fixes).
- Input: add official Raspberry Pi's touchscreen driver ().
- Input: cros_ec_keyb - fix button/switch capability reports (bsc#1051510).
- Input: elan_i2c - add ACPI ID for Lenovo IdeaPad 330-15ARR (bsc#1051510).
- Input: elan_i2c - add ACPI ID for Lenovo IdeaPad 330-15IGM (bsc#1051510).
- Input: elan_i2c - add ELAN0620 to the ACPI table (bsc#1051510).
- Input: elan_i2c - add support for ELAN0621 touchpad (bsc#1051510).
- Input: hyper-v - fix wakeup from suspend-to-idle (bsc#1051510).
- Input: matrix_keypad - check for errors from of_get_named_gpio() (bsc#1051510).
- Input: nomadik-ske-keypad - fix a loop timeout test (bsc#1051510).
- Input: omap-keypad - fix keyboard debounce configuration (bsc#1051510).
- Input: synaptics - add PNP ID for ThinkPad P50 to SMBus (bsc#1051510).
- Input: synaptics - avoid using uninitialized variable when probing (bsc#1051510).
- Input: synaptics - enable SMBus for HP 15-ay000 (bsc#1051510).
- Input: xpad - add PDP device id 0x02a4 (bsc#1051510).
- Input: xpad - add support for Xbox1 PDP Camo series gamepad (bsc#1051510).
- Input: xpad - avoid using __set_bit() for capabilities (bsc#1051510).
- Input: xpad - fix some coding style issues (bsc#1051510).
- Input: xpad - quirk all PDP Xbox One gamepads (bsc#1051510).
- integrity/security: fix digsig.c build error with header file (bsc#1051510).
- intel_th: msu: Fix an off-by-one in attribute store (bsc#1051510).
- iommu/amd: Fix amd_iommu=force_isolation (bsc#1106105).
- iommu/arm-smmu: Ensure that page-table updates are visible before TLBI (bsc#1106237).
- iommu/ipmmu-vmsa: Fix crash on early domain free (bsc#1106105).
- iommu/vt-d: Fix NULL pointer dereference in prq_event_thread() (bsc#1106105).
- iommu/vt-d: Handle domain agaw being less than iommu agaw (bsc#1106105).
- iommu/vt-d: Use memunmap to free memremap (bsc#1106105).
- ip6_tunnel: be careful when accessing the inner header (networking-stable-18_10_16).
- ip6_tunnel: Fix encapsulation layout (networking-stable-18_11_02).
- ip6_vti: fix a null pointer deference when destroy vti6 tunnel (networking-stable-18_09_11).
- ipmi: Fix timer race with module unload (bsc#1051510).
- ip_tunnel: be careful when accessing the inner header (networking-stable-18_10_16).
- ip_tunnel: do not force DF when MTU is locked (networking-stable-18_11_21).
- ipv4: lock mtu in fnhe when received PMTU < net.ipv4.route.min_pmtu (networking-stable-18_11_21).
- ipv4: tcp: send zero IPID for RST and ACK sent in SYN-RECV and TIME-WAIT state (networking-stable-18_09_11).
- ipv6: Fix PMTU updates for UDP/raw sockets in presence of VRF (networking-stable-18_11_21).
- ipv6: fix possible use-after-free in ip6_xmit() (networking-stable-18_09_24).
- ipv6: mcast: fix a use-after-free in inet6_mc_check (networking-stable-18_11_02).
- ipv6/ndisc: Preserve IPv6 control buffer if protocol error handlers are called (networking-stable-18_11_02).
- ipv6: take rcu lock in rawv6_send_hdrinc() (networking-stable-18_10_16).
- iwlwifi: add new cards for 9560, 9462, 9461 and killer series (bsc#1051510).
- iwlwifi: dbg: allow wrt collection before ALIVE (bsc#1051510).
- iwlwifi: do not WARN on trying to dump dead firmware (bsc#1051510).
- iwlwifi: fix LED command capability bit (bsc#1119086).
- iwlwifi: fix non_shared_ant for 22000 devices (bsc#1119086).
- iwlwifi: fix wrong WGDS_WIFI_DATA_SIZE (bsc#1119086).
- iwlwifi: mvm: check for short GI only for OFDM (bsc#1051510).
- iwlwifi: mvm: check return value of rs_rate_from_ucode_rate() (bsc#1051510).
- iwlwifi: mvm: do not send GEO_TX_POWER_LIMIT to old firmwares (bsc#1119086).
- iwlwifi: mvm: do not use SAR Geo if basic SAR is not used (bsc#1051510).
- iwlwifi: mvm: fix BAR seq ctrl reporting (bsc#1051510).
- iwlwifi: mvm: fix regulatory domain update when the firmware starts (bsc#1051510).
- iwlwifi: mvm: support sta_statistics() even on older firmware (bsc#1051510).
- iwlwifi: nvm: get num of hw addresses from firmware (bsc#1119086).
- iwlwifi: pcie: avoid empty free RB queue (bsc#1051510).
- iwlwifi: pcie: do not reset TXQ write pointer (bsc#1051510).
- jffs2: free jffs2_sb_info through jffs2_kill_sb() (bsc#1118767).
- jump_label: Split out code under the hotplug lock (bsc#1106913).
- kabi: hide new member in struct iommu_table from genksyms (bsc#1061840).
- kabi: hwpoison, memory_hotplug: allow hwpoisoned pages to be offlined (bnc#1116336).
- kabi: mask raw in struct bpf_reg_state (bsc#1083647).
- kabi: powerpc: export __find_linux_pte as __find_linux_pte_or_hugepte (bsc#1061840).
- kabi: powerpc: Revert npu callback signature change (bsc#1055120).
- kabi protect hnae_ae_ops (bsc#1104353).
- kabi/severities: ignore __xive_vm_h_* KVM internal symbols.
- kbuild: allow to use GCC toolchain not in Clang search path (git-fixes).
- kbuild: fix # escaping in .cmd files for future Make (git-fixes).
- kbuild: fix kernel/bounds.c 'W=1' warning (bsc#1051510).
- kbuild: fix linker feature test macros when cross compiling with Clang (git-fixes).
- kbuild: make missing $DEPMOD a Warning instead of an Error (git-fixes).
- kbuild: move '_all' target out of $(KBUILD_SRC) conditional (bsc#1114279).
- kbuild: rpm-pkg: keep spec file until make mrproper (git-fixes).
- kbuild: suppress packed-not-aligned warning for default setting only (git-fixes).
- kbuild: verify that $DEPMOD is installed (git-fixes).
- kdb: use memmove instead of overlapping memcpy (bsc#1120954).
- kernfs: Replace strncpy with memcpy (bsc#1120053).
- kernfs: update comment about kernfs_path() return value (bsc#1051510).
- keys: Fix the use of the C++ keyword 'private' in uapi/linux/keyctl.h (Git-fixes).
- kgdboc: Passing ekgdboc to command line causes panic (bsc#1051510).
- kobject: Replace strncpy with memcpy (git-fixes).
- kprobes: Make list and blacklist root user read only (git-fixes).
- kvm: arm/arm64: Introduce vcpu_el1_is_32bit (bsc#1110998).
- kvm: nVMX: Always reflect #NM VM-exits to L1 (bsc#1106240).
- kvm: nVMX: move check_vmentry_postreqs() call to nested_vmx_enter_non_root_mode() (bsc#1106240).
- kvm: PPC: Add pt_regs into kvm_vcpu_arch and move vcpu->arch.gpr[] into it (bsc#1061840).
- kvm: PPC: Avoid marking DMA-mapped pages dirty in real mode (bsc#1061840).
- kvm: PPC: Book3S: Add MMIO emulation for VMX instructions (bsc#1061840).
- kvm: PPC: Book3S: Allow backing bigger guest IOMMU pages with smaller physical pages (bsc#1061840).
- kvm: PPC: Book3S: Check KVM_CREATE_SPAPR_TCE_64 parameters (bsc#1061840).
- kvm: PPC: Book3S: Eliminate some unnecessary checks (bsc#1061840).
- kvm: PPC: Book3S: Fix compile error that occurs with some gcc versions (bsc#1061840).
- kvm: PPC: Book3S: Fix matching of hardware and emulated TCE tables (bsc#1061840).
- kvm: PPC: Book3S HV: Add of_node_put() in success path (bsc#1061840).
- kvm: PPC: Book3S HV: Add 'online' register to ONE_REG interface (bsc#1061840).
- kvm: PPC: Book3S HV: Allow creating max number of VCPUs on POWER9 (bsc#1061840).
- kvm: PPC: Book3S HV: Allow HPT and radix on the same core for POWER9 v2.2 (bsc#1061840).
- kvm: PPC: Book3S HV: Avoid crash from THP collapse during radix page fault (bsc#1061840).
- kvm: PPC: Book3S HV: Avoid shifts by negative amounts (bsc#1061840).
- kvm: PPC: Book3S HV: Check DR not IR to chose real vs virt mode MMIOs (bsc#1061840).
- kvm: PPC: Book3S HV: Do not truncate HPTE index in xlate function (bsc#1061840).
- kvm: PPC: Book3S HV: Do not use compound_order to determine host mapping size (bsc#1061840).
- kvm: PPC: Book3S HV: Do not use existing 'prodded' flag for XIVE escalations (bsc#1061840).
- kvm: PPC: Book 3S HV: Do ptesync in radix guest exit path (bsc#1061840).
- kvm: PPC: Book3S HV: Do SLB load/unload with guest LPCR value loaded (bsc#1061840).
- kvm: PPC: Book3S HV: Enable migration of decrementer register (bsc#1061840).
- kvm: PPC: Book3S HV: Factor fake-suspend handling out of kvmppc_save/restore_tm (bsc#1061840).
- kvm: PPC: Book3S HV: Fix conditions for starting vcpu (bsc#1061840).
- kvm: PPC: Book3S HV: Fix constant size warning (bsc#1061840).
- kvm: PPC: Book3S HV: Fix duplication of host SLB entries (bsc#1061840).
- kvm: PPC: Book3S HV: Fix guest r11 corruption with POWER9 TM workarounds (bsc#1061840).
- kvm: PPC: Book3S HV: Fix handling of large pages in radix page fault handler (bsc#1061840).
- kvm: PPC: Book3S HV: Fix handling of secondary HPTEG in HPT resizing code (bsc#1061840).
- kvm: PPC: Book3S HV: Fix inaccurate comment (bsc#1061840).
- kvm: PPC: Book3S HV: Fix kvmppc_bad_host_intr for real mode interrupts (bsc#1061840).
- kvm: PPC: Book3S HV: Fix trap number return from __kvmppc_vcore_entry (bsc#1061840).
- kvm: PPC: Book3S HV: Fix typo in kvmppc_hv_get_dirty_log_radix() (bsc#1061840).
- kvm: PPC: Book3S HV: Fix VRMA initialization with 2MB or 1GB memory backing (bsc#1061840).
- kvm: PPC: Book3S HV: Handle 1GB pages in radix page fault handler (bsc#1061840).
- kvm: PPC: Book3S HV: Improve handling of debug-trigger HMIs on POWER9 (bsc#1061840).
- kvm: PPC: Book3S HV: Keep XIVE escalation interrupt masked unless ceded (bsc#1061840).
- kvm: PPC: Book3S HV: Lockless tlbie for HPT hcalls (bsc#1061840).
- kvm: PPC: Book3S HV: Make HPT resizing work on POWER9 (bsc#1061840).
- kvm: PPC: Book3S HV: Make radix clear pte when unmapping (bsc#1061840).
- kvm: PPC: Book3S HV: Make radix use correct tlbie sequence in kvmppc_radix_tlbie_page (bsc#1061840).
- kvm: PPC: Book3S HV: Make xive_pushed a byte, not a word (bsc#1061840).
- kvm: PPC: Book3S HV: Pack VCORE IDs to access full VCPU ID space (bsc#1061840).
- kvm: PPC: Book3S HV: radix: Do not clear partition PTE when RC or write bits do not match (bsc#1061840).
- kvm: PPC: Book3S HV: Radix page fault handler optimizations (bsc#1061840).
- kvm: PPC: Book3S HV: radix: Refine IO region partition scope attributes (bsc#1061840).
- kvm: PPC: Book3S HV: Read kvm->arch.emul_smt_mode under kvm->lock (bsc#1061840).
- kvm: PPC: Book3S HV: Recursively unmap all page table entries when unmapping (bsc#1061840).
- kvm: PPC: Book3S HV: Remove useless statement (bsc#1061840).
- kvm: PPC: Book3S HV: Remove vcpu->arch.dec usage (bsc#1061840).
- kvm: PPC: Book3S HV: Send kvmppc_bad_interrupt NMIs to Linux handlers (bsc#1061840).
- kvm: PPC: Book3S HV: Set RWMR on POWER8 so PURR/SPURR count correctly (bsc#1061840).
- kvm: PPC: Book3S HV: Snapshot timebase offset on guest entry (bsc#1061840).
- kvm: PPC: Book3S HV: Streamline setting of reference and change bits (bsc#1061840).
- kvm: PPC: Book3S HV: Use a helper to unmap ptes in the radix fault path (bsc#1061840).
- kvm: PPC: Book3S HV: Use __gfn_to_pfn_memslot() in page fault handler (bsc#1061840).
- kvm: PPC: Book3S HV: XIVE: Resend re-routed interrupts on CPU priority change (bsc#1061840).
- kvm: PPC: Book3S PR: Add guest MSR parameter for kvmppc_save_tm()/kvmppc_restore_tm() (bsc#1061840).
- kvm: PPC: Book3S PR: Enable use on POWER9 inside HPT-mode guests (bsc#1118484).
- kvm: PPC: Book3S PR: Move kvmppc_save_tm/kvmppc_restore_tm to separate file (bsc#1061840).
- kvm: PPC: Book3S: Use correct page shift in H_STUFF_TCE (bsc#1061840).
- kvm: PPC: Fix a mmio_host_swabbed uninitialized usage issue (bsc#1061840).
- kvm: PPC: Make iommu_table::it_userspace big endian (bsc#1061840).
- kvm: PPC: Move nip/ctr/lr/xer registers to pt_regs in kvm_vcpu_arch (bsc#1061840).
- kvm: PPC: Use seq_puts() in kvmppc_exit_timing_show() (bsc#1061840).
- kvm: s390: vsie: copy wrapping keys to right place (git-fixes).
- kvm: svm: Ensure an IBPB on all affected CPUs when freeing a vmcb (bsc#1114279).
- kvm: VMX: re-add ple_gap module parameter (bsc#1106240).
- kvm: x86: Fix kernel info-leak in KVM_HC_CLOCK_PAIRING hypercall (bsc#1106240).
- libata: whitelist all SAMSUNG MZ7KM* solid-state disks (bsc#1051510).
- libceph: bump CEPH_MSG_MAX_DATA_LEN (bsc#1114839).
- libceph: fall back to sendmsg for slab pages (bsc#1118316).
- libertas: do not set URB_ZERO_PACKET on IN USB transfer (bsc#1051510).
- libertas_tf: prevent underflow in process_cmdrequest() (bsc#1119086).
- libnvdimm, dimm: Maximize label transfer size (bsc#1111921, bsc#1113408, bsc#1113972).
- libnvdimm: Hold reference on parent while scheduling async init (bsc#1116891).
- libnvdimm, label: change nvdimm_num_label_slots per UEFI 2.7 (bsc#1111921, bsc#1113408, bsc#1113972).
- libnvdimm, label: Fix sparse warning (bsc#1111921, bsc#1113408, bsc#1113972).
- libnvdimm, pfn: Pad pfn namespaces relative to other regions (bsc#1118962).
- libnvdimm, region: Fail badblocks listing for inactive regions (bsc#1116899).
- lib/raid6: Fix arm64 test build (bsc#1051510).
- lib/ubsan.c: do not mark __ubsan_handle_builtin_unreachable as noreturn (bsc#1051510).
- Limit max FW API version for QCA9377 (bsc#1121714, bsc#1121715).
- linux/bitmap.h: fix type of nbits in bitmap_shift_right() (bsc#1051510).
- livepatch: create and include UAPI headers ().
- llc: set SOCK_RCU_FREE in llc_sap_add_socket() (networking-stable-18_11_02).
- lockd: fix 'list_add double add' caused by legacy signal interface (git-fixes).
- locking/barriers: Convert users of lockless_dereference() to READ_ONCE() (Git-fixes).
- locking/static_keys: Improve uninitialized key warning (bsc#1106913).
- mac80211: Always report TX status (bsc#1051510).
- mac80211: Clear beacon_int in ieee80211_do_stop (bsc#1051510).
- mac80211: fix reordering of buffered broadcast packets (bsc#1051510).
- mac80211: fix TX status reporting for ieee80211s (bsc#1051510).
- mac80211_hwsim: do not omit multicast announce of first added radio (bsc#1051510).
- mac80211_hwsim: fix module init error paths for netlink (bsc#1051510).
- mac80211_hwsim: Timer should be initialized before device registered (bsc#1051510).
- mac80211: ignore NullFunc frames in the duplicate detection (bsc#1051510).
- mac80211: ignore tx status for PS stations in ieee80211_tx_status_ext (bsc#1051510).
- mac80211: TDLS: fix skb queue/priority assignment (bsc#1051510).
- mach64: fix display corruption on big endian machines (bsc#1113722)
- mach64: fix image corruption due to reading accelerator registers (bsc#1113722)
- mailbox: PCC: handle parse error (bsc#1051510).
- make sure that __dentry_kill() always invalidates d_seq, unhashed or not (git-fixes).
- Mark HI and TASKLET softirq synchronous (git-fixes).
- md: allow metadata updates while suspending an array - fix (git-fixes).
- MD: fix invalid stored role for a disk - try2 (git-fixes).
- md: fix NULL dereference of mddev->pers in remove_and_add_spares() (git-fixes).
- md: fix raid10 hang issue caused by barrier (git-fixes).
- md/raid10: fix that replacement cannot complete recovery after reassemble (git-fixes).
- md/raid1: add error handling of read error from FailFast device (git-fixes).
- md/raid5-cache: disable reshape completely (git-fixes).
- md/raid5: fix data corruption of replacements after originals dropped (git-fixes).
- media: cx231xx: fix potential sign-extension overflow on large shift (bsc#1051510).
- media: dvb: fix compat ioctl translation (bsc#1051510).
- media: em28xx: fix input name for Terratec AV 350 (bsc#1051510).
- media: em28xx: Fix use-after-free when disconnecting (bsc#1051510).
- media: em28xx: make v4l2-compliance happier by starting sequence on zero (bsc#1051510).
- media: em28xx: use a default format if TRY_FMT fails (bsc#1051510).
- media: omap3isp: Unregister media device as first (bsc#1051510).
- media: pci: cx23885: handle adding to list failure (bsc#1051510).
- media: tvp5150: avoid going past array on v4l2_querymenu() (bsc#1051510).
- media: tvp5150: fix switch exit in set control handler (bsc#1051510).
- media: tvp5150: fix width alignment during set_selection() (bsc#1051510).
- media: uvcvideo: Fix uvc_alloc_entity() allocation alignment (bsc#1051510).
- media: v4l2-tpg: fix kernel oops when enabling HFLIP and OSD (bsc#1051510).
- media: vsp1: Fix YCbCr planar formats pitch calculation (bsc#1051510).
- memory_hotplug: cond_resched in __remove_pages (bnc#1114178).
- mfd: arizona: Correct calling of runtime_put_sync (bsc#1051510).
- mfd: menelaus: Fix possible race condition and leak (bsc#1051510).
- mfd: omap-usb-host: Fix dts probe of children (bsc#1051510).
- mlxsw: spectrum: Fix IP2ME CPU policer configuration (networking-stable-18_11_21).
- mmc: bcm2835: reset host on timeout (bsc#1051510).
- mmc: core: Allow BKOPS and CACHE ctrl even if no HPI support (bsc#1051510).
- mmc: core: Reset HPI enabled state during re-init and in case of errors (bsc#1051510).
- mmc: core: Use a minimum 1600ms timeout when enabling CACHE ctrl (bsc#1051510).
- mmc: dw_mmc-bluefield: Add driver extension (bsc#1118752).
- mmc: dw_mmc-k3: add sd support for hi3660 (bsc#1118752).
- mmc: dw_mmc-rockchip: correct property names in debug (bsc#1051510).
- mmc: OMAP: fix broken MMC on OMAP15XX/OMAP5910/OMAP310 (bsc#1051510).
- mmc: omap_hsmmc: fix DMA API warning (bsc#1051510).
- mmc: sdhci: fix the timeout check window for clock and reset (bsc#1051510).
- mmc: sdhci-pci-o2micro: Add quirk for O2 Micro dev 0x8620 rev 0x01 (bsc#1051510).
- mm: do not miss the last page because of round-off error (bnc#1118798).
- mm: do not warn about large allocations for slab (git fixes (slab)).
- mm: handle no memcg case in memcg_kmem_charge() properly (bnc#1113677).
- mm/huge_memory.c: reorder operations in __split_huge_page_tail() (VM Functionality bsc#1119962).
- mm/huge_memory: fix lockdep complaint on 32-bit i_size_read() (VM Functionality, bsc#1121599).
- mm/huge_memory: rename freeze_page() to unmap_page() (VM Functionality, bsc#1121599).
- mm/huge_memory: splitting set mapping+index before unfreeze (VM Functionality, bsc#1121599).
- mm: hugetlb: yield when prepping struct pages (git fixes (memory initialisation)).
- mm/khugepaged: collapse_shmem() do not crash on Compound (VM Functionality, bsc#1121599).
- mm/khugepaged: collapse_shmem() remember to clear holes (VM Functionality, bsc#1121599).
- mm/khugepaged: collapse_shmem() stop if punched or truncated (VM Functionality, bsc#1121599).
- mm/khugepaged: collapse_shmem() without freezing new_page (VM Functionality, bsc#1121599).
- mm/khugepaged: fix crashes due to misaccounted holes (VM Functionality, bsc#1121599).
- mm/khugepaged: minor reorderings in collapse_shmem() (VM Functionality, bsc#1121599).
- mm: lower the printk loglevel for __dump_page messages (generic hotplug debugability).
- mm, memory_hotplug: be more verbose for memory offline failures (generic hotplug debugability).
- mm, memory_hotplug: drop pointless block alignment checks from __offline_pages (generic hotplug debugability).
- mm, memory_hotplug: print reason for the offlining failure (generic hotplug debugability).
- mm: migration: fix migration of huge PMD shared pages (bnc#1086423).
- mm: only report isolation failures when offlining memory (generic hotplug debugability).
- mm: print more information about mapping in __dump_page (generic hotplug debugability).
- mm: put_and_wait_on_page_locked() while page is migrated (bnc#1109272).
- mm: rework memcg kernel stack accounting (bnc#1113677).
- mm: sections are not offlined during memory hotremove (bnc#1119968).
- mm: shmem.c: Correctly annotate new inodes for lockdep (Git fixes: shmem).
- mm/vmstat.c: fix NUMA statistics updates (git fixes).
- modpost: ignore livepatch unresolved relocations ().
- mount: Do not allow copying MNT_UNBINDABLE|MNT_LOCKED mounts (bsc#1117819).
- mount: Prevent MNT_DETACH from disconnecting locked mounts (bsc#1117820).
- mount: Retest MNT_LOCKED in do_umount (bsc#1117818).
- Move dell_rbu fix to sorted section (bsc#1087978).
- mtd: cfi: convert inline functions to macros (git-fixes).
- mtd: Fix comparison in map_word_andequal() (git-fixes).
- namei: allow restricted O_CREAT of FIFOs and regular files (bsc#1118766).
- nbd: do not allow invalid blocksize settings (Git-fixes).
- neighbour: confirm neigh entries when ARP packet is received (networking-stable-18_09_24).
- net/af_iucv: drop inbound packets with invalid flags (bnc#1113501, LTC#172679).
- net/af_iucv: fix skb handling on HiperTransport xmit error (bnc#1113501, LTC#172679).
- net/appletalk: fix minor pointer leak to userspace in SIOCFINDIPDDPRT (networking-stable-18_09_24).
- net: aquantia: memory corruption on jumbo frames (networking-stable-18_10_16).
- net: bcmgenet: Poll internal PHY for GENETv5 (networking-stable-18_11_02).
- net: bcmgenet: protect stop from timeout (networking-stable-18_11_21).
- net: bcmgenet: use MAC link status for fixed phy (networking-stable-18_09_11).
- net: bgmac: Fix endian access in bgmac_dma_tx_ring_free() (bsc#1051510).
- net: bridge: remove ipv6 zero address check in mcast queries (git-fixes).
- net: dsa: bcm_sf2: Call setup during switch resume (networking-stable-18_10_16).
- net: dsa: bcm_sf2: Fix unbind ordering (networking-stable-18_10_16).
- net: dsa: mv88e6xxx: Fix binding documentation for MDIO busses (git-fixes).
- net: dsa: qca8k: Add QCA8334 binding documentation (git-fixes).
- net: ena: add functions for handling Low Latency Queues in ena_com (bsc#1111696 bsc#1117561).
- net: ena: add functions for handling Low Latency Queues in ena_netdev (bsc#1111696 bsc#1117561).
- net: ena: change rx copybreak default to reduce kernel memory pressure (bsc#1111696 bsc#1117561).
- net: ena: complete host info to match latest ENA spec (bsc#1111696 bsc#1117561).
- net: ena: enable Low Latency Queues (bsc#1111696 bsc#1117561).
- net: ena: explicit casting and initialization, and clearer error handling (bsc#1111696 bsc#1117561).
- net: ena: fix auto casting to boolean (bsc#1111696 bsc#1117561).
- net: ena: fix compilation error in xtensa architecture (bsc#1111696 bsc#1117561).
- net: ena: fix crash during ena_remove() (bsc#1111696 bsc#1117561).
- net: ena: fix crash during failed resume from hibernation (bsc#1111696 bsc#1117561).
- net: ena: fix indentations in ena_defs for better readability (bsc#1111696 bsc#1117561).
- net: ena: Fix Kconfig dependency on X86 (bsc#1111696 bsc#1117561).
- net: ena: fix NULL dereference due to untimely napi initialization (bsc#1111696 bsc#1117561).
- net: ena: fix rare bug when failed restart/resume is followed by driver removal (bsc#1111696 bsc#1117561).
- net: ena: fix warning in rmmod caused by double iounmap (bsc#1111696 bsc#1117561).
- net: ena: introduce Low Latency Queues data structures according to ENA spec (bsc#1111696 bsc#1117561).
- net: ena: limit refill Rx threshold to 256 to avoid latency issues (bsc#1111696 bsc#1117561).
- net: ena: minor performance improvement (bsc#1111696 bsc#1117561).
- net: ena: remove ndo_poll_controller (bsc#1111696 bsc#1117561).
- net: ena: remove redundant parameter in ena_com_admin_init() (bsc#1111696 bsc#1117561).
- net: ena: update driver version from 2.0.1 to 2.0.2 (bsc#1111696 bsc#1117561).
- net: ena: update driver version to 2.0.1 (bsc#1111696 bsc#1117561).
- net: ena: use CSUM_CHECKED device indication to report skb's checksum status (bsc#1111696 bsc#1117561).
- net: fec: do not dump RX FIFO register when not available (networking-stable-18_11_02).
- net-gro: reset skb->pkt_type in napi_reuse_skb() (networking-stable-18_11_21).
- net: hns3: Add nic state check before calling netif_tx_wake_queue (bsc#1104353).
- net: hns3: Add support for hns3_nic_netdev_ops.ndo_do_ioctl (bsc#1104353).
- net: hns3: bugfix for buffer not free problem during resetting (bsc#1104353).
- net: hns3: bugfix for handling mailbox while the command queue reinitialized (bsc#1104353).
- net: hns3: bugfix for hclge_mdio_write and hclge_mdio_read (bsc#1104353).
- net: hns3: bugfix for is_valid_csq_clean_head() (bsc#1104353 ).
- net: hns3: bugfix for reporting unknown vector0 interrupt repeatly problem (bsc#1104353).
- net: hns3: bugfix for rtnl_lock's range in the hclgevf_reset() (bsc#1104353).
- net: hns3: bugfix for the initialization of command queue's spin lock (bsc#1104353).
- net: hns3: Check hdev state when getting link status (bsc#1104353).
- net: hns3: Clear client pointer when initialize client failed or unintialize finished (bsc#1104353).
- net: hns3: Fix cmdq registers initialization issue for vf (bsc#1104353).
- net: hns3: Fix error of checking used vlan id (bsc#1104353 ).
- net: hns3: Fix ets validate issue (bsc#1104353).
- net: hns3: Fix for netdev not up problem when setting mtu (bsc#1104353).
- net: hns3: Fix for out-of-bounds access when setting pfc back pressure (bsc#1104353).
- net: hns3: Fix for packet buffer setting bug (bsc#1104353 ).
- net: hns3: Fix for rx vlan id handle to support Rev 0x21 hardware (bsc#1104353).
- net: hns3: Fix for setting speed for phy failed problem (bsc#1104353).
- net: hns3: Fix for vf vlan delete failed problem (bsc#1104353 ).
- net: hns3: Fix loss of coal configuration while doing reset (bsc#1104353).
- net: hns3: Fix parameter type for q_id in hclge_tm_q_to_qs_map_cfg() (bsc#1104353).
- net: hns3: Fix ping exited problem when doing lp selftest (bsc#1104353).
- net: hns3: Preserve vlan 0 in hardware table (bsc#1104353 ).
- net: hns3: remove unnecessary queue reset in the hns3_uninit_all_ring() (bsc#1104353).
- net: hns3: Set STATE_DOWN bit of hdev state when stopping net (bsc#1104353).
- net: hns: fix for unmapping problem when SMMU is on (networking-stable-18_10_16).
- net: hp100: fix always-true check for link up state (networking-stable-18_09_24).
- net: ibm: fix return type of ndo_start_xmit function ().
- net/ibmnvic: Fix deadlock problem in reset ().
- net/ibmvnic: Fix RTNL deadlock during device reset (bnc#1115431).
- net: ipmr: fix unresolved entry dumps (networking-stable-18_11_02).
- net: ipv4: do not let PMTU updates increase route MTU (git-fixes).
- net/ipv6: Display all addresses in output of /proc/net/if_inet6 (networking-stable-18_10_16).
- net/ipv6: Fix index counter for unicast addresses in in6_dump_addrs (networking-stable-18_11_02).
- netlabel: check for IPV4MASK in addrinfo_get (networking-stable-18_10_16).
- net: macb: do not disable MDIO bus at open/close time (networking-stable-18_09_11).
- net/mlx4_core: Correctly set PFC param if global pause is turned off (bsc#1046299).
- net/mlx5: Check for error in mlx5_attach_interface (networking-stable-18_09_18).
- net/mlx5e: Fix selftest for small MTUs (networking-stable-18_11_21).
- net/mlx5e: Set vlan masks for all offloaded TC rules (networking-stable-18_10_16).
- net/mlx5: E-Switch, Fix memory leak when creating switchdev mode FDB tables (networking-stable-18_09_18).
- net/mlx5: E-Switch, Fix out of bound access when setting vport rate (networking-stable-18_10_16).
- net/mlx5: Fix debugfs cleanup in the device init/remove flow (networking-stable-18_09_18).
- net/mlx5: Fix use-after-free in self-healing flow (networking-stable-18_09_18).
- net/mlx5: Take only bit 24-26 of wqe.pftype_wq for page fault type (networking-stable-18_11_02).
- net: mvpp2: Extract the correct ethtype from the skb for tx csum offload (networking-stable-18_10_16).
- net: mvpp2: fix a txq_done race condition (networking-stable-18_10_16).
- net/packet: fix packet drop as of virtio gso (networking-stable-18_10_16).
- net: phy: mdio-gpio: Fix working over slow can_sleep GPIOs (networking-stable-18_11_21).
- net: qca_spi: Fix race condition in spi transfers (networking-stable-18_09_18).
- net: qmi_wwan: add Wistron Neweb D19Q1 (bsc#1051510).
- net: sched: action_ife: take reference to meta module (networking-stable-18_09_11).
- net/sched: act_pedit: fix dump of extended layered op (networking-stable-18_09_11).
- net/sched: act_sample: fix NULL dereference in the data path (networking-stable-18_09_24).
- net: sched: Fix for duplicate class dump (networking-stable-18_11_02).
- net: sched: Fix memory exposure from short TCA_U32_SEL (networking-stable-18_09_11).
- net: sched: gred: pass the right attribute to gred_change_table_def() (networking-stable-18_11_02).
- net: smsc95xx: Fix MTU range (networking-stable-18_11_21).
- net: socket: fix a missing-check bug (networking-stable-18_11_02).
- net: stmmac: Fix stmmac_mdio_reset() when building stmmac as modules (networking-stable-18_11_02).
- net: stmmac: Fixup the tail addr setting in xmit path (networking-stable-18_10_16).
- net: systemport: Fix wake-up interrupt race during resume (networking-stable-18_10_16).
- net: systemport: Protect stop from timeout (networking-stable-18_11_21).
- net: udp: fix handling of CHECKSUM_COMPLETE packets (networking-stable-18_11_02).
- net/usb: cancel pending work when unbinding smsc75xx (networking-stable-18_10_16).
- net: usb: r8152: constify usb_device_id (bsc#1119749).
- net: usb: r8152: use irqsave() in USB's complete callback (bsc#1119749).
- nfc: nfcmrvl_uart: fix OF child-node lookup (bsc#1051510).
- nfp: wait for posted reconfigs when disabling the device (networking-stable-18_09_11).
- nfs: Avoid RCU usage in tracepoints (git-fixes).
- nfs: commit direct writes even if they fail partially (git-fixes).
- nfsd4: permit layoutget of executable-only files (git-fixes).
- nfsd: check for use of the closed special stateid (git-fixes).
- nfsd: CLOSE SHOULD return the invalid special stateid for NFSv4.x (x>0) (git-fixes).
- nfsd: deal with revoked delegations appropriately (git-fixes).
- nfsd: Ensure we check stateid validity in the seqid operation checks (git-fixes).
- nfsd: Fix another OPEN stateid race (git-fixes).
- nfsd: fix corrupted reply to badly ordered compound (git-fixes).
- nfsd: fix potential use-after-free in nfsd4_decode_getdeviceinfo (git-fixes).
- nfsd: Fix stateid races between OPEN and CLOSE (git-fixes).
- nfs: do not wait on commit in nfs_commit_inode() if there were no commit requests (git-fixes).
- nfsd: restrict rd_maxcount to svc_max_payload in nfsd_encode_readdir (git-fixes).
- nfs: Ensure we commit after writeback is complete (bsc#1111809).
- nfs: Fix an incorrect type in struct nfs_direct_req (git-fixes).
- nfs: Fix a typo in nfs_rename() (git-fixes).
- nfs: Fix typo in nomigration mount option (git-fixes).
- nfs: Fix unstable write completion (git-fixes).
- nfsv4.0 fix client reference leak in callback (git-fixes).
- nfsv4.1: Fix a potential layoutget/layoutrecall deadlock (git-fixes).
- nfsv4.1 fix infinite loop on I/O (git-fixes).
- nfsv4.1: Fix the client behaviour on NFS4ERR_SEQ_FALSE_RETRY (git-fixes).
- nfsv4.1: Fix up replays of interrupted requests (git-fixes).
- nfsv4: Fix a typo in nfs41_sequence_process (git-fixes).
- nl80211: Fix possible Spectre-v1 for CQM RSSI thresholds (bsc#1051510).
- nl80211: Fix possible Spectre-v1 for NL80211_TXRATE_HT (bsc#1051510).
- nospec: Allow index argument to have const-qualified type (git-fixes)
- nospec: Include <asm/barrier.h> dependency (bsc#1114279).
- nospec: Kill array_index_nospec_mask_check() (git-fixes).
- nvdimm: Clarify comment in sizeof_namespace_index (bsc#1111921, bsc#1113408, bsc#1113972).
- nvdimm: Remove empty if statement (bsc#1111921, bsc#1113408, bsc#1113972).
- nvdimm: Sanity check labeloff (bsc#1111921, bsc#1113408, bsc#1113972).
- nvdimm: Split label init out from the logic for getting config data (bsc#1111921, bsc#1113408, bsc#1113972).
- nvdimm: Use namespace index data to reduce number of label reads needed (bsc#1111921, bsc#1113408, bsc#1113972).
- nvme-fc: resolve io failures during connect (bsc#1116803).
- nvme: Free ctrl device name on init failure ().
- nvme-multipath: zero out ANA log buffer (bsc#1105168).
- nvme: validate controller state before rescheduling keep alive (bsc#1103257).
- objtool: Detect RIP-relative switch table references (bsc#1058115).
- objtool: Detect RIP-relative switch table references, part 2 (bsc#1058115).
- objtool: Fix another switch table detection issue (bsc#1058115).
- objtool: Fix double-free in .cold detection error path (bsc#1058115).
- objtool: Fix GCC 8 cold subfunction detection for aliased functions (bsc#1058115).
- objtool: Fix 'noreturn' detection for recursive sibling calls (bsc#1058115).
- objtool: Fix segfault in .cold detection with -ffunction-sections (bsc#1058115).
- objtool: Support GCC 8's cold subfunctions (bsc#1058115).
- objtool: Support GCC 8 switch tables (bsc#1058115).
- ocfs2: fix a misuse a of brelse after failing ocfs2_check_dir_entry (bsc#1117817).
- ocfs2: fix locking for res->tracking and dlm->tracking_list (bsc#1117816).
- ocfs2: fix ocfs2 read block panic (bsc#1117815).
- ocfs2: free up write context when direct IO failed (bsc#1117821).
- ocfs2: subsystem.su_mutex is required while accessing the item->ci_parent (bsc#1117808).
- of: add helper to lookup compatible child node (bsc#1106110)
- openvswitch: Fix push/pop ethernet validation (networking-stable-18_11_02).
- panic: avoid deadlocks in re-entrant console drivers (bsc#1088386).
- pci: Add ACS quirk for Ampere root ports (bsc#1120058).
- pci: Add ACS quirk for APM X-Gene devices (bsc#1120058).
- pci: Add Device IDs for Intel GPU 'spurious interrupt' quirk (bsc#1051510).
- pci/ASPM: Do not initialize link state when aspm_disabled is set (bsc#1051510).
- pci/ASPM: Fix link_state teardown on device removal (bsc#1051510).
- pci: Convert device-specific ACS quirks from NULL termination to ARRAY_SIZE (bsc#1120058).
- pci: Delay after FLR of Intel DC P3700 NVMe (bsc#1120058).
- pci: Disable Samsung SM961/PM961 NVMe before FLR (bsc#1120058).
- pci: dwc: remove duplicate fix (bsc#1115269)
- pci: Export pcie_has_flr() (bsc#1120058).
- pci: hv: Use effective affinity mask (bsc#1109772).
- pci: imx6: Fix link training status detection in link up check (bsc#1109806).
- pci: iproc: Activate PAXC bridge quirk for more devices (bsc#1120058).
- pci: iproc: Remove PAXC slot check to allow VF support (bsc#1109806).
- pci: Mark Ceton InfiniTV4 INTx masking as broken (bsc#1120058).
- pci: Mark fall-through switch cases before enabling -Wimplicit-fallthrough (bsc#1120058).
- pci: Mark Intel XXV710 NIC INTx masking as broken (bsc#1120058).
- pci/MSI: Warn and return error if driver enables MSI/MSI-X twice (bsc#1051510).
- pci: vmd: Assign vector zero to all bridges (bsc#1109806).
- pci: vmd: Detach resources after stopping root bus (bsc#1109806).
- pci: vmd: White list for fast interrupt handlers (bsc#1109806).
- pcmcia: Implement CLKRUN protocol disabling for Ricoh bridges (bsc#1051510).
- percpu: make this_cpu_generic_read() atomic w.r.t. interrupts (bsc#1114279).
- perf: fix invalid bit in diagnostic entry (git-fixes).
- perf tools: Fix tracing_path_mount proper path (git-fixes).
- pinctrl: at91-pio4: fix has_config check in atmel_pctl_dt_subnode_to_map() (bsc#1051510).
- pinctrl: meson: fix pinconf bias disable (bsc#1051510).
- pinctrl: qcom: spmi-mpp: Fix drive strength setting (bsc#1051510).
- pinctrl: qcom: spmi-mpp: Fix err handling of pmic_mpp_set_mux (bsc#1051510).
- pinctrl: spmi-mpp: Fix pmic_mpp_config_get() to be compliant (bsc#1051510).
- pinctrl: ssbi-gpio: Fix pm8xxx_pin_config_get() to be compliant (bsc#1051510).
- pipe: match pipe_max_size data type with procfs (git-fixes).
- platform-msi: Free descriptors in platform_msi_domain_free() (bsc#1051510).
- platform/x86: acerhdf: Add BIOS entry for Gateway LT31 v1.3307 (bsc#1051510).
- platform/x86: intel_telemetry: report debugfs failure (bsc#1051510).
- pnfs: Always free the session slot on error in nfs4_layoutget_handle_exception (git-fixes).
- pnfs: Do not release the sequence slot until we've processed layoutget on open (git-fixes).
- pnfs: Prevent the layout header refcount going to zero in pnfs_roc() (git-fixes).
- powerpc/64s: consolidate MCE counter increment (bsc#1094244).
- powerpc/64s/hash: Do not use PPC_INVALIDATE_ERAT on CPUs before POWER9 (bsc#1065729).
- powerpc/64s/radix: Fix process table entry cache invalidation (bsc#1055186, git-fixes).
- powerpc/boot: Expose Kconfig symbols to wrapper (bsc#1065729).
- powerpc/boot: Fix build failures with -j 1 (bsc#1065729).
- powerpc/boot: Fix opal console in boot wrapper (bsc#1065729).
- powerpc/kvm/booke: Fix altivec related build break (bsc#1061840).
- powerpc/kvm: Switch kvm pmd allocator to custom allocator (bsc#1061840).
- powerpc/mm: Fix typo in comments (bsc#1065729).
- powerpc/mm/hugetlb: initialize the pagetable cache correctly for hugetlb (bsc#1091800).
- powerpc/mm/keys: Move pte bits to correct headers (bsc#1078248).
- powerpc/mm: Rename find_linux_pte_or_hugepte() (bsc#1061840).
- powerpc/npu-dma.c: Fix crash after __mmu_notifier_register failure (bsc#1055120).
- powerpc/perf: Update raw-event code encoding comment for power8 (bsc#1065729).
- powerpc/pkeys: Fix handling of pkey state across fork() (bsc#1078248, git-fixes).
- powerpc/powernv: Add indirect levels to it_userspace (bsc#1061840).
- powerpc/powernv: Do not select the cpufreq governors (bsc#1065729).
- powerpc/powernv: Fix concurrency issue with npu->mmio_atsd_usage (bsc#1055120).
- powerpc/powernv: Fix opal_event_shutdown() called with interrupts disabled (bsc#1065729).
- powerpc/powernv: Fix save/restore of SPRG3 on entry/exit from stop (idle) (bsc#1055121).
- powerpc/powernv/ioda: Allocate indirect TCE levels on demand (bsc#1061840).
- powerpc/powernv/ioda: Finish removing explicit max window size check (bsc#1061840).
- powerpc/powernv/ioda: Remove explicit max window size check (bsc#1061840).
- powerpc/powernv: Move TCE manupulation code to its own file (bsc#1061840).
- powerpc/powernv/npu: Add lock to prevent race in concurrent context init/destroy (bsc#1055120).
- powerpc/powernv/npu: Do not explicitly flush nmmu tlb (bsc#1055120).
- powerpc/powernv/npu: Fix deadlock in mmio_invalidate() (bsc#1055120).
- powerpc/powernv/npu: Prevent overwriting of pnv_npu2_init_contex() callback parameters (bsc#1055120).
- powerpc/powernv/npu: Use flush_all_mm() instead of flush_tlb_mm() (bsc#1055120).
- powerpc/powernv/pci: Work around races in PCI bridge enabling (bsc#1055120).
- powerpc/powernv: Rework TCE level allocation (bsc#1061840).
- powerpc/pseries: Fix DTL buffer registration (bsc#1065729).
- powerpc/pseries: Fix how we iterate over the DTL entries (bsc#1065729).
- powerpc/pseries: Fix 'OF: ERROR: Bad of_node_put() on /cpus' during DLPAR (bsc#1113295).
- powerpc/pseries/mobility: Extend start/stop topology update scope (bsc#1116950, bsc#1115709).
- powerpc: pseries: remove dlpar_attach_node dependency on full path (bsc#1113295).
- powerpc/pseries: Track LMB nid instead of using device tree (bsc#1108270).
- powerpc/traps: restore recoverability of machine_check interrupts (bsc#1094244).
- powerpc/xive: Move definition of ESB bits (bsc#1061840).
- powerpc/xmon: Add ISA v3.0 SPRs to SPR dump (bsc#1061840).
- power: supply: max8998-charger: Fix platform data retrieval (bsc#1051510).
- power: supply: olpc_battery: correct the temperature units (bsc#1051510).
- pppoe: fix reception of frames with no mac header (networking-stable-18_09_24).
- printk: Fix panic caused by passing log_buf_len to command line (bsc#1117168).
- provide linux/set_memory.h (bsc#1113295).
- ptp: fix Spectre v1 vulnerability (bsc#1051510).
- ptrace: Remove unused ptrace_may_access_sched() and MODE_IBRS (bsc#1106913).
- pwm: lpss: Release runtime-pm reference from the driver's remove callback (bsc#1051510).
- pxa168fb: prepare the clock (bsc#1051510).
- qed: Add driver support for 20G link speed (bsc#1110558).
- qed: Add support for virtual link (bsc#1111795).
- qede: Add driver support for 20G link speed (bsc#1110558).
- qmi_wwan: apply SET_DTR quirk to the SIMCOM shared device ID (bsc#1051510).
- qmi_wwan: Support dynamic config on Quectel EP06 (bsc#1051510).
- r8152: add byte_enable for ocp_read_word function (bsc#1119749).
- r8152: add Linksys USB3GIGV1 id (bsc#1119749).
- r8152: add r8153_phy_status function (bsc#1119749).
- r8152: adjust lpm settings for RTL8153 (bsc#1119749).
- r8152: adjust rtl8153_runtime_enable function (bsc#1119749).
- r8152: adjust the settings about MAC clock speed down for RTL8153 (bsc#1119749).
- r8152: adjust U2P3 for RTL8153 (bsc#1119749).
- r8152: avoid rx queue more than 1000 packets (bsc#1119749).
- r8152: check if disabling ALDPS is finished (bsc#1119749).
- r8152: correct the definition (bsc#1119749).
- r8152: disable RX aggregation on Dell TB16 dock (bsc#1119749).
- r8152: disable RX aggregation on new Dell TB16 dock (bsc#1119749).
- r8152: fix wrong checksum status for received IPv4 packets (bsc#1119749).
- r8152: move calling delay_autosuspend function (bsc#1119749).
- r8152: move the default coalesce setting for RTL8153 (bsc#1119749).
- r8152: move the initialization to reset_resume function (bsc#1119749).
- r8152: move the setting of rx aggregation (bsc#1119749).
- r8152: replace napi_complete with napi_complete_done (bsc#1119749).
- r8152: set rx mode early when linking on (bsc#1119749).
- r8152: split rtl8152_resume function (bsc#1119749).
- r8152: support new chip 8050 (bsc#1119749).
- r8152: support RTL8153B (bsc#1119749).
- r8169: fix NAPI handling under high load (networking-stable-18_11_02).
- race of lockd inetaddr notifiers vs nlmsvc_rqst change (git-fixes).
- raid10 BUG_ON in raise_barrier when force is true and conf->barrier is 0 (git-fixes).
- random: rate limit unseeded randomness warnings (git-fixes).
- rbd: whitelist RBD_FEATURE_OPERATIONS feature bit (Git-fixes).
- rcu: Allow for page faults in NMI handlers (bsc#1120092).
- rdma/bnxt_re: Add missing spin lock initialization (bsc#1050244 ).
- rdma/bnxt_re: Avoid accessing the device structure after it is freed (bsc#1050244).
- rdma/bnxt_re: Avoid NULL check after accessing the pointer (bsc#1086283).
- rdma/bnxt_re: Fix system hang when registration with L2 driver fails (bsc#1086283).
- rdma/hns: Bugfix pbl configuration for rereg mr (bsc#1104427 ).
- rdma_rxe: make rxe work over 802.1q VLAN devices (bsc#1082387).
- rds: fix two RCU related problems (networking-stable-18_09_18).
- remoteproc: qcom: Fix potential device node leaks (bsc#1051510).
- reset: hisilicon: fix potential NULL pointer dereference (bsc#1051510).
- reset: imx7: Fix always writing bits as 0 (bsc#1051510).
- reset: remove remaining WARN_ON() in <linux/reset.h> (Git-fixes).
- resource: Include resource end in walk_*() interfaces (bsc#1114279).
- Revert 'blacklist.conf: blacklist inapplicable commits' This reverts commit 88bd1b2b53990d5518b819968445522fb1392bee. We only build with VIRT_CPU_ACCOUNTING_NATIVE on s390
- Revert 'ceph: fix dentry leak in splice_dentry()' (bsc#1114839).
- Revert commit ef9209b642f 'staging: rtl8723bs: Fix indenting errors and an off-by-one mistake in core/rtw_mlme_ext.c' (bsc#1051510).
- Revert 'iommu/io-pgtable-arm: Check for v7s-incapable systems' (bsc#1106105).
- Revert 'PCI/ASPM: Do not initialize link state when aspm_disabled is set' (bsc#1051510).
- Revert 'powerpc/64: Fix checksum folding in csum_add()' (bsc#1065729).
- Revert 'scsi: lpfc: ls_rjt erroneus FLOGIs' (bsc#1119322).
- Revert 'usb: dwc3: gadget: skip Set/Clear Halt when invalid' (bsc#1051510).
- Revert wlcore patch to follow stable tree develpment
- ring-buffer: Allow for rescheduling when removing pages (bsc#1120238).
- ring-buffer: Do no reuse reader page if still in use (bsc#1120096).
- ring-buffer: Mask out the info bits when returning buffer page length (bsc#1120094).
- rpmsg: Correct support for MODULE_DEVICE_TABLE() (git-fixes).
- rtc: hctosys: Add missing range error reporting (bsc#1051510).
- rtc: m41t80: Correct alarm month range with RTC reads (bsc#1051510).
- rtc: pcf2127: fix a kmemleak caused in pcf2127_i2c_gather_write (bsc#1051510).
- rtc: snvs: Add timeouts to avoid kernel lockups (bsc#1051510).
- rtl8xxxu: Fix missing break in switch (bsc#1051510).
- rtnetlink: Disallow FDB configuration for non-Ethernet device (networking-stable-18_11_02).
- rtnetlink: fix rtnl_fdb_dump() for ndmsg header (networking-stable-18_10_16).
- rtnl: limit IFLA_NUM_TX_QUEUES and IFLA_NUM_RX_QUEUES to 4096 (networking-stable-18_10_16).
- s390/cpum_sf: Add data entry sizes to sampling trailer entry (git-fixes).
- s390/dasd: simplify locking in dasd_times_out (bsc#1104967,).
- s390/kdump: Fix elfcorehdr size calculation (bsc#1117953, LTC#171112).
- s390/kdump: Make elfcorehdr size calculation ABI compliant (bsc#1117953, LTC#171112).
- s390/kvm: fix deadlock when killed by oom (bnc#1113501, LTC#172235).
- s390/mm: Check for valid vma before zapping in gmap_discard (git-fixes).
- s390/mm: correct allocate_pgste proc_handler callback (git-fixes).
- s390: qeth_core_mpc: Use ARRAY_SIZE instead of reimplementing its function (bnc#1113501, LTC#172682).
- s390/qeth: fix HiperSockets sniffer (bnc#1113501, LTC#172953).
- s390/qeth: fix length check in SNMP processing (bsc#1117953, LTC#173657).
- s390: qeth: Fix potential array overrun in cmd/rc lookup (bnc#1113501, LTC#172682).
- s390/qeth: handle failure on workqueue creation (git-fixes).
- s390/qeth: remove outdated portname debug msg (bsc#1117953, LTC#172960).
- s390/qeth: report 25Gbit link speed (bnc#1113501, LTC#172959).
- s390/qeth: sanitize strings in debug messages (bsc#1117953, LTC#172960).
- s390: revert ELF_ET_DYN_BASE base changes (git-fixes).
- s390/sclp_tty: enable line mode tty even if there is an ascii console (git-fixes).
- s390/sthyi: add cache to store hypervisor info (LTC#160415, bsc#1068273).
- s390/sthyi: add s390_sthyi system call (LTC#160415, bsc#1068273).
- s390/sthyi: reorganize sthyi implementation (LTC#160415, bsc#1068273).
- sbitmap: fix race in wait batch accounting (Git-fixes).
- sched/core: Fix cpu.max vs. cpuhotplug deadlock (bsc#1106913).
- sched/smt: Expose sched_smt_present static key (bsc#1106913).
- sched/smt: Make sched_smt_present track topology (bsc#1106913).
- sched, tracing: Fix trace_sched_pi_setprio() for deboosting (bsc#1120228).
- scsi: core: Avoid that SCSI device removal through sysfs triggers a deadlock (bsc#1114578).
- scsi: libsas: remove irq save in sas_ata_qc_issue() (bsc#1114580).
- scsi: lpfc: add support to retrieve firmware logs (bsc#1114015).
- scsi: lpfc: add Trunking support (bsc#1114015).
- scsi: lpfc: Cap NPIV vports to 256 (bsc#1118215).
- scsi: lpfc: Correct code setting non existent bits in sli4 ABORT WQE (bsc#1118215).
- scsi: lpfc: Correct errors accessing fw log (bsc#1114015).
- scsi: lpfc: Correct invalid EQ doorbell write on if_type=6 (bsc#1114015).
- scsi: lpfc: Correct irq handling via locks when taking adapter offline (bsc#1114015).
- scsi: lpfc: Correct LCB RJT handling (bsc#1114015).
- scsi: lpfc: Correct loss of fc4 type on remote port address change (bsc#1114015).
- scsi: lpfc: Correct race with abort on completion path (bsc#1114015).
- scsi: lpfc: Correct soft lockup when running mds diagnostics (bsc#1114015).
- scsi: lpfc: Correct speeds on SFP swap (bsc#1114015).
- scsi: lpfc: Correct topology type reporting on G7 adapters (bsc#1118215).
- scsi: lpfc: Defer LS_ACC to FLOGI on point to point logins (bsc#1118215).
- scsi: lpfc: Enable Management features for IF_TYPE=6 (bsc#1119322).
- scsi: lpfc: fcoe: Fix link down issue after 1000+ link bounces (bsc#1114015).
- scsi: lpfc: Fix a duplicate 0711 log message number (bsc#1118215).
- scsi: lpfc: fix block guard enablement on SLI3 adapters (bsc#1079935).
- scsi: lpfc: Fix dif and first burst use in write commands (bsc#1118215).
- scsi: lpfc: Fix discovery failures during port failovers with lots of vports (bsc#1118215).
- scsi: lpfc: Fix driver release of fw-logging buffers (bsc#1118215).
- scsi: lpfc: Fix errors in log messages (bsc#1114015).
- scsi: lpfc: Fix GFT_ID and PRLI logic for RSCN (bsc#1114015).
- scsi: lpfc: Fix kernel Oops due to null pring pointers (bsc#1118215).
- scsi: lpfc: Fix LOGO/PLOGI handling when triggerd by ABTS Timeout event (bsc#1114015).
- scsi: lpfc: Fix lpfc_sli4_read_config return value check (bsc#1114015).
- scsi: lpfc: Fix odd recovery in duplicate FLOGIs in point-to-point (bsc#1114015).
- scsi: lpfc: Fix panic when FW-log buffsize is not initialized (bsc#1118215).
- scsi: lpfc: Implement GID_PT on Nameserver query to support faster failover (bsc#1114015).
- scsi: lpfc: ls_rjt erroneus FLOGIs (bsc#1118215).
- scsi: lpfc: Raise nvme defaults to support a larger io and more connectivity (bsc#1114015).
- scsi: lpfc: raise sg count for nvme to use available sg resources (bsc#1114015).
- scsi: lpfc: reduce locking when updating statistics (bsc#1114015).
- scsi: lpfc: refactor mailbox structure context fields (bsc#1118215).
- scsi: lpfc: Remove set but not used variable 'sgl_size' (bsc#1114015).
- scsi: lpfc: Reset link or adapter instead of doing infinite nameserver PLOGI retry (bsc#1114015).
- scsi: lpfc: rport port swap discovery issue (bsc#1118215).
- scsi: lpfc: Synchronize access to remoteport via rport (bsc#1114015).
- scsi: lpfc: update driver version to 12.0.0.7 (bsc#1114015).
- scsi: lpfc: update driver version to 12.0.0.8 (bsc#1114015).
- scsi: lpfc: update driver version to 12.0.0.9 (bsc#1118215).
- scsi: lpfc: update manufacturer attribute to reflect Broadcom (bsc#1118215).
- scsi: qlogicpti: Fix an error handling path in 'qpti_sbus_probe()' (bsc#1114581).
- scsi: scsi_transport_srp: Fix shost to rport translation (bsc#1114582).
- scsi: sg: fix minor memory leak in error path (bsc#1114584).
- scsi: sysfs: Introduce sysfs_{un,}break_active_protection() (bsc#1114578).
- scsi: target: add emulate_pr backstore attr to toggle PR support (bsc#1091405).
- scsi: target: drop unused pi_prot_format attribute storage (bsc#1091405).
- scsi: target: Fix fortify_panic kernel exception (bsc#1114576).
- scsi: target/tcm_loop: Avoid that static checkers warn about dead code (bsc#1114577).
- scsi: target: tcmu: add read length support (bsc#1097755).
- scsi: zfcp: fix posting too many status read buffers leading to adapter shutdown (bsc#1121483, LTC#174588).
- sctp: fix race on sctp_id2asoc (networking-stable-18_11_02).
- sctp: fix strchange_flags name for Stream Change Event (networking-stable-18_11_21).
- sctp: hold transport before accessing its asoc in sctp_transport_get_next (networking-stable-18_09_11).
- sctp: not allow to set asoc prsctp_enable by sockopt (networking-stable-18_11_21).
- sctp: not increase stream's incnt before sending addstrm_in request (networking-stable-18_11_21).
- sctp: update dst pmtu with the correct daddr (networking-stable-18_10_16).
- serial: 8250: Fix clearing FIFOs in RS485 mode again (bsc#1051510).
- shmem: introduce shmem_inode_acct_block (VM Functionality, bsc#1121599).
- shmem: shmem_charge: verify max_block is not exceeded before inode update (VM Functionality, bsc#1121599).
- skd: Avoid that module unloading triggers a use-after-free (Git-fixes).
- skd: Submit requests to firmware before triggering the doorbell (Git-fixes).
- skip LAYOUTRETURN if layout is invalid (git-fixes).
- soc: bcm2835: sync firmware properties with downstream ()
- soc: fsl: qbman: qman: avoid allocating from non existing gen_pool (bsc#1051510).
- soc/tegra: pmc: Fix child-node lookup (bsc#1051510).
- soc: ti: QMSS: Fix usage of irq_set_affinity_hint (bsc#1051510).
- spi: bcm2835: Avoid finishing transfer prematurely in IRQ mode (bsc#1051510).
- spi: bcm2835: Fix book-keeping of DMA termination (bsc#1051510).
- spi: bcm2835: Fix race on DMA termination (bsc#1051510).
- spi: bcm2835: Unbreak the build of esoteric configs (bsc#1051510).
- spi/bcm63xx-hsspi: keep pll clk enabled (bsc#1051510).
- spi: bcm-qspi: switch back to reading flash using smaller chunks (bsc#1051510).
- spi: sh-msiof: fix deferred probing (bsc#1051510).
- splice: do not read more than available pipe space (bsc#1119212).
- staging: bcm2835-camera: Abort probe if there is no camera (bsc#1051510).
- staging: comedi: ni_mio_common: protect register write overflow (bsc#1051510).
- staging:iio:ad7606: fix voltage scales (bsc#1051510).
- staging: rtl8712: Fix possible buffer overrun (bsc#1051510).
- staging: rtl8723bs: Add missing return for cfg80211_rtw_get_station (bsc#1051510).
- staging: rtl8723bs: Fix the return value in case of error in 'rtw_wx_read32()' (bsc#1051510).
- staging: rts5208: fix gcc-8 logic error warning (bsc#1051510).
- staging: vchiq_arm: fix compat VCHIQ_IOC_AWAIT_COMPLETION (bsc#1051510).
- staging: wilc1000: fix missing read_write setting when reading data (bsc#1051510).
- sunrpc: Allow connect to return EHOSTUNREACH (git-fixes).
- sunrpc: Do not use stack buffer with scatterlist (git-fixes).
- sunrpc: Fix rpc_task_begin trace point (git-fixes).
- sunrpc: Fix tracepoint storage issues with svc_recv and svc_rqst_status (git-fixes).
- supported.conf: add raspberrypi-ts driver
- supported.conf: whitelist bluefield eMMC driver
- target: fix buffer offset in core_scsi3_pri_read_full_status (bsc1117349).
- target/iscsi: avoid NULL dereference in CHAP auth error path (bsc#1117165).
- target: se_dev_attrib.emulate_pr ABI stability (bsc#1091405).
- tcp: do not restart timewait timer on rst reception (networking-stable-18_09_11).
- team: no need to do team_notify_peers or team_mcast_rejoin when disabling port (bsc#1051510).
- termios, tty/tty_baudrate.c: fix buffer overrun (bsc#1051510).
- test_firmware: fix error return getting clobbered (bsc#1051510).
- test_hexdump: use memcpy instead of strncpy (bsc#1051510).
- tg3: Add PHY reset for 5717/5719/5720 in change ring and flow control paths (networking-stable-18_11_21).
- thermal: bcm2835: enable hwmon explicitly (bsc#1108468).
- thermal: da9062/61: Prevent hardware access during system suspend (bsc#1051510).
- thermal: rcar_thermal: Prevent hardware access during system suspend (bsc#1051510).
- tipc: do not assume linear buffer when reading ancillary data (networking-stable-18_11_21).
- tipc: fix a missing rhashtable_walk_exit() (networking-stable-18_09_11).
- tipc: fix flow control accounting for implicit connect (networking-stable-18_10_16).
- tmpfs: make lseek(SEEK_DATA/SEK_HOLE) return ENXIO with a negative offset (bsc#1051510).
- tools build: fix # escaping in .cmd files for future Make (git-fixes).
- tools: hv: fcopy: set 'error' in case an unknown operation was requested (git-fixes).
- tools: hv: include string.h in hv_fcopy_daemon (git-fixes).
- tools/lib/lockdep: Rename 'trywlock' into 'trywrlock' (bsc#1121973).
- tools/power/cpupower: fix compilation with STATIC=true (git-fixes).
- tools/power turbostat: fix possible sprintf buffer overflow (git-fixes).
- tpm2-cmd: allow more attempts for selftest execution (bsc#1082555).
- tpm: add retry logic (bsc#1082555).
- tpm: consolidate the TPM startup code (bsc#1082555).
- tpm: do not suspend/resume if power stays on (bsc#1082555).
- tpm: fix intermittent failure with self tests (bsc#1082555).
- tpm: fix response size validation in tpm_get_random() (bsc#1082555).
- tpm: move endianness conversion of ordinals to tpm_input_header (bsc#1082555).
- tpm: move endianness conversion of TPM_TAG_RQU_COMMAND to tpm_input_header (bsc#1082555).
- tpm: move the delay_msec increment after sleep in tpm_transmit() (bsc#1082555).
- tpm: React correctly to RC_TESTING from TPM 2.0 self tests (bsc#1082555).
- tpm: replace msleep() with usleep_range() in TPM 1.2/2.0 generic drivers (bsc#1082555).
- tpm: Restore functionality to xen vtpm driver (bsc#1082555).
- tpm: self test failure should not cause suspend to fail (bsc#1082555).
- tpm: tpm-interface: fix tpm_transmit/_cmd kdoc (bsc#1082555).
- tpm: Trigger only missing TPM 2.0 self tests (bsc#1082555).
- tpm: Use dynamic delay to wait for TPM 2.0 self test result (bsc#1082555).
- tpm: use tpm2_pcr_read() in tpm2_do_selftest() (bsc#1082555).
- tpm: use tpm_buf functions in tpm2_pcr_read() (bsc#1082555).
- tracing: Apply trace_clock changes to instance max buffer (bsc#1117188).
- tracing/blktrace: Fix to allow setting same value (Git-fixes).
- tracing: Erase irqsoff trace with empty write (bsc#1117189).
- tracing: Fix bad use of igrab in trace_uprobe.c (bsc#1120046).
- tracing: Fix crash when freeing instances with event triggers (bsc#1120230).
- tracing: Fix crash when it fails to alloc ring buffer (bsc#1120097).
- tracing: Fix double free of event_trigger_data (bsc#1120234).
- tracing: Fix missing return symbol in function_graph output (bsc#1120232).
- tracing: Fix possible double free in event_enable_trigger_func() (bsc#1120235).
- tracing: Fix possible double free on failure of allocating trace buffer (bsc#1120214).
- tracing: Fix regex_match_front() to not over compare the test string (bsc#1120223).
- tracing: Fix trace_pipe behavior for instance traces (bsc#1120088).
- tracing: Remove RCU work arounds from stack tracer (bsc#1120092).
- tracing/samples: Fix creation and deletion of simple_thread_fn creation (git-fixes).
- tty: check name length in tty_find_polling_driver() (bsc#1051510).
- tty: Do not block on IO when ldisc change is pending (bnc#1105428).
- tty: Do not hold ldisc lock in tty_reopen() if ldisc present (bsc#1051510).
- tty: Do not return -EAGAIN in blocking read (bsc#1116040).
- tty: do not set TTY_IO_ERROR flag if console port (bsc#1051510).
- tty: fix data race between tty_init_dev and flush of buf (bnc#1105428).
- tty: Hold tty_ldisc_lock() during tty_reopen() (bnc#1105428).
- tty/ldsem: Add lockdep asserts for ldisc_sem (bnc#1105428).
- tty/ldsem: Convert to regular lockdep annotations (bnc#1105428).
- tty/ldsem: Decrement wait_readers on timeouted down_read() (bnc#1105428).
- tty/ldsem: Wake up readers after timed out down_write() (bnc#1105428).
- tty: serial: 8250_mtk: always resume the device in probe (bsc#1051510).
- tty: Simplify tty->count math in tty_reopen() (bnc#1105428).
- tty: wipe buffer (bsc#1051510).
- tty: wipe buffer if not echoing data (bsc#1051510).
- tun: Consistently configure generic netdev params via rtnetlink (bsc#1051510).
- tuntap: fix multiqueue rx (networking-stable-18_11_21).
- ubifs: Handle re-linking of inodes correctly while recovery (bsc#1120598).
- ubifs-Handle-re-linking-of-inodes-correctly-while-re.patch: Fixup compilation failure due to different ubifs_assert() prototype.
- udf: Allow mounting volumes with incorrect identification strings (bsc#1118774).
- udp4: fix IP_CMSG_CHECKSUM for connected sockets (networking-stable-18_09_24).
- udp6: add missing checks on edumux packet processing (networking-stable-18_09_24).
- udp6: fix encap return code for resubmitting (git-fixes).
- uio: ensure class is registered before devices (bsc#1051510).
- uio: Fix an Oops on load (bsc#1051510).
- uio: make symbol 'uio_class_registered' static (bsc#1051510).
- unifdef: use memcpy instead of strncpy (bsc#1051510).
- usb: appledisplay: Add 27' Apple Cinema Display (bsc#1051510).
- usb: cdc-acm: add entry for Hiro (Conexant) modem (bsc#1051510).
- usb: chipidea: Prevent unbalanced IRQ disable (bsc#1051510).
- usb: core: Fix hub port connection events lost (bsc#1051510).
- usb: core: quirks: add RESET_RESUME quirk for Cherry G230 Stream series (bsc#1051510).
- usb: dwc2: host: do not delay retries for CONTROL IN transfers (bsc#1114385).
- usb: dwc2: host: Do not retry NAKed transactions right away (bsc#1114385).
- usb: dwc2: host: use hrtimer for NAK retries (git-fixes).
- usb: dwc3: core: Clean up ULPI device (bsc#1051510).
- usb: dwc3: gadget: fix ISOC TRB type on unaligned transfers (bsc#1051510).
- usb: dwc3: gadget: Properly check last unaligned/zero chain TRB (bsc#1051510).
- usb: gadget: fsl_udc_core: check allocation return value and cleanup on failure (bsc#1051510).
- usb: gadget: fsl_udc_core: fixup struct_udc_setup documentation (bsc#1051510).
- usb: gadget: storage: Fix Spectre v1 vulnerability (bsc#1051510).
- usb: gadget: udc: atmel: handle at91sam9rl PMC (bsc#1051510).
- usb: gadget: u_ether: fix unsafe list iteration (bsc#1051510).
- usb: host: ohci-at91: fix request of irq for optional gpio (bsc#1051510).
- usb: hso: Fix OOB memory access in hso_probe/hso_get_config_data (bsc#1051510).
- usbip: tools: fix atoi() on non-null terminated string (bsc#1051510).
- usbip: vhci_hcd: check rhport before using in vhci_hub_control() (bsc#1090888).
- usbip:vudc: BUG kmalloc-2048 (Not tainted): Poison overwritten (bsc#1051510).
- usb: misc: appledisplay: add 20' Apple Cinema Display (bsc#1051510).
- usbnet: smsc95xx: disable carrier check while suspending (bsc#1051510).
- usb: omap_udc: fix crashes on probe error and module removal (bsc#1051510).
- usb: omap_udc: fix omap_udc_start() on 15xx machines (bsc#1051510).
- usb: omap_udc: fix rejection of out transfers when DMA is used (bsc#1051510).
- usb: omap_udc: fix USB gadget functionality on Palm Tungsten E (bsc#1051510).
- usb: omap_udc: use devm_request_irq() (bsc#1051510).
- usb: quirk: add no-LPM quirk on SanDisk Ultra Flair device (bsc#1051510).
- usb: quirks: Add delay-init quirk for Corsair K70 LUX RGB (bsc#1051510).
- usb: quirks: Add no-lpm quirk for Raydium touchscreens (bsc#1051510).
- usb: serial: cypress_m8: fix interrupt-out transfer length (bsc#1051510).
- usb: serial: option: add Fibocom NL668 series (bsc#1051510).
- usb: serial: option: add GosunCn ZTE WeLink ME3630 (bsc#1051510).
- usb: serial: option: add HP lt4132 (bsc#1051510).
- usb: serial: option: add Simcom SIM7500/SIM7600 (MBIM mode) (bsc#1051510).
- usb: serial: option: add Telit LN940 series (bsc#1051510).
- usb: serial: option: add two-endpoints device-id flag (bsc#1051510).
- usb: serial: option: drop redundant interface-class test (bsc#1051510).
- usb: serial: option: improve Quectel EP06 detection (bsc#1051510).
- usb: usbip: Fix BUG: KASAN: slab-out-of-bounds in vhci_hub_control() (bsc#1106110).
- usb: usb-storage: Add new IDs to ums-realtek (bsc#1051510).
- usb: xhci: fix timeout for transition from RExit to U0 (bsc#1051510).
- usb: xhci: fix uninitialized completion when USB3 port got wrong status (bsc#1051510).
- usb: xhci: Prevent bus suspend if a port connect change or polling state is detected (bsc#1051510).
- userfaultfd: clear the vma->vm_userfaultfd_ctx if UFFD_EVENT_FORK fails (bsc#1118761).
- userfaultfd: remove uffd flags from vma->vm_flags if UFFD_EVENT_FORK fails (bsc#1118809).
- v9fs_dir_readdir: fix double-free on p9stat_read error (bsc#1118771).
- vfs: Avoid softlockups in drop_pagecache_sb() (bsc#1118505).
- vfs: close race between getcwd() and d_move() (git-fixes).
- vfs: fix freeze protection in mnt_want_write_file() for overlayfs (git-fixes).
- vhost: Fix Spectre V1 vulnerability (bsc#1051510).
- vhost/scsi: truncate T10 PI iov_iter to prot_bytes (bsc#1051510).
- virtio_net: avoid using netif_tx_disable() for serializing tx routine (networking-stable-18_11_02).
- VMCI: Resource wildcard match fixed (bsc#1051510).
- w1: omap-hdq: fix missing bus unregister at removal (bsc#1051510).
- watchdog/core: Add missing prototypes for weak functions (git-fixes).
- wireless: airo: potential buffer overflow in sprintf() (bsc#1051510).
- wlcore: Fix the return value in case of error in 'wlcore_vendor_cmd_smart_config_start()' (bsc#1051510).
- Workaround for mysterious NVMe breakage with i915 CFL (bsc#1111040).
- x86/boot/KASLR: Work around firmware bugs by excluding EFI_BOOT_SERVICES_* and EFI_LOADER_* from KASLR's choice (bnc#1112878).
- x86/bugs: Add AMD's SPEC_CTRL MSR usage (bsc#1106913).
- x86/bugs: Fix the AMD SSBD usage of the SPEC_CTRL MSR (bsc#1106913).
- x86/bugs: Switch the selection of mitigation from CPU vendor to CPU features (bsc#1106913).
- x86/corruption-check: Fix panic in memory_corruption_check() when boot option without value is provided (bsc#1110006).
- x86/cpu/vmware: Do not trace vmware_sched_clock() (bsc#1114279).
- x86/decoder: Fix and update the opcodes map (bsc#1058115).
- x86, hibernate: Fix nosave_regions setup for hibernation (bsc#1110006).
- x86/irq: implement irq_data_get_effective_affinity_mask() for v4.12 (bsc#1109772).
- x86/kabi: Fix cpu_tlbstate issue (bsc#1106913).
- x86/kexec: Correct KEXEC_BACKUP_SRC_END off-by-one error (bsc#1114279).
- x86/l1tf: Show actual SMT state (bsc#1106913).
- x86/ldt: Remove unused variable in map_ldt_struct() (bsc#1114279).
- x86/ldt: Split out sanity check in map_ldt_struct() (bsc#1114279).
- x86/ldt: Unmap PTEs for the slot before freeing LDT pages (bsc#1114279).
- x86/MCE/AMD: Fix the thresholding machinery initialization order (bsc#1114279).
- x86/MCE: Make correctable error detection look at the Deferred bit (bsc#1114279).
- x86/mm: Fix decoy address handling vs 32-bit builds (bsc#1120606).
- x86/mm/pat: Disable preemption around __flush_tlb_all() (bsc#1114279).
- x86/PCI: Add additional VMD device root ports to VMD AER quirk (bsc#1120058).
- x86/PCI: Add 'pci=big_root_window' option for AMD 64-bit windows (bsc#1120058).
- x86/PCI: Apply VMD's AERSID fixup generically (bsc#1120058).
- x86/PCI: Avoid AMD SB7xx EHCI USB wakeup defect (bsc#1120058).
- x86/PCI: Enable a 64bit BAR on AMD Family 15h (Models 00-1f, 30-3f, 60-7f) (bsc#1120058).
- x86/PCI: Enable AMD 64-bit window on resume (bsc#1120058).
- x86/PCI: Fix infinite loop in search for 64bit BAR placement (bsc#1120058).
- x86/PCI: Move and shrink AMD 64-bit window to avoid conflict (bsc#1120058).
- x86/PCI: Move VMD quirk to x86 fixups (bsc#1120058).
- x86/PCI: Only enable a 64bit BAR on single-socket AMD Family 15h (bsc#1120058).
- x86/PCI: Use is_vmd() rather than relying on the domain number (bsc#1120058).
- x86/process: Consolidate and simplify switch_to_xtra() code (bsc#1106913).
- x86/pti: Document fix wrong index (git-fixes).
- x86/retpoline: Make CONFIG_RETPOLINE depend on compiler support (bsc#1106913).
- x86/retpoline: Remove minimal retpoline support (bsc#1106913).
- x86/speculataion: Mark command line parser data __initdata (bsc#1106913).
- x86/speculation: Add command line control for indirect branch speculation (bsc#1106913).
- x86/speculation: Add prctl() control for indirect branch speculation (bsc#1106913).
- x86/speculation: Add seccomp Spectre v2 user space protection mode (bsc#1106913).
- x86/speculation: Apply IBPB more strictly to avoid cross-process data leak (bsc#1106913).
- x86/speculation: Avoid __switch_to_xtra() calls (bsc#1106913).
- x86/speculation: Clean up spectre_v2_parse_cmdline() (bsc#1106913).
- x86/speculation: Disable STIBP when enhanced IBRS is in use (bsc#1106913).
- x86/speculation: Enable cross-hyperthread spectre v2 STIBP mitigation (bsc#1106913).
- x86/speculation: Enable prctl mode for spectre_v2_user (bsc#1106913).
- x86/speculation/l1tf: Drop the swap storage limit restriction when l1tf=off (bnc#1114871).
- x86/speculation: Mark string arrays const correctly (bsc#1106913).
- x86/speculation: Move STIPB/IBPB string conditionals out of cpu_show_common() (bsc#1106913).
- x86/speculation: Prepare arch_smt_update() for PRCTL mode (bsc#1106913).
- x86/speculation: Prepare for conditional IBPB in switch_mm() (bsc#1106913).
- x86/speculation: Prepare for per task indirect branch speculation control (bsc#1106913).
- x86/speculation: Prevent stale SPEC_CTRL msr content (bsc#1106913).
- x86/speculation: Propagate information about RSB filling mitigation to sysfs (bsc#1106913).
- x86/speculation: Provide IBPB always command line options (bsc#1106913).
- x86/speculation: Remove unnecessary ret variable in cpu_show_common() (bsc#1106913).
- x86/speculation: Rename SSBD update functions (bsc#1106913).
- x86/speculation: Reorder the spec_v2 code (bsc#1106913).
- x86/speculation: Reorganize speculation control MSRs update (bsc#1106913).
- x86/speculation: Rework SMT state change (bsc#1106913).
- x86/speculation: Split out TIF update (bsc#1106913).
- x86/speculation: Support Enhanced IBRS on future CPUs ().
- x86/speculation: Unify conditional spectre v2 print functions (bsc#1106913).
- x86/speculation: Update the TIF_SSBD comment (bsc#1106913).
- x86/xen: Fix boot loader version reported for PVH guests (bnc#1065600).
- xen/balloon: Support xend-based toolstack (bnc#1065600).
- xen/blkfront: avoid NULL blkfront_info dereference on device removal (bsc#1111062).
- xen: fix race in xen_qlock_wait() (bnc#1107256).
- xen: fix xen_qlock_wait() (bnc#1107256).
- xen: make xen_qlock_wait() nestable (bnc#1107256).
- xen/netfront: do not bug in case of too many frags (bnc#1104824).
- xen/netfront: tolerate frags with no data (bnc#1119804).
- xen/pvh: do not try to unplug emulated devices (bnc#1065600).
- xen/pvh: increase early stack size (bnc#1065600).
- xen-swiotlb: use actually allocated size on check physical continuous (bnc#1065600).
- xen/x86: add diagnostic printout to xen_mc_flush() in case of error (bnc#1116183).
- xfs: Align compat attrlist_by_handle with native implementation (git-fixes).
- xfs: Fix error code in 'xfs_ioc_getbmap()' (git-fixes).
- xfs: fix quotacheck dquot id overflow infinite loop (bsc#1121621).
- xfs: Fix xqmstats offsets in /proc/fs/xfs/xqmstat (git-fixes).
- xfs: Properly detect when DAX won't be used on any device (bsc#1115976).
- xfs: xfs_buf: drop useless LIST_HEAD (git-fixes).
- xhci: Add check for invalid byte size error when UAS devices are connected (bsc#1051510).
- xhci: Add quirk to workaround the errata seen on Cavium Thunder-X2 Soc (bsc#1117162).
- xhci: Do not prevent USB2 bus suspend in state check intended for USB3 only (bsc#1051510).
- xhci: Fix leaking USB3 shared_hcd at xhci removal (bsc#1051510).
- xhci: Prevent U1/U2 link pm states if exit latency is too long (bsc#1051510).
- xprtrdma: Do not defer fencing an async RPC's chunks (git-fixes).
Patchnames
SUSE-2019-224,SUSE-SLE-Module-Basesystem-15-2019-224,SUSE-SLE-Module-Development-Tools-15-2019-224,SUSE-SLE-Module-Development-Tools-OBS-15-2019-224,SUSE-SLE-Module-Legacy-15-2019-224,SUSE-SLE-Module-Live-Patching-15-2019-224,SUSE-SLE-Product-HA-15-2019-224,SUSE-SLE-Product-WE-15-2019-224
Terms of use
CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).
{
"document": {
"aggregate_severity": {
"namespace": "https://www.suse.com/support/security/rating/",
"text": "important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright 2024 SUSE LLC. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "Security update for the Linux Kernel",
"title": "Title of the patch"
},
{
"category": "description",
"text": "\n\nThe SUSE Linux Enterprise 15 kernel was updated to receive various security and bugfixes.\n\nThis update brings following features:\n\n- Support for Enhanced-IBRS on new Intel CPUs (fate#326564)\n\nThe following security bugs were fixed:\n\n- CVE-2018-9568: In sk_clone_lock of sock.c, there is a possible memory corruption due to type confusion. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation. (bnc#1118319).\n- CVE-2018-12232: In net/socket.c there is a race condition between fchownat and close in cases where they target the same socket file descriptor, related to the sock_close and sockfs_setattr functions. fchownat did not increment the file descriptor reference count, which allowed close to set the socket to NULL during fchownat\u0027s execution, leading to a NULL pointer dereference and system crash (bnc#1097593).\n- CVE-2018-14625: A flaw was found where an attacker may be able to have an uncontrolled read to kernel-memory from within a vm guest. A race condition between connect() and close() function may allow an attacker using the AF_VSOCK protocol to gather a 4 byte information leak or possibly intercept or corrupt AF_VSOCK messages destined to other clients (bnc#1106615).\n- CVE-2018-16862: A security flaw was found in the way that the cleancache subsystem clears an inode after the final file truncation (removal). The new file created with the same inode may contain leftover pages from cleancache and the old file data instead of the new one (bnc#1117186).\n- CVE-2018-16884: NFS41+ shares mounted in different network namespaces at the same time can make bc_svc_process() use wrong back-channel IDs and cause a use-after-free vulnerability. Thus a malicious container user can cause a host kernel memory corruption and a system panic. Due to the nature of the flaw, privilege escalation cannot be fully ruled out (bnc#1119946).\n- CVE-2018-18281: The mremap() syscall performs TLB flushes after dropping pagetable locks. If a syscall such as ftruncate() removes entries from the pagetables of a task that is in the middle of mremap(), a stale TLB entry can remain for a short time that permits access to a physical page after it has been released back to the page allocator and reused. (bnc#1113769).\n- CVE-2018-18397: The userfaultfd implementation mishandled access control for certain UFFDIO_ ioctl calls, as demonstrated by allowing local users to write data into holes in a tmpfs file (if the user has read-only access to that file, and that file contains holes), related to fs/userfaultfd.c and mm/userfaultfd.c (bnc#1117656).\n- CVE-2018-18710: An information leak in cdrom_ioctl_select_disc in drivers/cdrom/cdrom.c could be used by local attackers to read kernel memory because a cast from unsigned long to int interferes with bounds checking. This is similar to CVE-2018-10940 and CVE-2018-16658 (bnc#1113751).\n- CVE-2018-19407: The vcpu_scan_ioapic function in arch/x86/kvm/x86.c allowed local users to cause a denial of service (NULL pointer dereference and BUG) via crafted system calls that reach a situation where ioapic is uninitialized (bnc#1116841).\n- CVE-2018-19824: A local user could exploit a use-after-free in the ALSA driver by supplying a malicious USB Sound device (with zero interfaces) that is mishandled in usb_audio_probe in sound/usb/card.c (bnc#1118152).\n- CVE-2018-19854: An issue was discovered in the crypto_report_one() and related functions in crypto/crypto_user.c (the crypto user configuration API) do not fully initialize structures that are copied to userspace, potentially leaking sensitive memory to user programs. NOTE: this is a CVE-2013-2547 regression but with easier exploitability because the attacker did not need a capability (however, the system must have the CONFIG_CRYPTO_USER kconfig option) (bnc#1118428).\n- CVE-2018-19985: The function hso_probe read if_num from the USB device (as an u8) and used it without a length check to index an array, resulting in an OOB memory read in hso_probe or hso_get_config_data that could be used by local attackers (bnc#1120743).\n- CVE-2018-20169: The USB subsystem mishandled size checks during the reading of an extra descriptor, related to __usb_get_extra_descriptor in drivers/usb/core/usb.c (bnc#1119714).\n\nThe following non-security bugs were fixed:\n\n- acpi/apei: Handle GSIV and GPIO notification types (bsc#1115567).\n- acpica: Tables: Add WSMT support (bsc#1089350).\n- acpi/cpcc: Check for valid PCC subspace only if PCC is used (bsc#1117115).\n- acpi/cpcc: Update all pr_(debug/err) messages to log the susbspace id (bsc#1117115).\n- acpi/iort: Fix iort_get_platform_device_domain() uninitialized pointer value (bsc#1051510).\n- acpi/LPSS: Add alternative ACPI HIDs for Cherry Trail DMA controllers (bsc#1051510).\n- acpi/nfit: Fix ARS overflow continuation (bsc#1116895).\n- acpi/nfit, x86/mce: Handle only uncorrectable machine checks (bsc#1114279).\n- acpi/nfit, x86/mce: Validate a MCE\u0027s address before using it (bsc#1114279).\n- acpi/platform: Add SMB0001 HID to forbidden_id_list (bsc#1051510).\n- acpi/watchdog: Prefer iTCO_wdt always when WDAT table uses RTC SRAM (bsc#1051510).\n- act_ife: fix a potential use-after-free (networking-stable-18_09_11).\n- aio: fix spectre gadget in lookup_ioctx (bsc#1120594).\n- alsa: ac97: Fix incorrect bit shift at AC97-SPSA control write (bsc#1051510).\n- alsa: ca0106: Disable IZD on SB0570 DAC to fix audio pops (bsc#1051510).\n- alsa: control: Fix race between adding and removing a user element (bsc#1051510).\n- alsa: cs46xx: Potential NULL dereference in probe (bsc#1051510).\n- alsa: emu10k1: Fix potential Spectre v1 vulnerabilities (bsc#1051510).\n- alsa: emux: Fix potential Spectre v1 vulnerabilities (bsc#1051510).\n- alsa: fireface: fix for state to fetch PCM frames (bsc#1051510).\n- alsa: fireface: fix reference to wrong register for clock configuration (bsc#1051510).\n- alsa: firewire-lib: fix wrong assignment for \u0027out_packet_without_header\u0027 tracepoint (bsc#1051510).\n- alsa: firewire-lib: fix wrong handling payload_length as payload_quadlet (bsc#1051510).\n- alsa: firewire-lib: use the same print format for \u0027without_header\u0027 tracepoints (bsc#1051510).\n- alsa: hda: Add 2 more models to the power_save blacklist (bsc#1051510).\n- alsa: hda: Add ASRock N68C-S UCC the power_save blacklist (bsc#1051510).\n- alsa: hda - Add mic quirk for the Lenovo G50-30 (17aa:3905) (bsc#1051510).\n- alsa: hda: add mute LED support for HP EliteBook 840 G4 (bsc#1051510).\n- alsa: hda - Add quirk for ASUS G751 laptop (bsc#1051510).\n- alsa: hda: Add support for AMD Stoney Ridge (bsc#1051510).\n- alsa: hda/ca0132 - Call pci_iounmap() instead of iounmap() (bsc#1051510).\n- alsa: hda/ca0132 - make pci_iounmap() call conditional (bsc#1051510).\n- alsa: hda: fix front speakers on Huawei MBXP (bsc#1051510).\n- alsa: hda - Fix headphone pin config for ASUS G751 (bsc#1051510).\n- alsa: hda: fix unused variable warning (bsc#1051510).\n- alsa: hda/realtek - Add auto-mute quirk for HP Spectre x360 laptop (bsc#1051510).\n- alsa: hda/realtek - Add GPIO data update helper (bsc#1051510).\n- alsa: hda/realtek - Add support for Acer Aspire C24-860 headset mic (bsc#1051510).\n- alsa: hda/realtek - Add unplug function into unplug state of Headset Mode for ALC225 (bsc#1051510).\n- alsa: hda/realtek: ALC286 mic and headset-mode fixups for Acer Aspire U27-880 (bsc#1051510).\n- alsa: hda/realtek: ALC294 mic and headset-mode fixups for ASUS X542UN (bsc#1051510).\n- alsa: hda/realtek - Allow skipping spec-\u003einit_amp detection (bsc#1051510).\n- alsa: hda/realtek - Disable headset Mic VREF for headset mode of ALC225 (bsc#1051510).\n- alsa: hda/realtek: Enable audio jacks of ASUS UX391UA with ALC294 (bsc#1051510).\n- alsa: hda/realtek: Enable audio jacks of ASUS UX433FN/UX333FA with ALC294 (bsc#1051510).\n- alsa: hda/realtek: Enable audio jacks of ASUS UX533FD with ALC294 (bsc#1051510).\n- alsa: hda/realtek: Enable the headset mic auto detection for ASUS laptops (bsc#1051510).\n- alsa: hda/realtek - Fixed headphone issue for ALC700 (bsc#1051510).\n- alsa: hda/realtek - fix headset mic detection for MSI MS-B171 (bsc#1051510).\n- alsa: hda/realtek - Fix HP Headset Mic can\u0027t record (bsc#1051510).\n- alsa: hda/realtek: Fix mic issue on Acer AIO Veriton Z4660G (bsc#1051510).\n- alsa: hda/realtek: Fix mic issue on Acer AIO Veriton Z4860G/Z6860G (bsc#1051510).\n- alsa: hda/realtek - Fix speaker output regression on Thinkpad T570 (bsc#1051510).\n- alsa: hda/realtek - Fix the mute LED regresion on Lenovo X1 Carbon (bsc#1051510).\n- alsa: hda/realtek - fix the pop noise on headphone for lenovo laptops (bsc#1051510).\n- alsa: hda/realtek - Fix the problem of the front MIC on the Lenovo M715 (bsc#1051510).\n- alsa: hda/realtek - Manage GPIO bits commonly (bsc#1051510).\n- alsa: hda/realtek - Simplify Dell XPS13 GPIO handling (bsc#1051510).\n- alsa: hda/realtek - Support ALC300 (bsc#1051510).\n- alsa: hda/realtek - Support Dell headset mode for New AIO platform (bsc#1051510).\n- alsa: hda/tegra: clear pending irq handlers (bsc#1051510).\n- alsa: oss: Use kvzalloc() for local buffer allocations (bsc#1051510).\n- alsa: pcm: Call snd_pcm_unlink() conditionally at closing (bsc#1051510).\n- alsa: pcm: Fix interval evaluation with openmin/max (bsc#1051510).\n- alsa: pcm: Fix potential Spectre v1 vulnerability (bsc#1051510).\n- alsa: pcm: Fix starvation on down_write_nonblock() (bsc#1051510).\n- alsa: rme9652: Fix potential Spectre v1 vulnerability (bsc#1051510).\n- alsa: sparc: Fix invalid snd_free_pages() at error path (bsc#1051510).\n- alsa: trident: Suppress gcc string warning (bsc#1051510).\n- alsa: usb-audio: Add SMSL D1 to quirks for native DSD support (bsc#1051510).\n- alsa: usb-audio: Add support for Encore mDSD USB DAC (bsc#1051510).\n- alsa: usb-audio: Add vendor and product name for Dell WD19 Dock (bsc#1051510).\n- alsa: usb-audio: Avoid access before bLength check in build_audio_procunit() (bsc#1051510).\n- alsa: usb-audio: Fix an out-of-bound read in create_composite_quirks (bsc#1051510).\n- alsa: usb-audio: update quirk for B\u0026W PX to remove microphone (bsc#1051510).\n- alsa: wss: Fix invalid snd_free_pages() at error path (bsc#1051510).\n- alsa: x86: Fix runtime PM for hdmi-lpe-audio (bsc#1051510).\n- amd/iommu: Fix Guest Virtual APIC Log Tail Address Register (bsc#1106105).\n- apparmor: do not try to replace stale label in ptrace access check (git-fixes).\n- apparmor: do not try to replace stale label in ptraceme check (git-fixes).\n- apparmor: Fix uninitialized value in aa_split_fqname (git-fixes).\n- arm64: Add work around for Arm Cortex-A55 Erratum 1024718 (bsc#1120612).\n- arm64: atomics: Remove \u0027\u0026\u0027 from \u0027+\u0026\u0027 asm constraint in lse atomics (bsc#1120613).\n- arm64: cpu_errata: include required headers (bsc#1120615).\n- arm64: dma-mapping: Fix FORCE_CONTIGUOUS buffer clearing (bsc#1120633).\n- arm64: Enabled ENA (Amazon network driver) for arm64.\n- arm64: Fix /proc/iomem for reserved but not memory regions (bsc#1120632).\n- arm64: kvm: Move CPU ID reg trap setup off the world switch path (bsc#1110998).\n- arm64: kvm: Sanitize PSTATE.M when being set from userspace (bsc#1110998).\n- arm64: kvm: Tighten guest core register access from userspace (bsc#1110998).\n- arm64: lse: Add early clobbers to some input/output asm operands (bsc#1120614).\n- arm64: lse: remove -fcall-used-x0 flag (bsc#1120618).\n- arm64: mm: always enable CONFIG_HOLES_IN_ZONE (bsc#1120617).\n- arm64/numa: Report correct memblock range for the dummy node (bsc#1120620).\n- arm64/numa: Unify common error path in numa_init() (bsc#1120621).\n- arm64: remove no-op -p linker flag (bsc#1120616).\n- arm: dts: at91: add new compatibility string for macb on sama5d3 (bsc#1051510).\n- ASoC: dapm: Recalculate audio map forcely when card instantiated (bsc#1051510).\n- ASoC: dwc: Added a quirk DW_I2S_QUIRK_16BIT_IDX_OVERRIDE to dwc (bsc#1085535)\n- ASoC: Intel: cht_bsw_max98090: add support for Baytrail (bsc#1051510).\n- ASoC: intel: cht_bsw_max98090_ti: Add pmc_plt_clk_0 quirk for Chromebook Clapper (bsc#1051510).\n- ASoC: intel: cht_bsw_max98090_ti: Add pmc_plt_clk_0 quirk for Chromebook Gnawty (bsc#1051510).\n- ASoC: intel: cht_bsw_max98090_ti: Add quirk for boards using pmc_plt_clk_0 (bsc#1051510).\n- ASoC: Intel: mrfld: fix uninitialized variable access (bsc#1051510).\n- ASoC: intel: skylake: Add missing break in skl_tplg_get_token() (bsc#1051510).\n- ASoC: omap-abe-twl6040: Fix missing audio card caused by deferred probing (bsc#1051510).\n- ASoC: omap-dmic: Add pm_qos handling to avoid overruns with CPU_IDLE (bsc#1051510).\n- ASoC: omap-mcbsp: Fix latency value calculation for pm_qos (bsc#1051510).\n- ASoC: omap-mcpdm: Add pm_qos handling to avoid under/overruns with CPU_IDLE (bsc#1051510).\n- ASoC: rsnd: fixup clock start checker (bsc#1051510).\n- ASoC: sun8i-codec: fix crash on module removal (bsc#1051510).\n- ASoC: wm_adsp: Fix dma-unsafe read of scratch registers (bsc#1051510).\n- ata: Fix racy link clearance (bsc#1107866).\n- ataflop: fix error handling during setup (bsc#1051510).\n- ath10k: do not assume this is a PCI dev in generic code (bsc#1051510).\n- ath10k: schedule hardware restart if WMI command times out (bsc#1051510).\n- ath6kl: Only use match sets when firmware supports it (bsc#1051510).\n- autofs: fix autofs_sbi() does not check super block type (git-fixes).\n- autofs: fix slab out of bounds read in getname_kernel() (git-fixes).\n- autofs: mount point create should honour passed in mode (git-fixes).\n- b43: Fix error in cordic routine (bsc#1051510).\n- badblocks: fix wrong return value in badblocks_set if badblocks are disabled (git-fixes).\n- batman-adv: Expand merged fragment buffer for full packet (bsc#1051510).\n- batman-adv: Use explicit tvlv padding for ELP packets (bsc#1051510).\n- bcache: fix miss key refill-\u003eend in writeback (Git-fixes).\n- bcache: trace missed reading by cache_missed (Git-fixes).\n- bitops: protect variables in bit_clear_unless() macro (bsc#1051510).\n- bitops: protect variables in set_mask_bits() macro (bsc#1051510).\n- blk-mq: remove synchronize_rcu() from blk_mq_del_queue_tag_set() (Git-fixes).\n- block: allow max_discard_segments to be stacked (Git-fixes).\n- block: blk_init_allocated_queue() set q-\u003efq as NULL in the fail case (Git-fixes).\n- block: copy ioprio in __bio_clone_fast() (bsc#1082653).\n- block: really disable runtime-pm for blk-mq (Git-fixes).\n- block: reset bi_iter.bi_done after splitting bio (Git-fixes).\n- block: respect virtual boundary mask in bvecs (bsc#1113412).\n- block/swim: Fix array bounds check (Git-fixes).\n- bluetooth: btbcm: Add entry for BCM4335C0 UART bluetooth (bsc#1051510).\n- bluetooth: SMP: fix crash in unpairing (bsc#1051510).\n- bnxt_en: do not try to offload VLAN \u0027modify\u0027 action (bsc#1050242 ).\n- bnxt_en: Fix enables field in HWRM_QUEUE_COS2BW_CFG request (bsc#1086282).\n- bnxt_en: Fix TX timeout during netpoll (networking-stable-18_10_16).\n- bnxt_en: Fix VNIC reservations on the PF (bsc#1086282 ).\n- bnxt_en: free hwrm resources, if driver probe fails (networking-stable-18_10_16).\n- bnxt_en: get the reduced max_irqs by the ones used by RDMA (bsc#1050242).\n- bonding: avoid possible dead-lock (networking-stable-18_10_16).\n- bonding: fix length of actor system (networking-stable-18_11_02).\n- bonding: fix warning message (networking-stable-18_10_16).\n- bonding: pass link-local packets to bonding master also (networking-stable-18_10_16).\n- bpf: fix check of allowed specifiers in bpf_trace_printk (bsc#1083647).\n- bpf: fix partial copy of map_ptr when dst is scalar (bsc#1083647).\n- bpf, net: add skb_mac_header_len helper (networking-stable-18_09_24).\n- bpf: use per htab salt for bucket hash (git-fixes).\n- bpf: wait for running BPF programs when updating map-in-map (bsc#1083647).\n- brcmfmac: fix for proper support of 160MHz bandwidth (bsc#1051510).\n- brcmfmac: fix reporting support for 160 MHz channels (bsc#1051510).\n- brcmutil: really fix decoding channel info for 160 MHz bandwidth (bsc#1051510).\n- bridge: do not add port to router list when receives query with source 0.0.0.0 (networking-stable-18_11_02).\n- btrfs: Always try all copies when reading extent buffers (git-fixes).\n- btrfs: delete dead code in btrfs_orphan_add() (bsc#1111469).\n- btrfs: delete dead code in btrfs_orphan_commit_root() (bsc#1111469).\n- btrfs: do not BUG_ON() in btrfs_truncate_inode_items() (bsc#1111469).\n- btrfs: do not check inode\u0027s runtime flags under root-\u003eorphan_lock (bsc#1111469).\n- btrfs: do not return ino to ino cache if inode item removal fails (bsc#1111469).\n- btrfs: Enhance btrfs_trim_fs function to handle error better (Dependency for bsc#1113667).\n- btrfs: Ensure btrfs_trim_fs can trim the whole filesystem (bsc#1113667).\n- btrfs: fix assertion failure during fsync in no-holes mode (bsc#1118136).\n- btrfs: fix assertion on fsync of regular file when using no-holes feature (bsc#1118137).\n- btrfs: fix cur_offset in the error case for nocow (bsc#1118140).\n- btrfs: fix data corruption due to cloning of eof block (bsc#1116878).\n- btrfs: fix deadlock on tree root leaf when finding free extent (bsc#1116876).\n- btrfs: fix deadlock when writing out free space caches (bsc#1116700).\n- btrfs: fix ENOSPC caused by orphan items reservations (bsc#1111469).\n- btrfs: Fix error handling in btrfs_cleanup_ordered_extents (git-fixes).\n- btrfs: fix error handling in btrfs_truncate() (bsc#1111469).\n- btrfs: fix error handling in btrfs_truncate_inode_items() (bsc#1111469).\n- btrfs: fix fsync of files with multiple hard links in new directories (1120173).\n- btrfs: fix infinite loop on inode eviction after deduplication of eof block (bsc#1116877).\n- btrfs: Fix memory barriers usage with device stats counters (git-fixes).\n- btrfs: fix null pointer dereference on compressed write path error (bsc#1116698).\n- btrfs: fix use-after-free during inode eviction (bsc#1116701).\n- btrfs: fix use-after-free on root-\u003eorphan_block_rsv (bsc#1111469).\n- btrfs: fix use-after-free when dumping free space (bsc#1116862).\n- btrfs: fix warning when replaying log after fsync of a tmpfile (bsc#1116692).\n- btrfs: fix wrong dentries after fsync of file that got its parent replaced (bsc#1116693).\n- btrfs: get rid of BTRFS_INODE_HAS_ORPHAN_ITEM (bsc#1111469).\n- btrfs: get rid of unused orphan infrastructure (bsc#1111469).\n- btrfs: make sure we create all new block groups (bsc#1116699).\n- btrfs: move btrfs_truncate_block out of trans handle (bsc#1111469).\n- btrfs: protect space cache inode alloc with GFP_NOFS (bsc#1116863).\n- btrfs: qgroup: Dirty all qgroups before rescan (bsc#1120036).\n- btrfs: refactor btrfs_evict_inode() reserve refill dance (bsc#1111469).\n- btrfs: renumber BTRFS_INODE_ runtime flags and switch to enums (bsc#1111469).\n- btrfs: reserve space for O_TMPFILE orphan item deletion (bsc#1111469).\n- btrfs: run delayed items before dropping the snapshot (bsc#1121263, bsc#1111188).\n- btrfs: send, fix infinite loop due to directory rename dependencies (bsc#1118138).\n- btrfs: stop creating orphan items for truncate (bsc#1111469).\n- btrfs: tree-checker: Do not check max block group size as current max chunk size limit is unreliable (fixes for bsc#1102882, bsc#1102896, bsc#1102879, bsc#1102877, bsc#1102875).\n- btrfs: update stale comments referencing vmtruncate() (bsc#1111469).\n- cachefiles: fix the race between cachefiles_bury_object() and rmdir(2) (bsc#1051510).\n- can: dev: __can_get_echo_skb(): Do not crash the kernel if can_priv::echo_skb is accessed out of bounds (bsc#1051510).\n- can: dev: can_get_echo_skb(): factor out non sending code to __can_get_echo_skb() (bsc#1051510).\n- can: dev: __can_get_echo_skb(): print error message, if trying to echo non existing skb (bsc#1051510).\n- can: dev: __can_get_echo_skb(): replace struct can_frame by canfd_frame to access frame length (bsc#1051510).\n- can: flexcan: flexcan_irq(): fix indention (bsc#1051510).\n- can: hi311x: Use level-triggered interrupt (bsc#1051510).\n- can: raw: check for CAN FD capable netdev in raw_sendmsg() (bsc#1051510).\n- can: rcar_can: Fix erroneous registration (bsc#1051510).\n- can: rx-offload: introduce can_rx_offload_get_echo_skb() and can_rx_offload_queue_sorted() functions (bsc#1051510).\n- cdc-acm: correct counting of UART states in serial state notification (bsc#1051510).\n- cdc-acm: do not reset notification buffer index upon urb unlinking (bsc#1051510).\n- cdrom: do not attempt to fiddle with cdo-\u003ecapability (bsc#1051510).\n- ceph: do not update importing cap\u0027s mseq when handing cap export (bsc#1121273).\n- ceph: fix dentry leak in ceph_readdir_prepopulate (bsc#1114839).\n- ceph: quota: fix null pointer dereference in quota check (bsc#1114839).\n- cfg80211: Address some corner cases in scan result channel updating (bsc#1051510).\n- cfg80211: fix use-after-free in reg_process_hint() (bsc#1051510).\n- char_dev: extend dynamic allocation of majors into a higher range (bsc#1121058).\n- char_dev: Fix off-by-one bugs in find_dynamic_major() (bsc#1121058).\n- clk: at91: Fix division by zero in PLL recalc_rate() (bsc#1051510).\n- clk: fixed-factor: fix of_node_get-put imbalance (bsc#1051510).\n- clk: fixed-rate: fix of_node_get-put imbalance (bsc#1051510).\n- clk: mmp2: fix the clock id for sdh2_clk and sdh3_clk (bsc#1051510).\n- clk: mmp: Off by one in mmp_clk_add() (bsc#1051510).\n- clk: mvebu: Off by one bugs in cp110_of_clk_get() (bsc#1051510).\n- clk: rockchip: Fix static checker warning in rockchip_ddrclk_get_parent call (bsc#1051510).\n- clk: s2mps11: Add used attribute to s2mps11_dt_match (bsc#1051510).\n- clk: s2mps11: Fix matching when built as module and DT node contains compatible (bsc#1051510).\n- clk: samsung: exynos5420: Enable PERIS clocks for suspend (bsc#1051510).\n- clockevents/drivers/i8253: Add support for PIT shutdown quirk (bsc#1051510).\n- compiler-gcc.h: Add __attribute__((gnu_inline)) to all inline declarations (git-fixes).\n- config: arm64: enable erratum 1024718\n- configfs: replace strncpy with memcpy (bsc#1051510).\n- cpufeature: avoid warning when compiling with clang (Git-fixes).\n- cpufreq / CPPC: Add cpuinfo_cur_freq support for CPPC (bsc#1117115).\n- cpufreq: CPPC: fix build in absence of v3 support (bsc#1117115).\n- cpupower: remove stringop-truncation waring (git-fixes).\n- crypto: bcm - fix normal/non key hash algorithm failure (bsc#1051510).\n- crypto: caam - fix implicit casts in endianness helpers (bsc#1051510).\n- crypto: ccp - Add DOWNLOAD_FIRMWARE SEV command ().\n- crypto: ccp - Add GET_ID SEV command ().\n- crypto: ccp - Add psp enabled message when initialization succeeds ().\n- crypto: ccp - Add support for new CCP/PSP device ID ().\n- crypto: ccp - Allow SEV firmware to be chosen based on Family and Model ().\n- crypto: ccp - Fix static checker warning ().\n- crypto: ccp - Remove unused #defines ().\n- crypto: ccp - Support register differences between PSP devices ().\n- crypto: lrw - Fix out-of bounds access on counter overflow (bsc#1051510).\n- crypto: simd - correctly take reqsize of wrapped skcipher into account (bsc#1051510).\n- crypto: tcrypt - fix ghash-generic speed test (bsc#1051510).\n- dasd: fix deadlock in dasd_times_out (bsc#1121477, LTC#174111).\n- dax: Check page-\u003emapping isn\u0027t NULL (bsc#1120054).\n- dax: Do not access a freed inode (bsc#1120055).\n- device property: Define type of PROPERTY_ENRTY_*() macros (bsc#1051510).\n- device property: fix fwnode_graph_get_next_endpoint() documentation (bsc#1051510).\n- disable stringop truncation warnings for now (git-fixes).\n- dm: allocate struct mapped_device with kvzalloc (Git-fixes).\n- dm cache: destroy migration_cache if cache target registration failed (Git-fixes).\n- dm cache: fix resize crash if user does not reload cache table (Git-fixes).\n- dm cache metadata: ignore hints array being too small during resize (Git-fixes).\n- dm cache metadata: save in-core policy_hint_size to on-disk superblock (Git-fixes).\n- dm cache metadata: set dirty on all cache blocks after a crash (Git-fixes).\n- dm cache: only allow a single io_mode cache feature to be requested (Git-fixes).\n- dm crypt: do not decrease device limits (Git-fixes).\n- dm: fix report zone remapping to account for partition offset (Git-fixes).\n- dm integrity: change \u0027suspending\u0027 variable from bool to int (Git-fixes).\n- dm ioctl: harden copy_params()\u0027s copy_from_user() from malicious users (Git-fixes).\n- dm linear: eliminate linear_end_io call if CONFIG_DM_ZONED disabled (Git-fixes).\n- dm linear: fix linear_end_io conditional definition (Git-fixes).\n- dm thin: handle running out of data space vs concurrent discard (Git-fixes).\n- dm thin metadata: remove needless work from __commit_transaction (Git-fixes).\n- dm thin: stop no_space_timeout worker when switching to write-mode (Git-fixes).\n- dm writecache: fix a crash due to reading past end of dirty_bitmap (Git-fixes).\n- dm writecache: report start_sector in status line (Git-fixes).\n- dm zoned: fix metadata block ref counting (Git-fixes).\n- dm zoned: fix various dmz_get_mblock() issues (Git-fixes).\n- doc/README.SUSE: correct GIT url No more gitorious, github we use.\n- Documentation/l1tf: Fix small spelling typo (bsc#1051510).\n- Documentation/l1tf: Fix typos (bsc#1051510).\n- Documentation/l1tf: Remove Yonah processors from not vulnerable list (bsc#1051510).\n- do d_instantiate/unlock_new_inode combinations safely (git-fixes).\n- driver/dma/ioat: Call del_timer_sync() without holding prep_lock (bsc#1051510).\n- drivers/net/usb: add device id for TP-LINK UE300 USB 3.0 Ethernet (bsc#1119749).\n- drivers/net/usb/r8152: remove the unneeded variable \u0027ret\u0027 in rtl8152_system_suspend (bsc#1119749).\n- drivers/tty: add missing of_node_put() (bsc#1051510).\n- drm/amdgpu: add missing CHIP_HAINAN in amdgpu_ucode_get_load_type (bsc#1051510).\n- drm/amdgpu/gmc8: update MC firmware for polaris (bsc#1113722)\n- drm/amdgpu/powerplay: fix missing break in switch statements (bsc#1113722)\n- drm/amdgpu: update mc firmware image for polaris12 variants (bsc#1113722)\n- drm/amdgpu: update SMC firmware image for polaris10 variants (bsc#1113722)\n- drm/ast: change resolution may cause screen blurred (boo#1112963).\n- drm/ast: fixed cursor may disappear sometimes (bsc#1051510).\n- drm/ast: Fix incorrect free on ioregs (bsc#1051510).\n- drm/ast: Remove existing framebuffers before loading driver (boo#1112963)\n- drm/dp_mst: Check if primary mstb is null (bsc#1051510).\n- drm/dp_mst: Skip validating ports during destruction, just ref (bsc#1051510).\n- drm/edid: Add 6 bpc quirk for BOE panel (bsc#1051510).\n- drm/edid: Add 6 bpc quirk for BOE panel in HP Pavilion 15-n233sl (bsc#1113722)\n- drm/fb-helper: Ignore the value of fb_var_screeninfo.pixclock (bsc#1113722)\n- drm: fb-helper: Reject all pixel format changing requests (bsc#1113722)\n- drm/hisilicon: hibmc: Do not carry error code in HiBMC framebuffer (bsc#1113722)\n- drm/hisilicon: hibmc: Do not overwrite fb helper surface depth (bsc#1113722)\n- drm/i915/audio: Hook up component bindings even if displays are (bsc#1113722)\n- drm/i915: Do not oops during modeset shutdown after lpe audio deinit (bsc#1051510).\n- drm/i915: Do not unset intel_connector-\u003emst_port (bsc#1051510).\n- drm/i915/dp: Link train Fallback on eDP only if fallback link BW can fit panel\u0027s native mode (bsc#1051510).\n- drm/i915/execlists: Apply a full mb before execution for Braswell (bsc#1113722)\n- drm/i915/execlists: Force write serialisation into context image vs execution (bsc#1051510).\n- drm/i915: Fix ilk+ watermarks when disabling pipes (bsc#1051510).\n- drm/i915/gen9+: Fix initial readout for Y tiled framebuffers (bsc#1113722)\n- drm/i915/glk: Remove 99% limitation (bsc#1051510).\n- drm/i915/hdmi: Add HDMI 2.0 audio clock recovery N values (bsc#1051510).\n- drm/i915: Large page offsets for pread/pwrite (bsc#1051510).\n- drm/i915: Mark pin flags as u64 (bsc#1051510).\n- drm/i915: Restore vblank interrupts earlier (bsc#1051510).\n- drm/i915: Skip vcpi allocation for MSTB ports that are gone (bsc#1051510).\n- drm/i915: Write GPU relocs harder with gen3 (bsc#1051510).\n- drm/ioctl: Fix Spectre v1 vulnerabilities (bsc#1113722)\n- drm/mediatek: fix OF sibling-node lookup (bsc#1106110)\n- drm/meson: add support for 1080p25 mode (bsc#1051510).\n- drm/meson: Enable fast_io in meson_dw_hdmi_regmap_config (bsc#1051510).\n- drm/meson: Fix OOB memory accesses in meson_viu_set_osd_lut() (bsc#1051510).\n- drm/msm: fix OF child-node lookup (bsc#1106110)\n- drm/nouveau: Check backlight IDs are \u003e= 0, not \u003e 0 (bsc#1051510).\n- drm/nouveau: Do not disable polling in fallback mode (bsc#1103356).\n- drm/nouveau/kms: Fix memory leak in nv50_mstm_del() (bsc#1113722)\n- drm/omap: fix memory barrier bug in DMM driver (bsc#1051510).\n- drm: rcar-du: Fix external clock error checks (bsc#1113722)\n- drm: rcar-du: Fix vblank initialization (bsc#1113722)\n- drm/rockchip: Allow driver to be shutdown on reboot/kexec (bsc#1051510).\n- drm/rockchip: psr: do not dereference encoder before it is null (bsc#1113722)\n- drm: set is_master to 0 upon drm_new_set_master() failure (bsc#1113722)\n- drm/sti: do not remove the drm_bridge that was never added (bsc#1100132)\n- drm/vc4: Set -\u003eis_yuv to false when num_planes == 1 (bsc#1113722)\n- drm/vc4: -\u003ex_scaling[1] should never be set to VC4_SCALING_NONE (bsc#1113722)\n- drm/virtio: fix bounds check in virtio_gpu_cmd_get_capset() (bsc#1113722)\n- dt-bindings: add compatible string for Allwinner V3s SoC (git-fixes).\n- dt-bindings: arm: Document SoC compatible value for Armadillo-800 EVA (git-fixes).\n- dt-bindings: clock: add rk3399 DDR3 standard speed bins (git-fixes).\n- dt-bindings: clock: mediatek: add binding for fixed-factor clock axisel_d4 (git-fixes).\n- dt-bindings: iio: update STM32 timers clock names (git-fixes).\n- dt-bindings: mfd: axp20x: Add AXP806 to supported list of chips (git-fixes).\n- dt-bindings: net: Remove duplicate NSP Ethernet MAC binding document (git-fixes).\n- dt-bindings: panel: lvds: Fix path to display timing bindings (git-fixes).\n- dt-bindings: phy: sun4i-usb-phy: Add property descriptions for H3 (git-fixes).\n- dt-bindings: pwm: renesas: tpu: Fix \u0027compatible\u0027 prop description (git-fixes).\n- dt-bindings: rcar-dmac: Document missing error interrupt (git-fixes).\n- EDAC, {i7core,sb,skx}_edac: Fix uncorrected error counting (bsc#1114279).\n- EDAC: Raise the maximum number of memory controllers (bsc#1113780).\n- EDAC, skx_edac: Fix logical channel intermediate decoding (bsc#1114279).\n- EDAC, thunderx: Fix memory leak in thunderx_l2c_threaded_isr() (bsc#1114279).\n- efi: Move some sysfs files to be read-only by root (bsc#1051510).\n- ethernet: fman: fix wrong of_node_put() in probe function (bsc#1119017).\n- exportfs: fix \u0027passing zero to ERR_PTR()\u0027 warning (bsc#1118773).\n- ext2: fix potential use after free (bsc#1118775).\n- ext4: add missing brelse() add_new_gdb_meta_bg()\u0027s error path (bsc#1117795).\n- ext4: add missing brelse() in set_flexbg_block_bitmap()\u0027s error path (bsc#1117794).\n- ext4: add missing brelse() update_backups()\u0027s error path (bsc#1117796).\n- ext4: avoid buffer leak in ext4_orphan_add() after prior errors (bsc#1117802).\n- ext4: avoid buffer leak on shutdown in ext4_mark_iloc_dirty() (bsc#1117801).\n- ext4: avoid possible double brelse() in add_new_gdb() on error path (bsc#1118760).\n- ext4: avoid potential extra brelse in setup_new_flex_group_blocks() (bsc#1117792).\n- ext4: fix buffer leak in __ext4_read_dirblock() on error path (bsc#1117807).\n- ext4: fix buffer leak in ext4_xattr_move_to_block() on error path (bsc#1117806).\n- ext4: fix EXT4_IOC_GROUP_ADD ioctl (bsc#1120604).\n- ext4: fix missing cleanup if ext4_alloc_flex_bg_array() fails while resizing (bsc#1117798).\n- ext4: fix possible inode leak in the retry loop of ext4_resize_fs() (bsc#1117799).\n- ext4: fix possible leak of sbi-\u003es_group_desc_leak in error path (bsc#1117803).\n- ext4: fix possible leak of s_journal_flag_rwsem in error path (bsc#1117804).\n- ext4: fix possible use after free in ext4_quota_enable (bsc#1120602).\n- ext4: fix setattr project check in fssetxattr ioctl (bsc#1117789).\n- ext4: fix use-after-free race in ext4_remount()\u0027s error path (bsc#1117791).\n- ext4: initialize retries variable in ext4_da_write_inline_data_begin() (bsc#1117788).\n- ext4: missing unlock/put_page() in ext4_try_to_write_inline_data() (bsc#1120603).\n- ext4: propagate error from dquot_initialize() in EXT4_IOC_FSSETXATTR (bsc#1117790).\n- ext4: release bs.bh before re-using in ext4_xattr_block_find() (bsc#1117805).\n- extable: Consolidate *kernel_text_address() functions (bsc#1120092).\n- extable: Enable RCU if it is not watching in kernel_text_address() (bsc#1120092).\n- fbdev: fbcon: Fix unregister crash when more than one framebuffer (bsc#1113722)\n- fbdev: fbmem: behave better with small rotated displays and many CPUs (bsc#1113722)\n- fbdev: fix broken menu dependencies (bsc#1113722)\n- firmware: add firmware_request_nowarn() - load firmware without warnings ().\n- firmware: dcdbas: Add support for WSMT ACPI table (bsc#1089350 ).\n- firmware: dcdbas: include linux/io.h (bsc#1089350).\n- Fix the breakage of KMP build on x86_64 (bsc#1121017).\n- Fix tracing sample code warning (git-fixes).\n- floppy: fix race condition in __floppy_read_block_0() (bsc#1051510).\n- flow_dissector: do not dissect l4 ports for fragments (networking-stable-18_11_21).\n- fscache: fix race between enablement and dropping of object (bsc#1107385).\n- fscache: Fix race in fscache_op_complete() due to split atomic_sub \u0026 read (Git-fixes).\n- fscache: Pass the correct cancelled indications to fscache_op_complete() (Git-fixes).\n- fs: dcache: Avoid livelock between d_alloc_parallel and __d_add (git-fixes).\n- fs/dcache.c: fix kmemcheck splat at take_dentry_name_snapshot() (git-fixes).\n- fs: dcache: Use READ_ONCE when accessing i_dir_seq (git-fixes).\n- fs: Do not leak MNT_INTERNAL away from internal mounts (git-fixes).\n- fs: fix lost error code in dio_complete (bsc#1118762).\n- fs: Make extension of struct super_block transparent (bsc#1117822).\n- fsnotify: Fix busy inodes during unmount (bsc#1117822).\n- fsnotify: fix ignore mask logic in fsnotify() (bsc#1115074).\n- fs/xfs: Use %pS printk format for direct addresses (git-fixes).\n- ftrace: Fix debug preempt config name in stack_tracer_{en,dis}able (bsc#1117172).\n- ftrace: Fix kmemleak in unregister_ftrace_graph (bsc#1117181).\n- ftrace: Fix memleak when unregistering dynamic ops when tracing disabled (bsc#1117174).\n- ftrace: Remove incorrect setting of glob search field (bsc#1117184).\n- fuse: fix blocked_waitq wakeup (git-fixes).\n- fuse: fix leaked notify reply (git-fixes).\n- fuse: fix possibly missed wake-up after abort (git-fixes).\n- fuse: Fix use-after-free in fuse_dev_do_read() (git-fixes).\n- fuse: Fix use-after-free in fuse_dev_do_write() (git-fixes).\n- fuse: fix use-after-free in fuse_direct_IO() (git-fixes).\n- fuse: set FR_SENT while locked (git-fixes).\n- gcc-plugins: Add include required by GCC release 8 (git-fixes).\n- gcc-plugins: Use dynamic initializers (git-fixes).\n- genirq: Fix race on spurious interrupt detection (bsc#1051510).\n- getname_kernel() needs to make sure that -\u003ename != -\u003einame in long case (git-fixes).\n- gfs2: Do not leave s_fs_info pointing to freed memory in init_sbd (bsc#1118769).\n- gfs2: Fix loop in gfs2_rbm_find (bsc#1120601).\n- gfs2: Get rid of potential double-freeing in gfs2_create_inode (bsc#1120600).\n- gfs2_meta: -\u003emount() can get NULL dev_name (bsc#1118768).\n- gfs2: Put bitmap buffers in put_super (bsc#1118772).\n- git_sort.py: Remove non-existent remote tj/libata\n- gpio: davinci: Remove unused member of davinci_gpio_controller (git-fixes).\n- gpio: do not free unallocated ida on gpiochip_add_data_with_key() error path (bsc#1051510).\n- gpiolib-acpi: Only defer request_irq for GpioInt ACPI event handlers (bsc#1051510).\n- gpiolib: Fix return value of gpio_to_desc() stub if !GPIOLIB (bsc#1051510).\n- gpio: max7301: fix driver for use with CONFIG_VMAP_STACK (bsc#1051510).\n- gpio: mvebu: only fail on missing clk if pwm is actually to be used (bsc#1051510).\n- grace: replace BUG_ON by WARN_ONCE in exit_net hook (git-fixes).\n- gso_segment: Reset skb-\u003emac_len after modifying network header (networking-stable-18_09_24).\n- hid: Add quirk for Primax PIXART OEM mice (bsc#1119410).\n- hid: hiddev: fix potential Spectre v1 (bsc#1051510).\n- hid: input: Ignore battery reported by Symbol DS4308 (bsc#1051510).\n- hid: multitouch: Add pointstick support for Cirque Touchpad (bsc#1051510).\n- hid: uhid: forbid UHID_CREATE under KERNEL_DS or elevated privileges (bsc#1051510).\n- hv_netvsc: ignore devices that are not PCI (networking-stable-18_09_11).\n- hwmon: (core) Fix double-free in __hwmon_device_register() (bsc#1051510).\n- hwmon: (ibmpowernv) Remove bogus __init annotations (bsc#1051510).\n- hwmon: (ina2xx) Fix current value calculation (bsc#1051510).\n- hwmon (ina2xx) Fix NULL id pointer in probe() (bsc#1051510).\n- hwmon: (nct6775) Fix potential Spectre v1 (bsc#1051510).\n- hwmon: (pmbus) Fix page count auto-detection (bsc#1051510).\n- hwmon: (pwm-fan) Set fan speed to 0 on suspend (bsc#1051510).\n- hwmon: (raspberrypi) Fix initial notify (bsc#1051510).\n- hwmon: (w83795) temp4_type has writable permission (bsc#1051510).\n- hwpoison, memory_hotplug: allow hwpoisoned pages to be offlined (bnc#1116336).\n- hwrng: core - document the quality field (bsc#1051510).\n- i2c: axxia: properly handle master timeout (bsc#1051510).\n- i2c: scmi: Fix probe error on devices with an empty SMB0001 ACPI device node (bsc#1051510).\n- IB/hfi1: Add mtu check for operational data VLs (bsc#1060463 ).\n- ibmvnic: Convert reset work item mutex to spin lock ().\n- ibmvnic: fix accelerated VLAN handling ().\n- ibmvnic: fix index in release_rx_pools (bsc#1115440, bsc#1115433).\n- ibmvnic: Fix non-atomic memory allocation in IRQ context ().\n- ibmvnic: remove ndo_poll_controller ().\n- ibmvnic: Update driver queues after change in ring size support ().\n- IB/rxe: support for 802.1q VLAN on the listener (bsc#1082387).\n- ieee802154: 6lowpan: set IFLA_LINK (bsc#1051510).\n- ieee802154: at86rf230: switch from BUG_ON() to WARN_ON() on problem (bsc#1051510).\n- ieee802154: at86rf230: use __func__ macro for debug messages (bsc#1051510).\n- ieee802154: fakelb: switch from BUG_ON() to WARN_ON() on problem (bsc#1051510).\n- iio: accel: adxl345: convert address field usage in iio_chan_spec (bsc#1051510).\n- iio: ad5064: Fix regulator handling (bsc#1051510).\n- iio: adc: at91: fix acking DRDY irq on simple conversions (bsc#1051510).\n- iio: adc: at91: fix wrong channel number in triggered buffer mode (bsc#1051510).\n- iio: adc: imx25-gcq: Fix leak of device_node in mx25_gcq_setup_cfgs() (bsc#1051510).\n- iio:st_magn: Fix enable device after trigger (bsc#1051510).\n- ima: fix showing large \u0027violations\u0027 or \u0027runtime_measurements_count\u0027 (bsc#1051510).\n- include/linux/pfn_t.h: force \u0027~\u0027 to be parsed as an unary operator (bsc#1051510).\n- Include modules.fips in kernel-binary as well as kernel-binary-base ().\n- inet: make sure to grab rcu_read_lock before using ireq-\u003eireq_opt (networking-stable-18_10_16).\n- initramfs: fix initramfs rebuilds w/ compression after disabling (git-fixes).\n- Input: add official Raspberry Pi\u0027s touchscreen driver ().\n- Input: cros_ec_keyb - fix button/switch capability reports (bsc#1051510).\n- Input: elan_i2c - add ACPI ID for Lenovo IdeaPad 330-15ARR (bsc#1051510).\n- Input: elan_i2c - add ACPI ID for Lenovo IdeaPad 330-15IGM (bsc#1051510).\n- Input: elan_i2c - add ELAN0620 to the ACPI table (bsc#1051510).\n- Input: elan_i2c - add support for ELAN0621 touchpad (bsc#1051510).\n- Input: hyper-v - fix wakeup from suspend-to-idle (bsc#1051510).\n- Input: matrix_keypad - check for errors from of_get_named_gpio() (bsc#1051510).\n- Input: nomadik-ske-keypad - fix a loop timeout test (bsc#1051510).\n- Input: omap-keypad - fix keyboard debounce configuration (bsc#1051510).\n- Input: synaptics - add PNP ID for ThinkPad P50 to SMBus (bsc#1051510).\n- Input: synaptics - avoid using uninitialized variable when probing (bsc#1051510).\n- Input: synaptics - enable SMBus for HP 15-ay000 (bsc#1051510).\n- Input: xpad - add PDP device id 0x02a4 (bsc#1051510).\n- Input: xpad - add support for Xbox1 PDP Camo series gamepad (bsc#1051510).\n- Input: xpad - avoid using __set_bit() for capabilities (bsc#1051510).\n- Input: xpad - fix some coding style issues (bsc#1051510).\n- Input: xpad - quirk all PDP Xbox One gamepads (bsc#1051510).\n- integrity/security: fix digsig.c build error with header file (bsc#1051510).\n- intel_th: msu: Fix an off-by-one in attribute store (bsc#1051510).\n- iommu/amd: Fix amd_iommu=force_isolation (bsc#1106105).\n- iommu/arm-smmu: Ensure that page-table updates are visible before TLBI (bsc#1106237).\n- iommu/ipmmu-vmsa: Fix crash on early domain free (bsc#1106105).\n- iommu/vt-d: Fix NULL pointer dereference in prq_event_thread() (bsc#1106105).\n- iommu/vt-d: Handle domain agaw being less than iommu agaw (bsc#1106105).\n- iommu/vt-d: Use memunmap to free memremap (bsc#1106105).\n- ip6_tunnel: be careful when accessing the inner header (networking-stable-18_10_16).\n- ip6_tunnel: Fix encapsulation layout (networking-stable-18_11_02).\n- ip6_vti: fix a null pointer deference when destroy vti6 tunnel (networking-stable-18_09_11).\n- ipmi: Fix timer race with module unload (bsc#1051510).\n- ip_tunnel: be careful when accessing the inner header (networking-stable-18_10_16).\n- ip_tunnel: do not force DF when MTU is locked (networking-stable-18_11_21).\n- ipv4: lock mtu in fnhe when received PMTU \u003c net.ipv4.route.min_pmtu (networking-stable-18_11_21).\n- ipv4: tcp: send zero IPID for RST and ACK sent in SYN-RECV and TIME-WAIT state (networking-stable-18_09_11).\n- ipv6: Fix PMTU updates for UDP/raw sockets in presence of VRF (networking-stable-18_11_21).\n- ipv6: fix possible use-after-free in ip6_xmit() (networking-stable-18_09_24).\n- ipv6: mcast: fix a use-after-free in inet6_mc_check (networking-stable-18_11_02).\n- ipv6/ndisc: Preserve IPv6 control buffer if protocol error handlers are called (networking-stable-18_11_02).\n- ipv6: take rcu lock in rawv6_send_hdrinc() (networking-stable-18_10_16).\n- iwlwifi: add new cards for 9560, 9462, 9461 and killer series (bsc#1051510).\n- iwlwifi: dbg: allow wrt collection before ALIVE (bsc#1051510).\n- iwlwifi: do not WARN on trying to dump dead firmware (bsc#1051510).\n- iwlwifi: fix LED command capability bit (bsc#1119086).\n- iwlwifi: fix non_shared_ant for 22000 devices (bsc#1119086).\n- iwlwifi: fix wrong WGDS_WIFI_DATA_SIZE (bsc#1119086).\n- iwlwifi: mvm: check for short GI only for OFDM (bsc#1051510).\n- iwlwifi: mvm: check return value of rs_rate_from_ucode_rate() (bsc#1051510).\n- iwlwifi: mvm: do not send GEO_TX_POWER_LIMIT to old firmwares (bsc#1119086).\n- iwlwifi: mvm: do not use SAR Geo if basic SAR is not used (bsc#1051510).\n- iwlwifi: mvm: fix BAR seq ctrl reporting (bsc#1051510).\n- iwlwifi: mvm: fix regulatory domain update when the firmware starts (bsc#1051510).\n- iwlwifi: mvm: support sta_statistics() even on older firmware (bsc#1051510).\n- iwlwifi: nvm: get num of hw addresses from firmware (bsc#1119086).\n- iwlwifi: pcie: avoid empty free RB queue (bsc#1051510).\n- iwlwifi: pcie: do not reset TXQ write pointer (bsc#1051510).\n- jffs2: free jffs2_sb_info through jffs2_kill_sb() (bsc#1118767).\n- jump_label: Split out code under the hotplug lock (bsc#1106913).\n- kabi: hide new member in struct iommu_table from genksyms (bsc#1061840).\n- kabi: hwpoison, memory_hotplug: allow hwpoisoned pages to be offlined (bnc#1116336).\n- kabi: mask raw in struct bpf_reg_state (bsc#1083647).\n- kabi: powerpc: export __find_linux_pte as __find_linux_pte_or_hugepte (bsc#1061840).\n- kabi: powerpc: Revert npu callback signature change (bsc#1055120).\n- kabi protect hnae_ae_ops (bsc#1104353).\n- kabi/severities: ignore __xive_vm_h_* KVM internal symbols.\n- kbuild: allow to use GCC toolchain not in Clang search path (git-fixes).\n- kbuild: fix # escaping in .cmd files for future Make (git-fixes).\n- kbuild: fix kernel/bounds.c \u0027W=1\u0027 warning (bsc#1051510).\n- kbuild: fix linker feature test macros when cross compiling with Clang (git-fixes).\n- kbuild: make missing $DEPMOD a Warning instead of an Error (git-fixes).\n- kbuild: move \u0027_all\u0027 target out of $(KBUILD_SRC) conditional (bsc#1114279).\n- kbuild: rpm-pkg: keep spec file until make mrproper (git-fixes).\n- kbuild: suppress packed-not-aligned warning for default setting only (git-fixes).\n- kbuild: verify that $DEPMOD is installed (git-fixes).\n- kdb: use memmove instead of overlapping memcpy (bsc#1120954).\n- kernfs: Replace strncpy with memcpy (bsc#1120053).\n- kernfs: update comment about kernfs_path() return value (bsc#1051510).\n- keys: Fix the use of the C++ keyword \u0027private\u0027 in uapi/linux/keyctl.h (Git-fixes).\n- kgdboc: Passing ekgdboc to command line causes panic (bsc#1051510).\n- kobject: Replace strncpy with memcpy (git-fixes).\n- kprobes: Make list and blacklist root user read only (git-fixes).\n- kvm: arm/arm64: Introduce vcpu_el1_is_32bit (bsc#1110998).\n- kvm: nVMX: Always reflect #NM VM-exits to L1 (bsc#1106240).\n- kvm: nVMX: move check_vmentry_postreqs() call to nested_vmx_enter_non_root_mode() (bsc#1106240).\n- kvm: PPC: Add pt_regs into kvm_vcpu_arch and move vcpu-\u003earch.gpr[] into it (bsc#1061840).\n- kvm: PPC: Avoid marking DMA-mapped pages dirty in real mode (bsc#1061840).\n- kvm: PPC: Book3S: Add MMIO emulation for VMX instructions (bsc#1061840).\n- kvm: PPC: Book3S: Allow backing bigger guest IOMMU pages with smaller physical pages (bsc#1061840).\n- kvm: PPC: Book3S: Check KVM_CREATE_SPAPR_TCE_64 parameters (bsc#1061840).\n- kvm: PPC: Book3S: Eliminate some unnecessary checks (bsc#1061840).\n- kvm: PPC: Book3S: Fix compile error that occurs with some gcc versions (bsc#1061840).\n- kvm: PPC: Book3S: Fix matching of hardware and emulated TCE tables (bsc#1061840).\n- kvm: PPC: Book3S HV: Add of_node_put() in success path (bsc#1061840).\n- kvm: PPC: Book3S HV: Add \u0027online\u0027 register to ONE_REG interface (bsc#1061840).\n- kvm: PPC: Book3S HV: Allow creating max number of VCPUs on POWER9 (bsc#1061840).\n- kvm: PPC: Book3S HV: Allow HPT and radix on the same core for POWER9 v2.2 (bsc#1061840).\n- kvm: PPC: Book3S HV: Avoid crash from THP collapse during radix page fault (bsc#1061840).\n- kvm: PPC: Book3S HV: Avoid shifts by negative amounts (bsc#1061840).\n- kvm: PPC: Book3S HV: Check DR not IR to chose real vs virt mode MMIOs (bsc#1061840).\n- kvm: PPC: Book3S HV: Do not truncate HPTE index in xlate function (bsc#1061840).\n- kvm: PPC: Book3S HV: Do not use compound_order to determine host mapping size (bsc#1061840).\n- kvm: PPC: Book3S HV: Do not use existing \u0027prodded\u0027 flag for XIVE escalations (bsc#1061840).\n- kvm: PPC: Book 3S HV: Do ptesync in radix guest exit path (bsc#1061840).\n- kvm: PPC: Book3S HV: Do SLB load/unload with guest LPCR value loaded (bsc#1061840).\n- kvm: PPC: Book3S HV: Enable migration of decrementer register (bsc#1061840).\n- kvm: PPC: Book3S HV: Factor fake-suspend handling out of kvmppc_save/restore_tm (bsc#1061840).\n- kvm: PPC: Book3S HV: Fix conditions for starting vcpu (bsc#1061840).\n- kvm: PPC: Book3S HV: Fix constant size warning (bsc#1061840).\n- kvm: PPC: Book3S HV: Fix duplication of host SLB entries (bsc#1061840).\n- kvm: PPC: Book3S HV: Fix guest r11 corruption with POWER9 TM workarounds (bsc#1061840).\n- kvm: PPC: Book3S HV: Fix handling of large pages in radix page fault handler (bsc#1061840).\n- kvm: PPC: Book3S HV: Fix handling of secondary HPTEG in HPT resizing code (bsc#1061840).\n- kvm: PPC: Book3S HV: Fix inaccurate comment (bsc#1061840).\n- kvm: PPC: Book3S HV: Fix kvmppc_bad_host_intr for real mode interrupts (bsc#1061840).\n- kvm: PPC: Book3S HV: Fix trap number return from __kvmppc_vcore_entry (bsc#1061840).\n- kvm: PPC: Book3S HV: Fix typo in kvmppc_hv_get_dirty_log_radix() (bsc#1061840).\n- kvm: PPC: Book3S HV: Fix VRMA initialization with 2MB or 1GB memory backing (bsc#1061840).\n- kvm: PPC: Book3S HV: Handle 1GB pages in radix page fault handler (bsc#1061840).\n- kvm: PPC: Book3S HV: Improve handling of debug-trigger HMIs on POWER9 (bsc#1061840).\n- kvm: PPC: Book3S HV: Keep XIVE escalation interrupt masked unless ceded (bsc#1061840).\n- kvm: PPC: Book3S HV: Lockless tlbie for HPT hcalls (bsc#1061840).\n- kvm: PPC: Book3S HV: Make HPT resizing work on POWER9 (bsc#1061840).\n- kvm: PPC: Book3S HV: Make radix clear pte when unmapping (bsc#1061840).\n- kvm: PPC: Book3S HV: Make radix use correct tlbie sequence in kvmppc_radix_tlbie_page (bsc#1061840).\n- kvm: PPC: Book3S HV: Make xive_pushed a byte, not a word (bsc#1061840).\n- kvm: PPC: Book3S HV: Pack VCORE IDs to access full VCPU ID space (bsc#1061840).\n- kvm: PPC: Book3S HV: radix: Do not clear partition PTE when RC or write bits do not match (bsc#1061840).\n- kvm: PPC: Book3S HV: Radix page fault handler optimizations (bsc#1061840).\n- kvm: PPC: Book3S HV: radix: Refine IO region partition scope attributes (bsc#1061840).\n- kvm: PPC: Book3S HV: Read kvm-\u003earch.emul_smt_mode under kvm-\u003elock (bsc#1061840).\n- kvm: PPC: Book3S HV: Recursively unmap all page table entries when unmapping (bsc#1061840).\n- kvm: PPC: Book3S HV: Remove useless statement (bsc#1061840).\n- kvm: PPC: Book3S HV: Remove vcpu-\u003earch.dec usage (bsc#1061840).\n- kvm: PPC: Book3S HV: Send kvmppc_bad_interrupt NMIs to Linux handlers (bsc#1061840).\n- kvm: PPC: Book3S HV: Set RWMR on POWER8 so PURR/SPURR count correctly (bsc#1061840).\n- kvm: PPC: Book3S HV: Snapshot timebase offset on guest entry (bsc#1061840).\n- kvm: PPC: Book3S HV: Streamline setting of reference and change bits (bsc#1061840).\n- kvm: PPC: Book3S HV: Use a helper to unmap ptes in the radix fault path (bsc#1061840).\n- kvm: PPC: Book3S HV: Use __gfn_to_pfn_memslot() in page fault handler (bsc#1061840).\n- kvm: PPC: Book3S HV: XIVE: Resend re-routed interrupts on CPU priority change (bsc#1061840).\n- kvm: PPC: Book3S PR: Add guest MSR parameter for kvmppc_save_tm()/kvmppc_restore_tm() (bsc#1061840).\n- kvm: PPC: Book3S PR: Enable use on POWER9 inside HPT-mode guests (bsc#1118484).\n- kvm: PPC: Book3S PR: Move kvmppc_save_tm/kvmppc_restore_tm to separate file (bsc#1061840).\n- kvm: PPC: Book3S: Use correct page shift in H_STUFF_TCE (bsc#1061840).\n- kvm: PPC: Fix a mmio_host_swabbed uninitialized usage issue (bsc#1061840).\n- kvm: PPC: Make iommu_table::it_userspace big endian (bsc#1061840).\n- kvm: PPC: Move nip/ctr/lr/xer registers to pt_regs in kvm_vcpu_arch (bsc#1061840).\n- kvm: PPC: Use seq_puts() in kvmppc_exit_timing_show() (bsc#1061840).\n- kvm: s390: vsie: copy wrapping keys to right place (git-fixes).\n- kvm: svm: Ensure an IBPB on all affected CPUs when freeing a vmcb (bsc#1114279).\n- kvm: VMX: re-add ple_gap module parameter (bsc#1106240).\n- kvm: x86: Fix kernel info-leak in KVM_HC_CLOCK_PAIRING hypercall (bsc#1106240).\n- libata: whitelist all SAMSUNG MZ7KM* solid-state disks (bsc#1051510).\n- libceph: bump CEPH_MSG_MAX_DATA_LEN (bsc#1114839).\n- libceph: fall back to sendmsg for slab pages (bsc#1118316).\n- libertas: do not set URB_ZERO_PACKET on IN USB transfer (bsc#1051510).\n- libertas_tf: prevent underflow in process_cmdrequest() (bsc#1119086).\n- libnvdimm, dimm: Maximize label transfer size (bsc#1111921, bsc#1113408, bsc#1113972).\n- libnvdimm: Hold reference on parent while scheduling async init (bsc#1116891).\n- libnvdimm, label: change nvdimm_num_label_slots per UEFI 2.7 (bsc#1111921, bsc#1113408, bsc#1113972).\n- libnvdimm, label: Fix sparse warning (bsc#1111921, bsc#1113408, bsc#1113972).\n- libnvdimm, pfn: Pad pfn namespaces relative to other regions (bsc#1118962).\n- libnvdimm, region: Fail badblocks listing for inactive regions (bsc#1116899).\n- lib/raid6: Fix arm64 test build (bsc#1051510).\n- lib/ubsan.c: do not mark __ubsan_handle_builtin_unreachable as noreturn (bsc#1051510).\n- Limit max FW API version for QCA9377 (bsc#1121714, bsc#1121715).\n- linux/bitmap.h: fix type of nbits in bitmap_shift_right() (bsc#1051510).\n- livepatch: create and include UAPI headers ().\n- llc: set SOCK_RCU_FREE in llc_sap_add_socket() (networking-stable-18_11_02).\n- lockd: fix \u0027list_add double add\u0027 caused by legacy signal interface (git-fixes).\n- locking/barriers: Convert users of lockless_dereference() to READ_ONCE() (Git-fixes).\n- locking/static_keys: Improve uninitialized key warning (bsc#1106913).\n- mac80211: Always report TX status (bsc#1051510).\n- mac80211: Clear beacon_int in ieee80211_do_stop (bsc#1051510).\n- mac80211: fix reordering of buffered broadcast packets (bsc#1051510).\n- mac80211: fix TX status reporting for ieee80211s (bsc#1051510).\n- mac80211_hwsim: do not omit multicast announce of first added radio (bsc#1051510).\n- mac80211_hwsim: fix module init error paths for netlink (bsc#1051510).\n- mac80211_hwsim: Timer should be initialized before device registered (bsc#1051510).\n- mac80211: ignore NullFunc frames in the duplicate detection (bsc#1051510).\n- mac80211: ignore tx status for PS stations in ieee80211_tx_status_ext (bsc#1051510).\n- mac80211: TDLS: fix skb queue/priority assignment (bsc#1051510).\n- mach64: fix display corruption on big endian machines (bsc#1113722)\n- mach64: fix image corruption due to reading accelerator registers (bsc#1113722)\n- mailbox: PCC: handle parse error (bsc#1051510).\n- make sure that __dentry_kill() always invalidates d_seq, unhashed or not (git-fixes).\n- Mark HI and TASKLET softirq synchronous (git-fixes).\n- md: allow metadata updates while suspending an array - fix (git-fixes).\n- MD: fix invalid stored role for a disk - try2 (git-fixes).\n- md: fix NULL dereference of mddev-\u003epers in remove_and_add_spares() (git-fixes).\n- md: fix raid10 hang issue caused by barrier (git-fixes).\n- md/raid10: fix that replacement cannot complete recovery after reassemble (git-fixes).\n- md/raid1: add error handling of read error from FailFast device (git-fixes).\n- md/raid5-cache: disable reshape completely (git-fixes).\n- md/raid5: fix data corruption of replacements after originals dropped (git-fixes).\n- media: cx231xx: fix potential sign-extension overflow on large shift (bsc#1051510).\n- media: dvb: fix compat ioctl translation (bsc#1051510).\n- media: em28xx: fix input name for Terratec AV 350 (bsc#1051510).\n- media: em28xx: Fix use-after-free when disconnecting (bsc#1051510).\n- media: em28xx: make v4l2-compliance happier by starting sequence on zero (bsc#1051510).\n- media: em28xx: use a default format if TRY_FMT fails (bsc#1051510).\n- media: omap3isp: Unregister media device as first (bsc#1051510).\n- media: pci: cx23885: handle adding to list failure (bsc#1051510).\n- media: tvp5150: avoid going past array on v4l2_querymenu() (bsc#1051510).\n- media: tvp5150: fix switch exit in set control handler (bsc#1051510).\n- media: tvp5150: fix width alignment during set_selection() (bsc#1051510).\n- media: uvcvideo: Fix uvc_alloc_entity() allocation alignment (bsc#1051510).\n- media: v4l2-tpg: fix kernel oops when enabling HFLIP and OSD (bsc#1051510).\n- media: vsp1: Fix YCbCr planar formats pitch calculation (bsc#1051510).\n- memory_hotplug: cond_resched in __remove_pages (bnc#1114178).\n- mfd: arizona: Correct calling of runtime_put_sync (bsc#1051510).\n- mfd: menelaus: Fix possible race condition and leak (bsc#1051510).\n- mfd: omap-usb-host: Fix dts probe of children (bsc#1051510).\n- mlxsw: spectrum: Fix IP2ME CPU policer configuration (networking-stable-18_11_21).\n- mmc: bcm2835: reset host on timeout (bsc#1051510).\n- mmc: core: Allow BKOPS and CACHE ctrl even if no HPI support (bsc#1051510).\n- mmc: core: Reset HPI enabled state during re-init and in case of errors (bsc#1051510).\n- mmc: core: Use a minimum 1600ms timeout when enabling CACHE ctrl (bsc#1051510).\n- mmc: dw_mmc-bluefield: Add driver extension (bsc#1118752).\n- mmc: dw_mmc-k3: add sd support for hi3660 (bsc#1118752).\n- mmc: dw_mmc-rockchip: correct property names in debug (bsc#1051510).\n- mmc: OMAP: fix broken MMC on OMAP15XX/OMAP5910/OMAP310 (bsc#1051510).\n- mmc: omap_hsmmc: fix DMA API warning (bsc#1051510).\n- mmc: sdhci: fix the timeout check window for clock and reset (bsc#1051510).\n- mmc: sdhci-pci-o2micro: Add quirk for O2 Micro dev 0x8620 rev 0x01 (bsc#1051510).\n- mm: do not miss the last page because of round-off error (bnc#1118798).\n- mm: do not warn about large allocations for slab (git fixes (slab)).\n- mm: handle no memcg case in memcg_kmem_charge() properly (bnc#1113677).\n- mm/huge_memory.c: reorder operations in __split_huge_page_tail() (VM Functionality bsc#1119962).\n- mm/huge_memory: fix lockdep complaint on 32-bit i_size_read() (VM Functionality, bsc#1121599).\n- mm/huge_memory: rename freeze_page() to unmap_page() (VM Functionality, bsc#1121599).\n- mm/huge_memory: splitting set mapping+index before unfreeze (VM Functionality, bsc#1121599).\n- mm: hugetlb: yield when prepping struct pages (git fixes (memory initialisation)).\n- mm/khugepaged: collapse_shmem() do not crash on Compound (VM Functionality, bsc#1121599).\n- mm/khugepaged: collapse_shmem() remember to clear holes (VM Functionality, bsc#1121599).\n- mm/khugepaged: collapse_shmem() stop if punched or truncated (VM Functionality, bsc#1121599).\n- mm/khugepaged: collapse_shmem() without freezing new_page (VM Functionality, bsc#1121599).\n- mm/khugepaged: fix crashes due to misaccounted holes (VM Functionality, bsc#1121599).\n- mm/khugepaged: minor reorderings in collapse_shmem() (VM Functionality, bsc#1121599).\n- mm: lower the printk loglevel for __dump_page messages (generic hotplug debugability).\n- mm, memory_hotplug: be more verbose for memory offline failures (generic hotplug debugability).\n- mm, memory_hotplug: drop pointless block alignment checks from __offline_pages (generic hotplug debugability).\n- mm, memory_hotplug: print reason for the offlining failure (generic hotplug debugability).\n- mm: migration: fix migration of huge PMD shared pages (bnc#1086423).\n- mm: only report isolation failures when offlining memory (generic hotplug debugability).\n- mm: print more information about mapping in __dump_page (generic hotplug debugability).\n- mm: put_and_wait_on_page_locked() while page is migrated (bnc#1109272).\n- mm: rework memcg kernel stack accounting (bnc#1113677).\n- mm: sections are not offlined during memory hotremove (bnc#1119968).\n- mm: shmem.c: Correctly annotate new inodes for lockdep (Git fixes: shmem).\n- mm/vmstat.c: fix NUMA statistics updates (git fixes).\n- modpost: ignore livepatch unresolved relocations ().\n- mount: Do not allow copying MNT_UNBINDABLE|MNT_LOCKED mounts (bsc#1117819).\n- mount: Prevent MNT_DETACH from disconnecting locked mounts (bsc#1117820).\n- mount: Retest MNT_LOCKED in do_umount (bsc#1117818).\n- Move dell_rbu fix to sorted section (bsc#1087978).\n- mtd: cfi: convert inline functions to macros (git-fixes).\n- mtd: Fix comparison in map_word_andequal() (git-fixes).\n- namei: allow restricted O_CREAT of FIFOs and regular files (bsc#1118766).\n- nbd: do not allow invalid blocksize settings (Git-fixes).\n- neighbour: confirm neigh entries when ARP packet is received (networking-stable-18_09_24).\n- net/af_iucv: drop inbound packets with invalid flags (bnc#1113501, LTC#172679).\n- net/af_iucv: fix skb handling on HiperTransport xmit error (bnc#1113501, LTC#172679).\n- net/appletalk: fix minor pointer leak to userspace in SIOCFINDIPDDPRT (networking-stable-18_09_24).\n- net: aquantia: memory corruption on jumbo frames (networking-stable-18_10_16).\n- net: bcmgenet: Poll internal PHY for GENETv5 (networking-stable-18_11_02).\n- net: bcmgenet: protect stop from timeout (networking-stable-18_11_21).\n- net: bcmgenet: use MAC link status for fixed phy (networking-stable-18_09_11).\n- net: bgmac: Fix endian access in bgmac_dma_tx_ring_free() (bsc#1051510).\n- net: bridge: remove ipv6 zero address check in mcast queries (git-fixes).\n- net: dsa: bcm_sf2: Call setup during switch resume (networking-stable-18_10_16).\n- net: dsa: bcm_sf2: Fix unbind ordering (networking-stable-18_10_16).\n- net: dsa: mv88e6xxx: Fix binding documentation for MDIO busses (git-fixes).\n- net: dsa: qca8k: Add QCA8334 binding documentation (git-fixes).\n- net: ena: add functions for handling Low Latency Queues in ena_com (bsc#1111696 bsc#1117561).\n- net: ena: add functions for handling Low Latency Queues in ena_netdev (bsc#1111696 bsc#1117561).\n- net: ena: change rx copybreak default to reduce kernel memory pressure (bsc#1111696 bsc#1117561).\n- net: ena: complete host info to match latest ENA spec (bsc#1111696 bsc#1117561).\n- net: ena: enable Low Latency Queues (bsc#1111696 bsc#1117561).\n- net: ena: explicit casting and initialization, and clearer error handling (bsc#1111696 bsc#1117561).\n- net: ena: fix auto casting to boolean (bsc#1111696 bsc#1117561).\n- net: ena: fix compilation error in xtensa architecture (bsc#1111696 bsc#1117561).\n- net: ena: fix crash during ena_remove() (bsc#1111696 bsc#1117561).\n- net: ena: fix crash during failed resume from hibernation (bsc#1111696 bsc#1117561).\n- net: ena: fix indentations in ena_defs for better readability (bsc#1111696 bsc#1117561).\n- net: ena: Fix Kconfig dependency on X86 (bsc#1111696 bsc#1117561).\n- net: ena: fix NULL dereference due to untimely napi initialization (bsc#1111696 bsc#1117561).\n- net: ena: fix rare bug when failed restart/resume is followed by driver removal (bsc#1111696 bsc#1117561).\n- net: ena: fix warning in rmmod caused by double iounmap (bsc#1111696 bsc#1117561).\n- net: ena: introduce Low Latency Queues data structures according to ENA spec (bsc#1111696 bsc#1117561).\n- net: ena: limit refill Rx threshold to 256 to avoid latency issues (bsc#1111696 bsc#1117561).\n- net: ena: minor performance improvement (bsc#1111696 bsc#1117561).\n- net: ena: remove ndo_poll_controller (bsc#1111696 bsc#1117561).\n- net: ena: remove redundant parameter in ena_com_admin_init() (bsc#1111696 bsc#1117561).\n- net: ena: update driver version from 2.0.1 to 2.0.2 (bsc#1111696 bsc#1117561).\n- net: ena: update driver version to 2.0.1 (bsc#1111696 bsc#1117561).\n- net: ena: use CSUM_CHECKED device indication to report skb\u0027s checksum status (bsc#1111696 bsc#1117561).\n- net: fec: do not dump RX FIFO register when not available (networking-stable-18_11_02).\n- net-gro: reset skb-\u003epkt_type in napi_reuse_skb() (networking-stable-18_11_21).\n- net: hns3: Add nic state check before calling netif_tx_wake_queue (bsc#1104353).\n- net: hns3: Add support for hns3_nic_netdev_ops.ndo_do_ioctl (bsc#1104353).\n- net: hns3: bugfix for buffer not free problem during resetting (bsc#1104353).\n- net: hns3: bugfix for handling mailbox while the command queue reinitialized (bsc#1104353).\n- net: hns3: bugfix for hclge_mdio_write and hclge_mdio_read (bsc#1104353).\n- net: hns3: bugfix for is_valid_csq_clean_head() (bsc#1104353 ).\n- net: hns3: bugfix for reporting unknown vector0 interrupt repeatly problem (bsc#1104353).\n- net: hns3: bugfix for rtnl_lock\u0027s range in the hclgevf_reset() (bsc#1104353).\n- net: hns3: bugfix for the initialization of command queue\u0027s spin lock (bsc#1104353).\n- net: hns3: Check hdev state when getting link status (bsc#1104353).\n- net: hns3: Clear client pointer when initialize client failed or unintialize finished (bsc#1104353).\n- net: hns3: Fix cmdq registers initialization issue for vf (bsc#1104353).\n- net: hns3: Fix error of checking used vlan id (bsc#1104353 ).\n- net: hns3: Fix ets validate issue (bsc#1104353).\n- net: hns3: Fix for netdev not up problem when setting mtu (bsc#1104353).\n- net: hns3: Fix for out-of-bounds access when setting pfc back pressure (bsc#1104353).\n- net: hns3: Fix for packet buffer setting bug (bsc#1104353 ).\n- net: hns3: Fix for rx vlan id handle to support Rev 0x21 hardware (bsc#1104353).\n- net: hns3: Fix for setting speed for phy failed problem (bsc#1104353).\n- net: hns3: Fix for vf vlan delete failed problem (bsc#1104353 ).\n- net: hns3: Fix loss of coal configuration while doing reset (bsc#1104353).\n- net: hns3: Fix parameter type for q_id in hclge_tm_q_to_qs_map_cfg() (bsc#1104353).\n- net: hns3: Fix ping exited problem when doing lp selftest (bsc#1104353).\n- net: hns3: Preserve vlan 0 in hardware table (bsc#1104353 ).\n- net: hns3: remove unnecessary queue reset in the hns3_uninit_all_ring() (bsc#1104353).\n- net: hns3: Set STATE_DOWN bit of hdev state when stopping net (bsc#1104353).\n- net: hns: fix for unmapping problem when SMMU is on (networking-stable-18_10_16).\n- net: hp100: fix always-true check for link up state (networking-stable-18_09_24).\n- net: ibm: fix return type of ndo_start_xmit function ().\n- net/ibmnvic: Fix deadlock problem in reset ().\n- net/ibmvnic: Fix RTNL deadlock during device reset (bnc#1115431).\n- net: ipmr: fix unresolved entry dumps (networking-stable-18_11_02).\n- net: ipv4: do not let PMTU updates increase route MTU (git-fixes).\n- net/ipv6: Display all addresses in output of /proc/net/if_inet6 (networking-stable-18_10_16).\n- net/ipv6: Fix index counter for unicast addresses in in6_dump_addrs (networking-stable-18_11_02).\n- netlabel: check for IPV4MASK in addrinfo_get (networking-stable-18_10_16).\n- net: macb: do not disable MDIO bus at open/close time (networking-stable-18_09_11).\n- net/mlx4_core: Correctly set PFC param if global pause is turned off (bsc#1046299).\n- net/mlx5: Check for error in mlx5_attach_interface (networking-stable-18_09_18).\n- net/mlx5e: Fix selftest for small MTUs (networking-stable-18_11_21).\n- net/mlx5e: Set vlan masks for all offloaded TC rules (networking-stable-18_10_16).\n- net/mlx5: E-Switch, Fix memory leak when creating switchdev mode FDB tables (networking-stable-18_09_18).\n- net/mlx5: E-Switch, Fix out of bound access when setting vport rate (networking-stable-18_10_16).\n- net/mlx5: Fix debugfs cleanup in the device init/remove flow (networking-stable-18_09_18).\n- net/mlx5: Fix use-after-free in self-healing flow (networking-stable-18_09_18).\n- net/mlx5: Take only bit 24-26 of wqe.pftype_wq for page fault type (networking-stable-18_11_02).\n- net: mvpp2: Extract the correct ethtype from the skb for tx csum offload (networking-stable-18_10_16).\n- net: mvpp2: fix a txq_done race condition (networking-stable-18_10_16).\n- net/packet: fix packet drop as of virtio gso (networking-stable-18_10_16).\n- net: phy: mdio-gpio: Fix working over slow can_sleep GPIOs (networking-stable-18_11_21).\n- net: qca_spi: Fix race condition in spi transfers (networking-stable-18_09_18).\n- net: qmi_wwan: add Wistron Neweb D19Q1 (bsc#1051510).\n- net: sched: action_ife: take reference to meta module (networking-stable-18_09_11).\n- net/sched: act_pedit: fix dump of extended layered op (networking-stable-18_09_11).\n- net/sched: act_sample: fix NULL dereference in the data path (networking-stable-18_09_24).\n- net: sched: Fix for duplicate class dump (networking-stable-18_11_02).\n- net: sched: Fix memory exposure from short TCA_U32_SEL (networking-stable-18_09_11).\n- net: sched: gred: pass the right attribute to gred_change_table_def() (networking-stable-18_11_02).\n- net: smsc95xx: Fix MTU range (networking-stable-18_11_21).\n- net: socket: fix a missing-check bug (networking-stable-18_11_02).\n- net: stmmac: Fix stmmac_mdio_reset() when building stmmac as modules (networking-stable-18_11_02).\n- net: stmmac: Fixup the tail addr setting in xmit path (networking-stable-18_10_16).\n- net: systemport: Fix wake-up interrupt race during resume (networking-stable-18_10_16).\n- net: systemport: Protect stop from timeout (networking-stable-18_11_21).\n- net: udp: fix handling of CHECKSUM_COMPLETE packets (networking-stable-18_11_02).\n- net/usb: cancel pending work when unbinding smsc75xx (networking-stable-18_10_16).\n- net: usb: r8152: constify usb_device_id (bsc#1119749).\n- net: usb: r8152: use irqsave() in USB\u0027s complete callback (bsc#1119749).\n- nfc: nfcmrvl_uart: fix OF child-node lookup (bsc#1051510).\n- nfp: wait for posted reconfigs when disabling the device (networking-stable-18_09_11).\n- nfs: Avoid RCU usage in tracepoints (git-fixes).\n- nfs: commit direct writes even if they fail partially (git-fixes).\n- nfsd4: permit layoutget of executable-only files (git-fixes).\n- nfsd: check for use of the closed special stateid (git-fixes).\n- nfsd: CLOSE SHOULD return the invalid special stateid for NFSv4.x (x\u003e0) (git-fixes).\n- nfsd: deal with revoked delegations appropriately (git-fixes).\n- nfsd: Ensure we check stateid validity in the seqid operation checks (git-fixes).\n- nfsd: Fix another OPEN stateid race (git-fixes).\n- nfsd: fix corrupted reply to badly ordered compound (git-fixes).\n- nfsd: fix potential use-after-free in nfsd4_decode_getdeviceinfo (git-fixes).\n- nfsd: Fix stateid races between OPEN and CLOSE (git-fixes).\n- nfs: do not wait on commit in nfs_commit_inode() if there were no commit requests (git-fixes).\n- nfsd: restrict rd_maxcount to svc_max_payload in nfsd_encode_readdir (git-fixes).\n- nfs: Ensure we commit after writeback is complete (bsc#1111809).\n- nfs: Fix an incorrect type in struct nfs_direct_req (git-fixes).\n- nfs: Fix a typo in nfs_rename() (git-fixes).\n- nfs: Fix typo in nomigration mount option (git-fixes).\n- nfs: Fix unstable write completion (git-fixes).\n- nfsv4.0 fix client reference leak in callback (git-fixes).\n- nfsv4.1: Fix a potential layoutget/layoutrecall deadlock (git-fixes).\n- nfsv4.1 fix infinite loop on I/O (git-fixes).\n- nfsv4.1: Fix the client behaviour on NFS4ERR_SEQ_FALSE_RETRY (git-fixes).\n- nfsv4.1: Fix up replays of interrupted requests (git-fixes).\n- nfsv4: Fix a typo in nfs41_sequence_process (git-fixes).\n- nl80211: Fix possible Spectre-v1 for CQM RSSI thresholds (bsc#1051510).\n- nl80211: Fix possible Spectre-v1 for NL80211_TXRATE_HT (bsc#1051510).\n- nospec: Allow index argument to have const-qualified type (git-fixes)\n- nospec: Include \u003casm/barrier.h\u003e dependency (bsc#1114279).\n- nospec: Kill array_index_nospec_mask_check() (git-fixes).\n- nvdimm: Clarify comment in sizeof_namespace_index (bsc#1111921, bsc#1113408, bsc#1113972).\n- nvdimm: Remove empty if statement (bsc#1111921, bsc#1113408, bsc#1113972).\n- nvdimm: Sanity check labeloff (bsc#1111921, bsc#1113408, bsc#1113972).\n- nvdimm: Split label init out from the logic for getting config data (bsc#1111921, bsc#1113408, bsc#1113972).\n- nvdimm: Use namespace index data to reduce number of label reads needed (bsc#1111921, bsc#1113408, bsc#1113972).\n- nvme-fc: resolve io failures during connect (bsc#1116803).\n- nvme: Free ctrl device name on init failure ().\n- nvme-multipath: zero out ANA log buffer (bsc#1105168).\n- nvme: validate controller state before rescheduling keep alive (bsc#1103257).\n- objtool: Detect RIP-relative switch table references (bsc#1058115).\n- objtool: Detect RIP-relative switch table references, part 2 (bsc#1058115).\n- objtool: Fix another switch table detection issue (bsc#1058115).\n- objtool: Fix double-free in .cold detection error path (bsc#1058115).\n- objtool: Fix GCC 8 cold subfunction detection for aliased functions (bsc#1058115).\n- objtool: Fix \u0027noreturn\u0027 detection for recursive sibling calls (bsc#1058115).\n- objtool: Fix segfault in .cold detection with -ffunction-sections (bsc#1058115).\n- objtool: Support GCC 8\u0027s cold subfunctions (bsc#1058115).\n- objtool: Support GCC 8 switch tables (bsc#1058115).\n- ocfs2: fix a misuse a of brelse after failing ocfs2_check_dir_entry (bsc#1117817).\n- ocfs2: fix locking for res-\u003etracking and dlm-\u003etracking_list (bsc#1117816).\n- ocfs2: fix ocfs2 read block panic (bsc#1117815).\n- ocfs2: free up write context when direct IO failed (bsc#1117821).\n- ocfs2: subsystem.su_mutex is required while accessing the item-\u003eci_parent (bsc#1117808).\n- of: add helper to lookup compatible child node (bsc#1106110)\n- openvswitch: Fix push/pop ethernet validation (networking-stable-18_11_02).\n- panic: avoid deadlocks in re-entrant console drivers (bsc#1088386).\n- pci: Add ACS quirk for Ampere root ports (bsc#1120058).\n- pci: Add ACS quirk for APM X-Gene devices (bsc#1120058).\n- pci: Add Device IDs for Intel GPU \u0027spurious interrupt\u0027 quirk (bsc#1051510).\n- pci/ASPM: Do not initialize link state when aspm_disabled is set (bsc#1051510).\n- pci/ASPM: Fix link_state teardown on device removal (bsc#1051510).\n- pci: Convert device-specific ACS quirks from NULL termination to ARRAY_SIZE (bsc#1120058).\n- pci: Delay after FLR of Intel DC P3700 NVMe (bsc#1120058).\n- pci: Disable Samsung SM961/PM961 NVMe before FLR (bsc#1120058).\n- pci: dwc: remove duplicate fix (bsc#1115269)\n- pci: Export pcie_has_flr() (bsc#1120058).\n- pci: hv: Use effective affinity mask (bsc#1109772).\n- pci: imx6: Fix link training status detection in link up check (bsc#1109806).\n- pci: iproc: Activate PAXC bridge quirk for more devices (bsc#1120058).\n- pci: iproc: Remove PAXC slot check to allow VF support (bsc#1109806).\n- pci: Mark Ceton InfiniTV4 INTx masking as broken (bsc#1120058).\n- pci: Mark fall-through switch cases before enabling -Wimplicit-fallthrough (bsc#1120058).\n- pci: Mark Intel XXV710 NIC INTx masking as broken (bsc#1120058).\n- pci/MSI: Warn and return error if driver enables MSI/MSI-X twice (bsc#1051510).\n- pci: vmd: Assign vector zero to all bridges (bsc#1109806).\n- pci: vmd: Detach resources after stopping root bus (bsc#1109806).\n- pci: vmd: White list for fast interrupt handlers (bsc#1109806).\n- pcmcia: Implement CLKRUN protocol disabling for Ricoh bridges (bsc#1051510).\n- percpu: make this_cpu_generic_read() atomic w.r.t. interrupts (bsc#1114279).\n- perf: fix invalid bit in diagnostic entry (git-fixes).\n- perf tools: Fix tracing_path_mount proper path (git-fixes).\n- pinctrl: at91-pio4: fix has_config check in atmel_pctl_dt_subnode_to_map() (bsc#1051510).\n- pinctrl: meson: fix pinconf bias disable (bsc#1051510).\n- pinctrl: qcom: spmi-mpp: Fix drive strength setting (bsc#1051510).\n- pinctrl: qcom: spmi-mpp: Fix err handling of pmic_mpp_set_mux (bsc#1051510).\n- pinctrl: spmi-mpp: Fix pmic_mpp_config_get() to be compliant (bsc#1051510).\n- pinctrl: ssbi-gpio: Fix pm8xxx_pin_config_get() to be compliant (bsc#1051510).\n- pipe: match pipe_max_size data type with procfs (git-fixes).\n- platform-msi: Free descriptors in platform_msi_domain_free() (bsc#1051510).\n- platform/x86: acerhdf: Add BIOS entry for Gateway LT31 v1.3307 (bsc#1051510).\n- platform/x86: intel_telemetry: report debugfs failure (bsc#1051510).\n- pnfs: Always free the session slot on error in nfs4_layoutget_handle_exception (git-fixes).\n- pnfs: Do not release the sequence slot until we\u0027ve processed layoutget on open (git-fixes).\n- pnfs: Prevent the layout header refcount going to zero in pnfs_roc() (git-fixes).\n- powerpc/64s: consolidate MCE counter increment (bsc#1094244).\n- powerpc/64s/hash: Do not use PPC_INVALIDATE_ERAT on CPUs before POWER9 (bsc#1065729).\n- powerpc/64s/radix: Fix process table entry cache invalidation (bsc#1055186, git-fixes).\n- powerpc/boot: Expose Kconfig symbols to wrapper (bsc#1065729).\n- powerpc/boot: Fix build failures with -j 1 (bsc#1065729).\n- powerpc/boot: Fix opal console in boot wrapper (bsc#1065729).\n- powerpc/kvm/booke: Fix altivec related build break (bsc#1061840).\n- powerpc/kvm: Switch kvm pmd allocator to custom allocator (bsc#1061840).\n- powerpc/mm: Fix typo in comments (bsc#1065729).\n- powerpc/mm/hugetlb: initialize the pagetable cache correctly for hugetlb (bsc#1091800).\n- powerpc/mm/keys: Move pte bits to correct headers (bsc#1078248).\n- powerpc/mm: Rename find_linux_pte_or_hugepte() (bsc#1061840).\n- powerpc/npu-dma.c: Fix crash after __mmu_notifier_register failure (bsc#1055120).\n- powerpc/perf: Update raw-event code encoding comment for power8 (bsc#1065729).\n- powerpc/pkeys: Fix handling of pkey state across fork() (bsc#1078248, git-fixes).\n- powerpc/powernv: Add indirect levels to it_userspace (bsc#1061840).\n- powerpc/powernv: Do not select the cpufreq governors (bsc#1065729).\n- powerpc/powernv: Fix concurrency issue with npu-\u003emmio_atsd_usage (bsc#1055120).\n- powerpc/powernv: Fix opal_event_shutdown() called with interrupts disabled (bsc#1065729).\n- powerpc/powernv: Fix save/restore of SPRG3 on entry/exit from stop (idle) (bsc#1055121).\n- powerpc/powernv/ioda: Allocate indirect TCE levels on demand (bsc#1061840).\n- powerpc/powernv/ioda: Finish removing explicit max window size check (bsc#1061840).\n- powerpc/powernv/ioda: Remove explicit max window size check (bsc#1061840).\n- powerpc/powernv: Move TCE manupulation code to its own file (bsc#1061840).\n- powerpc/powernv/npu: Add lock to prevent race in concurrent context init/destroy (bsc#1055120).\n- powerpc/powernv/npu: Do not explicitly flush nmmu tlb (bsc#1055120).\n- powerpc/powernv/npu: Fix deadlock in mmio_invalidate() (bsc#1055120).\n- powerpc/powernv/npu: Prevent overwriting of pnv_npu2_init_contex() callback parameters (bsc#1055120).\n- powerpc/powernv/npu: Use flush_all_mm() instead of flush_tlb_mm() (bsc#1055120).\n- powerpc/powernv/pci: Work around races in PCI bridge enabling (bsc#1055120).\n- powerpc/powernv: Rework TCE level allocation (bsc#1061840).\n- powerpc/pseries: Fix DTL buffer registration (bsc#1065729).\n- powerpc/pseries: Fix how we iterate over the DTL entries (bsc#1065729).\n- powerpc/pseries: Fix \u0027OF: ERROR: Bad of_node_put() on /cpus\u0027 during DLPAR (bsc#1113295).\n- powerpc/pseries/mobility: Extend start/stop topology update scope (bsc#1116950, bsc#1115709).\n- powerpc: pseries: remove dlpar_attach_node dependency on full path (bsc#1113295).\n- powerpc/pseries: Track LMB nid instead of using device tree (bsc#1108270).\n- powerpc/traps: restore recoverability of machine_check interrupts (bsc#1094244).\n- powerpc/xive: Move definition of ESB bits (bsc#1061840).\n- powerpc/xmon: Add ISA v3.0 SPRs to SPR dump (bsc#1061840).\n- power: supply: max8998-charger: Fix platform data retrieval (bsc#1051510).\n- power: supply: olpc_battery: correct the temperature units (bsc#1051510).\n- pppoe: fix reception of frames with no mac header (networking-stable-18_09_24).\n- printk: Fix panic caused by passing log_buf_len to command line (bsc#1117168).\n- provide linux/set_memory.h (bsc#1113295).\n- ptp: fix Spectre v1 vulnerability (bsc#1051510).\n- ptrace: Remove unused ptrace_may_access_sched() and MODE_IBRS (bsc#1106913).\n- pwm: lpss: Release runtime-pm reference from the driver\u0027s remove callback (bsc#1051510).\n- pxa168fb: prepare the clock (bsc#1051510).\n- qed: Add driver support for 20G link speed (bsc#1110558).\n- qed: Add support for virtual link (bsc#1111795).\n- qede: Add driver support for 20G link speed (bsc#1110558).\n- qmi_wwan: apply SET_DTR quirk to the SIMCOM shared device ID (bsc#1051510).\n- qmi_wwan: Support dynamic config on Quectel EP06 (bsc#1051510).\n- r8152: add byte_enable for ocp_read_word function (bsc#1119749).\n- r8152: add Linksys USB3GIGV1 id (bsc#1119749).\n- r8152: add r8153_phy_status function (bsc#1119749).\n- r8152: adjust lpm settings for RTL8153 (bsc#1119749).\n- r8152: adjust rtl8153_runtime_enable function (bsc#1119749).\n- r8152: adjust the settings about MAC clock speed down for RTL8153 (bsc#1119749).\n- r8152: adjust U2P3 for RTL8153 (bsc#1119749).\n- r8152: avoid rx queue more than 1000 packets (bsc#1119749).\n- r8152: check if disabling ALDPS is finished (bsc#1119749).\n- r8152: correct the definition (bsc#1119749).\n- r8152: disable RX aggregation on Dell TB16 dock (bsc#1119749).\n- r8152: disable RX aggregation on new Dell TB16 dock (bsc#1119749).\n- r8152: fix wrong checksum status for received IPv4 packets (bsc#1119749).\n- r8152: move calling delay_autosuspend function (bsc#1119749).\n- r8152: move the default coalesce setting for RTL8153 (bsc#1119749).\n- r8152: move the initialization to reset_resume function (bsc#1119749).\n- r8152: move the setting of rx aggregation (bsc#1119749).\n- r8152: replace napi_complete with napi_complete_done (bsc#1119749).\n- r8152: set rx mode early when linking on (bsc#1119749).\n- r8152: split rtl8152_resume function (bsc#1119749).\n- r8152: support new chip 8050 (bsc#1119749).\n- r8152: support RTL8153B (bsc#1119749).\n- r8169: fix NAPI handling under high load (networking-stable-18_11_02).\n- race of lockd inetaddr notifiers vs nlmsvc_rqst change (git-fixes).\n- raid10 BUG_ON in raise_barrier when force is true and conf-\u003ebarrier is 0 (git-fixes).\n- random: rate limit unseeded randomness warnings (git-fixes).\n- rbd: whitelist RBD_FEATURE_OPERATIONS feature bit (Git-fixes).\n- rcu: Allow for page faults in NMI handlers (bsc#1120092).\n- rdma/bnxt_re: Add missing spin lock initialization (bsc#1050244 ).\n- rdma/bnxt_re: Avoid accessing the device structure after it is freed (bsc#1050244).\n- rdma/bnxt_re: Avoid NULL check after accessing the pointer (bsc#1086283).\n- rdma/bnxt_re: Fix system hang when registration with L2 driver fails (bsc#1086283).\n- rdma/hns: Bugfix pbl configuration for rereg mr (bsc#1104427 ).\n- rdma_rxe: make rxe work over 802.1q VLAN devices (bsc#1082387).\n- rds: fix two RCU related problems (networking-stable-18_09_18).\n- remoteproc: qcom: Fix potential device node leaks (bsc#1051510).\n- reset: hisilicon: fix potential NULL pointer dereference (bsc#1051510).\n- reset: imx7: Fix always writing bits as 0 (bsc#1051510).\n- reset: remove remaining WARN_ON() in \u003clinux/reset.h\u003e (Git-fixes).\n- resource: Include resource end in walk_*() interfaces (bsc#1114279).\n- Revert \u0027blacklist.conf: blacklist inapplicable commits\u0027 This reverts commit 88bd1b2b53990d5518b819968445522fb1392bee. We only build with VIRT_CPU_ACCOUNTING_NATIVE on s390\n- Revert \u0027ceph: fix dentry leak in splice_dentry()\u0027 (bsc#1114839).\n- Revert commit ef9209b642f \u0027staging: rtl8723bs: Fix indenting errors and an off-by-one mistake in core/rtw_mlme_ext.c\u0027 (bsc#1051510).\n- Revert \u0027iommu/io-pgtable-arm: Check for v7s-incapable systems\u0027 (bsc#1106105).\n- Revert \u0027PCI/ASPM: Do not initialize link state when aspm_disabled is set\u0027 (bsc#1051510).\n- Revert \u0027powerpc/64: Fix checksum folding in csum_add()\u0027 (bsc#1065729).\n- Revert \u0027scsi: lpfc: ls_rjt erroneus FLOGIs\u0027 (bsc#1119322).\n- Revert \u0027usb: dwc3: gadget: skip Set/Clear Halt when invalid\u0027 (bsc#1051510).\n- Revert wlcore patch to follow stable tree develpment\n- ring-buffer: Allow for rescheduling when removing pages (bsc#1120238).\n- ring-buffer: Do no reuse reader page if still in use (bsc#1120096).\n- ring-buffer: Mask out the info bits when returning buffer page length (bsc#1120094).\n- rpmsg: Correct support for MODULE_DEVICE_TABLE() (git-fixes).\n- rtc: hctosys: Add missing range error reporting (bsc#1051510).\n- rtc: m41t80: Correct alarm month range with RTC reads (bsc#1051510).\n- rtc: pcf2127: fix a kmemleak caused in pcf2127_i2c_gather_write (bsc#1051510).\n- rtc: snvs: Add timeouts to avoid kernel lockups (bsc#1051510).\n- rtl8xxxu: Fix missing break in switch (bsc#1051510).\n- rtnetlink: Disallow FDB configuration for non-Ethernet device (networking-stable-18_11_02).\n- rtnetlink: fix rtnl_fdb_dump() for ndmsg header (networking-stable-18_10_16).\n- rtnl: limit IFLA_NUM_TX_QUEUES and IFLA_NUM_RX_QUEUES to 4096 (networking-stable-18_10_16).\n- s390/cpum_sf: Add data entry sizes to sampling trailer entry (git-fixes).\n- s390/dasd: simplify locking in dasd_times_out (bsc#1104967,).\n- s390/kdump: Fix elfcorehdr size calculation (bsc#1117953, LTC#171112).\n- s390/kdump: Make elfcorehdr size calculation ABI compliant (bsc#1117953, LTC#171112).\n- s390/kvm: fix deadlock when killed by oom (bnc#1113501, LTC#172235).\n- s390/mm: Check for valid vma before zapping in gmap_discard (git-fixes).\n- s390/mm: correct allocate_pgste proc_handler callback (git-fixes).\n- s390: qeth_core_mpc: Use ARRAY_SIZE instead of reimplementing its function (bnc#1113501, LTC#172682).\n- s390/qeth: fix HiperSockets sniffer (bnc#1113501, LTC#172953).\n- s390/qeth: fix length check in SNMP processing (bsc#1117953, LTC#173657).\n- s390: qeth: Fix potential array overrun in cmd/rc lookup (bnc#1113501, LTC#172682).\n- s390/qeth: handle failure on workqueue creation (git-fixes).\n- s390/qeth: remove outdated portname debug msg (bsc#1117953, LTC#172960).\n- s390/qeth: report 25Gbit link speed (bnc#1113501, LTC#172959).\n- s390/qeth: sanitize strings in debug messages (bsc#1117953, LTC#172960).\n- s390: revert ELF_ET_DYN_BASE base changes (git-fixes).\n- s390/sclp_tty: enable line mode tty even if there is an ascii console (git-fixes).\n- s390/sthyi: add cache to store hypervisor info (LTC#160415, bsc#1068273).\n- s390/sthyi: add s390_sthyi system call (LTC#160415, bsc#1068273).\n- s390/sthyi: reorganize sthyi implementation (LTC#160415, bsc#1068273).\n- sbitmap: fix race in wait batch accounting (Git-fixes).\n- sched/core: Fix cpu.max vs. cpuhotplug deadlock (bsc#1106913).\n- sched/smt: Expose sched_smt_present static key (bsc#1106913).\n- sched/smt: Make sched_smt_present track topology (bsc#1106913).\n- sched, tracing: Fix trace_sched_pi_setprio() for deboosting (bsc#1120228).\n- scsi: core: Avoid that SCSI device removal through sysfs triggers a deadlock (bsc#1114578).\n- scsi: libsas: remove irq save in sas_ata_qc_issue() (bsc#1114580).\n- scsi: lpfc: add support to retrieve firmware logs (bsc#1114015).\n- scsi: lpfc: add Trunking support (bsc#1114015).\n- scsi: lpfc: Cap NPIV vports to 256 (bsc#1118215).\n- scsi: lpfc: Correct code setting non existent bits in sli4 ABORT WQE (bsc#1118215).\n- scsi: lpfc: Correct errors accessing fw log (bsc#1114015).\n- scsi: lpfc: Correct invalid EQ doorbell write on if_type=6 (bsc#1114015).\n- scsi: lpfc: Correct irq handling via locks when taking adapter offline (bsc#1114015).\n- scsi: lpfc: Correct LCB RJT handling (bsc#1114015).\n- scsi: lpfc: Correct loss of fc4 type on remote port address change (bsc#1114015).\n- scsi: lpfc: Correct race with abort on completion path (bsc#1114015).\n- scsi: lpfc: Correct soft lockup when running mds diagnostics (bsc#1114015).\n- scsi: lpfc: Correct speeds on SFP swap (bsc#1114015).\n- scsi: lpfc: Correct topology type reporting on G7 adapters (bsc#1118215).\n- scsi: lpfc: Defer LS_ACC to FLOGI on point to point logins (bsc#1118215).\n- scsi: lpfc: Enable Management features for IF_TYPE=6 (bsc#1119322).\n- scsi: lpfc: fcoe: Fix link down issue after 1000+ link bounces (bsc#1114015).\n- scsi: lpfc: Fix a duplicate 0711 log message number (bsc#1118215).\n- scsi: lpfc: fix block guard enablement on SLI3 adapters (bsc#1079935).\n- scsi: lpfc: Fix dif and first burst use in write commands (bsc#1118215).\n- scsi: lpfc: Fix discovery failures during port failovers with lots of vports (bsc#1118215).\n- scsi: lpfc: Fix driver release of fw-logging buffers (bsc#1118215).\n- scsi: lpfc: Fix errors in log messages (bsc#1114015).\n- scsi: lpfc: Fix GFT_ID and PRLI logic for RSCN (bsc#1114015).\n- scsi: lpfc: Fix kernel Oops due to null pring pointers (bsc#1118215).\n- scsi: lpfc: Fix LOGO/PLOGI handling when triggerd by ABTS Timeout event (bsc#1114015).\n- scsi: lpfc: Fix lpfc_sli4_read_config return value check (bsc#1114015).\n- scsi: lpfc: Fix odd recovery in duplicate FLOGIs in point-to-point (bsc#1114015).\n- scsi: lpfc: Fix panic when FW-log buffsize is not initialized (bsc#1118215).\n- scsi: lpfc: Implement GID_PT on Nameserver query to support faster failover (bsc#1114015).\n- scsi: lpfc: ls_rjt erroneus FLOGIs (bsc#1118215).\n- scsi: lpfc: Raise nvme defaults to support a larger io and more connectivity (bsc#1114015).\n- scsi: lpfc: raise sg count for nvme to use available sg resources (bsc#1114015).\n- scsi: lpfc: reduce locking when updating statistics (bsc#1114015).\n- scsi: lpfc: refactor mailbox structure context fields (bsc#1118215).\n- scsi: lpfc: Remove set but not used variable \u0027sgl_size\u0027 (bsc#1114015).\n- scsi: lpfc: Reset link or adapter instead of doing infinite nameserver PLOGI retry (bsc#1114015).\n- scsi: lpfc: rport port swap discovery issue (bsc#1118215).\n- scsi: lpfc: Synchronize access to remoteport via rport (bsc#1114015).\n- scsi: lpfc: update driver version to 12.0.0.7 (bsc#1114015).\n- scsi: lpfc: update driver version to 12.0.0.8 (bsc#1114015).\n- scsi: lpfc: update driver version to 12.0.0.9 (bsc#1118215).\n- scsi: lpfc: update manufacturer attribute to reflect Broadcom (bsc#1118215).\n- scsi: qlogicpti: Fix an error handling path in \u0027qpti_sbus_probe()\u0027 (bsc#1114581).\n- scsi: scsi_transport_srp: Fix shost to rport translation (bsc#1114582).\n- scsi: sg: fix minor memory leak in error path (bsc#1114584).\n- scsi: sysfs: Introduce sysfs_{un,}break_active_protection() (bsc#1114578).\n- scsi: target: add emulate_pr backstore attr to toggle PR support (bsc#1091405).\n- scsi: target: drop unused pi_prot_format attribute storage (bsc#1091405).\n- scsi: target: Fix fortify_panic kernel exception (bsc#1114576).\n- scsi: target/tcm_loop: Avoid that static checkers warn about dead code (bsc#1114577).\n- scsi: target: tcmu: add read length support (bsc#1097755).\n- scsi: zfcp: fix posting too many status read buffers leading to adapter shutdown (bsc#1121483, LTC#174588).\n- sctp: fix race on sctp_id2asoc (networking-stable-18_11_02).\n- sctp: fix strchange_flags name for Stream Change Event (networking-stable-18_11_21).\n- sctp: hold transport before accessing its asoc in sctp_transport_get_next (networking-stable-18_09_11).\n- sctp: not allow to set asoc prsctp_enable by sockopt (networking-stable-18_11_21).\n- sctp: not increase stream\u0027s incnt before sending addstrm_in request (networking-stable-18_11_21).\n- sctp: update dst pmtu with the correct daddr (networking-stable-18_10_16).\n- serial: 8250: Fix clearing FIFOs in RS485 mode again (bsc#1051510).\n- shmem: introduce shmem_inode_acct_block (VM Functionality, bsc#1121599).\n- shmem: shmem_charge: verify max_block is not exceeded before inode update (VM Functionality, bsc#1121599).\n- skd: Avoid that module unloading triggers a use-after-free (Git-fixes).\n- skd: Submit requests to firmware before triggering the doorbell (Git-fixes).\n- skip LAYOUTRETURN if layout is invalid (git-fixes).\n- soc: bcm2835: sync firmware properties with downstream ()\n- soc: fsl: qbman: qman: avoid allocating from non existing gen_pool (bsc#1051510).\n- soc/tegra: pmc: Fix child-node lookup (bsc#1051510).\n- soc: ti: QMSS: Fix usage of irq_set_affinity_hint (bsc#1051510).\n- spi: bcm2835: Avoid finishing transfer prematurely in IRQ mode (bsc#1051510).\n- spi: bcm2835: Fix book-keeping of DMA termination (bsc#1051510).\n- spi: bcm2835: Fix race on DMA termination (bsc#1051510).\n- spi: bcm2835: Unbreak the build of esoteric configs (bsc#1051510).\n- spi/bcm63xx-hsspi: keep pll clk enabled (bsc#1051510).\n- spi: bcm-qspi: switch back to reading flash using smaller chunks (bsc#1051510).\n- spi: sh-msiof: fix deferred probing (bsc#1051510).\n- splice: do not read more than available pipe space (bsc#1119212).\n- staging: bcm2835-camera: Abort probe if there is no camera (bsc#1051510).\n- staging: comedi: ni_mio_common: protect register write overflow (bsc#1051510).\n- staging:iio:ad7606: fix voltage scales (bsc#1051510).\n- staging: rtl8712: Fix possible buffer overrun (bsc#1051510).\n- staging: rtl8723bs: Add missing return for cfg80211_rtw_get_station (bsc#1051510).\n- staging: rtl8723bs: Fix the return value in case of error in \u0027rtw_wx_read32()\u0027 (bsc#1051510).\n- staging: rts5208: fix gcc-8 logic error warning (bsc#1051510).\n- staging: vchiq_arm: fix compat VCHIQ_IOC_AWAIT_COMPLETION (bsc#1051510).\n- staging: wilc1000: fix missing read_write setting when reading data (bsc#1051510).\n- sunrpc: Allow connect to return EHOSTUNREACH (git-fixes).\n- sunrpc: Do not use stack buffer with scatterlist (git-fixes).\n- sunrpc: Fix rpc_task_begin trace point (git-fixes).\n- sunrpc: Fix tracepoint storage issues with svc_recv and svc_rqst_status (git-fixes).\n- supported.conf: add raspberrypi-ts driver\n- supported.conf: whitelist bluefield eMMC driver\n- target: fix buffer offset in core_scsi3_pri_read_full_status (bsc1117349).\n- target/iscsi: avoid NULL dereference in CHAP auth error path (bsc#1117165).\n- target: se_dev_attrib.emulate_pr ABI stability (bsc#1091405).\n- tcp: do not restart timewait timer on rst reception (networking-stable-18_09_11).\n- team: no need to do team_notify_peers or team_mcast_rejoin when disabling port (bsc#1051510).\n- termios, tty/tty_baudrate.c: fix buffer overrun (bsc#1051510).\n- test_firmware: fix error return getting clobbered (bsc#1051510).\n- test_hexdump: use memcpy instead of strncpy (bsc#1051510).\n- tg3: Add PHY reset for 5717/5719/5720 in change ring and flow control paths (networking-stable-18_11_21).\n- thermal: bcm2835: enable hwmon explicitly (bsc#1108468).\n- thermal: da9062/61: Prevent hardware access during system suspend (bsc#1051510).\n- thermal: rcar_thermal: Prevent hardware access during system suspend (bsc#1051510).\n- tipc: do not assume linear buffer when reading ancillary data (networking-stable-18_11_21).\n- tipc: fix a missing rhashtable_walk_exit() (networking-stable-18_09_11).\n- tipc: fix flow control accounting for implicit connect (networking-stable-18_10_16).\n- tmpfs: make lseek(SEEK_DATA/SEK_HOLE) return ENXIO with a negative offset (bsc#1051510).\n- tools build: fix # escaping in .cmd files for future Make (git-fixes).\n- tools: hv: fcopy: set \u0027error\u0027 in case an unknown operation was requested (git-fixes).\n- tools: hv: include string.h in hv_fcopy_daemon (git-fixes).\n- tools/lib/lockdep: Rename \u0027trywlock\u0027 into \u0027trywrlock\u0027 (bsc#1121973).\n- tools/power/cpupower: fix compilation with STATIC=true (git-fixes).\n- tools/power turbostat: fix possible sprintf buffer overflow (git-fixes).\n- tpm2-cmd: allow more attempts for selftest execution (bsc#1082555).\n- tpm: add retry logic (bsc#1082555).\n- tpm: consolidate the TPM startup code (bsc#1082555).\n- tpm: do not suspend/resume if power stays on (bsc#1082555).\n- tpm: fix intermittent failure with self tests (bsc#1082555).\n- tpm: fix response size validation in tpm_get_random() (bsc#1082555).\n- tpm: move endianness conversion of ordinals to tpm_input_header (bsc#1082555).\n- tpm: move endianness conversion of TPM_TAG_RQU_COMMAND to tpm_input_header (bsc#1082555).\n- tpm: move the delay_msec increment after sleep in tpm_transmit() (bsc#1082555).\n- tpm: React correctly to RC_TESTING from TPM 2.0 self tests (bsc#1082555).\n- tpm: replace msleep() with usleep_range() in TPM 1.2/2.0 generic drivers (bsc#1082555).\n- tpm: Restore functionality to xen vtpm driver (bsc#1082555).\n- tpm: self test failure should not cause suspend to fail (bsc#1082555).\n- tpm: tpm-interface: fix tpm_transmit/_cmd kdoc (bsc#1082555).\n- tpm: Trigger only missing TPM 2.0 self tests (bsc#1082555).\n- tpm: Use dynamic delay to wait for TPM 2.0 self test result (bsc#1082555).\n- tpm: use tpm2_pcr_read() in tpm2_do_selftest() (bsc#1082555).\n- tpm: use tpm_buf functions in tpm2_pcr_read() (bsc#1082555).\n- tracing: Apply trace_clock changes to instance max buffer (bsc#1117188).\n- tracing/blktrace: Fix to allow setting same value (Git-fixes).\n- tracing: Erase irqsoff trace with empty write (bsc#1117189).\n- tracing: Fix bad use of igrab in trace_uprobe.c (bsc#1120046).\n- tracing: Fix crash when freeing instances with event triggers (bsc#1120230).\n- tracing: Fix crash when it fails to alloc ring buffer (bsc#1120097).\n- tracing: Fix double free of event_trigger_data (bsc#1120234).\n- tracing: Fix missing return symbol in function_graph output (bsc#1120232).\n- tracing: Fix possible double free in event_enable_trigger_func() (bsc#1120235).\n- tracing: Fix possible double free on failure of allocating trace buffer (bsc#1120214).\n- tracing: Fix regex_match_front() to not over compare the test string (bsc#1120223).\n- tracing: Fix trace_pipe behavior for instance traces (bsc#1120088).\n- tracing: Remove RCU work arounds from stack tracer (bsc#1120092).\n- tracing/samples: Fix creation and deletion of simple_thread_fn creation (git-fixes).\n- tty: check name length in tty_find_polling_driver() (bsc#1051510).\n- tty: Do not block on IO when ldisc change is pending (bnc#1105428).\n- tty: Do not hold ldisc lock in tty_reopen() if ldisc present (bsc#1051510).\n- tty: Do not return -EAGAIN in blocking read (bsc#1116040).\n- tty: do not set TTY_IO_ERROR flag if console port (bsc#1051510).\n- tty: fix data race between tty_init_dev and flush of buf (bnc#1105428).\n- tty: Hold tty_ldisc_lock() during tty_reopen() (bnc#1105428).\n- tty/ldsem: Add lockdep asserts for ldisc_sem (bnc#1105428).\n- tty/ldsem: Convert to regular lockdep annotations (bnc#1105428).\n- tty/ldsem: Decrement wait_readers on timeouted down_read() (bnc#1105428).\n- tty/ldsem: Wake up readers after timed out down_write() (bnc#1105428).\n- tty: serial: 8250_mtk: always resume the device in probe (bsc#1051510).\n- tty: Simplify tty-\u003ecount math in tty_reopen() (bnc#1105428).\n- tty: wipe buffer (bsc#1051510).\n- tty: wipe buffer if not echoing data (bsc#1051510).\n- tun: Consistently configure generic netdev params via rtnetlink (bsc#1051510).\n- tuntap: fix multiqueue rx (networking-stable-18_11_21).\n- ubifs: Handle re-linking of inodes correctly while recovery (bsc#1120598).\n- ubifs-Handle-re-linking-of-inodes-correctly-while-re.patch: Fixup compilation failure due to different ubifs_assert() prototype.\n- udf: Allow mounting volumes with incorrect identification strings (bsc#1118774).\n- udp4: fix IP_CMSG_CHECKSUM for connected sockets (networking-stable-18_09_24).\n- udp6: add missing checks on edumux packet processing (networking-stable-18_09_24).\n- udp6: fix encap return code for resubmitting (git-fixes).\n- uio: ensure class is registered before devices (bsc#1051510).\n- uio: Fix an Oops on load (bsc#1051510).\n- uio: make symbol \u0027uio_class_registered\u0027 static (bsc#1051510).\n- unifdef: use memcpy instead of strncpy (bsc#1051510).\n- usb: appledisplay: Add 27\u0027 Apple Cinema Display (bsc#1051510).\n- usb: cdc-acm: add entry for Hiro (Conexant) modem (bsc#1051510).\n- usb: chipidea: Prevent unbalanced IRQ disable (bsc#1051510).\n- usb: core: Fix hub port connection events lost (bsc#1051510).\n- usb: core: quirks: add RESET_RESUME quirk for Cherry G230 Stream series (bsc#1051510).\n- usb: dwc2: host: do not delay retries for CONTROL IN transfers (bsc#1114385).\n- usb: dwc2: host: Do not retry NAKed transactions right away (bsc#1114385).\n- usb: dwc2: host: use hrtimer for NAK retries (git-fixes).\n- usb: dwc3: core: Clean up ULPI device (bsc#1051510).\n- usb: dwc3: gadget: fix ISOC TRB type on unaligned transfers (bsc#1051510).\n- usb: dwc3: gadget: Properly check last unaligned/zero chain TRB (bsc#1051510).\n- usb: gadget: fsl_udc_core: check allocation return value and cleanup on failure (bsc#1051510).\n- usb: gadget: fsl_udc_core: fixup struct_udc_setup documentation (bsc#1051510).\n- usb: gadget: storage: Fix Spectre v1 vulnerability (bsc#1051510).\n- usb: gadget: udc: atmel: handle at91sam9rl PMC (bsc#1051510).\n- usb: gadget: u_ether: fix unsafe list iteration (bsc#1051510).\n- usb: host: ohci-at91: fix request of irq for optional gpio (bsc#1051510).\n- usb: hso: Fix OOB memory access in hso_probe/hso_get_config_data (bsc#1051510).\n- usbip: tools: fix atoi() on non-null terminated string (bsc#1051510).\n- usbip: vhci_hcd: check rhport before using in vhci_hub_control() (bsc#1090888).\n- usbip:vudc: BUG kmalloc-2048 (Not tainted): Poison overwritten (bsc#1051510).\n- usb: misc: appledisplay: add 20\u0027 Apple Cinema Display (bsc#1051510).\n- usbnet: smsc95xx: disable carrier check while suspending (bsc#1051510).\n- usb: omap_udc: fix crashes on probe error and module removal (bsc#1051510).\n- usb: omap_udc: fix omap_udc_start() on 15xx machines (bsc#1051510).\n- usb: omap_udc: fix rejection of out transfers when DMA is used (bsc#1051510).\n- usb: omap_udc: fix USB gadget functionality on Palm Tungsten E (bsc#1051510).\n- usb: omap_udc: use devm_request_irq() (bsc#1051510).\n- usb: quirk: add no-LPM quirk on SanDisk Ultra Flair device (bsc#1051510).\n- usb: quirks: Add delay-init quirk for Corsair K70 LUX RGB (bsc#1051510).\n- usb: quirks: Add no-lpm quirk for Raydium touchscreens (bsc#1051510).\n- usb: serial: cypress_m8: fix interrupt-out transfer length (bsc#1051510).\n- usb: serial: option: add Fibocom NL668 series (bsc#1051510).\n- usb: serial: option: add GosunCn ZTE WeLink ME3630 (bsc#1051510).\n- usb: serial: option: add HP lt4132 (bsc#1051510).\n- usb: serial: option: add Simcom SIM7500/SIM7600 (MBIM mode) (bsc#1051510).\n- usb: serial: option: add Telit LN940 series (bsc#1051510).\n- usb: serial: option: add two-endpoints device-id flag (bsc#1051510).\n- usb: serial: option: drop redundant interface-class test (bsc#1051510).\n- usb: serial: option: improve Quectel EP06 detection (bsc#1051510).\n- usb: usbip: Fix BUG: KASAN: slab-out-of-bounds in vhci_hub_control() (bsc#1106110).\n- usb: usb-storage: Add new IDs to ums-realtek (bsc#1051510).\n- usb: xhci: fix timeout for transition from RExit to U0 (bsc#1051510).\n- usb: xhci: fix uninitialized completion when USB3 port got wrong status (bsc#1051510).\n- usb: xhci: Prevent bus suspend if a port connect change or polling state is detected (bsc#1051510).\n- userfaultfd: clear the vma-\u003evm_userfaultfd_ctx if UFFD_EVENT_FORK fails (bsc#1118761).\n- userfaultfd: remove uffd flags from vma-\u003evm_flags if UFFD_EVENT_FORK fails (bsc#1118809).\n- v9fs_dir_readdir: fix double-free on p9stat_read error (bsc#1118771).\n- vfs: Avoid softlockups in drop_pagecache_sb() (bsc#1118505).\n- vfs: close race between getcwd() and d_move() (git-fixes).\n- vfs: fix freeze protection in mnt_want_write_file() for overlayfs (git-fixes).\n- vhost: Fix Spectre V1 vulnerability (bsc#1051510).\n- vhost/scsi: truncate T10 PI iov_iter to prot_bytes (bsc#1051510).\n- virtio_net: avoid using netif_tx_disable() for serializing tx routine (networking-stable-18_11_02).\n- VMCI: Resource wildcard match fixed (bsc#1051510).\n- w1: omap-hdq: fix missing bus unregister at removal (bsc#1051510).\n- watchdog/core: Add missing prototypes for weak functions (git-fixes).\n- wireless: airo: potential buffer overflow in sprintf() (bsc#1051510).\n- wlcore: Fix the return value in case of error in \u0027wlcore_vendor_cmd_smart_config_start()\u0027 (bsc#1051510).\n- Workaround for mysterious NVMe breakage with i915 CFL (bsc#1111040).\n- x86/boot/KASLR: Work around firmware bugs by excluding EFI_BOOT_SERVICES_* and EFI_LOADER_* from KASLR\u0027s choice (bnc#1112878).\n- x86/bugs: Add AMD\u0027s SPEC_CTRL MSR usage (bsc#1106913).\n- x86/bugs: Fix the AMD SSBD usage of the SPEC_CTRL MSR (bsc#1106913).\n- x86/bugs: Switch the selection of mitigation from CPU vendor to CPU features (bsc#1106913).\n- x86/corruption-check: Fix panic in memory_corruption_check() when boot option without value is provided (bsc#1110006).\n- x86/cpu/vmware: Do not trace vmware_sched_clock() (bsc#1114279).\n- x86/decoder: Fix and update the opcodes map (bsc#1058115).\n- x86, hibernate: Fix nosave_regions setup for hibernation (bsc#1110006).\n- x86/irq: implement irq_data_get_effective_affinity_mask() for v4.12 (bsc#1109772).\n- x86/kabi: Fix cpu_tlbstate issue (bsc#1106913).\n- x86/kexec: Correct KEXEC_BACKUP_SRC_END off-by-one error (bsc#1114279).\n- x86/l1tf: Show actual SMT state (bsc#1106913).\n- x86/ldt: Remove unused variable in map_ldt_struct() (bsc#1114279).\n- x86/ldt: Split out sanity check in map_ldt_struct() (bsc#1114279).\n- x86/ldt: Unmap PTEs for the slot before freeing LDT pages (bsc#1114279).\n- x86/MCE/AMD: Fix the thresholding machinery initialization order (bsc#1114279).\n- x86/MCE: Make correctable error detection look at the Deferred bit (bsc#1114279).\n- x86/mm: Fix decoy address handling vs 32-bit builds (bsc#1120606).\n- x86/mm/pat: Disable preemption around __flush_tlb_all() (bsc#1114279).\n- x86/PCI: Add additional VMD device root ports to VMD AER quirk (bsc#1120058).\n- x86/PCI: Add \u0027pci=big_root_window\u0027 option for AMD 64-bit windows (bsc#1120058).\n- x86/PCI: Apply VMD\u0027s AERSID fixup generically (bsc#1120058).\n- x86/PCI: Avoid AMD SB7xx EHCI USB wakeup defect (bsc#1120058).\n- x86/PCI: Enable a 64bit BAR on AMD Family 15h (Models 00-1f, 30-3f, 60-7f) (bsc#1120058).\n- x86/PCI: Enable AMD 64-bit window on resume (bsc#1120058).\n- x86/PCI: Fix infinite loop in search for 64bit BAR placement (bsc#1120058).\n- x86/PCI: Move and shrink AMD 64-bit window to avoid conflict (bsc#1120058).\n- x86/PCI: Move VMD quirk to x86 fixups (bsc#1120058).\n- x86/PCI: Only enable a 64bit BAR on single-socket AMD Family 15h (bsc#1120058).\n- x86/PCI: Use is_vmd() rather than relying on the domain number (bsc#1120058).\n- x86/process: Consolidate and simplify switch_to_xtra() code (bsc#1106913).\n- x86/pti: Document fix wrong index (git-fixes).\n- x86/retpoline: Make CONFIG_RETPOLINE depend on compiler support (bsc#1106913).\n- x86/retpoline: Remove minimal retpoline support (bsc#1106913).\n- x86/speculataion: Mark command line parser data __initdata (bsc#1106913).\n- x86/speculation: Add command line control for indirect branch speculation (bsc#1106913).\n- x86/speculation: Add prctl() control for indirect branch speculation (bsc#1106913).\n- x86/speculation: Add seccomp Spectre v2 user space protection mode (bsc#1106913).\n- x86/speculation: Apply IBPB more strictly to avoid cross-process data leak (bsc#1106913).\n- x86/speculation: Avoid __switch_to_xtra() calls (bsc#1106913).\n- x86/speculation: Clean up spectre_v2_parse_cmdline() (bsc#1106913).\n- x86/speculation: Disable STIBP when enhanced IBRS is in use (bsc#1106913).\n- x86/speculation: Enable cross-hyperthread spectre v2 STIBP mitigation (bsc#1106913).\n- x86/speculation: Enable prctl mode for spectre_v2_user (bsc#1106913).\n- x86/speculation/l1tf: Drop the swap storage limit restriction when l1tf=off (bnc#1114871).\n- x86/speculation: Mark string arrays const correctly (bsc#1106913).\n- x86/speculation: Move STIPB/IBPB string conditionals out of cpu_show_common() (bsc#1106913).\n- x86/speculation: Prepare arch_smt_update() for PRCTL mode (bsc#1106913).\n- x86/speculation: Prepare for conditional IBPB in switch_mm() (bsc#1106913).\n- x86/speculation: Prepare for per task indirect branch speculation control (bsc#1106913).\n- x86/speculation: Prevent stale SPEC_CTRL msr content (bsc#1106913).\n- x86/speculation: Propagate information about RSB filling mitigation to sysfs (bsc#1106913).\n- x86/speculation: Provide IBPB always command line options (bsc#1106913).\n- x86/speculation: Remove unnecessary ret variable in cpu_show_common() (bsc#1106913).\n- x86/speculation: Rename SSBD update functions (bsc#1106913).\n- x86/speculation: Reorder the spec_v2 code (bsc#1106913).\n- x86/speculation: Reorganize speculation control MSRs update (bsc#1106913).\n- x86/speculation: Rework SMT state change (bsc#1106913).\n- x86/speculation: Split out TIF update (bsc#1106913).\n- x86/speculation: Support Enhanced IBRS on future CPUs ().\n- x86/speculation: Unify conditional spectre v2 print functions (bsc#1106913).\n- x86/speculation: Update the TIF_SSBD comment (bsc#1106913).\n- x86/xen: Fix boot loader version reported for PVH guests (bnc#1065600).\n- xen/balloon: Support xend-based toolstack (bnc#1065600).\n- xen/blkfront: avoid NULL blkfront_info dereference on device removal (bsc#1111062).\n- xen: fix race in xen_qlock_wait() (bnc#1107256).\n- xen: fix xen_qlock_wait() (bnc#1107256).\n- xen: make xen_qlock_wait() nestable (bnc#1107256).\n- xen/netfront: do not bug in case of too many frags (bnc#1104824).\n- xen/netfront: tolerate frags with no data (bnc#1119804).\n- xen/pvh: do not try to unplug emulated devices (bnc#1065600).\n- xen/pvh: increase early stack size (bnc#1065600).\n- xen-swiotlb: use actually allocated size on check physical continuous (bnc#1065600).\n- xen/x86: add diagnostic printout to xen_mc_flush() in case of error (bnc#1116183).\n- xfs: Align compat attrlist_by_handle with native implementation (git-fixes).\n- xfs: Fix error code in \u0027xfs_ioc_getbmap()\u0027 (git-fixes).\n- xfs: fix quotacheck dquot id overflow infinite loop (bsc#1121621).\n- xfs: Fix xqmstats offsets in /proc/fs/xfs/xqmstat (git-fixes).\n- xfs: Properly detect when DAX won\u0027t be used on any device (bsc#1115976).\n- xfs: xfs_buf: drop useless LIST_HEAD (git-fixes).\n- xhci: Add check for invalid byte size error when UAS devices are connected (bsc#1051510).\n- xhci: Add quirk to workaround the errata seen on Cavium Thunder-X2 Soc (bsc#1117162).\n- xhci: Do not prevent USB2 bus suspend in state check intended for USB3 only (bsc#1051510).\n- xhci: Fix leaking USB3 shared_hcd at xhci removal (bsc#1051510).\n- xhci: Prevent U1/U2 link pm states if exit latency is too long (bsc#1051510).\n- xprtrdma: Do not defer fencing an async RPC\u0027s chunks (git-fixes).\n",
"title": "Description of the patch"
},
{
"category": "details",
"text": "SUSE-2019-224,SUSE-SLE-Module-Basesystem-15-2019-224,SUSE-SLE-Module-Development-Tools-15-2019-224,SUSE-SLE-Module-Development-Tools-OBS-15-2019-224,SUSE-SLE-Module-Legacy-15-2019-224,SUSE-SLE-Module-Live-Patching-15-2019-224,SUSE-SLE-Product-HA-15-2019-224,SUSE-SLE-Product-WE-15-2019-224",
"title": "Patchnames"
},
{
"category": "legal_disclaimer",
"text": "CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).",
"title": "Terms of use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://www.suse.com/support/security/contact/",
"name": "SUSE Product Security Team",
"namespace": "https://www.suse.com/"
},
"references": [
{
"category": "external",
"summary": "SUSE ratings",
"url": "https://www.suse.com/support/security/rating/"
},
{
"category": "self",
"summary": "URL of this CSAF notice",
"url": "https://ftp.suse.com/pub/projects/security/csaf/suse-su-2019_0224-1.json"
},
{
"category": "self",
"summary": "URL for SUSE-SU-2019:0224-1",
"url": "https://www.suse.com/support/update/announcement/2019/suse-su-20190224-1/"
},
{
"category": "self",
"summary": "E-Mail link for SUSE-SU-2019:0224-1",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2019-February/005075.html"
},
{
"category": "self",
"summary": "SUSE Bug 1024718",
"url": "https://bugzilla.suse.com/1024718"
},
{
"category": "self",
"summary": "SUSE Bug 1046299",
"url": "https://bugzilla.suse.com/1046299"
},
{
"category": "self",
"summary": "SUSE Bug 1050242",
"url": "https://bugzilla.suse.com/1050242"
},
{
"category": "self",
"summary": "SUSE Bug 1050244",
"url": "https://bugzilla.suse.com/1050244"
},
{
"category": "self",
"summary": "SUSE Bug 1051510",
"url": "https://bugzilla.suse.com/1051510"
},
{
"category": "self",
"summary": "SUSE Bug 1055120",
"url": "https://bugzilla.suse.com/1055120"
},
{
"category": "self",
"summary": "SUSE Bug 1055121",
"url": "https://bugzilla.suse.com/1055121"
},
{
"category": "self",
"summary": "SUSE Bug 1055186",
"url": "https://bugzilla.suse.com/1055186"
},
{
"category": "self",
"summary": "SUSE Bug 1058115",
"url": "https://bugzilla.suse.com/1058115"
},
{
"category": "self",
"summary": "SUSE Bug 1060463",
"url": "https://bugzilla.suse.com/1060463"
},
{
"category": "self",
"summary": "SUSE Bug 1061840",
"url": "https://bugzilla.suse.com/1061840"
},
{
"category": "self",
"summary": "SUSE Bug 1065600",
"url": "https://bugzilla.suse.com/1065600"
},
{
"category": "self",
"summary": "SUSE Bug 1065729",
"url": "https://bugzilla.suse.com/1065729"
},
{
"category": "self",
"summary": "SUSE Bug 1068273",
"url": "https://bugzilla.suse.com/1068273"
},
{
"category": "self",
"summary": "SUSE Bug 1078248",
"url": "https://bugzilla.suse.com/1078248"
},
{
"category": "self",
"summary": "SUSE Bug 1079935",
"url": "https://bugzilla.suse.com/1079935"
},
{
"category": "self",
"summary": "SUSE Bug 1082387",
"url": "https://bugzilla.suse.com/1082387"
},
{
"category": "self",
"summary": "SUSE Bug 1082555",
"url": "https://bugzilla.suse.com/1082555"
},
{
"category": "self",
"summary": "SUSE Bug 1082653",
"url": "https://bugzilla.suse.com/1082653"
},
{
"category": "self",
"summary": "SUSE Bug 1083647",
"url": "https://bugzilla.suse.com/1083647"
},
{
"category": "self",
"summary": "SUSE Bug 1085535",
"url": "https://bugzilla.suse.com/1085535"
},
{
"category": "self",
"summary": "SUSE Bug 1086196",
"url": "https://bugzilla.suse.com/1086196"
},
{
"category": "self",
"summary": "SUSE Bug 1086282",
"url": "https://bugzilla.suse.com/1086282"
},
{
"category": "self",
"summary": "SUSE Bug 1086283",
"url": "https://bugzilla.suse.com/1086283"
},
{
"category": "self",
"summary": "SUSE Bug 1086423",
"url": "https://bugzilla.suse.com/1086423"
},
{
"category": "self",
"summary": "SUSE Bug 1087978",
"url": "https://bugzilla.suse.com/1087978"
},
{
"category": "self",
"summary": "SUSE Bug 1088386",
"url": "https://bugzilla.suse.com/1088386"
},
{
"category": "self",
"summary": "SUSE Bug 1089350",
"url": "https://bugzilla.suse.com/1089350"
},
{
"category": "self",
"summary": "SUSE Bug 1090888",
"url": "https://bugzilla.suse.com/1090888"
},
{
"category": "self",
"summary": "SUSE Bug 1091405",
"url": "https://bugzilla.suse.com/1091405"
},
{
"category": "self",
"summary": "SUSE Bug 1091800",
"url": "https://bugzilla.suse.com/1091800"
},
{
"category": "self",
"summary": "SUSE Bug 1094244",
"url": "https://bugzilla.suse.com/1094244"
},
{
"category": "self",
"summary": "SUSE Bug 1097593",
"url": "https://bugzilla.suse.com/1097593"
},
{
"category": "self",
"summary": "SUSE Bug 1097755",
"url": "https://bugzilla.suse.com/1097755"
},
{
"category": "self",
"summary": "SUSE Bug 1100132",
"url": "https://bugzilla.suse.com/1100132"
},
{
"category": "self",
"summary": "SUSE Bug 1102875",
"url": "https://bugzilla.suse.com/1102875"
},
{
"category": "self",
"summary": "SUSE Bug 1102877",
"url": "https://bugzilla.suse.com/1102877"
},
{
"category": "self",
"summary": "SUSE Bug 1102879",
"url": "https://bugzilla.suse.com/1102879"
},
{
"category": "self",
"summary": "SUSE Bug 1102882",
"url": "https://bugzilla.suse.com/1102882"
},
{
"category": "self",
"summary": "SUSE Bug 1102896",
"url": "https://bugzilla.suse.com/1102896"
},
{
"category": "self",
"summary": "SUSE Bug 1103257",
"url": "https://bugzilla.suse.com/1103257"
},
{
"category": "self",
"summary": "SUSE Bug 1103356",
"url": "https://bugzilla.suse.com/1103356"
},
{
"category": "self",
"summary": "SUSE Bug 1103925",
"url": "https://bugzilla.suse.com/1103925"
},
{
"category": "self",
"summary": "SUSE Bug 1104124",
"url": "https://bugzilla.suse.com/1104124"
},
{
"category": "self",
"summary": "SUSE Bug 1104353",
"url": "https://bugzilla.suse.com/1104353"
},
{
"category": "self",
"summary": "SUSE Bug 1104427",
"url": "https://bugzilla.suse.com/1104427"
},
{
"category": "self",
"summary": "SUSE Bug 1104824",
"url": "https://bugzilla.suse.com/1104824"
},
{
"category": "self",
"summary": "SUSE Bug 1104967",
"url": "https://bugzilla.suse.com/1104967"
},
{
"category": "self",
"summary": "SUSE Bug 1105168",
"url": "https://bugzilla.suse.com/1105168"
},
{
"category": "self",
"summary": "SUSE Bug 1105428",
"url": "https://bugzilla.suse.com/1105428"
},
{
"category": "self",
"summary": "SUSE Bug 1106105",
"url": "https://bugzilla.suse.com/1106105"
},
{
"category": "self",
"summary": "SUSE Bug 1106110",
"url": "https://bugzilla.suse.com/1106110"
},
{
"category": "self",
"summary": "SUSE Bug 1106237",
"url": "https://bugzilla.suse.com/1106237"
},
{
"category": "self",
"summary": "SUSE Bug 1106240",
"url": "https://bugzilla.suse.com/1106240"
},
{
"category": "self",
"summary": "SUSE Bug 1106615",
"url": "https://bugzilla.suse.com/1106615"
},
{
"category": "self",
"summary": "SUSE Bug 1106913",
"url": "https://bugzilla.suse.com/1106913"
},
{
"category": "self",
"summary": "SUSE Bug 1107256",
"url": "https://bugzilla.suse.com/1107256"
},
{
"category": "self",
"summary": "SUSE Bug 1107385",
"url": "https://bugzilla.suse.com/1107385"
},
{
"category": "self",
"summary": "SUSE Bug 1107866",
"url": "https://bugzilla.suse.com/1107866"
},
{
"category": "self",
"summary": "SUSE Bug 1108270",
"url": "https://bugzilla.suse.com/1108270"
},
{
"category": "self",
"summary": "SUSE Bug 1108468",
"url": "https://bugzilla.suse.com/1108468"
},
{
"category": "self",
"summary": "SUSE Bug 1109272",
"url": "https://bugzilla.suse.com/1109272"
},
{
"category": "self",
"summary": "SUSE Bug 1109772",
"url": "https://bugzilla.suse.com/1109772"
},
{
"category": "self",
"summary": "SUSE Bug 1109806",
"url": "https://bugzilla.suse.com/1109806"
},
{
"category": "self",
"summary": "SUSE Bug 1110006",
"url": "https://bugzilla.suse.com/1110006"
},
{
"category": "self",
"summary": "SUSE Bug 1110558",
"url": "https://bugzilla.suse.com/1110558"
},
{
"category": "self",
"summary": "SUSE Bug 1110998",
"url": "https://bugzilla.suse.com/1110998"
},
{
"category": "self",
"summary": "SUSE Bug 1111040",
"url": "https://bugzilla.suse.com/1111040"
},
{
"category": "self",
"summary": "SUSE Bug 1111062",
"url": "https://bugzilla.suse.com/1111062"
},
{
"category": "self",
"summary": "SUSE Bug 1111174",
"url": "https://bugzilla.suse.com/1111174"
},
{
"category": "self",
"summary": "SUSE Bug 1111183",
"url": "https://bugzilla.suse.com/1111183"
},
{
"category": "self",
"summary": "SUSE Bug 1111188",
"url": "https://bugzilla.suse.com/1111188"
},
{
"category": "self",
"summary": "SUSE Bug 1111469",
"url": "https://bugzilla.suse.com/1111469"
},
{
"category": "self",
"summary": "SUSE Bug 1111696",
"url": "https://bugzilla.suse.com/1111696"
},
{
"category": "self",
"summary": "SUSE Bug 1111795",
"url": "https://bugzilla.suse.com/1111795"
},
{
"category": "self",
"summary": "SUSE Bug 1111809",
"url": "https://bugzilla.suse.com/1111809"
},
{
"category": "self",
"summary": "SUSE Bug 1111921",
"url": "https://bugzilla.suse.com/1111921"
},
{
"category": "self",
"summary": "SUSE Bug 1112878",
"url": "https://bugzilla.suse.com/1112878"
},
{
"category": "self",
"summary": "SUSE Bug 1112963",
"url": "https://bugzilla.suse.com/1112963"
},
{
"category": "self",
"summary": "SUSE Bug 1113295",
"url": "https://bugzilla.suse.com/1113295"
},
{
"category": "self",
"summary": "SUSE Bug 1113408",
"url": "https://bugzilla.suse.com/1113408"
},
{
"category": "self",
"summary": "SUSE Bug 1113412",
"url": "https://bugzilla.suse.com/1113412"
},
{
"category": "self",
"summary": "SUSE Bug 1113501",
"url": "https://bugzilla.suse.com/1113501"
},
{
"category": "self",
"summary": "SUSE Bug 1113667",
"url": "https://bugzilla.suse.com/1113667"
},
{
"category": "self",
"summary": "SUSE Bug 1113677",
"url": "https://bugzilla.suse.com/1113677"
},
{
"category": "self",
"summary": "SUSE Bug 1113722",
"url": "https://bugzilla.suse.com/1113722"
},
{
"category": "self",
"summary": "SUSE Bug 1113751",
"url": "https://bugzilla.suse.com/1113751"
},
{
"category": "self",
"summary": "SUSE Bug 1113769",
"url": "https://bugzilla.suse.com/1113769"
},
{
"category": "self",
"summary": "SUSE Bug 1113780",
"url": "https://bugzilla.suse.com/1113780"
},
{
"category": "self",
"summary": "SUSE Bug 1113972",
"url": "https://bugzilla.suse.com/1113972"
},
{
"category": "self",
"summary": "SUSE Bug 1114015",
"url": "https://bugzilla.suse.com/1114015"
},
{
"category": "self",
"summary": "SUSE Bug 1114178",
"url": "https://bugzilla.suse.com/1114178"
},
{
"category": "self",
"summary": "SUSE Bug 1114279",
"url": "https://bugzilla.suse.com/1114279"
},
{
"category": "self",
"summary": "SUSE Bug 1114385",
"url": "https://bugzilla.suse.com/1114385"
},
{
"category": "self",
"summary": "SUSE Bug 1114576",
"url": "https://bugzilla.suse.com/1114576"
},
{
"category": "self",
"summary": "SUSE Bug 1114577",
"url": "https://bugzilla.suse.com/1114577"
},
{
"category": "self",
"summary": "SUSE Bug 1114578",
"url": "https://bugzilla.suse.com/1114578"
},
{
"category": "self",
"summary": "SUSE Bug 1114579",
"url": "https://bugzilla.suse.com/1114579"
},
{
"category": "self",
"summary": "SUSE Bug 1114580",
"url": "https://bugzilla.suse.com/1114580"
},
{
"category": "self",
"summary": "SUSE Bug 1114581",
"url": "https://bugzilla.suse.com/1114581"
},
{
"category": "self",
"summary": "SUSE Bug 1114582",
"url": "https://bugzilla.suse.com/1114582"
},
{
"category": "self",
"summary": "SUSE Bug 1114583",
"url": "https://bugzilla.suse.com/1114583"
},
{
"category": "self",
"summary": "SUSE Bug 1114584",
"url": "https://bugzilla.suse.com/1114584"
},
{
"category": "self",
"summary": "SUSE Bug 1114585",
"url": "https://bugzilla.suse.com/1114585"
},
{
"category": "self",
"summary": "SUSE Bug 1114839",
"url": "https://bugzilla.suse.com/1114839"
},
{
"category": "self",
"summary": "SUSE Bug 1114871",
"url": "https://bugzilla.suse.com/1114871"
},
{
"category": "self",
"summary": "SUSE Bug 1115074",
"url": "https://bugzilla.suse.com/1115074"
},
{
"category": "self",
"summary": "SUSE Bug 1115269",
"url": "https://bugzilla.suse.com/1115269"
},
{
"category": "self",
"summary": "SUSE Bug 1115431",
"url": "https://bugzilla.suse.com/1115431"
},
{
"category": "self",
"summary": "SUSE Bug 1115433",
"url": "https://bugzilla.suse.com/1115433"
},
{
"category": "self",
"summary": "SUSE Bug 1115440",
"url": "https://bugzilla.suse.com/1115440"
},
{
"category": "self",
"summary": "SUSE Bug 1115567",
"url": "https://bugzilla.suse.com/1115567"
},
{
"category": "self",
"summary": "SUSE Bug 1115709",
"url": "https://bugzilla.suse.com/1115709"
},
{
"category": "self",
"summary": "SUSE Bug 1115976",
"url": "https://bugzilla.suse.com/1115976"
},
{
"category": "self",
"summary": "SUSE Bug 1116040",
"url": "https://bugzilla.suse.com/1116040"
},
{
"category": "self",
"summary": "SUSE Bug 1116183",
"url": "https://bugzilla.suse.com/1116183"
},
{
"category": "self",
"summary": "SUSE Bug 1116336",
"url": "https://bugzilla.suse.com/1116336"
},
{
"category": "self",
"summary": "SUSE Bug 1116692",
"url": "https://bugzilla.suse.com/1116692"
},
{
"category": "self",
"summary": "SUSE Bug 1116693",
"url": "https://bugzilla.suse.com/1116693"
},
{
"category": "self",
"summary": "SUSE Bug 1116698",
"url": "https://bugzilla.suse.com/1116698"
},
{
"category": "self",
"summary": "SUSE Bug 1116699",
"url": "https://bugzilla.suse.com/1116699"
},
{
"category": "self",
"summary": "SUSE Bug 1116700",
"url": "https://bugzilla.suse.com/1116700"
},
{
"category": "self",
"summary": "SUSE Bug 1116701",
"url": "https://bugzilla.suse.com/1116701"
},
{
"category": "self",
"summary": "SUSE Bug 1116803",
"url": "https://bugzilla.suse.com/1116803"
},
{
"category": "self",
"summary": "SUSE Bug 1116841",
"url": "https://bugzilla.suse.com/1116841"
},
{
"category": "self",
"summary": "SUSE Bug 1116862",
"url": "https://bugzilla.suse.com/1116862"
},
{
"category": "self",
"summary": "SUSE Bug 1116863",
"url": "https://bugzilla.suse.com/1116863"
},
{
"category": "self",
"summary": "SUSE Bug 1116876",
"url": "https://bugzilla.suse.com/1116876"
},
{
"category": "self",
"summary": "SUSE Bug 1116877",
"url": "https://bugzilla.suse.com/1116877"
},
{
"category": "self",
"summary": "SUSE Bug 1116878",
"url": "https://bugzilla.suse.com/1116878"
},
{
"category": "self",
"summary": "SUSE Bug 1116891",
"url": "https://bugzilla.suse.com/1116891"
},
{
"category": "self",
"summary": "SUSE Bug 1116895",
"url": "https://bugzilla.suse.com/1116895"
},
{
"category": "self",
"summary": "SUSE Bug 1116899",
"url": "https://bugzilla.suse.com/1116899"
},
{
"category": "self",
"summary": "SUSE Bug 1116950",
"url": "https://bugzilla.suse.com/1116950"
},
{
"category": "self",
"summary": "SUSE Bug 1117115",
"url": "https://bugzilla.suse.com/1117115"
},
{
"category": "self",
"summary": "SUSE Bug 1117162",
"url": "https://bugzilla.suse.com/1117162"
},
{
"category": "self",
"summary": "SUSE Bug 1117165",
"url": "https://bugzilla.suse.com/1117165"
},
{
"category": "self",
"summary": "SUSE Bug 1117168",
"url": "https://bugzilla.suse.com/1117168"
},
{
"category": "self",
"summary": "SUSE Bug 1117172",
"url": "https://bugzilla.suse.com/1117172"
},
{
"category": "self",
"summary": "SUSE Bug 1117174",
"url": "https://bugzilla.suse.com/1117174"
},
{
"category": "self",
"summary": "SUSE Bug 1117181",
"url": "https://bugzilla.suse.com/1117181"
},
{
"category": "self",
"summary": "SUSE Bug 1117184",
"url": "https://bugzilla.suse.com/1117184"
},
{
"category": "self",
"summary": "SUSE Bug 1117186",
"url": "https://bugzilla.suse.com/1117186"
},
{
"category": "self",
"summary": "SUSE Bug 1117188",
"url": "https://bugzilla.suse.com/1117188"
},
{
"category": "self",
"summary": "SUSE Bug 1117189",
"url": "https://bugzilla.suse.com/1117189"
},
{
"category": "self",
"summary": "SUSE Bug 1117349",
"url": "https://bugzilla.suse.com/1117349"
},
{
"category": "self",
"summary": "SUSE Bug 1117561",
"url": "https://bugzilla.suse.com/1117561"
},
{
"category": "self",
"summary": "SUSE Bug 1117656",
"url": "https://bugzilla.suse.com/1117656"
},
{
"category": "self",
"summary": "SUSE Bug 1117788",
"url": "https://bugzilla.suse.com/1117788"
},
{
"category": "self",
"summary": "SUSE Bug 1117789",
"url": "https://bugzilla.suse.com/1117789"
},
{
"category": "self",
"summary": "SUSE Bug 1117790",
"url": "https://bugzilla.suse.com/1117790"
},
{
"category": "self",
"summary": "SUSE Bug 1117791",
"url": "https://bugzilla.suse.com/1117791"
},
{
"category": "self",
"summary": "SUSE Bug 1117792",
"url": "https://bugzilla.suse.com/1117792"
},
{
"category": "self",
"summary": "SUSE Bug 1117794",
"url": "https://bugzilla.suse.com/1117794"
},
{
"category": "self",
"summary": "SUSE Bug 1117795",
"url": "https://bugzilla.suse.com/1117795"
},
{
"category": "self",
"summary": "SUSE Bug 1117796",
"url": "https://bugzilla.suse.com/1117796"
},
{
"category": "self",
"summary": "SUSE Bug 1117798",
"url": "https://bugzilla.suse.com/1117798"
},
{
"category": "self",
"summary": "SUSE Bug 1117799",
"url": "https://bugzilla.suse.com/1117799"
},
{
"category": "self",
"summary": "SUSE Bug 1117801",
"url": "https://bugzilla.suse.com/1117801"
},
{
"category": "self",
"summary": "SUSE Bug 1117802",
"url": "https://bugzilla.suse.com/1117802"
},
{
"category": "self",
"summary": "SUSE Bug 1117803",
"url": "https://bugzilla.suse.com/1117803"
},
{
"category": "self",
"summary": "SUSE Bug 1117804",
"url": "https://bugzilla.suse.com/1117804"
},
{
"category": "self",
"summary": "SUSE Bug 1117805",
"url": "https://bugzilla.suse.com/1117805"
},
{
"category": "self",
"summary": "SUSE Bug 1117806",
"url": "https://bugzilla.suse.com/1117806"
},
{
"category": "self",
"summary": "SUSE Bug 1117807",
"url": "https://bugzilla.suse.com/1117807"
},
{
"category": "self",
"summary": "SUSE Bug 1117808",
"url": "https://bugzilla.suse.com/1117808"
},
{
"category": "self",
"summary": "SUSE Bug 1117815",
"url": "https://bugzilla.suse.com/1117815"
},
{
"category": "self",
"summary": "SUSE Bug 1117816",
"url": "https://bugzilla.suse.com/1117816"
},
{
"category": "self",
"summary": "SUSE Bug 1117817",
"url": "https://bugzilla.suse.com/1117817"
},
{
"category": "self",
"summary": "SUSE Bug 1117818",
"url": "https://bugzilla.suse.com/1117818"
},
{
"category": "self",
"summary": "SUSE Bug 1117819",
"url": "https://bugzilla.suse.com/1117819"
},
{
"category": "self",
"summary": "SUSE Bug 1117820",
"url": "https://bugzilla.suse.com/1117820"
},
{
"category": "self",
"summary": "SUSE Bug 1117821",
"url": "https://bugzilla.suse.com/1117821"
},
{
"category": "self",
"summary": "SUSE Bug 1117822",
"url": "https://bugzilla.suse.com/1117822"
},
{
"category": "self",
"summary": "SUSE Bug 1117953",
"url": "https://bugzilla.suse.com/1117953"
},
{
"category": "self",
"summary": "SUSE Bug 1118102",
"url": "https://bugzilla.suse.com/1118102"
},
{
"category": "self",
"summary": "SUSE Bug 1118136",
"url": "https://bugzilla.suse.com/1118136"
},
{
"category": "self",
"summary": "SUSE Bug 1118137",
"url": "https://bugzilla.suse.com/1118137"
},
{
"category": "self",
"summary": "SUSE Bug 1118138",
"url": "https://bugzilla.suse.com/1118138"
},
{
"category": "self",
"summary": "SUSE Bug 1118140",
"url": "https://bugzilla.suse.com/1118140"
},
{
"category": "self",
"summary": "SUSE Bug 1118152",
"url": "https://bugzilla.suse.com/1118152"
},
{
"category": "self",
"summary": "SUSE Bug 1118215",
"url": "https://bugzilla.suse.com/1118215"
},
{
"category": "self",
"summary": "SUSE Bug 1118316",
"url": "https://bugzilla.suse.com/1118316"
},
{
"category": "self",
"summary": "SUSE Bug 1118319",
"url": "https://bugzilla.suse.com/1118319"
},
{
"category": "self",
"summary": "SUSE Bug 1118428",
"url": "https://bugzilla.suse.com/1118428"
},
{
"category": "self",
"summary": "SUSE Bug 1118484",
"url": "https://bugzilla.suse.com/1118484"
},
{
"category": "self",
"summary": "SUSE Bug 1118505",
"url": "https://bugzilla.suse.com/1118505"
},
{
"category": "self",
"summary": "SUSE Bug 1118752",
"url": "https://bugzilla.suse.com/1118752"
},
{
"category": "self",
"summary": "SUSE Bug 1118760",
"url": "https://bugzilla.suse.com/1118760"
},
{
"category": "self",
"summary": "SUSE Bug 1118761",
"url": "https://bugzilla.suse.com/1118761"
},
{
"category": "self",
"summary": "SUSE Bug 1118762",
"url": "https://bugzilla.suse.com/1118762"
},
{
"category": "self",
"summary": "SUSE Bug 1118766",
"url": "https://bugzilla.suse.com/1118766"
},
{
"category": "self",
"summary": "SUSE Bug 1118767",
"url": "https://bugzilla.suse.com/1118767"
},
{
"category": "self",
"summary": "SUSE Bug 1118768",
"url": "https://bugzilla.suse.com/1118768"
},
{
"category": "self",
"summary": "SUSE Bug 1118769",
"url": "https://bugzilla.suse.com/1118769"
},
{
"category": "self",
"summary": "SUSE Bug 1118771",
"url": "https://bugzilla.suse.com/1118771"
},
{
"category": "self",
"summary": "SUSE Bug 1118772",
"url": "https://bugzilla.suse.com/1118772"
},
{
"category": "self",
"summary": "SUSE Bug 1118773",
"url": "https://bugzilla.suse.com/1118773"
},
{
"category": "self",
"summary": "SUSE Bug 1118774",
"url": "https://bugzilla.suse.com/1118774"
},
{
"category": "self",
"summary": "SUSE Bug 1118775",
"url": "https://bugzilla.suse.com/1118775"
},
{
"category": "self",
"summary": "SUSE Bug 1118798",
"url": "https://bugzilla.suse.com/1118798"
},
{
"category": "self",
"summary": "SUSE Bug 1118809",
"url": "https://bugzilla.suse.com/1118809"
},
{
"category": "self",
"summary": "SUSE Bug 1118962",
"url": "https://bugzilla.suse.com/1118962"
},
{
"category": "self",
"summary": "SUSE Bug 1119017",
"url": "https://bugzilla.suse.com/1119017"
},
{
"category": "self",
"summary": "SUSE Bug 1119086",
"url": "https://bugzilla.suse.com/1119086"
},
{
"category": "self",
"summary": "SUSE Bug 1119212",
"url": "https://bugzilla.suse.com/1119212"
},
{
"category": "self",
"summary": "SUSE Bug 1119322",
"url": "https://bugzilla.suse.com/1119322"
},
{
"category": "self",
"summary": "SUSE Bug 1119410",
"url": "https://bugzilla.suse.com/1119410"
},
{
"category": "self",
"summary": "SUSE Bug 1119714",
"url": "https://bugzilla.suse.com/1119714"
},
{
"category": "self",
"summary": "SUSE Bug 1119749",
"url": "https://bugzilla.suse.com/1119749"
},
{
"category": "self",
"summary": "SUSE Bug 1119804",
"url": "https://bugzilla.suse.com/1119804"
},
{
"category": "self",
"summary": "SUSE Bug 1119946",
"url": "https://bugzilla.suse.com/1119946"
},
{
"category": "self",
"summary": "SUSE Bug 1119962",
"url": "https://bugzilla.suse.com/1119962"
},
{
"category": "self",
"summary": "SUSE Bug 1119968",
"url": "https://bugzilla.suse.com/1119968"
},
{
"category": "self",
"summary": "SUSE Bug 1120036",
"url": "https://bugzilla.suse.com/1120036"
},
{
"category": "self",
"summary": "SUSE Bug 1120046",
"url": "https://bugzilla.suse.com/1120046"
},
{
"category": "self",
"summary": "SUSE Bug 1120053",
"url": "https://bugzilla.suse.com/1120053"
},
{
"category": "self",
"summary": "SUSE Bug 1120054",
"url": "https://bugzilla.suse.com/1120054"
},
{
"category": "self",
"summary": "SUSE Bug 1120055",
"url": "https://bugzilla.suse.com/1120055"
},
{
"category": "self",
"summary": "SUSE Bug 1120058",
"url": "https://bugzilla.suse.com/1120058"
},
{
"category": "self",
"summary": "SUSE Bug 1120088",
"url": "https://bugzilla.suse.com/1120088"
},
{
"category": "self",
"summary": "SUSE Bug 1120092",
"url": "https://bugzilla.suse.com/1120092"
},
{
"category": "self",
"summary": "SUSE Bug 1120094",
"url": "https://bugzilla.suse.com/1120094"
},
{
"category": "self",
"summary": "SUSE Bug 1120096",
"url": "https://bugzilla.suse.com/1120096"
},
{
"category": "self",
"summary": "SUSE Bug 1120097",
"url": "https://bugzilla.suse.com/1120097"
},
{
"category": "self",
"summary": "SUSE Bug 1120173",
"url": "https://bugzilla.suse.com/1120173"
},
{
"category": "self",
"summary": "SUSE Bug 1120214",
"url": "https://bugzilla.suse.com/1120214"
},
{
"category": "self",
"summary": "SUSE Bug 1120223",
"url": "https://bugzilla.suse.com/1120223"
},
{
"category": "self",
"summary": "SUSE Bug 1120228",
"url": "https://bugzilla.suse.com/1120228"
},
{
"category": "self",
"summary": "SUSE Bug 1120230",
"url": "https://bugzilla.suse.com/1120230"
},
{
"category": "self",
"summary": "SUSE Bug 1120232",
"url": "https://bugzilla.suse.com/1120232"
},
{
"category": "self",
"summary": "SUSE Bug 1120234",
"url": "https://bugzilla.suse.com/1120234"
},
{
"category": "self",
"summary": "SUSE Bug 1120235",
"url": "https://bugzilla.suse.com/1120235"
},
{
"category": "self",
"summary": "SUSE Bug 1120238",
"url": "https://bugzilla.suse.com/1120238"
},
{
"category": "self",
"summary": "SUSE Bug 1120594",
"url": "https://bugzilla.suse.com/1120594"
},
{
"category": "self",
"summary": "SUSE Bug 1120598",
"url": "https://bugzilla.suse.com/1120598"
},
{
"category": "self",
"summary": "SUSE Bug 1120600",
"url": "https://bugzilla.suse.com/1120600"
},
{
"category": "self",
"summary": "SUSE Bug 1120601",
"url": "https://bugzilla.suse.com/1120601"
},
{
"category": "self",
"summary": "SUSE Bug 1120602",
"url": "https://bugzilla.suse.com/1120602"
},
{
"category": "self",
"summary": "SUSE Bug 1120603",
"url": "https://bugzilla.suse.com/1120603"
},
{
"category": "self",
"summary": "SUSE Bug 1120604",
"url": "https://bugzilla.suse.com/1120604"
},
{
"category": "self",
"summary": "SUSE Bug 1120606",
"url": "https://bugzilla.suse.com/1120606"
},
{
"category": "self",
"summary": "SUSE Bug 1120612",
"url": "https://bugzilla.suse.com/1120612"
},
{
"category": "self",
"summary": "SUSE Bug 1120613",
"url": "https://bugzilla.suse.com/1120613"
},
{
"category": "self",
"summary": "SUSE Bug 1120614",
"url": "https://bugzilla.suse.com/1120614"
},
{
"category": "self",
"summary": "SUSE Bug 1120615",
"url": "https://bugzilla.suse.com/1120615"
},
{
"category": "self",
"summary": "SUSE Bug 1120616",
"url": "https://bugzilla.suse.com/1120616"
},
{
"category": "self",
"summary": "SUSE Bug 1120617",
"url": "https://bugzilla.suse.com/1120617"
},
{
"category": "self",
"summary": "SUSE Bug 1120618",
"url": "https://bugzilla.suse.com/1120618"
},
{
"category": "self",
"summary": "SUSE Bug 1120620",
"url": "https://bugzilla.suse.com/1120620"
},
{
"category": "self",
"summary": "SUSE Bug 1120621",
"url": "https://bugzilla.suse.com/1120621"
},
{
"category": "self",
"summary": "SUSE Bug 1120632",
"url": "https://bugzilla.suse.com/1120632"
},
{
"category": "self",
"summary": "SUSE Bug 1120633",
"url": "https://bugzilla.suse.com/1120633"
},
{
"category": "self",
"summary": "SUSE Bug 1120743",
"url": "https://bugzilla.suse.com/1120743"
},
{
"category": "self",
"summary": "SUSE Bug 1120954",
"url": "https://bugzilla.suse.com/1120954"
},
{
"category": "self",
"summary": "SUSE Bug 1121017",
"url": "https://bugzilla.suse.com/1121017"
},
{
"category": "self",
"summary": "SUSE Bug 1121058",
"url": "https://bugzilla.suse.com/1121058"
},
{
"category": "self",
"summary": "SUSE Bug 1121263",
"url": "https://bugzilla.suse.com/1121263"
},
{
"category": "self",
"summary": "SUSE Bug 1121273",
"url": "https://bugzilla.suse.com/1121273"
},
{
"category": "self",
"summary": "SUSE Bug 1121477",
"url": "https://bugzilla.suse.com/1121477"
},
{
"category": "self",
"summary": "SUSE Bug 1121483",
"url": "https://bugzilla.suse.com/1121483"
},
{
"category": "self",
"summary": "SUSE Bug 1121599",
"url": "https://bugzilla.suse.com/1121599"
},
{
"category": "self",
"summary": "SUSE Bug 1121621",
"url": "https://bugzilla.suse.com/1121621"
},
{
"category": "self",
"summary": "SUSE Bug 1121714",
"url": "https://bugzilla.suse.com/1121714"
},
{
"category": "self",
"summary": "SUSE Bug 1121715",
"url": "https://bugzilla.suse.com/1121715"
},
{
"category": "self",
"summary": "SUSE Bug 1121973",
"url": "https://bugzilla.suse.com/1121973"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2018-12232 page",
"url": "https://www.suse.com/security/cve/CVE-2018-12232/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2018-14625 page",
"url": "https://www.suse.com/security/cve/CVE-2018-14625/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2018-16862 page",
"url": "https://www.suse.com/security/cve/CVE-2018-16862/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2018-16884 page",
"url": "https://www.suse.com/security/cve/CVE-2018-16884/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2018-18281 page",
"url": "https://www.suse.com/security/cve/CVE-2018-18281/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2018-18397 page",
"url": "https://www.suse.com/security/cve/CVE-2018-18397/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2018-18710 page",
"url": "https://www.suse.com/security/cve/CVE-2018-18710/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2018-19407 page",
"url": "https://www.suse.com/security/cve/CVE-2018-19407/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2018-19824 page",
"url": "https://www.suse.com/security/cve/CVE-2018-19824/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2018-19854 page",
"url": "https://www.suse.com/security/cve/CVE-2018-19854/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2018-19985 page",
"url": "https://www.suse.com/security/cve/CVE-2018-19985/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2018-20169 page",
"url": "https://www.suse.com/security/cve/CVE-2018-20169/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2018-9568 page",
"url": "https://www.suse.com/security/cve/CVE-2018-9568/"
}
],
"title": "Security update for the Linux Kernel",
"tracking": {
"current_release_date": "2019-02-01T18:55:03Z",
"generator": {
"date": "2019-02-01T18:55:03Z",
"engine": {
"name": "cve-database.git:bin/generate-csaf.pl",
"version": "1"
}
},
"id": "SUSE-SU-2019:0224-1",
"initial_release_date": "2019-02-01T18:55:03Z",
"revision_history": [
{
"date": "2019-02-01T18:55:03Z",
"number": "1",
"summary": "Current version"
}
],
"status": "final",
"version": "1"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_version",
"name": "cluster-md-kmp-default-4.12.14-25.28.1.aarch64",
"product": {
"name": "cluster-md-kmp-default-4.12.14-25.28.1.aarch64",
"product_id": "cluster-md-kmp-default-4.12.14-25.28.1.aarch64"
}
},
{
"category": "product_version",
"name": "dlm-kmp-default-4.12.14-25.28.1.aarch64",
"product": {
"name": "dlm-kmp-default-4.12.14-25.28.1.aarch64",
"product_id": "dlm-kmp-default-4.12.14-25.28.1.aarch64"
}
},
{
"category": "product_version",
"name": "dtb-al-4.12.14-25.28.1.aarch64",
"product": {
"name": "dtb-al-4.12.14-25.28.1.aarch64",
"product_id": "dtb-al-4.12.14-25.28.1.aarch64"
}
},
{
"category": "product_version",
"name": "dtb-allwinner-4.12.14-25.28.1.aarch64",
"product": {
"name": "dtb-allwinner-4.12.14-25.28.1.aarch64",
"product_id": "dtb-allwinner-4.12.14-25.28.1.aarch64"
}
},
{
"category": "product_version",
"name": "dtb-altera-4.12.14-25.28.1.aarch64",
"product": {
"name": "dtb-altera-4.12.14-25.28.1.aarch64",
"product_id": "dtb-altera-4.12.14-25.28.1.aarch64"
}
},
{
"category": "product_version",
"name": "dtb-amd-4.12.14-25.28.1.aarch64",
"product": {
"name": "dtb-amd-4.12.14-25.28.1.aarch64",
"product_id": "dtb-amd-4.12.14-25.28.1.aarch64"
}
},
{
"category": "product_version",
"name": "dtb-amlogic-4.12.14-25.28.1.aarch64",
"product": {
"name": "dtb-amlogic-4.12.14-25.28.1.aarch64",
"product_id": "dtb-amlogic-4.12.14-25.28.1.aarch64"
}
},
{
"category": "product_version",
"name": "dtb-apm-4.12.14-25.28.1.aarch64",
"product": {
"name": "dtb-apm-4.12.14-25.28.1.aarch64",
"product_id": "dtb-apm-4.12.14-25.28.1.aarch64"
}
},
{
"category": "product_version",
"name": "dtb-arm-4.12.14-25.28.1.aarch64",
"product": {
"name": "dtb-arm-4.12.14-25.28.1.aarch64",
"product_id": "dtb-arm-4.12.14-25.28.1.aarch64"
}
},
{
"category": "product_version",
"name": "dtb-broadcom-4.12.14-25.28.1.aarch64",
"product": {
"name": "dtb-broadcom-4.12.14-25.28.1.aarch64",
"product_id": "dtb-broadcom-4.12.14-25.28.1.aarch64"
}
},
{
"category": "product_version",
"name": "dtb-cavium-4.12.14-25.28.1.aarch64",
"product": {
"name": "dtb-cavium-4.12.14-25.28.1.aarch64",
"product_id": "dtb-cavium-4.12.14-25.28.1.aarch64"
}
},
{
"category": "product_version",
"name": "dtb-exynos-4.12.14-25.28.1.aarch64",
"product": {
"name": "dtb-exynos-4.12.14-25.28.1.aarch64",
"product_id": "dtb-exynos-4.12.14-25.28.1.aarch64"
}
},
{
"category": "product_version",
"name": "dtb-freescale-4.12.14-25.28.1.aarch64",
"product": {
"name": "dtb-freescale-4.12.14-25.28.1.aarch64",
"product_id": "dtb-freescale-4.12.14-25.28.1.aarch64"
}
},
{
"category": "product_version",
"name": "dtb-hisilicon-4.12.14-25.28.1.aarch64",
"product": {
"name": "dtb-hisilicon-4.12.14-25.28.1.aarch64",
"product_id": "dtb-hisilicon-4.12.14-25.28.1.aarch64"
}
},
{
"category": "product_version",
"name": "dtb-lg-4.12.14-25.28.1.aarch64",
"product": {
"name": "dtb-lg-4.12.14-25.28.1.aarch64",
"product_id": "dtb-lg-4.12.14-25.28.1.aarch64"
}
},
{
"category": "product_version",
"name": "dtb-marvell-4.12.14-25.28.1.aarch64",
"product": {
"name": "dtb-marvell-4.12.14-25.28.1.aarch64",
"product_id": "dtb-marvell-4.12.14-25.28.1.aarch64"
}
},
{
"category": "product_version",
"name": "dtb-mediatek-4.12.14-25.28.1.aarch64",
"product": {
"name": "dtb-mediatek-4.12.14-25.28.1.aarch64",
"product_id": "dtb-mediatek-4.12.14-25.28.1.aarch64"
}
},
{
"category": "product_version",
"name": "dtb-nvidia-4.12.14-25.28.1.aarch64",
"product": {
"name": "dtb-nvidia-4.12.14-25.28.1.aarch64",
"product_id": "dtb-nvidia-4.12.14-25.28.1.aarch64"
}
},
{
"category": "product_version",
"name": "dtb-qcom-4.12.14-25.28.1.aarch64",
"product": {
"name": "dtb-qcom-4.12.14-25.28.1.aarch64",
"product_id": "dtb-qcom-4.12.14-25.28.1.aarch64"
}
},
{
"category": "product_version",
"name": "dtb-renesas-4.12.14-25.28.1.aarch64",
"product": {
"name": "dtb-renesas-4.12.14-25.28.1.aarch64",
"product_id": "dtb-renesas-4.12.14-25.28.1.aarch64"
}
},
{
"category": "product_version",
"name": "dtb-rockchip-4.12.14-25.28.1.aarch64",
"product": {
"name": "dtb-rockchip-4.12.14-25.28.1.aarch64",
"product_id": "dtb-rockchip-4.12.14-25.28.1.aarch64"
}
},
{
"category": "product_version",
"name": "dtb-socionext-4.12.14-25.28.1.aarch64",
"product": {
"name": "dtb-socionext-4.12.14-25.28.1.aarch64",
"product_id": "dtb-socionext-4.12.14-25.28.1.aarch64"
}
},
{
"category": "product_version",
"name": "dtb-sprd-4.12.14-25.28.1.aarch64",
"product": {
"name": "dtb-sprd-4.12.14-25.28.1.aarch64",
"product_id": "dtb-sprd-4.12.14-25.28.1.aarch64"
}
},
{
"category": "product_version",
"name": "dtb-xilinx-4.12.14-25.28.1.aarch64",
"product": {
"name": "dtb-xilinx-4.12.14-25.28.1.aarch64",
"product_id": "dtb-xilinx-4.12.14-25.28.1.aarch64"
}
},
{
"category": "product_version",
"name": "dtb-zte-4.12.14-25.28.1.aarch64",
"product": {
"name": "dtb-zte-4.12.14-25.28.1.aarch64",
"product_id": "dtb-zte-4.12.14-25.28.1.aarch64"
}
},
{
"category": "product_version",
"name": "gfs2-kmp-default-4.12.14-25.28.1.aarch64",
"product": {
"name": "gfs2-kmp-default-4.12.14-25.28.1.aarch64",
"product_id": "gfs2-kmp-default-4.12.14-25.28.1.aarch64"
}
},
{
"category": "product_version",
"name": "kernel-default-4.12.14-25.28.1.aarch64",
"product": {
"name": "kernel-default-4.12.14-25.28.1.aarch64",
"product_id": "kernel-default-4.12.14-25.28.1.aarch64"
}
},
{
"category": "product_version",
"name": "kernel-default-base-4.12.14-25.28.1.aarch64",
"product": {
"name": "kernel-default-base-4.12.14-25.28.1.aarch64",
"product_id": "kernel-default-base-4.12.14-25.28.1.aarch64"
}
},
{
"category": "product_version",
"name": "kernel-default-devel-4.12.14-25.28.1.aarch64",
"product": {
"name": "kernel-default-devel-4.12.14-25.28.1.aarch64",
"product_id": "kernel-default-devel-4.12.14-25.28.1.aarch64"
}
},
{
"category": "product_version",
"name": "kernel-default-extra-4.12.14-25.28.1.aarch64",
"product": {
"name": "kernel-default-extra-4.12.14-25.28.1.aarch64",
"product_id": "kernel-default-extra-4.12.14-25.28.1.aarch64"
}
},
{
"category": "product_version",
"name": "kernel-default-livepatch-4.12.14-25.28.1.aarch64",
"product": {
"name": "kernel-default-livepatch-4.12.14-25.28.1.aarch64",
"product_id": "kernel-default-livepatch-4.12.14-25.28.1.aarch64"
}
},
{
"category": "product_version",
"name": "kernel-obs-build-4.12.14-25.28.1.aarch64",
"product": {
"name": "kernel-obs-build-4.12.14-25.28.1.aarch64",
"product_id": "kernel-obs-build-4.12.14-25.28.1.aarch64"
}
},
{
"category": "product_version",
"name": "kernel-obs-qa-4.12.14-25.28.1.aarch64",
"product": {
"name": "kernel-obs-qa-4.12.14-25.28.1.aarch64",
"product_id": "kernel-obs-qa-4.12.14-25.28.1.aarch64"
}
},
{
"category": "product_version",
"name": "kernel-syms-4.12.14-25.28.1.aarch64",
"product": {
"name": "kernel-syms-4.12.14-25.28.1.aarch64",
"product_id": "kernel-syms-4.12.14-25.28.1.aarch64"
}
},
{
"category": "product_version",
"name": "kernel-vanilla-4.12.14-25.28.1.aarch64",
"product": {
"name": "kernel-vanilla-4.12.14-25.28.1.aarch64",
"product_id": "kernel-vanilla-4.12.14-25.28.1.aarch64"
}
},
{
"category": "product_version",
"name": "kernel-vanilla-base-4.12.14-25.28.1.aarch64",
"product": {
"name": "kernel-vanilla-base-4.12.14-25.28.1.aarch64",
"product_id": "kernel-vanilla-base-4.12.14-25.28.1.aarch64"
}
},
{
"category": "product_version",
"name": "kernel-vanilla-devel-4.12.14-25.28.1.aarch64",
"product": {
"name": "kernel-vanilla-devel-4.12.14-25.28.1.aarch64",
"product_id": "kernel-vanilla-devel-4.12.14-25.28.1.aarch64"
}
},
{
"category": "product_version",
"name": "kselftests-kmp-default-4.12.14-25.28.1.aarch64",
"product": {
"name": "kselftests-kmp-default-4.12.14-25.28.1.aarch64",
"product_id": "kselftests-kmp-default-4.12.14-25.28.1.aarch64"
}
},
{
"category": "product_version",
"name": "ocfs2-kmp-default-4.12.14-25.28.1.aarch64",
"product": {
"name": "ocfs2-kmp-default-4.12.14-25.28.1.aarch64",
"product_id": "ocfs2-kmp-default-4.12.14-25.28.1.aarch64"
}
},
{
"category": "product_version",
"name": "reiserfs-kmp-default-4.12.14-25.28.1.aarch64",
"product": {
"name": "reiserfs-kmp-default-4.12.14-25.28.1.aarch64",
"product_id": "reiserfs-kmp-default-4.12.14-25.28.1.aarch64"
}
}
],
"category": "architecture",
"name": "aarch64"
},
{
"branches": [
{
"category": "product_version",
"name": "kernel-devel-4.12.14-25.28.1.noarch",
"product": {
"name": "kernel-devel-4.12.14-25.28.1.noarch",
"product_id": "kernel-devel-4.12.14-25.28.1.noarch"
}
},
{
"category": "product_version",
"name": "kernel-docs-4.12.14-25.28.1.noarch",
"product": {
"name": "kernel-docs-4.12.14-25.28.1.noarch",
"product_id": "kernel-docs-4.12.14-25.28.1.noarch"
}
},
{
"category": "product_version",
"name": "kernel-docs-html-4.12.14-25.28.1.noarch",
"product": {
"name": "kernel-docs-html-4.12.14-25.28.1.noarch",
"product_id": "kernel-docs-html-4.12.14-25.28.1.noarch"
}
},
{
"category": "product_version",
"name": "kernel-macros-4.12.14-25.28.1.noarch",
"product": {
"name": "kernel-macros-4.12.14-25.28.1.noarch",
"product_id": "kernel-macros-4.12.14-25.28.1.noarch"
}
},
{
"category": "product_version",
"name": "kernel-source-4.12.14-25.28.1.noarch",
"product": {
"name": "kernel-source-4.12.14-25.28.1.noarch",
"product_id": "kernel-source-4.12.14-25.28.1.noarch"
}
},
{
"category": "product_version",
"name": "kernel-source-vanilla-4.12.14-25.28.1.noarch",
"product": {
"name": "kernel-source-vanilla-4.12.14-25.28.1.noarch",
"product_id": "kernel-source-vanilla-4.12.14-25.28.1.noarch"
}
}
],
"category": "architecture",
"name": "noarch"
},
{
"branches": [
{
"category": "product_version",
"name": "cluster-md-kmp-debug-4.12.14-25.28.1.ppc64le",
"product": {
"name": "cluster-md-kmp-debug-4.12.14-25.28.1.ppc64le",
"product_id": "cluster-md-kmp-debug-4.12.14-25.28.1.ppc64le"
}
},
{
"category": "product_version",
"name": "cluster-md-kmp-default-4.12.14-25.28.1.ppc64le",
"product": {
"name": "cluster-md-kmp-default-4.12.14-25.28.1.ppc64le",
"product_id": "cluster-md-kmp-default-4.12.14-25.28.1.ppc64le"
}
},
{
"category": "product_version",
"name": "dlm-kmp-debug-4.12.14-25.28.1.ppc64le",
"product": {
"name": "dlm-kmp-debug-4.12.14-25.28.1.ppc64le",
"product_id": "dlm-kmp-debug-4.12.14-25.28.1.ppc64le"
}
},
{
"category": "product_version",
"name": "dlm-kmp-default-4.12.14-25.28.1.ppc64le",
"product": {
"name": "dlm-kmp-default-4.12.14-25.28.1.ppc64le",
"product_id": "dlm-kmp-default-4.12.14-25.28.1.ppc64le"
}
},
{
"category": "product_version",
"name": "gfs2-kmp-debug-4.12.14-25.28.1.ppc64le",
"product": {
"name": "gfs2-kmp-debug-4.12.14-25.28.1.ppc64le",
"product_id": "gfs2-kmp-debug-4.12.14-25.28.1.ppc64le"
}
},
{
"category": "product_version",
"name": "gfs2-kmp-default-4.12.14-25.28.1.ppc64le",
"product": {
"name": "gfs2-kmp-default-4.12.14-25.28.1.ppc64le",
"product_id": "gfs2-kmp-default-4.12.14-25.28.1.ppc64le"
}
},
{
"category": "product_version",
"name": "kernel-debug-4.12.14-25.28.1.ppc64le",
"product": {
"name": "kernel-debug-4.12.14-25.28.1.ppc64le",
"product_id": "kernel-debug-4.12.14-25.28.1.ppc64le"
}
},
{
"category": "product_version",
"name": "kernel-debug-base-4.12.14-25.28.1.ppc64le",
"product": {
"name": "kernel-debug-base-4.12.14-25.28.1.ppc64le",
"product_id": "kernel-debug-base-4.12.14-25.28.1.ppc64le"
}
},
{
"category": "product_version",
"name": "kernel-debug-devel-4.12.14-25.28.1.ppc64le",
"product": {
"name": "kernel-debug-devel-4.12.14-25.28.1.ppc64le",
"product_id": "kernel-debug-devel-4.12.14-25.28.1.ppc64le"
}
},
{
"category": "product_version",
"name": "kernel-debug-extra-4.12.14-25.28.1.ppc64le",
"product": {
"name": "kernel-debug-extra-4.12.14-25.28.1.ppc64le",
"product_id": "kernel-debug-extra-4.12.14-25.28.1.ppc64le"
}
},
{
"category": "product_version",
"name": "kernel-debug-livepatch-4.12.14-25.28.1.ppc64le",
"product": {
"name": "kernel-debug-livepatch-4.12.14-25.28.1.ppc64le",
"product_id": "kernel-debug-livepatch-4.12.14-25.28.1.ppc64le"
}
},
{
"category": "product_version",
"name": "kernel-default-4.12.14-25.28.1.ppc64le",
"product": {
"name": "kernel-default-4.12.14-25.28.1.ppc64le",
"product_id": "kernel-default-4.12.14-25.28.1.ppc64le"
}
},
{
"category": "product_version",
"name": "kernel-default-base-4.12.14-25.28.1.ppc64le",
"product": {
"name": "kernel-default-base-4.12.14-25.28.1.ppc64le",
"product_id": "kernel-default-base-4.12.14-25.28.1.ppc64le"
}
},
{
"category": "product_version",
"name": "kernel-default-devel-4.12.14-25.28.1.ppc64le",
"product": {
"name": "kernel-default-devel-4.12.14-25.28.1.ppc64le",
"product_id": "kernel-default-devel-4.12.14-25.28.1.ppc64le"
}
},
{
"category": "product_version",
"name": "kernel-default-extra-4.12.14-25.28.1.ppc64le",
"product": {
"name": "kernel-default-extra-4.12.14-25.28.1.ppc64le",
"product_id": "kernel-default-extra-4.12.14-25.28.1.ppc64le"
}
},
{
"category": "product_version",
"name": "kernel-default-livepatch-4.12.14-25.28.1.ppc64le",
"product": {
"name": "kernel-default-livepatch-4.12.14-25.28.1.ppc64le",
"product_id": "kernel-default-livepatch-4.12.14-25.28.1.ppc64le"
}
},
{
"category": "product_version",
"name": "kernel-livepatch-4_12_14-25_28-default-1-1.3.1.ppc64le",
"product": {
"name": "kernel-livepatch-4_12_14-25_28-default-1-1.3.1.ppc64le",
"product_id": "kernel-livepatch-4_12_14-25_28-default-1-1.3.1.ppc64le"
}
},
{
"category": "product_version",
"name": "kernel-obs-build-4.12.14-25.28.1.ppc64le",
"product": {
"name": "kernel-obs-build-4.12.14-25.28.1.ppc64le",
"product_id": "kernel-obs-build-4.12.14-25.28.1.ppc64le"
}
},
{
"category": "product_version",
"name": "kernel-obs-qa-4.12.14-25.28.1.ppc64le",
"product": {
"name": "kernel-obs-qa-4.12.14-25.28.1.ppc64le",
"product_id": "kernel-obs-qa-4.12.14-25.28.1.ppc64le"
}
},
{
"category": "product_version",
"name": "kernel-syms-4.12.14-25.28.1.ppc64le",
"product": {
"name": "kernel-syms-4.12.14-25.28.1.ppc64le",
"product_id": "kernel-syms-4.12.14-25.28.1.ppc64le"
}
},
{
"category": "product_version",
"name": "kernel-vanilla-4.12.14-25.28.1.ppc64le",
"product": {
"name": "kernel-vanilla-4.12.14-25.28.1.ppc64le",
"product_id": "kernel-vanilla-4.12.14-25.28.1.ppc64le"
}
},
{
"category": "product_version",
"name": "kernel-vanilla-base-4.12.14-25.28.1.ppc64le",
"product": {
"name": "kernel-vanilla-base-4.12.14-25.28.1.ppc64le",
"product_id": "kernel-vanilla-base-4.12.14-25.28.1.ppc64le"
}
},
{
"category": "product_version",
"name": "kernel-vanilla-devel-4.12.14-25.28.1.ppc64le",
"product": {
"name": "kernel-vanilla-devel-4.12.14-25.28.1.ppc64le",
"product_id": "kernel-vanilla-devel-4.12.14-25.28.1.ppc64le"
}
},
{
"category": "product_version",
"name": "kselftests-kmp-debug-4.12.14-25.28.1.ppc64le",
"product": {
"name": "kselftests-kmp-debug-4.12.14-25.28.1.ppc64le",
"product_id": "kselftests-kmp-debug-4.12.14-25.28.1.ppc64le"
}
},
{
"category": "product_version",
"name": "kselftests-kmp-default-4.12.14-25.28.1.ppc64le",
"product": {
"name": "kselftests-kmp-default-4.12.14-25.28.1.ppc64le",
"product_id": "kselftests-kmp-default-4.12.14-25.28.1.ppc64le"
}
},
{
"category": "product_version",
"name": "ocfs2-kmp-debug-4.12.14-25.28.1.ppc64le",
"product": {
"name": "ocfs2-kmp-debug-4.12.14-25.28.1.ppc64le",
"product_id": "ocfs2-kmp-debug-4.12.14-25.28.1.ppc64le"
}
},
{
"category": "product_version",
"name": "ocfs2-kmp-default-4.12.14-25.28.1.ppc64le",
"product": {
"name": "ocfs2-kmp-default-4.12.14-25.28.1.ppc64le",
"product_id": "ocfs2-kmp-default-4.12.14-25.28.1.ppc64le"
}
},
{
"category": "product_version",
"name": "reiserfs-kmp-debug-4.12.14-25.28.1.ppc64le",
"product": {
"name": "reiserfs-kmp-debug-4.12.14-25.28.1.ppc64le",
"product_id": "reiserfs-kmp-debug-4.12.14-25.28.1.ppc64le"
}
},
{
"category": "product_version",
"name": "reiserfs-kmp-default-4.12.14-25.28.1.ppc64le",
"product": {
"name": "reiserfs-kmp-default-4.12.14-25.28.1.ppc64le",
"product_id": "reiserfs-kmp-default-4.12.14-25.28.1.ppc64le"
}
}
],
"category": "architecture",
"name": "ppc64le"
},
{
"branches": [
{
"category": "product_version",
"name": "cluster-md-kmp-default-4.12.14-25.28.1.s390x",
"product": {
"name": "cluster-md-kmp-default-4.12.14-25.28.1.s390x",
"product_id": "cluster-md-kmp-default-4.12.14-25.28.1.s390x"
}
},
{
"category": "product_version",
"name": "dlm-kmp-default-4.12.14-25.28.1.s390x",
"product": {
"name": "dlm-kmp-default-4.12.14-25.28.1.s390x",
"product_id": "dlm-kmp-default-4.12.14-25.28.1.s390x"
}
},
{
"category": "product_version",
"name": "gfs2-kmp-default-4.12.14-25.28.1.s390x",
"product": {
"name": "gfs2-kmp-default-4.12.14-25.28.1.s390x",
"product_id": "gfs2-kmp-default-4.12.14-25.28.1.s390x"
}
},
{
"category": "product_version",
"name": "kernel-default-4.12.14-25.28.1.s390x",
"product": {
"name": "kernel-default-4.12.14-25.28.1.s390x",
"product_id": "kernel-default-4.12.14-25.28.1.s390x"
}
},
{
"category": "product_version",
"name": "kernel-default-base-4.12.14-25.28.1.s390x",
"product": {
"name": "kernel-default-base-4.12.14-25.28.1.s390x",
"product_id": "kernel-default-base-4.12.14-25.28.1.s390x"
}
},
{
"category": "product_version",
"name": "kernel-default-devel-4.12.14-25.28.1.s390x",
"product": {
"name": "kernel-default-devel-4.12.14-25.28.1.s390x",
"product_id": "kernel-default-devel-4.12.14-25.28.1.s390x"
}
},
{
"category": "product_version",
"name": "kernel-default-extra-4.12.14-25.28.1.s390x",
"product": {
"name": "kernel-default-extra-4.12.14-25.28.1.s390x",
"product_id": "kernel-default-extra-4.12.14-25.28.1.s390x"
}
},
{
"category": "product_version",
"name": "kernel-default-livepatch-4.12.14-25.28.1.s390x",
"product": {
"name": "kernel-default-livepatch-4.12.14-25.28.1.s390x",
"product_id": "kernel-default-livepatch-4.12.14-25.28.1.s390x"
}
},
{
"category": "product_version",
"name": "kernel-default-man-4.12.14-25.28.1.s390x",
"product": {
"name": "kernel-default-man-4.12.14-25.28.1.s390x",
"product_id": "kernel-default-man-4.12.14-25.28.1.s390x"
}
},
{
"category": "product_version",
"name": "kernel-obs-build-4.12.14-25.28.1.s390x",
"product": {
"name": "kernel-obs-build-4.12.14-25.28.1.s390x",
"product_id": "kernel-obs-build-4.12.14-25.28.1.s390x"
}
},
{
"category": "product_version",
"name": "kernel-obs-qa-4.12.14-25.28.1.s390x",
"product": {
"name": "kernel-obs-qa-4.12.14-25.28.1.s390x",
"product_id": "kernel-obs-qa-4.12.14-25.28.1.s390x"
}
},
{
"category": "product_version",
"name": "kernel-syms-4.12.14-25.28.1.s390x",
"product": {
"name": "kernel-syms-4.12.14-25.28.1.s390x",
"product_id": "kernel-syms-4.12.14-25.28.1.s390x"
}
},
{
"category": "product_version",
"name": "kernel-vanilla-4.12.14-25.28.1.s390x",
"product": {
"name": "kernel-vanilla-4.12.14-25.28.1.s390x",
"product_id": "kernel-vanilla-4.12.14-25.28.1.s390x"
}
},
{
"category": "product_version",
"name": "kernel-vanilla-base-4.12.14-25.28.1.s390x",
"product": {
"name": "kernel-vanilla-base-4.12.14-25.28.1.s390x",
"product_id": "kernel-vanilla-base-4.12.14-25.28.1.s390x"
}
},
{
"category": "product_version",
"name": "kernel-vanilla-devel-4.12.14-25.28.1.s390x",
"product": {
"name": "kernel-vanilla-devel-4.12.14-25.28.1.s390x",
"product_id": "kernel-vanilla-devel-4.12.14-25.28.1.s390x"
}
},
{
"category": "product_version",
"name": "kernel-zfcpdump-4.12.14-25.28.1.s390x",
"product": {
"name": "kernel-zfcpdump-4.12.14-25.28.1.s390x",
"product_id": "kernel-zfcpdump-4.12.14-25.28.1.s390x"
}
},
{
"category": "product_version",
"name": "kernel-zfcpdump-man-4.12.14-25.28.1.s390x",
"product": {
"name": "kernel-zfcpdump-man-4.12.14-25.28.1.s390x",
"product_id": "kernel-zfcpdump-man-4.12.14-25.28.1.s390x"
}
},
{
"category": "product_version",
"name": "kselftests-kmp-default-4.12.14-25.28.1.s390x",
"product": {
"name": "kselftests-kmp-default-4.12.14-25.28.1.s390x",
"product_id": "kselftests-kmp-default-4.12.14-25.28.1.s390x"
}
},
{
"category": "product_version",
"name": "ocfs2-kmp-default-4.12.14-25.28.1.s390x",
"product": {
"name": "ocfs2-kmp-default-4.12.14-25.28.1.s390x",
"product_id": "ocfs2-kmp-default-4.12.14-25.28.1.s390x"
}
},
{
"category": "product_version",
"name": "reiserfs-kmp-default-4.12.14-25.28.1.s390x",
"product": {
"name": "reiserfs-kmp-default-4.12.14-25.28.1.s390x",
"product_id": "reiserfs-kmp-default-4.12.14-25.28.1.s390x"
}
}
],
"category": "architecture",
"name": "s390x"
},
{
"branches": [
{
"category": "product_version",
"name": "cluster-md-kmp-debug-4.12.14-25.28.1.x86_64",
"product": {
"name": "cluster-md-kmp-debug-4.12.14-25.28.1.x86_64",
"product_id": "cluster-md-kmp-debug-4.12.14-25.28.1.x86_64"
}
},
{
"category": "product_version",
"name": "cluster-md-kmp-default-4.12.14-25.28.1.x86_64",
"product": {
"name": "cluster-md-kmp-default-4.12.14-25.28.1.x86_64",
"product_id": "cluster-md-kmp-default-4.12.14-25.28.1.x86_64"
}
},
{
"category": "product_version",
"name": "dlm-kmp-debug-4.12.14-25.28.1.x86_64",
"product": {
"name": "dlm-kmp-debug-4.12.14-25.28.1.x86_64",
"product_id": "dlm-kmp-debug-4.12.14-25.28.1.x86_64"
}
},
{
"category": "product_version",
"name": "dlm-kmp-default-4.12.14-25.28.1.x86_64",
"product": {
"name": "dlm-kmp-default-4.12.14-25.28.1.x86_64",
"product_id": "dlm-kmp-default-4.12.14-25.28.1.x86_64"
}
},
{
"category": "product_version",
"name": "gfs2-kmp-debug-4.12.14-25.28.1.x86_64",
"product": {
"name": "gfs2-kmp-debug-4.12.14-25.28.1.x86_64",
"product_id": "gfs2-kmp-debug-4.12.14-25.28.1.x86_64"
}
},
{
"category": "product_version",
"name": "gfs2-kmp-default-4.12.14-25.28.1.x86_64",
"product": {
"name": "gfs2-kmp-default-4.12.14-25.28.1.x86_64",
"product_id": "gfs2-kmp-default-4.12.14-25.28.1.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-debug-4.12.14-25.28.1.x86_64",
"product": {
"name": "kernel-debug-4.12.14-25.28.1.x86_64",
"product_id": "kernel-debug-4.12.14-25.28.1.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-debug-base-4.12.14-25.28.1.x86_64",
"product": {
"name": "kernel-debug-base-4.12.14-25.28.1.x86_64",
"product_id": "kernel-debug-base-4.12.14-25.28.1.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-debug-devel-4.12.14-25.28.1.x86_64",
"product": {
"name": "kernel-debug-devel-4.12.14-25.28.1.x86_64",
"product_id": "kernel-debug-devel-4.12.14-25.28.1.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-debug-extra-4.12.14-25.28.1.x86_64",
"product": {
"name": "kernel-debug-extra-4.12.14-25.28.1.x86_64",
"product_id": "kernel-debug-extra-4.12.14-25.28.1.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-debug-livepatch-4.12.14-25.28.1.x86_64",
"product": {
"name": "kernel-debug-livepatch-4.12.14-25.28.1.x86_64",
"product_id": "kernel-debug-livepatch-4.12.14-25.28.1.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-default-4.12.14-25.28.1.x86_64",
"product": {
"name": "kernel-default-4.12.14-25.28.1.x86_64",
"product_id": "kernel-default-4.12.14-25.28.1.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-default-base-4.12.14-25.28.1.x86_64",
"product": {
"name": "kernel-default-base-4.12.14-25.28.1.x86_64",
"product_id": "kernel-default-base-4.12.14-25.28.1.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-default-devel-4.12.14-25.28.1.x86_64",
"product": {
"name": "kernel-default-devel-4.12.14-25.28.1.x86_64",
"product_id": "kernel-default-devel-4.12.14-25.28.1.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-default-extra-4.12.14-25.28.1.x86_64",
"product": {
"name": "kernel-default-extra-4.12.14-25.28.1.x86_64",
"product_id": "kernel-default-extra-4.12.14-25.28.1.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-default-livepatch-4.12.14-25.28.1.x86_64",
"product": {
"name": "kernel-default-livepatch-4.12.14-25.28.1.x86_64",
"product_id": "kernel-default-livepatch-4.12.14-25.28.1.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-kvmsmall-4.12.14-25.28.1.x86_64",
"product": {
"name": "kernel-kvmsmall-4.12.14-25.28.1.x86_64",
"product_id": "kernel-kvmsmall-4.12.14-25.28.1.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-kvmsmall-base-4.12.14-25.28.1.x86_64",
"product": {
"name": "kernel-kvmsmall-base-4.12.14-25.28.1.x86_64",
"product_id": "kernel-kvmsmall-base-4.12.14-25.28.1.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-kvmsmall-devel-4.12.14-25.28.1.x86_64",
"product": {
"name": "kernel-kvmsmall-devel-4.12.14-25.28.1.x86_64",
"product_id": "kernel-kvmsmall-devel-4.12.14-25.28.1.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-livepatch-4_12_14-25_28-default-1-1.3.1.x86_64",
"product": {
"name": "kernel-livepatch-4_12_14-25_28-default-1-1.3.1.x86_64",
"product_id": "kernel-livepatch-4_12_14-25_28-default-1-1.3.1.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-obs-build-4.12.14-25.28.1.x86_64",
"product": {
"name": "kernel-obs-build-4.12.14-25.28.1.x86_64",
"product_id": "kernel-obs-build-4.12.14-25.28.1.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-obs-qa-4.12.14-25.28.1.x86_64",
"product": {
"name": "kernel-obs-qa-4.12.14-25.28.1.x86_64",
"product_id": "kernel-obs-qa-4.12.14-25.28.1.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-syms-4.12.14-25.28.1.x86_64",
"product": {
"name": "kernel-syms-4.12.14-25.28.1.x86_64",
"product_id": "kernel-syms-4.12.14-25.28.1.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-vanilla-4.12.14-25.28.1.x86_64",
"product": {
"name": "kernel-vanilla-4.12.14-25.28.1.x86_64",
"product_id": "kernel-vanilla-4.12.14-25.28.1.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-vanilla-base-4.12.14-25.28.1.x86_64",
"product": {
"name": "kernel-vanilla-base-4.12.14-25.28.1.x86_64",
"product_id": "kernel-vanilla-base-4.12.14-25.28.1.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-vanilla-devel-4.12.14-25.28.1.x86_64",
"product": {
"name": "kernel-vanilla-devel-4.12.14-25.28.1.x86_64",
"product_id": "kernel-vanilla-devel-4.12.14-25.28.1.x86_64"
}
},
{
"category": "product_version",
"name": "kselftests-kmp-debug-4.12.14-25.28.1.x86_64",
"product": {
"name": "kselftests-kmp-debug-4.12.14-25.28.1.x86_64",
"product_id": "kselftests-kmp-debug-4.12.14-25.28.1.x86_64"
}
},
{
"category": "product_version",
"name": "kselftests-kmp-default-4.12.14-25.28.1.x86_64",
"product": {
"name": "kselftests-kmp-default-4.12.14-25.28.1.x86_64",
"product_id": "kselftests-kmp-default-4.12.14-25.28.1.x86_64"
}
},
{
"category": "product_version",
"name": "ocfs2-kmp-debug-4.12.14-25.28.1.x86_64",
"product": {
"name": "ocfs2-kmp-debug-4.12.14-25.28.1.x86_64",
"product_id": "ocfs2-kmp-debug-4.12.14-25.28.1.x86_64"
}
},
{
"category": "product_version",
"name": "ocfs2-kmp-default-4.12.14-25.28.1.x86_64",
"product": {
"name": "ocfs2-kmp-default-4.12.14-25.28.1.x86_64",
"product_id": "ocfs2-kmp-default-4.12.14-25.28.1.x86_64"
}
},
{
"category": "product_version",
"name": "reiserfs-kmp-debug-4.12.14-25.28.1.x86_64",
"product": {
"name": "reiserfs-kmp-debug-4.12.14-25.28.1.x86_64",
"product_id": "reiserfs-kmp-debug-4.12.14-25.28.1.x86_64"
}
},
{
"category": "product_version",
"name": "reiserfs-kmp-default-4.12.14-25.28.1.x86_64",
"product": {
"name": "reiserfs-kmp-default-4.12.14-25.28.1.x86_64",
"product_id": "reiserfs-kmp-default-4.12.14-25.28.1.x86_64"
}
}
],
"category": "architecture",
"name": "x86_64"
},
{
"branches": [
{
"category": "product_name",
"name": "SUSE Linux Enterprise Module for Basesystem 15",
"product": {
"name": "SUSE Linux Enterprise Module for Basesystem 15",
"product_id": "SUSE Linux Enterprise Module for Basesystem 15",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sle-module-basesystem:15"
}
}
},
{
"category": "product_name",
"name": "SUSE Linux Enterprise Module for Development Tools 15",
"product": {
"name": "SUSE Linux Enterprise Module for Development Tools 15",
"product_id": "SUSE Linux Enterprise Module for Development Tools 15",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sle-module-development-tools:15"
}
}
},
{
"category": "product_name",
"name": "SUSE Linux Enterprise Module for Legacy 15",
"product": {
"name": "SUSE Linux Enterprise Module for Legacy 15",
"product_id": "SUSE Linux Enterprise Module for Legacy 15",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sle-module-legacy:15"
}
}
},
{
"category": "product_name",
"name": "SUSE Linux Enterprise Live Patching 15",
"product": {
"name": "SUSE Linux Enterprise Live Patching 15",
"product_id": "SUSE Linux Enterprise Live Patching 15",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sle-module-live-patching:15"
}
}
},
{
"category": "product_name",
"name": "SUSE Linux Enterprise High Availability Extension 15",
"product": {
"name": "SUSE Linux Enterprise High Availability Extension 15",
"product_id": "SUSE Linux Enterprise High Availability Extension 15",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sle-ha:15"
}
}
},
{
"category": "product_name",
"name": "SUSE Linux Enterprise Workstation Extension 15",
"product": {
"name": "SUSE Linux Enterprise Workstation Extension 15",
"product_id": "SUSE Linux Enterprise Workstation Extension 15",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sle-we:15"
}
}
}
],
"category": "product_family",
"name": "SUSE Linux Enterprise"
}
],
"category": "vendor",
"name": "SUSE"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-default-4.12.14-25.28.1.aarch64 as component of SUSE Linux Enterprise Module for Basesystem 15",
"product_id": "SUSE Linux Enterprise Module for Basesystem 15:kernel-default-4.12.14-25.28.1.aarch64"
},
"product_reference": "kernel-default-4.12.14-25.28.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Basesystem 15"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-default-4.12.14-25.28.1.ppc64le as component of SUSE Linux Enterprise Module for Basesystem 15",
"product_id": "SUSE Linux Enterprise Module for Basesystem 15:kernel-default-4.12.14-25.28.1.ppc64le"
},
"product_reference": "kernel-default-4.12.14-25.28.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Basesystem 15"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-default-4.12.14-25.28.1.s390x as component of SUSE Linux Enterprise Module for Basesystem 15",
"product_id": "SUSE Linux Enterprise Module for Basesystem 15:kernel-default-4.12.14-25.28.1.s390x"
},
"product_reference": "kernel-default-4.12.14-25.28.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Basesystem 15"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-default-4.12.14-25.28.1.x86_64 as component of SUSE Linux Enterprise Module for Basesystem 15",
"product_id": "SUSE Linux Enterprise Module for Basesystem 15:kernel-default-4.12.14-25.28.1.x86_64"
},
"product_reference": "kernel-default-4.12.14-25.28.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Basesystem 15"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-default-base-4.12.14-25.28.1.aarch64 as component of SUSE Linux Enterprise Module for Basesystem 15",
"product_id": "SUSE Linux Enterprise Module for Basesystem 15:kernel-default-base-4.12.14-25.28.1.aarch64"
},
"product_reference": "kernel-default-base-4.12.14-25.28.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Basesystem 15"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-default-base-4.12.14-25.28.1.ppc64le as component of SUSE Linux Enterprise Module for Basesystem 15",
"product_id": "SUSE Linux Enterprise Module for Basesystem 15:kernel-default-base-4.12.14-25.28.1.ppc64le"
},
"product_reference": "kernel-default-base-4.12.14-25.28.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Basesystem 15"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-default-base-4.12.14-25.28.1.s390x as component of SUSE Linux Enterprise Module for Basesystem 15",
"product_id": "SUSE Linux Enterprise Module for Basesystem 15:kernel-default-base-4.12.14-25.28.1.s390x"
},
"product_reference": "kernel-default-base-4.12.14-25.28.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Basesystem 15"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-default-base-4.12.14-25.28.1.x86_64 as component of SUSE Linux Enterprise Module for Basesystem 15",
"product_id": "SUSE Linux Enterprise Module for Basesystem 15:kernel-default-base-4.12.14-25.28.1.x86_64"
},
"product_reference": "kernel-default-base-4.12.14-25.28.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Basesystem 15"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-default-devel-4.12.14-25.28.1.aarch64 as component of SUSE Linux Enterprise Module for Basesystem 15",
"product_id": "SUSE Linux Enterprise Module for Basesystem 15:kernel-default-devel-4.12.14-25.28.1.aarch64"
},
"product_reference": "kernel-default-devel-4.12.14-25.28.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Basesystem 15"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-default-devel-4.12.14-25.28.1.ppc64le as component of SUSE Linux Enterprise Module for Basesystem 15",
"product_id": "SUSE Linux Enterprise Module for Basesystem 15:kernel-default-devel-4.12.14-25.28.1.ppc64le"
},
"product_reference": "kernel-default-devel-4.12.14-25.28.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Basesystem 15"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-default-devel-4.12.14-25.28.1.s390x as component of SUSE Linux Enterprise Module for Basesystem 15",
"product_id": "SUSE Linux Enterprise Module for Basesystem 15:kernel-default-devel-4.12.14-25.28.1.s390x"
},
"product_reference": "kernel-default-devel-4.12.14-25.28.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Basesystem 15"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-default-devel-4.12.14-25.28.1.x86_64 as component of SUSE Linux Enterprise Module for Basesystem 15",
"product_id": "SUSE Linux Enterprise Module for Basesystem 15:kernel-default-devel-4.12.14-25.28.1.x86_64"
},
"product_reference": "kernel-default-devel-4.12.14-25.28.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Basesystem 15"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-default-man-4.12.14-25.28.1.s390x as component of SUSE Linux Enterprise Module for Basesystem 15",
"product_id": "SUSE Linux Enterprise Module for Basesystem 15:kernel-default-man-4.12.14-25.28.1.s390x"
},
"product_reference": "kernel-default-man-4.12.14-25.28.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Basesystem 15"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-devel-4.12.14-25.28.1.noarch as component of SUSE Linux Enterprise Module for Basesystem 15",
"product_id": "SUSE Linux Enterprise Module for Basesystem 15:kernel-devel-4.12.14-25.28.1.noarch"
},
"product_reference": "kernel-devel-4.12.14-25.28.1.noarch",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Basesystem 15"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-macros-4.12.14-25.28.1.noarch as component of SUSE Linux Enterprise Module for Basesystem 15",
"product_id": "SUSE Linux Enterprise Module for Basesystem 15:kernel-macros-4.12.14-25.28.1.noarch"
},
"product_reference": "kernel-macros-4.12.14-25.28.1.noarch",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Basesystem 15"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-zfcpdump-4.12.14-25.28.1.s390x as component of SUSE Linux Enterprise Module for Basesystem 15",
"product_id": "SUSE Linux Enterprise Module for Basesystem 15:kernel-zfcpdump-4.12.14-25.28.1.s390x"
},
"product_reference": "kernel-zfcpdump-4.12.14-25.28.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Basesystem 15"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-docs-4.12.14-25.28.1.noarch as component of SUSE Linux Enterprise Module for Development Tools 15",
"product_id": "SUSE Linux Enterprise Module for Development Tools 15:kernel-docs-4.12.14-25.28.1.noarch"
},
"product_reference": "kernel-docs-4.12.14-25.28.1.noarch",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Development Tools 15"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-obs-build-4.12.14-25.28.1.aarch64 as component of SUSE Linux Enterprise Module for Development Tools 15",
"product_id": "SUSE Linux Enterprise Module for Development Tools 15:kernel-obs-build-4.12.14-25.28.1.aarch64"
},
"product_reference": "kernel-obs-build-4.12.14-25.28.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Development Tools 15"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-obs-build-4.12.14-25.28.1.ppc64le as component of SUSE Linux Enterprise Module for Development Tools 15",
"product_id": "SUSE Linux Enterprise Module for Development Tools 15:kernel-obs-build-4.12.14-25.28.1.ppc64le"
},
"product_reference": "kernel-obs-build-4.12.14-25.28.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Development Tools 15"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-obs-build-4.12.14-25.28.1.s390x as component of SUSE Linux Enterprise Module for Development Tools 15",
"product_id": "SUSE Linux Enterprise Module for Development Tools 15:kernel-obs-build-4.12.14-25.28.1.s390x"
},
"product_reference": "kernel-obs-build-4.12.14-25.28.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Development Tools 15"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-obs-build-4.12.14-25.28.1.x86_64 as component of SUSE Linux Enterprise Module for Development Tools 15",
"product_id": "SUSE Linux Enterprise Module for Development Tools 15:kernel-obs-build-4.12.14-25.28.1.x86_64"
},
"product_reference": "kernel-obs-build-4.12.14-25.28.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Development Tools 15"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-source-4.12.14-25.28.1.noarch as component of SUSE Linux Enterprise Module for Development Tools 15",
"product_id": "SUSE Linux Enterprise Module for Development Tools 15:kernel-source-4.12.14-25.28.1.noarch"
},
"product_reference": "kernel-source-4.12.14-25.28.1.noarch",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Development Tools 15"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-syms-4.12.14-25.28.1.aarch64 as component of SUSE Linux Enterprise Module for Development Tools 15",
"product_id": "SUSE Linux Enterprise Module for Development Tools 15:kernel-syms-4.12.14-25.28.1.aarch64"
},
"product_reference": "kernel-syms-4.12.14-25.28.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Development Tools 15"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-syms-4.12.14-25.28.1.ppc64le as component of SUSE Linux Enterprise Module for Development Tools 15",
"product_id": "SUSE Linux Enterprise Module for Development Tools 15:kernel-syms-4.12.14-25.28.1.ppc64le"
},
"product_reference": "kernel-syms-4.12.14-25.28.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Development Tools 15"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-syms-4.12.14-25.28.1.s390x as component of SUSE Linux Enterprise Module for Development Tools 15",
"product_id": "SUSE Linux Enterprise Module for Development Tools 15:kernel-syms-4.12.14-25.28.1.s390x"
},
"product_reference": "kernel-syms-4.12.14-25.28.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Development Tools 15"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-syms-4.12.14-25.28.1.x86_64 as component of SUSE Linux Enterprise Module for Development Tools 15",
"product_id": "SUSE Linux Enterprise Module for Development Tools 15:kernel-syms-4.12.14-25.28.1.x86_64"
},
"product_reference": "kernel-syms-4.12.14-25.28.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Development Tools 15"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-vanilla-base-4.12.14-25.28.1.aarch64 as component of SUSE Linux Enterprise Module for Development Tools 15",
"product_id": "SUSE Linux Enterprise Module for Development Tools 15:kernel-vanilla-base-4.12.14-25.28.1.aarch64"
},
"product_reference": "kernel-vanilla-base-4.12.14-25.28.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Development Tools 15"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-vanilla-base-4.12.14-25.28.1.ppc64le as component of SUSE Linux Enterprise Module for Development Tools 15",
"product_id": "SUSE Linux Enterprise Module for Development Tools 15:kernel-vanilla-base-4.12.14-25.28.1.ppc64le"
},
"product_reference": "kernel-vanilla-base-4.12.14-25.28.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Development Tools 15"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-vanilla-base-4.12.14-25.28.1.s390x as component of SUSE Linux Enterprise Module for Development Tools 15",
"product_id": "SUSE Linux Enterprise Module for Development Tools 15:kernel-vanilla-base-4.12.14-25.28.1.s390x"
},
"product_reference": "kernel-vanilla-base-4.12.14-25.28.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Development Tools 15"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-vanilla-base-4.12.14-25.28.1.x86_64 as component of SUSE Linux Enterprise Module for Development Tools 15",
"product_id": "SUSE Linux Enterprise Module for Development Tools 15:kernel-vanilla-base-4.12.14-25.28.1.x86_64"
},
"product_reference": "kernel-vanilla-base-4.12.14-25.28.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Development Tools 15"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "reiserfs-kmp-default-4.12.14-25.28.1.aarch64 as component of SUSE Linux Enterprise Module for Legacy 15",
"product_id": "SUSE Linux Enterprise Module for Legacy 15:reiserfs-kmp-default-4.12.14-25.28.1.aarch64"
},
"product_reference": "reiserfs-kmp-default-4.12.14-25.28.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Legacy 15"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "reiserfs-kmp-default-4.12.14-25.28.1.ppc64le as component of SUSE Linux Enterprise Module for Legacy 15",
"product_id": "SUSE Linux Enterprise Module for Legacy 15:reiserfs-kmp-default-4.12.14-25.28.1.ppc64le"
},
"product_reference": "reiserfs-kmp-default-4.12.14-25.28.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Legacy 15"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "reiserfs-kmp-default-4.12.14-25.28.1.s390x as component of SUSE Linux Enterprise Module for Legacy 15",
"product_id": "SUSE Linux Enterprise Module for Legacy 15:reiserfs-kmp-default-4.12.14-25.28.1.s390x"
},
"product_reference": "reiserfs-kmp-default-4.12.14-25.28.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Legacy 15"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "reiserfs-kmp-default-4.12.14-25.28.1.x86_64 as component of SUSE Linux Enterprise Module for Legacy 15",
"product_id": "SUSE Linux Enterprise Module for Legacy 15:reiserfs-kmp-default-4.12.14-25.28.1.x86_64"
},
"product_reference": "reiserfs-kmp-default-4.12.14-25.28.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Legacy 15"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-default-livepatch-4.12.14-25.28.1.ppc64le as component of SUSE Linux Enterprise Live Patching 15",
"product_id": "SUSE Linux Enterprise Live Patching 15:kernel-default-livepatch-4.12.14-25.28.1.ppc64le"
},
"product_reference": "kernel-default-livepatch-4.12.14-25.28.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Live Patching 15"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-default-livepatch-4.12.14-25.28.1.x86_64 as component of SUSE Linux Enterprise Live Patching 15",
"product_id": "SUSE Linux Enterprise Live Patching 15:kernel-default-livepatch-4.12.14-25.28.1.x86_64"
},
"product_reference": "kernel-default-livepatch-4.12.14-25.28.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Live Patching 15"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-livepatch-4_12_14-25_28-default-1-1.3.1.ppc64le as component of SUSE Linux Enterprise Live Patching 15",
"product_id": "SUSE Linux Enterprise Live Patching 15:kernel-livepatch-4_12_14-25_28-default-1-1.3.1.ppc64le"
},
"product_reference": "kernel-livepatch-4_12_14-25_28-default-1-1.3.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Live Patching 15"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-livepatch-4_12_14-25_28-default-1-1.3.1.x86_64 as component of SUSE Linux Enterprise Live Patching 15",
"product_id": "SUSE Linux Enterprise Live Patching 15:kernel-livepatch-4_12_14-25_28-default-1-1.3.1.x86_64"
},
"product_reference": "kernel-livepatch-4_12_14-25_28-default-1-1.3.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Live Patching 15"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "cluster-md-kmp-default-4.12.14-25.28.1.aarch64 as component of SUSE Linux Enterprise High Availability Extension 15",
"product_id": "SUSE Linux Enterprise High Availability Extension 15:cluster-md-kmp-default-4.12.14-25.28.1.aarch64"
},
"product_reference": "cluster-md-kmp-default-4.12.14-25.28.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise High Availability Extension 15"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "cluster-md-kmp-default-4.12.14-25.28.1.ppc64le as component of SUSE Linux Enterprise High Availability Extension 15",
"product_id": "SUSE Linux Enterprise High Availability Extension 15:cluster-md-kmp-default-4.12.14-25.28.1.ppc64le"
},
"product_reference": "cluster-md-kmp-default-4.12.14-25.28.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise High Availability Extension 15"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "cluster-md-kmp-default-4.12.14-25.28.1.s390x as component of SUSE Linux Enterprise High Availability Extension 15",
"product_id": "SUSE Linux Enterprise High Availability Extension 15:cluster-md-kmp-default-4.12.14-25.28.1.s390x"
},
"product_reference": "cluster-md-kmp-default-4.12.14-25.28.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise High Availability Extension 15"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "cluster-md-kmp-default-4.12.14-25.28.1.x86_64 as component of SUSE Linux Enterprise High Availability Extension 15",
"product_id": "SUSE Linux Enterprise High Availability Extension 15:cluster-md-kmp-default-4.12.14-25.28.1.x86_64"
},
"product_reference": "cluster-md-kmp-default-4.12.14-25.28.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise High Availability Extension 15"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "dlm-kmp-default-4.12.14-25.28.1.aarch64 as component of SUSE Linux Enterprise High Availability Extension 15",
"product_id": "SUSE Linux Enterprise High Availability Extension 15:dlm-kmp-default-4.12.14-25.28.1.aarch64"
},
"product_reference": "dlm-kmp-default-4.12.14-25.28.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise High Availability Extension 15"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "dlm-kmp-default-4.12.14-25.28.1.ppc64le as component of SUSE Linux Enterprise High Availability Extension 15",
"product_id": "SUSE Linux Enterprise High Availability Extension 15:dlm-kmp-default-4.12.14-25.28.1.ppc64le"
},
"product_reference": "dlm-kmp-default-4.12.14-25.28.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise High Availability Extension 15"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "dlm-kmp-default-4.12.14-25.28.1.s390x as component of SUSE Linux Enterprise High Availability Extension 15",
"product_id": "SUSE Linux Enterprise High Availability Extension 15:dlm-kmp-default-4.12.14-25.28.1.s390x"
},
"product_reference": "dlm-kmp-default-4.12.14-25.28.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise High Availability Extension 15"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "dlm-kmp-default-4.12.14-25.28.1.x86_64 as component of SUSE Linux Enterprise High Availability Extension 15",
"product_id": "SUSE Linux Enterprise High Availability Extension 15:dlm-kmp-default-4.12.14-25.28.1.x86_64"
},
"product_reference": "dlm-kmp-default-4.12.14-25.28.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise High Availability Extension 15"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gfs2-kmp-default-4.12.14-25.28.1.aarch64 as component of SUSE Linux Enterprise High Availability Extension 15",
"product_id": "SUSE Linux Enterprise High Availability Extension 15:gfs2-kmp-default-4.12.14-25.28.1.aarch64"
},
"product_reference": "gfs2-kmp-default-4.12.14-25.28.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise High Availability Extension 15"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gfs2-kmp-default-4.12.14-25.28.1.ppc64le as component of SUSE Linux Enterprise High Availability Extension 15",
"product_id": "SUSE Linux Enterprise High Availability Extension 15:gfs2-kmp-default-4.12.14-25.28.1.ppc64le"
},
"product_reference": "gfs2-kmp-default-4.12.14-25.28.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise High Availability Extension 15"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gfs2-kmp-default-4.12.14-25.28.1.s390x as component of SUSE Linux Enterprise High Availability Extension 15",
"product_id": "SUSE Linux Enterprise High Availability Extension 15:gfs2-kmp-default-4.12.14-25.28.1.s390x"
},
"product_reference": "gfs2-kmp-default-4.12.14-25.28.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise High Availability Extension 15"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gfs2-kmp-default-4.12.14-25.28.1.x86_64 as component of SUSE Linux Enterprise High Availability Extension 15",
"product_id": "SUSE Linux Enterprise High Availability Extension 15:gfs2-kmp-default-4.12.14-25.28.1.x86_64"
},
"product_reference": "gfs2-kmp-default-4.12.14-25.28.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise High Availability Extension 15"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ocfs2-kmp-default-4.12.14-25.28.1.aarch64 as component of SUSE Linux Enterprise High Availability Extension 15",
"product_id": "SUSE Linux Enterprise High Availability Extension 15:ocfs2-kmp-default-4.12.14-25.28.1.aarch64"
},
"product_reference": "ocfs2-kmp-default-4.12.14-25.28.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise High Availability Extension 15"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ocfs2-kmp-default-4.12.14-25.28.1.ppc64le as component of SUSE Linux Enterprise High Availability Extension 15",
"product_id": "SUSE Linux Enterprise High Availability Extension 15:ocfs2-kmp-default-4.12.14-25.28.1.ppc64le"
},
"product_reference": "ocfs2-kmp-default-4.12.14-25.28.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise High Availability Extension 15"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ocfs2-kmp-default-4.12.14-25.28.1.s390x as component of SUSE Linux Enterprise High Availability Extension 15",
"product_id": "SUSE Linux Enterprise High Availability Extension 15:ocfs2-kmp-default-4.12.14-25.28.1.s390x"
},
"product_reference": "ocfs2-kmp-default-4.12.14-25.28.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise High Availability Extension 15"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ocfs2-kmp-default-4.12.14-25.28.1.x86_64 as component of SUSE Linux Enterprise High Availability Extension 15",
"product_id": "SUSE Linux Enterprise High Availability Extension 15:ocfs2-kmp-default-4.12.14-25.28.1.x86_64"
},
"product_reference": "ocfs2-kmp-default-4.12.14-25.28.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise High Availability Extension 15"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-default-extra-4.12.14-25.28.1.x86_64 as component of SUSE Linux Enterprise Workstation Extension 15",
"product_id": "SUSE Linux Enterprise Workstation Extension 15:kernel-default-extra-4.12.14-25.28.1.x86_64"
},
"product_reference": "kernel-default-extra-4.12.14-25.28.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Workstation Extension 15"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2018-12232",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2018-12232"
}
],
"notes": [
{
"category": "general",
"text": "In net/socket.c in the Linux kernel through 4.17.1, there is a race condition between fchownat and close in cases where they target the same socket file descriptor, related to the sock_close and sockfs_setattr functions. fchownat does not increment the file descriptor reference count, which allows close to set the socket to NULL during fchownat\u0027s execution, leading to a NULL pointer dereference and system crash.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 15:cluster-md-kmp-default-4.12.14-25.28.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15:cluster-md-kmp-default-4.12.14-25.28.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15:cluster-md-kmp-default-4.12.14-25.28.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15:cluster-md-kmp-default-4.12.14-25.28.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15:dlm-kmp-default-4.12.14-25.28.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15:dlm-kmp-default-4.12.14-25.28.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15:dlm-kmp-default-4.12.14-25.28.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15:dlm-kmp-default-4.12.14-25.28.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15:gfs2-kmp-default-4.12.14-25.28.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15:gfs2-kmp-default-4.12.14-25.28.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15:gfs2-kmp-default-4.12.14-25.28.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15:gfs2-kmp-default-4.12.14-25.28.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15:ocfs2-kmp-default-4.12.14-25.28.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15:ocfs2-kmp-default-4.12.14-25.28.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15:ocfs2-kmp-default-4.12.14-25.28.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15:ocfs2-kmp-default-4.12.14-25.28.1.x86_64",
"SUSE Linux Enterprise Live Patching 15:kernel-default-livepatch-4.12.14-25.28.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15:kernel-default-livepatch-4.12.14-25.28.1.x86_64",
"SUSE Linux Enterprise Live Patching 15:kernel-livepatch-4_12_14-25_28-default-1-1.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15:kernel-livepatch-4_12_14-25_28-default-1-1.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15:kernel-default-4.12.14-25.28.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15:kernel-default-4.12.14-25.28.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15:kernel-default-4.12.14-25.28.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15:kernel-default-4.12.14-25.28.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15:kernel-default-base-4.12.14-25.28.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15:kernel-default-base-4.12.14-25.28.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15:kernel-default-base-4.12.14-25.28.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15:kernel-default-base-4.12.14-25.28.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15:kernel-default-devel-4.12.14-25.28.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15:kernel-default-devel-4.12.14-25.28.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15:kernel-default-devel-4.12.14-25.28.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15:kernel-default-devel-4.12.14-25.28.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15:kernel-default-man-4.12.14-25.28.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15:kernel-devel-4.12.14-25.28.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15:kernel-macros-4.12.14-25.28.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15:kernel-zfcpdump-4.12.14-25.28.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15:kernel-docs-4.12.14-25.28.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15:kernel-obs-build-4.12.14-25.28.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15:kernel-obs-build-4.12.14-25.28.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15:kernel-obs-build-4.12.14-25.28.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15:kernel-obs-build-4.12.14-25.28.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15:kernel-source-4.12.14-25.28.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15:kernel-syms-4.12.14-25.28.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15:kernel-syms-4.12.14-25.28.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15:kernel-syms-4.12.14-25.28.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15:kernel-syms-4.12.14-25.28.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15:kernel-vanilla-base-4.12.14-25.28.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15:kernel-vanilla-base-4.12.14-25.28.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15:kernel-vanilla-base-4.12.14-25.28.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15:kernel-vanilla-base-4.12.14-25.28.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15:reiserfs-kmp-default-4.12.14-25.28.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15:reiserfs-kmp-default-4.12.14-25.28.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15:reiserfs-kmp-default-4.12.14-25.28.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15:reiserfs-kmp-default-4.12.14-25.28.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15:kernel-default-extra-4.12.14-25.28.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2018-12232",
"url": "https://www.suse.com/security/cve/CVE-2018-12232"
},
{
"category": "external",
"summary": "SUSE Bug 1087082 for CVE-2018-12232",
"url": "https://bugzilla.suse.com/1087082"
},
{
"category": "external",
"summary": "SUSE Bug 1097593 for CVE-2018-12232",
"url": "https://bugzilla.suse.com/1097593"
},
{
"category": "external",
"summary": "SUSE Bug 1125907 for CVE-2018-12232",
"url": "https://bugzilla.suse.com/1125907"
},
{
"category": "external",
"summary": "SUSE Bug 1127757 for CVE-2018-12232",
"url": "https://bugzilla.suse.com/1127757"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 15:cluster-md-kmp-default-4.12.14-25.28.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15:cluster-md-kmp-default-4.12.14-25.28.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15:cluster-md-kmp-default-4.12.14-25.28.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15:cluster-md-kmp-default-4.12.14-25.28.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15:dlm-kmp-default-4.12.14-25.28.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15:dlm-kmp-default-4.12.14-25.28.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15:dlm-kmp-default-4.12.14-25.28.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15:dlm-kmp-default-4.12.14-25.28.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15:gfs2-kmp-default-4.12.14-25.28.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15:gfs2-kmp-default-4.12.14-25.28.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15:gfs2-kmp-default-4.12.14-25.28.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15:gfs2-kmp-default-4.12.14-25.28.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15:ocfs2-kmp-default-4.12.14-25.28.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15:ocfs2-kmp-default-4.12.14-25.28.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15:ocfs2-kmp-default-4.12.14-25.28.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15:ocfs2-kmp-default-4.12.14-25.28.1.x86_64",
"SUSE Linux Enterprise Live Patching 15:kernel-default-livepatch-4.12.14-25.28.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15:kernel-default-livepatch-4.12.14-25.28.1.x86_64",
"SUSE Linux Enterprise Live Patching 15:kernel-livepatch-4_12_14-25_28-default-1-1.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15:kernel-livepatch-4_12_14-25_28-default-1-1.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15:kernel-default-4.12.14-25.28.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15:kernel-default-4.12.14-25.28.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15:kernel-default-4.12.14-25.28.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15:kernel-default-4.12.14-25.28.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15:kernel-default-base-4.12.14-25.28.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15:kernel-default-base-4.12.14-25.28.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15:kernel-default-base-4.12.14-25.28.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15:kernel-default-base-4.12.14-25.28.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15:kernel-default-devel-4.12.14-25.28.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15:kernel-default-devel-4.12.14-25.28.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15:kernel-default-devel-4.12.14-25.28.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15:kernel-default-devel-4.12.14-25.28.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15:kernel-default-man-4.12.14-25.28.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15:kernel-devel-4.12.14-25.28.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15:kernel-macros-4.12.14-25.28.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15:kernel-zfcpdump-4.12.14-25.28.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15:kernel-docs-4.12.14-25.28.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15:kernel-obs-build-4.12.14-25.28.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15:kernel-obs-build-4.12.14-25.28.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15:kernel-obs-build-4.12.14-25.28.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15:kernel-obs-build-4.12.14-25.28.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15:kernel-source-4.12.14-25.28.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15:kernel-syms-4.12.14-25.28.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15:kernel-syms-4.12.14-25.28.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15:kernel-syms-4.12.14-25.28.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15:kernel-syms-4.12.14-25.28.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15:kernel-vanilla-base-4.12.14-25.28.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15:kernel-vanilla-base-4.12.14-25.28.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15:kernel-vanilla-base-4.12.14-25.28.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15:kernel-vanilla-base-4.12.14-25.28.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15:reiserfs-kmp-default-4.12.14-25.28.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15:reiserfs-kmp-default-4.12.14-25.28.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15:reiserfs-kmp-default-4.12.14-25.28.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15:reiserfs-kmp-default-4.12.14-25.28.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15:kernel-default-extra-4.12.14-25.28.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.0"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 15:cluster-md-kmp-default-4.12.14-25.28.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15:cluster-md-kmp-default-4.12.14-25.28.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15:cluster-md-kmp-default-4.12.14-25.28.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15:cluster-md-kmp-default-4.12.14-25.28.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15:dlm-kmp-default-4.12.14-25.28.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15:dlm-kmp-default-4.12.14-25.28.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15:dlm-kmp-default-4.12.14-25.28.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15:dlm-kmp-default-4.12.14-25.28.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15:gfs2-kmp-default-4.12.14-25.28.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15:gfs2-kmp-default-4.12.14-25.28.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15:gfs2-kmp-default-4.12.14-25.28.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15:gfs2-kmp-default-4.12.14-25.28.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15:ocfs2-kmp-default-4.12.14-25.28.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15:ocfs2-kmp-default-4.12.14-25.28.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15:ocfs2-kmp-default-4.12.14-25.28.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15:ocfs2-kmp-default-4.12.14-25.28.1.x86_64",
"SUSE Linux Enterprise Live Patching 15:kernel-default-livepatch-4.12.14-25.28.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15:kernel-default-livepatch-4.12.14-25.28.1.x86_64",
"SUSE Linux Enterprise Live Patching 15:kernel-livepatch-4_12_14-25_28-default-1-1.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15:kernel-livepatch-4_12_14-25_28-default-1-1.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15:kernel-default-4.12.14-25.28.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15:kernel-default-4.12.14-25.28.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15:kernel-default-4.12.14-25.28.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15:kernel-default-4.12.14-25.28.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15:kernel-default-base-4.12.14-25.28.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15:kernel-default-base-4.12.14-25.28.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15:kernel-default-base-4.12.14-25.28.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15:kernel-default-base-4.12.14-25.28.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15:kernel-default-devel-4.12.14-25.28.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15:kernel-default-devel-4.12.14-25.28.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15:kernel-default-devel-4.12.14-25.28.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15:kernel-default-devel-4.12.14-25.28.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15:kernel-default-man-4.12.14-25.28.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15:kernel-devel-4.12.14-25.28.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15:kernel-macros-4.12.14-25.28.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15:kernel-zfcpdump-4.12.14-25.28.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15:kernel-docs-4.12.14-25.28.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15:kernel-obs-build-4.12.14-25.28.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15:kernel-obs-build-4.12.14-25.28.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15:kernel-obs-build-4.12.14-25.28.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15:kernel-obs-build-4.12.14-25.28.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15:kernel-source-4.12.14-25.28.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15:kernel-syms-4.12.14-25.28.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15:kernel-syms-4.12.14-25.28.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15:kernel-syms-4.12.14-25.28.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15:kernel-syms-4.12.14-25.28.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15:kernel-vanilla-base-4.12.14-25.28.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15:kernel-vanilla-base-4.12.14-25.28.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15:kernel-vanilla-base-4.12.14-25.28.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15:kernel-vanilla-base-4.12.14-25.28.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15:reiserfs-kmp-default-4.12.14-25.28.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15:reiserfs-kmp-default-4.12.14-25.28.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15:reiserfs-kmp-default-4.12.14-25.28.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15:reiserfs-kmp-default-4.12.14-25.28.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15:kernel-default-extra-4.12.14-25.28.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2019-02-01T18:55:03Z",
"details": "important"
}
],
"title": "CVE-2018-12232"
},
{
"cve": "CVE-2018-14625",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2018-14625"
}
],
"notes": [
{
"category": "general",
"text": "A flaw was found in the Linux Kernel where an attacker may be able to have an uncontrolled read to kernel-memory from within a vm guest. A race condition between connect() and close() function may allow an attacker using the AF_VSOCK protocol to gather a 4 byte information leak or possibly intercept or corrupt AF_VSOCK messages destined to other clients.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 15:cluster-md-kmp-default-4.12.14-25.28.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15:cluster-md-kmp-default-4.12.14-25.28.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15:cluster-md-kmp-default-4.12.14-25.28.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15:cluster-md-kmp-default-4.12.14-25.28.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15:dlm-kmp-default-4.12.14-25.28.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15:dlm-kmp-default-4.12.14-25.28.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15:dlm-kmp-default-4.12.14-25.28.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15:dlm-kmp-default-4.12.14-25.28.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15:gfs2-kmp-default-4.12.14-25.28.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15:gfs2-kmp-default-4.12.14-25.28.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15:gfs2-kmp-default-4.12.14-25.28.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15:gfs2-kmp-default-4.12.14-25.28.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15:ocfs2-kmp-default-4.12.14-25.28.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15:ocfs2-kmp-default-4.12.14-25.28.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15:ocfs2-kmp-default-4.12.14-25.28.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15:ocfs2-kmp-default-4.12.14-25.28.1.x86_64",
"SUSE Linux Enterprise Live Patching 15:kernel-default-livepatch-4.12.14-25.28.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15:kernel-default-livepatch-4.12.14-25.28.1.x86_64",
"SUSE Linux Enterprise Live Patching 15:kernel-livepatch-4_12_14-25_28-default-1-1.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15:kernel-livepatch-4_12_14-25_28-default-1-1.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15:kernel-default-4.12.14-25.28.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15:kernel-default-4.12.14-25.28.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15:kernel-default-4.12.14-25.28.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15:kernel-default-4.12.14-25.28.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15:kernel-default-base-4.12.14-25.28.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15:kernel-default-base-4.12.14-25.28.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15:kernel-default-base-4.12.14-25.28.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15:kernel-default-base-4.12.14-25.28.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15:kernel-default-devel-4.12.14-25.28.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15:kernel-default-devel-4.12.14-25.28.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15:kernel-default-devel-4.12.14-25.28.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15:kernel-default-devel-4.12.14-25.28.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15:kernel-default-man-4.12.14-25.28.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15:kernel-devel-4.12.14-25.28.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15:kernel-macros-4.12.14-25.28.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15:kernel-zfcpdump-4.12.14-25.28.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15:kernel-docs-4.12.14-25.28.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15:kernel-obs-build-4.12.14-25.28.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15:kernel-obs-build-4.12.14-25.28.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15:kernel-obs-build-4.12.14-25.28.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15:kernel-obs-build-4.12.14-25.28.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15:kernel-source-4.12.14-25.28.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15:kernel-syms-4.12.14-25.28.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15:kernel-syms-4.12.14-25.28.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15:kernel-syms-4.12.14-25.28.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15:kernel-syms-4.12.14-25.28.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15:kernel-vanilla-base-4.12.14-25.28.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15:kernel-vanilla-base-4.12.14-25.28.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15:kernel-vanilla-base-4.12.14-25.28.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15:kernel-vanilla-base-4.12.14-25.28.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15:reiserfs-kmp-default-4.12.14-25.28.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15:reiserfs-kmp-default-4.12.14-25.28.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15:reiserfs-kmp-default-4.12.14-25.28.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15:reiserfs-kmp-default-4.12.14-25.28.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15:kernel-default-extra-4.12.14-25.28.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2018-14625",
"url": "https://www.suse.com/security/cve/CVE-2018-14625"
},
{
"category": "external",
"summary": "SUSE Bug 1106615 for CVE-2018-14625",
"url": "https://bugzilla.suse.com/1106615"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 15:cluster-md-kmp-default-4.12.14-25.28.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15:cluster-md-kmp-default-4.12.14-25.28.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15:cluster-md-kmp-default-4.12.14-25.28.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15:cluster-md-kmp-default-4.12.14-25.28.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15:dlm-kmp-default-4.12.14-25.28.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15:dlm-kmp-default-4.12.14-25.28.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15:dlm-kmp-default-4.12.14-25.28.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15:dlm-kmp-default-4.12.14-25.28.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15:gfs2-kmp-default-4.12.14-25.28.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15:gfs2-kmp-default-4.12.14-25.28.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15:gfs2-kmp-default-4.12.14-25.28.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15:gfs2-kmp-default-4.12.14-25.28.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15:ocfs2-kmp-default-4.12.14-25.28.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15:ocfs2-kmp-default-4.12.14-25.28.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15:ocfs2-kmp-default-4.12.14-25.28.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15:ocfs2-kmp-default-4.12.14-25.28.1.x86_64",
"SUSE Linux Enterprise Live Patching 15:kernel-default-livepatch-4.12.14-25.28.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15:kernel-default-livepatch-4.12.14-25.28.1.x86_64",
"SUSE Linux Enterprise Live Patching 15:kernel-livepatch-4_12_14-25_28-default-1-1.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15:kernel-livepatch-4_12_14-25_28-default-1-1.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15:kernel-default-4.12.14-25.28.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15:kernel-default-4.12.14-25.28.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15:kernel-default-4.12.14-25.28.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15:kernel-default-4.12.14-25.28.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15:kernel-default-base-4.12.14-25.28.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15:kernel-default-base-4.12.14-25.28.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15:kernel-default-base-4.12.14-25.28.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15:kernel-default-base-4.12.14-25.28.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15:kernel-default-devel-4.12.14-25.28.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15:kernel-default-devel-4.12.14-25.28.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15:kernel-default-devel-4.12.14-25.28.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15:kernel-default-devel-4.12.14-25.28.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15:kernel-default-man-4.12.14-25.28.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15:kernel-devel-4.12.14-25.28.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15:kernel-macros-4.12.14-25.28.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15:kernel-zfcpdump-4.12.14-25.28.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15:kernel-docs-4.12.14-25.28.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15:kernel-obs-build-4.12.14-25.28.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15:kernel-obs-build-4.12.14-25.28.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15:kernel-obs-build-4.12.14-25.28.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15:kernel-obs-build-4.12.14-25.28.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15:kernel-source-4.12.14-25.28.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15:kernel-syms-4.12.14-25.28.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15:kernel-syms-4.12.14-25.28.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15:kernel-syms-4.12.14-25.28.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15:kernel-syms-4.12.14-25.28.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15:kernel-vanilla-base-4.12.14-25.28.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15:kernel-vanilla-base-4.12.14-25.28.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15:kernel-vanilla-base-4.12.14-25.28.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15:kernel-vanilla-base-4.12.14-25.28.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15:reiserfs-kmp-default-4.12.14-25.28.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15:reiserfs-kmp-default-4.12.14-25.28.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15:reiserfs-kmp-default-4.12.14-25.28.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15:reiserfs-kmp-default-4.12.14-25.28.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15:kernel-default-extra-4.12.14-25.28.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:L/A:H",
"version": "3.0"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 15:cluster-md-kmp-default-4.12.14-25.28.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15:cluster-md-kmp-default-4.12.14-25.28.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15:cluster-md-kmp-default-4.12.14-25.28.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15:cluster-md-kmp-default-4.12.14-25.28.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15:dlm-kmp-default-4.12.14-25.28.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15:dlm-kmp-default-4.12.14-25.28.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15:dlm-kmp-default-4.12.14-25.28.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15:dlm-kmp-default-4.12.14-25.28.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15:gfs2-kmp-default-4.12.14-25.28.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15:gfs2-kmp-default-4.12.14-25.28.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15:gfs2-kmp-default-4.12.14-25.28.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15:gfs2-kmp-default-4.12.14-25.28.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15:ocfs2-kmp-default-4.12.14-25.28.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15:ocfs2-kmp-default-4.12.14-25.28.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15:ocfs2-kmp-default-4.12.14-25.28.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15:ocfs2-kmp-default-4.12.14-25.28.1.x86_64",
"SUSE Linux Enterprise Live Patching 15:kernel-default-livepatch-4.12.14-25.28.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15:kernel-default-livepatch-4.12.14-25.28.1.x86_64",
"SUSE Linux Enterprise Live Patching 15:kernel-livepatch-4_12_14-25_28-default-1-1.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15:kernel-livepatch-4_12_14-25_28-default-1-1.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15:kernel-default-4.12.14-25.28.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15:kernel-default-4.12.14-25.28.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15:kernel-default-4.12.14-25.28.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15:kernel-default-4.12.14-25.28.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15:kernel-default-base-4.12.14-25.28.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15:kernel-default-base-4.12.14-25.28.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15:kernel-default-base-4.12.14-25.28.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15:kernel-default-base-4.12.14-25.28.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15:kernel-default-devel-4.12.14-25.28.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15:kernel-default-devel-4.12.14-25.28.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15:kernel-default-devel-4.12.14-25.28.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15:kernel-default-devel-4.12.14-25.28.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15:kernel-default-man-4.12.14-25.28.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15:kernel-devel-4.12.14-25.28.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15:kernel-macros-4.12.14-25.28.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15:kernel-zfcpdump-4.12.14-25.28.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15:kernel-docs-4.12.14-25.28.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15:kernel-obs-build-4.12.14-25.28.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15:kernel-obs-build-4.12.14-25.28.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15:kernel-obs-build-4.12.14-25.28.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15:kernel-obs-build-4.12.14-25.28.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15:kernel-source-4.12.14-25.28.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15:kernel-syms-4.12.14-25.28.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15:kernel-syms-4.12.14-25.28.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15:kernel-syms-4.12.14-25.28.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15:kernel-syms-4.12.14-25.28.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15:kernel-vanilla-base-4.12.14-25.28.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15:kernel-vanilla-base-4.12.14-25.28.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15:kernel-vanilla-base-4.12.14-25.28.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15:kernel-vanilla-base-4.12.14-25.28.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15:reiserfs-kmp-default-4.12.14-25.28.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15:reiserfs-kmp-default-4.12.14-25.28.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15:reiserfs-kmp-default-4.12.14-25.28.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15:reiserfs-kmp-default-4.12.14-25.28.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15:kernel-default-extra-4.12.14-25.28.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2019-02-01T18:55:03Z",
"details": "moderate"
}
],
"title": "CVE-2018-14625"
},
{
"cve": "CVE-2018-16862",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2018-16862"
}
],
"notes": [
{
"category": "general",
"text": "A security flaw was found in the Linux kernel in a way that the cleancache subsystem clears an inode after the final file truncation (removal). The new file created with the same inode may contain leftover pages from cleancache and the old file data instead of the new one.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 15:cluster-md-kmp-default-4.12.14-25.28.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15:cluster-md-kmp-default-4.12.14-25.28.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15:cluster-md-kmp-default-4.12.14-25.28.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15:cluster-md-kmp-default-4.12.14-25.28.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15:dlm-kmp-default-4.12.14-25.28.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15:dlm-kmp-default-4.12.14-25.28.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15:dlm-kmp-default-4.12.14-25.28.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15:dlm-kmp-default-4.12.14-25.28.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15:gfs2-kmp-default-4.12.14-25.28.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15:gfs2-kmp-default-4.12.14-25.28.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15:gfs2-kmp-default-4.12.14-25.28.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15:gfs2-kmp-default-4.12.14-25.28.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15:ocfs2-kmp-default-4.12.14-25.28.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15:ocfs2-kmp-default-4.12.14-25.28.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15:ocfs2-kmp-default-4.12.14-25.28.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15:ocfs2-kmp-default-4.12.14-25.28.1.x86_64",
"SUSE Linux Enterprise Live Patching 15:kernel-default-livepatch-4.12.14-25.28.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15:kernel-default-livepatch-4.12.14-25.28.1.x86_64",
"SUSE Linux Enterprise Live Patching 15:kernel-livepatch-4_12_14-25_28-default-1-1.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15:kernel-livepatch-4_12_14-25_28-default-1-1.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15:kernel-default-4.12.14-25.28.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15:kernel-default-4.12.14-25.28.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15:kernel-default-4.12.14-25.28.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15:kernel-default-4.12.14-25.28.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15:kernel-default-base-4.12.14-25.28.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15:kernel-default-base-4.12.14-25.28.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15:kernel-default-base-4.12.14-25.28.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15:kernel-default-base-4.12.14-25.28.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15:kernel-default-devel-4.12.14-25.28.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15:kernel-default-devel-4.12.14-25.28.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15:kernel-default-devel-4.12.14-25.28.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15:kernel-default-devel-4.12.14-25.28.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15:kernel-default-man-4.12.14-25.28.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15:kernel-devel-4.12.14-25.28.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15:kernel-macros-4.12.14-25.28.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15:kernel-zfcpdump-4.12.14-25.28.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15:kernel-docs-4.12.14-25.28.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15:kernel-obs-build-4.12.14-25.28.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15:kernel-obs-build-4.12.14-25.28.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15:kernel-obs-build-4.12.14-25.28.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15:kernel-obs-build-4.12.14-25.28.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15:kernel-source-4.12.14-25.28.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15:kernel-syms-4.12.14-25.28.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15:kernel-syms-4.12.14-25.28.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15:kernel-syms-4.12.14-25.28.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15:kernel-syms-4.12.14-25.28.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15:kernel-vanilla-base-4.12.14-25.28.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15:kernel-vanilla-base-4.12.14-25.28.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15:kernel-vanilla-base-4.12.14-25.28.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15:kernel-vanilla-base-4.12.14-25.28.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15:reiserfs-kmp-default-4.12.14-25.28.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15:reiserfs-kmp-default-4.12.14-25.28.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15:reiserfs-kmp-default-4.12.14-25.28.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15:reiserfs-kmp-default-4.12.14-25.28.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15:kernel-default-extra-4.12.14-25.28.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2018-16862",
"url": "https://www.suse.com/security/cve/CVE-2018-16862"
},
{
"category": "external",
"summary": "SUSE Bug 1117186 for CVE-2018-16862",
"url": "https://bugzilla.suse.com/1117186"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 15:cluster-md-kmp-default-4.12.14-25.28.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15:cluster-md-kmp-default-4.12.14-25.28.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15:cluster-md-kmp-default-4.12.14-25.28.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15:cluster-md-kmp-default-4.12.14-25.28.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15:dlm-kmp-default-4.12.14-25.28.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15:dlm-kmp-default-4.12.14-25.28.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15:dlm-kmp-default-4.12.14-25.28.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15:dlm-kmp-default-4.12.14-25.28.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15:gfs2-kmp-default-4.12.14-25.28.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15:gfs2-kmp-default-4.12.14-25.28.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15:gfs2-kmp-default-4.12.14-25.28.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15:gfs2-kmp-default-4.12.14-25.28.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15:ocfs2-kmp-default-4.12.14-25.28.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15:ocfs2-kmp-default-4.12.14-25.28.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15:ocfs2-kmp-default-4.12.14-25.28.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15:ocfs2-kmp-default-4.12.14-25.28.1.x86_64",
"SUSE Linux Enterprise Live Patching 15:kernel-default-livepatch-4.12.14-25.28.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15:kernel-default-livepatch-4.12.14-25.28.1.x86_64",
"SUSE Linux Enterprise Live Patching 15:kernel-livepatch-4_12_14-25_28-default-1-1.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15:kernel-livepatch-4_12_14-25_28-default-1-1.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15:kernel-default-4.12.14-25.28.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15:kernel-default-4.12.14-25.28.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15:kernel-default-4.12.14-25.28.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15:kernel-default-4.12.14-25.28.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15:kernel-default-base-4.12.14-25.28.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15:kernel-default-base-4.12.14-25.28.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15:kernel-default-base-4.12.14-25.28.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15:kernel-default-base-4.12.14-25.28.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15:kernel-default-devel-4.12.14-25.28.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15:kernel-default-devel-4.12.14-25.28.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15:kernel-default-devel-4.12.14-25.28.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15:kernel-default-devel-4.12.14-25.28.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15:kernel-default-man-4.12.14-25.28.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15:kernel-devel-4.12.14-25.28.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15:kernel-macros-4.12.14-25.28.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15:kernel-zfcpdump-4.12.14-25.28.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15:kernel-docs-4.12.14-25.28.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15:kernel-obs-build-4.12.14-25.28.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15:kernel-obs-build-4.12.14-25.28.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15:kernel-obs-build-4.12.14-25.28.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15:kernel-obs-build-4.12.14-25.28.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15:kernel-source-4.12.14-25.28.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15:kernel-syms-4.12.14-25.28.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15:kernel-syms-4.12.14-25.28.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15:kernel-syms-4.12.14-25.28.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15:kernel-syms-4.12.14-25.28.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15:kernel-vanilla-base-4.12.14-25.28.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15:kernel-vanilla-base-4.12.14-25.28.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15:kernel-vanilla-base-4.12.14-25.28.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15:kernel-vanilla-base-4.12.14-25.28.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15:reiserfs-kmp-default-4.12.14-25.28.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15:reiserfs-kmp-default-4.12.14-25.28.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15:reiserfs-kmp-default-4.12.14-25.28.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15:reiserfs-kmp-default-4.12.14-25.28.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15:kernel-default-extra-4.12.14-25.28.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.0/AV:L/AC:H/PR:N/UI:R/S:U/C:H/I:L/A:N",
"version": "3.0"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 15:cluster-md-kmp-default-4.12.14-25.28.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15:cluster-md-kmp-default-4.12.14-25.28.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15:cluster-md-kmp-default-4.12.14-25.28.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15:cluster-md-kmp-default-4.12.14-25.28.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15:dlm-kmp-default-4.12.14-25.28.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15:dlm-kmp-default-4.12.14-25.28.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15:dlm-kmp-default-4.12.14-25.28.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15:dlm-kmp-default-4.12.14-25.28.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15:gfs2-kmp-default-4.12.14-25.28.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15:gfs2-kmp-default-4.12.14-25.28.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15:gfs2-kmp-default-4.12.14-25.28.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15:gfs2-kmp-default-4.12.14-25.28.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15:ocfs2-kmp-default-4.12.14-25.28.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15:ocfs2-kmp-default-4.12.14-25.28.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15:ocfs2-kmp-default-4.12.14-25.28.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15:ocfs2-kmp-default-4.12.14-25.28.1.x86_64",
"SUSE Linux Enterprise Live Patching 15:kernel-default-livepatch-4.12.14-25.28.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15:kernel-default-livepatch-4.12.14-25.28.1.x86_64",
"SUSE Linux Enterprise Live Patching 15:kernel-livepatch-4_12_14-25_28-default-1-1.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15:kernel-livepatch-4_12_14-25_28-default-1-1.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15:kernel-default-4.12.14-25.28.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15:kernel-default-4.12.14-25.28.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15:kernel-default-4.12.14-25.28.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15:kernel-default-4.12.14-25.28.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15:kernel-default-base-4.12.14-25.28.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15:kernel-default-base-4.12.14-25.28.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15:kernel-default-base-4.12.14-25.28.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15:kernel-default-base-4.12.14-25.28.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15:kernel-default-devel-4.12.14-25.28.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15:kernel-default-devel-4.12.14-25.28.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15:kernel-default-devel-4.12.14-25.28.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15:kernel-default-devel-4.12.14-25.28.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15:kernel-default-man-4.12.14-25.28.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15:kernel-devel-4.12.14-25.28.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15:kernel-macros-4.12.14-25.28.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15:kernel-zfcpdump-4.12.14-25.28.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15:kernel-docs-4.12.14-25.28.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15:kernel-obs-build-4.12.14-25.28.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15:kernel-obs-build-4.12.14-25.28.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15:kernel-obs-build-4.12.14-25.28.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15:kernel-obs-build-4.12.14-25.28.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15:kernel-source-4.12.14-25.28.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15:kernel-syms-4.12.14-25.28.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15:kernel-syms-4.12.14-25.28.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15:kernel-syms-4.12.14-25.28.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15:kernel-syms-4.12.14-25.28.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15:kernel-vanilla-base-4.12.14-25.28.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15:kernel-vanilla-base-4.12.14-25.28.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15:kernel-vanilla-base-4.12.14-25.28.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15:kernel-vanilla-base-4.12.14-25.28.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15:reiserfs-kmp-default-4.12.14-25.28.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15:reiserfs-kmp-default-4.12.14-25.28.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15:reiserfs-kmp-default-4.12.14-25.28.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15:reiserfs-kmp-default-4.12.14-25.28.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15:kernel-default-extra-4.12.14-25.28.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2019-02-01T18:55:03Z",
"details": "moderate"
}
],
"title": "CVE-2018-16862"
},
{
"cve": "CVE-2018-16884",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2018-16884"
}
],
"notes": [
{
"category": "general",
"text": "A flaw was found in the Linux kernel\u0027s NFS41+ subsystem. NFS41+ shares mounted in different network namespaces at the same time can make bc_svc_process() use wrong back-channel IDs and cause a use-after-free vulnerability. Thus a malicious container user can cause a host kernel memory corruption and a system panic. Due to the nature of the flaw, privilege escalation cannot be fully ruled out.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 15:cluster-md-kmp-default-4.12.14-25.28.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15:cluster-md-kmp-default-4.12.14-25.28.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15:cluster-md-kmp-default-4.12.14-25.28.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15:cluster-md-kmp-default-4.12.14-25.28.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15:dlm-kmp-default-4.12.14-25.28.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15:dlm-kmp-default-4.12.14-25.28.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15:dlm-kmp-default-4.12.14-25.28.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15:dlm-kmp-default-4.12.14-25.28.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15:gfs2-kmp-default-4.12.14-25.28.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15:gfs2-kmp-default-4.12.14-25.28.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15:gfs2-kmp-default-4.12.14-25.28.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15:gfs2-kmp-default-4.12.14-25.28.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15:ocfs2-kmp-default-4.12.14-25.28.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15:ocfs2-kmp-default-4.12.14-25.28.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15:ocfs2-kmp-default-4.12.14-25.28.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15:ocfs2-kmp-default-4.12.14-25.28.1.x86_64",
"SUSE Linux Enterprise Live Patching 15:kernel-default-livepatch-4.12.14-25.28.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15:kernel-default-livepatch-4.12.14-25.28.1.x86_64",
"SUSE Linux Enterprise Live Patching 15:kernel-livepatch-4_12_14-25_28-default-1-1.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15:kernel-livepatch-4_12_14-25_28-default-1-1.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15:kernel-default-4.12.14-25.28.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15:kernel-default-4.12.14-25.28.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15:kernel-default-4.12.14-25.28.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15:kernel-default-4.12.14-25.28.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15:kernel-default-base-4.12.14-25.28.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15:kernel-default-base-4.12.14-25.28.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15:kernel-default-base-4.12.14-25.28.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15:kernel-default-base-4.12.14-25.28.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15:kernel-default-devel-4.12.14-25.28.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15:kernel-default-devel-4.12.14-25.28.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15:kernel-default-devel-4.12.14-25.28.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15:kernel-default-devel-4.12.14-25.28.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15:kernel-default-man-4.12.14-25.28.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15:kernel-devel-4.12.14-25.28.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15:kernel-macros-4.12.14-25.28.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15:kernel-zfcpdump-4.12.14-25.28.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15:kernel-docs-4.12.14-25.28.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15:kernel-obs-build-4.12.14-25.28.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15:kernel-obs-build-4.12.14-25.28.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15:kernel-obs-build-4.12.14-25.28.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15:kernel-obs-build-4.12.14-25.28.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15:kernel-source-4.12.14-25.28.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15:kernel-syms-4.12.14-25.28.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15:kernel-syms-4.12.14-25.28.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15:kernel-syms-4.12.14-25.28.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15:kernel-syms-4.12.14-25.28.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15:kernel-vanilla-base-4.12.14-25.28.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15:kernel-vanilla-base-4.12.14-25.28.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15:kernel-vanilla-base-4.12.14-25.28.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15:kernel-vanilla-base-4.12.14-25.28.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15:reiserfs-kmp-default-4.12.14-25.28.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15:reiserfs-kmp-default-4.12.14-25.28.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15:reiserfs-kmp-default-4.12.14-25.28.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15:reiserfs-kmp-default-4.12.14-25.28.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15:kernel-default-extra-4.12.14-25.28.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2018-16884",
"url": "https://www.suse.com/security/cve/CVE-2018-16884"
},
{
"category": "external",
"summary": "SUSE Bug 1119946 for CVE-2018-16884",
"url": "https://bugzilla.suse.com/1119946"
},
{
"category": "external",
"summary": "SUSE Bug 1119947 for CVE-2018-16884",
"url": "https://bugzilla.suse.com/1119947"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 15:cluster-md-kmp-default-4.12.14-25.28.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15:cluster-md-kmp-default-4.12.14-25.28.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15:cluster-md-kmp-default-4.12.14-25.28.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15:cluster-md-kmp-default-4.12.14-25.28.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15:dlm-kmp-default-4.12.14-25.28.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15:dlm-kmp-default-4.12.14-25.28.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15:dlm-kmp-default-4.12.14-25.28.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15:dlm-kmp-default-4.12.14-25.28.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15:gfs2-kmp-default-4.12.14-25.28.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15:gfs2-kmp-default-4.12.14-25.28.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15:gfs2-kmp-default-4.12.14-25.28.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15:gfs2-kmp-default-4.12.14-25.28.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15:ocfs2-kmp-default-4.12.14-25.28.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15:ocfs2-kmp-default-4.12.14-25.28.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15:ocfs2-kmp-default-4.12.14-25.28.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15:ocfs2-kmp-default-4.12.14-25.28.1.x86_64",
"SUSE Linux Enterprise Live Patching 15:kernel-default-livepatch-4.12.14-25.28.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15:kernel-default-livepatch-4.12.14-25.28.1.x86_64",
"SUSE Linux Enterprise Live Patching 15:kernel-livepatch-4_12_14-25_28-default-1-1.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15:kernel-livepatch-4_12_14-25_28-default-1-1.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15:kernel-default-4.12.14-25.28.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15:kernel-default-4.12.14-25.28.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15:kernel-default-4.12.14-25.28.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15:kernel-default-4.12.14-25.28.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15:kernel-default-base-4.12.14-25.28.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15:kernel-default-base-4.12.14-25.28.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15:kernel-default-base-4.12.14-25.28.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15:kernel-default-base-4.12.14-25.28.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15:kernel-default-devel-4.12.14-25.28.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15:kernel-default-devel-4.12.14-25.28.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15:kernel-default-devel-4.12.14-25.28.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15:kernel-default-devel-4.12.14-25.28.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15:kernel-default-man-4.12.14-25.28.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15:kernel-devel-4.12.14-25.28.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15:kernel-macros-4.12.14-25.28.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15:kernel-zfcpdump-4.12.14-25.28.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15:kernel-docs-4.12.14-25.28.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15:kernel-obs-build-4.12.14-25.28.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15:kernel-obs-build-4.12.14-25.28.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15:kernel-obs-build-4.12.14-25.28.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15:kernel-obs-build-4.12.14-25.28.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15:kernel-source-4.12.14-25.28.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15:kernel-syms-4.12.14-25.28.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15:kernel-syms-4.12.14-25.28.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15:kernel-syms-4.12.14-25.28.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15:kernel-syms-4.12.14-25.28.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15:kernel-vanilla-base-4.12.14-25.28.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15:kernel-vanilla-base-4.12.14-25.28.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15:kernel-vanilla-base-4.12.14-25.28.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15:kernel-vanilla-base-4.12.14-25.28.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15:reiserfs-kmp-default-4.12.14-25.28.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15:reiserfs-kmp-default-4.12.14-25.28.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15:reiserfs-kmp-default-4.12.14-25.28.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15:reiserfs-kmp-default-4.12.14-25.28.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15:kernel-default-extra-4.12.14-25.28.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 15:cluster-md-kmp-default-4.12.14-25.28.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15:cluster-md-kmp-default-4.12.14-25.28.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15:cluster-md-kmp-default-4.12.14-25.28.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15:cluster-md-kmp-default-4.12.14-25.28.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15:dlm-kmp-default-4.12.14-25.28.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15:dlm-kmp-default-4.12.14-25.28.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15:dlm-kmp-default-4.12.14-25.28.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15:dlm-kmp-default-4.12.14-25.28.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15:gfs2-kmp-default-4.12.14-25.28.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15:gfs2-kmp-default-4.12.14-25.28.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15:gfs2-kmp-default-4.12.14-25.28.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15:gfs2-kmp-default-4.12.14-25.28.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15:ocfs2-kmp-default-4.12.14-25.28.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15:ocfs2-kmp-default-4.12.14-25.28.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15:ocfs2-kmp-default-4.12.14-25.28.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15:ocfs2-kmp-default-4.12.14-25.28.1.x86_64",
"SUSE Linux Enterprise Live Patching 15:kernel-default-livepatch-4.12.14-25.28.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15:kernel-default-livepatch-4.12.14-25.28.1.x86_64",
"SUSE Linux Enterprise Live Patching 15:kernel-livepatch-4_12_14-25_28-default-1-1.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15:kernel-livepatch-4_12_14-25_28-default-1-1.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15:kernel-default-4.12.14-25.28.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15:kernel-default-4.12.14-25.28.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15:kernel-default-4.12.14-25.28.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15:kernel-default-4.12.14-25.28.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15:kernel-default-base-4.12.14-25.28.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15:kernel-default-base-4.12.14-25.28.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15:kernel-default-base-4.12.14-25.28.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15:kernel-default-base-4.12.14-25.28.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15:kernel-default-devel-4.12.14-25.28.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15:kernel-default-devel-4.12.14-25.28.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15:kernel-default-devel-4.12.14-25.28.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15:kernel-default-devel-4.12.14-25.28.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15:kernel-default-man-4.12.14-25.28.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15:kernel-devel-4.12.14-25.28.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15:kernel-macros-4.12.14-25.28.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15:kernel-zfcpdump-4.12.14-25.28.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15:kernel-docs-4.12.14-25.28.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15:kernel-obs-build-4.12.14-25.28.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15:kernel-obs-build-4.12.14-25.28.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15:kernel-obs-build-4.12.14-25.28.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15:kernel-obs-build-4.12.14-25.28.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15:kernel-source-4.12.14-25.28.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15:kernel-syms-4.12.14-25.28.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15:kernel-syms-4.12.14-25.28.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15:kernel-syms-4.12.14-25.28.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15:kernel-syms-4.12.14-25.28.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15:kernel-vanilla-base-4.12.14-25.28.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15:kernel-vanilla-base-4.12.14-25.28.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15:kernel-vanilla-base-4.12.14-25.28.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15:kernel-vanilla-base-4.12.14-25.28.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15:reiserfs-kmp-default-4.12.14-25.28.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15:reiserfs-kmp-default-4.12.14-25.28.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15:reiserfs-kmp-default-4.12.14-25.28.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15:reiserfs-kmp-default-4.12.14-25.28.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15:kernel-default-extra-4.12.14-25.28.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2019-02-01T18:55:03Z",
"details": "important"
}
],
"title": "CVE-2018-16884"
},
{
"cve": "CVE-2018-18281",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2018-18281"
}
],
"notes": [
{
"category": "general",
"text": "Since Linux kernel version 3.2, the mremap() syscall performs TLB flushes after dropping pagetable locks. If a syscall such as ftruncate() removes entries from the pagetables of a task that is in the middle of mremap(), a stale TLB entry can remain for a short time that permits access to a physical page after it has been released back to the page allocator and reused. This is fixed in the following kernel versions: 4.9.135, 4.14.78, 4.18.16, 4.19.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 15:cluster-md-kmp-default-4.12.14-25.28.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15:cluster-md-kmp-default-4.12.14-25.28.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15:cluster-md-kmp-default-4.12.14-25.28.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15:cluster-md-kmp-default-4.12.14-25.28.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15:dlm-kmp-default-4.12.14-25.28.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15:dlm-kmp-default-4.12.14-25.28.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15:dlm-kmp-default-4.12.14-25.28.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15:dlm-kmp-default-4.12.14-25.28.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15:gfs2-kmp-default-4.12.14-25.28.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15:gfs2-kmp-default-4.12.14-25.28.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15:gfs2-kmp-default-4.12.14-25.28.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15:gfs2-kmp-default-4.12.14-25.28.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15:ocfs2-kmp-default-4.12.14-25.28.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15:ocfs2-kmp-default-4.12.14-25.28.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15:ocfs2-kmp-default-4.12.14-25.28.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15:ocfs2-kmp-default-4.12.14-25.28.1.x86_64",
"SUSE Linux Enterprise Live Patching 15:kernel-default-livepatch-4.12.14-25.28.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15:kernel-default-livepatch-4.12.14-25.28.1.x86_64",
"SUSE Linux Enterprise Live Patching 15:kernel-livepatch-4_12_14-25_28-default-1-1.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15:kernel-livepatch-4_12_14-25_28-default-1-1.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15:kernel-default-4.12.14-25.28.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15:kernel-default-4.12.14-25.28.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15:kernel-default-4.12.14-25.28.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15:kernel-default-4.12.14-25.28.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15:kernel-default-base-4.12.14-25.28.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15:kernel-default-base-4.12.14-25.28.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15:kernel-default-base-4.12.14-25.28.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15:kernel-default-base-4.12.14-25.28.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15:kernel-default-devel-4.12.14-25.28.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15:kernel-default-devel-4.12.14-25.28.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15:kernel-default-devel-4.12.14-25.28.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15:kernel-default-devel-4.12.14-25.28.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15:kernel-default-man-4.12.14-25.28.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15:kernel-devel-4.12.14-25.28.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15:kernel-macros-4.12.14-25.28.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15:kernel-zfcpdump-4.12.14-25.28.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15:kernel-docs-4.12.14-25.28.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15:kernel-obs-build-4.12.14-25.28.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15:kernel-obs-build-4.12.14-25.28.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15:kernel-obs-build-4.12.14-25.28.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15:kernel-obs-build-4.12.14-25.28.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15:kernel-source-4.12.14-25.28.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15:kernel-syms-4.12.14-25.28.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15:kernel-syms-4.12.14-25.28.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15:kernel-syms-4.12.14-25.28.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15:kernel-syms-4.12.14-25.28.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15:kernel-vanilla-base-4.12.14-25.28.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15:kernel-vanilla-base-4.12.14-25.28.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15:kernel-vanilla-base-4.12.14-25.28.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15:kernel-vanilla-base-4.12.14-25.28.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15:reiserfs-kmp-default-4.12.14-25.28.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15:reiserfs-kmp-default-4.12.14-25.28.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15:reiserfs-kmp-default-4.12.14-25.28.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15:reiserfs-kmp-default-4.12.14-25.28.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15:kernel-default-extra-4.12.14-25.28.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2018-18281",
"url": "https://www.suse.com/security/cve/CVE-2018-18281"
},
{
"category": "external",
"summary": "SUSE Bug 1113769 for CVE-2018-18281",
"url": "https://bugzilla.suse.com/1113769"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 15:cluster-md-kmp-default-4.12.14-25.28.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15:cluster-md-kmp-default-4.12.14-25.28.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15:cluster-md-kmp-default-4.12.14-25.28.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15:cluster-md-kmp-default-4.12.14-25.28.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15:dlm-kmp-default-4.12.14-25.28.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15:dlm-kmp-default-4.12.14-25.28.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15:dlm-kmp-default-4.12.14-25.28.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15:dlm-kmp-default-4.12.14-25.28.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15:gfs2-kmp-default-4.12.14-25.28.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15:gfs2-kmp-default-4.12.14-25.28.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15:gfs2-kmp-default-4.12.14-25.28.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15:gfs2-kmp-default-4.12.14-25.28.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15:ocfs2-kmp-default-4.12.14-25.28.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15:ocfs2-kmp-default-4.12.14-25.28.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15:ocfs2-kmp-default-4.12.14-25.28.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15:ocfs2-kmp-default-4.12.14-25.28.1.x86_64",
"SUSE Linux Enterprise Live Patching 15:kernel-default-livepatch-4.12.14-25.28.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15:kernel-default-livepatch-4.12.14-25.28.1.x86_64",
"SUSE Linux Enterprise Live Patching 15:kernel-livepatch-4_12_14-25_28-default-1-1.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15:kernel-livepatch-4_12_14-25_28-default-1-1.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15:kernel-default-4.12.14-25.28.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15:kernel-default-4.12.14-25.28.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15:kernel-default-4.12.14-25.28.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15:kernel-default-4.12.14-25.28.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15:kernel-default-base-4.12.14-25.28.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15:kernel-default-base-4.12.14-25.28.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15:kernel-default-base-4.12.14-25.28.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15:kernel-default-base-4.12.14-25.28.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15:kernel-default-devel-4.12.14-25.28.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15:kernel-default-devel-4.12.14-25.28.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15:kernel-default-devel-4.12.14-25.28.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15:kernel-default-devel-4.12.14-25.28.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15:kernel-default-man-4.12.14-25.28.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15:kernel-devel-4.12.14-25.28.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15:kernel-macros-4.12.14-25.28.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15:kernel-zfcpdump-4.12.14-25.28.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15:kernel-docs-4.12.14-25.28.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15:kernel-obs-build-4.12.14-25.28.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15:kernel-obs-build-4.12.14-25.28.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15:kernel-obs-build-4.12.14-25.28.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15:kernel-obs-build-4.12.14-25.28.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15:kernel-source-4.12.14-25.28.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15:kernel-syms-4.12.14-25.28.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15:kernel-syms-4.12.14-25.28.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15:kernel-syms-4.12.14-25.28.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15:kernel-syms-4.12.14-25.28.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15:kernel-vanilla-base-4.12.14-25.28.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15:kernel-vanilla-base-4.12.14-25.28.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15:kernel-vanilla-base-4.12.14-25.28.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15:kernel-vanilla-base-4.12.14-25.28.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15:reiserfs-kmp-default-4.12.14-25.28.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15:reiserfs-kmp-default-4.12.14-25.28.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15:reiserfs-kmp-default-4.12.14-25.28.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15:reiserfs-kmp-default-4.12.14-25.28.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15:kernel-default-extra-4.12.14-25.28.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.6,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:N/A:N",
"version": "3.0"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 15:cluster-md-kmp-default-4.12.14-25.28.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15:cluster-md-kmp-default-4.12.14-25.28.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15:cluster-md-kmp-default-4.12.14-25.28.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15:cluster-md-kmp-default-4.12.14-25.28.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15:dlm-kmp-default-4.12.14-25.28.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15:dlm-kmp-default-4.12.14-25.28.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15:dlm-kmp-default-4.12.14-25.28.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15:dlm-kmp-default-4.12.14-25.28.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15:gfs2-kmp-default-4.12.14-25.28.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15:gfs2-kmp-default-4.12.14-25.28.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15:gfs2-kmp-default-4.12.14-25.28.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15:gfs2-kmp-default-4.12.14-25.28.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15:ocfs2-kmp-default-4.12.14-25.28.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15:ocfs2-kmp-default-4.12.14-25.28.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15:ocfs2-kmp-default-4.12.14-25.28.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15:ocfs2-kmp-default-4.12.14-25.28.1.x86_64",
"SUSE Linux Enterprise Live Patching 15:kernel-default-livepatch-4.12.14-25.28.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15:kernel-default-livepatch-4.12.14-25.28.1.x86_64",
"SUSE Linux Enterprise Live Patching 15:kernel-livepatch-4_12_14-25_28-default-1-1.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15:kernel-livepatch-4_12_14-25_28-default-1-1.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15:kernel-default-4.12.14-25.28.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15:kernel-default-4.12.14-25.28.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15:kernel-default-4.12.14-25.28.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15:kernel-default-4.12.14-25.28.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15:kernel-default-base-4.12.14-25.28.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15:kernel-default-base-4.12.14-25.28.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15:kernel-default-base-4.12.14-25.28.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15:kernel-default-base-4.12.14-25.28.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15:kernel-default-devel-4.12.14-25.28.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15:kernel-default-devel-4.12.14-25.28.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15:kernel-default-devel-4.12.14-25.28.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15:kernel-default-devel-4.12.14-25.28.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15:kernel-default-man-4.12.14-25.28.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15:kernel-devel-4.12.14-25.28.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15:kernel-macros-4.12.14-25.28.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15:kernel-zfcpdump-4.12.14-25.28.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15:kernel-docs-4.12.14-25.28.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15:kernel-obs-build-4.12.14-25.28.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15:kernel-obs-build-4.12.14-25.28.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15:kernel-obs-build-4.12.14-25.28.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15:kernel-obs-build-4.12.14-25.28.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15:kernel-source-4.12.14-25.28.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15:kernel-syms-4.12.14-25.28.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15:kernel-syms-4.12.14-25.28.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15:kernel-syms-4.12.14-25.28.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15:kernel-syms-4.12.14-25.28.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15:kernel-vanilla-base-4.12.14-25.28.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15:kernel-vanilla-base-4.12.14-25.28.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15:kernel-vanilla-base-4.12.14-25.28.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15:kernel-vanilla-base-4.12.14-25.28.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15:reiserfs-kmp-default-4.12.14-25.28.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15:reiserfs-kmp-default-4.12.14-25.28.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15:reiserfs-kmp-default-4.12.14-25.28.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15:reiserfs-kmp-default-4.12.14-25.28.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15:kernel-default-extra-4.12.14-25.28.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2019-02-01T18:55:03Z",
"details": "moderate"
}
],
"title": "CVE-2018-18281"
},
{
"cve": "CVE-2018-18397",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2018-18397"
}
],
"notes": [
{
"category": "general",
"text": "The userfaultfd implementation in the Linux kernel before 4.19.7 mishandles access control for certain UFFDIO_ ioctl calls, as demonstrated by allowing local users to write data into holes in a tmpfs file (if the user has read-only access to that file, and that file contains holes), related to fs/userfaultfd.c and mm/userfaultfd.c.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 15:cluster-md-kmp-default-4.12.14-25.28.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15:cluster-md-kmp-default-4.12.14-25.28.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15:cluster-md-kmp-default-4.12.14-25.28.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15:cluster-md-kmp-default-4.12.14-25.28.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15:dlm-kmp-default-4.12.14-25.28.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15:dlm-kmp-default-4.12.14-25.28.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15:dlm-kmp-default-4.12.14-25.28.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15:dlm-kmp-default-4.12.14-25.28.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15:gfs2-kmp-default-4.12.14-25.28.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15:gfs2-kmp-default-4.12.14-25.28.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15:gfs2-kmp-default-4.12.14-25.28.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15:gfs2-kmp-default-4.12.14-25.28.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15:ocfs2-kmp-default-4.12.14-25.28.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15:ocfs2-kmp-default-4.12.14-25.28.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15:ocfs2-kmp-default-4.12.14-25.28.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15:ocfs2-kmp-default-4.12.14-25.28.1.x86_64",
"SUSE Linux Enterprise Live Patching 15:kernel-default-livepatch-4.12.14-25.28.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15:kernel-default-livepatch-4.12.14-25.28.1.x86_64",
"SUSE Linux Enterprise Live Patching 15:kernel-livepatch-4_12_14-25_28-default-1-1.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15:kernel-livepatch-4_12_14-25_28-default-1-1.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15:kernel-default-4.12.14-25.28.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15:kernel-default-4.12.14-25.28.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15:kernel-default-4.12.14-25.28.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15:kernel-default-4.12.14-25.28.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15:kernel-default-base-4.12.14-25.28.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15:kernel-default-base-4.12.14-25.28.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15:kernel-default-base-4.12.14-25.28.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15:kernel-default-base-4.12.14-25.28.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15:kernel-default-devel-4.12.14-25.28.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15:kernel-default-devel-4.12.14-25.28.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15:kernel-default-devel-4.12.14-25.28.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15:kernel-default-devel-4.12.14-25.28.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15:kernel-default-man-4.12.14-25.28.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15:kernel-devel-4.12.14-25.28.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15:kernel-macros-4.12.14-25.28.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15:kernel-zfcpdump-4.12.14-25.28.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15:kernel-docs-4.12.14-25.28.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15:kernel-obs-build-4.12.14-25.28.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15:kernel-obs-build-4.12.14-25.28.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15:kernel-obs-build-4.12.14-25.28.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15:kernel-obs-build-4.12.14-25.28.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15:kernel-source-4.12.14-25.28.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15:kernel-syms-4.12.14-25.28.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15:kernel-syms-4.12.14-25.28.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15:kernel-syms-4.12.14-25.28.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15:kernel-syms-4.12.14-25.28.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15:kernel-vanilla-base-4.12.14-25.28.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15:kernel-vanilla-base-4.12.14-25.28.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15:kernel-vanilla-base-4.12.14-25.28.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15:kernel-vanilla-base-4.12.14-25.28.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15:reiserfs-kmp-default-4.12.14-25.28.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15:reiserfs-kmp-default-4.12.14-25.28.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15:reiserfs-kmp-default-4.12.14-25.28.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15:reiserfs-kmp-default-4.12.14-25.28.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15:kernel-default-extra-4.12.14-25.28.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2018-18397",
"url": "https://www.suse.com/security/cve/CVE-2018-18397"
},
{
"category": "external",
"summary": "SUSE Bug 1117656 for CVE-2018-18397",
"url": "https://bugzilla.suse.com/1117656"
},
{
"category": "external",
"summary": "SUSE Bug 1171522 for CVE-2018-18397",
"url": "https://bugzilla.suse.com/1171522"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 15:cluster-md-kmp-default-4.12.14-25.28.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15:cluster-md-kmp-default-4.12.14-25.28.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15:cluster-md-kmp-default-4.12.14-25.28.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15:cluster-md-kmp-default-4.12.14-25.28.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15:dlm-kmp-default-4.12.14-25.28.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15:dlm-kmp-default-4.12.14-25.28.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15:dlm-kmp-default-4.12.14-25.28.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15:dlm-kmp-default-4.12.14-25.28.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15:gfs2-kmp-default-4.12.14-25.28.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15:gfs2-kmp-default-4.12.14-25.28.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15:gfs2-kmp-default-4.12.14-25.28.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15:gfs2-kmp-default-4.12.14-25.28.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15:ocfs2-kmp-default-4.12.14-25.28.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15:ocfs2-kmp-default-4.12.14-25.28.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15:ocfs2-kmp-default-4.12.14-25.28.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15:ocfs2-kmp-default-4.12.14-25.28.1.x86_64",
"SUSE Linux Enterprise Live Patching 15:kernel-default-livepatch-4.12.14-25.28.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15:kernel-default-livepatch-4.12.14-25.28.1.x86_64",
"SUSE Linux Enterprise Live Patching 15:kernel-livepatch-4_12_14-25_28-default-1-1.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15:kernel-livepatch-4_12_14-25_28-default-1-1.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15:kernel-default-4.12.14-25.28.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15:kernel-default-4.12.14-25.28.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15:kernel-default-4.12.14-25.28.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15:kernel-default-4.12.14-25.28.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15:kernel-default-base-4.12.14-25.28.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15:kernel-default-base-4.12.14-25.28.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15:kernel-default-base-4.12.14-25.28.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15:kernel-default-base-4.12.14-25.28.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15:kernel-default-devel-4.12.14-25.28.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15:kernel-default-devel-4.12.14-25.28.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15:kernel-default-devel-4.12.14-25.28.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15:kernel-default-devel-4.12.14-25.28.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15:kernel-default-man-4.12.14-25.28.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15:kernel-devel-4.12.14-25.28.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15:kernel-macros-4.12.14-25.28.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15:kernel-zfcpdump-4.12.14-25.28.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15:kernel-docs-4.12.14-25.28.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15:kernel-obs-build-4.12.14-25.28.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15:kernel-obs-build-4.12.14-25.28.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15:kernel-obs-build-4.12.14-25.28.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15:kernel-obs-build-4.12.14-25.28.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15:kernel-source-4.12.14-25.28.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15:kernel-syms-4.12.14-25.28.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15:kernel-syms-4.12.14-25.28.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15:kernel-syms-4.12.14-25.28.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15:kernel-syms-4.12.14-25.28.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15:kernel-vanilla-base-4.12.14-25.28.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15:kernel-vanilla-base-4.12.14-25.28.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15:kernel-vanilla-base-4.12.14-25.28.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15:kernel-vanilla-base-4.12.14-25.28.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15:reiserfs-kmp-default-4.12.14-25.28.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15:reiserfs-kmp-default-4.12.14-25.28.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15:reiserfs-kmp-default-4.12.14-25.28.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15:reiserfs-kmp-default-4.12.14-25.28.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15:kernel-default-extra-4.12.14-25.28.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:H/A:N",
"version": "3.0"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 15:cluster-md-kmp-default-4.12.14-25.28.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15:cluster-md-kmp-default-4.12.14-25.28.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15:cluster-md-kmp-default-4.12.14-25.28.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15:cluster-md-kmp-default-4.12.14-25.28.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15:dlm-kmp-default-4.12.14-25.28.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15:dlm-kmp-default-4.12.14-25.28.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15:dlm-kmp-default-4.12.14-25.28.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15:dlm-kmp-default-4.12.14-25.28.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15:gfs2-kmp-default-4.12.14-25.28.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15:gfs2-kmp-default-4.12.14-25.28.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15:gfs2-kmp-default-4.12.14-25.28.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15:gfs2-kmp-default-4.12.14-25.28.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15:ocfs2-kmp-default-4.12.14-25.28.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15:ocfs2-kmp-default-4.12.14-25.28.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15:ocfs2-kmp-default-4.12.14-25.28.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15:ocfs2-kmp-default-4.12.14-25.28.1.x86_64",
"SUSE Linux Enterprise Live Patching 15:kernel-default-livepatch-4.12.14-25.28.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15:kernel-default-livepatch-4.12.14-25.28.1.x86_64",
"SUSE Linux Enterprise Live Patching 15:kernel-livepatch-4_12_14-25_28-default-1-1.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15:kernel-livepatch-4_12_14-25_28-default-1-1.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15:kernel-default-4.12.14-25.28.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15:kernel-default-4.12.14-25.28.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15:kernel-default-4.12.14-25.28.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15:kernel-default-4.12.14-25.28.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15:kernel-default-base-4.12.14-25.28.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15:kernel-default-base-4.12.14-25.28.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15:kernel-default-base-4.12.14-25.28.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15:kernel-default-base-4.12.14-25.28.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15:kernel-default-devel-4.12.14-25.28.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15:kernel-default-devel-4.12.14-25.28.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15:kernel-default-devel-4.12.14-25.28.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15:kernel-default-devel-4.12.14-25.28.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15:kernel-default-man-4.12.14-25.28.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15:kernel-devel-4.12.14-25.28.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15:kernel-macros-4.12.14-25.28.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15:kernel-zfcpdump-4.12.14-25.28.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15:kernel-docs-4.12.14-25.28.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15:kernel-obs-build-4.12.14-25.28.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15:kernel-obs-build-4.12.14-25.28.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15:kernel-obs-build-4.12.14-25.28.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15:kernel-obs-build-4.12.14-25.28.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15:kernel-source-4.12.14-25.28.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15:kernel-syms-4.12.14-25.28.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15:kernel-syms-4.12.14-25.28.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15:kernel-syms-4.12.14-25.28.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15:kernel-syms-4.12.14-25.28.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15:kernel-vanilla-base-4.12.14-25.28.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15:kernel-vanilla-base-4.12.14-25.28.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15:kernel-vanilla-base-4.12.14-25.28.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15:kernel-vanilla-base-4.12.14-25.28.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15:reiserfs-kmp-default-4.12.14-25.28.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15:reiserfs-kmp-default-4.12.14-25.28.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15:reiserfs-kmp-default-4.12.14-25.28.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15:reiserfs-kmp-default-4.12.14-25.28.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15:kernel-default-extra-4.12.14-25.28.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2019-02-01T18:55:03Z",
"details": "moderate"
}
],
"title": "CVE-2018-18397"
},
{
"cve": "CVE-2018-18710",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2018-18710"
}
],
"notes": [
{
"category": "general",
"text": "An issue was discovered in the Linux kernel through 4.19. An information leak in cdrom_ioctl_select_disc in drivers/cdrom/cdrom.c could be used by local attackers to read kernel memory because a cast from unsigned long to int interferes with bounds checking. This is similar to CVE-2018-10940 and CVE-2018-16658.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 15:cluster-md-kmp-default-4.12.14-25.28.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15:cluster-md-kmp-default-4.12.14-25.28.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15:cluster-md-kmp-default-4.12.14-25.28.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15:cluster-md-kmp-default-4.12.14-25.28.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15:dlm-kmp-default-4.12.14-25.28.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15:dlm-kmp-default-4.12.14-25.28.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15:dlm-kmp-default-4.12.14-25.28.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15:dlm-kmp-default-4.12.14-25.28.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15:gfs2-kmp-default-4.12.14-25.28.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15:gfs2-kmp-default-4.12.14-25.28.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15:gfs2-kmp-default-4.12.14-25.28.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15:gfs2-kmp-default-4.12.14-25.28.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15:ocfs2-kmp-default-4.12.14-25.28.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15:ocfs2-kmp-default-4.12.14-25.28.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15:ocfs2-kmp-default-4.12.14-25.28.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15:ocfs2-kmp-default-4.12.14-25.28.1.x86_64",
"SUSE Linux Enterprise Live Patching 15:kernel-default-livepatch-4.12.14-25.28.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15:kernel-default-livepatch-4.12.14-25.28.1.x86_64",
"SUSE Linux Enterprise Live Patching 15:kernel-livepatch-4_12_14-25_28-default-1-1.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15:kernel-livepatch-4_12_14-25_28-default-1-1.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15:kernel-default-4.12.14-25.28.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15:kernel-default-4.12.14-25.28.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15:kernel-default-4.12.14-25.28.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15:kernel-default-4.12.14-25.28.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15:kernel-default-base-4.12.14-25.28.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15:kernel-default-base-4.12.14-25.28.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15:kernel-default-base-4.12.14-25.28.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15:kernel-default-base-4.12.14-25.28.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15:kernel-default-devel-4.12.14-25.28.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15:kernel-default-devel-4.12.14-25.28.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15:kernel-default-devel-4.12.14-25.28.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15:kernel-default-devel-4.12.14-25.28.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15:kernel-default-man-4.12.14-25.28.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15:kernel-devel-4.12.14-25.28.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15:kernel-macros-4.12.14-25.28.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15:kernel-zfcpdump-4.12.14-25.28.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15:kernel-docs-4.12.14-25.28.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15:kernel-obs-build-4.12.14-25.28.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15:kernel-obs-build-4.12.14-25.28.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15:kernel-obs-build-4.12.14-25.28.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15:kernel-obs-build-4.12.14-25.28.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15:kernel-source-4.12.14-25.28.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15:kernel-syms-4.12.14-25.28.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15:kernel-syms-4.12.14-25.28.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15:kernel-syms-4.12.14-25.28.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15:kernel-syms-4.12.14-25.28.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15:kernel-vanilla-base-4.12.14-25.28.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15:kernel-vanilla-base-4.12.14-25.28.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15:kernel-vanilla-base-4.12.14-25.28.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15:kernel-vanilla-base-4.12.14-25.28.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15:reiserfs-kmp-default-4.12.14-25.28.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15:reiserfs-kmp-default-4.12.14-25.28.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15:reiserfs-kmp-default-4.12.14-25.28.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15:reiserfs-kmp-default-4.12.14-25.28.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15:kernel-default-extra-4.12.14-25.28.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2018-18710",
"url": "https://www.suse.com/security/cve/CVE-2018-18710"
},
{
"category": "external",
"summary": "SUSE Bug 1113751 for CVE-2018-18710",
"url": "https://bugzilla.suse.com/1113751"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 15:cluster-md-kmp-default-4.12.14-25.28.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15:cluster-md-kmp-default-4.12.14-25.28.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15:cluster-md-kmp-default-4.12.14-25.28.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15:cluster-md-kmp-default-4.12.14-25.28.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15:dlm-kmp-default-4.12.14-25.28.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15:dlm-kmp-default-4.12.14-25.28.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15:dlm-kmp-default-4.12.14-25.28.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15:dlm-kmp-default-4.12.14-25.28.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15:gfs2-kmp-default-4.12.14-25.28.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15:gfs2-kmp-default-4.12.14-25.28.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15:gfs2-kmp-default-4.12.14-25.28.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15:gfs2-kmp-default-4.12.14-25.28.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15:ocfs2-kmp-default-4.12.14-25.28.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15:ocfs2-kmp-default-4.12.14-25.28.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15:ocfs2-kmp-default-4.12.14-25.28.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15:ocfs2-kmp-default-4.12.14-25.28.1.x86_64",
"SUSE Linux Enterprise Live Patching 15:kernel-default-livepatch-4.12.14-25.28.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15:kernel-default-livepatch-4.12.14-25.28.1.x86_64",
"SUSE Linux Enterprise Live Patching 15:kernel-livepatch-4_12_14-25_28-default-1-1.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15:kernel-livepatch-4_12_14-25_28-default-1-1.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15:kernel-default-4.12.14-25.28.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15:kernel-default-4.12.14-25.28.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15:kernel-default-4.12.14-25.28.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15:kernel-default-4.12.14-25.28.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15:kernel-default-base-4.12.14-25.28.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15:kernel-default-base-4.12.14-25.28.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15:kernel-default-base-4.12.14-25.28.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15:kernel-default-base-4.12.14-25.28.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15:kernel-default-devel-4.12.14-25.28.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15:kernel-default-devel-4.12.14-25.28.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15:kernel-default-devel-4.12.14-25.28.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15:kernel-default-devel-4.12.14-25.28.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15:kernel-default-man-4.12.14-25.28.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15:kernel-devel-4.12.14-25.28.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15:kernel-macros-4.12.14-25.28.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15:kernel-zfcpdump-4.12.14-25.28.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15:kernel-docs-4.12.14-25.28.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15:kernel-obs-build-4.12.14-25.28.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15:kernel-obs-build-4.12.14-25.28.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15:kernel-obs-build-4.12.14-25.28.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15:kernel-obs-build-4.12.14-25.28.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15:kernel-source-4.12.14-25.28.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15:kernel-syms-4.12.14-25.28.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15:kernel-syms-4.12.14-25.28.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15:kernel-syms-4.12.14-25.28.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15:kernel-syms-4.12.14-25.28.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15:kernel-vanilla-base-4.12.14-25.28.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15:kernel-vanilla-base-4.12.14-25.28.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15:kernel-vanilla-base-4.12.14-25.28.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15:kernel-vanilla-base-4.12.14-25.28.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15:reiserfs-kmp-default-4.12.14-25.28.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15:reiserfs-kmp-default-4.12.14-25.28.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15:reiserfs-kmp-default-4.12.14-25.28.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15:reiserfs-kmp-default-4.12.14-25.28.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15:kernel-default-extra-4.12.14-25.28.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",
"version": "3.0"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 15:cluster-md-kmp-default-4.12.14-25.28.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15:cluster-md-kmp-default-4.12.14-25.28.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15:cluster-md-kmp-default-4.12.14-25.28.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15:cluster-md-kmp-default-4.12.14-25.28.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15:dlm-kmp-default-4.12.14-25.28.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15:dlm-kmp-default-4.12.14-25.28.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15:dlm-kmp-default-4.12.14-25.28.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15:dlm-kmp-default-4.12.14-25.28.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15:gfs2-kmp-default-4.12.14-25.28.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15:gfs2-kmp-default-4.12.14-25.28.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15:gfs2-kmp-default-4.12.14-25.28.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15:gfs2-kmp-default-4.12.14-25.28.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15:ocfs2-kmp-default-4.12.14-25.28.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15:ocfs2-kmp-default-4.12.14-25.28.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15:ocfs2-kmp-default-4.12.14-25.28.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15:ocfs2-kmp-default-4.12.14-25.28.1.x86_64",
"SUSE Linux Enterprise Live Patching 15:kernel-default-livepatch-4.12.14-25.28.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15:kernel-default-livepatch-4.12.14-25.28.1.x86_64",
"SUSE Linux Enterprise Live Patching 15:kernel-livepatch-4_12_14-25_28-default-1-1.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15:kernel-livepatch-4_12_14-25_28-default-1-1.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15:kernel-default-4.12.14-25.28.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15:kernel-default-4.12.14-25.28.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15:kernel-default-4.12.14-25.28.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15:kernel-default-4.12.14-25.28.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15:kernel-default-base-4.12.14-25.28.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15:kernel-default-base-4.12.14-25.28.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15:kernel-default-base-4.12.14-25.28.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15:kernel-default-base-4.12.14-25.28.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15:kernel-default-devel-4.12.14-25.28.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15:kernel-default-devel-4.12.14-25.28.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15:kernel-default-devel-4.12.14-25.28.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15:kernel-default-devel-4.12.14-25.28.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15:kernel-default-man-4.12.14-25.28.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15:kernel-devel-4.12.14-25.28.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15:kernel-macros-4.12.14-25.28.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15:kernel-zfcpdump-4.12.14-25.28.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15:kernel-docs-4.12.14-25.28.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15:kernel-obs-build-4.12.14-25.28.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15:kernel-obs-build-4.12.14-25.28.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15:kernel-obs-build-4.12.14-25.28.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15:kernel-obs-build-4.12.14-25.28.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15:kernel-source-4.12.14-25.28.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15:kernel-syms-4.12.14-25.28.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15:kernel-syms-4.12.14-25.28.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15:kernel-syms-4.12.14-25.28.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15:kernel-syms-4.12.14-25.28.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15:kernel-vanilla-base-4.12.14-25.28.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15:kernel-vanilla-base-4.12.14-25.28.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15:kernel-vanilla-base-4.12.14-25.28.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15:kernel-vanilla-base-4.12.14-25.28.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15:reiserfs-kmp-default-4.12.14-25.28.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15:reiserfs-kmp-default-4.12.14-25.28.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15:reiserfs-kmp-default-4.12.14-25.28.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15:reiserfs-kmp-default-4.12.14-25.28.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15:kernel-default-extra-4.12.14-25.28.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2019-02-01T18:55:03Z",
"details": "moderate"
}
],
"title": "CVE-2018-18710"
},
{
"cve": "CVE-2018-19407",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2018-19407"
}
],
"notes": [
{
"category": "general",
"text": "The vcpu_scan_ioapic function in arch/x86/kvm/x86.c in the Linux kernel through 4.19.2 allows local users to cause a denial of service (NULL pointer dereference and BUG) via crafted system calls that reach a situation where ioapic is uninitialized.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 15:cluster-md-kmp-default-4.12.14-25.28.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15:cluster-md-kmp-default-4.12.14-25.28.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15:cluster-md-kmp-default-4.12.14-25.28.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15:cluster-md-kmp-default-4.12.14-25.28.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15:dlm-kmp-default-4.12.14-25.28.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15:dlm-kmp-default-4.12.14-25.28.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15:dlm-kmp-default-4.12.14-25.28.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15:dlm-kmp-default-4.12.14-25.28.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15:gfs2-kmp-default-4.12.14-25.28.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15:gfs2-kmp-default-4.12.14-25.28.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15:gfs2-kmp-default-4.12.14-25.28.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15:gfs2-kmp-default-4.12.14-25.28.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15:ocfs2-kmp-default-4.12.14-25.28.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15:ocfs2-kmp-default-4.12.14-25.28.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15:ocfs2-kmp-default-4.12.14-25.28.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15:ocfs2-kmp-default-4.12.14-25.28.1.x86_64",
"SUSE Linux Enterprise Live Patching 15:kernel-default-livepatch-4.12.14-25.28.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15:kernel-default-livepatch-4.12.14-25.28.1.x86_64",
"SUSE Linux Enterprise Live Patching 15:kernel-livepatch-4_12_14-25_28-default-1-1.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15:kernel-livepatch-4_12_14-25_28-default-1-1.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15:kernel-default-4.12.14-25.28.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15:kernel-default-4.12.14-25.28.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15:kernel-default-4.12.14-25.28.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15:kernel-default-4.12.14-25.28.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15:kernel-default-base-4.12.14-25.28.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15:kernel-default-base-4.12.14-25.28.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15:kernel-default-base-4.12.14-25.28.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15:kernel-default-base-4.12.14-25.28.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15:kernel-default-devel-4.12.14-25.28.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15:kernel-default-devel-4.12.14-25.28.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15:kernel-default-devel-4.12.14-25.28.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15:kernel-default-devel-4.12.14-25.28.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15:kernel-default-man-4.12.14-25.28.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15:kernel-devel-4.12.14-25.28.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15:kernel-macros-4.12.14-25.28.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15:kernel-zfcpdump-4.12.14-25.28.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15:kernel-docs-4.12.14-25.28.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15:kernel-obs-build-4.12.14-25.28.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15:kernel-obs-build-4.12.14-25.28.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15:kernel-obs-build-4.12.14-25.28.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15:kernel-obs-build-4.12.14-25.28.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15:kernel-source-4.12.14-25.28.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15:kernel-syms-4.12.14-25.28.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15:kernel-syms-4.12.14-25.28.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15:kernel-syms-4.12.14-25.28.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15:kernel-syms-4.12.14-25.28.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15:kernel-vanilla-base-4.12.14-25.28.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15:kernel-vanilla-base-4.12.14-25.28.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15:kernel-vanilla-base-4.12.14-25.28.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15:kernel-vanilla-base-4.12.14-25.28.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15:reiserfs-kmp-default-4.12.14-25.28.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15:reiserfs-kmp-default-4.12.14-25.28.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15:reiserfs-kmp-default-4.12.14-25.28.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15:reiserfs-kmp-default-4.12.14-25.28.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15:kernel-default-extra-4.12.14-25.28.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2018-19407",
"url": "https://www.suse.com/security/cve/CVE-2018-19407"
},
{
"category": "external",
"summary": "SUSE Bug 1116841 for CVE-2018-19407",
"url": "https://bugzilla.suse.com/1116841"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 15:cluster-md-kmp-default-4.12.14-25.28.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15:cluster-md-kmp-default-4.12.14-25.28.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15:cluster-md-kmp-default-4.12.14-25.28.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15:cluster-md-kmp-default-4.12.14-25.28.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15:dlm-kmp-default-4.12.14-25.28.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15:dlm-kmp-default-4.12.14-25.28.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15:dlm-kmp-default-4.12.14-25.28.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15:dlm-kmp-default-4.12.14-25.28.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15:gfs2-kmp-default-4.12.14-25.28.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15:gfs2-kmp-default-4.12.14-25.28.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15:gfs2-kmp-default-4.12.14-25.28.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15:gfs2-kmp-default-4.12.14-25.28.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15:ocfs2-kmp-default-4.12.14-25.28.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15:ocfs2-kmp-default-4.12.14-25.28.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15:ocfs2-kmp-default-4.12.14-25.28.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15:ocfs2-kmp-default-4.12.14-25.28.1.x86_64",
"SUSE Linux Enterprise Live Patching 15:kernel-default-livepatch-4.12.14-25.28.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15:kernel-default-livepatch-4.12.14-25.28.1.x86_64",
"SUSE Linux Enterprise Live Patching 15:kernel-livepatch-4_12_14-25_28-default-1-1.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15:kernel-livepatch-4_12_14-25_28-default-1-1.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15:kernel-default-4.12.14-25.28.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15:kernel-default-4.12.14-25.28.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15:kernel-default-4.12.14-25.28.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15:kernel-default-4.12.14-25.28.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15:kernel-default-base-4.12.14-25.28.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15:kernel-default-base-4.12.14-25.28.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15:kernel-default-base-4.12.14-25.28.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15:kernel-default-base-4.12.14-25.28.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15:kernel-default-devel-4.12.14-25.28.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15:kernel-default-devel-4.12.14-25.28.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15:kernel-default-devel-4.12.14-25.28.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15:kernel-default-devel-4.12.14-25.28.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15:kernel-default-man-4.12.14-25.28.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15:kernel-devel-4.12.14-25.28.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15:kernel-macros-4.12.14-25.28.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15:kernel-zfcpdump-4.12.14-25.28.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15:kernel-docs-4.12.14-25.28.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15:kernel-obs-build-4.12.14-25.28.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15:kernel-obs-build-4.12.14-25.28.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15:kernel-obs-build-4.12.14-25.28.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15:kernel-obs-build-4.12.14-25.28.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15:kernel-source-4.12.14-25.28.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15:kernel-syms-4.12.14-25.28.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15:kernel-syms-4.12.14-25.28.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15:kernel-syms-4.12.14-25.28.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15:kernel-syms-4.12.14-25.28.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15:kernel-vanilla-base-4.12.14-25.28.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15:kernel-vanilla-base-4.12.14-25.28.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15:kernel-vanilla-base-4.12.14-25.28.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15:kernel-vanilla-base-4.12.14-25.28.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15:reiserfs-kmp-default-4.12.14-25.28.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15:reiserfs-kmp-default-4.12.14-25.28.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15:reiserfs-kmp-default-4.12.14-25.28.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15:reiserfs-kmp-default-4.12.14-25.28.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15:kernel-default-extra-4.12.14-25.28.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.0"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 15:cluster-md-kmp-default-4.12.14-25.28.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15:cluster-md-kmp-default-4.12.14-25.28.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15:cluster-md-kmp-default-4.12.14-25.28.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15:cluster-md-kmp-default-4.12.14-25.28.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15:dlm-kmp-default-4.12.14-25.28.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15:dlm-kmp-default-4.12.14-25.28.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15:dlm-kmp-default-4.12.14-25.28.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15:dlm-kmp-default-4.12.14-25.28.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15:gfs2-kmp-default-4.12.14-25.28.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15:gfs2-kmp-default-4.12.14-25.28.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15:gfs2-kmp-default-4.12.14-25.28.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15:gfs2-kmp-default-4.12.14-25.28.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15:ocfs2-kmp-default-4.12.14-25.28.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15:ocfs2-kmp-default-4.12.14-25.28.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15:ocfs2-kmp-default-4.12.14-25.28.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15:ocfs2-kmp-default-4.12.14-25.28.1.x86_64",
"SUSE Linux Enterprise Live Patching 15:kernel-default-livepatch-4.12.14-25.28.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15:kernel-default-livepatch-4.12.14-25.28.1.x86_64",
"SUSE Linux Enterprise Live Patching 15:kernel-livepatch-4_12_14-25_28-default-1-1.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15:kernel-livepatch-4_12_14-25_28-default-1-1.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15:kernel-default-4.12.14-25.28.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15:kernel-default-4.12.14-25.28.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15:kernel-default-4.12.14-25.28.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15:kernel-default-4.12.14-25.28.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15:kernel-default-base-4.12.14-25.28.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15:kernel-default-base-4.12.14-25.28.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15:kernel-default-base-4.12.14-25.28.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15:kernel-default-base-4.12.14-25.28.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15:kernel-default-devel-4.12.14-25.28.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15:kernel-default-devel-4.12.14-25.28.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15:kernel-default-devel-4.12.14-25.28.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15:kernel-default-devel-4.12.14-25.28.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15:kernel-default-man-4.12.14-25.28.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15:kernel-devel-4.12.14-25.28.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15:kernel-macros-4.12.14-25.28.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15:kernel-zfcpdump-4.12.14-25.28.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15:kernel-docs-4.12.14-25.28.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15:kernel-obs-build-4.12.14-25.28.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15:kernel-obs-build-4.12.14-25.28.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15:kernel-obs-build-4.12.14-25.28.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15:kernel-obs-build-4.12.14-25.28.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15:kernel-source-4.12.14-25.28.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15:kernel-syms-4.12.14-25.28.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15:kernel-syms-4.12.14-25.28.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15:kernel-syms-4.12.14-25.28.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15:kernel-syms-4.12.14-25.28.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15:kernel-vanilla-base-4.12.14-25.28.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15:kernel-vanilla-base-4.12.14-25.28.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15:kernel-vanilla-base-4.12.14-25.28.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15:kernel-vanilla-base-4.12.14-25.28.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15:reiserfs-kmp-default-4.12.14-25.28.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15:reiserfs-kmp-default-4.12.14-25.28.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15:reiserfs-kmp-default-4.12.14-25.28.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15:reiserfs-kmp-default-4.12.14-25.28.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15:kernel-default-extra-4.12.14-25.28.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2019-02-01T18:55:03Z",
"details": "moderate"
}
],
"title": "CVE-2018-19407"
},
{
"cve": "CVE-2018-19824",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2018-19824"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel through 4.19.6, a local user could exploit a use-after-free in the ALSA driver by supplying a malicious USB Sound device (with zero interfaces) that is mishandled in usb_audio_probe in sound/usb/card.c.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 15:cluster-md-kmp-default-4.12.14-25.28.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15:cluster-md-kmp-default-4.12.14-25.28.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15:cluster-md-kmp-default-4.12.14-25.28.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15:cluster-md-kmp-default-4.12.14-25.28.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15:dlm-kmp-default-4.12.14-25.28.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15:dlm-kmp-default-4.12.14-25.28.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15:dlm-kmp-default-4.12.14-25.28.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15:dlm-kmp-default-4.12.14-25.28.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15:gfs2-kmp-default-4.12.14-25.28.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15:gfs2-kmp-default-4.12.14-25.28.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15:gfs2-kmp-default-4.12.14-25.28.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15:gfs2-kmp-default-4.12.14-25.28.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15:ocfs2-kmp-default-4.12.14-25.28.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15:ocfs2-kmp-default-4.12.14-25.28.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15:ocfs2-kmp-default-4.12.14-25.28.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15:ocfs2-kmp-default-4.12.14-25.28.1.x86_64",
"SUSE Linux Enterprise Live Patching 15:kernel-default-livepatch-4.12.14-25.28.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15:kernel-default-livepatch-4.12.14-25.28.1.x86_64",
"SUSE Linux Enterprise Live Patching 15:kernel-livepatch-4_12_14-25_28-default-1-1.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15:kernel-livepatch-4_12_14-25_28-default-1-1.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15:kernel-default-4.12.14-25.28.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15:kernel-default-4.12.14-25.28.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15:kernel-default-4.12.14-25.28.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15:kernel-default-4.12.14-25.28.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15:kernel-default-base-4.12.14-25.28.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15:kernel-default-base-4.12.14-25.28.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15:kernel-default-base-4.12.14-25.28.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15:kernel-default-base-4.12.14-25.28.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15:kernel-default-devel-4.12.14-25.28.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15:kernel-default-devel-4.12.14-25.28.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15:kernel-default-devel-4.12.14-25.28.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15:kernel-default-devel-4.12.14-25.28.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15:kernel-default-man-4.12.14-25.28.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15:kernel-devel-4.12.14-25.28.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15:kernel-macros-4.12.14-25.28.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15:kernel-zfcpdump-4.12.14-25.28.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15:kernel-docs-4.12.14-25.28.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15:kernel-obs-build-4.12.14-25.28.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15:kernel-obs-build-4.12.14-25.28.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15:kernel-obs-build-4.12.14-25.28.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15:kernel-obs-build-4.12.14-25.28.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15:kernel-source-4.12.14-25.28.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15:kernel-syms-4.12.14-25.28.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15:kernel-syms-4.12.14-25.28.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15:kernel-syms-4.12.14-25.28.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15:kernel-syms-4.12.14-25.28.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15:kernel-vanilla-base-4.12.14-25.28.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15:kernel-vanilla-base-4.12.14-25.28.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15:kernel-vanilla-base-4.12.14-25.28.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15:kernel-vanilla-base-4.12.14-25.28.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15:reiserfs-kmp-default-4.12.14-25.28.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15:reiserfs-kmp-default-4.12.14-25.28.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15:reiserfs-kmp-default-4.12.14-25.28.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15:reiserfs-kmp-default-4.12.14-25.28.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15:kernel-default-extra-4.12.14-25.28.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2018-19824",
"url": "https://www.suse.com/security/cve/CVE-2018-19824"
},
{
"category": "external",
"summary": "SUSE Bug 1118152 for CVE-2018-19824",
"url": "https://bugzilla.suse.com/1118152"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 15:cluster-md-kmp-default-4.12.14-25.28.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15:cluster-md-kmp-default-4.12.14-25.28.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15:cluster-md-kmp-default-4.12.14-25.28.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15:cluster-md-kmp-default-4.12.14-25.28.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15:dlm-kmp-default-4.12.14-25.28.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15:dlm-kmp-default-4.12.14-25.28.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15:dlm-kmp-default-4.12.14-25.28.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15:dlm-kmp-default-4.12.14-25.28.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15:gfs2-kmp-default-4.12.14-25.28.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15:gfs2-kmp-default-4.12.14-25.28.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15:gfs2-kmp-default-4.12.14-25.28.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15:gfs2-kmp-default-4.12.14-25.28.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15:ocfs2-kmp-default-4.12.14-25.28.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15:ocfs2-kmp-default-4.12.14-25.28.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15:ocfs2-kmp-default-4.12.14-25.28.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15:ocfs2-kmp-default-4.12.14-25.28.1.x86_64",
"SUSE Linux Enterprise Live Patching 15:kernel-default-livepatch-4.12.14-25.28.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15:kernel-default-livepatch-4.12.14-25.28.1.x86_64",
"SUSE Linux Enterprise Live Patching 15:kernel-livepatch-4_12_14-25_28-default-1-1.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15:kernel-livepatch-4_12_14-25_28-default-1-1.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15:kernel-default-4.12.14-25.28.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15:kernel-default-4.12.14-25.28.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15:kernel-default-4.12.14-25.28.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15:kernel-default-4.12.14-25.28.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15:kernel-default-base-4.12.14-25.28.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15:kernel-default-base-4.12.14-25.28.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15:kernel-default-base-4.12.14-25.28.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15:kernel-default-base-4.12.14-25.28.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15:kernel-default-devel-4.12.14-25.28.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15:kernel-default-devel-4.12.14-25.28.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15:kernel-default-devel-4.12.14-25.28.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15:kernel-default-devel-4.12.14-25.28.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15:kernel-default-man-4.12.14-25.28.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15:kernel-devel-4.12.14-25.28.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15:kernel-macros-4.12.14-25.28.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15:kernel-zfcpdump-4.12.14-25.28.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15:kernel-docs-4.12.14-25.28.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15:kernel-obs-build-4.12.14-25.28.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15:kernel-obs-build-4.12.14-25.28.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15:kernel-obs-build-4.12.14-25.28.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15:kernel-obs-build-4.12.14-25.28.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15:kernel-source-4.12.14-25.28.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15:kernel-syms-4.12.14-25.28.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15:kernel-syms-4.12.14-25.28.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15:kernel-syms-4.12.14-25.28.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15:kernel-syms-4.12.14-25.28.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15:kernel-vanilla-base-4.12.14-25.28.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15:kernel-vanilla-base-4.12.14-25.28.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15:kernel-vanilla-base-4.12.14-25.28.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15:kernel-vanilla-base-4.12.14-25.28.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15:reiserfs-kmp-default-4.12.14-25.28.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15:reiserfs-kmp-default-4.12.14-25.28.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15:reiserfs-kmp-default-4.12.14-25.28.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15:reiserfs-kmp-default-4.12.14-25.28.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15:kernel-default-extra-4.12.14-25.28.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.6,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.0/AV:P/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 15:cluster-md-kmp-default-4.12.14-25.28.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15:cluster-md-kmp-default-4.12.14-25.28.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15:cluster-md-kmp-default-4.12.14-25.28.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15:cluster-md-kmp-default-4.12.14-25.28.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15:dlm-kmp-default-4.12.14-25.28.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15:dlm-kmp-default-4.12.14-25.28.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15:dlm-kmp-default-4.12.14-25.28.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15:dlm-kmp-default-4.12.14-25.28.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15:gfs2-kmp-default-4.12.14-25.28.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15:gfs2-kmp-default-4.12.14-25.28.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15:gfs2-kmp-default-4.12.14-25.28.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15:gfs2-kmp-default-4.12.14-25.28.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15:ocfs2-kmp-default-4.12.14-25.28.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15:ocfs2-kmp-default-4.12.14-25.28.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15:ocfs2-kmp-default-4.12.14-25.28.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15:ocfs2-kmp-default-4.12.14-25.28.1.x86_64",
"SUSE Linux Enterprise Live Patching 15:kernel-default-livepatch-4.12.14-25.28.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15:kernel-default-livepatch-4.12.14-25.28.1.x86_64",
"SUSE Linux Enterprise Live Patching 15:kernel-livepatch-4_12_14-25_28-default-1-1.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15:kernel-livepatch-4_12_14-25_28-default-1-1.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15:kernel-default-4.12.14-25.28.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15:kernel-default-4.12.14-25.28.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15:kernel-default-4.12.14-25.28.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15:kernel-default-4.12.14-25.28.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15:kernel-default-base-4.12.14-25.28.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15:kernel-default-base-4.12.14-25.28.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15:kernel-default-base-4.12.14-25.28.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15:kernel-default-base-4.12.14-25.28.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15:kernel-default-devel-4.12.14-25.28.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15:kernel-default-devel-4.12.14-25.28.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15:kernel-default-devel-4.12.14-25.28.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15:kernel-default-devel-4.12.14-25.28.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15:kernel-default-man-4.12.14-25.28.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15:kernel-devel-4.12.14-25.28.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15:kernel-macros-4.12.14-25.28.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15:kernel-zfcpdump-4.12.14-25.28.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15:kernel-docs-4.12.14-25.28.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15:kernel-obs-build-4.12.14-25.28.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15:kernel-obs-build-4.12.14-25.28.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15:kernel-obs-build-4.12.14-25.28.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15:kernel-obs-build-4.12.14-25.28.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15:kernel-source-4.12.14-25.28.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15:kernel-syms-4.12.14-25.28.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15:kernel-syms-4.12.14-25.28.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15:kernel-syms-4.12.14-25.28.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15:kernel-syms-4.12.14-25.28.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15:kernel-vanilla-base-4.12.14-25.28.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15:kernel-vanilla-base-4.12.14-25.28.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15:kernel-vanilla-base-4.12.14-25.28.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15:kernel-vanilla-base-4.12.14-25.28.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15:reiserfs-kmp-default-4.12.14-25.28.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15:reiserfs-kmp-default-4.12.14-25.28.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15:reiserfs-kmp-default-4.12.14-25.28.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15:reiserfs-kmp-default-4.12.14-25.28.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15:kernel-default-extra-4.12.14-25.28.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2019-02-01T18:55:03Z",
"details": "moderate"
}
],
"title": "CVE-2018-19824"
},
{
"cve": "CVE-2018-19854",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2018-19854"
}
],
"notes": [
{
"category": "general",
"text": "An issue was discovered in the Linux kernel before 4.19.3. crypto_report_one() and related functions in crypto/crypto_user.c (the crypto user configuration API) do not fully initialize structures that are copied to userspace, potentially leaking sensitive memory to user programs. NOTE: this is a CVE-2013-2547 regression but with easier exploitability because the attacker does not need a capability (however, the system must have the CONFIG_CRYPTO_USER kconfig option).",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 15:cluster-md-kmp-default-4.12.14-25.28.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15:cluster-md-kmp-default-4.12.14-25.28.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15:cluster-md-kmp-default-4.12.14-25.28.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15:cluster-md-kmp-default-4.12.14-25.28.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15:dlm-kmp-default-4.12.14-25.28.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15:dlm-kmp-default-4.12.14-25.28.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15:dlm-kmp-default-4.12.14-25.28.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15:dlm-kmp-default-4.12.14-25.28.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15:gfs2-kmp-default-4.12.14-25.28.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15:gfs2-kmp-default-4.12.14-25.28.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15:gfs2-kmp-default-4.12.14-25.28.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15:gfs2-kmp-default-4.12.14-25.28.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15:ocfs2-kmp-default-4.12.14-25.28.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15:ocfs2-kmp-default-4.12.14-25.28.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15:ocfs2-kmp-default-4.12.14-25.28.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15:ocfs2-kmp-default-4.12.14-25.28.1.x86_64",
"SUSE Linux Enterprise Live Patching 15:kernel-default-livepatch-4.12.14-25.28.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15:kernel-default-livepatch-4.12.14-25.28.1.x86_64",
"SUSE Linux Enterprise Live Patching 15:kernel-livepatch-4_12_14-25_28-default-1-1.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15:kernel-livepatch-4_12_14-25_28-default-1-1.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15:kernel-default-4.12.14-25.28.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15:kernel-default-4.12.14-25.28.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15:kernel-default-4.12.14-25.28.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15:kernel-default-4.12.14-25.28.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15:kernel-default-base-4.12.14-25.28.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15:kernel-default-base-4.12.14-25.28.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15:kernel-default-base-4.12.14-25.28.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15:kernel-default-base-4.12.14-25.28.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15:kernel-default-devel-4.12.14-25.28.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15:kernel-default-devel-4.12.14-25.28.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15:kernel-default-devel-4.12.14-25.28.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15:kernel-default-devel-4.12.14-25.28.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15:kernel-default-man-4.12.14-25.28.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15:kernel-devel-4.12.14-25.28.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15:kernel-macros-4.12.14-25.28.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15:kernel-zfcpdump-4.12.14-25.28.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15:kernel-docs-4.12.14-25.28.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15:kernel-obs-build-4.12.14-25.28.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15:kernel-obs-build-4.12.14-25.28.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15:kernel-obs-build-4.12.14-25.28.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15:kernel-obs-build-4.12.14-25.28.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15:kernel-source-4.12.14-25.28.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15:kernel-syms-4.12.14-25.28.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15:kernel-syms-4.12.14-25.28.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15:kernel-syms-4.12.14-25.28.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15:kernel-syms-4.12.14-25.28.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15:kernel-vanilla-base-4.12.14-25.28.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15:kernel-vanilla-base-4.12.14-25.28.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15:kernel-vanilla-base-4.12.14-25.28.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15:kernel-vanilla-base-4.12.14-25.28.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15:reiserfs-kmp-default-4.12.14-25.28.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15:reiserfs-kmp-default-4.12.14-25.28.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15:reiserfs-kmp-default-4.12.14-25.28.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15:reiserfs-kmp-default-4.12.14-25.28.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15:kernel-default-extra-4.12.14-25.28.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2018-19854",
"url": "https://www.suse.com/security/cve/CVE-2018-19854"
},
{
"category": "external",
"summary": "SUSE Bug 1118428 for CVE-2018-19854",
"url": "https://bugzilla.suse.com/1118428"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 15:cluster-md-kmp-default-4.12.14-25.28.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15:cluster-md-kmp-default-4.12.14-25.28.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15:cluster-md-kmp-default-4.12.14-25.28.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15:cluster-md-kmp-default-4.12.14-25.28.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15:dlm-kmp-default-4.12.14-25.28.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15:dlm-kmp-default-4.12.14-25.28.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15:dlm-kmp-default-4.12.14-25.28.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15:dlm-kmp-default-4.12.14-25.28.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15:gfs2-kmp-default-4.12.14-25.28.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15:gfs2-kmp-default-4.12.14-25.28.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15:gfs2-kmp-default-4.12.14-25.28.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15:gfs2-kmp-default-4.12.14-25.28.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15:ocfs2-kmp-default-4.12.14-25.28.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15:ocfs2-kmp-default-4.12.14-25.28.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15:ocfs2-kmp-default-4.12.14-25.28.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15:ocfs2-kmp-default-4.12.14-25.28.1.x86_64",
"SUSE Linux Enterprise Live Patching 15:kernel-default-livepatch-4.12.14-25.28.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15:kernel-default-livepatch-4.12.14-25.28.1.x86_64",
"SUSE Linux Enterprise Live Patching 15:kernel-livepatch-4_12_14-25_28-default-1-1.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15:kernel-livepatch-4_12_14-25_28-default-1-1.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15:kernel-default-4.12.14-25.28.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15:kernel-default-4.12.14-25.28.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15:kernel-default-4.12.14-25.28.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15:kernel-default-4.12.14-25.28.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15:kernel-default-base-4.12.14-25.28.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15:kernel-default-base-4.12.14-25.28.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15:kernel-default-base-4.12.14-25.28.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15:kernel-default-base-4.12.14-25.28.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15:kernel-default-devel-4.12.14-25.28.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15:kernel-default-devel-4.12.14-25.28.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15:kernel-default-devel-4.12.14-25.28.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15:kernel-default-devel-4.12.14-25.28.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15:kernel-default-man-4.12.14-25.28.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15:kernel-devel-4.12.14-25.28.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15:kernel-macros-4.12.14-25.28.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15:kernel-zfcpdump-4.12.14-25.28.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15:kernel-docs-4.12.14-25.28.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15:kernel-obs-build-4.12.14-25.28.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15:kernel-obs-build-4.12.14-25.28.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15:kernel-obs-build-4.12.14-25.28.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15:kernel-obs-build-4.12.14-25.28.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15:kernel-source-4.12.14-25.28.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15:kernel-syms-4.12.14-25.28.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15:kernel-syms-4.12.14-25.28.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15:kernel-syms-4.12.14-25.28.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15:kernel-syms-4.12.14-25.28.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15:kernel-vanilla-base-4.12.14-25.28.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15:kernel-vanilla-base-4.12.14-25.28.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15:kernel-vanilla-base-4.12.14-25.28.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15:kernel-vanilla-base-4.12.14-25.28.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15:reiserfs-kmp-default-4.12.14-25.28.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15:reiserfs-kmp-default-4.12.14-25.28.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15:reiserfs-kmp-default-4.12.14-25.28.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15:reiserfs-kmp-default-4.12.14-25.28.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15:kernel-default-extra-4.12.14-25.28.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N",
"version": "3.0"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 15:cluster-md-kmp-default-4.12.14-25.28.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15:cluster-md-kmp-default-4.12.14-25.28.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15:cluster-md-kmp-default-4.12.14-25.28.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15:cluster-md-kmp-default-4.12.14-25.28.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15:dlm-kmp-default-4.12.14-25.28.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15:dlm-kmp-default-4.12.14-25.28.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15:dlm-kmp-default-4.12.14-25.28.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15:dlm-kmp-default-4.12.14-25.28.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15:gfs2-kmp-default-4.12.14-25.28.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15:gfs2-kmp-default-4.12.14-25.28.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15:gfs2-kmp-default-4.12.14-25.28.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15:gfs2-kmp-default-4.12.14-25.28.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15:ocfs2-kmp-default-4.12.14-25.28.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15:ocfs2-kmp-default-4.12.14-25.28.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15:ocfs2-kmp-default-4.12.14-25.28.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15:ocfs2-kmp-default-4.12.14-25.28.1.x86_64",
"SUSE Linux Enterprise Live Patching 15:kernel-default-livepatch-4.12.14-25.28.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15:kernel-default-livepatch-4.12.14-25.28.1.x86_64",
"SUSE Linux Enterprise Live Patching 15:kernel-livepatch-4_12_14-25_28-default-1-1.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15:kernel-livepatch-4_12_14-25_28-default-1-1.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15:kernel-default-4.12.14-25.28.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15:kernel-default-4.12.14-25.28.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15:kernel-default-4.12.14-25.28.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15:kernel-default-4.12.14-25.28.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15:kernel-default-base-4.12.14-25.28.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15:kernel-default-base-4.12.14-25.28.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15:kernel-default-base-4.12.14-25.28.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15:kernel-default-base-4.12.14-25.28.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15:kernel-default-devel-4.12.14-25.28.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15:kernel-default-devel-4.12.14-25.28.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15:kernel-default-devel-4.12.14-25.28.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15:kernel-default-devel-4.12.14-25.28.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15:kernel-default-man-4.12.14-25.28.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15:kernel-devel-4.12.14-25.28.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15:kernel-macros-4.12.14-25.28.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15:kernel-zfcpdump-4.12.14-25.28.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15:kernel-docs-4.12.14-25.28.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15:kernel-obs-build-4.12.14-25.28.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15:kernel-obs-build-4.12.14-25.28.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15:kernel-obs-build-4.12.14-25.28.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15:kernel-obs-build-4.12.14-25.28.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15:kernel-source-4.12.14-25.28.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15:kernel-syms-4.12.14-25.28.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15:kernel-syms-4.12.14-25.28.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15:kernel-syms-4.12.14-25.28.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15:kernel-syms-4.12.14-25.28.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15:kernel-vanilla-base-4.12.14-25.28.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15:kernel-vanilla-base-4.12.14-25.28.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15:kernel-vanilla-base-4.12.14-25.28.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15:kernel-vanilla-base-4.12.14-25.28.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15:reiserfs-kmp-default-4.12.14-25.28.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15:reiserfs-kmp-default-4.12.14-25.28.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15:reiserfs-kmp-default-4.12.14-25.28.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15:reiserfs-kmp-default-4.12.14-25.28.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15:kernel-default-extra-4.12.14-25.28.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2019-02-01T18:55:03Z",
"details": "low"
}
],
"title": "CVE-2018-19854"
},
{
"cve": "CVE-2018-19985",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2018-19985"
}
],
"notes": [
{
"category": "general",
"text": "The function hso_get_config_data in drivers/net/usb/hso.c in the Linux kernel through 4.19.8 reads if_num from the USB device (as a u8) and uses it to index a small array, resulting in an object out-of-bounds (OOB) read that potentially allows arbitrary read in the kernel address space.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 15:cluster-md-kmp-default-4.12.14-25.28.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15:cluster-md-kmp-default-4.12.14-25.28.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15:cluster-md-kmp-default-4.12.14-25.28.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15:cluster-md-kmp-default-4.12.14-25.28.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15:dlm-kmp-default-4.12.14-25.28.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15:dlm-kmp-default-4.12.14-25.28.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15:dlm-kmp-default-4.12.14-25.28.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15:dlm-kmp-default-4.12.14-25.28.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15:gfs2-kmp-default-4.12.14-25.28.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15:gfs2-kmp-default-4.12.14-25.28.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15:gfs2-kmp-default-4.12.14-25.28.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15:gfs2-kmp-default-4.12.14-25.28.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15:ocfs2-kmp-default-4.12.14-25.28.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15:ocfs2-kmp-default-4.12.14-25.28.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15:ocfs2-kmp-default-4.12.14-25.28.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15:ocfs2-kmp-default-4.12.14-25.28.1.x86_64",
"SUSE Linux Enterprise Live Patching 15:kernel-default-livepatch-4.12.14-25.28.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15:kernel-default-livepatch-4.12.14-25.28.1.x86_64",
"SUSE Linux Enterprise Live Patching 15:kernel-livepatch-4_12_14-25_28-default-1-1.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15:kernel-livepatch-4_12_14-25_28-default-1-1.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15:kernel-default-4.12.14-25.28.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15:kernel-default-4.12.14-25.28.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15:kernel-default-4.12.14-25.28.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15:kernel-default-4.12.14-25.28.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15:kernel-default-base-4.12.14-25.28.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15:kernel-default-base-4.12.14-25.28.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15:kernel-default-base-4.12.14-25.28.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15:kernel-default-base-4.12.14-25.28.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15:kernel-default-devel-4.12.14-25.28.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15:kernel-default-devel-4.12.14-25.28.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15:kernel-default-devel-4.12.14-25.28.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15:kernel-default-devel-4.12.14-25.28.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15:kernel-default-man-4.12.14-25.28.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15:kernel-devel-4.12.14-25.28.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15:kernel-macros-4.12.14-25.28.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15:kernel-zfcpdump-4.12.14-25.28.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15:kernel-docs-4.12.14-25.28.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15:kernel-obs-build-4.12.14-25.28.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15:kernel-obs-build-4.12.14-25.28.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15:kernel-obs-build-4.12.14-25.28.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15:kernel-obs-build-4.12.14-25.28.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15:kernel-source-4.12.14-25.28.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15:kernel-syms-4.12.14-25.28.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15:kernel-syms-4.12.14-25.28.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15:kernel-syms-4.12.14-25.28.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15:kernel-syms-4.12.14-25.28.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15:kernel-vanilla-base-4.12.14-25.28.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15:kernel-vanilla-base-4.12.14-25.28.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15:kernel-vanilla-base-4.12.14-25.28.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15:kernel-vanilla-base-4.12.14-25.28.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15:reiserfs-kmp-default-4.12.14-25.28.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15:reiserfs-kmp-default-4.12.14-25.28.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15:reiserfs-kmp-default-4.12.14-25.28.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15:reiserfs-kmp-default-4.12.14-25.28.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15:kernel-default-extra-4.12.14-25.28.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2018-19985",
"url": "https://www.suse.com/security/cve/CVE-2018-19985"
},
{
"category": "external",
"summary": "SUSE Bug 1120743 for CVE-2018-19985",
"url": "https://bugzilla.suse.com/1120743"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 15:cluster-md-kmp-default-4.12.14-25.28.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15:cluster-md-kmp-default-4.12.14-25.28.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15:cluster-md-kmp-default-4.12.14-25.28.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15:cluster-md-kmp-default-4.12.14-25.28.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15:dlm-kmp-default-4.12.14-25.28.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15:dlm-kmp-default-4.12.14-25.28.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15:dlm-kmp-default-4.12.14-25.28.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15:dlm-kmp-default-4.12.14-25.28.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15:gfs2-kmp-default-4.12.14-25.28.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15:gfs2-kmp-default-4.12.14-25.28.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15:gfs2-kmp-default-4.12.14-25.28.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15:gfs2-kmp-default-4.12.14-25.28.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15:ocfs2-kmp-default-4.12.14-25.28.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15:ocfs2-kmp-default-4.12.14-25.28.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15:ocfs2-kmp-default-4.12.14-25.28.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15:ocfs2-kmp-default-4.12.14-25.28.1.x86_64",
"SUSE Linux Enterprise Live Patching 15:kernel-default-livepatch-4.12.14-25.28.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15:kernel-default-livepatch-4.12.14-25.28.1.x86_64",
"SUSE Linux Enterprise Live Patching 15:kernel-livepatch-4_12_14-25_28-default-1-1.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15:kernel-livepatch-4_12_14-25_28-default-1-1.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15:kernel-default-4.12.14-25.28.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15:kernel-default-4.12.14-25.28.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15:kernel-default-4.12.14-25.28.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15:kernel-default-4.12.14-25.28.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15:kernel-default-base-4.12.14-25.28.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15:kernel-default-base-4.12.14-25.28.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15:kernel-default-base-4.12.14-25.28.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15:kernel-default-base-4.12.14-25.28.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15:kernel-default-devel-4.12.14-25.28.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15:kernel-default-devel-4.12.14-25.28.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15:kernel-default-devel-4.12.14-25.28.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15:kernel-default-devel-4.12.14-25.28.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15:kernel-default-man-4.12.14-25.28.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15:kernel-devel-4.12.14-25.28.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15:kernel-macros-4.12.14-25.28.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15:kernel-zfcpdump-4.12.14-25.28.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15:kernel-docs-4.12.14-25.28.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15:kernel-obs-build-4.12.14-25.28.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15:kernel-obs-build-4.12.14-25.28.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15:kernel-obs-build-4.12.14-25.28.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15:kernel-obs-build-4.12.14-25.28.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15:kernel-source-4.12.14-25.28.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15:kernel-syms-4.12.14-25.28.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15:kernel-syms-4.12.14-25.28.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15:kernel-syms-4.12.14-25.28.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15:kernel-syms-4.12.14-25.28.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15:kernel-vanilla-base-4.12.14-25.28.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15:kernel-vanilla-base-4.12.14-25.28.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15:kernel-vanilla-base-4.12.14-25.28.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15:kernel-vanilla-base-4.12.14-25.28.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15:reiserfs-kmp-default-4.12.14-25.28.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15:reiserfs-kmp-default-4.12.14-25.28.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15:reiserfs-kmp-default-4.12.14-25.28.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15:reiserfs-kmp-default-4.12.14-25.28.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15:kernel-default-extra-4.12.14-25.28.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N",
"version": "3.0"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 15:cluster-md-kmp-default-4.12.14-25.28.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15:cluster-md-kmp-default-4.12.14-25.28.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15:cluster-md-kmp-default-4.12.14-25.28.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15:cluster-md-kmp-default-4.12.14-25.28.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15:dlm-kmp-default-4.12.14-25.28.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15:dlm-kmp-default-4.12.14-25.28.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15:dlm-kmp-default-4.12.14-25.28.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15:dlm-kmp-default-4.12.14-25.28.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15:gfs2-kmp-default-4.12.14-25.28.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15:gfs2-kmp-default-4.12.14-25.28.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15:gfs2-kmp-default-4.12.14-25.28.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15:gfs2-kmp-default-4.12.14-25.28.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15:ocfs2-kmp-default-4.12.14-25.28.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15:ocfs2-kmp-default-4.12.14-25.28.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15:ocfs2-kmp-default-4.12.14-25.28.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15:ocfs2-kmp-default-4.12.14-25.28.1.x86_64",
"SUSE Linux Enterprise Live Patching 15:kernel-default-livepatch-4.12.14-25.28.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15:kernel-default-livepatch-4.12.14-25.28.1.x86_64",
"SUSE Linux Enterprise Live Patching 15:kernel-livepatch-4_12_14-25_28-default-1-1.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15:kernel-livepatch-4_12_14-25_28-default-1-1.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15:kernel-default-4.12.14-25.28.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15:kernel-default-4.12.14-25.28.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15:kernel-default-4.12.14-25.28.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15:kernel-default-4.12.14-25.28.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15:kernel-default-base-4.12.14-25.28.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15:kernel-default-base-4.12.14-25.28.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15:kernel-default-base-4.12.14-25.28.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15:kernel-default-base-4.12.14-25.28.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15:kernel-default-devel-4.12.14-25.28.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15:kernel-default-devel-4.12.14-25.28.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15:kernel-default-devel-4.12.14-25.28.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15:kernel-default-devel-4.12.14-25.28.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15:kernel-default-man-4.12.14-25.28.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15:kernel-devel-4.12.14-25.28.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15:kernel-macros-4.12.14-25.28.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15:kernel-zfcpdump-4.12.14-25.28.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15:kernel-docs-4.12.14-25.28.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15:kernel-obs-build-4.12.14-25.28.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15:kernel-obs-build-4.12.14-25.28.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15:kernel-obs-build-4.12.14-25.28.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15:kernel-obs-build-4.12.14-25.28.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15:kernel-source-4.12.14-25.28.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15:kernel-syms-4.12.14-25.28.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15:kernel-syms-4.12.14-25.28.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15:kernel-syms-4.12.14-25.28.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15:kernel-syms-4.12.14-25.28.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15:kernel-vanilla-base-4.12.14-25.28.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15:kernel-vanilla-base-4.12.14-25.28.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15:kernel-vanilla-base-4.12.14-25.28.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15:kernel-vanilla-base-4.12.14-25.28.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15:reiserfs-kmp-default-4.12.14-25.28.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15:reiserfs-kmp-default-4.12.14-25.28.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15:reiserfs-kmp-default-4.12.14-25.28.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15:reiserfs-kmp-default-4.12.14-25.28.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15:kernel-default-extra-4.12.14-25.28.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2019-02-01T18:55:03Z",
"details": "low"
}
],
"title": "CVE-2018-19985"
},
{
"cve": "CVE-2018-20169",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2018-20169"
}
],
"notes": [
{
"category": "general",
"text": "An issue was discovered in the Linux kernel before 4.19.9. The USB subsystem mishandles size checks during the reading of an extra descriptor, related to __usb_get_extra_descriptor in drivers/usb/core/usb.c.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 15:cluster-md-kmp-default-4.12.14-25.28.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15:cluster-md-kmp-default-4.12.14-25.28.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15:cluster-md-kmp-default-4.12.14-25.28.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15:cluster-md-kmp-default-4.12.14-25.28.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15:dlm-kmp-default-4.12.14-25.28.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15:dlm-kmp-default-4.12.14-25.28.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15:dlm-kmp-default-4.12.14-25.28.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15:dlm-kmp-default-4.12.14-25.28.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15:gfs2-kmp-default-4.12.14-25.28.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15:gfs2-kmp-default-4.12.14-25.28.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15:gfs2-kmp-default-4.12.14-25.28.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15:gfs2-kmp-default-4.12.14-25.28.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15:ocfs2-kmp-default-4.12.14-25.28.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15:ocfs2-kmp-default-4.12.14-25.28.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15:ocfs2-kmp-default-4.12.14-25.28.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15:ocfs2-kmp-default-4.12.14-25.28.1.x86_64",
"SUSE Linux Enterprise Live Patching 15:kernel-default-livepatch-4.12.14-25.28.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15:kernel-default-livepatch-4.12.14-25.28.1.x86_64",
"SUSE Linux Enterprise Live Patching 15:kernel-livepatch-4_12_14-25_28-default-1-1.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15:kernel-livepatch-4_12_14-25_28-default-1-1.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15:kernel-default-4.12.14-25.28.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15:kernel-default-4.12.14-25.28.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15:kernel-default-4.12.14-25.28.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15:kernel-default-4.12.14-25.28.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15:kernel-default-base-4.12.14-25.28.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15:kernel-default-base-4.12.14-25.28.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15:kernel-default-base-4.12.14-25.28.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15:kernel-default-base-4.12.14-25.28.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15:kernel-default-devel-4.12.14-25.28.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15:kernel-default-devel-4.12.14-25.28.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15:kernel-default-devel-4.12.14-25.28.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15:kernel-default-devel-4.12.14-25.28.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15:kernel-default-man-4.12.14-25.28.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15:kernel-devel-4.12.14-25.28.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15:kernel-macros-4.12.14-25.28.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15:kernel-zfcpdump-4.12.14-25.28.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15:kernel-docs-4.12.14-25.28.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15:kernel-obs-build-4.12.14-25.28.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15:kernel-obs-build-4.12.14-25.28.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15:kernel-obs-build-4.12.14-25.28.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15:kernel-obs-build-4.12.14-25.28.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15:kernel-source-4.12.14-25.28.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15:kernel-syms-4.12.14-25.28.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15:kernel-syms-4.12.14-25.28.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15:kernel-syms-4.12.14-25.28.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15:kernel-syms-4.12.14-25.28.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15:kernel-vanilla-base-4.12.14-25.28.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15:kernel-vanilla-base-4.12.14-25.28.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15:kernel-vanilla-base-4.12.14-25.28.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15:kernel-vanilla-base-4.12.14-25.28.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15:reiserfs-kmp-default-4.12.14-25.28.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15:reiserfs-kmp-default-4.12.14-25.28.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15:reiserfs-kmp-default-4.12.14-25.28.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15:reiserfs-kmp-default-4.12.14-25.28.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15:kernel-default-extra-4.12.14-25.28.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2018-20169",
"url": "https://www.suse.com/security/cve/CVE-2018-20169"
},
{
"category": "external",
"summary": "SUSE Bug 1119714 for CVE-2018-20169",
"url": "https://bugzilla.suse.com/1119714"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 15:cluster-md-kmp-default-4.12.14-25.28.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15:cluster-md-kmp-default-4.12.14-25.28.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15:cluster-md-kmp-default-4.12.14-25.28.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15:cluster-md-kmp-default-4.12.14-25.28.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15:dlm-kmp-default-4.12.14-25.28.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15:dlm-kmp-default-4.12.14-25.28.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15:dlm-kmp-default-4.12.14-25.28.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15:dlm-kmp-default-4.12.14-25.28.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15:gfs2-kmp-default-4.12.14-25.28.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15:gfs2-kmp-default-4.12.14-25.28.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15:gfs2-kmp-default-4.12.14-25.28.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15:gfs2-kmp-default-4.12.14-25.28.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15:ocfs2-kmp-default-4.12.14-25.28.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15:ocfs2-kmp-default-4.12.14-25.28.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15:ocfs2-kmp-default-4.12.14-25.28.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15:ocfs2-kmp-default-4.12.14-25.28.1.x86_64",
"SUSE Linux Enterprise Live Patching 15:kernel-default-livepatch-4.12.14-25.28.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15:kernel-default-livepatch-4.12.14-25.28.1.x86_64",
"SUSE Linux Enterprise Live Patching 15:kernel-livepatch-4_12_14-25_28-default-1-1.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15:kernel-livepatch-4_12_14-25_28-default-1-1.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15:kernel-default-4.12.14-25.28.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15:kernel-default-4.12.14-25.28.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15:kernel-default-4.12.14-25.28.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15:kernel-default-4.12.14-25.28.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15:kernel-default-base-4.12.14-25.28.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15:kernel-default-base-4.12.14-25.28.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15:kernel-default-base-4.12.14-25.28.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15:kernel-default-base-4.12.14-25.28.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15:kernel-default-devel-4.12.14-25.28.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15:kernel-default-devel-4.12.14-25.28.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15:kernel-default-devel-4.12.14-25.28.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15:kernel-default-devel-4.12.14-25.28.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15:kernel-default-man-4.12.14-25.28.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15:kernel-devel-4.12.14-25.28.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15:kernel-macros-4.12.14-25.28.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15:kernel-zfcpdump-4.12.14-25.28.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15:kernel-docs-4.12.14-25.28.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15:kernel-obs-build-4.12.14-25.28.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15:kernel-obs-build-4.12.14-25.28.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15:kernel-obs-build-4.12.14-25.28.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15:kernel-obs-build-4.12.14-25.28.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15:kernel-source-4.12.14-25.28.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15:kernel-syms-4.12.14-25.28.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15:kernel-syms-4.12.14-25.28.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15:kernel-syms-4.12.14-25.28.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15:kernel-syms-4.12.14-25.28.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15:kernel-vanilla-base-4.12.14-25.28.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15:kernel-vanilla-base-4.12.14-25.28.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15:kernel-vanilla-base-4.12.14-25.28.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15:kernel-vanilla-base-4.12.14-25.28.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15:reiserfs-kmp-default-4.12.14-25.28.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15:reiserfs-kmp-default-4.12.14-25.28.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15:reiserfs-kmp-default-4.12.14-25.28.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15:reiserfs-kmp-default-4.12.14-25.28.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15:kernel-default-extra-4.12.14-25.28.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.0/AV:P/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 15:cluster-md-kmp-default-4.12.14-25.28.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15:cluster-md-kmp-default-4.12.14-25.28.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15:cluster-md-kmp-default-4.12.14-25.28.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15:cluster-md-kmp-default-4.12.14-25.28.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15:dlm-kmp-default-4.12.14-25.28.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15:dlm-kmp-default-4.12.14-25.28.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15:dlm-kmp-default-4.12.14-25.28.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15:dlm-kmp-default-4.12.14-25.28.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15:gfs2-kmp-default-4.12.14-25.28.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15:gfs2-kmp-default-4.12.14-25.28.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15:gfs2-kmp-default-4.12.14-25.28.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15:gfs2-kmp-default-4.12.14-25.28.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15:ocfs2-kmp-default-4.12.14-25.28.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15:ocfs2-kmp-default-4.12.14-25.28.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15:ocfs2-kmp-default-4.12.14-25.28.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15:ocfs2-kmp-default-4.12.14-25.28.1.x86_64",
"SUSE Linux Enterprise Live Patching 15:kernel-default-livepatch-4.12.14-25.28.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15:kernel-default-livepatch-4.12.14-25.28.1.x86_64",
"SUSE Linux Enterprise Live Patching 15:kernel-livepatch-4_12_14-25_28-default-1-1.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15:kernel-livepatch-4_12_14-25_28-default-1-1.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15:kernel-default-4.12.14-25.28.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15:kernel-default-4.12.14-25.28.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15:kernel-default-4.12.14-25.28.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15:kernel-default-4.12.14-25.28.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15:kernel-default-base-4.12.14-25.28.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15:kernel-default-base-4.12.14-25.28.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15:kernel-default-base-4.12.14-25.28.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15:kernel-default-base-4.12.14-25.28.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15:kernel-default-devel-4.12.14-25.28.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15:kernel-default-devel-4.12.14-25.28.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15:kernel-default-devel-4.12.14-25.28.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15:kernel-default-devel-4.12.14-25.28.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15:kernel-default-man-4.12.14-25.28.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15:kernel-devel-4.12.14-25.28.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15:kernel-macros-4.12.14-25.28.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15:kernel-zfcpdump-4.12.14-25.28.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15:kernel-docs-4.12.14-25.28.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15:kernel-obs-build-4.12.14-25.28.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15:kernel-obs-build-4.12.14-25.28.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15:kernel-obs-build-4.12.14-25.28.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15:kernel-obs-build-4.12.14-25.28.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15:kernel-source-4.12.14-25.28.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15:kernel-syms-4.12.14-25.28.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15:kernel-syms-4.12.14-25.28.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15:kernel-syms-4.12.14-25.28.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15:kernel-syms-4.12.14-25.28.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15:kernel-vanilla-base-4.12.14-25.28.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15:kernel-vanilla-base-4.12.14-25.28.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15:kernel-vanilla-base-4.12.14-25.28.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15:kernel-vanilla-base-4.12.14-25.28.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15:reiserfs-kmp-default-4.12.14-25.28.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15:reiserfs-kmp-default-4.12.14-25.28.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15:reiserfs-kmp-default-4.12.14-25.28.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15:reiserfs-kmp-default-4.12.14-25.28.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15:kernel-default-extra-4.12.14-25.28.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2019-02-01T18:55:03Z",
"details": "moderate"
}
],
"title": "CVE-2018-20169"
},
{
"cve": "CVE-2018-9568",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2018-9568"
}
],
"notes": [
{
"category": "general",
"text": "In sk_clone_lock of sock.c, there is a possible memory corruption due to type confusion. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation. Product: Android. Versions: Android kernel. Android ID: A-113509306. References: Upstream kernel.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 15:cluster-md-kmp-default-4.12.14-25.28.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15:cluster-md-kmp-default-4.12.14-25.28.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15:cluster-md-kmp-default-4.12.14-25.28.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15:cluster-md-kmp-default-4.12.14-25.28.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15:dlm-kmp-default-4.12.14-25.28.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15:dlm-kmp-default-4.12.14-25.28.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15:dlm-kmp-default-4.12.14-25.28.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15:dlm-kmp-default-4.12.14-25.28.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15:gfs2-kmp-default-4.12.14-25.28.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15:gfs2-kmp-default-4.12.14-25.28.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15:gfs2-kmp-default-4.12.14-25.28.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15:gfs2-kmp-default-4.12.14-25.28.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15:ocfs2-kmp-default-4.12.14-25.28.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15:ocfs2-kmp-default-4.12.14-25.28.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15:ocfs2-kmp-default-4.12.14-25.28.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15:ocfs2-kmp-default-4.12.14-25.28.1.x86_64",
"SUSE Linux Enterprise Live Patching 15:kernel-default-livepatch-4.12.14-25.28.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15:kernel-default-livepatch-4.12.14-25.28.1.x86_64",
"SUSE Linux Enterprise Live Patching 15:kernel-livepatch-4_12_14-25_28-default-1-1.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15:kernel-livepatch-4_12_14-25_28-default-1-1.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15:kernel-default-4.12.14-25.28.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15:kernel-default-4.12.14-25.28.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15:kernel-default-4.12.14-25.28.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15:kernel-default-4.12.14-25.28.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15:kernel-default-base-4.12.14-25.28.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15:kernel-default-base-4.12.14-25.28.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15:kernel-default-base-4.12.14-25.28.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15:kernel-default-base-4.12.14-25.28.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15:kernel-default-devel-4.12.14-25.28.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15:kernel-default-devel-4.12.14-25.28.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15:kernel-default-devel-4.12.14-25.28.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15:kernel-default-devel-4.12.14-25.28.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15:kernel-default-man-4.12.14-25.28.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15:kernel-devel-4.12.14-25.28.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15:kernel-macros-4.12.14-25.28.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15:kernel-zfcpdump-4.12.14-25.28.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15:kernel-docs-4.12.14-25.28.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15:kernel-obs-build-4.12.14-25.28.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15:kernel-obs-build-4.12.14-25.28.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15:kernel-obs-build-4.12.14-25.28.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15:kernel-obs-build-4.12.14-25.28.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15:kernel-source-4.12.14-25.28.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15:kernel-syms-4.12.14-25.28.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15:kernel-syms-4.12.14-25.28.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15:kernel-syms-4.12.14-25.28.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15:kernel-syms-4.12.14-25.28.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15:kernel-vanilla-base-4.12.14-25.28.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15:kernel-vanilla-base-4.12.14-25.28.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15:kernel-vanilla-base-4.12.14-25.28.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15:kernel-vanilla-base-4.12.14-25.28.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15:reiserfs-kmp-default-4.12.14-25.28.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15:reiserfs-kmp-default-4.12.14-25.28.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15:reiserfs-kmp-default-4.12.14-25.28.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15:reiserfs-kmp-default-4.12.14-25.28.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15:kernel-default-extra-4.12.14-25.28.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2018-9568",
"url": "https://www.suse.com/security/cve/CVE-2018-9568"
},
{
"category": "external",
"summary": "SUSE Bug 1118319 for CVE-2018-9568",
"url": "https://bugzilla.suse.com/1118319"
},
{
"category": "external",
"summary": "SUSE Bug 1118320 for CVE-2018-9568",
"url": "https://bugzilla.suse.com/1118320"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 15:cluster-md-kmp-default-4.12.14-25.28.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15:cluster-md-kmp-default-4.12.14-25.28.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15:cluster-md-kmp-default-4.12.14-25.28.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15:cluster-md-kmp-default-4.12.14-25.28.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15:dlm-kmp-default-4.12.14-25.28.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15:dlm-kmp-default-4.12.14-25.28.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15:dlm-kmp-default-4.12.14-25.28.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15:dlm-kmp-default-4.12.14-25.28.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15:gfs2-kmp-default-4.12.14-25.28.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15:gfs2-kmp-default-4.12.14-25.28.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15:gfs2-kmp-default-4.12.14-25.28.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15:gfs2-kmp-default-4.12.14-25.28.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15:ocfs2-kmp-default-4.12.14-25.28.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15:ocfs2-kmp-default-4.12.14-25.28.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15:ocfs2-kmp-default-4.12.14-25.28.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15:ocfs2-kmp-default-4.12.14-25.28.1.x86_64",
"SUSE Linux Enterprise Live Patching 15:kernel-default-livepatch-4.12.14-25.28.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15:kernel-default-livepatch-4.12.14-25.28.1.x86_64",
"SUSE Linux Enterprise Live Patching 15:kernel-livepatch-4_12_14-25_28-default-1-1.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15:kernel-livepatch-4_12_14-25_28-default-1-1.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15:kernel-default-4.12.14-25.28.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15:kernel-default-4.12.14-25.28.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15:kernel-default-4.12.14-25.28.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15:kernel-default-4.12.14-25.28.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15:kernel-default-base-4.12.14-25.28.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15:kernel-default-base-4.12.14-25.28.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15:kernel-default-base-4.12.14-25.28.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15:kernel-default-base-4.12.14-25.28.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15:kernel-default-devel-4.12.14-25.28.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15:kernel-default-devel-4.12.14-25.28.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15:kernel-default-devel-4.12.14-25.28.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15:kernel-default-devel-4.12.14-25.28.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15:kernel-default-man-4.12.14-25.28.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15:kernel-devel-4.12.14-25.28.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15:kernel-macros-4.12.14-25.28.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15:kernel-zfcpdump-4.12.14-25.28.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15:kernel-docs-4.12.14-25.28.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15:kernel-obs-build-4.12.14-25.28.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15:kernel-obs-build-4.12.14-25.28.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15:kernel-obs-build-4.12.14-25.28.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15:kernel-obs-build-4.12.14-25.28.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15:kernel-source-4.12.14-25.28.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15:kernel-syms-4.12.14-25.28.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15:kernel-syms-4.12.14-25.28.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15:kernel-syms-4.12.14-25.28.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15:kernel-syms-4.12.14-25.28.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15:kernel-vanilla-base-4.12.14-25.28.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15:kernel-vanilla-base-4.12.14-25.28.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15:kernel-vanilla-base-4.12.14-25.28.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15:kernel-vanilla-base-4.12.14-25.28.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15:reiserfs-kmp-default-4.12.14-25.28.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15:reiserfs-kmp-default-4.12.14-25.28.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15:reiserfs-kmp-default-4.12.14-25.28.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15:reiserfs-kmp-default-4.12.14-25.28.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15:kernel-default-extra-4.12.14-25.28.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.4,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.0/AV:L/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 15:cluster-md-kmp-default-4.12.14-25.28.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15:cluster-md-kmp-default-4.12.14-25.28.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15:cluster-md-kmp-default-4.12.14-25.28.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15:cluster-md-kmp-default-4.12.14-25.28.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15:dlm-kmp-default-4.12.14-25.28.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15:dlm-kmp-default-4.12.14-25.28.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15:dlm-kmp-default-4.12.14-25.28.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15:dlm-kmp-default-4.12.14-25.28.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15:gfs2-kmp-default-4.12.14-25.28.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15:gfs2-kmp-default-4.12.14-25.28.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15:gfs2-kmp-default-4.12.14-25.28.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15:gfs2-kmp-default-4.12.14-25.28.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15:ocfs2-kmp-default-4.12.14-25.28.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15:ocfs2-kmp-default-4.12.14-25.28.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15:ocfs2-kmp-default-4.12.14-25.28.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15:ocfs2-kmp-default-4.12.14-25.28.1.x86_64",
"SUSE Linux Enterprise Live Patching 15:kernel-default-livepatch-4.12.14-25.28.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15:kernel-default-livepatch-4.12.14-25.28.1.x86_64",
"SUSE Linux Enterprise Live Patching 15:kernel-livepatch-4_12_14-25_28-default-1-1.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15:kernel-livepatch-4_12_14-25_28-default-1-1.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15:kernel-default-4.12.14-25.28.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15:kernel-default-4.12.14-25.28.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15:kernel-default-4.12.14-25.28.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15:kernel-default-4.12.14-25.28.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15:kernel-default-base-4.12.14-25.28.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15:kernel-default-base-4.12.14-25.28.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15:kernel-default-base-4.12.14-25.28.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15:kernel-default-base-4.12.14-25.28.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15:kernel-default-devel-4.12.14-25.28.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15:kernel-default-devel-4.12.14-25.28.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15:kernel-default-devel-4.12.14-25.28.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15:kernel-default-devel-4.12.14-25.28.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15:kernel-default-man-4.12.14-25.28.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15:kernel-devel-4.12.14-25.28.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15:kernel-macros-4.12.14-25.28.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15:kernel-zfcpdump-4.12.14-25.28.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15:kernel-docs-4.12.14-25.28.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15:kernel-obs-build-4.12.14-25.28.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15:kernel-obs-build-4.12.14-25.28.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15:kernel-obs-build-4.12.14-25.28.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15:kernel-obs-build-4.12.14-25.28.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15:kernel-source-4.12.14-25.28.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15:kernel-syms-4.12.14-25.28.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15:kernel-syms-4.12.14-25.28.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15:kernel-syms-4.12.14-25.28.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15:kernel-syms-4.12.14-25.28.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15:kernel-vanilla-base-4.12.14-25.28.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15:kernel-vanilla-base-4.12.14-25.28.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15:kernel-vanilla-base-4.12.14-25.28.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15:kernel-vanilla-base-4.12.14-25.28.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15:reiserfs-kmp-default-4.12.14-25.28.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15:reiserfs-kmp-default-4.12.14-25.28.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15:reiserfs-kmp-default-4.12.14-25.28.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15:reiserfs-kmp-default-4.12.14-25.28.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15:kernel-default-extra-4.12.14-25.28.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2019-02-01T18:55:03Z",
"details": "moderate"
}
],
"title": "CVE-2018-9568"
}
]
}
SUSE-SU-2019:0320-1
Vulnerability from csaf_suse - Published: 2019-02-11 15:15 - Updated: 2019-02-11 15:15Summary
Security update for the Linux Kernel
Notes
Title of the patch
Security update for the Linux Kernel
Description of the patch
The SUSE Linux Enterprise 12 SP3 Realtime kernel was updated to receive various security and bugfixes.
The following security bugs were fixed:
- CVE-2018-19407: The vcpu_scan_ioapic function in arch/x86/kvm/x86.c allowed local users to cause a denial of service (NULL pointer dereference and BUG) via crafted system calls that reach a situation where ioapic is uninitialized (bnc#1116841).
- CVE-2018-19985: The function hso_probe read if_num from the USB device (as an u8) and used it without a length check to index an array, resulting in an OOB memory read in hso_probe or hso_get_config_data that could be used by local attackers (bsc#1120743).
- CVE-2018-1120: By mmap()ing a FUSE-backed file onto a process's memory containing command line arguments (or environment strings), an attacker can cause utilities from psutils or procps (such as ps, w) or any other program which made a read() call to the /proc/<pid>/cmdline (or /proc/<pid>/environ) files to block indefinitely (denial of service) or for some controlled time (as a synchronization primitive for other attacks) (bnc#1093158).
- CVE-2017-16939: The XFRM dump policy implementation in net/xfrm/xfrm_user.c allowed local users to gain privileges or cause a denial of service (use-after-free) via a crafted SO_RCVBUF setsockopt system call in conjunction with XFRM_MSG_GETPOLICY Netlink messages (bnc#1069702).
- CVE-2018-16884: NFS41+ shares mounted in different network namespaces at the same time could make bc_svc_process() use wrong back-channel IDs and cause a use-after-free vulnerability. Thus a malicious container user can cause a host kernel memory corruption and a system panic. Due to the nature of the flaw, privilege escalation cannot be fully ruled out (bnc#1119946).
- CVE-2018-20169: The USB subsystem mishandled size checks during the reading of an extra descriptor, related to __usb_get_extra_descriptor in drivers/usb/core/usb.c (bnc#1119714).
- CVE-2018-9568: In sk_clone_lock of sock.c, there is a possible memory corruption due to type confusion. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation. (bnc#1118319).
- CVE-2018-16862: A security flaw was found in a way that the cleancache subsystem clears an inode after the final file truncation (removal). The new file created with the same inode may contain leftover pages from cleancache and the old file data instead of the new one (bnc#1117186).
- CVE-2018-19824: A local user could exploit a use-after-free in the ALSA driver by supplying a malicious USB Sound device (with zero interfaces) that is mishandled in usb_audio_probe in sound/usb/card.c (bnc#1118152).
The following non-security bugs were fixed:
- 9p: clear dangling pointers in p9stat_free (bnc#1012382).
- 9p locks: fix glock.client_id leak in do_lock (bnc#1012382).
- 9p/net: put a lower bound on msize (bnc#1012382).
- ACPI/IORT: Fix iort_get_platform_device_domain() uninitialized pointer value (bsc#1121239).
- ACPI/LPSS: Add alternative ACPI HIDs for Cherry Trail DMA controllers (bnc#1012382).
- ACPI/nfit, x86/mce: Handle only uncorrectable machine checks (bsc#1114648).
- ACPI/nfit, x86/mce: Validate a MCE's address before using it (bsc#1114648).
- ACPI/platform: Add SMB0001 HID to forbidden_id_list (bnc#1012382).
- af_iucv: Move sockaddr length checks to before accessing sa_family in bind and connect handlers (bnc#1012382).
- ahci: do not ignore result code of ahci_reset_controller() (bnc#1012382).
- aio: fix spectre gadget in lookup_ioctx (bnc#1012382).
- aio: hold an extra file reference over AIO read/write operations (bsc#1116027).
- ALSA: ac97: Fix incorrect bit shift at AC97-SPSA control write (bnc#1012382).
- ALSA: ca0106: Disable IZD on SB0570 DAC to fix audio pops (bnc#1012382).
- ALSA: control: Fix race between adding and removing a user element (bnc#1012382).
- ALSA: cs46xx: Potential NULL dereference in probe (bnc#1012382).
- ALSA: emu10k1: Fix potential Spectre v1 vulnerabilities (bnc#1012382).
- ALSA: emux: Fix potential Spectre v1 vulnerabilities (bnc#1012382).
- ALSA: hda - Add mic quirk for the Lenovo G50-30 (17aa:3905) (bnc#1012382).
- ALSA: hda: add mute LED support for HP EliteBook 840 G4 (bnc#1012382).
- ALSA: hda: Add support for AMD Stoney Ridge (bnc#1012382).
- ALSA: hda: Check the non-cached stream buffers more explicitly (bnc#1012382).
- ALSA: hda/tegra: clear pending irq handlers (bnc#1012382).
- ALSA: isa/wavefront: prevent some out of bound writes (bnc#1012382).
- ALSA: pcm: Call snd_pcm_unlink() conditionally at closing (bnc#1012382).
- ALSA: pcm: Fix interval evaluation with openmin/max (bnc#1012382).
- ALSA: pcm: Fix potential Spectre v1 vulnerability (bnc#1012382).
- ALSA: pcm: Fix starvation on down_write_nonblock() (bnc#1012382).
- ALSA: pcm: remove SNDRV_PCM_IOCTL1_INFO internal command (bnc#1012382).
- ALSA: rme9652: Fix potential Spectre v1 vulnerability (bnc#1012382).
- ALSA: sparc: Fix invalid snd_free_pages() at error path (bnc#1012382).
- ALSA: timer: Fix zero-division by continue of uninitialized instance (bnc#1012382).
- ALSA: trident: Suppress gcc string warning (bnc#1012382).
- ALSA: usb-audio: Avoid access before bLength check in build_audio_procunit() (bnc#1012382).
- ALSA: usb-audio: Fix an out-of-bound read in create_composite_quirks (bnc#1012382).
- ALSA: wss: Fix invalid snd_free_pages() at error path (bnc#1012382).
- amd/iommu: Fix Guest Virtual APIC Log Tail Address Register (bsc#1106105).
- ARC: change defconfig defaults to ARCv2 (bnc#1012382).
- arc: [devboards] Add support of NFSv3 ACL (bnc#1012382).
- arch/alpha, termios: implement BOTHER, IBSHIFT and termios2 (bnc#1012382).
- ARC: io.h: Implement reads{x}()/writes{x}() (bnc#1012382).
- arm64: Disable asm-operand-width warning for clang (bnc#1012382).
- arm64: dts: stratix10: Correct System Manager register size (bnc#1012382).
- arm64: hardcode rodata_enabled=true earlier in the series (bsc#1114763).
- arm64: PCI: ACPI support for legacy IRQs parsing and consolidation with DT code (bsc#985031).
- arm64: percpu: Initialize ret in the default case (bnc#1012382).
- arm64: remove no-op -p linker flag (bnc#1012382).
- arm: 8799/1: mm: fix pci_ioremap_io() offset check (bnc#1012382).
- arm: 8814/1: mm: improve/fix ARM v7_dma_inv_range() unaligned address handling (bnc#1012382).
- arm: dts: apq8064: add ahci ports-implemented mask (bnc#1012382).
- arm: dts: imx53-qsb: disable 1.2GHz OPP (bnc#1012382).
- arm: fix mis-applied iommu identity check (bsc#1116924).
- arm: imx: update the cpu power up timing setting on i.mx6sx (bnc#1012382).
- arm: kvm: fix building with gcc-8 (bsc#1121241).
- arm: OMAP1: ams-delta: Fix possible use of uninitialized field (bnc#1012382).
- arm: OMAP2+: prm44xx: Fix section annotation on omap44xx_prm_enable_io_wakeup (bnc#1012382).
- asix: Check for supported Wake-on-LAN modes (bnc#1012382).
- ASoC: ak4613: Enable cache usage to fix crashes on resume (bnc#1012382).
- ASoC: dapm: Recalculate audio map forcely when card instantiated (bnc#1012382).
- ASoC: omap-dmic: Add pm_qos handling to avoid overruns with CPU_IDLE (bnc#1012382).
- ASoC: omap-mcpdm: Add pm_qos handling to avoid under/overruns with CPU_IDLE (bnc#1012382).
- ASoC: spear: fix error return code in spdif_in_probe() (bnc#1012382).
- ASoC: wm8940: Enable cache usage to fix crashes on resume (bnc#1012382).
- ataflop: fix error handling during setup (bnc#1012382).
- ath10k: fix kernel panic due to race in accessing arvif list (bnc#1012382).
- ath10k: schedule hardware restart if WMI command times out (bnc#1012382).
- ax25: fix a use-after-free in ax25_fillin_cb() (bnc#1012382).
- ax88179_178a: Check for supported Wake-on-LAN modes (bnc#1012382).
- b43: Fix error in cordic routine (bnc#1012382).
- batman-adv: Expand merged fragment buffer for full packet (bnc#1012382).
- bcache: fix miss key refill->end in writeback (bnc#1012382).
- bfs: add sanity check at bfs_fill_super() (bnc#1012382).
- binfmt_elf: fix calculations for bss padding (bnc#1012382).
- bitops: protect variables in bit_clear_unless() macro (bsc#1116285).
- block: fix inheriting request priority from bio (bsc#1116924).
- block: respect virtual boundary mask in bvecs (bsc#1113412).
- Bluetooth: btbcm: Add entry for BCM4335C0 UART bluetooth (bnc#1012382).
- Bluetooth: SMP: fix crash in unpairing (bnc#1012382).
- bna: ethtool: Avoid reading past end of buffer (bnc#1012382).
- bnx2x: Assign unique DMAE channel number for FW DMAE transactions (bnc#1012382).
- bonding: fix 802.3ad state sent to partner when unbinding slave (bnc#1012382).
- bpf: fix check of allowed specifiers in bpf_trace_printk (bnc#1012382).
- bpf: generally move prog destruction to RCU deferral (bnc#1012382).
- bpf: support 8-byte metafield access (bnc#1012382).
- bpf, trace: check event type in bpf_perf_event_read (bsc#1119970).
- bpf, trace: use READ_ONCE for retrieving file ptr (bsc#1119967).
- bpf/verifier: Add spi variable to check_stack_write() (bnc#1012382).
- bpf/verifier: Pass instruction index to check_mem_access() and check_xadd() (bnc#1012382).
- bridge: do not add port to router list when receives query with source 0.0.0.0 (bnc#1012382).
- btrfs: Always try all copies when reading extent buffers (bnc#1012382).
- btrfs: do not attempt to trim devices that do not support it (bnc#1012382).
- btrfs: ensure path name is null terminated at btrfs_control_ioctl (bnc#1012382).
- btrfs: fix backport error in submit_stripe_bio (bsc#1114763).
- btrfs: fix data corruption due to cloning of eof block (bnc#1012382).
- btrfs: Fix memory barriers usage with device stats counters (git-fixes).
- btrfs: fix null pointer dereference on compressed write path error (bnc#1012382).
- btrfs: fix pinned underflow after transaction aborted (bnc#1012382).
- btrfs: fix use-after-free when dumping free space (bnc#1012382).
- btrfs: fix wrong dentries after fsync of file that got its parent replaced (bnc#1012382).
- btrfs: Handle error from btrfs_uuid_tree_rem call in _btrfs_ioctl_set_received_subvol (git-fixes).
- btrfs: Handle owner mismatch gracefully when walking up tree (bnc#1012382).
- btrfs: iterate all devices during trim, instead of fs_devices::alloc_list (bnc#1012382).
- btrfs: locking: Add extra check in btrfs_init_new_buffer() to avoid deadlock (bnc#1012382).
- btrfs: make sure we create all new block groups (bnc#1012382).
- btrfs: qgroup: Dirty all qgroups before rescan (bnc#1012382).
- btrfs: release metadata before running delayed refs (bnc#1012382).
- btrfs: reset max_extent_size on clear in a bitmap (bnc#1012382).
- btrfs: send, fix infinite loop due to directory rename dependencies (bnc#1012382).
- btrfs: set max_extent_size properly (bnc#1012382).
- btrfs: wait on caching when putting the bg cache (bnc#1012382).
- cachefiles: fix the race between cachefiles_bury_object() and rmdir(2) (bnc#1012382).
- can: dev: __can_get_echo_skb(): Do not crash the kernel if can_priv::echo_skb is accessed out of bounds (bnc#1012382).
- can: dev: can_get_echo_skb(): factor out non sending code to __can_get_echo_skb() (bnc#1012382).
- can: dev: __can_get_echo_skb(): print error message, if trying to echo non existing skb (bnc#1012382).
- can: dev: __can_get_echo_skb(): replace struct can_frame by canfd_frame to access frame length (bnc#1012382).
- can: rcar_can: Fix erroneous registration (bnc#1012382).
- cdc-acm: correct counting of UART states in serial state notification (bnc#1012382).
- cdc-acm: fix abnormal DATA RX issue for Mediatek Preloader (bnc#1012382).
- ceph: call setattr_prepare from ceph_setattr instead of inode_change_ok (bsc#1114763).
- ceph: do not update importing cap's mseq when handing cap export (bsc#1121275).
- ceph: fix dentry leak in ceph_readdir_prepopulate (bsc#1114839).
- ceph: quota: fix null pointer dereference in quota check (bsc#1114839).
- cfg80211: reg: Init wiphy_idx in regulatory_hint_core() (bnc#1012382).
- CIFS: Fix error mapping for SMB2_LOCK command which caused OFD lock problem (bnc#1012382).
- cifs: Fix separator when building path from dentry (bnc#1012382).
- CIFS: handle guest access errors to Windows shares (bnc#1012382).
- cifs: In Kconfig CONFIG_CIFS_POSIX needs depends on legacy (insecure cifs) (bnc#1012382).
- clk: mmp: Off by one in mmp_clk_add() (bnc#1012382).
- clk: s2mps11: Add used attribute to s2mps11_dt_match (git-fixes).
- clk: s2mps11: Fix matching when built as module and DT node contains compatible (bnc#1012382).
- clk: samsung: exynos5420: Enable PERIS clocks for suspend (bnc#1012382).
- clockevents/drivers/i8253: Add support for PIT shutdown quirk (bnc#1012382).
- configfs: replace strncpy with memcpy (bnc#1012382).
- cpufeature: avoid warning when compiling with clang (Git-fixes).
- cpufreq: imx6q: add return value check for voltage scale (bnc#1012382).
- cpuidle: Do not access cpuidle_devices when !CONFIG_CPU_IDLE (bnc#1012382).
- Cramfs: fix abad comparison when wrap-arounds occur (bnc#1012382).
- crypto: arm64/sha - avoid non-standard inline asm tricks (bnc#1012382).
- crypto: lrw - Fix out-of bounds access on counter overflow (bnc#1012382).
- crypto: shash - Fix a sleep-in-atomic bug in shash_setkey_unaligned (bnc#1012382).
- crypto, x86: aesni - fix token pasting for clang (bnc#1012382).
- crypto: x86/chacha20 - avoid sleeping with preemption disabled (bnc#1012382).
- cw1200: Do not leak memory if krealloc failes (bnc#1012382).
- cxgb4: Add support for new flash parts (bsc#1102439).
- cxgb4: assume flash part size to be 4MB, if it can't be determined (bsc#1102439).
- cxgb4: Fix FW flash errors (bsc#1102439).
- cxgb4: fix missing break in switch and indent return statements (bsc#1102439).
- cxgb4: support new ISSI flash parts (bsc#1102439).
- debugobjects: avoid recursive calls with kmemleak (bnc#1012382).
- disable stringop truncation warnings for now (bnc#1012382).
- dlm: fixed memory leaks after failed ls_remove_names allocation (bnc#1012382).
- dlm: lost put_lkb on error path in receive_convert() and receive_unlock() (bnc#1012382).
- dlm: memory leaks on error path in dlm_user_request() (bnc#1012382).
- dlm: possible memory leak on error path in create_lkb() (bnc#1012382).
- dmaengine: at_hdmac: fix memory leak in at_dma_xlate() (bnc#1012382).
- dmaengine: at_hdmac: fix module unloading (bnc#1012382).
- dmaengine: dma-jz4780: Return error if not probed from DT (bnc#1012382).
- dm cache metadata: ignore hints array being too small during resize (Git-fixes).
- dm ioctl: harden copy_params()'s copy_from_user() from malicious users (bnc#1012382).
- dm-multipath: do not assign cmd_flags in setup_clone() (bsc#1103156).
- dm raid: stop using BUG() in __rdev_sectors() (bsc#1046264). This syncs with the upstream fix which caught a case where it returning 0 may have caused incorrect behavior.
- dm thin: stop no_space_timeout worker when switching to write-mode (Git-fixes).
- dpaa_eth: fix dpaa_get_stats64 to match prototype (bsc#1114763).
- driver/dma/ioat: Call del_timer_sync() without holding prep_lock (bnc#1012382).
- drivers: hv: vmbus: check the creation_status in vmbus_establish_gpadl() (bsc#1104098).
- drivers: hv: vmbus: Return -EINVAL for the sys files for unopened channels (bnc#1012382).
- drivers/misc/sgi-gru: fix Spectre v1 vulnerability (bnc#1012382).
- drivers/sbus/char: add of_node_put() (bnc#1012382).
- drivers/tty: add missing of_node_put() (bnc#1012382).
- drm/ast: change resolution may cause screen blurred (bnc#1012382).
- drm/ast: fixed cursor may disappear sometimes (bnc#1012382).
- drm/ast: fixed reading monitor EDID not stable issue (bnc#1012382).
- drm/ast: Fix incorrect free on ioregs (bsc#1106929)
- drm/ast: Remove existing framebuffers before loading driver (boo#1112963)
- drm/dp_mst: Check if primary mstb is null (bnc#1012382).
- drm/fb-helper: Ignore the value of fb_var_screeninfo.pixclock (bsc#1106929)
- drm/hisilicon: hibmc: Do not carry error code in HiBMC framebuffer (bsc#1113766)
- drm/hisilicon: hibmc: Do not overwrite fb helper surface depth (bsc#1113766)
- drm/i915/hdmi: Add HDMI 2.0 audio clock recovery N values (bnc#1012382).
- drm/ioctl: Fix Spectre v1 vulnerabilities (bnc#1012382).
- drm/msm: Grab a vblank reference when waiting for commit_done (bnc#1012382).
- drm/nouveau/fbcon: fix oops without fbdev emulation (bnc#1012382).
- drm/omap: fix memory barrier bug in DMM driver (bnc#1012382).
- drm: rcar-du: Fix external clock error checks (bsc#1106929)
- drm: rcar-du: Fix vblank initialization (bsc#1106929)
- drm/rockchip: Allow driver to be shutdown on reboot/kexec (bnc#1012382).
- e1000: avoid null pointer dereference on invalid stat type (bnc#1012382).
- e1000: fix race condition between e1000_down() and e1000_watchdog (bnc#1012382).
- efi/libstub/arm64: Force 'hidden' visibility for section markers (bnc#1012382).
- efi/libstub/arm64: Set -fpie when building the EFI stub (bnc#1012382).
- exec: avoid gcc-8 warning for get_task_comm (bnc#1012382).
- exportfs: do not read dentry after free (bnc#1012382).
- ext2: fix potential use after free (bnc#1012382).
- ext4: add missing brelse() add_new_gdb_meta_bg()'s error path (bnc#1012382).
- ext4: add missing brelse() in set_flexbg_block_bitmap()'s error path (bnc#1012382).
- ext4: add missing brelse() update_backups()'s error path (bnc#1012382).
- ext4: avoid buffer leak in ext4_orphan_add() after prior errors (bnc#1012382).
- ext4: avoid possible double brelse() in add_new_gdb() on error path (bnc#1012382).
- ext4: avoid potential extra brelse in setup_new_flex_group_blocks() (bnc#1012382).
- ext4: fix argument checking in EXT4_IOC_MOVE_EXT (bnc#1012382).
- ext4: fix buffer leak in __ext4_read_dirblock() on error path (bnc#1012382).
- ext4: fix buffer leak in ext4_xattr_move_to_block() on error path (bnc#1012382).
- ext4: fix EXT4_IOC_GROUP_ADD ioctl (bnc#1012382).
- ext4: fix missing cleanup if ext4_alloc_flex_bg_array() fails while resizing (bnc#1012382).
- ext4: fix possible inode leak in the retry loop of ext4_resize_fs() (bnc#1012382).
- ext4: fix possible leak of sbi->s_group_desc_leak in error path (bnc#1012382).
- ext4: fix possible use after free in ext4_quota_enable (bnc#1012382).
- ext4: force inode writes when nfsd calls commit_metadata() (bnc#1012382).
- ext4: initialize retries variable in ext4_da_write_inline_data_begin() (bnc#1012382).
- ext4: missing unlock/put_page() in ext4_try_to_write_inline_data() (bnc#1012382).
- ext4: release bs.bh before re-using in ext4_xattr_block_find() (bnc#1012382).
- fbdev: fbcon: Fix unregister crash when more than one framebuffer (bsc#1106929)
- fbdev: fbmem: behave better with small rotated displays and many CPUs (bsc#1106929)
- fcoe: remove duplicate debugging message in fcoe_ctlr_vn_add (bsc#1114763).
- Fix kABI for 'Ensure we commit after writeback is complete' (bsc#1111809).
- floppy: fix race condition in __floppy_read_block_0() (Git-fixes).
- flow_dissector: do not dissect l4 ports for fragments (bnc#1012382).
- fork: record start_time late (bnc#1012382).
- fscache, cachefiles: remove redundant variable 'cache' (bnc#1012382).
- fscache: fix race between enablement and dropping of object (bsc#1107385).
- fscache: Fix race in fscache_op_complete() due to split atomic_sub & read (Git-fixes).
- fscache: Pass the correct cancelled indications to fscache_op_complete() (Git-fixes).
- fs, elf: make sure to page align bss in load_elf_library (bnc#1012382).
- fs/exofs: fix potential memory leak in mount option parsing (bnc#1012382).
- fs/fat/fatent.c: add cond_resched() to fat_count_free_clusters() (bnc#1012382).
- fuse: Dont call set_page_dirty_lock() for ITER_BVEC pages for async_dio (bnc#1012382).
- fuse: fix blocked_waitq wakeup (bnc#1012382).
- fuse: fix leaked notify reply (bnc#1012382).
- fuse: Fix use-after-free in fuse_dev_do_read() (bnc#1012382).
- fuse: Fix use-after-free in fuse_dev_do_write() (bnc#1012382).
- fuse: set FR_SENT while locked (bnc#1012382).
- genirq: Fix race on spurious interrupt detection (bnc#1012382).
- genwqe: Fix size check (bnc#1012382).
- gfs2: Do not leave s_fs_info pointing to freed memory in init_sbd (bnc#1012382).
- gfs2: Fix loop in gfs2_rbm_find (bnc#1012382).
- gfs2_meta: ->mount() can get NULL dev_name (bnc#1012382).
- gfs2: Put bitmap buffers in put_super (bnc#1012382).
- git_sort.py: Remove non-existent remote tj/libata
- gpio: max7301: fix driver for use with CONFIG_VMAP_STACK (bnc#1012382).
- gpio: msic: fix error return code in platform_msic_gpio_probe() (bnc#1012382).
- gpu: host1x: fix error return code in host1x_probe() (bnc#1012382).
- gro_cell: add napi_disable in gro_cells_destroy (bnc#1012382).
- hfs: do not free node before using (bnc#1012382).
- hfsplus: do not free node before using (bnc#1012382).
- hfsplus: prevent btree data loss on root split (bnc#1012382).
- hfs: prevent btree data loss on root split (bnc#1012382).
- HID: hiddev: fix potential Spectre v1 (bnc#1012382).
- HID: uhid: forbid UHID_CREATE under KERNEL_DS or elevated privileges (bnc#1012382).
- hpwdt add dynamic debugging (bsc#1114417).
- hpwdt calculate reload value on each use (bsc#1114417).
- hugetlbfs: dirty pages as they are added to pagecache (bnc#1012382).
- hugetlbfs: fix bug in pgoff overflow checking (bnc#1012382).
- hugetlbfs: fix kernel BUG at fs/hugetlbfs/inode.c:444! (bnc#1012382).
- hwmon: (ibmpowernv) Remove bogus __init annotations (bnc#1012382).
- hwmon: (ina2xx) Fix current value calculation (bnc#1012382).
- hwmon: (pmbus) Fix page count auto-detection (bnc#1012382).
- hwmon: (w83795) temp4_type has writable permission (bnc#1012382).
- hwpoison, memory_hotplug: allow hwpoisoned pages to be offlined (bnc#1116336).
- i2c: axxia: properly handle master timeout (bnc#1012382).
- i2c: scmi: Fix probe error on devices with an empty SMB0001 ACPI device node (bnc#1012382).
- IB/hfi1: Fix an out-of-bounds access in get_hw_stats ().
- ibmveth: fix DMA unmap error in ibmveth_xmit_start error path (bnc#1012382).
- ibmvnic: Convert reset work item mutex to spin lock ().
- ibmvnic: fix accelerated VLAN handling ().
- ibmvnic: fix index in release_rx_pools (bsc#1115440).
- ibmvnic: Fix non-atomic memory allocation in IRQ context ().
- ibmvnic: remove ndo_poll_controller ().
- ibmvnic: Update driver queues after change in ring size support ().
- IB/ucm: Fix Spectre v1 vulnerability (bnc#1012382).
- ide: pmac: add of_node_put() (bnc#1012382).
- ieee802154: lowpan_header_create check must check daddr (bnc#1012382).
- igb: Remove superfluous reset to PHY and page 0 selection (bnc#1012382).
- iio: adc: at91: fix acking DRDY irq on simple conversions (bnc#1012382).
- iio: adc: at91: fix wrong channel number in triggered buffer mode (bnc#1012382).
- ima: fix showing large 'violations' or 'runtime_measurements_count' (bnc#1012382).
- Input: elan_i2c - add ACPI ID for Lenovo IdeaPad 330-15ARR (bnc#1012382).
- Input: elan_i2c - add ACPI ID for Lenovo IdeaPad 330-15IGM (bnc#1012382).
- Input: elan_i2c - add ACPI ID for touchpad in ASUS Aspire F5-573G (bnc#1012382).
- Input: elan_i2c - add ELAN0620 to the ACPI table (bnc#1012382).
- Input: elan_i2c - add support for ELAN0621 touchpad (bnc#1012382).
- Input: matrix_keypad - check for errors from of_get_named_gpio() (bnc#1012382).
- Input: omap-keypad - fix idle configuration to not block SoC idle states (bnc#1012382).
- Input: omap-keypad - fix keyboard debounce configuration (bnc#1012382).
- Input: restore EV_ABS ABS_RESERVED (bnc#1012382).
- Input: xpad - add GPD Win 2 Controller USB IDs (bnc#1012382).
- Input: xpad - add Mad Catz FightStick TE 2 VID/PID (bnc#1012382).
- Input: xpad - add more third-party controllers (bnc#1012382).
- Input: xpad - add PDP device id 0x02a4 (bnc#1012382).
- Input: xpad - add product ID for Xbox One S pad (bnc#1012382).
- Input: xpad - add support for PDP Xbox One controllers (bnc#1012382).
- Input: xpad - add support for Xbox1 PDP Camo series gamepad (bnc#1012382).
- Input: xpad - add USB IDs for Mad Catz Brawlstick and Razer Sabertooth (bnc#1012382).
- Input: xpad - avoid using __set_bit() for capabilities (bnc#1012382).
- Input: xpad - constify usb_device_id (bnc#1012382).
- Input: xpad - correctly sort vendor id's (bnc#1012382).
- Input: xpad - correct xbox one pad device name (bnc#1012382).
- Input: xpad - do not depend on endpoint order (bnc#1012382).
- Input: xpad - fix GPD Win 2 controller name (bnc#1012382).
- Input: xpad - fix PowerA init quirk for some gamepad models (bnc#1012382).
- Input: xpad - fix rumble on Xbox One controllers with 2015 firmware (bnc#1012382).
- Input: xpad - fix some coding style issues (bnc#1012382).
- Input: xpad - fix stuck mode button on Xbox One S pad (bnc#1012382).
- Input: xpad - fix Xbox One rumble stopping after 2.5 secs (bnc#1012382).
- Input: xpad - handle 'present' and 'gone' correctly (bnc#1012382).
- Input: xpad - move reporting xbox one home button to common function (bnc#1012382).
- Input: xpad - power off wireless 360 controllers on suspend (bnc#1012382).
- Input: xpad - prevent spurious input from wired Xbox 360 controllers (bnc#1012382).
- Input: xpad - quirk all PDP Xbox One gamepads (bnc#1012382).
- Input: xpad - remove spurious events of wireless xpad 360 controller (bnc#1012382).
- Input: xpad - remove unused function (bnc#1012382).
- Input: xpad - restore LED state after device resume (bnc#1012382).
- Input: xpad - simplify error condition in init_output (bnc#1012382).
- Input: xpad - sort supported devices by USB ID (bnc#1012382).
- Input: xpad - support some quirky Xbox One pads (bnc#1012382).
- Input: xpad - sync supported devices with 360Controller (bnc#1012382).
- Input: xpad - sync supported devices with XBCD (bnc#1012382).
- Input: xpad - sync supported devices with xboxdrv (bnc#1012382).
- Input: xpad - update Xbox One Force Feedback Support (bnc#1012382).
- Input: xpad - use LED API when identifying wireless controllers (bnc#1012382).
- Input: xpad - validate USB endpoint type during probe (bnc#1012382).
- Input: xpad - workaround dead irq_out after suspend/ resume (bnc#1012382).
- Input: xpad - xbox one elite controller support (bnc#1012382).
- intel_th: msu: Fix an off-by-one in attribute store (bnc#1012382).
- iommu/amd: Fix amd_iommu=force_isolation (bsc#1106105).
- iommu/arm-smmu: Ensure that page-table updates are visible before TLBI (bsc#1106237).
- iommu/ipmmu-vmsa: Fix crash on early domain free (bsc#1106105).
- iommu/vt-d: Fix NULL pointer dereference in prq_event_thread() (bsc#1106105).
- iommu/vt-d: Handle domain agaw being less than iommu agaw (bsc#1106105).
- iommu/vt-d: Use memunmap to free memremap (bsc#1106105).
- ip6mr: Fix potential Spectre v1 vulnerability (bnc#1012382).
- ipmi: Fix timer race with module unload (bnc#1012382).
- ip_tunnel: do not force DF when MTU is locked (bnc#1012382).
- ip_tunnel: Fix name string concatenate in __ip_tunnel_create() (bnc#1012382).
- ipv4: Fix potential Spectre v1 vulnerability (bnc#1012382).
- ipv4: ipv6: netfilter: Adjust the frag mem limit when truesize changes (bsc#1110286).
- ipv6: Check available headroom in ip6_xmit() even without options (bnc#1012382).
- ipv6: explicitly initialize udp6_addr in udp_sock_create6() (bnc#1012382).
- ipv6: Fix PMTU updates for UDP/raw sockets in presence of VRF (bnc#1012382).
- ipv6: mcast: fix a use-after-free in inet6_mc_check (bnc#1012382).
- ipv6/ndisc: Preserve IPv6 control buffer if protocol error handlers are called (bnc#1012382).
- ipv6: orphan skbs in reassembly unit (bnc#1012382).
- ipv6: set rt6i_protocol properly in the route when it is installed (bsc#1114190).
- ipv6: suppress sparse warnings in IP6_ECN_set_ce() (bnc#1012382).
- isdn: fix kernel-infoleak in capi_unlocked_ioctl (bnc#1012382).
- iser: set sector for ambiguous mr status errors (bnc#1012382).
- iwlwifi: mvm: fix regulatory domain update when the firmware starts (bnc#1012382).
- iwlwifi: mvm: support sta_statistics() even on older firmware (bnc#1012382).
- ixgbe: Add function for checking to see if we can reuse page (bsc#1100105).
- ixgbe: Add support for build_skb (bsc#1100105).
- ixgbe: Add support for padding packet (bsc#1100105).
- ixgbe: Break out Rx buffer page management (bsc#1100105).
- ixgbe: Fix output from ixgbe_dump (bsc#1100105).
- ixgbe: fix possible race in reset subtask (bsc#1101557).
- ixgbe: Make use of order 1 pages and 3K buffers independent of FCoE (bsc#1100105).
- ixgbe: Only DMA sync frame length (bsc#1100105).
- ixgbe: recognize 1000BaseLX SFP modules as 1Gbps (bnc#1012382).
- ixgbe: Refactor queue disable logic to take completion time into account (bsc#1101557).
- ixgbe: Reorder Tx/Rx shutdown to reduce time needed to stop device (bsc#1101557).
- ixgbe: Update code to better handle incrementing page count (bsc#1100105).
- ixgbe: Update driver to make use of DMA attributes in Rx path (bsc#1100105).
- ixgbe: Use length to determine if descriptor is done (bsc#1100105).
- jbd2: fix use after free in jbd2_log_do_checkpoint() (bnc#1012382).
- jffs2: free jffs2_sb_info through jffs2_kill_sb() (bnc#1012382).
- kabi: hwpoison, memory_hotplug: allow hwpoisoned pages to be offlined (bnc#1116336).
- kABI: protect get_vaddr_frames (kabi).
- kABI: protect struct azx (kabi).
- kABI: protect struct cfs_bandwidth (kabi).
- kABI: protect struct esp (kabi).
- kABI: protect struct fuse_io_priv (kabi).
- kABI: protect __usb_get_extra_descriptor (kabi).
- kABI: protect xen/xen-ops.h include in xlate_mmu.c (kabi).
- kabi: revert sig change on pnfs_read_resend_pnfs (git-fixes).
- kbuild: Add better clang cross build support (bnc#1012382).
- kbuild: Add __cc-option macro (bnc#1012382).
- kbuild: Add support to generate LLVM assembly files (bnc#1012382).
- kbuild: allow to use GCC toolchain not in Clang search path (bnc#1012382).
- kbuild: clang: add -no-integrated-as to KBUILD_[AC]FLAGS (bnc#1012382).
- kbuild: clang: Disable 'address-of-packed-member' warning (bnc#1012382).
- kbuild: clang: disable unused variable warnings only when constant (bnc#1012382).
- kbuild: clang: fix build failures with sparse check (bnc#1012382).
- kbuild: clang: remove crufty HOSTCFLAGS (bnc#1012382).
- kbuild: Consolidate header generation from ASM offset information (bnc#1012382).
- kbuild: consolidate redundant sed script ASM offset generation (bnc#1012382).
- kbuild: drop -Wno-unknown-warning-option from clang options (bnc#1012382).
- kbuild: fix asm-offset generation to work with clang (bnc#1012382).
- kbuild: fix kernel/bounds.c 'W=1' warning (bnc#1012382).
- kbuild: fix linker feature test macros when cross compiling with Clang (bnc#1012382).
- kbuild, LLVMLinux: Add -Werror to cc-option to support clang (bnc#1012382).
- kbuild: move cc-option and cc-disable-warning after incl. arch Makefile (bnc#1012382).
- kbuild: Set KBUILD_CFLAGS before incl. arch Makefile (bnc#1012382).
- kbuild: set no-integrated-as before incl. arch Makefile (bnc#1012382).
- kbuild: use -Oz instead of -Os when using clang (bnc#1012382).
- kdb: use memmove instead of overlapping memcpy (bnc#1012382).
- kdb: Use strscpy with destination buffer size (bnc#1012382).
- kernel-source.spec: Align source numbering.
- kernfs: Replace strncpy with memcpy (bnc#1012382).
- KEYS: put keyring if install_session_keyring_to_cred() fails (bnc#1012382).
- kgdboc: fix KASAN global-out-of-bounds bug in param_set_kgdboc_var() (bnc#1012382).
- kgdboc: Fix restrict error (bnc#1012382).
- kgdboc: Fix warning with module build (bnc#1012382).
- kgdboc: Passing ekgdboc to command line causes panic (bnc#1012382).
- kobject: Replace strncpy with memcpy (bnc#1012382).
- kprobes: Return error if we fail to reuse kprobe instead of BUG_ON() (bnc#1012382).
- KVM: arm64: Fix caching of host MDCR_EL2 value (bsc#1121242).
- KVM: arm: Restore banked registers and physical timer access on hyp_panic() (bsc#1121240).
- KVM: mmu: Fix race in emulated page table writes (bnc#1012382).
- KVM: nVMX: Always reflect #NM VM-exits to L1 (bsc#1106240).
- KVM: nVMX: Eliminate vmcs02 pool (bnc#1012382).
- KVM: nVMX: mark vmcs12 pages dirty on L2 exit (bnc#1012382).
- KVM: PPC: Move and undef TRACE_INCLUDE_PATH/FILE (bnc#1012382).
- KVM/SVM: Allow direct access to MSR_IA32_SPEC_CTRL (bnc#1012382 bsc#1068032).
- KVM/SVM: Ensure an IBPB on all affected CPUs when freeing a vmcb (bsc#1114648).
- KVM/VMX: Allow direct access to MSR_IA32_SPEC_CTRL (bnc#1012382 bsc#1068032 bsc#1096242 bsc#1096281).
- KVM/VMX: Emulate MSR_IA32_ARCH_CAPABILITIES (bnc#1012382).
- KVM/VMX: introduce alloc_loaded_vmcs (bnc#1012382).
- KVM/VMX: make MSR bitmaps per-VCPU (bnc#1012382).
- KVM/x86: Add IBPB support (bnc#1012382 bsc#1068032 bsc#1068032).
- KVM/x86: fix empty-body warnings (bnc#1012382).
- KVM/x86: Remove indirect MSR op calls from SPEC_CTRL (bnc#1012382).
- KVM/x86: Use jmp to invoke kvm_spurious_fault() from .fixup (bnc#1012382).
- lan78xx: Check for supported Wake-on-LAN modes (bnc#1012382).
- leds: call led_pwm_set() in leds-pwm to enforce default LED_OFF (bnc#1012382).
- leds: leds-gpio: Fix return value check in create_gpio_led() (bnc#1012382).
- leds: turn off the LED and wait for completion on unregistering LED class device (bnc#1012382).
- libata: whitelist all SAMSUNG MZ7KM* solid-state disks (bnc#1012382).
- libceph: bump CEPH_MSG_MAX_DATA_LEN (bsc#1114839).
- libceph: fall back to sendmsg for slab pages (bsc#1118316).
- libfc: sync strings with upstream versions (bsc#1114763).
- lib/interval_tree_test.c: allow full tree search (bnc#1012382).
- lib/interval_tree_test.c: allow users to limit scope of endpoint (bnc#1012382).
- lib/interval_tree_test.c: make test options module parameters (bnc#1012382).
- libnvdimm, {btt, blk}: do integrity setup before add_disk() (bsc#1118926).
- libnvdimm, dimm: fix dpa reservation vs uninitialized label area (bsc#1118936).
- libnvdimm: fix integer overflow static analysis warning (bsc#1118922).
- libnvdimm: fix nvdimm_bus_lock() vs device_lock() ordering (bsc#1118915).
- libnvdimm: Hold reference on parent while scheduling async init (bnc#1012382).
- lib/raid6: Fix arm64 test build (bnc#1012382).
- lib/rbtree_test.c: make input module parameters (bnc#1012382).
- lib/rbtree-test: lower default params (bnc#1012382).
- llc: do not use sk_eat_skb() (bnc#1012382).
- lockd: fix access beyond unterminated strings in prints (bnc#1012382).
- locking/lockdep: Fix debug_locks off performance problem (bnc#1012382).
- mac80211: Always report TX status (bnc#1012382).
- mac80211: Clear beacon_int in ieee80211_do_stop (bnc#1012382).
- mac80211: fix reordering of buffered broadcast packets (bnc#1012382).
- mac80211_hwsim: do not omit multicast announce of first added radio (bnc#1012382).
- mac80211_hwsim: fix module init error paths for netlink (bnc#1012382).
- mac80211_hwsim: Timer should be initialized before device registered (bnc#1012382).
- mac80211: ignore NullFunc frames in the duplicate detection (bnc#1012382).
- mac80211: ignore tx status for PS stations in ieee80211_tx_status_ext (bnc#1012382).
- mach64: fix display corruption on big endian machines (bnc#1012382).
- mach64: fix image corruption due to reading accelerator registers (bnc#1012382).
- matroxfb: fix size of memcpy (bnc#1012382).
- MD: do not check MD_SB_CHANGE_CLEAN in md_allow_write (Git-fixes).
- MD: fix invalid stored role for a disk (bnc#1012382).
- MD: fix invalid stored role for a disk - try2 (bnc#1012382).
- media: dvb-frontends: fix i2c access helpers for KASAN (bnc#1012382).
- media: em28xx: fix input name for Terratec AV 350 (bnc#1012382).
- media: em28xx: Fix use-after-free when disconnecting (bnc#1012382).
- media: em28xx: make v4l2-compliance happier by starting sequence on zero (bnc#1012382).
- media: em28xx: use a default format if TRY_FMT fails (bnc#1012382).
- media: pci: cx23885: handle adding to list failure (bnc#1012382).
- media: tvp5150: fix width alignment during set_selection() (bnc#1012382).
- media: v4l: event: Add subscription to list before calling 'add' operation (bnc#1012382).
- media: vivid: free bitmap_cap when updating std/timings/etc (bnc#1012382).
- MIPS: Align kernel load address to 64KB (bnc#1012382).
- MIPS: DEC: Fix an int-handler.S CPU_DADDI_WORKAROUNDS regression (bnc#1012382).
- MIPS: Ensure pmd_present() returns false after pmd_mknotpresent() (bnc#1012382).
- MIPS: Fix FCSR Cause bit handling for correct SIGFPE issue (bnc#1012382).
- MIPS: fix mips_get_syscall_arg o32 check (bnc#1012382).
- MIPS: Handle non word sized instructions when examining frame (bnc#1012382).
- MIPS: kexec: Mark CPU offline before disabling local IRQ (bnc#1012382).
- MIPS: Loongson-3: Fix BRIDGE irq delivery problem (bnc#1012382).
- MIPS: Loongson-3: Fix CPU UART irq delivery problem (bnc#1012382).
- MIPS: microMIPS: Fix decoding of swsp16 instruction (bnc#1012382).
- MIPS: OCTEON: fix out of bounds array access on CN68XX (bnc#1012382).
- MIPS: ralink: Fix mt7620 nd_sd pinmux (bnc#1012382).
- misc: atmel-ssc: Fix section annotation on atmel_ssc_get_driver_data (bnc#1012382).
- misc: mic/scif: fix copy-paste error in scif_create_remote_lookup (bnc#1012382).
- MMC: core: Reset HPI enabled state during re-init and in case of errors (bnc#1012382).
- mm: cleancache: fix corruption on missed inode invalidation (bnc#1012382).
- MMC: OMAP: fix broken MMC on OMAP15XX/OMAP5910/OMAP310 (bnc#1012382).
- MMC: omap_hsmmc: fix DMA API warning (bnc#1012382).
- MMC: sdhci-pci-o2micro: Add quirk for O2 Micro dev 0x8620 rev 0x01 (bnc#1012382).
- mm, devm_memremap_pages: kill mapping 'System RAM' support (bnc#1012382).
- mm: do not bug_on on incorrect length in __mm_populate() (bnc#1012382).
- mm: do not miss the last page because of round-off error (bnc#1118798).
- mm, elf: handle vm_brk error (bnc#1012382).
- mm, hugetlb: fix huge_pte_alloc BUG_ON (bsc#1119204).
- mm: hwpoison: call shake_page() after try_to_unmap() for mlocked page (bnc#1116336).
- mm: lower the printk loglevel for __dump_page messages (generic hotplug debugability).
- mm, memory_hotplug: be more verbose for memory offline failures (generic hotplug debugability).
- mm, memory_hotplug: drop pointless block alignment checks from __offline_pages (generic hotplug debugability).
- mm, memory_hotplug: print reason for the offlining failure (generic hotplug debugability).
- mm: migration: fix migration of huge PMD shared pages (bnc#1012382).
- mm: mlock: avoid increase mm->locked_vm on mlock() when already mlock2(,MLOCK_ONFAULT) (bnc#1012382).
- mm/nommu.c: Switch __get_user_pages_unlocked() to use __get_user_pages() (bnc#1012382).
- mm: Preserve _PAGE_DEVMAP across mprotect() calls (bsc#1118790).
- mm: print more information about mapping in __dump_page (generic hotplug debugability).
- mm: put_and_wait_on_page_locked() while page is migrated (bnc#1109272).
- mm: refuse wrapped vm_brk requests (bnc#1012382).
- mm: remove write/force parameters from __get_user_pages_locked() (bnc#1012382 bsc#1027260).
- mm: remove write/force parameters from __get_user_pages_unlocked() (bnc#1012382 bsc#1027260).
- mm: replace __access_remote_vm() write parameter with gup_flags (bnc#1012382).
- mm: replace access_remote_vm() write parameter with gup_flags (bnc#1012382).
- mm: replace get_user_pages_locked() write/force parameters with gup_flags (bnc#1012382 bsc#1027260).
- mm: replace get_user_pages_unlocked() write/force parameters with gup_flags (bnc#1012382 bsc#1027260).
- mm: replace get_user_pages() write/force parameters with gup_flags (bnc#1012382 bsc#1027260).
- mm: replace get_vaddr_frames() write/force parameters with gup_flags (bnc#1012382).
- mm: thp: relax __GFP_THISNODE for MADV_HUGEPAGE mappings (bnc#1012382).
- modules: mark __inittest/__exittest as __maybe_unused (bnc#1012382).
- mount: Do not allow copying MNT_UNBINDABLE|MNT_LOCKED mounts (bnc#1012382).
- mount: Prevent MNT_DETACH from disconnecting locked mounts (bnc#1012382).
- mount: Retest MNT_LOCKED in do_umount (bnc#1012382).
- mtd: docg3: do not set conflicting BCH_CONST_PARAMS option (bnc#1012382).
- mtd: spi-nor: Add support for is25wp series chips (bnc#1012382).
- mv88e6060: disable hardware level MAC learning (bnc#1012382).
- mwifiex: Fix NULL pointer dereference in skb_dequeue() (bnc#1012382).
- mwifiex: fix p2p device does not find in scan problem (bnc#1012382).
- namei: allow restricted O_CREAT of FIFOs and regular files (bnc#1012382).
- neighbour: Avoid writing before skb->head in neigh_hh_output() (bnc#1012382).
- net: 8139cp: fix a BUG triggered by changing mtu with network traffic (bnc#1012382).
- net/af_iucv: drop inbound packets with invalid flags (bnc#1114475, LTC#172679).
- net/af_iucv: fix skb handling on HiperTransport xmit error (bnc#1114475, LTC#172679).
- net: amd: add missing of_node_put() (bnc#1012382).
- net: bcmgenet: fix OF child-node lookup (bnc#1012382).
- net: bridge: remove ipv6 zero address check in mcast queries (bnc#1012382).
- net: cxgb3_main: fix a missing-check bug (bnc#1012382).
- net: drop skb on failure in ip_check_defrag() (bnc#1012382).
- net: drop write-only stack variable (bnc#1012382).
- net: ena: add functions for handling Low Latency Queues in ena_com (bsc#1117562).
- net: ena: add functions for handling Low Latency Queues in ena_netdev (bsc#1117562).
- net: ena: change rx copybreak default to reduce kernel memory pressure (bsc#1117562).
- net: ena: complete host info to match latest ENA spec (bsc#1117562).
- net: ena: enable Low Latency Queues (bsc#1117562).
- net: ena: explicit casting and initialization, and clearer error handling (bsc#1117562).
- net: ena: fix auto casting to boolean (bsc#1117562).
- net: ena: fix compilation error in xtensa architecture (bsc#1117562).
- net: ena: fix crash during ena_remove() (bsc#1108240).
- net: ena: fix crash during failed resume from hibernation (bsc#1117562).
- net: ena: fix indentations in ena_defs for better readability (bsc#1117562).
- net: ena: Fix Kconfig dependency on X86 (bsc#1117562).
- net: ena: fix NULL dereference due to untimely napi initialization (bsc#1117562).
- net: ena: fix rare bug when failed restart/resume is followed by driver removal (bsc#1117562).
- net: ena: fix warning in rmmod caused by double iounmap (bsc#1117562).
- net: ena: introduce Low Latency Queues data structures according to ENA spec (bsc#1117562).
- net: ena: limit refill Rx threshold to 256 to avoid latency issues (bsc#1117562).
- net: ena: minor performance improvement (bsc#1117562).
- net: ena: remove ndo_poll_controller (bsc#1117562).
- net: ena: remove redundant parameter in ena_com_admin_init() (bsc#1117562).
- net: ena: update driver version from 2.0.1 to 2.0.2 (bsc#1108240).
- net: ena: update driver version to 2.0.1 (bsc#1117562).
- net: ena: use CSUM_CHECKED device indication to report skb's checksum status (bsc#1117562).
- net: faraday: ftmac100: remove netif_running(netdev) check before disabling interrupts (bnc#1012382).
- netfilter: ipset: actually allow allowable CIDR 0 in hash:net,port,net (bnc#1012382).
- netfilter: ipset: Correct rcu_dereference() call in ip_set_put_comment() (bnc#1012382).
- netfilter: nf_tables: fix oops when inserting an element into a verdict map (bnc#1012382).
- netfilter: xt_IDLETIMER: add sysfs filename checking routine (bnc#1012382).
- net-gro: reset skb->pkt_type in napi_reuse_skb() (bnc#1012382).
- net: hisilicon: remove unexpected free_netdev (bnc#1012382).
- net: ibm: fix return type of ndo_start_xmit function ().
- net/ibmnvic: Fix deadlock problem in reset ().
- net/ibmvnic: Fix RTNL deadlock during device reset (bnc#1115431).
- net/ipv4: defensive cipso option parsing (bnc#1012382).
- net/ipv4: do not handle duplicate fragments as overlapping (bsc#1116345).
- net/ipv6: Fix index counter for unicast addresses in in6_dump_addrs (bnc#1012382).
- net/mlx4_core: Correctly set PFC param if global pause is turned off (bsc#1015336 bsc#1015337 bsc#1015340).
- net/mlx4_core: Fix uninitialized variable compilation warning (bnc#1012382).
- net/mlx4_core: Zero out lkey field in SW2HW_MPT fw command (bnc#1012382).
- net/mlx4: Fix UBSAN warning of signed integer overflow (bnc#1012382).
- net: phy: do not allow __set_phy_supported to add unsupported modes (bnc#1012382).
- net: Prevent invalid access to skb->prev in __qdisc_drop_all (bnc#1012382).
- net: qla3xxx: Remove overflowing shift statement (bnc#1012382).
- netrom: fix locking in nr_find_socket() (bnc#1012382).
- net: sched: gred: pass the right attribute to gred_change_table_def() (bnc#1012382).
- net: socket: fix a missing-check bug (bnc#1012382).
- net: stmmac: Fix stmmac_mdio_reset() when building stmmac as modules (bnc#1012382).
- net: thunderx: fix NULL pointer dereference in nic_remove (bnc#1012382).
- new helper: uaccess_kernel() (bnc#1012382).
- NFC: nfcmrvl_uart: fix OF child-node lookup (bnc#1012382).
- nfit: skip region registration for incomplete control regions (bsc#1118930).
- nfsd: Fix an Oops in free_session() (bnc#1012382).
- NFS: Ensure we commit after writeback is complete (bsc#1111809).
- NFSv4.1: Fix the r/wsize checking (bnc#1012382).
- NFSv4: Do not exit the state manager without clearing NFS4CLNT_MANAGER_RUNNING (git-fixes).
- nvme: validate controller state before rescheduling keep alive (bsc#1103257).
- ocfs2: fix a misuse a of brelse after failing ocfs2_check_dir_entry (bnc#1012382).
- ocfs2: fix deadlock caused by ocfs2_defrag_extent() (bnc#1012382).
- ocfs2: fix potential use after free (bnc#1012382).
- of: add helper to lookup compatible child node (bnc#1012382).
- packet: validate address length (bnc#1012382).
- packet: validate address length if non-zero (bnc#1012382).
- parisc: Fix address in HPMC IVA (bnc#1012382).
- parisc: Fix map_pages() to not overwrite existing pte entries (bnc#1012382).
- PCI: Add Device IDs for Intel GPU 'spurious interrupt' quirk (bnc#1012382).
- PCI/ASPM: Do not initialize link state when aspm_disabled is set (bsc#1109806).
- PCI/ASPM: Fix link_state teardown on device removal (bsc#1109806).
- PCI: vmd: Detach resources after stopping root bus (bsc#1106105).
- pcmcia: Implement CLKRUN protocol disabling for Ricoh bridges (bnc#1012382).
- perf/bpf: Convert perf_event_array to use struct file (bsc#1119967).
- perf/core: Do not leak event in the syscall error path (bnc#1012382).
- perf pmu: Suppress potential format-truncation warning (bnc#1012382).
- perf/ring_buffer: Prevent concurent ring buffer access (bnc#1012382).
- perf tools: Cleanup trace-event-info 'tdata' leak (bnc#1012382).
- perf tools: Disable parallelism for 'make clean' (bnc#1012382).
- perf tools: Free temporary 'sys' string in read_event_files() (bnc#1012382).
- pinctrl: qcom: spmi-mpp: Fix drive strength setting (bnc#1012382).
- pinctrl: qcom: spmi-mpp: Fix err handling of pmic_mpp_set_mux (bnc#1012382).
- pinctrl: spmi-mpp: Fix pmic_mpp_config_get() to be compliant (bnc#1012382).
- pinctrl: ssbi-gpio: Fix pm8xxx_pin_config_get() to be compliant (bnc#1012382).
- pinctrl: sunxi: a83t: Fix IRQ offset typo for PH11 (bnc#1012382).
- platform/x86: acerhdf: Add BIOS entry for Gateway LT31 v1.3307 (bnc#1012382).
- PM/devfreq: tegra: fix error return code in tegra_devfreq_probe() (bnc#1012382).
- pNFS: Fix a deadlock between read resends and layoutreturn (git-fixes).
- pNFS/flexfiles: Fix up the ff_layout_write_pagelist failure path (git-fixes).
- pNFS/flexfiles: When checking for available DSes, conditionally check for MDS io (git-fixes).
- pnfs: set NFS_IOHDR_REDO in pnfs_read_resend_pnfs (git-fixes).
- powerpc/64s: consolidate MCE counter increment (bsc#1094244).
- powerpc/boot: Ensure _zimage_start is a weak symbol (bnc#1012382).
- powerpc/boot: Fix random libfdt related build errors (bnc#1012382).
- powerpc/boot: Request no dynamic linker for boot wrapper (bsc#1070805).
- powerpc: Fix COFF zImage booting on old powermacs (bnc#1012382).
- powerpc/mm/radix: Use mm->task_size for boundary checking instead of addr_limit (bsc#1027457).
- powerpc/msi: Fix compile error on mpc83xx (bnc#1012382).
- powerpc/msi: Fix NULL pointer access in teardown code (bnc#1012382).
- powerpc/nohash: fix undefined behaviour when testing page size support (bnc#1012382).
- powerpc/numa: Suppress 'VPHN is not supported' messages (bnc#1012382).
- powerpc/powernv: Do not select the cpufreq governors (bsc#1066223).
- powerpc/powernv: Fix opal_event_shutdown() called with interrupts disabled (bsc#1066223).
- powerpc/powernv/pci: Work around races in PCI bridge enabling (bsc#1066223).
- powerpc/pseries: Fix DTL buffer registration (bsc#1066223).
- powerpc/pseries: Fix how we iterate over the DTL entries (bsc#1066223).
- powerpc/pseries/mobility: Extend start/stop topology update scope (bsc#1116950, bsc#1115709).
- powerpc/traps: restore recoverability of machine_check interrupts (bsc#1094244).
- power: supply: olpc_battery: correct the temperature units (bnc#1012382).
- printk: Fix panic caused by passing log_buf_len to command line (bnc#1012382).
- Provide a temporary fix for STIBP on-by-default (bsc#1116497).
- pstore: Convert console write to use ->write_buf (bnc#1012382).
- ptp: fix Spectre v1 vulnerability (bnc#1012382).
- pxa168fb: prepare the clock (bnc#1012382).
- qed: Fix bitmap_weight() check (bsc#1019695).
- qed: Fix PTT leak in qed_drain() (bnc#1012382).
- qed: Fix QM getters to always return a valid pq (bsc#1019695 ).
- qed: Fix reading wrong value in loop condition (bnc#1012382).
- r8152: Check for supported Wake-on-LAN Modes (bnc#1012382).
- r8169: fix NAPI handling under high load (bnc#1012382).
- rapidio/rionet: do not free skb before reading its length (bnc#1012382).
- RDMA/ucma: Fix Spectre v1 vulnerability (bnc#1012382).
- reiserfs: propagate errors from fill_with_dentries() properly (bnc#1012382).
- Revert 'Bluetooth: h5: Fix missing dependency on BT_HCIUART_SERDEV' (bnc#1012382).
- Revert 'ceph: fix dentry leak in splice_dentry()' (bsc#1114839).
- Revert 'drm/rockchip: Allow driver to be shutdown on reboot/kexec' (bsc#1106929)
- Revert 'exec: avoid gcc-8 warning for get_task_comm' (kabi).
- Revert 'iommu/io-pgtable-arm: Check for v7s-incapable systems' (bsc#1106105).
- Revert 'media: v4l: event: Add subscription to list before calling 'add' operation' (kabi).
- Revert 'media: videobuf2-core: do not call memop 'finish' when queueing' (bnc#1012382).
- Revert 'PCI/ASPM: Do not initialize link state when aspm_disabled is set' (bsc#1106105).
- Revert 'usb: musb: musb_host: Enable HCD_BH flag to handle urb return in bottom half' (bsc#1047487).
- Revert 'wlcore: Add missing PM call for wlcore_cmd_wait_for_event_or_timeout()' (bnc#1012382).
- Revert 'x86/kconfig: Fall back to ticket spinlocks' (kabi).
- rocker: fix rocker_tlv_put_* functions for KASAN (bnc#1012382).
- rpcrdma: Add RPCRDMA_HDRLEN_ERR (git-fixes).
- rpm/kernel-binary.spec.in: Add missing export BRP_SIGN_FILES (bsc#1115587) The export line was accidentally dropped at merging scripts branch, which resulted in the invalid module signature.
- rps: flow_dissector: Fix uninitialized flow_keys used in __skb_get_hash possibly (bsc#1042286 bsc#1108145).
- rtc: hctosys: Add missing range error reporting (bnc#1012382).
- rtc: snvs: add a missing write sync (bnc#1012382).
- rtc: snvs: Add timeouts to avoid kernel lockups (bnc#1012382).
- rtnetlink: Disallow FDB configuration for non-Ethernet device (bnc#1012382).
- rtnetlink: ndo_dflt_fdb_dump() only work for ARPHRD_ETHER devices (bnc#1012382).
- s390/cpum_cf: Reject request for sampling in event initialization (bnc#1012382).
- s390/mm: Check for valid vma before zapping in gmap_discard (bnc#1012382).
- s390/mm: Fix ERROR: '__node_distance' undefined! (bnc#1012382).
- s390/qeth_core_mpc: Use ARRAY_SIZE instead of reimplementing its function (bnc#1114475, LTC#172682).
- s390/qeth: fix HiperSockets sniffer (bnc#1114475, LTC#172953).
- s390/qeth: fix length check in SNMP processing (bnc#1012382).
- s390/qeth: Fix potential array overrun in cmd/rc lookup (bnc#1114475, LTC#172682).
- s390/vdso: add missing FORCE to build targets (bnc#1012382).
- sbus: char: add of_node_put() (bnc#1012382).
- sc16is7xx: Fix for multi-channel stall (bnc#1012382).
- sched/cgroup: Fix cgroup entity load tracking tear-down (bnc#1012382).
- sched/fair: Fix throttle_list starvation with low CFS quota (bnc#1012382).
- sch_red: update backlog as well (bnc#1012382).
- scsi: aacraid: Fix typo in blink status (bnc#1012382).
- scsi: bfa: convert to strlcpy/strlcat (bnc#1012382 bsc#1019683, ).
- scsi: bnx2fc: Fix NULL dereference in error handling (bnc#1012382).
- scsi: core: Allow state transitions from OFFLINE to BLOCKED (bsc#1112246).
- scsi: Create two versions of scsi_internal_device_unblock() (bsc#1119877).
- scsi: csiostor: Avoid content leaks and casts (bnc#1012382).
- scsi: esp_scsi: Track residual for PIO transfers (bnc#1012382).
- scsi: Introduce scsi_start_queue() (bsc#1119877).
- scsi: libfc: check fc_frame_payload_get() return value for null (bsc#1103624, bsc#1104731).
- scsi: libfc: retry PRLI if we cannot analyse the payload (bsc#1104731).
- scsi: libiscsi: Fix NULL pointer dereference in iscsi_eh_session_reset (bnc#1012382).
- scsi: lpfc: Add Buffer overflow check, when nvme_info larger than PAGE_SIZE (bsc#1102660).
- scsi: lpfc: Correct soft lockup when running mds diagnostics (bnc#1012382).
- scsi: lpfc: devloss timeout race condition caused null pointer reference (bsc#1102660).
- scsi: lpfc: Fix abort error path for NVMET (bsc#1102660).
- scsi: lpfc: fix block guard enablement on SLI3 adapters (bsc#1079935).
- scsi: lpfc: Fix driver crash when re-registering NVME rports (bsc#1102660).
- scsi: lpfc: Fix ELS abort on SLI-3 adapters (bsc#1102660).
- scsi: lpfc: Fix list corruption on the completion queue (bsc#1102660).
- scsi: lpfc: Fix NVME Target crash in defer rcv logic (bsc#1102660).
- scsi: lpfc: Fix panic if driver unloaded when port is offline (bsc#1102660).
- scsi: lpfc: update driver version to 11.4.0.7-5 (bsc#1102660).
- scsi: Make __scsi_remove_device go straight from BLOCKED to DEL (bsc#1119877).
- scsi: megaraid_sas: fix a missing-check bug (bnc#1012382).
- scsi: Protect SCSI device state changes with a mutex (bsc#1119877).
- scsi: qedi: Add ISCSI_BOOT_SYSFS to Kconfig (bsc#1043083).
- scsi: qla2xxx: Fix crashes in qla2x00_probe_one on probe failure (bsc#1094973).
- scsi: qla2xxx: Fix incorrect port speed being set for FC adapters (bnc#1012382).
- scsi: qla2xxx: Fix small memory leak in qla2x00_probe_one on probe failure (bsc#1094973).
- scsi: Re-export scsi_internal_device_{,un}_block() (bsc#1119877).
- scsi: Split scsi_internal_device_block() (bsc#1119877).
- scsi: target: add emulate_pr backstore attr to toggle PR support (bsc#1091405).
- scsi: target: drop unused pi_prot_format attribute storage (bsc#1091405).
- scsi: ufs: fix bugs related to null pointer access and array size (bnc#1012382).
- scsi: ufs: fix race between clock gating and devfreq scaling work (bnc#1012382).
- scsi: ufshcd: Fix race between clk scaling and ungate work (bnc#1012382).
- scsi: ufshcd: release resources if probe fails (bnc#1012382).
- scsi: use 'inquiry_mutex' instead of 'state_mutex' (bsc#1119877).
- scsi: vmw_pscsi: Rearrange code to avoid multiple calls to free_irq during unload (bnc#1012382).
- scsi: zfcp: fix posting too many status read buffers leading to adapter shutdown (bnc#1012382).
- sctp: clear the transport of some out_chunk_list chunks in sctp_assoc_rm_peer (bnc#1012382).
- sctp: fix race on sctp_id2asoc (bnc#1012382).
- sctp: initialize sin6_flowinfo for ipv6 addrs in sctp_inet6addr_event (bnc#1012382).
- selftests: ftrace: Add synthetic event syntax testcase (bnc#1012382).
- selftests: Move networking/timestamping from Documentation (bnc#1012382).
- seq_file: fix incomplete reset on read from zero offset (Git-fixes).
- ser_gigaset: use container_of() instead of detour (bnc#1012382).
- signal: Always deliver the kernel's SIGKILL and SIGSTOP to a pid namespace init (bnc#1012382).
- signal/GenWQE: Fix sending of SIGKILL (bnc#1012382).
- smb3: allow stats which track session and share reconnects to be reset (bnc#1012382).
- smb3: do not attempt cifs operation in smb3 query info error path (bnc#1012382).
- smb3: on kerberos mount if server does not specify auth type use krb5 (bnc#1012382).
- smsc75xx: Check for Wake-on-LAN modes (bnc#1012382).
- smsc95xx: Check for Wake-on-LAN modes (bnc#1012382).
- sock: Make sock->sk_stamp thread-safe (bnc#1012382).
- soc/tegra: pmc: Fix child-node lookup (bnc#1012382).
- sparc64: Fix exception handling in UltraSPARC-III memcpy (bnc#1012382).
- sparc64 mm: Fix more TSB sizing issues (bnc#1012382).
- sparc: Fix single-pcr perf event counter management (bnc#1012382).
- sparc/pci: Refactor dev_archdata initialization into pci_init_dev_archdata (bnc#1012382).
- spi: bcm2835: Avoid finishing transfer prematurely in IRQ mode (bnc#1012382).
- spi: bcm2835: Fix book-keeping of DMA termination (bnc#1012382).
- spi: bcm2835: Fix race on DMA termination (bnc#1012382).
- spi: bcm2835: Unbreak the build of esoteric configs (bnc#1012382).
- spi/bcm63xx: fix error return code in bcm63xx_spi_probe() (bnc#1012382).
- spi/bcm63xx-hspi: fix error return code in bcm63xx_hsspi_probe() (bnc#1012382).
- spi: xlp: fix error return code in xlp_spi_probe() (bnc#1012382).
- sr9800: Check for supported Wake-on-LAN modes (bnc#1012382).
- sr: pass down correctly sized SCSI sense buffer (bnc#1012382).
- staging: rts5208: fix gcc-8 logic error warning (bnc#1012382).
- staging: speakup: Replace strncpy with memcpy (bnc#1012382).
- SUNRPC: correct the computation for page_ptr when truncating (bnc#1012382).
- SUNRPC: drop pointless static qualifier in xdr_get_next_encode_buffer() (bnc#1012382).
- SUNRPC: Fix a bogus get/put in generic_key_to_expire() (bnc#1012382).
- SUNRPC: Fix a potential race in xprt_connect() (git-fixes).
- SUNRPC: fix cache_head leak due to queued request (bnc#1012382).
- SUNRPC: Fix leak of krb5p encode pages (bnc#1012382).
- svcrdma: Remove unused variable in rdma_copy_tail() (git-fixes).
- swim: fix cleanup on setup error (bnc#1012382).
- swiotlb: clean up reporting (bnc#1012382).
- sysv: return 'err' instead of 0 in __sysv_write_inode (bnc#1012382).
- target/iscsi: avoid NULL dereference in CHAP auth error path (bsc#1117165).
- target: se_dev_attrib.emulate_pr ABI stability (bsc#1091405).
- tcp: fix NULL ref in tail loss probe (bnc#1012382).
- TC: Set DMA masks for devices (bnc#1012382).
- termios, tty/tty_baudrate.c: fix buffer overrun (bnc#1012382).
- tg3: Add PHY reset for 5717/5719/5720 in change ring and flow control paths (bnc#1012382).
- thermal: allow spear-thermal driver to be a module (bnc#1012382).
- thermal: allow u8500-thermal driver to be a module (bnc#1012382).
- timer/debug: Change /proc/timer_list from 0444 to 0400 (bnc#1012382).
- tmpfs: make lseek(SEEK_DATA/SEK_HOLE) return ENXIO with a negative offset (bnc#1012382).
- tpm: fix response size validation in tpm_get_random() (bsc#1020645, git-fixes).
- tpm: suppress transmit cmd error logs when TPM 1.2 is disabled/deactivated (bnc#1012382).
- tracing: Fix bad use of igrab in trace_uprobe.c (bsc#1120046).
- tracing: Fix memory leak in set_trigger_filter() (bnc#1012382).
- tracing: Fix memory leak of instance function hash filters (bnc#1012382).
- tracing: Skip more functions when doing stack tracing of events (bnc#1012382).
- tty: check name length in tty_find_polling_driver() (bnc#1012382).
- tty: serial: 8250_mtk: always resume the device in probe (bnc#1012382).
- tty: serial: sprd: fix error return code in sprd_probe() (bnc#1012382).
- tty: wipe buffer (bnc#1012382).
- tty: wipe buffer if not echoing data (bnc#1012382).
- tun: Consistently configure generic netdev params via rtnetlink (bnc#1012382).
- tun: forbid iface creation with rtnl ops (bnc#1012382).
- uio: ensure class is registered before devices (bnc#1012382).
- uio: Fix an Oops on load (bnc#1012382).
- uio: make symbol 'uio_class_registered' static (git-fixes).
- um: Avoid longjmp/setjmp symbol clashes with libpthread.a (bnc#1012382).
- um: Give start_idle_thread() a return code (bnc#1012382).
- unifdef: use memcpy instead of strncpy (bnc#1012382).
- Update config files. Enabled ENA (Amazon network driver) for arm64
- Update config files (reenable lost BT_HCIUART_3WIRE).
- Update ibmvnic: Fix RX queue buffer cleanup (bsc#1115440, bsc#1115433).
- uprobes: Fix handle_swbp() vs. unregister() + register() race once more (bnc#1012382).
- usb: appledisplay: Add 27' Apple Cinema Display (bnc#1012382).
- usb: cdc-acm: add entry for Hiro (Conexant) modem (bnc#1012382).
- usb: check usb_get_extra_descriptor for proper size (bnc#1012382).
- usb: chipidea: Prevent unbalanced IRQ disable (bnc#1012382).
- usb: core: Fix hub port connection events lost (bnc#1012382).
- usb: core: quirks: add RESET_RESUME quirk for Cherry G230 Stream series (bnc#1012382).
- usb: dwc3: omap: fix error return code in dwc3_omap_probe() (bnc#1012382).
- usb: ehci-omap: fix error return code in ehci_hcd_omap_probe() (bnc#1012382).
- usb: fix the usbfs flag sanitization for control transfers (bnc#1012382).
- usb: gadget: dummy: fix nonsensical comparisons (bnc#1012382).
- usb: gadget: storage: Fix Spectre v1 vulnerability (bnc#1012382).
- usb: imx21-hcd: fix error return code in imx21_probe() (bnc#1012382).
- usb: misc: appledisplay: add 20' Apple Cinema Display (bnc#1012382).
- usbnet: ipheth: fix potential recvmsg bug and recvmsg bug 2 (bnc#1012382).
- usb: omap_udc: fix crashes on probe error and module removal (bnc#1012382).
- usb: omap_udc: fix omap_udc_start() on 15xx machines (bnc#1012382).
- usb: omap_udc: fix USB gadget functionality on Palm Tungsten E (bnc#1012382).
- usb: omap_udc: use devm_request_irq() (bnc#1012382).
- usb: quirk: add no-LPM quirk on SanDisk Ultra Flair device (bnc#1012382).
- usb: quirks: Add delay-init quirk for Corsair K70 LUX RGB (bnc#1012382).
- usb: quirks: Add no-lpm quirk for Raydium touchscreens (bnc#1012382).
- usb: r8a66597: Fix a possible concurrency use-after-free bug in r8a66597_endpoint_disable() (bnc#1012382).
- usb: serial: option: add Fibocom NL668 series (bnc#1012382).
- usb: serial: option: add Fibocom NL678 series (bnc#1012382).
- usb: serial: option: add GosunCn ZTE WeLink ME3630 (bnc#1012382).
- usb: serial: option: add HP lt4132 (bnc#1012382).
- usb: serial: option: add Simcom SIM7500/SIM7600 (MBIM mode) (bnc#1012382).
- usb: serial: option: add Telit LN940 series (bnc#1012382).
- usb: serial: pl2303: add ids for Hewlett-Packard HP POS pole displays (bnc#1012382).
- usb-storage: fix bogus hardware error messages for ATA pass-thru devices (bnc#1012382).
- usb: usb-storage: Add new IDs to ums-realtek (bnc#1012382).
- usb: xhci: fix timeout for transition from RExit to U0 (bnc#1012382).
- usb: xhci: fix uninitialized completion when USB3 port got wrong status (bnc#1012382).
- usb: xhci: Prevent bus suspend if a port connect change or polling state is detected (bnc#1012382).
- v9fs_dir_readdir: fix double-free on p9stat_read error (bnc#1012382).
- vfs: Avoid softlockups in drop_pagecache_sb() (bsc#1118505).
- vhost: Fix Spectre V1 vulnerability (bnc#1012382).
- vhost: make sure used idx is seen before log in vhost_add_used_n() (bnc#1012382).
- vhost/scsi: truncate T10 PI iov_iter to prot_bytes (bnc#1012382).
- video: fbdev: pxa3xx_gcu: fix error return code in pxa3xx_gcu_probe() (bnc#1012382).
- virtio/s390: avoid race on vcdev->config (bnc#1012382).
- virtio/s390: fix race in ccw_io_helper() (bnc#1012382).
- VSOCK: Send reset control packet when socket is partially bound (bnc#1012382).
- vti6: flush x-netns xfrm cache when vti interface is removed (bnc#1012382).
- w1: omap-hdq: fix missing bus unregister at removal (bnc#1012382).
- x86: boot: Fix EFI stub alignment (bnc#1012382).
- x86/boot: #undef memcpy() et al in string.c (bnc#1012382).
- x86/build: Fix stack alignment for CLang (bnc#1012382).
- x86/build: Specify stack alignment for clang (bnc#1012382).
- x86/build: Use __cc-option for boot code compiler options (bnc#1012382).
- x86/build: Use cc-option to validate stack alignment parameter (bnc#1012382).
- x86/corruption-check: Fix panic in memory_corruption_check() when boot option without value is provided (bnc#1012382).
- x86/earlyprintk/efi: Fix infinite loop on some screen widths (bnc#1012382).
- x86/entry: spell EBX register correctly in documentation (bnc#1012382).
- x86/kbuild: Use cc-option to enable -falign-{jumps/loops} (bnc#1012382).
- x86/kconfig: Fall back to ticket spinlocks (bnc#1012382).
- x86/MCE: Export memory_error() (bsc#1114648).
- x86/MCE: Make correctable error detection look at the Deferred bit (bsc#1114648).
- x86/mm/kaslr: Use the _ASM_MUL macro for multiplication to work around Clang incompatibility (bnc#1012382).
- x86/mm/pat: Prevent hang during boot when mapping pages (bnc#1012382).
- x86/mtrr: Do not copy uninitialized gentry fields back to userspace (bnc#1012382).
- x86/speculation/l1tf: Drop the swap storage limit restriction when l1tf=off (bnc#1114871).
- x86/speculation: Use synthetic bits for IBRS/IBPB/STIBP (bnc#1012382).
- xen/balloon: Support xend-based toolstack (bnc#1065600).
- xen/blkfront: avoid NULL blkfront_info dereference on device removal (bsc#1111062).
- xen: fix race in xen_qlock_wait() (bnc#1012382).
- xen: fix xen_qlock_wait() (bnc#1012382).
- xen: make xen_qlock_wait() nestable (bnc#1012382).
- xen/netback: dont overflow meta array (bnc#1099523).
- xen/netfront: tolerate frags with no data (bnc#1012382).
- xen-swiotlb: use actually allocated size on check physical continuous (bnc#1012382).
- xen/x86: add diagnostic printout to xen_mc_flush() in case of error (bnc#1116183).
- xen: xlate_mmu: add missing header to fix 'W=1' warning (bnc#1012382).
- xfrm6: call kfree_skb when skb is toobig (bnc#1012382).
- xfrm: Clear sk_dst_cache when applying per-socket policy (bnc#1012382).
- xfrm: Fix bucket count reported to userspace (bnc#1012382).
- xfrm: use complete IPv6 addresses for hash (bsc#1109330).
- xfrm: Validate address prefix lengths in the xfrm selector (bnc#1012382).
- xfrm: validate template mode (bnc#1012382).
- xfs: Align compat attrlist_by_handle with native implementation (git-fixes).
- xfs/dmapi: restore event in xfs_getbmap (bsc#1114763).
- xfs: Fix error code in 'xfs_ioc_getbmap()' (git-fixes).
- xfs: fix quotacheck dquot id overflow infinite loop (bsc#1121621).
- xhci: Add quirk to workaround the errata seen on Cavium Thunder-X2 Soc (bsc#1117162).
- xhci: Do not prevent USB2 bus suspend in state check intended for USB3 only (bnc#1012382).
- xhci: Prevent U1/U2 link pm states if exit latency is too long (bnc#1012382).
- xprtrdma: checking for NULL instead of IS_ERR() (git-fixes).
- xprtrdma: Disable pad optimization by default (git-fixes).
- xprtrdma: Disable RPC/RDMA backchannel debugging messages (git-fixes).
- xprtrdma: Fix additional uses of spin_lock_irqsave(rb_lock) (git-fixes).
- xprtrdma: Fix backchannel allocation of extra rpcrdma_reps (git-fixes).
- xprtrdma: Fix Read chunk padding (git-fixes).
- xprtrdma: Fix receive buffer accounting (git-fixes).
- xprtrdma: Reset credit grant properly after a disconnect (git-fixes).
- xprtrdma: rpcrdma_bc_receive_call() should init rq_private_buf.len (git-fixes).
- xprtrdma: Serialize credit accounting again (git-fixes).
- xprtrdma: xprt_rdma_free() must not release backchannel reqs (git-fixes).
- xtensa: add NOTES section to the linker script (bnc#1012382).
- xtensa: enable coprocessors that are being flushed (bnc#1012382).
- xtensa: fix boot parameters address translation (bnc#1012382).
- xtensa: fix coprocessor context offset definitions (bnc#1012382).
- xtensa: make sure bFLT stack is 16 byte aligned (bnc#1012382).
- zram: close udev startup race condition as default groups (bnc#1012382).
Patchnames
SUSE-2019-320,SUSE-SLE-RT-12-SP3-2019-320
Terms of use
CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).
{
"document": {
"aggregate_severity": {
"namespace": "https://www.suse.com/support/security/rating/",
"text": "important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright 2024 SUSE LLC. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "Security update for the Linux Kernel",
"title": "Title of the patch"
},
{
"category": "description",
"text": "The SUSE Linux Enterprise 12 SP3 Realtime kernel was updated to receive various security and bugfixes.\n\nThe following security bugs were fixed:\n\n- CVE-2018-19407: The vcpu_scan_ioapic function in arch/x86/kvm/x86.c allowed local users to cause a denial of service (NULL pointer dereference and BUG) via crafted system calls that reach a situation where ioapic is uninitialized (bnc#1116841).\n- CVE-2018-19985: The function hso_probe read if_num from the USB device (as an u8) and used it without a length check to index an array, resulting in an OOB memory read in hso_probe or hso_get_config_data that could be used by local attackers (bsc#1120743).\n- CVE-2018-1120: By mmap()ing a FUSE-backed file onto a process\u0027s memory containing command line arguments (or environment strings), an attacker can cause utilities from psutils or procps (such as ps, w) or any other program which made a read() call to the /proc/\u003cpid\u003e/cmdline (or /proc/\u003cpid\u003e/environ) files to block indefinitely (denial of service) or for some controlled time (as a synchronization primitive for other attacks) (bnc#1093158).\n- CVE-2017-16939: The XFRM dump policy implementation in net/xfrm/xfrm_user.c allowed local users to gain privileges or cause a denial of service (use-after-free) via a crafted SO_RCVBUF setsockopt system call in conjunction with XFRM_MSG_GETPOLICY Netlink messages (bnc#1069702).\n- CVE-2018-16884: NFS41+ shares mounted in different network namespaces at the same time could make bc_svc_process() use wrong back-channel IDs and cause a use-after-free vulnerability. Thus a malicious container user can cause a host kernel memory corruption and a system panic. Due to the nature of the flaw, privilege escalation cannot be fully ruled out (bnc#1119946).\n- CVE-2018-20169: The USB subsystem mishandled size checks during the reading of an extra descriptor, related to __usb_get_extra_descriptor in drivers/usb/core/usb.c (bnc#1119714).\n- CVE-2018-9568: In sk_clone_lock of sock.c, there is a possible memory corruption due to type confusion. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation. (bnc#1118319).\n- CVE-2018-16862: A security flaw was found in a way that the cleancache subsystem clears an inode after the final file truncation (removal). The new file created with the same inode may contain leftover pages from cleancache and the old file data instead of the new one (bnc#1117186).\n- CVE-2018-19824: A local user could exploit a use-after-free in the ALSA driver by supplying a malicious USB Sound device (with zero interfaces) that is mishandled in usb_audio_probe in sound/usb/card.c (bnc#1118152).\n\nThe following non-security bugs were fixed:\n\n- 9p: clear dangling pointers in p9stat_free (bnc#1012382).\n- 9p locks: fix glock.client_id leak in do_lock (bnc#1012382).\n- 9p/net: put a lower bound on msize (bnc#1012382).\n- ACPI/IORT: Fix iort_get_platform_device_domain() uninitialized pointer value (bsc#1121239).\n- ACPI/LPSS: Add alternative ACPI HIDs for Cherry Trail DMA controllers (bnc#1012382).\n- ACPI/nfit, x86/mce: Handle only uncorrectable machine checks (bsc#1114648).\n- ACPI/nfit, x86/mce: Validate a MCE\u0027s address before using it (bsc#1114648).\n- ACPI/platform: Add SMB0001 HID to forbidden_id_list (bnc#1012382).\n- af_iucv: Move sockaddr length checks to before accessing sa_family in bind and connect handlers (bnc#1012382).\n- ahci: do not ignore result code of ahci_reset_controller() (bnc#1012382).\n- aio: fix spectre gadget in lookup_ioctx (bnc#1012382).\n- aio: hold an extra file reference over AIO read/write operations (bsc#1116027).\n- ALSA: ac97: Fix incorrect bit shift at AC97-SPSA control write (bnc#1012382).\n- ALSA: ca0106: Disable IZD on SB0570 DAC to fix audio pops (bnc#1012382).\n- ALSA: control: Fix race between adding and removing a user element (bnc#1012382).\n- ALSA: cs46xx: Potential NULL dereference in probe (bnc#1012382).\n- ALSA: emu10k1: Fix potential Spectre v1 vulnerabilities (bnc#1012382).\n- ALSA: emux: Fix potential Spectre v1 vulnerabilities (bnc#1012382).\n- ALSA: hda - Add mic quirk for the Lenovo G50-30 (17aa:3905) (bnc#1012382).\n- ALSA: hda: add mute LED support for HP EliteBook 840 G4 (bnc#1012382).\n- ALSA: hda: Add support for AMD Stoney Ridge (bnc#1012382).\n- ALSA: hda: Check the non-cached stream buffers more explicitly (bnc#1012382).\n- ALSA: hda/tegra: clear pending irq handlers (bnc#1012382).\n- ALSA: isa/wavefront: prevent some out of bound writes (bnc#1012382).\n- ALSA: pcm: Call snd_pcm_unlink() conditionally at closing (bnc#1012382).\n- ALSA: pcm: Fix interval evaluation with openmin/max (bnc#1012382).\n- ALSA: pcm: Fix potential Spectre v1 vulnerability (bnc#1012382).\n- ALSA: pcm: Fix starvation on down_write_nonblock() (bnc#1012382).\n- ALSA: pcm: remove SNDRV_PCM_IOCTL1_INFO internal command (bnc#1012382).\n- ALSA: rme9652: Fix potential Spectre v1 vulnerability (bnc#1012382).\n- ALSA: sparc: Fix invalid snd_free_pages() at error path (bnc#1012382).\n- ALSA: timer: Fix zero-division by continue of uninitialized instance (bnc#1012382).\n- ALSA: trident: Suppress gcc string warning (bnc#1012382).\n- ALSA: usb-audio: Avoid access before bLength check in build_audio_procunit() (bnc#1012382).\n- ALSA: usb-audio: Fix an out-of-bound read in create_composite_quirks (bnc#1012382).\n- ALSA: wss: Fix invalid snd_free_pages() at error path (bnc#1012382).\n- amd/iommu: Fix Guest Virtual APIC Log Tail Address Register (bsc#1106105).\n- ARC: change defconfig defaults to ARCv2 (bnc#1012382).\n- arc: [devboards] Add support of NFSv3 ACL (bnc#1012382).\n- arch/alpha, termios: implement BOTHER, IBSHIFT and termios2 (bnc#1012382).\n- ARC: io.h: Implement reads{x}()/writes{x}() (bnc#1012382).\n- arm64: Disable asm-operand-width warning for clang (bnc#1012382).\n- arm64: dts: stratix10: Correct System Manager register size (bnc#1012382).\n- arm64: hardcode rodata_enabled=true earlier in the series (bsc#1114763).\n- arm64: PCI: ACPI support for legacy IRQs parsing and consolidation with DT code (bsc#985031).\n- arm64: percpu: Initialize ret in the default case (bnc#1012382).\n- arm64: remove no-op -p linker flag (bnc#1012382).\n- arm: 8799/1: mm: fix pci_ioremap_io() offset check (bnc#1012382).\n- arm: 8814/1: mm: improve/fix ARM v7_dma_inv_range() unaligned address handling (bnc#1012382).\n- arm: dts: apq8064: add ahci ports-implemented mask (bnc#1012382).\n- arm: dts: imx53-qsb: disable 1.2GHz OPP (bnc#1012382).\n- arm: fix mis-applied iommu identity check (bsc#1116924).\n- arm: imx: update the cpu power up timing setting on i.mx6sx (bnc#1012382).\n- arm: kvm: fix building with gcc-8 (bsc#1121241).\n- arm: OMAP1: ams-delta: Fix possible use of uninitialized field (bnc#1012382).\n- arm: OMAP2+: prm44xx: Fix section annotation on omap44xx_prm_enable_io_wakeup (bnc#1012382).\n- asix: Check for supported Wake-on-LAN modes (bnc#1012382).\n- ASoC: ak4613: Enable cache usage to fix crashes on resume (bnc#1012382).\n- ASoC: dapm: Recalculate audio map forcely when card instantiated (bnc#1012382).\n- ASoC: omap-dmic: Add pm_qos handling to avoid overruns with CPU_IDLE (bnc#1012382).\n- ASoC: omap-mcpdm: Add pm_qos handling to avoid under/overruns with CPU_IDLE (bnc#1012382).\n- ASoC: spear: fix error return code in spdif_in_probe() (bnc#1012382).\n- ASoC: wm8940: Enable cache usage to fix crashes on resume (bnc#1012382).\n- ataflop: fix error handling during setup (bnc#1012382).\n- ath10k: fix kernel panic due to race in accessing arvif list (bnc#1012382).\n- ath10k: schedule hardware restart if WMI command times out (bnc#1012382).\n- ax25: fix a use-after-free in ax25_fillin_cb() (bnc#1012382).\n- ax88179_178a: Check for supported Wake-on-LAN modes (bnc#1012382).\n- b43: Fix error in cordic routine (bnc#1012382).\n- batman-adv: Expand merged fragment buffer for full packet (bnc#1012382).\n- bcache: fix miss key refill-\u003eend in writeback (bnc#1012382).\n- bfs: add sanity check at bfs_fill_super() (bnc#1012382).\n- binfmt_elf: fix calculations for bss padding (bnc#1012382).\n- bitops: protect variables in bit_clear_unless() macro (bsc#1116285).\n- block: fix inheriting request priority from bio (bsc#1116924).\n- block: respect virtual boundary mask in bvecs (bsc#1113412).\n- Bluetooth: btbcm: Add entry for BCM4335C0 UART bluetooth (bnc#1012382).\n- Bluetooth: SMP: fix crash in unpairing (bnc#1012382).\n- bna: ethtool: Avoid reading past end of buffer (bnc#1012382).\n- bnx2x: Assign unique DMAE channel number for FW DMAE transactions (bnc#1012382).\n- bonding: fix 802.3ad state sent to partner when unbinding slave (bnc#1012382).\n- bpf: fix check of allowed specifiers in bpf_trace_printk (bnc#1012382).\n- bpf: generally move prog destruction to RCU deferral (bnc#1012382).\n- bpf: support 8-byte metafield access (bnc#1012382).\n- bpf, trace: check event type in bpf_perf_event_read (bsc#1119970).\n- bpf, trace: use READ_ONCE for retrieving file ptr (bsc#1119967).\n- bpf/verifier: Add spi variable to check_stack_write() (bnc#1012382).\n- bpf/verifier: Pass instruction index to check_mem_access() and check_xadd() (bnc#1012382).\n- bridge: do not add port to router list when receives query with source 0.0.0.0 (bnc#1012382).\n- btrfs: Always try all copies when reading extent buffers (bnc#1012382).\n- btrfs: do not attempt to trim devices that do not support it (bnc#1012382).\n- btrfs: ensure path name is null terminated at btrfs_control_ioctl (bnc#1012382).\n- btrfs: fix backport error in submit_stripe_bio (bsc#1114763).\n- btrfs: fix data corruption due to cloning of eof block (bnc#1012382).\n- btrfs: Fix memory barriers usage with device stats counters (git-fixes).\n- btrfs: fix null pointer dereference on compressed write path error (bnc#1012382).\n- btrfs: fix pinned underflow after transaction aborted (bnc#1012382).\n- btrfs: fix use-after-free when dumping free space (bnc#1012382).\n- btrfs: fix wrong dentries after fsync of file that got its parent replaced (bnc#1012382).\n- btrfs: Handle error from btrfs_uuid_tree_rem call in _btrfs_ioctl_set_received_subvol (git-fixes).\n- btrfs: Handle owner mismatch gracefully when walking up tree (bnc#1012382).\n- btrfs: iterate all devices during trim, instead of fs_devices::alloc_list (bnc#1012382).\n- btrfs: locking: Add extra check in btrfs_init_new_buffer() to avoid deadlock (bnc#1012382).\n- btrfs: make sure we create all new block groups (bnc#1012382).\n- btrfs: qgroup: Dirty all qgroups before rescan (bnc#1012382).\n- btrfs: release metadata before running delayed refs (bnc#1012382).\n- btrfs: reset max_extent_size on clear in a bitmap (bnc#1012382).\n- btrfs: send, fix infinite loop due to directory rename dependencies (bnc#1012382).\n- btrfs: set max_extent_size properly (bnc#1012382).\n- btrfs: wait on caching when putting the bg cache (bnc#1012382).\n- cachefiles: fix the race between cachefiles_bury_object() and rmdir(2) (bnc#1012382).\n- can: dev: __can_get_echo_skb(): Do not crash the kernel if can_priv::echo_skb is accessed out of bounds (bnc#1012382).\n- can: dev: can_get_echo_skb(): factor out non sending code to __can_get_echo_skb() (bnc#1012382).\n- can: dev: __can_get_echo_skb(): print error message, if trying to echo non existing skb (bnc#1012382).\n- can: dev: __can_get_echo_skb(): replace struct can_frame by canfd_frame to access frame length (bnc#1012382).\n- can: rcar_can: Fix erroneous registration (bnc#1012382).\n- cdc-acm: correct counting of UART states in serial state notification (bnc#1012382).\n- cdc-acm: fix abnormal DATA RX issue for Mediatek Preloader (bnc#1012382).\n- ceph: call setattr_prepare from ceph_setattr instead of inode_change_ok (bsc#1114763).\n- ceph: do not update importing cap\u0027s mseq when handing cap export (bsc#1121275).\n- ceph: fix dentry leak in ceph_readdir_prepopulate (bsc#1114839).\n- ceph: quota: fix null pointer dereference in quota check (bsc#1114839).\n- cfg80211: reg: Init wiphy_idx in regulatory_hint_core() (bnc#1012382).\n- CIFS: Fix error mapping for SMB2_LOCK command which caused OFD lock problem (bnc#1012382).\n- cifs: Fix separator when building path from dentry (bnc#1012382).\n- CIFS: handle guest access errors to Windows shares (bnc#1012382).\n- cifs: In Kconfig CONFIG_CIFS_POSIX needs depends on legacy (insecure cifs) (bnc#1012382).\n- clk: mmp: Off by one in mmp_clk_add() (bnc#1012382).\n- clk: s2mps11: Add used attribute to s2mps11_dt_match (git-fixes).\n- clk: s2mps11: Fix matching when built as module and DT node contains compatible (bnc#1012382).\n- clk: samsung: exynos5420: Enable PERIS clocks for suspend (bnc#1012382).\n- clockevents/drivers/i8253: Add support for PIT shutdown quirk (bnc#1012382).\n- configfs: replace strncpy with memcpy (bnc#1012382).\n- cpufeature: avoid warning when compiling with clang (Git-fixes).\n- cpufreq: imx6q: add return value check for voltage scale (bnc#1012382).\n- cpuidle: Do not access cpuidle_devices when !CONFIG_CPU_IDLE (bnc#1012382).\n- Cramfs: fix abad comparison when wrap-arounds occur (bnc#1012382).\n- crypto: arm64/sha - avoid non-standard inline asm tricks (bnc#1012382).\n- crypto: lrw - Fix out-of bounds access on counter overflow (bnc#1012382).\n- crypto: shash - Fix a sleep-in-atomic bug in shash_setkey_unaligned (bnc#1012382).\n- crypto, x86: aesni - fix token pasting for clang (bnc#1012382).\n- crypto: x86/chacha20 - avoid sleeping with preemption disabled (bnc#1012382).\n- cw1200: Do not leak memory if krealloc failes (bnc#1012382).\n- cxgb4: Add support for new flash parts (bsc#1102439).\n- cxgb4: assume flash part size to be 4MB, if it can\u0027t be determined (bsc#1102439).\n- cxgb4: Fix FW flash errors (bsc#1102439).\n- cxgb4: fix missing break in switch and indent return statements (bsc#1102439).\n- cxgb4: support new ISSI flash parts (bsc#1102439).\n- debugobjects: avoid recursive calls with kmemleak (bnc#1012382).\n- disable stringop truncation warnings for now (bnc#1012382).\n- dlm: fixed memory leaks after failed ls_remove_names allocation (bnc#1012382).\n- dlm: lost put_lkb on error path in receive_convert() and receive_unlock() (bnc#1012382).\n- dlm: memory leaks on error path in dlm_user_request() (bnc#1012382).\n- dlm: possible memory leak on error path in create_lkb() (bnc#1012382).\n- dmaengine: at_hdmac: fix memory leak in at_dma_xlate() (bnc#1012382).\n- dmaengine: at_hdmac: fix module unloading (bnc#1012382).\n- dmaengine: dma-jz4780: Return error if not probed from DT (bnc#1012382).\n- dm cache metadata: ignore hints array being too small during resize (Git-fixes).\n- dm ioctl: harden copy_params()\u0027s copy_from_user() from malicious users (bnc#1012382).\n- dm-multipath: do not assign cmd_flags in setup_clone() (bsc#1103156).\n- dm raid: stop using BUG() in __rdev_sectors() (bsc#1046264). This syncs with the upstream fix which caught a case where it returning 0 may have caused incorrect behavior.\n- dm thin: stop no_space_timeout worker when switching to write-mode (Git-fixes).\n- dpaa_eth: fix dpaa_get_stats64 to match prototype (bsc#1114763).\n- driver/dma/ioat: Call del_timer_sync() without holding prep_lock (bnc#1012382).\n- drivers: hv: vmbus: check the creation_status in vmbus_establish_gpadl() (bsc#1104098).\n- drivers: hv: vmbus: Return -EINVAL for the sys files for unopened channels (bnc#1012382).\n- drivers/misc/sgi-gru: fix Spectre v1 vulnerability (bnc#1012382).\n- drivers/sbus/char: add of_node_put() (bnc#1012382).\n- drivers/tty: add missing of_node_put() (bnc#1012382).\n- drm/ast: change resolution may cause screen blurred (bnc#1012382).\n- drm/ast: fixed cursor may disappear sometimes (bnc#1012382).\n- drm/ast: fixed reading monitor EDID not stable issue (bnc#1012382).\n- drm/ast: Fix incorrect free on ioregs (bsc#1106929)\n- drm/ast: Remove existing framebuffers before loading driver (boo#1112963)\n- drm/dp_mst: Check if primary mstb is null (bnc#1012382).\n- drm/fb-helper: Ignore the value of fb_var_screeninfo.pixclock (bsc#1106929)\n- drm/hisilicon: hibmc: Do not carry error code in HiBMC framebuffer (bsc#1113766)\n- drm/hisilicon: hibmc: Do not overwrite fb helper surface depth (bsc#1113766)\n- drm/i915/hdmi: Add HDMI 2.0 audio clock recovery N values (bnc#1012382).\n- drm/ioctl: Fix Spectre v1 vulnerabilities (bnc#1012382).\n- drm/msm: Grab a vblank reference when waiting for commit_done (bnc#1012382).\n- drm/nouveau/fbcon: fix oops without fbdev emulation (bnc#1012382).\n- drm/omap: fix memory barrier bug in DMM driver (bnc#1012382).\n- drm: rcar-du: Fix external clock error checks (bsc#1106929)\n- drm: rcar-du: Fix vblank initialization (bsc#1106929)\n- drm/rockchip: Allow driver to be shutdown on reboot/kexec (bnc#1012382).\n- e1000: avoid null pointer dereference on invalid stat type (bnc#1012382).\n- e1000: fix race condition between e1000_down() and e1000_watchdog (bnc#1012382).\n- efi/libstub/arm64: Force \u0027hidden\u0027 visibility for section markers (bnc#1012382).\n- efi/libstub/arm64: Set -fpie when building the EFI stub (bnc#1012382).\n- exec: avoid gcc-8 warning for get_task_comm (bnc#1012382).\n- exportfs: do not read dentry after free (bnc#1012382).\n- ext2: fix potential use after free (bnc#1012382).\n- ext4: add missing brelse() add_new_gdb_meta_bg()\u0027s error path (bnc#1012382).\n- ext4: add missing brelse() in set_flexbg_block_bitmap()\u0027s error path (bnc#1012382).\n- ext4: add missing brelse() update_backups()\u0027s error path (bnc#1012382).\n- ext4: avoid buffer leak in ext4_orphan_add() after prior errors (bnc#1012382).\n- ext4: avoid possible double brelse() in add_new_gdb() on error path (bnc#1012382).\n- ext4: avoid potential extra brelse in setup_new_flex_group_blocks() (bnc#1012382).\n- ext4: fix argument checking in EXT4_IOC_MOVE_EXT (bnc#1012382).\n- ext4: fix buffer leak in __ext4_read_dirblock() on error path (bnc#1012382).\n- ext4: fix buffer leak in ext4_xattr_move_to_block() on error path (bnc#1012382).\n- ext4: fix EXT4_IOC_GROUP_ADD ioctl (bnc#1012382).\n- ext4: fix missing cleanup if ext4_alloc_flex_bg_array() fails while resizing (bnc#1012382).\n- ext4: fix possible inode leak in the retry loop of ext4_resize_fs() (bnc#1012382).\n- ext4: fix possible leak of sbi-\u003es_group_desc_leak in error path (bnc#1012382).\n- ext4: fix possible use after free in ext4_quota_enable (bnc#1012382).\n- ext4: force inode writes when nfsd calls commit_metadata() (bnc#1012382).\n- ext4: initialize retries variable in ext4_da_write_inline_data_begin() (bnc#1012382).\n- ext4: missing unlock/put_page() in ext4_try_to_write_inline_data() (bnc#1012382).\n- ext4: release bs.bh before re-using in ext4_xattr_block_find() (bnc#1012382).\n- fbdev: fbcon: Fix unregister crash when more than one framebuffer (bsc#1106929)\n- fbdev: fbmem: behave better with small rotated displays and many CPUs (bsc#1106929)\n- fcoe: remove duplicate debugging message in fcoe_ctlr_vn_add (bsc#1114763).\n- Fix kABI for \u0027Ensure we commit after writeback is complete\u0027 (bsc#1111809).\n- floppy: fix race condition in __floppy_read_block_0() (Git-fixes).\n- flow_dissector: do not dissect l4 ports for fragments (bnc#1012382).\n- fork: record start_time late (bnc#1012382).\n- fscache, cachefiles: remove redundant variable \u0027cache\u0027 (bnc#1012382).\n- fscache: fix race between enablement and dropping of object (bsc#1107385).\n- fscache: Fix race in fscache_op_complete() due to split atomic_sub \u0026 read (Git-fixes).\n- fscache: Pass the correct cancelled indications to fscache_op_complete() (Git-fixes).\n- fs, elf: make sure to page align bss in load_elf_library (bnc#1012382).\n- fs/exofs: fix potential memory leak in mount option parsing (bnc#1012382).\n- fs/fat/fatent.c: add cond_resched() to fat_count_free_clusters() (bnc#1012382).\n- fuse: Dont call set_page_dirty_lock() for ITER_BVEC pages for async_dio (bnc#1012382).\n- fuse: fix blocked_waitq wakeup (bnc#1012382).\n- fuse: fix leaked notify reply (bnc#1012382).\n- fuse: Fix use-after-free in fuse_dev_do_read() (bnc#1012382).\n- fuse: Fix use-after-free in fuse_dev_do_write() (bnc#1012382).\n- fuse: set FR_SENT while locked (bnc#1012382).\n- genirq: Fix race on spurious interrupt detection (bnc#1012382).\n- genwqe: Fix size check (bnc#1012382).\n- gfs2: Do not leave s_fs_info pointing to freed memory in init_sbd (bnc#1012382).\n- gfs2: Fix loop in gfs2_rbm_find (bnc#1012382).\n- gfs2_meta: -\u003emount() can get NULL dev_name (bnc#1012382).\n- gfs2: Put bitmap buffers in put_super (bnc#1012382).\n- git_sort.py: Remove non-existent remote tj/libata\n- gpio: max7301: fix driver for use with CONFIG_VMAP_STACK (bnc#1012382).\n- gpio: msic: fix error return code in platform_msic_gpio_probe() (bnc#1012382).\n- gpu: host1x: fix error return code in host1x_probe() (bnc#1012382).\n- gro_cell: add napi_disable in gro_cells_destroy (bnc#1012382).\n- hfs: do not free node before using (bnc#1012382).\n- hfsplus: do not free node before using (bnc#1012382).\n- hfsplus: prevent btree data loss on root split (bnc#1012382).\n- hfs: prevent btree data loss on root split (bnc#1012382).\n- HID: hiddev: fix potential Spectre v1 (bnc#1012382).\n- HID: uhid: forbid UHID_CREATE under KERNEL_DS or elevated privileges (bnc#1012382).\n- hpwdt add dynamic debugging (bsc#1114417).\n- hpwdt calculate reload value on each use (bsc#1114417).\n- hugetlbfs: dirty pages as they are added to pagecache (bnc#1012382).\n- hugetlbfs: fix bug in pgoff overflow checking (bnc#1012382).\n- hugetlbfs: fix kernel BUG at fs/hugetlbfs/inode.c:444! (bnc#1012382).\n- hwmon: (ibmpowernv) Remove bogus __init annotations (bnc#1012382).\n- hwmon: (ina2xx) Fix current value calculation (bnc#1012382).\n- hwmon: (pmbus) Fix page count auto-detection (bnc#1012382).\n- hwmon: (w83795) temp4_type has writable permission (bnc#1012382).\n- hwpoison, memory_hotplug: allow hwpoisoned pages to be offlined (bnc#1116336).\n- i2c: axxia: properly handle master timeout (bnc#1012382).\n- i2c: scmi: Fix probe error on devices with an empty SMB0001 ACPI device node (bnc#1012382).\n- IB/hfi1: Fix an out-of-bounds access in get_hw_stats ().\n- ibmveth: fix DMA unmap error in ibmveth_xmit_start error path (bnc#1012382).\n- ibmvnic: Convert reset work item mutex to spin lock ().\n- ibmvnic: fix accelerated VLAN handling ().\n- ibmvnic: fix index in release_rx_pools (bsc#1115440).\n- ibmvnic: Fix non-atomic memory allocation in IRQ context ().\n- ibmvnic: remove ndo_poll_controller ().\n- ibmvnic: Update driver queues after change in ring size support ().\n- IB/ucm: Fix Spectre v1 vulnerability (bnc#1012382).\n- ide: pmac: add of_node_put() (bnc#1012382).\n- ieee802154: lowpan_header_create check must check daddr (bnc#1012382).\n- igb: Remove superfluous reset to PHY and page 0 selection (bnc#1012382).\n- iio: adc: at91: fix acking DRDY irq on simple conversions (bnc#1012382).\n- iio: adc: at91: fix wrong channel number in triggered buffer mode (bnc#1012382).\n- ima: fix showing large \u0027violations\u0027 or \u0027runtime_measurements_count\u0027 (bnc#1012382).\n- Input: elan_i2c - add ACPI ID for Lenovo IdeaPad 330-15ARR (bnc#1012382).\n- Input: elan_i2c - add ACPI ID for Lenovo IdeaPad 330-15IGM (bnc#1012382).\n- Input: elan_i2c - add ACPI ID for touchpad in ASUS Aspire F5-573G (bnc#1012382).\n- Input: elan_i2c - add ELAN0620 to the ACPI table (bnc#1012382).\n- Input: elan_i2c - add support for ELAN0621 touchpad (bnc#1012382).\n- Input: matrix_keypad - check for errors from of_get_named_gpio() (bnc#1012382).\n- Input: omap-keypad - fix idle configuration to not block SoC idle states (bnc#1012382).\n- Input: omap-keypad - fix keyboard debounce configuration (bnc#1012382).\n- Input: restore EV_ABS ABS_RESERVED (bnc#1012382).\n- Input: xpad - add GPD Win 2 Controller USB IDs (bnc#1012382).\n- Input: xpad - add Mad Catz FightStick TE 2 VID/PID (bnc#1012382).\n- Input: xpad - add more third-party controllers (bnc#1012382).\n- Input: xpad - add PDP device id 0x02a4 (bnc#1012382).\n- Input: xpad - add product ID for Xbox One S pad (bnc#1012382).\n- Input: xpad - add support for PDP Xbox One controllers (bnc#1012382).\n- Input: xpad - add support for Xbox1 PDP Camo series gamepad (bnc#1012382).\n- Input: xpad - add USB IDs for Mad Catz Brawlstick and Razer Sabertooth (bnc#1012382).\n- Input: xpad - avoid using __set_bit() for capabilities (bnc#1012382).\n- Input: xpad - constify usb_device_id (bnc#1012382).\n- Input: xpad - correctly sort vendor id\u0027s (bnc#1012382).\n- Input: xpad - correct xbox one pad device name (bnc#1012382).\n- Input: xpad - do not depend on endpoint order (bnc#1012382).\n- Input: xpad - fix GPD Win 2 controller name (bnc#1012382).\n- Input: xpad - fix PowerA init quirk for some gamepad models (bnc#1012382).\n- Input: xpad - fix rumble on Xbox One controllers with 2015 firmware (bnc#1012382).\n- Input: xpad - fix some coding style issues (bnc#1012382).\n- Input: xpad - fix stuck mode button on Xbox One S pad (bnc#1012382).\n- Input: xpad - fix Xbox One rumble stopping after 2.5 secs (bnc#1012382).\n- Input: xpad - handle \u0027present\u0027 and \u0027gone\u0027 correctly (bnc#1012382).\n- Input: xpad - move reporting xbox one home button to common function (bnc#1012382).\n- Input: xpad - power off wireless 360 controllers on suspend (bnc#1012382).\n- Input: xpad - prevent spurious input from wired Xbox 360 controllers (bnc#1012382).\n- Input: xpad - quirk all PDP Xbox One gamepads (bnc#1012382).\n- Input: xpad - remove spurious events of wireless xpad 360 controller (bnc#1012382).\n- Input: xpad - remove unused function (bnc#1012382).\n- Input: xpad - restore LED state after device resume (bnc#1012382).\n- Input: xpad - simplify error condition in init_output (bnc#1012382).\n- Input: xpad - sort supported devices by USB ID (bnc#1012382).\n- Input: xpad - support some quirky Xbox One pads (bnc#1012382).\n- Input: xpad - sync supported devices with 360Controller (bnc#1012382).\n- Input: xpad - sync supported devices with XBCD (bnc#1012382).\n- Input: xpad - sync supported devices with xboxdrv (bnc#1012382).\n- Input: xpad - update Xbox One Force Feedback Support (bnc#1012382).\n- Input: xpad - use LED API when identifying wireless controllers (bnc#1012382).\n- Input: xpad - validate USB endpoint type during probe (bnc#1012382).\n- Input: xpad - workaround dead irq_out after suspend/ resume (bnc#1012382).\n- Input: xpad - xbox one elite controller support (bnc#1012382).\n- intel_th: msu: Fix an off-by-one in attribute store (bnc#1012382).\n- iommu/amd: Fix amd_iommu=force_isolation (bsc#1106105).\n- iommu/arm-smmu: Ensure that page-table updates are visible before TLBI (bsc#1106237).\n- iommu/ipmmu-vmsa: Fix crash on early domain free (bsc#1106105).\n- iommu/vt-d: Fix NULL pointer dereference in prq_event_thread() (bsc#1106105).\n- iommu/vt-d: Handle domain agaw being less than iommu agaw (bsc#1106105).\n- iommu/vt-d: Use memunmap to free memremap (bsc#1106105).\n- ip6mr: Fix potential Spectre v1 vulnerability (bnc#1012382).\n- ipmi: Fix timer race with module unload (bnc#1012382).\n- ip_tunnel: do not force DF when MTU is locked (bnc#1012382).\n- ip_tunnel: Fix name string concatenate in __ip_tunnel_create() (bnc#1012382).\n- ipv4: Fix potential Spectre v1 vulnerability (bnc#1012382).\n- ipv4: ipv6: netfilter: Adjust the frag mem limit when truesize changes (bsc#1110286).\n- ipv6: Check available headroom in ip6_xmit() even without options (bnc#1012382).\n- ipv6: explicitly initialize udp6_addr in udp_sock_create6() (bnc#1012382).\n- ipv6: Fix PMTU updates for UDP/raw sockets in presence of VRF (bnc#1012382).\n- ipv6: mcast: fix a use-after-free in inet6_mc_check (bnc#1012382).\n- ipv6/ndisc: Preserve IPv6 control buffer if protocol error handlers are called (bnc#1012382).\n- ipv6: orphan skbs in reassembly unit (bnc#1012382).\n- ipv6: set rt6i_protocol properly in the route when it is installed (bsc#1114190).\n- ipv6: suppress sparse warnings in IP6_ECN_set_ce() (bnc#1012382).\n- isdn: fix kernel-infoleak in capi_unlocked_ioctl (bnc#1012382).\n- iser: set sector for ambiguous mr status errors (bnc#1012382).\n- iwlwifi: mvm: fix regulatory domain update when the firmware starts (bnc#1012382).\n- iwlwifi: mvm: support sta_statistics() even on older firmware (bnc#1012382).\n- ixgbe: Add function for checking to see if we can reuse page (bsc#1100105).\n- ixgbe: Add support for build_skb (bsc#1100105).\n- ixgbe: Add support for padding packet (bsc#1100105).\n- ixgbe: Break out Rx buffer page management (bsc#1100105).\n- ixgbe: Fix output from ixgbe_dump (bsc#1100105).\n- ixgbe: fix possible race in reset subtask (bsc#1101557).\n- ixgbe: Make use of order 1 pages and 3K buffers independent of FCoE (bsc#1100105).\n- ixgbe: Only DMA sync frame length (bsc#1100105).\n- ixgbe: recognize 1000BaseLX SFP modules as 1Gbps (bnc#1012382).\n- ixgbe: Refactor queue disable logic to take completion time into account (bsc#1101557).\n- ixgbe: Reorder Tx/Rx shutdown to reduce time needed to stop device (bsc#1101557).\n- ixgbe: Update code to better handle incrementing page count (bsc#1100105).\n- ixgbe: Update driver to make use of DMA attributes in Rx path (bsc#1100105).\n- ixgbe: Use length to determine if descriptor is done (bsc#1100105).\n- jbd2: fix use after free in jbd2_log_do_checkpoint() (bnc#1012382).\n- jffs2: free jffs2_sb_info through jffs2_kill_sb() (bnc#1012382).\n- kabi: hwpoison, memory_hotplug: allow hwpoisoned pages to be offlined (bnc#1116336).\n- kABI: protect get_vaddr_frames (kabi).\n- kABI: protect struct azx (kabi).\n- kABI: protect struct cfs_bandwidth (kabi).\n- kABI: protect struct esp (kabi).\n- kABI: protect struct fuse_io_priv (kabi).\n- kABI: protect __usb_get_extra_descriptor (kabi).\n- kABI: protect xen/xen-ops.h include in xlate_mmu.c (kabi).\n- kabi: revert sig change on pnfs_read_resend_pnfs (git-fixes).\n- kbuild: Add better clang cross build support (bnc#1012382).\n- kbuild: Add __cc-option macro (bnc#1012382).\n- kbuild: Add support to generate LLVM assembly files (bnc#1012382).\n- kbuild: allow to use GCC toolchain not in Clang search path (bnc#1012382).\n- kbuild: clang: add -no-integrated-as to KBUILD_[AC]FLAGS (bnc#1012382).\n- kbuild: clang: Disable \u0027address-of-packed-member\u0027 warning (bnc#1012382).\n- kbuild: clang: disable unused variable warnings only when constant (bnc#1012382).\n- kbuild: clang: fix build failures with sparse check (bnc#1012382).\n- kbuild: clang: remove crufty HOSTCFLAGS (bnc#1012382).\n- kbuild: Consolidate header generation from ASM offset information (bnc#1012382).\n- kbuild: consolidate redundant sed script ASM offset generation (bnc#1012382).\n- kbuild: drop -Wno-unknown-warning-option from clang options (bnc#1012382).\n- kbuild: fix asm-offset generation to work with clang (bnc#1012382).\n- kbuild: fix kernel/bounds.c \u0027W=1\u0027 warning (bnc#1012382).\n- kbuild: fix linker feature test macros when cross compiling with Clang (bnc#1012382).\n- kbuild, LLVMLinux: Add -Werror to cc-option to support clang (bnc#1012382).\n- kbuild: move cc-option and cc-disable-warning after incl. arch Makefile (bnc#1012382).\n- kbuild: Set KBUILD_CFLAGS before incl. arch Makefile (bnc#1012382).\n- kbuild: set no-integrated-as before incl. arch Makefile (bnc#1012382).\n- kbuild: use -Oz instead of -Os when using clang (bnc#1012382).\n- kdb: use memmove instead of overlapping memcpy (bnc#1012382).\n- kdb: Use strscpy with destination buffer size (bnc#1012382).\n- kernel-source.spec: Align source numbering.\n- kernfs: Replace strncpy with memcpy (bnc#1012382).\n- KEYS: put keyring if install_session_keyring_to_cred() fails (bnc#1012382).\n- kgdboc: fix KASAN global-out-of-bounds bug in param_set_kgdboc_var() (bnc#1012382).\n- kgdboc: Fix restrict error (bnc#1012382).\n- kgdboc: Fix warning with module build (bnc#1012382).\n- kgdboc: Passing ekgdboc to command line causes panic (bnc#1012382).\n- kobject: Replace strncpy with memcpy (bnc#1012382).\n- kprobes: Return error if we fail to reuse kprobe instead of BUG_ON() (bnc#1012382).\n- KVM: arm64: Fix caching of host MDCR_EL2 value (bsc#1121242).\n- KVM: arm: Restore banked registers and physical timer access on hyp_panic() (bsc#1121240).\n- KVM: mmu: Fix race in emulated page table writes (bnc#1012382).\n- KVM: nVMX: Always reflect #NM VM-exits to L1 (bsc#1106240).\n- KVM: nVMX: Eliminate vmcs02 pool (bnc#1012382).\n- KVM: nVMX: mark vmcs12 pages dirty on L2 exit (bnc#1012382).\n- KVM: PPC: Move and undef TRACE_INCLUDE_PATH/FILE (bnc#1012382).\n- KVM/SVM: Allow direct access to MSR_IA32_SPEC_CTRL (bnc#1012382 bsc#1068032).\n- KVM/SVM: Ensure an IBPB on all affected CPUs when freeing a vmcb (bsc#1114648).\n- KVM/VMX: Allow direct access to MSR_IA32_SPEC_CTRL (bnc#1012382 bsc#1068032 bsc#1096242 bsc#1096281).\n- KVM/VMX: Emulate MSR_IA32_ARCH_CAPABILITIES (bnc#1012382).\n- KVM/VMX: introduce alloc_loaded_vmcs (bnc#1012382).\n- KVM/VMX: make MSR bitmaps per-VCPU (bnc#1012382).\n- KVM/x86: Add IBPB support (bnc#1012382 bsc#1068032 bsc#1068032).\n- KVM/x86: fix empty-body warnings (bnc#1012382).\n- KVM/x86: Remove indirect MSR op calls from SPEC_CTRL (bnc#1012382).\n- KVM/x86: Use jmp to invoke kvm_spurious_fault() from .fixup (bnc#1012382).\n- lan78xx: Check for supported Wake-on-LAN modes (bnc#1012382).\n- leds: call led_pwm_set() in leds-pwm to enforce default LED_OFF (bnc#1012382).\n- leds: leds-gpio: Fix return value check in create_gpio_led() (bnc#1012382).\n- leds: turn off the LED and wait for completion on unregistering LED class device (bnc#1012382).\n- libata: whitelist all SAMSUNG MZ7KM* solid-state disks (bnc#1012382).\n- libceph: bump CEPH_MSG_MAX_DATA_LEN (bsc#1114839).\n- libceph: fall back to sendmsg for slab pages (bsc#1118316).\n- libfc: sync strings with upstream versions (bsc#1114763).\n- lib/interval_tree_test.c: allow full tree search (bnc#1012382).\n- lib/interval_tree_test.c: allow users to limit scope of endpoint (bnc#1012382).\n- lib/interval_tree_test.c: make test options module parameters (bnc#1012382).\n- libnvdimm, {btt, blk}: do integrity setup before add_disk() (bsc#1118926).\n- libnvdimm, dimm: fix dpa reservation vs uninitialized label area (bsc#1118936).\n- libnvdimm: fix integer overflow static analysis warning (bsc#1118922).\n- libnvdimm: fix nvdimm_bus_lock() vs device_lock() ordering (bsc#1118915).\n- libnvdimm: Hold reference on parent while scheduling async init (bnc#1012382).\n- lib/raid6: Fix arm64 test build (bnc#1012382).\n- lib/rbtree_test.c: make input module parameters (bnc#1012382).\n- lib/rbtree-test: lower default params (bnc#1012382).\n- llc: do not use sk_eat_skb() (bnc#1012382).\n- lockd: fix access beyond unterminated strings in prints (bnc#1012382).\n- locking/lockdep: Fix debug_locks off performance problem (bnc#1012382).\n- mac80211: Always report TX status (bnc#1012382).\n- mac80211: Clear beacon_int in ieee80211_do_stop (bnc#1012382).\n- mac80211: fix reordering of buffered broadcast packets (bnc#1012382).\n- mac80211_hwsim: do not omit multicast announce of first added radio (bnc#1012382).\n- mac80211_hwsim: fix module init error paths for netlink (bnc#1012382).\n- mac80211_hwsim: Timer should be initialized before device registered (bnc#1012382).\n- mac80211: ignore NullFunc frames in the duplicate detection (bnc#1012382).\n- mac80211: ignore tx status for PS stations in ieee80211_tx_status_ext (bnc#1012382).\n- mach64: fix display corruption on big endian machines (bnc#1012382).\n- mach64: fix image corruption due to reading accelerator registers (bnc#1012382).\n- matroxfb: fix size of memcpy (bnc#1012382).\n- MD: do not check MD_SB_CHANGE_CLEAN in md_allow_write (Git-fixes).\n- MD: fix invalid stored role for a disk (bnc#1012382).\n- MD: fix invalid stored role for a disk - try2 (bnc#1012382).\n- media: dvb-frontends: fix i2c access helpers for KASAN (bnc#1012382).\n- media: em28xx: fix input name for Terratec AV 350 (bnc#1012382).\n- media: em28xx: Fix use-after-free when disconnecting (bnc#1012382).\n- media: em28xx: make v4l2-compliance happier by starting sequence on zero (bnc#1012382).\n- media: em28xx: use a default format if TRY_FMT fails (bnc#1012382).\n- media: pci: cx23885: handle adding to list failure (bnc#1012382).\n- media: tvp5150: fix width alignment during set_selection() (bnc#1012382).\n- media: v4l: event: Add subscription to list before calling \u0027add\u0027 operation (bnc#1012382).\n- media: vivid: free bitmap_cap when updating std/timings/etc (bnc#1012382).\n- MIPS: Align kernel load address to 64KB (bnc#1012382).\n- MIPS: DEC: Fix an int-handler.S CPU_DADDI_WORKAROUNDS regression (bnc#1012382).\n- MIPS: Ensure pmd_present() returns false after pmd_mknotpresent() (bnc#1012382).\n- MIPS: Fix FCSR Cause bit handling for correct SIGFPE issue (bnc#1012382).\n- MIPS: fix mips_get_syscall_arg o32 check (bnc#1012382).\n- MIPS: Handle non word sized instructions when examining frame (bnc#1012382).\n- MIPS: kexec: Mark CPU offline before disabling local IRQ (bnc#1012382).\n- MIPS: Loongson-3: Fix BRIDGE irq delivery problem (bnc#1012382).\n- MIPS: Loongson-3: Fix CPU UART irq delivery problem (bnc#1012382).\n- MIPS: microMIPS: Fix decoding of swsp16 instruction (bnc#1012382).\n- MIPS: OCTEON: fix out of bounds array access on CN68XX (bnc#1012382).\n- MIPS: ralink: Fix mt7620 nd_sd pinmux (bnc#1012382).\n- misc: atmel-ssc: Fix section annotation on atmel_ssc_get_driver_data (bnc#1012382).\n- misc: mic/scif: fix copy-paste error in scif_create_remote_lookup (bnc#1012382).\n- MMC: core: Reset HPI enabled state during re-init and in case of errors (bnc#1012382).\n- mm: cleancache: fix corruption on missed inode invalidation (bnc#1012382).\n- MMC: OMAP: fix broken MMC on OMAP15XX/OMAP5910/OMAP310 (bnc#1012382).\n- MMC: omap_hsmmc: fix DMA API warning (bnc#1012382).\n- MMC: sdhci-pci-o2micro: Add quirk for O2 Micro dev 0x8620 rev 0x01 (bnc#1012382).\n- mm, devm_memremap_pages: kill mapping \u0027System RAM\u0027 support (bnc#1012382).\n- mm: do not bug_on on incorrect length in __mm_populate() (bnc#1012382).\n- mm: do not miss the last page because of round-off error (bnc#1118798).\n- mm, elf: handle vm_brk error (bnc#1012382).\n- mm, hugetlb: fix huge_pte_alloc BUG_ON (bsc#1119204).\n- mm: hwpoison: call shake_page() after try_to_unmap() for mlocked page (bnc#1116336).\n- mm: lower the printk loglevel for __dump_page messages (generic hotplug debugability).\n- mm, memory_hotplug: be more verbose for memory offline failures (generic hotplug debugability).\n- mm, memory_hotplug: drop pointless block alignment checks from __offline_pages (generic hotplug debugability).\n- mm, memory_hotplug: print reason for the offlining failure (generic hotplug debugability).\n- mm: migration: fix migration of huge PMD shared pages (bnc#1012382).\n- mm: mlock: avoid increase mm-\u003elocked_vm on mlock() when already mlock2(,MLOCK_ONFAULT) (bnc#1012382).\n- mm/nommu.c: Switch __get_user_pages_unlocked() to use __get_user_pages() (bnc#1012382).\n- mm: Preserve _PAGE_DEVMAP across mprotect() calls (bsc#1118790).\n- mm: print more information about mapping in __dump_page (generic hotplug debugability).\n- mm: put_and_wait_on_page_locked() while page is migrated (bnc#1109272).\n- mm: refuse wrapped vm_brk requests (bnc#1012382).\n- mm: remove write/force parameters from __get_user_pages_locked() (bnc#1012382 bsc#1027260).\n- mm: remove write/force parameters from __get_user_pages_unlocked() (bnc#1012382 bsc#1027260).\n- mm: replace __access_remote_vm() write parameter with gup_flags (bnc#1012382).\n- mm: replace access_remote_vm() write parameter with gup_flags (bnc#1012382).\n- mm: replace get_user_pages_locked() write/force parameters with gup_flags (bnc#1012382 bsc#1027260).\n- mm: replace get_user_pages_unlocked() write/force parameters with gup_flags (bnc#1012382 bsc#1027260).\n- mm: replace get_user_pages() write/force parameters with gup_flags (bnc#1012382 bsc#1027260).\n- mm: replace get_vaddr_frames() write/force parameters with gup_flags (bnc#1012382).\n- mm: thp: relax __GFP_THISNODE for MADV_HUGEPAGE mappings (bnc#1012382).\n- modules: mark __inittest/__exittest as __maybe_unused (bnc#1012382).\n- mount: Do not allow copying MNT_UNBINDABLE|MNT_LOCKED mounts (bnc#1012382).\n- mount: Prevent MNT_DETACH from disconnecting locked mounts (bnc#1012382).\n- mount: Retest MNT_LOCKED in do_umount (bnc#1012382).\n- mtd: docg3: do not set conflicting BCH_CONST_PARAMS option (bnc#1012382).\n- mtd: spi-nor: Add support for is25wp series chips (bnc#1012382).\n- mv88e6060: disable hardware level MAC learning (bnc#1012382).\n- mwifiex: Fix NULL pointer dereference in skb_dequeue() (bnc#1012382).\n- mwifiex: fix p2p device does not find in scan problem (bnc#1012382).\n- namei: allow restricted O_CREAT of FIFOs and regular files (bnc#1012382).\n- neighbour: Avoid writing before skb-\u003ehead in neigh_hh_output() (bnc#1012382).\n- net: 8139cp: fix a BUG triggered by changing mtu with network traffic (bnc#1012382).\n- net/af_iucv: drop inbound packets with invalid flags (bnc#1114475, LTC#172679).\n- net/af_iucv: fix skb handling on HiperTransport xmit error (bnc#1114475, LTC#172679).\n- net: amd: add missing of_node_put() (bnc#1012382).\n- net: bcmgenet: fix OF child-node lookup (bnc#1012382).\n- net: bridge: remove ipv6 zero address check in mcast queries (bnc#1012382).\n- net: cxgb3_main: fix a missing-check bug (bnc#1012382).\n- net: drop skb on failure in ip_check_defrag() (bnc#1012382).\n- net: drop write-only stack variable (bnc#1012382).\n- net: ena: add functions for handling Low Latency Queues in ena_com (bsc#1117562).\n- net: ena: add functions for handling Low Latency Queues in ena_netdev (bsc#1117562).\n- net: ena: change rx copybreak default to reduce kernel memory pressure (bsc#1117562).\n- net: ena: complete host info to match latest ENA spec (bsc#1117562).\n- net: ena: enable Low Latency Queues (bsc#1117562).\n- net: ena: explicit casting and initialization, and clearer error handling (bsc#1117562).\n- net: ena: fix auto casting to boolean (bsc#1117562).\n- net: ena: fix compilation error in xtensa architecture (bsc#1117562).\n- net: ena: fix crash during ena_remove() (bsc#1108240).\n- net: ena: fix crash during failed resume from hibernation (bsc#1117562).\n- net: ena: fix indentations in ena_defs for better readability (bsc#1117562).\n- net: ena: Fix Kconfig dependency on X86 (bsc#1117562).\n- net: ena: fix NULL dereference due to untimely napi initialization (bsc#1117562).\n- net: ena: fix rare bug when failed restart/resume is followed by driver removal (bsc#1117562).\n- net: ena: fix warning in rmmod caused by double iounmap (bsc#1117562).\n- net: ena: introduce Low Latency Queues data structures according to ENA spec (bsc#1117562).\n- net: ena: limit refill Rx threshold to 256 to avoid latency issues (bsc#1117562).\n- net: ena: minor performance improvement (bsc#1117562).\n- net: ena: remove ndo_poll_controller (bsc#1117562).\n- net: ena: remove redundant parameter in ena_com_admin_init() (bsc#1117562).\n- net: ena: update driver version from 2.0.1 to 2.0.2 (bsc#1108240).\n- net: ena: update driver version to 2.0.1 (bsc#1117562).\n- net: ena: use CSUM_CHECKED device indication to report skb\u0027s checksum status (bsc#1117562).\n- net: faraday: ftmac100: remove netif_running(netdev) check before disabling interrupts (bnc#1012382).\n- netfilter: ipset: actually allow allowable CIDR 0 in hash:net,port,net (bnc#1012382).\n- netfilter: ipset: Correct rcu_dereference() call in ip_set_put_comment() (bnc#1012382).\n- netfilter: nf_tables: fix oops when inserting an element into a verdict map (bnc#1012382).\n- netfilter: xt_IDLETIMER: add sysfs filename checking routine (bnc#1012382).\n- net-gro: reset skb-\u003epkt_type in napi_reuse_skb() (bnc#1012382).\n- net: hisilicon: remove unexpected free_netdev (bnc#1012382).\n- net: ibm: fix return type of ndo_start_xmit function ().\n- net/ibmnvic: Fix deadlock problem in reset ().\n- net/ibmvnic: Fix RTNL deadlock during device reset (bnc#1115431).\n- net/ipv4: defensive cipso option parsing (bnc#1012382).\n- net/ipv4: do not handle duplicate fragments as overlapping (bsc#1116345).\n- net/ipv6: Fix index counter for unicast addresses in in6_dump_addrs (bnc#1012382).\n- net/mlx4_core: Correctly set PFC param if global pause is turned off (bsc#1015336 bsc#1015337 bsc#1015340).\n- net/mlx4_core: Fix uninitialized variable compilation warning (bnc#1012382).\n- net/mlx4_core: Zero out lkey field in SW2HW_MPT fw command (bnc#1012382).\n- net/mlx4: Fix UBSAN warning of signed integer overflow (bnc#1012382).\n- net: phy: do not allow __set_phy_supported to add unsupported modes (bnc#1012382).\n- net: Prevent invalid access to skb-\u003eprev in __qdisc_drop_all (bnc#1012382).\n- net: qla3xxx: Remove overflowing shift statement (bnc#1012382).\n- netrom: fix locking in nr_find_socket() (bnc#1012382).\n- net: sched: gred: pass the right attribute to gred_change_table_def() (bnc#1012382).\n- net: socket: fix a missing-check bug (bnc#1012382).\n- net: stmmac: Fix stmmac_mdio_reset() when building stmmac as modules (bnc#1012382).\n- net: thunderx: fix NULL pointer dereference in nic_remove (bnc#1012382).\n- new helper: uaccess_kernel() (bnc#1012382).\n- NFC: nfcmrvl_uart: fix OF child-node lookup (bnc#1012382).\n- nfit: skip region registration for incomplete control regions (bsc#1118930).\n- nfsd: Fix an Oops in free_session() (bnc#1012382).\n- NFS: Ensure we commit after writeback is complete (bsc#1111809).\n- NFSv4.1: Fix the r/wsize checking (bnc#1012382).\n- NFSv4: Do not exit the state manager without clearing NFS4CLNT_MANAGER_RUNNING (git-fixes).\n- nvme: validate controller state before rescheduling keep alive (bsc#1103257).\n- ocfs2: fix a misuse a of brelse after failing ocfs2_check_dir_entry (bnc#1012382).\n- ocfs2: fix deadlock caused by ocfs2_defrag_extent() (bnc#1012382).\n- ocfs2: fix potential use after free (bnc#1012382).\n- of: add helper to lookup compatible child node (bnc#1012382).\n- packet: validate address length (bnc#1012382).\n- packet: validate address length if non-zero (bnc#1012382).\n- parisc: Fix address in HPMC IVA (bnc#1012382).\n- parisc: Fix map_pages() to not overwrite existing pte entries (bnc#1012382).\n- PCI: Add Device IDs for Intel GPU \u0027spurious interrupt\u0027 quirk (bnc#1012382).\n- PCI/ASPM: Do not initialize link state when aspm_disabled is set (bsc#1109806).\n- PCI/ASPM: Fix link_state teardown on device removal (bsc#1109806).\n- PCI: vmd: Detach resources after stopping root bus (bsc#1106105).\n- pcmcia: Implement CLKRUN protocol disabling for Ricoh bridges (bnc#1012382).\n- perf/bpf: Convert perf_event_array to use struct file (bsc#1119967).\n- perf/core: Do not leak event in the syscall error path (bnc#1012382).\n- perf pmu: Suppress potential format-truncation warning (bnc#1012382).\n- perf/ring_buffer: Prevent concurent ring buffer access (bnc#1012382).\n- perf tools: Cleanup trace-event-info \u0027tdata\u0027 leak (bnc#1012382).\n- perf tools: Disable parallelism for \u0027make clean\u0027 (bnc#1012382).\n- perf tools: Free temporary \u0027sys\u0027 string in read_event_files() (bnc#1012382).\n- pinctrl: qcom: spmi-mpp: Fix drive strength setting (bnc#1012382).\n- pinctrl: qcom: spmi-mpp: Fix err handling of pmic_mpp_set_mux (bnc#1012382).\n- pinctrl: spmi-mpp: Fix pmic_mpp_config_get() to be compliant (bnc#1012382).\n- pinctrl: ssbi-gpio: Fix pm8xxx_pin_config_get() to be compliant (bnc#1012382).\n- pinctrl: sunxi: a83t: Fix IRQ offset typo for PH11 (bnc#1012382).\n- platform/x86: acerhdf: Add BIOS entry for Gateway LT31 v1.3307 (bnc#1012382).\n- PM/devfreq: tegra: fix error return code in tegra_devfreq_probe() (bnc#1012382).\n- pNFS: Fix a deadlock between read resends and layoutreturn (git-fixes).\n- pNFS/flexfiles: Fix up the ff_layout_write_pagelist failure path (git-fixes).\n- pNFS/flexfiles: When checking for available DSes, conditionally check for MDS io (git-fixes).\n- pnfs: set NFS_IOHDR_REDO in pnfs_read_resend_pnfs (git-fixes).\n- powerpc/64s: consolidate MCE counter increment (bsc#1094244).\n- powerpc/boot: Ensure _zimage_start is a weak symbol (bnc#1012382).\n- powerpc/boot: Fix random libfdt related build errors (bnc#1012382).\n- powerpc/boot: Request no dynamic linker for boot wrapper (bsc#1070805).\n- powerpc: Fix COFF zImage booting on old powermacs (bnc#1012382).\n- powerpc/mm/radix: Use mm-\u003etask_size for boundary checking instead of addr_limit (bsc#1027457).\n- powerpc/msi: Fix compile error on mpc83xx (bnc#1012382).\n- powerpc/msi: Fix NULL pointer access in teardown code (bnc#1012382).\n- powerpc/nohash: fix undefined behaviour when testing page size support (bnc#1012382).\n- powerpc/numa: Suppress \u0027VPHN is not supported\u0027 messages (bnc#1012382).\n- powerpc/powernv: Do not select the cpufreq governors (bsc#1066223).\n- powerpc/powernv: Fix opal_event_shutdown() called with interrupts disabled (bsc#1066223).\n- powerpc/powernv/pci: Work around races in PCI bridge enabling (bsc#1066223).\n- powerpc/pseries: Fix DTL buffer registration (bsc#1066223).\n- powerpc/pseries: Fix how we iterate over the DTL entries (bsc#1066223).\n- powerpc/pseries/mobility: Extend start/stop topology update scope (bsc#1116950, bsc#1115709).\n- powerpc/traps: restore recoverability of machine_check interrupts (bsc#1094244).\n- power: supply: olpc_battery: correct the temperature units (bnc#1012382).\n- printk: Fix panic caused by passing log_buf_len to command line (bnc#1012382).\n- Provide a temporary fix for STIBP on-by-default (bsc#1116497).\n- pstore: Convert console write to use -\u003ewrite_buf (bnc#1012382).\n- ptp: fix Spectre v1 vulnerability (bnc#1012382).\n- pxa168fb: prepare the clock (bnc#1012382).\n- qed: Fix bitmap_weight() check (bsc#1019695).\n- qed: Fix PTT leak in qed_drain() (bnc#1012382).\n- qed: Fix QM getters to always return a valid pq (bsc#1019695 ).\n- qed: Fix reading wrong value in loop condition (bnc#1012382).\n- r8152: Check for supported Wake-on-LAN Modes (bnc#1012382).\n- r8169: fix NAPI handling under high load (bnc#1012382).\n- rapidio/rionet: do not free skb before reading its length (bnc#1012382).\n- RDMA/ucma: Fix Spectre v1 vulnerability (bnc#1012382).\n- reiserfs: propagate errors from fill_with_dentries() properly (bnc#1012382).\n- Revert \u0027Bluetooth: h5: Fix missing dependency on BT_HCIUART_SERDEV\u0027 (bnc#1012382).\n- Revert \u0027ceph: fix dentry leak in splice_dentry()\u0027 (bsc#1114839).\n- Revert \u0027drm/rockchip: Allow driver to be shutdown on reboot/kexec\u0027 (bsc#1106929)\n- Revert \u0027exec: avoid gcc-8 warning for get_task_comm\u0027 (kabi).\n- Revert \u0027iommu/io-pgtable-arm: Check for v7s-incapable systems\u0027 (bsc#1106105).\n- Revert \u0027media: v4l: event: Add subscription to list before calling \u0027add\u0027 operation\u0027 (kabi).\n- Revert \u0027media: videobuf2-core: do not call memop \u0027finish\u0027 when queueing\u0027 (bnc#1012382).\n- Revert \u0027PCI/ASPM: Do not initialize link state when aspm_disabled is set\u0027 (bsc#1106105).\n- Revert \u0027usb: musb: musb_host: Enable HCD_BH flag to handle urb return in bottom half\u0027 (bsc#1047487).\n- Revert \u0027wlcore: Add missing PM call for wlcore_cmd_wait_for_event_or_timeout()\u0027 (bnc#1012382).\n- Revert \u0027x86/kconfig: Fall back to ticket spinlocks\u0027 (kabi).\n- rocker: fix rocker_tlv_put_* functions for KASAN (bnc#1012382).\n- rpcrdma: Add RPCRDMA_HDRLEN_ERR (git-fixes).\n- rpm/kernel-binary.spec.in: Add missing export BRP_SIGN_FILES (bsc#1115587) The export line was accidentally dropped at merging scripts branch, which resulted in the invalid module signature.\n- rps: flow_dissector: Fix uninitialized flow_keys used in __skb_get_hash possibly (bsc#1042286 bsc#1108145).\n- rtc: hctosys: Add missing range error reporting (bnc#1012382).\n- rtc: snvs: add a missing write sync (bnc#1012382).\n- rtc: snvs: Add timeouts to avoid kernel lockups (bnc#1012382).\n- rtnetlink: Disallow FDB configuration for non-Ethernet device (bnc#1012382).\n- rtnetlink: ndo_dflt_fdb_dump() only work for ARPHRD_ETHER devices (bnc#1012382).\n- s390/cpum_cf: Reject request for sampling in event initialization (bnc#1012382).\n- s390/mm: Check for valid vma before zapping in gmap_discard (bnc#1012382).\n- s390/mm: Fix ERROR: \u0027__node_distance\u0027 undefined! (bnc#1012382).\n- s390/qeth_core_mpc: Use ARRAY_SIZE instead of reimplementing its function (bnc#1114475, LTC#172682).\n- s390/qeth: fix HiperSockets sniffer (bnc#1114475, LTC#172953).\n- s390/qeth: fix length check in SNMP processing (bnc#1012382).\n- s390/qeth: Fix potential array overrun in cmd/rc lookup (bnc#1114475, LTC#172682).\n- s390/vdso: add missing FORCE to build targets (bnc#1012382).\n- sbus: char: add of_node_put() (bnc#1012382).\n- sc16is7xx: Fix for multi-channel stall (bnc#1012382).\n- sched/cgroup: Fix cgroup entity load tracking tear-down (bnc#1012382).\n- sched/fair: Fix throttle_list starvation with low CFS quota (bnc#1012382).\n- sch_red: update backlog as well (bnc#1012382).\n- scsi: aacraid: Fix typo in blink status (bnc#1012382).\n- scsi: bfa: convert to strlcpy/strlcat (bnc#1012382 bsc#1019683, ).\n- scsi: bnx2fc: Fix NULL dereference in error handling (bnc#1012382).\n- scsi: core: Allow state transitions from OFFLINE to BLOCKED (bsc#1112246).\n- scsi: Create two versions of scsi_internal_device_unblock() (bsc#1119877).\n- scsi: csiostor: Avoid content leaks and casts (bnc#1012382).\n- scsi: esp_scsi: Track residual for PIO transfers (bnc#1012382).\n- scsi: Introduce scsi_start_queue() (bsc#1119877).\n- scsi: libfc: check fc_frame_payload_get() return value for null (bsc#1103624, bsc#1104731).\n- scsi: libfc: retry PRLI if we cannot analyse the payload (bsc#1104731).\n- scsi: libiscsi: Fix NULL pointer dereference in iscsi_eh_session_reset (bnc#1012382).\n- scsi: lpfc: Add Buffer overflow check, when nvme_info larger than PAGE_SIZE (bsc#1102660).\n- scsi: lpfc: Correct soft lockup when running mds diagnostics (bnc#1012382).\n- scsi: lpfc: devloss timeout race condition caused null pointer reference (bsc#1102660).\n- scsi: lpfc: Fix abort error path for NVMET (bsc#1102660).\n- scsi: lpfc: fix block guard enablement on SLI3 adapters (bsc#1079935).\n- scsi: lpfc: Fix driver crash when re-registering NVME rports (bsc#1102660).\n- scsi: lpfc: Fix ELS abort on SLI-3 adapters (bsc#1102660).\n- scsi: lpfc: Fix list corruption on the completion queue (bsc#1102660).\n- scsi: lpfc: Fix NVME Target crash in defer rcv logic (bsc#1102660).\n- scsi: lpfc: Fix panic if driver unloaded when port is offline (bsc#1102660).\n- scsi: lpfc: update driver version to 11.4.0.7-5 (bsc#1102660).\n- scsi: Make __scsi_remove_device go straight from BLOCKED to DEL (bsc#1119877).\n- scsi: megaraid_sas: fix a missing-check bug (bnc#1012382).\n- scsi: Protect SCSI device state changes with a mutex (bsc#1119877).\n- scsi: qedi: Add ISCSI_BOOT_SYSFS to Kconfig (bsc#1043083).\n- scsi: qla2xxx: Fix crashes in qla2x00_probe_one on probe failure (bsc#1094973).\n- scsi: qla2xxx: Fix incorrect port speed being set for FC adapters (bnc#1012382).\n- scsi: qla2xxx: Fix small memory leak in qla2x00_probe_one on probe failure (bsc#1094973).\n- scsi: Re-export scsi_internal_device_{,un}_block() (bsc#1119877).\n- scsi: Split scsi_internal_device_block() (bsc#1119877).\n- scsi: target: add emulate_pr backstore attr to toggle PR support (bsc#1091405).\n- scsi: target: drop unused pi_prot_format attribute storage (bsc#1091405).\n- scsi: ufs: fix bugs related to null pointer access and array size (bnc#1012382).\n- scsi: ufs: fix race between clock gating and devfreq scaling work (bnc#1012382).\n- scsi: ufshcd: Fix race between clk scaling and ungate work (bnc#1012382).\n- scsi: ufshcd: release resources if probe fails (bnc#1012382).\n- scsi: use \u0027inquiry_mutex\u0027 instead of \u0027state_mutex\u0027 (bsc#1119877).\n- scsi: vmw_pscsi: Rearrange code to avoid multiple calls to free_irq during unload (bnc#1012382).\n- scsi: zfcp: fix posting too many status read buffers leading to adapter shutdown (bnc#1012382).\n- sctp: clear the transport of some out_chunk_list chunks in sctp_assoc_rm_peer (bnc#1012382).\n- sctp: fix race on sctp_id2asoc (bnc#1012382).\n- sctp: initialize sin6_flowinfo for ipv6 addrs in sctp_inet6addr_event (bnc#1012382).\n- selftests: ftrace: Add synthetic event syntax testcase (bnc#1012382).\n- selftests: Move networking/timestamping from Documentation (bnc#1012382).\n- seq_file: fix incomplete reset on read from zero offset (Git-fixes).\n- ser_gigaset: use container_of() instead of detour (bnc#1012382).\n- signal: Always deliver the kernel\u0027s SIGKILL and SIGSTOP to a pid namespace init (bnc#1012382).\n- signal/GenWQE: Fix sending of SIGKILL (bnc#1012382).\n- smb3: allow stats which track session and share reconnects to be reset (bnc#1012382).\n- smb3: do not attempt cifs operation in smb3 query info error path (bnc#1012382).\n- smb3: on kerberos mount if server does not specify auth type use krb5 (bnc#1012382).\n- smsc75xx: Check for Wake-on-LAN modes (bnc#1012382).\n- smsc95xx: Check for Wake-on-LAN modes (bnc#1012382).\n- sock: Make sock-\u003esk_stamp thread-safe (bnc#1012382).\n- soc/tegra: pmc: Fix child-node lookup (bnc#1012382).\n- sparc64: Fix exception handling in UltraSPARC-III memcpy (bnc#1012382).\n- sparc64 mm: Fix more TSB sizing issues (bnc#1012382).\n- sparc: Fix single-pcr perf event counter management (bnc#1012382).\n- sparc/pci: Refactor dev_archdata initialization into pci_init_dev_archdata (bnc#1012382).\n- spi: bcm2835: Avoid finishing transfer prematurely in IRQ mode (bnc#1012382).\n- spi: bcm2835: Fix book-keeping of DMA termination (bnc#1012382).\n- spi: bcm2835: Fix race on DMA termination (bnc#1012382).\n- spi: bcm2835: Unbreak the build of esoteric configs (bnc#1012382).\n- spi/bcm63xx: fix error return code in bcm63xx_spi_probe() (bnc#1012382).\n- spi/bcm63xx-hspi: fix error return code in bcm63xx_hsspi_probe() (bnc#1012382).\n- spi: xlp: fix error return code in xlp_spi_probe() (bnc#1012382).\n- sr9800: Check for supported Wake-on-LAN modes (bnc#1012382).\n- sr: pass down correctly sized SCSI sense buffer (bnc#1012382).\n- staging: rts5208: fix gcc-8 logic error warning (bnc#1012382).\n- staging: speakup: Replace strncpy with memcpy (bnc#1012382).\n- SUNRPC: correct the computation for page_ptr when truncating (bnc#1012382).\n- SUNRPC: drop pointless static qualifier in xdr_get_next_encode_buffer() (bnc#1012382).\n- SUNRPC: Fix a bogus get/put in generic_key_to_expire() (bnc#1012382).\n- SUNRPC: Fix a potential race in xprt_connect() (git-fixes).\n- SUNRPC: fix cache_head leak due to queued request (bnc#1012382).\n- SUNRPC: Fix leak of krb5p encode pages (bnc#1012382).\n- svcrdma: Remove unused variable in rdma_copy_tail() (git-fixes).\n- swim: fix cleanup on setup error (bnc#1012382).\n- swiotlb: clean up reporting (bnc#1012382).\n- sysv: return \u0027err\u0027 instead of 0 in __sysv_write_inode (bnc#1012382).\n- target/iscsi: avoid NULL dereference in CHAP auth error path (bsc#1117165).\n- target: se_dev_attrib.emulate_pr ABI stability (bsc#1091405).\n- tcp: fix NULL ref in tail loss probe (bnc#1012382).\n- TC: Set DMA masks for devices (bnc#1012382).\n- termios, tty/tty_baudrate.c: fix buffer overrun (bnc#1012382).\n- tg3: Add PHY reset for 5717/5719/5720 in change ring and flow control paths (bnc#1012382).\n- thermal: allow spear-thermal driver to be a module (bnc#1012382).\n- thermal: allow u8500-thermal driver to be a module (bnc#1012382).\n- timer/debug: Change /proc/timer_list from 0444 to 0400 (bnc#1012382).\n- tmpfs: make lseek(SEEK_DATA/SEK_HOLE) return ENXIO with a negative offset (bnc#1012382).\n- tpm: fix response size validation in tpm_get_random() (bsc#1020645, git-fixes).\n- tpm: suppress transmit cmd error logs when TPM 1.2 is disabled/deactivated (bnc#1012382).\n- tracing: Fix bad use of igrab in trace_uprobe.c (bsc#1120046).\n- tracing: Fix memory leak in set_trigger_filter() (bnc#1012382).\n- tracing: Fix memory leak of instance function hash filters (bnc#1012382).\n- tracing: Skip more functions when doing stack tracing of events (bnc#1012382).\n- tty: check name length in tty_find_polling_driver() (bnc#1012382).\n- tty: serial: 8250_mtk: always resume the device in probe (bnc#1012382).\n- tty: serial: sprd: fix error return code in sprd_probe() (bnc#1012382).\n- tty: wipe buffer (bnc#1012382).\n- tty: wipe buffer if not echoing data (bnc#1012382).\n- tun: Consistently configure generic netdev params via rtnetlink (bnc#1012382).\n- tun: forbid iface creation with rtnl ops (bnc#1012382).\n- uio: ensure class is registered before devices (bnc#1012382).\n- uio: Fix an Oops on load (bnc#1012382).\n- uio: make symbol \u0027uio_class_registered\u0027 static (git-fixes).\n- um: Avoid longjmp/setjmp symbol clashes with libpthread.a (bnc#1012382).\n- um: Give start_idle_thread() a return code (bnc#1012382).\n- unifdef: use memcpy instead of strncpy (bnc#1012382).\n- Update config files. Enabled ENA (Amazon network driver) for arm64\n- Update config files (reenable lost BT_HCIUART_3WIRE).\n- Update ibmvnic: Fix RX queue buffer cleanup (bsc#1115440, bsc#1115433).\n- uprobes: Fix handle_swbp() vs. unregister() + register() race once more (bnc#1012382).\n- usb: appledisplay: Add 27\u0027 Apple Cinema Display (bnc#1012382).\n- usb: cdc-acm: add entry for Hiro (Conexant) modem (bnc#1012382).\n- usb: check usb_get_extra_descriptor for proper size (bnc#1012382).\n- usb: chipidea: Prevent unbalanced IRQ disable (bnc#1012382).\n- usb: core: Fix hub port connection events lost (bnc#1012382).\n- usb: core: quirks: add RESET_RESUME quirk for Cherry G230 Stream series (bnc#1012382).\n- usb: dwc3: omap: fix error return code in dwc3_omap_probe() (bnc#1012382).\n- usb: ehci-omap: fix error return code in ehci_hcd_omap_probe() (bnc#1012382).\n- usb: fix the usbfs flag sanitization for control transfers (bnc#1012382).\n- usb: gadget: dummy: fix nonsensical comparisons (bnc#1012382).\n- usb: gadget: storage: Fix Spectre v1 vulnerability (bnc#1012382).\n- usb: imx21-hcd: fix error return code in imx21_probe() (bnc#1012382).\n- usb: misc: appledisplay: add 20\u0027 Apple Cinema Display (bnc#1012382).\n- usbnet: ipheth: fix potential recvmsg bug and recvmsg bug 2 (bnc#1012382).\n- usb: omap_udc: fix crashes on probe error and module removal (bnc#1012382).\n- usb: omap_udc: fix omap_udc_start() on 15xx machines (bnc#1012382).\n- usb: omap_udc: fix USB gadget functionality on Palm Tungsten E (bnc#1012382).\n- usb: omap_udc: use devm_request_irq() (bnc#1012382).\n- usb: quirk: add no-LPM quirk on SanDisk Ultra Flair device (bnc#1012382).\n- usb: quirks: Add delay-init quirk for Corsair K70 LUX RGB (bnc#1012382).\n- usb: quirks: Add no-lpm quirk for Raydium touchscreens (bnc#1012382).\n- usb: r8a66597: Fix a possible concurrency use-after-free bug in r8a66597_endpoint_disable() (bnc#1012382).\n- usb: serial: option: add Fibocom NL668 series (bnc#1012382).\n- usb: serial: option: add Fibocom NL678 series (bnc#1012382).\n- usb: serial: option: add GosunCn ZTE WeLink ME3630 (bnc#1012382).\n- usb: serial: option: add HP lt4132 (bnc#1012382).\n- usb: serial: option: add Simcom SIM7500/SIM7600 (MBIM mode) (bnc#1012382).\n- usb: serial: option: add Telit LN940 series (bnc#1012382).\n- usb: serial: pl2303: add ids for Hewlett-Packard HP POS pole displays (bnc#1012382).\n- usb-storage: fix bogus hardware error messages for ATA pass-thru devices (bnc#1012382).\n- usb: usb-storage: Add new IDs to ums-realtek (bnc#1012382).\n- usb: xhci: fix timeout for transition from RExit to U0 (bnc#1012382).\n- usb: xhci: fix uninitialized completion when USB3 port got wrong status (bnc#1012382).\n- usb: xhci: Prevent bus suspend if a port connect change or polling state is detected (bnc#1012382).\n- v9fs_dir_readdir: fix double-free on p9stat_read error (bnc#1012382).\n- vfs: Avoid softlockups in drop_pagecache_sb() (bsc#1118505).\n- vhost: Fix Spectre V1 vulnerability (bnc#1012382).\n- vhost: make sure used idx is seen before log in vhost_add_used_n() (bnc#1012382).\n- vhost/scsi: truncate T10 PI iov_iter to prot_bytes (bnc#1012382).\n- video: fbdev: pxa3xx_gcu: fix error return code in pxa3xx_gcu_probe() (bnc#1012382).\n- virtio/s390: avoid race on vcdev-\u003econfig (bnc#1012382).\n- virtio/s390: fix race in ccw_io_helper() (bnc#1012382).\n- VSOCK: Send reset control packet when socket is partially bound (bnc#1012382).\n- vti6: flush x-netns xfrm cache when vti interface is removed (bnc#1012382).\n- w1: omap-hdq: fix missing bus unregister at removal (bnc#1012382).\n- x86: boot: Fix EFI stub alignment (bnc#1012382).\n- x86/boot: #undef memcpy() et al in string.c (bnc#1012382).\n- x86/build: Fix stack alignment for CLang (bnc#1012382).\n- x86/build: Specify stack alignment for clang (bnc#1012382).\n- x86/build: Use __cc-option for boot code compiler options (bnc#1012382).\n- x86/build: Use cc-option to validate stack alignment parameter (bnc#1012382).\n- x86/corruption-check: Fix panic in memory_corruption_check() when boot option without value is provided (bnc#1012382).\n- x86/earlyprintk/efi: Fix infinite loop on some screen widths (bnc#1012382).\n- x86/entry: spell EBX register correctly in documentation (bnc#1012382).\n- x86/kbuild: Use cc-option to enable -falign-{jumps/loops} (bnc#1012382).\n- x86/kconfig: Fall back to ticket spinlocks (bnc#1012382).\n- x86/MCE: Export memory_error() (bsc#1114648).\n- x86/MCE: Make correctable error detection look at the Deferred bit (bsc#1114648).\n- x86/mm/kaslr: Use the _ASM_MUL macro for multiplication to work around Clang incompatibility (bnc#1012382).\n- x86/mm/pat: Prevent hang during boot when mapping pages (bnc#1012382).\n- x86/mtrr: Do not copy uninitialized gentry fields back to userspace (bnc#1012382).\n- x86/speculation/l1tf: Drop the swap storage limit restriction when l1tf=off (bnc#1114871).\n- x86/speculation: Use synthetic bits for IBRS/IBPB/STIBP (bnc#1012382).\n- xen/balloon: Support xend-based toolstack (bnc#1065600).\n- xen/blkfront: avoid NULL blkfront_info dereference on device removal (bsc#1111062).\n- xen: fix race in xen_qlock_wait() (bnc#1012382).\n- xen: fix xen_qlock_wait() (bnc#1012382).\n- xen: make xen_qlock_wait() nestable (bnc#1012382).\n- xen/netback: dont overflow meta array (bnc#1099523).\n- xen/netfront: tolerate frags with no data (bnc#1012382).\n- xen-swiotlb: use actually allocated size on check physical continuous (bnc#1012382).\n- xen/x86: add diagnostic printout to xen_mc_flush() in case of error (bnc#1116183).\n- xen: xlate_mmu: add missing header to fix \u0027W=1\u0027 warning (bnc#1012382).\n- xfrm6: call kfree_skb when skb is toobig (bnc#1012382).\n- xfrm: Clear sk_dst_cache when applying per-socket policy (bnc#1012382).\n- xfrm: Fix bucket count reported to userspace (bnc#1012382).\n- xfrm: use complete IPv6 addresses for hash (bsc#1109330).\n- xfrm: Validate address prefix lengths in the xfrm selector (bnc#1012382).\n- xfrm: validate template mode (bnc#1012382).\n- xfs: Align compat attrlist_by_handle with native implementation (git-fixes).\n- xfs/dmapi: restore event in xfs_getbmap (bsc#1114763).\n- xfs: Fix error code in \u0027xfs_ioc_getbmap()\u0027 (git-fixes).\n- xfs: fix quotacheck dquot id overflow infinite loop (bsc#1121621).\n- xhci: Add quirk to workaround the errata seen on Cavium Thunder-X2 Soc (bsc#1117162).\n- xhci: Do not prevent USB2 bus suspend in state check intended for USB3 only (bnc#1012382).\n- xhci: Prevent U1/U2 link pm states if exit latency is too long (bnc#1012382).\n- xprtrdma: checking for NULL instead of IS_ERR() (git-fixes).\n- xprtrdma: Disable pad optimization by default (git-fixes).\n- xprtrdma: Disable RPC/RDMA backchannel debugging messages (git-fixes).\n- xprtrdma: Fix additional uses of spin_lock_irqsave(rb_lock) (git-fixes).\n- xprtrdma: Fix backchannel allocation of extra rpcrdma_reps (git-fixes).\n- xprtrdma: Fix Read chunk padding (git-fixes).\n- xprtrdma: Fix receive buffer accounting (git-fixes).\n- xprtrdma: Reset credit grant properly after a disconnect (git-fixes).\n- xprtrdma: rpcrdma_bc_receive_call() should init rq_private_buf.len (git-fixes).\n- xprtrdma: Serialize credit accounting again (git-fixes).\n- xprtrdma: xprt_rdma_free() must not release backchannel reqs (git-fixes).\n- xtensa: add NOTES section to the linker script (bnc#1012382).\n- xtensa: enable coprocessors that are being flushed (bnc#1012382).\n- xtensa: fix boot parameters address translation (bnc#1012382).\n- xtensa: fix coprocessor context offset definitions (bnc#1012382).\n- xtensa: make sure bFLT stack is 16 byte aligned (bnc#1012382).\n- zram: close udev startup race condition as default groups (bnc#1012382).\n",
"title": "Description of the patch"
},
{
"category": "details",
"text": "SUSE-2019-320,SUSE-SLE-RT-12-SP3-2019-320",
"title": "Patchnames"
},
{
"category": "legal_disclaimer",
"text": "CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).",
"title": "Terms of use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://www.suse.com/support/security/contact/",
"name": "SUSE Product Security Team",
"namespace": "https://www.suse.com/"
},
"references": [
{
"category": "external",
"summary": "SUSE ratings",
"url": "https://www.suse.com/support/security/rating/"
},
{
"category": "self",
"summary": "URL of this CSAF notice",
"url": "https://ftp.suse.com/pub/projects/security/csaf/suse-su-2019_0320-1.json"
},
{
"category": "self",
"summary": "URL for SUSE-SU-2019:0320-1",
"url": "https://www.suse.com/support/update/announcement/2019/suse-su-20190320-1/"
},
{
"category": "self",
"summary": "E-Mail link for SUSE-SU-2019:0320-1",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2019-February/005101.html"
},
{
"category": "self",
"summary": "SUSE Bug 1012382",
"url": "https://bugzilla.suse.com/1012382"
},
{
"category": "self",
"summary": "SUSE Bug 1015336",
"url": "https://bugzilla.suse.com/1015336"
},
{
"category": "self",
"summary": "SUSE Bug 1015337",
"url": "https://bugzilla.suse.com/1015337"
},
{
"category": "self",
"summary": "SUSE Bug 1015340",
"url": "https://bugzilla.suse.com/1015340"
},
{
"category": "self",
"summary": "SUSE Bug 1019683",
"url": "https://bugzilla.suse.com/1019683"
},
{
"category": "self",
"summary": "SUSE Bug 1019695",
"url": "https://bugzilla.suse.com/1019695"
},
{
"category": "self",
"summary": "SUSE Bug 1020645",
"url": "https://bugzilla.suse.com/1020645"
},
{
"category": "self",
"summary": "SUSE Bug 1023175",
"url": "https://bugzilla.suse.com/1023175"
},
{
"category": "self",
"summary": "SUSE Bug 1027260",
"url": "https://bugzilla.suse.com/1027260"
},
{
"category": "self",
"summary": "SUSE Bug 1027457",
"url": "https://bugzilla.suse.com/1027457"
},
{
"category": "self",
"summary": "SUSE Bug 1031492",
"url": "https://bugzilla.suse.com/1031492"
},
{
"category": "self",
"summary": "SUSE Bug 1042286",
"url": "https://bugzilla.suse.com/1042286"
},
{
"category": "self",
"summary": "SUSE Bug 1043083",
"url": "https://bugzilla.suse.com/1043083"
},
{
"category": "self",
"summary": "SUSE Bug 1046264",
"url": "https://bugzilla.suse.com/1046264"
},
{
"category": "self",
"summary": "SUSE Bug 1047487",
"url": "https://bugzilla.suse.com/1047487"
},
{
"category": "self",
"summary": "SUSE Bug 1048916",
"url": "https://bugzilla.suse.com/1048916"
},
{
"category": "self",
"summary": "SUSE Bug 1065600",
"url": "https://bugzilla.suse.com/1065600"
},
{
"category": "self",
"summary": "SUSE Bug 1066223",
"url": "https://bugzilla.suse.com/1066223"
},
{
"category": "self",
"summary": "SUSE Bug 1068032",
"url": "https://bugzilla.suse.com/1068032"
},
{
"category": "self",
"summary": "SUSE Bug 1069702",
"url": "https://bugzilla.suse.com/1069702"
},
{
"category": "self",
"summary": "SUSE Bug 1070805",
"url": "https://bugzilla.suse.com/1070805"
},
{
"category": "self",
"summary": "SUSE Bug 1079935",
"url": "https://bugzilla.suse.com/1079935"
},
{
"category": "self",
"summary": "SUSE Bug 1086423",
"url": "https://bugzilla.suse.com/1086423"
},
{
"category": "self",
"summary": "SUSE Bug 1087082",
"url": "https://bugzilla.suse.com/1087082"
},
{
"category": "self",
"summary": "SUSE Bug 1091405",
"url": "https://bugzilla.suse.com/1091405"
},
{
"category": "self",
"summary": "SUSE Bug 1092100",
"url": "https://bugzilla.suse.com/1092100"
},
{
"category": "self",
"summary": "SUSE Bug 1093158",
"url": "https://bugzilla.suse.com/1093158"
},
{
"category": "self",
"summary": "SUSE Bug 1093641",
"url": "https://bugzilla.suse.com/1093641"
},
{
"category": "self",
"summary": "SUSE Bug 1093649",
"url": "https://bugzilla.suse.com/1093649"
},
{
"category": "self",
"summary": "SUSE Bug 1093653",
"url": "https://bugzilla.suse.com/1093653"
},
{
"category": "self",
"summary": "SUSE Bug 1093655",
"url": "https://bugzilla.suse.com/1093655"
},
{
"category": "self",
"summary": "SUSE Bug 1093657",
"url": "https://bugzilla.suse.com/1093657"
},
{
"category": "self",
"summary": "SUSE Bug 1093663",
"url": "https://bugzilla.suse.com/1093663"
},
{
"category": "self",
"summary": "SUSE Bug 1094244",
"url": "https://bugzilla.suse.com/1094244"
},
{
"category": "self",
"summary": "SUSE Bug 1094973",
"url": "https://bugzilla.suse.com/1094973"
},
{
"category": "self",
"summary": "SUSE Bug 1096242",
"url": "https://bugzilla.suse.com/1096242"
},
{
"category": "self",
"summary": "SUSE Bug 1096281",
"url": "https://bugzilla.suse.com/1096281"
},
{
"category": "self",
"summary": "SUSE Bug 1099523",
"url": "https://bugzilla.suse.com/1099523"
},
{
"category": "self",
"summary": "SUSE Bug 1100105",
"url": "https://bugzilla.suse.com/1100105"
},
{
"category": "self",
"summary": "SUSE Bug 1101557",
"url": "https://bugzilla.suse.com/1101557"
},
{
"category": "self",
"summary": "SUSE Bug 1102439",
"url": "https://bugzilla.suse.com/1102439"
},
{
"category": "self",
"summary": "SUSE Bug 1102660",
"url": "https://bugzilla.suse.com/1102660"
},
{
"category": "self",
"summary": "SUSE Bug 1103156",
"url": "https://bugzilla.suse.com/1103156"
},
{
"category": "self",
"summary": "SUSE Bug 1103257",
"url": "https://bugzilla.suse.com/1103257"
},
{
"category": "self",
"summary": "SUSE Bug 1103624",
"url": "https://bugzilla.suse.com/1103624"
},
{
"category": "self",
"summary": "SUSE Bug 1104098",
"url": "https://bugzilla.suse.com/1104098"
},
{
"category": "self",
"summary": "SUSE Bug 1104731",
"url": "https://bugzilla.suse.com/1104731"
},
{
"category": "self",
"summary": "SUSE Bug 1106105",
"url": "https://bugzilla.suse.com/1106105"
},
{
"category": "self",
"summary": "SUSE Bug 1106237",
"url": "https://bugzilla.suse.com/1106237"
},
{
"category": "self",
"summary": "SUSE Bug 1106240",
"url": "https://bugzilla.suse.com/1106240"
},
{
"category": "self",
"summary": "SUSE Bug 1106929",
"url": "https://bugzilla.suse.com/1106929"
},
{
"category": "self",
"summary": "SUSE Bug 1107385",
"url": "https://bugzilla.suse.com/1107385"
},
{
"category": "self",
"summary": "SUSE Bug 1108145",
"url": "https://bugzilla.suse.com/1108145"
},
{
"category": "self",
"summary": "SUSE Bug 1108240",
"url": "https://bugzilla.suse.com/1108240"
},
{
"category": "self",
"summary": "SUSE Bug 1109168",
"url": "https://bugzilla.suse.com/1109168"
},
{
"category": "self",
"summary": "SUSE Bug 1109272",
"url": "https://bugzilla.suse.com/1109272"
},
{
"category": "self",
"summary": "SUSE Bug 1109330",
"url": "https://bugzilla.suse.com/1109330"
},
{
"category": "self",
"summary": "SUSE Bug 1109806",
"url": "https://bugzilla.suse.com/1109806"
},
{
"category": "self",
"summary": "SUSE Bug 1110286",
"url": "https://bugzilla.suse.com/1110286"
},
{
"category": "self",
"summary": "SUSE Bug 1111062",
"url": "https://bugzilla.suse.com/1111062"
},
{
"category": "self",
"summary": "SUSE Bug 1111174",
"url": "https://bugzilla.suse.com/1111174"
},
{
"category": "self",
"summary": "SUSE Bug 1111809",
"url": "https://bugzilla.suse.com/1111809"
},
{
"category": "self",
"summary": "SUSE Bug 1112246",
"url": "https://bugzilla.suse.com/1112246"
},
{
"category": "self",
"summary": "SUSE Bug 1112963",
"url": "https://bugzilla.suse.com/1112963"
},
{
"category": "self",
"summary": "SUSE Bug 1113412",
"url": "https://bugzilla.suse.com/1113412"
},
{
"category": "self",
"summary": "SUSE Bug 1113766",
"url": "https://bugzilla.suse.com/1113766"
},
{
"category": "self",
"summary": "SUSE Bug 1114190",
"url": "https://bugzilla.suse.com/1114190"
},
{
"category": "self",
"summary": "SUSE Bug 1114417",
"url": "https://bugzilla.suse.com/1114417"
},
{
"category": "self",
"summary": "SUSE Bug 1114475",
"url": "https://bugzilla.suse.com/1114475"
},
{
"category": "self",
"summary": "SUSE Bug 1114648",
"url": "https://bugzilla.suse.com/1114648"
},
{
"category": "self",
"summary": "SUSE Bug 1114763",
"url": "https://bugzilla.suse.com/1114763"
},
{
"category": "self",
"summary": "SUSE Bug 1114839",
"url": "https://bugzilla.suse.com/1114839"
},
{
"category": "self",
"summary": "SUSE Bug 1114871",
"url": "https://bugzilla.suse.com/1114871"
},
{
"category": "self",
"summary": "SUSE Bug 1115431",
"url": "https://bugzilla.suse.com/1115431"
},
{
"category": "self",
"summary": "SUSE Bug 1115433",
"url": "https://bugzilla.suse.com/1115433"
},
{
"category": "self",
"summary": "SUSE Bug 1115440",
"url": "https://bugzilla.suse.com/1115440"
},
{
"category": "self",
"summary": "SUSE Bug 1115482",
"url": "https://bugzilla.suse.com/1115482"
},
{
"category": "self",
"summary": "SUSE Bug 1115587",
"url": "https://bugzilla.suse.com/1115587"
},
{
"category": "self",
"summary": "SUSE Bug 1115709",
"url": "https://bugzilla.suse.com/1115709"
},
{
"category": "self",
"summary": "SUSE Bug 1116027",
"url": "https://bugzilla.suse.com/1116027"
},
{
"category": "self",
"summary": "SUSE Bug 1116183",
"url": "https://bugzilla.suse.com/1116183"
},
{
"category": "self",
"summary": "SUSE Bug 1116285",
"url": "https://bugzilla.suse.com/1116285"
},
{
"category": "self",
"summary": "SUSE Bug 1116336",
"url": "https://bugzilla.suse.com/1116336"
},
{
"category": "self",
"summary": "SUSE Bug 1116345",
"url": "https://bugzilla.suse.com/1116345"
},
{
"category": "self",
"summary": "SUSE Bug 1116497",
"url": "https://bugzilla.suse.com/1116497"
},
{
"category": "self",
"summary": "SUSE Bug 1116841",
"url": "https://bugzilla.suse.com/1116841"
},
{
"category": "self",
"summary": "SUSE Bug 1116924",
"url": "https://bugzilla.suse.com/1116924"
},
{
"category": "self",
"summary": "SUSE Bug 1116950",
"url": "https://bugzilla.suse.com/1116950"
},
{
"category": "self",
"summary": "SUSE Bug 1116962",
"url": "https://bugzilla.suse.com/1116962"
},
{
"category": "self",
"summary": "SUSE Bug 1117162",
"url": "https://bugzilla.suse.com/1117162"
},
{
"category": "self",
"summary": "SUSE Bug 1117165",
"url": "https://bugzilla.suse.com/1117165"
},
{
"category": "self",
"summary": "SUSE Bug 1117186",
"url": "https://bugzilla.suse.com/1117186"
},
{
"category": "self",
"summary": "SUSE Bug 1117562",
"url": "https://bugzilla.suse.com/1117562"
},
{
"category": "self",
"summary": "SUSE Bug 1118152",
"url": "https://bugzilla.suse.com/1118152"
},
{
"category": "self",
"summary": "SUSE Bug 1118316",
"url": "https://bugzilla.suse.com/1118316"
},
{
"category": "self",
"summary": "SUSE Bug 1118319",
"url": "https://bugzilla.suse.com/1118319"
},
{
"category": "self",
"summary": "SUSE Bug 1118505",
"url": "https://bugzilla.suse.com/1118505"
},
{
"category": "self",
"summary": "SUSE Bug 1118790",
"url": "https://bugzilla.suse.com/1118790"
},
{
"category": "self",
"summary": "SUSE Bug 1118798",
"url": "https://bugzilla.suse.com/1118798"
},
{
"category": "self",
"summary": "SUSE Bug 1118915",
"url": "https://bugzilla.suse.com/1118915"
},
{
"category": "self",
"summary": "SUSE Bug 1118922",
"url": "https://bugzilla.suse.com/1118922"
},
{
"category": "self",
"summary": "SUSE Bug 1118926",
"url": "https://bugzilla.suse.com/1118926"
},
{
"category": "self",
"summary": "SUSE Bug 1118930",
"url": "https://bugzilla.suse.com/1118930"
},
{
"category": "self",
"summary": "SUSE Bug 1118936",
"url": "https://bugzilla.suse.com/1118936"
},
{
"category": "self",
"summary": "SUSE Bug 1119204",
"url": "https://bugzilla.suse.com/1119204"
},
{
"category": "self",
"summary": "SUSE Bug 1119445",
"url": "https://bugzilla.suse.com/1119445"
},
{
"category": "self",
"summary": "SUSE Bug 1119714",
"url": "https://bugzilla.suse.com/1119714"
},
{
"category": "self",
"summary": "SUSE Bug 1119877",
"url": "https://bugzilla.suse.com/1119877"
},
{
"category": "self",
"summary": "SUSE Bug 1119946",
"url": "https://bugzilla.suse.com/1119946"
},
{
"category": "self",
"summary": "SUSE Bug 1119967",
"url": "https://bugzilla.suse.com/1119967"
},
{
"category": "self",
"summary": "SUSE Bug 1119970",
"url": "https://bugzilla.suse.com/1119970"
},
{
"category": "self",
"summary": "SUSE Bug 1120046",
"url": "https://bugzilla.suse.com/1120046"
},
{
"category": "self",
"summary": "SUSE Bug 1120260",
"url": "https://bugzilla.suse.com/1120260"
},
{
"category": "self",
"summary": "SUSE Bug 1120743",
"url": "https://bugzilla.suse.com/1120743"
},
{
"category": "self",
"summary": "SUSE Bug 1120950",
"url": "https://bugzilla.suse.com/1120950"
},
{
"category": "self",
"summary": "SUSE Bug 1121239",
"url": "https://bugzilla.suse.com/1121239"
},
{
"category": "self",
"summary": "SUSE Bug 1121240",
"url": "https://bugzilla.suse.com/1121240"
},
{
"category": "self",
"summary": "SUSE Bug 1121241",
"url": "https://bugzilla.suse.com/1121241"
},
{
"category": "self",
"summary": "SUSE Bug 1121242",
"url": "https://bugzilla.suse.com/1121242"
},
{
"category": "self",
"summary": "SUSE Bug 1121275",
"url": "https://bugzilla.suse.com/1121275"
},
{
"category": "self",
"summary": "SUSE Bug 1121621",
"url": "https://bugzilla.suse.com/1121621"
},
{
"category": "self",
"summary": "SUSE Bug 985031",
"url": "https://bugzilla.suse.com/985031"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2017-16939 page",
"url": "https://www.suse.com/security/cve/CVE-2017-16939/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2018-1120 page",
"url": "https://www.suse.com/security/cve/CVE-2018-1120/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2018-16862 page",
"url": "https://www.suse.com/security/cve/CVE-2018-16862/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2018-16884 page",
"url": "https://www.suse.com/security/cve/CVE-2018-16884/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2018-19407 page",
"url": "https://www.suse.com/security/cve/CVE-2018-19407/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2018-19824 page",
"url": "https://www.suse.com/security/cve/CVE-2018-19824/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2018-19985 page",
"url": "https://www.suse.com/security/cve/CVE-2018-19985/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2018-20169 page",
"url": "https://www.suse.com/security/cve/CVE-2018-20169/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2018-9568 page",
"url": "https://www.suse.com/security/cve/CVE-2018-9568/"
}
],
"title": "Security update for the Linux Kernel",
"tracking": {
"current_release_date": "2019-02-11T15:15:05Z",
"generator": {
"date": "2019-02-11T15:15:05Z",
"engine": {
"name": "cve-database.git:bin/generate-csaf.pl",
"version": "1"
}
},
"id": "SUSE-SU-2019:0320-1",
"initial_release_date": "2019-02-11T15:15:05Z",
"revision_history": [
{
"date": "2019-02-11T15:15:05Z",
"number": "1",
"summary": "Current version"
}
],
"status": "final",
"version": "1"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_version",
"name": "kernel-devel-rt-4.4.170-3.32.1.noarch",
"product": {
"name": "kernel-devel-rt-4.4.170-3.32.1.noarch",
"product_id": "kernel-devel-rt-4.4.170-3.32.1.noarch"
}
},
{
"category": "product_version",
"name": "kernel-source-rt-4.4.170-3.32.1.noarch",
"product": {
"name": "kernel-source-rt-4.4.170-3.32.1.noarch",
"product_id": "kernel-source-rt-4.4.170-3.32.1.noarch"
}
}
],
"category": "architecture",
"name": "noarch"
},
{
"branches": [
{
"category": "product_version",
"name": "cluster-md-kmp-rt-4.4.170-3.32.2.x86_64",
"product": {
"name": "cluster-md-kmp-rt-4.4.170-3.32.2.x86_64",
"product_id": "cluster-md-kmp-rt-4.4.170-3.32.2.x86_64"
}
},
{
"category": "product_version",
"name": "cluster-md-kmp-rt_debug-4.4.170-3.32.2.x86_64",
"product": {
"name": "cluster-md-kmp-rt_debug-4.4.170-3.32.2.x86_64",
"product_id": "cluster-md-kmp-rt_debug-4.4.170-3.32.2.x86_64"
}
},
{
"category": "product_version",
"name": "dlm-kmp-rt-4.4.170-3.32.2.x86_64",
"product": {
"name": "dlm-kmp-rt-4.4.170-3.32.2.x86_64",
"product_id": "dlm-kmp-rt-4.4.170-3.32.2.x86_64"
}
},
{
"category": "product_version",
"name": "dlm-kmp-rt_debug-4.4.170-3.32.2.x86_64",
"product": {
"name": "dlm-kmp-rt_debug-4.4.170-3.32.2.x86_64",
"product_id": "dlm-kmp-rt_debug-4.4.170-3.32.2.x86_64"
}
},
{
"category": "product_version",
"name": "gfs2-kmp-rt-4.4.170-3.32.2.x86_64",
"product": {
"name": "gfs2-kmp-rt-4.4.170-3.32.2.x86_64",
"product_id": "gfs2-kmp-rt-4.4.170-3.32.2.x86_64"
}
},
{
"category": "product_version",
"name": "gfs2-kmp-rt_debug-4.4.170-3.32.2.x86_64",
"product": {
"name": "gfs2-kmp-rt_debug-4.4.170-3.32.2.x86_64",
"product_id": "gfs2-kmp-rt_debug-4.4.170-3.32.2.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-rt-4.4.170-3.32.2.x86_64",
"product": {
"name": "kernel-rt-4.4.170-3.32.2.x86_64",
"product_id": "kernel-rt-4.4.170-3.32.2.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-rt-base-4.4.170-3.32.2.x86_64",
"product": {
"name": "kernel-rt-base-4.4.170-3.32.2.x86_64",
"product_id": "kernel-rt-base-4.4.170-3.32.2.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-rt-devel-4.4.170-3.32.2.x86_64",
"product": {
"name": "kernel-rt-devel-4.4.170-3.32.2.x86_64",
"product_id": "kernel-rt-devel-4.4.170-3.32.2.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-rt-extra-4.4.170-3.32.2.x86_64",
"product": {
"name": "kernel-rt-extra-4.4.170-3.32.2.x86_64",
"product_id": "kernel-rt-extra-4.4.170-3.32.2.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-rt-kgraft-4.4.170-3.32.2.x86_64",
"product": {
"name": "kernel-rt-kgraft-4.4.170-3.32.2.x86_64",
"product_id": "kernel-rt-kgraft-4.4.170-3.32.2.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-rt_debug-4.4.170-3.32.2.x86_64",
"product": {
"name": "kernel-rt_debug-4.4.170-3.32.2.x86_64",
"product_id": "kernel-rt_debug-4.4.170-3.32.2.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-rt_debug-base-4.4.170-3.32.2.x86_64",
"product": {
"name": "kernel-rt_debug-base-4.4.170-3.32.2.x86_64",
"product_id": "kernel-rt_debug-base-4.4.170-3.32.2.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-rt_debug-devel-4.4.170-3.32.2.x86_64",
"product": {
"name": "kernel-rt_debug-devel-4.4.170-3.32.2.x86_64",
"product_id": "kernel-rt_debug-devel-4.4.170-3.32.2.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-rt_debug-extra-4.4.170-3.32.2.x86_64",
"product": {
"name": "kernel-rt_debug-extra-4.4.170-3.32.2.x86_64",
"product_id": "kernel-rt_debug-extra-4.4.170-3.32.2.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-rt_debug-kgraft-4.4.170-3.32.2.x86_64",
"product": {
"name": "kernel-rt_debug-kgraft-4.4.170-3.32.2.x86_64",
"product_id": "kernel-rt_debug-kgraft-4.4.170-3.32.2.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-syms-rt-4.4.170-3.32.1.x86_64",
"product": {
"name": "kernel-syms-rt-4.4.170-3.32.1.x86_64",
"product_id": "kernel-syms-rt-4.4.170-3.32.1.x86_64"
}
},
{
"category": "product_version",
"name": "kselftests-kmp-rt-4.4.170-3.32.2.x86_64",
"product": {
"name": "kselftests-kmp-rt-4.4.170-3.32.2.x86_64",
"product_id": "kselftests-kmp-rt-4.4.170-3.32.2.x86_64"
}
},
{
"category": "product_version",
"name": "kselftests-kmp-rt_debug-4.4.170-3.32.2.x86_64",
"product": {
"name": "kselftests-kmp-rt_debug-4.4.170-3.32.2.x86_64",
"product_id": "kselftests-kmp-rt_debug-4.4.170-3.32.2.x86_64"
}
},
{
"category": "product_version",
"name": "ocfs2-kmp-rt-4.4.170-3.32.2.x86_64",
"product": {
"name": "ocfs2-kmp-rt-4.4.170-3.32.2.x86_64",
"product_id": "ocfs2-kmp-rt-4.4.170-3.32.2.x86_64"
}
},
{
"category": "product_version",
"name": "ocfs2-kmp-rt_debug-4.4.170-3.32.2.x86_64",
"product": {
"name": "ocfs2-kmp-rt_debug-4.4.170-3.32.2.x86_64",
"product_id": "ocfs2-kmp-rt_debug-4.4.170-3.32.2.x86_64"
}
}
],
"category": "architecture",
"name": "x86_64"
},
{
"branches": [
{
"category": "product_name",
"name": "SUSE Linux Enterprise Real Time 12 SP3",
"product": {
"name": "SUSE Linux Enterprise Real Time 12 SP3",
"product_id": "SUSE Linux Enterprise Real Time 12 SP3",
"product_identification_helper": {
"cpe": "cpe:/o:suse:suse-linux-enterprise-rt:12:sp3"
}
}
}
],
"category": "product_family",
"name": "SUSE Linux Enterprise"
}
],
"category": "vendor",
"name": "SUSE"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "cluster-md-kmp-rt-4.4.170-3.32.2.x86_64 as component of SUSE Linux Enterprise Real Time 12 SP3",
"product_id": "SUSE Linux Enterprise Real Time 12 SP3:cluster-md-kmp-rt-4.4.170-3.32.2.x86_64"
},
"product_reference": "cluster-md-kmp-rt-4.4.170-3.32.2.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Real Time 12 SP3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "dlm-kmp-rt-4.4.170-3.32.2.x86_64 as component of SUSE Linux Enterprise Real Time 12 SP3",
"product_id": "SUSE Linux Enterprise Real Time 12 SP3:dlm-kmp-rt-4.4.170-3.32.2.x86_64"
},
"product_reference": "dlm-kmp-rt-4.4.170-3.32.2.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Real Time 12 SP3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gfs2-kmp-rt-4.4.170-3.32.2.x86_64 as component of SUSE Linux Enterprise Real Time 12 SP3",
"product_id": "SUSE Linux Enterprise Real Time 12 SP3:gfs2-kmp-rt-4.4.170-3.32.2.x86_64"
},
"product_reference": "gfs2-kmp-rt-4.4.170-3.32.2.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Real Time 12 SP3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-devel-rt-4.4.170-3.32.1.noarch as component of SUSE Linux Enterprise Real Time 12 SP3",
"product_id": "SUSE Linux Enterprise Real Time 12 SP3:kernel-devel-rt-4.4.170-3.32.1.noarch"
},
"product_reference": "kernel-devel-rt-4.4.170-3.32.1.noarch",
"relates_to_product_reference": "SUSE Linux Enterprise Real Time 12 SP3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-rt-4.4.170-3.32.2.x86_64 as component of SUSE Linux Enterprise Real Time 12 SP3",
"product_id": "SUSE Linux Enterprise Real Time 12 SP3:kernel-rt-4.4.170-3.32.2.x86_64"
},
"product_reference": "kernel-rt-4.4.170-3.32.2.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Real Time 12 SP3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-rt-base-4.4.170-3.32.2.x86_64 as component of SUSE Linux Enterprise Real Time 12 SP3",
"product_id": "SUSE Linux Enterprise Real Time 12 SP3:kernel-rt-base-4.4.170-3.32.2.x86_64"
},
"product_reference": "kernel-rt-base-4.4.170-3.32.2.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Real Time 12 SP3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-rt-devel-4.4.170-3.32.2.x86_64 as component of SUSE Linux Enterprise Real Time 12 SP3",
"product_id": "SUSE Linux Enterprise Real Time 12 SP3:kernel-rt-devel-4.4.170-3.32.2.x86_64"
},
"product_reference": "kernel-rt-devel-4.4.170-3.32.2.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Real Time 12 SP3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-rt_debug-devel-4.4.170-3.32.2.x86_64 as component of SUSE Linux Enterprise Real Time 12 SP3",
"product_id": "SUSE Linux Enterprise Real Time 12 SP3:kernel-rt_debug-devel-4.4.170-3.32.2.x86_64"
},
"product_reference": "kernel-rt_debug-devel-4.4.170-3.32.2.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Real Time 12 SP3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-source-rt-4.4.170-3.32.1.noarch as component of SUSE Linux Enterprise Real Time 12 SP3",
"product_id": "SUSE Linux Enterprise Real Time 12 SP3:kernel-source-rt-4.4.170-3.32.1.noarch"
},
"product_reference": "kernel-source-rt-4.4.170-3.32.1.noarch",
"relates_to_product_reference": "SUSE Linux Enterprise Real Time 12 SP3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-syms-rt-4.4.170-3.32.1.x86_64 as component of SUSE Linux Enterprise Real Time 12 SP3",
"product_id": "SUSE Linux Enterprise Real Time 12 SP3:kernel-syms-rt-4.4.170-3.32.1.x86_64"
},
"product_reference": "kernel-syms-rt-4.4.170-3.32.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Real Time 12 SP3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ocfs2-kmp-rt-4.4.170-3.32.2.x86_64 as component of SUSE Linux Enterprise Real Time 12 SP3",
"product_id": "SUSE Linux Enterprise Real Time 12 SP3:ocfs2-kmp-rt-4.4.170-3.32.2.x86_64"
},
"product_reference": "ocfs2-kmp-rt-4.4.170-3.32.2.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Real Time 12 SP3"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2017-16939",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2017-16939"
}
],
"notes": [
{
"category": "general",
"text": "The XFRM dump policy implementation in net/xfrm/xfrm_user.c in the Linux kernel before 4.13.11 allows local users to gain privileges or cause a denial of service (use-after-free) via a crafted SO_RCVBUF setsockopt system call in conjunction with XFRM_MSG_GETPOLICY Netlink messages.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Real Time 12 SP3:cluster-md-kmp-rt-4.4.170-3.32.2.x86_64",
"SUSE Linux Enterprise Real Time 12 SP3:dlm-kmp-rt-4.4.170-3.32.2.x86_64",
"SUSE Linux Enterprise Real Time 12 SP3:gfs2-kmp-rt-4.4.170-3.32.2.x86_64",
"SUSE Linux Enterprise Real Time 12 SP3:kernel-devel-rt-4.4.170-3.32.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP3:kernel-rt-4.4.170-3.32.2.x86_64",
"SUSE Linux Enterprise Real Time 12 SP3:kernel-rt-base-4.4.170-3.32.2.x86_64",
"SUSE Linux Enterprise Real Time 12 SP3:kernel-rt-devel-4.4.170-3.32.2.x86_64",
"SUSE Linux Enterprise Real Time 12 SP3:kernel-rt_debug-devel-4.4.170-3.32.2.x86_64",
"SUSE Linux Enterprise Real Time 12 SP3:kernel-source-rt-4.4.170-3.32.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP3:kernel-syms-rt-4.4.170-3.32.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP3:ocfs2-kmp-rt-4.4.170-3.32.2.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2017-16939",
"url": "https://www.suse.com/security/cve/CVE-2017-16939"
},
{
"category": "external",
"summary": "SUSE Bug 1069702 for CVE-2017-16939",
"url": "https://bugzilla.suse.com/1069702"
},
{
"category": "external",
"summary": "SUSE Bug 1069708 for CVE-2017-16939",
"url": "https://bugzilla.suse.com/1069708"
},
{
"category": "external",
"summary": "SUSE Bug 1115893 for CVE-2017-16939",
"url": "https://bugzilla.suse.com/1115893"
},
{
"category": "external",
"summary": "SUSE Bug 1120260 for CVE-2017-16939",
"url": "https://bugzilla.suse.com/1120260"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Real Time 12 SP3:cluster-md-kmp-rt-4.4.170-3.32.2.x86_64",
"SUSE Linux Enterprise Real Time 12 SP3:dlm-kmp-rt-4.4.170-3.32.2.x86_64",
"SUSE Linux Enterprise Real Time 12 SP3:gfs2-kmp-rt-4.4.170-3.32.2.x86_64",
"SUSE Linux Enterprise Real Time 12 SP3:kernel-devel-rt-4.4.170-3.32.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP3:kernel-rt-4.4.170-3.32.2.x86_64",
"SUSE Linux Enterprise Real Time 12 SP3:kernel-rt-base-4.4.170-3.32.2.x86_64",
"SUSE Linux Enterprise Real Time 12 SP3:kernel-rt-devel-4.4.170-3.32.2.x86_64",
"SUSE Linux Enterprise Real Time 12 SP3:kernel-rt_debug-devel-4.4.170-3.32.2.x86_64",
"SUSE Linux Enterprise Real Time 12 SP3:kernel-source-rt-4.4.170-3.32.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP3:kernel-syms-rt-4.4.170-3.32.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP3:ocfs2-kmp-rt-4.4.170-3.32.2.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"products": [
"SUSE Linux Enterprise Real Time 12 SP3:cluster-md-kmp-rt-4.4.170-3.32.2.x86_64",
"SUSE Linux Enterprise Real Time 12 SP3:dlm-kmp-rt-4.4.170-3.32.2.x86_64",
"SUSE Linux Enterprise Real Time 12 SP3:gfs2-kmp-rt-4.4.170-3.32.2.x86_64",
"SUSE Linux Enterprise Real Time 12 SP3:kernel-devel-rt-4.4.170-3.32.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP3:kernel-rt-4.4.170-3.32.2.x86_64",
"SUSE Linux Enterprise Real Time 12 SP3:kernel-rt-base-4.4.170-3.32.2.x86_64",
"SUSE Linux Enterprise Real Time 12 SP3:kernel-rt-devel-4.4.170-3.32.2.x86_64",
"SUSE Linux Enterprise Real Time 12 SP3:kernel-rt_debug-devel-4.4.170-3.32.2.x86_64",
"SUSE Linux Enterprise Real Time 12 SP3:kernel-source-rt-4.4.170-3.32.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP3:kernel-syms-rt-4.4.170-3.32.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP3:ocfs2-kmp-rt-4.4.170-3.32.2.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2019-02-11T15:15:05Z",
"details": "moderate"
}
],
"title": "CVE-2017-16939"
},
{
"cve": "CVE-2018-1120",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2018-1120"
}
],
"notes": [
{
"category": "general",
"text": "A flaw was found affecting the Linux kernel before version 4.17. By mmap()ing a FUSE-backed file onto a process\u0027s memory containing command line arguments (or environment strings), an attacker can cause utilities from psutils or procps (such as ps, w) or any other program which makes a read() call to the /proc/\u003cpid\u003e/cmdline (or /proc/\u003cpid\u003e/environ) files to block indefinitely (denial of service) or for some controlled time (as a synchronization primitive for other attacks).",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Real Time 12 SP3:cluster-md-kmp-rt-4.4.170-3.32.2.x86_64",
"SUSE Linux Enterprise Real Time 12 SP3:dlm-kmp-rt-4.4.170-3.32.2.x86_64",
"SUSE Linux Enterprise Real Time 12 SP3:gfs2-kmp-rt-4.4.170-3.32.2.x86_64",
"SUSE Linux Enterprise Real Time 12 SP3:kernel-devel-rt-4.4.170-3.32.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP3:kernel-rt-4.4.170-3.32.2.x86_64",
"SUSE Linux Enterprise Real Time 12 SP3:kernel-rt-base-4.4.170-3.32.2.x86_64",
"SUSE Linux Enterprise Real Time 12 SP3:kernel-rt-devel-4.4.170-3.32.2.x86_64",
"SUSE Linux Enterprise Real Time 12 SP3:kernel-rt_debug-devel-4.4.170-3.32.2.x86_64",
"SUSE Linux Enterprise Real Time 12 SP3:kernel-source-rt-4.4.170-3.32.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP3:kernel-syms-rt-4.4.170-3.32.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP3:ocfs2-kmp-rt-4.4.170-3.32.2.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2018-1120",
"url": "https://www.suse.com/security/cve/CVE-2018-1120"
},
{
"category": "external",
"summary": "SUSE Bug 1087082 for CVE-2018-1120",
"url": "https://bugzilla.suse.com/1087082"
},
{
"category": "external",
"summary": "SUSE Bug 1092100 for CVE-2018-1120",
"url": "https://bugzilla.suse.com/1092100"
},
{
"category": "external",
"summary": "SUSE Bug 1093158 for CVE-2018-1120",
"url": "https://bugzilla.suse.com/1093158"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Real Time 12 SP3:cluster-md-kmp-rt-4.4.170-3.32.2.x86_64",
"SUSE Linux Enterprise Real Time 12 SP3:dlm-kmp-rt-4.4.170-3.32.2.x86_64",
"SUSE Linux Enterprise Real Time 12 SP3:gfs2-kmp-rt-4.4.170-3.32.2.x86_64",
"SUSE Linux Enterprise Real Time 12 SP3:kernel-devel-rt-4.4.170-3.32.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP3:kernel-rt-4.4.170-3.32.2.x86_64",
"SUSE Linux Enterprise Real Time 12 SP3:kernel-rt-base-4.4.170-3.32.2.x86_64",
"SUSE Linux Enterprise Real Time 12 SP3:kernel-rt-devel-4.4.170-3.32.2.x86_64",
"SUSE Linux Enterprise Real Time 12 SP3:kernel-rt_debug-devel-4.4.170-3.32.2.x86_64",
"SUSE Linux Enterprise Real Time 12 SP3:kernel-source-rt-4.4.170-3.32.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP3:kernel-syms-rt-4.4.170-3.32.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP3:ocfs2-kmp-rt-4.4.170-3.32.2.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 3.3,
"baseSeverity": "LOW",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L",
"version": "3.0"
},
"products": [
"SUSE Linux Enterprise Real Time 12 SP3:cluster-md-kmp-rt-4.4.170-3.32.2.x86_64",
"SUSE Linux Enterprise Real Time 12 SP3:dlm-kmp-rt-4.4.170-3.32.2.x86_64",
"SUSE Linux Enterprise Real Time 12 SP3:gfs2-kmp-rt-4.4.170-3.32.2.x86_64",
"SUSE Linux Enterprise Real Time 12 SP3:kernel-devel-rt-4.4.170-3.32.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP3:kernel-rt-4.4.170-3.32.2.x86_64",
"SUSE Linux Enterprise Real Time 12 SP3:kernel-rt-base-4.4.170-3.32.2.x86_64",
"SUSE Linux Enterprise Real Time 12 SP3:kernel-rt-devel-4.4.170-3.32.2.x86_64",
"SUSE Linux Enterprise Real Time 12 SP3:kernel-rt_debug-devel-4.4.170-3.32.2.x86_64",
"SUSE Linux Enterprise Real Time 12 SP3:kernel-source-rt-4.4.170-3.32.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP3:kernel-syms-rt-4.4.170-3.32.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP3:ocfs2-kmp-rt-4.4.170-3.32.2.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2019-02-11T15:15:05Z",
"details": "low"
}
],
"title": "CVE-2018-1120"
},
{
"cve": "CVE-2018-16862",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2018-16862"
}
],
"notes": [
{
"category": "general",
"text": "A security flaw was found in the Linux kernel in a way that the cleancache subsystem clears an inode after the final file truncation (removal). The new file created with the same inode may contain leftover pages from cleancache and the old file data instead of the new one.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Real Time 12 SP3:cluster-md-kmp-rt-4.4.170-3.32.2.x86_64",
"SUSE Linux Enterprise Real Time 12 SP3:dlm-kmp-rt-4.4.170-3.32.2.x86_64",
"SUSE Linux Enterprise Real Time 12 SP3:gfs2-kmp-rt-4.4.170-3.32.2.x86_64",
"SUSE Linux Enterprise Real Time 12 SP3:kernel-devel-rt-4.4.170-3.32.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP3:kernel-rt-4.4.170-3.32.2.x86_64",
"SUSE Linux Enterprise Real Time 12 SP3:kernel-rt-base-4.4.170-3.32.2.x86_64",
"SUSE Linux Enterprise Real Time 12 SP3:kernel-rt-devel-4.4.170-3.32.2.x86_64",
"SUSE Linux Enterprise Real Time 12 SP3:kernel-rt_debug-devel-4.4.170-3.32.2.x86_64",
"SUSE Linux Enterprise Real Time 12 SP3:kernel-source-rt-4.4.170-3.32.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP3:kernel-syms-rt-4.4.170-3.32.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP3:ocfs2-kmp-rt-4.4.170-3.32.2.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2018-16862",
"url": "https://www.suse.com/security/cve/CVE-2018-16862"
},
{
"category": "external",
"summary": "SUSE Bug 1117186 for CVE-2018-16862",
"url": "https://bugzilla.suse.com/1117186"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Real Time 12 SP3:cluster-md-kmp-rt-4.4.170-3.32.2.x86_64",
"SUSE Linux Enterprise Real Time 12 SP3:dlm-kmp-rt-4.4.170-3.32.2.x86_64",
"SUSE Linux Enterprise Real Time 12 SP3:gfs2-kmp-rt-4.4.170-3.32.2.x86_64",
"SUSE Linux Enterprise Real Time 12 SP3:kernel-devel-rt-4.4.170-3.32.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP3:kernel-rt-4.4.170-3.32.2.x86_64",
"SUSE Linux Enterprise Real Time 12 SP3:kernel-rt-base-4.4.170-3.32.2.x86_64",
"SUSE Linux Enterprise Real Time 12 SP3:kernel-rt-devel-4.4.170-3.32.2.x86_64",
"SUSE Linux Enterprise Real Time 12 SP3:kernel-rt_debug-devel-4.4.170-3.32.2.x86_64",
"SUSE Linux Enterprise Real Time 12 SP3:kernel-source-rt-4.4.170-3.32.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP3:kernel-syms-rt-4.4.170-3.32.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP3:ocfs2-kmp-rt-4.4.170-3.32.2.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.0/AV:L/AC:H/PR:N/UI:R/S:U/C:H/I:L/A:N",
"version": "3.0"
},
"products": [
"SUSE Linux Enterprise Real Time 12 SP3:cluster-md-kmp-rt-4.4.170-3.32.2.x86_64",
"SUSE Linux Enterprise Real Time 12 SP3:dlm-kmp-rt-4.4.170-3.32.2.x86_64",
"SUSE Linux Enterprise Real Time 12 SP3:gfs2-kmp-rt-4.4.170-3.32.2.x86_64",
"SUSE Linux Enterprise Real Time 12 SP3:kernel-devel-rt-4.4.170-3.32.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP3:kernel-rt-4.4.170-3.32.2.x86_64",
"SUSE Linux Enterprise Real Time 12 SP3:kernel-rt-base-4.4.170-3.32.2.x86_64",
"SUSE Linux Enterprise Real Time 12 SP3:kernel-rt-devel-4.4.170-3.32.2.x86_64",
"SUSE Linux Enterprise Real Time 12 SP3:kernel-rt_debug-devel-4.4.170-3.32.2.x86_64",
"SUSE Linux Enterprise Real Time 12 SP3:kernel-source-rt-4.4.170-3.32.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP3:kernel-syms-rt-4.4.170-3.32.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP3:ocfs2-kmp-rt-4.4.170-3.32.2.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2019-02-11T15:15:05Z",
"details": "moderate"
}
],
"title": "CVE-2018-16862"
},
{
"cve": "CVE-2018-16884",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2018-16884"
}
],
"notes": [
{
"category": "general",
"text": "A flaw was found in the Linux kernel\u0027s NFS41+ subsystem. NFS41+ shares mounted in different network namespaces at the same time can make bc_svc_process() use wrong back-channel IDs and cause a use-after-free vulnerability. Thus a malicious container user can cause a host kernel memory corruption and a system panic. Due to the nature of the flaw, privilege escalation cannot be fully ruled out.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Real Time 12 SP3:cluster-md-kmp-rt-4.4.170-3.32.2.x86_64",
"SUSE Linux Enterprise Real Time 12 SP3:dlm-kmp-rt-4.4.170-3.32.2.x86_64",
"SUSE Linux Enterprise Real Time 12 SP3:gfs2-kmp-rt-4.4.170-3.32.2.x86_64",
"SUSE Linux Enterprise Real Time 12 SP3:kernel-devel-rt-4.4.170-3.32.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP3:kernel-rt-4.4.170-3.32.2.x86_64",
"SUSE Linux Enterprise Real Time 12 SP3:kernel-rt-base-4.4.170-3.32.2.x86_64",
"SUSE Linux Enterprise Real Time 12 SP3:kernel-rt-devel-4.4.170-3.32.2.x86_64",
"SUSE Linux Enterprise Real Time 12 SP3:kernel-rt_debug-devel-4.4.170-3.32.2.x86_64",
"SUSE Linux Enterprise Real Time 12 SP3:kernel-source-rt-4.4.170-3.32.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP3:kernel-syms-rt-4.4.170-3.32.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP3:ocfs2-kmp-rt-4.4.170-3.32.2.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2018-16884",
"url": "https://www.suse.com/security/cve/CVE-2018-16884"
},
{
"category": "external",
"summary": "SUSE Bug 1119946 for CVE-2018-16884",
"url": "https://bugzilla.suse.com/1119946"
},
{
"category": "external",
"summary": "SUSE Bug 1119947 for CVE-2018-16884",
"url": "https://bugzilla.suse.com/1119947"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Real Time 12 SP3:cluster-md-kmp-rt-4.4.170-3.32.2.x86_64",
"SUSE Linux Enterprise Real Time 12 SP3:dlm-kmp-rt-4.4.170-3.32.2.x86_64",
"SUSE Linux Enterprise Real Time 12 SP3:gfs2-kmp-rt-4.4.170-3.32.2.x86_64",
"SUSE Linux Enterprise Real Time 12 SP3:kernel-devel-rt-4.4.170-3.32.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP3:kernel-rt-4.4.170-3.32.2.x86_64",
"SUSE Linux Enterprise Real Time 12 SP3:kernel-rt-base-4.4.170-3.32.2.x86_64",
"SUSE Linux Enterprise Real Time 12 SP3:kernel-rt-devel-4.4.170-3.32.2.x86_64",
"SUSE Linux Enterprise Real Time 12 SP3:kernel-rt_debug-devel-4.4.170-3.32.2.x86_64",
"SUSE Linux Enterprise Real Time 12 SP3:kernel-source-rt-4.4.170-3.32.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP3:kernel-syms-rt-4.4.170-3.32.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP3:ocfs2-kmp-rt-4.4.170-3.32.2.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"products": [
"SUSE Linux Enterprise Real Time 12 SP3:cluster-md-kmp-rt-4.4.170-3.32.2.x86_64",
"SUSE Linux Enterprise Real Time 12 SP3:dlm-kmp-rt-4.4.170-3.32.2.x86_64",
"SUSE Linux Enterprise Real Time 12 SP3:gfs2-kmp-rt-4.4.170-3.32.2.x86_64",
"SUSE Linux Enterprise Real Time 12 SP3:kernel-devel-rt-4.4.170-3.32.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP3:kernel-rt-4.4.170-3.32.2.x86_64",
"SUSE Linux Enterprise Real Time 12 SP3:kernel-rt-base-4.4.170-3.32.2.x86_64",
"SUSE Linux Enterprise Real Time 12 SP3:kernel-rt-devel-4.4.170-3.32.2.x86_64",
"SUSE Linux Enterprise Real Time 12 SP3:kernel-rt_debug-devel-4.4.170-3.32.2.x86_64",
"SUSE Linux Enterprise Real Time 12 SP3:kernel-source-rt-4.4.170-3.32.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP3:kernel-syms-rt-4.4.170-3.32.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP3:ocfs2-kmp-rt-4.4.170-3.32.2.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2019-02-11T15:15:05Z",
"details": "important"
}
],
"title": "CVE-2018-16884"
},
{
"cve": "CVE-2018-19407",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2018-19407"
}
],
"notes": [
{
"category": "general",
"text": "The vcpu_scan_ioapic function in arch/x86/kvm/x86.c in the Linux kernel through 4.19.2 allows local users to cause a denial of service (NULL pointer dereference and BUG) via crafted system calls that reach a situation where ioapic is uninitialized.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Real Time 12 SP3:cluster-md-kmp-rt-4.4.170-3.32.2.x86_64",
"SUSE Linux Enterprise Real Time 12 SP3:dlm-kmp-rt-4.4.170-3.32.2.x86_64",
"SUSE Linux Enterprise Real Time 12 SP3:gfs2-kmp-rt-4.4.170-3.32.2.x86_64",
"SUSE Linux Enterprise Real Time 12 SP3:kernel-devel-rt-4.4.170-3.32.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP3:kernel-rt-4.4.170-3.32.2.x86_64",
"SUSE Linux Enterprise Real Time 12 SP3:kernel-rt-base-4.4.170-3.32.2.x86_64",
"SUSE Linux Enterprise Real Time 12 SP3:kernel-rt-devel-4.4.170-3.32.2.x86_64",
"SUSE Linux Enterprise Real Time 12 SP3:kernel-rt_debug-devel-4.4.170-3.32.2.x86_64",
"SUSE Linux Enterprise Real Time 12 SP3:kernel-source-rt-4.4.170-3.32.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP3:kernel-syms-rt-4.4.170-3.32.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP3:ocfs2-kmp-rt-4.4.170-3.32.2.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2018-19407",
"url": "https://www.suse.com/security/cve/CVE-2018-19407"
},
{
"category": "external",
"summary": "SUSE Bug 1116841 for CVE-2018-19407",
"url": "https://bugzilla.suse.com/1116841"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Real Time 12 SP3:cluster-md-kmp-rt-4.4.170-3.32.2.x86_64",
"SUSE Linux Enterprise Real Time 12 SP3:dlm-kmp-rt-4.4.170-3.32.2.x86_64",
"SUSE Linux Enterprise Real Time 12 SP3:gfs2-kmp-rt-4.4.170-3.32.2.x86_64",
"SUSE Linux Enterprise Real Time 12 SP3:kernel-devel-rt-4.4.170-3.32.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP3:kernel-rt-4.4.170-3.32.2.x86_64",
"SUSE Linux Enterprise Real Time 12 SP3:kernel-rt-base-4.4.170-3.32.2.x86_64",
"SUSE Linux Enterprise Real Time 12 SP3:kernel-rt-devel-4.4.170-3.32.2.x86_64",
"SUSE Linux Enterprise Real Time 12 SP3:kernel-rt_debug-devel-4.4.170-3.32.2.x86_64",
"SUSE Linux Enterprise Real Time 12 SP3:kernel-source-rt-4.4.170-3.32.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP3:kernel-syms-rt-4.4.170-3.32.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP3:ocfs2-kmp-rt-4.4.170-3.32.2.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.0"
},
"products": [
"SUSE Linux Enterprise Real Time 12 SP3:cluster-md-kmp-rt-4.4.170-3.32.2.x86_64",
"SUSE Linux Enterprise Real Time 12 SP3:dlm-kmp-rt-4.4.170-3.32.2.x86_64",
"SUSE Linux Enterprise Real Time 12 SP3:gfs2-kmp-rt-4.4.170-3.32.2.x86_64",
"SUSE Linux Enterprise Real Time 12 SP3:kernel-devel-rt-4.4.170-3.32.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP3:kernel-rt-4.4.170-3.32.2.x86_64",
"SUSE Linux Enterprise Real Time 12 SP3:kernel-rt-base-4.4.170-3.32.2.x86_64",
"SUSE Linux Enterprise Real Time 12 SP3:kernel-rt-devel-4.4.170-3.32.2.x86_64",
"SUSE Linux Enterprise Real Time 12 SP3:kernel-rt_debug-devel-4.4.170-3.32.2.x86_64",
"SUSE Linux Enterprise Real Time 12 SP3:kernel-source-rt-4.4.170-3.32.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP3:kernel-syms-rt-4.4.170-3.32.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP3:ocfs2-kmp-rt-4.4.170-3.32.2.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2019-02-11T15:15:05Z",
"details": "moderate"
}
],
"title": "CVE-2018-19407"
},
{
"cve": "CVE-2018-19824",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2018-19824"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel through 4.19.6, a local user could exploit a use-after-free in the ALSA driver by supplying a malicious USB Sound device (with zero interfaces) that is mishandled in usb_audio_probe in sound/usb/card.c.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Real Time 12 SP3:cluster-md-kmp-rt-4.4.170-3.32.2.x86_64",
"SUSE Linux Enterprise Real Time 12 SP3:dlm-kmp-rt-4.4.170-3.32.2.x86_64",
"SUSE Linux Enterprise Real Time 12 SP3:gfs2-kmp-rt-4.4.170-3.32.2.x86_64",
"SUSE Linux Enterprise Real Time 12 SP3:kernel-devel-rt-4.4.170-3.32.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP3:kernel-rt-4.4.170-3.32.2.x86_64",
"SUSE Linux Enterprise Real Time 12 SP3:kernel-rt-base-4.4.170-3.32.2.x86_64",
"SUSE Linux Enterprise Real Time 12 SP3:kernel-rt-devel-4.4.170-3.32.2.x86_64",
"SUSE Linux Enterprise Real Time 12 SP3:kernel-rt_debug-devel-4.4.170-3.32.2.x86_64",
"SUSE Linux Enterprise Real Time 12 SP3:kernel-source-rt-4.4.170-3.32.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP3:kernel-syms-rt-4.4.170-3.32.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP3:ocfs2-kmp-rt-4.4.170-3.32.2.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2018-19824",
"url": "https://www.suse.com/security/cve/CVE-2018-19824"
},
{
"category": "external",
"summary": "SUSE Bug 1118152 for CVE-2018-19824",
"url": "https://bugzilla.suse.com/1118152"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Real Time 12 SP3:cluster-md-kmp-rt-4.4.170-3.32.2.x86_64",
"SUSE Linux Enterprise Real Time 12 SP3:dlm-kmp-rt-4.4.170-3.32.2.x86_64",
"SUSE Linux Enterprise Real Time 12 SP3:gfs2-kmp-rt-4.4.170-3.32.2.x86_64",
"SUSE Linux Enterprise Real Time 12 SP3:kernel-devel-rt-4.4.170-3.32.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP3:kernel-rt-4.4.170-3.32.2.x86_64",
"SUSE Linux Enterprise Real Time 12 SP3:kernel-rt-base-4.4.170-3.32.2.x86_64",
"SUSE Linux Enterprise Real Time 12 SP3:kernel-rt-devel-4.4.170-3.32.2.x86_64",
"SUSE Linux Enterprise Real Time 12 SP3:kernel-rt_debug-devel-4.4.170-3.32.2.x86_64",
"SUSE Linux Enterprise Real Time 12 SP3:kernel-source-rt-4.4.170-3.32.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP3:kernel-syms-rt-4.4.170-3.32.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP3:ocfs2-kmp-rt-4.4.170-3.32.2.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.6,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.0/AV:P/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"products": [
"SUSE Linux Enterprise Real Time 12 SP3:cluster-md-kmp-rt-4.4.170-3.32.2.x86_64",
"SUSE Linux Enterprise Real Time 12 SP3:dlm-kmp-rt-4.4.170-3.32.2.x86_64",
"SUSE Linux Enterprise Real Time 12 SP3:gfs2-kmp-rt-4.4.170-3.32.2.x86_64",
"SUSE Linux Enterprise Real Time 12 SP3:kernel-devel-rt-4.4.170-3.32.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP3:kernel-rt-4.4.170-3.32.2.x86_64",
"SUSE Linux Enterprise Real Time 12 SP3:kernel-rt-base-4.4.170-3.32.2.x86_64",
"SUSE Linux Enterprise Real Time 12 SP3:kernel-rt-devel-4.4.170-3.32.2.x86_64",
"SUSE Linux Enterprise Real Time 12 SP3:kernel-rt_debug-devel-4.4.170-3.32.2.x86_64",
"SUSE Linux Enterprise Real Time 12 SP3:kernel-source-rt-4.4.170-3.32.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP3:kernel-syms-rt-4.4.170-3.32.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP3:ocfs2-kmp-rt-4.4.170-3.32.2.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2019-02-11T15:15:05Z",
"details": "moderate"
}
],
"title": "CVE-2018-19824"
},
{
"cve": "CVE-2018-19985",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2018-19985"
}
],
"notes": [
{
"category": "general",
"text": "The function hso_get_config_data in drivers/net/usb/hso.c in the Linux kernel through 4.19.8 reads if_num from the USB device (as a u8) and uses it to index a small array, resulting in an object out-of-bounds (OOB) read that potentially allows arbitrary read in the kernel address space.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Real Time 12 SP3:cluster-md-kmp-rt-4.4.170-3.32.2.x86_64",
"SUSE Linux Enterprise Real Time 12 SP3:dlm-kmp-rt-4.4.170-3.32.2.x86_64",
"SUSE Linux Enterprise Real Time 12 SP3:gfs2-kmp-rt-4.4.170-3.32.2.x86_64",
"SUSE Linux Enterprise Real Time 12 SP3:kernel-devel-rt-4.4.170-3.32.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP3:kernel-rt-4.4.170-3.32.2.x86_64",
"SUSE Linux Enterprise Real Time 12 SP3:kernel-rt-base-4.4.170-3.32.2.x86_64",
"SUSE Linux Enterprise Real Time 12 SP3:kernel-rt-devel-4.4.170-3.32.2.x86_64",
"SUSE Linux Enterprise Real Time 12 SP3:kernel-rt_debug-devel-4.4.170-3.32.2.x86_64",
"SUSE Linux Enterprise Real Time 12 SP3:kernel-source-rt-4.4.170-3.32.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP3:kernel-syms-rt-4.4.170-3.32.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP3:ocfs2-kmp-rt-4.4.170-3.32.2.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2018-19985",
"url": "https://www.suse.com/security/cve/CVE-2018-19985"
},
{
"category": "external",
"summary": "SUSE Bug 1120743 for CVE-2018-19985",
"url": "https://bugzilla.suse.com/1120743"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Real Time 12 SP3:cluster-md-kmp-rt-4.4.170-3.32.2.x86_64",
"SUSE Linux Enterprise Real Time 12 SP3:dlm-kmp-rt-4.4.170-3.32.2.x86_64",
"SUSE Linux Enterprise Real Time 12 SP3:gfs2-kmp-rt-4.4.170-3.32.2.x86_64",
"SUSE Linux Enterprise Real Time 12 SP3:kernel-devel-rt-4.4.170-3.32.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP3:kernel-rt-4.4.170-3.32.2.x86_64",
"SUSE Linux Enterprise Real Time 12 SP3:kernel-rt-base-4.4.170-3.32.2.x86_64",
"SUSE Linux Enterprise Real Time 12 SP3:kernel-rt-devel-4.4.170-3.32.2.x86_64",
"SUSE Linux Enterprise Real Time 12 SP3:kernel-rt_debug-devel-4.4.170-3.32.2.x86_64",
"SUSE Linux Enterprise Real Time 12 SP3:kernel-source-rt-4.4.170-3.32.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP3:kernel-syms-rt-4.4.170-3.32.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP3:ocfs2-kmp-rt-4.4.170-3.32.2.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N",
"version": "3.0"
},
"products": [
"SUSE Linux Enterprise Real Time 12 SP3:cluster-md-kmp-rt-4.4.170-3.32.2.x86_64",
"SUSE Linux Enterprise Real Time 12 SP3:dlm-kmp-rt-4.4.170-3.32.2.x86_64",
"SUSE Linux Enterprise Real Time 12 SP3:gfs2-kmp-rt-4.4.170-3.32.2.x86_64",
"SUSE Linux Enterprise Real Time 12 SP3:kernel-devel-rt-4.4.170-3.32.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP3:kernel-rt-4.4.170-3.32.2.x86_64",
"SUSE Linux Enterprise Real Time 12 SP3:kernel-rt-base-4.4.170-3.32.2.x86_64",
"SUSE Linux Enterprise Real Time 12 SP3:kernel-rt-devel-4.4.170-3.32.2.x86_64",
"SUSE Linux Enterprise Real Time 12 SP3:kernel-rt_debug-devel-4.4.170-3.32.2.x86_64",
"SUSE Linux Enterprise Real Time 12 SP3:kernel-source-rt-4.4.170-3.32.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP3:kernel-syms-rt-4.4.170-3.32.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP3:ocfs2-kmp-rt-4.4.170-3.32.2.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2019-02-11T15:15:05Z",
"details": "low"
}
],
"title": "CVE-2018-19985"
},
{
"cve": "CVE-2018-20169",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2018-20169"
}
],
"notes": [
{
"category": "general",
"text": "An issue was discovered in the Linux kernel before 4.19.9. The USB subsystem mishandles size checks during the reading of an extra descriptor, related to __usb_get_extra_descriptor in drivers/usb/core/usb.c.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Real Time 12 SP3:cluster-md-kmp-rt-4.4.170-3.32.2.x86_64",
"SUSE Linux Enterprise Real Time 12 SP3:dlm-kmp-rt-4.4.170-3.32.2.x86_64",
"SUSE Linux Enterprise Real Time 12 SP3:gfs2-kmp-rt-4.4.170-3.32.2.x86_64",
"SUSE Linux Enterprise Real Time 12 SP3:kernel-devel-rt-4.4.170-3.32.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP3:kernel-rt-4.4.170-3.32.2.x86_64",
"SUSE Linux Enterprise Real Time 12 SP3:kernel-rt-base-4.4.170-3.32.2.x86_64",
"SUSE Linux Enterprise Real Time 12 SP3:kernel-rt-devel-4.4.170-3.32.2.x86_64",
"SUSE Linux Enterprise Real Time 12 SP3:kernel-rt_debug-devel-4.4.170-3.32.2.x86_64",
"SUSE Linux Enterprise Real Time 12 SP3:kernel-source-rt-4.4.170-3.32.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP3:kernel-syms-rt-4.4.170-3.32.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP3:ocfs2-kmp-rt-4.4.170-3.32.2.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2018-20169",
"url": "https://www.suse.com/security/cve/CVE-2018-20169"
},
{
"category": "external",
"summary": "SUSE Bug 1119714 for CVE-2018-20169",
"url": "https://bugzilla.suse.com/1119714"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Real Time 12 SP3:cluster-md-kmp-rt-4.4.170-3.32.2.x86_64",
"SUSE Linux Enterprise Real Time 12 SP3:dlm-kmp-rt-4.4.170-3.32.2.x86_64",
"SUSE Linux Enterprise Real Time 12 SP3:gfs2-kmp-rt-4.4.170-3.32.2.x86_64",
"SUSE Linux Enterprise Real Time 12 SP3:kernel-devel-rt-4.4.170-3.32.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP3:kernel-rt-4.4.170-3.32.2.x86_64",
"SUSE Linux Enterprise Real Time 12 SP3:kernel-rt-base-4.4.170-3.32.2.x86_64",
"SUSE Linux Enterprise Real Time 12 SP3:kernel-rt-devel-4.4.170-3.32.2.x86_64",
"SUSE Linux Enterprise Real Time 12 SP3:kernel-rt_debug-devel-4.4.170-3.32.2.x86_64",
"SUSE Linux Enterprise Real Time 12 SP3:kernel-source-rt-4.4.170-3.32.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP3:kernel-syms-rt-4.4.170-3.32.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP3:ocfs2-kmp-rt-4.4.170-3.32.2.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.0/AV:P/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"products": [
"SUSE Linux Enterprise Real Time 12 SP3:cluster-md-kmp-rt-4.4.170-3.32.2.x86_64",
"SUSE Linux Enterprise Real Time 12 SP3:dlm-kmp-rt-4.4.170-3.32.2.x86_64",
"SUSE Linux Enterprise Real Time 12 SP3:gfs2-kmp-rt-4.4.170-3.32.2.x86_64",
"SUSE Linux Enterprise Real Time 12 SP3:kernel-devel-rt-4.4.170-3.32.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP3:kernel-rt-4.4.170-3.32.2.x86_64",
"SUSE Linux Enterprise Real Time 12 SP3:kernel-rt-base-4.4.170-3.32.2.x86_64",
"SUSE Linux Enterprise Real Time 12 SP3:kernel-rt-devel-4.4.170-3.32.2.x86_64",
"SUSE Linux Enterprise Real Time 12 SP3:kernel-rt_debug-devel-4.4.170-3.32.2.x86_64",
"SUSE Linux Enterprise Real Time 12 SP3:kernel-source-rt-4.4.170-3.32.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP3:kernel-syms-rt-4.4.170-3.32.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP3:ocfs2-kmp-rt-4.4.170-3.32.2.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2019-02-11T15:15:05Z",
"details": "moderate"
}
],
"title": "CVE-2018-20169"
},
{
"cve": "CVE-2018-9568",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2018-9568"
}
],
"notes": [
{
"category": "general",
"text": "In sk_clone_lock of sock.c, there is a possible memory corruption due to type confusion. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation. Product: Android. Versions: Android kernel. Android ID: A-113509306. References: Upstream kernel.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Real Time 12 SP3:cluster-md-kmp-rt-4.4.170-3.32.2.x86_64",
"SUSE Linux Enterprise Real Time 12 SP3:dlm-kmp-rt-4.4.170-3.32.2.x86_64",
"SUSE Linux Enterprise Real Time 12 SP3:gfs2-kmp-rt-4.4.170-3.32.2.x86_64",
"SUSE Linux Enterprise Real Time 12 SP3:kernel-devel-rt-4.4.170-3.32.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP3:kernel-rt-4.4.170-3.32.2.x86_64",
"SUSE Linux Enterprise Real Time 12 SP3:kernel-rt-base-4.4.170-3.32.2.x86_64",
"SUSE Linux Enterprise Real Time 12 SP3:kernel-rt-devel-4.4.170-3.32.2.x86_64",
"SUSE Linux Enterprise Real Time 12 SP3:kernel-rt_debug-devel-4.4.170-3.32.2.x86_64",
"SUSE Linux Enterprise Real Time 12 SP3:kernel-source-rt-4.4.170-3.32.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP3:kernel-syms-rt-4.4.170-3.32.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP3:ocfs2-kmp-rt-4.4.170-3.32.2.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2018-9568",
"url": "https://www.suse.com/security/cve/CVE-2018-9568"
},
{
"category": "external",
"summary": "SUSE Bug 1118319 for CVE-2018-9568",
"url": "https://bugzilla.suse.com/1118319"
},
{
"category": "external",
"summary": "SUSE Bug 1118320 for CVE-2018-9568",
"url": "https://bugzilla.suse.com/1118320"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Real Time 12 SP3:cluster-md-kmp-rt-4.4.170-3.32.2.x86_64",
"SUSE Linux Enterprise Real Time 12 SP3:dlm-kmp-rt-4.4.170-3.32.2.x86_64",
"SUSE Linux Enterprise Real Time 12 SP3:gfs2-kmp-rt-4.4.170-3.32.2.x86_64",
"SUSE Linux Enterprise Real Time 12 SP3:kernel-devel-rt-4.4.170-3.32.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP3:kernel-rt-4.4.170-3.32.2.x86_64",
"SUSE Linux Enterprise Real Time 12 SP3:kernel-rt-base-4.4.170-3.32.2.x86_64",
"SUSE Linux Enterprise Real Time 12 SP3:kernel-rt-devel-4.4.170-3.32.2.x86_64",
"SUSE Linux Enterprise Real Time 12 SP3:kernel-rt_debug-devel-4.4.170-3.32.2.x86_64",
"SUSE Linux Enterprise Real Time 12 SP3:kernel-source-rt-4.4.170-3.32.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP3:kernel-syms-rt-4.4.170-3.32.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP3:ocfs2-kmp-rt-4.4.170-3.32.2.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.4,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.0/AV:L/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"products": [
"SUSE Linux Enterprise Real Time 12 SP3:cluster-md-kmp-rt-4.4.170-3.32.2.x86_64",
"SUSE Linux Enterprise Real Time 12 SP3:dlm-kmp-rt-4.4.170-3.32.2.x86_64",
"SUSE Linux Enterprise Real Time 12 SP3:gfs2-kmp-rt-4.4.170-3.32.2.x86_64",
"SUSE Linux Enterprise Real Time 12 SP3:kernel-devel-rt-4.4.170-3.32.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP3:kernel-rt-4.4.170-3.32.2.x86_64",
"SUSE Linux Enterprise Real Time 12 SP3:kernel-rt-base-4.4.170-3.32.2.x86_64",
"SUSE Linux Enterprise Real Time 12 SP3:kernel-rt-devel-4.4.170-3.32.2.x86_64",
"SUSE Linux Enterprise Real Time 12 SP3:kernel-rt_debug-devel-4.4.170-3.32.2.x86_64",
"SUSE Linux Enterprise Real Time 12 SP3:kernel-source-rt-4.4.170-3.32.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP3:kernel-syms-rt-4.4.170-3.32.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP3:ocfs2-kmp-rt-4.4.170-3.32.2.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2019-02-11T15:15:05Z",
"details": "moderate"
}
],
"title": "CVE-2018-9568"
}
]
}
WID-SEC-W-2022-2387
Vulnerability from csaf_certbund - Published: 2020-12-15 23:00 - Updated: 2023-05-30 22:00Summary
Google Android Patchday Dezember 2020
Notes
Das BSI ist als Anbieter für die eigenen, zur Nutzung bereitgestellten Inhalte nach den allgemeinen Gesetzen verantwortlich. Nutzerinnen und Nutzer sind jedoch dafür verantwortlich, die Verwendung und/oder die Umsetzung der mit den Inhalten bereitgestellten Informationen sorgfältig im Einzelfall zu prüfen.
Produktbeschreibung
Das Android Betriebssystem von Google ist eine quelloffene Plattform für mobile Geräte. Die Basis bildet der Linux-Kernel.
Angriff
Ein entfernter, anonymer Angreifer kann mehrere Schwachstellen in Google Android ausnutzen, um beliebigen Programmcode mit Administratorrechten auszuführen, seine Privilegien zu erhöhen, einen Denial of Service Zustand herbeizuführen oder Informationen offenzulegen.
Betroffene Betriebssysteme
- Android
- Blackberry
{
"document": {
"aggregate_severity": {
"text": "hoch"
},
"category": "csaf_base",
"csaf_version": "2.0",
"distribution": {
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "de-DE",
"notes": [
{
"category": "legal_disclaimer",
"text": "Das BSI ist als Anbieter f\u00fcr die eigenen, zur Nutzung bereitgestellten Inhalte nach den allgemeinen Gesetzen verantwortlich. Nutzerinnen und Nutzer sind jedoch daf\u00fcr verantwortlich, die Verwendung und/oder die Umsetzung der mit den Inhalten bereitgestellten Informationen sorgf\u00e4ltig im Einzelfall zu pr\u00fcfen."
},
{
"category": "description",
"text": "Das Android Betriebssystem von Google ist eine quelloffene Plattform f\u00fcr mobile Ger\u00e4te. Die Basis bildet der Linux-Kernel.",
"title": "Produktbeschreibung"
},
{
"category": "summary",
"text": "Ein entfernter, anonymer Angreifer kann mehrere Schwachstellen in Google Android ausnutzen, um beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, seine Privilegien zu erh\u00f6hen, einen Denial of Service Zustand herbeizuf\u00fchren oder Informationen offenzulegen.",
"title": "Angriff"
},
{
"category": "general",
"text": "- Android\n- Blackberry",
"title": "Betroffene Betriebssysteme"
}
],
"publisher": {
"category": "other",
"contact_details": "csaf-provider@cert-bund.de",
"name": "Bundesamt f\u00fcr Sicherheit in der Informationstechnik",
"namespace": "https://www.bsi.bund.de"
},
"references": [
{
"category": "self",
"summary": "WID-SEC-W-2022-2387 - CSAF Version",
"url": "https://wid.cert-bund.de/.well-known/csaf/white/2020/wid-sec-w-2022-2387.json"
},
{
"category": "self",
"summary": "WID-SEC-2022-2387 - Portal Version",
"url": "https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2022-2387"
},
{
"category": "external",
"summary": "IBM Security Bulletin 6999317 vom 2023-05-30",
"url": "https://www.ibm.com/support/pages/node/6999317"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2023:2314-1 vom 2023-05-30",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2023-May/015022.html"
},
{
"category": "external",
"summary": "AVAYA Security Advisory ASA-2021-026 vom 2021-05-07",
"url": "https://downloads.avaya.com/css/P8/documents/101075693"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2021:1093 vom 2021-04-06",
"url": "https://access.redhat.com/errata/RHSA-2021:1093"
},
{
"category": "external",
"summary": "Oracle Linux Security Advisory ELSA-2021-1093 vom 2021-04-07",
"url": "http://linux.oracle.com/errata/ELSA-2021-1093.html"
},
{
"category": "external",
"summary": "Oracle Linux Security Advisory ELSA-2021-9164 vom 2021-04-09",
"url": "http://linux.oracle.com/errata/ELSA-2021-9164.html"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2021:2099 vom 2021-05-25",
"url": "https://access.redhat.com/errata/RHSA-2021:2099"
},
{
"category": "external",
"summary": "Android Security Bulletin Dezember 2020 vom 2020-12-15",
"url": "https://source.android.com/security/bulletin/2020-12-01"
},
{
"category": "external",
"summary": "Pixel Update Bulletin - Dezember 2020",
"url": "https://source.android.com/security/bulletin/pixel/2020-12-01"
},
{
"category": "external",
"summary": "BlackBerry Powered by Android Security Bulletin - December 2020",
"url": "http://support.blackberry.com/kb/articleDetail?language=en_US\u0026articleNumber=000072551"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2020:3933-1 vom 2020-12-24",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2020-December/008120.html"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2021:2106 vom 2021-05-25",
"url": "https://access.redhat.com/errata/RHSA-2021:2106"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2021:0452-1 vom 2021-02-12",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2021-February/008323.html"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2021:0686 vom 2021-03-02",
"url": "https://access.redhat.com/errata/RHSA-2021:0686"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2021:0689 vom 2021-03-02",
"url": "https://access.redhat.com/errata/RHSA-2021:0689"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2021:0763 vom 2021-03-09",
"url": "https://access.redhat.com/errata/RHSA-2021:0763"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2021:0774 vom 2021-03-09",
"url": "https://access.redhat.com/errata/RHSA-2021:0774"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2021:0765 vom 2021-03-09",
"url": "https://access.redhat.com/errata/RHSA-2021:0765"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2022:0529 vom 2022-02-15",
"url": "https://access.redhat.com/errata/RHSA-2022:0529"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2022:0533 vom 2022-02-15",
"url": "https://access.redhat.com/errata/RHSA-2022:0533"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2022:0531 vom 2022-02-15",
"url": "https://access.redhat.com/errata/RHSA-2022:0531"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2022:0592 vom 2022-02-22",
"url": "https://access.redhat.com/errata/RHSA-2022:0592"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2022:0622 vom 2022-02-22",
"url": "https://access.redhat.com/errata/RHSA-2022:0622"
},
{
"category": "external",
"summary": "AVAYA Security Advisory ASA-2022-026 vom 2022-02-25",
"url": "https://downloads.avaya.com/css/P8/documents/101080640"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2022:0712 vom 2022-03-01",
"url": "https://access.redhat.com/errata/RHSA-2022:0712"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2022:0718 vom 2022-03-01",
"url": "https://access.redhat.com/errata/RHSA-2022:0718"
}
],
"source_lang": "en-US",
"title": "Google Android Patchday Dezember 2020",
"tracking": {
"current_release_date": "2023-05-30T22:00:00.000+00:00",
"generator": {
"date": "2024-08-15T17:40:23.360+00:00",
"engine": {
"name": "BSI-WID",
"version": "1.3.5"
}
},
"id": "WID-SEC-W-2022-2387",
"initial_release_date": "2020-12-15T23:00:00.000+00:00",
"revision_history": [
{
"date": "2020-12-15T23:00:00.000+00:00",
"number": "1",
"summary": "Initiale Fassung"
},
{
"date": "2020-12-22T23:00:00.000+00:00",
"number": "2",
"summary": "Neue Updates von BlackBerry aufgenommen"
},
{
"date": "2020-12-27T23:00:00.000+00:00",
"number": "3",
"summary": "Neue Updates von SUSE aufgenommen"
},
{
"date": "2021-02-14T23:00:00.000+00:00",
"number": "4",
"summary": "Neue Updates von SUSE aufgenommen"
},
{
"date": "2021-03-01T23:00:00.000+00:00",
"number": "5",
"summary": "Neue Updates von Red Hat aufgenommen"
},
{
"date": "2021-03-08T23:00:00.000+00:00",
"number": "6",
"summary": "Neue Updates von Red Hat aufgenommen"
},
{
"date": "2021-04-06T22:00:00.000+00:00",
"number": "7",
"summary": "Neue Updates von Red Hat aufgenommen"
},
{
"date": "2021-04-07T22:00:00.000+00:00",
"number": "8",
"summary": "Neue Updates von Oracle Linux aufgenommen"
},
{
"date": "2021-04-08T22:00:00.000+00:00",
"number": "9",
"summary": "Neue Updates von Oracle Linux aufgenommen"
},
{
"date": "2021-05-09T22:00:00.000+00:00",
"number": "10",
"summary": "Neue Updates von AVAYA aufgenommen"
},
{
"date": "2021-05-24T22:00:00.000+00:00",
"number": "11",
"summary": "Neue Updates von Red Hat aufgenommen"
},
{
"date": "2021-05-25T22:00:00.000+00:00",
"number": "12",
"summary": "Neue Updates von Red Hat aufgenommen"
},
{
"date": "2022-02-15T23:00:00.000+00:00",
"number": "13",
"summary": "Neue Updates von Red Hat aufgenommen"
},
{
"date": "2022-02-22T23:00:00.000+00:00",
"number": "14",
"summary": "Neue Updates von Red Hat aufgenommen"
},
{
"date": "2022-02-27T23:00:00.000+00:00",
"number": "15",
"summary": "Neue Updates von AVAYA aufgenommen"
},
{
"date": "2022-03-01T23:00:00.000+00:00",
"number": "16",
"summary": "Neue Updates von Red Hat aufgenommen"
},
{
"date": "2022-12-21T23:00:00.000+00:00",
"number": "17",
"summary": "CVE erg\u00e4nzt"
},
{
"date": "2023-05-30T22:00:00.000+00:00",
"number": "18",
"summary": "Neue Updates von SUSE und IBM aufgenommen"
}
],
"status": "final",
"version": "18"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "Avaya Aura Application Enablement Services",
"product": {
"name": "Avaya Aura Application Enablement Services",
"product_id": "T015516",
"product_identification_helper": {
"cpe": "cpe:/a:avaya:aura_application_enablement_services:-"
}
}
},
{
"category": "product_name",
"name": "Avaya Aura Communication Manager",
"product": {
"name": "Avaya Aura Communication Manager",
"product_id": "T015126",
"product_identification_helper": {
"cpe": "cpe:/a:avaya:communication_manager:-"
}
}
},
{
"category": "product_name",
"name": "Avaya Aura Experience Portal",
"product": {
"name": "Avaya Aura Experience Portal",
"product_id": "T015519",
"product_identification_helper": {
"cpe": "cpe:/a:avaya:aura_experience_portal:-"
}
}
},
{
"category": "product_name",
"name": "Avaya Aura Session Manager",
"product": {
"name": "Avaya Aura Session Manager",
"product_id": "T015127",
"product_identification_helper": {
"cpe": "cpe:/a:avaya:session_manager:-"
}
}
},
{
"category": "product_name",
"name": "Avaya Aura System Manager",
"product": {
"name": "Avaya Aura System Manager",
"product_id": "T015518",
"product_identification_helper": {
"cpe": "cpe:/a:avaya:aura_system_manager:-"
}
}
},
{
"category": "product_name",
"name": "Avaya Web License Manager",
"product": {
"name": "Avaya Web License Manager",
"product_id": "T016243",
"product_identification_helper": {
"cpe": "cpe:/a:avaya:web_license_manager:-"
}
}
}
],
"category": "vendor",
"name": "Avaya"
},
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "Google Android 8.0",
"product": {
"name": "Google Android 8.0",
"product_id": "344177",
"product_identification_helper": {
"cpe": "cpe:/o:google:android:8.0"
}
}
},
{
"category": "product_name",
"name": "Google Android 8.1",
"product": {
"name": "Google Android 8.1",
"product_id": "407131",
"product_identification_helper": {
"cpe": "cpe:/o:google:android:8.1"
}
}
},
{
"category": "product_name",
"name": "Google Android 10",
"product": {
"name": "Google Android 10",
"product_id": "560061",
"product_identification_helper": {
"cpe": "cpe:/o:google:android:10.0"
}
}
},
{
"category": "product_name",
"name": "Google Android 9",
"product": {
"name": "Google Android 9",
"product_id": "T012696",
"product_identification_helper": {
"cpe": "cpe:/o:google:android:9"
}
}
},
{
"category": "product_name",
"name": "Google Android 11",
"product": {
"name": "Google Android 11",
"product_id": "T017166",
"product_identification_helper": {
"cpe": "cpe:/o:google:android:11"
}
}
}
],
"category": "product_name",
"name": "Android"
}
],
"category": "vendor",
"name": "Google"
},
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "IBM Security Guardium 11.4",
"product": {
"name": "IBM Security Guardium 11.4",
"product_id": "1076561",
"product_identification_helper": {
"cpe": "cpe:/a:ibm:security_guardium:11.4"
}
}
},
{
"category": "product_name",
"name": "IBM Security Guardium 11.5",
"product": {
"name": "IBM Security Guardium 11.5",
"product_id": "T026399",
"product_identification_helper": {
"cpe": "cpe:/a:ibm:security_guardium:11.5"
}
}
}
],
"category": "product_name",
"name": "Security Guardium"
}
],
"category": "vendor",
"name": "IBM"
},
{
"branches": [
{
"category": "product_name",
"name": "Oracle Linux",
"product": {
"name": "Oracle Linux",
"product_id": "T004914",
"product_identification_helper": {
"cpe": "cpe:/o:oracle:linux:-"
}
}
}
],
"category": "vendor",
"name": "Oracle"
},
{
"branches": [
{
"category": "product_name",
"name": "BlackBerry BlackBerry",
"product": {
"name": "BlackBerry BlackBerry",
"product_id": "1321",
"product_identification_helper": {
"cpe": "cpe:/h:rim:blackberry:-"
}
}
}
],
"category": "vendor",
"name": "RIM"
},
{
"branches": [
{
"category": "product_name",
"name": "Red Hat Enterprise Linux",
"product": {
"name": "Red Hat Enterprise Linux",
"product_id": "67646",
"product_identification_helper": {
"cpe": "cpe:/o:redhat:enterprise_linux:-"
}
}
}
],
"category": "vendor",
"name": "Red Hat"
},
{
"branches": [
{
"category": "product_name",
"name": "SUSE Linux",
"product": {
"name": "SUSE Linux",
"product_id": "T002207",
"product_identification_helper": {
"cpe": "cpe:/o:suse:suse_linux:-"
}
}
}
],
"category": "vendor",
"name": "SUSE"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2018-16862",
"notes": [
{
"category": "description",
"text": "In Google Android existieren mehrere Schwachstellen. Sie befinden sich in den Komponenten \"Framework\", \"Google Play\", \"Media Framework\", \"MediaTek\", \"Qualcomm closed-source components\", \"Qualcomm components\", \"Kernel\" und \"System\". Ein Angreifer kann dieses nutzen und seine Privilegien erweitern, Code zur Ausf\u00fchrung bringen, vertrauliche Daten einsehen, sowie einen Denial of Service Zustand herbeif\u00fchren. Zur erfolgreichen Ausnutzung einiger dieser Schwachstellen ist eine Benutzerinteraktion erforderlich."
}
],
"product_status": {
"known_affected": [
"344177",
"T015519",
"T015518",
"67646",
"T015516",
"T012696",
"1076561",
"T015127",
"T015126",
"T004914",
"407131",
"T016243",
"T017166",
"T002207",
"1321",
"560061",
"T026399"
]
},
"release_date": "2020-12-15T23:00:00.000+00:00",
"title": "CVE-2018-16862"
},
{
"cve": "CVE-2019-19535",
"notes": [
{
"category": "description",
"text": "In Google Android existieren mehrere Schwachstellen. Sie befinden sich in den Komponenten \"Framework\", \"Google Play\", \"Media Framework\", \"MediaTek\", \"Qualcomm closed-source components\", \"Qualcomm components\", \"Kernel\" und \"System\". Ein Angreifer kann dieses nutzen und seine Privilegien erweitern, Code zur Ausf\u00fchrung bringen, vertrauliche Daten einsehen, sowie einen Denial of Service Zustand herbeif\u00fchren. Zur erfolgreichen Ausnutzung einiger dieser Schwachstellen ist eine Benutzerinteraktion erforderlich."
}
],
"product_status": {
"known_affected": [
"344177",
"T015519",
"T015518",
"67646",
"T015516",
"T012696",
"1076561",
"T015127",
"T015126",
"T004914",
"407131",
"T016243",
"T017166",
"T002207",
"1321",
"560061",
"T026399"
]
},
"release_date": "2020-12-15T23:00:00.000+00:00",
"title": "CVE-2019-19535"
},
{
"cve": "CVE-2019-20812",
"notes": [
{
"category": "description",
"text": "In Google Android existieren mehrere Schwachstellen. Sie befinden sich in den Komponenten \"Framework\", \"Google Play\", \"Media Framework\", \"MediaTek\", \"Qualcomm closed-source components\", \"Qualcomm components\", \"Kernel\" und \"System\". Ein Angreifer kann dieses nutzen und seine Privilegien erweitern, Code zur Ausf\u00fchrung bringen, vertrauliche Daten einsehen, sowie einen Denial of Service Zustand herbeif\u00fchren. Zur erfolgreichen Ausnutzung einiger dieser Schwachstellen ist eine Benutzerinteraktion erforderlich."
}
],
"product_status": {
"known_affected": [
"344177",
"T015519",
"T015518",
"67646",
"T015516",
"T012696",
"1076561",
"T015127",
"T015126",
"T004914",
"407131",
"T016243",
"T017166",
"T002207",
"1321",
"560061",
"T026399"
]
},
"release_date": "2020-12-15T23:00:00.000+00:00",
"title": "CVE-2019-20812"
},
{
"cve": "CVE-2020-0016",
"notes": [
{
"category": "description",
"text": "In Google Android existieren mehrere Schwachstellen. Sie befinden sich in den Komponenten \"Framework\", \"Google Play\", \"Media Framework\", \"MediaTek\", \"Qualcomm closed-source components\", \"Qualcomm components\", \"Kernel\" und \"System\". Ein Angreifer kann dieses nutzen und seine Privilegien erweitern, Code zur Ausf\u00fchrung bringen, vertrauliche Daten einsehen, sowie einen Denial of Service Zustand herbeif\u00fchren. Zur erfolgreichen Ausnutzung einiger dieser Schwachstellen ist eine Benutzerinteraktion erforderlich."
}
],
"product_status": {
"known_affected": [
"344177",
"T015519",
"T015518",
"67646",
"T015516",
"T012696",
"1076561",
"T015127",
"T015126",
"T004914",
"407131",
"T016243",
"T017166",
"T002207",
"1321",
"560061",
"T026399"
]
},
"release_date": "2020-12-15T23:00:00.000+00:00",
"title": "CVE-2020-0016"
},
{
"cve": "CVE-2020-0019",
"notes": [
{
"category": "description",
"text": "In Google Android existieren mehrere Schwachstellen. Sie befinden sich in den Komponenten \"Framework\", \"Google Play\", \"Media Framework\", \"MediaTek\", \"Qualcomm closed-source components\", \"Qualcomm components\", \"Kernel\" und \"System\". Ein Angreifer kann dieses nutzen und seine Privilegien erweitern, Code zur Ausf\u00fchrung bringen, vertrauliche Daten einsehen, sowie einen Denial of Service Zustand herbeif\u00fchren. Zur erfolgreichen Ausnutzung einiger dieser Schwachstellen ist eine Benutzerinteraktion erforderlich."
}
],
"product_status": {
"known_affected": [
"344177",
"T015519",
"T015518",
"67646",
"T015516",
"T012696",
"1076561",
"T015127",
"T015126",
"T004914",
"407131",
"T016243",
"T017166",
"T002207",
"1321",
"560061",
"T026399"
]
},
"release_date": "2020-12-15T23:00:00.000+00:00",
"title": "CVE-2020-0019"
},
{
"cve": "CVE-2020-0099",
"notes": [
{
"category": "description",
"text": "In Google Android existieren mehrere Schwachstellen. Sie befinden sich in den Komponenten \"Framework\", \"Google Play\", \"Media Framework\", \"MediaTek\", \"Qualcomm closed-source components\", \"Qualcomm components\", \"Kernel\" und \"System\". Ein Angreifer kann dieses nutzen und seine Privilegien erweitern, Code zur Ausf\u00fchrung bringen, vertrauliche Daten einsehen, sowie einen Denial of Service Zustand herbeif\u00fchren. Zur erfolgreichen Ausnutzung einiger dieser Schwachstellen ist eine Benutzerinteraktion erforderlich."
}
],
"product_status": {
"known_affected": [
"344177",
"T015519",
"T015518",
"67646",
"T015516",
"T012696",
"1076561",
"T015127",
"T015126",
"T004914",
"407131",
"T016243",
"T017166",
"T002207",
"1321",
"560061",
"T026399"
]
},
"release_date": "2020-12-15T23:00:00.000+00:00",
"title": "CVE-2020-0099"
},
{
"cve": "CVE-2020-0202",
"notes": [
{
"category": "description",
"text": "In Google Android existieren mehrere Schwachstellen. Sie befinden sich in den Komponenten \"Framework\", \"Google Play\", \"Media Framework\", \"MediaTek\", \"Qualcomm closed-source components\", \"Qualcomm components\", \"Kernel\" und \"System\". Ein Angreifer kann dieses nutzen und seine Privilegien erweitern, Code zur Ausf\u00fchrung bringen, vertrauliche Daten einsehen, sowie einen Denial of Service Zustand herbeif\u00fchren. Zur erfolgreichen Ausnutzung einiger dieser Schwachstellen ist eine Benutzerinteraktion erforderlich."
}
],
"product_status": {
"known_affected": [
"344177",
"T015519",
"T015518",
"67646",
"T015516",
"T012696",
"1076561",
"T015127",
"T015126",
"T004914",
"407131",
"T016243",
"T017166",
"T002207",
"1321",
"560061",
"T026399"
]
},
"release_date": "2020-12-15T23:00:00.000+00:00",
"title": "CVE-2020-0202"
},
{
"cve": "CVE-2020-0244",
"notes": [
{
"category": "description",
"text": "In Google Android existieren mehrere Schwachstellen. Sie befinden sich in den Komponenten \"Framework\", \"Google Play\", \"Media Framework\", \"MediaTek\", \"Qualcomm closed-source components\", \"Qualcomm components\", \"Kernel\" und \"System\". Ein Angreifer kann dieses nutzen und seine Privilegien erweitern, Code zur Ausf\u00fchrung bringen, vertrauliche Daten einsehen, sowie einen Denial of Service Zustand herbeif\u00fchren. Zur erfolgreichen Ausnutzung einiger dieser Schwachstellen ist eine Benutzerinteraktion erforderlich."
}
],
"product_status": {
"known_affected": [
"344177",
"T015519",
"T015518",
"67646",
"T015516",
"T012696",
"1076561",
"T015127",
"T015126",
"T004914",
"407131",
"T016243",
"T017166",
"T002207",
"1321",
"560061",
"T026399"
]
},
"release_date": "2020-12-15T23:00:00.000+00:00",
"title": "CVE-2020-0244"
},
{
"cve": "CVE-2020-0280",
"notes": [
{
"category": "description",
"text": "In Google Android existieren mehrere Schwachstellen. Sie befinden sich in den Komponenten \"Framework\", \"Google Play\", \"Media Framework\", \"MediaTek\", \"Qualcomm closed-source components\", \"Qualcomm components\", \"Kernel\" und \"System\". Ein Angreifer kann dieses nutzen und seine Privilegien erweitern, Code zur Ausf\u00fchrung bringen, vertrauliche Daten einsehen, sowie einen Denial of Service Zustand herbeif\u00fchren. Zur erfolgreichen Ausnutzung einiger dieser Schwachstellen ist eine Benutzerinteraktion erforderlich."
}
],
"product_status": {
"known_affected": [
"344177",
"T015519",
"T015518",
"67646",
"T015516",
"T012696",
"1076561",
"T015127",
"T015126",
"T004914",
"407131",
"T016243",
"T017166",
"T002207",
"1321",
"560061",
"T026399"
]
},
"release_date": "2020-12-15T23:00:00.000+00:00",
"title": "CVE-2020-0280"
},
{
"cve": "CVE-2020-0294",
"notes": [
{
"category": "description",
"text": "In Google Android existieren mehrere Schwachstellen. Sie befinden sich in den Komponenten \"Framework\", \"Google Play\", \"Media Framework\", \"MediaTek\", \"Qualcomm closed-source components\", \"Qualcomm components\", \"Kernel\" und \"System\". Ein Angreifer kann dieses nutzen und seine Privilegien erweitern, Code zur Ausf\u00fchrung bringen, vertrauliche Daten einsehen, sowie einen Denial of Service Zustand herbeif\u00fchren. Zur erfolgreichen Ausnutzung einiger dieser Schwachstellen ist eine Benutzerinteraktion erforderlich."
}
],
"product_status": {
"known_affected": [
"344177",
"T015519",
"T015518",
"67646",
"T015516",
"T012696",
"1076561",
"T015127",
"T015126",
"T004914",
"407131",
"T016243",
"T017166",
"T002207",
"1321",
"560061",
"T026399"
]
},
"release_date": "2020-12-15T23:00:00.000+00:00",
"title": "CVE-2020-0294"
},
{
"cve": "CVE-2020-0368",
"notes": [
{
"category": "description",
"text": "In Google Android existieren mehrere Schwachstellen. Sie befinden sich in den Komponenten \"Framework\", \"Google Play\", \"Media Framework\", \"MediaTek\", \"Qualcomm closed-source components\", \"Qualcomm components\", \"Kernel\" und \"System\". Ein Angreifer kann dieses nutzen und seine Privilegien erweitern, Code zur Ausf\u00fchrung bringen, vertrauliche Daten einsehen, sowie einen Denial of Service Zustand herbeif\u00fchren. Zur erfolgreichen Ausnutzung einiger dieser Schwachstellen ist eine Benutzerinteraktion erforderlich."
}
],
"product_status": {
"known_affected": [
"344177",
"T015519",
"T015518",
"67646",
"T015516",
"T012696",
"1076561",
"T015127",
"T015126",
"T004914",
"407131",
"T016243",
"T017166",
"T002207",
"1321",
"560061",
"T026399"
]
},
"release_date": "2020-12-15T23:00:00.000+00:00",
"title": "CVE-2020-0368"
},
{
"cve": "CVE-2020-0440",
"notes": [
{
"category": "description",
"text": "In Google Android existieren mehrere Schwachstellen. Sie befinden sich in den Komponenten \"Framework\", \"Google Play\", \"Media Framework\", \"MediaTek\", \"Qualcomm closed-source components\", \"Qualcomm components\", \"Kernel\" und \"System\". Ein Angreifer kann dieses nutzen und seine Privilegien erweitern, Code zur Ausf\u00fchrung bringen, vertrauliche Daten einsehen, sowie einen Denial of Service Zustand herbeif\u00fchren. Zur erfolgreichen Ausnutzung einiger dieser Schwachstellen ist eine Benutzerinteraktion erforderlich."
}
],
"product_status": {
"known_affected": [
"344177",
"T015519",
"T015518",
"67646",
"T015516",
"T012696",
"1076561",
"T015127",
"T015126",
"T004914",
"407131",
"T016243",
"T017166",
"T002207",
"1321",
"560061",
"T026399"
]
},
"release_date": "2020-12-15T23:00:00.000+00:00",
"title": "CVE-2020-0440"
},
{
"cve": "CVE-2020-0444",
"notes": [
{
"category": "description",
"text": "In Google Android existieren mehrere Schwachstellen. Sie befinden sich in den Komponenten \"Framework\", \"Google Play\", \"Media Framework\", \"MediaTek\", \"Qualcomm closed-source components\", \"Qualcomm components\", \"Kernel\" und \"System\". Ein Angreifer kann dieses nutzen und seine Privilegien erweitern, Code zur Ausf\u00fchrung bringen, vertrauliche Daten einsehen, sowie einen Denial of Service Zustand herbeif\u00fchren. Zur erfolgreichen Ausnutzung einiger dieser Schwachstellen ist eine Benutzerinteraktion erforderlich."
}
],
"product_status": {
"known_affected": [
"344177",
"T015519",
"T015518",
"67646",
"T015516",
"T012696",
"1076561",
"T015127",
"T015126",
"T004914",
"407131",
"T016243",
"T017166",
"T002207",
"1321",
"560061",
"T026399"
]
},
"release_date": "2020-12-15T23:00:00.000+00:00",
"title": "CVE-2020-0444"
},
{
"cve": "CVE-2020-0455",
"notes": [
{
"category": "description",
"text": "In Google Android existieren mehrere Schwachstellen. Sie befinden sich in den Komponenten \"Framework\", \"Google Play\", \"Media Framework\", \"MediaTek\", \"Qualcomm closed-source components\", \"Qualcomm components\", \"Kernel\" und \"System\". Ein Angreifer kann dieses nutzen und seine Privilegien erweitern, Code zur Ausf\u00fchrung bringen, vertrauliche Daten einsehen, sowie einen Denial of Service Zustand herbeif\u00fchren. Zur erfolgreichen Ausnutzung einiger dieser Schwachstellen ist eine Benutzerinteraktion erforderlich."
}
],
"product_status": {
"known_affected": [
"344177",
"T015519",
"T015518",
"67646",
"T015516",
"T012696",
"1076561",
"T015127",
"T015126",
"T004914",
"407131",
"T016243",
"T017166",
"T002207",
"1321",
"560061",
"T026399"
]
},
"release_date": "2020-12-15T23:00:00.000+00:00",
"title": "CVE-2020-0455"
},
{
"cve": "CVE-2020-0456",
"notes": [
{
"category": "description",
"text": "In Google Android existieren mehrere Schwachstellen. Sie befinden sich in den Komponenten \"Framework\", \"Google Play\", \"Media Framework\", \"MediaTek\", \"Qualcomm closed-source components\", \"Qualcomm components\", \"Kernel\" und \"System\". Ein Angreifer kann dieses nutzen und seine Privilegien erweitern, Code zur Ausf\u00fchrung bringen, vertrauliche Daten einsehen, sowie einen Denial of Service Zustand herbeif\u00fchren. Zur erfolgreichen Ausnutzung einiger dieser Schwachstellen ist eine Benutzerinteraktion erforderlich."
}
],
"product_status": {
"known_affected": [
"344177",
"T015519",
"T015518",
"67646",
"T015516",
"T012696",
"1076561",
"T015127",
"T015126",
"T004914",
"407131",
"T016243",
"T017166",
"T002207",
"1321",
"560061",
"T026399"
]
},
"release_date": "2020-12-15T23:00:00.000+00:00",
"title": "CVE-2020-0456"
},
{
"cve": "CVE-2020-0457",
"notes": [
{
"category": "description",
"text": "In Google Android existieren mehrere Schwachstellen. Sie befinden sich in den Komponenten \"Framework\", \"Google Play\", \"Media Framework\", \"MediaTek\", \"Qualcomm closed-source components\", \"Qualcomm components\", \"Kernel\" und \"System\". Ein Angreifer kann dieses nutzen und seine Privilegien erweitern, Code zur Ausf\u00fchrung bringen, vertrauliche Daten einsehen, sowie einen Denial of Service Zustand herbeif\u00fchren. Zur erfolgreichen Ausnutzung einiger dieser Schwachstellen ist eine Benutzerinteraktion erforderlich."
}
],
"product_status": {
"known_affected": [
"344177",
"T015519",
"T015518",
"67646",
"T015516",
"T012696",
"1076561",
"T015127",
"T015126",
"T004914",
"407131",
"T016243",
"T017166",
"T002207",
"1321",
"560061",
"T026399"
]
},
"release_date": "2020-12-15T23:00:00.000+00:00",
"title": "CVE-2020-0457"
},
{
"cve": "CVE-2020-0458",
"notes": [
{
"category": "description",
"text": "In Google Android existieren mehrere Schwachstellen. Sie befinden sich in den Komponenten \"Framework\", \"Google Play\", \"Media Framework\", \"MediaTek\", \"Qualcomm closed-source components\", \"Qualcomm components\", \"Kernel\" und \"System\". Ein Angreifer kann dieses nutzen und seine Privilegien erweitern, Code zur Ausf\u00fchrung bringen, vertrauliche Daten einsehen, sowie einen Denial of Service Zustand herbeif\u00fchren. Zur erfolgreichen Ausnutzung einiger dieser Schwachstellen ist eine Benutzerinteraktion erforderlich."
}
],
"product_status": {
"known_affected": [
"344177",
"T015519",
"T015518",
"67646",
"T015516",
"T012696",
"1076561",
"T015127",
"T015126",
"T004914",
"407131",
"T016243",
"T017166",
"T002207",
"1321",
"560061",
"T026399"
]
},
"release_date": "2020-12-15T23:00:00.000+00:00",
"title": "CVE-2020-0458"
},
{
"cve": "CVE-2020-0459",
"notes": [
{
"category": "description",
"text": "In Google Android existieren mehrere Schwachstellen. Sie befinden sich in den Komponenten \"Framework\", \"Google Play\", \"Media Framework\", \"MediaTek\", \"Qualcomm closed-source components\", \"Qualcomm components\", \"Kernel\" und \"System\". Ein Angreifer kann dieses nutzen und seine Privilegien erweitern, Code zur Ausf\u00fchrung bringen, vertrauliche Daten einsehen, sowie einen Denial of Service Zustand herbeif\u00fchren. Zur erfolgreichen Ausnutzung einiger dieser Schwachstellen ist eine Benutzerinteraktion erforderlich."
}
],
"product_status": {
"known_affected": [
"344177",
"T015519",
"T015518",
"67646",
"T015516",
"T012696",
"1076561",
"T015127",
"T015126",
"T004914",
"407131",
"T016243",
"T017166",
"T002207",
"1321",
"560061",
"T026399"
]
},
"release_date": "2020-12-15T23:00:00.000+00:00",
"title": "CVE-2020-0459"
},
{
"cve": "CVE-2020-0460",
"notes": [
{
"category": "description",
"text": "In Google Android existieren mehrere Schwachstellen. Sie befinden sich in den Komponenten \"Framework\", \"Google Play\", \"Media Framework\", \"MediaTek\", \"Qualcomm closed-source components\", \"Qualcomm components\", \"Kernel\" und \"System\". Ein Angreifer kann dieses nutzen und seine Privilegien erweitern, Code zur Ausf\u00fchrung bringen, vertrauliche Daten einsehen, sowie einen Denial of Service Zustand herbeif\u00fchren. Zur erfolgreichen Ausnutzung einiger dieser Schwachstellen ist eine Benutzerinteraktion erforderlich."
}
],
"product_status": {
"known_affected": [
"344177",
"T015519",
"T015518",
"67646",
"T015516",
"T012696",
"1076561",
"T015127",
"T015126",
"T004914",
"407131",
"T016243",
"T017166",
"T002207",
"1321",
"560061",
"T026399"
]
},
"release_date": "2020-12-15T23:00:00.000+00:00",
"title": "CVE-2020-0460"
},
{
"cve": "CVE-2020-0463",
"notes": [
{
"category": "description",
"text": "In Google Android existieren mehrere Schwachstellen. Sie befinden sich in den Komponenten \"Framework\", \"Google Play\", \"Media Framework\", \"MediaTek\", \"Qualcomm closed-source components\", \"Qualcomm components\", \"Kernel\" und \"System\". Ein Angreifer kann dieses nutzen und seine Privilegien erweitern, Code zur Ausf\u00fchrung bringen, vertrauliche Daten einsehen, sowie einen Denial of Service Zustand herbeif\u00fchren. Zur erfolgreichen Ausnutzung einiger dieser Schwachstellen ist eine Benutzerinteraktion erforderlich."
}
],
"product_status": {
"known_affected": [
"344177",
"T015519",
"T015518",
"67646",
"T015516",
"T012696",
"1076561",
"T015127",
"T015126",
"T004914",
"407131",
"T016243",
"T017166",
"T002207",
"1321",
"560061",
"T026399"
]
},
"release_date": "2020-12-15T23:00:00.000+00:00",
"title": "CVE-2020-0463"
},
{
"cve": "CVE-2020-0464",
"notes": [
{
"category": "description",
"text": "In Google Android existieren mehrere Schwachstellen. Sie befinden sich in den Komponenten \"Framework\", \"Google Play\", \"Media Framework\", \"MediaTek\", \"Qualcomm closed-source components\", \"Qualcomm components\", \"Kernel\" und \"System\". Ein Angreifer kann dieses nutzen und seine Privilegien erweitern, Code zur Ausf\u00fchrung bringen, vertrauliche Daten einsehen, sowie einen Denial of Service Zustand herbeif\u00fchren. Zur erfolgreichen Ausnutzung einiger dieser Schwachstellen ist eine Benutzerinteraktion erforderlich."
}
],
"product_status": {
"known_affected": [
"344177",
"T015519",
"T015518",
"67646",
"T015516",
"T012696",
"1076561",
"T015127",
"T015126",
"T004914",
"407131",
"T016243",
"T017166",
"T002207",
"1321",
"560061",
"T026399"
]
},
"release_date": "2020-12-15T23:00:00.000+00:00",
"title": "CVE-2020-0464"
},
{
"cve": "CVE-2020-0465",
"notes": [
{
"category": "description",
"text": "In Google Android existieren mehrere Schwachstellen. Sie befinden sich in den Komponenten \"Framework\", \"Google Play\", \"Media Framework\", \"MediaTek\", \"Qualcomm closed-source components\", \"Qualcomm components\", \"Kernel\" und \"System\". Ein Angreifer kann dieses nutzen und seine Privilegien erweitern, Code zur Ausf\u00fchrung bringen, vertrauliche Daten einsehen, sowie einen Denial of Service Zustand herbeif\u00fchren. Zur erfolgreichen Ausnutzung einiger dieser Schwachstellen ist eine Benutzerinteraktion erforderlich."
}
],
"product_status": {
"known_affected": [
"344177",
"T015519",
"T015518",
"67646",
"T015516",
"T012696",
"1076561",
"T015127",
"T015126",
"T004914",
"407131",
"T016243",
"T017166",
"T002207",
"1321",
"560061",
"T026399"
]
},
"release_date": "2020-12-15T23:00:00.000+00:00",
"title": "CVE-2020-0465"
},
{
"cve": "CVE-2020-0466",
"notes": [
{
"category": "description",
"text": "In Google Android existieren mehrere Schwachstellen. Sie befinden sich in den Komponenten \"Framework\", \"Google Play\", \"Media Framework\", \"MediaTek\", \"Qualcomm closed-source components\", \"Qualcomm components\", \"Kernel\" und \"System\". Ein Angreifer kann dieses nutzen und seine Privilegien erweitern, Code zur Ausf\u00fchrung bringen, vertrauliche Daten einsehen, sowie einen Denial of Service Zustand herbeif\u00fchren. Zur erfolgreichen Ausnutzung einiger dieser Schwachstellen ist eine Benutzerinteraktion erforderlich."
}
],
"product_status": {
"known_affected": [
"344177",
"T015519",
"T015518",
"67646",
"T015516",
"T012696",
"1076561",
"T015127",
"T015126",
"T004914",
"407131",
"T016243",
"T017166",
"T002207",
"1321",
"560061",
"T026399"
]
},
"release_date": "2020-12-15T23:00:00.000+00:00",
"title": "CVE-2020-0466"
},
{
"cve": "CVE-2020-0467",
"notes": [
{
"category": "description",
"text": "In Google Android existieren mehrere Schwachstellen. Sie befinden sich in den Komponenten \"Framework\", \"Google Play\", \"Media Framework\", \"MediaTek\", \"Qualcomm closed-source components\", \"Qualcomm components\", \"Kernel\" und \"System\". Ein Angreifer kann dieses nutzen und seine Privilegien erweitern, Code zur Ausf\u00fchrung bringen, vertrauliche Daten einsehen, sowie einen Denial of Service Zustand herbeif\u00fchren. Zur erfolgreichen Ausnutzung einiger dieser Schwachstellen ist eine Benutzerinteraktion erforderlich."
}
],
"product_status": {
"known_affected": [
"344177",
"T015519",
"T015518",
"67646",
"T015516",
"T012696",
"1076561",
"T015127",
"T015126",
"T004914",
"407131",
"T016243",
"T017166",
"T002207",
"1321",
"560061",
"T026399"
]
},
"release_date": "2020-12-15T23:00:00.000+00:00",
"title": "CVE-2020-0467"
},
{
"cve": "CVE-2020-0468",
"notes": [
{
"category": "description",
"text": "In Google Android existieren mehrere Schwachstellen. Sie befinden sich in den Komponenten \"Framework\", \"Google Play\", \"Media Framework\", \"MediaTek\", \"Qualcomm closed-source components\", \"Qualcomm components\", \"Kernel\" und \"System\". Ein Angreifer kann dieses nutzen und seine Privilegien erweitern, Code zur Ausf\u00fchrung bringen, vertrauliche Daten einsehen, sowie einen Denial of Service Zustand herbeif\u00fchren. Zur erfolgreichen Ausnutzung einiger dieser Schwachstellen ist eine Benutzerinteraktion erforderlich."
}
],
"product_status": {
"known_affected": [
"344177",
"T015519",
"T015518",
"67646",
"T015516",
"T012696",
"1076561",
"T015127",
"T015126",
"T004914",
"407131",
"T016243",
"T017166",
"T002207",
"1321",
"560061",
"T026399"
]
},
"release_date": "2020-12-15T23:00:00.000+00:00",
"title": "CVE-2020-0468"
},
{
"cve": "CVE-2020-0469",
"notes": [
{
"category": "description",
"text": "In Google Android existieren mehrere Schwachstellen. Sie befinden sich in den Komponenten \"Framework\", \"Google Play\", \"Media Framework\", \"MediaTek\", \"Qualcomm closed-source components\", \"Qualcomm components\", \"Kernel\" und \"System\". Ein Angreifer kann dieses nutzen und seine Privilegien erweitern, Code zur Ausf\u00fchrung bringen, vertrauliche Daten einsehen, sowie einen Denial of Service Zustand herbeif\u00fchren. Zur erfolgreichen Ausnutzung einiger dieser Schwachstellen ist eine Benutzerinteraktion erforderlich."
}
],
"product_status": {
"known_affected": [
"344177",
"T015519",
"T015518",
"67646",
"T015516",
"T012696",
"1076561",
"T015127",
"T015126",
"T004914",
"407131",
"T016243",
"T017166",
"T002207",
"1321",
"560061",
"T026399"
]
},
"release_date": "2020-12-15T23:00:00.000+00:00",
"title": "CVE-2020-0469"
},
{
"cve": "CVE-2020-0470",
"notes": [
{
"category": "description",
"text": "In Google Android existieren mehrere Schwachstellen. Sie befinden sich in den Komponenten \"Framework\", \"Google Play\", \"Media Framework\", \"MediaTek\", \"Qualcomm closed-source components\", \"Qualcomm components\", \"Kernel\" und \"System\". Ein Angreifer kann dieses nutzen und seine Privilegien erweitern, Code zur Ausf\u00fchrung bringen, vertrauliche Daten einsehen, sowie einen Denial of Service Zustand herbeif\u00fchren. Zur erfolgreichen Ausnutzung einiger dieser Schwachstellen ist eine Benutzerinteraktion erforderlich."
}
],
"product_status": {
"known_affected": [
"344177",
"T015519",
"T015518",
"67646",
"T015516",
"T012696",
"1076561",
"T015127",
"T015126",
"T004914",
"407131",
"T016243",
"T017166",
"T002207",
"1321",
"560061",
"T026399"
]
},
"release_date": "2020-12-15T23:00:00.000+00:00",
"title": "CVE-2020-0470"
},
{
"cve": "CVE-2020-0473",
"notes": [
{
"category": "description",
"text": "In Google Android existieren mehrere Schwachstellen. Sie befinden sich in den Komponenten \"Framework\", \"Google Play\", \"Media Framework\", \"MediaTek\", \"Qualcomm closed-source components\", \"Qualcomm components\", \"Kernel\" und \"System\". Ein Angreifer kann dieses nutzen und seine Privilegien erweitern, Code zur Ausf\u00fchrung bringen, vertrauliche Daten einsehen, sowie einen Denial of Service Zustand herbeif\u00fchren. Zur erfolgreichen Ausnutzung einiger dieser Schwachstellen ist eine Benutzerinteraktion erforderlich."
}
],
"product_status": {
"known_affected": [
"344177",
"T015519",
"T015518",
"67646",
"T015516",
"T012696",
"1076561",
"T015127",
"T015126",
"T004914",
"407131",
"T016243",
"T017166",
"T002207",
"1321",
"560061",
"T026399"
]
},
"release_date": "2020-12-15T23:00:00.000+00:00",
"title": "CVE-2020-0473"
},
{
"cve": "CVE-2020-0474",
"notes": [
{
"category": "description",
"text": "In Google Android existieren mehrere Schwachstellen. Sie befinden sich in den Komponenten \"Framework\", \"Google Play\", \"Media Framework\", \"MediaTek\", \"Qualcomm closed-source components\", \"Qualcomm components\", \"Kernel\" und \"System\". Ein Angreifer kann dieses nutzen und seine Privilegien erweitern, Code zur Ausf\u00fchrung bringen, vertrauliche Daten einsehen, sowie einen Denial of Service Zustand herbeif\u00fchren. Zur erfolgreichen Ausnutzung einiger dieser Schwachstellen ist eine Benutzerinteraktion erforderlich."
}
],
"product_status": {
"known_affected": [
"344177",
"T015519",
"T015518",
"67646",
"T015516",
"T012696",
"1076561",
"T015127",
"T015126",
"T004914",
"407131",
"T016243",
"T017166",
"T002207",
"1321",
"560061",
"T026399"
]
},
"release_date": "2020-12-15T23:00:00.000+00:00",
"title": "CVE-2020-0474"
},
{
"cve": "CVE-2020-0475",
"notes": [
{
"category": "description",
"text": "In Google Android existieren mehrere Schwachstellen. Sie befinden sich in den Komponenten \"Framework\", \"Google Play\", \"Media Framework\", \"MediaTek\", \"Qualcomm closed-source components\", \"Qualcomm components\", \"Kernel\" und \"System\". Ein Angreifer kann dieses nutzen und seine Privilegien erweitern, Code zur Ausf\u00fchrung bringen, vertrauliche Daten einsehen, sowie einen Denial of Service Zustand herbeif\u00fchren. Zur erfolgreichen Ausnutzung einiger dieser Schwachstellen ist eine Benutzerinteraktion erforderlich."
}
],
"product_status": {
"known_affected": [
"344177",
"T015519",
"T015518",
"67646",
"T015516",
"T012696",
"1076561",
"T015127",
"T015126",
"T004914",
"407131",
"T016243",
"T017166",
"T002207",
"1321",
"560061",
"T026399"
]
},
"release_date": "2020-12-15T23:00:00.000+00:00",
"title": "CVE-2020-0475"
},
{
"cve": "CVE-2020-0476",
"notes": [
{
"category": "description",
"text": "In Google Android existieren mehrere Schwachstellen. Sie befinden sich in den Komponenten \"Framework\", \"Google Play\", \"Media Framework\", \"MediaTek\", \"Qualcomm closed-source components\", \"Qualcomm components\", \"Kernel\" und \"System\". Ein Angreifer kann dieses nutzen und seine Privilegien erweitern, Code zur Ausf\u00fchrung bringen, vertrauliche Daten einsehen, sowie einen Denial of Service Zustand herbeif\u00fchren. Zur erfolgreichen Ausnutzung einiger dieser Schwachstellen ist eine Benutzerinteraktion erforderlich."
}
],
"product_status": {
"known_affected": [
"344177",
"T015519",
"T015518",
"67646",
"T015516",
"T012696",
"1076561",
"T015127",
"T015126",
"T004914",
"407131",
"T016243",
"T017166",
"T002207",
"1321",
"560061",
"T026399"
]
},
"release_date": "2020-12-15T23:00:00.000+00:00",
"title": "CVE-2020-0476"
},
{
"cve": "CVE-2020-0477",
"notes": [
{
"category": "description",
"text": "In Google Android existieren mehrere Schwachstellen. Sie befinden sich in den Komponenten \"Framework\", \"Google Play\", \"Media Framework\", \"MediaTek\", \"Qualcomm closed-source components\", \"Qualcomm components\", \"Kernel\" und \"System\". Ein Angreifer kann dieses nutzen und seine Privilegien erweitern, Code zur Ausf\u00fchrung bringen, vertrauliche Daten einsehen, sowie einen Denial of Service Zustand herbeif\u00fchren. Zur erfolgreichen Ausnutzung einiger dieser Schwachstellen ist eine Benutzerinteraktion erforderlich."
}
],
"product_status": {
"known_affected": [
"344177",
"T015519",
"T015518",
"67646",
"T015516",
"T012696",
"1076561",
"T015127",
"T015126",
"T004914",
"407131",
"T016243",
"T017166",
"T002207",
"1321",
"560061",
"T026399"
]
},
"release_date": "2020-12-15T23:00:00.000+00:00",
"title": "CVE-2020-0477"
},
{
"cve": "CVE-2020-0478",
"notes": [
{
"category": "description",
"text": "In Google Android existieren mehrere Schwachstellen. Sie befinden sich in den Komponenten \"Framework\", \"Google Play\", \"Media Framework\", \"MediaTek\", \"Qualcomm closed-source components\", \"Qualcomm components\", \"Kernel\" und \"System\". Ein Angreifer kann dieses nutzen und seine Privilegien erweitern, Code zur Ausf\u00fchrung bringen, vertrauliche Daten einsehen, sowie einen Denial of Service Zustand herbeif\u00fchren. Zur erfolgreichen Ausnutzung einiger dieser Schwachstellen ist eine Benutzerinteraktion erforderlich."
}
],
"product_status": {
"known_affected": [
"344177",
"T015519",
"T015518",
"67646",
"T015516",
"T012696",
"1076561",
"T015127",
"T015126",
"T004914",
"407131",
"T016243",
"T017166",
"T002207",
"1321",
"560061",
"T026399"
]
},
"release_date": "2020-12-15T23:00:00.000+00:00",
"title": "CVE-2020-0478"
},
{
"cve": "CVE-2020-0479",
"notes": [
{
"category": "description",
"text": "In Google Android existieren mehrere Schwachstellen. Sie befinden sich in den Komponenten \"Framework\", \"Google Play\", \"Media Framework\", \"MediaTek\", \"Qualcomm closed-source components\", \"Qualcomm components\", \"Kernel\" und \"System\". Ein Angreifer kann dieses nutzen und seine Privilegien erweitern, Code zur Ausf\u00fchrung bringen, vertrauliche Daten einsehen, sowie einen Denial of Service Zustand herbeif\u00fchren. Zur erfolgreichen Ausnutzung einiger dieser Schwachstellen ist eine Benutzerinteraktion erforderlich."
}
],
"product_status": {
"known_affected": [
"344177",
"T015519",
"T015518",
"67646",
"T015516",
"T012696",
"1076561",
"T015127",
"T015126",
"T004914",
"407131",
"T016243",
"T017166",
"T002207",
"1321",
"560061",
"T026399"
]
},
"release_date": "2020-12-15T23:00:00.000+00:00",
"title": "CVE-2020-0479"
},
{
"cve": "CVE-2020-0480",
"notes": [
{
"category": "description",
"text": "In Google Android existieren mehrere Schwachstellen. Sie befinden sich in den Komponenten \"Framework\", \"Google Play\", \"Media Framework\", \"MediaTek\", \"Qualcomm closed-source components\", \"Qualcomm components\", \"Kernel\" und \"System\". Ein Angreifer kann dieses nutzen und seine Privilegien erweitern, Code zur Ausf\u00fchrung bringen, vertrauliche Daten einsehen, sowie einen Denial of Service Zustand herbeif\u00fchren. Zur erfolgreichen Ausnutzung einiger dieser Schwachstellen ist eine Benutzerinteraktion erforderlich."
}
],
"product_status": {
"known_affected": [
"344177",
"T015519",
"T015518",
"67646",
"T015516",
"T012696",
"1076561",
"T015127",
"T015126",
"T004914",
"407131",
"T016243",
"T017166",
"T002207",
"1321",
"560061",
"T026399"
]
},
"release_date": "2020-12-15T23:00:00.000+00:00",
"title": "CVE-2020-0480"
},
{
"cve": "CVE-2020-0481",
"notes": [
{
"category": "description",
"text": "In Google Android existieren mehrere Schwachstellen. Sie befinden sich in den Komponenten \"Framework\", \"Google Play\", \"Media Framework\", \"MediaTek\", \"Qualcomm closed-source components\", \"Qualcomm components\", \"Kernel\" und \"System\". Ein Angreifer kann dieses nutzen und seine Privilegien erweitern, Code zur Ausf\u00fchrung bringen, vertrauliche Daten einsehen, sowie einen Denial of Service Zustand herbeif\u00fchren. Zur erfolgreichen Ausnutzung einiger dieser Schwachstellen ist eine Benutzerinteraktion erforderlich."
}
],
"product_status": {
"known_affected": [
"344177",
"T015519",
"T015518",
"67646",
"T015516",
"T012696",
"1076561",
"T015127",
"T015126",
"T004914",
"407131",
"T016243",
"T017166",
"T002207",
"1321",
"560061",
"T026399"
]
},
"release_date": "2020-12-15T23:00:00.000+00:00",
"title": "CVE-2020-0481"
},
{
"cve": "CVE-2020-0482",
"notes": [
{
"category": "description",
"text": "In Google Android existieren mehrere Schwachstellen. Sie befinden sich in den Komponenten \"Framework\", \"Google Play\", \"Media Framework\", \"MediaTek\", \"Qualcomm closed-source components\", \"Qualcomm components\", \"Kernel\" und \"System\". Ein Angreifer kann dieses nutzen und seine Privilegien erweitern, Code zur Ausf\u00fchrung bringen, vertrauliche Daten einsehen, sowie einen Denial of Service Zustand herbeif\u00fchren. Zur erfolgreichen Ausnutzung einiger dieser Schwachstellen ist eine Benutzerinteraktion erforderlich."
}
],
"product_status": {
"known_affected": [
"344177",
"T015519",
"T015518",
"67646",
"T015516",
"T012696",
"1076561",
"T015127",
"T015126",
"T004914",
"407131",
"T016243",
"T017166",
"T002207",
"1321",
"560061",
"T026399"
]
},
"release_date": "2020-12-15T23:00:00.000+00:00",
"title": "CVE-2020-0482"
},
{
"cve": "CVE-2020-0483",
"notes": [
{
"category": "description",
"text": "In Google Android existieren mehrere Schwachstellen. Sie befinden sich in den Komponenten \"Framework\", \"Google Play\", \"Media Framework\", \"MediaTek\", \"Qualcomm closed-source components\", \"Qualcomm components\", \"Kernel\" und \"System\". Ein Angreifer kann dieses nutzen und seine Privilegien erweitern, Code zur Ausf\u00fchrung bringen, vertrauliche Daten einsehen, sowie einen Denial of Service Zustand herbeif\u00fchren. Zur erfolgreichen Ausnutzung einiger dieser Schwachstellen ist eine Benutzerinteraktion erforderlich."
}
],
"product_status": {
"known_affected": [
"344177",
"T015519",
"T015518",
"67646",
"T015516",
"T012696",
"1076561",
"T015127",
"T015126",
"T004914",
"407131",
"T016243",
"T017166",
"T002207",
"1321",
"560061",
"T026399"
]
},
"release_date": "2020-12-15T23:00:00.000+00:00",
"title": "CVE-2020-0483"
},
{
"cve": "CVE-2020-0484",
"notes": [
{
"category": "description",
"text": "In Google Android existieren mehrere Schwachstellen. Sie befinden sich in den Komponenten \"Framework\", \"Google Play\", \"Media Framework\", \"MediaTek\", \"Qualcomm closed-source components\", \"Qualcomm components\", \"Kernel\" und \"System\". Ein Angreifer kann dieses nutzen und seine Privilegien erweitern, Code zur Ausf\u00fchrung bringen, vertrauliche Daten einsehen, sowie einen Denial of Service Zustand herbeif\u00fchren. Zur erfolgreichen Ausnutzung einiger dieser Schwachstellen ist eine Benutzerinteraktion erforderlich."
}
],
"product_status": {
"known_affected": [
"344177",
"T015519",
"T015518",
"67646",
"T015516",
"T012696",
"1076561",
"T015127",
"T015126",
"T004914",
"407131",
"T016243",
"T017166",
"T002207",
"1321",
"560061",
"T026399"
]
},
"release_date": "2020-12-15T23:00:00.000+00:00",
"title": "CVE-2020-0484"
},
{
"cve": "CVE-2020-0485",
"notes": [
{
"category": "description",
"text": "In Google Android existieren mehrere Schwachstellen. Sie befinden sich in den Komponenten \"Framework\", \"Google Play\", \"Media Framework\", \"MediaTek\", \"Qualcomm closed-source components\", \"Qualcomm components\", \"Kernel\" und \"System\". Ein Angreifer kann dieses nutzen und seine Privilegien erweitern, Code zur Ausf\u00fchrung bringen, vertrauliche Daten einsehen, sowie einen Denial of Service Zustand herbeif\u00fchren. Zur erfolgreichen Ausnutzung einiger dieser Schwachstellen ist eine Benutzerinteraktion erforderlich."
}
],
"product_status": {
"known_affected": [
"344177",
"T015519",
"T015518",
"67646",
"T015516",
"T012696",
"1076561",
"T015127",
"T015126",
"T004914",
"407131",
"T016243",
"T017166",
"T002207",
"1321",
"560061",
"T026399"
]
},
"release_date": "2020-12-15T23:00:00.000+00:00",
"title": "CVE-2020-0485"
},
{
"cve": "CVE-2020-0486",
"notes": [
{
"category": "description",
"text": "In Google Android existieren mehrere Schwachstellen. Sie befinden sich in den Komponenten \"Framework\", \"Google Play\", \"Media Framework\", \"MediaTek\", \"Qualcomm closed-source components\", \"Qualcomm components\", \"Kernel\" und \"System\". Ein Angreifer kann dieses nutzen und seine Privilegien erweitern, Code zur Ausf\u00fchrung bringen, vertrauliche Daten einsehen, sowie einen Denial of Service Zustand herbeif\u00fchren. Zur erfolgreichen Ausnutzung einiger dieser Schwachstellen ist eine Benutzerinteraktion erforderlich."
}
],
"product_status": {
"known_affected": [
"344177",
"T015519",
"T015518",
"67646",
"T015516",
"T012696",
"1076561",
"T015127",
"T015126",
"T004914",
"407131",
"T016243",
"T017166",
"T002207",
"1321",
"560061",
"T026399"
]
},
"release_date": "2020-12-15T23:00:00.000+00:00",
"title": "CVE-2020-0486"
},
{
"cve": "CVE-2020-0487",
"notes": [
{
"category": "description",
"text": "In Google Android existieren mehrere Schwachstellen. Sie befinden sich in den Komponenten \"Framework\", \"Google Play\", \"Media Framework\", \"MediaTek\", \"Qualcomm closed-source components\", \"Qualcomm components\", \"Kernel\" und \"System\". Ein Angreifer kann dieses nutzen und seine Privilegien erweitern, Code zur Ausf\u00fchrung bringen, vertrauliche Daten einsehen, sowie einen Denial of Service Zustand herbeif\u00fchren. Zur erfolgreichen Ausnutzung einiger dieser Schwachstellen ist eine Benutzerinteraktion erforderlich."
}
],
"product_status": {
"known_affected": [
"344177",
"T015519",
"T015518",
"67646",
"T015516",
"T012696",
"1076561",
"T015127",
"T015126",
"T004914",
"407131",
"T016243",
"T017166",
"T002207",
"1321",
"560061",
"T026399"
]
},
"release_date": "2020-12-15T23:00:00.000+00:00",
"title": "CVE-2020-0487"
},
{
"cve": "CVE-2020-0488",
"notes": [
{
"category": "description",
"text": "In Google Android existieren mehrere Schwachstellen. Sie befinden sich in den Komponenten \"Framework\", \"Google Play\", \"Media Framework\", \"MediaTek\", \"Qualcomm closed-source components\", \"Qualcomm components\", \"Kernel\" und \"System\". Ein Angreifer kann dieses nutzen und seine Privilegien erweitern, Code zur Ausf\u00fchrung bringen, vertrauliche Daten einsehen, sowie einen Denial of Service Zustand herbeif\u00fchren. Zur erfolgreichen Ausnutzung einiger dieser Schwachstellen ist eine Benutzerinteraktion erforderlich."
}
],
"product_status": {
"known_affected": [
"344177",
"T015519",
"T015518",
"67646",
"T015516",
"T012696",
"1076561",
"T015127",
"T015126",
"T004914",
"407131",
"T016243",
"T017166",
"T002207",
"1321",
"560061",
"T026399"
]
},
"release_date": "2020-12-15T23:00:00.000+00:00",
"title": "CVE-2020-0488"
},
{
"cve": "CVE-2020-0489",
"notes": [
{
"category": "description",
"text": "In Google Android existieren mehrere Schwachstellen. Sie befinden sich in den Komponenten \"Framework\", \"Google Play\", \"Media Framework\", \"MediaTek\", \"Qualcomm closed-source components\", \"Qualcomm components\", \"Kernel\" und \"System\". Ein Angreifer kann dieses nutzen und seine Privilegien erweitern, Code zur Ausf\u00fchrung bringen, vertrauliche Daten einsehen, sowie einen Denial of Service Zustand herbeif\u00fchren. Zur erfolgreichen Ausnutzung einiger dieser Schwachstellen ist eine Benutzerinteraktion erforderlich."
}
],
"product_status": {
"known_affected": [
"344177",
"T015519",
"T015518",
"67646",
"T015516",
"T012696",
"1076561",
"T015127",
"T015126",
"T004914",
"407131",
"T016243",
"T017166",
"T002207",
"1321",
"560061",
"T026399"
]
},
"release_date": "2020-12-15T23:00:00.000+00:00",
"title": "CVE-2020-0489"
},
{
"cve": "CVE-2020-0490",
"notes": [
{
"category": "description",
"text": "In Google Android existieren mehrere Schwachstellen. Sie befinden sich in den Komponenten \"Framework\", \"Google Play\", \"Media Framework\", \"MediaTek\", \"Qualcomm closed-source components\", \"Qualcomm components\", \"Kernel\" und \"System\". Ein Angreifer kann dieses nutzen und seine Privilegien erweitern, Code zur Ausf\u00fchrung bringen, vertrauliche Daten einsehen, sowie einen Denial of Service Zustand herbeif\u00fchren. Zur erfolgreichen Ausnutzung einiger dieser Schwachstellen ist eine Benutzerinteraktion erforderlich."
}
],
"product_status": {
"known_affected": [
"344177",
"T015519",
"T015518",
"67646",
"T015516",
"T012696",
"1076561",
"T015127",
"T015126",
"T004914",
"407131",
"T016243",
"T017166",
"T002207",
"1321",
"560061",
"T026399"
]
},
"release_date": "2020-12-15T23:00:00.000+00:00",
"title": "CVE-2020-0490"
},
{
"cve": "CVE-2020-0491",
"notes": [
{
"category": "description",
"text": "In Google Android existieren mehrere Schwachstellen. Sie befinden sich in den Komponenten \"Framework\", \"Google Play\", \"Media Framework\", \"MediaTek\", \"Qualcomm closed-source components\", \"Qualcomm components\", \"Kernel\" und \"System\". Ein Angreifer kann dieses nutzen und seine Privilegien erweitern, Code zur Ausf\u00fchrung bringen, vertrauliche Daten einsehen, sowie einen Denial of Service Zustand herbeif\u00fchren. Zur erfolgreichen Ausnutzung einiger dieser Schwachstellen ist eine Benutzerinteraktion erforderlich."
}
],
"product_status": {
"known_affected": [
"344177",
"T015519",
"T015518",
"67646",
"T015516",
"T012696",
"1076561",
"T015127",
"T015126",
"T004914",
"407131",
"T016243",
"T017166",
"T002207",
"1321",
"560061",
"T026399"
]
},
"release_date": "2020-12-15T23:00:00.000+00:00",
"title": "CVE-2020-0491"
},
{
"cve": "CVE-2020-0492",
"notes": [
{
"category": "description",
"text": "In Google Android existieren mehrere Schwachstellen. Sie befinden sich in den Komponenten \"Framework\", \"Google Play\", \"Media Framework\", \"MediaTek\", \"Qualcomm closed-source components\", \"Qualcomm components\", \"Kernel\" und \"System\". Ein Angreifer kann dieses nutzen und seine Privilegien erweitern, Code zur Ausf\u00fchrung bringen, vertrauliche Daten einsehen, sowie einen Denial of Service Zustand herbeif\u00fchren. Zur erfolgreichen Ausnutzung einiger dieser Schwachstellen ist eine Benutzerinteraktion erforderlich."
}
],
"product_status": {
"known_affected": [
"344177",
"T015519",
"T015518",
"67646",
"T015516",
"T012696",
"1076561",
"T015127",
"T015126",
"T004914",
"407131",
"T016243",
"T017166",
"T002207",
"1321",
"560061",
"T026399"
]
},
"release_date": "2020-12-15T23:00:00.000+00:00",
"title": "CVE-2020-0492"
},
{
"cve": "CVE-2020-0493",
"notes": [
{
"category": "description",
"text": "In Google Android existieren mehrere Schwachstellen. Sie befinden sich in den Komponenten \"Framework\", \"Google Play\", \"Media Framework\", \"MediaTek\", \"Qualcomm closed-source components\", \"Qualcomm components\", \"Kernel\" und \"System\". Ein Angreifer kann dieses nutzen und seine Privilegien erweitern, Code zur Ausf\u00fchrung bringen, vertrauliche Daten einsehen, sowie einen Denial of Service Zustand herbeif\u00fchren. Zur erfolgreichen Ausnutzung einiger dieser Schwachstellen ist eine Benutzerinteraktion erforderlich."
}
],
"product_status": {
"known_affected": [
"344177",
"T015519",
"T015518",
"67646",
"T015516",
"T012696",
"1076561",
"T015127",
"T015126",
"T004914",
"407131",
"T016243",
"T017166",
"T002207",
"1321",
"560061",
"T026399"
]
},
"release_date": "2020-12-15T23:00:00.000+00:00",
"title": "CVE-2020-0493"
},
{
"cve": "CVE-2020-0494",
"notes": [
{
"category": "description",
"text": "In Google Android existieren mehrere Schwachstellen. Sie befinden sich in den Komponenten \"Framework\", \"Google Play\", \"Media Framework\", \"MediaTek\", \"Qualcomm closed-source components\", \"Qualcomm components\", \"Kernel\" und \"System\". Ein Angreifer kann dieses nutzen und seine Privilegien erweitern, Code zur Ausf\u00fchrung bringen, vertrauliche Daten einsehen, sowie einen Denial of Service Zustand herbeif\u00fchren. Zur erfolgreichen Ausnutzung einiger dieser Schwachstellen ist eine Benutzerinteraktion erforderlich."
}
],
"product_status": {
"known_affected": [
"344177",
"T015519",
"T015518",
"67646",
"T015516",
"T012696",
"1076561",
"T015127",
"T015126",
"T004914",
"407131",
"T016243",
"T017166",
"T002207",
"1321",
"560061",
"T026399"
]
},
"release_date": "2020-12-15T23:00:00.000+00:00",
"title": "CVE-2020-0494"
},
{
"cve": "CVE-2020-0495",
"notes": [
{
"category": "description",
"text": "In Google Android existieren mehrere Schwachstellen. Sie befinden sich in den Komponenten \"Framework\", \"Google Play\", \"Media Framework\", \"MediaTek\", \"Qualcomm closed-source components\", \"Qualcomm components\", \"Kernel\" und \"System\". Ein Angreifer kann dieses nutzen und seine Privilegien erweitern, Code zur Ausf\u00fchrung bringen, vertrauliche Daten einsehen, sowie einen Denial of Service Zustand herbeif\u00fchren. Zur erfolgreichen Ausnutzung einiger dieser Schwachstellen ist eine Benutzerinteraktion erforderlich."
}
],
"product_status": {
"known_affected": [
"344177",
"T015519",
"T015518",
"67646",
"T015516",
"T012696",
"1076561",
"T015127",
"T015126",
"T004914",
"407131",
"T016243",
"T017166",
"T002207",
"1321",
"560061",
"T026399"
]
},
"release_date": "2020-12-15T23:00:00.000+00:00",
"title": "CVE-2020-0495"
},
{
"cve": "CVE-2020-0496",
"notes": [
{
"category": "description",
"text": "In Google Android existieren mehrere Schwachstellen. Sie befinden sich in den Komponenten \"Framework\", \"Google Play\", \"Media Framework\", \"MediaTek\", \"Qualcomm closed-source components\", \"Qualcomm components\", \"Kernel\" und \"System\". Ein Angreifer kann dieses nutzen und seine Privilegien erweitern, Code zur Ausf\u00fchrung bringen, vertrauliche Daten einsehen, sowie einen Denial of Service Zustand herbeif\u00fchren. Zur erfolgreichen Ausnutzung einiger dieser Schwachstellen ist eine Benutzerinteraktion erforderlich."
}
],
"product_status": {
"known_affected": [
"344177",
"T015519",
"T015518",
"67646",
"T015516",
"T012696",
"1076561",
"T015127",
"T015126",
"T004914",
"407131",
"T016243",
"T017166",
"T002207",
"1321",
"560061",
"T026399"
]
},
"release_date": "2020-12-15T23:00:00.000+00:00",
"title": "CVE-2020-0496"
},
{
"cve": "CVE-2020-0497",
"notes": [
{
"category": "description",
"text": "In Google Android existieren mehrere Schwachstellen. Sie befinden sich in den Komponenten \"Framework\", \"Google Play\", \"Media Framework\", \"MediaTek\", \"Qualcomm closed-source components\", \"Qualcomm components\", \"Kernel\" und \"System\". Ein Angreifer kann dieses nutzen und seine Privilegien erweitern, Code zur Ausf\u00fchrung bringen, vertrauliche Daten einsehen, sowie einen Denial of Service Zustand herbeif\u00fchren. Zur erfolgreichen Ausnutzung einiger dieser Schwachstellen ist eine Benutzerinteraktion erforderlich."
}
],
"product_status": {
"known_affected": [
"344177",
"T015519",
"T015518",
"67646",
"T015516",
"T012696",
"1076561",
"T015127",
"T015126",
"T004914",
"407131",
"T016243",
"T017166",
"T002207",
"1321",
"560061",
"T026399"
]
},
"release_date": "2020-12-15T23:00:00.000+00:00",
"title": "CVE-2020-0497"
},
{
"cve": "CVE-2020-0498",
"notes": [
{
"category": "description",
"text": "In Google Android existieren mehrere Schwachstellen. Sie befinden sich in den Komponenten \"Framework\", \"Google Play\", \"Media Framework\", \"MediaTek\", \"Qualcomm closed-source components\", \"Qualcomm components\", \"Kernel\" und \"System\". Ein Angreifer kann dieses nutzen und seine Privilegien erweitern, Code zur Ausf\u00fchrung bringen, vertrauliche Daten einsehen, sowie einen Denial of Service Zustand herbeif\u00fchren. Zur erfolgreichen Ausnutzung einiger dieser Schwachstellen ist eine Benutzerinteraktion erforderlich."
}
],
"product_status": {
"known_affected": [
"344177",
"T015519",
"T015518",
"67646",
"T015516",
"T012696",
"1076561",
"T015127",
"T015126",
"T004914",
"407131",
"T016243",
"T017166",
"T002207",
"1321",
"560061",
"T026399"
]
},
"release_date": "2020-12-15T23:00:00.000+00:00",
"title": "CVE-2020-0498"
},
{
"cve": "CVE-2020-0499",
"notes": [
{
"category": "description",
"text": "In Google Android existieren mehrere Schwachstellen. Sie befinden sich in den Komponenten \"Framework\", \"Google Play\", \"Media Framework\", \"MediaTek\", \"Qualcomm closed-source components\", \"Qualcomm components\", \"Kernel\" und \"System\". Ein Angreifer kann dieses nutzen und seine Privilegien erweitern, Code zur Ausf\u00fchrung bringen, vertrauliche Daten einsehen, sowie einen Denial of Service Zustand herbeif\u00fchren. Zur erfolgreichen Ausnutzung einiger dieser Schwachstellen ist eine Benutzerinteraktion erforderlich."
}
],
"product_status": {
"known_affected": [
"344177",
"T015519",
"T015518",
"67646",
"T015516",
"T012696",
"1076561",
"T015127",
"T015126",
"T004914",
"407131",
"T016243",
"T017166",
"T002207",
"1321",
"560061",
"T026399"
]
},
"release_date": "2020-12-15T23:00:00.000+00:00",
"title": "CVE-2020-0499"
},
{
"cve": "CVE-2020-0500",
"notes": [
{
"category": "description",
"text": "In Google Android existieren mehrere Schwachstellen. Sie befinden sich in den Komponenten \"Framework\", \"Google Play\", \"Media Framework\", \"MediaTek\", \"Qualcomm closed-source components\", \"Qualcomm components\", \"Kernel\" und \"System\". Ein Angreifer kann dieses nutzen und seine Privilegien erweitern, Code zur Ausf\u00fchrung bringen, vertrauliche Daten einsehen, sowie einen Denial of Service Zustand herbeif\u00fchren. Zur erfolgreichen Ausnutzung einiger dieser Schwachstellen ist eine Benutzerinteraktion erforderlich."
}
],
"product_status": {
"known_affected": [
"344177",
"T015519",
"T015518",
"67646",
"T015516",
"T012696",
"1076561",
"T015127",
"T015126",
"T004914",
"407131",
"T016243",
"T017166",
"T002207",
"1321",
"560061",
"T026399"
]
},
"release_date": "2020-12-15T23:00:00.000+00:00",
"title": "CVE-2020-0500"
},
{
"cve": "CVE-2020-11119",
"notes": [
{
"category": "description",
"text": "In Google Android existieren mehrere Schwachstellen. Sie befinden sich in den Komponenten \"Framework\", \"Google Play\", \"Media Framework\", \"MediaTek\", \"Qualcomm closed-source components\", \"Qualcomm components\", \"Kernel\" und \"System\". Ein Angreifer kann dieses nutzen und seine Privilegien erweitern, Code zur Ausf\u00fchrung bringen, vertrauliche Daten einsehen, sowie einen Denial of Service Zustand herbeif\u00fchren. Zur erfolgreichen Ausnutzung einiger dieser Schwachstellen ist eine Benutzerinteraktion erforderlich."
}
],
"product_status": {
"known_affected": [
"344177",
"T015519",
"T015518",
"67646",
"T015516",
"T012696",
"1076561",
"T015127",
"T015126",
"T004914",
"407131",
"T016243",
"T017166",
"T002207",
"1321",
"560061",
"T026399"
]
},
"release_date": "2020-12-15T23:00:00.000+00:00",
"title": "CVE-2020-11119"
},
{
"cve": "CVE-2020-11136",
"notes": [
{
"category": "description",
"text": "In Google Android existieren mehrere Schwachstellen. Sie befinden sich in den Komponenten \"Framework\", \"Google Play\", \"Media Framework\", \"MediaTek\", \"Qualcomm closed-source components\", \"Qualcomm components\", \"Kernel\" und \"System\". Ein Angreifer kann dieses nutzen und seine Privilegien erweitern, Code zur Ausf\u00fchrung bringen, vertrauliche Daten einsehen, sowie einen Denial of Service Zustand herbeif\u00fchren. Zur erfolgreichen Ausnutzung einiger dieser Schwachstellen ist eine Benutzerinteraktion erforderlich."
}
],
"product_status": {
"known_affected": [
"344177",
"T015519",
"T015518",
"67646",
"T015516",
"T012696",
"1076561",
"T015127",
"T015126",
"T004914",
"407131",
"T016243",
"T017166",
"T002207",
"1321",
"560061",
"T026399"
]
},
"release_date": "2020-12-15T23:00:00.000+00:00",
"title": "CVE-2020-11136"
},
{
"cve": "CVE-2020-11137",
"notes": [
{
"category": "description",
"text": "In Google Android existieren mehrere Schwachstellen. Sie befinden sich in den Komponenten \"Framework\", \"Google Play\", \"Media Framework\", \"MediaTek\", \"Qualcomm closed-source components\", \"Qualcomm components\", \"Kernel\" und \"System\". Ein Angreifer kann dieses nutzen und seine Privilegien erweitern, Code zur Ausf\u00fchrung bringen, vertrauliche Daten einsehen, sowie einen Denial of Service Zustand herbeif\u00fchren. Zur erfolgreichen Ausnutzung einiger dieser Schwachstellen ist eine Benutzerinteraktion erforderlich."
}
],
"product_status": {
"known_affected": [
"344177",
"T015519",
"T015518",
"67646",
"T015516",
"T012696",
"1076561",
"T015127",
"T015126",
"T004914",
"407131",
"T016243",
"T017166",
"T002207",
"1321",
"560061",
"T026399"
]
},
"release_date": "2020-12-15T23:00:00.000+00:00",
"title": "CVE-2020-11137"
},
{
"cve": "CVE-2020-11138",
"notes": [
{
"category": "description",
"text": "In Google Android existieren mehrere Schwachstellen. Sie befinden sich in den Komponenten \"Framework\", \"Google Play\", \"Media Framework\", \"MediaTek\", \"Qualcomm closed-source components\", \"Qualcomm components\", \"Kernel\" und \"System\". Ein Angreifer kann dieses nutzen und seine Privilegien erweitern, Code zur Ausf\u00fchrung bringen, vertrauliche Daten einsehen, sowie einen Denial of Service Zustand herbeif\u00fchren. Zur erfolgreichen Ausnutzung einiger dieser Schwachstellen ist eine Benutzerinteraktion erforderlich."
}
],
"product_status": {
"known_affected": [
"344177",
"T015519",
"T015518",
"67646",
"T015516",
"T012696",
"1076561",
"T015127",
"T015126",
"T004914",
"407131",
"T016243",
"T017166",
"T002207",
"1321",
"560061",
"T026399"
]
},
"release_date": "2020-12-15T23:00:00.000+00:00",
"title": "CVE-2020-11138"
},
{
"cve": "CVE-2020-11139",
"notes": [
{
"category": "description",
"text": "In Google Android existieren mehrere Schwachstellen. Sie befinden sich in den Komponenten \"Framework\", \"Google Play\", \"Media Framework\", \"MediaTek\", \"Qualcomm closed-source components\", \"Qualcomm components\", \"Kernel\" und \"System\". Ein Angreifer kann dieses nutzen und seine Privilegien erweitern, Code zur Ausf\u00fchrung bringen, vertrauliche Daten einsehen, sowie einen Denial of Service Zustand herbeif\u00fchren. Zur erfolgreichen Ausnutzung einiger dieser Schwachstellen ist eine Benutzerinteraktion erforderlich."
}
],
"product_status": {
"known_affected": [
"344177",
"T015519",
"T015518",
"67646",
"T015516",
"T012696",
"1076561",
"T015127",
"T015126",
"T004914",
"407131",
"T016243",
"T017166",
"T002207",
"1321",
"560061",
"T026399"
]
},
"release_date": "2020-12-15T23:00:00.000+00:00",
"title": "CVE-2020-11139"
},
{
"cve": "CVE-2020-11140",
"notes": [
{
"category": "description",
"text": "In Google Android existieren mehrere Schwachstellen. Sie befinden sich in den Komponenten \"Framework\", \"Google Play\", \"Media Framework\", \"MediaTek\", \"Qualcomm closed-source components\", \"Qualcomm components\", \"Kernel\" und \"System\". Ein Angreifer kann dieses nutzen und seine Privilegien erweitern, Code zur Ausf\u00fchrung bringen, vertrauliche Daten einsehen, sowie einen Denial of Service Zustand herbeif\u00fchren. Zur erfolgreichen Ausnutzung einiger dieser Schwachstellen ist eine Benutzerinteraktion erforderlich."
}
],
"product_status": {
"known_affected": [
"344177",
"T015519",
"T015518",
"67646",
"T015516",
"T012696",
"1076561",
"T015127",
"T015126",
"T004914",
"407131",
"T016243",
"T017166",
"T002207",
"1321",
"560061",
"T026399"
]
},
"release_date": "2020-12-15T23:00:00.000+00:00",
"title": "CVE-2020-11140"
},
{
"cve": "CVE-2020-11143",
"notes": [
{
"category": "description",
"text": "In Google Android existieren mehrere Schwachstellen. Sie befinden sich in den Komponenten \"Framework\", \"Google Play\", \"Media Framework\", \"MediaTek\", \"Qualcomm closed-source components\", \"Qualcomm components\", \"Kernel\" und \"System\". Ein Angreifer kann dieses nutzen und seine Privilegien erweitern, Code zur Ausf\u00fchrung bringen, vertrauliche Daten einsehen, sowie einen Denial of Service Zustand herbeif\u00fchren. Zur erfolgreichen Ausnutzung einiger dieser Schwachstellen ist eine Benutzerinteraktion erforderlich."
}
],
"product_status": {
"known_affected": [
"344177",
"T015519",
"T015518",
"67646",
"T015516",
"T012696",
"1076561",
"T015127",
"T015126",
"T004914",
"407131",
"T016243",
"T017166",
"T002207",
"1321",
"560061",
"T026399"
]
},
"release_date": "2020-12-15T23:00:00.000+00:00",
"title": "CVE-2020-11143"
},
{
"cve": "CVE-2020-11144",
"notes": [
{
"category": "description",
"text": "In Google Android existieren mehrere Schwachstellen. Sie befinden sich in den Komponenten \"Framework\", \"Google Play\", \"Media Framework\", \"MediaTek\", \"Qualcomm closed-source components\", \"Qualcomm components\", \"Kernel\" und \"System\". Ein Angreifer kann dieses nutzen und seine Privilegien erweitern, Code zur Ausf\u00fchrung bringen, vertrauliche Daten einsehen, sowie einen Denial of Service Zustand herbeif\u00fchren. Zur erfolgreichen Ausnutzung einiger dieser Schwachstellen ist eine Benutzerinteraktion erforderlich."
}
],
"product_status": {
"known_affected": [
"344177",
"T015519",
"T015518",
"67646",
"T015516",
"T012696",
"1076561",
"T015127",
"T015126",
"T004914",
"407131",
"T016243",
"T017166",
"T002207",
"1321",
"560061",
"T026399"
]
},
"release_date": "2020-12-15T23:00:00.000+00:00",
"title": "CVE-2020-11144"
},
{
"cve": "CVE-2020-11145",
"notes": [
{
"category": "description",
"text": "In Google Android existieren mehrere Schwachstellen. Sie befinden sich in den Komponenten \"Framework\", \"Google Play\", \"Media Framework\", \"MediaTek\", \"Qualcomm closed-source components\", \"Qualcomm components\", \"Kernel\" und \"System\". Ein Angreifer kann dieses nutzen und seine Privilegien erweitern, Code zur Ausf\u00fchrung bringen, vertrauliche Daten einsehen, sowie einen Denial of Service Zustand herbeif\u00fchren. Zur erfolgreichen Ausnutzung einiger dieser Schwachstellen ist eine Benutzerinteraktion erforderlich."
}
],
"product_status": {
"known_affected": [
"344177",
"T015519",
"T015518",
"67646",
"T015516",
"T012696",
"1076561",
"T015127",
"T015126",
"T004914",
"407131",
"T016243",
"T017166",
"T002207",
"1321",
"560061",
"T026399"
]
},
"release_date": "2020-12-15T23:00:00.000+00:00",
"title": "CVE-2020-11145"
},
{
"cve": "CVE-2020-11146",
"notes": [
{
"category": "description",
"text": "In Google Android existieren mehrere Schwachstellen. Sie befinden sich in den Komponenten \"Framework\", \"Google Play\", \"Media Framework\", \"MediaTek\", \"Qualcomm closed-source components\", \"Qualcomm components\", \"Kernel\" und \"System\". Ein Angreifer kann dieses nutzen und seine Privilegien erweitern, Code zur Ausf\u00fchrung bringen, vertrauliche Daten einsehen, sowie einen Denial of Service Zustand herbeif\u00fchren. Zur erfolgreichen Ausnutzung einiger dieser Schwachstellen ist eine Benutzerinteraktion erforderlich."
}
],
"product_status": {
"known_affected": [
"344177",
"T015519",
"T015518",
"67646",
"T015516",
"T012696",
"1076561",
"T015127",
"T015126",
"T004914",
"407131",
"T016243",
"T017166",
"T002207",
"1321",
"560061",
"T026399"
]
},
"release_date": "2020-12-15T23:00:00.000+00:00",
"title": "CVE-2020-11146"
},
{
"cve": "CVE-2020-11148",
"notes": [
{
"category": "description",
"text": "In Google Android existieren mehrere Schwachstellen. Sie befinden sich in den Komponenten \"Framework\", \"Google Play\", \"Media Framework\", \"MediaTek\", \"Qualcomm closed-source components\", \"Qualcomm components\", \"Kernel\" und \"System\". Ein Angreifer kann dieses nutzen und seine Privilegien erweitern, Code zur Ausf\u00fchrung bringen, vertrauliche Daten einsehen, sowie einen Denial of Service Zustand herbeif\u00fchren. Zur erfolgreichen Ausnutzung einiger dieser Schwachstellen ist eine Benutzerinteraktion erforderlich."
}
],
"product_status": {
"known_affected": [
"344177",
"T015519",
"T015518",
"67646",
"T015516",
"T012696",
"1076561",
"T015127",
"T015126",
"T004914",
"407131",
"T016243",
"T017166",
"T002207",
"1321",
"560061",
"T026399"
]
},
"release_date": "2020-12-15T23:00:00.000+00:00",
"title": "CVE-2020-11148"
},
{
"cve": "CVE-2020-11149",
"notes": [
{
"category": "description",
"text": "In Google Android existieren mehrere Schwachstellen. Sie befinden sich in den Komponenten \"Framework\", \"Google Play\", \"Media Framework\", \"MediaTek\", \"Qualcomm closed-source components\", \"Qualcomm components\", \"Kernel\" und \"System\". Ein Angreifer kann dieses nutzen und seine Privilegien erweitern, Code zur Ausf\u00fchrung bringen, vertrauliche Daten einsehen, sowie einen Denial of Service Zustand herbeif\u00fchren. Zur erfolgreichen Ausnutzung einiger dieser Schwachstellen ist eine Benutzerinteraktion erforderlich."
}
],
"product_status": {
"known_affected": [
"344177",
"T015519",
"T015518",
"67646",
"T015516",
"T012696",
"1076561",
"T015127",
"T015126",
"T004914",
"407131",
"T016243",
"T017166",
"T002207",
"1321",
"560061",
"T026399"
]
},
"release_date": "2020-12-15T23:00:00.000+00:00",
"title": "CVE-2020-11149"
},
{
"cve": "CVE-2020-11150",
"notes": [
{
"category": "description",
"text": "In Google Android existieren mehrere Schwachstellen. Sie befinden sich in den Komponenten \"Framework\", \"Google Play\", \"Media Framework\", \"MediaTek\", \"Qualcomm closed-source components\", \"Qualcomm components\", \"Kernel\" und \"System\". Ein Angreifer kann dieses nutzen und seine Privilegien erweitern, Code zur Ausf\u00fchrung bringen, vertrauliche Daten einsehen, sowie einen Denial of Service Zustand herbeif\u00fchren. Zur erfolgreichen Ausnutzung einiger dieser Schwachstellen ist eine Benutzerinteraktion erforderlich."
}
],
"product_status": {
"known_affected": [
"344177",
"T015519",
"T015518",
"67646",
"T015516",
"T012696",
"1076561",
"T015127",
"T015126",
"T004914",
"407131",
"T016243",
"T017166",
"T002207",
"1321",
"560061",
"T026399"
]
},
"release_date": "2020-12-15T23:00:00.000+00:00",
"title": "CVE-2020-11150"
},
{
"cve": "CVE-2020-11151",
"notes": [
{
"category": "description",
"text": "In Google Android existieren mehrere Schwachstellen. Sie befinden sich in den Komponenten \"Framework\", \"Google Play\", \"Media Framework\", \"MediaTek\", \"Qualcomm closed-source components\", \"Qualcomm components\", \"Kernel\" und \"System\". Ein Angreifer kann dieses nutzen und seine Privilegien erweitern, Code zur Ausf\u00fchrung bringen, vertrauliche Daten einsehen, sowie einen Denial of Service Zustand herbeif\u00fchren. Zur erfolgreichen Ausnutzung einiger dieser Schwachstellen ist eine Benutzerinteraktion erforderlich."
}
],
"product_status": {
"known_affected": [
"344177",
"T015519",
"T015518",
"67646",
"T015516",
"T012696",
"1076561",
"T015127",
"T015126",
"T004914",
"407131",
"T016243",
"T017166",
"T002207",
"1321",
"560061",
"T026399"
]
},
"release_date": "2020-12-15T23:00:00.000+00:00",
"title": "CVE-2020-11151"
},
{
"cve": "CVE-2020-11152",
"notes": [
{
"category": "description",
"text": "In Google Android existieren mehrere Schwachstellen. Sie befinden sich in den Komponenten \"Framework\", \"Google Play\", \"Media Framework\", \"MediaTek\", \"Qualcomm closed-source components\", \"Qualcomm components\", \"Kernel\" und \"System\". Ein Angreifer kann dieses nutzen und seine Privilegien erweitern, Code zur Ausf\u00fchrung bringen, vertrauliche Daten einsehen, sowie einen Denial of Service Zustand herbeif\u00fchren. Zur erfolgreichen Ausnutzung einiger dieser Schwachstellen ist eine Benutzerinteraktion erforderlich."
}
],
"product_status": {
"known_affected": [
"344177",
"T015519",
"T015518",
"67646",
"T015516",
"T012696",
"1076561",
"T015127",
"T015126",
"T004914",
"407131",
"T016243",
"T017166",
"T002207",
"1321",
"560061",
"T026399"
]
},
"release_date": "2020-12-15T23:00:00.000+00:00",
"title": "CVE-2020-11152"
},
{
"cve": "CVE-2020-11167",
"notes": [
{
"category": "description",
"text": "In Google Android existieren mehrere Schwachstellen. Sie befinden sich in den Komponenten \"Framework\", \"Google Play\", \"Media Framework\", \"MediaTek\", \"Qualcomm closed-source components\", \"Qualcomm components\", \"Kernel\" und \"System\". Ein Angreifer kann dieses nutzen und seine Privilegien erweitern, Code zur Ausf\u00fchrung bringen, vertrauliche Daten einsehen, sowie einen Denial of Service Zustand herbeif\u00fchren. Zur erfolgreichen Ausnutzung einiger dieser Schwachstellen ist eine Benutzerinteraktion erforderlich."
}
],
"product_status": {
"known_affected": [
"344177",
"T015519",
"T015518",
"67646",
"T015516",
"T012696",
"1076561",
"T015127",
"T015126",
"T004914",
"407131",
"T016243",
"T017166",
"T002207",
"1321",
"560061",
"T026399"
]
},
"release_date": "2020-12-15T23:00:00.000+00:00",
"title": "CVE-2020-11167"
},
{
"cve": "CVE-2020-11179",
"notes": [
{
"category": "description",
"text": "In Google Android existieren mehrere Schwachstellen. Sie befinden sich in den Komponenten \"Framework\", \"Google Play\", \"Media Framework\", \"MediaTek\", \"Qualcomm closed-source components\", \"Qualcomm components\", \"Kernel\" und \"System\". Ein Angreifer kann dieses nutzen und seine Privilegien erweitern, Code zur Ausf\u00fchrung bringen, vertrauliche Daten einsehen, sowie einen Denial of Service Zustand herbeif\u00fchren. Zur erfolgreichen Ausnutzung einiger dieser Schwachstellen ist eine Benutzerinteraktion erforderlich."
}
],
"product_status": {
"known_affected": [
"344177",
"T015519",
"T015518",
"67646",
"T015516",
"T012696",
"1076561",
"T015127",
"T015126",
"T004914",
"407131",
"T016243",
"T017166",
"T002207",
"1321",
"560061",
"T026399"
]
},
"release_date": "2020-12-15T23:00:00.000+00:00",
"title": "CVE-2020-11179"
},
{
"cve": "CVE-2020-11183",
"notes": [
{
"category": "description",
"text": "In Google Android existieren mehrere Schwachstellen. Sie befinden sich in den Komponenten \"Framework\", \"Google Play\", \"Media Framework\", \"MediaTek\", \"Qualcomm closed-source components\", \"Qualcomm components\", \"Kernel\" und \"System\". Ein Angreifer kann dieses nutzen und seine Privilegien erweitern, Code zur Ausf\u00fchrung bringen, vertrauliche Daten einsehen, sowie einen Denial of Service Zustand herbeif\u00fchren. Zur erfolgreichen Ausnutzung einiger dieser Schwachstellen ist eine Benutzerinteraktion erforderlich."
}
],
"product_status": {
"known_affected": [
"344177",
"T015519",
"T015518",
"67646",
"T015516",
"T012696",
"1076561",
"T015127",
"T015126",
"T004914",
"407131",
"T016243",
"T017166",
"T002207",
"1321",
"560061",
"T026399"
]
},
"release_date": "2020-12-15T23:00:00.000+00:00",
"title": "CVE-2020-11183"
},
{
"cve": "CVE-2020-11185",
"notes": [
{
"category": "description",
"text": "In Google Android existieren mehrere Schwachstellen. Sie befinden sich in den Komponenten \"Framework\", \"Google Play\", \"Media Framework\", \"MediaTek\", \"Qualcomm closed-source components\", \"Qualcomm components\", \"Kernel\" und \"System\". Ein Angreifer kann dieses nutzen und seine Privilegien erweitern, Code zur Ausf\u00fchrung bringen, vertrauliche Daten einsehen, sowie einen Denial of Service Zustand herbeif\u00fchren. Zur erfolgreichen Ausnutzung einiger dieser Schwachstellen ist eine Benutzerinteraktion erforderlich."
}
],
"product_status": {
"known_affected": [
"344177",
"T015519",
"T015518",
"67646",
"T015516",
"T012696",
"1076561",
"T015127",
"T015126",
"T004914",
"407131",
"T016243",
"T017166",
"T002207",
"1321",
"560061",
"T026399"
]
},
"release_date": "2020-12-15T23:00:00.000+00:00",
"title": "CVE-2020-11185"
},
{
"cve": "CVE-2020-11197",
"notes": [
{
"category": "description",
"text": "In Google Android existieren mehrere Schwachstellen. Sie befinden sich in den Komponenten \"Framework\", \"Google Play\", \"Media Framework\", \"MediaTek\", \"Qualcomm closed-source components\", \"Qualcomm components\", \"Kernel\" und \"System\". Ein Angreifer kann dieses nutzen und seine Privilegien erweitern, Code zur Ausf\u00fchrung bringen, vertrauliche Daten einsehen, sowie einen Denial of Service Zustand herbeif\u00fchren. Zur erfolgreichen Ausnutzung einiger dieser Schwachstellen ist eine Benutzerinteraktion erforderlich."
}
],
"product_status": {
"known_affected": [
"344177",
"T015519",
"T015518",
"67646",
"T015516",
"T012696",
"1076561",
"T015127",
"T015126",
"T004914",
"407131",
"T016243",
"T017166",
"T002207",
"1321",
"560061",
"T026399"
]
},
"release_date": "2020-12-15T23:00:00.000+00:00",
"title": "CVE-2020-11197"
},
{
"cve": "CVE-2020-11200",
"notes": [
{
"category": "description",
"text": "In Google Android existieren mehrere Schwachstellen. Sie befinden sich in den Komponenten \"Framework\", \"Google Play\", \"Media Framework\", \"MediaTek\", \"Qualcomm closed-source components\", \"Qualcomm components\", \"Kernel\" und \"System\". Ein Angreifer kann dieses nutzen und seine Privilegien erweitern, Code zur Ausf\u00fchrung bringen, vertrauliche Daten einsehen, sowie einen Denial of Service Zustand herbeif\u00fchren. Zur erfolgreichen Ausnutzung einiger dieser Schwachstellen ist eine Benutzerinteraktion erforderlich."
}
],
"product_status": {
"known_affected": [
"344177",
"T015519",
"T015518",
"67646",
"T015516",
"T012696",
"1076561",
"T015127",
"T015126",
"T004914",
"407131",
"T016243",
"T017166",
"T002207",
"1321",
"560061",
"T026399"
]
},
"release_date": "2020-12-15T23:00:00.000+00:00",
"title": "CVE-2020-11200"
},
{
"cve": "CVE-2020-11212",
"notes": [
{
"category": "description",
"text": "In Google Android existieren mehrere Schwachstellen. Sie befinden sich in den Komponenten \"Framework\", \"Google Play\", \"Media Framework\", \"MediaTek\", \"Qualcomm closed-source components\", \"Qualcomm components\", \"Kernel\" und \"System\". Ein Angreifer kann dieses nutzen und seine Privilegien erweitern, Code zur Ausf\u00fchrung bringen, vertrauliche Daten einsehen, sowie einen Denial of Service Zustand herbeif\u00fchren. Zur erfolgreichen Ausnutzung einiger dieser Schwachstellen ist eine Benutzerinteraktion erforderlich."
}
],
"product_status": {
"known_affected": [
"344177",
"T015519",
"T015518",
"67646",
"T015516",
"T012696",
"1076561",
"T015127",
"T015126",
"T004914",
"407131",
"T016243",
"T017166",
"T002207",
"1321",
"560061",
"T026399"
]
},
"release_date": "2020-12-15T23:00:00.000+00:00",
"title": "CVE-2020-11212"
},
{
"cve": "CVE-2020-11213",
"notes": [
{
"category": "description",
"text": "In Google Android existieren mehrere Schwachstellen. Sie befinden sich in den Komponenten \"Framework\", \"Google Play\", \"Media Framework\", \"MediaTek\", \"Qualcomm closed-source components\", \"Qualcomm components\", \"Kernel\" und \"System\". Ein Angreifer kann dieses nutzen und seine Privilegien erweitern, Code zur Ausf\u00fchrung bringen, vertrauliche Daten einsehen, sowie einen Denial of Service Zustand herbeif\u00fchren. Zur erfolgreichen Ausnutzung einiger dieser Schwachstellen ist eine Benutzerinteraktion erforderlich."
}
],
"product_status": {
"known_affected": [
"344177",
"T015519",
"T015518",
"67646",
"T015516",
"T012696",
"1076561",
"T015127",
"T015126",
"T004914",
"407131",
"T016243",
"T017166",
"T002207",
"1321",
"560061",
"T026399"
]
},
"release_date": "2020-12-15T23:00:00.000+00:00",
"title": "CVE-2020-11213"
},
{
"cve": "CVE-2020-11214",
"notes": [
{
"category": "description",
"text": "In Google Android existieren mehrere Schwachstellen. Sie befinden sich in den Komponenten \"Framework\", \"Google Play\", \"Media Framework\", \"MediaTek\", \"Qualcomm closed-source components\", \"Qualcomm components\", \"Kernel\" und \"System\". Ein Angreifer kann dieses nutzen und seine Privilegien erweitern, Code zur Ausf\u00fchrung bringen, vertrauliche Daten einsehen, sowie einen Denial of Service Zustand herbeif\u00fchren. Zur erfolgreichen Ausnutzung einiger dieser Schwachstellen ist eine Benutzerinteraktion erforderlich."
}
],
"product_status": {
"known_affected": [
"344177",
"T015519",
"T015518",
"67646",
"T015516",
"T012696",
"1076561",
"T015127",
"T015126",
"T004914",
"407131",
"T016243",
"T017166",
"T002207",
"1321",
"560061",
"T026399"
]
},
"release_date": "2020-12-15T23:00:00.000+00:00",
"title": "CVE-2020-11214"
},
{
"cve": "CVE-2020-11215",
"notes": [
{
"category": "description",
"text": "In Google Android existieren mehrere Schwachstellen. Sie befinden sich in den Komponenten \"Framework\", \"Google Play\", \"Media Framework\", \"MediaTek\", \"Qualcomm closed-source components\", \"Qualcomm components\", \"Kernel\" und \"System\". Ein Angreifer kann dieses nutzen und seine Privilegien erweitern, Code zur Ausf\u00fchrung bringen, vertrauliche Daten einsehen, sowie einen Denial of Service Zustand herbeif\u00fchren. Zur erfolgreichen Ausnutzung einiger dieser Schwachstellen ist eine Benutzerinteraktion erforderlich."
}
],
"product_status": {
"known_affected": [
"344177",
"T015519",
"T015518",
"67646",
"T015516",
"T012696",
"1076561",
"T015127",
"T015126",
"T004914",
"407131",
"T016243",
"T017166",
"T002207",
"1321",
"560061",
"T026399"
]
},
"release_date": "2020-12-15T23:00:00.000+00:00",
"title": "CVE-2020-11215"
},
{
"cve": "CVE-2020-11216",
"notes": [
{
"category": "description",
"text": "In Google Android existieren mehrere Schwachstellen. Sie befinden sich in den Komponenten \"Framework\", \"Google Play\", \"Media Framework\", \"MediaTek\", \"Qualcomm closed-source components\", \"Qualcomm components\", \"Kernel\" und \"System\". Ein Angreifer kann dieses nutzen und seine Privilegien erweitern, Code zur Ausf\u00fchrung bringen, vertrauliche Daten einsehen, sowie einen Denial of Service Zustand herbeif\u00fchren. Zur erfolgreichen Ausnutzung einiger dieser Schwachstellen ist eine Benutzerinteraktion erforderlich."
}
],
"product_status": {
"known_affected": [
"344177",
"T015519",
"T015518",
"67646",
"T015516",
"T012696",
"1076561",
"T015127",
"T015126",
"T004914",
"407131",
"T016243",
"T017166",
"T002207",
"1321",
"560061",
"T026399"
]
},
"release_date": "2020-12-15T23:00:00.000+00:00",
"title": "CVE-2020-11216"
},
{
"cve": "CVE-2020-11217",
"notes": [
{
"category": "description",
"text": "In Google Android existieren mehrere Schwachstellen. Sie befinden sich in den Komponenten \"Framework\", \"Google Play\", \"Media Framework\", \"MediaTek\", \"Qualcomm closed-source components\", \"Qualcomm components\", \"Kernel\" und \"System\". Ein Angreifer kann dieses nutzen und seine Privilegien erweitern, Code zur Ausf\u00fchrung bringen, vertrauliche Daten einsehen, sowie einen Denial of Service Zustand herbeif\u00fchren. Zur erfolgreichen Ausnutzung einiger dieser Schwachstellen ist eine Benutzerinteraktion erforderlich."
}
],
"product_status": {
"known_affected": [
"344177",
"T015519",
"T015518",
"67646",
"T015516",
"T012696",
"1076561",
"T015127",
"T015126",
"T004914",
"407131",
"T016243",
"T017166",
"T002207",
"1321",
"560061",
"T026399"
]
},
"release_date": "2020-12-15T23:00:00.000+00:00",
"title": "CVE-2020-11217"
},
{
"cve": "CVE-2020-11225",
"notes": [
{
"category": "description",
"text": "In Google Android existieren mehrere Schwachstellen. Sie befinden sich in den Komponenten \"Framework\", \"Google Play\", \"Media Framework\", \"MediaTek\", \"Qualcomm closed-source components\", \"Qualcomm components\", \"Kernel\" und \"System\". Ein Angreifer kann dieses nutzen und seine Privilegien erweitern, Code zur Ausf\u00fchrung bringen, vertrauliche Daten einsehen, sowie einen Denial of Service Zustand herbeif\u00fchren. Zur erfolgreichen Ausnutzung einiger dieser Schwachstellen ist eine Benutzerinteraktion erforderlich."
}
],
"product_status": {
"known_affected": [
"344177",
"T015519",
"T015518",
"67646",
"T015516",
"T012696",
"1076561",
"T015127",
"T015126",
"T004914",
"407131",
"T016243",
"T017166",
"T002207",
"1321",
"560061",
"T026399"
]
},
"release_date": "2020-12-15T23:00:00.000+00:00",
"title": "CVE-2020-11225"
},
{
"cve": "CVE-2020-13143",
"notes": [
{
"category": "description",
"text": "In Google Android existieren mehrere Schwachstellen. Sie befinden sich in den Komponenten \"Framework\", \"Google Play\", \"Media Framework\", \"MediaTek\", \"Qualcomm closed-source components\", \"Qualcomm components\", \"Kernel\" und \"System\". Ein Angreifer kann dieses nutzen und seine Privilegien erweitern, Code zur Ausf\u00fchrung bringen, vertrauliche Daten einsehen, sowie einen Denial of Service Zustand herbeif\u00fchren. Zur erfolgreichen Ausnutzung einiger dieser Schwachstellen ist eine Benutzerinteraktion erforderlich."
}
],
"product_status": {
"known_affected": [
"344177",
"T015519",
"T015518",
"67646",
"T015516",
"T012696",
"1076561",
"T015127",
"T015126",
"T004914",
"407131",
"T016243",
"T017166",
"T002207",
"1321",
"560061",
"T026399"
]
},
"release_date": "2020-12-15T23:00:00.000+00:00",
"title": "CVE-2020-13143"
},
{
"cve": "CVE-2020-15802",
"notes": [
{
"category": "description",
"text": "In Google Android existieren mehrere Schwachstellen. Sie befinden sich in den Komponenten \"Framework\", \"Google Play\", \"Media Framework\", \"MediaTek\", \"Qualcomm closed-source components\", \"Qualcomm components\", \"Kernel\" und \"System\". Ein Angreifer kann dieses nutzen und seine Privilegien erweitern, Code zur Ausf\u00fchrung bringen, vertrauliche Daten einsehen, sowie einen Denial of Service Zustand herbeif\u00fchren. Zur erfolgreichen Ausnutzung einiger dieser Schwachstellen ist eine Benutzerinteraktion erforderlich."
}
],
"product_status": {
"known_affected": [
"344177",
"T015519",
"T015518",
"67646",
"T015516",
"T012696",
"1076561",
"T015127",
"T015126",
"T004914",
"407131",
"T016243",
"T017166",
"T002207",
"1321",
"560061",
"T026399"
]
},
"release_date": "2020-12-15T23:00:00.000+00:00",
"title": "CVE-2020-15802"
},
{
"cve": "CVE-2020-25220",
"notes": [
{
"category": "description",
"text": "In Google Android existieren mehrere Schwachstellen. Sie befinden sich in den Komponenten \"Framework\", \"Google Play\", \"Media Framework\", \"MediaTek\", \"Qualcomm closed-source components\", \"Qualcomm components\", \"Kernel\" und \"System\". Ein Angreifer kann dieses nutzen und seine Privilegien erweitern, Code zur Ausf\u00fchrung bringen, vertrauliche Daten einsehen, sowie einen Denial of Service Zustand herbeif\u00fchren. Zur erfolgreichen Ausnutzung einiger dieser Schwachstellen ist eine Benutzerinteraktion erforderlich."
}
],
"product_status": {
"known_affected": [
"344177",
"T015519",
"T015518",
"67646",
"T015516",
"T012696",
"1076561",
"T015127",
"T015126",
"T004914",
"407131",
"T016243",
"T017166",
"T002207",
"1321",
"560061",
"T026399"
]
},
"release_date": "2020-12-15T23:00:00.000+00:00",
"title": "CVE-2020-25220"
},
{
"cve": "CVE-2020-27021",
"notes": [
{
"category": "description",
"text": "In Google Android existieren mehrere Schwachstellen. Sie befinden sich in den Komponenten \"Framework\", \"Google Play\", \"Media Framework\", \"MediaTek\", \"Qualcomm closed-source components\", \"Qualcomm components\", \"Kernel\" und \"System\". Ein Angreifer kann dieses nutzen und seine Privilegien erweitern, Code zur Ausf\u00fchrung bringen, vertrauliche Daten einsehen, sowie einen Denial of Service Zustand herbeif\u00fchren. Zur erfolgreichen Ausnutzung einiger dieser Schwachstellen ist eine Benutzerinteraktion erforderlich."
}
],
"product_status": {
"known_affected": [
"344177",
"T015519",
"T015518",
"67646",
"T015516",
"T012696",
"1076561",
"T015127",
"T015126",
"T004914",
"407131",
"T016243",
"T017166",
"T002207",
"1321",
"560061",
"T026399"
]
},
"release_date": "2020-12-15T23:00:00.000+00:00",
"title": "CVE-2020-27021"
},
{
"cve": "CVE-2020-27023",
"notes": [
{
"category": "description",
"text": "In Google Android existieren mehrere Schwachstellen. Sie befinden sich in den Komponenten \"Framework\", \"Google Play\", \"Media Framework\", \"MediaTek\", \"Qualcomm closed-source components\", \"Qualcomm components\", \"Kernel\" und \"System\". Ein Angreifer kann dieses nutzen und seine Privilegien erweitern, Code zur Ausf\u00fchrung bringen, vertrauliche Daten einsehen, sowie einen Denial of Service Zustand herbeif\u00fchren. Zur erfolgreichen Ausnutzung einiger dieser Schwachstellen ist eine Benutzerinteraktion erforderlich."
}
],
"product_status": {
"known_affected": [
"344177",
"T015519",
"T015518",
"67646",
"T015516",
"T012696",
"1076561",
"T015127",
"T015126",
"T004914",
"407131",
"T016243",
"T017166",
"T002207",
"1321",
"560061",
"T026399"
]
},
"release_date": "2020-12-15T23:00:00.000+00:00",
"title": "CVE-2020-27023"
},
{
"cve": "CVE-2020-27024",
"notes": [
{
"category": "description",
"text": "In Google Android existieren mehrere Schwachstellen. Sie befinden sich in den Komponenten \"Framework\", \"Google Play\", \"Media Framework\", \"MediaTek\", \"Qualcomm closed-source components\", \"Qualcomm components\", \"Kernel\" und \"System\". Ein Angreifer kann dieses nutzen und seine Privilegien erweitern, Code zur Ausf\u00fchrung bringen, vertrauliche Daten einsehen, sowie einen Denial of Service Zustand herbeif\u00fchren. Zur erfolgreichen Ausnutzung einiger dieser Schwachstellen ist eine Benutzerinteraktion erforderlich."
}
],
"product_status": {
"known_affected": [
"344177",
"T015519",
"T015518",
"67646",
"T015516",
"T012696",
"1076561",
"T015127",
"T015126",
"T004914",
"407131",
"T016243",
"T017166",
"T002207",
"1321",
"560061",
"T026399"
]
},
"release_date": "2020-12-15T23:00:00.000+00:00",
"title": "CVE-2020-27024"
},
{
"cve": "CVE-2020-27025",
"notes": [
{
"category": "description",
"text": "In Google Android existieren mehrere Schwachstellen. Sie befinden sich in den Komponenten \"Framework\", \"Google Play\", \"Media Framework\", \"MediaTek\", \"Qualcomm closed-source components\", \"Qualcomm components\", \"Kernel\" und \"System\". Ein Angreifer kann dieses nutzen und seine Privilegien erweitern, Code zur Ausf\u00fchrung bringen, vertrauliche Daten einsehen, sowie einen Denial of Service Zustand herbeif\u00fchren. Zur erfolgreichen Ausnutzung einiger dieser Schwachstellen ist eine Benutzerinteraktion erforderlich."
}
],
"product_status": {
"known_affected": [
"344177",
"T015519",
"T015518",
"67646",
"T015516",
"T012696",
"1076561",
"T015127",
"T015126",
"T004914",
"407131",
"T016243",
"T017166",
"T002207",
"1321",
"560061",
"T026399"
]
},
"release_date": "2020-12-15T23:00:00.000+00:00",
"title": "CVE-2020-27025"
},
{
"cve": "CVE-2020-27026",
"notes": [
{
"category": "description",
"text": "In Google Android existieren mehrere Schwachstellen. Sie befinden sich in den Komponenten \"Framework\", \"Google Play\", \"Media Framework\", \"MediaTek\", \"Qualcomm closed-source components\", \"Qualcomm components\", \"Kernel\" und \"System\". Ein Angreifer kann dieses nutzen und seine Privilegien erweitern, Code zur Ausf\u00fchrung bringen, vertrauliche Daten einsehen, sowie einen Denial of Service Zustand herbeif\u00fchren. Zur erfolgreichen Ausnutzung einiger dieser Schwachstellen ist eine Benutzerinteraktion erforderlich."
}
],
"product_status": {
"known_affected": [
"344177",
"T015519",
"T015518",
"67646",
"T015516",
"T012696",
"1076561",
"T015127",
"T015126",
"T004914",
"407131",
"T016243",
"T017166",
"T002207",
"1321",
"560061",
"T026399"
]
},
"release_date": "2020-12-15T23:00:00.000+00:00",
"title": "CVE-2020-27026"
},
{
"cve": "CVE-2020-27027",
"notes": [
{
"category": "description",
"text": "In Google Android existieren mehrere Schwachstellen. Sie befinden sich in den Komponenten \"Framework\", \"Google Play\", \"Media Framework\", \"MediaTek\", \"Qualcomm closed-source components\", \"Qualcomm components\", \"Kernel\" und \"System\". Ein Angreifer kann dieses nutzen und seine Privilegien erweitern, Code zur Ausf\u00fchrung bringen, vertrauliche Daten einsehen, sowie einen Denial of Service Zustand herbeif\u00fchren. Zur erfolgreichen Ausnutzung einiger dieser Schwachstellen ist eine Benutzerinteraktion erforderlich."
}
],
"product_status": {
"known_affected": [
"344177",
"T015519",
"T015518",
"67646",
"T015516",
"T012696",
"1076561",
"T015127",
"T015126",
"T004914",
"407131",
"T016243",
"T017166",
"T002207",
"1321",
"560061",
"T026399"
]
},
"release_date": "2020-12-15T23:00:00.000+00:00",
"title": "CVE-2020-27027"
},
{
"cve": "CVE-2020-27028",
"notes": [
{
"category": "description",
"text": "In Google Android existieren mehrere Schwachstellen. Sie befinden sich in den Komponenten \"Framework\", \"Google Play\", \"Media Framework\", \"MediaTek\", \"Qualcomm closed-source components\", \"Qualcomm components\", \"Kernel\" und \"System\". Ein Angreifer kann dieses nutzen und seine Privilegien erweitern, Code zur Ausf\u00fchrung bringen, vertrauliche Daten einsehen, sowie einen Denial of Service Zustand herbeif\u00fchren. Zur erfolgreichen Ausnutzung einiger dieser Schwachstellen ist eine Benutzerinteraktion erforderlich."
}
],
"product_status": {
"known_affected": [
"344177",
"T015519",
"T015518",
"67646",
"T015516",
"T012696",
"1076561",
"T015127",
"T015126",
"T004914",
"407131",
"T016243",
"T017166",
"T002207",
"1321",
"560061",
"T026399"
]
},
"release_date": "2020-12-15T23:00:00.000+00:00",
"title": "CVE-2020-27028"
},
{
"cve": "CVE-2020-27029",
"notes": [
{
"category": "description",
"text": "In Google Android existieren mehrere Schwachstellen. Sie befinden sich in den Komponenten \"Framework\", \"Google Play\", \"Media Framework\", \"MediaTek\", \"Qualcomm closed-source components\", \"Qualcomm components\", \"Kernel\" und \"System\". Ein Angreifer kann dieses nutzen und seine Privilegien erweitern, Code zur Ausf\u00fchrung bringen, vertrauliche Daten einsehen, sowie einen Denial of Service Zustand herbeif\u00fchren. Zur erfolgreichen Ausnutzung einiger dieser Schwachstellen ist eine Benutzerinteraktion erforderlich."
}
],
"product_status": {
"known_affected": [
"344177",
"T015519",
"T015518",
"67646",
"T015516",
"T012696",
"1076561",
"T015127",
"T015126",
"T004914",
"407131",
"T016243",
"T017166",
"T002207",
"1321",
"560061",
"T026399"
]
},
"release_date": "2020-12-15T23:00:00.000+00:00",
"title": "CVE-2020-27029"
},
{
"cve": "CVE-2020-27030",
"notes": [
{
"category": "description",
"text": "In Google Android existieren mehrere Schwachstellen. Sie befinden sich in den Komponenten \"Framework\", \"Google Play\", \"Media Framework\", \"MediaTek\", \"Qualcomm closed-source components\", \"Qualcomm components\", \"Kernel\" und \"System\". Ein Angreifer kann dieses nutzen und seine Privilegien erweitern, Code zur Ausf\u00fchrung bringen, vertrauliche Daten einsehen, sowie einen Denial of Service Zustand herbeif\u00fchren. Zur erfolgreichen Ausnutzung einiger dieser Schwachstellen ist eine Benutzerinteraktion erforderlich."
}
],
"product_status": {
"known_affected": [
"344177",
"T015519",
"T015518",
"67646",
"T015516",
"T012696",
"1076561",
"T015127",
"T015126",
"T004914",
"407131",
"T016243",
"T017166",
"T002207",
"1321",
"560061",
"T026399"
]
},
"release_date": "2020-12-15T23:00:00.000+00:00",
"title": "CVE-2020-27030"
},
{
"cve": "CVE-2020-27031",
"notes": [
{
"category": "description",
"text": "In Google Android existieren mehrere Schwachstellen. Sie befinden sich in den Komponenten \"Framework\", \"Google Play\", \"Media Framework\", \"MediaTek\", \"Qualcomm closed-source components\", \"Qualcomm components\", \"Kernel\" und \"System\". Ein Angreifer kann dieses nutzen und seine Privilegien erweitern, Code zur Ausf\u00fchrung bringen, vertrauliche Daten einsehen, sowie einen Denial of Service Zustand herbeif\u00fchren. Zur erfolgreichen Ausnutzung einiger dieser Schwachstellen ist eine Benutzerinteraktion erforderlich."
}
],
"product_status": {
"known_affected": [
"344177",
"T015519",
"T015518",
"67646",
"T015516",
"T012696",
"1076561",
"T015127",
"T015126",
"T004914",
"407131",
"T016243",
"T017166",
"T002207",
"1321",
"560061",
"T026399"
]
},
"release_date": "2020-12-15T23:00:00.000+00:00",
"title": "CVE-2020-27031"
},
{
"cve": "CVE-2020-27032",
"notes": [
{
"category": "description",
"text": "In Google Android existieren mehrere Schwachstellen. Sie befinden sich in den Komponenten \"Framework\", \"Google Play\", \"Media Framework\", \"MediaTek\", \"Qualcomm closed-source components\", \"Qualcomm components\", \"Kernel\" und \"System\". Ein Angreifer kann dieses nutzen und seine Privilegien erweitern, Code zur Ausf\u00fchrung bringen, vertrauliche Daten einsehen, sowie einen Denial of Service Zustand herbeif\u00fchren. Zur erfolgreichen Ausnutzung einiger dieser Schwachstellen ist eine Benutzerinteraktion erforderlich."
}
],
"product_status": {
"known_affected": [
"344177",
"T015519",
"T015518",
"67646",
"T015516",
"T012696",
"1076561",
"T015127",
"T015126",
"T004914",
"407131",
"T016243",
"T017166",
"T002207",
"1321",
"560061",
"T026399"
]
},
"release_date": "2020-12-15T23:00:00.000+00:00",
"title": "CVE-2020-27032"
},
{
"cve": "CVE-2020-27033",
"notes": [
{
"category": "description",
"text": "In Google Android existieren mehrere Schwachstellen. Sie befinden sich in den Komponenten \"Framework\", \"Google Play\", \"Media Framework\", \"MediaTek\", \"Qualcomm closed-source components\", \"Qualcomm components\", \"Kernel\" und \"System\". Ein Angreifer kann dieses nutzen und seine Privilegien erweitern, Code zur Ausf\u00fchrung bringen, vertrauliche Daten einsehen, sowie einen Denial of Service Zustand herbeif\u00fchren. Zur erfolgreichen Ausnutzung einiger dieser Schwachstellen ist eine Benutzerinteraktion erforderlich."
}
],
"product_status": {
"known_affected": [
"344177",
"T015519",
"T015518",
"67646",
"T015516",
"T012696",
"1076561",
"T015127",
"T015126",
"T004914",
"407131",
"T016243",
"T017166",
"T002207",
"1321",
"560061",
"T026399"
]
},
"release_date": "2020-12-15T23:00:00.000+00:00",
"title": "CVE-2020-27033"
},
{
"cve": "CVE-2020-27034",
"notes": [
{
"category": "description",
"text": "In Google Android existieren mehrere Schwachstellen. Sie befinden sich in den Komponenten \"Framework\", \"Google Play\", \"Media Framework\", \"MediaTek\", \"Qualcomm closed-source components\", \"Qualcomm components\", \"Kernel\" und \"System\". Ein Angreifer kann dieses nutzen und seine Privilegien erweitern, Code zur Ausf\u00fchrung bringen, vertrauliche Daten einsehen, sowie einen Denial of Service Zustand herbeif\u00fchren. Zur erfolgreichen Ausnutzung einiger dieser Schwachstellen ist eine Benutzerinteraktion erforderlich."
}
],
"product_status": {
"known_affected": [
"344177",
"T015519",
"T015518",
"67646",
"T015516",
"T012696",
"1076561",
"T015127",
"T015126",
"T004914",
"407131",
"T016243",
"T017166",
"T002207",
"1321",
"560061",
"T026399"
]
},
"release_date": "2020-12-15T23:00:00.000+00:00",
"title": "CVE-2020-27034"
},
{
"cve": "CVE-2020-27035",
"notes": [
{
"category": "description",
"text": "In Google Android existieren mehrere Schwachstellen. Sie befinden sich in den Komponenten \"Framework\", \"Google Play\", \"Media Framework\", \"MediaTek\", \"Qualcomm closed-source components\", \"Qualcomm components\", \"Kernel\" und \"System\". Ein Angreifer kann dieses nutzen und seine Privilegien erweitern, Code zur Ausf\u00fchrung bringen, vertrauliche Daten einsehen, sowie einen Denial of Service Zustand herbeif\u00fchren. Zur erfolgreichen Ausnutzung einiger dieser Schwachstellen ist eine Benutzerinteraktion erforderlich."
}
],
"product_status": {
"known_affected": [
"344177",
"T015519",
"T015518",
"67646",
"T015516",
"T012696",
"1076561",
"T015127",
"T015126",
"T004914",
"407131",
"T016243",
"T017166",
"T002207",
"1321",
"560061",
"T026399"
]
},
"release_date": "2020-12-15T23:00:00.000+00:00",
"title": "CVE-2020-27035"
},
{
"cve": "CVE-2020-27036",
"notes": [
{
"category": "description",
"text": "In Google Android existieren mehrere Schwachstellen. Sie befinden sich in den Komponenten \"Framework\", \"Google Play\", \"Media Framework\", \"MediaTek\", \"Qualcomm closed-source components\", \"Qualcomm components\", \"Kernel\" und \"System\". Ein Angreifer kann dieses nutzen und seine Privilegien erweitern, Code zur Ausf\u00fchrung bringen, vertrauliche Daten einsehen, sowie einen Denial of Service Zustand herbeif\u00fchren. Zur erfolgreichen Ausnutzung einiger dieser Schwachstellen ist eine Benutzerinteraktion erforderlich."
}
],
"product_status": {
"known_affected": [
"344177",
"T015519",
"T015518",
"67646",
"T015516",
"T012696",
"1076561",
"T015127",
"T015126",
"T004914",
"407131",
"T016243",
"T017166",
"T002207",
"1321",
"560061",
"T026399"
]
},
"release_date": "2020-12-15T23:00:00.000+00:00",
"title": "CVE-2020-27036"
},
{
"cve": "CVE-2020-27037",
"notes": [
{
"category": "description",
"text": "In Google Android existieren mehrere Schwachstellen. Sie befinden sich in den Komponenten \"Framework\", \"Google Play\", \"Media Framework\", \"MediaTek\", \"Qualcomm closed-source components\", \"Qualcomm components\", \"Kernel\" und \"System\". Ein Angreifer kann dieses nutzen und seine Privilegien erweitern, Code zur Ausf\u00fchrung bringen, vertrauliche Daten einsehen, sowie einen Denial of Service Zustand herbeif\u00fchren. Zur erfolgreichen Ausnutzung einiger dieser Schwachstellen ist eine Benutzerinteraktion erforderlich."
}
],
"product_status": {
"known_affected": [
"344177",
"T015519",
"T015518",
"67646",
"T015516",
"T012696",
"1076561",
"T015127",
"T015126",
"T004914",
"407131",
"T016243",
"T017166",
"T002207",
"1321",
"560061",
"T026399"
]
},
"release_date": "2020-12-15T23:00:00.000+00:00",
"title": "CVE-2020-27037"
},
{
"cve": "CVE-2020-27038",
"notes": [
{
"category": "description",
"text": "In Google Android existieren mehrere Schwachstellen. Sie befinden sich in den Komponenten \"Framework\", \"Google Play\", \"Media Framework\", \"MediaTek\", \"Qualcomm closed-source components\", \"Qualcomm components\", \"Kernel\" und \"System\". Ein Angreifer kann dieses nutzen und seine Privilegien erweitern, Code zur Ausf\u00fchrung bringen, vertrauliche Daten einsehen, sowie einen Denial of Service Zustand herbeif\u00fchren. Zur erfolgreichen Ausnutzung einiger dieser Schwachstellen ist eine Benutzerinteraktion erforderlich."
}
],
"product_status": {
"known_affected": [
"344177",
"T015519",
"T015518",
"67646",
"T015516",
"T012696",
"1076561",
"T015127",
"T015126",
"T004914",
"407131",
"T016243",
"T017166",
"T002207",
"1321",
"560061",
"T026399"
]
},
"release_date": "2020-12-15T23:00:00.000+00:00",
"title": "CVE-2020-27038"
},
{
"cve": "CVE-2020-27039",
"notes": [
{
"category": "description",
"text": "In Google Android existieren mehrere Schwachstellen. Sie befinden sich in den Komponenten \"Framework\", \"Google Play\", \"Media Framework\", \"MediaTek\", \"Qualcomm closed-source components\", \"Qualcomm components\", \"Kernel\" und \"System\". Ein Angreifer kann dieses nutzen und seine Privilegien erweitern, Code zur Ausf\u00fchrung bringen, vertrauliche Daten einsehen, sowie einen Denial of Service Zustand herbeif\u00fchren. Zur erfolgreichen Ausnutzung einiger dieser Schwachstellen ist eine Benutzerinteraktion erforderlich."
}
],
"product_status": {
"known_affected": [
"344177",
"T015519",
"T015518",
"67646",
"T015516",
"T012696",
"1076561",
"T015127",
"T015126",
"T004914",
"407131",
"T016243",
"T017166",
"T002207",
"1321",
"560061",
"T026399"
]
},
"release_date": "2020-12-15T23:00:00.000+00:00",
"title": "CVE-2020-27039"
},
{
"cve": "CVE-2020-27040",
"notes": [
{
"category": "description",
"text": "In Google Android existieren mehrere Schwachstellen. Sie befinden sich in den Komponenten \"Framework\", \"Google Play\", \"Media Framework\", \"MediaTek\", \"Qualcomm closed-source components\", \"Qualcomm components\", \"Kernel\" und \"System\". Ein Angreifer kann dieses nutzen und seine Privilegien erweitern, Code zur Ausf\u00fchrung bringen, vertrauliche Daten einsehen, sowie einen Denial of Service Zustand herbeif\u00fchren. Zur erfolgreichen Ausnutzung einiger dieser Schwachstellen ist eine Benutzerinteraktion erforderlich."
}
],
"product_status": {
"known_affected": [
"344177",
"T015519",
"T015518",
"67646",
"T015516",
"T012696",
"1076561",
"T015127",
"T015126",
"T004914",
"407131",
"T016243",
"T017166",
"T002207",
"1321",
"560061",
"T026399"
]
},
"release_date": "2020-12-15T23:00:00.000+00:00",
"title": "CVE-2020-27040"
},
{
"cve": "CVE-2020-27041",
"notes": [
{
"category": "description",
"text": "In Google Android existieren mehrere Schwachstellen. Sie befinden sich in den Komponenten \"Framework\", \"Google Play\", \"Media Framework\", \"MediaTek\", \"Qualcomm closed-source components\", \"Qualcomm components\", \"Kernel\" und \"System\". Ein Angreifer kann dieses nutzen und seine Privilegien erweitern, Code zur Ausf\u00fchrung bringen, vertrauliche Daten einsehen, sowie einen Denial of Service Zustand herbeif\u00fchren. Zur erfolgreichen Ausnutzung einiger dieser Schwachstellen ist eine Benutzerinteraktion erforderlich."
}
],
"product_status": {
"known_affected": [
"344177",
"T015519",
"T015518",
"67646",
"T015516",
"T012696",
"1076561",
"T015127",
"T015126",
"T004914",
"407131",
"T016243",
"T017166",
"T002207",
"1321",
"560061",
"T026399"
]
},
"release_date": "2020-12-15T23:00:00.000+00:00",
"title": "CVE-2020-27041"
},
{
"cve": "CVE-2020-27043",
"notes": [
{
"category": "description",
"text": "In Google Android existieren mehrere Schwachstellen. Sie befinden sich in den Komponenten \"Framework\", \"Google Play\", \"Media Framework\", \"MediaTek\", \"Qualcomm closed-source components\", \"Qualcomm components\", \"Kernel\" und \"System\". Ein Angreifer kann dieses nutzen und seine Privilegien erweitern, Code zur Ausf\u00fchrung bringen, vertrauliche Daten einsehen, sowie einen Denial of Service Zustand herbeif\u00fchren. Zur erfolgreichen Ausnutzung einiger dieser Schwachstellen ist eine Benutzerinteraktion erforderlich."
}
],
"product_status": {
"known_affected": [
"344177",
"T015519",
"T015518",
"67646",
"T015516",
"T012696",
"1076561",
"T015127",
"T015126",
"T004914",
"407131",
"T016243",
"T017166",
"T002207",
"1321",
"560061",
"T026399"
]
},
"release_date": "2020-12-15T23:00:00.000+00:00",
"title": "CVE-2020-27043"
},
{
"cve": "CVE-2020-27044",
"notes": [
{
"category": "description",
"text": "In Google Android existieren mehrere Schwachstellen. Sie befinden sich in den Komponenten \"Framework\", \"Google Play\", \"Media Framework\", \"MediaTek\", \"Qualcomm closed-source components\", \"Qualcomm components\", \"Kernel\" und \"System\". Ein Angreifer kann dieses nutzen und seine Privilegien erweitern, Code zur Ausf\u00fchrung bringen, vertrauliche Daten einsehen, sowie einen Denial of Service Zustand herbeif\u00fchren. Zur erfolgreichen Ausnutzung einiger dieser Schwachstellen ist eine Benutzerinteraktion erforderlich."
}
],
"product_status": {
"known_affected": [
"344177",
"T015519",
"T015518",
"67646",
"T015516",
"T012696",
"1076561",
"T015127",
"T015126",
"T004914",
"407131",
"T016243",
"T017166",
"T002207",
"1321",
"560061",
"T026399"
]
},
"release_date": "2020-12-15T23:00:00.000+00:00",
"title": "CVE-2020-27044"
},
{
"cve": "CVE-2020-27045",
"notes": [
{
"category": "description",
"text": "In Google Android existieren mehrere Schwachstellen. Sie befinden sich in den Komponenten \"Framework\", \"Google Play\", \"Media Framework\", \"MediaTek\", \"Qualcomm closed-source components\", \"Qualcomm components\", \"Kernel\" und \"System\". Ein Angreifer kann dieses nutzen und seine Privilegien erweitern, Code zur Ausf\u00fchrung bringen, vertrauliche Daten einsehen, sowie einen Denial of Service Zustand herbeif\u00fchren. Zur erfolgreichen Ausnutzung einiger dieser Schwachstellen ist eine Benutzerinteraktion erforderlich."
}
],
"product_status": {
"known_affected": [
"344177",
"T015519",
"T015518",
"67646",
"T015516",
"T012696",
"1076561",
"T015127",
"T015126",
"T004914",
"407131",
"T016243",
"T017166",
"T002207",
"1321",
"560061",
"T026399"
]
},
"release_date": "2020-12-15T23:00:00.000+00:00",
"title": "CVE-2020-27045"
},
{
"cve": "CVE-2020-27046",
"notes": [
{
"category": "description",
"text": "In Google Android existieren mehrere Schwachstellen. Sie befinden sich in den Komponenten \"Framework\", \"Google Play\", \"Media Framework\", \"MediaTek\", \"Qualcomm closed-source components\", \"Qualcomm components\", \"Kernel\" und \"System\". Ein Angreifer kann dieses nutzen und seine Privilegien erweitern, Code zur Ausf\u00fchrung bringen, vertrauliche Daten einsehen, sowie einen Denial of Service Zustand herbeif\u00fchren. Zur erfolgreichen Ausnutzung einiger dieser Schwachstellen ist eine Benutzerinteraktion erforderlich."
}
],
"product_status": {
"known_affected": [
"344177",
"T015519",
"T015518",
"67646",
"T015516",
"T012696",
"1076561",
"T015127",
"T015126",
"T004914",
"407131",
"T016243",
"T017166",
"T002207",
"1321",
"560061",
"T026399"
]
},
"release_date": "2020-12-15T23:00:00.000+00:00",
"title": "CVE-2020-27046"
},
{
"cve": "CVE-2020-27047",
"notes": [
{
"category": "description",
"text": "In Google Android existieren mehrere Schwachstellen. Sie befinden sich in den Komponenten \"Framework\", \"Google Play\", \"Media Framework\", \"MediaTek\", \"Qualcomm closed-source components\", \"Qualcomm components\", \"Kernel\" und \"System\". Ein Angreifer kann dieses nutzen und seine Privilegien erweitern, Code zur Ausf\u00fchrung bringen, vertrauliche Daten einsehen, sowie einen Denial of Service Zustand herbeif\u00fchren. Zur erfolgreichen Ausnutzung einiger dieser Schwachstellen ist eine Benutzerinteraktion erforderlich."
}
],
"product_status": {
"known_affected": [
"344177",
"T015519",
"T015518",
"67646",
"T015516",
"T012696",
"1076561",
"T015127",
"T015126",
"T004914",
"407131",
"T016243",
"T017166",
"T002207",
"1321",
"560061",
"T026399"
]
},
"release_date": "2020-12-15T23:00:00.000+00:00",
"title": "CVE-2020-27047"
},
{
"cve": "CVE-2020-27048",
"notes": [
{
"category": "description",
"text": "In Google Android existieren mehrere Schwachstellen. Sie befinden sich in den Komponenten \"Framework\", \"Google Play\", \"Media Framework\", \"MediaTek\", \"Qualcomm closed-source components\", \"Qualcomm components\", \"Kernel\" und \"System\". Ein Angreifer kann dieses nutzen und seine Privilegien erweitern, Code zur Ausf\u00fchrung bringen, vertrauliche Daten einsehen, sowie einen Denial of Service Zustand herbeif\u00fchren. Zur erfolgreichen Ausnutzung einiger dieser Schwachstellen ist eine Benutzerinteraktion erforderlich."
}
],
"product_status": {
"known_affected": [
"344177",
"T015519",
"T015518",
"67646",
"T015516",
"T012696",
"1076561",
"T015127",
"T015126",
"T004914",
"407131",
"T016243",
"T017166",
"T002207",
"1321",
"560061",
"T026399"
]
},
"release_date": "2020-12-15T23:00:00.000+00:00",
"title": "CVE-2020-27048"
},
{
"cve": "CVE-2020-27049",
"notes": [
{
"category": "description",
"text": "In Google Android existieren mehrere Schwachstellen. Sie befinden sich in den Komponenten \"Framework\", \"Google Play\", \"Media Framework\", \"MediaTek\", \"Qualcomm closed-source components\", \"Qualcomm components\", \"Kernel\" und \"System\". Ein Angreifer kann dieses nutzen und seine Privilegien erweitern, Code zur Ausf\u00fchrung bringen, vertrauliche Daten einsehen, sowie einen Denial of Service Zustand herbeif\u00fchren. Zur erfolgreichen Ausnutzung einiger dieser Schwachstellen ist eine Benutzerinteraktion erforderlich."
}
],
"product_status": {
"known_affected": [
"344177",
"T015519",
"T015518",
"67646",
"T015516",
"T012696",
"1076561",
"T015127",
"T015126",
"T004914",
"407131",
"T016243",
"T017166",
"T002207",
"1321",
"560061",
"T026399"
]
},
"release_date": "2020-12-15T23:00:00.000+00:00",
"title": "CVE-2020-27049"
},
{
"cve": "CVE-2020-27050",
"notes": [
{
"category": "description",
"text": "In Google Android existieren mehrere Schwachstellen. Sie befinden sich in den Komponenten \"Framework\", \"Google Play\", \"Media Framework\", \"MediaTek\", \"Qualcomm closed-source components\", \"Qualcomm components\", \"Kernel\" und \"System\". Ein Angreifer kann dieses nutzen und seine Privilegien erweitern, Code zur Ausf\u00fchrung bringen, vertrauliche Daten einsehen, sowie einen Denial of Service Zustand herbeif\u00fchren. Zur erfolgreichen Ausnutzung einiger dieser Schwachstellen ist eine Benutzerinteraktion erforderlich."
}
],
"product_status": {
"known_affected": [
"344177",
"T015519",
"T015518",
"67646",
"T015516",
"T012696",
"1076561",
"T015127",
"T015126",
"T004914",
"407131",
"T016243",
"T017166",
"T002207",
"1321",
"560061",
"T026399"
]
},
"release_date": "2020-12-15T23:00:00.000+00:00",
"title": "CVE-2020-27050"
},
{
"cve": "CVE-2020-27051",
"notes": [
{
"category": "description",
"text": "In Google Android existieren mehrere Schwachstellen. Sie befinden sich in den Komponenten \"Framework\", \"Google Play\", \"Media Framework\", \"MediaTek\", \"Qualcomm closed-source components\", \"Qualcomm components\", \"Kernel\" und \"System\". Ein Angreifer kann dieses nutzen und seine Privilegien erweitern, Code zur Ausf\u00fchrung bringen, vertrauliche Daten einsehen, sowie einen Denial of Service Zustand herbeif\u00fchren. Zur erfolgreichen Ausnutzung einiger dieser Schwachstellen ist eine Benutzerinteraktion erforderlich."
}
],
"product_status": {
"known_affected": [
"344177",
"T015519",
"T015518",
"67646",
"T015516",
"T012696",
"1076561",
"T015127",
"T015126",
"T004914",
"407131",
"T016243",
"T017166",
"T002207",
"1321",
"560061",
"T026399"
]
},
"release_date": "2020-12-15T23:00:00.000+00:00",
"title": "CVE-2020-27051"
},
{
"cve": "CVE-2020-27052",
"notes": [
{
"category": "description",
"text": "In Google Android existieren mehrere Schwachstellen. Sie befinden sich in den Komponenten \"Framework\", \"Google Play\", \"Media Framework\", \"MediaTek\", \"Qualcomm closed-source components\", \"Qualcomm components\", \"Kernel\" und \"System\". Ein Angreifer kann dieses nutzen und seine Privilegien erweitern, Code zur Ausf\u00fchrung bringen, vertrauliche Daten einsehen, sowie einen Denial of Service Zustand herbeif\u00fchren. Zur erfolgreichen Ausnutzung einiger dieser Schwachstellen ist eine Benutzerinteraktion erforderlich."
}
],
"product_status": {
"known_affected": [
"344177",
"T015519",
"T015518",
"67646",
"T015516",
"T012696",
"1076561",
"T015127",
"T015126",
"T004914",
"407131",
"T016243",
"T017166",
"T002207",
"1321",
"560061",
"T026399"
]
},
"release_date": "2020-12-15T23:00:00.000+00:00",
"title": "CVE-2020-27052"
},
{
"cve": "CVE-2020-27053",
"notes": [
{
"category": "description",
"text": "In Google Android existieren mehrere Schwachstellen. Sie befinden sich in den Komponenten \"Framework\", \"Google Play\", \"Media Framework\", \"MediaTek\", \"Qualcomm closed-source components\", \"Qualcomm components\", \"Kernel\" und \"System\". Ein Angreifer kann dieses nutzen und seine Privilegien erweitern, Code zur Ausf\u00fchrung bringen, vertrauliche Daten einsehen, sowie einen Denial of Service Zustand herbeif\u00fchren. Zur erfolgreichen Ausnutzung einiger dieser Schwachstellen ist eine Benutzerinteraktion erforderlich."
}
],
"product_status": {
"known_affected": [
"344177",
"T015519",
"T015518",
"67646",
"T015516",
"T012696",
"1076561",
"T015127",
"T015126",
"T004914",
"407131",
"T016243",
"T017166",
"T002207",
"1321",
"560061",
"T026399"
]
},
"release_date": "2020-12-15T23:00:00.000+00:00",
"title": "CVE-2020-27053"
},
{
"cve": "CVE-2020-27054",
"notes": [
{
"category": "description",
"text": "In Google Android existieren mehrere Schwachstellen. Sie befinden sich in den Komponenten \"Framework\", \"Google Play\", \"Media Framework\", \"MediaTek\", \"Qualcomm closed-source components\", \"Qualcomm components\", \"Kernel\" und \"System\". Ein Angreifer kann dieses nutzen und seine Privilegien erweitern, Code zur Ausf\u00fchrung bringen, vertrauliche Daten einsehen, sowie einen Denial of Service Zustand herbeif\u00fchren. Zur erfolgreichen Ausnutzung einiger dieser Schwachstellen ist eine Benutzerinteraktion erforderlich."
}
],
"product_status": {
"known_affected": [
"344177",
"T015519",
"T015518",
"67646",
"T015516",
"T012696",
"1076561",
"T015127",
"T015126",
"T004914",
"407131",
"T016243",
"T017166",
"T002207",
"1321",
"560061",
"T026399"
]
},
"release_date": "2020-12-15T23:00:00.000+00:00",
"title": "CVE-2020-27054"
},
{
"cve": "CVE-2020-27055",
"notes": [
{
"category": "description",
"text": "In Google Android existieren mehrere Schwachstellen. Sie befinden sich in den Komponenten \"Framework\", \"Google Play\", \"Media Framework\", \"MediaTek\", \"Qualcomm closed-source components\", \"Qualcomm components\", \"Kernel\" und \"System\". Ein Angreifer kann dieses nutzen und seine Privilegien erweitern, Code zur Ausf\u00fchrung bringen, vertrauliche Daten einsehen, sowie einen Denial of Service Zustand herbeif\u00fchren. Zur erfolgreichen Ausnutzung einiger dieser Schwachstellen ist eine Benutzerinteraktion erforderlich."
}
],
"product_status": {
"known_affected": [
"344177",
"T015519",
"T015518",
"67646",
"T015516",
"T012696",
"1076561",
"T015127",
"T015126",
"T004914",
"407131",
"T016243",
"T017166",
"T002207",
"1321",
"560061",
"T026399"
]
},
"release_date": "2020-12-15T23:00:00.000+00:00",
"title": "CVE-2020-27055"
},
{
"cve": "CVE-2020-27056",
"notes": [
{
"category": "description",
"text": "In Google Android existieren mehrere Schwachstellen. Sie befinden sich in den Komponenten \"Framework\", \"Google Play\", \"Media Framework\", \"MediaTek\", \"Qualcomm closed-source components\", \"Qualcomm components\", \"Kernel\" und \"System\". Ein Angreifer kann dieses nutzen und seine Privilegien erweitern, Code zur Ausf\u00fchrung bringen, vertrauliche Daten einsehen, sowie einen Denial of Service Zustand herbeif\u00fchren. Zur erfolgreichen Ausnutzung einiger dieser Schwachstellen ist eine Benutzerinteraktion erforderlich."
}
],
"product_status": {
"known_affected": [
"344177",
"T015519",
"T015518",
"67646",
"T015516",
"T012696",
"1076561",
"T015127",
"T015126",
"T004914",
"407131",
"T016243",
"T017166",
"T002207",
"1321",
"560061",
"T026399"
]
},
"release_date": "2020-12-15T23:00:00.000+00:00",
"title": "CVE-2020-27056"
},
{
"cve": "CVE-2020-27057",
"notes": [
{
"category": "description",
"text": "In Google Android existieren mehrere Schwachstellen. Sie befinden sich in den Komponenten \"Framework\", \"Google Play\", \"Media Framework\", \"MediaTek\", \"Qualcomm closed-source components\", \"Qualcomm components\", \"Kernel\" und \"System\". Ein Angreifer kann dieses nutzen und seine Privilegien erweitern, Code zur Ausf\u00fchrung bringen, vertrauliche Daten einsehen, sowie einen Denial of Service Zustand herbeif\u00fchren. Zur erfolgreichen Ausnutzung einiger dieser Schwachstellen ist eine Benutzerinteraktion erforderlich."
}
],
"product_status": {
"known_affected": [
"344177",
"T015519",
"T015518",
"67646",
"T015516",
"T012696",
"1076561",
"T015127",
"T015126",
"T004914",
"407131",
"T016243",
"T017166",
"T002207",
"1321",
"560061",
"T026399"
]
},
"release_date": "2020-12-15T23:00:00.000+00:00",
"title": "CVE-2020-27057"
},
{
"cve": "CVE-2020-27066",
"notes": [
{
"category": "description",
"text": "In Google Android existieren mehrere Schwachstellen. Sie befinden sich in den Komponenten \"Framework\", \"Google Play\", \"Media Framework\", \"MediaTek\", \"Qualcomm closed-source components\", \"Qualcomm components\", \"Kernel\" und \"System\". Ein Angreifer kann dieses nutzen und seine Privilegien erweitern, Code zur Ausf\u00fchrung bringen, vertrauliche Daten einsehen, sowie einen Denial of Service Zustand herbeif\u00fchren. Zur erfolgreichen Ausnutzung einiger dieser Schwachstellen ist eine Benutzerinteraktion erforderlich."
}
],
"product_status": {
"known_affected": [
"344177",
"T015519",
"T015518",
"67646",
"T015516",
"T012696",
"1076561",
"T015127",
"T015126",
"T004914",
"407131",
"T016243",
"T017166",
"T002207",
"1321",
"560061",
"T026399"
]
},
"release_date": "2020-12-15T23:00:00.000+00:00",
"title": "CVE-2020-27066"
},
{
"cve": "CVE-2020-27067",
"notes": [
{
"category": "description",
"text": "In Google Android existieren mehrere Schwachstellen. Sie befinden sich in den Komponenten \"Framework\", \"Google Play\", \"Media Framework\", \"MediaTek\", \"Qualcomm closed-source components\", \"Qualcomm components\", \"Kernel\" und \"System\". Ein Angreifer kann dieses nutzen und seine Privilegien erweitern, Code zur Ausf\u00fchrung bringen, vertrauliche Daten einsehen, sowie einen Denial of Service Zustand herbeif\u00fchren. Zur erfolgreichen Ausnutzung einiger dieser Schwachstellen ist eine Benutzerinteraktion erforderlich."
}
],
"product_status": {
"known_affected": [
"344177",
"T015519",
"T015518",
"67646",
"T015516",
"T012696",
"1076561",
"T015127",
"T015126",
"T004914",
"407131",
"T016243",
"T017166",
"T002207",
"1321",
"560061",
"T026399"
]
},
"release_date": "2020-12-15T23:00:00.000+00:00",
"title": "CVE-2020-27067"
},
{
"cve": "CVE-2020-27068",
"notes": [
{
"category": "description",
"text": "In Google Android existieren mehrere Schwachstellen. Sie befinden sich in den Komponenten \"Framework\", \"Google Play\", \"Media Framework\", \"MediaTek\", \"Qualcomm closed-source components\", \"Qualcomm components\", \"Kernel\" und \"System\". Ein Angreifer kann dieses nutzen und seine Privilegien erweitern, Code zur Ausf\u00fchrung bringen, vertrauliche Daten einsehen, sowie einen Denial of Service Zustand herbeif\u00fchren. Zur erfolgreichen Ausnutzung einiger dieser Schwachstellen ist eine Benutzerinteraktion erforderlich."
}
],
"product_status": {
"known_affected": [
"344177",
"T015519",
"T015518",
"67646",
"T015516",
"T012696",
"1076561",
"T015127",
"T015126",
"T004914",
"407131",
"T016243",
"T017166",
"T002207",
"1321",
"560061",
"T026399"
]
},
"release_date": "2020-12-15T23:00:00.000+00:00",
"title": "CVE-2020-27068"
},
{
"cve": "CVE-2020-3685",
"notes": [
{
"category": "description",
"text": "In Google Android existieren mehrere Schwachstellen. Sie befinden sich in den Komponenten \"Framework\", \"Google Play\", \"Media Framework\", \"MediaTek\", \"Qualcomm closed-source components\", \"Qualcomm components\", \"Kernel\" und \"System\". Ein Angreifer kann dieses nutzen und seine Privilegien erweitern, Code zur Ausf\u00fchrung bringen, vertrauliche Daten einsehen, sowie einen Denial of Service Zustand herbeif\u00fchren. Zur erfolgreichen Ausnutzung einiger dieser Schwachstellen ist eine Benutzerinteraktion erforderlich."
}
],
"product_status": {
"known_affected": [
"344177",
"T015519",
"T015518",
"67646",
"T015516",
"T012696",
"1076561",
"T015127",
"T015126",
"T004914",
"407131",
"T016243",
"T017166",
"T002207",
"1321",
"560061",
"T026399"
]
},
"release_date": "2020-12-15T23:00:00.000+00:00",
"title": "CVE-2020-3685"
},
{
"cve": "CVE-2020-3686",
"notes": [
{
"category": "description",
"text": "In Google Android existieren mehrere Schwachstellen. Sie befinden sich in den Komponenten \"Framework\", \"Google Play\", \"Media Framework\", \"MediaTek\", \"Qualcomm closed-source components\", \"Qualcomm components\", \"Kernel\" und \"System\". Ein Angreifer kann dieses nutzen und seine Privilegien erweitern, Code zur Ausf\u00fchrung bringen, vertrauliche Daten einsehen, sowie einen Denial of Service Zustand herbeif\u00fchren. Zur erfolgreichen Ausnutzung einiger dieser Schwachstellen ist eine Benutzerinteraktion erforderlich."
}
],
"product_status": {
"known_affected": [
"344177",
"T015519",
"T015518",
"67646",
"T015516",
"T012696",
"1076561",
"T015127",
"T015126",
"T004914",
"407131",
"T016243",
"T017166",
"T002207",
"1321",
"560061",
"T026399"
]
},
"release_date": "2020-12-15T23:00:00.000+00:00",
"title": "CVE-2020-3686"
},
{
"cve": "CVE-2020-3691",
"notes": [
{
"category": "description",
"text": "In Google Android existieren mehrere Schwachstellen. Sie befinden sich in den Komponenten \"Framework\", \"Google Play\", \"Media Framework\", \"MediaTek\", \"Qualcomm closed-source components\", \"Qualcomm components\", \"Kernel\" und \"System\". Ein Angreifer kann dieses nutzen und seine Privilegien erweitern, Code zur Ausf\u00fchrung bringen, vertrauliche Daten einsehen, sowie einen Denial of Service Zustand herbeif\u00fchren. Zur erfolgreichen Ausnutzung einiger dieser Schwachstellen ist eine Benutzerinteraktion erforderlich."
}
],
"product_status": {
"known_affected": [
"344177",
"T015519",
"T015518",
"67646",
"T015516",
"T012696",
"1076561",
"T015127",
"T015126",
"T004914",
"407131",
"T016243",
"T017166",
"T002207",
"1321",
"560061",
"T026399"
]
},
"release_date": "2020-12-15T23:00:00.000+00:00",
"title": "CVE-2020-3691"
},
{
"cve": "CVE-2022-42543",
"notes": [
{
"category": "description",
"text": "In Google Android existieren mehrere Schwachstellen. Sie befinden sich in den Komponenten \"Framework\", \"Google Play\", \"Media Framework\", \"MediaTek\", \"Qualcomm closed-source components\", \"Qualcomm components\", \"Kernel\" und \"System\". Ein Angreifer kann dieses nutzen und seine Privilegien erweitern, Code zur Ausf\u00fchrung bringen, vertrauliche Daten einsehen, sowie einen Denial of Service Zustand herbeif\u00fchren. Zur erfolgreichen Ausnutzung einiger dieser Schwachstellen ist eine Benutzerinteraktion erforderlich."
}
],
"product_status": {
"known_affected": [
"344177",
"T015519",
"T015518",
"67646",
"T015516",
"T012696",
"1076561",
"T015127",
"T015126",
"T004914",
"407131",
"T016243",
"T017166",
"T002207",
"1321",
"560061",
"T026399"
]
},
"release_date": "2020-12-15T23:00:00.000+00:00",
"title": "CVE-2022-42543"
},
{
"cve": "CVE-2022-42544",
"notes": [
{
"category": "description",
"text": "In Google Android existieren mehrere Schwachstellen. Sie befinden sich in den Komponenten \"Framework\", \"Google Play\", \"Media Framework\", \"MediaTek\", \"Qualcomm closed-source components\", \"Qualcomm components\", \"Kernel\" und \"System\". Ein Angreifer kann dieses nutzen und seine Privilegien erweitern, Code zur Ausf\u00fchrung bringen, vertrauliche Daten einsehen, sowie einen Denial of Service Zustand herbeif\u00fchren. Zur erfolgreichen Ausnutzung einiger dieser Schwachstellen ist eine Benutzerinteraktion erforderlich."
}
],
"product_status": {
"known_affected": [
"344177",
"T015519",
"T015518",
"67646",
"T015516",
"T012696",
"1076561",
"T015127",
"T015126",
"T004914",
"407131",
"T016243",
"T017166",
"T002207",
"1321",
"560061",
"T026399"
]
},
"release_date": "2020-12-15T23:00:00.000+00:00",
"title": "CVE-2022-42544"
}
]
}
OPENSUSE-SU-2019:0065-1
Vulnerability from csaf_opensuse - Published: 2019-03-23 10:47 - Updated: 2019-03-23 10:47Summary
Security update for the Linux Kernel
Notes
Title of the patch
Security update for the Linux Kernel
Description of the patch
The openSUSE Leap 15.0 kernel was updated to receive various security and bugfixes.
The following security bugs were fixed:
- CVE-2018-19407: The vcpu_scan_ioapic function in arch/x86/kvm/x86.c allowed local users to cause a denial of service (NULL pointer dereference and BUG) via crafted system calls that reach a situation where ioapic is uninitialized (bnc#1116841).
- CVE-2018-14625: An attacker might have bene able to have an uncontrolled read to kernel-memory from within a vm guest. A race condition between connect() and close() function may allow an attacker using the AF_VSOCK protocol to gather a 4 byte information leak or possibly intercept or corrupt AF_VSOCK messages destined to other clients (bnc#1106615).
- CVE-2018-19985: The function hso_probe read if_num from the USB device (as an u8) and used it without a length check to index an array, resulting in an OOB memory read in hso_probe or hso_get_config_data that could be used by local attackers (bsc#1120743).
- CVE-2018-16884: NFS41+ shares mounted in different network namespaces at the same time can make bc_svc_process() use wrong back-channel IDs and cause a use-after-free vulnerability. Thus a malicious container user can cause a host kernel memory corruption and a system panic. Due to the nature of the flaw, privilege escalation cannot be fully ruled out (bnc#1119946).
- CVE-2018-20169: The USB subsystem mishandled size checks during the reading of an extra descriptor, related to __usb_get_extra_descriptor in drivers/usb/core/usb.c (bnc#1119714).
- CVE-2018-18397: The userfaultfd implementation mishandled access control for certain UFFDIO_ ioctl calls, as demonstrated by allowing local users to write data into holes in a tmpfs file (if the user has read-only access to that file, and that file contains holes), related to fs/userfaultfd.c and mm/userfaultfd.c (bnc#1117656).
- CVE-2018-12232: In net/socket.c there was a race condition between fchownat and close in cases where they target the same socket file descriptor, related to the sock_close and sockfs_setattr functions. fchownat did not increment the file descriptor reference count, which allowed close to set the socket to NULL during fchownat's execution, leading to a NULL pointer dereference and system crash (bnc#1097593).
- CVE-2018-9568: In sk_clone_lock of sock.c, there is a possible memory corruption due to type confusion. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation. (bnc#1118319).
- CVE-2018-16862: A security flaw was found in the way that the cleancache subsystem clears an inode after the final file truncation (removal). The new file created with the same inode may contain leftover pages from cleancache and the old file data instead of the new one (bnc#1117186).
- CVE-2018-19854: An issue was discovered in the crypto_report_one() and related functions in crypto/crypto_user.c (the crypto user configuration API) do not fully initialize structures that are copied to userspace, potentially leaking sensitive memory to user programs. NOTE: this is a CVE-2013-2547 regression but with easier exploitability because the attacker did not need a capability (however, the system must have the CONFIG_CRYPTO_USER kconfig option) (bnc#1118428).
- CVE-2018-19824: A local user could exploit a use-after-free in the ALSA driver by supplying a malicious USB Sound device (with zero interfaces) that is mishandled in usb_audio_probe in sound/usb/card.c (bnc#1118152).
The following non-security bugs were fixed:
- ACPI / CPPC: Check for valid PCC subspace only if PCC is used (bsc#1117115).
- ACPI / CPPC: Update all pr_(debug/err) messages to log the susbspace id (bsc#1117115).
- aio: fix spectre gadget in lookup_ioctx (bsc#1120594).
- alsa: cs46xx: Potential NULL dereference in probe (bsc#1051510).
- alsa: emu10k1: Fix potential Spectre v1 vulnerabilities (bsc#1051510).
- alsa: emux: Fix potential Spectre v1 vulnerabilities (bsc#1051510).
- alsa: fireface: fix for state to fetch PCM frames (bsc#1051510).
- alsa: fireface: fix reference to wrong register for clock configuration (bsc#1051510).
- alsa: firewire-lib: fix wrong assignment for 'out_packet_without_header' tracepoint (bsc#1051510).
- alsa: firewire-lib: fix wrong handling payload_length as payload_quadlet (bsc#1051510).
- alsa: firewire-lib: use the same print format for 'without_header' tracepoints (bsc#1051510).
- alsa: hda: add mute LED support for HP EliteBook 840 G4 (bsc#1051510).
- alsa: hda: Add support for AMD Stoney Ridge (bsc#1051510).
- alsa: hda/ca0132 - make pci_iounmap() call conditional (bsc#1051510).
- alsa: hda: fix front speakers on Huawei MBXP (bsc#1051510).
- alsa: hda/realtek - Add support for Acer Aspire C24-860 headset mic (bsc#1051510).
- alsa: hda/realtek - Add unplug function into unplug state of Headset Mode for ALC225 (bsc#1051510).
- alsa: hda/realtek: ALC286 mic and headset-mode fixups for Acer Aspire U27-880 (bsc#1051510).
- alsa: hda/realtek: ALC294 mic and headset-mode fixups for ASUS X542UN (bsc#1051510).
- alsa: hda/realtek - Disable headset Mic VREF for headset mode of ALC225 (bsc#1051510).
- alsa: hda/realtek: Enable audio jacks of ASUS UX391UA with ALC294 (bsc#1051510).
- alsa: hda/realtek: Enable audio jacks of ASUS UX433FN/UX333FA with ALC294 (bsc#1051510).
- alsa: hda/realtek: Enable audio jacks of ASUS UX533FD with ALC294 (bsc#1051510).
- alsa: hda/realtek: Enable the headset mic auto detection for ASUS laptops (bsc#1051510).
- alsa: hda/realtek - Fixed headphone issue for ALC700 (bsc#1051510).
- alsa: hda/realtek: Fix mic issue on Acer AIO Veriton Z4660G (bsc#1051510).
- alsa: hda/realtek: Fix mic issue on Acer AIO Veriton Z4860G/Z6860G (bsc#1051510).
- alsa: hda/realtek - Fix speaker output regression on Thinkpad T570 (bsc#1051510).
- alsa: hda/realtek - Fix the mute LED regresion on Lenovo X1 Carbon (bsc#1051510).
- alsa: hda/realtek - Support Dell headset mode for New AIO platform (bsc#1051510).
- alsa: hda/tegra: clear pending irq handlers (bsc#1051510).
- alsa: pcm: Call snd_pcm_unlink() conditionally at closing (bsc#1051510).
- alsa: pcm: Fix interval evaluation with openmin/max (bsc#1051510).
- alsa: pcm: Fix potential Spectre v1 vulnerability (bsc#1051510).
- alsa: pcm: Fix starvation on down_write_nonblock() (bsc#1051510).
- alsa: rme9652: Fix potential Spectre v1 vulnerability (bsc#1051510).
- alsa: trident: Suppress gcc string warning (bsc#1051510).
- alsa: usb-audio: Add SMSL D1 to quirks for native DSD support (bsc#1051510).
- alsa: usb-audio: Add support for Encore mDSD USB DAC (bsc#1051510).
- alsa: usb-audio: Avoid access before bLength check in build_audio_procunit() (bsc#1051510).
- alsa: usb-audio: Fix an out-of-bound read in create_composite_quirks (bsc#1051510).
- alsa: x86: Fix runtime PM for hdmi-lpe-audio (bsc#1051510).
- apparmor: do not try to replace stale label in ptrace access check (git-fixes).
- apparmor: do not try to replace stale label in ptraceme check (git-fixes).
- apparmor: Fix uninitialized value in aa_split_fqname (git-fixes).
- arm64: Add work around for Arm Cortex-A55 Erratum 1024718 (bsc#1120612).
- arm64: atomics: Remove '&' from '+&' asm constraint in lse atomics (bsc#1120613).
- arm64: cpu_errata: include required headers (bsc#1120615).
- arm64: dma-mapping: Fix FORCE_CONTIGUOUS buffer clearing (bsc#1120633).
- arm64: Fix /proc/iomem for reserved but not memory regions (bsc#1120632).
- arm64: lse: Add early clobbers to some input/output asm operands (bsc#1120614).
- arm64: lse: remove -fcall-used-x0 flag (bsc#1120618).
- arm64: mm: always enable CONFIG_HOLES_IN_ZONE (bsc#1120617).
- arm64/numa: Report correct memblock range for the dummy node (bsc#1120620).
- arm64/numa: Unify common error path in numa_init() (bsc#1120621).
- arm64: remove no-op -p linker flag (bsc#1120616).
- ASoC: dapm: Recalculate audio map forcely when card instantiated (bsc#1051510).
- ASoC: intel: cht_bsw_max98090_ti: Add pmc_plt_clk_0 quirk for Chromebook Clapper (bsc#1051510).
- ASoC: intel: cht_bsw_max98090_ti: Add pmc_plt_clk_0 quirk for Chromebook Gnawty (bsc#1051510).
- ASoC: intel: mrfld: fix uninitialized variable access (bsc#1051510).
- ASoC: omap-abe-twl6040: Fix missing audio card caused by deferred probing (bsc#1051510).
- ASoC: omap-dmic: Add pm_qos handling to avoid overruns with CPU_IDLE (bsc#1051510).
- ASoC: omap-mcbsp: Fix latency value calculation for pm_qos (bsc#1051510).
- ASoC: omap-mcpdm: Add pm_qos handling to avoid under/overruns with CPU_IDLE (bsc#1051510).
- ASoC: rsnd: fixup clock start checker (bsc#1051510).
- ASoC: wm_adsp: Fix dma-unsafe read of scratch registers (bsc#1051510).
- ath10k: do not assume this is a PCI dev in generic code (bsc#1051510).
- ath6kl: Only use match sets when firmware supports it (bsc#1051510).
- b43: Fix error in cordic routine (bsc#1051510).
- bcache: fix miss key refill->end in writeback (Git-fixes).
- bcache: trace missed reading by cache_missed (Git-fixes).
- blk-mq: remove synchronize_rcu() from blk_mq_del_queue_tag_set() (Git-fixes).
- block: allow max_discard_segments to be stacked (Git-fixes).
- block: blk_init_allocated_queue() set q->fq as NULL in the fail case (Git-fixes).
- block: really disable runtime-pm for blk-mq (Git-fixes).
- block: reset bi_iter.bi_done after splitting bio (Git-fixes).
- block/swim: Fix array bounds check (Git-fixes).
- bnxt_en: do not try to offload VLAN 'modify' action (bsc#1050242 ).
- bnxt_en: Fix enables field in HWRM_QUEUE_COS2BW_CFG request (bsc#1086282).
- bnxt_en: Fix VNIC reservations on the PF (bsc#1086282 ).
- bnxt_en: get the reduced max_irqs by the ones used by RDMA (bsc#1050242).
- bpf: fix check of allowed specifiers in bpf_trace_printk (bsc#1083647).
- bpf: use per htab salt for bucket hash (git-fixes).
- btrfs: Always try all copies when reading extent buffers (git-fixes).
- btrfs: delete dead code in btrfs_orphan_add() (bsc#1111469).
- btrfs: delete dead code in btrfs_orphan_commit_root() (bsc#1111469).
- btrfs: do not BUG_ON() in btrfs_truncate_inode_items() (bsc#1111469).
- btrfs: do not check inode's runtime flags under root->orphan_lock (bsc#1111469).
- btrfs: do not return ino to ino cache if inode item removal fails (bsc#1111469).
- btrfs: fix ENOSPC caused by orphan items reservations (bsc#1111469).
- btrfs: Fix error handling in btrfs_cleanup_ordered_extents (git-fixes).
- btrfs: fix error handling in btrfs_truncate() (bsc#1111469).
- btrfs: fix error handling in btrfs_truncate_inode_items() (bsc#1111469).
- btrfs: fix fsync of files with multiple hard links in new directories (1120173).
- btrfs: Fix memory barriers usage with device stats counters (git-fixes).
- btrfs: fix use-after-free on root->orphan_block_rsv (bsc#1111469).
- btrfs: get rid of BTRFS_INODE_HAS_ORPHAN_ITEM (bsc#1111469).
- btrfs: get rid of unused orphan infrastructure (bsc#1111469).
- btrfs: move btrfs_truncate_block out of trans handle (bsc#1111469).
- btrfs: qgroup: Dirty all qgroups before rescan (bsc#1120036).
- btrfs: refactor btrfs_evict_inode() reserve refill dance (bsc#1111469).
- btrfs: renumber BTRFS_INODE_ runtime flags and switch to enums (bsc#1111469).
- btrfs: reserve space for O_TMPFILE orphan item deletion (bsc#1111469).
- btrfs: run delayed items before dropping the snapshot (bsc#1121263, bsc#1111188).
- btrfs: stop creating orphan items for truncate (bsc#1111469).
- btrfs: tree-checker: Do not check max block group size as current max chunk size limit is unreliable (fixes for bsc#1102882, bsc#1102896, bsc#1102879, bsc#1102877, bsc#1102875).
- btrfs: update stale comments referencing vmtruncate() (bsc#1111469).
- can: flexcan: flexcan_irq(): fix indention (bsc#1051510).
- cdrom: do not attempt to fiddle with cdo->capability (bsc#1051510).
- ceph: do not update importing cap's mseq when handing cap export (bsc#1121273).
- char_dev: extend dynamic allocation of majors into a higher range (bsc#1121058).
- char_dev: Fix off-by-one bugs in find_dynamic_major() (bsc#1121058).
- clk: mmp: Off by one in mmp_clk_add() (bsc#1051510).
- clk: mvebu: Off by one bugs in cp110_of_clk_get() (bsc#1051510).
- compiler-gcc.h: Add __attribute__((gnu_inline)) to all inline declarations (git-fixes).
- config: arm64: enable erratum 1024718
- cpufeature: avoid warning when compiling with clang (Git-fixes).
- cpufreq / CPPC: Add cpuinfo_cur_freq support for CPPC (bsc#1117115).
- cpufreq: CPPC: fix build in absence of v3 support (bsc#1117115).
- cpupower: remove stringop-truncation waring (git-fixes).
- crypto: bcm - fix normal/non key hash algorithm failure (bsc#1051510).
- crypto: ccp - Add DOWNLOAD_FIRMWARE SEV command ().
- crypto: ccp - Add GET_ID SEV command ().
- crypto: ccp - Add psp enabled message when initialization succeeds ().
- crypto: ccp - Add support for new CCP/PSP device ID ().
- crypto: ccp - Allow SEV firmware to be chosen based on Family and Model ().
- crypto: ccp - Fix static checker warning ().
- crypto: ccp - Remove unused #defines ().
- crypto: ccp - Support register differences between PSP devices ().
- dasd: fix deadlock in dasd_times_out (bsc#1121477, LTC#174111).
- dax: Check page->mapping isn't NULL (bsc#1120054).
- dax: Do not access a freed inode (bsc#1120055).
- device property: Define type of PROPERTY_ENRTY_*() macros (bsc#1051510).
- device property: fix fwnode_graph_get_next_endpoint() documentation (bsc#1051510).
- disable stringop truncation warnings for now (git-fixes).
- dm: allocate struct mapped_device with kvzalloc (Git-fixes).
- dm cache: destroy migration_cache if cache target registration failed (Git-fixes).
- dm cache: fix resize crash if user does not reload cache table (Git-fixes).
- dm cache metadata: ignore hints array being too small during resize (Git-fixes).
- dm cache metadata: save in-core policy_hint_size to on-disk superblock (Git-fixes).
- dm cache metadata: set dirty on all cache blocks after a crash (Git-fixes).
- dm cache: only allow a single io_mode cache feature to be requested (Git-fixes).
- dm crypt: do not decrease device limits (Git-fixes).
- dm: fix report zone remapping to account for partition offset (Git-fixes).
- dm integrity: change 'suspending' variable from bool to int (Git-fixes).
- dm ioctl: harden copy_params()'s copy_from_user() from malicious users (Git-fixes).
- dm linear: eliminate linear_end_io call if CONFIG_DM_ZONED disabled (Git-fixes).
- dm linear: fix linear_end_io conditional definition (Git-fixes).
- dm thin: handle running out of data space vs concurrent discard (Git-fixes).
- dm thin metadata: remove needless work from __commit_transaction (Git-fixes).
- dm thin: stop no_space_timeout worker when switching to write-mode (Git-fixes).
- dm writecache: fix a crash due to reading past end of dirty_bitmap (Git-fixes).
- dm writecache: report start_sector in status line (Git-fixes).
- dm zoned: fix metadata block ref counting (Git-fixes).
- dm zoned: fix various dmz_get_mblock() issues (Git-fixes).
- doc/README.SUSE: correct GIT url No more gitorious, github we use.
- drivers/net/usb: add device id for TP-LINK UE300 USB 3.0 Ethernet (bsc#1119749).
- drivers/net/usb/r8152: remove the unneeded variable 'ret' in rtl8152_system_suspend (bsc#1119749).
- drm/amdgpu/gmc8: update MC firmware for polaris (bsc#1113722)
- drm/amdgpu: update mc firmware image for polaris12 variants (bsc#1113722)
- drm/amdgpu: update SMC firmware image for polaris10 variants (bsc#1113722)
- drm/i915/execlists: Apply a full mb before execution for Braswell (bsc#1113722)
- drm/ioctl: Fix Spectre v1 vulnerabilities (bsc#1113722)
- drm/nouveau/kms: Fix memory leak in nv50_mstm_del() (bsc#1113722)
- drm: rcar-du: Fix external clock error checks (bsc#1113722)
- drm: rcar-du: Fix vblank initialization (bsc#1113722)
- drm/rockchip: psr: do not dereference encoder before it is null (bsc#1113722)
- drm: set is_master to 0 upon drm_new_set_master() failure (bsc#1113722)
- drm/vc4: Set ->is_yuv to false when num_planes == 1 (bsc#1113722)
- drm/vc4: ->x_scaling[1] should never be set to VC4_SCALING_NONE (bsc#1113722)
- dt-bindings: add compatible string for Allwinner V3s SoC (git-fixes).
- dt-bindings: arm: Document SoC compatible value for Armadillo-800 EVA (git-fixes).
- dt-bindings: clock: add rk3399 DDR3 standard speed bins (git-fixes).
- dt-bindings: clock: mediatek: add binding for fixed-factor clock axisel_d4 (git-fixes).
- dt-bindings: mfd: axp20x: Add AXP806 to supported list of chips (git-fixes).
- dt-bindings: net: Remove duplicate NSP Ethernet MAC binding document (git-fixes).
- dt-bindings: panel: lvds: Fix path to display timing bindings (git-fixes).
- dt-bindings: phy: sun4i-usb-phy: Add property descriptions for H3 (git-fixes).
- dt-bindings: pwm: renesas: tpu: Fix 'compatible' prop description (git-fixes).
- dt-bindings: rcar-dmac: Document missing error interrupt (git-fixes).
- edac, {i7core,sb,skx}_edac: Fix uncorrected error counting (bsc#1114279).
- edac, skx_edac: Fix logical channel intermediate decoding (bsc#1114279).
- efi: Move some sysfs files to be read-only by root (bsc#1051510).
- ethernet: fman: fix wrong of_node_put() in probe function (bsc#1119017).
- exportfs: fix 'passing zero to ERR_PTR()' warning (bsc#1118773).
- ext2: fix potential use after free (bsc#1118775).
- ext4: avoid possible double brelse() in add_new_gdb() on error path (bsc#1118760).
- ext4: fix EXT4_IOC_GROUP_ADD ioctl (bsc#1120604).
- ext4: fix possible use after free in ext4_quota_enable (bsc#1120602).
- ext4: missing unlock/put_page() in ext4_try_to_write_inline_data() (bsc#1120603).
- extable: Consolidate *kernel_text_address() functions (bsc#1120092).
- extable: Enable RCU if it is not watching in kernel_text_address() (bsc#1120092).
- fbdev: fbcon: Fix unregister crash when more than one framebuffer (bsc#1113722)
- fbdev: fbmem: behave better with small rotated displays and many CPUs (bsc#1113722)
- firmware: add firmware_request_nowarn() - load firmware without warnings ().
- Fix the breakage of KMP build on x86_64 (bsc#1121017)
- fscache: Fix race in fscache_op_complete() due to split atomic_sub & read (Git-fixes).
- fscache: Pass the correct cancelled indications to fscache_op_complete() (Git-fixes).
- fs: fix lost error code in dio_complete (bsc#1118762).
- fs/xfs: Use %pS printk format for direct addresses (git-fixes).
- fuse: fix blocked_waitq wakeup (git-fixes).
- fuse: fix leaked notify reply (git-fixes).
- fuse: fix possibly missed wake-up after abort (git-fixes).
- fuse: Fix use-after-free in fuse_dev_do_read() (git-fixes).
- fuse: Fix use-after-free in fuse_dev_do_write() (git-fixes).
- fuse: fix use-after-free in fuse_direct_IO() (git-fixes).
- fuse: set FR_SENT while locked (git-fixes).
- gcc-plugins: Add include required by GCC release 8 (git-fixes).
- gcc-plugins: Use dynamic initializers (git-fixes).
- gfs2: Do not leave s_fs_info pointing to freed memory in init_sbd (bsc#1118769).
- gfs2: Fix loop in gfs2_rbm_find (bsc#1120601).
- gfs2: Get rid of potential double-freeing in gfs2_create_inode (bsc#1120600).
- gfs2_meta: ->mount() can get NULL dev_name (bsc#1118768).
- gfs2: Put bitmap buffers in put_super (bsc#1118772).
- git_sort.py: Remove non-existent remote tj/libata
- gpio: davinci: Remove unused member of davinci_gpio_controller (git-fixes).
- gpiolib-acpi: Only defer request_irq for GpioInt ACPI event handlers (bsc#1051510).
- gpiolib: Fix return value of gpio_to_desc() stub if !GPIOLIB (bsc#1051510).
- gpio: max7301: fix driver for use with CONFIG_VMAP_STACK (bsc#1051510).
- gpio: mvebu: only fail on missing clk if pwm is actually to be used (bsc#1051510).
- HID: Add quirk for Primax PIXART OEM mice (bsc#1119410).
- HID: input: Ignore battery reported by Symbol DS4308 (bsc#1051510).
- HID: multitouch: Add pointstick support for Cirque Touchpad (bsc#1051510).
- hwpoison, memory_hotplug: allow hwpoisoned pages to be offlined (bnc#1116336).
- i2c: axxia: properly handle master timeout (bsc#1051510).
- i2c: scmi: Fix probe error on devices with an empty SMB0001 ACPI device node (bsc#1051510).
- ib/hfi1: Add mtu check for operational data VLs (bsc#1060463 ).
- ibmvnic: Convert reset work item mutex to spin lock ().
- ibmvnic: Fix non-atomic memory allocation in IRQ context ().
- ib/rxe: support for 802.1q VLAN on the listener (bsc#1082387).
- ieee802154: 6lowpan: set IFLA_LINK (bsc#1051510).
- ieee802154: at86rf230: switch from BUG_ON() to WARN_ON() on problem (bsc#1051510).
- ieee802154: at86rf230: use __func__ macro for debug messages (bsc#1051510).
- ieee802154: fakelb: switch from BUG_ON() to WARN_ON() on problem (bsc#1051510).
- Include modules.fips in kernel-binary as well as kernel-binary-base ().
- initramfs: fix initramfs rebuilds w/ compression after disabling (git-fixes).
- input: add official Raspberry Pi's touchscreen driver ().
- input: cros_ec_keyb - fix button/switch capability reports (bsc#1051510).
- input: elan_i2c - add ACPI ID for Lenovo IdeaPad 330-15ARR (bsc#1051510).
- input: elan_i2c - add ELAN0620 to the ACPI table (bsc#1051510).
- input: elan_i2c - add support for ELAN0621 touchpad (bsc#1051510).
- input: hyper-v - fix wakeup from suspend-to-idle (bsc#1051510).
- input: matrix_keypad - check for errors from of_get_named_gpio() (bsc#1051510).
- input: nomadik-ske-keypad - fix a loop timeout test (bsc#1051510).
- input: omap-keypad - fix keyboard debounce configuration (bsc#1051510).
- input: synaptics - add PNP ID for ThinkPad P50 to SMBus (bsc#1051510).
- input: synaptics - enable SMBus for HP 15-ay000 (bsc#1051510).
- input: xpad - quirk all PDP Xbox One gamepads (bsc#1051510).
- integrity/security: fix digsig.c build error with header file (bsc#1051510).
- intel_th: msu: Fix an off-by-one in attribute store (bsc#1051510).
- iommu/amd: Fix amd_iommu=force_isolation (bsc#1106105).
- iommu/vt-d: Handle domain agaw being less than iommu agaw (bsc#1106105).
- iwlwifi: add new cards for 9560, 9462, 9461 and killer series (bsc#1051510).
- iwlwifi: fix LED command capability bit (bsc#1119086).
- iwlwifi: nvm: get num of hw addresses from firmware (bsc#1119086).
- iwlwifi: pcie: do not reset TXQ write pointer (bsc#1051510).
- jffs2: free jffs2_sb_info through jffs2_kill_sb() (bsc#1118767).
- jump_label: Split out code under the hotplug lock (bsc#1106913).
- kabi: hwpoison, memory_hotplug: allow hwpoisoned pages to be offlined (bnc#1116336).
- kabi protect hnae_ae_ops (bsc#1104353).
- kbuild: allow to use GCC toolchain not in Clang search path (git-fixes).
- kbuild: fix linker feature test macros when cross compiling with Clang (git-fixes).
- kbuild: make missing $DEPMOD a Warning instead of an Error (git-fixes).
- kbuild: rpm-pkg: keep spec file until make mrproper (git-fixes).
- kbuild: suppress packed-not-aligned warning for default setting only (git-fixes).
- kbuild: verify that $DEPMOD is installed (git-fixes).
- kernfs: Replace strncpy with memcpy (bsc#1120053).
- keys: Fix the use of the C++ keyword 'private' in uapi/linux/keyctl.h (Git-fixes).
- kobject: Replace strncpy with memcpy (git-fixes).
- kprobes: Make list and blacklist root user read only (git-fixes).
- kvm: PPC: Book3S PR: Enable use on POWER9 inside HPT-mode guests (bsc#1118484).
- kvm: svm: Ensure an IBPB on all affected CPUs when freeing a vmcb (bsc#1114279).
- libata: whitelist all SAMSUNG MZ7KM* solid-state disks (bsc#1051510).
- libceph: fall back to sendmsg for slab pages (bsc#1118316).
- libnvdimm, pfn: Pad pfn namespaces relative to other regions (bsc#1118962).
- lib/raid6: Fix arm64 test build (bsc#1051510).
- lib/ubsan.c: do not mark __ubsan_handle_builtin_unreachable as noreturn (bsc#1051510).
- Limit max FW API version for QCA9377 (bsc#1121714, bsc#1121715).
- linux/bitmap.h: fix type of nbits in bitmap_shift_right() (bsc#1051510).
- locking/barriers: Convert users of lockless_dereference() to READ_ONCE() (Git-fixes).
- locking/static_keys: Improve uninitialized key warning (bsc#1106913).
- mac80211: Clear beacon_int in ieee80211_do_stop (bsc#1051510).
- mac80211: fix reordering of buffered broadcast packets (bsc#1051510).
- mac80211_hwsim: fix module init error paths for netlink (bsc#1051510).
- mac80211_hwsim: Timer should be initialized before device registered (bsc#1051510).
- mac80211: ignore NullFunc frames in the duplicate detection (bsc#1051510).
- mac80211: ignore tx status for PS stations in ieee80211_tx_status_ext (bsc#1051510).
- Mark HI and TASKLET softirq synchronous (git-fixes).
- media: em28xx: Fix use-after-free when disconnecting (bsc#1051510).
- media: em28xx: make v4l2-compliance happier by starting sequence on zero (bsc#1051510).
- media: omap3isp: Unregister media device as first (bsc#1051510).
- mmc: bcm2835: reset host on timeout (bsc#1051510).
- mmc: core: Allow BKOPS and CACHE ctrl even if no HPI support (bsc#1051510).
- mmc: core: Reset HPI enabled state during re-init and in case of errors (bsc#1051510).
- mmc: core: Use a minimum 1600ms timeout when enabling CACHE ctrl (bsc#1051510).
- mmc: dw_mmc-bluefield: Add driver extension (bsc#1118752).
- mmc: dw_mmc-k3: add sd support for hi3660 (bsc#1118752).
- MMC: OMAP: fix broken MMC on OMAP15XX/OMAP5910/OMAP310 (bsc#1051510).
- mmc: omap_hsmmc: fix DMA API warning (bsc#1051510).
- mmc: sdhci: fix the timeout check window for clock and reset (bsc#1051510).
- mm: do not miss the last page because of round-off error (bnc#1118798).
- mm: do not warn about large allocations for slab (git fixes (slab)).
- mm/huge_memory.c: reorder operations in __split_huge_page_tail() (VM Functionality bsc#1119962).
- mm: hugetlb: yield when prepping struct pages (git fixes (memory initialisation)).
- mm: lower the printk loglevel for __dump_page messages (generic hotplug debugability).
- mm, memory_hotplug: be more verbose for memory offline failures (generic hotplug debugability).
- mm, memory_hotplug: drop pointless block alignment checks from __offline_pages (generic hotplug debugability).
- mm, memory_hotplug: print reason for the offlining failure (generic hotplug debugability).
- mm: migration: fix migration of huge PMD shared pages (bnc#1086423).
- mm: only report isolation failures when offlining memory (generic hotplug debugability).
- mm: print more information about mapping in __dump_page (generic hotplug debugability).
- mm: put_and_wait_on_page_locked() while page is migrated (bnc#1109272).
- mm: sections are not offlined during memory hotremove (bnc#1119968).
- mm: shmem.c: Correctly annotate new inodes for lockdep (Git fixes: shmem).
- mm/vmstat.c: fix NUMA statistics updates (git fixes).
- Move dell_rbu fix to sorted section (bsc#1087978).
- mtd: cfi: convert inline functions to macros (git-fixes).
- mtd: Fix comparison in map_word_andequal() (git-fixes).
- namei: allow restricted O_CREAT of FIFOs and regular files (bsc#1118766).
- nbd: do not allow invalid blocksize settings (Git-fixes).
- net: bgmac: Fix endian access in bgmac_dma_tx_ring_free() (bsc#1051510).
- net: dsa: mv88e6xxx: Fix binding documentation for MDIO busses (git-fixes).
- net: dsa: qca8k: Add QCA8334 binding documentation (git-fixes).
- net: ena: fix crash during ena_remove() (bsc#1111696 bsc#1117561).
- net: ena: update driver version from 2.0.1 to 2.0.2 (bsc#1111696 bsc#1117561).
- net: hns3: Add nic state check before calling netif_tx_wake_queue (bsc#1104353).
- net: hns3: Add support for hns3_nic_netdev_ops.ndo_do_ioctl (bsc#1104353).
- net: hns3: bugfix for buffer not free problem during resetting (bsc#1104353).
- net: hns3: bugfix for handling mailbox while the command queue reinitialized (bsc#1104353).
- net: hns3: bugfix for hclge_mdio_write and hclge_mdio_read (bsc#1104353).
- net: hns3: bugfix for is_valid_csq_clean_head() (bsc#1104353 ).
- net: hns3: bugfix for reporting unknown vector0 interrupt repeatly problem (bsc#1104353).
- net: hns3: bugfix for rtnl_lock's range in the hclgevf_reset() (bsc#1104353).
- net: hns3: bugfix for the initialization of command queue's spin lock (bsc#1104353).
- net: hns3: Check hdev state when getting link status (bsc#1104353).
- net: hns3: Clear client pointer when initialize client failed or unintialize finished (bsc#1104353).
- net: hns3: Fix cmdq registers initialization issue for vf (bsc#1104353).
- net: hns3: Fix error of checking used vlan id (bsc#1104353 ).
- net: hns3: Fix ets validate issue (bsc#1104353).
- net: hns3: Fix for netdev not up problem when setting mtu (bsc#1104353).
- net: hns3: Fix for out-of-bounds access when setting pfc back pressure (bsc#1104353).
- net: hns3: Fix for packet buffer setting bug (bsc#1104353 ).
- net: hns3: Fix for rx vlan id handle to support Rev 0x21 hardware (bsc#1104353).
- net: hns3: Fix for setting speed for phy failed problem (bsc#1104353).
- net: hns3: Fix for vf vlan delete failed problem (bsc#1104353 ).
- net: hns3: Fix loss of coal configuration while doing reset (bsc#1104353).
- net: hns3: Fix parameter type for q_id in hclge_tm_q_to_qs_map_cfg() (bsc#1104353).
- net: hns3: Fix ping exited problem when doing lp selftest (bsc#1104353).
- net: hns3: Preserve vlan 0 in hardware table (bsc#1104353 ).
- net: hns3: remove unnecessary queue reset in the hns3_uninit_all_ring() (bsc#1104353).
- net: hns3: Set STATE_DOWN bit of hdev state when stopping net (bsc#1104353).
- net/mlx4_core: Correctly set PFC param if global pause is turned off (bsc#1046299).
- net: usb: r8152: constify usb_device_id (bsc#1119749).
- net: usb: r8152: use irqsave() in USB's complete callback (bsc#1119749).
- nospec: Allow index argument to have const-qualified type (git-fixes)
- nospec: Kill array_index_nospec_mask_check() (git-fixes).
- nvme-fc: resolve io failures during connect (bsc#1116803).
- nvme-multipath: zero out ANA log buffer (bsc#1105168).
- nvme: validate controller state before rescheduling keep alive (bsc#1103257).
- objtool: Detect RIP-relative switch table references (bsc#1058115).
- objtool: Detect RIP-relative switch table references, part 2 (bsc#1058115).
- objtool: Fix another switch table detection issue (bsc#1058115).
- objtool: Fix double-free in .cold detection error path (bsc#1058115).
- objtool: Fix GCC 8 cold subfunction detection for aliased functions (bsc#1058115).
- objtool: Fix 'noreturn' detection for recursive sibling calls (bsc#1058115).
- objtool: Fix segfault in .cold detection with -ffunction-sections (bsc#1058115).
- objtool: Support GCC 8's cold subfunctions (bsc#1058115).
- objtool: Support GCC 8 switch tables (bsc#1058115).
- panic: avoid deadlocks in re-entrant console drivers (bsc#1088386).
- PCI: Add ACS quirk for Ampere root ports (bsc#1120058).
- PCI: Add ACS quirk for APM X-Gene devices (bsc#1120058).
- PCI: Convert device-specific ACS quirks from NULL termination to ARRAY_SIZE (bsc#1120058).
- PCI: Delay after FLR of Intel DC P3700 NVMe (bsc#1120058).
- PCI: Disable Samsung SM961/PM961 NVMe before FLR (bsc#1120058).
- PCI: Export pcie_has_flr() (bsc#1120058).
- PCI: iproc: Activate PAXC bridge quirk for more devices (bsc#1120058).
- PCI: Mark Ceton InfiniTV4 INTx masking as broken (bsc#1120058).
- PCI: Mark fall-through switch cases before enabling -Wimplicit-fallthrough (bsc#1120058).
- PCI: Mark Intel XXV710 NIC INTx masking as broken (bsc#1120058).
- perf tools: Fix tracing_path_mount proper path (git-fixes).
- platform-msi: Free descriptors in platform_msi_domain_free() (bsc#1051510).
- powerpc/64s: consolidate MCE counter increment (bsc#1094244).
- powerpc/64s/radix: Fix process table entry cache invalidation (bsc#1055186, git-fixes).
- powerpc/boot: Expose Kconfig symbols to wrapper (bsc#1065729).
- powerpc/boot: Fix build failures with -j 1 (bsc#1065729).
- powerpc/pkeys: Fix handling of pkey state across fork() (bsc#1078248, git-fixes).
- powerpc/powernv: Fix save/restore of SPRG3 on entry/exit from stop (idle) (bsc#1055121).
- powerpc/pseries: Track LMB nid instead of using device tree (bsc#1108270).
- powerpc/traps: restore recoverability of machine_check interrupts (bsc#1094244).
- power: supply: olpc_battery: correct the temperature units (bsc#1051510).
- ptrace: Remove unused ptrace_may_access_sched() and MODE_IBRS (bsc#1106913).
- qed: Add driver support for 20G link speed (bsc#1110558).
- qed: Add support for virtual link (bsc#1111795).
- qede: Add driver support for 20G link speed (bsc#1110558).
- r8152: add byte_enable for ocp_read_word function (bsc#1119749).
- r8152: add Linksys USB3GIGV1 id (bsc#1119749).
- r8152: add r8153_phy_status function (bsc#1119749).
- r8152: adjust lpm settings for RTL8153 (bsc#1119749).
- r8152: adjust rtl8153_runtime_enable function (bsc#1119749).
- r8152: adjust the settings about MAC clock speed down for RTL8153 (bsc#1119749).
- r8152: adjust U2P3 for RTL8153 (bsc#1119749).
- r8152: avoid rx queue more than 1000 packets (bsc#1119749).
- r8152: check if disabling ALDPS is finished (bsc#1119749).
- r8152: correct the definition (bsc#1119749).
- r8152: disable RX aggregation on Dell TB16 dock (bsc#1119749).
- r8152: disable RX aggregation on new Dell TB16 dock (bsc#1119749).
- r8152: fix wrong checksum status for received IPv4 packets (bsc#1119749).
- r8152: move calling delay_autosuspend function (bsc#1119749).
- r8152: move the default coalesce setting for RTL8153 (bsc#1119749).
- r8152: move the initialization to reset_resume function (bsc#1119749).
- r8152: move the setting of rx aggregation (bsc#1119749).
- r8152: replace napi_complete with napi_complete_done (bsc#1119749).
- r8152: set rx mode early when linking on (bsc#1119749).
- r8152: split rtl8152_resume function (bsc#1119749).
- r8152: support new chip 8050 (bsc#1119749).
- r8152: support RTL8153B (bsc#1119749).
- rbd: whitelist RBD_FEATURE_OPERATIONS feature bit (Git-fixes).
- rcu: Allow for page faults in NMI handlers (bsc#1120092).
- rdma/bnxt_re: Add missing spin lock initialization (bsc#1050244 ).
- rdma/bnxt_re: Avoid accessing the device structure after it is freed (bsc#1050244).
- rdma/bnxt_re: Avoid NULL check after accessing the pointer (bsc#1086283).
- rdma/bnxt_re: Fix system hang when registration with L2 driver fails (bsc#1086283).
- rdma/hns: Bugfix pbl configuration for rereg mr (bsc#1104427 ).
- rdma_rxe: make rxe work over 802.1q VLAN devices (bsc#1082387).
- reset: remove remaining WARN_ON() in <linux/reset.h> (Git-fixes).
- Revert commit ef9209b642f 'staging: rtl8723bs: Fix indenting errors and an off-by-one mistake in core/rtw_mlme_ext.c' (bsc#1051510).
- Revert 'iommu/io-pgtable-arm: Check for v7s-incapable systems' (bsc#1106105).
- Revert 'PCI/ASPM: Do not initialize link state when aspm_disabled is set' (bsc#1051510).
- Revert 'scsi: lpfc: ls_rjt erroneus FLOGIs' (bsc#1119322).
- ring-buffer: Allow for rescheduling when removing pages (bsc#1120238).
- ring-buffer: Do no reuse reader page if still in use (bsc#1120096).
- ring-buffer: Mask out the info bits when returning buffer page length (bsc#1120094).
- rtc: hctosys: Add missing range error reporting (bsc#1051510).
- rtc: m41t80: Correct alarm month range with RTC reads (bsc#1051510).
- rtc: pcf2127: fix a kmemleak caused in pcf2127_i2c_gather_write (bsc#1051510).
- rtc: snvs: Add timeouts to avoid kernel lockups (bsc#1051510).
- rtl8xxxu: Fix missing break in switch (bsc#1051510).
- s390/dasd: simplify locking in dasd_times_out (bsc#1104967,).
- s390/kdump: Fix elfcorehdr size calculation (bsc#1117953, LTC#171112).
- s390/kdump: Make elfcorehdr size calculation ABI compliant (bsc#1117953, LTC#171112).
- s390/qeth: fix length check in SNMP processing (bsc#1117953, LTC#173657).
- s390/qeth: remove outdated portname debug msg (bsc#1117953, LTC#172960).
- s390/qeth: sanitize strings in debug messages (bsc#1117953, LTC#172960).
- sbitmap: fix race in wait batch accounting (Git-fixes).
- sched/core: Fix cpu.max vs. cpuhotplug deadlock (bsc#1106913).
- sched/fair: Fix infinite loop in update_blocked_averages() by reverting a9e7f6544b9c (Git fixes (scheduler)).
- sched/smt: Expose sched_smt_present static key (bsc#1106913).
- sched/smt: Make sched_smt_present track topology (bsc#1106913).
- sched, tracing: Fix trace_sched_pi_setprio() for deboosting (bsc#1120228).
- scripts/git-pre-commit: make executable.
- scripts/git_sort/git_sort.py: change SCSI git repos to make series sorting more failsafe.
- scsi: lpfc: Cap NPIV vports to 256 (bsc#1118215).
- scsi: lpfc: Correct code setting non existent bits in sli4 ABORT WQE (bsc#1118215).
- scsi: lpfc: Correct topology type reporting on G7 adapters (bsc#1118215).
- scsi: lpfc: Defer LS_ACC to FLOGI on point to point logins (bsc#1118215).
- scsi: lpfc: Enable Management features for IF_TYPE=6 (bsc#1119322).
- scsi: lpfc: Fix a duplicate 0711 log message number (bsc#1118215).
- scsi: lpfc: fix block guard enablement on SLI3 adapters (bsc#1079935).
- scsi: lpfc: Fix dif and first burst use in write commands (bsc#1118215).
- scsi: lpfc: Fix discovery failures during port failovers with lots of vports (bsc#1118215).
- scsi: lpfc: Fix driver release of fw-logging buffers (bsc#1118215).
- scsi: lpfc: Fix kernel Oops due to null pring pointers (bsc#1118215).
- scsi: lpfc: Fix panic when FW-log buffsize is not initialized (bsc#1118215).
- scsi: lpfc: ls_rjt erroneus FLOGIs (bsc#1118215).
- scsi: lpfc: refactor mailbox structure context fields (bsc#1118215).
- scsi: lpfc: rport port swap discovery issue (bsc#1118215).
- scsi: lpfc: update driver version to 12.0.0.9 (bsc#1118215).
- scsi: lpfc: update manufacturer attribute to reflect Broadcom (bsc#1118215).
- scsi: target: add emulate_pr backstore attr to toggle PR support (bsc#1091405).
- scsi: target: drop unused pi_prot_format attribute storage (bsc#1091405).
- scsi: zfcp: fix posting too many status read buffers leading to adapter shutdown (bsc#1121483, LTC#174588).
- skd: Avoid that module unloading triggers a use-after-free (Git-fixes).
- skd: Submit requests to firmware before triggering the doorbell (Git-fixes).
- soc: bcm2835: sync firmware properties with downstream ()
- spi: bcm2835: Avoid finishing transfer prematurely in IRQ mode (bsc#1051510).
- spi: bcm2835: Fix book-keeping of DMA termination (bsc#1051510).
- spi: bcm2835: Fix race on DMA termination (bsc#1051510).
- spi: bcm2835: Unbreak the build of esoteric configs (bsc#1051510).
- splice: do not read more than available pipe space (bsc#1119212).
- staging: bcm2835-camera: Abort probe if there is no camera (bsc#1051510).
- staging: rtl8712: Fix possible buffer overrun (bsc#1051510).
- staging: rtl8723bs: Add missing return for cfg80211_rtw_get_station (bsc#1051510).
- staging: rts5208: fix gcc-8 logic error warning (bsc#1051510).
- staging: wilc1000: fix missing read_write setting when reading data (bsc#1051510).
- Stop building F2FS (boo#1109665) As per the information in the bugzilla issue f2fs is no longer supported on opensuse distributions.
- supported.conf: add raspberrypi-ts driver
- supported.conf: whitelist bluefield eMMC driver
- target/iscsi: avoid NULL dereference in CHAP auth error path (bsc#1117165).
- target: se_dev_attrib.emulate_pr ABI stability (bsc#1091405).
- team: no need to do team_notify_peers or team_mcast_rejoin when disabling port (bsc#1051510).
- termios, tty/tty_baudrate.c: fix buffer overrun (bsc#1051510).
- test_hexdump: use memcpy instead of strncpy (bsc#1051510).
- tmpfs: make lseek(SEEK_DATA/SEK_HOLE) return ENXIO with a negative offset (bsc#1051510).
- tools: hv: fcopy: set 'error' in case an unknown operation was requested (git-fixes).
- tools: hv: include string.h in hv_fcopy_daemon (git-fixes).
- tools/power/cpupower: fix compilation with STATIC=true (git-fixes).
- tools/power turbostat: fix possible sprintf buffer overflow (git-fixes).
- tracing/blktrace: Fix to allow setting same value (Git-fixes).
- tracing: Fix bad use of igrab in trace_uprobe.c (bsc#1120046).
- tracing: Fix crash when freeing instances with event triggers (bsc#1120230).
- tracing: Fix crash when it fails to alloc ring buffer (bsc#1120097).
- tracing: Fix double free of event_trigger_data (bsc#1120234).
- tracing: Fix missing return symbol in function_graph output (bsc#1120232).
- tracing: Fix possible double free in event_enable_trigger_func() (bsc#1120235).
- tracing: Fix possible double free on failure of allocating trace buffer (bsc#1120214).
- tracing: Fix regex_match_front() to not over compare the test string (bsc#1120223).
- tracing: Fix trace_pipe behavior for instance traces (bsc#1120088).
- tracing: Remove RCU work arounds from stack tracer (bsc#1120092).
- tracing/samples: Fix creation and deletion of simple_thread_fn creation (git-fixes).
- tty: Do not return -EAGAIN in blocking read (bsc#1116040).
- tty: do not set TTY_IO_ERROR flag if console port (bsc#1051510).
- tty: serial: 8250_mtk: always resume the device in probe (bsc#1051510).
- ubifs: Handle re-linking of inodes correctly while recovery (bsc#1120598).
- udf: Allow mounting volumes with incorrect identification strings (bsc#1118774).
- unifdef: use memcpy instead of strncpy (bsc#1051510).
- usb: appledisplay: Add 27' Apple Cinema Display (bsc#1051510).
- usb: core: quirks: add RESET_RESUME quirk for Cherry G230 Stream series (bsc#1051510).
- usb: dwc2: host: use hrtimer for NAK retries (git-fixes).
- usb: hso: Fix OOB memory access in hso_probe/hso_get_config_data (bsc#1051510).
- usbip: vhci_hcd: check rhport before using in vhci_hub_control() (bsc#1090888).
- usb: omap_udc: fix crashes on probe error and module removal (bsc#1051510).
- usb: omap_udc: fix omap_udc_start() on 15xx machines (bsc#1051510).
- usb: omap_udc: fix USB gadget functionality on Palm Tungsten E (bsc#1051510).
- usb: omap_udc: use devm_request_irq() (bsc#1051510).
- usb: quirk: add no-LPM quirk on SanDisk Ultra Flair device (bsc#1051510).
- usb: serial: option: add Fibocom NL668 series (bsc#1051510).
- usb: serial: option: add GosunCn ZTE WeLink ME3630 (bsc#1051510).
- usb: serial: option: add HP lt4132 (bsc#1051510).
- usb: serial: option: add Simcom SIM7500/SIM7600 (MBIM mode) (bsc#1051510).
- usb: serial: option: add Telit LN940 series (bsc#1051510).
- usb: usbip: Fix BUG: KASAN: slab-out-of-bounds in vhci_hub_control() (bsc#1106110).
- usb: usb-storage: Add new IDs to ums-realtek (bsc#1051510).
- usb: xhci: fix uninitialized completion when USB3 port got wrong status (bsc#1051510).
- usb: xhci: Prevent bus suspend if a port connect change or polling state is detected (bsc#1051510).
- userfaultfd: clear the vma->vm_userfaultfd_ctx if UFFD_EVENT_FORK fails (bsc#1118761).
- userfaultfd: remove uffd flags from vma->vm_flags if UFFD_EVENT_FORK fails (bsc#1118809).
- v9fs_dir_readdir: fix double-free on p9stat_read error (bsc#1118771).
- watchdog/core: Add missing prototypes for weak functions (git-fixes).
- wireless: airo: potential buffer overflow in sprintf() (bsc#1051510).
- wlcore: Fix the return value in case of error in 'wlcore_vendor_cmd_smart_config_start()' (bsc#1051510).
- x86/bugs: Add AMD's SPEC_CTRL MSR usage (bsc#1106913).
- x86/bugs: Fix the AMD SSBD usage of the SPEC_CTRL MSR (bsc#1106913).
- x86/bugs: Switch the selection of mitigation from CPU vendor to CPU features (bsc#1106913).
- x86/decoder: Fix and update the opcodes map (bsc#1058115).
- x86/kabi: Fix cpu_tlbstate issue (bsc#1106913).
- x86/l1tf: Show actual SMT state (bsc#1106913).
- x86/MCE/AMD: Fix the thresholding machinery initialization order (bsc#1114279).
- x86/mm: Fix decoy address handling vs 32-bit builds (bsc#1120606).
- x86/PCI: Add additional VMD device root ports to VMD AER quirk (bsc#1120058).
- x86/PCI: Add 'pci=big_root_window' option for AMD 64-bit windows (bsc#1120058).
- x86/PCI: Apply VMD's AERSID fixup generically (bsc#1120058).
- x86/PCI: Avoid AMD SB7xx EHCI USB wakeup defect (bsc#1120058).
- x86/PCI: Enable a 64bit BAR on AMD Family 15h (Models 00-1f, 30-3f, 60-7f) (bsc#1120058).
- x86/PCI: Enable AMD 64-bit window on resume (bsc#1120058).
- x86/PCI: Fix infinite loop in search for 64bit BAR placement (bsc#1120058).
- x86/PCI: Move and shrink AMD 64-bit window to avoid conflict (bsc#1120058).
- x86/PCI: Move VMD quirk to x86 fixups (bsc#1120058).
- x86/PCI: Only enable a 64bit BAR on single-socket AMD Family 15h (bsc#1120058).
- x86/PCI: Use is_vmd() rather than relying on the domain number (bsc#1120058).
- x86/process: Consolidate and simplify switch_to_xtra() code (bsc#1106913).
- x86/pti: Document fix wrong index (git-fixes).
- x86/retpoline: Make CONFIG_RETPOLINE depend on compiler support (bsc#1106913).
- x86/retpoline: Remove minimal retpoline support (bsc#1106913).
- x86/speculataion: Mark command line parser data __initdata (bsc#1106913).
- x86/speculation: Add command line control for indirect branch speculation (bsc#1106913).
- x86/speculation: Add prctl() control for indirect branch speculation (bsc#1106913).
- x86/speculation: Add seccomp Spectre v2 user space protection mode (bsc#1106913).
- x86/speculation: Apply IBPB more strictly to avoid cross-process data leak (bsc#1106913).
- x86/speculation: Avoid __switch_to_xtra() calls (bsc#1106913).
- x86/speculation: Clean up spectre_v2_parse_cmdline() (bsc#1106913).
- x86/speculation: Disable STIBP when enhanced IBRS is in use (bsc#1106913).
- x86/speculation: Enable cross-hyperthread spectre v2 STIBP mitigation (bsc#1106913).
- x86/speculation: Enable prctl mode for spectre_v2_user (bsc#1106913).
- x86/speculation/l1tf: Drop the swap storage limit restriction when l1tf=off (bnc#1114871).
- x86/speculation: Mark string arrays const correctly (bsc#1106913).
- x86/speculation: Move STIPB/IBPB string conditionals out of cpu_show_common() (bsc#1106913).
- x86/speculation: Prepare arch_smt_update() for PRCTL mode (bsc#1106913).
- x86/speculation: Prepare for conditional IBPB in switch_mm() (bsc#1106913).
- x86/speculation: Prepare for per task indirect branch speculation control (bsc#1106913).
- x86/speculation: Prevent stale SPEC_CTRL msr content (bsc#1106913).
- x86/speculation: Propagate information about RSB filling mitigation to sysfs (bsc#1106913).
- x86/speculation: Provide IBPB always command line options (bsc#1106913).
- x86/speculation: Remove unnecessary ret variable in cpu_show_common() (bsc#1106913).
- x86/speculation: Rename SSBD update functions (bsc#1106913).
- x86/speculation: Reorder the spec_v2 code (bsc#1106913).
- x86/speculation: Reorganize speculation control MSRs update (bsc#1106913).
- x86/speculation: Rework SMT state change (bsc#1106913).
- x86/speculation: Split out TIF update (bsc#1106913).
- x86/speculation: Unify conditional spectre v2 print functions (bsc#1106913).
- x86/speculation: Update the TIF_SSBD comment (bsc#1106913).
- xen/netfront: tolerate frags with no data (bnc#1119804).
- xen/x86: add diagnostic printout to xen_mc_flush() in case of error (bnc#1116183).
- xfs: Align compat attrlist_by_handle with native implementation (git-fixes).
- xfs: Fix xqmstats offsets in /proc/fs/xfs/xqmstat (git-fixes).
- xfs: xfs_buf: drop useless LIST_HEAD (git-fixes).
- xhci: Add quirk to workaround the errata seen on Cavium Thunder-X2 Soc (bsc#1117162).
- xhci: Do not prevent USB2 bus suspend in state check intended for USB3 only (bsc#1051510).
- xhci: Prevent U1/U2 link pm states if exit latency is too long (bsc#1051510).
- xfs: fix quotacheck dquot id overflow infinite loop (bsc#1121621).
Patchnames
openSUSE-2019-65
Terms of use
CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).
{
"document": {
"aggregate_severity": {
"namespace": "https://www.suse.com/support/security/rating/",
"text": "important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright 2024 SUSE LLC. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "Security update for the Linux Kernel",
"title": "Title of the patch"
},
{
"category": "description",
"text": "\n\nThe openSUSE Leap 15.0 kernel was updated to receive various security and bugfixes.\n\n\nThe following security bugs were fixed:\n\n- CVE-2018-19407: The vcpu_scan_ioapic function in arch/x86/kvm/x86.c allowed local users to cause a denial of service (NULL pointer dereference and BUG) via crafted system calls that reach a situation where ioapic is uninitialized (bnc#1116841).\n- CVE-2018-14625: An attacker might have bene able to have an uncontrolled read to kernel-memory from within a vm guest. A race condition between connect() and close() function may allow an attacker using the AF_VSOCK protocol to gather a 4 byte information leak or possibly intercept or corrupt AF_VSOCK messages destined to other clients (bnc#1106615).\n- CVE-2018-19985: The function hso_probe read if_num from the USB device (as an u8) and used it without a length check to index an array, resulting in an OOB memory read in hso_probe or hso_get_config_data that could be used by local attackers (bsc#1120743).\n- CVE-2018-16884: NFS41+ shares mounted in different network namespaces at the same time can make bc_svc_process() use wrong back-channel IDs and cause a use-after-free vulnerability. Thus a malicious container user can cause a host kernel memory corruption and a system panic. Due to the nature of the flaw, privilege escalation cannot be fully ruled out (bnc#1119946).\n- CVE-2018-20169: The USB subsystem mishandled size checks during the reading of an extra descriptor, related to __usb_get_extra_descriptor in drivers/usb/core/usb.c (bnc#1119714).\n- CVE-2018-18397: The userfaultfd implementation mishandled access control for certain UFFDIO_ ioctl calls, as demonstrated by allowing local users to write data into holes in a tmpfs file (if the user has read-only access to that file, and that file contains holes), related to fs/userfaultfd.c and mm/userfaultfd.c (bnc#1117656).\n- CVE-2018-12232: In net/socket.c there was a race condition between fchownat and close in cases where they target the same socket file descriptor, related to the sock_close and sockfs_setattr functions. fchownat did not increment the file descriptor reference count, which allowed close to set the socket to NULL during fchownat\u0027s execution, leading to a NULL pointer dereference and system crash (bnc#1097593).\n- CVE-2018-9568: In sk_clone_lock of sock.c, there is a possible memory corruption due to type confusion. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation. (bnc#1118319).\n- CVE-2018-16862: A security flaw was found in the way that the cleancache subsystem clears an inode after the final file truncation (removal). The new file created with the same inode may contain leftover pages from cleancache and the old file data instead of the new one (bnc#1117186).\n- CVE-2018-19854: An issue was discovered in the crypto_report_one() and related functions in crypto/crypto_user.c (the crypto user configuration API) do not fully initialize structures that are copied to userspace, potentially leaking sensitive memory to user programs. NOTE: this is a CVE-2013-2547 regression but with easier exploitability because the attacker did not need a capability (however, the system must have the CONFIG_CRYPTO_USER kconfig option) (bnc#1118428).\n- CVE-2018-19824: A local user could exploit a use-after-free in the ALSA driver by supplying a malicious USB Sound device (with zero interfaces) that is mishandled in usb_audio_probe in sound/usb/card.c (bnc#1118152).\n\nThe following non-security bugs were fixed:\n\n- ACPI / CPPC: Check for valid PCC subspace only if PCC is used (bsc#1117115).\n- ACPI / CPPC: Update all pr_(debug/err) messages to log the susbspace id (bsc#1117115).\n- aio: fix spectre gadget in lookup_ioctx (bsc#1120594).\n- alsa: cs46xx: Potential NULL dereference in probe (bsc#1051510).\n- alsa: emu10k1: Fix potential Spectre v1 vulnerabilities (bsc#1051510).\n- alsa: emux: Fix potential Spectre v1 vulnerabilities (bsc#1051510).\n- alsa: fireface: fix for state to fetch PCM frames (bsc#1051510).\n- alsa: fireface: fix reference to wrong register for clock configuration (bsc#1051510).\n- alsa: firewire-lib: fix wrong assignment for \u0027out_packet_without_header\u0027 tracepoint (bsc#1051510).\n- alsa: firewire-lib: fix wrong handling payload_length as payload_quadlet (bsc#1051510).\n- alsa: firewire-lib: use the same print format for \u0027without_header\u0027 tracepoints (bsc#1051510).\n- alsa: hda: add mute LED support for HP EliteBook 840 G4 (bsc#1051510).\n- alsa: hda: Add support for AMD Stoney Ridge (bsc#1051510).\n- alsa: hda/ca0132 - make pci_iounmap() call conditional (bsc#1051510).\n- alsa: hda: fix front speakers on Huawei MBXP (bsc#1051510).\n- alsa: hda/realtek - Add support for Acer Aspire C24-860 headset mic (bsc#1051510).\n- alsa: hda/realtek - Add unplug function into unplug state of Headset Mode for ALC225 (bsc#1051510).\n- alsa: hda/realtek: ALC286 mic and headset-mode fixups for Acer Aspire U27-880 (bsc#1051510).\n- alsa: hda/realtek: ALC294 mic and headset-mode fixups for ASUS X542UN (bsc#1051510).\n- alsa: hda/realtek - Disable headset Mic VREF for headset mode of ALC225 (bsc#1051510).\n- alsa: hda/realtek: Enable audio jacks of ASUS UX391UA with ALC294 (bsc#1051510).\n- alsa: hda/realtek: Enable audio jacks of ASUS UX433FN/UX333FA with ALC294 (bsc#1051510).\n- alsa: hda/realtek: Enable audio jacks of ASUS UX533FD with ALC294 (bsc#1051510).\n- alsa: hda/realtek: Enable the headset mic auto detection for ASUS laptops (bsc#1051510).\n- alsa: hda/realtek - Fixed headphone issue for ALC700 (bsc#1051510).\n- alsa: hda/realtek: Fix mic issue on Acer AIO Veriton Z4660G (bsc#1051510).\n- alsa: hda/realtek: Fix mic issue on Acer AIO Veriton Z4860G/Z6860G (bsc#1051510).\n- alsa: hda/realtek - Fix speaker output regression on Thinkpad T570 (bsc#1051510).\n- alsa: hda/realtek - Fix the mute LED regresion on Lenovo X1 Carbon (bsc#1051510).\n- alsa: hda/realtek - Support Dell headset mode for New AIO platform (bsc#1051510).\n- alsa: hda/tegra: clear pending irq handlers (bsc#1051510).\n- alsa: pcm: Call snd_pcm_unlink() conditionally at closing (bsc#1051510).\n- alsa: pcm: Fix interval evaluation with openmin/max (bsc#1051510).\n- alsa: pcm: Fix potential Spectre v1 vulnerability (bsc#1051510).\n- alsa: pcm: Fix starvation on down_write_nonblock() (bsc#1051510).\n- alsa: rme9652: Fix potential Spectre v1 vulnerability (bsc#1051510).\n- alsa: trident: Suppress gcc string warning (bsc#1051510).\n- alsa: usb-audio: Add SMSL D1 to quirks for native DSD support (bsc#1051510).\n- alsa: usb-audio: Add support for Encore mDSD USB DAC (bsc#1051510).\n- alsa: usb-audio: Avoid access before bLength check in build_audio_procunit() (bsc#1051510).\n- alsa: usb-audio: Fix an out-of-bound read in create_composite_quirks (bsc#1051510).\n- alsa: x86: Fix runtime PM for hdmi-lpe-audio (bsc#1051510).\n- apparmor: do not try to replace stale label in ptrace access check (git-fixes).\n- apparmor: do not try to replace stale label in ptraceme check (git-fixes).\n- apparmor: Fix uninitialized value in aa_split_fqname (git-fixes).\n- arm64: Add work around for Arm Cortex-A55 Erratum 1024718 (bsc#1120612).\n- arm64: atomics: Remove \u0027\u0026\u0027 from \u0027+\u0026\u0027 asm constraint in lse atomics (bsc#1120613).\n- arm64: cpu_errata: include required headers (bsc#1120615).\n- arm64: dma-mapping: Fix FORCE_CONTIGUOUS buffer clearing (bsc#1120633).\n- arm64: Fix /proc/iomem for reserved but not memory regions (bsc#1120632).\n- arm64: lse: Add early clobbers to some input/output asm operands (bsc#1120614).\n- arm64: lse: remove -fcall-used-x0 flag (bsc#1120618).\n- arm64: mm: always enable CONFIG_HOLES_IN_ZONE (bsc#1120617).\n- arm64/numa: Report correct memblock range for the dummy node (bsc#1120620).\n- arm64/numa: Unify common error path in numa_init() (bsc#1120621).\n- arm64: remove no-op -p linker flag (bsc#1120616).\n- ASoC: dapm: Recalculate audio map forcely when card instantiated (bsc#1051510).\n- ASoC: intel: cht_bsw_max98090_ti: Add pmc_plt_clk_0 quirk for Chromebook Clapper (bsc#1051510).\n- ASoC: intel: cht_bsw_max98090_ti: Add pmc_plt_clk_0 quirk for Chromebook Gnawty (bsc#1051510).\n- ASoC: intel: mrfld: fix uninitialized variable access (bsc#1051510).\n- ASoC: omap-abe-twl6040: Fix missing audio card caused by deferred probing (bsc#1051510).\n- ASoC: omap-dmic: Add pm_qos handling to avoid overruns with CPU_IDLE (bsc#1051510).\n- ASoC: omap-mcbsp: Fix latency value calculation for pm_qos (bsc#1051510).\n- ASoC: omap-mcpdm: Add pm_qos handling to avoid under/overruns with CPU_IDLE (bsc#1051510).\n- ASoC: rsnd: fixup clock start checker (bsc#1051510).\n- ASoC: wm_adsp: Fix dma-unsafe read of scratch registers (bsc#1051510).\n- ath10k: do not assume this is a PCI dev in generic code (bsc#1051510).\n- ath6kl: Only use match sets when firmware supports it (bsc#1051510).\n- b43: Fix error in cordic routine (bsc#1051510).\n- bcache: fix miss key refill-\u003eend in writeback (Git-fixes).\n- bcache: trace missed reading by cache_missed (Git-fixes).\n- blk-mq: remove synchronize_rcu() from blk_mq_del_queue_tag_set() (Git-fixes).\n- block: allow max_discard_segments to be stacked (Git-fixes).\n- block: blk_init_allocated_queue() set q-\u003efq as NULL in the fail case (Git-fixes).\n- block: really disable runtime-pm for blk-mq (Git-fixes).\n- block: reset bi_iter.bi_done after splitting bio (Git-fixes).\n- block/swim: Fix array bounds check (Git-fixes).\n- bnxt_en: do not try to offload VLAN \u0027modify\u0027 action (bsc#1050242 ).\n- bnxt_en: Fix enables field in HWRM_QUEUE_COS2BW_CFG request (bsc#1086282).\n- bnxt_en: Fix VNIC reservations on the PF (bsc#1086282 ).\n- bnxt_en: get the reduced max_irqs by the ones used by RDMA (bsc#1050242).\n- bpf: fix check of allowed specifiers in bpf_trace_printk (bsc#1083647).\n- bpf: use per htab salt for bucket hash (git-fixes).\n- btrfs: Always try all copies when reading extent buffers (git-fixes).\n- btrfs: delete dead code in btrfs_orphan_add() (bsc#1111469).\n- btrfs: delete dead code in btrfs_orphan_commit_root() (bsc#1111469).\n- btrfs: do not BUG_ON() in btrfs_truncate_inode_items() (bsc#1111469).\n- btrfs: do not check inode\u0027s runtime flags under root-\u003eorphan_lock (bsc#1111469).\n- btrfs: do not return ino to ino cache if inode item removal fails (bsc#1111469).\n- btrfs: fix ENOSPC caused by orphan items reservations (bsc#1111469).\n- btrfs: Fix error handling in btrfs_cleanup_ordered_extents (git-fixes).\n- btrfs: fix error handling in btrfs_truncate() (bsc#1111469).\n- btrfs: fix error handling in btrfs_truncate_inode_items() (bsc#1111469).\n- btrfs: fix fsync of files with multiple hard links in new directories (1120173).\n- btrfs: Fix memory barriers usage with device stats counters (git-fixes).\n- btrfs: fix use-after-free on root-\u003eorphan_block_rsv (bsc#1111469).\n- btrfs: get rid of BTRFS_INODE_HAS_ORPHAN_ITEM (bsc#1111469).\n- btrfs: get rid of unused orphan infrastructure (bsc#1111469).\n- btrfs: move btrfs_truncate_block out of trans handle (bsc#1111469).\n- btrfs: qgroup: Dirty all qgroups before rescan (bsc#1120036).\n- btrfs: refactor btrfs_evict_inode() reserve refill dance (bsc#1111469).\n- btrfs: renumber BTRFS_INODE_ runtime flags and switch to enums (bsc#1111469).\n- btrfs: reserve space for O_TMPFILE orphan item deletion (bsc#1111469).\n- btrfs: run delayed items before dropping the snapshot (bsc#1121263, bsc#1111188).\n- btrfs: stop creating orphan items for truncate (bsc#1111469).\n- btrfs: tree-checker: Do not check max block group size as current max chunk size limit is unreliable (fixes for bsc#1102882, bsc#1102896, bsc#1102879, bsc#1102877, bsc#1102875).\n- btrfs: update stale comments referencing vmtruncate() (bsc#1111469).\n- can: flexcan: flexcan_irq(): fix indention (bsc#1051510).\n- cdrom: do not attempt to fiddle with cdo-\u003ecapability (bsc#1051510).\n- ceph: do not update importing cap\u0027s mseq when handing cap export (bsc#1121273).\n- char_dev: extend dynamic allocation of majors into a higher range (bsc#1121058).\n- char_dev: Fix off-by-one bugs in find_dynamic_major() (bsc#1121058).\n- clk: mmp: Off by one in mmp_clk_add() (bsc#1051510).\n- clk: mvebu: Off by one bugs in cp110_of_clk_get() (bsc#1051510).\n- compiler-gcc.h: Add __attribute__((gnu_inline)) to all inline declarations (git-fixes).\n- config: arm64: enable erratum 1024718\n- cpufeature: avoid warning when compiling with clang (Git-fixes).\n- cpufreq / CPPC: Add cpuinfo_cur_freq support for CPPC (bsc#1117115).\n- cpufreq: CPPC: fix build in absence of v3 support (bsc#1117115).\n- cpupower: remove stringop-truncation waring (git-fixes).\n- crypto: bcm - fix normal/non key hash algorithm failure (bsc#1051510).\n- crypto: ccp - Add DOWNLOAD_FIRMWARE SEV command ().\n- crypto: ccp - Add GET_ID SEV command ().\n- crypto: ccp - Add psp enabled message when initialization succeeds ().\n- crypto: ccp - Add support for new CCP/PSP device ID ().\n- crypto: ccp - Allow SEV firmware to be chosen based on Family and Model ().\n- crypto: ccp - Fix static checker warning ().\n- crypto: ccp - Remove unused #defines ().\n- crypto: ccp - Support register differences between PSP devices ().\n- dasd: fix deadlock in dasd_times_out (bsc#1121477, LTC#174111).\n- dax: Check page-\u003emapping isn\u0027t NULL (bsc#1120054).\n- dax: Do not access a freed inode (bsc#1120055).\n- device property: Define type of PROPERTY_ENRTY_*() macros (bsc#1051510).\n- device property: fix fwnode_graph_get_next_endpoint() documentation (bsc#1051510).\n- disable stringop truncation warnings for now (git-fixes).\n- dm: allocate struct mapped_device with kvzalloc (Git-fixes).\n- dm cache: destroy migration_cache if cache target registration failed (Git-fixes).\n- dm cache: fix resize crash if user does not reload cache table (Git-fixes).\n- dm cache metadata: ignore hints array being too small during resize (Git-fixes).\n- dm cache metadata: save in-core policy_hint_size to on-disk superblock (Git-fixes).\n- dm cache metadata: set dirty on all cache blocks after a crash (Git-fixes).\n- dm cache: only allow a single io_mode cache feature to be requested (Git-fixes).\n- dm crypt: do not decrease device limits (Git-fixes).\n- dm: fix report zone remapping to account for partition offset (Git-fixes).\n- dm integrity: change \u0027suspending\u0027 variable from bool to int (Git-fixes).\n- dm ioctl: harden copy_params()\u0027s copy_from_user() from malicious users (Git-fixes).\n- dm linear: eliminate linear_end_io call if CONFIG_DM_ZONED disabled (Git-fixes).\n- dm linear: fix linear_end_io conditional definition (Git-fixes).\n- dm thin: handle running out of data space vs concurrent discard (Git-fixes).\n- dm thin metadata: remove needless work from __commit_transaction (Git-fixes).\n- dm thin: stop no_space_timeout worker when switching to write-mode (Git-fixes).\n- dm writecache: fix a crash due to reading past end of dirty_bitmap (Git-fixes).\n- dm writecache: report start_sector in status line (Git-fixes).\n- dm zoned: fix metadata block ref counting (Git-fixes).\n- dm zoned: fix various dmz_get_mblock() issues (Git-fixes).\n- doc/README.SUSE: correct GIT url No more gitorious, github we use.\n- drivers/net/usb: add device id for TP-LINK UE300 USB 3.0 Ethernet (bsc#1119749).\n- drivers/net/usb/r8152: remove the unneeded variable \u0027ret\u0027 in rtl8152_system_suspend (bsc#1119749).\n- drm/amdgpu/gmc8: update MC firmware for polaris (bsc#1113722)\n- drm/amdgpu: update mc firmware image for polaris12 variants (bsc#1113722)\n- drm/amdgpu: update SMC firmware image for polaris10 variants (bsc#1113722)\n- drm/i915/execlists: Apply a full mb before execution for Braswell (bsc#1113722)\n- drm/ioctl: Fix Spectre v1 vulnerabilities (bsc#1113722)\n- drm/nouveau/kms: Fix memory leak in nv50_mstm_del() (bsc#1113722)\n- drm: rcar-du: Fix external clock error checks (bsc#1113722)\n- drm: rcar-du: Fix vblank initialization (bsc#1113722)\n- drm/rockchip: psr: do not dereference encoder before it is null (bsc#1113722)\n- drm: set is_master to 0 upon drm_new_set_master() failure (bsc#1113722)\n- drm/vc4: Set -\u003eis_yuv to false when num_planes == 1 (bsc#1113722)\n- drm/vc4: -\u003ex_scaling[1] should never be set to VC4_SCALING_NONE (bsc#1113722)\n- dt-bindings: add compatible string for Allwinner V3s SoC (git-fixes).\n- dt-bindings: arm: Document SoC compatible value for Armadillo-800 EVA (git-fixes).\n- dt-bindings: clock: add rk3399 DDR3 standard speed bins (git-fixes).\n- dt-bindings: clock: mediatek: add binding for fixed-factor clock axisel_d4 (git-fixes).\n- dt-bindings: mfd: axp20x: Add AXP806 to supported list of chips (git-fixes).\n- dt-bindings: net: Remove duplicate NSP Ethernet MAC binding document (git-fixes).\n- dt-bindings: panel: lvds: Fix path to display timing bindings (git-fixes).\n- dt-bindings: phy: sun4i-usb-phy: Add property descriptions for H3 (git-fixes).\n- dt-bindings: pwm: renesas: tpu: Fix \u0027compatible\u0027 prop description (git-fixes).\n- dt-bindings: rcar-dmac: Document missing error interrupt (git-fixes).\n- edac, {i7core,sb,skx}_edac: Fix uncorrected error counting (bsc#1114279).\n- edac, skx_edac: Fix logical channel intermediate decoding (bsc#1114279).\n- efi: Move some sysfs files to be read-only by root (bsc#1051510).\n- ethernet: fman: fix wrong of_node_put() in probe function (bsc#1119017).\n- exportfs: fix \u0027passing zero to ERR_PTR()\u0027 warning (bsc#1118773).\n- ext2: fix potential use after free (bsc#1118775).\n- ext4: avoid possible double brelse() in add_new_gdb() on error path (bsc#1118760).\n- ext4: fix EXT4_IOC_GROUP_ADD ioctl (bsc#1120604).\n- ext4: fix possible use after free in ext4_quota_enable (bsc#1120602).\n- ext4: missing unlock/put_page() in ext4_try_to_write_inline_data() (bsc#1120603).\n- extable: Consolidate *kernel_text_address() functions (bsc#1120092).\n- extable: Enable RCU if it is not watching in kernel_text_address() (bsc#1120092).\n- fbdev: fbcon: Fix unregister crash when more than one framebuffer (bsc#1113722)\n- fbdev: fbmem: behave better with small rotated displays and many CPUs (bsc#1113722)\n- firmware: add firmware_request_nowarn() - load firmware without warnings ().\n- Fix the breakage of KMP build on x86_64 (bsc#1121017)\n- fscache: Fix race in fscache_op_complete() due to split atomic_sub \u0026 read (Git-fixes).\n- fscache: Pass the correct cancelled indications to fscache_op_complete() (Git-fixes).\n- fs: fix lost error code in dio_complete (bsc#1118762).\n- fs/xfs: Use %pS printk format for direct addresses (git-fixes).\n- fuse: fix blocked_waitq wakeup (git-fixes).\n- fuse: fix leaked notify reply (git-fixes).\n- fuse: fix possibly missed wake-up after abort (git-fixes).\n- fuse: Fix use-after-free in fuse_dev_do_read() (git-fixes).\n- fuse: Fix use-after-free in fuse_dev_do_write() (git-fixes).\n- fuse: fix use-after-free in fuse_direct_IO() (git-fixes).\n- fuse: set FR_SENT while locked (git-fixes).\n- gcc-plugins: Add include required by GCC release 8 (git-fixes).\n- gcc-plugins: Use dynamic initializers (git-fixes).\n- gfs2: Do not leave s_fs_info pointing to freed memory in init_sbd (bsc#1118769).\n- gfs2: Fix loop in gfs2_rbm_find (bsc#1120601).\n- gfs2: Get rid of potential double-freeing in gfs2_create_inode (bsc#1120600).\n- gfs2_meta: -\u003emount() can get NULL dev_name (bsc#1118768).\n- gfs2: Put bitmap buffers in put_super (bsc#1118772).\n- git_sort.py: Remove non-existent remote tj/libata\n- gpio: davinci: Remove unused member of davinci_gpio_controller (git-fixes).\n- gpiolib-acpi: Only defer request_irq for GpioInt ACPI event handlers (bsc#1051510).\n- gpiolib: Fix return value of gpio_to_desc() stub if !GPIOLIB (bsc#1051510).\n- gpio: max7301: fix driver for use with CONFIG_VMAP_STACK (bsc#1051510).\n- gpio: mvebu: only fail on missing clk if pwm is actually to be used (bsc#1051510).\n- HID: Add quirk for Primax PIXART OEM mice (bsc#1119410).\n- HID: input: Ignore battery reported by Symbol DS4308 (bsc#1051510).\n- HID: multitouch: Add pointstick support for Cirque Touchpad (bsc#1051510).\n- hwpoison, memory_hotplug: allow hwpoisoned pages to be offlined (bnc#1116336).\n- i2c: axxia: properly handle master timeout (bsc#1051510).\n- i2c: scmi: Fix probe error on devices with an empty SMB0001 ACPI device node (bsc#1051510).\n- ib/hfi1: Add mtu check for operational data VLs (bsc#1060463 ).\n- ibmvnic: Convert reset work item mutex to spin lock ().\n- ibmvnic: Fix non-atomic memory allocation in IRQ context ().\n- ib/rxe: support for 802.1q VLAN on the listener (bsc#1082387).\n- ieee802154: 6lowpan: set IFLA_LINK (bsc#1051510).\n- ieee802154: at86rf230: switch from BUG_ON() to WARN_ON() on problem (bsc#1051510).\n- ieee802154: at86rf230: use __func__ macro for debug messages (bsc#1051510).\n- ieee802154: fakelb: switch from BUG_ON() to WARN_ON() on problem (bsc#1051510).\n- Include modules.fips in kernel-binary as well as kernel-binary-base ().\n- initramfs: fix initramfs rebuilds w/ compression after disabling (git-fixes).\n- input: add official Raspberry Pi\u0027s touchscreen driver ().\n- input: cros_ec_keyb - fix button/switch capability reports (bsc#1051510).\n- input: elan_i2c - add ACPI ID for Lenovo IdeaPad 330-15ARR (bsc#1051510).\n- input: elan_i2c - add ELAN0620 to the ACPI table (bsc#1051510).\n- input: elan_i2c - add support for ELAN0621 touchpad (bsc#1051510).\n- input: hyper-v - fix wakeup from suspend-to-idle (bsc#1051510).\n- input: matrix_keypad - check for errors from of_get_named_gpio() (bsc#1051510).\n- input: nomadik-ske-keypad - fix a loop timeout test (bsc#1051510).\n- input: omap-keypad - fix keyboard debounce configuration (bsc#1051510).\n- input: synaptics - add PNP ID for ThinkPad P50 to SMBus (bsc#1051510).\n- input: synaptics - enable SMBus for HP 15-ay000 (bsc#1051510).\n- input: xpad - quirk all PDP Xbox One gamepads (bsc#1051510).\n- integrity/security: fix digsig.c build error with header file (bsc#1051510).\n- intel_th: msu: Fix an off-by-one in attribute store (bsc#1051510).\n- iommu/amd: Fix amd_iommu=force_isolation (bsc#1106105).\n- iommu/vt-d: Handle domain agaw being less than iommu agaw (bsc#1106105).\n- iwlwifi: add new cards for 9560, 9462, 9461 and killer series (bsc#1051510).\n- iwlwifi: fix LED command capability bit (bsc#1119086).\n- iwlwifi: nvm: get num of hw addresses from firmware (bsc#1119086).\n- iwlwifi: pcie: do not reset TXQ write pointer (bsc#1051510).\n- jffs2: free jffs2_sb_info through jffs2_kill_sb() (bsc#1118767).\n- jump_label: Split out code under the hotplug lock (bsc#1106913).\n- kabi: hwpoison, memory_hotplug: allow hwpoisoned pages to be offlined (bnc#1116336).\n- kabi protect hnae_ae_ops (bsc#1104353).\n- kbuild: allow to use GCC toolchain not in Clang search path (git-fixes).\n- kbuild: fix linker feature test macros when cross compiling with Clang (git-fixes).\n- kbuild: make missing $DEPMOD a Warning instead of an Error (git-fixes).\n- kbuild: rpm-pkg: keep spec file until make mrproper (git-fixes).\n- kbuild: suppress packed-not-aligned warning for default setting only (git-fixes).\n- kbuild: verify that $DEPMOD is installed (git-fixes).\n- kernfs: Replace strncpy with memcpy (bsc#1120053).\n- keys: Fix the use of the C++ keyword \u0027private\u0027 in uapi/linux/keyctl.h (Git-fixes).\n- kobject: Replace strncpy with memcpy (git-fixes).\n- kprobes: Make list and blacklist root user read only (git-fixes).\n- kvm: PPC: Book3S PR: Enable use on POWER9 inside HPT-mode guests (bsc#1118484).\n- kvm: svm: Ensure an IBPB on all affected CPUs when freeing a vmcb (bsc#1114279).\n- libata: whitelist all SAMSUNG MZ7KM* solid-state disks (bsc#1051510).\n- libceph: fall back to sendmsg for slab pages (bsc#1118316).\n- libnvdimm, pfn: Pad pfn namespaces relative to other regions (bsc#1118962).\n- lib/raid6: Fix arm64 test build (bsc#1051510).\n- lib/ubsan.c: do not mark __ubsan_handle_builtin_unreachable as noreturn (bsc#1051510).\n- Limit max FW API version for QCA9377 (bsc#1121714, bsc#1121715).\n- linux/bitmap.h: fix type of nbits in bitmap_shift_right() (bsc#1051510).\n- locking/barriers: Convert users of lockless_dereference() to READ_ONCE() (Git-fixes).\n- locking/static_keys: Improve uninitialized key warning (bsc#1106913).\n- mac80211: Clear beacon_int in ieee80211_do_stop (bsc#1051510).\n- mac80211: fix reordering of buffered broadcast packets (bsc#1051510).\n- mac80211_hwsim: fix module init error paths for netlink (bsc#1051510).\n- mac80211_hwsim: Timer should be initialized before device registered (bsc#1051510).\n- mac80211: ignore NullFunc frames in the duplicate detection (bsc#1051510).\n- mac80211: ignore tx status for PS stations in ieee80211_tx_status_ext (bsc#1051510).\n- Mark HI and TASKLET softirq synchronous (git-fixes).\n- media: em28xx: Fix use-after-free when disconnecting (bsc#1051510).\n- media: em28xx: make v4l2-compliance happier by starting sequence on zero (bsc#1051510).\n- media: omap3isp: Unregister media device as first (bsc#1051510).\n- mmc: bcm2835: reset host on timeout (bsc#1051510).\n- mmc: core: Allow BKOPS and CACHE ctrl even if no HPI support (bsc#1051510).\n- mmc: core: Reset HPI enabled state during re-init and in case of errors (bsc#1051510).\n- mmc: core: Use a minimum 1600ms timeout when enabling CACHE ctrl (bsc#1051510).\n- mmc: dw_mmc-bluefield: Add driver extension (bsc#1118752).\n- mmc: dw_mmc-k3: add sd support for hi3660 (bsc#1118752).\n- MMC: OMAP: fix broken MMC on OMAP15XX/OMAP5910/OMAP310 (bsc#1051510).\n- mmc: omap_hsmmc: fix DMA API warning (bsc#1051510).\n- mmc: sdhci: fix the timeout check window for clock and reset (bsc#1051510).\n- mm: do not miss the last page because of round-off error (bnc#1118798).\n- mm: do not warn about large allocations for slab (git fixes (slab)).\n- mm/huge_memory.c: reorder operations in __split_huge_page_tail() (VM Functionality bsc#1119962).\n- mm: hugetlb: yield when prepping struct pages (git fixes (memory initialisation)).\n- mm: lower the printk loglevel for __dump_page messages (generic hotplug debugability).\n- mm, memory_hotplug: be more verbose for memory offline failures (generic hotplug debugability).\n- mm, memory_hotplug: drop pointless block alignment checks from __offline_pages (generic hotplug debugability).\n- mm, memory_hotplug: print reason for the offlining failure (generic hotplug debugability).\n- mm: migration: fix migration of huge PMD shared pages (bnc#1086423).\n- mm: only report isolation failures when offlining memory (generic hotplug debugability).\n- mm: print more information about mapping in __dump_page (generic hotplug debugability).\n- mm: put_and_wait_on_page_locked() while page is migrated (bnc#1109272).\n- mm: sections are not offlined during memory hotremove (bnc#1119968).\n- mm: shmem.c: Correctly annotate new inodes for lockdep (Git fixes: shmem).\n- mm/vmstat.c: fix NUMA statistics updates (git fixes).\n- Move dell_rbu fix to sorted section (bsc#1087978).\n- mtd: cfi: convert inline functions to macros (git-fixes).\n- mtd: Fix comparison in map_word_andequal() (git-fixes).\n- namei: allow restricted O_CREAT of FIFOs and regular files (bsc#1118766).\n- nbd: do not allow invalid blocksize settings (Git-fixes).\n- net: bgmac: Fix endian access in bgmac_dma_tx_ring_free() (bsc#1051510).\n- net: dsa: mv88e6xxx: Fix binding documentation for MDIO busses (git-fixes).\n- net: dsa: qca8k: Add QCA8334 binding documentation (git-fixes).\n- net: ena: fix crash during ena_remove() (bsc#1111696 bsc#1117561).\n- net: ena: update driver version from 2.0.1 to 2.0.2 (bsc#1111696 bsc#1117561).\n- net: hns3: Add nic state check before calling netif_tx_wake_queue (bsc#1104353).\n- net: hns3: Add support for hns3_nic_netdev_ops.ndo_do_ioctl (bsc#1104353).\n- net: hns3: bugfix for buffer not free problem during resetting (bsc#1104353).\n- net: hns3: bugfix for handling mailbox while the command queue reinitialized (bsc#1104353).\n- net: hns3: bugfix for hclge_mdio_write and hclge_mdio_read (bsc#1104353).\n- net: hns3: bugfix for is_valid_csq_clean_head() (bsc#1104353 ).\n- net: hns3: bugfix for reporting unknown vector0 interrupt repeatly problem (bsc#1104353).\n- net: hns3: bugfix for rtnl_lock\u0027s range in the hclgevf_reset() (bsc#1104353).\n- net: hns3: bugfix for the initialization of command queue\u0027s spin lock (bsc#1104353).\n- net: hns3: Check hdev state when getting link status (bsc#1104353).\n- net: hns3: Clear client pointer when initialize client failed or unintialize finished (bsc#1104353).\n- net: hns3: Fix cmdq registers initialization issue for vf (bsc#1104353).\n- net: hns3: Fix error of checking used vlan id (bsc#1104353 ).\n- net: hns3: Fix ets validate issue (bsc#1104353).\n- net: hns3: Fix for netdev not up problem when setting mtu (bsc#1104353).\n- net: hns3: Fix for out-of-bounds access when setting pfc back pressure (bsc#1104353).\n- net: hns3: Fix for packet buffer setting bug (bsc#1104353 ).\n- net: hns3: Fix for rx vlan id handle to support Rev 0x21 hardware (bsc#1104353).\n- net: hns3: Fix for setting speed for phy failed problem (bsc#1104353).\n- net: hns3: Fix for vf vlan delete failed problem (bsc#1104353 ).\n- net: hns3: Fix loss of coal configuration while doing reset (bsc#1104353).\n- net: hns3: Fix parameter type for q_id in hclge_tm_q_to_qs_map_cfg() (bsc#1104353).\n- net: hns3: Fix ping exited problem when doing lp selftest (bsc#1104353).\n- net: hns3: Preserve vlan 0 in hardware table (bsc#1104353 ).\n- net: hns3: remove unnecessary queue reset in the hns3_uninit_all_ring() (bsc#1104353).\n- net: hns3: Set STATE_DOWN bit of hdev state when stopping net (bsc#1104353).\n- net/mlx4_core: Correctly set PFC param if global pause is turned off (bsc#1046299).\n- net: usb: r8152: constify usb_device_id (bsc#1119749).\n- net: usb: r8152: use irqsave() in USB\u0027s complete callback (bsc#1119749).\n- nospec: Allow index argument to have const-qualified type (git-fixes)\n- nospec: Kill array_index_nospec_mask_check() (git-fixes).\n- nvme-fc: resolve io failures during connect (bsc#1116803).\n- nvme-multipath: zero out ANA log buffer (bsc#1105168).\n- nvme: validate controller state before rescheduling keep alive (bsc#1103257).\n- objtool: Detect RIP-relative switch table references (bsc#1058115).\n- objtool: Detect RIP-relative switch table references, part 2 (bsc#1058115).\n- objtool: Fix another switch table detection issue (bsc#1058115).\n- objtool: Fix double-free in .cold detection error path (bsc#1058115).\n- objtool: Fix GCC 8 cold subfunction detection for aliased functions (bsc#1058115).\n- objtool: Fix \u0027noreturn\u0027 detection for recursive sibling calls (bsc#1058115).\n- objtool: Fix segfault in .cold detection with -ffunction-sections (bsc#1058115).\n- objtool: Support GCC 8\u0027s cold subfunctions (bsc#1058115).\n- objtool: Support GCC 8 switch tables (bsc#1058115).\n- panic: avoid deadlocks in re-entrant console drivers (bsc#1088386).\n- PCI: Add ACS quirk for Ampere root ports (bsc#1120058).\n- PCI: Add ACS quirk for APM X-Gene devices (bsc#1120058).\n- PCI: Convert device-specific ACS quirks from NULL termination to ARRAY_SIZE (bsc#1120058).\n- PCI: Delay after FLR of Intel DC P3700 NVMe (bsc#1120058).\n- PCI: Disable Samsung SM961/PM961 NVMe before FLR (bsc#1120058).\n- PCI: Export pcie_has_flr() (bsc#1120058).\n- PCI: iproc: Activate PAXC bridge quirk for more devices (bsc#1120058).\n- PCI: Mark Ceton InfiniTV4 INTx masking as broken (bsc#1120058).\n- PCI: Mark fall-through switch cases before enabling -Wimplicit-fallthrough (bsc#1120058).\n- PCI: Mark Intel XXV710 NIC INTx masking as broken (bsc#1120058).\n- perf tools: Fix tracing_path_mount proper path (git-fixes).\n- platform-msi: Free descriptors in platform_msi_domain_free() (bsc#1051510).\n- powerpc/64s: consolidate MCE counter increment (bsc#1094244).\n- powerpc/64s/radix: Fix process table entry cache invalidation (bsc#1055186, git-fixes).\n- powerpc/boot: Expose Kconfig symbols to wrapper (bsc#1065729).\n- powerpc/boot: Fix build failures with -j 1 (bsc#1065729).\n- powerpc/pkeys: Fix handling of pkey state across fork() (bsc#1078248, git-fixes).\n- powerpc/powernv: Fix save/restore of SPRG3 on entry/exit from stop (idle) (bsc#1055121).\n- powerpc/pseries: Track LMB nid instead of using device tree (bsc#1108270).\n- powerpc/traps: restore recoverability of machine_check interrupts (bsc#1094244).\n- power: supply: olpc_battery: correct the temperature units (bsc#1051510).\n- ptrace: Remove unused ptrace_may_access_sched() and MODE_IBRS (bsc#1106913).\n- qed: Add driver support for 20G link speed (bsc#1110558).\n- qed: Add support for virtual link (bsc#1111795).\n- qede: Add driver support for 20G link speed (bsc#1110558).\n- r8152: add byte_enable for ocp_read_word function (bsc#1119749).\n- r8152: add Linksys USB3GIGV1 id (bsc#1119749).\n- r8152: add r8153_phy_status function (bsc#1119749).\n- r8152: adjust lpm settings for RTL8153 (bsc#1119749).\n- r8152: adjust rtl8153_runtime_enable function (bsc#1119749).\n- r8152: adjust the settings about MAC clock speed down for RTL8153 (bsc#1119749).\n- r8152: adjust U2P3 for RTL8153 (bsc#1119749).\n- r8152: avoid rx queue more than 1000 packets (bsc#1119749).\n- r8152: check if disabling ALDPS is finished (bsc#1119749).\n- r8152: correct the definition (bsc#1119749).\n- r8152: disable RX aggregation on Dell TB16 dock (bsc#1119749).\n- r8152: disable RX aggregation on new Dell TB16 dock (bsc#1119749).\n- r8152: fix wrong checksum status for received IPv4 packets (bsc#1119749).\n- r8152: move calling delay_autosuspend function (bsc#1119749).\n- r8152: move the default coalesce setting for RTL8153 (bsc#1119749).\n- r8152: move the initialization to reset_resume function (bsc#1119749).\n- r8152: move the setting of rx aggregation (bsc#1119749).\n- r8152: replace napi_complete with napi_complete_done (bsc#1119749).\n- r8152: set rx mode early when linking on (bsc#1119749).\n- r8152: split rtl8152_resume function (bsc#1119749).\n- r8152: support new chip 8050 (bsc#1119749).\n- r8152: support RTL8153B (bsc#1119749).\n- rbd: whitelist RBD_FEATURE_OPERATIONS feature bit (Git-fixes).\n- rcu: Allow for page faults in NMI handlers (bsc#1120092).\n- rdma/bnxt_re: Add missing spin lock initialization (bsc#1050244 ).\n- rdma/bnxt_re: Avoid accessing the device structure after it is freed (bsc#1050244).\n- rdma/bnxt_re: Avoid NULL check after accessing the pointer (bsc#1086283).\n- rdma/bnxt_re: Fix system hang when registration with L2 driver fails (bsc#1086283).\n- rdma/hns: Bugfix pbl configuration for rereg mr (bsc#1104427 ).\n- rdma_rxe: make rxe work over 802.1q VLAN devices (bsc#1082387).\n- reset: remove remaining WARN_ON() in \u003clinux/reset.h\u003e (Git-fixes).\n- Revert commit ef9209b642f \u0027staging: rtl8723bs: Fix indenting errors and an off-by-one mistake in core/rtw_mlme_ext.c\u0027 (bsc#1051510).\n- Revert \u0027iommu/io-pgtable-arm: Check for v7s-incapable systems\u0027 (bsc#1106105).\n- Revert \u0027PCI/ASPM: Do not initialize link state when aspm_disabled is set\u0027 (bsc#1051510).\n- Revert \u0027scsi: lpfc: ls_rjt erroneus FLOGIs\u0027 (bsc#1119322).\n- ring-buffer: Allow for rescheduling when removing pages (bsc#1120238).\n- ring-buffer: Do no reuse reader page if still in use (bsc#1120096).\n- ring-buffer: Mask out the info bits when returning buffer page length (bsc#1120094).\n- rtc: hctosys: Add missing range error reporting (bsc#1051510).\n- rtc: m41t80: Correct alarm month range with RTC reads (bsc#1051510).\n- rtc: pcf2127: fix a kmemleak caused in pcf2127_i2c_gather_write (bsc#1051510).\n- rtc: snvs: Add timeouts to avoid kernel lockups (bsc#1051510).\n- rtl8xxxu: Fix missing break in switch (bsc#1051510).\n- s390/dasd: simplify locking in dasd_times_out (bsc#1104967,).\n- s390/kdump: Fix elfcorehdr size calculation (bsc#1117953, LTC#171112).\n- s390/kdump: Make elfcorehdr size calculation ABI compliant (bsc#1117953, LTC#171112).\n- s390/qeth: fix length check in SNMP processing (bsc#1117953, LTC#173657).\n- s390/qeth: remove outdated portname debug msg (bsc#1117953, LTC#172960).\n- s390/qeth: sanitize strings in debug messages (bsc#1117953, LTC#172960).\n- sbitmap: fix race in wait batch accounting (Git-fixes).\n- sched/core: Fix cpu.max vs. cpuhotplug deadlock (bsc#1106913).\n- sched/fair: Fix infinite loop in update_blocked_averages() by reverting a9e7f6544b9c (Git fixes (scheduler)).\n- sched/smt: Expose sched_smt_present static key (bsc#1106913).\n- sched/smt: Make sched_smt_present track topology (bsc#1106913).\n- sched, tracing: Fix trace_sched_pi_setprio() for deboosting (bsc#1120228).\n- scripts/git-pre-commit: make executable.\n- scripts/git_sort/git_sort.py: change SCSI git repos to make series sorting more failsafe.\n- scsi: lpfc: Cap NPIV vports to 256 (bsc#1118215).\n- scsi: lpfc: Correct code setting non existent bits in sli4 ABORT WQE (bsc#1118215).\n- scsi: lpfc: Correct topology type reporting on G7 adapters (bsc#1118215).\n- scsi: lpfc: Defer LS_ACC to FLOGI on point to point logins (bsc#1118215).\n- scsi: lpfc: Enable Management features for IF_TYPE=6 (bsc#1119322).\n- scsi: lpfc: Fix a duplicate 0711 log message number (bsc#1118215).\n- scsi: lpfc: fix block guard enablement on SLI3 adapters (bsc#1079935).\n- scsi: lpfc: Fix dif and first burst use in write commands (bsc#1118215).\n- scsi: lpfc: Fix discovery failures during port failovers with lots of vports (bsc#1118215).\n- scsi: lpfc: Fix driver release of fw-logging buffers (bsc#1118215).\n- scsi: lpfc: Fix kernel Oops due to null pring pointers (bsc#1118215).\n- scsi: lpfc: Fix panic when FW-log buffsize is not initialized (bsc#1118215).\n- scsi: lpfc: ls_rjt erroneus FLOGIs (bsc#1118215).\n- scsi: lpfc: refactor mailbox structure context fields (bsc#1118215).\n- scsi: lpfc: rport port swap discovery issue (bsc#1118215).\n- scsi: lpfc: update driver version to 12.0.0.9 (bsc#1118215).\n- scsi: lpfc: update manufacturer attribute to reflect Broadcom (bsc#1118215).\n- scsi: target: add emulate_pr backstore attr to toggle PR support (bsc#1091405).\n- scsi: target: drop unused pi_prot_format attribute storage (bsc#1091405).\n- scsi: zfcp: fix posting too many status read buffers leading to adapter shutdown (bsc#1121483, LTC#174588).\n- skd: Avoid that module unloading triggers a use-after-free (Git-fixes).\n- skd: Submit requests to firmware before triggering the doorbell (Git-fixes).\n- soc: bcm2835: sync firmware properties with downstream ()\n- spi: bcm2835: Avoid finishing transfer prematurely in IRQ mode (bsc#1051510).\n- spi: bcm2835: Fix book-keeping of DMA termination (bsc#1051510).\n- spi: bcm2835: Fix race on DMA termination (bsc#1051510).\n- spi: bcm2835: Unbreak the build of esoteric configs (bsc#1051510).\n- splice: do not read more than available pipe space (bsc#1119212).\n- staging: bcm2835-camera: Abort probe if there is no camera (bsc#1051510).\n- staging: rtl8712: Fix possible buffer overrun (bsc#1051510).\n- staging: rtl8723bs: Add missing return for cfg80211_rtw_get_station (bsc#1051510).\n- staging: rts5208: fix gcc-8 logic error warning (bsc#1051510).\n- staging: wilc1000: fix missing read_write setting when reading data (bsc#1051510).\n- Stop building F2FS (boo#1109665) As per the information in the bugzilla issue f2fs is no longer supported on opensuse distributions.\n- supported.conf: add raspberrypi-ts driver\n- supported.conf: whitelist bluefield eMMC driver\n- target/iscsi: avoid NULL dereference in CHAP auth error path (bsc#1117165).\n- target: se_dev_attrib.emulate_pr ABI stability (bsc#1091405).\n- team: no need to do team_notify_peers or team_mcast_rejoin when disabling port (bsc#1051510).\n- termios, tty/tty_baudrate.c: fix buffer overrun (bsc#1051510).\n- test_hexdump: use memcpy instead of strncpy (bsc#1051510).\n- tmpfs: make lseek(SEEK_DATA/SEK_HOLE) return ENXIO with a negative offset (bsc#1051510).\n- tools: hv: fcopy: set \u0027error\u0027 in case an unknown operation was requested (git-fixes).\n- tools: hv: include string.h in hv_fcopy_daemon (git-fixes).\n- tools/power/cpupower: fix compilation with STATIC=true (git-fixes).\n- tools/power turbostat: fix possible sprintf buffer overflow (git-fixes).\n- tracing/blktrace: Fix to allow setting same value (Git-fixes).\n- tracing: Fix bad use of igrab in trace_uprobe.c (bsc#1120046).\n- tracing: Fix crash when freeing instances with event triggers (bsc#1120230).\n- tracing: Fix crash when it fails to alloc ring buffer (bsc#1120097).\n- tracing: Fix double free of event_trigger_data (bsc#1120234).\n- tracing: Fix missing return symbol in function_graph output (bsc#1120232).\n- tracing: Fix possible double free in event_enable_trigger_func() (bsc#1120235).\n- tracing: Fix possible double free on failure of allocating trace buffer (bsc#1120214).\n- tracing: Fix regex_match_front() to not over compare the test string (bsc#1120223).\n- tracing: Fix trace_pipe behavior for instance traces (bsc#1120088).\n- tracing: Remove RCU work arounds from stack tracer (bsc#1120092).\n- tracing/samples: Fix creation and deletion of simple_thread_fn creation (git-fixes).\n- tty: Do not return -EAGAIN in blocking read (bsc#1116040).\n- tty: do not set TTY_IO_ERROR flag if console port (bsc#1051510).\n- tty: serial: 8250_mtk: always resume the device in probe (bsc#1051510).\n- ubifs: Handle re-linking of inodes correctly while recovery (bsc#1120598).\n- udf: Allow mounting volumes with incorrect identification strings (bsc#1118774).\n- unifdef: use memcpy instead of strncpy (bsc#1051510).\n- usb: appledisplay: Add 27\u0027 Apple Cinema Display (bsc#1051510).\n- usb: core: quirks: add RESET_RESUME quirk for Cherry G230 Stream series (bsc#1051510).\n- usb: dwc2: host: use hrtimer for NAK retries (git-fixes).\n- usb: hso: Fix OOB memory access in hso_probe/hso_get_config_data (bsc#1051510).\n- usbip: vhci_hcd: check rhport before using in vhci_hub_control() (bsc#1090888).\n- usb: omap_udc: fix crashes on probe error and module removal (bsc#1051510).\n- usb: omap_udc: fix omap_udc_start() on 15xx machines (bsc#1051510).\n- usb: omap_udc: fix USB gadget functionality on Palm Tungsten E (bsc#1051510).\n- usb: omap_udc: use devm_request_irq() (bsc#1051510).\n- usb: quirk: add no-LPM quirk on SanDisk Ultra Flair device (bsc#1051510).\n- usb: serial: option: add Fibocom NL668 series (bsc#1051510).\n- usb: serial: option: add GosunCn ZTE WeLink ME3630 (bsc#1051510).\n- usb: serial: option: add HP lt4132 (bsc#1051510).\n- usb: serial: option: add Simcom SIM7500/SIM7600 (MBIM mode) (bsc#1051510).\n- usb: serial: option: add Telit LN940 series (bsc#1051510).\n- usb: usbip: Fix BUG: KASAN: slab-out-of-bounds in vhci_hub_control() (bsc#1106110).\n- usb: usb-storage: Add new IDs to ums-realtek (bsc#1051510).\n- usb: xhci: fix uninitialized completion when USB3 port got wrong status (bsc#1051510).\n- usb: xhci: Prevent bus suspend if a port connect change or polling state is detected (bsc#1051510).\n- userfaultfd: clear the vma-\u003evm_userfaultfd_ctx if UFFD_EVENT_FORK fails (bsc#1118761).\n- userfaultfd: remove uffd flags from vma-\u003evm_flags if UFFD_EVENT_FORK fails (bsc#1118809).\n- v9fs_dir_readdir: fix double-free on p9stat_read error (bsc#1118771).\n- watchdog/core: Add missing prototypes for weak functions (git-fixes).\n- wireless: airo: potential buffer overflow in sprintf() (bsc#1051510).\n- wlcore: Fix the return value in case of error in \u0027wlcore_vendor_cmd_smart_config_start()\u0027 (bsc#1051510).\n- x86/bugs: Add AMD\u0027s SPEC_CTRL MSR usage (bsc#1106913).\n- x86/bugs: Fix the AMD SSBD usage of the SPEC_CTRL MSR (bsc#1106913).\n- x86/bugs: Switch the selection of mitigation from CPU vendor to CPU features (bsc#1106913).\n- x86/decoder: Fix and update the opcodes map (bsc#1058115).\n- x86/kabi: Fix cpu_tlbstate issue (bsc#1106913).\n- x86/l1tf: Show actual SMT state (bsc#1106913).\n- x86/MCE/AMD: Fix the thresholding machinery initialization order (bsc#1114279).\n- x86/mm: Fix decoy address handling vs 32-bit builds (bsc#1120606).\n- x86/PCI: Add additional VMD device root ports to VMD AER quirk (bsc#1120058).\n- x86/PCI: Add \u0027pci=big_root_window\u0027 option for AMD 64-bit windows (bsc#1120058).\n- x86/PCI: Apply VMD\u0027s AERSID fixup generically (bsc#1120058).\n- x86/PCI: Avoid AMD SB7xx EHCI USB wakeup defect (bsc#1120058).\n- x86/PCI: Enable a 64bit BAR on AMD Family 15h (Models 00-1f, 30-3f, 60-7f) (bsc#1120058).\n- x86/PCI: Enable AMD 64-bit window on resume (bsc#1120058).\n- x86/PCI: Fix infinite loop in search for 64bit BAR placement (bsc#1120058).\n- x86/PCI: Move and shrink AMD 64-bit window to avoid conflict (bsc#1120058).\n- x86/PCI: Move VMD quirk to x86 fixups (bsc#1120058).\n- x86/PCI: Only enable a 64bit BAR on single-socket AMD Family 15h (bsc#1120058).\n- x86/PCI: Use is_vmd() rather than relying on the domain number (bsc#1120058).\n- x86/process: Consolidate and simplify switch_to_xtra() code (bsc#1106913).\n- x86/pti: Document fix wrong index (git-fixes).\n- x86/retpoline: Make CONFIG_RETPOLINE depend on compiler support (bsc#1106913).\n- x86/retpoline: Remove minimal retpoline support (bsc#1106913).\n- x86/speculataion: Mark command line parser data __initdata (bsc#1106913).\n- x86/speculation: Add command line control for indirect branch speculation (bsc#1106913).\n- x86/speculation: Add prctl() control for indirect branch speculation (bsc#1106913).\n- x86/speculation: Add seccomp Spectre v2 user space protection mode (bsc#1106913).\n- x86/speculation: Apply IBPB more strictly to avoid cross-process data leak (bsc#1106913).\n- x86/speculation: Avoid __switch_to_xtra() calls (bsc#1106913).\n- x86/speculation: Clean up spectre_v2_parse_cmdline() (bsc#1106913).\n- x86/speculation: Disable STIBP when enhanced IBRS is in use (bsc#1106913).\n- x86/speculation: Enable cross-hyperthread spectre v2 STIBP mitigation (bsc#1106913).\n- x86/speculation: Enable prctl mode for spectre_v2_user (bsc#1106913).\n- x86/speculation/l1tf: Drop the swap storage limit restriction when l1tf=off (bnc#1114871).\n- x86/speculation: Mark string arrays const correctly (bsc#1106913).\n- x86/speculation: Move STIPB/IBPB string conditionals out of cpu_show_common() (bsc#1106913).\n- x86/speculation: Prepare arch_smt_update() for PRCTL mode (bsc#1106913).\n- x86/speculation: Prepare for conditional IBPB in switch_mm() (bsc#1106913).\n- x86/speculation: Prepare for per task indirect branch speculation control (bsc#1106913).\n- x86/speculation: Prevent stale SPEC_CTRL msr content (bsc#1106913).\n- x86/speculation: Propagate information about RSB filling mitigation to sysfs (bsc#1106913).\n- x86/speculation: Provide IBPB always command line options (bsc#1106913).\n- x86/speculation: Remove unnecessary ret variable in cpu_show_common() (bsc#1106913).\n- x86/speculation: Rename SSBD update functions (bsc#1106913).\n- x86/speculation: Reorder the spec_v2 code (bsc#1106913).\n- x86/speculation: Reorganize speculation control MSRs update (bsc#1106913).\n- x86/speculation: Rework SMT state change (bsc#1106913).\n- x86/speculation: Split out TIF update (bsc#1106913).\n- x86/speculation: Unify conditional spectre v2 print functions (bsc#1106913).\n- x86/speculation: Update the TIF_SSBD comment (bsc#1106913).\n- xen/netfront: tolerate frags with no data (bnc#1119804).\n- xen/x86: add diagnostic printout to xen_mc_flush() in case of error (bnc#1116183).\n- xfs: Align compat attrlist_by_handle with native implementation (git-fixes).\n- xfs: Fix xqmstats offsets in /proc/fs/xfs/xqmstat (git-fixes).\n- xfs: xfs_buf: drop useless LIST_HEAD (git-fixes).\n- xhci: Add quirk to workaround the errata seen on Cavium Thunder-X2 Soc (bsc#1117162).\n- xhci: Do not prevent USB2 bus suspend in state check intended for USB3 only (bsc#1051510).\n- xhci: Prevent U1/U2 link pm states if exit latency is too long (bsc#1051510).\n- xfs: fix quotacheck dquot id overflow infinite loop (bsc#1121621).\n",
"title": "Description of the patch"
},
{
"category": "details",
"text": "openSUSE-2019-65",
"title": "Patchnames"
},
{
"category": "legal_disclaimer",
"text": "CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).",
"title": "Terms of use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://www.suse.com/support/security/contact/",
"name": "SUSE Product Security Team",
"namespace": "https://www.suse.com/"
},
"references": [
{
"category": "external",
"summary": "SUSE ratings",
"url": "https://www.suse.com/support/security/rating/"
},
{
"category": "self",
"summary": "URL of this CSAF notice",
"url": "https://ftp.suse.com/pub/projects/security/csaf/opensuse-su-2019_0065-1.json"
},
{
"category": "self",
"summary": "URL for openSUSE-SU-2019:0065-1",
"url": "https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/HZOAR52RMMAMPTGY2TTSFPEKREAVGPNY/#HZOAR52RMMAMPTGY2TTSFPEKREAVGPNY"
},
{
"category": "self",
"summary": "E-Mail link for openSUSE-SU-2019:0065-1",
"url": "https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/HZOAR52RMMAMPTGY2TTSFPEKREAVGPNY/#HZOAR52RMMAMPTGY2TTSFPEKREAVGPNY"
},
{
"category": "self",
"summary": "SUSE Bug 1024718",
"url": "https://bugzilla.suse.com/1024718"
},
{
"category": "self",
"summary": "SUSE Bug 1046299",
"url": "https://bugzilla.suse.com/1046299"
},
{
"category": "self",
"summary": "SUSE Bug 1050242",
"url": "https://bugzilla.suse.com/1050242"
},
{
"category": "self",
"summary": "SUSE Bug 1050244",
"url": "https://bugzilla.suse.com/1050244"
},
{
"category": "self",
"summary": "SUSE Bug 1051510",
"url": "https://bugzilla.suse.com/1051510"
},
{
"category": "self",
"summary": "SUSE Bug 1055121",
"url": "https://bugzilla.suse.com/1055121"
},
{
"category": "self",
"summary": "SUSE Bug 1055186",
"url": "https://bugzilla.suse.com/1055186"
},
{
"category": "self",
"summary": "SUSE Bug 1058115",
"url": "https://bugzilla.suse.com/1058115"
},
{
"category": "self",
"summary": "SUSE Bug 1060463",
"url": "https://bugzilla.suse.com/1060463"
},
{
"category": "self",
"summary": "SUSE Bug 1065729",
"url": "https://bugzilla.suse.com/1065729"
},
{
"category": "self",
"summary": "SUSE Bug 1078248",
"url": "https://bugzilla.suse.com/1078248"
},
{
"category": "self",
"summary": "SUSE Bug 1079935",
"url": "https://bugzilla.suse.com/1079935"
},
{
"category": "self",
"summary": "SUSE Bug 1082387",
"url": "https://bugzilla.suse.com/1082387"
},
{
"category": "self",
"summary": "SUSE Bug 1083647",
"url": "https://bugzilla.suse.com/1083647"
},
{
"category": "self",
"summary": "SUSE Bug 1086282",
"url": "https://bugzilla.suse.com/1086282"
},
{
"category": "self",
"summary": "SUSE Bug 1086283",
"url": "https://bugzilla.suse.com/1086283"
},
{
"category": "self",
"summary": "SUSE Bug 1086423",
"url": "https://bugzilla.suse.com/1086423"
},
{
"category": "self",
"summary": "SUSE Bug 1087978",
"url": "https://bugzilla.suse.com/1087978"
},
{
"category": "self",
"summary": "SUSE Bug 1088386",
"url": "https://bugzilla.suse.com/1088386"
},
{
"category": "self",
"summary": "SUSE Bug 1090888",
"url": "https://bugzilla.suse.com/1090888"
},
{
"category": "self",
"summary": "SUSE Bug 1091405",
"url": "https://bugzilla.suse.com/1091405"
},
{
"category": "self",
"summary": "SUSE Bug 1094244",
"url": "https://bugzilla.suse.com/1094244"
},
{
"category": "self",
"summary": "SUSE Bug 1097593",
"url": "https://bugzilla.suse.com/1097593"
},
{
"category": "self",
"summary": "SUSE Bug 1102875",
"url": "https://bugzilla.suse.com/1102875"
},
{
"category": "self",
"summary": "SUSE Bug 1102877",
"url": "https://bugzilla.suse.com/1102877"
},
{
"category": "self",
"summary": "SUSE Bug 1102879",
"url": "https://bugzilla.suse.com/1102879"
},
{
"category": "self",
"summary": "SUSE Bug 1102882",
"url": "https://bugzilla.suse.com/1102882"
},
{
"category": "self",
"summary": "SUSE Bug 1102896",
"url": "https://bugzilla.suse.com/1102896"
},
{
"category": "self",
"summary": "SUSE Bug 1103257",
"url": "https://bugzilla.suse.com/1103257"
},
{
"category": "self",
"summary": "SUSE Bug 1104353",
"url": "https://bugzilla.suse.com/1104353"
},
{
"category": "self",
"summary": "SUSE Bug 1104427",
"url": "https://bugzilla.suse.com/1104427"
},
{
"category": "self",
"summary": "SUSE Bug 1104967",
"url": "https://bugzilla.suse.com/1104967"
},
{
"category": "self",
"summary": "SUSE Bug 1105168",
"url": "https://bugzilla.suse.com/1105168"
},
{
"category": "self",
"summary": "SUSE Bug 1106105",
"url": "https://bugzilla.suse.com/1106105"
},
{
"category": "self",
"summary": "SUSE Bug 1106110",
"url": "https://bugzilla.suse.com/1106110"
},
{
"category": "self",
"summary": "SUSE Bug 1106615",
"url": "https://bugzilla.suse.com/1106615"
},
{
"category": "self",
"summary": "SUSE Bug 1106913",
"url": "https://bugzilla.suse.com/1106913"
},
{
"category": "self",
"summary": "SUSE Bug 1108270",
"url": "https://bugzilla.suse.com/1108270"
},
{
"category": "self",
"summary": "SUSE Bug 1109272",
"url": "https://bugzilla.suse.com/1109272"
},
{
"category": "self",
"summary": "SUSE Bug 1109665",
"url": "https://bugzilla.suse.com/1109665"
},
{
"category": "self",
"summary": "SUSE Bug 1110558",
"url": "https://bugzilla.suse.com/1110558"
},
{
"category": "self",
"summary": "SUSE Bug 1111188",
"url": "https://bugzilla.suse.com/1111188"
},
{
"category": "self",
"summary": "SUSE Bug 1111469",
"url": "https://bugzilla.suse.com/1111469"
},
{
"category": "self",
"summary": "SUSE Bug 1111696",
"url": "https://bugzilla.suse.com/1111696"
},
{
"category": "self",
"summary": "SUSE Bug 1111795",
"url": "https://bugzilla.suse.com/1111795"
},
{
"category": "self",
"summary": "SUSE Bug 1113722",
"url": "https://bugzilla.suse.com/1113722"
},
{
"category": "self",
"summary": "SUSE Bug 1114279",
"url": "https://bugzilla.suse.com/1114279"
},
{
"category": "self",
"summary": "SUSE Bug 1114871",
"url": "https://bugzilla.suse.com/1114871"
},
{
"category": "self",
"summary": "SUSE Bug 1116040",
"url": "https://bugzilla.suse.com/1116040"
},
{
"category": "self",
"summary": "SUSE Bug 1116183",
"url": "https://bugzilla.suse.com/1116183"
},
{
"category": "self",
"summary": "SUSE Bug 1116336",
"url": "https://bugzilla.suse.com/1116336"
},
{
"category": "self",
"summary": "SUSE Bug 1116803",
"url": "https://bugzilla.suse.com/1116803"
},
{
"category": "self",
"summary": "SUSE Bug 1116841",
"url": "https://bugzilla.suse.com/1116841"
},
{
"category": "self",
"summary": "SUSE Bug 1117115",
"url": "https://bugzilla.suse.com/1117115"
},
{
"category": "self",
"summary": "SUSE Bug 1117162",
"url": "https://bugzilla.suse.com/1117162"
},
{
"category": "self",
"summary": "SUSE Bug 1117165",
"url": "https://bugzilla.suse.com/1117165"
},
{
"category": "self",
"summary": "SUSE Bug 1117186",
"url": "https://bugzilla.suse.com/1117186"
},
{
"category": "self",
"summary": "SUSE Bug 1117561",
"url": "https://bugzilla.suse.com/1117561"
},
{
"category": "self",
"summary": "SUSE Bug 1117656",
"url": "https://bugzilla.suse.com/1117656"
},
{
"category": "self",
"summary": "SUSE Bug 1117953",
"url": "https://bugzilla.suse.com/1117953"
},
{
"category": "self",
"summary": "SUSE Bug 1118152",
"url": "https://bugzilla.suse.com/1118152"
},
{
"category": "self",
"summary": "SUSE Bug 1118215",
"url": "https://bugzilla.suse.com/1118215"
},
{
"category": "self",
"summary": "SUSE Bug 1118316",
"url": "https://bugzilla.suse.com/1118316"
},
{
"category": "self",
"summary": "SUSE Bug 1118319",
"url": "https://bugzilla.suse.com/1118319"
},
{
"category": "self",
"summary": "SUSE Bug 1118428",
"url": "https://bugzilla.suse.com/1118428"
},
{
"category": "self",
"summary": "SUSE Bug 1118484",
"url": "https://bugzilla.suse.com/1118484"
},
{
"category": "self",
"summary": "SUSE Bug 1118752",
"url": "https://bugzilla.suse.com/1118752"
},
{
"category": "self",
"summary": "SUSE Bug 1118760",
"url": "https://bugzilla.suse.com/1118760"
},
{
"category": "self",
"summary": "SUSE Bug 1118761",
"url": "https://bugzilla.suse.com/1118761"
},
{
"category": "self",
"summary": "SUSE Bug 1118762",
"url": "https://bugzilla.suse.com/1118762"
},
{
"category": "self",
"summary": "SUSE Bug 1118766",
"url": "https://bugzilla.suse.com/1118766"
},
{
"category": "self",
"summary": "SUSE Bug 1118767",
"url": "https://bugzilla.suse.com/1118767"
},
{
"category": "self",
"summary": "SUSE Bug 1118768",
"url": "https://bugzilla.suse.com/1118768"
},
{
"category": "self",
"summary": "SUSE Bug 1118769",
"url": "https://bugzilla.suse.com/1118769"
},
{
"category": "self",
"summary": "SUSE Bug 1118771",
"url": "https://bugzilla.suse.com/1118771"
},
{
"category": "self",
"summary": "SUSE Bug 1118772",
"url": "https://bugzilla.suse.com/1118772"
},
{
"category": "self",
"summary": "SUSE Bug 1118773",
"url": "https://bugzilla.suse.com/1118773"
},
{
"category": "self",
"summary": "SUSE Bug 1118774",
"url": "https://bugzilla.suse.com/1118774"
},
{
"category": "self",
"summary": "SUSE Bug 1118775",
"url": "https://bugzilla.suse.com/1118775"
},
{
"category": "self",
"summary": "SUSE Bug 1118798",
"url": "https://bugzilla.suse.com/1118798"
},
{
"category": "self",
"summary": "SUSE Bug 1118809",
"url": "https://bugzilla.suse.com/1118809"
},
{
"category": "self",
"summary": "SUSE Bug 1118962",
"url": "https://bugzilla.suse.com/1118962"
},
{
"category": "self",
"summary": "SUSE Bug 1119017",
"url": "https://bugzilla.suse.com/1119017"
},
{
"category": "self",
"summary": "SUSE Bug 1119086",
"url": "https://bugzilla.suse.com/1119086"
},
{
"category": "self",
"summary": "SUSE Bug 1119212",
"url": "https://bugzilla.suse.com/1119212"
},
{
"category": "self",
"summary": "SUSE Bug 1119322",
"url": "https://bugzilla.suse.com/1119322"
},
{
"category": "self",
"summary": "SUSE Bug 1119410",
"url": "https://bugzilla.suse.com/1119410"
},
{
"category": "self",
"summary": "SUSE Bug 1119714",
"url": "https://bugzilla.suse.com/1119714"
},
{
"category": "self",
"summary": "SUSE Bug 1119749",
"url": "https://bugzilla.suse.com/1119749"
},
{
"category": "self",
"summary": "SUSE Bug 1119804",
"url": "https://bugzilla.suse.com/1119804"
},
{
"category": "self",
"summary": "SUSE Bug 1119946",
"url": "https://bugzilla.suse.com/1119946"
},
{
"category": "self",
"summary": "SUSE Bug 1119962",
"url": "https://bugzilla.suse.com/1119962"
},
{
"category": "self",
"summary": "SUSE Bug 1119968",
"url": "https://bugzilla.suse.com/1119968"
},
{
"category": "self",
"summary": "SUSE Bug 1120036",
"url": "https://bugzilla.suse.com/1120036"
},
{
"category": "self",
"summary": "SUSE Bug 1120046",
"url": "https://bugzilla.suse.com/1120046"
},
{
"category": "self",
"summary": "SUSE Bug 1120053",
"url": "https://bugzilla.suse.com/1120053"
},
{
"category": "self",
"summary": "SUSE Bug 1120054",
"url": "https://bugzilla.suse.com/1120054"
},
{
"category": "self",
"summary": "SUSE Bug 1120055",
"url": "https://bugzilla.suse.com/1120055"
},
{
"category": "self",
"summary": "SUSE Bug 1120058",
"url": "https://bugzilla.suse.com/1120058"
},
{
"category": "self",
"summary": "SUSE Bug 1120088",
"url": "https://bugzilla.suse.com/1120088"
},
{
"category": "self",
"summary": "SUSE Bug 1120092",
"url": "https://bugzilla.suse.com/1120092"
},
{
"category": "self",
"summary": "SUSE Bug 1120094",
"url": "https://bugzilla.suse.com/1120094"
},
{
"category": "self",
"summary": "SUSE Bug 1120096",
"url": "https://bugzilla.suse.com/1120096"
},
{
"category": "self",
"summary": "SUSE Bug 1120097",
"url": "https://bugzilla.suse.com/1120097"
},
{
"category": "self",
"summary": "SUSE Bug 1120173",
"url": "https://bugzilla.suse.com/1120173"
},
{
"category": "self",
"summary": "SUSE Bug 1120214",
"url": "https://bugzilla.suse.com/1120214"
},
{
"category": "self",
"summary": "SUSE Bug 1120223",
"url": "https://bugzilla.suse.com/1120223"
},
{
"category": "self",
"summary": "SUSE Bug 1120228",
"url": "https://bugzilla.suse.com/1120228"
},
{
"category": "self",
"summary": "SUSE Bug 1120230",
"url": "https://bugzilla.suse.com/1120230"
},
{
"category": "self",
"summary": "SUSE Bug 1120232",
"url": "https://bugzilla.suse.com/1120232"
},
{
"category": "self",
"summary": "SUSE Bug 1120234",
"url": "https://bugzilla.suse.com/1120234"
},
{
"category": "self",
"summary": "SUSE Bug 1120235",
"url": "https://bugzilla.suse.com/1120235"
},
{
"category": "self",
"summary": "SUSE Bug 1120238",
"url": "https://bugzilla.suse.com/1120238"
},
{
"category": "self",
"summary": "SUSE Bug 1120594",
"url": "https://bugzilla.suse.com/1120594"
},
{
"category": "self",
"summary": "SUSE Bug 1120598",
"url": "https://bugzilla.suse.com/1120598"
},
{
"category": "self",
"summary": "SUSE Bug 1120600",
"url": "https://bugzilla.suse.com/1120600"
},
{
"category": "self",
"summary": "SUSE Bug 1120601",
"url": "https://bugzilla.suse.com/1120601"
},
{
"category": "self",
"summary": "SUSE Bug 1120602",
"url": "https://bugzilla.suse.com/1120602"
},
{
"category": "self",
"summary": "SUSE Bug 1120603",
"url": "https://bugzilla.suse.com/1120603"
},
{
"category": "self",
"summary": "SUSE Bug 1120604",
"url": "https://bugzilla.suse.com/1120604"
},
{
"category": "self",
"summary": "SUSE Bug 1120606",
"url": "https://bugzilla.suse.com/1120606"
},
{
"category": "self",
"summary": "SUSE Bug 1120612",
"url": "https://bugzilla.suse.com/1120612"
},
{
"category": "self",
"summary": "SUSE Bug 1120613",
"url": "https://bugzilla.suse.com/1120613"
},
{
"category": "self",
"summary": "SUSE Bug 1120614",
"url": "https://bugzilla.suse.com/1120614"
},
{
"category": "self",
"summary": "SUSE Bug 1120615",
"url": "https://bugzilla.suse.com/1120615"
},
{
"category": "self",
"summary": "SUSE Bug 1120616",
"url": "https://bugzilla.suse.com/1120616"
},
{
"category": "self",
"summary": "SUSE Bug 1120617",
"url": "https://bugzilla.suse.com/1120617"
},
{
"category": "self",
"summary": "SUSE Bug 1120618",
"url": "https://bugzilla.suse.com/1120618"
},
{
"category": "self",
"summary": "SUSE Bug 1120620",
"url": "https://bugzilla.suse.com/1120620"
},
{
"category": "self",
"summary": "SUSE Bug 1120621",
"url": "https://bugzilla.suse.com/1120621"
},
{
"category": "self",
"summary": "SUSE Bug 1120632",
"url": "https://bugzilla.suse.com/1120632"
},
{
"category": "self",
"summary": "SUSE Bug 1120633",
"url": "https://bugzilla.suse.com/1120633"
},
{
"category": "self",
"summary": "SUSE Bug 1120743",
"url": "https://bugzilla.suse.com/1120743"
},
{
"category": "self",
"summary": "SUSE Bug 1121017",
"url": "https://bugzilla.suse.com/1121017"
},
{
"category": "self",
"summary": "SUSE Bug 1121058",
"url": "https://bugzilla.suse.com/1121058"
},
{
"category": "self",
"summary": "SUSE Bug 1121263",
"url": "https://bugzilla.suse.com/1121263"
},
{
"category": "self",
"summary": "SUSE Bug 1121273",
"url": "https://bugzilla.suse.com/1121273"
},
{
"category": "self",
"summary": "SUSE Bug 1121477",
"url": "https://bugzilla.suse.com/1121477"
},
{
"category": "self",
"summary": "SUSE Bug 1121483",
"url": "https://bugzilla.suse.com/1121483"
},
{
"category": "self",
"summary": "SUSE Bug 1121621",
"url": "https://bugzilla.suse.com/1121621"
},
{
"category": "self",
"summary": "SUSE Bug 1121714",
"url": "https://bugzilla.suse.com/1121714"
},
{
"category": "self",
"summary": "SUSE Bug 1121715",
"url": "https://bugzilla.suse.com/1121715"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2018-12232 page",
"url": "https://www.suse.com/security/cve/CVE-2018-12232/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2018-14625 page",
"url": "https://www.suse.com/security/cve/CVE-2018-14625/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2018-16862 page",
"url": "https://www.suse.com/security/cve/CVE-2018-16862/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2018-16884 page",
"url": "https://www.suse.com/security/cve/CVE-2018-16884/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2018-18397 page",
"url": "https://www.suse.com/security/cve/CVE-2018-18397/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2018-19407 page",
"url": "https://www.suse.com/security/cve/CVE-2018-19407/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2018-19824 page",
"url": "https://www.suse.com/security/cve/CVE-2018-19824/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2018-19854 page",
"url": "https://www.suse.com/security/cve/CVE-2018-19854/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2018-19985 page",
"url": "https://www.suse.com/security/cve/CVE-2018-19985/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2018-20169 page",
"url": "https://www.suse.com/security/cve/CVE-2018-20169/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2018-9568 page",
"url": "https://www.suse.com/security/cve/CVE-2018-9568/"
}
],
"title": "Security update for the Linux Kernel",
"tracking": {
"current_release_date": "2019-03-23T10:47:17Z",
"generator": {
"date": "2019-03-23T10:47:17Z",
"engine": {
"name": "cve-database.git:bin/generate-csaf.pl",
"version": "1"
}
},
"id": "openSUSE-SU-2019:0065-1",
"initial_release_date": "2019-03-23T10:47:17Z",
"revision_history": [
{
"date": "2019-03-23T10:47:17Z",
"number": "1",
"summary": "Current version"
}
],
"status": "final",
"version": "1"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_version",
"name": "kernel-devel-4.12.14-lp150.12.45.1.noarch",
"product": {
"name": "kernel-devel-4.12.14-lp150.12.45.1.noarch",
"product_id": "kernel-devel-4.12.14-lp150.12.45.1.noarch"
}
},
{
"category": "product_version",
"name": "kernel-docs-4.12.14-lp150.12.45.1.noarch",
"product": {
"name": "kernel-docs-4.12.14-lp150.12.45.1.noarch",
"product_id": "kernel-docs-4.12.14-lp150.12.45.1.noarch"
}
},
{
"category": "product_version",
"name": "kernel-docs-html-4.12.14-lp150.12.45.1.noarch",
"product": {
"name": "kernel-docs-html-4.12.14-lp150.12.45.1.noarch",
"product_id": "kernel-docs-html-4.12.14-lp150.12.45.1.noarch"
}
},
{
"category": "product_version",
"name": "kernel-macros-4.12.14-lp150.12.45.1.noarch",
"product": {
"name": "kernel-macros-4.12.14-lp150.12.45.1.noarch",
"product_id": "kernel-macros-4.12.14-lp150.12.45.1.noarch"
}
},
{
"category": "product_version",
"name": "kernel-source-4.12.14-lp150.12.45.1.noarch",
"product": {
"name": "kernel-source-4.12.14-lp150.12.45.1.noarch",
"product_id": "kernel-source-4.12.14-lp150.12.45.1.noarch"
}
},
{
"category": "product_version",
"name": "kernel-source-vanilla-4.12.14-lp150.12.45.1.noarch",
"product": {
"name": "kernel-source-vanilla-4.12.14-lp150.12.45.1.noarch",
"product_id": "kernel-source-vanilla-4.12.14-lp150.12.45.1.noarch"
}
}
],
"category": "architecture",
"name": "noarch"
},
{
"branches": [
{
"category": "product_version",
"name": "kernel-debug-4.12.14-lp150.12.45.1.x86_64",
"product": {
"name": "kernel-debug-4.12.14-lp150.12.45.1.x86_64",
"product_id": "kernel-debug-4.12.14-lp150.12.45.1.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-debug-base-4.12.14-lp150.12.45.1.x86_64",
"product": {
"name": "kernel-debug-base-4.12.14-lp150.12.45.1.x86_64",
"product_id": "kernel-debug-base-4.12.14-lp150.12.45.1.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-debug-devel-4.12.14-lp150.12.45.1.x86_64",
"product": {
"name": "kernel-debug-devel-4.12.14-lp150.12.45.1.x86_64",
"product_id": "kernel-debug-devel-4.12.14-lp150.12.45.1.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-default-4.12.14-lp150.12.45.1.x86_64",
"product": {
"name": "kernel-default-4.12.14-lp150.12.45.1.x86_64",
"product_id": "kernel-default-4.12.14-lp150.12.45.1.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-default-base-4.12.14-lp150.12.45.1.x86_64",
"product": {
"name": "kernel-default-base-4.12.14-lp150.12.45.1.x86_64",
"product_id": "kernel-default-base-4.12.14-lp150.12.45.1.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-default-devel-4.12.14-lp150.12.45.1.x86_64",
"product": {
"name": "kernel-default-devel-4.12.14-lp150.12.45.1.x86_64",
"product_id": "kernel-default-devel-4.12.14-lp150.12.45.1.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-kvmsmall-4.12.14-lp150.12.45.1.x86_64",
"product": {
"name": "kernel-kvmsmall-4.12.14-lp150.12.45.1.x86_64",
"product_id": "kernel-kvmsmall-4.12.14-lp150.12.45.1.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-kvmsmall-base-4.12.14-lp150.12.45.1.x86_64",
"product": {
"name": "kernel-kvmsmall-base-4.12.14-lp150.12.45.1.x86_64",
"product_id": "kernel-kvmsmall-base-4.12.14-lp150.12.45.1.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-kvmsmall-devel-4.12.14-lp150.12.45.1.x86_64",
"product": {
"name": "kernel-kvmsmall-devel-4.12.14-lp150.12.45.1.x86_64",
"product_id": "kernel-kvmsmall-devel-4.12.14-lp150.12.45.1.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-obs-build-4.12.14-lp150.12.45.1.x86_64",
"product": {
"name": "kernel-obs-build-4.12.14-lp150.12.45.1.x86_64",
"product_id": "kernel-obs-build-4.12.14-lp150.12.45.1.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-obs-qa-4.12.14-lp150.12.45.1.x86_64",
"product": {
"name": "kernel-obs-qa-4.12.14-lp150.12.45.1.x86_64",
"product_id": "kernel-obs-qa-4.12.14-lp150.12.45.1.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-syms-4.12.14-lp150.12.45.1.x86_64",
"product": {
"name": "kernel-syms-4.12.14-lp150.12.45.1.x86_64",
"product_id": "kernel-syms-4.12.14-lp150.12.45.1.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-vanilla-4.12.14-lp150.12.45.1.x86_64",
"product": {
"name": "kernel-vanilla-4.12.14-lp150.12.45.1.x86_64",
"product_id": "kernel-vanilla-4.12.14-lp150.12.45.1.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-vanilla-base-4.12.14-lp150.12.45.1.x86_64",
"product": {
"name": "kernel-vanilla-base-4.12.14-lp150.12.45.1.x86_64",
"product_id": "kernel-vanilla-base-4.12.14-lp150.12.45.1.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-vanilla-devel-4.12.14-lp150.12.45.1.x86_64",
"product": {
"name": "kernel-vanilla-devel-4.12.14-lp150.12.45.1.x86_64",
"product_id": "kernel-vanilla-devel-4.12.14-lp150.12.45.1.x86_64"
}
}
],
"category": "architecture",
"name": "x86_64"
},
{
"branches": [
{
"category": "product_name",
"name": "openSUSE Leap 15.0",
"product": {
"name": "openSUSE Leap 15.0",
"product_id": "openSUSE Leap 15.0",
"product_identification_helper": {
"cpe": "cpe:/o:opensuse:leap:15.0"
}
}
}
],
"category": "product_family",
"name": "SUSE Linux Enterprise"
}
],
"category": "vendor",
"name": "SUSE"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-debug-4.12.14-lp150.12.45.1.x86_64 as component of openSUSE Leap 15.0",
"product_id": "openSUSE Leap 15.0:kernel-debug-4.12.14-lp150.12.45.1.x86_64"
},
"product_reference": "kernel-debug-4.12.14-lp150.12.45.1.x86_64",
"relates_to_product_reference": "openSUSE Leap 15.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-debug-base-4.12.14-lp150.12.45.1.x86_64 as component of openSUSE Leap 15.0",
"product_id": "openSUSE Leap 15.0:kernel-debug-base-4.12.14-lp150.12.45.1.x86_64"
},
"product_reference": "kernel-debug-base-4.12.14-lp150.12.45.1.x86_64",
"relates_to_product_reference": "openSUSE Leap 15.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-debug-devel-4.12.14-lp150.12.45.1.x86_64 as component of openSUSE Leap 15.0",
"product_id": "openSUSE Leap 15.0:kernel-debug-devel-4.12.14-lp150.12.45.1.x86_64"
},
"product_reference": "kernel-debug-devel-4.12.14-lp150.12.45.1.x86_64",
"relates_to_product_reference": "openSUSE Leap 15.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-default-4.12.14-lp150.12.45.1.x86_64 as component of openSUSE Leap 15.0",
"product_id": "openSUSE Leap 15.0:kernel-default-4.12.14-lp150.12.45.1.x86_64"
},
"product_reference": "kernel-default-4.12.14-lp150.12.45.1.x86_64",
"relates_to_product_reference": "openSUSE Leap 15.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-default-base-4.12.14-lp150.12.45.1.x86_64 as component of openSUSE Leap 15.0",
"product_id": "openSUSE Leap 15.0:kernel-default-base-4.12.14-lp150.12.45.1.x86_64"
},
"product_reference": "kernel-default-base-4.12.14-lp150.12.45.1.x86_64",
"relates_to_product_reference": "openSUSE Leap 15.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-default-devel-4.12.14-lp150.12.45.1.x86_64 as component of openSUSE Leap 15.0",
"product_id": "openSUSE Leap 15.0:kernel-default-devel-4.12.14-lp150.12.45.1.x86_64"
},
"product_reference": "kernel-default-devel-4.12.14-lp150.12.45.1.x86_64",
"relates_to_product_reference": "openSUSE Leap 15.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-devel-4.12.14-lp150.12.45.1.noarch as component of openSUSE Leap 15.0",
"product_id": "openSUSE Leap 15.0:kernel-devel-4.12.14-lp150.12.45.1.noarch"
},
"product_reference": "kernel-devel-4.12.14-lp150.12.45.1.noarch",
"relates_to_product_reference": "openSUSE Leap 15.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-docs-4.12.14-lp150.12.45.1.noarch as component of openSUSE Leap 15.0",
"product_id": "openSUSE Leap 15.0:kernel-docs-4.12.14-lp150.12.45.1.noarch"
},
"product_reference": "kernel-docs-4.12.14-lp150.12.45.1.noarch",
"relates_to_product_reference": "openSUSE Leap 15.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-docs-html-4.12.14-lp150.12.45.1.noarch as component of openSUSE Leap 15.0",
"product_id": "openSUSE Leap 15.0:kernel-docs-html-4.12.14-lp150.12.45.1.noarch"
},
"product_reference": "kernel-docs-html-4.12.14-lp150.12.45.1.noarch",
"relates_to_product_reference": "openSUSE Leap 15.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-kvmsmall-4.12.14-lp150.12.45.1.x86_64 as component of openSUSE Leap 15.0",
"product_id": "openSUSE Leap 15.0:kernel-kvmsmall-4.12.14-lp150.12.45.1.x86_64"
},
"product_reference": "kernel-kvmsmall-4.12.14-lp150.12.45.1.x86_64",
"relates_to_product_reference": "openSUSE Leap 15.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-kvmsmall-base-4.12.14-lp150.12.45.1.x86_64 as component of openSUSE Leap 15.0",
"product_id": "openSUSE Leap 15.0:kernel-kvmsmall-base-4.12.14-lp150.12.45.1.x86_64"
},
"product_reference": "kernel-kvmsmall-base-4.12.14-lp150.12.45.1.x86_64",
"relates_to_product_reference": "openSUSE Leap 15.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-kvmsmall-devel-4.12.14-lp150.12.45.1.x86_64 as component of openSUSE Leap 15.0",
"product_id": "openSUSE Leap 15.0:kernel-kvmsmall-devel-4.12.14-lp150.12.45.1.x86_64"
},
"product_reference": "kernel-kvmsmall-devel-4.12.14-lp150.12.45.1.x86_64",
"relates_to_product_reference": "openSUSE Leap 15.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-macros-4.12.14-lp150.12.45.1.noarch as component of openSUSE Leap 15.0",
"product_id": "openSUSE Leap 15.0:kernel-macros-4.12.14-lp150.12.45.1.noarch"
},
"product_reference": "kernel-macros-4.12.14-lp150.12.45.1.noarch",
"relates_to_product_reference": "openSUSE Leap 15.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-obs-build-4.12.14-lp150.12.45.1.x86_64 as component of openSUSE Leap 15.0",
"product_id": "openSUSE Leap 15.0:kernel-obs-build-4.12.14-lp150.12.45.1.x86_64"
},
"product_reference": "kernel-obs-build-4.12.14-lp150.12.45.1.x86_64",
"relates_to_product_reference": "openSUSE Leap 15.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-obs-qa-4.12.14-lp150.12.45.1.x86_64 as component of openSUSE Leap 15.0",
"product_id": "openSUSE Leap 15.0:kernel-obs-qa-4.12.14-lp150.12.45.1.x86_64"
},
"product_reference": "kernel-obs-qa-4.12.14-lp150.12.45.1.x86_64",
"relates_to_product_reference": "openSUSE Leap 15.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-source-4.12.14-lp150.12.45.1.noarch as component of openSUSE Leap 15.0",
"product_id": "openSUSE Leap 15.0:kernel-source-4.12.14-lp150.12.45.1.noarch"
},
"product_reference": "kernel-source-4.12.14-lp150.12.45.1.noarch",
"relates_to_product_reference": "openSUSE Leap 15.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-source-vanilla-4.12.14-lp150.12.45.1.noarch as component of openSUSE Leap 15.0",
"product_id": "openSUSE Leap 15.0:kernel-source-vanilla-4.12.14-lp150.12.45.1.noarch"
},
"product_reference": "kernel-source-vanilla-4.12.14-lp150.12.45.1.noarch",
"relates_to_product_reference": "openSUSE Leap 15.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-syms-4.12.14-lp150.12.45.1.x86_64 as component of openSUSE Leap 15.0",
"product_id": "openSUSE Leap 15.0:kernel-syms-4.12.14-lp150.12.45.1.x86_64"
},
"product_reference": "kernel-syms-4.12.14-lp150.12.45.1.x86_64",
"relates_to_product_reference": "openSUSE Leap 15.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-vanilla-4.12.14-lp150.12.45.1.x86_64 as component of openSUSE Leap 15.0",
"product_id": "openSUSE Leap 15.0:kernel-vanilla-4.12.14-lp150.12.45.1.x86_64"
},
"product_reference": "kernel-vanilla-4.12.14-lp150.12.45.1.x86_64",
"relates_to_product_reference": "openSUSE Leap 15.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-vanilla-base-4.12.14-lp150.12.45.1.x86_64 as component of openSUSE Leap 15.0",
"product_id": "openSUSE Leap 15.0:kernel-vanilla-base-4.12.14-lp150.12.45.1.x86_64"
},
"product_reference": "kernel-vanilla-base-4.12.14-lp150.12.45.1.x86_64",
"relates_to_product_reference": "openSUSE Leap 15.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-vanilla-devel-4.12.14-lp150.12.45.1.x86_64 as component of openSUSE Leap 15.0",
"product_id": "openSUSE Leap 15.0:kernel-vanilla-devel-4.12.14-lp150.12.45.1.x86_64"
},
"product_reference": "kernel-vanilla-devel-4.12.14-lp150.12.45.1.x86_64",
"relates_to_product_reference": "openSUSE Leap 15.0"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2018-12232",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2018-12232"
}
],
"notes": [
{
"category": "general",
"text": "In net/socket.c in the Linux kernel through 4.17.1, there is a race condition between fchownat and close in cases where they target the same socket file descriptor, related to the sock_close and sockfs_setattr functions. fchownat does not increment the file descriptor reference count, which allows close to set the socket to NULL during fchownat\u0027s execution, leading to a NULL pointer dereference and system crash.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Leap 15.0:kernel-debug-4.12.14-lp150.12.45.1.x86_64",
"openSUSE Leap 15.0:kernel-debug-base-4.12.14-lp150.12.45.1.x86_64",
"openSUSE Leap 15.0:kernel-debug-devel-4.12.14-lp150.12.45.1.x86_64",
"openSUSE Leap 15.0:kernel-default-4.12.14-lp150.12.45.1.x86_64",
"openSUSE Leap 15.0:kernel-default-base-4.12.14-lp150.12.45.1.x86_64",
"openSUSE Leap 15.0:kernel-default-devel-4.12.14-lp150.12.45.1.x86_64",
"openSUSE Leap 15.0:kernel-devel-4.12.14-lp150.12.45.1.noarch",
"openSUSE Leap 15.0:kernel-docs-4.12.14-lp150.12.45.1.noarch",
"openSUSE Leap 15.0:kernel-docs-html-4.12.14-lp150.12.45.1.noarch",
"openSUSE Leap 15.0:kernel-kvmsmall-4.12.14-lp150.12.45.1.x86_64",
"openSUSE Leap 15.0:kernel-kvmsmall-base-4.12.14-lp150.12.45.1.x86_64",
"openSUSE Leap 15.0:kernel-kvmsmall-devel-4.12.14-lp150.12.45.1.x86_64",
"openSUSE Leap 15.0:kernel-macros-4.12.14-lp150.12.45.1.noarch",
"openSUSE Leap 15.0:kernel-obs-build-4.12.14-lp150.12.45.1.x86_64",
"openSUSE Leap 15.0:kernel-obs-qa-4.12.14-lp150.12.45.1.x86_64",
"openSUSE Leap 15.0:kernel-source-4.12.14-lp150.12.45.1.noarch",
"openSUSE Leap 15.0:kernel-source-vanilla-4.12.14-lp150.12.45.1.noarch",
"openSUSE Leap 15.0:kernel-syms-4.12.14-lp150.12.45.1.x86_64",
"openSUSE Leap 15.0:kernel-vanilla-4.12.14-lp150.12.45.1.x86_64",
"openSUSE Leap 15.0:kernel-vanilla-base-4.12.14-lp150.12.45.1.x86_64",
"openSUSE Leap 15.0:kernel-vanilla-devel-4.12.14-lp150.12.45.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2018-12232",
"url": "https://www.suse.com/security/cve/CVE-2018-12232"
},
{
"category": "external",
"summary": "SUSE Bug 1087082 for CVE-2018-12232",
"url": "https://bugzilla.suse.com/1087082"
},
{
"category": "external",
"summary": "SUSE Bug 1097593 for CVE-2018-12232",
"url": "https://bugzilla.suse.com/1097593"
},
{
"category": "external",
"summary": "SUSE Bug 1125907 for CVE-2018-12232",
"url": "https://bugzilla.suse.com/1125907"
},
{
"category": "external",
"summary": "SUSE Bug 1127757 for CVE-2018-12232",
"url": "https://bugzilla.suse.com/1127757"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Leap 15.0:kernel-debug-4.12.14-lp150.12.45.1.x86_64",
"openSUSE Leap 15.0:kernel-debug-base-4.12.14-lp150.12.45.1.x86_64",
"openSUSE Leap 15.0:kernel-debug-devel-4.12.14-lp150.12.45.1.x86_64",
"openSUSE Leap 15.0:kernel-default-4.12.14-lp150.12.45.1.x86_64",
"openSUSE Leap 15.0:kernel-default-base-4.12.14-lp150.12.45.1.x86_64",
"openSUSE Leap 15.0:kernel-default-devel-4.12.14-lp150.12.45.1.x86_64",
"openSUSE Leap 15.0:kernel-devel-4.12.14-lp150.12.45.1.noarch",
"openSUSE Leap 15.0:kernel-docs-4.12.14-lp150.12.45.1.noarch",
"openSUSE Leap 15.0:kernel-docs-html-4.12.14-lp150.12.45.1.noarch",
"openSUSE Leap 15.0:kernel-kvmsmall-4.12.14-lp150.12.45.1.x86_64",
"openSUSE Leap 15.0:kernel-kvmsmall-base-4.12.14-lp150.12.45.1.x86_64",
"openSUSE Leap 15.0:kernel-kvmsmall-devel-4.12.14-lp150.12.45.1.x86_64",
"openSUSE Leap 15.0:kernel-macros-4.12.14-lp150.12.45.1.noarch",
"openSUSE Leap 15.0:kernel-obs-build-4.12.14-lp150.12.45.1.x86_64",
"openSUSE Leap 15.0:kernel-obs-qa-4.12.14-lp150.12.45.1.x86_64",
"openSUSE Leap 15.0:kernel-source-4.12.14-lp150.12.45.1.noarch",
"openSUSE Leap 15.0:kernel-source-vanilla-4.12.14-lp150.12.45.1.noarch",
"openSUSE Leap 15.0:kernel-syms-4.12.14-lp150.12.45.1.x86_64",
"openSUSE Leap 15.0:kernel-vanilla-4.12.14-lp150.12.45.1.x86_64",
"openSUSE Leap 15.0:kernel-vanilla-base-4.12.14-lp150.12.45.1.x86_64",
"openSUSE Leap 15.0:kernel-vanilla-devel-4.12.14-lp150.12.45.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.0"
},
"products": [
"openSUSE Leap 15.0:kernel-debug-4.12.14-lp150.12.45.1.x86_64",
"openSUSE Leap 15.0:kernel-debug-base-4.12.14-lp150.12.45.1.x86_64",
"openSUSE Leap 15.0:kernel-debug-devel-4.12.14-lp150.12.45.1.x86_64",
"openSUSE Leap 15.0:kernel-default-4.12.14-lp150.12.45.1.x86_64",
"openSUSE Leap 15.0:kernel-default-base-4.12.14-lp150.12.45.1.x86_64",
"openSUSE Leap 15.0:kernel-default-devel-4.12.14-lp150.12.45.1.x86_64",
"openSUSE Leap 15.0:kernel-devel-4.12.14-lp150.12.45.1.noarch",
"openSUSE Leap 15.0:kernel-docs-4.12.14-lp150.12.45.1.noarch",
"openSUSE Leap 15.0:kernel-docs-html-4.12.14-lp150.12.45.1.noarch",
"openSUSE Leap 15.0:kernel-kvmsmall-4.12.14-lp150.12.45.1.x86_64",
"openSUSE Leap 15.0:kernel-kvmsmall-base-4.12.14-lp150.12.45.1.x86_64",
"openSUSE Leap 15.0:kernel-kvmsmall-devel-4.12.14-lp150.12.45.1.x86_64",
"openSUSE Leap 15.0:kernel-macros-4.12.14-lp150.12.45.1.noarch",
"openSUSE Leap 15.0:kernel-obs-build-4.12.14-lp150.12.45.1.x86_64",
"openSUSE Leap 15.0:kernel-obs-qa-4.12.14-lp150.12.45.1.x86_64",
"openSUSE Leap 15.0:kernel-source-4.12.14-lp150.12.45.1.noarch",
"openSUSE Leap 15.0:kernel-source-vanilla-4.12.14-lp150.12.45.1.noarch",
"openSUSE Leap 15.0:kernel-syms-4.12.14-lp150.12.45.1.x86_64",
"openSUSE Leap 15.0:kernel-vanilla-4.12.14-lp150.12.45.1.x86_64",
"openSUSE Leap 15.0:kernel-vanilla-base-4.12.14-lp150.12.45.1.x86_64",
"openSUSE Leap 15.0:kernel-vanilla-devel-4.12.14-lp150.12.45.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2019-03-23T10:47:17Z",
"details": "important"
}
],
"title": "CVE-2018-12232"
},
{
"cve": "CVE-2018-14625",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2018-14625"
}
],
"notes": [
{
"category": "general",
"text": "A flaw was found in the Linux Kernel where an attacker may be able to have an uncontrolled read to kernel-memory from within a vm guest. A race condition between connect() and close() function may allow an attacker using the AF_VSOCK protocol to gather a 4 byte information leak or possibly intercept or corrupt AF_VSOCK messages destined to other clients.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Leap 15.0:kernel-debug-4.12.14-lp150.12.45.1.x86_64",
"openSUSE Leap 15.0:kernel-debug-base-4.12.14-lp150.12.45.1.x86_64",
"openSUSE Leap 15.0:kernel-debug-devel-4.12.14-lp150.12.45.1.x86_64",
"openSUSE Leap 15.0:kernel-default-4.12.14-lp150.12.45.1.x86_64",
"openSUSE Leap 15.0:kernel-default-base-4.12.14-lp150.12.45.1.x86_64",
"openSUSE Leap 15.0:kernel-default-devel-4.12.14-lp150.12.45.1.x86_64",
"openSUSE Leap 15.0:kernel-devel-4.12.14-lp150.12.45.1.noarch",
"openSUSE Leap 15.0:kernel-docs-4.12.14-lp150.12.45.1.noarch",
"openSUSE Leap 15.0:kernel-docs-html-4.12.14-lp150.12.45.1.noarch",
"openSUSE Leap 15.0:kernel-kvmsmall-4.12.14-lp150.12.45.1.x86_64",
"openSUSE Leap 15.0:kernel-kvmsmall-base-4.12.14-lp150.12.45.1.x86_64",
"openSUSE Leap 15.0:kernel-kvmsmall-devel-4.12.14-lp150.12.45.1.x86_64",
"openSUSE Leap 15.0:kernel-macros-4.12.14-lp150.12.45.1.noarch",
"openSUSE Leap 15.0:kernel-obs-build-4.12.14-lp150.12.45.1.x86_64",
"openSUSE Leap 15.0:kernel-obs-qa-4.12.14-lp150.12.45.1.x86_64",
"openSUSE Leap 15.0:kernel-source-4.12.14-lp150.12.45.1.noarch",
"openSUSE Leap 15.0:kernel-source-vanilla-4.12.14-lp150.12.45.1.noarch",
"openSUSE Leap 15.0:kernel-syms-4.12.14-lp150.12.45.1.x86_64",
"openSUSE Leap 15.0:kernel-vanilla-4.12.14-lp150.12.45.1.x86_64",
"openSUSE Leap 15.0:kernel-vanilla-base-4.12.14-lp150.12.45.1.x86_64",
"openSUSE Leap 15.0:kernel-vanilla-devel-4.12.14-lp150.12.45.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2018-14625",
"url": "https://www.suse.com/security/cve/CVE-2018-14625"
},
{
"category": "external",
"summary": "SUSE Bug 1106615 for CVE-2018-14625",
"url": "https://bugzilla.suse.com/1106615"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Leap 15.0:kernel-debug-4.12.14-lp150.12.45.1.x86_64",
"openSUSE Leap 15.0:kernel-debug-base-4.12.14-lp150.12.45.1.x86_64",
"openSUSE Leap 15.0:kernel-debug-devel-4.12.14-lp150.12.45.1.x86_64",
"openSUSE Leap 15.0:kernel-default-4.12.14-lp150.12.45.1.x86_64",
"openSUSE Leap 15.0:kernel-default-base-4.12.14-lp150.12.45.1.x86_64",
"openSUSE Leap 15.0:kernel-default-devel-4.12.14-lp150.12.45.1.x86_64",
"openSUSE Leap 15.0:kernel-devel-4.12.14-lp150.12.45.1.noarch",
"openSUSE Leap 15.0:kernel-docs-4.12.14-lp150.12.45.1.noarch",
"openSUSE Leap 15.0:kernel-docs-html-4.12.14-lp150.12.45.1.noarch",
"openSUSE Leap 15.0:kernel-kvmsmall-4.12.14-lp150.12.45.1.x86_64",
"openSUSE Leap 15.0:kernel-kvmsmall-base-4.12.14-lp150.12.45.1.x86_64",
"openSUSE Leap 15.0:kernel-kvmsmall-devel-4.12.14-lp150.12.45.1.x86_64",
"openSUSE Leap 15.0:kernel-macros-4.12.14-lp150.12.45.1.noarch",
"openSUSE Leap 15.0:kernel-obs-build-4.12.14-lp150.12.45.1.x86_64",
"openSUSE Leap 15.0:kernel-obs-qa-4.12.14-lp150.12.45.1.x86_64",
"openSUSE Leap 15.0:kernel-source-4.12.14-lp150.12.45.1.noarch",
"openSUSE Leap 15.0:kernel-source-vanilla-4.12.14-lp150.12.45.1.noarch",
"openSUSE Leap 15.0:kernel-syms-4.12.14-lp150.12.45.1.x86_64",
"openSUSE Leap 15.0:kernel-vanilla-4.12.14-lp150.12.45.1.x86_64",
"openSUSE Leap 15.0:kernel-vanilla-base-4.12.14-lp150.12.45.1.x86_64",
"openSUSE Leap 15.0:kernel-vanilla-devel-4.12.14-lp150.12.45.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:L/A:H",
"version": "3.0"
},
"products": [
"openSUSE Leap 15.0:kernel-debug-4.12.14-lp150.12.45.1.x86_64",
"openSUSE Leap 15.0:kernel-debug-base-4.12.14-lp150.12.45.1.x86_64",
"openSUSE Leap 15.0:kernel-debug-devel-4.12.14-lp150.12.45.1.x86_64",
"openSUSE Leap 15.0:kernel-default-4.12.14-lp150.12.45.1.x86_64",
"openSUSE Leap 15.0:kernel-default-base-4.12.14-lp150.12.45.1.x86_64",
"openSUSE Leap 15.0:kernel-default-devel-4.12.14-lp150.12.45.1.x86_64",
"openSUSE Leap 15.0:kernel-devel-4.12.14-lp150.12.45.1.noarch",
"openSUSE Leap 15.0:kernel-docs-4.12.14-lp150.12.45.1.noarch",
"openSUSE Leap 15.0:kernel-docs-html-4.12.14-lp150.12.45.1.noarch",
"openSUSE Leap 15.0:kernel-kvmsmall-4.12.14-lp150.12.45.1.x86_64",
"openSUSE Leap 15.0:kernel-kvmsmall-base-4.12.14-lp150.12.45.1.x86_64",
"openSUSE Leap 15.0:kernel-kvmsmall-devel-4.12.14-lp150.12.45.1.x86_64",
"openSUSE Leap 15.0:kernel-macros-4.12.14-lp150.12.45.1.noarch",
"openSUSE Leap 15.0:kernel-obs-build-4.12.14-lp150.12.45.1.x86_64",
"openSUSE Leap 15.0:kernel-obs-qa-4.12.14-lp150.12.45.1.x86_64",
"openSUSE Leap 15.0:kernel-source-4.12.14-lp150.12.45.1.noarch",
"openSUSE Leap 15.0:kernel-source-vanilla-4.12.14-lp150.12.45.1.noarch",
"openSUSE Leap 15.0:kernel-syms-4.12.14-lp150.12.45.1.x86_64",
"openSUSE Leap 15.0:kernel-vanilla-4.12.14-lp150.12.45.1.x86_64",
"openSUSE Leap 15.0:kernel-vanilla-base-4.12.14-lp150.12.45.1.x86_64",
"openSUSE Leap 15.0:kernel-vanilla-devel-4.12.14-lp150.12.45.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2019-03-23T10:47:17Z",
"details": "moderate"
}
],
"title": "CVE-2018-14625"
},
{
"cve": "CVE-2018-16862",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2018-16862"
}
],
"notes": [
{
"category": "general",
"text": "A security flaw was found in the Linux kernel in a way that the cleancache subsystem clears an inode after the final file truncation (removal). The new file created with the same inode may contain leftover pages from cleancache and the old file data instead of the new one.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Leap 15.0:kernel-debug-4.12.14-lp150.12.45.1.x86_64",
"openSUSE Leap 15.0:kernel-debug-base-4.12.14-lp150.12.45.1.x86_64",
"openSUSE Leap 15.0:kernel-debug-devel-4.12.14-lp150.12.45.1.x86_64",
"openSUSE Leap 15.0:kernel-default-4.12.14-lp150.12.45.1.x86_64",
"openSUSE Leap 15.0:kernel-default-base-4.12.14-lp150.12.45.1.x86_64",
"openSUSE Leap 15.0:kernel-default-devel-4.12.14-lp150.12.45.1.x86_64",
"openSUSE Leap 15.0:kernel-devel-4.12.14-lp150.12.45.1.noarch",
"openSUSE Leap 15.0:kernel-docs-4.12.14-lp150.12.45.1.noarch",
"openSUSE Leap 15.0:kernel-docs-html-4.12.14-lp150.12.45.1.noarch",
"openSUSE Leap 15.0:kernel-kvmsmall-4.12.14-lp150.12.45.1.x86_64",
"openSUSE Leap 15.0:kernel-kvmsmall-base-4.12.14-lp150.12.45.1.x86_64",
"openSUSE Leap 15.0:kernel-kvmsmall-devel-4.12.14-lp150.12.45.1.x86_64",
"openSUSE Leap 15.0:kernel-macros-4.12.14-lp150.12.45.1.noarch",
"openSUSE Leap 15.0:kernel-obs-build-4.12.14-lp150.12.45.1.x86_64",
"openSUSE Leap 15.0:kernel-obs-qa-4.12.14-lp150.12.45.1.x86_64",
"openSUSE Leap 15.0:kernel-source-4.12.14-lp150.12.45.1.noarch",
"openSUSE Leap 15.0:kernel-source-vanilla-4.12.14-lp150.12.45.1.noarch",
"openSUSE Leap 15.0:kernel-syms-4.12.14-lp150.12.45.1.x86_64",
"openSUSE Leap 15.0:kernel-vanilla-4.12.14-lp150.12.45.1.x86_64",
"openSUSE Leap 15.0:kernel-vanilla-base-4.12.14-lp150.12.45.1.x86_64",
"openSUSE Leap 15.0:kernel-vanilla-devel-4.12.14-lp150.12.45.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2018-16862",
"url": "https://www.suse.com/security/cve/CVE-2018-16862"
},
{
"category": "external",
"summary": "SUSE Bug 1117186 for CVE-2018-16862",
"url": "https://bugzilla.suse.com/1117186"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Leap 15.0:kernel-debug-4.12.14-lp150.12.45.1.x86_64",
"openSUSE Leap 15.0:kernel-debug-base-4.12.14-lp150.12.45.1.x86_64",
"openSUSE Leap 15.0:kernel-debug-devel-4.12.14-lp150.12.45.1.x86_64",
"openSUSE Leap 15.0:kernel-default-4.12.14-lp150.12.45.1.x86_64",
"openSUSE Leap 15.0:kernel-default-base-4.12.14-lp150.12.45.1.x86_64",
"openSUSE Leap 15.0:kernel-default-devel-4.12.14-lp150.12.45.1.x86_64",
"openSUSE Leap 15.0:kernel-devel-4.12.14-lp150.12.45.1.noarch",
"openSUSE Leap 15.0:kernel-docs-4.12.14-lp150.12.45.1.noarch",
"openSUSE Leap 15.0:kernel-docs-html-4.12.14-lp150.12.45.1.noarch",
"openSUSE Leap 15.0:kernel-kvmsmall-4.12.14-lp150.12.45.1.x86_64",
"openSUSE Leap 15.0:kernel-kvmsmall-base-4.12.14-lp150.12.45.1.x86_64",
"openSUSE Leap 15.0:kernel-kvmsmall-devel-4.12.14-lp150.12.45.1.x86_64",
"openSUSE Leap 15.0:kernel-macros-4.12.14-lp150.12.45.1.noarch",
"openSUSE Leap 15.0:kernel-obs-build-4.12.14-lp150.12.45.1.x86_64",
"openSUSE Leap 15.0:kernel-obs-qa-4.12.14-lp150.12.45.1.x86_64",
"openSUSE Leap 15.0:kernel-source-4.12.14-lp150.12.45.1.noarch",
"openSUSE Leap 15.0:kernel-source-vanilla-4.12.14-lp150.12.45.1.noarch",
"openSUSE Leap 15.0:kernel-syms-4.12.14-lp150.12.45.1.x86_64",
"openSUSE Leap 15.0:kernel-vanilla-4.12.14-lp150.12.45.1.x86_64",
"openSUSE Leap 15.0:kernel-vanilla-base-4.12.14-lp150.12.45.1.x86_64",
"openSUSE Leap 15.0:kernel-vanilla-devel-4.12.14-lp150.12.45.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.0/AV:L/AC:H/PR:N/UI:R/S:U/C:H/I:L/A:N",
"version": "3.0"
},
"products": [
"openSUSE Leap 15.0:kernel-debug-4.12.14-lp150.12.45.1.x86_64",
"openSUSE Leap 15.0:kernel-debug-base-4.12.14-lp150.12.45.1.x86_64",
"openSUSE Leap 15.0:kernel-debug-devel-4.12.14-lp150.12.45.1.x86_64",
"openSUSE Leap 15.0:kernel-default-4.12.14-lp150.12.45.1.x86_64",
"openSUSE Leap 15.0:kernel-default-base-4.12.14-lp150.12.45.1.x86_64",
"openSUSE Leap 15.0:kernel-default-devel-4.12.14-lp150.12.45.1.x86_64",
"openSUSE Leap 15.0:kernel-devel-4.12.14-lp150.12.45.1.noarch",
"openSUSE Leap 15.0:kernel-docs-4.12.14-lp150.12.45.1.noarch",
"openSUSE Leap 15.0:kernel-docs-html-4.12.14-lp150.12.45.1.noarch",
"openSUSE Leap 15.0:kernel-kvmsmall-4.12.14-lp150.12.45.1.x86_64",
"openSUSE Leap 15.0:kernel-kvmsmall-base-4.12.14-lp150.12.45.1.x86_64",
"openSUSE Leap 15.0:kernel-kvmsmall-devel-4.12.14-lp150.12.45.1.x86_64",
"openSUSE Leap 15.0:kernel-macros-4.12.14-lp150.12.45.1.noarch",
"openSUSE Leap 15.0:kernel-obs-build-4.12.14-lp150.12.45.1.x86_64",
"openSUSE Leap 15.0:kernel-obs-qa-4.12.14-lp150.12.45.1.x86_64",
"openSUSE Leap 15.0:kernel-source-4.12.14-lp150.12.45.1.noarch",
"openSUSE Leap 15.0:kernel-source-vanilla-4.12.14-lp150.12.45.1.noarch",
"openSUSE Leap 15.0:kernel-syms-4.12.14-lp150.12.45.1.x86_64",
"openSUSE Leap 15.0:kernel-vanilla-4.12.14-lp150.12.45.1.x86_64",
"openSUSE Leap 15.0:kernel-vanilla-base-4.12.14-lp150.12.45.1.x86_64",
"openSUSE Leap 15.0:kernel-vanilla-devel-4.12.14-lp150.12.45.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2019-03-23T10:47:17Z",
"details": "moderate"
}
],
"title": "CVE-2018-16862"
},
{
"cve": "CVE-2018-16884",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2018-16884"
}
],
"notes": [
{
"category": "general",
"text": "A flaw was found in the Linux kernel\u0027s NFS41+ subsystem. NFS41+ shares mounted in different network namespaces at the same time can make bc_svc_process() use wrong back-channel IDs and cause a use-after-free vulnerability. Thus a malicious container user can cause a host kernel memory corruption and a system panic. Due to the nature of the flaw, privilege escalation cannot be fully ruled out.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Leap 15.0:kernel-debug-4.12.14-lp150.12.45.1.x86_64",
"openSUSE Leap 15.0:kernel-debug-base-4.12.14-lp150.12.45.1.x86_64",
"openSUSE Leap 15.0:kernel-debug-devel-4.12.14-lp150.12.45.1.x86_64",
"openSUSE Leap 15.0:kernel-default-4.12.14-lp150.12.45.1.x86_64",
"openSUSE Leap 15.0:kernel-default-base-4.12.14-lp150.12.45.1.x86_64",
"openSUSE Leap 15.0:kernel-default-devel-4.12.14-lp150.12.45.1.x86_64",
"openSUSE Leap 15.0:kernel-devel-4.12.14-lp150.12.45.1.noarch",
"openSUSE Leap 15.0:kernel-docs-4.12.14-lp150.12.45.1.noarch",
"openSUSE Leap 15.0:kernel-docs-html-4.12.14-lp150.12.45.1.noarch",
"openSUSE Leap 15.0:kernel-kvmsmall-4.12.14-lp150.12.45.1.x86_64",
"openSUSE Leap 15.0:kernel-kvmsmall-base-4.12.14-lp150.12.45.1.x86_64",
"openSUSE Leap 15.0:kernel-kvmsmall-devel-4.12.14-lp150.12.45.1.x86_64",
"openSUSE Leap 15.0:kernel-macros-4.12.14-lp150.12.45.1.noarch",
"openSUSE Leap 15.0:kernel-obs-build-4.12.14-lp150.12.45.1.x86_64",
"openSUSE Leap 15.0:kernel-obs-qa-4.12.14-lp150.12.45.1.x86_64",
"openSUSE Leap 15.0:kernel-source-4.12.14-lp150.12.45.1.noarch",
"openSUSE Leap 15.0:kernel-source-vanilla-4.12.14-lp150.12.45.1.noarch",
"openSUSE Leap 15.0:kernel-syms-4.12.14-lp150.12.45.1.x86_64",
"openSUSE Leap 15.0:kernel-vanilla-4.12.14-lp150.12.45.1.x86_64",
"openSUSE Leap 15.0:kernel-vanilla-base-4.12.14-lp150.12.45.1.x86_64",
"openSUSE Leap 15.0:kernel-vanilla-devel-4.12.14-lp150.12.45.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2018-16884",
"url": "https://www.suse.com/security/cve/CVE-2018-16884"
},
{
"category": "external",
"summary": "SUSE Bug 1119946 for CVE-2018-16884",
"url": "https://bugzilla.suse.com/1119946"
},
{
"category": "external",
"summary": "SUSE Bug 1119947 for CVE-2018-16884",
"url": "https://bugzilla.suse.com/1119947"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Leap 15.0:kernel-debug-4.12.14-lp150.12.45.1.x86_64",
"openSUSE Leap 15.0:kernel-debug-base-4.12.14-lp150.12.45.1.x86_64",
"openSUSE Leap 15.0:kernel-debug-devel-4.12.14-lp150.12.45.1.x86_64",
"openSUSE Leap 15.0:kernel-default-4.12.14-lp150.12.45.1.x86_64",
"openSUSE Leap 15.0:kernel-default-base-4.12.14-lp150.12.45.1.x86_64",
"openSUSE Leap 15.0:kernel-default-devel-4.12.14-lp150.12.45.1.x86_64",
"openSUSE Leap 15.0:kernel-devel-4.12.14-lp150.12.45.1.noarch",
"openSUSE Leap 15.0:kernel-docs-4.12.14-lp150.12.45.1.noarch",
"openSUSE Leap 15.0:kernel-docs-html-4.12.14-lp150.12.45.1.noarch",
"openSUSE Leap 15.0:kernel-kvmsmall-4.12.14-lp150.12.45.1.x86_64",
"openSUSE Leap 15.0:kernel-kvmsmall-base-4.12.14-lp150.12.45.1.x86_64",
"openSUSE Leap 15.0:kernel-kvmsmall-devel-4.12.14-lp150.12.45.1.x86_64",
"openSUSE Leap 15.0:kernel-macros-4.12.14-lp150.12.45.1.noarch",
"openSUSE Leap 15.0:kernel-obs-build-4.12.14-lp150.12.45.1.x86_64",
"openSUSE Leap 15.0:kernel-obs-qa-4.12.14-lp150.12.45.1.x86_64",
"openSUSE Leap 15.0:kernel-source-4.12.14-lp150.12.45.1.noarch",
"openSUSE Leap 15.0:kernel-source-vanilla-4.12.14-lp150.12.45.1.noarch",
"openSUSE Leap 15.0:kernel-syms-4.12.14-lp150.12.45.1.x86_64",
"openSUSE Leap 15.0:kernel-vanilla-4.12.14-lp150.12.45.1.x86_64",
"openSUSE Leap 15.0:kernel-vanilla-base-4.12.14-lp150.12.45.1.x86_64",
"openSUSE Leap 15.0:kernel-vanilla-devel-4.12.14-lp150.12.45.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"products": [
"openSUSE Leap 15.0:kernel-debug-4.12.14-lp150.12.45.1.x86_64",
"openSUSE Leap 15.0:kernel-debug-base-4.12.14-lp150.12.45.1.x86_64",
"openSUSE Leap 15.0:kernel-debug-devel-4.12.14-lp150.12.45.1.x86_64",
"openSUSE Leap 15.0:kernel-default-4.12.14-lp150.12.45.1.x86_64",
"openSUSE Leap 15.0:kernel-default-base-4.12.14-lp150.12.45.1.x86_64",
"openSUSE Leap 15.0:kernel-default-devel-4.12.14-lp150.12.45.1.x86_64",
"openSUSE Leap 15.0:kernel-devel-4.12.14-lp150.12.45.1.noarch",
"openSUSE Leap 15.0:kernel-docs-4.12.14-lp150.12.45.1.noarch",
"openSUSE Leap 15.0:kernel-docs-html-4.12.14-lp150.12.45.1.noarch",
"openSUSE Leap 15.0:kernel-kvmsmall-4.12.14-lp150.12.45.1.x86_64",
"openSUSE Leap 15.0:kernel-kvmsmall-base-4.12.14-lp150.12.45.1.x86_64",
"openSUSE Leap 15.0:kernel-kvmsmall-devel-4.12.14-lp150.12.45.1.x86_64",
"openSUSE Leap 15.0:kernel-macros-4.12.14-lp150.12.45.1.noarch",
"openSUSE Leap 15.0:kernel-obs-build-4.12.14-lp150.12.45.1.x86_64",
"openSUSE Leap 15.0:kernel-obs-qa-4.12.14-lp150.12.45.1.x86_64",
"openSUSE Leap 15.0:kernel-source-4.12.14-lp150.12.45.1.noarch",
"openSUSE Leap 15.0:kernel-source-vanilla-4.12.14-lp150.12.45.1.noarch",
"openSUSE Leap 15.0:kernel-syms-4.12.14-lp150.12.45.1.x86_64",
"openSUSE Leap 15.0:kernel-vanilla-4.12.14-lp150.12.45.1.x86_64",
"openSUSE Leap 15.0:kernel-vanilla-base-4.12.14-lp150.12.45.1.x86_64",
"openSUSE Leap 15.0:kernel-vanilla-devel-4.12.14-lp150.12.45.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2019-03-23T10:47:17Z",
"details": "important"
}
],
"title": "CVE-2018-16884"
},
{
"cve": "CVE-2018-18397",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2018-18397"
}
],
"notes": [
{
"category": "general",
"text": "The userfaultfd implementation in the Linux kernel before 4.19.7 mishandles access control for certain UFFDIO_ ioctl calls, as demonstrated by allowing local users to write data into holes in a tmpfs file (if the user has read-only access to that file, and that file contains holes), related to fs/userfaultfd.c and mm/userfaultfd.c.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Leap 15.0:kernel-debug-4.12.14-lp150.12.45.1.x86_64",
"openSUSE Leap 15.0:kernel-debug-base-4.12.14-lp150.12.45.1.x86_64",
"openSUSE Leap 15.0:kernel-debug-devel-4.12.14-lp150.12.45.1.x86_64",
"openSUSE Leap 15.0:kernel-default-4.12.14-lp150.12.45.1.x86_64",
"openSUSE Leap 15.0:kernel-default-base-4.12.14-lp150.12.45.1.x86_64",
"openSUSE Leap 15.0:kernel-default-devel-4.12.14-lp150.12.45.1.x86_64",
"openSUSE Leap 15.0:kernel-devel-4.12.14-lp150.12.45.1.noarch",
"openSUSE Leap 15.0:kernel-docs-4.12.14-lp150.12.45.1.noarch",
"openSUSE Leap 15.0:kernel-docs-html-4.12.14-lp150.12.45.1.noarch",
"openSUSE Leap 15.0:kernel-kvmsmall-4.12.14-lp150.12.45.1.x86_64",
"openSUSE Leap 15.0:kernel-kvmsmall-base-4.12.14-lp150.12.45.1.x86_64",
"openSUSE Leap 15.0:kernel-kvmsmall-devel-4.12.14-lp150.12.45.1.x86_64",
"openSUSE Leap 15.0:kernel-macros-4.12.14-lp150.12.45.1.noarch",
"openSUSE Leap 15.0:kernel-obs-build-4.12.14-lp150.12.45.1.x86_64",
"openSUSE Leap 15.0:kernel-obs-qa-4.12.14-lp150.12.45.1.x86_64",
"openSUSE Leap 15.0:kernel-source-4.12.14-lp150.12.45.1.noarch",
"openSUSE Leap 15.0:kernel-source-vanilla-4.12.14-lp150.12.45.1.noarch",
"openSUSE Leap 15.0:kernel-syms-4.12.14-lp150.12.45.1.x86_64",
"openSUSE Leap 15.0:kernel-vanilla-4.12.14-lp150.12.45.1.x86_64",
"openSUSE Leap 15.0:kernel-vanilla-base-4.12.14-lp150.12.45.1.x86_64",
"openSUSE Leap 15.0:kernel-vanilla-devel-4.12.14-lp150.12.45.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2018-18397",
"url": "https://www.suse.com/security/cve/CVE-2018-18397"
},
{
"category": "external",
"summary": "SUSE Bug 1117656 for CVE-2018-18397",
"url": "https://bugzilla.suse.com/1117656"
},
{
"category": "external",
"summary": "SUSE Bug 1171522 for CVE-2018-18397",
"url": "https://bugzilla.suse.com/1171522"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Leap 15.0:kernel-debug-4.12.14-lp150.12.45.1.x86_64",
"openSUSE Leap 15.0:kernel-debug-base-4.12.14-lp150.12.45.1.x86_64",
"openSUSE Leap 15.0:kernel-debug-devel-4.12.14-lp150.12.45.1.x86_64",
"openSUSE Leap 15.0:kernel-default-4.12.14-lp150.12.45.1.x86_64",
"openSUSE Leap 15.0:kernel-default-base-4.12.14-lp150.12.45.1.x86_64",
"openSUSE Leap 15.0:kernel-default-devel-4.12.14-lp150.12.45.1.x86_64",
"openSUSE Leap 15.0:kernel-devel-4.12.14-lp150.12.45.1.noarch",
"openSUSE Leap 15.0:kernel-docs-4.12.14-lp150.12.45.1.noarch",
"openSUSE Leap 15.0:kernel-docs-html-4.12.14-lp150.12.45.1.noarch",
"openSUSE Leap 15.0:kernel-kvmsmall-4.12.14-lp150.12.45.1.x86_64",
"openSUSE Leap 15.0:kernel-kvmsmall-base-4.12.14-lp150.12.45.1.x86_64",
"openSUSE Leap 15.0:kernel-kvmsmall-devel-4.12.14-lp150.12.45.1.x86_64",
"openSUSE Leap 15.0:kernel-macros-4.12.14-lp150.12.45.1.noarch",
"openSUSE Leap 15.0:kernel-obs-build-4.12.14-lp150.12.45.1.x86_64",
"openSUSE Leap 15.0:kernel-obs-qa-4.12.14-lp150.12.45.1.x86_64",
"openSUSE Leap 15.0:kernel-source-4.12.14-lp150.12.45.1.noarch",
"openSUSE Leap 15.0:kernel-source-vanilla-4.12.14-lp150.12.45.1.noarch",
"openSUSE Leap 15.0:kernel-syms-4.12.14-lp150.12.45.1.x86_64",
"openSUSE Leap 15.0:kernel-vanilla-4.12.14-lp150.12.45.1.x86_64",
"openSUSE Leap 15.0:kernel-vanilla-base-4.12.14-lp150.12.45.1.x86_64",
"openSUSE Leap 15.0:kernel-vanilla-devel-4.12.14-lp150.12.45.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:H/A:N",
"version": "3.0"
},
"products": [
"openSUSE Leap 15.0:kernel-debug-4.12.14-lp150.12.45.1.x86_64",
"openSUSE Leap 15.0:kernel-debug-base-4.12.14-lp150.12.45.1.x86_64",
"openSUSE Leap 15.0:kernel-debug-devel-4.12.14-lp150.12.45.1.x86_64",
"openSUSE Leap 15.0:kernel-default-4.12.14-lp150.12.45.1.x86_64",
"openSUSE Leap 15.0:kernel-default-base-4.12.14-lp150.12.45.1.x86_64",
"openSUSE Leap 15.0:kernel-default-devel-4.12.14-lp150.12.45.1.x86_64",
"openSUSE Leap 15.0:kernel-devel-4.12.14-lp150.12.45.1.noarch",
"openSUSE Leap 15.0:kernel-docs-4.12.14-lp150.12.45.1.noarch",
"openSUSE Leap 15.0:kernel-docs-html-4.12.14-lp150.12.45.1.noarch",
"openSUSE Leap 15.0:kernel-kvmsmall-4.12.14-lp150.12.45.1.x86_64",
"openSUSE Leap 15.0:kernel-kvmsmall-base-4.12.14-lp150.12.45.1.x86_64",
"openSUSE Leap 15.0:kernel-kvmsmall-devel-4.12.14-lp150.12.45.1.x86_64",
"openSUSE Leap 15.0:kernel-macros-4.12.14-lp150.12.45.1.noarch",
"openSUSE Leap 15.0:kernel-obs-build-4.12.14-lp150.12.45.1.x86_64",
"openSUSE Leap 15.0:kernel-obs-qa-4.12.14-lp150.12.45.1.x86_64",
"openSUSE Leap 15.0:kernel-source-4.12.14-lp150.12.45.1.noarch",
"openSUSE Leap 15.0:kernel-source-vanilla-4.12.14-lp150.12.45.1.noarch",
"openSUSE Leap 15.0:kernel-syms-4.12.14-lp150.12.45.1.x86_64",
"openSUSE Leap 15.0:kernel-vanilla-4.12.14-lp150.12.45.1.x86_64",
"openSUSE Leap 15.0:kernel-vanilla-base-4.12.14-lp150.12.45.1.x86_64",
"openSUSE Leap 15.0:kernel-vanilla-devel-4.12.14-lp150.12.45.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2019-03-23T10:47:17Z",
"details": "moderate"
}
],
"title": "CVE-2018-18397"
},
{
"cve": "CVE-2018-19407",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2018-19407"
}
],
"notes": [
{
"category": "general",
"text": "The vcpu_scan_ioapic function in arch/x86/kvm/x86.c in the Linux kernel through 4.19.2 allows local users to cause a denial of service (NULL pointer dereference and BUG) via crafted system calls that reach a situation where ioapic is uninitialized.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Leap 15.0:kernel-debug-4.12.14-lp150.12.45.1.x86_64",
"openSUSE Leap 15.0:kernel-debug-base-4.12.14-lp150.12.45.1.x86_64",
"openSUSE Leap 15.0:kernel-debug-devel-4.12.14-lp150.12.45.1.x86_64",
"openSUSE Leap 15.0:kernel-default-4.12.14-lp150.12.45.1.x86_64",
"openSUSE Leap 15.0:kernel-default-base-4.12.14-lp150.12.45.1.x86_64",
"openSUSE Leap 15.0:kernel-default-devel-4.12.14-lp150.12.45.1.x86_64",
"openSUSE Leap 15.0:kernel-devel-4.12.14-lp150.12.45.1.noarch",
"openSUSE Leap 15.0:kernel-docs-4.12.14-lp150.12.45.1.noarch",
"openSUSE Leap 15.0:kernel-docs-html-4.12.14-lp150.12.45.1.noarch",
"openSUSE Leap 15.0:kernel-kvmsmall-4.12.14-lp150.12.45.1.x86_64",
"openSUSE Leap 15.0:kernel-kvmsmall-base-4.12.14-lp150.12.45.1.x86_64",
"openSUSE Leap 15.0:kernel-kvmsmall-devel-4.12.14-lp150.12.45.1.x86_64",
"openSUSE Leap 15.0:kernel-macros-4.12.14-lp150.12.45.1.noarch",
"openSUSE Leap 15.0:kernel-obs-build-4.12.14-lp150.12.45.1.x86_64",
"openSUSE Leap 15.0:kernel-obs-qa-4.12.14-lp150.12.45.1.x86_64",
"openSUSE Leap 15.0:kernel-source-4.12.14-lp150.12.45.1.noarch",
"openSUSE Leap 15.0:kernel-source-vanilla-4.12.14-lp150.12.45.1.noarch",
"openSUSE Leap 15.0:kernel-syms-4.12.14-lp150.12.45.1.x86_64",
"openSUSE Leap 15.0:kernel-vanilla-4.12.14-lp150.12.45.1.x86_64",
"openSUSE Leap 15.0:kernel-vanilla-base-4.12.14-lp150.12.45.1.x86_64",
"openSUSE Leap 15.0:kernel-vanilla-devel-4.12.14-lp150.12.45.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2018-19407",
"url": "https://www.suse.com/security/cve/CVE-2018-19407"
},
{
"category": "external",
"summary": "SUSE Bug 1116841 for CVE-2018-19407",
"url": "https://bugzilla.suse.com/1116841"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Leap 15.0:kernel-debug-4.12.14-lp150.12.45.1.x86_64",
"openSUSE Leap 15.0:kernel-debug-base-4.12.14-lp150.12.45.1.x86_64",
"openSUSE Leap 15.0:kernel-debug-devel-4.12.14-lp150.12.45.1.x86_64",
"openSUSE Leap 15.0:kernel-default-4.12.14-lp150.12.45.1.x86_64",
"openSUSE Leap 15.0:kernel-default-base-4.12.14-lp150.12.45.1.x86_64",
"openSUSE Leap 15.0:kernel-default-devel-4.12.14-lp150.12.45.1.x86_64",
"openSUSE Leap 15.0:kernel-devel-4.12.14-lp150.12.45.1.noarch",
"openSUSE Leap 15.0:kernel-docs-4.12.14-lp150.12.45.1.noarch",
"openSUSE Leap 15.0:kernel-docs-html-4.12.14-lp150.12.45.1.noarch",
"openSUSE Leap 15.0:kernel-kvmsmall-4.12.14-lp150.12.45.1.x86_64",
"openSUSE Leap 15.0:kernel-kvmsmall-base-4.12.14-lp150.12.45.1.x86_64",
"openSUSE Leap 15.0:kernel-kvmsmall-devel-4.12.14-lp150.12.45.1.x86_64",
"openSUSE Leap 15.0:kernel-macros-4.12.14-lp150.12.45.1.noarch",
"openSUSE Leap 15.0:kernel-obs-build-4.12.14-lp150.12.45.1.x86_64",
"openSUSE Leap 15.0:kernel-obs-qa-4.12.14-lp150.12.45.1.x86_64",
"openSUSE Leap 15.0:kernel-source-4.12.14-lp150.12.45.1.noarch",
"openSUSE Leap 15.0:kernel-source-vanilla-4.12.14-lp150.12.45.1.noarch",
"openSUSE Leap 15.0:kernel-syms-4.12.14-lp150.12.45.1.x86_64",
"openSUSE Leap 15.0:kernel-vanilla-4.12.14-lp150.12.45.1.x86_64",
"openSUSE Leap 15.0:kernel-vanilla-base-4.12.14-lp150.12.45.1.x86_64",
"openSUSE Leap 15.0:kernel-vanilla-devel-4.12.14-lp150.12.45.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.0"
},
"products": [
"openSUSE Leap 15.0:kernel-debug-4.12.14-lp150.12.45.1.x86_64",
"openSUSE Leap 15.0:kernel-debug-base-4.12.14-lp150.12.45.1.x86_64",
"openSUSE Leap 15.0:kernel-debug-devel-4.12.14-lp150.12.45.1.x86_64",
"openSUSE Leap 15.0:kernel-default-4.12.14-lp150.12.45.1.x86_64",
"openSUSE Leap 15.0:kernel-default-base-4.12.14-lp150.12.45.1.x86_64",
"openSUSE Leap 15.0:kernel-default-devel-4.12.14-lp150.12.45.1.x86_64",
"openSUSE Leap 15.0:kernel-devel-4.12.14-lp150.12.45.1.noarch",
"openSUSE Leap 15.0:kernel-docs-4.12.14-lp150.12.45.1.noarch",
"openSUSE Leap 15.0:kernel-docs-html-4.12.14-lp150.12.45.1.noarch",
"openSUSE Leap 15.0:kernel-kvmsmall-4.12.14-lp150.12.45.1.x86_64",
"openSUSE Leap 15.0:kernel-kvmsmall-base-4.12.14-lp150.12.45.1.x86_64",
"openSUSE Leap 15.0:kernel-kvmsmall-devel-4.12.14-lp150.12.45.1.x86_64",
"openSUSE Leap 15.0:kernel-macros-4.12.14-lp150.12.45.1.noarch",
"openSUSE Leap 15.0:kernel-obs-build-4.12.14-lp150.12.45.1.x86_64",
"openSUSE Leap 15.0:kernel-obs-qa-4.12.14-lp150.12.45.1.x86_64",
"openSUSE Leap 15.0:kernel-source-4.12.14-lp150.12.45.1.noarch",
"openSUSE Leap 15.0:kernel-source-vanilla-4.12.14-lp150.12.45.1.noarch",
"openSUSE Leap 15.0:kernel-syms-4.12.14-lp150.12.45.1.x86_64",
"openSUSE Leap 15.0:kernel-vanilla-4.12.14-lp150.12.45.1.x86_64",
"openSUSE Leap 15.0:kernel-vanilla-base-4.12.14-lp150.12.45.1.x86_64",
"openSUSE Leap 15.0:kernel-vanilla-devel-4.12.14-lp150.12.45.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2019-03-23T10:47:17Z",
"details": "moderate"
}
],
"title": "CVE-2018-19407"
},
{
"cve": "CVE-2018-19824",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2018-19824"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel through 4.19.6, a local user could exploit a use-after-free in the ALSA driver by supplying a malicious USB Sound device (with zero interfaces) that is mishandled in usb_audio_probe in sound/usb/card.c.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Leap 15.0:kernel-debug-4.12.14-lp150.12.45.1.x86_64",
"openSUSE Leap 15.0:kernel-debug-base-4.12.14-lp150.12.45.1.x86_64",
"openSUSE Leap 15.0:kernel-debug-devel-4.12.14-lp150.12.45.1.x86_64",
"openSUSE Leap 15.0:kernel-default-4.12.14-lp150.12.45.1.x86_64",
"openSUSE Leap 15.0:kernel-default-base-4.12.14-lp150.12.45.1.x86_64",
"openSUSE Leap 15.0:kernel-default-devel-4.12.14-lp150.12.45.1.x86_64",
"openSUSE Leap 15.0:kernel-devel-4.12.14-lp150.12.45.1.noarch",
"openSUSE Leap 15.0:kernel-docs-4.12.14-lp150.12.45.1.noarch",
"openSUSE Leap 15.0:kernel-docs-html-4.12.14-lp150.12.45.1.noarch",
"openSUSE Leap 15.0:kernel-kvmsmall-4.12.14-lp150.12.45.1.x86_64",
"openSUSE Leap 15.0:kernel-kvmsmall-base-4.12.14-lp150.12.45.1.x86_64",
"openSUSE Leap 15.0:kernel-kvmsmall-devel-4.12.14-lp150.12.45.1.x86_64",
"openSUSE Leap 15.0:kernel-macros-4.12.14-lp150.12.45.1.noarch",
"openSUSE Leap 15.0:kernel-obs-build-4.12.14-lp150.12.45.1.x86_64",
"openSUSE Leap 15.0:kernel-obs-qa-4.12.14-lp150.12.45.1.x86_64",
"openSUSE Leap 15.0:kernel-source-4.12.14-lp150.12.45.1.noarch",
"openSUSE Leap 15.0:kernel-source-vanilla-4.12.14-lp150.12.45.1.noarch",
"openSUSE Leap 15.0:kernel-syms-4.12.14-lp150.12.45.1.x86_64",
"openSUSE Leap 15.0:kernel-vanilla-4.12.14-lp150.12.45.1.x86_64",
"openSUSE Leap 15.0:kernel-vanilla-base-4.12.14-lp150.12.45.1.x86_64",
"openSUSE Leap 15.0:kernel-vanilla-devel-4.12.14-lp150.12.45.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2018-19824",
"url": "https://www.suse.com/security/cve/CVE-2018-19824"
},
{
"category": "external",
"summary": "SUSE Bug 1118152 for CVE-2018-19824",
"url": "https://bugzilla.suse.com/1118152"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Leap 15.0:kernel-debug-4.12.14-lp150.12.45.1.x86_64",
"openSUSE Leap 15.0:kernel-debug-base-4.12.14-lp150.12.45.1.x86_64",
"openSUSE Leap 15.0:kernel-debug-devel-4.12.14-lp150.12.45.1.x86_64",
"openSUSE Leap 15.0:kernel-default-4.12.14-lp150.12.45.1.x86_64",
"openSUSE Leap 15.0:kernel-default-base-4.12.14-lp150.12.45.1.x86_64",
"openSUSE Leap 15.0:kernel-default-devel-4.12.14-lp150.12.45.1.x86_64",
"openSUSE Leap 15.0:kernel-devel-4.12.14-lp150.12.45.1.noarch",
"openSUSE Leap 15.0:kernel-docs-4.12.14-lp150.12.45.1.noarch",
"openSUSE Leap 15.0:kernel-docs-html-4.12.14-lp150.12.45.1.noarch",
"openSUSE Leap 15.0:kernel-kvmsmall-4.12.14-lp150.12.45.1.x86_64",
"openSUSE Leap 15.0:kernel-kvmsmall-base-4.12.14-lp150.12.45.1.x86_64",
"openSUSE Leap 15.0:kernel-kvmsmall-devel-4.12.14-lp150.12.45.1.x86_64",
"openSUSE Leap 15.0:kernel-macros-4.12.14-lp150.12.45.1.noarch",
"openSUSE Leap 15.0:kernel-obs-build-4.12.14-lp150.12.45.1.x86_64",
"openSUSE Leap 15.0:kernel-obs-qa-4.12.14-lp150.12.45.1.x86_64",
"openSUSE Leap 15.0:kernel-source-4.12.14-lp150.12.45.1.noarch",
"openSUSE Leap 15.0:kernel-source-vanilla-4.12.14-lp150.12.45.1.noarch",
"openSUSE Leap 15.0:kernel-syms-4.12.14-lp150.12.45.1.x86_64",
"openSUSE Leap 15.0:kernel-vanilla-4.12.14-lp150.12.45.1.x86_64",
"openSUSE Leap 15.0:kernel-vanilla-base-4.12.14-lp150.12.45.1.x86_64",
"openSUSE Leap 15.0:kernel-vanilla-devel-4.12.14-lp150.12.45.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.6,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.0/AV:P/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"products": [
"openSUSE Leap 15.0:kernel-debug-4.12.14-lp150.12.45.1.x86_64",
"openSUSE Leap 15.0:kernel-debug-base-4.12.14-lp150.12.45.1.x86_64",
"openSUSE Leap 15.0:kernel-debug-devel-4.12.14-lp150.12.45.1.x86_64",
"openSUSE Leap 15.0:kernel-default-4.12.14-lp150.12.45.1.x86_64",
"openSUSE Leap 15.0:kernel-default-base-4.12.14-lp150.12.45.1.x86_64",
"openSUSE Leap 15.0:kernel-default-devel-4.12.14-lp150.12.45.1.x86_64",
"openSUSE Leap 15.0:kernel-devel-4.12.14-lp150.12.45.1.noarch",
"openSUSE Leap 15.0:kernel-docs-4.12.14-lp150.12.45.1.noarch",
"openSUSE Leap 15.0:kernel-docs-html-4.12.14-lp150.12.45.1.noarch",
"openSUSE Leap 15.0:kernel-kvmsmall-4.12.14-lp150.12.45.1.x86_64",
"openSUSE Leap 15.0:kernel-kvmsmall-base-4.12.14-lp150.12.45.1.x86_64",
"openSUSE Leap 15.0:kernel-kvmsmall-devel-4.12.14-lp150.12.45.1.x86_64",
"openSUSE Leap 15.0:kernel-macros-4.12.14-lp150.12.45.1.noarch",
"openSUSE Leap 15.0:kernel-obs-build-4.12.14-lp150.12.45.1.x86_64",
"openSUSE Leap 15.0:kernel-obs-qa-4.12.14-lp150.12.45.1.x86_64",
"openSUSE Leap 15.0:kernel-source-4.12.14-lp150.12.45.1.noarch",
"openSUSE Leap 15.0:kernel-source-vanilla-4.12.14-lp150.12.45.1.noarch",
"openSUSE Leap 15.0:kernel-syms-4.12.14-lp150.12.45.1.x86_64",
"openSUSE Leap 15.0:kernel-vanilla-4.12.14-lp150.12.45.1.x86_64",
"openSUSE Leap 15.0:kernel-vanilla-base-4.12.14-lp150.12.45.1.x86_64",
"openSUSE Leap 15.0:kernel-vanilla-devel-4.12.14-lp150.12.45.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2019-03-23T10:47:17Z",
"details": "moderate"
}
],
"title": "CVE-2018-19824"
},
{
"cve": "CVE-2018-19854",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2018-19854"
}
],
"notes": [
{
"category": "general",
"text": "An issue was discovered in the Linux kernel before 4.19.3. crypto_report_one() and related functions in crypto/crypto_user.c (the crypto user configuration API) do not fully initialize structures that are copied to userspace, potentially leaking sensitive memory to user programs. NOTE: this is a CVE-2013-2547 regression but with easier exploitability because the attacker does not need a capability (however, the system must have the CONFIG_CRYPTO_USER kconfig option).",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Leap 15.0:kernel-debug-4.12.14-lp150.12.45.1.x86_64",
"openSUSE Leap 15.0:kernel-debug-base-4.12.14-lp150.12.45.1.x86_64",
"openSUSE Leap 15.0:kernel-debug-devel-4.12.14-lp150.12.45.1.x86_64",
"openSUSE Leap 15.0:kernel-default-4.12.14-lp150.12.45.1.x86_64",
"openSUSE Leap 15.0:kernel-default-base-4.12.14-lp150.12.45.1.x86_64",
"openSUSE Leap 15.0:kernel-default-devel-4.12.14-lp150.12.45.1.x86_64",
"openSUSE Leap 15.0:kernel-devel-4.12.14-lp150.12.45.1.noarch",
"openSUSE Leap 15.0:kernel-docs-4.12.14-lp150.12.45.1.noarch",
"openSUSE Leap 15.0:kernel-docs-html-4.12.14-lp150.12.45.1.noarch",
"openSUSE Leap 15.0:kernel-kvmsmall-4.12.14-lp150.12.45.1.x86_64",
"openSUSE Leap 15.0:kernel-kvmsmall-base-4.12.14-lp150.12.45.1.x86_64",
"openSUSE Leap 15.0:kernel-kvmsmall-devel-4.12.14-lp150.12.45.1.x86_64",
"openSUSE Leap 15.0:kernel-macros-4.12.14-lp150.12.45.1.noarch",
"openSUSE Leap 15.0:kernel-obs-build-4.12.14-lp150.12.45.1.x86_64",
"openSUSE Leap 15.0:kernel-obs-qa-4.12.14-lp150.12.45.1.x86_64",
"openSUSE Leap 15.0:kernel-source-4.12.14-lp150.12.45.1.noarch",
"openSUSE Leap 15.0:kernel-source-vanilla-4.12.14-lp150.12.45.1.noarch",
"openSUSE Leap 15.0:kernel-syms-4.12.14-lp150.12.45.1.x86_64",
"openSUSE Leap 15.0:kernel-vanilla-4.12.14-lp150.12.45.1.x86_64",
"openSUSE Leap 15.0:kernel-vanilla-base-4.12.14-lp150.12.45.1.x86_64",
"openSUSE Leap 15.0:kernel-vanilla-devel-4.12.14-lp150.12.45.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2018-19854",
"url": "https://www.suse.com/security/cve/CVE-2018-19854"
},
{
"category": "external",
"summary": "SUSE Bug 1118428 for CVE-2018-19854",
"url": "https://bugzilla.suse.com/1118428"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Leap 15.0:kernel-debug-4.12.14-lp150.12.45.1.x86_64",
"openSUSE Leap 15.0:kernel-debug-base-4.12.14-lp150.12.45.1.x86_64",
"openSUSE Leap 15.0:kernel-debug-devel-4.12.14-lp150.12.45.1.x86_64",
"openSUSE Leap 15.0:kernel-default-4.12.14-lp150.12.45.1.x86_64",
"openSUSE Leap 15.0:kernel-default-base-4.12.14-lp150.12.45.1.x86_64",
"openSUSE Leap 15.0:kernel-default-devel-4.12.14-lp150.12.45.1.x86_64",
"openSUSE Leap 15.0:kernel-devel-4.12.14-lp150.12.45.1.noarch",
"openSUSE Leap 15.0:kernel-docs-4.12.14-lp150.12.45.1.noarch",
"openSUSE Leap 15.0:kernel-docs-html-4.12.14-lp150.12.45.1.noarch",
"openSUSE Leap 15.0:kernel-kvmsmall-4.12.14-lp150.12.45.1.x86_64",
"openSUSE Leap 15.0:kernel-kvmsmall-base-4.12.14-lp150.12.45.1.x86_64",
"openSUSE Leap 15.0:kernel-kvmsmall-devel-4.12.14-lp150.12.45.1.x86_64",
"openSUSE Leap 15.0:kernel-macros-4.12.14-lp150.12.45.1.noarch",
"openSUSE Leap 15.0:kernel-obs-build-4.12.14-lp150.12.45.1.x86_64",
"openSUSE Leap 15.0:kernel-obs-qa-4.12.14-lp150.12.45.1.x86_64",
"openSUSE Leap 15.0:kernel-source-4.12.14-lp150.12.45.1.noarch",
"openSUSE Leap 15.0:kernel-source-vanilla-4.12.14-lp150.12.45.1.noarch",
"openSUSE Leap 15.0:kernel-syms-4.12.14-lp150.12.45.1.x86_64",
"openSUSE Leap 15.0:kernel-vanilla-4.12.14-lp150.12.45.1.x86_64",
"openSUSE Leap 15.0:kernel-vanilla-base-4.12.14-lp150.12.45.1.x86_64",
"openSUSE Leap 15.0:kernel-vanilla-devel-4.12.14-lp150.12.45.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N",
"version": "3.0"
},
"products": [
"openSUSE Leap 15.0:kernel-debug-4.12.14-lp150.12.45.1.x86_64",
"openSUSE Leap 15.0:kernel-debug-base-4.12.14-lp150.12.45.1.x86_64",
"openSUSE Leap 15.0:kernel-debug-devel-4.12.14-lp150.12.45.1.x86_64",
"openSUSE Leap 15.0:kernel-default-4.12.14-lp150.12.45.1.x86_64",
"openSUSE Leap 15.0:kernel-default-base-4.12.14-lp150.12.45.1.x86_64",
"openSUSE Leap 15.0:kernel-default-devel-4.12.14-lp150.12.45.1.x86_64",
"openSUSE Leap 15.0:kernel-devel-4.12.14-lp150.12.45.1.noarch",
"openSUSE Leap 15.0:kernel-docs-4.12.14-lp150.12.45.1.noarch",
"openSUSE Leap 15.0:kernel-docs-html-4.12.14-lp150.12.45.1.noarch",
"openSUSE Leap 15.0:kernel-kvmsmall-4.12.14-lp150.12.45.1.x86_64",
"openSUSE Leap 15.0:kernel-kvmsmall-base-4.12.14-lp150.12.45.1.x86_64",
"openSUSE Leap 15.0:kernel-kvmsmall-devel-4.12.14-lp150.12.45.1.x86_64",
"openSUSE Leap 15.0:kernel-macros-4.12.14-lp150.12.45.1.noarch",
"openSUSE Leap 15.0:kernel-obs-build-4.12.14-lp150.12.45.1.x86_64",
"openSUSE Leap 15.0:kernel-obs-qa-4.12.14-lp150.12.45.1.x86_64",
"openSUSE Leap 15.0:kernel-source-4.12.14-lp150.12.45.1.noarch",
"openSUSE Leap 15.0:kernel-source-vanilla-4.12.14-lp150.12.45.1.noarch",
"openSUSE Leap 15.0:kernel-syms-4.12.14-lp150.12.45.1.x86_64",
"openSUSE Leap 15.0:kernel-vanilla-4.12.14-lp150.12.45.1.x86_64",
"openSUSE Leap 15.0:kernel-vanilla-base-4.12.14-lp150.12.45.1.x86_64",
"openSUSE Leap 15.0:kernel-vanilla-devel-4.12.14-lp150.12.45.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2019-03-23T10:47:17Z",
"details": "low"
}
],
"title": "CVE-2018-19854"
},
{
"cve": "CVE-2018-19985",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2018-19985"
}
],
"notes": [
{
"category": "general",
"text": "The function hso_get_config_data in drivers/net/usb/hso.c in the Linux kernel through 4.19.8 reads if_num from the USB device (as a u8) and uses it to index a small array, resulting in an object out-of-bounds (OOB) read that potentially allows arbitrary read in the kernel address space.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Leap 15.0:kernel-debug-4.12.14-lp150.12.45.1.x86_64",
"openSUSE Leap 15.0:kernel-debug-base-4.12.14-lp150.12.45.1.x86_64",
"openSUSE Leap 15.0:kernel-debug-devel-4.12.14-lp150.12.45.1.x86_64",
"openSUSE Leap 15.0:kernel-default-4.12.14-lp150.12.45.1.x86_64",
"openSUSE Leap 15.0:kernel-default-base-4.12.14-lp150.12.45.1.x86_64",
"openSUSE Leap 15.0:kernel-default-devel-4.12.14-lp150.12.45.1.x86_64",
"openSUSE Leap 15.0:kernel-devel-4.12.14-lp150.12.45.1.noarch",
"openSUSE Leap 15.0:kernel-docs-4.12.14-lp150.12.45.1.noarch",
"openSUSE Leap 15.0:kernel-docs-html-4.12.14-lp150.12.45.1.noarch",
"openSUSE Leap 15.0:kernel-kvmsmall-4.12.14-lp150.12.45.1.x86_64",
"openSUSE Leap 15.0:kernel-kvmsmall-base-4.12.14-lp150.12.45.1.x86_64",
"openSUSE Leap 15.0:kernel-kvmsmall-devel-4.12.14-lp150.12.45.1.x86_64",
"openSUSE Leap 15.0:kernel-macros-4.12.14-lp150.12.45.1.noarch",
"openSUSE Leap 15.0:kernel-obs-build-4.12.14-lp150.12.45.1.x86_64",
"openSUSE Leap 15.0:kernel-obs-qa-4.12.14-lp150.12.45.1.x86_64",
"openSUSE Leap 15.0:kernel-source-4.12.14-lp150.12.45.1.noarch",
"openSUSE Leap 15.0:kernel-source-vanilla-4.12.14-lp150.12.45.1.noarch",
"openSUSE Leap 15.0:kernel-syms-4.12.14-lp150.12.45.1.x86_64",
"openSUSE Leap 15.0:kernel-vanilla-4.12.14-lp150.12.45.1.x86_64",
"openSUSE Leap 15.0:kernel-vanilla-base-4.12.14-lp150.12.45.1.x86_64",
"openSUSE Leap 15.0:kernel-vanilla-devel-4.12.14-lp150.12.45.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2018-19985",
"url": "https://www.suse.com/security/cve/CVE-2018-19985"
},
{
"category": "external",
"summary": "SUSE Bug 1120743 for CVE-2018-19985",
"url": "https://bugzilla.suse.com/1120743"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Leap 15.0:kernel-debug-4.12.14-lp150.12.45.1.x86_64",
"openSUSE Leap 15.0:kernel-debug-base-4.12.14-lp150.12.45.1.x86_64",
"openSUSE Leap 15.0:kernel-debug-devel-4.12.14-lp150.12.45.1.x86_64",
"openSUSE Leap 15.0:kernel-default-4.12.14-lp150.12.45.1.x86_64",
"openSUSE Leap 15.0:kernel-default-base-4.12.14-lp150.12.45.1.x86_64",
"openSUSE Leap 15.0:kernel-default-devel-4.12.14-lp150.12.45.1.x86_64",
"openSUSE Leap 15.0:kernel-devel-4.12.14-lp150.12.45.1.noarch",
"openSUSE Leap 15.0:kernel-docs-4.12.14-lp150.12.45.1.noarch",
"openSUSE Leap 15.0:kernel-docs-html-4.12.14-lp150.12.45.1.noarch",
"openSUSE Leap 15.0:kernel-kvmsmall-4.12.14-lp150.12.45.1.x86_64",
"openSUSE Leap 15.0:kernel-kvmsmall-base-4.12.14-lp150.12.45.1.x86_64",
"openSUSE Leap 15.0:kernel-kvmsmall-devel-4.12.14-lp150.12.45.1.x86_64",
"openSUSE Leap 15.0:kernel-macros-4.12.14-lp150.12.45.1.noarch",
"openSUSE Leap 15.0:kernel-obs-build-4.12.14-lp150.12.45.1.x86_64",
"openSUSE Leap 15.0:kernel-obs-qa-4.12.14-lp150.12.45.1.x86_64",
"openSUSE Leap 15.0:kernel-source-4.12.14-lp150.12.45.1.noarch",
"openSUSE Leap 15.0:kernel-source-vanilla-4.12.14-lp150.12.45.1.noarch",
"openSUSE Leap 15.0:kernel-syms-4.12.14-lp150.12.45.1.x86_64",
"openSUSE Leap 15.0:kernel-vanilla-4.12.14-lp150.12.45.1.x86_64",
"openSUSE Leap 15.0:kernel-vanilla-base-4.12.14-lp150.12.45.1.x86_64",
"openSUSE Leap 15.0:kernel-vanilla-devel-4.12.14-lp150.12.45.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N",
"version": "3.0"
},
"products": [
"openSUSE Leap 15.0:kernel-debug-4.12.14-lp150.12.45.1.x86_64",
"openSUSE Leap 15.0:kernel-debug-base-4.12.14-lp150.12.45.1.x86_64",
"openSUSE Leap 15.0:kernel-debug-devel-4.12.14-lp150.12.45.1.x86_64",
"openSUSE Leap 15.0:kernel-default-4.12.14-lp150.12.45.1.x86_64",
"openSUSE Leap 15.0:kernel-default-base-4.12.14-lp150.12.45.1.x86_64",
"openSUSE Leap 15.0:kernel-default-devel-4.12.14-lp150.12.45.1.x86_64",
"openSUSE Leap 15.0:kernel-devel-4.12.14-lp150.12.45.1.noarch",
"openSUSE Leap 15.0:kernel-docs-4.12.14-lp150.12.45.1.noarch",
"openSUSE Leap 15.0:kernel-docs-html-4.12.14-lp150.12.45.1.noarch",
"openSUSE Leap 15.0:kernel-kvmsmall-4.12.14-lp150.12.45.1.x86_64",
"openSUSE Leap 15.0:kernel-kvmsmall-base-4.12.14-lp150.12.45.1.x86_64",
"openSUSE Leap 15.0:kernel-kvmsmall-devel-4.12.14-lp150.12.45.1.x86_64",
"openSUSE Leap 15.0:kernel-macros-4.12.14-lp150.12.45.1.noarch",
"openSUSE Leap 15.0:kernel-obs-build-4.12.14-lp150.12.45.1.x86_64",
"openSUSE Leap 15.0:kernel-obs-qa-4.12.14-lp150.12.45.1.x86_64",
"openSUSE Leap 15.0:kernel-source-4.12.14-lp150.12.45.1.noarch",
"openSUSE Leap 15.0:kernel-source-vanilla-4.12.14-lp150.12.45.1.noarch",
"openSUSE Leap 15.0:kernel-syms-4.12.14-lp150.12.45.1.x86_64",
"openSUSE Leap 15.0:kernel-vanilla-4.12.14-lp150.12.45.1.x86_64",
"openSUSE Leap 15.0:kernel-vanilla-base-4.12.14-lp150.12.45.1.x86_64",
"openSUSE Leap 15.0:kernel-vanilla-devel-4.12.14-lp150.12.45.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2019-03-23T10:47:17Z",
"details": "low"
}
],
"title": "CVE-2018-19985"
},
{
"cve": "CVE-2018-20169",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2018-20169"
}
],
"notes": [
{
"category": "general",
"text": "An issue was discovered in the Linux kernel before 4.19.9. The USB subsystem mishandles size checks during the reading of an extra descriptor, related to __usb_get_extra_descriptor in drivers/usb/core/usb.c.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Leap 15.0:kernel-debug-4.12.14-lp150.12.45.1.x86_64",
"openSUSE Leap 15.0:kernel-debug-base-4.12.14-lp150.12.45.1.x86_64",
"openSUSE Leap 15.0:kernel-debug-devel-4.12.14-lp150.12.45.1.x86_64",
"openSUSE Leap 15.0:kernel-default-4.12.14-lp150.12.45.1.x86_64",
"openSUSE Leap 15.0:kernel-default-base-4.12.14-lp150.12.45.1.x86_64",
"openSUSE Leap 15.0:kernel-default-devel-4.12.14-lp150.12.45.1.x86_64",
"openSUSE Leap 15.0:kernel-devel-4.12.14-lp150.12.45.1.noarch",
"openSUSE Leap 15.0:kernel-docs-4.12.14-lp150.12.45.1.noarch",
"openSUSE Leap 15.0:kernel-docs-html-4.12.14-lp150.12.45.1.noarch",
"openSUSE Leap 15.0:kernel-kvmsmall-4.12.14-lp150.12.45.1.x86_64",
"openSUSE Leap 15.0:kernel-kvmsmall-base-4.12.14-lp150.12.45.1.x86_64",
"openSUSE Leap 15.0:kernel-kvmsmall-devel-4.12.14-lp150.12.45.1.x86_64",
"openSUSE Leap 15.0:kernel-macros-4.12.14-lp150.12.45.1.noarch",
"openSUSE Leap 15.0:kernel-obs-build-4.12.14-lp150.12.45.1.x86_64",
"openSUSE Leap 15.0:kernel-obs-qa-4.12.14-lp150.12.45.1.x86_64",
"openSUSE Leap 15.0:kernel-source-4.12.14-lp150.12.45.1.noarch",
"openSUSE Leap 15.0:kernel-source-vanilla-4.12.14-lp150.12.45.1.noarch",
"openSUSE Leap 15.0:kernel-syms-4.12.14-lp150.12.45.1.x86_64",
"openSUSE Leap 15.0:kernel-vanilla-4.12.14-lp150.12.45.1.x86_64",
"openSUSE Leap 15.0:kernel-vanilla-base-4.12.14-lp150.12.45.1.x86_64",
"openSUSE Leap 15.0:kernel-vanilla-devel-4.12.14-lp150.12.45.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2018-20169",
"url": "https://www.suse.com/security/cve/CVE-2018-20169"
},
{
"category": "external",
"summary": "SUSE Bug 1119714 for CVE-2018-20169",
"url": "https://bugzilla.suse.com/1119714"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Leap 15.0:kernel-debug-4.12.14-lp150.12.45.1.x86_64",
"openSUSE Leap 15.0:kernel-debug-base-4.12.14-lp150.12.45.1.x86_64",
"openSUSE Leap 15.0:kernel-debug-devel-4.12.14-lp150.12.45.1.x86_64",
"openSUSE Leap 15.0:kernel-default-4.12.14-lp150.12.45.1.x86_64",
"openSUSE Leap 15.0:kernel-default-base-4.12.14-lp150.12.45.1.x86_64",
"openSUSE Leap 15.0:kernel-default-devel-4.12.14-lp150.12.45.1.x86_64",
"openSUSE Leap 15.0:kernel-devel-4.12.14-lp150.12.45.1.noarch",
"openSUSE Leap 15.0:kernel-docs-4.12.14-lp150.12.45.1.noarch",
"openSUSE Leap 15.0:kernel-docs-html-4.12.14-lp150.12.45.1.noarch",
"openSUSE Leap 15.0:kernel-kvmsmall-4.12.14-lp150.12.45.1.x86_64",
"openSUSE Leap 15.0:kernel-kvmsmall-base-4.12.14-lp150.12.45.1.x86_64",
"openSUSE Leap 15.0:kernel-kvmsmall-devel-4.12.14-lp150.12.45.1.x86_64",
"openSUSE Leap 15.0:kernel-macros-4.12.14-lp150.12.45.1.noarch",
"openSUSE Leap 15.0:kernel-obs-build-4.12.14-lp150.12.45.1.x86_64",
"openSUSE Leap 15.0:kernel-obs-qa-4.12.14-lp150.12.45.1.x86_64",
"openSUSE Leap 15.0:kernel-source-4.12.14-lp150.12.45.1.noarch",
"openSUSE Leap 15.0:kernel-source-vanilla-4.12.14-lp150.12.45.1.noarch",
"openSUSE Leap 15.0:kernel-syms-4.12.14-lp150.12.45.1.x86_64",
"openSUSE Leap 15.0:kernel-vanilla-4.12.14-lp150.12.45.1.x86_64",
"openSUSE Leap 15.0:kernel-vanilla-base-4.12.14-lp150.12.45.1.x86_64",
"openSUSE Leap 15.0:kernel-vanilla-devel-4.12.14-lp150.12.45.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.0/AV:P/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"products": [
"openSUSE Leap 15.0:kernel-debug-4.12.14-lp150.12.45.1.x86_64",
"openSUSE Leap 15.0:kernel-debug-base-4.12.14-lp150.12.45.1.x86_64",
"openSUSE Leap 15.0:kernel-debug-devel-4.12.14-lp150.12.45.1.x86_64",
"openSUSE Leap 15.0:kernel-default-4.12.14-lp150.12.45.1.x86_64",
"openSUSE Leap 15.0:kernel-default-base-4.12.14-lp150.12.45.1.x86_64",
"openSUSE Leap 15.0:kernel-default-devel-4.12.14-lp150.12.45.1.x86_64",
"openSUSE Leap 15.0:kernel-devel-4.12.14-lp150.12.45.1.noarch",
"openSUSE Leap 15.0:kernel-docs-4.12.14-lp150.12.45.1.noarch",
"openSUSE Leap 15.0:kernel-docs-html-4.12.14-lp150.12.45.1.noarch",
"openSUSE Leap 15.0:kernel-kvmsmall-4.12.14-lp150.12.45.1.x86_64",
"openSUSE Leap 15.0:kernel-kvmsmall-base-4.12.14-lp150.12.45.1.x86_64",
"openSUSE Leap 15.0:kernel-kvmsmall-devel-4.12.14-lp150.12.45.1.x86_64",
"openSUSE Leap 15.0:kernel-macros-4.12.14-lp150.12.45.1.noarch",
"openSUSE Leap 15.0:kernel-obs-build-4.12.14-lp150.12.45.1.x86_64",
"openSUSE Leap 15.0:kernel-obs-qa-4.12.14-lp150.12.45.1.x86_64",
"openSUSE Leap 15.0:kernel-source-4.12.14-lp150.12.45.1.noarch",
"openSUSE Leap 15.0:kernel-source-vanilla-4.12.14-lp150.12.45.1.noarch",
"openSUSE Leap 15.0:kernel-syms-4.12.14-lp150.12.45.1.x86_64",
"openSUSE Leap 15.0:kernel-vanilla-4.12.14-lp150.12.45.1.x86_64",
"openSUSE Leap 15.0:kernel-vanilla-base-4.12.14-lp150.12.45.1.x86_64",
"openSUSE Leap 15.0:kernel-vanilla-devel-4.12.14-lp150.12.45.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2019-03-23T10:47:17Z",
"details": "moderate"
}
],
"title": "CVE-2018-20169"
},
{
"cve": "CVE-2018-9568",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2018-9568"
}
],
"notes": [
{
"category": "general",
"text": "In sk_clone_lock of sock.c, there is a possible memory corruption due to type confusion. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation. Product: Android. Versions: Android kernel. Android ID: A-113509306. References: Upstream kernel.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Leap 15.0:kernel-debug-4.12.14-lp150.12.45.1.x86_64",
"openSUSE Leap 15.0:kernel-debug-base-4.12.14-lp150.12.45.1.x86_64",
"openSUSE Leap 15.0:kernel-debug-devel-4.12.14-lp150.12.45.1.x86_64",
"openSUSE Leap 15.0:kernel-default-4.12.14-lp150.12.45.1.x86_64",
"openSUSE Leap 15.0:kernel-default-base-4.12.14-lp150.12.45.1.x86_64",
"openSUSE Leap 15.0:kernel-default-devel-4.12.14-lp150.12.45.1.x86_64",
"openSUSE Leap 15.0:kernel-devel-4.12.14-lp150.12.45.1.noarch",
"openSUSE Leap 15.0:kernel-docs-4.12.14-lp150.12.45.1.noarch",
"openSUSE Leap 15.0:kernel-docs-html-4.12.14-lp150.12.45.1.noarch",
"openSUSE Leap 15.0:kernel-kvmsmall-4.12.14-lp150.12.45.1.x86_64",
"openSUSE Leap 15.0:kernel-kvmsmall-base-4.12.14-lp150.12.45.1.x86_64",
"openSUSE Leap 15.0:kernel-kvmsmall-devel-4.12.14-lp150.12.45.1.x86_64",
"openSUSE Leap 15.0:kernel-macros-4.12.14-lp150.12.45.1.noarch",
"openSUSE Leap 15.0:kernel-obs-build-4.12.14-lp150.12.45.1.x86_64",
"openSUSE Leap 15.0:kernel-obs-qa-4.12.14-lp150.12.45.1.x86_64",
"openSUSE Leap 15.0:kernel-source-4.12.14-lp150.12.45.1.noarch",
"openSUSE Leap 15.0:kernel-source-vanilla-4.12.14-lp150.12.45.1.noarch",
"openSUSE Leap 15.0:kernel-syms-4.12.14-lp150.12.45.1.x86_64",
"openSUSE Leap 15.0:kernel-vanilla-4.12.14-lp150.12.45.1.x86_64",
"openSUSE Leap 15.0:kernel-vanilla-base-4.12.14-lp150.12.45.1.x86_64",
"openSUSE Leap 15.0:kernel-vanilla-devel-4.12.14-lp150.12.45.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2018-9568",
"url": "https://www.suse.com/security/cve/CVE-2018-9568"
},
{
"category": "external",
"summary": "SUSE Bug 1118319 for CVE-2018-9568",
"url": "https://bugzilla.suse.com/1118319"
},
{
"category": "external",
"summary": "SUSE Bug 1118320 for CVE-2018-9568",
"url": "https://bugzilla.suse.com/1118320"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Leap 15.0:kernel-debug-4.12.14-lp150.12.45.1.x86_64",
"openSUSE Leap 15.0:kernel-debug-base-4.12.14-lp150.12.45.1.x86_64",
"openSUSE Leap 15.0:kernel-debug-devel-4.12.14-lp150.12.45.1.x86_64",
"openSUSE Leap 15.0:kernel-default-4.12.14-lp150.12.45.1.x86_64",
"openSUSE Leap 15.0:kernel-default-base-4.12.14-lp150.12.45.1.x86_64",
"openSUSE Leap 15.0:kernel-default-devel-4.12.14-lp150.12.45.1.x86_64",
"openSUSE Leap 15.0:kernel-devel-4.12.14-lp150.12.45.1.noarch",
"openSUSE Leap 15.0:kernel-docs-4.12.14-lp150.12.45.1.noarch",
"openSUSE Leap 15.0:kernel-docs-html-4.12.14-lp150.12.45.1.noarch",
"openSUSE Leap 15.0:kernel-kvmsmall-4.12.14-lp150.12.45.1.x86_64",
"openSUSE Leap 15.0:kernel-kvmsmall-base-4.12.14-lp150.12.45.1.x86_64",
"openSUSE Leap 15.0:kernel-kvmsmall-devel-4.12.14-lp150.12.45.1.x86_64",
"openSUSE Leap 15.0:kernel-macros-4.12.14-lp150.12.45.1.noarch",
"openSUSE Leap 15.0:kernel-obs-build-4.12.14-lp150.12.45.1.x86_64",
"openSUSE Leap 15.0:kernel-obs-qa-4.12.14-lp150.12.45.1.x86_64",
"openSUSE Leap 15.0:kernel-source-4.12.14-lp150.12.45.1.noarch",
"openSUSE Leap 15.0:kernel-source-vanilla-4.12.14-lp150.12.45.1.noarch",
"openSUSE Leap 15.0:kernel-syms-4.12.14-lp150.12.45.1.x86_64",
"openSUSE Leap 15.0:kernel-vanilla-4.12.14-lp150.12.45.1.x86_64",
"openSUSE Leap 15.0:kernel-vanilla-base-4.12.14-lp150.12.45.1.x86_64",
"openSUSE Leap 15.0:kernel-vanilla-devel-4.12.14-lp150.12.45.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.4,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.0/AV:L/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"products": [
"openSUSE Leap 15.0:kernel-debug-4.12.14-lp150.12.45.1.x86_64",
"openSUSE Leap 15.0:kernel-debug-base-4.12.14-lp150.12.45.1.x86_64",
"openSUSE Leap 15.0:kernel-debug-devel-4.12.14-lp150.12.45.1.x86_64",
"openSUSE Leap 15.0:kernel-default-4.12.14-lp150.12.45.1.x86_64",
"openSUSE Leap 15.0:kernel-default-base-4.12.14-lp150.12.45.1.x86_64",
"openSUSE Leap 15.0:kernel-default-devel-4.12.14-lp150.12.45.1.x86_64",
"openSUSE Leap 15.0:kernel-devel-4.12.14-lp150.12.45.1.noarch",
"openSUSE Leap 15.0:kernel-docs-4.12.14-lp150.12.45.1.noarch",
"openSUSE Leap 15.0:kernel-docs-html-4.12.14-lp150.12.45.1.noarch",
"openSUSE Leap 15.0:kernel-kvmsmall-4.12.14-lp150.12.45.1.x86_64",
"openSUSE Leap 15.0:kernel-kvmsmall-base-4.12.14-lp150.12.45.1.x86_64",
"openSUSE Leap 15.0:kernel-kvmsmall-devel-4.12.14-lp150.12.45.1.x86_64",
"openSUSE Leap 15.0:kernel-macros-4.12.14-lp150.12.45.1.noarch",
"openSUSE Leap 15.0:kernel-obs-build-4.12.14-lp150.12.45.1.x86_64",
"openSUSE Leap 15.0:kernel-obs-qa-4.12.14-lp150.12.45.1.x86_64",
"openSUSE Leap 15.0:kernel-source-4.12.14-lp150.12.45.1.noarch",
"openSUSE Leap 15.0:kernel-source-vanilla-4.12.14-lp150.12.45.1.noarch",
"openSUSE Leap 15.0:kernel-syms-4.12.14-lp150.12.45.1.x86_64",
"openSUSE Leap 15.0:kernel-vanilla-4.12.14-lp150.12.45.1.x86_64",
"openSUSE Leap 15.0:kernel-vanilla-base-4.12.14-lp150.12.45.1.x86_64",
"openSUSE Leap 15.0:kernel-vanilla-devel-4.12.14-lp150.12.45.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2019-03-23T10:47:17Z",
"details": "important"
}
],
"title": "CVE-2018-9568"
}
]
}
CNVD-2018-24296
Vulnerability from cnvd - Published: 2018-11-30
VLAI Severity ?
Title
Linux kernel信息泄露漏洞(CNVD-2018-24296)
Description
Linux kernel是美国Linux基金会发布的开源操作系统Linux所使用的内核。
Linux kernel中cleancache子系统清除索引节点的方式存在信息泄露漏洞,攻击者可利用该漏洞获取被删除文件的内容。
Severity
中
Patch Name
Linux kernel信息泄露漏洞(CNVD-2018-24296)的补丁
Patch Description
Linux kernel是美国Linux基金会发布的开源操作系统Linux所使用的内核。
Linux kernel中cleancache子系统清除索引节点的方式存在信息泄露漏洞,攻击者可利用该漏洞获取被删除文件的内容。目前,供应商发布了安全公告及相关补丁信息,修复了此漏洞。
Formal description
厂商已发布了漏洞修复程序,请及时关注更新: https://lore.kernel.org/patchwork/patch/1011367/
Reference
https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2018-16862
https://lore.kernel.org/patchwork/patch/1011367/
https://seclists.org/oss-sec/2018/q4/169
Impacted products
| Name | Linux Kernel |
|---|
{
"cves": {
"cve": {
"cveNumber": "CVE-2018-16862"
}
},
"description": "Linux kernel\u662f\u7f8e\u56fdLinux\u57fa\u91d1\u4f1a\u53d1\u5e03\u7684\u5f00\u6e90\u64cd\u4f5c\u7cfb\u7edfLinux\u6240\u4f7f\u7528\u7684\u5185\u6838\u3002\n\nLinux kernel\u4e2dcleancache\u5b50\u7cfb\u7edf\u6e05\u9664\u7d22\u5f15\u8282\u70b9\u7684\u65b9\u5f0f\u5b58\u5728\u4fe1\u606f\u6cc4\u9732\u6f0f\u6d1e\uff0c\u653b\u51fb\u8005\u53ef\u5229\u7528\u8be5\u6f0f\u6d1e\u83b7\u53d6\u88ab\u5220\u9664\u6587\u4ef6\u7684\u5185\u5bb9\u3002",
"discovererName": "Pedro Sampaio",
"formalWay": "\u5382\u5546\u5df2\u53d1\u5e03\u4e86\u6f0f\u6d1e\u4fee\u590d\u7a0b\u5e8f\uff0c\u8bf7\u53ca\u65f6\u5173\u6ce8\u66f4\u65b0\uff1a\r\nhttps://lore.kernel.org/patchwork/patch/1011367/",
"isEvent": "\u901a\u7528\u8f6f\u786c\u4ef6\u6f0f\u6d1e",
"number": "CNVD-2018-24296",
"openTime": "2018-11-30",
"patchDescription": "Linux kernel\u662f\u7f8e\u56fdLinux\u57fa\u91d1\u4f1a\u53d1\u5e03\u7684\u5f00\u6e90\u64cd\u4f5c\u7cfb\u7edfLinux\u6240\u4f7f\u7528\u7684\u5185\u6838\u3002\r\n\r\nLinux kernel\u4e2dcleancache\u5b50\u7cfb\u7edf\u6e05\u9664\u7d22\u5f15\u8282\u70b9\u7684\u65b9\u5f0f\u5b58\u5728\u4fe1\u606f\u6cc4\u9732\u6f0f\u6d1e\uff0c\u653b\u51fb\u8005\u53ef\u5229\u7528\u8be5\u6f0f\u6d1e\u83b7\u53d6\u88ab\u5220\u9664\u6587\u4ef6\u7684\u5185\u5bb9\u3002\u76ee\u524d\uff0c\u4f9b\u5e94\u5546\u53d1\u5e03\u4e86\u5b89\u5168\u516c\u544a\u53ca\u76f8\u5173\u8865\u4e01\u4fe1\u606f\uff0c\u4fee\u590d\u4e86\u6b64\u6f0f\u6d1e\u3002",
"patchName": "Linux kernel\u4fe1\u606f\u6cc4\u9732\u6f0f\u6d1e\uff08CNVD-2018-24296\uff09\u7684\u8865\u4e01",
"products": {
"product": "Linux Kernel"
},
"referenceLink": "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2018-16862\r\nhttps://lore.kernel.org/patchwork/patch/1011367/\r\nhttps://seclists.org/oss-sec/2018/q4/169",
"serverity": "\u4e2d",
"submitTime": "2018-11-27",
"title": "Linux kernel\u4fe1\u606f\u6cc4\u9732\u6f0f\u6d1e\uff08CNVD-2018-24296\uff09"
}
FKIE_CVE-2018-16862
Vulnerability from fkie_nvd - Published: 2018-11-26 19:29 - Updated: 2024-11-21 03:53
Severity ?
5.3 (Medium) - CVSS:3.0/AV:L/AC:H/PR:N/UI:R/S:U/C:H/I:L/A:N
5.5 (Medium) - CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
5.5 (Medium) - CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
Summary
A security flaw was found in the Linux kernel in a way that the cleancache subsystem clears an inode after the final file truncation (removal). The new file created with the same inode may contain leftover pages from cleancache and the old file data instead of the new one.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| linux | linux_kernel | * | |
| redhat | enterprise_linux | 7.0 | |
| canonical | ubuntu_linux | 14.04 | |
| canonical | ubuntu_linux | 16.04 | |
| debian | debian_linux | 8.0 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"matchCriteriaId": "C6AEE42C-583E-4CF3-B7F5-281021632835",
"versionEndIncluding": "4.14",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux:7.0:*:*:*:*:*:*:*",
"matchCriteriaId": "142AD0DD-4CF3-4D74-9442-459CE3347E3A",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:lts:*:*:*",
"matchCriteriaId": "B5A6F2F3-4894-4392-8296-3B8DD2679084",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:lts:*:*:*",
"matchCriteriaId": "F7016A2A-8365-4F1A-89A2-7A19F2BCAE5B",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*",
"matchCriteriaId": "C11E6FB0-C8C0-4527-9AA0-CB9B316F8F43",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "A security flaw was found in the Linux kernel in a way that the cleancache subsystem clears an inode after the final file truncation (removal). The new file created with the same inode may contain leftover pages from cleancache and the old file data instead of the new one."
},
{
"lang": "es",
"value": "Se ha detectado un fallo de seguridad en el kernel de Linux de manera que el subsistema \"cleancache\" borre un inode despu\u00e9s del truncado de archivos final (eliminaci\u00f3n). El nuevo archivo creado con el mismo inode podr\u00eda contener p\u00e1ginas restantes del \"cleancache\" y los datos antiguos del mismo, en vez de los del nuevo archivo."
}
],
"id": "CVE-2018-16862",
"lastModified": "2024-11-21T03:53:28.293",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "LOW",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "LOCAL",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 2.1,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "NONE",
"vectorString": "AV:L/AC:L/Au:N/C:P/I:N/A:N",
"version": "2.0"
},
"exploitabilityScore": 3.9,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV30": [
{
"cvssData": {
"attackComplexity": "HIGH",
"attackVector": "LOCAL",
"availabilityImpact": "NONE",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.0/AV:L/AC:H/PR:N/UI:R/S:U/C:H/I:L/A:N",
"version": "3.0"
},
"exploitabilityScore": 1.0,
"impactScore": 4.2,
"source": "secalert@redhat.com",
"type": "Secondary"
},
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "NONE",
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",
"version": "3.0"
},
"exploitabilityScore": 1.8,
"impactScore": 3.6,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2018-11-26T19:29:00.327",
"references": [
{
"source": "secalert@redhat.com",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/bid/106009"
},
{
"source": "secalert@redhat.com",
"tags": [
"Issue Tracking",
"Third Party Advisory"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2018-16862"
},
{
"source": "secalert@redhat.com",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "https://lists.debian.org/debian-lts-announce/2019/03/msg00017.html"
},
{
"source": "secalert@redhat.com",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "https://lists.debian.org/debian-lts-announce/2019/03/msg00034.html"
},
{
"source": "secalert@redhat.com",
"url": "https://lists.debian.org/debian-lts-announce/2019/04/msg00004.html"
},
{
"source": "secalert@redhat.com",
"tags": [
"Issue Tracking",
"Patch",
"Vendor Advisory"
],
"url": "https://lore.kernel.org/patchwork/patch/1011367/"
},
{
"source": "secalert@redhat.com",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "https://seclists.org/oss-sec/2018/q4/169"
},
{
"source": "secalert@redhat.com",
"tags": [
"Third Party Advisory"
],
"url": "https://usn.ubuntu.com/3879-1/"
},
{
"source": "secalert@redhat.com",
"tags": [
"Third Party Advisory"
],
"url": "https://usn.ubuntu.com/3879-2/"
},
{
"source": "secalert@redhat.com",
"url": "https://usn.ubuntu.com/4094-1/"
},
{
"source": "secalert@redhat.com",
"url": "https://usn.ubuntu.com/4118-1/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/bid/106009"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Issue Tracking",
"Third Party Advisory"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2018-16862"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "https://lists.debian.org/debian-lts-announce/2019/03/msg00017.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "https://lists.debian.org/debian-lts-announce/2019/03/msg00034.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://lists.debian.org/debian-lts-announce/2019/04/msg00004.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Issue Tracking",
"Patch",
"Vendor Advisory"
],
"url": "https://lore.kernel.org/patchwork/patch/1011367/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "https://seclists.org/oss-sec/2018/q4/169"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://usn.ubuntu.com/3879-1/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://usn.ubuntu.com/3879-2/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://usn.ubuntu.com/4094-1/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://usn.ubuntu.com/4118-1/"
}
],
"sourceIdentifier": "secalert@redhat.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-200"
}
],
"source": "secalert@redhat.com",
"type": "Secondary"
},
{
"description": [
{
"lang": "en",
"value": "CWE-200"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
GHSA-8MFM-2WFF-RGP2
Vulnerability from github – Published: 2022-05-14 01:14 – Updated: 2022-05-14 01:14
VLAI?
Details
A security flaw was found in the Linux kernel in a way that the cleancache subsystem clears an inode after the final file truncation (removal). The new file created with the same inode may contain leftover pages from cleancache and the old file data instead of the new one.
Severity ?
5.5 (Medium)
{
"affected": [],
"aliases": [
"CVE-2018-16862"
],
"database_specific": {
"cwe_ids": [
"CWE-200"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2018-11-26T19:29:00Z",
"severity": "MODERATE"
},
"details": "A security flaw was found in the Linux kernel in a way that the cleancache subsystem clears an inode after the final file truncation (removal). The new file created with the same inode may contain leftover pages from cleancache and the old file data instead of the new one.",
"id": "GHSA-8mfm-2wff-rgp2",
"modified": "2022-05-14T01:14:25Z",
"published": "2022-05-14T01:14:25Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2018-16862"
},
{
"type": "WEB",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2018-16862"
},
{
"type": "WEB",
"url": "https://lists.debian.org/debian-lts-announce/2019/03/msg00017.html"
},
{
"type": "WEB",
"url": "https://lists.debian.org/debian-lts-announce/2019/03/msg00034.html"
},
{
"type": "WEB",
"url": "https://lists.debian.org/debian-lts-announce/2019/04/msg00004.html"
},
{
"type": "WEB",
"url": "https://lore.kernel.org/patchwork/patch/1011367"
},
{
"type": "WEB",
"url": "https://seclists.org/oss-sec/2018/q4/169"
},
{
"type": "WEB",
"url": "https://usn.ubuntu.com/3879-1"
},
{
"type": "WEB",
"url": "https://usn.ubuntu.com/3879-2"
},
{
"type": "WEB",
"url": "https://usn.ubuntu.com/4094-1"
},
{
"type": "WEB",
"url": "https://usn.ubuntu.com/4118-1"
},
{
"type": "WEB",
"url": "http://www.securityfocus.com/bid/106009"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",
"type": "CVSS_V3"
}
]
}
Loading…
Loading…
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or observed by the user.
- Confirmed: The vulnerability has been validated from an analyst's perspective.
- Published Proof of Concept: A public proof of concept is available for this vulnerability.
- Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
- Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
- Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
- Not confirmed: The user expressed doubt about the validity of the vulnerability.
- Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.
Loading…
Loading…