Action not permitted
Modal body text goes here.
Modal Title
Modal Body
cve-2018-6555
Vulnerability from cvelistv5
Published
2018-09-04 18:00
Modified
2024-09-16 23:42
Severity ?
EPSS score ?
Summary
The irda_setsockopt function in net/irda/af_irda.c and later in drivers/staging/irda/net/af_irda.c in the Linux kernel before 4.17 allows local users to cause a denial of service (ias_object use-after-free and system crash) or possibly have unspecified other impact via an AF_IRDA socket.
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Linux Kernel | Linux Kernel |
Version: before 4.17 |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-05T06:10:10.169Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { name: "USN-3776-1", tags: [ "vendor-advisory", "x_refsource_UBUNTU", "x_transferred", ], url: "https://usn.ubuntu.com/3776-1/", }, { name: "USN-3776-2", tags: [ "vendor-advisory", "x_refsource_UBUNTU", "x_transferred", ], url: "https://usn.ubuntu.com/3776-2/", }, { name: "[stable] 20180904 [PATCH 2/2] irda: Only insert new objects into the global database via setsockopt", tags: [ "mailing-list", "x_refsource_MLIST", "x_transferred", ], url: "https://www.spinics.net/lists/stable/msg255035.html", }, { name: "USN-3777-1", tags: [ "vendor-advisory", "x_refsource_UBUNTU", "x_transferred", ], url: "https://usn.ubuntu.com/3777-1/", }, { name: "USN-3775-1", tags: [ "vendor-advisory", "x_refsource_UBUNTU", "x_transferred", ], url: "https://usn.ubuntu.com/3775-1/", }, { name: "[debian-lts-announce] 20181003 [SECURITY] [DLA 1531-1] linux-4.9 security update", tags: [ "mailing-list", "x_refsource_MLIST", "x_transferred", ], url: "https://lists.debian.org/debian-lts-announce/2018/10/msg00003.html", }, { name: "DSA-4308", tags: [ "vendor-advisory", "x_refsource_DEBIAN", "x_transferred", ], url: "https://www.debian.org/security/2018/dsa-4308", }, { name: "USN-3775-2", tags: [ "vendor-advisory", "x_refsource_UBUNTU", "x_transferred", ], url: "https://usn.ubuntu.com/3775-2/", }, { name: "105304", tags: [ "vdb-entry", "x_refsource_BID", "x_transferred", ], url: "http://www.securityfocus.com/bid/105304", }, { name: "USN-3777-2", tags: [ "vendor-advisory", "x_refsource_UBUNTU", "x_transferred", ], url: "https://usn.ubuntu.com/3777-2/", }, { name: "[stable] 20180904 [PATCH 2/2] irda: Only insert new objects into the global database via setsockopt", tags: [ "mailing-list", "x_refsource_MLIST", "x_transferred", ], url: "https://www.spinics.net/lists/stable/msg255031.html", }, { name: "USN-3777-3", tags: [ "vendor-advisory", "x_refsource_UBUNTU", "x_transferred", ], url: "https://usn.ubuntu.com/3777-3/", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "Linux Kernel", vendor: "Linux Kernel", versions: [ { status: "affected", version: "before 4.17", }, ], }, ], datePublic: "2018-09-04T00:00:00", descriptions: [ { lang: "en", value: "The irda_setsockopt function in net/irda/af_irda.c and later in drivers/staging/irda/net/af_irda.c in the Linux kernel before 4.17 allows local users to cause a denial of service (ias_object use-after-free and system crash) or possibly have unspecified other impact via an AF_IRDA socket.", }, ], problemTypes: [ { descriptions: [ { cweId: "CWE-416", description: "CWE-416: Use After Free", lang: "en", type: "CWE", }, ], }, ], providerMetadata: { dateUpdated: "2018-10-23T09:57:01", orgId: "cc1ad9ee-3454-478d-9317-d3e869d708bc", shortName: "canonical", }, references: [ { name: "USN-3776-1", tags: [ "vendor-advisory", "x_refsource_UBUNTU", ], url: "https://usn.ubuntu.com/3776-1/", }, { name: "USN-3776-2", tags: [ "vendor-advisory", "x_refsource_UBUNTU", ], url: "https://usn.ubuntu.com/3776-2/", }, { name: "[stable] 20180904 [PATCH 2/2] irda: Only insert new objects into the global database via setsockopt", tags: [ "mailing-list", "x_refsource_MLIST", ], url: "https://www.spinics.net/lists/stable/msg255035.html", }, { name: "USN-3777-1", tags: [ "vendor-advisory", "x_refsource_UBUNTU", ], url: "https://usn.ubuntu.com/3777-1/", }, { name: "USN-3775-1", tags: [ "vendor-advisory", "x_refsource_UBUNTU", ], url: "https://usn.ubuntu.com/3775-1/", }, { name: "[debian-lts-announce] 20181003 [SECURITY] [DLA 1531-1] linux-4.9 security update", tags: [ "mailing-list", "x_refsource_MLIST", ], url: "https://lists.debian.org/debian-lts-announce/2018/10/msg00003.html", }, { name: "DSA-4308", tags: [ "vendor-advisory", "x_refsource_DEBIAN", ], url: "https://www.debian.org/security/2018/dsa-4308", }, { name: "USN-3775-2", tags: [ "vendor-advisory", "x_refsource_UBUNTU", ], url: "https://usn.ubuntu.com/3775-2/", }, { name: "105304", tags: [ "vdb-entry", "x_refsource_BID", ], url: "http://www.securityfocus.com/bid/105304", }, { name: "USN-3777-2", tags: [ "vendor-advisory", "x_refsource_UBUNTU", ], url: "https://usn.ubuntu.com/3777-2/", }, { name: "[stable] 20180904 [PATCH 2/2] irda: Only insert new objects into the global database via setsockopt", tags: [ "mailing-list", "x_refsource_MLIST", ], url: "https://www.spinics.net/lists/stable/msg255031.html", }, { name: "USN-3777-3", tags: [ "vendor-advisory", "x_refsource_UBUNTU", ], url: "https://usn.ubuntu.com/3777-3/", }, ], source: { discovery: "UNKNOWN", }, x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "security@ubuntu.com", DATE_PUBLIC: "2018-09-04T15:00:00.000Z", ID: "CVE-2018-6555", STATE: "PUBLIC", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "Linux Kernel", version: { version_data: [ { version_value: "before 4.17", }, ], }, }, ], }, vendor_name: "Linux Kernel", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "The irda_setsockopt function in net/irda/af_irda.c and later in drivers/staging/irda/net/af_irda.c in the Linux kernel before 4.17 allows local users to cause a denial of service (ias_object use-after-free and system crash) or possibly have unspecified other impact via an AF_IRDA socket.", }, ], }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "CWE-416: Use After Free", }, ], }, ], }, references: { reference_data: [ { name: "USN-3776-1", refsource: "UBUNTU", url: "https://usn.ubuntu.com/3776-1/", }, { name: "USN-3776-2", refsource: "UBUNTU", url: "https://usn.ubuntu.com/3776-2/", }, { name: "[stable] 20180904 [PATCH 2/2] irda: Only insert new objects into the global database via setsockopt", refsource: "MLIST", url: "https://www.spinics.net/lists/stable/msg255035.html", }, { name: "USN-3777-1", refsource: "UBUNTU", url: "https://usn.ubuntu.com/3777-1/", }, { name: "USN-3775-1", refsource: "UBUNTU", url: "https://usn.ubuntu.com/3775-1/", }, { name: "[debian-lts-announce] 20181003 [SECURITY] [DLA 1531-1] linux-4.9 security update", refsource: "MLIST", url: "https://lists.debian.org/debian-lts-announce/2018/10/msg00003.html", }, { name: "DSA-4308", refsource: "DEBIAN", url: "https://www.debian.org/security/2018/dsa-4308", }, { name: "USN-3775-2", refsource: "UBUNTU", url: "https://usn.ubuntu.com/3775-2/", }, { name: "105304", refsource: "BID", url: "http://www.securityfocus.com/bid/105304", }, { name: "USN-3777-2", refsource: "UBUNTU", url: "https://usn.ubuntu.com/3777-2/", }, { name: "[stable] 20180904 [PATCH 2/2] irda: Only insert new objects into the global database via setsockopt", refsource: "MLIST", url: "https://www.spinics.net/lists/stable/msg255031.html", }, { name: "USN-3777-3", refsource: "UBUNTU", url: "https://usn.ubuntu.com/3777-3/", }, ], }, source: { discovery: "UNKNOWN", }, }, }, }, cveMetadata: { assignerOrgId: "cc1ad9ee-3454-478d-9317-d3e869d708bc", assignerShortName: "canonical", cveId: "CVE-2018-6555", datePublished: "2018-09-04T18:00:00Z", dateReserved: "2018-02-02T00:00:00", dateUpdated: "2024-09-16T23:42:04.264Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", "vulnerability-lookup:meta": { fkie_nvd: { configurations: "[{\"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*\", \"versionEndExcluding\": \"4.17\", \"matchCriteriaId\": \"0667D0B1-8AC7-46D8-BB4B-68157115D405\"}]}]}, {\"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:canonical:ubuntu_linux:12.04:*:*:*:esm:*:*:*\", \"matchCriteriaId\": \"8D305F7A-D159-4716-AB26-5E38BB5CD991\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:lts:*:*:*\", \"matchCriteriaId\": \"B5A6F2F3-4894-4392-8296-3B8DD2679084\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:lts:*:*:*\", \"matchCriteriaId\": \"F7016A2A-8365-4F1A-89A2-7A19F2BCAE5B\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:canonical:ubuntu_linux:18.04:*:*:*:lts:*:*:*\", \"matchCriteriaId\": \"23A7C53F-B80F-4E6A-AFA9-58EEA84BE11D\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"C11E6FB0-C8C0-4527-9AA0-CB9B316F8F43\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"DEECE5FC-CACF-4496-A3E7-164736409252\"}]}]}]", descriptions: "[{\"lang\": \"en\", \"value\": \"The irda_setsockopt function in net/irda/af_irda.c and later in drivers/staging/irda/net/af_irda.c in the Linux kernel before 4.17 allows local users to cause a denial of service (ias_object use-after-free and system crash) or possibly have unspecified other impact via an AF_IRDA socket.\"}, {\"lang\": \"es\", \"value\": \"La funci\\u00f3n irda_setsockopt en net/irda/af_irda.c y siguientes en drivers/staging/irda/net/af_irda.c en el kernel de Linux en versiones anteriores a la 4.17 permite que usuarios locales provoquen una denegaci\\u00f3n de servicio (uso de memoria previamente liberada en ias_object y cierre inesperado del sistema) o cualquier otro tipo de impacto sin especificar mediante un socket AF_IRDA.\"}]", id: "CVE-2018-6555", lastModified: "2024-11-21T04:10:53.823", metrics: "{\"cvssMetricV30\": [{\"source\": \"nvd@nist.gov\", \"type\": \"Primary\", \"cvssData\": {\"version\": \"3.0\", \"vectorString\": \"CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H\", \"baseScore\": 7.8, \"baseSeverity\": \"HIGH\", \"attackVector\": \"LOCAL\", \"attackComplexity\": \"LOW\", \"privilegesRequired\": \"LOW\", \"userInteraction\": \"NONE\", \"scope\": \"UNCHANGED\", \"confidentialityImpact\": \"HIGH\", \"integrityImpact\": \"HIGH\", \"availabilityImpact\": \"HIGH\"}, \"exploitabilityScore\": 1.8, \"impactScore\": 5.9}], \"cvssMetricV2\": [{\"source\": \"nvd@nist.gov\", \"type\": \"Primary\", \"cvssData\": {\"version\": \"2.0\", \"vectorString\": \"AV:L/AC:L/Au:N/C:C/I:C/A:C\", \"baseScore\": 7.2, \"accessVector\": \"LOCAL\", \"accessComplexity\": \"LOW\", \"authentication\": \"NONE\", \"confidentialityImpact\": \"COMPLETE\", \"integrityImpact\": \"COMPLETE\", \"availabilityImpact\": \"COMPLETE\"}, \"baseSeverity\": \"HIGH\", \"exploitabilityScore\": 3.9, \"impactScore\": 10.0, \"acInsufInfo\": false, \"obtainAllPrivilege\": false, \"obtainUserPrivilege\": false, \"obtainOtherPrivilege\": false, \"userInteractionRequired\": false}]}", published: "2018-09-04T18:29:00.470", references: "[{\"url\": \"http://www.securityfocus.com/bid/105304\", \"source\": \"security@ubuntu.com\", \"tags\": [\"Third Party Advisory\", \"VDB Entry\"]}, {\"url\": \"https://lists.debian.org/debian-lts-announce/2018/10/msg00003.html\", \"source\": \"security@ubuntu.com\", \"tags\": [\"Third Party Advisory\"]}, {\"url\": \"https://usn.ubuntu.com/3775-1/\", \"source\": \"security@ubuntu.com\", \"tags\": [\"Third Party Advisory\"]}, {\"url\": \"https://usn.ubuntu.com/3775-2/\", \"source\": \"security@ubuntu.com\", \"tags\": [\"Third Party Advisory\"]}, {\"url\": \"https://usn.ubuntu.com/3776-1/\", \"source\": \"security@ubuntu.com\", \"tags\": [\"Third Party Advisory\"]}, {\"url\": \"https://usn.ubuntu.com/3776-2/\", \"source\": \"security@ubuntu.com\", \"tags\": [\"Third Party Advisory\"]}, {\"url\": \"https://usn.ubuntu.com/3777-1/\", \"source\": \"security@ubuntu.com\", \"tags\": [\"Third Party Advisory\"]}, {\"url\": \"https://usn.ubuntu.com/3777-2/\", \"source\": \"security@ubuntu.com\", \"tags\": [\"Third Party Advisory\"]}, {\"url\": \"https://usn.ubuntu.com/3777-3/\", \"source\": \"security@ubuntu.com\", \"tags\": [\"Third Party Advisory\"]}, {\"url\": \"https://www.debian.org/security/2018/dsa-4308\", \"source\": \"security@ubuntu.com\", \"tags\": [\"Third Party Advisory\"]}, {\"url\": \"https://www.spinics.net/lists/stable/msg255031.html\", \"source\": \"security@ubuntu.com\", \"tags\": [\"Patch\", \"Third Party Advisory\"]}, {\"url\": \"https://www.spinics.net/lists/stable/msg255035.html\", \"source\": \"security@ubuntu.com\", \"tags\": [\"Patch\", \"Third Party Advisory\"]}, {\"url\": \"http://www.securityfocus.com/bid/105304\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Third Party Advisory\", \"VDB Entry\"]}, {\"url\": \"https://lists.debian.org/debian-lts-announce/2018/10/msg00003.html\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Third Party Advisory\"]}, {\"url\": \"https://usn.ubuntu.com/3775-1/\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Third Party Advisory\"]}, {\"url\": \"https://usn.ubuntu.com/3775-2/\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Third Party Advisory\"]}, {\"url\": \"https://usn.ubuntu.com/3776-1/\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Third Party Advisory\"]}, {\"url\": \"https://usn.ubuntu.com/3776-2/\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Third Party Advisory\"]}, {\"url\": \"https://usn.ubuntu.com/3777-1/\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Third Party Advisory\"]}, {\"url\": \"https://usn.ubuntu.com/3777-2/\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Third Party Advisory\"]}, {\"url\": \"https://usn.ubuntu.com/3777-3/\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Third Party Advisory\"]}, {\"url\": \"https://www.debian.org/security/2018/dsa-4308\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Third Party Advisory\"]}, {\"url\": \"https://www.spinics.net/lists/stable/msg255031.html\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Patch\", \"Third Party Advisory\"]}, {\"url\": \"https://www.spinics.net/lists/stable/msg255035.html\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Patch\", \"Third Party Advisory\"]}]", sourceIdentifier: "security@ubuntu.com", vulnStatus: "Modified", weaknesses: "[{\"source\": \"security@ubuntu.com\", \"type\": \"Secondary\", \"description\": [{\"lang\": \"en\", \"value\": \"CWE-416\"}]}, {\"source\": \"nvd@nist.gov\", \"type\": \"Primary\", \"description\": [{\"lang\": \"en\", \"value\": \"CWE-416\"}]}]", }, nvd: "{\"cve\":{\"id\":\"CVE-2018-6555\",\"sourceIdentifier\":\"security@ubuntu.com\",\"published\":\"2018-09-04T18:29:00.470\",\"lastModified\":\"2024-11-21T04:10:53.823\",\"vulnStatus\":\"Modified\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"The irda_setsockopt function in net/irda/af_irda.c and later in drivers/staging/irda/net/af_irda.c in the Linux kernel before 4.17 allows local users to cause a denial of service (ias_object use-after-free and system crash) or possibly have unspecified other impact via an AF_IRDA socket.\"},{\"lang\":\"es\",\"value\":\"La función irda_setsockopt en net/irda/af_irda.c y siguientes en drivers/staging/irda/net/af_irda.c en el kernel de Linux en versiones anteriores a la 4.17 permite que usuarios locales provoquen una denegación de servicio (uso de memoria previamente liberada en ias_object y cierre inesperado del sistema) o cualquier otro tipo de impacto sin especificar mediante un socket AF_IRDA.\"}],\"metrics\":{\"cvssMetricV30\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"3.0\",\"vectorString\":\"CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H\",\"baseScore\":7.8,\"baseSeverity\":\"HIGH\",\"attackVector\":\"LOCAL\",\"attackComplexity\":\"LOW\",\"privilegesRequired\":\"LOW\",\"userInteraction\":\"NONE\",\"scope\":\"UNCHANGED\",\"confidentialityImpact\":\"HIGH\",\"integrityImpact\":\"HIGH\",\"availabilityImpact\":\"HIGH\"},\"exploitabilityScore\":1.8,\"impactScore\":5.9}],\"cvssMetricV2\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"2.0\",\"vectorString\":\"AV:L/AC:L/Au:N/C:C/I:C/A:C\",\"baseScore\":7.2,\"accessVector\":\"LOCAL\",\"accessComplexity\":\"LOW\",\"authentication\":\"NONE\",\"confidentialityImpact\":\"COMPLETE\",\"integrityImpact\":\"COMPLETE\",\"availabilityImpact\":\"COMPLETE\"},\"baseSeverity\":\"HIGH\",\"exploitabilityScore\":3.9,\"impactScore\":10.0,\"acInsufInfo\":false,\"obtainAllPrivilege\":false,\"obtainUserPrivilege\":false,\"obtainOtherPrivilege\":false,\"userInteractionRequired\":false}]},\"weaknesses\":[{\"source\":\"security@ubuntu.com\",\"type\":\"Secondary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-416\"}]},{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-416\"}]}],\"configurations\":[{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"4.17\",\"matchCriteriaId\":\"0667D0B1-8AC7-46D8-BB4B-68157115D405\"}]}]},{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:canonical:ubuntu_linux:12.04:*:*:*:esm:*:*:*\",\"matchCriteriaId\":\"8D305F7A-D159-4716-AB26-5E38BB5CD991\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:lts:*:*:*\",\"matchCriteriaId\":\"B5A6F2F3-4894-4392-8296-3B8DD2679084\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:lts:*:*:*\",\"matchCriteriaId\":\"F7016A2A-8365-4F1A-89A2-7A19F2BCAE5B\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:canonical:ubuntu_linux:18.04:*:*:*:lts:*:*:*\",\"matchCriteriaId\":\"23A7C53F-B80F-4E6A-AFA9-58EEA84BE11D\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"C11E6FB0-C8C0-4527-9AA0-CB9B316F8F43\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"DEECE5FC-CACF-4496-A3E7-164736409252\"}]}]}],\"references\":[{\"url\":\"http://www.securityfocus.com/bid/105304\",\"source\":\"security@ubuntu.com\",\"tags\":[\"Third Party Advisory\",\"VDB Entry\"]},{\"url\":\"https://lists.debian.org/debian-lts-announce/2018/10/msg00003.html\",\"source\":\"security@ubuntu.com\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://usn.ubuntu.com/3775-1/\",\"source\":\"security@ubuntu.com\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://usn.ubuntu.com/3775-2/\",\"source\":\"security@ubuntu.com\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://usn.ubuntu.com/3776-1/\",\"source\":\"security@ubuntu.com\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://usn.ubuntu.com/3776-2/\",\"source\":\"security@ubuntu.com\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://usn.ubuntu.com/3777-1/\",\"source\":\"security@ubuntu.com\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://usn.ubuntu.com/3777-2/\",\"source\":\"security@ubuntu.com\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://usn.ubuntu.com/3777-3/\",\"source\":\"security@ubuntu.com\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://www.debian.org/security/2018/dsa-4308\",\"source\":\"security@ubuntu.com\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://www.spinics.net/lists/stable/msg255031.html\",\"source\":\"security@ubuntu.com\",\"tags\":[\"Patch\",\"Third Party Advisory\"]},{\"url\":\"https://www.spinics.net/lists/stable/msg255035.html\",\"source\":\"security@ubuntu.com\",\"tags\":[\"Patch\",\"Third Party Advisory\"]},{\"url\":\"http://www.securityfocus.com/bid/105304\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\",\"VDB Entry\"]},{\"url\":\"https://lists.debian.org/debian-lts-announce/2018/10/msg00003.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://usn.ubuntu.com/3775-1/\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://usn.ubuntu.com/3775-2/\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://usn.ubuntu.com/3776-1/\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://usn.ubuntu.com/3776-2/\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://usn.ubuntu.com/3777-1/\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://usn.ubuntu.com/3777-2/\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://usn.ubuntu.com/3777-3/\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://www.debian.org/security/2018/dsa-4308\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://www.spinics.net/lists/stable/msg255031.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Patch\",\"Third Party Advisory\"]},{\"url\":\"https://www.spinics.net/lists/stable/msg255035.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Patch\",\"Third Party Advisory\"]}]}}", }, }
suse-su-2018:3083-1
Vulnerability from csaf_suse
Published
2018-10-09 11:15
Modified
2018-10-09 11:15
Summary
Security update for the Linux Kernel
Notes
Title of the patch
Security update for the Linux Kernel
Description of the patch
The SUSE Linux Enterprise 12 kernel was updated to receive various security and bugfixes.
The following security bugs were fixed:
- CVE-2018-14634: Prevent integer overflow in create_elf_tables that allowed a
local attacker to exploit this vulnerability via a SUID-root binary and obtain
full root privileges (bsc#1108912)
- CVE-2018-14617: Prevent NULL pointer dereference and panic in
hfsplus_lookup() when opening a file (that is purportedly a hard link) in an
hfs+ filesystem that has malformed catalog data, and is mounted read-only
without a metadata directory (bsc#1102870)
- CVE-2018-16276: Incorrect bounds checking in the yurex USB driver in
yurex_read allowed local attackers to use user access read/writes to crash the
kernel or potentially escalate privileges (bsc#1106095)
- CVE-2018-12896: Prevent integer overflow in the POSIX timer code that was
caused by the way the overrun accounting works. Depending on interval and
expiry time values, the overrun can be larger than INT_MAX, but the accounting
is int based. This basically made the accounting values, which are visible to
user space via timer_getoverrun(2) and siginfo::si_overrun, random. This
allowed a local user to cause a denial of service (signed integer overflow) via
crafted mmap, futex, timer_create, and timer_settime system calls (bnc#1099922)
- CVE-2018-13093: Prevent NULL pointer dereference and panic in lookup_slow()
on a NULL inode->i_ops pointer when doing pathwalks on a corrupted xfs image.
This occured because of a lack of proper validation that cached inodes are free
during allocation (bnc#1100001)
- CVE-2018-10940: The cdrom_ioctl_media_changed function allowed local
attackers to use a incorrect bounds check in the CDROM driver
CDROM_MEDIA_CHANGED ioctl to read out kernel memory (bsc#1092903)
- CVE-2018-16658: Prevent information leak in cdrom_ioctl_drive_status that
could have been used by local attackers to read kernel memory (bnc#1107689)
- CVE-2018-6555: The irda_setsockopt function allowed local users to cause a
denial of service (ias_object use-after-free and system crash) or possibly have
unspecified other impact via an AF_IRDA socket (bnc#1106511)
- CVE-2018-6554: Prevent memory leak in the irda_bind function that allowed
local users to cause a denial of service (memory consumption) by repeatedly
binding an AF_IRDA socket (bnc#1106509)
- CVE-2018-10853: The KVM hypervisor did not check current privilege(CPL) level
while emulating unprivileged instructions. An unprivileged guest user/process
could have used this flaw to potentially escalate privileges inside guest
(bsc#1097104)
- CVE-2018-10902: Protect against concurrent access to prevent double realloc
(double free) in snd_rawmidi_input_params() and snd_rawmidi_output_status(). A
malicious local attacker could have used this for privilege escalation
(bnc#1105322).
- CVE-2018-10879: A local user could have caused a use-after-free in
ext4_xattr_set_entry function and a denial of service or unspecified other
impact by renaming a file in a crafted ext4 filesystem image (bsc#1099844)
- CVE-2018-10883: A local user could have caused an out-of-bounds write in
jbd2_journal_dirty_metadata(), a denial of service, and a system crash by
mounting and operating on a crafted ext4 filesystem image (bsc#1099863)
- CVE-2018-10880: Prevent stack-out-of-bounds write in the ext4 filesystem code
when mounting and writing to a crafted ext4 image in ext4_update_inline_data().
An attacker could have used this to cause a system crash and a denial of
service (bsc#1099845)
- CVE-2018-10882: A local user could have caused an out-of-bound write, a
denial of service, and a system crash by unmounting a crafted ext4 filesystem
image (bsc#1099849)
- CVE-2018-10881: A local user could have caused an out-of-bound access in
ext4_get_group_info function, a denial of service, and a system crash by
mounting and operating on a crafted ext4 filesystem image (bsc#1099864)
- CVE-2018-10877: Prevent out-of-bound access in the ext4_ext_drop_refs()
function when operating on a crafted ext4 filesystem image (bsc#1099846)
- CVE-2018-10876: A use-after-free was possible in ext4_ext_remove_space()
function when mounting and operating a crafted ext4 image (bsc#1099811)
- CVE-2018-10878: A local user could have caused an out-of-bounds write and a
denial of service or unspecified other impact by mounting and operating a
crafted ext4 filesystem image (bsc#1099813)
- CVE-2018-17182: An issue was discovered in the Linux kernel The
vmacache_flush_all function in mm/vmacache.c mishandled sequence number
overflows. An attacker can trigger a use-after-free (and possibly gain
privileges) via certain thread creation, map, unmap, invalidation,
and dereference operations (bnc#1108399).
The following non-security bugs were fixed:
- bcache: avoid unncessary cache prefetch bch_btree_node_get().
- bcache: calculate the number of incremental GC nodes according to the total of btree nodes.
- bcache: display rate debug parameters to 0 when writeback is not running.
- bcache: do not check return value of debugfs_create_dir().
- bcache: finish incremental GC.
- bcache: fix error setting writeback_rate through sysfs interface (bsc#1064232).
- bcache: fix I/O significant decline while backend devices registering.
- bcache: free heap cache_set->flush_btree in bch_journal_free.
- bcache: make the pr_err statement used for ENOENT only in sysfs_attatch section.
- bcache: release dc->writeback_lock properly in bch_writeback_thread().
- bcache: set max writeback rate when I/O request is idle (bsc#1064232).
- bcache: simplify the calculation of the total amount of flash dirty data.
- Do not report CPU affected by L1TF when ARCH_CAP_RDCL_NO bit is set (bsc#1104906).
- ext4: check for allocation block validity with block group locked (bsc#1104495).
- ext4: do not update checksum of new initialized bitmaps (bnc#1012382).
- ext4: fix check to prevent initializing reserved inodes (bsc#1104319).
- ext4: fix false negatives *and* false positives in ext4_check_descriptors() (bsc#1103445).
- kABI: protect struct x86_emulate_ops (kabi).
- KEYS: prevent creating a different user's keyrings (bnc#1065999).
- KVM: MMU: always terminate page walks at level 1 (bsc#1062604).
- KVM: MMU: simplify last_pte_bitmap (bsc#1062604).
- KVM: nVMX: update last_nonleaf_level when initializing nested EPT (bsc#1062604).
- KVM: VMX: fixes for vmentry_l1d_flush module parameter (bsc#1106369).
- KVM: VMX: Work around kABI breakage in 'enum vmx_l1d_flush_state' (bsc#1106369).
- updated sssbd handling (bsc#1093215, bsc#1105412).
- usbip: vhci_sysfs: fix potential Spectre v1 (bsc#1096547).
- x86/speculation: Use ARCH_CAPABILITIES to skip L1D flush on vmentry (bsc#1106369).
- sched/sysctl: Check user input value of sysctl_sched_time_avg (bsc#1100089).
Patchnames
SUSE-SLE-Module-Public-Cloud-12-2018-2185,SUSE-SLE-SERVER-12-2018-2185
Terms of use
CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).
{ document: { aggregate_severity: { namespace: "https://www.suse.com/support/security/rating/", text: "important", }, category: "csaf_security_advisory", csaf_version: "2.0", distribution: { text: "Copyright 2024 SUSE LLC. All rights reserved.", tlp: { label: "WHITE", url: "https://www.first.org/tlp/", }, }, lang: "en", notes: [ { category: "summary", text: "Security update for the Linux Kernel", title: "Title of the patch", }, { category: "description", text: "\nThe SUSE Linux Enterprise 12 kernel was updated to receive various security and bugfixes.\n\nThe following security bugs were fixed:\n\n- CVE-2018-14634: Prevent integer overflow in create_elf_tables that allowed a\n local attacker to exploit this vulnerability via a SUID-root binary and obtain\n full root privileges (bsc#1108912)\n- CVE-2018-14617: Prevent NULL pointer dereference and panic in\n hfsplus_lookup() when opening a file (that is purportedly a hard link) in an\n hfs+ filesystem that has malformed catalog data, and is mounted read-only\n without a metadata directory (bsc#1102870)\n- CVE-2018-16276: Incorrect bounds checking in the yurex USB driver in\n yurex_read allowed local attackers to use user access read/writes to crash the\n kernel or potentially escalate privileges (bsc#1106095)\n- CVE-2018-12896: Prevent integer overflow in the POSIX timer code that was\n caused by the way the overrun accounting works. Depending on interval and\n expiry time values, the overrun can be larger than INT_MAX, but the accounting\n is int based. This basically made the accounting values, which are visible to\n user space via timer_getoverrun(2) and siginfo::si_overrun, random. This\n allowed a local user to cause a denial of service (signed integer overflow) via\n crafted mmap, futex, timer_create, and timer_settime system calls (bnc#1099922)\n- CVE-2018-13093: Prevent NULL pointer dereference and panic in lookup_slow()\n on a NULL inode->i_ops pointer when doing pathwalks on a corrupted xfs image.\n This occured because of a lack of proper validation that cached inodes are free\n during allocation (bnc#1100001)\n- CVE-2018-10940: The cdrom_ioctl_media_changed function allowed local\n attackers to use a incorrect bounds check in the CDROM driver\n CDROM_MEDIA_CHANGED ioctl to read out kernel memory (bsc#1092903)\n- CVE-2018-16658: Prevent information leak in cdrom_ioctl_drive_status that\n could have been used by local attackers to read kernel memory (bnc#1107689)\n- CVE-2018-6555: The irda_setsockopt function allowed local users to cause a\n denial of service (ias_object use-after-free and system crash) or possibly have\n unspecified other impact via an AF_IRDA socket (bnc#1106511)\n- CVE-2018-6554: Prevent memory leak in the irda_bind function that allowed\n local users to cause a denial of service (memory consumption) by repeatedly\n binding an AF_IRDA socket (bnc#1106509)\n- CVE-2018-10853: The KVM hypervisor did not check current privilege(CPL) level\n while emulating unprivileged instructions. An unprivileged guest user/process\n could have used this flaw to potentially escalate privileges inside guest\n (bsc#1097104)\n- CVE-2018-10902: Protect against concurrent access to prevent double realloc\n (double free) in snd_rawmidi_input_params() and snd_rawmidi_output_status(). A\n malicious local attacker could have used this for privilege escalation\n (bnc#1105322).\n- CVE-2018-10879: A local user could have caused a use-after-free in\n ext4_xattr_set_entry function and a denial of service or unspecified other\n impact by renaming a file in a crafted ext4 filesystem image (bsc#1099844)\n- CVE-2018-10883: A local user could have caused an out-of-bounds write in\n jbd2_journal_dirty_metadata(), a denial of service, and a system crash by\n mounting and operating on a crafted ext4 filesystem image (bsc#1099863)\n- CVE-2018-10880: Prevent stack-out-of-bounds write in the ext4 filesystem code\n when mounting and writing to a crafted ext4 image in ext4_update_inline_data().\n An attacker could have used this to cause a system crash and a denial of\n service (bsc#1099845)\n- CVE-2018-10882: A local user could have caused an out-of-bound write, a\n denial of service, and a system crash by unmounting a crafted ext4 filesystem\n image (bsc#1099849)\n- CVE-2018-10881: A local user could have caused an out-of-bound access in\n ext4_get_group_info function, a denial of service, and a system crash by\n mounting and operating on a crafted ext4 filesystem image (bsc#1099864)\n- CVE-2018-10877: Prevent out-of-bound access in the ext4_ext_drop_refs()\n function when operating on a crafted ext4 filesystem image (bsc#1099846)\n- CVE-2018-10876: A use-after-free was possible in ext4_ext_remove_space()\n function when mounting and operating a crafted ext4 image (bsc#1099811)\n- CVE-2018-10878: A local user could have caused an out-of-bounds write and a\n denial of service or unspecified other impact by mounting and operating a\n crafted ext4 filesystem image (bsc#1099813)\n- CVE-2018-17182: An issue was discovered in the Linux kernel The\n vmacache_flush_all function in mm/vmacache.c mishandled sequence number\n overflows. An attacker can trigger a use-after-free (and possibly gain\n privileges) via certain thread creation, map, unmap, invalidation,\n and dereference operations (bnc#1108399).\n\nThe following non-security bugs were fixed:\n\n- bcache: avoid unncessary cache prefetch bch_btree_node_get().\n- bcache: calculate the number of incremental GC nodes according to the total of btree nodes.\n- bcache: display rate debug parameters to 0 when writeback is not running.\n- bcache: do not check return value of debugfs_create_dir().\n- bcache: finish incremental GC.\n- bcache: fix error setting writeback_rate through sysfs interface (bsc#1064232).\n- bcache: fix I/O significant decline while backend devices registering.\n- bcache: free heap cache_set->flush_btree in bch_journal_free.\n- bcache: make the pr_err statement used for ENOENT only in sysfs_attatch section.\n- bcache: release dc->writeback_lock properly in bch_writeback_thread().\n- bcache: set max writeback rate when I/O request is idle (bsc#1064232).\n- bcache: simplify the calculation of the total amount of flash dirty data.\n- Do not report CPU affected by L1TF when ARCH_CAP_RDCL_NO bit is set (bsc#1104906).\n- ext4: check for allocation block validity with block group locked (bsc#1104495).\n- ext4: do not update checksum of new initialized bitmaps (bnc#1012382).\n- ext4: fix check to prevent initializing reserved inodes (bsc#1104319).\n- ext4: fix false negatives *and* false positives in ext4_check_descriptors() (bsc#1103445).\n- kABI: protect struct x86_emulate_ops (kabi).\n- KEYS: prevent creating a different user's keyrings (bnc#1065999).\n- KVM: MMU: always terminate page walks at level 1 (bsc#1062604).\n- KVM: MMU: simplify last_pte_bitmap (bsc#1062604).\n- KVM: nVMX: update last_nonleaf_level when initializing nested EPT (bsc#1062604).\n- KVM: VMX: fixes for vmentry_l1d_flush module parameter (bsc#1106369).\n- KVM: VMX: Work around kABI breakage in 'enum vmx_l1d_flush_state' (bsc#1106369).\n- updated sssbd handling (bsc#1093215, bsc#1105412).\n- usbip: vhci_sysfs: fix potential Spectre v1 (bsc#1096547).\n- x86/speculation: Use ARCH_CAPABILITIES to skip L1D flush on vmentry (bsc#1106369).\n- sched/sysctl: Check user input value of sysctl_sched_time_avg (bsc#1100089).\n", title: "Description of the patch", }, { category: "details", text: "SUSE-SLE-Module-Public-Cloud-12-2018-2185,SUSE-SLE-SERVER-12-2018-2185", title: "Patchnames", }, { category: "legal_disclaimer", text: "CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).", title: "Terms of use", }, ], publisher: { category: "vendor", contact_details: "https://www.suse.com/support/security/contact/", name: "SUSE Product Security Team", namespace: "https://www.suse.com/", }, references: [ { category: "external", summary: "SUSE ratings", url: "https://www.suse.com/support/security/rating/", }, { category: "self", summary: "URL of this CSAF notice", url: "https://ftp.suse.com/pub/projects/security/csaf/suse-su-2018_3083-1.json", }, { category: "self", summary: "URL for SUSE-SU-2018:3083-1", url: "https://www.suse.com/support/update/announcement/2018/suse-su-20183083-1/", }, { category: "self", summary: "E-Mail link for SUSE-SU-2018:3083-1", url: "https://lists.suse.com/pipermail/sle-security-updates/2018-October/004659.html", }, { category: "self", summary: "SUSE Bug 1012382", url: "https://bugzilla.suse.com/1012382", }, { category: "self", summary: "SUSE Bug 1062604", url: "https://bugzilla.suse.com/1062604", }, { category: "self", summary: "SUSE Bug 1064232", url: "https://bugzilla.suse.com/1064232", }, { category: "self", summary: "SUSE Bug 1065999", url: "https://bugzilla.suse.com/1065999", }, { category: "self", summary: "SUSE Bug 1092903", url: "https://bugzilla.suse.com/1092903", }, { category: "self", summary: "SUSE Bug 1093215", url: "https://bugzilla.suse.com/1093215", }, { category: "self", summary: "SUSE Bug 1096547", url: "https://bugzilla.suse.com/1096547", }, { category: "self", summary: "SUSE Bug 1097104", url: "https://bugzilla.suse.com/1097104", }, { category: "self", summary: "SUSE Bug 1099811", url: "https://bugzilla.suse.com/1099811", }, { category: "self", summary: "SUSE Bug 1099813", url: "https://bugzilla.suse.com/1099813", }, { category: "self", summary: "SUSE Bug 1099844", url: "https://bugzilla.suse.com/1099844", }, { category: "self", summary: "SUSE Bug 1099845", url: "https://bugzilla.suse.com/1099845", }, { category: "self", summary: "SUSE Bug 1099846", url: "https://bugzilla.suse.com/1099846", }, { category: "self", summary: "SUSE Bug 1099849", url: "https://bugzilla.suse.com/1099849", }, { category: "self", summary: "SUSE Bug 1099863", url: "https://bugzilla.suse.com/1099863", }, { category: "self", summary: "SUSE Bug 1099864", url: "https://bugzilla.suse.com/1099864", }, { category: "self", summary: "SUSE Bug 1099922", url: "https://bugzilla.suse.com/1099922", }, { category: "self", summary: "SUSE Bug 1100001", url: "https://bugzilla.suse.com/1100001", }, { category: "self", summary: "SUSE Bug 1100089", url: "https://bugzilla.suse.com/1100089", }, { category: "self", summary: "SUSE Bug 1102870", url: "https://bugzilla.suse.com/1102870", }, { category: "self", summary: "SUSE Bug 1103445", url: "https://bugzilla.suse.com/1103445", }, { category: "self", summary: "SUSE Bug 1104319", url: "https://bugzilla.suse.com/1104319", }, { category: "self", summary: "SUSE Bug 1104495", url: "https://bugzilla.suse.com/1104495", }, { category: "self", summary: "SUSE Bug 1104906", url: "https://bugzilla.suse.com/1104906", }, { category: "self", summary: "SUSE Bug 1105322", url: "https://bugzilla.suse.com/1105322", }, { category: "self", summary: "SUSE Bug 1105412", url: "https://bugzilla.suse.com/1105412", }, { category: "self", summary: "SUSE Bug 1106095", url: "https://bugzilla.suse.com/1106095", }, { category: "self", summary: "SUSE Bug 1106369", url: "https://bugzilla.suse.com/1106369", }, { category: "self", summary: "SUSE Bug 1106509", url: "https://bugzilla.suse.com/1106509", }, { category: "self", summary: "SUSE Bug 1106511", url: "https://bugzilla.suse.com/1106511", }, { category: "self", summary: "SUSE Bug 1107689", url: "https://bugzilla.suse.com/1107689", }, { category: "self", summary: "SUSE Bug 1108399", url: "https://bugzilla.suse.com/1108399", }, { category: "self", summary: "SUSE Bug 1108912", url: "https://bugzilla.suse.com/1108912", }, { category: "self", summary: "SUSE CVE CVE-2018-10853 page", url: "https://www.suse.com/security/cve/CVE-2018-10853/", }, { category: "self", summary: "SUSE CVE CVE-2018-10876 page", url: "https://www.suse.com/security/cve/CVE-2018-10876/", }, { category: "self", summary: "SUSE CVE CVE-2018-10877 page", url: "https://www.suse.com/security/cve/CVE-2018-10877/", }, { category: "self", summary: "SUSE CVE CVE-2018-10878 page", url: "https://www.suse.com/security/cve/CVE-2018-10878/", }, { category: "self", summary: "SUSE CVE CVE-2018-10879 page", url: "https://www.suse.com/security/cve/CVE-2018-10879/", }, { category: "self", summary: "SUSE CVE CVE-2018-10880 page", url: "https://www.suse.com/security/cve/CVE-2018-10880/", }, { category: "self", summary: "SUSE CVE CVE-2018-10881 page", url: "https://www.suse.com/security/cve/CVE-2018-10881/", }, { category: "self", summary: "SUSE CVE CVE-2018-10882 page", url: "https://www.suse.com/security/cve/CVE-2018-10882/", }, { category: "self", summary: "SUSE CVE CVE-2018-10883 page", url: "https://www.suse.com/security/cve/CVE-2018-10883/", }, { category: "self", summary: "SUSE CVE CVE-2018-10902 page", url: "https://www.suse.com/security/cve/CVE-2018-10902/", }, { category: "self", summary: "SUSE CVE CVE-2018-10940 page", url: "https://www.suse.com/security/cve/CVE-2018-10940/", }, { category: "self", summary: "SUSE CVE CVE-2018-12896 page", url: "https://www.suse.com/security/cve/CVE-2018-12896/", }, { category: "self", summary: "SUSE CVE CVE-2018-13093 page", url: "https://www.suse.com/security/cve/CVE-2018-13093/", }, { category: "self", summary: "SUSE CVE CVE-2018-14617 page", url: "https://www.suse.com/security/cve/CVE-2018-14617/", }, { category: "self", summary: "SUSE CVE CVE-2018-14634 page", url: "https://www.suse.com/security/cve/CVE-2018-14634/", }, { category: "self", summary: "SUSE CVE CVE-2018-16276 page", url: "https://www.suse.com/security/cve/CVE-2018-16276/", }, { category: "self", summary: "SUSE CVE CVE-2018-16658 page", url: "https://www.suse.com/security/cve/CVE-2018-16658/", }, { category: "self", summary: "SUSE CVE CVE-2018-17182 page", url: "https://www.suse.com/security/cve/CVE-2018-17182/", }, { category: "self", summary: "SUSE CVE CVE-2018-6554 page", url: "https://www.suse.com/security/cve/CVE-2018-6554/", }, { category: "self", summary: "SUSE CVE CVE-2018-6555 page", url: "https://www.suse.com/security/cve/CVE-2018-6555/", }, ], title: "Security update for the Linux Kernel", tracking: { current_release_date: "2018-10-09T11:15:29Z", generator: { date: "2018-10-09T11:15:29Z", engine: { name: "cve-database.git:bin/generate-csaf.pl", version: "1", }, }, id: "SUSE-SU-2018:3083-1", initial_release_date: "2018-10-09T11:15:29Z", revision_history: [ { date: "2018-10-09T11:15:29Z", number: "1", summary: "Current version", }, ], status: "final", version: "1", }, }, product_tree: { branches: [ { branches: [ { branches: [ { category: "product_version", name: "kernel-devel-3.12.61-52.146.1.noarch", product: { name: "kernel-devel-3.12.61-52.146.1.noarch", product_id: "kernel-devel-3.12.61-52.146.1.noarch", }, }, { category: "product_version", name: "kernel-macros-3.12.61-52.146.1.noarch", product: { name: "kernel-macros-3.12.61-52.146.1.noarch", product_id: "kernel-macros-3.12.61-52.146.1.noarch", }, }, { category: "product_version", name: "kernel-source-3.12.61-52.146.1.noarch", product: { name: "kernel-source-3.12.61-52.146.1.noarch", product_id: "kernel-source-3.12.61-52.146.1.noarch", }, }, ], category: "architecture", name: "noarch", }, { branches: [ { category: "product_version", name: "kernel-default-3.12.61-52.146.1.ppc64le", product: { name: "kernel-default-3.12.61-52.146.1.ppc64le", product_id: "kernel-default-3.12.61-52.146.1.ppc64le", }, }, { category: "product_version", name: "kernel-default-base-3.12.61-52.146.1.ppc64le", product: { name: "kernel-default-base-3.12.61-52.146.1.ppc64le", product_id: "kernel-default-base-3.12.61-52.146.1.ppc64le", }, }, { category: "product_version", name: "kernel-default-devel-3.12.61-52.146.1.ppc64le", product: { name: "kernel-default-devel-3.12.61-52.146.1.ppc64le", product_id: "kernel-default-devel-3.12.61-52.146.1.ppc64le", }, }, { category: "product_version", name: "kernel-syms-3.12.61-52.146.1.ppc64le", product: { name: "kernel-syms-3.12.61-52.146.1.ppc64le", product_id: "kernel-syms-3.12.61-52.146.1.ppc64le", }, }, ], category: "architecture", name: "ppc64le", }, { branches: [ { category: "product_version", name: "kernel-default-3.12.61-52.146.1.s390x", product: { name: "kernel-default-3.12.61-52.146.1.s390x", product_id: "kernel-default-3.12.61-52.146.1.s390x", }, }, { category: "product_version", name: "kernel-default-base-3.12.61-52.146.1.s390x", product: { name: "kernel-default-base-3.12.61-52.146.1.s390x", product_id: "kernel-default-base-3.12.61-52.146.1.s390x", }, }, { category: "product_version", name: "kernel-default-devel-3.12.61-52.146.1.s390x", product: { name: "kernel-default-devel-3.12.61-52.146.1.s390x", product_id: "kernel-default-devel-3.12.61-52.146.1.s390x", }, }, { category: "product_version", name: "kernel-default-man-3.12.61-52.146.1.s390x", product: { name: "kernel-default-man-3.12.61-52.146.1.s390x", product_id: "kernel-default-man-3.12.61-52.146.1.s390x", }, }, { category: "product_version", name: "kernel-syms-3.12.61-52.146.1.s390x", product: { name: "kernel-syms-3.12.61-52.146.1.s390x", product_id: "kernel-syms-3.12.61-52.146.1.s390x", }, }, ], category: "architecture", name: "s390x", }, { branches: [ { category: "product_version", name: "kernel-ec2-3.12.61-52.146.1.x86_64", product: { name: "kernel-ec2-3.12.61-52.146.1.x86_64", product_id: "kernel-ec2-3.12.61-52.146.1.x86_64", }, }, { category: "product_version", name: "kernel-ec2-devel-3.12.61-52.146.1.x86_64", product: { name: "kernel-ec2-devel-3.12.61-52.146.1.x86_64", product_id: "kernel-ec2-devel-3.12.61-52.146.1.x86_64", }, }, { category: "product_version", name: "kernel-ec2-extra-3.12.61-52.146.1.x86_64", product: { name: "kernel-ec2-extra-3.12.61-52.146.1.x86_64", product_id: "kernel-ec2-extra-3.12.61-52.146.1.x86_64", }, }, { category: "product_version", name: "kernel-default-3.12.61-52.146.1.x86_64", product: { name: "kernel-default-3.12.61-52.146.1.x86_64", product_id: "kernel-default-3.12.61-52.146.1.x86_64", }, }, { category: "product_version", name: "kernel-default-base-3.12.61-52.146.1.x86_64", product: { name: "kernel-default-base-3.12.61-52.146.1.x86_64", product_id: "kernel-default-base-3.12.61-52.146.1.x86_64", }, }, { category: "product_version", name: "kernel-default-devel-3.12.61-52.146.1.x86_64", product: { name: "kernel-default-devel-3.12.61-52.146.1.x86_64", product_id: "kernel-default-devel-3.12.61-52.146.1.x86_64", }, }, { category: "product_version", name: "kernel-syms-3.12.61-52.146.1.x86_64", product: { name: "kernel-syms-3.12.61-52.146.1.x86_64", product_id: "kernel-syms-3.12.61-52.146.1.x86_64", }, }, { category: "product_version", name: "kernel-xen-3.12.61-52.146.1.x86_64", product: { name: "kernel-xen-3.12.61-52.146.1.x86_64", product_id: "kernel-xen-3.12.61-52.146.1.x86_64", }, }, { category: "product_version", name: "kernel-xen-base-3.12.61-52.146.1.x86_64", product: { name: "kernel-xen-base-3.12.61-52.146.1.x86_64", product_id: "kernel-xen-base-3.12.61-52.146.1.x86_64", }, }, { category: "product_version", name: "kernel-xen-devel-3.12.61-52.146.1.x86_64", product: { name: "kernel-xen-devel-3.12.61-52.146.1.x86_64", product_id: "kernel-xen-devel-3.12.61-52.146.1.x86_64", }, }, { category: "product_version", name: "kgraft-patch-3_12_61-52_146-default-1-1.5.1.x86_64", product: { name: "kgraft-patch-3_12_61-52_146-default-1-1.5.1.x86_64", product_id: "kgraft-patch-3_12_61-52_146-default-1-1.5.1.x86_64", }, }, { category: "product_version", name: "kgraft-patch-3_12_61-52_146-xen-1-1.5.1.x86_64", product: { name: "kgraft-patch-3_12_61-52_146-xen-1-1.5.1.x86_64", product_id: "kgraft-patch-3_12_61-52_146-xen-1-1.5.1.x86_64", }, }, ], category: "architecture", name: "x86_64", }, { branches: [ { category: "product_name", name: "SUSE Linux Enterprise Module for Public Cloud 12", product: { name: "SUSE Linux Enterprise Module for Public Cloud 12", product_id: "SUSE Linux Enterprise Module for Public Cloud 12", product_identification_helper: { cpe: "cpe:/o:suse:sle-module-public-cloud:12", }, }, }, { category: "product_name", name: "SUSE Linux Enterprise Server 12-LTSS", product: { name: "SUSE Linux Enterprise Server 12-LTSS", product_id: "SUSE Linux Enterprise Server 12-LTSS", product_identification_helper: { cpe: "cpe:/o:suse:sles-ltss:12", }, }, }, ], category: "product_family", name: "SUSE Linux Enterprise", }, ], category: "vendor", name: "SUSE", }, ], relationships: [ { category: "default_component_of", full_product_name: { name: "kernel-ec2-3.12.61-52.146.1.x86_64 as component of SUSE Linux Enterprise Module for Public Cloud 12", product_id: "SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-3.12.61-52.146.1.x86_64", }, product_reference: "kernel-ec2-3.12.61-52.146.1.x86_64", relates_to_product_reference: "SUSE Linux Enterprise Module for Public Cloud 12", }, { category: "default_component_of", full_product_name: { name: "kernel-ec2-devel-3.12.61-52.146.1.x86_64 as component of SUSE Linux Enterprise Module for Public Cloud 12", product_id: "SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-devel-3.12.61-52.146.1.x86_64", }, product_reference: "kernel-ec2-devel-3.12.61-52.146.1.x86_64", relates_to_product_reference: "SUSE Linux Enterprise Module for Public Cloud 12", }, { category: "default_component_of", full_product_name: { name: "kernel-ec2-extra-3.12.61-52.146.1.x86_64 as component of SUSE Linux Enterprise Module for Public Cloud 12", product_id: "SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-extra-3.12.61-52.146.1.x86_64", }, product_reference: "kernel-ec2-extra-3.12.61-52.146.1.x86_64", relates_to_product_reference: "SUSE Linux Enterprise Module for Public Cloud 12", }, { category: "default_component_of", full_product_name: { name: "kernel-default-3.12.61-52.146.1.ppc64le as component of SUSE Linux Enterprise Server 12-LTSS", product_id: "SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.146.1.ppc64le", }, product_reference: "kernel-default-3.12.61-52.146.1.ppc64le", relates_to_product_reference: "SUSE Linux Enterprise Server 12-LTSS", }, { category: "default_component_of", full_product_name: { name: "kernel-default-3.12.61-52.146.1.s390x as component of SUSE Linux Enterprise Server 12-LTSS", product_id: "SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.146.1.s390x", }, product_reference: "kernel-default-3.12.61-52.146.1.s390x", relates_to_product_reference: "SUSE Linux Enterprise Server 12-LTSS", }, { category: "default_component_of", full_product_name: { name: "kernel-default-3.12.61-52.146.1.x86_64 as component of SUSE Linux Enterprise Server 12-LTSS", product_id: "SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.146.1.x86_64", }, product_reference: "kernel-default-3.12.61-52.146.1.x86_64", relates_to_product_reference: "SUSE Linux Enterprise Server 12-LTSS", }, { category: "default_component_of", full_product_name: { name: "kernel-default-base-3.12.61-52.146.1.ppc64le as component of SUSE Linux Enterprise Server 12-LTSS", product_id: "SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.146.1.ppc64le", }, product_reference: "kernel-default-base-3.12.61-52.146.1.ppc64le", relates_to_product_reference: "SUSE Linux Enterprise Server 12-LTSS", }, { category: "default_component_of", full_product_name: { name: "kernel-default-base-3.12.61-52.146.1.s390x as component of SUSE Linux Enterprise Server 12-LTSS", product_id: "SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.146.1.s390x", }, product_reference: "kernel-default-base-3.12.61-52.146.1.s390x", relates_to_product_reference: "SUSE Linux Enterprise Server 12-LTSS", }, { category: "default_component_of", full_product_name: { name: "kernel-default-base-3.12.61-52.146.1.x86_64 as component of SUSE Linux Enterprise Server 12-LTSS", product_id: "SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.146.1.x86_64", }, product_reference: "kernel-default-base-3.12.61-52.146.1.x86_64", relates_to_product_reference: "SUSE Linux Enterprise Server 12-LTSS", }, { category: "default_component_of", full_product_name: { name: "kernel-default-devel-3.12.61-52.146.1.ppc64le as component of SUSE Linux Enterprise Server 12-LTSS", product_id: "SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.146.1.ppc64le", }, product_reference: "kernel-default-devel-3.12.61-52.146.1.ppc64le", relates_to_product_reference: "SUSE Linux Enterprise Server 12-LTSS", }, { category: "default_component_of", full_product_name: { name: "kernel-default-devel-3.12.61-52.146.1.s390x as component of SUSE Linux Enterprise Server 12-LTSS", product_id: "SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.146.1.s390x", }, product_reference: "kernel-default-devel-3.12.61-52.146.1.s390x", relates_to_product_reference: "SUSE Linux Enterprise Server 12-LTSS", }, { category: "default_component_of", full_product_name: { name: "kernel-default-devel-3.12.61-52.146.1.x86_64 as component of SUSE Linux Enterprise Server 12-LTSS", product_id: "SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.146.1.x86_64", }, product_reference: "kernel-default-devel-3.12.61-52.146.1.x86_64", relates_to_product_reference: "SUSE Linux Enterprise Server 12-LTSS", }, { category: "default_component_of", full_product_name: { name: "kernel-default-man-3.12.61-52.146.1.s390x as component of SUSE Linux Enterprise Server 12-LTSS", product_id: "SUSE Linux Enterprise Server 12-LTSS:kernel-default-man-3.12.61-52.146.1.s390x", }, product_reference: "kernel-default-man-3.12.61-52.146.1.s390x", relates_to_product_reference: "SUSE Linux Enterprise Server 12-LTSS", }, { category: "default_component_of", full_product_name: { name: "kernel-devel-3.12.61-52.146.1.noarch as component of SUSE Linux Enterprise Server 12-LTSS", product_id: "SUSE Linux Enterprise Server 12-LTSS:kernel-devel-3.12.61-52.146.1.noarch", }, product_reference: "kernel-devel-3.12.61-52.146.1.noarch", relates_to_product_reference: "SUSE Linux Enterprise Server 12-LTSS", }, { category: "default_component_of", full_product_name: { name: "kernel-macros-3.12.61-52.146.1.noarch as component of SUSE Linux Enterprise Server 12-LTSS", product_id: "SUSE Linux Enterprise Server 12-LTSS:kernel-macros-3.12.61-52.146.1.noarch", }, product_reference: "kernel-macros-3.12.61-52.146.1.noarch", relates_to_product_reference: "SUSE Linux Enterprise Server 12-LTSS", }, { category: "default_component_of", full_product_name: { name: "kernel-source-3.12.61-52.146.1.noarch as component of SUSE Linux Enterprise Server 12-LTSS", product_id: "SUSE Linux Enterprise Server 12-LTSS:kernel-source-3.12.61-52.146.1.noarch", }, product_reference: "kernel-source-3.12.61-52.146.1.noarch", relates_to_product_reference: "SUSE Linux Enterprise Server 12-LTSS", }, { category: "default_component_of", full_product_name: { name: "kernel-syms-3.12.61-52.146.1.ppc64le as component of SUSE Linux Enterprise Server 12-LTSS", product_id: "SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.146.1.ppc64le", }, product_reference: "kernel-syms-3.12.61-52.146.1.ppc64le", relates_to_product_reference: "SUSE Linux Enterprise Server 12-LTSS", }, { category: "default_component_of", full_product_name: { name: "kernel-syms-3.12.61-52.146.1.s390x as component of SUSE Linux Enterprise Server 12-LTSS", product_id: "SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.146.1.s390x", }, product_reference: "kernel-syms-3.12.61-52.146.1.s390x", relates_to_product_reference: "SUSE Linux Enterprise Server 12-LTSS", }, { category: "default_component_of", full_product_name: { name: "kernel-syms-3.12.61-52.146.1.x86_64 as component of SUSE Linux Enterprise Server 12-LTSS", product_id: "SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.146.1.x86_64", }, product_reference: "kernel-syms-3.12.61-52.146.1.x86_64", relates_to_product_reference: "SUSE Linux Enterprise Server 12-LTSS", }, { category: "default_component_of", full_product_name: { name: "kernel-xen-3.12.61-52.146.1.x86_64 as component of SUSE Linux Enterprise Server 12-LTSS", product_id: "SUSE Linux Enterprise Server 12-LTSS:kernel-xen-3.12.61-52.146.1.x86_64", }, product_reference: "kernel-xen-3.12.61-52.146.1.x86_64", relates_to_product_reference: "SUSE Linux Enterprise Server 12-LTSS", }, { category: "default_component_of", full_product_name: { name: "kernel-xen-base-3.12.61-52.146.1.x86_64 as component of SUSE Linux Enterprise Server 12-LTSS", product_id: "SUSE Linux Enterprise Server 12-LTSS:kernel-xen-base-3.12.61-52.146.1.x86_64", }, product_reference: "kernel-xen-base-3.12.61-52.146.1.x86_64", relates_to_product_reference: "SUSE Linux Enterprise Server 12-LTSS", }, { category: "default_component_of", full_product_name: { name: "kernel-xen-devel-3.12.61-52.146.1.x86_64 as component of SUSE Linux Enterprise Server 12-LTSS", product_id: "SUSE Linux Enterprise Server 12-LTSS:kernel-xen-devel-3.12.61-52.146.1.x86_64", }, product_reference: "kernel-xen-devel-3.12.61-52.146.1.x86_64", relates_to_product_reference: "SUSE Linux Enterprise Server 12-LTSS", }, { category: "default_component_of", full_product_name: { name: "kgraft-patch-3_12_61-52_146-default-1-1.5.1.x86_64 as component of SUSE Linux Enterprise Server 12-LTSS", product_id: "SUSE Linux Enterprise Server 12-LTSS:kgraft-patch-3_12_61-52_146-default-1-1.5.1.x86_64", }, product_reference: "kgraft-patch-3_12_61-52_146-default-1-1.5.1.x86_64", relates_to_product_reference: "SUSE Linux Enterprise Server 12-LTSS", }, { category: "default_component_of", full_product_name: { name: "kgraft-patch-3_12_61-52_146-xen-1-1.5.1.x86_64 as component of SUSE Linux Enterprise Server 12-LTSS", product_id: "SUSE Linux Enterprise Server 12-LTSS:kgraft-patch-3_12_61-52_146-xen-1-1.5.1.x86_64", }, product_reference: "kgraft-patch-3_12_61-52_146-xen-1-1.5.1.x86_64", relates_to_product_reference: "SUSE Linux Enterprise Server 12-LTSS", }, ], }, vulnerabilities: [ { cve: "CVE-2018-10853", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2018-10853", }, ], notes: [ { category: "general", text: "A flaw was found in the way Linux kernel KVM hypervisor before 4.18 emulated instructions such as sgdt/sidt/fxsave/fxrstor. It did not check current privilege(CPL) level while emulating unprivileged instructions. An unprivileged guest user/process could use this flaw to potentially escalate privileges inside guest.", title: "CVE description", }, ], product_status: { recommended: [ "SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-3.12.61-52.146.1.x86_64", "SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-devel-3.12.61-52.146.1.x86_64", "SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-extra-3.12.61-52.146.1.x86_64", "SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.146.1.ppc64le", "SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.146.1.s390x", "SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.146.1.x86_64", "SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.146.1.ppc64le", "SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.146.1.s390x", "SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.146.1.x86_64", "SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.146.1.ppc64le", "SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.146.1.s390x", "SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.146.1.x86_64", "SUSE Linux Enterprise Server 12-LTSS:kernel-default-man-3.12.61-52.146.1.s390x", "SUSE Linux Enterprise Server 12-LTSS:kernel-devel-3.12.61-52.146.1.noarch", "SUSE Linux Enterprise Server 12-LTSS:kernel-macros-3.12.61-52.146.1.noarch", "SUSE Linux Enterprise Server 12-LTSS:kernel-source-3.12.61-52.146.1.noarch", "SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.146.1.ppc64le", "SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.146.1.s390x", "SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.146.1.x86_64", "SUSE Linux Enterprise Server 12-LTSS:kernel-xen-3.12.61-52.146.1.x86_64", "SUSE Linux Enterprise Server 12-LTSS:kernel-xen-base-3.12.61-52.146.1.x86_64", "SUSE Linux Enterprise Server 12-LTSS:kernel-xen-devel-3.12.61-52.146.1.x86_64", "SUSE Linux Enterprise Server 12-LTSS:kgraft-patch-3_12_61-52_146-default-1-1.5.1.x86_64", "SUSE Linux Enterprise Server 12-LTSS:kgraft-patch-3_12_61-52_146-xen-1-1.5.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2018-10853", url: "https://www.suse.com/security/cve/CVE-2018-10853", }, { category: "external", summary: "SUSE Bug 1097104 for CVE-2018-10853", url: "https://bugzilla.suse.com/1097104", }, { category: "external", summary: "SUSE Bug 1097108 for CVE-2018-10853", url: "https://bugzilla.suse.com/1097108", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-3.12.61-52.146.1.x86_64", "SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-devel-3.12.61-52.146.1.x86_64", "SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-extra-3.12.61-52.146.1.x86_64", "SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.146.1.ppc64le", "SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.146.1.s390x", "SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.146.1.x86_64", "SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.146.1.ppc64le", "SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.146.1.s390x", "SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.146.1.x86_64", "SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.146.1.ppc64le", "SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.146.1.s390x", "SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.146.1.x86_64", "SUSE Linux Enterprise Server 12-LTSS:kernel-default-man-3.12.61-52.146.1.s390x", "SUSE Linux Enterprise Server 12-LTSS:kernel-devel-3.12.61-52.146.1.noarch", "SUSE Linux Enterprise Server 12-LTSS:kernel-macros-3.12.61-52.146.1.noarch", "SUSE Linux Enterprise Server 12-LTSS:kernel-source-3.12.61-52.146.1.noarch", "SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.146.1.ppc64le", "SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.146.1.s390x", "SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.146.1.x86_64", "SUSE Linux Enterprise Server 12-LTSS:kernel-xen-3.12.61-52.146.1.x86_64", "SUSE Linux Enterprise Server 12-LTSS:kernel-xen-base-3.12.61-52.146.1.x86_64", "SUSE Linux Enterprise Server 12-LTSS:kernel-xen-devel-3.12.61-52.146.1.x86_64", "SUSE Linux Enterprise Server 12-LTSS:kgraft-patch-3_12_61-52_146-default-1-1.5.1.x86_64", "SUSE Linux Enterprise Server 12-LTSS:kgraft-patch-3_12_61-52_146-xen-1-1.5.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 8.4, baseSeverity: "HIGH", vectorString: "CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", version: "3.0", }, products: [ "SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-3.12.61-52.146.1.x86_64", "SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-devel-3.12.61-52.146.1.x86_64", "SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-extra-3.12.61-52.146.1.x86_64", "SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.146.1.ppc64le", "SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.146.1.s390x", "SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.146.1.x86_64", "SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.146.1.ppc64le", "SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.146.1.s390x", "SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.146.1.x86_64", "SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.146.1.ppc64le", "SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.146.1.s390x", "SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.146.1.x86_64", "SUSE Linux Enterprise Server 12-LTSS:kernel-default-man-3.12.61-52.146.1.s390x", "SUSE Linux Enterprise Server 12-LTSS:kernel-devel-3.12.61-52.146.1.noarch", "SUSE Linux Enterprise Server 12-LTSS:kernel-macros-3.12.61-52.146.1.noarch", "SUSE Linux Enterprise Server 12-LTSS:kernel-source-3.12.61-52.146.1.noarch", "SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.146.1.ppc64le", "SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.146.1.s390x", "SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.146.1.x86_64", "SUSE Linux Enterprise Server 12-LTSS:kernel-xen-3.12.61-52.146.1.x86_64", "SUSE Linux Enterprise Server 12-LTSS:kernel-xen-base-3.12.61-52.146.1.x86_64", "SUSE Linux Enterprise Server 12-LTSS:kernel-xen-devel-3.12.61-52.146.1.x86_64", "SUSE Linux Enterprise Server 12-LTSS:kgraft-patch-3_12_61-52_146-default-1-1.5.1.x86_64", "SUSE Linux Enterprise Server 12-LTSS:kgraft-patch-3_12_61-52_146-xen-1-1.5.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2018-10-09T11:15:29Z", details: "important", }, ], title: "CVE-2018-10853", }, { cve: "CVE-2018-10876", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2018-10876", }, ], notes: [ { category: "general", text: "A flaw was found in Linux kernel in the ext4 filesystem code. A use-after-free is possible in ext4_ext_remove_space() function when mounting and operating a crafted ext4 image.", title: "CVE description", }, ], product_status: { recommended: [ "SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-3.12.61-52.146.1.x86_64", "SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-devel-3.12.61-52.146.1.x86_64", "SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-extra-3.12.61-52.146.1.x86_64", "SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.146.1.ppc64le", "SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.146.1.s390x", "SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.146.1.x86_64", "SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.146.1.ppc64le", "SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.146.1.s390x", "SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.146.1.x86_64", "SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.146.1.ppc64le", "SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.146.1.s390x", "SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.146.1.x86_64", "SUSE Linux Enterprise Server 12-LTSS:kernel-default-man-3.12.61-52.146.1.s390x", "SUSE Linux Enterprise Server 12-LTSS:kernel-devel-3.12.61-52.146.1.noarch", "SUSE Linux Enterprise Server 12-LTSS:kernel-macros-3.12.61-52.146.1.noarch", "SUSE Linux Enterprise Server 12-LTSS:kernel-source-3.12.61-52.146.1.noarch", "SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.146.1.ppc64le", "SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.146.1.s390x", "SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.146.1.x86_64", "SUSE Linux Enterprise Server 12-LTSS:kernel-xen-3.12.61-52.146.1.x86_64", "SUSE Linux Enterprise Server 12-LTSS:kernel-xen-base-3.12.61-52.146.1.x86_64", "SUSE Linux Enterprise Server 12-LTSS:kernel-xen-devel-3.12.61-52.146.1.x86_64", "SUSE Linux Enterprise Server 12-LTSS:kgraft-patch-3_12_61-52_146-default-1-1.5.1.x86_64", "SUSE Linux Enterprise Server 12-LTSS:kgraft-patch-3_12_61-52_146-xen-1-1.5.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2018-10876", url: "https://www.suse.com/security/cve/CVE-2018-10876", }, { category: "external", summary: "SUSE Bug 1099811 for CVE-2018-10876", url: "https://bugzilla.suse.com/1099811", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-3.12.61-52.146.1.x86_64", "SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-devel-3.12.61-52.146.1.x86_64", "SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-extra-3.12.61-52.146.1.x86_64", "SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.146.1.ppc64le", "SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.146.1.s390x", "SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.146.1.x86_64", "SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.146.1.ppc64le", "SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.146.1.s390x", "SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.146.1.x86_64", "SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.146.1.ppc64le", "SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.146.1.s390x", "SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.146.1.x86_64", "SUSE Linux Enterprise Server 12-LTSS:kernel-default-man-3.12.61-52.146.1.s390x", "SUSE Linux Enterprise Server 12-LTSS:kernel-devel-3.12.61-52.146.1.noarch", "SUSE Linux Enterprise Server 12-LTSS:kernel-macros-3.12.61-52.146.1.noarch", "SUSE Linux Enterprise Server 12-LTSS:kernel-source-3.12.61-52.146.1.noarch", "SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.146.1.ppc64le", "SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.146.1.s390x", "SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.146.1.x86_64", "SUSE Linux Enterprise Server 12-LTSS:kernel-xen-3.12.61-52.146.1.x86_64", "SUSE Linux Enterprise Server 12-LTSS:kernel-xen-base-3.12.61-52.146.1.x86_64", "SUSE Linux Enterprise Server 12-LTSS:kernel-xen-devel-3.12.61-52.146.1.x86_64", "SUSE Linux Enterprise Server 12-LTSS:kgraft-patch-3_12_61-52_146-default-1-1.5.1.x86_64", "SUSE Linux Enterprise Server 12-LTSS:kgraft-patch-3_12_61-52_146-xen-1-1.5.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 5, baseSeverity: "MEDIUM", vectorString: "CVSS:3.0/AV:L/AC:L/PR:L/UI:R/S:U/C:N/I:N/A:H", version: "3.0", }, products: [ "SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-3.12.61-52.146.1.x86_64", "SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-devel-3.12.61-52.146.1.x86_64", "SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-extra-3.12.61-52.146.1.x86_64", "SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.146.1.ppc64le", "SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.146.1.s390x", "SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.146.1.x86_64", "SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.146.1.ppc64le", "SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.146.1.s390x", "SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.146.1.x86_64", "SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.146.1.ppc64le", "SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.146.1.s390x", "SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.146.1.x86_64", "SUSE Linux Enterprise Server 12-LTSS:kernel-default-man-3.12.61-52.146.1.s390x", "SUSE Linux Enterprise Server 12-LTSS:kernel-devel-3.12.61-52.146.1.noarch", "SUSE Linux Enterprise Server 12-LTSS:kernel-macros-3.12.61-52.146.1.noarch", "SUSE Linux Enterprise Server 12-LTSS:kernel-source-3.12.61-52.146.1.noarch", "SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.146.1.ppc64le", "SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.146.1.s390x", "SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.146.1.x86_64", "SUSE Linux Enterprise Server 12-LTSS:kernel-xen-3.12.61-52.146.1.x86_64", "SUSE Linux Enterprise Server 12-LTSS:kernel-xen-base-3.12.61-52.146.1.x86_64", "SUSE Linux Enterprise Server 12-LTSS:kernel-xen-devel-3.12.61-52.146.1.x86_64", "SUSE Linux Enterprise Server 12-LTSS:kgraft-patch-3_12_61-52_146-default-1-1.5.1.x86_64", "SUSE Linux Enterprise Server 12-LTSS:kgraft-patch-3_12_61-52_146-xen-1-1.5.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2018-10-09T11:15:29Z", details: "low", }, ], title: "CVE-2018-10876", }, { cve: "CVE-2018-10877", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2018-10877", }, ], notes: [ { category: "general", text: "Linux kernel ext4 filesystem is vulnerable to an out-of-bound access in the ext4_ext_drop_refs() function when operating on a crafted ext4 filesystem image.", title: "CVE description", }, ], product_status: { recommended: [ "SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-3.12.61-52.146.1.x86_64", "SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-devel-3.12.61-52.146.1.x86_64", "SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-extra-3.12.61-52.146.1.x86_64", "SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.146.1.ppc64le", "SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.146.1.s390x", "SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.146.1.x86_64", "SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.146.1.ppc64le", "SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.146.1.s390x", "SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.146.1.x86_64", "SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.146.1.ppc64le", "SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.146.1.s390x", "SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.146.1.x86_64", "SUSE Linux Enterprise Server 12-LTSS:kernel-default-man-3.12.61-52.146.1.s390x", "SUSE Linux Enterprise Server 12-LTSS:kernel-devel-3.12.61-52.146.1.noarch", "SUSE Linux Enterprise Server 12-LTSS:kernel-macros-3.12.61-52.146.1.noarch", "SUSE Linux Enterprise Server 12-LTSS:kernel-source-3.12.61-52.146.1.noarch", "SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.146.1.ppc64le", "SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.146.1.s390x", "SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.146.1.x86_64", "SUSE Linux Enterprise Server 12-LTSS:kernel-xen-3.12.61-52.146.1.x86_64", "SUSE Linux Enterprise Server 12-LTSS:kernel-xen-base-3.12.61-52.146.1.x86_64", "SUSE Linux Enterprise Server 12-LTSS:kernel-xen-devel-3.12.61-52.146.1.x86_64", "SUSE Linux Enterprise Server 12-LTSS:kgraft-patch-3_12_61-52_146-default-1-1.5.1.x86_64", "SUSE Linux Enterprise Server 12-LTSS:kgraft-patch-3_12_61-52_146-xen-1-1.5.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2018-10877", url: "https://www.suse.com/security/cve/CVE-2018-10877", }, { category: "external", summary: "SUSE Bug 1087082 for CVE-2018-10877", url: "https://bugzilla.suse.com/1087082", }, { category: "external", summary: "SUSE Bug 1099846 for CVE-2018-10877", url: "https://bugzilla.suse.com/1099846", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-3.12.61-52.146.1.x86_64", "SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-devel-3.12.61-52.146.1.x86_64", "SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-extra-3.12.61-52.146.1.x86_64", "SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.146.1.ppc64le", "SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.146.1.s390x", "SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.146.1.x86_64", "SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.146.1.ppc64le", "SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.146.1.s390x", "SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.146.1.x86_64", "SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.146.1.ppc64le", "SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.146.1.s390x", "SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.146.1.x86_64", "SUSE Linux Enterprise Server 12-LTSS:kernel-default-man-3.12.61-52.146.1.s390x", "SUSE Linux Enterprise Server 12-LTSS:kernel-devel-3.12.61-52.146.1.noarch", "SUSE Linux Enterprise Server 12-LTSS:kernel-macros-3.12.61-52.146.1.noarch", "SUSE Linux Enterprise Server 12-LTSS:kernel-source-3.12.61-52.146.1.noarch", "SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.146.1.ppc64le", "SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.146.1.s390x", "SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.146.1.x86_64", "SUSE Linux Enterprise Server 12-LTSS:kernel-xen-3.12.61-52.146.1.x86_64", "SUSE Linux Enterprise Server 12-LTSS:kernel-xen-base-3.12.61-52.146.1.x86_64", "SUSE Linux Enterprise Server 12-LTSS:kernel-xen-devel-3.12.61-52.146.1.x86_64", "SUSE Linux Enterprise Server 12-LTSS:kgraft-patch-3_12_61-52_146-default-1-1.5.1.x86_64", "SUSE Linux Enterprise Server 12-LTSS:kgraft-patch-3_12_61-52_146-xen-1-1.5.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 6.7, baseSeverity: "MEDIUM", vectorString: "CVSS:3.0/AV:L/AC:H/PR:L/UI:R/S:U/C:H/I:H/A:H", version: "3.0", }, products: [ "SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-3.12.61-52.146.1.x86_64", "SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-devel-3.12.61-52.146.1.x86_64", "SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-extra-3.12.61-52.146.1.x86_64", "SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.146.1.ppc64le", "SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.146.1.s390x", "SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.146.1.x86_64", "SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.146.1.ppc64le", "SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.146.1.s390x", "SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.146.1.x86_64", "SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.146.1.ppc64le", "SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.146.1.s390x", "SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.146.1.x86_64", "SUSE Linux Enterprise Server 12-LTSS:kernel-default-man-3.12.61-52.146.1.s390x", "SUSE Linux Enterprise Server 12-LTSS:kernel-devel-3.12.61-52.146.1.noarch", "SUSE Linux Enterprise Server 12-LTSS:kernel-macros-3.12.61-52.146.1.noarch", "SUSE Linux Enterprise Server 12-LTSS:kernel-source-3.12.61-52.146.1.noarch", "SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.146.1.ppc64le", "SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.146.1.s390x", "SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.146.1.x86_64", "SUSE Linux Enterprise Server 12-LTSS:kernel-xen-3.12.61-52.146.1.x86_64", "SUSE Linux Enterprise Server 12-LTSS:kernel-xen-base-3.12.61-52.146.1.x86_64", "SUSE Linux Enterprise Server 12-LTSS:kernel-xen-devel-3.12.61-52.146.1.x86_64", "SUSE Linux Enterprise Server 12-LTSS:kgraft-patch-3_12_61-52_146-default-1-1.5.1.x86_64", "SUSE Linux Enterprise Server 12-LTSS:kgraft-patch-3_12_61-52_146-xen-1-1.5.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2018-10-09T11:15:29Z", details: "low", }, ], title: "CVE-2018-10877", }, { cve: "CVE-2018-10878", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2018-10878", }, ], notes: [ { category: "general", text: "A flaw was found in the Linux kernel's ext4 filesystem. A local user can cause an out-of-bounds write and a denial of service or unspecified other impact is possible by mounting and operating a crafted ext4 filesystem image.", title: "CVE description", }, ], product_status: { recommended: [ "SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-3.12.61-52.146.1.x86_64", "SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-devel-3.12.61-52.146.1.x86_64", "SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-extra-3.12.61-52.146.1.x86_64", "SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.146.1.ppc64le", "SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.146.1.s390x", "SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.146.1.x86_64", "SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.146.1.ppc64le", "SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.146.1.s390x", "SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.146.1.x86_64", "SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.146.1.ppc64le", "SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.146.1.s390x", "SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.146.1.x86_64", "SUSE Linux Enterprise Server 12-LTSS:kernel-default-man-3.12.61-52.146.1.s390x", "SUSE Linux Enterprise Server 12-LTSS:kernel-devel-3.12.61-52.146.1.noarch", "SUSE Linux Enterprise Server 12-LTSS:kernel-macros-3.12.61-52.146.1.noarch", "SUSE Linux Enterprise Server 12-LTSS:kernel-source-3.12.61-52.146.1.noarch", "SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.146.1.ppc64le", "SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.146.1.s390x", "SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.146.1.x86_64", "SUSE Linux Enterprise Server 12-LTSS:kernel-xen-3.12.61-52.146.1.x86_64", "SUSE Linux Enterprise Server 12-LTSS:kernel-xen-base-3.12.61-52.146.1.x86_64", "SUSE Linux Enterprise Server 12-LTSS:kernel-xen-devel-3.12.61-52.146.1.x86_64", "SUSE Linux Enterprise Server 12-LTSS:kgraft-patch-3_12_61-52_146-default-1-1.5.1.x86_64", "SUSE Linux Enterprise Server 12-LTSS:kgraft-patch-3_12_61-52_146-xen-1-1.5.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2018-10878", url: "https://www.suse.com/security/cve/CVE-2018-10878", }, { category: "external", summary: "SUSE Bug 1087082 for CVE-2018-10878", url: "https://bugzilla.suse.com/1087082", }, { category: "external", summary: "SUSE Bug 1099813 for CVE-2018-10878", url: "https://bugzilla.suse.com/1099813", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-3.12.61-52.146.1.x86_64", "SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-devel-3.12.61-52.146.1.x86_64", "SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-extra-3.12.61-52.146.1.x86_64", "SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.146.1.ppc64le", "SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.146.1.s390x", "SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.146.1.x86_64", "SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.146.1.ppc64le", "SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.146.1.s390x", "SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.146.1.x86_64", "SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.146.1.ppc64le", "SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.146.1.s390x", "SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.146.1.x86_64", "SUSE Linux Enterprise Server 12-LTSS:kernel-default-man-3.12.61-52.146.1.s390x", "SUSE Linux Enterprise Server 12-LTSS:kernel-devel-3.12.61-52.146.1.noarch", "SUSE Linux Enterprise Server 12-LTSS:kernel-macros-3.12.61-52.146.1.noarch", "SUSE Linux Enterprise Server 12-LTSS:kernel-source-3.12.61-52.146.1.noarch", "SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.146.1.ppc64le", "SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.146.1.s390x", "SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.146.1.x86_64", "SUSE Linux Enterprise Server 12-LTSS:kernel-xen-3.12.61-52.146.1.x86_64", "SUSE Linux Enterprise Server 12-LTSS:kernel-xen-base-3.12.61-52.146.1.x86_64", "SUSE Linux Enterprise Server 12-LTSS:kernel-xen-devel-3.12.61-52.146.1.x86_64", "SUSE Linux Enterprise Server 12-LTSS:kgraft-patch-3_12_61-52_146-default-1-1.5.1.x86_64", "SUSE Linux Enterprise Server 12-LTSS:kgraft-patch-3_12_61-52_146-xen-1-1.5.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 6.6, baseSeverity: "MEDIUM", vectorString: "CVSS:3.0/AV:L/AC:L/PR:L/UI:R/S:U/C:N/I:H/A:H", version: "3.0", }, products: [ "SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-3.12.61-52.146.1.x86_64", "SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-devel-3.12.61-52.146.1.x86_64", "SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-extra-3.12.61-52.146.1.x86_64", "SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.146.1.ppc64le", "SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.146.1.s390x", "SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.146.1.x86_64", "SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.146.1.ppc64le", "SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.146.1.s390x", "SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.146.1.x86_64", "SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.146.1.ppc64le", "SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.146.1.s390x", "SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.146.1.x86_64", "SUSE Linux Enterprise Server 12-LTSS:kernel-default-man-3.12.61-52.146.1.s390x", "SUSE Linux Enterprise Server 12-LTSS:kernel-devel-3.12.61-52.146.1.noarch", "SUSE Linux Enterprise Server 12-LTSS:kernel-macros-3.12.61-52.146.1.noarch", "SUSE Linux Enterprise Server 12-LTSS:kernel-source-3.12.61-52.146.1.noarch", "SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.146.1.ppc64le", "SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.146.1.s390x", "SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.146.1.x86_64", "SUSE Linux Enterprise Server 12-LTSS:kernel-xen-3.12.61-52.146.1.x86_64", "SUSE Linux Enterprise Server 12-LTSS:kernel-xen-base-3.12.61-52.146.1.x86_64", "SUSE Linux Enterprise Server 12-LTSS:kernel-xen-devel-3.12.61-52.146.1.x86_64", "SUSE Linux Enterprise Server 12-LTSS:kgraft-patch-3_12_61-52_146-default-1-1.5.1.x86_64", "SUSE Linux Enterprise Server 12-LTSS:kgraft-patch-3_12_61-52_146-xen-1-1.5.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2018-10-09T11:15:29Z", details: "moderate", }, ], title: "CVE-2018-10878", }, { cve: "CVE-2018-10879", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2018-10879", }, ], notes: [ { category: "general", text: "A flaw was found in the Linux kernel's ext4 filesystem. A local user can cause a use-after-free in ext4_xattr_set_entry function and a denial of service or unspecified other impact may occur by renaming a file in a crafted ext4 filesystem image.", title: "CVE description", }, ], product_status: { recommended: [ "SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-3.12.61-52.146.1.x86_64", "SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-devel-3.12.61-52.146.1.x86_64", "SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-extra-3.12.61-52.146.1.x86_64", "SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.146.1.ppc64le", "SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.146.1.s390x", "SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.146.1.x86_64", "SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.146.1.ppc64le", "SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.146.1.s390x", "SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.146.1.x86_64", "SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.146.1.ppc64le", "SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.146.1.s390x", "SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.146.1.x86_64", "SUSE Linux Enterprise Server 12-LTSS:kernel-default-man-3.12.61-52.146.1.s390x", "SUSE Linux Enterprise Server 12-LTSS:kernel-devel-3.12.61-52.146.1.noarch", "SUSE Linux Enterprise Server 12-LTSS:kernel-macros-3.12.61-52.146.1.noarch", "SUSE Linux Enterprise Server 12-LTSS:kernel-source-3.12.61-52.146.1.noarch", "SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.146.1.ppc64le", "SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.146.1.s390x", "SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.146.1.x86_64", "SUSE Linux Enterprise Server 12-LTSS:kernel-xen-3.12.61-52.146.1.x86_64", "SUSE Linux Enterprise Server 12-LTSS:kernel-xen-base-3.12.61-52.146.1.x86_64", "SUSE Linux Enterprise Server 12-LTSS:kernel-xen-devel-3.12.61-52.146.1.x86_64", "SUSE Linux Enterprise Server 12-LTSS:kgraft-patch-3_12_61-52_146-default-1-1.5.1.x86_64", "SUSE Linux Enterprise Server 12-LTSS:kgraft-patch-3_12_61-52_146-xen-1-1.5.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2018-10879", url: "https://www.suse.com/security/cve/CVE-2018-10879", }, { category: "external", summary: "SUSE Bug 1087082 for CVE-2018-10879", url: "https://bugzilla.suse.com/1087082", }, { category: "external", summary: "SUSE Bug 1099844 for CVE-2018-10879", url: "https://bugzilla.suse.com/1099844", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-3.12.61-52.146.1.x86_64", "SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-devel-3.12.61-52.146.1.x86_64", "SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-extra-3.12.61-52.146.1.x86_64", "SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.146.1.ppc64le", "SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.146.1.s390x", "SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.146.1.x86_64", "SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.146.1.ppc64le", "SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.146.1.s390x", "SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.146.1.x86_64", "SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.146.1.ppc64le", "SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.146.1.s390x", "SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.146.1.x86_64", "SUSE Linux Enterprise Server 12-LTSS:kernel-default-man-3.12.61-52.146.1.s390x", "SUSE Linux Enterprise Server 12-LTSS:kernel-devel-3.12.61-52.146.1.noarch", "SUSE Linux Enterprise Server 12-LTSS:kernel-macros-3.12.61-52.146.1.noarch", "SUSE Linux Enterprise Server 12-LTSS:kernel-source-3.12.61-52.146.1.noarch", "SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.146.1.ppc64le", "SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.146.1.s390x", "SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.146.1.x86_64", "SUSE Linux Enterprise Server 12-LTSS:kernel-xen-3.12.61-52.146.1.x86_64", "SUSE Linux Enterprise Server 12-LTSS:kernel-xen-base-3.12.61-52.146.1.x86_64", "SUSE Linux Enterprise Server 12-LTSS:kernel-xen-devel-3.12.61-52.146.1.x86_64", "SUSE Linux Enterprise Server 12-LTSS:kgraft-patch-3_12_61-52_146-default-1-1.5.1.x86_64", "SUSE Linux Enterprise Server 12-LTSS:kgraft-patch-3_12_61-52_146-xen-1-1.5.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 5, baseSeverity: "MEDIUM", vectorString: "CVSS:3.0/AV:L/AC:L/PR:L/UI:R/S:U/C:N/I:N/A:H", version: "3.0", }, products: [ "SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-3.12.61-52.146.1.x86_64", "SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-devel-3.12.61-52.146.1.x86_64", "SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-extra-3.12.61-52.146.1.x86_64", "SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.146.1.ppc64le", "SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.146.1.s390x", "SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.146.1.x86_64", "SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.146.1.ppc64le", "SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.146.1.s390x", "SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.146.1.x86_64", "SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.146.1.ppc64le", "SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.146.1.s390x", "SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.146.1.x86_64", "SUSE Linux Enterprise Server 12-LTSS:kernel-default-man-3.12.61-52.146.1.s390x", "SUSE Linux Enterprise Server 12-LTSS:kernel-devel-3.12.61-52.146.1.noarch", "SUSE Linux Enterprise Server 12-LTSS:kernel-macros-3.12.61-52.146.1.noarch", "SUSE Linux Enterprise Server 12-LTSS:kernel-source-3.12.61-52.146.1.noarch", "SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.146.1.ppc64le", "SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.146.1.s390x", "SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.146.1.x86_64", "SUSE Linux Enterprise Server 12-LTSS:kernel-xen-3.12.61-52.146.1.x86_64", "SUSE Linux Enterprise Server 12-LTSS:kernel-xen-base-3.12.61-52.146.1.x86_64", "SUSE Linux Enterprise Server 12-LTSS:kernel-xen-devel-3.12.61-52.146.1.x86_64", "SUSE Linux Enterprise Server 12-LTSS:kgraft-patch-3_12_61-52_146-default-1-1.5.1.x86_64", "SUSE Linux Enterprise Server 12-LTSS:kgraft-patch-3_12_61-52_146-xen-1-1.5.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2018-10-09T11:15:29Z", details: "moderate", }, ], title: "CVE-2018-10879", }, { cve: "CVE-2018-10880", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2018-10880", }, ], notes: [ { category: "general", text: "Linux kernel is vulnerable to a stack-out-of-bounds write in the ext4 filesystem code when mounting and writing to a crafted ext4 image in ext4_update_inline_data(). An attacker could use this to cause a system crash and a denial of service.", title: "CVE description", }, ], product_status: { recommended: [ "SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-3.12.61-52.146.1.x86_64", "SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-devel-3.12.61-52.146.1.x86_64", "SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-extra-3.12.61-52.146.1.x86_64", "SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.146.1.ppc64le", "SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.146.1.s390x", "SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.146.1.x86_64", "SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.146.1.ppc64le", "SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.146.1.s390x", "SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.146.1.x86_64", "SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.146.1.ppc64le", "SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.146.1.s390x", "SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.146.1.x86_64", "SUSE Linux Enterprise Server 12-LTSS:kernel-default-man-3.12.61-52.146.1.s390x", "SUSE Linux Enterprise Server 12-LTSS:kernel-devel-3.12.61-52.146.1.noarch", "SUSE Linux Enterprise Server 12-LTSS:kernel-macros-3.12.61-52.146.1.noarch", "SUSE Linux Enterprise Server 12-LTSS:kernel-source-3.12.61-52.146.1.noarch", "SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.146.1.ppc64le", "SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.146.1.s390x", "SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.146.1.x86_64", "SUSE Linux Enterprise Server 12-LTSS:kernel-xen-3.12.61-52.146.1.x86_64", "SUSE Linux Enterprise Server 12-LTSS:kernel-xen-base-3.12.61-52.146.1.x86_64", "SUSE Linux Enterprise Server 12-LTSS:kernel-xen-devel-3.12.61-52.146.1.x86_64", "SUSE Linux Enterprise Server 12-LTSS:kgraft-patch-3_12_61-52_146-default-1-1.5.1.x86_64", "SUSE Linux Enterprise Server 12-LTSS:kgraft-patch-3_12_61-52_146-xen-1-1.5.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2018-10880", url: "https://www.suse.com/security/cve/CVE-2018-10880", }, { category: "external", summary: "SUSE Bug 1087082 for CVE-2018-10880", url: "https://bugzilla.suse.com/1087082", }, { category: "external", summary: "SUSE Bug 1099845 for CVE-2018-10880", url: "https://bugzilla.suse.com/1099845", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-3.12.61-52.146.1.x86_64", "SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-devel-3.12.61-52.146.1.x86_64", "SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-extra-3.12.61-52.146.1.x86_64", "SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.146.1.ppc64le", "SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.146.1.s390x", "SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.146.1.x86_64", "SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.146.1.ppc64le", "SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.146.1.s390x", "SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.146.1.x86_64", "SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.146.1.ppc64le", "SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.146.1.s390x", "SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.146.1.x86_64", "SUSE Linux Enterprise Server 12-LTSS:kernel-default-man-3.12.61-52.146.1.s390x", "SUSE Linux Enterprise Server 12-LTSS:kernel-devel-3.12.61-52.146.1.noarch", "SUSE Linux Enterprise Server 12-LTSS:kernel-macros-3.12.61-52.146.1.noarch", "SUSE Linux Enterprise Server 12-LTSS:kernel-source-3.12.61-52.146.1.noarch", "SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.146.1.ppc64le", "SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.146.1.s390x", "SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.146.1.x86_64", "SUSE Linux Enterprise Server 12-LTSS:kernel-xen-3.12.61-52.146.1.x86_64", "SUSE Linux Enterprise Server 12-LTSS:kernel-xen-base-3.12.61-52.146.1.x86_64", "SUSE Linux Enterprise Server 12-LTSS:kernel-xen-devel-3.12.61-52.146.1.x86_64", "SUSE Linux Enterprise Server 12-LTSS:kgraft-patch-3_12_61-52_146-default-1-1.5.1.x86_64", "SUSE Linux Enterprise Server 12-LTSS:kgraft-patch-3_12_61-52_146-xen-1-1.5.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 5.6, baseSeverity: "MEDIUM", vectorString: "CVSS:3.0/AV:L/AC:L/PR:L/UI:R/S:U/C:N/I:L/A:H", version: "3.0", }, products: [ "SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-3.12.61-52.146.1.x86_64", "SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-devel-3.12.61-52.146.1.x86_64", "SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-extra-3.12.61-52.146.1.x86_64", "SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.146.1.ppc64le", "SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.146.1.s390x", "SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.146.1.x86_64", "SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.146.1.ppc64le", "SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.146.1.s390x", "SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.146.1.x86_64", "SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.146.1.ppc64le", "SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.146.1.s390x", "SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.146.1.x86_64", "SUSE Linux Enterprise Server 12-LTSS:kernel-default-man-3.12.61-52.146.1.s390x", "SUSE Linux Enterprise Server 12-LTSS:kernel-devel-3.12.61-52.146.1.noarch", "SUSE Linux Enterprise Server 12-LTSS:kernel-macros-3.12.61-52.146.1.noarch", "SUSE Linux Enterprise Server 12-LTSS:kernel-source-3.12.61-52.146.1.noarch", "SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.146.1.ppc64le", "SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.146.1.s390x", "SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.146.1.x86_64", "SUSE Linux Enterprise Server 12-LTSS:kernel-xen-3.12.61-52.146.1.x86_64", "SUSE Linux Enterprise Server 12-LTSS:kernel-xen-base-3.12.61-52.146.1.x86_64", "SUSE Linux Enterprise Server 12-LTSS:kernel-xen-devel-3.12.61-52.146.1.x86_64", "SUSE Linux Enterprise Server 12-LTSS:kgraft-patch-3_12_61-52_146-default-1-1.5.1.x86_64", "SUSE Linux Enterprise Server 12-LTSS:kgraft-patch-3_12_61-52_146-xen-1-1.5.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2018-10-09T11:15:29Z", details: "moderate", }, ], title: "CVE-2018-10880", }, { cve: "CVE-2018-10881", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2018-10881", }, ], notes: [ { category: "general", text: "A flaw was found in the Linux kernel's ext4 filesystem. A local user can cause an out-of-bound access in ext4_get_group_info function, a denial of service, and a system crash by mounting and operating on a crafted ext4 filesystem image.", title: "CVE description", }, ], product_status: { recommended: [ "SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-3.12.61-52.146.1.x86_64", "SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-devel-3.12.61-52.146.1.x86_64", "SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-extra-3.12.61-52.146.1.x86_64", "SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.146.1.ppc64le", "SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.146.1.s390x", "SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.146.1.x86_64", "SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.146.1.ppc64le", "SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.146.1.s390x", "SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.146.1.x86_64", "SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.146.1.ppc64le", "SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.146.1.s390x", "SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.146.1.x86_64", "SUSE Linux Enterprise Server 12-LTSS:kernel-default-man-3.12.61-52.146.1.s390x", "SUSE Linux Enterprise Server 12-LTSS:kernel-devel-3.12.61-52.146.1.noarch", "SUSE Linux Enterprise Server 12-LTSS:kernel-macros-3.12.61-52.146.1.noarch", "SUSE Linux Enterprise Server 12-LTSS:kernel-source-3.12.61-52.146.1.noarch", "SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.146.1.ppc64le", "SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.146.1.s390x", "SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.146.1.x86_64", "SUSE Linux Enterprise Server 12-LTSS:kernel-xen-3.12.61-52.146.1.x86_64", "SUSE Linux Enterprise Server 12-LTSS:kernel-xen-base-3.12.61-52.146.1.x86_64", "SUSE Linux Enterprise Server 12-LTSS:kernel-xen-devel-3.12.61-52.146.1.x86_64", "SUSE Linux Enterprise Server 12-LTSS:kgraft-patch-3_12_61-52_146-default-1-1.5.1.x86_64", "SUSE Linux Enterprise Server 12-LTSS:kgraft-patch-3_12_61-52_146-xen-1-1.5.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2018-10881", url: "https://www.suse.com/security/cve/CVE-2018-10881", }, { category: "external", summary: "SUSE Bug 1087082 for CVE-2018-10881", url: "https://bugzilla.suse.com/1087082", }, { category: "external", summary: "SUSE Bug 1099864 for CVE-2018-10881", url: "https://bugzilla.suse.com/1099864", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-3.12.61-52.146.1.x86_64", "SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-devel-3.12.61-52.146.1.x86_64", "SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-extra-3.12.61-52.146.1.x86_64", "SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.146.1.ppc64le", "SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.146.1.s390x", "SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.146.1.x86_64", "SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.146.1.ppc64le", "SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.146.1.s390x", "SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.146.1.x86_64", "SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.146.1.ppc64le", "SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.146.1.s390x", "SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.146.1.x86_64", "SUSE Linux Enterprise Server 12-LTSS:kernel-default-man-3.12.61-52.146.1.s390x", "SUSE Linux Enterprise Server 12-LTSS:kernel-devel-3.12.61-52.146.1.noarch", "SUSE Linux Enterprise Server 12-LTSS:kernel-macros-3.12.61-52.146.1.noarch", "SUSE Linux Enterprise Server 12-LTSS:kernel-source-3.12.61-52.146.1.noarch", "SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.146.1.ppc64le", "SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.146.1.s390x", "SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.146.1.x86_64", "SUSE Linux Enterprise Server 12-LTSS:kernel-xen-3.12.61-52.146.1.x86_64", "SUSE Linux Enterprise Server 12-LTSS:kernel-xen-base-3.12.61-52.146.1.x86_64", "SUSE Linux Enterprise Server 12-LTSS:kernel-xen-devel-3.12.61-52.146.1.x86_64", "SUSE Linux Enterprise Server 12-LTSS:kgraft-patch-3_12_61-52_146-default-1-1.5.1.x86_64", "SUSE Linux Enterprise Server 12-LTSS:kgraft-patch-3_12_61-52_146-xen-1-1.5.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 5, baseSeverity: "MEDIUM", vectorString: "CVSS:3.0/AV:L/AC:L/PR:L/UI:R/S:U/C:N/I:N/A:H", version: "3.0", }, products: [ "SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-3.12.61-52.146.1.x86_64", "SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-devel-3.12.61-52.146.1.x86_64", "SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-extra-3.12.61-52.146.1.x86_64", "SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.146.1.ppc64le", "SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.146.1.s390x", "SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.146.1.x86_64", "SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.146.1.ppc64le", "SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.146.1.s390x", "SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.146.1.x86_64", "SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.146.1.ppc64le", "SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.146.1.s390x", "SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.146.1.x86_64", "SUSE Linux Enterprise Server 12-LTSS:kernel-default-man-3.12.61-52.146.1.s390x", "SUSE Linux Enterprise Server 12-LTSS:kernel-devel-3.12.61-52.146.1.noarch", "SUSE Linux Enterprise Server 12-LTSS:kernel-macros-3.12.61-52.146.1.noarch", "SUSE Linux Enterprise Server 12-LTSS:kernel-source-3.12.61-52.146.1.noarch", "SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.146.1.ppc64le", "SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.146.1.s390x", "SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.146.1.x86_64", "SUSE Linux Enterprise Server 12-LTSS:kernel-xen-3.12.61-52.146.1.x86_64", "SUSE Linux Enterprise Server 12-LTSS:kernel-xen-base-3.12.61-52.146.1.x86_64", "SUSE Linux Enterprise Server 12-LTSS:kernel-xen-devel-3.12.61-52.146.1.x86_64", "SUSE Linux Enterprise Server 12-LTSS:kgraft-patch-3_12_61-52_146-default-1-1.5.1.x86_64", "SUSE Linux Enterprise Server 12-LTSS:kgraft-patch-3_12_61-52_146-xen-1-1.5.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2018-10-09T11:15:29Z", details: "moderate", }, ], title: "CVE-2018-10881", }, { cve: "CVE-2018-10882", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2018-10882", }, ], notes: [ { category: "general", text: "A flaw was found in the Linux kernel's ext4 filesystem. A local user can cause an out-of-bound write in in fs/jbd2/transaction.c code, a denial of service, and a system crash by unmounting a crafted ext4 filesystem image.", title: "CVE description", }, ], product_status: { recommended: [ "SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-3.12.61-52.146.1.x86_64", "SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-devel-3.12.61-52.146.1.x86_64", "SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-extra-3.12.61-52.146.1.x86_64", "SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.146.1.ppc64le", "SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.146.1.s390x", "SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.146.1.x86_64", "SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.146.1.ppc64le", "SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.146.1.s390x", "SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.146.1.x86_64", "SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.146.1.ppc64le", "SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.146.1.s390x", "SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.146.1.x86_64", "SUSE Linux Enterprise Server 12-LTSS:kernel-default-man-3.12.61-52.146.1.s390x", "SUSE Linux Enterprise Server 12-LTSS:kernel-devel-3.12.61-52.146.1.noarch", "SUSE Linux Enterprise Server 12-LTSS:kernel-macros-3.12.61-52.146.1.noarch", "SUSE Linux Enterprise Server 12-LTSS:kernel-source-3.12.61-52.146.1.noarch", "SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.146.1.ppc64le", "SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.146.1.s390x", "SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.146.1.x86_64", "SUSE Linux Enterprise Server 12-LTSS:kernel-xen-3.12.61-52.146.1.x86_64", "SUSE Linux Enterprise Server 12-LTSS:kernel-xen-base-3.12.61-52.146.1.x86_64", "SUSE Linux Enterprise Server 12-LTSS:kernel-xen-devel-3.12.61-52.146.1.x86_64", "SUSE Linux Enterprise Server 12-LTSS:kgraft-patch-3_12_61-52_146-default-1-1.5.1.x86_64", "SUSE Linux Enterprise Server 12-LTSS:kgraft-patch-3_12_61-52_146-xen-1-1.5.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2018-10882", url: "https://www.suse.com/security/cve/CVE-2018-10882", }, { category: "external", summary: "SUSE Bug 1087082 for CVE-2018-10882", url: "https://bugzilla.suse.com/1087082", }, { category: "external", summary: "SUSE Bug 1099849 for CVE-2018-10882", url: "https://bugzilla.suse.com/1099849", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-3.12.61-52.146.1.x86_64", "SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-devel-3.12.61-52.146.1.x86_64", "SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-extra-3.12.61-52.146.1.x86_64", "SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.146.1.ppc64le", "SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.146.1.s390x", "SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.146.1.x86_64", "SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.146.1.ppc64le", "SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.146.1.s390x", "SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.146.1.x86_64", "SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.146.1.ppc64le", "SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.146.1.s390x", "SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.146.1.x86_64", "SUSE Linux Enterprise Server 12-LTSS:kernel-default-man-3.12.61-52.146.1.s390x", "SUSE Linux Enterprise Server 12-LTSS:kernel-devel-3.12.61-52.146.1.noarch", "SUSE Linux Enterprise Server 12-LTSS:kernel-macros-3.12.61-52.146.1.noarch", "SUSE Linux Enterprise Server 12-LTSS:kernel-source-3.12.61-52.146.1.noarch", "SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.146.1.ppc64le", "SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.146.1.s390x", "SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.146.1.x86_64", "SUSE Linux Enterprise Server 12-LTSS:kernel-xen-3.12.61-52.146.1.x86_64", "SUSE Linux Enterprise Server 12-LTSS:kernel-xen-base-3.12.61-52.146.1.x86_64", "SUSE Linux Enterprise Server 12-LTSS:kernel-xen-devel-3.12.61-52.146.1.x86_64", "SUSE Linux Enterprise Server 12-LTSS:kgraft-patch-3_12_61-52_146-default-1-1.5.1.x86_64", "SUSE Linux Enterprise Server 12-LTSS:kgraft-patch-3_12_61-52_146-xen-1-1.5.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 5, baseSeverity: "MEDIUM", vectorString: "CVSS:3.0/AV:L/AC:L/PR:L/UI:R/S:U/C:N/I:N/A:H", version: "3.0", }, products: [ "SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-3.12.61-52.146.1.x86_64", "SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-devel-3.12.61-52.146.1.x86_64", "SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-extra-3.12.61-52.146.1.x86_64", "SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.146.1.ppc64le", "SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.146.1.s390x", "SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.146.1.x86_64", "SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.146.1.ppc64le", "SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.146.1.s390x", "SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.146.1.x86_64", "SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.146.1.ppc64le", "SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.146.1.s390x", "SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.146.1.x86_64", "SUSE Linux Enterprise Server 12-LTSS:kernel-default-man-3.12.61-52.146.1.s390x", "SUSE Linux Enterprise Server 12-LTSS:kernel-devel-3.12.61-52.146.1.noarch", "SUSE Linux Enterprise Server 12-LTSS:kernel-macros-3.12.61-52.146.1.noarch", "SUSE Linux Enterprise Server 12-LTSS:kernel-source-3.12.61-52.146.1.noarch", "SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.146.1.ppc64le", "SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.146.1.s390x", "SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.146.1.x86_64", "SUSE Linux Enterprise Server 12-LTSS:kernel-xen-3.12.61-52.146.1.x86_64", "SUSE Linux Enterprise Server 12-LTSS:kernel-xen-base-3.12.61-52.146.1.x86_64", "SUSE Linux Enterprise Server 12-LTSS:kernel-xen-devel-3.12.61-52.146.1.x86_64", "SUSE Linux Enterprise Server 12-LTSS:kgraft-patch-3_12_61-52_146-default-1-1.5.1.x86_64", "SUSE Linux Enterprise Server 12-LTSS:kgraft-patch-3_12_61-52_146-xen-1-1.5.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2018-10-09T11:15:29Z", details: "moderate", }, ], title: "CVE-2018-10882", }, { cve: "CVE-2018-10883", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2018-10883", }, ], notes: [ { category: "general", text: "A flaw was found in the Linux kernel's ext4 filesystem. A local user can cause an out-of-bounds write in jbd2_journal_dirty_metadata(), a denial of service, and a system crash by mounting and operating on a crafted ext4 filesystem image.", title: "CVE description", }, ], product_status: { recommended: [ "SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-3.12.61-52.146.1.x86_64", "SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-devel-3.12.61-52.146.1.x86_64", "SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-extra-3.12.61-52.146.1.x86_64", "SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.146.1.ppc64le", "SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.146.1.s390x", "SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.146.1.x86_64", "SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.146.1.ppc64le", "SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.146.1.s390x", "SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.146.1.x86_64", "SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.146.1.ppc64le", "SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.146.1.s390x", "SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.146.1.x86_64", "SUSE Linux Enterprise Server 12-LTSS:kernel-default-man-3.12.61-52.146.1.s390x", "SUSE Linux Enterprise Server 12-LTSS:kernel-devel-3.12.61-52.146.1.noarch", "SUSE Linux Enterprise Server 12-LTSS:kernel-macros-3.12.61-52.146.1.noarch", "SUSE Linux Enterprise Server 12-LTSS:kernel-source-3.12.61-52.146.1.noarch", "SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.146.1.ppc64le", "SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.146.1.s390x", "SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.146.1.x86_64", "SUSE Linux Enterprise Server 12-LTSS:kernel-xen-3.12.61-52.146.1.x86_64", "SUSE Linux Enterprise Server 12-LTSS:kernel-xen-base-3.12.61-52.146.1.x86_64", "SUSE Linux Enterprise Server 12-LTSS:kernel-xen-devel-3.12.61-52.146.1.x86_64", "SUSE Linux Enterprise Server 12-LTSS:kgraft-patch-3_12_61-52_146-default-1-1.5.1.x86_64", "SUSE Linux Enterprise Server 12-LTSS:kgraft-patch-3_12_61-52_146-xen-1-1.5.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2018-10883", url: "https://www.suse.com/security/cve/CVE-2018-10883", }, { category: "external", summary: "SUSE Bug 1087082 for CVE-2018-10883", url: "https://bugzilla.suse.com/1087082", }, { category: "external", summary: "SUSE Bug 1099863 for CVE-2018-10883", url: "https://bugzilla.suse.com/1099863", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-3.12.61-52.146.1.x86_64", "SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-devel-3.12.61-52.146.1.x86_64", "SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-extra-3.12.61-52.146.1.x86_64", "SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.146.1.ppc64le", "SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.146.1.s390x", "SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.146.1.x86_64", "SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.146.1.ppc64le", "SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.146.1.s390x", "SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.146.1.x86_64", "SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.146.1.ppc64le", "SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.146.1.s390x", "SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.146.1.x86_64", "SUSE Linux Enterprise Server 12-LTSS:kernel-default-man-3.12.61-52.146.1.s390x", "SUSE Linux Enterprise Server 12-LTSS:kernel-devel-3.12.61-52.146.1.noarch", "SUSE Linux Enterprise Server 12-LTSS:kernel-macros-3.12.61-52.146.1.noarch", "SUSE Linux Enterprise Server 12-LTSS:kernel-source-3.12.61-52.146.1.noarch", "SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.146.1.ppc64le", "SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.146.1.s390x", "SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.146.1.x86_64", "SUSE Linux Enterprise Server 12-LTSS:kernel-xen-3.12.61-52.146.1.x86_64", "SUSE Linux Enterprise Server 12-LTSS:kernel-xen-base-3.12.61-52.146.1.x86_64", "SUSE Linux Enterprise Server 12-LTSS:kernel-xen-devel-3.12.61-52.146.1.x86_64", "SUSE Linux Enterprise Server 12-LTSS:kgraft-patch-3_12_61-52_146-default-1-1.5.1.x86_64", "SUSE Linux Enterprise Server 12-LTSS:kgraft-patch-3_12_61-52_146-xen-1-1.5.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 5, baseSeverity: "MEDIUM", vectorString: "CVSS:3.0/AV:L/AC:L/PR:L/UI:R/S:U/C:N/I:N/A:H", version: "3.0", }, products: [ "SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-3.12.61-52.146.1.x86_64", "SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-devel-3.12.61-52.146.1.x86_64", "SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-extra-3.12.61-52.146.1.x86_64", "SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.146.1.ppc64le", "SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.146.1.s390x", "SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.146.1.x86_64", "SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.146.1.ppc64le", "SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.146.1.s390x", "SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.146.1.x86_64", "SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.146.1.ppc64le", "SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.146.1.s390x", "SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.146.1.x86_64", "SUSE Linux Enterprise Server 12-LTSS:kernel-default-man-3.12.61-52.146.1.s390x", "SUSE Linux Enterprise Server 12-LTSS:kernel-devel-3.12.61-52.146.1.noarch", "SUSE Linux Enterprise Server 12-LTSS:kernel-macros-3.12.61-52.146.1.noarch", "SUSE Linux Enterprise Server 12-LTSS:kernel-source-3.12.61-52.146.1.noarch", "SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.146.1.ppc64le", "SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.146.1.s390x", "SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.146.1.x86_64", "SUSE Linux Enterprise Server 12-LTSS:kernel-xen-3.12.61-52.146.1.x86_64", "SUSE Linux Enterprise Server 12-LTSS:kernel-xen-base-3.12.61-52.146.1.x86_64", "SUSE Linux Enterprise Server 12-LTSS:kernel-xen-devel-3.12.61-52.146.1.x86_64", "SUSE Linux Enterprise Server 12-LTSS:kgraft-patch-3_12_61-52_146-default-1-1.5.1.x86_64", "SUSE Linux Enterprise Server 12-LTSS:kgraft-patch-3_12_61-52_146-xen-1-1.5.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2018-10-09T11:15:29Z", details: "moderate", }, ], title: "CVE-2018-10883", }, { cve: "CVE-2018-10902", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2018-10902", }, ], notes: [ { category: "general", text: "It was found that the raw midi kernel driver does not protect against concurrent access which leads to a double realloc (double free) in snd_rawmidi_input_params() and snd_rawmidi_output_status() which are part of snd_rawmidi_ioctl() handler in rawmidi.c file. A malicious local attacker could possibly use this for privilege escalation.", title: "CVE description", }, ], product_status: { recommended: [ "SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-3.12.61-52.146.1.x86_64", "SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-devel-3.12.61-52.146.1.x86_64", "SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-extra-3.12.61-52.146.1.x86_64", "SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.146.1.ppc64le", "SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.146.1.s390x", "SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.146.1.x86_64", "SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.146.1.ppc64le", "SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.146.1.s390x", "SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.146.1.x86_64", "SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.146.1.ppc64le", "SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.146.1.s390x", "SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.146.1.x86_64", "SUSE Linux Enterprise Server 12-LTSS:kernel-default-man-3.12.61-52.146.1.s390x", "SUSE Linux Enterprise Server 12-LTSS:kernel-devel-3.12.61-52.146.1.noarch", "SUSE Linux Enterprise Server 12-LTSS:kernel-macros-3.12.61-52.146.1.noarch", "SUSE Linux Enterprise Server 12-LTSS:kernel-source-3.12.61-52.146.1.noarch", "SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.146.1.ppc64le", "SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.146.1.s390x", "SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.146.1.x86_64", "SUSE Linux Enterprise Server 12-LTSS:kernel-xen-3.12.61-52.146.1.x86_64", "SUSE Linux Enterprise Server 12-LTSS:kernel-xen-base-3.12.61-52.146.1.x86_64", "SUSE Linux Enterprise Server 12-LTSS:kernel-xen-devel-3.12.61-52.146.1.x86_64", "SUSE Linux Enterprise Server 12-LTSS:kgraft-patch-3_12_61-52_146-default-1-1.5.1.x86_64", "SUSE Linux Enterprise Server 12-LTSS:kgraft-patch-3_12_61-52_146-xen-1-1.5.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2018-10902", url: "https://www.suse.com/security/cve/CVE-2018-10902", }, { category: "external", summary: "SUSE Bug 1105322 for CVE-2018-10902", url: "https://bugzilla.suse.com/1105322", }, { category: "external", summary: "SUSE Bug 1105323 for CVE-2018-10902", url: "https://bugzilla.suse.com/1105323", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-3.12.61-52.146.1.x86_64", "SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-devel-3.12.61-52.146.1.x86_64", "SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-extra-3.12.61-52.146.1.x86_64", "SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.146.1.ppc64le", "SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.146.1.s390x", "SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.146.1.x86_64", "SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.146.1.ppc64le", "SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.146.1.s390x", "SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.146.1.x86_64", "SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.146.1.ppc64le", "SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.146.1.s390x", "SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.146.1.x86_64", "SUSE Linux Enterprise Server 12-LTSS:kernel-default-man-3.12.61-52.146.1.s390x", "SUSE Linux Enterprise Server 12-LTSS:kernel-devel-3.12.61-52.146.1.noarch", "SUSE Linux Enterprise Server 12-LTSS:kernel-macros-3.12.61-52.146.1.noarch", "SUSE Linux Enterprise Server 12-LTSS:kernel-source-3.12.61-52.146.1.noarch", "SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.146.1.ppc64le", "SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.146.1.s390x", "SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.146.1.x86_64", "SUSE Linux Enterprise Server 12-LTSS:kernel-xen-3.12.61-52.146.1.x86_64", "SUSE Linux Enterprise Server 12-LTSS:kernel-xen-base-3.12.61-52.146.1.x86_64", "SUSE Linux Enterprise Server 12-LTSS:kernel-xen-devel-3.12.61-52.146.1.x86_64", "SUSE Linux Enterprise Server 12-LTSS:kgraft-patch-3_12_61-52_146-default-1-1.5.1.x86_64", "SUSE Linux Enterprise Server 12-LTSS:kgraft-patch-3_12_61-52_146-xen-1-1.5.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 7, baseSeverity: "HIGH", vectorString: "CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H", version: "3.0", }, products: [ "SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-3.12.61-52.146.1.x86_64", "SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-devel-3.12.61-52.146.1.x86_64", "SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-extra-3.12.61-52.146.1.x86_64", "SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.146.1.ppc64le", "SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.146.1.s390x", "SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.146.1.x86_64", "SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.146.1.ppc64le", "SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.146.1.s390x", "SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.146.1.x86_64", "SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.146.1.ppc64le", "SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.146.1.s390x", "SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.146.1.x86_64", "SUSE Linux Enterprise Server 12-LTSS:kernel-default-man-3.12.61-52.146.1.s390x", "SUSE Linux Enterprise Server 12-LTSS:kernel-devel-3.12.61-52.146.1.noarch", "SUSE Linux Enterprise Server 12-LTSS:kernel-macros-3.12.61-52.146.1.noarch", "SUSE Linux Enterprise Server 12-LTSS:kernel-source-3.12.61-52.146.1.noarch", "SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.146.1.ppc64le", "SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.146.1.s390x", "SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.146.1.x86_64", "SUSE Linux Enterprise Server 12-LTSS:kernel-xen-3.12.61-52.146.1.x86_64", "SUSE Linux Enterprise Server 12-LTSS:kernel-xen-base-3.12.61-52.146.1.x86_64", "SUSE Linux Enterprise Server 12-LTSS:kernel-xen-devel-3.12.61-52.146.1.x86_64", "SUSE Linux Enterprise Server 12-LTSS:kgraft-patch-3_12_61-52_146-default-1-1.5.1.x86_64", "SUSE Linux Enterprise Server 12-LTSS:kgraft-patch-3_12_61-52_146-xen-1-1.5.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2018-10-09T11:15:29Z", details: "moderate", }, ], title: "CVE-2018-10902", }, { cve: "CVE-2018-10940", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2018-10940", }, ], notes: [ { category: "general", text: "The cdrom_ioctl_media_changed function in drivers/cdrom/cdrom.c in the Linux kernel before 4.16.6 allows local attackers to use a incorrect bounds check in the CDROM driver CDROM_MEDIA_CHANGED ioctl to read out kernel memory.", title: "CVE description", }, ], product_status: { recommended: [ "SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-3.12.61-52.146.1.x86_64", "SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-devel-3.12.61-52.146.1.x86_64", "SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-extra-3.12.61-52.146.1.x86_64", "SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.146.1.ppc64le", "SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.146.1.s390x", "SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.146.1.x86_64", "SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.146.1.ppc64le", "SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.146.1.s390x", "SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.146.1.x86_64", "SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.146.1.ppc64le", "SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.146.1.s390x", "SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.146.1.x86_64", "SUSE Linux Enterprise Server 12-LTSS:kernel-default-man-3.12.61-52.146.1.s390x", "SUSE Linux Enterprise Server 12-LTSS:kernel-devel-3.12.61-52.146.1.noarch", "SUSE Linux Enterprise Server 12-LTSS:kernel-macros-3.12.61-52.146.1.noarch", "SUSE Linux Enterprise Server 12-LTSS:kernel-source-3.12.61-52.146.1.noarch", "SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.146.1.ppc64le", "SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.146.1.s390x", "SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.146.1.x86_64", "SUSE Linux Enterprise Server 12-LTSS:kernel-xen-3.12.61-52.146.1.x86_64", "SUSE Linux Enterprise Server 12-LTSS:kernel-xen-base-3.12.61-52.146.1.x86_64", "SUSE Linux Enterprise Server 12-LTSS:kernel-xen-devel-3.12.61-52.146.1.x86_64", "SUSE Linux Enterprise Server 12-LTSS:kgraft-patch-3_12_61-52_146-default-1-1.5.1.x86_64", "SUSE Linux Enterprise Server 12-LTSS:kgraft-patch-3_12_61-52_146-xen-1-1.5.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2018-10940", url: "https://www.suse.com/security/cve/CVE-2018-10940", }, { category: "external", summary: "SUSE Bug 1087082 for CVE-2018-10940", url: "https://bugzilla.suse.com/1087082", }, { category: "external", summary: "SUSE Bug 1092903 for CVE-2018-10940", url: "https://bugzilla.suse.com/1092903", }, { category: "external", summary: "SUSE Bug 1107689 for CVE-2018-10940", url: "https://bugzilla.suse.com/1107689", }, { category: "external", summary: "SUSE Bug 1113751 for CVE-2018-10940", url: "https://bugzilla.suse.com/1113751", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-3.12.61-52.146.1.x86_64", "SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-devel-3.12.61-52.146.1.x86_64", "SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-extra-3.12.61-52.146.1.x86_64", "SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.146.1.ppc64le", "SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.146.1.s390x", "SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.146.1.x86_64", "SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.146.1.ppc64le", "SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.146.1.s390x", "SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.146.1.x86_64", "SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.146.1.ppc64le", "SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.146.1.s390x", "SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.146.1.x86_64", "SUSE Linux Enterprise Server 12-LTSS:kernel-default-man-3.12.61-52.146.1.s390x", "SUSE Linux Enterprise Server 12-LTSS:kernel-devel-3.12.61-52.146.1.noarch", "SUSE Linux Enterprise Server 12-LTSS:kernel-macros-3.12.61-52.146.1.noarch", "SUSE Linux Enterprise Server 12-LTSS:kernel-source-3.12.61-52.146.1.noarch", "SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.146.1.ppc64le", "SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.146.1.s390x", "SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.146.1.x86_64", "SUSE Linux Enterprise Server 12-LTSS:kernel-xen-3.12.61-52.146.1.x86_64", "SUSE Linux Enterprise Server 12-LTSS:kernel-xen-base-3.12.61-52.146.1.x86_64", "SUSE Linux Enterprise Server 12-LTSS:kernel-xen-devel-3.12.61-52.146.1.x86_64", "SUSE Linux Enterprise Server 12-LTSS:kgraft-patch-3_12_61-52_146-default-1-1.5.1.x86_64", "SUSE Linux Enterprise Server 12-LTSS:kgraft-patch-3_12_61-52_146-xen-1-1.5.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 6.2, baseSeverity: "MEDIUM", vectorString: "CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N", version: "3.0", }, products: [ "SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-3.12.61-52.146.1.x86_64", "SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-devel-3.12.61-52.146.1.x86_64", "SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-extra-3.12.61-52.146.1.x86_64", "SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.146.1.ppc64le", "SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.146.1.s390x", "SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.146.1.x86_64", "SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.146.1.ppc64le", "SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.146.1.s390x", "SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.146.1.x86_64", "SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.146.1.ppc64le", "SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.146.1.s390x", "SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.146.1.x86_64", "SUSE Linux Enterprise Server 12-LTSS:kernel-default-man-3.12.61-52.146.1.s390x", "SUSE Linux Enterprise Server 12-LTSS:kernel-devel-3.12.61-52.146.1.noarch", "SUSE Linux Enterprise Server 12-LTSS:kernel-macros-3.12.61-52.146.1.noarch", "SUSE Linux Enterprise Server 12-LTSS:kernel-source-3.12.61-52.146.1.noarch", "SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.146.1.ppc64le", "SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.146.1.s390x", "SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.146.1.x86_64", "SUSE Linux Enterprise Server 12-LTSS:kernel-xen-3.12.61-52.146.1.x86_64", "SUSE Linux Enterprise Server 12-LTSS:kernel-xen-base-3.12.61-52.146.1.x86_64", "SUSE Linux Enterprise Server 12-LTSS:kernel-xen-devel-3.12.61-52.146.1.x86_64", "SUSE Linux Enterprise Server 12-LTSS:kgraft-patch-3_12_61-52_146-default-1-1.5.1.x86_64", "SUSE Linux Enterprise Server 12-LTSS:kgraft-patch-3_12_61-52_146-xen-1-1.5.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2018-10-09T11:15:29Z", details: "moderate", }, ], title: "CVE-2018-10940", }, { cve: "CVE-2018-12896", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2018-12896", }, ], notes: [ { category: "general", text: "An issue was discovered in the Linux kernel through 4.17.3. An Integer Overflow in kernel/time/posix-timers.c in the POSIX timer code is caused by the way the overrun accounting works. Depending on interval and expiry time values, the overrun can be larger than INT_MAX, but the accounting is int based. This basically makes the accounting values, which are visible to user space via timer_getoverrun(2) and siginfo::si_overrun, random. For example, a local user can cause a denial of service (signed integer overflow) via crafted mmap, futex, timer_create, and timer_settime system calls.", title: "CVE description", }, ], product_status: { recommended: [ "SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-3.12.61-52.146.1.x86_64", "SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-devel-3.12.61-52.146.1.x86_64", "SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-extra-3.12.61-52.146.1.x86_64", "SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.146.1.ppc64le", "SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.146.1.s390x", "SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.146.1.x86_64", "SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.146.1.ppc64le", "SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.146.1.s390x", "SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.146.1.x86_64", "SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.146.1.ppc64le", "SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.146.1.s390x", "SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.146.1.x86_64", "SUSE Linux Enterprise Server 12-LTSS:kernel-default-man-3.12.61-52.146.1.s390x", "SUSE Linux Enterprise Server 12-LTSS:kernel-devel-3.12.61-52.146.1.noarch", "SUSE Linux Enterprise Server 12-LTSS:kernel-macros-3.12.61-52.146.1.noarch", "SUSE Linux Enterprise Server 12-LTSS:kernel-source-3.12.61-52.146.1.noarch", "SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.146.1.ppc64le", "SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.146.1.s390x", "SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.146.1.x86_64", "SUSE Linux Enterprise Server 12-LTSS:kernel-xen-3.12.61-52.146.1.x86_64", "SUSE Linux Enterprise Server 12-LTSS:kernel-xen-base-3.12.61-52.146.1.x86_64", "SUSE Linux Enterprise Server 12-LTSS:kernel-xen-devel-3.12.61-52.146.1.x86_64", "SUSE Linux Enterprise Server 12-LTSS:kgraft-patch-3_12_61-52_146-default-1-1.5.1.x86_64", "SUSE Linux Enterprise Server 12-LTSS:kgraft-patch-3_12_61-52_146-xen-1-1.5.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2018-12896", url: "https://www.suse.com/security/cve/CVE-2018-12896", }, { category: "external", summary: "SUSE Bug 1099922 for CVE-2018-12896", url: "https://bugzilla.suse.com/1099922", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-3.12.61-52.146.1.x86_64", "SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-devel-3.12.61-52.146.1.x86_64", "SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-extra-3.12.61-52.146.1.x86_64", "SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.146.1.ppc64le", "SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.146.1.s390x", "SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.146.1.x86_64", "SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.146.1.ppc64le", "SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.146.1.s390x", "SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.146.1.x86_64", "SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.146.1.ppc64le", "SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.146.1.s390x", "SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.146.1.x86_64", "SUSE Linux Enterprise Server 12-LTSS:kernel-default-man-3.12.61-52.146.1.s390x", "SUSE Linux Enterprise Server 12-LTSS:kernel-devel-3.12.61-52.146.1.noarch", "SUSE Linux Enterprise Server 12-LTSS:kernel-macros-3.12.61-52.146.1.noarch", "SUSE Linux Enterprise Server 12-LTSS:kernel-source-3.12.61-52.146.1.noarch", "SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.146.1.ppc64le", "SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.146.1.s390x", "SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.146.1.x86_64", "SUSE Linux Enterprise Server 12-LTSS:kernel-xen-3.12.61-52.146.1.x86_64", "SUSE Linux Enterprise Server 12-LTSS:kernel-xen-base-3.12.61-52.146.1.x86_64", "SUSE Linux Enterprise Server 12-LTSS:kernel-xen-devel-3.12.61-52.146.1.x86_64", "SUSE Linux Enterprise Server 12-LTSS:kgraft-patch-3_12_61-52_146-default-1-1.5.1.x86_64", "SUSE Linux Enterprise Server 12-LTSS:kgraft-patch-3_12_61-52_146-xen-1-1.5.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 3.3, baseSeverity: "LOW", vectorString: "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L", version: "3.0", }, products: [ "SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-3.12.61-52.146.1.x86_64", "SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-devel-3.12.61-52.146.1.x86_64", "SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-extra-3.12.61-52.146.1.x86_64", "SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.146.1.ppc64le", "SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.146.1.s390x", "SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.146.1.x86_64", "SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.146.1.ppc64le", "SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.146.1.s390x", "SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.146.1.x86_64", "SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.146.1.ppc64le", "SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.146.1.s390x", "SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.146.1.x86_64", "SUSE Linux Enterprise Server 12-LTSS:kernel-default-man-3.12.61-52.146.1.s390x", "SUSE Linux Enterprise Server 12-LTSS:kernel-devel-3.12.61-52.146.1.noarch", "SUSE Linux Enterprise Server 12-LTSS:kernel-macros-3.12.61-52.146.1.noarch", "SUSE Linux Enterprise Server 12-LTSS:kernel-source-3.12.61-52.146.1.noarch", "SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.146.1.ppc64le", "SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.146.1.s390x", "SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.146.1.x86_64", "SUSE Linux Enterprise Server 12-LTSS:kernel-xen-3.12.61-52.146.1.x86_64", "SUSE Linux Enterprise Server 12-LTSS:kernel-xen-base-3.12.61-52.146.1.x86_64", "SUSE Linux Enterprise Server 12-LTSS:kernel-xen-devel-3.12.61-52.146.1.x86_64", "SUSE Linux Enterprise Server 12-LTSS:kgraft-patch-3_12_61-52_146-default-1-1.5.1.x86_64", "SUSE Linux Enterprise Server 12-LTSS:kgraft-patch-3_12_61-52_146-xen-1-1.5.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2018-10-09T11:15:29Z", details: "low", }, ], title: "CVE-2018-12896", }, { cve: "CVE-2018-13093", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2018-13093", }, ], notes: [ { category: "general", text: "An issue was discovered in fs/xfs/xfs_icache.c in the Linux kernel through 4.17.3. There is a NULL pointer dereference and panic in lookup_slow() on a NULL inode->i_ops pointer when doing pathwalks on a corrupted xfs image. This occurs because of a lack of proper validation that cached inodes are free during allocation.", title: "CVE description", }, ], product_status: { recommended: [ "SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-3.12.61-52.146.1.x86_64", "SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-devel-3.12.61-52.146.1.x86_64", "SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-extra-3.12.61-52.146.1.x86_64", "SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.146.1.ppc64le", "SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.146.1.s390x", "SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.146.1.x86_64", "SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.146.1.ppc64le", "SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.146.1.s390x", "SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.146.1.x86_64", "SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.146.1.ppc64le", "SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.146.1.s390x", "SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.146.1.x86_64", "SUSE Linux Enterprise Server 12-LTSS:kernel-default-man-3.12.61-52.146.1.s390x", "SUSE Linux Enterprise Server 12-LTSS:kernel-devel-3.12.61-52.146.1.noarch", "SUSE Linux Enterprise Server 12-LTSS:kernel-macros-3.12.61-52.146.1.noarch", "SUSE Linux Enterprise Server 12-LTSS:kernel-source-3.12.61-52.146.1.noarch", "SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.146.1.ppc64le", "SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.146.1.s390x", "SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.146.1.x86_64", "SUSE Linux Enterprise Server 12-LTSS:kernel-xen-3.12.61-52.146.1.x86_64", "SUSE Linux Enterprise Server 12-LTSS:kernel-xen-base-3.12.61-52.146.1.x86_64", "SUSE Linux Enterprise Server 12-LTSS:kernel-xen-devel-3.12.61-52.146.1.x86_64", "SUSE Linux Enterprise Server 12-LTSS:kgraft-patch-3_12_61-52_146-default-1-1.5.1.x86_64", "SUSE Linux Enterprise Server 12-LTSS:kgraft-patch-3_12_61-52_146-xen-1-1.5.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2018-13093", url: "https://www.suse.com/security/cve/CVE-2018-13093", }, { category: "external", summary: "SUSE Bug 1100001 for CVE-2018-13093", url: "https://bugzilla.suse.com/1100001", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-3.12.61-52.146.1.x86_64", "SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-devel-3.12.61-52.146.1.x86_64", "SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-extra-3.12.61-52.146.1.x86_64", "SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.146.1.ppc64le", "SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.146.1.s390x", "SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.146.1.x86_64", "SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.146.1.ppc64le", "SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.146.1.s390x", "SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.146.1.x86_64", "SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.146.1.ppc64le", "SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.146.1.s390x", "SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.146.1.x86_64", "SUSE Linux Enterprise Server 12-LTSS:kernel-default-man-3.12.61-52.146.1.s390x", "SUSE Linux Enterprise Server 12-LTSS:kernel-devel-3.12.61-52.146.1.noarch", "SUSE Linux Enterprise Server 12-LTSS:kernel-macros-3.12.61-52.146.1.noarch", "SUSE Linux Enterprise Server 12-LTSS:kernel-source-3.12.61-52.146.1.noarch", "SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.146.1.ppc64le", "SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.146.1.s390x", "SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.146.1.x86_64", "SUSE Linux Enterprise Server 12-LTSS:kernel-xen-3.12.61-52.146.1.x86_64", "SUSE Linux Enterprise Server 12-LTSS:kernel-xen-base-3.12.61-52.146.1.x86_64", "SUSE Linux Enterprise Server 12-LTSS:kernel-xen-devel-3.12.61-52.146.1.x86_64", "SUSE Linux Enterprise Server 12-LTSS:kgraft-patch-3_12_61-52_146-default-1-1.5.1.x86_64", "SUSE Linux Enterprise Server 12-LTSS:kgraft-patch-3_12_61-52_146-xen-1-1.5.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 6.1, baseSeverity: "MEDIUM", vectorString: "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:H", version: "3.0", }, products: [ "SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-3.12.61-52.146.1.x86_64", "SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-devel-3.12.61-52.146.1.x86_64", "SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-extra-3.12.61-52.146.1.x86_64", "SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.146.1.ppc64le", "SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.146.1.s390x", "SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.146.1.x86_64", "SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.146.1.ppc64le", "SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.146.1.s390x", "SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.146.1.x86_64", "SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.146.1.ppc64le", "SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.146.1.s390x", "SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.146.1.x86_64", "SUSE Linux Enterprise Server 12-LTSS:kernel-default-man-3.12.61-52.146.1.s390x", "SUSE Linux Enterprise Server 12-LTSS:kernel-devel-3.12.61-52.146.1.noarch", "SUSE Linux Enterprise Server 12-LTSS:kernel-macros-3.12.61-52.146.1.noarch", "SUSE Linux Enterprise Server 12-LTSS:kernel-source-3.12.61-52.146.1.noarch", "SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.146.1.ppc64le", "SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.146.1.s390x", "SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.146.1.x86_64", "SUSE Linux Enterprise Server 12-LTSS:kernel-xen-3.12.61-52.146.1.x86_64", "SUSE Linux Enterprise Server 12-LTSS:kernel-xen-base-3.12.61-52.146.1.x86_64", "SUSE Linux Enterprise Server 12-LTSS:kernel-xen-devel-3.12.61-52.146.1.x86_64", "SUSE Linux Enterprise Server 12-LTSS:kgraft-patch-3_12_61-52_146-default-1-1.5.1.x86_64", "SUSE Linux Enterprise Server 12-LTSS:kgraft-patch-3_12_61-52_146-xen-1-1.5.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2018-10-09T11:15:29Z", details: "moderate", }, ], title: "CVE-2018-13093", }, { cve: "CVE-2018-14617", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2018-14617", }, ], notes: [ { category: "general", text: "An issue was discovered in the Linux kernel through 4.17.10. There is a NULL pointer dereference and panic in hfsplus_lookup() in fs/hfsplus/dir.c when opening a file (that is purportedly a hard link) in an hfs+ filesystem that has malformed catalog data, and is mounted read-only without a metadata directory.", title: "CVE description", }, ], product_status: { recommended: [ "SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-3.12.61-52.146.1.x86_64", "SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-devel-3.12.61-52.146.1.x86_64", "SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-extra-3.12.61-52.146.1.x86_64", "SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.146.1.ppc64le", "SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.146.1.s390x", "SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.146.1.x86_64", "SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.146.1.ppc64le", "SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.146.1.s390x", "SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.146.1.x86_64", "SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.146.1.ppc64le", "SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.146.1.s390x", "SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.146.1.x86_64", "SUSE Linux Enterprise Server 12-LTSS:kernel-default-man-3.12.61-52.146.1.s390x", "SUSE Linux Enterprise Server 12-LTSS:kernel-devel-3.12.61-52.146.1.noarch", "SUSE Linux Enterprise Server 12-LTSS:kernel-macros-3.12.61-52.146.1.noarch", "SUSE Linux Enterprise Server 12-LTSS:kernel-source-3.12.61-52.146.1.noarch", "SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.146.1.ppc64le", "SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.146.1.s390x", "SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.146.1.x86_64", "SUSE Linux Enterprise Server 12-LTSS:kernel-xen-3.12.61-52.146.1.x86_64", "SUSE Linux Enterprise Server 12-LTSS:kernel-xen-base-3.12.61-52.146.1.x86_64", "SUSE Linux Enterprise Server 12-LTSS:kernel-xen-devel-3.12.61-52.146.1.x86_64", "SUSE Linux Enterprise Server 12-LTSS:kgraft-patch-3_12_61-52_146-default-1-1.5.1.x86_64", "SUSE Linux Enterprise Server 12-LTSS:kgraft-patch-3_12_61-52_146-xen-1-1.5.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2018-14617", url: "https://www.suse.com/security/cve/CVE-2018-14617", }, { category: "external", summary: "SUSE Bug 1102870 for CVE-2018-14617", url: "https://bugzilla.suse.com/1102870", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-3.12.61-52.146.1.x86_64", "SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-devel-3.12.61-52.146.1.x86_64", "SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-extra-3.12.61-52.146.1.x86_64", "SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.146.1.ppc64le", "SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.146.1.s390x", "SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.146.1.x86_64", "SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.146.1.ppc64le", "SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.146.1.s390x", "SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.146.1.x86_64", "SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.146.1.ppc64le", "SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.146.1.s390x", "SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.146.1.x86_64", "SUSE Linux Enterprise Server 12-LTSS:kernel-default-man-3.12.61-52.146.1.s390x", "SUSE Linux Enterprise Server 12-LTSS:kernel-devel-3.12.61-52.146.1.noarch", "SUSE Linux Enterprise Server 12-LTSS:kernel-macros-3.12.61-52.146.1.noarch", "SUSE Linux Enterprise Server 12-LTSS:kernel-source-3.12.61-52.146.1.noarch", "SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.146.1.ppc64le", "SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.146.1.s390x", "SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.146.1.x86_64", "SUSE Linux Enterprise Server 12-LTSS:kernel-xen-3.12.61-52.146.1.x86_64", "SUSE Linux Enterprise Server 12-LTSS:kernel-xen-base-3.12.61-52.146.1.x86_64", "SUSE Linux Enterprise Server 12-LTSS:kernel-xen-devel-3.12.61-52.146.1.x86_64", "SUSE Linux Enterprise Server 12-LTSS:kgraft-patch-3_12_61-52_146-default-1-1.5.1.x86_64", "SUSE Linux Enterprise Server 12-LTSS:kgraft-patch-3_12_61-52_146-xen-1-1.5.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 5.5, baseSeverity: "MEDIUM", vectorString: "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", version: "3.0", }, products: [ "SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-3.12.61-52.146.1.x86_64", "SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-devel-3.12.61-52.146.1.x86_64", "SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-extra-3.12.61-52.146.1.x86_64", "SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.146.1.ppc64le", "SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.146.1.s390x", "SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.146.1.x86_64", "SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.146.1.ppc64le", "SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.146.1.s390x", "SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.146.1.x86_64", "SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.146.1.ppc64le", "SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.146.1.s390x", "SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.146.1.x86_64", "SUSE Linux Enterprise Server 12-LTSS:kernel-default-man-3.12.61-52.146.1.s390x", "SUSE Linux Enterprise Server 12-LTSS:kernel-devel-3.12.61-52.146.1.noarch", "SUSE Linux Enterprise Server 12-LTSS:kernel-macros-3.12.61-52.146.1.noarch", "SUSE Linux Enterprise Server 12-LTSS:kernel-source-3.12.61-52.146.1.noarch", "SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.146.1.ppc64le", "SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.146.1.s390x", "SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.146.1.x86_64", "SUSE Linux Enterprise Server 12-LTSS:kernel-xen-3.12.61-52.146.1.x86_64", "SUSE Linux Enterprise Server 12-LTSS:kernel-xen-base-3.12.61-52.146.1.x86_64", "SUSE Linux Enterprise Server 12-LTSS:kernel-xen-devel-3.12.61-52.146.1.x86_64", "SUSE Linux Enterprise Server 12-LTSS:kgraft-patch-3_12_61-52_146-default-1-1.5.1.x86_64", "SUSE Linux Enterprise Server 12-LTSS:kgraft-patch-3_12_61-52_146-xen-1-1.5.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2018-10-09T11:15:29Z", details: "moderate", }, ], title: "CVE-2018-14617", }, { cve: "CVE-2018-14634", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2018-14634", }, ], notes: [ { category: "general", text: "An integer overflow flaw was found in the Linux kernel's create_elf_tables() function. An unprivileged local user with access to SUID (or otherwise privileged) binary could use this flaw to escalate their privileges on the system. Kernel versions 2.6.x, 3.10.x and 4.14.x are believed to be vulnerable.", title: "CVE description", }, ], product_status: { recommended: [ "SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-3.12.61-52.146.1.x86_64", "SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-devel-3.12.61-52.146.1.x86_64", "SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-extra-3.12.61-52.146.1.x86_64", "SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.146.1.ppc64le", "SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.146.1.s390x", "SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.146.1.x86_64", "SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.146.1.ppc64le", "SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.146.1.s390x", "SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.146.1.x86_64", "SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.146.1.ppc64le", "SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.146.1.s390x", "SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.146.1.x86_64", "SUSE Linux Enterprise Server 12-LTSS:kernel-default-man-3.12.61-52.146.1.s390x", "SUSE Linux Enterprise Server 12-LTSS:kernel-devel-3.12.61-52.146.1.noarch", "SUSE Linux Enterprise Server 12-LTSS:kernel-macros-3.12.61-52.146.1.noarch", "SUSE Linux Enterprise Server 12-LTSS:kernel-source-3.12.61-52.146.1.noarch", "SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.146.1.ppc64le", "SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.146.1.s390x", "SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.146.1.x86_64", "SUSE Linux Enterprise Server 12-LTSS:kernel-xen-3.12.61-52.146.1.x86_64", "SUSE Linux Enterprise Server 12-LTSS:kernel-xen-base-3.12.61-52.146.1.x86_64", "SUSE Linux Enterprise Server 12-LTSS:kernel-xen-devel-3.12.61-52.146.1.x86_64", "SUSE Linux Enterprise Server 12-LTSS:kgraft-patch-3_12_61-52_146-default-1-1.5.1.x86_64", "SUSE Linux Enterprise Server 12-LTSS:kgraft-patch-3_12_61-52_146-xen-1-1.5.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2018-14634", url: "https://www.suse.com/security/cve/CVE-2018-14634", }, { category: "external", summary: "SUSE Bug 1108912 for CVE-2018-14634", url: "https://bugzilla.suse.com/1108912", }, { category: "external", summary: "SUSE Bug 1108963 for CVE-2018-14634", url: "https://bugzilla.suse.com/1108963", }, { category: "external", summary: "SUSE Bug 1115893 for CVE-2018-14634", url: "https://bugzilla.suse.com/1115893", }, { category: "external", summary: "SUSE Bug 1120323 for CVE-2018-14634", url: "https://bugzilla.suse.com/1120323", }, { category: "external", summary: "SUSE Bug 1122265 for CVE-2018-14634", url: "https://bugzilla.suse.com/1122265", }, { category: "external", summary: "SUSE Bug 1188063 for CVE-2018-14634", url: "https://bugzilla.suse.com/1188063", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-3.12.61-52.146.1.x86_64", "SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-devel-3.12.61-52.146.1.x86_64", "SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-extra-3.12.61-52.146.1.x86_64", "SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.146.1.ppc64le", "SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.146.1.s390x", "SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.146.1.x86_64", "SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.146.1.ppc64le", "SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.146.1.s390x", "SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.146.1.x86_64", "SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.146.1.ppc64le", "SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.146.1.s390x", "SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.146.1.x86_64", "SUSE Linux Enterprise Server 12-LTSS:kernel-default-man-3.12.61-52.146.1.s390x", "SUSE Linux Enterprise Server 12-LTSS:kernel-devel-3.12.61-52.146.1.noarch", "SUSE Linux Enterprise Server 12-LTSS:kernel-macros-3.12.61-52.146.1.noarch", "SUSE Linux Enterprise Server 12-LTSS:kernel-source-3.12.61-52.146.1.noarch", "SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.146.1.ppc64le", "SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.146.1.s390x", "SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.146.1.x86_64", "SUSE Linux Enterprise Server 12-LTSS:kernel-xen-3.12.61-52.146.1.x86_64", "SUSE Linux Enterprise Server 12-LTSS:kernel-xen-base-3.12.61-52.146.1.x86_64", "SUSE Linux Enterprise Server 12-LTSS:kernel-xen-devel-3.12.61-52.146.1.x86_64", "SUSE Linux Enterprise Server 12-LTSS:kgraft-patch-3_12_61-52_146-default-1-1.5.1.x86_64", "SUSE Linux Enterprise Server 12-LTSS:kgraft-patch-3_12_61-52_146-xen-1-1.5.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 7.8, baseSeverity: "HIGH", vectorString: "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", version: "3.0", }, products: [ "SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-3.12.61-52.146.1.x86_64", "SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-devel-3.12.61-52.146.1.x86_64", "SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-extra-3.12.61-52.146.1.x86_64", "SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.146.1.ppc64le", "SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.146.1.s390x", "SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.146.1.x86_64", "SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.146.1.ppc64le", "SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.146.1.s390x", "SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.146.1.x86_64", "SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.146.1.ppc64le", "SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.146.1.s390x", "SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.146.1.x86_64", "SUSE Linux Enterprise Server 12-LTSS:kernel-default-man-3.12.61-52.146.1.s390x", "SUSE Linux Enterprise Server 12-LTSS:kernel-devel-3.12.61-52.146.1.noarch", "SUSE Linux Enterprise Server 12-LTSS:kernel-macros-3.12.61-52.146.1.noarch", "SUSE Linux Enterprise Server 12-LTSS:kernel-source-3.12.61-52.146.1.noarch", "SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.146.1.ppc64le", "SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.146.1.s390x", "SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.146.1.x86_64", "SUSE Linux Enterprise Server 12-LTSS:kernel-xen-3.12.61-52.146.1.x86_64", "SUSE Linux Enterprise Server 12-LTSS:kernel-xen-base-3.12.61-52.146.1.x86_64", "SUSE Linux Enterprise Server 12-LTSS:kernel-xen-devel-3.12.61-52.146.1.x86_64", "SUSE Linux Enterprise Server 12-LTSS:kgraft-patch-3_12_61-52_146-default-1-1.5.1.x86_64", "SUSE Linux Enterprise Server 12-LTSS:kgraft-patch-3_12_61-52_146-xen-1-1.5.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2018-10-09T11:15:29Z", details: "important", }, ], title: "CVE-2018-14634", }, { cve: "CVE-2018-16276", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2018-16276", }, ], notes: [ { category: "general", text: "An issue was discovered in yurex_read in drivers/usb/misc/yurex.c in the Linux kernel before 4.17.7. Local attackers could use user access read/writes with incorrect bounds checking in the yurex USB driver to crash the kernel or potentially escalate privileges.", title: "CVE description", }, ], product_status: { recommended: [ "SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-3.12.61-52.146.1.x86_64", "SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-devel-3.12.61-52.146.1.x86_64", "SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-extra-3.12.61-52.146.1.x86_64", "SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.146.1.ppc64le", "SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.146.1.s390x", "SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.146.1.x86_64", "SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.146.1.ppc64le", "SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.146.1.s390x", "SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.146.1.x86_64", "SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.146.1.ppc64le", "SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.146.1.s390x", "SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.146.1.x86_64", "SUSE Linux Enterprise Server 12-LTSS:kernel-default-man-3.12.61-52.146.1.s390x", "SUSE Linux Enterprise Server 12-LTSS:kernel-devel-3.12.61-52.146.1.noarch", "SUSE Linux Enterprise Server 12-LTSS:kernel-macros-3.12.61-52.146.1.noarch", "SUSE Linux Enterprise Server 12-LTSS:kernel-source-3.12.61-52.146.1.noarch", "SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.146.1.ppc64le", "SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.146.1.s390x", "SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.146.1.x86_64", "SUSE Linux Enterprise Server 12-LTSS:kernel-xen-3.12.61-52.146.1.x86_64", "SUSE Linux Enterprise Server 12-LTSS:kernel-xen-base-3.12.61-52.146.1.x86_64", "SUSE Linux Enterprise Server 12-LTSS:kernel-xen-devel-3.12.61-52.146.1.x86_64", "SUSE Linux Enterprise Server 12-LTSS:kgraft-patch-3_12_61-52_146-default-1-1.5.1.x86_64", "SUSE Linux Enterprise Server 12-LTSS:kgraft-patch-3_12_61-52_146-xen-1-1.5.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2018-16276", url: "https://www.suse.com/security/cve/CVE-2018-16276", }, { category: "external", summary: "SUSE Bug 1106095 for CVE-2018-16276", url: "https://bugzilla.suse.com/1106095", }, { category: "external", summary: "SUSE Bug 1115593 for CVE-2018-16276", url: "https://bugzilla.suse.com/1115593", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-3.12.61-52.146.1.x86_64", "SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-devel-3.12.61-52.146.1.x86_64", "SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-extra-3.12.61-52.146.1.x86_64", "SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.146.1.ppc64le", "SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.146.1.s390x", "SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.146.1.x86_64", "SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.146.1.ppc64le", "SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.146.1.s390x", "SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.146.1.x86_64", "SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.146.1.ppc64le", "SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.146.1.s390x", "SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.146.1.x86_64", "SUSE Linux Enterprise Server 12-LTSS:kernel-default-man-3.12.61-52.146.1.s390x", "SUSE Linux Enterprise Server 12-LTSS:kernel-devel-3.12.61-52.146.1.noarch", "SUSE Linux Enterprise Server 12-LTSS:kernel-macros-3.12.61-52.146.1.noarch", "SUSE Linux Enterprise Server 12-LTSS:kernel-source-3.12.61-52.146.1.noarch", "SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.146.1.ppc64le", "SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.146.1.s390x", "SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.146.1.x86_64", "SUSE Linux Enterprise Server 12-LTSS:kernel-xen-3.12.61-52.146.1.x86_64", "SUSE Linux Enterprise Server 12-LTSS:kernel-xen-base-3.12.61-52.146.1.x86_64", "SUSE Linux Enterprise Server 12-LTSS:kernel-xen-devel-3.12.61-52.146.1.x86_64", "SUSE Linux Enterprise Server 12-LTSS:kgraft-patch-3_12_61-52_146-default-1-1.5.1.x86_64", "SUSE Linux Enterprise Server 12-LTSS:kgraft-patch-3_12_61-52_146-xen-1-1.5.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 7.3, baseSeverity: "HIGH", vectorString: "CVSS:3.0/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H", version: "3.0", }, products: [ "SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-3.12.61-52.146.1.x86_64", "SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-devel-3.12.61-52.146.1.x86_64", "SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-extra-3.12.61-52.146.1.x86_64", "SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.146.1.ppc64le", "SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.146.1.s390x", "SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.146.1.x86_64", "SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.146.1.ppc64le", "SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.146.1.s390x", "SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.146.1.x86_64", "SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.146.1.ppc64le", "SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.146.1.s390x", "SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.146.1.x86_64", "SUSE Linux Enterprise Server 12-LTSS:kernel-default-man-3.12.61-52.146.1.s390x", "SUSE Linux Enterprise Server 12-LTSS:kernel-devel-3.12.61-52.146.1.noarch", "SUSE Linux Enterprise Server 12-LTSS:kernel-macros-3.12.61-52.146.1.noarch", "SUSE Linux Enterprise Server 12-LTSS:kernel-source-3.12.61-52.146.1.noarch", "SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.146.1.ppc64le", "SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.146.1.s390x", "SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.146.1.x86_64", "SUSE Linux Enterprise Server 12-LTSS:kernel-xen-3.12.61-52.146.1.x86_64", "SUSE Linux Enterprise Server 12-LTSS:kernel-xen-base-3.12.61-52.146.1.x86_64", "SUSE Linux Enterprise Server 12-LTSS:kernel-xen-devel-3.12.61-52.146.1.x86_64", "SUSE Linux Enterprise Server 12-LTSS:kgraft-patch-3_12_61-52_146-default-1-1.5.1.x86_64", "SUSE Linux Enterprise Server 12-LTSS:kgraft-patch-3_12_61-52_146-xen-1-1.5.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2018-10-09T11:15:29Z", details: "important", }, ], title: "CVE-2018-16276", }, { cve: "CVE-2018-16658", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2018-16658", }, ], notes: [ { category: "general", text: "An issue was discovered in the Linux kernel before 4.18.6. An information leak in cdrom_ioctl_drive_status in drivers/cdrom/cdrom.c could be used by local attackers to read kernel memory because a cast from unsigned long to int interferes with bounds checking. This is similar to CVE-2018-10940.", title: "CVE description", }, ], product_status: { recommended: [ "SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-3.12.61-52.146.1.x86_64", "SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-devel-3.12.61-52.146.1.x86_64", "SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-extra-3.12.61-52.146.1.x86_64", "SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.146.1.ppc64le", "SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.146.1.s390x", "SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.146.1.x86_64", "SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.146.1.ppc64le", "SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.146.1.s390x", "SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.146.1.x86_64", "SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.146.1.ppc64le", "SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.146.1.s390x", "SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.146.1.x86_64", "SUSE Linux Enterprise Server 12-LTSS:kernel-default-man-3.12.61-52.146.1.s390x", "SUSE Linux Enterprise Server 12-LTSS:kernel-devel-3.12.61-52.146.1.noarch", "SUSE Linux Enterprise Server 12-LTSS:kernel-macros-3.12.61-52.146.1.noarch", "SUSE Linux Enterprise Server 12-LTSS:kernel-source-3.12.61-52.146.1.noarch", "SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.146.1.ppc64le", "SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.146.1.s390x", "SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.146.1.x86_64", "SUSE Linux Enterprise Server 12-LTSS:kernel-xen-3.12.61-52.146.1.x86_64", "SUSE Linux Enterprise Server 12-LTSS:kernel-xen-base-3.12.61-52.146.1.x86_64", "SUSE Linux Enterprise Server 12-LTSS:kernel-xen-devel-3.12.61-52.146.1.x86_64", "SUSE Linux Enterprise Server 12-LTSS:kgraft-patch-3_12_61-52_146-default-1-1.5.1.x86_64", "SUSE Linux Enterprise Server 12-LTSS:kgraft-patch-3_12_61-52_146-xen-1-1.5.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2018-16658", url: "https://www.suse.com/security/cve/CVE-2018-16658", }, { category: "external", summary: "SUSE Bug 1092903 for CVE-2018-16658", url: "https://bugzilla.suse.com/1092903", }, { category: "external", summary: "SUSE Bug 1107689 for CVE-2018-16658", url: "https://bugzilla.suse.com/1107689", }, { category: "external", summary: "SUSE Bug 1113751 for CVE-2018-16658", url: "https://bugzilla.suse.com/1113751", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-3.12.61-52.146.1.x86_64", "SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-devel-3.12.61-52.146.1.x86_64", "SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-extra-3.12.61-52.146.1.x86_64", "SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.146.1.ppc64le", "SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.146.1.s390x", "SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.146.1.x86_64", "SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.146.1.ppc64le", "SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.146.1.s390x", "SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.146.1.x86_64", "SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.146.1.ppc64le", "SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.146.1.s390x", "SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.146.1.x86_64", "SUSE Linux Enterprise Server 12-LTSS:kernel-default-man-3.12.61-52.146.1.s390x", "SUSE Linux Enterprise Server 12-LTSS:kernel-devel-3.12.61-52.146.1.noarch", "SUSE Linux Enterprise Server 12-LTSS:kernel-macros-3.12.61-52.146.1.noarch", "SUSE Linux Enterprise Server 12-LTSS:kernel-source-3.12.61-52.146.1.noarch", "SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.146.1.ppc64le", "SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.146.1.s390x", "SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.146.1.x86_64", "SUSE Linux Enterprise Server 12-LTSS:kernel-xen-3.12.61-52.146.1.x86_64", "SUSE Linux Enterprise Server 12-LTSS:kernel-xen-base-3.12.61-52.146.1.x86_64", "SUSE Linux Enterprise Server 12-LTSS:kernel-xen-devel-3.12.61-52.146.1.x86_64", "SUSE Linux Enterprise Server 12-LTSS:kgraft-patch-3_12_61-52_146-default-1-1.5.1.x86_64", "SUSE Linux Enterprise Server 12-LTSS:kgraft-patch-3_12_61-52_146-xen-1-1.5.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 4, baseSeverity: "MEDIUM", vectorString: "CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N", version: "3.0", }, products: [ "SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-3.12.61-52.146.1.x86_64", "SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-devel-3.12.61-52.146.1.x86_64", "SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-extra-3.12.61-52.146.1.x86_64", "SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.146.1.ppc64le", "SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.146.1.s390x", "SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.146.1.x86_64", "SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.146.1.ppc64le", "SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.146.1.s390x", "SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.146.1.x86_64", "SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.146.1.ppc64le", "SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.146.1.s390x", "SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.146.1.x86_64", "SUSE Linux Enterprise Server 12-LTSS:kernel-default-man-3.12.61-52.146.1.s390x", "SUSE Linux Enterprise Server 12-LTSS:kernel-devel-3.12.61-52.146.1.noarch", "SUSE Linux Enterprise Server 12-LTSS:kernel-macros-3.12.61-52.146.1.noarch", "SUSE Linux Enterprise Server 12-LTSS:kernel-source-3.12.61-52.146.1.noarch", "SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.146.1.ppc64le", "SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.146.1.s390x", "SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.146.1.x86_64", "SUSE Linux Enterprise Server 12-LTSS:kernel-xen-3.12.61-52.146.1.x86_64", "SUSE Linux Enterprise Server 12-LTSS:kernel-xen-base-3.12.61-52.146.1.x86_64", "SUSE Linux Enterprise Server 12-LTSS:kernel-xen-devel-3.12.61-52.146.1.x86_64", "SUSE Linux Enterprise Server 12-LTSS:kgraft-patch-3_12_61-52_146-default-1-1.5.1.x86_64", "SUSE Linux Enterprise Server 12-LTSS:kgraft-patch-3_12_61-52_146-xen-1-1.5.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2018-10-09T11:15:29Z", details: "low", }, ], title: "CVE-2018-16658", }, { cve: "CVE-2018-17182", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2018-17182", }, ], notes: [ { category: "general", text: "An issue was discovered in the Linux kernel through 4.18.8. The vmacache_flush_all function in mm/vmacache.c mishandles sequence number overflows. An attacker can trigger a use-after-free (and possibly gain privileges) via certain thread creation, map, unmap, invalidation, and dereference operations.", title: "CVE description", }, ], product_status: { recommended: [ "SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-3.12.61-52.146.1.x86_64", "SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-devel-3.12.61-52.146.1.x86_64", "SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-extra-3.12.61-52.146.1.x86_64", "SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.146.1.ppc64le", "SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.146.1.s390x", "SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.146.1.x86_64", "SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.146.1.ppc64le", "SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.146.1.s390x", "SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.146.1.x86_64", "SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.146.1.ppc64le", "SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.146.1.s390x", "SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.146.1.x86_64", "SUSE Linux Enterprise Server 12-LTSS:kernel-default-man-3.12.61-52.146.1.s390x", "SUSE Linux Enterprise Server 12-LTSS:kernel-devel-3.12.61-52.146.1.noarch", "SUSE Linux Enterprise Server 12-LTSS:kernel-macros-3.12.61-52.146.1.noarch", "SUSE Linux Enterprise Server 12-LTSS:kernel-source-3.12.61-52.146.1.noarch", "SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.146.1.ppc64le", "SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.146.1.s390x", "SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.146.1.x86_64", "SUSE Linux Enterprise Server 12-LTSS:kernel-xen-3.12.61-52.146.1.x86_64", "SUSE Linux Enterprise Server 12-LTSS:kernel-xen-base-3.12.61-52.146.1.x86_64", "SUSE Linux Enterprise Server 12-LTSS:kernel-xen-devel-3.12.61-52.146.1.x86_64", "SUSE Linux Enterprise Server 12-LTSS:kgraft-patch-3_12_61-52_146-default-1-1.5.1.x86_64", "SUSE Linux Enterprise Server 12-LTSS:kgraft-patch-3_12_61-52_146-xen-1-1.5.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2018-17182", url: "https://www.suse.com/security/cve/CVE-2018-17182", }, { category: "external", summary: "SUSE Bug 1108399 for CVE-2018-17182", url: "https://bugzilla.suse.com/1108399", }, { category: "external", summary: "SUSE Bug 1110233 for CVE-2018-17182", url: "https://bugzilla.suse.com/1110233", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-3.12.61-52.146.1.x86_64", "SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-devel-3.12.61-52.146.1.x86_64", "SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-extra-3.12.61-52.146.1.x86_64", "SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.146.1.ppc64le", "SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.146.1.s390x", "SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.146.1.x86_64", "SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.146.1.ppc64le", "SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.146.1.s390x", "SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.146.1.x86_64", "SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.146.1.ppc64le", "SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.146.1.s390x", "SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.146.1.x86_64", "SUSE Linux Enterprise Server 12-LTSS:kernel-default-man-3.12.61-52.146.1.s390x", "SUSE Linux Enterprise Server 12-LTSS:kernel-devel-3.12.61-52.146.1.noarch", "SUSE Linux Enterprise Server 12-LTSS:kernel-macros-3.12.61-52.146.1.noarch", "SUSE Linux Enterprise Server 12-LTSS:kernel-source-3.12.61-52.146.1.noarch", "SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.146.1.ppc64le", "SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.146.1.s390x", "SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.146.1.x86_64", "SUSE Linux Enterprise Server 12-LTSS:kernel-xen-3.12.61-52.146.1.x86_64", "SUSE Linux Enterprise Server 12-LTSS:kernel-xen-base-3.12.61-52.146.1.x86_64", "SUSE Linux Enterprise Server 12-LTSS:kernel-xen-devel-3.12.61-52.146.1.x86_64", "SUSE Linux Enterprise Server 12-LTSS:kgraft-patch-3_12_61-52_146-default-1-1.5.1.x86_64", "SUSE Linux Enterprise Server 12-LTSS:kgraft-patch-3_12_61-52_146-xen-1-1.5.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 7, baseSeverity: "HIGH", vectorString: "CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H", version: "3.0", }, products: [ "SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-3.12.61-52.146.1.x86_64", "SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-devel-3.12.61-52.146.1.x86_64", "SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-extra-3.12.61-52.146.1.x86_64", "SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.146.1.ppc64le", "SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.146.1.s390x", "SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.146.1.x86_64", "SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.146.1.ppc64le", "SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.146.1.s390x", "SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.146.1.x86_64", "SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.146.1.ppc64le", "SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.146.1.s390x", "SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.146.1.x86_64", "SUSE Linux Enterprise Server 12-LTSS:kernel-default-man-3.12.61-52.146.1.s390x", "SUSE Linux Enterprise Server 12-LTSS:kernel-devel-3.12.61-52.146.1.noarch", "SUSE Linux Enterprise Server 12-LTSS:kernel-macros-3.12.61-52.146.1.noarch", "SUSE Linux Enterprise Server 12-LTSS:kernel-source-3.12.61-52.146.1.noarch", "SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.146.1.ppc64le", "SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.146.1.s390x", "SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.146.1.x86_64", "SUSE Linux Enterprise Server 12-LTSS:kernel-xen-3.12.61-52.146.1.x86_64", "SUSE Linux Enterprise Server 12-LTSS:kernel-xen-base-3.12.61-52.146.1.x86_64", "SUSE Linux Enterprise Server 12-LTSS:kernel-xen-devel-3.12.61-52.146.1.x86_64", "SUSE Linux Enterprise Server 12-LTSS:kgraft-patch-3_12_61-52_146-default-1-1.5.1.x86_64", "SUSE Linux Enterprise Server 12-LTSS:kgraft-patch-3_12_61-52_146-xen-1-1.5.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2018-10-09T11:15:29Z", details: "moderate", }, ], title: "CVE-2018-17182", }, { cve: "CVE-2018-6554", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2018-6554", }, ], notes: [ { category: "general", text: "Memory leak in the irda_bind function in net/irda/af_irda.c and later in drivers/staging/irda/net/af_irda.c in the Linux kernel before 4.17 allows local users to cause a denial of service (memory consumption) by repeatedly binding an AF_IRDA socket.", title: "CVE description", }, ], product_status: { recommended: [ "SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-3.12.61-52.146.1.x86_64", "SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-devel-3.12.61-52.146.1.x86_64", "SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-extra-3.12.61-52.146.1.x86_64", "SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.146.1.ppc64le", "SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.146.1.s390x", "SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.146.1.x86_64", "SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.146.1.ppc64le", "SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.146.1.s390x", "SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.146.1.x86_64", "SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.146.1.ppc64le", "SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.146.1.s390x", "SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.146.1.x86_64", "SUSE Linux Enterprise Server 12-LTSS:kernel-default-man-3.12.61-52.146.1.s390x", "SUSE Linux Enterprise Server 12-LTSS:kernel-devel-3.12.61-52.146.1.noarch", "SUSE Linux Enterprise Server 12-LTSS:kernel-macros-3.12.61-52.146.1.noarch", "SUSE Linux Enterprise Server 12-LTSS:kernel-source-3.12.61-52.146.1.noarch", "SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.146.1.ppc64le", "SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.146.1.s390x", "SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.146.1.x86_64", "SUSE Linux Enterprise Server 12-LTSS:kernel-xen-3.12.61-52.146.1.x86_64", "SUSE Linux Enterprise Server 12-LTSS:kernel-xen-base-3.12.61-52.146.1.x86_64", "SUSE Linux Enterprise Server 12-LTSS:kernel-xen-devel-3.12.61-52.146.1.x86_64", "SUSE Linux Enterprise Server 12-LTSS:kgraft-patch-3_12_61-52_146-default-1-1.5.1.x86_64", "SUSE Linux Enterprise Server 12-LTSS:kgraft-patch-3_12_61-52_146-xen-1-1.5.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2018-6554", url: "https://www.suse.com/security/cve/CVE-2018-6554", }, { category: "external", summary: "SUSE Bug 1106509 for CVE-2018-6554", url: "https://bugzilla.suse.com/1106509", }, { category: "external", summary: "SUSE Bug 1106511 for CVE-2018-6554", url: "https://bugzilla.suse.com/1106511", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-3.12.61-52.146.1.x86_64", "SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-devel-3.12.61-52.146.1.x86_64", "SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-extra-3.12.61-52.146.1.x86_64", "SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.146.1.ppc64le", "SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.146.1.s390x", "SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.146.1.x86_64", "SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.146.1.ppc64le", "SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.146.1.s390x", "SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.146.1.x86_64", "SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.146.1.ppc64le", "SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.146.1.s390x", "SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.146.1.x86_64", "SUSE Linux Enterprise Server 12-LTSS:kernel-default-man-3.12.61-52.146.1.s390x", "SUSE Linux Enterprise Server 12-LTSS:kernel-devel-3.12.61-52.146.1.noarch", "SUSE Linux Enterprise Server 12-LTSS:kernel-macros-3.12.61-52.146.1.noarch", "SUSE Linux Enterprise Server 12-LTSS:kernel-source-3.12.61-52.146.1.noarch", "SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.146.1.ppc64le", "SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.146.1.s390x", "SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.146.1.x86_64", "SUSE Linux Enterprise Server 12-LTSS:kernel-xen-3.12.61-52.146.1.x86_64", "SUSE Linux Enterprise Server 12-LTSS:kernel-xen-base-3.12.61-52.146.1.x86_64", "SUSE Linux Enterprise Server 12-LTSS:kernel-xen-devel-3.12.61-52.146.1.x86_64", "SUSE Linux Enterprise Server 12-LTSS:kgraft-patch-3_12_61-52_146-default-1-1.5.1.x86_64", "SUSE Linux Enterprise Server 12-LTSS:kgraft-patch-3_12_61-52_146-xen-1-1.5.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 3.3, baseSeverity: "LOW", vectorString: "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L", version: "3.0", }, products: [ "SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-3.12.61-52.146.1.x86_64", "SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-devel-3.12.61-52.146.1.x86_64", "SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-extra-3.12.61-52.146.1.x86_64", "SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.146.1.ppc64le", "SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.146.1.s390x", "SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.146.1.x86_64", "SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.146.1.ppc64le", "SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.146.1.s390x", "SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.146.1.x86_64", "SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.146.1.ppc64le", "SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.146.1.s390x", "SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.146.1.x86_64", "SUSE Linux Enterprise Server 12-LTSS:kernel-default-man-3.12.61-52.146.1.s390x", "SUSE Linux Enterprise Server 12-LTSS:kernel-devel-3.12.61-52.146.1.noarch", "SUSE Linux Enterprise Server 12-LTSS:kernel-macros-3.12.61-52.146.1.noarch", "SUSE Linux Enterprise Server 12-LTSS:kernel-source-3.12.61-52.146.1.noarch", "SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.146.1.ppc64le", "SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.146.1.s390x", "SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.146.1.x86_64", "SUSE Linux Enterprise Server 12-LTSS:kernel-xen-3.12.61-52.146.1.x86_64", "SUSE Linux Enterprise Server 12-LTSS:kernel-xen-base-3.12.61-52.146.1.x86_64", "SUSE Linux Enterprise Server 12-LTSS:kernel-xen-devel-3.12.61-52.146.1.x86_64", "SUSE Linux Enterprise Server 12-LTSS:kgraft-patch-3_12_61-52_146-default-1-1.5.1.x86_64", "SUSE Linux Enterprise Server 12-LTSS:kgraft-patch-3_12_61-52_146-xen-1-1.5.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2018-10-09T11:15:29Z", details: "low", }, ], title: "CVE-2018-6554", }, { cve: "CVE-2018-6555", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2018-6555", }, ], notes: [ { category: "general", text: "The irda_setsockopt function in net/irda/af_irda.c and later in drivers/staging/irda/net/af_irda.c in the Linux kernel before 4.17 allows local users to cause a denial of service (ias_object use-after-free and system crash) or possibly have unspecified other impact via an AF_IRDA socket.", title: "CVE description", }, ], product_status: { recommended: [ "SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-3.12.61-52.146.1.x86_64", "SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-devel-3.12.61-52.146.1.x86_64", "SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-extra-3.12.61-52.146.1.x86_64", "SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.146.1.ppc64le", "SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.146.1.s390x", "SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.146.1.x86_64", "SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.146.1.ppc64le", "SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.146.1.s390x", "SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.146.1.x86_64", "SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.146.1.ppc64le", "SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.146.1.s390x", "SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.146.1.x86_64", "SUSE Linux Enterprise Server 12-LTSS:kernel-default-man-3.12.61-52.146.1.s390x", "SUSE Linux Enterprise Server 12-LTSS:kernel-devel-3.12.61-52.146.1.noarch", "SUSE Linux Enterprise Server 12-LTSS:kernel-macros-3.12.61-52.146.1.noarch", "SUSE Linux Enterprise Server 12-LTSS:kernel-source-3.12.61-52.146.1.noarch", "SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.146.1.ppc64le", "SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.146.1.s390x", "SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.146.1.x86_64", "SUSE Linux Enterprise Server 12-LTSS:kernel-xen-3.12.61-52.146.1.x86_64", "SUSE Linux Enterprise Server 12-LTSS:kernel-xen-base-3.12.61-52.146.1.x86_64", "SUSE Linux Enterprise Server 12-LTSS:kernel-xen-devel-3.12.61-52.146.1.x86_64", "SUSE Linux Enterprise Server 12-LTSS:kgraft-patch-3_12_61-52_146-default-1-1.5.1.x86_64", "SUSE Linux Enterprise Server 12-LTSS:kgraft-patch-3_12_61-52_146-xen-1-1.5.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2018-6555", url: "https://www.suse.com/security/cve/CVE-2018-6555", }, { category: "external", summary: "SUSE Bug 1106509 for CVE-2018-6555", url: "https://bugzilla.suse.com/1106509", }, { category: "external", summary: "SUSE Bug 1106511 for CVE-2018-6555", url: "https://bugzilla.suse.com/1106511", }, { category: "external", summary: "SUSE Bug 1115893 for CVE-2018-6555", url: "https://bugzilla.suse.com/1115893", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-3.12.61-52.146.1.x86_64", "SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-devel-3.12.61-52.146.1.x86_64", "SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-extra-3.12.61-52.146.1.x86_64", "SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.146.1.ppc64le", "SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.146.1.s390x", "SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.146.1.x86_64", "SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.146.1.ppc64le", "SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.146.1.s390x", "SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.146.1.x86_64", "SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.146.1.ppc64le", "SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.146.1.s390x", "SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.146.1.x86_64", "SUSE Linux Enterprise Server 12-LTSS:kernel-default-man-3.12.61-52.146.1.s390x", "SUSE Linux Enterprise Server 12-LTSS:kernel-devel-3.12.61-52.146.1.noarch", "SUSE Linux Enterprise Server 12-LTSS:kernel-macros-3.12.61-52.146.1.noarch", "SUSE Linux Enterprise Server 12-LTSS:kernel-source-3.12.61-52.146.1.noarch", "SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.146.1.ppc64le", "SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.146.1.s390x", "SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.146.1.x86_64", "SUSE Linux Enterprise Server 12-LTSS:kernel-xen-3.12.61-52.146.1.x86_64", "SUSE Linux Enterprise Server 12-LTSS:kernel-xen-base-3.12.61-52.146.1.x86_64", "SUSE Linux Enterprise Server 12-LTSS:kernel-xen-devel-3.12.61-52.146.1.x86_64", "SUSE Linux Enterprise Server 12-LTSS:kgraft-patch-3_12_61-52_146-default-1-1.5.1.x86_64", "SUSE Linux Enterprise Server 12-LTSS:kgraft-patch-3_12_61-52_146-xen-1-1.5.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 4.4, baseSeverity: "MEDIUM", vectorString: "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:L", version: "3.0", }, products: [ "SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-3.12.61-52.146.1.x86_64", "SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-devel-3.12.61-52.146.1.x86_64", "SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-extra-3.12.61-52.146.1.x86_64", "SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.146.1.ppc64le", "SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.146.1.s390x", "SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.146.1.x86_64", "SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.146.1.ppc64le", "SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.146.1.s390x", "SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.146.1.x86_64", "SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.146.1.ppc64le", "SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.146.1.s390x", "SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.146.1.x86_64", "SUSE Linux Enterprise Server 12-LTSS:kernel-default-man-3.12.61-52.146.1.s390x", "SUSE Linux Enterprise Server 12-LTSS:kernel-devel-3.12.61-52.146.1.noarch", "SUSE Linux Enterprise Server 12-LTSS:kernel-macros-3.12.61-52.146.1.noarch", "SUSE Linux Enterprise Server 12-LTSS:kernel-source-3.12.61-52.146.1.noarch", "SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.146.1.ppc64le", "SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.146.1.s390x", "SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.146.1.x86_64", "SUSE Linux Enterprise Server 12-LTSS:kernel-xen-3.12.61-52.146.1.x86_64", "SUSE Linux Enterprise Server 12-LTSS:kernel-xen-base-3.12.61-52.146.1.x86_64", "SUSE Linux Enterprise Server 12-LTSS:kernel-xen-devel-3.12.61-52.146.1.x86_64", "SUSE Linux Enterprise Server 12-LTSS:kgraft-patch-3_12_61-52_146-default-1-1.5.1.x86_64", "SUSE Linux Enterprise Server 12-LTSS:kgraft-patch-3_12_61-52_146-xen-1-1.5.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2018-10-09T11:15:29Z", details: "moderate", }, ], title: "CVE-2018-6555", }, ], }
suse-su-2018:2862-1
Vulnerability from csaf_suse
Published
2018-09-25 15:52
Modified
2018-09-25 15:52
Summary
Security update for the Linux Kernel
Notes
Title of the patch
Security update for the Linux Kernel
Description of the patch
The SUSE Linux Enterprise 12 SP3 RT kernel was updated to 4.4.155 to receive various security and bugfixes.
The following security bugs were fixed:
- CVE-2018-13093: Prevent NULL pointer dereference and panic in lookup_slow()
on a NULL inode->i_ops pointer when doing pathwalks on a corrupted xfs image.
This occured because of a lack of proper validation that cached inodes are free
during allocation (bnc#1100001)
- CVE-2018-13095: Prevent denial of service (memory corruption and BUG) that
could have occurred for a corrupted xfs image upon encountering an inode that
is in extent format, but has more extents than fit in the inode fork
(bnc#1099999)
- CVE-2018-13094: Prevent OOPS that may have occured for a corrupted xfs image
after xfs_da_shrink_inode() is called with a NULL bp (bnc#1100000)
- CVE-2018-12896: Prevent integer overflow in the POSIX timer code that was
caused by the way the overrun accounting works. Depending on interval and
expiry time values, the overrun can be larger than INT_MAX, but the accounting
is int based. This basically made the accounting values, which are visible to
user space via timer_getoverrun(2) and siginfo::si_overrun, random. This
allowed a local user to cause a denial of service (signed integer overflow) via
crafted mmap, futex, timer_create, and timer_settime system calls (bnc#1099922)
- CVE-2018-16658: Prevent information leak in cdrom_ioctl_drive_status that
could have been used by local attackers to read kernel memory (bnc#1107689)
- CVE-2018-6555: The irda_setsockopt function allowed local users to cause a
denial of service (ias_object use-after-free and system crash) or possibly have
unspecified other impact via an AF_IRDA socket (bnc#1106511)
- CVE-2018-6554: Prevent memory leak in the irda_bind function that allowed
local users to cause a denial of service (memory consumption) by repeatedly
binding an AF_IRDA socket (bnc#1106509)
- CVE-2018-1129: A flaw was found in the way signature calculation was handled
by cephx authentication protocol. An attacker having access to ceph cluster
network who is able to alter the message payload was able to bypass signature
checks done by cephx protocol (bnc#1096748)
- CVE-2018-1128: It was found that cephx authentication protocol did not verify
ceph clients correctly and was vulnerable to replay attack. Any attacker having
access to ceph cluster network who is able to sniff packets on network can use
this vulnerability to authenticate with ceph service and perform actions
allowed by ceph service (bnc#1096748)
- CVE-2018-10938: A crafted network packet sent remotely by an attacker forced
the kernel to enter an infinite loop in the cipso_v4_optptr() function leading
to a denial-of-service (bnc#1106016)
- CVE-2018-15572: The spectre_v2_select_mitigation function did not always fill
RSB upon a context switch, which made it easier for attackers to conduct
userspace-userspace spectreRSB attacks (bnc#1102517)
- CVE-2018-10902: Protect against concurrent access to prevent double realloc
(double free) in snd_rawmidi_input_params() and snd_rawmidi_output_status(). A
malicious local attacker could have used this for privilege escalation
(bnc#1105322).
The following non-security bugs were fixed:
- 9p/net: Fix zero-copy path in the 9p virtio transport (bnc#1012382).
- 9p/virtio: fix off-by-one error in sg list bounds check (bnc#1012382).
- 9p: fix multiple NULL-pointer-dereferences (bnc#1012382).
- ACPI / LPSS: Add missing prv_offset setting for byt/cht PWM devices (bnc#1012382).
- ACPI / PM: save NVS memory for ASUS 1025C laptop (bnc#1012382).
- ACPI: save NVS memory for Lenovo G50-45 (bnc#1012382).
- ALSA: cs5535audio: Fix invalid endian conversion (bnc#1012382).
- ALSA: hda - Sleep for 10ms after entering D3 on Conexant codecs (bnc#1012382).
- ALSA: hda - Turn CX8200 into D3 as well upon reboot (bnc#1012382).
- ALSA: hda: Correct Asrock B85M-ITX power_save blacklist entry (bnc#1012382).
- ALSA: memalloc: Do not exceed over the requested size (bnc#1012382).
- ALSA: snd-aoa: add of_node_put() in error path (bsc#1099810).
- ALSA: virmidi: Fix too long output trigger loop (bnc#1012382).
- ALSA: vx222: Fix invalid endian conversions (bnc#1012382).
- ALSA: vxpocket: Fix invalid endian conversions (bnc#1012382).
- ARC: Enable machine_desc->init_per_cpu for !CONFIG_SMP (bnc#1012382).
- ARC: Explicitly add -mmedium-calls to CFLAGS (bnc#1012382).
- ARM: 8780/1: ftrace: Only set kernel memory back to read-only after boot (bnc#1012382).
- ARM: dts: Cygnus: Fix I2C controller interrupt type (bnc#1012382).
- ARM: dts: am3517.dtsi: Disable reference to OMAP3 OTG controller (bnc#1012382).
- ARM: dts: am437x: make edt-ft5x06 a wakeup source (bnc#1012382).
- ARM: dts: da850: Fix interrups property for gpio (bnc#1012382).
- ARM: dts: imx6sx: fix irq for pcie bridge (bnc#1012382).
- ARM: imx_v4_v5_defconfig: Select ULPI support (bnc#1012382).
- ARM: imx_v6_v7_defconfig: Select ULPI support (bnc#1012382).
- ARM: pxa: irq: fix handling of ICMR registers in suspend/resume (bnc#1012382).
- ARM: tegra: Fix Tegra30 Cardhu PCA954x reset (bnc#1012382).
- ASoC: Intel: cht_bsw_max98090: remove useless code, align with ChromeOS driver (git-fixes).
- ASoC: Intel: cht_bsw_max98090_ti: Fix jack initialization (bnc#1012382).
- ASoC: dpcm: do not merge format from invalid codec dai (bnc#1012382).
- ASoC: sirf: Fix potential NULL pointer dereference (bnc#1012382).
- Bluetooth: avoid killing an already killed socket (bnc#1012382).
- Bluetooth: btusb: Remove Yoga 920 from the btusb_needs_reset_resume_table (bsc#1087092).
- Bluetooth: btusb: Use DMI matching for QCA reset_resume quirking (bsc#1087092).
- HID: wacom: Correct touch maximum XY of 2nd-gen Intuos (bnc#1012382).
- IB/core: Make testing MR flags for writability a static inline function (bnc#1012382).
- IB/core: Remove duplicate declaration of gid_cache_wq (bsc#1056596).
- IB/iser: Do not reduce max_sectors (bsc#1063646).
- IB/mlx4: Fix an error handling path in 'mlx4_ib_rereg_user_mr()' (git-fixes).
- IB/mlx4: Mark user MR as writable if actual virtual memory is writable (bnc#1012382).
- IB/mlx5: Fetch soft WQE's on fatal error state (bsc#1015342 bsc#1015343).
- IB/mlx5: Use 'kvfree()' for memory allocated by 'kvzalloc()' (bsc#1015342 bsc#1015343).
- IB/ocrdma: fix out of bounds access to local buffer (bnc#1012382).
- KVM: MMU: always terminate page walks at level 1 (bsc#1062604).
- KVM: MMU: simplify last_pte_bitmap (bsc#1062604).
- KVM: VMX: Work around kABI breakage in 'enum vmx_l1d_flush_state' (bsc#1106369).
- KVM: VMX: fixes for vmentry_l1d_flush module parameter (bsc#1106369).
- KVM: arm/arm64: Skip updating PMD entry if no change (bnc#1012382).
- KVM: arm/arm64: Skip updating PTE entry if no change (bnc#1012382).
- KVM: irqfd: fix race between EPOLLHUP and irq_bypass_register_consumer (bnc#1012382).
- KVM: nVMX: update last_nonleaf_level when initializing nested EPT (bsc#1062604).
- MIPS: Correct the 64-bit DSP accumulator register size (bnc#1012382).
- MIPS: lib: Provide MIPS64r6 __multi3() for GCC < 7 (bnc#1012382).
- PCI: Skip MPS logic for Virtual Functions (VFs) (bnc#1012382).
- PCI: hotplug: Do not leak pci_slot on registration failure (bnc#1012382).
- PCI: pciehp: Fix use-after-free on unplug (bnc#1012382).
- PM / sleep: wakeup: Fix build error caused by missing SRCU support (bnc#1012382).
- RDMA/i40iw: Avoid panic when objects are being created and destroyed (bsc#969476 bsc#969477).
- RDMA/i40iw: Avoid panic when reading back the IRQ affinity hint (bsc#969476 bsc#969477).
- RDMA/i40iw: Avoid reference leaks when processing the AEQ (bsc#969476 bsc#969477).
- RDMA/i40w: Hold read semaphore while looking after VMA (bsc#1024376).
- RDMA/mlx5: Use proper spec flow label type (bsc#1015342 bsc#1015343).
- Revert 'MIPS: BCM47XX: Enable 74K Core ExternalSync for PCIe erratum' (bnc#1012382).
- Revert 'UBIFS: Fix potential integer overflow in allocation' (bnc#1012382).
- Revert 'f2fs: handle dirty segments inside refresh_sit_entry' (bsc#1106281).
- Revert 'mm: page_alloc: skip over regions of invalid pfns where possible' (bnc#1107078).
- Smack: Mark inode instant in smack_task_to_inode (bnc#1012382).
- USB: musb: fix external abort on suspend (bsc#1085536).
- USB: option: add support for DW5821e (bnc#1012382).
- USB: serial: metro-usb: stop I/O after failed open (bsc#1085539).
- USB: serial: sierra: fix potential deadlock at close (bnc#1012382).
- Workaround kABI breakage by __must_check drop of strscpy() (bsc#1107319).
- afs: Fix directory permissions check (bsc#1106283).
- arc: fix build errors in arc/include/asm/delay.h (bnc#1012382).
- arc: fix type warnings in arc/mm/cache.c (bnc#1012382).
- arm64: make secondary_start_kernel() notrace (bnc#1012382).
- arm64: mm: check for upper PAGE_SHIFT bits in pfn_valid() (bnc#1012382).
- atl1c: reserve min skb headroom (bnc#1012382).
- atm: Preserve value of skb->truesize when accounting to vcc (bsc#1089066).
- backlight: as3711_bl: Fix Device Tree node leaks (bsc#1106929).
- backlight: lm3630a: Bump REG_MAX value to 0x50 instead of 0x1F (bsc#1106929).
- bcache: avoid unncessary cache prefetch bch_btree_node_get() (bsc#1064232).
- bcache: calculate the number of incremental GC nodes according to the total of btree nodes (bsc#1064232).
- bcache: display rate debug parameters to 0 when writeback is not running (bsc#1064232).
- bcache: do not check return value of debugfs_create_dir() (bsc#1064232).
- bcache: finish incremental GC (bsc#1064232).
- bcache: fix I/O significant decline while backend devices registering (bsc#1064232).
- bcache: fix error setting writeback_rate through sysfs interface (bsc#1064232).
- bcache: free heap cache_set->flush_btree in bch_journal_free (bsc#1064232).
- bcache: make the pr_err statement used for ENOENT only in sysfs_attatch section (bsc#1064232).
- bcache: release dc->writeback_lock properly in bch_writeback_thread() (bsc#1064232).
- bcache: set max writeback rate when I/O request is idle (bsc#1064232).
- bcache: simplify the calculation of the total amount of flash dirty data (bsc#1064232).
- be2net: remove unused old custom busy-poll fields (bsc#1021121 ).
- blkdev: __blkdev_direct_IO_simple: fix leak in error case (bsc#1083663).
- block: bio_iov_iter_get_pages: fix size of last iovec (bsc#1083663).
- block: bio_iov_iter_get_pages: pin more pages for multi-segment IOs (bsc#1083663).
- bnx2x: Fix invalid memory access in rss hash config path (bnc#1012382).
- bnx2x: Fix receiving tx-timeout in error or recovery state (bnc#1012382).
- bnxt_en: Always set output parameters in bnxt_get_max_rings() (bsc#963575).
- bnxt_en: Fix for system hang if request_irq fails (bnc#1012382).
- bnxt_en: Fix inconsistent BNXT_FLAG_AGG_RINGS logic (bsc#1020412 ).
- brcmfmac: stop watchdog before detach and free everything (bnc#1012382).
- bridge: Propagate vlan add failure to user (bnc#1012382).
- btrfs: do not leak ret from do_chunk_alloc (bnc#1012382).
- btrfs: round down size diff when shrinking/growing device (bsc#1097105).
- can: mpc5xxx_can: check of_iomap return before use (bnc#1012382).
- cdrom: Fix info leak/OOB read in cdrom_ioctl_drive_status (bnc#1012382).
- ceph: fix incorrect use of strncpy (bsc#1107319).
- ceph: return errors from posix_acl_equiv_mode() correctly (bsc#1107320).
- cifs: Fix stack out-of-bounds in smb{2,3}_create_lease_buf() (bsc#1012382).
- cifs: add missing debug entries for kconfig options (bnc#1012382).
- cifs: check kmalloc before use (bsc#1012382).
- cifs: store the leaseKey in the fid on SMB2_open (bsc#1012382).
- crypto: ablkcipher - fix crash flushing dcache in error path (bnc#1012382).
- crypto: blkcipher - fix crash flushing dcache in error path (bnc#1012382).
- crypto: vmac - require a block cipher with 128-bit block size (bnc#1012382).
- crypto: vmac - separate tfm and request context (bnc#1012382).
- crypto: vmx - Fix sleep-in-atomic bugs (bsc#1048317).
- cxgb4: when disabling dcb set txq dcb priority to 0 (bnc#1012382).
- cxl: Fix wrong comparison in cxl_adapter_context_get() (bsc#1055014, git-fixes).
- dccp: fix undefined behavior with 'cwnd' shift in ccid2_cwnd_restart() (bnc#1012382).
- dm cache metadata: save in-core policy_hint_size to on-disk superblock (bnc#1012382).
- dmaengine: k3dma: Off by one in k3_of_dma_simple_xlate() (bnc#1012382).
- drivers: net: lmc: fix case value for target abort error (bnc#1012382).
- drm/armada: fix colorkey mode property (bnc#1012382).
- drm/atmel-hlcdc: check stride values in the first plane (bsc#1106929).
- drm/bridge: adv7511: Reset registers on hotplug (bnc#1012382).
- drm/drivers: add support for using the arch wc mapping API (git-fixes).
- drm/exynos/dsi: mask frame-done interrupt (bsc#1106929).
- drm/exynos: decon5433: Fix WINCONx reset value (bnc#1012382).
- drm/exynos: decon5433: Fix per-plane global alpha for XRGB modes (bnc#1012382).
- drm/exynos: gsc: Fix support for NV16/61, YUV420/YVU420 and YUV422 modes (bnc#1012382).
- drm/i915/userptr: reject zero user_size (bsc#1090888).
- drm/i915: Correctly handle limited range YCbCr data on VLV/CHV (bsc#1087092).
- drm/imx: fix typo in ipu_plane_formats (bsc#1106929).
- drm/imx: imx-ldb: check if channel is enabled before printing warning (bnc#1012382).
- drm/imx: imx-ldb: disable LDB on driver bind (bnc#1012382).
- drm/msm/hdmi: Use bitwise operators when building register values (bsc#1106929).
- drm/nouveau/gem: off by one bugs in nouveau_gem_pushbuf_reloc_apply() (bnc#1012382).
- drm/panel: type promotion bug in s6e8aa0_read_mtp_id() (bsc#1105769).
- drm: Reject getfb for multi-plane framebuffers (bsc#1106929).
- enic: do not call enic_change_mtu in enic_probe (git-fixes).
- enic: handle mtu change for vf properly (bnc#1012382).
- enic: initialize enic->rfs_h.lock in enic_probe (bnc#1012382).
- ext4: check for NUL characters in extended attribute's name (bnc#1012382).
- ext4: fix spectre gadget in ext4_mb_regular_allocator() (bnc#1012382).
- ext4: reset error code in ext4_find_entry in fallback (bnc#1012382).
- ext4: sysfs: print ext4_super_block fields as little-endian (bsc#1106229).
- fb: fix lost console when the user unplugs a USB adapter (bnc#1012382).
- fbdev: omapfb: off by one in omapfb_register_client() (bsc#1106929).
- fix __legitimize_mnt()/mntput() race (bnc#1012382).
- fix mntput/mntput race (bnc#1012382).
- fork: unconditionally clear stack on fork (bnc#1012382).
- fs/9p/xattr.c: catch the error of p9_client_clunk when setting xattr failed (bnc#1012382).
- fs/dax.c: fix inefficiency in dax_writeback_mapping_range() (bsc#1106185).
- fs/quota: Fix spectre gadget in do_quotactl (bnc#1012382).
- fs: aio: fix the increment of aio-nr and counting against aio-max-nr (bsc#1068075, bsc#1078921).
- fuse: Add missed unlock_page() to fuse_readpages_fill() (bnc#1012382).
- fuse: Do not access pipe->buffers without pipe_lock() (bnc#1012382).
- fuse: Fix oops at process_init_reply() (bnc#1012382).
- fuse: fix double request_end() (bnc#1012382).
- fuse: fix unlocked access to processing queue (bnc#1012382).
- fuse: umount should wait for all requests (bnc#1012382).
- genirq/proc: Return proper error code when irq_set_affinity() fails (bnc#1105392).
- getxattr: use correct xattr length (bnc#1012382).
- hfsplus: Do not clear SGID when inheriting ACLs (bsc#1030552).
- hwrng: exynos - Disable runtime PM on driver unbind (git-fixes).
- i2c: davinci: Avoid zero value of CLKH (bnc#1012382).
- i2c: imx: Fix race condition in dma read (bnc#1012382).
- i2c: ismt: fix wrong device address when unmap the data buffer (bnc#1012382).
- i40e: use cpumask_copy instead of direct assignment (bsc#1053685).
- i40iw: Fix memory leak in error path of create QP (bsc#969476 bsc#969477).
- i40iw: Use correct address in dst_neigh_lookup for IPv6 (bsc#969476 bsc#969477).
- ibmvnic: Include missing return code checks in reset function (bnc#1107966).
- ieee802154: at86rf230: switch from BUG_ON() to WARN_ON() on problem (bnc#1012382).
- ieee802154: at86rf230: use __func__ macro for debug messages (bnc#1012382).
- ieee802154: fakelb: switch from BUG_ON() to WARN_ON() on problem (bnc#1012382).
- igb: Fix not adding filter elements to the list (bsc#1024361 bsc#1024365).
- iio: ad9523: Fix displayed phase (bnc#1012382).
- iio: ad9523: Fix return value for ad952x_store() (bnc#1012382).
- iommu/amd: make sure TLB to be flushed before IOVA freed (bsc#1106105).
- iommu/vt-d: Add definitions for PFSID (bnc#1012382).
- iommu/vt-d: Fix dev iotlb pfsid use (bnc#1012382).
- iommu/vt-d: Ratelimit each dmar fault printing (bsc#1106105).
- ioremap: Update pgtable free interfaces with addr (bnc#1012382).
- ipv4+ipv6: Make INET*_ESP select CRYPTO_ECHAINIV (bnc#1012382).
- ipv6: mcast: fix unsolicited report interval after receiving querys (bnc#1012382).
- ipvlan: use ETH_MAX_MTU as max mtu (bsc#1033962).
- iscsi target: fix session creation failure handling (bnc#1012382).
- isdn: Disable IIOCDBGVAR (bnc#1012382).
- iw_cxgb4: remove duplicate memcpy() in c4iw_create_listen() (bsc#969476 bsc#969477).
- ixgbe: Be more careful when modifying MAC filters (bnc#1012382).
- jfs: Do not clear SGID when inheriting ACLs (bsc#1030552).
- jump_label: Add RELEASE barrier after text changes (bsc#1105271).
- jump_label: Fix concurrent static_key_enable/disable() (bsc#1105271).
- jump_label: Move CPU hotplug locking (bsc#1105271).
- jump_label: Provide hotplug context variants (bsc#1105271).
- jump_label: Reduce the size of struct static_key (bsc#1105271).
- jump_label: Reorder hotplug lock and jump_label_lock (bsc#1105271).
- jump_label: Split out code under the hotplug lock (bsc#1105271).
- jump_label: remove bug.h, atomic.h dependencies for HAVE_JUMP_LABEL (bsc#1105271).
- kABI: protect enum tcp_ca_event (kabi).
- kabi/severities: Ignore missing cpu_tss_tramp (bsc#1099597)
- kabi: x86/speculation/l1tf: Increase l1tf memory limit for Nehalem+ (bnc#1105536).
- kasan: do not emit builtin calls when sanitization is off (bnc#1012382).
- kasan: fix shadow_size calculation error in kasan_module_alloc (bnc#1012382).
- kbuild: verify that $DEPMOD is installed (bnc#1012382).
- kernel: improve spectre mitigation (bnc#1106934.
- kprobes/x86: Fix %p uses in error messages (bnc#1012382).
- kprobes: Make list and blacklist root user read only (bnc#1012382).
- l2tp: use sk_dst_check() to avoid race on sk->sk_dst_cache (bnc#1012382).
- libceph: check authorizer reply/challenge length before reading (bsc#1096748).
- libceph: factor out __ceph_x_decrypt() (bsc#1096748).
- libceph: factor out __prepare_write_connect() (bsc#1096748).
- libceph: factor out encrypt_authorizer() (bsc#1096748).
- libceph: store ceph_auth_handshake pointer in ceph_connection (bsc#1096748).
- libceph: weaken sizeof check in ceph_x_verify_authorizer_reply() (bsc#1096748).
- llc: use refcount_inc_not_zero() for llc_sap_find() (bnc#1012382).
- locking/lockdep: Do not record IRQ state within lockdep code (bnc#1012382).
- locks: pass inode pointer to locks_free_lock_context (bsc@1099832).
- locks: prink more detail when there are leaked locks (bsc#1099832).
- locks: restore a warn for leaked locks on close (bsc#1099832).
- m68k: fix 'bad page state' oops on ColdFire boot (bnc#1012382).
- mac80211: add stations tied to AP_VLANs during hw reconfig (bnc#1012382).
- md/raid10: fix that replacement cannot complete recovery after reassemble (bnc#1012382).
- media: rtl28xxu: be sure that it won't go past the array size (bsc#1050431).
- media: s5p-jpeg: fix number of components macro (bsc#1050431).
- media: staging: omap4iss: Include asm/cacheflush.h after generic includes (bnc#1012382).
- mm/hugetlb: filter out hugetlb pages if HUGEPAGE migration is not supported (bnc#1106697).
- mm/memory.c: check return value of ioremap_prot (bnc#1012382).
- mm/tlb: Remove tlb_remove_table() non-concurrent condition (bnc#1012382).
- mm: Add vm_insert_pfn_prot() (bnc#1012382).
- mm: fix cache mode tracking in vm_insert_mixed() (bnc#1012382).
- mm: x86: move _PAGE_SWP_SOFT_DIRTY from bit 7 to bit 1 (bnc#1012382).
- net/9p/client.c: version pointer uninitialized (bnc#1012382).
- net/9p/trans_fd.c: fix race-condition by flushing workqueue before the kfree() (bnc#1012382).
- net/ethernet/freescale/fman: fix cross-build error (bnc#1012382).
- net/mlx5: Add missing SET_DRIVER_VERSION command translation (bsc#1015342 bsc#1015343).
- net/mlx5: E-Switch, Include VF RDMA stats in vport statistics (bsc#966170 bsc#966172).
- net/mlx5: Eswitch, Use 'kvfree()' for memory allocated by 'kvzalloc()' (bsc#1015342 bsc#1015343).
- net/mlx5: Fix wrong size allocation for QoS ETC TC regitster (bsc#966170 bsc#966172).
- net/mlx5: Vport, Use 'kvfree()' for memory allocated by 'kvzalloc()' (bsc#966170 bsc#966172).
- net/mlx5e: Do not allow aRFS for encapsulated packets (bsc#1015342 bsc#1015343).
- net/mlx5e: Err if asked to offload TC match on frag being first (bsc#1015342 bsc#1015343).
- net/mlx5e: Fix quota counting in aRFS expire flow (bsc#1015342 bsc#1015343).
- net/mlx5e: Refine ets validation function (bsc#966170 bsc#966172).
- net: 6lowpan: fix reserved space for single frames (bnc#1012382).
- net: add skb_condense() helper (bsc#1089066).
- net: adjust skb->truesize in ___pskb_trim() (bsc#1089066).
- net: adjust skb->truesize in pskb_expand_head() (bsc#1089066).
- net: axienet: Fix double deregister of mdio (bnc#1012382).
- net: caif: Add a missing rcu_read_unlock() in caif_flow_cb (bnc#1012382).
- net: davinci_emac: match the mdio device against its compatible if possible (bnc#1012382).
- net: ena: Fix use of uninitialized DMA address bits field (bsc#1027968).
- net: hamradio: use eth_broadcast_addr (bnc#1012382).
- net: lan78xx: Fix misplaced tasklet_schedule() call (bnc#1012382).
- net: mac802154: tx: expand tailroom if necessary (bnc#1012382).
- net: prevent ISA drivers from building on PPC32 (bnc#1012382).
- net: propagate dev_get_valid_name return code (bnc#1012382).
- net: qca_spi: Avoid packet drop during initial sync (bnc#1012382).
- net: qca_spi: Fix log level if probe fails (bnc#1012382).
- net: qca_spi: Make sure the QCA7000 reset is triggered (bnc#1012382).
- net: usb: rtl8150: demote allmulti message to dev_dbg() (bnc#1012382).
- net_sched: Fix missing res info when create new tc_index filter (bnc#1012382).
- net_sched: fix NULL pointer dereference when delete tcindex filter (bnc#1012382).
- netfilter: conntrack: dccp: treat SYNC/SYNCACK as invalid if no prior state (bnc#1012382).
- netfilter: ipv6: nf_defrag: reduce struct net memory waste (bnc#1012382).
- netfilter: x_tables: set module owner for icmp(6) matches (bnc#1012382).
- netlink: do not enter direct reclaim from netlink_trim() (bsc#1042286).
- nl80211: Add a missing break in parse_station_flags (bnc#1012382).
- nvme-fc: release io queues to allow fast fail (bsc#1102486).
- nvme: if_ready checks to fail io to deleting controller (bsc#1102486).
- nvme: kABI-compliant version of nvmf_fail_nonready_command() (bsc#1102486).
- nvmet-fc: fix target sgl list on large transfers (bsc#1102486).
- osf_getdomainname(): use copy_to_user() (bnc#1012382).
- ovl: Do d_type check only if work dir creation was successful (bnc#1012382).
- ovl: Ensure upper filesystem supports d_type (bnc#1012382).
- ovl: warn instead of error if d_type is not supported (bnc#1012382).
- packet: refine ring v3 block size test to hold one frame (bnc#1012382).
- packet: reset network header if packet shorter than ll reserved space (bnc#1012382).
- parisc: Define mb() and add memory barriers to assembler unlock sequences (bnc#1012382).
- parisc: Enable CONFIG_MLONGCALLS by default (bnc#1012382).
- parisc: Remove ordered stores from syscall.S (bnc#1012382).
- parisc: Remove unnecessary barriers from spinlock.h (bnc#1012382).
- perf auxtrace: Fix queue resize (bnc#1012382).
- perf llvm-utils: Remove bashism from kernel include fetch script (bnc#1012382).
- perf report powerpc: Fix crash if callchain is empty (bnc#1012382).
- perf test session topology: Fix test on s390 (bnc#1012382).
- pinctrl: freescale: off by one in imx1_pinconf_group_dbg_show() (bnc#1012382).
- pnfs/blocklayout: off by one in bl_map_stripe() (bnc#1012382).
- powerpc/64s: Default l1d_size to 64K in RFI fallback flush (bsc#1068032, git-fixes).
- powerpc/lib: Fix the feature fixup tests to actually work (bsc#1066223).
- powerpc/pseries: Fix endianness while restoring of r3 in MCE handler (bnc#1012382).
- powerpc/topology: Get topology for shared processors at boot (bsc#1104683).
- powerpc64s: Show ori31 availability in spectre_v1 sysfs file not v2 (bsc#1068032, bsc#1080157, git-fixes).
- powerpc: Avoid code patching freed init sections (bnc#1107735).
- powerpc: make feature-fixup tests fortify-safe (bsc#1066223).
- pwm: tiehrpwm: Fix disabling of output of PWMs (bnc#1012382).
- qed: Add sanity check for SIMD fastpath handler (bnc#1012382).
- qed: Correct Multicast API to reflect existence of 256 approximate buckets (bsc#1019695 bsc#1019699 bsc#1022604).
- qed: Do not advertise DCBX_LLD_MANAGED capability (bsc#1019695 bsc#1019699 bsc#1022604).
- qed: Fix possible memory leak in Rx error path handling (bsc#1019695 bsc#1019699 bsc#1022604 ).
- qed: Fix possible race for the link state value (bnc#1012382).
- qed: Fix setting of incorrect eswitch mode (bsc#1019695 bsc#1019699 bsc#1022604).
- qed: Fix use of incorrect size in memcpy call (bsc#1019695 bsc#1019699 bsc#1022604).
- qede: Adverstise software timestamp caps when PHC is not available (bsc#1019695 bsc#1019699 bsc#1022604).
- qlge: Fix netdev features configuration (bsc#1098822).
- qlogic: check kstrtoul() for errors (bnc#1012382).
- readahead: stricter check for bdi io_pages (VM Functionality, git fixes).
- reiserfs: fix broken xattr handling (heap corruption, bad retval) (bnc#1012382).
- root dentries need RCU-delayed freeing (bnc#1012382).
- s390/kvm: fix deadlock when killed by oom (bnc#1012382).
- s390/lib: use expoline for all bcr instructions (bnc#1106934.
- s390/pci: fix out of bounds access during irq setup (bnc#1012382).
- s390/qdio: reset old sbal_state flags (bnc#1012382).
- s390/qeth: do not clobber buffer on async TX completion (bnc#1104485.
- s390/qeth: fix race when setting MAC address (bnc#1104485.
- s390: add explicit <linux/stringify.h> for jump label (bsc#1105271).
- s390: detect etoken facility (bnc#1106934.
- s390: fix br_r1_trampoline for machines without exrl (bnc#1012382 bnc#1106934.
- scripts/tar-up.sh: Do not package gitlog-excludes file Also fix the evaluation of gitlog-excludes file, too
- scsi: core: Avoid that SCSI device removal through sysfs triggers a deadlock (bnc#1012382).
- scsi: fcoe: drop frames in ELS LOGO error path (bnc#1012382).
- scsi: hpsa: limit transfer length to 1MB, not 512kB (bsc#1102346).
- scsi: libiscsi: fix possible NULL pointer dereference in case of TMF (bnc#1012382).
- scsi: sr: Avoid that opening a CD-ROM hangs with runtime power management enabled (bnc#1012382).
- scsi: sysfs: Introduce sysfs_{un,}break_active_protection() (bnc#1012382).
- scsi: vmw_pvscsi: Return DID_RESET for status SAM_STAT_COMMAND_TERMINATED (bnc#1012382).
- scsi: xen-scsifront: add error handling for xenbus_printf (bnc#1012382).
- scsi_debug: call resp_XXX function after setting host_scribble (bsc#1069138).
- scsi_debug: reset injection flags for every_nth > 0 (bsc#1069138).
- selftests/ftrace: Add snapshot and tracing_on test case (bnc#1012382).
- selftests/x86/sigreturn/64: Fix spurious failures on AMD CPUs (bnc#1012382).
- selftests: pstore: return Kselftest Skip code for skipped tests (bnc#1012382).
- selftests: static_keys: return Kselftest Skip code for skipped tests (bnc#1012382).
- selftests: sync: add config fragment for testing sync framework (bnc#1012382).
- selftests: user: return Kselftest Skip code for skipped tests (bnc#1012382).
- selftests: zram: return Kselftest Skip code for skipped tests (bnc#1012382).
- serial: 8250_dw: always set baud rate in dw8250_set_termios (bnc#1012382).
- sfc: stop the TX queue before pushing new buffers (bsc#1017967 ).
- slab: __GFP_ZERO is incompatible with a constructor (bnc#1107060).
- smb3: Do not send SMB3 SET_INFO if nothing changed (bnc#1012382).
- smb3: do not request leases in symlink creation and query (bnc#1012382).
- spi: davinci: fix a NULL pointer dereference (bnc#1012382).
- staging: android: ion: check for kref overflow (bnc#1012382).
- string: drop __must_check from strscpy() and restore strscpy() usages in cgroup (bsc#1107319).
- sys: do not hold uts_sem while accessing userspace memory (bnc#1106995).
- target_core_rbd: use RCU in free_device (bsc#1105524).
- tcp: Fix missing range_truesize enlargement in the backport (bnc#1012382).
- tcp: identify cryptic messages as TCP seq # bugs (bnc#1012382).
- tcp: remove DELAYED ACK events in DCTCP (bnc#1012382).
- timekeeping: Eliminate the stale declaration of ktime_get_raw_and_real_ts64() (bsc#969470).
- tools/power turbostat: Read extended processor family from CPUID (bnc#1012382).
- tools/power turbostat: fix -S on UP systems (bnc#1012382).
- tools: usb: ffs-test: Fix build on big endian systems (bnc#1012382).
- tpm: fix race condition in tpm_common_write() (bnc#1012382).
- tracing/blktrace: Fix to allow setting same value (bnc#1012382).
- tracing: Do not call start/stop() functions when tracing_on does not change (bnc#1012382).
- tracing: Use __printf markup to silence compiler (bnc#1012382).
- ubifs: Check data node size before truncate (bsc#1106276).
- ubifs: Fix memory leak in lprobs self-check (bsc#1106278).
- ubifs: Fix synced_i_size calculation for xattr inodes (bsc#1106275).
- ubifs: xattr: Do not operate on deleted inodes (bsc#1106271).
- udl-kms: change down_interruptible to down (bnc#1012382).
- udl-kms: fix crash due to uninitialized memory (bnc#1012382).
- udl-kms: handle allocation failure (bnc#1012382).
- udlfb: set optimal write delay (bnc#1012382).
- uprobes: Use synchronize_rcu() not synchronize_sched() (bnc#1012382).
- usb/phy: fix PPC64 build errors in phy-fsl-usb.c (bnc#1012382).
- usb: audio-v2: Correct the comment for struct uac_clock_selector_descriptor (bsc#1099810).
- usb: dwc2: debugfs: Do not touch RX FIFO during register dump (bsc#1100132).
- usb: dwc2: fix isoc split in transfer with no data (bnc#1012382).
- usb: gadget: composite: fix delayed_status race condition when set_interface (bnc#1012382).
- usb: gadget: dwc2: fix memory leak in gadget_init() (bnc#1012382).
- usb: gadget: f_uac2: fix endianness of 'struct cntrl_*_lay3' (bnc#1012382).
- usb: gadget: r8a66597: Fix a possible sleep-in-atomic-context bugs in r8a66597_queue() (bnc#1012382).
- usb: gadget: r8a66597: Fix two possible sleep-in-atomic-context bugs in init_controller() (bnc#1012382).
- usb: renesas_usbhs: gadget: fix spin_lock_init() for uep->lock (bsc#1085536).
- usb: xhci: increase CRS timeout value (bnc#1012382).
- userns: move user access out of the mutex (bnc#1012382).
- virtio_console: fix uninitialized variable use (git-fixes).
- vmw_balloon: VMCI_DOORBELL_SET does not check status (bnc#1012382).
- vmw_balloon: do not use 2MB without batching (bnc#1012382).
- vmw_balloon: fix VMCI use when balloon built into kernel (bnc#1012382).
- vmw_balloon: fix inflation of 64-bit GFNs (bnc#1012382).
- vsock: split dwork to avoid reinitializations (bnc#1012382).
- vti6: Fix dev->max_mtu setting (bsc#1033962).
- vti6: fix PMTU caching and reporting on xmit (bnc#1012382).
- x86/bugs: Move the l1tf function and define pr_fmt properly (bnc#1012382).
- x86/init: fix build with CONFIG_SWAP=n (bnc#1012382).
- x86/irqflags: Mark native_restore_fl extern inline (bnc#1012382).
- x86/mm/kmmio: Make the tracer robust against L1TF (bnc#1012382).
- x86/mm/pat: Fix L1TF stable backport for CPA (bnc#1012382).
- x86/mm/pat: Fix L1TF stable backport for CPA, 2nd call (bnc#1012382).
- x86/mm/pat: Make set_memory_np() L1TF safe (bnc#1012382).
- x86/mm: Add TLB purge to free pmd/pte page interfaces (bnc#1012382).
- x86/mm: Disable ioremap free page handling on x86-PAE (bnc#1012382).
- x86/paravirt: Fix spectre-v2 mitigations for paravirt guests (bnc#1012382).
- x86/process: Re-export start_thread() (bnc#1012382).
- x86/spectre: Add missing family 6 check to microcode check (bnc#1012382).
- x86/speculation/l1tf: Exempt zeroed PTEs from inversion (bnc#1012382).
- x86/speculation/l1tf: Extend 64bit swap file size limit (bnc#1012382).
- x86/speculation/l1tf: Fix off-by-one error when warning that system has too much RAM (bnc#1105536).
- x86/speculation/l1tf: Fix overflow in l1tf_pfn_limit() on 32bit (bnc#1012382).
- x86/speculation/l1tf: Fix up CPU feature flags (bnc#1012382).
- x86/speculation/l1tf: Fix up pte->pfn conversion for PAE (bnc#1012382).
- x86/speculation/l1tf: Increase l1tf memory limit for Nehalem+ (bnc#1105536).
- x86/speculation/l1tf: Invert all not present mappings (bnc#1012382).
- x86/speculation/l1tf: Make pmd/pud_mknotpresent() invert (bnc#1012382).
- x86/speculation/l1tf: Protect PAE swap entries against L1TF (bnc#1012382).
- x86/speculation/l1tf: Suggest what to do on systems with too much RAM (bnc#1105536).
- x86/speculation/l1tf: Unbreak !__HAVE_ARCH_PFN_MODIFY_ALLOWED architectures (bnc#1012382).
- x86/speculation: Use ARCH_CAPABILITIES to skip L1D flush on vmentry (bsc#1106369).
- xen/blkback: do not keep persistent grants too long (bsc#1085042).
- xen/blkback: move persistent grants flags to bool (bsc#1085042).
- xen/blkfront: cleanup stale persistent grants (bsc#1085042).
- xen/blkfront: reorder tests in xlblk_init() (bsc#1085042).
- xen/netfront: do not cache skb_shinfo() (bnc#1012382).
- xfrm: fix missing dst_release() after policy blocking lbcast and multicast (bnc#1012382).
- xfrm: free skb if nlsk pointer is NULL (bnc#1012382).
- xfrm_user: prevent leaking 2 bytes of kernel memory (bnc#1012382).
- xfs: Remove dead code from inode recover function (bsc#1105396).
- xfs: repair malformed inode items during log recovery (bsc#1105396).
- zswap: re-check zswap_is_full() after do zswap_shrink() (bnc#1012382).
Patchnames
SUSE-SLE-RT-12-SP3-2018-2019
Terms of use
CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).
{ document: { aggregate_severity: { namespace: "https://www.suse.com/support/security/rating/", text: "important", }, category: "csaf_security_advisory", csaf_version: "2.0", distribution: { text: "Copyright 2024 SUSE LLC. All rights reserved.", tlp: { label: "WHITE", url: "https://www.first.org/tlp/", }, }, lang: "en", notes: [ { category: "summary", text: "Security update for the Linux Kernel", title: "Title of the patch", }, { category: "description", text: "\nThe SUSE Linux Enterprise 12 SP3 RT kernel was updated to 4.4.155 to receive various security and bugfixes.\n\nThe following security bugs were fixed:\n\n- CVE-2018-13093: Prevent NULL pointer dereference and panic in lookup_slow()\n on a NULL inode->i_ops pointer when doing pathwalks on a corrupted xfs image.\n This occured because of a lack of proper validation that cached inodes are free\n during allocation (bnc#1100001)\n- CVE-2018-13095: Prevent denial of service (memory corruption and BUG) that\n could have occurred for a corrupted xfs image upon encountering an inode that\n is in extent format, but has more extents than fit in the inode fork\n (bnc#1099999)\n- CVE-2018-13094: Prevent OOPS that may have occured for a corrupted xfs image\n after xfs_da_shrink_inode() is called with a NULL bp (bnc#1100000)\n- CVE-2018-12896: Prevent integer overflow in the POSIX timer code that was\n caused by the way the overrun accounting works. Depending on interval and\n expiry time values, the overrun can be larger than INT_MAX, but the accounting\n is int based. This basically made the accounting values, which are visible to\n user space via timer_getoverrun(2) and siginfo::si_overrun, random. This\n allowed a local user to cause a denial of service (signed integer overflow) via\n crafted mmap, futex, timer_create, and timer_settime system calls (bnc#1099922)\n- CVE-2018-16658: Prevent information leak in cdrom_ioctl_drive_status that\n could have been used by local attackers to read kernel memory (bnc#1107689)\n- CVE-2018-6555: The irda_setsockopt function allowed local users to cause a\n denial of service (ias_object use-after-free and system crash) or possibly have\n unspecified other impact via an AF_IRDA socket (bnc#1106511)\n- CVE-2018-6554: Prevent memory leak in the irda_bind function that allowed\n local users to cause a denial of service (memory consumption) by repeatedly\n binding an AF_IRDA socket (bnc#1106509)\n- CVE-2018-1129: A flaw was found in the way signature calculation was handled\n by cephx authentication protocol. An attacker having access to ceph cluster\n network who is able to alter the message payload was able to bypass signature\n checks done by cephx protocol (bnc#1096748)\n- CVE-2018-1128: It was found that cephx authentication protocol did not verify\n ceph clients correctly and was vulnerable to replay attack. Any attacker having\n access to ceph cluster network who is able to sniff packets on network can use\n this vulnerability to authenticate with ceph service and perform actions\n allowed by ceph service (bnc#1096748)\n- CVE-2018-10938: A crafted network packet sent remotely by an attacker forced\n the kernel to enter an infinite loop in the cipso_v4_optptr() function leading\n to a denial-of-service (bnc#1106016)\n- CVE-2018-15572: The spectre_v2_select_mitigation function did not always fill\n RSB upon a context switch, which made it easier for attackers to conduct\n userspace-userspace spectreRSB attacks (bnc#1102517)\n- CVE-2018-10902: Protect against concurrent access to prevent double realloc\n (double free) in snd_rawmidi_input_params() and snd_rawmidi_output_status(). A\n malicious local attacker could have used this for privilege escalation\n (bnc#1105322).\n\nThe following non-security bugs were fixed:\n\n- 9p/net: Fix zero-copy path in the 9p virtio transport (bnc#1012382).\n- 9p/virtio: fix off-by-one error in sg list bounds check (bnc#1012382).\n- 9p: fix multiple NULL-pointer-dereferences (bnc#1012382).\n- ACPI / LPSS: Add missing prv_offset setting for byt/cht PWM devices (bnc#1012382).\n- ACPI / PM: save NVS memory for ASUS 1025C laptop (bnc#1012382).\n- ACPI: save NVS memory for Lenovo G50-45 (bnc#1012382).\n- ALSA: cs5535audio: Fix invalid endian conversion (bnc#1012382).\n- ALSA: hda - Sleep for 10ms after entering D3 on Conexant codecs (bnc#1012382).\n- ALSA: hda - Turn CX8200 into D3 as well upon reboot (bnc#1012382).\n- ALSA: hda: Correct Asrock B85M-ITX power_save blacklist entry (bnc#1012382).\n- ALSA: memalloc: Do not exceed over the requested size (bnc#1012382).\n- ALSA: snd-aoa: add of_node_put() in error path (bsc#1099810).\n- ALSA: virmidi: Fix too long output trigger loop (bnc#1012382).\n- ALSA: vx222: Fix invalid endian conversions (bnc#1012382).\n- ALSA: vxpocket: Fix invalid endian conversions (bnc#1012382).\n- ARC: Enable machine_desc->init_per_cpu for !CONFIG_SMP (bnc#1012382).\n- ARC: Explicitly add -mmedium-calls to CFLAGS (bnc#1012382).\n- ARM: 8780/1: ftrace: Only set kernel memory back to read-only after boot (bnc#1012382).\n- ARM: dts: Cygnus: Fix I2C controller interrupt type (bnc#1012382).\n- ARM: dts: am3517.dtsi: Disable reference to OMAP3 OTG controller (bnc#1012382).\n- ARM: dts: am437x: make edt-ft5x06 a wakeup source (bnc#1012382).\n- ARM: dts: da850: Fix interrups property for gpio (bnc#1012382).\n- ARM: dts: imx6sx: fix irq for pcie bridge (bnc#1012382).\n- ARM: imx_v4_v5_defconfig: Select ULPI support (bnc#1012382).\n- ARM: imx_v6_v7_defconfig: Select ULPI support (bnc#1012382).\n- ARM: pxa: irq: fix handling of ICMR registers in suspend/resume (bnc#1012382).\n- ARM: tegra: Fix Tegra30 Cardhu PCA954x reset (bnc#1012382).\n- ASoC: Intel: cht_bsw_max98090: remove useless code, align with ChromeOS driver (git-fixes).\n- ASoC: Intel: cht_bsw_max98090_ti: Fix jack initialization (bnc#1012382).\n- ASoC: dpcm: do not merge format from invalid codec dai (bnc#1012382).\n- ASoC: sirf: Fix potential NULL pointer dereference (bnc#1012382).\n- Bluetooth: avoid killing an already killed socket (bnc#1012382).\n- Bluetooth: btusb: Remove Yoga 920 from the btusb_needs_reset_resume_table (bsc#1087092).\n- Bluetooth: btusb: Use DMI matching for QCA reset_resume quirking (bsc#1087092).\n- HID: wacom: Correct touch maximum XY of 2nd-gen Intuos (bnc#1012382).\n- IB/core: Make testing MR flags for writability a static inline function (bnc#1012382).\n- IB/core: Remove duplicate declaration of gid_cache_wq (bsc#1056596).\n- IB/iser: Do not reduce max_sectors (bsc#1063646).\n- IB/mlx4: Fix an error handling path in 'mlx4_ib_rereg_user_mr()' (git-fixes).\n- IB/mlx4: Mark user MR as writable if actual virtual memory is writable (bnc#1012382).\n- IB/mlx5: Fetch soft WQE's on fatal error state (bsc#1015342 bsc#1015343).\n- IB/mlx5: Use 'kvfree()' for memory allocated by 'kvzalloc()' (bsc#1015342 bsc#1015343).\n- IB/ocrdma: fix out of bounds access to local buffer (bnc#1012382).\n- KVM: MMU: always terminate page walks at level 1 (bsc#1062604).\n- KVM: MMU: simplify last_pte_bitmap (bsc#1062604).\n- KVM: VMX: Work around kABI breakage in 'enum vmx_l1d_flush_state' (bsc#1106369).\n- KVM: VMX: fixes for vmentry_l1d_flush module parameter (bsc#1106369).\n- KVM: arm/arm64: Skip updating PMD entry if no change (bnc#1012382).\n- KVM: arm/arm64: Skip updating PTE entry if no change (bnc#1012382).\n- KVM: irqfd: fix race between EPOLLHUP and irq_bypass_register_consumer (bnc#1012382).\n- KVM: nVMX: update last_nonleaf_level when initializing nested EPT (bsc#1062604).\n- MIPS: Correct the 64-bit DSP accumulator register size (bnc#1012382).\n- MIPS: lib: Provide MIPS64r6 __multi3() for GCC < 7 (bnc#1012382).\n- PCI: Skip MPS logic for Virtual Functions (VFs) (bnc#1012382).\n- PCI: hotplug: Do not leak pci_slot on registration failure (bnc#1012382).\n- PCI: pciehp: Fix use-after-free on unplug (bnc#1012382).\n- PM / sleep: wakeup: Fix build error caused by missing SRCU support (bnc#1012382).\n- RDMA/i40iw: Avoid panic when objects are being created and destroyed (bsc#969476 bsc#969477).\n- RDMA/i40iw: Avoid panic when reading back the IRQ affinity hint (bsc#969476 bsc#969477).\n- RDMA/i40iw: Avoid reference leaks when processing the AEQ (bsc#969476 bsc#969477).\n- RDMA/i40w: Hold read semaphore while looking after VMA (bsc#1024376).\n- RDMA/mlx5: Use proper spec flow label type (bsc#1015342 bsc#1015343).\n- Revert 'MIPS: BCM47XX: Enable 74K Core ExternalSync for PCIe erratum' (bnc#1012382).\n- Revert 'UBIFS: Fix potential integer overflow in allocation' (bnc#1012382).\n- Revert 'f2fs: handle dirty segments inside refresh_sit_entry' (bsc#1106281).\n- Revert 'mm: page_alloc: skip over regions of invalid pfns where possible' (bnc#1107078).\n- Smack: Mark inode instant in smack_task_to_inode (bnc#1012382).\n- USB: musb: fix external abort on suspend (bsc#1085536).\n- USB: option: add support for DW5821e (bnc#1012382).\n- USB: serial: metro-usb: stop I/O after failed open (bsc#1085539).\n- USB: serial: sierra: fix potential deadlock at close (bnc#1012382).\n- Workaround kABI breakage by __must_check drop of strscpy() (bsc#1107319).\n- afs: Fix directory permissions check (bsc#1106283).\n- arc: fix build errors in arc/include/asm/delay.h (bnc#1012382).\n- arc: fix type warnings in arc/mm/cache.c (bnc#1012382).\n- arm64: make secondary_start_kernel() notrace (bnc#1012382).\n- arm64: mm: check for upper PAGE_SHIFT bits in pfn_valid() (bnc#1012382).\n- atl1c: reserve min skb headroom (bnc#1012382).\n- atm: Preserve value of skb->truesize when accounting to vcc (bsc#1089066).\n- backlight: as3711_bl: Fix Device Tree node leaks (bsc#1106929).\n- backlight: lm3630a: Bump REG_MAX value to 0x50 instead of 0x1F (bsc#1106929).\n- bcache: avoid unncessary cache prefetch bch_btree_node_get() (bsc#1064232).\n- bcache: calculate the number of incremental GC nodes according to the total of btree nodes (bsc#1064232).\n- bcache: display rate debug parameters to 0 when writeback is not running (bsc#1064232).\n- bcache: do not check return value of debugfs_create_dir() (bsc#1064232).\n- bcache: finish incremental GC (bsc#1064232).\n- bcache: fix I/O significant decline while backend devices registering (bsc#1064232).\n- bcache: fix error setting writeback_rate through sysfs interface (bsc#1064232).\n- bcache: free heap cache_set->flush_btree in bch_journal_free (bsc#1064232).\n- bcache: make the pr_err statement used for ENOENT only in sysfs_attatch section (bsc#1064232).\n- bcache: release dc->writeback_lock properly in bch_writeback_thread() (bsc#1064232).\n- bcache: set max writeback rate when I/O request is idle (bsc#1064232).\n- bcache: simplify the calculation of the total amount of flash dirty data (bsc#1064232).\n- be2net: remove unused old custom busy-poll fields (bsc#1021121 ).\n- blkdev: __blkdev_direct_IO_simple: fix leak in error case (bsc#1083663).\n- block: bio_iov_iter_get_pages: fix size of last iovec (bsc#1083663).\n- block: bio_iov_iter_get_pages: pin more pages for multi-segment IOs (bsc#1083663).\n- bnx2x: Fix invalid memory access in rss hash config path (bnc#1012382).\n- bnx2x: Fix receiving tx-timeout in error or recovery state (bnc#1012382).\n- bnxt_en: Always set output parameters in bnxt_get_max_rings() (bsc#963575).\n- bnxt_en: Fix for system hang if request_irq fails (bnc#1012382).\n- bnxt_en: Fix inconsistent BNXT_FLAG_AGG_RINGS logic (bsc#1020412 ).\n- brcmfmac: stop watchdog before detach and free everything (bnc#1012382).\n- bridge: Propagate vlan add failure to user (bnc#1012382).\n- btrfs: do not leak ret from do_chunk_alloc (bnc#1012382).\n- btrfs: round down size diff when shrinking/growing device (bsc#1097105).\n- can: mpc5xxx_can: check of_iomap return before use (bnc#1012382).\n- cdrom: Fix info leak/OOB read in cdrom_ioctl_drive_status (bnc#1012382).\n- ceph: fix incorrect use of strncpy (bsc#1107319).\n- ceph: return errors from posix_acl_equiv_mode() correctly (bsc#1107320).\n- cifs: Fix stack out-of-bounds in smb{2,3}_create_lease_buf() (bsc#1012382).\n- cifs: add missing debug entries for kconfig options (bnc#1012382).\n- cifs: check kmalloc before use (bsc#1012382).\n- cifs: store the leaseKey in the fid on SMB2_open (bsc#1012382).\n- crypto: ablkcipher - fix crash flushing dcache in error path (bnc#1012382).\n- crypto: blkcipher - fix crash flushing dcache in error path (bnc#1012382).\n- crypto: vmac - require a block cipher with 128-bit block size (bnc#1012382).\n- crypto: vmac - separate tfm and request context (bnc#1012382).\n- crypto: vmx - Fix sleep-in-atomic bugs (bsc#1048317).\n- cxgb4: when disabling dcb set txq dcb priority to 0 (bnc#1012382).\n- cxl: Fix wrong comparison in cxl_adapter_context_get() (bsc#1055014, git-fixes).\n- dccp: fix undefined behavior with 'cwnd' shift in ccid2_cwnd_restart() (bnc#1012382).\n- dm cache metadata: save in-core policy_hint_size to on-disk superblock (bnc#1012382).\n- dmaengine: k3dma: Off by one in k3_of_dma_simple_xlate() (bnc#1012382).\n- drivers: net: lmc: fix case value for target abort error (bnc#1012382).\n- drm/armada: fix colorkey mode property (bnc#1012382).\n- drm/atmel-hlcdc: check stride values in the first plane (bsc#1106929).\n- drm/bridge: adv7511: Reset registers on hotplug (bnc#1012382).\n- drm/drivers: add support for using the arch wc mapping API (git-fixes).\n- drm/exynos/dsi: mask frame-done interrupt (bsc#1106929).\n- drm/exynos: decon5433: Fix WINCONx reset value (bnc#1012382).\n- drm/exynos: decon5433: Fix per-plane global alpha for XRGB modes (bnc#1012382).\n- drm/exynos: gsc: Fix support for NV16/61, YUV420/YVU420 and YUV422 modes (bnc#1012382).\n- drm/i915/userptr: reject zero user_size (bsc#1090888).\n- drm/i915: Correctly handle limited range YCbCr data on VLV/CHV (bsc#1087092).\n- drm/imx: fix typo in ipu_plane_formats (bsc#1106929).\n- drm/imx: imx-ldb: check if channel is enabled before printing warning (bnc#1012382).\n- drm/imx: imx-ldb: disable LDB on driver bind (bnc#1012382).\n- drm/msm/hdmi: Use bitwise operators when building register values (bsc#1106929).\n- drm/nouveau/gem: off by one bugs in nouveau_gem_pushbuf_reloc_apply() (bnc#1012382).\n- drm/panel: type promotion bug in s6e8aa0_read_mtp_id() (bsc#1105769).\n- drm: Reject getfb for multi-plane framebuffers (bsc#1106929).\n- enic: do not call enic_change_mtu in enic_probe (git-fixes).\n- enic: handle mtu change for vf properly (bnc#1012382).\n- enic: initialize enic->rfs_h.lock in enic_probe (bnc#1012382).\n- ext4: check for NUL characters in extended attribute's name (bnc#1012382).\n- ext4: fix spectre gadget in ext4_mb_regular_allocator() (bnc#1012382).\n- ext4: reset error code in ext4_find_entry in fallback (bnc#1012382).\n- ext4: sysfs: print ext4_super_block fields as little-endian (bsc#1106229).\n- fb: fix lost console when the user unplugs a USB adapter (bnc#1012382).\n- fbdev: omapfb: off by one in omapfb_register_client() (bsc#1106929).\n- fix __legitimize_mnt()/mntput() race (bnc#1012382).\n- fix mntput/mntput race (bnc#1012382).\n- fork: unconditionally clear stack on fork (bnc#1012382).\n- fs/9p/xattr.c: catch the error of p9_client_clunk when setting xattr failed (bnc#1012382).\n- fs/dax.c: fix inefficiency in dax_writeback_mapping_range() (bsc#1106185).\n- fs/quota: Fix spectre gadget in do_quotactl (bnc#1012382).\n- fs: aio: fix the increment of aio-nr and counting against aio-max-nr (bsc#1068075, bsc#1078921).\n- fuse: Add missed unlock_page() to fuse_readpages_fill() (bnc#1012382).\n- fuse: Do not access pipe->buffers without pipe_lock() (bnc#1012382).\n- fuse: Fix oops at process_init_reply() (bnc#1012382).\n- fuse: fix double request_end() (bnc#1012382).\n- fuse: fix unlocked access to processing queue (bnc#1012382).\n- fuse: umount should wait for all requests (bnc#1012382).\n- genirq/proc: Return proper error code when irq_set_affinity() fails (bnc#1105392).\n- getxattr: use correct xattr length (bnc#1012382).\n- hfsplus: Do not clear SGID when inheriting ACLs (bsc#1030552).\n- hwrng: exynos - Disable runtime PM on driver unbind (git-fixes).\n- i2c: davinci: Avoid zero value of CLKH (bnc#1012382).\n- i2c: imx: Fix race condition in dma read (bnc#1012382).\n- i2c: ismt: fix wrong device address when unmap the data buffer (bnc#1012382).\n- i40e: use cpumask_copy instead of direct assignment (bsc#1053685).\n- i40iw: Fix memory leak in error path of create QP (bsc#969476 bsc#969477).\n- i40iw: Use correct address in dst_neigh_lookup for IPv6 (bsc#969476 bsc#969477).\n- ibmvnic: Include missing return code checks in reset function (bnc#1107966).\n- ieee802154: at86rf230: switch from BUG_ON() to WARN_ON() on problem (bnc#1012382).\n- ieee802154: at86rf230: use __func__ macro for debug messages (bnc#1012382).\n- ieee802154: fakelb: switch from BUG_ON() to WARN_ON() on problem (bnc#1012382).\n- igb: Fix not adding filter elements to the list (bsc#1024361 bsc#1024365).\n- iio: ad9523: Fix displayed phase (bnc#1012382).\n- iio: ad9523: Fix return value for ad952x_store() (bnc#1012382).\n- iommu/amd: make sure TLB to be flushed before IOVA freed (bsc#1106105).\n- iommu/vt-d: Add definitions for PFSID (bnc#1012382).\n- iommu/vt-d: Fix dev iotlb pfsid use (bnc#1012382).\n- iommu/vt-d: Ratelimit each dmar fault printing (bsc#1106105).\n- ioremap: Update pgtable free interfaces with addr (bnc#1012382).\n- ipv4+ipv6: Make INET*_ESP select CRYPTO_ECHAINIV (bnc#1012382).\n- ipv6: mcast: fix unsolicited report interval after receiving querys (bnc#1012382).\n- ipvlan: use ETH_MAX_MTU as max mtu (bsc#1033962).\n- iscsi target: fix session creation failure handling (bnc#1012382).\n- isdn: Disable IIOCDBGVAR (bnc#1012382).\n- iw_cxgb4: remove duplicate memcpy() in c4iw_create_listen() (bsc#969476 bsc#969477).\n- ixgbe: Be more careful when modifying MAC filters (bnc#1012382).\n- jfs: Do not clear SGID when inheriting ACLs (bsc#1030552).\n- jump_label: Add RELEASE barrier after text changes (bsc#1105271).\n- jump_label: Fix concurrent static_key_enable/disable() (bsc#1105271).\n- jump_label: Move CPU hotplug locking (bsc#1105271).\n- jump_label: Provide hotplug context variants (bsc#1105271).\n- jump_label: Reduce the size of struct static_key (bsc#1105271).\n- jump_label: Reorder hotplug lock and jump_label_lock (bsc#1105271).\n- jump_label: Split out code under the hotplug lock (bsc#1105271).\n- jump_label: remove bug.h, atomic.h dependencies for HAVE_JUMP_LABEL (bsc#1105271).\n- kABI: protect enum tcp_ca_event (kabi).\n- kabi/severities: Ignore missing cpu_tss_tramp (bsc#1099597)\n- kabi: x86/speculation/l1tf: Increase l1tf memory limit for Nehalem+ (bnc#1105536).\n- kasan: do not emit builtin calls when sanitization is off (bnc#1012382).\n- kasan: fix shadow_size calculation error in kasan_module_alloc (bnc#1012382).\n- kbuild: verify that $DEPMOD is installed (bnc#1012382).\n- kernel: improve spectre mitigation (bnc#1106934.\n- kprobes/x86: Fix %p uses in error messages (bnc#1012382).\n- kprobes: Make list and blacklist root user read only (bnc#1012382).\n- l2tp: use sk_dst_check() to avoid race on sk->sk_dst_cache (bnc#1012382).\n- libceph: check authorizer reply/challenge length before reading (bsc#1096748).\n- libceph: factor out __ceph_x_decrypt() (bsc#1096748).\n- libceph: factor out __prepare_write_connect() (bsc#1096748).\n- libceph: factor out encrypt_authorizer() (bsc#1096748).\n- libceph: store ceph_auth_handshake pointer in ceph_connection (bsc#1096748).\n- libceph: weaken sizeof check in ceph_x_verify_authorizer_reply() (bsc#1096748).\n- llc: use refcount_inc_not_zero() for llc_sap_find() (bnc#1012382).\n- locking/lockdep: Do not record IRQ state within lockdep code (bnc#1012382).\n- locks: pass inode pointer to locks_free_lock_context (bsc@1099832).\n- locks: prink more detail when there are leaked locks (bsc#1099832).\n- locks: restore a warn for leaked locks on close (bsc#1099832).\n- m68k: fix 'bad page state' oops on ColdFire boot (bnc#1012382).\n- mac80211: add stations tied to AP_VLANs during hw reconfig (bnc#1012382).\n- md/raid10: fix that replacement cannot complete recovery after reassemble (bnc#1012382).\n- media: rtl28xxu: be sure that it won't go past the array size (bsc#1050431).\n- media: s5p-jpeg: fix number of components macro (bsc#1050431).\n- media: staging: omap4iss: Include asm/cacheflush.h after generic includes (bnc#1012382).\n- mm/hugetlb: filter out hugetlb pages if HUGEPAGE migration is not supported (bnc#1106697).\n- mm/memory.c: check return value of ioremap_prot (bnc#1012382).\n- mm/tlb: Remove tlb_remove_table() non-concurrent condition (bnc#1012382).\n- mm: Add vm_insert_pfn_prot() (bnc#1012382).\n- mm: fix cache mode tracking in vm_insert_mixed() (bnc#1012382).\n- mm: x86: move _PAGE_SWP_SOFT_DIRTY from bit 7 to bit 1 (bnc#1012382).\n- net/9p/client.c: version pointer uninitialized (bnc#1012382).\n- net/9p/trans_fd.c: fix race-condition by flushing workqueue before the kfree() (bnc#1012382).\n- net/ethernet/freescale/fman: fix cross-build error (bnc#1012382).\n- net/mlx5: Add missing SET_DRIVER_VERSION command translation (bsc#1015342 bsc#1015343).\n- net/mlx5: E-Switch, Include VF RDMA stats in vport statistics (bsc#966170 bsc#966172).\n- net/mlx5: Eswitch, Use 'kvfree()' for memory allocated by 'kvzalloc()' (bsc#1015342 bsc#1015343).\n- net/mlx5: Fix wrong size allocation for QoS ETC TC regitster (bsc#966170 bsc#966172).\n- net/mlx5: Vport, Use 'kvfree()' for memory allocated by 'kvzalloc()' (bsc#966170 bsc#966172).\n- net/mlx5e: Do not allow aRFS for encapsulated packets (bsc#1015342 bsc#1015343).\n- net/mlx5e: Err if asked to offload TC match on frag being first (bsc#1015342 bsc#1015343).\n- net/mlx5e: Fix quota counting in aRFS expire flow (bsc#1015342 bsc#1015343).\n- net/mlx5e: Refine ets validation function (bsc#966170 bsc#966172).\n- net: 6lowpan: fix reserved space for single frames (bnc#1012382).\n- net: add skb_condense() helper (bsc#1089066).\n- net: adjust skb->truesize in ___pskb_trim() (bsc#1089066).\n- net: adjust skb->truesize in pskb_expand_head() (bsc#1089066).\n- net: axienet: Fix double deregister of mdio (bnc#1012382).\n- net: caif: Add a missing rcu_read_unlock() in caif_flow_cb (bnc#1012382).\n- net: davinci_emac: match the mdio device against its compatible if possible (bnc#1012382).\n- net: ena: Fix use of uninitialized DMA address bits field (bsc#1027968).\n- net: hamradio: use eth_broadcast_addr (bnc#1012382).\n- net: lan78xx: Fix misplaced tasklet_schedule() call (bnc#1012382).\n- net: mac802154: tx: expand tailroom if necessary (bnc#1012382).\n- net: prevent ISA drivers from building on PPC32 (bnc#1012382).\n- net: propagate dev_get_valid_name return code (bnc#1012382).\n- net: qca_spi: Avoid packet drop during initial sync (bnc#1012382).\n- net: qca_spi: Fix log level if probe fails (bnc#1012382).\n- net: qca_spi: Make sure the QCA7000 reset is triggered (bnc#1012382).\n- net: usb: rtl8150: demote allmulti message to dev_dbg() (bnc#1012382).\n- net_sched: Fix missing res info when create new tc_index filter (bnc#1012382).\n- net_sched: fix NULL pointer dereference when delete tcindex filter (bnc#1012382).\n- netfilter: conntrack: dccp: treat SYNC/SYNCACK as invalid if no prior state (bnc#1012382).\n- netfilter: ipv6: nf_defrag: reduce struct net memory waste (bnc#1012382).\n- netfilter: x_tables: set module owner for icmp(6) matches (bnc#1012382).\n- netlink: do not enter direct reclaim from netlink_trim() (bsc#1042286).\n- nl80211: Add a missing break in parse_station_flags (bnc#1012382).\n- nvme-fc: release io queues to allow fast fail (bsc#1102486).\n- nvme: if_ready checks to fail io to deleting controller (bsc#1102486).\n- nvme: kABI-compliant version of nvmf_fail_nonready_command() (bsc#1102486).\n- nvmet-fc: fix target sgl list on large transfers (bsc#1102486).\n- osf_getdomainname(): use copy_to_user() (bnc#1012382).\n- ovl: Do d_type check only if work dir creation was successful (bnc#1012382).\n- ovl: Ensure upper filesystem supports d_type (bnc#1012382).\n- ovl: warn instead of error if d_type is not supported (bnc#1012382).\n- packet: refine ring v3 block size test to hold one frame (bnc#1012382).\n- packet: reset network header if packet shorter than ll reserved space (bnc#1012382).\n- parisc: Define mb() and add memory barriers to assembler unlock sequences (bnc#1012382).\n- parisc: Enable CONFIG_MLONGCALLS by default (bnc#1012382).\n- parisc: Remove ordered stores from syscall.S (bnc#1012382).\n- parisc: Remove unnecessary barriers from spinlock.h (bnc#1012382).\n- perf auxtrace: Fix queue resize (bnc#1012382).\n- perf llvm-utils: Remove bashism from kernel include fetch script (bnc#1012382).\n- perf report powerpc: Fix crash if callchain is empty (bnc#1012382).\n- perf test session topology: Fix test on s390 (bnc#1012382).\n- pinctrl: freescale: off by one in imx1_pinconf_group_dbg_show() (bnc#1012382).\n- pnfs/blocklayout: off by one in bl_map_stripe() (bnc#1012382).\n- powerpc/64s: Default l1d_size to 64K in RFI fallback flush (bsc#1068032, git-fixes).\n- powerpc/lib: Fix the feature fixup tests to actually work (bsc#1066223).\n- powerpc/pseries: Fix endianness while restoring of r3 in MCE handler (bnc#1012382).\n- powerpc/topology: Get topology for shared processors at boot (bsc#1104683).\n- powerpc64s: Show ori31 availability in spectre_v1 sysfs file not v2 (bsc#1068032, bsc#1080157, git-fixes).\n- powerpc: Avoid code patching freed init sections (bnc#1107735).\n- powerpc: make feature-fixup tests fortify-safe (bsc#1066223).\n- pwm: tiehrpwm: Fix disabling of output of PWMs (bnc#1012382).\n- qed: Add sanity check for SIMD fastpath handler (bnc#1012382).\n- qed: Correct Multicast API to reflect existence of 256 approximate buckets (bsc#1019695 bsc#1019699 bsc#1022604).\n- qed: Do not advertise DCBX_LLD_MANAGED capability (bsc#1019695 bsc#1019699 bsc#1022604).\n- qed: Fix possible memory leak in Rx error path handling (bsc#1019695 bsc#1019699 bsc#1022604 ).\n- qed: Fix possible race for the link state value (bnc#1012382).\n- qed: Fix setting of incorrect eswitch mode (bsc#1019695 bsc#1019699 bsc#1022604).\n- qed: Fix use of incorrect size in memcpy call (bsc#1019695 bsc#1019699 bsc#1022604).\n- qede: Adverstise software timestamp caps when PHC is not available (bsc#1019695 bsc#1019699 bsc#1022604).\n- qlge: Fix netdev features configuration (bsc#1098822).\n- qlogic: check kstrtoul() for errors (bnc#1012382).\n- readahead: stricter check for bdi io_pages (VM Functionality, git fixes).\n- reiserfs: fix broken xattr handling (heap corruption, bad retval) (bnc#1012382).\n- root dentries need RCU-delayed freeing (bnc#1012382).\n- s390/kvm: fix deadlock when killed by oom (bnc#1012382).\n- s390/lib: use expoline for all bcr instructions (bnc#1106934.\n- s390/pci: fix out of bounds access during irq setup (bnc#1012382).\n- s390/qdio: reset old sbal_state flags (bnc#1012382).\n- s390/qeth: do not clobber buffer on async TX completion (bnc#1104485.\n- s390/qeth: fix race when setting MAC address (bnc#1104485.\n- s390: add explicit <linux/stringify.h> for jump label (bsc#1105271).\n- s390: detect etoken facility (bnc#1106934.\n- s390: fix br_r1_trampoline for machines without exrl (bnc#1012382 bnc#1106934.\n- scripts/tar-up.sh: Do not package gitlog-excludes file Also fix the evaluation of gitlog-excludes file, too\n- scsi: core: Avoid that SCSI device removal through sysfs triggers a deadlock (bnc#1012382).\n- scsi: fcoe: drop frames in ELS LOGO error path (bnc#1012382).\n- scsi: hpsa: limit transfer length to 1MB, not 512kB (bsc#1102346).\n- scsi: libiscsi: fix possible NULL pointer dereference in case of TMF (bnc#1012382).\n- scsi: sr: Avoid that opening a CD-ROM hangs with runtime power management enabled (bnc#1012382).\n- scsi: sysfs: Introduce sysfs_{un,}break_active_protection() (bnc#1012382).\n- scsi: vmw_pvscsi: Return DID_RESET for status SAM_STAT_COMMAND_TERMINATED (bnc#1012382).\n- scsi: xen-scsifront: add error handling for xenbus_printf (bnc#1012382).\n- scsi_debug: call resp_XXX function after setting host_scribble (bsc#1069138).\n- scsi_debug: reset injection flags for every_nth > 0 (bsc#1069138).\n- selftests/ftrace: Add snapshot and tracing_on test case (bnc#1012382).\n- selftests/x86/sigreturn/64: Fix spurious failures on AMD CPUs (bnc#1012382).\n- selftests: pstore: return Kselftest Skip code for skipped tests (bnc#1012382).\n- selftests: static_keys: return Kselftest Skip code for skipped tests (bnc#1012382).\n- selftests: sync: add config fragment for testing sync framework (bnc#1012382).\n- selftests: user: return Kselftest Skip code for skipped tests (bnc#1012382).\n- selftests: zram: return Kselftest Skip code for skipped tests (bnc#1012382).\n- serial: 8250_dw: always set baud rate in dw8250_set_termios (bnc#1012382).\n- sfc: stop the TX queue before pushing new buffers (bsc#1017967 ).\n- slab: __GFP_ZERO is incompatible with a constructor (bnc#1107060).\n- smb3: Do not send SMB3 SET_INFO if nothing changed (bnc#1012382).\n- smb3: do not request leases in symlink creation and query (bnc#1012382).\n- spi: davinci: fix a NULL pointer dereference (bnc#1012382).\n- staging: android: ion: check for kref overflow (bnc#1012382).\n- string: drop __must_check from strscpy() and restore strscpy() usages in cgroup (bsc#1107319).\n- sys: do not hold uts_sem while accessing userspace memory (bnc#1106995).\n- target_core_rbd: use RCU in free_device (bsc#1105524).\n- tcp: Fix missing range_truesize enlargement in the backport (bnc#1012382).\n- tcp: identify cryptic messages as TCP seq # bugs (bnc#1012382).\n- tcp: remove DELAYED ACK events in DCTCP (bnc#1012382).\n- timekeeping: Eliminate the stale declaration of ktime_get_raw_and_real_ts64() (bsc#969470).\n- tools/power turbostat: Read extended processor family from CPUID (bnc#1012382).\n- tools/power turbostat: fix -S on UP systems (bnc#1012382).\n- tools: usb: ffs-test: Fix build on big endian systems (bnc#1012382).\n- tpm: fix race condition in tpm_common_write() (bnc#1012382).\n- tracing/blktrace: Fix to allow setting same value (bnc#1012382).\n- tracing: Do not call start/stop() functions when tracing_on does not change (bnc#1012382).\n- tracing: Use __printf markup to silence compiler (bnc#1012382).\n- ubifs: Check data node size before truncate (bsc#1106276).\n- ubifs: Fix memory leak in lprobs self-check (bsc#1106278).\n- ubifs: Fix synced_i_size calculation for xattr inodes (bsc#1106275).\n- ubifs: xattr: Do not operate on deleted inodes (bsc#1106271).\n- udl-kms: change down_interruptible to down (bnc#1012382).\n- udl-kms: fix crash due to uninitialized memory (bnc#1012382).\n- udl-kms: handle allocation failure (bnc#1012382).\n- udlfb: set optimal write delay (bnc#1012382).\n- uprobes: Use synchronize_rcu() not synchronize_sched() (bnc#1012382).\n- usb/phy: fix PPC64 build errors in phy-fsl-usb.c (bnc#1012382).\n- usb: audio-v2: Correct the comment for struct uac_clock_selector_descriptor (bsc#1099810).\n- usb: dwc2: debugfs: Do not touch RX FIFO during register dump (bsc#1100132).\n- usb: dwc2: fix isoc split in transfer with no data (bnc#1012382).\n- usb: gadget: composite: fix delayed_status race condition when set_interface (bnc#1012382).\n- usb: gadget: dwc2: fix memory leak in gadget_init() (bnc#1012382).\n- usb: gadget: f_uac2: fix endianness of 'struct cntrl_*_lay3' (bnc#1012382).\n- usb: gadget: r8a66597: Fix a possible sleep-in-atomic-context bugs in r8a66597_queue() (bnc#1012382).\n- usb: gadget: r8a66597: Fix two possible sleep-in-atomic-context bugs in init_controller() (bnc#1012382).\n- usb: renesas_usbhs: gadget: fix spin_lock_init() for uep->lock (bsc#1085536).\n- usb: xhci: increase CRS timeout value (bnc#1012382).\n- userns: move user access out of the mutex (bnc#1012382).\n- virtio_console: fix uninitialized variable use (git-fixes).\n- vmw_balloon: VMCI_DOORBELL_SET does not check status (bnc#1012382).\n- vmw_balloon: do not use 2MB without batching (bnc#1012382).\n- vmw_balloon: fix VMCI use when balloon built into kernel (bnc#1012382).\n- vmw_balloon: fix inflation of 64-bit GFNs (bnc#1012382).\n- vsock: split dwork to avoid reinitializations (bnc#1012382).\n- vti6: Fix dev->max_mtu setting (bsc#1033962).\n- vti6: fix PMTU caching and reporting on xmit (bnc#1012382).\n- x86/bugs: Move the l1tf function and define pr_fmt properly (bnc#1012382).\n- x86/init: fix build with CONFIG_SWAP=n (bnc#1012382).\n- x86/irqflags: Mark native_restore_fl extern inline (bnc#1012382).\n- x86/mm/kmmio: Make the tracer robust against L1TF (bnc#1012382).\n- x86/mm/pat: Fix L1TF stable backport for CPA (bnc#1012382).\n- x86/mm/pat: Fix L1TF stable backport for CPA, 2nd call (bnc#1012382).\n- x86/mm/pat: Make set_memory_np() L1TF safe (bnc#1012382).\n- x86/mm: Add TLB purge to free pmd/pte page interfaces (bnc#1012382).\n- x86/mm: Disable ioremap free page handling on x86-PAE (bnc#1012382).\n- x86/paravirt: Fix spectre-v2 mitigations for paravirt guests (bnc#1012382).\n- x86/process: Re-export start_thread() (bnc#1012382).\n- x86/spectre: Add missing family 6 check to microcode check (bnc#1012382).\n- x86/speculation/l1tf: Exempt zeroed PTEs from inversion (bnc#1012382).\n- x86/speculation/l1tf: Extend 64bit swap file size limit (bnc#1012382).\n- x86/speculation/l1tf: Fix off-by-one error when warning that system has too much RAM (bnc#1105536).\n- x86/speculation/l1tf: Fix overflow in l1tf_pfn_limit() on 32bit (bnc#1012382).\n- x86/speculation/l1tf: Fix up CPU feature flags (bnc#1012382).\n- x86/speculation/l1tf: Fix up pte->pfn conversion for PAE (bnc#1012382).\n- x86/speculation/l1tf: Increase l1tf memory limit for Nehalem+ (bnc#1105536).\n- x86/speculation/l1tf: Invert all not present mappings (bnc#1012382).\n- x86/speculation/l1tf: Make pmd/pud_mknotpresent() invert (bnc#1012382).\n- x86/speculation/l1tf: Protect PAE swap entries against L1TF (bnc#1012382).\n- x86/speculation/l1tf: Suggest what to do on systems with too much RAM (bnc#1105536).\n- x86/speculation/l1tf: Unbreak !__HAVE_ARCH_PFN_MODIFY_ALLOWED architectures (bnc#1012382).\n- x86/speculation: Use ARCH_CAPABILITIES to skip L1D flush on vmentry (bsc#1106369).\n- xen/blkback: do not keep persistent grants too long (bsc#1085042).\n- xen/blkback: move persistent grants flags to bool (bsc#1085042).\n- xen/blkfront: cleanup stale persistent grants (bsc#1085042).\n- xen/blkfront: reorder tests in xlblk_init() (bsc#1085042).\n- xen/netfront: do not cache skb_shinfo() (bnc#1012382).\n- xfrm: fix missing dst_release() after policy blocking lbcast and multicast (bnc#1012382).\n- xfrm: free skb if nlsk pointer is NULL (bnc#1012382).\n- xfrm_user: prevent leaking 2 bytes of kernel memory (bnc#1012382).\n- xfs: Remove dead code from inode recover function (bsc#1105396).\n- xfs: repair malformed inode items during log recovery (bsc#1105396).\n- zswap: re-check zswap_is_full() after do zswap_shrink() (bnc#1012382).\n", title: "Description of the patch", }, { category: "details", text: "SUSE-SLE-RT-12-SP3-2018-2019", title: "Patchnames", }, { category: "legal_disclaimer", text: "CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).", title: "Terms of use", }, ], publisher: { category: "vendor", contact_details: "https://www.suse.com/support/security/contact/", name: "SUSE Product Security Team", namespace: "https://www.suse.com/", }, references: [ { category: "external", summary: "SUSE ratings", url: "https://www.suse.com/support/security/rating/", }, { category: "self", summary: "URL of this CSAF notice", url: "https://ftp.suse.com/pub/projects/security/csaf/suse-su-2018_2862-1.json", }, { category: "self", summary: "URL for SUSE-SU-2018:2862-1", url: "https://www.suse.com/support/update/announcement/2018/suse-su-20182862-1/", }, { category: "self", summary: "E-Mail link for SUSE-SU-2018:2862-1", url: "https://lists.suse.com/pipermail/sle-security-updates/2018-September/004600.html", }, { category: "self", summary: "SUSE Bug 1012382", url: "https://bugzilla.suse.com/1012382", }, { category: "self", summary: "SUSE Bug 1015342", url: "https://bugzilla.suse.com/1015342", }, { category: "self", summary: "SUSE Bug 1015343", url: "https://bugzilla.suse.com/1015343", }, { category: "self", summary: "SUSE Bug 1017967", url: "https://bugzilla.suse.com/1017967", }, { category: "self", summary: "SUSE Bug 1019695", url: "https://bugzilla.suse.com/1019695", }, { category: "self", summary: "SUSE Bug 1019699", url: "https://bugzilla.suse.com/1019699", }, { category: "self", summary: "SUSE Bug 1020412", url: "https://bugzilla.suse.com/1020412", }, { category: "self", summary: "SUSE Bug 1021121", url: "https://bugzilla.suse.com/1021121", }, { category: "self", summary: "SUSE Bug 1022604", url: "https://bugzilla.suse.com/1022604", }, { category: "self", summary: "SUSE Bug 1024361", url: "https://bugzilla.suse.com/1024361", }, { category: "self", summary: "SUSE Bug 1024365", url: "https://bugzilla.suse.com/1024365", }, { category: "self", summary: "SUSE Bug 1024376", url: "https://bugzilla.suse.com/1024376", }, { category: "self", summary: "SUSE Bug 1027968", url: "https://bugzilla.suse.com/1027968", }, { category: "self", summary: "SUSE Bug 1030552", url: "https://bugzilla.suse.com/1030552", }, { category: "self", summary: "SUSE Bug 1031492", url: "https://bugzilla.suse.com/1031492", }, { category: "self", summary: "SUSE Bug 1033962", url: "https://bugzilla.suse.com/1033962", }, { category: "self", summary: "SUSE Bug 1042286", url: "https://bugzilla.suse.com/1042286", }, { category: "self", summary: "SUSE Bug 1048317", url: "https://bugzilla.suse.com/1048317", }, { category: "self", summary: "SUSE Bug 1050431", url: "https://bugzilla.suse.com/1050431", }, { category: "self", summary: "SUSE Bug 1053685", url: "https://bugzilla.suse.com/1053685", }, { category: "self", summary: "SUSE Bug 1055014", url: "https://bugzilla.suse.com/1055014", }, { category: "self", summary: "SUSE Bug 1056596", url: "https://bugzilla.suse.com/1056596", }, { category: "self", summary: "SUSE Bug 1062604", url: "https://bugzilla.suse.com/1062604", }, { category: "self", summary: "SUSE Bug 1063646", url: "https://bugzilla.suse.com/1063646", }, { category: "self", summary: "SUSE Bug 1064232", url: "https://bugzilla.suse.com/1064232", }, { category: "self", summary: "SUSE Bug 1066223", url: "https://bugzilla.suse.com/1066223", }, { category: "self", summary: "SUSE Bug 1068032", url: "https://bugzilla.suse.com/1068032", }, { category: "self", summary: "SUSE Bug 1068075", url: "https://bugzilla.suse.com/1068075", }, { category: "self", summary: "SUSE Bug 1069138", url: "https://bugzilla.suse.com/1069138", }, { category: "self", summary: "SUSE Bug 1078921", url: "https://bugzilla.suse.com/1078921", }, { category: "self", summary: "SUSE Bug 1080157", url: "https://bugzilla.suse.com/1080157", }, { category: "self", summary: "SUSE Bug 1083663", url: "https://bugzilla.suse.com/1083663", }, { category: "self", summary: "SUSE Bug 1085042", url: "https://bugzilla.suse.com/1085042", }, { category: "self", summary: "SUSE Bug 1085536", url: "https://bugzilla.suse.com/1085536", }, { category: "self", summary: "SUSE Bug 1085539", url: "https://bugzilla.suse.com/1085539", }, { category: "self", summary: "SUSE Bug 1087092", url: "https://bugzilla.suse.com/1087092", }, { category: "self", summary: "SUSE Bug 1089066", url: "https://bugzilla.suse.com/1089066", }, { category: "self", summary: "SUSE Bug 1090888", url: "https://bugzilla.suse.com/1090888", }, { category: "self", summary: "SUSE Bug 1092903", url: "https://bugzilla.suse.com/1092903", }, { category: "self", summary: "SUSE Bug 1096748", url: "https://bugzilla.suse.com/1096748", }, { category: "self", summary: "SUSE Bug 1097105", url: "https://bugzilla.suse.com/1097105", }, { category: "self", summary: "SUSE Bug 1098822", url: "https://bugzilla.suse.com/1098822", }, { category: "self", summary: "SUSE Bug 1099597", url: "https://bugzilla.suse.com/1099597", }, { category: "self", summary: "SUSE Bug 1099810", url: "https://bugzilla.suse.com/1099810", }, { category: "self", summary: "SUSE Bug 1099832", url: "https://bugzilla.suse.com/1099832", }, { category: "self", summary: "SUSE Bug 1099922", url: "https://bugzilla.suse.com/1099922", }, { category: "self", summary: "SUSE Bug 1099999", url: "https://bugzilla.suse.com/1099999", }, { category: "self", summary: "SUSE Bug 1100000", url: "https://bugzilla.suse.com/1100000", }, { category: "self", summary: "SUSE Bug 1100001", url: "https://bugzilla.suse.com/1100001", }, { category: "self", summary: "SUSE Bug 1100132", url: "https://bugzilla.suse.com/1100132", }, { category: "self", summary: "SUSE Bug 1102346", url: "https://bugzilla.suse.com/1102346", }, { category: "self", summary: "SUSE Bug 1102486", url: "https://bugzilla.suse.com/1102486", }, { category: "self", summary: "SUSE Bug 1102517", url: "https://bugzilla.suse.com/1102517", }, { category: "self", summary: "SUSE Bug 1104485", url: "https://bugzilla.suse.com/1104485", }, { category: "self", summary: "SUSE Bug 1104683", url: "https://bugzilla.suse.com/1104683", }, { category: "self", summary: "SUSE Bug 1105271", url: "https://bugzilla.suse.com/1105271", }, { category: "self", summary: "SUSE Bug 1105296", url: "https://bugzilla.suse.com/1105296", }, { category: "self", summary: "SUSE Bug 1105322", url: "https://bugzilla.suse.com/1105322", }, { category: "self", summary: "SUSE Bug 1105323", url: "https://bugzilla.suse.com/1105323", }, { category: "self", summary: "SUSE Bug 1105392", url: "https://bugzilla.suse.com/1105392", }, { category: "self", summary: "SUSE Bug 1105396", url: "https://bugzilla.suse.com/1105396", }, { category: "self", summary: "SUSE Bug 1105524", url: "https://bugzilla.suse.com/1105524", }, { category: "self", summary: "SUSE Bug 1105536", url: "https://bugzilla.suse.com/1105536", }, { category: "self", summary: "SUSE Bug 1105769", url: "https://bugzilla.suse.com/1105769", }, { category: "self", summary: "SUSE Bug 1106016", url: "https://bugzilla.suse.com/1106016", }, { category: "self", summary: "SUSE Bug 1106105", url: "https://bugzilla.suse.com/1106105", }, { category: "self", summary: "SUSE Bug 1106185", url: "https://bugzilla.suse.com/1106185", }, { category: "self", summary: "SUSE Bug 1106191", url: "https://bugzilla.suse.com/1106191", }, { category: "self", summary: "SUSE Bug 1106229", url: "https://bugzilla.suse.com/1106229", }, { category: "self", summary: "SUSE Bug 1106271", url: "https://bugzilla.suse.com/1106271", }, { category: "self", summary: "SUSE Bug 1106275", url: "https://bugzilla.suse.com/1106275", }, { category: "self", summary: "SUSE Bug 1106276", url: "https://bugzilla.suse.com/1106276", }, { category: "self", summary: "SUSE Bug 1106278", url: "https://bugzilla.suse.com/1106278", }, { category: "self", summary: "SUSE Bug 1106281", url: "https://bugzilla.suse.com/1106281", }, { category: "self", summary: "SUSE Bug 1106283", url: "https://bugzilla.suse.com/1106283", }, { category: "self", summary: "SUSE Bug 1106369", url: "https://bugzilla.suse.com/1106369", }, { category: "self", summary: "SUSE Bug 1106509", url: "https://bugzilla.suse.com/1106509", }, { category: "self", summary: "SUSE Bug 1106511", url: "https://bugzilla.suse.com/1106511", }, { category: "self", summary: "SUSE Bug 1106697", url: "https://bugzilla.suse.com/1106697", }, { category: "self", summary: "SUSE Bug 1106929", url: "https://bugzilla.suse.com/1106929", }, { category: "self", summary: "SUSE Bug 1106934", url: "https://bugzilla.suse.com/1106934", }, { category: "self", summary: "SUSE Bug 1106995", url: "https://bugzilla.suse.com/1106995", }, { category: "self", summary: "SUSE Bug 1107060", url: "https://bugzilla.suse.com/1107060", }, { category: "self", summary: "SUSE Bug 1107078", url: "https://bugzilla.suse.com/1107078", }, { category: "self", summary: "SUSE Bug 1107319", url: "https://bugzilla.suse.com/1107319", }, { category: "self", summary: "SUSE Bug 1107320", url: "https://bugzilla.suse.com/1107320", }, { category: "self", summary: "SUSE Bug 1107689", url: "https://bugzilla.suse.com/1107689", }, { category: "self", summary: "SUSE Bug 1107735", url: "https://bugzilla.suse.com/1107735", }, { category: "self", summary: "SUSE Bug 1107966", url: "https://bugzilla.suse.com/1107966", }, { category: "self", summary: "SUSE Bug 963575", url: "https://bugzilla.suse.com/963575", }, { category: "self", summary: "SUSE Bug 966170", url: "https://bugzilla.suse.com/966170", }, { category: "self", summary: "SUSE Bug 966172", url: "https://bugzilla.suse.com/966172", }, { category: "self", summary: "SUSE Bug 969470", url: "https://bugzilla.suse.com/969470", }, { category: "self", summary: "SUSE Bug 969476", url: "https://bugzilla.suse.com/969476", }, { category: "self", summary: "SUSE Bug 969477", url: "https://bugzilla.suse.com/969477", }, { category: "self", summary: "SUSE CVE CVE-2018-10902 page", url: "https://www.suse.com/security/cve/CVE-2018-10902/", }, { category: "self", summary: "SUSE CVE CVE-2018-10938 page", url: "https://www.suse.com/security/cve/CVE-2018-10938/", }, { category: "self", summary: "SUSE CVE CVE-2018-1128 page", url: "https://www.suse.com/security/cve/CVE-2018-1128/", }, { category: "self", summary: "SUSE CVE CVE-2018-1129 page", url: "https://www.suse.com/security/cve/CVE-2018-1129/", }, { category: "self", summary: "SUSE CVE CVE-2018-12896 page", url: "https://www.suse.com/security/cve/CVE-2018-12896/", }, { category: "self", summary: "SUSE CVE CVE-2018-13093 page", url: "https://www.suse.com/security/cve/CVE-2018-13093/", }, { category: "self", summary: "SUSE CVE CVE-2018-13094 page", url: "https://www.suse.com/security/cve/CVE-2018-13094/", }, { category: "self", summary: "SUSE CVE CVE-2018-13095 page", url: "https://www.suse.com/security/cve/CVE-2018-13095/", }, { category: "self", summary: "SUSE CVE CVE-2018-15572 page", url: "https://www.suse.com/security/cve/CVE-2018-15572/", }, { category: "self", summary: "SUSE CVE CVE-2018-16658 page", url: "https://www.suse.com/security/cve/CVE-2018-16658/", }, { category: "self", summary: "SUSE CVE CVE-2018-6554 page", url: "https://www.suse.com/security/cve/CVE-2018-6554/", }, { category: "self", summary: "SUSE CVE CVE-2018-6555 page", url: "https://www.suse.com/security/cve/CVE-2018-6555/", }, ], title: "Security update for the Linux Kernel", tracking: { current_release_date: "2018-09-25T15:52:49Z", generator: { date: "2018-09-25T15:52:49Z", engine: { name: "cve-database.git:bin/generate-csaf.pl", version: "1", }, }, id: "SUSE-SU-2018:2862-1", initial_release_date: "2018-09-25T15:52:49Z", revision_history: [ { date: "2018-09-25T15:52:49Z", number: "1", summary: "Current version", }, ], status: "final", version: "1", }, }, product_tree: { branches: [ { branches: [ { branches: [ { category: "product_version", name: "kernel-devel-rt-4.4.155-3.23.1.noarch", product: { name: "kernel-devel-rt-4.4.155-3.23.1.noarch", product_id: "kernel-devel-rt-4.4.155-3.23.1.noarch", }, }, { category: "product_version", name: "kernel-source-rt-4.4.155-3.23.1.noarch", product: { name: "kernel-source-rt-4.4.155-3.23.1.noarch", product_id: "kernel-source-rt-4.4.155-3.23.1.noarch", }, }, ], category: "architecture", name: "noarch", }, { branches: [ { category: "product_version", name: "cluster-md-kmp-rt-4.4.155-3.23.1.x86_64", product: { name: "cluster-md-kmp-rt-4.4.155-3.23.1.x86_64", product_id: "cluster-md-kmp-rt-4.4.155-3.23.1.x86_64", }, }, { category: "product_version", name: "dlm-kmp-rt-4.4.155-3.23.1.x86_64", product: { name: "dlm-kmp-rt-4.4.155-3.23.1.x86_64", product_id: "dlm-kmp-rt-4.4.155-3.23.1.x86_64", }, }, { category: "product_version", name: "gfs2-kmp-rt-4.4.155-3.23.1.x86_64", product: { name: "gfs2-kmp-rt-4.4.155-3.23.1.x86_64", product_id: "gfs2-kmp-rt-4.4.155-3.23.1.x86_64", }, }, { category: "product_version", name: "kernel-rt-4.4.155-3.23.1.x86_64", product: { name: "kernel-rt-4.4.155-3.23.1.x86_64", product_id: "kernel-rt-4.4.155-3.23.1.x86_64", }, }, { category: "product_version", name: "kernel-rt-base-4.4.155-3.23.1.x86_64", product: { name: "kernel-rt-base-4.4.155-3.23.1.x86_64", product_id: "kernel-rt-base-4.4.155-3.23.1.x86_64", }, }, { category: "product_version", name: "kernel-rt-devel-4.4.155-3.23.1.x86_64", product: { name: "kernel-rt-devel-4.4.155-3.23.1.x86_64", product_id: "kernel-rt-devel-4.4.155-3.23.1.x86_64", }, }, { category: "product_version", name: "kernel-rt_debug-devel-4.4.155-3.23.1.x86_64", product: { name: "kernel-rt_debug-devel-4.4.155-3.23.1.x86_64", product_id: "kernel-rt_debug-devel-4.4.155-3.23.1.x86_64", }, }, { category: "product_version", name: "kernel-syms-rt-4.4.155-3.23.1.x86_64", product: { name: "kernel-syms-rt-4.4.155-3.23.1.x86_64", product_id: "kernel-syms-rt-4.4.155-3.23.1.x86_64", }, }, { category: "product_version", name: "ocfs2-kmp-rt-4.4.155-3.23.1.x86_64", product: { name: "ocfs2-kmp-rt-4.4.155-3.23.1.x86_64", product_id: "ocfs2-kmp-rt-4.4.155-3.23.1.x86_64", }, }, ], category: "architecture", name: "x86_64", }, { branches: [ { category: "product_name", name: "SUSE Linux Enterprise Real Time 12 SP3", product: { name: "SUSE Linux Enterprise Real Time 12 SP3", product_id: "SUSE Linux Enterprise Real Time 12 SP3", product_identification_helper: { cpe: "cpe:/o:suse:suse-linux-enterprise-rt:12:sp3", }, }, }, ], category: "product_family", name: "SUSE Linux Enterprise", }, ], category: "vendor", name: "SUSE", }, ], relationships: [ { category: "default_component_of", full_product_name: { name: "cluster-md-kmp-rt-4.4.155-3.23.1.x86_64 as component of SUSE Linux Enterprise Real Time 12 SP3", product_id: "SUSE Linux Enterprise Real Time 12 SP3:cluster-md-kmp-rt-4.4.155-3.23.1.x86_64", }, product_reference: "cluster-md-kmp-rt-4.4.155-3.23.1.x86_64", relates_to_product_reference: "SUSE Linux Enterprise Real Time 12 SP3", }, { category: "default_component_of", full_product_name: { name: "dlm-kmp-rt-4.4.155-3.23.1.x86_64 as component of SUSE Linux Enterprise Real Time 12 SP3", product_id: "SUSE Linux Enterprise Real Time 12 SP3:dlm-kmp-rt-4.4.155-3.23.1.x86_64", }, product_reference: "dlm-kmp-rt-4.4.155-3.23.1.x86_64", relates_to_product_reference: "SUSE Linux Enterprise Real Time 12 SP3", }, { category: "default_component_of", full_product_name: { name: "gfs2-kmp-rt-4.4.155-3.23.1.x86_64 as component of SUSE Linux Enterprise Real Time 12 SP3", product_id: "SUSE Linux Enterprise Real Time 12 SP3:gfs2-kmp-rt-4.4.155-3.23.1.x86_64", }, product_reference: "gfs2-kmp-rt-4.4.155-3.23.1.x86_64", relates_to_product_reference: "SUSE Linux Enterprise Real Time 12 SP3", }, { category: "default_component_of", full_product_name: { name: "kernel-devel-rt-4.4.155-3.23.1.noarch as component of SUSE Linux Enterprise Real Time 12 SP3", product_id: "SUSE Linux Enterprise Real Time 12 SP3:kernel-devel-rt-4.4.155-3.23.1.noarch", }, product_reference: "kernel-devel-rt-4.4.155-3.23.1.noarch", relates_to_product_reference: "SUSE Linux Enterprise Real Time 12 SP3", }, { category: "default_component_of", full_product_name: { name: "kernel-rt-4.4.155-3.23.1.x86_64 as component of SUSE Linux Enterprise Real Time 12 SP3", product_id: "SUSE Linux Enterprise Real Time 12 SP3:kernel-rt-4.4.155-3.23.1.x86_64", }, product_reference: "kernel-rt-4.4.155-3.23.1.x86_64", relates_to_product_reference: "SUSE Linux Enterprise Real Time 12 SP3", }, { category: "default_component_of", full_product_name: { name: "kernel-rt-base-4.4.155-3.23.1.x86_64 as component of SUSE Linux Enterprise Real Time 12 SP3", product_id: "SUSE Linux Enterprise Real Time 12 SP3:kernel-rt-base-4.4.155-3.23.1.x86_64", }, product_reference: "kernel-rt-base-4.4.155-3.23.1.x86_64", relates_to_product_reference: "SUSE Linux Enterprise Real Time 12 SP3", }, { category: "default_component_of", full_product_name: { name: "kernel-rt-devel-4.4.155-3.23.1.x86_64 as component of SUSE Linux Enterprise Real Time 12 SP3", product_id: "SUSE Linux Enterprise Real Time 12 SP3:kernel-rt-devel-4.4.155-3.23.1.x86_64", }, product_reference: "kernel-rt-devel-4.4.155-3.23.1.x86_64", relates_to_product_reference: "SUSE Linux Enterprise Real Time 12 SP3", }, { category: "default_component_of", full_product_name: { name: "kernel-rt_debug-devel-4.4.155-3.23.1.x86_64 as component of SUSE Linux Enterprise Real Time 12 SP3", product_id: "SUSE Linux Enterprise Real Time 12 SP3:kernel-rt_debug-devel-4.4.155-3.23.1.x86_64", }, product_reference: "kernel-rt_debug-devel-4.4.155-3.23.1.x86_64", relates_to_product_reference: "SUSE Linux Enterprise Real Time 12 SP3", }, { category: "default_component_of", full_product_name: { name: "kernel-source-rt-4.4.155-3.23.1.noarch as component of SUSE Linux Enterprise Real Time 12 SP3", product_id: "SUSE Linux Enterprise Real Time 12 SP3:kernel-source-rt-4.4.155-3.23.1.noarch", }, product_reference: "kernel-source-rt-4.4.155-3.23.1.noarch", relates_to_product_reference: "SUSE Linux Enterprise Real Time 12 SP3", }, { category: "default_component_of", full_product_name: { name: "kernel-syms-rt-4.4.155-3.23.1.x86_64 as component of SUSE Linux Enterprise Real Time 12 SP3", product_id: "SUSE Linux Enterprise Real Time 12 SP3:kernel-syms-rt-4.4.155-3.23.1.x86_64", }, product_reference: "kernel-syms-rt-4.4.155-3.23.1.x86_64", relates_to_product_reference: "SUSE Linux Enterprise Real Time 12 SP3", }, { category: "default_component_of", full_product_name: { name: "ocfs2-kmp-rt-4.4.155-3.23.1.x86_64 as component of SUSE Linux Enterprise Real Time 12 SP3", product_id: "SUSE Linux Enterprise Real Time 12 SP3:ocfs2-kmp-rt-4.4.155-3.23.1.x86_64", }, product_reference: "ocfs2-kmp-rt-4.4.155-3.23.1.x86_64", relates_to_product_reference: "SUSE Linux Enterprise Real Time 12 SP3", }, ], }, vulnerabilities: [ { cve: "CVE-2018-10902", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2018-10902", }, ], notes: [ { category: "general", text: "It was found that the raw midi kernel driver does not protect against concurrent access which leads to a double realloc (double free) in snd_rawmidi_input_params() and snd_rawmidi_output_status() which are part of snd_rawmidi_ioctl() handler in rawmidi.c file. A malicious local attacker could possibly use this for privilege escalation.", title: "CVE description", }, ], product_status: { recommended: [ "SUSE Linux Enterprise Real Time 12 SP3:cluster-md-kmp-rt-4.4.155-3.23.1.x86_64", "SUSE Linux Enterprise Real Time 12 SP3:dlm-kmp-rt-4.4.155-3.23.1.x86_64", "SUSE Linux Enterprise Real Time 12 SP3:gfs2-kmp-rt-4.4.155-3.23.1.x86_64", "SUSE Linux Enterprise Real Time 12 SP3:kernel-devel-rt-4.4.155-3.23.1.noarch", "SUSE Linux Enterprise Real Time 12 SP3:kernel-rt-4.4.155-3.23.1.x86_64", "SUSE Linux Enterprise Real Time 12 SP3:kernel-rt-base-4.4.155-3.23.1.x86_64", "SUSE Linux Enterprise Real Time 12 SP3:kernel-rt-devel-4.4.155-3.23.1.x86_64", "SUSE Linux Enterprise Real Time 12 SP3:kernel-rt_debug-devel-4.4.155-3.23.1.x86_64", "SUSE Linux Enterprise Real Time 12 SP3:kernel-source-rt-4.4.155-3.23.1.noarch", "SUSE Linux Enterprise Real Time 12 SP3:kernel-syms-rt-4.4.155-3.23.1.x86_64", "SUSE Linux Enterprise Real Time 12 SP3:ocfs2-kmp-rt-4.4.155-3.23.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2018-10902", url: "https://www.suse.com/security/cve/CVE-2018-10902", }, { category: "external", summary: "SUSE Bug 1105322 for CVE-2018-10902", url: "https://bugzilla.suse.com/1105322", }, { category: "external", summary: "SUSE Bug 1105323 for CVE-2018-10902", url: "https://bugzilla.suse.com/1105323", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE Linux Enterprise Real Time 12 SP3:cluster-md-kmp-rt-4.4.155-3.23.1.x86_64", "SUSE Linux Enterprise Real Time 12 SP3:dlm-kmp-rt-4.4.155-3.23.1.x86_64", "SUSE Linux Enterprise Real Time 12 SP3:gfs2-kmp-rt-4.4.155-3.23.1.x86_64", "SUSE Linux Enterprise Real Time 12 SP3:kernel-devel-rt-4.4.155-3.23.1.noarch", "SUSE Linux Enterprise Real Time 12 SP3:kernel-rt-4.4.155-3.23.1.x86_64", "SUSE Linux Enterprise Real Time 12 SP3:kernel-rt-base-4.4.155-3.23.1.x86_64", "SUSE Linux Enterprise Real Time 12 SP3:kernel-rt-devel-4.4.155-3.23.1.x86_64", "SUSE Linux Enterprise Real Time 12 SP3:kernel-rt_debug-devel-4.4.155-3.23.1.x86_64", "SUSE Linux Enterprise Real Time 12 SP3:kernel-source-rt-4.4.155-3.23.1.noarch", "SUSE Linux Enterprise Real Time 12 SP3:kernel-syms-rt-4.4.155-3.23.1.x86_64", "SUSE Linux Enterprise Real Time 12 SP3:ocfs2-kmp-rt-4.4.155-3.23.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 7, baseSeverity: "HIGH", vectorString: "CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H", version: "3.0", }, products: [ "SUSE Linux Enterprise Real Time 12 SP3:cluster-md-kmp-rt-4.4.155-3.23.1.x86_64", "SUSE Linux Enterprise Real Time 12 SP3:dlm-kmp-rt-4.4.155-3.23.1.x86_64", "SUSE Linux Enterprise Real Time 12 SP3:gfs2-kmp-rt-4.4.155-3.23.1.x86_64", "SUSE Linux Enterprise Real Time 12 SP3:kernel-devel-rt-4.4.155-3.23.1.noarch", "SUSE Linux Enterprise Real Time 12 SP3:kernel-rt-4.4.155-3.23.1.x86_64", "SUSE Linux Enterprise Real Time 12 SP3:kernel-rt-base-4.4.155-3.23.1.x86_64", "SUSE Linux Enterprise Real Time 12 SP3:kernel-rt-devel-4.4.155-3.23.1.x86_64", "SUSE Linux Enterprise Real Time 12 SP3:kernel-rt_debug-devel-4.4.155-3.23.1.x86_64", "SUSE Linux Enterprise Real Time 12 SP3:kernel-source-rt-4.4.155-3.23.1.noarch", "SUSE Linux Enterprise Real Time 12 SP3:kernel-syms-rt-4.4.155-3.23.1.x86_64", "SUSE Linux Enterprise Real Time 12 SP3:ocfs2-kmp-rt-4.4.155-3.23.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2018-09-25T15:52:49Z", details: "moderate", }, ], title: "CVE-2018-10902", }, { cve: "CVE-2018-10938", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2018-10938", }, ], notes: [ { category: "general", text: "A flaw was found in the Linux kernel present since v4.0-rc1 and through v4.13-rc4. A crafted network packet sent remotely by an attacker may force the kernel to enter an infinite loop in the cipso_v4_optptr() function in net/ipv4/cipso_ipv4.c leading to a denial-of-service. A certain non-default configuration of LSM (Linux Security Module) and NetLabel should be set up on a system before an attacker could leverage this flaw.", title: "CVE description", }, ], product_status: { recommended: [ "SUSE Linux Enterprise Real Time 12 SP3:cluster-md-kmp-rt-4.4.155-3.23.1.x86_64", "SUSE Linux Enterprise Real Time 12 SP3:dlm-kmp-rt-4.4.155-3.23.1.x86_64", "SUSE Linux Enterprise Real Time 12 SP3:gfs2-kmp-rt-4.4.155-3.23.1.x86_64", "SUSE Linux Enterprise Real Time 12 SP3:kernel-devel-rt-4.4.155-3.23.1.noarch", "SUSE Linux Enterprise Real Time 12 SP3:kernel-rt-4.4.155-3.23.1.x86_64", "SUSE Linux Enterprise Real Time 12 SP3:kernel-rt-base-4.4.155-3.23.1.x86_64", "SUSE Linux Enterprise Real Time 12 SP3:kernel-rt-devel-4.4.155-3.23.1.x86_64", "SUSE Linux Enterprise Real Time 12 SP3:kernel-rt_debug-devel-4.4.155-3.23.1.x86_64", "SUSE Linux Enterprise Real Time 12 SP3:kernel-source-rt-4.4.155-3.23.1.noarch", "SUSE Linux Enterprise Real Time 12 SP3:kernel-syms-rt-4.4.155-3.23.1.x86_64", "SUSE Linux Enterprise Real Time 12 SP3:ocfs2-kmp-rt-4.4.155-3.23.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2018-10938", url: "https://www.suse.com/security/cve/CVE-2018-10938", }, { category: "external", summary: "SUSE Bug 1106016 for CVE-2018-10938", url: "https://bugzilla.suse.com/1106016", }, { category: "external", summary: "SUSE Bug 1106191 for CVE-2018-10938", url: "https://bugzilla.suse.com/1106191", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE Linux Enterprise Real Time 12 SP3:cluster-md-kmp-rt-4.4.155-3.23.1.x86_64", "SUSE Linux Enterprise Real Time 12 SP3:dlm-kmp-rt-4.4.155-3.23.1.x86_64", "SUSE Linux Enterprise Real Time 12 SP3:gfs2-kmp-rt-4.4.155-3.23.1.x86_64", "SUSE Linux Enterprise Real Time 12 SP3:kernel-devel-rt-4.4.155-3.23.1.noarch", "SUSE Linux Enterprise Real Time 12 SP3:kernel-rt-4.4.155-3.23.1.x86_64", "SUSE Linux Enterprise Real Time 12 SP3:kernel-rt-base-4.4.155-3.23.1.x86_64", "SUSE Linux Enterprise Real Time 12 SP3:kernel-rt-devel-4.4.155-3.23.1.x86_64", "SUSE Linux Enterprise Real Time 12 SP3:kernel-rt_debug-devel-4.4.155-3.23.1.x86_64", "SUSE Linux Enterprise Real Time 12 SP3:kernel-source-rt-4.4.155-3.23.1.noarch", "SUSE Linux Enterprise Real Time 12 SP3:kernel-syms-rt-4.4.155-3.23.1.x86_64", "SUSE Linux Enterprise Real Time 12 SP3:ocfs2-kmp-rt-4.4.155-3.23.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 7.5, baseSeverity: "HIGH", vectorString: "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", version: "3.0", }, products: [ "SUSE Linux Enterprise Real Time 12 SP3:cluster-md-kmp-rt-4.4.155-3.23.1.x86_64", "SUSE Linux Enterprise Real Time 12 SP3:dlm-kmp-rt-4.4.155-3.23.1.x86_64", "SUSE Linux Enterprise Real Time 12 SP3:gfs2-kmp-rt-4.4.155-3.23.1.x86_64", "SUSE Linux Enterprise Real Time 12 SP3:kernel-devel-rt-4.4.155-3.23.1.noarch", "SUSE Linux Enterprise Real Time 12 SP3:kernel-rt-4.4.155-3.23.1.x86_64", "SUSE Linux Enterprise Real Time 12 SP3:kernel-rt-base-4.4.155-3.23.1.x86_64", "SUSE Linux Enterprise Real Time 12 SP3:kernel-rt-devel-4.4.155-3.23.1.x86_64", "SUSE Linux Enterprise Real Time 12 SP3:kernel-rt_debug-devel-4.4.155-3.23.1.x86_64", "SUSE Linux Enterprise Real Time 12 SP3:kernel-source-rt-4.4.155-3.23.1.noarch", "SUSE Linux Enterprise Real Time 12 SP3:kernel-syms-rt-4.4.155-3.23.1.x86_64", "SUSE Linux Enterprise Real Time 12 SP3:ocfs2-kmp-rt-4.4.155-3.23.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2018-09-25T15:52:49Z", details: "important", }, ], title: "CVE-2018-10938", }, { cve: "CVE-2018-1128", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2018-1128", }, ], notes: [ { category: "general", text: "It was found that cephx authentication protocol did not verify ceph clients correctly and was vulnerable to replay attack. Any attacker having access to ceph cluster network who is able to sniff packets on network can use this vulnerability to authenticate with ceph service and perform actions allowed by ceph service. Ceph branches master, mimic, luminous and jewel are believed to be vulnerable.", title: "CVE description", }, ], product_status: { recommended: [ "SUSE Linux Enterprise Real Time 12 SP3:cluster-md-kmp-rt-4.4.155-3.23.1.x86_64", "SUSE Linux Enterprise Real Time 12 SP3:dlm-kmp-rt-4.4.155-3.23.1.x86_64", "SUSE Linux Enterprise Real Time 12 SP3:gfs2-kmp-rt-4.4.155-3.23.1.x86_64", "SUSE Linux Enterprise Real Time 12 SP3:kernel-devel-rt-4.4.155-3.23.1.noarch", "SUSE Linux Enterprise Real Time 12 SP3:kernel-rt-4.4.155-3.23.1.x86_64", "SUSE Linux Enterprise Real Time 12 SP3:kernel-rt-base-4.4.155-3.23.1.x86_64", "SUSE Linux Enterprise Real Time 12 SP3:kernel-rt-devel-4.4.155-3.23.1.x86_64", "SUSE Linux Enterprise Real Time 12 SP3:kernel-rt_debug-devel-4.4.155-3.23.1.x86_64", "SUSE Linux Enterprise Real Time 12 SP3:kernel-source-rt-4.4.155-3.23.1.noarch", "SUSE Linux Enterprise Real Time 12 SP3:kernel-syms-rt-4.4.155-3.23.1.x86_64", "SUSE Linux Enterprise Real Time 12 SP3:ocfs2-kmp-rt-4.4.155-3.23.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2018-1128", url: "https://www.suse.com/security/cve/CVE-2018-1128", }, { category: "external", summary: "SUSE Bug 1096748 for CVE-2018-1128", url: "https://bugzilla.suse.com/1096748", }, { category: "external", summary: "SUSE Bug 1114710 for CVE-2018-1128", url: "https://bugzilla.suse.com/1114710", }, { category: "external", summary: "SUSE Bug 1177843 for CVE-2018-1128", url: "https://bugzilla.suse.com/1177843", }, { category: "external", summary: "SUSE Bug 1177859 for CVE-2018-1128", url: "https://bugzilla.suse.com/1177859", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE Linux Enterprise Real Time 12 SP3:cluster-md-kmp-rt-4.4.155-3.23.1.x86_64", "SUSE Linux Enterprise Real Time 12 SP3:dlm-kmp-rt-4.4.155-3.23.1.x86_64", "SUSE Linux Enterprise Real Time 12 SP3:gfs2-kmp-rt-4.4.155-3.23.1.x86_64", "SUSE Linux Enterprise Real Time 12 SP3:kernel-devel-rt-4.4.155-3.23.1.noarch", "SUSE Linux Enterprise Real Time 12 SP3:kernel-rt-4.4.155-3.23.1.x86_64", "SUSE Linux Enterprise Real Time 12 SP3:kernel-rt-base-4.4.155-3.23.1.x86_64", "SUSE Linux Enterprise Real Time 12 SP3:kernel-rt-devel-4.4.155-3.23.1.x86_64", "SUSE Linux Enterprise Real Time 12 SP3:kernel-rt_debug-devel-4.4.155-3.23.1.x86_64", "SUSE Linux Enterprise Real Time 12 SP3:kernel-source-rt-4.4.155-3.23.1.noarch", "SUSE Linux Enterprise Real Time 12 SP3:kernel-syms-rt-4.4.155-3.23.1.x86_64", "SUSE Linux Enterprise Real Time 12 SP3:ocfs2-kmp-rt-4.4.155-3.23.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 8.3, baseSeverity: "HIGH", vectorString: "CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:L", version: "3.0", }, products: [ "SUSE Linux Enterprise Real Time 12 SP3:cluster-md-kmp-rt-4.4.155-3.23.1.x86_64", "SUSE Linux Enterprise Real Time 12 SP3:dlm-kmp-rt-4.4.155-3.23.1.x86_64", "SUSE Linux Enterprise Real Time 12 SP3:gfs2-kmp-rt-4.4.155-3.23.1.x86_64", "SUSE Linux Enterprise Real Time 12 SP3:kernel-devel-rt-4.4.155-3.23.1.noarch", "SUSE Linux Enterprise Real Time 12 SP3:kernel-rt-4.4.155-3.23.1.x86_64", "SUSE Linux Enterprise Real Time 12 SP3:kernel-rt-base-4.4.155-3.23.1.x86_64", "SUSE Linux Enterprise Real Time 12 SP3:kernel-rt-devel-4.4.155-3.23.1.x86_64", "SUSE Linux Enterprise Real Time 12 SP3:kernel-rt_debug-devel-4.4.155-3.23.1.x86_64", "SUSE Linux Enterprise Real Time 12 SP3:kernel-source-rt-4.4.155-3.23.1.noarch", "SUSE Linux Enterprise Real Time 12 SP3:kernel-syms-rt-4.4.155-3.23.1.x86_64", "SUSE Linux Enterprise Real Time 12 SP3:ocfs2-kmp-rt-4.4.155-3.23.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2018-09-25T15:52:49Z", details: "important", }, ], title: "CVE-2018-1128", }, { cve: "CVE-2018-1129", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2018-1129", }, ], notes: [ { category: "general", text: "A flaw was found in the way signature calculation was handled by cephx authentication protocol. An attacker having access to ceph cluster network who is able to alter the message payload was able to bypass signature checks done by cephx protocol. Ceph branches master, mimic, luminous and jewel are believed to be vulnerable.", title: "CVE description", }, ], product_status: { recommended: [ "SUSE Linux Enterprise Real Time 12 SP3:cluster-md-kmp-rt-4.4.155-3.23.1.x86_64", "SUSE Linux Enterprise Real Time 12 SP3:dlm-kmp-rt-4.4.155-3.23.1.x86_64", "SUSE Linux Enterprise Real Time 12 SP3:gfs2-kmp-rt-4.4.155-3.23.1.x86_64", "SUSE Linux Enterprise Real Time 12 SP3:kernel-devel-rt-4.4.155-3.23.1.noarch", "SUSE Linux Enterprise Real Time 12 SP3:kernel-rt-4.4.155-3.23.1.x86_64", "SUSE Linux Enterprise Real Time 12 SP3:kernel-rt-base-4.4.155-3.23.1.x86_64", "SUSE Linux Enterprise Real Time 12 SP3:kernel-rt-devel-4.4.155-3.23.1.x86_64", "SUSE Linux Enterprise Real Time 12 SP3:kernel-rt_debug-devel-4.4.155-3.23.1.x86_64", "SUSE Linux Enterprise Real Time 12 SP3:kernel-source-rt-4.4.155-3.23.1.noarch", "SUSE Linux Enterprise Real Time 12 SP3:kernel-syms-rt-4.4.155-3.23.1.x86_64", "SUSE Linux Enterprise Real Time 12 SP3:ocfs2-kmp-rt-4.4.155-3.23.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2018-1129", url: "https://www.suse.com/security/cve/CVE-2018-1129", }, { category: "external", summary: "SUSE Bug 1096748 for CVE-2018-1129", url: "https://bugzilla.suse.com/1096748", }, { category: "external", summary: "SUSE Bug 1114710 for CVE-2018-1129", url: "https://bugzilla.suse.com/1114710", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE Linux Enterprise Real Time 12 SP3:cluster-md-kmp-rt-4.4.155-3.23.1.x86_64", "SUSE Linux Enterprise Real Time 12 SP3:dlm-kmp-rt-4.4.155-3.23.1.x86_64", "SUSE Linux Enterprise Real Time 12 SP3:gfs2-kmp-rt-4.4.155-3.23.1.x86_64", "SUSE Linux Enterprise Real Time 12 SP3:kernel-devel-rt-4.4.155-3.23.1.noarch", "SUSE Linux Enterprise Real Time 12 SP3:kernel-rt-4.4.155-3.23.1.x86_64", "SUSE Linux Enterprise Real Time 12 SP3:kernel-rt-base-4.4.155-3.23.1.x86_64", "SUSE Linux Enterprise Real Time 12 SP3:kernel-rt-devel-4.4.155-3.23.1.x86_64", "SUSE Linux Enterprise Real Time 12 SP3:kernel-rt_debug-devel-4.4.155-3.23.1.x86_64", "SUSE Linux Enterprise Real Time 12 SP3:kernel-source-rt-4.4.155-3.23.1.noarch", "SUSE Linux Enterprise Real Time 12 SP3:kernel-syms-rt-4.4.155-3.23.1.x86_64", "SUSE Linux Enterprise Real Time 12 SP3:ocfs2-kmp-rt-4.4.155-3.23.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 8.1, baseSeverity: "HIGH", vectorString: "CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N", version: "3.0", }, products: [ "SUSE Linux Enterprise Real Time 12 SP3:cluster-md-kmp-rt-4.4.155-3.23.1.x86_64", "SUSE Linux Enterprise Real Time 12 SP3:dlm-kmp-rt-4.4.155-3.23.1.x86_64", "SUSE Linux Enterprise Real Time 12 SP3:gfs2-kmp-rt-4.4.155-3.23.1.x86_64", "SUSE Linux Enterprise Real Time 12 SP3:kernel-devel-rt-4.4.155-3.23.1.noarch", "SUSE Linux Enterprise Real Time 12 SP3:kernel-rt-4.4.155-3.23.1.x86_64", "SUSE Linux Enterprise Real Time 12 SP3:kernel-rt-base-4.4.155-3.23.1.x86_64", "SUSE Linux Enterprise Real Time 12 SP3:kernel-rt-devel-4.4.155-3.23.1.x86_64", "SUSE Linux Enterprise Real Time 12 SP3:kernel-rt_debug-devel-4.4.155-3.23.1.x86_64", "SUSE Linux Enterprise Real Time 12 SP3:kernel-source-rt-4.4.155-3.23.1.noarch", "SUSE Linux Enterprise Real Time 12 SP3:kernel-syms-rt-4.4.155-3.23.1.x86_64", "SUSE Linux Enterprise Real Time 12 SP3:ocfs2-kmp-rt-4.4.155-3.23.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2018-09-25T15:52:49Z", details: "important", }, ], title: "CVE-2018-1129", }, { cve: "CVE-2018-12896", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2018-12896", }, ], notes: [ { category: "general", text: "An issue was discovered in the Linux kernel through 4.17.3. An Integer Overflow in kernel/time/posix-timers.c in the POSIX timer code is caused by the way the overrun accounting works. Depending on interval and expiry time values, the overrun can be larger than INT_MAX, but the accounting is int based. This basically makes the accounting values, which are visible to user space via timer_getoverrun(2) and siginfo::si_overrun, random. For example, a local user can cause a denial of service (signed integer overflow) via crafted mmap, futex, timer_create, and timer_settime system calls.", title: "CVE description", }, ], product_status: { recommended: [ "SUSE Linux Enterprise Real Time 12 SP3:cluster-md-kmp-rt-4.4.155-3.23.1.x86_64", "SUSE Linux Enterprise Real Time 12 SP3:dlm-kmp-rt-4.4.155-3.23.1.x86_64", "SUSE Linux Enterprise Real Time 12 SP3:gfs2-kmp-rt-4.4.155-3.23.1.x86_64", "SUSE Linux Enterprise Real Time 12 SP3:kernel-devel-rt-4.4.155-3.23.1.noarch", "SUSE Linux Enterprise Real Time 12 SP3:kernel-rt-4.4.155-3.23.1.x86_64", "SUSE Linux Enterprise Real Time 12 SP3:kernel-rt-base-4.4.155-3.23.1.x86_64", "SUSE Linux Enterprise Real Time 12 SP3:kernel-rt-devel-4.4.155-3.23.1.x86_64", "SUSE Linux Enterprise Real Time 12 SP3:kernel-rt_debug-devel-4.4.155-3.23.1.x86_64", "SUSE Linux Enterprise Real Time 12 SP3:kernel-source-rt-4.4.155-3.23.1.noarch", "SUSE Linux Enterprise Real Time 12 SP3:kernel-syms-rt-4.4.155-3.23.1.x86_64", "SUSE Linux Enterprise Real Time 12 SP3:ocfs2-kmp-rt-4.4.155-3.23.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2018-12896", url: "https://www.suse.com/security/cve/CVE-2018-12896", }, { category: "external", summary: "SUSE Bug 1099922 for CVE-2018-12896", url: "https://bugzilla.suse.com/1099922", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE Linux Enterprise Real Time 12 SP3:cluster-md-kmp-rt-4.4.155-3.23.1.x86_64", "SUSE Linux Enterprise Real Time 12 SP3:dlm-kmp-rt-4.4.155-3.23.1.x86_64", "SUSE Linux Enterprise Real Time 12 SP3:gfs2-kmp-rt-4.4.155-3.23.1.x86_64", "SUSE Linux Enterprise Real Time 12 SP3:kernel-devel-rt-4.4.155-3.23.1.noarch", "SUSE Linux Enterprise Real Time 12 SP3:kernel-rt-4.4.155-3.23.1.x86_64", "SUSE Linux Enterprise Real Time 12 SP3:kernel-rt-base-4.4.155-3.23.1.x86_64", "SUSE Linux Enterprise Real Time 12 SP3:kernel-rt-devel-4.4.155-3.23.1.x86_64", "SUSE Linux Enterprise Real Time 12 SP3:kernel-rt_debug-devel-4.4.155-3.23.1.x86_64", "SUSE Linux Enterprise Real Time 12 SP3:kernel-source-rt-4.4.155-3.23.1.noarch", "SUSE Linux Enterprise Real Time 12 SP3:kernel-syms-rt-4.4.155-3.23.1.x86_64", "SUSE Linux Enterprise Real Time 12 SP3:ocfs2-kmp-rt-4.4.155-3.23.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 3.3, baseSeverity: "LOW", vectorString: "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L", version: "3.0", }, products: [ "SUSE Linux Enterprise Real Time 12 SP3:cluster-md-kmp-rt-4.4.155-3.23.1.x86_64", "SUSE Linux Enterprise Real Time 12 SP3:dlm-kmp-rt-4.4.155-3.23.1.x86_64", "SUSE Linux Enterprise Real Time 12 SP3:gfs2-kmp-rt-4.4.155-3.23.1.x86_64", "SUSE Linux Enterprise Real Time 12 SP3:kernel-devel-rt-4.4.155-3.23.1.noarch", "SUSE Linux Enterprise Real Time 12 SP3:kernel-rt-4.4.155-3.23.1.x86_64", "SUSE Linux Enterprise Real Time 12 SP3:kernel-rt-base-4.4.155-3.23.1.x86_64", "SUSE Linux Enterprise Real Time 12 SP3:kernel-rt-devel-4.4.155-3.23.1.x86_64", "SUSE Linux Enterprise Real Time 12 SP3:kernel-rt_debug-devel-4.4.155-3.23.1.x86_64", "SUSE Linux Enterprise Real Time 12 SP3:kernel-source-rt-4.4.155-3.23.1.noarch", "SUSE Linux Enterprise Real Time 12 SP3:kernel-syms-rt-4.4.155-3.23.1.x86_64", "SUSE Linux Enterprise Real Time 12 SP3:ocfs2-kmp-rt-4.4.155-3.23.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2018-09-25T15:52:49Z", details: "low", }, ], title: "CVE-2018-12896", }, { cve: "CVE-2018-13093", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2018-13093", }, ], notes: [ { category: "general", text: "An issue was discovered in fs/xfs/xfs_icache.c in the Linux kernel through 4.17.3. There is a NULL pointer dereference and panic in lookup_slow() on a NULL inode->i_ops pointer when doing pathwalks on a corrupted xfs image. This occurs because of a lack of proper validation that cached inodes are free during allocation.", title: "CVE description", }, ], product_status: { recommended: [ "SUSE Linux Enterprise Real Time 12 SP3:cluster-md-kmp-rt-4.4.155-3.23.1.x86_64", "SUSE Linux Enterprise Real Time 12 SP3:dlm-kmp-rt-4.4.155-3.23.1.x86_64", "SUSE Linux Enterprise Real Time 12 SP3:gfs2-kmp-rt-4.4.155-3.23.1.x86_64", "SUSE Linux Enterprise Real Time 12 SP3:kernel-devel-rt-4.4.155-3.23.1.noarch", "SUSE Linux Enterprise Real Time 12 SP3:kernel-rt-4.4.155-3.23.1.x86_64", "SUSE Linux Enterprise Real Time 12 SP3:kernel-rt-base-4.4.155-3.23.1.x86_64", "SUSE Linux Enterprise Real Time 12 SP3:kernel-rt-devel-4.4.155-3.23.1.x86_64", "SUSE Linux Enterprise Real Time 12 SP3:kernel-rt_debug-devel-4.4.155-3.23.1.x86_64", "SUSE Linux Enterprise Real Time 12 SP3:kernel-source-rt-4.4.155-3.23.1.noarch", "SUSE Linux Enterprise Real Time 12 SP3:kernel-syms-rt-4.4.155-3.23.1.x86_64", "SUSE Linux Enterprise Real Time 12 SP3:ocfs2-kmp-rt-4.4.155-3.23.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2018-13093", url: "https://www.suse.com/security/cve/CVE-2018-13093", }, { category: "external", summary: "SUSE Bug 1100001 for CVE-2018-13093", url: "https://bugzilla.suse.com/1100001", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE Linux Enterprise Real Time 12 SP3:cluster-md-kmp-rt-4.4.155-3.23.1.x86_64", "SUSE Linux Enterprise Real Time 12 SP3:dlm-kmp-rt-4.4.155-3.23.1.x86_64", "SUSE Linux Enterprise Real Time 12 SP3:gfs2-kmp-rt-4.4.155-3.23.1.x86_64", "SUSE Linux Enterprise Real Time 12 SP3:kernel-devel-rt-4.4.155-3.23.1.noarch", "SUSE Linux Enterprise Real Time 12 SP3:kernel-rt-4.4.155-3.23.1.x86_64", "SUSE Linux Enterprise Real Time 12 SP3:kernel-rt-base-4.4.155-3.23.1.x86_64", "SUSE Linux Enterprise Real Time 12 SP3:kernel-rt-devel-4.4.155-3.23.1.x86_64", "SUSE Linux Enterprise Real Time 12 SP3:kernel-rt_debug-devel-4.4.155-3.23.1.x86_64", "SUSE Linux Enterprise Real Time 12 SP3:kernel-source-rt-4.4.155-3.23.1.noarch", "SUSE Linux Enterprise Real Time 12 SP3:kernel-syms-rt-4.4.155-3.23.1.x86_64", "SUSE Linux Enterprise Real Time 12 SP3:ocfs2-kmp-rt-4.4.155-3.23.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 6.1, baseSeverity: "MEDIUM", vectorString: "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:H", version: "3.0", }, products: [ "SUSE Linux Enterprise Real Time 12 SP3:cluster-md-kmp-rt-4.4.155-3.23.1.x86_64", "SUSE Linux Enterprise Real Time 12 SP3:dlm-kmp-rt-4.4.155-3.23.1.x86_64", "SUSE Linux Enterprise Real Time 12 SP3:gfs2-kmp-rt-4.4.155-3.23.1.x86_64", "SUSE Linux Enterprise Real Time 12 SP3:kernel-devel-rt-4.4.155-3.23.1.noarch", "SUSE Linux Enterprise Real Time 12 SP3:kernel-rt-4.4.155-3.23.1.x86_64", "SUSE Linux Enterprise Real Time 12 SP3:kernel-rt-base-4.4.155-3.23.1.x86_64", "SUSE Linux Enterprise Real Time 12 SP3:kernel-rt-devel-4.4.155-3.23.1.x86_64", "SUSE Linux Enterprise Real Time 12 SP3:kernel-rt_debug-devel-4.4.155-3.23.1.x86_64", "SUSE Linux Enterprise Real Time 12 SP3:kernel-source-rt-4.4.155-3.23.1.noarch", "SUSE Linux Enterprise Real Time 12 SP3:kernel-syms-rt-4.4.155-3.23.1.x86_64", "SUSE Linux Enterprise Real Time 12 SP3:ocfs2-kmp-rt-4.4.155-3.23.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2018-09-25T15:52:49Z", details: "moderate", }, ], title: "CVE-2018-13093", }, { cve: "CVE-2018-13094", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2018-13094", }, ], notes: [ { category: "general", text: "An issue was discovered in fs/xfs/libxfs/xfs_attr_leaf.c in the Linux kernel through 4.17.3. An OOPS may occur for a corrupted xfs image after xfs_da_shrink_inode() is called with a NULL bp.", title: "CVE description", }, ], product_status: { recommended: [ "SUSE Linux Enterprise Real Time 12 SP3:cluster-md-kmp-rt-4.4.155-3.23.1.x86_64", "SUSE Linux Enterprise Real Time 12 SP3:dlm-kmp-rt-4.4.155-3.23.1.x86_64", "SUSE Linux Enterprise Real Time 12 SP3:gfs2-kmp-rt-4.4.155-3.23.1.x86_64", "SUSE Linux Enterprise Real Time 12 SP3:kernel-devel-rt-4.4.155-3.23.1.noarch", "SUSE Linux Enterprise Real Time 12 SP3:kernel-rt-4.4.155-3.23.1.x86_64", "SUSE Linux Enterprise Real Time 12 SP3:kernel-rt-base-4.4.155-3.23.1.x86_64", "SUSE Linux Enterprise Real Time 12 SP3:kernel-rt-devel-4.4.155-3.23.1.x86_64", "SUSE Linux Enterprise Real Time 12 SP3:kernel-rt_debug-devel-4.4.155-3.23.1.x86_64", "SUSE Linux Enterprise Real Time 12 SP3:kernel-source-rt-4.4.155-3.23.1.noarch", "SUSE Linux Enterprise Real Time 12 SP3:kernel-syms-rt-4.4.155-3.23.1.x86_64", "SUSE Linux Enterprise Real Time 12 SP3:ocfs2-kmp-rt-4.4.155-3.23.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2018-13094", url: "https://www.suse.com/security/cve/CVE-2018-13094", }, { category: "external", summary: "SUSE Bug 1087082 for CVE-2018-13094", url: "https://bugzilla.suse.com/1087082", }, { category: "external", summary: "SUSE Bug 1100000 for CVE-2018-13094", url: "https://bugzilla.suse.com/1100000", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE Linux Enterprise Real Time 12 SP3:cluster-md-kmp-rt-4.4.155-3.23.1.x86_64", "SUSE Linux Enterprise Real Time 12 SP3:dlm-kmp-rt-4.4.155-3.23.1.x86_64", "SUSE Linux Enterprise Real Time 12 SP3:gfs2-kmp-rt-4.4.155-3.23.1.x86_64", "SUSE Linux Enterprise Real Time 12 SP3:kernel-devel-rt-4.4.155-3.23.1.noarch", "SUSE Linux Enterprise Real Time 12 SP3:kernel-rt-4.4.155-3.23.1.x86_64", "SUSE Linux Enterprise Real Time 12 SP3:kernel-rt-base-4.4.155-3.23.1.x86_64", "SUSE Linux Enterprise Real Time 12 SP3:kernel-rt-devel-4.4.155-3.23.1.x86_64", "SUSE Linux Enterprise Real Time 12 SP3:kernel-rt_debug-devel-4.4.155-3.23.1.x86_64", "SUSE Linux Enterprise Real Time 12 SP3:kernel-source-rt-4.4.155-3.23.1.noarch", "SUSE Linux Enterprise Real Time 12 SP3:kernel-syms-rt-4.4.155-3.23.1.x86_64", "SUSE Linux Enterprise Real Time 12 SP3:ocfs2-kmp-rt-4.4.155-3.23.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 5.5, baseSeverity: "MEDIUM", vectorString: "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H", version: "3.0", }, products: [ "SUSE Linux Enterprise Real Time 12 SP3:cluster-md-kmp-rt-4.4.155-3.23.1.x86_64", "SUSE Linux Enterprise Real Time 12 SP3:dlm-kmp-rt-4.4.155-3.23.1.x86_64", "SUSE Linux Enterprise Real Time 12 SP3:gfs2-kmp-rt-4.4.155-3.23.1.x86_64", "SUSE Linux Enterprise Real Time 12 SP3:kernel-devel-rt-4.4.155-3.23.1.noarch", "SUSE Linux Enterprise Real Time 12 SP3:kernel-rt-4.4.155-3.23.1.x86_64", "SUSE Linux Enterprise Real Time 12 SP3:kernel-rt-base-4.4.155-3.23.1.x86_64", "SUSE Linux Enterprise Real Time 12 SP3:kernel-rt-devel-4.4.155-3.23.1.x86_64", "SUSE Linux Enterprise Real Time 12 SP3:kernel-rt_debug-devel-4.4.155-3.23.1.x86_64", "SUSE Linux Enterprise Real Time 12 SP3:kernel-source-rt-4.4.155-3.23.1.noarch", "SUSE Linux Enterprise Real Time 12 SP3:kernel-syms-rt-4.4.155-3.23.1.x86_64", "SUSE Linux Enterprise Real Time 12 SP3:ocfs2-kmp-rt-4.4.155-3.23.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2018-09-25T15:52:49Z", details: "moderate", }, ], title: "CVE-2018-13094", }, { cve: "CVE-2018-13095", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2018-13095", }, ], notes: [ { category: "general", text: "An issue was discovered in fs/xfs/libxfs/xfs_inode_buf.c in the Linux kernel through 4.17.3. A denial of service (memory corruption and BUG) can occur for a corrupted xfs image upon encountering an inode that is in extent format, but has more extents than fit in the inode fork.", title: "CVE description", }, ], product_status: { recommended: [ "SUSE Linux Enterprise Real Time 12 SP3:cluster-md-kmp-rt-4.4.155-3.23.1.x86_64", "SUSE Linux Enterprise Real Time 12 SP3:dlm-kmp-rt-4.4.155-3.23.1.x86_64", "SUSE Linux Enterprise Real Time 12 SP3:gfs2-kmp-rt-4.4.155-3.23.1.x86_64", "SUSE Linux Enterprise Real Time 12 SP3:kernel-devel-rt-4.4.155-3.23.1.noarch", "SUSE Linux Enterprise Real Time 12 SP3:kernel-rt-4.4.155-3.23.1.x86_64", "SUSE Linux Enterprise Real Time 12 SP3:kernel-rt-base-4.4.155-3.23.1.x86_64", "SUSE Linux Enterprise Real Time 12 SP3:kernel-rt-devel-4.4.155-3.23.1.x86_64", "SUSE Linux Enterprise Real Time 12 SP3:kernel-rt_debug-devel-4.4.155-3.23.1.x86_64", "SUSE Linux Enterprise Real Time 12 SP3:kernel-source-rt-4.4.155-3.23.1.noarch", "SUSE Linux Enterprise Real Time 12 SP3:kernel-syms-rt-4.4.155-3.23.1.x86_64", "SUSE Linux Enterprise Real Time 12 SP3:ocfs2-kmp-rt-4.4.155-3.23.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2018-13095", url: "https://www.suse.com/security/cve/CVE-2018-13095", }, { category: "external", summary: "SUSE Bug 1099999 for CVE-2018-13095", url: "https://bugzilla.suse.com/1099999", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE Linux Enterprise Real Time 12 SP3:cluster-md-kmp-rt-4.4.155-3.23.1.x86_64", "SUSE Linux Enterprise Real Time 12 SP3:dlm-kmp-rt-4.4.155-3.23.1.x86_64", "SUSE Linux Enterprise Real Time 12 SP3:gfs2-kmp-rt-4.4.155-3.23.1.x86_64", "SUSE Linux Enterprise Real Time 12 SP3:kernel-devel-rt-4.4.155-3.23.1.noarch", "SUSE Linux Enterprise Real Time 12 SP3:kernel-rt-4.4.155-3.23.1.x86_64", "SUSE Linux Enterprise Real Time 12 SP3:kernel-rt-base-4.4.155-3.23.1.x86_64", "SUSE Linux Enterprise Real Time 12 SP3:kernel-rt-devel-4.4.155-3.23.1.x86_64", "SUSE Linux Enterprise Real Time 12 SP3:kernel-rt_debug-devel-4.4.155-3.23.1.x86_64", "SUSE Linux Enterprise Real Time 12 SP3:kernel-source-rt-4.4.155-3.23.1.noarch", "SUSE Linux Enterprise Real Time 12 SP3:kernel-syms-rt-4.4.155-3.23.1.x86_64", "SUSE Linux Enterprise Real Time 12 SP3:ocfs2-kmp-rt-4.4.155-3.23.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 6.1, baseSeverity: "MEDIUM", vectorString: "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:H", version: "3.0", }, products: [ "SUSE Linux Enterprise Real Time 12 SP3:cluster-md-kmp-rt-4.4.155-3.23.1.x86_64", "SUSE Linux Enterprise Real Time 12 SP3:dlm-kmp-rt-4.4.155-3.23.1.x86_64", "SUSE Linux Enterprise Real Time 12 SP3:gfs2-kmp-rt-4.4.155-3.23.1.x86_64", "SUSE Linux Enterprise Real Time 12 SP3:kernel-devel-rt-4.4.155-3.23.1.noarch", "SUSE Linux Enterprise Real Time 12 SP3:kernel-rt-4.4.155-3.23.1.x86_64", "SUSE Linux Enterprise Real Time 12 SP3:kernel-rt-base-4.4.155-3.23.1.x86_64", "SUSE Linux Enterprise Real Time 12 SP3:kernel-rt-devel-4.4.155-3.23.1.x86_64", "SUSE Linux Enterprise Real Time 12 SP3:kernel-rt_debug-devel-4.4.155-3.23.1.x86_64", "SUSE Linux Enterprise Real Time 12 SP3:kernel-source-rt-4.4.155-3.23.1.noarch", "SUSE Linux Enterprise Real Time 12 SP3:kernel-syms-rt-4.4.155-3.23.1.x86_64", "SUSE Linux Enterprise Real Time 12 SP3:ocfs2-kmp-rt-4.4.155-3.23.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2018-09-25T15:52:49Z", details: "moderate", }, ], title: "CVE-2018-13095", }, { cve: "CVE-2018-15572", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2018-15572", }, ], notes: [ { category: "general", text: "The spectre_v2_select_mitigation function in arch/x86/kernel/cpu/bugs.c in the Linux kernel before 4.18.1 does not always fill RSB upon a context switch, which makes it easier for attackers to conduct userspace-userspace spectreRSB attacks.", title: "CVE description", }, ], product_status: { recommended: [ "SUSE Linux Enterprise Real Time 12 SP3:cluster-md-kmp-rt-4.4.155-3.23.1.x86_64", "SUSE Linux Enterprise Real Time 12 SP3:dlm-kmp-rt-4.4.155-3.23.1.x86_64", "SUSE Linux Enterprise Real Time 12 SP3:gfs2-kmp-rt-4.4.155-3.23.1.x86_64", "SUSE Linux Enterprise Real Time 12 SP3:kernel-devel-rt-4.4.155-3.23.1.noarch", "SUSE Linux Enterprise Real Time 12 SP3:kernel-rt-4.4.155-3.23.1.x86_64", "SUSE Linux Enterprise Real Time 12 SP3:kernel-rt-base-4.4.155-3.23.1.x86_64", "SUSE Linux Enterprise Real Time 12 SP3:kernel-rt-devel-4.4.155-3.23.1.x86_64", "SUSE Linux Enterprise Real Time 12 SP3:kernel-rt_debug-devel-4.4.155-3.23.1.x86_64", "SUSE Linux Enterprise Real Time 12 SP3:kernel-source-rt-4.4.155-3.23.1.noarch", "SUSE Linux Enterprise Real Time 12 SP3:kernel-syms-rt-4.4.155-3.23.1.x86_64", "SUSE Linux Enterprise Real Time 12 SP3:ocfs2-kmp-rt-4.4.155-3.23.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2018-15572", url: "https://www.suse.com/security/cve/CVE-2018-15572", }, { category: "external", summary: "SUSE Bug 1102517 for CVE-2018-15572", url: "https://bugzilla.suse.com/1102517", }, { category: "external", summary: "SUSE Bug 1105296 for CVE-2018-15572", url: "https://bugzilla.suse.com/1105296", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE Linux Enterprise Real Time 12 SP3:cluster-md-kmp-rt-4.4.155-3.23.1.x86_64", "SUSE Linux Enterprise Real Time 12 SP3:dlm-kmp-rt-4.4.155-3.23.1.x86_64", "SUSE Linux Enterprise Real Time 12 SP3:gfs2-kmp-rt-4.4.155-3.23.1.x86_64", "SUSE Linux Enterprise Real Time 12 SP3:kernel-devel-rt-4.4.155-3.23.1.noarch", "SUSE Linux Enterprise Real Time 12 SP3:kernel-rt-4.4.155-3.23.1.x86_64", "SUSE Linux Enterprise Real Time 12 SP3:kernel-rt-base-4.4.155-3.23.1.x86_64", "SUSE Linux Enterprise Real Time 12 SP3:kernel-rt-devel-4.4.155-3.23.1.x86_64", "SUSE Linux Enterprise Real Time 12 SP3:kernel-rt_debug-devel-4.4.155-3.23.1.x86_64", "SUSE Linux Enterprise Real Time 12 SP3:kernel-source-rt-4.4.155-3.23.1.noarch", "SUSE Linux Enterprise Real Time 12 SP3:kernel-syms-rt-4.4.155-3.23.1.x86_64", "SUSE Linux Enterprise Real Time 12 SP3:ocfs2-kmp-rt-4.4.155-3.23.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 4.7, baseSeverity: "MEDIUM", vectorString: "CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N", version: "3.0", }, products: [ "SUSE Linux Enterprise Real Time 12 SP3:cluster-md-kmp-rt-4.4.155-3.23.1.x86_64", "SUSE Linux Enterprise Real Time 12 SP3:dlm-kmp-rt-4.4.155-3.23.1.x86_64", "SUSE Linux Enterprise Real Time 12 SP3:gfs2-kmp-rt-4.4.155-3.23.1.x86_64", "SUSE Linux Enterprise Real Time 12 SP3:kernel-devel-rt-4.4.155-3.23.1.noarch", "SUSE Linux Enterprise Real Time 12 SP3:kernel-rt-4.4.155-3.23.1.x86_64", "SUSE Linux Enterprise Real Time 12 SP3:kernel-rt-base-4.4.155-3.23.1.x86_64", "SUSE Linux Enterprise Real Time 12 SP3:kernel-rt-devel-4.4.155-3.23.1.x86_64", "SUSE Linux Enterprise Real Time 12 SP3:kernel-rt_debug-devel-4.4.155-3.23.1.x86_64", "SUSE Linux Enterprise Real Time 12 SP3:kernel-source-rt-4.4.155-3.23.1.noarch", "SUSE Linux Enterprise Real Time 12 SP3:kernel-syms-rt-4.4.155-3.23.1.x86_64", "SUSE Linux Enterprise Real Time 12 SP3:ocfs2-kmp-rt-4.4.155-3.23.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2018-09-25T15:52:49Z", details: "important", }, ], title: "CVE-2018-15572", }, { cve: "CVE-2018-16658", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2018-16658", }, ], notes: [ { category: "general", text: "An issue was discovered in the Linux kernel before 4.18.6. An information leak in cdrom_ioctl_drive_status in drivers/cdrom/cdrom.c could be used by local attackers to read kernel memory because a cast from unsigned long to int interferes with bounds checking. This is similar to CVE-2018-10940.", title: "CVE description", }, ], product_status: { recommended: [ "SUSE Linux Enterprise Real Time 12 SP3:cluster-md-kmp-rt-4.4.155-3.23.1.x86_64", "SUSE Linux Enterprise Real Time 12 SP3:dlm-kmp-rt-4.4.155-3.23.1.x86_64", "SUSE Linux Enterprise Real Time 12 SP3:gfs2-kmp-rt-4.4.155-3.23.1.x86_64", "SUSE Linux Enterprise Real Time 12 SP3:kernel-devel-rt-4.4.155-3.23.1.noarch", "SUSE Linux Enterprise Real Time 12 SP3:kernel-rt-4.4.155-3.23.1.x86_64", "SUSE Linux Enterprise Real Time 12 SP3:kernel-rt-base-4.4.155-3.23.1.x86_64", "SUSE Linux Enterprise Real Time 12 SP3:kernel-rt-devel-4.4.155-3.23.1.x86_64", "SUSE Linux Enterprise Real Time 12 SP3:kernel-rt_debug-devel-4.4.155-3.23.1.x86_64", "SUSE Linux Enterprise Real Time 12 SP3:kernel-source-rt-4.4.155-3.23.1.noarch", "SUSE Linux Enterprise Real Time 12 SP3:kernel-syms-rt-4.4.155-3.23.1.x86_64", "SUSE Linux Enterprise Real Time 12 SP3:ocfs2-kmp-rt-4.4.155-3.23.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2018-16658", url: "https://www.suse.com/security/cve/CVE-2018-16658", }, { category: "external", summary: "SUSE Bug 1092903 for CVE-2018-16658", url: "https://bugzilla.suse.com/1092903", }, { category: "external", summary: "SUSE Bug 1107689 for CVE-2018-16658", url: "https://bugzilla.suse.com/1107689", }, { category: "external", summary: "SUSE Bug 1113751 for CVE-2018-16658", url: "https://bugzilla.suse.com/1113751", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE Linux Enterprise Real Time 12 SP3:cluster-md-kmp-rt-4.4.155-3.23.1.x86_64", "SUSE Linux Enterprise Real Time 12 SP3:dlm-kmp-rt-4.4.155-3.23.1.x86_64", "SUSE Linux Enterprise Real Time 12 SP3:gfs2-kmp-rt-4.4.155-3.23.1.x86_64", "SUSE Linux Enterprise Real Time 12 SP3:kernel-devel-rt-4.4.155-3.23.1.noarch", "SUSE Linux Enterprise Real Time 12 SP3:kernel-rt-4.4.155-3.23.1.x86_64", "SUSE Linux Enterprise Real Time 12 SP3:kernel-rt-base-4.4.155-3.23.1.x86_64", "SUSE Linux Enterprise Real Time 12 SP3:kernel-rt-devel-4.4.155-3.23.1.x86_64", "SUSE Linux Enterprise Real Time 12 SP3:kernel-rt_debug-devel-4.4.155-3.23.1.x86_64", "SUSE Linux Enterprise Real Time 12 SP3:kernel-source-rt-4.4.155-3.23.1.noarch", "SUSE Linux Enterprise Real Time 12 SP3:kernel-syms-rt-4.4.155-3.23.1.x86_64", "SUSE Linux Enterprise Real Time 12 SP3:ocfs2-kmp-rt-4.4.155-3.23.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 4, baseSeverity: "MEDIUM", vectorString: "CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N", version: "3.0", }, products: [ "SUSE Linux Enterprise Real Time 12 SP3:cluster-md-kmp-rt-4.4.155-3.23.1.x86_64", "SUSE Linux Enterprise Real Time 12 SP3:dlm-kmp-rt-4.4.155-3.23.1.x86_64", "SUSE Linux Enterprise Real Time 12 SP3:gfs2-kmp-rt-4.4.155-3.23.1.x86_64", "SUSE Linux Enterprise Real Time 12 SP3:kernel-devel-rt-4.4.155-3.23.1.noarch", "SUSE Linux Enterprise Real Time 12 SP3:kernel-rt-4.4.155-3.23.1.x86_64", "SUSE Linux Enterprise Real Time 12 SP3:kernel-rt-base-4.4.155-3.23.1.x86_64", "SUSE Linux Enterprise Real Time 12 SP3:kernel-rt-devel-4.4.155-3.23.1.x86_64", "SUSE Linux Enterprise Real Time 12 SP3:kernel-rt_debug-devel-4.4.155-3.23.1.x86_64", "SUSE Linux Enterprise Real Time 12 SP3:kernel-source-rt-4.4.155-3.23.1.noarch", "SUSE Linux Enterprise Real Time 12 SP3:kernel-syms-rt-4.4.155-3.23.1.x86_64", "SUSE Linux Enterprise Real Time 12 SP3:ocfs2-kmp-rt-4.4.155-3.23.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2018-09-25T15:52:49Z", details: "low", }, ], title: "CVE-2018-16658", }, { cve: "CVE-2018-6554", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2018-6554", }, ], notes: [ { category: "general", text: "Memory leak in the irda_bind function in net/irda/af_irda.c and later in drivers/staging/irda/net/af_irda.c in the Linux kernel before 4.17 allows local users to cause a denial of service (memory consumption) by repeatedly binding an AF_IRDA socket.", title: "CVE description", }, ], product_status: { recommended: [ "SUSE Linux Enterprise Real Time 12 SP3:cluster-md-kmp-rt-4.4.155-3.23.1.x86_64", "SUSE Linux Enterprise Real Time 12 SP3:dlm-kmp-rt-4.4.155-3.23.1.x86_64", "SUSE Linux Enterprise Real Time 12 SP3:gfs2-kmp-rt-4.4.155-3.23.1.x86_64", "SUSE Linux Enterprise Real Time 12 SP3:kernel-devel-rt-4.4.155-3.23.1.noarch", "SUSE Linux Enterprise Real Time 12 SP3:kernel-rt-4.4.155-3.23.1.x86_64", "SUSE Linux Enterprise Real Time 12 SP3:kernel-rt-base-4.4.155-3.23.1.x86_64", "SUSE Linux Enterprise Real Time 12 SP3:kernel-rt-devel-4.4.155-3.23.1.x86_64", "SUSE Linux Enterprise Real Time 12 SP3:kernel-rt_debug-devel-4.4.155-3.23.1.x86_64", "SUSE Linux Enterprise Real Time 12 SP3:kernel-source-rt-4.4.155-3.23.1.noarch", "SUSE Linux Enterprise Real Time 12 SP3:kernel-syms-rt-4.4.155-3.23.1.x86_64", "SUSE Linux Enterprise Real Time 12 SP3:ocfs2-kmp-rt-4.4.155-3.23.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2018-6554", url: "https://www.suse.com/security/cve/CVE-2018-6554", }, { category: "external", summary: "SUSE Bug 1106509 for CVE-2018-6554", url: "https://bugzilla.suse.com/1106509", }, { category: "external", summary: "SUSE Bug 1106511 for CVE-2018-6554", url: "https://bugzilla.suse.com/1106511", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE Linux Enterprise Real Time 12 SP3:cluster-md-kmp-rt-4.4.155-3.23.1.x86_64", "SUSE Linux Enterprise Real Time 12 SP3:dlm-kmp-rt-4.4.155-3.23.1.x86_64", "SUSE Linux Enterprise Real Time 12 SP3:gfs2-kmp-rt-4.4.155-3.23.1.x86_64", "SUSE Linux Enterprise Real Time 12 SP3:kernel-devel-rt-4.4.155-3.23.1.noarch", "SUSE Linux Enterprise Real Time 12 SP3:kernel-rt-4.4.155-3.23.1.x86_64", "SUSE Linux Enterprise Real Time 12 SP3:kernel-rt-base-4.4.155-3.23.1.x86_64", "SUSE Linux Enterprise Real Time 12 SP3:kernel-rt-devel-4.4.155-3.23.1.x86_64", "SUSE Linux Enterprise Real Time 12 SP3:kernel-rt_debug-devel-4.4.155-3.23.1.x86_64", "SUSE Linux Enterprise Real Time 12 SP3:kernel-source-rt-4.4.155-3.23.1.noarch", "SUSE Linux Enterprise Real Time 12 SP3:kernel-syms-rt-4.4.155-3.23.1.x86_64", "SUSE Linux Enterprise Real Time 12 SP3:ocfs2-kmp-rt-4.4.155-3.23.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 3.3, baseSeverity: "LOW", vectorString: "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L", version: "3.0", }, products: [ "SUSE Linux Enterprise Real Time 12 SP3:cluster-md-kmp-rt-4.4.155-3.23.1.x86_64", "SUSE Linux Enterprise Real Time 12 SP3:dlm-kmp-rt-4.4.155-3.23.1.x86_64", "SUSE Linux Enterprise Real Time 12 SP3:gfs2-kmp-rt-4.4.155-3.23.1.x86_64", "SUSE Linux Enterprise Real Time 12 SP3:kernel-devel-rt-4.4.155-3.23.1.noarch", "SUSE Linux Enterprise Real Time 12 SP3:kernel-rt-4.4.155-3.23.1.x86_64", "SUSE Linux Enterprise Real Time 12 SP3:kernel-rt-base-4.4.155-3.23.1.x86_64", "SUSE Linux Enterprise Real Time 12 SP3:kernel-rt-devel-4.4.155-3.23.1.x86_64", "SUSE Linux Enterprise Real Time 12 SP3:kernel-rt_debug-devel-4.4.155-3.23.1.x86_64", "SUSE Linux Enterprise Real Time 12 SP3:kernel-source-rt-4.4.155-3.23.1.noarch", "SUSE Linux Enterprise Real Time 12 SP3:kernel-syms-rt-4.4.155-3.23.1.x86_64", "SUSE Linux Enterprise Real Time 12 SP3:ocfs2-kmp-rt-4.4.155-3.23.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2018-09-25T15:52:49Z", details: "low", }, ], title: "CVE-2018-6554", }, { cve: "CVE-2018-6555", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2018-6555", }, ], notes: [ { category: "general", text: "The irda_setsockopt function in net/irda/af_irda.c and later in drivers/staging/irda/net/af_irda.c in the Linux kernel before 4.17 allows local users to cause a denial of service (ias_object use-after-free and system crash) or possibly have unspecified other impact via an AF_IRDA socket.", title: "CVE description", }, ], product_status: { recommended: [ "SUSE Linux Enterprise Real Time 12 SP3:cluster-md-kmp-rt-4.4.155-3.23.1.x86_64", "SUSE Linux Enterprise Real Time 12 SP3:dlm-kmp-rt-4.4.155-3.23.1.x86_64", "SUSE Linux Enterprise Real Time 12 SP3:gfs2-kmp-rt-4.4.155-3.23.1.x86_64", "SUSE Linux Enterprise Real Time 12 SP3:kernel-devel-rt-4.4.155-3.23.1.noarch", "SUSE Linux Enterprise Real Time 12 SP3:kernel-rt-4.4.155-3.23.1.x86_64", "SUSE Linux Enterprise Real Time 12 SP3:kernel-rt-base-4.4.155-3.23.1.x86_64", "SUSE Linux Enterprise Real Time 12 SP3:kernel-rt-devel-4.4.155-3.23.1.x86_64", "SUSE Linux Enterprise Real Time 12 SP3:kernel-rt_debug-devel-4.4.155-3.23.1.x86_64", "SUSE Linux Enterprise Real Time 12 SP3:kernel-source-rt-4.4.155-3.23.1.noarch", "SUSE Linux Enterprise Real Time 12 SP3:kernel-syms-rt-4.4.155-3.23.1.x86_64", "SUSE Linux Enterprise Real Time 12 SP3:ocfs2-kmp-rt-4.4.155-3.23.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2018-6555", url: "https://www.suse.com/security/cve/CVE-2018-6555", }, { category: "external", summary: "SUSE Bug 1106509 for CVE-2018-6555", url: "https://bugzilla.suse.com/1106509", }, { category: "external", summary: "SUSE Bug 1106511 for CVE-2018-6555", url: "https://bugzilla.suse.com/1106511", }, { category: "external", summary: "SUSE Bug 1115893 for CVE-2018-6555", url: "https://bugzilla.suse.com/1115893", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE Linux Enterprise Real Time 12 SP3:cluster-md-kmp-rt-4.4.155-3.23.1.x86_64", "SUSE Linux Enterprise Real Time 12 SP3:dlm-kmp-rt-4.4.155-3.23.1.x86_64", "SUSE Linux Enterprise Real Time 12 SP3:gfs2-kmp-rt-4.4.155-3.23.1.x86_64", "SUSE Linux Enterprise Real Time 12 SP3:kernel-devel-rt-4.4.155-3.23.1.noarch", "SUSE Linux Enterprise Real Time 12 SP3:kernel-rt-4.4.155-3.23.1.x86_64", "SUSE Linux Enterprise Real Time 12 SP3:kernel-rt-base-4.4.155-3.23.1.x86_64", "SUSE Linux Enterprise Real Time 12 SP3:kernel-rt-devel-4.4.155-3.23.1.x86_64", "SUSE Linux Enterprise Real Time 12 SP3:kernel-rt_debug-devel-4.4.155-3.23.1.x86_64", "SUSE Linux Enterprise Real Time 12 SP3:kernel-source-rt-4.4.155-3.23.1.noarch", "SUSE Linux Enterprise Real Time 12 SP3:kernel-syms-rt-4.4.155-3.23.1.x86_64", "SUSE Linux Enterprise Real Time 12 SP3:ocfs2-kmp-rt-4.4.155-3.23.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 4.4, baseSeverity: "MEDIUM", vectorString: "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:L", version: "3.0", }, products: [ "SUSE Linux Enterprise Real Time 12 SP3:cluster-md-kmp-rt-4.4.155-3.23.1.x86_64", "SUSE Linux Enterprise Real Time 12 SP3:dlm-kmp-rt-4.4.155-3.23.1.x86_64", "SUSE Linux Enterprise Real Time 12 SP3:gfs2-kmp-rt-4.4.155-3.23.1.x86_64", "SUSE Linux Enterprise Real Time 12 SP3:kernel-devel-rt-4.4.155-3.23.1.noarch", "SUSE Linux Enterprise Real Time 12 SP3:kernel-rt-4.4.155-3.23.1.x86_64", "SUSE Linux Enterprise Real Time 12 SP3:kernel-rt-base-4.4.155-3.23.1.x86_64", "SUSE Linux Enterprise Real Time 12 SP3:kernel-rt-devel-4.4.155-3.23.1.x86_64", "SUSE Linux Enterprise Real Time 12 SP3:kernel-rt_debug-devel-4.4.155-3.23.1.x86_64", "SUSE Linux Enterprise Real Time 12 SP3:kernel-source-rt-4.4.155-3.23.1.noarch", "SUSE Linux Enterprise Real Time 12 SP3:kernel-syms-rt-4.4.155-3.23.1.x86_64", "SUSE Linux Enterprise Real Time 12 SP3:ocfs2-kmp-rt-4.4.155-3.23.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2018-09-25T15:52:49Z", details: "moderate", }, ], title: "CVE-2018-6555", }, ], }
suse-su-2018:2980-1
Vulnerability from csaf_suse
Published
2018-10-02 14:32
Modified
2018-10-02 14:32
Summary
Security update for the Linux Kernel
Notes
Title of the patch
Security update for the Linux Kernel
Description of the patch
The SUSE Linux Enterprise 15 kernel was updated to receive various security and bugfixes.
The following security bugs were fixed:
- CVE-2018-14617: Prevent NULL pointer dereference and panic in
hfsplus_lookup() when opening a file (that is purportedly a hard link) in an
hfs+ filesystem that has malformed catalog data, and is mounted read-only
without a metadata directory (bsc#1102870)
- CVE-2018-14613: Prevent invalid pointer dereference in io_ctl_map_page() when
mounting and operating a crafted btrfs image, caused by a lack of block group
item validation in check_leaf_item (bsc#1102896).
- CVE-2018-10940: The cdrom_ioctl_media_changed function allowed local
attackers to use a incorrect bounds check in the CDROM driver
CDROM_MEDIA_CHANGED ioctl to read out kernel memory (bsc#1092903)
- CVE-2018-13093: Prevent NULL pointer dereference and panic in lookup_slow()
on a NULL inode->i_ops pointer when doing pathwalks on a corrupted xfs image.
This occured because of a lack of proper validation that cached inodes are free
during allocation (bnc#1100001)
- CVE-2018-13094: Prevent OOPS that may have occured for a corrupted xfs image
after xfs_da_shrink_inode() is called with a NULL bp (bnc#1100000)
- CVE-2018-13095: Prevent denial of service (memory corruption and BUG) that
could have occurred for a corrupted xfs image upon encountering an inode that
is in extent format, but has more extents than fit in the inode fork
(bnc#1099999)
- CVE-2018-12896: Prevent integer overflow in the POSIX timer code that was
caused by the way the overrun accounting works. Depending on interval and
expiry time values, the overrun can be larger than INT_MAX, but the accounting
is int based. This basically made the accounting values, which are visible to
user space via timer_getoverrun(2) and siginfo::si_overrun, random. This
allowed a local user to cause a denial of service (signed integer overflow) via
crafted mmap, futex, timer_create, and timer_settime system calls (bnc#1099922)
- CVE-2018-16658: Prevent information leak in cdrom_ioctl_drive_status that
could have been used by local attackers to read kernel memory (bnc#1107689)
- CVE-2018-6555: The irda_setsockopt function allowed local users to cause a
denial of service (ias_object use-after-free and system crash) or possibly have
unspecified other impact via an AF_IRDA socket (bnc#1106511)
- CVE-2018-6554: Prevent memory leak in the irda_bind function that allowed
local users to cause a denial of service (memory consumption) by repeatedly
binding an AF_IRDA socket (bnc#1106509)
- CVE-2018-1129: A flaw was found in the way signature calculation was handled
by cephx authentication protocol. An attacker having access to ceph cluster
network who is able to alter the message payload was able to bypass signature
checks done by cephx protocol (bnc#1096748)
- CVE-2018-1128: It was found that cephx authentication protocol did not verify
ceph clients correctly and was vulnerable to replay attack. Any attacker having
access to ceph cluster network who is able to sniff packets on network can use
this vulnerability to authenticate with ceph service and perform actions
allowed by ceph service (bnc#1096748)
- CVE-2018-10938: A crafted network packet sent remotely by an attacker forced
the kernel to enter an infinite loop in the cipso_v4_optptr() function leading
to a denial-of-service (bnc#1106016)
The following non-security bugs were fixed:
- /dev/mem: Add bounce buffer for copy-out (git-fixes).
- /dev/mem: Avoid overwriting 'err' in read_mem() (git-fixes).
- 9p/net: Fix zero-copy path in the 9p virtio transport (bsc#1051510).
- 9p/virtio: fix off-by-one error in sg list bounds check (bsc#1051510).
- 9p: fix multiple NULL-pointer-dereferences (bsc#1051510).
- ACPI / EC: Add another entry for Thinkpad X1 Carbon 6th (bsc#1051510).
- ACPI / EC: Add parameter to force disable the GPE on suspend (bsc#1051510).
- ACPI / EC: Use ec_no_wakeup on ThinkPad X1 Yoga 3rd (bsc#1051510).
- ACPI / EC: Use ec_no_wakeup on Thinkpad X1 Carbon 6th (bsc#1051510).
- ACPI / EC: Use ec_no_wakeup on more Thinkpad X1 Carbon 6th systems (bsc#1051510).
- ACPI / PCI: pci_link: Allow the absence of _PRS and change log level (bsc#1104172).
- ACPI / bus: Only call dmi_check_system on X86 (bsc#1105597, bsc#1106178).
- ACPI / scan: Initialize status to ACPI_STA_DEFAULT (bsc#1051510).
- ACPI/IORT: Remove temporary iort_get_id_mapping_index() ACPICA guard (bsc#1103387).
- ACPI/PCI: pci_link: reduce verbosity when IRQ is enabled (bsc#1104172).
- ACPICA: iasl: Add SMMUv3 device ID mapping index support (bsc#1103387).
- ALSA: cs46xx: Deliver indirect-PCM transfer error.
- ALSA: emu10k1: Deliver indirect-PCM transfer error.
- ALSA: fireface: fix memory leak in ff400_switch_fetching_mode() (bsc#1051510).
- ALSA: firewire-digi00x: fix memory leak of private data (bsc#1051510).
- ALSA: firewire-tascam: fix memory leak of private data (bsc#1051510).
- ALSA: hda - Fix cancel_work_sync() stall from jackpoll work (bsc#1051510).
- ALSA: mips: Deliver indirect-PCM transfer error.
- ALSA: oxfw: fix memory leak for model-dependent data at error path (bsc#1051510).
- ALSA: oxfw: fix memory leak of discovered stream formats at error path (bsc#1051510).
- ALSA: oxfw: fix memory leak of private data (bsc#1051510).
- ALSA: pcm: Call ack() whenever appl_ptr is updated.
- ALSA: pcm: Fix negative appl_ptr handling in pcm-indirect helpers.
- ALSA: pcm: Fix possible inconsistent appl_ptr update via mmap.
- ALSA: pcm: Simplify forward/rewind codes.
- ALSA: pcm: Skip ack callback without actual appl_ptr update.
- ALSA: pcm: Use a common helper for PCM state check and hwsync.
- ALSA: pcm: Workaround for weird PulseAudio behavior on rewind error.
- ALSA: rme32: Deliver indirect-PCM transfer error.
- ARM: 8780/1: ftrace: Only set kernel memory back to read-only after boot (bsc#1051510).
- ARM: DRA7/OMAP5: Enable ACTLR[0] (Enable invalidates of BTB) for secondary cores (bsc#1051510).
- ARM: hisi: fix error handling and missing of_node_put (bsc#1051510).
- ARM: hisi: handle of_iomap and fix missing of_node_put (bsc#1051510).
- ARM: imx: flag failure of of_iomap (bsc#1051510).
- ARM: imx_v4_v5_defconfig: Select ULPI support (bsc#1051510).
- ARM: imx_v6_v7_defconfig: Select ULPI support (bsc#1051510).
- ARM: pxa: irq: fix handling of ICMR registers in suspend/resume (bsc#1051510).
- ASoC: rsnd: fixup not to call clk_get/set under non-atomic (bsc#1051510).
- ASoC: rsnd: move rsnd_ssi_config_init() execute condition into it (bsc#1051510).
- ASoC: rsnd: update pointer more accurate (bsc#1051510).
- ASoC: wm8994: Fix missing break in switch (bsc#1051510).
- Apply e666d4e9ceec crypto: vmx - Use skcipher for ctr fallback to SLE12-SP4 (bsc#1106464).
- Bluetooth: h5: Fix missing dependency on BT_HCIUART_SERDEV (bsc#1051510).
- Bluetooth: hidp: Fix handling of strncpy for hid->name information (bsc#1051510).
- Prevent errors at reboot (bsc#1093389)
- Documentation: add some docs for errseq_t (bsc#1107008).
- Fix buggy backport of patches.drivers/libnvdimm-btt-fix-an-incompatibility-in-the-log-layout.patch (bsc#1103961).
- Fix kABI breakage due to enum addition for ath10k (bsc#1051510).
- HID: add quirk for another PIXART OEM mouse used by HP (bsc#1051510).
- HID: i2c-hid: Add no-irq-after-reset quirk for 0911:5288 device.
- IB/core: type promotion bug in rdma_rw_init_one_mr() (bsc#1046306).
- IB/hfi1: Invalid NUMA node information can cause a divide by zero (bsc#1060463).
- IB/hfi1: Remove incorrect call to do_interrupt callback (bsc#1060463).
- IB/hfi1: Set in_use_ctxts bits for user ctxts only (bsc#1060463 ).
- IB/ipoib: Avoid a race condition between start_xmit and cm_rep_handler (bsc#1046307).
- IB/ipoib: Fix error return code in ipoib_dev_init() (bsc#1046307 ).
- IB/mlx4: Test port number before querying type (bsc#1046302 ).
- IB/mlx4: Use 4K pages for kernel QP's WQE buffer (bsc#1046302 ).
- Input: atmel_mxt_ts - only use first T9 instance (bsc#1051510).
- Input: edt-ft5x06 - fix error handling for factory mode on non-M06 (bsc#1051510).
- Input: edt-ft5x06 - implement support for the EDT-M12 series (bsc#1051510).
- Input: edt-ft5x06 - make distinction between m06/m09/generic more clear (bsc#1051510).
- Input: synaptics-rmi4 - fix axis-swap behavior (bsc#1051510).
- KABI: tpm: change relinquish_locality return value back to void (bsc#1082555).
- KABI: tpm: do keep the cmd_ready and go_idle as pm ops (bsc#1082555).
- KVM/x86: remove WARN_ON() for when vm_munmap() fails (bsc#1106240).
- KVM: Enforce error in ioctl for compat tasks when !KVM_COMPAT (bsc#1106240).
- KVM: PPC: Book3S: Fix guest DMA when guest partially backed by THP pages (bsc#1077761, git-fixes, bsc#1103948, bsc#1103949).
- KVM: VMX: Work around kABI breakage in 'enum vmx_l1d_flush_state' (bsc#1106369).
- KVM: VMX: fixes for vmentry_l1d_flush module parameter (bsc#1106369).
- KVM: nVMX: Do not flush TLB when vmcs12 uses VPID (bsc#1106240).
- KVM: nVMX: Fix injection to L2 when L1 do not intercept external-interrupts (bsc#1106240).
- KVM: nVMX: Fix races when sending nested PI while dest enters/leaves L2 (bsc#1106240).
- KVM: nVMX: Re-evaluate L1 pending events when running L2 and L1 got posted-interrupt (bsc#1106240).
- KVM: s390: add etoken support for guests (bsc#1106948, LTC#171029).
- KVM: s390: force bp isolation for VSIE (bsc#1103421).
- KVM: s390: implement CPU model only facilities (bsc#1106948, LTC#171029).
- KVM: x86: Change __kvm_apic_update_irr() to also return if max IRR updated (bsc#1106240).
- KVM: x86: SVM: Call x86_spec_ctrl_set_guest/host() with interrupts disabled (git-fixes 1f50ddb4f418).
- KVM: x86: fix APIC page invalidation (bsc#1106240).
- NET: stmmac: align DMA stuff to largest cache line length (netfilter-stable-18_08_01).
- NFSv4 client live hangs after live data migration recovery (git-fixes).
- NFSv4: Fix a sleep in atomic context in nfs4_callback_sequence() (git-fixes).
- NFSv4: Fix possible 1-byte stack overflow in nfs_idmap_read_and_verify_message (git-fixes).
- Netperf performance issue due to AppArmor net mediation (bsc#1108520)
- PCI: Match Root Port's MPS to endpoint's MPSS as necessary (bsc#1109269).
- PCI: OF: Fix I/O space page leak (git-fixes).
- PCI: aardvark: Fix I/O space page leak (git-fixes).
- PCI: hotplug: Do not leak pci_slot on registration failure (bsc#1051510).
- PCI: hv: Make sure the bus domain is really unique (git-fixes).
- PCI: mvebu: Fix I/O space end address calculation (bsc#1051510).
- PCI: pciehp: Fix use-after-free on unplug (bsc#1051510).
- PM / Domains: Fix error path during attach in genpd (bsc#1051510).
- PM / clk: signedness bug in of_pm_clk_add_clks() (bsc#1051510).
- PM / runtime: Drop usage count for suppliers at device link removal (bsc#1100132).
- RDMA/bnxt_re: Fix a bunch of off by one bugs in qplib_fp.c (bsc#1050244).
- RDMA/bnxt_re: Fix a couple off by one bugs (bsc#1050244 ).
- RDMA/i40w: Hold read semaphore while looking after VMA (bsc#1058659).
- Refresh with the upstream patches for lan78xx fixes (bsc#1085262)
- Replace magic for trusting the secondary keyring with #define (bsc#1051510).
- Revert 'PCI: Add ACS quirk for Intel 300 series' (bsc#1051510).
- Revert 'UBIFS: Fix potential integer overflow in allocation' (bsc#1051510).
- Revert 'mm: page_alloc: skip over regions of invalid pfns where possible' (bnc#1107078).
- Revert 'vhost: cache used event for better performance' (bsc#1090528).
- Revert 'vmalloc: back off when the current task is killed' (bnc#1107073).
- Staging: vc04_services: remove unused variables.
- Tools: hv: vss: fix loop device detection.
- USB: net2280: Fix erroneous synchronization change (bsc#1051510).
- USB: serial: io_ti: fix array underflow in completion handler (bsc#1051510).
- USB: serial: ti_usb_3410_5052: fix array underflow in completion handler (bsc#1051510).
- Update patches.drivers/0016-arm64-vgic-v2-Fix-proxying-of-cpuif-access.patch (bsc#1106901, bsc#1107265).
- Update patches.fixes/4.4.139-043-powerpc-mm-hash-Add-missing-isync-prior-to-ke.patch (bnc#1012382, bsc#1094244).
- Update config files, make CRYPTO_CRCT10DIF_PCLMUL built-in (bsc#1105603).
- Update patch tag of dmi fix (bsc#1105597) Also moved to the sorted section.
- Update patch tags of recent security fixes (bsc#1106426)
- Update references (bsc#1064232)
- Workaround kABI breakage by __must_check drop of strscpy() (bsc#1051510).
- ahci: Add Intel Ice Lake LP PCI ID (bsc#1051510).
- apparmor: Fix regression in profile conflict logic (bsc#1106427)
- apparmor: ensure that undecidable profile attachments fail (bsc#1106427).
- apparmor: fix an error code in __aa_create_ns() (bsc#1106427).
- apparmor: remove no-op permission check in policy_unpack (bsc#1106427).
- arm64/acpi: Create arch specific cpu to acpi id helper (bsc#1106903).
- arm64/kasan: do not allocate extra shadow memory (bsc#1106897).
- arm64/mm/kasan: do not use vmemmap_populate() to initialize shadow (bsc#1106898).
- arm64: Enforce BBM for huge IO/VMAP mappings (bsc#1106890).
- arm64: Ignore hardware dirty bit updates in ptep_set_wrprotect() (bsc#1108010).
- arm64: Make sure permission updates happen for pmd/pud (bsc#1106891).
- arm64: dma-mapping: clear buffers allocated with FORCE_CONTIGUOUS flag (bsc#1106902).
- arm64: export memblock_reserve()d regions via /proc/iomem (bsc#1106892).
- arm64: fix unwind_frame() for filtered out fn for function graph tracing (bsc#1106900).
- arm64: fix vmemmap BUILD_BUG_ON() triggering on !vmemmap setups (bsc#1106896).
- arm64: fpsimd: Avoid FPSIMD context leakage for the init task (bsc#1106894).
- arm64: kasan: avoid pfn_to_nid() before page array is initialized (bsc#1106899).
- arm64: mm: Ensure writes to swapper are ordered wrt subsequent cache maintenance (bsc#1106906).
- arm64: mm: check for upper PAGE_SHIFT bits in pfn_valid() (bsc#1106893).
- arm64: numa: rework ACPI NUMA initialization (bsc#1106905).
- arm64: vgic-v2: Fix proxying of cpuif access (bsc#1106901).
- ata: libahci: Allow reconfigure of DEVSLP register (bsc#1051510).
- ata: libahci: Correct setting of DEVSLP register (bsc#1051510).
- ath10k: disable bundle mgmt tx completion event support (bsc#1051510).
- ath10k: update the phymode along with bandwidth change request (bsc#1051510).
- ath9k: add MSI support.
- ath9k: report tx status on EOSP (bsc#1051510).
- ath9k_hw: fix channel maximum power level test (bsc#1051510).
- b43/leds: Ensure NUL-termination of LED name string (bsc#1051510).
- b43legacy/leds: Ensure NUL-termination of LED name string (bsc#1051510).
- bcache: avoid unncessary cache prefetch bch_btree_node_get().
- bcache: calculate the number of incremental GC nodes according to the total of btree nodes.
- bcache: display rate debug parameters to 0 when writeback is not running.
- bcache: do not check return value of debugfs_create_dir().
- bcache: finish incremental GC.
- bcache: fix I/O significant decline while backend devices registering.
- bcache: fix error setting writeback_rate through sysfs interface.
- bcache: free heap cache_set->flush_btree in bch_journal_free.
- bcache: make the pr_err statement used for ENOENT only in sysfs_attatch section.
- bcache: release dc->writeback_lock properly in bch_writeback_thread().
- bcache: set max writeback rate when I/O request is idle.
- bcache: simplify the calculation of the total amount of flash dirty data.
- Add a blacklist entry for the reverted patch (bsc#1106743)
- blk-mq: avoid to synchronize rcu inside blk_cleanup_queue() (bsc#1077989).
- blkdev: __blkdev_direct_IO_simple: fix leak in error case (bsc#1083663).
- block, bfq: return nbytes and not zero from struct cftype .write() method (bsc#1106238).
- block: bio_iov_iter_get_pages: fix size of last iovec (bsc#1083663).
- block: bio_iov_iter_get_pages: pin more pages for multi-segment IOs (bsc#1083663).
- block: do not print a message when the device went away (bsc#1098459).
- block: do not warn for flush on read-only device (bsc#1107756).
- bnxt_en: Clean up unused functions (bsc#1086282).
- bnxt_en: Do not adjust max_cp_rings by the ones used by RDMA (bsc#1086282).
- bnxt_en: Fix VF mac address regression (bsc#1086282 ).
- bnxt_re: Fix couple of memory leaks that could lead to IOMMU call traces (bsc#1050244).
- bonding: avoid lockdep confusion in bond_get_stats() (netfilter-stable-18_08_04).
- bpf, s390: fix potential memleak when later bpf_jit_prog fails (bsc#1083647).
- bpf: fix references to free_bpf_prog_info() in comments (bsc#1083647).
- bpf: fix uninitialized variable in bpf tools (bsc#1083647).
- bpf: hash map: decrement counter on error (bsc#1083647).
- bpf: powerpc64: pad function address loads with NOPs (bsc#1083647).
- bpf: use GFP_ATOMIC instead of GFP_KERNEL in bpf_parse_prog() (bsc#1083647).
- brcmfmac: stop watchdog before detach and free everything (bsc#1051510).
- btrfs: Add checker for EXTENT_CSUM (bsc#1102882, bsc#1102896, bsc#1102879, bsc#1102877, bsc#1102875,).
- btrfs: Add sanity check for EXTENT_DATA when reading out leaf (bsc#1102882, bsc#1102896, bsc#1102879, bsc#1102877, bsc#1102875,).
- btrfs: Check if item pointer overlaps with the item itself (bsc#1102882, bsc#1102896, bsc#1102879, bsc#1102877, bsc#1102875,).
- btrfs: Check that each block group has corresponding chunk at mount time (bsc#1102882, bsc#1102896, bsc#1102879, bsc#1102877, bsc#1102875,).
- btrfs: Fix use-after-free when cleaning up fs_devs with a single stale device (bsc#1097105).
- btrfs: Handle error from btrfs_uuid_tree_rem call in _btrfs_ioctl_set_received_subvol (bsc#1097105).
- btrfs: Introduce mount time chunk <-> dev extent mapping check (bsc#1102882, bsc#1102896, bsc#1102879, bsc#1102877, bsc#1102875,).
- btrfs: Manually implement device_total_bytes getter/setter (bsc#1043912).
- btrfs: Move leaf and node validation checker to tree-checker.c (bsc#1102882, bsc#1102896, bsc#1102879, bsc#1102877, bsc#1102875,).
- btrfs: Round down values which are written for total_bytes_size (bsc#1043912).
- btrfs: Verify that every chunk has corresponding block group at mount time (bsc#1102882, bsc#1102896, bsc#1102879, bsc#1102877, bsc#1102875,).
- btrfs: fix error handling in btrfs_dev_replace_start (bsc#1107535).
- btrfs: round down size diff when shrinking/growing device (bsc#1097105).
- btrfs: tree-checker: Add checker for dir item (bsc#1102882, bsc#1102896, bsc#1102879, bsc#1102877, bsc#1102875,).
- btrfs: tree-checker: Detect invalid and empty essential trees (bsc#1102882, bsc#1102896, bsc#1102879, bsc#1102877, bsc#1102875,).
- btrfs: tree-checker: Enhance btrfs_check_node output (bsc#1102882, bsc#1102896, bsc#1102879, bsc#1102877, bsc#1102875,).
- btrfs: tree-checker: Enhance output for check_extent_data_item (bsc#1102882, bsc#1102896, bsc#1102879, bsc#1102877, bsc#1102875,).
- btrfs: tree-checker: Enhance output for btrfs_check_leaf (bsc#1102882, bsc#1102896, bsc#1102879, bsc#1102877, bsc#1102875,).
- btrfs: tree-checker: Enhance output for check_csum_item (bsc#1102882, bsc#1102896, bsc#1102879, bsc#1102877, bsc#1102875,).
- btrfs: tree-checker: Fix false panic for sanity test (bsc#1102882, bsc#1102896, bsc#1102879, bsc#1102877, bsc#1102875,).
- btrfs: tree-checker: Replace root parameter with fs_info (bsc#1102882, bsc#1102896, bsc#1102879, bsc#1102877, bsc#1102875,).
- btrfs: tree-checker: Verify block_group_item (bsc#1102882, bsc#1102896, bsc#1102879, bsc#1102877, bsc#1102875,).
- btrfs: tree-checker: use %zu format string for size_t (bsc#1102882, bsc#1102896, bsc#1102879, bsc#1102877, bsc#1102875,).
- btrfs: tree-checker: use %zu format string for size_t (bsc#1102882, bsc#1102896, bsc#1102879, bsc#1102877, bsc#1102875,).
- cdrom: Fix info leak/OOB read in cdrom_ioctl_drive_status (bsc#1051510).
- ceph: fix incorrect use of strncpy (bsc#1107319).
- ceph: return errors from posix_acl_equiv_mode() correctly (bsc#1107320).
- cfg80211: nl80211_update_ft_ies() to validate NL80211_ATTR_IE (bsc#1051510).
- cgroup: avoid copying strings longer than the buffers (bsc#1051510).
- cifs: Fix stack out-of-bounds in smb{2,3}_create_lease_buf() (bsc#1051510).
- cifs: check kmalloc before use (bsc#1051510).
- cifs: store the leaseKey in the fid on SMB2_open (bsc#1051510).
- cls_matchall: fix tcf_unbind_filter missing (networking-stable-18_08_21).
- crypto: caam/jr - fix descriptor DMA unmapping (bsc#1051510).
- crypto: caam/qi - fix error path in xts setkey (bsc#1051510).
- crypto: vmx - Fix sleep-in-atomic bugs (bsc#1051510).
- cxl: Configure PSL to not use APC virtual machines (bsc#1055014, git-fixes).
- cxl: Fix wrong comparison in cxl_adapter_context_get() (bsc#1055014, git-fixes).
- dax: remove VM_MIXEDMAP for fsdax and device dax (bsc#1106007).
- dccp: fix undefined behavior with 'cwnd' shift in ccid2_cwnd_restart() (netfilter-stable-18_08_17).
- drm/amd/pp/Polaris12: Fix a chunk of registers missed to program (bsc#1051510).
- drm/amdgpu: Fix RLC safe mode test in gfx_v9_0_enter_rlc_safe_mode (bsc#1051510).
- drm/amdgpu: fix swapped emit_ib_size in vce3 (bsc#1051510).
- drm/amdgpu: update tmr mc address (bsc#1100132).
- drm/amdgpu:add new firmware id for VCN (bsc#1051510).
- drm/amdgpu:add tmr mc address into amdgpu_firmware_info (bsc#1051510).
- drm/arm/malidp: Preserve LAYER_FORMAT contents when setting format (bsc#1051510).
- drm/armada: fix colorkey mode property (bsc#1051510).
- drm/armada: fix irq handling (bsc#1051510).
- drm/bridge/sii8620: Fix display of packed pixel modes (bsc#1051510).
- drm/bridge/sii8620: fix display of packed pixel modes in MHL2 (bsc#1051510).
- drm/bridge/sii8620: fix loops in EDID fetch logic (bsc#1051510).
- drm/bridge: adv7511: Reset registers on hotplug (bsc#1051510).
- drm/edid: Add 6 bpc quirk for SDC panel in Lenovo B50-80 (bsc#1051510).
- drm/exynos: decon5433: Fix WINCONx reset value (bsc#1051510).
- drm/exynos: decon5433: Fix per-plane global alpha for XRGB modes (bsc#1051510).
- drm/exynos: gsc: Fix support for NV16/61, YUV420/YVU420 and YUV422 modes (bsc#1051510).
- drm/i915/audio: Fix audio enumeration issue on BXT.
- drm/i915/gvt: Fix the incorrect length of child_device_config issue (bsc#1051510).
- drm/i915/gvt: clear ggtt entries when destroy vgpu (bsc#1051510).
- drm/i915/gvt: request srcu_read_lock before checking if one gfn is valid (bsc#1051510).
- drm/i915/kvmgt: Fix potential Spectre v1 (bsc#1051510).
- drm/i915/lpe: Mark LPE audio runtime pm as 'no callbacks' (bsc#1051510).
- drm/i915/overlay: Allocate physical registers from stolen (bsc#1051510).
- drm/i915: Increase LSPCON timeout (bsc#1051510).
- drm/i915: set DP Main Stream Attribute for color range on DDI platforms (bsc#1051510).
- drm/imx: imx-ldb: check if channel is enabled before printing warning (bsc#1051510).
- drm/imx: imx-ldb: disable LDB on driver bind (bsc#1051510).
- drm/modes: Introduce drm_mode_match().
- drm/nouveau/drm/nouveau: Fix bogus drm_kms_helper_poll_enable() placement (bsc#1051510).
- drm/tegra: Check for malformed offsets and sizes in the 'submit' IOCTL (bsc#1106170).
- drm/tegra: Fix comparison operator for buffer size (bsc#1100132).
- drm/vc4: Fix the 'no scaling' case on multi-planar YUV formats (bsc#1051510).
- drm: Add DRM client cap for aspect-ratio.
- drm: Add and handle new aspect ratios in DRM layer.
- drm: Add aspect ratio parsing in DRM layer.
- drm: Expose modes with aspect ratio, only if requested.
- drm: Handle aspect ratio info in legacy modeset path.
- drm: mali-dp: Enable Global SE interrupts mask for DP500 (bsc#1051510).
- dwc2: gadget: Fix ISOC IN DDMA PID bitfield value calculation (bsc#1051510).
- errseq: Add to documentation tree (bsc#1107008).
- errseq: Always report a writeback error once (bsc#1107008).
- ext4: sysfs: print ext4_super_block fields as little-endian (bsc#1106229).
- f2fs: remove unneeded memory footprint accounting (bsc#1106233).
- f2fs: remove unneeded memory footprint accounting (bsc#1106297).
- f2fs: validate before set/clear free nat bitmap (bsc#1106231).
- f2fs: validate before set/clear free nat bitmap (bsc#1106297).
- fat: fix memory allocation failure handling of match_strdup() (bsc#1051510).
- fb: fix lost console when the user unplugs a USB adapter (bsc#1051510).
- fbdev: omapfb: off by one in omapfb_register_client() (bsc#1051510).
- fix __legitimize_mnt()/mntput() race (bsc#1106297).
- fix a page leak in vhost_scsi_iov_to_sgl() error recovery (bsc#1051510).
- fix mntput/mntput race (bsc#1106297).
- fs/9p/xattr.c: catch the error of p9_client_clunk when setting xattr failed (bsc#1051510).
- fs/proc/proc_sysctl.c: fix potential page fault while unregistering sysctl table (bsc#1106297).
- fuse: Add missed unlock_page() to fuse_readpages_fill() (bsc#1106291).
- fuse: Fix oops at process_init_reply() (bsc#1106291).
- fuse: fix double request_end() (bsc#1106291).
- fuse: fix initial parallel dirops (bsc#1106291).
- fuse: fix unlocked access to processing queue (bsc#1106291).
- fuse: umount should wait for all requests (bsc#1106291).
- getxattr: use correct xattr length (bsc#1106235).
- getxattr: use correct xattr length (bsc#1106297).
- gpio: ml-ioh: Fix buffer underwrite on probe error path (bsc#1051510).
- gpio: tegra: Move driver registration to subsys_init level (bsc#1051510).
- gpiolib-acpi: make sure we trigger edge events at least once on boot (bsc#1051510).
- gpiolib: acpi: Switch to cansleep version of GPIO library call (bsc#1051510).
- gpu: host1x: Check whether size of unpin isn't 0 (bsc#1051510).
- gpu: ipu-v3: default to id 0 on missing OF alias (bsc#1051510).
- i2c: core: ACPI: Properly set status byte to 0 for multi-byte writes (bsc#1051510).
- i2c: davinci: Avoid zero value of CLKH (bsc#1051510).
- i2c: i801: Add missing documentation entries for Braswell and Kaby Lake (bsc#1051510).
- i2c: i801: Add support for Intel Cedar Fork (bsc#1051510).
- i2c: i801: Add support for Intel Ice Lake (bsc#1051510).
- i2c: i801: Consolidate chipset names in documentation and Kconfig (bsc#1051510).
- i2c: i801: fix DNV's SMBCTRL register offset (bsc#1051510).
- i2c: imx: Fix race condition in dma read (bsc#1051510).
- i2c: uniphier-f: issue STOP only for last message or I2C_M_STOP (bsc#1051510).
- i2c: uniphier: issue STOP only for last message or I2C_M_STOP (bsc#1051510).
- i2c: xiic: Make the start and the byte count write atomic (bsc#1051510).
- i2c: xlp9xx: Fix case where SSIF read transaction completes early (bsc#1105907).
- i2c: xlp9xx: Fix issue seen when updating receive length (bsc#1105907).
- i2c: xlp9xx: Make sure the transfer size is not more than I2C_SMBUS_BLOCK_SIZE (bsc#1105907).
- i40e: fix condition of WARN_ONCE for stat strings (bsc#1107522).
- ib_srpt: Fix a use-after-free in srpt_close_ch() (bsc#1046306 ).
- ibmvnic: Include missing return code checks in reset function (bnc#1107966).
- iommu/amd: Add support for IOMMU XT mode.
- iommu/amd: Add support for higher 64-bit IOMMU Control Register.
- iommu/amd: Finish TLB flush in amd_iommu_unmap() (bsc#1106105).
- iommu/amd: make sure TLB to be flushed before IOVA freed (bsc#1106105).
- iommu/arm-smmu-v3: Do not free page table ops twice (bsc#1106237).
- iommu/vt-d: Fix a potential memory leak (bsc#1106105).
- iommu/vt-d: Ratelimit each dmar fault printing (bsc#1106105).
- ipmi/powernv: Fix error return code in ipmi_powernv_probe() (git-fixes).
- ipmi: Fix some counter issues (bsc#1105907).
- ipmi: Move BT capabilities detection to the detect call (bsc#1106779).
- ipmi: Remove ACPI SPMI probing from the SSIF (I2C) driver (bsc#1105907).
- ipmi:bt: Set the timeout before doing a capabilities check (bsc#1051510).
- ipv4: remove BUG_ON() from fib_compute_spec_dst (netfilter-stable-18_08_01).
- irqchip/bcm7038-l1: Hide cpu offline callback when building for !SMP (bsc#1051510).
- iw_cxgb4: remove duplicate memcpy() in c4iw_create_listen() (bsc#1046543).
- ixgbe: Refactor queue disable logic to take completion time into account (bsc#1101557).
- ixgbe: Reorder Tx/Rx shutdown to reduce time needed to stop device (bsc#1101557).
- kabi fix for check_disk_size_change() (bsc#1098459).
- kabi protect hnae_ae_ops (bsc#1107924).
- kabi protect struct kvm_sync_regs (bsc#1106948).
- kabi/severities: Whitelist libceph, rbd, and ceph (bsc#1096748).
- kabi: move s390 mm_context_t lock to mm_struct and ignore the change (bsc#1103421).
- kabi: x86/speculation/l1tf: Increase l1tf memory limit for Nehalem+ (bnc#1105536).
- kvm: arm64: Convert kvm_set_s2pte_readonly() from inline asm to cmpxchg() (bsc#1108010).
- kvm: nVMX: Fix fault vector for VMX operation at CPL > 0 (bsc#1106105).
- kvm: nVMX: Use nested_run_pending rather than from_vmentry (bsc#1106240).
- kvm: x86: vmx: fix vpid leak (bsc#1106240).
- l2tp: use sk_dst_check() to avoid race on sk->sk_dst_cache (netfilter-stable-18_08_17).
- lan78xx: Lan7801 Support for Fixed PHY (bsc#1085262).
- lan78xx: Set ASD in MAC_CR when EEE is enabled (bsc#1085262).
- lan78xx: remove redundant initialization of pointer 'phydev' (bsc#1085262).
- lib/test_hexdump.c: fix failure on big endian cpu (bsc#1051510).
- libahci: Fix possible Spectre-v1 pmp indexing in ahci_led_store() (bsc#1051510).
- libbpf: Makefile set specified permission mode (bsc#1083647).
- libceph: check authorizer reply/challenge length before reading (bsc#1096748).
- libceph: factor out __ceph_x_decrypt() (bsc#1096748).
- libceph: factor out __prepare_write_connect() (bsc#1096748).
- libceph: factor out encrypt_authorizer() (bsc#1096748).
- libceph: store ceph_auth_handshake pointer in ceph_connection (bsc#1096748).
- libceph: weaken sizeof check in ceph_x_verify_authorizer_reply() (bsc#1096748).
- libnvdimm, btt: fix uninitialized err_lock (bsc#1103961).
- libnvdimm, nfit: enable support for volatile ranges (bsc#1103961).
- libnvdimm, nfit: move the check on nd_reserved2 to the endpoint (bsc#1103961).
- libnvdimm: Use max contiguous area for namespace size (git-fixes).
- libnvdimm: rename nd_sector_size_{show,store} to nd_size_select_{show,store} (bsc#1103961).
- livepatch: Remove reliable stacktrace check in klp_try_switch_task() (bsc#1071995).
- livepatch: Validate module/old func name length (bsc#1071995).
- llc: use refcount_inc_not_zero() for llc_sap_find() (netfilter-stable-18_08_17).
- mac80211: add stations tied to AP_VLANs during hw reconfig (bsc#1051510).
- mac80211: always account for A-MSDU header changes (bsc#1051510).
- mac80211: avoid kernel panic when building AMSDU from non-linear SKB (bsc#1051510).
- mac80211: fix an off-by-one issue in A-MSDU max_subframe computation (bsc#1051510).
- macros.kernel-source: pass -b properly in kernel module package (bsc#1107870).
- md-cluster: clear another node's suspend_area after the copy is finished (bsc#1106333).
- md-cluster: do not send msg if array is closing (bsc#1106333).
- md-cluster: release RESYNC lock after the last resync message (bsc#1106688).
- md-cluster: show array's status more accurate (bsc#1106333).
- media: Revert '[media] tvp5150: fix pad format frame height' (bsc#1051510).
- mei: do not update offset in write (bsc#1051510).
- mei: me: enable asynchronous probing.
- memcg, thp: do not invoke oom killer on thp charges (bnc#1089663).
- memory: tegra: Apply interrupts mask per SoC (bsc#1051510).
- memory: tegra: Do not handle spurious interrupts (bsc#1051510).
- mfd: intel-lpss: Add Ice Lake PCI IDs (bsc#1051510).
- mfd: lpc_ich: Do not touch SPI-NOR write protection bit on Apollo Lake (bsc#1051510).
- mlxsw: core_acl_flex_actions: Return error for conflicting actions (netfilter-stable-18_08_17).
- mm/huge_memory.c: fix data loss when splitting a file pmd (bnc#1107074).
- mm/hugetlb: filter out hugetlb pages if HUGEPAGE migration is not supported (bnc#1106697).
- mm/vmscan: wake up flushers for legacy cgroups too (bnc#1107061).
- mm: fix devmem_is_allowed() for sub-page System RAM intersections (bsc#1106800).
- mm: memcg: fix use after free in mem_cgroup_iter() (bnc#1107065).
- mmc: omap_hsmmc: fix wakeirq handling on removal (bsc#1051510).
- module: exclude SHN_UNDEF symbols from kallsyms api (bsc#1071995).
- net/9p/client.c: version pointer uninitialized (bsc#1051510).
- net/9p/trans_fd.c: fix race by holding the lock (bsc#1051510).
- net/9p/trans_fd.c: fix race-condition by flushing workqueue before the kfree() (bsc#1051510).
- net/9p: Switch to wait_event_killable() (bsc#1051510).
- net/9p: fix error path of p9_virtio_probe (bsc#1051510).
- net: dsa: Do not suspend/resume closed slave_dev (netfilter-stable-18_08_04).
- net: ena: Eliminate duplicate barriers on weakly-ordered archs (bsc#1108093).
- net: ena: Fix use of uninitialized DMA address bits field (netfilter-stable-18_08_01).
- net: ena: fix device destruction to gracefully free resources (bsc#1108093).
- net: ena: fix driver when PAGE_SIZE == 64kB (bsc#1108093).
- net: ena: fix incorrect usage of memory barriers (bsc#1108093).
- net: ena: fix missing calls to READ_ONCE (bsc#1108093).
- net: ena: fix missing lock during device destruction (bsc#1108093).
- net: ena: fix potential double ena_destroy_device() (bsc#1108093).
- net: ena: fix surprise unplug NULL dereference kernel crash (bsc#1108093).
- net: ethernet: mvneta: Fix napi structure mixup on armada 3700 (networking-stable-18_08_21).
- net: fix amd-xgbe flow-control issue (netfilter-stable-18_08_01).
- net: hns3: Fix for waterline not setting correctly (bsc#1104353 ).
- net: hns3: fix page_offset overflow when CONFIG_ARM64_64K_PAGES (bsc#1104353).
- net: hns: add netif_carrier_off before change speed and duplex (bsc#1107924).
- net: hns: add the code for cleaning pkt in chip (bsc#1107924).
- net: mdio-mux: bcm-iproc: fix wrong getter and setter pair (netfilter-stable-18_08_01).
- net: mvneta: fix mvneta_config_rss on armada 3700 (networking-stable-18_08_21).
- net: rtnl_configure_link: fix dev flags changes arg to __dev_notify_flags (git-fixes).
- net: stmmac: Fix WoL for PCI-based setups (netfilter-stable-18_08_04).
- net: stmmac: mark PM functions as __maybe_unused (git-fixes).
- net_sched: Fix missing res info when create new tc_index filter (netfilter-stable-18_08_17).
- netfilter: ip6t_rpfilter: set F_IFACE for linklocal addresses (git-fixes).
- netlink: Do not shift on 64 for ngroups (git-fixes).
- netlink: Do not shift with UB on nlk->ngroups (netfilter-stable-18_08_01).
- netlink: Do not subscribe to non-existent groups (netfilter-stable-18_08_01).
- netlink: Fix spectre v1 gadget in netlink_create() (netfilter-stable-18_08_04).
- nfs/pnfs: fix nfs_direct_req ref leak when i/o falls back to the mds (git-fixes).
- nfs41: do not return ENOMEM on LAYOUTUNAVAILABLE (git-fixes).
- nfsd: remove blocked locks on client teardown (git-fixes).
- nl80211: Add a missing break in parse_station_flags (bsc#1051510).
- nl80211: check nla_parse_nested() return values (bsc#1051510).
- nvme: register ns_id attributes as default sysfs groups (bsc#1105247).
- nvme_fc: add 'nvme_discovery' sysfs attribute to fc transport device (bsc#1044189).
- pinctrl/amd: only handle irq if it is pending and unmasked (bsc#1051510).
- pipe: actually allow root to exceed the pipe buffer limits (bsc#1106297).
- platform/x86: asus-nb-wmi: Add keymap entry for lid flip action on UX360 (bsc#1051510).
- pnfs/blocklayout: off by one in bl_map_stripe() (git-fixes).
- powerpc/64s: Default l1d_size to 64K in RFI fallback flush (bsc#1068032, git-fixes).
- powerpc/64s: Fix DT CPU features Power9 DD2.1 logic (bsc#1055117).
- powerpc/64s: Fix compiler store ordering to SLB shadow area (bsc#1094244).
- powerpc/64s: move machine check SLB flushing to mm/slb.c (bsc#1094244).
- powerpc/kprobes: Fix call trace due to incorrect preempt count (bsc#1065729).
- powerpc/lib: Fix the feature fixup tests to actually work (bsc#1065729).
- powerpc/mce: Fix SLB rebolting during MCE recovery path (bsc#1094244).
- powerpc/perf: Fix IMC allocation routine (bsc#1054914).
- powerpc/perf: Fix memory allocation for core-imc based on num_possible_cpus() (bsc#1054914).
- powerpc/perf: Remove sched_task function defined for thread-imc (bsc#1054914).
- powerpc/pseries: Avoid using the size greater than RTAS_ERROR_LOG_MAX (bsc#1094244).
- powerpc/pseries: Fix endianness while restoring of r3 in MCE handler (bsc#1094244).
- powerpc/pseries: fix EEH recovery of some IOV devices (bsc#1078720, git-fixes).
- powerpc64s: Show ori31 availability in spectre_v1 sysfs file not v2 (bsc#1068032, bsc#1080157, git-fixes).
- powerpc: Avoid code patching freed init sections (bnc#1107735).
- powerpc: make feature-fixup tests fortify-safe (bsc#1065729).
- pstore: Fix incorrect persistent ram buffer mapping (bsc#1051510).
- pwm: tiehrpwm: Fix disabling of output of PWMs (bsc#1051510).
- qlge: Fix netdev features configuration (bsc#1098822).
- r8169: add support for NCube 8168 network card (bsc#1051510).
- reiserfs: fix broken xattr handling (heap corruption, bad retval) (bsc#1106236).
- rhashtable: add schedule points (bsc#1051510).
- root dentries need RCU-delayed freeing (bsc#1106297).
- rsi: Fix 'invalid vdd' warning in mmc (bsc#1051510).
- rxrpc: Fix user call ID check in rxrpc_service_prealloc_one (netfilter-stable-18_08_04).
- s390/entry.S: use assembler alternatives (bsc#1103421).
- s390/lib: use expoline for all bcr instructions (git-fixes, bsc#1103421).
- s390/mm: fix local TLB flushing vs. detach of an mm address space (bsc#1103421).
- s390/mm: fix race on mm->context.flush_mm (bsc#1103421).
- s390/runtime instrumentation: simplify task exit handling (bsc#1103421).
- s390: always save and restore all registers on context switch (bsc#1103421).
- s390: detect etoken facility (bsc#1103421).
- s390: fix br_r1_trampoline for machines without exrl (git-fixes, bsc#1103421).
- s390: fix compat system call table (bsc#1103421).
- s390: fix handling of -1 in set{,fs}id16 syscalls (bsc#1103421).
- s390: use expoline thunks for all branches generated by the BPF JIT (bsc#1103421).
- samples/bpf: adjust rlimit RLIMIT_MEMLOCK for xdp1 (bsc#1083647).
- sched/fair: Fix vruntime_normalized() for remote non-migration wakeup (git-fixes).
- sched/numa: Do not move imbalanced load purely on the basis of an idle CPU (bnc#1101669 optimise numa balancing for fast migrate).
- sched/numa: Evaluate move once per node (bnc#1101669 optimise numa balancing for fast migrate).
- sched/numa: Remove numa_has_capacity() (bnc#1101669 optimise numa balancing for fast migrate).
- sched/numa: Remove unused task_capacity from 'struct numa_stats' (bnc#1101669 optimise numa balancing for fast migrate).
- sched/numa: Stop comparing tasks for NUMA placement after selecting an idle core (bnc#1101669 optimise numa balancing for fast migrate).
- sched/numa: remove unused code from update_numa_stats() (bnc#1101669 optimise numa balancing for fast migrate).
- sched/numa: remove unused nr_running field (bnc#1101669 optimise numa balancing for fast migrate).
- scripts/git_sort/git_sort.py: Add fixes branch from mkp/scsi.git.
- scripts/git_sort/git_sort.py: add mkp 4.20/scsi-queue
- scripts/tar-up.sh: Do not package gitlog-excludes file Also fix the evaluation of gitlog-excludes file, too
- scripts: modpost: check memory allocation results (bsc#1051510).
- scsi: fcoe: hold disc_mutex when traversing rport lists (bsc#1077989).
- scsi: hpsa: limit transfer length to 1MB, not 512kB (bsc#1102346).
- scsi: libfc: Add lockdep annotations (bsc#1077989).
- scsi: libfc: fixup 'sleeping function called from invalid context' (bsc#1077989).
- scsi: libfc: fixup lockdep annotations (bsc#1077989).
- scsi: libfc: hold disc_mutex in fc_disc_stop_rports() (bsc#1077989).
- scsi: lpfc: Correct MDS diag and nvmet configuration (bsc#1106636).
- scsi: mpt3sas: Fix calltrace observed while running IO and reset (bsc#1077989).
- scsi: qla2xxx: Add appropriate debug info for invalid RX_ID (bsc#1108870).
- scsi: qla2xxx: Add logic to detect ABTS hang and response completion (bsc#1108870).
- scsi: qla2xxx: Add mode control for each physical port (bsc#1108870).
- scsi: qla2xxx: Add support for ZIO6 interrupt threshold (bsc#1108870).
- scsi: qla2xxx: Allow FC-NVMe underrun to be handled by transport (bsc#1108870).
- scsi: qla2xxx: Check for Register disconnect (bsc#1108870).
- scsi: qla2xxx: Decrement login retry count for only plogi (bsc#1108870).
- scsi: qla2xxx: Defer chip reset until target mode is enabled (bsc#1108870).
- scsi: qla2xxx: Fix Remote port registration (bsc#1108870).
- scsi: qla2xxx: Fix deadlock between ATIO and HW lock (bsc#1108870).
- scsi: qla2xxx: Fix double increment of switch scan retry count (bsc#1108870).
- scsi: qla2xxx: Fix dropped srb resource (bsc#1108870).
- scsi: qla2xxx: Fix duplicate switch's Nport ID entries (bsc#1108870).
- scsi: qla2xxx: Fix early srb free on abort (bsc#1108870).
- scsi: qla2xxx: Fix iIDMA error (bsc#1108870).
- scsi: qla2xxx: Fix incorrect port speed being set for FC adapters (bsc#1108870).
- scsi: qla2xxx: Fix out of order Termination and ABTS response (bsc#1108870).
- scsi: qla2xxx: Fix port speed display on chip reset (bsc#1108870).
- scsi: qla2xxx: Fix premature command free (bsc#1108870).
- scsi: qla2xxx: Fix process response queue for ISP26XX and above (bsc#1108870).
- scsi: qla2xxx: Fix race condition for resource cleanup (bsc#1108870).
- scsi: qla2xxx: Fix stuck session in PLOGI state (bsc#1108870).
- scsi: qla2xxx: Force fw cleanup on ADISC error (bsc#1108870).
- scsi: qla2xxx: Increase abort timeout value (bsc#1108870).
- scsi: qla2xxx: Move ABTS code behind qpair (bsc#1108870).
- scsi: qla2xxx: Move rport registration out of internal work_list (bsc#1108870).
- scsi: qla2xxx: Move {get|rel}_sp to base_qpair struct (bsc#1108870).
- scsi: qla2xxx: Reduce holding sess_lock to prevent CPU lock-up (bsc#1108870).
- scsi: qla2xxx: Reject bsg request if chip is down (bsc#1108870).
- scsi: qla2xxx: Remove ASYNC GIDPN switch command (bsc#1108870).
- scsi: qla2xxx: Remove all rports if fabric scan retry fails (bsc#1108870).
- scsi: qla2xxx: Remove redundant check for fcport deletion (bsc#1108870).
- scsi: qla2xxx: Remove stale ADISC_DONE event (bsc#1108870).
- scsi: qla2xxx: Remove stale debug trace message from tcm_qla2xxx (bsc#1108870).
- scsi: qla2xxx: Serialize mailbox request (bsc#1108870).
- scsi: qla2xxx: Terminate Plogi/PRLI if WWN is 0 (bsc#1108870).
- scsi: qla2xxx: Turn off IOCB timeout timer on IOCB completion (bsc#1108870).
- scsi: qla2xxx: Update driver to version 10.00.00.09-k (bsc#1108870).
- scsi: qla2xxx: Update driver version to 10.00.00.10-k (bsc#1108870).
- scsi: qla2xxx: Update driver version to 10.00.00.11-k (bsc#1108870).
- scsi: qla2xxx: Update rscn_rcvd field to more meaningful scan_needed (bsc#1108870).
- scsi: qla2xxx: Use correct qpair for ABTS/CMD (bsc#1108870).
- scsi: qla2xxx: shutdown chip if reset fail (bsc#1108870).
- scsi_debug: call resp_XXX function after setting host_scribble (bsc#1069138).
- scsi_debug: reset injection flags for every_nth > 0 (bsc#1069138).
- selftests/bpf/test_maps: exit child process without error in ENOMEM case (bsc#1083647).
- selftests/bpf: fix a typo in map in map test (bsc#1083647).
- serial: enable spi in sc16is7xx driver References: bsc#1105672
- serial: make sc16is7xx driver supported References: bsc#1105672
- slab: __GFP_ZERO is incompatible with a constructor (bnc#1107060).
- spi-nor: intel-spi: Fix number of protected range registers for BYT/LPT.
- spi: cadence: Change usleep_range() to udelay(), for atomic context (bsc#1051510).
- spi: davinci: fix a NULL pointer dereference (bsc#1051510).
- spi: pxa2xx: Add support for Intel Ice Lake (bsc#1051510).
- staging: bcm2835-audio: Check if workqueue allocation failed.
- staging: bcm2835-audio: Deliver indirect-PCM transfer error.
- staging: bcm2835-audio: Disconnect and free vchi_instance on module_exit().
- staging: bcm2835-audio: Do not leak workqueue if open fails.
- staging: bcm2835-audio: constify snd_pcm_ops structures.
- staging: bcm2835-audio: make snd_pcm_hardware const.
- staging: comedi: ni_mio_common: fix subdevice flags for PFI subdevice (bsc#1051510).
- staging: lustre: Use 'kvfree()' for memory allocated by 'kvzalloc()' (bsc#1051510).
- staging: lustre: disable preempt while sampling processor id (bsc#1051510).
- staging: lustre: fix bug in osc_enter_cache_try (bsc#1051510).
- staging: lustre: ldlm: free resource when ldlm_lock_create() fails (bsc#1051510).
- staging: lustre: libcfs: Prevent harmless read underflow (bsc#1051510).
- staging: lustre: libcfs: fix test for libcfs_ioctl_hdr minimum size (bsc#1051510).
- staging: lustre: llite: correct removexattr detection (bsc#1051510).
- staging: lustre: llite: initialize xattr->xe_namelen (bsc#1051510).
- staging: lustre: lmv: correctly iput lmo_root (bsc#1051510).
- staging: lustre: lov: use correct env in lov_io_data_version_end() (bsc#1051510).
- staging: lustre: o2iblnd: Fix FastReg map/unmap for MLX5 (bsc#1051510).
- staging: lustre: o2iblnd: Fix crash in kiblnd_handle_early_rxs() (bsc#1051510).
- staging: lustre: o2iblnd: fix race at kiblnd_connect_peer (bsc#1051510).
- staging: lustre: obd_mount: use correct niduuid suffix (bsc#1051510).
- staging: lustre: obdclass: return -EFAULT if copy_from_user() fails (bsc#1051510).
- staging: lustre: ptlrpc: kfree used instead of kvfree (bsc#1051510).
- staging: lustre: remove invariant in cl_io_read_ahead() (bsc#1051510).
- staging: lustre: statahead: remove incorrect test on agl_list_empty() (bsc#1051510).
- staging: vc04_services: Fix platform_no_drv_owner.cocci warnings.
- staging: vc04_services: bcm2835-audio Format multiline comment.
- staging: vc04_services: bcm2835-audio: Add blank line after declaration.
- staging: vc04_services: bcm2835-audio: Change to unsigned int *.
- staging: vc04_services: bcm2835-audio: add SPDX identifiers.
- staging: vc04_services: bcm2835-audio: remove redundant license text.
- staging: vc04_services: please do not use multiple blank lines.
- string: drop __must_check from strscpy() and restore strscpy() usages in cgroup (bsc#1051510).
- sunxi-rsb: Include OF based modalias in device uevent (bsc#1051510).
- sys: do not hold uts_sem while accessing userspace memory (bnc#1106995).
- target_core_rbd: break up free_device callback (bsc#1105524).
- target_core_rbd: use RCU in free_device (bsc#1105524).
- tcp: add max_quickacks param to tcp_incr_quickack and tcp_enter_quickack_mode (netfilter-stable-18_08_01).
- tcp: add one more quick ack after after ECN events (netfilter-stable-18_08_01).
- tcp: do not aggressively quick ack after ECN events (netfilter-stable-18_08_01).
- tcp: do not force quickack when receiving out-of-order packets (netfilter-stable-18_08_01).
- tcp: refactor tcp_ecn_check_ce to remove sk type cast (netfilter-stable-18_08_01).
- tcp_bbr: fix bw probing to raise in-flight data for very small BDPs (netfilter-stable-18_08_01).
- thermal: thermal_hwmon: Convert to hwmon_device_register_with_info() (bsc#1103363).
- thermal_hwmon: Pass the originating device down to hwmon_device_register_with_info (bsc#1103363).
- thermal_hwmon: Sanitize attribute name passed to hwmon (bsc#1103363).
- ti: ethernet: cpdma: Use correct format for genpool_* (bsc#1051510).
- tools/power turbostat: Read extended processor family from CPUID (bsc#1051510).
- tools/power turbostat: fix -S on UP systems (bsc#1051510).
- tools: usb: ffs-test: Fix build on big endian systems (bsc#1051510).
- tpm: Introduce flag TPM_TRANSMIT_RAW (bsc#1082555).
- tpm: cmd_ready command can be issued only after granting locality (bsc#1082555).
- tpm: fix race condition in tpm_common_write() (bsc#1082555).
- tpm: fix use after free in tpm2_load_context() (bsc#1082555).
- tpm: separate cmd_ready/go_idle from runtime_pm (bsc#1082555).
- tpm: tpm_crb: relinquish locality on error path (bsc#1082555).
- tpm: vtpm_proxy: Implement request_locality function (bsc#1082555).
- tracepoint: Do not warn on ENOMEM (bsc#1051510).
- uart: fix race between uart_put_char() and uart_shutdown() (bsc#1051510).
- ubifs: Check data node size before truncate (bsc#1051510).
- ubifs: Fix directory size calculation for symlinks (bsc#1106230).
- ubifs: Fix memory leak in lprobs self-check (bsc#1051510).
- ubifs: Fix synced_i_size calculation for xattr inodes (bsc#1051510).
- ubifs: xattr: Do not operate on deleted inodes (bsc#1051510).
- udl-kms: avoid division (bsc#1051510).
- udl-kms: change down_interruptible to down (bsc#1051510).
- udl-kms: fix crash due to uninitialized memory (bsc#1051510).
- udl-kms: handle allocation failure (bsc#1051510).
- udlfb: set optimal write delay (bsc#1051510).
- usb/phy: fix PPC64 build errors in phy-fsl-usb.c (bsc#1051510).
- usb: Do not die twice if PCI xhci host is not responding in resume (bsc#1051510).
- usb: dwc2: fix isoc split in transfer with no data (bsc#1051510).
- usb: dwc2: gadget: Fix issue in dwc2_gadget_start_isoc() (bsc#1051510).
- usb: dwc3: pci: add support for Intel IceLake (bsc#1051510).
- usb: gadget: composite: fix delayed_status race condition when set_interface (bsc#1051510).
- usb: gadget: dwc2: fix memory leak in gadget_init() (bsc#1051510).
- usb: gadget: r8a66597: Fix a possible sleep-in-atomic-context bugs in r8a66597_queue() (bsc#1051510).
- usb: gadget: r8a66597: Fix two possible sleep-in-atomic-context bugs in init_controller() (bsc#1051510).
- usb: gadget: udc: renesas_usb3: fix maxpacket size of ep0 (bsc#1051510).
- usb: xhci: increase CRS timeout value (bsc#1051510).
- userns: move user access out of the mutex (bsc#1051510).
- vfio/pci: Virtualize Maximum Payload Size (bsc#1051510).
- vfio/pci: Virtualize Maximum Read Request Size (bsc#1051510).
- vfio/type1: Fix task tracking for QEMU vCPU hotplug (bsc#1051510).
- vhost: correctly check the iova range when waking virtqueue (bsc#1051510).
- vhost: do not try to access device IOTLB when not initialized (bsc#1051510).
- vhost: reset metadata cache when initializing new IOTLB (netfilter-stable-18_08_17).
- vhost: use mutex_lock_nested() in vhost_dev_lock_vqs() (bsc#1051510).
- video: fbdev: pxafb: clear allocated memory for video modes (bsc#1051510).
- vsock: split dwork to avoid reinitializations (netfilter-stable-18_08_17).
- wlcore: Set rx_status boottime_ns field on rx (bsc#1051510).
- x86/CPU/AMD: Derive CPU topology from CPUID function 0xB when available.
- x86/CPU: Modify detect_extended_topology() to return result.
- x86/events/intel/ds: Fix bts_interrupt_threshold alignment (git-fixes c1961a4631da).
- x86/init: fix build with CONFIG_SWAP=n (bnc#1106121).
- x86/kasan/64: Teach KASAN about the cpu_entry_area (kasan).
- x86/kvm: fix LAPIC timer drift when guest uses periodic mode (bsc#1106240).
- x86/mcelog: Get rid of RCU remnants (git-fixes 5de97c9f6d85).
- x86/mm/kasan: Do not use vmemmap_populate() to initialize shadow (kasan).
- x86/mm/memory_hotplug: determine block size based on the end of boot memory (bsc#1108243).
- x86/platform/UV: Add adjustable set memory block size function (bsc#1108243).
- x86/platform/UV: Add kernel parameter to set memory block size (bsc#1108243).
- x86/platform/UV: Mark memblock related init code and data correctly (bsc#1108243).
- x86/platform/UV: Use new set memory block size function (bsc#1108243).
- x86/spectre: Add missing family 6 check to microcode check (git-fixes a5b296636453).
- x86/speculation/l1tf: Fix off-by-one error when warning that system has too much RAM (bnc#1105536).
- x86/speculation/l1tf: Increase l1tf memory limit for Nehalem+ (bnc#1105536).
- x86/speculation/l1tf: Suggest what to do on systems with too much RAM (bnc#1105536).
- x86/speculation: Use ARCH_CAPABILITIES to skip L1D flush on vmentry (bsc#1106369).
- x86/vdso: Fix vDSO build if a retpoline is emitted (git-fixes 76b043848fd2).
- x86/xen/efi: Initialize only the EFI struct members used by Xen (bnc#1107945).
- x86: irq_remapping: Move irq remapping mode enum.
- xen-netfront-dont-bug-in-case-of-too-many-frags.patch: (bnc#1104824).
- xen-netfront: fix queue name setting (bnc#1065600).
- xen-netfront: fix warn message as irq device name has '/' (bnc#1065600).
- xen/blkback: do not keep persistent grants too long (bsc#1085042).
- xen/blkback: move persistent grants flags to bool (bsc#1085042).
- xen/blkback: remove unused pers_gnts_lock from struct (bsc#1085042).
- xen/blkfront: cleanup stale persistent grants (bsc#1085042).
- xen/blkfront: reorder tests in xlblk_init() (bsc#1085042).
- xen: avoid crash in disable_hotplug_cpu (bsc#1106594).
- xen: xenbus_dev_frontend: Fix XS_TRANSACTION_END handling (bnc#1065600).
- xen: xenbus_dev_frontend: Really return response string (bnc#1065600).
- xenbus: track caller request id (bnc#1065600).
- xfs: Fix per-inode DAX flag inheritance (Git-fixes bsc#1109511).
- xfs: add a new xfs_iext_lookup_extent_before helper (bsc#1095344).
- xfs: add a xfs_bmap_fork_to_state helper (bsc#1095344).
- xfs: add a xfs_iext_update_extent helper (bsc#1095344).
- xfs: add asserts for the mmap lock in xfs_{insert,collapse}_file_space (bsc#1095344).
- xfs: add comments documenting the rebalance algorithm (bsc#1095344).
- xfs: add some comments to xfs_iext_insert/xfs_iext_insert_node (bsc#1095344).
- xfs: allow unaligned extent records in xfs_bmbt_disk_set_all (bsc#1095344).
- xfs: do not create overlapping extents in xfs_bmap_add_extent_delay_real (bsc#1095344).
- xfs: do not rely on extent indices in xfs_bmap_collapse_extents (bsc#1095344).
- xfs: do not rely on extent indices in xfs_bmap_insert_extents (bsc#1095344).
- xfs: do not set XFS_BTCUR_BPRV_WASDEL in xfs_bunmapi (bsc#1095344).
- xfs: fix memory leak in xfs_iext_free_last_leaf (bsc#1095344).
- xfs: fix number of records handling in xfs_iext_split_leaf (bsc#1095344).
- xfs: fix type usage (bsc#1095344).
- xfs: handle zero entries case in xfs_iext_rebalance_leaf (bsc#1095344).
- xfs: inline xfs_shift_file_space into callers (bsc#1095344).
- xfs: introduce the xfs_iext_cursor abstraction (bsc#1095344).
- xfs: iterate backwards in xfs_reflink_cancel_cow_blocks (bsc#1095344).
- xfs: iterate over extents in xfs_bmap_extents_to_btree (bsc#1095344).
- xfs: iterate over extents in xfs_iextents_copy (bsc#1095344).
- xfs: make better use of the 'state' variable in xfs_bmap_del_extent_real (bsc#1095344).
- xfs: merge xfs_bmap_read_extents into xfs_iread_extents (bsc#1095344).
- xfs: move pre/post-bmap tracing into xfs_iext_update_extent (bsc#1095344).
- xfs: move some code around inside xfs_bmap_shift_extents (bsc#1095344).
- xfs: move some more code into xfs_bmap_del_extent_real (bsc#1095344).
- xfs: move xfs_bmbt_irec and xfs_exntst_t to xfs_types.h (bsc#1095344).
- xfs: move xfs_iext_insert tracepoint to report useful information (bsc#1095344).
- xfs: pass a struct xfs_bmbt_irec to xfs_bmbt_lookup_eq (bsc#1095344).
- xfs: pass a struct xfs_bmbt_irec to xfs_bmbt_update (bsc#1095344).
- xfs: pass an on-disk extent to xfs_bmbt_validate_extent (bsc#1095344).
- xfs: pass struct xfs_bmbt_irec to xfs_bmbt_validate_extent (bsc#1095344).
- xfs: preserve i_rdev when recycling a reclaimable inode (bsc#1095344).
- xfs: refactor delalloc accounting in xfs_bmap_add_extent_delay_real (bsc#1095344).
- xfs: refactor dir2 leaf readahead shadow buffer cleverness (bsc#1095344).
- xfs: refactor xfs_bmap_add_extent_delay_real (bsc#1095344).
- xfs: refactor xfs_bmap_add_extent_hole_delay (bsc#1095344).
- xfs: refactor xfs_bmap_add_extent_hole_real (bsc#1095344).
- xfs: refactor xfs_bmap_add_extent_unwritten_real (bsc#1095344).
- xfs: refactor xfs_del_extent_real (bsc#1095344).
- xfs: remove XFS_BMAP_MAX_SHIFT_EXTENTS (bsc#1095344).
- xfs: remove XFS_BMAP_TRACE_EXLIST (bsc#1095344).
- xfs: remove a duplicate assignment in xfs_bmap_add_extent_delay_real (bsc#1095344).
- xfs: remove a superflous assignment in xfs_iext_remove_node (bsc#1095344).
- xfs: remove all xfs_bmbt_set_* helpers except for xfs_bmbt_set_all (bsc#1095344).
- xfs: remove if_rdev (bsc#1095344).
- xfs: remove post-bmap tracing in xfs_bmap_local_to_extents (bsc#1095344).
- xfs: remove support for inlining data/extents into the inode fork (bsc#1095344).
- xfs: remove the never fully implemented UUID fork format (bsc#1095344).
- xfs: remove the nr_extents argument to xfs_iext_insert (bsc#1095344).
- xfs: remove the nr_extents argument to xfs_iext_remove (bsc#1095344).
- xfs: remove xfs_bmbt_get_state (bsc#1095344).
- xfs: remove xfs_bmse_shift_one (bsc#1095344).
- xfs: rename bno to end in __xfs_bunmapi (bsc#1095344).
- xfs: replace xfs_bmbt_lookup_ge with xfs_bmbt_lookup_first (bsc#1095344).
- xfs: replace xfs_qm_get_rtblks with a direct call to xfs_bmap_count_leaves (bsc#1095344).
- xfs: rewrite getbmap using the xfs_iext_* helpers (bsc#1095344).
- xfs: rewrite xfs_bmap_count_leaves using xfs_iext_get_extent (bsc#1095344).
- xfs: rewrite xfs_bmap_first_unused to make better use of xfs_iext_get_extent (bsc#1095344).
- xfs: simplify the xfs_getbmap interface (bsc#1095344).
- xfs: simplify xfs_reflink_convert_cow (bsc#1095344).
- xfs: split xfs_bmap_shift_extents (bsc#1095344).
- xfs: switch xfs_bmap_local_to_extents to use xfs_iext_insert (bsc#1095344).
- xfs: treat idx as a cursor in xfs_bmap_add_extent_delay_real (bsc#1095344).
- xfs: treat idx as a cursor in xfs_bmap_add_extent_hole_delay (bsc#1095344).
- xfs: treat idx as a cursor in xfs_bmap_add_extent_hole_real (bsc#1095344).
- xfs: treat idx as a cursor in xfs_bmap_add_extent_unwritten_real (bsc#1095344).
- xfs: treat idx as a cursor in xfs_bmap_collapse_extents (bsc#1095344).
- xfs: treat idx as a cursor in xfs_bmap_del_extent_* (bsc#1095344).
- xfs: trivial indentation fixup for xfs_iext_remove_node (bsc#1095344).
- xfs: update got in xfs_bmap_shift_update_extent (bsc#1095344).
- xfs: use a b+tree for the in-core extent list (bsc#1095344).
- xfs: use correct state defines in xfs_bmap_del_extent_{cow,delay} (bsc#1095344).
- xfs: use the state defines in xfs_bmap_del_extent_real (bsc#1095344).
- xfs: use xfs_bmap_del_extent_delay for the data fork as well (bsc#1095344).
- xfs: use xfs_iext_*_extent helpers in xfs_bmap_shift_extents (bsc#1095344).
- xfs: use xfs_iext_*_extent helpers in xfs_bmap_split_extent_at (bsc#1095344).
- xfs: use xfs_iext_get_extent in xfs_bmap_first_unused (bsc#1095344).
- xfs: use xfs_iext_get_extent instead of open coding it (bsc#1095344).
Patchnames
SUSE-SLE-Module-Basesystem-15-2018-2120,SUSE-SLE-Module-Development-Tools-15-2018-2120,SUSE-SLE-Module-Legacy-15-2018-2120,SUSE-SLE-Product-HA-15-2018-2120,SUSE-SLE-Product-WE-15-2018-2120
Terms of use
CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).
{ document: { aggregate_severity: { namespace: "https://www.suse.com/support/security/rating/", text: "important", }, category: "csaf_security_advisory", csaf_version: "2.0", distribution: { text: "Copyright 2024 SUSE LLC. All rights reserved.", tlp: { label: "WHITE", url: "https://www.first.org/tlp/", }, }, lang: "en", notes: [ { category: "summary", text: "Security update for the Linux Kernel", title: "Title of the patch", }, { category: "description", text: "\nThe SUSE Linux Enterprise 15 kernel was updated to receive various security and bugfixes.\n\nThe following security bugs were fixed:\n\n- CVE-2018-14617: Prevent NULL pointer dereference and panic in\n hfsplus_lookup() when opening a file (that is purportedly a hard link) in an\n hfs+ filesystem that has malformed catalog data, and is mounted read-only\n without a metadata directory (bsc#1102870)\n- CVE-2018-14613: Prevent invalid pointer dereference in io_ctl_map_page() when\n mounting and operating a crafted btrfs image, caused by a lack of block group\n item validation in check_leaf_item (bsc#1102896).\n- CVE-2018-10940: The cdrom_ioctl_media_changed function allowed local\n attackers to use a incorrect bounds check in the CDROM driver\n CDROM_MEDIA_CHANGED ioctl to read out kernel memory (bsc#1092903)\n- CVE-2018-13093: Prevent NULL pointer dereference and panic in lookup_slow()\n on a NULL inode->i_ops pointer when doing pathwalks on a corrupted xfs image.\n This occured because of a lack of proper validation that cached inodes are free\n during allocation (bnc#1100001)\n- CVE-2018-13094: Prevent OOPS that may have occured for a corrupted xfs image\n after xfs_da_shrink_inode() is called with a NULL bp (bnc#1100000)\n- CVE-2018-13095: Prevent denial of service (memory corruption and BUG) that\n could have occurred for a corrupted xfs image upon encountering an inode that\n is in extent format, but has more extents than fit in the inode fork\n (bnc#1099999)\n- CVE-2018-12896: Prevent integer overflow in the POSIX timer code that was\n caused by the way the overrun accounting works. Depending on interval and\n expiry time values, the overrun can be larger than INT_MAX, but the accounting\n is int based. This basically made the accounting values, which are visible to\n user space via timer_getoverrun(2) and siginfo::si_overrun, random. This\n allowed a local user to cause a denial of service (signed integer overflow) via\n crafted mmap, futex, timer_create, and timer_settime system calls (bnc#1099922)\n- CVE-2018-16658: Prevent information leak in cdrom_ioctl_drive_status that\n could have been used by local attackers to read kernel memory (bnc#1107689)\n- CVE-2018-6555: The irda_setsockopt function allowed local users to cause a\n denial of service (ias_object use-after-free and system crash) or possibly have\n unspecified other impact via an AF_IRDA socket (bnc#1106511)\n- CVE-2018-6554: Prevent memory leak in the irda_bind function that allowed\n local users to cause a denial of service (memory consumption) by repeatedly\n binding an AF_IRDA socket (bnc#1106509)\n- CVE-2018-1129: A flaw was found in the way signature calculation was handled\n by cephx authentication protocol. An attacker having access to ceph cluster\n network who is able to alter the message payload was able to bypass signature\n checks done by cephx protocol (bnc#1096748)\n- CVE-2018-1128: It was found that cephx authentication protocol did not verify\n ceph clients correctly and was vulnerable to replay attack. Any attacker having\n access to ceph cluster network who is able to sniff packets on network can use\n this vulnerability to authenticate with ceph service and perform actions\n allowed by ceph service (bnc#1096748)\n- CVE-2018-10938: A crafted network packet sent remotely by an attacker forced\n the kernel to enter an infinite loop in the cipso_v4_optptr() function leading\n to a denial-of-service (bnc#1106016)\n\nThe following non-security bugs were fixed:\n\n- /dev/mem: Add bounce buffer for copy-out (git-fixes).\n- /dev/mem: Avoid overwriting 'err' in read_mem() (git-fixes).\n- 9p/net: Fix zero-copy path in the 9p virtio transport (bsc#1051510).\n- 9p/virtio: fix off-by-one error in sg list bounds check (bsc#1051510).\n- 9p: fix multiple NULL-pointer-dereferences (bsc#1051510).\n- ACPI / EC: Add another entry for Thinkpad X1 Carbon 6th (bsc#1051510).\n- ACPI / EC: Add parameter to force disable the GPE on suspend (bsc#1051510).\n- ACPI / EC: Use ec_no_wakeup on ThinkPad X1 Yoga 3rd (bsc#1051510).\n- ACPI / EC: Use ec_no_wakeup on Thinkpad X1 Carbon 6th (bsc#1051510).\n- ACPI / EC: Use ec_no_wakeup on more Thinkpad X1 Carbon 6th systems (bsc#1051510).\n- ACPI / PCI: pci_link: Allow the absence of _PRS and change log level (bsc#1104172).\n- ACPI / bus: Only call dmi_check_system on X86 (bsc#1105597, bsc#1106178).\n- ACPI / scan: Initialize status to ACPI_STA_DEFAULT (bsc#1051510).\n- ACPI/IORT: Remove temporary iort_get_id_mapping_index() ACPICA guard (bsc#1103387).\n- ACPI/PCI: pci_link: reduce verbosity when IRQ is enabled (bsc#1104172).\n- ACPICA: iasl: Add SMMUv3 device ID mapping index support (bsc#1103387).\n- ALSA: cs46xx: Deliver indirect-PCM transfer error.\n- ALSA: emu10k1: Deliver indirect-PCM transfer error.\n- ALSA: fireface: fix memory leak in ff400_switch_fetching_mode() (bsc#1051510).\n- ALSA: firewire-digi00x: fix memory leak of private data (bsc#1051510).\n- ALSA: firewire-tascam: fix memory leak of private data (bsc#1051510).\n- ALSA: hda - Fix cancel_work_sync() stall from jackpoll work (bsc#1051510).\n- ALSA: mips: Deliver indirect-PCM transfer error.\n- ALSA: oxfw: fix memory leak for model-dependent data at error path (bsc#1051510).\n- ALSA: oxfw: fix memory leak of discovered stream formats at error path (bsc#1051510).\n- ALSA: oxfw: fix memory leak of private data (bsc#1051510).\n- ALSA: pcm: Call ack() whenever appl_ptr is updated.\n- ALSA: pcm: Fix negative appl_ptr handling in pcm-indirect helpers.\n- ALSA: pcm: Fix possible inconsistent appl_ptr update via mmap.\n- ALSA: pcm: Simplify forward/rewind codes.\n- ALSA: pcm: Skip ack callback without actual appl_ptr update.\n- ALSA: pcm: Use a common helper for PCM state check and hwsync.\n- ALSA: pcm: Workaround for weird PulseAudio behavior on rewind error.\n- ALSA: rme32: Deliver indirect-PCM transfer error.\n- ARM: 8780/1: ftrace: Only set kernel memory back to read-only after boot (bsc#1051510).\n- ARM: DRA7/OMAP5: Enable ACTLR[0] (Enable invalidates of BTB) for secondary cores (bsc#1051510).\n- ARM: hisi: fix error handling and missing of_node_put (bsc#1051510).\n- ARM: hisi: handle of_iomap and fix missing of_node_put (bsc#1051510).\n- ARM: imx: flag failure of of_iomap (bsc#1051510).\n- ARM: imx_v4_v5_defconfig: Select ULPI support (bsc#1051510).\n- ARM: imx_v6_v7_defconfig: Select ULPI support (bsc#1051510).\n- ARM: pxa: irq: fix handling of ICMR registers in suspend/resume (bsc#1051510).\n- ASoC: rsnd: fixup not to call clk_get/set under non-atomic (bsc#1051510).\n- ASoC: rsnd: move rsnd_ssi_config_init() execute condition into it (bsc#1051510).\n- ASoC: rsnd: update pointer more accurate (bsc#1051510).\n- ASoC: wm8994: Fix missing break in switch (bsc#1051510).\n- Apply e666d4e9ceec crypto: vmx - Use skcipher for ctr fallback to SLE12-SP4 (bsc#1106464).\n- Bluetooth: h5: Fix missing dependency on BT_HCIUART_SERDEV (bsc#1051510).\n- Bluetooth: hidp: Fix handling of strncpy for hid->name information (bsc#1051510).\n- Prevent errors at reboot (bsc#1093389)\n- Documentation: add some docs for errseq_t (bsc#1107008).\n- Fix buggy backport of patches.drivers/libnvdimm-btt-fix-an-incompatibility-in-the-log-layout.patch (bsc#1103961).\n- Fix kABI breakage due to enum addition for ath10k (bsc#1051510).\n- HID: add quirk for another PIXART OEM mouse used by HP (bsc#1051510).\n- HID: i2c-hid: Add no-irq-after-reset quirk for 0911:5288 device.\n- IB/core: type promotion bug in rdma_rw_init_one_mr() (bsc#1046306).\n- IB/hfi1: Invalid NUMA node information can cause a divide by zero (bsc#1060463).\n- IB/hfi1: Remove incorrect call to do_interrupt callback (bsc#1060463).\n- IB/hfi1: Set in_use_ctxts bits for user ctxts only (bsc#1060463 ).\n- IB/ipoib: Avoid a race condition between start_xmit and cm_rep_handler (bsc#1046307).\n- IB/ipoib: Fix error return code in ipoib_dev_init() (bsc#1046307 ).\n- IB/mlx4: Test port number before querying type (bsc#1046302 ).\n- IB/mlx4: Use 4K pages for kernel QP's WQE buffer (bsc#1046302 ).\n- Input: atmel_mxt_ts - only use first T9 instance (bsc#1051510).\n- Input: edt-ft5x06 - fix error handling for factory mode on non-M06 (bsc#1051510).\n- Input: edt-ft5x06 - implement support for the EDT-M12 series (bsc#1051510).\n- Input: edt-ft5x06 - make distinction between m06/m09/generic more clear (bsc#1051510).\n- Input: synaptics-rmi4 - fix axis-swap behavior (bsc#1051510).\n- KABI: tpm: change relinquish_locality return value back to void (bsc#1082555).\n- KABI: tpm: do keep the cmd_ready and go_idle as pm ops (bsc#1082555).\n- KVM/x86: remove WARN_ON() for when vm_munmap() fails (bsc#1106240).\n- KVM: Enforce error in ioctl for compat tasks when !KVM_COMPAT (bsc#1106240).\n- KVM: PPC: Book3S: Fix guest DMA when guest partially backed by THP pages (bsc#1077761, git-fixes, bsc#1103948, bsc#1103949).\n- KVM: VMX: Work around kABI breakage in 'enum vmx_l1d_flush_state' (bsc#1106369).\n- KVM: VMX: fixes for vmentry_l1d_flush module parameter (bsc#1106369).\n- KVM: nVMX: Do not flush TLB when vmcs12 uses VPID (bsc#1106240).\n- KVM: nVMX: Fix injection to L2 when L1 do not intercept external-interrupts (bsc#1106240).\n- KVM: nVMX: Fix races when sending nested PI while dest enters/leaves L2 (bsc#1106240).\n- KVM: nVMX: Re-evaluate L1 pending events when running L2 and L1 got posted-interrupt (bsc#1106240).\n- KVM: s390: add etoken support for guests (bsc#1106948, LTC#171029).\n- KVM: s390: force bp isolation for VSIE (bsc#1103421).\n- KVM: s390: implement CPU model only facilities (bsc#1106948, LTC#171029).\n- KVM: x86: Change __kvm_apic_update_irr() to also return if max IRR updated (bsc#1106240).\n- KVM: x86: SVM: Call x86_spec_ctrl_set_guest/host() with interrupts disabled (git-fixes 1f50ddb4f418).\n- KVM: x86: fix APIC page invalidation (bsc#1106240).\n- NET: stmmac: align DMA stuff to largest cache line length (netfilter-stable-18_08_01).\n- NFSv4 client live hangs after live data migration recovery (git-fixes).\n- NFSv4: Fix a sleep in atomic context in nfs4_callback_sequence() (git-fixes).\n- NFSv4: Fix possible 1-byte stack overflow in nfs_idmap_read_and_verify_message (git-fixes).\n- Netperf performance issue due to AppArmor net mediation (bsc#1108520) \n- PCI: Match Root Port's MPS to endpoint's MPSS as necessary (bsc#1109269).\n- PCI: OF: Fix I/O space page leak (git-fixes).\n- PCI: aardvark: Fix I/O space page leak (git-fixes).\n- PCI: hotplug: Do not leak pci_slot on registration failure (bsc#1051510).\n- PCI: hv: Make sure the bus domain is really unique (git-fixes).\n- PCI: mvebu: Fix I/O space end address calculation (bsc#1051510).\n- PCI: pciehp: Fix use-after-free on unplug (bsc#1051510).\n- PM / Domains: Fix error path during attach in genpd (bsc#1051510).\n- PM / clk: signedness bug in of_pm_clk_add_clks() (bsc#1051510).\n- PM / runtime: Drop usage count for suppliers at device link removal (bsc#1100132).\n- RDMA/bnxt_re: Fix a bunch of off by one bugs in qplib_fp.c (bsc#1050244).\n- RDMA/bnxt_re: Fix a couple off by one bugs (bsc#1050244 ).\n- RDMA/i40w: Hold read semaphore while looking after VMA (bsc#1058659).\n- Refresh with the upstream patches for lan78xx fixes (bsc#1085262) \n- Replace magic for trusting the secondary keyring with #define (bsc#1051510).\n- Revert 'PCI: Add ACS quirk for Intel 300 series' (bsc#1051510).\n- Revert 'UBIFS: Fix potential integer overflow in allocation' (bsc#1051510).\n- Revert 'mm: page_alloc: skip over regions of invalid pfns where possible' (bnc#1107078).\n- Revert 'vhost: cache used event for better performance' (bsc#1090528).\n- Revert 'vmalloc: back off when the current task is killed' (bnc#1107073).\n- Staging: vc04_services: remove unused variables.\n- Tools: hv: vss: fix loop device detection.\n- USB: net2280: Fix erroneous synchronization change (bsc#1051510).\n- USB: serial: io_ti: fix array underflow in completion handler (bsc#1051510).\n- USB: serial: ti_usb_3410_5052: fix array underflow in completion handler (bsc#1051510).\n- Update patches.drivers/0016-arm64-vgic-v2-Fix-proxying-of-cpuif-access.patch (bsc#1106901, bsc#1107265).\n- Update patches.fixes/4.4.139-043-powerpc-mm-hash-Add-missing-isync-prior-to-ke.patch (bnc#1012382, bsc#1094244).\n- Update config files, make CRYPTO_CRCT10DIF_PCLMUL built-in (bsc#1105603).\n- Update patch tag of dmi fix (bsc#1105597) Also moved to the sorted section.\n- Update patch tags of recent security fixes (bsc#1106426)\n- Update references (bsc#1064232)\n- Workaround kABI breakage by __must_check drop of strscpy() (bsc#1051510).\n- ahci: Add Intel Ice Lake LP PCI ID (bsc#1051510).\n- apparmor: Fix regression in profile conflict logic (bsc#1106427)\n- apparmor: ensure that undecidable profile attachments fail (bsc#1106427).\n- apparmor: fix an error code in __aa_create_ns() (bsc#1106427).\n- apparmor: remove no-op permission check in policy_unpack (bsc#1106427).\n- arm64/acpi: Create arch specific cpu to acpi id helper (bsc#1106903).\n- arm64/kasan: do not allocate extra shadow memory (bsc#1106897).\n- arm64/mm/kasan: do not use vmemmap_populate() to initialize shadow (bsc#1106898).\n- arm64: Enforce BBM for huge IO/VMAP mappings (bsc#1106890).\n- arm64: Ignore hardware dirty bit updates in ptep_set_wrprotect() (bsc#1108010).\n- arm64: Make sure permission updates happen for pmd/pud (bsc#1106891).\n- arm64: dma-mapping: clear buffers allocated with FORCE_CONTIGUOUS flag (bsc#1106902).\n- arm64: export memblock_reserve()d regions via /proc/iomem (bsc#1106892).\n- arm64: fix unwind_frame() for filtered out fn for function graph tracing (bsc#1106900).\n- arm64: fix vmemmap BUILD_BUG_ON() triggering on !vmemmap setups (bsc#1106896).\n- arm64: fpsimd: Avoid FPSIMD context leakage for the init task (bsc#1106894).\n- arm64: kasan: avoid pfn_to_nid() before page array is initialized (bsc#1106899).\n- arm64: mm: Ensure writes to swapper are ordered wrt subsequent cache maintenance (bsc#1106906).\n- arm64: mm: check for upper PAGE_SHIFT bits in pfn_valid() (bsc#1106893).\n- arm64: numa: rework ACPI NUMA initialization (bsc#1106905).\n- arm64: vgic-v2: Fix proxying of cpuif access (bsc#1106901).\n- ata: libahci: Allow reconfigure of DEVSLP register (bsc#1051510).\n- ata: libahci: Correct setting of DEVSLP register (bsc#1051510).\n- ath10k: disable bundle mgmt tx completion event support (bsc#1051510).\n- ath10k: update the phymode along with bandwidth change request (bsc#1051510).\n- ath9k: add MSI support.\n- ath9k: report tx status on EOSP (bsc#1051510).\n- ath9k_hw: fix channel maximum power level test (bsc#1051510).\n- b43/leds: Ensure NUL-termination of LED name string (bsc#1051510).\n- b43legacy/leds: Ensure NUL-termination of LED name string (bsc#1051510).\n- bcache: avoid unncessary cache prefetch bch_btree_node_get().\n- bcache: calculate the number of incremental GC nodes according to the total of btree nodes.\n- bcache: display rate debug parameters to 0 when writeback is not running.\n- bcache: do not check return value of debugfs_create_dir().\n- bcache: finish incremental GC.\n- bcache: fix I/O significant decline while backend devices registering.\n- bcache: fix error setting writeback_rate through sysfs interface.\n- bcache: free heap cache_set->flush_btree in bch_journal_free.\n- bcache: make the pr_err statement used for ENOENT only in sysfs_attatch section.\n- bcache: release dc->writeback_lock properly in bch_writeback_thread().\n- bcache: set max writeback rate when I/O request is idle.\n- bcache: simplify the calculation of the total amount of flash dirty data.\n- Add a blacklist entry for the reverted patch (bsc#1106743)\n- blk-mq: avoid to synchronize rcu inside blk_cleanup_queue() (bsc#1077989).\n- blkdev: __blkdev_direct_IO_simple: fix leak in error case (bsc#1083663).\n- block, bfq: return nbytes and not zero from struct cftype .write() method (bsc#1106238).\n- block: bio_iov_iter_get_pages: fix size of last iovec (bsc#1083663).\n- block: bio_iov_iter_get_pages: pin more pages for multi-segment IOs (bsc#1083663).\n- block: do not print a message when the device went away (bsc#1098459).\n- block: do not warn for flush on read-only device (bsc#1107756).\n- bnxt_en: Clean up unused functions (bsc#1086282).\n- bnxt_en: Do not adjust max_cp_rings by the ones used by RDMA (bsc#1086282).\n- bnxt_en: Fix VF mac address regression (bsc#1086282 ).\n- bnxt_re: Fix couple of memory leaks that could lead to IOMMU call traces (bsc#1050244).\n- bonding: avoid lockdep confusion in bond_get_stats() (netfilter-stable-18_08_04).\n- bpf, s390: fix potential memleak when later bpf_jit_prog fails (bsc#1083647).\n- bpf: fix references to free_bpf_prog_info() in comments (bsc#1083647).\n- bpf: fix uninitialized variable in bpf tools (bsc#1083647).\n- bpf: hash map: decrement counter on error (bsc#1083647).\n- bpf: powerpc64: pad function address loads with NOPs (bsc#1083647).\n- bpf: use GFP_ATOMIC instead of GFP_KERNEL in bpf_parse_prog() (bsc#1083647).\n- brcmfmac: stop watchdog before detach and free everything (bsc#1051510).\n- btrfs: Add checker for EXTENT_CSUM (bsc#1102882, bsc#1102896, bsc#1102879, bsc#1102877, bsc#1102875,).\n- btrfs: Add sanity check for EXTENT_DATA when reading out leaf (bsc#1102882, bsc#1102896, bsc#1102879, bsc#1102877, bsc#1102875,).\n- btrfs: Check if item pointer overlaps with the item itself (bsc#1102882, bsc#1102896, bsc#1102879, bsc#1102877, bsc#1102875,).\n- btrfs: Check that each block group has corresponding chunk at mount time (bsc#1102882, bsc#1102896, bsc#1102879, bsc#1102877, bsc#1102875,).\n- btrfs: Fix use-after-free when cleaning up fs_devs with a single stale device (bsc#1097105).\n- btrfs: Handle error from btrfs_uuid_tree_rem call in _btrfs_ioctl_set_received_subvol (bsc#1097105).\n- btrfs: Introduce mount time chunk <-> dev extent mapping check (bsc#1102882, bsc#1102896, bsc#1102879, bsc#1102877, bsc#1102875,).\n- btrfs: Manually implement device_total_bytes getter/setter (bsc#1043912).\n- btrfs: Move leaf and node validation checker to tree-checker.c (bsc#1102882, bsc#1102896, bsc#1102879, bsc#1102877, bsc#1102875,).\n- btrfs: Round down values which are written for total_bytes_size (bsc#1043912).\n- btrfs: Verify that every chunk has corresponding block group at mount time (bsc#1102882, bsc#1102896, bsc#1102879, bsc#1102877, bsc#1102875,).\n- btrfs: fix error handling in btrfs_dev_replace_start (bsc#1107535).\n- btrfs: round down size diff when shrinking/growing device (bsc#1097105).\n- btrfs: tree-checker: Add checker for dir item (bsc#1102882, bsc#1102896, bsc#1102879, bsc#1102877, bsc#1102875,).\n- btrfs: tree-checker: Detect invalid and empty essential trees (bsc#1102882, bsc#1102896, bsc#1102879, bsc#1102877, bsc#1102875,).\n- btrfs: tree-checker: Enhance btrfs_check_node output (bsc#1102882, bsc#1102896, bsc#1102879, bsc#1102877, bsc#1102875,).\n- btrfs: tree-checker: Enhance output for check_extent_data_item (bsc#1102882, bsc#1102896, bsc#1102879, bsc#1102877, bsc#1102875,).\n- btrfs: tree-checker: Enhance output for btrfs_check_leaf (bsc#1102882, bsc#1102896, bsc#1102879, bsc#1102877, bsc#1102875,).\n- btrfs: tree-checker: Enhance output for check_csum_item (bsc#1102882, bsc#1102896, bsc#1102879, bsc#1102877, bsc#1102875,).\n- btrfs: tree-checker: Fix false panic for sanity test (bsc#1102882, bsc#1102896, bsc#1102879, bsc#1102877, bsc#1102875,).\n- btrfs: tree-checker: Replace root parameter with fs_info (bsc#1102882, bsc#1102896, bsc#1102879, bsc#1102877, bsc#1102875,).\n- btrfs: tree-checker: Verify block_group_item (bsc#1102882, bsc#1102896, bsc#1102879, bsc#1102877, bsc#1102875,).\n- btrfs: tree-checker: use %zu format string for size_t (bsc#1102882, bsc#1102896, bsc#1102879, bsc#1102877, bsc#1102875,).\n- btrfs: tree-checker: use %zu format string for size_t (bsc#1102882, bsc#1102896, bsc#1102879, bsc#1102877, bsc#1102875,).\n- cdrom: Fix info leak/OOB read in cdrom_ioctl_drive_status (bsc#1051510).\n- ceph: fix incorrect use of strncpy (bsc#1107319).\n- ceph: return errors from posix_acl_equiv_mode() correctly (bsc#1107320).\n- cfg80211: nl80211_update_ft_ies() to validate NL80211_ATTR_IE (bsc#1051510).\n- cgroup: avoid copying strings longer than the buffers (bsc#1051510).\n- cifs: Fix stack out-of-bounds in smb{2,3}_create_lease_buf() (bsc#1051510).\n- cifs: check kmalloc before use (bsc#1051510).\n- cifs: store the leaseKey in the fid on SMB2_open (bsc#1051510).\n- cls_matchall: fix tcf_unbind_filter missing (networking-stable-18_08_21).\n- crypto: caam/jr - fix descriptor DMA unmapping (bsc#1051510).\n- crypto: caam/qi - fix error path in xts setkey (bsc#1051510).\n- crypto: vmx - Fix sleep-in-atomic bugs (bsc#1051510).\n- cxl: Configure PSL to not use APC virtual machines (bsc#1055014, git-fixes).\n- cxl: Fix wrong comparison in cxl_adapter_context_get() (bsc#1055014, git-fixes).\n- dax: remove VM_MIXEDMAP for fsdax and device dax (bsc#1106007).\n- dccp: fix undefined behavior with 'cwnd' shift in ccid2_cwnd_restart() (netfilter-stable-18_08_17).\n- drm/amd/pp/Polaris12: Fix a chunk of registers missed to program (bsc#1051510).\n- drm/amdgpu: Fix RLC safe mode test in gfx_v9_0_enter_rlc_safe_mode (bsc#1051510).\n- drm/amdgpu: fix swapped emit_ib_size in vce3 (bsc#1051510).\n- drm/amdgpu: update tmr mc address (bsc#1100132).\n- drm/amdgpu:add new firmware id for VCN (bsc#1051510).\n- drm/amdgpu:add tmr mc address into amdgpu_firmware_info (bsc#1051510).\n- drm/arm/malidp: Preserve LAYER_FORMAT contents when setting format (bsc#1051510).\n- drm/armada: fix colorkey mode property (bsc#1051510).\n- drm/armada: fix irq handling (bsc#1051510).\n- drm/bridge/sii8620: Fix display of packed pixel modes (bsc#1051510).\n- drm/bridge/sii8620: fix display of packed pixel modes in MHL2 (bsc#1051510).\n- drm/bridge/sii8620: fix loops in EDID fetch logic (bsc#1051510).\n- drm/bridge: adv7511: Reset registers on hotplug (bsc#1051510).\n- drm/edid: Add 6 bpc quirk for SDC panel in Lenovo B50-80 (bsc#1051510).\n- drm/exynos: decon5433: Fix WINCONx reset value (bsc#1051510).\n- drm/exynos: decon5433: Fix per-plane global alpha for XRGB modes (bsc#1051510).\n- drm/exynos: gsc: Fix support for NV16/61, YUV420/YVU420 and YUV422 modes (bsc#1051510).\n- drm/i915/audio: Fix audio enumeration issue on BXT.\n- drm/i915/gvt: Fix the incorrect length of child_device_config issue (bsc#1051510).\n- drm/i915/gvt: clear ggtt entries when destroy vgpu (bsc#1051510).\n- drm/i915/gvt: request srcu_read_lock before checking if one gfn is valid (bsc#1051510).\n- drm/i915/kvmgt: Fix potential Spectre v1 (bsc#1051510).\n- drm/i915/lpe: Mark LPE audio runtime pm as 'no callbacks' (bsc#1051510).\n- drm/i915/overlay: Allocate physical registers from stolen (bsc#1051510).\n- drm/i915: Increase LSPCON timeout (bsc#1051510).\n- drm/i915: set DP Main Stream Attribute for color range on DDI platforms (bsc#1051510).\n- drm/imx: imx-ldb: check if channel is enabled before printing warning (bsc#1051510).\n- drm/imx: imx-ldb: disable LDB on driver bind (bsc#1051510).\n- drm/modes: Introduce drm_mode_match().\n- drm/nouveau/drm/nouveau: Fix bogus drm_kms_helper_poll_enable() placement (bsc#1051510).\n- drm/tegra: Check for malformed offsets and sizes in the 'submit' IOCTL (bsc#1106170).\n- drm/tegra: Fix comparison operator for buffer size (bsc#1100132).\n- drm/vc4: Fix the 'no scaling' case on multi-planar YUV formats (bsc#1051510).\n- drm: Add DRM client cap for aspect-ratio.\n- drm: Add and handle new aspect ratios in DRM layer.\n- drm: Add aspect ratio parsing in DRM layer.\n- drm: Expose modes with aspect ratio, only if requested.\n- drm: Handle aspect ratio info in legacy modeset path.\n- drm: mali-dp: Enable Global SE interrupts mask for DP500 (bsc#1051510).\n- dwc2: gadget: Fix ISOC IN DDMA PID bitfield value calculation (bsc#1051510).\n- errseq: Add to documentation tree (bsc#1107008).\n- errseq: Always report a writeback error once (bsc#1107008).\n- ext4: sysfs: print ext4_super_block fields as little-endian (bsc#1106229).\n- f2fs: remove unneeded memory footprint accounting (bsc#1106233).\n- f2fs: remove unneeded memory footprint accounting (bsc#1106297).\n- f2fs: validate before set/clear free nat bitmap (bsc#1106231).\n- f2fs: validate before set/clear free nat bitmap (bsc#1106297).\n- fat: fix memory allocation failure handling of match_strdup() (bsc#1051510).\n- fb: fix lost console when the user unplugs a USB adapter (bsc#1051510).\n- fbdev: omapfb: off by one in omapfb_register_client() (bsc#1051510).\n- fix __legitimize_mnt()/mntput() race (bsc#1106297).\n- fix a page leak in vhost_scsi_iov_to_sgl() error recovery (bsc#1051510).\n- fix mntput/mntput race (bsc#1106297).\n- fs/9p/xattr.c: catch the error of p9_client_clunk when setting xattr failed (bsc#1051510).\n- fs/proc/proc_sysctl.c: fix potential page fault while unregistering sysctl table (bsc#1106297).\n- fuse: Add missed unlock_page() to fuse_readpages_fill() (bsc#1106291).\n- fuse: Fix oops at process_init_reply() (bsc#1106291).\n- fuse: fix double request_end() (bsc#1106291).\n- fuse: fix initial parallel dirops (bsc#1106291).\n- fuse: fix unlocked access to processing queue (bsc#1106291).\n- fuse: umount should wait for all requests (bsc#1106291).\n- getxattr: use correct xattr length (bsc#1106235).\n- getxattr: use correct xattr length (bsc#1106297).\n- gpio: ml-ioh: Fix buffer underwrite on probe error path (bsc#1051510).\n- gpio: tegra: Move driver registration to subsys_init level (bsc#1051510).\n- gpiolib-acpi: make sure we trigger edge events at least once on boot (bsc#1051510).\n- gpiolib: acpi: Switch to cansleep version of GPIO library call (bsc#1051510).\n- gpu: host1x: Check whether size of unpin isn't 0 (bsc#1051510).\n- gpu: ipu-v3: default to id 0 on missing OF alias (bsc#1051510).\n- i2c: core: ACPI: Properly set status byte to 0 for multi-byte writes (bsc#1051510).\n- i2c: davinci: Avoid zero value of CLKH (bsc#1051510).\n- i2c: i801: Add missing documentation entries for Braswell and Kaby Lake (bsc#1051510).\n- i2c: i801: Add support for Intel Cedar Fork (bsc#1051510).\n- i2c: i801: Add support for Intel Ice Lake (bsc#1051510).\n- i2c: i801: Consolidate chipset names in documentation and Kconfig (bsc#1051510).\n- i2c: i801: fix DNV's SMBCTRL register offset (bsc#1051510).\n- i2c: imx: Fix race condition in dma read (bsc#1051510).\n- i2c: uniphier-f: issue STOP only for last message or I2C_M_STOP (bsc#1051510).\n- i2c: uniphier: issue STOP only for last message or I2C_M_STOP (bsc#1051510).\n- i2c: xiic: Make the start and the byte count write atomic (bsc#1051510).\n- i2c: xlp9xx: Fix case where SSIF read transaction completes early (bsc#1105907).\n- i2c: xlp9xx: Fix issue seen when updating receive length (bsc#1105907).\n- i2c: xlp9xx: Make sure the transfer size is not more than I2C_SMBUS_BLOCK_SIZE (bsc#1105907).\n- i40e: fix condition of WARN_ONCE for stat strings (bsc#1107522).\n- ib_srpt: Fix a use-after-free in srpt_close_ch() (bsc#1046306 ).\n- ibmvnic: Include missing return code checks in reset function (bnc#1107966).\n- iommu/amd: Add support for IOMMU XT mode.\n- iommu/amd: Add support for higher 64-bit IOMMU Control Register.\n- iommu/amd: Finish TLB flush in amd_iommu_unmap() (bsc#1106105).\n- iommu/amd: make sure TLB to be flushed before IOVA freed (bsc#1106105).\n- iommu/arm-smmu-v3: Do not free page table ops twice (bsc#1106237).\n- iommu/vt-d: Fix a potential memory leak (bsc#1106105).\n- iommu/vt-d: Ratelimit each dmar fault printing (bsc#1106105).\n- ipmi/powernv: Fix error return code in ipmi_powernv_probe() (git-fixes).\n- ipmi: Fix some counter issues (bsc#1105907).\n- ipmi: Move BT capabilities detection to the detect call (bsc#1106779).\n- ipmi: Remove ACPI SPMI probing from the SSIF (I2C) driver (bsc#1105907).\n- ipmi:bt: Set the timeout before doing a capabilities check (bsc#1051510).\n- ipv4: remove BUG_ON() from fib_compute_spec_dst (netfilter-stable-18_08_01).\n- irqchip/bcm7038-l1: Hide cpu offline callback when building for !SMP (bsc#1051510).\n- iw_cxgb4: remove duplicate memcpy() in c4iw_create_listen() (bsc#1046543).\n- ixgbe: Refactor queue disable logic to take completion time into account (bsc#1101557).\n- ixgbe: Reorder Tx/Rx shutdown to reduce time needed to stop device (bsc#1101557).\n- kabi fix for check_disk_size_change() (bsc#1098459).\n- kabi protect hnae_ae_ops (bsc#1107924).\n- kabi protect struct kvm_sync_regs (bsc#1106948).\n- kabi/severities: Whitelist libceph, rbd, and ceph (bsc#1096748).\n- kabi: move s390 mm_context_t lock to mm_struct and ignore the change (bsc#1103421).\n- kabi: x86/speculation/l1tf: Increase l1tf memory limit for Nehalem+ (bnc#1105536).\n- kvm: arm64: Convert kvm_set_s2pte_readonly() from inline asm to cmpxchg() (bsc#1108010).\n- kvm: nVMX: Fix fault vector for VMX operation at CPL > 0 (bsc#1106105).\n- kvm: nVMX: Use nested_run_pending rather than from_vmentry (bsc#1106240).\n- kvm: x86: vmx: fix vpid leak (bsc#1106240).\n- l2tp: use sk_dst_check() to avoid race on sk->sk_dst_cache (netfilter-stable-18_08_17).\n- lan78xx: Lan7801 Support for Fixed PHY (bsc#1085262).\n- lan78xx: Set ASD in MAC_CR when EEE is enabled (bsc#1085262).\n- lan78xx: remove redundant initialization of pointer 'phydev' (bsc#1085262).\n- lib/test_hexdump.c: fix failure on big endian cpu (bsc#1051510).\n- libahci: Fix possible Spectre-v1 pmp indexing in ahci_led_store() (bsc#1051510).\n- libbpf: Makefile set specified permission mode (bsc#1083647).\n- libceph: check authorizer reply/challenge length before reading (bsc#1096748).\n- libceph: factor out __ceph_x_decrypt() (bsc#1096748).\n- libceph: factor out __prepare_write_connect() (bsc#1096748).\n- libceph: factor out encrypt_authorizer() (bsc#1096748).\n- libceph: store ceph_auth_handshake pointer in ceph_connection (bsc#1096748).\n- libceph: weaken sizeof check in ceph_x_verify_authorizer_reply() (bsc#1096748).\n- libnvdimm, btt: fix uninitialized err_lock (bsc#1103961).\n- libnvdimm, nfit: enable support for volatile ranges (bsc#1103961).\n- libnvdimm, nfit: move the check on nd_reserved2 to the endpoint (bsc#1103961).\n- libnvdimm: Use max contiguous area for namespace size (git-fixes).\n- libnvdimm: rename nd_sector_size_{show,store} to nd_size_select_{show,store} (bsc#1103961).\n- livepatch: Remove reliable stacktrace check in klp_try_switch_task() (bsc#1071995).\n- livepatch: Validate module/old func name length (bsc#1071995).\n- llc: use refcount_inc_not_zero() for llc_sap_find() (netfilter-stable-18_08_17).\n- mac80211: add stations tied to AP_VLANs during hw reconfig (bsc#1051510).\n- mac80211: always account for A-MSDU header changes (bsc#1051510).\n- mac80211: avoid kernel panic when building AMSDU from non-linear SKB (bsc#1051510).\n- mac80211: fix an off-by-one issue in A-MSDU max_subframe computation (bsc#1051510).\n- macros.kernel-source: pass -b properly in kernel module package (bsc#1107870).\n- md-cluster: clear another node's suspend_area after the copy is finished (bsc#1106333).\n- md-cluster: do not send msg if array is closing (bsc#1106333).\n- md-cluster: release RESYNC lock after the last resync message (bsc#1106688).\n- md-cluster: show array's status more accurate (bsc#1106333).\n- media: Revert '[media] tvp5150: fix pad format frame height' (bsc#1051510).\n- mei: do not update offset in write (bsc#1051510).\n- mei: me: enable asynchronous probing.\n- memcg, thp: do not invoke oom killer on thp charges (bnc#1089663).\n- memory: tegra: Apply interrupts mask per SoC (bsc#1051510).\n- memory: tegra: Do not handle spurious interrupts (bsc#1051510).\n- mfd: intel-lpss: Add Ice Lake PCI IDs (bsc#1051510).\n- mfd: lpc_ich: Do not touch SPI-NOR write protection bit on Apollo Lake (bsc#1051510).\n- mlxsw: core_acl_flex_actions: Return error for conflicting actions (netfilter-stable-18_08_17).\n- mm/huge_memory.c: fix data loss when splitting a file pmd (bnc#1107074).\n- mm/hugetlb: filter out hugetlb pages if HUGEPAGE migration is not supported (bnc#1106697).\n- mm/vmscan: wake up flushers for legacy cgroups too (bnc#1107061).\n- mm: fix devmem_is_allowed() for sub-page System RAM intersections (bsc#1106800).\n- mm: memcg: fix use after free in mem_cgroup_iter() (bnc#1107065).\n- mmc: omap_hsmmc: fix wakeirq handling on removal (bsc#1051510).\n- module: exclude SHN_UNDEF symbols from kallsyms api (bsc#1071995).\n- net/9p/client.c: version pointer uninitialized (bsc#1051510).\n- net/9p/trans_fd.c: fix race by holding the lock (bsc#1051510).\n- net/9p/trans_fd.c: fix race-condition by flushing workqueue before the kfree() (bsc#1051510).\n- net/9p: Switch to wait_event_killable() (bsc#1051510).\n- net/9p: fix error path of p9_virtio_probe (bsc#1051510).\n- net: dsa: Do not suspend/resume closed slave_dev (netfilter-stable-18_08_04).\n- net: ena: Eliminate duplicate barriers on weakly-ordered archs (bsc#1108093).\n- net: ena: Fix use of uninitialized DMA address bits field (netfilter-stable-18_08_01).\n- net: ena: fix device destruction to gracefully free resources (bsc#1108093).\n- net: ena: fix driver when PAGE_SIZE == 64kB (bsc#1108093).\n- net: ena: fix incorrect usage of memory barriers (bsc#1108093).\n- net: ena: fix missing calls to READ_ONCE (bsc#1108093).\n- net: ena: fix missing lock during device destruction (bsc#1108093).\n- net: ena: fix potential double ena_destroy_device() (bsc#1108093).\n- net: ena: fix surprise unplug NULL dereference kernel crash (bsc#1108093).\n- net: ethernet: mvneta: Fix napi structure mixup on armada 3700 (networking-stable-18_08_21).\n- net: fix amd-xgbe flow-control issue (netfilter-stable-18_08_01).\n- net: hns3: Fix for waterline not setting correctly (bsc#1104353 ). \n- net: hns3: fix page_offset overflow when CONFIG_ARM64_64K_PAGES (bsc#1104353).\n- net: hns: add netif_carrier_off before change speed and duplex (bsc#1107924).\n- net: hns: add the code for cleaning pkt in chip (bsc#1107924).\n- net: mdio-mux: bcm-iproc: fix wrong getter and setter pair (netfilter-stable-18_08_01).\n- net: mvneta: fix mvneta_config_rss on armada 3700 (networking-stable-18_08_21).\n- net: rtnl_configure_link: fix dev flags changes arg to __dev_notify_flags (git-fixes).\n- net: stmmac: Fix WoL for PCI-based setups (netfilter-stable-18_08_04).\n- net: stmmac: mark PM functions as __maybe_unused (git-fixes).\n- net_sched: Fix missing res info when create new tc_index filter (netfilter-stable-18_08_17).\n- netfilter: ip6t_rpfilter: set F_IFACE for linklocal addresses (git-fixes).\n- netlink: Do not shift on 64 for ngroups (git-fixes).\n- netlink: Do not shift with UB on nlk->ngroups (netfilter-stable-18_08_01).\n- netlink: Do not subscribe to non-existent groups (netfilter-stable-18_08_01).\n- netlink: Fix spectre v1 gadget in netlink_create() (netfilter-stable-18_08_04).\n- nfs/pnfs: fix nfs_direct_req ref leak when i/o falls back to the mds (git-fixes).\n- nfs41: do not return ENOMEM on LAYOUTUNAVAILABLE (git-fixes).\n- nfsd: remove blocked locks on client teardown (git-fixes).\n- nl80211: Add a missing break in parse_station_flags (bsc#1051510).\n- nl80211: check nla_parse_nested() return values (bsc#1051510).\n- nvme: register ns_id attributes as default sysfs groups (bsc#1105247).\n- nvme_fc: add 'nvme_discovery' sysfs attribute to fc transport device (bsc#1044189).\n- pinctrl/amd: only handle irq if it is pending and unmasked (bsc#1051510).\n- pipe: actually allow root to exceed the pipe buffer limits (bsc#1106297).\n- platform/x86: asus-nb-wmi: Add keymap entry for lid flip action on UX360 (bsc#1051510).\n- pnfs/blocklayout: off by one in bl_map_stripe() (git-fixes).\n- powerpc/64s: Default l1d_size to 64K in RFI fallback flush (bsc#1068032, git-fixes).\n- powerpc/64s: Fix DT CPU features Power9 DD2.1 logic (bsc#1055117).\n- powerpc/64s: Fix compiler store ordering to SLB shadow area (bsc#1094244).\n- powerpc/64s: move machine check SLB flushing to mm/slb.c (bsc#1094244).\n- powerpc/kprobes: Fix call trace due to incorrect preempt count (bsc#1065729).\n- powerpc/lib: Fix the feature fixup tests to actually work (bsc#1065729).\n- powerpc/mce: Fix SLB rebolting during MCE recovery path (bsc#1094244).\n- powerpc/perf: Fix IMC allocation routine (bsc#1054914).\n- powerpc/perf: Fix memory allocation for core-imc based on num_possible_cpus() (bsc#1054914).\n- powerpc/perf: Remove sched_task function defined for thread-imc (bsc#1054914).\n- powerpc/pseries: Avoid using the size greater than RTAS_ERROR_LOG_MAX (bsc#1094244).\n- powerpc/pseries: Fix endianness while restoring of r3 in MCE handler (bsc#1094244).\n- powerpc/pseries: fix EEH recovery of some IOV devices (bsc#1078720, git-fixes).\n- powerpc64s: Show ori31 availability in spectre_v1 sysfs file not v2 (bsc#1068032, bsc#1080157, git-fixes).\n- powerpc: Avoid code patching freed init sections (bnc#1107735).\n- powerpc: make feature-fixup tests fortify-safe (bsc#1065729).\n- pstore: Fix incorrect persistent ram buffer mapping (bsc#1051510).\n- pwm: tiehrpwm: Fix disabling of output of PWMs (bsc#1051510).\n- qlge: Fix netdev features configuration (bsc#1098822).\n- r8169: add support for NCube 8168 network card (bsc#1051510).\n- reiserfs: fix broken xattr handling (heap corruption, bad retval) (bsc#1106236).\n- rhashtable: add schedule points (bsc#1051510).\n- root dentries need RCU-delayed freeing (bsc#1106297).\n- rsi: Fix 'invalid vdd' warning in mmc (bsc#1051510).\n- rxrpc: Fix user call ID check in rxrpc_service_prealloc_one (netfilter-stable-18_08_04).\n- s390/entry.S: use assembler alternatives (bsc#1103421).\n- s390/lib: use expoline for all bcr instructions (git-fixes, bsc#1103421).\n- s390/mm: fix local TLB flushing vs. detach of an mm address space (bsc#1103421).\n- s390/mm: fix race on mm->context.flush_mm (bsc#1103421).\n- s390/runtime instrumentation: simplify task exit handling (bsc#1103421).\n- s390: always save and restore all registers on context switch (bsc#1103421).\n- s390: detect etoken facility (bsc#1103421).\n- s390: fix br_r1_trampoline for machines without exrl (git-fixes, bsc#1103421).\n- s390: fix compat system call table (bsc#1103421).\n- s390: fix handling of -1 in set{,fs}id16 syscalls (bsc#1103421).\n- s390: use expoline thunks for all branches generated by the BPF JIT (bsc#1103421).\n- samples/bpf: adjust rlimit RLIMIT_MEMLOCK for xdp1 (bsc#1083647).\n- sched/fair: Fix vruntime_normalized() for remote non-migration wakeup (git-fixes).\n- sched/numa: Do not move imbalanced load purely on the basis of an idle CPU (bnc#1101669 optimise numa balancing for fast migrate).\n- sched/numa: Evaluate move once per node (bnc#1101669 optimise numa balancing for fast migrate).\n- sched/numa: Remove numa_has_capacity() (bnc#1101669 optimise numa balancing for fast migrate).\n- sched/numa: Remove unused task_capacity from 'struct numa_stats' (bnc#1101669 optimise numa balancing for fast migrate).\n- sched/numa: Stop comparing tasks for NUMA placement after selecting an idle core (bnc#1101669 optimise numa balancing for fast migrate).\n- sched/numa: remove unused code from update_numa_stats() (bnc#1101669 optimise numa balancing for fast migrate).\n- sched/numa: remove unused nr_running field (bnc#1101669 optimise numa balancing for fast migrate).\n- scripts/git_sort/git_sort.py: Add fixes branch from mkp/scsi.git.\n- scripts/git_sort/git_sort.py: add mkp 4.20/scsi-queue\n- scripts/tar-up.sh: Do not package gitlog-excludes file Also fix the evaluation of gitlog-excludes file, too\n- scripts: modpost: check memory allocation results (bsc#1051510).\n- scsi: fcoe: hold disc_mutex when traversing rport lists (bsc#1077989).\n- scsi: hpsa: limit transfer length to 1MB, not 512kB (bsc#1102346).\n- scsi: libfc: Add lockdep annotations (bsc#1077989).\n- scsi: libfc: fixup 'sleeping function called from invalid context' (bsc#1077989).\n- scsi: libfc: fixup lockdep annotations (bsc#1077989).\n- scsi: libfc: hold disc_mutex in fc_disc_stop_rports() (bsc#1077989).\n- scsi: lpfc: Correct MDS diag and nvmet configuration (bsc#1106636).\n- scsi: mpt3sas: Fix calltrace observed while running IO and reset (bsc#1077989).\n- scsi: qla2xxx: Add appropriate debug info for invalid RX_ID (bsc#1108870).\n- scsi: qla2xxx: Add logic to detect ABTS hang and response completion (bsc#1108870).\n- scsi: qla2xxx: Add mode control for each physical port (bsc#1108870).\n- scsi: qla2xxx: Add support for ZIO6 interrupt threshold (bsc#1108870).\n- scsi: qla2xxx: Allow FC-NVMe underrun to be handled by transport (bsc#1108870).\n- scsi: qla2xxx: Check for Register disconnect (bsc#1108870).\n- scsi: qla2xxx: Decrement login retry count for only plogi (bsc#1108870).\n- scsi: qla2xxx: Defer chip reset until target mode is enabled (bsc#1108870).\n- scsi: qla2xxx: Fix Remote port registration (bsc#1108870).\n- scsi: qla2xxx: Fix deadlock between ATIO and HW lock (bsc#1108870).\n- scsi: qla2xxx: Fix double increment of switch scan retry count (bsc#1108870).\n- scsi: qla2xxx: Fix dropped srb resource (bsc#1108870).\n- scsi: qla2xxx: Fix duplicate switch's Nport ID entries (bsc#1108870).\n- scsi: qla2xxx: Fix early srb free on abort (bsc#1108870).\n- scsi: qla2xxx: Fix iIDMA error (bsc#1108870).\n- scsi: qla2xxx: Fix incorrect port speed being set for FC adapters (bsc#1108870).\n- scsi: qla2xxx: Fix out of order Termination and ABTS response (bsc#1108870).\n- scsi: qla2xxx: Fix port speed display on chip reset (bsc#1108870).\n- scsi: qla2xxx: Fix premature command free (bsc#1108870).\n- scsi: qla2xxx: Fix process response queue for ISP26XX and above (bsc#1108870).\n- scsi: qla2xxx: Fix race condition for resource cleanup (bsc#1108870).\n- scsi: qla2xxx: Fix stuck session in PLOGI state (bsc#1108870).\n- scsi: qla2xxx: Force fw cleanup on ADISC error (bsc#1108870).\n- scsi: qla2xxx: Increase abort timeout value (bsc#1108870).\n- scsi: qla2xxx: Move ABTS code behind qpair (bsc#1108870).\n- scsi: qla2xxx: Move rport registration out of internal work_list (bsc#1108870).\n- scsi: qla2xxx: Move {get|rel}_sp to base_qpair struct (bsc#1108870).\n- scsi: qla2xxx: Reduce holding sess_lock to prevent CPU lock-up (bsc#1108870).\n- scsi: qla2xxx: Reject bsg request if chip is down (bsc#1108870).\n- scsi: qla2xxx: Remove ASYNC GIDPN switch command (bsc#1108870).\n- scsi: qla2xxx: Remove all rports if fabric scan retry fails (bsc#1108870).\n- scsi: qla2xxx: Remove redundant check for fcport deletion (bsc#1108870).\n- scsi: qla2xxx: Remove stale ADISC_DONE event (bsc#1108870).\n- scsi: qla2xxx: Remove stale debug trace message from tcm_qla2xxx (bsc#1108870).\n- scsi: qla2xxx: Serialize mailbox request (bsc#1108870).\n- scsi: qla2xxx: Terminate Plogi/PRLI if WWN is 0 (bsc#1108870).\n- scsi: qla2xxx: Turn off IOCB timeout timer on IOCB completion (bsc#1108870).\n- scsi: qla2xxx: Update driver to version 10.00.00.09-k (bsc#1108870).\n- scsi: qla2xxx: Update driver version to 10.00.00.10-k (bsc#1108870).\n- scsi: qla2xxx: Update driver version to 10.00.00.11-k (bsc#1108870).\n- scsi: qla2xxx: Update rscn_rcvd field to more meaningful scan_needed (bsc#1108870).\n- scsi: qla2xxx: Use correct qpair for ABTS/CMD (bsc#1108870).\n- scsi: qla2xxx: shutdown chip if reset fail (bsc#1108870).\n- scsi_debug: call resp_XXX function after setting host_scribble (bsc#1069138). \n- scsi_debug: reset injection flags for every_nth > 0 (bsc#1069138).\n- selftests/bpf/test_maps: exit child process without error in ENOMEM case (bsc#1083647).\n- selftests/bpf: fix a typo in map in map test (bsc#1083647).\n- serial: enable spi in sc16is7xx driver References: bsc#1105672\n- serial: make sc16is7xx driver supported References: bsc#1105672\n- slab: __GFP_ZERO is incompatible with a constructor (bnc#1107060).\n- spi-nor: intel-spi: Fix number of protected range registers for BYT/LPT.\n- spi: cadence: Change usleep_range() to udelay(), for atomic context (bsc#1051510).\n- spi: davinci: fix a NULL pointer dereference (bsc#1051510).\n- spi: pxa2xx: Add support for Intel Ice Lake (bsc#1051510).\n- staging: bcm2835-audio: Check if workqueue allocation failed.\n- staging: bcm2835-audio: Deliver indirect-PCM transfer error.\n- staging: bcm2835-audio: Disconnect and free vchi_instance on module_exit().\n- staging: bcm2835-audio: Do not leak workqueue if open fails.\n- staging: bcm2835-audio: constify snd_pcm_ops structures.\n- staging: bcm2835-audio: make snd_pcm_hardware const.\n- staging: comedi: ni_mio_common: fix subdevice flags for PFI subdevice (bsc#1051510).\n- staging: lustre: Use 'kvfree()' for memory allocated by 'kvzalloc()' (bsc#1051510).\n- staging: lustre: disable preempt while sampling processor id (bsc#1051510).\n- staging: lustre: fix bug in osc_enter_cache_try (bsc#1051510).\n- staging: lustre: ldlm: free resource when ldlm_lock_create() fails (bsc#1051510).\n- staging: lustre: libcfs: Prevent harmless read underflow (bsc#1051510).\n- staging: lustre: libcfs: fix test for libcfs_ioctl_hdr minimum size (bsc#1051510).\n- staging: lustre: llite: correct removexattr detection (bsc#1051510).\n- staging: lustre: llite: initialize xattr->xe_namelen (bsc#1051510).\n- staging: lustre: lmv: correctly iput lmo_root (bsc#1051510).\n- staging: lustre: lov: use correct env in lov_io_data_version_end() (bsc#1051510).\n- staging: lustre: o2iblnd: Fix FastReg map/unmap for MLX5 (bsc#1051510).\n- staging: lustre: o2iblnd: Fix crash in kiblnd_handle_early_rxs() (bsc#1051510).\n- staging: lustre: o2iblnd: fix race at kiblnd_connect_peer (bsc#1051510).\n- staging: lustre: obd_mount: use correct niduuid suffix (bsc#1051510).\n- staging: lustre: obdclass: return -EFAULT if copy_from_user() fails (bsc#1051510).\n- staging: lustre: ptlrpc: kfree used instead of kvfree (bsc#1051510).\n- staging: lustre: remove invariant in cl_io_read_ahead() (bsc#1051510).\n- staging: lustre: statahead: remove incorrect test on agl_list_empty() (bsc#1051510).\n- staging: vc04_services: Fix platform_no_drv_owner.cocci warnings.\n- staging: vc04_services: bcm2835-audio Format multiline comment.\n- staging: vc04_services: bcm2835-audio: Add blank line after declaration.\n- staging: vc04_services: bcm2835-audio: Change to unsigned int *.\n- staging: vc04_services: bcm2835-audio: add SPDX identifiers.\n- staging: vc04_services: bcm2835-audio: remove redundant license text.\n- staging: vc04_services: please do not use multiple blank lines.\n- string: drop __must_check from strscpy() and restore strscpy() usages in cgroup (bsc#1051510).\n- sunxi-rsb: Include OF based modalias in device uevent (bsc#1051510).\n- sys: do not hold uts_sem while accessing userspace memory (bnc#1106995).\n- target_core_rbd: break up free_device callback (bsc#1105524).\n- target_core_rbd: use RCU in free_device (bsc#1105524).\n- tcp: add max_quickacks param to tcp_incr_quickack and tcp_enter_quickack_mode (netfilter-stable-18_08_01).\n- tcp: add one more quick ack after after ECN events (netfilter-stable-18_08_01).\n- tcp: do not aggressively quick ack after ECN events (netfilter-stable-18_08_01).\n- tcp: do not force quickack when receiving out-of-order packets (netfilter-stable-18_08_01).\n- tcp: refactor tcp_ecn_check_ce to remove sk type cast (netfilter-stable-18_08_01).\n- tcp_bbr: fix bw probing to raise in-flight data for very small BDPs (netfilter-stable-18_08_01).\n- thermal: thermal_hwmon: Convert to hwmon_device_register_with_info() (bsc#1103363).\n- thermal_hwmon: Pass the originating device down to hwmon_device_register_with_info (bsc#1103363).\n- thermal_hwmon: Sanitize attribute name passed to hwmon (bsc#1103363).\n- ti: ethernet: cpdma: Use correct format for genpool_* (bsc#1051510).\n- tools/power turbostat: Read extended processor family from CPUID (bsc#1051510).\n- tools/power turbostat: fix -S on UP systems (bsc#1051510).\n- tools: usb: ffs-test: Fix build on big endian systems (bsc#1051510).\n- tpm: Introduce flag TPM_TRANSMIT_RAW (bsc#1082555).\n- tpm: cmd_ready command can be issued only after granting locality (bsc#1082555).\n- tpm: fix race condition in tpm_common_write() (bsc#1082555).\n- tpm: fix use after free in tpm2_load_context() (bsc#1082555).\n- tpm: separate cmd_ready/go_idle from runtime_pm (bsc#1082555).\n- tpm: tpm_crb: relinquish locality on error path (bsc#1082555).\n- tpm: vtpm_proxy: Implement request_locality function (bsc#1082555).\n- tracepoint: Do not warn on ENOMEM (bsc#1051510).\n- uart: fix race between uart_put_char() and uart_shutdown() (bsc#1051510).\n- ubifs: Check data node size before truncate (bsc#1051510).\n- ubifs: Fix directory size calculation for symlinks (bsc#1106230).\n- ubifs: Fix memory leak in lprobs self-check (bsc#1051510).\n- ubifs: Fix synced_i_size calculation for xattr inodes (bsc#1051510).\n- ubifs: xattr: Do not operate on deleted inodes (bsc#1051510).\n- udl-kms: avoid division (bsc#1051510).\n- udl-kms: change down_interruptible to down (bsc#1051510).\n- udl-kms: fix crash due to uninitialized memory (bsc#1051510).\n- udl-kms: handle allocation failure (bsc#1051510).\n- udlfb: set optimal write delay (bsc#1051510).\n- usb/phy: fix PPC64 build errors in phy-fsl-usb.c (bsc#1051510).\n- usb: Do not die twice if PCI xhci host is not responding in resume (bsc#1051510).\n- usb: dwc2: fix isoc split in transfer with no data (bsc#1051510).\n- usb: dwc2: gadget: Fix issue in dwc2_gadget_start_isoc() (bsc#1051510).\n- usb: dwc3: pci: add support for Intel IceLake (bsc#1051510).\n- usb: gadget: composite: fix delayed_status race condition when set_interface (bsc#1051510).\n- usb: gadget: dwc2: fix memory leak in gadget_init() (bsc#1051510).\n- usb: gadget: r8a66597: Fix a possible sleep-in-atomic-context bugs in r8a66597_queue() (bsc#1051510).\n- usb: gadget: r8a66597: Fix two possible sleep-in-atomic-context bugs in init_controller() (bsc#1051510).\n- usb: gadget: udc: renesas_usb3: fix maxpacket size of ep0 (bsc#1051510).\n- usb: xhci: increase CRS timeout value (bsc#1051510).\n- userns: move user access out of the mutex (bsc#1051510).\n- vfio/pci: Virtualize Maximum Payload Size (bsc#1051510).\n- vfio/pci: Virtualize Maximum Read Request Size (bsc#1051510).\n- vfio/type1: Fix task tracking for QEMU vCPU hotplug (bsc#1051510).\n- vhost: correctly check the iova range when waking virtqueue (bsc#1051510).\n- vhost: do not try to access device IOTLB when not initialized (bsc#1051510).\n- vhost: reset metadata cache when initializing new IOTLB (netfilter-stable-18_08_17).\n- vhost: use mutex_lock_nested() in vhost_dev_lock_vqs() (bsc#1051510).\n- video: fbdev: pxafb: clear allocated memory for video modes (bsc#1051510).\n- vsock: split dwork to avoid reinitializations (netfilter-stable-18_08_17).\n- wlcore: Set rx_status boottime_ns field on rx (bsc#1051510).\n- x86/CPU/AMD: Derive CPU topology from CPUID function 0xB when available.\n- x86/CPU: Modify detect_extended_topology() to return result.\n- x86/events/intel/ds: Fix bts_interrupt_threshold alignment (git-fixes c1961a4631da).\n- x86/init: fix build with CONFIG_SWAP=n (bnc#1106121).\n- x86/kasan/64: Teach KASAN about the cpu_entry_area (kasan).\n- x86/kvm: fix LAPIC timer drift when guest uses periodic mode (bsc#1106240).\n- x86/mcelog: Get rid of RCU remnants (git-fixes 5de97c9f6d85).\n- x86/mm/kasan: Do not use vmemmap_populate() to initialize shadow (kasan).\n- x86/mm/memory_hotplug: determine block size based on the end of boot memory (bsc#1108243).\n- x86/platform/UV: Add adjustable set memory block size function (bsc#1108243).\n- x86/platform/UV: Add kernel parameter to set memory block size (bsc#1108243).\n- x86/platform/UV: Mark memblock related init code and data correctly (bsc#1108243).\n- x86/platform/UV: Use new set memory block size function (bsc#1108243).\n- x86/spectre: Add missing family 6 check to microcode check (git-fixes a5b296636453).\n- x86/speculation/l1tf: Fix off-by-one error when warning that system has too much RAM (bnc#1105536).\n- x86/speculation/l1tf: Increase l1tf memory limit for Nehalem+ (bnc#1105536).\n- x86/speculation/l1tf: Suggest what to do on systems with too much RAM (bnc#1105536).\n- x86/speculation: Use ARCH_CAPABILITIES to skip L1D flush on vmentry (bsc#1106369).\n- x86/vdso: Fix vDSO build if a retpoline is emitted (git-fixes 76b043848fd2).\n- x86/xen/efi: Initialize only the EFI struct members used by Xen (bnc#1107945).\n- x86: irq_remapping: Move irq remapping mode enum.\n- xen-netfront-dont-bug-in-case-of-too-many-frags.patch: (bnc#1104824).\n- xen-netfront: fix queue name setting (bnc#1065600).\n- xen-netfront: fix warn message as irq device name has '/' (bnc#1065600).\n- xen/blkback: do not keep persistent grants too long (bsc#1085042).\n- xen/blkback: move persistent grants flags to bool (bsc#1085042).\n- xen/blkback: remove unused pers_gnts_lock from struct (bsc#1085042).\n- xen/blkfront: cleanup stale persistent grants (bsc#1085042).\n- xen/blkfront: reorder tests in xlblk_init() (bsc#1085042).\n- xen: avoid crash in disable_hotplug_cpu (bsc#1106594).\n- xen: xenbus_dev_frontend: Fix XS_TRANSACTION_END handling (bnc#1065600).\n- xen: xenbus_dev_frontend: Really return response string (bnc#1065600).\n- xenbus: track caller request id (bnc#1065600).\n- xfs: Fix per-inode DAX flag inheritance (Git-fixes bsc#1109511).\n- xfs: add a new xfs_iext_lookup_extent_before helper (bsc#1095344).\n- xfs: add a xfs_bmap_fork_to_state helper (bsc#1095344).\n- xfs: add a xfs_iext_update_extent helper (bsc#1095344).\n- xfs: add asserts for the mmap lock in xfs_{insert,collapse}_file_space (bsc#1095344).\n- xfs: add comments documenting the rebalance algorithm (bsc#1095344).\n- xfs: add some comments to xfs_iext_insert/xfs_iext_insert_node (bsc#1095344).\n- xfs: allow unaligned extent records in xfs_bmbt_disk_set_all (bsc#1095344).\n- xfs: do not create overlapping extents in xfs_bmap_add_extent_delay_real (bsc#1095344).\n- xfs: do not rely on extent indices in xfs_bmap_collapse_extents (bsc#1095344).\n- xfs: do not rely on extent indices in xfs_bmap_insert_extents (bsc#1095344).\n- xfs: do not set XFS_BTCUR_BPRV_WASDEL in xfs_bunmapi (bsc#1095344).\n- xfs: fix memory leak in xfs_iext_free_last_leaf (bsc#1095344).\n- xfs: fix number of records handling in xfs_iext_split_leaf (bsc#1095344).\n- xfs: fix type usage (bsc#1095344).\n- xfs: handle zero entries case in xfs_iext_rebalance_leaf (bsc#1095344).\n- xfs: inline xfs_shift_file_space into callers (bsc#1095344).\n- xfs: introduce the xfs_iext_cursor abstraction (bsc#1095344).\n- xfs: iterate backwards in xfs_reflink_cancel_cow_blocks (bsc#1095344).\n- xfs: iterate over extents in xfs_bmap_extents_to_btree (bsc#1095344).\n- xfs: iterate over extents in xfs_iextents_copy (bsc#1095344).\n- xfs: make better use of the 'state' variable in xfs_bmap_del_extent_real (bsc#1095344).\n- xfs: merge xfs_bmap_read_extents into xfs_iread_extents (bsc#1095344).\n- xfs: move pre/post-bmap tracing into xfs_iext_update_extent (bsc#1095344).\n- xfs: move some code around inside xfs_bmap_shift_extents (bsc#1095344).\n- xfs: move some more code into xfs_bmap_del_extent_real (bsc#1095344).\n- xfs: move xfs_bmbt_irec and xfs_exntst_t to xfs_types.h (bsc#1095344).\n- xfs: move xfs_iext_insert tracepoint to report useful information (bsc#1095344).\n- xfs: pass a struct xfs_bmbt_irec to xfs_bmbt_lookup_eq (bsc#1095344).\n- xfs: pass a struct xfs_bmbt_irec to xfs_bmbt_update (bsc#1095344).\n- xfs: pass an on-disk extent to xfs_bmbt_validate_extent (bsc#1095344).\n- xfs: pass struct xfs_bmbt_irec to xfs_bmbt_validate_extent (bsc#1095344).\n- xfs: preserve i_rdev when recycling a reclaimable inode (bsc#1095344).\n- xfs: refactor delalloc accounting in xfs_bmap_add_extent_delay_real (bsc#1095344).\n- xfs: refactor dir2 leaf readahead shadow buffer cleverness (bsc#1095344).\n- xfs: refactor xfs_bmap_add_extent_delay_real (bsc#1095344).\n- xfs: refactor xfs_bmap_add_extent_hole_delay (bsc#1095344).\n- xfs: refactor xfs_bmap_add_extent_hole_real (bsc#1095344).\n- xfs: refactor xfs_bmap_add_extent_unwritten_real (bsc#1095344).\n- xfs: refactor xfs_del_extent_real (bsc#1095344).\n- xfs: remove XFS_BMAP_MAX_SHIFT_EXTENTS (bsc#1095344).\n- xfs: remove XFS_BMAP_TRACE_EXLIST (bsc#1095344).\n- xfs: remove a duplicate assignment in xfs_bmap_add_extent_delay_real (bsc#1095344).\n- xfs: remove a superflous assignment in xfs_iext_remove_node (bsc#1095344).\n- xfs: remove all xfs_bmbt_set_* helpers except for xfs_bmbt_set_all (bsc#1095344).\n- xfs: remove if_rdev (bsc#1095344).\n- xfs: remove post-bmap tracing in xfs_bmap_local_to_extents (bsc#1095344).\n- xfs: remove support for inlining data/extents into the inode fork (bsc#1095344).\n- xfs: remove the never fully implemented UUID fork format (bsc#1095344).\n- xfs: remove the nr_extents argument to xfs_iext_insert (bsc#1095344).\n- xfs: remove the nr_extents argument to xfs_iext_remove (bsc#1095344).\n- xfs: remove xfs_bmbt_get_state (bsc#1095344).\n- xfs: remove xfs_bmse_shift_one (bsc#1095344).\n- xfs: rename bno to end in __xfs_bunmapi (bsc#1095344).\n- xfs: replace xfs_bmbt_lookup_ge with xfs_bmbt_lookup_first (bsc#1095344).\n- xfs: replace xfs_qm_get_rtblks with a direct call to xfs_bmap_count_leaves (bsc#1095344).\n- xfs: rewrite getbmap using the xfs_iext_* helpers (bsc#1095344).\n- xfs: rewrite xfs_bmap_count_leaves using xfs_iext_get_extent (bsc#1095344).\n- xfs: rewrite xfs_bmap_first_unused to make better use of xfs_iext_get_extent (bsc#1095344).\n- xfs: simplify the xfs_getbmap interface (bsc#1095344).\n- xfs: simplify xfs_reflink_convert_cow (bsc#1095344).\n- xfs: split xfs_bmap_shift_extents (bsc#1095344).\n- xfs: switch xfs_bmap_local_to_extents to use xfs_iext_insert (bsc#1095344).\n- xfs: treat idx as a cursor in xfs_bmap_add_extent_delay_real (bsc#1095344).\n- xfs: treat idx as a cursor in xfs_bmap_add_extent_hole_delay (bsc#1095344).\n- xfs: treat idx as a cursor in xfs_bmap_add_extent_hole_real (bsc#1095344).\n- xfs: treat idx as a cursor in xfs_bmap_add_extent_unwritten_real (bsc#1095344).\n- xfs: treat idx as a cursor in xfs_bmap_collapse_extents (bsc#1095344).\n- xfs: treat idx as a cursor in xfs_bmap_del_extent_* (bsc#1095344).\n- xfs: trivial indentation fixup for xfs_iext_remove_node (bsc#1095344).\n- xfs: update got in xfs_bmap_shift_update_extent (bsc#1095344).\n- xfs: use a b+tree for the in-core extent list (bsc#1095344).\n- xfs: use correct state defines in xfs_bmap_del_extent_{cow,delay} (bsc#1095344).\n- xfs: use the state defines in xfs_bmap_del_extent_real (bsc#1095344).\n- xfs: use xfs_bmap_del_extent_delay for the data fork as well (bsc#1095344).\n- xfs: use xfs_iext_*_extent helpers in xfs_bmap_shift_extents (bsc#1095344).\n- xfs: use xfs_iext_*_extent helpers in xfs_bmap_split_extent_at (bsc#1095344).\n- xfs: use xfs_iext_get_extent in xfs_bmap_first_unused (bsc#1095344).\n- xfs: use xfs_iext_get_extent instead of open coding it (bsc#1095344).\n", title: "Description of the patch", }, { category: "details", text: "SUSE-SLE-Module-Basesystem-15-2018-2120,SUSE-SLE-Module-Development-Tools-15-2018-2120,SUSE-SLE-Module-Legacy-15-2018-2120,SUSE-SLE-Product-HA-15-2018-2120,SUSE-SLE-Product-WE-15-2018-2120", title: "Patchnames", }, { category: "legal_disclaimer", text: "CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).", title: "Terms of use", }, ], publisher: { category: "vendor", contact_details: "https://www.suse.com/support/security/contact/", name: "SUSE Product Security Team", namespace: "https://www.suse.com/", }, references: [ { category: "external", summary: "SUSE ratings", url: "https://www.suse.com/support/security/rating/", }, { category: "self", summary: "URL of this CSAF notice", url: "https://ftp.suse.com/pub/projects/security/csaf/suse-su-2018_2980-1.json", }, { category: "self", summary: "URL for SUSE-SU-2018:2980-1", url: "https://www.suse.com/support/update/announcement/2018/suse-su-20182980-1/", }, { category: "self", summary: "E-Mail link for SUSE-SU-2018:2980-1", url: "https://lists.suse.com/pipermail/sle-security-updates/2018-October/004637.html", }, { category: "self", summary: "SUSE Bug 1012382", url: "https://bugzilla.suse.com/1012382", }, { category: "self", summary: "SUSE Bug 1043912", url: "https://bugzilla.suse.com/1043912", }, { category: "self", summary: "SUSE Bug 1044189", url: "https://bugzilla.suse.com/1044189", }, { category: "self", summary: "SUSE Bug 1046302", url: "https://bugzilla.suse.com/1046302", }, { category: "self", summary: "SUSE Bug 1046306", url: "https://bugzilla.suse.com/1046306", }, { category: "self", summary: "SUSE Bug 1046307", url: "https://bugzilla.suse.com/1046307", }, { category: "self", summary: "SUSE Bug 1046543", url: "https://bugzilla.suse.com/1046543", }, { category: "self", summary: "SUSE Bug 1050244", url: "https://bugzilla.suse.com/1050244", }, { category: "self", summary: "SUSE Bug 1051510", url: "https://bugzilla.suse.com/1051510", }, { category: "self", summary: "SUSE Bug 1054914", url: "https://bugzilla.suse.com/1054914", }, { category: "self", summary: "SUSE Bug 1055014", url: "https://bugzilla.suse.com/1055014", }, { category: "self", summary: "SUSE Bug 1055117", url: "https://bugzilla.suse.com/1055117", }, { category: "self", summary: "SUSE Bug 1058659", url: "https://bugzilla.suse.com/1058659", }, { category: "self", summary: "SUSE Bug 1060463", url: "https://bugzilla.suse.com/1060463", }, { category: "self", summary: "SUSE Bug 1064232", url: "https://bugzilla.suse.com/1064232", }, { category: "self", summary: "SUSE Bug 1065600", url: "https://bugzilla.suse.com/1065600", }, { category: "self", summary: "SUSE Bug 1065729", url: "https://bugzilla.suse.com/1065729", }, { category: "self", summary: "SUSE Bug 1068032", url: "https://bugzilla.suse.com/1068032", }, { category: "self", summary: "SUSE Bug 1069138", url: "https://bugzilla.suse.com/1069138", }, { category: "self", summary: "SUSE Bug 1071995", url: "https://bugzilla.suse.com/1071995", }, { category: "self", summary: "SUSE Bug 1077761", url: "https://bugzilla.suse.com/1077761", }, { category: "self", summary: "SUSE Bug 1077989", url: "https://bugzilla.suse.com/1077989", }, { category: "self", summary: "SUSE Bug 1078720", url: "https://bugzilla.suse.com/1078720", }, { category: "self", summary: "SUSE Bug 1080157", url: "https://bugzilla.suse.com/1080157", }, { category: "self", summary: "SUSE Bug 1082555", url: "https://bugzilla.suse.com/1082555", }, { category: "self", summary: "SUSE Bug 1083647", url: "https://bugzilla.suse.com/1083647", }, { category: "self", summary: "SUSE Bug 1083663", url: "https://bugzilla.suse.com/1083663", }, { category: "self", summary: "SUSE Bug 1084332", url: "https://bugzilla.suse.com/1084332", }, { category: "self", summary: "SUSE Bug 1085042", url: "https://bugzilla.suse.com/1085042", }, { category: "self", summary: "SUSE Bug 1085262", url: "https://bugzilla.suse.com/1085262", }, { category: "self", summary: "SUSE Bug 1086282", url: "https://bugzilla.suse.com/1086282", }, { category: "self", summary: "SUSE Bug 1089663", url: "https://bugzilla.suse.com/1089663", }, { category: "self", summary: "SUSE Bug 1090528", url: "https://bugzilla.suse.com/1090528", }, { category: "self", summary: "SUSE Bug 1092903", url: "https://bugzilla.suse.com/1092903", }, { category: "self", summary: "SUSE Bug 1093389", url: "https://bugzilla.suse.com/1093389", }, { category: "self", summary: "SUSE Bug 1094244", url: "https://bugzilla.suse.com/1094244", }, { category: "self", summary: "SUSE Bug 1095344", url: "https://bugzilla.suse.com/1095344", }, { category: "self", summary: "SUSE Bug 1096748", url: "https://bugzilla.suse.com/1096748", }, { category: "self", summary: "SUSE Bug 1097105", url: "https://bugzilla.suse.com/1097105", }, { category: "self", summary: "SUSE Bug 1098459", url: "https://bugzilla.suse.com/1098459", }, { category: "self", summary: "SUSE Bug 1098822", url: "https://bugzilla.suse.com/1098822", }, { category: "self", summary: "SUSE Bug 1099922", url: "https://bugzilla.suse.com/1099922", }, { category: "self", summary: "SUSE Bug 1099999", url: "https://bugzilla.suse.com/1099999", }, { category: "self", summary: "SUSE Bug 1100000", url: "https://bugzilla.suse.com/1100000", }, { category: "self", summary: "SUSE Bug 1100001", url: "https://bugzilla.suse.com/1100001", }, { category: "self", summary: "SUSE Bug 1100132", url: "https://bugzilla.suse.com/1100132", }, { category: "self", summary: "SUSE Bug 1101557", url: "https://bugzilla.suse.com/1101557", }, { category: "self", summary: "SUSE Bug 1101669", url: "https://bugzilla.suse.com/1101669", }, { category: "self", summary: "SUSE Bug 1102346", url: "https://bugzilla.suse.com/1102346", }, { category: "self", summary: "SUSE Bug 1102870", url: "https://bugzilla.suse.com/1102870", }, { category: "self", summary: "SUSE Bug 1102875", url: "https://bugzilla.suse.com/1102875", }, { category: "self", summary: "SUSE Bug 1102877", url: "https://bugzilla.suse.com/1102877", }, { category: "self", summary: "SUSE Bug 1102879", url: "https://bugzilla.suse.com/1102879", }, { category: "self", summary: "SUSE Bug 1102882", url: "https://bugzilla.suse.com/1102882", }, { category: "self", summary: "SUSE Bug 1102896", url: "https://bugzilla.suse.com/1102896", }, { category: "self", summary: "SUSE Bug 1103363", url: "https://bugzilla.suse.com/1103363", }, { category: "self", summary: "SUSE Bug 1103387", url: "https://bugzilla.suse.com/1103387", }, { category: "self", summary: "SUSE Bug 1103421", url: "https://bugzilla.suse.com/1103421", }, { category: "self", summary: "SUSE Bug 1103948", url: "https://bugzilla.suse.com/1103948", }, { category: "self", summary: "SUSE Bug 1103949", url: "https://bugzilla.suse.com/1103949", }, { category: "self", summary: "SUSE Bug 1103961", url: "https://bugzilla.suse.com/1103961", }, { category: "self", summary: "SUSE Bug 1104172", url: "https://bugzilla.suse.com/1104172", }, { category: "self", summary: "SUSE Bug 1104353", url: "https://bugzilla.suse.com/1104353", }, { category: "self", summary: "SUSE Bug 1104824", url: "https://bugzilla.suse.com/1104824", }, { category: "self", summary: "SUSE Bug 1105247", url: "https://bugzilla.suse.com/1105247", }, { category: "self", summary: "SUSE Bug 1105524", url: "https://bugzilla.suse.com/1105524", }, { category: "self", summary: "SUSE Bug 1105536", url: "https://bugzilla.suse.com/1105536", }, { category: "self", summary: "SUSE Bug 1105597", url: "https://bugzilla.suse.com/1105597", }, { category: "self", summary: "SUSE Bug 1105603", url: "https://bugzilla.suse.com/1105603", }, { category: "self", summary: "SUSE Bug 1105672", url: "https://bugzilla.suse.com/1105672", }, { category: "self", summary: "SUSE Bug 1105907", url: "https://bugzilla.suse.com/1105907", }, { category: "self", summary: "SUSE Bug 1106007", url: "https://bugzilla.suse.com/1106007", }, { category: "self", summary: "SUSE Bug 1106016", url: "https://bugzilla.suse.com/1106016", }, { category: "self", summary: "SUSE Bug 1106105", url: "https://bugzilla.suse.com/1106105", }, { category: "self", summary: "SUSE Bug 1106121", url: "https://bugzilla.suse.com/1106121", }, { category: "self", summary: "SUSE Bug 1106170", url: "https://bugzilla.suse.com/1106170", }, { category: "self", summary: "SUSE Bug 1106178", url: "https://bugzilla.suse.com/1106178", }, { category: "self", summary: "SUSE Bug 1106191", url: "https://bugzilla.suse.com/1106191", }, { category: "self", summary: "SUSE Bug 1106229", url: "https://bugzilla.suse.com/1106229", }, { category: "self", summary: "SUSE Bug 1106230", url: "https://bugzilla.suse.com/1106230", }, { category: "self", summary: "SUSE Bug 1106231", url: "https://bugzilla.suse.com/1106231", }, { category: "self", summary: "SUSE Bug 1106233", url: "https://bugzilla.suse.com/1106233", }, { category: "self", summary: "SUSE Bug 1106235", url: "https://bugzilla.suse.com/1106235", }, { category: "self", summary: "SUSE Bug 1106236", url: "https://bugzilla.suse.com/1106236", }, { category: "self", summary: "SUSE Bug 1106237", url: "https://bugzilla.suse.com/1106237", }, { category: "self", summary: "SUSE Bug 1106238", url: "https://bugzilla.suse.com/1106238", }, { category: "self", summary: "SUSE Bug 1106240", url: "https://bugzilla.suse.com/1106240", }, { category: "self", summary: "SUSE Bug 1106291", url: "https://bugzilla.suse.com/1106291", }, { category: "self", summary: "SUSE Bug 1106297", url: "https://bugzilla.suse.com/1106297", }, { category: "self", summary: "SUSE Bug 1106333", url: "https://bugzilla.suse.com/1106333", }, { category: "self", summary: "SUSE Bug 1106369", url: "https://bugzilla.suse.com/1106369", }, { category: "self", summary: "SUSE Bug 1106426", url: "https://bugzilla.suse.com/1106426", }, { category: "self", summary: "SUSE Bug 1106427", url: "https://bugzilla.suse.com/1106427", }, { category: "self", summary: "SUSE Bug 1106464", url: "https://bugzilla.suse.com/1106464", }, { category: "self", summary: "SUSE Bug 1106509", url: "https://bugzilla.suse.com/1106509", }, { category: "self", summary: "SUSE Bug 1106511", url: "https://bugzilla.suse.com/1106511", }, { category: "self", summary: "SUSE Bug 1106594", url: "https://bugzilla.suse.com/1106594", }, { category: "self", summary: "SUSE Bug 1106636", url: "https://bugzilla.suse.com/1106636", }, { category: "self", summary: "SUSE Bug 1106688", url: "https://bugzilla.suse.com/1106688", }, { category: "self", summary: "SUSE Bug 1106697", url: "https://bugzilla.suse.com/1106697", }, { category: "self", summary: "SUSE Bug 1106743", url: "https://bugzilla.suse.com/1106743", }, { category: "self", summary: "SUSE Bug 1106779", url: "https://bugzilla.suse.com/1106779", }, { category: "self", summary: "SUSE Bug 1106800", url: "https://bugzilla.suse.com/1106800", }, { category: "self", summary: "SUSE Bug 1106890", url: "https://bugzilla.suse.com/1106890", }, { category: "self", summary: "SUSE Bug 1106891", url: "https://bugzilla.suse.com/1106891", }, { category: "self", summary: "SUSE Bug 1106892", url: "https://bugzilla.suse.com/1106892", }, { category: "self", summary: "SUSE Bug 1106893", url: "https://bugzilla.suse.com/1106893", }, { category: "self", summary: "SUSE Bug 1106894", url: "https://bugzilla.suse.com/1106894", }, { category: "self", summary: "SUSE Bug 1106896", url: "https://bugzilla.suse.com/1106896", }, { category: "self", summary: "SUSE Bug 1106897", url: "https://bugzilla.suse.com/1106897", }, { category: "self", summary: "SUSE Bug 1106898", url: "https://bugzilla.suse.com/1106898", }, { category: "self", summary: "SUSE Bug 1106899", url: "https://bugzilla.suse.com/1106899", }, { category: "self", summary: "SUSE Bug 1106900", url: "https://bugzilla.suse.com/1106900", }, { category: "self", summary: "SUSE Bug 1106901", url: "https://bugzilla.suse.com/1106901", }, { category: "self", summary: "SUSE Bug 1106902", url: "https://bugzilla.suse.com/1106902", }, { category: "self", summary: "SUSE Bug 1106903", url: "https://bugzilla.suse.com/1106903", }, { category: "self", summary: "SUSE Bug 1106905", url: "https://bugzilla.suse.com/1106905", }, { category: "self", summary: "SUSE Bug 1106906", url: "https://bugzilla.suse.com/1106906", }, { category: "self", summary: "SUSE Bug 1106948", url: "https://bugzilla.suse.com/1106948", }, { category: "self", summary: "SUSE Bug 1106995", url: "https://bugzilla.suse.com/1106995", }, { category: "self", summary: "SUSE Bug 1107008", url: "https://bugzilla.suse.com/1107008", }, { category: "self", summary: "SUSE Bug 1107060", url: "https://bugzilla.suse.com/1107060", }, { category: "self", summary: "SUSE Bug 1107061", url: "https://bugzilla.suse.com/1107061", }, { category: "self", summary: "SUSE Bug 1107065", url: "https://bugzilla.suse.com/1107065", }, { category: "self", summary: "SUSE Bug 1107073", url: "https://bugzilla.suse.com/1107073", }, { category: "self", summary: "SUSE Bug 1107074", url: "https://bugzilla.suse.com/1107074", }, { category: "self", summary: "SUSE Bug 1107078", url: "https://bugzilla.suse.com/1107078", }, { category: "self", summary: "SUSE Bug 1107265", url: "https://bugzilla.suse.com/1107265", }, { category: "self", summary: "SUSE Bug 1107319", url: "https://bugzilla.suse.com/1107319", }, { category: "self", summary: "SUSE Bug 1107320", url: "https://bugzilla.suse.com/1107320", }, { category: "self", summary: "SUSE Bug 1107522", url: "https://bugzilla.suse.com/1107522", }, { category: "self", summary: "SUSE Bug 1107535", url: "https://bugzilla.suse.com/1107535", }, { category: "self", summary: "SUSE Bug 1107689", url: "https://bugzilla.suse.com/1107689", }, { category: "self", summary: "SUSE Bug 1107735", url: "https://bugzilla.suse.com/1107735", }, { category: "self", summary: "SUSE Bug 1107756", url: "https://bugzilla.suse.com/1107756", }, { category: "self", summary: "SUSE Bug 1107870", url: "https://bugzilla.suse.com/1107870", }, { category: "self", summary: "SUSE Bug 1107924", url: "https://bugzilla.suse.com/1107924", }, { category: "self", summary: "SUSE Bug 1107945", url: "https://bugzilla.suse.com/1107945", }, { category: "self", summary: "SUSE Bug 1107966", url: "https://bugzilla.suse.com/1107966", }, { category: "self", summary: "SUSE Bug 1108010", url: "https://bugzilla.suse.com/1108010", }, { category: "self", summary: "SUSE Bug 1108093", url: "https://bugzilla.suse.com/1108093", }, { category: "self", summary: "SUSE Bug 1108243", url: "https://bugzilla.suse.com/1108243", }, { category: "self", summary: "SUSE Bug 1108520", url: "https://bugzilla.suse.com/1108520", }, { category: "self", summary: "SUSE Bug 1108870", url: "https://bugzilla.suse.com/1108870", }, { category: "self", summary: "SUSE Bug 1109269", url: "https://bugzilla.suse.com/1109269", }, { category: "self", summary: "SUSE Bug 1109511", url: "https://bugzilla.suse.com/1109511", }, { category: "self", summary: "SUSE Bug 920344", url: "https://bugzilla.suse.com/920344", }, { category: "self", summary: "SUSE CVE CVE-2018-10938 page", url: "https://www.suse.com/security/cve/CVE-2018-10938/", }, { category: "self", summary: "SUSE CVE CVE-2018-10940 page", url: "https://www.suse.com/security/cve/CVE-2018-10940/", }, { category: "self", summary: "SUSE CVE CVE-2018-1128 page", url: "https://www.suse.com/security/cve/CVE-2018-1128/", }, { category: "self", summary: "SUSE CVE CVE-2018-1129 page", url: "https://www.suse.com/security/cve/CVE-2018-1129/", }, { category: "self", summary: "SUSE CVE CVE-2018-12896 page", url: "https://www.suse.com/security/cve/CVE-2018-12896/", }, { category: "self", summary: "SUSE CVE CVE-2018-13093 page", url: "https://www.suse.com/security/cve/CVE-2018-13093/", }, { category: "self", summary: "SUSE CVE CVE-2018-13094 page", url: "https://www.suse.com/security/cve/CVE-2018-13094/", }, { category: "self", summary: "SUSE CVE CVE-2018-13095 page", url: "https://www.suse.com/security/cve/CVE-2018-13095/", }, { category: "self", summary: "SUSE CVE CVE-2018-14613 page", url: "https://www.suse.com/security/cve/CVE-2018-14613/", }, { category: "self", summary: "SUSE CVE CVE-2018-14617 page", url: "https://www.suse.com/security/cve/CVE-2018-14617/", }, { category: "self", summary: "SUSE CVE CVE-2018-16658 page", url: "https://www.suse.com/security/cve/CVE-2018-16658/", }, { category: "self", summary: "SUSE CVE CVE-2018-6554 page", url: "https://www.suse.com/security/cve/CVE-2018-6554/", }, { category: "self", summary: "SUSE CVE CVE-2018-6555 page", url: "https://www.suse.com/security/cve/CVE-2018-6555/", }, ], title: "Security update for the Linux Kernel", tracking: { current_release_date: "2018-10-02T14:32:33Z", generator: { date: "2018-10-02T14:32:33Z", engine: { name: "cve-database.git:bin/generate-csaf.pl", version: "1", }, }, id: "SUSE-SU-2018:2980-1", initial_release_date: "2018-10-02T14:32:33Z", revision_history: [ { date: "2018-10-02T14:32:33Z", number: "1", summary: "Current version", }, ], status: "final", version: "1", }, }, product_tree: { branches: [ { branches: [ { branches: [ { category: "product_version", name: "kernel-default-4.12.14-25.19.1.aarch64", product: { name: "kernel-default-4.12.14-25.19.1.aarch64", product_id: "kernel-default-4.12.14-25.19.1.aarch64", }, }, { category: "product_version", name: "kernel-default-devel-4.12.14-25.19.1.aarch64", product: { name: "kernel-default-devel-4.12.14-25.19.1.aarch64", product_id: "kernel-default-devel-4.12.14-25.19.1.aarch64", }, }, { category: "product_version", name: "kernel-obs-build-4.12.14-25.19.1.aarch64", product: { name: "kernel-obs-build-4.12.14-25.19.1.aarch64", product_id: "kernel-obs-build-4.12.14-25.19.1.aarch64", }, }, { category: "product_version", name: "kernel-syms-4.12.14-25.19.1.aarch64", product: { name: "kernel-syms-4.12.14-25.19.1.aarch64", product_id: "kernel-syms-4.12.14-25.19.1.aarch64", }, }, { category: "product_version", name: "kernel-vanilla-base-4.12.14-25.19.1.aarch64", product: { name: "kernel-vanilla-base-4.12.14-25.19.1.aarch64", product_id: "kernel-vanilla-base-4.12.14-25.19.1.aarch64", }, }, { category: "product_version", name: "reiserfs-kmp-default-4.12.14-25.19.1.aarch64", product: { name: "reiserfs-kmp-default-4.12.14-25.19.1.aarch64", product_id: "reiserfs-kmp-default-4.12.14-25.19.1.aarch64", }, }, { category: "product_version", name: "cluster-md-kmp-default-4.12.14-25.19.1.aarch64", product: { name: "cluster-md-kmp-default-4.12.14-25.19.1.aarch64", product_id: "cluster-md-kmp-default-4.12.14-25.19.1.aarch64", }, }, { category: "product_version", name: "dlm-kmp-default-4.12.14-25.19.1.aarch64", product: { name: "dlm-kmp-default-4.12.14-25.19.1.aarch64", product_id: "dlm-kmp-default-4.12.14-25.19.1.aarch64", }, }, { category: "product_version", name: "gfs2-kmp-default-4.12.14-25.19.1.aarch64", product: { name: "gfs2-kmp-default-4.12.14-25.19.1.aarch64", product_id: "gfs2-kmp-default-4.12.14-25.19.1.aarch64", }, }, { category: "product_version", name: "ocfs2-kmp-default-4.12.14-25.19.1.aarch64", product: { name: "ocfs2-kmp-default-4.12.14-25.19.1.aarch64", product_id: "ocfs2-kmp-default-4.12.14-25.19.1.aarch64", }, }, ], category: "architecture", name: "aarch64", }, { branches: [ { category: "product_version", name: "kernel-devel-4.12.14-25.19.1.noarch", product: { name: "kernel-devel-4.12.14-25.19.1.noarch", product_id: "kernel-devel-4.12.14-25.19.1.noarch", }, }, { category: "product_version", name: "kernel-macros-4.12.14-25.19.1.noarch", product: { name: "kernel-macros-4.12.14-25.19.1.noarch", product_id: "kernel-macros-4.12.14-25.19.1.noarch", }, }, { category: "product_version", name: "kernel-docs-4.12.14-25.19.1.noarch", product: { name: "kernel-docs-4.12.14-25.19.1.noarch", product_id: "kernel-docs-4.12.14-25.19.1.noarch", }, }, { category: "product_version", name: "kernel-source-4.12.14-25.19.1.noarch", product: { name: "kernel-source-4.12.14-25.19.1.noarch", product_id: "kernel-source-4.12.14-25.19.1.noarch", }, }, ], category: "architecture", name: "noarch", }, { branches: [ { category: "product_version", name: "kernel-default-4.12.14-25.19.1.ppc64le", product: { name: "kernel-default-4.12.14-25.19.1.ppc64le", product_id: "kernel-default-4.12.14-25.19.1.ppc64le", }, }, { category: "product_version", name: "kernel-default-devel-4.12.14-25.19.1.ppc64le", product: { name: "kernel-default-devel-4.12.14-25.19.1.ppc64le", product_id: "kernel-default-devel-4.12.14-25.19.1.ppc64le", }, }, { category: "product_version", name: "kernel-obs-build-4.12.14-25.19.1.ppc64le", product: { name: "kernel-obs-build-4.12.14-25.19.1.ppc64le", product_id: "kernel-obs-build-4.12.14-25.19.1.ppc64le", }, }, { category: "product_version", name: "kernel-syms-4.12.14-25.19.1.ppc64le", product: { name: "kernel-syms-4.12.14-25.19.1.ppc64le", product_id: "kernel-syms-4.12.14-25.19.1.ppc64le", }, }, { category: "product_version", name: "kernel-vanilla-base-4.12.14-25.19.1.ppc64le", product: { name: "kernel-vanilla-base-4.12.14-25.19.1.ppc64le", product_id: "kernel-vanilla-base-4.12.14-25.19.1.ppc64le", }, }, { category: "product_version", name: "reiserfs-kmp-default-4.12.14-25.19.1.ppc64le", product: { name: "reiserfs-kmp-default-4.12.14-25.19.1.ppc64le", product_id: "reiserfs-kmp-default-4.12.14-25.19.1.ppc64le", }, }, { category: "product_version", name: "cluster-md-kmp-default-4.12.14-25.19.1.ppc64le", product: { name: "cluster-md-kmp-default-4.12.14-25.19.1.ppc64le", product_id: "cluster-md-kmp-default-4.12.14-25.19.1.ppc64le", }, }, { category: "product_version", name: "dlm-kmp-default-4.12.14-25.19.1.ppc64le", product: { name: "dlm-kmp-default-4.12.14-25.19.1.ppc64le", product_id: "dlm-kmp-default-4.12.14-25.19.1.ppc64le", }, }, { category: "product_version", name: "gfs2-kmp-default-4.12.14-25.19.1.ppc64le", product: { name: "gfs2-kmp-default-4.12.14-25.19.1.ppc64le", product_id: "gfs2-kmp-default-4.12.14-25.19.1.ppc64le", }, }, { category: "product_version", name: "ocfs2-kmp-default-4.12.14-25.19.1.ppc64le", product: { name: "ocfs2-kmp-default-4.12.14-25.19.1.ppc64le", product_id: "ocfs2-kmp-default-4.12.14-25.19.1.ppc64le", }, }, ], category: "architecture", name: "ppc64le", }, { branches: [ { category: "product_version", name: "kernel-default-4.12.14-25.19.1.s390x", product: { name: "kernel-default-4.12.14-25.19.1.s390x", product_id: "kernel-default-4.12.14-25.19.1.s390x", }, }, { category: "product_version", name: "kernel-default-devel-4.12.14-25.19.1.s390x", product: { name: "kernel-default-devel-4.12.14-25.19.1.s390x", product_id: "kernel-default-devel-4.12.14-25.19.1.s390x", }, }, { category: "product_version", name: "kernel-default-man-4.12.14-25.19.1.s390x", product: { name: "kernel-default-man-4.12.14-25.19.1.s390x", product_id: "kernel-default-man-4.12.14-25.19.1.s390x", }, }, { category: "product_version", name: "kernel-zfcpdump-4.12.14-25.19.1.s390x", product: { name: "kernel-zfcpdump-4.12.14-25.19.1.s390x", product_id: "kernel-zfcpdump-4.12.14-25.19.1.s390x", }, }, { category: "product_version", name: "kernel-obs-build-4.12.14-25.19.1.s390x", product: { name: "kernel-obs-build-4.12.14-25.19.1.s390x", product_id: "kernel-obs-build-4.12.14-25.19.1.s390x", }, }, { category: "product_version", name: "kernel-syms-4.12.14-25.19.1.s390x", product: { name: "kernel-syms-4.12.14-25.19.1.s390x", product_id: "kernel-syms-4.12.14-25.19.1.s390x", }, }, { category: "product_version", name: "kernel-vanilla-base-4.12.14-25.19.1.s390x", product: { name: "kernel-vanilla-base-4.12.14-25.19.1.s390x", product_id: "kernel-vanilla-base-4.12.14-25.19.1.s390x", }, }, { category: "product_version", name: "reiserfs-kmp-default-4.12.14-25.19.1.s390x", product: { name: "reiserfs-kmp-default-4.12.14-25.19.1.s390x", product_id: "reiserfs-kmp-default-4.12.14-25.19.1.s390x", }, }, { category: "product_version", name: "cluster-md-kmp-default-4.12.14-25.19.1.s390x", product: { name: "cluster-md-kmp-default-4.12.14-25.19.1.s390x", product_id: "cluster-md-kmp-default-4.12.14-25.19.1.s390x", }, }, { category: "product_version", name: "dlm-kmp-default-4.12.14-25.19.1.s390x", product: { name: "dlm-kmp-default-4.12.14-25.19.1.s390x", product_id: "dlm-kmp-default-4.12.14-25.19.1.s390x", }, }, { category: "product_version", name: "gfs2-kmp-default-4.12.14-25.19.1.s390x", product: { name: "gfs2-kmp-default-4.12.14-25.19.1.s390x", product_id: "gfs2-kmp-default-4.12.14-25.19.1.s390x", }, }, { category: "product_version", name: "ocfs2-kmp-default-4.12.14-25.19.1.s390x", product: { name: "ocfs2-kmp-default-4.12.14-25.19.1.s390x", product_id: "ocfs2-kmp-default-4.12.14-25.19.1.s390x", }, }, ], category: "architecture", name: "s390x", }, { branches: [ { category: "product_version", name: "kernel-default-4.12.14-25.19.1.x86_64", product: { name: "kernel-default-4.12.14-25.19.1.x86_64", product_id: "kernel-default-4.12.14-25.19.1.x86_64", }, }, { category: "product_version", name: "kernel-default-devel-4.12.14-25.19.1.x86_64", product: { name: "kernel-default-devel-4.12.14-25.19.1.x86_64", product_id: "kernel-default-devel-4.12.14-25.19.1.x86_64", }, }, { category: "product_version", name: "kernel-obs-build-4.12.14-25.19.1.x86_64", product: { name: "kernel-obs-build-4.12.14-25.19.1.x86_64", product_id: "kernel-obs-build-4.12.14-25.19.1.x86_64", }, }, { category: "product_version", name: "kernel-syms-4.12.14-25.19.1.x86_64", product: { name: "kernel-syms-4.12.14-25.19.1.x86_64", product_id: "kernel-syms-4.12.14-25.19.1.x86_64", }, }, { category: "product_version", name: "kernel-vanilla-base-4.12.14-25.19.1.x86_64", product: { name: "kernel-vanilla-base-4.12.14-25.19.1.x86_64", product_id: "kernel-vanilla-base-4.12.14-25.19.1.x86_64", }, }, { category: "product_version", name: "reiserfs-kmp-default-4.12.14-25.19.1.x86_64", product: { name: "reiserfs-kmp-default-4.12.14-25.19.1.x86_64", product_id: "reiserfs-kmp-default-4.12.14-25.19.1.x86_64", }, }, { category: "product_version", name: "cluster-md-kmp-default-4.12.14-25.19.1.x86_64", product: { name: "cluster-md-kmp-default-4.12.14-25.19.1.x86_64", product_id: "cluster-md-kmp-default-4.12.14-25.19.1.x86_64", }, }, { category: "product_version", name: "dlm-kmp-default-4.12.14-25.19.1.x86_64", product: { name: "dlm-kmp-default-4.12.14-25.19.1.x86_64", product_id: "dlm-kmp-default-4.12.14-25.19.1.x86_64", }, }, { category: "product_version", name: "gfs2-kmp-default-4.12.14-25.19.1.x86_64", product: { name: "gfs2-kmp-default-4.12.14-25.19.1.x86_64", product_id: "gfs2-kmp-default-4.12.14-25.19.1.x86_64", }, }, { category: "product_version", name: "ocfs2-kmp-default-4.12.14-25.19.1.x86_64", product: { name: "ocfs2-kmp-default-4.12.14-25.19.1.x86_64", product_id: "ocfs2-kmp-default-4.12.14-25.19.1.x86_64", }, }, { category: "product_version", name: "kernel-default-extra-4.12.14-25.19.1.x86_64", product: { name: "kernel-default-extra-4.12.14-25.19.1.x86_64", product_id: "kernel-default-extra-4.12.14-25.19.1.x86_64", }, }, ], category: "architecture", name: "x86_64", }, { branches: [ { category: "product_name", name: "SUSE Linux Enterprise Module for Basesystem 15", product: { name: "SUSE Linux Enterprise Module for Basesystem 15", product_id: "SUSE Linux Enterprise Module for Basesystem 15", product_identification_helper: { cpe: "cpe:/o:suse:sle-module-basesystem:15", }, }, }, { category: "product_name", name: "SUSE Linux Enterprise Module for Development Tools 15", product: { name: "SUSE Linux Enterprise Module for Development Tools 15", product_id: "SUSE Linux Enterprise Module for Development Tools 15", product_identification_helper: { cpe: "cpe:/o:suse:sle-module-development-tools:15", }, }, }, { category: "product_name", name: "SUSE Linux Enterprise Module for Legacy 15", product: { name: "SUSE Linux Enterprise Module for Legacy 15", product_id: "SUSE Linux Enterprise Module for Legacy 15", product_identification_helper: { cpe: "cpe:/o:suse:sle-module-legacy:15", }, }, }, { category: "product_name", name: "SUSE Linux Enterprise High Availability Extension 15", product: { name: "SUSE Linux Enterprise High Availability Extension 15", product_id: "SUSE Linux Enterprise High Availability Extension 15", product_identification_helper: { cpe: "cpe:/o:suse:sle-ha:15", }, }, }, { category: "product_name", name: "SUSE Linux Enterprise Workstation Extension 15", product: { name: "SUSE Linux Enterprise Workstation Extension 15", product_id: "SUSE Linux Enterprise Workstation Extension 15", product_identification_helper: { cpe: "cpe:/o:suse:sle-we:15", }, }, }, ], category: "product_family", name: "SUSE Linux Enterprise", }, ], category: "vendor", name: "SUSE", }, ], relationships: [ { category: "default_component_of", full_product_name: { name: "kernel-default-4.12.14-25.19.1.aarch64 as component of SUSE Linux Enterprise Module for Basesystem 15", product_id: "SUSE Linux Enterprise Module for Basesystem 15:kernel-default-4.12.14-25.19.1.aarch64", }, product_reference: "kernel-default-4.12.14-25.19.1.aarch64", relates_to_product_reference: "SUSE Linux Enterprise Module for Basesystem 15", }, { category: "default_component_of", full_product_name: { name: "kernel-default-4.12.14-25.19.1.ppc64le as component of SUSE Linux Enterprise Module for Basesystem 15", product_id: "SUSE Linux Enterprise Module for Basesystem 15:kernel-default-4.12.14-25.19.1.ppc64le", }, product_reference: "kernel-default-4.12.14-25.19.1.ppc64le", relates_to_product_reference: "SUSE Linux Enterprise Module for Basesystem 15", }, { category: "default_component_of", full_product_name: { name: "kernel-default-4.12.14-25.19.1.s390x as component of SUSE Linux Enterprise Module for Basesystem 15", product_id: "SUSE Linux Enterprise Module for Basesystem 15:kernel-default-4.12.14-25.19.1.s390x", }, product_reference: "kernel-default-4.12.14-25.19.1.s390x", relates_to_product_reference: "SUSE Linux Enterprise Module for Basesystem 15", }, { category: "default_component_of", full_product_name: { name: "kernel-default-4.12.14-25.19.1.x86_64 as component of SUSE Linux Enterprise Module for Basesystem 15", product_id: "SUSE Linux Enterprise Module for Basesystem 15:kernel-default-4.12.14-25.19.1.x86_64", }, product_reference: "kernel-default-4.12.14-25.19.1.x86_64", relates_to_product_reference: "SUSE Linux Enterprise Module for Basesystem 15", }, { category: "default_component_of", full_product_name: { name: "kernel-default-devel-4.12.14-25.19.1.aarch64 as component of SUSE Linux Enterprise Module for Basesystem 15", product_id: "SUSE Linux Enterprise Module for Basesystem 15:kernel-default-devel-4.12.14-25.19.1.aarch64", }, product_reference: "kernel-default-devel-4.12.14-25.19.1.aarch64", relates_to_product_reference: "SUSE Linux Enterprise Module for Basesystem 15", }, { category: "default_component_of", full_product_name: { name: "kernel-default-devel-4.12.14-25.19.1.ppc64le as component of SUSE Linux Enterprise Module for Basesystem 15", product_id: "SUSE Linux Enterprise Module for Basesystem 15:kernel-default-devel-4.12.14-25.19.1.ppc64le", }, product_reference: "kernel-default-devel-4.12.14-25.19.1.ppc64le", relates_to_product_reference: "SUSE Linux Enterprise Module for Basesystem 15", }, { category: "default_component_of", full_product_name: { name: "kernel-default-devel-4.12.14-25.19.1.s390x as component of SUSE Linux Enterprise Module for Basesystem 15", product_id: "SUSE Linux Enterprise Module for Basesystem 15:kernel-default-devel-4.12.14-25.19.1.s390x", }, product_reference: "kernel-default-devel-4.12.14-25.19.1.s390x", relates_to_product_reference: "SUSE Linux Enterprise Module for Basesystem 15", }, { category: "default_component_of", full_product_name: { name: "kernel-default-devel-4.12.14-25.19.1.x86_64 as component of SUSE Linux Enterprise Module for Basesystem 15", product_id: "SUSE Linux Enterprise Module for Basesystem 15:kernel-default-devel-4.12.14-25.19.1.x86_64", }, product_reference: "kernel-default-devel-4.12.14-25.19.1.x86_64", relates_to_product_reference: "SUSE Linux Enterprise Module for Basesystem 15", }, { category: "default_component_of", full_product_name: { name: "kernel-default-man-4.12.14-25.19.1.s390x as component of SUSE Linux Enterprise Module for Basesystem 15", product_id: "SUSE Linux Enterprise Module for Basesystem 15:kernel-default-man-4.12.14-25.19.1.s390x", }, product_reference: "kernel-default-man-4.12.14-25.19.1.s390x", relates_to_product_reference: "SUSE Linux Enterprise Module for Basesystem 15", }, { category: "default_component_of", full_product_name: { name: "kernel-devel-4.12.14-25.19.1.noarch as component of SUSE Linux Enterprise Module for Basesystem 15", product_id: "SUSE Linux Enterprise Module for Basesystem 15:kernel-devel-4.12.14-25.19.1.noarch", }, product_reference: "kernel-devel-4.12.14-25.19.1.noarch", relates_to_product_reference: "SUSE Linux Enterprise Module for Basesystem 15", }, { category: "default_component_of", full_product_name: { name: "kernel-macros-4.12.14-25.19.1.noarch as component of SUSE Linux Enterprise Module for Basesystem 15", product_id: "SUSE Linux Enterprise Module for Basesystem 15:kernel-macros-4.12.14-25.19.1.noarch", }, product_reference: "kernel-macros-4.12.14-25.19.1.noarch", relates_to_product_reference: "SUSE Linux Enterprise Module for Basesystem 15", }, { category: "default_component_of", full_product_name: { name: "kernel-zfcpdump-4.12.14-25.19.1.s390x as component of SUSE Linux Enterprise Module for Basesystem 15", product_id: "SUSE Linux Enterprise Module for Basesystem 15:kernel-zfcpdump-4.12.14-25.19.1.s390x", }, product_reference: "kernel-zfcpdump-4.12.14-25.19.1.s390x", relates_to_product_reference: "SUSE Linux Enterprise Module for Basesystem 15", }, { category: "default_component_of", full_product_name: { name: "kernel-docs-4.12.14-25.19.1.noarch as component of SUSE Linux Enterprise Module for Development Tools 15", product_id: "SUSE Linux Enterprise Module for Development Tools 15:kernel-docs-4.12.14-25.19.1.noarch", }, product_reference: "kernel-docs-4.12.14-25.19.1.noarch", relates_to_product_reference: "SUSE Linux Enterprise Module for Development Tools 15", }, { category: "default_component_of", full_product_name: { name: "kernel-obs-build-4.12.14-25.19.1.aarch64 as component of SUSE Linux Enterprise Module for Development Tools 15", product_id: "SUSE Linux Enterprise Module for Development Tools 15:kernel-obs-build-4.12.14-25.19.1.aarch64", }, product_reference: "kernel-obs-build-4.12.14-25.19.1.aarch64", relates_to_product_reference: "SUSE Linux Enterprise Module for Development Tools 15", }, { category: "default_component_of", full_product_name: { name: "kernel-obs-build-4.12.14-25.19.1.ppc64le as component of SUSE Linux Enterprise Module for Development Tools 15", product_id: "SUSE Linux Enterprise Module for Development Tools 15:kernel-obs-build-4.12.14-25.19.1.ppc64le", }, product_reference: "kernel-obs-build-4.12.14-25.19.1.ppc64le", relates_to_product_reference: "SUSE Linux Enterprise Module for Development Tools 15", }, { category: "default_component_of", full_product_name: { name: "kernel-obs-build-4.12.14-25.19.1.s390x as component of SUSE Linux Enterprise Module for Development Tools 15", product_id: "SUSE Linux Enterprise Module for Development Tools 15:kernel-obs-build-4.12.14-25.19.1.s390x", }, product_reference: "kernel-obs-build-4.12.14-25.19.1.s390x", relates_to_product_reference: "SUSE Linux Enterprise Module for Development Tools 15", }, { category: "default_component_of", full_product_name: { name: "kernel-obs-build-4.12.14-25.19.1.x86_64 as component of SUSE Linux Enterprise Module for Development Tools 15", product_id: "SUSE Linux Enterprise Module for Development Tools 15:kernel-obs-build-4.12.14-25.19.1.x86_64", }, product_reference: "kernel-obs-build-4.12.14-25.19.1.x86_64", relates_to_product_reference: "SUSE Linux Enterprise Module for Development Tools 15", }, { category: "default_component_of", full_product_name: { name: "kernel-source-4.12.14-25.19.1.noarch as component of SUSE Linux Enterprise Module for Development Tools 15", product_id: "SUSE Linux Enterprise Module for Development Tools 15:kernel-source-4.12.14-25.19.1.noarch", }, product_reference: "kernel-source-4.12.14-25.19.1.noarch", relates_to_product_reference: "SUSE Linux Enterprise Module for Development Tools 15", }, { category: "default_component_of", full_product_name: { name: "kernel-syms-4.12.14-25.19.1.aarch64 as component of SUSE Linux Enterprise Module for Development Tools 15", product_id: "SUSE Linux Enterprise Module for Development Tools 15:kernel-syms-4.12.14-25.19.1.aarch64", }, product_reference: "kernel-syms-4.12.14-25.19.1.aarch64", relates_to_product_reference: "SUSE Linux Enterprise Module for Development Tools 15", }, { category: "default_component_of", full_product_name: { name: "kernel-syms-4.12.14-25.19.1.ppc64le as component of SUSE Linux Enterprise Module for Development Tools 15", product_id: "SUSE Linux Enterprise Module for Development Tools 15:kernel-syms-4.12.14-25.19.1.ppc64le", }, product_reference: "kernel-syms-4.12.14-25.19.1.ppc64le", relates_to_product_reference: "SUSE Linux Enterprise Module for Development Tools 15", }, { category: "default_component_of", full_product_name: { name: "kernel-syms-4.12.14-25.19.1.s390x as component of SUSE Linux Enterprise Module for Development Tools 15", product_id: "SUSE Linux Enterprise Module for Development Tools 15:kernel-syms-4.12.14-25.19.1.s390x", }, product_reference: "kernel-syms-4.12.14-25.19.1.s390x", relates_to_product_reference: "SUSE Linux Enterprise Module for Development Tools 15", }, { category: "default_component_of", full_product_name: { name: "kernel-syms-4.12.14-25.19.1.x86_64 as component of SUSE Linux Enterprise Module for Development Tools 15", product_id: "SUSE Linux Enterprise Module for Development Tools 15:kernel-syms-4.12.14-25.19.1.x86_64", }, product_reference: "kernel-syms-4.12.14-25.19.1.x86_64", relates_to_product_reference: "SUSE Linux Enterprise Module for Development Tools 15", }, { category: "default_component_of", full_product_name: { name: "kernel-vanilla-base-4.12.14-25.19.1.aarch64 as component of SUSE Linux Enterprise Module for Development Tools 15", product_id: "SUSE Linux Enterprise Module for Development Tools 15:kernel-vanilla-base-4.12.14-25.19.1.aarch64", }, product_reference: "kernel-vanilla-base-4.12.14-25.19.1.aarch64", relates_to_product_reference: "SUSE Linux Enterprise Module for Development Tools 15", }, { category: "default_component_of", full_product_name: { name: "kernel-vanilla-base-4.12.14-25.19.1.ppc64le as component of SUSE Linux Enterprise Module for Development Tools 15", product_id: "SUSE Linux Enterprise Module for Development Tools 15:kernel-vanilla-base-4.12.14-25.19.1.ppc64le", }, product_reference: "kernel-vanilla-base-4.12.14-25.19.1.ppc64le", relates_to_product_reference: "SUSE Linux Enterprise Module for Development Tools 15", }, { category: "default_component_of", full_product_name: { name: "kernel-vanilla-base-4.12.14-25.19.1.s390x as component of SUSE Linux Enterprise Module for Development Tools 15", product_id: "SUSE Linux Enterprise Module for Development Tools 15:kernel-vanilla-base-4.12.14-25.19.1.s390x", }, product_reference: "kernel-vanilla-base-4.12.14-25.19.1.s390x", relates_to_product_reference: "SUSE Linux Enterprise Module for Development Tools 15", }, { category: "default_component_of", full_product_name: { name: "kernel-vanilla-base-4.12.14-25.19.1.x86_64 as component of SUSE Linux Enterprise Module for Development Tools 15", product_id: "SUSE Linux Enterprise Module for Development Tools 15:kernel-vanilla-base-4.12.14-25.19.1.x86_64", }, product_reference: "kernel-vanilla-base-4.12.14-25.19.1.x86_64", relates_to_product_reference: "SUSE Linux Enterprise Module for Development Tools 15", }, { category: "default_component_of", full_product_name: { name: "reiserfs-kmp-default-4.12.14-25.19.1.aarch64 as component of SUSE Linux Enterprise Module for Legacy 15", product_id: "SUSE Linux Enterprise Module for Legacy 15:reiserfs-kmp-default-4.12.14-25.19.1.aarch64", }, product_reference: "reiserfs-kmp-default-4.12.14-25.19.1.aarch64", relates_to_product_reference: "SUSE Linux Enterprise Module for Legacy 15", }, { category: "default_component_of", full_product_name: { name: "reiserfs-kmp-default-4.12.14-25.19.1.ppc64le as component of SUSE Linux Enterprise Module for Legacy 15", product_id: "SUSE Linux Enterprise Module for Legacy 15:reiserfs-kmp-default-4.12.14-25.19.1.ppc64le", }, product_reference: "reiserfs-kmp-default-4.12.14-25.19.1.ppc64le", relates_to_product_reference: "SUSE Linux Enterprise Module for Legacy 15", }, { category: "default_component_of", full_product_name: { name: "reiserfs-kmp-default-4.12.14-25.19.1.s390x as component of SUSE Linux Enterprise Module for Legacy 15", product_id: "SUSE Linux Enterprise Module for Legacy 15:reiserfs-kmp-default-4.12.14-25.19.1.s390x", }, product_reference: "reiserfs-kmp-default-4.12.14-25.19.1.s390x", relates_to_product_reference: "SUSE Linux Enterprise Module for Legacy 15", }, { category: "default_component_of", full_product_name: { name: "reiserfs-kmp-default-4.12.14-25.19.1.x86_64 as component of SUSE Linux Enterprise Module for Legacy 15", product_id: "SUSE Linux Enterprise Module for Legacy 15:reiserfs-kmp-default-4.12.14-25.19.1.x86_64", }, product_reference: "reiserfs-kmp-default-4.12.14-25.19.1.x86_64", relates_to_product_reference: "SUSE Linux Enterprise Module for Legacy 15", }, { category: "default_component_of", full_product_name: { name: "cluster-md-kmp-default-4.12.14-25.19.1.aarch64 as component of SUSE Linux Enterprise High Availability Extension 15", product_id: "SUSE Linux Enterprise High Availability Extension 15:cluster-md-kmp-default-4.12.14-25.19.1.aarch64", }, product_reference: "cluster-md-kmp-default-4.12.14-25.19.1.aarch64", relates_to_product_reference: "SUSE Linux Enterprise High Availability Extension 15", }, { category: "default_component_of", full_product_name: { name: "cluster-md-kmp-default-4.12.14-25.19.1.ppc64le as component of SUSE Linux Enterprise High Availability Extension 15", product_id: "SUSE Linux Enterprise High Availability Extension 15:cluster-md-kmp-default-4.12.14-25.19.1.ppc64le", }, product_reference: "cluster-md-kmp-default-4.12.14-25.19.1.ppc64le", relates_to_product_reference: "SUSE Linux Enterprise High Availability Extension 15", }, { category: "default_component_of", full_product_name: { name: "cluster-md-kmp-default-4.12.14-25.19.1.s390x as component of SUSE Linux Enterprise High Availability Extension 15", product_id: "SUSE Linux Enterprise High Availability Extension 15:cluster-md-kmp-default-4.12.14-25.19.1.s390x", }, product_reference: "cluster-md-kmp-default-4.12.14-25.19.1.s390x", relates_to_product_reference: "SUSE Linux Enterprise High Availability Extension 15", }, { category: "default_component_of", full_product_name: { name: "cluster-md-kmp-default-4.12.14-25.19.1.x86_64 as component of SUSE Linux Enterprise High Availability Extension 15", product_id: "SUSE Linux Enterprise High Availability Extension 15:cluster-md-kmp-default-4.12.14-25.19.1.x86_64", }, product_reference: "cluster-md-kmp-default-4.12.14-25.19.1.x86_64", relates_to_product_reference: "SUSE Linux Enterprise High Availability Extension 15", }, { category: "default_component_of", full_product_name: { name: "dlm-kmp-default-4.12.14-25.19.1.aarch64 as component of SUSE Linux Enterprise High Availability Extension 15", product_id: "SUSE Linux Enterprise High Availability Extension 15:dlm-kmp-default-4.12.14-25.19.1.aarch64", }, product_reference: "dlm-kmp-default-4.12.14-25.19.1.aarch64", relates_to_product_reference: "SUSE Linux Enterprise High Availability Extension 15", }, { category: "default_component_of", full_product_name: { name: "dlm-kmp-default-4.12.14-25.19.1.ppc64le as component of SUSE Linux Enterprise High Availability Extension 15", product_id: "SUSE Linux Enterprise High Availability Extension 15:dlm-kmp-default-4.12.14-25.19.1.ppc64le", }, product_reference: "dlm-kmp-default-4.12.14-25.19.1.ppc64le", relates_to_product_reference: "SUSE Linux Enterprise High Availability Extension 15", }, { category: "default_component_of", full_product_name: { name: "dlm-kmp-default-4.12.14-25.19.1.s390x as component of SUSE Linux Enterprise High Availability Extension 15", product_id: "SUSE Linux Enterprise High Availability Extension 15:dlm-kmp-default-4.12.14-25.19.1.s390x", }, product_reference: "dlm-kmp-default-4.12.14-25.19.1.s390x", relates_to_product_reference: "SUSE Linux Enterprise High Availability Extension 15", }, { category: "default_component_of", full_product_name: { name: "dlm-kmp-default-4.12.14-25.19.1.x86_64 as component of SUSE Linux Enterprise High Availability Extension 15", product_id: "SUSE Linux Enterprise High Availability Extension 15:dlm-kmp-default-4.12.14-25.19.1.x86_64", }, product_reference: "dlm-kmp-default-4.12.14-25.19.1.x86_64", relates_to_product_reference: "SUSE Linux Enterprise High Availability Extension 15", }, { category: "default_component_of", full_product_name: { name: "gfs2-kmp-default-4.12.14-25.19.1.aarch64 as component of SUSE Linux Enterprise High Availability Extension 15", product_id: "SUSE Linux Enterprise High Availability Extension 15:gfs2-kmp-default-4.12.14-25.19.1.aarch64", }, product_reference: "gfs2-kmp-default-4.12.14-25.19.1.aarch64", relates_to_product_reference: "SUSE Linux Enterprise High Availability Extension 15", }, { category: "default_component_of", full_product_name: { name: "gfs2-kmp-default-4.12.14-25.19.1.ppc64le as component of SUSE Linux Enterprise High Availability Extension 15", product_id: "SUSE Linux Enterprise High Availability Extension 15:gfs2-kmp-default-4.12.14-25.19.1.ppc64le", }, product_reference: "gfs2-kmp-default-4.12.14-25.19.1.ppc64le", relates_to_product_reference: "SUSE Linux Enterprise High Availability Extension 15", }, { category: "default_component_of", full_product_name: { name: "gfs2-kmp-default-4.12.14-25.19.1.s390x as component of SUSE Linux Enterprise High Availability Extension 15", product_id: "SUSE Linux Enterprise High Availability Extension 15:gfs2-kmp-default-4.12.14-25.19.1.s390x", }, product_reference: "gfs2-kmp-default-4.12.14-25.19.1.s390x", relates_to_product_reference: "SUSE Linux Enterprise High Availability Extension 15", }, { category: "default_component_of", full_product_name: { name: "gfs2-kmp-default-4.12.14-25.19.1.x86_64 as component of SUSE Linux Enterprise High Availability Extension 15", product_id: "SUSE Linux Enterprise High Availability Extension 15:gfs2-kmp-default-4.12.14-25.19.1.x86_64", }, product_reference: "gfs2-kmp-default-4.12.14-25.19.1.x86_64", relates_to_product_reference: "SUSE Linux Enterprise High Availability Extension 15", }, { category: "default_component_of", full_product_name: { name: "ocfs2-kmp-default-4.12.14-25.19.1.aarch64 as component of SUSE Linux Enterprise High Availability Extension 15", product_id: "SUSE Linux Enterprise High Availability Extension 15:ocfs2-kmp-default-4.12.14-25.19.1.aarch64", }, product_reference: "ocfs2-kmp-default-4.12.14-25.19.1.aarch64", relates_to_product_reference: "SUSE Linux Enterprise High Availability Extension 15", }, { category: "default_component_of", full_product_name: { name: "ocfs2-kmp-default-4.12.14-25.19.1.ppc64le as component of SUSE Linux Enterprise High Availability Extension 15", product_id: "SUSE Linux Enterprise High Availability Extension 15:ocfs2-kmp-default-4.12.14-25.19.1.ppc64le", }, product_reference: "ocfs2-kmp-default-4.12.14-25.19.1.ppc64le", relates_to_product_reference: "SUSE Linux Enterprise High Availability Extension 15", }, { category: "default_component_of", full_product_name: { name: "ocfs2-kmp-default-4.12.14-25.19.1.s390x as component of SUSE Linux Enterprise High Availability Extension 15", product_id: "SUSE Linux Enterprise High Availability Extension 15:ocfs2-kmp-default-4.12.14-25.19.1.s390x", }, product_reference: "ocfs2-kmp-default-4.12.14-25.19.1.s390x", relates_to_product_reference: "SUSE Linux Enterprise High Availability Extension 15", }, { category: "default_component_of", full_product_name: { name: "ocfs2-kmp-default-4.12.14-25.19.1.x86_64 as component of SUSE Linux Enterprise High Availability Extension 15", product_id: "SUSE Linux Enterprise High Availability Extension 15:ocfs2-kmp-default-4.12.14-25.19.1.x86_64", }, product_reference: "ocfs2-kmp-default-4.12.14-25.19.1.x86_64", relates_to_product_reference: "SUSE Linux Enterprise High Availability Extension 15", }, { category: "default_component_of", full_product_name: { name: "kernel-default-extra-4.12.14-25.19.1.x86_64 as component of SUSE Linux Enterprise Workstation Extension 15", product_id: "SUSE Linux Enterprise Workstation Extension 15:kernel-default-extra-4.12.14-25.19.1.x86_64", }, product_reference: "kernel-default-extra-4.12.14-25.19.1.x86_64", relates_to_product_reference: "SUSE Linux Enterprise Workstation Extension 15", }, ], }, vulnerabilities: [ { cve: "CVE-2018-10938", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2018-10938", }, ], notes: [ { category: "general", text: "A flaw was found in the Linux kernel present since v4.0-rc1 and through v4.13-rc4. A crafted network packet sent remotely by an attacker may force the kernel to enter an infinite loop in the cipso_v4_optptr() function in net/ipv4/cipso_ipv4.c leading to a denial-of-service. A certain non-default configuration of LSM (Linux Security Module) and NetLabel should be set up on a system before an attacker could leverage this flaw.", title: "CVE description", }, ], product_status: { recommended: [ "SUSE Linux Enterprise High Availability Extension 15:cluster-md-kmp-default-4.12.14-25.19.1.aarch64", "SUSE Linux Enterprise High Availability Extension 15:cluster-md-kmp-default-4.12.14-25.19.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 15:cluster-md-kmp-default-4.12.14-25.19.1.s390x", "SUSE Linux Enterprise High Availability Extension 15:cluster-md-kmp-default-4.12.14-25.19.1.x86_64", "SUSE Linux Enterprise High Availability Extension 15:dlm-kmp-default-4.12.14-25.19.1.aarch64", "SUSE Linux Enterprise High Availability Extension 15:dlm-kmp-default-4.12.14-25.19.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 15:dlm-kmp-default-4.12.14-25.19.1.s390x", "SUSE Linux Enterprise High Availability Extension 15:dlm-kmp-default-4.12.14-25.19.1.x86_64", "SUSE Linux Enterprise High Availability Extension 15:gfs2-kmp-default-4.12.14-25.19.1.aarch64", "SUSE Linux Enterprise High Availability Extension 15:gfs2-kmp-default-4.12.14-25.19.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 15:gfs2-kmp-default-4.12.14-25.19.1.s390x", "SUSE Linux Enterprise High Availability Extension 15:gfs2-kmp-default-4.12.14-25.19.1.x86_64", "SUSE Linux Enterprise High Availability Extension 15:ocfs2-kmp-default-4.12.14-25.19.1.aarch64", "SUSE Linux Enterprise High Availability Extension 15:ocfs2-kmp-default-4.12.14-25.19.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 15:ocfs2-kmp-default-4.12.14-25.19.1.s390x", "SUSE Linux Enterprise High Availability Extension 15:ocfs2-kmp-default-4.12.14-25.19.1.x86_64", "SUSE Linux Enterprise Module for Basesystem 15:kernel-default-4.12.14-25.19.1.aarch64", "SUSE Linux Enterprise Module for Basesystem 15:kernel-default-4.12.14-25.19.1.ppc64le", "SUSE Linux Enterprise Module for Basesystem 15:kernel-default-4.12.14-25.19.1.s390x", "SUSE Linux Enterprise Module for Basesystem 15:kernel-default-4.12.14-25.19.1.x86_64", "SUSE Linux Enterprise Module for Basesystem 15:kernel-default-devel-4.12.14-25.19.1.aarch64", "SUSE Linux Enterprise Module for Basesystem 15:kernel-default-devel-4.12.14-25.19.1.ppc64le", "SUSE Linux Enterprise Module for Basesystem 15:kernel-default-devel-4.12.14-25.19.1.s390x", "SUSE Linux Enterprise Module for Basesystem 15:kernel-default-devel-4.12.14-25.19.1.x86_64", "SUSE Linux Enterprise Module for Basesystem 15:kernel-default-man-4.12.14-25.19.1.s390x", "SUSE Linux Enterprise Module for Basesystem 15:kernel-devel-4.12.14-25.19.1.noarch", "SUSE Linux Enterprise Module for Basesystem 15:kernel-macros-4.12.14-25.19.1.noarch", "SUSE Linux Enterprise Module for Basesystem 15:kernel-zfcpdump-4.12.14-25.19.1.s390x", "SUSE Linux Enterprise Module for Development Tools 15:kernel-docs-4.12.14-25.19.1.noarch", "SUSE Linux Enterprise Module for Development Tools 15:kernel-obs-build-4.12.14-25.19.1.aarch64", "SUSE Linux Enterprise Module for Development Tools 15:kernel-obs-build-4.12.14-25.19.1.ppc64le", "SUSE Linux Enterprise Module for Development Tools 15:kernel-obs-build-4.12.14-25.19.1.s390x", "SUSE Linux Enterprise Module for Development Tools 15:kernel-obs-build-4.12.14-25.19.1.x86_64", "SUSE Linux Enterprise Module for Development Tools 15:kernel-source-4.12.14-25.19.1.noarch", "SUSE Linux Enterprise Module for Development Tools 15:kernel-syms-4.12.14-25.19.1.aarch64", "SUSE Linux Enterprise Module for Development Tools 15:kernel-syms-4.12.14-25.19.1.ppc64le", "SUSE Linux Enterprise Module for Development Tools 15:kernel-syms-4.12.14-25.19.1.s390x", "SUSE Linux Enterprise Module for Development Tools 15:kernel-syms-4.12.14-25.19.1.x86_64", "SUSE Linux Enterprise Module for Development Tools 15:kernel-vanilla-base-4.12.14-25.19.1.aarch64", "SUSE Linux Enterprise Module for Development Tools 15:kernel-vanilla-base-4.12.14-25.19.1.ppc64le", "SUSE Linux Enterprise Module for Development Tools 15:kernel-vanilla-base-4.12.14-25.19.1.s390x", "SUSE Linux Enterprise Module for Development Tools 15:kernel-vanilla-base-4.12.14-25.19.1.x86_64", "SUSE Linux Enterprise Module for Legacy 15:reiserfs-kmp-default-4.12.14-25.19.1.aarch64", "SUSE Linux Enterprise Module for Legacy 15:reiserfs-kmp-default-4.12.14-25.19.1.ppc64le", "SUSE Linux Enterprise Module for Legacy 15:reiserfs-kmp-default-4.12.14-25.19.1.s390x", "SUSE Linux Enterprise Module for Legacy 15:reiserfs-kmp-default-4.12.14-25.19.1.x86_64", "SUSE Linux Enterprise Workstation Extension 15:kernel-default-extra-4.12.14-25.19.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2018-10938", url: "https://www.suse.com/security/cve/CVE-2018-10938", }, { category: "external", summary: "SUSE Bug 1106016 for CVE-2018-10938", url: "https://bugzilla.suse.com/1106016", }, { category: "external", summary: "SUSE Bug 1106191 for CVE-2018-10938", url: "https://bugzilla.suse.com/1106191", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE Linux Enterprise High Availability Extension 15:cluster-md-kmp-default-4.12.14-25.19.1.aarch64", "SUSE Linux Enterprise High Availability Extension 15:cluster-md-kmp-default-4.12.14-25.19.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 15:cluster-md-kmp-default-4.12.14-25.19.1.s390x", "SUSE Linux Enterprise High Availability Extension 15:cluster-md-kmp-default-4.12.14-25.19.1.x86_64", "SUSE Linux Enterprise High Availability Extension 15:dlm-kmp-default-4.12.14-25.19.1.aarch64", "SUSE Linux Enterprise High Availability Extension 15:dlm-kmp-default-4.12.14-25.19.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 15:dlm-kmp-default-4.12.14-25.19.1.s390x", "SUSE Linux Enterprise High Availability Extension 15:dlm-kmp-default-4.12.14-25.19.1.x86_64", "SUSE Linux Enterprise High Availability Extension 15:gfs2-kmp-default-4.12.14-25.19.1.aarch64", "SUSE Linux Enterprise High Availability Extension 15:gfs2-kmp-default-4.12.14-25.19.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 15:gfs2-kmp-default-4.12.14-25.19.1.s390x", "SUSE Linux Enterprise High Availability Extension 15:gfs2-kmp-default-4.12.14-25.19.1.x86_64", "SUSE Linux Enterprise High Availability Extension 15:ocfs2-kmp-default-4.12.14-25.19.1.aarch64", "SUSE Linux Enterprise High Availability Extension 15:ocfs2-kmp-default-4.12.14-25.19.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 15:ocfs2-kmp-default-4.12.14-25.19.1.s390x", "SUSE Linux Enterprise High Availability Extension 15:ocfs2-kmp-default-4.12.14-25.19.1.x86_64", "SUSE Linux Enterprise Module for Basesystem 15:kernel-default-4.12.14-25.19.1.aarch64", "SUSE Linux Enterprise Module for Basesystem 15:kernel-default-4.12.14-25.19.1.ppc64le", "SUSE Linux Enterprise Module for Basesystem 15:kernel-default-4.12.14-25.19.1.s390x", "SUSE Linux Enterprise Module for Basesystem 15:kernel-default-4.12.14-25.19.1.x86_64", "SUSE Linux Enterprise Module for Basesystem 15:kernel-default-devel-4.12.14-25.19.1.aarch64", "SUSE Linux Enterprise Module for Basesystem 15:kernel-default-devel-4.12.14-25.19.1.ppc64le", "SUSE Linux Enterprise Module for Basesystem 15:kernel-default-devel-4.12.14-25.19.1.s390x", "SUSE Linux Enterprise Module for Basesystem 15:kernel-default-devel-4.12.14-25.19.1.x86_64", "SUSE Linux Enterprise Module for Basesystem 15:kernel-default-man-4.12.14-25.19.1.s390x", "SUSE Linux Enterprise Module for Basesystem 15:kernel-devel-4.12.14-25.19.1.noarch", "SUSE Linux Enterprise Module for Basesystem 15:kernel-macros-4.12.14-25.19.1.noarch", "SUSE Linux Enterprise Module for Basesystem 15:kernel-zfcpdump-4.12.14-25.19.1.s390x", "SUSE Linux Enterprise Module for Development Tools 15:kernel-docs-4.12.14-25.19.1.noarch", "SUSE Linux Enterprise Module for Development Tools 15:kernel-obs-build-4.12.14-25.19.1.aarch64", "SUSE Linux Enterprise Module for Development Tools 15:kernel-obs-build-4.12.14-25.19.1.ppc64le", "SUSE Linux Enterprise Module for Development Tools 15:kernel-obs-build-4.12.14-25.19.1.s390x", "SUSE Linux Enterprise Module for Development Tools 15:kernel-obs-build-4.12.14-25.19.1.x86_64", "SUSE Linux Enterprise Module for Development Tools 15:kernel-source-4.12.14-25.19.1.noarch", "SUSE Linux Enterprise Module for Development Tools 15:kernel-syms-4.12.14-25.19.1.aarch64", "SUSE Linux Enterprise Module for Development Tools 15:kernel-syms-4.12.14-25.19.1.ppc64le", "SUSE Linux Enterprise Module for Development Tools 15:kernel-syms-4.12.14-25.19.1.s390x", "SUSE Linux Enterprise Module for Development Tools 15:kernel-syms-4.12.14-25.19.1.x86_64", "SUSE Linux Enterprise Module for Development Tools 15:kernel-vanilla-base-4.12.14-25.19.1.aarch64", "SUSE Linux Enterprise Module for Development Tools 15:kernel-vanilla-base-4.12.14-25.19.1.ppc64le", "SUSE Linux Enterprise Module for Development Tools 15:kernel-vanilla-base-4.12.14-25.19.1.s390x", "SUSE Linux Enterprise Module for Development Tools 15:kernel-vanilla-base-4.12.14-25.19.1.x86_64", "SUSE Linux Enterprise Module for Legacy 15:reiserfs-kmp-default-4.12.14-25.19.1.aarch64", "SUSE Linux Enterprise Module for Legacy 15:reiserfs-kmp-default-4.12.14-25.19.1.ppc64le", "SUSE Linux Enterprise Module for Legacy 15:reiserfs-kmp-default-4.12.14-25.19.1.s390x", "SUSE Linux Enterprise Module for Legacy 15:reiserfs-kmp-default-4.12.14-25.19.1.x86_64", "SUSE Linux Enterprise Workstation Extension 15:kernel-default-extra-4.12.14-25.19.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 7.5, baseSeverity: "HIGH", vectorString: "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", version: "3.0", }, products: [ "SUSE Linux Enterprise High Availability Extension 15:cluster-md-kmp-default-4.12.14-25.19.1.aarch64", "SUSE Linux Enterprise High Availability Extension 15:cluster-md-kmp-default-4.12.14-25.19.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 15:cluster-md-kmp-default-4.12.14-25.19.1.s390x", "SUSE Linux Enterprise High Availability Extension 15:cluster-md-kmp-default-4.12.14-25.19.1.x86_64", "SUSE Linux Enterprise High Availability Extension 15:dlm-kmp-default-4.12.14-25.19.1.aarch64", "SUSE Linux Enterprise High Availability Extension 15:dlm-kmp-default-4.12.14-25.19.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 15:dlm-kmp-default-4.12.14-25.19.1.s390x", "SUSE Linux Enterprise High Availability Extension 15:dlm-kmp-default-4.12.14-25.19.1.x86_64", "SUSE Linux Enterprise High Availability Extension 15:gfs2-kmp-default-4.12.14-25.19.1.aarch64", "SUSE Linux Enterprise High Availability Extension 15:gfs2-kmp-default-4.12.14-25.19.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 15:gfs2-kmp-default-4.12.14-25.19.1.s390x", "SUSE Linux Enterprise High Availability Extension 15:gfs2-kmp-default-4.12.14-25.19.1.x86_64", "SUSE Linux Enterprise High Availability Extension 15:ocfs2-kmp-default-4.12.14-25.19.1.aarch64", "SUSE Linux Enterprise High Availability Extension 15:ocfs2-kmp-default-4.12.14-25.19.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 15:ocfs2-kmp-default-4.12.14-25.19.1.s390x", "SUSE Linux Enterprise High Availability Extension 15:ocfs2-kmp-default-4.12.14-25.19.1.x86_64", "SUSE Linux Enterprise Module for Basesystem 15:kernel-default-4.12.14-25.19.1.aarch64", "SUSE Linux Enterprise Module for Basesystem 15:kernel-default-4.12.14-25.19.1.ppc64le", "SUSE Linux Enterprise Module for Basesystem 15:kernel-default-4.12.14-25.19.1.s390x", "SUSE Linux Enterprise Module for Basesystem 15:kernel-default-4.12.14-25.19.1.x86_64", "SUSE Linux Enterprise Module for Basesystem 15:kernel-default-devel-4.12.14-25.19.1.aarch64", "SUSE Linux Enterprise Module for Basesystem 15:kernel-default-devel-4.12.14-25.19.1.ppc64le", "SUSE Linux Enterprise Module for Basesystem 15:kernel-default-devel-4.12.14-25.19.1.s390x", "SUSE Linux Enterprise Module for Basesystem 15:kernel-default-devel-4.12.14-25.19.1.x86_64", "SUSE Linux Enterprise Module for Basesystem 15:kernel-default-man-4.12.14-25.19.1.s390x", "SUSE Linux Enterprise Module for Basesystem 15:kernel-devel-4.12.14-25.19.1.noarch", "SUSE Linux Enterprise Module for Basesystem 15:kernel-macros-4.12.14-25.19.1.noarch", "SUSE Linux Enterprise Module for Basesystem 15:kernel-zfcpdump-4.12.14-25.19.1.s390x", "SUSE Linux Enterprise Module for Development Tools 15:kernel-docs-4.12.14-25.19.1.noarch", "SUSE Linux Enterprise Module for Development Tools 15:kernel-obs-build-4.12.14-25.19.1.aarch64", "SUSE Linux Enterprise Module for Development Tools 15:kernel-obs-build-4.12.14-25.19.1.ppc64le", "SUSE Linux Enterprise Module for Development Tools 15:kernel-obs-build-4.12.14-25.19.1.s390x", "SUSE Linux Enterprise Module for Development Tools 15:kernel-obs-build-4.12.14-25.19.1.x86_64", "SUSE Linux Enterprise Module for Development Tools 15:kernel-source-4.12.14-25.19.1.noarch", "SUSE Linux Enterprise Module for Development Tools 15:kernel-syms-4.12.14-25.19.1.aarch64", "SUSE Linux Enterprise Module for Development Tools 15:kernel-syms-4.12.14-25.19.1.ppc64le", "SUSE Linux Enterprise Module for Development Tools 15:kernel-syms-4.12.14-25.19.1.s390x", "SUSE Linux Enterprise Module for Development Tools 15:kernel-syms-4.12.14-25.19.1.x86_64", "SUSE Linux Enterprise Module for Development Tools 15:kernel-vanilla-base-4.12.14-25.19.1.aarch64", "SUSE Linux Enterprise Module for Development Tools 15:kernel-vanilla-base-4.12.14-25.19.1.ppc64le", "SUSE Linux Enterprise Module for Development Tools 15:kernel-vanilla-base-4.12.14-25.19.1.s390x", "SUSE Linux Enterprise Module for Development Tools 15:kernel-vanilla-base-4.12.14-25.19.1.x86_64", "SUSE Linux Enterprise Module for Legacy 15:reiserfs-kmp-default-4.12.14-25.19.1.aarch64", "SUSE Linux Enterprise Module for Legacy 15:reiserfs-kmp-default-4.12.14-25.19.1.ppc64le", "SUSE Linux Enterprise Module for Legacy 15:reiserfs-kmp-default-4.12.14-25.19.1.s390x", "SUSE Linux Enterprise Module for Legacy 15:reiserfs-kmp-default-4.12.14-25.19.1.x86_64", "SUSE Linux Enterprise Workstation Extension 15:kernel-default-extra-4.12.14-25.19.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2018-10-02T14:32:33Z", details: "important", }, ], title: "CVE-2018-10938", }, { cve: "CVE-2018-10940", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2018-10940", }, ], notes: [ { category: "general", text: "The cdrom_ioctl_media_changed function in drivers/cdrom/cdrom.c in the Linux kernel before 4.16.6 allows local attackers to use a incorrect bounds check in the CDROM driver CDROM_MEDIA_CHANGED ioctl to read out kernel memory.", title: "CVE description", }, ], product_status: { recommended: [ "SUSE Linux Enterprise High Availability Extension 15:cluster-md-kmp-default-4.12.14-25.19.1.aarch64", "SUSE Linux Enterprise High Availability Extension 15:cluster-md-kmp-default-4.12.14-25.19.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 15:cluster-md-kmp-default-4.12.14-25.19.1.s390x", "SUSE Linux Enterprise High Availability Extension 15:cluster-md-kmp-default-4.12.14-25.19.1.x86_64", "SUSE Linux Enterprise High Availability Extension 15:dlm-kmp-default-4.12.14-25.19.1.aarch64", "SUSE Linux Enterprise High Availability Extension 15:dlm-kmp-default-4.12.14-25.19.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 15:dlm-kmp-default-4.12.14-25.19.1.s390x", "SUSE Linux Enterprise High Availability Extension 15:dlm-kmp-default-4.12.14-25.19.1.x86_64", "SUSE Linux Enterprise High Availability Extension 15:gfs2-kmp-default-4.12.14-25.19.1.aarch64", "SUSE Linux Enterprise High Availability Extension 15:gfs2-kmp-default-4.12.14-25.19.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 15:gfs2-kmp-default-4.12.14-25.19.1.s390x", "SUSE Linux Enterprise High Availability Extension 15:gfs2-kmp-default-4.12.14-25.19.1.x86_64", "SUSE Linux Enterprise High Availability Extension 15:ocfs2-kmp-default-4.12.14-25.19.1.aarch64", "SUSE Linux Enterprise High Availability Extension 15:ocfs2-kmp-default-4.12.14-25.19.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 15:ocfs2-kmp-default-4.12.14-25.19.1.s390x", "SUSE Linux Enterprise High Availability Extension 15:ocfs2-kmp-default-4.12.14-25.19.1.x86_64", "SUSE Linux Enterprise Module for Basesystem 15:kernel-default-4.12.14-25.19.1.aarch64", "SUSE Linux Enterprise Module for Basesystem 15:kernel-default-4.12.14-25.19.1.ppc64le", "SUSE Linux Enterprise Module for Basesystem 15:kernel-default-4.12.14-25.19.1.s390x", "SUSE Linux Enterprise Module for Basesystem 15:kernel-default-4.12.14-25.19.1.x86_64", "SUSE Linux Enterprise Module for Basesystem 15:kernel-default-devel-4.12.14-25.19.1.aarch64", "SUSE Linux Enterprise Module for Basesystem 15:kernel-default-devel-4.12.14-25.19.1.ppc64le", "SUSE Linux Enterprise Module for Basesystem 15:kernel-default-devel-4.12.14-25.19.1.s390x", "SUSE Linux Enterprise Module for Basesystem 15:kernel-default-devel-4.12.14-25.19.1.x86_64", "SUSE Linux Enterprise Module for Basesystem 15:kernel-default-man-4.12.14-25.19.1.s390x", "SUSE Linux Enterprise Module for Basesystem 15:kernel-devel-4.12.14-25.19.1.noarch", "SUSE Linux Enterprise Module for Basesystem 15:kernel-macros-4.12.14-25.19.1.noarch", "SUSE Linux Enterprise Module for Basesystem 15:kernel-zfcpdump-4.12.14-25.19.1.s390x", "SUSE Linux Enterprise Module for Development Tools 15:kernel-docs-4.12.14-25.19.1.noarch", "SUSE Linux Enterprise Module for Development Tools 15:kernel-obs-build-4.12.14-25.19.1.aarch64", "SUSE Linux Enterprise Module for Development Tools 15:kernel-obs-build-4.12.14-25.19.1.ppc64le", "SUSE Linux Enterprise Module for Development Tools 15:kernel-obs-build-4.12.14-25.19.1.s390x", "SUSE Linux Enterprise Module for Development Tools 15:kernel-obs-build-4.12.14-25.19.1.x86_64", "SUSE Linux Enterprise Module for Development Tools 15:kernel-source-4.12.14-25.19.1.noarch", "SUSE Linux Enterprise Module for Development Tools 15:kernel-syms-4.12.14-25.19.1.aarch64", "SUSE Linux Enterprise Module for Development Tools 15:kernel-syms-4.12.14-25.19.1.ppc64le", "SUSE Linux Enterprise Module for Development Tools 15:kernel-syms-4.12.14-25.19.1.s390x", "SUSE Linux Enterprise Module for Development Tools 15:kernel-syms-4.12.14-25.19.1.x86_64", "SUSE Linux Enterprise Module for Development Tools 15:kernel-vanilla-base-4.12.14-25.19.1.aarch64", "SUSE Linux Enterprise Module for Development Tools 15:kernel-vanilla-base-4.12.14-25.19.1.ppc64le", "SUSE Linux Enterprise Module for Development Tools 15:kernel-vanilla-base-4.12.14-25.19.1.s390x", "SUSE Linux Enterprise Module for Development Tools 15:kernel-vanilla-base-4.12.14-25.19.1.x86_64", "SUSE Linux Enterprise Module for Legacy 15:reiserfs-kmp-default-4.12.14-25.19.1.aarch64", "SUSE Linux Enterprise Module for Legacy 15:reiserfs-kmp-default-4.12.14-25.19.1.ppc64le", "SUSE Linux Enterprise Module for Legacy 15:reiserfs-kmp-default-4.12.14-25.19.1.s390x", "SUSE Linux Enterprise Module for Legacy 15:reiserfs-kmp-default-4.12.14-25.19.1.x86_64", "SUSE Linux Enterprise Workstation Extension 15:kernel-default-extra-4.12.14-25.19.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2018-10940", url: "https://www.suse.com/security/cve/CVE-2018-10940", }, { category: "external", summary: "SUSE Bug 1087082 for CVE-2018-10940", url: "https://bugzilla.suse.com/1087082", }, { category: "external", summary: "SUSE Bug 1092903 for CVE-2018-10940", url: "https://bugzilla.suse.com/1092903", }, { category: "external", summary: "SUSE Bug 1107689 for CVE-2018-10940", url: "https://bugzilla.suse.com/1107689", }, { category: "external", summary: "SUSE Bug 1113751 for CVE-2018-10940", url: "https://bugzilla.suse.com/1113751", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE Linux Enterprise High Availability Extension 15:cluster-md-kmp-default-4.12.14-25.19.1.aarch64", "SUSE Linux Enterprise High Availability Extension 15:cluster-md-kmp-default-4.12.14-25.19.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 15:cluster-md-kmp-default-4.12.14-25.19.1.s390x", "SUSE Linux Enterprise High Availability Extension 15:cluster-md-kmp-default-4.12.14-25.19.1.x86_64", "SUSE Linux Enterprise High Availability Extension 15:dlm-kmp-default-4.12.14-25.19.1.aarch64", "SUSE Linux Enterprise High Availability Extension 15:dlm-kmp-default-4.12.14-25.19.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 15:dlm-kmp-default-4.12.14-25.19.1.s390x", "SUSE Linux Enterprise High Availability Extension 15:dlm-kmp-default-4.12.14-25.19.1.x86_64", "SUSE Linux Enterprise High Availability Extension 15:gfs2-kmp-default-4.12.14-25.19.1.aarch64", "SUSE Linux Enterprise High Availability Extension 15:gfs2-kmp-default-4.12.14-25.19.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 15:gfs2-kmp-default-4.12.14-25.19.1.s390x", "SUSE Linux Enterprise High Availability Extension 15:gfs2-kmp-default-4.12.14-25.19.1.x86_64", "SUSE Linux Enterprise High Availability Extension 15:ocfs2-kmp-default-4.12.14-25.19.1.aarch64", "SUSE Linux Enterprise High Availability Extension 15:ocfs2-kmp-default-4.12.14-25.19.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 15:ocfs2-kmp-default-4.12.14-25.19.1.s390x", "SUSE Linux Enterprise High Availability Extension 15:ocfs2-kmp-default-4.12.14-25.19.1.x86_64", "SUSE Linux Enterprise Module for Basesystem 15:kernel-default-4.12.14-25.19.1.aarch64", "SUSE Linux Enterprise Module for Basesystem 15:kernel-default-4.12.14-25.19.1.ppc64le", "SUSE Linux Enterprise Module for Basesystem 15:kernel-default-4.12.14-25.19.1.s390x", "SUSE Linux Enterprise Module for Basesystem 15:kernel-default-4.12.14-25.19.1.x86_64", "SUSE Linux Enterprise Module for Basesystem 15:kernel-default-devel-4.12.14-25.19.1.aarch64", "SUSE Linux Enterprise Module for Basesystem 15:kernel-default-devel-4.12.14-25.19.1.ppc64le", "SUSE Linux Enterprise Module for Basesystem 15:kernel-default-devel-4.12.14-25.19.1.s390x", "SUSE Linux Enterprise Module for Basesystem 15:kernel-default-devel-4.12.14-25.19.1.x86_64", "SUSE Linux Enterprise Module for Basesystem 15:kernel-default-man-4.12.14-25.19.1.s390x", "SUSE Linux Enterprise Module for Basesystem 15:kernel-devel-4.12.14-25.19.1.noarch", "SUSE Linux Enterprise Module for Basesystem 15:kernel-macros-4.12.14-25.19.1.noarch", "SUSE Linux Enterprise Module for Basesystem 15:kernel-zfcpdump-4.12.14-25.19.1.s390x", "SUSE Linux Enterprise Module for Development Tools 15:kernel-docs-4.12.14-25.19.1.noarch", "SUSE Linux Enterprise Module for Development Tools 15:kernel-obs-build-4.12.14-25.19.1.aarch64", "SUSE Linux Enterprise Module for Development Tools 15:kernel-obs-build-4.12.14-25.19.1.ppc64le", "SUSE Linux Enterprise Module for Development Tools 15:kernel-obs-build-4.12.14-25.19.1.s390x", "SUSE Linux Enterprise Module for Development Tools 15:kernel-obs-build-4.12.14-25.19.1.x86_64", "SUSE Linux Enterprise Module for Development Tools 15:kernel-source-4.12.14-25.19.1.noarch", "SUSE Linux Enterprise Module for Development Tools 15:kernel-syms-4.12.14-25.19.1.aarch64", "SUSE Linux Enterprise Module for Development Tools 15:kernel-syms-4.12.14-25.19.1.ppc64le", "SUSE Linux Enterprise Module for Development Tools 15:kernel-syms-4.12.14-25.19.1.s390x", "SUSE Linux Enterprise Module for Development Tools 15:kernel-syms-4.12.14-25.19.1.x86_64", "SUSE Linux Enterprise Module for Development Tools 15:kernel-vanilla-base-4.12.14-25.19.1.aarch64", "SUSE Linux Enterprise Module for Development Tools 15:kernel-vanilla-base-4.12.14-25.19.1.ppc64le", "SUSE Linux Enterprise Module for Development Tools 15:kernel-vanilla-base-4.12.14-25.19.1.s390x", "SUSE Linux Enterprise Module for Development Tools 15:kernel-vanilla-base-4.12.14-25.19.1.x86_64", "SUSE Linux Enterprise Module for Legacy 15:reiserfs-kmp-default-4.12.14-25.19.1.aarch64", "SUSE Linux Enterprise Module for Legacy 15:reiserfs-kmp-default-4.12.14-25.19.1.ppc64le", "SUSE Linux Enterprise Module for Legacy 15:reiserfs-kmp-default-4.12.14-25.19.1.s390x", "SUSE Linux Enterprise Module for Legacy 15:reiserfs-kmp-default-4.12.14-25.19.1.x86_64", "SUSE Linux Enterprise Workstation Extension 15:kernel-default-extra-4.12.14-25.19.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 6.2, baseSeverity: "MEDIUM", vectorString: "CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N", version: "3.0", }, products: [ "SUSE Linux Enterprise High Availability Extension 15:cluster-md-kmp-default-4.12.14-25.19.1.aarch64", "SUSE Linux Enterprise High Availability Extension 15:cluster-md-kmp-default-4.12.14-25.19.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 15:cluster-md-kmp-default-4.12.14-25.19.1.s390x", "SUSE Linux Enterprise High Availability Extension 15:cluster-md-kmp-default-4.12.14-25.19.1.x86_64", "SUSE Linux Enterprise High Availability Extension 15:dlm-kmp-default-4.12.14-25.19.1.aarch64", "SUSE Linux Enterprise High Availability Extension 15:dlm-kmp-default-4.12.14-25.19.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 15:dlm-kmp-default-4.12.14-25.19.1.s390x", "SUSE Linux Enterprise High Availability Extension 15:dlm-kmp-default-4.12.14-25.19.1.x86_64", "SUSE Linux Enterprise High Availability Extension 15:gfs2-kmp-default-4.12.14-25.19.1.aarch64", "SUSE Linux Enterprise High Availability Extension 15:gfs2-kmp-default-4.12.14-25.19.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 15:gfs2-kmp-default-4.12.14-25.19.1.s390x", "SUSE Linux Enterprise High Availability Extension 15:gfs2-kmp-default-4.12.14-25.19.1.x86_64", "SUSE Linux Enterprise High Availability Extension 15:ocfs2-kmp-default-4.12.14-25.19.1.aarch64", "SUSE Linux Enterprise High Availability Extension 15:ocfs2-kmp-default-4.12.14-25.19.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 15:ocfs2-kmp-default-4.12.14-25.19.1.s390x", "SUSE Linux Enterprise High Availability Extension 15:ocfs2-kmp-default-4.12.14-25.19.1.x86_64", "SUSE Linux Enterprise Module for Basesystem 15:kernel-default-4.12.14-25.19.1.aarch64", "SUSE Linux Enterprise Module for Basesystem 15:kernel-default-4.12.14-25.19.1.ppc64le", "SUSE Linux Enterprise Module for Basesystem 15:kernel-default-4.12.14-25.19.1.s390x", "SUSE Linux Enterprise Module for Basesystem 15:kernel-default-4.12.14-25.19.1.x86_64", "SUSE Linux Enterprise Module for Basesystem 15:kernel-default-devel-4.12.14-25.19.1.aarch64", "SUSE Linux Enterprise Module for Basesystem 15:kernel-default-devel-4.12.14-25.19.1.ppc64le", "SUSE Linux Enterprise Module for Basesystem 15:kernel-default-devel-4.12.14-25.19.1.s390x", "SUSE Linux Enterprise Module for Basesystem 15:kernel-default-devel-4.12.14-25.19.1.x86_64", "SUSE Linux Enterprise Module for Basesystem 15:kernel-default-man-4.12.14-25.19.1.s390x", "SUSE Linux Enterprise Module for Basesystem 15:kernel-devel-4.12.14-25.19.1.noarch", "SUSE Linux Enterprise Module for Basesystem 15:kernel-macros-4.12.14-25.19.1.noarch", "SUSE Linux Enterprise Module for Basesystem 15:kernel-zfcpdump-4.12.14-25.19.1.s390x", "SUSE Linux Enterprise Module for Development Tools 15:kernel-docs-4.12.14-25.19.1.noarch", "SUSE Linux Enterprise Module for Development Tools 15:kernel-obs-build-4.12.14-25.19.1.aarch64", "SUSE Linux Enterprise Module for Development Tools 15:kernel-obs-build-4.12.14-25.19.1.ppc64le", "SUSE Linux Enterprise Module for Development Tools 15:kernel-obs-build-4.12.14-25.19.1.s390x", "SUSE Linux Enterprise Module for Development Tools 15:kernel-obs-build-4.12.14-25.19.1.x86_64", "SUSE Linux Enterprise Module for Development Tools 15:kernel-source-4.12.14-25.19.1.noarch", "SUSE Linux Enterprise Module for Development Tools 15:kernel-syms-4.12.14-25.19.1.aarch64", "SUSE Linux Enterprise Module for Development Tools 15:kernel-syms-4.12.14-25.19.1.ppc64le", "SUSE Linux Enterprise Module for Development Tools 15:kernel-syms-4.12.14-25.19.1.s390x", "SUSE Linux Enterprise Module for Development Tools 15:kernel-syms-4.12.14-25.19.1.x86_64", "SUSE Linux Enterprise Module for Development Tools 15:kernel-vanilla-base-4.12.14-25.19.1.aarch64", "SUSE Linux Enterprise Module for Development Tools 15:kernel-vanilla-base-4.12.14-25.19.1.ppc64le", "SUSE Linux Enterprise Module for Development Tools 15:kernel-vanilla-base-4.12.14-25.19.1.s390x", "SUSE Linux Enterprise Module for Development Tools 15:kernel-vanilla-base-4.12.14-25.19.1.x86_64", "SUSE Linux Enterprise Module for Legacy 15:reiserfs-kmp-default-4.12.14-25.19.1.aarch64", "SUSE Linux Enterprise Module for Legacy 15:reiserfs-kmp-default-4.12.14-25.19.1.ppc64le", "SUSE Linux Enterprise Module for Legacy 15:reiserfs-kmp-default-4.12.14-25.19.1.s390x", "SUSE Linux Enterprise Module for Legacy 15:reiserfs-kmp-default-4.12.14-25.19.1.x86_64", "SUSE Linux Enterprise Workstation Extension 15:kernel-default-extra-4.12.14-25.19.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2018-10-02T14:32:33Z", details: "moderate", }, ], title: "CVE-2018-10940", }, { cve: "CVE-2018-1128", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2018-1128", }, ], notes: [ { category: "general", text: "It was found that cephx authentication protocol did not verify ceph clients correctly and was vulnerable to replay attack. Any attacker having access to ceph cluster network who is able to sniff packets on network can use this vulnerability to authenticate with ceph service and perform actions allowed by ceph service. Ceph branches master, mimic, luminous and jewel are believed to be vulnerable.", title: "CVE description", }, ], product_status: { recommended: [ "SUSE Linux Enterprise High Availability Extension 15:cluster-md-kmp-default-4.12.14-25.19.1.aarch64", "SUSE Linux Enterprise High Availability Extension 15:cluster-md-kmp-default-4.12.14-25.19.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 15:cluster-md-kmp-default-4.12.14-25.19.1.s390x", "SUSE Linux Enterprise High Availability Extension 15:cluster-md-kmp-default-4.12.14-25.19.1.x86_64", "SUSE Linux Enterprise High Availability Extension 15:dlm-kmp-default-4.12.14-25.19.1.aarch64", "SUSE Linux Enterprise High Availability Extension 15:dlm-kmp-default-4.12.14-25.19.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 15:dlm-kmp-default-4.12.14-25.19.1.s390x", "SUSE Linux Enterprise High Availability Extension 15:dlm-kmp-default-4.12.14-25.19.1.x86_64", "SUSE Linux Enterprise High Availability Extension 15:gfs2-kmp-default-4.12.14-25.19.1.aarch64", "SUSE Linux Enterprise High Availability Extension 15:gfs2-kmp-default-4.12.14-25.19.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 15:gfs2-kmp-default-4.12.14-25.19.1.s390x", "SUSE Linux Enterprise High Availability Extension 15:gfs2-kmp-default-4.12.14-25.19.1.x86_64", "SUSE Linux Enterprise High Availability Extension 15:ocfs2-kmp-default-4.12.14-25.19.1.aarch64", "SUSE Linux Enterprise High Availability Extension 15:ocfs2-kmp-default-4.12.14-25.19.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 15:ocfs2-kmp-default-4.12.14-25.19.1.s390x", "SUSE Linux Enterprise High Availability Extension 15:ocfs2-kmp-default-4.12.14-25.19.1.x86_64", "SUSE Linux Enterprise Module for Basesystem 15:kernel-default-4.12.14-25.19.1.aarch64", "SUSE Linux Enterprise Module for Basesystem 15:kernel-default-4.12.14-25.19.1.ppc64le", "SUSE Linux Enterprise Module for Basesystem 15:kernel-default-4.12.14-25.19.1.s390x", "SUSE Linux Enterprise Module for Basesystem 15:kernel-default-4.12.14-25.19.1.x86_64", "SUSE Linux Enterprise Module for Basesystem 15:kernel-default-devel-4.12.14-25.19.1.aarch64", "SUSE Linux Enterprise Module for Basesystem 15:kernel-default-devel-4.12.14-25.19.1.ppc64le", "SUSE Linux Enterprise Module for Basesystem 15:kernel-default-devel-4.12.14-25.19.1.s390x", "SUSE Linux Enterprise Module for Basesystem 15:kernel-default-devel-4.12.14-25.19.1.x86_64", "SUSE Linux Enterprise Module for Basesystem 15:kernel-default-man-4.12.14-25.19.1.s390x", "SUSE Linux Enterprise Module for Basesystem 15:kernel-devel-4.12.14-25.19.1.noarch", "SUSE Linux Enterprise Module for Basesystem 15:kernel-macros-4.12.14-25.19.1.noarch", "SUSE Linux Enterprise Module for Basesystem 15:kernel-zfcpdump-4.12.14-25.19.1.s390x", "SUSE Linux Enterprise Module for Development Tools 15:kernel-docs-4.12.14-25.19.1.noarch", "SUSE Linux Enterprise Module for Development Tools 15:kernel-obs-build-4.12.14-25.19.1.aarch64", "SUSE Linux Enterprise Module for Development Tools 15:kernel-obs-build-4.12.14-25.19.1.ppc64le", "SUSE Linux Enterprise Module for Development Tools 15:kernel-obs-build-4.12.14-25.19.1.s390x", "SUSE Linux Enterprise Module for Development Tools 15:kernel-obs-build-4.12.14-25.19.1.x86_64", "SUSE Linux Enterprise Module for Development Tools 15:kernel-source-4.12.14-25.19.1.noarch", "SUSE Linux Enterprise Module for Development Tools 15:kernel-syms-4.12.14-25.19.1.aarch64", "SUSE Linux Enterprise Module for Development Tools 15:kernel-syms-4.12.14-25.19.1.ppc64le", "SUSE Linux Enterprise Module for Development Tools 15:kernel-syms-4.12.14-25.19.1.s390x", "SUSE Linux Enterprise Module for Development Tools 15:kernel-syms-4.12.14-25.19.1.x86_64", "SUSE Linux Enterprise Module for Development Tools 15:kernel-vanilla-base-4.12.14-25.19.1.aarch64", "SUSE Linux Enterprise Module for Development Tools 15:kernel-vanilla-base-4.12.14-25.19.1.ppc64le", "SUSE Linux Enterprise Module for Development Tools 15:kernel-vanilla-base-4.12.14-25.19.1.s390x", "SUSE Linux Enterprise Module for Development Tools 15:kernel-vanilla-base-4.12.14-25.19.1.x86_64", "SUSE Linux Enterprise Module for Legacy 15:reiserfs-kmp-default-4.12.14-25.19.1.aarch64", "SUSE Linux Enterprise Module for Legacy 15:reiserfs-kmp-default-4.12.14-25.19.1.ppc64le", "SUSE Linux Enterprise Module for Legacy 15:reiserfs-kmp-default-4.12.14-25.19.1.s390x", "SUSE Linux Enterprise Module for Legacy 15:reiserfs-kmp-default-4.12.14-25.19.1.x86_64", "SUSE Linux Enterprise Workstation Extension 15:kernel-default-extra-4.12.14-25.19.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2018-1128", url: "https://www.suse.com/security/cve/CVE-2018-1128", }, { category: "external", summary: "SUSE Bug 1096748 for CVE-2018-1128", url: "https://bugzilla.suse.com/1096748", }, { category: "external", summary: "SUSE Bug 1114710 for CVE-2018-1128", url: "https://bugzilla.suse.com/1114710", }, { category: "external", summary: "SUSE Bug 1177843 for CVE-2018-1128", url: "https://bugzilla.suse.com/1177843", }, { category: "external", summary: "SUSE Bug 1177859 for CVE-2018-1128", url: "https://bugzilla.suse.com/1177859", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE Linux Enterprise High Availability Extension 15:cluster-md-kmp-default-4.12.14-25.19.1.aarch64", "SUSE Linux Enterprise High Availability Extension 15:cluster-md-kmp-default-4.12.14-25.19.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 15:cluster-md-kmp-default-4.12.14-25.19.1.s390x", "SUSE Linux Enterprise High Availability Extension 15:cluster-md-kmp-default-4.12.14-25.19.1.x86_64", "SUSE Linux Enterprise High Availability Extension 15:dlm-kmp-default-4.12.14-25.19.1.aarch64", "SUSE Linux Enterprise High Availability Extension 15:dlm-kmp-default-4.12.14-25.19.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 15:dlm-kmp-default-4.12.14-25.19.1.s390x", "SUSE Linux Enterprise High Availability Extension 15:dlm-kmp-default-4.12.14-25.19.1.x86_64", "SUSE Linux Enterprise High Availability Extension 15:gfs2-kmp-default-4.12.14-25.19.1.aarch64", "SUSE Linux Enterprise High Availability Extension 15:gfs2-kmp-default-4.12.14-25.19.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 15:gfs2-kmp-default-4.12.14-25.19.1.s390x", "SUSE Linux Enterprise High Availability Extension 15:gfs2-kmp-default-4.12.14-25.19.1.x86_64", "SUSE Linux Enterprise High Availability Extension 15:ocfs2-kmp-default-4.12.14-25.19.1.aarch64", "SUSE Linux Enterprise High Availability Extension 15:ocfs2-kmp-default-4.12.14-25.19.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 15:ocfs2-kmp-default-4.12.14-25.19.1.s390x", "SUSE Linux Enterprise High Availability Extension 15:ocfs2-kmp-default-4.12.14-25.19.1.x86_64", "SUSE Linux Enterprise Module for Basesystem 15:kernel-default-4.12.14-25.19.1.aarch64", "SUSE Linux Enterprise Module for Basesystem 15:kernel-default-4.12.14-25.19.1.ppc64le", "SUSE Linux Enterprise Module for Basesystem 15:kernel-default-4.12.14-25.19.1.s390x", "SUSE Linux Enterprise Module for Basesystem 15:kernel-default-4.12.14-25.19.1.x86_64", "SUSE Linux Enterprise Module for Basesystem 15:kernel-default-devel-4.12.14-25.19.1.aarch64", "SUSE Linux Enterprise Module for Basesystem 15:kernel-default-devel-4.12.14-25.19.1.ppc64le", "SUSE Linux Enterprise Module for Basesystem 15:kernel-default-devel-4.12.14-25.19.1.s390x", "SUSE Linux Enterprise Module for Basesystem 15:kernel-default-devel-4.12.14-25.19.1.x86_64", "SUSE Linux Enterprise Module for Basesystem 15:kernel-default-man-4.12.14-25.19.1.s390x", "SUSE Linux Enterprise Module for Basesystem 15:kernel-devel-4.12.14-25.19.1.noarch", "SUSE Linux Enterprise Module for Basesystem 15:kernel-macros-4.12.14-25.19.1.noarch", "SUSE Linux Enterprise Module for Basesystem 15:kernel-zfcpdump-4.12.14-25.19.1.s390x", "SUSE Linux Enterprise Module for Development Tools 15:kernel-docs-4.12.14-25.19.1.noarch", "SUSE Linux Enterprise Module for Development Tools 15:kernel-obs-build-4.12.14-25.19.1.aarch64", "SUSE Linux Enterprise Module for Development Tools 15:kernel-obs-build-4.12.14-25.19.1.ppc64le", "SUSE Linux Enterprise Module for Development Tools 15:kernel-obs-build-4.12.14-25.19.1.s390x", "SUSE Linux Enterprise Module for Development Tools 15:kernel-obs-build-4.12.14-25.19.1.x86_64", "SUSE Linux Enterprise Module for Development Tools 15:kernel-source-4.12.14-25.19.1.noarch", "SUSE Linux Enterprise Module for Development Tools 15:kernel-syms-4.12.14-25.19.1.aarch64", "SUSE Linux Enterprise Module for Development Tools 15:kernel-syms-4.12.14-25.19.1.ppc64le", "SUSE Linux Enterprise Module for Development Tools 15:kernel-syms-4.12.14-25.19.1.s390x", "SUSE Linux Enterprise Module for Development Tools 15:kernel-syms-4.12.14-25.19.1.x86_64", "SUSE Linux Enterprise Module for Development Tools 15:kernel-vanilla-base-4.12.14-25.19.1.aarch64", "SUSE Linux Enterprise Module for Development Tools 15:kernel-vanilla-base-4.12.14-25.19.1.ppc64le", "SUSE Linux Enterprise Module for Development Tools 15:kernel-vanilla-base-4.12.14-25.19.1.s390x", "SUSE Linux Enterprise Module for Development Tools 15:kernel-vanilla-base-4.12.14-25.19.1.x86_64", "SUSE Linux Enterprise Module for Legacy 15:reiserfs-kmp-default-4.12.14-25.19.1.aarch64", "SUSE Linux Enterprise Module for Legacy 15:reiserfs-kmp-default-4.12.14-25.19.1.ppc64le", "SUSE Linux Enterprise Module for Legacy 15:reiserfs-kmp-default-4.12.14-25.19.1.s390x", "SUSE Linux Enterprise Module for Legacy 15:reiserfs-kmp-default-4.12.14-25.19.1.x86_64", "SUSE Linux Enterprise Workstation Extension 15:kernel-default-extra-4.12.14-25.19.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 8.3, baseSeverity: "HIGH", vectorString: "CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:L", version: "3.0", }, products: [ "SUSE Linux Enterprise High Availability Extension 15:cluster-md-kmp-default-4.12.14-25.19.1.aarch64", "SUSE Linux Enterprise High Availability Extension 15:cluster-md-kmp-default-4.12.14-25.19.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 15:cluster-md-kmp-default-4.12.14-25.19.1.s390x", "SUSE Linux Enterprise High Availability Extension 15:cluster-md-kmp-default-4.12.14-25.19.1.x86_64", "SUSE Linux Enterprise High Availability Extension 15:dlm-kmp-default-4.12.14-25.19.1.aarch64", "SUSE Linux Enterprise High Availability Extension 15:dlm-kmp-default-4.12.14-25.19.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 15:dlm-kmp-default-4.12.14-25.19.1.s390x", "SUSE Linux Enterprise High Availability Extension 15:dlm-kmp-default-4.12.14-25.19.1.x86_64", "SUSE Linux Enterprise High Availability Extension 15:gfs2-kmp-default-4.12.14-25.19.1.aarch64", "SUSE Linux Enterprise High Availability Extension 15:gfs2-kmp-default-4.12.14-25.19.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 15:gfs2-kmp-default-4.12.14-25.19.1.s390x", "SUSE Linux Enterprise High Availability Extension 15:gfs2-kmp-default-4.12.14-25.19.1.x86_64", "SUSE Linux Enterprise High Availability Extension 15:ocfs2-kmp-default-4.12.14-25.19.1.aarch64", "SUSE Linux Enterprise High Availability Extension 15:ocfs2-kmp-default-4.12.14-25.19.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 15:ocfs2-kmp-default-4.12.14-25.19.1.s390x", "SUSE Linux Enterprise High Availability Extension 15:ocfs2-kmp-default-4.12.14-25.19.1.x86_64", "SUSE Linux Enterprise Module for Basesystem 15:kernel-default-4.12.14-25.19.1.aarch64", "SUSE Linux Enterprise Module for Basesystem 15:kernel-default-4.12.14-25.19.1.ppc64le", "SUSE Linux Enterprise Module for Basesystem 15:kernel-default-4.12.14-25.19.1.s390x", "SUSE Linux Enterprise Module for Basesystem 15:kernel-default-4.12.14-25.19.1.x86_64", "SUSE Linux Enterprise Module for Basesystem 15:kernel-default-devel-4.12.14-25.19.1.aarch64", "SUSE Linux Enterprise Module for Basesystem 15:kernel-default-devel-4.12.14-25.19.1.ppc64le", "SUSE Linux Enterprise Module for Basesystem 15:kernel-default-devel-4.12.14-25.19.1.s390x", "SUSE Linux Enterprise Module for Basesystem 15:kernel-default-devel-4.12.14-25.19.1.x86_64", "SUSE Linux Enterprise Module for Basesystem 15:kernel-default-man-4.12.14-25.19.1.s390x", "SUSE Linux Enterprise Module for Basesystem 15:kernel-devel-4.12.14-25.19.1.noarch", "SUSE Linux Enterprise Module for Basesystem 15:kernel-macros-4.12.14-25.19.1.noarch", "SUSE Linux Enterprise Module for Basesystem 15:kernel-zfcpdump-4.12.14-25.19.1.s390x", "SUSE Linux Enterprise Module for Development Tools 15:kernel-docs-4.12.14-25.19.1.noarch", "SUSE Linux Enterprise Module for Development Tools 15:kernel-obs-build-4.12.14-25.19.1.aarch64", "SUSE Linux Enterprise Module for Development Tools 15:kernel-obs-build-4.12.14-25.19.1.ppc64le", "SUSE Linux Enterprise Module for Development Tools 15:kernel-obs-build-4.12.14-25.19.1.s390x", "SUSE Linux Enterprise Module for Development Tools 15:kernel-obs-build-4.12.14-25.19.1.x86_64", "SUSE Linux Enterprise Module for Development Tools 15:kernel-source-4.12.14-25.19.1.noarch", "SUSE Linux Enterprise Module for Development Tools 15:kernel-syms-4.12.14-25.19.1.aarch64", "SUSE Linux Enterprise Module for Development Tools 15:kernel-syms-4.12.14-25.19.1.ppc64le", "SUSE Linux Enterprise Module for Development Tools 15:kernel-syms-4.12.14-25.19.1.s390x", "SUSE Linux Enterprise Module for Development Tools 15:kernel-syms-4.12.14-25.19.1.x86_64", "SUSE Linux Enterprise Module for Development Tools 15:kernel-vanilla-base-4.12.14-25.19.1.aarch64", "SUSE Linux Enterprise Module for Development Tools 15:kernel-vanilla-base-4.12.14-25.19.1.ppc64le", "SUSE Linux Enterprise Module for Development Tools 15:kernel-vanilla-base-4.12.14-25.19.1.s390x", "SUSE Linux Enterprise Module for Development Tools 15:kernel-vanilla-base-4.12.14-25.19.1.x86_64", "SUSE Linux Enterprise Module for Legacy 15:reiserfs-kmp-default-4.12.14-25.19.1.aarch64", "SUSE Linux Enterprise Module for Legacy 15:reiserfs-kmp-default-4.12.14-25.19.1.ppc64le", "SUSE Linux Enterprise Module for Legacy 15:reiserfs-kmp-default-4.12.14-25.19.1.s390x", "SUSE Linux Enterprise Module for Legacy 15:reiserfs-kmp-default-4.12.14-25.19.1.x86_64", "SUSE Linux Enterprise Workstation Extension 15:kernel-default-extra-4.12.14-25.19.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2018-10-02T14:32:33Z", details: "important", }, ], title: "CVE-2018-1128", }, { cve: "CVE-2018-1129", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2018-1129", }, ], notes: [ { category: "general", text: "A flaw was found in the way signature calculation was handled by cephx authentication protocol. An attacker having access to ceph cluster network who is able to alter the message payload was able to bypass signature checks done by cephx protocol. Ceph branches master, mimic, luminous and jewel are believed to be vulnerable.", title: "CVE description", }, ], product_status: { recommended: [ "SUSE Linux Enterprise High Availability Extension 15:cluster-md-kmp-default-4.12.14-25.19.1.aarch64", "SUSE Linux Enterprise High Availability Extension 15:cluster-md-kmp-default-4.12.14-25.19.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 15:cluster-md-kmp-default-4.12.14-25.19.1.s390x", "SUSE Linux Enterprise High Availability Extension 15:cluster-md-kmp-default-4.12.14-25.19.1.x86_64", "SUSE Linux Enterprise High Availability Extension 15:dlm-kmp-default-4.12.14-25.19.1.aarch64", "SUSE Linux Enterprise High Availability Extension 15:dlm-kmp-default-4.12.14-25.19.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 15:dlm-kmp-default-4.12.14-25.19.1.s390x", "SUSE Linux Enterprise High Availability Extension 15:dlm-kmp-default-4.12.14-25.19.1.x86_64", "SUSE Linux Enterprise High Availability Extension 15:gfs2-kmp-default-4.12.14-25.19.1.aarch64", "SUSE Linux Enterprise High Availability Extension 15:gfs2-kmp-default-4.12.14-25.19.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 15:gfs2-kmp-default-4.12.14-25.19.1.s390x", "SUSE Linux Enterprise High Availability Extension 15:gfs2-kmp-default-4.12.14-25.19.1.x86_64", "SUSE Linux Enterprise High Availability Extension 15:ocfs2-kmp-default-4.12.14-25.19.1.aarch64", "SUSE Linux Enterprise High Availability Extension 15:ocfs2-kmp-default-4.12.14-25.19.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 15:ocfs2-kmp-default-4.12.14-25.19.1.s390x", "SUSE Linux Enterprise High Availability Extension 15:ocfs2-kmp-default-4.12.14-25.19.1.x86_64", "SUSE Linux Enterprise Module for Basesystem 15:kernel-default-4.12.14-25.19.1.aarch64", "SUSE Linux Enterprise Module for Basesystem 15:kernel-default-4.12.14-25.19.1.ppc64le", "SUSE Linux Enterprise Module for Basesystem 15:kernel-default-4.12.14-25.19.1.s390x", "SUSE Linux Enterprise Module for Basesystem 15:kernel-default-4.12.14-25.19.1.x86_64", "SUSE Linux Enterprise Module for Basesystem 15:kernel-default-devel-4.12.14-25.19.1.aarch64", "SUSE Linux Enterprise Module for Basesystem 15:kernel-default-devel-4.12.14-25.19.1.ppc64le", "SUSE Linux Enterprise Module for Basesystem 15:kernel-default-devel-4.12.14-25.19.1.s390x", "SUSE Linux Enterprise Module for Basesystem 15:kernel-default-devel-4.12.14-25.19.1.x86_64", "SUSE Linux Enterprise Module for Basesystem 15:kernel-default-man-4.12.14-25.19.1.s390x", "SUSE Linux Enterprise Module for Basesystem 15:kernel-devel-4.12.14-25.19.1.noarch", "SUSE Linux Enterprise Module for Basesystem 15:kernel-macros-4.12.14-25.19.1.noarch", "SUSE Linux Enterprise Module for Basesystem 15:kernel-zfcpdump-4.12.14-25.19.1.s390x", "SUSE Linux Enterprise Module for Development Tools 15:kernel-docs-4.12.14-25.19.1.noarch", "SUSE Linux Enterprise Module for Development Tools 15:kernel-obs-build-4.12.14-25.19.1.aarch64", "SUSE Linux Enterprise Module for Development Tools 15:kernel-obs-build-4.12.14-25.19.1.ppc64le", "SUSE Linux Enterprise Module for Development Tools 15:kernel-obs-build-4.12.14-25.19.1.s390x", "SUSE Linux Enterprise Module for Development Tools 15:kernel-obs-build-4.12.14-25.19.1.x86_64", "SUSE Linux Enterprise Module for Development Tools 15:kernel-source-4.12.14-25.19.1.noarch", "SUSE Linux Enterprise Module for Development Tools 15:kernel-syms-4.12.14-25.19.1.aarch64", "SUSE Linux Enterprise Module for Development Tools 15:kernel-syms-4.12.14-25.19.1.ppc64le", "SUSE Linux Enterprise Module for Development Tools 15:kernel-syms-4.12.14-25.19.1.s390x", "SUSE Linux Enterprise Module for Development Tools 15:kernel-syms-4.12.14-25.19.1.x86_64", "SUSE Linux Enterprise Module for Development Tools 15:kernel-vanilla-base-4.12.14-25.19.1.aarch64", "SUSE Linux Enterprise Module for Development Tools 15:kernel-vanilla-base-4.12.14-25.19.1.ppc64le", "SUSE Linux Enterprise Module for Development Tools 15:kernel-vanilla-base-4.12.14-25.19.1.s390x", "SUSE Linux Enterprise Module for Development Tools 15:kernel-vanilla-base-4.12.14-25.19.1.x86_64", "SUSE Linux Enterprise Module for Legacy 15:reiserfs-kmp-default-4.12.14-25.19.1.aarch64", "SUSE Linux Enterprise Module for Legacy 15:reiserfs-kmp-default-4.12.14-25.19.1.ppc64le", "SUSE Linux Enterprise Module for Legacy 15:reiserfs-kmp-default-4.12.14-25.19.1.s390x", "SUSE Linux Enterprise Module for Legacy 15:reiserfs-kmp-default-4.12.14-25.19.1.x86_64", "SUSE Linux Enterprise Workstation Extension 15:kernel-default-extra-4.12.14-25.19.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2018-1129", url: "https://www.suse.com/security/cve/CVE-2018-1129", }, { category: "external", summary: "SUSE Bug 1096748 for CVE-2018-1129", url: "https://bugzilla.suse.com/1096748", }, { category: "external", summary: "SUSE Bug 1114710 for CVE-2018-1129", url: "https://bugzilla.suse.com/1114710", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE Linux Enterprise High Availability Extension 15:cluster-md-kmp-default-4.12.14-25.19.1.aarch64", "SUSE Linux Enterprise High Availability Extension 15:cluster-md-kmp-default-4.12.14-25.19.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 15:cluster-md-kmp-default-4.12.14-25.19.1.s390x", "SUSE Linux Enterprise High Availability Extension 15:cluster-md-kmp-default-4.12.14-25.19.1.x86_64", "SUSE Linux Enterprise High Availability Extension 15:dlm-kmp-default-4.12.14-25.19.1.aarch64", "SUSE Linux Enterprise High Availability Extension 15:dlm-kmp-default-4.12.14-25.19.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 15:dlm-kmp-default-4.12.14-25.19.1.s390x", "SUSE Linux Enterprise High Availability Extension 15:dlm-kmp-default-4.12.14-25.19.1.x86_64", "SUSE Linux Enterprise High Availability Extension 15:gfs2-kmp-default-4.12.14-25.19.1.aarch64", "SUSE Linux Enterprise High Availability Extension 15:gfs2-kmp-default-4.12.14-25.19.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 15:gfs2-kmp-default-4.12.14-25.19.1.s390x", "SUSE Linux Enterprise High Availability Extension 15:gfs2-kmp-default-4.12.14-25.19.1.x86_64", "SUSE Linux Enterprise High Availability Extension 15:ocfs2-kmp-default-4.12.14-25.19.1.aarch64", "SUSE Linux Enterprise High Availability Extension 15:ocfs2-kmp-default-4.12.14-25.19.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 15:ocfs2-kmp-default-4.12.14-25.19.1.s390x", "SUSE Linux Enterprise High Availability Extension 15:ocfs2-kmp-default-4.12.14-25.19.1.x86_64", "SUSE Linux Enterprise Module for Basesystem 15:kernel-default-4.12.14-25.19.1.aarch64", "SUSE Linux Enterprise Module for Basesystem 15:kernel-default-4.12.14-25.19.1.ppc64le", "SUSE Linux Enterprise Module for Basesystem 15:kernel-default-4.12.14-25.19.1.s390x", "SUSE Linux Enterprise Module for Basesystem 15:kernel-default-4.12.14-25.19.1.x86_64", "SUSE Linux Enterprise Module for Basesystem 15:kernel-default-devel-4.12.14-25.19.1.aarch64", "SUSE Linux Enterprise Module for Basesystem 15:kernel-default-devel-4.12.14-25.19.1.ppc64le", "SUSE Linux Enterprise Module for Basesystem 15:kernel-default-devel-4.12.14-25.19.1.s390x", "SUSE Linux Enterprise Module for Basesystem 15:kernel-default-devel-4.12.14-25.19.1.x86_64", "SUSE Linux Enterprise Module for Basesystem 15:kernel-default-man-4.12.14-25.19.1.s390x", "SUSE Linux Enterprise Module for Basesystem 15:kernel-devel-4.12.14-25.19.1.noarch", "SUSE Linux Enterprise Module for Basesystem 15:kernel-macros-4.12.14-25.19.1.noarch", "SUSE Linux Enterprise Module for Basesystem 15:kernel-zfcpdump-4.12.14-25.19.1.s390x", "SUSE Linux Enterprise Module for Development Tools 15:kernel-docs-4.12.14-25.19.1.noarch", "SUSE Linux Enterprise Module for Development Tools 15:kernel-obs-build-4.12.14-25.19.1.aarch64", "SUSE Linux Enterprise Module for Development Tools 15:kernel-obs-build-4.12.14-25.19.1.ppc64le", "SUSE Linux Enterprise Module for Development Tools 15:kernel-obs-build-4.12.14-25.19.1.s390x", "SUSE Linux Enterprise Module for Development Tools 15:kernel-obs-build-4.12.14-25.19.1.x86_64", "SUSE Linux Enterprise Module for Development Tools 15:kernel-source-4.12.14-25.19.1.noarch", "SUSE Linux Enterprise Module for Development Tools 15:kernel-syms-4.12.14-25.19.1.aarch64", "SUSE Linux Enterprise Module for Development Tools 15:kernel-syms-4.12.14-25.19.1.ppc64le", "SUSE Linux Enterprise Module for Development Tools 15:kernel-syms-4.12.14-25.19.1.s390x", "SUSE Linux Enterprise Module for Development Tools 15:kernel-syms-4.12.14-25.19.1.x86_64", "SUSE Linux Enterprise Module for Development Tools 15:kernel-vanilla-base-4.12.14-25.19.1.aarch64", "SUSE Linux Enterprise Module for Development Tools 15:kernel-vanilla-base-4.12.14-25.19.1.ppc64le", "SUSE Linux Enterprise Module for Development Tools 15:kernel-vanilla-base-4.12.14-25.19.1.s390x", "SUSE Linux Enterprise Module for Development Tools 15:kernel-vanilla-base-4.12.14-25.19.1.x86_64", "SUSE Linux Enterprise Module for Legacy 15:reiserfs-kmp-default-4.12.14-25.19.1.aarch64", "SUSE Linux Enterprise Module for Legacy 15:reiserfs-kmp-default-4.12.14-25.19.1.ppc64le", "SUSE Linux Enterprise Module for Legacy 15:reiserfs-kmp-default-4.12.14-25.19.1.s390x", "SUSE Linux Enterprise Module for Legacy 15:reiserfs-kmp-default-4.12.14-25.19.1.x86_64", "SUSE Linux Enterprise Workstation Extension 15:kernel-default-extra-4.12.14-25.19.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 8.1, baseSeverity: "HIGH", vectorString: "CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N", version: "3.0", }, products: [ "SUSE Linux Enterprise High Availability Extension 15:cluster-md-kmp-default-4.12.14-25.19.1.aarch64", "SUSE Linux Enterprise High Availability Extension 15:cluster-md-kmp-default-4.12.14-25.19.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 15:cluster-md-kmp-default-4.12.14-25.19.1.s390x", "SUSE Linux Enterprise High Availability Extension 15:cluster-md-kmp-default-4.12.14-25.19.1.x86_64", "SUSE Linux Enterprise High Availability Extension 15:dlm-kmp-default-4.12.14-25.19.1.aarch64", "SUSE Linux Enterprise High Availability Extension 15:dlm-kmp-default-4.12.14-25.19.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 15:dlm-kmp-default-4.12.14-25.19.1.s390x", "SUSE Linux Enterprise High Availability Extension 15:dlm-kmp-default-4.12.14-25.19.1.x86_64", "SUSE Linux Enterprise High Availability Extension 15:gfs2-kmp-default-4.12.14-25.19.1.aarch64", "SUSE Linux Enterprise High Availability Extension 15:gfs2-kmp-default-4.12.14-25.19.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 15:gfs2-kmp-default-4.12.14-25.19.1.s390x", "SUSE Linux Enterprise High Availability Extension 15:gfs2-kmp-default-4.12.14-25.19.1.x86_64", "SUSE Linux Enterprise High Availability Extension 15:ocfs2-kmp-default-4.12.14-25.19.1.aarch64", "SUSE Linux Enterprise High Availability Extension 15:ocfs2-kmp-default-4.12.14-25.19.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 15:ocfs2-kmp-default-4.12.14-25.19.1.s390x", "SUSE Linux Enterprise High Availability Extension 15:ocfs2-kmp-default-4.12.14-25.19.1.x86_64", "SUSE Linux Enterprise Module for Basesystem 15:kernel-default-4.12.14-25.19.1.aarch64", "SUSE Linux Enterprise Module for Basesystem 15:kernel-default-4.12.14-25.19.1.ppc64le", "SUSE Linux Enterprise Module for Basesystem 15:kernel-default-4.12.14-25.19.1.s390x", "SUSE Linux Enterprise Module for Basesystem 15:kernel-default-4.12.14-25.19.1.x86_64", "SUSE Linux Enterprise Module for Basesystem 15:kernel-default-devel-4.12.14-25.19.1.aarch64", "SUSE Linux Enterprise Module for Basesystem 15:kernel-default-devel-4.12.14-25.19.1.ppc64le", "SUSE Linux Enterprise Module for Basesystem 15:kernel-default-devel-4.12.14-25.19.1.s390x", "SUSE Linux Enterprise Module for Basesystem 15:kernel-default-devel-4.12.14-25.19.1.x86_64", "SUSE Linux Enterprise Module for Basesystem 15:kernel-default-man-4.12.14-25.19.1.s390x", "SUSE Linux Enterprise Module for Basesystem 15:kernel-devel-4.12.14-25.19.1.noarch", "SUSE Linux Enterprise Module for Basesystem 15:kernel-macros-4.12.14-25.19.1.noarch", "SUSE Linux Enterprise Module for Basesystem 15:kernel-zfcpdump-4.12.14-25.19.1.s390x", "SUSE Linux Enterprise Module for Development Tools 15:kernel-docs-4.12.14-25.19.1.noarch", "SUSE Linux Enterprise Module for Development Tools 15:kernel-obs-build-4.12.14-25.19.1.aarch64", "SUSE Linux Enterprise Module for Development Tools 15:kernel-obs-build-4.12.14-25.19.1.ppc64le", "SUSE Linux Enterprise Module for Development Tools 15:kernel-obs-build-4.12.14-25.19.1.s390x", "SUSE Linux Enterprise Module for Development Tools 15:kernel-obs-build-4.12.14-25.19.1.x86_64", "SUSE Linux Enterprise Module for Development Tools 15:kernel-source-4.12.14-25.19.1.noarch", "SUSE Linux Enterprise Module for Development Tools 15:kernel-syms-4.12.14-25.19.1.aarch64", "SUSE Linux Enterprise Module for Development Tools 15:kernel-syms-4.12.14-25.19.1.ppc64le", "SUSE Linux Enterprise Module for Development Tools 15:kernel-syms-4.12.14-25.19.1.s390x", "SUSE Linux Enterprise Module for Development Tools 15:kernel-syms-4.12.14-25.19.1.x86_64", "SUSE Linux Enterprise Module for Development Tools 15:kernel-vanilla-base-4.12.14-25.19.1.aarch64", "SUSE Linux Enterprise Module for Development Tools 15:kernel-vanilla-base-4.12.14-25.19.1.ppc64le", "SUSE Linux Enterprise Module for Development Tools 15:kernel-vanilla-base-4.12.14-25.19.1.s390x", "SUSE Linux Enterprise Module for Development Tools 15:kernel-vanilla-base-4.12.14-25.19.1.x86_64", "SUSE Linux Enterprise Module for Legacy 15:reiserfs-kmp-default-4.12.14-25.19.1.aarch64", "SUSE Linux Enterprise Module for Legacy 15:reiserfs-kmp-default-4.12.14-25.19.1.ppc64le", "SUSE Linux Enterprise Module for Legacy 15:reiserfs-kmp-default-4.12.14-25.19.1.s390x", "SUSE Linux Enterprise Module for Legacy 15:reiserfs-kmp-default-4.12.14-25.19.1.x86_64", "SUSE Linux Enterprise Workstation Extension 15:kernel-default-extra-4.12.14-25.19.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2018-10-02T14:32:33Z", details: "important", }, ], title: "CVE-2018-1129", }, { cve: "CVE-2018-12896", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2018-12896", }, ], notes: [ { category: "general", text: "An issue was discovered in the Linux kernel through 4.17.3. An Integer Overflow in kernel/time/posix-timers.c in the POSIX timer code is caused by the way the overrun accounting works. Depending on interval and expiry time values, the overrun can be larger than INT_MAX, but the accounting is int based. This basically makes the accounting values, which are visible to user space via timer_getoverrun(2) and siginfo::si_overrun, random. For example, a local user can cause a denial of service (signed integer overflow) via crafted mmap, futex, timer_create, and timer_settime system calls.", title: "CVE description", }, ], product_status: { recommended: [ "SUSE Linux Enterprise High Availability Extension 15:cluster-md-kmp-default-4.12.14-25.19.1.aarch64", "SUSE Linux Enterprise High Availability Extension 15:cluster-md-kmp-default-4.12.14-25.19.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 15:cluster-md-kmp-default-4.12.14-25.19.1.s390x", "SUSE Linux Enterprise High Availability Extension 15:cluster-md-kmp-default-4.12.14-25.19.1.x86_64", "SUSE Linux Enterprise High Availability Extension 15:dlm-kmp-default-4.12.14-25.19.1.aarch64", "SUSE Linux Enterprise High Availability Extension 15:dlm-kmp-default-4.12.14-25.19.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 15:dlm-kmp-default-4.12.14-25.19.1.s390x", "SUSE Linux Enterprise High Availability Extension 15:dlm-kmp-default-4.12.14-25.19.1.x86_64", "SUSE Linux Enterprise High Availability Extension 15:gfs2-kmp-default-4.12.14-25.19.1.aarch64", "SUSE Linux Enterprise High Availability Extension 15:gfs2-kmp-default-4.12.14-25.19.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 15:gfs2-kmp-default-4.12.14-25.19.1.s390x", "SUSE Linux Enterprise High Availability Extension 15:gfs2-kmp-default-4.12.14-25.19.1.x86_64", "SUSE Linux Enterprise High Availability Extension 15:ocfs2-kmp-default-4.12.14-25.19.1.aarch64", "SUSE Linux Enterprise High Availability Extension 15:ocfs2-kmp-default-4.12.14-25.19.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 15:ocfs2-kmp-default-4.12.14-25.19.1.s390x", "SUSE Linux Enterprise High Availability Extension 15:ocfs2-kmp-default-4.12.14-25.19.1.x86_64", "SUSE Linux Enterprise Module for Basesystem 15:kernel-default-4.12.14-25.19.1.aarch64", "SUSE Linux Enterprise Module for Basesystem 15:kernel-default-4.12.14-25.19.1.ppc64le", "SUSE Linux Enterprise Module for Basesystem 15:kernel-default-4.12.14-25.19.1.s390x", "SUSE Linux Enterprise Module for Basesystem 15:kernel-default-4.12.14-25.19.1.x86_64", "SUSE Linux Enterprise Module for Basesystem 15:kernel-default-devel-4.12.14-25.19.1.aarch64", "SUSE Linux Enterprise Module for Basesystem 15:kernel-default-devel-4.12.14-25.19.1.ppc64le", "SUSE Linux Enterprise Module for Basesystem 15:kernel-default-devel-4.12.14-25.19.1.s390x", "SUSE Linux Enterprise Module for Basesystem 15:kernel-default-devel-4.12.14-25.19.1.x86_64", "SUSE Linux Enterprise Module for Basesystem 15:kernel-default-man-4.12.14-25.19.1.s390x", "SUSE Linux Enterprise Module for Basesystem 15:kernel-devel-4.12.14-25.19.1.noarch", "SUSE Linux Enterprise Module for Basesystem 15:kernel-macros-4.12.14-25.19.1.noarch", "SUSE Linux Enterprise Module for Basesystem 15:kernel-zfcpdump-4.12.14-25.19.1.s390x", "SUSE Linux Enterprise Module for Development Tools 15:kernel-docs-4.12.14-25.19.1.noarch", "SUSE Linux Enterprise Module for Development Tools 15:kernel-obs-build-4.12.14-25.19.1.aarch64", "SUSE Linux Enterprise Module for Development Tools 15:kernel-obs-build-4.12.14-25.19.1.ppc64le", "SUSE Linux Enterprise Module for Development Tools 15:kernel-obs-build-4.12.14-25.19.1.s390x", "SUSE Linux Enterprise Module for Development Tools 15:kernel-obs-build-4.12.14-25.19.1.x86_64", "SUSE Linux Enterprise Module for Development Tools 15:kernel-source-4.12.14-25.19.1.noarch", "SUSE Linux Enterprise Module for Development Tools 15:kernel-syms-4.12.14-25.19.1.aarch64", "SUSE Linux Enterprise Module for Development Tools 15:kernel-syms-4.12.14-25.19.1.ppc64le", "SUSE Linux Enterprise Module for Development Tools 15:kernel-syms-4.12.14-25.19.1.s390x", "SUSE Linux Enterprise Module for Development Tools 15:kernel-syms-4.12.14-25.19.1.x86_64", "SUSE Linux Enterprise Module for Development Tools 15:kernel-vanilla-base-4.12.14-25.19.1.aarch64", "SUSE Linux Enterprise Module for Development Tools 15:kernel-vanilla-base-4.12.14-25.19.1.ppc64le", "SUSE Linux Enterprise Module for Development Tools 15:kernel-vanilla-base-4.12.14-25.19.1.s390x", "SUSE Linux Enterprise Module for Development Tools 15:kernel-vanilla-base-4.12.14-25.19.1.x86_64", "SUSE Linux Enterprise Module for Legacy 15:reiserfs-kmp-default-4.12.14-25.19.1.aarch64", "SUSE Linux Enterprise Module for Legacy 15:reiserfs-kmp-default-4.12.14-25.19.1.ppc64le", "SUSE Linux Enterprise Module for Legacy 15:reiserfs-kmp-default-4.12.14-25.19.1.s390x", "SUSE Linux Enterprise Module for Legacy 15:reiserfs-kmp-default-4.12.14-25.19.1.x86_64", "SUSE Linux Enterprise Workstation Extension 15:kernel-default-extra-4.12.14-25.19.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2018-12896", url: "https://www.suse.com/security/cve/CVE-2018-12896", }, { category: "external", summary: "SUSE Bug 1099922 for CVE-2018-12896", url: "https://bugzilla.suse.com/1099922", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE Linux Enterprise High Availability Extension 15:cluster-md-kmp-default-4.12.14-25.19.1.aarch64", "SUSE Linux Enterprise High Availability Extension 15:cluster-md-kmp-default-4.12.14-25.19.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 15:cluster-md-kmp-default-4.12.14-25.19.1.s390x", "SUSE Linux Enterprise High Availability Extension 15:cluster-md-kmp-default-4.12.14-25.19.1.x86_64", "SUSE Linux Enterprise High Availability Extension 15:dlm-kmp-default-4.12.14-25.19.1.aarch64", "SUSE Linux Enterprise High Availability Extension 15:dlm-kmp-default-4.12.14-25.19.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 15:dlm-kmp-default-4.12.14-25.19.1.s390x", "SUSE Linux Enterprise High Availability Extension 15:dlm-kmp-default-4.12.14-25.19.1.x86_64", "SUSE Linux Enterprise High Availability Extension 15:gfs2-kmp-default-4.12.14-25.19.1.aarch64", "SUSE Linux Enterprise High Availability Extension 15:gfs2-kmp-default-4.12.14-25.19.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 15:gfs2-kmp-default-4.12.14-25.19.1.s390x", "SUSE Linux Enterprise High Availability Extension 15:gfs2-kmp-default-4.12.14-25.19.1.x86_64", "SUSE Linux Enterprise High Availability Extension 15:ocfs2-kmp-default-4.12.14-25.19.1.aarch64", "SUSE Linux Enterprise High Availability Extension 15:ocfs2-kmp-default-4.12.14-25.19.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 15:ocfs2-kmp-default-4.12.14-25.19.1.s390x", "SUSE Linux Enterprise High Availability Extension 15:ocfs2-kmp-default-4.12.14-25.19.1.x86_64", "SUSE Linux Enterprise Module for Basesystem 15:kernel-default-4.12.14-25.19.1.aarch64", "SUSE Linux Enterprise Module for Basesystem 15:kernel-default-4.12.14-25.19.1.ppc64le", "SUSE Linux Enterprise Module for Basesystem 15:kernel-default-4.12.14-25.19.1.s390x", "SUSE Linux Enterprise Module for Basesystem 15:kernel-default-4.12.14-25.19.1.x86_64", "SUSE Linux Enterprise Module for Basesystem 15:kernel-default-devel-4.12.14-25.19.1.aarch64", "SUSE Linux Enterprise Module for Basesystem 15:kernel-default-devel-4.12.14-25.19.1.ppc64le", "SUSE Linux Enterprise Module for Basesystem 15:kernel-default-devel-4.12.14-25.19.1.s390x", "SUSE Linux Enterprise Module for Basesystem 15:kernel-default-devel-4.12.14-25.19.1.x86_64", "SUSE Linux Enterprise Module for Basesystem 15:kernel-default-man-4.12.14-25.19.1.s390x", "SUSE Linux Enterprise Module for Basesystem 15:kernel-devel-4.12.14-25.19.1.noarch", "SUSE Linux Enterprise Module for Basesystem 15:kernel-macros-4.12.14-25.19.1.noarch", "SUSE Linux Enterprise Module for Basesystem 15:kernel-zfcpdump-4.12.14-25.19.1.s390x", "SUSE Linux Enterprise Module for Development Tools 15:kernel-docs-4.12.14-25.19.1.noarch", "SUSE Linux Enterprise Module for Development Tools 15:kernel-obs-build-4.12.14-25.19.1.aarch64", "SUSE Linux Enterprise Module for Development Tools 15:kernel-obs-build-4.12.14-25.19.1.ppc64le", "SUSE Linux Enterprise Module for Development Tools 15:kernel-obs-build-4.12.14-25.19.1.s390x", "SUSE Linux Enterprise Module for Development Tools 15:kernel-obs-build-4.12.14-25.19.1.x86_64", "SUSE Linux Enterprise Module for Development Tools 15:kernel-source-4.12.14-25.19.1.noarch", "SUSE Linux Enterprise Module for Development Tools 15:kernel-syms-4.12.14-25.19.1.aarch64", "SUSE Linux Enterprise Module for Development Tools 15:kernel-syms-4.12.14-25.19.1.ppc64le", "SUSE Linux Enterprise Module for Development Tools 15:kernel-syms-4.12.14-25.19.1.s390x", "SUSE Linux Enterprise Module for Development Tools 15:kernel-syms-4.12.14-25.19.1.x86_64", "SUSE Linux Enterprise Module for Development Tools 15:kernel-vanilla-base-4.12.14-25.19.1.aarch64", "SUSE Linux Enterprise Module for Development Tools 15:kernel-vanilla-base-4.12.14-25.19.1.ppc64le", "SUSE Linux Enterprise Module for Development Tools 15:kernel-vanilla-base-4.12.14-25.19.1.s390x", "SUSE Linux Enterprise Module for Development Tools 15:kernel-vanilla-base-4.12.14-25.19.1.x86_64", "SUSE Linux Enterprise Module for Legacy 15:reiserfs-kmp-default-4.12.14-25.19.1.aarch64", "SUSE Linux Enterprise Module for Legacy 15:reiserfs-kmp-default-4.12.14-25.19.1.ppc64le", "SUSE Linux Enterprise Module for Legacy 15:reiserfs-kmp-default-4.12.14-25.19.1.s390x", "SUSE Linux Enterprise Module for Legacy 15:reiserfs-kmp-default-4.12.14-25.19.1.x86_64", "SUSE Linux Enterprise Workstation Extension 15:kernel-default-extra-4.12.14-25.19.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 3.3, baseSeverity: "LOW", vectorString: "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L", version: "3.0", }, products: [ "SUSE Linux Enterprise High Availability Extension 15:cluster-md-kmp-default-4.12.14-25.19.1.aarch64", "SUSE Linux Enterprise High Availability Extension 15:cluster-md-kmp-default-4.12.14-25.19.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 15:cluster-md-kmp-default-4.12.14-25.19.1.s390x", "SUSE Linux Enterprise High Availability Extension 15:cluster-md-kmp-default-4.12.14-25.19.1.x86_64", "SUSE Linux Enterprise High Availability Extension 15:dlm-kmp-default-4.12.14-25.19.1.aarch64", "SUSE Linux Enterprise High Availability Extension 15:dlm-kmp-default-4.12.14-25.19.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 15:dlm-kmp-default-4.12.14-25.19.1.s390x", "SUSE Linux Enterprise High Availability Extension 15:dlm-kmp-default-4.12.14-25.19.1.x86_64", "SUSE Linux Enterprise High Availability Extension 15:gfs2-kmp-default-4.12.14-25.19.1.aarch64", "SUSE Linux Enterprise High Availability Extension 15:gfs2-kmp-default-4.12.14-25.19.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 15:gfs2-kmp-default-4.12.14-25.19.1.s390x", "SUSE Linux Enterprise High Availability Extension 15:gfs2-kmp-default-4.12.14-25.19.1.x86_64", "SUSE Linux Enterprise High Availability Extension 15:ocfs2-kmp-default-4.12.14-25.19.1.aarch64", "SUSE Linux Enterprise High Availability Extension 15:ocfs2-kmp-default-4.12.14-25.19.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 15:ocfs2-kmp-default-4.12.14-25.19.1.s390x", "SUSE Linux Enterprise High Availability Extension 15:ocfs2-kmp-default-4.12.14-25.19.1.x86_64", "SUSE Linux Enterprise Module for Basesystem 15:kernel-default-4.12.14-25.19.1.aarch64", "SUSE Linux Enterprise Module for Basesystem 15:kernel-default-4.12.14-25.19.1.ppc64le", "SUSE Linux Enterprise Module for Basesystem 15:kernel-default-4.12.14-25.19.1.s390x", "SUSE Linux Enterprise Module for Basesystem 15:kernel-default-4.12.14-25.19.1.x86_64", "SUSE Linux Enterprise Module for Basesystem 15:kernel-default-devel-4.12.14-25.19.1.aarch64", "SUSE Linux Enterprise Module for Basesystem 15:kernel-default-devel-4.12.14-25.19.1.ppc64le", "SUSE Linux Enterprise Module for Basesystem 15:kernel-default-devel-4.12.14-25.19.1.s390x", "SUSE Linux Enterprise Module for Basesystem 15:kernel-default-devel-4.12.14-25.19.1.x86_64", "SUSE Linux Enterprise Module for Basesystem 15:kernel-default-man-4.12.14-25.19.1.s390x", "SUSE Linux Enterprise Module for Basesystem 15:kernel-devel-4.12.14-25.19.1.noarch", "SUSE Linux Enterprise Module for Basesystem 15:kernel-macros-4.12.14-25.19.1.noarch", "SUSE Linux Enterprise Module for Basesystem 15:kernel-zfcpdump-4.12.14-25.19.1.s390x", "SUSE Linux Enterprise Module for Development Tools 15:kernel-docs-4.12.14-25.19.1.noarch", "SUSE Linux Enterprise Module for Development Tools 15:kernel-obs-build-4.12.14-25.19.1.aarch64", "SUSE Linux Enterprise Module for Development Tools 15:kernel-obs-build-4.12.14-25.19.1.ppc64le", "SUSE Linux Enterprise Module for Development Tools 15:kernel-obs-build-4.12.14-25.19.1.s390x", "SUSE Linux Enterprise Module for Development Tools 15:kernel-obs-build-4.12.14-25.19.1.x86_64", "SUSE Linux Enterprise Module for Development Tools 15:kernel-source-4.12.14-25.19.1.noarch", "SUSE Linux Enterprise Module for Development Tools 15:kernel-syms-4.12.14-25.19.1.aarch64", "SUSE Linux Enterprise Module for Development Tools 15:kernel-syms-4.12.14-25.19.1.ppc64le", "SUSE Linux Enterprise Module for Development Tools 15:kernel-syms-4.12.14-25.19.1.s390x", "SUSE Linux Enterprise Module for Development Tools 15:kernel-syms-4.12.14-25.19.1.x86_64", "SUSE Linux Enterprise Module for Development Tools 15:kernel-vanilla-base-4.12.14-25.19.1.aarch64", "SUSE Linux Enterprise Module for Development Tools 15:kernel-vanilla-base-4.12.14-25.19.1.ppc64le", "SUSE Linux Enterprise Module for Development Tools 15:kernel-vanilla-base-4.12.14-25.19.1.s390x", "SUSE Linux Enterprise Module for Development Tools 15:kernel-vanilla-base-4.12.14-25.19.1.x86_64", "SUSE Linux Enterprise Module for Legacy 15:reiserfs-kmp-default-4.12.14-25.19.1.aarch64", "SUSE Linux Enterprise Module for Legacy 15:reiserfs-kmp-default-4.12.14-25.19.1.ppc64le", "SUSE Linux Enterprise Module for Legacy 15:reiserfs-kmp-default-4.12.14-25.19.1.s390x", "SUSE Linux Enterprise Module for Legacy 15:reiserfs-kmp-default-4.12.14-25.19.1.x86_64", "SUSE Linux Enterprise Workstation Extension 15:kernel-default-extra-4.12.14-25.19.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2018-10-02T14:32:33Z", details: "low", }, ], title: "CVE-2018-12896", }, { cve: "CVE-2018-13093", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2018-13093", }, ], notes: [ { category: "general", text: "An issue was discovered in fs/xfs/xfs_icache.c in the Linux kernel through 4.17.3. There is a NULL pointer dereference and panic in lookup_slow() on a NULL inode->i_ops pointer when doing pathwalks on a corrupted xfs image. This occurs because of a lack of proper validation that cached inodes are free during allocation.", title: "CVE description", }, ], product_status: { recommended: [ "SUSE Linux Enterprise High Availability Extension 15:cluster-md-kmp-default-4.12.14-25.19.1.aarch64", "SUSE Linux Enterprise High Availability Extension 15:cluster-md-kmp-default-4.12.14-25.19.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 15:cluster-md-kmp-default-4.12.14-25.19.1.s390x", "SUSE Linux Enterprise High Availability Extension 15:cluster-md-kmp-default-4.12.14-25.19.1.x86_64", "SUSE Linux Enterprise High Availability Extension 15:dlm-kmp-default-4.12.14-25.19.1.aarch64", "SUSE Linux Enterprise High Availability Extension 15:dlm-kmp-default-4.12.14-25.19.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 15:dlm-kmp-default-4.12.14-25.19.1.s390x", "SUSE Linux Enterprise High Availability Extension 15:dlm-kmp-default-4.12.14-25.19.1.x86_64", "SUSE Linux Enterprise High Availability Extension 15:gfs2-kmp-default-4.12.14-25.19.1.aarch64", "SUSE Linux Enterprise High Availability Extension 15:gfs2-kmp-default-4.12.14-25.19.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 15:gfs2-kmp-default-4.12.14-25.19.1.s390x", "SUSE Linux Enterprise High Availability Extension 15:gfs2-kmp-default-4.12.14-25.19.1.x86_64", "SUSE Linux Enterprise High Availability Extension 15:ocfs2-kmp-default-4.12.14-25.19.1.aarch64", "SUSE Linux Enterprise High Availability Extension 15:ocfs2-kmp-default-4.12.14-25.19.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 15:ocfs2-kmp-default-4.12.14-25.19.1.s390x", "SUSE Linux Enterprise High Availability Extension 15:ocfs2-kmp-default-4.12.14-25.19.1.x86_64", "SUSE Linux Enterprise Module for Basesystem 15:kernel-default-4.12.14-25.19.1.aarch64", "SUSE Linux Enterprise Module for Basesystem 15:kernel-default-4.12.14-25.19.1.ppc64le", "SUSE Linux Enterprise Module for Basesystem 15:kernel-default-4.12.14-25.19.1.s390x", "SUSE Linux Enterprise Module for Basesystem 15:kernel-default-4.12.14-25.19.1.x86_64", "SUSE Linux Enterprise Module for Basesystem 15:kernel-default-devel-4.12.14-25.19.1.aarch64", "SUSE Linux Enterprise Module for Basesystem 15:kernel-default-devel-4.12.14-25.19.1.ppc64le", "SUSE Linux Enterprise Module for Basesystem 15:kernel-default-devel-4.12.14-25.19.1.s390x", "SUSE Linux Enterprise Module for Basesystem 15:kernel-default-devel-4.12.14-25.19.1.x86_64", "SUSE Linux Enterprise Module for Basesystem 15:kernel-default-man-4.12.14-25.19.1.s390x", "SUSE Linux Enterprise Module for Basesystem 15:kernel-devel-4.12.14-25.19.1.noarch", "SUSE Linux Enterprise Module for Basesystem 15:kernel-macros-4.12.14-25.19.1.noarch", "SUSE Linux Enterprise Module for Basesystem 15:kernel-zfcpdump-4.12.14-25.19.1.s390x", "SUSE Linux Enterprise Module for Development Tools 15:kernel-docs-4.12.14-25.19.1.noarch", "SUSE Linux Enterprise Module for Development Tools 15:kernel-obs-build-4.12.14-25.19.1.aarch64", "SUSE Linux Enterprise Module for Development Tools 15:kernel-obs-build-4.12.14-25.19.1.ppc64le", "SUSE Linux Enterprise Module for Development Tools 15:kernel-obs-build-4.12.14-25.19.1.s390x", "SUSE Linux Enterprise Module for Development Tools 15:kernel-obs-build-4.12.14-25.19.1.x86_64", "SUSE Linux Enterprise Module for Development Tools 15:kernel-source-4.12.14-25.19.1.noarch", "SUSE Linux Enterprise Module for Development Tools 15:kernel-syms-4.12.14-25.19.1.aarch64", "SUSE Linux Enterprise Module for Development Tools 15:kernel-syms-4.12.14-25.19.1.ppc64le", "SUSE Linux Enterprise Module for Development Tools 15:kernel-syms-4.12.14-25.19.1.s390x", "SUSE Linux Enterprise Module for Development Tools 15:kernel-syms-4.12.14-25.19.1.x86_64", "SUSE Linux Enterprise Module for Development Tools 15:kernel-vanilla-base-4.12.14-25.19.1.aarch64", "SUSE Linux Enterprise Module for Development Tools 15:kernel-vanilla-base-4.12.14-25.19.1.ppc64le", "SUSE Linux Enterprise Module for Development Tools 15:kernel-vanilla-base-4.12.14-25.19.1.s390x", "SUSE Linux Enterprise Module for Development Tools 15:kernel-vanilla-base-4.12.14-25.19.1.x86_64", "SUSE Linux Enterprise Module for Legacy 15:reiserfs-kmp-default-4.12.14-25.19.1.aarch64", "SUSE Linux Enterprise Module for Legacy 15:reiserfs-kmp-default-4.12.14-25.19.1.ppc64le", "SUSE Linux Enterprise Module for Legacy 15:reiserfs-kmp-default-4.12.14-25.19.1.s390x", "SUSE Linux Enterprise Module for Legacy 15:reiserfs-kmp-default-4.12.14-25.19.1.x86_64", "SUSE Linux Enterprise Workstation Extension 15:kernel-default-extra-4.12.14-25.19.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2018-13093", url: "https://www.suse.com/security/cve/CVE-2018-13093", }, { category: "external", summary: "SUSE Bug 1100001 for CVE-2018-13093", url: "https://bugzilla.suse.com/1100001", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE Linux Enterprise High Availability Extension 15:cluster-md-kmp-default-4.12.14-25.19.1.aarch64", "SUSE Linux Enterprise High Availability Extension 15:cluster-md-kmp-default-4.12.14-25.19.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 15:cluster-md-kmp-default-4.12.14-25.19.1.s390x", "SUSE Linux Enterprise High Availability Extension 15:cluster-md-kmp-default-4.12.14-25.19.1.x86_64", "SUSE Linux Enterprise High Availability Extension 15:dlm-kmp-default-4.12.14-25.19.1.aarch64", "SUSE Linux Enterprise High Availability Extension 15:dlm-kmp-default-4.12.14-25.19.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 15:dlm-kmp-default-4.12.14-25.19.1.s390x", "SUSE Linux Enterprise High Availability Extension 15:dlm-kmp-default-4.12.14-25.19.1.x86_64", "SUSE Linux Enterprise High Availability Extension 15:gfs2-kmp-default-4.12.14-25.19.1.aarch64", "SUSE Linux Enterprise High Availability Extension 15:gfs2-kmp-default-4.12.14-25.19.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 15:gfs2-kmp-default-4.12.14-25.19.1.s390x", "SUSE Linux Enterprise High Availability Extension 15:gfs2-kmp-default-4.12.14-25.19.1.x86_64", "SUSE Linux Enterprise High Availability Extension 15:ocfs2-kmp-default-4.12.14-25.19.1.aarch64", "SUSE Linux Enterprise High Availability Extension 15:ocfs2-kmp-default-4.12.14-25.19.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 15:ocfs2-kmp-default-4.12.14-25.19.1.s390x", "SUSE Linux Enterprise High Availability Extension 15:ocfs2-kmp-default-4.12.14-25.19.1.x86_64", "SUSE Linux Enterprise Module for Basesystem 15:kernel-default-4.12.14-25.19.1.aarch64", "SUSE Linux Enterprise Module for Basesystem 15:kernel-default-4.12.14-25.19.1.ppc64le", "SUSE Linux Enterprise Module for Basesystem 15:kernel-default-4.12.14-25.19.1.s390x", "SUSE Linux Enterprise Module for Basesystem 15:kernel-default-4.12.14-25.19.1.x86_64", "SUSE Linux Enterprise Module for Basesystem 15:kernel-default-devel-4.12.14-25.19.1.aarch64", "SUSE Linux Enterprise Module for Basesystem 15:kernel-default-devel-4.12.14-25.19.1.ppc64le", "SUSE Linux Enterprise Module for Basesystem 15:kernel-default-devel-4.12.14-25.19.1.s390x", "SUSE Linux Enterprise Module for Basesystem 15:kernel-default-devel-4.12.14-25.19.1.x86_64", "SUSE Linux Enterprise Module for Basesystem 15:kernel-default-man-4.12.14-25.19.1.s390x", "SUSE Linux Enterprise Module for Basesystem 15:kernel-devel-4.12.14-25.19.1.noarch", "SUSE Linux Enterprise Module for Basesystem 15:kernel-macros-4.12.14-25.19.1.noarch", "SUSE Linux Enterprise Module for Basesystem 15:kernel-zfcpdump-4.12.14-25.19.1.s390x", "SUSE Linux Enterprise Module for Development Tools 15:kernel-docs-4.12.14-25.19.1.noarch", "SUSE Linux Enterprise Module for Development Tools 15:kernel-obs-build-4.12.14-25.19.1.aarch64", "SUSE Linux Enterprise Module for Development Tools 15:kernel-obs-build-4.12.14-25.19.1.ppc64le", "SUSE Linux Enterprise Module for Development Tools 15:kernel-obs-build-4.12.14-25.19.1.s390x", "SUSE Linux Enterprise Module for Development Tools 15:kernel-obs-build-4.12.14-25.19.1.x86_64", "SUSE Linux Enterprise Module for Development Tools 15:kernel-source-4.12.14-25.19.1.noarch", "SUSE Linux Enterprise Module for Development Tools 15:kernel-syms-4.12.14-25.19.1.aarch64", "SUSE Linux Enterprise Module for Development Tools 15:kernel-syms-4.12.14-25.19.1.ppc64le", "SUSE Linux Enterprise Module for Development Tools 15:kernel-syms-4.12.14-25.19.1.s390x", "SUSE Linux Enterprise Module for Development Tools 15:kernel-syms-4.12.14-25.19.1.x86_64", "SUSE Linux Enterprise Module for Development Tools 15:kernel-vanilla-base-4.12.14-25.19.1.aarch64", "SUSE Linux Enterprise Module for Development Tools 15:kernel-vanilla-base-4.12.14-25.19.1.ppc64le", "SUSE Linux Enterprise Module for Development Tools 15:kernel-vanilla-base-4.12.14-25.19.1.s390x", "SUSE Linux Enterprise Module for Development Tools 15:kernel-vanilla-base-4.12.14-25.19.1.x86_64", "SUSE Linux Enterprise Module for Legacy 15:reiserfs-kmp-default-4.12.14-25.19.1.aarch64", "SUSE Linux Enterprise Module for Legacy 15:reiserfs-kmp-default-4.12.14-25.19.1.ppc64le", "SUSE Linux Enterprise Module for Legacy 15:reiserfs-kmp-default-4.12.14-25.19.1.s390x", "SUSE Linux Enterprise Module for Legacy 15:reiserfs-kmp-default-4.12.14-25.19.1.x86_64", "SUSE Linux Enterprise Workstation Extension 15:kernel-default-extra-4.12.14-25.19.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 6.1, baseSeverity: "MEDIUM", vectorString: "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:H", version: "3.0", }, products: [ "SUSE Linux Enterprise High Availability Extension 15:cluster-md-kmp-default-4.12.14-25.19.1.aarch64", "SUSE Linux Enterprise High Availability Extension 15:cluster-md-kmp-default-4.12.14-25.19.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 15:cluster-md-kmp-default-4.12.14-25.19.1.s390x", "SUSE Linux Enterprise High Availability Extension 15:cluster-md-kmp-default-4.12.14-25.19.1.x86_64", "SUSE Linux Enterprise High Availability Extension 15:dlm-kmp-default-4.12.14-25.19.1.aarch64", "SUSE Linux Enterprise High Availability Extension 15:dlm-kmp-default-4.12.14-25.19.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 15:dlm-kmp-default-4.12.14-25.19.1.s390x", "SUSE Linux Enterprise High Availability Extension 15:dlm-kmp-default-4.12.14-25.19.1.x86_64", "SUSE Linux Enterprise High Availability Extension 15:gfs2-kmp-default-4.12.14-25.19.1.aarch64", "SUSE Linux Enterprise High Availability Extension 15:gfs2-kmp-default-4.12.14-25.19.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 15:gfs2-kmp-default-4.12.14-25.19.1.s390x", "SUSE Linux Enterprise High Availability Extension 15:gfs2-kmp-default-4.12.14-25.19.1.x86_64", "SUSE Linux Enterprise High Availability Extension 15:ocfs2-kmp-default-4.12.14-25.19.1.aarch64", "SUSE Linux Enterprise High Availability Extension 15:ocfs2-kmp-default-4.12.14-25.19.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 15:ocfs2-kmp-default-4.12.14-25.19.1.s390x", "SUSE Linux Enterprise High Availability Extension 15:ocfs2-kmp-default-4.12.14-25.19.1.x86_64", "SUSE Linux Enterprise Module for Basesystem 15:kernel-default-4.12.14-25.19.1.aarch64", "SUSE Linux Enterprise Module for Basesystem 15:kernel-default-4.12.14-25.19.1.ppc64le", "SUSE Linux Enterprise Module for Basesystem 15:kernel-default-4.12.14-25.19.1.s390x", "SUSE Linux Enterprise Module for Basesystem 15:kernel-default-4.12.14-25.19.1.x86_64", "SUSE Linux Enterprise Module for Basesystem 15:kernel-default-devel-4.12.14-25.19.1.aarch64", "SUSE Linux Enterprise Module for Basesystem 15:kernel-default-devel-4.12.14-25.19.1.ppc64le", "SUSE Linux Enterprise Module for Basesystem 15:kernel-default-devel-4.12.14-25.19.1.s390x", "SUSE Linux Enterprise Module for Basesystem 15:kernel-default-devel-4.12.14-25.19.1.x86_64", "SUSE Linux Enterprise Module for Basesystem 15:kernel-default-man-4.12.14-25.19.1.s390x", "SUSE Linux Enterprise Module for Basesystem 15:kernel-devel-4.12.14-25.19.1.noarch", "SUSE Linux Enterprise Module for Basesystem 15:kernel-macros-4.12.14-25.19.1.noarch", "SUSE Linux Enterprise Module for Basesystem 15:kernel-zfcpdump-4.12.14-25.19.1.s390x", "SUSE Linux Enterprise Module for Development Tools 15:kernel-docs-4.12.14-25.19.1.noarch", "SUSE Linux Enterprise Module for Development Tools 15:kernel-obs-build-4.12.14-25.19.1.aarch64", "SUSE Linux Enterprise Module for Development Tools 15:kernel-obs-build-4.12.14-25.19.1.ppc64le", "SUSE Linux Enterprise Module for Development Tools 15:kernel-obs-build-4.12.14-25.19.1.s390x", "SUSE Linux Enterprise Module for Development Tools 15:kernel-obs-build-4.12.14-25.19.1.x86_64", "SUSE Linux Enterprise Module for Development Tools 15:kernel-source-4.12.14-25.19.1.noarch", "SUSE Linux Enterprise Module for Development Tools 15:kernel-syms-4.12.14-25.19.1.aarch64", "SUSE Linux Enterprise Module for Development Tools 15:kernel-syms-4.12.14-25.19.1.ppc64le", "SUSE Linux Enterprise Module for Development Tools 15:kernel-syms-4.12.14-25.19.1.s390x", "SUSE Linux Enterprise Module for Development Tools 15:kernel-syms-4.12.14-25.19.1.x86_64", "SUSE Linux Enterprise Module for Development Tools 15:kernel-vanilla-base-4.12.14-25.19.1.aarch64", "SUSE Linux Enterprise Module for Development Tools 15:kernel-vanilla-base-4.12.14-25.19.1.ppc64le", "SUSE Linux Enterprise Module for Development Tools 15:kernel-vanilla-base-4.12.14-25.19.1.s390x", "SUSE Linux Enterprise Module for Development Tools 15:kernel-vanilla-base-4.12.14-25.19.1.x86_64", "SUSE Linux Enterprise Module for Legacy 15:reiserfs-kmp-default-4.12.14-25.19.1.aarch64", "SUSE Linux Enterprise Module for Legacy 15:reiserfs-kmp-default-4.12.14-25.19.1.ppc64le", "SUSE Linux Enterprise Module for Legacy 15:reiserfs-kmp-default-4.12.14-25.19.1.s390x", "SUSE Linux Enterprise Module for Legacy 15:reiserfs-kmp-default-4.12.14-25.19.1.x86_64", "SUSE Linux Enterprise Workstation Extension 15:kernel-default-extra-4.12.14-25.19.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2018-10-02T14:32:33Z", details: "moderate", }, ], title: "CVE-2018-13093", }, { cve: "CVE-2018-13094", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2018-13094", }, ], notes: [ { category: "general", text: "An issue was discovered in fs/xfs/libxfs/xfs_attr_leaf.c in the Linux kernel through 4.17.3. An OOPS may occur for a corrupted xfs image after xfs_da_shrink_inode() is called with a NULL bp.", title: "CVE description", }, ], product_status: { recommended: [ "SUSE Linux Enterprise High Availability Extension 15:cluster-md-kmp-default-4.12.14-25.19.1.aarch64", "SUSE Linux Enterprise High Availability Extension 15:cluster-md-kmp-default-4.12.14-25.19.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 15:cluster-md-kmp-default-4.12.14-25.19.1.s390x", "SUSE Linux Enterprise High Availability Extension 15:cluster-md-kmp-default-4.12.14-25.19.1.x86_64", "SUSE Linux Enterprise High Availability Extension 15:dlm-kmp-default-4.12.14-25.19.1.aarch64", "SUSE Linux Enterprise High Availability Extension 15:dlm-kmp-default-4.12.14-25.19.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 15:dlm-kmp-default-4.12.14-25.19.1.s390x", "SUSE Linux Enterprise High Availability Extension 15:dlm-kmp-default-4.12.14-25.19.1.x86_64", "SUSE Linux Enterprise High Availability Extension 15:gfs2-kmp-default-4.12.14-25.19.1.aarch64", "SUSE Linux Enterprise High Availability Extension 15:gfs2-kmp-default-4.12.14-25.19.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 15:gfs2-kmp-default-4.12.14-25.19.1.s390x", "SUSE Linux Enterprise High Availability Extension 15:gfs2-kmp-default-4.12.14-25.19.1.x86_64", "SUSE Linux Enterprise High Availability Extension 15:ocfs2-kmp-default-4.12.14-25.19.1.aarch64", "SUSE Linux Enterprise High Availability Extension 15:ocfs2-kmp-default-4.12.14-25.19.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 15:ocfs2-kmp-default-4.12.14-25.19.1.s390x", "SUSE Linux Enterprise High Availability Extension 15:ocfs2-kmp-default-4.12.14-25.19.1.x86_64", "SUSE Linux Enterprise Module for Basesystem 15:kernel-default-4.12.14-25.19.1.aarch64", "SUSE Linux Enterprise Module for Basesystem 15:kernel-default-4.12.14-25.19.1.ppc64le", "SUSE Linux Enterprise Module for Basesystem 15:kernel-default-4.12.14-25.19.1.s390x", "SUSE Linux Enterprise Module for Basesystem 15:kernel-default-4.12.14-25.19.1.x86_64", "SUSE Linux Enterprise Module for Basesystem 15:kernel-default-devel-4.12.14-25.19.1.aarch64", "SUSE Linux Enterprise Module for Basesystem 15:kernel-default-devel-4.12.14-25.19.1.ppc64le", "SUSE Linux Enterprise Module for Basesystem 15:kernel-default-devel-4.12.14-25.19.1.s390x", "SUSE Linux Enterprise Module for Basesystem 15:kernel-default-devel-4.12.14-25.19.1.x86_64", "SUSE Linux Enterprise Module for Basesystem 15:kernel-default-man-4.12.14-25.19.1.s390x", "SUSE Linux Enterprise Module for Basesystem 15:kernel-devel-4.12.14-25.19.1.noarch", "SUSE Linux Enterprise Module for Basesystem 15:kernel-macros-4.12.14-25.19.1.noarch", "SUSE Linux Enterprise Module for Basesystem 15:kernel-zfcpdump-4.12.14-25.19.1.s390x", "SUSE Linux Enterprise Module for Development Tools 15:kernel-docs-4.12.14-25.19.1.noarch", "SUSE Linux Enterprise Module for Development Tools 15:kernel-obs-build-4.12.14-25.19.1.aarch64", "SUSE Linux Enterprise Module for Development Tools 15:kernel-obs-build-4.12.14-25.19.1.ppc64le", "SUSE Linux Enterprise Module for Development Tools 15:kernel-obs-build-4.12.14-25.19.1.s390x", "SUSE Linux Enterprise Module for Development Tools 15:kernel-obs-build-4.12.14-25.19.1.x86_64", "SUSE Linux Enterprise Module for Development Tools 15:kernel-source-4.12.14-25.19.1.noarch", "SUSE Linux Enterprise Module for Development Tools 15:kernel-syms-4.12.14-25.19.1.aarch64", "SUSE Linux Enterprise Module for Development Tools 15:kernel-syms-4.12.14-25.19.1.ppc64le", "SUSE Linux Enterprise Module for Development Tools 15:kernel-syms-4.12.14-25.19.1.s390x", "SUSE Linux Enterprise Module for Development Tools 15:kernel-syms-4.12.14-25.19.1.x86_64", "SUSE Linux Enterprise Module for Development Tools 15:kernel-vanilla-base-4.12.14-25.19.1.aarch64", "SUSE Linux Enterprise Module for Development Tools 15:kernel-vanilla-base-4.12.14-25.19.1.ppc64le", "SUSE Linux Enterprise Module for Development Tools 15:kernel-vanilla-base-4.12.14-25.19.1.s390x", "SUSE Linux Enterprise Module for Development Tools 15:kernel-vanilla-base-4.12.14-25.19.1.x86_64", "SUSE Linux Enterprise Module for Legacy 15:reiserfs-kmp-default-4.12.14-25.19.1.aarch64", "SUSE Linux Enterprise Module for Legacy 15:reiserfs-kmp-default-4.12.14-25.19.1.ppc64le", "SUSE Linux Enterprise Module for Legacy 15:reiserfs-kmp-default-4.12.14-25.19.1.s390x", "SUSE Linux Enterprise Module for Legacy 15:reiserfs-kmp-default-4.12.14-25.19.1.x86_64", "SUSE Linux Enterprise Workstation Extension 15:kernel-default-extra-4.12.14-25.19.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2018-13094", url: "https://www.suse.com/security/cve/CVE-2018-13094", }, { category: "external", summary: "SUSE Bug 1087082 for CVE-2018-13094", url: "https://bugzilla.suse.com/1087082", }, { category: "external", summary: "SUSE Bug 1100000 for CVE-2018-13094", url: "https://bugzilla.suse.com/1100000", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE Linux Enterprise High Availability Extension 15:cluster-md-kmp-default-4.12.14-25.19.1.aarch64", "SUSE Linux Enterprise High Availability Extension 15:cluster-md-kmp-default-4.12.14-25.19.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 15:cluster-md-kmp-default-4.12.14-25.19.1.s390x", "SUSE Linux Enterprise High Availability Extension 15:cluster-md-kmp-default-4.12.14-25.19.1.x86_64", "SUSE Linux Enterprise High Availability Extension 15:dlm-kmp-default-4.12.14-25.19.1.aarch64", "SUSE Linux Enterprise High Availability Extension 15:dlm-kmp-default-4.12.14-25.19.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 15:dlm-kmp-default-4.12.14-25.19.1.s390x", "SUSE Linux Enterprise High Availability Extension 15:dlm-kmp-default-4.12.14-25.19.1.x86_64", "SUSE Linux Enterprise High Availability Extension 15:gfs2-kmp-default-4.12.14-25.19.1.aarch64", "SUSE Linux Enterprise High Availability Extension 15:gfs2-kmp-default-4.12.14-25.19.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 15:gfs2-kmp-default-4.12.14-25.19.1.s390x", "SUSE Linux Enterprise High Availability Extension 15:gfs2-kmp-default-4.12.14-25.19.1.x86_64", "SUSE Linux Enterprise High Availability Extension 15:ocfs2-kmp-default-4.12.14-25.19.1.aarch64", "SUSE Linux Enterprise High Availability Extension 15:ocfs2-kmp-default-4.12.14-25.19.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 15:ocfs2-kmp-default-4.12.14-25.19.1.s390x", "SUSE Linux Enterprise High Availability Extension 15:ocfs2-kmp-default-4.12.14-25.19.1.x86_64", "SUSE Linux Enterprise Module for Basesystem 15:kernel-default-4.12.14-25.19.1.aarch64", "SUSE Linux Enterprise Module for Basesystem 15:kernel-default-4.12.14-25.19.1.ppc64le", "SUSE Linux Enterprise Module for Basesystem 15:kernel-default-4.12.14-25.19.1.s390x", "SUSE Linux Enterprise Module for Basesystem 15:kernel-default-4.12.14-25.19.1.x86_64", "SUSE Linux Enterprise Module for Basesystem 15:kernel-default-devel-4.12.14-25.19.1.aarch64", "SUSE Linux Enterprise Module for Basesystem 15:kernel-default-devel-4.12.14-25.19.1.ppc64le", "SUSE Linux Enterprise Module for Basesystem 15:kernel-default-devel-4.12.14-25.19.1.s390x", "SUSE Linux Enterprise Module for Basesystem 15:kernel-default-devel-4.12.14-25.19.1.x86_64", "SUSE Linux Enterprise Module for Basesystem 15:kernel-default-man-4.12.14-25.19.1.s390x", "SUSE Linux Enterprise Module for Basesystem 15:kernel-devel-4.12.14-25.19.1.noarch", "SUSE Linux Enterprise Module for Basesystem 15:kernel-macros-4.12.14-25.19.1.noarch", "SUSE Linux Enterprise Module for Basesystem 15:kernel-zfcpdump-4.12.14-25.19.1.s390x", "SUSE Linux Enterprise Module for Development Tools 15:kernel-docs-4.12.14-25.19.1.noarch", "SUSE Linux Enterprise Module for Development Tools 15:kernel-obs-build-4.12.14-25.19.1.aarch64", "SUSE Linux Enterprise Module for Development Tools 15:kernel-obs-build-4.12.14-25.19.1.ppc64le", "SUSE Linux Enterprise Module for Development Tools 15:kernel-obs-build-4.12.14-25.19.1.s390x", "SUSE Linux Enterprise Module for Development Tools 15:kernel-obs-build-4.12.14-25.19.1.x86_64", "SUSE Linux Enterprise Module for Development Tools 15:kernel-source-4.12.14-25.19.1.noarch", "SUSE Linux Enterprise Module for Development Tools 15:kernel-syms-4.12.14-25.19.1.aarch64", "SUSE Linux Enterprise Module for Development Tools 15:kernel-syms-4.12.14-25.19.1.ppc64le", "SUSE Linux Enterprise Module for Development Tools 15:kernel-syms-4.12.14-25.19.1.s390x", "SUSE Linux Enterprise Module for Development Tools 15:kernel-syms-4.12.14-25.19.1.x86_64", "SUSE Linux Enterprise Module for Development Tools 15:kernel-vanilla-base-4.12.14-25.19.1.aarch64", "SUSE Linux Enterprise Module for Development Tools 15:kernel-vanilla-base-4.12.14-25.19.1.ppc64le", "SUSE Linux Enterprise Module for Development Tools 15:kernel-vanilla-base-4.12.14-25.19.1.s390x", "SUSE Linux Enterprise Module for Development Tools 15:kernel-vanilla-base-4.12.14-25.19.1.x86_64", "SUSE Linux Enterprise Module for Legacy 15:reiserfs-kmp-default-4.12.14-25.19.1.aarch64", "SUSE Linux Enterprise Module for Legacy 15:reiserfs-kmp-default-4.12.14-25.19.1.ppc64le", "SUSE Linux Enterprise Module for Legacy 15:reiserfs-kmp-default-4.12.14-25.19.1.s390x", "SUSE Linux Enterprise Module for Legacy 15:reiserfs-kmp-default-4.12.14-25.19.1.x86_64", "SUSE Linux Enterprise Workstation Extension 15:kernel-default-extra-4.12.14-25.19.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 5.5, baseSeverity: "MEDIUM", vectorString: "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H", version: "3.0", }, products: [ "SUSE Linux Enterprise High Availability Extension 15:cluster-md-kmp-default-4.12.14-25.19.1.aarch64", "SUSE Linux Enterprise High Availability Extension 15:cluster-md-kmp-default-4.12.14-25.19.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 15:cluster-md-kmp-default-4.12.14-25.19.1.s390x", "SUSE Linux Enterprise High Availability Extension 15:cluster-md-kmp-default-4.12.14-25.19.1.x86_64", "SUSE Linux Enterprise High Availability Extension 15:dlm-kmp-default-4.12.14-25.19.1.aarch64", "SUSE Linux Enterprise High Availability Extension 15:dlm-kmp-default-4.12.14-25.19.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 15:dlm-kmp-default-4.12.14-25.19.1.s390x", "SUSE Linux Enterprise High Availability Extension 15:dlm-kmp-default-4.12.14-25.19.1.x86_64", "SUSE Linux Enterprise High Availability Extension 15:gfs2-kmp-default-4.12.14-25.19.1.aarch64", "SUSE Linux Enterprise High Availability Extension 15:gfs2-kmp-default-4.12.14-25.19.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 15:gfs2-kmp-default-4.12.14-25.19.1.s390x", "SUSE Linux Enterprise High Availability Extension 15:gfs2-kmp-default-4.12.14-25.19.1.x86_64", "SUSE Linux Enterprise High Availability Extension 15:ocfs2-kmp-default-4.12.14-25.19.1.aarch64", "SUSE Linux Enterprise High Availability Extension 15:ocfs2-kmp-default-4.12.14-25.19.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 15:ocfs2-kmp-default-4.12.14-25.19.1.s390x", "SUSE Linux Enterprise High Availability Extension 15:ocfs2-kmp-default-4.12.14-25.19.1.x86_64", "SUSE Linux Enterprise Module for Basesystem 15:kernel-default-4.12.14-25.19.1.aarch64", "SUSE Linux Enterprise Module for Basesystem 15:kernel-default-4.12.14-25.19.1.ppc64le", "SUSE Linux Enterprise Module for Basesystem 15:kernel-default-4.12.14-25.19.1.s390x", "SUSE Linux Enterprise Module for Basesystem 15:kernel-default-4.12.14-25.19.1.x86_64", "SUSE Linux Enterprise Module for Basesystem 15:kernel-default-devel-4.12.14-25.19.1.aarch64", "SUSE Linux Enterprise Module for Basesystem 15:kernel-default-devel-4.12.14-25.19.1.ppc64le", "SUSE Linux Enterprise Module for Basesystem 15:kernel-default-devel-4.12.14-25.19.1.s390x", "SUSE Linux Enterprise Module for Basesystem 15:kernel-default-devel-4.12.14-25.19.1.x86_64", "SUSE Linux Enterprise Module for Basesystem 15:kernel-default-man-4.12.14-25.19.1.s390x", "SUSE Linux Enterprise Module for Basesystem 15:kernel-devel-4.12.14-25.19.1.noarch", "SUSE Linux Enterprise Module for Basesystem 15:kernel-macros-4.12.14-25.19.1.noarch", "SUSE Linux Enterprise Module for Basesystem 15:kernel-zfcpdump-4.12.14-25.19.1.s390x", "SUSE Linux Enterprise Module for Development Tools 15:kernel-docs-4.12.14-25.19.1.noarch", "SUSE Linux Enterprise Module for Development Tools 15:kernel-obs-build-4.12.14-25.19.1.aarch64", "SUSE Linux Enterprise Module for Development Tools 15:kernel-obs-build-4.12.14-25.19.1.ppc64le", "SUSE Linux Enterprise Module for Development Tools 15:kernel-obs-build-4.12.14-25.19.1.s390x", "SUSE Linux Enterprise Module for Development Tools 15:kernel-obs-build-4.12.14-25.19.1.x86_64", "SUSE Linux Enterprise Module for Development Tools 15:kernel-source-4.12.14-25.19.1.noarch", "SUSE Linux Enterprise Module for Development Tools 15:kernel-syms-4.12.14-25.19.1.aarch64", "SUSE Linux Enterprise Module for Development Tools 15:kernel-syms-4.12.14-25.19.1.ppc64le", "SUSE Linux Enterprise Module for Development Tools 15:kernel-syms-4.12.14-25.19.1.s390x", "SUSE Linux Enterprise Module for Development Tools 15:kernel-syms-4.12.14-25.19.1.x86_64", "SUSE Linux Enterprise Module for Development Tools 15:kernel-vanilla-base-4.12.14-25.19.1.aarch64", "SUSE Linux Enterprise Module for Development Tools 15:kernel-vanilla-base-4.12.14-25.19.1.ppc64le", "SUSE Linux Enterprise Module for Development Tools 15:kernel-vanilla-base-4.12.14-25.19.1.s390x", "SUSE Linux Enterprise Module for Development Tools 15:kernel-vanilla-base-4.12.14-25.19.1.x86_64", "SUSE Linux Enterprise Module for Legacy 15:reiserfs-kmp-default-4.12.14-25.19.1.aarch64", "SUSE Linux Enterprise Module for Legacy 15:reiserfs-kmp-default-4.12.14-25.19.1.ppc64le", "SUSE Linux Enterprise Module for Legacy 15:reiserfs-kmp-default-4.12.14-25.19.1.s390x", "SUSE Linux Enterprise Module for Legacy 15:reiserfs-kmp-default-4.12.14-25.19.1.x86_64", "SUSE Linux Enterprise Workstation Extension 15:kernel-default-extra-4.12.14-25.19.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2018-10-02T14:32:33Z", details: "moderate", }, ], title: "CVE-2018-13094", }, { cve: "CVE-2018-13095", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2018-13095", }, ], notes: [ { category: "general", text: "An issue was discovered in fs/xfs/libxfs/xfs_inode_buf.c in the Linux kernel through 4.17.3. A denial of service (memory corruption and BUG) can occur for a corrupted xfs image upon encountering an inode that is in extent format, but has more extents than fit in the inode fork.", title: "CVE description", }, ], product_status: { recommended: [ "SUSE Linux Enterprise High Availability Extension 15:cluster-md-kmp-default-4.12.14-25.19.1.aarch64", "SUSE Linux Enterprise High Availability Extension 15:cluster-md-kmp-default-4.12.14-25.19.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 15:cluster-md-kmp-default-4.12.14-25.19.1.s390x", "SUSE Linux Enterprise High Availability Extension 15:cluster-md-kmp-default-4.12.14-25.19.1.x86_64", "SUSE Linux Enterprise High Availability Extension 15:dlm-kmp-default-4.12.14-25.19.1.aarch64", "SUSE Linux Enterprise High Availability Extension 15:dlm-kmp-default-4.12.14-25.19.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 15:dlm-kmp-default-4.12.14-25.19.1.s390x", "SUSE Linux Enterprise High Availability Extension 15:dlm-kmp-default-4.12.14-25.19.1.x86_64", "SUSE Linux Enterprise High Availability Extension 15:gfs2-kmp-default-4.12.14-25.19.1.aarch64", "SUSE Linux Enterprise High Availability Extension 15:gfs2-kmp-default-4.12.14-25.19.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 15:gfs2-kmp-default-4.12.14-25.19.1.s390x", "SUSE Linux Enterprise High Availability Extension 15:gfs2-kmp-default-4.12.14-25.19.1.x86_64", "SUSE Linux Enterprise High Availability Extension 15:ocfs2-kmp-default-4.12.14-25.19.1.aarch64", "SUSE Linux Enterprise High Availability Extension 15:ocfs2-kmp-default-4.12.14-25.19.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 15:ocfs2-kmp-default-4.12.14-25.19.1.s390x", "SUSE Linux Enterprise High Availability Extension 15:ocfs2-kmp-default-4.12.14-25.19.1.x86_64", "SUSE Linux Enterprise Module for Basesystem 15:kernel-default-4.12.14-25.19.1.aarch64", "SUSE Linux Enterprise Module for Basesystem 15:kernel-default-4.12.14-25.19.1.ppc64le", "SUSE Linux Enterprise Module for Basesystem 15:kernel-default-4.12.14-25.19.1.s390x", "SUSE Linux Enterprise Module for Basesystem 15:kernel-default-4.12.14-25.19.1.x86_64", "SUSE Linux Enterprise Module for Basesystem 15:kernel-default-devel-4.12.14-25.19.1.aarch64", "SUSE Linux Enterprise Module for Basesystem 15:kernel-default-devel-4.12.14-25.19.1.ppc64le", "SUSE Linux Enterprise Module for Basesystem 15:kernel-default-devel-4.12.14-25.19.1.s390x", "SUSE Linux Enterprise Module for Basesystem 15:kernel-default-devel-4.12.14-25.19.1.x86_64", "SUSE Linux Enterprise Module for Basesystem 15:kernel-default-man-4.12.14-25.19.1.s390x", "SUSE Linux Enterprise Module for Basesystem 15:kernel-devel-4.12.14-25.19.1.noarch", "SUSE Linux Enterprise Module for Basesystem 15:kernel-macros-4.12.14-25.19.1.noarch", "SUSE Linux Enterprise Module for Basesystem 15:kernel-zfcpdump-4.12.14-25.19.1.s390x", "SUSE Linux Enterprise Module for Development Tools 15:kernel-docs-4.12.14-25.19.1.noarch", "SUSE Linux Enterprise Module for Development Tools 15:kernel-obs-build-4.12.14-25.19.1.aarch64", "SUSE Linux Enterprise Module for Development Tools 15:kernel-obs-build-4.12.14-25.19.1.ppc64le", "SUSE Linux Enterprise Module for Development Tools 15:kernel-obs-build-4.12.14-25.19.1.s390x", "SUSE Linux Enterprise Module for Development Tools 15:kernel-obs-build-4.12.14-25.19.1.x86_64", "SUSE Linux Enterprise Module for Development Tools 15:kernel-source-4.12.14-25.19.1.noarch", "SUSE Linux Enterprise Module for Development Tools 15:kernel-syms-4.12.14-25.19.1.aarch64", "SUSE Linux Enterprise Module for Development Tools 15:kernel-syms-4.12.14-25.19.1.ppc64le", "SUSE Linux Enterprise Module for Development Tools 15:kernel-syms-4.12.14-25.19.1.s390x", "SUSE Linux Enterprise Module for Development Tools 15:kernel-syms-4.12.14-25.19.1.x86_64", "SUSE Linux Enterprise Module for Development Tools 15:kernel-vanilla-base-4.12.14-25.19.1.aarch64", "SUSE Linux Enterprise Module for Development Tools 15:kernel-vanilla-base-4.12.14-25.19.1.ppc64le", "SUSE Linux Enterprise Module for Development Tools 15:kernel-vanilla-base-4.12.14-25.19.1.s390x", "SUSE Linux Enterprise Module for Development Tools 15:kernel-vanilla-base-4.12.14-25.19.1.x86_64", "SUSE Linux Enterprise Module for Legacy 15:reiserfs-kmp-default-4.12.14-25.19.1.aarch64", "SUSE Linux Enterprise Module for Legacy 15:reiserfs-kmp-default-4.12.14-25.19.1.ppc64le", "SUSE Linux Enterprise Module for Legacy 15:reiserfs-kmp-default-4.12.14-25.19.1.s390x", "SUSE Linux Enterprise Module for Legacy 15:reiserfs-kmp-default-4.12.14-25.19.1.x86_64", "SUSE Linux Enterprise Workstation Extension 15:kernel-default-extra-4.12.14-25.19.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2018-13095", url: "https://www.suse.com/security/cve/CVE-2018-13095", }, { category: "external", summary: "SUSE Bug 1099999 for CVE-2018-13095", url: "https://bugzilla.suse.com/1099999", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE Linux Enterprise High Availability Extension 15:cluster-md-kmp-default-4.12.14-25.19.1.aarch64", "SUSE Linux Enterprise High Availability Extension 15:cluster-md-kmp-default-4.12.14-25.19.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 15:cluster-md-kmp-default-4.12.14-25.19.1.s390x", "SUSE Linux Enterprise High Availability Extension 15:cluster-md-kmp-default-4.12.14-25.19.1.x86_64", "SUSE Linux Enterprise High Availability Extension 15:dlm-kmp-default-4.12.14-25.19.1.aarch64", "SUSE Linux Enterprise High Availability Extension 15:dlm-kmp-default-4.12.14-25.19.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 15:dlm-kmp-default-4.12.14-25.19.1.s390x", "SUSE Linux Enterprise High Availability Extension 15:dlm-kmp-default-4.12.14-25.19.1.x86_64", "SUSE Linux Enterprise High Availability Extension 15:gfs2-kmp-default-4.12.14-25.19.1.aarch64", "SUSE Linux Enterprise High Availability Extension 15:gfs2-kmp-default-4.12.14-25.19.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 15:gfs2-kmp-default-4.12.14-25.19.1.s390x", "SUSE Linux Enterprise High Availability Extension 15:gfs2-kmp-default-4.12.14-25.19.1.x86_64", "SUSE Linux Enterprise High Availability Extension 15:ocfs2-kmp-default-4.12.14-25.19.1.aarch64", "SUSE Linux Enterprise High Availability Extension 15:ocfs2-kmp-default-4.12.14-25.19.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 15:ocfs2-kmp-default-4.12.14-25.19.1.s390x", "SUSE Linux Enterprise High Availability Extension 15:ocfs2-kmp-default-4.12.14-25.19.1.x86_64", "SUSE Linux Enterprise Module for Basesystem 15:kernel-default-4.12.14-25.19.1.aarch64", "SUSE Linux Enterprise Module for Basesystem 15:kernel-default-4.12.14-25.19.1.ppc64le", "SUSE Linux Enterprise Module for Basesystem 15:kernel-default-4.12.14-25.19.1.s390x", "SUSE Linux Enterprise Module for Basesystem 15:kernel-default-4.12.14-25.19.1.x86_64", "SUSE Linux Enterprise Module for Basesystem 15:kernel-default-devel-4.12.14-25.19.1.aarch64", "SUSE Linux Enterprise Module for Basesystem 15:kernel-default-devel-4.12.14-25.19.1.ppc64le", "SUSE Linux Enterprise Module for Basesystem 15:kernel-default-devel-4.12.14-25.19.1.s390x", "SUSE Linux Enterprise Module for Basesystem 15:kernel-default-devel-4.12.14-25.19.1.x86_64", "SUSE Linux Enterprise Module for Basesystem 15:kernel-default-man-4.12.14-25.19.1.s390x", "SUSE Linux Enterprise Module for Basesystem 15:kernel-devel-4.12.14-25.19.1.noarch", "SUSE Linux Enterprise Module for Basesystem 15:kernel-macros-4.12.14-25.19.1.noarch", "SUSE Linux Enterprise Module for Basesystem 15:kernel-zfcpdump-4.12.14-25.19.1.s390x", "SUSE Linux Enterprise Module for Development Tools 15:kernel-docs-4.12.14-25.19.1.noarch", "SUSE Linux Enterprise Module for Development Tools 15:kernel-obs-build-4.12.14-25.19.1.aarch64", "SUSE Linux Enterprise Module for Development Tools 15:kernel-obs-build-4.12.14-25.19.1.ppc64le", "SUSE Linux Enterprise Module for Development Tools 15:kernel-obs-build-4.12.14-25.19.1.s390x", "SUSE Linux Enterprise Module for Development Tools 15:kernel-obs-build-4.12.14-25.19.1.x86_64", "SUSE Linux Enterprise Module for Development Tools 15:kernel-source-4.12.14-25.19.1.noarch", "SUSE Linux Enterprise Module for Development Tools 15:kernel-syms-4.12.14-25.19.1.aarch64", "SUSE Linux Enterprise Module for Development Tools 15:kernel-syms-4.12.14-25.19.1.ppc64le", "SUSE Linux Enterprise Module for Development Tools 15:kernel-syms-4.12.14-25.19.1.s390x", "SUSE Linux Enterprise Module for Development Tools 15:kernel-syms-4.12.14-25.19.1.x86_64", "SUSE Linux Enterprise Module for Development Tools 15:kernel-vanilla-base-4.12.14-25.19.1.aarch64", "SUSE Linux Enterprise Module for Development Tools 15:kernel-vanilla-base-4.12.14-25.19.1.ppc64le", "SUSE Linux Enterprise Module for Development Tools 15:kernel-vanilla-base-4.12.14-25.19.1.s390x", "SUSE Linux Enterprise Module for Development Tools 15:kernel-vanilla-base-4.12.14-25.19.1.x86_64", "SUSE Linux Enterprise Module for Legacy 15:reiserfs-kmp-default-4.12.14-25.19.1.aarch64", "SUSE Linux Enterprise Module for Legacy 15:reiserfs-kmp-default-4.12.14-25.19.1.ppc64le", "SUSE Linux Enterprise Module for Legacy 15:reiserfs-kmp-default-4.12.14-25.19.1.s390x", "SUSE Linux Enterprise Module for Legacy 15:reiserfs-kmp-default-4.12.14-25.19.1.x86_64", "SUSE Linux Enterprise Workstation Extension 15:kernel-default-extra-4.12.14-25.19.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 6.1, baseSeverity: "MEDIUM", vectorString: "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:H", version: "3.0", }, products: [ "SUSE Linux Enterprise High Availability Extension 15:cluster-md-kmp-default-4.12.14-25.19.1.aarch64", "SUSE Linux Enterprise High Availability Extension 15:cluster-md-kmp-default-4.12.14-25.19.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 15:cluster-md-kmp-default-4.12.14-25.19.1.s390x", "SUSE Linux Enterprise High Availability Extension 15:cluster-md-kmp-default-4.12.14-25.19.1.x86_64", "SUSE Linux Enterprise High Availability Extension 15:dlm-kmp-default-4.12.14-25.19.1.aarch64", "SUSE Linux Enterprise High Availability Extension 15:dlm-kmp-default-4.12.14-25.19.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 15:dlm-kmp-default-4.12.14-25.19.1.s390x", "SUSE Linux Enterprise High Availability Extension 15:dlm-kmp-default-4.12.14-25.19.1.x86_64", "SUSE Linux Enterprise High Availability Extension 15:gfs2-kmp-default-4.12.14-25.19.1.aarch64", "SUSE Linux Enterprise High Availability Extension 15:gfs2-kmp-default-4.12.14-25.19.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 15:gfs2-kmp-default-4.12.14-25.19.1.s390x", "SUSE Linux Enterprise High Availability Extension 15:gfs2-kmp-default-4.12.14-25.19.1.x86_64", "SUSE Linux Enterprise High Availability Extension 15:ocfs2-kmp-default-4.12.14-25.19.1.aarch64", "SUSE Linux Enterprise High Availability Extension 15:ocfs2-kmp-default-4.12.14-25.19.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 15:ocfs2-kmp-default-4.12.14-25.19.1.s390x", "SUSE Linux Enterprise High Availability Extension 15:ocfs2-kmp-default-4.12.14-25.19.1.x86_64", "SUSE Linux Enterprise Module for Basesystem 15:kernel-default-4.12.14-25.19.1.aarch64", "SUSE Linux Enterprise Module for Basesystem 15:kernel-default-4.12.14-25.19.1.ppc64le", "SUSE Linux Enterprise Module for Basesystem 15:kernel-default-4.12.14-25.19.1.s390x", "SUSE Linux Enterprise Module for Basesystem 15:kernel-default-4.12.14-25.19.1.x86_64", "SUSE Linux Enterprise Module for Basesystem 15:kernel-default-devel-4.12.14-25.19.1.aarch64", "SUSE Linux Enterprise Module for Basesystem 15:kernel-default-devel-4.12.14-25.19.1.ppc64le", "SUSE Linux Enterprise Module for Basesystem 15:kernel-default-devel-4.12.14-25.19.1.s390x", "SUSE Linux Enterprise Module for Basesystem 15:kernel-default-devel-4.12.14-25.19.1.x86_64", "SUSE Linux Enterprise Module for Basesystem 15:kernel-default-man-4.12.14-25.19.1.s390x", "SUSE Linux Enterprise Module for Basesystem 15:kernel-devel-4.12.14-25.19.1.noarch", "SUSE Linux Enterprise Module for Basesystem 15:kernel-macros-4.12.14-25.19.1.noarch", "SUSE Linux Enterprise Module for Basesystem 15:kernel-zfcpdump-4.12.14-25.19.1.s390x", "SUSE Linux Enterprise Module for Development Tools 15:kernel-docs-4.12.14-25.19.1.noarch", "SUSE Linux Enterprise Module for Development Tools 15:kernel-obs-build-4.12.14-25.19.1.aarch64", "SUSE Linux Enterprise Module for Development Tools 15:kernel-obs-build-4.12.14-25.19.1.ppc64le", "SUSE Linux Enterprise Module for Development Tools 15:kernel-obs-build-4.12.14-25.19.1.s390x", "SUSE Linux Enterprise Module for Development Tools 15:kernel-obs-build-4.12.14-25.19.1.x86_64", "SUSE Linux Enterprise Module for Development Tools 15:kernel-source-4.12.14-25.19.1.noarch", "SUSE Linux Enterprise Module for Development Tools 15:kernel-syms-4.12.14-25.19.1.aarch64", "SUSE Linux Enterprise Module for Development Tools 15:kernel-syms-4.12.14-25.19.1.ppc64le", "SUSE Linux Enterprise Module for Development Tools 15:kernel-syms-4.12.14-25.19.1.s390x", "SUSE Linux Enterprise Module for Development Tools 15:kernel-syms-4.12.14-25.19.1.x86_64", "SUSE Linux Enterprise Module for Development Tools 15:kernel-vanilla-base-4.12.14-25.19.1.aarch64", "SUSE Linux Enterprise Module for Development Tools 15:kernel-vanilla-base-4.12.14-25.19.1.ppc64le", "SUSE Linux Enterprise Module for Development Tools 15:kernel-vanilla-base-4.12.14-25.19.1.s390x", "SUSE Linux Enterprise Module for Development Tools 15:kernel-vanilla-base-4.12.14-25.19.1.x86_64", "SUSE Linux Enterprise Module for Legacy 15:reiserfs-kmp-default-4.12.14-25.19.1.aarch64", "SUSE Linux Enterprise Module for Legacy 15:reiserfs-kmp-default-4.12.14-25.19.1.ppc64le", "SUSE Linux Enterprise Module for Legacy 15:reiserfs-kmp-default-4.12.14-25.19.1.s390x", "SUSE Linux Enterprise Module for Legacy 15:reiserfs-kmp-default-4.12.14-25.19.1.x86_64", "SUSE Linux Enterprise Workstation Extension 15:kernel-default-extra-4.12.14-25.19.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2018-10-02T14:32:33Z", details: "moderate", }, ], title: "CVE-2018-13095", }, { cve: "CVE-2018-14613", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2018-14613", }, ], notes: [ { category: "general", text: "An issue was discovered in the Linux kernel through 4.17.10. There is an invalid pointer dereference in io_ctl_map_page() when mounting and operating a crafted btrfs image, because of a lack of block group item validation in check_leaf_item in fs/btrfs/tree-checker.c.", title: "CVE description", }, ], product_status: { recommended: [ "SUSE Linux Enterprise High Availability Extension 15:cluster-md-kmp-default-4.12.14-25.19.1.aarch64", "SUSE Linux Enterprise High Availability Extension 15:cluster-md-kmp-default-4.12.14-25.19.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 15:cluster-md-kmp-default-4.12.14-25.19.1.s390x", "SUSE Linux Enterprise High Availability Extension 15:cluster-md-kmp-default-4.12.14-25.19.1.x86_64", "SUSE Linux Enterprise High Availability Extension 15:dlm-kmp-default-4.12.14-25.19.1.aarch64", "SUSE Linux Enterprise High Availability Extension 15:dlm-kmp-default-4.12.14-25.19.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 15:dlm-kmp-default-4.12.14-25.19.1.s390x", "SUSE Linux Enterprise High Availability Extension 15:dlm-kmp-default-4.12.14-25.19.1.x86_64", "SUSE Linux Enterprise High Availability Extension 15:gfs2-kmp-default-4.12.14-25.19.1.aarch64", "SUSE Linux Enterprise High Availability Extension 15:gfs2-kmp-default-4.12.14-25.19.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 15:gfs2-kmp-default-4.12.14-25.19.1.s390x", "SUSE Linux Enterprise High Availability Extension 15:gfs2-kmp-default-4.12.14-25.19.1.x86_64", "SUSE Linux Enterprise High Availability Extension 15:ocfs2-kmp-default-4.12.14-25.19.1.aarch64", "SUSE Linux Enterprise High Availability Extension 15:ocfs2-kmp-default-4.12.14-25.19.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 15:ocfs2-kmp-default-4.12.14-25.19.1.s390x", "SUSE Linux Enterprise High Availability Extension 15:ocfs2-kmp-default-4.12.14-25.19.1.x86_64", "SUSE Linux Enterprise Module for Basesystem 15:kernel-default-4.12.14-25.19.1.aarch64", "SUSE Linux Enterprise Module for Basesystem 15:kernel-default-4.12.14-25.19.1.ppc64le", "SUSE Linux Enterprise Module for Basesystem 15:kernel-default-4.12.14-25.19.1.s390x", "SUSE Linux Enterprise Module for Basesystem 15:kernel-default-4.12.14-25.19.1.x86_64", "SUSE Linux Enterprise Module for Basesystem 15:kernel-default-devel-4.12.14-25.19.1.aarch64", "SUSE Linux Enterprise Module for Basesystem 15:kernel-default-devel-4.12.14-25.19.1.ppc64le", "SUSE Linux Enterprise Module for Basesystem 15:kernel-default-devel-4.12.14-25.19.1.s390x", "SUSE Linux Enterprise Module for Basesystem 15:kernel-default-devel-4.12.14-25.19.1.x86_64", "SUSE Linux Enterprise Module for Basesystem 15:kernel-default-man-4.12.14-25.19.1.s390x", "SUSE Linux Enterprise Module for Basesystem 15:kernel-devel-4.12.14-25.19.1.noarch", "SUSE Linux Enterprise Module for Basesystem 15:kernel-macros-4.12.14-25.19.1.noarch", "SUSE Linux Enterprise Module for Basesystem 15:kernel-zfcpdump-4.12.14-25.19.1.s390x", "SUSE Linux Enterprise Module for Development Tools 15:kernel-docs-4.12.14-25.19.1.noarch", "SUSE Linux Enterprise Module for Development Tools 15:kernel-obs-build-4.12.14-25.19.1.aarch64", "SUSE Linux Enterprise Module for Development Tools 15:kernel-obs-build-4.12.14-25.19.1.ppc64le", "SUSE Linux Enterprise Module for Development Tools 15:kernel-obs-build-4.12.14-25.19.1.s390x", "SUSE Linux Enterprise Module for Development Tools 15:kernel-obs-build-4.12.14-25.19.1.x86_64", "SUSE Linux Enterprise Module for Development Tools 15:kernel-source-4.12.14-25.19.1.noarch", "SUSE Linux Enterprise Module for Development Tools 15:kernel-syms-4.12.14-25.19.1.aarch64", "SUSE Linux Enterprise Module for Development Tools 15:kernel-syms-4.12.14-25.19.1.ppc64le", "SUSE Linux Enterprise Module for Development Tools 15:kernel-syms-4.12.14-25.19.1.s390x", "SUSE Linux Enterprise Module for Development Tools 15:kernel-syms-4.12.14-25.19.1.x86_64", "SUSE Linux Enterprise Module for Development Tools 15:kernel-vanilla-base-4.12.14-25.19.1.aarch64", "SUSE Linux Enterprise Module for Development Tools 15:kernel-vanilla-base-4.12.14-25.19.1.ppc64le", "SUSE Linux Enterprise Module for Development Tools 15:kernel-vanilla-base-4.12.14-25.19.1.s390x", "SUSE Linux Enterprise Module for Development Tools 15:kernel-vanilla-base-4.12.14-25.19.1.x86_64", "SUSE Linux Enterprise Module for Legacy 15:reiserfs-kmp-default-4.12.14-25.19.1.aarch64", "SUSE Linux Enterprise Module for Legacy 15:reiserfs-kmp-default-4.12.14-25.19.1.ppc64le", "SUSE Linux Enterprise Module for Legacy 15:reiserfs-kmp-default-4.12.14-25.19.1.s390x", "SUSE Linux Enterprise Module for Legacy 15:reiserfs-kmp-default-4.12.14-25.19.1.x86_64", "SUSE Linux Enterprise Workstation Extension 15:kernel-default-extra-4.12.14-25.19.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2018-14613", url: "https://www.suse.com/security/cve/CVE-2018-14613", }, { category: "external", summary: "SUSE Bug 1102896 for CVE-2018-14613", url: "https://bugzilla.suse.com/1102896", }, { category: "external", summary: "SUSE Bug 1103800 for CVE-2018-14613", url: "https://bugzilla.suse.com/1103800", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE Linux Enterprise High Availability Extension 15:cluster-md-kmp-default-4.12.14-25.19.1.aarch64", "SUSE Linux Enterprise High Availability Extension 15:cluster-md-kmp-default-4.12.14-25.19.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 15:cluster-md-kmp-default-4.12.14-25.19.1.s390x", "SUSE Linux Enterprise High Availability Extension 15:cluster-md-kmp-default-4.12.14-25.19.1.x86_64", "SUSE Linux Enterprise High Availability Extension 15:dlm-kmp-default-4.12.14-25.19.1.aarch64", "SUSE Linux Enterprise High Availability Extension 15:dlm-kmp-default-4.12.14-25.19.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 15:dlm-kmp-default-4.12.14-25.19.1.s390x", "SUSE Linux Enterprise High Availability Extension 15:dlm-kmp-default-4.12.14-25.19.1.x86_64", "SUSE Linux Enterprise High Availability Extension 15:gfs2-kmp-default-4.12.14-25.19.1.aarch64", "SUSE Linux Enterprise High Availability Extension 15:gfs2-kmp-default-4.12.14-25.19.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 15:gfs2-kmp-default-4.12.14-25.19.1.s390x", "SUSE Linux Enterprise High Availability Extension 15:gfs2-kmp-default-4.12.14-25.19.1.x86_64", "SUSE Linux Enterprise High Availability Extension 15:ocfs2-kmp-default-4.12.14-25.19.1.aarch64", "SUSE Linux Enterprise High Availability Extension 15:ocfs2-kmp-default-4.12.14-25.19.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 15:ocfs2-kmp-default-4.12.14-25.19.1.s390x", "SUSE Linux Enterprise High Availability Extension 15:ocfs2-kmp-default-4.12.14-25.19.1.x86_64", "SUSE Linux Enterprise Module for Basesystem 15:kernel-default-4.12.14-25.19.1.aarch64", "SUSE Linux Enterprise Module for Basesystem 15:kernel-default-4.12.14-25.19.1.ppc64le", "SUSE Linux Enterprise Module for Basesystem 15:kernel-default-4.12.14-25.19.1.s390x", "SUSE Linux Enterprise Module for Basesystem 15:kernel-default-4.12.14-25.19.1.x86_64", "SUSE Linux Enterprise Module for Basesystem 15:kernel-default-devel-4.12.14-25.19.1.aarch64", "SUSE Linux Enterprise Module for Basesystem 15:kernel-default-devel-4.12.14-25.19.1.ppc64le", "SUSE Linux Enterprise Module for Basesystem 15:kernel-default-devel-4.12.14-25.19.1.s390x", "SUSE Linux Enterprise Module for Basesystem 15:kernel-default-devel-4.12.14-25.19.1.x86_64", "SUSE Linux Enterprise Module for Basesystem 15:kernel-default-man-4.12.14-25.19.1.s390x", "SUSE Linux Enterprise Module for Basesystem 15:kernel-devel-4.12.14-25.19.1.noarch", "SUSE Linux Enterprise Module for Basesystem 15:kernel-macros-4.12.14-25.19.1.noarch", "SUSE Linux Enterprise Module for Basesystem 15:kernel-zfcpdump-4.12.14-25.19.1.s390x", "SUSE Linux Enterprise Module for Development Tools 15:kernel-docs-4.12.14-25.19.1.noarch", "SUSE Linux Enterprise Module for Development Tools 15:kernel-obs-build-4.12.14-25.19.1.aarch64", "SUSE Linux Enterprise Module for Development Tools 15:kernel-obs-build-4.12.14-25.19.1.ppc64le", "SUSE Linux Enterprise Module for Development Tools 15:kernel-obs-build-4.12.14-25.19.1.s390x", "SUSE Linux Enterprise Module for Development Tools 15:kernel-obs-build-4.12.14-25.19.1.x86_64", "SUSE Linux Enterprise Module for Development Tools 15:kernel-source-4.12.14-25.19.1.noarch", "SUSE Linux Enterprise Module for Development Tools 15:kernel-syms-4.12.14-25.19.1.aarch64", "SUSE Linux Enterprise Module for Development Tools 15:kernel-syms-4.12.14-25.19.1.ppc64le", "SUSE Linux Enterprise Module for Development Tools 15:kernel-syms-4.12.14-25.19.1.s390x", "SUSE Linux Enterprise Module for Development Tools 15:kernel-syms-4.12.14-25.19.1.x86_64", "SUSE Linux Enterprise Module for Development Tools 15:kernel-vanilla-base-4.12.14-25.19.1.aarch64", "SUSE Linux Enterprise Module for Development Tools 15:kernel-vanilla-base-4.12.14-25.19.1.ppc64le", "SUSE Linux Enterprise Module for Development Tools 15:kernel-vanilla-base-4.12.14-25.19.1.s390x", "SUSE Linux Enterprise Module for Development Tools 15:kernel-vanilla-base-4.12.14-25.19.1.x86_64", "SUSE Linux Enterprise Module for Legacy 15:reiserfs-kmp-default-4.12.14-25.19.1.aarch64", "SUSE Linux Enterprise Module for Legacy 15:reiserfs-kmp-default-4.12.14-25.19.1.ppc64le", "SUSE Linux Enterprise Module for Legacy 15:reiserfs-kmp-default-4.12.14-25.19.1.s390x", "SUSE Linux Enterprise Module for Legacy 15:reiserfs-kmp-default-4.12.14-25.19.1.x86_64", "SUSE Linux Enterprise Workstation Extension 15:kernel-default-extra-4.12.14-25.19.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 4.4, baseSeverity: "MEDIUM", vectorString: "CVSS:3.0/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H", version: "3.0", }, products: [ "SUSE Linux Enterprise High Availability Extension 15:cluster-md-kmp-default-4.12.14-25.19.1.aarch64", "SUSE Linux Enterprise High Availability Extension 15:cluster-md-kmp-default-4.12.14-25.19.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 15:cluster-md-kmp-default-4.12.14-25.19.1.s390x", "SUSE Linux Enterprise High Availability Extension 15:cluster-md-kmp-default-4.12.14-25.19.1.x86_64", "SUSE Linux Enterprise High Availability Extension 15:dlm-kmp-default-4.12.14-25.19.1.aarch64", "SUSE Linux Enterprise High Availability Extension 15:dlm-kmp-default-4.12.14-25.19.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 15:dlm-kmp-default-4.12.14-25.19.1.s390x", "SUSE Linux Enterprise High Availability Extension 15:dlm-kmp-default-4.12.14-25.19.1.x86_64", "SUSE Linux Enterprise High Availability Extension 15:gfs2-kmp-default-4.12.14-25.19.1.aarch64", "SUSE Linux Enterprise High Availability Extension 15:gfs2-kmp-default-4.12.14-25.19.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 15:gfs2-kmp-default-4.12.14-25.19.1.s390x", "SUSE Linux Enterprise High Availability Extension 15:gfs2-kmp-default-4.12.14-25.19.1.x86_64", "SUSE Linux Enterprise High Availability Extension 15:ocfs2-kmp-default-4.12.14-25.19.1.aarch64", "SUSE Linux Enterprise High Availability Extension 15:ocfs2-kmp-default-4.12.14-25.19.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 15:ocfs2-kmp-default-4.12.14-25.19.1.s390x", "SUSE Linux Enterprise High Availability Extension 15:ocfs2-kmp-default-4.12.14-25.19.1.x86_64", "SUSE Linux Enterprise Module for Basesystem 15:kernel-default-4.12.14-25.19.1.aarch64", "SUSE Linux Enterprise Module for Basesystem 15:kernel-default-4.12.14-25.19.1.ppc64le", "SUSE Linux Enterprise Module for Basesystem 15:kernel-default-4.12.14-25.19.1.s390x", "SUSE Linux Enterprise Module for Basesystem 15:kernel-default-4.12.14-25.19.1.x86_64", "SUSE Linux Enterprise Module for Basesystem 15:kernel-default-devel-4.12.14-25.19.1.aarch64", "SUSE Linux Enterprise Module for Basesystem 15:kernel-default-devel-4.12.14-25.19.1.ppc64le", "SUSE Linux Enterprise Module for Basesystem 15:kernel-default-devel-4.12.14-25.19.1.s390x", "SUSE Linux Enterprise Module for Basesystem 15:kernel-default-devel-4.12.14-25.19.1.x86_64", "SUSE Linux Enterprise Module for Basesystem 15:kernel-default-man-4.12.14-25.19.1.s390x", "SUSE Linux Enterprise Module for Basesystem 15:kernel-devel-4.12.14-25.19.1.noarch", "SUSE Linux Enterprise Module for Basesystem 15:kernel-macros-4.12.14-25.19.1.noarch", "SUSE Linux Enterprise Module for Basesystem 15:kernel-zfcpdump-4.12.14-25.19.1.s390x", "SUSE Linux Enterprise Module for Development Tools 15:kernel-docs-4.12.14-25.19.1.noarch", "SUSE Linux Enterprise Module for Development Tools 15:kernel-obs-build-4.12.14-25.19.1.aarch64", "SUSE Linux Enterprise Module for Development Tools 15:kernel-obs-build-4.12.14-25.19.1.ppc64le", "SUSE Linux Enterprise Module for Development Tools 15:kernel-obs-build-4.12.14-25.19.1.s390x", "SUSE Linux Enterprise Module for Development Tools 15:kernel-obs-build-4.12.14-25.19.1.x86_64", "SUSE Linux Enterprise Module for Development Tools 15:kernel-source-4.12.14-25.19.1.noarch", "SUSE Linux Enterprise Module for Development Tools 15:kernel-syms-4.12.14-25.19.1.aarch64", "SUSE Linux Enterprise Module for Development Tools 15:kernel-syms-4.12.14-25.19.1.ppc64le", "SUSE Linux Enterprise Module for Development Tools 15:kernel-syms-4.12.14-25.19.1.s390x", "SUSE Linux Enterprise Module for Development Tools 15:kernel-syms-4.12.14-25.19.1.x86_64", "SUSE Linux Enterprise Module for Development Tools 15:kernel-vanilla-base-4.12.14-25.19.1.aarch64", "SUSE Linux Enterprise Module for Development Tools 15:kernel-vanilla-base-4.12.14-25.19.1.ppc64le", "SUSE Linux Enterprise Module for Development Tools 15:kernel-vanilla-base-4.12.14-25.19.1.s390x", "SUSE Linux Enterprise Module for Development Tools 15:kernel-vanilla-base-4.12.14-25.19.1.x86_64", "SUSE Linux Enterprise Module for Legacy 15:reiserfs-kmp-default-4.12.14-25.19.1.aarch64", "SUSE Linux Enterprise Module for Legacy 15:reiserfs-kmp-default-4.12.14-25.19.1.ppc64le", "SUSE Linux Enterprise Module for Legacy 15:reiserfs-kmp-default-4.12.14-25.19.1.s390x", "SUSE Linux Enterprise Module for Legacy 15:reiserfs-kmp-default-4.12.14-25.19.1.x86_64", "SUSE Linux Enterprise Workstation Extension 15:kernel-default-extra-4.12.14-25.19.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2018-10-02T14:32:33Z", details: "moderate", }, ], title: "CVE-2018-14613", }, { cve: "CVE-2018-14617", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2018-14617", }, ], notes: [ { category: "general", text: "An issue was discovered in the Linux kernel through 4.17.10. There is a NULL pointer dereference and panic in hfsplus_lookup() in fs/hfsplus/dir.c when opening a file (that is purportedly a hard link) in an hfs+ filesystem that has malformed catalog data, and is mounted read-only without a metadata directory.", title: "CVE description", }, ], product_status: { recommended: [ "SUSE Linux Enterprise High Availability Extension 15:cluster-md-kmp-default-4.12.14-25.19.1.aarch64", "SUSE Linux Enterprise High Availability Extension 15:cluster-md-kmp-default-4.12.14-25.19.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 15:cluster-md-kmp-default-4.12.14-25.19.1.s390x", "SUSE Linux Enterprise High Availability Extension 15:cluster-md-kmp-default-4.12.14-25.19.1.x86_64", "SUSE Linux Enterprise High Availability Extension 15:dlm-kmp-default-4.12.14-25.19.1.aarch64", "SUSE Linux Enterprise High Availability Extension 15:dlm-kmp-default-4.12.14-25.19.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 15:dlm-kmp-default-4.12.14-25.19.1.s390x", "SUSE Linux Enterprise High Availability Extension 15:dlm-kmp-default-4.12.14-25.19.1.x86_64", "SUSE Linux Enterprise High Availability Extension 15:gfs2-kmp-default-4.12.14-25.19.1.aarch64", "SUSE Linux Enterprise High Availability Extension 15:gfs2-kmp-default-4.12.14-25.19.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 15:gfs2-kmp-default-4.12.14-25.19.1.s390x", "SUSE Linux Enterprise High Availability Extension 15:gfs2-kmp-default-4.12.14-25.19.1.x86_64", "SUSE Linux Enterprise High Availability Extension 15:ocfs2-kmp-default-4.12.14-25.19.1.aarch64", "SUSE Linux Enterprise High Availability Extension 15:ocfs2-kmp-default-4.12.14-25.19.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 15:ocfs2-kmp-default-4.12.14-25.19.1.s390x", "SUSE Linux Enterprise High Availability Extension 15:ocfs2-kmp-default-4.12.14-25.19.1.x86_64", "SUSE Linux Enterprise Module for Basesystem 15:kernel-default-4.12.14-25.19.1.aarch64", "SUSE Linux Enterprise Module for Basesystem 15:kernel-default-4.12.14-25.19.1.ppc64le", "SUSE Linux Enterprise Module for Basesystem 15:kernel-default-4.12.14-25.19.1.s390x", "SUSE Linux Enterprise Module for Basesystem 15:kernel-default-4.12.14-25.19.1.x86_64", "SUSE Linux Enterprise Module for Basesystem 15:kernel-default-devel-4.12.14-25.19.1.aarch64", "SUSE Linux Enterprise Module for Basesystem 15:kernel-default-devel-4.12.14-25.19.1.ppc64le", "SUSE Linux Enterprise Module for Basesystem 15:kernel-default-devel-4.12.14-25.19.1.s390x", "SUSE Linux Enterprise Module for Basesystem 15:kernel-default-devel-4.12.14-25.19.1.x86_64", "SUSE Linux Enterprise Module for Basesystem 15:kernel-default-man-4.12.14-25.19.1.s390x", "SUSE Linux Enterprise Module for Basesystem 15:kernel-devel-4.12.14-25.19.1.noarch", "SUSE Linux Enterprise Module for Basesystem 15:kernel-macros-4.12.14-25.19.1.noarch", "SUSE Linux Enterprise Module for Basesystem 15:kernel-zfcpdump-4.12.14-25.19.1.s390x", "SUSE Linux Enterprise Module for Development Tools 15:kernel-docs-4.12.14-25.19.1.noarch", "SUSE Linux Enterprise Module for Development Tools 15:kernel-obs-build-4.12.14-25.19.1.aarch64", "SUSE Linux Enterprise Module for Development Tools 15:kernel-obs-build-4.12.14-25.19.1.ppc64le", "SUSE Linux Enterprise Module for Development Tools 15:kernel-obs-build-4.12.14-25.19.1.s390x", "SUSE Linux Enterprise Module for Development Tools 15:kernel-obs-build-4.12.14-25.19.1.x86_64", "SUSE Linux Enterprise Module for Development Tools 15:kernel-source-4.12.14-25.19.1.noarch", "SUSE Linux Enterprise Module for Development Tools 15:kernel-syms-4.12.14-25.19.1.aarch64", "SUSE Linux Enterprise Module for Development Tools 15:kernel-syms-4.12.14-25.19.1.ppc64le", "SUSE Linux Enterprise Module for Development Tools 15:kernel-syms-4.12.14-25.19.1.s390x", "SUSE Linux Enterprise Module for Development Tools 15:kernel-syms-4.12.14-25.19.1.x86_64", "SUSE Linux Enterprise Module for Development Tools 15:kernel-vanilla-base-4.12.14-25.19.1.aarch64", "SUSE Linux Enterprise Module for Development Tools 15:kernel-vanilla-base-4.12.14-25.19.1.ppc64le", "SUSE Linux Enterprise Module for Development Tools 15:kernel-vanilla-base-4.12.14-25.19.1.s390x", "SUSE Linux Enterprise Module for Development Tools 15:kernel-vanilla-base-4.12.14-25.19.1.x86_64", "SUSE Linux Enterprise Module for Legacy 15:reiserfs-kmp-default-4.12.14-25.19.1.aarch64", "SUSE Linux Enterprise Module for Legacy 15:reiserfs-kmp-default-4.12.14-25.19.1.ppc64le", "SUSE Linux Enterprise Module for Legacy 15:reiserfs-kmp-default-4.12.14-25.19.1.s390x", "SUSE Linux Enterprise Module for Legacy 15:reiserfs-kmp-default-4.12.14-25.19.1.x86_64", "SUSE Linux Enterprise Workstation Extension 15:kernel-default-extra-4.12.14-25.19.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2018-14617", url: "https://www.suse.com/security/cve/CVE-2018-14617", }, { category: "external", summary: "SUSE Bug 1102870 for CVE-2018-14617", url: "https://bugzilla.suse.com/1102870", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE Linux Enterprise High Availability Extension 15:cluster-md-kmp-default-4.12.14-25.19.1.aarch64", "SUSE Linux Enterprise High Availability Extension 15:cluster-md-kmp-default-4.12.14-25.19.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 15:cluster-md-kmp-default-4.12.14-25.19.1.s390x", "SUSE Linux Enterprise High Availability Extension 15:cluster-md-kmp-default-4.12.14-25.19.1.x86_64", "SUSE Linux Enterprise High Availability Extension 15:dlm-kmp-default-4.12.14-25.19.1.aarch64", "SUSE Linux Enterprise High Availability Extension 15:dlm-kmp-default-4.12.14-25.19.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 15:dlm-kmp-default-4.12.14-25.19.1.s390x", "SUSE Linux Enterprise High Availability Extension 15:dlm-kmp-default-4.12.14-25.19.1.x86_64", "SUSE Linux Enterprise High Availability Extension 15:gfs2-kmp-default-4.12.14-25.19.1.aarch64", "SUSE Linux Enterprise High Availability Extension 15:gfs2-kmp-default-4.12.14-25.19.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 15:gfs2-kmp-default-4.12.14-25.19.1.s390x", "SUSE Linux Enterprise High Availability Extension 15:gfs2-kmp-default-4.12.14-25.19.1.x86_64", "SUSE Linux Enterprise High Availability Extension 15:ocfs2-kmp-default-4.12.14-25.19.1.aarch64", "SUSE Linux Enterprise High Availability Extension 15:ocfs2-kmp-default-4.12.14-25.19.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 15:ocfs2-kmp-default-4.12.14-25.19.1.s390x", "SUSE Linux Enterprise High Availability Extension 15:ocfs2-kmp-default-4.12.14-25.19.1.x86_64", "SUSE Linux Enterprise Module for Basesystem 15:kernel-default-4.12.14-25.19.1.aarch64", "SUSE Linux Enterprise Module for Basesystem 15:kernel-default-4.12.14-25.19.1.ppc64le", "SUSE Linux Enterprise Module for Basesystem 15:kernel-default-4.12.14-25.19.1.s390x", "SUSE Linux Enterprise Module for Basesystem 15:kernel-default-4.12.14-25.19.1.x86_64", "SUSE Linux Enterprise Module for Basesystem 15:kernel-default-devel-4.12.14-25.19.1.aarch64", "SUSE Linux Enterprise Module for Basesystem 15:kernel-default-devel-4.12.14-25.19.1.ppc64le", "SUSE Linux Enterprise Module for Basesystem 15:kernel-default-devel-4.12.14-25.19.1.s390x", "SUSE Linux Enterprise Module for Basesystem 15:kernel-default-devel-4.12.14-25.19.1.x86_64", "SUSE Linux Enterprise Module for Basesystem 15:kernel-default-man-4.12.14-25.19.1.s390x", "SUSE Linux Enterprise Module for Basesystem 15:kernel-devel-4.12.14-25.19.1.noarch", "SUSE Linux Enterprise Module for Basesystem 15:kernel-macros-4.12.14-25.19.1.noarch", "SUSE Linux Enterprise Module for Basesystem 15:kernel-zfcpdump-4.12.14-25.19.1.s390x", "SUSE Linux Enterprise Module for Development Tools 15:kernel-docs-4.12.14-25.19.1.noarch", "SUSE Linux Enterprise Module for Development Tools 15:kernel-obs-build-4.12.14-25.19.1.aarch64", "SUSE Linux Enterprise Module for Development Tools 15:kernel-obs-build-4.12.14-25.19.1.ppc64le", "SUSE Linux Enterprise Module for Development Tools 15:kernel-obs-build-4.12.14-25.19.1.s390x", "SUSE Linux Enterprise Module for Development Tools 15:kernel-obs-build-4.12.14-25.19.1.x86_64", "SUSE Linux Enterprise Module for Development Tools 15:kernel-source-4.12.14-25.19.1.noarch", "SUSE Linux Enterprise Module for Development Tools 15:kernel-syms-4.12.14-25.19.1.aarch64", "SUSE Linux Enterprise Module for Development Tools 15:kernel-syms-4.12.14-25.19.1.ppc64le", "SUSE Linux Enterprise Module for Development Tools 15:kernel-syms-4.12.14-25.19.1.s390x", "SUSE Linux Enterprise Module for Development Tools 15:kernel-syms-4.12.14-25.19.1.x86_64", "SUSE Linux Enterprise Module for Development Tools 15:kernel-vanilla-base-4.12.14-25.19.1.aarch64", "SUSE Linux Enterprise Module for Development Tools 15:kernel-vanilla-base-4.12.14-25.19.1.ppc64le", "SUSE Linux Enterprise Module for Development Tools 15:kernel-vanilla-base-4.12.14-25.19.1.s390x", "SUSE Linux Enterprise Module for Development Tools 15:kernel-vanilla-base-4.12.14-25.19.1.x86_64", "SUSE Linux Enterprise Module for Legacy 15:reiserfs-kmp-default-4.12.14-25.19.1.aarch64", "SUSE Linux Enterprise Module for Legacy 15:reiserfs-kmp-default-4.12.14-25.19.1.ppc64le", "SUSE Linux Enterprise Module for Legacy 15:reiserfs-kmp-default-4.12.14-25.19.1.s390x", "SUSE Linux Enterprise Module for Legacy 15:reiserfs-kmp-default-4.12.14-25.19.1.x86_64", "SUSE Linux Enterprise Workstation Extension 15:kernel-default-extra-4.12.14-25.19.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 5.5, baseSeverity: "MEDIUM", vectorString: "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", version: "3.0", }, products: [ "SUSE Linux Enterprise High Availability Extension 15:cluster-md-kmp-default-4.12.14-25.19.1.aarch64", "SUSE Linux Enterprise High Availability Extension 15:cluster-md-kmp-default-4.12.14-25.19.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 15:cluster-md-kmp-default-4.12.14-25.19.1.s390x", "SUSE Linux Enterprise High Availability Extension 15:cluster-md-kmp-default-4.12.14-25.19.1.x86_64", "SUSE Linux Enterprise High Availability Extension 15:dlm-kmp-default-4.12.14-25.19.1.aarch64", "SUSE Linux Enterprise High Availability Extension 15:dlm-kmp-default-4.12.14-25.19.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 15:dlm-kmp-default-4.12.14-25.19.1.s390x", "SUSE Linux Enterprise High Availability Extension 15:dlm-kmp-default-4.12.14-25.19.1.x86_64", "SUSE Linux Enterprise High Availability Extension 15:gfs2-kmp-default-4.12.14-25.19.1.aarch64", "SUSE Linux Enterprise High Availability Extension 15:gfs2-kmp-default-4.12.14-25.19.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 15:gfs2-kmp-default-4.12.14-25.19.1.s390x", "SUSE Linux Enterprise High Availability Extension 15:gfs2-kmp-default-4.12.14-25.19.1.x86_64", "SUSE Linux Enterprise High Availability Extension 15:ocfs2-kmp-default-4.12.14-25.19.1.aarch64", "SUSE Linux Enterprise High Availability Extension 15:ocfs2-kmp-default-4.12.14-25.19.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 15:ocfs2-kmp-default-4.12.14-25.19.1.s390x", "SUSE Linux Enterprise High Availability Extension 15:ocfs2-kmp-default-4.12.14-25.19.1.x86_64", "SUSE Linux Enterprise Module for Basesystem 15:kernel-default-4.12.14-25.19.1.aarch64", "SUSE Linux Enterprise Module for Basesystem 15:kernel-default-4.12.14-25.19.1.ppc64le", "SUSE Linux Enterprise Module for Basesystem 15:kernel-default-4.12.14-25.19.1.s390x", "SUSE Linux Enterprise Module for Basesystem 15:kernel-default-4.12.14-25.19.1.x86_64", "SUSE Linux Enterprise Module for Basesystem 15:kernel-default-devel-4.12.14-25.19.1.aarch64", "SUSE Linux Enterprise Module for Basesystem 15:kernel-default-devel-4.12.14-25.19.1.ppc64le", "SUSE Linux Enterprise Module for Basesystem 15:kernel-default-devel-4.12.14-25.19.1.s390x", "SUSE Linux Enterprise Module for Basesystem 15:kernel-default-devel-4.12.14-25.19.1.x86_64", "SUSE Linux Enterprise Module for Basesystem 15:kernel-default-man-4.12.14-25.19.1.s390x", "SUSE Linux Enterprise Module for Basesystem 15:kernel-devel-4.12.14-25.19.1.noarch", "SUSE Linux Enterprise Module for Basesystem 15:kernel-macros-4.12.14-25.19.1.noarch", "SUSE Linux Enterprise Module for Basesystem 15:kernel-zfcpdump-4.12.14-25.19.1.s390x", "SUSE Linux Enterprise Module for Development Tools 15:kernel-docs-4.12.14-25.19.1.noarch", "SUSE Linux Enterprise Module for Development Tools 15:kernel-obs-build-4.12.14-25.19.1.aarch64", "SUSE Linux Enterprise Module for Development Tools 15:kernel-obs-build-4.12.14-25.19.1.ppc64le", "SUSE Linux Enterprise Module for Development Tools 15:kernel-obs-build-4.12.14-25.19.1.s390x", "SUSE Linux Enterprise Module for Development Tools 15:kernel-obs-build-4.12.14-25.19.1.x86_64", "SUSE Linux Enterprise Module for Development Tools 15:kernel-source-4.12.14-25.19.1.noarch", "SUSE Linux Enterprise Module for Development Tools 15:kernel-syms-4.12.14-25.19.1.aarch64", "SUSE Linux Enterprise Module for Development Tools 15:kernel-syms-4.12.14-25.19.1.ppc64le", "SUSE Linux Enterprise Module for Development Tools 15:kernel-syms-4.12.14-25.19.1.s390x", "SUSE Linux Enterprise Module for Development Tools 15:kernel-syms-4.12.14-25.19.1.x86_64", "SUSE Linux Enterprise Module for Development Tools 15:kernel-vanilla-base-4.12.14-25.19.1.aarch64", "SUSE Linux Enterprise Module for Development Tools 15:kernel-vanilla-base-4.12.14-25.19.1.ppc64le", "SUSE Linux Enterprise Module for Development Tools 15:kernel-vanilla-base-4.12.14-25.19.1.s390x", "SUSE Linux Enterprise Module for Development Tools 15:kernel-vanilla-base-4.12.14-25.19.1.x86_64", "SUSE Linux Enterprise Module for Legacy 15:reiserfs-kmp-default-4.12.14-25.19.1.aarch64", "SUSE Linux Enterprise Module for Legacy 15:reiserfs-kmp-default-4.12.14-25.19.1.ppc64le", "SUSE Linux Enterprise Module for Legacy 15:reiserfs-kmp-default-4.12.14-25.19.1.s390x", "SUSE Linux Enterprise Module for Legacy 15:reiserfs-kmp-default-4.12.14-25.19.1.x86_64", "SUSE Linux Enterprise Workstation Extension 15:kernel-default-extra-4.12.14-25.19.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2018-10-02T14:32:33Z", details: "moderate", }, ], title: "CVE-2018-14617", }, { cve: "CVE-2018-16658", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2018-16658", }, ], notes: [ { category: "general", text: "An issue was discovered in the Linux kernel before 4.18.6. An information leak in cdrom_ioctl_drive_status in drivers/cdrom/cdrom.c could be used by local attackers to read kernel memory because a cast from unsigned long to int interferes with bounds checking. This is similar to CVE-2018-10940.", title: "CVE description", }, ], product_status: { recommended: [ "SUSE Linux Enterprise High Availability Extension 15:cluster-md-kmp-default-4.12.14-25.19.1.aarch64", "SUSE Linux Enterprise High Availability Extension 15:cluster-md-kmp-default-4.12.14-25.19.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 15:cluster-md-kmp-default-4.12.14-25.19.1.s390x", "SUSE Linux Enterprise High Availability Extension 15:cluster-md-kmp-default-4.12.14-25.19.1.x86_64", "SUSE Linux Enterprise High Availability Extension 15:dlm-kmp-default-4.12.14-25.19.1.aarch64", "SUSE Linux Enterprise High Availability Extension 15:dlm-kmp-default-4.12.14-25.19.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 15:dlm-kmp-default-4.12.14-25.19.1.s390x", "SUSE Linux Enterprise High Availability Extension 15:dlm-kmp-default-4.12.14-25.19.1.x86_64", "SUSE Linux Enterprise High Availability Extension 15:gfs2-kmp-default-4.12.14-25.19.1.aarch64", "SUSE Linux Enterprise High Availability Extension 15:gfs2-kmp-default-4.12.14-25.19.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 15:gfs2-kmp-default-4.12.14-25.19.1.s390x", "SUSE Linux Enterprise High Availability Extension 15:gfs2-kmp-default-4.12.14-25.19.1.x86_64", "SUSE Linux Enterprise High Availability Extension 15:ocfs2-kmp-default-4.12.14-25.19.1.aarch64", "SUSE Linux Enterprise High Availability Extension 15:ocfs2-kmp-default-4.12.14-25.19.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 15:ocfs2-kmp-default-4.12.14-25.19.1.s390x", "SUSE Linux Enterprise High Availability Extension 15:ocfs2-kmp-default-4.12.14-25.19.1.x86_64", "SUSE Linux Enterprise Module for Basesystem 15:kernel-default-4.12.14-25.19.1.aarch64", "SUSE Linux Enterprise Module for Basesystem 15:kernel-default-4.12.14-25.19.1.ppc64le", "SUSE Linux Enterprise Module for Basesystem 15:kernel-default-4.12.14-25.19.1.s390x", "SUSE Linux Enterprise Module for Basesystem 15:kernel-default-4.12.14-25.19.1.x86_64", "SUSE Linux Enterprise Module for Basesystem 15:kernel-default-devel-4.12.14-25.19.1.aarch64", "SUSE Linux Enterprise Module for Basesystem 15:kernel-default-devel-4.12.14-25.19.1.ppc64le", "SUSE Linux Enterprise Module for Basesystem 15:kernel-default-devel-4.12.14-25.19.1.s390x", "SUSE Linux Enterprise Module for Basesystem 15:kernel-default-devel-4.12.14-25.19.1.x86_64", "SUSE Linux Enterprise Module for Basesystem 15:kernel-default-man-4.12.14-25.19.1.s390x", "SUSE Linux Enterprise Module for Basesystem 15:kernel-devel-4.12.14-25.19.1.noarch", "SUSE Linux Enterprise Module for Basesystem 15:kernel-macros-4.12.14-25.19.1.noarch", "SUSE Linux Enterprise Module for Basesystem 15:kernel-zfcpdump-4.12.14-25.19.1.s390x", "SUSE Linux Enterprise Module for Development Tools 15:kernel-docs-4.12.14-25.19.1.noarch", "SUSE Linux Enterprise Module for Development Tools 15:kernel-obs-build-4.12.14-25.19.1.aarch64", "SUSE Linux Enterprise Module for Development Tools 15:kernel-obs-build-4.12.14-25.19.1.ppc64le", "SUSE Linux Enterprise Module for Development Tools 15:kernel-obs-build-4.12.14-25.19.1.s390x", "SUSE Linux Enterprise Module for Development Tools 15:kernel-obs-build-4.12.14-25.19.1.x86_64", "SUSE Linux Enterprise Module for Development Tools 15:kernel-source-4.12.14-25.19.1.noarch", "SUSE Linux Enterprise Module for Development Tools 15:kernel-syms-4.12.14-25.19.1.aarch64", "SUSE Linux Enterprise Module for Development Tools 15:kernel-syms-4.12.14-25.19.1.ppc64le", "SUSE Linux Enterprise Module for Development Tools 15:kernel-syms-4.12.14-25.19.1.s390x", "SUSE Linux Enterprise Module for Development Tools 15:kernel-syms-4.12.14-25.19.1.x86_64", "SUSE Linux Enterprise Module for Development Tools 15:kernel-vanilla-base-4.12.14-25.19.1.aarch64", "SUSE Linux Enterprise Module for Development Tools 15:kernel-vanilla-base-4.12.14-25.19.1.ppc64le", "SUSE Linux Enterprise Module for Development Tools 15:kernel-vanilla-base-4.12.14-25.19.1.s390x", "SUSE Linux Enterprise Module for Development Tools 15:kernel-vanilla-base-4.12.14-25.19.1.x86_64", "SUSE Linux Enterprise Module for Legacy 15:reiserfs-kmp-default-4.12.14-25.19.1.aarch64", "SUSE Linux Enterprise Module for Legacy 15:reiserfs-kmp-default-4.12.14-25.19.1.ppc64le", "SUSE Linux Enterprise Module for Legacy 15:reiserfs-kmp-default-4.12.14-25.19.1.s390x", "SUSE Linux Enterprise Module for Legacy 15:reiserfs-kmp-default-4.12.14-25.19.1.x86_64", "SUSE Linux Enterprise Workstation Extension 15:kernel-default-extra-4.12.14-25.19.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2018-16658", url: "https://www.suse.com/security/cve/CVE-2018-16658", }, { category: "external", summary: "SUSE Bug 1092903 for CVE-2018-16658", url: "https://bugzilla.suse.com/1092903", }, { category: "external", summary: "SUSE Bug 1107689 for CVE-2018-16658", url: "https://bugzilla.suse.com/1107689", }, { category: "external", summary: "SUSE Bug 1113751 for CVE-2018-16658", url: "https://bugzilla.suse.com/1113751", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE Linux Enterprise High Availability Extension 15:cluster-md-kmp-default-4.12.14-25.19.1.aarch64", "SUSE Linux Enterprise High Availability Extension 15:cluster-md-kmp-default-4.12.14-25.19.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 15:cluster-md-kmp-default-4.12.14-25.19.1.s390x", "SUSE Linux Enterprise High Availability Extension 15:cluster-md-kmp-default-4.12.14-25.19.1.x86_64", "SUSE Linux Enterprise High Availability Extension 15:dlm-kmp-default-4.12.14-25.19.1.aarch64", "SUSE Linux Enterprise High Availability Extension 15:dlm-kmp-default-4.12.14-25.19.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 15:dlm-kmp-default-4.12.14-25.19.1.s390x", "SUSE Linux Enterprise High Availability Extension 15:dlm-kmp-default-4.12.14-25.19.1.x86_64", "SUSE Linux Enterprise High Availability Extension 15:gfs2-kmp-default-4.12.14-25.19.1.aarch64", "SUSE Linux Enterprise High Availability Extension 15:gfs2-kmp-default-4.12.14-25.19.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 15:gfs2-kmp-default-4.12.14-25.19.1.s390x", "SUSE Linux Enterprise High Availability Extension 15:gfs2-kmp-default-4.12.14-25.19.1.x86_64", "SUSE Linux Enterprise High Availability Extension 15:ocfs2-kmp-default-4.12.14-25.19.1.aarch64", "SUSE Linux Enterprise High Availability Extension 15:ocfs2-kmp-default-4.12.14-25.19.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 15:ocfs2-kmp-default-4.12.14-25.19.1.s390x", "SUSE Linux Enterprise High Availability Extension 15:ocfs2-kmp-default-4.12.14-25.19.1.x86_64", "SUSE Linux Enterprise Module for Basesystem 15:kernel-default-4.12.14-25.19.1.aarch64", "SUSE Linux Enterprise Module for Basesystem 15:kernel-default-4.12.14-25.19.1.ppc64le", "SUSE Linux Enterprise Module for Basesystem 15:kernel-default-4.12.14-25.19.1.s390x", "SUSE Linux Enterprise Module for Basesystem 15:kernel-default-4.12.14-25.19.1.x86_64", "SUSE Linux Enterprise Module for Basesystem 15:kernel-default-devel-4.12.14-25.19.1.aarch64", "SUSE Linux Enterprise Module for Basesystem 15:kernel-default-devel-4.12.14-25.19.1.ppc64le", "SUSE Linux Enterprise Module for Basesystem 15:kernel-default-devel-4.12.14-25.19.1.s390x", "SUSE Linux Enterprise Module for Basesystem 15:kernel-default-devel-4.12.14-25.19.1.x86_64", "SUSE Linux Enterprise Module for Basesystem 15:kernel-default-man-4.12.14-25.19.1.s390x", "SUSE Linux Enterprise Module for Basesystem 15:kernel-devel-4.12.14-25.19.1.noarch", "SUSE Linux Enterprise Module for Basesystem 15:kernel-macros-4.12.14-25.19.1.noarch", "SUSE Linux Enterprise Module for Basesystem 15:kernel-zfcpdump-4.12.14-25.19.1.s390x", "SUSE Linux Enterprise Module for Development Tools 15:kernel-docs-4.12.14-25.19.1.noarch", "SUSE Linux Enterprise Module for Development Tools 15:kernel-obs-build-4.12.14-25.19.1.aarch64", "SUSE Linux Enterprise Module for Development Tools 15:kernel-obs-build-4.12.14-25.19.1.ppc64le", "SUSE Linux Enterprise Module for Development Tools 15:kernel-obs-build-4.12.14-25.19.1.s390x", "SUSE Linux Enterprise Module for Development Tools 15:kernel-obs-build-4.12.14-25.19.1.x86_64", "SUSE Linux Enterprise Module for Development Tools 15:kernel-source-4.12.14-25.19.1.noarch", "SUSE Linux Enterprise Module for Development Tools 15:kernel-syms-4.12.14-25.19.1.aarch64", "SUSE Linux Enterprise Module for Development Tools 15:kernel-syms-4.12.14-25.19.1.ppc64le", "SUSE Linux Enterprise Module for Development Tools 15:kernel-syms-4.12.14-25.19.1.s390x", "SUSE Linux Enterprise Module for Development Tools 15:kernel-syms-4.12.14-25.19.1.x86_64", "SUSE Linux Enterprise Module for Development Tools 15:kernel-vanilla-base-4.12.14-25.19.1.aarch64", "SUSE Linux Enterprise Module for Development Tools 15:kernel-vanilla-base-4.12.14-25.19.1.ppc64le", "SUSE Linux Enterprise Module for Development Tools 15:kernel-vanilla-base-4.12.14-25.19.1.s390x", "SUSE Linux Enterprise Module for Development Tools 15:kernel-vanilla-base-4.12.14-25.19.1.x86_64", "SUSE Linux Enterprise Module for Legacy 15:reiserfs-kmp-default-4.12.14-25.19.1.aarch64", "SUSE Linux Enterprise Module for Legacy 15:reiserfs-kmp-default-4.12.14-25.19.1.ppc64le", "SUSE Linux Enterprise Module for Legacy 15:reiserfs-kmp-default-4.12.14-25.19.1.s390x", "SUSE Linux Enterprise Module for Legacy 15:reiserfs-kmp-default-4.12.14-25.19.1.x86_64", "SUSE Linux Enterprise Workstation Extension 15:kernel-default-extra-4.12.14-25.19.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 4, baseSeverity: "MEDIUM", vectorString: "CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N", version: "3.0", }, products: [ "SUSE Linux Enterprise High Availability Extension 15:cluster-md-kmp-default-4.12.14-25.19.1.aarch64", "SUSE Linux Enterprise High Availability Extension 15:cluster-md-kmp-default-4.12.14-25.19.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 15:cluster-md-kmp-default-4.12.14-25.19.1.s390x", "SUSE Linux Enterprise High Availability Extension 15:cluster-md-kmp-default-4.12.14-25.19.1.x86_64", "SUSE Linux Enterprise High Availability Extension 15:dlm-kmp-default-4.12.14-25.19.1.aarch64", "SUSE Linux Enterprise High Availability Extension 15:dlm-kmp-default-4.12.14-25.19.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 15:dlm-kmp-default-4.12.14-25.19.1.s390x", "SUSE Linux Enterprise High Availability Extension 15:dlm-kmp-default-4.12.14-25.19.1.x86_64", "SUSE Linux Enterprise High Availability Extension 15:gfs2-kmp-default-4.12.14-25.19.1.aarch64", "SUSE Linux Enterprise High Availability Extension 15:gfs2-kmp-default-4.12.14-25.19.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 15:gfs2-kmp-default-4.12.14-25.19.1.s390x", "SUSE Linux Enterprise High Availability Extension 15:gfs2-kmp-default-4.12.14-25.19.1.x86_64", "SUSE Linux Enterprise High Availability Extension 15:ocfs2-kmp-default-4.12.14-25.19.1.aarch64", "SUSE Linux Enterprise High Availability Extension 15:ocfs2-kmp-default-4.12.14-25.19.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 15:ocfs2-kmp-default-4.12.14-25.19.1.s390x", "SUSE Linux Enterprise High Availability Extension 15:ocfs2-kmp-default-4.12.14-25.19.1.x86_64", "SUSE Linux Enterprise Module for Basesystem 15:kernel-default-4.12.14-25.19.1.aarch64", "SUSE Linux Enterprise Module for Basesystem 15:kernel-default-4.12.14-25.19.1.ppc64le", "SUSE Linux Enterprise Module for Basesystem 15:kernel-default-4.12.14-25.19.1.s390x", "SUSE Linux Enterprise Module for Basesystem 15:kernel-default-4.12.14-25.19.1.x86_64", "SUSE Linux Enterprise Module for Basesystem 15:kernel-default-devel-4.12.14-25.19.1.aarch64", "SUSE Linux Enterprise Module for Basesystem 15:kernel-default-devel-4.12.14-25.19.1.ppc64le", "SUSE Linux Enterprise Module for Basesystem 15:kernel-default-devel-4.12.14-25.19.1.s390x", "SUSE Linux Enterprise Module for Basesystem 15:kernel-default-devel-4.12.14-25.19.1.x86_64", "SUSE Linux Enterprise Module for Basesystem 15:kernel-default-man-4.12.14-25.19.1.s390x", "SUSE Linux Enterprise Module for Basesystem 15:kernel-devel-4.12.14-25.19.1.noarch", "SUSE Linux Enterprise Module for Basesystem 15:kernel-macros-4.12.14-25.19.1.noarch", "SUSE Linux Enterprise Module for Basesystem 15:kernel-zfcpdump-4.12.14-25.19.1.s390x", "SUSE Linux Enterprise Module for Development Tools 15:kernel-docs-4.12.14-25.19.1.noarch", "SUSE Linux Enterprise Module for Development Tools 15:kernel-obs-build-4.12.14-25.19.1.aarch64", "SUSE Linux Enterprise Module for Development Tools 15:kernel-obs-build-4.12.14-25.19.1.ppc64le", "SUSE Linux Enterprise Module for Development Tools 15:kernel-obs-build-4.12.14-25.19.1.s390x", "SUSE Linux Enterprise Module for Development Tools 15:kernel-obs-build-4.12.14-25.19.1.x86_64", "SUSE Linux Enterprise Module for Development Tools 15:kernel-source-4.12.14-25.19.1.noarch", "SUSE Linux Enterprise Module for Development Tools 15:kernel-syms-4.12.14-25.19.1.aarch64", "SUSE Linux Enterprise Module for Development Tools 15:kernel-syms-4.12.14-25.19.1.ppc64le", "SUSE Linux Enterprise Module for Development Tools 15:kernel-syms-4.12.14-25.19.1.s390x", "SUSE Linux Enterprise Module for Development Tools 15:kernel-syms-4.12.14-25.19.1.x86_64", "SUSE Linux Enterprise Module for Development Tools 15:kernel-vanilla-base-4.12.14-25.19.1.aarch64", "SUSE Linux Enterprise Module for Development Tools 15:kernel-vanilla-base-4.12.14-25.19.1.ppc64le", "SUSE Linux Enterprise Module for Development Tools 15:kernel-vanilla-base-4.12.14-25.19.1.s390x", "SUSE Linux Enterprise Module for Development Tools 15:kernel-vanilla-base-4.12.14-25.19.1.x86_64", "SUSE Linux Enterprise Module for Legacy 15:reiserfs-kmp-default-4.12.14-25.19.1.aarch64", "SUSE Linux Enterprise Module for Legacy 15:reiserfs-kmp-default-4.12.14-25.19.1.ppc64le", "SUSE Linux Enterprise Module for Legacy 15:reiserfs-kmp-default-4.12.14-25.19.1.s390x", "SUSE Linux Enterprise Module for Legacy 15:reiserfs-kmp-default-4.12.14-25.19.1.x86_64", "SUSE Linux Enterprise Workstation Extension 15:kernel-default-extra-4.12.14-25.19.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2018-10-02T14:32:33Z", details: "low", }, ], title: "CVE-2018-16658", }, { cve: "CVE-2018-6554", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2018-6554", }, ], notes: [ { category: "general", text: "Memory leak in the irda_bind function in net/irda/af_irda.c and later in drivers/staging/irda/net/af_irda.c in the Linux kernel before 4.17 allows local users to cause a denial of service (memory consumption) by repeatedly binding an AF_IRDA socket.", title: "CVE description", }, ], product_status: { recommended: [ "SUSE Linux Enterprise High Availability Extension 15:cluster-md-kmp-default-4.12.14-25.19.1.aarch64", "SUSE Linux Enterprise High Availability Extension 15:cluster-md-kmp-default-4.12.14-25.19.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 15:cluster-md-kmp-default-4.12.14-25.19.1.s390x", "SUSE Linux Enterprise High Availability Extension 15:cluster-md-kmp-default-4.12.14-25.19.1.x86_64", "SUSE Linux Enterprise High Availability Extension 15:dlm-kmp-default-4.12.14-25.19.1.aarch64", "SUSE Linux Enterprise High Availability Extension 15:dlm-kmp-default-4.12.14-25.19.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 15:dlm-kmp-default-4.12.14-25.19.1.s390x", "SUSE Linux Enterprise High Availability Extension 15:dlm-kmp-default-4.12.14-25.19.1.x86_64", "SUSE Linux Enterprise High Availability Extension 15:gfs2-kmp-default-4.12.14-25.19.1.aarch64", "SUSE Linux Enterprise High Availability Extension 15:gfs2-kmp-default-4.12.14-25.19.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 15:gfs2-kmp-default-4.12.14-25.19.1.s390x", "SUSE Linux Enterprise High Availability Extension 15:gfs2-kmp-default-4.12.14-25.19.1.x86_64", "SUSE Linux Enterprise High Availability Extension 15:ocfs2-kmp-default-4.12.14-25.19.1.aarch64", "SUSE Linux Enterprise High Availability Extension 15:ocfs2-kmp-default-4.12.14-25.19.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 15:ocfs2-kmp-default-4.12.14-25.19.1.s390x", "SUSE Linux Enterprise High Availability Extension 15:ocfs2-kmp-default-4.12.14-25.19.1.x86_64", "SUSE Linux Enterprise Module for Basesystem 15:kernel-default-4.12.14-25.19.1.aarch64", "SUSE Linux Enterprise Module for Basesystem 15:kernel-default-4.12.14-25.19.1.ppc64le", "SUSE Linux Enterprise Module for Basesystem 15:kernel-default-4.12.14-25.19.1.s390x", "SUSE Linux Enterprise Module for Basesystem 15:kernel-default-4.12.14-25.19.1.x86_64", "SUSE Linux Enterprise Module for Basesystem 15:kernel-default-devel-4.12.14-25.19.1.aarch64", "SUSE Linux Enterprise Module for Basesystem 15:kernel-default-devel-4.12.14-25.19.1.ppc64le", "SUSE Linux Enterprise Module for Basesystem 15:kernel-default-devel-4.12.14-25.19.1.s390x", "SUSE Linux Enterprise Module for Basesystem 15:kernel-default-devel-4.12.14-25.19.1.x86_64", "SUSE Linux Enterprise Module for Basesystem 15:kernel-default-man-4.12.14-25.19.1.s390x", "SUSE Linux Enterprise Module for Basesystem 15:kernel-devel-4.12.14-25.19.1.noarch", "SUSE Linux Enterprise Module for Basesystem 15:kernel-macros-4.12.14-25.19.1.noarch", "SUSE Linux Enterprise Module for Basesystem 15:kernel-zfcpdump-4.12.14-25.19.1.s390x", "SUSE Linux Enterprise Module for Development Tools 15:kernel-docs-4.12.14-25.19.1.noarch", "SUSE Linux Enterprise Module for Development Tools 15:kernel-obs-build-4.12.14-25.19.1.aarch64", "SUSE Linux Enterprise Module for Development Tools 15:kernel-obs-build-4.12.14-25.19.1.ppc64le", "SUSE Linux Enterprise Module for Development Tools 15:kernel-obs-build-4.12.14-25.19.1.s390x", "SUSE Linux Enterprise Module for Development Tools 15:kernel-obs-build-4.12.14-25.19.1.x86_64", "SUSE Linux Enterprise Module for Development Tools 15:kernel-source-4.12.14-25.19.1.noarch", "SUSE Linux Enterprise Module for Development Tools 15:kernel-syms-4.12.14-25.19.1.aarch64", "SUSE Linux Enterprise Module for Development Tools 15:kernel-syms-4.12.14-25.19.1.ppc64le", "SUSE Linux Enterprise Module for Development Tools 15:kernel-syms-4.12.14-25.19.1.s390x", "SUSE Linux Enterprise Module for Development Tools 15:kernel-syms-4.12.14-25.19.1.x86_64", "SUSE Linux Enterprise Module for Development Tools 15:kernel-vanilla-base-4.12.14-25.19.1.aarch64", "SUSE Linux Enterprise Module for Development Tools 15:kernel-vanilla-base-4.12.14-25.19.1.ppc64le", "SUSE Linux Enterprise Module for Development Tools 15:kernel-vanilla-base-4.12.14-25.19.1.s390x", "SUSE Linux Enterprise Module for Development Tools 15:kernel-vanilla-base-4.12.14-25.19.1.x86_64", "SUSE Linux Enterprise Module for Legacy 15:reiserfs-kmp-default-4.12.14-25.19.1.aarch64", "SUSE Linux Enterprise Module for Legacy 15:reiserfs-kmp-default-4.12.14-25.19.1.ppc64le", "SUSE Linux Enterprise Module for Legacy 15:reiserfs-kmp-default-4.12.14-25.19.1.s390x", "SUSE Linux Enterprise Module for Legacy 15:reiserfs-kmp-default-4.12.14-25.19.1.x86_64", "SUSE Linux Enterprise Workstation Extension 15:kernel-default-extra-4.12.14-25.19.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2018-6554", url: "https://www.suse.com/security/cve/CVE-2018-6554", }, { category: "external", summary: "SUSE Bug 1106509 for CVE-2018-6554", url: "https://bugzilla.suse.com/1106509", }, { category: "external", summary: "SUSE Bug 1106511 for CVE-2018-6554", url: "https://bugzilla.suse.com/1106511", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE Linux Enterprise High Availability Extension 15:cluster-md-kmp-default-4.12.14-25.19.1.aarch64", "SUSE Linux Enterprise High Availability Extension 15:cluster-md-kmp-default-4.12.14-25.19.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 15:cluster-md-kmp-default-4.12.14-25.19.1.s390x", "SUSE Linux Enterprise High Availability Extension 15:cluster-md-kmp-default-4.12.14-25.19.1.x86_64", "SUSE Linux Enterprise High Availability Extension 15:dlm-kmp-default-4.12.14-25.19.1.aarch64", "SUSE Linux Enterprise High Availability Extension 15:dlm-kmp-default-4.12.14-25.19.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 15:dlm-kmp-default-4.12.14-25.19.1.s390x", "SUSE Linux Enterprise High Availability Extension 15:dlm-kmp-default-4.12.14-25.19.1.x86_64", "SUSE Linux Enterprise High Availability Extension 15:gfs2-kmp-default-4.12.14-25.19.1.aarch64", "SUSE Linux Enterprise High Availability Extension 15:gfs2-kmp-default-4.12.14-25.19.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 15:gfs2-kmp-default-4.12.14-25.19.1.s390x", "SUSE Linux Enterprise High Availability Extension 15:gfs2-kmp-default-4.12.14-25.19.1.x86_64", "SUSE Linux Enterprise High Availability Extension 15:ocfs2-kmp-default-4.12.14-25.19.1.aarch64", "SUSE Linux Enterprise High Availability Extension 15:ocfs2-kmp-default-4.12.14-25.19.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 15:ocfs2-kmp-default-4.12.14-25.19.1.s390x", "SUSE Linux Enterprise High Availability Extension 15:ocfs2-kmp-default-4.12.14-25.19.1.x86_64", "SUSE Linux Enterprise Module for Basesystem 15:kernel-default-4.12.14-25.19.1.aarch64", "SUSE Linux Enterprise Module for Basesystem 15:kernel-default-4.12.14-25.19.1.ppc64le", "SUSE Linux Enterprise Module for Basesystem 15:kernel-default-4.12.14-25.19.1.s390x", "SUSE Linux Enterprise Module for Basesystem 15:kernel-default-4.12.14-25.19.1.x86_64", "SUSE Linux Enterprise Module for Basesystem 15:kernel-default-devel-4.12.14-25.19.1.aarch64", "SUSE Linux Enterprise Module for Basesystem 15:kernel-default-devel-4.12.14-25.19.1.ppc64le", "SUSE Linux Enterprise Module for Basesystem 15:kernel-default-devel-4.12.14-25.19.1.s390x", "SUSE Linux Enterprise Module for Basesystem 15:kernel-default-devel-4.12.14-25.19.1.x86_64", "SUSE Linux Enterprise Module for Basesystem 15:kernel-default-man-4.12.14-25.19.1.s390x", "SUSE Linux Enterprise Module for Basesystem 15:kernel-devel-4.12.14-25.19.1.noarch", "SUSE Linux Enterprise Module for Basesystem 15:kernel-macros-4.12.14-25.19.1.noarch", "SUSE Linux Enterprise Module for Basesystem 15:kernel-zfcpdump-4.12.14-25.19.1.s390x", "SUSE Linux Enterprise Module for Development Tools 15:kernel-docs-4.12.14-25.19.1.noarch", "SUSE Linux Enterprise Module for Development Tools 15:kernel-obs-build-4.12.14-25.19.1.aarch64", "SUSE Linux Enterprise Module for Development Tools 15:kernel-obs-build-4.12.14-25.19.1.ppc64le", "SUSE Linux Enterprise Module for Development Tools 15:kernel-obs-build-4.12.14-25.19.1.s390x", "SUSE Linux Enterprise Module for Development Tools 15:kernel-obs-build-4.12.14-25.19.1.x86_64", "SUSE Linux Enterprise Module for Development Tools 15:kernel-source-4.12.14-25.19.1.noarch", "SUSE Linux Enterprise Module for Development Tools 15:kernel-syms-4.12.14-25.19.1.aarch64", "SUSE Linux Enterprise Module for Development Tools 15:kernel-syms-4.12.14-25.19.1.ppc64le", "SUSE Linux Enterprise Module for Development Tools 15:kernel-syms-4.12.14-25.19.1.s390x", "SUSE Linux Enterprise Module for Development Tools 15:kernel-syms-4.12.14-25.19.1.x86_64", "SUSE Linux Enterprise Module for Development Tools 15:kernel-vanilla-base-4.12.14-25.19.1.aarch64", "SUSE Linux Enterprise Module for Development Tools 15:kernel-vanilla-base-4.12.14-25.19.1.ppc64le", "SUSE Linux Enterprise Module for Development Tools 15:kernel-vanilla-base-4.12.14-25.19.1.s390x", "SUSE Linux Enterprise Module for Development Tools 15:kernel-vanilla-base-4.12.14-25.19.1.x86_64", "SUSE Linux Enterprise Module for Legacy 15:reiserfs-kmp-default-4.12.14-25.19.1.aarch64", "SUSE Linux Enterprise Module for Legacy 15:reiserfs-kmp-default-4.12.14-25.19.1.ppc64le", "SUSE Linux Enterprise Module for Legacy 15:reiserfs-kmp-default-4.12.14-25.19.1.s390x", "SUSE Linux Enterprise Module for Legacy 15:reiserfs-kmp-default-4.12.14-25.19.1.x86_64", "SUSE Linux Enterprise Workstation Extension 15:kernel-default-extra-4.12.14-25.19.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 3.3, baseSeverity: "LOW", vectorString: "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L", version: "3.0", }, products: [ "SUSE Linux Enterprise High Availability Extension 15:cluster-md-kmp-default-4.12.14-25.19.1.aarch64", "SUSE Linux Enterprise High Availability Extension 15:cluster-md-kmp-default-4.12.14-25.19.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 15:cluster-md-kmp-default-4.12.14-25.19.1.s390x", "SUSE Linux Enterprise High Availability Extension 15:cluster-md-kmp-default-4.12.14-25.19.1.x86_64", "SUSE Linux Enterprise High Availability Extension 15:dlm-kmp-default-4.12.14-25.19.1.aarch64", "SUSE Linux Enterprise High Availability Extension 15:dlm-kmp-default-4.12.14-25.19.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 15:dlm-kmp-default-4.12.14-25.19.1.s390x", "SUSE Linux Enterprise High Availability Extension 15:dlm-kmp-default-4.12.14-25.19.1.x86_64", "SUSE Linux Enterprise High Availability Extension 15:gfs2-kmp-default-4.12.14-25.19.1.aarch64", "SUSE Linux Enterprise High Availability Extension 15:gfs2-kmp-default-4.12.14-25.19.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 15:gfs2-kmp-default-4.12.14-25.19.1.s390x", "SUSE Linux Enterprise High Availability Extension 15:gfs2-kmp-default-4.12.14-25.19.1.x86_64", "SUSE Linux Enterprise High Availability Extension 15:ocfs2-kmp-default-4.12.14-25.19.1.aarch64", "SUSE Linux Enterprise High Availability Extension 15:ocfs2-kmp-default-4.12.14-25.19.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 15:ocfs2-kmp-default-4.12.14-25.19.1.s390x", "SUSE Linux Enterprise High Availability Extension 15:ocfs2-kmp-default-4.12.14-25.19.1.x86_64", "SUSE Linux Enterprise Module for Basesystem 15:kernel-default-4.12.14-25.19.1.aarch64", "SUSE Linux Enterprise Module for Basesystem 15:kernel-default-4.12.14-25.19.1.ppc64le", "SUSE Linux Enterprise Module for Basesystem 15:kernel-default-4.12.14-25.19.1.s390x", "SUSE Linux Enterprise Module for Basesystem 15:kernel-default-4.12.14-25.19.1.x86_64", "SUSE Linux Enterprise Module for Basesystem 15:kernel-default-devel-4.12.14-25.19.1.aarch64", "SUSE Linux Enterprise Module for Basesystem 15:kernel-default-devel-4.12.14-25.19.1.ppc64le", "SUSE Linux Enterprise Module for Basesystem 15:kernel-default-devel-4.12.14-25.19.1.s390x", "SUSE Linux Enterprise Module for Basesystem 15:kernel-default-devel-4.12.14-25.19.1.x86_64", "SUSE Linux Enterprise Module for Basesystem 15:kernel-default-man-4.12.14-25.19.1.s390x", "SUSE Linux Enterprise Module for Basesystem 15:kernel-devel-4.12.14-25.19.1.noarch", "SUSE Linux Enterprise Module for Basesystem 15:kernel-macros-4.12.14-25.19.1.noarch", "SUSE Linux Enterprise Module for Basesystem 15:kernel-zfcpdump-4.12.14-25.19.1.s390x", "SUSE Linux Enterprise Module for Development Tools 15:kernel-docs-4.12.14-25.19.1.noarch", "SUSE Linux Enterprise Module for Development Tools 15:kernel-obs-build-4.12.14-25.19.1.aarch64", "SUSE Linux Enterprise Module for Development Tools 15:kernel-obs-build-4.12.14-25.19.1.ppc64le", "SUSE Linux Enterprise Module for Development Tools 15:kernel-obs-build-4.12.14-25.19.1.s390x", "SUSE Linux Enterprise Module for Development Tools 15:kernel-obs-build-4.12.14-25.19.1.x86_64", "SUSE Linux Enterprise Module for Development Tools 15:kernel-source-4.12.14-25.19.1.noarch", "SUSE Linux Enterprise Module for Development Tools 15:kernel-syms-4.12.14-25.19.1.aarch64", "SUSE Linux Enterprise Module for Development Tools 15:kernel-syms-4.12.14-25.19.1.ppc64le", "SUSE Linux Enterprise Module for Development Tools 15:kernel-syms-4.12.14-25.19.1.s390x", "SUSE Linux Enterprise Module for Development Tools 15:kernel-syms-4.12.14-25.19.1.x86_64", "SUSE Linux Enterprise Module for Development Tools 15:kernel-vanilla-base-4.12.14-25.19.1.aarch64", "SUSE Linux Enterprise Module for Development Tools 15:kernel-vanilla-base-4.12.14-25.19.1.ppc64le", "SUSE Linux Enterprise Module for Development Tools 15:kernel-vanilla-base-4.12.14-25.19.1.s390x", "SUSE Linux Enterprise Module for Development Tools 15:kernel-vanilla-base-4.12.14-25.19.1.x86_64", "SUSE Linux Enterprise Module for Legacy 15:reiserfs-kmp-default-4.12.14-25.19.1.aarch64", "SUSE Linux Enterprise Module for Legacy 15:reiserfs-kmp-default-4.12.14-25.19.1.ppc64le", "SUSE Linux Enterprise Module for Legacy 15:reiserfs-kmp-default-4.12.14-25.19.1.s390x", "SUSE Linux Enterprise Module for Legacy 15:reiserfs-kmp-default-4.12.14-25.19.1.x86_64", "SUSE Linux Enterprise Workstation Extension 15:kernel-default-extra-4.12.14-25.19.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2018-10-02T14:32:33Z", details: "low", }, ], title: "CVE-2018-6554", }, { cve: "CVE-2018-6555", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2018-6555", }, ], notes: [ { category: "general", text: "The irda_setsockopt function in net/irda/af_irda.c and later in drivers/staging/irda/net/af_irda.c in the Linux kernel before 4.17 allows local users to cause a denial of service (ias_object use-after-free and system crash) or possibly have unspecified other impact via an AF_IRDA socket.", title: "CVE description", }, ], product_status: { recommended: [ "SUSE Linux Enterprise High Availability Extension 15:cluster-md-kmp-default-4.12.14-25.19.1.aarch64", "SUSE Linux Enterprise High Availability Extension 15:cluster-md-kmp-default-4.12.14-25.19.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 15:cluster-md-kmp-default-4.12.14-25.19.1.s390x", "SUSE Linux Enterprise High Availability Extension 15:cluster-md-kmp-default-4.12.14-25.19.1.x86_64", "SUSE Linux Enterprise High Availability Extension 15:dlm-kmp-default-4.12.14-25.19.1.aarch64", "SUSE Linux Enterprise High Availability Extension 15:dlm-kmp-default-4.12.14-25.19.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 15:dlm-kmp-default-4.12.14-25.19.1.s390x", "SUSE Linux Enterprise High Availability Extension 15:dlm-kmp-default-4.12.14-25.19.1.x86_64", "SUSE Linux Enterprise High Availability Extension 15:gfs2-kmp-default-4.12.14-25.19.1.aarch64", "SUSE Linux Enterprise High Availability Extension 15:gfs2-kmp-default-4.12.14-25.19.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 15:gfs2-kmp-default-4.12.14-25.19.1.s390x", "SUSE Linux Enterprise High Availability Extension 15:gfs2-kmp-default-4.12.14-25.19.1.x86_64", "SUSE Linux Enterprise High Availability Extension 15:ocfs2-kmp-default-4.12.14-25.19.1.aarch64", "SUSE Linux Enterprise High Availability Extension 15:ocfs2-kmp-default-4.12.14-25.19.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 15:ocfs2-kmp-default-4.12.14-25.19.1.s390x", "SUSE Linux Enterprise High Availability Extension 15:ocfs2-kmp-default-4.12.14-25.19.1.x86_64", "SUSE Linux Enterprise Module for Basesystem 15:kernel-default-4.12.14-25.19.1.aarch64", "SUSE Linux Enterprise Module for Basesystem 15:kernel-default-4.12.14-25.19.1.ppc64le", "SUSE Linux Enterprise Module for Basesystem 15:kernel-default-4.12.14-25.19.1.s390x", "SUSE Linux Enterprise Module for Basesystem 15:kernel-default-4.12.14-25.19.1.x86_64", "SUSE Linux Enterprise Module for Basesystem 15:kernel-default-devel-4.12.14-25.19.1.aarch64", "SUSE Linux Enterprise Module for Basesystem 15:kernel-default-devel-4.12.14-25.19.1.ppc64le", "SUSE Linux Enterprise Module for Basesystem 15:kernel-default-devel-4.12.14-25.19.1.s390x", "SUSE Linux Enterprise Module for Basesystem 15:kernel-default-devel-4.12.14-25.19.1.x86_64", "SUSE Linux Enterprise Module for Basesystem 15:kernel-default-man-4.12.14-25.19.1.s390x", "SUSE Linux Enterprise Module for Basesystem 15:kernel-devel-4.12.14-25.19.1.noarch", "SUSE Linux Enterprise Module for Basesystem 15:kernel-macros-4.12.14-25.19.1.noarch", "SUSE Linux Enterprise Module for Basesystem 15:kernel-zfcpdump-4.12.14-25.19.1.s390x", "SUSE Linux Enterprise Module for Development Tools 15:kernel-docs-4.12.14-25.19.1.noarch", "SUSE Linux Enterprise Module for Development Tools 15:kernel-obs-build-4.12.14-25.19.1.aarch64", "SUSE Linux Enterprise Module for Development Tools 15:kernel-obs-build-4.12.14-25.19.1.ppc64le", "SUSE Linux Enterprise Module for Development Tools 15:kernel-obs-build-4.12.14-25.19.1.s390x", "SUSE Linux Enterprise Module for Development Tools 15:kernel-obs-build-4.12.14-25.19.1.x86_64", "SUSE Linux Enterprise Module for Development Tools 15:kernel-source-4.12.14-25.19.1.noarch", "SUSE Linux Enterprise Module for Development Tools 15:kernel-syms-4.12.14-25.19.1.aarch64", "SUSE Linux Enterprise Module for Development Tools 15:kernel-syms-4.12.14-25.19.1.ppc64le", "SUSE Linux Enterprise Module for Development Tools 15:kernel-syms-4.12.14-25.19.1.s390x", "SUSE Linux Enterprise Module for Development Tools 15:kernel-syms-4.12.14-25.19.1.x86_64", "SUSE Linux Enterprise Module for Development Tools 15:kernel-vanilla-base-4.12.14-25.19.1.aarch64", "SUSE Linux Enterprise Module for Development Tools 15:kernel-vanilla-base-4.12.14-25.19.1.ppc64le", "SUSE Linux Enterprise Module for Development Tools 15:kernel-vanilla-base-4.12.14-25.19.1.s390x", "SUSE Linux Enterprise Module for Development Tools 15:kernel-vanilla-base-4.12.14-25.19.1.x86_64", "SUSE Linux Enterprise Module for Legacy 15:reiserfs-kmp-default-4.12.14-25.19.1.aarch64", "SUSE Linux Enterprise Module for Legacy 15:reiserfs-kmp-default-4.12.14-25.19.1.ppc64le", "SUSE Linux Enterprise Module for Legacy 15:reiserfs-kmp-default-4.12.14-25.19.1.s390x", "SUSE Linux Enterprise Module for Legacy 15:reiserfs-kmp-default-4.12.14-25.19.1.x86_64", "SUSE Linux Enterprise Workstation Extension 15:kernel-default-extra-4.12.14-25.19.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2018-6555", url: "https://www.suse.com/security/cve/CVE-2018-6555", }, { category: "external", summary: "SUSE Bug 1106509 for CVE-2018-6555", url: "https://bugzilla.suse.com/1106509", }, { category: "external", summary: "SUSE Bug 1106511 for CVE-2018-6555", url: "https://bugzilla.suse.com/1106511", }, { category: "external", summary: "SUSE Bug 1115893 for CVE-2018-6555", url: "https://bugzilla.suse.com/1115893", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE Linux Enterprise High Availability Extension 15:cluster-md-kmp-default-4.12.14-25.19.1.aarch64", "SUSE Linux Enterprise High Availability Extension 15:cluster-md-kmp-default-4.12.14-25.19.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 15:cluster-md-kmp-default-4.12.14-25.19.1.s390x", "SUSE Linux Enterprise High Availability Extension 15:cluster-md-kmp-default-4.12.14-25.19.1.x86_64", "SUSE Linux Enterprise High Availability Extension 15:dlm-kmp-default-4.12.14-25.19.1.aarch64", "SUSE Linux Enterprise High Availability Extension 15:dlm-kmp-default-4.12.14-25.19.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 15:dlm-kmp-default-4.12.14-25.19.1.s390x", "SUSE Linux Enterprise High Availability Extension 15:dlm-kmp-default-4.12.14-25.19.1.x86_64", "SUSE Linux Enterprise High Availability Extension 15:gfs2-kmp-default-4.12.14-25.19.1.aarch64", "SUSE Linux Enterprise High Availability Extension 15:gfs2-kmp-default-4.12.14-25.19.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 15:gfs2-kmp-default-4.12.14-25.19.1.s390x", "SUSE Linux Enterprise High Availability Extension 15:gfs2-kmp-default-4.12.14-25.19.1.x86_64", "SUSE Linux Enterprise High Availability Extension 15:ocfs2-kmp-default-4.12.14-25.19.1.aarch64", "SUSE Linux Enterprise High Availability Extension 15:ocfs2-kmp-default-4.12.14-25.19.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 15:ocfs2-kmp-default-4.12.14-25.19.1.s390x", "SUSE Linux Enterprise High Availability Extension 15:ocfs2-kmp-default-4.12.14-25.19.1.x86_64", "SUSE Linux Enterprise Module for Basesystem 15:kernel-default-4.12.14-25.19.1.aarch64", "SUSE Linux Enterprise Module for Basesystem 15:kernel-default-4.12.14-25.19.1.ppc64le", "SUSE Linux Enterprise Module for Basesystem 15:kernel-default-4.12.14-25.19.1.s390x", "SUSE Linux Enterprise Module for Basesystem 15:kernel-default-4.12.14-25.19.1.x86_64", "SUSE Linux Enterprise Module for Basesystem 15:kernel-default-devel-4.12.14-25.19.1.aarch64", "SUSE Linux Enterprise Module for Basesystem 15:kernel-default-devel-4.12.14-25.19.1.ppc64le", "SUSE Linux Enterprise Module for Basesystem 15:kernel-default-devel-4.12.14-25.19.1.s390x", "SUSE Linux Enterprise Module for Basesystem 15:kernel-default-devel-4.12.14-25.19.1.x86_64", "SUSE Linux Enterprise Module for Basesystem 15:kernel-default-man-4.12.14-25.19.1.s390x", "SUSE Linux Enterprise Module for Basesystem 15:kernel-devel-4.12.14-25.19.1.noarch", "SUSE Linux Enterprise Module for Basesystem 15:kernel-macros-4.12.14-25.19.1.noarch", "SUSE Linux Enterprise Module for Basesystem 15:kernel-zfcpdump-4.12.14-25.19.1.s390x", "SUSE Linux Enterprise Module for Development Tools 15:kernel-docs-4.12.14-25.19.1.noarch", "SUSE Linux Enterprise Module for Development Tools 15:kernel-obs-build-4.12.14-25.19.1.aarch64", "SUSE Linux Enterprise Module for Development Tools 15:kernel-obs-build-4.12.14-25.19.1.ppc64le", "SUSE Linux Enterprise Module for Development Tools 15:kernel-obs-build-4.12.14-25.19.1.s390x", "SUSE Linux Enterprise Module for Development Tools 15:kernel-obs-build-4.12.14-25.19.1.x86_64", "SUSE Linux Enterprise Module for Development Tools 15:kernel-source-4.12.14-25.19.1.noarch", "SUSE Linux Enterprise Module for Development Tools 15:kernel-syms-4.12.14-25.19.1.aarch64", "SUSE Linux Enterprise Module for Development Tools 15:kernel-syms-4.12.14-25.19.1.ppc64le", "SUSE Linux Enterprise Module for Development Tools 15:kernel-syms-4.12.14-25.19.1.s390x", "SUSE Linux Enterprise Module for Development Tools 15:kernel-syms-4.12.14-25.19.1.x86_64", "SUSE Linux Enterprise Module for Development Tools 15:kernel-vanilla-base-4.12.14-25.19.1.aarch64", "SUSE Linux Enterprise Module for Development Tools 15:kernel-vanilla-base-4.12.14-25.19.1.ppc64le", "SUSE Linux Enterprise Module for Development Tools 15:kernel-vanilla-base-4.12.14-25.19.1.s390x", "SUSE Linux Enterprise Module for Development Tools 15:kernel-vanilla-base-4.12.14-25.19.1.x86_64", "SUSE Linux Enterprise Module for Legacy 15:reiserfs-kmp-default-4.12.14-25.19.1.aarch64", "SUSE Linux Enterprise Module for Legacy 15:reiserfs-kmp-default-4.12.14-25.19.1.ppc64le", "SUSE Linux Enterprise Module for Legacy 15:reiserfs-kmp-default-4.12.14-25.19.1.s390x", "SUSE Linux Enterprise Module for Legacy 15:reiserfs-kmp-default-4.12.14-25.19.1.x86_64", "SUSE Linux Enterprise Workstation Extension 15:kernel-default-extra-4.12.14-25.19.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 4.4, baseSeverity: "MEDIUM", vectorString: "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:L", version: "3.0", }, products: [ "SUSE Linux Enterprise High Availability Extension 15:cluster-md-kmp-default-4.12.14-25.19.1.aarch64", "SUSE Linux Enterprise High Availability Extension 15:cluster-md-kmp-default-4.12.14-25.19.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 15:cluster-md-kmp-default-4.12.14-25.19.1.s390x", "SUSE Linux Enterprise High Availability Extension 15:cluster-md-kmp-default-4.12.14-25.19.1.x86_64", "SUSE Linux Enterprise High Availability Extension 15:dlm-kmp-default-4.12.14-25.19.1.aarch64", "SUSE Linux Enterprise High Availability Extension 15:dlm-kmp-default-4.12.14-25.19.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 15:dlm-kmp-default-4.12.14-25.19.1.s390x", "SUSE Linux Enterprise High Availability Extension 15:dlm-kmp-default-4.12.14-25.19.1.x86_64", "SUSE Linux Enterprise High Availability Extension 15:gfs2-kmp-default-4.12.14-25.19.1.aarch64", "SUSE Linux Enterprise High Availability Extension 15:gfs2-kmp-default-4.12.14-25.19.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 15:gfs2-kmp-default-4.12.14-25.19.1.s390x", "SUSE Linux Enterprise High Availability Extension 15:gfs2-kmp-default-4.12.14-25.19.1.x86_64", "SUSE Linux Enterprise High Availability Extension 15:ocfs2-kmp-default-4.12.14-25.19.1.aarch64", "SUSE Linux Enterprise High Availability Extension 15:ocfs2-kmp-default-4.12.14-25.19.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 15:ocfs2-kmp-default-4.12.14-25.19.1.s390x", "SUSE Linux Enterprise High Availability Extension 15:ocfs2-kmp-default-4.12.14-25.19.1.x86_64", "SUSE Linux Enterprise Module for Basesystem 15:kernel-default-4.12.14-25.19.1.aarch64", "SUSE Linux Enterprise Module for Basesystem 15:kernel-default-4.12.14-25.19.1.ppc64le", "SUSE Linux Enterprise Module for Basesystem 15:kernel-default-4.12.14-25.19.1.s390x", "SUSE Linux Enterprise Module for Basesystem 15:kernel-default-4.12.14-25.19.1.x86_64", "SUSE Linux Enterprise Module for Basesystem 15:kernel-default-devel-4.12.14-25.19.1.aarch64", "SUSE Linux Enterprise Module for Basesystem 15:kernel-default-devel-4.12.14-25.19.1.ppc64le", "SUSE Linux Enterprise Module for Basesystem 15:kernel-default-devel-4.12.14-25.19.1.s390x", "SUSE Linux Enterprise Module for Basesystem 15:kernel-default-devel-4.12.14-25.19.1.x86_64", "SUSE Linux Enterprise Module for Basesystem 15:kernel-default-man-4.12.14-25.19.1.s390x", "SUSE Linux Enterprise Module for Basesystem 15:kernel-devel-4.12.14-25.19.1.noarch", "SUSE Linux Enterprise Module for Basesystem 15:kernel-macros-4.12.14-25.19.1.noarch", "SUSE Linux Enterprise Module for Basesystem 15:kernel-zfcpdump-4.12.14-25.19.1.s390x", "SUSE Linux Enterprise Module for Development Tools 15:kernel-docs-4.12.14-25.19.1.noarch", "SUSE Linux Enterprise Module for Development Tools 15:kernel-obs-build-4.12.14-25.19.1.aarch64", "SUSE Linux Enterprise Module for Development Tools 15:kernel-obs-build-4.12.14-25.19.1.ppc64le", "SUSE Linux Enterprise Module for Development Tools 15:kernel-obs-build-4.12.14-25.19.1.s390x", "SUSE Linux Enterprise Module for Development Tools 15:kernel-obs-build-4.12.14-25.19.1.x86_64", "SUSE Linux Enterprise Module for Development Tools 15:kernel-source-4.12.14-25.19.1.noarch", "SUSE Linux Enterprise Module for Development Tools 15:kernel-syms-4.12.14-25.19.1.aarch64", "SUSE Linux Enterprise Module for Development Tools 15:kernel-syms-4.12.14-25.19.1.ppc64le", "SUSE Linux Enterprise Module for Development Tools 15:kernel-syms-4.12.14-25.19.1.s390x", "SUSE Linux Enterprise Module for Development Tools 15:kernel-syms-4.12.14-25.19.1.x86_64", "SUSE Linux Enterprise Module for Development Tools 15:kernel-vanilla-base-4.12.14-25.19.1.aarch64", "SUSE Linux Enterprise Module for Development Tools 15:kernel-vanilla-base-4.12.14-25.19.1.ppc64le", "SUSE Linux Enterprise Module for Development Tools 15:kernel-vanilla-base-4.12.14-25.19.1.s390x", "SUSE Linux Enterprise Module for Development Tools 15:kernel-vanilla-base-4.12.14-25.19.1.x86_64", "SUSE Linux Enterprise Module for Legacy 15:reiserfs-kmp-default-4.12.14-25.19.1.aarch64", "SUSE Linux Enterprise Module for Legacy 15:reiserfs-kmp-default-4.12.14-25.19.1.ppc64le", "SUSE Linux Enterprise Module for Legacy 15:reiserfs-kmp-default-4.12.14-25.19.1.s390x", "SUSE Linux Enterprise Module for Legacy 15:reiserfs-kmp-default-4.12.14-25.19.1.x86_64", "SUSE Linux Enterprise Workstation Extension 15:kernel-default-extra-4.12.14-25.19.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2018-10-02T14:32:33Z", details: "moderate", }, ], title: "CVE-2018-6555", }, ], }
suse-su-2018:3084-1
Vulnerability from csaf_suse
Published
2018-10-09 12:00
Modified
2018-10-09 12:00
Summary
Security update for the Linux Kernel
Notes
Title of the patch
Security update for the Linux Kernel
Description of the patch
The SUSE Linux Enterprise 12 SP2 LTSS kernel was updated to receive various security and bugfixes.
- CVE-2018-10853: A flaw was found in the way the KVM hypervisor emulated instructions such as sgdt/sidt/fxsave/fxrstor. It did not check current privilege(CPL) level while emulating unprivileged instructions. An unprivileged guest user/process could use this flaw to potentially escalate privileges inside guest (bnc#1097104).
- CVE-2018-10876: A flaw was found in Linux kernel in the ext4 filesystem code. A use-after-free is possible in ext4_ext_remove_space() function when mounting and operating a crafted ext4 image. (bnc#1099811)
- CVE-2018-10877: Linux kernel ext4 filesystem is vulnerable to an out-of-bound access in the ext4_ext_drop_refs() function when operating on a crafted ext4 filesystem image. (bnc#1099846)
- CVE-2018-10878: A flaw was found in the Linux kernel's ext4 filesystem. A local user can cause an out-of-bounds write and a denial of service or unspecified other impact is possible by mounting and operating a crafted ext4 filesystem image. (bnc#1099813)
- CVE-2018-10879: A flaw was found in the Linux kernel's ext4 filesystem. A local user can cause a use-after-free in ext4_xattr_set_entry function and a denial of service or unspecified other impact may occur by renaming a file in a crafted ext4 filesystem image. (bnc#1099844)
- CVE-2018-10880: Linux kernel is vulnerable to a stack-out-of-bounds write in the ext4 filesystem code when mounting and writing to a crafted ext4 image in ext4_update_inline_data(). An attacker could use this to cause a system crash and a denial of service. (bnc#1099845)
- CVE-2018-10881: A flaw was found in the Linux kernel's ext4 filesystem. A local user can cause an out-of-bound access in ext4_get_group_info function, a denial of service, and a system crash by mounting and operating on a crafted ext4 filesystem image. (bnc#1099864)
- CVE-2018-10882: A flaw was found in the Linux kernel's ext4 filesystem. A local user can cause an out-of-bound write in in fs/jbd2/transaction.c code, a denial of service, and a system crash by unmounting a crafted ext4 filesystem image. (bnc#1099849)
- CVE-2018-10883: A flaw was found in the Linux kernel's ext4 filesystem. A local user can cause an out-of-bounds write in jbd2_journal_dirty_metadata(), a denial of service, and a system crash by mounting and operating on a crafted ext4 filesystem image. (bnc#1099863)
- CVE-2018-10902: It was found that the raw midi kernel driver did not protect against concurrent access which leads to a double realloc (double free) in snd_rawmidi_input_params() and snd_rawmidi_output_status() which are part of snd_rawmidi_ioctl() handler in rawmidi.c file. A malicious local attacker could possibly use this for privilege escalation (bnc#1105322).
- CVE-2018-10938: A crafted network packet sent remotely by an attacker may force the kernel to enter an infinite loop in the cipso_v4_optptr() function in net/ipv4/cipso_ipv4.c leading to a denial-of-service. A certain non-default configuration of LSM (Linux Security Module) and NetLabel should be set up on a system before an attacker could leverage this flaw (bnc#1106016).
- CVE-2018-10940: The cdrom_ioctl_media_changed function in drivers/cdrom/cdrom.c allowed local attackers to use a incorrect bounds check in the CDROM driver CDROM_MEDIA_CHANGED ioctl to read out kernel memory (bnc#1092903).
- CVE-2018-12896: An Integer Overflow in kernel/time/posix-timers.c in the POSIX timer code is caused by the way the overrun accounting works. Depending on interval and expiry time values, the overrun can be larger than INT_MAX, but the accounting is int based. This basically made the accounting values, which are visible to user space via timer_getoverrun(2) and siginfo::si_overrun, random. For example, a local user can cause a denial of service (signed integer overflow) via crafted mmap, futex, timer_create, and timer_settime system calls (bnc#1099922).
- CVE-2018-13093: There is a NULL pointer dereference and panic in lookup_slow() on a NULL inode->i_ops pointer when doing pathwalks on a corrupted xfs image. This occurs because of a lack of proper validation that cached inodes are free during allocation (bnc#1100001).
- CVE-2018-13094: An OOPS may occur for a corrupted xfs image after xfs_da_shrink_inode() is called with a NULL bp (bnc#1100000).
- CVE-2018-13095: A denial of service (memory corruption and BUG) can occur for a corrupted xfs image upon encountering an inode that is in extent format, but has more extents than fit in the inode fork (bnc#1099999).
- CVE-2018-14617: There is a NULL pointer dereference and panic in hfsplus_lookup() in fs/hfsplus/dir.c when opening a file (that is purportedly a hard link) in an hfs+ filesystem that has malformed catalog data, and is mounted read-only without a metadata directory (bnc#1102870).
- CVE-2018-14678: The xen_failsafe_callback entry point in arch/x86/entry/entry_64.S did not properly maintain RBX, which allowed local users to cause a denial of service (uninitialized memory usage and system crash). Within Xen, 64-bit x86 PV Linux guest OS users can trigger a guest OS crash or possibly gain privileges (bnc#1102715).
- CVE-2018-15572: The spectre_v2_select_mitigation function in arch/x86/kernel/cpu/bugs.c did not always fill RSB upon a context switch, which made it easier for attackers to conduct userspace-userspace spectreRSB attacks (bnc#1102517 bnc#1105296).
- CVE-2018-15594: arch/x86/kernel/paravirt.c mishandled certain indirect calls, which made it easier for attackers to conduct Spectre-v2 attacks against paravirtual guests (bnc#1105348).
- CVE-2018-16276: Local attackers could use user access read/writes with incorrect bounds checking in the yurex USB driver to crash the kernel or potentially escalate privileges (bnc#1106095).
- CVE-2018-16658: An information leak in cdrom_ioctl_drive_status in drivers/cdrom/cdrom.c could be used by local attackers to read kernel memory because a cast from unsigned long to int interferes with bounds checking. This is similar to CVE-2018-10940 (bnc#1107689).
- CVE-2018-17182: The vmacache_flush_all function in mm/vmacache.c mishandled sequence number overflows. An attacker can trigger a use-after-free (and possibly gain privileges) via certain thread creation, map, unmap, invalidation, and dereference operations (bnc#1108399).
- CVE-2018-6554: Memory leak in the irda_bind function in net/irda/af_irda.c and later in drivers/staging/irda/net/af_irda.c allowed local users to cause a denial of service (memory consumption) by repeatedly binding an AF_IRDA socket (bnc#1106509).
- CVE-2018-6555: The irda_setsockopt function in net/irda/af_irda.c and later in drivers/staging/irda/net/af_irda.c allowed local users to cause a denial of service (ias_object use-after-free and system crash) or possibly have unspecified other impact via an AF_IRDA socket (bnc#1106511).
- CVE-2018-7757: Memory leak in the sas_smp_get_phy_events function in drivers/scsi/libsas/sas_expander.c allowed local users to cause a denial of service (memory consumption) via many read accesses to files in the /sys/class/sas_phy directory, as demonstrated by the /sys/class/sas_phy/phy-1:0:12/invalid_dword_count file (bnc#1084536).
- CVE-2018-9363: A buffer overflow in bluetooth HID report processing could be used by malicious bluetooth devices to crash the kernel or potentially execute code (bnc#1105292).
The following security bugs were fixed:
- CVE-2018-7480: The blkcg_init_queue function in block/blk-cgroup.c allowed local users to cause a denial of service (double free) or possibly have unspecified other impact by triggering a creation failure (bnc#1082863).
The following non-security bugs were fixed:
- atm: Preserve value of skb->truesize when accounting to vcc (bsc#1089066).
- bcache: avoid unncessary cache prefetch bch_btree_node_get() (bsc#1064232).
- bcache: calculate the number of incremental GC nodes according to the total of btree nodes (bsc#1064232).
- bcache: display rate debug parameters to 0 when writeback is not running (bsc#1064232).
- bcache: do not check return value of debugfs_create_dir() (bsc#1064232).
- bcache: finish incremental GC (bsc#1064232).
- bcache: fix error setting writeback_rate through sysfs interface (bsc#1064232).
- bcache: fix I/O significant decline while backend devices registering (bsc#1064232).
- bcache: free heap cache_set->flush_btree in bch_journal_free (bsc#1064232).
- bcache: make the pr_err statement used for ENOENT only in sysfs_attatch section (bsc#1064232).
- bcache: release dc->writeback_lock properly in bch_writeback_thread() (bsc#1064232).
- bcache: set max writeback rate when I/O request is idle (bsc#1064232).
- bcache: simplify the calculation of the total amount of flash dirty data (bsc#1064232).
- ext4: check for allocation block validity with block group locked (bsc#1104495).
- ext4: do not update checksum of new initialized bitmaps (bnc#1012382).
- ext4: fix check to prevent initializing reserved inodes (bsc#1104319).
- ext4: fix false negatives *and* false positives in ext4_check_descriptors() (bsc#1103445).
- ibmvnic: Include missing return code checks in reset function (bnc#1107966).
- kABI: protect struct x86_emulate_ops (kabi).
- kabi/severities: Ignore missing cpu_tss_tramp (bsc#1099597)
- kabi: x86/speculation/l1tf: Increase l1tf memory limit for Nehalem+ (bnc#1105536).
- kvm: MMU: always terminate page walks at level 1 (bsc#1062604).
- kvm: MMU: simplify last_pte_bitmap (bsc#1062604).
- kvm: nVMX: update last_nonleaf_level when initializing nested EPT (bsc#1062604).
- kvm: VMX: fixes for vmentry_l1d_flush module parameter (bsc#1106369).
- kvm: VMX: Work around kABI breakage in 'enum vmx_l1d_flush_state' (bsc#1106369).
- net: add skb_condense() helper (bsc#1089066).
- net: adjust skb->truesize in pskb_expand_head() (bsc#1089066).
- net: adjust skb->truesize in ___pskb_trim() (bsc#1089066).
- net: ena: Eliminate duplicate barriers on weakly-ordered archs (bsc#1108239).
- net: ena: fix device destruction to gracefully free resources (bsc#1108239).
- net: ena: fix driver when PAGE_SIZE == 64kB (bsc#1108239).
- net: ena: fix incorrect usage of memory barriers (bsc#1108239).
- net: ena: fix missing calls to READ_ONCE (bsc#1108239).
- net: ena: fix missing lock during device destruction (bsc#1108239).
- net: ena: fix potential double ena_destroy_device() (bsc#1108239).
- net: ena: fix surprise unplug NULL dereference kernel crash (bsc#1108239).
- net: ena: Fix use of uninitialized DMA address bits field (bsc#1108239).
- netfilter: xt_CT: fix refcnt leak on error path (bnc#1012382 bsc#1100152).
- netlink: do not enter direct reclaim from netlink_trim() (bsc#1042286).
- nfs: Use an appropriate work queue for direct-write completion (bsc#1082519).
- ovl: fix random return value on mount (bsc#1099993).
- ovl: fix uid/gid when creating over whiteout (bsc#1099993).
- ovl: modify ovl_permission() to do checks on two inodes (bsc#1106512).
- ovl: override creds with the ones from the superblock mounter (bsc#1099993).
- powerpc: Avoid code patching freed init sections (bnc#1107735).
- powerpc/livepatch: Fix livepatch stack access (bsc#1094466).
- powerpc/modules: Do not try to restore r2 after a sibling call (bsc#1094466).
- powerpc/tm: Avoid possible userspace r1 corruption on reclaim (bsc#1109333).
- powerpc/tm: Fix userspace r13 corruption (bsc#1109333).
- provide special timeout module parameters for EC2 (bsc#1065364).
- stop_machine: Atomically queue and wake stopper threads (git-fixes).
- stop_machine, sched: Fix migrate_swap() vs. active_balance() deadlock (bsc#1088810).
- usbip: vhci_sysfs: fix potential Spectre v1 (bsc#1096547).
- x86/entry/64: Remove %ebx handling from error_entry/exit (bnc#1102715).
- x86/speculation/l1tf: Fix off-by-one error when warning that system has too much RAM (bnc#1105536).
- x86/speculation/l1tf: Increase l1tf memory limit for Nehalem+ (bnc#1105536).
- x86/speculation/l1tf: Suggest what to do on systems with too much RAM (bnc#1105536).
- x86/speculation: Use ARCH_CAPABILITIES to skip L1D flush on vmentry (bsc#1106369).
- x86: Drop kernel trampoline stack. It is involved in breaking kdump/kexec infrastucture. (bsc#1099597)
- xen: avoid crash in disable_hotplug_cpu (bsc#1106594).
- xen/blkback: do not keep persistent grants too long (bsc#1085042).
- xen/blkback: move persistent grants flags to bool (bsc#1085042).
- xen/blkfront: cleanup stale persistent grants (bsc#1085042).
- xen/blkfront: reorder tests in xlblk_init() (bsc#1085042).
- xfs: add a new xfs_iext_lookup_extent_before helper (bsc#1095344).
- xfs: add asserts for the mmap lock in xfs_{insert,collapse}_file_space (bsc#1095344).
- xfs: add a xfs_bmap_fork_to_state helper (bsc#1095344).
- xfs: add a xfs_iext_update_extent helper (bsc#1095344).
- xfs: add comments documenting the rebalance algorithm (bsc#1095344).
- xfs: add some comments to xfs_iext_insert/xfs_iext_insert_node (bsc#1095344).
- xfs: add xfs_trim_extent (bsc#1095344).
- xfs: allow unaligned extent records in xfs_bmbt_disk_set_all (bsc#1095344).
- xfs: borrow indirect blocks from freed extent when available (bsc#1095344).
- xfs: cleanup xfs_bmap_last_before (bsc#1095344).
- xfs: do not create overlapping extents in xfs_bmap_add_extent_delay_real (bsc#1095344).
- xfs: do not rely on extent indices in xfs_bmap_collapse_extents (bsc#1095344).
- xfs: do not rely on extent indices in xfs_bmap_insert_extents (bsc#1095344).
- xfs: do not set XFS_BTCUR_BPRV_WASDEL in xfs_bunmapi (bsc#1095344).
- xfs: during btree split, save new block key & ptr for future insertion (bsc#1095344).
- xfs: factor out a helper to initialize a local format inode fork (bsc#1095344).
- xfs: fix memory leak in xfs_iext_free_last_leaf (bsc#1095344).
- xfs: fix number of records handling in xfs_iext_split_leaf (bsc#1095344).
- xfs: handle indlen shortage on delalloc extent merge (bsc#1095344).
- xfs: handle zero entries case in xfs_iext_rebalance_leaf (bsc#1095344).
- xfs: improve kmem_realloc (bsc#1095344).
- xfs: inline xfs_shift_file_space into callers (bsc#1095344).
- xfs: introduce the xfs_iext_cursor abstraction (bsc#1095344).
- xfs: iterate over extents in xfs_bmap_extents_to_btree (bsc#1095344).
- xfs: iterate over extents in xfs_iextents_copy (bsc#1095344).
- xfs: make better use of the 'state' variable in xfs_bmap_del_extent_real (bsc#1095344).
- xfs: merge xfs_bmap_read_extents into xfs_iread_extents (bsc#1095344).
- xfs: move pre/post-bmap tracing into xfs_iext_update_extent (bsc#1095344).
- xfs: move some code around inside xfs_bmap_shift_extents (bsc#1095344).
- xfs: move some more code into xfs_bmap_del_extent_real (bsc#1095344).
- xfs: move xfs_bmbt_irec and xfs_exntst_t to xfs_types.h (bsc#1095344).
- xfs: move xfs_iext_insert tracepoint to report useful information (bsc#1095344).
- xfs: new inode extent list lookup helpers (bsc#1095344).
- xfs: pass an on-disk extent to xfs_bmbt_validate_extent (bsc#1095344).
- xfs: pass a struct xfs_bmbt_irec to xfs_bmbt_lookup_eq (bsc#1095344).
- xfs: pass a struct xfs_bmbt_irec to xfs_bmbt_update (bsc#1095344).
- xfs: pass struct xfs_bmbt_irec to xfs_bmbt_validate_extent (bsc#1095344).
- xfs: provide helper for counting extents from if_bytes (bsc#1095344).
- xfs: refactor delalloc accounting in xfs_bmap_add_extent_delay_real (bsc#1095344).
- xfs: refactor delalloc indlen reservation split into helper (bsc#1095344).
- xfs: refactor dir2 leaf readahead shadow buffer cleverness (bsc#1095344).
- xfs: refactor xfs_bmap_add_extent_delay_real (bsc#1095344).
- xfs: refactor xfs_bmap_add_extent_hole_delay (bsc#1095344).
- xfs: refactor xfs_bmap_add_extent_hole_real (bsc#1095344).
- xfs: refactor xfs_bmap_add_extent_unwritten_real (bsc#1095344).
- xfs: refactor xfs_bunmapi_cow (bsc#1095344).
- xfs: refactor xfs_del_extent_real (bsc#1095344).
- xfs: remove a duplicate assignment in xfs_bmap_add_extent_delay_real (bsc#1095344).
- xfs: remove all xfs_bmbt_set_* helpers except for xfs_bmbt_set_all (bsc#1095344).
- xfs: remove a superflous assignment in xfs_iext_remove_node (bsc#1095344).
- xfs: Remove dead code from inode recover function (bsc#1105396).
- xfs: remove if_rdev (bsc#1095344).
- xfs: remove prev argument to xfs_bmapi_reserve_delalloc (bsc#1095344).
- xfs: remove support for inlining data/extents into the inode fork (bsc#1095344).
- xfs: remove the never fully implemented UUID fork format (bsc#1095344).
- xfs: remove the nr_extents argument to xfs_iext_insert (bsc#1095344).
- xfs: remove the nr_extents argument to xfs_iext_remove (bsc#1095344).
- xfs: remove XFS_BMAP_MAX_SHIFT_EXTENTS (bsc#1095344).
- xfs: remove XFS_BMAP_TRACE_EXLIST (bsc#1095344).
- xfs: remove xfs_bmbt_get_state (bsc#1095344).
- xfs: remove xfs_bmse_shift_one (bsc#1095344).
- xfs: rename bno to end in __xfs_bunmapi (bsc#1095344).
- xfs: repair malformed inode items during log recovery (bsc#1105396).
- xfs: replace xfs_bmbt_lookup_ge with xfs_bmbt_lookup_first (bsc#1095344).
- xfs: replace xfs_qm_get_rtblks with a direct call to xfs_bmap_count_leaves (bsc#1095344).
- xfs: rewrite getbmap using the xfs_iext_* helpers (bsc#1095344).
- xfs: rewrite xfs_bmap_count_leaves using xfs_iext_get_extent (bsc#1095344).
- xfs: rewrite xfs_bmap_first_unused to make better use of xfs_iext_get_extent (bsc#1095344).
- xfs: simplify the xfs_getbmap interface (bsc#1095344).
- xfs: simplify validation of the unwritten extent bit (bsc#1095344).
- xfs: split indlen reservations fairly when under reserved (bsc#1095344).
- xfs: split xfs_bmap_shift_extents (bsc#1095344).
- xfs: switch xfs_bmap_local_to_extents to use xfs_iext_insert (bsc#1095344).
- xfs: treat idx as a cursor in xfs_bmap_add_extent_delay_real (bsc#1095344).
- xfs: treat idx as a cursor in xfs_bmap_add_extent_hole_delay (bsc#1095344).
- xfs: treat idx as a cursor in xfs_bmap_add_extent_hole_real (bsc#1095344).
- xfs: treat idx as a cursor in xfs_bmap_add_extent_unwritten_real (bsc#1095344).
- xfs: treat idx as a cursor in xfs_bmap_collapse_extents (bsc#1095344).
- xfs: treat idx as a cursor in xfs_bmap_del_extent_* (bsc#1095344).
- xfs: update freeblocks counter after extent deletion (bsc#1095344).
- xfs: update got in xfs_bmap_shift_update_extent (bsc#1095344).
- xfs: use a b+tree for the in-core extent list (bsc#1095344).
- xfs: use correct state defines in xfs_bmap_del_extent_{cow,delay} (bsc#1095344).
- xfs: use new extent lookup helpers in xfs_bmapi_read (bsc#1095344).
- xfs: use new extent lookup helpers in xfs_bmapi_write (bsc#1095344).
- xfs: use new extent lookup helpers in __xfs_bunmapi (bsc#1095344).
- xfs: use the state defines in xfs_bmap_del_extent_real (bsc#1095344).
- xfs: use xfs_bmap_del_extent_delay for the data fork as well (bsc#1095344).
- xfs: use xfs_iext_*_extent helpers in xfs_bmap_shift_extents (bsc#1095344).
- xfs: use xfs_iext_*_extent helpers in xfs_bmap_split_extent_at (bsc#1095344).
- xfs: use xfs_iext_get_extent instead of open coding it (bsc#1095344).
- xfs: use xfs_iext_get_extent in xfs_bmap_first_unused (bsc#1095344).
Patchnames
SUSE-OpenStack-Cloud-7-2018-2188,SUSE-OpenStack-Cloud-Magnum-Orchestration-7-2018-2188,SUSE-SLE-HA-12-SP2-2018-2188,SUSE-SLE-SAP-12-SP2-2018-2188,SUSE-SLE-SERVER-12-SP2-2018-2188,SUSE-SLE-SERVER-12-SP2-BCL-2018-2188,SUSE-Storage-4-2018-2188
Terms of use
CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).
{ document: { aggregate_severity: { namespace: "https://www.suse.com/support/security/rating/", text: "important", }, category: "csaf_security_advisory", csaf_version: "2.0", distribution: { text: "Copyright 2024 SUSE LLC. All rights reserved.", tlp: { label: "WHITE", url: "https://www.first.org/tlp/", }, }, lang: "en", notes: [ { category: "summary", text: "Security update for the Linux Kernel", title: "Title of the patch", }, { category: "description", text: "\n\nThe SUSE Linux Enterprise 12 SP2 LTSS kernel was updated to receive various security and bugfixes.\n\n- CVE-2018-10853: A flaw was found in the way the KVM hypervisor emulated instructions such as sgdt/sidt/fxsave/fxrstor. It did not check current privilege(CPL) level while emulating unprivileged instructions. An unprivileged guest user/process could use this flaw to potentially escalate privileges inside guest (bnc#1097104).\n- CVE-2018-10876: A flaw was found in Linux kernel in the ext4 filesystem code. A use-after-free is possible in ext4_ext_remove_space() function when mounting and operating a crafted ext4 image. (bnc#1099811)\n- CVE-2018-10877: Linux kernel ext4 filesystem is vulnerable to an out-of-bound access in the ext4_ext_drop_refs() function when operating on a crafted ext4 filesystem image. (bnc#1099846)\n- CVE-2018-10878: A flaw was found in the Linux kernel's ext4 filesystem. A local user can cause an out-of-bounds write and a denial of service or unspecified other impact is possible by mounting and operating a crafted ext4 filesystem image. (bnc#1099813)\n- CVE-2018-10879: A flaw was found in the Linux kernel's ext4 filesystem. A local user can cause a use-after-free in ext4_xattr_set_entry function and a denial of service or unspecified other impact may occur by renaming a file in a crafted ext4 filesystem image. (bnc#1099844)\n- CVE-2018-10880: Linux kernel is vulnerable to a stack-out-of-bounds write in the ext4 filesystem code when mounting and writing to a crafted ext4 image in ext4_update_inline_data(). An attacker could use this to cause a system crash and a denial of service. (bnc#1099845)\n- CVE-2018-10881: A flaw was found in the Linux kernel's ext4 filesystem. A local user can cause an out-of-bound access in ext4_get_group_info function, a denial of service, and a system crash by mounting and operating on a crafted ext4 filesystem image. (bnc#1099864)\n- CVE-2018-10882: A flaw was found in the Linux kernel's ext4 filesystem. A local user can cause an out-of-bound write in in fs/jbd2/transaction.c code, a denial of service, and a system crash by unmounting a crafted ext4 filesystem image. (bnc#1099849)\n- CVE-2018-10883: A flaw was found in the Linux kernel's ext4 filesystem. A local user can cause an out-of-bounds write in jbd2_journal_dirty_metadata(), a denial of service, and a system crash by mounting and operating on a crafted ext4 filesystem image. (bnc#1099863)\n- CVE-2018-10902: It was found that the raw midi kernel driver did not protect against concurrent access which leads to a double realloc (double free) in snd_rawmidi_input_params() and snd_rawmidi_output_status() which are part of snd_rawmidi_ioctl() handler in rawmidi.c file. A malicious local attacker could possibly use this for privilege escalation (bnc#1105322).\n- CVE-2018-10938: A crafted network packet sent remotely by an attacker may force the kernel to enter an infinite loop in the cipso_v4_optptr() function in net/ipv4/cipso_ipv4.c leading to a denial-of-service. A certain non-default configuration of LSM (Linux Security Module) and NetLabel should be set up on a system before an attacker could leverage this flaw (bnc#1106016).\n- CVE-2018-10940: The cdrom_ioctl_media_changed function in drivers/cdrom/cdrom.c allowed local attackers to use a incorrect bounds check in the CDROM driver CDROM_MEDIA_CHANGED ioctl to read out kernel memory (bnc#1092903).\n- CVE-2018-12896: An Integer Overflow in kernel/time/posix-timers.c in the POSIX timer code is caused by the way the overrun accounting works. Depending on interval and expiry time values, the overrun can be larger than INT_MAX, but the accounting is int based. This basically made the accounting values, which are visible to user space via timer_getoverrun(2) and siginfo::si_overrun, random. For example, a local user can cause a denial of service (signed integer overflow) via crafted mmap, futex, timer_create, and timer_settime system calls (bnc#1099922).\n- CVE-2018-13093: There is a NULL pointer dereference and panic in lookup_slow() on a NULL inode->i_ops pointer when doing pathwalks on a corrupted xfs image. This occurs because of a lack of proper validation that cached inodes are free during allocation (bnc#1100001).\n- CVE-2018-13094: An OOPS may occur for a corrupted xfs image after xfs_da_shrink_inode() is called with a NULL bp (bnc#1100000).\n- CVE-2018-13095: A denial of service (memory corruption and BUG) can occur for a corrupted xfs image upon encountering an inode that is in extent format, but has more extents than fit in the inode fork (bnc#1099999).\n- CVE-2018-14617: There is a NULL pointer dereference and panic in hfsplus_lookup() in fs/hfsplus/dir.c when opening a file (that is purportedly a hard link) in an hfs+ filesystem that has malformed catalog data, and is mounted read-only without a metadata directory (bnc#1102870).\n- CVE-2018-14678: The xen_failsafe_callback entry point in arch/x86/entry/entry_64.S did not properly maintain RBX, which allowed local users to cause a denial of service (uninitialized memory usage and system crash). Within Xen, 64-bit x86 PV Linux guest OS users can trigger a guest OS crash or possibly gain privileges (bnc#1102715).\n- CVE-2018-15572: The spectre_v2_select_mitigation function in arch/x86/kernel/cpu/bugs.c did not always fill RSB upon a context switch, which made it easier for attackers to conduct userspace-userspace spectreRSB attacks (bnc#1102517 bnc#1105296).\n- CVE-2018-15594: arch/x86/kernel/paravirt.c mishandled certain indirect calls, which made it easier for attackers to conduct Spectre-v2 attacks against paravirtual guests (bnc#1105348).\n- CVE-2018-16276: Local attackers could use user access read/writes with incorrect bounds checking in the yurex USB driver to crash the kernel or potentially escalate privileges (bnc#1106095).\n- CVE-2018-16658: An information leak in cdrom_ioctl_drive_status in drivers/cdrom/cdrom.c could be used by local attackers to read kernel memory because a cast from unsigned long to int interferes with bounds checking. This is similar to CVE-2018-10940 (bnc#1107689).\n- CVE-2018-17182: The vmacache_flush_all function in mm/vmacache.c mishandled sequence number overflows. An attacker can trigger a use-after-free (and possibly gain privileges) via certain thread creation, map, unmap, invalidation, and dereference operations (bnc#1108399).\n- CVE-2018-6554: Memory leak in the irda_bind function in net/irda/af_irda.c and later in drivers/staging/irda/net/af_irda.c allowed local users to cause a denial of service (memory consumption) by repeatedly binding an AF_IRDA socket (bnc#1106509).\n- CVE-2018-6555: The irda_setsockopt function in net/irda/af_irda.c and later in drivers/staging/irda/net/af_irda.c allowed local users to cause a denial of service (ias_object use-after-free and system crash) or possibly have unspecified other impact via an AF_IRDA socket (bnc#1106511).\n- CVE-2018-7757: Memory leak in the sas_smp_get_phy_events function in drivers/scsi/libsas/sas_expander.c allowed local users to cause a denial of service (memory consumption) via many read accesses to files in the /sys/class/sas_phy directory, as demonstrated by the /sys/class/sas_phy/phy-1:0:12/invalid_dword_count file (bnc#1084536).\n- CVE-2018-9363: A buffer overflow in bluetooth HID report processing could be used by malicious bluetooth devices to crash the kernel or potentially execute code (bnc#1105292).\nThe following security bugs were fixed:\n- CVE-2018-7480: The blkcg_init_queue function in block/blk-cgroup.c allowed local users to cause a denial of service (double free) or possibly have unspecified other impact by triggering a creation failure (bnc#1082863).\n\nThe following non-security bugs were fixed:\n\n- atm: Preserve value of skb->truesize when accounting to vcc (bsc#1089066).\n- bcache: avoid unncessary cache prefetch bch_btree_node_get() (bsc#1064232).\n- bcache: calculate the number of incremental GC nodes according to the total of btree nodes (bsc#1064232).\n- bcache: display rate debug parameters to 0 when writeback is not running (bsc#1064232).\n- bcache: do not check return value of debugfs_create_dir() (bsc#1064232).\n- bcache: finish incremental GC (bsc#1064232).\n- bcache: fix error setting writeback_rate through sysfs interface (bsc#1064232).\n- bcache: fix I/O significant decline while backend devices registering (bsc#1064232).\n- bcache: free heap cache_set->flush_btree in bch_journal_free (bsc#1064232).\n- bcache: make the pr_err statement used for ENOENT only in sysfs_attatch section (bsc#1064232).\n- bcache: release dc->writeback_lock properly in bch_writeback_thread() (bsc#1064232).\n- bcache: set max writeback rate when I/O request is idle (bsc#1064232).\n- bcache: simplify the calculation of the total amount of flash dirty data (bsc#1064232).\n- ext4: check for allocation block validity with block group locked (bsc#1104495).\n- ext4: do not update checksum of new initialized bitmaps (bnc#1012382).\n- ext4: fix check to prevent initializing reserved inodes (bsc#1104319).\n- ext4: fix false negatives *and* false positives in ext4_check_descriptors() (bsc#1103445).\n- ibmvnic: Include missing return code checks in reset function (bnc#1107966).\n- kABI: protect struct x86_emulate_ops (kabi).\n- kabi/severities: Ignore missing cpu_tss_tramp (bsc#1099597)\n- kabi: x86/speculation/l1tf: Increase l1tf memory limit for Nehalem+ (bnc#1105536).\n- kvm: MMU: always terminate page walks at level 1 (bsc#1062604).\n- kvm: MMU: simplify last_pte_bitmap (bsc#1062604).\n- kvm: nVMX: update last_nonleaf_level when initializing nested EPT (bsc#1062604).\n- kvm: VMX: fixes for vmentry_l1d_flush module parameter (bsc#1106369).\n- kvm: VMX: Work around kABI breakage in 'enum vmx_l1d_flush_state' (bsc#1106369).\n- net: add skb_condense() helper (bsc#1089066).\n- net: adjust skb->truesize in pskb_expand_head() (bsc#1089066).\n- net: adjust skb->truesize in ___pskb_trim() (bsc#1089066).\n- net: ena: Eliminate duplicate barriers on weakly-ordered archs (bsc#1108239).\n- net: ena: fix device destruction to gracefully free resources (bsc#1108239).\n- net: ena: fix driver when PAGE_SIZE == 64kB (bsc#1108239).\n- net: ena: fix incorrect usage of memory barriers (bsc#1108239).\n- net: ena: fix missing calls to READ_ONCE (bsc#1108239).\n- net: ena: fix missing lock during device destruction (bsc#1108239).\n- net: ena: fix potential double ena_destroy_device() (bsc#1108239).\n- net: ena: fix surprise unplug NULL dereference kernel crash (bsc#1108239).\n- net: ena: Fix use of uninitialized DMA address bits field (bsc#1108239).\n- netfilter: xt_CT: fix refcnt leak on error path (bnc#1012382 bsc#1100152).\n- netlink: do not enter direct reclaim from netlink_trim() (bsc#1042286).\n- nfs: Use an appropriate work queue for direct-write completion (bsc#1082519).\n- ovl: fix random return value on mount (bsc#1099993).\n- ovl: fix uid/gid when creating over whiteout (bsc#1099993).\n- ovl: modify ovl_permission() to do checks on two inodes (bsc#1106512).\n- ovl: override creds with the ones from the superblock mounter (bsc#1099993).\n- powerpc: Avoid code patching freed init sections (bnc#1107735).\n- powerpc/livepatch: Fix livepatch stack access (bsc#1094466).\n- powerpc/modules: Do not try to restore r2 after a sibling call (bsc#1094466).\n- powerpc/tm: Avoid possible userspace r1 corruption on reclaim (bsc#1109333).\n- powerpc/tm: Fix userspace r13 corruption (bsc#1109333).\n- provide special timeout module parameters for EC2 (bsc#1065364).\n- stop_machine: Atomically queue and wake stopper threads (git-fixes).\n- stop_machine, sched: Fix migrate_swap() vs. active_balance() deadlock (bsc#1088810).\n- usbip: vhci_sysfs: fix potential Spectre v1 (bsc#1096547).\n- x86/entry/64: Remove %ebx handling from error_entry/exit (bnc#1102715).\n- x86/speculation/l1tf: Fix off-by-one error when warning that system has too much RAM (bnc#1105536).\n- x86/speculation/l1tf: Increase l1tf memory limit for Nehalem+ (bnc#1105536).\n- x86/speculation/l1tf: Suggest what to do on systems with too much RAM (bnc#1105536).\n- x86/speculation: Use ARCH_CAPABILITIES to skip L1D flush on vmentry (bsc#1106369).\n- x86: Drop kernel trampoline stack. It is involved in breaking kdump/kexec infrastucture. (bsc#1099597)\n- xen: avoid crash in disable_hotplug_cpu (bsc#1106594).\n- xen/blkback: do not keep persistent grants too long (bsc#1085042).\n- xen/blkback: move persistent grants flags to bool (bsc#1085042).\n- xen/blkfront: cleanup stale persistent grants (bsc#1085042).\n- xen/blkfront: reorder tests in xlblk_init() (bsc#1085042).\n- xfs: add a new xfs_iext_lookup_extent_before helper (bsc#1095344).\n- xfs: add asserts for the mmap lock in xfs_{insert,collapse}_file_space (bsc#1095344).\n- xfs: add a xfs_bmap_fork_to_state helper (bsc#1095344).\n- xfs: add a xfs_iext_update_extent helper (bsc#1095344).\n- xfs: add comments documenting the rebalance algorithm (bsc#1095344).\n- xfs: add some comments to xfs_iext_insert/xfs_iext_insert_node (bsc#1095344).\n- xfs: add xfs_trim_extent (bsc#1095344).\n- xfs: allow unaligned extent records in xfs_bmbt_disk_set_all (bsc#1095344).\n- xfs: borrow indirect blocks from freed extent when available (bsc#1095344).\n- xfs: cleanup xfs_bmap_last_before (bsc#1095344).\n- xfs: do not create overlapping extents in xfs_bmap_add_extent_delay_real (bsc#1095344).\n- xfs: do not rely on extent indices in xfs_bmap_collapse_extents (bsc#1095344).\n- xfs: do not rely on extent indices in xfs_bmap_insert_extents (bsc#1095344).\n- xfs: do not set XFS_BTCUR_BPRV_WASDEL in xfs_bunmapi (bsc#1095344).\n- xfs: during btree split, save new block key & ptr for future insertion (bsc#1095344).\n- xfs: factor out a helper to initialize a local format inode fork (bsc#1095344).\n- xfs: fix memory leak in xfs_iext_free_last_leaf (bsc#1095344).\n- xfs: fix number of records handling in xfs_iext_split_leaf (bsc#1095344).\n- xfs: handle indlen shortage on delalloc extent merge (bsc#1095344).\n- xfs: handle zero entries case in xfs_iext_rebalance_leaf (bsc#1095344).\n- xfs: improve kmem_realloc (bsc#1095344).\n- xfs: inline xfs_shift_file_space into callers (bsc#1095344).\n- xfs: introduce the xfs_iext_cursor abstraction (bsc#1095344).\n- xfs: iterate over extents in xfs_bmap_extents_to_btree (bsc#1095344).\n- xfs: iterate over extents in xfs_iextents_copy (bsc#1095344).\n- xfs: make better use of the 'state' variable in xfs_bmap_del_extent_real (bsc#1095344).\n- xfs: merge xfs_bmap_read_extents into xfs_iread_extents (bsc#1095344).\n- xfs: move pre/post-bmap tracing into xfs_iext_update_extent (bsc#1095344).\n- xfs: move some code around inside xfs_bmap_shift_extents (bsc#1095344).\n- xfs: move some more code into xfs_bmap_del_extent_real (bsc#1095344).\n- xfs: move xfs_bmbt_irec and xfs_exntst_t to xfs_types.h (bsc#1095344).\n- xfs: move xfs_iext_insert tracepoint to report useful information (bsc#1095344).\n- xfs: new inode extent list lookup helpers (bsc#1095344).\n- xfs: pass an on-disk extent to xfs_bmbt_validate_extent (bsc#1095344).\n- xfs: pass a struct xfs_bmbt_irec to xfs_bmbt_lookup_eq (bsc#1095344).\n- xfs: pass a struct xfs_bmbt_irec to xfs_bmbt_update (bsc#1095344).\n- xfs: pass struct xfs_bmbt_irec to xfs_bmbt_validate_extent (bsc#1095344).\n- xfs: provide helper for counting extents from if_bytes (bsc#1095344).\n- xfs: refactor delalloc accounting in xfs_bmap_add_extent_delay_real (bsc#1095344).\n- xfs: refactor delalloc indlen reservation split into helper (bsc#1095344).\n- xfs: refactor dir2 leaf readahead shadow buffer cleverness (bsc#1095344).\n- xfs: refactor xfs_bmap_add_extent_delay_real (bsc#1095344).\n- xfs: refactor xfs_bmap_add_extent_hole_delay (bsc#1095344).\n- xfs: refactor xfs_bmap_add_extent_hole_real (bsc#1095344).\n- xfs: refactor xfs_bmap_add_extent_unwritten_real (bsc#1095344).\n- xfs: refactor xfs_bunmapi_cow (bsc#1095344).\n- xfs: refactor xfs_del_extent_real (bsc#1095344).\n- xfs: remove a duplicate assignment in xfs_bmap_add_extent_delay_real (bsc#1095344).\n- xfs: remove all xfs_bmbt_set_* helpers except for xfs_bmbt_set_all (bsc#1095344).\n- xfs: remove a superflous assignment in xfs_iext_remove_node (bsc#1095344).\n- xfs: Remove dead code from inode recover function (bsc#1105396).\n- xfs: remove if_rdev (bsc#1095344).\n- xfs: remove prev argument to xfs_bmapi_reserve_delalloc (bsc#1095344).\n- xfs: remove support for inlining data/extents into the inode fork (bsc#1095344).\n- xfs: remove the never fully implemented UUID fork format (bsc#1095344).\n- xfs: remove the nr_extents argument to xfs_iext_insert (bsc#1095344).\n- xfs: remove the nr_extents argument to xfs_iext_remove (bsc#1095344).\n- xfs: remove XFS_BMAP_MAX_SHIFT_EXTENTS (bsc#1095344).\n- xfs: remove XFS_BMAP_TRACE_EXLIST (bsc#1095344).\n- xfs: remove xfs_bmbt_get_state (bsc#1095344).\n- xfs: remove xfs_bmse_shift_one (bsc#1095344).\n- xfs: rename bno to end in __xfs_bunmapi (bsc#1095344).\n- xfs: repair malformed inode items during log recovery (bsc#1105396).\n- xfs: replace xfs_bmbt_lookup_ge with xfs_bmbt_lookup_first (bsc#1095344).\n- xfs: replace xfs_qm_get_rtblks with a direct call to xfs_bmap_count_leaves (bsc#1095344).\n- xfs: rewrite getbmap using the xfs_iext_* helpers (bsc#1095344).\n- xfs: rewrite xfs_bmap_count_leaves using xfs_iext_get_extent (bsc#1095344).\n- xfs: rewrite xfs_bmap_first_unused to make better use of xfs_iext_get_extent (bsc#1095344).\n- xfs: simplify the xfs_getbmap interface (bsc#1095344).\n- xfs: simplify validation of the unwritten extent bit (bsc#1095344).\n- xfs: split indlen reservations fairly when under reserved (bsc#1095344).\n- xfs: split xfs_bmap_shift_extents (bsc#1095344).\n- xfs: switch xfs_bmap_local_to_extents to use xfs_iext_insert (bsc#1095344).\n- xfs: treat idx as a cursor in xfs_bmap_add_extent_delay_real (bsc#1095344).\n- xfs: treat idx as a cursor in xfs_bmap_add_extent_hole_delay (bsc#1095344).\n- xfs: treat idx as a cursor in xfs_bmap_add_extent_hole_real (bsc#1095344).\n- xfs: treat idx as a cursor in xfs_bmap_add_extent_unwritten_real (bsc#1095344).\n- xfs: treat idx as a cursor in xfs_bmap_collapse_extents (bsc#1095344).\n- xfs: treat idx as a cursor in xfs_bmap_del_extent_* (bsc#1095344).\n- xfs: update freeblocks counter after extent deletion (bsc#1095344).\n- xfs: update got in xfs_bmap_shift_update_extent (bsc#1095344).\n- xfs: use a b+tree for the in-core extent list (bsc#1095344).\n- xfs: use correct state defines in xfs_bmap_del_extent_{cow,delay} (bsc#1095344).\n- xfs: use new extent lookup helpers in xfs_bmapi_read (bsc#1095344).\n- xfs: use new extent lookup helpers in xfs_bmapi_write (bsc#1095344).\n- xfs: use new extent lookup helpers in __xfs_bunmapi (bsc#1095344).\n- xfs: use the state defines in xfs_bmap_del_extent_real (bsc#1095344).\n- xfs: use xfs_bmap_del_extent_delay for the data fork as well (bsc#1095344).\n- xfs: use xfs_iext_*_extent helpers in xfs_bmap_shift_extents (bsc#1095344).\n- xfs: use xfs_iext_*_extent helpers in xfs_bmap_split_extent_at (bsc#1095344).\n- xfs: use xfs_iext_get_extent instead of open coding it (bsc#1095344).\n- xfs: use xfs_iext_get_extent in xfs_bmap_first_unused (bsc#1095344).\n", title: "Description of the patch", }, { category: "details", text: "SUSE-OpenStack-Cloud-7-2018-2188,SUSE-OpenStack-Cloud-Magnum-Orchestration-7-2018-2188,SUSE-SLE-HA-12-SP2-2018-2188,SUSE-SLE-SAP-12-SP2-2018-2188,SUSE-SLE-SERVER-12-SP2-2018-2188,SUSE-SLE-SERVER-12-SP2-BCL-2018-2188,SUSE-Storage-4-2018-2188", title: "Patchnames", }, { category: "legal_disclaimer", text: "CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).", title: "Terms of use", }, ], publisher: { category: "vendor", contact_details: "https://www.suse.com/support/security/contact/", name: "SUSE Product Security Team", namespace: "https://www.suse.com/", }, references: [ { category: "external", summary: "SUSE ratings", url: "https://www.suse.com/support/security/rating/", }, { category: "self", summary: "URL of this CSAF notice", url: "https://ftp.suse.com/pub/projects/security/csaf/suse-su-2018_3084-1.json", }, { category: "self", summary: "URL for SUSE-SU-2018:3084-1", url: "https://www.suse.com/support/update/announcement/2018/suse-su-20183084-1/", }, { category: "self", summary: "E-Mail link for SUSE-SU-2018:3084-1", url: "https://lists.suse.com/pipermail/sle-security-updates/2018-October/004660.html", }, { category: "self", summary: "SUSE Bug 1012382", url: "https://bugzilla.suse.com/1012382", }, { category: "self", summary: "SUSE Bug 1042286", url: "https://bugzilla.suse.com/1042286", }, { category: "self", summary: "SUSE Bug 1062604", url: "https://bugzilla.suse.com/1062604", }, { category: "self", summary: "SUSE Bug 1064232", url: "https://bugzilla.suse.com/1064232", }, { category: "self", summary: "SUSE Bug 1065364", url: "https://bugzilla.suse.com/1065364", }, { category: "self", summary: "SUSE Bug 1082519", url: "https://bugzilla.suse.com/1082519", }, { category: "self", summary: "SUSE Bug 1082863", url: "https://bugzilla.suse.com/1082863", }, { category: "self", summary: "SUSE Bug 1084536", url: "https://bugzilla.suse.com/1084536", }, { category: "self", summary: "SUSE Bug 1085042", url: "https://bugzilla.suse.com/1085042", }, { category: "self", summary: "SUSE Bug 1088810", url: "https://bugzilla.suse.com/1088810", }, { category: "self", summary: "SUSE Bug 1089066", url: "https://bugzilla.suse.com/1089066", }, { category: "self", summary: "SUSE Bug 1092903", url: "https://bugzilla.suse.com/1092903", }, { category: "self", summary: "SUSE Bug 1094466", url: "https://bugzilla.suse.com/1094466", }, { category: "self", summary: "SUSE Bug 1095344", url: "https://bugzilla.suse.com/1095344", }, { category: "self", summary: "SUSE Bug 1096547", url: "https://bugzilla.suse.com/1096547", }, { category: "self", summary: "SUSE Bug 1097104", url: "https://bugzilla.suse.com/1097104", }, { category: "self", summary: "SUSE Bug 1099597", url: "https://bugzilla.suse.com/1099597", }, { category: "self", summary: "SUSE Bug 1099811", url: "https://bugzilla.suse.com/1099811", }, { category: "self", summary: "SUSE Bug 1099813", url: "https://bugzilla.suse.com/1099813", }, { category: "self", summary: "SUSE Bug 1099844", url: "https://bugzilla.suse.com/1099844", }, { category: "self", summary: "SUSE Bug 1099845", url: "https://bugzilla.suse.com/1099845", }, { category: "self", summary: "SUSE Bug 1099846", url: "https://bugzilla.suse.com/1099846", }, { category: "self", summary: "SUSE Bug 1099849", url: "https://bugzilla.suse.com/1099849", }, { category: "self", summary: "SUSE Bug 1099863", url: "https://bugzilla.suse.com/1099863", }, { category: "self", summary: "SUSE Bug 1099864", url: "https://bugzilla.suse.com/1099864", }, { category: "self", summary: "SUSE Bug 1099922", url: "https://bugzilla.suse.com/1099922", }, { category: "self", summary: "SUSE Bug 1099993", url: "https://bugzilla.suse.com/1099993", }, { category: "self", summary: "SUSE Bug 1099999", url: "https://bugzilla.suse.com/1099999", }, { category: "self", summary: "SUSE Bug 1100000", url: "https://bugzilla.suse.com/1100000", }, { category: "self", summary: "SUSE Bug 1100001", url: "https://bugzilla.suse.com/1100001", }, { category: "self", summary: "SUSE Bug 1100152", url: "https://bugzilla.suse.com/1100152", }, { category: "self", summary: "SUSE Bug 1102517", url: "https://bugzilla.suse.com/1102517", }, { category: "self", summary: "SUSE Bug 1102715", url: "https://bugzilla.suse.com/1102715", }, { category: "self", summary: "SUSE Bug 1102870", url: "https://bugzilla.suse.com/1102870", }, { category: "self", summary: "SUSE Bug 1103445", url: "https://bugzilla.suse.com/1103445", }, { category: "self", summary: "SUSE Bug 1104319", url: "https://bugzilla.suse.com/1104319", }, { category: "self", summary: "SUSE Bug 1104495", url: "https://bugzilla.suse.com/1104495", }, { category: "self", summary: "SUSE Bug 1105292", url: "https://bugzilla.suse.com/1105292", }, { category: "self", summary: "SUSE Bug 1105296", url: "https://bugzilla.suse.com/1105296", }, { category: "self", summary: "SUSE Bug 1105322", url: "https://bugzilla.suse.com/1105322", }, { category: "self", summary: "SUSE Bug 1105348", url: "https://bugzilla.suse.com/1105348", }, { category: "self", summary: "SUSE Bug 1105396", url: "https://bugzilla.suse.com/1105396", }, { category: "self", summary: "SUSE Bug 1105536", url: "https://bugzilla.suse.com/1105536", }, { category: "self", summary: "SUSE Bug 1106016", url: "https://bugzilla.suse.com/1106016", }, { category: "self", summary: "SUSE Bug 1106095", url: "https://bugzilla.suse.com/1106095", }, { category: "self", summary: "SUSE Bug 1106369", url: "https://bugzilla.suse.com/1106369", }, { category: "self", summary: "SUSE Bug 1106509", url: "https://bugzilla.suse.com/1106509", }, { category: "self", summary: "SUSE Bug 1106511", url: "https://bugzilla.suse.com/1106511", }, { category: "self", summary: "SUSE Bug 1106512", url: "https://bugzilla.suse.com/1106512", }, { category: "self", summary: "SUSE Bug 1106594", url: "https://bugzilla.suse.com/1106594", }, { category: "self", summary: "SUSE Bug 1107689", url: "https://bugzilla.suse.com/1107689", }, { category: "self", summary: "SUSE Bug 1107735", url: "https://bugzilla.suse.com/1107735", }, { category: "self", summary: "SUSE Bug 1107966", url: "https://bugzilla.suse.com/1107966", }, { category: "self", summary: "SUSE Bug 1108239", url: "https://bugzilla.suse.com/1108239", }, { category: "self", summary: "SUSE Bug 1108399", url: "https://bugzilla.suse.com/1108399", }, { category: "self", summary: "SUSE Bug 1109333", url: "https://bugzilla.suse.com/1109333", }, { category: "self", summary: "SUSE CVE CVE-2018-10853 page", url: "https://www.suse.com/security/cve/CVE-2018-10853/", }, { category: "self", summary: "SUSE CVE CVE-2018-10876 page", url: "https://www.suse.com/security/cve/CVE-2018-10876/", }, { category: "self", summary: "SUSE CVE CVE-2018-10877 page", url: "https://www.suse.com/security/cve/CVE-2018-10877/", }, { category: "self", summary: "SUSE CVE CVE-2018-10878 page", url: "https://www.suse.com/security/cve/CVE-2018-10878/", }, { category: "self", summary: "SUSE CVE CVE-2018-10879 page", url: "https://www.suse.com/security/cve/CVE-2018-10879/", }, { category: "self", summary: "SUSE CVE CVE-2018-10880 page", url: "https://www.suse.com/security/cve/CVE-2018-10880/", }, { category: "self", summary: "SUSE CVE CVE-2018-10881 page", url: "https://www.suse.com/security/cve/CVE-2018-10881/", }, { category: "self", summary: "SUSE CVE CVE-2018-10882 page", url: "https://www.suse.com/security/cve/CVE-2018-10882/", }, { category: "self", summary: "SUSE CVE CVE-2018-10883 page", url: "https://www.suse.com/security/cve/CVE-2018-10883/", }, { category: "self", summary: "SUSE CVE CVE-2018-10902 page", url: "https://www.suse.com/security/cve/CVE-2018-10902/", }, { category: "self", summary: "SUSE CVE CVE-2018-10938 page", url: "https://www.suse.com/security/cve/CVE-2018-10938/", }, { category: "self", summary: "SUSE CVE CVE-2018-10940 page", url: "https://www.suse.com/security/cve/CVE-2018-10940/", }, { category: "self", summary: "SUSE CVE CVE-2018-12896 page", url: "https://www.suse.com/security/cve/CVE-2018-12896/", }, { category: "self", summary: "SUSE CVE CVE-2018-13093 page", url: "https://www.suse.com/security/cve/CVE-2018-13093/", }, { category: "self", summary: "SUSE CVE CVE-2018-13094 page", url: "https://www.suse.com/security/cve/CVE-2018-13094/", }, { category: "self", summary: "SUSE CVE CVE-2018-13095 page", url: "https://www.suse.com/security/cve/CVE-2018-13095/", }, { category: "self", summary: "SUSE CVE CVE-2018-14617 page", url: "https://www.suse.com/security/cve/CVE-2018-14617/", }, { category: "self", summary: "SUSE CVE CVE-2018-14678 page", url: "https://www.suse.com/security/cve/CVE-2018-14678/", }, { category: "self", summary: "SUSE CVE CVE-2018-15572 page", url: "https://www.suse.com/security/cve/CVE-2018-15572/", }, { category: "self", summary: "SUSE CVE CVE-2018-15594 page", url: "https://www.suse.com/security/cve/CVE-2018-15594/", }, { category: "self", summary: "SUSE CVE CVE-2018-16276 page", url: "https://www.suse.com/security/cve/CVE-2018-16276/", }, { category: "self", summary: "SUSE CVE CVE-2018-16658 page", url: "https://www.suse.com/security/cve/CVE-2018-16658/", }, { category: "self", summary: "SUSE CVE CVE-2018-17182 page", url: "https://www.suse.com/security/cve/CVE-2018-17182/", }, { category: "self", summary: "SUSE CVE CVE-2018-6554 page", url: "https://www.suse.com/security/cve/CVE-2018-6554/", }, { category: "self", summary: "SUSE CVE CVE-2018-6555 page", url: "https://www.suse.com/security/cve/CVE-2018-6555/", }, { category: "self", summary: "SUSE CVE CVE-2018-7480 page", url: "https://www.suse.com/security/cve/CVE-2018-7480/", }, { category: "self", summary: "SUSE CVE CVE-2018-7757 page", url: "https://www.suse.com/security/cve/CVE-2018-7757/", }, { category: "self", summary: "SUSE CVE CVE-2018-9363 page", url: "https://www.suse.com/security/cve/CVE-2018-9363/", }, ], title: "Security update for the Linux Kernel", tracking: { current_release_date: "2018-10-09T12:00:14Z", generator: { date: "2018-10-09T12:00:14Z", engine: { name: "cve-database.git:bin/generate-csaf.pl", version: "1", }, }, id: "SUSE-SU-2018:3084-1", initial_release_date: "2018-10-09T12:00:14Z", revision_history: [ { date: "2018-10-09T12:00:14Z", number: "1", summary: "Current version", }, ], status: "final", version: "1", }, }, product_tree: { branches: [ { branches: [ { branches: [ { category: "product_version", name: "kernel-devel-4.4.121-92.95.1.noarch", product: { name: "kernel-devel-4.4.121-92.95.1.noarch", product_id: "kernel-devel-4.4.121-92.95.1.noarch", }, }, { category: "product_version", name: "kernel-macros-4.4.121-92.95.1.noarch", product: { name: "kernel-macros-4.4.121-92.95.1.noarch", product_id: "kernel-macros-4.4.121-92.95.1.noarch", }, }, { category: "product_version", name: "kernel-source-4.4.121-92.95.1.noarch", product: { name: "kernel-source-4.4.121-92.95.1.noarch", product_id: "kernel-source-4.4.121-92.95.1.noarch", }, }, ], category: "architecture", name: "noarch", }, { branches: [ { category: "product_version", name: "cluster-md-kmp-default-4.4.121-92.95.1.ppc64le", product: { name: "cluster-md-kmp-default-4.4.121-92.95.1.ppc64le", product_id: "cluster-md-kmp-default-4.4.121-92.95.1.ppc64le", }, }, { category: "product_version", name: "cluster-network-kmp-default-4.4.121-92.95.1.ppc64le", product: { name: "cluster-network-kmp-default-4.4.121-92.95.1.ppc64le", product_id: "cluster-network-kmp-default-4.4.121-92.95.1.ppc64le", }, }, { category: "product_version", name: "dlm-kmp-default-4.4.121-92.95.1.ppc64le", product: { name: "dlm-kmp-default-4.4.121-92.95.1.ppc64le", product_id: "dlm-kmp-default-4.4.121-92.95.1.ppc64le", }, }, { category: "product_version", name: "gfs2-kmp-default-4.4.121-92.95.1.ppc64le", product: { name: "gfs2-kmp-default-4.4.121-92.95.1.ppc64le", product_id: "gfs2-kmp-default-4.4.121-92.95.1.ppc64le", }, }, { category: "product_version", name: "ocfs2-kmp-default-4.4.121-92.95.1.ppc64le", product: { name: "ocfs2-kmp-default-4.4.121-92.95.1.ppc64le", product_id: "ocfs2-kmp-default-4.4.121-92.95.1.ppc64le", }, }, { category: "product_version", name: "kernel-default-4.4.121-92.95.1.ppc64le", product: { name: "kernel-default-4.4.121-92.95.1.ppc64le", product_id: "kernel-default-4.4.121-92.95.1.ppc64le", }, }, { category: "product_version", name: "kernel-default-base-4.4.121-92.95.1.ppc64le", product: { name: "kernel-default-base-4.4.121-92.95.1.ppc64le", product_id: "kernel-default-base-4.4.121-92.95.1.ppc64le", }, }, { category: "product_version", name: "kernel-default-devel-4.4.121-92.95.1.ppc64le", product: { name: "kernel-default-devel-4.4.121-92.95.1.ppc64le", product_id: "kernel-default-devel-4.4.121-92.95.1.ppc64le", }, }, { category: "product_version", name: "kernel-syms-4.4.121-92.95.1.ppc64le", product: { name: "kernel-syms-4.4.121-92.95.1.ppc64le", product_id: "kernel-syms-4.4.121-92.95.1.ppc64le", }, }, { category: "product_version", name: "kgraft-patch-4_4_121-92_95-default-1-3.4.1.ppc64le", product: { name: "kgraft-patch-4_4_121-92_95-default-1-3.4.1.ppc64le", product_id: "kgraft-patch-4_4_121-92_95-default-1-3.4.1.ppc64le", }, }, ], category: "architecture", name: "ppc64le", }, { branches: [ { category: "product_version", name: "kernel-default-4.4.121-92.95.1.s390x", product: { name: "kernel-default-4.4.121-92.95.1.s390x", product_id: "kernel-default-4.4.121-92.95.1.s390x", }, }, { category: "product_version", name: "kernel-default-base-4.4.121-92.95.1.s390x", product: { name: "kernel-default-base-4.4.121-92.95.1.s390x", product_id: "kernel-default-base-4.4.121-92.95.1.s390x", }, }, { category: "product_version", name: "kernel-default-devel-4.4.121-92.95.1.s390x", product: { name: "kernel-default-devel-4.4.121-92.95.1.s390x", product_id: "kernel-default-devel-4.4.121-92.95.1.s390x", }, }, { category: "product_version", name: "kernel-default-man-4.4.121-92.95.1.s390x", product: { name: "kernel-default-man-4.4.121-92.95.1.s390x", product_id: "kernel-default-man-4.4.121-92.95.1.s390x", }, }, { category: "product_version", name: "kernel-syms-4.4.121-92.95.1.s390x", product: { name: "kernel-syms-4.4.121-92.95.1.s390x", product_id: "kernel-syms-4.4.121-92.95.1.s390x", }, }, { category: "product_version", name: "cluster-md-kmp-default-4.4.121-92.95.1.s390x", product: { name: "cluster-md-kmp-default-4.4.121-92.95.1.s390x", product_id: "cluster-md-kmp-default-4.4.121-92.95.1.s390x", }, }, { category: "product_version", name: "cluster-network-kmp-default-4.4.121-92.95.1.s390x", product: { name: "cluster-network-kmp-default-4.4.121-92.95.1.s390x", product_id: "cluster-network-kmp-default-4.4.121-92.95.1.s390x", }, }, { category: "product_version", name: "dlm-kmp-default-4.4.121-92.95.1.s390x", product: { name: "dlm-kmp-default-4.4.121-92.95.1.s390x", product_id: "dlm-kmp-default-4.4.121-92.95.1.s390x", }, }, { category: "product_version", name: "gfs2-kmp-default-4.4.121-92.95.1.s390x", product: { name: "gfs2-kmp-default-4.4.121-92.95.1.s390x", product_id: "gfs2-kmp-default-4.4.121-92.95.1.s390x", }, }, { category: "product_version", name: "ocfs2-kmp-default-4.4.121-92.95.1.s390x", product: { name: "ocfs2-kmp-default-4.4.121-92.95.1.s390x", product_id: "ocfs2-kmp-default-4.4.121-92.95.1.s390x", }, }, ], category: "architecture", name: "s390x", }, { branches: [ { category: "product_version", name: "kernel-default-4.4.121-92.95.1.x86_64", product: { name: "kernel-default-4.4.121-92.95.1.x86_64", product_id: "kernel-default-4.4.121-92.95.1.x86_64", }, }, { category: "product_version", name: "kernel-default-base-4.4.121-92.95.1.x86_64", product: { name: "kernel-default-base-4.4.121-92.95.1.x86_64", product_id: "kernel-default-base-4.4.121-92.95.1.x86_64", }, }, { category: "product_version", name: "kernel-default-devel-4.4.121-92.95.1.x86_64", product: { name: "kernel-default-devel-4.4.121-92.95.1.x86_64", product_id: "kernel-default-devel-4.4.121-92.95.1.x86_64", }, }, { category: "product_version", name: "kernel-syms-4.4.121-92.95.1.x86_64", product: { name: "kernel-syms-4.4.121-92.95.1.x86_64", product_id: "kernel-syms-4.4.121-92.95.1.x86_64", }, }, { category: "product_version", name: "kgraft-patch-4_4_121-92_95-default-1-3.4.1.x86_64", product: { name: "kgraft-patch-4_4_121-92_95-default-1-3.4.1.x86_64", product_id: "kgraft-patch-4_4_121-92_95-default-1-3.4.1.x86_64", }, }, { category: "product_version", name: "lttng-modules-2.7.1-9.6.1.x86_64", product: { name: "lttng-modules-2.7.1-9.6.1.x86_64", product_id: "lttng-modules-2.7.1-9.6.1.x86_64", }, }, { category: "product_version", name: "lttng-modules-kmp-default-2.7.1_k4.4.121_92.95-9.6.1.x86_64", product: { name: "lttng-modules-kmp-default-2.7.1_k4.4.121_92.95-9.6.1.x86_64", product_id: "lttng-modules-kmp-default-2.7.1_k4.4.121_92.95-9.6.1.x86_64", }, }, { category: "product_version", name: "cluster-md-kmp-default-4.4.121-92.95.1.x86_64", product: { name: "cluster-md-kmp-default-4.4.121-92.95.1.x86_64", product_id: "cluster-md-kmp-default-4.4.121-92.95.1.x86_64", }, }, { category: "product_version", name: "cluster-network-kmp-default-4.4.121-92.95.1.x86_64", product: { name: "cluster-network-kmp-default-4.4.121-92.95.1.x86_64", product_id: "cluster-network-kmp-default-4.4.121-92.95.1.x86_64", }, }, { category: "product_version", name: "dlm-kmp-default-4.4.121-92.95.1.x86_64", product: { name: "dlm-kmp-default-4.4.121-92.95.1.x86_64", product_id: "dlm-kmp-default-4.4.121-92.95.1.x86_64", }, }, { category: "product_version", name: "gfs2-kmp-default-4.4.121-92.95.1.x86_64", product: { name: "gfs2-kmp-default-4.4.121-92.95.1.x86_64", product_id: "gfs2-kmp-default-4.4.121-92.95.1.x86_64", }, }, { category: "product_version", name: "ocfs2-kmp-default-4.4.121-92.95.1.x86_64", product: { name: "ocfs2-kmp-default-4.4.121-92.95.1.x86_64", product_id: "ocfs2-kmp-default-4.4.121-92.95.1.x86_64", }, }, ], category: "architecture", name: "x86_64", }, { branches: [ { category: "product_name", name: "SUSE OpenStack Cloud 7", product: { name: "SUSE OpenStack Cloud 7", product_id: "SUSE OpenStack Cloud 7", product_identification_helper: { cpe: "cpe:/o:suse:suse-openstack-cloud:7", }, }, }, { category: "product_name", name: "SUSE Linux Enterprise High Availability Extension 12 SP2", product: { name: "SUSE Linux Enterprise High Availability Extension 12 SP2", product_id: "SUSE Linux Enterprise High Availability Extension 12 SP2", product_identification_helper: { cpe: "cpe:/o:suse:sle-ha:12:sp2", }, }, }, { category: "product_name", name: "SUSE Linux Enterprise Server for SAP Applications 12 SP2", product: { name: "SUSE Linux Enterprise Server for SAP Applications 12 SP2", product_id: "SUSE Linux Enterprise Server for SAP Applications 12 SP2", product_identification_helper: { cpe: "cpe:/o:suse:sles_sap:12:sp2", }, }, }, { category: "product_name", name: "SUSE Linux Enterprise Server 12 SP2-LTSS", product: { name: "SUSE Linux Enterprise Server 12 SP2-LTSS", product_id: "SUSE Linux Enterprise Server 12 SP2-LTSS", product_identification_helper: { cpe: "cpe:/o:suse:sles-ltss:12:sp2", }, }, }, { category: "product_name", name: "SUSE Linux Enterprise Server 12 SP2-BCL", product: { name: "SUSE Linux Enterprise Server 12 SP2-BCL", product_id: "SUSE Linux Enterprise Server 12 SP2-BCL", product_identification_helper: { cpe: "cpe:/o:suse:sles-bcl:12:sp2", }, }, }, { category: "product_name", name: "SUSE Enterprise Storage 4", product: { name: "SUSE Enterprise Storage 4", product_id: "SUSE Enterprise Storage 4", product_identification_helper: { cpe: "cpe:/o:suse:ses:4", }, }, }, ], category: "product_family", name: "SUSE Linux Enterprise", }, ], category: "vendor", name: "SUSE", }, ], relationships: [ { category: "default_component_of", full_product_name: { name: "kernel-default-4.4.121-92.95.1.s390x as component of SUSE OpenStack Cloud 7", product_id: "SUSE OpenStack Cloud 7:kernel-default-4.4.121-92.95.1.s390x", }, product_reference: "kernel-default-4.4.121-92.95.1.s390x", relates_to_product_reference: "SUSE OpenStack Cloud 7", }, { category: "default_component_of", full_product_name: { name: "kernel-default-4.4.121-92.95.1.x86_64 as component of SUSE OpenStack Cloud 7", product_id: "SUSE OpenStack Cloud 7:kernel-default-4.4.121-92.95.1.x86_64", }, product_reference: "kernel-default-4.4.121-92.95.1.x86_64", relates_to_product_reference: "SUSE OpenStack Cloud 7", }, { category: "default_component_of", full_product_name: { name: "kernel-default-base-4.4.121-92.95.1.s390x as component of SUSE OpenStack Cloud 7", product_id: "SUSE OpenStack Cloud 7:kernel-default-base-4.4.121-92.95.1.s390x", }, product_reference: "kernel-default-base-4.4.121-92.95.1.s390x", relates_to_product_reference: "SUSE OpenStack Cloud 7", }, { category: "default_component_of", full_product_name: { name: "kernel-default-base-4.4.121-92.95.1.x86_64 as component of SUSE OpenStack Cloud 7", product_id: "SUSE OpenStack Cloud 7:kernel-default-base-4.4.121-92.95.1.x86_64", }, product_reference: "kernel-default-base-4.4.121-92.95.1.x86_64", relates_to_product_reference: "SUSE OpenStack Cloud 7", }, { category: "default_component_of", full_product_name: { name: "kernel-default-devel-4.4.121-92.95.1.s390x as component of SUSE OpenStack Cloud 7", product_id: "SUSE OpenStack Cloud 7:kernel-default-devel-4.4.121-92.95.1.s390x", }, product_reference: "kernel-default-devel-4.4.121-92.95.1.s390x", relates_to_product_reference: "SUSE OpenStack Cloud 7", }, { category: "default_component_of", full_product_name: { name: "kernel-default-devel-4.4.121-92.95.1.x86_64 as component of SUSE OpenStack Cloud 7", product_id: "SUSE OpenStack Cloud 7:kernel-default-devel-4.4.121-92.95.1.x86_64", }, product_reference: "kernel-default-devel-4.4.121-92.95.1.x86_64", relates_to_product_reference: "SUSE OpenStack Cloud 7", }, { category: "default_component_of", full_product_name: { name: "kernel-default-man-4.4.121-92.95.1.s390x as component of SUSE OpenStack Cloud 7", product_id: "SUSE OpenStack Cloud 7:kernel-default-man-4.4.121-92.95.1.s390x", }, product_reference: "kernel-default-man-4.4.121-92.95.1.s390x", relates_to_product_reference: "SUSE OpenStack Cloud 7", }, { category: "default_component_of", full_product_name: { name: "kernel-devel-4.4.121-92.95.1.noarch as component of SUSE OpenStack Cloud 7", product_id: "SUSE OpenStack Cloud 7:kernel-devel-4.4.121-92.95.1.noarch", }, product_reference: "kernel-devel-4.4.121-92.95.1.noarch", relates_to_product_reference: "SUSE OpenStack Cloud 7", }, { category: "default_component_of", full_product_name: { name: "kernel-macros-4.4.121-92.95.1.noarch as component of SUSE OpenStack Cloud 7", product_id: "SUSE OpenStack Cloud 7:kernel-macros-4.4.121-92.95.1.noarch", }, product_reference: "kernel-macros-4.4.121-92.95.1.noarch", relates_to_product_reference: "SUSE OpenStack Cloud 7", }, { category: "default_component_of", full_product_name: { name: "kernel-source-4.4.121-92.95.1.noarch as component of SUSE OpenStack Cloud 7", product_id: "SUSE OpenStack Cloud 7:kernel-source-4.4.121-92.95.1.noarch", }, product_reference: "kernel-source-4.4.121-92.95.1.noarch", relates_to_product_reference: "SUSE OpenStack Cloud 7", }, { category: "default_component_of", full_product_name: { name: "kernel-syms-4.4.121-92.95.1.s390x as component of SUSE OpenStack Cloud 7", product_id: "SUSE OpenStack Cloud 7:kernel-syms-4.4.121-92.95.1.s390x", }, product_reference: "kernel-syms-4.4.121-92.95.1.s390x", relates_to_product_reference: "SUSE OpenStack Cloud 7", }, { category: "default_component_of", full_product_name: { name: "kernel-syms-4.4.121-92.95.1.x86_64 as component of SUSE OpenStack Cloud 7", product_id: "SUSE OpenStack Cloud 7:kernel-syms-4.4.121-92.95.1.x86_64", }, product_reference: "kernel-syms-4.4.121-92.95.1.x86_64", relates_to_product_reference: "SUSE OpenStack Cloud 7", }, { category: "default_component_of", full_product_name: { name: "kgraft-patch-4_4_121-92_95-default-1-3.4.1.x86_64 as component of SUSE OpenStack Cloud 7", product_id: "SUSE OpenStack Cloud 7:kgraft-patch-4_4_121-92_95-default-1-3.4.1.x86_64", }, product_reference: "kgraft-patch-4_4_121-92_95-default-1-3.4.1.x86_64", relates_to_product_reference: "SUSE OpenStack Cloud 7", }, { category: "default_component_of", full_product_name: { name: "lttng-modules-2.7.1-9.6.1.x86_64 as component of SUSE OpenStack Cloud 7", product_id: "SUSE OpenStack Cloud 7:lttng-modules-2.7.1-9.6.1.x86_64", }, product_reference: "lttng-modules-2.7.1-9.6.1.x86_64", relates_to_product_reference: "SUSE OpenStack Cloud 7", }, { category: "default_component_of", full_product_name: { name: "lttng-modules-kmp-default-2.7.1_k4.4.121_92.95-9.6.1.x86_64 as component of SUSE OpenStack Cloud 7", product_id: "SUSE OpenStack Cloud 7:lttng-modules-kmp-default-2.7.1_k4.4.121_92.95-9.6.1.x86_64", }, product_reference: "lttng-modules-kmp-default-2.7.1_k4.4.121_92.95-9.6.1.x86_64", relates_to_product_reference: "SUSE OpenStack Cloud 7", }, { category: "default_component_of", full_product_name: { name: "cluster-md-kmp-default-4.4.121-92.95.1.ppc64le as component of SUSE Linux Enterprise High Availability Extension 12 SP2", product_id: "SUSE Linux Enterprise High Availability Extension 12 SP2:cluster-md-kmp-default-4.4.121-92.95.1.ppc64le", }, product_reference: "cluster-md-kmp-default-4.4.121-92.95.1.ppc64le", relates_to_product_reference: "SUSE Linux Enterprise High Availability Extension 12 SP2", }, { category: "default_component_of", full_product_name: { name: "cluster-md-kmp-default-4.4.121-92.95.1.s390x as component of SUSE Linux Enterprise High Availability Extension 12 SP2", product_id: "SUSE Linux Enterprise High Availability Extension 12 SP2:cluster-md-kmp-default-4.4.121-92.95.1.s390x", }, product_reference: "cluster-md-kmp-default-4.4.121-92.95.1.s390x", relates_to_product_reference: "SUSE Linux Enterprise High Availability Extension 12 SP2", }, { category: "default_component_of", full_product_name: { name: "cluster-md-kmp-default-4.4.121-92.95.1.x86_64 as component of SUSE Linux Enterprise High Availability Extension 12 SP2", product_id: "SUSE Linux Enterprise High Availability Extension 12 SP2:cluster-md-kmp-default-4.4.121-92.95.1.x86_64", }, product_reference: "cluster-md-kmp-default-4.4.121-92.95.1.x86_64", relates_to_product_reference: "SUSE Linux Enterprise High Availability Extension 12 SP2", }, { category: "default_component_of", full_product_name: { name: "cluster-network-kmp-default-4.4.121-92.95.1.ppc64le as component of SUSE Linux Enterprise High Availability Extension 12 SP2", product_id: "SUSE Linux Enterprise High Availability Extension 12 SP2:cluster-network-kmp-default-4.4.121-92.95.1.ppc64le", }, product_reference: "cluster-network-kmp-default-4.4.121-92.95.1.ppc64le", relates_to_product_reference: "SUSE Linux Enterprise High Availability Extension 12 SP2", }, { category: "default_component_of", full_product_name: { name: "cluster-network-kmp-default-4.4.121-92.95.1.s390x as component of SUSE Linux Enterprise High Availability Extension 12 SP2", product_id: "SUSE Linux Enterprise High Availability Extension 12 SP2:cluster-network-kmp-default-4.4.121-92.95.1.s390x", }, product_reference: "cluster-network-kmp-default-4.4.121-92.95.1.s390x", relates_to_product_reference: "SUSE Linux Enterprise High Availability Extension 12 SP2", }, { category: "default_component_of", full_product_name: { name: "cluster-network-kmp-default-4.4.121-92.95.1.x86_64 as component of SUSE Linux Enterprise High Availability Extension 12 SP2", product_id: "SUSE Linux Enterprise High Availability Extension 12 SP2:cluster-network-kmp-default-4.4.121-92.95.1.x86_64", }, product_reference: "cluster-network-kmp-default-4.4.121-92.95.1.x86_64", relates_to_product_reference: "SUSE Linux Enterprise High Availability Extension 12 SP2", }, { category: "default_component_of", full_product_name: { name: "dlm-kmp-default-4.4.121-92.95.1.ppc64le as component of SUSE Linux Enterprise High Availability Extension 12 SP2", product_id: "SUSE Linux Enterprise High Availability Extension 12 SP2:dlm-kmp-default-4.4.121-92.95.1.ppc64le", }, product_reference: "dlm-kmp-default-4.4.121-92.95.1.ppc64le", relates_to_product_reference: "SUSE Linux Enterprise High Availability Extension 12 SP2", }, { category: "default_component_of", full_product_name: { name: "dlm-kmp-default-4.4.121-92.95.1.s390x as component of SUSE Linux Enterprise High Availability Extension 12 SP2", product_id: "SUSE Linux Enterprise High Availability Extension 12 SP2:dlm-kmp-default-4.4.121-92.95.1.s390x", }, product_reference: "dlm-kmp-default-4.4.121-92.95.1.s390x", relates_to_product_reference: "SUSE Linux Enterprise High Availability Extension 12 SP2", }, { category: "default_component_of", full_product_name: { name: "dlm-kmp-default-4.4.121-92.95.1.x86_64 as component of SUSE Linux Enterprise High Availability Extension 12 SP2", product_id: "SUSE Linux Enterprise High Availability Extension 12 SP2:dlm-kmp-default-4.4.121-92.95.1.x86_64", }, product_reference: "dlm-kmp-default-4.4.121-92.95.1.x86_64", relates_to_product_reference: "SUSE Linux Enterprise High Availability Extension 12 SP2", }, { category: "default_component_of", full_product_name: { name: "gfs2-kmp-default-4.4.121-92.95.1.ppc64le as component of SUSE Linux Enterprise High Availability Extension 12 SP2", product_id: "SUSE Linux Enterprise High Availability Extension 12 SP2:gfs2-kmp-default-4.4.121-92.95.1.ppc64le", }, product_reference: "gfs2-kmp-default-4.4.121-92.95.1.ppc64le", relates_to_product_reference: "SUSE Linux Enterprise High Availability Extension 12 SP2", }, { category: "default_component_of", full_product_name: { name: "gfs2-kmp-default-4.4.121-92.95.1.s390x as component of SUSE Linux Enterprise High Availability Extension 12 SP2", product_id: "SUSE Linux Enterprise High Availability Extension 12 SP2:gfs2-kmp-default-4.4.121-92.95.1.s390x", }, product_reference: "gfs2-kmp-default-4.4.121-92.95.1.s390x", relates_to_product_reference: "SUSE Linux Enterprise High Availability Extension 12 SP2", }, { category: "default_component_of", full_product_name: { name: "gfs2-kmp-default-4.4.121-92.95.1.x86_64 as component of SUSE Linux Enterprise High Availability Extension 12 SP2", product_id: "SUSE Linux Enterprise High Availability Extension 12 SP2:gfs2-kmp-default-4.4.121-92.95.1.x86_64", }, product_reference: "gfs2-kmp-default-4.4.121-92.95.1.x86_64", relates_to_product_reference: "SUSE Linux Enterprise High Availability Extension 12 SP2", }, { category: "default_component_of", full_product_name: { name: "ocfs2-kmp-default-4.4.121-92.95.1.ppc64le as component of SUSE Linux Enterprise High Availability Extension 12 SP2", product_id: "SUSE Linux Enterprise High Availability Extension 12 SP2:ocfs2-kmp-default-4.4.121-92.95.1.ppc64le", }, product_reference: "ocfs2-kmp-default-4.4.121-92.95.1.ppc64le", relates_to_product_reference: "SUSE Linux Enterprise High Availability Extension 12 SP2", }, { category: "default_component_of", full_product_name: { name: "ocfs2-kmp-default-4.4.121-92.95.1.s390x as component of SUSE Linux Enterprise High Availability Extension 12 SP2", product_id: "SUSE Linux Enterprise High Availability Extension 12 SP2:ocfs2-kmp-default-4.4.121-92.95.1.s390x", }, product_reference: "ocfs2-kmp-default-4.4.121-92.95.1.s390x", relates_to_product_reference: "SUSE Linux Enterprise High Availability Extension 12 SP2", }, { category: "default_component_of", full_product_name: { name: "ocfs2-kmp-default-4.4.121-92.95.1.x86_64 as component of SUSE Linux Enterprise High Availability Extension 12 SP2", product_id: "SUSE Linux Enterprise High Availability Extension 12 SP2:ocfs2-kmp-default-4.4.121-92.95.1.x86_64", }, product_reference: "ocfs2-kmp-default-4.4.121-92.95.1.x86_64", relates_to_product_reference: "SUSE Linux Enterprise High Availability Extension 12 SP2", }, { category: "default_component_of", full_product_name: { name: "kernel-default-4.4.121-92.95.1.ppc64le as component of SUSE Linux Enterprise Server for SAP Applications 12 SP2", product_id: "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-4.4.121-92.95.1.ppc64le", }, product_reference: "kernel-default-4.4.121-92.95.1.ppc64le", relates_to_product_reference: "SUSE Linux Enterprise Server for SAP Applications 12 SP2", }, { category: "default_component_of", full_product_name: { name: "kernel-default-4.4.121-92.95.1.x86_64 as component of SUSE Linux Enterprise Server for SAP Applications 12 SP2", product_id: "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-4.4.121-92.95.1.x86_64", }, product_reference: "kernel-default-4.4.121-92.95.1.x86_64", relates_to_product_reference: "SUSE Linux Enterprise Server for SAP Applications 12 SP2", }, { category: "default_component_of", full_product_name: { name: "kernel-default-base-4.4.121-92.95.1.ppc64le as component of SUSE Linux Enterprise Server for SAP Applications 12 SP2", product_id: "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-base-4.4.121-92.95.1.ppc64le", }, product_reference: "kernel-default-base-4.4.121-92.95.1.ppc64le", relates_to_product_reference: "SUSE Linux Enterprise Server for SAP Applications 12 SP2", }, { category: "default_component_of", full_product_name: { name: "kernel-default-base-4.4.121-92.95.1.x86_64 as component of SUSE Linux Enterprise Server for SAP Applications 12 SP2", product_id: "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-base-4.4.121-92.95.1.x86_64", }, product_reference: "kernel-default-base-4.4.121-92.95.1.x86_64", relates_to_product_reference: "SUSE Linux Enterprise Server for SAP Applications 12 SP2", }, { category: "default_component_of", full_product_name: { name: "kernel-default-devel-4.4.121-92.95.1.ppc64le as component of SUSE Linux Enterprise Server for SAP Applications 12 SP2", product_id: "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-devel-4.4.121-92.95.1.ppc64le", }, product_reference: "kernel-default-devel-4.4.121-92.95.1.ppc64le", relates_to_product_reference: "SUSE Linux Enterprise Server for SAP Applications 12 SP2", }, { category: "default_component_of", full_product_name: { name: "kernel-default-devel-4.4.121-92.95.1.x86_64 as component of SUSE Linux Enterprise Server for SAP Applications 12 SP2", product_id: "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-devel-4.4.121-92.95.1.x86_64", }, product_reference: "kernel-default-devel-4.4.121-92.95.1.x86_64", relates_to_product_reference: "SUSE Linux Enterprise Server for SAP Applications 12 SP2", }, { category: "default_component_of", full_product_name: { name: "kernel-devel-4.4.121-92.95.1.noarch as component of SUSE Linux Enterprise Server for SAP Applications 12 SP2", product_id: "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-devel-4.4.121-92.95.1.noarch", }, product_reference: "kernel-devel-4.4.121-92.95.1.noarch", relates_to_product_reference: "SUSE Linux Enterprise Server for SAP Applications 12 SP2", }, { category: "default_component_of", full_product_name: { name: "kernel-macros-4.4.121-92.95.1.noarch as component of SUSE Linux Enterprise Server for SAP Applications 12 SP2", product_id: "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-macros-4.4.121-92.95.1.noarch", }, product_reference: "kernel-macros-4.4.121-92.95.1.noarch", relates_to_product_reference: "SUSE Linux Enterprise Server for SAP Applications 12 SP2", }, { category: "default_component_of", full_product_name: { name: "kernel-source-4.4.121-92.95.1.noarch as component of SUSE Linux Enterprise Server for SAP Applications 12 SP2", product_id: "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-source-4.4.121-92.95.1.noarch", }, product_reference: "kernel-source-4.4.121-92.95.1.noarch", relates_to_product_reference: "SUSE Linux Enterprise Server for SAP Applications 12 SP2", }, { category: "default_component_of", full_product_name: { name: "kernel-syms-4.4.121-92.95.1.ppc64le as component of SUSE Linux Enterprise Server for SAP Applications 12 SP2", product_id: "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-syms-4.4.121-92.95.1.ppc64le", }, product_reference: "kernel-syms-4.4.121-92.95.1.ppc64le", relates_to_product_reference: "SUSE Linux Enterprise Server for SAP Applications 12 SP2", }, { category: "default_component_of", full_product_name: { name: "kernel-syms-4.4.121-92.95.1.x86_64 as component of SUSE Linux Enterprise Server for SAP Applications 12 SP2", product_id: "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-syms-4.4.121-92.95.1.x86_64", }, product_reference: "kernel-syms-4.4.121-92.95.1.x86_64", relates_to_product_reference: "SUSE Linux Enterprise Server for SAP Applications 12 SP2", }, { category: "default_component_of", full_product_name: { name: "kgraft-patch-4_4_121-92_95-default-1-3.4.1.ppc64le as component of SUSE Linux Enterprise Server for SAP Applications 12 SP2", product_id: "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kgraft-patch-4_4_121-92_95-default-1-3.4.1.ppc64le", }, product_reference: "kgraft-patch-4_4_121-92_95-default-1-3.4.1.ppc64le", relates_to_product_reference: "SUSE Linux Enterprise Server for SAP Applications 12 SP2", }, { category: "default_component_of", full_product_name: { name: "kgraft-patch-4_4_121-92_95-default-1-3.4.1.x86_64 as component of SUSE Linux Enterprise Server for SAP Applications 12 SP2", product_id: "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kgraft-patch-4_4_121-92_95-default-1-3.4.1.x86_64", }, product_reference: "kgraft-patch-4_4_121-92_95-default-1-3.4.1.x86_64", relates_to_product_reference: "SUSE Linux Enterprise Server for SAP Applications 12 SP2", }, { category: "default_component_of", full_product_name: { name: "lttng-modules-2.7.1-9.6.1.x86_64 as component of SUSE Linux Enterprise Server for SAP Applications 12 SP2", product_id: "SUSE Linux Enterprise Server for SAP Applications 12 SP2:lttng-modules-2.7.1-9.6.1.x86_64", }, product_reference: "lttng-modules-2.7.1-9.6.1.x86_64", relates_to_product_reference: "SUSE Linux Enterprise Server for SAP Applications 12 SP2", }, { category: "default_component_of", full_product_name: { name: "lttng-modules-kmp-default-2.7.1_k4.4.121_92.95-9.6.1.x86_64 as component of SUSE Linux Enterprise Server for SAP Applications 12 SP2", product_id: "SUSE Linux Enterprise Server for SAP Applications 12 SP2:lttng-modules-kmp-default-2.7.1_k4.4.121_92.95-9.6.1.x86_64", }, product_reference: "lttng-modules-kmp-default-2.7.1_k4.4.121_92.95-9.6.1.x86_64", relates_to_product_reference: "SUSE Linux Enterprise Server for SAP Applications 12 SP2", }, { category: "default_component_of", full_product_name: { name: "kernel-default-4.4.121-92.95.1.ppc64le as component of SUSE Linux Enterprise Server 12 SP2-LTSS", product_id: "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-4.4.121-92.95.1.ppc64le", }, product_reference: "kernel-default-4.4.121-92.95.1.ppc64le", relates_to_product_reference: "SUSE Linux Enterprise Server 12 SP2-LTSS", }, { category: "default_component_of", full_product_name: { name: "kernel-default-4.4.121-92.95.1.s390x as component of SUSE Linux Enterprise Server 12 SP2-LTSS", product_id: "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-4.4.121-92.95.1.s390x", }, product_reference: "kernel-default-4.4.121-92.95.1.s390x", relates_to_product_reference: "SUSE Linux Enterprise Server 12 SP2-LTSS", }, { category: "default_component_of", full_product_name: { name: "kernel-default-4.4.121-92.95.1.x86_64 as component of SUSE Linux Enterprise Server 12 SP2-LTSS", product_id: "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-4.4.121-92.95.1.x86_64", }, product_reference: "kernel-default-4.4.121-92.95.1.x86_64", relates_to_product_reference: "SUSE Linux Enterprise Server 12 SP2-LTSS", }, { category: "default_component_of", full_product_name: { name: "kernel-default-base-4.4.121-92.95.1.ppc64le as component of SUSE Linux Enterprise Server 12 SP2-LTSS", product_id: "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-base-4.4.121-92.95.1.ppc64le", }, product_reference: "kernel-default-base-4.4.121-92.95.1.ppc64le", relates_to_product_reference: "SUSE Linux Enterprise Server 12 SP2-LTSS", }, { category: "default_component_of", full_product_name: { name: "kernel-default-base-4.4.121-92.95.1.s390x as component of SUSE Linux Enterprise Server 12 SP2-LTSS", product_id: "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-base-4.4.121-92.95.1.s390x", }, product_reference: "kernel-default-base-4.4.121-92.95.1.s390x", relates_to_product_reference: "SUSE Linux Enterprise Server 12 SP2-LTSS", }, { category: "default_component_of", full_product_name: { name: "kernel-default-base-4.4.121-92.95.1.x86_64 as component of SUSE Linux Enterprise Server 12 SP2-LTSS", product_id: "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-base-4.4.121-92.95.1.x86_64", }, product_reference: "kernel-default-base-4.4.121-92.95.1.x86_64", relates_to_product_reference: "SUSE Linux Enterprise Server 12 SP2-LTSS", }, { category: "default_component_of", full_product_name: { name: "kernel-default-devel-4.4.121-92.95.1.ppc64le as component of SUSE Linux Enterprise Server 12 SP2-LTSS", product_id: "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-devel-4.4.121-92.95.1.ppc64le", }, product_reference: "kernel-default-devel-4.4.121-92.95.1.ppc64le", relates_to_product_reference: "SUSE Linux Enterprise Server 12 SP2-LTSS", }, { category: "default_component_of", full_product_name: { name: "kernel-default-devel-4.4.121-92.95.1.s390x as component of SUSE Linux Enterprise Server 12 SP2-LTSS", product_id: "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-devel-4.4.121-92.95.1.s390x", }, product_reference: "kernel-default-devel-4.4.121-92.95.1.s390x", relates_to_product_reference: "SUSE Linux Enterprise Server 12 SP2-LTSS", }, { category: "default_component_of", full_product_name: { name: "kernel-default-devel-4.4.121-92.95.1.x86_64 as component of SUSE Linux Enterprise Server 12 SP2-LTSS", product_id: "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-devel-4.4.121-92.95.1.x86_64", }, product_reference: "kernel-default-devel-4.4.121-92.95.1.x86_64", relates_to_product_reference: "SUSE Linux Enterprise Server 12 SP2-LTSS", }, { category: "default_component_of", full_product_name: { name: "kernel-default-man-4.4.121-92.95.1.s390x as component of SUSE Linux Enterprise Server 12 SP2-LTSS", product_id: "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-man-4.4.121-92.95.1.s390x", }, product_reference: "kernel-default-man-4.4.121-92.95.1.s390x", relates_to_product_reference: "SUSE Linux Enterprise Server 12 SP2-LTSS", }, { category: "default_component_of", full_product_name: { name: "kernel-devel-4.4.121-92.95.1.noarch as component of SUSE Linux Enterprise Server 12 SP2-LTSS", product_id: "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-devel-4.4.121-92.95.1.noarch", }, product_reference: "kernel-devel-4.4.121-92.95.1.noarch", relates_to_product_reference: "SUSE Linux Enterprise Server 12 SP2-LTSS", }, { category: "default_component_of", full_product_name: { name: "kernel-macros-4.4.121-92.95.1.noarch as component of SUSE Linux Enterprise Server 12 SP2-LTSS", product_id: "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-macros-4.4.121-92.95.1.noarch", }, product_reference: "kernel-macros-4.4.121-92.95.1.noarch", relates_to_product_reference: "SUSE Linux Enterprise Server 12 SP2-LTSS", }, { category: "default_component_of", full_product_name: { name: "kernel-source-4.4.121-92.95.1.noarch as component of SUSE Linux Enterprise Server 12 SP2-LTSS", product_id: "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-source-4.4.121-92.95.1.noarch", }, product_reference: "kernel-source-4.4.121-92.95.1.noarch", relates_to_product_reference: "SUSE Linux Enterprise Server 12 SP2-LTSS", }, { category: "default_component_of", full_product_name: { name: "kernel-syms-4.4.121-92.95.1.ppc64le as component of SUSE Linux Enterprise Server 12 SP2-LTSS", product_id: "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-syms-4.4.121-92.95.1.ppc64le", }, product_reference: "kernel-syms-4.4.121-92.95.1.ppc64le", relates_to_product_reference: "SUSE Linux Enterprise Server 12 SP2-LTSS", }, { category: "default_component_of", full_product_name: { name: "kernel-syms-4.4.121-92.95.1.s390x as component of SUSE Linux Enterprise Server 12 SP2-LTSS", product_id: "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-syms-4.4.121-92.95.1.s390x", }, product_reference: "kernel-syms-4.4.121-92.95.1.s390x", relates_to_product_reference: "SUSE Linux Enterprise Server 12 SP2-LTSS", }, { category: "default_component_of", full_product_name: { name: "kernel-syms-4.4.121-92.95.1.x86_64 as component of SUSE Linux Enterprise Server 12 SP2-LTSS", product_id: "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-syms-4.4.121-92.95.1.x86_64", }, product_reference: "kernel-syms-4.4.121-92.95.1.x86_64", relates_to_product_reference: "SUSE Linux Enterprise Server 12 SP2-LTSS", }, { category: "default_component_of", full_product_name: { name: "kgraft-patch-4_4_121-92_95-default-1-3.4.1.ppc64le as component of SUSE Linux Enterprise Server 12 SP2-LTSS", product_id: "SUSE Linux Enterprise Server 12 SP2-LTSS:kgraft-patch-4_4_121-92_95-default-1-3.4.1.ppc64le", }, product_reference: "kgraft-patch-4_4_121-92_95-default-1-3.4.1.ppc64le", relates_to_product_reference: "SUSE Linux Enterprise Server 12 SP2-LTSS", }, { category: "default_component_of", full_product_name: { name: "kgraft-patch-4_4_121-92_95-default-1-3.4.1.x86_64 as component of SUSE Linux Enterprise Server 12 SP2-LTSS", product_id: "SUSE Linux Enterprise Server 12 SP2-LTSS:kgraft-patch-4_4_121-92_95-default-1-3.4.1.x86_64", }, product_reference: "kgraft-patch-4_4_121-92_95-default-1-3.4.1.x86_64", relates_to_product_reference: "SUSE Linux Enterprise Server 12 SP2-LTSS", }, { category: "default_component_of", full_product_name: { name: "lttng-modules-2.7.1-9.6.1.x86_64 as component of SUSE Linux Enterprise Server 12 SP2-LTSS", product_id: "SUSE Linux Enterprise Server 12 SP2-LTSS:lttng-modules-2.7.1-9.6.1.x86_64", }, product_reference: "lttng-modules-2.7.1-9.6.1.x86_64", relates_to_product_reference: "SUSE Linux Enterprise Server 12 SP2-LTSS", }, { category: "default_component_of", full_product_name: { name: "lttng-modules-kmp-default-2.7.1_k4.4.121_92.95-9.6.1.x86_64 as component of SUSE Linux Enterprise Server 12 SP2-LTSS", product_id: "SUSE Linux Enterprise Server 12 SP2-LTSS:lttng-modules-kmp-default-2.7.1_k4.4.121_92.95-9.6.1.x86_64", }, product_reference: "lttng-modules-kmp-default-2.7.1_k4.4.121_92.95-9.6.1.x86_64", relates_to_product_reference: "SUSE Linux Enterprise Server 12 SP2-LTSS", }, { category: "default_component_of", full_product_name: { name: "kernel-default-4.4.121-92.95.1.x86_64 as component of SUSE Linux Enterprise Server 12 SP2-BCL", product_id: "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-default-4.4.121-92.95.1.x86_64", }, product_reference: "kernel-default-4.4.121-92.95.1.x86_64", relates_to_product_reference: "SUSE Linux Enterprise Server 12 SP2-BCL", }, { category: "default_component_of", full_product_name: { name: "kernel-default-base-4.4.121-92.95.1.x86_64 as component of SUSE Linux Enterprise Server 12 SP2-BCL", product_id: "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-default-base-4.4.121-92.95.1.x86_64", }, product_reference: "kernel-default-base-4.4.121-92.95.1.x86_64", relates_to_product_reference: "SUSE Linux Enterprise Server 12 SP2-BCL", }, { category: "default_component_of", full_product_name: { name: "kernel-default-devel-4.4.121-92.95.1.x86_64 as component of SUSE Linux Enterprise Server 12 SP2-BCL", product_id: "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-default-devel-4.4.121-92.95.1.x86_64", }, product_reference: "kernel-default-devel-4.4.121-92.95.1.x86_64", relates_to_product_reference: "SUSE Linux Enterprise Server 12 SP2-BCL", }, { category: "default_component_of", full_product_name: { name: "kernel-devel-4.4.121-92.95.1.noarch as component of SUSE Linux Enterprise Server 12 SP2-BCL", product_id: "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-devel-4.4.121-92.95.1.noarch", }, product_reference: "kernel-devel-4.4.121-92.95.1.noarch", relates_to_product_reference: "SUSE Linux Enterprise Server 12 SP2-BCL", }, { category: "default_component_of", full_product_name: { name: "kernel-macros-4.4.121-92.95.1.noarch as component of SUSE Linux Enterprise Server 12 SP2-BCL", product_id: "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-macros-4.4.121-92.95.1.noarch", }, product_reference: "kernel-macros-4.4.121-92.95.1.noarch", relates_to_product_reference: "SUSE Linux Enterprise Server 12 SP2-BCL", }, { category: "default_component_of", full_product_name: { name: "kernel-source-4.4.121-92.95.1.noarch as component of SUSE Linux Enterprise Server 12 SP2-BCL", product_id: "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-source-4.4.121-92.95.1.noarch", }, product_reference: "kernel-source-4.4.121-92.95.1.noarch", relates_to_product_reference: "SUSE Linux Enterprise Server 12 SP2-BCL", }, { category: "default_component_of", full_product_name: { name: "kernel-syms-4.4.121-92.95.1.x86_64 as component of SUSE Linux Enterprise Server 12 SP2-BCL", product_id: "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-syms-4.4.121-92.95.1.x86_64", }, product_reference: "kernel-syms-4.4.121-92.95.1.x86_64", relates_to_product_reference: "SUSE Linux Enterprise Server 12 SP2-BCL", }, { category: "default_component_of", full_product_name: { name: "lttng-modules-2.7.1-9.6.1.x86_64 as component of SUSE Linux Enterprise Server 12 SP2-BCL", product_id: "SUSE Linux Enterprise Server 12 SP2-BCL:lttng-modules-2.7.1-9.6.1.x86_64", }, product_reference: "lttng-modules-2.7.1-9.6.1.x86_64", relates_to_product_reference: "SUSE Linux Enterprise Server 12 SP2-BCL", }, { category: "default_component_of", full_product_name: { name: "lttng-modules-kmp-default-2.7.1_k4.4.121_92.95-9.6.1.x86_64 as component of SUSE Linux Enterprise Server 12 SP2-BCL", product_id: "SUSE Linux Enterprise Server 12 SP2-BCL:lttng-modules-kmp-default-2.7.1_k4.4.121_92.95-9.6.1.x86_64", }, product_reference: "lttng-modules-kmp-default-2.7.1_k4.4.121_92.95-9.6.1.x86_64", relates_to_product_reference: "SUSE Linux Enterprise Server 12 SP2-BCL", }, { category: "default_component_of", full_product_name: { name: "kernel-default-4.4.121-92.95.1.x86_64 as component of SUSE Enterprise Storage 4", product_id: "SUSE Enterprise Storage 4:kernel-default-4.4.121-92.95.1.x86_64", }, product_reference: "kernel-default-4.4.121-92.95.1.x86_64", relates_to_product_reference: "SUSE Enterprise Storage 4", }, { category: "default_component_of", full_product_name: { name: "kernel-default-base-4.4.121-92.95.1.x86_64 as component of SUSE Enterprise Storage 4", product_id: "SUSE Enterprise Storage 4:kernel-default-base-4.4.121-92.95.1.x86_64", }, product_reference: "kernel-default-base-4.4.121-92.95.1.x86_64", relates_to_product_reference: "SUSE Enterprise Storage 4", }, { category: "default_component_of", full_product_name: { name: "kernel-default-devel-4.4.121-92.95.1.x86_64 as component of SUSE Enterprise Storage 4", product_id: "SUSE Enterprise Storage 4:kernel-default-devel-4.4.121-92.95.1.x86_64", }, product_reference: "kernel-default-devel-4.4.121-92.95.1.x86_64", relates_to_product_reference: "SUSE Enterprise Storage 4", }, { category: "default_component_of", full_product_name: { name: "kernel-devel-4.4.121-92.95.1.noarch as component of SUSE Enterprise Storage 4", product_id: "SUSE Enterprise Storage 4:kernel-devel-4.4.121-92.95.1.noarch", }, product_reference: "kernel-devel-4.4.121-92.95.1.noarch", relates_to_product_reference: "SUSE Enterprise Storage 4", }, { category: "default_component_of", full_product_name: { name: "kernel-macros-4.4.121-92.95.1.noarch as component of SUSE Enterprise Storage 4", product_id: "SUSE Enterprise Storage 4:kernel-macros-4.4.121-92.95.1.noarch", }, product_reference: "kernel-macros-4.4.121-92.95.1.noarch", relates_to_product_reference: "SUSE Enterprise Storage 4", }, { category: "default_component_of", full_product_name: { name: "kernel-source-4.4.121-92.95.1.noarch as component of SUSE Enterprise Storage 4", product_id: "SUSE Enterprise Storage 4:kernel-source-4.4.121-92.95.1.noarch", }, product_reference: "kernel-source-4.4.121-92.95.1.noarch", relates_to_product_reference: "SUSE Enterprise Storage 4", }, { category: "default_component_of", full_product_name: { name: "kernel-syms-4.4.121-92.95.1.x86_64 as component of SUSE Enterprise Storage 4", product_id: "SUSE Enterprise Storage 4:kernel-syms-4.4.121-92.95.1.x86_64", }, product_reference: "kernel-syms-4.4.121-92.95.1.x86_64", relates_to_product_reference: "SUSE Enterprise Storage 4", }, { category: "default_component_of", full_product_name: { name: "kgraft-patch-4_4_121-92_95-default-1-3.4.1.x86_64 as component of SUSE Enterprise Storage 4", product_id: "SUSE Enterprise Storage 4:kgraft-patch-4_4_121-92_95-default-1-3.4.1.x86_64", }, product_reference: "kgraft-patch-4_4_121-92_95-default-1-3.4.1.x86_64", relates_to_product_reference: "SUSE Enterprise Storage 4", }, { category: "default_component_of", full_product_name: { name: "lttng-modules-2.7.1-9.6.1.x86_64 as component of SUSE Enterprise Storage 4", product_id: "SUSE Enterprise Storage 4:lttng-modules-2.7.1-9.6.1.x86_64", }, product_reference: "lttng-modules-2.7.1-9.6.1.x86_64", relates_to_product_reference: "SUSE Enterprise Storage 4", }, { category: "default_component_of", full_product_name: { name: "lttng-modules-kmp-default-2.7.1_k4.4.121_92.95-9.6.1.x86_64 as component of SUSE Enterprise Storage 4", product_id: "SUSE Enterprise Storage 4:lttng-modules-kmp-default-2.7.1_k4.4.121_92.95-9.6.1.x86_64", }, product_reference: "lttng-modules-kmp-default-2.7.1_k4.4.121_92.95-9.6.1.x86_64", relates_to_product_reference: "SUSE Enterprise Storage 4", }, ], }, vulnerabilities: [ { cve: "CVE-2018-10853", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2018-10853", }, ], notes: [ { category: "general", text: "A flaw was found in the way Linux kernel KVM hypervisor before 4.18 emulated instructions such as sgdt/sidt/fxsave/fxrstor. It did not check current privilege(CPL) level while emulating unprivileged instructions. An unprivileged guest user/process could use this flaw to potentially escalate privileges inside guest.", title: "CVE description", }, ], product_status: { recommended: [ "SUSE Enterprise Storage 4:kernel-default-4.4.121-92.95.1.x86_64", "SUSE Enterprise Storage 4:kernel-default-base-4.4.121-92.95.1.x86_64", "SUSE Enterprise Storage 4:kernel-default-devel-4.4.121-92.95.1.x86_64", "SUSE Enterprise Storage 4:kernel-devel-4.4.121-92.95.1.noarch", "SUSE Enterprise Storage 4:kernel-macros-4.4.121-92.95.1.noarch", "SUSE Enterprise Storage 4:kernel-source-4.4.121-92.95.1.noarch", "SUSE Enterprise Storage 4:kernel-syms-4.4.121-92.95.1.x86_64", "SUSE Enterprise Storage 4:kgraft-patch-4_4_121-92_95-default-1-3.4.1.x86_64", "SUSE Enterprise Storage 4:lttng-modules-2.7.1-9.6.1.x86_64", "SUSE Enterprise Storage 4:lttng-modules-kmp-default-2.7.1_k4.4.121_92.95-9.6.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP2:cluster-md-kmp-default-4.4.121-92.95.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP2:cluster-md-kmp-default-4.4.121-92.95.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP2:cluster-md-kmp-default-4.4.121-92.95.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP2:cluster-network-kmp-default-4.4.121-92.95.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP2:cluster-network-kmp-default-4.4.121-92.95.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP2:cluster-network-kmp-default-4.4.121-92.95.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP2:dlm-kmp-default-4.4.121-92.95.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP2:dlm-kmp-default-4.4.121-92.95.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP2:dlm-kmp-default-4.4.121-92.95.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP2:gfs2-kmp-default-4.4.121-92.95.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP2:gfs2-kmp-default-4.4.121-92.95.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP2:gfs2-kmp-default-4.4.121-92.95.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP2:ocfs2-kmp-default-4.4.121-92.95.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP2:ocfs2-kmp-default-4.4.121-92.95.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP2:ocfs2-kmp-default-4.4.121-92.95.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-default-4.4.121-92.95.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-default-base-4.4.121-92.95.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-default-devel-4.4.121-92.95.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-devel-4.4.121-92.95.1.noarch", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-macros-4.4.121-92.95.1.noarch", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-source-4.4.121-92.95.1.noarch", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-syms-4.4.121-92.95.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:lttng-modules-2.7.1-9.6.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:lttng-modules-kmp-default-2.7.1_k4.4.121_92.95-9.6.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-4.4.121-92.95.1.ppc64le", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-4.4.121-92.95.1.s390x", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-4.4.121-92.95.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-base-4.4.121-92.95.1.ppc64le", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-base-4.4.121-92.95.1.s390x", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-base-4.4.121-92.95.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-devel-4.4.121-92.95.1.ppc64le", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-devel-4.4.121-92.95.1.s390x", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-devel-4.4.121-92.95.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-man-4.4.121-92.95.1.s390x", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-devel-4.4.121-92.95.1.noarch", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-macros-4.4.121-92.95.1.noarch", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-source-4.4.121-92.95.1.noarch", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-syms-4.4.121-92.95.1.ppc64le", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-syms-4.4.121-92.95.1.s390x", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-syms-4.4.121-92.95.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-LTSS:kgraft-patch-4_4_121-92_95-default-1-3.4.1.ppc64le", "SUSE Linux Enterprise Server 12 SP2-LTSS:kgraft-patch-4_4_121-92_95-default-1-3.4.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-LTSS:lttng-modules-2.7.1-9.6.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-LTSS:lttng-modules-kmp-default-2.7.1_k4.4.121_92.95-9.6.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-4.4.121-92.95.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-4.4.121-92.95.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-base-4.4.121-92.95.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-base-4.4.121-92.95.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-devel-4.4.121-92.95.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-devel-4.4.121-92.95.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-devel-4.4.121-92.95.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-macros-4.4.121-92.95.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-source-4.4.121-92.95.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-syms-4.4.121-92.95.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-syms-4.4.121-92.95.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kgraft-patch-4_4_121-92_95-default-1-3.4.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kgraft-patch-4_4_121-92_95-default-1-3.4.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:lttng-modules-2.7.1-9.6.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:lttng-modules-kmp-default-2.7.1_k4.4.121_92.95-9.6.1.x86_64", "SUSE OpenStack Cloud 7:kernel-default-4.4.121-92.95.1.s390x", "SUSE OpenStack Cloud 7:kernel-default-4.4.121-92.95.1.x86_64", "SUSE OpenStack Cloud 7:kernel-default-base-4.4.121-92.95.1.s390x", "SUSE OpenStack Cloud 7:kernel-default-base-4.4.121-92.95.1.x86_64", "SUSE OpenStack Cloud 7:kernel-default-devel-4.4.121-92.95.1.s390x", "SUSE OpenStack Cloud 7:kernel-default-devel-4.4.121-92.95.1.x86_64", "SUSE OpenStack Cloud 7:kernel-default-man-4.4.121-92.95.1.s390x", "SUSE OpenStack Cloud 7:kernel-devel-4.4.121-92.95.1.noarch", "SUSE OpenStack Cloud 7:kernel-macros-4.4.121-92.95.1.noarch", "SUSE OpenStack Cloud 7:kernel-source-4.4.121-92.95.1.noarch", "SUSE OpenStack Cloud 7:kernel-syms-4.4.121-92.95.1.s390x", "SUSE OpenStack Cloud 7:kernel-syms-4.4.121-92.95.1.x86_64", "SUSE OpenStack Cloud 7:kgraft-patch-4_4_121-92_95-default-1-3.4.1.x86_64", "SUSE OpenStack Cloud 7:lttng-modules-2.7.1-9.6.1.x86_64", "SUSE OpenStack Cloud 7:lttng-modules-kmp-default-2.7.1_k4.4.121_92.95-9.6.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2018-10853", url: "https://www.suse.com/security/cve/CVE-2018-10853", }, { category: "external", summary: "SUSE Bug 1097104 for CVE-2018-10853", url: "https://bugzilla.suse.com/1097104", }, { category: "external", summary: "SUSE Bug 1097108 for CVE-2018-10853", url: "https://bugzilla.suse.com/1097108", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE Enterprise Storage 4:kernel-default-4.4.121-92.95.1.x86_64", "SUSE Enterprise Storage 4:kernel-default-base-4.4.121-92.95.1.x86_64", "SUSE Enterprise Storage 4:kernel-default-devel-4.4.121-92.95.1.x86_64", "SUSE Enterprise Storage 4:kernel-devel-4.4.121-92.95.1.noarch", "SUSE Enterprise Storage 4:kernel-macros-4.4.121-92.95.1.noarch", "SUSE Enterprise Storage 4:kernel-source-4.4.121-92.95.1.noarch", "SUSE Enterprise Storage 4:kernel-syms-4.4.121-92.95.1.x86_64", "SUSE Enterprise Storage 4:kgraft-patch-4_4_121-92_95-default-1-3.4.1.x86_64", "SUSE Enterprise Storage 4:lttng-modules-2.7.1-9.6.1.x86_64", "SUSE Enterprise Storage 4:lttng-modules-kmp-default-2.7.1_k4.4.121_92.95-9.6.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP2:cluster-md-kmp-default-4.4.121-92.95.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP2:cluster-md-kmp-default-4.4.121-92.95.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP2:cluster-md-kmp-default-4.4.121-92.95.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP2:cluster-network-kmp-default-4.4.121-92.95.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP2:cluster-network-kmp-default-4.4.121-92.95.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP2:cluster-network-kmp-default-4.4.121-92.95.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP2:dlm-kmp-default-4.4.121-92.95.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP2:dlm-kmp-default-4.4.121-92.95.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP2:dlm-kmp-default-4.4.121-92.95.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP2:gfs2-kmp-default-4.4.121-92.95.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP2:gfs2-kmp-default-4.4.121-92.95.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP2:gfs2-kmp-default-4.4.121-92.95.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP2:ocfs2-kmp-default-4.4.121-92.95.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP2:ocfs2-kmp-default-4.4.121-92.95.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP2:ocfs2-kmp-default-4.4.121-92.95.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-default-4.4.121-92.95.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-default-base-4.4.121-92.95.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-default-devel-4.4.121-92.95.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-devel-4.4.121-92.95.1.noarch", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-macros-4.4.121-92.95.1.noarch", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-source-4.4.121-92.95.1.noarch", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-syms-4.4.121-92.95.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:lttng-modules-2.7.1-9.6.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:lttng-modules-kmp-default-2.7.1_k4.4.121_92.95-9.6.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-4.4.121-92.95.1.ppc64le", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-4.4.121-92.95.1.s390x", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-4.4.121-92.95.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-base-4.4.121-92.95.1.ppc64le", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-base-4.4.121-92.95.1.s390x", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-base-4.4.121-92.95.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-devel-4.4.121-92.95.1.ppc64le", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-devel-4.4.121-92.95.1.s390x", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-devel-4.4.121-92.95.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-man-4.4.121-92.95.1.s390x", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-devel-4.4.121-92.95.1.noarch", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-macros-4.4.121-92.95.1.noarch", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-source-4.4.121-92.95.1.noarch", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-syms-4.4.121-92.95.1.ppc64le", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-syms-4.4.121-92.95.1.s390x", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-syms-4.4.121-92.95.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-LTSS:kgraft-patch-4_4_121-92_95-default-1-3.4.1.ppc64le", "SUSE Linux Enterprise Server 12 SP2-LTSS:kgraft-patch-4_4_121-92_95-default-1-3.4.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-LTSS:lttng-modules-2.7.1-9.6.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-LTSS:lttng-modules-kmp-default-2.7.1_k4.4.121_92.95-9.6.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-4.4.121-92.95.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-4.4.121-92.95.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-base-4.4.121-92.95.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-base-4.4.121-92.95.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-devel-4.4.121-92.95.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-devel-4.4.121-92.95.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-devel-4.4.121-92.95.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-macros-4.4.121-92.95.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-source-4.4.121-92.95.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-syms-4.4.121-92.95.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-syms-4.4.121-92.95.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kgraft-patch-4_4_121-92_95-default-1-3.4.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kgraft-patch-4_4_121-92_95-default-1-3.4.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:lttng-modules-2.7.1-9.6.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:lttng-modules-kmp-default-2.7.1_k4.4.121_92.95-9.6.1.x86_64", "SUSE OpenStack Cloud 7:kernel-default-4.4.121-92.95.1.s390x", "SUSE OpenStack Cloud 7:kernel-default-4.4.121-92.95.1.x86_64", "SUSE OpenStack Cloud 7:kernel-default-base-4.4.121-92.95.1.s390x", "SUSE OpenStack Cloud 7:kernel-default-base-4.4.121-92.95.1.x86_64", "SUSE OpenStack Cloud 7:kernel-default-devel-4.4.121-92.95.1.s390x", "SUSE OpenStack Cloud 7:kernel-default-devel-4.4.121-92.95.1.x86_64", "SUSE OpenStack Cloud 7:kernel-default-man-4.4.121-92.95.1.s390x", "SUSE OpenStack Cloud 7:kernel-devel-4.4.121-92.95.1.noarch", "SUSE OpenStack Cloud 7:kernel-macros-4.4.121-92.95.1.noarch", "SUSE OpenStack Cloud 7:kernel-source-4.4.121-92.95.1.noarch", "SUSE OpenStack Cloud 7:kernel-syms-4.4.121-92.95.1.s390x", "SUSE OpenStack Cloud 7:kernel-syms-4.4.121-92.95.1.x86_64", "SUSE OpenStack Cloud 7:kgraft-patch-4_4_121-92_95-default-1-3.4.1.x86_64", "SUSE OpenStack Cloud 7:lttng-modules-2.7.1-9.6.1.x86_64", "SUSE OpenStack Cloud 7:lttng-modules-kmp-default-2.7.1_k4.4.121_92.95-9.6.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 8.4, baseSeverity: "HIGH", vectorString: "CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", version: "3.0", }, products: [ "SUSE Enterprise Storage 4:kernel-default-4.4.121-92.95.1.x86_64", "SUSE Enterprise Storage 4:kernel-default-base-4.4.121-92.95.1.x86_64", "SUSE Enterprise Storage 4:kernel-default-devel-4.4.121-92.95.1.x86_64", "SUSE Enterprise Storage 4:kernel-devel-4.4.121-92.95.1.noarch", "SUSE Enterprise Storage 4:kernel-macros-4.4.121-92.95.1.noarch", "SUSE Enterprise Storage 4:kernel-source-4.4.121-92.95.1.noarch", "SUSE Enterprise Storage 4:kernel-syms-4.4.121-92.95.1.x86_64", "SUSE Enterprise Storage 4:kgraft-patch-4_4_121-92_95-default-1-3.4.1.x86_64", "SUSE Enterprise Storage 4:lttng-modules-2.7.1-9.6.1.x86_64", "SUSE Enterprise Storage 4:lttng-modules-kmp-default-2.7.1_k4.4.121_92.95-9.6.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP2:cluster-md-kmp-default-4.4.121-92.95.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP2:cluster-md-kmp-default-4.4.121-92.95.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP2:cluster-md-kmp-default-4.4.121-92.95.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP2:cluster-network-kmp-default-4.4.121-92.95.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP2:cluster-network-kmp-default-4.4.121-92.95.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP2:cluster-network-kmp-default-4.4.121-92.95.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP2:dlm-kmp-default-4.4.121-92.95.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP2:dlm-kmp-default-4.4.121-92.95.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP2:dlm-kmp-default-4.4.121-92.95.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP2:gfs2-kmp-default-4.4.121-92.95.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP2:gfs2-kmp-default-4.4.121-92.95.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP2:gfs2-kmp-default-4.4.121-92.95.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP2:ocfs2-kmp-default-4.4.121-92.95.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP2:ocfs2-kmp-default-4.4.121-92.95.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP2:ocfs2-kmp-default-4.4.121-92.95.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-default-4.4.121-92.95.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-default-base-4.4.121-92.95.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-default-devel-4.4.121-92.95.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-devel-4.4.121-92.95.1.noarch", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-macros-4.4.121-92.95.1.noarch", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-source-4.4.121-92.95.1.noarch", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-syms-4.4.121-92.95.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:lttng-modules-2.7.1-9.6.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:lttng-modules-kmp-default-2.7.1_k4.4.121_92.95-9.6.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-4.4.121-92.95.1.ppc64le", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-4.4.121-92.95.1.s390x", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-4.4.121-92.95.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-base-4.4.121-92.95.1.ppc64le", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-base-4.4.121-92.95.1.s390x", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-base-4.4.121-92.95.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-devel-4.4.121-92.95.1.ppc64le", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-devel-4.4.121-92.95.1.s390x", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-devel-4.4.121-92.95.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-man-4.4.121-92.95.1.s390x", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-devel-4.4.121-92.95.1.noarch", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-macros-4.4.121-92.95.1.noarch", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-source-4.4.121-92.95.1.noarch", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-syms-4.4.121-92.95.1.ppc64le", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-syms-4.4.121-92.95.1.s390x", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-syms-4.4.121-92.95.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-LTSS:kgraft-patch-4_4_121-92_95-default-1-3.4.1.ppc64le", "SUSE Linux Enterprise Server 12 SP2-LTSS:kgraft-patch-4_4_121-92_95-default-1-3.4.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-LTSS:lttng-modules-2.7.1-9.6.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-LTSS:lttng-modules-kmp-default-2.7.1_k4.4.121_92.95-9.6.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-4.4.121-92.95.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-4.4.121-92.95.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-base-4.4.121-92.95.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-base-4.4.121-92.95.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-devel-4.4.121-92.95.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-devel-4.4.121-92.95.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-devel-4.4.121-92.95.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-macros-4.4.121-92.95.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-source-4.4.121-92.95.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-syms-4.4.121-92.95.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-syms-4.4.121-92.95.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kgraft-patch-4_4_121-92_95-default-1-3.4.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kgraft-patch-4_4_121-92_95-default-1-3.4.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:lttng-modules-2.7.1-9.6.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:lttng-modules-kmp-default-2.7.1_k4.4.121_92.95-9.6.1.x86_64", "SUSE OpenStack Cloud 7:kernel-default-4.4.121-92.95.1.s390x", "SUSE OpenStack Cloud 7:kernel-default-4.4.121-92.95.1.x86_64", "SUSE OpenStack Cloud 7:kernel-default-base-4.4.121-92.95.1.s390x", "SUSE OpenStack Cloud 7:kernel-default-base-4.4.121-92.95.1.x86_64", "SUSE OpenStack Cloud 7:kernel-default-devel-4.4.121-92.95.1.s390x", "SUSE OpenStack Cloud 7:kernel-default-devel-4.4.121-92.95.1.x86_64", "SUSE OpenStack Cloud 7:kernel-default-man-4.4.121-92.95.1.s390x", "SUSE OpenStack Cloud 7:kernel-devel-4.4.121-92.95.1.noarch", "SUSE OpenStack Cloud 7:kernel-macros-4.4.121-92.95.1.noarch", "SUSE OpenStack Cloud 7:kernel-source-4.4.121-92.95.1.noarch", "SUSE OpenStack Cloud 7:kernel-syms-4.4.121-92.95.1.s390x", "SUSE OpenStack Cloud 7:kernel-syms-4.4.121-92.95.1.x86_64", "SUSE OpenStack Cloud 7:kgraft-patch-4_4_121-92_95-default-1-3.4.1.x86_64", "SUSE OpenStack Cloud 7:lttng-modules-2.7.1-9.6.1.x86_64", "SUSE OpenStack Cloud 7:lttng-modules-kmp-default-2.7.1_k4.4.121_92.95-9.6.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2018-10-09T12:00:14Z", details: "important", }, ], title: "CVE-2018-10853", }, { cve: "CVE-2018-10876", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2018-10876", }, ], notes: [ { category: "general", text: "A flaw was found in Linux kernel in the ext4 filesystem code. A use-after-free is possible in ext4_ext_remove_space() function when mounting and operating a crafted ext4 image.", title: "CVE description", }, ], product_status: { recommended: [ "SUSE Enterprise Storage 4:kernel-default-4.4.121-92.95.1.x86_64", "SUSE Enterprise Storage 4:kernel-default-base-4.4.121-92.95.1.x86_64", "SUSE Enterprise Storage 4:kernel-default-devel-4.4.121-92.95.1.x86_64", "SUSE Enterprise Storage 4:kernel-devel-4.4.121-92.95.1.noarch", "SUSE Enterprise Storage 4:kernel-macros-4.4.121-92.95.1.noarch", "SUSE Enterprise Storage 4:kernel-source-4.4.121-92.95.1.noarch", "SUSE Enterprise Storage 4:kernel-syms-4.4.121-92.95.1.x86_64", "SUSE Enterprise Storage 4:kgraft-patch-4_4_121-92_95-default-1-3.4.1.x86_64", "SUSE Enterprise Storage 4:lttng-modules-2.7.1-9.6.1.x86_64", "SUSE Enterprise Storage 4:lttng-modules-kmp-default-2.7.1_k4.4.121_92.95-9.6.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP2:cluster-md-kmp-default-4.4.121-92.95.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP2:cluster-md-kmp-default-4.4.121-92.95.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP2:cluster-md-kmp-default-4.4.121-92.95.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP2:cluster-network-kmp-default-4.4.121-92.95.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP2:cluster-network-kmp-default-4.4.121-92.95.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP2:cluster-network-kmp-default-4.4.121-92.95.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP2:dlm-kmp-default-4.4.121-92.95.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP2:dlm-kmp-default-4.4.121-92.95.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP2:dlm-kmp-default-4.4.121-92.95.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP2:gfs2-kmp-default-4.4.121-92.95.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP2:gfs2-kmp-default-4.4.121-92.95.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP2:gfs2-kmp-default-4.4.121-92.95.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP2:ocfs2-kmp-default-4.4.121-92.95.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP2:ocfs2-kmp-default-4.4.121-92.95.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP2:ocfs2-kmp-default-4.4.121-92.95.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-default-4.4.121-92.95.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-default-base-4.4.121-92.95.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-default-devel-4.4.121-92.95.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-devel-4.4.121-92.95.1.noarch", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-macros-4.4.121-92.95.1.noarch", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-source-4.4.121-92.95.1.noarch", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-syms-4.4.121-92.95.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:lttng-modules-2.7.1-9.6.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:lttng-modules-kmp-default-2.7.1_k4.4.121_92.95-9.6.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-4.4.121-92.95.1.ppc64le", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-4.4.121-92.95.1.s390x", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-4.4.121-92.95.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-base-4.4.121-92.95.1.ppc64le", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-base-4.4.121-92.95.1.s390x", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-base-4.4.121-92.95.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-devel-4.4.121-92.95.1.ppc64le", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-devel-4.4.121-92.95.1.s390x", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-devel-4.4.121-92.95.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-man-4.4.121-92.95.1.s390x", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-devel-4.4.121-92.95.1.noarch", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-macros-4.4.121-92.95.1.noarch", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-source-4.4.121-92.95.1.noarch", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-syms-4.4.121-92.95.1.ppc64le", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-syms-4.4.121-92.95.1.s390x", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-syms-4.4.121-92.95.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-LTSS:kgraft-patch-4_4_121-92_95-default-1-3.4.1.ppc64le", "SUSE Linux Enterprise Server 12 SP2-LTSS:kgraft-patch-4_4_121-92_95-default-1-3.4.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-LTSS:lttng-modules-2.7.1-9.6.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-LTSS:lttng-modules-kmp-default-2.7.1_k4.4.121_92.95-9.6.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-4.4.121-92.95.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-4.4.121-92.95.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-base-4.4.121-92.95.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-base-4.4.121-92.95.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-devel-4.4.121-92.95.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-devel-4.4.121-92.95.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-devel-4.4.121-92.95.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-macros-4.4.121-92.95.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-source-4.4.121-92.95.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-syms-4.4.121-92.95.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-syms-4.4.121-92.95.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kgraft-patch-4_4_121-92_95-default-1-3.4.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kgraft-patch-4_4_121-92_95-default-1-3.4.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:lttng-modules-2.7.1-9.6.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:lttng-modules-kmp-default-2.7.1_k4.4.121_92.95-9.6.1.x86_64", "SUSE OpenStack Cloud 7:kernel-default-4.4.121-92.95.1.s390x", "SUSE OpenStack Cloud 7:kernel-default-4.4.121-92.95.1.x86_64", "SUSE OpenStack Cloud 7:kernel-default-base-4.4.121-92.95.1.s390x", "SUSE OpenStack Cloud 7:kernel-default-base-4.4.121-92.95.1.x86_64", "SUSE OpenStack Cloud 7:kernel-default-devel-4.4.121-92.95.1.s390x", "SUSE OpenStack Cloud 7:kernel-default-devel-4.4.121-92.95.1.x86_64", "SUSE OpenStack Cloud 7:kernel-default-man-4.4.121-92.95.1.s390x", "SUSE OpenStack Cloud 7:kernel-devel-4.4.121-92.95.1.noarch", "SUSE OpenStack Cloud 7:kernel-macros-4.4.121-92.95.1.noarch", "SUSE OpenStack Cloud 7:kernel-source-4.4.121-92.95.1.noarch", "SUSE OpenStack Cloud 7:kernel-syms-4.4.121-92.95.1.s390x", "SUSE OpenStack Cloud 7:kernel-syms-4.4.121-92.95.1.x86_64", "SUSE OpenStack Cloud 7:kgraft-patch-4_4_121-92_95-default-1-3.4.1.x86_64", "SUSE OpenStack Cloud 7:lttng-modules-2.7.1-9.6.1.x86_64", "SUSE OpenStack Cloud 7:lttng-modules-kmp-default-2.7.1_k4.4.121_92.95-9.6.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2018-10876", url: "https://www.suse.com/security/cve/CVE-2018-10876", }, { category: "external", summary: "SUSE Bug 1099811 for CVE-2018-10876", url: "https://bugzilla.suse.com/1099811", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE Enterprise Storage 4:kernel-default-4.4.121-92.95.1.x86_64", "SUSE Enterprise Storage 4:kernel-default-base-4.4.121-92.95.1.x86_64", "SUSE Enterprise Storage 4:kernel-default-devel-4.4.121-92.95.1.x86_64", "SUSE Enterprise Storage 4:kernel-devel-4.4.121-92.95.1.noarch", "SUSE Enterprise Storage 4:kernel-macros-4.4.121-92.95.1.noarch", "SUSE Enterprise Storage 4:kernel-source-4.4.121-92.95.1.noarch", "SUSE Enterprise Storage 4:kernel-syms-4.4.121-92.95.1.x86_64", "SUSE Enterprise Storage 4:kgraft-patch-4_4_121-92_95-default-1-3.4.1.x86_64", "SUSE Enterprise Storage 4:lttng-modules-2.7.1-9.6.1.x86_64", "SUSE Enterprise Storage 4:lttng-modules-kmp-default-2.7.1_k4.4.121_92.95-9.6.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP2:cluster-md-kmp-default-4.4.121-92.95.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP2:cluster-md-kmp-default-4.4.121-92.95.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP2:cluster-md-kmp-default-4.4.121-92.95.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP2:cluster-network-kmp-default-4.4.121-92.95.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP2:cluster-network-kmp-default-4.4.121-92.95.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP2:cluster-network-kmp-default-4.4.121-92.95.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP2:dlm-kmp-default-4.4.121-92.95.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP2:dlm-kmp-default-4.4.121-92.95.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP2:dlm-kmp-default-4.4.121-92.95.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP2:gfs2-kmp-default-4.4.121-92.95.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP2:gfs2-kmp-default-4.4.121-92.95.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP2:gfs2-kmp-default-4.4.121-92.95.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP2:ocfs2-kmp-default-4.4.121-92.95.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP2:ocfs2-kmp-default-4.4.121-92.95.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP2:ocfs2-kmp-default-4.4.121-92.95.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-default-4.4.121-92.95.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-default-base-4.4.121-92.95.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-default-devel-4.4.121-92.95.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-devel-4.4.121-92.95.1.noarch", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-macros-4.4.121-92.95.1.noarch", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-source-4.4.121-92.95.1.noarch", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-syms-4.4.121-92.95.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:lttng-modules-2.7.1-9.6.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:lttng-modules-kmp-default-2.7.1_k4.4.121_92.95-9.6.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-4.4.121-92.95.1.ppc64le", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-4.4.121-92.95.1.s390x", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-4.4.121-92.95.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-base-4.4.121-92.95.1.ppc64le", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-base-4.4.121-92.95.1.s390x", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-base-4.4.121-92.95.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-devel-4.4.121-92.95.1.ppc64le", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-devel-4.4.121-92.95.1.s390x", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-devel-4.4.121-92.95.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-man-4.4.121-92.95.1.s390x", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-devel-4.4.121-92.95.1.noarch", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-macros-4.4.121-92.95.1.noarch", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-source-4.4.121-92.95.1.noarch", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-syms-4.4.121-92.95.1.ppc64le", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-syms-4.4.121-92.95.1.s390x", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-syms-4.4.121-92.95.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-LTSS:kgraft-patch-4_4_121-92_95-default-1-3.4.1.ppc64le", "SUSE Linux Enterprise Server 12 SP2-LTSS:kgraft-patch-4_4_121-92_95-default-1-3.4.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-LTSS:lttng-modules-2.7.1-9.6.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-LTSS:lttng-modules-kmp-default-2.7.1_k4.4.121_92.95-9.6.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-4.4.121-92.95.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-4.4.121-92.95.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-base-4.4.121-92.95.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-base-4.4.121-92.95.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-devel-4.4.121-92.95.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-devel-4.4.121-92.95.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-devel-4.4.121-92.95.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-macros-4.4.121-92.95.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-source-4.4.121-92.95.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-syms-4.4.121-92.95.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-syms-4.4.121-92.95.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kgraft-patch-4_4_121-92_95-default-1-3.4.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kgraft-patch-4_4_121-92_95-default-1-3.4.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:lttng-modules-2.7.1-9.6.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:lttng-modules-kmp-default-2.7.1_k4.4.121_92.95-9.6.1.x86_64", "SUSE OpenStack Cloud 7:kernel-default-4.4.121-92.95.1.s390x", "SUSE OpenStack Cloud 7:kernel-default-4.4.121-92.95.1.x86_64", "SUSE OpenStack Cloud 7:kernel-default-base-4.4.121-92.95.1.s390x", "SUSE OpenStack Cloud 7:kernel-default-base-4.4.121-92.95.1.x86_64", "SUSE OpenStack Cloud 7:kernel-default-devel-4.4.121-92.95.1.s390x", "SUSE OpenStack Cloud 7:kernel-default-devel-4.4.121-92.95.1.x86_64", "SUSE OpenStack Cloud 7:kernel-default-man-4.4.121-92.95.1.s390x", "SUSE OpenStack Cloud 7:kernel-devel-4.4.121-92.95.1.noarch", "SUSE OpenStack Cloud 7:kernel-macros-4.4.121-92.95.1.noarch", "SUSE OpenStack Cloud 7:kernel-source-4.4.121-92.95.1.noarch", "SUSE OpenStack Cloud 7:kernel-syms-4.4.121-92.95.1.s390x", "SUSE OpenStack Cloud 7:kernel-syms-4.4.121-92.95.1.x86_64", "SUSE OpenStack Cloud 7:kgraft-patch-4_4_121-92_95-default-1-3.4.1.x86_64", "SUSE OpenStack Cloud 7:lttng-modules-2.7.1-9.6.1.x86_64", "SUSE OpenStack Cloud 7:lttng-modules-kmp-default-2.7.1_k4.4.121_92.95-9.6.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 5, baseSeverity: "MEDIUM", vectorString: "CVSS:3.0/AV:L/AC:L/PR:L/UI:R/S:U/C:N/I:N/A:H", version: "3.0", }, products: [ "SUSE Enterprise Storage 4:kernel-default-4.4.121-92.95.1.x86_64", "SUSE Enterprise Storage 4:kernel-default-base-4.4.121-92.95.1.x86_64", "SUSE Enterprise Storage 4:kernel-default-devel-4.4.121-92.95.1.x86_64", "SUSE Enterprise Storage 4:kernel-devel-4.4.121-92.95.1.noarch", "SUSE Enterprise Storage 4:kernel-macros-4.4.121-92.95.1.noarch", "SUSE Enterprise Storage 4:kernel-source-4.4.121-92.95.1.noarch", "SUSE Enterprise Storage 4:kernel-syms-4.4.121-92.95.1.x86_64", "SUSE Enterprise Storage 4:kgraft-patch-4_4_121-92_95-default-1-3.4.1.x86_64", "SUSE Enterprise Storage 4:lttng-modules-2.7.1-9.6.1.x86_64", "SUSE Enterprise Storage 4:lttng-modules-kmp-default-2.7.1_k4.4.121_92.95-9.6.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP2:cluster-md-kmp-default-4.4.121-92.95.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP2:cluster-md-kmp-default-4.4.121-92.95.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP2:cluster-md-kmp-default-4.4.121-92.95.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP2:cluster-network-kmp-default-4.4.121-92.95.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP2:cluster-network-kmp-default-4.4.121-92.95.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP2:cluster-network-kmp-default-4.4.121-92.95.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP2:dlm-kmp-default-4.4.121-92.95.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP2:dlm-kmp-default-4.4.121-92.95.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP2:dlm-kmp-default-4.4.121-92.95.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP2:gfs2-kmp-default-4.4.121-92.95.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP2:gfs2-kmp-default-4.4.121-92.95.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP2:gfs2-kmp-default-4.4.121-92.95.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP2:ocfs2-kmp-default-4.4.121-92.95.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP2:ocfs2-kmp-default-4.4.121-92.95.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP2:ocfs2-kmp-default-4.4.121-92.95.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-default-4.4.121-92.95.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-default-base-4.4.121-92.95.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-default-devel-4.4.121-92.95.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-devel-4.4.121-92.95.1.noarch", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-macros-4.4.121-92.95.1.noarch", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-source-4.4.121-92.95.1.noarch", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-syms-4.4.121-92.95.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:lttng-modules-2.7.1-9.6.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:lttng-modules-kmp-default-2.7.1_k4.4.121_92.95-9.6.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-4.4.121-92.95.1.ppc64le", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-4.4.121-92.95.1.s390x", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-4.4.121-92.95.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-base-4.4.121-92.95.1.ppc64le", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-base-4.4.121-92.95.1.s390x", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-base-4.4.121-92.95.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-devel-4.4.121-92.95.1.ppc64le", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-devel-4.4.121-92.95.1.s390x", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-devel-4.4.121-92.95.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-man-4.4.121-92.95.1.s390x", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-devel-4.4.121-92.95.1.noarch", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-macros-4.4.121-92.95.1.noarch", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-source-4.4.121-92.95.1.noarch", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-syms-4.4.121-92.95.1.ppc64le", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-syms-4.4.121-92.95.1.s390x", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-syms-4.4.121-92.95.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-LTSS:kgraft-patch-4_4_121-92_95-default-1-3.4.1.ppc64le", "SUSE Linux Enterprise Server 12 SP2-LTSS:kgraft-patch-4_4_121-92_95-default-1-3.4.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-LTSS:lttng-modules-2.7.1-9.6.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-LTSS:lttng-modules-kmp-default-2.7.1_k4.4.121_92.95-9.6.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-4.4.121-92.95.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-4.4.121-92.95.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-base-4.4.121-92.95.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-base-4.4.121-92.95.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-devel-4.4.121-92.95.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-devel-4.4.121-92.95.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-devel-4.4.121-92.95.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-macros-4.4.121-92.95.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-source-4.4.121-92.95.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-syms-4.4.121-92.95.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-syms-4.4.121-92.95.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kgraft-patch-4_4_121-92_95-default-1-3.4.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kgraft-patch-4_4_121-92_95-default-1-3.4.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:lttng-modules-2.7.1-9.6.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:lttng-modules-kmp-default-2.7.1_k4.4.121_92.95-9.6.1.x86_64", "SUSE OpenStack Cloud 7:kernel-default-4.4.121-92.95.1.s390x", "SUSE OpenStack Cloud 7:kernel-default-4.4.121-92.95.1.x86_64", "SUSE OpenStack Cloud 7:kernel-default-base-4.4.121-92.95.1.s390x", "SUSE OpenStack Cloud 7:kernel-default-base-4.4.121-92.95.1.x86_64", "SUSE OpenStack Cloud 7:kernel-default-devel-4.4.121-92.95.1.s390x", "SUSE OpenStack Cloud 7:kernel-default-devel-4.4.121-92.95.1.x86_64", "SUSE OpenStack Cloud 7:kernel-default-man-4.4.121-92.95.1.s390x", "SUSE OpenStack Cloud 7:kernel-devel-4.4.121-92.95.1.noarch", "SUSE OpenStack Cloud 7:kernel-macros-4.4.121-92.95.1.noarch", "SUSE OpenStack Cloud 7:kernel-source-4.4.121-92.95.1.noarch", "SUSE OpenStack Cloud 7:kernel-syms-4.4.121-92.95.1.s390x", "SUSE OpenStack Cloud 7:kernel-syms-4.4.121-92.95.1.x86_64", "SUSE OpenStack Cloud 7:kgraft-patch-4_4_121-92_95-default-1-3.4.1.x86_64", "SUSE OpenStack Cloud 7:lttng-modules-2.7.1-9.6.1.x86_64", "SUSE OpenStack Cloud 7:lttng-modules-kmp-default-2.7.1_k4.4.121_92.95-9.6.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2018-10-09T12:00:14Z", details: "low", }, ], title: "CVE-2018-10876", }, { cve: "CVE-2018-10877", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2018-10877", }, ], notes: [ { category: "general", text: "Linux kernel ext4 filesystem is vulnerable to an out-of-bound access in the ext4_ext_drop_refs() function when operating on a crafted ext4 filesystem image.", title: "CVE description", }, ], product_status: { recommended: [ "SUSE Enterprise Storage 4:kernel-default-4.4.121-92.95.1.x86_64", "SUSE Enterprise Storage 4:kernel-default-base-4.4.121-92.95.1.x86_64", "SUSE Enterprise Storage 4:kernel-default-devel-4.4.121-92.95.1.x86_64", "SUSE Enterprise Storage 4:kernel-devel-4.4.121-92.95.1.noarch", "SUSE Enterprise Storage 4:kernel-macros-4.4.121-92.95.1.noarch", "SUSE Enterprise Storage 4:kernel-source-4.4.121-92.95.1.noarch", "SUSE Enterprise Storage 4:kernel-syms-4.4.121-92.95.1.x86_64", "SUSE Enterprise Storage 4:kgraft-patch-4_4_121-92_95-default-1-3.4.1.x86_64", "SUSE Enterprise Storage 4:lttng-modules-2.7.1-9.6.1.x86_64", "SUSE Enterprise Storage 4:lttng-modules-kmp-default-2.7.1_k4.4.121_92.95-9.6.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP2:cluster-md-kmp-default-4.4.121-92.95.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP2:cluster-md-kmp-default-4.4.121-92.95.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP2:cluster-md-kmp-default-4.4.121-92.95.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP2:cluster-network-kmp-default-4.4.121-92.95.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP2:cluster-network-kmp-default-4.4.121-92.95.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP2:cluster-network-kmp-default-4.4.121-92.95.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP2:dlm-kmp-default-4.4.121-92.95.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP2:dlm-kmp-default-4.4.121-92.95.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP2:dlm-kmp-default-4.4.121-92.95.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP2:gfs2-kmp-default-4.4.121-92.95.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP2:gfs2-kmp-default-4.4.121-92.95.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP2:gfs2-kmp-default-4.4.121-92.95.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP2:ocfs2-kmp-default-4.4.121-92.95.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP2:ocfs2-kmp-default-4.4.121-92.95.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP2:ocfs2-kmp-default-4.4.121-92.95.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-default-4.4.121-92.95.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-default-base-4.4.121-92.95.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-default-devel-4.4.121-92.95.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-devel-4.4.121-92.95.1.noarch", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-macros-4.4.121-92.95.1.noarch", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-source-4.4.121-92.95.1.noarch", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-syms-4.4.121-92.95.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:lttng-modules-2.7.1-9.6.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:lttng-modules-kmp-default-2.7.1_k4.4.121_92.95-9.6.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-4.4.121-92.95.1.ppc64le", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-4.4.121-92.95.1.s390x", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-4.4.121-92.95.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-base-4.4.121-92.95.1.ppc64le", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-base-4.4.121-92.95.1.s390x", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-base-4.4.121-92.95.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-devel-4.4.121-92.95.1.ppc64le", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-devel-4.4.121-92.95.1.s390x", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-devel-4.4.121-92.95.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-man-4.4.121-92.95.1.s390x", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-devel-4.4.121-92.95.1.noarch", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-macros-4.4.121-92.95.1.noarch", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-source-4.4.121-92.95.1.noarch", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-syms-4.4.121-92.95.1.ppc64le", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-syms-4.4.121-92.95.1.s390x", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-syms-4.4.121-92.95.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-LTSS:kgraft-patch-4_4_121-92_95-default-1-3.4.1.ppc64le", "SUSE Linux Enterprise Server 12 SP2-LTSS:kgraft-patch-4_4_121-92_95-default-1-3.4.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-LTSS:lttng-modules-2.7.1-9.6.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-LTSS:lttng-modules-kmp-default-2.7.1_k4.4.121_92.95-9.6.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-4.4.121-92.95.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-4.4.121-92.95.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-base-4.4.121-92.95.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-base-4.4.121-92.95.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-devel-4.4.121-92.95.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-devel-4.4.121-92.95.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-devel-4.4.121-92.95.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-macros-4.4.121-92.95.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-source-4.4.121-92.95.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-syms-4.4.121-92.95.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-syms-4.4.121-92.95.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kgraft-patch-4_4_121-92_95-default-1-3.4.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kgraft-patch-4_4_121-92_95-default-1-3.4.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:lttng-modules-2.7.1-9.6.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:lttng-modules-kmp-default-2.7.1_k4.4.121_92.95-9.6.1.x86_64", "SUSE OpenStack Cloud 7:kernel-default-4.4.121-92.95.1.s390x", "SUSE OpenStack Cloud 7:kernel-default-4.4.121-92.95.1.x86_64", "SUSE OpenStack Cloud 7:kernel-default-base-4.4.121-92.95.1.s390x", "SUSE OpenStack Cloud 7:kernel-default-base-4.4.121-92.95.1.x86_64", "SUSE OpenStack Cloud 7:kernel-default-devel-4.4.121-92.95.1.s390x", "SUSE OpenStack Cloud 7:kernel-default-devel-4.4.121-92.95.1.x86_64", "SUSE OpenStack Cloud 7:kernel-default-man-4.4.121-92.95.1.s390x", "SUSE OpenStack Cloud 7:kernel-devel-4.4.121-92.95.1.noarch", "SUSE OpenStack Cloud 7:kernel-macros-4.4.121-92.95.1.noarch", "SUSE OpenStack Cloud 7:kernel-source-4.4.121-92.95.1.noarch", "SUSE OpenStack Cloud 7:kernel-syms-4.4.121-92.95.1.s390x", "SUSE OpenStack Cloud 7:kernel-syms-4.4.121-92.95.1.x86_64", "SUSE OpenStack Cloud 7:kgraft-patch-4_4_121-92_95-default-1-3.4.1.x86_64", "SUSE OpenStack Cloud 7:lttng-modules-2.7.1-9.6.1.x86_64", "SUSE OpenStack Cloud 7:lttng-modules-kmp-default-2.7.1_k4.4.121_92.95-9.6.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2018-10877", url: "https://www.suse.com/security/cve/CVE-2018-10877", }, { category: "external", summary: "SUSE Bug 1087082 for CVE-2018-10877", url: "https://bugzilla.suse.com/1087082", }, { category: "external", summary: "SUSE Bug 1099846 for CVE-2018-10877", url: "https://bugzilla.suse.com/1099846", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE Enterprise Storage 4:kernel-default-4.4.121-92.95.1.x86_64", "SUSE Enterprise Storage 4:kernel-default-base-4.4.121-92.95.1.x86_64", "SUSE Enterprise Storage 4:kernel-default-devel-4.4.121-92.95.1.x86_64", "SUSE Enterprise Storage 4:kernel-devel-4.4.121-92.95.1.noarch", "SUSE Enterprise Storage 4:kernel-macros-4.4.121-92.95.1.noarch", "SUSE Enterprise Storage 4:kernel-source-4.4.121-92.95.1.noarch", "SUSE Enterprise Storage 4:kernel-syms-4.4.121-92.95.1.x86_64", "SUSE Enterprise Storage 4:kgraft-patch-4_4_121-92_95-default-1-3.4.1.x86_64", "SUSE Enterprise Storage 4:lttng-modules-2.7.1-9.6.1.x86_64", "SUSE Enterprise Storage 4:lttng-modules-kmp-default-2.7.1_k4.4.121_92.95-9.6.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP2:cluster-md-kmp-default-4.4.121-92.95.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP2:cluster-md-kmp-default-4.4.121-92.95.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP2:cluster-md-kmp-default-4.4.121-92.95.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP2:cluster-network-kmp-default-4.4.121-92.95.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP2:cluster-network-kmp-default-4.4.121-92.95.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP2:cluster-network-kmp-default-4.4.121-92.95.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP2:dlm-kmp-default-4.4.121-92.95.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP2:dlm-kmp-default-4.4.121-92.95.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP2:dlm-kmp-default-4.4.121-92.95.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP2:gfs2-kmp-default-4.4.121-92.95.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP2:gfs2-kmp-default-4.4.121-92.95.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP2:gfs2-kmp-default-4.4.121-92.95.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP2:ocfs2-kmp-default-4.4.121-92.95.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP2:ocfs2-kmp-default-4.4.121-92.95.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP2:ocfs2-kmp-default-4.4.121-92.95.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-default-4.4.121-92.95.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-default-base-4.4.121-92.95.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-default-devel-4.4.121-92.95.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-devel-4.4.121-92.95.1.noarch", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-macros-4.4.121-92.95.1.noarch", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-source-4.4.121-92.95.1.noarch", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-syms-4.4.121-92.95.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:lttng-modules-2.7.1-9.6.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:lttng-modules-kmp-default-2.7.1_k4.4.121_92.95-9.6.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-4.4.121-92.95.1.ppc64le", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-4.4.121-92.95.1.s390x", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-4.4.121-92.95.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-base-4.4.121-92.95.1.ppc64le", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-base-4.4.121-92.95.1.s390x", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-base-4.4.121-92.95.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-devel-4.4.121-92.95.1.ppc64le", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-devel-4.4.121-92.95.1.s390x", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-devel-4.4.121-92.95.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-man-4.4.121-92.95.1.s390x", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-devel-4.4.121-92.95.1.noarch", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-macros-4.4.121-92.95.1.noarch", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-source-4.4.121-92.95.1.noarch", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-syms-4.4.121-92.95.1.ppc64le", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-syms-4.4.121-92.95.1.s390x", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-syms-4.4.121-92.95.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-LTSS:kgraft-patch-4_4_121-92_95-default-1-3.4.1.ppc64le", "SUSE Linux Enterprise Server 12 SP2-LTSS:kgraft-patch-4_4_121-92_95-default-1-3.4.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-LTSS:lttng-modules-2.7.1-9.6.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-LTSS:lttng-modules-kmp-default-2.7.1_k4.4.121_92.95-9.6.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-4.4.121-92.95.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-4.4.121-92.95.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-base-4.4.121-92.95.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-base-4.4.121-92.95.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-devel-4.4.121-92.95.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-devel-4.4.121-92.95.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-devel-4.4.121-92.95.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-macros-4.4.121-92.95.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-source-4.4.121-92.95.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-syms-4.4.121-92.95.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-syms-4.4.121-92.95.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kgraft-patch-4_4_121-92_95-default-1-3.4.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kgraft-patch-4_4_121-92_95-default-1-3.4.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:lttng-modules-2.7.1-9.6.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:lttng-modules-kmp-default-2.7.1_k4.4.121_92.95-9.6.1.x86_64", "SUSE OpenStack Cloud 7:kernel-default-4.4.121-92.95.1.s390x", "SUSE OpenStack Cloud 7:kernel-default-4.4.121-92.95.1.x86_64", "SUSE OpenStack Cloud 7:kernel-default-base-4.4.121-92.95.1.s390x", "SUSE OpenStack Cloud 7:kernel-default-base-4.4.121-92.95.1.x86_64", "SUSE OpenStack Cloud 7:kernel-default-devel-4.4.121-92.95.1.s390x", "SUSE OpenStack Cloud 7:kernel-default-devel-4.4.121-92.95.1.x86_64", "SUSE OpenStack Cloud 7:kernel-default-man-4.4.121-92.95.1.s390x", "SUSE OpenStack Cloud 7:kernel-devel-4.4.121-92.95.1.noarch", "SUSE OpenStack Cloud 7:kernel-macros-4.4.121-92.95.1.noarch", "SUSE OpenStack Cloud 7:kernel-source-4.4.121-92.95.1.noarch", "SUSE OpenStack Cloud 7:kernel-syms-4.4.121-92.95.1.s390x", "SUSE OpenStack Cloud 7:kernel-syms-4.4.121-92.95.1.x86_64", "SUSE OpenStack Cloud 7:kgraft-patch-4_4_121-92_95-default-1-3.4.1.x86_64", "SUSE OpenStack Cloud 7:lttng-modules-2.7.1-9.6.1.x86_64", "SUSE OpenStack Cloud 7:lttng-modules-kmp-default-2.7.1_k4.4.121_92.95-9.6.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 6.7, baseSeverity: "MEDIUM", vectorString: "CVSS:3.0/AV:L/AC:H/PR:L/UI:R/S:U/C:H/I:H/A:H", version: "3.0", }, products: [ "SUSE Enterprise Storage 4:kernel-default-4.4.121-92.95.1.x86_64", "SUSE Enterprise Storage 4:kernel-default-base-4.4.121-92.95.1.x86_64", "SUSE Enterprise Storage 4:kernel-default-devel-4.4.121-92.95.1.x86_64", "SUSE Enterprise Storage 4:kernel-devel-4.4.121-92.95.1.noarch", "SUSE Enterprise Storage 4:kernel-macros-4.4.121-92.95.1.noarch", "SUSE Enterprise Storage 4:kernel-source-4.4.121-92.95.1.noarch", "SUSE Enterprise Storage 4:kernel-syms-4.4.121-92.95.1.x86_64", "SUSE Enterprise Storage 4:kgraft-patch-4_4_121-92_95-default-1-3.4.1.x86_64", "SUSE Enterprise Storage 4:lttng-modules-2.7.1-9.6.1.x86_64", "SUSE Enterprise Storage 4:lttng-modules-kmp-default-2.7.1_k4.4.121_92.95-9.6.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP2:cluster-md-kmp-default-4.4.121-92.95.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP2:cluster-md-kmp-default-4.4.121-92.95.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP2:cluster-md-kmp-default-4.4.121-92.95.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP2:cluster-network-kmp-default-4.4.121-92.95.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP2:cluster-network-kmp-default-4.4.121-92.95.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP2:cluster-network-kmp-default-4.4.121-92.95.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP2:dlm-kmp-default-4.4.121-92.95.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP2:dlm-kmp-default-4.4.121-92.95.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP2:dlm-kmp-default-4.4.121-92.95.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP2:gfs2-kmp-default-4.4.121-92.95.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP2:gfs2-kmp-default-4.4.121-92.95.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP2:gfs2-kmp-default-4.4.121-92.95.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP2:ocfs2-kmp-default-4.4.121-92.95.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP2:ocfs2-kmp-default-4.4.121-92.95.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP2:ocfs2-kmp-default-4.4.121-92.95.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-default-4.4.121-92.95.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-default-base-4.4.121-92.95.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-default-devel-4.4.121-92.95.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-devel-4.4.121-92.95.1.noarch", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-macros-4.4.121-92.95.1.noarch", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-source-4.4.121-92.95.1.noarch", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-syms-4.4.121-92.95.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:lttng-modules-2.7.1-9.6.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:lttng-modules-kmp-default-2.7.1_k4.4.121_92.95-9.6.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-4.4.121-92.95.1.ppc64le", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-4.4.121-92.95.1.s390x", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-4.4.121-92.95.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-base-4.4.121-92.95.1.ppc64le", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-base-4.4.121-92.95.1.s390x", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-base-4.4.121-92.95.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-devel-4.4.121-92.95.1.ppc64le", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-devel-4.4.121-92.95.1.s390x", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-devel-4.4.121-92.95.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-man-4.4.121-92.95.1.s390x", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-devel-4.4.121-92.95.1.noarch", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-macros-4.4.121-92.95.1.noarch", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-source-4.4.121-92.95.1.noarch", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-syms-4.4.121-92.95.1.ppc64le", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-syms-4.4.121-92.95.1.s390x", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-syms-4.4.121-92.95.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-LTSS:kgraft-patch-4_4_121-92_95-default-1-3.4.1.ppc64le", "SUSE Linux Enterprise Server 12 SP2-LTSS:kgraft-patch-4_4_121-92_95-default-1-3.4.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-LTSS:lttng-modules-2.7.1-9.6.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-LTSS:lttng-modules-kmp-default-2.7.1_k4.4.121_92.95-9.6.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-4.4.121-92.95.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-4.4.121-92.95.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-base-4.4.121-92.95.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-base-4.4.121-92.95.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-devel-4.4.121-92.95.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-devel-4.4.121-92.95.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-devel-4.4.121-92.95.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-macros-4.4.121-92.95.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-source-4.4.121-92.95.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-syms-4.4.121-92.95.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-syms-4.4.121-92.95.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kgraft-patch-4_4_121-92_95-default-1-3.4.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kgraft-patch-4_4_121-92_95-default-1-3.4.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:lttng-modules-2.7.1-9.6.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:lttng-modules-kmp-default-2.7.1_k4.4.121_92.95-9.6.1.x86_64", "SUSE OpenStack Cloud 7:kernel-default-4.4.121-92.95.1.s390x", "SUSE OpenStack Cloud 7:kernel-default-4.4.121-92.95.1.x86_64", "SUSE OpenStack Cloud 7:kernel-default-base-4.4.121-92.95.1.s390x", "SUSE OpenStack Cloud 7:kernel-default-base-4.4.121-92.95.1.x86_64", "SUSE OpenStack Cloud 7:kernel-default-devel-4.4.121-92.95.1.s390x", "SUSE OpenStack Cloud 7:kernel-default-devel-4.4.121-92.95.1.x86_64", "SUSE OpenStack Cloud 7:kernel-default-man-4.4.121-92.95.1.s390x", "SUSE OpenStack Cloud 7:kernel-devel-4.4.121-92.95.1.noarch", "SUSE OpenStack Cloud 7:kernel-macros-4.4.121-92.95.1.noarch", "SUSE OpenStack Cloud 7:kernel-source-4.4.121-92.95.1.noarch", "SUSE OpenStack Cloud 7:kernel-syms-4.4.121-92.95.1.s390x", "SUSE OpenStack Cloud 7:kernel-syms-4.4.121-92.95.1.x86_64", "SUSE OpenStack Cloud 7:kgraft-patch-4_4_121-92_95-default-1-3.4.1.x86_64", "SUSE OpenStack Cloud 7:lttng-modules-2.7.1-9.6.1.x86_64", "SUSE OpenStack Cloud 7:lttng-modules-kmp-default-2.7.1_k4.4.121_92.95-9.6.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2018-10-09T12:00:14Z", details: "low", }, ], title: "CVE-2018-10877", }, { cve: "CVE-2018-10878", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2018-10878", }, ], notes: [ { category: "general", text: "A flaw was found in the Linux kernel's ext4 filesystem. A local user can cause an out-of-bounds write and a denial of service or unspecified other impact is possible by mounting and operating a crafted ext4 filesystem image.", title: "CVE description", }, ], product_status: { recommended: [ "SUSE Enterprise Storage 4:kernel-default-4.4.121-92.95.1.x86_64", "SUSE Enterprise Storage 4:kernel-default-base-4.4.121-92.95.1.x86_64", "SUSE Enterprise Storage 4:kernel-default-devel-4.4.121-92.95.1.x86_64", "SUSE Enterprise Storage 4:kernel-devel-4.4.121-92.95.1.noarch", "SUSE Enterprise Storage 4:kernel-macros-4.4.121-92.95.1.noarch", "SUSE Enterprise Storage 4:kernel-source-4.4.121-92.95.1.noarch", "SUSE Enterprise Storage 4:kernel-syms-4.4.121-92.95.1.x86_64", "SUSE Enterprise Storage 4:kgraft-patch-4_4_121-92_95-default-1-3.4.1.x86_64", "SUSE Enterprise Storage 4:lttng-modules-2.7.1-9.6.1.x86_64", "SUSE Enterprise Storage 4:lttng-modules-kmp-default-2.7.1_k4.4.121_92.95-9.6.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP2:cluster-md-kmp-default-4.4.121-92.95.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP2:cluster-md-kmp-default-4.4.121-92.95.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP2:cluster-md-kmp-default-4.4.121-92.95.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP2:cluster-network-kmp-default-4.4.121-92.95.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP2:cluster-network-kmp-default-4.4.121-92.95.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP2:cluster-network-kmp-default-4.4.121-92.95.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP2:dlm-kmp-default-4.4.121-92.95.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP2:dlm-kmp-default-4.4.121-92.95.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP2:dlm-kmp-default-4.4.121-92.95.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP2:gfs2-kmp-default-4.4.121-92.95.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP2:gfs2-kmp-default-4.4.121-92.95.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP2:gfs2-kmp-default-4.4.121-92.95.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP2:ocfs2-kmp-default-4.4.121-92.95.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP2:ocfs2-kmp-default-4.4.121-92.95.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP2:ocfs2-kmp-default-4.4.121-92.95.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-default-4.4.121-92.95.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-default-base-4.4.121-92.95.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-default-devel-4.4.121-92.95.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-devel-4.4.121-92.95.1.noarch", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-macros-4.4.121-92.95.1.noarch", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-source-4.4.121-92.95.1.noarch", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-syms-4.4.121-92.95.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:lttng-modules-2.7.1-9.6.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:lttng-modules-kmp-default-2.7.1_k4.4.121_92.95-9.6.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-4.4.121-92.95.1.ppc64le", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-4.4.121-92.95.1.s390x", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-4.4.121-92.95.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-base-4.4.121-92.95.1.ppc64le", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-base-4.4.121-92.95.1.s390x", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-base-4.4.121-92.95.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-devel-4.4.121-92.95.1.ppc64le", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-devel-4.4.121-92.95.1.s390x", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-devel-4.4.121-92.95.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-man-4.4.121-92.95.1.s390x", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-devel-4.4.121-92.95.1.noarch", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-macros-4.4.121-92.95.1.noarch", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-source-4.4.121-92.95.1.noarch", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-syms-4.4.121-92.95.1.ppc64le", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-syms-4.4.121-92.95.1.s390x", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-syms-4.4.121-92.95.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-LTSS:kgraft-patch-4_4_121-92_95-default-1-3.4.1.ppc64le", "SUSE Linux Enterprise Server 12 SP2-LTSS:kgraft-patch-4_4_121-92_95-default-1-3.4.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-LTSS:lttng-modules-2.7.1-9.6.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-LTSS:lttng-modules-kmp-default-2.7.1_k4.4.121_92.95-9.6.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-4.4.121-92.95.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-4.4.121-92.95.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-base-4.4.121-92.95.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-base-4.4.121-92.95.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-devel-4.4.121-92.95.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-devel-4.4.121-92.95.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-devel-4.4.121-92.95.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-macros-4.4.121-92.95.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-source-4.4.121-92.95.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-syms-4.4.121-92.95.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-syms-4.4.121-92.95.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kgraft-patch-4_4_121-92_95-default-1-3.4.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kgraft-patch-4_4_121-92_95-default-1-3.4.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:lttng-modules-2.7.1-9.6.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:lttng-modules-kmp-default-2.7.1_k4.4.121_92.95-9.6.1.x86_64", "SUSE OpenStack Cloud 7:kernel-default-4.4.121-92.95.1.s390x", "SUSE OpenStack Cloud 7:kernel-default-4.4.121-92.95.1.x86_64", "SUSE OpenStack Cloud 7:kernel-default-base-4.4.121-92.95.1.s390x", "SUSE OpenStack Cloud 7:kernel-default-base-4.4.121-92.95.1.x86_64", "SUSE OpenStack Cloud 7:kernel-default-devel-4.4.121-92.95.1.s390x", "SUSE OpenStack Cloud 7:kernel-default-devel-4.4.121-92.95.1.x86_64", "SUSE OpenStack Cloud 7:kernel-default-man-4.4.121-92.95.1.s390x", "SUSE OpenStack Cloud 7:kernel-devel-4.4.121-92.95.1.noarch", "SUSE OpenStack Cloud 7:kernel-macros-4.4.121-92.95.1.noarch", "SUSE OpenStack Cloud 7:kernel-source-4.4.121-92.95.1.noarch", "SUSE OpenStack Cloud 7:kernel-syms-4.4.121-92.95.1.s390x", "SUSE OpenStack Cloud 7:kernel-syms-4.4.121-92.95.1.x86_64", "SUSE OpenStack Cloud 7:kgraft-patch-4_4_121-92_95-default-1-3.4.1.x86_64", "SUSE OpenStack Cloud 7:lttng-modules-2.7.1-9.6.1.x86_64", "SUSE OpenStack Cloud 7:lttng-modules-kmp-default-2.7.1_k4.4.121_92.95-9.6.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2018-10878", url: "https://www.suse.com/security/cve/CVE-2018-10878", }, { category: "external", summary: "SUSE Bug 1087082 for CVE-2018-10878", url: "https://bugzilla.suse.com/1087082", }, { category: "external", summary: "SUSE Bug 1099813 for CVE-2018-10878", url: "https://bugzilla.suse.com/1099813", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE Enterprise Storage 4:kernel-default-4.4.121-92.95.1.x86_64", "SUSE Enterprise Storage 4:kernel-default-base-4.4.121-92.95.1.x86_64", "SUSE Enterprise Storage 4:kernel-default-devel-4.4.121-92.95.1.x86_64", "SUSE Enterprise Storage 4:kernel-devel-4.4.121-92.95.1.noarch", "SUSE Enterprise Storage 4:kernel-macros-4.4.121-92.95.1.noarch", "SUSE Enterprise Storage 4:kernel-source-4.4.121-92.95.1.noarch", "SUSE Enterprise Storage 4:kernel-syms-4.4.121-92.95.1.x86_64", "SUSE Enterprise Storage 4:kgraft-patch-4_4_121-92_95-default-1-3.4.1.x86_64", "SUSE Enterprise Storage 4:lttng-modules-2.7.1-9.6.1.x86_64", "SUSE Enterprise Storage 4:lttng-modules-kmp-default-2.7.1_k4.4.121_92.95-9.6.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP2:cluster-md-kmp-default-4.4.121-92.95.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP2:cluster-md-kmp-default-4.4.121-92.95.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP2:cluster-md-kmp-default-4.4.121-92.95.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP2:cluster-network-kmp-default-4.4.121-92.95.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP2:cluster-network-kmp-default-4.4.121-92.95.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP2:cluster-network-kmp-default-4.4.121-92.95.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP2:dlm-kmp-default-4.4.121-92.95.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP2:dlm-kmp-default-4.4.121-92.95.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP2:dlm-kmp-default-4.4.121-92.95.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP2:gfs2-kmp-default-4.4.121-92.95.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP2:gfs2-kmp-default-4.4.121-92.95.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP2:gfs2-kmp-default-4.4.121-92.95.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP2:ocfs2-kmp-default-4.4.121-92.95.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP2:ocfs2-kmp-default-4.4.121-92.95.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP2:ocfs2-kmp-default-4.4.121-92.95.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-default-4.4.121-92.95.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-default-base-4.4.121-92.95.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-default-devel-4.4.121-92.95.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-devel-4.4.121-92.95.1.noarch", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-macros-4.4.121-92.95.1.noarch", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-source-4.4.121-92.95.1.noarch", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-syms-4.4.121-92.95.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:lttng-modules-2.7.1-9.6.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:lttng-modules-kmp-default-2.7.1_k4.4.121_92.95-9.6.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-4.4.121-92.95.1.ppc64le", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-4.4.121-92.95.1.s390x", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-4.4.121-92.95.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-base-4.4.121-92.95.1.ppc64le", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-base-4.4.121-92.95.1.s390x", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-base-4.4.121-92.95.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-devel-4.4.121-92.95.1.ppc64le", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-devel-4.4.121-92.95.1.s390x", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-devel-4.4.121-92.95.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-man-4.4.121-92.95.1.s390x", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-devel-4.4.121-92.95.1.noarch", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-macros-4.4.121-92.95.1.noarch", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-source-4.4.121-92.95.1.noarch", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-syms-4.4.121-92.95.1.ppc64le", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-syms-4.4.121-92.95.1.s390x", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-syms-4.4.121-92.95.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-LTSS:kgraft-patch-4_4_121-92_95-default-1-3.4.1.ppc64le", "SUSE Linux Enterprise Server 12 SP2-LTSS:kgraft-patch-4_4_121-92_95-default-1-3.4.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-LTSS:lttng-modules-2.7.1-9.6.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-LTSS:lttng-modules-kmp-default-2.7.1_k4.4.121_92.95-9.6.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-4.4.121-92.95.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-4.4.121-92.95.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-base-4.4.121-92.95.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-base-4.4.121-92.95.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-devel-4.4.121-92.95.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-devel-4.4.121-92.95.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-devel-4.4.121-92.95.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-macros-4.4.121-92.95.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-source-4.4.121-92.95.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-syms-4.4.121-92.95.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-syms-4.4.121-92.95.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kgraft-patch-4_4_121-92_95-default-1-3.4.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kgraft-patch-4_4_121-92_95-default-1-3.4.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:lttng-modules-2.7.1-9.6.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:lttng-modules-kmp-default-2.7.1_k4.4.121_92.95-9.6.1.x86_64", "SUSE OpenStack Cloud 7:kernel-default-4.4.121-92.95.1.s390x", "SUSE OpenStack Cloud 7:kernel-default-4.4.121-92.95.1.x86_64", "SUSE OpenStack Cloud 7:kernel-default-base-4.4.121-92.95.1.s390x", "SUSE OpenStack Cloud 7:kernel-default-base-4.4.121-92.95.1.x86_64", "SUSE OpenStack Cloud 7:kernel-default-devel-4.4.121-92.95.1.s390x", "SUSE OpenStack Cloud 7:kernel-default-devel-4.4.121-92.95.1.x86_64", "SUSE OpenStack Cloud 7:kernel-default-man-4.4.121-92.95.1.s390x", "SUSE OpenStack Cloud 7:kernel-devel-4.4.121-92.95.1.noarch", "SUSE OpenStack Cloud 7:kernel-macros-4.4.121-92.95.1.noarch", "SUSE OpenStack Cloud 7:kernel-source-4.4.121-92.95.1.noarch", "SUSE OpenStack Cloud 7:kernel-syms-4.4.121-92.95.1.s390x", "SUSE OpenStack Cloud 7:kernel-syms-4.4.121-92.95.1.x86_64", "SUSE OpenStack Cloud 7:kgraft-patch-4_4_121-92_95-default-1-3.4.1.x86_64", "SUSE OpenStack Cloud 7:lttng-modules-2.7.1-9.6.1.x86_64", "SUSE OpenStack Cloud 7:lttng-modules-kmp-default-2.7.1_k4.4.121_92.95-9.6.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 6.6, baseSeverity: "MEDIUM", vectorString: "CVSS:3.0/AV:L/AC:L/PR:L/UI:R/S:U/C:N/I:H/A:H", version: "3.0", }, products: [ "SUSE Enterprise Storage 4:kernel-default-4.4.121-92.95.1.x86_64", "SUSE Enterprise Storage 4:kernel-default-base-4.4.121-92.95.1.x86_64", "SUSE Enterprise Storage 4:kernel-default-devel-4.4.121-92.95.1.x86_64", "SUSE Enterprise Storage 4:kernel-devel-4.4.121-92.95.1.noarch", "SUSE Enterprise Storage 4:kernel-macros-4.4.121-92.95.1.noarch", "SUSE Enterprise Storage 4:kernel-source-4.4.121-92.95.1.noarch", "SUSE Enterprise Storage 4:kernel-syms-4.4.121-92.95.1.x86_64", "SUSE Enterprise Storage 4:kgraft-patch-4_4_121-92_95-default-1-3.4.1.x86_64", "SUSE Enterprise Storage 4:lttng-modules-2.7.1-9.6.1.x86_64", "SUSE Enterprise Storage 4:lttng-modules-kmp-default-2.7.1_k4.4.121_92.95-9.6.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP2:cluster-md-kmp-default-4.4.121-92.95.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP2:cluster-md-kmp-default-4.4.121-92.95.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP2:cluster-md-kmp-default-4.4.121-92.95.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP2:cluster-network-kmp-default-4.4.121-92.95.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP2:cluster-network-kmp-default-4.4.121-92.95.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP2:cluster-network-kmp-default-4.4.121-92.95.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP2:dlm-kmp-default-4.4.121-92.95.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP2:dlm-kmp-default-4.4.121-92.95.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP2:dlm-kmp-default-4.4.121-92.95.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP2:gfs2-kmp-default-4.4.121-92.95.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP2:gfs2-kmp-default-4.4.121-92.95.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP2:gfs2-kmp-default-4.4.121-92.95.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP2:ocfs2-kmp-default-4.4.121-92.95.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP2:ocfs2-kmp-default-4.4.121-92.95.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP2:ocfs2-kmp-default-4.4.121-92.95.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-default-4.4.121-92.95.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-default-base-4.4.121-92.95.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-default-devel-4.4.121-92.95.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-devel-4.4.121-92.95.1.noarch", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-macros-4.4.121-92.95.1.noarch", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-source-4.4.121-92.95.1.noarch", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-syms-4.4.121-92.95.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:lttng-modules-2.7.1-9.6.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:lttng-modules-kmp-default-2.7.1_k4.4.121_92.95-9.6.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-4.4.121-92.95.1.ppc64le", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-4.4.121-92.95.1.s390x", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-4.4.121-92.95.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-base-4.4.121-92.95.1.ppc64le", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-base-4.4.121-92.95.1.s390x", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-base-4.4.121-92.95.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-devel-4.4.121-92.95.1.ppc64le", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-devel-4.4.121-92.95.1.s390x", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-devel-4.4.121-92.95.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-man-4.4.121-92.95.1.s390x", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-devel-4.4.121-92.95.1.noarch", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-macros-4.4.121-92.95.1.noarch", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-source-4.4.121-92.95.1.noarch", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-syms-4.4.121-92.95.1.ppc64le", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-syms-4.4.121-92.95.1.s390x", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-syms-4.4.121-92.95.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-LTSS:kgraft-patch-4_4_121-92_95-default-1-3.4.1.ppc64le", "SUSE Linux Enterprise Server 12 SP2-LTSS:kgraft-patch-4_4_121-92_95-default-1-3.4.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-LTSS:lttng-modules-2.7.1-9.6.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-LTSS:lttng-modules-kmp-default-2.7.1_k4.4.121_92.95-9.6.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-4.4.121-92.95.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-4.4.121-92.95.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-base-4.4.121-92.95.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-base-4.4.121-92.95.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-devel-4.4.121-92.95.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-devel-4.4.121-92.95.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-devel-4.4.121-92.95.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-macros-4.4.121-92.95.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-source-4.4.121-92.95.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-syms-4.4.121-92.95.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-syms-4.4.121-92.95.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kgraft-patch-4_4_121-92_95-default-1-3.4.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kgraft-patch-4_4_121-92_95-default-1-3.4.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:lttng-modules-2.7.1-9.6.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:lttng-modules-kmp-default-2.7.1_k4.4.121_92.95-9.6.1.x86_64", "SUSE OpenStack Cloud 7:kernel-default-4.4.121-92.95.1.s390x", "SUSE OpenStack Cloud 7:kernel-default-4.4.121-92.95.1.x86_64", "SUSE OpenStack Cloud 7:kernel-default-base-4.4.121-92.95.1.s390x", "SUSE OpenStack Cloud 7:kernel-default-base-4.4.121-92.95.1.x86_64", "SUSE OpenStack Cloud 7:kernel-default-devel-4.4.121-92.95.1.s390x", "SUSE OpenStack Cloud 7:kernel-default-devel-4.4.121-92.95.1.x86_64", "SUSE OpenStack Cloud 7:kernel-default-man-4.4.121-92.95.1.s390x", "SUSE OpenStack Cloud 7:kernel-devel-4.4.121-92.95.1.noarch", "SUSE OpenStack Cloud 7:kernel-macros-4.4.121-92.95.1.noarch", "SUSE OpenStack Cloud 7:kernel-source-4.4.121-92.95.1.noarch", "SUSE OpenStack Cloud 7:kernel-syms-4.4.121-92.95.1.s390x", "SUSE OpenStack Cloud 7:kernel-syms-4.4.121-92.95.1.x86_64", "SUSE OpenStack Cloud 7:kgraft-patch-4_4_121-92_95-default-1-3.4.1.x86_64", "SUSE OpenStack Cloud 7:lttng-modules-2.7.1-9.6.1.x86_64", "SUSE OpenStack Cloud 7:lttng-modules-kmp-default-2.7.1_k4.4.121_92.95-9.6.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2018-10-09T12:00:14Z", details: "moderate", }, ], title: "CVE-2018-10878", }, { cve: "CVE-2018-10879", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2018-10879", }, ], notes: [ { category: "general", text: "A flaw was found in the Linux kernel's ext4 filesystem. A local user can cause a use-after-free in ext4_xattr_set_entry function and a denial of service or unspecified other impact may occur by renaming a file in a crafted ext4 filesystem image.", title: "CVE description", }, ], product_status: { recommended: [ "SUSE Enterprise Storage 4:kernel-default-4.4.121-92.95.1.x86_64", "SUSE Enterprise Storage 4:kernel-default-base-4.4.121-92.95.1.x86_64", "SUSE Enterprise Storage 4:kernel-default-devel-4.4.121-92.95.1.x86_64", "SUSE Enterprise Storage 4:kernel-devel-4.4.121-92.95.1.noarch", "SUSE Enterprise Storage 4:kernel-macros-4.4.121-92.95.1.noarch", "SUSE Enterprise Storage 4:kernel-source-4.4.121-92.95.1.noarch", "SUSE Enterprise Storage 4:kernel-syms-4.4.121-92.95.1.x86_64", "SUSE Enterprise Storage 4:kgraft-patch-4_4_121-92_95-default-1-3.4.1.x86_64", "SUSE Enterprise Storage 4:lttng-modules-2.7.1-9.6.1.x86_64", "SUSE Enterprise Storage 4:lttng-modules-kmp-default-2.7.1_k4.4.121_92.95-9.6.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP2:cluster-md-kmp-default-4.4.121-92.95.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP2:cluster-md-kmp-default-4.4.121-92.95.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP2:cluster-md-kmp-default-4.4.121-92.95.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP2:cluster-network-kmp-default-4.4.121-92.95.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP2:cluster-network-kmp-default-4.4.121-92.95.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP2:cluster-network-kmp-default-4.4.121-92.95.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP2:dlm-kmp-default-4.4.121-92.95.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP2:dlm-kmp-default-4.4.121-92.95.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP2:dlm-kmp-default-4.4.121-92.95.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP2:gfs2-kmp-default-4.4.121-92.95.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP2:gfs2-kmp-default-4.4.121-92.95.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP2:gfs2-kmp-default-4.4.121-92.95.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP2:ocfs2-kmp-default-4.4.121-92.95.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP2:ocfs2-kmp-default-4.4.121-92.95.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP2:ocfs2-kmp-default-4.4.121-92.95.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-default-4.4.121-92.95.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-default-base-4.4.121-92.95.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-default-devel-4.4.121-92.95.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-devel-4.4.121-92.95.1.noarch", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-macros-4.4.121-92.95.1.noarch", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-source-4.4.121-92.95.1.noarch", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-syms-4.4.121-92.95.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:lttng-modules-2.7.1-9.6.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:lttng-modules-kmp-default-2.7.1_k4.4.121_92.95-9.6.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-4.4.121-92.95.1.ppc64le", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-4.4.121-92.95.1.s390x", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-4.4.121-92.95.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-base-4.4.121-92.95.1.ppc64le", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-base-4.4.121-92.95.1.s390x", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-base-4.4.121-92.95.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-devel-4.4.121-92.95.1.ppc64le", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-devel-4.4.121-92.95.1.s390x", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-devel-4.4.121-92.95.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-man-4.4.121-92.95.1.s390x", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-devel-4.4.121-92.95.1.noarch", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-macros-4.4.121-92.95.1.noarch", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-source-4.4.121-92.95.1.noarch", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-syms-4.4.121-92.95.1.ppc64le", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-syms-4.4.121-92.95.1.s390x", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-syms-4.4.121-92.95.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-LTSS:kgraft-patch-4_4_121-92_95-default-1-3.4.1.ppc64le", "SUSE Linux Enterprise Server 12 SP2-LTSS:kgraft-patch-4_4_121-92_95-default-1-3.4.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-LTSS:lttng-modules-2.7.1-9.6.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-LTSS:lttng-modules-kmp-default-2.7.1_k4.4.121_92.95-9.6.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-4.4.121-92.95.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-4.4.121-92.95.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-base-4.4.121-92.95.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-base-4.4.121-92.95.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-devel-4.4.121-92.95.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-devel-4.4.121-92.95.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-devel-4.4.121-92.95.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-macros-4.4.121-92.95.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-source-4.4.121-92.95.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-syms-4.4.121-92.95.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-syms-4.4.121-92.95.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kgraft-patch-4_4_121-92_95-default-1-3.4.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kgraft-patch-4_4_121-92_95-default-1-3.4.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:lttng-modules-2.7.1-9.6.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:lttng-modules-kmp-default-2.7.1_k4.4.121_92.95-9.6.1.x86_64", "SUSE OpenStack Cloud 7:kernel-default-4.4.121-92.95.1.s390x", "SUSE OpenStack Cloud 7:kernel-default-4.4.121-92.95.1.x86_64", "SUSE OpenStack Cloud 7:kernel-default-base-4.4.121-92.95.1.s390x", "SUSE OpenStack Cloud 7:kernel-default-base-4.4.121-92.95.1.x86_64", "SUSE OpenStack Cloud 7:kernel-default-devel-4.4.121-92.95.1.s390x", "SUSE OpenStack Cloud 7:kernel-default-devel-4.4.121-92.95.1.x86_64", "SUSE OpenStack Cloud 7:kernel-default-man-4.4.121-92.95.1.s390x", "SUSE OpenStack Cloud 7:kernel-devel-4.4.121-92.95.1.noarch", "SUSE OpenStack Cloud 7:kernel-macros-4.4.121-92.95.1.noarch", "SUSE OpenStack Cloud 7:kernel-source-4.4.121-92.95.1.noarch", "SUSE OpenStack Cloud 7:kernel-syms-4.4.121-92.95.1.s390x", "SUSE OpenStack Cloud 7:kernel-syms-4.4.121-92.95.1.x86_64", "SUSE OpenStack Cloud 7:kgraft-patch-4_4_121-92_95-default-1-3.4.1.x86_64", "SUSE OpenStack Cloud 7:lttng-modules-2.7.1-9.6.1.x86_64", "SUSE OpenStack Cloud 7:lttng-modules-kmp-default-2.7.1_k4.4.121_92.95-9.6.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2018-10879", url: "https://www.suse.com/security/cve/CVE-2018-10879", }, { category: "external", summary: "SUSE Bug 1087082 for CVE-2018-10879", url: "https://bugzilla.suse.com/1087082", }, { category: "external", summary: "SUSE Bug 1099844 for CVE-2018-10879", url: "https://bugzilla.suse.com/1099844", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE Enterprise Storage 4:kernel-default-4.4.121-92.95.1.x86_64", "SUSE Enterprise Storage 4:kernel-default-base-4.4.121-92.95.1.x86_64", "SUSE Enterprise Storage 4:kernel-default-devel-4.4.121-92.95.1.x86_64", "SUSE Enterprise Storage 4:kernel-devel-4.4.121-92.95.1.noarch", "SUSE Enterprise Storage 4:kernel-macros-4.4.121-92.95.1.noarch", "SUSE Enterprise Storage 4:kernel-source-4.4.121-92.95.1.noarch", "SUSE Enterprise Storage 4:kernel-syms-4.4.121-92.95.1.x86_64", "SUSE Enterprise Storage 4:kgraft-patch-4_4_121-92_95-default-1-3.4.1.x86_64", "SUSE Enterprise Storage 4:lttng-modules-2.7.1-9.6.1.x86_64", "SUSE Enterprise Storage 4:lttng-modules-kmp-default-2.7.1_k4.4.121_92.95-9.6.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP2:cluster-md-kmp-default-4.4.121-92.95.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP2:cluster-md-kmp-default-4.4.121-92.95.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP2:cluster-md-kmp-default-4.4.121-92.95.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP2:cluster-network-kmp-default-4.4.121-92.95.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP2:cluster-network-kmp-default-4.4.121-92.95.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP2:cluster-network-kmp-default-4.4.121-92.95.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP2:dlm-kmp-default-4.4.121-92.95.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP2:dlm-kmp-default-4.4.121-92.95.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP2:dlm-kmp-default-4.4.121-92.95.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP2:gfs2-kmp-default-4.4.121-92.95.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP2:gfs2-kmp-default-4.4.121-92.95.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP2:gfs2-kmp-default-4.4.121-92.95.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP2:ocfs2-kmp-default-4.4.121-92.95.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP2:ocfs2-kmp-default-4.4.121-92.95.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP2:ocfs2-kmp-default-4.4.121-92.95.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-default-4.4.121-92.95.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-default-base-4.4.121-92.95.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-default-devel-4.4.121-92.95.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-devel-4.4.121-92.95.1.noarch", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-macros-4.4.121-92.95.1.noarch", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-source-4.4.121-92.95.1.noarch", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-syms-4.4.121-92.95.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:lttng-modules-2.7.1-9.6.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:lttng-modules-kmp-default-2.7.1_k4.4.121_92.95-9.6.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-4.4.121-92.95.1.ppc64le", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-4.4.121-92.95.1.s390x", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-4.4.121-92.95.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-base-4.4.121-92.95.1.ppc64le", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-base-4.4.121-92.95.1.s390x", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-base-4.4.121-92.95.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-devel-4.4.121-92.95.1.ppc64le", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-devel-4.4.121-92.95.1.s390x", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-devel-4.4.121-92.95.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-man-4.4.121-92.95.1.s390x", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-devel-4.4.121-92.95.1.noarch", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-macros-4.4.121-92.95.1.noarch", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-source-4.4.121-92.95.1.noarch", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-syms-4.4.121-92.95.1.ppc64le", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-syms-4.4.121-92.95.1.s390x", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-syms-4.4.121-92.95.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-LTSS:kgraft-patch-4_4_121-92_95-default-1-3.4.1.ppc64le", "SUSE Linux Enterprise Server 12 SP2-LTSS:kgraft-patch-4_4_121-92_95-default-1-3.4.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-LTSS:lttng-modules-2.7.1-9.6.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-LTSS:lttng-modules-kmp-default-2.7.1_k4.4.121_92.95-9.6.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-4.4.121-92.95.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-4.4.121-92.95.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-base-4.4.121-92.95.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-base-4.4.121-92.95.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-devel-4.4.121-92.95.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-devel-4.4.121-92.95.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-devel-4.4.121-92.95.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-macros-4.4.121-92.95.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-source-4.4.121-92.95.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-syms-4.4.121-92.95.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-syms-4.4.121-92.95.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kgraft-patch-4_4_121-92_95-default-1-3.4.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kgraft-patch-4_4_121-92_95-default-1-3.4.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:lttng-modules-2.7.1-9.6.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:lttng-modules-kmp-default-2.7.1_k4.4.121_92.95-9.6.1.x86_64", "SUSE OpenStack Cloud 7:kernel-default-4.4.121-92.95.1.s390x", "SUSE OpenStack Cloud 7:kernel-default-4.4.121-92.95.1.x86_64", "SUSE OpenStack Cloud 7:kernel-default-base-4.4.121-92.95.1.s390x", "SUSE OpenStack Cloud 7:kernel-default-base-4.4.121-92.95.1.x86_64", "SUSE OpenStack Cloud 7:kernel-default-devel-4.4.121-92.95.1.s390x", "SUSE OpenStack Cloud 7:kernel-default-devel-4.4.121-92.95.1.x86_64", "SUSE OpenStack Cloud 7:kernel-default-man-4.4.121-92.95.1.s390x", "SUSE OpenStack Cloud 7:kernel-devel-4.4.121-92.95.1.noarch", "SUSE OpenStack Cloud 7:kernel-macros-4.4.121-92.95.1.noarch", "SUSE OpenStack Cloud 7:kernel-source-4.4.121-92.95.1.noarch", "SUSE OpenStack Cloud 7:kernel-syms-4.4.121-92.95.1.s390x", "SUSE OpenStack Cloud 7:kernel-syms-4.4.121-92.95.1.x86_64", "SUSE OpenStack Cloud 7:kgraft-patch-4_4_121-92_95-default-1-3.4.1.x86_64", "SUSE OpenStack Cloud 7:lttng-modules-2.7.1-9.6.1.x86_64", "SUSE OpenStack Cloud 7:lttng-modules-kmp-default-2.7.1_k4.4.121_92.95-9.6.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 5, baseSeverity: "MEDIUM", vectorString: "CVSS:3.0/AV:L/AC:L/PR:L/UI:R/S:U/C:N/I:N/A:H", version: "3.0", }, products: [ "SUSE Enterprise Storage 4:kernel-default-4.4.121-92.95.1.x86_64", "SUSE Enterprise Storage 4:kernel-default-base-4.4.121-92.95.1.x86_64", "SUSE Enterprise Storage 4:kernel-default-devel-4.4.121-92.95.1.x86_64", "SUSE Enterprise Storage 4:kernel-devel-4.4.121-92.95.1.noarch", "SUSE Enterprise Storage 4:kernel-macros-4.4.121-92.95.1.noarch", "SUSE Enterprise Storage 4:kernel-source-4.4.121-92.95.1.noarch", "SUSE Enterprise Storage 4:kernel-syms-4.4.121-92.95.1.x86_64", "SUSE Enterprise Storage 4:kgraft-patch-4_4_121-92_95-default-1-3.4.1.x86_64", "SUSE Enterprise Storage 4:lttng-modules-2.7.1-9.6.1.x86_64", "SUSE Enterprise Storage 4:lttng-modules-kmp-default-2.7.1_k4.4.121_92.95-9.6.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP2:cluster-md-kmp-default-4.4.121-92.95.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP2:cluster-md-kmp-default-4.4.121-92.95.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP2:cluster-md-kmp-default-4.4.121-92.95.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP2:cluster-network-kmp-default-4.4.121-92.95.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP2:cluster-network-kmp-default-4.4.121-92.95.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP2:cluster-network-kmp-default-4.4.121-92.95.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP2:dlm-kmp-default-4.4.121-92.95.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP2:dlm-kmp-default-4.4.121-92.95.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP2:dlm-kmp-default-4.4.121-92.95.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP2:gfs2-kmp-default-4.4.121-92.95.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP2:gfs2-kmp-default-4.4.121-92.95.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP2:gfs2-kmp-default-4.4.121-92.95.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP2:ocfs2-kmp-default-4.4.121-92.95.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP2:ocfs2-kmp-default-4.4.121-92.95.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP2:ocfs2-kmp-default-4.4.121-92.95.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-default-4.4.121-92.95.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-default-base-4.4.121-92.95.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-default-devel-4.4.121-92.95.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-devel-4.4.121-92.95.1.noarch", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-macros-4.4.121-92.95.1.noarch", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-source-4.4.121-92.95.1.noarch", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-syms-4.4.121-92.95.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:lttng-modules-2.7.1-9.6.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:lttng-modules-kmp-default-2.7.1_k4.4.121_92.95-9.6.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-4.4.121-92.95.1.ppc64le", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-4.4.121-92.95.1.s390x", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-4.4.121-92.95.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-base-4.4.121-92.95.1.ppc64le", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-base-4.4.121-92.95.1.s390x", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-base-4.4.121-92.95.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-devel-4.4.121-92.95.1.ppc64le", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-devel-4.4.121-92.95.1.s390x", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-devel-4.4.121-92.95.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-man-4.4.121-92.95.1.s390x", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-devel-4.4.121-92.95.1.noarch", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-macros-4.4.121-92.95.1.noarch", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-source-4.4.121-92.95.1.noarch", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-syms-4.4.121-92.95.1.ppc64le", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-syms-4.4.121-92.95.1.s390x", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-syms-4.4.121-92.95.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-LTSS:kgraft-patch-4_4_121-92_95-default-1-3.4.1.ppc64le", "SUSE Linux Enterprise Server 12 SP2-LTSS:kgraft-patch-4_4_121-92_95-default-1-3.4.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-LTSS:lttng-modules-2.7.1-9.6.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-LTSS:lttng-modules-kmp-default-2.7.1_k4.4.121_92.95-9.6.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-4.4.121-92.95.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-4.4.121-92.95.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-base-4.4.121-92.95.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-base-4.4.121-92.95.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-devel-4.4.121-92.95.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-devel-4.4.121-92.95.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-devel-4.4.121-92.95.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-macros-4.4.121-92.95.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-source-4.4.121-92.95.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-syms-4.4.121-92.95.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-syms-4.4.121-92.95.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kgraft-patch-4_4_121-92_95-default-1-3.4.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kgraft-patch-4_4_121-92_95-default-1-3.4.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:lttng-modules-2.7.1-9.6.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:lttng-modules-kmp-default-2.7.1_k4.4.121_92.95-9.6.1.x86_64", "SUSE OpenStack Cloud 7:kernel-default-4.4.121-92.95.1.s390x", "SUSE OpenStack Cloud 7:kernel-default-4.4.121-92.95.1.x86_64", "SUSE OpenStack Cloud 7:kernel-default-base-4.4.121-92.95.1.s390x", "SUSE OpenStack Cloud 7:kernel-default-base-4.4.121-92.95.1.x86_64", "SUSE OpenStack Cloud 7:kernel-default-devel-4.4.121-92.95.1.s390x", "SUSE OpenStack Cloud 7:kernel-default-devel-4.4.121-92.95.1.x86_64", "SUSE OpenStack Cloud 7:kernel-default-man-4.4.121-92.95.1.s390x", "SUSE OpenStack Cloud 7:kernel-devel-4.4.121-92.95.1.noarch", "SUSE OpenStack Cloud 7:kernel-macros-4.4.121-92.95.1.noarch", "SUSE OpenStack Cloud 7:kernel-source-4.4.121-92.95.1.noarch", "SUSE OpenStack Cloud 7:kernel-syms-4.4.121-92.95.1.s390x", "SUSE OpenStack Cloud 7:kernel-syms-4.4.121-92.95.1.x86_64", "SUSE OpenStack Cloud 7:kgraft-patch-4_4_121-92_95-default-1-3.4.1.x86_64", "SUSE OpenStack Cloud 7:lttng-modules-2.7.1-9.6.1.x86_64", "SUSE OpenStack Cloud 7:lttng-modules-kmp-default-2.7.1_k4.4.121_92.95-9.6.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2018-10-09T12:00:14Z", details: "moderate", }, ], title: "CVE-2018-10879", }, { cve: "CVE-2018-10880", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2018-10880", }, ], notes: [ { category: "general", text: "Linux kernel is vulnerable to a stack-out-of-bounds write in the ext4 filesystem code when mounting and writing to a crafted ext4 image in ext4_update_inline_data(). An attacker could use this to cause a system crash and a denial of service.", title: "CVE description", }, ], product_status: { recommended: [ "SUSE Enterprise Storage 4:kernel-default-4.4.121-92.95.1.x86_64", "SUSE Enterprise Storage 4:kernel-default-base-4.4.121-92.95.1.x86_64", "SUSE Enterprise Storage 4:kernel-default-devel-4.4.121-92.95.1.x86_64", "SUSE Enterprise Storage 4:kernel-devel-4.4.121-92.95.1.noarch", "SUSE Enterprise Storage 4:kernel-macros-4.4.121-92.95.1.noarch", "SUSE Enterprise Storage 4:kernel-source-4.4.121-92.95.1.noarch", "SUSE Enterprise Storage 4:kernel-syms-4.4.121-92.95.1.x86_64", "SUSE Enterprise Storage 4:kgraft-patch-4_4_121-92_95-default-1-3.4.1.x86_64", "SUSE Enterprise Storage 4:lttng-modules-2.7.1-9.6.1.x86_64", "SUSE Enterprise Storage 4:lttng-modules-kmp-default-2.7.1_k4.4.121_92.95-9.6.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP2:cluster-md-kmp-default-4.4.121-92.95.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP2:cluster-md-kmp-default-4.4.121-92.95.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP2:cluster-md-kmp-default-4.4.121-92.95.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP2:cluster-network-kmp-default-4.4.121-92.95.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP2:cluster-network-kmp-default-4.4.121-92.95.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP2:cluster-network-kmp-default-4.4.121-92.95.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP2:dlm-kmp-default-4.4.121-92.95.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP2:dlm-kmp-default-4.4.121-92.95.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP2:dlm-kmp-default-4.4.121-92.95.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP2:gfs2-kmp-default-4.4.121-92.95.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP2:gfs2-kmp-default-4.4.121-92.95.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP2:gfs2-kmp-default-4.4.121-92.95.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP2:ocfs2-kmp-default-4.4.121-92.95.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP2:ocfs2-kmp-default-4.4.121-92.95.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP2:ocfs2-kmp-default-4.4.121-92.95.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-default-4.4.121-92.95.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-default-base-4.4.121-92.95.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-default-devel-4.4.121-92.95.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-devel-4.4.121-92.95.1.noarch", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-macros-4.4.121-92.95.1.noarch", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-source-4.4.121-92.95.1.noarch", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-syms-4.4.121-92.95.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:lttng-modules-2.7.1-9.6.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:lttng-modules-kmp-default-2.7.1_k4.4.121_92.95-9.6.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-4.4.121-92.95.1.ppc64le", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-4.4.121-92.95.1.s390x", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-4.4.121-92.95.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-base-4.4.121-92.95.1.ppc64le", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-base-4.4.121-92.95.1.s390x", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-base-4.4.121-92.95.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-devel-4.4.121-92.95.1.ppc64le", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-devel-4.4.121-92.95.1.s390x", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-devel-4.4.121-92.95.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-man-4.4.121-92.95.1.s390x", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-devel-4.4.121-92.95.1.noarch", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-macros-4.4.121-92.95.1.noarch", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-source-4.4.121-92.95.1.noarch", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-syms-4.4.121-92.95.1.ppc64le", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-syms-4.4.121-92.95.1.s390x", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-syms-4.4.121-92.95.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-LTSS:kgraft-patch-4_4_121-92_95-default-1-3.4.1.ppc64le", "SUSE Linux Enterprise Server 12 SP2-LTSS:kgraft-patch-4_4_121-92_95-default-1-3.4.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-LTSS:lttng-modules-2.7.1-9.6.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-LTSS:lttng-modules-kmp-default-2.7.1_k4.4.121_92.95-9.6.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-4.4.121-92.95.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-4.4.121-92.95.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-base-4.4.121-92.95.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-base-4.4.121-92.95.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-devel-4.4.121-92.95.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-devel-4.4.121-92.95.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-devel-4.4.121-92.95.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-macros-4.4.121-92.95.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-source-4.4.121-92.95.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-syms-4.4.121-92.95.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-syms-4.4.121-92.95.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kgraft-patch-4_4_121-92_95-default-1-3.4.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kgraft-patch-4_4_121-92_95-default-1-3.4.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:lttng-modules-2.7.1-9.6.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:lttng-modules-kmp-default-2.7.1_k4.4.121_92.95-9.6.1.x86_64", "SUSE OpenStack Cloud 7:kernel-default-4.4.121-92.95.1.s390x", "SUSE OpenStack Cloud 7:kernel-default-4.4.121-92.95.1.x86_64", "SUSE OpenStack Cloud 7:kernel-default-base-4.4.121-92.95.1.s390x", "SUSE OpenStack Cloud 7:kernel-default-base-4.4.121-92.95.1.x86_64", "SUSE OpenStack Cloud 7:kernel-default-devel-4.4.121-92.95.1.s390x", "SUSE OpenStack Cloud 7:kernel-default-devel-4.4.121-92.95.1.x86_64", "SUSE OpenStack Cloud 7:kernel-default-man-4.4.121-92.95.1.s390x", "SUSE OpenStack Cloud 7:kernel-devel-4.4.121-92.95.1.noarch", "SUSE OpenStack Cloud 7:kernel-macros-4.4.121-92.95.1.noarch", "SUSE OpenStack Cloud 7:kernel-source-4.4.121-92.95.1.noarch", "SUSE OpenStack Cloud 7:kernel-syms-4.4.121-92.95.1.s390x", "SUSE OpenStack Cloud 7:kernel-syms-4.4.121-92.95.1.x86_64", "SUSE OpenStack Cloud 7:kgraft-patch-4_4_121-92_95-default-1-3.4.1.x86_64", "SUSE OpenStack Cloud 7:lttng-modules-2.7.1-9.6.1.x86_64", "SUSE OpenStack Cloud 7:lttng-modules-kmp-default-2.7.1_k4.4.121_92.95-9.6.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2018-10880", url: "https://www.suse.com/security/cve/CVE-2018-10880", }, { category: "external", summary: "SUSE Bug 1087082 for CVE-2018-10880", url: "https://bugzilla.suse.com/1087082", }, { category: "external", summary: "SUSE Bug 1099845 for CVE-2018-10880", url: "https://bugzilla.suse.com/1099845", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE Enterprise Storage 4:kernel-default-4.4.121-92.95.1.x86_64", "SUSE Enterprise Storage 4:kernel-default-base-4.4.121-92.95.1.x86_64", "SUSE Enterprise Storage 4:kernel-default-devel-4.4.121-92.95.1.x86_64", "SUSE Enterprise Storage 4:kernel-devel-4.4.121-92.95.1.noarch", "SUSE Enterprise Storage 4:kernel-macros-4.4.121-92.95.1.noarch", "SUSE Enterprise Storage 4:kernel-source-4.4.121-92.95.1.noarch", "SUSE Enterprise Storage 4:kernel-syms-4.4.121-92.95.1.x86_64", "SUSE Enterprise Storage 4:kgraft-patch-4_4_121-92_95-default-1-3.4.1.x86_64", "SUSE Enterprise Storage 4:lttng-modules-2.7.1-9.6.1.x86_64", "SUSE Enterprise Storage 4:lttng-modules-kmp-default-2.7.1_k4.4.121_92.95-9.6.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP2:cluster-md-kmp-default-4.4.121-92.95.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP2:cluster-md-kmp-default-4.4.121-92.95.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP2:cluster-md-kmp-default-4.4.121-92.95.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP2:cluster-network-kmp-default-4.4.121-92.95.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP2:cluster-network-kmp-default-4.4.121-92.95.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP2:cluster-network-kmp-default-4.4.121-92.95.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP2:dlm-kmp-default-4.4.121-92.95.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP2:dlm-kmp-default-4.4.121-92.95.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP2:dlm-kmp-default-4.4.121-92.95.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP2:gfs2-kmp-default-4.4.121-92.95.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP2:gfs2-kmp-default-4.4.121-92.95.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP2:gfs2-kmp-default-4.4.121-92.95.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP2:ocfs2-kmp-default-4.4.121-92.95.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP2:ocfs2-kmp-default-4.4.121-92.95.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP2:ocfs2-kmp-default-4.4.121-92.95.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-default-4.4.121-92.95.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-default-base-4.4.121-92.95.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-default-devel-4.4.121-92.95.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-devel-4.4.121-92.95.1.noarch", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-macros-4.4.121-92.95.1.noarch", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-source-4.4.121-92.95.1.noarch", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-syms-4.4.121-92.95.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:lttng-modules-2.7.1-9.6.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:lttng-modules-kmp-default-2.7.1_k4.4.121_92.95-9.6.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-4.4.121-92.95.1.ppc64le", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-4.4.121-92.95.1.s390x", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-4.4.121-92.95.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-base-4.4.121-92.95.1.ppc64le", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-base-4.4.121-92.95.1.s390x", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-base-4.4.121-92.95.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-devel-4.4.121-92.95.1.ppc64le", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-devel-4.4.121-92.95.1.s390x", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-devel-4.4.121-92.95.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-man-4.4.121-92.95.1.s390x", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-devel-4.4.121-92.95.1.noarch", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-macros-4.4.121-92.95.1.noarch", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-source-4.4.121-92.95.1.noarch", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-syms-4.4.121-92.95.1.ppc64le", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-syms-4.4.121-92.95.1.s390x", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-syms-4.4.121-92.95.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-LTSS:kgraft-patch-4_4_121-92_95-default-1-3.4.1.ppc64le", "SUSE Linux Enterprise Server 12 SP2-LTSS:kgraft-patch-4_4_121-92_95-default-1-3.4.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-LTSS:lttng-modules-2.7.1-9.6.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-LTSS:lttng-modules-kmp-default-2.7.1_k4.4.121_92.95-9.6.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-4.4.121-92.95.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-4.4.121-92.95.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-base-4.4.121-92.95.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-base-4.4.121-92.95.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-devel-4.4.121-92.95.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-devel-4.4.121-92.95.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-devel-4.4.121-92.95.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-macros-4.4.121-92.95.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-source-4.4.121-92.95.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-syms-4.4.121-92.95.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-syms-4.4.121-92.95.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kgraft-patch-4_4_121-92_95-default-1-3.4.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kgraft-patch-4_4_121-92_95-default-1-3.4.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:lttng-modules-2.7.1-9.6.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:lttng-modules-kmp-default-2.7.1_k4.4.121_92.95-9.6.1.x86_64", "SUSE OpenStack Cloud 7:kernel-default-4.4.121-92.95.1.s390x", "SUSE OpenStack Cloud 7:kernel-default-4.4.121-92.95.1.x86_64", "SUSE OpenStack Cloud 7:kernel-default-base-4.4.121-92.95.1.s390x", "SUSE OpenStack Cloud 7:kernel-default-base-4.4.121-92.95.1.x86_64", "SUSE OpenStack Cloud 7:kernel-default-devel-4.4.121-92.95.1.s390x", "SUSE OpenStack Cloud 7:kernel-default-devel-4.4.121-92.95.1.x86_64", "SUSE OpenStack Cloud 7:kernel-default-man-4.4.121-92.95.1.s390x", "SUSE OpenStack Cloud 7:kernel-devel-4.4.121-92.95.1.noarch", "SUSE OpenStack Cloud 7:kernel-macros-4.4.121-92.95.1.noarch", "SUSE OpenStack Cloud 7:kernel-source-4.4.121-92.95.1.noarch", "SUSE OpenStack Cloud 7:kernel-syms-4.4.121-92.95.1.s390x", "SUSE OpenStack Cloud 7:kernel-syms-4.4.121-92.95.1.x86_64", "SUSE OpenStack Cloud 7:kgraft-patch-4_4_121-92_95-default-1-3.4.1.x86_64", "SUSE OpenStack Cloud 7:lttng-modules-2.7.1-9.6.1.x86_64", "SUSE OpenStack Cloud 7:lttng-modules-kmp-default-2.7.1_k4.4.121_92.95-9.6.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 5.6, baseSeverity: "MEDIUM", vectorString: "CVSS:3.0/AV:L/AC:L/PR:L/UI:R/S:U/C:N/I:L/A:H", version: "3.0", }, products: [ "SUSE Enterprise Storage 4:kernel-default-4.4.121-92.95.1.x86_64", "SUSE Enterprise Storage 4:kernel-default-base-4.4.121-92.95.1.x86_64", "SUSE Enterprise Storage 4:kernel-default-devel-4.4.121-92.95.1.x86_64", "SUSE Enterprise Storage 4:kernel-devel-4.4.121-92.95.1.noarch", "SUSE Enterprise Storage 4:kernel-macros-4.4.121-92.95.1.noarch", "SUSE Enterprise Storage 4:kernel-source-4.4.121-92.95.1.noarch", "SUSE Enterprise Storage 4:kernel-syms-4.4.121-92.95.1.x86_64", "SUSE Enterprise Storage 4:kgraft-patch-4_4_121-92_95-default-1-3.4.1.x86_64", "SUSE Enterprise Storage 4:lttng-modules-2.7.1-9.6.1.x86_64", "SUSE Enterprise Storage 4:lttng-modules-kmp-default-2.7.1_k4.4.121_92.95-9.6.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP2:cluster-md-kmp-default-4.4.121-92.95.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP2:cluster-md-kmp-default-4.4.121-92.95.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP2:cluster-md-kmp-default-4.4.121-92.95.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP2:cluster-network-kmp-default-4.4.121-92.95.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP2:cluster-network-kmp-default-4.4.121-92.95.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP2:cluster-network-kmp-default-4.4.121-92.95.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP2:dlm-kmp-default-4.4.121-92.95.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP2:dlm-kmp-default-4.4.121-92.95.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP2:dlm-kmp-default-4.4.121-92.95.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP2:gfs2-kmp-default-4.4.121-92.95.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP2:gfs2-kmp-default-4.4.121-92.95.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP2:gfs2-kmp-default-4.4.121-92.95.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP2:ocfs2-kmp-default-4.4.121-92.95.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP2:ocfs2-kmp-default-4.4.121-92.95.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP2:ocfs2-kmp-default-4.4.121-92.95.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-default-4.4.121-92.95.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-default-base-4.4.121-92.95.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-default-devel-4.4.121-92.95.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-devel-4.4.121-92.95.1.noarch", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-macros-4.4.121-92.95.1.noarch", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-source-4.4.121-92.95.1.noarch", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-syms-4.4.121-92.95.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:lttng-modules-2.7.1-9.6.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:lttng-modules-kmp-default-2.7.1_k4.4.121_92.95-9.6.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-4.4.121-92.95.1.ppc64le", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-4.4.121-92.95.1.s390x", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-4.4.121-92.95.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-base-4.4.121-92.95.1.ppc64le", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-base-4.4.121-92.95.1.s390x", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-base-4.4.121-92.95.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-devel-4.4.121-92.95.1.ppc64le", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-devel-4.4.121-92.95.1.s390x", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-devel-4.4.121-92.95.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-man-4.4.121-92.95.1.s390x", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-devel-4.4.121-92.95.1.noarch", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-macros-4.4.121-92.95.1.noarch", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-source-4.4.121-92.95.1.noarch", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-syms-4.4.121-92.95.1.ppc64le", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-syms-4.4.121-92.95.1.s390x", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-syms-4.4.121-92.95.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-LTSS:kgraft-patch-4_4_121-92_95-default-1-3.4.1.ppc64le", "SUSE Linux Enterprise Server 12 SP2-LTSS:kgraft-patch-4_4_121-92_95-default-1-3.4.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-LTSS:lttng-modules-2.7.1-9.6.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-LTSS:lttng-modules-kmp-default-2.7.1_k4.4.121_92.95-9.6.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-4.4.121-92.95.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-4.4.121-92.95.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-base-4.4.121-92.95.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-base-4.4.121-92.95.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-devel-4.4.121-92.95.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-devel-4.4.121-92.95.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-devel-4.4.121-92.95.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-macros-4.4.121-92.95.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-source-4.4.121-92.95.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-syms-4.4.121-92.95.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-syms-4.4.121-92.95.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kgraft-patch-4_4_121-92_95-default-1-3.4.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kgraft-patch-4_4_121-92_95-default-1-3.4.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:lttng-modules-2.7.1-9.6.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:lttng-modules-kmp-default-2.7.1_k4.4.121_92.95-9.6.1.x86_64", "SUSE OpenStack Cloud 7:kernel-default-4.4.121-92.95.1.s390x", "SUSE OpenStack Cloud 7:kernel-default-4.4.121-92.95.1.x86_64", "SUSE OpenStack Cloud 7:kernel-default-base-4.4.121-92.95.1.s390x", "SUSE OpenStack Cloud 7:kernel-default-base-4.4.121-92.95.1.x86_64", "SUSE OpenStack Cloud 7:kernel-default-devel-4.4.121-92.95.1.s390x", "SUSE OpenStack Cloud 7:kernel-default-devel-4.4.121-92.95.1.x86_64", "SUSE OpenStack Cloud 7:kernel-default-man-4.4.121-92.95.1.s390x", "SUSE OpenStack Cloud 7:kernel-devel-4.4.121-92.95.1.noarch", "SUSE OpenStack Cloud 7:kernel-macros-4.4.121-92.95.1.noarch", "SUSE OpenStack Cloud 7:kernel-source-4.4.121-92.95.1.noarch", "SUSE OpenStack Cloud 7:kernel-syms-4.4.121-92.95.1.s390x", "SUSE OpenStack Cloud 7:kernel-syms-4.4.121-92.95.1.x86_64", "SUSE OpenStack Cloud 7:kgraft-patch-4_4_121-92_95-default-1-3.4.1.x86_64", "SUSE OpenStack Cloud 7:lttng-modules-2.7.1-9.6.1.x86_64", "SUSE OpenStack Cloud 7:lttng-modules-kmp-default-2.7.1_k4.4.121_92.95-9.6.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2018-10-09T12:00:14Z", details: "moderate", }, ], title: "CVE-2018-10880", }, { cve: "CVE-2018-10881", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2018-10881", }, ], notes: [ { category: "general", text: "A flaw was found in the Linux kernel's ext4 filesystem. A local user can cause an out-of-bound access in ext4_get_group_info function, a denial of service, and a system crash by mounting and operating on a crafted ext4 filesystem image.", title: "CVE description", }, ], product_status: { recommended: [ "SUSE Enterprise Storage 4:kernel-default-4.4.121-92.95.1.x86_64", "SUSE Enterprise Storage 4:kernel-default-base-4.4.121-92.95.1.x86_64", "SUSE Enterprise Storage 4:kernel-default-devel-4.4.121-92.95.1.x86_64", "SUSE Enterprise Storage 4:kernel-devel-4.4.121-92.95.1.noarch", "SUSE Enterprise Storage 4:kernel-macros-4.4.121-92.95.1.noarch", "SUSE Enterprise Storage 4:kernel-source-4.4.121-92.95.1.noarch", "SUSE Enterprise Storage 4:kernel-syms-4.4.121-92.95.1.x86_64", "SUSE Enterprise Storage 4:kgraft-patch-4_4_121-92_95-default-1-3.4.1.x86_64", "SUSE Enterprise Storage 4:lttng-modules-2.7.1-9.6.1.x86_64", "SUSE Enterprise Storage 4:lttng-modules-kmp-default-2.7.1_k4.4.121_92.95-9.6.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP2:cluster-md-kmp-default-4.4.121-92.95.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP2:cluster-md-kmp-default-4.4.121-92.95.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP2:cluster-md-kmp-default-4.4.121-92.95.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP2:cluster-network-kmp-default-4.4.121-92.95.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP2:cluster-network-kmp-default-4.4.121-92.95.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP2:cluster-network-kmp-default-4.4.121-92.95.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP2:dlm-kmp-default-4.4.121-92.95.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP2:dlm-kmp-default-4.4.121-92.95.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP2:dlm-kmp-default-4.4.121-92.95.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP2:gfs2-kmp-default-4.4.121-92.95.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP2:gfs2-kmp-default-4.4.121-92.95.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP2:gfs2-kmp-default-4.4.121-92.95.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP2:ocfs2-kmp-default-4.4.121-92.95.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP2:ocfs2-kmp-default-4.4.121-92.95.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP2:ocfs2-kmp-default-4.4.121-92.95.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-default-4.4.121-92.95.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-default-base-4.4.121-92.95.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-default-devel-4.4.121-92.95.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-devel-4.4.121-92.95.1.noarch", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-macros-4.4.121-92.95.1.noarch", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-source-4.4.121-92.95.1.noarch", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-syms-4.4.121-92.95.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:lttng-modules-2.7.1-9.6.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:lttng-modules-kmp-default-2.7.1_k4.4.121_92.95-9.6.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-4.4.121-92.95.1.ppc64le", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-4.4.121-92.95.1.s390x", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-4.4.121-92.95.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-base-4.4.121-92.95.1.ppc64le", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-base-4.4.121-92.95.1.s390x", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-base-4.4.121-92.95.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-devel-4.4.121-92.95.1.ppc64le", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-devel-4.4.121-92.95.1.s390x", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-devel-4.4.121-92.95.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-man-4.4.121-92.95.1.s390x", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-devel-4.4.121-92.95.1.noarch", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-macros-4.4.121-92.95.1.noarch", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-source-4.4.121-92.95.1.noarch", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-syms-4.4.121-92.95.1.ppc64le", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-syms-4.4.121-92.95.1.s390x", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-syms-4.4.121-92.95.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-LTSS:kgraft-patch-4_4_121-92_95-default-1-3.4.1.ppc64le", "SUSE Linux Enterprise Server 12 SP2-LTSS:kgraft-patch-4_4_121-92_95-default-1-3.4.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-LTSS:lttng-modules-2.7.1-9.6.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-LTSS:lttng-modules-kmp-default-2.7.1_k4.4.121_92.95-9.6.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-4.4.121-92.95.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-4.4.121-92.95.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-base-4.4.121-92.95.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-base-4.4.121-92.95.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-devel-4.4.121-92.95.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-devel-4.4.121-92.95.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-devel-4.4.121-92.95.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-macros-4.4.121-92.95.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-source-4.4.121-92.95.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-syms-4.4.121-92.95.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-syms-4.4.121-92.95.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kgraft-patch-4_4_121-92_95-default-1-3.4.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kgraft-patch-4_4_121-92_95-default-1-3.4.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:lttng-modules-2.7.1-9.6.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:lttng-modules-kmp-default-2.7.1_k4.4.121_92.95-9.6.1.x86_64", "SUSE OpenStack Cloud 7:kernel-default-4.4.121-92.95.1.s390x", "SUSE OpenStack Cloud 7:kernel-default-4.4.121-92.95.1.x86_64", "SUSE OpenStack Cloud 7:kernel-default-base-4.4.121-92.95.1.s390x", "SUSE OpenStack Cloud 7:kernel-default-base-4.4.121-92.95.1.x86_64", "SUSE OpenStack Cloud 7:kernel-default-devel-4.4.121-92.95.1.s390x", "SUSE OpenStack Cloud 7:kernel-default-devel-4.4.121-92.95.1.x86_64", "SUSE OpenStack Cloud 7:kernel-default-man-4.4.121-92.95.1.s390x", "SUSE OpenStack Cloud 7:kernel-devel-4.4.121-92.95.1.noarch", "SUSE OpenStack Cloud 7:kernel-macros-4.4.121-92.95.1.noarch", "SUSE OpenStack Cloud 7:kernel-source-4.4.121-92.95.1.noarch", "SUSE OpenStack Cloud 7:kernel-syms-4.4.121-92.95.1.s390x", "SUSE OpenStack Cloud 7:kernel-syms-4.4.121-92.95.1.x86_64", "SUSE OpenStack Cloud 7:kgraft-patch-4_4_121-92_95-default-1-3.4.1.x86_64", "SUSE OpenStack Cloud 7:lttng-modules-2.7.1-9.6.1.x86_64", "SUSE OpenStack Cloud 7:lttng-modules-kmp-default-2.7.1_k4.4.121_92.95-9.6.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2018-10881", url: "https://www.suse.com/security/cve/CVE-2018-10881", }, { category: "external", summary: "SUSE Bug 1087082 for CVE-2018-10881", url: "https://bugzilla.suse.com/1087082", }, { category: "external", summary: "SUSE Bug 1099864 for CVE-2018-10881", url: "https://bugzilla.suse.com/1099864", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE Enterprise Storage 4:kernel-default-4.4.121-92.95.1.x86_64", "SUSE Enterprise Storage 4:kernel-default-base-4.4.121-92.95.1.x86_64", "SUSE Enterprise Storage 4:kernel-default-devel-4.4.121-92.95.1.x86_64", "SUSE Enterprise Storage 4:kernel-devel-4.4.121-92.95.1.noarch", "SUSE Enterprise Storage 4:kernel-macros-4.4.121-92.95.1.noarch", "SUSE Enterprise Storage 4:kernel-source-4.4.121-92.95.1.noarch", "SUSE Enterprise Storage 4:kernel-syms-4.4.121-92.95.1.x86_64", "SUSE Enterprise Storage 4:kgraft-patch-4_4_121-92_95-default-1-3.4.1.x86_64", "SUSE Enterprise Storage 4:lttng-modules-2.7.1-9.6.1.x86_64", "SUSE Enterprise Storage 4:lttng-modules-kmp-default-2.7.1_k4.4.121_92.95-9.6.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP2:cluster-md-kmp-default-4.4.121-92.95.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP2:cluster-md-kmp-default-4.4.121-92.95.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP2:cluster-md-kmp-default-4.4.121-92.95.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP2:cluster-network-kmp-default-4.4.121-92.95.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP2:cluster-network-kmp-default-4.4.121-92.95.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP2:cluster-network-kmp-default-4.4.121-92.95.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP2:dlm-kmp-default-4.4.121-92.95.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP2:dlm-kmp-default-4.4.121-92.95.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP2:dlm-kmp-default-4.4.121-92.95.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP2:gfs2-kmp-default-4.4.121-92.95.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP2:gfs2-kmp-default-4.4.121-92.95.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP2:gfs2-kmp-default-4.4.121-92.95.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP2:ocfs2-kmp-default-4.4.121-92.95.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP2:ocfs2-kmp-default-4.4.121-92.95.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP2:ocfs2-kmp-default-4.4.121-92.95.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-default-4.4.121-92.95.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-default-base-4.4.121-92.95.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-default-devel-4.4.121-92.95.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-devel-4.4.121-92.95.1.noarch", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-macros-4.4.121-92.95.1.noarch", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-source-4.4.121-92.95.1.noarch", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-syms-4.4.121-92.95.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:lttng-modules-2.7.1-9.6.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:lttng-modules-kmp-default-2.7.1_k4.4.121_92.95-9.6.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-4.4.121-92.95.1.ppc64le", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-4.4.121-92.95.1.s390x", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-4.4.121-92.95.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-base-4.4.121-92.95.1.ppc64le", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-base-4.4.121-92.95.1.s390x", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-base-4.4.121-92.95.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-devel-4.4.121-92.95.1.ppc64le", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-devel-4.4.121-92.95.1.s390x", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-devel-4.4.121-92.95.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-man-4.4.121-92.95.1.s390x", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-devel-4.4.121-92.95.1.noarch", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-macros-4.4.121-92.95.1.noarch", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-source-4.4.121-92.95.1.noarch", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-syms-4.4.121-92.95.1.ppc64le", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-syms-4.4.121-92.95.1.s390x", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-syms-4.4.121-92.95.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-LTSS:kgraft-patch-4_4_121-92_95-default-1-3.4.1.ppc64le", "SUSE Linux Enterprise Server 12 SP2-LTSS:kgraft-patch-4_4_121-92_95-default-1-3.4.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-LTSS:lttng-modules-2.7.1-9.6.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-LTSS:lttng-modules-kmp-default-2.7.1_k4.4.121_92.95-9.6.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-4.4.121-92.95.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-4.4.121-92.95.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-base-4.4.121-92.95.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-base-4.4.121-92.95.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-devel-4.4.121-92.95.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-devel-4.4.121-92.95.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-devel-4.4.121-92.95.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-macros-4.4.121-92.95.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-source-4.4.121-92.95.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-syms-4.4.121-92.95.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-syms-4.4.121-92.95.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kgraft-patch-4_4_121-92_95-default-1-3.4.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kgraft-patch-4_4_121-92_95-default-1-3.4.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:lttng-modules-2.7.1-9.6.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:lttng-modules-kmp-default-2.7.1_k4.4.121_92.95-9.6.1.x86_64", "SUSE OpenStack Cloud 7:kernel-default-4.4.121-92.95.1.s390x", "SUSE OpenStack Cloud 7:kernel-default-4.4.121-92.95.1.x86_64", "SUSE OpenStack Cloud 7:kernel-default-base-4.4.121-92.95.1.s390x", "SUSE OpenStack Cloud 7:kernel-default-base-4.4.121-92.95.1.x86_64", "SUSE OpenStack Cloud 7:kernel-default-devel-4.4.121-92.95.1.s390x", "SUSE OpenStack Cloud 7:kernel-default-devel-4.4.121-92.95.1.x86_64", "SUSE OpenStack Cloud 7:kernel-default-man-4.4.121-92.95.1.s390x", "SUSE OpenStack Cloud 7:kernel-devel-4.4.121-92.95.1.noarch", "SUSE OpenStack Cloud 7:kernel-macros-4.4.121-92.95.1.noarch", "SUSE OpenStack Cloud 7:kernel-source-4.4.121-92.95.1.noarch", "SUSE OpenStack Cloud 7:kernel-syms-4.4.121-92.95.1.s390x", "SUSE OpenStack Cloud 7:kernel-syms-4.4.121-92.95.1.x86_64", "SUSE OpenStack Cloud 7:kgraft-patch-4_4_121-92_95-default-1-3.4.1.x86_64", "SUSE OpenStack Cloud 7:lttng-modules-2.7.1-9.6.1.x86_64", "SUSE OpenStack Cloud 7:lttng-modules-kmp-default-2.7.1_k4.4.121_92.95-9.6.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 5, baseSeverity: "MEDIUM", vectorString: "CVSS:3.0/AV:L/AC:L/PR:L/UI:R/S:U/C:N/I:N/A:H", version: "3.0", }, products: [ "SUSE Enterprise Storage 4:kernel-default-4.4.121-92.95.1.x86_64", "SUSE Enterprise Storage 4:kernel-default-base-4.4.121-92.95.1.x86_64", "SUSE Enterprise Storage 4:kernel-default-devel-4.4.121-92.95.1.x86_64", "SUSE Enterprise Storage 4:kernel-devel-4.4.121-92.95.1.noarch", "SUSE Enterprise Storage 4:kernel-macros-4.4.121-92.95.1.noarch", "SUSE Enterprise Storage 4:kernel-source-4.4.121-92.95.1.noarch", "SUSE Enterprise Storage 4:kernel-syms-4.4.121-92.95.1.x86_64", "SUSE Enterprise Storage 4:kgraft-patch-4_4_121-92_95-default-1-3.4.1.x86_64", "SUSE Enterprise Storage 4:lttng-modules-2.7.1-9.6.1.x86_64", "SUSE Enterprise Storage 4:lttng-modules-kmp-default-2.7.1_k4.4.121_92.95-9.6.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP2:cluster-md-kmp-default-4.4.121-92.95.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP2:cluster-md-kmp-default-4.4.121-92.95.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP2:cluster-md-kmp-default-4.4.121-92.95.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP2:cluster-network-kmp-default-4.4.121-92.95.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP2:cluster-network-kmp-default-4.4.121-92.95.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP2:cluster-network-kmp-default-4.4.121-92.95.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP2:dlm-kmp-default-4.4.121-92.95.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP2:dlm-kmp-default-4.4.121-92.95.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP2:dlm-kmp-default-4.4.121-92.95.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP2:gfs2-kmp-default-4.4.121-92.95.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP2:gfs2-kmp-default-4.4.121-92.95.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP2:gfs2-kmp-default-4.4.121-92.95.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP2:ocfs2-kmp-default-4.4.121-92.95.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP2:ocfs2-kmp-default-4.4.121-92.95.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP2:ocfs2-kmp-default-4.4.121-92.95.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-default-4.4.121-92.95.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-default-base-4.4.121-92.95.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-default-devel-4.4.121-92.95.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-devel-4.4.121-92.95.1.noarch", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-macros-4.4.121-92.95.1.noarch", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-source-4.4.121-92.95.1.noarch", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-syms-4.4.121-92.95.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:lttng-modules-2.7.1-9.6.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:lttng-modules-kmp-default-2.7.1_k4.4.121_92.95-9.6.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-4.4.121-92.95.1.ppc64le", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-4.4.121-92.95.1.s390x", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-4.4.121-92.95.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-base-4.4.121-92.95.1.ppc64le", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-base-4.4.121-92.95.1.s390x", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-base-4.4.121-92.95.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-devel-4.4.121-92.95.1.ppc64le", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-devel-4.4.121-92.95.1.s390x", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-devel-4.4.121-92.95.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-man-4.4.121-92.95.1.s390x", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-devel-4.4.121-92.95.1.noarch", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-macros-4.4.121-92.95.1.noarch", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-source-4.4.121-92.95.1.noarch", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-syms-4.4.121-92.95.1.ppc64le", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-syms-4.4.121-92.95.1.s390x", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-syms-4.4.121-92.95.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-LTSS:kgraft-patch-4_4_121-92_95-default-1-3.4.1.ppc64le", "SUSE Linux Enterprise Server 12 SP2-LTSS:kgraft-patch-4_4_121-92_95-default-1-3.4.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-LTSS:lttng-modules-2.7.1-9.6.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-LTSS:lttng-modules-kmp-default-2.7.1_k4.4.121_92.95-9.6.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-4.4.121-92.95.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-4.4.121-92.95.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-base-4.4.121-92.95.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-base-4.4.121-92.95.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-devel-4.4.121-92.95.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-devel-4.4.121-92.95.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-devel-4.4.121-92.95.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-macros-4.4.121-92.95.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-source-4.4.121-92.95.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-syms-4.4.121-92.95.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-syms-4.4.121-92.95.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kgraft-patch-4_4_121-92_95-default-1-3.4.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kgraft-patch-4_4_121-92_95-default-1-3.4.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:lttng-modules-2.7.1-9.6.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:lttng-modules-kmp-default-2.7.1_k4.4.121_92.95-9.6.1.x86_64", "SUSE OpenStack Cloud 7:kernel-default-4.4.121-92.95.1.s390x", "SUSE OpenStack Cloud 7:kernel-default-4.4.121-92.95.1.x86_64", "SUSE OpenStack Cloud 7:kernel-default-base-4.4.121-92.95.1.s390x", "SUSE OpenStack Cloud 7:kernel-default-base-4.4.121-92.95.1.x86_64", "SUSE OpenStack Cloud 7:kernel-default-devel-4.4.121-92.95.1.s390x", "SUSE OpenStack Cloud 7:kernel-default-devel-4.4.121-92.95.1.x86_64", "SUSE OpenStack Cloud 7:kernel-default-man-4.4.121-92.95.1.s390x", "SUSE OpenStack Cloud 7:kernel-devel-4.4.121-92.95.1.noarch", "SUSE OpenStack Cloud 7:kernel-macros-4.4.121-92.95.1.noarch", "SUSE OpenStack Cloud 7:kernel-source-4.4.121-92.95.1.noarch", "SUSE OpenStack Cloud 7:kernel-syms-4.4.121-92.95.1.s390x", "SUSE OpenStack Cloud 7:kernel-syms-4.4.121-92.95.1.x86_64", "SUSE OpenStack Cloud 7:kgraft-patch-4_4_121-92_95-default-1-3.4.1.x86_64", "SUSE OpenStack Cloud 7:lttng-modules-2.7.1-9.6.1.x86_64", "SUSE OpenStack Cloud 7:lttng-modules-kmp-default-2.7.1_k4.4.121_92.95-9.6.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2018-10-09T12:00:14Z", details: "moderate", }, ], title: "CVE-2018-10881", }, { cve: "CVE-2018-10882", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2018-10882", }, ], notes: [ { category: "general", text: "A flaw was found in the Linux kernel's ext4 filesystem. A local user can cause an out-of-bound write in in fs/jbd2/transaction.c code, a denial of service, and a system crash by unmounting a crafted ext4 filesystem image.", title: "CVE description", }, ], product_status: { recommended: [ "SUSE Enterprise Storage 4:kernel-default-4.4.121-92.95.1.x86_64", "SUSE Enterprise Storage 4:kernel-default-base-4.4.121-92.95.1.x86_64", "SUSE Enterprise Storage 4:kernel-default-devel-4.4.121-92.95.1.x86_64", "SUSE Enterprise Storage 4:kernel-devel-4.4.121-92.95.1.noarch", "SUSE Enterprise Storage 4:kernel-macros-4.4.121-92.95.1.noarch", "SUSE Enterprise Storage 4:kernel-source-4.4.121-92.95.1.noarch", "SUSE Enterprise Storage 4:kernel-syms-4.4.121-92.95.1.x86_64", "SUSE Enterprise Storage 4:kgraft-patch-4_4_121-92_95-default-1-3.4.1.x86_64", "SUSE Enterprise Storage 4:lttng-modules-2.7.1-9.6.1.x86_64", "SUSE Enterprise Storage 4:lttng-modules-kmp-default-2.7.1_k4.4.121_92.95-9.6.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP2:cluster-md-kmp-default-4.4.121-92.95.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP2:cluster-md-kmp-default-4.4.121-92.95.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP2:cluster-md-kmp-default-4.4.121-92.95.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP2:cluster-network-kmp-default-4.4.121-92.95.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP2:cluster-network-kmp-default-4.4.121-92.95.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP2:cluster-network-kmp-default-4.4.121-92.95.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP2:dlm-kmp-default-4.4.121-92.95.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP2:dlm-kmp-default-4.4.121-92.95.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP2:dlm-kmp-default-4.4.121-92.95.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP2:gfs2-kmp-default-4.4.121-92.95.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP2:gfs2-kmp-default-4.4.121-92.95.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP2:gfs2-kmp-default-4.4.121-92.95.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP2:ocfs2-kmp-default-4.4.121-92.95.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP2:ocfs2-kmp-default-4.4.121-92.95.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP2:ocfs2-kmp-default-4.4.121-92.95.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-default-4.4.121-92.95.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-default-base-4.4.121-92.95.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-default-devel-4.4.121-92.95.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-devel-4.4.121-92.95.1.noarch", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-macros-4.4.121-92.95.1.noarch", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-source-4.4.121-92.95.1.noarch", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-syms-4.4.121-92.95.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:lttng-modules-2.7.1-9.6.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:lttng-modules-kmp-default-2.7.1_k4.4.121_92.95-9.6.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-4.4.121-92.95.1.ppc64le", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-4.4.121-92.95.1.s390x", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-4.4.121-92.95.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-base-4.4.121-92.95.1.ppc64le", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-base-4.4.121-92.95.1.s390x", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-base-4.4.121-92.95.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-devel-4.4.121-92.95.1.ppc64le", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-devel-4.4.121-92.95.1.s390x", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-devel-4.4.121-92.95.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-man-4.4.121-92.95.1.s390x", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-devel-4.4.121-92.95.1.noarch", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-macros-4.4.121-92.95.1.noarch", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-source-4.4.121-92.95.1.noarch", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-syms-4.4.121-92.95.1.ppc64le", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-syms-4.4.121-92.95.1.s390x", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-syms-4.4.121-92.95.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-LTSS:kgraft-patch-4_4_121-92_95-default-1-3.4.1.ppc64le", "SUSE Linux Enterprise Server 12 SP2-LTSS:kgraft-patch-4_4_121-92_95-default-1-3.4.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-LTSS:lttng-modules-2.7.1-9.6.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-LTSS:lttng-modules-kmp-default-2.7.1_k4.4.121_92.95-9.6.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-4.4.121-92.95.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-4.4.121-92.95.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-base-4.4.121-92.95.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-base-4.4.121-92.95.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-devel-4.4.121-92.95.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-devel-4.4.121-92.95.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-devel-4.4.121-92.95.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-macros-4.4.121-92.95.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-source-4.4.121-92.95.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-syms-4.4.121-92.95.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-syms-4.4.121-92.95.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kgraft-patch-4_4_121-92_95-default-1-3.4.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kgraft-patch-4_4_121-92_95-default-1-3.4.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:lttng-modules-2.7.1-9.6.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:lttng-modules-kmp-default-2.7.1_k4.4.121_92.95-9.6.1.x86_64", "SUSE OpenStack Cloud 7:kernel-default-4.4.121-92.95.1.s390x", "SUSE OpenStack Cloud 7:kernel-default-4.4.121-92.95.1.x86_64", "SUSE OpenStack Cloud 7:kernel-default-base-4.4.121-92.95.1.s390x", "SUSE OpenStack Cloud 7:kernel-default-base-4.4.121-92.95.1.x86_64", "SUSE OpenStack Cloud 7:kernel-default-devel-4.4.121-92.95.1.s390x", "SUSE OpenStack Cloud 7:kernel-default-devel-4.4.121-92.95.1.x86_64", "SUSE OpenStack Cloud 7:kernel-default-man-4.4.121-92.95.1.s390x", "SUSE OpenStack Cloud 7:kernel-devel-4.4.121-92.95.1.noarch", "SUSE OpenStack Cloud 7:kernel-macros-4.4.121-92.95.1.noarch", "SUSE OpenStack Cloud 7:kernel-source-4.4.121-92.95.1.noarch", "SUSE OpenStack Cloud 7:kernel-syms-4.4.121-92.95.1.s390x", "SUSE OpenStack Cloud 7:kernel-syms-4.4.121-92.95.1.x86_64", "SUSE OpenStack Cloud 7:kgraft-patch-4_4_121-92_95-default-1-3.4.1.x86_64", "SUSE OpenStack Cloud 7:lttng-modules-2.7.1-9.6.1.x86_64", "SUSE OpenStack Cloud 7:lttng-modules-kmp-default-2.7.1_k4.4.121_92.95-9.6.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2018-10882", url: "https://www.suse.com/security/cve/CVE-2018-10882", }, { category: "external", summary: "SUSE Bug 1087082 for CVE-2018-10882", url: "https://bugzilla.suse.com/1087082", }, { category: "external", summary: "SUSE Bug 1099849 for CVE-2018-10882", url: "https://bugzilla.suse.com/1099849", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE Enterprise Storage 4:kernel-default-4.4.121-92.95.1.x86_64", "SUSE Enterprise Storage 4:kernel-default-base-4.4.121-92.95.1.x86_64", "SUSE Enterprise Storage 4:kernel-default-devel-4.4.121-92.95.1.x86_64", "SUSE Enterprise Storage 4:kernel-devel-4.4.121-92.95.1.noarch", "SUSE Enterprise Storage 4:kernel-macros-4.4.121-92.95.1.noarch", "SUSE Enterprise Storage 4:kernel-source-4.4.121-92.95.1.noarch", "SUSE Enterprise Storage 4:kernel-syms-4.4.121-92.95.1.x86_64", "SUSE Enterprise Storage 4:kgraft-patch-4_4_121-92_95-default-1-3.4.1.x86_64", "SUSE Enterprise Storage 4:lttng-modules-2.7.1-9.6.1.x86_64", "SUSE Enterprise Storage 4:lttng-modules-kmp-default-2.7.1_k4.4.121_92.95-9.6.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP2:cluster-md-kmp-default-4.4.121-92.95.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP2:cluster-md-kmp-default-4.4.121-92.95.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP2:cluster-md-kmp-default-4.4.121-92.95.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP2:cluster-network-kmp-default-4.4.121-92.95.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP2:cluster-network-kmp-default-4.4.121-92.95.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP2:cluster-network-kmp-default-4.4.121-92.95.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP2:dlm-kmp-default-4.4.121-92.95.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP2:dlm-kmp-default-4.4.121-92.95.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP2:dlm-kmp-default-4.4.121-92.95.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP2:gfs2-kmp-default-4.4.121-92.95.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP2:gfs2-kmp-default-4.4.121-92.95.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP2:gfs2-kmp-default-4.4.121-92.95.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP2:ocfs2-kmp-default-4.4.121-92.95.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP2:ocfs2-kmp-default-4.4.121-92.95.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP2:ocfs2-kmp-default-4.4.121-92.95.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-default-4.4.121-92.95.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-default-base-4.4.121-92.95.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-default-devel-4.4.121-92.95.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-devel-4.4.121-92.95.1.noarch", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-macros-4.4.121-92.95.1.noarch", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-source-4.4.121-92.95.1.noarch", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-syms-4.4.121-92.95.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:lttng-modules-2.7.1-9.6.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:lttng-modules-kmp-default-2.7.1_k4.4.121_92.95-9.6.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-4.4.121-92.95.1.ppc64le", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-4.4.121-92.95.1.s390x", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-4.4.121-92.95.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-base-4.4.121-92.95.1.ppc64le", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-base-4.4.121-92.95.1.s390x", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-base-4.4.121-92.95.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-devel-4.4.121-92.95.1.ppc64le", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-devel-4.4.121-92.95.1.s390x", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-devel-4.4.121-92.95.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-man-4.4.121-92.95.1.s390x", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-devel-4.4.121-92.95.1.noarch", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-macros-4.4.121-92.95.1.noarch", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-source-4.4.121-92.95.1.noarch", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-syms-4.4.121-92.95.1.ppc64le", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-syms-4.4.121-92.95.1.s390x", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-syms-4.4.121-92.95.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-LTSS:kgraft-patch-4_4_121-92_95-default-1-3.4.1.ppc64le", "SUSE Linux Enterprise Server 12 SP2-LTSS:kgraft-patch-4_4_121-92_95-default-1-3.4.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-LTSS:lttng-modules-2.7.1-9.6.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-LTSS:lttng-modules-kmp-default-2.7.1_k4.4.121_92.95-9.6.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-4.4.121-92.95.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-4.4.121-92.95.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-base-4.4.121-92.95.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-base-4.4.121-92.95.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-devel-4.4.121-92.95.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-devel-4.4.121-92.95.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-devel-4.4.121-92.95.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-macros-4.4.121-92.95.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-source-4.4.121-92.95.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-syms-4.4.121-92.95.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-syms-4.4.121-92.95.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kgraft-patch-4_4_121-92_95-default-1-3.4.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kgraft-patch-4_4_121-92_95-default-1-3.4.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:lttng-modules-2.7.1-9.6.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:lttng-modules-kmp-default-2.7.1_k4.4.121_92.95-9.6.1.x86_64", "SUSE OpenStack Cloud 7:kernel-default-4.4.121-92.95.1.s390x", "SUSE OpenStack Cloud 7:kernel-default-4.4.121-92.95.1.x86_64", "SUSE OpenStack Cloud 7:kernel-default-base-4.4.121-92.95.1.s390x", "SUSE OpenStack Cloud 7:kernel-default-base-4.4.121-92.95.1.x86_64", "SUSE OpenStack Cloud 7:kernel-default-devel-4.4.121-92.95.1.s390x", "SUSE OpenStack Cloud 7:kernel-default-devel-4.4.121-92.95.1.x86_64", "SUSE OpenStack Cloud 7:kernel-default-man-4.4.121-92.95.1.s390x", "SUSE OpenStack Cloud 7:kernel-devel-4.4.121-92.95.1.noarch", "SUSE OpenStack Cloud 7:kernel-macros-4.4.121-92.95.1.noarch", "SUSE OpenStack Cloud 7:kernel-source-4.4.121-92.95.1.noarch", "SUSE OpenStack Cloud 7:kernel-syms-4.4.121-92.95.1.s390x", "SUSE OpenStack Cloud 7:kernel-syms-4.4.121-92.95.1.x86_64", "SUSE OpenStack Cloud 7:kgraft-patch-4_4_121-92_95-default-1-3.4.1.x86_64", "SUSE OpenStack Cloud 7:lttng-modules-2.7.1-9.6.1.x86_64", "SUSE OpenStack Cloud 7:lttng-modules-kmp-default-2.7.1_k4.4.121_92.95-9.6.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 5, baseSeverity: "MEDIUM", vectorString: "CVSS:3.0/AV:L/AC:L/PR:L/UI:R/S:U/C:N/I:N/A:H", version: "3.0", }, products: [ "SUSE Enterprise Storage 4:kernel-default-4.4.121-92.95.1.x86_64", "SUSE Enterprise Storage 4:kernel-default-base-4.4.121-92.95.1.x86_64", "SUSE Enterprise Storage 4:kernel-default-devel-4.4.121-92.95.1.x86_64", "SUSE Enterprise Storage 4:kernel-devel-4.4.121-92.95.1.noarch", "SUSE Enterprise Storage 4:kernel-macros-4.4.121-92.95.1.noarch", "SUSE Enterprise Storage 4:kernel-source-4.4.121-92.95.1.noarch", "SUSE Enterprise Storage 4:kernel-syms-4.4.121-92.95.1.x86_64", "SUSE Enterprise Storage 4:kgraft-patch-4_4_121-92_95-default-1-3.4.1.x86_64", "SUSE Enterprise Storage 4:lttng-modules-2.7.1-9.6.1.x86_64", "SUSE Enterprise Storage 4:lttng-modules-kmp-default-2.7.1_k4.4.121_92.95-9.6.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP2:cluster-md-kmp-default-4.4.121-92.95.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP2:cluster-md-kmp-default-4.4.121-92.95.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP2:cluster-md-kmp-default-4.4.121-92.95.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP2:cluster-network-kmp-default-4.4.121-92.95.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP2:cluster-network-kmp-default-4.4.121-92.95.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP2:cluster-network-kmp-default-4.4.121-92.95.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP2:dlm-kmp-default-4.4.121-92.95.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP2:dlm-kmp-default-4.4.121-92.95.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP2:dlm-kmp-default-4.4.121-92.95.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP2:gfs2-kmp-default-4.4.121-92.95.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP2:gfs2-kmp-default-4.4.121-92.95.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP2:gfs2-kmp-default-4.4.121-92.95.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP2:ocfs2-kmp-default-4.4.121-92.95.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP2:ocfs2-kmp-default-4.4.121-92.95.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP2:ocfs2-kmp-default-4.4.121-92.95.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-default-4.4.121-92.95.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-default-base-4.4.121-92.95.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-default-devel-4.4.121-92.95.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-devel-4.4.121-92.95.1.noarch", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-macros-4.4.121-92.95.1.noarch", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-source-4.4.121-92.95.1.noarch", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-syms-4.4.121-92.95.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:lttng-modules-2.7.1-9.6.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:lttng-modules-kmp-default-2.7.1_k4.4.121_92.95-9.6.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-4.4.121-92.95.1.ppc64le", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-4.4.121-92.95.1.s390x", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-4.4.121-92.95.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-base-4.4.121-92.95.1.ppc64le", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-base-4.4.121-92.95.1.s390x", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-base-4.4.121-92.95.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-devel-4.4.121-92.95.1.ppc64le", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-devel-4.4.121-92.95.1.s390x", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-devel-4.4.121-92.95.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-man-4.4.121-92.95.1.s390x", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-devel-4.4.121-92.95.1.noarch", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-macros-4.4.121-92.95.1.noarch", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-source-4.4.121-92.95.1.noarch", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-syms-4.4.121-92.95.1.ppc64le", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-syms-4.4.121-92.95.1.s390x", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-syms-4.4.121-92.95.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-LTSS:kgraft-patch-4_4_121-92_95-default-1-3.4.1.ppc64le", "SUSE Linux Enterprise Server 12 SP2-LTSS:kgraft-patch-4_4_121-92_95-default-1-3.4.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-LTSS:lttng-modules-2.7.1-9.6.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-LTSS:lttng-modules-kmp-default-2.7.1_k4.4.121_92.95-9.6.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-4.4.121-92.95.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-4.4.121-92.95.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-base-4.4.121-92.95.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-base-4.4.121-92.95.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-devel-4.4.121-92.95.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-devel-4.4.121-92.95.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-devel-4.4.121-92.95.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-macros-4.4.121-92.95.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-source-4.4.121-92.95.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-syms-4.4.121-92.95.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-syms-4.4.121-92.95.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kgraft-patch-4_4_121-92_95-default-1-3.4.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kgraft-patch-4_4_121-92_95-default-1-3.4.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:lttng-modules-2.7.1-9.6.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:lttng-modules-kmp-default-2.7.1_k4.4.121_92.95-9.6.1.x86_64", "SUSE OpenStack Cloud 7:kernel-default-4.4.121-92.95.1.s390x", "SUSE OpenStack Cloud 7:kernel-default-4.4.121-92.95.1.x86_64", "SUSE OpenStack Cloud 7:kernel-default-base-4.4.121-92.95.1.s390x", "SUSE OpenStack Cloud 7:kernel-default-base-4.4.121-92.95.1.x86_64", "SUSE OpenStack Cloud 7:kernel-default-devel-4.4.121-92.95.1.s390x", "SUSE OpenStack Cloud 7:kernel-default-devel-4.4.121-92.95.1.x86_64", "SUSE OpenStack Cloud 7:kernel-default-man-4.4.121-92.95.1.s390x", "SUSE OpenStack Cloud 7:kernel-devel-4.4.121-92.95.1.noarch", "SUSE OpenStack Cloud 7:kernel-macros-4.4.121-92.95.1.noarch", "SUSE OpenStack Cloud 7:kernel-source-4.4.121-92.95.1.noarch", "SUSE OpenStack Cloud 7:kernel-syms-4.4.121-92.95.1.s390x", "SUSE OpenStack Cloud 7:kernel-syms-4.4.121-92.95.1.x86_64", "SUSE OpenStack Cloud 7:kgraft-patch-4_4_121-92_95-default-1-3.4.1.x86_64", "SUSE OpenStack Cloud 7:lttng-modules-2.7.1-9.6.1.x86_64", "SUSE OpenStack Cloud 7:lttng-modules-kmp-default-2.7.1_k4.4.121_92.95-9.6.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2018-10-09T12:00:14Z", details: "moderate", }, ], title: "CVE-2018-10882", }, { cve: "CVE-2018-10883", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2018-10883", }, ], notes: [ { category: "general", text: "A flaw was found in the Linux kernel's ext4 filesystem. A local user can cause an out-of-bounds write in jbd2_journal_dirty_metadata(), a denial of service, and a system crash by mounting and operating on a crafted ext4 filesystem image.", title: "CVE description", }, ], product_status: { recommended: [ "SUSE Enterprise Storage 4:kernel-default-4.4.121-92.95.1.x86_64", "SUSE Enterprise Storage 4:kernel-default-base-4.4.121-92.95.1.x86_64", "SUSE Enterprise Storage 4:kernel-default-devel-4.4.121-92.95.1.x86_64", "SUSE Enterprise Storage 4:kernel-devel-4.4.121-92.95.1.noarch", "SUSE Enterprise Storage 4:kernel-macros-4.4.121-92.95.1.noarch", "SUSE Enterprise Storage 4:kernel-source-4.4.121-92.95.1.noarch", "SUSE Enterprise Storage 4:kernel-syms-4.4.121-92.95.1.x86_64", "SUSE Enterprise Storage 4:kgraft-patch-4_4_121-92_95-default-1-3.4.1.x86_64", "SUSE Enterprise Storage 4:lttng-modules-2.7.1-9.6.1.x86_64", "SUSE Enterprise Storage 4:lttng-modules-kmp-default-2.7.1_k4.4.121_92.95-9.6.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP2:cluster-md-kmp-default-4.4.121-92.95.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP2:cluster-md-kmp-default-4.4.121-92.95.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP2:cluster-md-kmp-default-4.4.121-92.95.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP2:cluster-network-kmp-default-4.4.121-92.95.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP2:cluster-network-kmp-default-4.4.121-92.95.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP2:cluster-network-kmp-default-4.4.121-92.95.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP2:dlm-kmp-default-4.4.121-92.95.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP2:dlm-kmp-default-4.4.121-92.95.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP2:dlm-kmp-default-4.4.121-92.95.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP2:gfs2-kmp-default-4.4.121-92.95.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP2:gfs2-kmp-default-4.4.121-92.95.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP2:gfs2-kmp-default-4.4.121-92.95.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP2:ocfs2-kmp-default-4.4.121-92.95.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP2:ocfs2-kmp-default-4.4.121-92.95.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP2:ocfs2-kmp-default-4.4.121-92.95.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-default-4.4.121-92.95.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-default-base-4.4.121-92.95.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-default-devel-4.4.121-92.95.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-devel-4.4.121-92.95.1.noarch", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-macros-4.4.121-92.95.1.noarch", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-source-4.4.121-92.95.1.noarch", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-syms-4.4.121-92.95.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:lttng-modules-2.7.1-9.6.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:lttng-modules-kmp-default-2.7.1_k4.4.121_92.95-9.6.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-4.4.121-92.95.1.ppc64le", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-4.4.121-92.95.1.s390x", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-4.4.121-92.95.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-base-4.4.121-92.95.1.ppc64le", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-base-4.4.121-92.95.1.s390x", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-base-4.4.121-92.95.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-devel-4.4.121-92.95.1.ppc64le", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-devel-4.4.121-92.95.1.s390x", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-devel-4.4.121-92.95.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-man-4.4.121-92.95.1.s390x", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-devel-4.4.121-92.95.1.noarch", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-macros-4.4.121-92.95.1.noarch", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-source-4.4.121-92.95.1.noarch", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-syms-4.4.121-92.95.1.ppc64le", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-syms-4.4.121-92.95.1.s390x", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-syms-4.4.121-92.95.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-LTSS:kgraft-patch-4_4_121-92_95-default-1-3.4.1.ppc64le", "SUSE Linux Enterprise Server 12 SP2-LTSS:kgraft-patch-4_4_121-92_95-default-1-3.4.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-LTSS:lttng-modules-2.7.1-9.6.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-LTSS:lttng-modules-kmp-default-2.7.1_k4.4.121_92.95-9.6.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-4.4.121-92.95.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-4.4.121-92.95.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-base-4.4.121-92.95.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-base-4.4.121-92.95.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-devel-4.4.121-92.95.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-devel-4.4.121-92.95.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-devel-4.4.121-92.95.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-macros-4.4.121-92.95.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-source-4.4.121-92.95.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-syms-4.4.121-92.95.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-syms-4.4.121-92.95.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kgraft-patch-4_4_121-92_95-default-1-3.4.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kgraft-patch-4_4_121-92_95-default-1-3.4.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:lttng-modules-2.7.1-9.6.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:lttng-modules-kmp-default-2.7.1_k4.4.121_92.95-9.6.1.x86_64", "SUSE OpenStack Cloud 7:kernel-default-4.4.121-92.95.1.s390x", "SUSE OpenStack Cloud 7:kernel-default-4.4.121-92.95.1.x86_64", "SUSE OpenStack Cloud 7:kernel-default-base-4.4.121-92.95.1.s390x", "SUSE OpenStack Cloud 7:kernel-default-base-4.4.121-92.95.1.x86_64", "SUSE OpenStack Cloud 7:kernel-default-devel-4.4.121-92.95.1.s390x", "SUSE OpenStack Cloud 7:kernel-default-devel-4.4.121-92.95.1.x86_64", "SUSE OpenStack Cloud 7:kernel-default-man-4.4.121-92.95.1.s390x", "SUSE OpenStack Cloud 7:kernel-devel-4.4.121-92.95.1.noarch", "SUSE OpenStack Cloud 7:kernel-macros-4.4.121-92.95.1.noarch", "SUSE OpenStack Cloud 7:kernel-source-4.4.121-92.95.1.noarch", "SUSE OpenStack Cloud 7:kernel-syms-4.4.121-92.95.1.s390x", "SUSE OpenStack Cloud 7:kernel-syms-4.4.121-92.95.1.x86_64", "SUSE OpenStack Cloud 7:kgraft-patch-4_4_121-92_95-default-1-3.4.1.x86_64", "SUSE OpenStack Cloud 7:lttng-modules-2.7.1-9.6.1.x86_64", "SUSE OpenStack Cloud 7:lttng-modules-kmp-default-2.7.1_k4.4.121_92.95-9.6.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2018-10883", url: "https://www.suse.com/security/cve/CVE-2018-10883", }, { category: "external", summary: "SUSE Bug 1087082 for CVE-2018-10883", url: "https://bugzilla.suse.com/1087082", }, { category: "external", summary: "SUSE Bug 1099863 for CVE-2018-10883", url: "https://bugzilla.suse.com/1099863", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE Enterprise Storage 4:kernel-default-4.4.121-92.95.1.x86_64", "SUSE Enterprise Storage 4:kernel-default-base-4.4.121-92.95.1.x86_64", "SUSE Enterprise Storage 4:kernel-default-devel-4.4.121-92.95.1.x86_64", "SUSE Enterprise Storage 4:kernel-devel-4.4.121-92.95.1.noarch", "SUSE Enterprise Storage 4:kernel-macros-4.4.121-92.95.1.noarch", "SUSE Enterprise Storage 4:kernel-source-4.4.121-92.95.1.noarch", "SUSE Enterprise Storage 4:kernel-syms-4.4.121-92.95.1.x86_64", "SUSE Enterprise Storage 4:kgraft-patch-4_4_121-92_95-default-1-3.4.1.x86_64", "SUSE Enterprise Storage 4:lttng-modules-2.7.1-9.6.1.x86_64", "SUSE Enterprise Storage 4:lttng-modules-kmp-default-2.7.1_k4.4.121_92.95-9.6.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP2:cluster-md-kmp-default-4.4.121-92.95.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP2:cluster-md-kmp-default-4.4.121-92.95.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP2:cluster-md-kmp-default-4.4.121-92.95.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP2:cluster-network-kmp-default-4.4.121-92.95.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP2:cluster-network-kmp-default-4.4.121-92.95.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP2:cluster-network-kmp-default-4.4.121-92.95.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP2:dlm-kmp-default-4.4.121-92.95.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP2:dlm-kmp-default-4.4.121-92.95.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP2:dlm-kmp-default-4.4.121-92.95.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP2:gfs2-kmp-default-4.4.121-92.95.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP2:gfs2-kmp-default-4.4.121-92.95.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP2:gfs2-kmp-default-4.4.121-92.95.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP2:ocfs2-kmp-default-4.4.121-92.95.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP2:ocfs2-kmp-default-4.4.121-92.95.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP2:ocfs2-kmp-default-4.4.121-92.95.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-default-4.4.121-92.95.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-default-base-4.4.121-92.95.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-default-devel-4.4.121-92.95.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-devel-4.4.121-92.95.1.noarch", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-macros-4.4.121-92.95.1.noarch", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-source-4.4.121-92.95.1.noarch", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-syms-4.4.121-92.95.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:lttng-modules-2.7.1-9.6.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:lttng-modules-kmp-default-2.7.1_k4.4.121_92.95-9.6.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-4.4.121-92.95.1.ppc64le", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-4.4.121-92.95.1.s390x", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-4.4.121-92.95.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-base-4.4.121-92.95.1.ppc64le", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-base-4.4.121-92.95.1.s390x", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-base-4.4.121-92.95.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-devel-4.4.121-92.95.1.ppc64le", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-devel-4.4.121-92.95.1.s390x", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-devel-4.4.121-92.95.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-man-4.4.121-92.95.1.s390x", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-devel-4.4.121-92.95.1.noarch", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-macros-4.4.121-92.95.1.noarch", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-source-4.4.121-92.95.1.noarch", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-syms-4.4.121-92.95.1.ppc64le", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-syms-4.4.121-92.95.1.s390x", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-syms-4.4.121-92.95.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-LTSS:kgraft-patch-4_4_121-92_95-default-1-3.4.1.ppc64le", "SUSE Linux Enterprise Server 12 SP2-LTSS:kgraft-patch-4_4_121-92_95-default-1-3.4.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-LTSS:lttng-modules-2.7.1-9.6.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-LTSS:lttng-modules-kmp-default-2.7.1_k4.4.121_92.95-9.6.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-4.4.121-92.95.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-4.4.121-92.95.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-base-4.4.121-92.95.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-base-4.4.121-92.95.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-devel-4.4.121-92.95.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-devel-4.4.121-92.95.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-devel-4.4.121-92.95.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-macros-4.4.121-92.95.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-source-4.4.121-92.95.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-syms-4.4.121-92.95.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-syms-4.4.121-92.95.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kgraft-patch-4_4_121-92_95-default-1-3.4.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kgraft-patch-4_4_121-92_95-default-1-3.4.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:lttng-modules-2.7.1-9.6.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:lttng-modules-kmp-default-2.7.1_k4.4.121_92.95-9.6.1.x86_64", "SUSE OpenStack Cloud 7:kernel-default-4.4.121-92.95.1.s390x", "SUSE OpenStack Cloud 7:kernel-default-4.4.121-92.95.1.x86_64", "SUSE OpenStack Cloud 7:kernel-default-base-4.4.121-92.95.1.s390x", "SUSE OpenStack Cloud 7:kernel-default-base-4.4.121-92.95.1.x86_64", "SUSE OpenStack Cloud 7:kernel-default-devel-4.4.121-92.95.1.s390x", "SUSE OpenStack Cloud 7:kernel-default-devel-4.4.121-92.95.1.x86_64", "SUSE OpenStack Cloud 7:kernel-default-man-4.4.121-92.95.1.s390x", "SUSE OpenStack Cloud 7:kernel-devel-4.4.121-92.95.1.noarch", "SUSE OpenStack Cloud 7:kernel-macros-4.4.121-92.95.1.noarch", "SUSE OpenStack Cloud 7:kernel-source-4.4.121-92.95.1.noarch", "SUSE OpenStack Cloud 7:kernel-syms-4.4.121-92.95.1.s390x", "SUSE OpenStack Cloud 7:kernel-syms-4.4.121-92.95.1.x86_64", "SUSE OpenStack Cloud 7:kgraft-patch-4_4_121-92_95-default-1-3.4.1.x86_64", "SUSE OpenStack Cloud 7:lttng-modules-2.7.1-9.6.1.x86_64", "SUSE OpenStack Cloud 7:lttng-modules-kmp-default-2.7.1_k4.4.121_92.95-9.6.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 5, baseSeverity: "MEDIUM", vectorString: "CVSS:3.0/AV:L/AC:L/PR:L/UI:R/S:U/C:N/I:N/A:H", version: "3.0", }, products: [ "SUSE Enterprise Storage 4:kernel-default-4.4.121-92.95.1.x86_64", "SUSE Enterprise Storage 4:kernel-default-base-4.4.121-92.95.1.x86_64", "SUSE Enterprise Storage 4:kernel-default-devel-4.4.121-92.95.1.x86_64", "SUSE Enterprise Storage 4:kernel-devel-4.4.121-92.95.1.noarch", "SUSE Enterprise Storage 4:kernel-macros-4.4.121-92.95.1.noarch", "SUSE Enterprise Storage 4:kernel-source-4.4.121-92.95.1.noarch", "SUSE Enterprise Storage 4:kernel-syms-4.4.121-92.95.1.x86_64", "SUSE Enterprise Storage 4:kgraft-patch-4_4_121-92_95-default-1-3.4.1.x86_64", "SUSE Enterprise Storage 4:lttng-modules-2.7.1-9.6.1.x86_64", "SUSE Enterprise Storage 4:lttng-modules-kmp-default-2.7.1_k4.4.121_92.95-9.6.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP2:cluster-md-kmp-default-4.4.121-92.95.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP2:cluster-md-kmp-default-4.4.121-92.95.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP2:cluster-md-kmp-default-4.4.121-92.95.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP2:cluster-network-kmp-default-4.4.121-92.95.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP2:cluster-network-kmp-default-4.4.121-92.95.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP2:cluster-network-kmp-default-4.4.121-92.95.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP2:dlm-kmp-default-4.4.121-92.95.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP2:dlm-kmp-default-4.4.121-92.95.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP2:dlm-kmp-default-4.4.121-92.95.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP2:gfs2-kmp-default-4.4.121-92.95.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP2:gfs2-kmp-default-4.4.121-92.95.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP2:gfs2-kmp-default-4.4.121-92.95.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP2:ocfs2-kmp-default-4.4.121-92.95.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP2:ocfs2-kmp-default-4.4.121-92.95.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP2:ocfs2-kmp-default-4.4.121-92.95.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-default-4.4.121-92.95.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-default-base-4.4.121-92.95.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-default-devel-4.4.121-92.95.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-devel-4.4.121-92.95.1.noarch", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-macros-4.4.121-92.95.1.noarch", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-source-4.4.121-92.95.1.noarch", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-syms-4.4.121-92.95.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:lttng-modules-2.7.1-9.6.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:lttng-modules-kmp-default-2.7.1_k4.4.121_92.95-9.6.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-4.4.121-92.95.1.ppc64le", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-4.4.121-92.95.1.s390x", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-4.4.121-92.95.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-base-4.4.121-92.95.1.ppc64le", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-base-4.4.121-92.95.1.s390x", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-base-4.4.121-92.95.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-devel-4.4.121-92.95.1.ppc64le", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-devel-4.4.121-92.95.1.s390x", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-devel-4.4.121-92.95.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-man-4.4.121-92.95.1.s390x", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-devel-4.4.121-92.95.1.noarch", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-macros-4.4.121-92.95.1.noarch", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-source-4.4.121-92.95.1.noarch", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-syms-4.4.121-92.95.1.ppc64le", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-syms-4.4.121-92.95.1.s390x", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-syms-4.4.121-92.95.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-LTSS:kgraft-patch-4_4_121-92_95-default-1-3.4.1.ppc64le", "SUSE Linux Enterprise Server 12 SP2-LTSS:kgraft-patch-4_4_121-92_95-default-1-3.4.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-LTSS:lttng-modules-2.7.1-9.6.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-LTSS:lttng-modules-kmp-default-2.7.1_k4.4.121_92.95-9.6.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-4.4.121-92.95.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-4.4.121-92.95.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-base-4.4.121-92.95.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-base-4.4.121-92.95.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-devel-4.4.121-92.95.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-devel-4.4.121-92.95.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-devel-4.4.121-92.95.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-macros-4.4.121-92.95.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-source-4.4.121-92.95.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-syms-4.4.121-92.95.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-syms-4.4.121-92.95.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kgraft-patch-4_4_121-92_95-default-1-3.4.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kgraft-patch-4_4_121-92_95-default-1-3.4.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:lttng-modules-2.7.1-9.6.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:lttng-modules-kmp-default-2.7.1_k4.4.121_92.95-9.6.1.x86_64", "SUSE OpenStack Cloud 7:kernel-default-4.4.121-92.95.1.s390x", "SUSE OpenStack Cloud 7:kernel-default-4.4.121-92.95.1.x86_64", "SUSE OpenStack Cloud 7:kernel-default-base-4.4.121-92.95.1.s390x", "SUSE OpenStack Cloud 7:kernel-default-base-4.4.121-92.95.1.x86_64", "SUSE OpenStack Cloud 7:kernel-default-devel-4.4.121-92.95.1.s390x", "SUSE OpenStack Cloud 7:kernel-default-devel-4.4.121-92.95.1.x86_64", "SUSE OpenStack Cloud 7:kernel-default-man-4.4.121-92.95.1.s390x", "SUSE OpenStack Cloud 7:kernel-devel-4.4.121-92.95.1.noarch", "SUSE OpenStack Cloud 7:kernel-macros-4.4.121-92.95.1.noarch", "SUSE OpenStack Cloud 7:kernel-source-4.4.121-92.95.1.noarch", "SUSE OpenStack Cloud 7:kernel-syms-4.4.121-92.95.1.s390x", "SUSE OpenStack Cloud 7:kernel-syms-4.4.121-92.95.1.x86_64", "SUSE OpenStack Cloud 7:kgraft-patch-4_4_121-92_95-default-1-3.4.1.x86_64", "SUSE OpenStack Cloud 7:lttng-modules-2.7.1-9.6.1.x86_64", "SUSE OpenStack Cloud 7:lttng-modules-kmp-default-2.7.1_k4.4.121_92.95-9.6.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2018-10-09T12:00:14Z", details: "moderate", }, ], title: "CVE-2018-10883", }, { cve: "CVE-2018-10902", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2018-10902", }, ], notes: [ { category: "general", text: "It was found that the raw midi kernel driver does not protect against concurrent access which leads to a double realloc (double free) in snd_rawmidi_input_params() and snd_rawmidi_output_status() which are part of snd_rawmidi_ioctl() handler in rawmidi.c file. A malicious local attacker could possibly use this for privilege escalation.", title: "CVE description", }, ], product_status: { recommended: [ "SUSE Enterprise Storage 4:kernel-default-4.4.121-92.95.1.x86_64", "SUSE Enterprise Storage 4:kernel-default-base-4.4.121-92.95.1.x86_64", "SUSE Enterprise Storage 4:kernel-default-devel-4.4.121-92.95.1.x86_64", "SUSE Enterprise Storage 4:kernel-devel-4.4.121-92.95.1.noarch", "SUSE Enterprise Storage 4:kernel-macros-4.4.121-92.95.1.noarch", "SUSE Enterprise Storage 4:kernel-source-4.4.121-92.95.1.noarch", "SUSE Enterprise Storage 4:kernel-syms-4.4.121-92.95.1.x86_64", "SUSE Enterprise Storage 4:kgraft-patch-4_4_121-92_95-default-1-3.4.1.x86_64", "SUSE Enterprise Storage 4:lttng-modules-2.7.1-9.6.1.x86_64", "SUSE Enterprise Storage 4:lttng-modules-kmp-default-2.7.1_k4.4.121_92.95-9.6.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP2:cluster-md-kmp-default-4.4.121-92.95.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP2:cluster-md-kmp-default-4.4.121-92.95.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP2:cluster-md-kmp-default-4.4.121-92.95.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP2:cluster-network-kmp-default-4.4.121-92.95.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP2:cluster-network-kmp-default-4.4.121-92.95.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP2:cluster-network-kmp-default-4.4.121-92.95.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP2:dlm-kmp-default-4.4.121-92.95.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP2:dlm-kmp-default-4.4.121-92.95.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP2:dlm-kmp-default-4.4.121-92.95.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP2:gfs2-kmp-default-4.4.121-92.95.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP2:gfs2-kmp-default-4.4.121-92.95.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP2:gfs2-kmp-default-4.4.121-92.95.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP2:ocfs2-kmp-default-4.4.121-92.95.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP2:ocfs2-kmp-default-4.4.121-92.95.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP2:ocfs2-kmp-default-4.4.121-92.95.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-default-4.4.121-92.95.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-default-base-4.4.121-92.95.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-default-devel-4.4.121-92.95.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-devel-4.4.121-92.95.1.noarch", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-macros-4.4.121-92.95.1.noarch", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-source-4.4.121-92.95.1.noarch", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-syms-4.4.121-92.95.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:lttng-modules-2.7.1-9.6.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:lttng-modules-kmp-default-2.7.1_k4.4.121_92.95-9.6.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-4.4.121-92.95.1.ppc64le", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-4.4.121-92.95.1.s390x", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-4.4.121-92.95.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-base-4.4.121-92.95.1.ppc64le", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-base-4.4.121-92.95.1.s390x", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-base-4.4.121-92.95.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-devel-4.4.121-92.95.1.ppc64le", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-devel-4.4.121-92.95.1.s390x", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-devel-4.4.121-92.95.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-man-4.4.121-92.95.1.s390x", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-devel-4.4.121-92.95.1.noarch", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-macros-4.4.121-92.95.1.noarch", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-source-4.4.121-92.95.1.noarch", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-syms-4.4.121-92.95.1.ppc64le", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-syms-4.4.121-92.95.1.s390x", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-syms-4.4.121-92.95.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-LTSS:kgraft-patch-4_4_121-92_95-default-1-3.4.1.ppc64le", "SUSE Linux Enterprise Server 12 SP2-LTSS:kgraft-patch-4_4_121-92_95-default-1-3.4.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-LTSS:lttng-modules-2.7.1-9.6.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-LTSS:lttng-modules-kmp-default-2.7.1_k4.4.121_92.95-9.6.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-4.4.121-92.95.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-4.4.121-92.95.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-base-4.4.121-92.95.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-base-4.4.121-92.95.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-devel-4.4.121-92.95.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-devel-4.4.121-92.95.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-devel-4.4.121-92.95.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-macros-4.4.121-92.95.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-source-4.4.121-92.95.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-syms-4.4.121-92.95.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-syms-4.4.121-92.95.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kgraft-patch-4_4_121-92_95-default-1-3.4.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kgraft-patch-4_4_121-92_95-default-1-3.4.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:lttng-modules-2.7.1-9.6.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:lttng-modules-kmp-default-2.7.1_k4.4.121_92.95-9.6.1.x86_64", "SUSE OpenStack Cloud 7:kernel-default-4.4.121-92.95.1.s390x", "SUSE OpenStack Cloud 7:kernel-default-4.4.121-92.95.1.x86_64", "SUSE OpenStack Cloud 7:kernel-default-base-4.4.121-92.95.1.s390x", "SUSE OpenStack Cloud 7:kernel-default-base-4.4.121-92.95.1.x86_64", "SUSE OpenStack Cloud 7:kernel-default-devel-4.4.121-92.95.1.s390x", "SUSE OpenStack Cloud 7:kernel-default-devel-4.4.121-92.95.1.x86_64", "SUSE OpenStack Cloud 7:kernel-default-man-4.4.121-92.95.1.s390x", "SUSE OpenStack Cloud 7:kernel-devel-4.4.121-92.95.1.noarch", "SUSE OpenStack Cloud 7:kernel-macros-4.4.121-92.95.1.noarch", "SUSE OpenStack Cloud 7:kernel-source-4.4.121-92.95.1.noarch", "SUSE OpenStack Cloud 7:kernel-syms-4.4.121-92.95.1.s390x", "SUSE OpenStack Cloud 7:kernel-syms-4.4.121-92.95.1.x86_64", "SUSE OpenStack Cloud 7:kgraft-patch-4_4_121-92_95-default-1-3.4.1.x86_64", "SUSE OpenStack Cloud 7:lttng-modules-2.7.1-9.6.1.x86_64", "SUSE OpenStack Cloud 7:lttng-modules-kmp-default-2.7.1_k4.4.121_92.95-9.6.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2018-10902", url: "https://www.suse.com/security/cve/CVE-2018-10902", }, { category: "external", summary: "SUSE Bug 1105322 for CVE-2018-10902", url: "https://bugzilla.suse.com/1105322", }, { category: "external", summary: "SUSE Bug 1105323 for CVE-2018-10902", url: "https://bugzilla.suse.com/1105323", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE Enterprise Storage 4:kernel-default-4.4.121-92.95.1.x86_64", "SUSE Enterprise Storage 4:kernel-default-base-4.4.121-92.95.1.x86_64", "SUSE Enterprise Storage 4:kernel-default-devel-4.4.121-92.95.1.x86_64", "SUSE Enterprise Storage 4:kernel-devel-4.4.121-92.95.1.noarch", "SUSE Enterprise Storage 4:kernel-macros-4.4.121-92.95.1.noarch", "SUSE Enterprise Storage 4:kernel-source-4.4.121-92.95.1.noarch", "SUSE Enterprise Storage 4:kernel-syms-4.4.121-92.95.1.x86_64", "SUSE Enterprise Storage 4:kgraft-patch-4_4_121-92_95-default-1-3.4.1.x86_64", "SUSE Enterprise Storage 4:lttng-modules-2.7.1-9.6.1.x86_64", "SUSE Enterprise Storage 4:lttng-modules-kmp-default-2.7.1_k4.4.121_92.95-9.6.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP2:cluster-md-kmp-default-4.4.121-92.95.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP2:cluster-md-kmp-default-4.4.121-92.95.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP2:cluster-md-kmp-default-4.4.121-92.95.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP2:cluster-network-kmp-default-4.4.121-92.95.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP2:cluster-network-kmp-default-4.4.121-92.95.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP2:cluster-network-kmp-default-4.4.121-92.95.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP2:dlm-kmp-default-4.4.121-92.95.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP2:dlm-kmp-default-4.4.121-92.95.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP2:dlm-kmp-default-4.4.121-92.95.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP2:gfs2-kmp-default-4.4.121-92.95.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP2:gfs2-kmp-default-4.4.121-92.95.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP2:gfs2-kmp-default-4.4.121-92.95.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP2:ocfs2-kmp-default-4.4.121-92.95.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP2:ocfs2-kmp-default-4.4.121-92.95.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP2:ocfs2-kmp-default-4.4.121-92.95.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-default-4.4.121-92.95.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-default-base-4.4.121-92.95.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-default-devel-4.4.121-92.95.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-devel-4.4.121-92.95.1.noarch", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-macros-4.4.121-92.95.1.noarch", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-source-4.4.121-92.95.1.noarch", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-syms-4.4.121-92.95.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:lttng-modules-2.7.1-9.6.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:lttng-modules-kmp-default-2.7.1_k4.4.121_92.95-9.6.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-4.4.121-92.95.1.ppc64le", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-4.4.121-92.95.1.s390x", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-4.4.121-92.95.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-base-4.4.121-92.95.1.ppc64le", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-base-4.4.121-92.95.1.s390x", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-base-4.4.121-92.95.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-devel-4.4.121-92.95.1.ppc64le", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-devel-4.4.121-92.95.1.s390x", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-devel-4.4.121-92.95.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-man-4.4.121-92.95.1.s390x", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-devel-4.4.121-92.95.1.noarch", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-macros-4.4.121-92.95.1.noarch", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-source-4.4.121-92.95.1.noarch", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-syms-4.4.121-92.95.1.ppc64le", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-syms-4.4.121-92.95.1.s390x", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-syms-4.4.121-92.95.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-LTSS:kgraft-patch-4_4_121-92_95-default-1-3.4.1.ppc64le", "SUSE Linux Enterprise Server 12 SP2-LTSS:kgraft-patch-4_4_121-92_95-default-1-3.4.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-LTSS:lttng-modules-2.7.1-9.6.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-LTSS:lttng-modules-kmp-default-2.7.1_k4.4.121_92.95-9.6.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-4.4.121-92.95.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-4.4.121-92.95.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-base-4.4.121-92.95.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-base-4.4.121-92.95.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-devel-4.4.121-92.95.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-devel-4.4.121-92.95.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-devel-4.4.121-92.95.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-macros-4.4.121-92.95.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-source-4.4.121-92.95.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-syms-4.4.121-92.95.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-syms-4.4.121-92.95.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kgraft-patch-4_4_121-92_95-default-1-3.4.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kgraft-patch-4_4_121-92_95-default-1-3.4.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:lttng-modules-2.7.1-9.6.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:lttng-modules-kmp-default-2.7.1_k4.4.121_92.95-9.6.1.x86_64", "SUSE OpenStack Cloud 7:kernel-default-4.4.121-92.95.1.s390x", "SUSE OpenStack Cloud 7:kernel-default-4.4.121-92.95.1.x86_64", "SUSE OpenStack Cloud 7:kernel-default-base-4.4.121-92.95.1.s390x", "SUSE OpenStack Cloud 7:kernel-default-base-4.4.121-92.95.1.x86_64", "SUSE OpenStack Cloud 7:kernel-default-devel-4.4.121-92.95.1.s390x", "SUSE OpenStack Cloud 7:kernel-default-devel-4.4.121-92.95.1.x86_64", "SUSE OpenStack Cloud 7:kernel-default-man-4.4.121-92.95.1.s390x", "SUSE OpenStack Cloud 7:kernel-devel-4.4.121-92.95.1.noarch", "SUSE OpenStack Cloud 7:kernel-macros-4.4.121-92.95.1.noarch", "SUSE OpenStack Cloud 7:kernel-source-4.4.121-92.95.1.noarch", "SUSE OpenStack Cloud 7:kernel-syms-4.4.121-92.95.1.s390x", "SUSE OpenStack Cloud 7:kernel-syms-4.4.121-92.95.1.x86_64", "SUSE OpenStack Cloud 7:kgraft-patch-4_4_121-92_95-default-1-3.4.1.x86_64", "SUSE OpenStack Cloud 7:lttng-modules-2.7.1-9.6.1.x86_64", "SUSE OpenStack Cloud 7:lttng-modules-kmp-default-2.7.1_k4.4.121_92.95-9.6.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 7, baseSeverity: "HIGH", vectorString: "CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H", version: "3.0", }, products: [ "SUSE Enterprise Storage 4:kernel-default-4.4.121-92.95.1.x86_64", "SUSE Enterprise Storage 4:kernel-default-base-4.4.121-92.95.1.x86_64", "SUSE Enterprise Storage 4:kernel-default-devel-4.4.121-92.95.1.x86_64", "SUSE Enterprise Storage 4:kernel-devel-4.4.121-92.95.1.noarch", "SUSE Enterprise Storage 4:kernel-macros-4.4.121-92.95.1.noarch", "SUSE Enterprise Storage 4:kernel-source-4.4.121-92.95.1.noarch", "SUSE Enterprise Storage 4:kernel-syms-4.4.121-92.95.1.x86_64", "SUSE Enterprise Storage 4:kgraft-patch-4_4_121-92_95-default-1-3.4.1.x86_64", "SUSE Enterprise Storage 4:lttng-modules-2.7.1-9.6.1.x86_64", "SUSE Enterprise Storage 4:lttng-modules-kmp-default-2.7.1_k4.4.121_92.95-9.6.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP2:cluster-md-kmp-default-4.4.121-92.95.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP2:cluster-md-kmp-default-4.4.121-92.95.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP2:cluster-md-kmp-default-4.4.121-92.95.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP2:cluster-network-kmp-default-4.4.121-92.95.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP2:cluster-network-kmp-default-4.4.121-92.95.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP2:cluster-network-kmp-default-4.4.121-92.95.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP2:dlm-kmp-default-4.4.121-92.95.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP2:dlm-kmp-default-4.4.121-92.95.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP2:dlm-kmp-default-4.4.121-92.95.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP2:gfs2-kmp-default-4.4.121-92.95.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP2:gfs2-kmp-default-4.4.121-92.95.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP2:gfs2-kmp-default-4.4.121-92.95.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP2:ocfs2-kmp-default-4.4.121-92.95.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP2:ocfs2-kmp-default-4.4.121-92.95.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP2:ocfs2-kmp-default-4.4.121-92.95.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-default-4.4.121-92.95.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-default-base-4.4.121-92.95.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-default-devel-4.4.121-92.95.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-devel-4.4.121-92.95.1.noarch", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-macros-4.4.121-92.95.1.noarch", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-source-4.4.121-92.95.1.noarch", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-syms-4.4.121-92.95.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:lttng-modules-2.7.1-9.6.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:lttng-modules-kmp-default-2.7.1_k4.4.121_92.95-9.6.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-4.4.121-92.95.1.ppc64le", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-4.4.121-92.95.1.s390x", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-4.4.121-92.95.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-base-4.4.121-92.95.1.ppc64le", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-base-4.4.121-92.95.1.s390x", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-base-4.4.121-92.95.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-devel-4.4.121-92.95.1.ppc64le", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-devel-4.4.121-92.95.1.s390x", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-devel-4.4.121-92.95.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-man-4.4.121-92.95.1.s390x", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-devel-4.4.121-92.95.1.noarch", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-macros-4.4.121-92.95.1.noarch", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-source-4.4.121-92.95.1.noarch", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-syms-4.4.121-92.95.1.ppc64le", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-syms-4.4.121-92.95.1.s390x", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-syms-4.4.121-92.95.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-LTSS:kgraft-patch-4_4_121-92_95-default-1-3.4.1.ppc64le", "SUSE Linux Enterprise Server 12 SP2-LTSS:kgraft-patch-4_4_121-92_95-default-1-3.4.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-LTSS:lttng-modules-2.7.1-9.6.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-LTSS:lttng-modules-kmp-default-2.7.1_k4.4.121_92.95-9.6.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-4.4.121-92.95.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-4.4.121-92.95.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-base-4.4.121-92.95.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-base-4.4.121-92.95.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-devel-4.4.121-92.95.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-devel-4.4.121-92.95.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-devel-4.4.121-92.95.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-macros-4.4.121-92.95.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-source-4.4.121-92.95.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-syms-4.4.121-92.95.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-syms-4.4.121-92.95.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kgraft-patch-4_4_121-92_95-default-1-3.4.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kgraft-patch-4_4_121-92_95-default-1-3.4.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:lttng-modules-2.7.1-9.6.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:lttng-modules-kmp-default-2.7.1_k4.4.121_92.95-9.6.1.x86_64", "SUSE OpenStack Cloud 7:kernel-default-4.4.121-92.95.1.s390x", "SUSE OpenStack Cloud 7:kernel-default-4.4.121-92.95.1.x86_64", "SUSE OpenStack Cloud 7:kernel-default-base-4.4.121-92.95.1.s390x", "SUSE OpenStack Cloud 7:kernel-default-base-4.4.121-92.95.1.x86_64", "SUSE OpenStack Cloud 7:kernel-default-devel-4.4.121-92.95.1.s390x", "SUSE OpenStack Cloud 7:kernel-default-devel-4.4.121-92.95.1.x86_64", "SUSE OpenStack Cloud 7:kernel-default-man-4.4.121-92.95.1.s390x", "SUSE OpenStack Cloud 7:kernel-devel-4.4.121-92.95.1.noarch", "SUSE OpenStack Cloud 7:kernel-macros-4.4.121-92.95.1.noarch", "SUSE OpenStack Cloud 7:kernel-source-4.4.121-92.95.1.noarch", "SUSE OpenStack Cloud 7:kernel-syms-4.4.121-92.95.1.s390x", "SUSE OpenStack Cloud 7:kernel-syms-4.4.121-92.95.1.x86_64", "SUSE OpenStack Cloud 7:kgraft-patch-4_4_121-92_95-default-1-3.4.1.x86_64", "SUSE OpenStack Cloud 7:lttng-modules-2.7.1-9.6.1.x86_64", "SUSE OpenStack Cloud 7:lttng-modules-kmp-default-2.7.1_k4.4.121_92.95-9.6.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2018-10-09T12:00:14Z", details: "moderate", }, ], title: "CVE-2018-10902", }, { cve: "CVE-2018-10938", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2018-10938", }, ], notes: [ { category: "general", text: "A flaw was found in the Linux kernel present since v4.0-rc1 and through v4.13-rc4. A crafted network packet sent remotely by an attacker may force the kernel to enter an infinite loop in the cipso_v4_optptr() function in net/ipv4/cipso_ipv4.c leading to a denial-of-service. A certain non-default configuration of LSM (Linux Security Module) and NetLabel should be set up on a system before an attacker could leverage this flaw.", title: "CVE description", }, ], product_status: { recommended: [ "SUSE Enterprise Storage 4:kernel-default-4.4.121-92.95.1.x86_64", "SUSE Enterprise Storage 4:kernel-default-base-4.4.121-92.95.1.x86_64", "SUSE Enterprise Storage 4:kernel-default-devel-4.4.121-92.95.1.x86_64", "SUSE Enterprise Storage 4:kernel-devel-4.4.121-92.95.1.noarch", "SUSE Enterprise Storage 4:kernel-macros-4.4.121-92.95.1.noarch", "SUSE Enterprise Storage 4:kernel-source-4.4.121-92.95.1.noarch", "SUSE Enterprise Storage 4:kernel-syms-4.4.121-92.95.1.x86_64", "SUSE Enterprise Storage 4:kgraft-patch-4_4_121-92_95-default-1-3.4.1.x86_64", "SUSE Enterprise Storage 4:lttng-modules-2.7.1-9.6.1.x86_64", "SUSE Enterprise Storage 4:lttng-modules-kmp-default-2.7.1_k4.4.121_92.95-9.6.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP2:cluster-md-kmp-default-4.4.121-92.95.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP2:cluster-md-kmp-default-4.4.121-92.95.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP2:cluster-md-kmp-default-4.4.121-92.95.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP2:cluster-network-kmp-default-4.4.121-92.95.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP2:cluster-network-kmp-default-4.4.121-92.95.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP2:cluster-network-kmp-default-4.4.121-92.95.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP2:dlm-kmp-default-4.4.121-92.95.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP2:dlm-kmp-default-4.4.121-92.95.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP2:dlm-kmp-default-4.4.121-92.95.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP2:gfs2-kmp-default-4.4.121-92.95.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP2:gfs2-kmp-default-4.4.121-92.95.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP2:gfs2-kmp-default-4.4.121-92.95.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP2:ocfs2-kmp-default-4.4.121-92.95.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP2:ocfs2-kmp-default-4.4.121-92.95.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP2:ocfs2-kmp-default-4.4.121-92.95.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-default-4.4.121-92.95.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-default-base-4.4.121-92.95.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-default-devel-4.4.121-92.95.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-devel-4.4.121-92.95.1.noarch", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-macros-4.4.121-92.95.1.noarch", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-source-4.4.121-92.95.1.noarch", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-syms-4.4.121-92.95.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:lttng-modules-2.7.1-9.6.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:lttng-modules-kmp-default-2.7.1_k4.4.121_92.95-9.6.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-4.4.121-92.95.1.ppc64le", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-4.4.121-92.95.1.s390x", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-4.4.121-92.95.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-base-4.4.121-92.95.1.ppc64le", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-base-4.4.121-92.95.1.s390x", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-base-4.4.121-92.95.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-devel-4.4.121-92.95.1.ppc64le", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-devel-4.4.121-92.95.1.s390x", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-devel-4.4.121-92.95.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-man-4.4.121-92.95.1.s390x", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-devel-4.4.121-92.95.1.noarch", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-macros-4.4.121-92.95.1.noarch", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-source-4.4.121-92.95.1.noarch", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-syms-4.4.121-92.95.1.ppc64le", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-syms-4.4.121-92.95.1.s390x", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-syms-4.4.121-92.95.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-LTSS:kgraft-patch-4_4_121-92_95-default-1-3.4.1.ppc64le", "SUSE Linux Enterprise Server 12 SP2-LTSS:kgraft-patch-4_4_121-92_95-default-1-3.4.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-LTSS:lttng-modules-2.7.1-9.6.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-LTSS:lttng-modules-kmp-default-2.7.1_k4.4.121_92.95-9.6.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-4.4.121-92.95.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-4.4.121-92.95.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-base-4.4.121-92.95.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-base-4.4.121-92.95.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-devel-4.4.121-92.95.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-devel-4.4.121-92.95.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-devel-4.4.121-92.95.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-macros-4.4.121-92.95.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-source-4.4.121-92.95.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-syms-4.4.121-92.95.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-syms-4.4.121-92.95.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kgraft-patch-4_4_121-92_95-default-1-3.4.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kgraft-patch-4_4_121-92_95-default-1-3.4.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:lttng-modules-2.7.1-9.6.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:lttng-modules-kmp-default-2.7.1_k4.4.121_92.95-9.6.1.x86_64", "SUSE OpenStack Cloud 7:kernel-default-4.4.121-92.95.1.s390x", "SUSE OpenStack Cloud 7:kernel-default-4.4.121-92.95.1.x86_64", "SUSE OpenStack Cloud 7:kernel-default-base-4.4.121-92.95.1.s390x", "SUSE OpenStack Cloud 7:kernel-default-base-4.4.121-92.95.1.x86_64", "SUSE OpenStack Cloud 7:kernel-default-devel-4.4.121-92.95.1.s390x", "SUSE OpenStack Cloud 7:kernel-default-devel-4.4.121-92.95.1.x86_64", "SUSE OpenStack Cloud 7:kernel-default-man-4.4.121-92.95.1.s390x", "SUSE OpenStack Cloud 7:kernel-devel-4.4.121-92.95.1.noarch", "SUSE OpenStack Cloud 7:kernel-macros-4.4.121-92.95.1.noarch", "SUSE OpenStack Cloud 7:kernel-source-4.4.121-92.95.1.noarch", "SUSE OpenStack Cloud 7:kernel-syms-4.4.121-92.95.1.s390x", "SUSE OpenStack Cloud 7:kernel-syms-4.4.121-92.95.1.x86_64", "SUSE OpenStack Cloud 7:kgraft-patch-4_4_121-92_95-default-1-3.4.1.x86_64", "SUSE OpenStack Cloud 7:lttng-modules-2.7.1-9.6.1.x86_64", "SUSE OpenStack Cloud 7:lttng-modules-kmp-default-2.7.1_k4.4.121_92.95-9.6.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2018-10938", url: "https://www.suse.com/security/cve/CVE-2018-10938", }, { category: "external", summary: "SUSE Bug 1106016 for CVE-2018-10938", url: "https://bugzilla.suse.com/1106016", }, { category: "external", summary: "SUSE Bug 1106191 for CVE-2018-10938", url: "https://bugzilla.suse.com/1106191", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE Enterprise Storage 4:kernel-default-4.4.121-92.95.1.x86_64", "SUSE Enterprise Storage 4:kernel-default-base-4.4.121-92.95.1.x86_64", "SUSE Enterprise Storage 4:kernel-default-devel-4.4.121-92.95.1.x86_64", "SUSE Enterprise Storage 4:kernel-devel-4.4.121-92.95.1.noarch", "SUSE Enterprise Storage 4:kernel-macros-4.4.121-92.95.1.noarch", "SUSE Enterprise Storage 4:kernel-source-4.4.121-92.95.1.noarch", "SUSE Enterprise Storage 4:kernel-syms-4.4.121-92.95.1.x86_64", "SUSE Enterprise Storage 4:kgraft-patch-4_4_121-92_95-default-1-3.4.1.x86_64", "SUSE Enterprise Storage 4:lttng-modules-2.7.1-9.6.1.x86_64", "SUSE Enterprise Storage 4:lttng-modules-kmp-default-2.7.1_k4.4.121_92.95-9.6.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP2:cluster-md-kmp-default-4.4.121-92.95.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP2:cluster-md-kmp-default-4.4.121-92.95.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP2:cluster-md-kmp-default-4.4.121-92.95.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP2:cluster-network-kmp-default-4.4.121-92.95.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP2:cluster-network-kmp-default-4.4.121-92.95.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP2:cluster-network-kmp-default-4.4.121-92.95.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP2:dlm-kmp-default-4.4.121-92.95.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP2:dlm-kmp-default-4.4.121-92.95.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP2:dlm-kmp-default-4.4.121-92.95.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP2:gfs2-kmp-default-4.4.121-92.95.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP2:gfs2-kmp-default-4.4.121-92.95.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP2:gfs2-kmp-default-4.4.121-92.95.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP2:ocfs2-kmp-default-4.4.121-92.95.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP2:ocfs2-kmp-default-4.4.121-92.95.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP2:ocfs2-kmp-default-4.4.121-92.95.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-default-4.4.121-92.95.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-default-base-4.4.121-92.95.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-default-devel-4.4.121-92.95.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-devel-4.4.121-92.95.1.noarch", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-macros-4.4.121-92.95.1.noarch", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-source-4.4.121-92.95.1.noarch", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-syms-4.4.121-92.95.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:lttng-modules-2.7.1-9.6.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:lttng-modules-kmp-default-2.7.1_k4.4.121_92.95-9.6.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-4.4.121-92.95.1.ppc64le", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-4.4.121-92.95.1.s390x", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-4.4.121-92.95.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-base-4.4.121-92.95.1.ppc64le", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-base-4.4.121-92.95.1.s390x", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-base-4.4.121-92.95.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-devel-4.4.121-92.95.1.ppc64le", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-devel-4.4.121-92.95.1.s390x", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-devel-4.4.121-92.95.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-man-4.4.121-92.95.1.s390x", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-devel-4.4.121-92.95.1.noarch", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-macros-4.4.121-92.95.1.noarch", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-source-4.4.121-92.95.1.noarch", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-syms-4.4.121-92.95.1.ppc64le", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-syms-4.4.121-92.95.1.s390x", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-syms-4.4.121-92.95.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-LTSS:kgraft-patch-4_4_121-92_95-default-1-3.4.1.ppc64le", "SUSE Linux Enterprise Server 12 SP2-LTSS:kgraft-patch-4_4_121-92_95-default-1-3.4.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-LTSS:lttng-modules-2.7.1-9.6.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-LTSS:lttng-modules-kmp-default-2.7.1_k4.4.121_92.95-9.6.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-4.4.121-92.95.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-4.4.121-92.95.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-base-4.4.121-92.95.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-base-4.4.121-92.95.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-devel-4.4.121-92.95.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-devel-4.4.121-92.95.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-devel-4.4.121-92.95.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-macros-4.4.121-92.95.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-source-4.4.121-92.95.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-syms-4.4.121-92.95.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-syms-4.4.121-92.95.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kgraft-patch-4_4_121-92_95-default-1-3.4.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kgraft-patch-4_4_121-92_95-default-1-3.4.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:lttng-modules-2.7.1-9.6.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:lttng-modules-kmp-default-2.7.1_k4.4.121_92.95-9.6.1.x86_64", "SUSE OpenStack Cloud 7:kernel-default-4.4.121-92.95.1.s390x", "SUSE OpenStack Cloud 7:kernel-default-4.4.121-92.95.1.x86_64", "SUSE OpenStack Cloud 7:kernel-default-base-4.4.121-92.95.1.s390x", "SUSE OpenStack Cloud 7:kernel-default-base-4.4.121-92.95.1.x86_64", "SUSE OpenStack Cloud 7:kernel-default-devel-4.4.121-92.95.1.s390x", "SUSE OpenStack Cloud 7:kernel-default-devel-4.4.121-92.95.1.x86_64", "SUSE OpenStack Cloud 7:kernel-default-man-4.4.121-92.95.1.s390x", "SUSE OpenStack Cloud 7:kernel-devel-4.4.121-92.95.1.noarch", "SUSE OpenStack Cloud 7:kernel-macros-4.4.121-92.95.1.noarch", "SUSE OpenStack Cloud 7:kernel-source-4.4.121-92.95.1.noarch", "SUSE OpenStack Cloud 7:kernel-syms-4.4.121-92.95.1.s390x", "SUSE OpenStack Cloud 7:kernel-syms-4.4.121-92.95.1.x86_64", "SUSE OpenStack Cloud 7:kgraft-patch-4_4_121-92_95-default-1-3.4.1.x86_64", "SUSE OpenStack Cloud 7:lttng-modules-2.7.1-9.6.1.x86_64", "SUSE OpenStack Cloud 7:lttng-modules-kmp-default-2.7.1_k4.4.121_92.95-9.6.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 7.5, baseSeverity: "HIGH", vectorString: "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", version: "3.0", }, products: [ "SUSE Enterprise Storage 4:kernel-default-4.4.121-92.95.1.x86_64", "SUSE Enterprise Storage 4:kernel-default-base-4.4.121-92.95.1.x86_64", "SUSE Enterprise Storage 4:kernel-default-devel-4.4.121-92.95.1.x86_64", "SUSE Enterprise Storage 4:kernel-devel-4.4.121-92.95.1.noarch", "SUSE Enterprise Storage 4:kernel-macros-4.4.121-92.95.1.noarch", "SUSE Enterprise Storage 4:kernel-source-4.4.121-92.95.1.noarch", "SUSE Enterprise Storage 4:kernel-syms-4.4.121-92.95.1.x86_64", "SUSE Enterprise Storage 4:kgraft-patch-4_4_121-92_95-default-1-3.4.1.x86_64", "SUSE Enterprise Storage 4:lttng-modules-2.7.1-9.6.1.x86_64", "SUSE Enterprise Storage 4:lttng-modules-kmp-default-2.7.1_k4.4.121_92.95-9.6.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP2:cluster-md-kmp-default-4.4.121-92.95.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP2:cluster-md-kmp-default-4.4.121-92.95.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP2:cluster-md-kmp-default-4.4.121-92.95.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP2:cluster-network-kmp-default-4.4.121-92.95.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP2:cluster-network-kmp-default-4.4.121-92.95.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP2:cluster-network-kmp-default-4.4.121-92.95.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP2:dlm-kmp-default-4.4.121-92.95.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP2:dlm-kmp-default-4.4.121-92.95.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP2:dlm-kmp-default-4.4.121-92.95.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP2:gfs2-kmp-default-4.4.121-92.95.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP2:gfs2-kmp-default-4.4.121-92.95.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP2:gfs2-kmp-default-4.4.121-92.95.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP2:ocfs2-kmp-default-4.4.121-92.95.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP2:ocfs2-kmp-default-4.4.121-92.95.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP2:ocfs2-kmp-default-4.4.121-92.95.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-default-4.4.121-92.95.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-default-base-4.4.121-92.95.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-default-devel-4.4.121-92.95.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-devel-4.4.121-92.95.1.noarch", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-macros-4.4.121-92.95.1.noarch", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-source-4.4.121-92.95.1.noarch", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-syms-4.4.121-92.95.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:lttng-modules-2.7.1-9.6.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:lttng-modules-kmp-default-2.7.1_k4.4.121_92.95-9.6.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-4.4.121-92.95.1.ppc64le", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-4.4.121-92.95.1.s390x", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-4.4.121-92.95.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-base-4.4.121-92.95.1.ppc64le", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-base-4.4.121-92.95.1.s390x", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-base-4.4.121-92.95.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-devel-4.4.121-92.95.1.ppc64le", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-devel-4.4.121-92.95.1.s390x", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-devel-4.4.121-92.95.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-man-4.4.121-92.95.1.s390x", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-devel-4.4.121-92.95.1.noarch", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-macros-4.4.121-92.95.1.noarch", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-source-4.4.121-92.95.1.noarch", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-syms-4.4.121-92.95.1.ppc64le", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-syms-4.4.121-92.95.1.s390x", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-syms-4.4.121-92.95.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-LTSS:kgraft-patch-4_4_121-92_95-default-1-3.4.1.ppc64le", "SUSE Linux Enterprise Server 12 SP2-LTSS:kgraft-patch-4_4_121-92_95-default-1-3.4.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-LTSS:lttng-modules-2.7.1-9.6.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-LTSS:lttng-modules-kmp-default-2.7.1_k4.4.121_92.95-9.6.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-4.4.121-92.95.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-4.4.121-92.95.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-base-4.4.121-92.95.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-base-4.4.121-92.95.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-devel-4.4.121-92.95.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-devel-4.4.121-92.95.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-devel-4.4.121-92.95.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-macros-4.4.121-92.95.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-source-4.4.121-92.95.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-syms-4.4.121-92.95.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-syms-4.4.121-92.95.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kgraft-patch-4_4_121-92_95-default-1-3.4.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kgraft-patch-4_4_121-92_95-default-1-3.4.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:lttng-modules-2.7.1-9.6.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:lttng-modules-kmp-default-2.7.1_k4.4.121_92.95-9.6.1.x86_64", "SUSE OpenStack Cloud 7:kernel-default-4.4.121-92.95.1.s390x", "SUSE OpenStack Cloud 7:kernel-default-4.4.121-92.95.1.x86_64", "SUSE OpenStack Cloud 7:kernel-default-base-4.4.121-92.95.1.s390x", "SUSE OpenStack Cloud 7:kernel-default-base-4.4.121-92.95.1.x86_64", "SUSE OpenStack Cloud 7:kernel-default-devel-4.4.121-92.95.1.s390x", "SUSE OpenStack Cloud 7:kernel-default-devel-4.4.121-92.95.1.x86_64", "SUSE OpenStack Cloud 7:kernel-default-man-4.4.121-92.95.1.s390x", "SUSE OpenStack Cloud 7:kernel-devel-4.4.121-92.95.1.noarch", "SUSE OpenStack Cloud 7:kernel-macros-4.4.121-92.95.1.noarch", "SUSE OpenStack Cloud 7:kernel-source-4.4.121-92.95.1.noarch", "SUSE OpenStack Cloud 7:kernel-syms-4.4.121-92.95.1.s390x", "SUSE OpenStack Cloud 7:kernel-syms-4.4.121-92.95.1.x86_64", "SUSE OpenStack Cloud 7:kgraft-patch-4_4_121-92_95-default-1-3.4.1.x86_64", "SUSE OpenStack Cloud 7:lttng-modules-2.7.1-9.6.1.x86_64", "SUSE OpenStack Cloud 7:lttng-modules-kmp-default-2.7.1_k4.4.121_92.95-9.6.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2018-10-09T12:00:14Z", details: "important", }, ], title: "CVE-2018-10938", }, { cve: "CVE-2018-10940", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2018-10940", }, ], notes: [ { category: "general", text: "The cdrom_ioctl_media_changed function in drivers/cdrom/cdrom.c in the Linux kernel before 4.16.6 allows local attackers to use a incorrect bounds check in the CDROM driver CDROM_MEDIA_CHANGED ioctl to read out kernel memory.", title: "CVE description", }, ], product_status: { recommended: [ "SUSE Enterprise Storage 4:kernel-default-4.4.121-92.95.1.x86_64", "SUSE Enterprise Storage 4:kernel-default-base-4.4.121-92.95.1.x86_64", "SUSE Enterprise Storage 4:kernel-default-devel-4.4.121-92.95.1.x86_64", "SUSE Enterprise Storage 4:kernel-devel-4.4.121-92.95.1.noarch", "SUSE Enterprise Storage 4:kernel-macros-4.4.121-92.95.1.noarch", "SUSE Enterprise Storage 4:kernel-source-4.4.121-92.95.1.noarch", "SUSE Enterprise Storage 4:kernel-syms-4.4.121-92.95.1.x86_64", "SUSE Enterprise Storage 4:kgraft-patch-4_4_121-92_95-default-1-3.4.1.x86_64", "SUSE Enterprise Storage 4:lttng-modules-2.7.1-9.6.1.x86_64", "SUSE Enterprise Storage 4:lttng-modules-kmp-default-2.7.1_k4.4.121_92.95-9.6.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP2:cluster-md-kmp-default-4.4.121-92.95.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP2:cluster-md-kmp-default-4.4.121-92.95.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP2:cluster-md-kmp-default-4.4.121-92.95.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP2:cluster-network-kmp-default-4.4.121-92.95.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP2:cluster-network-kmp-default-4.4.121-92.95.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP2:cluster-network-kmp-default-4.4.121-92.95.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP2:dlm-kmp-default-4.4.121-92.95.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP2:dlm-kmp-default-4.4.121-92.95.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP2:dlm-kmp-default-4.4.121-92.95.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP2:gfs2-kmp-default-4.4.121-92.95.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP2:gfs2-kmp-default-4.4.121-92.95.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP2:gfs2-kmp-default-4.4.121-92.95.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP2:ocfs2-kmp-default-4.4.121-92.95.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP2:ocfs2-kmp-default-4.4.121-92.95.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP2:ocfs2-kmp-default-4.4.121-92.95.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-default-4.4.121-92.95.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-default-base-4.4.121-92.95.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-default-devel-4.4.121-92.95.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-devel-4.4.121-92.95.1.noarch", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-macros-4.4.121-92.95.1.noarch", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-source-4.4.121-92.95.1.noarch", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-syms-4.4.121-92.95.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:lttng-modules-2.7.1-9.6.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:lttng-modules-kmp-default-2.7.1_k4.4.121_92.95-9.6.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-4.4.121-92.95.1.ppc64le", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-4.4.121-92.95.1.s390x", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-4.4.121-92.95.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-base-4.4.121-92.95.1.ppc64le", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-base-4.4.121-92.95.1.s390x", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-base-4.4.121-92.95.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-devel-4.4.121-92.95.1.ppc64le", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-devel-4.4.121-92.95.1.s390x", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-devel-4.4.121-92.95.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-man-4.4.121-92.95.1.s390x", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-devel-4.4.121-92.95.1.noarch", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-macros-4.4.121-92.95.1.noarch", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-source-4.4.121-92.95.1.noarch", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-syms-4.4.121-92.95.1.ppc64le", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-syms-4.4.121-92.95.1.s390x", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-syms-4.4.121-92.95.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-LTSS:kgraft-patch-4_4_121-92_95-default-1-3.4.1.ppc64le", "SUSE Linux Enterprise Server 12 SP2-LTSS:kgraft-patch-4_4_121-92_95-default-1-3.4.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-LTSS:lttng-modules-2.7.1-9.6.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-LTSS:lttng-modules-kmp-default-2.7.1_k4.4.121_92.95-9.6.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-4.4.121-92.95.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-4.4.121-92.95.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-base-4.4.121-92.95.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-base-4.4.121-92.95.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-devel-4.4.121-92.95.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-devel-4.4.121-92.95.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-devel-4.4.121-92.95.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-macros-4.4.121-92.95.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-source-4.4.121-92.95.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-syms-4.4.121-92.95.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-syms-4.4.121-92.95.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kgraft-patch-4_4_121-92_95-default-1-3.4.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kgraft-patch-4_4_121-92_95-default-1-3.4.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:lttng-modules-2.7.1-9.6.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:lttng-modules-kmp-default-2.7.1_k4.4.121_92.95-9.6.1.x86_64", "SUSE OpenStack Cloud 7:kernel-default-4.4.121-92.95.1.s390x", "SUSE OpenStack Cloud 7:kernel-default-4.4.121-92.95.1.x86_64", "SUSE OpenStack Cloud 7:kernel-default-base-4.4.121-92.95.1.s390x", "SUSE OpenStack Cloud 7:kernel-default-base-4.4.121-92.95.1.x86_64", "SUSE OpenStack Cloud 7:kernel-default-devel-4.4.121-92.95.1.s390x", "SUSE OpenStack Cloud 7:kernel-default-devel-4.4.121-92.95.1.x86_64", "SUSE OpenStack Cloud 7:kernel-default-man-4.4.121-92.95.1.s390x", "SUSE OpenStack Cloud 7:kernel-devel-4.4.121-92.95.1.noarch", "SUSE OpenStack Cloud 7:kernel-macros-4.4.121-92.95.1.noarch", "SUSE OpenStack Cloud 7:kernel-source-4.4.121-92.95.1.noarch", "SUSE OpenStack Cloud 7:kernel-syms-4.4.121-92.95.1.s390x", "SUSE OpenStack Cloud 7:kernel-syms-4.4.121-92.95.1.x86_64", "SUSE OpenStack Cloud 7:kgraft-patch-4_4_121-92_95-default-1-3.4.1.x86_64", "SUSE OpenStack Cloud 7:lttng-modules-2.7.1-9.6.1.x86_64", "SUSE OpenStack Cloud 7:lttng-modules-kmp-default-2.7.1_k4.4.121_92.95-9.6.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2018-10940", url: "https://www.suse.com/security/cve/CVE-2018-10940", }, { category: "external", summary: "SUSE Bug 1087082 for CVE-2018-10940", url: "https://bugzilla.suse.com/1087082", }, { category: "external", summary: "SUSE Bug 1092903 for CVE-2018-10940", url: "https://bugzilla.suse.com/1092903", }, { category: "external", summary: "SUSE Bug 1107689 for CVE-2018-10940", url: "https://bugzilla.suse.com/1107689", }, { category: "external", summary: "SUSE Bug 1113751 for CVE-2018-10940", url: "https://bugzilla.suse.com/1113751", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE Enterprise Storage 4:kernel-default-4.4.121-92.95.1.x86_64", "SUSE Enterprise Storage 4:kernel-default-base-4.4.121-92.95.1.x86_64", "SUSE Enterprise Storage 4:kernel-default-devel-4.4.121-92.95.1.x86_64", "SUSE Enterprise Storage 4:kernel-devel-4.4.121-92.95.1.noarch", "SUSE Enterprise Storage 4:kernel-macros-4.4.121-92.95.1.noarch", "SUSE Enterprise Storage 4:kernel-source-4.4.121-92.95.1.noarch", "SUSE Enterprise Storage 4:kernel-syms-4.4.121-92.95.1.x86_64", "SUSE Enterprise Storage 4:kgraft-patch-4_4_121-92_95-default-1-3.4.1.x86_64", "SUSE Enterprise Storage 4:lttng-modules-2.7.1-9.6.1.x86_64", "SUSE Enterprise Storage 4:lttng-modules-kmp-default-2.7.1_k4.4.121_92.95-9.6.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP2:cluster-md-kmp-default-4.4.121-92.95.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP2:cluster-md-kmp-default-4.4.121-92.95.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP2:cluster-md-kmp-default-4.4.121-92.95.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP2:cluster-network-kmp-default-4.4.121-92.95.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP2:cluster-network-kmp-default-4.4.121-92.95.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP2:cluster-network-kmp-default-4.4.121-92.95.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP2:dlm-kmp-default-4.4.121-92.95.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP2:dlm-kmp-default-4.4.121-92.95.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP2:dlm-kmp-default-4.4.121-92.95.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP2:gfs2-kmp-default-4.4.121-92.95.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP2:gfs2-kmp-default-4.4.121-92.95.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP2:gfs2-kmp-default-4.4.121-92.95.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP2:ocfs2-kmp-default-4.4.121-92.95.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP2:ocfs2-kmp-default-4.4.121-92.95.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP2:ocfs2-kmp-default-4.4.121-92.95.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-default-4.4.121-92.95.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-default-base-4.4.121-92.95.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-default-devel-4.4.121-92.95.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-devel-4.4.121-92.95.1.noarch", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-macros-4.4.121-92.95.1.noarch", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-source-4.4.121-92.95.1.noarch", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-syms-4.4.121-92.95.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:lttng-modules-2.7.1-9.6.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:lttng-modules-kmp-default-2.7.1_k4.4.121_92.95-9.6.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-4.4.121-92.95.1.ppc64le", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-4.4.121-92.95.1.s390x", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-4.4.121-92.95.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-base-4.4.121-92.95.1.ppc64le", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-base-4.4.121-92.95.1.s390x", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-base-4.4.121-92.95.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-devel-4.4.121-92.95.1.ppc64le", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-devel-4.4.121-92.95.1.s390x", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-devel-4.4.121-92.95.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-man-4.4.121-92.95.1.s390x", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-devel-4.4.121-92.95.1.noarch", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-macros-4.4.121-92.95.1.noarch", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-source-4.4.121-92.95.1.noarch", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-syms-4.4.121-92.95.1.ppc64le", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-syms-4.4.121-92.95.1.s390x", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-syms-4.4.121-92.95.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-LTSS:kgraft-patch-4_4_121-92_95-default-1-3.4.1.ppc64le", "SUSE Linux Enterprise Server 12 SP2-LTSS:kgraft-patch-4_4_121-92_95-default-1-3.4.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-LTSS:lttng-modules-2.7.1-9.6.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-LTSS:lttng-modules-kmp-default-2.7.1_k4.4.121_92.95-9.6.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-4.4.121-92.95.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-4.4.121-92.95.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-base-4.4.121-92.95.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-base-4.4.121-92.95.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-devel-4.4.121-92.95.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-devel-4.4.121-92.95.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-devel-4.4.121-92.95.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-macros-4.4.121-92.95.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-source-4.4.121-92.95.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-syms-4.4.121-92.95.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-syms-4.4.121-92.95.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kgraft-patch-4_4_121-92_95-default-1-3.4.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kgraft-patch-4_4_121-92_95-default-1-3.4.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:lttng-modules-2.7.1-9.6.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:lttng-modules-kmp-default-2.7.1_k4.4.121_92.95-9.6.1.x86_64", "SUSE OpenStack Cloud 7:kernel-default-4.4.121-92.95.1.s390x", "SUSE OpenStack Cloud 7:kernel-default-4.4.121-92.95.1.x86_64", "SUSE OpenStack Cloud 7:kernel-default-base-4.4.121-92.95.1.s390x", "SUSE OpenStack Cloud 7:kernel-default-base-4.4.121-92.95.1.x86_64", "SUSE OpenStack Cloud 7:kernel-default-devel-4.4.121-92.95.1.s390x", "SUSE OpenStack Cloud 7:kernel-default-devel-4.4.121-92.95.1.x86_64", "SUSE OpenStack Cloud 7:kernel-default-man-4.4.121-92.95.1.s390x", "SUSE OpenStack Cloud 7:kernel-devel-4.4.121-92.95.1.noarch", "SUSE OpenStack Cloud 7:kernel-macros-4.4.121-92.95.1.noarch", "SUSE OpenStack Cloud 7:kernel-source-4.4.121-92.95.1.noarch", "SUSE OpenStack Cloud 7:kernel-syms-4.4.121-92.95.1.s390x", "SUSE OpenStack Cloud 7:kernel-syms-4.4.121-92.95.1.x86_64", "SUSE OpenStack Cloud 7:kgraft-patch-4_4_121-92_95-default-1-3.4.1.x86_64", "SUSE OpenStack Cloud 7:lttng-modules-2.7.1-9.6.1.x86_64", "SUSE OpenStack Cloud 7:lttng-modules-kmp-default-2.7.1_k4.4.121_92.95-9.6.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 6.2, baseSeverity: "MEDIUM", vectorString: "CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N", version: "3.0", }, products: [ "SUSE Enterprise Storage 4:kernel-default-4.4.121-92.95.1.x86_64", "SUSE Enterprise Storage 4:kernel-default-base-4.4.121-92.95.1.x86_64", "SUSE Enterprise Storage 4:kernel-default-devel-4.4.121-92.95.1.x86_64", "SUSE Enterprise Storage 4:kernel-devel-4.4.121-92.95.1.noarch", "SUSE Enterprise Storage 4:kernel-macros-4.4.121-92.95.1.noarch", "SUSE Enterprise Storage 4:kernel-source-4.4.121-92.95.1.noarch", "SUSE Enterprise Storage 4:kernel-syms-4.4.121-92.95.1.x86_64", "SUSE Enterprise Storage 4:kgraft-patch-4_4_121-92_95-default-1-3.4.1.x86_64", "SUSE Enterprise Storage 4:lttng-modules-2.7.1-9.6.1.x86_64", "SUSE Enterprise Storage 4:lttng-modules-kmp-default-2.7.1_k4.4.121_92.95-9.6.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP2:cluster-md-kmp-default-4.4.121-92.95.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP2:cluster-md-kmp-default-4.4.121-92.95.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP2:cluster-md-kmp-default-4.4.121-92.95.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP2:cluster-network-kmp-default-4.4.121-92.95.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP2:cluster-network-kmp-default-4.4.121-92.95.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP2:cluster-network-kmp-default-4.4.121-92.95.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP2:dlm-kmp-default-4.4.121-92.95.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP2:dlm-kmp-default-4.4.121-92.95.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP2:dlm-kmp-default-4.4.121-92.95.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP2:gfs2-kmp-default-4.4.121-92.95.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP2:gfs2-kmp-default-4.4.121-92.95.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP2:gfs2-kmp-default-4.4.121-92.95.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP2:ocfs2-kmp-default-4.4.121-92.95.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP2:ocfs2-kmp-default-4.4.121-92.95.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP2:ocfs2-kmp-default-4.4.121-92.95.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-default-4.4.121-92.95.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-default-base-4.4.121-92.95.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-default-devel-4.4.121-92.95.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-devel-4.4.121-92.95.1.noarch", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-macros-4.4.121-92.95.1.noarch", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-source-4.4.121-92.95.1.noarch", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-syms-4.4.121-92.95.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:lttng-modules-2.7.1-9.6.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:lttng-modules-kmp-default-2.7.1_k4.4.121_92.95-9.6.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-4.4.121-92.95.1.ppc64le", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-4.4.121-92.95.1.s390x", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-4.4.121-92.95.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-base-4.4.121-92.95.1.ppc64le", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-base-4.4.121-92.95.1.s390x", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-base-4.4.121-92.95.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-devel-4.4.121-92.95.1.ppc64le", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-devel-4.4.121-92.95.1.s390x", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-devel-4.4.121-92.95.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-man-4.4.121-92.95.1.s390x", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-devel-4.4.121-92.95.1.noarch", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-macros-4.4.121-92.95.1.noarch", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-source-4.4.121-92.95.1.noarch", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-syms-4.4.121-92.95.1.ppc64le", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-syms-4.4.121-92.95.1.s390x", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-syms-4.4.121-92.95.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-LTSS:kgraft-patch-4_4_121-92_95-default-1-3.4.1.ppc64le", "SUSE Linux Enterprise Server 12 SP2-LTSS:kgraft-patch-4_4_121-92_95-default-1-3.4.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-LTSS:lttng-modules-2.7.1-9.6.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-LTSS:lttng-modules-kmp-default-2.7.1_k4.4.121_92.95-9.6.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-4.4.121-92.95.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-4.4.121-92.95.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-base-4.4.121-92.95.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-base-4.4.121-92.95.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-devel-4.4.121-92.95.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-devel-4.4.121-92.95.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-devel-4.4.121-92.95.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-macros-4.4.121-92.95.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-source-4.4.121-92.95.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-syms-4.4.121-92.95.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-syms-4.4.121-92.95.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kgraft-patch-4_4_121-92_95-default-1-3.4.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kgraft-patch-4_4_121-92_95-default-1-3.4.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:lttng-modules-2.7.1-9.6.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:lttng-modules-kmp-default-2.7.1_k4.4.121_92.95-9.6.1.x86_64", "SUSE OpenStack Cloud 7:kernel-default-4.4.121-92.95.1.s390x", "SUSE OpenStack Cloud 7:kernel-default-4.4.121-92.95.1.x86_64", "SUSE OpenStack Cloud 7:kernel-default-base-4.4.121-92.95.1.s390x", "SUSE OpenStack Cloud 7:kernel-default-base-4.4.121-92.95.1.x86_64", "SUSE OpenStack Cloud 7:kernel-default-devel-4.4.121-92.95.1.s390x", "SUSE OpenStack Cloud 7:kernel-default-devel-4.4.121-92.95.1.x86_64", "SUSE OpenStack Cloud 7:kernel-default-man-4.4.121-92.95.1.s390x", "SUSE OpenStack Cloud 7:kernel-devel-4.4.121-92.95.1.noarch", "SUSE OpenStack Cloud 7:kernel-macros-4.4.121-92.95.1.noarch", "SUSE OpenStack Cloud 7:kernel-source-4.4.121-92.95.1.noarch", "SUSE OpenStack Cloud 7:kernel-syms-4.4.121-92.95.1.s390x", "SUSE OpenStack Cloud 7:kernel-syms-4.4.121-92.95.1.x86_64", "SUSE OpenStack Cloud 7:kgraft-patch-4_4_121-92_95-default-1-3.4.1.x86_64", "SUSE OpenStack Cloud 7:lttng-modules-2.7.1-9.6.1.x86_64", "SUSE OpenStack Cloud 7:lttng-modules-kmp-default-2.7.1_k4.4.121_92.95-9.6.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2018-10-09T12:00:14Z", details: "moderate", }, ], title: "CVE-2018-10940", }, { cve: "CVE-2018-12896", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2018-12896", }, ], notes: [ { category: "general", text: "An issue was discovered in the Linux kernel through 4.17.3. An Integer Overflow in kernel/time/posix-timers.c in the POSIX timer code is caused by the way the overrun accounting works. Depending on interval and expiry time values, the overrun can be larger than INT_MAX, but the accounting is int based. This basically makes the accounting values, which are visible to user space via timer_getoverrun(2) and siginfo::si_overrun, random. For example, a local user can cause a denial of service (signed integer overflow) via crafted mmap, futex, timer_create, and timer_settime system calls.", title: "CVE description", }, ], product_status: { recommended: [ "SUSE Enterprise Storage 4:kernel-default-4.4.121-92.95.1.x86_64", "SUSE Enterprise Storage 4:kernel-default-base-4.4.121-92.95.1.x86_64", "SUSE Enterprise Storage 4:kernel-default-devel-4.4.121-92.95.1.x86_64", "SUSE Enterprise Storage 4:kernel-devel-4.4.121-92.95.1.noarch", "SUSE Enterprise Storage 4:kernel-macros-4.4.121-92.95.1.noarch", "SUSE Enterprise Storage 4:kernel-source-4.4.121-92.95.1.noarch", "SUSE Enterprise Storage 4:kernel-syms-4.4.121-92.95.1.x86_64", "SUSE Enterprise Storage 4:kgraft-patch-4_4_121-92_95-default-1-3.4.1.x86_64", "SUSE Enterprise Storage 4:lttng-modules-2.7.1-9.6.1.x86_64", "SUSE Enterprise Storage 4:lttng-modules-kmp-default-2.7.1_k4.4.121_92.95-9.6.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP2:cluster-md-kmp-default-4.4.121-92.95.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP2:cluster-md-kmp-default-4.4.121-92.95.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP2:cluster-md-kmp-default-4.4.121-92.95.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP2:cluster-network-kmp-default-4.4.121-92.95.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP2:cluster-network-kmp-default-4.4.121-92.95.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP2:cluster-network-kmp-default-4.4.121-92.95.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP2:dlm-kmp-default-4.4.121-92.95.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP2:dlm-kmp-default-4.4.121-92.95.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP2:dlm-kmp-default-4.4.121-92.95.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP2:gfs2-kmp-default-4.4.121-92.95.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP2:gfs2-kmp-default-4.4.121-92.95.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP2:gfs2-kmp-default-4.4.121-92.95.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP2:ocfs2-kmp-default-4.4.121-92.95.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP2:ocfs2-kmp-default-4.4.121-92.95.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP2:ocfs2-kmp-default-4.4.121-92.95.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-default-4.4.121-92.95.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-default-base-4.4.121-92.95.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-default-devel-4.4.121-92.95.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-devel-4.4.121-92.95.1.noarch", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-macros-4.4.121-92.95.1.noarch", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-source-4.4.121-92.95.1.noarch", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-syms-4.4.121-92.95.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:lttng-modules-2.7.1-9.6.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:lttng-modules-kmp-default-2.7.1_k4.4.121_92.95-9.6.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-4.4.121-92.95.1.ppc64le", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-4.4.121-92.95.1.s390x", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-4.4.121-92.95.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-base-4.4.121-92.95.1.ppc64le", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-base-4.4.121-92.95.1.s390x", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-base-4.4.121-92.95.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-devel-4.4.121-92.95.1.ppc64le", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-devel-4.4.121-92.95.1.s390x", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-devel-4.4.121-92.95.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-man-4.4.121-92.95.1.s390x", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-devel-4.4.121-92.95.1.noarch", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-macros-4.4.121-92.95.1.noarch", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-source-4.4.121-92.95.1.noarch", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-syms-4.4.121-92.95.1.ppc64le", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-syms-4.4.121-92.95.1.s390x", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-syms-4.4.121-92.95.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-LTSS:kgraft-patch-4_4_121-92_95-default-1-3.4.1.ppc64le", "SUSE Linux Enterprise Server 12 SP2-LTSS:kgraft-patch-4_4_121-92_95-default-1-3.4.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-LTSS:lttng-modules-2.7.1-9.6.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-LTSS:lttng-modules-kmp-default-2.7.1_k4.4.121_92.95-9.6.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-4.4.121-92.95.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-4.4.121-92.95.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-base-4.4.121-92.95.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-base-4.4.121-92.95.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-devel-4.4.121-92.95.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-devel-4.4.121-92.95.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-devel-4.4.121-92.95.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-macros-4.4.121-92.95.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-source-4.4.121-92.95.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-syms-4.4.121-92.95.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-syms-4.4.121-92.95.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kgraft-patch-4_4_121-92_95-default-1-3.4.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kgraft-patch-4_4_121-92_95-default-1-3.4.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:lttng-modules-2.7.1-9.6.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:lttng-modules-kmp-default-2.7.1_k4.4.121_92.95-9.6.1.x86_64", "SUSE OpenStack Cloud 7:kernel-default-4.4.121-92.95.1.s390x", "SUSE OpenStack Cloud 7:kernel-default-4.4.121-92.95.1.x86_64", "SUSE OpenStack Cloud 7:kernel-default-base-4.4.121-92.95.1.s390x", "SUSE OpenStack Cloud 7:kernel-default-base-4.4.121-92.95.1.x86_64", "SUSE OpenStack Cloud 7:kernel-default-devel-4.4.121-92.95.1.s390x", "SUSE OpenStack Cloud 7:kernel-default-devel-4.4.121-92.95.1.x86_64", "SUSE OpenStack Cloud 7:kernel-default-man-4.4.121-92.95.1.s390x", "SUSE OpenStack Cloud 7:kernel-devel-4.4.121-92.95.1.noarch", "SUSE OpenStack Cloud 7:kernel-macros-4.4.121-92.95.1.noarch", "SUSE OpenStack Cloud 7:kernel-source-4.4.121-92.95.1.noarch", "SUSE OpenStack Cloud 7:kernel-syms-4.4.121-92.95.1.s390x", "SUSE OpenStack Cloud 7:kernel-syms-4.4.121-92.95.1.x86_64", "SUSE OpenStack Cloud 7:kgraft-patch-4_4_121-92_95-default-1-3.4.1.x86_64", "SUSE OpenStack Cloud 7:lttng-modules-2.7.1-9.6.1.x86_64", "SUSE OpenStack Cloud 7:lttng-modules-kmp-default-2.7.1_k4.4.121_92.95-9.6.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2018-12896", url: "https://www.suse.com/security/cve/CVE-2018-12896", }, { category: "external", summary: "SUSE Bug 1099922 for CVE-2018-12896", url: "https://bugzilla.suse.com/1099922", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE Enterprise Storage 4:kernel-default-4.4.121-92.95.1.x86_64", "SUSE Enterprise Storage 4:kernel-default-base-4.4.121-92.95.1.x86_64", "SUSE Enterprise Storage 4:kernel-default-devel-4.4.121-92.95.1.x86_64", "SUSE Enterprise Storage 4:kernel-devel-4.4.121-92.95.1.noarch", "SUSE Enterprise Storage 4:kernel-macros-4.4.121-92.95.1.noarch", "SUSE Enterprise Storage 4:kernel-source-4.4.121-92.95.1.noarch", "SUSE Enterprise Storage 4:kernel-syms-4.4.121-92.95.1.x86_64", "SUSE Enterprise Storage 4:kgraft-patch-4_4_121-92_95-default-1-3.4.1.x86_64", "SUSE Enterprise Storage 4:lttng-modules-2.7.1-9.6.1.x86_64", "SUSE Enterprise Storage 4:lttng-modules-kmp-default-2.7.1_k4.4.121_92.95-9.6.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP2:cluster-md-kmp-default-4.4.121-92.95.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP2:cluster-md-kmp-default-4.4.121-92.95.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP2:cluster-md-kmp-default-4.4.121-92.95.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP2:cluster-network-kmp-default-4.4.121-92.95.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP2:cluster-network-kmp-default-4.4.121-92.95.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP2:cluster-network-kmp-default-4.4.121-92.95.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP2:dlm-kmp-default-4.4.121-92.95.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP2:dlm-kmp-default-4.4.121-92.95.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP2:dlm-kmp-default-4.4.121-92.95.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP2:gfs2-kmp-default-4.4.121-92.95.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP2:gfs2-kmp-default-4.4.121-92.95.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP2:gfs2-kmp-default-4.4.121-92.95.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP2:ocfs2-kmp-default-4.4.121-92.95.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP2:ocfs2-kmp-default-4.4.121-92.95.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP2:ocfs2-kmp-default-4.4.121-92.95.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-default-4.4.121-92.95.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-default-base-4.4.121-92.95.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-default-devel-4.4.121-92.95.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-devel-4.4.121-92.95.1.noarch", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-macros-4.4.121-92.95.1.noarch", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-source-4.4.121-92.95.1.noarch", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-syms-4.4.121-92.95.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:lttng-modules-2.7.1-9.6.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:lttng-modules-kmp-default-2.7.1_k4.4.121_92.95-9.6.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-4.4.121-92.95.1.ppc64le", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-4.4.121-92.95.1.s390x", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-4.4.121-92.95.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-base-4.4.121-92.95.1.ppc64le", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-base-4.4.121-92.95.1.s390x", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-base-4.4.121-92.95.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-devel-4.4.121-92.95.1.ppc64le", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-devel-4.4.121-92.95.1.s390x", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-devel-4.4.121-92.95.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-man-4.4.121-92.95.1.s390x", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-devel-4.4.121-92.95.1.noarch", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-macros-4.4.121-92.95.1.noarch", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-source-4.4.121-92.95.1.noarch", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-syms-4.4.121-92.95.1.ppc64le", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-syms-4.4.121-92.95.1.s390x", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-syms-4.4.121-92.95.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-LTSS:kgraft-patch-4_4_121-92_95-default-1-3.4.1.ppc64le", "SUSE Linux Enterprise Server 12 SP2-LTSS:kgraft-patch-4_4_121-92_95-default-1-3.4.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-LTSS:lttng-modules-2.7.1-9.6.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-LTSS:lttng-modules-kmp-default-2.7.1_k4.4.121_92.95-9.6.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-4.4.121-92.95.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-4.4.121-92.95.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-base-4.4.121-92.95.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-base-4.4.121-92.95.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-devel-4.4.121-92.95.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-devel-4.4.121-92.95.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-devel-4.4.121-92.95.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-macros-4.4.121-92.95.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-source-4.4.121-92.95.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-syms-4.4.121-92.95.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-syms-4.4.121-92.95.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kgraft-patch-4_4_121-92_95-default-1-3.4.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kgraft-patch-4_4_121-92_95-default-1-3.4.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:lttng-modules-2.7.1-9.6.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:lttng-modules-kmp-default-2.7.1_k4.4.121_92.95-9.6.1.x86_64", "SUSE OpenStack Cloud 7:kernel-default-4.4.121-92.95.1.s390x", "SUSE OpenStack Cloud 7:kernel-default-4.4.121-92.95.1.x86_64", "SUSE OpenStack Cloud 7:kernel-default-base-4.4.121-92.95.1.s390x", "SUSE OpenStack Cloud 7:kernel-default-base-4.4.121-92.95.1.x86_64", "SUSE OpenStack Cloud 7:kernel-default-devel-4.4.121-92.95.1.s390x", "SUSE OpenStack Cloud 7:kernel-default-devel-4.4.121-92.95.1.x86_64", "SUSE OpenStack Cloud 7:kernel-default-man-4.4.121-92.95.1.s390x", "SUSE OpenStack Cloud 7:kernel-devel-4.4.121-92.95.1.noarch", "SUSE OpenStack Cloud 7:kernel-macros-4.4.121-92.95.1.noarch", "SUSE OpenStack Cloud 7:kernel-source-4.4.121-92.95.1.noarch", "SUSE OpenStack Cloud 7:kernel-syms-4.4.121-92.95.1.s390x", "SUSE OpenStack Cloud 7:kernel-syms-4.4.121-92.95.1.x86_64", "SUSE OpenStack Cloud 7:kgraft-patch-4_4_121-92_95-default-1-3.4.1.x86_64", "SUSE OpenStack Cloud 7:lttng-modules-2.7.1-9.6.1.x86_64", "SUSE OpenStack Cloud 7:lttng-modules-kmp-default-2.7.1_k4.4.121_92.95-9.6.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 3.3, baseSeverity: "LOW", vectorString: "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L", version: "3.0", }, products: [ "SUSE Enterprise Storage 4:kernel-default-4.4.121-92.95.1.x86_64", "SUSE Enterprise Storage 4:kernel-default-base-4.4.121-92.95.1.x86_64", "SUSE Enterprise Storage 4:kernel-default-devel-4.4.121-92.95.1.x86_64", "SUSE Enterprise Storage 4:kernel-devel-4.4.121-92.95.1.noarch", "SUSE Enterprise Storage 4:kernel-macros-4.4.121-92.95.1.noarch", "SUSE Enterprise Storage 4:kernel-source-4.4.121-92.95.1.noarch", "SUSE Enterprise Storage 4:kernel-syms-4.4.121-92.95.1.x86_64", "SUSE Enterprise Storage 4:kgraft-patch-4_4_121-92_95-default-1-3.4.1.x86_64", "SUSE Enterprise Storage 4:lttng-modules-2.7.1-9.6.1.x86_64", "SUSE Enterprise Storage 4:lttng-modules-kmp-default-2.7.1_k4.4.121_92.95-9.6.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP2:cluster-md-kmp-default-4.4.121-92.95.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP2:cluster-md-kmp-default-4.4.121-92.95.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP2:cluster-md-kmp-default-4.4.121-92.95.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP2:cluster-network-kmp-default-4.4.121-92.95.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP2:cluster-network-kmp-default-4.4.121-92.95.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP2:cluster-network-kmp-default-4.4.121-92.95.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP2:dlm-kmp-default-4.4.121-92.95.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP2:dlm-kmp-default-4.4.121-92.95.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP2:dlm-kmp-default-4.4.121-92.95.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP2:gfs2-kmp-default-4.4.121-92.95.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP2:gfs2-kmp-default-4.4.121-92.95.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP2:gfs2-kmp-default-4.4.121-92.95.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP2:ocfs2-kmp-default-4.4.121-92.95.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP2:ocfs2-kmp-default-4.4.121-92.95.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP2:ocfs2-kmp-default-4.4.121-92.95.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-default-4.4.121-92.95.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-default-base-4.4.121-92.95.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-default-devel-4.4.121-92.95.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-devel-4.4.121-92.95.1.noarch", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-macros-4.4.121-92.95.1.noarch", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-source-4.4.121-92.95.1.noarch", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-syms-4.4.121-92.95.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:lttng-modules-2.7.1-9.6.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:lttng-modules-kmp-default-2.7.1_k4.4.121_92.95-9.6.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-4.4.121-92.95.1.ppc64le", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-4.4.121-92.95.1.s390x", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-4.4.121-92.95.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-base-4.4.121-92.95.1.ppc64le", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-base-4.4.121-92.95.1.s390x", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-base-4.4.121-92.95.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-devel-4.4.121-92.95.1.ppc64le", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-devel-4.4.121-92.95.1.s390x", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-devel-4.4.121-92.95.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-man-4.4.121-92.95.1.s390x", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-devel-4.4.121-92.95.1.noarch", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-macros-4.4.121-92.95.1.noarch", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-source-4.4.121-92.95.1.noarch", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-syms-4.4.121-92.95.1.ppc64le", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-syms-4.4.121-92.95.1.s390x", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-syms-4.4.121-92.95.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-LTSS:kgraft-patch-4_4_121-92_95-default-1-3.4.1.ppc64le", "SUSE Linux Enterprise Server 12 SP2-LTSS:kgraft-patch-4_4_121-92_95-default-1-3.4.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-LTSS:lttng-modules-2.7.1-9.6.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-LTSS:lttng-modules-kmp-default-2.7.1_k4.4.121_92.95-9.6.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-4.4.121-92.95.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-4.4.121-92.95.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-base-4.4.121-92.95.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-base-4.4.121-92.95.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-devel-4.4.121-92.95.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-devel-4.4.121-92.95.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-devel-4.4.121-92.95.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-macros-4.4.121-92.95.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-source-4.4.121-92.95.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-syms-4.4.121-92.95.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-syms-4.4.121-92.95.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kgraft-patch-4_4_121-92_95-default-1-3.4.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kgraft-patch-4_4_121-92_95-default-1-3.4.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:lttng-modules-2.7.1-9.6.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:lttng-modules-kmp-default-2.7.1_k4.4.121_92.95-9.6.1.x86_64", "SUSE OpenStack Cloud 7:kernel-default-4.4.121-92.95.1.s390x", "SUSE OpenStack Cloud 7:kernel-default-4.4.121-92.95.1.x86_64", "SUSE OpenStack Cloud 7:kernel-default-base-4.4.121-92.95.1.s390x", "SUSE OpenStack Cloud 7:kernel-default-base-4.4.121-92.95.1.x86_64", "SUSE OpenStack Cloud 7:kernel-default-devel-4.4.121-92.95.1.s390x", "SUSE OpenStack Cloud 7:kernel-default-devel-4.4.121-92.95.1.x86_64", "SUSE OpenStack Cloud 7:kernel-default-man-4.4.121-92.95.1.s390x", "SUSE OpenStack Cloud 7:kernel-devel-4.4.121-92.95.1.noarch", "SUSE OpenStack Cloud 7:kernel-macros-4.4.121-92.95.1.noarch", "SUSE OpenStack Cloud 7:kernel-source-4.4.121-92.95.1.noarch", "SUSE OpenStack Cloud 7:kernel-syms-4.4.121-92.95.1.s390x", "SUSE OpenStack Cloud 7:kernel-syms-4.4.121-92.95.1.x86_64", "SUSE OpenStack Cloud 7:kgraft-patch-4_4_121-92_95-default-1-3.4.1.x86_64", "SUSE OpenStack Cloud 7:lttng-modules-2.7.1-9.6.1.x86_64", "SUSE OpenStack Cloud 7:lttng-modules-kmp-default-2.7.1_k4.4.121_92.95-9.6.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2018-10-09T12:00:14Z", details: "low", }, ], title: "CVE-2018-12896", }, { cve: "CVE-2018-13093", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2018-13093", }, ], notes: [ { category: "general", text: "An issue was discovered in fs/xfs/xfs_icache.c in the Linux kernel through 4.17.3. There is a NULL pointer dereference and panic in lookup_slow() on a NULL inode->i_ops pointer when doing pathwalks on a corrupted xfs image. This occurs because of a lack of proper validation that cached inodes are free during allocation.", title: "CVE description", }, ], product_status: { recommended: [ "SUSE Enterprise Storage 4:kernel-default-4.4.121-92.95.1.x86_64", "SUSE Enterprise Storage 4:kernel-default-base-4.4.121-92.95.1.x86_64", "SUSE Enterprise Storage 4:kernel-default-devel-4.4.121-92.95.1.x86_64", "SUSE Enterprise Storage 4:kernel-devel-4.4.121-92.95.1.noarch", "SUSE Enterprise Storage 4:kernel-macros-4.4.121-92.95.1.noarch", "SUSE Enterprise Storage 4:kernel-source-4.4.121-92.95.1.noarch", "SUSE Enterprise Storage 4:kernel-syms-4.4.121-92.95.1.x86_64", "SUSE Enterprise Storage 4:kgraft-patch-4_4_121-92_95-default-1-3.4.1.x86_64", "SUSE Enterprise Storage 4:lttng-modules-2.7.1-9.6.1.x86_64", "SUSE Enterprise Storage 4:lttng-modules-kmp-default-2.7.1_k4.4.121_92.95-9.6.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP2:cluster-md-kmp-default-4.4.121-92.95.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP2:cluster-md-kmp-default-4.4.121-92.95.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP2:cluster-md-kmp-default-4.4.121-92.95.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP2:cluster-network-kmp-default-4.4.121-92.95.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP2:cluster-network-kmp-default-4.4.121-92.95.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP2:cluster-network-kmp-default-4.4.121-92.95.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP2:dlm-kmp-default-4.4.121-92.95.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP2:dlm-kmp-default-4.4.121-92.95.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP2:dlm-kmp-default-4.4.121-92.95.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP2:gfs2-kmp-default-4.4.121-92.95.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP2:gfs2-kmp-default-4.4.121-92.95.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP2:gfs2-kmp-default-4.4.121-92.95.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP2:ocfs2-kmp-default-4.4.121-92.95.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP2:ocfs2-kmp-default-4.4.121-92.95.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP2:ocfs2-kmp-default-4.4.121-92.95.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-default-4.4.121-92.95.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-default-base-4.4.121-92.95.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-default-devel-4.4.121-92.95.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-devel-4.4.121-92.95.1.noarch", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-macros-4.4.121-92.95.1.noarch", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-source-4.4.121-92.95.1.noarch", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-syms-4.4.121-92.95.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:lttng-modules-2.7.1-9.6.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:lttng-modules-kmp-default-2.7.1_k4.4.121_92.95-9.6.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-4.4.121-92.95.1.ppc64le", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-4.4.121-92.95.1.s390x", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-4.4.121-92.95.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-base-4.4.121-92.95.1.ppc64le", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-base-4.4.121-92.95.1.s390x", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-base-4.4.121-92.95.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-devel-4.4.121-92.95.1.ppc64le", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-devel-4.4.121-92.95.1.s390x", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-devel-4.4.121-92.95.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-man-4.4.121-92.95.1.s390x", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-devel-4.4.121-92.95.1.noarch", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-macros-4.4.121-92.95.1.noarch", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-source-4.4.121-92.95.1.noarch", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-syms-4.4.121-92.95.1.ppc64le", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-syms-4.4.121-92.95.1.s390x", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-syms-4.4.121-92.95.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-LTSS:kgraft-patch-4_4_121-92_95-default-1-3.4.1.ppc64le", "SUSE Linux Enterprise Server 12 SP2-LTSS:kgraft-patch-4_4_121-92_95-default-1-3.4.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-LTSS:lttng-modules-2.7.1-9.6.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-LTSS:lttng-modules-kmp-default-2.7.1_k4.4.121_92.95-9.6.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-4.4.121-92.95.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-4.4.121-92.95.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-base-4.4.121-92.95.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-base-4.4.121-92.95.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-devel-4.4.121-92.95.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-devel-4.4.121-92.95.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-devel-4.4.121-92.95.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-macros-4.4.121-92.95.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-source-4.4.121-92.95.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-syms-4.4.121-92.95.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-syms-4.4.121-92.95.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kgraft-patch-4_4_121-92_95-default-1-3.4.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kgraft-patch-4_4_121-92_95-default-1-3.4.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:lttng-modules-2.7.1-9.6.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:lttng-modules-kmp-default-2.7.1_k4.4.121_92.95-9.6.1.x86_64", "SUSE OpenStack Cloud 7:kernel-default-4.4.121-92.95.1.s390x", "SUSE OpenStack Cloud 7:kernel-default-4.4.121-92.95.1.x86_64", "SUSE OpenStack Cloud 7:kernel-default-base-4.4.121-92.95.1.s390x", "SUSE OpenStack Cloud 7:kernel-default-base-4.4.121-92.95.1.x86_64", "SUSE OpenStack Cloud 7:kernel-default-devel-4.4.121-92.95.1.s390x", "SUSE OpenStack Cloud 7:kernel-default-devel-4.4.121-92.95.1.x86_64", "SUSE OpenStack Cloud 7:kernel-default-man-4.4.121-92.95.1.s390x", "SUSE OpenStack Cloud 7:kernel-devel-4.4.121-92.95.1.noarch", "SUSE OpenStack Cloud 7:kernel-macros-4.4.121-92.95.1.noarch", "SUSE OpenStack Cloud 7:kernel-source-4.4.121-92.95.1.noarch", "SUSE OpenStack Cloud 7:kernel-syms-4.4.121-92.95.1.s390x", "SUSE OpenStack Cloud 7:kernel-syms-4.4.121-92.95.1.x86_64", "SUSE OpenStack Cloud 7:kgraft-patch-4_4_121-92_95-default-1-3.4.1.x86_64", "SUSE OpenStack Cloud 7:lttng-modules-2.7.1-9.6.1.x86_64", "SUSE OpenStack Cloud 7:lttng-modules-kmp-default-2.7.1_k4.4.121_92.95-9.6.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2018-13093", url: "https://www.suse.com/security/cve/CVE-2018-13093", }, { category: "external", summary: "SUSE Bug 1100001 for CVE-2018-13093", url: "https://bugzilla.suse.com/1100001", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE Enterprise Storage 4:kernel-default-4.4.121-92.95.1.x86_64", "SUSE Enterprise Storage 4:kernel-default-base-4.4.121-92.95.1.x86_64", "SUSE Enterprise Storage 4:kernel-default-devel-4.4.121-92.95.1.x86_64", "SUSE Enterprise Storage 4:kernel-devel-4.4.121-92.95.1.noarch", "SUSE Enterprise Storage 4:kernel-macros-4.4.121-92.95.1.noarch", "SUSE Enterprise Storage 4:kernel-source-4.4.121-92.95.1.noarch", "SUSE Enterprise Storage 4:kernel-syms-4.4.121-92.95.1.x86_64", "SUSE Enterprise Storage 4:kgraft-patch-4_4_121-92_95-default-1-3.4.1.x86_64", "SUSE Enterprise Storage 4:lttng-modules-2.7.1-9.6.1.x86_64", "SUSE Enterprise Storage 4:lttng-modules-kmp-default-2.7.1_k4.4.121_92.95-9.6.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP2:cluster-md-kmp-default-4.4.121-92.95.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP2:cluster-md-kmp-default-4.4.121-92.95.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP2:cluster-md-kmp-default-4.4.121-92.95.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP2:cluster-network-kmp-default-4.4.121-92.95.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP2:cluster-network-kmp-default-4.4.121-92.95.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP2:cluster-network-kmp-default-4.4.121-92.95.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP2:dlm-kmp-default-4.4.121-92.95.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP2:dlm-kmp-default-4.4.121-92.95.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP2:dlm-kmp-default-4.4.121-92.95.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP2:gfs2-kmp-default-4.4.121-92.95.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP2:gfs2-kmp-default-4.4.121-92.95.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP2:gfs2-kmp-default-4.4.121-92.95.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP2:ocfs2-kmp-default-4.4.121-92.95.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP2:ocfs2-kmp-default-4.4.121-92.95.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP2:ocfs2-kmp-default-4.4.121-92.95.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-default-4.4.121-92.95.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-default-base-4.4.121-92.95.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-default-devel-4.4.121-92.95.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-devel-4.4.121-92.95.1.noarch", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-macros-4.4.121-92.95.1.noarch", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-source-4.4.121-92.95.1.noarch", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-syms-4.4.121-92.95.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:lttng-modules-2.7.1-9.6.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:lttng-modules-kmp-default-2.7.1_k4.4.121_92.95-9.6.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-4.4.121-92.95.1.ppc64le", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-4.4.121-92.95.1.s390x", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-4.4.121-92.95.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-base-4.4.121-92.95.1.ppc64le", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-base-4.4.121-92.95.1.s390x", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-base-4.4.121-92.95.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-devel-4.4.121-92.95.1.ppc64le", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-devel-4.4.121-92.95.1.s390x", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-devel-4.4.121-92.95.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-man-4.4.121-92.95.1.s390x", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-devel-4.4.121-92.95.1.noarch", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-macros-4.4.121-92.95.1.noarch", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-source-4.4.121-92.95.1.noarch", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-syms-4.4.121-92.95.1.ppc64le", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-syms-4.4.121-92.95.1.s390x", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-syms-4.4.121-92.95.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-LTSS:kgraft-patch-4_4_121-92_95-default-1-3.4.1.ppc64le", "SUSE Linux Enterprise Server 12 SP2-LTSS:kgraft-patch-4_4_121-92_95-default-1-3.4.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-LTSS:lttng-modules-2.7.1-9.6.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-LTSS:lttng-modules-kmp-default-2.7.1_k4.4.121_92.95-9.6.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-4.4.121-92.95.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-4.4.121-92.95.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-base-4.4.121-92.95.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-base-4.4.121-92.95.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-devel-4.4.121-92.95.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-devel-4.4.121-92.95.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-devel-4.4.121-92.95.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-macros-4.4.121-92.95.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-source-4.4.121-92.95.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-syms-4.4.121-92.95.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-syms-4.4.121-92.95.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kgraft-patch-4_4_121-92_95-default-1-3.4.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kgraft-patch-4_4_121-92_95-default-1-3.4.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:lttng-modules-2.7.1-9.6.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:lttng-modules-kmp-default-2.7.1_k4.4.121_92.95-9.6.1.x86_64", "SUSE OpenStack Cloud 7:kernel-default-4.4.121-92.95.1.s390x", "SUSE OpenStack Cloud 7:kernel-default-4.4.121-92.95.1.x86_64", "SUSE OpenStack Cloud 7:kernel-default-base-4.4.121-92.95.1.s390x", "SUSE OpenStack Cloud 7:kernel-default-base-4.4.121-92.95.1.x86_64", "SUSE OpenStack Cloud 7:kernel-default-devel-4.4.121-92.95.1.s390x", "SUSE OpenStack Cloud 7:kernel-default-devel-4.4.121-92.95.1.x86_64", "SUSE OpenStack Cloud 7:kernel-default-man-4.4.121-92.95.1.s390x", "SUSE OpenStack Cloud 7:kernel-devel-4.4.121-92.95.1.noarch", "SUSE OpenStack Cloud 7:kernel-macros-4.4.121-92.95.1.noarch", "SUSE OpenStack Cloud 7:kernel-source-4.4.121-92.95.1.noarch", "SUSE OpenStack Cloud 7:kernel-syms-4.4.121-92.95.1.s390x", "SUSE OpenStack Cloud 7:kernel-syms-4.4.121-92.95.1.x86_64", "SUSE OpenStack Cloud 7:kgraft-patch-4_4_121-92_95-default-1-3.4.1.x86_64", "SUSE OpenStack Cloud 7:lttng-modules-2.7.1-9.6.1.x86_64", "SUSE OpenStack Cloud 7:lttng-modules-kmp-default-2.7.1_k4.4.121_92.95-9.6.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 6.1, baseSeverity: "MEDIUM", vectorString: "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:H", version: "3.0", }, products: [ "SUSE Enterprise Storage 4:kernel-default-4.4.121-92.95.1.x86_64", "SUSE Enterprise Storage 4:kernel-default-base-4.4.121-92.95.1.x86_64", "SUSE Enterprise Storage 4:kernel-default-devel-4.4.121-92.95.1.x86_64", "SUSE Enterprise Storage 4:kernel-devel-4.4.121-92.95.1.noarch", "SUSE Enterprise Storage 4:kernel-macros-4.4.121-92.95.1.noarch", "SUSE Enterprise Storage 4:kernel-source-4.4.121-92.95.1.noarch", "SUSE Enterprise Storage 4:kernel-syms-4.4.121-92.95.1.x86_64", "SUSE Enterprise Storage 4:kgraft-patch-4_4_121-92_95-default-1-3.4.1.x86_64", "SUSE Enterprise Storage 4:lttng-modules-2.7.1-9.6.1.x86_64", "SUSE Enterprise Storage 4:lttng-modules-kmp-default-2.7.1_k4.4.121_92.95-9.6.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP2:cluster-md-kmp-default-4.4.121-92.95.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP2:cluster-md-kmp-default-4.4.121-92.95.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP2:cluster-md-kmp-default-4.4.121-92.95.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP2:cluster-network-kmp-default-4.4.121-92.95.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP2:cluster-network-kmp-default-4.4.121-92.95.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP2:cluster-network-kmp-default-4.4.121-92.95.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP2:dlm-kmp-default-4.4.121-92.95.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP2:dlm-kmp-default-4.4.121-92.95.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP2:dlm-kmp-default-4.4.121-92.95.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP2:gfs2-kmp-default-4.4.121-92.95.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP2:gfs2-kmp-default-4.4.121-92.95.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP2:gfs2-kmp-default-4.4.121-92.95.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP2:ocfs2-kmp-default-4.4.121-92.95.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP2:ocfs2-kmp-default-4.4.121-92.95.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP2:ocfs2-kmp-default-4.4.121-92.95.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-default-4.4.121-92.95.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-default-base-4.4.121-92.95.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-default-devel-4.4.121-92.95.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-devel-4.4.121-92.95.1.noarch", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-macros-4.4.121-92.95.1.noarch", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-source-4.4.121-92.95.1.noarch", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-syms-4.4.121-92.95.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:lttng-modules-2.7.1-9.6.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:lttng-modules-kmp-default-2.7.1_k4.4.121_92.95-9.6.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-4.4.121-92.95.1.ppc64le", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-4.4.121-92.95.1.s390x", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-4.4.121-92.95.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-base-4.4.121-92.95.1.ppc64le", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-base-4.4.121-92.95.1.s390x", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-base-4.4.121-92.95.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-devel-4.4.121-92.95.1.ppc64le", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-devel-4.4.121-92.95.1.s390x", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-devel-4.4.121-92.95.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-man-4.4.121-92.95.1.s390x", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-devel-4.4.121-92.95.1.noarch", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-macros-4.4.121-92.95.1.noarch", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-source-4.4.121-92.95.1.noarch", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-syms-4.4.121-92.95.1.ppc64le", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-syms-4.4.121-92.95.1.s390x", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-syms-4.4.121-92.95.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-LTSS:kgraft-patch-4_4_121-92_95-default-1-3.4.1.ppc64le", "SUSE Linux Enterprise Server 12 SP2-LTSS:kgraft-patch-4_4_121-92_95-default-1-3.4.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-LTSS:lttng-modules-2.7.1-9.6.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-LTSS:lttng-modules-kmp-default-2.7.1_k4.4.121_92.95-9.6.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-4.4.121-92.95.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-4.4.121-92.95.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-base-4.4.121-92.95.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-base-4.4.121-92.95.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-devel-4.4.121-92.95.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-devel-4.4.121-92.95.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-devel-4.4.121-92.95.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-macros-4.4.121-92.95.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-source-4.4.121-92.95.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-syms-4.4.121-92.95.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-syms-4.4.121-92.95.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kgraft-patch-4_4_121-92_95-default-1-3.4.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kgraft-patch-4_4_121-92_95-default-1-3.4.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:lttng-modules-2.7.1-9.6.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:lttng-modules-kmp-default-2.7.1_k4.4.121_92.95-9.6.1.x86_64", "SUSE OpenStack Cloud 7:kernel-default-4.4.121-92.95.1.s390x", "SUSE OpenStack Cloud 7:kernel-default-4.4.121-92.95.1.x86_64", "SUSE OpenStack Cloud 7:kernel-default-base-4.4.121-92.95.1.s390x", "SUSE OpenStack Cloud 7:kernel-default-base-4.4.121-92.95.1.x86_64", "SUSE OpenStack Cloud 7:kernel-default-devel-4.4.121-92.95.1.s390x", "SUSE OpenStack Cloud 7:kernel-default-devel-4.4.121-92.95.1.x86_64", "SUSE OpenStack Cloud 7:kernel-default-man-4.4.121-92.95.1.s390x", "SUSE OpenStack Cloud 7:kernel-devel-4.4.121-92.95.1.noarch", "SUSE OpenStack Cloud 7:kernel-macros-4.4.121-92.95.1.noarch", "SUSE OpenStack Cloud 7:kernel-source-4.4.121-92.95.1.noarch", "SUSE OpenStack Cloud 7:kernel-syms-4.4.121-92.95.1.s390x", "SUSE OpenStack Cloud 7:kernel-syms-4.4.121-92.95.1.x86_64", "SUSE OpenStack Cloud 7:kgraft-patch-4_4_121-92_95-default-1-3.4.1.x86_64", "SUSE OpenStack Cloud 7:lttng-modules-2.7.1-9.6.1.x86_64", "SUSE OpenStack Cloud 7:lttng-modules-kmp-default-2.7.1_k4.4.121_92.95-9.6.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2018-10-09T12:00:14Z", details: "moderate", }, ], title: "CVE-2018-13093", }, { cve: "CVE-2018-13094", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2018-13094", }, ], notes: [ { category: "general", text: "An issue was discovered in fs/xfs/libxfs/xfs_attr_leaf.c in the Linux kernel through 4.17.3. An OOPS may occur for a corrupted xfs image after xfs_da_shrink_inode() is called with a NULL bp.", title: "CVE description", }, ], product_status: { recommended: [ "SUSE Enterprise Storage 4:kernel-default-4.4.121-92.95.1.x86_64", "SUSE Enterprise Storage 4:kernel-default-base-4.4.121-92.95.1.x86_64", "SUSE Enterprise Storage 4:kernel-default-devel-4.4.121-92.95.1.x86_64", "SUSE Enterprise Storage 4:kernel-devel-4.4.121-92.95.1.noarch", "SUSE Enterprise Storage 4:kernel-macros-4.4.121-92.95.1.noarch", "SUSE Enterprise Storage 4:kernel-source-4.4.121-92.95.1.noarch", "SUSE Enterprise Storage 4:kernel-syms-4.4.121-92.95.1.x86_64", "SUSE Enterprise Storage 4:kgraft-patch-4_4_121-92_95-default-1-3.4.1.x86_64", "SUSE Enterprise Storage 4:lttng-modules-2.7.1-9.6.1.x86_64", "SUSE Enterprise Storage 4:lttng-modules-kmp-default-2.7.1_k4.4.121_92.95-9.6.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP2:cluster-md-kmp-default-4.4.121-92.95.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP2:cluster-md-kmp-default-4.4.121-92.95.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP2:cluster-md-kmp-default-4.4.121-92.95.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP2:cluster-network-kmp-default-4.4.121-92.95.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP2:cluster-network-kmp-default-4.4.121-92.95.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP2:cluster-network-kmp-default-4.4.121-92.95.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP2:dlm-kmp-default-4.4.121-92.95.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP2:dlm-kmp-default-4.4.121-92.95.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP2:dlm-kmp-default-4.4.121-92.95.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP2:gfs2-kmp-default-4.4.121-92.95.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP2:gfs2-kmp-default-4.4.121-92.95.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP2:gfs2-kmp-default-4.4.121-92.95.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP2:ocfs2-kmp-default-4.4.121-92.95.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP2:ocfs2-kmp-default-4.4.121-92.95.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP2:ocfs2-kmp-default-4.4.121-92.95.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-default-4.4.121-92.95.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-default-base-4.4.121-92.95.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-default-devel-4.4.121-92.95.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-devel-4.4.121-92.95.1.noarch", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-macros-4.4.121-92.95.1.noarch", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-source-4.4.121-92.95.1.noarch", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-syms-4.4.121-92.95.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:lttng-modules-2.7.1-9.6.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:lttng-modules-kmp-default-2.7.1_k4.4.121_92.95-9.6.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-4.4.121-92.95.1.ppc64le", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-4.4.121-92.95.1.s390x", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-4.4.121-92.95.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-base-4.4.121-92.95.1.ppc64le", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-base-4.4.121-92.95.1.s390x", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-base-4.4.121-92.95.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-devel-4.4.121-92.95.1.ppc64le", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-devel-4.4.121-92.95.1.s390x", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-devel-4.4.121-92.95.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-man-4.4.121-92.95.1.s390x", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-devel-4.4.121-92.95.1.noarch", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-macros-4.4.121-92.95.1.noarch", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-source-4.4.121-92.95.1.noarch", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-syms-4.4.121-92.95.1.ppc64le", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-syms-4.4.121-92.95.1.s390x", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-syms-4.4.121-92.95.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-LTSS:kgraft-patch-4_4_121-92_95-default-1-3.4.1.ppc64le", "SUSE Linux Enterprise Server 12 SP2-LTSS:kgraft-patch-4_4_121-92_95-default-1-3.4.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-LTSS:lttng-modules-2.7.1-9.6.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-LTSS:lttng-modules-kmp-default-2.7.1_k4.4.121_92.95-9.6.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-4.4.121-92.95.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-4.4.121-92.95.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-base-4.4.121-92.95.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-base-4.4.121-92.95.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-devel-4.4.121-92.95.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-devel-4.4.121-92.95.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-devel-4.4.121-92.95.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-macros-4.4.121-92.95.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-source-4.4.121-92.95.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-syms-4.4.121-92.95.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-syms-4.4.121-92.95.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kgraft-patch-4_4_121-92_95-default-1-3.4.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kgraft-patch-4_4_121-92_95-default-1-3.4.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:lttng-modules-2.7.1-9.6.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:lttng-modules-kmp-default-2.7.1_k4.4.121_92.95-9.6.1.x86_64", "SUSE OpenStack Cloud 7:kernel-default-4.4.121-92.95.1.s390x", "SUSE OpenStack Cloud 7:kernel-default-4.4.121-92.95.1.x86_64", "SUSE OpenStack Cloud 7:kernel-default-base-4.4.121-92.95.1.s390x", "SUSE OpenStack Cloud 7:kernel-default-base-4.4.121-92.95.1.x86_64", "SUSE OpenStack Cloud 7:kernel-default-devel-4.4.121-92.95.1.s390x", "SUSE OpenStack Cloud 7:kernel-default-devel-4.4.121-92.95.1.x86_64", "SUSE OpenStack Cloud 7:kernel-default-man-4.4.121-92.95.1.s390x", "SUSE OpenStack Cloud 7:kernel-devel-4.4.121-92.95.1.noarch", "SUSE OpenStack Cloud 7:kernel-macros-4.4.121-92.95.1.noarch", "SUSE OpenStack Cloud 7:kernel-source-4.4.121-92.95.1.noarch", "SUSE OpenStack Cloud 7:kernel-syms-4.4.121-92.95.1.s390x", "SUSE OpenStack Cloud 7:kernel-syms-4.4.121-92.95.1.x86_64", "SUSE OpenStack Cloud 7:kgraft-patch-4_4_121-92_95-default-1-3.4.1.x86_64", "SUSE OpenStack Cloud 7:lttng-modules-2.7.1-9.6.1.x86_64", "SUSE OpenStack Cloud 7:lttng-modules-kmp-default-2.7.1_k4.4.121_92.95-9.6.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2018-13094", url: "https://www.suse.com/security/cve/CVE-2018-13094", }, { category: "external", summary: "SUSE Bug 1087082 for CVE-2018-13094", url: "https://bugzilla.suse.com/1087082", }, { category: "external", summary: "SUSE Bug 1100000 for CVE-2018-13094", url: "https://bugzilla.suse.com/1100000", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE Enterprise Storage 4:kernel-default-4.4.121-92.95.1.x86_64", "SUSE Enterprise Storage 4:kernel-default-base-4.4.121-92.95.1.x86_64", "SUSE Enterprise Storage 4:kernel-default-devel-4.4.121-92.95.1.x86_64", "SUSE Enterprise Storage 4:kernel-devel-4.4.121-92.95.1.noarch", "SUSE Enterprise Storage 4:kernel-macros-4.4.121-92.95.1.noarch", "SUSE Enterprise Storage 4:kernel-source-4.4.121-92.95.1.noarch", "SUSE Enterprise Storage 4:kernel-syms-4.4.121-92.95.1.x86_64", "SUSE Enterprise Storage 4:kgraft-patch-4_4_121-92_95-default-1-3.4.1.x86_64", "SUSE Enterprise Storage 4:lttng-modules-2.7.1-9.6.1.x86_64", "SUSE Enterprise Storage 4:lttng-modules-kmp-default-2.7.1_k4.4.121_92.95-9.6.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP2:cluster-md-kmp-default-4.4.121-92.95.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP2:cluster-md-kmp-default-4.4.121-92.95.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP2:cluster-md-kmp-default-4.4.121-92.95.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP2:cluster-network-kmp-default-4.4.121-92.95.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP2:cluster-network-kmp-default-4.4.121-92.95.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP2:cluster-network-kmp-default-4.4.121-92.95.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP2:dlm-kmp-default-4.4.121-92.95.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP2:dlm-kmp-default-4.4.121-92.95.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP2:dlm-kmp-default-4.4.121-92.95.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP2:gfs2-kmp-default-4.4.121-92.95.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP2:gfs2-kmp-default-4.4.121-92.95.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP2:gfs2-kmp-default-4.4.121-92.95.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP2:ocfs2-kmp-default-4.4.121-92.95.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP2:ocfs2-kmp-default-4.4.121-92.95.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP2:ocfs2-kmp-default-4.4.121-92.95.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-default-4.4.121-92.95.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-default-base-4.4.121-92.95.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-default-devel-4.4.121-92.95.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-devel-4.4.121-92.95.1.noarch", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-macros-4.4.121-92.95.1.noarch", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-source-4.4.121-92.95.1.noarch", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-syms-4.4.121-92.95.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:lttng-modules-2.7.1-9.6.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:lttng-modules-kmp-default-2.7.1_k4.4.121_92.95-9.6.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-4.4.121-92.95.1.ppc64le", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-4.4.121-92.95.1.s390x", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-4.4.121-92.95.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-base-4.4.121-92.95.1.ppc64le", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-base-4.4.121-92.95.1.s390x", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-base-4.4.121-92.95.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-devel-4.4.121-92.95.1.ppc64le", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-devel-4.4.121-92.95.1.s390x", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-devel-4.4.121-92.95.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-man-4.4.121-92.95.1.s390x", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-devel-4.4.121-92.95.1.noarch", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-macros-4.4.121-92.95.1.noarch", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-source-4.4.121-92.95.1.noarch", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-syms-4.4.121-92.95.1.ppc64le", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-syms-4.4.121-92.95.1.s390x", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-syms-4.4.121-92.95.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-LTSS:kgraft-patch-4_4_121-92_95-default-1-3.4.1.ppc64le", "SUSE Linux Enterprise Server 12 SP2-LTSS:kgraft-patch-4_4_121-92_95-default-1-3.4.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-LTSS:lttng-modules-2.7.1-9.6.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-LTSS:lttng-modules-kmp-default-2.7.1_k4.4.121_92.95-9.6.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-4.4.121-92.95.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-4.4.121-92.95.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-base-4.4.121-92.95.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-base-4.4.121-92.95.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-devel-4.4.121-92.95.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-devel-4.4.121-92.95.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-devel-4.4.121-92.95.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-macros-4.4.121-92.95.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-source-4.4.121-92.95.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-syms-4.4.121-92.95.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-syms-4.4.121-92.95.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kgraft-patch-4_4_121-92_95-default-1-3.4.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kgraft-patch-4_4_121-92_95-default-1-3.4.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:lttng-modules-2.7.1-9.6.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:lttng-modules-kmp-default-2.7.1_k4.4.121_92.95-9.6.1.x86_64", "SUSE OpenStack Cloud 7:kernel-default-4.4.121-92.95.1.s390x", "SUSE OpenStack Cloud 7:kernel-default-4.4.121-92.95.1.x86_64", "SUSE OpenStack Cloud 7:kernel-default-base-4.4.121-92.95.1.s390x", "SUSE OpenStack Cloud 7:kernel-default-base-4.4.121-92.95.1.x86_64", "SUSE OpenStack Cloud 7:kernel-default-devel-4.4.121-92.95.1.s390x", "SUSE OpenStack Cloud 7:kernel-default-devel-4.4.121-92.95.1.x86_64", "SUSE OpenStack Cloud 7:kernel-default-man-4.4.121-92.95.1.s390x", "SUSE OpenStack Cloud 7:kernel-devel-4.4.121-92.95.1.noarch", "SUSE OpenStack Cloud 7:kernel-macros-4.4.121-92.95.1.noarch", "SUSE OpenStack Cloud 7:kernel-source-4.4.121-92.95.1.noarch", "SUSE OpenStack Cloud 7:kernel-syms-4.4.121-92.95.1.s390x", "SUSE OpenStack Cloud 7:kernel-syms-4.4.121-92.95.1.x86_64", "SUSE OpenStack Cloud 7:kgraft-patch-4_4_121-92_95-default-1-3.4.1.x86_64", "SUSE OpenStack Cloud 7:lttng-modules-2.7.1-9.6.1.x86_64", "SUSE OpenStack Cloud 7:lttng-modules-kmp-default-2.7.1_k4.4.121_92.95-9.6.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 5.5, baseSeverity: "MEDIUM", vectorString: "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H", version: "3.0", }, products: [ "SUSE Enterprise Storage 4:kernel-default-4.4.121-92.95.1.x86_64", "SUSE Enterprise Storage 4:kernel-default-base-4.4.121-92.95.1.x86_64", "SUSE Enterprise Storage 4:kernel-default-devel-4.4.121-92.95.1.x86_64", "SUSE Enterprise Storage 4:kernel-devel-4.4.121-92.95.1.noarch", "SUSE Enterprise Storage 4:kernel-macros-4.4.121-92.95.1.noarch", "SUSE Enterprise Storage 4:kernel-source-4.4.121-92.95.1.noarch", "SUSE Enterprise Storage 4:kernel-syms-4.4.121-92.95.1.x86_64", "SUSE Enterprise Storage 4:kgraft-patch-4_4_121-92_95-default-1-3.4.1.x86_64", "SUSE Enterprise Storage 4:lttng-modules-2.7.1-9.6.1.x86_64", "SUSE Enterprise Storage 4:lttng-modules-kmp-default-2.7.1_k4.4.121_92.95-9.6.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP2:cluster-md-kmp-default-4.4.121-92.95.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP2:cluster-md-kmp-default-4.4.121-92.95.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP2:cluster-md-kmp-default-4.4.121-92.95.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP2:cluster-network-kmp-default-4.4.121-92.95.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP2:cluster-network-kmp-default-4.4.121-92.95.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP2:cluster-network-kmp-default-4.4.121-92.95.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP2:dlm-kmp-default-4.4.121-92.95.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP2:dlm-kmp-default-4.4.121-92.95.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP2:dlm-kmp-default-4.4.121-92.95.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP2:gfs2-kmp-default-4.4.121-92.95.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP2:gfs2-kmp-default-4.4.121-92.95.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP2:gfs2-kmp-default-4.4.121-92.95.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP2:ocfs2-kmp-default-4.4.121-92.95.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP2:ocfs2-kmp-default-4.4.121-92.95.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP2:ocfs2-kmp-default-4.4.121-92.95.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-default-4.4.121-92.95.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-default-base-4.4.121-92.95.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-default-devel-4.4.121-92.95.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-devel-4.4.121-92.95.1.noarch", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-macros-4.4.121-92.95.1.noarch", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-source-4.4.121-92.95.1.noarch", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-syms-4.4.121-92.95.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:lttng-modules-2.7.1-9.6.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:lttng-modules-kmp-default-2.7.1_k4.4.121_92.95-9.6.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-4.4.121-92.95.1.ppc64le", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-4.4.121-92.95.1.s390x", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-4.4.121-92.95.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-base-4.4.121-92.95.1.ppc64le", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-base-4.4.121-92.95.1.s390x", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-base-4.4.121-92.95.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-devel-4.4.121-92.95.1.ppc64le", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-devel-4.4.121-92.95.1.s390x", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-devel-4.4.121-92.95.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-man-4.4.121-92.95.1.s390x", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-devel-4.4.121-92.95.1.noarch", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-macros-4.4.121-92.95.1.noarch", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-source-4.4.121-92.95.1.noarch", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-syms-4.4.121-92.95.1.ppc64le", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-syms-4.4.121-92.95.1.s390x", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-syms-4.4.121-92.95.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-LTSS:kgraft-patch-4_4_121-92_95-default-1-3.4.1.ppc64le", "SUSE Linux Enterprise Server 12 SP2-LTSS:kgraft-patch-4_4_121-92_95-default-1-3.4.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-LTSS:lttng-modules-2.7.1-9.6.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-LTSS:lttng-modules-kmp-default-2.7.1_k4.4.121_92.95-9.6.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-4.4.121-92.95.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-4.4.121-92.95.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-base-4.4.121-92.95.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-base-4.4.121-92.95.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-devel-4.4.121-92.95.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-devel-4.4.121-92.95.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-devel-4.4.121-92.95.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-macros-4.4.121-92.95.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-source-4.4.121-92.95.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-syms-4.4.121-92.95.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-syms-4.4.121-92.95.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kgraft-patch-4_4_121-92_95-default-1-3.4.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kgraft-patch-4_4_121-92_95-default-1-3.4.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:lttng-modules-2.7.1-9.6.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:lttng-modules-kmp-default-2.7.1_k4.4.121_92.95-9.6.1.x86_64", "SUSE OpenStack Cloud 7:kernel-default-4.4.121-92.95.1.s390x", "SUSE OpenStack Cloud 7:kernel-default-4.4.121-92.95.1.x86_64", "SUSE OpenStack Cloud 7:kernel-default-base-4.4.121-92.95.1.s390x", "SUSE OpenStack Cloud 7:kernel-default-base-4.4.121-92.95.1.x86_64", "SUSE OpenStack Cloud 7:kernel-default-devel-4.4.121-92.95.1.s390x", "SUSE OpenStack Cloud 7:kernel-default-devel-4.4.121-92.95.1.x86_64", "SUSE OpenStack Cloud 7:kernel-default-man-4.4.121-92.95.1.s390x", "SUSE OpenStack Cloud 7:kernel-devel-4.4.121-92.95.1.noarch", "SUSE OpenStack Cloud 7:kernel-macros-4.4.121-92.95.1.noarch", "SUSE OpenStack Cloud 7:kernel-source-4.4.121-92.95.1.noarch", "SUSE OpenStack Cloud 7:kernel-syms-4.4.121-92.95.1.s390x", "SUSE OpenStack Cloud 7:kernel-syms-4.4.121-92.95.1.x86_64", "SUSE OpenStack Cloud 7:kgraft-patch-4_4_121-92_95-default-1-3.4.1.x86_64", "SUSE OpenStack Cloud 7:lttng-modules-2.7.1-9.6.1.x86_64", "SUSE OpenStack Cloud 7:lttng-modules-kmp-default-2.7.1_k4.4.121_92.95-9.6.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2018-10-09T12:00:14Z", details: "moderate", }, ], title: "CVE-2018-13094", }, { cve: "CVE-2018-13095", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2018-13095", }, ], notes: [ { category: "general", text: "An issue was discovered in fs/xfs/libxfs/xfs_inode_buf.c in the Linux kernel through 4.17.3. A denial of service (memory corruption and BUG) can occur for a corrupted xfs image upon encountering an inode that is in extent format, but has more extents than fit in the inode fork.", title: "CVE description", }, ], product_status: { recommended: [ "SUSE Enterprise Storage 4:kernel-default-4.4.121-92.95.1.x86_64", "SUSE Enterprise Storage 4:kernel-default-base-4.4.121-92.95.1.x86_64", "SUSE Enterprise Storage 4:kernel-default-devel-4.4.121-92.95.1.x86_64", "SUSE Enterprise Storage 4:kernel-devel-4.4.121-92.95.1.noarch", "SUSE Enterprise Storage 4:kernel-macros-4.4.121-92.95.1.noarch", "SUSE Enterprise Storage 4:kernel-source-4.4.121-92.95.1.noarch", "SUSE Enterprise Storage 4:kernel-syms-4.4.121-92.95.1.x86_64", "SUSE Enterprise Storage 4:kgraft-patch-4_4_121-92_95-default-1-3.4.1.x86_64", "SUSE Enterprise Storage 4:lttng-modules-2.7.1-9.6.1.x86_64", "SUSE Enterprise Storage 4:lttng-modules-kmp-default-2.7.1_k4.4.121_92.95-9.6.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP2:cluster-md-kmp-default-4.4.121-92.95.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP2:cluster-md-kmp-default-4.4.121-92.95.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP2:cluster-md-kmp-default-4.4.121-92.95.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP2:cluster-network-kmp-default-4.4.121-92.95.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP2:cluster-network-kmp-default-4.4.121-92.95.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP2:cluster-network-kmp-default-4.4.121-92.95.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP2:dlm-kmp-default-4.4.121-92.95.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP2:dlm-kmp-default-4.4.121-92.95.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP2:dlm-kmp-default-4.4.121-92.95.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP2:gfs2-kmp-default-4.4.121-92.95.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP2:gfs2-kmp-default-4.4.121-92.95.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP2:gfs2-kmp-default-4.4.121-92.95.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP2:ocfs2-kmp-default-4.4.121-92.95.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP2:ocfs2-kmp-default-4.4.121-92.95.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP2:ocfs2-kmp-default-4.4.121-92.95.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-default-4.4.121-92.95.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-default-base-4.4.121-92.95.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-default-devel-4.4.121-92.95.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-devel-4.4.121-92.95.1.noarch", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-macros-4.4.121-92.95.1.noarch", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-source-4.4.121-92.95.1.noarch", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-syms-4.4.121-92.95.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:lttng-modules-2.7.1-9.6.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:lttng-modules-kmp-default-2.7.1_k4.4.121_92.95-9.6.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-4.4.121-92.95.1.ppc64le", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-4.4.121-92.95.1.s390x", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-4.4.121-92.95.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-base-4.4.121-92.95.1.ppc64le", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-base-4.4.121-92.95.1.s390x", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-base-4.4.121-92.95.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-devel-4.4.121-92.95.1.ppc64le", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-devel-4.4.121-92.95.1.s390x", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-devel-4.4.121-92.95.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-man-4.4.121-92.95.1.s390x", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-devel-4.4.121-92.95.1.noarch", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-macros-4.4.121-92.95.1.noarch", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-source-4.4.121-92.95.1.noarch", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-syms-4.4.121-92.95.1.ppc64le", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-syms-4.4.121-92.95.1.s390x", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-syms-4.4.121-92.95.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-LTSS:kgraft-patch-4_4_121-92_95-default-1-3.4.1.ppc64le", "SUSE Linux Enterprise Server 12 SP2-LTSS:kgraft-patch-4_4_121-92_95-default-1-3.4.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-LTSS:lttng-modules-2.7.1-9.6.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-LTSS:lttng-modules-kmp-default-2.7.1_k4.4.121_92.95-9.6.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-4.4.121-92.95.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-4.4.121-92.95.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-base-4.4.121-92.95.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-base-4.4.121-92.95.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-devel-4.4.121-92.95.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-devel-4.4.121-92.95.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-devel-4.4.121-92.95.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-macros-4.4.121-92.95.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-source-4.4.121-92.95.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-syms-4.4.121-92.95.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-syms-4.4.121-92.95.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kgraft-patch-4_4_121-92_95-default-1-3.4.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kgraft-patch-4_4_121-92_95-default-1-3.4.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:lttng-modules-2.7.1-9.6.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:lttng-modules-kmp-default-2.7.1_k4.4.121_92.95-9.6.1.x86_64", "SUSE OpenStack Cloud 7:kernel-default-4.4.121-92.95.1.s390x", "SUSE OpenStack Cloud 7:kernel-default-4.4.121-92.95.1.x86_64", "SUSE OpenStack Cloud 7:kernel-default-base-4.4.121-92.95.1.s390x", "SUSE OpenStack Cloud 7:kernel-default-base-4.4.121-92.95.1.x86_64", "SUSE OpenStack Cloud 7:kernel-default-devel-4.4.121-92.95.1.s390x", "SUSE OpenStack Cloud 7:kernel-default-devel-4.4.121-92.95.1.x86_64", "SUSE OpenStack Cloud 7:kernel-default-man-4.4.121-92.95.1.s390x", "SUSE OpenStack Cloud 7:kernel-devel-4.4.121-92.95.1.noarch", "SUSE OpenStack Cloud 7:kernel-macros-4.4.121-92.95.1.noarch", "SUSE OpenStack Cloud 7:kernel-source-4.4.121-92.95.1.noarch", "SUSE OpenStack Cloud 7:kernel-syms-4.4.121-92.95.1.s390x", "SUSE OpenStack Cloud 7:kernel-syms-4.4.121-92.95.1.x86_64", "SUSE OpenStack Cloud 7:kgraft-patch-4_4_121-92_95-default-1-3.4.1.x86_64", "SUSE OpenStack Cloud 7:lttng-modules-2.7.1-9.6.1.x86_64", "SUSE OpenStack Cloud 7:lttng-modules-kmp-default-2.7.1_k4.4.121_92.95-9.6.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2018-13095", url: "https://www.suse.com/security/cve/CVE-2018-13095", }, { category: "external", summary: "SUSE Bug 1099999 for CVE-2018-13095", url: "https://bugzilla.suse.com/1099999", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE Enterprise Storage 4:kernel-default-4.4.121-92.95.1.x86_64", "SUSE Enterprise Storage 4:kernel-default-base-4.4.121-92.95.1.x86_64", "SUSE Enterprise Storage 4:kernel-default-devel-4.4.121-92.95.1.x86_64", "SUSE Enterprise Storage 4:kernel-devel-4.4.121-92.95.1.noarch", "SUSE Enterprise Storage 4:kernel-macros-4.4.121-92.95.1.noarch", "SUSE Enterprise Storage 4:kernel-source-4.4.121-92.95.1.noarch", "SUSE Enterprise Storage 4:kernel-syms-4.4.121-92.95.1.x86_64", "SUSE Enterprise Storage 4:kgraft-patch-4_4_121-92_95-default-1-3.4.1.x86_64", "SUSE Enterprise Storage 4:lttng-modules-2.7.1-9.6.1.x86_64", "SUSE Enterprise Storage 4:lttng-modules-kmp-default-2.7.1_k4.4.121_92.95-9.6.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP2:cluster-md-kmp-default-4.4.121-92.95.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP2:cluster-md-kmp-default-4.4.121-92.95.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP2:cluster-md-kmp-default-4.4.121-92.95.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP2:cluster-network-kmp-default-4.4.121-92.95.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP2:cluster-network-kmp-default-4.4.121-92.95.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP2:cluster-network-kmp-default-4.4.121-92.95.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP2:dlm-kmp-default-4.4.121-92.95.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP2:dlm-kmp-default-4.4.121-92.95.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP2:dlm-kmp-default-4.4.121-92.95.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP2:gfs2-kmp-default-4.4.121-92.95.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP2:gfs2-kmp-default-4.4.121-92.95.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP2:gfs2-kmp-default-4.4.121-92.95.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP2:ocfs2-kmp-default-4.4.121-92.95.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP2:ocfs2-kmp-default-4.4.121-92.95.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP2:ocfs2-kmp-default-4.4.121-92.95.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-default-4.4.121-92.95.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-default-base-4.4.121-92.95.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-default-devel-4.4.121-92.95.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-devel-4.4.121-92.95.1.noarch", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-macros-4.4.121-92.95.1.noarch", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-source-4.4.121-92.95.1.noarch", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-syms-4.4.121-92.95.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:lttng-modules-2.7.1-9.6.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:lttng-modules-kmp-default-2.7.1_k4.4.121_92.95-9.6.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-4.4.121-92.95.1.ppc64le", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-4.4.121-92.95.1.s390x", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-4.4.121-92.95.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-base-4.4.121-92.95.1.ppc64le", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-base-4.4.121-92.95.1.s390x", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-base-4.4.121-92.95.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-devel-4.4.121-92.95.1.ppc64le", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-devel-4.4.121-92.95.1.s390x", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-devel-4.4.121-92.95.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-man-4.4.121-92.95.1.s390x", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-devel-4.4.121-92.95.1.noarch", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-macros-4.4.121-92.95.1.noarch", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-source-4.4.121-92.95.1.noarch", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-syms-4.4.121-92.95.1.ppc64le", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-syms-4.4.121-92.95.1.s390x", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-syms-4.4.121-92.95.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-LTSS:kgraft-patch-4_4_121-92_95-default-1-3.4.1.ppc64le", "SUSE Linux Enterprise Server 12 SP2-LTSS:kgraft-patch-4_4_121-92_95-default-1-3.4.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-LTSS:lttng-modules-2.7.1-9.6.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-LTSS:lttng-modules-kmp-default-2.7.1_k4.4.121_92.95-9.6.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-4.4.121-92.95.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-4.4.121-92.95.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-base-4.4.121-92.95.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-base-4.4.121-92.95.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-devel-4.4.121-92.95.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-devel-4.4.121-92.95.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-devel-4.4.121-92.95.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-macros-4.4.121-92.95.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-source-4.4.121-92.95.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-syms-4.4.121-92.95.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-syms-4.4.121-92.95.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kgraft-patch-4_4_121-92_95-default-1-3.4.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kgraft-patch-4_4_121-92_95-default-1-3.4.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:lttng-modules-2.7.1-9.6.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:lttng-modules-kmp-default-2.7.1_k4.4.121_92.95-9.6.1.x86_64", "SUSE OpenStack Cloud 7:kernel-default-4.4.121-92.95.1.s390x", "SUSE OpenStack Cloud 7:kernel-default-4.4.121-92.95.1.x86_64", "SUSE OpenStack Cloud 7:kernel-default-base-4.4.121-92.95.1.s390x", "SUSE OpenStack Cloud 7:kernel-default-base-4.4.121-92.95.1.x86_64", "SUSE OpenStack Cloud 7:kernel-default-devel-4.4.121-92.95.1.s390x", "SUSE OpenStack Cloud 7:kernel-default-devel-4.4.121-92.95.1.x86_64", "SUSE OpenStack Cloud 7:kernel-default-man-4.4.121-92.95.1.s390x", "SUSE OpenStack Cloud 7:kernel-devel-4.4.121-92.95.1.noarch", "SUSE OpenStack Cloud 7:kernel-macros-4.4.121-92.95.1.noarch", "SUSE OpenStack Cloud 7:kernel-source-4.4.121-92.95.1.noarch", "SUSE OpenStack Cloud 7:kernel-syms-4.4.121-92.95.1.s390x", "SUSE OpenStack Cloud 7:kernel-syms-4.4.121-92.95.1.x86_64", "SUSE OpenStack Cloud 7:kgraft-patch-4_4_121-92_95-default-1-3.4.1.x86_64", "SUSE OpenStack Cloud 7:lttng-modules-2.7.1-9.6.1.x86_64", "SUSE OpenStack Cloud 7:lttng-modules-kmp-default-2.7.1_k4.4.121_92.95-9.6.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 6.1, baseSeverity: "MEDIUM", vectorString: "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:H", version: "3.0", }, products: [ "SUSE Enterprise Storage 4:kernel-default-4.4.121-92.95.1.x86_64", "SUSE Enterprise Storage 4:kernel-default-base-4.4.121-92.95.1.x86_64", "SUSE Enterprise Storage 4:kernel-default-devel-4.4.121-92.95.1.x86_64", "SUSE Enterprise Storage 4:kernel-devel-4.4.121-92.95.1.noarch", "SUSE Enterprise Storage 4:kernel-macros-4.4.121-92.95.1.noarch", "SUSE Enterprise Storage 4:kernel-source-4.4.121-92.95.1.noarch", "SUSE Enterprise Storage 4:kernel-syms-4.4.121-92.95.1.x86_64", "SUSE Enterprise Storage 4:kgraft-patch-4_4_121-92_95-default-1-3.4.1.x86_64", "SUSE Enterprise Storage 4:lttng-modules-2.7.1-9.6.1.x86_64", "SUSE Enterprise Storage 4:lttng-modules-kmp-default-2.7.1_k4.4.121_92.95-9.6.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP2:cluster-md-kmp-default-4.4.121-92.95.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP2:cluster-md-kmp-default-4.4.121-92.95.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP2:cluster-md-kmp-default-4.4.121-92.95.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP2:cluster-network-kmp-default-4.4.121-92.95.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP2:cluster-network-kmp-default-4.4.121-92.95.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP2:cluster-network-kmp-default-4.4.121-92.95.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP2:dlm-kmp-default-4.4.121-92.95.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP2:dlm-kmp-default-4.4.121-92.95.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP2:dlm-kmp-default-4.4.121-92.95.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP2:gfs2-kmp-default-4.4.121-92.95.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP2:gfs2-kmp-default-4.4.121-92.95.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP2:gfs2-kmp-default-4.4.121-92.95.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP2:ocfs2-kmp-default-4.4.121-92.95.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP2:ocfs2-kmp-default-4.4.121-92.95.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP2:ocfs2-kmp-default-4.4.121-92.95.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-default-4.4.121-92.95.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-default-base-4.4.121-92.95.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-default-devel-4.4.121-92.95.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-devel-4.4.121-92.95.1.noarch", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-macros-4.4.121-92.95.1.noarch", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-source-4.4.121-92.95.1.noarch", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-syms-4.4.121-92.95.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:lttng-modules-2.7.1-9.6.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:lttng-modules-kmp-default-2.7.1_k4.4.121_92.95-9.6.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-4.4.121-92.95.1.ppc64le", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-4.4.121-92.95.1.s390x", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-4.4.121-92.95.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-base-4.4.121-92.95.1.ppc64le", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-base-4.4.121-92.95.1.s390x", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-base-4.4.121-92.95.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-devel-4.4.121-92.95.1.ppc64le", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-devel-4.4.121-92.95.1.s390x", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-devel-4.4.121-92.95.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-man-4.4.121-92.95.1.s390x", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-devel-4.4.121-92.95.1.noarch", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-macros-4.4.121-92.95.1.noarch", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-source-4.4.121-92.95.1.noarch", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-syms-4.4.121-92.95.1.ppc64le", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-syms-4.4.121-92.95.1.s390x", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-syms-4.4.121-92.95.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-LTSS:kgraft-patch-4_4_121-92_95-default-1-3.4.1.ppc64le", "SUSE Linux Enterprise Server 12 SP2-LTSS:kgraft-patch-4_4_121-92_95-default-1-3.4.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-LTSS:lttng-modules-2.7.1-9.6.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-LTSS:lttng-modules-kmp-default-2.7.1_k4.4.121_92.95-9.6.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-4.4.121-92.95.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-4.4.121-92.95.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-base-4.4.121-92.95.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-base-4.4.121-92.95.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-devel-4.4.121-92.95.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-devel-4.4.121-92.95.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-devel-4.4.121-92.95.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-macros-4.4.121-92.95.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-source-4.4.121-92.95.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-syms-4.4.121-92.95.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-syms-4.4.121-92.95.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kgraft-patch-4_4_121-92_95-default-1-3.4.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kgraft-patch-4_4_121-92_95-default-1-3.4.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:lttng-modules-2.7.1-9.6.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:lttng-modules-kmp-default-2.7.1_k4.4.121_92.95-9.6.1.x86_64", "SUSE OpenStack Cloud 7:kernel-default-4.4.121-92.95.1.s390x", "SUSE OpenStack Cloud 7:kernel-default-4.4.121-92.95.1.x86_64", "SUSE OpenStack Cloud 7:kernel-default-base-4.4.121-92.95.1.s390x", "SUSE OpenStack Cloud 7:kernel-default-base-4.4.121-92.95.1.x86_64", "SUSE OpenStack Cloud 7:kernel-default-devel-4.4.121-92.95.1.s390x", "SUSE OpenStack Cloud 7:kernel-default-devel-4.4.121-92.95.1.x86_64", "SUSE OpenStack Cloud 7:kernel-default-man-4.4.121-92.95.1.s390x", "SUSE OpenStack Cloud 7:kernel-devel-4.4.121-92.95.1.noarch", "SUSE OpenStack Cloud 7:kernel-macros-4.4.121-92.95.1.noarch", "SUSE OpenStack Cloud 7:kernel-source-4.4.121-92.95.1.noarch", "SUSE OpenStack Cloud 7:kernel-syms-4.4.121-92.95.1.s390x", "SUSE OpenStack Cloud 7:kernel-syms-4.4.121-92.95.1.x86_64", "SUSE OpenStack Cloud 7:kgraft-patch-4_4_121-92_95-default-1-3.4.1.x86_64", "SUSE OpenStack Cloud 7:lttng-modules-2.7.1-9.6.1.x86_64", "SUSE OpenStack Cloud 7:lttng-modules-kmp-default-2.7.1_k4.4.121_92.95-9.6.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2018-10-09T12:00:14Z", details: "moderate", }, ], title: "CVE-2018-13095", }, { cve: "CVE-2018-14617", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2018-14617", }, ], notes: [ { category: "general", text: "An issue was discovered in the Linux kernel through 4.17.10. There is a NULL pointer dereference and panic in hfsplus_lookup() in fs/hfsplus/dir.c when opening a file (that is purportedly a hard link) in an hfs+ filesystem that has malformed catalog data, and is mounted read-only without a metadata directory.", title: "CVE description", }, ], product_status: { recommended: [ "SUSE Enterprise Storage 4:kernel-default-4.4.121-92.95.1.x86_64", "SUSE Enterprise Storage 4:kernel-default-base-4.4.121-92.95.1.x86_64", "SUSE Enterprise Storage 4:kernel-default-devel-4.4.121-92.95.1.x86_64", "SUSE Enterprise Storage 4:kernel-devel-4.4.121-92.95.1.noarch", "SUSE Enterprise Storage 4:kernel-macros-4.4.121-92.95.1.noarch", "SUSE Enterprise Storage 4:kernel-source-4.4.121-92.95.1.noarch", "SUSE Enterprise Storage 4:kernel-syms-4.4.121-92.95.1.x86_64", "SUSE Enterprise Storage 4:kgraft-patch-4_4_121-92_95-default-1-3.4.1.x86_64", "SUSE Enterprise Storage 4:lttng-modules-2.7.1-9.6.1.x86_64", "SUSE Enterprise Storage 4:lttng-modules-kmp-default-2.7.1_k4.4.121_92.95-9.6.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP2:cluster-md-kmp-default-4.4.121-92.95.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP2:cluster-md-kmp-default-4.4.121-92.95.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP2:cluster-md-kmp-default-4.4.121-92.95.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP2:cluster-network-kmp-default-4.4.121-92.95.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP2:cluster-network-kmp-default-4.4.121-92.95.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP2:cluster-network-kmp-default-4.4.121-92.95.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP2:dlm-kmp-default-4.4.121-92.95.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP2:dlm-kmp-default-4.4.121-92.95.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP2:dlm-kmp-default-4.4.121-92.95.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP2:gfs2-kmp-default-4.4.121-92.95.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP2:gfs2-kmp-default-4.4.121-92.95.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP2:gfs2-kmp-default-4.4.121-92.95.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP2:ocfs2-kmp-default-4.4.121-92.95.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP2:ocfs2-kmp-default-4.4.121-92.95.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP2:ocfs2-kmp-default-4.4.121-92.95.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-default-4.4.121-92.95.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-default-base-4.4.121-92.95.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-default-devel-4.4.121-92.95.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-devel-4.4.121-92.95.1.noarch", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-macros-4.4.121-92.95.1.noarch", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-source-4.4.121-92.95.1.noarch", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-syms-4.4.121-92.95.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:lttng-modules-2.7.1-9.6.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:lttng-modules-kmp-default-2.7.1_k4.4.121_92.95-9.6.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-4.4.121-92.95.1.ppc64le", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-4.4.121-92.95.1.s390x", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-4.4.121-92.95.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-base-4.4.121-92.95.1.ppc64le", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-base-4.4.121-92.95.1.s390x", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-base-4.4.121-92.95.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-devel-4.4.121-92.95.1.ppc64le", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-devel-4.4.121-92.95.1.s390x", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-devel-4.4.121-92.95.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-man-4.4.121-92.95.1.s390x", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-devel-4.4.121-92.95.1.noarch", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-macros-4.4.121-92.95.1.noarch", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-source-4.4.121-92.95.1.noarch", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-syms-4.4.121-92.95.1.ppc64le", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-syms-4.4.121-92.95.1.s390x", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-syms-4.4.121-92.95.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-LTSS:kgraft-patch-4_4_121-92_95-default-1-3.4.1.ppc64le", "SUSE Linux Enterprise Server 12 SP2-LTSS:kgraft-patch-4_4_121-92_95-default-1-3.4.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-LTSS:lttng-modules-2.7.1-9.6.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-LTSS:lttng-modules-kmp-default-2.7.1_k4.4.121_92.95-9.6.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-4.4.121-92.95.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-4.4.121-92.95.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-base-4.4.121-92.95.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-base-4.4.121-92.95.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-devel-4.4.121-92.95.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-devel-4.4.121-92.95.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-devel-4.4.121-92.95.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-macros-4.4.121-92.95.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-source-4.4.121-92.95.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-syms-4.4.121-92.95.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-syms-4.4.121-92.95.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kgraft-patch-4_4_121-92_95-default-1-3.4.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kgraft-patch-4_4_121-92_95-default-1-3.4.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:lttng-modules-2.7.1-9.6.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:lttng-modules-kmp-default-2.7.1_k4.4.121_92.95-9.6.1.x86_64", "SUSE OpenStack Cloud 7:kernel-default-4.4.121-92.95.1.s390x", "SUSE OpenStack Cloud 7:kernel-default-4.4.121-92.95.1.x86_64", "SUSE OpenStack Cloud 7:kernel-default-base-4.4.121-92.95.1.s390x", "SUSE OpenStack Cloud 7:kernel-default-base-4.4.121-92.95.1.x86_64", "SUSE OpenStack Cloud 7:kernel-default-devel-4.4.121-92.95.1.s390x", "SUSE OpenStack Cloud 7:kernel-default-devel-4.4.121-92.95.1.x86_64", "SUSE OpenStack Cloud 7:kernel-default-man-4.4.121-92.95.1.s390x", "SUSE OpenStack Cloud 7:kernel-devel-4.4.121-92.95.1.noarch", "SUSE OpenStack Cloud 7:kernel-macros-4.4.121-92.95.1.noarch", "SUSE OpenStack Cloud 7:kernel-source-4.4.121-92.95.1.noarch", "SUSE OpenStack Cloud 7:kernel-syms-4.4.121-92.95.1.s390x", "SUSE OpenStack Cloud 7:kernel-syms-4.4.121-92.95.1.x86_64", "SUSE OpenStack Cloud 7:kgraft-patch-4_4_121-92_95-default-1-3.4.1.x86_64", "SUSE OpenStack Cloud 7:lttng-modules-2.7.1-9.6.1.x86_64", "SUSE OpenStack Cloud 7:lttng-modules-kmp-default-2.7.1_k4.4.121_92.95-9.6.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2018-14617", url: "https://www.suse.com/security/cve/CVE-2018-14617", }, { category: "external", summary: "SUSE Bug 1102870 for CVE-2018-14617", url: "https://bugzilla.suse.com/1102870", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE Enterprise Storage 4:kernel-default-4.4.121-92.95.1.x86_64", "SUSE Enterprise Storage 4:kernel-default-base-4.4.121-92.95.1.x86_64", "SUSE Enterprise Storage 4:kernel-default-devel-4.4.121-92.95.1.x86_64", "SUSE Enterprise Storage 4:kernel-devel-4.4.121-92.95.1.noarch", "SUSE Enterprise Storage 4:kernel-macros-4.4.121-92.95.1.noarch", "SUSE Enterprise Storage 4:kernel-source-4.4.121-92.95.1.noarch", "SUSE Enterprise Storage 4:kernel-syms-4.4.121-92.95.1.x86_64", "SUSE Enterprise Storage 4:kgraft-patch-4_4_121-92_95-default-1-3.4.1.x86_64", "SUSE Enterprise Storage 4:lttng-modules-2.7.1-9.6.1.x86_64", "SUSE Enterprise Storage 4:lttng-modules-kmp-default-2.7.1_k4.4.121_92.95-9.6.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP2:cluster-md-kmp-default-4.4.121-92.95.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP2:cluster-md-kmp-default-4.4.121-92.95.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP2:cluster-md-kmp-default-4.4.121-92.95.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP2:cluster-network-kmp-default-4.4.121-92.95.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP2:cluster-network-kmp-default-4.4.121-92.95.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP2:cluster-network-kmp-default-4.4.121-92.95.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP2:dlm-kmp-default-4.4.121-92.95.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP2:dlm-kmp-default-4.4.121-92.95.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP2:dlm-kmp-default-4.4.121-92.95.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP2:gfs2-kmp-default-4.4.121-92.95.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP2:gfs2-kmp-default-4.4.121-92.95.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP2:gfs2-kmp-default-4.4.121-92.95.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP2:ocfs2-kmp-default-4.4.121-92.95.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP2:ocfs2-kmp-default-4.4.121-92.95.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP2:ocfs2-kmp-default-4.4.121-92.95.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-default-4.4.121-92.95.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-default-base-4.4.121-92.95.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-default-devel-4.4.121-92.95.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-devel-4.4.121-92.95.1.noarch", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-macros-4.4.121-92.95.1.noarch", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-source-4.4.121-92.95.1.noarch", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-syms-4.4.121-92.95.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:lttng-modules-2.7.1-9.6.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:lttng-modules-kmp-default-2.7.1_k4.4.121_92.95-9.6.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-4.4.121-92.95.1.ppc64le", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-4.4.121-92.95.1.s390x", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-4.4.121-92.95.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-base-4.4.121-92.95.1.ppc64le", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-base-4.4.121-92.95.1.s390x", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-base-4.4.121-92.95.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-devel-4.4.121-92.95.1.ppc64le", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-devel-4.4.121-92.95.1.s390x", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-devel-4.4.121-92.95.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-man-4.4.121-92.95.1.s390x", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-devel-4.4.121-92.95.1.noarch", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-macros-4.4.121-92.95.1.noarch", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-source-4.4.121-92.95.1.noarch", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-syms-4.4.121-92.95.1.ppc64le", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-syms-4.4.121-92.95.1.s390x", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-syms-4.4.121-92.95.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-LTSS:kgraft-patch-4_4_121-92_95-default-1-3.4.1.ppc64le", "SUSE Linux Enterprise Server 12 SP2-LTSS:kgraft-patch-4_4_121-92_95-default-1-3.4.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-LTSS:lttng-modules-2.7.1-9.6.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-LTSS:lttng-modules-kmp-default-2.7.1_k4.4.121_92.95-9.6.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-4.4.121-92.95.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-4.4.121-92.95.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-base-4.4.121-92.95.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-base-4.4.121-92.95.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-devel-4.4.121-92.95.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-devel-4.4.121-92.95.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-devel-4.4.121-92.95.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-macros-4.4.121-92.95.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-source-4.4.121-92.95.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-syms-4.4.121-92.95.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-syms-4.4.121-92.95.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kgraft-patch-4_4_121-92_95-default-1-3.4.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kgraft-patch-4_4_121-92_95-default-1-3.4.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:lttng-modules-2.7.1-9.6.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:lttng-modules-kmp-default-2.7.1_k4.4.121_92.95-9.6.1.x86_64", "SUSE OpenStack Cloud 7:kernel-default-4.4.121-92.95.1.s390x", "SUSE OpenStack Cloud 7:kernel-default-4.4.121-92.95.1.x86_64", "SUSE OpenStack Cloud 7:kernel-default-base-4.4.121-92.95.1.s390x", "SUSE OpenStack Cloud 7:kernel-default-base-4.4.121-92.95.1.x86_64", "SUSE OpenStack Cloud 7:kernel-default-devel-4.4.121-92.95.1.s390x", "SUSE OpenStack Cloud 7:kernel-default-devel-4.4.121-92.95.1.x86_64", "SUSE OpenStack Cloud 7:kernel-default-man-4.4.121-92.95.1.s390x", "SUSE OpenStack Cloud 7:kernel-devel-4.4.121-92.95.1.noarch", "SUSE OpenStack Cloud 7:kernel-macros-4.4.121-92.95.1.noarch", "SUSE OpenStack Cloud 7:kernel-source-4.4.121-92.95.1.noarch", "SUSE OpenStack Cloud 7:kernel-syms-4.4.121-92.95.1.s390x", "SUSE OpenStack Cloud 7:kernel-syms-4.4.121-92.95.1.x86_64", "SUSE OpenStack Cloud 7:kgraft-patch-4_4_121-92_95-default-1-3.4.1.x86_64", "SUSE OpenStack Cloud 7:lttng-modules-2.7.1-9.6.1.x86_64", "SUSE OpenStack Cloud 7:lttng-modules-kmp-default-2.7.1_k4.4.121_92.95-9.6.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 5.5, baseSeverity: "MEDIUM", vectorString: "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", version: "3.0", }, products: [ "SUSE Enterprise Storage 4:kernel-default-4.4.121-92.95.1.x86_64", "SUSE Enterprise Storage 4:kernel-default-base-4.4.121-92.95.1.x86_64", "SUSE Enterprise Storage 4:kernel-default-devel-4.4.121-92.95.1.x86_64", "SUSE Enterprise Storage 4:kernel-devel-4.4.121-92.95.1.noarch", "SUSE Enterprise Storage 4:kernel-macros-4.4.121-92.95.1.noarch", "SUSE Enterprise Storage 4:kernel-source-4.4.121-92.95.1.noarch", "SUSE Enterprise Storage 4:kernel-syms-4.4.121-92.95.1.x86_64", "SUSE Enterprise Storage 4:kgraft-patch-4_4_121-92_95-default-1-3.4.1.x86_64", "SUSE Enterprise Storage 4:lttng-modules-2.7.1-9.6.1.x86_64", "SUSE Enterprise Storage 4:lttng-modules-kmp-default-2.7.1_k4.4.121_92.95-9.6.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP2:cluster-md-kmp-default-4.4.121-92.95.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP2:cluster-md-kmp-default-4.4.121-92.95.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP2:cluster-md-kmp-default-4.4.121-92.95.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP2:cluster-network-kmp-default-4.4.121-92.95.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP2:cluster-network-kmp-default-4.4.121-92.95.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP2:cluster-network-kmp-default-4.4.121-92.95.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP2:dlm-kmp-default-4.4.121-92.95.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP2:dlm-kmp-default-4.4.121-92.95.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP2:dlm-kmp-default-4.4.121-92.95.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP2:gfs2-kmp-default-4.4.121-92.95.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP2:gfs2-kmp-default-4.4.121-92.95.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP2:gfs2-kmp-default-4.4.121-92.95.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP2:ocfs2-kmp-default-4.4.121-92.95.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP2:ocfs2-kmp-default-4.4.121-92.95.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP2:ocfs2-kmp-default-4.4.121-92.95.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-default-4.4.121-92.95.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-default-base-4.4.121-92.95.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-default-devel-4.4.121-92.95.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-devel-4.4.121-92.95.1.noarch", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-macros-4.4.121-92.95.1.noarch", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-source-4.4.121-92.95.1.noarch", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-syms-4.4.121-92.95.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:lttng-modules-2.7.1-9.6.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:lttng-modules-kmp-default-2.7.1_k4.4.121_92.95-9.6.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-4.4.121-92.95.1.ppc64le", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-4.4.121-92.95.1.s390x", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-4.4.121-92.95.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-base-4.4.121-92.95.1.ppc64le", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-base-4.4.121-92.95.1.s390x", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-base-4.4.121-92.95.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-devel-4.4.121-92.95.1.ppc64le", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-devel-4.4.121-92.95.1.s390x", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-devel-4.4.121-92.95.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-man-4.4.121-92.95.1.s390x", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-devel-4.4.121-92.95.1.noarch", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-macros-4.4.121-92.95.1.noarch", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-source-4.4.121-92.95.1.noarch", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-syms-4.4.121-92.95.1.ppc64le", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-syms-4.4.121-92.95.1.s390x", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-syms-4.4.121-92.95.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-LTSS:kgraft-patch-4_4_121-92_95-default-1-3.4.1.ppc64le", "SUSE Linux Enterprise Server 12 SP2-LTSS:kgraft-patch-4_4_121-92_95-default-1-3.4.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-LTSS:lttng-modules-2.7.1-9.6.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-LTSS:lttng-modules-kmp-default-2.7.1_k4.4.121_92.95-9.6.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-4.4.121-92.95.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-4.4.121-92.95.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-base-4.4.121-92.95.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-base-4.4.121-92.95.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-devel-4.4.121-92.95.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-devel-4.4.121-92.95.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-devel-4.4.121-92.95.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-macros-4.4.121-92.95.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-source-4.4.121-92.95.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-syms-4.4.121-92.95.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-syms-4.4.121-92.95.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kgraft-patch-4_4_121-92_95-default-1-3.4.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kgraft-patch-4_4_121-92_95-default-1-3.4.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:lttng-modules-2.7.1-9.6.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:lttng-modules-kmp-default-2.7.1_k4.4.121_92.95-9.6.1.x86_64", "SUSE OpenStack Cloud 7:kernel-default-4.4.121-92.95.1.s390x", "SUSE OpenStack Cloud 7:kernel-default-4.4.121-92.95.1.x86_64", "SUSE OpenStack Cloud 7:kernel-default-base-4.4.121-92.95.1.s390x", "SUSE OpenStack Cloud 7:kernel-default-base-4.4.121-92.95.1.x86_64", "SUSE OpenStack Cloud 7:kernel-default-devel-4.4.121-92.95.1.s390x", "SUSE OpenStack Cloud 7:kernel-default-devel-4.4.121-92.95.1.x86_64", "SUSE OpenStack Cloud 7:kernel-default-man-4.4.121-92.95.1.s390x", "SUSE OpenStack Cloud 7:kernel-devel-4.4.121-92.95.1.noarch", "SUSE OpenStack Cloud 7:kernel-macros-4.4.121-92.95.1.noarch", "SUSE OpenStack Cloud 7:kernel-source-4.4.121-92.95.1.noarch", "SUSE OpenStack Cloud 7:kernel-syms-4.4.121-92.95.1.s390x", "SUSE OpenStack Cloud 7:kernel-syms-4.4.121-92.95.1.x86_64", "SUSE OpenStack Cloud 7:kgraft-patch-4_4_121-92_95-default-1-3.4.1.x86_64", "SUSE OpenStack Cloud 7:lttng-modules-2.7.1-9.6.1.x86_64", "SUSE OpenStack Cloud 7:lttng-modules-kmp-default-2.7.1_k4.4.121_92.95-9.6.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2018-10-09T12:00:14Z", details: "moderate", }, ], title: "CVE-2018-14617", }, { cve: "CVE-2018-14678", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2018-14678", }, ], notes: [ { category: "general", text: "An issue was discovered in the Linux kernel through 4.17.11, as used in Xen through 4.11.x. The xen_failsafe_callback entry point in arch/x86/entry/entry_64.S does not properly maintain RBX, which allows local users to cause a denial of service (uninitialized memory usage and system crash). Within Xen, 64-bit x86 PV Linux guest OS users can trigger a guest OS crash or possibly gain privileges.", title: "CVE description", }, ], product_status: { recommended: [ "SUSE Enterprise Storage 4:kernel-default-4.4.121-92.95.1.x86_64", "SUSE Enterprise Storage 4:kernel-default-base-4.4.121-92.95.1.x86_64", "SUSE Enterprise Storage 4:kernel-default-devel-4.4.121-92.95.1.x86_64", "SUSE Enterprise Storage 4:kernel-devel-4.4.121-92.95.1.noarch", "SUSE Enterprise Storage 4:kernel-macros-4.4.121-92.95.1.noarch", "SUSE Enterprise Storage 4:kernel-source-4.4.121-92.95.1.noarch", "SUSE Enterprise Storage 4:kernel-syms-4.4.121-92.95.1.x86_64", "SUSE Enterprise Storage 4:kgraft-patch-4_4_121-92_95-default-1-3.4.1.x86_64", "SUSE Enterprise Storage 4:lttng-modules-2.7.1-9.6.1.x86_64", "SUSE Enterprise Storage 4:lttng-modules-kmp-default-2.7.1_k4.4.121_92.95-9.6.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP2:cluster-md-kmp-default-4.4.121-92.95.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP2:cluster-md-kmp-default-4.4.121-92.95.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP2:cluster-md-kmp-default-4.4.121-92.95.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP2:cluster-network-kmp-default-4.4.121-92.95.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP2:cluster-network-kmp-default-4.4.121-92.95.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP2:cluster-network-kmp-default-4.4.121-92.95.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP2:dlm-kmp-default-4.4.121-92.95.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP2:dlm-kmp-default-4.4.121-92.95.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP2:dlm-kmp-default-4.4.121-92.95.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP2:gfs2-kmp-default-4.4.121-92.95.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP2:gfs2-kmp-default-4.4.121-92.95.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP2:gfs2-kmp-default-4.4.121-92.95.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP2:ocfs2-kmp-default-4.4.121-92.95.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP2:ocfs2-kmp-default-4.4.121-92.95.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP2:ocfs2-kmp-default-4.4.121-92.95.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-default-4.4.121-92.95.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-default-base-4.4.121-92.95.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-default-devel-4.4.121-92.95.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-devel-4.4.121-92.95.1.noarch", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-macros-4.4.121-92.95.1.noarch", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-source-4.4.121-92.95.1.noarch", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-syms-4.4.121-92.95.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:lttng-modules-2.7.1-9.6.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:lttng-modules-kmp-default-2.7.1_k4.4.121_92.95-9.6.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-4.4.121-92.95.1.ppc64le", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-4.4.121-92.95.1.s390x", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-4.4.121-92.95.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-base-4.4.121-92.95.1.ppc64le", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-base-4.4.121-92.95.1.s390x", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-base-4.4.121-92.95.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-devel-4.4.121-92.95.1.ppc64le", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-devel-4.4.121-92.95.1.s390x", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-devel-4.4.121-92.95.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-man-4.4.121-92.95.1.s390x", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-devel-4.4.121-92.95.1.noarch", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-macros-4.4.121-92.95.1.noarch", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-source-4.4.121-92.95.1.noarch", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-syms-4.4.121-92.95.1.ppc64le", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-syms-4.4.121-92.95.1.s390x", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-syms-4.4.121-92.95.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-LTSS:kgraft-patch-4_4_121-92_95-default-1-3.4.1.ppc64le", "SUSE Linux Enterprise Server 12 SP2-LTSS:kgraft-patch-4_4_121-92_95-default-1-3.4.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-LTSS:lttng-modules-2.7.1-9.6.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-LTSS:lttng-modules-kmp-default-2.7.1_k4.4.121_92.95-9.6.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-4.4.121-92.95.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-4.4.121-92.95.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-base-4.4.121-92.95.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-base-4.4.121-92.95.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-devel-4.4.121-92.95.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-devel-4.4.121-92.95.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-devel-4.4.121-92.95.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-macros-4.4.121-92.95.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-source-4.4.121-92.95.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-syms-4.4.121-92.95.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-syms-4.4.121-92.95.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kgraft-patch-4_4_121-92_95-default-1-3.4.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kgraft-patch-4_4_121-92_95-default-1-3.4.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:lttng-modules-2.7.1-9.6.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:lttng-modules-kmp-default-2.7.1_k4.4.121_92.95-9.6.1.x86_64", "SUSE OpenStack Cloud 7:kernel-default-4.4.121-92.95.1.s390x", "SUSE OpenStack Cloud 7:kernel-default-4.4.121-92.95.1.x86_64", "SUSE OpenStack Cloud 7:kernel-default-base-4.4.121-92.95.1.s390x", "SUSE OpenStack Cloud 7:kernel-default-base-4.4.121-92.95.1.x86_64", "SUSE OpenStack Cloud 7:kernel-default-devel-4.4.121-92.95.1.s390x", "SUSE OpenStack Cloud 7:kernel-default-devel-4.4.121-92.95.1.x86_64", "SUSE OpenStack Cloud 7:kernel-default-man-4.4.121-92.95.1.s390x", "SUSE OpenStack Cloud 7:kernel-devel-4.4.121-92.95.1.noarch", "SUSE OpenStack Cloud 7:kernel-macros-4.4.121-92.95.1.noarch", "SUSE OpenStack Cloud 7:kernel-source-4.4.121-92.95.1.noarch", "SUSE OpenStack Cloud 7:kernel-syms-4.4.121-92.95.1.s390x", "SUSE OpenStack Cloud 7:kernel-syms-4.4.121-92.95.1.x86_64", "SUSE OpenStack Cloud 7:kgraft-patch-4_4_121-92_95-default-1-3.4.1.x86_64", "SUSE OpenStack Cloud 7:lttng-modules-2.7.1-9.6.1.x86_64", "SUSE OpenStack Cloud 7:lttng-modules-kmp-default-2.7.1_k4.4.121_92.95-9.6.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2018-14678", url: "https://www.suse.com/security/cve/CVE-2018-14678", }, { category: "external", summary: "SUSE Bug 1102715 for CVE-2018-14678", url: "https://bugzilla.suse.com/1102715", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE Enterprise Storage 4:kernel-default-4.4.121-92.95.1.x86_64", "SUSE Enterprise Storage 4:kernel-default-base-4.4.121-92.95.1.x86_64", "SUSE Enterprise Storage 4:kernel-default-devel-4.4.121-92.95.1.x86_64", "SUSE Enterprise Storage 4:kernel-devel-4.4.121-92.95.1.noarch", "SUSE Enterprise Storage 4:kernel-macros-4.4.121-92.95.1.noarch", "SUSE Enterprise Storage 4:kernel-source-4.4.121-92.95.1.noarch", "SUSE Enterprise Storage 4:kernel-syms-4.4.121-92.95.1.x86_64", "SUSE Enterprise Storage 4:kgraft-patch-4_4_121-92_95-default-1-3.4.1.x86_64", "SUSE Enterprise Storage 4:lttng-modules-2.7.1-9.6.1.x86_64", "SUSE Enterprise Storage 4:lttng-modules-kmp-default-2.7.1_k4.4.121_92.95-9.6.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP2:cluster-md-kmp-default-4.4.121-92.95.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP2:cluster-md-kmp-default-4.4.121-92.95.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP2:cluster-md-kmp-default-4.4.121-92.95.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP2:cluster-network-kmp-default-4.4.121-92.95.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP2:cluster-network-kmp-default-4.4.121-92.95.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP2:cluster-network-kmp-default-4.4.121-92.95.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP2:dlm-kmp-default-4.4.121-92.95.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP2:dlm-kmp-default-4.4.121-92.95.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP2:dlm-kmp-default-4.4.121-92.95.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP2:gfs2-kmp-default-4.4.121-92.95.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP2:gfs2-kmp-default-4.4.121-92.95.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP2:gfs2-kmp-default-4.4.121-92.95.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP2:ocfs2-kmp-default-4.4.121-92.95.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP2:ocfs2-kmp-default-4.4.121-92.95.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP2:ocfs2-kmp-default-4.4.121-92.95.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-default-4.4.121-92.95.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-default-base-4.4.121-92.95.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-default-devel-4.4.121-92.95.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-devel-4.4.121-92.95.1.noarch", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-macros-4.4.121-92.95.1.noarch", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-source-4.4.121-92.95.1.noarch", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-syms-4.4.121-92.95.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:lttng-modules-2.7.1-9.6.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:lttng-modules-kmp-default-2.7.1_k4.4.121_92.95-9.6.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-4.4.121-92.95.1.ppc64le", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-4.4.121-92.95.1.s390x", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-4.4.121-92.95.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-base-4.4.121-92.95.1.ppc64le", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-base-4.4.121-92.95.1.s390x", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-base-4.4.121-92.95.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-devel-4.4.121-92.95.1.ppc64le", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-devel-4.4.121-92.95.1.s390x", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-devel-4.4.121-92.95.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-man-4.4.121-92.95.1.s390x", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-devel-4.4.121-92.95.1.noarch", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-macros-4.4.121-92.95.1.noarch", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-source-4.4.121-92.95.1.noarch", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-syms-4.4.121-92.95.1.ppc64le", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-syms-4.4.121-92.95.1.s390x", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-syms-4.4.121-92.95.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-LTSS:kgraft-patch-4_4_121-92_95-default-1-3.4.1.ppc64le", "SUSE Linux Enterprise Server 12 SP2-LTSS:kgraft-patch-4_4_121-92_95-default-1-3.4.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-LTSS:lttng-modules-2.7.1-9.6.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-LTSS:lttng-modules-kmp-default-2.7.1_k4.4.121_92.95-9.6.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-4.4.121-92.95.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-4.4.121-92.95.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-base-4.4.121-92.95.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-base-4.4.121-92.95.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-devel-4.4.121-92.95.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-devel-4.4.121-92.95.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-devel-4.4.121-92.95.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-macros-4.4.121-92.95.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-source-4.4.121-92.95.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-syms-4.4.121-92.95.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-syms-4.4.121-92.95.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kgraft-patch-4_4_121-92_95-default-1-3.4.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kgraft-patch-4_4_121-92_95-default-1-3.4.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:lttng-modules-2.7.1-9.6.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:lttng-modules-kmp-default-2.7.1_k4.4.121_92.95-9.6.1.x86_64", "SUSE OpenStack Cloud 7:kernel-default-4.4.121-92.95.1.s390x", "SUSE OpenStack Cloud 7:kernel-default-4.4.121-92.95.1.x86_64", "SUSE OpenStack Cloud 7:kernel-default-base-4.4.121-92.95.1.s390x", "SUSE OpenStack Cloud 7:kernel-default-base-4.4.121-92.95.1.x86_64", "SUSE OpenStack Cloud 7:kernel-default-devel-4.4.121-92.95.1.s390x", "SUSE OpenStack Cloud 7:kernel-default-devel-4.4.121-92.95.1.x86_64", "SUSE OpenStack Cloud 7:kernel-default-man-4.4.121-92.95.1.s390x", "SUSE OpenStack Cloud 7:kernel-devel-4.4.121-92.95.1.noarch", "SUSE OpenStack Cloud 7:kernel-macros-4.4.121-92.95.1.noarch", "SUSE OpenStack Cloud 7:kernel-source-4.4.121-92.95.1.noarch", "SUSE OpenStack Cloud 7:kernel-syms-4.4.121-92.95.1.s390x", "SUSE OpenStack Cloud 7:kernel-syms-4.4.121-92.95.1.x86_64", "SUSE OpenStack Cloud 7:kgraft-patch-4_4_121-92_95-default-1-3.4.1.x86_64", "SUSE OpenStack Cloud 7:lttng-modules-2.7.1-9.6.1.x86_64", "SUSE OpenStack Cloud 7:lttng-modules-kmp-default-2.7.1_k4.4.121_92.95-9.6.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 5.1, baseSeverity: "MEDIUM", vectorString: "CVSS:3.0/AV:L/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H", version: "3.0", }, products: [ "SUSE Enterprise Storage 4:kernel-default-4.4.121-92.95.1.x86_64", "SUSE Enterprise Storage 4:kernel-default-base-4.4.121-92.95.1.x86_64", "SUSE Enterprise Storage 4:kernel-default-devel-4.4.121-92.95.1.x86_64", "SUSE Enterprise Storage 4:kernel-devel-4.4.121-92.95.1.noarch", "SUSE Enterprise Storage 4:kernel-macros-4.4.121-92.95.1.noarch", "SUSE Enterprise Storage 4:kernel-source-4.4.121-92.95.1.noarch", "SUSE Enterprise Storage 4:kernel-syms-4.4.121-92.95.1.x86_64", "SUSE Enterprise Storage 4:kgraft-patch-4_4_121-92_95-default-1-3.4.1.x86_64", "SUSE Enterprise Storage 4:lttng-modules-2.7.1-9.6.1.x86_64", "SUSE Enterprise Storage 4:lttng-modules-kmp-default-2.7.1_k4.4.121_92.95-9.6.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP2:cluster-md-kmp-default-4.4.121-92.95.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP2:cluster-md-kmp-default-4.4.121-92.95.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP2:cluster-md-kmp-default-4.4.121-92.95.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP2:cluster-network-kmp-default-4.4.121-92.95.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP2:cluster-network-kmp-default-4.4.121-92.95.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP2:cluster-network-kmp-default-4.4.121-92.95.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP2:dlm-kmp-default-4.4.121-92.95.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP2:dlm-kmp-default-4.4.121-92.95.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP2:dlm-kmp-default-4.4.121-92.95.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP2:gfs2-kmp-default-4.4.121-92.95.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP2:gfs2-kmp-default-4.4.121-92.95.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP2:gfs2-kmp-default-4.4.121-92.95.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP2:ocfs2-kmp-default-4.4.121-92.95.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP2:ocfs2-kmp-default-4.4.121-92.95.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP2:ocfs2-kmp-default-4.4.121-92.95.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-default-4.4.121-92.95.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-default-base-4.4.121-92.95.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-default-devel-4.4.121-92.95.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-devel-4.4.121-92.95.1.noarch", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-macros-4.4.121-92.95.1.noarch", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-source-4.4.121-92.95.1.noarch", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-syms-4.4.121-92.95.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:lttng-modules-2.7.1-9.6.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:lttng-modules-kmp-default-2.7.1_k4.4.121_92.95-9.6.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-4.4.121-92.95.1.ppc64le", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-4.4.121-92.95.1.s390x", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-4.4.121-92.95.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-base-4.4.121-92.95.1.ppc64le", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-base-4.4.121-92.95.1.s390x", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-base-4.4.121-92.95.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-devel-4.4.121-92.95.1.ppc64le", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-devel-4.4.121-92.95.1.s390x", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-devel-4.4.121-92.95.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-man-4.4.121-92.95.1.s390x", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-devel-4.4.121-92.95.1.noarch", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-macros-4.4.121-92.95.1.noarch", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-source-4.4.121-92.95.1.noarch", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-syms-4.4.121-92.95.1.ppc64le", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-syms-4.4.121-92.95.1.s390x", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-syms-4.4.121-92.95.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-LTSS:kgraft-patch-4_4_121-92_95-default-1-3.4.1.ppc64le", "SUSE Linux Enterprise Server 12 SP2-LTSS:kgraft-patch-4_4_121-92_95-default-1-3.4.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-LTSS:lttng-modules-2.7.1-9.6.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-LTSS:lttng-modules-kmp-default-2.7.1_k4.4.121_92.95-9.6.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-4.4.121-92.95.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-4.4.121-92.95.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-base-4.4.121-92.95.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-base-4.4.121-92.95.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-devel-4.4.121-92.95.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-devel-4.4.121-92.95.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-devel-4.4.121-92.95.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-macros-4.4.121-92.95.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-source-4.4.121-92.95.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-syms-4.4.121-92.95.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-syms-4.4.121-92.95.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kgraft-patch-4_4_121-92_95-default-1-3.4.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kgraft-patch-4_4_121-92_95-default-1-3.4.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:lttng-modules-2.7.1-9.6.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:lttng-modules-kmp-default-2.7.1_k4.4.121_92.95-9.6.1.x86_64", "SUSE OpenStack Cloud 7:kernel-default-4.4.121-92.95.1.s390x", "SUSE OpenStack Cloud 7:kernel-default-4.4.121-92.95.1.x86_64", "SUSE OpenStack Cloud 7:kernel-default-base-4.4.121-92.95.1.s390x", "SUSE OpenStack Cloud 7:kernel-default-base-4.4.121-92.95.1.x86_64", "SUSE OpenStack Cloud 7:kernel-default-devel-4.4.121-92.95.1.s390x", "SUSE OpenStack Cloud 7:kernel-default-devel-4.4.121-92.95.1.x86_64", "SUSE OpenStack Cloud 7:kernel-default-man-4.4.121-92.95.1.s390x", "SUSE OpenStack Cloud 7:kernel-devel-4.4.121-92.95.1.noarch", "SUSE OpenStack Cloud 7:kernel-macros-4.4.121-92.95.1.noarch", "SUSE OpenStack Cloud 7:kernel-source-4.4.121-92.95.1.noarch", "SUSE OpenStack Cloud 7:kernel-syms-4.4.121-92.95.1.s390x", "SUSE OpenStack Cloud 7:kernel-syms-4.4.121-92.95.1.x86_64", "SUSE OpenStack Cloud 7:kgraft-patch-4_4_121-92_95-default-1-3.4.1.x86_64", "SUSE OpenStack Cloud 7:lttng-modules-2.7.1-9.6.1.x86_64", "SUSE OpenStack Cloud 7:lttng-modules-kmp-default-2.7.1_k4.4.121_92.95-9.6.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2018-10-09T12:00:14Z", details: "moderate", }, ], title: "CVE-2018-14678", }, { cve: "CVE-2018-15572", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2018-15572", }, ], notes: [ { category: "general", text: "The spectre_v2_select_mitigation function in arch/x86/kernel/cpu/bugs.c in the Linux kernel before 4.18.1 does not always fill RSB upon a context switch, which makes it easier for attackers to conduct userspace-userspace spectreRSB attacks.", title: "CVE description", }, ], product_status: { recommended: [ "SUSE Enterprise Storage 4:kernel-default-4.4.121-92.95.1.x86_64", "SUSE Enterprise Storage 4:kernel-default-base-4.4.121-92.95.1.x86_64", "SUSE Enterprise Storage 4:kernel-default-devel-4.4.121-92.95.1.x86_64", "SUSE Enterprise Storage 4:kernel-devel-4.4.121-92.95.1.noarch", "SUSE Enterprise Storage 4:kernel-macros-4.4.121-92.95.1.noarch", "SUSE Enterprise Storage 4:kernel-source-4.4.121-92.95.1.noarch", "SUSE Enterprise Storage 4:kernel-syms-4.4.121-92.95.1.x86_64", "SUSE Enterprise Storage 4:kgraft-patch-4_4_121-92_95-default-1-3.4.1.x86_64", "SUSE Enterprise Storage 4:lttng-modules-2.7.1-9.6.1.x86_64", "SUSE Enterprise Storage 4:lttng-modules-kmp-default-2.7.1_k4.4.121_92.95-9.6.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP2:cluster-md-kmp-default-4.4.121-92.95.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP2:cluster-md-kmp-default-4.4.121-92.95.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP2:cluster-md-kmp-default-4.4.121-92.95.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP2:cluster-network-kmp-default-4.4.121-92.95.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP2:cluster-network-kmp-default-4.4.121-92.95.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP2:cluster-network-kmp-default-4.4.121-92.95.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP2:dlm-kmp-default-4.4.121-92.95.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP2:dlm-kmp-default-4.4.121-92.95.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP2:dlm-kmp-default-4.4.121-92.95.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP2:gfs2-kmp-default-4.4.121-92.95.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP2:gfs2-kmp-default-4.4.121-92.95.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP2:gfs2-kmp-default-4.4.121-92.95.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP2:ocfs2-kmp-default-4.4.121-92.95.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP2:ocfs2-kmp-default-4.4.121-92.95.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP2:ocfs2-kmp-default-4.4.121-92.95.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-default-4.4.121-92.95.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-default-base-4.4.121-92.95.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-default-devel-4.4.121-92.95.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-devel-4.4.121-92.95.1.noarch", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-macros-4.4.121-92.95.1.noarch", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-source-4.4.121-92.95.1.noarch", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-syms-4.4.121-92.95.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:lttng-modules-2.7.1-9.6.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:lttng-modules-kmp-default-2.7.1_k4.4.121_92.95-9.6.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-4.4.121-92.95.1.ppc64le", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-4.4.121-92.95.1.s390x", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-4.4.121-92.95.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-base-4.4.121-92.95.1.ppc64le", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-base-4.4.121-92.95.1.s390x", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-base-4.4.121-92.95.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-devel-4.4.121-92.95.1.ppc64le", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-devel-4.4.121-92.95.1.s390x", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-devel-4.4.121-92.95.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-man-4.4.121-92.95.1.s390x", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-devel-4.4.121-92.95.1.noarch", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-macros-4.4.121-92.95.1.noarch", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-source-4.4.121-92.95.1.noarch", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-syms-4.4.121-92.95.1.ppc64le", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-syms-4.4.121-92.95.1.s390x", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-syms-4.4.121-92.95.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-LTSS:kgraft-patch-4_4_121-92_95-default-1-3.4.1.ppc64le", "SUSE Linux Enterprise Server 12 SP2-LTSS:kgraft-patch-4_4_121-92_95-default-1-3.4.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-LTSS:lttng-modules-2.7.1-9.6.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-LTSS:lttng-modules-kmp-default-2.7.1_k4.4.121_92.95-9.6.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-4.4.121-92.95.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-4.4.121-92.95.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-base-4.4.121-92.95.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-base-4.4.121-92.95.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-devel-4.4.121-92.95.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-devel-4.4.121-92.95.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-devel-4.4.121-92.95.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-macros-4.4.121-92.95.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-source-4.4.121-92.95.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-syms-4.4.121-92.95.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-syms-4.4.121-92.95.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kgraft-patch-4_4_121-92_95-default-1-3.4.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kgraft-patch-4_4_121-92_95-default-1-3.4.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:lttng-modules-2.7.1-9.6.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:lttng-modules-kmp-default-2.7.1_k4.4.121_92.95-9.6.1.x86_64", "SUSE OpenStack Cloud 7:kernel-default-4.4.121-92.95.1.s390x", "SUSE OpenStack Cloud 7:kernel-default-4.4.121-92.95.1.x86_64", "SUSE OpenStack Cloud 7:kernel-default-base-4.4.121-92.95.1.s390x", "SUSE OpenStack Cloud 7:kernel-default-base-4.4.121-92.95.1.x86_64", "SUSE OpenStack Cloud 7:kernel-default-devel-4.4.121-92.95.1.s390x", "SUSE OpenStack Cloud 7:kernel-default-devel-4.4.121-92.95.1.x86_64", "SUSE OpenStack Cloud 7:kernel-default-man-4.4.121-92.95.1.s390x", "SUSE OpenStack Cloud 7:kernel-devel-4.4.121-92.95.1.noarch", "SUSE OpenStack Cloud 7:kernel-macros-4.4.121-92.95.1.noarch", "SUSE OpenStack Cloud 7:kernel-source-4.4.121-92.95.1.noarch", "SUSE OpenStack Cloud 7:kernel-syms-4.4.121-92.95.1.s390x", "SUSE OpenStack Cloud 7:kernel-syms-4.4.121-92.95.1.x86_64", "SUSE OpenStack Cloud 7:kgraft-patch-4_4_121-92_95-default-1-3.4.1.x86_64", "SUSE OpenStack Cloud 7:lttng-modules-2.7.1-9.6.1.x86_64", "SUSE OpenStack Cloud 7:lttng-modules-kmp-default-2.7.1_k4.4.121_92.95-9.6.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2018-15572", url: "https://www.suse.com/security/cve/CVE-2018-15572", }, { category: "external", summary: "SUSE Bug 1102517 for CVE-2018-15572", url: "https://bugzilla.suse.com/1102517", }, { category: "external", summary: "SUSE Bug 1105296 for CVE-2018-15572", url: "https://bugzilla.suse.com/1105296", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE Enterprise Storage 4:kernel-default-4.4.121-92.95.1.x86_64", "SUSE Enterprise Storage 4:kernel-default-base-4.4.121-92.95.1.x86_64", "SUSE Enterprise Storage 4:kernel-default-devel-4.4.121-92.95.1.x86_64", "SUSE Enterprise Storage 4:kernel-devel-4.4.121-92.95.1.noarch", "SUSE Enterprise Storage 4:kernel-macros-4.4.121-92.95.1.noarch", "SUSE Enterprise Storage 4:kernel-source-4.4.121-92.95.1.noarch", "SUSE Enterprise Storage 4:kernel-syms-4.4.121-92.95.1.x86_64", "SUSE Enterprise Storage 4:kgraft-patch-4_4_121-92_95-default-1-3.4.1.x86_64", "SUSE Enterprise Storage 4:lttng-modules-2.7.1-9.6.1.x86_64", "SUSE Enterprise Storage 4:lttng-modules-kmp-default-2.7.1_k4.4.121_92.95-9.6.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP2:cluster-md-kmp-default-4.4.121-92.95.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP2:cluster-md-kmp-default-4.4.121-92.95.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP2:cluster-md-kmp-default-4.4.121-92.95.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP2:cluster-network-kmp-default-4.4.121-92.95.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP2:cluster-network-kmp-default-4.4.121-92.95.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP2:cluster-network-kmp-default-4.4.121-92.95.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP2:dlm-kmp-default-4.4.121-92.95.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP2:dlm-kmp-default-4.4.121-92.95.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP2:dlm-kmp-default-4.4.121-92.95.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP2:gfs2-kmp-default-4.4.121-92.95.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP2:gfs2-kmp-default-4.4.121-92.95.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP2:gfs2-kmp-default-4.4.121-92.95.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP2:ocfs2-kmp-default-4.4.121-92.95.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP2:ocfs2-kmp-default-4.4.121-92.95.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP2:ocfs2-kmp-default-4.4.121-92.95.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-default-4.4.121-92.95.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-default-base-4.4.121-92.95.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-default-devel-4.4.121-92.95.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-devel-4.4.121-92.95.1.noarch", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-macros-4.4.121-92.95.1.noarch", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-source-4.4.121-92.95.1.noarch", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-syms-4.4.121-92.95.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:lttng-modules-2.7.1-9.6.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:lttng-modules-kmp-default-2.7.1_k4.4.121_92.95-9.6.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-4.4.121-92.95.1.ppc64le", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-4.4.121-92.95.1.s390x", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-4.4.121-92.95.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-base-4.4.121-92.95.1.ppc64le", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-base-4.4.121-92.95.1.s390x", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-base-4.4.121-92.95.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-devel-4.4.121-92.95.1.ppc64le", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-devel-4.4.121-92.95.1.s390x", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-devel-4.4.121-92.95.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-man-4.4.121-92.95.1.s390x", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-devel-4.4.121-92.95.1.noarch", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-macros-4.4.121-92.95.1.noarch", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-source-4.4.121-92.95.1.noarch", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-syms-4.4.121-92.95.1.ppc64le", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-syms-4.4.121-92.95.1.s390x", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-syms-4.4.121-92.95.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-LTSS:kgraft-patch-4_4_121-92_95-default-1-3.4.1.ppc64le", "SUSE Linux Enterprise Server 12 SP2-LTSS:kgraft-patch-4_4_121-92_95-default-1-3.4.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-LTSS:lttng-modules-2.7.1-9.6.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-LTSS:lttng-modules-kmp-default-2.7.1_k4.4.121_92.95-9.6.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-4.4.121-92.95.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-4.4.121-92.95.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-base-4.4.121-92.95.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-base-4.4.121-92.95.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-devel-4.4.121-92.95.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-devel-4.4.121-92.95.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-devel-4.4.121-92.95.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-macros-4.4.121-92.95.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-source-4.4.121-92.95.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-syms-4.4.121-92.95.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-syms-4.4.121-92.95.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kgraft-patch-4_4_121-92_95-default-1-3.4.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kgraft-patch-4_4_121-92_95-default-1-3.4.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:lttng-modules-2.7.1-9.6.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:lttng-modules-kmp-default-2.7.1_k4.4.121_92.95-9.6.1.x86_64", "SUSE OpenStack Cloud 7:kernel-default-4.4.121-92.95.1.s390x", "SUSE OpenStack Cloud 7:kernel-default-4.4.121-92.95.1.x86_64", "SUSE OpenStack Cloud 7:kernel-default-base-4.4.121-92.95.1.s390x", "SUSE OpenStack Cloud 7:kernel-default-base-4.4.121-92.95.1.x86_64", "SUSE OpenStack Cloud 7:kernel-default-devel-4.4.121-92.95.1.s390x", "SUSE OpenStack Cloud 7:kernel-default-devel-4.4.121-92.95.1.x86_64", "SUSE OpenStack Cloud 7:kernel-default-man-4.4.121-92.95.1.s390x", "SUSE OpenStack Cloud 7:kernel-devel-4.4.121-92.95.1.noarch", "SUSE OpenStack Cloud 7:kernel-macros-4.4.121-92.95.1.noarch", "SUSE OpenStack Cloud 7:kernel-source-4.4.121-92.95.1.noarch", "SUSE OpenStack Cloud 7:kernel-syms-4.4.121-92.95.1.s390x", "SUSE OpenStack Cloud 7:kernel-syms-4.4.121-92.95.1.x86_64", "SUSE OpenStack Cloud 7:kgraft-patch-4_4_121-92_95-default-1-3.4.1.x86_64", "SUSE OpenStack Cloud 7:lttng-modules-2.7.1-9.6.1.x86_64", "SUSE OpenStack Cloud 7:lttng-modules-kmp-default-2.7.1_k4.4.121_92.95-9.6.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 4.7, baseSeverity: "MEDIUM", vectorString: "CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N", version: "3.0", }, products: [ "SUSE Enterprise Storage 4:kernel-default-4.4.121-92.95.1.x86_64", "SUSE Enterprise Storage 4:kernel-default-base-4.4.121-92.95.1.x86_64", "SUSE Enterprise Storage 4:kernel-default-devel-4.4.121-92.95.1.x86_64", "SUSE Enterprise Storage 4:kernel-devel-4.4.121-92.95.1.noarch", "SUSE Enterprise Storage 4:kernel-macros-4.4.121-92.95.1.noarch", "SUSE Enterprise Storage 4:kernel-source-4.4.121-92.95.1.noarch", "SUSE Enterprise Storage 4:kernel-syms-4.4.121-92.95.1.x86_64", "SUSE Enterprise Storage 4:kgraft-patch-4_4_121-92_95-default-1-3.4.1.x86_64", "SUSE Enterprise Storage 4:lttng-modules-2.7.1-9.6.1.x86_64", "SUSE Enterprise Storage 4:lttng-modules-kmp-default-2.7.1_k4.4.121_92.95-9.6.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP2:cluster-md-kmp-default-4.4.121-92.95.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP2:cluster-md-kmp-default-4.4.121-92.95.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP2:cluster-md-kmp-default-4.4.121-92.95.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP2:cluster-network-kmp-default-4.4.121-92.95.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP2:cluster-network-kmp-default-4.4.121-92.95.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP2:cluster-network-kmp-default-4.4.121-92.95.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP2:dlm-kmp-default-4.4.121-92.95.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP2:dlm-kmp-default-4.4.121-92.95.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP2:dlm-kmp-default-4.4.121-92.95.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP2:gfs2-kmp-default-4.4.121-92.95.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP2:gfs2-kmp-default-4.4.121-92.95.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP2:gfs2-kmp-default-4.4.121-92.95.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP2:ocfs2-kmp-default-4.4.121-92.95.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP2:ocfs2-kmp-default-4.4.121-92.95.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP2:ocfs2-kmp-default-4.4.121-92.95.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-default-4.4.121-92.95.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-default-base-4.4.121-92.95.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-default-devel-4.4.121-92.95.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-devel-4.4.121-92.95.1.noarch", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-macros-4.4.121-92.95.1.noarch", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-source-4.4.121-92.95.1.noarch", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-syms-4.4.121-92.95.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:lttng-modules-2.7.1-9.6.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:lttng-modules-kmp-default-2.7.1_k4.4.121_92.95-9.6.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-4.4.121-92.95.1.ppc64le", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-4.4.121-92.95.1.s390x", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-4.4.121-92.95.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-base-4.4.121-92.95.1.ppc64le", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-base-4.4.121-92.95.1.s390x", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-base-4.4.121-92.95.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-devel-4.4.121-92.95.1.ppc64le", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-devel-4.4.121-92.95.1.s390x", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-devel-4.4.121-92.95.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-man-4.4.121-92.95.1.s390x", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-devel-4.4.121-92.95.1.noarch", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-macros-4.4.121-92.95.1.noarch", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-source-4.4.121-92.95.1.noarch", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-syms-4.4.121-92.95.1.ppc64le", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-syms-4.4.121-92.95.1.s390x", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-syms-4.4.121-92.95.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-LTSS:kgraft-patch-4_4_121-92_95-default-1-3.4.1.ppc64le", "SUSE Linux Enterprise Server 12 SP2-LTSS:kgraft-patch-4_4_121-92_95-default-1-3.4.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-LTSS:lttng-modules-2.7.1-9.6.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-LTSS:lttng-modules-kmp-default-2.7.1_k4.4.121_92.95-9.6.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-4.4.121-92.95.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-4.4.121-92.95.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-base-4.4.121-92.95.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-base-4.4.121-92.95.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-devel-4.4.121-92.95.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-devel-4.4.121-92.95.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-devel-4.4.121-92.95.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-macros-4.4.121-92.95.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-source-4.4.121-92.95.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-syms-4.4.121-92.95.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-syms-4.4.121-92.95.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kgraft-patch-4_4_121-92_95-default-1-3.4.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kgraft-patch-4_4_121-92_95-default-1-3.4.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:lttng-modules-2.7.1-9.6.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:lttng-modules-kmp-default-2.7.1_k4.4.121_92.95-9.6.1.x86_64", "SUSE OpenStack Cloud 7:kernel-default-4.4.121-92.95.1.s390x", "SUSE OpenStack Cloud 7:kernel-default-4.4.121-92.95.1.x86_64", "SUSE OpenStack Cloud 7:kernel-default-base-4.4.121-92.95.1.s390x", "SUSE OpenStack Cloud 7:kernel-default-base-4.4.121-92.95.1.x86_64", "SUSE OpenStack Cloud 7:kernel-default-devel-4.4.121-92.95.1.s390x", "SUSE OpenStack Cloud 7:kernel-default-devel-4.4.121-92.95.1.x86_64", "SUSE OpenStack Cloud 7:kernel-default-man-4.4.121-92.95.1.s390x", "SUSE OpenStack Cloud 7:kernel-devel-4.4.121-92.95.1.noarch", "SUSE OpenStack Cloud 7:kernel-macros-4.4.121-92.95.1.noarch", "SUSE OpenStack Cloud 7:kernel-source-4.4.121-92.95.1.noarch", "SUSE OpenStack Cloud 7:kernel-syms-4.4.121-92.95.1.s390x", "SUSE OpenStack Cloud 7:kernel-syms-4.4.121-92.95.1.x86_64", "SUSE OpenStack Cloud 7:kgraft-patch-4_4_121-92_95-default-1-3.4.1.x86_64", "SUSE OpenStack Cloud 7:lttng-modules-2.7.1-9.6.1.x86_64", "SUSE OpenStack Cloud 7:lttng-modules-kmp-default-2.7.1_k4.4.121_92.95-9.6.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2018-10-09T12:00:14Z", details: "important", }, ], title: "CVE-2018-15572", }, { cve: "CVE-2018-15594", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2018-15594", }, ], notes: [ { category: "general", text: "arch/x86/kernel/paravirt.c in the Linux kernel before 4.18.1 mishandles certain indirect calls, which makes it easier for attackers to conduct Spectre-v2 attacks against paravirtual guests.", title: "CVE description", }, ], product_status: { recommended: [ "SUSE Enterprise Storage 4:kernel-default-4.4.121-92.95.1.x86_64", "SUSE Enterprise Storage 4:kernel-default-base-4.4.121-92.95.1.x86_64", "SUSE Enterprise Storage 4:kernel-default-devel-4.4.121-92.95.1.x86_64", "SUSE Enterprise Storage 4:kernel-devel-4.4.121-92.95.1.noarch", "SUSE Enterprise Storage 4:kernel-macros-4.4.121-92.95.1.noarch", "SUSE Enterprise Storage 4:kernel-source-4.4.121-92.95.1.noarch", "SUSE Enterprise Storage 4:kernel-syms-4.4.121-92.95.1.x86_64", "SUSE Enterprise Storage 4:kgraft-patch-4_4_121-92_95-default-1-3.4.1.x86_64", "SUSE Enterprise Storage 4:lttng-modules-2.7.1-9.6.1.x86_64", "SUSE Enterprise Storage 4:lttng-modules-kmp-default-2.7.1_k4.4.121_92.95-9.6.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP2:cluster-md-kmp-default-4.4.121-92.95.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP2:cluster-md-kmp-default-4.4.121-92.95.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP2:cluster-md-kmp-default-4.4.121-92.95.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP2:cluster-network-kmp-default-4.4.121-92.95.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP2:cluster-network-kmp-default-4.4.121-92.95.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP2:cluster-network-kmp-default-4.4.121-92.95.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP2:dlm-kmp-default-4.4.121-92.95.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP2:dlm-kmp-default-4.4.121-92.95.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP2:dlm-kmp-default-4.4.121-92.95.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP2:gfs2-kmp-default-4.4.121-92.95.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP2:gfs2-kmp-default-4.4.121-92.95.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP2:gfs2-kmp-default-4.4.121-92.95.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP2:ocfs2-kmp-default-4.4.121-92.95.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP2:ocfs2-kmp-default-4.4.121-92.95.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP2:ocfs2-kmp-default-4.4.121-92.95.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-default-4.4.121-92.95.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-default-base-4.4.121-92.95.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-default-devel-4.4.121-92.95.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-devel-4.4.121-92.95.1.noarch", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-macros-4.4.121-92.95.1.noarch", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-source-4.4.121-92.95.1.noarch", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-syms-4.4.121-92.95.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:lttng-modules-2.7.1-9.6.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:lttng-modules-kmp-default-2.7.1_k4.4.121_92.95-9.6.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-4.4.121-92.95.1.ppc64le", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-4.4.121-92.95.1.s390x", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-4.4.121-92.95.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-base-4.4.121-92.95.1.ppc64le", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-base-4.4.121-92.95.1.s390x", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-base-4.4.121-92.95.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-devel-4.4.121-92.95.1.ppc64le", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-devel-4.4.121-92.95.1.s390x", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-devel-4.4.121-92.95.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-man-4.4.121-92.95.1.s390x", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-devel-4.4.121-92.95.1.noarch", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-macros-4.4.121-92.95.1.noarch", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-source-4.4.121-92.95.1.noarch", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-syms-4.4.121-92.95.1.ppc64le", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-syms-4.4.121-92.95.1.s390x", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-syms-4.4.121-92.95.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-LTSS:kgraft-patch-4_4_121-92_95-default-1-3.4.1.ppc64le", "SUSE Linux Enterprise Server 12 SP2-LTSS:kgraft-patch-4_4_121-92_95-default-1-3.4.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-LTSS:lttng-modules-2.7.1-9.6.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-LTSS:lttng-modules-kmp-default-2.7.1_k4.4.121_92.95-9.6.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-4.4.121-92.95.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-4.4.121-92.95.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-base-4.4.121-92.95.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-base-4.4.121-92.95.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-devel-4.4.121-92.95.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-devel-4.4.121-92.95.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-devel-4.4.121-92.95.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-macros-4.4.121-92.95.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-source-4.4.121-92.95.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-syms-4.4.121-92.95.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-syms-4.4.121-92.95.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kgraft-patch-4_4_121-92_95-default-1-3.4.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kgraft-patch-4_4_121-92_95-default-1-3.4.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:lttng-modules-2.7.1-9.6.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:lttng-modules-kmp-default-2.7.1_k4.4.121_92.95-9.6.1.x86_64", "SUSE OpenStack Cloud 7:kernel-default-4.4.121-92.95.1.s390x", "SUSE OpenStack Cloud 7:kernel-default-4.4.121-92.95.1.x86_64", "SUSE OpenStack Cloud 7:kernel-default-base-4.4.121-92.95.1.s390x", "SUSE OpenStack Cloud 7:kernel-default-base-4.4.121-92.95.1.x86_64", "SUSE OpenStack Cloud 7:kernel-default-devel-4.4.121-92.95.1.s390x", "SUSE OpenStack Cloud 7:kernel-default-devel-4.4.121-92.95.1.x86_64", "SUSE OpenStack Cloud 7:kernel-default-man-4.4.121-92.95.1.s390x", "SUSE OpenStack Cloud 7:kernel-devel-4.4.121-92.95.1.noarch", "SUSE OpenStack Cloud 7:kernel-macros-4.4.121-92.95.1.noarch", "SUSE OpenStack Cloud 7:kernel-source-4.4.121-92.95.1.noarch", "SUSE OpenStack Cloud 7:kernel-syms-4.4.121-92.95.1.s390x", "SUSE OpenStack Cloud 7:kernel-syms-4.4.121-92.95.1.x86_64", "SUSE OpenStack Cloud 7:kgraft-patch-4_4_121-92_95-default-1-3.4.1.x86_64", "SUSE OpenStack Cloud 7:lttng-modules-2.7.1-9.6.1.x86_64", "SUSE OpenStack Cloud 7:lttng-modules-kmp-default-2.7.1_k4.4.121_92.95-9.6.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2018-15594", url: "https://www.suse.com/security/cve/CVE-2018-15594", }, { category: "external", summary: "SUSE Bug 1105348 for CVE-2018-15594", url: "https://bugzilla.suse.com/1105348", }, { category: "external", summary: "SUSE Bug 1133319 for CVE-2018-15594", url: "https://bugzilla.suse.com/1133319", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE Enterprise Storage 4:kernel-default-4.4.121-92.95.1.x86_64", "SUSE Enterprise Storage 4:kernel-default-base-4.4.121-92.95.1.x86_64", "SUSE Enterprise Storage 4:kernel-default-devel-4.4.121-92.95.1.x86_64", "SUSE Enterprise Storage 4:kernel-devel-4.4.121-92.95.1.noarch", "SUSE Enterprise Storage 4:kernel-macros-4.4.121-92.95.1.noarch", "SUSE Enterprise Storage 4:kernel-source-4.4.121-92.95.1.noarch", "SUSE Enterprise Storage 4:kernel-syms-4.4.121-92.95.1.x86_64", "SUSE Enterprise Storage 4:kgraft-patch-4_4_121-92_95-default-1-3.4.1.x86_64", "SUSE Enterprise Storage 4:lttng-modules-2.7.1-9.6.1.x86_64", "SUSE Enterprise Storage 4:lttng-modules-kmp-default-2.7.1_k4.4.121_92.95-9.6.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP2:cluster-md-kmp-default-4.4.121-92.95.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP2:cluster-md-kmp-default-4.4.121-92.95.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP2:cluster-md-kmp-default-4.4.121-92.95.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP2:cluster-network-kmp-default-4.4.121-92.95.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP2:cluster-network-kmp-default-4.4.121-92.95.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP2:cluster-network-kmp-default-4.4.121-92.95.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP2:dlm-kmp-default-4.4.121-92.95.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP2:dlm-kmp-default-4.4.121-92.95.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP2:dlm-kmp-default-4.4.121-92.95.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP2:gfs2-kmp-default-4.4.121-92.95.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP2:gfs2-kmp-default-4.4.121-92.95.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP2:gfs2-kmp-default-4.4.121-92.95.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP2:ocfs2-kmp-default-4.4.121-92.95.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP2:ocfs2-kmp-default-4.4.121-92.95.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP2:ocfs2-kmp-default-4.4.121-92.95.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-default-4.4.121-92.95.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-default-base-4.4.121-92.95.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-default-devel-4.4.121-92.95.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-devel-4.4.121-92.95.1.noarch", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-macros-4.4.121-92.95.1.noarch", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-source-4.4.121-92.95.1.noarch", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-syms-4.4.121-92.95.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:lttng-modules-2.7.1-9.6.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:lttng-modules-kmp-default-2.7.1_k4.4.121_92.95-9.6.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-4.4.121-92.95.1.ppc64le", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-4.4.121-92.95.1.s390x", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-4.4.121-92.95.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-base-4.4.121-92.95.1.ppc64le", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-base-4.4.121-92.95.1.s390x", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-base-4.4.121-92.95.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-devel-4.4.121-92.95.1.ppc64le", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-devel-4.4.121-92.95.1.s390x", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-devel-4.4.121-92.95.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-man-4.4.121-92.95.1.s390x", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-devel-4.4.121-92.95.1.noarch", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-macros-4.4.121-92.95.1.noarch", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-source-4.4.121-92.95.1.noarch", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-syms-4.4.121-92.95.1.ppc64le", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-syms-4.4.121-92.95.1.s390x", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-syms-4.4.121-92.95.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-LTSS:kgraft-patch-4_4_121-92_95-default-1-3.4.1.ppc64le", "SUSE Linux Enterprise Server 12 SP2-LTSS:kgraft-patch-4_4_121-92_95-default-1-3.4.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-LTSS:lttng-modules-2.7.1-9.6.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-LTSS:lttng-modules-kmp-default-2.7.1_k4.4.121_92.95-9.6.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-4.4.121-92.95.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-4.4.121-92.95.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-base-4.4.121-92.95.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-base-4.4.121-92.95.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-devel-4.4.121-92.95.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-devel-4.4.121-92.95.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-devel-4.4.121-92.95.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-macros-4.4.121-92.95.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-source-4.4.121-92.95.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-syms-4.4.121-92.95.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-syms-4.4.121-92.95.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kgraft-patch-4_4_121-92_95-default-1-3.4.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kgraft-patch-4_4_121-92_95-default-1-3.4.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:lttng-modules-2.7.1-9.6.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:lttng-modules-kmp-default-2.7.1_k4.4.121_92.95-9.6.1.x86_64", "SUSE OpenStack Cloud 7:kernel-default-4.4.121-92.95.1.s390x", "SUSE OpenStack Cloud 7:kernel-default-4.4.121-92.95.1.x86_64", "SUSE OpenStack Cloud 7:kernel-default-base-4.4.121-92.95.1.s390x", "SUSE OpenStack Cloud 7:kernel-default-base-4.4.121-92.95.1.x86_64", "SUSE OpenStack Cloud 7:kernel-default-devel-4.4.121-92.95.1.s390x", "SUSE OpenStack Cloud 7:kernel-default-devel-4.4.121-92.95.1.x86_64", "SUSE OpenStack Cloud 7:kernel-default-man-4.4.121-92.95.1.s390x", "SUSE OpenStack Cloud 7:kernel-devel-4.4.121-92.95.1.noarch", "SUSE OpenStack Cloud 7:kernel-macros-4.4.121-92.95.1.noarch", "SUSE OpenStack Cloud 7:kernel-source-4.4.121-92.95.1.noarch", "SUSE OpenStack Cloud 7:kernel-syms-4.4.121-92.95.1.s390x", "SUSE OpenStack Cloud 7:kernel-syms-4.4.121-92.95.1.x86_64", "SUSE OpenStack Cloud 7:kgraft-patch-4_4_121-92_95-default-1-3.4.1.x86_64", "SUSE OpenStack Cloud 7:lttng-modules-2.7.1-9.6.1.x86_64", "SUSE OpenStack Cloud 7:lttng-modules-kmp-default-2.7.1_k4.4.121_92.95-9.6.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 5.5, baseSeverity: "MEDIUM", vectorString: "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N", version: "3.0", }, products: [ "SUSE Enterprise Storage 4:kernel-default-4.4.121-92.95.1.x86_64", "SUSE Enterprise Storage 4:kernel-default-base-4.4.121-92.95.1.x86_64", "SUSE Enterprise Storage 4:kernel-default-devel-4.4.121-92.95.1.x86_64", "SUSE Enterprise Storage 4:kernel-devel-4.4.121-92.95.1.noarch", "SUSE Enterprise Storage 4:kernel-macros-4.4.121-92.95.1.noarch", "SUSE Enterprise Storage 4:kernel-source-4.4.121-92.95.1.noarch", "SUSE Enterprise Storage 4:kernel-syms-4.4.121-92.95.1.x86_64", "SUSE Enterprise Storage 4:kgraft-patch-4_4_121-92_95-default-1-3.4.1.x86_64", "SUSE Enterprise Storage 4:lttng-modules-2.7.1-9.6.1.x86_64", "SUSE Enterprise Storage 4:lttng-modules-kmp-default-2.7.1_k4.4.121_92.95-9.6.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP2:cluster-md-kmp-default-4.4.121-92.95.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP2:cluster-md-kmp-default-4.4.121-92.95.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP2:cluster-md-kmp-default-4.4.121-92.95.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP2:cluster-network-kmp-default-4.4.121-92.95.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP2:cluster-network-kmp-default-4.4.121-92.95.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP2:cluster-network-kmp-default-4.4.121-92.95.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP2:dlm-kmp-default-4.4.121-92.95.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP2:dlm-kmp-default-4.4.121-92.95.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP2:dlm-kmp-default-4.4.121-92.95.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP2:gfs2-kmp-default-4.4.121-92.95.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP2:gfs2-kmp-default-4.4.121-92.95.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP2:gfs2-kmp-default-4.4.121-92.95.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP2:ocfs2-kmp-default-4.4.121-92.95.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP2:ocfs2-kmp-default-4.4.121-92.95.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP2:ocfs2-kmp-default-4.4.121-92.95.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-default-4.4.121-92.95.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-default-base-4.4.121-92.95.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-default-devel-4.4.121-92.95.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-devel-4.4.121-92.95.1.noarch", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-macros-4.4.121-92.95.1.noarch", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-source-4.4.121-92.95.1.noarch", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-syms-4.4.121-92.95.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:lttng-modules-2.7.1-9.6.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:lttng-modules-kmp-default-2.7.1_k4.4.121_92.95-9.6.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-4.4.121-92.95.1.ppc64le", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-4.4.121-92.95.1.s390x", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-4.4.121-92.95.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-base-4.4.121-92.95.1.ppc64le", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-base-4.4.121-92.95.1.s390x", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-base-4.4.121-92.95.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-devel-4.4.121-92.95.1.ppc64le", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-devel-4.4.121-92.95.1.s390x", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-devel-4.4.121-92.95.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-man-4.4.121-92.95.1.s390x", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-devel-4.4.121-92.95.1.noarch", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-macros-4.4.121-92.95.1.noarch", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-source-4.4.121-92.95.1.noarch", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-syms-4.4.121-92.95.1.ppc64le", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-syms-4.4.121-92.95.1.s390x", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-syms-4.4.121-92.95.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-LTSS:kgraft-patch-4_4_121-92_95-default-1-3.4.1.ppc64le", "SUSE Linux Enterprise Server 12 SP2-LTSS:kgraft-patch-4_4_121-92_95-default-1-3.4.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-LTSS:lttng-modules-2.7.1-9.6.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-LTSS:lttng-modules-kmp-default-2.7.1_k4.4.121_92.95-9.6.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-4.4.121-92.95.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-4.4.121-92.95.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-base-4.4.121-92.95.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-base-4.4.121-92.95.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-devel-4.4.121-92.95.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-devel-4.4.121-92.95.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-devel-4.4.121-92.95.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-macros-4.4.121-92.95.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-source-4.4.121-92.95.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-syms-4.4.121-92.95.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-syms-4.4.121-92.95.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kgraft-patch-4_4_121-92_95-default-1-3.4.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kgraft-patch-4_4_121-92_95-default-1-3.4.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:lttng-modules-2.7.1-9.6.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:lttng-modules-kmp-default-2.7.1_k4.4.121_92.95-9.6.1.x86_64", "SUSE OpenStack Cloud 7:kernel-default-4.4.121-92.95.1.s390x", "SUSE OpenStack Cloud 7:kernel-default-4.4.121-92.95.1.x86_64", "SUSE OpenStack Cloud 7:kernel-default-base-4.4.121-92.95.1.s390x", "SUSE OpenStack Cloud 7:kernel-default-base-4.4.121-92.95.1.x86_64", "SUSE OpenStack Cloud 7:kernel-default-devel-4.4.121-92.95.1.s390x", "SUSE OpenStack Cloud 7:kernel-default-devel-4.4.121-92.95.1.x86_64", "SUSE OpenStack Cloud 7:kernel-default-man-4.4.121-92.95.1.s390x", "SUSE OpenStack Cloud 7:kernel-devel-4.4.121-92.95.1.noarch", "SUSE OpenStack Cloud 7:kernel-macros-4.4.121-92.95.1.noarch", "SUSE OpenStack Cloud 7:kernel-source-4.4.121-92.95.1.noarch", "SUSE OpenStack Cloud 7:kernel-syms-4.4.121-92.95.1.s390x", "SUSE OpenStack Cloud 7:kernel-syms-4.4.121-92.95.1.x86_64", "SUSE OpenStack Cloud 7:kgraft-patch-4_4_121-92_95-default-1-3.4.1.x86_64", "SUSE OpenStack Cloud 7:lttng-modules-2.7.1-9.6.1.x86_64", "SUSE OpenStack Cloud 7:lttng-modules-kmp-default-2.7.1_k4.4.121_92.95-9.6.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2018-10-09T12:00:14Z", details: "moderate", }, ], title: "CVE-2018-15594", }, { cve: "CVE-2018-16276", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2018-16276", }, ], notes: [ { category: "general", text: "An issue was discovered in yurex_read in drivers/usb/misc/yurex.c in the Linux kernel before 4.17.7. Local attackers could use user access read/writes with incorrect bounds checking in the yurex USB driver to crash the kernel or potentially escalate privileges.", title: "CVE description", }, ], product_status: { recommended: [ "SUSE Enterprise Storage 4:kernel-default-4.4.121-92.95.1.x86_64", "SUSE Enterprise Storage 4:kernel-default-base-4.4.121-92.95.1.x86_64", "SUSE Enterprise Storage 4:kernel-default-devel-4.4.121-92.95.1.x86_64", "SUSE Enterprise Storage 4:kernel-devel-4.4.121-92.95.1.noarch", "SUSE Enterprise Storage 4:kernel-macros-4.4.121-92.95.1.noarch", "SUSE Enterprise Storage 4:kernel-source-4.4.121-92.95.1.noarch", "SUSE Enterprise Storage 4:kernel-syms-4.4.121-92.95.1.x86_64", "SUSE Enterprise Storage 4:kgraft-patch-4_4_121-92_95-default-1-3.4.1.x86_64", "SUSE Enterprise Storage 4:lttng-modules-2.7.1-9.6.1.x86_64", "SUSE Enterprise Storage 4:lttng-modules-kmp-default-2.7.1_k4.4.121_92.95-9.6.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP2:cluster-md-kmp-default-4.4.121-92.95.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP2:cluster-md-kmp-default-4.4.121-92.95.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP2:cluster-md-kmp-default-4.4.121-92.95.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP2:cluster-network-kmp-default-4.4.121-92.95.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP2:cluster-network-kmp-default-4.4.121-92.95.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP2:cluster-network-kmp-default-4.4.121-92.95.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP2:dlm-kmp-default-4.4.121-92.95.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP2:dlm-kmp-default-4.4.121-92.95.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP2:dlm-kmp-default-4.4.121-92.95.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP2:gfs2-kmp-default-4.4.121-92.95.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP2:gfs2-kmp-default-4.4.121-92.95.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP2:gfs2-kmp-default-4.4.121-92.95.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP2:ocfs2-kmp-default-4.4.121-92.95.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP2:ocfs2-kmp-default-4.4.121-92.95.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP2:ocfs2-kmp-default-4.4.121-92.95.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-default-4.4.121-92.95.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-default-base-4.4.121-92.95.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-default-devel-4.4.121-92.95.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-devel-4.4.121-92.95.1.noarch", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-macros-4.4.121-92.95.1.noarch", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-source-4.4.121-92.95.1.noarch", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-syms-4.4.121-92.95.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:lttng-modules-2.7.1-9.6.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:lttng-modules-kmp-default-2.7.1_k4.4.121_92.95-9.6.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-4.4.121-92.95.1.ppc64le", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-4.4.121-92.95.1.s390x", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-4.4.121-92.95.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-base-4.4.121-92.95.1.ppc64le", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-base-4.4.121-92.95.1.s390x", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-base-4.4.121-92.95.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-devel-4.4.121-92.95.1.ppc64le", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-devel-4.4.121-92.95.1.s390x", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-devel-4.4.121-92.95.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-man-4.4.121-92.95.1.s390x", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-devel-4.4.121-92.95.1.noarch", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-macros-4.4.121-92.95.1.noarch", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-source-4.4.121-92.95.1.noarch", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-syms-4.4.121-92.95.1.ppc64le", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-syms-4.4.121-92.95.1.s390x", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-syms-4.4.121-92.95.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-LTSS:kgraft-patch-4_4_121-92_95-default-1-3.4.1.ppc64le", "SUSE Linux Enterprise Server 12 SP2-LTSS:kgraft-patch-4_4_121-92_95-default-1-3.4.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-LTSS:lttng-modules-2.7.1-9.6.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-LTSS:lttng-modules-kmp-default-2.7.1_k4.4.121_92.95-9.6.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-4.4.121-92.95.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-4.4.121-92.95.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-base-4.4.121-92.95.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-base-4.4.121-92.95.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-devel-4.4.121-92.95.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-devel-4.4.121-92.95.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-devel-4.4.121-92.95.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-macros-4.4.121-92.95.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-source-4.4.121-92.95.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-syms-4.4.121-92.95.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-syms-4.4.121-92.95.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kgraft-patch-4_4_121-92_95-default-1-3.4.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kgraft-patch-4_4_121-92_95-default-1-3.4.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:lttng-modules-2.7.1-9.6.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:lttng-modules-kmp-default-2.7.1_k4.4.121_92.95-9.6.1.x86_64", "SUSE OpenStack Cloud 7:kernel-default-4.4.121-92.95.1.s390x", "SUSE OpenStack Cloud 7:kernel-default-4.4.121-92.95.1.x86_64", "SUSE OpenStack Cloud 7:kernel-default-base-4.4.121-92.95.1.s390x", "SUSE OpenStack Cloud 7:kernel-default-base-4.4.121-92.95.1.x86_64", "SUSE OpenStack Cloud 7:kernel-default-devel-4.4.121-92.95.1.s390x", "SUSE OpenStack Cloud 7:kernel-default-devel-4.4.121-92.95.1.x86_64", "SUSE OpenStack Cloud 7:kernel-default-man-4.4.121-92.95.1.s390x", "SUSE OpenStack Cloud 7:kernel-devel-4.4.121-92.95.1.noarch", "SUSE OpenStack Cloud 7:kernel-macros-4.4.121-92.95.1.noarch", "SUSE OpenStack Cloud 7:kernel-source-4.4.121-92.95.1.noarch", "SUSE OpenStack Cloud 7:kernel-syms-4.4.121-92.95.1.s390x", "SUSE OpenStack Cloud 7:kernel-syms-4.4.121-92.95.1.x86_64", "SUSE OpenStack Cloud 7:kgraft-patch-4_4_121-92_95-default-1-3.4.1.x86_64", "SUSE OpenStack Cloud 7:lttng-modules-2.7.1-9.6.1.x86_64", "SUSE OpenStack Cloud 7:lttng-modules-kmp-default-2.7.1_k4.4.121_92.95-9.6.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2018-16276", url: "https://www.suse.com/security/cve/CVE-2018-16276", }, { category: "external", summary: "SUSE Bug 1106095 for CVE-2018-16276", url: "https://bugzilla.suse.com/1106095", }, { category: "external", summary: "SUSE Bug 1115593 for CVE-2018-16276", url: "https://bugzilla.suse.com/1115593", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE Enterprise Storage 4:kernel-default-4.4.121-92.95.1.x86_64", "SUSE Enterprise Storage 4:kernel-default-base-4.4.121-92.95.1.x86_64", "SUSE Enterprise Storage 4:kernel-default-devel-4.4.121-92.95.1.x86_64", "SUSE Enterprise Storage 4:kernel-devel-4.4.121-92.95.1.noarch", "SUSE Enterprise Storage 4:kernel-macros-4.4.121-92.95.1.noarch", "SUSE Enterprise Storage 4:kernel-source-4.4.121-92.95.1.noarch", "SUSE Enterprise Storage 4:kernel-syms-4.4.121-92.95.1.x86_64", "SUSE Enterprise Storage 4:kgraft-patch-4_4_121-92_95-default-1-3.4.1.x86_64", "SUSE Enterprise Storage 4:lttng-modules-2.7.1-9.6.1.x86_64", "SUSE Enterprise Storage 4:lttng-modules-kmp-default-2.7.1_k4.4.121_92.95-9.6.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP2:cluster-md-kmp-default-4.4.121-92.95.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP2:cluster-md-kmp-default-4.4.121-92.95.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP2:cluster-md-kmp-default-4.4.121-92.95.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP2:cluster-network-kmp-default-4.4.121-92.95.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP2:cluster-network-kmp-default-4.4.121-92.95.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP2:cluster-network-kmp-default-4.4.121-92.95.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP2:dlm-kmp-default-4.4.121-92.95.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP2:dlm-kmp-default-4.4.121-92.95.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP2:dlm-kmp-default-4.4.121-92.95.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP2:gfs2-kmp-default-4.4.121-92.95.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP2:gfs2-kmp-default-4.4.121-92.95.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP2:gfs2-kmp-default-4.4.121-92.95.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP2:ocfs2-kmp-default-4.4.121-92.95.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP2:ocfs2-kmp-default-4.4.121-92.95.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP2:ocfs2-kmp-default-4.4.121-92.95.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-default-4.4.121-92.95.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-default-base-4.4.121-92.95.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-default-devel-4.4.121-92.95.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-devel-4.4.121-92.95.1.noarch", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-macros-4.4.121-92.95.1.noarch", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-source-4.4.121-92.95.1.noarch", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-syms-4.4.121-92.95.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:lttng-modules-2.7.1-9.6.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:lttng-modules-kmp-default-2.7.1_k4.4.121_92.95-9.6.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-4.4.121-92.95.1.ppc64le", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-4.4.121-92.95.1.s390x", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-4.4.121-92.95.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-base-4.4.121-92.95.1.ppc64le", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-base-4.4.121-92.95.1.s390x", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-base-4.4.121-92.95.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-devel-4.4.121-92.95.1.ppc64le", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-devel-4.4.121-92.95.1.s390x", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-devel-4.4.121-92.95.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-man-4.4.121-92.95.1.s390x", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-devel-4.4.121-92.95.1.noarch", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-macros-4.4.121-92.95.1.noarch", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-source-4.4.121-92.95.1.noarch", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-syms-4.4.121-92.95.1.ppc64le", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-syms-4.4.121-92.95.1.s390x", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-syms-4.4.121-92.95.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-LTSS:kgraft-patch-4_4_121-92_95-default-1-3.4.1.ppc64le", "SUSE Linux Enterprise Server 12 SP2-LTSS:kgraft-patch-4_4_121-92_95-default-1-3.4.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-LTSS:lttng-modules-2.7.1-9.6.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-LTSS:lttng-modules-kmp-default-2.7.1_k4.4.121_92.95-9.6.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-4.4.121-92.95.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-4.4.121-92.95.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-base-4.4.121-92.95.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-base-4.4.121-92.95.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-devel-4.4.121-92.95.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-devel-4.4.121-92.95.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-devel-4.4.121-92.95.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-macros-4.4.121-92.95.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-source-4.4.121-92.95.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-syms-4.4.121-92.95.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-syms-4.4.121-92.95.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kgraft-patch-4_4_121-92_95-default-1-3.4.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kgraft-patch-4_4_121-92_95-default-1-3.4.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:lttng-modules-2.7.1-9.6.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:lttng-modules-kmp-default-2.7.1_k4.4.121_92.95-9.6.1.x86_64", "SUSE OpenStack Cloud 7:kernel-default-4.4.121-92.95.1.s390x", "SUSE OpenStack Cloud 7:kernel-default-4.4.121-92.95.1.x86_64", "SUSE OpenStack Cloud 7:kernel-default-base-4.4.121-92.95.1.s390x", "SUSE OpenStack Cloud 7:kernel-default-base-4.4.121-92.95.1.x86_64", "SUSE OpenStack Cloud 7:kernel-default-devel-4.4.121-92.95.1.s390x", "SUSE OpenStack Cloud 7:kernel-default-devel-4.4.121-92.95.1.x86_64", "SUSE OpenStack Cloud 7:kernel-default-man-4.4.121-92.95.1.s390x", "SUSE OpenStack Cloud 7:kernel-devel-4.4.121-92.95.1.noarch", "SUSE OpenStack Cloud 7:kernel-macros-4.4.121-92.95.1.noarch", "SUSE OpenStack Cloud 7:kernel-source-4.4.121-92.95.1.noarch", "SUSE OpenStack Cloud 7:kernel-syms-4.4.121-92.95.1.s390x", "SUSE OpenStack Cloud 7:kernel-syms-4.4.121-92.95.1.x86_64", "SUSE OpenStack Cloud 7:kgraft-patch-4_4_121-92_95-default-1-3.4.1.x86_64", "SUSE OpenStack Cloud 7:lttng-modules-2.7.1-9.6.1.x86_64", "SUSE OpenStack Cloud 7:lttng-modules-kmp-default-2.7.1_k4.4.121_92.95-9.6.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 7.3, baseSeverity: "HIGH", vectorString: "CVSS:3.0/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H", version: "3.0", }, products: [ "SUSE Enterprise Storage 4:kernel-default-4.4.121-92.95.1.x86_64", "SUSE Enterprise Storage 4:kernel-default-base-4.4.121-92.95.1.x86_64", "SUSE Enterprise Storage 4:kernel-default-devel-4.4.121-92.95.1.x86_64", "SUSE Enterprise Storage 4:kernel-devel-4.4.121-92.95.1.noarch", "SUSE Enterprise Storage 4:kernel-macros-4.4.121-92.95.1.noarch", "SUSE Enterprise Storage 4:kernel-source-4.4.121-92.95.1.noarch", "SUSE Enterprise Storage 4:kernel-syms-4.4.121-92.95.1.x86_64", "SUSE Enterprise Storage 4:kgraft-patch-4_4_121-92_95-default-1-3.4.1.x86_64", "SUSE Enterprise Storage 4:lttng-modules-2.7.1-9.6.1.x86_64", "SUSE Enterprise Storage 4:lttng-modules-kmp-default-2.7.1_k4.4.121_92.95-9.6.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP2:cluster-md-kmp-default-4.4.121-92.95.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP2:cluster-md-kmp-default-4.4.121-92.95.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP2:cluster-md-kmp-default-4.4.121-92.95.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP2:cluster-network-kmp-default-4.4.121-92.95.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP2:cluster-network-kmp-default-4.4.121-92.95.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP2:cluster-network-kmp-default-4.4.121-92.95.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP2:dlm-kmp-default-4.4.121-92.95.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP2:dlm-kmp-default-4.4.121-92.95.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP2:dlm-kmp-default-4.4.121-92.95.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP2:gfs2-kmp-default-4.4.121-92.95.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP2:gfs2-kmp-default-4.4.121-92.95.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP2:gfs2-kmp-default-4.4.121-92.95.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP2:ocfs2-kmp-default-4.4.121-92.95.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP2:ocfs2-kmp-default-4.4.121-92.95.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP2:ocfs2-kmp-default-4.4.121-92.95.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-default-4.4.121-92.95.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-default-base-4.4.121-92.95.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-default-devel-4.4.121-92.95.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-devel-4.4.121-92.95.1.noarch", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-macros-4.4.121-92.95.1.noarch", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-source-4.4.121-92.95.1.noarch", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-syms-4.4.121-92.95.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:lttng-modules-2.7.1-9.6.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:lttng-modules-kmp-default-2.7.1_k4.4.121_92.95-9.6.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-4.4.121-92.95.1.ppc64le", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-4.4.121-92.95.1.s390x", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-4.4.121-92.95.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-base-4.4.121-92.95.1.ppc64le", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-base-4.4.121-92.95.1.s390x", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-base-4.4.121-92.95.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-devel-4.4.121-92.95.1.ppc64le", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-devel-4.4.121-92.95.1.s390x", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-devel-4.4.121-92.95.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-man-4.4.121-92.95.1.s390x", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-devel-4.4.121-92.95.1.noarch", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-macros-4.4.121-92.95.1.noarch", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-source-4.4.121-92.95.1.noarch", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-syms-4.4.121-92.95.1.ppc64le", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-syms-4.4.121-92.95.1.s390x", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-syms-4.4.121-92.95.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-LTSS:kgraft-patch-4_4_121-92_95-default-1-3.4.1.ppc64le", "SUSE Linux Enterprise Server 12 SP2-LTSS:kgraft-patch-4_4_121-92_95-default-1-3.4.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-LTSS:lttng-modules-2.7.1-9.6.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-LTSS:lttng-modules-kmp-default-2.7.1_k4.4.121_92.95-9.6.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-4.4.121-92.95.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-4.4.121-92.95.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-base-4.4.121-92.95.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-base-4.4.121-92.95.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-devel-4.4.121-92.95.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-devel-4.4.121-92.95.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-devel-4.4.121-92.95.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-macros-4.4.121-92.95.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-source-4.4.121-92.95.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-syms-4.4.121-92.95.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-syms-4.4.121-92.95.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kgraft-patch-4_4_121-92_95-default-1-3.4.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kgraft-patch-4_4_121-92_95-default-1-3.4.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:lttng-modules-2.7.1-9.6.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:lttng-modules-kmp-default-2.7.1_k4.4.121_92.95-9.6.1.x86_64", "SUSE OpenStack Cloud 7:kernel-default-4.4.121-92.95.1.s390x", "SUSE OpenStack Cloud 7:kernel-default-4.4.121-92.95.1.x86_64", "SUSE OpenStack Cloud 7:kernel-default-base-4.4.121-92.95.1.s390x", "SUSE OpenStack Cloud 7:kernel-default-base-4.4.121-92.95.1.x86_64", "SUSE OpenStack Cloud 7:kernel-default-devel-4.4.121-92.95.1.s390x", "SUSE OpenStack Cloud 7:kernel-default-devel-4.4.121-92.95.1.x86_64", "SUSE OpenStack Cloud 7:kernel-default-man-4.4.121-92.95.1.s390x", "SUSE OpenStack Cloud 7:kernel-devel-4.4.121-92.95.1.noarch", "SUSE OpenStack Cloud 7:kernel-macros-4.4.121-92.95.1.noarch", "SUSE OpenStack Cloud 7:kernel-source-4.4.121-92.95.1.noarch", "SUSE OpenStack Cloud 7:kernel-syms-4.4.121-92.95.1.s390x", "SUSE OpenStack Cloud 7:kernel-syms-4.4.121-92.95.1.x86_64", "SUSE OpenStack Cloud 7:kgraft-patch-4_4_121-92_95-default-1-3.4.1.x86_64", "SUSE OpenStack Cloud 7:lttng-modules-2.7.1-9.6.1.x86_64", "SUSE OpenStack Cloud 7:lttng-modules-kmp-default-2.7.1_k4.4.121_92.95-9.6.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2018-10-09T12:00:14Z", details: "important", }, ], title: "CVE-2018-16276", }, { cve: "CVE-2018-16658", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2018-16658", }, ], notes: [ { category: "general", text: "An issue was discovered in the Linux kernel before 4.18.6. An information leak in cdrom_ioctl_drive_status in drivers/cdrom/cdrom.c could be used by local attackers to read kernel memory because a cast from unsigned long to int interferes with bounds checking. This is similar to CVE-2018-10940.", title: "CVE description", }, ], product_status: { recommended: [ "SUSE Enterprise Storage 4:kernel-default-4.4.121-92.95.1.x86_64", "SUSE Enterprise Storage 4:kernel-default-base-4.4.121-92.95.1.x86_64", "SUSE Enterprise Storage 4:kernel-default-devel-4.4.121-92.95.1.x86_64", "SUSE Enterprise Storage 4:kernel-devel-4.4.121-92.95.1.noarch", "SUSE Enterprise Storage 4:kernel-macros-4.4.121-92.95.1.noarch", "SUSE Enterprise Storage 4:kernel-source-4.4.121-92.95.1.noarch", "SUSE Enterprise Storage 4:kernel-syms-4.4.121-92.95.1.x86_64", "SUSE Enterprise Storage 4:kgraft-patch-4_4_121-92_95-default-1-3.4.1.x86_64", "SUSE Enterprise Storage 4:lttng-modules-2.7.1-9.6.1.x86_64", "SUSE Enterprise Storage 4:lttng-modules-kmp-default-2.7.1_k4.4.121_92.95-9.6.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP2:cluster-md-kmp-default-4.4.121-92.95.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP2:cluster-md-kmp-default-4.4.121-92.95.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP2:cluster-md-kmp-default-4.4.121-92.95.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP2:cluster-network-kmp-default-4.4.121-92.95.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP2:cluster-network-kmp-default-4.4.121-92.95.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP2:cluster-network-kmp-default-4.4.121-92.95.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP2:dlm-kmp-default-4.4.121-92.95.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP2:dlm-kmp-default-4.4.121-92.95.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP2:dlm-kmp-default-4.4.121-92.95.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP2:gfs2-kmp-default-4.4.121-92.95.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP2:gfs2-kmp-default-4.4.121-92.95.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP2:gfs2-kmp-default-4.4.121-92.95.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP2:ocfs2-kmp-default-4.4.121-92.95.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP2:ocfs2-kmp-default-4.4.121-92.95.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP2:ocfs2-kmp-default-4.4.121-92.95.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-default-4.4.121-92.95.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-default-base-4.4.121-92.95.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-default-devel-4.4.121-92.95.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-devel-4.4.121-92.95.1.noarch", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-macros-4.4.121-92.95.1.noarch", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-source-4.4.121-92.95.1.noarch", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-syms-4.4.121-92.95.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:lttng-modules-2.7.1-9.6.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:lttng-modules-kmp-default-2.7.1_k4.4.121_92.95-9.6.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-4.4.121-92.95.1.ppc64le", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-4.4.121-92.95.1.s390x", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-4.4.121-92.95.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-base-4.4.121-92.95.1.ppc64le", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-base-4.4.121-92.95.1.s390x", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-base-4.4.121-92.95.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-devel-4.4.121-92.95.1.ppc64le", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-devel-4.4.121-92.95.1.s390x", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-devel-4.4.121-92.95.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-man-4.4.121-92.95.1.s390x", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-devel-4.4.121-92.95.1.noarch", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-macros-4.4.121-92.95.1.noarch", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-source-4.4.121-92.95.1.noarch", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-syms-4.4.121-92.95.1.ppc64le", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-syms-4.4.121-92.95.1.s390x", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-syms-4.4.121-92.95.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-LTSS:kgraft-patch-4_4_121-92_95-default-1-3.4.1.ppc64le", "SUSE Linux Enterprise Server 12 SP2-LTSS:kgraft-patch-4_4_121-92_95-default-1-3.4.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-LTSS:lttng-modules-2.7.1-9.6.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-LTSS:lttng-modules-kmp-default-2.7.1_k4.4.121_92.95-9.6.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-4.4.121-92.95.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-4.4.121-92.95.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-base-4.4.121-92.95.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-base-4.4.121-92.95.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-devel-4.4.121-92.95.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-devel-4.4.121-92.95.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-devel-4.4.121-92.95.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-macros-4.4.121-92.95.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-source-4.4.121-92.95.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-syms-4.4.121-92.95.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-syms-4.4.121-92.95.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kgraft-patch-4_4_121-92_95-default-1-3.4.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kgraft-patch-4_4_121-92_95-default-1-3.4.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:lttng-modules-2.7.1-9.6.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:lttng-modules-kmp-default-2.7.1_k4.4.121_92.95-9.6.1.x86_64", "SUSE OpenStack Cloud 7:kernel-default-4.4.121-92.95.1.s390x", "SUSE OpenStack Cloud 7:kernel-default-4.4.121-92.95.1.x86_64", "SUSE OpenStack Cloud 7:kernel-default-base-4.4.121-92.95.1.s390x", "SUSE OpenStack Cloud 7:kernel-default-base-4.4.121-92.95.1.x86_64", "SUSE OpenStack Cloud 7:kernel-default-devel-4.4.121-92.95.1.s390x", "SUSE OpenStack Cloud 7:kernel-default-devel-4.4.121-92.95.1.x86_64", "SUSE OpenStack Cloud 7:kernel-default-man-4.4.121-92.95.1.s390x", "SUSE OpenStack Cloud 7:kernel-devel-4.4.121-92.95.1.noarch", "SUSE OpenStack Cloud 7:kernel-macros-4.4.121-92.95.1.noarch", "SUSE OpenStack Cloud 7:kernel-source-4.4.121-92.95.1.noarch", "SUSE OpenStack Cloud 7:kernel-syms-4.4.121-92.95.1.s390x", "SUSE OpenStack Cloud 7:kernel-syms-4.4.121-92.95.1.x86_64", "SUSE OpenStack Cloud 7:kgraft-patch-4_4_121-92_95-default-1-3.4.1.x86_64", "SUSE OpenStack Cloud 7:lttng-modules-2.7.1-9.6.1.x86_64", "SUSE OpenStack Cloud 7:lttng-modules-kmp-default-2.7.1_k4.4.121_92.95-9.6.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2018-16658", url: "https://www.suse.com/security/cve/CVE-2018-16658", }, { category: "external", summary: "SUSE Bug 1092903 for CVE-2018-16658", url: "https://bugzilla.suse.com/1092903", }, { category: "external", summary: "SUSE Bug 1107689 for CVE-2018-16658", url: "https://bugzilla.suse.com/1107689", }, { category: "external", summary: "SUSE Bug 1113751 for CVE-2018-16658", url: "https://bugzilla.suse.com/1113751", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE Enterprise Storage 4:kernel-default-4.4.121-92.95.1.x86_64", "SUSE Enterprise Storage 4:kernel-default-base-4.4.121-92.95.1.x86_64", "SUSE Enterprise Storage 4:kernel-default-devel-4.4.121-92.95.1.x86_64", "SUSE Enterprise Storage 4:kernel-devel-4.4.121-92.95.1.noarch", "SUSE Enterprise Storage 4:kernel-macros-4.4.121-92.95.1.noarch", "SUSE Enterprise Storage 4:kernel-source-4.4.121-92.95.1.noarch", "SUSE Enterprise Storage 4:kernel-syms-4.4.121-92.95.1.x86_64", "SUSE Enterprise Storage 4:kgraft-patch-4_4_121-92_95-default-1-3.4.1.x86_64", "SUSE Enterprise Storage 4:lttng-modules-2.7.1-9.6.1.x86_64", "SUSE Enterprise Storage 4:lttng-modules-kmp-default-2.7.1_k4.4.121_92.95-9.6.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP2:cluster-md-kmp-default-4.4.121-92.95.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP2:cluster-md-kmp-default-4.4.121-92.95.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP2:cluster-md-kmp-default-4.4.121-92.95.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP2:cluster-network-kmp-default-4.4.121-92.95.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP2:cluster-network-kmp-default-4.4.121-92.95.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP2:cluster-network-kmp-default-4.4.121-92.95.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP2:dlm-kmp-default-4.4.121-92.95.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP2:dlm-kmp-default-4.4.121-92.95.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP2:dlm-kmp-default-4.4.121-92.95.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP2:gfs2-kmp-default-4.4.121-92.95.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP2:gfs2-kmp-default-4.4.121-92.95.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP2:gfs2-kmp-default-4.4.121-92.95.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP2:ocfs2-kmp-default-4.4.121-92.95.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP2:ocfs2-kmp-default-4.4.121-92.95.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP2:ocfs2-kmp-default-4.4.121-92.95.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-default-4.4.121-92.95.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-default-base-4.4.121-92.95.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-default-devel-4.4.121-92.95.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-devel-4.4.121-92.95.1.noarch", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-macros-4.4.121-92.95.1.noarch", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-source-4.4.121-92.95.1.noarch", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-syms-4.4.121-92.95.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:lttng-modules-2.7.1-9.6.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:lttng-modules-kmp-default-2.7.1_k4.4.121_92.95-9.6.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-4.4.121-92.95.1.ppc64le", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-4.4.121-92.95.1.s390x", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-4.4.121-92.95.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-base-4.4.121-92.95.1.ppc64le", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-base-4.4.121-92.95.1.s390x", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-base-4.4.121-92.95.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-devel-4.4.121-92.95.1.ppc64le", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-devel-4.4.121-92.95.1.s390x", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-devel-4.4.121-92.95.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-man-4.4.121-92.95.1.s390x", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-devel-4.4.121-92.95.1.noarch", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-macros-4.4.121-92.95.1.noarch", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-source-4.4.121-92.95.1.noarch", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-syms-4.4.121-92.95.1.ppc64le", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-syms-4.4.121-92.95.1.s390x", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-syms-4.4.121-92.95.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-LTSS:kgraft-patch-4_4_121-92_95-default-1-3.4.1.ppc64le", "SUSE Linux Enterprise Server 12 SP2-LTSS:kgraft-patch-4_4_121-92_95-default-1-3.4.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-LTSS:lttng-modules-2.7.1-9.6.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-LTSS:lttng-modules-kmp-default-2.7.1_k4.4.121_92.95-9.6.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-4.4.121-92.95.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-4.4.121-92.95.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-base-4.4.121-92.95.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-base-4.4.121-92.95.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-devel-4.4.121-92.95.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-devel-4.4.121-92.95.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-devel-4.4.121-92.95.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-macros-4.4.121-92.95.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-source-4.4.121-92.95.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-syms-4.4.121-92.95.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-syms-4.4.121-92.95.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kgraft-patch-4_4_121-92_95-default-1-3.4.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kgraft-patch-4_4_121-92_95-default-1-3.4.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:lttng-modules-2.7.1-9.6.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:lttng-modules-kmp-default-2.7.1_k4.4.121_92.95-9.6.1.x86_64", "SUSE OpenStack Cloud 7:kernel-default-4.4.121-92.95.1.s390x", "SUSE OpenStack Cloud 7:kernel-default-4.4.121-92.95.1.x86_64", "SUSE OpenStack Cloud 7:kernel-default-base-4.4.121-92.95.1.s390x", "SUSE OpenStack Cloud 7:kernel-default-base-4.4.121-92.95.1.x86_64", "SUSE OpenStack Cloud 7:kernel-default-devel-4.4.121-92.95.1.s390x", "SUSE OpenStack Cloud 7:kernel-default-devel-4.4.121-92.95.1.x86_64", "SUSE OpenStack Cloud 7:kernel-default-man-4.4.121-92.95.1.s390x", "SUSE OpenStack Cloud 7:kernel-devel-4.4.121-92.95.1.noarch", "SUSE OpenStack Cloud 7:kernel-macros-4.4.121-92.95.1.noarch", "SUSE OpenStack Cloud 7:kernel-source-4.4.121-92.95.1.noarch", "SUSE OpenStack Cloud 7:kernel-syms-4.4.121-92.95.1.s390x", "SUSE OpenStack Cloud 7:kernel-syms-4.4.121-92.95.1.x86_64", "SUSE OpenStack Cloud 7:kgraft-patch-4_4_121-92_95-default-1-3.4.1.x86_64", "SUSE OpenStack Cloud 7:lttng-modules-2.7.1-9.6.1.x86_64", "SUSE OpenStack Cloud 7:lttng-modules-kmp-default-2.7.1_k4.4.121_92.95-9.6.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 4, baseSeverity: "MEDIUM", vectorString: "CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N", version: "3.0", }, products: [ "SUSE Enterprise Storage 4:kernel-default-4.4.121-92.95.1.x86_64", "SUSE Enterprise Storage 4:kernel-default-base-4.4.121-92.95.1.x86_64", "SUSE Enterprise Storage 4:kernel-default-devel-4.4.121-92.95.1.x86_64", "SUSE Enterprise Storage 4:kernel-devel-4.4.121-92.95.1.noarch", "SUSE Enterprise Storage 4:kernel-macros-4.4.121-92.95.1.noarch", "SUSE Enterprise Storage 4:kernel-source-4.4.121-92.95.1.noarch", "SUSE Enterprise Storage 4:kernel-syms-4.4.121-92.95.1.x86_64", "SUSE Enterprise Storage 4:kgraft-patch-4_4_121-92_95-default-1-3.4.1.x86_64", "SUSE Enterprise Storage 4:lttng-modules-2.7.1-9.6.1.x86_64", "SUSE Enterprise Storage 4:lttng-modules-kmp-default-2.7.1_k4.4.121_92.95-9.6.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP2:cluster-md-kmp-default-4.4.121-92.95.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP2:cluster-md-kmp-default-4.4.121-92.95.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP2:cluster-md-kmp-default-4.4.121-92.95.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP2:cluster-network-kmp-default-4.4.121-92.95.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP2:cluster-network-kmp-default-4.4.121-92.95.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP2:cluster-network-kmp-default-4.4.121-92.95.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP2:dlm-kmp-default-4.4.121-92.95.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP2:dlm-kmp-default-4.4.121-92.95.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP2:dlm-kmp-default-4.4.121-92.95.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP2:gfs2-kmp-default-4.4.121-92.95.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP2:gfs2-kmp-default-4.4.121-92.95.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP2:gfs2-kmp-default-4.4.121-92.95.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP2:ocfs2-kmp-default-4.4.121-92.95.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP2:ocfs2-kmp-default-4.4.121-92.95.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP2:ocfs2-kmp-default-4.4.121-92.95.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-default-4.4.121-92.95.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-default-base-4.4.121-92.95.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-default-devel-4.4.121-92.95.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-devel-4.4.121-92.95.1.noarch", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-macros-4.4.121-92.95.1.noarch", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-source-4.4.121-92.95.1.noarch", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-syms-4.4.121-92.95.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:lttng-modules-2.7.1-9.6.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:lttng-modules-kmp-default-2.7.1_k4.4.121_92.95-9.6.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-4.4.121-92.95.1.ppc64le", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-4.4.121-92.95.1.s390x", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-4.4.121-92.95.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-base-4.4.121-92.95.1.ppc64le", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-base-4.4.121-92.95.1.s390x", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-base-4.4.121-92.95.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-devel-4.4.121-92.95.1.ppc64le", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-devel-4.4.121-92.95.1.s390x", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-devel-4.4.121-92.95.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-man-4.4.121-92.95.1.s390x", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-devel-4.4.121-92.95.1.noarch", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-macros-4.4.121-92.95.1.noarch", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-source-4.4.121-92.95.1.noarch", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-syms-4.4.121-92.95.1.ppc64le", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-syms-4.4.121-92.95.1.s390x", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-syms-4.4.121-92.95.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-LTSS:kgraft-patch-4_4_121-92_95-default-1-3.4.1.ppc64le", "SUSE Linux Enterprise Server 12 SP2-LTSS:kgraft-patch-4_4_121-92_95-default-1-3.4.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-LTSS:lttng-modules-2.7.1-9.6.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-LTSS:lttng-modules-kmp-default-2.7.1_k4.4.121_92.95-9.6.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-4.4.121-92.95.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-4.4.121-92.95.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-base-4.4.121-92.95.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-base-4.4.121-92.95.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-devel-4.4.121-92.95.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-devel-4.4.121-92.95.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-devel-4.4.121-92.95.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-macros-4.4.121-92.95.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-source-4.4.121-92.95.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-syms-4.4.121-92.95.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-syms-4.4.121-92.95.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kgraft-patch-4_4_121-92_95-default-1-3.4.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kgraft-patch-4_4_121-92_95-default-1-3.4.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:lttng-modules-2.7.1-9.6.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:lttng-modules-kmp-default-2.7.1_k4.4.121_92.95-9.6.1.x86_64", "SUSE OpenStack Cloud 7:kernel-default-4.4.121-92.95.1.s390x", "SUSE OpenStack Cloud 7:kernel-default-4.4.121-92.95.1.x86_64", "SUSE OpenStack Cloud 7:kernel-default-base-4.4.121-92.95.1.s390x", "SUSE OpenStack Cloud 7:kernel-default-base-4.4.121-92.95.1.x86_64", "SUSE OpenStack Cloud 7:kernel-default-devel-4.4.121-92.95.1.s390x", "SUSE OpenStack Cloud 7:kernel-default-devel-4.4.121-92.95.1.x86_64", "SUSE OpenStack Cloud 7:kernel-default-man-4.4.121-92.95.1.s390x", "SUSE OpenStack Cloud 7:kernel-devel-4.4.121-92.95.1.noarch", "SUSE OpenStack Cloud 7:kernel-macros-4.4.121-92.95.1.noarch", "SUSE OpenStack Cloud 7:kernel-source-4.4.121-92.95.1.noarch", "SUSE OpenStack Cloud 7:kernel-syms-4.4.121-92.95.1.s390x", "SUSE OpenStack Cloud 7:kernel-syms-4.4.121-92.95.1.x86_64", "SUSE OpenStack Cloud 7:kgraft-patch-4_4_121-92_95-default-1-3.4.1.x86_64", "SUSE OpenStack Cloud 7:lttng-modules-2.7.1-9.6.1.x86_64", "SUSE OpenStack Cloud 7:lttng-modules-kmp-default-2.7.1_k4.4.121_92.95-9.6.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2018-10-09T12:00:14Z", details: "low", }, ], title: "CVE-2018-16658", }, { cve: "CVE-2018-17182", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2018-17182", }, ], notes: [ { category: "general", text: "An issue was discovered in the Linux kernel through 4.18.8. The vmacache_flush_all function in mm/vmacache.c mishandles sequence number overflows. An attacker can trigger a use-after-free (and possibly gain privileges) via certain thread creation, map, unmap, invalidation, and dereference operations.", title: "CVE description", }, ], product_status: { recommended: [ "SUSE Enterprise Storage 4:kernel-default-4.4.121-92.95.1.x86_64", "SUSE Enterprise Storage 4:kernel-default-base-4.4.121-92.95.1.x86_64", "SUSE Enterprise Storage 4:kernel-default-devel-4.4.121-92.95.1.x86_64", "SUSE Enterprise Storage 4:kernel-devel-4.4.121-92.95.1.noarch", "SUSE Enterprise Storage 4:kernel-macros-4.4.121-92.95.1.noarch", "SUSE Enterprise Storage 4:kernel-source-4.4.121-92.95.1.noarch", "SUSE Enterprise Storage 4:kernel-syms-4.4.121-92.95.1.x86_64", "SUSE Enterprise Storage 4:kgraft-patch-4_4_121-92_95-default-1-3.4.1.x86_64", "SUSE Enterprise Storage 4:lttng-modules-2.7.1-9.6.1.x86_64", "SUSE Enterprise Storage 4:lttng-modules-kmp-default-2.7.1_k4.4.121_92.95-9.6.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP2:cluster-md-kmp-default-4.4.121-92.95.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP2:cluster-md-kmp-default-4.4.121-92.95.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP2:cluster-md-kmp-default-4.4.121-92.95.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP2:cluster-network-kmp-default-4.4.121-92.95.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP2:cluster-network-kmp-default-4.4.121-92.95.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP2:cluster-network-kmp-default-4.4.121-92.95.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP2:dlm-kmp-default-4.4.121-92.95.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP2:dlm-kmp-default-4.4.121-92.95.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP2:dlm-kmp-default-4.4.121-92.95.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP2:gfs2-kmp-default-4.4.121-92.95.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP2:gfs2-kmp-default-4.4.121-92.95.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP2:gfs2-kmp-default-4.4.121-92.95.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP2:ocfs2-kmp-default-4.4.121-92.95.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP2:ocfs2-kmp-default-4.4.121-92.95.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP2:ocfs2-kmp-default-4.4.121-92.95.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-default-4.4.121-92.95.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-default-base-4.4.121-92.95.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-default-devel-4.4.121-92.95.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-devel-4.4.121-92.95.1.noarch", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-macros-4.4.121-92.95.1.noarch", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-source-4.4.121-92.95.1.noarch", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-syms-4.4.121-92.95.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:lttng-modules-2.7.1-9.6.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:lttng-modules-kmp-default-2.7.1_k4.4.121_92.95-9.6.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-4.4.121-92.95.1.ppc64le", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-4.4.121-92.95.1.s390x", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-4.4.121-92.95.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-base-4.4.121-92.95.1.ppc64le", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-base-4.4.121-92.95.1.s390x", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-base-4.4.121-92.95.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-devel-4.4.121-92.95.1.ppc64le", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-devel-4.4.121-92.95.1.s390x", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-devel-4.4.121-92.95.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-man-4.4.121-92.95.1.s390x", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-devel-4.4.121-92.95.1.noarch", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-macros-4.4.121-92.95.1.noarch", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-source-4.4.121-92.95.1.noarch", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-syms-4.4.121-92.95.1.ppc64le", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-syms-4.4.121-92.95.1.s390x", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-syms-4.4.121-92.95.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-LTSS:kgraft-patch-4_4_121-92_95-default-1-3.4.1.ppc64le", "SUSE Linux Enterprise Server 12 SP2-LTSS:kgraft-patch-4_4_121-92_95-default-1-3.4.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-LTSS:lttng-modules-2.7.1-9.6.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-LTSS:lttng-modules-kmp-default-2.7.1_k4.4.121_92.95-9.6.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-4.4.121-92.95.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-4.4.121-92.95.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-base-4.4.121-92.95.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-base-4.4.121-92.95.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-devel-4.4.121-92.95.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-devel-4.4.121-92.95.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-devel-4.4.121-92.95.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-macros-4.4.121-92.95.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-source-4.4.121-92.95.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-syms-4.4.121-92.95.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-syms-4.4.121-92.95.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kgraft-patch-4_4_121-92_95-default-1-3.4.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kgraft-patch-4_4_121-92_95-default-1-3.4.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:lttng-modules-2.7.1-9.6.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:lttng-modules-kmp-default-2.7.1_k4.4.121_92.95-9.6.1.x86_64", "SUSE OpenStack Cloud 7:kernel-default-4.4.121-92.95.1.s390x", "SUSE OpenStack Cloud 7:kernel-default-4.4.121-92.95.1.x86_64", "SUSE OpenStack Cloud 7:kernel-default-base-4.4.121-92.95.1.s390x", "SUSE OpenStack Cloud 7:kernel-default-base-4.4.121-92.95.1.x86_64", "SUSE OpenStack Cloud 7:kernel-default-devel-4.4.121-92.95.1.s390x", "SUSE OpenStack Cloud 7:kernel-default-devel-4.4.121-92.95.1.x86_64", "SUSE OpenStack Cloud 7:kernel-default-man-4.4.121-92.95.1.s390x", "SUSE OpenStack Cloud 7:kernel-devel-4.4.121-92.95.1.noarch", "SUSE OpenStack Cloud 7:kernel-macros-4.4.121-92.95.1.noarch", "SUSE OpenStack Cloud 7:kernel-source-4.4.121-92.95.1.noarch", "SUSE OpenStack Cloud 7:kernel-syms-4.4.121-92.95.1.s390x", "SUSE OpenStack Cloud 7:kernel-syms-4.4.121-92.95.1.x86_64", "SUSE OpenStack Cloud 7:kgraft-patch-4_4_121-92_95-default-1-3.4.1.x86_64", "SUSE OpenStack Cloud 7:lttng-modules-2.7.1-9.6.1.x86_64", "SUSE OpenStack Cloud 7:lttng-modules-kmp-default-2.7.1_k4.4.121_92.95-9.6.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2018-17182", url: "https://www.suse.com/security/cve/CVE-2018-17182", }, { category: "external", summary: "SUSE Bug 1108399 for CVE-2018-17182", url: "https://bugzilla.suse.com/1108399", }, { category: "external", summary: "SUSE Bug 1110233 for CVE-2018-17182", url: "https://bugzilla.suse.com/1110233", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE Enterprise Storage 4:kernel-default-4.4.121-92.95.1.x86_64", "SUSE Enterprise Storage 4:kernel-default-base-4.4.121-92.95.1.x86_64", "SUSE Enterprise Storage 4:kernel-default-devel-4.4.121-92.95.1.x86_64", "SUSE Enterprise Storage 4:kernel-devel-4.4.121-92.95.1.noarch", "SUSE Enterprise Storage 4:kernel-macros-4.4.121-92.95.1.noarch", "SUSE Enterprise Storage 4:kernel-source-4.4.121-92.95.1.noarch", "SUSE Enterprise Storage 4:kernel-syms-4.4.121-92.95.1.x86_64", "SUSE Enterprise Storage 4:kgraft-patch-4_4_121-92_95-default-1-3.4.1.x86_64", "SUSE Enterprise Storage 4:lttng-modules-2.7.1-9.6.1.x86_64", "SUSE Enterprise Storage 4:lttng-modules-kmp-default-2.7.1_k4.4.121_92.95-9.6.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP2:cluster-md-kmp-default-4.4.121-92.95.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP2:cluster-md-kmp-default-4.4.121-92.95.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP2:cluster-md-kmp-default-4.4.121-92.95.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP2:cluster-network-kmp-default-4.4.121-92.95.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP2:cluster-network-kmp-default-4.4.121-92.95.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP2:cluster-network-kmp-default-4.4.121-92.95.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP2:dlm-kmp-default-4.4.121-92.95.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP2:dlm-kmp-default-4.4.121-92.95.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP2:dlm-kmp-default-4.4.121-92.95.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP2:gfs2-kmp-default-4.4.121-92.95.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP2:gfs2-kmp-default-4.4.121-92.95.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP2:gfs2-kmp-default-4.4.121-92.95.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP2:ocfs2-kmp-default-4.4.121-92.95.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP2:ocfs2-kmp-default-4.4.121-92.95.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP2:ocfs2-kmp-default-4.4.121-92.95.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-default-4.4.121-92.95.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-default-base-4.4.121-92.95.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-default-devel-4.4.121-92.95.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-devel-4.4.121-92.95.1.noarch", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-macros-4.4.121-92.95.1.noarch", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-source-4.4.121-92.95.1.noarch", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-syms-4.4.121-92.95.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:lttng-modules-2.7.1-9.6.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:lttng-modules-kmp-default-2.7.1_k4.4.121_92.95-9.6.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-4.4.121-92.95.1.ppc64le", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-4.4.121-92.95.1.s390x", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-4.4.121-92.95.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-base-4.4.121-92.95.1.ppc64le", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-base-4.4.121-92.95.1.s390x", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-base-4.4.121-92.95.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-devel-4.4.121-92.95.1.ppc64le", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-devel-4.4.121-92.95.1.s390x", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-devel-4.4.121-92.95.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-man-4.4.121-92.95.1.s390x", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-devel-4.4.121-92.95.1.noarch", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-macros-4.4.121-92.95.1.noarch", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-source-4.4.121-92.95.1.noarch", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-syms-4.4.121-92.95.1.ppc64le", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-syms-4.4.121-92.95.1.s390x", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-syms-4.4.121-92.95.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-LTSS:kgraft-patch-4_4_121-92_95-default-1-3.4.1.ppc64le", "SUSE Linux Enterprise Server 12 SP2-LTSS:kgraft-patch-4_4_121-92_95-default-1-3.4.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-LTSS:lttng-modules-2.7.1-9.6.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-LTSS:lttng-modules-kmp-default-2.7.1_k4.4.121_92.95-9.6.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-4.4.121-92.95.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-4.4.121-92.95.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-base-4.4.121-92.95.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-base-4.4.121-92.95.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-devel-4.4.121-92.95.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-devel-4.4.121-92.95.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-devel-4.4.121-92.95.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-macros-4.4.121-92.95.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-source-4.4.121-92.95.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-syms-4.4.121-92.95.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-syms-4.4.121-92.95.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kgraft-patch-4_4_121-92_95-default-1-3.4.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kgraft-patch-4_4_121-92_95-default-1-3.4.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:lttng-modules-2.7.1-9.6.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:lttng-modules-kmp-default-2.7.1_k4.4.121_92.95-9.6.1.x86_64", "SUSE OpenStack Cloud 7:kernel-default-4.4.121-92.95.1.s390x", "SUSE OpenStack Cloud 7:kernel-default-4.4.121-92.95.1.x86_64", "SUSE OpenStack Cloud 7:kernel-default-base-4.4.121-92.95.1.s390x", "SUSE OpenStack Cloud 7:kernel-default-base-4.4.121-92.95.1.x86_64", "SUSE OpenStack Cloud 7:kernel-default-devel-4.4.121-92.95.1.s390x", "SUSE OpenStack Cloud 7:kernel-default-devel-4.4.121-92.95.1.x86_64", "SUSE OpenStack Cloud 7:kernel-default-man-4.4.121-92.95.1.s390x", "SUSE OpenStack Cloud 7:kernel-devel-4.4.121-92.95.1.noarch", "SUSE OpenStack Cloud 7:kernel-macros-4.4.121-92.95.1.noarch", "SUSE OpenStack Cloud 7:kernel-source-4.4.121-92.95.1.noarch", "SUSE OpenStack Cloud 7:kernel-syms-4.4.121-92.95.1.s390x", "SUSE OpenStack Cloud 7:kernel-syms-4.4.121-92.95.1.x86_64", "SUSE OpenStack Cloud 7:kgraft-patch-4_4_121-92_95-default-1-3.4.1.x86_64", "SUSE OpenStack Cloud 7:lttng-modules-2.7.1-9.6.1.x86_64", "SUSE OpenStack Cloud 7:lttng-modules-kmp-default-2.7.1_k4.4.121_92.95-9.6.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 7, baseSeverity: "HIGH", vectorString: "CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H", version: "3.0", }, products: [ "SUSE Enterprise Storage 4:kernel-default-4.4.121-92.95.1.x86_64", "SUSE Enterprise Storage 4:kernel-default-base-4.4.121-92.95.1.x86_64", "SUSE Enterprise Storage 4:kernel-default-devel-4.4.121-92.95.1.x86_64", "SUSE Enterprise Storage 4:kernel-devel-4.4.121-92.95.1.noarch", "SUSE Enterprise Storage 4:kernel-macros-4.4.121-92.95.1.noarch", "SUSE Enterprise Storage 4:kernel-source-4.4.121-92.95.1.noarch", "SUSE Enterprise Storage 4:kernel-syms-4.4.121-92.95.1.x86_64", "SUSE Enterprise Storage 4:kgraft-patch-4_4_121-92_95-default-1-3.4.1.x86_64", "SUSE Enterprise Storage 4:lttng-modules-2.7.1-9.6.1.x86_64", "SUSE Enterprise Storage 4:lttng-modules-kmp-default-2.7.1_k4.4.121_92.95-9.6.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP2:cluster-md-kmp-default-4.4.121-92.95.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP2:cluster-md-kmp-default-4.4.121-92.95.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP2:cluster-md-kmp-default-4.4.121-92.95.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP2:cluster-network-kmp-default-4.4.121-92.95.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP2:cluster-network-kmp-default-4.4.121-92.95.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP2:cluster-network-kmp-default-4.4.121-92.95.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP2:dlm-kmp-default-4.4.121-92.95.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP2:dlm-kmp-default-4.4.121-92.95.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP2:dlm-kmp-default-4.4.121-92.95.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP2:gfs2-kmp-default-4.4.121-92.95.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP2:gfs2-kmp-default-4.4.121-92.95.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP2:gfs2-kmp-default-4.4.121-92.95.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP2:ocfs2-kmp-default-4.4.121-92.95.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP2:ocfs2-kmp-default-4.4.121-92.95.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP2:ocfs2-kmp-default-4.4.121-92.95.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-default-4.4.121-92.95.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-default-base-4.4.121-92.95.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-default-devel-4.4.121-92.95.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-devel-4.4.121-92.95.1.noarch", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-macros-4.4.121-92.95.1.noarch", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-source-4.4.121-92.95.1.noarch", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-syms-4.4.121-92.95.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:lttng-modules-2.7.1-9.6.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:lttng-modules-kmp-default-2.7.1_k4.4.121_92.95-9.6.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-4.4.121-92.95.1.ppc64le", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-4.4.121-92.95.1.s390x", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-4.4.121-92.95.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-base-4.4.121-92.95.1.ppc64le", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-base-4.4.121-92.95.1.s390x", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-base-4.4.121-92.95.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-devel-4.4.121-92.95.1.ppc64le", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-devel-4.4.121-92.95.1.s390x", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-devel-4.4.121-92.95.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-man-4.4.121-92.95.1.s390x", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-devel-4.4.121-92.95.1.noarch", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-macros-4.4.121-92.95.1.noarch", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-source-4.4.121-92.95.1.noarch", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-syms-4.4.121-92.95.1.ppc64le", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-syms-4.4.121-92.95.1.s390x", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-syms-4.4.121-92.95.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-LTSS:kgraft-patch-4_4_121-92_95-default-1-3.4.1.ppc64le", "SUSE Linux Enterprise Server 12 SP2-LTSS:kgraft-patch-4_4_121-92_95-default-1-3.4.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-LTSS:lttng-modules-2.7.1-9.6.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-LTSS:lttng-modules-kmp-default-2.7.1_k4.4.121_92.95-9.6.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-4.4.121-92.95.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-4.4.121-92.95.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-base-4.4.121-92.95.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-base-4.4.121-92.95.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-devel-4.4.121-92.95.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-devel-4.4.121-92.95.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-devel-4.4.121-92.95.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-macros-4.4.121-92.95.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-source-4.4.121-92.95.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-syms-4.4.121-92.95.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-syms-4.4.121-92.95.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kgraft-patch-4_4_121-92_95-default-1-3.4.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kgraft-patch-4_4_121-92_95-default-1-3.4.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:lttng-modules-2.7.1-9.6.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:lttng-modules-kmp-default-2.7.1_k4.4.121_92.95-9.6.1.x86_64", "SUSE OpenStack Cloud 7:kernel-default-4.4.121-92.95.1.s390x", "SUSE OpenStack Cloud 7:kernel-default-4.4.121-92.95.1.x86_64", "SUSE OpenStack Cloud 7:kernel-default-base-4.4.121-92.95.1.s390x", "SUSE OpenStack Cloud 7:kernel-default-base-4.4.121-92.95.1.x86_64", "SUSE OpenStack Cloud 7:kernel-default-devel-4.4.121-92.95.1.s390x", "SUSE OpenStack Cloud 7:kernel-default-devel-4.4.121-92.95.1.x86_64", "SUSE OpenStack Cloud 7:kernel-default-man-4.4.121-92.95.1.s390x", "SUSE OpenStack Cloud 7:kernel-devel-4.4.121-92.95.1.noarch", "SUSE OpenStack Cloud 7:kernel-macros-4.4.121-92.95.1.noarch", "SUSE OpenStack Cloud 7:kernel-source-4.4.121-92.95.1.noarch", "SUSE OpenStack Cloud 7:kernel-syms-4.4.121-92.95.1.s390x", "SUSE OpenStack Cloud 7:kernel-syms-4.4.121-92.95.1.x86_64", "SUSE OpenStack Cloud 7:kgraft-patch-4_4_121-92_95-default-1-3.4.1.x86_64", "SUSE OpenStack Cloud 7:lttng-modules-2.7.1-9.6.1.x86_64", "SUSE OpenStack Cloud 7:lttng-modules-kmp-default-2.7.1_k4.4.121_92.95-9.6.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2018-10-09T12:00:14Z", details: "moderate", }, ], title: "CVE-2018-17182", }, { cve: "CVE-2018-6554", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2018-6554", }, ], notes: [ { category: "general", text: "Memory leak in the irda_bind function in net/irda/af_irda.c and later in drivers/staging/irda/net/af_irda.c in the Linux kernel before 4.17 allows local users to cause a denial of service (memory consumption) by repeatedly binding an AF_IRDA socket.", title: "CVE description", }, ], product_status: { recommended: [ "SUSE Enterprise Storage 4:kernel-default-4.4.121-92.95.1.x86_64", "SUSE Enterprise Storage 4:kernel-default-base-4.4.121-92.95.1.x86_64", "SUSE Enterprise Storage 4:kernel-default-devel-4.4.121-92.95.1.x86_64", "SUSE Enterprise Storage 4:kernel-devel-4.4.121-92.95.1.noarch", "SUSE Enterprise Storage 4:kernel-macros-4.4.121-92.95.1.noarch", "SUSE Enterprise Storage 4:kernel-source-4.4.121-92.95.1.noarch", "SUSE Enterprise Storage 4:kernel-syms-4.4.121-92.95.1.x86_64", "SUSE Enterprise Storage 4:kgraft-patch-4_4_121-92_95-default-1-3.4.1.x86_64", "SUSE Enterprise Storage 4:lttng-modules-2.7.1-9.6.1.x86_64", "SUSE Enterprise Storage 4:lttng-modules-kmp-default-2.7.1_k4.4.121_92.95-9.6.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP2:cluster-md-kmp-default-4.4.121-92.95.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP2:cluster-md-kmp-default-4.4.121-92.95.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP2:cluster-md-kmp-default-4.4.121-92.95.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP2:cluster-network-kmp-default-4.4.121-92.95.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP2:cluster-network-kmp-default-4.4.121-92.95.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP2:cluster-network-kmp-default-4.4.121-92.95.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP2:dlm-kmp-default-4.4.121-92.95.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP2:dlm-kmp-default-4.4.121-92.95.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP2:dlm-kmp-default-4.4.121-92.95.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP2:gfs2-kmp-default-4.4.121-92.95.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP2:gfs2-kmp-default-4.4.121-92.95.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP2:gfs2-kmp-default-4.4.121-92.95.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP2:ocfs2-kmp-default-4.4.121-92.95.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP2:ocfs2-kmp-default-4.4.121-92.95.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP2:ocfs2-kmp-default-4.4.121-92.95.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-default-4.4.121-92.95.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-default-base-4.4.121-92.95.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-default-devel-4.4.121-92.95.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-devel-4.4.121-92.95.1.noarch", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-macros-4.4.121-92.95.1.noarch", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-source-4.4.121-92.95.1.noarch", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-syms-4.4.121-92.95.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:lttng-modules-2.7.1-9.6.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:lttng-modules-kmp-default-2.7.1_k4.4.121_92.95-9.6.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-4.4.121-92.95.1.ppc64le", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-4.4.121-92.95.1.s390x", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-4.4.121-92.95.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-base-4.4.121-92.95.1.ppc64le", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-base-4.4.121-92.95.1.s390x", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-base-4.4.121-92.95.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-devel-4.4.121-92.95.1.ppc64le", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-devel-4.4.121-92.95.1.s390x", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-devel-4.4.121-92.95.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-man-4.4.121-92.95.1.s390x", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-devel-4.4.121-92.95.1.noarch", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-macros-4.4.121-92.95.1.noarch", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-source-4.4.121-92.95.1.noarch", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-syms-4.4.121-92.95.1.ppc64le", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-syms-4.4.121-92.95.1.s390x", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-syms-4.4.121-92.95.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-LTSS:kgraft-patch-4_4_121-92_95-default-1-3.4.1.ppc64le", "SUSE Linux Enterprise Server 12 SP2-LTSS:kgraft-patch-4_4_121-92_95-default-1-3.4.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-LTSS:lttng-modules-2.7.1-9.6.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-LTSS:lttng-modules-kmp-default-2.7.1_k4.4.121_92.95-9.6.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-4.4.121-92.95.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-4.4.121-92.95.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-base-4.4.121-92.95.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-base-4.4.121-92.95.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-devel-4.4.121-92.95.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-devel-4.4.121-92.95.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-devel-4.4.121-92.95.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-macros-4.4.121-92.95.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-source-4.4.121-92.95.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-syms-4.4.121-92.95.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-syms-4.4.121-92.95.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kgraft-patch-4_4_121-92_95-default-1-3.4.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kgraft-patch-4_4_121-92_95-default-1-3.4.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:lttng-modules-2.7.1-9.6.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:lttng-modules-kmp-default-2.7.1_k4.4.121_92.95-9.6.1.x86_64", "SUSE OpenStack Cloud 7:kernel-default-4.4.121-92.95.1.s390x", "SUSE OpenStack Cloud 7:kernel-default-4.4.121-92.95.1.x86_64", "SUSE OpenStack Cloud 7:kernel-default-base-4.4.121-92.95.1.s390x", "SUSE OpenStack Cloud 7:kernel-default-base-4.4.121-92.95.1.x86_64", "SUSE OpenStack Cloud 7:kernel-default-devel-4.4.121-92.95.1.s390x", "SUSE OpenStack Cloud 7:kernel-default-devel-4.4.121-92.95.1.x86_64", "SUSE OpenStack Cloud 7:kernel-default-man-4.4.121-92.95.1.s390x", "SUSE OpenStack Cloud 7:kernel-devel-4.4.121-92.95.1.noarch", "SUSE OpenStack Cloud 7:kernel-macros-4.4.121-92.95.1.noarch", "SUSE OpenStack Cloud 7:kernel-source-4.4.121-92.95.1.noarch", "SUSE OpenStack Cloud 7:kernel-syms-4.4.121-92.95.1.s390x", "SUSE OpenStack Cloud 7:kernel-syms-4.4.121-92.95.1.x86_64", "SUSE OpenStack Cloud 7:kgraft-patch-4_4_121-92_95-default-1-3.4.1.x86_64", "SUSE OpenStack Cloud 7:lttng-modules-2.7.1-9.6.1.x86_64", "SUSE OpenStack Cloud 7:lttng-modules-kmp-default-2.7.1_k4.4.121_92.95-9.6.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2018-6554", url: "https://www.suse.com/security/cve/CVE-2018-6554", }, { category: "external", summary: "SUSE Bug 1106509 for CVE-2018-6554", url: "https://bugzilla.suse.com/1106509", }, { category: "external", summary: "SUSE Bug 1106511 for CVE-2018-6554", url: "https://bugzilla.suse.com/1106511", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE Enterprise Storage 4:kernel-default-4.4.121-92.95.1.x86_64", "SUSE Enterprise Storage 4:kernel-default-base-4.4.121-92.95.1.x86_64", "SUSE Enterprise Storage 4:kernel-default-devel-4.4.121-92.95.1.x86_64", "SUSE Enterprise Storage 4:kernel-devel-4.4.121-92.95.1.noarch", "SUSE Enterprise Storage 4:kernel-macros-4.4.121-92.95.1.noarch", "SUSE Enterprise Storage 4:kernel-source-4.4.121-92.95.1.noarch", "SUSE Enterprise Storage 4:kernel-syms-4.4.121-92.95.1.x86_64", "SUSE Enterprise Storage 4:kgraft-patch-4_4_121-92_95-default-1-3.4.1.x86_64", "SUSE Enterprise Storage 4:lttng-modules-2.7.1-9.6.1.x86_64", "SUSE Enterprise Storage 4:lttng-modules-kmp-default-2.7.1_k4.4.121_92.95-9.6.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP2:cluster-md-kmp-default-4.4.121-92.95.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP2:cluster-md-kmp-default-4.4.121-92.95.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP2:cluster-md-kmp-default-4.4.121-92.95.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP2:cluster-network-kmp-default-4.4.121-92.95.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP2:cluster-network-kmp-default-4.4.121-92.95.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP2:cluster-network-kmp-default-4.4.121-92.95.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP2:dlm-kmp-default-4.4.121-92.95.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP2:dlm-kmp-default-4.4.121-92.95.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP2:dlm-kmp-default-4.4.121-92.95.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP2:gfs2-kmp-default-4.4.121-92.95.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP2:gfs2-kmp-default-4.4.121-92.95.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP2:gfs2-kmp-default-4.4.121-92.95.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP2:ocfs2-kmp-default-4.4.121-92.95.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP2:ocfs2-kmp-default-4.4.121-92.95.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP2:ocfs2-kmp-default-4.4.121-92.95.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-default-4.4.121-92.95.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-default-base-4.4.121-92.95.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-default-devel-4.4.121-92.95.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-devel-4.4.121-92.95.1.noarch", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-macros-4.4.121-92.95.1.noarch", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-source-4.4.121-92.95.1.noarch", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-syms-4.4.121-92.95.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:lttng-modules-2.7.1-9.6.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:lttng-modules-kmp-default-2.7.1_k4.4.121_92.95-9.6.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-4.4.121-92.95.1.ppc64le", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-4.4.121-92.95.1.s390x", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-4.4.121-92.95.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-base-4.4.121-92.95.1.ppc64le", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-base-4.4.121-92.95.1.s390x", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-base-4.4.121-92.95.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-devel-4.4.121-92.95.1.ppc64le", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-devel-4.4.121-92.95.1.s390x", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-devel-4.4.121-92.95.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-man-4.4.121-92.95.1.s390x", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-devel-4.4.121-92.95.1.noarch", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-macros-4.4.121-92.95.1.noarch", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-source-4.4.121-92.95.1.noarch", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-syms-4.4.121-92.95.1.ppc64le", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-syms-4.4.121-92.95.1.s390x", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-syms-4.4.121-92.95.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-LTSS:kgraft-patch-4_4_121-92_95-default-1-3.4.1.ppc64le", "SUSE Linux Enterprise Server 12 SP2-LTSS:kgraft-patch-4_4_121-92_95-default-1-3.4.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-LTSS:lttng-modules-2.7.1-9.6.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-LTSS:lttng-modules-kmp-default-2.7.1_k4.4.121_92.95-9.6.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-4.4.121-92.95.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-4.4.121-92.95.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-base-4.4.121-92.95.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-base-4.4.121-92.95.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-devel-4.4.121-92.95.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-devel-4.4.121-92.95.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-devel-4.4.121-92.95.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-macros-4.4.121-92.95.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-source-4.4.121-92.95.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-syms-4.4.121-92.95.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-syms-4.4.121-92.95.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kgraft-patch-4_4_121-92_95-default-1-3.4.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kgraft-patch-4_4_121-92_95-default-1-3.4.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:lttng-modules-2.7.1-9.6.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:lttng-modules-kmp-default-2.7.1_k4.4.121_92.95-9.6.1.x86_64", "SUSE OpenStack Cloud 7:kernel-default-4.4.121-92.95.1.s390x", "SUSE OpenStack Cloud 7:kernel-default-4.4.121-92.95.1.x86_64", "SUSE OpenStack Cloud 7:kernel-default-base-4.4.121-92.95.1.s390x", "SUSE OpenStack Cloud 7:kernel-default-base-4.4.121-92.95.1.x86_64", "SUSE OpenStack Cloud 7:kernel-default-devel-4.4.121-92.95.1.s390x", "SUSE OpenStack Cloud 7:kernel-default-devel-4.4.121-92.95.1.x86_64", "SUSE OpenStack Cloud 7:kernel-default-man-4.4.121-92.95.1.s390x", "SUSE OpenStack Cloud 7:kernel-devel-4.4.121-92.95.1.noarch", "SUSE OpenStack Cloud 7:kernel-macros-4.4.121-92.95.1.noarch", "SUSE OpenStack Cloud 7:kernel-source-4.4.121-92.95.1.noarch", "SUSE OpenStack Cloud 7:kernel-syms-4.4.121-92.95.1.s390x", "SUSE OpenStack Cloud 7:kernel-syms-4.4.121-92.95.1.x86_64", "SUSE OpenStack Cloud 7:kgraft-patch-4_4_121-92_95-default-1-3.4.1.x86_64", "SUSE OpenStack Cloud 7:lttng-modules-2.7.1-9.6.1.x86_64", "SUSE OpenStack Cloud 7:lttng-modules-kmp-default-2.7.1_k4.4.121_92.95-9.6.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 3.3, baseSeverity: "LOW", vectorString: "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L", version: "3.0", }, products: [ "SUSE Enterprise Storage 4:kernel-default-4.4.121-92.95.1.x86_64", "SUSE Enterprise Storage 4:kernel-default-base-4.4.121-92.95.1.x86_64", "SUSE Enterprise Storage 4:kernel-default-devel-4.4.121-92.95.1.x86_64", "SUSE Enterprise Storage 4:kernel-devel-4.4.121-92.95.1.noarch", "SUSE Enterprise Storage 4:kernel-macros-4.4.121-92.95.1.noarch", "SUSE Enterprise Storage 4:kernel-source-4.4.121-92.95.1.noarch", "SUSE Enterprise Storage 4:kernel-syms-4.4.121-92.95.1.x86_64", "SUSE Enterprise Storage 4:kgraft-patch-4_4_121-92_95-default-1-3.4.1.x86_64", "SUSE Enterprise Storage 4:lttng-modules-2.7.1-9.6.1.x86_64", "SUSE Enterprise Storage 4:lttng-modules-kmp-default-2.7.1_k4.4.121_92.95-9.6.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP2:cluster-md-kmp-default-4.4.121-92.95.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP2:cluster-md-kmp-default-4.4.121-92.95.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP2:cluster-md-kmp-default-4.4.121-92.95.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP2:cluster-network-kmp-default-4.4.121-92.95.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP2:cluster-network-kmp-default-4.4.121-92.95.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP2:cluster-network-kmp-default-4.4.121-92.95.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP2:dlm-kmp-default-4.4.121-92.95.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP2:dlm-kmp-default-4.4.121-92.95.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP2:dlm-kmp-default-4.4.121-92.95.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP2:gfs2-kmp-default-4.4.121-92.95.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP2:gfs2-kmp-default-4.4.121-92.95.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP2:gfs2-kmp-default-4.4.121-92.95.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP2:ocfs2-kmp-default-4.4.121-92.95.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP2:ocfs2-kmp-default-4.4.121-92.95.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP2:ocfs2-kmp-default-4.4.121-92.95.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-default-4.4.121-92.95.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-default-base-4.4.121-92.95.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-default-devel-4.4.121-92.95.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-devel-4.4.121-92.95.1.noarch", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-macros-4.4.121-92.95.1.noarch", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-source-4.4.121-92.95.1.noarch", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-syms-4.4.121-92.95.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:lttng-modules-2.7.1-9.6.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:lttng-modules-kmp-default-2.7.1_k4.4.121_92.95-9.6.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-4.4.121-92.95.1.ppc64le", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-4.4.121-92.95.1.s390x", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-4.4.121-92.95.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-base-4.4.121-92.95.1.ppc64le", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-base-4.4.121-92.95.1.s390x", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-base-4.4.121-92.95.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-devel-4.4.121-92.95.1.ppc64le", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-devel-4.4.121-92.95.1.s390x", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-devel-4.4.121-92.95.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-man-4.4.121-92.95.1.s390x", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-devel-4.4.121-92.95.1.noarch", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-macros-4.4.121-92.95.1.noarch", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-source-4.4.121-92.95.1.noarch", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-syms-4.4.121-92.95.1.ppc64le", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-syms-4.4.121-92.95.1.s390x", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-syms-4.4.121-92.95.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-LTSS:kgraft-patch-4_4_121-92_95-default-1-3.4.1.ppc64le", "SUSE Linux Enterprise Server 12 SP2-LTSS:kgraft-patch-4_4_121-92_95-default-1-3.4.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-LTSS:lttng-modules-2.7.1-9.6.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-LTSS:lttng-modules-kmp-default-2.7.1_k4.4.121_92.95-9.6.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-4.4.121-92.95.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-4.4.121-92.95.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-base-4.4.121-92.95.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-base-4.4.121-92.95.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-devel-4.4.121-92.95.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-devel-4.4.121-92.95.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-devel-4.4.121-92.95.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-macros-4.4.121-92.95.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-source-4.4.121-92.95.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-syms-4.4.121-92.95.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-syms-4.4.121-92.95.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kgraft-patch-4_4_121-92_95-default-1-3.4.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kgraft-patch-4_4_121-92_95-default-1-3.4.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:lttng-modules-2.7.1-9.6.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:lttng-modules-kmp-default-2.7.1_k4.4.121_92.95-9.6.1.x86_64", "SUSE OpenStack Cloud 7:kernel-default-4.4.121-92.95.1.s390x", "SUSE OpenStack Cloud 7:kernel-default-4.4.121-92.95.1.x86_64", "SUSE OpenStack Cloud 7:kernel-default-base-4.4.121-92.95.1.s390x", "SUSE OpenStack Cloud 7:kernel-default-base-4.4.121-92.95.1.x86_64", "SUSE OpenStack Cloud 7:kernel-default-devel-4.4.121-92.95.1.s390x", "SUSE OpenStack Cloud 7:kernel-default-devel-4.4.121-92.95.1.x86_64", "SUSE OpenStack Cloud 7:kernel-default-man-4.4.121-92.95.1.s390x", "SUSE OpenStack Cloud 7:kernel-devel-4.4.121-92.95.1.noarch", "SUSE OpenStack Cloud 7:kernel-macros-4.4.121-92.95.1.noarch", "SUSE OpenStack Cloud 7:kernel-source-4.4.121-92.95.1.noarch", "SUSE OpenStack Cloud 7:kernel-syms-4.4.121-92.95.1.s390x", "SUSE OpenStack Cloud 7:kernel-syms-4.4.121-92.95.1.x86_64", "SUSE OpenStack Cloud 7:kgraft-patch-4_4_121-92_95-default-1-3.4.1.x86_64", "SUSE OpenStack Cloud 7:lttng-modules-2.7.1-9.6.1.x86_64", "SUSE OpenStack Cloud 7:lttng-modules-kmp-default-2.7.1_k4.4.121_92.95-9.6.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2018-10-09T12:00:14Z", details: "low", }, ], title: "CVE-2018-6554", }, { cve: "CVE-2018-6555", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2018-6555", }, ], notes: [ { category: "general", text: "The irda_setsockopt function in net/irda/af_irda.c and later in drivers/staging/irda/net/af_irda.c in the Linux kernel before 4.17 allows local users to cause a denial of service (ias_object use-after-free and system crash) or possibly have unspecified other impact via an AF_IRDA socket.", title: "CVE description", }, ], product_status: { recommended: [ "SUSE Enterprise Storage 4:kernel-default-4.4.121-92.95.1.x86_64", "SUSE Enterprise Storage 4:kernel-default-base-4.4.121-92.95.1.x86_64", "SUSE Enterprise Storage 4:kernel-default-devel-4.4.121-92.95.1.x86_64", "SUSE Enterprise Storage 4:kernel-devel-4.4.121-92.95.1.noarch", "SUSE Enterprise Storage 4:kernel-macros-4.4.121-92.95.1.noarch", "SUSE Enterprise Storage 4:kernel-source-4.4.121-92.95.1.noarch", "SUSE Enterprise Storage 4:kernel-syms-4.4.121-92.95.1.x86_64", "SUSE Enterprise Storage 4:kgraft-patch-4_4_121-92_95-default-1-3.4.1.x86_64", "SUSE Enterprise Storage 4:lttng-modules-2.7.1-9.6.1.x86_64", "SUSE Enterprise Storage 4:lttng-modules-kmp-default-2.7.1_k4.4.121_92.95-9.6.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP2:cluster-md-kmp-default-4.4.121-92.95.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP2:cluster-md-kmp-default-4.4.121-92.95.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP2:cluster-md-kmp-default-4.4.121-92.95.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP2:cluster-network-kmp-default-4.4.121-92.95.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP2:cluster-network-kmp-default-4.4.121-92.95.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP2:cluster-network-kmp-default-4.4.121-92.95.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP2:dlm-kmp-default-4.4.121-92.95.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP2:dlm-kmp-default-4.4.121-92.95.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP2:dlm-kmp-default-4.4.121-92.95.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP2:gfs2-kmp-default-4.4.121-92.95.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP2:gfs2-kmp-default-4.4.121-92.95.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP2:gfs2-kmp-default-4.4.121-92.95.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP2:ocfs2-kmp-default-4.4.121-92.95.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP2:ocfs2-kmp-default-4.4.121-92.95.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP2:ocfs2-kmp-default-4.4.121-92.95.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-default-4.4.121-92.95.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-default-base-4.4.121-92.95.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-default-devel-4.4.121-92.95.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-devel-4.4.121-92.95.1.noarch", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-macros-4.4.121-92.95.1.noarch", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-source-4.4.121-92.95.1.noarch", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-syms-4.4.121-92.95.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:lttng-modules-2.7.1-9.6.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:lttng-modules-kmp-default-2.7.1_k4.4.121_92.95-9.6.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-4.4.121-92.95.1.ppc64le", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-4.4.121-92.95.1.s390x", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-4.4.121-92.95.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-base-4.4.121-92.95.1.ppc64le", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-base-4.4.121-92.95.1.s390x", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-base-4.4.121-92.95.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-devel-4.4.121-92.95.1.ppc64le", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-devel-4.4.121-92.95.1.s390x", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-devel-4.4.121-92.95.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-man-4.4.121-92.95.1.s390x", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-devel-4.4.121-92.95.1.noarch", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-macros-4.4.121-92.95.1.noarch", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-source-4.4.121-92.95.1.noarch", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-syms-4.4.121-92.95.1.ppc64le", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-syms-4.4.121-92.95.1.s390x", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-syms-4.4.121-92.95.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-LTSS:kgraft-patch-4_4_121-92_95-default-1-3.4.1.ppc64le", "SUSE Linux Enterprise Server 12 SP2-LTSS:kgraft-patch-4_4_121-92_95-default-1-3.4.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-LTSS:lttng-modules-2.7.1-9.6.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-LTSS:lttng-modules-kmp-default-2.7.1_k4.4.121_92.95-9.6.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-4.4.121-92.95.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-4.4.121-92.95.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-base-4.4.121-92.95.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-base-4.4.121-92.95.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-devel-4.4.121-92.95.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-devel-4.4.121-92.95.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-devel-4.4.121-92.95.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-macros-4.4.121-92.95.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-source-4.4.121-92.95.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-syms-4.4.121-92.95.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-syms-4.4.121-92.95.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kgraft-patch-4_4_121-92_95-default-1-3.4.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kgraft-patch-4_4_121-92_95-default-1-3.4.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:lttng-modules-2.7.1-9.6.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:lttng-modules-kmp-default-2.7.1_k4.4.121_92.95-9.6.1.x86_64", "SUSE OpenStack Cloud 7:kernel-default-4.4.121-92.95.1.s390x", "SUSE OpenStack Cloud 7:kernel-default-4.4.121-92.95.1.x86_64", "SUSE OpenStack Cloud 7:kernel-default-base-4.4.121-92.95.1.s390x", "SUSE OpenStack Cloud 7:kernel-default-base-4.4.121-92.95.1.x86_64", "SUSE OpenStack Cloud 7:kernel-default-devel-4.4.121-92.95.1.s390x", "SUSE OpenStack Cloud 7:kernel-default-devel-4.4.121-92.95.1.x86_64", "SUSE OpenStack Cloud 7:kernel-default-man-4.4.121-92.95.1.s390x", "SUSE OpenStack Cloud 7:kernel-devel-4.4.121-92.95.1.noarch", "SUSE OpenStack Cloud 7:kernel-macros-4.4.121-92.95.1.noarch", "SUSE OpenStack Cloud 7:kernel-source-4.4.121-92.95.1.noarch", "SUSE OpenStack Cloud 7:kernel-syms-4.4.121-92.95.1.s390x", "SUSE OpenStack Cloud 7:kernel-syms-4.4.121-92.95.1.x86_64", "SUSE OpenStack Cloud 7:kgraft-patch-4_4_121-92_95-default-1-3.4.1.x86_64", "SUSE OpenStack Cloud 7:lttng-modules-2.7.1-9.6.1.x86_64", "SUSE OpenStack Cloud 7:lttng-modules-kmp-default-2.7.1_k4.4.121_92.95-9.6.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2018-6555", url: "https://www.suse.com/security/cve/CVE-2018-6555", }, { category: "external", summary: "SUSE Bug 1106509 for CVE-2018-6555", url: "https://bugzilla.suse.com/1106509", }, { category: "external", summary: "SUSE Bug 1106511 for CVE-2018-6555", url: "https://bugzilla.suse.com/1106511", }, { category: "external", summary: "SUSE Bug 1115893 for CVE-2018-6555", url: "https://bugzilla.suse.com/1115893", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE Enterprise Storage 4:kernel-default-4.4.121-92.95.1.x86_64", "SUSE Enterprise Storage 4:kernel-default-base-4.4.121-92.95.1.x86_64", "SUSE Enterprise Storage 4:kernel-default-devel-4.4.121-92.95.1.x86_64", "SUSE Enterprise Storage 4:kernel-devel-4.4.121-92.95.1.noarch", "SUSE Enterprise Storage 4:kernel-macros-4.4.121-92.95.1.noarch", "SUSE Enterprise Storage 4:kernel-source-4.4.121-92.95.1.noarch", "SUSE Enterprise Storage 4:kernel-syms-4.4.121-92.95.1.x86_64", "SUSE Enterprise Storage 4:kgraft-patch-4_4_121-92_95-default-1-3.4.1.x86_64", "SUSE Enterprise Storage 4:lttng-modules-2.7.1-9.6.1.x86_64", "SUSE Enterprise Storage 4:lttng-modules-kmp-default-2.7.1_k4.4.121_92.95-9.6.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP2:cluster-md-kmp-default-4.4.121-92.95.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP2:cluster-md-kmp-default-4.4.121-92.95.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP2:cluster-md-kmp-default-4.4.121-92.95.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP2:cluster-network-kmp-default-4.4.121-92.95.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP2:cluster-network-kmp-default-4.4.121-92.95.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP2:cluster-network-kmp-default-4.4.121-92.95.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP2:dlm-kmp-default-4.4.121-92.95.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP2:dlm-kmp-default-4.4.121-92.95.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP2:dlm-kmp-default-4.4.121-92.95.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP2:gfs2-kmp-default-4.4.121-92.95.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP2:gfs2-kmp-default-4.4.121-92.95.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP2:gfs2-kmp-default-4.4.121-92.95.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP2:ocfs2-kmp-default-4.4.121-92.95.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP2:ocfs2-kmp-default-4.4.121-92.95.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP2:ocfs2-kmp-default-4.4.121-92.95.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-default-4.4.121-92.95.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-default-base-4.4.121-92.95.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-default-devel-4.4.121-92.95.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-devel-4.4.121-92.95.1.noarch", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-macros-4.4.121-92.95.1.noarch", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-source-4.4.121-92.95.1.noarch", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-syms-4.4.121-92.95.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:lttng-modules-2.7.1-9.6.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:lttng-modules-kmp-default-2.7.1_k4.4.121_92.95-9.6.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-4.4.121-92.95.1.ppc64le", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-4.4.121-92.95.1.s390x", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-4.4.121-92.95.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-base-4.4.121-92.95.1.ppc64le", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-base-4.4.121-92.95.1.s390x", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-base-4.4.121-92.95.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-devel-4.4.121-92.95.1.ppc64le", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-devel-4.4.121-92.95.1.s390x", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-devel-4.4.121-92.95.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-man-4.4.121-92.95.1.s390x", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-devel-4.4.121-92.95.1.noarch", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-macros-4.4.121-92.95.1.noarch", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-source-4.4.121-92.95.1.noarch", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-syms-4.4.121-92.95.1.ppc64le", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-syms-4.4.121-92.95.1.s390x", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-syms-4.4.121-92.95.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-LTSS:kgraft-patch-4_4_121-92_95-default-1-3.4.1.ppc64le", "SUSE Linux Enterprise Server 12 SP2-LTSS:kgraft-patch-4_4_121-92_95-default-1-3.4.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-LTSS:lttng-modules-2.7.1-9.6.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-LTSS:lttng-modules-kmp-default-2.7.1_k4.4.121_92.95-9.6.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-4.4.121-92.95.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-4.4.121-92.95.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-base-4.4.121-92.95.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-base-4.4.121-92.95.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-devel-4.4.121-92.95.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-devel-4.4.121-92.95.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-devel-4.4.121-92.95.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-macros-4.4.121-92.95.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-source-4.4.121-92.95.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-syms-4.4.121-92.95.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-syms-4.4.121-92.95.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kgraft-patch-4_4_121-92_95-default-1-3.4.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kgraft-patch-4_4_121-92_95-default-1-3.4.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:lttng-modules-2.7.1-9.6.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:lttng-modules-kmp-default-2.7.1_k4.4.121_92.95-9.6.1.x86_64", "SUSE OpenStack Cloud 7:kernel-default-4.4.121-92.95.1.s390x", "SUSE OpenStack Cloud 7:kernel-default-4.4.121-92.95.1.x86_64", "SUSE OpenStack Cloud 7:kernel-default-base-4.4.121-92.95.1.s390x", "SUSE OpenStack Cloud 7:kernel-default-base-4.4.121-92.95.1.x86_64", "SUSE OpenStack Cloud 7:kernel-default-devel-4.4.121-92.95.1.s390x", "SUSE OpenStack Cloud 7:kernel-default-devel-4.4.121-92.95.1.x86_64", "SUSE OpenStack Cloud 7:kernel-default-man-4.4.121-92.95.1.s390x", "SUSE OpenStack Cloud 7:kernel-devel-4.4.121-92.95.1.noarch", "SUSE OpenStack Cloud 7:kernel-macros-4.4.121-92.95.1.noarch", "SUSE OpenStack Cloud 7:kernel-source-4.4.121-92.95.1.noarch", "SUSE OpenStack Cloud 7:kernel-syms-4.4.121-92.95.1.s390x", "SUSE OpenStack Cloud 7:kernel-syms-4.4.121-92.95.1.x86_64", "SUSE OpenStack Cloud 7:kgraft-patch-4_4_121-92_95-default-1-3.4.1.x86_64", "SUSE OpenStack Cloud 7:lttng-modules-2.7.1-9.6.1.x86_64", "SUSE OpenStack Cloud 7:lttng-modules-kmp-default-2.7.1_k4.4.121_92.95-9.6.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 4.4, baseSeverity: "MEDIUM", vectorString: "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:L", version: "3.0", }, products: [ "SUSE Enterprise Storage 4:kernel-default-4.4.121-92.95.1.x86_64", "SUSE Enterprise Storage 4:kernel-default-base-4.4.121-92.95.1.x86_64", "SUSE Enterprise Storage 4:kernel-default-devel-4.4.121-92.95.1.x86_64", "SUSE Enterprise Storage 4:kernel-devel-4.4.121-92.95.1.noarch", "SUSE Enterprise Storage 4:kernel-macros-4.4.121-92.95.1.noarch", "SUSE Enterprise Storage 4:kernel-source-4.4.121-92.95.1.noarch", "SUSE Enterprise Storage 4:kernel-syms-4.4.121-92.95.1.x86_64", "SUSE Enterprise Storage 4:kgraft-patch-4_4_121-92_95-default-1-3.4.1.x86_64", "SUSE Enterprise Storage 4:lttng-modules-2.7.1-9.6.1.x86_64", "SUSE Enterprise Storage 4:lttng-modules-kmp-default-2.7.1_k4.4.121_92.95-9.6.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP2:cluster-md-kmp-default-4.4.121-92.95.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP2:cluster-md-kmp-default-4.4.121-92.95.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP2:cluster-md-kmp-default-4.4.121-92.95.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP2:cluster-network-kmp-default-4.4.121-92.95.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP2:cluster-network-kmp-default-4.4.121-92.95.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP2:cluster-network-kmp-default-4.4.121-92.95.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP2:dlm-kmp-default-4.4.121-92.95.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP2:dlm-kmp-default-4.4.121-92.95.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP2:dlm-kmp-default-4.4.121-92.95.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP2:gfs2-kmp-default-4.4.121-92.95.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP2:gfs2-kmp-default-4.4.121-92.95.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP2:gfs2-kmp-default-4.4.121-92.95.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP2:ocfs2-kmp-default-4.4.121-92.95.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP2:ocfs2-kmp-default-4.4.121-92.95.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP2:ocfs2-kmp-default-4.4.121-92.95.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-default-4.4.121-92.95.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-default-base-4.4.121-92.95.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-default-devel-4.4.121-92.95.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-devel-4.4.121-92.95.1.noarch", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-macros-4.4.121-92.95.1.noarch", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-source-4.4.121-92.95.1.noarch", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-syms-4.4.121-92.95.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:lttng-modules-2.7.1-9.6.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:lttng-modules-kmp-default-2.7.1_k4.4.121_92.95-9.6.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-4.4.121-92.95.1.ppc64le", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-4.4.121-92.95.1.s390x", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-4.4.121-92.95.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-base-4.4.121-92.95.1.ppc64le", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-base-4.4.121-92.95.1.s390x", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-base-4.4.121-92.95.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-devel-4.4.121-92.95.1.ppc64le", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-devel-4.4.121-92.95.1.s390x", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-devel-4.4.121-92.95.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-man-4.4.121-92.95.1.s390x", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-devel-4.4.121-92.95.1.noarch", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-macros-4.4.121-92.95.1.noarch", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-source-4.4.121-92.95.1.noarch", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-syms-4.4.121-92.95.1.ppc64le", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-syms-4.4.121-92.95.1.s390x", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-syms-4.4.121-92.95.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-LTSS:kgraft-patch-4_4_121-92_95-default-1-3.4.1.ppc64le", "SUSE Linux Enterprise Server 12 SP2-LTSS:kgraft-patch-4_4_121-92_95-default-1-3.4.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-LTSS:lttng-modules-2.7.1-9.6.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-LTSS:lttng-modules-kmp-default-2.7.1_k4.4.121_92.95-9.6.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-4.4.121-92.95.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-4.4.121-92.95.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-base-4.4.121-92.95.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-base-4.4.121-92.95.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-devel-4.4.121-92.95.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-devel-4.4.121-92.95.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-devel-4.4.121-92.95.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-macros-4.4.121-92.95.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-source-4.4.121-92.95.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-syms-4.4.121-92.95.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-syms-4.4.121-92.95.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kgraft-patch-4_4_121-92_95-default-1-3.4.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kgraft-patch-4_4_121-92_95-default-1-3.4.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:lttng-modules-2.7.1-9.6.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:lttng-modules-kmp-default-2.7.1_k4.4.121_92.95-9.6.1.x86_64", "SUSE OpenStack Cloud 7:kernel-default-4.4.121-92.95.1.s390x", "SUSE OpenStack Cloud 7:kernel-default-4.4.121-92.95.1.x86_64", "SUSE OpenStack Cloud 7:kernel-default-base-4.4.121-92.95.1.s390x", "SUSE OpenStack Cloud 7:kernel-default-base-4.4.121-92.95.1.x86_64", "SUSE OpenStack Cloud 7:kernel-default-devel-4.4.121-92.95.1.s390x", "SUSE OpenStack Cloud 7:kernel-default-devel-4.4.121-92.95.1.x86_64", "SUSE OpenStack Cloud 7:kernel-default-man-4.4.121-92.95.1.s390x", "SUSE OpenStack Cloud 7:kernel-devel-4.4.121-92.95.1.noarch", "SUSE OpenStack Cloud 7:kernel-macros-4.4.121-92.95.1.noarch", "SUSE OpenStack Cloud 7:kernel-source-4.4.121-92.95.1.noarch", "SUSE OpenStack Cloud 7:kernel-syms-4.4.121-92.95.1.s390x", "SUSE OpenStack Cloud 7:kernel-syms-4.4.121-92.95.1.x86_64", "SUSE OpenStack Cloud 7:kgraft-patch-4_4_121-92_95-default-1-3.4.1.x86_64", "SUSE OpenStack Cloud 7:lttng-modules-2.7.1-9.6.1.x86_64", "SUSE OpenStack Cloud 7:lttng-modules-kmp-default-2.7.1_k4.4.121_92.95-9.6.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2018-10-09T12:00:14Z", details: "moderate", }, ], title: "CVE-2018-6555", }, { cve: "CVE-2018-7480", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2018-7480", }, ], notes: [ { category: "general", text: "The blkcg_init_queue function in block/blk-cgroup.c in the Linux kernel before 4.11 allows local users to cause a denial of service (double free) or possibly have unspecified other impact by triggering a creation failure.", title: "CVE description", }, ], product_status: { recommended: [ "SUSE Enterprise Storage 4:kernel-default-4.4.121-92.95.1.x86_64", "SUSE Enterprise Storage 4:kernel-default-base-4.4.121-92.95.1.x86_64", "SUSE Enterprise Storage 4:kernel-default-devel-4.4.121-92.95.1.x86_64", "SUSE Enterprise Storage 4:kernel-devel-4.4.121-92.95.1.noarch", "SUSE Enterprise Storage 4:kernel-macros-4.4.121-92.95.1.noarch", "SUSE Enterprise Storage 4:kernel-source-4.4.121-92.95.1.noarch", "SUSE Enterprise Storage 4:kernel-syms-4.4.121-92.95.1.x86_64", "SUSE Enterprise Storage 4:kgraft-patch-4_4_121-92_95-default-1-3.4.1.x86_64", "SUSE Enterprise Storage 4:lttng-modules-2.7.1-9.6.1.x86_64", "SUSE Enterprise Storage 4:lttng-modules-kmp-default-2.7.1_k4.4.121_92.95-9.6.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP2:cluster-md-kmp-default-4.4.121-92.95.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP2:cluster-md-kmp-default-4.4.121-92.95.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP2:cluster-md-kmp-default-4.4.121-92.95.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP2:cluster-network-kmp-default-4.4.121-92.95.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP2:cluster-network-kmp-default-4.4.121-92.95.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP2:cluster-network-kmp-default-4.4.121-92.95.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP2:dlm-kmp-default-4.4.121-92.95.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP2:dlm-kmp-default-4.4.121-92.95.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP2:dlm-kmp-default-4.4.121-92.95.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP2:gfs2-kmp-default-4.4.121-92.95.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP2:gfs2-kmp-default-4.4.121-92.95.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP2:gfs2-kmp-default-4.4.121-92.95.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP2:ocfs2-kmp-default-4.4.121-92.95.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP2:ocfs2-kmp-default-4.4.121-92.95.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP2:ocfs2-kmp-default-4.4.121-92.95.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-default-4.4.121-92.95.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-default-base-4.4.121-92.95.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-default-devel-4.4.121-92.95.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-devel-4.4.121-92.95.1.noarch", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-macros-4.4.121-92.95.1.noarch", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-source-4.4.121-92.95.1.noarch", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-syms-4.4.121-92.95.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:lttng-modules-2.7.1-9.6.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:lttng-modules-kmp-default-2.7.1_k4.4.121_92.95-9.6.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-4.4.121-92.95.1.ppc64le", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-4.4.121-92.95.1.s390x", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-4.4.121-92.95.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-base-4.4.121-92.95.1.ppc64le", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-base-4.4.121-92.95.1.s390x", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-base-4.4.121-92.95.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-devel-4.4.121-92.95.1.ppc64le", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-devel-4.4.121-92.95.1.s390x", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-devel-4.4.121-92.95.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-man-4.4.121-92.95.1.s390x", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-devel-4.4.121-92.95.1.noarch", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-macros-4.4.121-92.95.1.noarch", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-source-4.4.121-92.95.1.noarch", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-syms-4.4.121-92.95.1.ppc64le", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-syms-4.4.121-92.95.1.s390x", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-syms-4.4.121-92.95.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-LTSS:kgraft-patch-4_4_121-92_95-default-1-3.4.1.ppc64le", "SUSE Linux Enterprise Server 12 SP2-LTSS:kgraft-patch-4_4_121-92_95-default-1-3.4.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-LTSS:lttng-modules-2.7.1-9.6.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-LTSS:lttng-modules-kmp-default-2.7.1_k4.4.121_92.95-9.6.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-4.4.121-92.95.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-4.4.121-92.95.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-base-4.4.121-92.95.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-base-4.4.121-92.95.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-devel-4.4.121-92.95.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-devel-4.4.121-92.95.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-devel-4.4.121-92.95.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-macros-4.4.121-92.95.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-source-4.4.121-92.95.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-syms-4.4.121-92.95.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-syms-4.4.121-92.95.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kgraft-patch-4_4_121-92_95-default-1-3.4.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kgraft-patch-4_4_121-92_95-default-1-3.4.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:lttng-modules-2.7.1-9.6.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:lttng-modules-kmp-default-2.7.1_k4.4.121_92.95-9.6.1.x86_64", "SUSE OpenStack Cloud 7:kernel-default-4.4.121-92.95.1.s390x", "SUSE OpenStack Cloud 7:kernel-default-4.4.121-92.95.1.x86_64", "SUSE OpenStack Cloud 7:kernel-default-base-4.4.121-92.95.1.s390x", "SUSE OpenStack Cloud 7:kernel-default-base-4.4.121-92.95.1.x86_64", "SUSE OpenStack Cloud 7:kernel-default-devel-4.4.121-92.95.1.s390x", "SUSE OpenStack Cloud 7:kernel-default-devel-4.4.121-92.95.1.x86_64", "SUSE OpenStack Cloud 7:kernel-default-man-4.4.121-92.95.1.s390x", "SUSE OpenStack Cloud 7:kernel-devel-4.4.121-92.95.1.noarch", "SUSE OpenStack Cloud 7:kernel-macros-4.4.121-92.95.1.noarch", "SUSE OpenStack Cloud 7:kernel-source-4.4.121-92.95.1.noarch", "SUSE OpenStack Cloud 7:kernel-syms-4.4.121-92.95.1.s390x", "SUSE OpenStack Cloud 7:kernel-syms-4.4.121-92.95.1.x86_64", "SUSE OpenStack Cloud 7:kgraft-patch-4_4_121-92_95-default-1-3.4.1.x86_64", "SUSE OpenStack Cloud 7:lttng-modules-2.7.1-9.6.1.x86_64", "SUSE OpenStack Cloud 7:lttng-modules-kmp-default-2.7.1_k4.4.121_92.95-9.6.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2018-7480", url: "https://www.suse.com/security/cve/CVE-2018-7480", }, { category: "external", summary: "SUSE Bug 1082863 for CVE-2018-7480", url: "https://bugzilla.suse.com/1082863", }, { category: "external", summary: "SUSE Bug 1084536 for CVE-2018-7480", url: "https://bugzilla.suse.com/1084536", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE Enterprise Storage 4:kernel-default-4.4.121-92.95.1.x86_64", "SUSE Enterprise Storage 4:kernel-default-base-4.4.121-92.95.1.x86_64", "SUSE Enterprise Storage 4:kernel-default-devel-4.4.121-92.95.1.x86_64", "SUSE Enterprise Storage 4:kernel-devel-4.4.121-92.95.1.noarch", "SUSE Enterprise Storage 4:kernel-macros-4.4.121-92.95.1.noarch", "SUSE Enterprise Storage 4:kernel-source-4.4.121-92.95.1.noarch", "SUSE Enterprise Storage 4:kernel-syms-4.4.121-92.95.1.x86_64", "SUSE Enterprise Storage 4:kgraft-patch-4_4_121-92_95-default-1-3.4.1.x86_64", "SUSE Enterprise Storage 4:lttng-modules-2.7.1-9.6.1.x86_64", "SUSE Enterprise Storage 4:lttng-modules-kmp-default-2.7.1_k4.4.121_92.95-9.6.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP2:cluster-md-kmp-default-4.4.121-92.95.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP2:cluster-md-kmp-default-4.4.121-92.95.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP2:cluster-md-kmp-default-4.4.121-92.95.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP2:cluster-network-kmp-default-4.4.121-92.95.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP2:cluster-network-kmp-default-4.4.121-92.95.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP2:cluster-network-kmp-default-4.4.121-92.95.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP2:dlm-kmp-default-4.4.121-92.95.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP2:dlm-kmp-default-4.4.121-92.95.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP2:dlm-kmp-default-4.4.121-92.95.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP2:gfs2-kmp-default-4.4.121-92.95.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP2:gfs2-kmp-default-4.4.121-92.95.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP2:gfs2-kmp-default-4.4.121-92.95.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP2:ocfs2-kmp-default-4.4.121-92.95.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP2:ocfs2-kmp-default-4.4.121-92.95.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP2:ocfs2-kmp-default-4.4.121-92.95.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-default-4.4.121-92.95.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-default-base-4.4.121-92.95.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-default-devel-4.4.121-92.95.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-devel-4.4.121-92.95.1.noarch", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-macros-4.4.121-92.95.1.noarch", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-source-4.4.121-92.95.1.noarch", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-syms-4.4.121-92.95.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:lttng-modules-2.7.1-9.6.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:lttng-modules-kmp-default-2.7.1_k4.4.121_92.95-9.6.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-4.4.121-92.95.1.ppc64le", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-4.4.121-92.95.1.s390x", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-4.4.121-92.95.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-base-4.4.121-92.95.1.ppc64le", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-base-4.4.121-92.95.1.s390x", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-base-4.4.121-92.95.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-devel-4.4.121-92.95.1.ppc64le", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-devel-4.4.121-92.95.1.s390x", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-devel-4.4.121-92.95.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-man-4.4.121-92.95.1.s390x", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-devel-4.4.121-92.95.1.noarch", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-macros-4.4.121-92.95.1.noarch", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-source-4.4.121-92.95.1.noarch", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-syms-4.4.121-92.95.1.ppc64le", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-syms-4.4.121-92.95.1.s390x", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-syms-4.4.121-92.95.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-LTSS:kgraft-patch-4_4_121-92_95-default-1-3.4.1.ppc64le", "SUSE Linux Enterprise Server 12 SP2-LTSS:kgraft-patch-4_4_121-92_95-default-1-3.4.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-LTSS:lttng-modules-2.7.1-9.6.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-LTSS:lttng-modules-kmp-default-2.7.1_k4.4.121_92.95-9.6.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-4.4.121-92.95.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-4.4.121-92.95.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-base-4.4.121-92.95.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-base-4.4.121-92.95.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-devel-4.4.121-92.95.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-devel-4.4.121-92.95.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-devel-4.4.121-92.95.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-macros-4.4.121-92.95.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-source-4.4.121-92.95.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-syms-4.4.121-92.95.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-syms-4.4.121-92.95.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kgraft-patch-4_4_121-92_95-default-1-3.4.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kgraft-patch-4_4_121-92_95-default-1-3.4.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:lttng-modules-2.7.1-9.6.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:lttng-modules-kmp-default-2.7.1_k4.4.121_92.95-9.6.1.x86_64", "SUSE OpenStack Cloud 7:kernel-default-4.4.121-92.95.1.s390x", "SUSE OpenStack Cloud 7:kernel-default-4.4.121-92.95.1.x86_64", "SUSE OpenStack Cloud 7:kernel-default-base-4.4.121-92.95.1.s390x", "SUSE OpenStack Cloud 7:kernel-default-base-4.4.121-92.95.1.x86_64", "SUSE OpenStack Cloud 7:kernel-default-devel-4.4.121-92.95.1.s390x", "SUSE OpenStack Cloud 7:kernel-default-devel-4.4.121-92.95.1.x86_64", "SUSE OpenStack Cloud 7:kernel-default-man-4.4.121-92.95.1.s390x", "SUSE OpenStack Cloud 7:kernel-devel-4.4.121-92.95.1.noarch", "SUSE OpenStack Cloud 7:kernel-macros-4.4.121-92.95.1.noarch", "SUSE OpenStack Cloud 7:kernel-source-4.4.121-92.95.1.noarch", "SUSE OpenStack Cloud 7:kernel-syms-4.4.121-92.95.1.s390x", "SUSE OpenStack Cloud 7:kernel-syms-4.4.121-92.95.1.x86_64", "SUSE OpenStack Cloud 7:kgraft-patch-4_4_121-92_95-default-1-3.4.1.x86_64", "SUSE OpenStack Cloud 7:lttng-modules-2.7.1-9.6.1.x86_64", "SUSE OpenStack Cloud 7:lttng-modules-kmp-default-2.7.1_k4.4.121_92.95-9.6.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 6.7, baseSeverity: "MEDIUM", vectorString: "CVSS:3.0/AV:L/AC:H/PR:N/UI:N/S:C/C:N/I:L/A:H", version: "3.0", }, products: [ "SUSE Enterprise Storage 4:kernel-default-4.4.121-92.95.1.x86_64", "SUSE Enterprise Storage 4:kernel-default-base-4.4.121-92.95.1.x86_64", "SUSE Enterprise Storage 4:kernel-default-devel-4.4.121-92.95.1.x86_64", "SUSE Enterprise Storage 4:kernel-devel-4.4.121-92.95.1.noarch", "SUSE Enterprise Storage 4:kernel-macros-4.4.121-92.95.1.noarch", "SUSE Enterprise Storage 4:kernel-source-4.4.121-92.95.1.noarch", "SUSE Enterprise Storage 4:kernel-syms-4.4.121-92.95.1.x86_64", "SUSE Enterprise Storage 4:kgraft-patch-4_4_121-92_95-default-1-3.4.1.x86_64", "SUSE Enterprise Storage 4:lttng-modules-2.7.1-9.6.1.x86_64", "SUSE Enterprise Storage 4:lttng-modules-kmp-default-2.7.1_k4.4.121_92.95-9.6.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP2:cluster-md-kmp-default-4.4.121-92.95.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP2:cluster-md-kmp-default-4.4.121-92.95.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP2:cluster-md-kmp-default-4.4.121-92.95.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP2:cluster-network-kmp-default-4.4.121-92.95.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP2:cluster-network-kmp-default-4.4.121-92.95.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP2:cluster-network-kmp-default-4.4.121-92.95.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP2:dlm-kmp-default-4.4.121-92.95.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP2:dlm-kmp-default-4.4.121-92.95.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP2:dlm-kmp-default-4.4.121-92.95.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP2:gfs2-kmp-default-4.4.121-92.95.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP2:gfs2-kmp-default-4.4.121-92.95.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP2:gfs2-kmp-default-4.4.121-92.95.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP2:ocfs2-kmp-default-4.4.121-92.95.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP2:ocfs2-kmp-default-4.4.121-92.95.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP2:ocfs2-kmp-default-4.4.121-92.95.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-default-4.4.121-92.95.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-default-base-4.4.121-92.95.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-default-devel-4.4.121-92.95.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-devel-4.4.121-92.95.1.noarch", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-macros-4.4.121-92.95.1.noarch", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-source-4.4.121-92.95.1.noarch", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-syms-4.4.121-92.95.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:lttng-modules-2.7.1-9.6.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:lttng-modules-kmp-default-2.7.1_k4.4.121_92.95-9.6.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-4.4.121-92.95.1.ppc64le", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-4.4.121-92.95.1.s390x", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-4.4.121-92.95.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-base-4.4.121-92.95.1.ppc64le", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-base-4.4.121-92.95.1.s390x", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-base-4.4.121-92.95.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-devel-4.4.121-92.95.1.ppc64le", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-devel-4.4.121-92.95.1.s390x", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-devel-4.4.121-92.95.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-man-4.4.121-92.95.1.s390x", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-devel-4.4.121-92.95.1.noarch", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-macros-4.4.121-92.95.1.noarch", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-source-4.4.121-92.95.1.noarch", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-syms-4.4.121-92.95.1.ppc64le", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-syms-4.4.121-92.95.1.s390x", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-syms-4.4.121-92.95.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-LTSS:kgraft-patch-4_4_121-92_95-default-1-3.4.1.ppc64le", "SUSE Linux Enterprise Server 12 SP2-LTSS:kgraft-patch-4_4_121-92_95-default-1-3.4.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-LTSS:lttng-modules-2.7.1-9.6.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-LTSS:lttng-modules-kmp-default-2.7.1_k4.4.121_92.95-9.6.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-4.4.121-92.95.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-4.4.121-92.95.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-base-4.4.121-92.95.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-base-4.4.121-92.95.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-devel-4.4.121-92.95.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-devel-4.4.121-92.95.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-devel-4.4.121-92.95.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-macros-4.4.121-92.95.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-source-4.4.121-92.95.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-syms-4.4.121-92.95.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-syms-4.4.121-92.95.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kgraft-patch-4_4_121-92_95-default-1-3.4.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kgraft-patch-4_4_121-92_95-default-1-3.4.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:lttng-modules-2.7.1-9.6.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:lttng-modules-kmp-default-2.7.1_k4.4.121_92.95-9.6.1.x86_64", "SUSE OpenStack Cloud 7:kernel-default-4.4.121-92.95.1.s390x", "SUSE OpenStack Cloud 7:kernel-default-4.4.121-92.95.1.x86_64", "SUSE OpenStack Cloud 7:kernel-default-base-4.4.121-92.95.1.s390x", "SUSE OpenStack Cloud 7:kernel-default-base-4.4.121-92.95.1.x86_64", "SUSE OpenStack Cloud 7:kernel-default-devel-4.4.121-92.95.1.s390x", "SUSE OpenStack Cloud 7:kernel-default-devel-4.4.121-92.95.1.x86_64", "SUSE OpenStack Cloud 7:kernel-default-man-4.4.121-92.95.1.s390x", "SUSE OpenStack Cloud 7:kernel-devel-4.4.121-92.95.1.noarch", "SUSE OpenStack Cloud 7:kernel-macros-4.4.121-92.95.1.noarch", "SUSE OpenStack Cloud 7:kernel-source-4.4.121-92.95.1.noarch", "SUSE OpenStack Cloud 7:kernel-syms-4.4.121-92.95.1.s390x", "SUSE OpenStack Cloud 7:kernel-syms-4.4.121-92.95.1.x86_64", "SUSE OpenStack Cloud 7:kgraft-patch-4_4_121-92_95-default-1-3.4.1.x86_64", "SUSE OpenStack Cloud 7:lttng-modules-2.7.1-9.6.1.x86_64", "SUSE OpenStack Cloud 7:lttng-modules-kmp-default-2.7.1_k4.4.121_92.95-9.6.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2018-10-09T12:00:14Z", details: "moderate", }, ], title: "CVE-2018-7480", }, { cve: "CVE-2018-7757", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2018-7757", }, ], notes: [ { category: "general", text: "Memory leak in the sas_smp_get_phy_events function in drivers/scsi/libsas/sas_expander.c in the Linux kernel through 4.15.7 allows local users to cause a denial of service (memory consumption) via many read accesses to files in the /sys/class/sas_phy directory, as demonstrated by the /sys/class/sas_phy/phy-1:0:12/invalid_dword_count file.", title: "CVE description", }, ], product_status: { recommended: [ "SUSE Enterprise Storage 4:kernel-default-4.4.121-92.95.1.x86_64", "SUSE Enterprise Storage 4:kernel-default-base-4.4.121-92.95.1.x86_64", "SUSE Enterprise Storage 4:kernel-default-devel-4.4.121-92.95.1.x86_64", "SUSE Enterprise Storage 4:kernel-devel-4.4.121-92.95.1.noarch", "SUSE Enterprise Storage 4:kernel-macros-4.4.121-92.95.1.noarch", "SUSE Enterprise Storage 4:kernel-source-4.4.121-92.95.1.noarch", "SUSE Enterprise Storage 4:kernel-syms-4.4.121-92.95.1.x86_64", "SUSE Enterprise Storage 4:kgraft-patch-4_4_121-92_95-default-1-3.4.1.x86_64", "SUSE Enterprise Storage 4:lttng-modules-2.7.1-9.6.1.x86_64", "SUSE Enterprise Storage 4:lttng-modules-kmp-default-2.7.1_k4.4.121_92.95-9.6.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP2:cluster-md-kmp-default-4.4.121-92.95.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP2:cluster-md-kmp-default-4.4.121-92.95.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP2:cluster-md-kmp-default-4.4.121-92.95.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP2:cluster-network-kmp-default-4.4.121-92.95.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP2:cluster-network-kmp-default-4.4.121-92.95.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP2:cluster-network-kmp-default-4.4.121-92.95.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP2:dlm-kmp-default-4.4.121-92.95.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP2:dlm-kmp-default-4.4.121-92.95.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP2:dlm-kmp-default-4.4.121-92.95.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP2:gfs2-kmp-default-4.4.121-92.95.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP2:gfs2-kmp-default-4.4.121-92.95.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP2:gfs2-kmp-default-4.4.121-92.95.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP2:ocfs2-kmp-default-4.4.121-92.95.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP2:ocfs2-kmp-default-4.4.121-92.95.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP2:ocfs2-kmp-default-4.4.121-92.95.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-default-4.4.121-92.95.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-default-base-4.4.121-92.95.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-default-devel-4.4.121-92.95.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-devel-4.4.121-92.95.1.noarch", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-macros-4.4.121-92.95.1.noarch", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-source-4.4.121-92.95.1.noarch", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-syms-4.4.121-92.95.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:lttng-modules-2.7.1-9.6.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:lttng-modules-kmp-default-2.7.1_k4.4.121_92.95-9.6.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-4.4.121-92.95.1.ppc64le", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-4.4.121-92.95.1.s390x", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-4.4.121-92.95.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-base-4.4.121-92.95.1.ppc64le", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-base-4.4.121-92.95.1.s390x", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-base-4.4.121-92.95.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-devel-4.4.121-92.95.1.ppc64le", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-devel-4.4.121-92.95.1.s390x", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-devel-4.4.121-92.95.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-man-4.4.121-92.95.1.s390x", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-devel-4.4.121-92.95.1.noarch", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-macros-4.4.121-92.95.1.noarch", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-source-4.4.121-92.95.1.noarch", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-syms-4.4.121-92.95.1.ppc64le", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-syms-4.4.121-92.95.1.s390x", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-syms-4.4.121-92.95.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-LTSS:kgraft-patch-4_4_121-92_95-default-1-3.4.1.ppc64le", "SUSE Linux Enterprise Server 12 SP2-LTSS:kgraft-patch-4_4_121-92_95-default-1-3.4.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-LTSS:lttng-modules-2.7.1-9.6.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-LTSS:lttng-modules-kmp-default-2.7.1_k4.4.121_92.95-9.6.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-4.4.121-92.95.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-4.4.121-92.95.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-base-4.4.121-92.95.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-base-4.4.121-92.95.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-devel-4.4.121-92.95.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-devel-4.4.121-92.95.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-devel-4.4.121-92.95.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-macros-4.4.121-92.95.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-source-4.4.121-92.95.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-syms-4.4.121-92.95.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-syms-4.4.121-92.95.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kgraft-patch-4_4_121-92_95-default-1-3.4.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kgraft-patch-4_4_121-92_95-default-1-3.4.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:lttng-modules-2.7.1-9.6.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:lttng-modules-kmp-default-2.7.1_k4.4.121_92.95-9.6.1.x86_64", "SUSE OpenStack Cloud 7:kernel-default-4.4.121-92.95.1.s390x", "SUSE OpenStack Cloud 7:kernel-default-4.4.121-92.95.1.x86_64", "SUSE OpenStack Cloud 7:kernel-default-base-4.4.121-92.95.1.s390x", "SUSE OpenStack Cloud 7:kernel-default-base-4.4.121-92.95.1.x86_64", "SUSE OpenStack Cloud 7:kernel-default-devel-4.4.121-92.95.1.s390x", "SUSE OpenStack Cloud 7:kernel-default-devel-4.4.121-92.95.1.x86_64", "SUSE OpenStack Cloud 7:kernel-default-man-4.4.121-92.95.1.s390x", "SUSE OpenStack Cloud 7:kernel-devel-4.4.121-92.95.1.noarch", "SUSE OpenStack Cloud 7:kernel-macros-4.4.121-92.95.1.noarch", "SUSE OpenStack Cloud 7:kernel-source-4.4.121-92.95.1.noarch", "SUSE OpenStack Cloud 7:kernel-syms-4.4.121-92.95.1.s390x", "SUSE OpenStack Cloud 7:kernel-syms-4.4.121-92.95.1.x86_64", "SUSE OpenStack Cloud 7:kgraft-patch-4_4_121-92_95-default-1-3.4.1.x86_64", "SUSE OpenStack Cloud 7:lttng-modules-2.7.1-9.6.1.x86_64", "SUSE OpenStack Cloud 7:lttng-modules-kmp-default-2.7.1_k4.4.121_92.95-9.6.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2018-7757", url: "https://www.suse.com/security/cve/CVE-2018-7757", }, { category: "external", summary: "SUSE Bug 1084536 for CVE-2018-7757", url: "https://bugzilla.suse.com/1084536", }, { category: "external", summary: "SUSE Bug 1087082 for CVE-2018-7757", url: "https://bugzilla.suse.com/1087082", }, { category: "external", summary: "SUSE Bug 1087209 for CVE-2018-7757", url: "https://bugzilla.suse.com/1087209", }, { category: "external", summary: "SUSE Bug 1091815 for CVE-2018-7757", url: "https://bugzilla.suse.com/1091815", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE Enterprise Storage 4:kernel-default-4.4.121-92.95.1.x86_64", "SUSE Enterprise Storage 4:kernel-default-base-4.4.121-92.95.1.x86_64", "SUSE Enterprise Storage 4:kernel-default-devel-4.4.121-92.95.1.x86_64", "SUSE Enterprise Storage 4:kernel-devel-4.4.121-92.95.1.noarch", "SUSE Enterprise Storage 4:kernel-macros-4.4.121-92.95.1.noarch", "SUSE Enterprise Storage 4:kernel-source-4.4.121-92.95.1.noarch", "SUSE Enterprise Storage 4:kernel-syms-4.4.121-92.95.1.x86_64", "SUSE Enterprise Storage 4:kgraft-patch-4_4_121-92_95-default-1-3.4.1.x86_64", "SUSE Enterprise Storage 4:lttng-modules-2.7.1-9.6.1.x86_64", "SUSE Enterprise Storage 4:lttng-modules-kmp-default-2.7.1_k4.4.121_92.95-9.6.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP2:cluster-md-kmp-default-4.4.121-92.95.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP2:cluster-md-kmp-default-4.4.121-92.95.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP2:cluster-md-kmp-default-4.4.121-92.95.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP2:cluster-network-kmp-default-4.4.121-92.95.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP2:cluster-network-kmp-default-4.4.121-92.95.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP2:cluster-network-kmp-default-4.4.121-92.95.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP2:dlm-kmp-default-4.4.121-92.95.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP2:dlm-kmp-default-4.4.121-92.95.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP2:dlm-kmp-default-4.4.121-92.95.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP2:gfs2-kmp-default-4.4.121-92.95.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP2:gfs2-kmp-default-4.4.121-92.95.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP2:gfs2-kmp-default-4.4.121-92.95.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP2:ocfs2-kmp-default-4.4.121-92.95.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP2:ocfs2-kmp-default-4.4.121-92.95.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP2:ocfs2-kmp-default-4.4.121-92.95.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-default-4.4.121-92.95.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-default-base-4.4.121-92.95.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-default-devel-4.4.121-92.95.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-devel-4.4.121-92.95.1.noarch", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-macros-4.4.121-92.95.1.noarch", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-source-4.4.121-92.95.1.noarch", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-syms-4.4.121-92.95.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:lttng-modules-2.7.1-9.6.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:lttng-modules-kmp-default-2.7.1_k4.4.121_92.95-9.6.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-4.4.121-92.95.1.ppc64le", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-4.4.121-92.95.1.s390x", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-4.4.121-92.95.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-base-4.4.121-92.95.1.ppc64le", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-base-4.4.121-92.95.1.s390x", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-base-4.4.121-92.95.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-devel-4.4.121-92.95.1.ppc64le", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-devel-4.4.121-92.95.1.s390x", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-devel-4.4.121-92.95.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-man-4.4.121-92.95.1.s390x", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-devel-4.4.121-92.95.1.noarch", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-macros-4.4.121-92.95.1.noarch", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-source-4.4.121-92.95.1.noarch", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-syms-4.4.121-92.95.1.ppc64le", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-syms-4.4.121-92.95.1.s390x", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-syms-4.4.121-92.95.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-LTSS:kgraft-patch-4_4_121-92_95-default-1-3.4.1.ppc64le", "SUSE Linux Enterprise Server 12 SP2-LTSS:kgraft-patch-4_4_121-92_95-default-1-3.4.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-LTSS:lttng-modules-2.7.1-9.6.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-LTSS:lttng-modules-kmp-default-2.7.1_k4.4.121_92.95-9.6.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-4.4.121-92.95.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-4.4.121-92.95.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-base-4.4.121-92.95.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-base-4.4.121-92.95.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-devel-4.4.121-92.95.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-devel-4.4.121-92.95.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-devel-4.4.121-92.95.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-macros-4.4.121-92.95.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-source-4.4.121-92.95.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-syms-4.4.121-92.95.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-syms-4.4.121-92.95.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kgraft-patch-4_4_121-92_95-default-1-3.4.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kgraft-patch-4_4_121-92_95-default-1-3.4.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:lttng-modules-2.7.1-9.6.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:lttng-modules-kmp-default-2.7.1_k4.4.121_92.95-9.6.1.x86_64", "SUSE OpenStack Cloud 7:kernel-default-4.4.121-92.95.1.s390x", "SUSE OpenStack Cloud 7:kernel-default-4.4.121-92.95.1.x86_64", "SUSE OpenStack Cloud 7:kernel-default-base-4.4.121-92.95.1.s390x", "SUSE OpenStack Cloud 7:kernel-default-base-4.4.121-92.95.1.x86_64", "SUSE OpenStack Cloud 7:kernel-default-devel-4.4.121-92.95.1.s390x", "SUSE OpenStack Cloud 7:kernel-default-devel-4.4.121-92.95.1.x86_64", "SUSE OpenStack Cloud 7:kernel-default-man-4.4.121-92.95.1.s390x", "SUSE OpenStack Cloud 7:kernel-devel-4.4.121-92.95.1.noarch", "SUSE OpenStack Cloud 7:kernel-macros-4.4.121-92.95.1.noarch", "SUSE OpenStack Cloud 7:kernel-source-4.4.121-92.95.1.noarch", "SUSE OpenStack Cloud 7:kernel-syms-4.4.121-92.95.1.s390x", "SUSE OpenStack Cloud 7:kernel-syms-4.4.121-92.95.1.x86_64", "SUSE OpenStack Cloud 7:kgraft-patch-4_4_121-92_95-default-1-3.4.1.x86_64", "SUSE OpenStack Cloud 7:lttng-modules-2.7.1-9.6.1.x86_64", "SUSE OpenStack Cloud 7:lttng-modules-kmp-default-2.7.1_k4.4.121_92.95-9.6.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 5.5, baseSeverity: "MEDIUM", vectorString: "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", version: "3.0", }, products: [ "SUSE Enterprise Storage 4:kernel-default-4.4.121-92.95.1.x86_64", "SUSE Enterprise Storage 4:kernel-default-base-4.4.121-92.95.1.x86_64", "SUSE Enterprise Storage 4:kernel-default-devel-4.4.121-92.95.1.x86_64", "SUSE Enterprise Storage 4:kernel-devel-4.4.121-92.95.1.noarch", "SUSE Enterprise Storage 4:kernel-macros-4.4.121-92.95.1.noarch", "SUSE Enterprise Storage 4:kernel-source-4.4.121-92.95.1.noarch", "SUSE Enterprise Storage 4:kernel-syms-4.4.121-92.95.1.x86_64", "SUSE Enterprise Storage 4:kgraft-patch-4_4_121-92_95-default-1-3.4.1.x86_64", "SUSE Enterprise Storage 4:lttng-modules-2.7.1-9.6.1.x86_64", "SUSE Enterprise Storage 4:lttng-modules-kmp-default-2.7.1_k4.4.121_92.95-9.6.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP2:cluster-md-kmp-default-4.4.121-92.95.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP2:cluster-md-kmp-default-4.4.121-92.95.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP2:cluster-md-kmp-default-4.4.121-92.95.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP2:cluster-network-kmp-default-4.4.121-92.95.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP2:cluster-network-kmp-default-4.4.121-92.95.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP2:cluster-network-kmp-default-4.4.121-92.95.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP2:dlm-kmp-default-4.4.121-92.95.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP2:dlm-kmp-default-4.4.121-92.95.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP2:dlm-kmp-default-4.4.121-92.95.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP2:gfs2-kmp-default-4.4.121-92.95.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP2:gfs2-kmp-default-4.4.121-92.95.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP2:gfs2-kmp-default-4.4.121-92.95.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP2:ocfs2-kmp-default-4.4.121-92.95.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP2:ocfs2-kmp-default-4.4.121-92.95.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP2:ocfs2-kmp-default-4.4.121-92.95.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-default-4.4.121-92.95.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-default-base-4.4.121-92.95.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-default-devel-4.4.121-92.95.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-devel-4.4.121-92.95.1.noarch", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-macros-4.4.121-92.95.1.noarch", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-source-4.4.121-92.95.1.noarch", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-syms-4.4.121-92.95.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:lttng-modules-2.7.1-9.6.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:lttng-modules-kmp-default-2.7.1_k4.4.121_92.95-9.6.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-4.4.121-92.95.1.ppc64le", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-4.4.121-92.95.1.s390x", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-4.4.121-92.95.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-base-4.4.121-92.95.1.ppc64le", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-base-4.4.121-92.95.1.s390x", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-base-4.4.121-92.95.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-devel-4.4.121-92.95.1.ppc64le", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-devel-4.4.121-92.95.1.s390x", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-devel-4.4.121-92.95.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-man-4.4.121-92.95.1.s390x", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-devel-4.4.121-92.95.1.noarch", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-macros-4.4.121-92.95.1.noarch", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-source-4.4.121-92.95.1.noarch", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-syms-4.4.121-92.95.1.ppc64le", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-syms-4.4.121-92.95.1.s390x", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-syms-4.4.121-92.95.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-LTSS:kgraft-patch-4_4_121-92_95-default-1-3.4.1.ppc64le", "SUSE Linux Enterprise Server 12 SP2-LTSS:kgraft-patch-4_4_121-92_95-default-1-3.4.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-LTSS:lttng-modules-2.7.1-9.6.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-LTSS:lttng-modules-kmp-default-2.7.1_k4.4.121_92.95-9.6.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-4.4.121-92.95.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-4.4.121-92.95.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-base-4.4.121-92.95.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-base-4.4.121-92.95.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-devel-4.4.121-92.95.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-devel-4.4.121-92.95.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-devel-4.4.121-92.95.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-macros-4.4.121-92.95.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-source-4.4.121-92.95.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-syms-4.4.121-92.95.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-syms-4.4.121-92.95.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kgraft-patch-4_4_121-92_95-default-1-3.4.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kgraft-patch-4_4_121-92_95-default-1-3.4.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:lttng-modules-2.7.1-9.6.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:lttng-modules-kmp-default-2.7.1_k4.4.121_92.95-9.6.1.x86_64", "SUSE OpenStack Cloud 7:kernel-default-4.4.121-92.95.1.s390x", "SUSE OpenStack Cloud 7:kernel-default-4.4.121-92.95.1.x86_64", "SUSE OpenStack Cloud 7:kernel-default-base-4.4.121-92.95.1.s390x", "SUSE OpenStack Cloud 7:kernel-default-base-4.4.121-92.95.1.x86_64", "SUSE OpenStack Cloud 7:kernel-default-devel-4.4.121-92.95.1.s390x", "SUSE OpenStack Cloud 7:kernel-default-devel-4.4.121-92.95.1.x86_64", "SUSE OpenStack Cloud 7:kernel-default-man-4.4.121-92.95.1.s390x", "SUSE OpenStack Cloud 7:kernel-devel-4.4.121-92.95.1.noarch", "SUSE OpenStack Cloud 7:kernel-macros-4.4.121-92.95.1.noarch", "SUSE OpenStack Cloud 7:kernel-source-4.4.121-92.95.1.noarch", "SUSE OpenStack Cloud 7:kernel-syms-4.4.121-92.95.1.s390x", "SUSE OpenStack Cloud 7:kernel-syms-4.4.121-92.95.1.x86_64", "SUSE OpenStack Cloud 7:kgraft-patch-4_4_121-92_95-default-1-3.4.1.x86_64", "SUSE OpenStack Cloud 7:lttng-modules-2.7.1-9.6.1.x86_64", "SUSE OpenStack Cloud 7:lttng-modules-kmp-default-2.7.1_k4.4.121_92.95-9.6.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2018-10-09T12:00:14Z", details: "moderate", }, ], title: "CVE-2018-7757", }, { cve: "CVE-2018-9363", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2018-9363", }, ], notes: [ { category: "general", text: "In the hidp_process_report in bluetooth, there is an integer overflow. This could lead to an out of bounds write with no additional execution privileges needed. User interaction is not needed for exploitation. Product: Android Versions: Android kernel Android ID: A-65853588 References: Upstream kernel.", title: "CVE description", }, ], product_status: { recommended: [ "SUSE Enterprise Storage 4:kernel-default-4.4.121-92.95.1.x86_64", "SUSE Enterprise Storage 4:kernel-default-base-4.4.121-92.95.1.x86_64", "SUSE Enterprise Storage 4:kernel-default-devel-4.4.121-92.95.1.x86_64", "SUSE Enterprise Storage 4:kernel-devel-4.4.121-92.95.1.noarch", "SUSE Enterprise Storage 4:kernel-macros-4.4.121-92.95.1.noarch", "SUSE Enterprise Storage 4:kernel-source-4.4.121-92.95.1.noarch", "SUSE Enterprise Storage 4:kernel-syms-4.4.121-92.95.1.x86_64", "SUSE Enterprise Storage 4:kgraft-patch-4_4_121-92_95-default-1-3.4.1.x86_64", "SUSE Enterprise Storage 4:lttng-modules-2.7.1-9.6.1.x86_64", "SUSE Enterprise Storage 4:lttng-modules-kmp-default-2.7.1_k4.4.121_92.95-9.6.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP2:cluster-md-kmp-default-4.4.121-92.95.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP2:cluster-md-kmp-default-4.4.121-92.95.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP2:cluster-md-kmp-default-4.4.121-92.95.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP2:cluster-network-kmp-default-4.4.121-92.95.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP2:cluster-network-kmp-default-4.4.121-92.95.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP2:cluster-network-kmp-default-4.4.121-92.95.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP2:dlm-kmp-default-4.4.121-92.95.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP2:dlm-kmp-default-4.4.121-92.95.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP2:dlm-kmp-default-4.4.121-92.95.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP2:gfs2-kmp-default-4.4.121-92.95.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP2:gfs2-kmp-default-4.4.121-92.95.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP2:gfs2-kmp-default-4.4.121-92.95.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP2:ocfs2-kmp-default-4.4.121-92.95.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP2:ocfs2-kmp-default-4.4.121-92.95.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP2:ocfs2-kmp-default-4.4.121-92.95.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-default-4.4.121-92.95.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-default-base-4.4.121-92.95.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-default-devel-4.4.121-92.95.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-devel-4.4.121-92.95.1.noarch", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-macros-4.4.121-92.95.1.noarch", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-source-4.4.121-92.95.1.noarch", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-syms-4.4.121-92.95.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:lttng-modules-2.7.1-9.6.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:lttng-modules-kmp-default-2.7.1_k4.4.121_92.95-9.6.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-4.4.121-92.95.1.ppc64le", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-4.4.121-92.95.1.s390x", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-4.4.121-92.95.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-base-4.4.121-92.95.1.ppc64le", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-base-4.4.121-92.95.1.s390x", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-base-4.4.121-92.95.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-devel-4.4.121-92.95.1.ppc64le", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-devel-4.4.121-92.95.1.s390x", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-devel-4.4.121-92.95.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-man-4.4.121-92.95.1.s390x", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-devel-4.4.121-92.95.1.noarch", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-macros-4.4.121-92.95.1.noarch", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-source-4.4.121-92.95.1.noarch", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-syms-4.4.121-92.95.1.ppc64le", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-syms-4.4.121-92.95.1.s390x", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-syms-4.4.121-92.95.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-LTSS:kgraft-patch-4_4_121-92_95-default-1-3.4.1.ppc64le", "SUSE Linux Enterprise Server 12 SP2-LTSS:kgraft-patch-4_4_121-92_95-default-1-3.4.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-LTSS:lttng-modules-2.7.1-9.6.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-LTSS:lttng-modules-kmp-default-2.7.1_k4.4.121_92.95-9.6.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-4.4.121-92.95.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-4.4.121-92.95.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-base-4.4.121-92.95.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-base-4.4.121-92.95.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-devel-4.4.121-92.95.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-devel-4.4.121-92.95.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-devel-4.4.121-92.95.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-macros-4.4.121-92.95.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-source-4.4.121-92.95.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-syms-4.4.121-92.95.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-syms-4.4.121-92.95.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kgraft-patch-4_4_121-92_95-default-1-3.4.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kgraft-patch-4_4_121-92_95-default-1-3.4.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:lttng-modules-2.7.1-9.6.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:lttng-modules-kmp-default-2.7.1_k4.4.121_92.95-9.6.1.x86_64", "SUSE OpenStack Cloud 7:kernel-default-4.4.121-92.95.1.s390x", "SUSE OpenStack Cloud 7:kernel-default-4.4.121-92.95.1.x86_64", "SUSE OpenStack Cloud 7:kernel-default-base-4.4.121-92.95.1.s390x", "SUSE OpenStack Cloud 7:kernel-default-base-4.4.121-92.95.1.x86_64", "SUSE OpenStack Cloud 7:kernel-default-devel-4.4.121-92.95.1.s390x", "SUSE OpenStack Cloud 7:kernel-default-devel-4.4.121-92.95.1.x86_64", "SUSE OpenStack Cloud 7:kernel-default-man-4.4.121-92.95.1.s390x", "SUSE OpenStack Cloud 7:kernel-devel-4.4.121-92.95.1.noarch", "SUSE OpenStack Cloud 7:kernel-macros-4.4.121-92.95.1.noarch", "SUSE OpenStack Cloud 7:kernel-source-4.4.121-92.95.1.noarch", "SUSE OpenStack Cloud 7:kernel-syms-4.4.121-92.95.1.s390x", "SUSE OpenStack Cloud 7:kernel-syms-4.4.121-92.95.1.x86_64", "SUSE OpenStack Cloud 7:kgraft-patch-4_4_121-92_95-default-1-3.4.1.x86_64", "SUSE OpenStack Cloud 7:lttng-modules-2.7.1-9.6.1.x86_64", "SUSE OpenStack Cloud 7:lttng-modules-kmp-default-2.7.1_k4.4.121_92.95-9.6.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2018-9363", url: "https://www.suse.com/security/cve/CVE-2018-9363", }, { category: "external", summary: "SUSE Bug 1087082 for CVE-2018-9363", url: "https://bugzilla.suse.com/1087082", }, { category: "external", summary: "SUSE Bug 1105292 for CVE-2018-9363", url: "https://bugzilla.suse.com/1105292", }, { category: "external", summary: "SUSE Bug 1105293 for CVE-2018-9363", url: "https://bugzilla.suse.com/1105293", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE Enterprise Storage 4:kernel-default-4.4.121-92.95.1.x86_64", "SUSE Enterprise Storage 4:kernel-default-base-4.4.121-92.95.1.x86_64", "SUSE Enterprise Storage 4:kernel-default-devel-4.4.121-92.95.1.x86_64", "SUSE Enterprise Storage 4:kernel-devel-4.4.121-92.95.1.noarch", "SUSE Enterprise Storage 4:kernel-macros-4.4.121-92.95.1.noarch", "SUSE Enterprise Storage 4:kernel-source-4.4.121-92.95.1.noarch", "SUSE Enterprise Storage 4:kernel-syms-4.4.121-92.95.1.x86_64", "SUSE Enterprise Storage 4:kgraft-patch-4_4_121-92_95-default-1-3.4.1.x86_64", "SUSE Enterprise Storage 4:lttng-modules-2.7.1-9.6.1.x86_64", "SUSE Enterprise Storage 4:lttng-modules-kmp-default-2.7.1_k4.4.121_92.95-9.6.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP2:cluster-md-kmp-default-4.4.121-92.95.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP2:cluster-md-kmp-default-4.4.121-92.95.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP2:cluster-md-kmp-default-4.4.121-92.95.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP2:cluster-network-kmp-default-4.4.121-92.95.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP2:cluster-network-kmp-default-4.4.121-92.95.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP2:cluster-network-kmp-default-4.4.121-92.95.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP2:dlm-kmp-default-4.4.121-92.95.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP2:dlm-kmp-default-4.4.121-92.95.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP2:dlm-kmp-default-4.4.121-92.95.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP2:gfs2-kmp-default-4.4.121-92.95.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP2:gfs2-kmp-default-4.4.121-92.95.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP2:gfs2-kmp-default-4.4.121-92.95.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP2:ocfs2-kmp-default-4.4.121-92.95.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP2:ocfs2-kmp-default-4.4.121-92.95.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP2:ocfs2-kmp-default-4.4.121-92.95.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-default-4.4.121-92.95.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-default-base-4.4.121-92.95.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-default-devel-4.4.121-92.95.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-devel-4.4.121-92.95.1.noarch", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-macros-4.4.121-92.95.1.noarch", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-source-4.4.121-92.95.1.noarch", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-syms-4.4.121-92.95.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:lttng-modules-2.7.1-9.6.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:lttng-modules-kmp-default-2.7.1_k4.4.121_92.95-9.6.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-4.4.121-92.95.1.ppc64le", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-4.4.121-92.95.1.s390x", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-4.4.121-92.95.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-base-4.4.121-92.95.1.ppc64le", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-base-4.4.121-92.95.1.s390x", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-base-4.4.121-92.95.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-devel-4.4.121-92.95.1.ppc64le", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-devel-4.4.121-92.95.1.s390x", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-devel-4.4.121-92.95.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-man-4.4.121-92.95.1.s390x", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-devel-4.4.121-92.95.1.noarch", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-macros-4.4.121-92.95.1.noarch", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-source-4.4.121-92.95.1.noarch", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-syms-4.4.121-92.95.1.ppc64le", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-syms-4.4.121-92.95.1.s390x", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-syms-4.4.121-92.95.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-LTSS:kgraft-patch-4_4_121-92_95-default-1-3.4.1.ppc64le", "SUSE Linux Enterprise Server 12 SP2-LTSS:kgraft-patch-4_4_121-92_95-default-1-3.4.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-LTSS:lttng-modules-2.7.1-9.6.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-LTSS:lttng-modules-kmp-default-2.7.1_k4.4.121_92.95-9.6.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-4.4.121-92.95.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-4.4.121-92.95.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-base-4.4.121-92.95.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-base-4.4.121-92.95.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-devel-4.4.121-92.95.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-devel-4.4.121-92.95.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-devel-4.4.121-92.95.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-macros-4.4.121-92.95.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-source-4.4.121-92.95.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-syms-4.4.121-92.95.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-syms-4.4.121-92.95.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kgraft-patch-4_4_121-92_95-default-1-3.4.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kgraft-patch-4_4_121-92_95-default-1-3.4.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:lttng-modules-2.7.1-9.6.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:lttng-modules-kmp-default-2.7.1_k4.4.121_92.95-9.6.1.x86_64", "SUSE OpenStack Cloud 7:kernel-default-4.4.121-92.95.1.s390x", "SUSE OpenStack Cloud 7:kernel-default-4.4.121-92.95.1.x86_64", "SUSE OpenStack Cloud 7:kernel-default-base-4.4.121-92.95.1.s390x", "SUSE OpenStack Cloud 7:kernel-default-base-4.4.121-92.95.1.x86_64", "SUSE OpenStack Cloud 7:kernel-default-devel-4.4.121-92.95.1.s390x", "SUSE OpenStack Cloud 7:kernel-default-devel-4.4.121-92.95.1.x86_64", "SUSE OpenStack Cloud 7:kernel-default-man-4.4.121-92.95.1.s390x", "SUSE OpenStack Cloud 7:kernel-devel-4.4.121-92.95.1.noarch", "SUSE OpenStack Cloud 7:kernel-macros-4.4.121-92.95.1.noarch", "SUSE OpenStack Cloud 7:kernel-source-4.4.121-92.95.1.noarch", "SUSE OpenStack Cloud 7:kernel-syms-4.4.121-92.95.1.s390x", "SUSE OpenStack Cloud 7:kernel-syms-4.4.121-92.95.1.x86_64", "SUSE OpenStack Cloud 7:kgraft-patch-4_4_121-92_95-default-1-3.4.1.x86_64", "SUSE OpenStack Cloud 7:lttng-modules-2.7.1-9.6.1.x86_64", "SUSE OpenStack Cloud 7:lttng-modules-kmp-default-2.7.1_k4.4.121_92.95-9.6.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 8, baseSeverity: "HIGH", vectorString: "CVSS:3.0/AV:A/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H", version: "3.0", }, products: [ "SUSE Enterprise Storage 4:kernel-default-4.4.121-92.95.1.x86_64", "SUSE Enterprise Storage 4:kernel-default-base-4.4.121-92.95.1.x86_64", "SUSE Enterprise Storage 4:kernel-default-devel-4.4.121-92.95.1.x86_64", "SUSE Enterprise Storage 4:kernel-devel-4.4.121-92.95.1.noarch", "SUSE Enterprise Storage 4:kernel-macros-4.4.121-92.95.1.noarch", "SUSE Enterprise Storage 4:kernel-source-4.4.121-92.95.1.noarch", "SUSE Enterprise Storage 4:kernel-syms-4.4.121-92.95.1.x86_64", "SUSE Enterprise Storage 4:kgraft-patch-4_4_121-92_95-default-1-3.4.1.x86_64", "SUSE Enterprise Storage 4:lttng-modules-2.7.1-9.6.1.x86_64", "SUSE Enterprise Storage 4:lttng-modules-kmp-default-2.7.1_k4.4.121_92.95-9.6.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP2:cluster-md-kmp-default-4.4.121-92.95.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP2:cluster-md-kmp-default-4.4.121-92.95.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP2:cluster-md-kmp-default-4.4.121-92.95.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP2:cluster-network-kmp-default-4.4.121-92.95.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP2:cluster-network-kmp-default-4.4.121-92.95.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP2:cluster-network-kmp-default-4.4.121-92.95.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP2:dlm-kmp-default-4.4.121-92.95.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP2:dlm-kmp-default-4.4.121-92.95.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP2:dlm-kmp-default-4.4.121-92.95.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP2:gfs2-kmp-default-4.4.121-92.95.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP2:gfs2-kmp-default-4.4.121-92.95.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP2:gfs2-kmp-default-4.4.121-92.95.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP2:ocfs2-kmp-default-4.4.121-92.95.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP2:ocfs2-kmp-default-4.4.121-92.95.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP2:ocfs2-kmp-default-4.4.121-92.95.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-default-4.4.121-92.95.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-default-base-4.4.121-92.95.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-default-devel-4.4.121-92.95.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-devel-4.4.121-92.95.1.noarch", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-macros-4.4.121-92.95.1.noarch", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-source-4.4.121-92.95.1.noarch", "SUSE Linux Enterprise Server 12 SP2-BCL:kernel-syms-4.4.121-92.95.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:lttng-modules-2.7.1-9.6.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:lttng-modules-kmp-default-2.7.1_k4.4.121_92.95-9.6.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-4.4.121-92.95.1.ppc64le", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-4.4.121-92.95.1.s390x", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-4.4.121-92.95.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-base-4.4.121-92.95.1.ppc64le", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-base-4.4.121-92.95.1.s390x", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-base-4.4.121-92.95.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-devel-4.4.121-92.95.1.ppc64le", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-devel-4.4.121-92.95.1.s390x", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-devel-4.4.121-92.95.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-man-4.4.121-92.95.1.s390x", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-devel-4.4.121-92.95.1.noarch", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-macros-4.4.121-92.95.1.noarch", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-source-4.4.121-92.95.1.noarch", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-syms-4.4.121-92.95.1.ppc64le", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-syms-4.4.121-92.95.1.s390x", "SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-syms-4.4.121-92.95.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-LTSS:kgraft-patch-4_4_121-92_95-default-1-3.4.1.ppc64le", "SUSE Linux Enterprise Server 12 SP2-LTSS:kgraft-patch-4_4_121-92_95-default-1-3.4.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-LTSS:lttng-modules-2.7.1-9.6.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-LTSS:lttng-modules-kmp-default-2.7.1_k4.4.121_92.95-9.6.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-4.4.121-92.95.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-4.4.121-92.95.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-base-4.4.121-92.95.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-base-4.4.121-92.95.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-devel-4.4.121-92.95.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-devel-4.4.121-92.95.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-devel-4.4.121-92.95.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-macros-4.4.121-92.95.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-source-4.4.121-92.95.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-syms-4.4.121-92.95.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-syms-4.4.121-92.95.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kgraft-patch-4_4_121-92_95-default-1-3.4.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:kgraft-patch-4_4_121-92_95-default-1-3.4.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:lttng-modules-2.7.1-9.6.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:lttng-modules-kmp-default-2.7.1_k4.4.121_92.95-9.6.1.x86_64", "SUSE OpenStack Cloud 7:kernel-default-4.4.121-92.95.1.s390x", "SUSE OpenStack Cloud 7:kernel-default-4.4.121-92.95.1.x86_64", "SUSE OpenStack Cloud 7:kernel-default-base-4.4.121-92.95.1.s390x", "SUSE OpenStack Cloud 7:kernel-default-base-4.4.121-92.95.1.x86_64", "SUSE OpenStack Cloud 7:kernel-default-devel-4.4.121-92.95.1.s390x", "SUSE OpenStack Cloud 7:kernel-default-devel-4.4.121-92.95.1.x86_64", "SUSE OpenStack Cloud 7:kernel-default-man-4.4.121-92.95.1.s390x", "SUSE OpenStack Cloud 7:kernel-devel-4.4.121-92.95.1.noarch", "SUSE OpenStack Cloud 7:kernel-macros-4.4.121-92.95.1.noarch", "SUSE OpenStack Cloud 7:kernel-source-4.4.121-92.95.1.noarch", "SUSE OpenStack Cloud 7:kernel-syms-4.4.121-92.95.1.s390x", "SUSE OpenStack Cloud 7:kernel-syms-4.4.121-92.95.1.x86_64", "SUSE OpenStack Cloud 7:kgraft-patch-4_4_121-92_95-default-1-3.4.1.x86_64", "SUSE OpenStack Cloud 7:lttng-modules-2.7.1-9.6.1.x86_64", "SUSE OpenStack Cloud 7:lttng-modules-kmp-default-2.7.1_k4.4.121_92.95-9.6.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2018-10-09T12:00:14Z", details: "important", }, ], title: "CVE-2018-9363", }, ], }
suse-su-2018:2858-1
Vulnerability from csaf_suse
Published
2018-09-25 13:02
Modified
2018-09-25 13:02
Summary
Security update for the Linux Kernel
Notes
Title of the patch
Security update for the Linux Kernel
Description of the patch
The SUSE Linux Enterprise 12 SP3 azure kernel was updated to 4.4.155 to receive various security and bugfixes.
The following security bugs were fixed:
- CVE-2018-13093: Prevent NULL pointer dereference and panic in lookup_slow()
on a NULL inode->i_ops pointer when doing pathwalks on a corrupted xfs image.
This occured because of a lack of proper validation that cached inodes are free
during allocation (bnc#1100001)
- CVE-2018-13095: Prevent denial of service (memory corruption and BUG) that
could have occurred for a corrupted xfs image upon encountering an inode that
is in extent format, but has more extents than fit in the inode fork
(bnc#1099999)
- CVE-2018-13094: Prevent OOPS that may have occured for a corrupted xfs image
after xfs_da_shrink_inode() is called with a NULL bp (bnc#1100000)
- CVE-2018-12896: Prevent integer overflow in the POSIX timer code that was
caused by the way the overrun accounting works. Depending on interval and
expiry time values, the overrun can be larger than INT_MAX, but the accounting
is int based. This basically made the accounting values, which are visible to
user space via timer_getoverrun(2) and siginfo::si_overrun, random. This
allowed a local user to cause a denial of service (signed integer overflow) via
crafted mmap, futex, timer_create, and timer_settime system calls (bnc#1099922)
- CVE-2018-16658: Prevent information leak in cdrom_ioctl_drive_status that
could have been used by local attackers to read kernel memory (bnc#1107689)
- CVE-2018-10940: The cdrom_ioctl_media_changed function allowed local
attackers to use a incorrect bounds check in the CDROM driver
CDROM_MEDIA_CHANGED ioctl to read out kernel memory (bsc#1092903)
- CVE-2018-6555: The irda_setsockopt function allowed local users to cause a
denial of service (ias_object use-after-free and system crash) or possibly have
unspecified other impact via an AF_IRDA socket (bnc#1106511)
- CVE-2018-6554: Prevent memory leak in the irda_bind function that allowed
local users to cause a denial of service (memory consumption) by repeatedly
binding an AF_IRDA socket (bnc#1106509)
- CVE-2018-1129: A flaw was found in the way signature calculation was handled
by cephx authentication protocol. An attacker having access to ceph cluster
network who is able to alter the message payload was able to bypass signature
checks done by cephx protocol (bnc#1096748)
- CVE-2018-1128: It was found that cephx authentication protocol did not verify
ceph clients correctly and was vulnerable to replay attack. Any attacker having
access to ceph cluster network who is able to sniff packets on network can use
this vulnerability to authenticate with ceph service and perform actions
allowed by ceph service (bnc#1096748)
- CVE-2018-10938: A crafted network packet sent remotely by an attacker forced
the kernel to enter an infinite loop in the cipso_v4_optptr() function leading
to a denial-of-service (bnc#1106016)
- CVE-2018-15572: The spectre_v2_select_mitigation function did not always fill
RSB upon a context switch, which made it easier for attackers to conduct
userspace-userspace spectreRSB attacks (bnc#1102517)
- CVE-2018-10902: Protect against concurrent access to prevent double realloc
(double free) in snd_rawmidi_input_params() and snd_rawmidi_output_status(). A
malicious local attacker could have used this for privilege escalation
(bnc#1105322).
- CVE-2018-9363: Prevent buffer overflow in hidp_process_report (bsc#1105292)
- CVE-2018-10883: A local user could have caused an out-of-bounds write in
jbd2_journal_dirty_metadata(), a denial of service, and a system crash by
mounting and operating on a crafted ext4 filesystem image (bsc#1099863)
- CVE-2018-10879: A local user could have caused a use-after-free in
ext4_xattr_set_entry function and a denial of service or unspecified other
impact by renaming a file in a crafted ext4 filesystem image (bsc#1099844)
- CVE-2018-10878: A local user could have caused an out-of-bounds write and a
denial of service or unspecified other impact by mounting and operating a
crafted ext4 filesystem image (bsc#1099813)
- CVE-2018-10876: A use-after-free was possible in ext4_ext_remove_space()
function when mounting and operating a crafted ext4 image (bsc#1099811)
- CVE-2018-10877: Prevent out-of-bound access in the ext4_ext_drop_refs()
function when operating on a crafted ext4 filesystem image (bsc#1099846)
- CVE-2018-10881: A local user could have caused an out-of-bound access in
ext4_get_group_info function, a denial of service, and a system crash by
mounting and operating on a crafted ext4 filesystem image (bsc#1099864)
- CVE-2018-10882: A local user could have caused an out-of-bound write, a
denial of service, and a system crash by unmounting a crafted ext4 filesystem
image (bsc#1099849)
- CVE-2018-10880: Prevent stack-out-of-bounds write in the ext4 filesystem code
when mounting and writing to a crafted ext4 image in ext4_update_inline_data().
An attacker could have used this to cause a system crash and a denial of
service (bsc#1099845)
The following non-security bugs were fixed:
- 9p/net: Fix zero-copy path in the 9p virtio transport (bnc#1012382).
- 9p/virtio: fix off-by-one error in sg list bounds check (bnc#1012382).
- 9p: fix multiple NULL-pointer-dereferences (bnc#1012382).
- ACPI / LPSS: Add missing prv_offset setting for byt/cht PWM devices (bnc#1012382).
- ACPI / PCI: Bail early in acpi_pci_add_bus() if there is no ACPI handle (bnc#1012382).
- ACPI / PM: save NVS memory for ASUS 1025C laptop (bnc#1012382).
- ACPI: save NVS memory for Lenovo G50-45 (bnc#1012382).
- ALSA: cs5535audio: Fix invalid endian conversion (bnc#1012382).
- ALSA: emu10k1: Rate-limit error messages about page errors (bnc#1012382).
- ALSA: emu10k1: add error handling for snd_ctl_add (bnc#1012382).
- ALSA: fm801: add error handling for snd_ctl_add (bnc#1012382).
- ALSA: hda - Sleep for 10ms after entering D3 on Conexant codecs (bnc#1012382).
- ALSA: hda - Turn CX8200 into D3 as well upon reboot (bnc#1012382).
- ALSA: hda/ca0132: fix build failure when a local macro is defined (bnc#1012382).
- ALSA: hda: Correct Asrock B85M-ITX power_save blacklist entry (bnc#1012382).
- ALSA: memalloc: Do not exceed over the requested size (bnc#1012382).
- ALSA: rawmidi: Change resized buffers atomically (bnc#1012382).
- ALSA: snd-aoa: add of_node_put() in error path (bsc#1099810).
- ALSA: usb-audio: Apply rate limit to warning messages in URB complete callback (bnc#1012382).
- ALSA: virmidi: Fix too long output trigger loop (bnc#1012382).
- ALSA: vx222: Fix invalid endian conversions (bnc#1012382).
- ALSA: vxpocket: Fix invalid endian conversions (bnc#1012382).
- ARC: Enable machine_desc->init_per_cpu for !CONFIG_SMP (bnc#1012382).
- ARC: Explicitly add -mmedium-calls to CFLAGS (bnc#1012382).
- ARC: Fix CONFIG_SWAP (bnc#1012382).
- ARC: mm: allow mprotect to make stack mappings executable (bnc#1012382).
- ARM: 8780/1: ftrace: Only set kernel memory back to read-only after boot (bnc#1012382).
- ARM: dts: Cygnus: Fix I2C controller interrupt type (bnc#1012382).
- ARM: dts: am3517.dtsi: Disable reference to OMAP3 OTG controller (bnc#1012382).
- ARM: dts: am437x: make edt-ft5x06 a wakeup source (bnc#1012382).
- ARM: dts: da850: Fix interrups property for gpio (bnc#1012382).
- ARM: dts: imx6sx: fix irq for pcie bridge (bnc#1012382).
- ARM: fix put_user() for gcc-8 (bnc#1012382).
- ARM: imx_v4_v5_defconfig: Select ULPI support (bnc#1012382).
- ARM: imx_v6_v7_defconfig: Select ULPI support (bnc#1012382).
- ARM: pxa: irq: fix handling of ICMR registers in suspend/resume (bnc#1012382).
- ARM: tegra: Fix Tegra30 Cardhu PCA954x reset (bnc#1012382).
- ASoC: Intel: cht_bsw_max98090: remove useless code, align with ChromeOS driver.
- ASoC: Intel: cht_bsw_max98090_ti: Fix jack initialization (bnc#1012382).
- ASoC: dpcm: do not merge format from invalid codec dai (bnc#1012382).
- ASoC: dpcm: fix BE dai not hw_free and shutdown (bnc#1012382).
- ASoC: pxa: Fix module autoload for platform drivers (bnc#1012382).
- ASoC: sirf: Fix potential NULL pointer dereference (bnc#1012382).
- Add reference to bsc#1091171 (bnc#1012382; bsc#1091171).
- Bluetooth: avoid killing an already killed socket (bnc#1012382).
- Bluetooth: btusb: Add a new Realtek 8723DE ID 2ff8:b011 (bnc#1012382).
- Bluetooth: btusb: Remove Yoga 920 from the btusb_needs_reset_resume_table (bsc#1087092).
- Bluetooth: btusb: Use DMI matching for QCA reset_resume quirking (bsc#1087092).
- Bluetooth: hci_qca: Fix 'Sleep inside atomic section' warning (bnc#1012382).
- Documentation/spec_ctrl: Do some minor cleanups (bnc#1012382).
- HID: hid-plantronics: Re-resend Update to map button for PTT products (bnc#1012382).
- HID: i2c-hid: check if device is there before really probing (bnc#1012382).
- HID: wacom: Correct touch maximum XY of 2nd-gen Intuos (bnc#1012382).
- IB/core: Make testing MR flags for writability a static inline function (bnc#1012382).
- IB/core: Remove duplicate declaration of gid_cache_wq (bsc#1056596).
- IB/iser: Do not reduce max_sectors (bsc#1063646).
- IB/mlx4: Fix an error handling path in 'mlx4_ib_rereg_user_mr()'.
- IB/mlx4: Mark user MR as writable if actual virtual memory is writable (bnc#1012382).
- IB/mlx5: Fetch soft WQE's on fatal error state (bsc#1015342 bsc#1015343).
- IB/mlx5: Use 'kvfree()' for memory allocated by 'kvzalloc()' (bsc#1015342 bsc#1015343).
- IB/ocrdma: fix out of bounds access to local buffer (bnc#1012382).
- Input: elan_i2c - add ACPI ID for lenovo ideapad 330 (bnc#1012382).
- Input: elan_i2c - add another ACPI ID for Lenovo Ideapad 330-15AST (bnc#1012382).
- Input: i8042 - add Lenovo LaVie Z to the i8042 reset list (bnc#1012382).
- KVM/Eventfd: Avoid crash when assign and deassign specific eventfd in parallel (bnc#1012382).
- KVM: MMU: always terminate page walks at level 1 (bsc#1062604).
- KVM: MMU: simplify last_pte_bitmap (bsc#1062604).
- KVM: VMX: Work around kABI breakage in 'enum vmx_l1d_flush_state' (bsc#1106369).
- KVM: VMX: fixes for vmentry_l1d_flush module parameter (bsc#1106369).
- KVM: arm/arm64: Skip updating PMD entry if no change (bnc#1012382).
- KVM: arm/arm64: Skip updating PTE entry if no change (bnc#1012382).
- KVM: irqfd: fix race between EPOLLHUP and irq_bypass_register_consumer (bnc#1012382).
- KVM: nVMX: update last_nonleaf_level when initializing nested EPT (bsc#1062604).
- MIPS: Correct the 64-bit DSP accumulator register size (bnc#1012382).
- MIPS: Fix off-by-one in pci_resource_to_user() (bnc#1012382).
- MIPS: ath79: fix register address in ath79_ddr_wb_flush() (bnc#1012382).
- MIPS: lib: Provide MIPS64r6 __multi3() for GCC < 7 (bnc#1012382).
- NET: stmmac: align DMA stuff to largest cache line length (bnc#1012382).
- PCI: Prevent sysfs disable of device while driver is attached (bnc#1012382).
- PCI: Skip MPS logic for Virtual Functions (VFs) (bnc#1012382).
- PCI: hotplug: Do not leak pci_slot on registration failure (bnc#1012382).
- PCI: pciehp: Fix use-after-free on unplug (bnc#1012382).
- PCI: pciehp: Request control of native hotplug only if supported (bnc#1012382).
- PM / sleep: wakeup: Fix build error caused by missing SRCU support (bnc#1012382).
- RDMA/i40iw: Avoid panic when objects are being created and destroyed (bsc#969476 bsc#969477).
- RDMA/i40iw: Avoid panic when reading back the IRQ affinity hint (bsc#969476 bsc#969477).
- RDMA/i40iw: Avoid reference leaks when processing the AEQ (bsc#969476 bsc#969477).
- RDMA/i40w: Hold read semaphore while looking after VMA (bsc#1024376).
- RDMA/mad: Convert BUG_ONs to error flows (bnc#1012382).
- RDMA/mlx5: Use proper spec flow label type (bsc#1015342 bsc#1015343).
- Revert 'MIPS: BCM47XX: Enable 74K Core ExternalSync for PCIe erratum' (bnc#1012382).
- Revert 'UBIFS: Fix potential integer overflow in allocation' (bnc#1012382).
- Revert 'f2fs: handle dirty segments inside refresh_sit_entry' (bsc#1106281).
- Revert 'mm: page_alloc: skip over regions of invalid pfns where possible' (bnc#1107078).
- Revert 'net: Do not copy pfmemalloc flag in __copy_skb_header()' (kabi).
- Revert 'netfilter: ipv6: nf_defrag: reduce struct net memory waste' (kabi).
- Revert 'skbuff: Unconditionally copy pfmemalloc in __skb_clone()' (kabi).
- Revert 'vsock: split dwork to avoid reinitializations' (kabi).
- Revert 'x86/mm: Give each mm TLB flush generation a unique ID' (kabi).
- Revert 'x86/speculation/l1tf: Fix up CPU feature flags' (kabi).
- Revert 'x86/speculation: Use Indirect Branch Prediction Barrier in context switch' (kabi).
- Smack: Mark inode instant in smack_task_to_inode (bnc#1012382).
- USB: musb: fix external abort on suspend (bsc#1085536).
- USB: option: add support for DW5821e (bnc#1012382).
- USB: serial: metro-usb: stop I/O after failed open (bsc#1085539).
- USB: serial: sierra: fix potential deadlock at close (bnc#1012382).
- Workaround kABI breakage by __must_check drop of strscpy() (bsc#1107319).
- afs: Fix directory permissions check (bsc#1106283).
- arc: fix build errors in arc/include/asm/delay.h (bnc#1012382).
- arc: fix type warnings in arc/mm/cache.c (bnc#1012382).
- arm64: make secondary_start_kernel() notrace (bnc#1012382).
- arm64: mm: check for upper PAGE_SHIFT bits in pfn_valid() (bnc#1012382).
- ath: Add regulatory mapping for APL13_WORLD (bnc#1012382).
- ath: Add regulatory mapping for APL2_FCCA (bnc#1012382).
- ath: Add regulatory mapping for Bahamas (bnc#1012382).
- ath: Add regulatory mapping for Bermuda (bnc#1012382).
- ath: Add regulatory mapping for ETSI8_WORLD (bnc#1012382).
- ath: Add regulatory mapping for FCC3_ETSIC (bnc#1012382).
- ath: Add regulatory mapping for Serbia (bnc#1012382).
- ath: Add regulatory mapping for Tanzania (bnc#1012382).
- ath: Add regulatory mapping for Uganda (bnc#1012382).
- atl1c: reserve min skb headroom (bnc#1012382).
- atm: Preserve value of skb->truesize when accounting to vcc (bsc#1089066).
- audit: allow not equal op for audit by executable (bnc#1012382).
- backlight: as3711_bl: Fix Device Tree node leaks (bsc#1106929).
- backlight: lm3630a: Bump REG_MAX value to 0x50 instead of 0x1F (bsc#1106929).
- bcache: avoid unncessary cache prefetch bch_btree_node_get() (bsc#1064232).
- bcache: calculate the number of incremental GC nodes according to the total of btree nodes (bsc#1064232).
- bcache: display rate debug parameters to 0 when writeback is not running (bsc#1064232).
- bcache: do not check return value of debugfs_create_dir() (bsc#1064232).
- bcache: finish incremental GC (bsc#1064232).
- bcache: fix I/O significant decline while backend devices registering (bsc#1064232).
- bcache: fix error setting writeback_rate through sysfs interface (bsc#1064232).
- bcache: free heap cache_set->flush_btree in bch_journal_free (bsc#1064232).
- bcache: make the pr_err statement used for ENOENT only in sysfs_attatch section (bsc#1064232).
- bcache: release dc->writeback_lock properly in bch_writeback_thread() (bsc#1064232).
- bcache: set max writeback rate when I/O request is idle (bsc#1064232).
- bcache: simplify the calculation of the total amount of flash dirty data (bsc#1064232).
- be2net: remove unused old custom busy-poll fields (bsc#1021121 ).
- blkdev: __blkdev_direct_IO_simple: fix leak in error case (bsc#1083663).
- block: bio_iov_iter_get_pages: fix size of last iovec (bsc#1083663).
- block: bio_iov_iter_get_pages: pin more pages for multi-segment IOs (bsc#1083663).
- block: do not use interruptible wait anywhere (bnc#1012382).
- bnx2x: Fix invalid memory access in rss hash config path (bnc#1012382).
- bnx2x: Fix receiving tx-timeout in error or recovery state (bnc#1012382).
- bnxt_en: Always set output parameters in bnxt_get_max_rings() (bsc#963575).
- bnxt_en: Fix for system hang if request_irq fails (bnc#1012382).
- bnxt_en: Fix inconsistent BNXT_FLAG_AGG_RINGS logic (bsc#1020412 ).
- bpf: fix references to free_bpf_prog_info() in comments (bnc#1012382).
- brcmfmac: Add support for bcm43364 wireless chipset (bnc#1012382).
- brcmfmac: stop watchdog before detach and free everything (bnc#1012382).
- bridge: Propagate vlan add failure to user (bnc#1012382).
- btrfs: Do not remove block group still has pinned down bytes (bsc#1086457).
- btrfs: add barriers to btrfs_sync_log before log_commit_wait wakeups (bnc#1012382).
- btrfs: do not leak ret from do_chunk_alloc (bnc#1012382).
- btrfs: qgroup: Finish rescan when hit the last leaf of extent tree (bnc#1012382).
- btrfs: quota: Set rescan progress to (u64)-1 if we hit last leaf.
- btrfs: round down size diff when shrinking/growing device (bsc#1097105).
- can: ems_usb: Fix memory leak on ems_usb_disconnect() (bnc#1012382).
- can: mpc5xxx_can: check of_iomap return before use (bnc#1012382).
- can: xilinx_can: fix RX loop if RXNEMP is asserted without RXOK (bnc#1012382).
- can: xilinx_can: fix RX overflow interrupt not being enabled (bnc#1012382).
- can: xilinx_can: fix device dropping off bus on RX overrun (bnc#1012382).
- can: xilinx_can: fix incorrect clear of non-processed interrupts (bnc#1012382).
- can: xilinx_can: fix recovery from error states not being propagated (bnc#1012382).
- can: xilinx_can: keep only 1-2 frames in TX FIFO to fix TX accounting (bnc#1012382).
- cdrom: Fix info leak/OOB read in cdrom_ioctl_drive_status (bnc#1012382).
- ceph: fix incorrect use of strncpy (bsc#1107319).
- ceph: return errors from posix_acl_equiv_mode() correctly (bsc#1107320).
- cifs: Fix stack out-of-bounds in smb{2,3}_create_lease_buf() (bsc#1012382).
- cifs: add missing debug entries for kconfig options (bnc#1012382).
- cifs: check kmalloc before use (bsc#1012382).
- cifs: store the leaseKey in the fid on SMB2_open (bsc#1012382).
- clk: tegra: Fix PLL_U post divider and initial rate on Tegra30 (bnc#1012382).
- crypto: ablkcipher - fix crash flushing dcache in error path (bnc#1012382).
- crypto: authenc - do not leak pointers to authenc keys (bnc#1012382).
- crypto: authencesn - do not leak pointers to authenc keys (bnc#1012382).
- crypto: blkcipher - fix crash flushing dcache in error path (bnc#1012382).
- crypto: padlock-aes - Fix Nano workaround data corruption (bnc#1012382).
- crypto: vmac - require a block cipher with 128-bit block size (bnc#1012382).
- crypto: vmac - separate tfm and request context (bnc#1012382).
- crypto: vmx - Fix sleep-in-atomic bugs (bsc#1048317).
- cxgb4: when disabling dcb set txq dcb priority to 0 (bnc#1012382).
- cxl: Fix wrong comparison in cxl_adapter_context_get() (bsc#1055014).
- dccp: fix undefined behavior with 'cwnd' shift in ccid2_cwnd_restart() (bnc#1012382).
- disable loading f2fs module on PAGE_SIZE > 4KB (bnc#1012382).
- dm cache metadata: save in-core policy_hint_size to on-disk superblock (bnc#1012382).
- dma-iommu: Fix compilation when !CONFIG_IOMMU_DMA (bnc#1012382).
- dmaengine: k3dma: Off by one in k3_of_dma_simple_xlate() (bnc#1012382).
- dmaengine: pxa_dma: remove duplicate const qualifier (bnc#1012382).
- driver core: Partially revert 'driver core: correct device's shutdown order' (bnc#1012382).
- drivers: net: lmc: fix case value for target abort error (bnc#1012382).
- drm/armada: fix colorkey mode property (bnc#1012382).
- drm/atmel-hlcdc: check stride values in the first plane (bsc#1106929).
- drm/atomic: Handling the case when setting old crtc for plane (bnc#1012382).
- drm/bridge: adv7511: Reset registers on hotplug (bnc#1012382).
- drm/cirrus: Use drm_framebuffer_put to avoid kernel oops in clean-up (bsc#1101822).
- drm/drivers: add support for using the arch wc mapping API.
- drm/exynos/dsi: mask frame-done interrupt (bsc#1106929).
- drm/exynos: decon5433: Fix WINCONx reset value (bnc#1012382).
- drm/exynos: decon5433: Fix per-plane global alpha for XRGB modes (bnc#1012382).
- drm/exynos: gsc: Fix support for NV16/61, YUV420/YVU420 and YUV422 modes (bnc#1012382).
- drm/gma500: fix psb_intel_lvds_mode_valid()'s return type (bnc#1012382).
- drm/i915/userptr: reject zero user_size (bsc#1090888).
- drm/i915: Correctly handle limited range YCbCr data on VLV/CHV (bsc#1087092).
- drm/imx: fix typo in ipu_plane_formats (bsc#1106929).
- drm/imx: imx-ldb: check if channel is enabled before printing warning (bnc#1012382).
- drm/imx: imx-ldb: disable LDB on driver bind (bnc#1012382).
- drm/msm/hdmi: Use bitwise operators when building register values (bsc#1106929).
- drm/nouveau/gem: off by one bugs in nouveau_gem_pushbuf_reloc_apply() (bnc#1012382).
- drm/panel: type promotion bug in s6e8aa0_read_mtp_id() (bsc#1105769).
- drm/radeon: fix mode_valid's return type (bnc#1012382).
- drm: Add DP PSR2 sink enable bit (bnc#1012382).
- drm: Reject getfb for multi-plane framebuffers (bsc#1106929).
- enic: do not call enic_change_mtu in enic_probe.
- enic: handle mtu change for vf properly (bnc#1012382).
- enic: initialize enic->rfs_h.lock in enic_probe (bnc#1012382).
- ext4: check for NUL characters in extended attribute's name (bnc#1012382).
- ext4: check for allocation block validity with block group locked (bsc#1104495).
- ext4: do not update s_last_mounted of a frozen fs (bsc#1101841).
- ext4: factor out helper ext4_sample_last_mounted() (bsc#1101841).
- ext4: fix check to prevent initializing reserved inodes (bsc#1104319).
- ext4: fix false negatives *and* false positives in ext4_check_descriptors() (bsc#1103445).
- ext4: fix inline data updates with checksums enabled (bsc#1104494).
- ext4: fix spectre gadget in ext4_mb_regular_allocator() (bnc#1012382).
- ext4: reset error code in ext4_find_entry in fallback (bnc#1012382).
- ext4: sysfs: print ext4_super_block fields as little-endian (bsc#1106229).
- f2fs: fix to do not trigger writeback during recovery (bnc#1012382).
- fat: fix memory allocation failure handling of match_strdup() (bnc#1012382).
- fb: fix lost console when the user unplugs a USB adapter (bnc#1012382).
- fbdev: omapfb: off by one in omapfb_register_client() (bsc#1106929).
- fix __legitimize_mnt()/mntput() race (bnc#1012382).
- fix mntput/mntput race (bnc#1012382).
- fork: unconditionally clear stack on fork (bnc#1012382).
- fs/9p/xattr.c: catch the error of p9_client_clunk when setting xattr failed (bnc#1012382).
- fs/dax.c: fix inefficiency in dax_writeback_mapping_range() (bsc#1106185).
- fs/quota: Fix spectre gadget in do_quotactl (bnc#1012382).
- fs: aio: fix the increment of aio-nr and counting against aio-max-nr (bsc#1068075, bsc#1078921).
- fuse: Add missed unlock_page() to fuse_readpages_fill() (bnc#1012382).
- fuse: Do not access pipe->buffers without pipe_lock() (bnc#1012382).
- fuse: Fix oops at process_init_reply() (bnc#1012382).
- fuse: fix double request_end() (bnc#1012382).
- fuse: fix unlocked access to processing queue (bnc#1012382).
- fuse: umount should wait for all requests (bnc#1012382).
- genirq/proc: Return proper error code when irq_set_affinity() fails (bnc#1105392).
- getxattr: use correct xattr length (bnc#1012382).
- hfsplus: Do not clear SGID when inheriting ACLs (bsc#1030552).
- hvc_opal: do not set tb_ticks_per_usec in udbg_init_opal_common() (bnc#1012382).
- hwrng: exynos - Disable runtime PM on driver unbind.
- i2c: davinci: Avoid zero value of CLKH (bnc#1012382).
- i2c: imx: Fix race condition in dma read (bnc#1012382).
- i2c: imx: Fix reinit_completion() use (bnc#1012382).
- i2c: ismt: fix wrong device address when unmap the data buffer (bnc#1012382).
- i40e: use cpumask_copy instead of direct assignment (bsc#1053685).
- i40iw: Fix memory leak in error path of create QP (bsc#969476 bsc#969477).
- i40iw: Use correct address in dst_neigh_lookup for IPv6 (bsc#969476 bsc#969477).
- ibmvnic: Include missing return code checks in reset function (bnc#1107966).
- ieee802154: at86rf230: switch from BUG_ON() to WARN_ON() on problem (bnc#1012382).
- ieee802154: at86rf230: use __func__ macro for debug messages (bnc#1012382).
- ieee802154: fakelb: switch from BUG_ON() to WARN_ON() on problem (bnc#1012382).
- igb: Fix not adding filter elements to the list (bsc#1024361 bsc#1024365).
- iio: ad9523: Fix displayed phase (bnc#1012382).
- iio: ad9523: Fix return value for ad952x_store() (bnc#1012382).
- inet: frag: enforce memory limits earlier (bnc#1012382 bsc#970506).
- iommu/amd: make sure TLB to be flushed before IOVA freed (bsc#1106105).
- iommu/vt-d: Add definitions for PFSID (bnc#1012382).
- iommu/vt-d: Fix dev iotlb pfsid use (bnc#1012382).
- iommu/vt-d: Ratelimit each dmar fault printing (bsc#1106105).
- ioremap: Update pgtable free interfaces with addr (bnc#1012382).
- ip: hash fragments consistently (bnc#1012382).
- ip: in cmsg IP(V6)_ORIGDSTADDR call pskb_may_pull (bnc#1012382).
- ipconfig: Correctly initialise ic_nameservers (bnc#1012382).
- ipv4+ipv6: Make INET*_ESP select CRYPTO_ECHAINIV (bnc#1012382).
- ipv4: Return EINVAL when ping_group_range sysctl does not map to user ns (bnc#1012382).
- ipv4: remove BUG_ON() from fib_compute_spec_dst (bnc#1012382).
- ipv6: fix useless rol32 call on hash (bnc#1012382).
- ipv6: mcast: fix unsolicited report interval after receiving querys (bnc#1012382).
- ipvlan: use ETH_MAX_MTU as max mtu (bsc#1033962).
- iscsi target: fix session creation failure handling (bnc#1012382).
- isdn: Disable IIOCDBGVAR (bnc#1012382).
- iw_cxgb4: remove duplicate memcpy() in c4iw_create_listen() (bsc#969476 bsc#969477).
- iwlwifi: pcie: fix race in Rx buffer allocator (bnc#1012382).
- ixgbe: Be more careful when modifying MAC filters (bnc#1012382).
- jfs: Do not clear SGID when inheriting ACLs (bsc#1030552).
- jump_label: Add RELEASE barrier after text changes (bsc#1105271).
- jump_label: Fix concurrent static_key_enable/disable() (bsc#1105271).
- jump_label: Move CPU hotplug locking (bsc#1105271).
- jump_label: Provide hotplug context variants (bsc#1105271).
- jump_label: Reduce the size of struct static_key (bsc#1105271).
- jump_label: Reorder hotplug lock and jump_label_lock (bsc#1105271).
- jump_label: Split out code under the hotplug lock (bsc#1105271).
- jump_label: remove bug.h, atomic.h dependencies for HAVE_JUMP_LABEL (bsc#1105271).
- kABI: protect enum tcp_ca_event (kabi).
- kABI: reexport tcp_send_ack (kabi).
- kabi/severities: Ignore missing cpu_tss_tramp (bsc#1099597)
- kabi: x86/speculation/l1tf: Increase l1tf memory limit for Nehalem+ (bnc#1105536).
- kasan: do not emit builtin calls when sanitization is off (bnc#1012382).
- kasan: fix shadow_size calculation error in kasan_module_alloc (bnc#1012382).
- kbuild: verify that $DEPMOD is installed (bnc#1012382).
- kernel: improve spectre mitigation (bnc#1106934, LTC#171029).
- kprobes/x86: Fix %p uses in error messages (bnc#1012382).
- kprobes: Make list and blacklist root user read only (bnc#1012382).
- kthread, tracing: Do not expose half-written comm when creating kthreads (bsc#1104897).
- kvm: x86: vmx: fix vpid leak (bnc#1012382).
- l2tp: use sk_dst_check() to avoid race on sk->sk_dst_cache (bnc#1012382).
- lib/rhashtable: consider param->min_size when setting initial table size (bnc#1012382).
- libata: Fix command retry decision (bnc#1012382).
- libceph: check authorizer reply/challenge length before reading (bsc#1096748).
- libceph: factor out __ceph_x_decrypt() (bsc#1096748).
- libceph: factor out __prepare_write_connect() (bsc#1096748).
- libceph: factor out encrypt_authorizer() (bsc#1096748).
- libceph: store ceph_auth_handshake pointer in ceph_connection (bsc#1096748).
- libceph: weaken sizeof check in ceph_x_verify_authorizer_reply() (bsc#1096748).
- llc: use refcount_inc_not_zero() for llc_sap_find() (bnc#1012382).
- locking/lockdep: Do not record IRQ state within lockdep code (bnc#1012382).
- locks: pass inode pointer to locks_free_lock_context (bsc@1099832).
- locks: prink more detail when there are leaked locks (bsc#1099832).
- locks: restore a warn for leaked locks on close (bsc#1099832).
- m68k: fix 'bad page state' oops on ColdFire boot (bnc#1012382).
- mac80211: add stations tied to AP_VLANs during hw reconfig (bnc#1012382).
- md/raid10: fix that replacement cannot complete recovery after reassemble (bnc#1012382).
- md: fix NULL dereference of mddev->pers in remove_and_add_spares() (bnc#1012382).
- media: omap3isp: fix unbalanced dma_iommu_mapping (bnc#1012382).
- media: rcar_jpu: Add missing clk_disable_unprepare() on error in jpu_open() (bnc#1012382).
- media: rtl28xxu: be sure that it won't go past the array size (bsc#1050431).
- media: s5p-jpeg: fix number of components macro (bsc#1050431).
- media: saa7164: Fix driver name in debug output (bnc#1012382).
- media: si470x: fix __be16 annotations (bnc#1012382).
- media: siano: get rid of __le32/__le16 cast warnings (bnc#1012382).
- media: staging: omap4iss: Include asm/cacheflush.h after generic includes (bnc#1012382).
- media: videobuf2-core: do not call memop 'finish' when queueing (bnc#1012382).
- memory: tegra: Apply interrupts mask per SoC (bnc#1012382).
- memory: tegra: Do not handle spurious interrupts (bnc#1012382).
- mfd: cros_ec: Fail early if we cannot identify the EC (bnc#1012382).
- microblaze: Fix simpleImage format generation (bnc#1012382).
- mm/hugetlb: filter out hugetlb pages if HUGEPAGE migration is not supported (bnc#1106697).
- mm/memory.c: check return value of ioremap_prot (bnc#1012382).
- mm/slub.c: add __printf verification to slab_err() (bnc#1012382).
- mm/tlb: Remove tlb_remove_table() non-concurrent condition (bnc#1012382).
- mm: Add vm_insert_pfn_prot() (bnc#1012382).
- mm: fix cache mode tracking in vm_insert_mixed() (bnc#1012382).
- mm: memcg: fix use after free in mem_cgroup_iter() (bnc#1012382).
- mm: vmalloc: avoid racy handling of debugobjects in vunmap (bnc#1012382).
- mm: x86: move _PAGE_SWP_SOFT_DIRTY from bit 7 to bit 1 (bnc#1012382).
- mtd: rawnand: fsl_ifc: fix FSL NAND driver to read all ONFI parameter pages (bnc#1012382).
- mtd: ubi: wl: Fix error return code in ubi_wl_init().
- mwifiex: correct histogram data with appropriate index (bnc#1012382).
- mwifiex: handle race during mwifiex_usb_disconnect (bnc#1012382).
- net/9p/client.c: version pointer uninitialized (bnc#1012382).
- net/9p/trans_fd.c: fix race-condition by flushing workqueue before the kfree() (bnc#1012382).
- net/ethernet/freescale/fman: fix cross-build error (bnc#1012382).
- net/ipv4: Set oif in fib_compute_spec_dst (bnc#1012382).
- net/mlx4_core: Save the qpn from the input modifier in RST2INIT wrapper (bnc#1012382).
- net/mlx5: Add missing SET_DRIVER_VERSION command translation (bsc#1015342 bsc#1015343).
- net/mlx5: E-Switch, Include VF RDMA stats in vport statistics (bsc#966170 bsc#966172).
- net/mlx5: Eswitch, Use 'kvfree()' for memory allocated by 'kvzalloc()' (bsc#1015342 bsc#1015343).
- net/mlx5: Fix wrong size allocation for QoS ETC TC regitster (bsc#966170 bsc#966172).
- net/mlx5: Vport, Use 'kvfree()' for memory allocated by 'kvzalloc()' (bsc#966170 bsc#966172).
- net/mlx5e: Do not allow aRFS for encapsulated packets (bsc#1015342 bsc#1015343).
- net/mlx5e: Err if asked to offload TC match on frag being first (bsc#1015342 bsc#1015343).
- net/mlx5e: Fix quota counting in aRFS expire flow (bsc#1015342 bsc#1015343).
- net/mlx5e: Refine ets validation function (bsc#966170 bsc#966172).
- net: 6lowpan: fix reserved space for single frames (bnc#1012382).
- net: Do not copy pfmemalloc flag in __copy_skb_header() (bnc#1012382).
- net: add skb_condense() helper (bsc#1089066).
- net: adjust skb->truesize in ___pskb_trim() (bsc#1089066).
- net: adjust skb->truesize in pskb_expand_head() (bsc#1089066).
- net: axienet: Fix double deregister of mdio (bnc#1012382).
- net: caif: Add a missing rcu_read_unlock() in caif_flow_cb (bnc#1012382).
- net: davinci_emac: match the mdio device against its compatible if possible (bnc#1012382).
- net: dsa: Do not suspend/resume closed slave_dev (bnc#1012382).
- net: ena: Fix use of uninitialized DMA address bits field (bsc#1027968).
- net: fix amd-xgbe flow-control issue (bnc#1012382).
- net: hamradio: use eth_broadcast_addr (bnc#1012382).
- net: lan78xx: Fix misplaced tasklet_schedule() call (bnc#1012382).
- net: lan78xx: fix rx handling before first packet is send (bnc#1012382).
- net: mac802154: tx: expand tailroom if necessary (bnc#1012382).
- net: phy: fix flag masking in __set_phy_supported (bnc#1012382).
- net: prevent ISA drivers from building on PPC32 (bnc#1012382).
- net: propagate dev_get_valid_name return code (bnc#1012382).
- net: qca_spi: Avoid packet drop during initial sync (bnc#1012382).
- net: qca_spi: Fix log level if probe fails (bnc#1012382).
- net: qca_spi: Make sure the QCA7000 reset is triggered (bnc#1012382).
- net: socket: fix potential spectre v1 gadget in socketcall (bnc#1012382).
- net: usb: rtl8150: demote allmulti message to dev_dbg() (bnc#1012382).
- net: vmxnet3: use new api ethtool_{get|set}_link_ksettings (bsc#1091860 bsc#1098253).
- net_sched: Fix missing res info when create new tc_index filter (bnc#1012382).
- net_sched: fix NULL pointer dereference when delete tcindex filter (bnc#1012382).
- netfilter: conntrack: dccp: treat SYNC/SYNCACK as invalid if no prior state (bnc#1012382).
- netfilter: ipset: List timing out entries with 'timeout 1' instead of zero (bnc#1012382).
- netfilter: ipv6: nf_defrag: reduce struct net memory waste (bnc#1012382).
- netfilter: ipvs: do not create conn for ABORT packet in sctp_conn_schedule (bsc#1102797).
- netfilter: ipvs: fix the issue that sctp_conn_schedule drops non-INIT packet (bsc#1102797).
- netfilter: x_tables: set module owner for icmp(6) matches (bnc#1012382).
- netlink: Do not shift on 64 for ngroups (bnc#1012382).
- netlink: Do not shift with UB on nlk->ngroups (bnc#1012382).
- netlink: Do not subscribe to non-existent groups (bnc#1012382).
- netlink: Fix spectre v1 gadget in netlink_create() (bnc#1012382).
- netlink: do not enter direct reclaim from netlink_trim() (bsc#1042286).
- nfsd: fix potential use-after-free in nfsd4_decode_getdeviceinfo (bnc#1012382).
- nl80211: Add a missing break in parse_station_flags (bnc#1012382).
- nohz: Fix local_timer_softirq_pending() (bnc#1012382).
- nvme-fc: release io queues to allow fast fail (bsc#1102486).
- nvme: if_ready checks to fail io to deleting controller (bsc#1102486).
- nvme: kABI-compliant version of nvmf_fail_nonready_command() (bsc#1102486).
- nvmet-fc: fix target sgl list on large transfers (bsc#1102486).
- osf_getdomainname(): use copy_to_user() (bnc#1012382).
- ovl: Do d_type check only if work dir creation was successful (bnc#1012382).
- ovl: Ensure upper filesystem supports d_type (bnc#1012382).
- ovl: warn instead of error if d_type is not supported (bnc#1012382).
- packet: refine ring v3 block size test to hold one frame (bnc#1012382).
- packet: reset network header if packet shorter than ll reserved space (bnc#1012382).
- parisc: Define mb() and add memory barriers to assembler unlock sequences (bnc#1012382).
- parisc: Enable CONFIG_MLONGCALLS by default (bnc#1012382).
- parisc: Remove ordered stores from syscall.S (bnc#1012382).
- parisc: Remove unnecessary barriers from spinlock.h (bnc#1012382).
- perf auxtrace: Fix queue resize (bnc#1012382).
- perf llvm-utils: Remove bashism from kernel include fetch script (bnc#1012382).
- perf report powerpc: Fix crash if callchain is empty (bnc#1012382).
- perf test session topology: Fix test on s390 (bnc#1012382).
- perf/x86/intel/uncore: Correct fixed counter index check for NHM (bnc#1012382).
- perf/x86/intel/uncore: Correct fixed counter index check in generic code (bnc#1012382).
- perf: fix invalid bit in diagnostic entry (bnc#1012382).
- pinctrl: at91-pio4: add missing of_node_put (bnc#1012382).
- pinctrl: freescale: off by one in imx1_pinconf_group_dbg_show() (bnc#1012382).
- pnfs/blocklayout: off by one in bl_map_stripe() (bnc#1012382).
- powerpc/32: Add a missing include header (bnc#1012382).
- powerpc/64s: Default l1d_size to 64K in RFI fallback flush (bsc#1068032).
- powerpc/64s: Fix compiler store ordering to SLB shadow area (bnc#1012382).
- powerpc/8xx: fix invalid register expression in head_8xx.S (bnc#1012382).
- powerpc/chrp/time: Make some functions static, add missing header include (bnc#1012382).
- powerpc/embedded6xx/hlwd-pic: Prevent interrupts from being handled by Starlet (bnc#1012382).
- powerpc/fadump: handle crash memory ranges array index overflow (bsc#1103269).
- powerpc/fadump: merge adjacent memory ranges to reduce PT_LOAD segements (bsc#1103269).
- powerpc/lib: Fix the feature fixup tests to actually work (bsc#1066223).
- powerpc/powermac: Add missing prototype for note_bootable_part() (bnc#1012382).
- powerpc/powermac: Mark variable x as unused (bnc#1012382).
- powerpc/pseries: Fix endianness while restoring of r3 in MCE handler (bnc#1012382).
- powerpc/topology: Get topology for shared processors at boot (bsc#1104683).
- powerpc64s: Show ori31 availability in spectre_v1 sysfs file not v2 (bsc#1068032, bsc#1080157).
- powerpc: Avoid code patching freed init sections (bnc#1107735).
- powerpc: make feature-fixup tests fortify-safe (bsc#1066223).
- provide special timeout module parameters for EC2 (bsc#1065364).
- ptp: fix missing break in switch (bnc#1012382).
- pwm: tiehrpwm: Fix disabling of output of PWMs (bnc#1012382).
- qed: Add sanity check for SIMD fastpath handler (bnc#1012382).
- qed: Correct Multicast API to reflect existence of 256 approximate buckets (bsc#1019695 bsc#1019699 bsc#1022604).
- qed: Do not advertise DCBX_LLD_MANAGED capability (bsc#1019695 bsc#1019699 bsc#1022604).
- qed: Fix possible memory leak in Rx error path handling (bsc#1019695 bsc#1019699 bsc#1022604 ).
- qed: Fix possible race for the link state value (bnc#1012382).
- qed: Fix setting of incorrect eswitch mode (bsc#1019695 bsc#1019699 bsc#1022604).
- qed: Fix use of incorrect size in memcpy call (bsc#1019695 bsc#1019699 bsc#1022604).
- qede: Adverstise software timestamp caps when PHC is not available (bsc#1019695 bsc#1019699 bsc#1022604).
- qlge: Fix netdev features configuration (bsc#1098822).
- qlogic: check kstrtoul() for errors (bnc#1012382).
- random: mix rdrand with entropy sent in from userspace (bnc#1012382).
- readahead: stricter check for bdi io_pages (VM Functionality).
- regulator: pfuze100: add .is_enable() for pfuze100_swb_regulator_ops (bnc#1012382).
- reiserfs: fix broken xattr handling (heap corruption, bad retval) (bnc#1012382).
- ring_buffer: tracing: Inherit the tracing setting to next ring buffer (bnc#1012382).
- root dentries need RCU-delayed freeing (bnc#1012382).
- rsi: Fix 'invalid vdd' warning in mmc (bnc#1012382).
- rtc: ensure rtc_set_alarm fails when alarms are not supported (bnc#1012382).
- rtnetlink: add rtnl_link_state check in rtnl_configure_link (bnc#1012382).
- s390/cpum_sf: Add data entry sizes to sampling trailer entry (bnc#1012382).
- s390/kvm: fix deadlock when killed by oom (bnc#1012382).
- s390/lib: use expoline for all bcr instructions (bnc#1106934, LTC#171029).
- s390/pci: fix out of bounds access during irq setup (bnc#1012382).
- s390/qdio: reset old sbal_state flags (bnc#1012382).
- s390/qeth: do not clobber buffer on async TX completion (bnc#1104485, LTC#170349).
- s390/qeth: fix race when setting MAC address (bnc#1104485, LTC#170726).
- s390: add explicit <linux/stringify.h> for jump label (bsc#1105271).
- s390: detect etoken facility (bnc#1106934, LTC#171029).
- s390: fix br_r1_trampoline for machines without exrl (bnc#1012382 bnc#1106934 LTC#171029).
- sched/fair: Avoid divide by zero when rebalancing domains (bsc#1096254).
- scsi: 3w-9xxx: fix a missing-check bug (bnc#1012382).
- scsi: 3w-xxxx: fix a missing-check bug (bnc#1012382).
- scsi: core: Avoid that SCSI device removal through sysfs triggers a deadlock (bnc#1012382).
- scsi: fcoe: drop frames in ELS LOGO error path (bnc#1012382).
- scsi: hpsa: limit transfer length to 1MB, not 512kB (bsc#1102346).
- scsi: libiscsi: fix possible NULL pointer dereference in case of TMF (bnc#1012382).
- scsi: megaraid: silence a static checker bug (bnc#1012382).
- scsi: megaraid_sas: Increase timeout by 1 sec for non-RAID fastpath IOs (bnc#1012382).
- scsi: qla2xxx: Fix ISP recovery on unload (bnc#1012382).
- scsi: qla2xxx: Return error when TMF returns (bnc#1012382).
- scsi: scsi_dh: replace too broad 'TP9' string with the exact models (bnc#1012382).
- scsi: sr: Avoid that opening a CD-ROM hangs with runtime power management enabled (bnc#1012382).
- scsi: sysfs: Introduce sysfs_{un,}break_active_protection() (bnc#1012382).
- scsi: ufs: fix exception event handling (bnc#1012382).
- scsi: vmw_pvscsi: Return DID_RESET for status SAM_STAT_COMMAND_TERMINATED (bnc#1012382).
- scsi: xen-scsifront: add error handling for xenbus_printf (bnc#1012382).
- scsi_debug: call resp_XXX function after setting host_scribble (bsc#1069138).
- scsi_debug: reset injection flags for every_nth > 0 (bsc#1069138).
- selftest/seccomp: Fix the flag name SECCOMP_FILTER_FLAG_TSYNC (bnc#1012382).
- selftest/seccomp: Fix the seccomp(2) signature (bnc#1012382).
- selftests/ftrace: Add snapshot and tracing_on test case (bnc#1012382).
- selftests/x86/sigreturn/64: Fix spurious failures on AMD CPUs (bnc#1012382).
- selftests: pstore: return Kselftest Skip code for skipped tests (bnc#1012382).
- selftests: static_keys: return Kselftest Skip code for skipped tests (bnc#1012382).
- selftests: sync: add config fragment for testing sync framework (bnc#1012382).
- selftests: user: return Kselftest Skip code for skipped tests (bnc#1012382).
- selftests: zram: return Kselftest Skip code for skipped tests (bnc#1012382).
- serial: 8250_dw: always set baud rate in dw8250_set_termios (bnc#1012382).
- sfc: stop the TX queue before pushing new buffers (bsc#1017967 ).
- skbuff: Unconditionally copy pfmemalloc in __skb_clone() (bnc#1012382).
- slab: __GFP_ZERO is incompatible with a constructor (bnc#1107060).
- smb3: Do not send SMB3 SET_INFO if nothing changed (bnc#1012382).
- smb3: do not request leases in symlink creation and query (bnc#1012382).
- spi: davinci: fix a NULL pointer dereference (bnc#1012382).
- squashfs: be more careful about metadata corruption (bnc#1012382).
- squashfs: more metadata hardening (bnc#1012382).
- squashfs: more metadata hardenings (bnc#1012382).
- staging: android: ion: check for kref overflow (bnc#1012382).
- string: drop __must_check from strscpy() and restore strscpy() usages in cgroup (bsc#1107319).
- sys: do not hold uts_sem while accessing userspace memory (bnc#1106995).
- target_core_rbd: use RCU in free_device (bsc#1105524).
- tcp: Fix missing range_truesize enlargement in the backport (bnc#1012382).
- tcp: add max_quickacks param to tcp_incr_quickack and tcp_enter_quickack_mode (bnc#1012382).
- tcp: add one more quick ack after after ECN events (bnc#1012382).
- tcp: do not aggressively quick ack after ECN events (bnc#1012382).
- tcp: do not cancel delay-AcK on DCTCP special ACK (bnc#1012382).
- tcp: do not delay ACK in DCTCP upon CE status change (bnc#1012382).
- tcp: do not force quickack when receiving out-of-order packets (bnc#1012382).
- tcp: fix dctcp delayed ACK schedule (bnc#1012382).
- tcp: helpers to send special DCTCP ack (bnc#1012382).
- tcp: identify cryptic messages as TCP seq # bugs (bnc#1012382).
- tcp: refactor tcp_ecn_check_ce to remove sk type cast (bnc#1012382).
- tcp: remove DELAYED ACK events in DCTCP (bnc#1012382).
- tg3: Add higher cpu clock for 5762 (bnc#1012382).
- thermal: exynos: fix setting rising_threshold for Exynos5433 (bnc#1012382).
- timekeeping: Eliminate the stale declaration of ktime_get_raw_and_real_ts64() (bsc#969470).
- tools/power turbostat: Read extended processor family from CPUID (bnc#1012382).
- tools/power turbostat: fix -S on UP systems (bnc#1012382).
- tools: usb: ffs-test: Fix build on big endian systems (bnc#1012382).
- tpm: fix race condition in tpm_common_write() (bnc#1012382).
- tracing/blktrace: Fix to allow setting same value (bnc#1012382).
- tracing/kprobes: Fix trace_probe flags on enable_trace_kprobe() failure (bnc#1012382).
- tracing: Do not call start/stop() functions when tracing_on does not change (bnc#1012382).
- tracing: Fix double free of event_trigger_data (bnc#1012382).
- tracing: Fix possible double free in event_enable_trigger_func() (bnc#1012382).
- tracing: Quiet gcc warning about maybe unused link variable (bnc#1012382).
- tracing: Use __printf markup to silence compiler (bnc#1012382).
- tty: Fix data race in tty_insert_flip_string_fixed_flag (bnc#1012382).
- turn off -Wattribute-alias (bnc#1012382).
- ubi: Be more paranoid while seaching for the most recent Fastmap (bnc#1012382).
- ubi: Fix Fastmap's update_vol() (bnc#1012382).
- ubi: Fix races around ubi_refill_pools() (bnc#1012382).
- ubi: Introduce vol_ignored() (bnc#1012382).
- ubi: Rework Fastmap attach base code (bnc#1012382).
- ubi: fastmap: Erase outdated anchor PEBs during attach (bnc#1012382).
- ubifs: Check data node size before truncate (bsc#1106276).
- ubifs: Fix memory leak in lprobs self-check (bsc#1106278).
- ubifs: Fix synced_i_size calculation for xattr inodes (bsc#1106275).
- ubifs: xattr: Do not operate on deleted inodes (bsc#1106271).
- udl-kms: change down_interruptible to down (bnc#1012382).
- udl-kms: fix crash due to uninitialized memory (bnc#1012382).
- udl-kms: handle allocation failure (bnc#1012382).
- udlfb: set optimal write delay (bnc#1012382).
- uprobes: Use synchronize_rcu() not synchronize_sched() (bnc#1012382).
- usb/phy: fix PPC64 build errors in phy-fsl-usb.c (bnc#1012382).
- usb: audio-v2: Correct the comment for struct uac_clock_selector_descriptor (bsc#1099810).
- usb: cdc_acm: Add quirk for Castles VEGA3000 (bnc#1012382).
- usb: dwc2: debugfs: Do not touch RX FIFO during register dump (bsc#1100132).
- usb: dwc2: fix isoc split in transfer with no data (bnc#1012382).
- usb: gadget: composite: fix delayed_status race condition when set_interface (bnc#1012382).
- usb: gadget: dwc2: fix memory leak in gadget_init() (bnc#1012382).
- usb: gadget: f_fs: Only return delayed status when len is 0 (bnc#1012382).
- usb: gadget: f_uac2: fix endianness of 'struct cntrl_*_lay3' (bnc#1012382).
- usb: gadget: r8a66597: Fix a possible sleep-in-atomic-context bugs in r8a66597_queue() (bnc#1012382).
- usb: gadget: r8a66597: Fix two possible sleep-in-atomic-context bugs in init_controller() (bnc#1012382).
- usb: hub: Do not wait for connect state at resume for powered-off ports (bnc#1012382).
- usb: renesas_usbhs: gadget: fix spin_lock_init() for &uep->lock (bsc#1085536).
- usb: xhci: increase CRS timeout value (bnc#1012382).
- usbip: usbip_detach: Fix memory, udev context and udev leak (bnc#1012382).
- userns: move user access out of the mutex (bnc#1012382).
- vfs: add the sb_start_intwrite_trylock() helper (bsc#1101841).
- virtio_balloon: fix another race between migration and ballooning (bnc#1012382).
- virtio_console: fix uninitialized variable use.
- vmw_balloon: VMCI_DOORBELL_SET does not check status (bnc#1012382).
- vmw_balloon: do not use 2MB without batching (bnc#1012382).
- vmw_balloon: fix VMCI use when balloon built into kernel (bnc#1012382).
- vmw_balloon: fix inflation of 64-bit GFNs (bnc#1012382).
- vmxnet3: Replace msleep(1) with usleep_range() (bsc#1091860 bsc#1098253).
- vmxnet3: add receive data ring support (bsc#1091860 bsc#1098253).
- vmxnet3: add support for get_coalesce, set_coalesce ethtool operations (bsc#1091860 bsc#1098253).
- vmxnet3: allow variable length transmit data ring buffer (bsc#1091860 bsc#1098253).
- vmxnet3: avoid assumption about invalid dma_pa in vmxnet3_set_mc() (bsc#1091860 bsc#1098253).
- vmxnet3: avoid format strint overflow warning (bsc#1091860 bsc#1098253).
- vmxnet3: avoid xmit reset due to a race in vmxnet3 (bsc#1091860 bsc#1098253).
- vmxnet3: fix incorrect dereference when rxvlan is disabled (bsc#1091860 bsc#1098253).
- vmxnet3: fix non static symbol warning (bsc#1091860 bsc#1098253).
- vmxnet3: fix tx data ring copy for variable size (bsc#1091860 bsc#1098253).
- vmxnet3: increase default rx ring sizes (bsc#1091860 bsc#1098253).
- vmxnet3: introduce command to register memory region (bsc#1091860 bsc#1098253).
- vmxnet3: introduce generalized command interface to configure the device (bsc#1091860 bsc#1098253).
- vmxnet3: prepare for version 3 changes (bsc#1091860 bsc#1098253).
- vmxnet3: remove redundant initialization of pointer 'rq' (bsc#1091860 bsc#1098253).
- vmxnet3: remove unused flag 'rxcsum' from struct vmxnet3_adapter (bsc#1091860 bsc#1098253).
- vmxnet3: set the DMA mask before the first DMA map operation (bsc#1091860 bsc#1098253).
- vmxnet3: update to version 3 (bsc#1091860 bsc#1098253).
- vmxnet3: use DMA memory barriers where required (bsc#1091860 bsc#1098253).
- vmxnet3: use correct flag to indicate LRO feature (bsc#1091860 bsc#1098253).
- vsock: split dwork to avoid reinitializations (bnc#1012382).
- vti6: Fix dev->max_mtu setting (bsc#1033962).
- vti6: fix PMTU caching and reporting on xmit (bnc#1012382).
- wlcore: sdio: check for valid platform device data before suspend (bnc#1012382).
- x86/MCE: Remove min interval polling limitation (bnc#1012382).
- x86/amd: do not set X86_BUG_SYSRET_SS_ATTRS when running under Xen (bnc#1012382).
- x86/asm/entry/32: Simplify pushes of zeroed pt_regs->REGs (bnc#1012382).
- x86/bugs: Move the l1tf function and define pr_fmt properly (bnc#1012382).
- x86/bugs: Respect nospec command line option (bsc#1068032).
- x86/cpu/AMD: Fix erratum 1076 (CPB bit) (bnc#1012382).
- x86/cpu: Make alternative_msr_write work for 32-bit code (bnc#1012382).
- x86/cpu: Re-apply forced caps every time CPU caps are re-read (bnc#1012382).
- x86/cpufeature: preserve numbers (kabi).
- x86/cpufeatures: Add CPUID_7_EDX CPUID leaf (bnc#1012382).
- x86/cpufeatures: Clean up Spectre v2 related CPUID flags (bnc#1012382).
- x86/entry/64/compat: Clear registers for compat syscalls, to reduce speculation attack surface (bnc#1012382).
- x86/entry/64: Remove %ebx handling from error_entry/exit (bnc#1102715).
- x86/init: fix build with CONFIG_SWAP=n (bnc#1012382).
- x86/irqflags: Mark native_restore_fl extern inline (bnc#1012382).
- x86/irqflags: Provide a declaration for native_save_fl.
- x86/mm/kmmio: Make the tracer robust against L1TF (bnc#1012382).
- x86/mm/pat: Fix L1TF stable backport for CPA (bnc#1012382).
- x86/mm/pat: Fix L1TF stable backport for CPA, 2nd call (bnc#1012382).
- x86/mm/pat: Make set_memory_np() L1TF safe (bnc#1012382).
- x86/mm: Add TLB purge to free pmd/pte page interfaces (bnc#1012382).
- x86/mm: Disable ioremap free page handling on x86-PAE (bnc#1012382).
- x86/mm: Give each mm TLB flush generation a unique ID (bnc#1012382).
- x86/paravirt: Fix spectre-v2 mitigations for paravirt guests (bnc#1012382).
- x86/paravirt: Make native_save_fl() extern inline (bnc#1012382).
- x86/process: Correct and optimize TIF_BLOCKSTEP switch (bnc#1012382).
- x86/process: Optimize TIF checks in __switch_to_xtra() (bnc#1012382).
- x86/process: Optimize TIF_NOTSC switch (bnc#1012382).
- x86/process: Re-export start_thread() (bnc#1012382).
- x86/spectre: Add missing family 6 check to microcode check (bnc#1012382).
- x86/spectre_v2: Do not check microcode versions when running under hypervisors (bnc#1012382).
- x86/speculation/l1tf: Exempt zeroed PTEs from inversion (bnc#1012382).
- x86/speculation/l1tf: Extend 64bit swap file size limit (bnc#1012382).
- x86/speculation/l1tf: Fix off-by-one error when warning that system has too much RAM (bnc#1105536).
- x86/speculation/l1tf: Fix overflow in l1tf_pfn_limit() on 32bit (bnc#1012382).
- x86/speculation/l1tf: Fix up CPU feature flags (bnc#1012382).
- x86/speculation/l1tf: Fix up pte->pfn conversion for PAE (bnc#1012382).
- x86/speculation/l1tf: Increase l1tf memory limit for Nehalem+ (bnc#1105536).
- x86/speculation/l1tf: Invert all not present mappings (bnc#1012382).
- x86/speculation/l1tf: Make pmd/pud_mknotpresent() invert (bnc#1012382).
- x86/speculation/l1tf: Protect PAE swap entries against L1TF (bnc#1012382).
- x86/speculation/l1tf: Suggest what to do on systems with too much RAM (bnc#1105536).
- x86/speculation/l1tf: Unbreak !__HAVE_ARCH_PFN_MODIFY_ALLOWED architectures (bnc#1012382).
- x86/speculation: Add <asm/msr-index.h> dependency (bnc#1012382).
- x86/speculation: Add basic IBPB (Indirect Branch Prediction Barrier) support (bnc#1012382).
- x86/speculation: Clean up various Spectre related details (bnc#1012382).
- x86/speculation: Correct Speculation Control microcode blacklist again (bnc#1012382).
- x86/speculation: Move firmware_restrict_branch_speculation_*() from C to CPP (bnc#1012382).
- x86/speculation: Update Speculation Control microcode blacklist (bnc#1012382).
- x86/speculation: Use ARCH_CAPABILITIES to skip L1D flush on vmentry (bsc#1106369).
- x86/speculation: Use IBRS if available before calling into firmware (bnc#1012382).
- x86/speculation: Use Indirect Branch Prediction Barrier in context switch (bnc#1012382).
- x86/xen: Add call of speculative_store_bypass_ht_init() to PV paths (bnc#1012382).
- xen-netfront: wait xenbus state change when load module manually (bnc#1012382).
- xen/blkback: do not keep persistent grants too long (bsc#1085042).
- xen/blkback: move persistent grants flags to bool (bsc#1085042).
- xen/blkfront: cleanup stale persistent grants (bsc#1085042).
- xen/blkfront: reorder tests in xlblk_init() (bsc#1085042).
- xen/netfront: do not cache skb_shinfo() (bnc#1012382).
- xen: avoid crash in disable_hotplug_cpu (bsc#1106594).
- xen: set cpu capabilities from xen_start_kernel() (bnc#1012382).
- xfrm: fix missing dst_release() after policy blocking lbcast and multicast (bnc#1012382).
- xfrm: free skb if nlsk pointer is NULL (bnc#1012382).
- xfrm_user: prevent leaking 2 bytes of kernel memory (bnc#1012382).
- xfs: Remove dead code from inode recover function (bsc#1105396).
- xfs: repair malformed inode items during log recovery (bsc#1105396).
- xhci: Fix perceived dead host due to runtime suspend race with event handler (bnc#1012382).
- zswap: re-check zswap_is_full() after do zswap_shrink() (bnc#1012382).
Patchnames
SUSE-SLE-SDK-12-SP3-2018-2004,SUSE-SLE-SERVER-12-SP3-2018-2004
Terms of use
CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).
{ document: { aggregate_severity: { namespace: "https://www.suse.com/support/security/rating/", text: "important", }, category: "csaf_security_advisory", csaf_version: "2.0", distribution: { text: "Copyright 2024 SUSE LLC. All rights reserved.", tlp: { label: "WHITE", url: "https://www.first.org/tlp/", }, }, lang: "en", notes: [ { category: "summary", text: "Security update for the Linux Kernel", title: "Title of the patch", }, { category: "description", text: "\nThe SUSE Linux Enterprise 12 SP3 azure kernel was updated to 4.4.155 to receive various security and bugfixes.\n\nThe following security bugs were fixed:\n\n- CVE-2018-13093: Prevent NULL pointer dereference and panic in lookup_slow()\n on a NULL inode->i_ops pointer when doing pathwalks on a corrupted xfs image.\n This occured because of a lack of proper validation that cached inodes are free\n during allocation (bnc#1100001)\n- CVE-2018-13095: Prevent denial of service (memory corruption and BUG) that\n could have occurred for a corrupted xfs image upon encountering an inode that\n is in extent format, but has more extents than fit in the inode fork\n (bnc#1099999)\n- CVE-2018-13094: Prevent OOPS that may have occured for a corrupted xfs image\n after xfs_da_shrink_inode() is called with a NULL bp (bnc#1100000)\n- CVE-2018-12896: Prevent integer overflow in the POSIX timer code that was\n caused by the way the overrun accounting works. Depending on interval and\n expiry time values, the overrun can be larger than INT_MAX, but the accounting\n is int based. This basically made the accounting values, which are visible to\n user space via timer_getoverrun(2) and siginfo::si_overrun, random. This\n allowed a local user to cause a denial of service (signed integer overflow) via\n crafted mmap, futex, timer_create, and timer_settime system calls (bnc#1099922)\n- CVE-2018-16658: Prevent information leak in cdrom_ioctl_drive_status that\n could have been used by local attackers to read kernel memory (bnc#1107689)\n- CVE-2018-10940: The cdrom_ioctl_media_changed function allowed local\n attackers to use a incorrect bounds check in the CDROM driver\n CDROM_MEDIA_CHANGED ioctl to read out kernel memory (bsc#1092903)\n- CVE-2018-6555: The irda_setsockopt function allowed local users to cause a\n denial of service (ias_object use-after-free and system crash) or possibly have\n unspecified other impact via an AF_IRDA socket (bnc#1106511)\n- CVE-2018-6554: Prevent memory leak in the irda_bind function that allowed\n local users to cause a denial of service (memory consumption) by repeatedly\n binding an AF_IRDA socket (bnc#1106509)\n- CVE-2018-1129: A flaw was found in the way signature calculation was handled\n by cephx authentication protocol. An attacker having access to ceph cluster\n network who is able to alter the message payload was able to bypass signature\n checks done by cephx protocol (bnc#1096748)\n- CVE-2018-1128: It was found that cephx authentication protocol did not verify\n ceph clients correctly and was vulnerable to replay attack. Any attacker having\n access to ceph cluster network who is able to sniff packets on network can use\n this vulnerability to authenticate with ceph service and perform actions\n allowed by ceph service (bnc#1096748)\n- CVE-2018-10938: A crafted network packet sent remotely by an attacker forced\n the kernel to enter an infinite loop in the cipso_v4_optptr() function leading\n to a denial-of-service (bnc#1106016)\n- CVE-2018-15572: The spectre_v2_select_mitigation function did not always fill\n RSB upon a context switch, which made it easier for attackers to conduct\n userspace-userspace spectreRSB attacks (bnc#1102517)\n- CVE-2018-10902: Protect against concurrent access to prevent double realloc\n (double free) in snd_rawmidi_input_params() and snd_rawmidi_output_status(). A\n malicious local attacker could have used this for privilege escalation\n (bnc#1105322).\n- CVE-2018-9363: Prevent buffer overflow in hidp_process_report (bsc#1105292)\n- CVE-2018-10883: A local user could have caused an out-of-bounds write in\n jbd2_journal_dirty_metadata(), a denial of service, and a system crash by\n mounting and operating on a crafted ext4 filesystem image (bsc#1099863)\n- CVE-2018-10879: A local user could have caused a use-after-free in\n ext4_xattr_set_entry function and a denial of service or unspecified other\n impact by renaming a file in a crafted ext4 filesystem image (bsc#1099844)\n- CVE-2018-10878: A local user could have caused an out-of-bounds write and a\n denial of service or unspecified other impact by mounting and operating a\n crafted ext4 filesystem image (bsc#1099813)\n- CVE-2018-10876: A use-after-free was possible in ext4_ext_remove_space()\n function when mounting and operating a crafted ext4 image (bsc#1099811)\n- CVE-2018-10877: Prevent out-of-bound access in the ext4_ext_drop_refs()\n function when operating on a crafted ext4 filesystem image (bsc#1099846)\n- CVE-2018-10881: A local user could have caused an out-of-bound access in\n ext4_get_group_info function, a denial of service, and a system crash by\n mounting and operating on a crafted ext4 filesystem image (bsc#1099864)\n- CVE-2018-10882: A local user could have caused an out-of-bound write, a\n denial of service, and a system crash by unmounting a crafted ext4 filesystem\n image (bsc#1099849)\n- CVE-2018-10880: Prevent stack-out-of-bounds write in the ext4 filesystem code\n when mounting and writing to a crafted ext4 image in ext4_update_inline_data().\n An attacker could have used this to cause a system crash and a denial of\n service (bsc#1099845)\n\nThe following non-security bugs were fixed:\n\n- 9p/net: Fix zero-copy path in the 9p virtio transport (bnc#1012382).\n- 9p/virtio: fix off-by-one error in sg list bounds check (bnc#1012382).\n- 9p: fix multiple NULL-pointer-dereferences (bnc#1012382).\n- ACPI / LPSS: Add missing prv_offset setting for byt/cht PWM devices (bnc#1012382).\n- ACPI / PCI: Bail early in acpi_pci_add_bus() if there is no ACPI handle (bnc#1012382).\n- ACPI / PM: save NVS memory for ASUS 1025C laptop (bnc#1012382).\n- ACPI: save NVS memory for Lenovo G50-45 (bnc#1012382).\n- ALSA: cs5535audio: Fix invalid endian conversion (bnc#1012382).\n- ALSA: emu10k1: Rate-limit error messages about page errors (bnc#1012382).\n- ALSA: emu10k1: add error handling for snd_ctl_add (bnc#1012382).\n- ALSA: fm801: add error handling for snd_ctl_add (bnc#1012382).\n- ALSA: hda - Sleep for 10ms after entering D3 on Conexant codecs (bnc#1012382).\n- ALSA: hda - Turn CX8200 into D3 as well upon reboot (bnc#1012382).\n- ALSA: hda/ca0132: fix build failure when a local macro is defined (bnc#1012382).\n- ALSA: hda: Correct Asrock B85M-ITX power_save blacklist entry (bnc#1012382).\n- ALSA: memalloc: Do not exceed over the requested size (bnc#1012382).\n- ALSA: rawmidi: Change resized buffers atomically (bnc#1012382).\n- ALSA: snd-aoa: add of_node_put() in error path (bsc#1099810).\n- ALSA: usb-audio: Apply rate limit to warning messages in URB complete callback (bnc#1012382).\n- ALSA: virmidi: Fix too long output trigger loop (bnc#1012382).\n- ALSA: vx222: Fix invalid endian conversions (bnc#1012382).\n- ALSA: vxpocket: Fix invalid endian conversions (bnc#1012382).\n- ARC: Enable machine_desc->init_per_cpu for !CONFIG_SMP (bnc#1012382).\n- ARC: Explicitly add -mmedium-calls to CFLAGS (bnc#1012382).\n- ARC: Fix CONFIG_SWAP (bnc#1012382).\n- ARC: mm: allow mprotect to make stack mappings executable (bnc#1012382).\n- ARM: 8780/1: ftrace: Only set kernel memory back to read-only after boot (bnc#1012382).\n- ARM: dts: Cygnus: Fix I2C controller interrupt type (bnc#1012382).\n- ARM: dts: am3517.dtsi: Disable reference to OMAP3 OTG controller (bnc#1012382).\n- ARM: dts: am437x: make edt-ft5x06 a wakeup source (bnc#1012382).\n- ARM: dts: da850: Fix interrups property for gpio (bnc#1012382).\n- ARM: dts: imx6sx: fix irq for pcie bridge (bnc#1012382).\n- ARM: fix put_user() for gcc-8 (bnc#1012382).\n- ARM: imx_v4_v5_defconfig: Select ULPI support (bnc#1012382).\n- ARM: imx_v6_v7_defconfig: Select ULPI support (bnc#1012382).\n- ARM: pxa: irq: fix handling of ICMR registers in suspend/resume (bnc#1012382).\n- ARM: tegra: Fix Tegra30 Cardhu PCA954x reset (bnc#1012382).\n- ASoC: Intel: cht_bsw_max98090: remove useless code, align with ChromeOS driver.\n- ASoC: Intel: cht_bsw_max98090_ti: Fix jack initialization (bnc#1012382).\n- ASoC: dpcm: do not merge format from invalid codec dai (bnc#1012382).\n- ASoC: dpcm: fix BE dai not hw_free and shutdown (bnc#1012382).\n- ASoC: pxa: Fix module autoload for platform drivers (bnc#1012382).\n- ASoC: sirf: Fix potential NULL pointer dereference (bnc#1012382).\n- Add reference to bsc#1091171 (bnc#1012382; bsc#1091171).\n- Bluetooth: avoid killing an already killed socket (bnc#1012382).\n- Bluetooth: btusb: Add a new Realtek 8723DE ID 2ff8:b011 (bnc#1012382).\n- Bluetooth: btusb: Remove Yoga 920 from the btusb_needs_reset_resume_table (bsc#1087092).\n- Bluetooth: btusb: Use DMI matching for QCA reset_resume quirking (bsc#1087092).\n- Bluetooth: hci_qca: Fix 'Sleep inside atomic section' warning (bnc#1012382).\n- Documentation/spec_ctrl: Do some minor cleanups (bnc#1012382).\n- HID: hid-plantronics: Re-resend Update to map button for PTT products (bnc#1012382).\n- HID: i2c-hid: check if device is there before really probing (bnc#1012382).\n- HID: wacom: Correct touch maximum XY of 2nd-gen Intuos (bnc#1012382).\n- IB/core: Make testing MR flags for writability a static inline function (bnc#1012382).\n- IB/core: Remove duplicate declaration of gid_cache_wq (bsc#1056596).\n- IB/iser: Do not reduce max_sectors (bsc#1063646).\n- IB/mlx4: Fix an error handling path in 'mlx4_ib_rereg_user_mr()'.\n- IB/mlx4: Mark user MR as writable if actual virtual memory is writable (bnc#1012382).\n- IB/mlx5: Fetch soft WQE's on fatal error state (bsc#1015342 bsc#1015343).\n- IB/mlx5: Use 'kvfree()' for memory allocated by 'kvzalloc()' (bsc#1015342 bsc#1015343).\n- IB/ocrdma: fix out of bounds access to local buffer (bnc#1012382).\n- Input: elan_i2c - add ACPI ID for lenovo ideapad 330 (bnc#1012382).\n- Input: elan_i2c - add another ACPI ID for Lenovo Ideapad 330-15AST (bnc#1012382).\n- Input: i8042 - add Lenovo LaVie Z to the i8042 reset list (bnc#1012382).\n- KVM/Eventfd: Avoid crash when assign and deassign specific eventfd in parallel (bnc#1012382).\n- KVM: MMU: always terminate page walks at level 1 (bsc#1062604).\n- KVM: MMU: simplify last_pte_bitmap (bsc#1062604).\n- KVM: VMX: Work around kABI breakage in 'enum vmx_l1d_flush_state' (bsc#1106369).\n- KVM: VMX: fixes for vmentry_l1d_flush module parameter (bsc#1106369).\n- KVM: arm/arm64: Skip updating PMD entry if no change (bnc#1012382).\n- KVM: arm/arm64: Skip updating PTE entry if no change (bnc#1012382).\n- KVM: irqfd: fix race between EPOLLHUP and irq_bypass_register_consumer (bnc#1012382).\n- KVM: nVMX: update last_nonleaf_level when initializing nested EPT (bsc#1062604).\n- MIPS: Correct the 64-bit DSP accumulator register size (bnc#1012382).\n- MIPS: Fix off-by-one in pci_resource_to_user() (bnc#1012382).\n- MIPS: ath79: fix register address in ath79_ddr_wb_flush() (bnc#1012382).\n- MIPS: lib: Provide MIPS64r6 __multi3() for GCC < 7 (bnc#1012382).\n- NET: stmmac: align DMA stuff to largest cache line length (bnc#1012382).\n- PCI: Prevent sysfs disable of device while driver is attached (bnc#1012382).\n- PCI: Skip MPS logic for Virtual Functions (VFs) (bnc#1012382).\n- PCI: hotplug: Do not leak pci_slot on registration failure (bnc#1012382).\n- PCI: pciehp: Fix use-after-free on unplug (bnc#1012382).\n- PCI: pciehp: Request control of native hotplug only if supported (bnc#1012382).\n- PM / sleep: wakeup: Fix build error caused by missing SRCU support (bnc#1012382).\n- RDMA/i40iw: Avoid panic when objects are being created and destroyed (bsc#969476 bsc#969477).\n- RDMA/i40iw: Avoid panic when reading back the IRQ affinity hint (bsc#969476 bsc#969477).\n- RDMA/i40iw: Avoid reference leaks when processing the AEQ (bsc#969476 bsc#969477).\n- RDMA/i40w: Hold read semaphore while looking after VMA (bsc#1024376).\n- RDMA/mad: Convert BUG_ONs to error flows (bnc#1012382).\n- RDMA/mlx5: Use proper spec flow label type (bsc#1015342 bsc#1015343).\n- Revert 'MIPS: BCM47XX: Enable 74K Core ExternalSync for PCIe erratum' (bnc#1012382).\n- Revert 'UBIFS: Fix potential integer overflow in allocation' (bnc#1012382).\n- Revert 'f2fs: handle dirty segments inside refresh_sit_entry' (bsc#1106281).\n- Revert 'mm: page_alloc: skip over regions of invalid pfns where possible' (bnc#1107078).\n- Revert 'net: Do not copy pfmemalloc flag in __copy_skb_header()' (kabi).\n- Revert 'netfilter: ipv6: nf_defrag: reduce struct net memory waste' (kabi).\n- Revert 'skbuff: Unconditionally copy pfmemalloc in __skb_clone()' (kabi).\n- Revert 'vsock: split dwork to avoid reinitializations' (kabi).\n- Revert 'x86/mm: Give each mm TLB flush generation a unique ID' (kabi).\n- Revert 'x86/speculation/l1tf: Fix up CPU feature flags' (kabi).\n- Revert 'x86/speculation: Use Indirect Branch Prediction Barrier in context switch' (kabi).\n- Smack: Mark inode instant in smack_task_to_inode (bnc#1012382).\n- USB: musb: fix external abort on suspend (bsc#1085536).\n- USB: option: add support for DW5821e (bnc#1012382).\n- USB: serial: metro-usb: stop I/O after failed open (bsc#1085539).\n- USB: serial: sierra: fix potential deadlock at close (bnc#1012382).\n- Workaround kABI breakage by __must_check drop of strscpy() (bsc#1107319).\n- afs: Fix directory permissions check (bsc#1106283).\n- arc: fix build errors in arc/include/asm/delay.h (bnc#1012382).\n- arc: fix type warnings in arc/mm/cache.c (bnc#1012382).\n- arm64: make secondary_start_kernel() notrace (bnc#1012382).\n- arm64: mm: check for upper PAGE_SHIFT bits in pfn_valid() (bnc#1012382).\n- ath: Add regulatory mapping for APL13_WORLD (bnc#1012382).\n- ath: Add regulatory mapping for APL2_FCCA (bnc#1012382).\n- ath: Add regulatory mapping for Bahamas (bnc#1012382).\n- ath: Add regulatory mapping for Bermuda (bnc#1012382).\n- ath: Add regulatory mapping for ETSI8_WORLD (bnc#1012382).\n- ath: Add regulatory mapping for FCC3_ETSIC (bnc#1012382).\n- ath: Add regulatory mapping for Serbia (bnc#1012382).\n- ath: Add regulatory mapping for Tanzania (bnc#1012382).\n- ath: Add regulatory mapping for Uganda (bnc#1012382).\n- atl1c: reserve min skb headroom (bnc#1012382).\n- atm: Preserve value of skb->truesize when accounting to vcc (bsc#1089066).\n- audit: allow not equal op for audit by executable (bnc#1012382).\n- backlight: as3711_bl: Fix Device Tree node leaks (bsc#1106929).\n- backlight: lm3630a: Bump REG_MAX value to 0x50 instead of 0x1F (bsc#1106929).\n- bcache: avoid unncessary cache prefetch bch_btree_node_get() (bsc#1064232).\n- bcache: calculate the number of incremental GC nodes according to the total of btree nodes (bsc#1064232).\n- bcache: display rate debug parameters to 0 when writeback is not running (bsc#1064232).\n- bcache: do not check return value of debugfs_create_dir() (bsc#1064232).\n- bcache: finish incremental GC (bsc#1064232).\n- bcache: fix I/O significant decline while backend devices registering (bsc#1064232).\n- bcache: fix error setting writeback_rate through sysfs interface (bsc#1064232).\n- bcache: free heap cache_set->flush_btree in bch_journal_free (bsc#1064232).\n- bcache: make the pr_err statement used for ENOENT only in sysfs_attatch section (bsc#1064232).\n- bcache: release dc->writeback_lock properly in bch_writeback_thread() (bsc#1064232).\n- bcache: set max writeback rate when I/O request is idle (bsc#1064232).\n- bcache: simplify the calculation of the total amount of flash dirty data (bsc#1064232).\n- be2net: remove unused old custom busy-poll fields (bsc#1021121 ).\n- blkdev: __blkdev_direct_IO_simple: fix leak in error case (bsc#1083663).\n- block: bio_iov_iter_get_pages: fix size of last iovec (bsc#1083663).\n- block: bio_iov_iter_get_pages: pin more pages for multi-segment IOs (bsc#1083663).\n- block: do not use interruptible wait anywhere (bnc#1012382).\n- bnx2x: Fix invalid memory access in rss hash config path (bnc#1012382).\n- bnx2x: Fix receiving tx-timeout in error or recovery state (bnc#1012382).\n- bnxt_en: Always set output parameters in bnxt_get_max_rings() (bsc#963575).\n- bnxt_en: Fix for system hang if request_irq fails (bnc#1012382).\n- bnxt_en: Fix inconsistent BNXT_FLAG_AGG_RINGS logic (bsc#1020412 ).\n- bpf: fix references to free_bpf_prog_info() in comments (bnc#1012382).\n- brcmfmac: Add support for bcm43364 wireless chipset (bnc#1012382).\n- brcmfmac: stop watchdog before detach and free everything (bnc#1012382).\n- bridge: Propagate vlan add failure to user (bnc#1012382).\n- btrfs: Do not remove block group still has pinned down bytes (bsc#1086457).\n- btrfs: add barriers to btrfs_sync_log before log_commit_wait wakeups (bnc#1012382).\n- btrfs: do not leak ret from do_chunk_alloc (bnc#1012382).\n- btrfs: qgroup: Finish rescan when hit the last leaf of extent tree (bnc#1012382).\n- btrfs: quota: Set rescan progress to (u64)-1 if we hit last leaf.\n- btrfs: round down size diff when shrinking/growing device (bsc#1097105).\n- can: ems_usb: Fix memory leak on ems_usb_disconnect() (bnc#1012382).\n- can: mpc5xxx_can: check of_iomap return before use (bnc#1012382).\n- can: xilinx_can: fix RX loop if RXNEMP is asserted without RXOK (bnc#1012382).\n- can: xilinx_can: fix RX overflow interrupt not being enabled (bnc#1012382).\n- can: xilinx_can: fix device dropping off bus on RX overrun (bnc#1012382).\n- can: xilinx_can: fix incorrect clear of non-processed interrupts (bnc#1012382).\n- can: xilinx_can: fix recovery from error states not being propagated (bnc#1012382).\n- can: xilinx_can: keep only 1-2 frames in TX FIFO to fix TX accounting (bnc#1012382).\n- cdrom: Fix info leak/OOB read in cdrom_ioctl_drive_status (bnc#1012382).\n- ceph: fix incorrect use of strncpy (bsc#1107319).\n- ceph: return errors from posix_acl_equiv_mode() correctly (bsc#1107320).\n- cifs: Fix stack out-of-bounds in smb{2,3}_create_lease_buf() (bsc#1012382).\n- cifs: add missing debug entries for kconfig options (bnc#1012382).\n- cifs: check kmalloc before use (bsc#1012382).\n- cifs: store the leaseKey in the fid on SMB2_open (bsc#1012382).\n- clk: tegra: Fix PLL_U post divider and initial rate on Tegra30 (bnc#1012382).\n- crypto: ablkcipher - fix crash flushing dcache in error path (bnc#1012382).\n- crypto: authenc - do not leak pointers to authenc keys (bnc#1012382).\n- crypto: authencesn - do not leak pointers to authenc keys (bnc#1012382).\n- crypto: blkcipher - fix crash flushing dcache in error path (bnc#1012382).\n- crypto: padlock-aes - Fix Nano workaround data corruption (bnc#1012382).\n- crypto: vmac - require a block cipher with 128-bit block size (bnc#1012382).\n- crypto: vmac - separate tfm and request context (bnc#1012382).\n- crypto: vmx - Fix sleep-in-atomic bugs (bsc#1048317).\n- cxgb4: when disabling dcb set txq dcb priority to 0 (bnc#1012382).\n- cxl: Fix wrong comparison in cxl_adapter_context_get() (bsc#1055014).\n- dccp: fix undefined behavior with 'cwnd' shift in ccid2_cwnd_restart() (bnc#1012382).\n- disable loading f2fs module on PAGE_SIZE > 4KB (bnc#1012382).\n- dm cache metadata: save in-core policy_hint_size to on-disk superblock (bnc#1012382).\n- dma-iommu: Fix compilation when !CONFIG_IOMMU_DMA (bnc#1012382).\n- dmaengine: k3dma: Off by one in k3_of_dma_simple_xlate() (bnc#1012382).\n- dmaengine: pxa_dma: remove duplicate const qualifier (bnc#1012382).\n- driver core: Partially revert 'driver core: correct device's shutdown order' (bnc#1012382).\n- drivers: net: lmc: fix case value for target abort error (bnc#1012382).\n- drm/armada: fix colorkey mode property (bnc#1012382).\n- drm/atmel-hlcdc: check stride values in the first plane (bsc#1106929).\n- drm/atomic: Handling the case when setting old crtc for plane (bnc#1012382).\n- drm/bridge: adv7511: Reset registers on hotplug (bnc#1012382).\n- drm/cirrus: Use drm_framebuffer_put to avoid kernel oops in clean-up (bsc#1101822).\n- drm/drivers: add support for using the arch wc mapping API.\n- drm/exynos/dsi: mask frame-done interrupt (bsc#1106929).\n- drm/exynos: decon5433: Fix WINCONx reset value (bnc#1012382).\n- drm/exynos: decon5433: Fix per-plane global alpha for XRGB modes (bnc#1012382).\n- drm/exynos: gsc: Fix support for NV16/61, YUV420/YVU420 and YUV422 modes (bnc#1012382).\n- drm/gma500: fix psb_intel_lvds_mode_valid()'s return type (bnc#1012382).\n- drm/i915/userptr: reject zero user_size (bsc#1090888).\n- drm/i915: Correctly handle limited range YCbCr data on VLV/CHV (bsc#1087092).\n- drm/imx: fix typo in ipu_plane_formats (bsc#1106929).\n- drm/imx: imx-ldb: check if channel is enabled before printing warning (bnc#1012382).\n- drm/imx: imx-ldb: disable LDB on driver bind (bnc#1012382).\n- drm/msm/hdmi: Use bitwise operators when building register values (bsc#1106929).\n- drm/nouveau/gem: off by one bugs in nouveau_gem_pushbuf_reloc_apply() (bnc#1012382).\n- drm/panel: type promotion bug in s6e8aa0_read_mtp_id() (bsc#1105769).\n- drm/radeon: fix mode_valid's return type (bnc#1012382).\n- drm: Add DP PSR2 sink enable bit (bnc#1012382).\n- drm: Reject getfb for multi-plane framebuffers (bsc#1106929).\n- enic: do not call enic_change_mtu in enic_probe.\n- enic: handle mtu change for vf properly (bnc#1012382).\n- enic: initialize enic->rfs_h.lock in enic_probe (bnc#1012382).\n- ext4: check for NUL characters in extended attribute's name (bnc#1012382).\n- ext4: check for allocation block validity with block group locked (bsc#1104495).\n- ext4: do not update s_last_mounted of a frozen fs (bsc#1101841).\n- ext4: factor out helper ext4_sample_last_mounted() (bsc#1101841).\n- ext4: fix check to prevent initializing reserved inodes (bsc#1104319).\n- ext4: fix false negatives *and* false positives in ext4_check_descriptors() (bsc#1103445).\n- ext4: fix inline data updates with checksums enabled (bsc#1104494).\n- ext4: fix spectre gadget in ext4_mb_regular_allocator() (bnc#1012382).\n- ext4: reset error code in ext4_find_entry in fallback (bnc#1012382).\n- ext4: sysfs: print ext4_super_block fields as little-endian (bsc#1106229).\n- f2fs: fix to do not trigger writeback during recovery (bnc#1012382).\n- fat: fix memory allocation failure handling of match_strdup() (bnc#1012382).\n- fb: fix lost console when the user unplugs a USB adapter (bnc#1012382).\n- fbdev: omapfb: off by one in omapfb_register_client() (bsc#1106929).\n- fix __legitimize_mnt()/mntput() race (bnc#1012382).\n- fix mntput/mntput race (bnc#1012382).\n- fork: unconditionally clear stack on fork (bnc#1012382).\n- fs/9p/xattr.c: catch the error of p9_client_clunk when setting xattr failed (bnc#1012382).\n- fs/dax.c: fix inefficiency in dax_writeback_mapping_range() (bsc#1106185).\n- fs/quota: Fix spectre gadget in do_quotactl (bnc#1012382).\n- fs: aio: fix the increment of aio-nr and counting against aio-max-nr (bsc#1068075, bsc#1078921).\n- fuse: Add missed unlock_page() to fuse_readpages_fill() (bnc#1012382).\n- fuse: Do not access pipe->buffers without pipe_lock() (bnc#1012382).\n- fuse: Fix oops at process_init_reply() (bnc#1012382).\n- fuse: fix double request_end() (bnc#1012382).\n- fuse: fix unlocked access to processing queue (bnc#1012382).\n- fuse: umount should wait for all requests (bnc#1012382).\n- genirq/proc: Return proper error code when irq_set_affinity() fails (bnc#1105392).\n- getxattr: use correct xattr length (bnc#1012382).\n- hfsplus: Do not clear SGID when inheriting ACLs (bsc#1030552).\n- hvc_opal: do not set tb_ticks_per_usec in udbg_init_opal_common() (bnc#1012382).\n- hwrng: exynos - Disable runtime PM on driver unbind.\n- i2c: davinci: Avoid zero value of CLKH (bnc#1012382).\n- i2c: imx: Fix race condition in dma read (bnc#1012382).\n- i2c: imx: Fix reinit_completion() use (bnc#1012382).\n- i2c: ismt: fix wrong device address when unmap the data buffer (bnc#1012382).\n- i40e: use cpumask_copy instead of direct assignment (bsc#1053685).\n- i40iw: Fix memory leak in error path of create QP (bsc#969476 bsc#969477).\n- i40iw: Use correct address in dst_neigh_lookup for IPv6 (bsc#969476 bsc#969477).\n- ibmvnic: Include missing return code checks in reset function (bnc#1107966).\n- ieee802154: at86rf230: switch from BUG_ON() to WARN_ON() on problem (bnc#1012382).\n- ieee802154: at86rf230: use __func__ macro for debug messages (bnc#1012382).\n- ieee802154: fakelb: switch from BUG_ON() to WARN_ON() on problem (bnc#1012382).\n- igb: Fix not adding filter elements to the list (bsc#1024361 bsc#1024365).\n- iio: ad9523: Fix displayed phase (bnc#1012382).\n- iio: ad9523: Fix return value for ad952x_store() (bnc#1012382).\n- inet: frag: enforce memory limits earlier (bnc#1012382 bsc#970506).\n- iommu/amd: make sure TLB to be flushed before IOVA freed (bsc#1106105).\n- iommu/vt-d: Add definitions for PFSID (bnc#1012382).\n- iommu/vt-d: Fix dev iotlb pfsid use (bnc#1012382).\n- iommu/vt-d: Ratelimit each dmar fault printing (bsc#1106105).\n- ioremap: Update pgtable free interfaces with addr (bnc#1012382).\n- ip: hash fragments consistently (bnc#1012382).\n- ip: in cmsg IP(V6)_ORIGDSTADDR call pskb_may_pull (bnc#1012382).\n- ipconfig: Correctly initialise ic_nameservers (bnc#1012382).\n- ipv4+ipv6: Make INET*_ESP select CRYPTO_ECHAINIV (bnc#1012382).\n- ipv4: Return EINVAL when ping_group_range sysctl does not map to user ns (bnc#1012382).\n- ipv4: remove BUG_ON() from fib_compute_spec_dst (bnc#1012382).\n- ipv6: fix useless rol32 call on hash (bnc#1012382).\n- ipv6: mcast: fix unsolicited report interval after receiving querys (bnc#1012382).\n- ipvlan: use ETH_MAX_MTU as max mtu (bsc#1033962).\n- iscsi target: fix session creation failure handling (bnc#1012382).\n- isdn: Disable IIOCDBGVAR (bnc#1012382).\n- iw_cxgb4: remove duplicate memcpy() in c4iw_create_listen() (bsc#969476 bsc#969477).\n- iwlwifi: pcie: fix race in Rx buffer allocator (bnc#1012382).\n- ixgbe: Be more careful when modifying MAC filters (bnc#1012382).\n- jfs: Do not clear SGID when inheriting ACLs (bsc#1030552).\n- jump_label: Add RELEASE barrier after text changes (bsc#1105271).\n- jump_label: Fix concurrent static_key_enable/disable() (bsc#1105271).\n- jump_label: Move CPU hotplug locking (bsc#1105271).\n- jump_label: Provide hotplug context variants (bsc#1105271).\n- jump_label: Reduce the size of struct static_key (bsc#1105271).\n- jump_label: Reorder hotplug lock and jump_label_lock (bsc#1105271).\n- jump_label: Split out code under the hotplug lock (bsc#1105271).\n- jump_label: remove bug.h, atomic.h dependencies for HAVE_JUMP_LABEL (bsc#1105271).\n- kABI: protect enum tcp_ca_event (kabi).\n- kABI: reexport tcp_send_ack (kabi).\n- kabi/severities: Ignore missing cpu_tss_tramp (bsc#1099597)\n- kabi: x86/speculation/l1tf: Increase l1tf memory limit for Nehalem+ (bnc#1105536).\n- kasan: do not emit builtin calls when sanitization is off (bnc#1012382).\n- kasan: fix shadow_size calculation error in kasan_module_alloc (bnc#1012382).\n- kbuild: verify that $DEPMOD is installed (bnc#1012382).\n- kernel: improve spectre mitigation (bnc#1106934, LTC#171029).\n- kprobes/x86: Fix %p uses in error messages (bnc#1012382).\n- kprobes: Make list and blacklist root user read only (bnc#1012382).\n- kthread, tracing: Do not expose half-written comm when creating kthreads (bsc#1104897).\n- kvm: x86: vmx: fix vpid leak (bnc#1012382).\n- l2tp: use sk_dst_check() to avoid race on sk->sk_dst_cache (bnc#1012382).\n- lib/rhashtable: consider param->min_size when setting initial table size (bnc#1012382).\n- libata: Fix command retry decision (bnc#1012382).\n- libceph: check authorizer reply/challenge length before reading (bsc#1096748).\n- libceph: factor out __ceph_x_decrypt() (bsc#1096748).\n- libceph: factor out __prepare_write_connect() (bsc#1096748).\n- libceph: factor out encrypt_authorizer() (bsc#1096748).\n- libceph: store ceph_auth_handshake pointer in ceph_connection (bsc#1096748).\n- libceph: weaken sizeof check in ceph_x_verify_authorizer_reply() (bsc#1096748).\n- llc: use refcount_inc_not_zero() for llc_sap_find() (bnc#1012382).\n- locking/lockdep: Do not record IRQ state within lockdep code (bnc#1012382).\n- locks: pass inode pointer to locks_free_lock_context (bsc@1099832).\n- locks: prink more detail when there are leaked locks (bsc#1099832).\n- locks: restore a warn for leaked locks on close (bsc#1099832).\n- m68k: fix 'bad page state' oops on ColdFire boot (bnc#1012382).\n- mac80211: add stations tied to AP_VLANs during hw reconfig (bnc#1012382).\n- md/raid10: fix that replacement cannot complete recovery after reassemble (bnc#1012382).\n- md: fix NULL dereference of mddev->pers in remove_and_add_spares() (bnc#1012382).\n- media: omap3isp: fix unbalanced dma_iommu_mapping (bnc#1012382).\n- media: rcar_jpu: Add missing clk_disable_unprepare() on error in jpu_open() (bnc#1012382).\n- media: rtl28xxu: be sure that it won't go past the array size (bsc#1050431).\n- media: s5p-jpeg: fix number of components macro (bsc#1050431).\n- media: saa7164: Fix driver name in debug output (bnc#1012382).\n- media: si470x: fix __be16 annotations (bnc#1012382).\n- media: siano: get rid of __le32/__le16 cast warnings (bnc#1012382).\n- media: staging: omap4iss: Include asm/cacheflush.h after generic includes (bnc#1012382).\n- media: videobuf2-core: do not call memop 'finish' when queueing (bnc#1012382).\n- memory: tegra: Apply interrupts mask per SoC (bnc#1012382).\n- memory: tegra: Do not handle spurious interrupts (bnc#1012382).\n- mfd: cros_ec: Fail early if we cannot identify the EC (bnc#1012382).\n- microblaze: Fix simpleImage format generation (bnc#1012382).\n- mm/hugetlb: filter out hugetlb pages if HUGEPAGE migration is not supported (bnc#1106697).\n- mm/memory.c: check return value of ioremap_prot (bnc#1012382).\n- mm/slub.c: add __printf verification to slab_err() (bnc#1012382).\n- mm/tlb: Remove tlb_remove_table() non-concurrent condition (bnc#1012382).\n- mm: Add vm_insert_pfn_prot() (bnc#1012382).\n- mm: fix cache mode tracking in vm_insert_mixed() (bnc#1012382).\n- mm: memcg: fix use after free in mem_cgroup_iter() (bnc#1012382).\n- mm: vmalloc: avoid racy handling of debugobjects in vunmap (bnc#1012382).\n- mm: x86: move _PAGE_SWP_SOFT_DIRTY from bit 7 to bit 1 (bnc#1012382).\n- mtd: rawnand: fsl_ifc: fix FSL NAND driver to read all ONFI parameter pages (bnc#1012382).\n- mtd: ubi: wl: Fix error return code in ubi_wl_init().\n- mwifiex: correct histogram data with appropriate index (bnc#1012382).\n- mwifiex: handle race during mwifiex_usb_disconnect (bnc#1012382).\n- net/9p/client.c: version pointer uninitialized (bnc#1012382).\n- net/9p/trans_fd.c: fix race-condition by flushing workqueue before the kfree() (bnc#1012382).\n- net/ethernet/freescale/fman: fix cross-build error (bnc#1012382).\n- net/ipv4: Set oif in fib_compute_spec_dst (bnc#1012382).\n- net/mlx4_core: Save the qpn from the input modifier in RST2INIT wrapper (bnc#1012382).\n- net/mlx5: Add missing SET_DRIVER_VERSION command translation (bsc#1015342 bsc#1015343).\n- net/mlx5: E-Switch, Include VF RDMA stats in vport statistics (bsc#966170 bsc#966172).\n- net/mlx5: Eswitch, Use 'kvfree()' for memory allocated by 'kvzalloc()' (bsc#1015342 bsc#1015343).\n- net/mlx5: Fix wrong size allocation for QoS ETC TC regitster (bsc#966170 bsc#966172).\n- net/mlx5: Vport, Use 'kvfree()' for memory allocated by 'kvzalloc()' (bsc#966170 bsc#966172).\n- net/mlx5e: Do not allow aRFS for encapsulated packets (bsc#1015342 bsc#1015343).\n- net/mlx5e: Err if asked to offload TC match on frag being first (bsc#1015342 bsc#1015343).\n- net/mlx5e: Fix quota counting in aRFS expire flow (bsc#1015342 bsc#1015343).\n- net/mlx5e: Refine ets validation function (bsc#966170 bsc#966172).\n- net: 6lowpan: fix reserved space for single frames (bnc#1012382).\n- net: Do not copy pfmemalloc flag in __copy_skb_header() (bnc#1012382).\n- net: add skb_condense() helper (bsc#1089066).\n- net: adjust skb->truesize in ___pskb_trim() (bsc#1089066).\n- net: adjust skb->truesize in pskb_expand_head() (bsc#1089066).\n- net: axienet: Fix double deregister of mdio (bnc#1012382).\n- net: caif: Add a missing rcu_read_unlock() in caif_flow_cb (bnc#1012382).\n- net: davinci_emac: match the mdio device against its compatible if possible (bnc#1012382).\n- net: dsa: Do not suspend/resume closed slave_dev (bnc#1012382).\n- net: ena: Fix use of uninitialized DMA address bits field (bsc#1027968).\n- net: fix amd-xgbe flow-control issue (bnc#1012382).\n- net: hamradio: use eth_broadcast_addr (bnc#1012382).\n- net: lan78xx: Fix misplaced tasklet_schedule() call (bnc#1012382).\n- net: lan78xx: fix rx handling before first packet is send (bnc#1012382).\n- net: mac802154: tx: expand tailroom if necessary (bnc#1012382).\n- net: phy: fix flag masking in __set_phy_supported (bnc#1012382).\n- net: prevent ISA drivers from building on PPC32 (bnc#1012382).\n- net: propagate dev_get_valid_name return code (bnc#1012382).\n- net: qca_spi: Avoid packet drop during initial sync (bnc#1012382).\n- net: qca_spi: Fix log level if probe fails (bnc#1012382).\n- net: qca_spi: Make sure the QCA7000 reset is triggered (bnc#1012382).\n- net: socket: fix potential spectre v1 gadget in socketcall (bnc#1012382).\n- net: usb: rtl8150: demote allmulti message to dev_dbg() (bnc#1012382).\n- net: vmxnet3: use new api ethtool_{get|set}_link_ksettings (bsc#1091860 bsc#1098253).\n- net_sched: Fix missing res info when create new tc_index filter (bnc#1012382).\n- net_sched: fix NULL pointer dereference when delete tcindex filter (bnc#1012382).\n- netfilter: conntrack: dccp: treat SYNC/SYNCACK as invalid if no prior state (bnc#1012382).\n- netfilter: ipset: List timing out entries with 'timeout 1' instead of zero (bnc#1012382).\n- netfilter: ipv6: nf_defrag: reduce struct net memory waste (bnc#1012382).\n- netfilter: ipvs: do not create conn for ABORT packet in sctp_conn_schedule (bsc#1102797).\n- netfilter: ipvs: fix the issue that sctp_conn_schedule drops non-INIT packet (bsc#1102797).\n- netfilter: x_tables: set module owner for icmp(6) matches (bnc#1012382).\n- netlink: Do not shift on 64 for ngroups (bnc#1012382).\n- netlink: Do not shift with UB on nlk->ngroups (bnc#1012382).\n- netlink: Do not subscribe to non-existent groups (bnc#1012382).\n- netlink: Fix spectre v1 gadget in netlink_create() (bnc#1012382).\n- netlink: do not enter direct reclaim from netlink_trim() (bsc#1042286).\n- nfsd: fix potential use-after-free in nfsd4_decode_getdeviceinfo (bnc#1012382).\n- nl80211: Add a missing break in parse_station_flags (bnc#1012382).\n- nohz: Fix local_timer_softirq_pending() (bnc#1012382).\n- nvme-fc: release io queues to allow fast fail (bsc#1102486).\n- nvme: if_ready checks to fail io to deleting controller (bsc#1102486).\n- nvme: kABI-compliant version of nvmf_fail_nonready_command() (bsc#1102486).\n- nvmet-fc: fix target sgl list on large transfers (bsc#1102486).\n- osf_getdomainname(): use copy_to_user() (bnc#1012382).\n- ovl: Do d_type check only if work dir creation was successful (bnc#1012382).\n- ovl: Ensure upper filesystem supports d_type (bnc#1012382).\n- ovl: warn instead of error if d_type is not supported (bnc#1012382).\n- packet: refine ring v3 block size test to hold one frame (bnc#1012382).\n- packet: reset network header if packet shorter than ll reserved space (bnc#1012382).\n- parisc: Define mb() and add memory barriers to assembler unlock sequences (bnc#1012382).\n- parisc: Enable CONFIG_MLONGCALLS by default (bnc#1012382).\n- parisc: Remove ordered stores from syscall.S (bnc#1012382).\n- parisc: Remove unnecessary barriers from spinlock.h (bnc#1012382).\n- perf auxtrace: Fix queue resize (bnc#1012382).\n- perf llvm-utils: Remove bashism from kernel include fetch script (bnc#1012382).\n- perf report powerpc: Fix crash if callchain is empty (bnc#1012382).\n- perf test session topology: Fix test on s390 (bnc#1012382).\n- perf/x86/intel/uncore: Correct fixed counter index check for NHM (bnc#1012382).\n- perf/x86/intel/uncore: Correct fixed counter index check in generic code (bnc#1012382).\n- perf: fix invalid bit in diagnostic entry (bnc#1012382).\n- pinctrl: at91-pio4: add missing of_node_put (bnc#1012382).\n- pinctrl: freescale: off by one in imx1_pinconf_group_dbg_show() (bnc#1012382).\n- pnfs/blocklayout: off by one in bl_map_stripe() (bnc#1012382).\n- powerpc/32: Add a missing include header (bnc#1012382).\n- powerpc/64s: Default l1d_size to 64K in RFI fallback flush (bsc#1068032).\n- powerpc/64s: Fix compiler store ordering to SLB shadow area (bnc#1012382).\n- powerpc/8xx: fix invalid register expression in head_8xx.S (bnc#1012382).\n- powerpc/chrp/time: Make some functions static, add missing header include (bnc#1012382).\n- powerpc/embedded6xx/hlwd-pic: Prevent interrupts from being handled by Starlet (bnc#1012382).\n- powerpc/fadump: handle crash memory ranges array index overflow (bsc#1103269).\n- powerpc/fadump: merge adjacent memory ranges to reduce PT_LOAD segements (bsc#1103269).\n- powerpc/lib: Fix the feature fixup tests to actually work (bsc#1066223).\n- powerpc/powermac: Add missing prototype for note_bootable_part() (bnc#1012382).\n- powerpc/powermac: Mark variable x as unused (bnc#1012382).\n- powerpc/pseries: Fix endianness while restoring of r3 in MCE handler (bnc#1012382).\n- powerpc/topology: Get topology for shared processors at boot (bsc#1104683).\n- powerpc64s: Show ori31 availability in spectre_v1 sysfs file not v2 (bsc#1068032, bsc#1080157).\n- powerpc: Avoid code patching freed init sections (bnc#1107735).\n- powerpc: make feature-fixup tests fortify-safe (bsc#1066223).\n- provide special timeout module parameters for EC2 (bsc#1065364).\n- ptp: fix missing break in switch (bnc#1012382).\n- pwm: tiehrpwm: Fix disabling of output of PWMs (bnc#1012382).\n- qed: Add sanity check for SIMD fastpath handler (bnc#1012382).\n- qed: Correct Multicast API to reflect existence of 256 approximate buckets (bsc#1019695 bsc#1019699 bsc#1022604).\n- qed: Do not advertise DCBX_LLD_MANAGED capability (bsc#1019695 bsc#1019699 bsc#1022604).\n- qed: Fix possible memory leak in Rx error path handling (bsc#1019695 bsc#1019699 bsc#1022604 ).\n- qed: Fix possible race for the link state value (bnc#1012382).\n- qed: Fix setting of incorrect eswitch mode (bsc#1019695 bsc#1019699 bsc#1022604).\n- qed: Fix use of incorrect size in memcpy call (bsc#1019695 bsc#1019699 bsc#1022604).\n- qede: Adverstise software timestamp caps when PHC is not available (bsc#1019695 bsc#1019699 bsc#1022604).\n- qlge: Fix netdev features configuration (bsc#1098822).\n- qlogic: check kstrtoul() for errors (bnc#1012382).\n- random: mix rdrand with entropy sent in from userspace (bnc#1012382).\n- readahead: stricter check for bdi io_pages (VM Functionality).\n- regulator: pfuze100: add .is_enable() for pfuze100_swb_regulator_ops (bnc#1012382).\n- reiserfs: fix broken xattr handling (heap corruption, bad retval) (bnc#1012382).\n- ring_buffer: tracing: Inherit the tracing setting to next ring buffer (bnc#1012382).\n- root dentries need RCU-delayed freeing (bnc#1012382).\n- rsi: Fix 'invalid vdd' warning in mmc (bnc#1012382).\n- rtc: ensure rtc_set_alarm fails when alarms are not supported (bnc#1012382).\n- rtnetlink: add rtnl_link_state check in rtnl_configure_link (bnc#1012382).\n- s390/cpum_sf: Add data entry sizes to sampling trailer entry (bnc#1012382).\n- s390/kvm: fix deadlock when killed by oom (bnc#1012382).\n- s390/lib: use expoline for all bcr instructions (bnc#1106934, LTC#171029).\n- s390/pci: fix out of bounds access during irq setup (bnc#1012382).\n- s390/qdio: reset old sbal_state flags (bnc#1012382).\n- s390/qeth: do not clobber buffer on async TX completion (bnc#1104485, LTC#170349).\n- s390/qeth: fix race when setting MAC address (bnc#1104485, LTC#170726).\n- s390: add explicit <linux/stringify.h> for jump label (bsc#1105271).\n- s390: detect etoken facility (bnc#1106934, LTC#171029).\n- s390: fix br_r1_trampoline for machines without exrl (bnc#1012382 bnc#1106934 LTC#171029).\n- sched/fair: Avoid divide by zero when rebalancing domains (bsc#1096254).\n- scsi: 3w-9xxx: fix a missing-check bug (bnc#1012382).\n- scsi: 3w-xxxx: fix a missing-check bug (bnc#1012382).\n- scsi: core: Avoid that SCSI device removal through sysfs triggers a deadlock (bnc#1012382).\n- scsi: fcoe: drop frames in ELS LOGO error path (bnc#1012382).\n- scsi: hpsa: limit transfer length to 1MB, not 512kB (bsc#1102346).\n- scsi: libiscsi: fix possible NULL pointer dereference in case of TMF (bnc#1012382).\n- scsi: megaraid: silence a static checker bug (bnc#1012382).\n- scsi: megaraid_sas: Increase timeout by 1 sec for non-RAID fastpath IOs (bnc#1012382).\n- scsi: qla2xxx: Fix ISP recovery on unload (bnc#1012382).\n- scsi: qla2xxx: Return error when TMF returns (bnc#1012382).\n- scsi: scsi_dh: replace too broad 'TP9' string with the exact models (bnc#1012382).\n- scsi: sr: Avoid that opening a CD-ROM hangs with runtime power management enabled (bnc#1012382).\n- scsi: sysfs: Introduce sysfs_{un,}break_active_protection() (bnc#1012382).\n- scsi: ufs: fix exception event handling (bnc#1012382).\n- scsi: vmw_pvscsi: Return DID_RESET for status SAM_STAT_COMMAND_TERMINATED (bnc#1012382).\n- scsi: xen-scsifront: add error handling for xenbus_printf (bnc#1012382).\n- scsi_debug: call resp_XXX function after setting host_scribble (bsc#1069138).\n- scsi_debug: reset injection flags for every_nth > 0 (bsc#1069138).\n- selftest/seccomp: Fix the flag name SECCOMP_FILTER_FLAG_TSYNC (bnc#1012382).\n- selftest/seccomp: Fix the seccomp(2) signature (bnc#1012382).\n- selftests/ftrace: Add snapshot and tracing_on test case (bnc#1012382).\n- selftests/x86/sigreturn/64: Fix spurious failures on AMD CPUs (bnc#1012382).\n- selftests: pstore: return Kselftest Skip code for skipped tests (bnc#1012382).\n- selftests: static_keys: return Kselftest Skip code for skipped tests (bnc#1012382).\n- selftests: sync: add config fragment for testing sync framework (bnc#1012382).\n- selftests: user: return Kselftest Skip code for skipped tests (bnc#1012382).\n- selftests: zram: return Kselftest Skip code for skipped tests (bnc#1012382).\n- serial: 8250_dw: always set baud rate in dw8250_set_termios (bnc#1012382).\n- sfc: stop the TX queue before pushing new buffers (bsc#1017967 ).\n- skbuff: Unconditionally copy pfmemalloc in __skb_clone() (bnc#1012382).\n- slab: __GFP_ZERO is incompatible with a constructor (bnc#1107060).\n- smb3: Do not send SMB3 SET_INFO if nothing changed (bnc#1012382).\n- smb3: do not request leases in symlink creation and query (bnc#1012382).\n- spi: davinci: fix a NULL pointer dereference (bnc#1012382).\n- squashfs: be more careful about metadata corruption (bnc#1012382).\n- squashfs: more metadata hardening (bnc#1012382).\n- squashfs: more metadata hardenings (bnc#1012382).\n- staging: android: ion: check for kref overflow (bnc#1012382).\n- string: drop __must_check from strscpy() and restore strscpy() usages in cgroup (bsc#1107319).\n- sys: do not hold uts_sem while accessing userspace memory (bnc#1106995).\n- target_core_rbd: use RCU in free_device (bsc#1105524).\n- tcp: Fix missing range_truesize enlargement in the backport (bnc#1012382).\n- tcp: add max_quickacks param to tcp_incr_quickack and tcp_enter_quickack_mode (bnc#1012382).\n- tcp: add one more quick ack after after ECN events (bnc#1012382).\n- tcp: do not aggressively quick ack after ECN events (bnc#1012382).\n- tcp: do not cancel delay-AcK on DCTCP special ACK (bnc#1012382).\n- tcp: do not delay ACK in DCTCP upon CE status change (bnc#1012382).\n- tcp: do not force quickack when receiving out-of-order packets (bnc#1012382).\n- tcp: fix dctcp delayed ACK schedule (bnc#1012382).\n- tcp: helpers to send special DCTCP ack (bnc#1012382).\n- tcp: identify cryptic messages as TCP seq # bugs (bnc#1012382).\n- tcp: refactor tcp_ecn_check_ce to remove sk type cast (bnc#1012382).\n- tcp: remove DELAYED ACK events in DCTCP (bnc#1012382).\n- tg3: Add higher cpu clock for 5762 (bnc#1012382).\n- thermal: exynos: fix setting rising_threshold for Exynos5433 (bnc#1012382).\n- timekeeping: Eliminate the stale declaration of ktime_get_raw_and_real_ts64() (bsc#969470).\n- tools/power turbostat: Read extended processor family from CPUID (bnc#1012382).\n- tools/power turbostat: fix -S on UP systems (bnc#1012382).\n- tools: usb: ffs-test: Fix build on big endian systems (bnc#1012382).\n- tpm: fix race condition in tpm_common_write() (bnc#1012382).\n- tracing/blktrace: Fix to allow setting same value (bnc#1012382).\n- tracing/kprobes: Fix trace_probe flags on enable_trace_kprobe() failure (bnc#1012382).\n- tracing: Do not call start/stop() functions when tracing_on does not change (bnc#1012382).\n- tracing: Fix double free of event_trigger_data (bnc#1012382).\n- tracing: Fix possible double free in event_enable_trigger_func() (bnc#1012382).\n- tracing: Quiet gcc warning about maybe unused link variable (bnc#1012382).\n- tracing: Use __printf markup to silence compiler (bnc#1012382).\n- tty: Fix data race in tty_insert_flip_string_fixed_flag (bnc#1012382).\n- turn off -Wattribute-alias (bnc#1012382).\n- ubi: Be more paranoid while seaching for the most recent Fastmap (bnc#1012382).\n- ubi: Fix Fastmap's update_vol() (bnc#1012382).\n- ubi: Fix races around ubi_refill_pools() (bnc#1012382).\n- ubi: Introduce vol_ignored() (bnc#1012382).\n- ubi: Rework Fastmap attach base code (bnc#1012382).\n- ubi: fastmap: Erase outdated anchor PEBs during attach (bnc#1012382).\n- ubifs: Check data node size before truncate (bsc#1106276).\n- ubifs: Fix memory leak in lprobs self-check (bsc#1106278).\n- ubifs: Fix synced_i_size calculation for xattr inodes (bsc#1106275).\n- ubifs: xattr: Do not operate on deleted inodes (bsc#1106271).\n- udl-kms: change down_interruptible to down (bnc#1012382).\n- udl-kms: fix crash due to uninitialized memory (bnc#1012382).\n- udl-kms: handle allocation failure (bnc#1012382).\n- udlfb: set optimal write delay (bnc#1012382).\n- uprobes: Use synchronize_rcu() not synchronize_sched() (bnc#1012382).\n- usb/phy: fix PPC64 build errors in phy-fsl-usb.c (bnc#1012382).\n- usb: audio-v2: Correct the comment for struct uac_clock_selector_descriptor (bsc#1099810).\n- usb: cdc_acm: Add quirk for Castles VEGA3000 (bnc#1012382).\n- usb: dwc2: debugfs: Do not touch RX FIFO during register dump (bsc#1100132).\n- usb: dwc2: fix isoc split in transfer with no data (bnc#1012382).\n- usb: gadget: composite: fix delayed_status race condition when set_interface (bnc#1012382).\n- usb: gadget: dwc2: fix memory leak in gadget_init() (bnc#1012382).\n- usb: gadget: f_fs: Only return delayed status when len is 0 (bnc#1012382).\n- usb: gadget: f_uac2: fix endianness of 'struct cntrl_*_lay3' (bnc#1012382).\n- usb: gadget: r8a66597: Fix a possible sleep-in-atomic-context bugs in r8a66597_queue() (bnc#1012382).\n- usb: gadget: r8a66597: Fix two possible sleep-in-atomic-context bugs in init_controller() (bnc#1012382).\n- usb: hub: Do not wait for connect state at resume for powered-off ports (bnc#1012382).\n- usb: renesas_usbhs: gadget: fix spin_lock_init() for &uep->lock (bsc#1085536).\n- usb: xhci: increase CRS timeout value (bnc#1012382).\n- usbip: usbip_detach: Fix memory, udev context and udev leak (bnc#1012382).\n- userns: move user access out of the mutex (bnc#1012382).\n- vfs: add the sb_start_intwrite_trylock() helper (bsc#1101841).\n- virtio_balloon: fix another race between migration and ballooning (bnc#1012382).\n- virtio_console: fix uninitialized variable use.\n- vmw_balloon: VMCI_DOORBELL_SET does not check status (bnc#1012382).\n- vmw_balloon: do not use 2MB without batching (bnc#1012382).\n- vmw_balloon: fix VMCI use when balloon built into kernel (bnc#1012382).\n- vmw_balloon: fix inflation of 64-bit GFNs (bnc#1012382).\n- vmxnet3: Replace msleep(1) with usleep_range() (bsc#1091860 bsc#1098253).\n- vmxnet3: add receive data ring support (bsc#1091860 bsc#1098253).\n- vmxnet3: add support for get_coalesce, set_coalesce ethtool operations (bsc#1091860 bsc#1098253).\n- vmxnet3: allow variable length transmit data ring buffer (bsc#1091860 bsc#1098253).\n- vmxnet3: avoid assumption about invalid dma_pa in vmxnet3_set_mc() (bsc#1091860 bsc#1098253).\n- vmxnet3: avoid format strint overflow warning (bsc#1091860 bsc#1098253).\n- vmxnet3: avoid xmit reset due to a race in vmxnet3 (bsc#1091860 bsc#1098253).\n- vmxnet3: fix incorrect dereference when rxvlan is disabled (bsc#1091860 bsc#1098253).\n- vmxnet3: fix non static symbol warning (bsc#1091860 bsc#1098253).\n- vmxnet3: fix tx data ring copy for variable size (bsc#1091860 bsc#1098253).\n- vmxnet3: increase default rx ring sizes (bsc#1091860 bsc#1098253).\n- vmxnet3: introduce command to register memory region (bsc#1091860 bsc#1098253).\n- vmxnet3: introduce generalized command interface to configure the device (bsc#1091860 bsc#1098253).\n- vmxnet3: prepare for version 3 changes (bsc#1091860 bsc#1098253).\n- vmxnet3: remove redundant initialization of pointer 'rq' (bsc#1091860 bsc#1098253).\n- vmxnet3: remove unused flag 'rxcsum' from struct vmxnet3_adapter (bsc#1091860 bsc#1098253).\n- vmxnet3: set the DMA mask before the first DMA map operation (bsc#1091860 bsc#1098253).\n- vmxnet3: update to version 3 (bsc#1091860 bsc#1098253).\n- vmxnet3: use DMA memory barriers where required (bsc#1091860 bsc#1098253).\n- vmxnet3: use correct flag to indicate LRO feature (bsc#1091860 bsc#1098253).\n- vsock: split dwork to avoid reinitializations (bnc#1012382).\n- vti6: Fix dev->max_mtu setting (bsc#1033962).\n- vti6: fix PMTU caching and reporting on xmit (bnc#1012382).\n- wlcore: sdio: check for valid platform device data before suspend (bnc#1012382).\n- x86/MCE: Remove min interval polling limitation (bnc#1012382).\n- x86/amd: do not set X86_BUG_SYSRET_SS_ATTRS when running under Xen (bnc#1012382).\n- x86/asm/entry/32: Simplify pushes of zeroed pt_regs->REGs (bnc#1012382).\n- x86/bugs: Move the l1tf function and define pr_fmt properly (bnc#1012382).\n- x86/bugs: Respect nospec command line option (bsc#1068032).\n- x86/cpu/AMD: Fix erratum 1076 (CPB bit) (bnc#1012382).\n- x86/cpu: Make alternative_msr_write work for 32-bit code (bnc#1012382).\n- x86/cpu: Re-apply forced caps every time CPU caps are re-read (bnc#1012382).\n- x86/cpufeature: preserve numbers (kabi).\n- x86/cpufeatures: Add CPUID_7_EDX CPUID leaf (bnc#1012382).\n- x86/cpufeatures: Clean up Spectre v2 related CPUID flags (bnc#1012382).\n- x86/entry/64/compat: Clear registers for compat syscalls, to reduce speculation attack surface (bnc#1012382).\n- x86/entry/64: Remove %ebx handling from error_entry/exit (bnc#1102715).\n- x86/init: fix build with CONFIG_SWAP=n (bnc#1012382).\n- x86/irqflags: Mark native_restore_fl extern inline (bnc#1012382).\n- x86/irqflags: Provide a declaration for native_save_fl.\n- x86/mm/kmmio: Make the tracer robust against L1TF (bnc#1012382).\n- x86/mm/pat: Fix L1TF stable backport for CPA (bnc#1012382).\n- x86/mm/pat: Fix L1TF stable backport for CPA, 2nd call (bnc#1012382).\n- x86/mm/pat: Make set_memory_np() L1TF safe (bnc#1012382).\n- x86/mm: Add TLB purge to free pmd/pte page interfaces (bnc#1012382).\n- x86/mm: Disable ioremap free page handling on x86-PAE (bnc#1012382).\n- x86/mm: Give each mm TLB flush generation a unique ID (bnc#1012382).\n- x86/paravirt: Fix spectre-v2 mitigations for paravirt guests (bnc#1012382).\n- x86/paravirt: Make native_save_fl() extern inline (bnc#1012382).\n- x86/process: Correct and optimize TIF_BLOCKSTEP switch (bnc#1012382).\n- x86/process: Optimize TIF checks in __switch_to_xtra() (bnc#1012382).\n- x86/process: Optimize TIF_NOTSC switch (bnc#1012382).\n- x86/process: Re-export start_thread() (bnc#1012382).\n- x86/spectre: Add missing family 6 check to microcode check (bnc#1012382).\n- x86/spectre_v2: Do not check microcode versions when running under hypervisors (bnc#1012382).\n- x86/speculation/l1tf: Exempt zeroed PTEs from inversion (bnc#1012382).\n- x86/speculation/l1tf: Extend 64bit swap file size limit (bnc#1012382).\n- x86/speculation/l1tf: Fix off-by-one error when warning that system has too much RAM (bnc#1105536).\n- x86/speculation/l1tf: Fix overflow in l1tf_pfn_limit() on 32bit (bnc#1012382).\n- x86/speculation/l1tf: Fix up CPU feature flags (bnc#1012382).\n- x86/speculation/l1tf: Fix up pte->pfn conversion for PAE (bnc#1012382).\n- x86/speculation/l1tf: Increase l1tf memory limit for Nehalem+ (bnc#1105536).\n- x86/speculation/l1tf: Invert all not present mappings (bnc#1012382).\n- x86/speculation/l1tf: Make pmd/pud_mknotpresent() invert (bnc#1012382).\n- x86/speculation/l1tf: Protect PAE swap entries against L1TF (bnc#1012382).\n- x86/speculation/l1tf: Suggest what to do on systems with too much RAM (bnc#1105536).\n- x86/speculation/l1tf: Unbreak !__HAVE_ARCH_PFN_MODIFY_ALLOWED architectures (bnc#1012382).\n- x86/speculation: Add <asm/msr-index.h> dependency (bnc#1012382).\n- x86/speculation: Add basic IBPB (Indirect Branch Prediction Barrier) support (bnc#1012382).\n- x86/speculation: Clean up various Spectre related details (bnc#1012382).\n- x86/speculation: Correct Speculation Control microcode blacklist again (bnc#1012382).\n- x86/speculation: Move firmware_restrict_branch_speculation_*() from C to CPP (bnc#1012382).\n- x86/speculation: Update Speculation Control microcode blacklist (bnc#1012382).\n- x86/speculation: Use ARCH_CAPABILITIES to skip L1D flush on vmentry (bsc#1106369).\n- x86/speculation: Use IBRS if available before calling into firmware (bnc#1012382).\n- x86/speculation: Use Indirect Branch Prediction Barrier in context switch (bnc#1012382).\n- x86/xen: Add call of speculative_store_bypass_ht_init() to PV paths (bnc#1012382).\n- xen-netfront: wait xenbus state change when load module manually (bnc#1012382).\n- xen/blkback: do not keep persistent grants too long (bsc#1085042).\n- xen/blkback: move persistent grants flags to bool (bsc#1085042).\n- xen/blkfront: cleanup stale persistent grants (bsc#1085042).\n- xen/blkfront: reorder tests in xlblk_init() (bsc#1085042).\n- xen/netfront: do not cache skb_shinfo() (bnc#1012382).\n- xen: avoid crash in disable_hotplug_cpu (bsc#1106594).\n- xen: set cpu capabilities from xen_start_kernel() (bnc#1012382).\n- xfrm: fix missing dst_release() after policy blocking lbcast and multicast (bnc#1012382).\n- xfrm: free skb if nlsk pointer is NULL (bnc#1012382).\n- xfrm_user: prevent leaking 2 bytes of kernel memory (bnc#1012382).\n- xfs: Remove dead code from inode recover function (bsc#1105396).\n- xfs: repair malformed inode items during log recovery (bsc#1105396).\n- xhci: Fix perceived dead host due to runtime suspend race with event handler (bnc#1012382).\n- zswap: re-check zswap_is_full() after do zswap_shrink() (bnc#1012382).\n", title: "Description of the patch", }, { category: "details", text: "SUSE-SLE-SDK-12-SP3-2018-2004,SUSE-SLE-SERVER-12-SP3-2018-2004", title: "Patchnames", }, { category: "legal_disclaimer", text: "CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).", title: "Terms of use", }, ], publisher: { category: "vendor", contact_details: "https://www.suse.com/support/security/contact/", name: "SUSE Product Security Team", namespace: "https://www.suse.com/", }, references: [ { category: "external", summary: "SUSE ratings", url: "https://www.suse.com/support/security/rating/", }, { category: "self", summary: "URL of this CSAF notice", url: "https://ftp.suse.com/pub/projects/security/csaf/suse-su-2018_2858-1.json", }, { category: "self", summary: "URL for SUSE-SU-2018:2858-1", url: "https://www.suse.com/support/update/announcement/2018/suse-su-20182858-1/", }, { category: "self", summary: "E-Mail link for SUSE-SU-2018:2858-1", url: "https://lists.suse.com/pipermail/sle-security-updates/2018-September/004597.html", }, { category: "self", summary: "SUSE Bug 1012382", url: "https://bugzilla.suse.com/1012382", }, { category: "self", summary: "SUSE Bug 1015342", url: "https://bugzilla.suse.com/1015342", }, { category: "self", summary: "SUSE Bug 1015343", url: "https://bugzilla.suse.com/1015343", }, { category: "self", summary: "SUSE Bug 1017967", url: "https://bugzilla.suse.com/1017967", }, { category: "self", summary: "SUSE Bug 1019695", url: "https://bugzilla.suse.com/1019695", }, { category: "self", summary: "SUSE Bug 1019699", url: "https://bugzilla.suse.com/1019699", }, { category: "self", summary: "SUSE Bug 1020412", url: "https://bugzilla.suse.com/1020412", }, { category: "self", summary: "SUSE Bug 1021121", url: "https://bugzilla.suse.com/1021121", }, { category: "self", summary: "SUSE Bug 1022604", url: "https://bugzilla.suse.com/1022604", }, { category: "self", summary: "SUSE Bug 1024361", url: "https://bugzilla.suse.com/1024361", }, { category: "self", summary: "SUSE Bug 1024365", url: "https://bugzilla.suse.com/1024365", }, { category: "self", summary: "SUSE Bug 1024376", url: "https://bugzilla.suse.com/1024376", }, { category: "self", summary: "SUSE Bug 1027968", url: "https://bugzilla.suse.com/1027968", }, { category: "self", summary: "SUSE Bug 1030552", url: "https://bugzilla.suse.com/1030552", }, { category: "self", summary: "SUSE Bug 1033962", url: "https://bugzilla.suse.com/1033962", }, { category: "self", summary: "SUSE Bug 1042286", url: "https://bugzilla.suse.com/1042286", }, { category: "self", summary: "SUSE Bug 1048317", url: "https://bugzilla.suse.com/1048317", }, { category: "self", summary: "SUSE Bug 1050431", url: "https://bugzilla.suse.com/1050431", }, { category: "self", summary: "SUSE Bug 1053685", url: "https://bugzilla.suse.com/1053685", }, { category: "self", summary: "SUSE Bug 1055014", url: "https://bugzilla.suse.com/1055014", }, { category: "self", summary: "SUSE Bug 1056596", url: "https://bugzilla.suse.com/1056596", }, { category: "self", summary: "SUSE Bug 1062604", url: "https://bugzilla.suse.com/1062604", }, { category: "self", summary: "SUSE Bug 1063646", url: "https://bugzilla.suse.com/1063646", }, { category: "self", summary: "SUSE Bug 1064232", url: "https://bugzilla.suse.com/1064232", }, { category: "self", summary: "SUSE Bug 1065364", url: "https://bugzilla.suse.com/1065364", }, { category: "self", summary: "SUSE Bug 1066223", url: "https://bugzilla.suse.com/1066223", }, { category: "self", summary: "SUSE Bug 1068032", url: "https://bugzilla.suse.com/1068032", }, { category: "self", summary: "SUSE Bug 1068075", url: "https://bugzilla.suse.com/1068075", }, { category: "self", summary: "SUSE Bug 1069138", url: "https://bugzilla.suse.com/1069138", }, { category: "self", summary: "SUSE Bug 1078921", url: "https://bugzilla.suse.com/1078921", }, { category: "self", summary: "SUSE Bug 1080157", url: "https://bugzilla.suse.com/1080157", }, { category: "self", summary: "SUSE Bug 1083663", url: "https://bugzilla.suse.com/1083663", }, { category: "self", summary: "SUSE Bug 1085042", url: "https://bugzilla.suse.com/1085042", }, { category: "self", summary: "SUSE Bug 1085536", url: "https://bugzilla.suse.com/1085536", }, { category: "self", summary: "SUSE Bug 1085539", url: "https://bugzilla.suse.com/1085539", }, { category: "self", summary: "SUSE Bug 1086457", url: "https://bugzilla.suse.com/1086457", }, { category: "self", summary: "SUSE Bug 1087092", url: "https://bugzilla.suse.com/1087092", }, { category: "self", summary: "SUSE Bug 1089066", url: "https://bugzilla.suse.com/1089066", }, { category: "self", summary: "SUSE Bug 1090888", url: "https://bugzilla.suse.com/1090888", }, { category: "self", summary: "SUSE Bug 1091171", url: "https://bugzilla.suse.com/1091171", }, { category: "self", summary: "SUSE Bug 1091860", url: "https://bugzilla.suse.com/1091860", }, { category: "self", summary: "SUSE Bug 1092903", url: "https://bugzilla.suse.com/1092903", }, { category: "self", summary: "SUSE Bug 1096254", url: "https://bugzilla.suse.com/1096254", }, { category: "self", summary: "SUSE Bug 1096748", url: "https://bugzilla.suse.com/1096748", }, { category: "self", summary: "SUSE Bug 1097105", url: "https://bugzilla.suse.com/1097105", }, { category: "self", summary: "SUSE Bug 1098253", url: "https://bugzilla.suse.com/1098253", }, { category: "self", summary: "SUSE Bug 1098822", url: "https://bugzilla.suse.com/1098822", }, { category: "self", summary: "SUSE Bug 1099597", url: "https://bugzilla.suse.com/1099597", }, { category: "self", summary: "SUSE Bug 1099810", url: "https://bugzilla.suse.com/1099810", }, { category: "self", summary: "SUSE Bug 1099811", url: "https://bugzilla.suse.com/1099811", }, { category: "self", summary: "SUSE Bug 1099813", url: "https://bugzilla.suse.com/1099813", }, { category: "self", summary: "SUSE Bug 1099832", url: "https://bugzilla.suse.com/1099832", }, { category: "self", summary: "SUSE Bug 1099844", url: "https://bugzilla.suse.com/1099844", }, { category: "self", summary: "SUSE Bug 1099845", url: "https://bugzilla.suse.com/1099845", }, { category: "self", summary: "SUSE Bug 1099846", url: "https://bugzilla.suse.com/1099846", }, { category: "self", summary: "SUSE Bug 1099849", url: "https://bugzilla.suse.com/1099849", }, { category: "self", summary: "SUSE Bug 1099863", url: "https://bugzilla.suse.com/1099863", }, { category: "self", summary: "SUSE Bug 1099864", url: "https://bugzilla.suse.com/1099864", }, { category: "self", summary: "SUSE Bug 1099922", url: "https://bugzilla.suse.com/1099922", }, { category: "self", summary: "SUSE Bug 1099999", url: "https://bugzilla.suse.com/1099999", }, { category: "self", summary: "SUSE Bug 1100000", url: "https://bugzilla.suse.com/1100000", }, { category: "self", summary: "SUSE Bug 1100001", url: "https://bugzilla.suse.com/1100001", }, { category: "self", summary: "SUSE Bug 1100132", url: "https://bugzilla.suse.com/1100132", }, { category: "self", summary: "SUSE Bug 1101822", url: "https://bugzilla.suse.com/1101822", }, { category: "self", summary: "SUSE Bug 1101841", url: "https://bugzilla.suse.com/1101841", }, { category: "self", summary: "SUSE Bug 1102346", url: "https://bugzilla.suse.com/1102346", }, { category: "self", summary: "SUSE Bug 1102486", url: "https://bugzilla.suse.com/1102486", }, { category: "self", summary: "SUSE Bug 1102517", url: "https://bugzilla.suse.com/1102517", }, { category: "self", summary: "SUSE Bug 1102715", url: "https://bugzilla.suse.com/1102715", }, { category: "self", summary: "SUSE Bug 1102797", url: "https://bugzilla.suse.com/1102797", }, { category: "self", summary: "SUSE Bug 1103269", url: "https://bugzilla.suse.com/1103269", }, { category: "self", summary: "SUSE Bug 1103445", url: "https://bugzilla.suse.com/1103445", }, { category: "self", summary: "SUSE Bug 1104319", url: "https://bugzilla.suse.com/1104319", }, { category: "self", summary: "SUSE Bug 1104485", url: "https://bugzilla.suse.com/1104485", }, { category: "self", summary: "SUSE Bug 1104494", url: "https://bugzilla.suse.com/1104494", }, { category: "self", summary: "SUSE Bug 1104495", url: "https://bugzilla.suse.com/1104495", }, { category: "self", summary: "SUSE Bug 1104683", url: "https://bugzilla.suse.com/1104683", }, { category: "self", summary: "SUSE Bug 1104897", url: "https://bugzilla.suse.com/1104897", }, { category: "self", summary: "SUSE Bug 1105271", url: "https://bugzilla.suse.com/1105271", }, { category: "self", summary: "SUSE Bug 1105292", url: "https://bugzilla.suse.com/1105292", }, { category: "self", summary: "SUSE Bug 1105322", url: "https://bugzilla.suse.com/1105322", }, { category: "self", summary: "SUSE Bug 1105392", url: "https://bugzilla.suse.com/1105392", }, { category: "self", summary: "SUSE Bug 1105396", url: "https://bugzilla.suse.com/1105396", }, { category: "self", summary: "SUSE Bug 1105524", url: "https://bugzilla.suse.com/1105524", }, { category: "self", summary: "SUSE Bug 1105536", url: "https://bugzilla.suse.com/1105536", }, { category: "self", summary: "SUSE Bug 1105769", url: "https://bugzilla.suse.com/1105769", }, { category: "self", summary: "SUSE Bug 1106016", url: "https://bugzilla.suse.com/1106016", }, { category: "self", summary: "SUSE Bug 1106105", url: "https://bugzilla.suse.com/1106105", }, { category: "self", summary: "SUSE Bug 1106185", url: "https://bugzilla.suse.com/1106185", }, { category: "self", summary: "SUSE Bug 1106229", url: "https://bugzilla.suse.com/1106229", }, { category: "self", summary: "SUSE Bug 1106271", url: "https://bugzilla.suse.com/1106271", }, { category: "self", summary: "SUSE Bug 1106275", url: "https://bugzilla.suse.com/1106275", }, { category: "self", summary: "SUSE Bug 1106276", url: "https://bugzilla.suse.com/1106276", }, { category: "self", summary: "SUSE Bug 1106278", url: "https://bugzilla.suse.com/1106278", }, { category: "self", summary: "SUSE Bug 1106281", url: "https://bugzilla.suse.com/1106281", }, { category: "self", summary: "SUSE Bug 1106283", url: "https://bugzilla.suse.com/1106283", }, { category: "self", summary: "SUSE Bug 1106369", url: "https://bugzilla.suse.com/1106369", }, { category: "self", summary: "SUSE Bug 1106509", url: "https://bugzilla.suse.com/1106509", }, { category: "self", summary: "SUSE Bug 1106511", url: "https://bugzilla.suse.com/1106511", }, { category: "self", summary: "SUSE Bug 1106594", url: "https://bugzilla.suse.com/1106594", }, { category: "self", summary: "SUSE Bug 1106697", url: "https://bugzilla.suse.com/1106697", }, { category: "self", summary: "SUSE Bug 1106929", url: "https://bugzilla.suse.com/1106929", }, { category: "self", summary: "SUSE Bug 1106934", url: "https://bugzilla.suse.com/1106934", }, { category: "self", summary: "SUSE Bug 1106995", url: "https://bugzilla.suse.com/1106995", }, { category: "self", summary: "SUSE Bug 1107060", url: "https://bugzilla.suse.com/1107060", }, { category: "self", summary: "SUSE Bug 1107078", url: "https://bugzilla.suse.com/1107078", }, { category: "self", summary: "SUSE Bug 1107319", url: "https://bugzilla.suse.com/1107319", }, { category: "self", summary: "SUSE Bug 1107320", url: "https://bugzilla.suse.com/1107320", }, { category: "self", summary: "SUSE Bug 1107689", url: "https://bugzilla.suse.com/1107689", }, { category: "self", summary: "SUSE Bug 1107735", url: "https://bugzilla.suse.com/1107735", }, { category: "self", summary: "SUSE Bug 1107966", url: "https://bugzilla.suse.com/1107966", }, { category: "self", summary: "SUSE Bug 963575", url: "https://bugzilla.suse.com/963575", }, { category: "self", summary: "SUSE Bug 966170", url: "https://bugzilla.suse.com/966170", }, { category: "self", summary: "SUSE Bug 966172", url: "https://bugzilla.suse.com/966172", }, { category: "self", summary: "SUSE Bug 969470", url: "https://bugzilla.suse.com/969470", }, { category: "self", summary: "SUSE Bug 969476", url: "https://bugzilla.suse.com/969476", }, { category: "self", summary: "SUSE Bug 969477", url: "https://bugzilla.suse.com/969477", }, { category: "self", summary: "SUSE Bug 970506", url: "https://bugzilla.suse.com/970506", }, { category: "self", summary: "SUSE CVE CVE-2018-10876 page", url: "https://www.suse.com/security/cve/CVE-2018-10876/", }, { category: "self", summary: "SUSE CVE CVE-2018-10877 page", url: "https://www.suse.com/security/cve/CVE-2018-10877/", }, { category: "self", summary: "SUSE CVE CVE-2018-10878 page", url: "https://www.suse.com/security/cve/CVE-2018-10878/", }, { category: "self", summary: "SUSE CVE CVE-2018-10879 page", url: "https://www.suse.com/security/cve/CVE-2018-10879/", }, { category: "self", summary: "SUSE CVE CVE-2018-10880 page", url: "https://www.suse.com/security/cve/CVE-2018-10880/", }, { category: "self", summary: "SUSE CVE CVE-2018-10881 page", url: "https://www.suse.com/security/cve/CVE-2018-10881/", }, { category: "self", summary: "SUSE CVE CVE-2018-10882 page", url: "https://www.suse.com/security/cve/CVE-2018-10882/", }, { category: "self", summary: "SUSE CVE CVE-2018-10883 page", url: "https://www.suse.com/security/cve/CVE-2018-10883/", }, { category: "self", summary: "SUSE CVE CVE-2018-10902 page", url: "https://www.suse.com/security/cve/CVE-2018-10902/", }, { category: "self", summary: "SUSE CVE CVE-2018-10938 page", url: "https://www.suse.com/security/cve/CVE-2018-10938/", }, { category: "self", summary: "SUSE CVE CVE-2018-10940 page", url: "https://www.suse.com/security/cve/CVE-2018-10940/", }, { category: "self", summary: "SUSE CVE CVE-2018-1128 page", url: "https://www.suse.com/security/cve/CVE-2018-1128/", }, { category: "self", summary: "SUSE CVE CVE-2018-1129 page", url: "https://www.suse.com/security/cve/CVE-2018-1129/", }, { category: "self", summary: "SUSE CVE CVE-2018-12896 page", url: "https://www.suse.com/security/cve/CVE-2018-12896/", }, { category: "self", summary: "SUSE CVE CVE-2018-13093 page", url: "https://www.suse.com/security/cve/CVE-2018-13093/", }, { category: "self", summary: "SUSE CVE CVE-2018-13094 page", url: "https://www.suse.com/security/cve/CVE-2018-13094/", }, { category: "self", summary: "SUSE CVE CVE-2018-13095 page", url: "https://www.suse.com/security/cve/CVE-2018-13095/", }, { category: "self", summary: "SUSE CVE CVE-2018-15572 page", url: "https://www.suse.com/security/cve/CVE-2018-15572/", }, { category: "self", summary: "SUSE CVE CVE-2018-16658 page", url: "https://www.suse.com/security/cve/CVE-2018-16658/", }, { category: "self", summary: "SUSE CVE CVE-2018-6554 page", url: "https://www.suse.com/security/cve/CVE-2018-6554/", }, { category: "self", summary: "SUSE CVE CVE-2018-6555 page", url: "https://www.suse.com/security/cve/CVE-2018-6555/", }, { category: "self", summary: "SUSE CVE CVE-2018-9363 page", url: "https://www.suse.com/security/cve/CVE-2018-9363/", }, ], title: "Security update for the Linux Kernel", tracking: { current_release_date: "2018-09-25T13:02:46Z", generator: { date: "2018-09-25T13:02:46Z", engine: { name: "cve-database.git:bin/generate-csaf.pl", version: "1", }, }, id: "SUSE-SU-2018:2858-1", initial_release_date: "2018-09-25T13:02:46Z", revision_history: [ { date: "2018-09-25T13:02:46Z", number: "1", summary: "Current version", }, ], status: "final", version: "1", }, }, product_tree: { branches: [ { branches: [ { branches: [ { category: "product_version", name: "kernel-docs-azure-4.4.155-4.16.1.noarch", product: { name: "kernel-docs-azure-4.4.155-4.16.1.noarch", product_id: "kernel-docs-azure-4.4.155-4.16.1.noarch", }, }, { category: "product_version", name: "kernel-devel-azure-4.4.155-4.16.1.noarch", product: { name: "kernel-devel-azure-4.4.155-4.16.1.noarch", product_id: "kernel-devel-azure-4.4.155-4.16.1.noarch", }, }, { category: "product_version", name: "kernel-source-azure-4.4.155-4.16.1.noarch", product: { name: "kernel-source-azure-4.4.155-4.16.1.noarch", product_id: "kernel-source-azure-4.4.155-4.16.1.noarch", }, }, ], category: "architecture", name: "noarch", }, { branches: [ { category: "product_version", name: "kernel-azure-4.4.155-4.16.1.x86_64", product: { name: "kernel-azure-4.4.155-4.16.1.x86_64", product_id: "kernel-azure-4.4.155-4.16.1.x86_64", }, }, { category: "product_version", name: "kernel-azure-base-4.4.155-4.16.1.x86_64", product: { name: "kernel-azure-base-4.4.155-4.16.1.x86_64", product_id: "kernel-azure-base-4.4.155-4.16.1.x86_64", }, }, { category: "product_version", name: "kernel-azure-devel-4.4.155-4.16.1.x86_64", product: { name: "kernel-azure-devel-4.4.155-4.16.1.x86_64", product_id: "kernel-azure-devel-4.4.155-4.16.1.x86_64", }, }, { category: "product_version", name: "kernel-syms-azure-4.4.155-4.16.1.x86_64", product: { name: "kernel-syms-azure-4.4.155-4.16.1.x86_64", product_id: "kernel-syms-azure-4.4.155-4.16.1.x86_64", }, }, ], category: "architecture", name: "x86_64", }, { branches: [ { category: "product_name", name: "SUSE Linux Enterprise Software Development Kit 12 SP3", product: { name: "SUSE Linux Enterprise Software Development Kit 12 SP3", product_id: "SUSE Linux Enterprise Software Development Kit 12 SP3", product_identification_helper: { cpe: "cpe:/o:suse:sle-sdk:12:sp3", }, }, }, { category: "product_name", name: "SUSE Linux Enterprise Server 12 SP3", product: { name: "SUSE Linux Enterprise Server 12 SP3", product_id: "SUSE Linux Enterprise Server 12 SP3", product_identification_helper: { cpe: "cpe:/o:suse:sles:12:sp3", }, }, }, { category: "product_name", name: "SUSE Linux Enterprise Server for SAP Applications 12 SP3", product: { name: "SUSE Linux Enterprise Server for SAP Applications 12 SP3", product_id: "SUSE Linux Enterprise Server for SAP Applications 12 SP3", product_identification_helper: { cpe: "cpe:/o:suse:sles_sap:12:sp3", }, }, }, ], category: "product_family", name: "SUSE Linux Enterprise", }, ], category: "vendor", name: "SUSE", }, ], relationships: [ { category: "default_component_of", full_product_name: { name: "kernel-docs-azure-4.4.155-4.16.1.noarch as component of SUSE Linux Enterprise Software Development Kit 12 SP3", product_id: "SUSE Linux Enterprise Software Development Kit 12 SP3:kernel-docs-azure-4.4.155-4.16.1.noarch", }, product_reference: "kernel-docs-azure-4.4.155-4.16.1.noarch", relates_to_product_reference: "SUSE Linux Enterprise Software Development Kit 12 SP3", }, { category: "default_component_of", full_product_name: { name: "kernel-azure-4.4.155-4.16.1.x86_64 as component of SUSE Linux Enterprise Server 12 SP3", product_id: "SUSE Linux Enterprise Server 12 SP3:kernel-azure-4.4.155-4.16.1.x86_64", }, product_reference: "kernel-azure-4.4.155-4.16.1.x86_64", relates_to_product_reference: "SUSE Linux Enterprise Server 12 SP3", }, { category: "default_component_of", full_product_name: { name: "kernel-azure-base-4.4.155-4.16.1.x86_64 as component of SUSE Linux Enterprise Server 12 SP3", product_id: "SUSE Linux Enterprise Server 12 SP3:kernel-azure-base-4.4.155-4.16.1.x86_64", }, product_reference: "kernel-azure-base-4.4.155-4.16.1.x86_64", relates_to_product_reference: "SUSE Linux Enterprise Server 12 SP3", }, { category: "default_component_of", full_product_name: { name: "kernel-azure-devel-4.4.155-4.16.1.x86_64 as component of SUSE Linux Enterprise Server 12 SP3", product_id: "SUSE Linux Enterprise Server 12 SP3:kernel-azure-devel-4.4.155-4.16.1.x86_64", }, product_reference: "kernel-azure-devel-4.4.155-4.16.1.x86_64", relates_to_product_reference: "SUSE Linux Enterprise Server 12 SP3", }, { category: "default_component_of", full_product_name: { name: "kernel-devel-azure-4.4.155-4.16.1.noarch as component of SUSE Linux Enterprise Server 12 SP3", product_id: "SUSE Linux Enterprise Server 12 SP3:kernel-devel-azure-4.4.155-4.16.1.noarch", }, product_reference: "kernel-devel-azure-4.4.155-4.16.1.noarch", relates_to_product_reference: "SUSE Linux Enterprise Server 12 SP3", }, { category: "default_component_of", full_product_name: { name: "kernel-source-azure-4.4.155-4.16.1.noarch as component of SUSE Linux Enterprise Server 12 SP3", product_id: "SUSE Linux Enterprise Server 12 SP3:kernel-source-azure-4.4.155-4.16.1.noarch", }, product_reference: "kernel-source-azure-4.4.155-4.16.1.noarch", relates_to_product_reference: "SUSE Linux Enterprise Server 12 SP3", }, { category: "default_component_of", full_product_name: { name: "kernel-syms-azure-4.4.155-4.16.1.x86_64 as component of SUSE Linux Enterprise Server 12 SP3", product_id: "SUSE Linux Enterprise Server 12 SP3:kernel-syms-azure-4.4.155-4.16.1.x86_64", }, product_reference: "kernel-syms-azure-4.4.155-4.16.1.x86_64", relates_to_product_reference: "SUSE Linux Enterprise Server 12 SP3", }, { category: "default_component_of", full_product_name: { name: "kernel-azure-4.4.155-4.16.1.x86_64 as component of SUSE Linux Enterprise Server for SAP Applications 12 SP3", product_id: "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-azure-4.4.155-4.16.1.x86_64", }, product_reference: "kernel-azure-4.4.155-4.16.1.x86_64", relates_to_product_reference: "SUSE Linux Enterprise Server for SAP Applications 12 SP3", }, { category: "default_component_of", full_product_name: { name: "kernel-azure-base-4.4.155-4.16.1.x86_64 as component of SUSE Linux Enterprise Server for SAP Applications 12 SP3", product_id: "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-azure-base-4.4.155-4.16.1.x86_64", }, product_reference: "kernel-azure-base-4.4.155-4.16.1.x86_64", relates_to_product_reference: "SUSE Linux Enterprise Server for SAP Applications 12 SP3", }, { category: "default_component_of", full_product_name: { name: "kernel-azure-devel-4.4.155-4.16.1.x86_64 as component of SUSE Linux Enterprise Server for SAP Applications 12 SP3", product_id: "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-azure-devel-4.4.155-4.16.1.x86_64", }, product_reference: "kernel-azure-devel-4.4.155-4.16.1.x86_64", relates_to_product_reference: "SUSE Linux Enterprise Server for SAP Applications 12 SP3", }, { category: "default_component_of", full_product_name: { name: "kernel-devel-azure-4.4.155-4.16.1.noarch as component of SUSE Linux Enterprise Server for SAP Applications 12 SP3", product_id: "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-devel-azure-4.4.155-4.16.1.noarch", }, product_reference: "kernel-devel-azure-4.4.155-4.16.1.noarch", relates_to_product_reference: "SUSE Linux Enterprise Server for SAP Applications 12 SP3", }, { category: "default_component_of", full_product_name: { name: "kernel-source-azure-4.4.155-4.16.1.noarch as component of SUSE Linux Enterprise Server for SAP Applications 12 SP3", product_id: "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-source-azure-4.4.155-4.16.1.noarch", }, product_reference: "kernel-source-azure-4.4.155-4.16.1.noarch", relates_to_product_reference: "SUSE Linux Enterprise Server for SAP Applications 12 SP3", }, { category: "default_component_of", full_product_name: { name: "kernel-syms-azure-4.4.155-4.16.1.x86_64 as component of SUSE Linux Enterprise Server for SAP Applications 12 SP3", product_id: "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-syms-azure-4.4.155-4.16.1.x86_64", }, product_reference: "kernel-syms-azure-4.4.155-4.16.1.x86_64", relates_to_product_reference: "SUSE Linux Enterprise Server for SAP Applications 12 SP3", }, ], }, vulnerabilities: [ { cve: "CVE-2018-10876", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2018-10876", }, ], notes: [ { category: "general", text: "A flaw was found in Linux kernel in the ext4 filesystem code. A use-after-free is possible in ext4_ext_remove_space() function when mounting and operating a crafted ext4 image.", title: "CVE description", }, ], product_status: { recommended: [ "SUSE Linux Enterprise Server 12 SP3:kernel-azure-4.4.155-4.16.1.x86_64", "SUSE Linux Enterprise Server 12 SP3:kernel-azure-base-4.4.155-4.16.1.x86_64", "SUSE Linux Enterprise Server 12 SP3:kernel-azure-devel-4.4.155-4.16.1.x86_64", "SUSE Linux Enterprise Server 12 SP3:kernel-devel-azure-4.4.155-4.16.1.noarch", "SUSE Linux Enterprise Server 12 SP3:kernel-source-azure-4.4.155-4.16.1.noarch", "SUSE Linux Enterprise Server 12 SP3:kernel-syms-azure-4.4.155-4.16.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-azure-4.4.155-4.16.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-azure-base-4.4.155-4.16.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-azure-devel-4.4.155-4.16.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-devel-azure-4.4.155-4.16.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-source-azure-4.4.155-4.16.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-syms-azure-4.4.155-4.16.1.x86_64", "SUSE Linux Enterprise Software Development Kit 12 SP3:kernel-docs-azure-4.4.155-4.16.1.noarch", ], }, references: [ { category: "external", summary: "CVE-2018-10876", url: "https://www.suse.com/security/cve/CVE-2018-10876", }, { category: "external", summary: "SUSE Bug 1099811 for CVE-2018-10876", url: "https://bugzilla.suse.com/1099811", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE Linux Enterprise Server 12 SP3:kernel-azure-4.4.155-4.16.1.x86_64", "SUSE Linux Enterprise Server 12 SP3:kernel-azure-base-4.4.155-4.16.1.x86_64", "SUSE Linux Enterprise Server 12 SP3:kernel-azure-devel-4.4.155-4.16.1.x86_64", "SUSE Linux Enterprise Server 12 SP3:kernel-devel-azure-4.4.155-4.16.1.noarch", "SUSE Linux Enterprise Server 12 SP3:kernel-source-azure-4.4.155-4.16.1.noarch", "SUSE Linux Enterprise Server 12 SP3:kernel-syms-azure-4.4.155-4.16.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-azure-4.4.155-4.16.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-azure-base-4.4.155-4.16.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-azure-devel-4.4.155-4.16.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-devel-azure-4.4.155-4.16.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-source-azure-4.4.155-4.16.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-syms-azure-4.4.155-4.16.1.x86_64", "SUSE Linux Enterprise Software Development Kit 12 SP3:kernel-docs-azure-4.4.155-4.16.1.noarch", ], }, ], scores: [ { cvss_v3: { baseScore: 5, baseSeverity: "MEDIUM", vectorString: "CVSS:3.0/AV:L/AC:L/PR:L/UI:R/S:U/C:N/I:N/A:H", version: "3.0", }, products: [ "SUSE Linux Enterprise Server 12 SP3:kernel-azure-4.4.155-4.16.1.x86_64", "SUSE Linux Enterprise Server 12 SP3:kernel-azure-base-4.4.155-4.16.1.x86_64", "SUSE Linux Enterprise Server 12 SP3:kernel-azure-devel-4.4.155-4.16.1.x86_64", "SUSE Linux Enterprise Server 12 SP3:kernel-devel-azure-4.4.155-4.16.1.noarch", "SUSE Linux Enterprise Server 12 SP3:kernel-source-azure-4.4.155-4.16.1.noarch", "SUSE Linux Enterprise Server 12 SP3:kernel-syms-azure-4.4.155-4.16.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-azure-4.4.155-4.16.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-azure-base-4.4.155-4.16.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-azure-devel-4.4.155-4.16.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-devel-azure-4.4.155-4.16.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-source-azure-4.4.155-4.16.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-syms-azure-4.4.155-4.16.1.x86_64", "SUSE Linux Enterprise Software Development Kit 12 SP3:kernel-docs-azure-4.4.155-4.16.1.noarch", ], }, ], threats: [ { category: "impact", date: "2018-09-25T13:02:46Z", details: "low", }, ], title: "CVE-2018-10876", }, { cve: "CVE-2018-10877", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2018-10877", }, ], notes: [ { category: "general", text: "Linux kernel ext4 filesystem is vulnerable to an out-of-bound access in the ext4_ext_drop_refs() function when operating on a crafted ext4 filesystem image.", title: "CVE description", }, ], product_status: { recommended: [ "SUSE Linux Enterprise Server 12 SP3:kernel-azure-4.4.155-4.16.1.x86_64", "SUSE Linux Enterprise Server 12 SP3:kernel-azure-base-4.4.155-4.16.1.x86_64", "SUSE Linux Enterprise Server 12 SP3:kernel-azure-devel-4.4.155-4.16.1.x86_64", "SUSE Linux Enterprise Server 12 SP3:kernel-devel-azure-4.4.155-4.16.1.noarch", "SUSE Linux Enterprise Server 12 SP3:kernel-source-azure-4.4.155-4.16.1.noarch", "SUSE Linux Enterprise Server 12 SP3:kernel-syms-azure-4.4.155-4.16.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-azure-4.4.155-4.16.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-azure-base-4.4.155-4.16.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-azure-devel-4.4.155-4.16.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-devel-azure-4.4.155-4.16.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-source-azure-4.4.155-4.16.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-syms-azure-4.4.155-4.16.1.x86_64", "SUSE Linux Enterprise Software Development Kit 12 SP3:kernel-docs-azure-4.4.155-4.16.1.noarch", ], }, references: [ { category: "external", summary: "CVE-2018-10877", url: "https://www.suse.com/security/cve/CVE-2018-10877", }, { category: "external", summary: "SUSE Bug 1087082 for CVE-2018-10877", url: "https://bugzilla.suse.com/1087082", }, { category: "external", summary: "SUSE Bug 1099846 for CVE-2018-10877", url: "https://bugzilla.suse.com/1099846", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE Linux Enterprise Server 12 SP3:kernel-azure-4.4.155-4.16.1.x86_64", "SUSE Linux Enterprise Server 12 SP3:kernel-azure-base-4.4.155-4.16.1.x86_64", "SUSE Linux Enterprise Server 12 SP3:kernel-azure-devel-4.4.155-4.16.1.x86_64", "SUSE Linux Enterprise Server 12 SP3:kernel-devel-azure-4.4.155-4.16.1.noarch", "SUSE Linux Enterprise Server 12 SP3:kernel-source-azure-4.4.155-4.16.1.noarch", "SUSE Linux Enterprise Server 12 SP3:kernel-syms-azure-4.4.155-4.16.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-azure-4.4.155-4.16.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-azure-base-4.4.155-4.16.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-azure-devel-4.4.155-4.16.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-devel-azure-4.4.155-4.16.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-source-azure-4.4.155-4.16.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-syms-azure-4.4.155-4.16.1.x86_64", "SUSE Linux Enterprise Software Development Kit 12 SP3:kernel-docs-azure-4.4.155-4.16.1.noarch", ], }, ], scores: [ { cvss_v3: { baseScore: 6.7, baseSeverity: "MEDIUM", vectorString: "CVSS:3.0/AV:L/AC:H/PR:L/UI:R/S:U/C:H/I:H/A:H", version: "3.0", }, products: [ "SUSE Linux Enterprise Server 12 SP3:kernel-azure-4.4.155-4.16.1.x86_64", "SUSE Linux Enterprise Server 12 SP3:kernel-azure-base-4.4.155-4.16.1.x86_64", "SUSE Linux Enterprise Server 12 SP3:kernel-azure-devel-4.4.155-4.16.1.x86_64", "SUSE Linux Enterprise Server 12 SP3:kernel-devel-azure-4.4.155-4.16.1.noarch", "SUSE Linux Enterprise Server 12 SP3:kernel-source-azure-4.4.155-4.16.1.noarch", "SUSE Linux Enterprise Server 12 SP3:kernel-syms-azure-4.4.155-4.16.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-azure-4.4.155-4.16.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-azure-base-4.4.155-4.16.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-azure-devel-4.4.155-4.16.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-devel-azure-4.4.155-4.16.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-source-azure-4.4.155-4.16.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-syms-azure-4.4.155-4.16.1.x86_64", "SUSE Linux Enterprise Software Development Kit 12 SP3:kernel-docs-azure-4.4.155-4.16.1.noarch", ], }, ], threats: [ { category: "impact", date: "2018-09-25T13:02:46Z", details: "low", }, ], title: "CVE-2018-10877", }, { cve: "CVE-2018-10878", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2018-10878", }, ], notes: [ { category: "general", text: "A flaw was found in the Linux kernel's ext4 filesystem. A local user can cause an out-of-bounds write and a denial of service or unspecified other impact is possible by mounting and operating a crafted ext4 filesystem image.", title: "CVE description", }, ], product_status: { recommended: [ "SUSE Linux Enterprise Server 12 SP3:kernel-azure-4.4.155-4.16.1.x86_64", "SUSE Linux Enterprise Server 12 SP3:kernel-azure-base-4.4.155-4.16.1.x86_64", "SUSE Linux Enterprise Server 12 SP3:kernel-azure-devel-4.4.155-4.16.1.x86_64", "SUSE Linux Enterprise Server 12 SP3:kernel-devel-azure-4.4.155-4.16.1.noarch", "SUSE Linux Enterprise Server 12 SP3:kernel-source-azure-4.4.155-4.16.1.noarch", "SUSE Linux Enterprise Server 12 SP3:kernel-syms-azure-4.4.155-4.16.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-azure-4.4.155-4.16.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-azure-base-4.4.155-4.16.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-azure-devel-4.4.155-4.16.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-devel-azure-4.4.155-4.16.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-source-azure-4.4.155-4.16.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-syms-azure-4.4.155-4.16.1.x86_64", "SUSE Linux Enterprise Software Development Kit 12 SP3:kernel-docs-azure-4.4.155-4.16.1.noarch", ], }, references: [ { category: "external", summary: "CVE-2018-10878", url: "https://www.suse.com/security/cve/CVE-2018-10878", }, { category: "external", summary: "SUSE Bug 1087082 for CVE-2018-10878", url: "https://bugzilla.suse.com/1087082", }, { category: "external", summary: "SUSE Bug 1099813 for CVE-2018-10878", url: "https://bugzilla.suse.com/1099813", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE Linux Enterprise Server 12 SP3:kernel-azure-4.4.155-4.16.1.x86_64", "SUSE Linux Enterprise Server 12 SP3:kernel-azure-base-4.4.155-4.16.1.x86_64", "SUSE Linux Enterprise Server 12 SP3:kernel-azure-devel-4.4.155-4.16.1.x86_64", "SUSE Linux Enterprise Server 12 SP3:kernel-devel-azure-4.4.155-4.16.1.noarch", "SUSE Linux Enterprise Server 12 SP3:kernel-source-azure-4.4.155-4.16.1.noarch", "SUSE Linux Enterprise Server 12 SP3:kernel-syms-azure-4.4.155-4.16.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-azure-4.4.155-4.16.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-azure-base-4.4.155-4.16.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-azure-devel-4.4.155-4.16.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-devel-azure-4.4.155-4.16.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-source-azure-4.4.155-4.16.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-syms-azure-4.4.155-4.16.1.x86_64", "SUSE Linux Enterprise Software Development Kit 12 SP3:kernel-docs-azure-4.4.155-4.16.1.noarch", ], }, ], scores: [ { cvss_v3: { baseScore: 6.6, baseSeverity: "MEDIUM", vectorString: "CVSS:3.0/AV:L/AC:L/PR:L/UI:R/S:U/C:N/I:H/A:H", version: "3.0", }, products: [ "SUSE Linux Enterprise Server 12 SP3:kernel-azure-4.4.155-4.16.1.x86_64", "SUSE Linux Enterprise Server 12 SP3:kernel-azure-base-4.4.155-4.16.1.x86_64", "SUSE Linux Enterprise Server 12 SP3:kernel-azure-devel-4.4.155-4.16.1.x86_64", "SUSE Linux Enterprise Server 12 SP3:kernel-devel-azure-4.4.155-4.16.1.noarch", "SUSE Linux Enterprise Server 12 SP3:kernel-source-azure-4.4.155-4.16.1.noarch", "SUSE Linux Enterprise Server 12 SP3:kernel-syms-azure-4.4.155-4.16.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-azure-4.4.155-4.16.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-azure-base-4.4.155-4.16.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-azure-devel-4.4.155-4.16.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-devel-azure-4.4.155-4.16.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-source-azure-4.4.155-4.16.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-syms-azure-4.4.155-4.16.1.x86_64", "SUSE Linux Enterprise Software Development Kit 12 SP3:kernel-docs-azure-4.4.155-4.16.1.noarch", ], }, ], threats: [ { category: "impact", date: "2018-09-25T13:02:46Z", details: "moderate", }, ], title: "CVE-2018-10878", }, { cve: "CVE-2018-10879", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2018-10879", }, ], notes: [ { category: "general", text: "A flaw was found in the Linux kernel's ext4 filesystem. A local user can cause a use-after-free in ext4_xattr_set_entry function and a denial of service or unspecified other impact may occur by renaming a file in a crafted ext4 filesystem image.", title: "CVE description", }, ], product_status: { recommended: [ "SUSE Linux Enterprise Server 12 SP3:kernel-azure-4.4.155-4.16.1.x86_64", "SUSE Linux Enterprise Server 12 SP3:kernel-azure-base-4.4.155-4.16.1.x86_64", "SUSE Linux Enterprise Server 12 SP3:kernel-azure-devel-4.4.155-4.16.1.x86_64", "SUSE Linux Enterprise Server 12 SP3:kernel-devel-azure-4.4.155-4.16.1.noarch", "SUSE Linux Enterprise Server 12 SP3:kernel-source-azure-4.4.155-4.16.1.noarch", "SUSE Linux Enterprise Server 12 SP3:kernel-syms-azure-4.4.155-4.16.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-azure-4.4.155-4.16.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-azure-base-4.4.155-4.16.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-azure-devel-4.4.155-4.16.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-devel-azure-4.4.155-4.16.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-source-azure-4.4.155-4.16.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-syms-azure-4.4.155-4.16.1.x86_64", "SUSE Linux Enterprise Software Development Kit 12 SP3:kernel-docs-azure-4.4.155-4.16.1.noarch", ], }, references: [ { category: "external", summary: "CVE-2018-10879", url: "https://www.suse.com/security/cve/CVE-2018-10879", }, { category: "external", summary: "SUSE Bug 1087082 for CVE-2018-10879", url: "https://bugzilla.suse.com/1087082", }, { category: "external", summary: "SUSE Bug 1099844 for CVE-2018-10879", url: "https://bugzilla.suse.com/1099844", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE Linux Enterprise Server 12 SP3:kernel-azure-4.4.155-4.16.1.x86_64", "SUSE Linux Enterprise Server 12 SP3:kernel-azure-base-4.4.155-4.16.1.x86_64", "SUSE Linux Enterprise Server 12 SP3:kernel-azure-devel-4.4.155-4.16.1.x86_64", "SUSE Linux Enterprise Server 12 SP3:kernel-devel-azure-4.4.155-4.16.1.noarch", "SUSE Linux Enterprise Server 12 SP3:kernel-source-azure-4.4.155-4.16.1.noarch", "SUSE Linux Enterprise Server 12 SP3:kernel-syms-azure-4.4.155-4.16.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-azure-4.4.155-4.16.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-azure-base-4.4.155-4.16.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-azure-devel-4.4.155-4.16.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-devel-azure-4.4.155-4.16.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-source-azure-4.4.155-4.16.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-syms-azure-4.4.155-4.16.1.x86_64", "SUSE Linux Enterprise Software Development Kit 12 SP3:kernel-docs-azure-4.4.155-4.16.1.noarch", ], }, ], scores: [ { cvss_v3: { baseScore: 5, baseSeverity: "MEDIUM", vectorString: "CVSS:3.0/AV:L/AC:L/PR:L/UI:R/S:U/C:N/I:N/A:H", version: "3.0", }, products: [ "SUSE Linux Enterprise Server 12 SP3:kernel-azure-4.4.155-4.16.1.x86_64", "SUSE Linux Enterprise Server 12 SP3:kernel-azure-base-4.4.155-4.16.1.x86_64", "SUSE Linux Enterprise Server 12 SP3:kernel-azure-devel-4.4.155-4.16.1.x86_64", "SUSE Linux Enterprise Server 12 SP3:kernel-devel-azure-4.4.155-4.16.1.noarch", "SUSE Linux Enterprise Server 12 SP3:kernel-source-azure-4.4.155-4.16.1.noarch", "SUSE Linux Enterprise Server 12 SP3:kernel-syms-azure-4.4.155-4.16.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-azure-4.4.155-4.16.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-azure-base-4.4.155-4.16.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-azure-devel-4.4.155-4.16.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-devel-azure-4.4.155-4.16.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-source-azure-4.4.155-4.16.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-syms-azure-4.4.155-4.16.1.x86_64", "SUSE Linux Enterprise Software Development Kit 12 SP3:kernel-docs-azure-4.4.155-4.16.1.noarch", ], }, ], threats: [ { category: "impact", date: "2018-09-25T13:02:46Z", details: "moderate", }, ], title: "CVE-2018-10879", }, { cve: "CVE-2018-10880", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2018-10880", }, ], notes: [ { category: "general", text: "Linux kernel is vulnerable to a stack-out-of-bounds write in the ext4 filesystem code when mounting and writing to a crafted ext4 image in ext4_update_inline_data(). An attacker could use this to cause a system crash and a denial of service.", title: "CVE description", }, ], product_status: { recommended: [ "SUSE Linux Enterprise Server 12 SP3:kernel-azure-4.4.155-4.16.1.x86_64", "SUSE Linux Enterprise Server 12 SP3:kernel-azure-base-4.4.155-4.16.1.x86_64", "SUSE Linux Enterprise Server 12 SP3:kernel-azure-devel-4.4.155-4.16.1.x86_64", "SUSE Linux Enterprise Server 12 SP3:kernel-devel-azure-4.4.155-4.16.1.noarch", "SUSE Linux Enterprise Server 12 SP3:kernel-source-azure-4.4.155-4.16.1.noarch", "SUSE Linux Enterprise Server 12 SP3:kernel-syms-azure-4.4.155-4.16.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-azure-4.4.155-4.16.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-azure-base-4.4.155-4.16.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-azure-devel-4.4.155-4.16.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-devel-azure-4.4.155-4.16.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-source-azure-4.4.155-4.16.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-syms-azure-4.4.155-4.16.1.x86_64", "SUSE Linux Enterprise Software Development Kit 12 SP3:kernel-docs-azure-4.4.155-4.16.1.noarch", ], }, references: [ { category: "external", summary: "CVE-2018-10880", url: "https://www.suse.com/security/cve/CVE-2018-10880", }, { category: "external", summary: "SUSE Bug 1087082 for CVE-2018-10880", url: "https://bugzilla.suse.com/1087082", }, { category: "external", summary: "SUSE Bug 1099845 for CVE-2018-10880", url: "https://bugzilla.suse.com/1099845", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE Linux Enterprise Server 12 SP3:kernel-azure-4.4.155-4.16.1.x86_64", "SUSE Linux Enterprise Server 12 SP3:kernel-azure-base-4.4.155-4.16.1.x86_64", "SUSE Linux Enterprise Server 12 SP3:kernel-azure-devel-4.4.155-4.16.1.x86_64", "SUSE Linux Enterprise Server 12 SP3:kernel-devel-azure-4.4.155-4.16.1.noarch", "SUSE Linux Enterprise Server 12 SP3:kernel-source-azure-4.4.155-4.16.1.noarch", "SUSE Linux Enterprise Server 12 SP3:kernel-syms-azure-4.4.155-4.16.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-azure-4.4.155-4.16.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-azure-base-4.4.155-4.16.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-azure-devel-4.4.155-4.16.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-devel-azure-4.4.155-4.16.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-source-azure-4.4.155-4.16.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-syms-azure-4.4.155-4.16.1.x86_64", "SUSE Linux Enterprise Software Development Kit 12 SP3:kernel-docs-azure-4.4.155-4.16.1.noarch", ], }, ], scores: [ { cvss_v3: { baseScore: 5.6, baseSeverity: "MEDIUM", vectorString: "CVSS:3.0/AV:L/AC:L/PR:L/UI:R/S:U/C:N/I:L/A:H", version: "3.0", }, products: [ "SUSE Linux Enterprise Server 12 SP3:kernel-azure-4.4.155-4.16.1.x86_64", "SUSE Linux Enterprise Server 12 SP3:kernel-azure-base-4.4.155-4.16.1.x86_64", "SUSE Linux Enterprise Server 12 SP3:kernel-azure-devel-4.4.155-4.16.1.x86_64", "SUSE Linux Enterprise Server 12 SP3:kernel-devel-azure-4.4.155-4.16.1.noarch", "SUSE Linux Enterprise Server 12 SP3:kernel-source-azure-4.4.155-4.16.1.noarch", "SUSE Linux Enterprise Server 12 SP3:kernel-syms-azure-4.4.155-4.16.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-azure-4.4.155-4.16.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-azure-base-4.4.155-4.16.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-azure-devel-4.4.155-4.16.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-devel-azure-4.4.155-4.16.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-source-azure-4.4.155-4.16.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-syms-azure-4.4.155-4.16.1.x86_64", "SUSE Linux Enterprise Software Development Kit 12 SP3:kernel-docs-azure-4.4.155-4.16.1.noarch", ], }, ], threats: [ { category: "impact", date: "2018-09-25T13:02:46Z", details: "moderate", }, ], title: "CVE-2018-10880", }, { cve: "CVE-2018-10881", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2018-10881", }, ], notes: [ { category: "general", text: "A flaw was found in the Linux kernel's ext4 filesystem. A local user can cause an out-of-bound access in ext4_get_group_info function, a denial of service, and a system crash by mounting and operating on a crafted ext4 filesystem image.", title: "CVE description", }, ], product_status: { recommended: [ "SUSE Linux Enterprise Server 12 SP3:kernel-azure-4.4.155-4.16.1.x86_64", "SUSE Linux Enterprise Server 12 SP3:kernel-azure-base-4.4.155-4.16.1.x86_64", "SUSE Linux Enterprise Server 12 SP3:kernel-azure-devel-4.4.155-4.16.1.x86_64", "SUSE Linux Enterprise Server 12 SP3:kernel-devel-azure-4.4.155-4.16.1.noarch", "SUSE Linux Enterprise Server 12 SP3:kernel-source-azure-4.4.155-4.16.1.noarch", "SUSE Linux Enterprise Server 12 SP3:kernel-syms-azure-4.4.155-4.16.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-azure-4.4.155-4.16.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-azure-base-4.4.155-4.16.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-azure-devel-4.4.155-4.16.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-devel-azure-4.4.155-4.16.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-source-azure-4.4.155-4.16.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-syms-azure-4.4.155-4.16.1.x86_64", "SUSE Linux Enterprise Software Development Kit 12 SP3:kernel-docs-azure-4.4.155-4.16.1.noarch", ], }, references: [ { category: "external", summary: "CVE-2018-10881", url: "https://www.suse.com/security/cve/CVE-2018-10881", }, { category: "external", summary: "SUSE Bug 1087082 for CVE-2018-10881", url: "https://bugzilla.suse.com/1087082", }, { category: "external", summary: "SUSE Bug 1099864 for CVE-2018-10881", url: "https://bugzilla.suse.com/1099864", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE Linux Enterprise Server 12 SP3:kernel-azure-4.4.155-4.16.1.x86_64", "SUSE Linux Enterprise Server 12 SP3:kernel-azure-base-4.4.155-4.16.1.x86_64", "SUSE Linux Enterprise Server 12 SP3:kernel-azure-devel-4.4.155-4.16.1.x86_64", "SUSE Linux Enterprise Server 12 SP3:kernel-devel-azure-4.4.155-4.16.1.noarch", "SUSE Linux Enterprise Server 12 SP3:kernel-source-azure-4.4.155-4.16.1.noarch", "SUSE Linux Enterprise Server 12 SP3:kernel-syms-azure-4.4.155-4.16.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-azure-4.4.155-4.16.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-azure-base-4.4.155-4.16.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-azure-devel-4.4.155-4.16.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-devel-azure-4.4.155-4.16.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-source-azure-4.4.155-4.16.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-syms-azure-4.4.155-4.16.1.x86_64", "SUSE Linux Enterprise Software Development Kit 12 SP3:kernel-docs-azure-4.4.155-4.16.1.noarch", ], }, ], scores: [ { cvss_v3: { baseScore: 5, baseSeverity: "MEDIUM", vectorString: "CVSS:3.0/AV:L/AC:L/PR:L/UI:R/S:U/C:N/I:N/A:H", version: "3.0", }, products: [ "SUSE Linux Enterprise Server 12 SP3:kernel-azure-4.4.155-4.16.1.x86_64", "SUSE Linux Enterprise Server 12 SP3:kernel-azure-base-4.4.155-4.16.1.x86_64", "SUSE Linux Enterprise Server 12 SP3:kernel-azure-devel-4.4.155-4.16.1.x86_64", "SUSE Linux Enterprise Server 12 SP3:kernel-devel-azure-4.4.155-4.16.1.noarch", "SUSE Linux Enterprise Server 12 SP3:kernel-source-azure-4.4.155-4.16.1.noarch", "SUSE Linux Enterprise Server 12 SP3:kernel-syms-azure-4.4.155-4.16.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-azure-4.4.155-4.16.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-azure-base-4.4.155-4.16.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-azure-devel-4.4.155-4.16.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-devel-azure-4.4.155-4.16.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-source-azure-4.4.155-4.16.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-syms-azure-4.4.155-4.16.1.x86_64", "SUSE Linux Enterprise Software Development Kit 12 SP3:kernel-docs-azure-4.4.155-4.16.1.noarch", ], }, ], threats: [ { category: "impact", date: "2018-09-25T13:02:46Z", details: "moderate", }, ], title: "CVE-2018-10881", }, { cve: "CVE-2018-10882", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2018-10882", }, ], notes: [ { category: "general", text: "A flaw was found in the Linux kernel's ext4 filesystem. A local user can cause an out-of-bound write in in fs/jbd2/transaction.c code, a denial of service, and a system crash by unmounting a crafted ext4 filesystem image.", title: "CVE description", }, ], product_status: { recommended: [ "SUSE Linux Enterprise Server 12 SP3:kernel-azure-4.4.155-4.16.1.x86_64", "SUSE Linux Enterprise Server 12 SP3:kernel-azure-base-4.4.155-4.16.1.x86_64", "SUSE Linux Enterprise Server 12 SP3:kernel-azure-devel-4.4.155-4.16.1.x86_64", "SUSE Linux Enterprise Server 12 SP3:kernel-devel-azure-4.4.155-4.16.1.noarch", "SUSE Linux Enterprise Server 12 SP3:kernel-source-azure-4.4.155-4.16.1.noarch", "SUSE Linux Enterprise Server 12 SP3:kernel-syms-azure-4.4.155-4.16.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-azure-4.4.155-4.16.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-azure-base-4.4.155-4.16.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-azure-devel-4.4.155-4.16.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-devel-azure-4.4.155-4.16.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-source-azure-4.4.155-4.16.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-syms-azure-4.4.155-4.16.1.x86_64", "SUSE Linux Enterprise Software Development Kit 12 SP3:kernel-docs-azure-4.4.155-4.16.1.noarch", ], }, references: [ { category: "external", summary: "CVE-2018-10882", url: "https://www.suse.com/security/cve/CVE-2018-10882", }, { category: "external", summary: "SUSE Bug 1087082 for CVE-2018-10882", url: "https://bugzilla.suse.com/1087082", }, { category: "external", summary: "SUSE Bug 1099849 for CVE-2018-10882", url: "https://bugzilla.suse.com/1099849", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE Linux Enterprise Server 12 SP3:kernel-azure-4.4.155-4.16.1.x86_64", "SUSE Linux Enterprise Server 12 SP3:kernel-azure-base-4.4.155-4.16.1.x86_64", "SUSE Linux Enterprise Server 12 SP3:kernel-azure-devel-4.4.155-4.16.1.x86_64", "SUSE Linux Enterprise Server 12 SP3:kernel-devel-azure-4.4.155-4.16.1.noarch", "SUSE Linux Enterprise Server 12 SP3:kernel-source-azure-4.4.155-4.16.1.noarch", "SUSE Linux Enterprise Server 12 SP3:kernel-syms-azure-4.4.155-4.16.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-azure-4.4.155-4.16.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-azure-base-4.4.155-4.16.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-azure-devel-4.4.155-4.16.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-devel-azure-4.4.155-4.16.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-source-azure-4.4.155-4.16.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-syms-azure-4.4.155-4.16.1.x86_64", "SUSE Linux Enterprise Software Development Kit 12 SP3:kernel-docs-azure-4.4.155-4.16.1.noarch", ], }, ], scores: [ { cvss_v3: { baseScore: 5, baseSeverity: "MEDIUM", vectorString: "CVSS:3.0/AV:L/AC:L/PR:L/UI:R/S:U/C:N/I:N/A:H", version: "3.0", }, products: [ "SUSE Linux Enterprise Server 12 SP3:kernel-azure-4.4.155-4.16.1.x86_64", "SUSE Linux Enterprise Server 12 SP3:kernel-azure-base-4.4.155-4.16.1.x86_64", "SUSE Linux Enterprise Server 12 SP3:kernel-azure-devel-4.4.155-4.16.1.x86_64", "SUSE Linux Enterprise Server 12 SP3:kernel-devel-azure-4.4.155-4.16.1.noarch", "SUSE Linux Enterprise Server 12 SP3:kernel-source-azure-4.4.155-4.16.1.noarch", "SUSE Linux Enterprise Server 12 SP3:kernel-syms-azure-4.4.155-4.16.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-azure-4.4.155-4.16.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-azure-base-4.4.155-4.16.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-azure-devel-4.4.155-4.16.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-devel-azure-4.4.155-4.16.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-source-azure-4.4.155-4.16.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-syms-azure-4.4.155-4.16.1.x86_64", "SUSE Linux Enterprise Software Development Kit 12 SP3:kernel-docs-azure-4.4.155-4.16.1.noarch", ], }, ], threats: [ { category: "impact", date: "2018-09-25T13:02:46Z", details: "moderate", }, ], title: "CVE-2018-10882", }, { cve: "CVE-2018-10883", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2018-10883", }, ], notes: [ { category: "general", text: "A flaw was found in the Linux kernel's ext4 filesystem. A local user can cause an out-of-bounds write in jbd2_journal_dirty_metadata(), a denial of service, and a system crash by mounting and operating on a crafted ext4 filesystem image.", title: "CVE description", }, ], product_status: { recommended: [ "SUSE Linux Enterprise Server 12 SP3:kernel-azure-4.4.155-4.16.1.x86_64", "SUSE Linux Enterprise Server 12 SP3:kernel-azure-base-4.4.155-4.16.1.x86_64", "SUSE Linux Enterprise Server 12 SP3:kernel-azure-devel-4.4.155-4.16.1.x86_64", "SUSE Linux Enterprise Server 12 SP3:kernel-devel-azure-4.4.155-4.16.1.noarch", "SUSE Linux Enterprise Server 12 SP3:kernel-source-azure-4.4.155-4.16.1.noarch", "SUSE Linux Enterprise Server 12 SP3:kernel-syms-azure-4.4.155-4.16.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-azure-4.4.155-4.16.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-azure-base-4.4.155-4.16.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-azure-devel-4.4.155-4.16.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-devel-azure-4.4.155-4.16.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-source-azure-4.4.155-4.16.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-syms-azure-4.4.155-4.16.1.x86_64", "SUSE Linux Enterprise Software Development Kit 12 SP3:kernel-docs-azure-4.4.155-4.16.1.noarch", ], }, references: [ { category: "external", summary: "CVE-2018-10883", url: "https://www.suse.com/security/cve/CVE-2018-10883", }, { category: "external", summary: "SUSE Bug 1087082 for CVE-2018-10883", url: "https://bugzilla.suse.com/1087082", }, { category: "external", summary: "SUSE Bug 1099863 for CVE-2018-10883", url: "https://bugzilla.suse.com/1099863", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE Linux Enterprise Server 12 SP3:kernel-azure-4.4.155-4.16.1.x86_64", "SUSE Linux Enterprise Server 12 SP3:kernel-azure-base-4.4.155-4.16.1.x86_64", "SUSE Linux Enterprise Server 12 SP3:kernel-azure-devel-4.4.155-4.16.1.x86_64", "SUSE Linux Enterprise Server 12 SP3:kernel-devel-azure-4.4.155-4.16.1.noarch", "SUSE Linux Enterprise Server 12 SP3:kernel-source-azure-4.4.155-4.16.1.noarch", "SUSE Linux Enterprise Server 12 SP3:kernel-syms-azure-4.4.155-4.16.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-azure-4.4.155-4.16.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-azure-base-4.4.155-4.16.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-azure-devel-4.4.155-4.16.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-devel-azure-4.4.155-4.16.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-source-azure-4.4.155-4.16.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-syms-azure-4.4.155-4.16.1.x86_64", "SUSE Linux Enterprise Software Development Kit 12 SP3:kernel-docs-azure-4.4.155-4.16.1.noarch", ], }, ], scores: [ { cvss_v3: { baseScore: 5, baseSeverity: "MEDIUM", vectorString: "CVSS:3.0/AV:L/AC:L/PR:L/UI:R/S:U/C:N/I:N/A:H", version: "3.0", }, products: [ "SUSE Linux Enterprise Server 12 SP3:kernel-azure-4.4.155-4.16.1.x86_64", "SUSE Linux Enterprise Server 12 SP3:kernel-azure-base-4.4.155-4.16.1.x86_64", "SUSE Linux Enterprise Server 12 SP3:kernel-azure-devel-4.4.155-4.16.1.x86_64", "SUSE Linux Enterprise Server 12 SP3:kernel-devel-azure-4.4.155-4.16.1.noarch", "SUSE Linux Enterprise Server 12 SP3:kernel-source-azure-4.4.155-4.16.1.noarch", "SUSE Linux Enterprise Server 12 SP3:kernel-syms-azure-4.4.155-4.16.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-azure-4.4.155-4.16.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-azure-base-4.4.155-4.16.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-azure-devel-4.4.155-4.16.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-devel-azure-4.4.155-4.16.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-source-azure-4.4.155-4.16.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-syms-azure-4.4.155-4.16.1.x86_64", "SUSE Linux Enterprise Software Development Kit 12 SP3:kernel-docs-azure-4.4.155-4.16.1.noarch", ], }, ], threats: [ { category: "impact", date: "2018-09-25T13:02:46Z", details: "moderate", }, ], title: "CVE-2018-10883", }, { cve: "CVE-2018-10902", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2018-10902", }, ], notes: [ { category: "general", text: "It was found that the raw midi kernel driver does not protect against concurrent access which leads to a double realloc (double free) in snd_rawmidi_input_params() and snd_rawmidi_output_status() which are part of snd_rawmidi_ioctl() handler in rawmidi.c file. A malicious local attacker could possibly use this for privilege escalation.", title: "CVE description", }, ], product_status: { recommended: [ "SUSE Linux Enterprise Server 12 SP3:kernel-azure-4.4.155-4.16.1.x86_64", "SUSE Linux Enterprise Server 12 SP3:kernel-azure-base-4.4.155-4.16.1.x86_64", "SUSE Linux Enterprise Server 12 SP3:kernel-azure-devel-4.4.155-4.16.1.x86_64", "SUSE Linux Enterprise Server 12 SP3:kernel-devel-azure-4.4.155-4.16.1.noarch", "SUSE Linux Enterprise Server 12 SP3:kernel-source-azure-4.4.155-4.16.1.noarch", "SUSE Linux Enterprise Server 12 SP3:kernel-syms-azure-4.4.155-4.16.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-azure-4.4.155-4.16.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-azure-base-4.4.155-4.16.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-azure-devel-4.4.155-4.16.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-devel-azure-4.4.155-4.16.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-source-azure-4.4.155-4.16.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-syms-azure-4.4.155-4.16.1.x86_64", "SUSE Linux Enterprise Software Development Kit 12 SP3:kernel-docs-azure-4.4.155-4.16.1.noarch", ], }, references: [ { category: "external", summary: "CVE-2018-10902", url: "https://www.suse.com/security/cve/CVE-2018-10902", }, { category: "external", summary: "SUSE Bug 1105322 for CVE-2018-10902", url: "https://bugzilla.suse.com/1105322", }, { category: "external", summary: "SUSE Bug 1105323 for CVE-2018-10902", url: "https://bugzilla.suse.com/1105323", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE Linux Enterprise Server 12 SP3:kernel-azure-4.4.155-4.16.1.x86_64", "SUSE Linux Enterprise Server 12 SP3:kernel-azure-base-4.4.155-4.16.1.x86_64", "SUSE Linux Enterprise Server 12 SP3:kernel-azure-devel-4.4.155-4.16.1.x86_64", "SUSE Linux Enterprise Server 12 SP3:kernel-devel-azure-4.4.155-4.16.1.noarch", "SUSE Linux Enterprise Server 12 SP3:kernel-source-azure-4.4.155-4.16.1.noarch", "SUSE Linux Enterprise Server 12 SP3:kernel-syms-azure-4.4.155-4.16.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-azure-4.4.155-4.16.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-azure-base-4.4.155-4.16.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-azure-devel-4.4.155-4.16.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-devel-azure-4.4.155-4.16.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-source-azure-4.4.155-4.16.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-syms-azure-4.4.155-4.16.1.x86_64", "SUSE Linux Enterprise Software Development Kit 12 SP3:kernel-docs-azure-4.4.155-4.16.1.noarch", ], }, ], scores: [ { cvss_v3: { baseScore: 7, baseSeverity: "HIGH", vectorString: "CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H", version: "3.0", }, products: [ "SUSE Linux Enterprise Server 12 SP3:kernel-azure-4.4.155-4.16.1.x86_64", "SUSE Linux Enterprise Server 12 SP3:kernel-azure-base-4.4.155-4.16.1.x86_64", "SUSE Linux Enterprise Server 12 SP3:kernel-azure-devel-4.4.155-4.16.1.x86_64", "SUSE Linux Enterprise Server 12 SP3:kernel-devel-azure-4.4.155-4.16.1.noarch", "SUSE Linux Enterprise Server 12 SP3:kernel-source-azure-4.4.155-4.16.1.noarch", "SUSE Linux Enterprise Server 12 SP3:kernel-syms-azure-4.4.155-4.16.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-azure-4.4.155-4.16.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-azure-base-4.4.155-4.16.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-azure-devel-4.4.155-4.16.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-devel-azure-4.4.155-4.16.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-source-azure-4.4.155-4.16.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-syms-azure-4.4.155-4.16.1.x86_64", "SUSE Linux Enterprise Software Development Kit 12 SP3:kernel-docs-azure-4.4.155-4.16.1.noarch", ], }, ], threats: [ { category: "impact", date: "2018-09-25T13:02:46Z", details: "moderate", }, ], title: "CVE-2018-10902", }, { cve: "CVE-2018-10938", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2018-10938", }, ], notes: [ { category: "general", text: "A flaw was found in the Linux kernel present since v4.0-rc1 and through v4.13-rc4. A crafted network packet sent remotely by an attacker may force the kernel to enter an infinite loop in the cipso_v4_optptr() function in net/ipv4/cipso_ipv4.c leading to a denial-of-service. A certain non-default configuration of LSM (Linux Security Module) and NetLabel should be set up on a system before an attacker could leverage this flaw.", title: "CVE description", }, ], product_status: { recommended: [ "SUSE Linux Enterprise Server 12 SP3:kernel-azure-4.4.155-4.16.1.x86_64", "SUSE Linux Enterprise Server 12 SP3:kernel-azure-base-4.4.155-4.16.1.x86_64", "SUSE Linux Enterprise Server 12 SP3:kernel-azure-devel-4.4.155-4.16.1.x86_64", "SUSE Linux Enterprise Server 12 SP3:kernel-devel-azure-4.4.155-4.16.1.noarch", "SUSE Linux Enterprise Server 12 SP3:kernel-source-azure-4.4.155-4.16.1.noarch", "SUSE Linux Enterprise Server 12 SP3:kernel-syms-azure-4.4.155-4.16.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-azure-4.4.155-4.16.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-azure-base-4.4.155-4.16.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-azure-devel-4.4.155-4.16.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-devel-azure-4.4.155-4.16.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-source-azure-4.4.155-4.16.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-syms-azure-4.4.155-4.16.1.x86_64", "SUSE Linux Enterprise Software Development Kit 12 SP3:kernel-docs-azure-4.4.155-4.16.1.noarch", ], }, references: [ { category: "external", summary: "CVE-2018-10938", url: "https://www.suse.com/security/cve/CVE-2018-10938", }, { category: "external", summary: "SUSE Bug 1106016 for CVE-2018-10938", url: "https://bugzilla.suse.com/1106016", }, { category: "external", summary: "SUSE Bug 1106191 for CVE-2018-10938", url: "https://bugzilla.suse.com/1106191", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE Linux Enterprise Server 12 SP3:kernel-azure-4.4.155-4.16.1.x86_64", "SUSE Linux Enterprise Server 12 SP3:kernel-azure-base-4.4.155-4.16.1.x86_64", "SUSE Linux Enterprise Server 12 SP3:kernel-azure-devel-4.4.155-4.16.1.x86_64", "SUSE Linux Enterprise Server 12 SP3:kernel-devel-azure-4.4.155-4.16.1.noarch", "SUSE Linux Enterprise Server 12 SP3:kernel-source-azure-4.4.155-4.16.1.noarch", "SUSE Linux Enterprise Server 12 SP3:kernel-syms-azure-4.4.155-4.16.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-azure-4.4.155-4.16.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-azure-base-4.4.155-4.16.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-azure-devel-4.4.155-4.16.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-devel-azure-4.4.155-4.16.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-source-azure-4.4.155-4.16.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-syms-azure-4.4.155-4.16.1.x86_64", "SUSE Linux Enterprise Software Development Kit 12 SP3:kernel-docs-azure-4.4.155-4.16.1.noarch", ], }, ], scores: [ { cvss_v3: { baseScore: 7.5, baseSeverity: "HIGH", vectorString: "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", version: "3.0", }, products: [ "SUSE Linux Enterprise Server 12 SP3:kernel-azure-4.4.155-4.16.1.x86_64", "SUSE Linux Enterprise Server 12 SP3:kernel-azure-base-4.4.155-4.16.1.x86_64", "SUSE Linux Enterprise Server 12 SP3:kernel-azure-devel-4.4.155-4.16.1.x86_64", "SUSE Linux Enterprise Server 12 SP3:kernel-devel-azure-4.4.155-4.16.1.noarch", "SUSE Linux Enterprise Server 12 SP3:kernel-source-azure-4.4.155-4.16.1.noarch", "SUSE Linux Enterprise Server 12 SP3:kernel-syms-azure-4.4.155-4.16.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-azure-4.4.155-4.16.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-azure-base-4.4.155-4.16.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-azure-devel-4.4.155-4.16.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-devel-azure-4.4.155-4.16.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-source-azure-4.4.155-4.16.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-syms-azure-4.4.155-4.16.1.x86_64", "SUSE Linux Enterprise Software Development Kit 12 SP3:kernel-docs-azure-4.4.155-4.16.1.noarch", ], }, ], threats: [ { category: "impact", date: "2018-09-25T13:02:46Z", details: "important", }, ], title: "CVE-2018-10938", }, { cve: "CVE-2018-10940", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2018-10940", }, ], notes: [ { category: "general", text: "The cdrom_ioctl_media_changed function in drivers/cdrom/cdrom.c in the Linux kernel before 4.16.6 allows local attackers to use a incorrect bounds check in the CDROM driver CDROM_MEDIA_CHANGED ioctl to read out kernel memory.", title: "CVE description", }, ], product_status: { recommended: [ "SUSE Linux Enterprise Server 12 SP3:kernel-azure-4.4.155-4.16.1.x86_64", "SUSE Linux Enterprise Server 12 SP3:kernel-azure-base-4.4.155-4.16.1.x86_64", "SUSE Linux Enterprise Server 12 SP3:kernel-azure-devel-4.4.155-4.16.1.x86_64", "SUSE Linux Enterprise Server 12 SP3:kernel-devel-azure-4.4.155-4.16.1.noarch", "SUSE Linux Enterprise Server 12 SP3:kernel-source-azure-4.4.155-4.16.1.noarch", "SUSE Linux Enterprise Server 12 SP3:kernel-syms-azure-4.4.155-4.16.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-azure-4.4.155-4.16.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-azure-base-4.4.155-4.16.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-azure-devel-4.4.155-4.16.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-devel-azure-4.4.155-4.16.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-source-azure-4.4.155-4.16.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-syms-azure-4.4.155-4.16.1.x86_64", "SUSE Linux Enterprise Software Development Kit 12 SP3:kernel-docs-azure-4.4.155-4.16.1.noarch", ], }, references: [ { category: "external", summary: "CVE-2018-10940", url: "https://www.suse.com/security/cve/CVE-2018-10940", }, { category: "external", summary: "SUSE Bug 1087082 for CVE-2018-10940", url: "https://bugzilla.suse.com/1087082", }, { category: "external", summary: "SUSE Bug 1092903 for CVE-2018-10940", url: "https://bugzilla.suse.com/1092903", }, { category: "external", summary: "SUSE Bug 1107689 for CVE-2018-10940", url: "https://bugzilla.suse.com/1107689", }, { category: "external", summary: "SUSE Bug 1113751 for CVE-2018-10940", url: "https://bugzilla.suse.com/1113751", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE Linux Enterprise Server 12 SP3:kernel-azure-4.4.155-4.16.1.x86_64", "SUSE Linux Enterprise Server 12 SP3:kernel-azure-base-4.4.155-4.16.1.x86_64", "SUSE Linux Enterprise Server 12 SP3:kernel-azure-devel-4.4.155-4.16.1.x86_64", "SUSE Linux Enterprise Server 12 SP3:kernel-devel-azure-4.4.155-4.16.1.noarch", "SUSE Linux Enterprise Server 12 SP3:kernel-source-azure-4.4.155-4.16.1.noarch", "SUSE Linux Enterprise Server 12 SP3:kernel-syms-azure-4.4.155-4.16.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-azure-4.4.155-4.16.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-azure-base-4.4.155-4.16.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-azure-devel-4.4.155-4.16.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-devel-azure-4.4.155-4.16.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-source-azure-4.4.155-4.16.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-syms-azure-4.4.155-4.16.1.x86_64", "SUSE Linux Enterprise Software Development Kit 12 SP3:kernel-docs-azure-4.4.155-4.16.1.noarch", ], }, ], scores: [ { cvss_v3: { baseScore: 6.2, baseSeverity: "MEDIUM", vectorString: "CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N", version: "3.0", }, products: [ "SUSE Linux Enterprise Server 12 SP3:kernel-azure-4.4.155-4.16.1.x86_64", "SUSE Linux Enterprise Server 12 SP3:kernel-azure-base-4.4.155-4.16.1.x86_64", "SUSE Linux Enterprise Server 12 SP3:kernel-azure-devel-4.4.155-4.16.1.x86_64", "SUSE Linux Enterprise Server 12 SP3:kernel-devel-azure-4.4.155-4.16.1.noarch", "SUSE Linux Enterprise Server 12 SP3:kernel-source-azure-4.4.155-4.16.1.noarch", "SUSE Linux Enterprise Server 12 SP3:kernel-syms-azure-4.4.155-4.16.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-azure-4.4.155-4.16.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-azure-base-4.4.155-4.16.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-azure-devel-4.4.155-4.16.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-devel-azure-4.4.155-4.16.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-source-azure-4.4.155-4.16.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-syms-azure-4.4.155-4.16.1.x86_64", "SUSE Linux Enterprise Software Development Kit 12 SP3:kernel-docs-azure-4.4.155-4.16.1.noarch", ], }, ], threats: [ { category: "impact", date: "2018-09-25T13:02:46Z", details: "moderate", }, ], title: "CVE-2018-10940", }, { cve: "CVE-2018-1128", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2018-1128", }, ], notes: [ { category: "general", text: "It was found that cephx authentication protocol did not verify ceph clients correctly and was vulnerable to replay attack. Any attacker having access to ceph cluster network who is able to sniff packets on network can use this vulnerability to authenticate with ceph service and perform actions allowed by ceph service. Ceph branches master, mimic, luminous and jewel are believed to be vulnerable.", title: "CVE description", }, ], product_status: { recommended: [ "SUSE Linux Enterprise Server 12 SP3:kernel-azure-4.4.155-4.16.1.x86_64", "SUSE Linux Enterprise Server 12 SP3:kernel-azure-base-4.4.155-4.16.1.x86_64", "SUSE Linux Enterprise Server 12 SP3:kernel-azure-devel-4.4.155-4.16.1.x86_64", "SUSE Linux Enterprise Server 12 SP3:kernel-devel-azure-4.4.155-4.16.1.noarch", "SUSE Linux Enterprise Server 12 SP3:kernel-source-azure-4.4.155-4.16.1.noarch", "SUSE Linux Enterprise Server 12 SP3:kernel-syms-azure-4.4.155-4.16.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-azure-4.4.155-4.16.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-azure-base-4.4.155-4.16.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-azure-devel-4.4.155-4.16.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-devel-azure-4.4.155-4.16.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-source-azure-4.4.155-4.16.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-syms-azure-4.4.155-4.16.1.x86_64", "SUSE Linux Enterprise Software Development Kit 12 SP3:kernel-docs-azure-4.4.155-4.16.1.noarch", ], }, references: [ { category: "external", summary: "CVE-2018-1128", url: "https://www.suse.com/security/cve/CVE-2018-1128", }, { category: "external", summary: "SUSE Bug 1096748 for CVE-2018-1128", url: "https://bugzilla.suse.com/1096748", }, { category: "external", summary: "SUSE Bug 1114710 for CVE-2018-1128", url: "https://bugzilla.suse.com/1114710", }, { category: "external", summary: "SUSE Bug 1177843 for CVE-2018-1128", url: "https://bugzilla.suse.com/1177843", }, { category: "external", summary: "SUSE Bug 1177859 for CVE-2018-1128", url: "https://bugzilla.suse.com/1177859", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE Linux Enterprise Server 12 SP3:kernel-azure-4.4.155-4.16.1.x86_64", "SUSE Linux Enterprise Server 12 SP3:kernel-azure-base-4.4.155-4.16.1.x86_64", "SUSE Linux Enterprise Server 12 SP3:kernel-azure-devel-4.4.155-4.16.1.x86_64", "SUSE Linux Enterprise Server 12 SP3:kernel-devel-azure-4.4.155-4.16.1.noarch", "SUSE Linux Enterprise Server 12 SP3:kernel-source-azure-4.4.155-4.16.1.noarch", "SUSE Linux Enterprise Server 12 SP3:kernel-syms-azure-4.4.155-4.16.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-azure-4.4.155-4.16.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-azure-base-4.4.155-4.16.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-azure-devel-4.4.155-4.16.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-devel-azure-4.4.155-4.16.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-source-azure-4.4.155-4.16.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-syms-azure-4.4.155-4.16.1.x86_64", "SUSE Linux Enterprise Software Development Kit 12 SP3:kernel-docs-azure-4.4.155-4.16.1.noarch", ], }, ], scores: [ { cvss_v3: { baseScore: 8.3, baseSeverity: "HIGH", vectorString: "CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:L", version: "3.0", }, products: [ "SUSE Linux Enterprise Server 12 SP3:kernel-azure-4.4.155-4.16.1.x86_64", "SUSE Linux Enterprise Server 12 SP3:kernel-azure-base-4.4.155-4.16.1.x86_64", "SUSE Linux Enterprise Server 12 SP3:kernel-azure-devel-4.4.155-4.16.1.x86_64", "SUSE Linux Enterprise Server 12 SP3:kernel-devel-azure-4.4.155-4.16.1.noarch", "SUSE Linux Enterprise Server 12 SP3:kernel-source-azure-4.4.155-4.16.1.noarch", "SUSE Linux Enterprise Server 12 SP3:kernel-syms-azure-4.4.155-4.16.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-azure-4.4.155-4.16.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-azure-base-4.4.155-4.16.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-azure-devel-4.4.155-4.16.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-devel-azure-4.4.155-4.16.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-source-azure-4.4.155-4.16.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-syms-azure-4.4.155-4.16.1.x86_64", "SUSE Linux Enterprise Software Development Kit 12 SP3:kernel-docs-azure-4.4.155-4.16.1.noarch", ], }, ], threats: [ { category: "impact", date: "2018-09-25T13:02:46Z", details: "important", }, ], title: "CVE-2018-1128", }, { cve: "CVE-2018-1129", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2018-1129", }, ], notes: [ { category: "general", text: "A flaw was found in the way signature calculation was handled by cephx authentication protocol. An attacker having access to ceph cluster network who is able to alter the message payload was able to bypass signature checks done by cephx protocol. Ceph branches master, mimic, luminous and jewel are believed to be vulnerable.", title: "CVE description", }, ], product_status: { recommended: [ "SUSE Linux Enterprise Server 12 SP3:kernel-azure-4.4.155-4.16.1.x86_64", "SUSE Linux Enterprise Server 12 SP3:kernel-azure-base-4.4.155-4.16.1.x86_64", "SUSE Linux Enterprise Server 12 SP3:kernel-azure-devel-4.4.155-4.16.1.x86_64", "SUSE Linux Enterprise Server 12 SP3:kernel-devel-azure-4.4.155-4.16.1.noarch", "SUSE Linux Enterprise Server 12 SP3:kernel-source-azure-4.4.155-4.16.1.noarch", "SUSE Linux Enterprise Server 12 SP3:kernel-syms-azure-4.4.155-4.16.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-azure-4.4.155-4.16.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-azure-base-4.4.155-4.16.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-azure-devel-4.4.155-4.16.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-devel-azure-4.4.155-4.16.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-source-azure-4.4.155-4.16.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-syms-azure-4.4.155-4.16.1.x86_64", "SUSE Linux Enterprise Software Development Kit 12 SP3:kernel-docs-azure-4.4.155-4.16.1.noarch", ], }, references: [ { category: "external", summary: "CVE-2018-1129", url: "https://www.suse.com/security/cve/CVE-2018-1129", }, { category: "external", summary: "SUSE Bug 1096748 for CVE-2018-1129", url: "https://bugzilla.suse.com/1096748", }, { category: "external", summary: "SUSE Bug 1114710 for CVE-2018-1129", url: "https://bugzilla.suse.com/1114710", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE Linux Enterprise Server 12 SP3:kernel-azure-4.4.155-4.16.1.x86_64", "SUSE Linux Enterprise Server 12 SP3:kernel-azure-base-4.4.155-4.16.1.x86_64", "SUSE Linux Enterprise Server 12 SP3:kernel-azure-devel-4.4.155-4.16.1.x86_64", "SUSE Linux Enterprise Server 12 SP3:kernel-devel-azure-4.4.155-4.16.1.noarch", "SUSE Linux Enterprise Server 12 SP3:kernel-source-azure-4.4.155-4.16.1.noarch", "SUSE Linux Enterprise Server 12 SP3:kernel-syms-azure-4.4.155-4.16.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-azure-4.4.155-4.16.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-azure-base-4.4.155-4.16.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-azure-devel-4.4.155-4.16.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-devel-azure-4.4.155-4.16.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-source-azure-4.4.155-4.16.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-syms-azure-4.4.155-4.16.1.x86_64", "SUSE Linux Enterprise Software Development Kit 12 SP3:kernel-docs-azure-4.4.155-4.16.1.noarch", ], }, ], scores: [ { cvss_v3: { baseScore: 8.1, baseSeverity: "HIGH", vectorString: "CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N", version: "3.0", }, products: [ "SUSE Linux Enterprise Server 12 SP3:kernel-azure-4.4.155-4.16.1.x86_64", "SUSE Linux Enterprise Server 12 SP3:kernel-azure-base-4.4.155-4.16.1.x86_64", "SUSE Linux Enterprise Server 12 SP3:kernel-azure-devel-4.4.155-4.16.1.x86_64", "SUSE Linux Enterprise Server 12 SP3:kernel-devel-azure-4.4.155-4.16.1.noarch", "SUSE Linux Enterprise Server 12 SP3:kernel-source-azure-4.4.155-4.16.1.noarch", "SUSE Linux Enterprise Server 12 SP3:kernel-syms-azure-4.4.155-4.16.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-azure-4.4.155-4.16.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-azure-base-4.4.155-4.16.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-azure-devel-4.4.155-4.16.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-devel-azure-4.4.155-4.16.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-source-azure-4.4.155-4.16.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-syms-azure-4.4.155-4.16.1.x86_64", "SUSE Linux Enterprise Software Development Kit 12 SP3:kernel-docs-azure-4.4.155-4.16.1.noarch", ], }, ], threats: [ { category: "impact", date: "2018-09-25T13:02:46Z", details: "important", }, ], title: "CVE-2018-1129", }, { cve: "CVE-2018-12896", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2018-12896", }, ], notes: [ { category: "general", text: "An issue was discovered in the Linux kernel through 4.17.3. An Integer Overflow in kernel/time/posix-timers.c in the POSIX timer code is caused by the way the overrun accounting works. Depending on interval and expiry time values, the overrun can be larger than INT_MAX, but the accounting is int based. This basically makes the accounting values, which are visible to user space via timer_getoverrun(2) and siginfo::si_overrun, random. For example, a local user can cause a denial of service (signed integer overflow) via crafted mmap, futex, timer_create, and timer_settime system calls.", title: "CVE description", }, ], product_status: { recommended: [ "SUSE Linux Enterprise Server 12 SP3:kernel-azure-4.4.155-4.16.1.x86_64", "SUSE Linux Enterprise Server 12 SP3:kernel-azure-base-4.4.155-4.16.1.x86_64", "SUSE Linux Enterprise Server 12 SP3:kernel-azure-devel-4.4.155-4.16.1.x86_64", "SUSE Linux Enterprise Server 12 SP3:kernel-devel-azure-4.4.155-4.16.1.noarch", "SUSE Linux Enterprise Server 12 SP3:kernel-source-azure-4.4.155-4.16.1.noarch", "SUSE Linux Enterprise Server 12 SP3:kernel-syms-azure-4.4.155-4.16.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-azure-4.4.155-4.16.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-azure-base-4.4.155-4.16.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-azure-devel-4.4.155-4.16.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-devel-azure-4.4.155-4.16.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-source-azure-4.4.155-4.16.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-syms-azure-4.4.155-4.16.1.x86_64", "SUSE Linux Enterprise Software Development Kit 12 SP3:kernel-docs-azure-4.4.155-4.16.1.noarch", ], }, references: [ { category: "external", summary: "CVE-2018-12896", url: "https://www.suse.com/security/cve/CVE-2018-12896", }, { category: "external", summary: "SUSE Bug 1099922 for CVE-2018-12896", url: "https://bugzilla.suse.com/1099922", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE Linux Enterprise Server 12 SP3:kernel-azure-4.4.155-4.16.1.x86_64", "SUSE Linux Enterprise Server 12 SP3:kernel-azure-base-4.4.155-4.16.1.x86_64", "SUSE Linux Enterprise Server 12 SP3:kernel-azure-devel-4.4.155-4.16.1.x86_64", "SUSE Linux Enterprise Server 12 SP3:kernel-devel-azure-4.4.155-4.16.1.noarch", "SUSE Linux Enterprise Server 12 SP3:kernel-source-azure-4.4.155-4.16.1.noarch", "SUSE Linux Enterprise Server 12 SP3:kernel-syms-azure-4.4.155-4.16.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-azure-4.4.155-4.16.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-azure-base-4.4.155-4.16.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-azure-devel-4.4.155-4.16.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-devel-azure-4.4.155-4.16.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-source-azure-4.4.155-4.16.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-syms-azure-4.4.155-4.16.1.x86_64", "SUSE Linux Enterprise Software Development Kit 12 SP3:kernel-docs-azure-4.4.155-4.16.1.noarch", ], }, ], scores: [ { cvss_v3: { baseScore: 3.3, baseSeverity: "LOW", vectorString: "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L", version: "3.0", }, products: [ "SUSE Linux Enterprise Server 12 SP3:kernel-azure-4.4.155-4.16.1.x86_64", "SUSE Linux Enterprise Server 12 SP3:kernel-azure-base-4.4.155-4.16.1.x86_64", "SUSE Linux Enterprise Server 12 SP3:kernel-azure-devel-4.4.155-4.16.1.x86_64", "SUSE Linux Enterprise Server 12 SP3:kernel-devel-azure-4.4.155-4.16.1.noarch", "SUSE Linux Enterprise Server 12 SP3:kernel-source-azure-4.4.155-4.16.1.noarch", "SUSE Linux Enterprise Server 12 SP3:kernel-syms-azure-4.4.155-4.16.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-azure-4.4.155-4.16.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-azure-base-4.4.155-4.16.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-azure-devel-4.4.155-4.16.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-devel-azure-4.4.155-4.16.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-source-azure-4.4.155-4.16.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-syms-azure-4.4.155-4.16.1.x86_64", "SUSE Linux Enterprise Software Development Kit 12 SP3:kernel-docs-azure-4.4.155-4.16.1.noarch", ], }, ], threats: [ { category: "impact", date: "2018-09-25T13:02:46Z", details: "low", }, ], title: "CVE-2018-12896", }, { cve: "CVE-2018-13093", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2018-13093", }, ], notes: [ { category: "general", text: "An issue was discovered in fs/xfs/xfs_icache.c in the Linux kernel through 4.17.3. There is a NULL pointer dereference and panic in lookup_slow() on a NULL inode->i_ops pointer when doing pathwalks on a corrupted xfs image. This occurs because of a lack of proper validation that cached inodes are free during allocation.", title: "CVE description", }, ], product_status: { recommended: [ "SUSE Linux Enterprise Server 12 SP3:kernel-azure-4.4.155-4.16.1.x86_64", "SUSE Linux Enterprise Server 12 SP3:kernel-azure-base-4.4.155-4.16.1.x86_64", "SUSE Linux Enterprise Server 12 SP3:kernel-azure-devel-4.4.155-4.16.1.x86_64", "SUSE Linux Enterprise Server 12 SP3:kernel-devel-azure-4.4.155-4.16.1.noarch", "SUSE Linux Enterprise Server 12 SP3:kernel-source-azure-4.4.155-4.16.1.noarch", "SUSE Linux Enterprise Server 12 SP3:kernel-syms-azure-4.4.155-4.16.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-azure-4.4.155-4.16.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-azure-base-4.4.155-4.16.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-azure-devel-4.4.155-4.16.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-devel-azure-4.4.155-4.16.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-source-azure-4.4.155-4.16.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-syms-azure-4.4.155-4.16.1.x86_64", "SUSE Linux Enterprise Software Development Kit 12 SP3:kernel-docs-azure-4.4.155-4.16.1.noarch", ], }, references: [ { category: "external", summary: "CVE-2018-13093", url: "https://www.suse.com/security/cve/CVE-2018-13093", }, { category: "external", summary: "SUSE Bug 1100001 for CVE-2018-13093", url: "https://bugzilla.suse.com/1100001", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE Linux Enterprise Server 12 SP3:kernel-azure-4.4.155-4.16.1.x86_64", "SUSE Linux Enterprise Server 12 SP3:kernel-azure-base-4.4.155-4.16.1.x86_64", "SUSE Linux Enterprise Server 12 SP3:kernel-azure-devel-4.4.155-4.16.1.x86_64", "SUSE Linux Enterprise Server 12 SP3:kernel-devel-azure-4.4.155-4.16.1.noarch", "SUSE Linux Enterprise Server 12 SP3:kernel-source-azure-4.4.155-4.16.1.noarch", "SUSE Linux Enterprise Server 12 SP3:kernel-syms-azure-4.4.155-4.16.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-azure-4.4.155-4.16.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-azure-base-4.4.155-4.16.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-azure-devel-4.4.155-4.16.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-devel-azure-4.4.155-4.16.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-source-azure-4.4.155-4.16.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-syms-azure-4.4.155-4.16.1.x86_64", "SUSE Linux Enterprise Software Development Kit 12 SP3:kernel-docs-azure-4.4.155-4.16.1.noarch", ], }, ], scores: [ { cvss_v3: { baseScore: 6.1, baseSeverity: "MEDIUM", vectorString: "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:H", version: "3.0", }, products: [ "SUSE Linux Enterprise Server 12 SP3:kernel-azure-4.4.155-4.16.1.x86_64", "SUSE Linux Enterprise Server 12 SP3:kernel-azure-base-4.4.155-4.16.1.x86_64", "SUSE Linux Enterprise Server 12 SP3:kernel-azure-devel-4.4.155-4.16.1.x86_64", "SUSE Linux Enterprise Server 12 SP3:kernel-devel-azure-4.4.155-4.16.1.noarch", "SUSE Linux Enterprise Server 12 SP3:kernel-source-azure-4.4.155-4.16.1.noarch", "SUSE Linux Enterprise Server 12 SP3:kernel-syms-azure-4.4.155-4.16.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-azure-4.4.155-4.16.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-azure-base-4.4.155-4.16.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-azure-devel-4.4.155-4.16.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-devel-azure-4.4.155-4.16.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-source-azure-4.4.155-4.16.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-syms-azure-4.4.155-4.16.1.x86_64", "SUSE Linux Enterprise Software Development Kit 12 SP3:kernel-docs-azure-4.4.155-4.16.1.noarch", ], }, ], threats: [ { category: "impact", date: "2018-09-25T13:02:46Z", details: "moderate", }, ], title: "CVE-2018-13093", }, { cve: "CVE-2018-13094", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2018-13094", }, ], notes: [ { category: "general", text: "An issue was discovered in fs/xfs/libxfs/xfs_attr_leaf.c in the Linux kernel through 4.17.3. An OOPS may occur for a corrupted xfs image after xfs_da_shrink_inode() is called with a NULL bp.", title: "CVE description", }, ], product_status: { recommended: [ "SUSE Linux Enterprise Server 12 SP3:kernel-azure-4.4.155-4.16.1.x86_64", "SUSE Linux Enterprise Server 12 SP3:kernel-azure-base-4.4.155-4.16.1.x86_64", "SUSE Linux Enterprise Server 12 SP3:kernel-azure-devel-4.4.155-4.16.1.x86_64", "SUSE Linux Enterprise Server 12 SP3:kernel-devel-azure-4.4.155-4.16.1.noarch", "SUSE Linux Enterprise Server 12 SP3:kernel-source-azure-4.4.155-4.16.1.noarch", "SUSE Linux Enterprise Server 12 SP3:kernel-syms-azure-4.4.155-4.16.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-azure-4.4.155-4.16.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-azure-base-4.4.155-4.16.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-azure-devel-4.4.155-4.16.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-devel-azure-4.4.155-4.16.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-source-azure-4.4.155-4.16.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-syms-azure-4.4.155-4.16.1.x86_64", "SUSE Linux Enterprise Software Development Kit 12 SP3:kernel-docs-azure-4.4.155-4.16.1.noarch", ], }, references: [ { category: "external", summary: "CVE-2018-13094", url: "https://www.suse.com/security/cve/CVE-2018-13094", }, { category: "external", summary: "SUSE Bug 1087082 for CVE-2018-13094", url: "https://bugzilla.suse.com/1087082", }, { category: "external", summary: "SUSE Bug 1100000 for CVE-2018-13094", url: "https://bugzilla.suse.com/1100000", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE Linux Enterprise Server 12 SP3:kernel-azure-4.4.155-4.16.1.x86_64", "SUSE Linux Enterprise Server 12 SP3:kernel-azure-base-4.4.155-4.16.1.x86_64", "SUSE Linux Enterprise Server 12 SP3:kernel-azure-devel-4.4.155-4.16.1.x86_64", "SUSE Linux Enterprise Server 12 SP3:kernel-devel-azure-4.4.155-4.16.1.noarch", "SUSE Linux Enterprise Server 12 SP3:kernel-source-azure-4.4.155-4.16.1.noarch", "SUSE Linux Enterprise Server 12 SP3:kernel-syms-azure-4.4.155-4.16.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-azure-4.4.155-4.16.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-azure-base-4.4.155-4.16.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-azure-devel-4.4.155-4.16.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-devel-azure-4.4.155-4.16.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-source-azure-4.4.155-4.16.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-syms-azure-4.4.155-4.16.1.x86_64", "SUSE Linux Enterprise Software Development Kit 12 SP3:kernel-docs-azure-4.4.155-4.16.1.noarch", ], }, ], scores: [ { cvss_v3: { baseScore: 5.5, baseSeverity: "MEDIUM", vectorString: "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H", version: "3.0", }, products: [ "SUSE Linux Enterprise Server 12 SP3:kernel-azure-4.4.155-4.16.1.x86_64", "SUSE Linux Enterprise Server 12 SP3:kernel-azure-base-4.4.155-4.16.1.x86_64", "SUSE Linux Enterprise Server 12 SP3:kernel-azure-devel-4.4.155-4.16.1.x86_64", "SUSE Linux Enterprise Server 12 SP3:kernel-devel-azure-4.4.155-4.16.1.noarch", "SUSE Linux Enterprise Server 12 SP3:kernel-source-azure-4.4.155-4.16.1.noarch", "SUSE Linux Enterprise Server 12 SP3:kernel-syms-azure-4.4.155-4.16.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-azure-4.4.155-4.16.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-azure-base-4.4.155-4.16.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-azure-devel-4.4.155-4.16.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-devel-azure-4.4.155-4.16.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-source-azure-4.4.155-4.16.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-syms-azure-4.4.155-4.16.1.x86_64", "SUSE Linux Enterprise Software Development Kit 12 SP3:kernel-docs-azure-4.4.155-4.16.1.noarch", ], }, ], threats: [ { category: "impact", date: "2018-09-25T13:02:46Z", details: "moderate", }, ], title: "CVE-2018-13094", }, { cve: "CVE-2018-13095", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2018-13095", }, ], notes: [ { category: "general", text: "An issue was discovered in fs/xfs/libxfs/xfs_inode_buf.c in the Linux kernel through 4.17.3. A denial of service (memory corruption and BUG) can occur for a corrupted xfs image upon encountering an inode that is in extent format, but has more extents than fit in the inode fork.", title: "CVE description", }, ], product_status: { recommended: [ "SUSE Linux Enterprise Server 12 SP3:kernel-azure-4.4.155-4.16.1.x86_64", "SUSE Linux Enterprise Server 12 SP3:kernel-azure-base-4.4.155-4.16.1.x86_64", "SUSE Linux Enterprise Server 12 SP3:kernel-azure-devel-4.4.155-4.16.1.x86_64", "SUSE Linux Enterprise Server 12 SP3:kernel-devel-azure-4.4.155-4.16.1.noarch", "SUSE Linux Enterprise Server 12 SP3:kernel-source-azure-4.4.155-4.16.1.noarch", "SUSE Linux Enterprise Server 12 SP3:kernel-syms-azure-4.4.155-4.16.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-azure-4.4.155-4.16.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-azure-base-4.4.155-4.16.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-azure-devel-4.4.155-4.16.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-devel-azure-4.4.155-4.16.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-source-azure-4.4.155-4.16.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-syms-azure-4.4.155-4.16.1.x86_64", "SUSE Linux Enterprise Software Development Kit 12 SP3:kernel-docs-azure-4.4.155-4.16.1.noarch", ], }, references: [ { category: "external", summary: "CVE-2018-13095", url: "https://www.suse.com/security/cve/CVE-2018-13095", }, { category: "external", summary: "SUSE Bug 1099999 for CVE-2018-13095", url: "https://bugzilla.suse.com/1099999", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE Linux Enterprise Server 12 SP3:kernel-azure-4.4.155-4.16.1.x86_64", "SUSE Linux Enterprise Server 12 SP3:kernel-azure-base-4.4.155-4.16.1.x86_64", "SUSE Linux Enterprise Server 12 SP3:kernel-azure-devel-4.4.155-4.16.1.x86_64", "SUSE Linux Enterprise Server 12 SP3:kernel-devel-azure-4.4.155-4.16.1.noarch", "SUSE Linux Enterprise Server 12 SP3:kernel-source-azure-4.4.155-4.16.1.noarch", "SUSE Linux Enterprise Server 12 SP3:kernel-syms-azure-4.4.155-4.16.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-azure-4.4.155-4.16.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-azure-base-4.4.155-4.16.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-azure-devel-4.4.155-4.16.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-devel-azure-4.4.155-4.16.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-source-azure-4.4.155-4.16.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-syms-azure-4.4.155-4.16.1.x86_64", "SUSE Linux Enterprise Software Development Kit 12 SP3:kernel-docs-azure-4.4.155-4.16.1.noarch", ], }, ], scores: [ { cvss_v3: { baseScore: 6.1, baseSeverity: "MEDIUM", vectorString: "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:H", version: "3.0", }, products: [ "SUSE Linux Enterprise Server 12 SP3:kernel-azure-4.4.155-4.16.1.x86_64", "SUSE Linux Enterprise Server 12 SP3:kernel-azure-base-4.4.155-4.16.1.x86_64", "SUSE Linux Enterprise Server 12 SP3:kernel-azure-devel-4.4.155-4.16.1.x86_64", "SUSE Linux Enterprise Server 12 SP3:kernel-devel-azure-4.4.155-4.16.1.noarch", "SUSE Linux Enterprise Server 12 SP3:kernel-source-azure-4.4.155-4.16.1.noarch", "SUSE Linux Enterprise Server 12 SP3:kernel-syms-azure-4.4.155-4.16.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-azure-4.4.155-4.16.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-azure-base-4.4.155-4.16.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-azure-devel-4.4.155-4.16.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-devel-azure-4.4.155-4.16.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-source-azure-4.4.155-4.16.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-syms-azure-4.4.155-4.16.1.x86_64", "SUSE Linux Enterprise Software Development Kit 12 SP3:kernel-docs-azure-4.4.155-4.16.1.noarch", ], }, ], threats: [ { category: "impact", date: "2018-09-25T13:02:46Z", details: "moderate", }, ], title: "CVE-2018-13095", }, { cve: "CVE-2018-15572", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2018-15572", }, ], notes: [ { category: "general", text: "The spectre_v2_select_mitigation function in arch/x86/kernel/cpu/bugs.c in the Linux kernel before 4.18.1 does not always fill RSB upon a context switch, which makes it easier for attackers to conduct userspace-userspace spectreRSB attacks.", title: "CVE description", }, ], product_status: { recommended: [ "SUSE Linux Enterprise Server 12 SP3:kernel-azure-4.4.155-4.16.1.x86_64", "SUSE Linux Enterprise Server 12 SP3:kernel-azure-base-4.4.155-4.16.1.x86_64", "SUSE Linux Enterprise Server 12 SP3:kernel-azure-devel-4.4.155-4.16.1.x86_64", "SUSE Linux Enterprise Server 12 SP3:kernel-devel-azure-4.4.155-4.16.1.noarch", "SUSE Linux Enterprise Server 12 SP3:kernel-source-azure-4.4.155-4.16.1.noarch", "SUSE Linux Enterprise Server 12 SP3:kernel-syms-azure-4.4.155-4.16.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-azure-4.4.155-4.16.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-azure-base-4.4.155-4.16.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-azure-devel-4.4.155-4.16.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-devel-azure-4.4.155-4.16.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-source-azure-4.4.155-4.16.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-syms-azure-4.4.155-4.16.1.x86_64", "SUSE Linux Enterprise Software Development Kit 12 SP3:kernel-docs-azure-4.4.155-4.16.1.noarch", ], }, references: [ { category: "external", summary: "CVE-2018-15572", url: "https://www.suse.com/security/cve/CVE-2018-15572", }, { category: "external", summary: "SUSE Bug 1102517 for CVE-2018-15572", url: "https://bugzilla.suse.com/1102517", }, { category: "external", summary: "SUSE Bug 1105296 for CVE-2018-15572", url: "https://bugzilla.suse.com/1105296", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE Linux Enterprise Server 12 SP3:kernel-azure-4.4.155-4.16.1.x86_64", "SUSE Linux Enterprise Server 12 SP3:kernel-azure-base-4.4.155-4.16.1.x86_64", "SUSE Linux Enterprise Server 12 SP3:kernel-azure-devel-4.4.155-4.16.1.x86_64", "SUSE Linux Enterprise Server 12 SP3:kernel-devel-azure-4.4.155-4.16.1.noarch", "SUSE Linux Enterprise Server 12 SP3:kernel-source-azure-4.4.155-4.16.1.noarch", "SUSE Linux Enterprise Server 12 SP3:kernel-syms-azure-4.4.155-4.16.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-azure-4.4.155-4.16.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-azure-base-4.4.155-4.16.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-azure-devel-4.4.155-4.16.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-devel-azure-4.4.155-4.16.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-source-azure-4.4.155-4.16.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-syms-azure-4.4.155-4.16.1.x86_64", "SUSE Linux Enterprise Software Development Kit 12 SP3:kernel-docs-azure-4.4.155-4.16.1.noarch", ], }, ], scores: [ { cvss_v3: { baseScore: 4.7, baseSeverity: "MEDIUM", vectorString: "CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N", version: "3.0", }, products: [ "SUSE Linux Enterprise Server 12 SP3:kernel-azure-4.4.155-4.16.1.x86_64", "SUSE Linux Enterprise Server 12 SP3:kernel-azure-base-4.4.155-4.16.1.x86_64", "SUSE Linux Enterprise Server 12 SP3:kernel-azure-devel-4.4.155-4.16.1.x86_64", "SUSE Linux Enterprise Server 12 SP3:kernel-devel-azure-4.4.155-4.16.1.noarch", "SUSE Linux Enterprise Server 12 SP3:kernel-source-azure-4.4.155-4.16.1.noarch", "SUSE Linux Enterprise Server 12 SP3:kernel-syms-azure-4.4.155-4.16.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-azure-4.4.155-4.16.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-azure-base-4.4.155-4.16.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-azure-devel-4.4.155-4.16.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-devel-azure-4.4.155-4.16.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-source-azure-4.4.155-4.16.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-syms-azure-4.4.155-4.16.1.x86_64", "SUSE Linux Enterprise Software Development Kit 12 SP3:kernel-docs-azure-4.4.155-4.16.1.noarch", ], }, ], threats: [ { category: "impact", date: "2018-09-25T13:02:46Z", details: "important", }, ], title: "CVE-2018-15572", }, { cve: "CVE-2018-16658", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2018-16658", }, ], notes: [ { category: "general", text: "An issue was discovered in the Linux kernel before 4.18.6. An information leak in cdrom_ioctl_drive_status in drivers/cdrom/cdrom.c could be used by local attackers to read kernel memory because a cast from unsigned long to int interferes with bounds checking. This is similar to CVE-2018-10940.", title: "CVE description", }, ], product_status: { recommended: [ "SUSE Linux Enterprise Server 12 SP3:kernel-azure-4.4.155-4.16.1.x86_64", "SUSE Linux Enterprise Server 12 SP3:kernel-azure-base-4.4.155-4.16.1.x86_64", "SUSE Linux Enterprise Server 12 SP3:kernel-azure-devel-4.4.155-4.16.1.x86_64", "SUSE Linux Enterprise Server 12 SP3:kernel-devel-azure-4.4.155-4.16.1.noarch", "SUSE Linux Enterprise Server 12 SP3:kernel-source-azure-4.4.155-4.16.1.noarch", "SUSE Linux Enterprise Server 12 SP3:kernel-syms-azure-4.4.155-4.16.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-azure-4.4.155-4.16.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-azure-base-4.4.155-4.16.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-azure-devel-4.4.155-4.16.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-devel-azure-4.4.155-4.16.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-source-azure-4.4.155-4.16.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-syms-azure-4.4.155-4.16.1.x86_64", "SUSE Linux Enterprise Software Development Kit 12 SP3:kernel-docs-azure-4.4.155-4.16.1.noarch", ], }, references: [ { category: "external", summary: "CVE-2018-16658", url: "https://www.suse.com/security/cve/CVE-2018-16658", }, { category: "external", summary: "SUSE Bug 1092903 for CVE-2018-16658", url: "https://bugzilla.suse.com/1092903", }, { category: "external", summary: "SUSE Bug 1107689 for CVE-2018-16658", url: "https://bugzilla.suse.com/1107689", }, { category: "external", summary: "SUSE Bug 1113751 for CVE-2018-16658", url: "https://bugzilla.suse.com/1113751", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE Linux Enterprise Server 12 SP3:kernel-azure-4.4.155-4.16.1.x86_64", "SUSE Linux Enterprise Server 12 SP3:kernel-azure-base-4.4.155-4.16.1.x86_64", "SUSE Linux Enterprise Server 12 SP3:kernel-azure-devel-4.4.155-4.16.1.x86_64", "SUSE Linux Enterprise Server 12 SP3:kernel-devel-azure-4.4.155-4.16.1.noarch", "SUSE Linux Enterprise Server 12 SP3:kernel-source-azure-4.4.155-4.16.1.noarch", "SUSE Linux Enterprise Server 12 SP3:kernel-syms-azure-4.4.155-4.16.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-azure-4.4.155-4.16.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-azure-base-4.4.155-4.16.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-azure-devel-4.4.155-4.16.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-devel-azure-4.4.155-4.16.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-source-azure-4.4.155-4.16.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-syms-azure-4.4.155-4.16.1.x86_64", "SUSE Linux Enterprise Software Development Kit 12 SP3:kernel-docs-azure-4.4.155-4.16.1.noarch", ], }, ], scores: [ { cvss_v3: { baseScore: 4, baseSeverity: "MEDIUM", vectorString: "CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N", version: "3.0", }, products: [ "SUSE Linux Enterprise Server 12 SP3:kernel-azure-4.4.155-4.16.1.x86_64", "SUSE Linux Enterprise Server 12 SP3:kernel-azure-base-4.4.155-4.16.1.x86_64", "SUSE Linux Enterprise Server 12 SP3:kernel-azure-devel-4.4.155-4.16.1.x86_64", "SUSE Linux Enterprise Server 12 SP3:kernel-devel-azure-4.4.155-4.16.1.noarch", "SUSE Linux Enterprise Server 12 SP3:kernel-source-azure-4.4.155-4.16.1.noarch", "SUSE Linux Enterprise Server 12 SP3:kernel-syms-azure-4.4.155-4.16.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-azure-4.4.155-4.16.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-azure-base-4.4.155-4.16.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-azure-devel-4.4.155-4.16.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-devel-azure-4.4.155-4.16.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-source-azure-4.4.155-4.16.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-syms-azure-4.4.155-4.16.1.x86_64", "SUSE Linux Enterprise Software Development Kit 12 SP3:kernel-docs-azure-4.4.155-4.16.1.noarch", ], }, ], threats: [ { category: "impact", date: "2018-09-25T13:02:46Z", details: "low", }, ], title: "CVE-2018-16658", }, { cve: "CVE-2018-6554", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2018-6554", }, ], notes: [ { category: "general", text: "Memory leak in the irda_bind function in net/irda/af_irda.c and later in drivers/staging/irda/net/af_irda.c in the Linux kernel before 4.17 allows local users to cause a denial of service (memory consumption) by repeatedly binding an AF_IRDA socket.", title: "CVE description", }, ], product_status: { recommended: [ "SUSE Linux Enterprise Server 12 SP3:kernel-azure-4.4.155-4.16.1.x86_64", "SUSE Linux Enterprise Server 12 SP3:kernel-azure-base-4.4.155-4.16.1.x86_64", "SUSE Linux Enterprise Server 12 SP3:kernel-azure-devel-4.4.155-4.16.1.x86_64", "SUSE Linux Enterprise Server 12 SP3:kernel-devel-azure-4.4.155-4.16.1.noarch", "SUSE Linux Enterprise Server 12 SP3:kernel-source-azure-4.4.155-4.16.1.noarch", "SUSE Linux Enterprise Server 12 SP3:kernel-syms-azure-4.4.155-4.16.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-azure-4.4.155-4.16.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-azure-base-4.4.155-4.16.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-azure-devel-4.4.155-4.16.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-devel-azure-4.4.155-4.16.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-source-azure-4.4.155-4.16.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-syms-azure-4.4.155-4.16.1.x86_64", "SUSE Linux Enterprise Software Development Kit 12 SP3:kernel-docs-azure-4.4.155-4.16.1.noarch", ], }, references: [ { category: "external", summary: "CVE-2018-6554", url: "https://www.suse.com/security/cve/CVE-2018-6554", }, { category: "external", summary: "SUSE Bug 1106509 for CVE-2018-6554", url: "https://bugzilla.suse.com/1106509", }, { category: "external", summary: "SUSE Bug 1106511 for CVE-2018-6554", url: "https://bugzilla.suse.com/1106511", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE Linux Enterprise Server 12 SP3:kernel-azure-4.4.155-4.16.1.x86_64", "SUSE Linux Enterprise Server 12 SP3:kernel-azure-base-4.4.155-4.16.1.x86_64", "SUSE Linux Enterprise Server 12 SP3:kernel-azure-devel-4.4.155-4.16.1.x86_64", "SUSE Linux Enterprise Server 12 SP3:kernel-devel-azure-4.4.155-4.16.1.noarch", "SUSE Linux Enterprise Server 12 SP3:kernel-source-azure-4.4.155-4.16.1.noarch", "SUSE Linux Enterprise Server 12 SP3:kernel-syms-azure-4.4.155-4.16.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-azure-4.4.155-4.16.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-azure-base-4.4.155-4.16.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-azure-devel-4.4.155-4.16.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-devel-azure-4.4.155-4.16.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-source-azure-4.4.155-4.16.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-syms-azure-4.4.155-4.16.1.x86_64", "SUSE Linux Enterprise Software Development Kit 12 SP3:kernel-docs-azure-4.4.155-4.16.1.noarch", ], }, ], scores: [ { cvss_v3: { baseScore: 3.3, baseSeverity: "LOW", vectorString: "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L", version: "3.0", }, products: [ "SUSE Linux Enterprise Server 12 SP3:kernel-azure-4.4.155-4.16.1.x86_64", "SUSE Linux Enterprise Server 12 SP3:kernel-azure-base-4.4.155-4.16.1.x86_64", "SUSE Linux Enterprise Server 12 SP3:kernel-azure-devel-4.4.155-4.16.1.x86_64", "SUSE Linux Enterprise Server 12 SP3:kernel-devel-azure-4.4.155-4.16.1.noarch", "SUSE Linux Enterprise Server 12 SP3:kernel-source-azure-4.4.155-4.16.1.noarch", "SUSE Linux Enterprise Server 12 SP3:kernel-syms-azure-4.4.155-4.16.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-azure-4.4.155-4.16.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-azure-base-4.4.155-4.16.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-azure-devel-4.4.155-4.16.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-devel-azure-4.4.155-4.16.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-source-azure-4.4.155-4.16.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-syms-azure-4.4.155-4.16.1.x86_64", "SUSE Linux Enterprise Software Development Kit 12 SP3:kernel-docs-azure-4.4.155-4.16.1.noarch", ], }, ], threats: [ { category: "impact", date: "2018-09-25T13:02:46Z", details: "low", }, ], title: "CVE-2018-6554", }, { cve: "CVE-2018-6555", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2018-6555", }, ], notes: [ { category: "general", text: "The irda_setsockopt function in net/irda/af_irda.c and later in drivers/staging/irda/net/af_irda.c in the Linux kernel before 4.17 allows local users to cause a denial of service (ias_object use-after-free and system crash) or possibly have unspecified other impact via an AF_IRDA socket.", title: "CVE description", }, ], product_status: { recommended: [ "SUSE Linux Enterprise Server 12 SP3:kernel-azure-4.4.155-4.16.1.x86_64", "SUSE Linux Enterprise Server 12 SP3:kernel-azure-base-4.4.155-4.16.1.x86_64", "SUSE Linux Enterprise Server 12 SP3:kernel-azure-devel-4.4.155-4.16.1.x86_64", "SUSE Linux Enterprise Server 12 SP3:kernel-devel-azure-4.4.155-4.16.1.noarch", "SUSE Linux Enterprise Server 12 SP3:kernel-source-azure-4.4.155-4.16.1.noarch", "SUSE Linux Enterprise Server 12 SP3:kernel-syms-azure-4.4.155-4.16.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-azure-4.4.155-4.16.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-azure-base-4.4.155-4.16.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-azure-devel-4.4.155-4.16.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-devel-azure-4.4.155-4.16.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-source-azure-4.4.155-4.16.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-syms-azure-4.4.155-4.16.1.x86_64", "SUSE Linux Enterprise Software Development Kit 12 SP3:kernel-docs-azure-4.4.155-4.16.1.noarch", ], }, references: [ { category: "external", summary: "CVE-2018-6555", url: "https://www.suse.com/security/cve/CVE-2018-6555", }, { category: "external", summary: "SUSE Bug 1106509 for CVE-2018-6555", url: "https://bugzilla.suse.com/1106509", }, { category: "external", summary: "SUSE Bug 1106511 for CVE-2018-6555", url: "https://bugzilla.suse.com/1106511", }, { category: "external", summary: "SUSE Bug 1115893 for CVE-2018-6555", url: "https://bugzilla.suse.com/1115893", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE Linux Enterprise Server 12 SP3:kernel-azure-4.4.155-4.16.1.x86_64", "SUSE Linux Enterprise Server 12 SP3:kernel-azure-base-4.4.155-4.16.1.x86_64", "SUSE Linux Enterprise Server 12 SP3:kernel-azure-devel-4.4.155-4.16.1.x86_64", "SUSE Linux Enterprise Server 12 SP3:kernel-devel-azure-4.4.155-4.16.1.noarch", "SUSE Linux Enterprise Server 12 SP3:kernel-source-azure-4.4.155-4.16.1.noarch", "SUSE Linux Enterprise Server 12 SP3:kernel-syms-azure-4.4.155-4.16.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-azure-4.4.155-4.16.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-azure-base-4.4.155-4.16.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-azure-devel-4.4.155-4.16.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-devel-azure-4.4.155-4.16.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-source-azure-4.4.155-4.16.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-syms-azure-4.4.155-4.16.1.x86_64", "SUSE Linux Enterprise Software Development Kit 12 SP3:kernel-docs-azure-4.4.155-4.16.1.noarch", ], }, ], scores: [ { cvss_v3: { baseScore: 4.4, baseSeverity: "MEDIUM", vectorString: "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:L", version: "3.0", }, products: [ "SUSE Linux Enterprise Server 12 SP3:kernel-azure-4.4.155-4.16.1.x86_64", "SUSE Linux Enterprise Server 12 SP3:kernel-azure-base-4.4.155-4.16.1.x86_64", "SUSE Linux Enterprise Server 12 SP3:kernel-azure-devel-4.4.155-4.16.1.x86_64", "SUSE Linux Enterprise Server 12 SP3:kernel-devel-azure-4.4.155-4.16.1.noarch", "SUSE Linux Enterprise Server 12 SP3:kernel-source-azure-4.4.155-4.16.1.noarch", "SUSE Linux Enterprise Server 12 SP3:kernel-syms-azure-4.4.155-4.16.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-azure-4.4.155-4.16.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-azure-base-4.4.155-4.16.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-azure-devel-4.4.155-4.16.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-devel-azure-4.4.155-4.16.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-source-azure-4.4.155-4.16.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-syms-azure-4.4.155-4.16.1.x86_64", "SUSE Linux Enterprise Software Development Kit 12 SP3:kernel-docs-azure-4.4.155-4.16.1.noarch", ], }, ], threats: [ { category: "impact", date: "2018-09-25T13:02:46Z", details: "moderate", }, ], title: "CVE-2018-6555", }, { cve: "CVE-2018-9363", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2018-9363", }, ], notes: [ { category: "general", text: "In the hidp_process_report in bluetooth, there is an integer overflow. This could lead to an out of bounds write with no additional execution privileges needed. User interaction is not needed for exploitation. Product: Android Versions: Android kernel Android ID: A-65853588 References: Upstream kernel.", title: "CVE description", }, ], product_status: { recommended: [ "SUSE Linux Enterprise Server 12 SP3:kernel-azure-4.4.155-4.16.1.x86_64", "SUSE Linux Enterprise Server 12 SP3:kernel-azure-base-4.4.155-4.16.1.x86_64", "SUSE Linux Enterprise Server 12 SP3:kernel-azure-devel-4.4.155-4.16.1.x86_64", "SUSE Linux Enterprise Server 12 SP3:kernel-devel-azure-4.4.155-4.16.1.noarch", "SUSE Linux Enterprise Server 12 SP3:kernel-source-azure-4.4.155-4.16.1.noarch", "SUSE Linux Enterprise Server 12 SP3:kernel-syms-azure-4.4.155-4.16.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-azure-4.4.155-4.16.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-azure-base-4.4.155-4.16.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-azure-devel-4.4.155-4.16.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-devel-azure-4.4.155-4.16.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-source-azure-4.4.155-4.16.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-syms-azure-4.4.155-4.16.1.x86_64", "SUSE Linux Enterprise Software Development Kit 12 SP3:kernel-docs-azure-4.4.155-4.16.1.noarch", ], }, references: [ { category: "external", summary: "CVE-2018-9363", url: "https://www.suse.com/security/cve/CVE-2018-9363", }, { category: "external", summary: "SUSE Bug 1087082 for CVE-2018-9363", url: "https://bugzilla.suse.com/1087082", }, { category: "external", summary: "SUSE Bug 1105292 for CVE-2018-9363", url: "https://bugzilla.suse.com/1105292", }, { category: "external", summary: "SUSE Bug 1105293 for CVE-2018-9363", url: "https://bugzilla.suse.com/1105293", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE Linux Enterprise Server 12 SP3:kernel-azure-4.4.155-4.16.1.x86_64", "SUSE Linux Enterprise Server 12 SP3:kernel-azure-base-4.4.155-4.16.1.x86_64", "SUSE Linux Enterprise Server 12 SP3:kernel-azure-devel-4.4.155-4.16.1.x86_64", "SUSE Linux Enterprise Server 12 SP3:kernel-devel-azure-4.4.155-4.16.1.noarch", "SUSE Linux Enterprise Server 12 SP3:kernel-source-azure-4.4.155-4.16.1.noarch", "SUSE Linux Enterprise Server 12 SP3:kernel-syms-azure-4.4.155-4.16.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-azure-4.4.155-4.16.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-azure-base-4.4.155-4.16.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-azure-devel-4.4.155-4.16.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-devel-azure-4.4.155-4.16.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-source-azure-4.4.155-4.16.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-syms-azure-4.4.155-4.16.1.x86_64", "SUSE Linux Enterprise Software Development Kit 12 SP3:kernel-docs-azure-4.4.155-4.16.1.noarch", ], }, ], scores: [ { cvss_v3: { baseScore: 8, baseSeverity: "HIGH", vectorString: "CVSS:3.0/AV:A/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H", version: "3.0", }, products: [ "SUSE Linux Enterprise Server 12 SP3:kernel-azure-4.4.155-4.16.1.x86_64", "SUSE Linux Enterprise Server 12 SP3:kernel-azure-base-4.4.155-4.16.1.x86_64", "SUSE Linux Enterprise Server 12 SP3:kernel-azure-devel-4.4.155-4.16.1.x86_64", "SUSE Linux Enterprise Server 12 SP3:kernel-devel-azure-4.4.155-4.16.1.noarch", "SUSE Linux Enterprise Server 12 SP3:kernel-source-azure-4.4.155-4.16.1.noarch", "SUSE Linux Enterprise Server 12 SP3:kernel-syms-azure-4.4.155-4.16.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-azure-4.4.155-4.16.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-azure-base-4.4.155-4.16.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-azure-devel-4.4.155-4.16.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-devel-azure-4.4.155-4.16.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-source-azure-4.4.155-4.16.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-syms-azure-4.4.155-4.16.1.x86_64", "SUSE Linux Enterprise Software Development Kit 12 SP3:kernel-docs-azure-4.4.155-4.16.1.noarch", ], }, ], threats: [ { category: "impact", date: "2018-09-25T13:02:46Z", details: "important", }, ], title: "CVE-2018-9363", }, ], }
suse-su-2018:2908-1
Vulnerability from csaf_suse
Published
2018-09-27 15:01
Modified
2018-09-27 15:01
Summary
Security update for the Linux Kernel
Notes
Title of the patch
Security update for the Linux Kernel
Description of the patch
The SUSE Linux Enterprise 12 SP1 kernel was updated receive various security and bugfixes.
The following security bugs were fixed:
- CVE-2018-14634: Prevent integer overflow in create_elf_tables that allowed a
local attacker to exploit this vulnerability via a SUID-root binary and obtain
full root privileges (bsc#1108912)
- CVE-2018-14617: Prevent NULL pointer dereference and panic in
hfsplus_lookup() when opening a file (that is purportedly a hard link) in an
hfs+ filesystem that has malformed catalog data, and is mounted read-only
without a metadata directory (bsc#1102870)
- CVE-2018-16276: Incorrect bounds checking in the yurex USB driver in
yurex_read allowed local attackers to use user access read/writes to crash the
kernel or potentially escalate privileges (bsc#1106095)
- CVE-2018-12896: Prevent integer overflow in the POSIX timer code that was
caused by the way the overrun accounting works. Depending on interval and
expiry time values, the overrun can be larger than INT_MAX, but the accounting
is int based. This basically made the accounting values, which are visible to
user space via timer_getoverrun(2) and siginfo::si_overrun, random. This
allowed a local user to cause a denial of service (signed integer overflow) via
crafted mmap, futex, timer_create, and timer_settime system calls (bnc#1099922)
- CVE-2018-13093: Prevent NULL pointer dereference and panic in lookup_slow()
on a NULL inode->i_ops pointer when doing pathwalks on a corrupted xfs image.
This occured because of a lack of proper validation that cached inodes are free
during allocation (bnc#1100001)
- CVE-2018-10940: The cdrom_ioctl_media_changed function allowed local
attackers to use a incorrect bounds check in the CDROM driver
CDROM_MEDIA_CHANGED ioctl to read out kernel memory (bsc#1092903)
- CVE-2018-16658: Prevent information leak in cdrom_ioctl_drive_status that
could have been used by local attackers to read kernel memory (bnc#1107689)
- CVE-2018-6555: The irda_setsockopt function allowed local users to cause a
denial of service (ias_object use-after-free and system crash) or possibly have
unspecified other impact via an AF_IRDA socket (bnc#1106511)
- CVE-2018-6554: Prevent memory leak in the irda_bind function that allowed
local users to cause a denial of service (memory consumption) by repeatedly
binding an AF_IRDA socket (bnc#1106509)
- CVE-2018-10902: Protect against concurrent access to prevent double realloc
(double free) in snd_rawmidi_input_params() and snd_rawmidi_output_status(). A
malicious local attacker could have used this for privilege escalation
(bnc#1105322)
- CVE-2018-10879: A local user could have caused a use-after-free in
ext4_xattr_set_entry function and a denial of service or unspecified other
impact by renaming a file in a crafted ext4 filesystem image (bsc#1099844)
- CVE-2018-10883: A local user could have caused an out-of-bounds write in
jbd2_journal_dirty_metadata(), a denial of service, and a system crash by
mounting and operating on a crafted ext4 filesystem image (bsc#1099863)
- CVE-2018-10880: Prevent stack-out-of-bounds write in the ext4 filesystem code
when mounting and writing to a crafted ext4 image in ext4_update_inline_data().
An attacker could have used this to cause a system crash and a denial of
service (bsc#1099845)
- CVE-2018-10882: A local user could have caused an out-of-bound write, a
denial of service, and a system crash by unmounting a crafted ext4 filesystem
image (bsc#1099849)
- CVE-2018-10881: A local user could have caused an out-of-bound access in
ext4_get_group_info function, a denial of service, and a system crash by
mounting and operating on a crafted ext4 filesystem image (bsc#1099864)
- CVE-2018-10877: Prevent out-of-bound access in the ext4_ext_drop_refs()
function when operating on a crafted ext4 filesystem image (bsc#1099846)
- CVE-2018-10876: A use-after-free was possible in ext4_ext_remove_space()
function when mounting and operating a crafted ext4 image (bsc#1099811)
- CVE-2018-10878: A local user could have caused an out-of-bounds write and a
denial of service or unspecified other impact by mounting and operating a
crafted ext4 filesystem image (bsc#1099813)
- CVE-2018-10853: The KVM hypervisor did not check current privilege(CPL) level
while emulating unprivileged instructions. An unprivileged guest user/process
could have used this flaw to potentially escalate privileges inside guest
(bsc#1097104).
The following non-security bugs were fixed:
- KEYS: prevent creating a different user's keyrings (bnc#1065999).
- KVM: MMU: always terminate page walks at level 1 (bsc#1062604).
- KVM: MMU: simplify last_pte_bitmap (bsc#1062604).
- KVM: VMX: Work around kABI breakage in 'enum vmx_l1d_flush_state' (bsc#1106369).
- KVM: VMX: fixes for vmentry_l1d_flush module parameter (bsc#1106369).
- KVM: nVMX: update last_nonleaf_level when initializing nested EPT (bsc#1062604).
- Refresh patches.xen/xen3-x86-l1tf-04-protect-PROT_NONE-ptes.patch (bsc#1105100).
- Do not report CPU affected by L1TF when ARCH_CAP_RDCL_NO bit is set (bsc#1104906).
- Revert '- Disable patches.arch/x86-mm-Simplify-p-g4um-d_page-macros.patch' (bnc#1104818)
- bcache: avoid unncessary cache prefetch bch_btree_node_get().
- bcache: calculate the number of incremental GC nodes according to the total of btree nodes.
- bcache: display rate debug parameters to 0 when writeback is not running.
- bcache: do not check return value of debugfs_create_dir().
- bcache: finish incremental GC.
- bcache: fix I/O significant decline while backend devices registering.
- bcache: fix error setting writeback_rate through sysfs interface (bsc#1064233).
- bcache: free heap cache_set->flush_btree in bch_journal_free.
- bcache: make the pr_err statement used for ENOENT only in sysfs_attatch section.
- bcache: release dc->writeback_lock properly in bch_writeback_thread().
- bcache: set max writeback rate when I/O request is idle (bsc#1064233).
- bcache: simplify the calculation of the total amount of flash dirty data.
- cifs: Fix infinite loop when using hard mount option (bsc#1091171).
- ext4: check for allocation block validity with block group locked (bsc#1104495).
- ext4: do not update checksum of new initialized bitmaps (bnc#1012382).
- ext4: fix check to prevent initializing reserved inodes (bsc#1104319).
- ext4: fix false negatives *and* false positives in ext4_check_descriptors() (bsc#1103445).
- restore cond_resched() in shrink_dcache_parent().
- usbip: vhci_sysfs: fix potential Spectre v1 (bsc#1096547).
- x86, l1tf: Protect PROT_NONE PTEs against speculation fixup (bnc#1104818).
- x86/speculation: Use ARCH_CAPABILITIES to skip L1D flush on vmentry (bsc#1106369).
- xen, x86, l1tf: Protect PROT_NONE PTEs against speculation fixup (bnc#1104818).
- xfs: Remove dead code from inode recover function (bsc#1105396).
- xfs: convert XFS_AGFL_SIZE to a helper function (bsc#1090955, bsc#1090534).
- xfs: detect agfl count corruption and reset agfl (bsc#1090955, bsc#1090534).
- xfs: do not log/recover swapext extent owner changes for deleted inodes (bsc#1090955).
- xfs: protect inode ->di_dmstate with a spinlock (bsc#1024788).
- xfs: repair malformed inode items during log recovery (bsc#1105396).
Patchnames
SUSE-SLE-Module-Public-Cloud-12-2018-2063,SUSE-SLE-SERVER-12-SP1-2018-2063
Terms of use
CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).
{ document: { aggregate_severity: { namespace: "https://www.suse.com/support/security/rating/", text: "important", }, category: "csaf_security_advisory", csaf_version: "2.0", distribution: { text: "Copyright 2024 SUSE LLC. All rights reserved.", tlp: { label: "WHITE", url: "https://www.first.org/tlp/", }, }, lang: "en", notes: [ { category: "summary", text: "Security update for the Linux Kernel", title: "Title of the patch", }, { category: "description", text: "\nThe SUSE Linux Enterprise 12 SP1 kernel was updated receive various security and bugfixes.\n\nThe following security bugs were fixed:\n\n- CVE-2018-14634: Prevent integer overflow in create_elf_tables that allowed a\n local attacker to exploit this vulnerability via a SUID-root binary and obtain\n full root privileges (bsc#1108912)\n- CVE-2018-14617: Prevent NULL pointer dereference and panic in\n hfsplus_lookup() when opening a file (that is purportedly a hard link) in an\n hfs+ filesystem that has malformed catalog data, and is mounted read-only\n without a metadata directory (bsc#1102870)\n- CVE-2018-16276: Incorrect bounds checking in the yurex USB driver in\n yurex_read allowed local attackers to use user access read/writes to crash the\n kernel or potentially escalate privileges (bsc#1106095)\n- CVE-2018-12896: Prevent integer overflow in the POSIX timer code that was\n caused by the way the overrun accounting works. Depending on interval and\n expiry time values, the overrun can be larger than INT_MAX, but the accounting\n is int based. This basically made the accounting values, which are visible to\n user space via timer_getoverrun(2) and siginfo::si_overrun, random. This\n allowed a local user to cause a denial of service (signed integer overflow) via\n crafted mmap, futex, timer_create, and timer_settime system calls (bnc#1099922)\n- CVE-2018-13093: Prevent NULL pointer dereference and panic in lookup_slow()\n on a NULL inode->i_ops pointer when doing pathwalks on a corrupted xfs image.\n This occured because of a lack of proper validation that cached inodes are free\n during allocation (bnc#1100001)\n- CVE-2018-10940: The cdrom_ioctl_media_changed function allowed local\n attackers to use a incorrect bounds check in the CDROM driver\n CDROM_MEDIA_CHANGED ioctl to read out kernel memory (bsc#1092903)\n- CVE-2018-16658: Prevent information leak in cdrom_ioctl_drive_status that\n could have been used by local attackers to read kernel memory (bnc#1107689)\n- CVE-2018-6555: The irda_setsockopt function allowed local users to cause a\n denial of service (ias_object use-after-free and system crash) or possibly have\n unspecified other impact via an AF_IRDA socket (bnc#1106511)\n- CVE-2018-6554: Prevent memory leak in the irda_bind function that allowed\n local users to cause a denial of service (memory consumption) by repeatedly\n binding an AF_IRDA socket (bnc#1106509)\n- CVE-2018-10902: Protect against concurrent access to prevent double realloc\n (double free) in snd_rawmidi_input_params() and snd_rawmidi_output_status(). A\n malicious local attacker could have used this for privilege escalation\n (bnc#1105322)\n- CVE-2018-10879: A local user could have caused a use-after-free in\n ext4_xattr_set_entry function and a denial of service or unspecified other\n impact by renaming a file in a crafted ext4 filesystem image (bsc#1099844)\n- CVE-2018-10883: A local user could have caused an out-of-bounds write in\n jbd2_journal_dirty_metadata(), a denial of service, and a system crash by\n mounting and operating on a crafted ext4 filesystem image (bsc#1099863)\n- CVE-2018-10880: Prevent stack-out-of-bounds write in the ext4 filesystem code\n when mounting and writing to a crafted ext4 image in ext4_update_inline_data().\n An attacker could have used this to cause a system crash and a denial of\n service (bsc#1099845)\n- CVE-2018-10882: A local user could have caused an out-of-bound write, a\n denial of service, and a system crash by unmounting a crafted ext4 filesystem\n image (bsc#1099849)\n- CVE-2018-10881: A local user could have caused an out-of-bound access in\n ext4_get_group_info function, a denial of service, and a system crash by\n mounting and operating on a crafted ext4 filesystem image (bsc#1099864)\n- CVE-2018-10877: Prevent out-of-bound access in the ext4_ext_drop_refs()\n function when operating on a crafted ext4 filesystem image (bsc#1099846)\n- CVE-2018-10876: A use-after-free was possible in ext4_ext_remove_space()\n function when mounting and operating a crafted ext4 image (bsc#1099811)\n- CVE-2018-10878: A local user could have caused an out-of-bounds write and a\n denial of service or unspecified other impact by mounting and operating a\n crafted ext4 filesystem image (bsc#1099813)\n- CVE-2018-10853: The KVM hypervisor did not check current privilege(CPL) level\n while emulating unprivileged instructions. An unprivileged guest user/process\n could have used this flaw to potentially escalate privileges inside guest\n (bsc#1097104).\n\nThe following non-security bugs were fixed:\n\n- KEYS: prevent creating a different user's keyrings (bnc#1065999).\n- KVM: MMU: always terminate page walks at level 1 (bsc#1062604).\n- KVM: MMU: simplify last_pte_bitmap (bsc#1062604).\n- KVM: VMX: Work around kABI breakage in 'enum vmx_l1d_flush_state' (bsc#1106369).\n- KVM: VMX: fixes for vmentry_l1d_flush module parameter (bsc#1106369).\n- KVM: nVMX: update last_nonleaf_level when initializing nested EPT (bsc#1062604).\n- Refresh patches.xen/xen3-x86-l1tf-04-protect-PROT_NONE-ptes.patch (bsc#1105100).\n- Do not report CPU affected by L1TF when ARCH_CAP_RDCL_NO bit is set (bsc#1104906).\n- Revert '- Disable patches.arch/x86-mm-Simplify-p-g4um-d_page-macros.patch' (bnc#1104818) \n- bcache: avoid unncessary cache prefetch bch_btree_node_get().\n- bcache: calculate the number of incremental GC nodes according to the total of btree nodes.\n- bcache: display rate debug parameters to 0 when writeback is not running.\n- bcache: do not check return value of debugfs_create_dir().\n- bcache: finish incremental GC.\n- bcache: fix I/O significant decline while backend devices registering.\n- bcache: fix error setting writeback_rate through sysfs interface (bsc#1064233).\n- bcache: free heap cache_set->flush_btree in bch_journal_free.\n- bcache: make the pr_err statement used for ENOENT only in sysfs_attatch section.\n- bcache: release dc->writeback_lock properly in bch_writeback_thread().\n- bcache: set max writeback rate when I/O request is idle (bsc#1064233).\n- bcache: simplify the calculation of the total amount of flash dirty data.\n- cifs: Fix infinite loop when using hard mount option (bsc#1091171).\n- ext4: check for allocation block validity with block group locked (bsc#1104495).\n- ext4: do not update checksum of new initialized bitmaps (bnc#1012382).\n- ext4: fix check to prevent initializing reserved inodes (bsc#1104319).\n- ext4: fix false negatives *and* false positives in ext4_check_descriptors() (bsc#1103445).\n- restore cond_resched() in shrink_dcache_parent().\n- usbip: vhci_sysfs: fix potential Spectre v1 (bsc#1096547).\n- x86, l1tf: Protect PROT_NONE PTEs against speculation fixup (bnc#1104818).\n- x86/speculation: Use ARCH_CAPABILITIES to skip L1D flush on vmentry (bsc#1106369).\n- xen, x86, l1tf: Protect PROT_NONE PTEs against speculation fixup (bnc#1104818).\n- xfs: Remove dead code from inode recover function (bsc#1105396).\n- xfs: convert XFS_AGFL_SIZE to a helper function (bsc#1090955, bsc#1090534).\n- xfs: detect agfl count corruption and reset agfl (bsc#1090955, bsc#1090534).\n- xfs: do not log/recover swapext extent owner changes for deleted inodes (bsc#1090955).\n- xfs: protect inode ->di_dmstate with a spinlock (bsc#1024788).\n- xfs: repair malformed inode items during log recovery (bsc#1105396).\n", title: "Description of the patch", }, { category: "details", text: "SUSE-SLE-Module-Public-Cloud-12-2018-2063,SUSE-SLE-SERVER-12-SP1-2018-2063", title: "Patchnames", }, { category: "legal_disclaimer", text: "CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).", title: "Terms of use", }, ], publisher: { category: "vendor", contact_details: "https://www.suse.com/support/security/contact/", name: "SUSE Product Security Team", namespace: "https://www.suse.com/", }, references: [ { category: "external", summary: "SUSE ratings", url: "https://www.suse.com/support/security/rating/", }, { category: "self", summary: "URL of this CSAF notice", url: "https://ftp.suse.com/pub/projects/security/csaf/suse-su-2018_2908-1.json", }, { category: "self", summary: "URL for SUSE-SU-2018:2908-1", url: "https://www.suse.com/support/update/announcement/2018/suse-su-20182908-1/", }, { category: "self", summary: "E-Mail link for SUSE-SU-2018:2908-1", url: "https://lists.suse.com/pipermail/sle-security-updates/2018-September/004618.html", }, { category: "self", summary: "SUSE Bug 1012382", url: "https://bugzilla.suse.com/1012382", }, { category: "self", summary: "SUSE Bug 1024788", url: "https://bugzilla.suse.com/1024788", }, { category: "self", summary: "SUSE Bug 1062604", url: "https://bugzilla.suse.com/1062604", }, { category: "self", summary: "SUSE Bug 1064233", url: "https://bugzilla.suse.com/1064233", }, { category: "self", summary: "SUSE Bug 1065999", url: "https://bugzilla.suse.com/1065999", }, { category: "self", summary: "SUSE Bug 1090534", url: "https://bugzilla.suse.com/1090534", }, { category: "self", summary: "SUSE Bug 1090955", url: "https://bugzilla.suse.com/1090955", }, { category: "self", summary: "SUSE Bug 1091171", url: "https://bugzilla.suse.com/1091171", }, { category: "self", summary: "SUSE Bug 1092903", url: "https://bugzilla.suse.com/1092903", }, { category: "self", summary: "SUSE Bug 1096547", url: "https://bugzilla.suse.com/1096547", }, { category: "self", summary: "SUSE Bug 1097104", url: "https://bugzilla.suse.com/1097104", }, { category: "self", summary: "SUSE Bug 1097108", url: "https://bugzilla.suse.com/1097108", }, { category: "self", summary: "SUSE Bug 1099811", url: "https://bugzilla.suse.com/1099811", }, { category: "self", summary: "SUSE Bug 1099813", url: "https://bugzilla.suse.com/1099813", }, { category: "self", summary: "SUSE Bug 1099844", url: "https://bugzilla.suse.com/1099844", }, { category: "self", summary: "SUSE Bug 1099845", url: "https://bugzilla.suse.com/1099845", }, { category: "self", summary: "SUSE Bug 1099846", url: "https://bugzilla.suse.com/1099846", }, { category: "self", summary: "SUSE Bug 1099849", url: "https://bugzilla.suse.com/1099849", }, { category: "self", summary: "SUSE Bug 1099863", url: "https://bugzilla.suse.com/1099863", }, { category: "self", summary: "SUSE Bug 1099864", url: "https://bugzilla.suse.com/1099864", }, { category: "self", summary: "SUSE Bug 1099922", url: "https://bugzilla.suse.com/1099922", }, { category: "self", summary: "SUSE Bug 1100001", url: "https://bugzilla.suse.com/1100001", }, { category: "self", summary: "SUSE Bug 1102870", url: "https://bugzilla.suse.com/1102870", }, { category: "self", summary: "SUSE Bug 1103445", url: "https://bugzilla.suse.com/1103445", }, { category: "self", summary: "SUSE Bug 1104319", url: "https://bugzilla.suse.com/1104319", }, { category: "self", summary: "SUSE Bug 1104495", url: "https://bugzilla.suse.com/1104495", }, { category: "self", summary: "SUSE Bug 1104818", url: "https://bugzilla.suse.com/1104818", }, { category: "self", summary: "SUSE Bug 1104906", url: "https://bugzilla.suse.com/1104906", }, { category: "self", summary: "SUSE Bug 1105100", url: "https://bugzilla.suse.com/1105100", }, { category: "self", summary: "SUSE Bug 1105322", url: "https://bugzilla.suse.com/1105322", }, { category: "self", summary: "SUSE Bug 1105323", url: "https://bugzilla.suse.com/1105323", }, { category: "self", summary: "SUSE Bug 1105396", url: "https://bugzilla.suse.com/1105396", }, { category: "self", summary: "SUSE Bug 1106095", url: "https://bugzilla.suse.com/1106095", }, { category: "self", summary: "SUSE Bug 1106369", url: "https://bugzilla.suse.com/1106369", }, { category: "self", summary: "SUSE Bug 1106509", url: "https://bugzilla.suse.com/1106509", }, { category: "self", summary: "SUSE Bug 1106511", url: "https://bugzilla.suse.com/1106511", }, { category: "self", summary: "SUSE Bug 1107689", url: "https://bugzilla.suse.com/1107689", }, { category: "self", summary: "SUSE Bug 1108912", url: "https://bugzilla.suse.com/1108912", }, { category: "self", summary: "SUSE CVE CVE-2018-10853 page", url: "https://www.suse.com/security/cve/CVE-2018-10853/", }, { category: "self", summary: "SUSE CVE CVE-2018-10876 page", url: "https://www.suse.com/security/cve/CVE-2018-10876/", }, { category: "self", summary: "SUSE CVE CVE-2018-10877 page", url: "https://www.suse.com/security/cve/CVE-2018-10877/", }, { category: "self", summary: "SUSE CVE CVE-2018-10878 page", url: "https://www.suse.com/security/cve/CVE-2018-10878/", }, { category: "self", summary: "SUSE CVE CVE-2018-10879 page", url: "https://www.suse.com/security/cve/CVE-2018-10879/", }, { category: "self", summary: "SUSE CVE CVE-2018-10880 page", url: "https://www.suse.com/security/cve/CVE-2018-10880/", }, { category: "self", summary: "SUSE CVE CVE-2018-10881 page", url: "https://www.suse.com/security/cve/CVE-2018-10881/", }, { category: "self", summary: "SUSE CVE CVE-2018-10882 page", url: "https://www.suse.com/security/cve/CVE-2018-10882/", }, { category: "self", summary: "SUSE CVE CVE-2018-10883 page", url: "https://www.suse.com/security/cve/CVE-2018-10883/", }, { category: "self", summary: "SUSE CVE CVE-2018-10902 page", url: "https://www.suse.com/security/cve/CVE-2018-10902/", }, { category: "self", summary: "SUSE CVE CVE-2018-10940 page", url: "https://www.suse.com/security/cve/CVE-2018-10940/", }, { category: "self", summary: "SUSE CVE CVE-2018-12896 page", url: "https://www.suse.com/security/cve/CVE-2018-12896/", }, { category: "self", summary: "SUSE CVE CVE-2018-13093 page", url: "https://www.suse.com/security/cve/CVE-2018-13093/", }, { category: "self", summary: "SUSE CVE CVE-2018-14617 page", url: "https://www.suse.com/security/cve/CVE-2018-14617/", }, { category: "self", summary: "SUSE CVE CVE-2018-14634 page", url: "https://www.suse.com/security/cve/CVE-2018-14634/", }, { category: "self", summary: "SUSE CVE CVE-2018-16276 page", url: "https://www.suse.com/security/cve/CVE-2018-16276/", }, { category: "self", summary: "SUSE CVE CVE-2018-16658 page", url: "https://www.suse.com/security/cve/CVE-2018-16658/", }, { category: "self", summary: "SUSE CVE CVE-2018-6554 page", url: "https://www.suse.com/security/cve/CVE-2018-6554/", }, { category: "self", summary: "SUSE CVE CVE-2018-6555 page", url: "https://www.suse.com/security/cve/CVE-2018-6555/", }, ], title: "Security update for the Linux Kernel", tracking: { current_release_date: "2018-09-27T15:01:17Z", generator: { date: "2018-09-27T15:01:17Z", engine: { name: "cve-database.git:bin/generate-csaf.pl", version: "1", }, }, id: "SUSE-SU-2018:2908-1", initial_release_date: "2018-09-27T15:01:17Z", revision_history: [ { date: "2018-09-27T15:01:17Z", number: "1", summary: "Current version", }, ], status: "final", version: "1", }, }, product_tree: { branches: [ { branches: [ { branches: [ { category: "product_version", name: "kernel-devel-3.12.74-60.64.104.1.noarch", product: { name: "kernel-devel-3.12.74-60.64.104.1.noarch", product_id: "kernel-devel-3.12.74-60.64.104.1.noarch", }, }, { category: "product_version", name: "kernel-macros-3.12.74-60.64.104.1.noarch", product: { name: "kernel-macros-3.12.74-60.64.104.1.noarch", product_id: "kernel-macros-3.12.74-60.64.104.1.noarch", }, }, { category: "product_version", name: "kernel-source-3.12.74-60.64.104.1.noarch", product: { name: "kernel-source-3.12.74-60.64.104.1.noarch", product_id: "kernel-source-3.12.74-60.64.104.1.noarch", }, }, ], category: "architecture", name: "noarch", }, { branches: [ { category: "product_version", name: "kernel-default-3.12.74-60.64.104.1.ppc64le", product: { name: "kernel-default-3.12.74-60.64.104.1.ppc64le", product_id: "kernel-default-3.12.74-60.64.104.1.ppc64le", }, }, { category: "product_version", name: "kernel-default-base-3.12.74-60.64.104.1.ppc64le", product: { name: "kernel-default-base-3.12.74-60.64.104.1.ppc64le", product_id: "kernel-default-base-3.12.74-60.64.104.1.ppc64le", }, }, { category: "product_version", name: "kernel-default-devel-3.12.74-60.64.104.1.ppc64le", product: { name: "kernel-default-devel-3.12.74-60.64.104.1.ppc64le", product_id: "kernel-default-devel-3.12.74-60.64.104.1.ppc64le", }, }, { category: "product_version", name: "kernel-syms-3.12.74-60.64.104.1.ppc64le", product: { name: "kernel-syms-3.12.74-60.64.104.1.ppc64le", product_id: "kernel-syms-3.12.74-60.64.104.1.ppc64le", }, }, ], category: "architecture", name: "ppc64le", }, { branches: [ { category: "product_version", name: "kernel-default-3.12.74-60.64.104.1.s390x", product: { name: "kernel-default-3.12.74-60.64.104.1.s390x", product_id: "kernel-default-3.12.74-60.64.104.1.s390x", }, }, { category: "product_version", name: "kernel-default-base-3.12.74-60.64.104.1.s390x", product: { name: "kernel-default-base-3.12.74-60.64.104.1.s390x", product_id: "kernel-default-base-3.12.74-60.64.104.1.s390x", }, }, { category: "product_version", name: "kernel-default-devel-3.12.74-60.64.104.1.s390x", product: { name: "kernel-default-devel-3.12.74-60.64.104.1.s390x", product_id: "kernel-default-devel-3.12.74-60.64.104.1.s390x", }, }, { category: "product_version", name: "kernel-default-man-3.12.74-60.64.104.1.s390x", product: { name: "kernel-default-man-3.12.74-60.64.104.1.s390x", product_id: "kernel-default-man-3.12.74-60.64.104.1.s390x", }, }, { category: "product_version", name: "kernel-syms-3.12.74-60.64.104.1.s390x", product: { name: "kernel-syms-3.12.74-60.64.104.1.s390x", product_id: "kernel-syms-3.12.74-60.64.104.1.s390x", }, }, ], category: "architecture", name: "s390x", }, { branches: [ { category: "product_version", name: "kernel-ec2-3.12.74-60.64.104.1.x86_64", product: { name: "kernel-ec2-3.12.74-60.64.104.1.x86_64", product_id: "kernel-ec2-3.12.74-60.64.104.1.x86_64", }, }, { category: "product_version", name: "kernel-ec2-devel-3.12.74-60.64.104.1.x86_64", product: { name: "kernel-ec2-devel-3.12.74-60.64.104.1.x86_64", product_id: "kernel-ec2-devel-3.12.74-60.64.104.1.x86_64", }, }, { category: "product_version", name: "kernel-ec2-extra-3.12.74-60.64.104.1.x86_64", product: { name: "kernel-ec2-extra-3.12.74-60.64.104.1.x86_64", product_id: "kernel-ec2-extra-3.12.74-60.64.104.1.x86_64", }, }, { category: "product_version", name: "kernel-default-3.12.74-60.64.104.1.x86_64", product: { name: "kernel-default-3.12.74-60.64.104.1.x86_64", product_id: "kernel-default-3.12.74-60.64.104.1.x86_64", }, }, { category: "product_version", name: "kernel-default-base-3.12.74-60.64.104.1.x86_64", product: { name: "kernel-default-base-3.12.74-60.64.104.1.x86_64", product_id: "kernel-default-base-3.12.74-60.64.104.1.x86_64", }, }, { category: "product_version", name: "kernel-default-devel-3.12.74-60.64.104.1.x86_64", product: { name: "kernel-default-devel-3.12.74-60.64.104.1.x86_64", product_id: "kernel-default-devel-3.12.74-60.64.104.1.x86_64", }, }, { category: "product_version", name: "kernel-syms-3.12.74-60.64.104.1.x86_64", product: { name: "kernel-syms-3.12.74-60.64.104.1.x86_64", product_id: "kernel-syms-3.12.74-60.64.104.1.x86_64", }, }, { category: "product_version", name: "kernel-xen-3.12.74-60.64.104.1.x86_64", product: { name: "kernel-xen-3.12.74-60.64.104.1.x86_64", product_id: "kernel-xen-3.12.74-60.64.104.1.x86_64", }, }, { category: "product_version", name: "kernel-xen-base-3.12.74-60.64.104.1.x86_64", product: { name: "kernel-xen-base-3.12.74-60.64.104.1.x86_64", product_id: "kernel-xen-base-3.12.74-60.64.104.1.x86_64", }, }, { category: "product_version", name: "kernel-xen-devel-3.12.74-60.64.104.1.x86_64", product: { name: "kernel-xen-devel-3.12.74-60.64.104.1.x86_64", product_id: "kernel-xen-devel-3.12.74-60.64.104.1.x86_64", }, }, ], category: "architecture", name: "x86_64", }, { branches: [ { category: "product_name", name: "SUSE Linux Enterprise Module for Public Cloud 12", product: { name: "SUSE Linux Enterprise Module for Public Cloud 12", product_id: "SUSE Linux Enterprise Module for Public Cloud 12", product_identification_helper: { cpe: "cpe:/o:suse:sle-module-public-cloud:12", }, }, }, { category: "product_name", name: "SUSE Linux Enterprise Server 12 SP1-LTSS", product: { name: "SUSE Linux Enterprise Server 12 SP1-LTSS", product_id: "SUSE Linux Enterprise Server 12 SP1-LTSS", product_identification_helper: { cpe: "cpe:/o:suse:sles-ltss:12:sp1", }, }, }, ], category: "product_family", name: "SUSE Linux Enterprise", }, ], category: "vendor", name: "SUSE", }, ], relationships: [ { category: "default_component_of", full_product_name: { name: "kernel-ec2-3.12.74-60.64.104.1.x86_64 as component of SUSE Linux Enterprise Module for Public Cloud 12", product_id: "SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-3.12.74-60.64.104.1.x86_64", }, product_reference: "kernel-ec2-3.12.74-60.64.104.1.x86_64", relates_to_product_reference: "SUSE Linux Enterprise Module for Public Cloud 12", }, { category: "default_component_of", full_product_name: { name: "kernel-ec2-devel-3.12.74-60.64.104.1.x86_64 as component of SUSE Linux Enterprise Module for Public Cloud 12", product_id: "SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-devel-3.12.74-60.64.104.1.x86_64", }, product_reference: "kernel-ec2-devel-3.12.74-60.64.104.1.x86_64", relates_to_product_reference: "SUSE Linux Enterprise Module for Public Cloud 12", }, { category: "default_component_of", full_product_name: { name: "kernel-ec2-extra-3.12.74-60.64.104.1.x86_64 as component of SUSE Linux Enterprise Module for Public Cloud 12", product_id: "SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-extra-3.12.74-60.64.104.1.x86_64", }, product_reference: "kernel-ec2-extra-3.12.74-60.64.104.1.x86_64", relates_to_product_reference: "SUSE Linux Enterprise Module for Public Cloud 12", }, { category: "default_component_of", full_product_name: { name: "kernel-default-3.12.74-60.64.104.1.ppc64le as component of SUSE Linux Enterprise Server 12 SP1-LTSS", product_id: "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-3.12.74-60.64.104.1.ppc64le", }, product_reference: "kernel-default-3.12.74-60.64.104.1.ppc64le", relates_to_product_reference: "SUSE Linux Enterprise Server 12 SP1-LTSS", }, { category: "default_component_of", full_product_name: { name: "kernel-default-3.12.74-60.64.104.1.s390x as component of SUSE Linux Enterprise Server 12 SP1-LTSS", product_id: "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-3.12.74-60.64.104.1.s390x", }, product_reference: "kernel-default-3.12.74-60.64.104.1.s390x", relates_to_product_reference: "SUSE Linux Enterprise Server 12 SP1-LTSS", }, { category: "default_component_of", full_product_name: { name: "kernel-default-3.12.74-60.64.104.1.x86_64 as component of SUSE Linux Enterprise Server 12 SP1-LTSS", product_id: "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-3.12.74-60.64.104.1.x86_64", }, product_reference: "kernel-default-3.12.74-60.64.104.1.x86_64", relates_to_product_reference: "SUSE Linux Enterprise Server 12 SP1-LTSS", }, { category: "default_component_of", full_product_name: { name: "kernel-default-base-3.12.74-60.64.104.1.ppc64le as component of SUSE Linux Enterprise Server 12 SP1-LTSS", product_id: "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-base-3.12.74-60.64.104.1.ppc64le", }, product_reference: "kernel-default-base-3.12.74-60.64.104.1.ppc64le", relates_to_product_reference: "SUSE Linux Enterprise Server 12 SP1-LTSS", }, { category: "default_component_of", full_product_name: { name: "kernel-default-base-3.12.74-60.64.104.1.s390x as component of SUSE Linux Enterprise Server 12 SP1-LTSS", product_id: "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-base-3.12.74-60.64.104.1.s390x", }, product_reference: "kernel-default-base-3.12.74-60.64.104.1.s390x", relates_to_product_reference: "SUSE Linux Enterprise Server 12 SP1-LTSS", }, { category: "default_component_of", full_product_name: { name: "kernel-default-base-3.12.74-60.64.104.1.x86_64 as component of SUSE Linux Enterprise Server 12 SP1-LTSS", product_id: "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-base-3.12.74-60.64.104.1.x86_64", }, product_reference: "kernel-default-base-3.12.74-60.64.104.1.x86_64", relates_to_product_reference: "SUSE Linux Enterprise Server 12 SP1-LTSS", }, { category: "default_component_of", full_product_name: { name: "kernel-default-devel-3.12.74-60.64.104.1.ppc64le as component of SUSE Linux Enterprise Server 12 SP1-LTSS", product_id: "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-devel-3.12.74-60.64.104.1.ppc64le", }, product_reference: "kernel-default-devel-3.12.74-60.64.104.1.ppc64le", relates_to_product_reference: "SUSE Linux Enterprise Server 12 SP1-LTSS", }, { category: "default_component_of", full_product_name: { name: "kernel-default-devel-3.12.74-60.64.104.1.s390x as component of SUSE Linux Enterprise Server 12 SP1-LTSS", product_id: "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-devel-3.12.74-60.64.104.1.s390x", }, product_reference: "kernel-default-devel-3.12.74-60.64.104.1.s390x", relates_to_product_reference: "SUSE Linux Enterprise Server 12 SP1-LTSS", }, { category: "default_component_of", full_product_name: { name: "kernel-default-devel-3.12.74-60.64.104.1.x86_64 as component of SUSE Linux Enterprise Server 12 SP1-LTSS", product_id: "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-devel-3.12.74-60.64.104.1.x86_64", }, product_reference: "kernel-default-devel-3.12.74-60.64.104.1.x86_64", relates_to_product_reference: "SUSE Linux Enterprise Server 12 SP1-LTSS", }, { category: "default_component_of", full_product_name: { name: "kernel-default-man-3.12.74-60.64.104.1.s390x as component of SUSE Linux Enterprise Server 12 SP1-LTSS", product_id: "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-man-3.12.74-60.64.104.1.s390x", }, product_reference: "kernel-default-man-3.12.74-60.64.104.1.s390x", relates_to_product_reference: "SUSE Linux Enterprise Server 12 SP1-LTSS", }, { category: "default_component_of", full_product_name: { name: "kernel-devel-3.12.74-60.64.104.1.noarch as component of SUSE Linux Enterprise Server 12 SP1-LTSS", product_id: "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-devel-3.12.74-60.64.104.1.noarch", }, product_reference: "kernel-devel-3.12.74-60.64.104.1.noarch", relates_to_product_reference: "SUSE Linux Enterprise Server 12 SP1-LTSS", }, { category: "default_component_of", full_product_name: { name: "kernel-macros-3.12.74-60.64.104.1.noarch as component of SUSE Linux Enterprise Server 12 SP1-LTSS", product_id: "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-macros-3.12.74-60.64.104.1.noarch", }, product_reference: "kernel-macros-3.12.74-60.64.104.1.noarch", relates_to_product_reference: "SUSE Linux Enterprise Server 12 SP1-LTSS", }, { category: "default_component_of", full_product_name: { name: "kernel-source-3.12.74-60.64.104.1.noarch as component of SUSE Linux Enterprise Server 12 SP1-LTSS", product_id: "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-source-3.12.74-60.64.104.1.noarch", }, product_reference: "kernel-source-3.12.74-60.64.104.1.noarch", relates_to_product_reference: "SUSE Linux Enterprise Server 12 SP1-LTSS", }, { category: "default_component_of", full_product_name: { name: "kernel-syms-3.12.74-60.64.104.1.ppc64le as component of SUSE Linux Enterprise Server 12 SP1-LTSS", product_id: "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-syms-3.12.74-60.64.104.1.ppc64le", }, product_reference: "kernel-syms-3.12.74-60.64.104.1.ppc64le", relates_to_product_reference: "SUSE Linux Enterprise Server 12 SP1-LTSS", }, { category: "default_component_of", full_product_name: { name: "kernel-syms-3.12.74-60.64.104.1.s390x as component of SUSE Linux Enterprise Server 12 SP1-LTSS", product_id: "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-syms-3.12.74-60.64.104.1.s390x", }, product_reference: "kernel-syms-3.12.74-60.64.104.1.s390x", relates_to_product_reference: "SUSE Linux Enterprise Server 12 SP1-LTSS", }, { category: "default_component_of", full_product_name: { name: "kernel-syms-3.12.74-60.64.104.1.x86_64 as component of SUSE Linux Enterprise Server 12 SP1-LTSS", product_id: "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-syms-3.12.74-60.64.104.1.x86_64", }, product_reference: "kernel-syms-3.12.74-60.64.104.1.x86_64", relates_to_product_reference: "SUSE Linux Enterprise Server 12 SP1-LTSS", }, { category: "default_component_of", full_product_name: { name: "kernel-xen-3.12.74-60.64.104.1.x86_64 as component of SUSE Linux Enterprise Server 12 SP1-LTSS", product_id: "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-xen-3.12.74-60.64.104.1.x86_64", }, product_reference: "kernel-xen-3.12.74-60.64.104.1.x86_64", relates_to_product_reference: "SUSE Linux Enterprise Server 12 SP1-LTSS", }, { category: "default_component_of", full_product_name: { name: "kernel-xen-base-3.12.74-60.64.104.1.x86_64 as component of SUSE Linux Enterprise Server 12 SP1-LTSS", product_id: "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-xen-base-3.12.74-60.64.104.1.x86_64", }, product_reference: "kernel-xen-base-3.12.74-60.64.104.1.x86_64", relates_to_product_reference: "SUSE Linux Enterprise Server 12 SP1-LTSS", }, { category: "default_component_of", full_product_name: { name: "kernel-xen-devel-3.12.74-60.64.104.1.x86_64 as component of SUSE Linux Enterprise Server 12 SP1-LTSS", product_id: "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-xen-devel-3.12.74-60.64.104.1.x86_64", }, product_reference: "kernel-xen-devel-3.12.74-60.64.104.1.x86_64", relates_to_product_reference: "SUSE Linux Enterprise Server 12 SP1-LTSS", }, ], }, vulnerabilities: [ { cve: "CVE-2018-10853", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2018-10853", }, ], notes: [ { category: "general", text: "A flaw was found in the way Linux kernel KVM hypervisor before 4.18 emulated instructions such as sgdt/sidt/fxsave/fxrstor. It did not check current privilege(CPL) level while emulating unprivileged instructions. An unprivileged guest user/process could use this flaw to potentially escalate privileges inside guest.", title: "CVE description", }, ], product_status: { recommended: [ "SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-3.12.74-60.64.104.1.x86_64", "SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-devel-3.12.74-60.64.104.1.x86_64", "SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-extra-3.12.74-60.64.104.1.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-3.12.74-60.64.104.1.ppc64le", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-3.12.74-60.64.104.1.s390x", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-3.12.74-60.64.104.1.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-base-3.12.74-60.64.104.1.ppc64le", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-base-3.12.74-60.64.104.1.s390x", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-base-3.12.74-60.64.104.1.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-devel-3.12.74-60.64.104.1.ppc64le", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-devel-3.12.74-60.64.104.1.s390x", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-devel-3.12.74-60.64.104.1.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-man-3.12.74-60.64.104.1.s390x", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-devel-3.12.74-60.64.104.1.noarch", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-macros-3.12.74-60.64.104.1.noarch", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-source-3.12.74-60.64.104.1.noarch", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-syms-3.12.74-60.64.104.1.ppc64le", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-syms-3.12.74-60.64.104.1.s390x", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-syms-3.12.74-60.64.104.1.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-xen-3.12.74-60.64.104.1.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-xen-base-3.12.74-60.64.104.1.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-xen-devel-3.12.74-60.64.104.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2018-10853", url: "https://www.suse.com/security/cve/CVE-2018-10853", }, { category: "external", summary: "SUSE Bug 1097104 for CVE-2018-10853", url: "https://bugzilla.suse.com/1097104", }, { category: "external", summary: "SUSE Bug 1097108 for CVE-2018-10853", url: "https://bugzilla.suse.com/1097108", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-3.12.74-60.64.104.1.x86_64", "SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-devel-3.12.74-60.64.104.1.x86_64", "SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-extra-3.12.74-60.64.104.1.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-3.12.74-60.64.104.1.ppc64le", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-3.12.74-60.64.104.1.s390x", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-3.12.74-60.64.104.1.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-base-3.12.74-60.64.104.1.ppc64le", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-base-3.12.74-60.64.104.1.s390x", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-base-3.12.74-60.64.104.1.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-devel-3.12.74-60.64.104.1.ppc64le", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-devel-3.12.74-60.64.104.1.s390x", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-devel-3.12.74-60.64.104.1.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-man-3.12.74-60.64.104.1.s390x", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-devel-3.12.74-60.64.104.1.noarch", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-macros-3.12.74-60.64.104.1.noarch", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-source-3.12.74-60.64.104.1.noarch", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-syms-3.12.74-60.64.104.1.ppc64le", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-syms-3.12.74-60.64.104.1.s390x", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-syms-3.12.74-60.64.104.1.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-xen-3.12.74-60.64.104.1.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-xen-base-3.12.74-60.64.104.1.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-xen-devel-3.12.74-60.64.104.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 8.4, baseSeverity: "HIGH", vectorString: "CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", version: "3.0", }, products: [ "SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-3.12.74-60.64.104.1.x86_64", "SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-devel-3.12.74-60.64.104.1.x86_64", "SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-extra-3.12.74-60.64.104.1.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-3.12.74-60.64.104.1.ppc64le", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-3.12.74-60.64.104.1.s390x", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-3.12.74-60.64.104.1.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-base-3.12.74-60.64.104.1.ppc64le", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-base-3.12.74-60.64.104.1.s390x", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-base-3.12.74-60.64.104.1.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-devel-3.12.74-60.64.104.1.ppc64le", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-devel-3.12.74-60.64.104.1.s390x", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-devel-3.12.74-60.64.104.1.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-man-3.12.74-60.64.104.1.s390x", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-devel-3.12.74-60.64.104.1.noarch", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-macros-3.12.74-60.64.104.1.noarch", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-source-3.12.74-60.64.104.1.noarch", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-syms-3.12.74-60.64.104.1.ppc64le", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-syms-3.12.74-60.64.104.1.s390x", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-syms-3.12.74-60.64.104.1.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-xen-3.12.74-60.64.104.1.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-xen-base-3.12.74-60.64.104.1.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-xen-devel-3.12.74-60.64.104.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2018-09-27T15:01:17Z", details: "important", }, ], title: "CVE-2018-10853", }, { cve: "CVE-2018-10876", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2018-10876", }, ], notes: [ { category: "general", text: "A flaw was found in Linux kernel in the ext4 filesystem code. A use-after-free is possible in ext4_ext_remove_space() function when mounting and operating a crafted ext4 image.", title: "CVE description", }, ], product_status: { recommended: [ "SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-3.12.74-60.64.104.1.x86_64", "SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-devel-3.12.74-60.64.104.1.x86_64", "SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-extra-3.12.74-60.64.104.1.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-3.12.74-60.64.104.1.ppc64le", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-3.12.74-60.64.104.1.s390x", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-3.12.74-60.64.104.1.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-base-3.12.74-60.64.104.1.ppc64le", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-base-3.12.74-60.64.104.1.s390x", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-base-3.12.74-60.64.104.1.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-devel-3.12.74-60.64.104.1.ppc64le", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-devel-3.12.74-60.64.104.1.s390x", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-devel-3.12.74-60.64.104.1.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-man-3.12.74-60.64.104.1.s390x", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-devel-3.12.74-60.64.104.1.noarch", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-macros-3.12.74-60.64.104.1.noarch", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-source-3.12.74-60.64.104.1.noarch", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-syms-3.12.74-60.64.104.1.ppc64le", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-syms-3.12.74-60.64.104.1.s390x", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-syms-3.12.74-60.64.104.1.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-xen-3.12.74-60.64.104.1.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-xen-base-3.12.74-60.64.104.1.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-xen-devel-3.12.74-60.64.104.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2018-10876", url: "https://www.suse.com/security/cve/CVE-2018-10876", }, { category: "external", summary: "SUSE Bug 1099811 for CVE-2018-10876", url: "https://bugzilla.suse.com/1099811", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-3.12.74-60.64.104.1.x86_64", "SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-devel-3.12.74-60.64.104.1.x86_64", "SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-extra-3.12.74-60.64.104.1.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-3.12.74-60.64.104.1.ppc64le", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-3.12.74-60.64.104.1.s390x", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-3.12.74-60.64.104.1.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-base-3.12.74-60.64.104.1.ppc64le", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-base-3.12.74-60.64.104.1.s390x", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-base-3.12.74-60.64.104.1.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-devel-3.12.74-60.64.104.1.ppc64le", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-devel-3.12.74-60.64.104.1.s390x", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-devel-3.12.74-60.64.104.1.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-man-3.12.74-60.64.104.1.s390x", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-devel-3.12.74-60.64.104.1.noarch", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-macros-3.12.74-60.64.104.1.noarch", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-source-3.12.74-60.64.104.1.noarch", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-syms-3.12.74-60.64.104.1.ppc64le", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-syms-3.12.74-60.64.104.1.s390x", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-syms-3.12.74-60.64.104.1.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-xen-3.12.74-60.64.104.1.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-xen-base-3.12.74-60.64.104.1.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-xen-devel-3.12.74-60.64.104.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 5, baseSeverity: "MEDIUM", vectorString: "CVSS:3.0/AV:L/AC:L/PR:L/UI:R/S:U/C:N/I:N/A:H", version: "3.0", }, products: [ "SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-3.12.74-60.64.104.1.x86_64", "SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-devel-3.12.74-60.64.104.1.x86_64", "SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-extra-3.12.74-60.64.104.1.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-3.12.74-60.64.104.1.ppc64le", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-3.12.74-60.64.104.1.s390x", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-3.12.74-60.64.104.1.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-base-3.12.74-60.64.104.1.ppc64le", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-base-3.12.74-60.64.104.1.s390x", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-base-3.12.74-60.64.104.1.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-devel-3.12.74-60.64.104.1.ppc64le", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-devel-3.12.74-60.64.104.1.s390x", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-devel-3.12.74-60.64.104.1.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-man-3.12.74-60.64.104.1.s390x", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-devel-3.12.74-60.64.104.1.noarch", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-macros-3.12.74-60.64.104.1.noarch", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-source-3.12.74-60.64.104.1.noarch", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-syms-3.12.74-60.64.104.1.ppc64le", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-syms-3.12.74-60.64.104.1.s390x", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-syms-3.12.74-60.64.104.1.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-xen-3.12.74-60.64.104.1.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-xen-base-3.12.74-60.64.104.1.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-xen-devel-3.12.74-60.64.104.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2018-09-27T15:01:17Z", details: "low", }, ], title: "CVE-2018-10876", }, { cve: "CVE-2018-10877", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2018-10877", }, ], notes: [ { category: "general", text: "Linux kernel ext4 filesystem is vulnerable to an out-of-bound access in the ext4_ext_drop_refs() function when operating on a crafted ext4 filesystem image.", title: "CVE description", }, ], product_status: { recommended: [ "SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-3.12.74-60.64.104.1.x86_64", "SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-devel-3.12.74-60.64.104.1.x86_64", "SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-extra-3.12.74-60.64.104.1.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-3.12.74-60.64.104.1.ppc64le", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-3.12.74-60.64.104.1.s390x", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-3.12.74-60.64.104.1.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-base-3.12.74-60.64.104.1.ppc64le", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-base-3.12.74-60.64.104.1.s390x", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-base-3.12.74-60.64.104.1.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-devel-3.12.74-60.64.104.1.ppc64le", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-devel-3.12.74-60.64.104.1.s390x", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-devel-3.12.74-60.64.104.1.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-man-3.12.74-60.64.104.1.s390x", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-devel-3.12.74-60.64.104.1.noarch", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-macros-3.12.74-60.64.104.1.noarch", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-source-3.12.74-60.64.104.1.noarch", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-syms-3.12.74-60.64.104.1.ppc64le", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-syms-3.12.74-60.64.104.1.s390x", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-syms-3.12.74-60.64.104.1.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-xen-3.12.74-60.64.104.1.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-xen-base-3.12.74-60.64.104.1.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-xen-devel-3.12.74-60.64.104.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2018-10877", url: "https://www.suse.com/security/cve/CVE-2018-10877", }, { category: "external", summary: "SUSE Bug 1087082 for CVE-2018-10877", url: "https://bugzilla.suse.com/1087082", }, { category: "external", summary: "SUSE Bug 1099846 for CVE-2018-10877", url: "https://bugzilla.suse.com/1099846", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-3.12.74-60.64.104.1.x86_64", "SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-devel-3.12.74-60.64.104.1.x86_64", "SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-extra-3.12.74-60.64.104.1.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-3.12.74-60.64.104.1.ppc64le", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-3.12.74-60.64.104.1.s390x", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-3.12.74-60.64.104.1.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-base-3.12.74-60.64.104.1.ppc64le", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-base-3.12.74-60.64.104.1.s390x", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-base-3.12.74-60.64.104.1.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-devel-3.12.74-60.64.104.1.ppc64le", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-devel-3.12.74-60.64.104.1.s390x", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-devel-3.12.74-60.64.104.1.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-man-3.12.74-60.64.104.1.s390x", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-devel-3.12.74-60.64.104.1.noarch", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-macros-3.12.74-60.64.104.1.noarch", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-source-3.12.74-60.64.104.1.noarch", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-syms-3.12.74-60.64.104.1.ppc64le", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-syms-3.12.74-60.64.104.1.s390x", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-syms-3.12.74-60.64.104.1.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-xen-3.12.74-60.64.104.1.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-xen-base-3.12.74-60.64.104.1.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-xen-devel-3.12.74-60.64.104.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 6.7, baseSeverity: "MEDIUM", vectorString: "CVSS:3.0/AV:L/AC:H/PR:L/UI:R/S:U/C:H/I:H/A:H", version: "3.0", }, products: [ "SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-3.12.74-60.64.104.1.x86_64", "SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-devel-3.12.74-60.64.104.1.x86_64", "SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-extra-3.12.74-60.64.104.1.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-3.12.74-60.64.104.1.ppc64le", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-3.12.74-60.64.104.1.s390x", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-3.12.74-60.64.104.1.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-base-3.12.74-60.64.104.1.ppc64le", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-base-3.12.74-60.64.104.1.s390x", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-base-3.12.74-60.64.104.1.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-devel-3.12.74-60.64.104.1.ppc64le", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-devel-3.12.74-60.64.104.1.s390x", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-devel-3.12.74-60.64.104.1.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-man-3.12.74-60.64.104.1.s390x", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-devel-3.12.74-60.64.104.1.noarch", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-macros-3.12.74-60.64.104.1.noarch", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-source-3.12.74-60.64.104.1.noarch", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-syms-3.12.74-60.64.104.1.ppc64le", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-syms-3.12.74-60.64.104.1.s390x", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-syms-3.12.74-60.64.104.1.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-xen-3.12.74-60.64.104.1.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-xen-base-3.12.74-60.64.104.1.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-xen-devel-3.12.74-60.64.104.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2018-09-27T15:01:17Z", details: "low", }, ], title: "CVE-2018-10877", }, { cve: "CVE-2018-10878", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2018-10878", }, ], notes: [ { category: "general", text: "A flaw was found in the Linux kernel's ext4 filesystem. A local user can cause an out-of-bounds write and a denial of service or unspecified other impact is possible by mounting and operating a crafted ext4 filesystem image.", title: "CVE description", }, ], product_status: { recommended: [ "SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-3.12.74-60.64.104.1.x86_64", "SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-devel-3.12.74-60.64.104.1.x86_64", "SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-extra-3.12.74-60.64.104.1.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-3.12.74-60.64.104.1.ppc64le", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-3.12.74-60.64.104.1.s390x", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-3.12.74-60.64.104.1.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-base-3.12.74-60.64.104.1.ppc64le", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-base-3.12.74-60.64.104.1.s390x", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-base-3.12.74-60.64.104.1.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-devel-3.12.74-60.64.104.1.ppc64le", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-devel-3.12.74-60.64.104.1.s390x", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-devel-3.12.74-60.64.104.1.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-man-3.12.74-60.64.104.1.s390x", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-devel-3.12.74-60.64.104.1.noarch", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-macros-3.12.74-60.64.104.1.noarch", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-source-3.12.74-60.64.104.1.noarch", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-syms-3.12.74-60.64.104.1.ppc64le", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-syms-3.12.74-60.64.104.1.s390x", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-syms-3.12.74-60.64.104.1.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-xen-3.12.74-60.64.104.1.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-xen-base-3.12.74-60.64.104.1.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-xen-devel-3.12.74-60.64.104.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2018-10878", url: "https://www.suse.com/security/cve/CVE-2018-10878", }, { category: "external", summary: "SUSE Bug 1087082 for CVE-2018-10878", url: "https://bugzilla.suse.com/1087082", }, { category: "external", summary: "SUSE Bug 1099813 for CVE-2018-10878", url: "https://bugzilla.suse.com/1099813", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-3.12.74-60.64.104.1.x86_64", "SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-devel-3.12.74-60.64.104.1.x86_64", "SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-extra-3.12.74-60.64.104.1.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-3.12.74-60.64.104.1.ppc64le", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-3.12.74-60.64.104.1.s390x", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-3.12.74-60.64.104.1.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-base-3.12.74-60.64.104.1.ppc64le", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-base-3.12.74-60.64.104.1.s390x", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-base-3.12.74-60.64.104.1.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-devel-3.12.74-60.64.104.1.ppc64le", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-devel-3.12.74-60.64.104.1.s390x", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-devel-3.12.74-60.64.104.1.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-man-3.12.74-60.64.104.1.s390x", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-devel-3.12.74-60.64.104.1.noarch", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-macros-3.12.74-60.64.104.1.noarch", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-source-3.12.74-60.64.104.1.noarch", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-syms-3.12.74-60.64.104.1.ppc64le", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-syms-3.12.74-60.64.104.1.s390x", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-syms-3.12.74-60.64.104.1.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-xen-3.12.74-60.64.104.1.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-xen-base-3.12.74-60.64.104.1.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-xen-devel-3.12.74-60.64.104.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 6.6, baseSeverity: "MEDIUM", vectorString: "CVSS:3.0/AV:L/AC:L/PR:L/UI:R/S:U/C:N/I:H/A:H", version: "3.0", }, products: [ "SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-3.12.74-60.64.104.1.x86_64", "SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-devel-3.12.74-60.64.104.1.x86_64", "SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-extra-3.12.74-60.64.104.1.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-3.12.74-60.64.104.1.ppc64le", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-3.12.74-60.64.104.1.s390x", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-3.12.74-60.64.104.1.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-base-3.12.74-60.64.104.1.ppc64le", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-base-3.12.74-60.64.104.1.s390x", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-base-3.12.74-60.64.104.1.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-devel-3.12.74-60.64.104.1.ppc64le", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-devel-3.12.74-60.64.104.1.s390x", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-devel-3.12.74-60.64.104.1.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-man-3.12.74-60.64.104.1.s390x", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-devel-3.12.74-60.64.104.1.noarch", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-macros-3.12.74-60.64.104.1.noarch", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-source-3.12.74-60.64.104.1.noarch", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-syms-3.12.74-60.64.104.1.ppc64le", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-syms-3.12.74-60.64.104.1.s390x", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-syms-3.12.74-60.64.104.1.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-xen-3.12.74-60.64.104.1.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-xen-base-3.12.74-60.64.104.1.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-xen-devel-3.12.74-60.64.104.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2018-09-27T15:01:17Z", details: "moderate", }, ], title: "CVE-2018-10878", }, { cve: "CVE-2018-10879", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2018-10879", }, ], notes: [ { category: "general", text: "A flaw was found in the Linux kernel's ext4 filesystem. A local user can cause a use-after-free in ext4_xattr_set_entry function and a denial of service or unspecified other impact may occur by renaming a file in a crafted ext4 filesystem image.", title: "CVE description", }, ], product_status: { recommended: [ "SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-3.12.74-60.64.104.1.x86_64", "SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-devel-3.12.74-60.64.104.1.x86_64", "SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-extra-3.12.74-60.64.104.1.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-3.12.74-60.64.104.1.ppc64le", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-3.12.74-60.64.104.1.s390x", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-3.12.74-60.64.104.1.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-base-3.12.74-60.64.104.1.ppc64le", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-base-3.12.74-60.64.104.1.s390x", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-base-3.12.74-60.64.104.1.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-devel-3.12.74-60.64.104.1.ppc64le", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-devel-3.12.74-60.64.104.1.s390x", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-devel-3.12.74-60.64.104.1.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-man-3.12.74-60.64.104.1.s390x", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-devel-3.12.74-60.64.104.1.noarch", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-macros-3.12.74-60.64.104.1.noarch", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-source-3.12.74-60.64.104.1.noarch", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-syms-3.12.74-60.64.104.1.ppc64le", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-syms-3.12.74-60.64.104.1.s390x", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-syms-3.12.74-60.64.104.1.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-xen-3.12.74-60.64.104.1.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-xen-base-3.12.74-60.64.104.1.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-xen-devel-3.12.74-60.64.104.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2018-10879", url: "https://www.suse.com/security/cve/CVE-2018-10879", }, { category: "external", summary: "SUSE Bug 1087082 for CVE-2018-10879", url: "https://bugzilla.suse.com/1087082", }, { category: "external", summary: "SUSE Bug 1099844 for CVE-2018-10879", url: "https://bugzilla.suse.com/1099844", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-3.12.74-60.64.104.1.x86_64", "SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-devel-3.12.74-60.64.104.1.x86_64", "SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-extra-3.12.74-60.64.104.1.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-3.12.74-60.64.104.1.ppc64le", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-3.12.74-60.64.104.1.s390x", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-3.12.74-60.64.104.1.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-base-3.12.74-60.64.104.1.ppc64le", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-base-3.12.74-60.64.104.1.s390x", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-base-3.12.74-60.64.104.1.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-devel-3.12.74-60.64.104.1.ppc64le", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-devel-3.12.74-60.64.104.1.s390x", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-devel-3.12.74-60.64.104.1.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-man-3.12.74-60.64.104.1.s390x", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-devel-3.12.74-60.64.104.1.noarch", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-macros-3.12.74-60.64.104.1.noarch", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-source-3.12.74-60.64.104.1.noarch", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-syms-3.12.74-60.64.104.1.ppc64le", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-syms-3.12.74-60.64.104.1.s390x", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-syms-3.12.74-60.64.104.1.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-xen-3.12.74-60.64.104.1.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-xen-base-3.12.74-60.64.104.1.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-xen-devel-3.12.74-60.64.104.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 5, baseSeverity: "MEDIUM", vectorString: "CVSS:3.0/AV:L/AC:L/PR:L/UI:R/S:U/C:N/I:N/A:H", version: "3.0", }, products: [ "SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-3.12.74-60.64.104.1.x86_64", "SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-devel-3.12.74-60.64.104.1.x86_64", "SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-extra-3.12.74-60.64.104.1.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-3.12.74-60.64.104.1.ppc64le", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-3.12.74-60.64.104.1.s390x", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-3.12.74-60.64.104.1.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-base-3.12.74-60.64.104.1.ppc64le", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-base-3.12.74-60.64.104.1.s390x", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-base-3.12.74-60.64.104.1.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-devel-3.12.74-60.64.104.1.ppc64le", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-devel-3.12.74-60.64.104.1.s390x", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-devel-3.12.74-60.64.104.1.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-man-3.12.74-60.64.104.1.s390x", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-devel-3.12.74-60.64.104.1.noarch", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-macros-3.12.74-60.64.104.1.noarch", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-source-3.12.74-60.64.104.1.noarch", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-syms-3.12.74-60.64.104.1.ppc64le", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-syms-3.12.74-60.64.104.1.s390x", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-syms-3.12.74-60.64.104.1.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-xen-3.12.74-60.64.104.1.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-xen-base-3.12.74-60.64.104.1.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-xen-devel-3.12.74-60.64.104.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2018-09-27T15:01:17Z", details: "moderate", }, ], title: "CVE-2018-10879", }, { cve: "CVE-2018-10880", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2018-10880", }, ], notes: [ { category: "general", text: "Linux kernel is vulnerable to a stack-out-of-bounds write in the ext4 filesystem code when mounting and writing to a crafted ext4 image in ext4_update_inline_data(). An attacker could use this to cause a system crash and a denial of service.", title: "CVE description", }, ], product_status: { recommended: [ "SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-3.12.74-60.64.104.1.x86_64", "SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-devel-3.12.74-60.64.104.1.x86_64", "SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-extra-3.12.74-60.64.104.1.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-3.12.74-60.64.104.1.ppc64le", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-3.12.74-60.64.104.1.s390x", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-3.12.74-60.64.104.1.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-base-3.12.74-60.64.104.1.ppc64le", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-base-3.12.74-60.64.104.1.s390x", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-base-3.12.74-60.64.104.1.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-devel-3.12.74-60.64.104.1.ppc64le", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-devel-3.12.74-60.64.104.1.s390x", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-devel-3.12.74-60.64.104.1.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-man-3.12.74-60.64.104.1.s390x", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-devel-3.12.74-60.64.104.1.noarch", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-macros-3.12.74-60.64.104.1.noarch", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-source-3.12.74-60.64.104.1.noarch", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-syms-3.12.74-60.64.104.1.ppc64le", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-syms-3.12.74-60.64.104.1.s390x", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-syms-3.12.74-60.64.104.1.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-xen-3.12.74-60.64.104.1.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-xen-base-3.12.74-60.64.104.1.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-xen-devel-3.12.74-60.64.104.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2018-10880", url: "https://www.suse.com/security/cve/CVE-2018-10880", }, { category: "external", summary: "SUSE Bug 1087082 for CVE-2018-10880", url: "https://bugzilla.suse.com/1087082", }, { category: "external", summary: "SUSE Bug 1099845 for CVE-2018-10880", url: "https://bugzilla.suse.com/1099845", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-3.12.74-60.64.104.1.x86_64", "SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-devel-3.12.74-60.64.104.1.x86_64", "SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-extra-3.12.74-60.64.104.1.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-3.12.74-60.64.104.1.ppc64le", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-3.12.74-60.64.104.1.s390x", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-3.12.74-60.64.104.1.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-base-3.12.74-60.64.104.1.ppc64le", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-base-3.12.74-60.64.104.1.s390x", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-base-3.12.74-60.64.104.1.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-devel-3.12.74-60.64.104.1.ppc64le", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-devel-3.12.74-60.64.104.1.s390x", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-devel-3.12.74-60.64.104.1.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-man-3.12.74-60.64.104.1.s390x", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-devel-3.12.74-60.64.104.1.noarch", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-macros-3.12.74-60.64.104.1.noarch", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-source-3.12.74-60.64.104.1.noarch", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-syms-3.12.74-60.64.104.1.ppc64le", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-syms-3.12.74-60.64.104.1.s390x", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-syms-3.12.74-60.64.104.1.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-xen-3.12.74-60.64.104.1.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-xen-base-3.12.74-60.64.104.1.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-xen-devel-3.12.74-60.64.104.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 5.6, baseSeverity: "MEDIUM", vectorString: "CVSS:3.0/AV:L/AC:L/PR:L/UI:R/S:U/C:N/I:L/A:H", version: "3.0", }, products: [ "SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-3.12.74-60.64.104.1.x86_64", "SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-devel-3.12.74-60.64.104.1.x86_64", "SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-extra-3.12.74-60.64.104.1.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-3.12.74-60.64.104.1.ppc64le", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-3.12.74-60.64.104.1.s390x", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-3.12.74-60.64.104.1.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-base-3.12.74-60.64.104.1.ppc64le", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-base-3.12.74-60.64.104.1.s390x", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-base-3.12.74-60.64.104.1.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-devel-3.12.74-60.64.104.1.ppc64le", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-devel-3.12.74-60.64.104.1.s390x", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-devel-3.12.74-60.64.104.1.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-man-3.12.74-60.64.104.1.s390x", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-devel-3.12.74-60.64.104.1.noarch", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-macros-3.12.74-60.64.104.1.noarch", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-source-3.12.74-60.64.104.1.noarch", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-syms-3.12.74-60.64.104.1.ppc64le", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-syms-3.12.74-60.64.104.1.s390x", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-syms-3.12.74-60.64.104.1.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-xen-3.12.74-60.64.104.1.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-xen-base-3.12.74-60.64.104.1.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-xen-devel-3.12.74-60.64.104.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2018-09-27T15:01:17Z", details: "moderate", }, ], title: "CVE-2018-10880", }, { cve: "CVE-2018-10881", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2018-10881", }, ], notes: [ { category: "general", text: "A flaw was found in the Linux kernel's ext4 filesystem. A local user can cause an out-of-bound access in ext4_get_group_info function, a denial of service, and a system crash by mounting and operating on a crafted ext4 filesystem image.", title: "CVE description", }, ], product_status: { recommended: [ "SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-3.12.74-60.64.104.1.x86_64", "SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-devel-3.12.74-60.64.104.1.x86_64", "SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-extra-3.12.74-60.64.104.1.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-3.12.74-60.64.104.1.ppc64le", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-3.12.74-60.64.104.1.s390x", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-3.12.74-60.64.104.1.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-base-3.12.74-60.64.104.1.ppc64le", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-base-3.12.74-60.64.104.1.s390x", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-base-3.12.74-60.64.104.1.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-devel-3.12.74-60.64.104.1.ppc64le", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-devel-3.12.74-60.64.104.1.s390x", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-devel-3.12.74-60.64.104.1.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-man-3.12.74-60.64.104.1.s390x", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-devel-3.12.74-60.64.104.1.noarch", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-macros-3.12.74-60.64.104.1.noarch", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-source-3.12.74-60.64.104.1.noarch", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-syms-3.12.74-60.64.104.1.ppc64le", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-syms-3.12.74-60.64.104.1.s390x", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-syms-3.12.74-60.64.104.1.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-xen-3.12.74-60.64.104.1.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-xen-base-3.12.74-60.64.104.1.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-xen-devel-3.12.74-60.64.104.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2018-10881", url: "https://www.suse.com/security/cve/CVE-2018-10881", }, { category: "external", summary: "SUSE Bug 1087082 for CVE-2018-10881", url: "https://bugzilla.suse.com/1087082", }, { category: "external", summary: "SUSE Bug 1099864 for CVE-2018-10881", url: "https://bugzilla.suse.com/1099864", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-3.12.74-60.64.104.1.x86_64", "SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-devel-3.12.74-60.64.104.1.x86_64", "SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-extra-3.12.74-60.64.104.1.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-3.12.74-60.64.104.1.ppc64le", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-3.12.74-60.64.104.1.s390x", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-3.12.74-60.64.104.1.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-base-3.12.74-60.64.104.1.ppc64le", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-base-3.12.74-60.64.104.1.s390x", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-base-3.12.74-60.64.104.1.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-devel-3.12.74-60.64.104.1.ppc64le", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-devel-3.12.74-60.64.104.1.s390x", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-devel-3.12.74-60.64.104.1.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-man-3.12.74-60.64.104.1.s390x", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-devel-3.12.74-60.64.104.1.noarch", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-macros-3.12.74-60.64.104.1.noarch", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-source-3.12.74-60.64.104.1.noarch", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-syms-3.12.74-60.64.104.1.ppc64le", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-syms-3.12.74-60.64.104.1.s390x", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-syms-3.12.74-60.64.104.1.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-xen-3.12.74-60.64.104.1.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-xen-base-3.12.74-60.64.104.1.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-xen-devel-3.12.74-60.64.104.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 5, baseSeverity: "MEDIUM", vectorString: "CVSS:3.0/AV:L/AC:L/PR:L/UI:R/S:U/C:N/I:N/A:H", version: "3.0", }, products: [ "SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-3.12.74-60.64.104.1.x86_64", "SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-devel-3.12.74-60.64.104.1.x86_64", "SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-extra-3.12.74-60.64.104.1.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-3.12.74-60.64.104.1.ppc64le", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-3.12.74-60.64.104.1.s390x", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-3.12.74-60.64.104.1.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-base-3.12.74-60.64.104.1.ppc64le", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-base-3.12.74-60.64.104.1.s390x", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-base-3.12.74-60.64.104.1.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-devel-3.12.74-60.64.104.1.ppc64le", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-devel-3.12.74-60.64.104.1.s390x", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-devel-3.12.74-60.64.104.1.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-man-3.12.74-60.64.104.1.s390x", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-devel-3.12.74-60.64.104.1.noarch", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-macros-3.12.74-60.64.104.1.noarch", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-source-3.12.74-60.64.104.1.noarch", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-syms-3.12.74-60.64.104.1.ppc64le", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-syms-3.12.74-60.64.104.1.s390x", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-syms-3.12.74-60.64.104.1.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-xen-3.12.74-60.64.104.1.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-xen-base-3.12.74-60.64.104.1.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-xen-devel-3.12.74-60.64.104.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2018-09-27T15:01:17Z", details: "moderate", }, ], title: "CVE-2018-10881", }, { cve: "CVE-2018-10882", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2018-10882", }, ], notes: [ { category: "general", text: "A flaw was found in the Linux kernel's ext4 filesystem. A local user can cause an out-of-bound write in in fs/jbd2/transaction.c code, a denial of service, and a system crash by unmounting a crafted ext4 filesystem image.", title: "CVE description", }, ], product_status: { recommended: [ "SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-3.12.74-60.64.104.1.x86_64", "SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-devel-3.12.74-60.64.104.1.x86_64", "SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-extra-3.12.74-60.64.104.1.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-3.12.74-60.64.104.1.ppc64le", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-3.12.74-60.64.104.1.s390x", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-3.12.74-60.64.104.1.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-base-3.12.74-60.64.104.1.ppc64le", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-base-3.12.74-60.64.104.1.s390x", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-base-3.12.74-60.64.104.1.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-devel-3.12.74-60.64.104.1.ppc64le", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-devel-3.12.74-60.64.104.1.s390x", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-devel-3.12.74-60.64.104.1.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-man-3.12.74-60.64.104.1.s390x", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-devel-3.12.74-60.64.104.1.noarch", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-macros-3.12.74-60.64.104.1.noarch", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-source-3.12.74-60.64.104.1.noarch", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-syms-3.12.74-60.64.104.1.ppc64le", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-syms-3.12.74-60.64.104.1.s390x", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-syms-3.12.74-60.64.104.1.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-xen-3.12.74-60.64.104.1.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-xen-base-3.12.74-60.64.104.1.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-xen-devel-3.12.74-60.64.104.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2018-10882", url: "https://www.suse.com/security/cve/CVE-2018-10882", }, { category: "external", summary: "SUSE Bug 1087082 for CVE-2018-10882", url: "https://bugzilla.suse.com/1087082", }, { category: "external", summary: "SUSE Bug 1099849 for CVE-2018-10882", url: "https://bugzilla.suse.com/1099849", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-3.12.74-60.64.104.1.x86_64", "SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-devel-3.12.74-60.64.104.1.x86_64", "SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-extra-3.12.74-60.64.104.1.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-3.12.74-60.64.104.1.ppc64le", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-3.12.74-60.64.104.1.s390x", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-3.12.74-60.64.104.1.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-base-3.12.74-60.64.104.1.ppc64le", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-base-3.12.74-60.64.104.1.s390x", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-base-3.12.74-60.64.104.1.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-devel-3.12.74-60.64.104.1.ppc64le", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-devel-3.12.74-60.64.104.1.s390x", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-devel-3.12.74-60.64.104.1.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-man-3.12.74-60.64.104.1.s390x", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-devel-3.12.74-60.64.104.1.noarch", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-macros-3.12.74-60.64.104.1.noarch", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-source-3.12.74-60.64.104.1.noarch", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-syms-3.12.74-60.64.104.1.ppc64le", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-syms-3.12.74-60.64.104.1.s390x", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-syms-3.12.74-60.64.104.1.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-xen-3.12.74-60.64.104.1.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-xen-base-3.12.74-60.64.104.1.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-xen-devel-3.12.74-60.64.104.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 5, baseSeverity: "MEDIUM", vectorString: "CVSS:3.0/AV:L/AC:L/PR:L/UI:R/S:U/C:N/I:N/A:H", version: "3.0", }, products: [ "SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-3.12.74-60.64.104.1.x86_64", "SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-devel-3.12.74-60.64.104.1.x86_64", "SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-extra-3.12.74-60.64.104.1.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-3.12.74-60.64.104.1.ppc64le", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-3.12.74-60.64.104.1.s390x", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-3.12.74-60.64.104.1.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-base-3.12.74-60.64.104.1.ppc64le", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-base-3.12.74-60.64.104.1.s390x", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-base-3.12.74-60.64.104.1.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-devel-3.12.74-60.64.104.1.ppc64le", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-devel-3.12.74-60.64.104.1.s390x", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-devel-3.12.74-60.64.104.1.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-man-3.12.74-60.64.104.1.s390x", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-devel-3.12.74-60.64.104.1.noarch", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-macros-3.12.74-60.64.104.1.noarch", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-source-3.12.74-60.64.104.1.noarch", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-syms-3.12.74-60.64.104.1.ppc64le", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-syms-3.12.74-60.64.104.1.s390x", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-syms-3.12.74-60.64.104.1.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-xen-3.12.74-60.64.104.1.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-xen-base-3.12.74-60.64.104.1.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-xen-devel-3.12.74-60.64.104.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2018-09-27T15:01:17Z", details: "moderate", }, ], title: "CVE-2018-10882", }, { cve: "CVE-2018-10883", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2018-10883", }, ], notes: [ { category: "general", text: "A flaw was found in the Linux kernel's ext4 filesystem. A local user can cause an out-of-bounds write in jbd2_journal_dirty_metadata(), a denial of service, and a system crash by mounting and operating on a crafted ext4 filesystem image.", title: "CVE description", }, ], product_status: { recommended: [ "SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-3.12.74-60.64.104.1.x86_64", "SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-devel-3.12.74-60.64.104.1.x86_64", "SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-extra-3.12.74-60.64.104.1.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-3.12.74-60.64.104.1.ppc64le", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-3.12.74-60.64.104.1.s390x", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-3.12.74-60.64.104.1.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-base-3.12.74-60.64.104.1.ppc64le", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-base-3.12.74-60.64.104.1.s390x", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-base-3.12.74-60.64.104.1.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-devel-3.12.74-60.64.104.1.ppc64le", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-devel-3.12.74-60.64.104.1.s390x", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-devel-3.12.74-60.64.104.1.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-man-3.12.74-60.64.104.1.s390x", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-devel-3.12.74-60.64.104.1.noarch", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-macros-3.12.74-60.64.104.1.noarch", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-source-3.12.74-60.64.104.1.noarch", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-syms-3.12.74-60.64.104.1.ppc64le", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-syms-3.12.74-60.64.104.1.s390x", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-syms-3.12.74-60.64.104.1.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-xen-3.12.74-60.64.104.1.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-xen-base-3.12.74-60.64.104.1.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-xen-devel-3.12.74-60.64.104.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2018-10883", url: "https://www.suse.com/security/cve/CVE-2018-10883", }, { category: "external", summary: "SUSE Bug 1087082 for CVE-2018-10883", url: "https://bugzilla.suse.com/1087082", }, { category: "external", summary: "SUSE Bug 1099863 for CVE-2018-10883", url: "https://bugzilla.suse.com/1099863", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-3.12.74-60.64.104.1.x86_64", "SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-devel-3.12.74-60.64.104.1.x86_64", "SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-extra-3.12.74-60.64.104.1.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-3.12.74-60.64.104.1.ppc64le", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-3.12.74-60.64.104.1.s390x", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-3.12.74-60.64.104.1.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-base-3.12.74-60.64.104.1.ppc64le", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-base-3.12.74-60.64.104.1.s390x", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-base-3.12.74-60.64.104.1.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-devel-3.12.74-60.64.104.1.ppc64le", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-devel-3.12.74-60.64.104.1.s390x", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-devel-3.12.74-60.64.104.1.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-man-3.12.74-60.64.104.1.s390x", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-devel-3.12.74-60.64.104.1.noarch", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-macros-3.12.74-60.64.104.1.noarch", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-source-3.12.74-60.64.104.1.noarch", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-syms-3.12.74-60.64.104.1.ppc64le", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-syms-3.12.74-60.64.104.1.s390x", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-syms-3.12.74-60.64.104.1.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-xen-3.12.74-60.64.104.1.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-xen-base-3.12.74-60.64.104.1.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-xen-devel-3.12.74-60.64.104.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 5, baseSeverity: "MEDIUM", vectorString: "CVSS:3.0/AV:L/AC:L/PR:L/UI:R/S:U/C:N/I:N/A:H", version: "3.0", }, products: [ "SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-3.12.74-60.64.104.1.x86_64", "SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-devel-3.12.74-60.64.104.1.x86_64", "SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-extra-3.12.74-60.64.104.1.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-3.12.74-60.64.104.1.ppc64le", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-3.12.74-60.64.104.1.s390x", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-3.12.74-60.64.104.1.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-base-3.12.74-60.64.104.1.ppc64le", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-base-3.12.74-60.64.104.1.s390x", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-base-3.12.74-60.64.104.1.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-devel-3.12.74-60.64.104.1.ppc64le", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-devel-3.12.74-60.64.104.1.s390x", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-devel-3.12.74-60.64.104.1.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-man-3.12.74-60.64.104.1.s390x", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-devel-3.12.74-60.64.104.1.noarch", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-macros-3.12.74-60.64.104.1.noarch", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-source-3.12.74-60.64.104.1.noarch", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-syms-3.12.74-60.64.104.1.ppc64le", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-syms-3.12.74-60.64.104.1.s390x", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-syms-3.12.74-60.64.104.1.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-xen-3.12.74-60.64.104.1.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-xen-base-3.12.74-60.64.104.1.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-xen-devel-3.12.74-60.64.104.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2018-09-27T15:01:17Z", details: "moderate", }, ], title: "CVE-2018-10883", }, { cve: "CVE-2018-10902", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2018-10902", }, ], notes: [ { category: "general", text: "It was found that the raw midi kernel driver does not protect against concurrent access which leads to a double realloc (double free) in snd_rawmidi_input_params() and snd_rawmidi_output_status() which are part of snd_rawmidi_ioctl() handler in rawmidi.c file. A malicious local attacker could possibly use this for privilege escalation.", title: "CVE description", }, ], product_status: { recommended: [ "SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-3.12.74-60.64.104.1.x86_64", "SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-devel-3.12.74-60.64.104.1.x86_64", "SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-extra-3.12.74-60.64.104.1.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-3.12.74-60.64.104.1.ppc64le", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-3.12.74-60.64.104.1.s390x", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-3.12.74-60.64.104.1.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-base-3.12.74-60.64.104.1.ppc64le", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-base-3.12.74-60.64.104.1.s390x", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-base-3.12.74-60.64.104.1.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-devel-3.12.74-60.64.104.1.ppc64le", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-devel-3.12.74-60.64.104.1.s390x", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-devel-3.12.74-60.64.104.1.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-man-3.12.74-60.64.104.1.s390x", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-devel-3.12.74-60.64.104.1.noarch", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-macros-3.12.74-60.64.104.1.noarch", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-source-3.12.74-60.64.104.1.noarch", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-syms-3.12.74-60.64.104.1.ppc64le", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-syms-3.12.74-60.64.104.1.s390x", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-syms-3.12.74-60.64.104.1.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-xen-3.12.74-60.64.104.1.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-xen-base-3.12.74-60.64.104.1.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-xen-devel-3.12.74-60.64.104.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2018-10902", url: "https://www.suse.com/security/cve/CVE-2018-10902", }, { category: "external", summary: "SUSE Bug 1105322 for CVE-2018-10902", url: "https://bugzilla.suse.com/1105322", }, { category: "external", summary: "SUSE Bug 1105323 for CVE-2018-10902", url: "https://bugzilla.suse.com/1105323", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-3.12.74-60.64.104.1.x86_64", "SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-devel-3.12.74-60.64.104.1.x86_64", "SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-extra-3.12.74-60.64.104.1.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-3.12.74-60.64.104.1.ppc64le", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-3.12.74-60.64.104.1.s390x", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-3.12.74-60.64.104.1.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-base-3.12.74-60.64.104.1.ppc64le", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-base-3.12.74-60.64.104.1.s390x", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-base-3.12.74-60.64.104.1.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-devel-3.12.74-60.64.104.1.ppc64le", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-devel-3.12.74-60.64.104.1.s390x", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-devel-3.12.74-60.64.104.1.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-man-3.12.74-60.64.104.1.s390x", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-devel-3.12.74-60.64.104.1.noarch", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-macros-3.12.74-60.64.104.1.noarch", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-source-3.12.74-60.64.104.1.noarch", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-syms-3.12.74-60.64.104.1.ppc64le", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-syms-3.12.74-60.64.104.1.s390x", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-syms-3.12.74-60.64.104.1.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-xen-3.12.74-60.64.104.1.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-xen-base-3.12.74-60.64.104.1.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-xen-devel-3.12.74-60.64.104.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 7, baseSeverity: "HIGH", vectorString: "CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H", version: "3.0", }, products: [ "SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-3.12.74-60.64.104.1.x86_64", "SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-devel-3.12.74-60.64.104.1.x86_64", "SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-extra-3.12.74-60.64.104.1.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-3.12.74-60.64.104.1.ppc64le", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-3.12.74-60.64.104.1.s390x", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-3.12.74-60.64.104.1.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-base-3.12.74-60.64.104.1.ppc64le", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-base-3.12.74-60.64.104.1.s390x", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-base-3.12.74-60.64.104.1.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-devel-3.12.74-60.64.104.1.ppc64le", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-devel-3.12.74-60.64.104.1.s390x", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-devel-3.12.74-60.64.104.1.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-man-3.12.74-60.64.104.1.s390x", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-devel-3.12.74-60.64.104.1.noarch", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-macros-3.12.74-60.64.104.1.noarch", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-source-3.12.74-60.64.104.1.noarch", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-syms-3.12.74-60.64.104.1.ppc64le", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-syms-3.12.74-60.64.104.1.s390x", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-syms-3.12.74-60.64.104.1.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-xen-3.12.74-60.64.104.1.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-xen-base-3.12.74-60.64.104.1.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-xen-devel-3.12.74-60.64.104.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2018-09-27T15:01:17Z", details: "moderate", }, ], title: "CVE-2018-10902", }, { cve: "CVE-2018-10940", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2018-10940", }, ], notes: [ { category: "general", text: "The cdrom_ioctl_media_changed function in drivers/cdrom/cdrom.c in the Linux kernel before 4.16.6 allows local attackers to use a incorrect bounds check in the CDROM driver CDROM_MEDIA_CHANGED ioctl to read out kernel memory.", title: "CVE description", }, ], product_status: { recommended: [ "SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-3.12.74-60.64.104.1.x86_64", "SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-devel-3.12.74-60.64.104.1.x86_64", "SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-extra-3.12.74-60.64.104.1.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-3.12.74-60.64.104.1.ppc64le", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-3.12.74-60.64.104.1.s390x", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-3.12.74-60.64.104.1.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-base-3.12.74-60.64.104.1.ppc64le", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-base-3.12.74-60.64.104.1.s390x", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-base-3.12.74-60.64.104.1.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-devel-3.12.74-60.64.104.1.ppc64le", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-devel-3.12.74-60.64.104.1.s390x", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-devel-3.12.74-60.64.104.1.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-man-3.12.74-60.64.104.1.s390x", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-devel-3.12.74-60.64.104.1.noarch", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-macros-3.12.74-60.64.104.1.noarch", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-source-3.12.74-60.64.104.1.noarch", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-syms-3.12.74-60.64.104.1.ppc64le", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-syms-3.12.74-60.64.104.1.s390x", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-syms-3.12.74-60.64.104.1.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-xen-3.12.74-60.64.104.1.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-xen-base-3.12.74-60.64.104.1.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-xen-devel-3.12.74-60.64.104.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2018-10940", url: "https://www.suse.com/security/cve/CVE-2018-10940", }, { category: "external", summary: "SUSE Bug 1087082 for CVE-2018-10940", url: "https://bugzilla.suse.com/1087082", }, { category: "external", summary: "SUSE Bug 1092903 for CVE-2018-10940", url: "https://bugzilla.suse.com/1092903", }, { category: "external", summary: "SUSE Bug 1107689 for CVE-2018-10940", url: "https://bugzilla.suse.com/1107689", }, { category: "external", summary: "SUSE Bug 1113751 for CVE-2018-10940", url: "https://bugzilla.suse.com/1113751", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-3.12.74-60.64.104.1.x86_64", "SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-devel-3.12.74-60.64.104.1.x86_64", "SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-extra-3.12.74-60.64.104.1.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-3.12.74-60.64.104.1.ppc64le", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-3.12.74-60.64.104.1.s390x", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-3.12.74-60.64.104.1.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-base-3.12.74-60.64.104.1.ppc64le", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-base-3.12.74-60.64.104.1.s390x", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-base-3.12.74-60.64.104.1.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-devel-3.12.74-60.64.104.1.ppc64le", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-devel-3.12.74-60.64.104.1.s390x", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-devel-3.12.74-60.64.104.1.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-man-3.12.74-60.64.104.1.s390x", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-devel-3.12.74-60.64.104.1.noarch", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-macros-3.12.74-60.64.104.1.noarch", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-source-3.12.74-60.64.104.1.noarch", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-syms-3.12.74-60.64.104.1.ppc64le", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-syms-3.12.74-60.64.104.1.s390x", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-syms-3.12.74-60.64.104.1.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-xen-3.12.74-60.64.104.1.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-xen-base-3.12.74-60.64.104.1.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-xen-devel-3.12.74-60.64.104.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 6.2, baseSeverity: "MEDIUM", vectorString: "CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N", version: "3.0", }, products: [ "SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-3.12.74-60.64.104.1.x86_64", "SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-devel-3.12.74-60.64.104.1.x86_64", "SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-extra-3.12.74-60.64.104.1.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-3.12.74-60.64.104.1.ppc64le", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-3.12.74-60.64.104.1.s390x", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-3.12.74-60.64.104.1.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-base-3.12.74-60.64.104.1.ppc64le", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-base-3.12.74-60.64.104.1.s390x", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-base-3.12.74-60.64.104.1.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-devel-3.12.74-60.64.104.1.ppc64le", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-devel-3.12.74-60.64.104.1.s390x", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-devel-3.12.74-60.64.104.1.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-man-3.12.74-60.64.104.1.s390x", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-devel-3.12.74-60.64.104.1.noarch", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-macros-3.12.74-60.64.104.1.noarch", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-source-3.12.74-60.64.104.1.noarch", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-syms-3.12.74-60.64.104.1.ppc64le", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-syms-3.12.74-60.64.104.1.s390x", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-syms-3.12.74-60.64.104.1.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-xen-3.12.74-60.64.104.1.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-xen-base-3.12.74-60.64.104.1.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-xen-devel-3.12.74-60.64.104.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2018-09-27T15:01:17Z", details: "moderate", }, ], title: "CVE-2018-10940", }, { cve: "CVE-2018-12896", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2018-12896", }, ], notes: [ { category: "general", text: "An issue was discovered in the Linux kernel through 4.17.3. An Integer Overflow in kernel/time/posix-timers.c in the POSIX timer code is caused by the way the overrun accounting works. Depending on interval and expiry time values, the overrun can be larger than INT_MAX, but the accounting is int based. This basically makes the accounting values, which are visible to user space via timer_getoverrun(2) and siginfo::si_overrun, random. For example, a local user can cause a denial of service (signed integer overflow) via crafted mmap, futex, timer_create, and timer_settime system calls.", title: "CVE description", }, ], product_status: { recommended: [ "SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-3.12.74-60.64.104.1.x86_64", "SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-devel-3.12.74-60.64.104.1.x86_64", "SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-extra-3.12.74-60.64.104.1.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-3.12.74-60.64.104.1.ppc64le", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-3.12.74-60.64.104.1.s390x", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-3.12.74-60.64.104.1.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-base-3.12.74-60.64.104.1.ppc64le", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-base-3.12.74-60.64.104.1.s390x", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-base-3.12.74-60.64.104.1.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-devel-3.12.74-60.64.104.1.ppc64le", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-devel-3.12.74-60.64.104.1.s390x", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-devel-3.12.74-60.64.104.1.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-man-3.12.74-60.64.104.1.s390x", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-devel-3.12.74-60.64.104.1.noarch", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-macros-3.12.74-60.64.104.1.noarch", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-source-3.12.74-60.64.104.1.noarch", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-syms-3.12.74-60.64.104.1.ppc64le", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-syms-3.12.74-60.64.104.1.s390x", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-syms-3.12.74-60.64.104.1.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-xen-3.12.74-60.64.104.1.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-xen-base-3.12.74-60.64.104.1.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-xen-devel-3.12.74-60.64.104.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2018-12896", url: "https://www.suse.com/security/cve/CVE-2018-12896", }, { category: "external", summary: "SUSE Bug 1099922 for CVE-2018-12896", url: "https://bugzilla.suse.com/1099922", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-3.12.74-60.64.104.1.x86_64", "SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-devel-3.12.74-60.64.104.1.x86_64", "SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-extra-3.12.74-60.64.104.1.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-3.12.74-60.64.104.1.ppc64le", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-3.12.74-60.64.104.1.s390x", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-3.12.74-60.64.104.1.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-base-3.12.74-60.64.104.1.ppc64le", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-base-3.12.74-60.64.104.1.s390x", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-base-3.12.74-60.64.104.1.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-devel-3.12.74-60.64.104.1.ppc64le", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-devel-3.12.74-60.64.104.1.s390x", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-devel-3.12.74-60.64.104.1.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-man-3.12.74-60.64.104.1.s390x", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-devel-3.12.74-60.64.104.1.noarch", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-macros-3.12.74-60.64.104.1.noarch", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-source-3.12.74-60.64.104.1.noarch", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-syms-3.12.74-60.64.104.1.ppc64le", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-syms-3.12.74-60.64.104.1.s390x", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-syms-3.12.74-60.64.104.1.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-xen-3.12.74-60.64.104.1.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-xen-base-3.12.74-60.64.104.1.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-xen-devel-3.12.74-60.64.104.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 3.3, baseSeverity: "LOW", vectorString: "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L", version: "3.0", }, products: [ "SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-3.12.74-60.64.104.1.x86_64", "SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-devel-3.12.74-60.64.104.1.x86_64", "SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-extra-3.12.74-60.64.104.1.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-3.12.74-60.64.104.1.ppc64le", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-3.12.74-60.64.104.1.s390x", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-3.12.74-60.64.104.1.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-base-3.12.74-60.64.104.1.ppc64le", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-base-3.12.74-60.64.104.1.s390x", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-base-3.12.74-60.64.104.1.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-devel-3.12.74-60.64.104.1.ppc64le", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-devel-3.12.74-60.64.104.1.s390x", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-devel-3.12.74-60.64.104.1.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-man-3.12.74-60.64.104.1.s390x", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-devel-3.12.74-60.64.104.1.noarch", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-macros-3.12.74-60.64.104.1.noarch", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-source-3.12.74-60.64.104.1.noarch", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-syms-3.12.74-60.64.104.1.ppc64le", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-syms-3.12.74-60.64.104.1.s390x", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-syms-3.12.74-60.64.104.1.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-xen-3.12.74-60.64.104.1.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-xen-base-3.12.74-60.64.104.1.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-xen-devel-3.12.74-60.64.104.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2018-09-27T15:01:17Z", details: "low", }, ], title: "CVE-2018-12896", }, { cve: "CVE-2018-13093", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2018-13093", }, ], notes: [ { category: "general", text: "An issue was discovered in fs/xfs/xfs_icache.c in the Linux kernel through 4.17.3. There is a NULL pointer dereference and panic in lookup_slow() on a NULL inode->i_ops pointer when doing pathwalks on a corrupted xfs image. This occurs because of a lack of proper validation that cached inodes are free during allocation.", title: "CVE description", }, ], product_status: { recommended: [ "SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-3.12.74-60.64.104.1.x86_64", "SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-devel-3.12.74-60.64.104.1.x86_64", "SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-extra-3.12.74-60.64.104.1.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-3.12.74-60.64.104.1.ppc64le", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-3.12.74-60.64.104.1.s390x", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-3.12.74-60.64.104.1.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-base-3.12.74-60.64.104.1.ppc64le", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-base-3.12.74-60.64.104.1.s390x", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-base-3.12.74-60.64.104.1.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-devel-3.12.74-60.64.104.1.ppc64le", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-devel-3.12.74-60.64.104.1.s390x", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-devel-3.12.74-60.64.104.1.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-man-3.12.74-60.64.104.1.s390x", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-devel-3.12.74-60.64.104.1.noarch", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-macros-3.12.74-60.64.104.1.noarch", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-source-3.12.74-60.64.104.1.noarch", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-syms-3.12.74-60.64.104.1.ppc64le", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-syms-3.12.74-60.64.104.1.s390x", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-syms-3.12.74-60.64.104.1.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-xen-3.12.74-60.64.104.1.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-xen-base-3.12.74-60.64.104.1.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-xen-devel-3.12.74-60.64.104.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2018-13093", url: "https://www.suse.com/security/cve/CVE-2018-13093", }, { category: "external", summary: "SUSE Bug 1100001 for CVE-2018-13093", url: "https://bugzilla.suse.com/1100001", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-3.12.74-60.64.104.1.x86_64", "SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-devel-3.12.74-60.64.104.1.x86_64", "SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-extra-3.12.74-60.64.104.1.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-3.12.74-60.64.104.1.ppc64le", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-3.12.74-60.64.104.1.s390x", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-3.12.74-60.64.104.1.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-base-3.12.74-60.64.104.1.ppc64le", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-base-3.12.74-60.64.104.1.s390x", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-base-3.12.74-60.64.104.1.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-devel-3.12.74-60.64.104.1.ppc64le", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-devel-3.12.74-60.64.104.1.s390x", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-devel-3.12.74-60.64.104.1.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-man-3.12.74-60.64.104.1.s390x", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-devel-3.12.74-60.64.104.1.noarch", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-macros-3.12.74-60.64.104.1.noarch", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-source-3.12.74-60.64.104.1.noarch", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-syms-3.12.74-60.64.104.1.ppc64le", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-syms-3.12.74-60.64.104.1.s390x", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-syms-3.12.74-60.64.104.1.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-xen-3.12.74-60.64.104.1.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-xen-base-3.12.74-60.64.104.1.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-xen-devel-3.12.74-60.64.104.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 6.1, baseSeverity: "MEDIUM", vectorString: "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:H", version: "3.0", }, products: [ "SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-3.12.74-60.64.104.1.x86_64", "SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-devel-3.12.74-60.64.104.1.x86_64", "SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-extra-3.12.74-60.64.104.1.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-3.12.74-60.64.104.1.ppc64le", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-3.12.74-60.64.104.1.s390x", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-3.12.74-60.64.104.1.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-base-3.12.74-60.64.104.1.ppc64le", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-base-3.12.74-60.64.104.1.s390x", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-base-3.12.74-60.64.104.1.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-devel-3.12.74-60.64.104.1.ppc64le", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-devel-3.12.74-60.64.104.1.s390x", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-devel-3.12.74-60.64.104.1.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-man-3.12.74-60.64.104.1.s390x", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-devel-3.12.74-60.64.104.1.noarch", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-macros-3.12.74-60.64.104.1.noarch", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-source-3.12.74-60.64.104.1.noarch", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-syms-3.12.74-60.64.104.1.ppc64le", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-syms-3.12.74-60.64.104.1.s390x", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-syms-3.12.74-60.64.104.1.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-xen-3.12.74-60.64.104.1.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-xen-base-3.12.74-60.64.104.1.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-xen-devel-3.12.74-60.64.104.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2018-09-27T15:01:17Z", details: "moderate", }, ], title: "CVE-2018-13093", }, { cve: "CVE-2018-14617", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2018-14617", }, ], notes: [ { category: "general", text: "An issue was discovered in the Linux kernel through 4.17.10. There is a NULL pointer dereference and panic in hfsplus_lookup() in fs/hfsplus/dir.c when opening a file (that is purportedly a hard link) in an hfs+ filesystem that has malformed catalog data, and is mounted read-only without a metadata directory.", title: "CVE description", }, ], product_status: { recommended: [ "SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-3.12.74-60.64.104.1.x86_64", "SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-devel-3.12.74-60.64.104.1.x86_64", "SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-extra-3.12.74-60.64.104.1.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-3.12.74-60.64.104.1.ppc64le", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-3.12.74-60.64.104.1.s390x", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-3.12.74-60.64.104.1.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-base-3.12.74-60.64.104.1.ppc64le", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-base-3.12.74-60.64.104.1.s390x", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-base-3.12.74-60.64.104.1.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-devel-3.12.74-60.64.104.1.ppc64le", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-devel-3.12.74-60.64.104.1.s390x", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-devel-3.12.74-60.64.104.1.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-man-3.12.74-60.64.104.1.s390x", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-devel-3.12.74-60.64.104.1.noarch", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-macros-3.12.74-60.64.104.1.noarch", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-source-3.12.74-60.64.104.1.noarch", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-syms-3.12.74-60.64.104.1.ppc64le", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-syms-3.12.74-60.64.104.1.s390x", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-syms-3.12.74-60.64.104.1.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-xen-3.12.74-60.64.104.1.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-xen-base-3.12.74-60.64.104.1.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-xen-devel-3.12.74-60.64.104.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2018-14617", url: "https://www.suse.com/security/cve/CVE-2018-14617", }, { category: "external", summary: "SUSE Bug 1102870 for CVE-2018-14617", url: "https://bugzilla.suse.com/1102870", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-3.12.74-60.64.104.1.x86_64", "SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-devel-3.12.74-60.64.104.1.x86_64", "SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-extra-3.12.74-60.64.104.1.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-3.12.74-60.64.104.1.ppc64le", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-3.12.74-60.64.104.1.s390x", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-3.12.74-60.64.104.1.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-base-3.12.74-60.64.104.1.ppc64le", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-base-3.12.74-60.64.104.1.s390x", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-base-3.12.74-60.64.104.1.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-devel-3.12.74-60.64.104.1.ppc64le", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-devel-3.12.74-60.64.104.1.s390x", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-devel-3.12.74-60.64.104.1.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-man-3.12.74-60.64.104.1.s390x", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-devel-3.12.74-60.64.104.1.noarch", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-macros-3.12.74-60.64.104.1.noarch", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-source-3.12.74-60.64.104.1.noarch", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-syms-3.12.74-60.64.104.1.ppc64le", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-syms-3.12.74-60.64.104.1.s390x", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-syms-3.12.74-60.64.104.1.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-xen-3.12.74-60.64.104.1.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-xen-base-3.12.74-60.64.104.1.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-xen-devel-3.12.74-60.64.104.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 5.5, baseSeverity: "MEDIUM", vectorString: "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", version: "3.0", }, products: [ "SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-3.12.74-60.64.104.1.x86_64", "SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-devel-3.12.74-60.64.104.1.x86_64", "SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-extra-3.12.74-60.64.104.1.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-3.12.74-60.64.104.1.ppc64le", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-3.12.74-60.64.104.1.s390x", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-3.12.74-60.64.104.1.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-base-3.12.74-60.64.104.1.ppc64le", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-base-3.12.74-60.64.104.1.s390x", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-base-3.12.74-60.64.104.1.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-devel-3.12.74-60.64.104.1.ppc64le", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-devel-3.12.74-60.64.104.1.s390x", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-devel-3.12.74-60.64.104.1.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-man-3.12.74-60.64.104.1.s390x", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-devel-3.12.74-60.64.104.1.noarch", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-macros-3.12.74-60.64.104.1.noarch", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-source-3.12.74-60.64.104.1.noarch", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-syms-3.12.74-60.64.104.1.ppc64le", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-syms-3.12.74-60.64.104.1.s390x", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-syms-3.12.74-60.64.104.1.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-xen-3.12.74-60.64.104.1.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-xen-base-3.12.74-60.64.104.1.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-xen-devel-3.12.74-60.64.104.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2018-09-27T15:01:17Z", details: "moderate", }, ], title: "CVE-2018-14617", }, { cve: "CVE-2018-14634", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2018-14634", }, ], notes: [ { category: "general", text: "An integer overflow flaw was found in the Linux kernel's create_elf_tables() function. An unprivileged local user with access to SUID (or otherwise privileged) binary could use this flaw to escalate their privileges on the system. Kernel versions 2.6.x, 3.10.x and 4.14.x are believed to be vulnerable.", title: "CVE description", }, ], product_status: { recommended: [ "SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-3.12.74-60.64.104.1.x86_64", "SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-devel-3.12.74-60.64.104.1.x86_64", "SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-extra-3.12.74-60.64.104.1.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-3.12.74-60.64.104.1.ppc64le", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-3.12.74-60.64.104.1.s390x", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-3.12.74-60.64.104.1.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-base-3.12.74-60.64.104.1.ppc64le", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-base-3.12.74-60.64.104.1.s390x", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-base-3.12.74-60.64.104.1.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-devel-3.12.74-60.64.104.1.ppc64le", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-devel-3.12.74-60.64.104.1.s390x", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-devel-3.12.74-60.64.104.1.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-man-3.12.74-60.64.104.1.s390x", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-devel-3.12.74-60.64.104.1.noarch", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-macros-3.12.74-60.64.104.1.noarch", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-source-3.12.74-60.64.104.1.noarch", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-syms-3.12.74-60.64.104.1.ppc64le", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-syms-3.12.74-60.64.104.1.s390x", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-syms-3.12.74-60.64.104.1.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-xen-3.12.74-60.64.104.1.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-xen-base-3.12.74-60.64.104.1.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-xen-devel-3.12.74-60.64.104.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2018-14634", url: "https://www.suse.com/security/cve/CVE-2018-14634", }, { category: "external", summary: "SUSE Bug 1108912 for CVE-2018-14634", url: "https://bugzilla.suse.com/1108912", }, { category: "external", summary: "SUSE Bug 1108963 for CVE-2018-14634", url: "https://bugzilla.suse.com/1108963", }, { category: "external", summary: "SUSE Bug 1115893 for CVE-2018-14634", url: "https://bugzilla.suse.com/1115893", }, { category: "external", summary: "SUSE Bug 1120323 for CVE-2018-14634", url: "https://bugzilla.suse.com/1120323", }, { category: "external", summary: "SUSE Bug 1122265 for CVE-2018-14634", url: "https://bugzilla.suse.com/1122265", }, { category: "external", summary: "SUSE Bug 1188063 for CVE-2018-14634", url: "https://bugzilla.suse.com/1188063", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-3.12.74-60.64.104.1.x86_64", "SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-devel-3.12.74-60.64.104.1.x86_64", "SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-extra-3.12.74-60.64.104.1.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-3.12.74-60.64.104.1.ppc64le", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-3.12.74-60.64.104.1.s390x", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-3.12.74-60.64.104.1.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-base-3.12.74-60.64.104.1.ppc64le", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-base-3.12.74-60.64.104.1.s390x", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-base-3.12.74-60.64.104.1.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-devel-3.12.74-60.64.104.1.ppc64le", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-devel-3.12.74-60.64.104.1.s390x", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-devel-3.12.74-60.64.104.1.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-man-3.12.74-60.64.104.1.s390x", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-devel-3.12.74-60.64.104.1.noarch", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-macros-3.12.74-60.64.104.1.noarch", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-source-3.12.74-60.64.104.1.noarch", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-syms-3.12.74-60.64.104.1.ppc64le", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-syms-3.12.74-60.64.104.1.s390x", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-syms-3.12.74-60.64.104.1.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-xen-3.12.74-60.64.104.1.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-xen-base-3.12.74-60.64.104.1.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-xen-devel-3.12.74-60.64.104.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 7.8, baseSeverity: "HIGH", vectorString: "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", version: "3.0", }, products: [ "SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-3.12.74-60.64.104.1.x86_64", "SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-devel-3.12.74-60.64.104.1.x86_64", "SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-extra-3.12.74-60.64.104.1.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-3.12.74-60.64.104.1.ppc64le", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-3.12.74-60.64.104.1.s390x", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-3.12.74-60.64.104.1.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-base-3.12.74-60.64.104.1.ppc64le", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-base-3.12.74-60.64.104.1.s390x", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-base-3.12.74-60.64.104.1.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-devel-3.12.74-60.64.104.1.ppc64le", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-devel-3.12.74-60.64.104.1.s390x", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-devel-3.12.74-60.64.104.1.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-man-3.12.74-60.64.104.1.s390x", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-devel-3.12.74-60.64.104.1.noarch", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-macros-3.12.74-60.64.104.1.noarch", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-source-3.12.74-60.64.104.1.noarch", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-syms-3.12.74-60.64.104.1.ppc64le", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-syms-3.12.74-60.64.104.1.s390x", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-syms-3.12.74-60.64.104.1.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-xen-3.12.74-60.64.104.1.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-xen-base-3.12.74-60.64.104.1.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-xen-devel-3.12.74-60.64.104.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2018-09-27T15:01:17Z", details: "important", }, ], title: "CVE-2018-14634", }, { cve: "CVE-2018-16276", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2018-16276", }, ], notes: [ { category: "general", text: "An issue was discovered in yurex_read in drivers/usb/misc/yurex.c in the Linux kernel before 4.17.7. Local attackers could use user access read/writes with incorrect bounds checking in the yurex USB driver to crash the kernel or potentially escalate privileges.", title: "CVE description", }, ], product_status: { recommended: [ "SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-3.12.74-60.64.104.1.x86_64", "SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-devel-3.12.74-60.64.104.1.x86_64", "SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-extra-3.12.74-60.64.104.1.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-3.12.74-60.64.104.1.ppc64le", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-3.12.74-60.64.104.1.s390x", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-3.12.74-60.64.104.1.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-base-3.12.74-60.64.104.1.ppc64le", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-base-3.12.74-60.64.104.1.s390x", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-base-3.12.74-60.64.104.1.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-devel-3.12.74-60.64.104.1.ppc64le", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-devel-3.12.74-60.64.104.1.s390x", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-devel-3.12.74-60.64.104.1.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-man-3.12.74-60.64.104.1.s390x", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-devel-3.12.74-60.64.104.1.noarch", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-macros-3.12.74-60.64.104.1.noarch", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-source-3.12.74-60.64.104.1.noarch", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-syms-3.12.74-60.64.104.1.ppc64le", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-syms-3.12.74-60.64.104.1.s390x", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-syms-3.12.74-60.64.104.1.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-xen-3.12.74-60.64.104.1.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-xen-base-3.12.74-60.64.104.1.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-xen-devel-3.12.74-60.64.104.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2018-16276", url: "https://www.suse.com/security/cve/CVE-2018-16276", }, { category: "external", summary: "SUSE Bug 1106095 for CVE-2018-16276", url: "https://bugzilla.suse.com/1106095", }, { category: "external", summary: "SUSE Bug 1115593 for CVE-2018-16276", url: "https://bugzilla.suse.com/1115593", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-3.12.74-60.64.104.1.x86_64", "SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-devel-3.12.74-60.64.104.1.x86_64", "SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-extra-3.12.74-60.64.104.1.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-3.12.74-60.64.104.1.ppc64le", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-3.12.74-60.64.104.1.s390x", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-3.12.74-60.64.104.1.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-base-3.12.74-60.64.104.1.ppc64le", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-base-3.12.74-60.64.104.1.s390x", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-base-3.12.74-60.64.104.1.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-devel-3.12.74-60.64.104.1.ppc64le", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-devel-3.12.74-60.64.104.1.s390x", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-devel-3.12.74-60.64.104.1.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-man-3.12.74-60.64.104.1.s390x", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-devel-3.12.74-60.64.104.1.noarch", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-macros-3.12.74-60.64.104.1.noarch", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-source-3.12.74-60.64.104.1.noarch", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-syms-3.12.74-60.64.104.1.ppc64le", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-syms-3.12.74-60.64.104.1.s390x", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-syms-3.12.74-60.64.104.1.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-xen-3.12.74-60.64.104.1.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-xen-base-3.12.74-60.64.104.1.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-xen-devel-3.12.74-60.64.104.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 7.3, baseSeverity: "HIGH", vectorString: "CVSS:3.0/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H", version: "3.0", }, products: [ "SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-3.12.74-60.64.104.1.x86_64", "SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-devel-3.12.74-60.64.104.1.x86_64", "SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-extra-3.12.74-60.64.104.1.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-3.12.74-60.64.104.1.ppc64le", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-3.12.74-60.64.104.1.s390x", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-3.12.74-60.64.104.1.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-base-3.12.74-60.64.104.1.ppc64le", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-base-3.12.74-60.64.104.1.s390x", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-base-3.12.74-60.64.104.1.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-devel-3.12.74-60.64.104.1.ppc64le", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-devel-3.12.74-60.64.104.1.s390x", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-devel-3.12.74-60.64.104.1.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-man-3.12.74-60.64.104.1.s390x", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-devel-3.12.74-60.64.104.1.noarch", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-macros-3.12.74-60.64.104.1.noarch", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-source-3.12.74-60.64.104.1.noarch", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-syms-3.12.74-60.64.104.1.ppc64le", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-syms-3.12.74-60.64.104.1.s390x", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-syms-3.12.74-60.64.104.1.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-xen-3.12.74-60.64.104.1.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-xen-base-3.12.74-60.64.104.1.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-xen-devel-3.12.74-60.64.104.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2018-09-27T15:01:17Z", details: "important", }, ], title: "CVE-2018-16276", }, { cve: "CVE-2018-16658", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2018-16658", }, ], notes: [ { category: "general", text: "An issue was discovered in the Linux kernel before 4.18.6. An information leak in cdrom_ioctl_drive_status in drivers/cdrom/cdrom.c could be used by local attackers to read kernel memory because a cast from unsigned long to int interferes with bounds checking. This is similar to CVE-2018-10940.", title: "CVE description", }, ], product_status: { recommended: [ "SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-3.12.74-60.64.104.1.x86_64", "SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-devel-3.12.74-60.64.104.1.x86_64", "SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-extra-3.12.74-60.64.104.1.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-3.12.74-60.64.104.1.ppc64le", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-3.12.74-60.64.104.1.s390x", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-3.12.74-60.64.104.1.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-base-3.12.74-60.64.104.1.ppc64le", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-base-3.12.74-60.64.104.1.s390x", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-base-3.12.74-60.64.104.1.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-devel-3.12.74-60.64.104.1.ppc64le", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-devel-3.12.74-60.64.104.1.s390x", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-devel-3.12.74-60.64.104.1.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-man-3.12.74-60.64.104.1.s390x", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-devel-3.12.74-60.64.104.1.noarch", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-macros-3.12.74-60.64.104.1.noarch", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-source-3.12.74-60.64.104.1.noarch", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-syms-3.12.74-60.64.104.1.ppc64le", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-syms-3.12.74-60.64.104.1.s390x", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-syms-3.12.74-60.64.104.1.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-xen-3.12.74-60.64.104.1.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-xen-base-3.12.74-60.64.104.1.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-xen-devel-3.12.74-60.64.104.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2018-16658", url: "https://www.suse.com/security/cve/CVE-2018-16658", }, { category: "external", summary: "SUSE Bug 1092903 for CVE-2018-16658", url: "https://bugzilla.suse.com/1092903", }, { category: "external", summary: "SUSE Bug 1107689 for CVE-2018-16658", url: "https://bugzilla.suse.com/1107689", }, { category: "external", summary: "SUSE Bug 1113751 for CVE-2018-16658", url: "https://bugzilla.suse.com/1113751", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-3.12.74-60.64.104.1.x86_64", "SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-devel-3.12.74-60.64.104.1.x86_64", "SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-extra-3.12.74-60.64.104.1.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-3.12.74-60.64.104.1.ppc64le", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-3.12.74-60.64.104.1.s390x", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-3.12.74-60.64.104.1.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-base-3.12.74-60.64.104.1.ppc64le", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-base-3.12.74-60.64.104.1.s390x", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-base-3.12.74-60.64.104.1.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-devel-3.12.74-60.64.104.1.ppc64le", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-devel-3.12.74-60.64.104.1.s390x", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-devel-3.12.74-60.64.104.1.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-man-3.12.74-60.64.104.1.s390x", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-devel-3.12.74-60.64.104.1.noarch", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-macros-3.12.74-60.64.104.1.noarch", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-source-3.12.74-60.64.104.1.noarch", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-syms-3.12.74-60.64.104.1.ppc64le", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-syms-3.12.74-60.64.104.1.s390x", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-syms-3.12.74-60.64.104.1.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-xen-3.12.74-60.64.104.1.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-xen-base-3.12.74-60.64.104.1.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-xen-devel-3.12.74-60.64.104.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 4, baseSeverity: "MEDIUM", vectorString: "CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N", version: "3.0", }, products: [ "SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-3.12.74-60.64.104.1.x86_64", "SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-devel-3.12.74-60.64.104.1.x86_64", "SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-extra-3.12.74-60.64.104.1.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-3.12.74-60.64.104.1.ppc64le", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-3.12.74-60.64.104.1.s390x", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-3.12.74-60.64.104.1.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-base-3.12.74-60.64.104.1.ppc64le", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-base-3.12.74-60.64.104.1.s390x", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-base-3.12.74-60.64.104.1.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-devel-3.12.74-60.64.104.1.ppc64le", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-devel-3.12.74-60.64.104.1.s390x", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-devel-3.12.74-60.64.104.1.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-man-3.12.74-60.64.104.1.s390x", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-devel-3.12.74-60.64.104.1.noarch", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-macros-3.12.74-60.64.104.1.noarch", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-source-3.12.74-60.64.104.1.noarch", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-syms-3.12.74-60.64.104.1.ppc64le", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-syms-3.12.74-60.64.104.1.s390x", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-syms-3.12.74-60.64.104.1.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-xen-3.12.74-60.64.104.1.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-xen-base-3.12.74-60.64.104.1.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-xen-devel-3.12.74-60.64.104.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2018-09-27T15:01:17Z", details: "low", }, ], title: "CVE-2018-16658", }, { cve: "CVE-2018-6554", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2018-6554", }, ], notes: [ { category: "general", text: "Memory leak in the irda_bind function in net/irda/af_irda.c and later in drivers/staging/irda/net/af_irda.c in the Linux kernel before 4.17 allows local users to cause a denial of service (memory consumption) by repeatedly binding an AF_IRDA socket.", title: "CVE description", }, ], product_status: { recommended: [ "SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-3.12.74-60.64.104.1.x86_64", "SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-devel-3.12.74-60.64.104.1.x86_64", "SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-extra-3.12.74-60.64.104.1.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-3.12.74-60.64.104.1.ppc64le", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-3.12.74-60.64.104.1.s390x", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-3.12.74-60.64.104.1.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-base-3.12.74-60.64.104.1.ppc64le", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-base-3.12.74-60.64.104.1.s390x", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-base-3.12.74-60.64.104.1.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-devel-3.12.74-60.64.104.1.ppc64le", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-devel-3.12.74-60.64.104.1.s390x", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-devel-3.12.74-60.64.104.1.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-man-3.12.74-60.64.104.1.s390x", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-devel-3.12.74-60.64.104.1.noarch", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-macros-3.12.74-60.64.104.1.noarch", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-source-3.12.74-60.64.104.1.noarch", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-syms-3.12.74-60.64.104.1.ppc64le", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-syms-3.12.74-60.64.104.1.s390x", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-syms-3.12.74-60.64.104.1.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-xen-3.12.74-60.64.104.1.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-xen-base-3.12.74-60.64.104.1.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-xen-devel-3.12.74-60.64.104.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2018-6554", url: "https://www.suse.com/security/cve/CVE-2018-6554", }, { category: "external", summary: "SUSE Bug 1106509 for CVE-2018-6554", url: "https://bugzilla.suse.com/1106509", }, { category: "external", summary: "SUSE Bug 1106511 for CVE-2018-6554", url: "https://bugzilla.suse.com/1106511", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-3.12.74-60.64.104.1.x86_64", "SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-devel-3.12.74-60.64.104.1.x86_64", "SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-extra-3.12.74-60.64.104.1.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-3.12.74-60.64.104.1.ppc64le", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-3.12.74-60.64.104.1.s390x", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-3.12.74-60.64.104.1.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-base-3.12.74-60.64.104.1.ppc64le", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-base-3.12.74-60.64.104.1.s390x", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-base-3.12.74-60.64.104.1.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-devel-3.12.74-60.64.104.1.ppc64le", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-devel-3.12.74-60.64.104.1.s390x", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-devel-3.12.74-60.64.104.1.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-man-3.12.74-60.64.104.1.s390x", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-devel-3.12.74-60.64.104.1.noarch", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-macros-3.12.74-60.64.104.1.noarch", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-source-3.12.74-60.64.104.1.noarch", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-syms-3.12.74-60.64.104.1.ppc64le", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-syms-3.12.74-60.64.104.1.s390x", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-syms-3.12.74-60.64.104.1.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-xen-3.12.74-60.64.104.1.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-xen-base-3.12.74-60.64.104.1.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-xen-devel-3.12.74-60.64.104.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 3.3, baseSeverity: "LOW", vectorString: "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L", version: "3.0", }, products: [ "SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-3.12.74-60.64.104.1.x86_64", "SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-devel-3.12.74-60.64.104.1.x86_64", "SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-extra-3.12.74-60.64.104.1.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-3.12.74-60.64.104.1.ppc64le", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-3.12.74-60.64.104.1.s390x", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-3.12.74-60.64.104.1.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-base-3.12.74-60.64.104.1.ppc64le", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-base-3.12.74-60.64.104.1.s390x", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-base-3.12.74-60.64.104.1.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-devel-3.12.74-60.64.104.1.ppc64le", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-devel-3.12.74-60.64.104.1.s390x", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-devel-3.12.74-60.64.104.1.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-man-3.12.74-60.64.104.1.s390x", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-devel-3.12.74-60.64.104.1.noarch", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-macros-3.12.74-60.64.104.1.noarch", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-source-3.12.74-60.64.104.1.noarch", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-syms-3.12.74-60.64.104.1.ppc64le", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-syms-3.12.74-60.64.104.1.s390x", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-syms-3.12.74-60.64.104.1.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-xen-3.12.74-60.64.104.1.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-xen-base-3.12.74-60.64.104.1.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-xen-devel-3.12.74-60.64.104.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2018-09-27T15:01:17Z", details: "low", }, ], title: "CVE-2018-6554", }, { cve: "CVE-2018-6555", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2018-6555", }, ], notes: [ { category: "general", text: "The irda_setsockopt function in net/irda/af_irda.c and later in drivers/staging/irda/net/af_irda.c in the Linux kernel before 4.17 allows local users to cause a denial of service (ias_object use-after-free and system crash) or possibly have unspecified other impact via an AF_IRDA socket.", title: "CVE description", }, ], product_status: { recommended: [ "SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-3.12.74-60.64.104.1.x86_64", "SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-devel-3.12.74-60.64.104.1.x86_64", "SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-extra-3.12.74-60.64.104.1.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-3.12.74-60.64.104.1.ppc64le", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-3.12.74-60.64.104.1.s390x", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-3.12.74-60.64.104.1.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-base-3.12.74-60.64.104.1.ppc64le", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-base-3.12.74-60.64.104.1.s390x", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-base-3.12.74-60.64.104.1.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-devel-3.12.74-60.64.104.1.ppc64le", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-devel-3.12.74-60.64.104.1.s390x", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-devel-3.12.74-60.64.104.1.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-man-3.12.74-60.64.104.1.s390x", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-devel-3.12.74-60.64.104.1.noarch", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-macros-3.12.74-60.64.104.1.noarch", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-source-3.12.74-60.64.104.1.noarch", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-syms-3.12.74-60.64.104.1.ppc64le", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-syms-3.12.74-60.64.104.1.s390x", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-syms-3.12.74-60.64.104.1.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-xen-3.12.74-60.64.104.1.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-xen-base-3.12.74-60.64.104.1.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-xen-devel-3.12.74-60.64.104.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2018-6555", url: "https://www.suse.com/security/cve/CVE-2018-6555", }, { category: "external", summary: "SUSE Bug 1106509 for CVE-2018-6555", url: "https://bugzilla.suse.com/1106509", }, { category: "external", summary: "SUSE Bug 1106511 for CVE-2018-6555", url: "https://bugzilla.suse.com/1106511", }, { category: "external", summary: "SUSE Bug 1115893 for CVE-2018-6555", url: "https://bugzilla.suse.com/1115893", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-3.12.74-60.64.104.1.x86_64", "SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-devel-3.12.74-60.64.104.1.x86_64", "SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-extra-3.12.74-60.64.104.1.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-3.12.74-60.64.104.1.ppc64le", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-3.12.74-60.64.104.1.s390x", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-3.12.74-60.64.104.1.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-base-3.12.74-60.64.104.1.ppc64le", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-base-3.12.74-60.64.104.1.s390x", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-base-3.12.74-60.64.104.1.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-devel-3.12.74-60.64.104.1.ppc64le", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-devel-3.12.74-60.64.104.1.s390x", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-devel-3.12.74-60.64.104.1.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-man-3.12.74-60.64.104.1.s390x", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-devel-3.12.74-60.64.104.1.noarch", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-macros-3.12.74-60.64.104.1.noarch", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-source-3.12.74-60.64.104.1.noarch", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-syms-3.12.74-60.64.104.1.ppc64le", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-syms-3.12.74-60.64.104.1.s390x", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-syms-3.12.74-60.64.104.1.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-xen-3.12.74-60.64.104.1.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-xen-base-3.12.74-60.64.104.1.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-xen-devel-3.12.74-60.64.104.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 4.4, baseSeverity: "MEDIUM", vectorString: "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:L", version: "3.0", }, products: [ "SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-3.12.74-60.64.104.1.x86_64", "SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-devel-3.12.74-60.64.104.1.x86_64", "SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-extra-3.12.74-60.64.104.1.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-3.12.74-60.64.104.1.ppc64le", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-3.12.74-60.64.104.1.s390x", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-3.12.74-60.64.104.1.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-base-3.12.74-60.64.104.1.ppc64le", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-base-3.12.74-60.64.104.1.s390x", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-base-3.12.74-60.64.104.1.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-devel-3.12.74-60.64.104.1.ppc64le", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-devel-3.12.74-60.64.104.1.s390x", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-devel-3.12.74-60.64.104.1.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-man-3.12.74-60.64.104.1.s390x", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-devel-3.12.74-60.64.104.1.noarch", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-macros-3.12.74-60.64.104.1.noarch", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-source-3.12.74-60.64.104.1.noarch", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-syms-3.12.74-60.64.104.1.ppc64le", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-syms-3.12.74-60.64.104.1.s390x", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-syms-3.12.74-60.64.104.1.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-xen-3.12.74-60.64.104.1.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-xen-base-3.12.74-60.64.104.1.x86_64", "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-xen-devel-3.12.74-60.64.104.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2018-09-27T15:01:17Z", details: "moderate", }, ], title: "CVE-2018-6555", }, ], }
suse-su-2018:2879-1
Vulnerability from csaf_suse
Published
2018-09-26 12:53
Modified
2018-09-26 12:53
Summary
Security update for the Linux Kernel
Notes
Title of the patch
Security update for the Linux Kernel
Description of the patch
The SUSE Linux Enterprise 11 SP4 kernel was updated to receive various security and bugfixes.
The following security bugs were fixed:
- CVE-2018-14617: Prevent NULL pointer dereference and panic in
hfsplus_lookup() when opening a file (that is purportedly a hard link) in an
hfs+ filesystem that has malformed catalog data, and is mounted read-only
without a metadata directory (bsc#1102870).
- CVE-2018-16276: Incorrect bounds checking in the yurex USB driver in
yurex_read allowed local attackers to use user access read/writes to crash the
kernel or potentially escalate privileges (bsc#1106095).
- CVE-2018-15594: Ensure correct handling of indirect calls, to prevent
attackers for conducting Spectre-v2 attacks against paravirtual guests
(bsc#1105348).
- CVE-2018-14634: Prevent integer overflow in create_elf_tables that allowed a
local attacker to exploit this vulnerability via a SUID-root binary and obtain
full root privileges (bsc#1108912)
- CVE-2018-12896: Prevent integer overflow in the POSIX timer code that was
caused by the way the overrun accounting works. Depending on interval and
expiry time values, the overrun can be larger than INT_MAX, but the accounting
is int based. This basically made the accounting values, which are visible to
user space via timer_getoverrun(2) and siginfo::si_overrun, random. This
allowed a local user to cause a denial of service (signed integer overflow) via
crafted mmap, futex, timer_create, and timer_settime system calls (bnc#1099922)
- CVE-2018-10940: The cdrom_ioctl_media_changed function allowed local
attackers to use a incorrect bounds check in the CDROM driver
CDROM_MEDIA_CHANGED ioctl to read out kernel memory (bsc#1092903)
- CVE-2018-16658: Prevent information leak in cdrom_ioctl_drive_status that
could have been used by local attackers to read kernel memory (bnc#1107689)
- CVE-2018-6555: The irda_setsockopt function allowed local users to cause a
denial of service (ias_object use-after-free and system crash) or possibly have
unspecified other impact via an AF_IRDA socket (bnc#1106511)
- CVE-2018-6554: Prevent memory leak in the irda_bind function that allowed
local users to cause a denial of service (memory consumption) by repeatedly
binding an AF_IRDA socket (bnc#1106509)
- CVE-2018-15572: The spectre_v2_select_mitigation function did not always fill
RSB upon a context switch, which made it easier for attackers to conduct
userspace-userspace spectreRSB attacks (bnc#1102517)
- CVE-2018-10902: Protect against concurrent access to prevent double realloc
(double free) in snd_rawmidi_input_params() and snd_rawmidi_output_status(). A
malicious local attacker could have used this for privilege escalation
(bnc#1105322)
- CVE-2018-14734: ucma_leave_multicast accessed a certain data structure after
a cleanup step in ucma_process_join, which allowed attackers to cause a denial
of service (use-after-free) (bsc#1103119)
The following non-security bugs were fixed:
- ACPI: APEI / ERST: Fix missing error handling in erst_reader() (bsc#1045538).
- ALSA: fm801: propagate TUNER_ONLY bit when autodetected (bsc#1045538).
- ALSA: pcm: Fix snd_pcm_hw_params struct copy in compat mode (bsc#1045538).
- ALSA: pcm: Use dma_bytes as size parameter in dma_mmap_coherent() (bsc#1045538).
- ALSA: pcm: fix fifo_size frame calculation (bsc#1045538).
- ALSA: snd-aoa: add of_node_put() in error path (bsc#1045538).
- ALSA: usb-audio: Add sanity checks in v2 clock parsers (bsc#1045538).
- ALSA: usb-audio: Add sanity checks to FE parser (bsc#1045538).
- ALSA: usb-audio: Fix UAC2 get_ctl request with a RANGE attribute (bsc#1045538).
- ALSA: usb-audio: Fix bogus error return in snd_usb_create_stream() (bsc#1045538).
- ALSA: usb-audio: Fix parameter block size for UAC2 control requests (bsc#1045538).
- ALSA: usb-audio: Fix parsing descriptor of UAC2 processing unit (bsc#1045538).
- ALSA: usb-audio: Fix potential out-of-bound access at parsing SU (bsc#1045538).
- ALSA: usb-audio: Set correct type for some UAC2 mixer controls (bsc#1045538).
- ASoC: blackfin: Fix missing break (bsc#1045538).
- Enforce module signatures if the kernel is locked down (bsc#1093666).
- KVM: VMX: Work around kABI breakage in 'enum vmx_l1d_flush_state' (bsc#1106369).
- KVM: VMX: fixes for vmentry_l1d_flush module parameter (bsc#1106369).
- PCI: Fix TI816X class code quirk (bsc#1050431).
- Refresh patches.xen/xen3-x86-l1tf-04-protect-PROT_NONE-ptes.patch (bsc#1105100).
- TPM: Zero buffer whole after copying to userspace (bsc#1050381).
- USB: add USB_DEVICE_INTERFACE_CLASS macro (bsc#1047487).
- USB: hub: fix non-SS hub-descriptor handling (bsc#1047487).
- USB: serial: ftdi_sio: fix latency-timer error handling (bsc#1037441).
- USB: serial: io_edgeport: fix possible sleep-in-atomic (bsc#1037441).
- USB: serial: io_ti: fix NULL-deref in interrupt callback (bsc#1106609).
- USB: serial: sierra: fix potential deadlock at close (bsc#1100132).
- USB: visor: Match I330 phone more precisely (bsc#1047487).
- applicom: dereferencing NULL on error path (git-fixes).
- ath5k: Change led pin configuration for compaq c700 laptop (bsc#1048185).
- base: make module_create_drivers_dir race-free (git-fixes).
- block: fix an error code in add_partition() (bsc#1106209).
- btrfs: scrub: Do not use inode page cache in scrub_handle_errored_block() (bsc#1108096).
- btrfs: scrub: Do not use inode pages for device replace (bsc#1107949).
- dasd: Add IFCC notice message (bnc#1104481, LTC#170484).
- drm/i915: Remove bogus __init annotation from DMI callbacks (bsc#1106886).
- drm/i915: fix use-after-free in page_flip_completed() (bsc#1103909).
- drm/nouveau/gem: off by one bugs in nouveau_gem_pushbuf_reloc_apply() (bsc#1106886).
- drm/vmwgfx: Handle vmalloc() failure in vmw_local_fifo_reserve() (bsc#1106886).
- drm: crtc: integer overflow in drm_property_create_blob() (bsc#1106886).
- drm: re-enable error handling (bsc#1103884)
- fbdev: omapfb: off by one in omapfb_register_client() (bsc#1106886).
- iommu/amd: Finish TLB flush in amd_iommu_unmap() (bsc#1106105).
- iommu/amd: Fix the left value check of cmd buffer (bsc#1106105).
- iommu/amd: Free domain id when free a domain of struct dma_ops_domain (bsc#1106105).
- iommu/amd: Update Alias-DTE in update_device_table() (bsc#1106105).
- iommu/vt-d: Do not over-free page table directories (bsc#1106105).
- iommu/vt-d: Ratelimit each dmar fault printing (bsc#1106105).
- ipv6: Regenerate host route according to node pointer upon loopback up (bsc#1100705).
- ipv6: correctly add local routes when lo goes up (bsc#1100705).
- ipv6: introduce ip6_rt_put() (bsc#1100705).
- ipv6: reallocate addrconf router for ipv6 address when lo device up (bsc#1100705).
- kabi: x86/speculation/l1tf: Increase l1tf memory limit for Nehalem+ (bnc#1105536).
- kabi: x86/speculation/l1tf: Increase l1tf memory limit for Nehalem+ (bnc#1105536).
- kthread, tracing: Do not expose half-written comm when creating kthreads (Git-fixes).
- mm/hugetlb: add migration/hwpoisoned entry check in hugetlb_change_protection (bnc#1107071).
- mm/mempolicy.c: avoid use uninitialized preferred_node (bnc#1107064).
- modsign: log module name in the event of an error (bsc#1093666).
- modsign: print module name along with error message (bsc#1093666).
- module: make it clear when we're handling the module copy in info->hdr (bsc#1093666).
- module: setup load info before module_sig_check() (bsc#1093666).
- nbd: ratelimit error msgs after socket close (bsc#1106206).
- ncpfs: return proper error from NCP_IOC_SETROOT ioctl (bsc#1106199).
- nvme: add device id's with intel stripe quirk (bsc#1097562).
- perf/core: Fix group scheduling with mixed hw and sw events (Git-fixes).
- perf/x86/intel: Add cpu_(prepare|starting|dying) for core_pmu (bsc#1104901).
- powerpc/64s: Default l1d_size to 64K in RFI fallback flush (bsc#1068032, git-fixes).
- powerpc/fadump: Do not use hugepages when fadump is active (bsc#1092772, bsc#1107650).
- powerpc/fadump: exclude memory holes while reserving memory in second kernel (bsc#1092772, bsc#1107650).
- powerpc/fadump: re-register firmware-assisted dump if already registered (bsc#1108170, bsc#1108823).
- powerpc/lib: Fix off-by-one in alternate feature patching (bsc#1064861).
- powerpc/lib: Fix the feature fixup tests to actually work (bsc#1064861).
- powerpc64s: Show ori31 availability in spectre_v1 sysfs file not v2 (bsc#1068032, bsc#1080157, git-fixes).
- powerpc: Avoid code patching freed init sections (bnc#1107735).
- powerpc: make feature-fixup tests fortify-safe (bsc#1064861).
- ptrace: fix PTRACE_LISTEN race corrupting task->state (bnc#1107001).
- qlge: Fix netdev features configuration (bsc#1098822).
- resource: fix integer overflow at reallocation (bsc#1045538).
- rpm/kernel-docs.spec.in: Expand kernel tree directly from sources (bsc#1057199)
- s390/ftrace: use expoline for indirect branches (bnc#1106930, LTC#171029).
- s390/kernel: use expoline for indirect branches (bnc#1106930, LTC#171029).
- s390/qeth: do not clobber buffer on async TX completion (bnc#1060245, LTC#170349).
- s390: Correct register corruption in critical section cleanup (bnc#1106930, LTC#171029).
- s390: add assembler macros for CPU alternatives (bnc#1106930, LTC#171029).
- s390: detect etoken facility (bnc#1106930, LTC#171029).
- s390: move expoline assembler macros to a header (bnc#1106930, LTC#171029).
- s390: move spectre sysfs attribute code (bnc#1106930, LTC#171029).
- s390: remove indirect branch from do_softirq_own_stack (bnc#1106930, LTC#171029).
- smsc75xx: Add workaround for gigabit link up hardware errata (bsc#1100132).
- sys: do not hold uts_sem while accessing userspace memory (bnc#1106995).
- tpm: fix race condition in tpm_common_write() (bsc#1050381).
- tracing/blktrace: Fix to allow setting same value (bsc#1106212).
- tty: vt, fix bogus division in csi_J (git-fixes).
- tty: vt, return error when con_startup fails (git-fixes).
- uml: fix hostfs mknod() (bsc#1106202).
- usb: audio-v2: Correct the comment for struct uac_clock_selector_descriptor (bsc#1045538).
- usbip: vhci_sysfs: fix potential Spectre v1 (bsc#1096547).
- x86, l1tf: Protect PROT_NONE PTEs against speculation fixup (bnc#1104684, bnc#1104818).
- x86/speculation/l1tf: Fix overflow in l1tf_pfn_limit() on 32bit (bnc#1087081).
- x86/init: fix build with CONFIG_SWAP=n (bsc#1105723).
- x86/mm: Prevent kernel Oops in PTDUMP code with HIGHPTE=y (bsc#1106105).
- x86/speculation/l1tf: Fix off-by-one error when warning that system has too much RAM (bnc#1105536).
- x86/speculation/l1tf: Increase l1tf memory limit for Nehalem+ (bnc#1105536).
- x86/speculation/l1tf: Suggest what to do on systems with too much RAM (bnc#1105536).
- x86/vdso: Fix vDSO build if a retpoline is emitted (git-fixes).
- xen x86/speculation/l1tf: Fix off-by-one error when warning that system has too much RAM (bnc#1105536).
- xen x86/speculation/l1tf: Increase l1tf memory limit for Nehalem+ (bnc#1105536).
- xen, x86, l1tf: Protect PROT_NONE PTEs against speculation fixup (bnc#1104684, bnc#1104818).
- xen: x86/speculation/l1tf: Fix overflow in l1tf_pfn_limit() on 32bit (bnc#1087081).
Patchnames
sdksp4-kernel-13796,slessp4-kernel-13796,slexsp3-kernel-13796
Terms of use
CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).
{ document: { aggregate_severity: { namespace: "https://www.suse.com/support/security/rating/", text: "important", }, category: "csaf_security_advisory", csaf_version: "2.0", distribution: { text: "Copyright 2024 SUSE LLC. All rights reserved.", tlp: { label: "WHITE", url: "https://www.first.org/tlp/", }, }, lang: "en", notes: [ { category: "summary", text: "Security update for the Linux Kernel", title: "Title of the patch", }, { category: "description", text: "\nThe SUSE Linux Enterprise 11 SP4 kernel was updated to receive various security and bugfixes.\n\nThe following security bugs were fixed:\n\n- CVE-2018-14617: Prevent NULL pointer dereference and panic in\n hfsplus_lookup() when opening a file (that is purportedly a hard link) in an\n hfs+ filesystem that has malformed catalog data, and is mounted read-only\n without a metadata directory (bsc#1102870).\n- CVE-2018-16276: Incorrect bounds checking in the yurex USB driver in\n yurex_read allowed local attackers to use user access read/writes to crash the\n kernel or potentially escalate privileges (bsc#1106095).\n- CVE-2018-15594: Ensure correct handling of indirect calls, to prevent\n attackers for conducting Spectre-v2 attacks against paravirtual guests\n (bsc#1105348).\n- CVE-2018-14634: Prevent integer overflow in create_elf_tables that allowed a\n local attacker to exploit this vulnerability via a SUID-root binary and obtain\n full root privileges (bsc#1108912)\n- CVE-2018-12896: Prevent integer overflow in the POSIX timer code that was\n caused by the way the overrun accounting works. Depending on interval and\n expiry time values, the overrun can be larger than INT_MAX, but the accounting\n is int based. This basically made the accounting values, which are visible to\n user space via timer_getoverrun(2) and siginfo::si_overrun, random. This\n allowed a local user to cause a denial of service (signed integer overflow) via\n crafted mmap, futex, timer_create, and timer_settime system calls (bnc#1099922)\n- CVE-2018-10940: The cdrom_ioctl_media_changed function allowed local\n attackers to use a incorrect bounds check in the CDROM driver\n CDROM_MEDIA_CHANGED ioctl to read out kernel memory (bsc#1092903)\n- CVE-2018-16658: Prevent information leak in cdrom_ioctl_drive_status that\n could have been used by local attackers to read kernel memory (bnc#1107689)\n- CVE-2018-6555: The irda_setsockopt function allowed local users to cause a\n denial of service (ias_object use-after-free and system crash) or possibly have\n unspecified other impact via an AF_IRDA socket (bnc#1106511)\n- CVE-2018-6554: Prevent memory leak in the irda_bind function that allowed\n local users to cause a denial of service (memory consumption) by repeatedly\n binding an AF_IRDA socket (bnc#1106509)\n- CVE-2018-15572: The spectre_v2_select_mitigation function did not always fill\n RSB upon a context switch, which made it easier for attackers to conduct\n userspace-userspace spectreRSB attacks (bnc#1102517)\n- CVE-2018-10902: Protect against concurrent access to prevent double realloc\n (double free) in snd_rawmidi_input_params() and snd_rawmidi_output_status(). A\n malicious local attacker could have used this for privilege escalation\n (bnc#1105322)\n- CVE-2018-14734: ucma_leave_multicast accessed a certain data structure after\n a cleanup step in ucma_process_join, which allowed attackers to cause a denial\n of service (use-after-free) (bsc#1103119)\n\nThe following non-security bugs were fixed:\n\n- ACPI: APEI / ERST: Fix missing error handling in erst_reader() (bsc#1045538).\n- ALSA: fm801: propagate TUNER_ONLY bit when autodetected (bsc#1045538).\n- ALSA: pcm: Fix snd_pcm_hw_params struct copy in compat mode (bsc#1045538).\n- ALSA: pcm: Use dma_bytes as size parameter in dma_mmap_coherent() (bsc#1045538).\n- ALSA: pcm: fix fifo_size frame calculation (bsc#1045538).\n- ALSA: snd-aoa: add of_node_put() in error path (bsc#1045538).\n- ALSA: usb-audio: Add sanity checks in v2 clock parsers (bsc#1045538).\n- ALSA: usb-audio: Add sanity checks to FE parser (bsc#1045538).\n- ALSA: usb-audio: Fix UAC2 get_ctl request with a RANGE attribute (bsc#1045538).\n- ALSA: usb-audio: Fix bogus error return in snd_usb_create_stream() (bsc#1045538).\n- ALSA: usb-audio: Fix parameter block size for UAC2 control requests (bsc#1045538).\n- ALSA: usb-audio: Fix parsing descriptor of UAC2 processing unit (bsc#1045538).\n- ALSA: usb-audio: Fix potential out-of-bound access at parsing SU (bsc#1045538).\n- ALSA: usb-audio: Set correct type for some UAC2 mixer controls (bsc#1045538).\n- ASoC: blackfin: Fix missing break (bsc#1045538).\n- Enforce module signatures if the kernel is locked down (bsc#1093666).\n- KVM: VMX: Work around kABI breakage in 'enum vmx_l1d_flush_state' (bsc#1106369).\n- KVM: VMX: fixes for vmentry_l1d_flush module parameter (bsc#1106369).\n- PCI: Fix TI816X class code quirk (bsc#1050431).\n- Refresh patches.xen/xen3-x86-l1tf-04-protect-PROT_NONE-ptes.patch (bsc#1105100).\n- TPM: Zero buffer whole after copying to userspace (bsc#1050381).\n- USB: add USB_DEVICE_INTERFACE_CLASS macro (bsc#1047487).\n- USB: hub: fix non-SS hub-descriptor handling (bsc#1047487).\n- USB: serial: ftdi_sio: fix latency-timer error handling (bsc#1037441).\n- USB: serial: io_edgeport: fix possible sleep-in-atomic (bsc#1037441).\n- USB: serial: io_ti: fix NULL-deref in interrupt callback (bsc#1106609).\n- USB: serial: sierra: fix potential deadlock at close (bsc#1100132).\n- USB: visor: Match I330 phone more precisely (bsc#1047487).\n- applicom: dereferencing NULL on error path (git-fixes).\n- ath5k: Change led pin configuration for compaq c700 laptop (bsc#1048185).\n- base: make module_create_drivers_dir race-free (git-fixes).\n- block: fix an error code in add_partition() (bsc#1106209).\n- btrfs: scrub: Do not use inode page cache in scrub_handle_errored_block() (bsc#1108096).\n- btrfs: scrub: Do not use inode pages for device replace (bsc#1107949).\n- dasd: Add IFCC notice message (bnc#1104481, LTC#170484).\n- drm/i915: Remove bogus __init annotation from DMI callbacks (bsc#1106886).\n- drm/i915: fix use-after-free in page_flip_completed() (bsc#1103909).\n- drm/nouveau/gem: off by one bugs in nouveau_gem_pushbuf_reloc_apply() (bsc#1106886).\n- drm/vmwgfx: Handle vmalloc() failure in vmw_local_fifo_reserve() (bsc#1106886).\n- drm: crtc: integer overflow in drm_property_create_blob() (bsc#1106886).\n- drm: re-enable error handling (bsc#1103884)\n- fbdev: omapfb: off by one in omapfb_register_client() (bsc#1106886).\n- iommu/amd: Finish TLB flush in amd_iommu_unmap() (bsc#1106105).\n- iommu/amd: Fix the left value check of cmd buffer (bsc#1106105).\n- iommu/amd: Free domain id when free a domain of struct dma_ops_domain (bsc#1106105).\n- iommu/amd: Update Alias-DTE in update_device_table() (bsc#1106105).\n- iommu/vt-d: Do not over-free page table directories (bsc#1106105).\n- iommu/vt-d: Ratelimit each dmar fault printing (bsc#1106105).\n- ipv6: Regenerate host route according to node pointer upon loopback up (bsc#1100705).\n- ipv6: correctly add local routes when lo goes up (bsc#1100705).\n- ipv6: introduce ip6_rt_put() (bsc#1100705).\n- ipv6: reallocate addrconf router for ipv6 address when lo device up (bsc#1100705).\n- kabi: x86/speculation/l1tf: Increase l1tf memory limit for Nehalem+ (bnc#1105536).\n- kabi: x86/speculation/l1tf: Increase l1tf memory limit for Nehalem+ (bnc#1105536).\n- kthread, tracing: Do not expose half-written comm when creating kthreads (Git-fixes).\n- mm/hugetlb: add migration/hwpoisoned entry check in hugetlb_change_protection (bnc#1107071).\n- mm/mempolicy.c: avoid use uninitialized preferred_node (bnc#1107064).\n- modsign: log module name in the event of an error (bsc#1093666).\n- modsign: print module name along with error message (bsc#1093666).\n- module: make it clear when we're handling the module copy in info->hdr (bsc#1093666).\n- module: setup load info before module_sig_check() (bsc#1093666).\n- nbd: ratelimit error msgs after socket close (bsc#1106206).\n- ncpfs: return proper error from NCP_IOC_SETROOT ioctl (bsc#1106199).\n- nvme: add device id's with intel stripe quirk (bsc#1097562).\n- perf/core: Fix group scheduling with mixed hw and sw events (Git-fixes).\n- perf/x86/intel: Add cpu_(prepare|starting|dying) for core_pmu (bsc#1104901).\n- powerpc/64s: Default l1d_size to 64K in RFI fallback flush (bsc#1068032, git-fixes).\n- powerpc/fadump: Do not use hugepages when fadump is active (bsc#1092772, bsc#1107650).\n- powerpc/fadump: exclude memory holes while reserving memory in second kernel (bsc#1092772, bsc#1107650).\n- powerpc/fadump: re-register firmware-assisted dump if already registered (bsc#1108170, bsc#1108823).\n- powerpc/lib: Fix off-by-one in alternate feature patching (bsc#1064861).\n- powerpc/lib: Fix the feature fixup tests to actually work (bsc#1064861).\n- powerpc64s: Show ori31 availability in spectre_v1 sysfs file not v2 (bsc#1068032, bsc#1080157, git-fixes).\n- powerpc: Avoid code patching freed init sections (bnc#1107735).\n- powerpc: make feature-fixup tests fortify-safe (bsc#1064861).\n- ptrace: fix PTRACE_LISTEN race corrupting task->state (bnc#1107001).\n- qlge: Fix netdev features configuration (bsc#1098822).\n- resource: fix integer overflow at reallocation (bsc#1045538).\n- rpm/kernel-docs.spec.in: Expand kernel tree directly from sources (bsc#1057199)\n- s390/ftrace: use expoline for indirect branches (bnc#1106930, LTC#171029).\n- s390/kernel: use expoline for indirect branches (bnc#1106930, LTC#171029).\n- s390/qeth: do not clobber buffer on async TX completion (bnc#1060245, LTC#170349).\n- s390: Correct register corruption in critical section cleanup (bnc#1106930, LTC#171029).\n- s390: add assembler macros for CPU alternatives (bnc#1106930, LTC#171029).\n- s390: detect etoken facility (bnc#1106930, LTC#171029).\n- s390: move expoline assembler macros to a header (bnc#1106930, LTC#171029).\n- s390: move spectre sysfs attribute code (bnc#1106930, LTC#171029).\n- s390: remove indirect branch from do_softirq_own_stack (bnc#1106930, LTC#171029).\n- smsc75xx: Add workaround for gigabit link up hardware errata (bsc#1100132).\n- sys: do not hold uts_sem while accessing userspace memory (bnc#1106995).\n- tpm: fix race condition in tpm_common_write() (bsc#1050381).\n- tracing/blktrace: Fix to allow setting same value (bsc#1106212).\n- tty: vt, fix bogus division in csi_J (git-fixes).\n- tty: vt, return error when con_startup fails (git-fixes).\n- uml: fix hostfs mknod() (bsc#1106202).\n- usb: audio-v2: Correct the comment for struct uac_clock_selector_descriptor (bsc#1045538).\n- usbip: vhci_sysfs: fix potential Spectre v1 (bsc#1096547).\n- x86, l1tf: Protect PROT_NONE PTEs against speculation fixup (bnc#1104684, bnc#1104818).\n- x86/speculation/l1tf: Fix overflow in l1tf_pfn_limit() on 32bit (bnc#1087081).\n- x86/init: fix build with CONFIG_SWAP=n (bsc#1105723).\n- x86/mm: Prevent kernel Oops in PTDUMP code with HIGHPTE=y (bsc#1106105).\n- x86/speculation/l1tf: Fix off-by-one error when warning that system has too much RAM (bnc#1105536).\n- x86/speculation/l1tf: Increase l1tf memory limit for Nehalem+ (bnc#1105536).\n- x86/speculation/l1tf: Suggest what to do on systems with too much RAM (bnc#1105536).\n- x86/vdso: Fix vDSO build if a retpoline is emitted (git-fixes).\n- xen x86/speculation/l1tf: Fix off-by-one error when warning that system has too much RAM (bnc#1105536).\n- xen x86/speculation/l1tf: Increase l1tf memory limit for Nehalem+ (bnc#1105536).\n- xen, x86, l1tf: Protect PROT_NONE PTEs against speculation fixup (bnc#1104684, bnc#1104818).\n- xen: x86/speculation/l1tf: Fix overflow in l1tf_pfn_limit() on 32bit (bnc#1087081).\n", title: "Description of the patch", }, { category: "details", text: "sdksp4-kernel-13796,slessp4-kernel-13796,slexsp3-kernel-13796", title: "Patchnames", }, { category: "legal_disclaimer", text: "CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).", title: "Terms of use", }, ], publisher: { category: "vendor", contact_details: "https://www.suse.com/support/security/contact/", name: "SUSE Product Security Team", namespace: "https://www.suse.com/", }, references: [ { category: "external", summary: "SUSE ratings", url: "https://www.suse.com/support/security/rating/", }, { category: "self", summary: "URL of this CSAF notice", url: "https://ftp.suse.com/pub/projects/security/csaf/suse-su-2018_2879-1.json", }, { category: "self", summary: "URL for SUSE-SU-2018:2879-1", url: "https://www.suse.com/support/update/announcement/2018/suse-su-20182879-1/", }, { category: "self", summary: "E-Mail link for SUSE-SU-2018:2879-1", url: "https://lists.suse.com/pipermail/sle-security-updates/2018-September/004605.html", }, { category: "self", summary: "SUSE Bug 1037441", url: "https://bugzilla.suse.com/1037441", }, { category: "self", summary: "SUSE Bug 1045538", url: "https://bugzilla.suse.com/1045538", }, { category: "self", summary: "SUSE Bug 1047487", url: "https://bugzilla.suse.com/1047487", }, { category: "self", summary: "SUSE Bug 1048185", url: "https://bugzilla.suse.com/1048185", }, { category: "self", summary: "SUSE Bug 1050381", url: "https://bugzilla.suse.com/1050381", }, { category: "self", summary: "SUSE Bug 1050431", url: "https://bugzilla.suse.com/1050431", }, { category: "self", summary: "SUSE Bug 1057199", url: "https://bugzilla.suse.com/1057199", }, { category: "self", summary: "SUSE Bug 1060245", url: "https://bugzilla.suse.com/1060245", }, { category: "self", summary: "SUSE Bug 1064861", url: "https://bugzilla.suse.com/1064861", }, { category: "self", summary: "SUSE Bug 1068032", url: "https://bugzilla.suse.com/1068032", }, { category: "self", summary: "SUSE Bug 1080157", url: "https://bugzilla.suse.com/1080157", }, { category: "self", summary: "SUSE Bug 1087081", url: "https://bugzilla.suse.com/1087081", }, { category: "self", summary: "SUSE Bug 1092772", url: "https://bugzilla.suse.com/1092772", }, { category: "self", summary: "SUSE Bug 1092903", url: "https://bugzilla.suse.com/1092903", }, { category: "self", summary: "SUSE Bug 1093666", url: "https://bugzilla.suse.com/1093666", }, { category: "self", summary: "SUSE Bug 1096547", url: "https://bugzilla.suse.com/1096547", }, { category: "self", summary: "SUSE Bug 1097562", url: "https://bugzilla.suse.com/1097562", }, { category: "self", summary: "SUSE Bug 1098822", url: "https://bugzilla.suse.com/1098822", }, { category: "self", summary: "SUSE Bug 1099922", url: "https://bugzilla.suse.com/1099922", }, { category: "self", summary: "SUSE Bug 1100132", url: "https://bugzilla.suse.com/1100132", }, { category: "self", summary: "SUSE Bug 1100705", url: "https://bugzilla.suse.com/1100705", }, { category: "self", summary: "SUSE Bug 1102517", url: "https://bugzilla.suse.com/1102517", }, { category: "self", summary: "SUSE Bug 1102870", url: "https://bugzilla.suse.com/1102870", }, { category: "self", summary: "SUSE Bug 1103119", url: "https://bugzilla.suse.com/1103119", }, { category: "self", summary: "SUSE Bug 1103884", url: "https://bugzilla.suse.com/1103884", }, { category: "self", summary: "SUSE Bug 1103909", url: "https://bugzilla.suse.com/1103909", }, { category: "self", summary: "SUSE Bug 1104481", url: "https://bugzilla.suse.com/1104481", }, { category: "self", summary: "SUSE Bug 1104684", url: "https://bugzilla.suse.com/1104684", }, { category: "self", summary: "SUSE Bug 1104818", url: "https://bugzilla.suse.com/1104818", }, { category: "self", summary: "SUSE Bug 1104901", url: "https://bugzilla.suse.com/1104901", }, { category: "self", summary: "SUSE Bug 1105100", url: "https://bugzilla.suse.com/1105100", }, { category: "self", summary: "SUSE Bug 1105322", url: "https://bugzilla.suse.com/1105322", }, { category: "self", summary: "SUSE Bug 1105348", url: "https://bugzilla.suse.com/1105348", }, { category: "self", summary: "SUSE Bug 1105536", url: "https://bugzilla.suse.com/1105536", }, { category: "self", summary: "SUSE Bug 1105723", url: "https://bugzilla.suse.com/1105723", }, { category: "self", summary: "SUSE Bug 1106095", url: "https://bugzilla.suse.com/1106095", }, { category: "self", summary: "SUSE Bug 1106105", url: "https://bugzilla.suse.com/1106105", }, { category: "self", summary: "SUSE Bug 1106199", url: "https://bugzilla.suse.com/1106199", }, { category: "self", summary: "SUSE Bug 1106202", url: "https://bugzilla.suse.com/1106202", }, { category: "self", summary: "SUSE Bug 1106206", url: "https://bugzilla.suse.com/1106206", }, { category: "self", summary: "SUSE Bug 1106209", url: "https://bugzilla.suse.com/1106209", }, { category: "self", summary: "SUSE Bug 1106212", url: "https://bugzilla.suse.com/1106212", }, { category: "self", summary: "SUSE Bug 1106369", url: "https://bugzilla.suse.com/1106369", }, { category: "self", summary: "SUSE Bug 1106509", url: "https://bugzilla.suse.com/1106509", }, { category: "self", summary: "SUSE Bug 1106511", url: "https://bugzilla.suse.com/1106511", }, { category: "self", summary: "SUSE Bug 1106609", url: "https://bugzilla.suse.com/1106609", }, { category: "self", summary: "SUSE Bug 1106886", url: "https://bugzilla.suse.com/1106886", }, { category: "self", summary: "SUSE Bug 1106930", url: "https://bugzilla.suse.com/1106930", }, { category: "self", summary: "SUSE Bug 1106995", url: "https://bugzilla.suse.com/1106995", }, { category: "self", summary: "SUSE Bug 1107001", url: "https://bugzilla.suse.com/1107001", }, { category: "self", summary: "SUSE Bug 1107064", url: "https://bugzilla.suse.com/1107064", }, { category: "self", summary: "SUSE Bug 1107071", url: "https://bugzilla.suse.com/1107071", }, { category: "self", summary: "SUSE Bug 1107650", url: "https://bugzilla.suse.com/1107650", }, { category: "self", summary: "SUSE Bug 1107689", url: "https://bugzilla.suse.com/1107689", }, { category: "self", summary: "SUSE Bug 1107735", url: "https://bugzilla.suse.com/1107735", }, { category: "self", summary: "SUSE Bug 1107949", url: "https://bugzilla.suse.com/1107949", }, { category: "self", summary: "SUSE Bug 1108096", url: "https://bugzilla.suse.com/1108096", }, { category: "self", summary: "SUSE Bug 1108170", url: "https://bugzilla.suse.com/1108170", }, { category: "self", summary: "SUSE Bug 1108823", url: "https://bugzilla.suse.com/1108823", }, { category: "self", summary: "SUSE Bug 1108912", url: "https://bugzilla.suse.com/1108912", }, { category: "self", summary: "SUSE CVE CVE-2018-10902 page", url: "https://www.suse.com/security/cve/CVE-2018-10902/", }, { category: "self", summary: "SUSE CVE CVE-2018-10940 page", url: "https://www.suse.com/security/cve/CVE-2018-10940/", }, { category: "self", summary: "SUSE CVE CVE-2018-12896 page", url: "https://www.suse.com/security/cve/CVE-2018-12896/", }, { category: "self", summary: "SUSE CVE CVE-2018-14617 page", url: "https://www.suse.com/security/cve/CVE-2018-14617/", }, { category: "self", summary: "SUSE CVE CVE-2018-14634 page", url: "https://www.suse.com/security/cve/CVE-2018-14634/", }, { category: "self", summary: "SUSE CVE CVE-2018-14734 page", url: "https://www.suse.com/security/cve/CVE-2018-14734/", }, { category: "self", summary: "SUSE CVE CVE-2018-15572 page", url: "https://www.suse.com/security/cve/CVE-2018-15572/", }, { category: "self", summary: "SUSE CVE CVE-2018-15594 page", url: "https://www.suse.com/security/cve/CVE-2018-15594/", }, { category: "self", summary: "SUSE CVE CVE-2018-16276 page", url: "https://www.suse.com/security/cve/CVE-2018-16276/", }, { category: "self", summary: "SUSE CVE CVE-2018-16658 page", url: "https://www.suse.com/security/cve/CVE-2018-16658/", }, { category: "self", summary: "SUSE CVE CVE-2018-6554 page", url: "https://www.suse.com/security/cve/CVE-2018-6554/", }, { category: "self", summary: "SUSE CVE CVE-2018-6555 page", url: "https://www.suse.com/security/cve/CVE-2018-6555/", }, ], title: "Security update for the Linux Kernel", tracking: { current_release_date: "2018-09-26T12:53:30Z", generator: { date: "2018-09-26T12:53:30Z", engine: { name: "cve-database.git:bin/generate-csaf.pl", version: "1", }, }, id: "SUSE-SU-2018:2879-1", initial_release_date: "2018-09-26T12:53:30Z", revision_history: [ { date: "2018-09-26T12:53:30Z", number: "1", summary: "Current version", }, ], status: "final", version: "1", }, }, product_tree: { branches: [ { branches: [ { branches: [ { category: "product_version", name: "kernel-default-3.0.101-108.71.1.i586", product: { name: "kernel-default-3.0.101-108.71.1.i586", product_id: "kernel-default-3.0.101-108.71.1.i586", }, }, { category: "product_version", name: "kernel-default-base-3.0.101-108.71.1.i586", product: { name: "kernel-default-base-3.0.101-108.71.1.i586", product_id: "kernel-default-base-3.0.101-108.71.1.i586", }, }, { category: "product_version", name: "kernel-default-devel-3.0.101-108.71.1.i586", product: { name: "kernel-default-devel-3.0.101-108.71.1.i586", product_id: "kernel-default-devel-3.0.101-108.71.1.i586", }, }, { category: "product_version", name: "kernel-ec2-3.0.101-108.71.1.i586", product: { name: "kernel-ec2-3.0.101-108.71.1.i586", product_id: "kernel-ec2-3.0.101-108.71.1.i586", }, }, { category: "product_version", name: "kernel-ec2-base-3.0.101-108.71.1.i586", product: { name: "kernel-ec2-base-3.0.101-108.71.1.i586", product_id: "kernel-ec2-base-3.0.101-108.71.1.i586", }, }, { category: "product_version", name: "kernel-ec2-devel-3.0.101-108.71.1.i586", product: { name: "kernel-ec2-devel-3.0.101-108.71.1.i586", product_id: "kernel-ec2-devel-3.0.101-108.71.1.i586", }, }, { category: "product_version", name: "kernel-pae-3.0.101-108.71.1.i586", product: { name: "kernel-pae-3.0.101-108.71.1.i586", product_id: "kernel-pae-3.0.101-108.71.1.i586", }, }, { category: "product_version", name: "kernel-pae-base-3.0.101-108.71.1.i586", product: { name: "kernel-pae-base-3.0.101-108.71.1.i586", product_id: "kernel-pae-base-3.0.101-108.71.1.i586", }, }, { category: "product_version", name: "kernel-pae-devel-3.0.101-108.71.1.i586", product: { name: "kernel-pae-devel-3.0.101-108.71.1.i586", product_id: "kernel-pae-devel-3.0.101-108.71.1.i586", }, }, { category: "product_version", name: "kernel-source-3.0.101-108.71.1.i586", product: { name: "kernel-source-3.0.101-108.71.1.i586", product_id: "kernel-source-3.0.101-108.71.1.i586", }, }, { category: "product_version", name: "kernel-syms-3.0.101-108.71.1.i586", product: { name: "kernel-syms-3.0.101-108.71.1.i586", product_id: "kernel-syms-3.0.101-108.71.1.i586", }, }, { category: "product_version", name: "kernel-trace-3.0.101-108.71.1.i586", product: { name: "kernel-trace-3.0.101-108.71.1.i586", product_id: "kernel-trace-3.0.101-108.71.1.i586", }, }, { category: "product_version", name: "kernel-trace-base-3.0.101-108.71.1.i586", product: { name: "kernel-trace-base-3.0.101-108.71.1.i586", product_id: "kernel-trace-base-3.0.101-108.71.1.i586", }, }, { category: "product_version", name: "kernel-trace-devel-3.0.101-108.71.1.i586", product: { name: "kernel-trace-devel-3.0.101-108.71.1.i586", product_id: "kernel-trace-devel-3.0.101-108.71.1.i586", }, }, { category: "product_version", name: "kernel-xen-3.0.101-108.71.1.i586", product: { name: "kernel-xen-3.0.101-108.71.1.i586", product_id: "kernel-xen-3.0.101-108.71.1.i586", }, }, { category: "product_version", name: "kernel-xen-base-3.0.101-108.71.1.i586", product: { name: "kernel-xen-base-3.0.101-108.71.1.i586", product_id: "kernel-xen-base-3.0.101-108.71.1.i586", }, }, { category: "product_version", name: "kernel-xen-devel-3.0.101-108.71.1.i586", product: { name: "kernel-xen-devel-3.0.101-108.71.1.i586", product_id: "kernel-xen-devel-3.0.101-108.71.1.i586", }, }, ], category: "architecture", name: "i586", }, { branches: [ { category: "product_version", name: "kernel-default-3.0.101-108.71.1.ia64", product: { name: "kernel-default-3.0.101-108.71.1.ia64", product_id: "kernel-default-3.0.101-108.71.1.ia64", }, }, { category: "product_version", name: "kernel-default-base-3.0.101-108.71.1.ia64", product: { name: "kernel-default-base-3.0.101-108.71.1.ia64", product_id: "kernel-default-base-3.0.101-108.71.1.ia64", }, }, { category: "product_version", name: "kernel-default-devel-3.0.101-108.71.1.ia64", product: { name: "kernel-default-devel-3.0.101-108.71.1.ia64", product_id: "kernel-default-devel-3.0.101-108.71.1.ia64", }, }, { category: "product_version", name: "kernel-source-3.0.101-108.71.1.ia64", product: { name: "kernel-source-3.0.101-108.71.1.ia64", product_id: "kernel-source-3.0.101-108.71.1.ia64", }, }, { category: "product_version", name: "kernel-syms-3.0.101-108.71.1.ia64", product: { name: "kernel-syms-3.0.101-108.71.1.ia64", product_id: "kernel-syms-3.0.101-108.71.1.ia64", }, }, { category: "product_version", name: "kernel-trace-3.0.101-108.71.1.ia64", product: { name: "kernel-trace-3.0.101-108.71.1.ia64", product_id: "kernel-trace-3.0.101-108.71.1.ia64", }, }, { category: "product_version", name: "kernel-trace-base-3.0.101-108.71.1.ia64", product: { name: "kernel-trace-base-3.0.101-108.71.1.ia64", product_id: "kernel-trace-base-3.0.101-108.71.1.ia64", }, }, { category: "product_version", name: "kernel-trace-devel-3.0.101-108.71.1.ia64", product: { name: "kernel-trace-devel-3.0.101-108.71.1.ia64", product_id: "kernel-trace-devel-3.0.101-108.71.1.ia64", }, }, ], category: "architecture", name: "ia64", }, { branches: [ { category: "product_version", name: "kernel-docs-3.0.101-108.71.1.noarch", product: { name: "kernel-docs-3.0.101-108.71.1.noarch", product_id: "kernel-docs-3.0.101-108.71.1.noarch", }, }, ], category: "architecture", name: "noarch", }, { branches: [ { category: "product_version", name: "kernel-bigmem-3.0.101-108.71.1.ppc64", product: { name: "kernel-bigmem-3.0.101-108.71.1.ppc64", product_id: "kernel-bigmem-3.0.101-108.71.1.ppc64", }, }, { category: "product_version", name: "kernel-bigmem-base-3.0.101-108.71.1.ppc64", product: { name: "kernel-bigmem-base-3.0.101-108.71.1.ppc64", product_id: "kernel-bigmem-base-3.0.101-108.71.1.ppc64", }, }, { category: "product_version", name: "kernel-bigmem-devel-3.0.101-108.71.1.ppc64", product: { name: "kernel-bigmem-devel-3.0.101-108.71.1.ppc64", product_id: "kernel-bigmem-devel-3.0.101-108.71.1.ppc64", }, }, { category: "product_version", name: "kernel-default-3.0.101-108.71.1.ppc64", product: { name: "kernel-default-3.0.101-108.71.1.ppc64", product_id: "kernel-default-3.0.101-108.71.1.ppc64", }, }, { category: "product_version", name: "kernel-default-base-3.0.101-108.71.1.ppc64", product: { name: "kernel-default-base-3.0.101-108.71.1.ppc64", product_id: "kernel-default-base-3.0.101-108.71.1.ppc64", }, }, { category: "product_version", name: "kernel-default-devel-3.0.101-108.71.1.ppc64", product: { name: "kernel-default-devel-3.0.101-108.71.1.ppc64", product_id: "kernel-default-devel-3.0.101-108.71.1.ppc64", }, }, { category: "product_version", name: "kernel-ppc64-3.0.101-108.71.1.ppc64", product: { name: "kernel-ppc64-3.0.101-108.71.1.ppc64", product_id: "kernel-ppc64-3.0.101-108.71.1.ppc64", }, }, { category: "product_version", name: "kernel-ppc64-base-3.0.101-108.71.1.ppc64", product: { name: "kernel-ppc64-base-3.0.101-108.71.1.ppc64", product_id: "kernel-ppc64-base-3.0.101-108.71.1.ppc64", }, }, { category: "product_version", name: "kernel-ppc64-devel-3.0.101-108.71.1.ppc64", product: { name: "kernel-ppc64-devel-3.0.101-108.71.1.ppc64", product_id: "kernel-ppc64-devel-3.0.101-108.71.1.ppc64", }, }, { category: "product_version", name: "kernel-source-3.0.101-108.71.1.ppc64", product: { name: "kernel-source-3.0.101-108.71.1.ppc64", product_id: "kernel-source-3.0.101-108.71.1.ppc64", }, }, { category: "product_version", name: "kernel-syms-3.0.101-108.71.1.ppc64", product: { name: "kernel-syms-3.0.101-108.71.1.ppc64", product_id: "kernel-syms-3.0.101-108.71.1.ppc64", }, }, { category: "product_version", name: "kernel-trace-3.0.101-108.71.1.ppc64", product: { name: "kernel-trace-3.0.101-108.71.1.ppc64", product_id: "kernel-trace-3.0.101-108.71.1.ppc64", }, }, { category: "product_version", name: "kernel-trace-base-3.0.101-108.71.1.ppc64", product: { name: "kernel-trace-base-3.0.101-108.71.1.ppc64", product_id: "kernel-trace-base-3.0.101-108.71.1.ppc64", }, }, { category: "product_version", name: "kernel-trace-devel-3.0.101-108.71.1.ppc64", product: { name: "kernel-trace-devel-3.0.101-108.71.1.ppc64", product_id: "kernel-trace-devel-3.0.101-108.71.1.ppc64", }, }, ], category: "architecture", name: "ppc64", }, { branches: [ { category: "product_version", name: "kernel-default-3.0.101-108.71.1.s390x", product: { name: "kernel-default-3.0.101-108.71.1.s390x", product_id: "kernel-default-3.0.101-108.71.1.s390x", }, }, { category: "product_version", name: "kernel-default-base-3.0.101-108.71.1.s390x", product: { name: "kernel-default-base-3.0.101-108.71.1.s390x", product_id: "kernel-default-base-3.0.101-108.71.1.s390x", }, }, { category: "product_version", name: "kernel-default-devel-3.0.101-108.71.1.s390x", product: { name: "kernel-default-devel-3.0.101-108.71.1.s390x", product_id: "kernel-default-devel-3.0.101-108.71.1.s390x", }, }, { category: "product_version", name: "kernel-default-man-3.0.101-108.71.1.s390x", product: { name: "kernel-default-man-3.0.101-108.71.1.s390x", product_id: "kernel-default-man-3.0.101-108.71.1.s390x", }, }, { category: "product_version", name: "kernel-source-3.0.101-108.71.1.s390x", product: { name: "kernel-source-3.0.101-108.71.1.s390x", product_id: "kernel-source-3.0.101-108.71.1.s390x", }, }, { category: "product_version", name: "kernel-syms-3.0.101-108.71.1.s390x", product: { name: "kernel-syms-3.0.101-108.71.1.s390x", product_id: "kernel-syms-3.0.101-108.71.1.s390x", }, }, { category: "product_version", name: "kernel-trace-3.0.101-108.71.1.s390x", product: { name: "kernel-trace-3.0.101-108.71.1.s390x", product_id: "kernel-trace-3.0.101-108.71.1.s390x", }, }, { category: "product_version", name: "kernel-trace-base-3.0.101-108.71.1.s390x", product: { name: "kernel-trace-base-3.0.101-108.71.1.s390x", product_id: "kernel-trace-base-3.0.101-108.71.1.s390x", }, }, { category: "product_version", name: "kernel-trace-devel-3.0.101-108.71.1.s390x", product: { name: "kernel-trace-devel-3.0.101-108.71.1.s390x", product_id: "kernel-trace-devel-3.0.101-108.71.1.s390x", }, }, ], category: "architecture", name: "s390x", }, { branches: [ { category: "product_version", name: "kernel-default-3.0.101-108.71.1.x86_64", product: { name: "kernel-default-3.0.101-108.71.1.x86_64", product_id: "kernel-default-3.0.101-108.71.1.x86_64", }, }, { category: "product_version", name: "kernel-default-base-3.0.101-108.71.1.x86_64", product: { name: "kernel-default-base-3.0.101-108.71.1.x86_64", product_id: "kernel-default-base-3.0.101-108.71.1.x86_64", }, }, { category: "product_version", name: "kernel-default-devel-3.0.101-108.71.1.x86_64", product: { name: "kernel-default-devel-3.0.101-108.71.1.x86_64", product_id: "kernel-default-devel-3.0.101-108.71.1.x86_64", }, }, { category: "product_version", name: "kernel-ec2-3.0.101-108.71.1.x86_64", product: { name: "kernel-ec2-3.0.101-108.71.1.x86_64", product_id: "kernel-ec2-3.0.101-108.71.1.x86_64", }, }, { category: "product_version", name: "kernel-ec2-base-3.0.101-108.71.1.x86_64", product: { name: "kernel-ec2-base-3.0.101-108.71.1.x86_64", product_id: "kernel-ec2-base-3.0.101-108.71.1.x86_64", }, }, { category: "product_version", name: "kernel-ec2-devel-3.0.101-108.71.1.x86_64", product: { name: "kernel-ec2-devel-3.0.101-108.71.1.x86_64", product_id: "kernel-ec2-devel-3.0.101-108.71.1.x86_64", }, }, { category: "product_version", name: "kernel-source-3.0.101-108.71.1.x86_64", product: { name: "kernel-source-3.0.101-108.71.1.x86_64", product_id: "kernel-source-3.0.101-108.71.1.x86_64", }, }, { category: "product_version", name: "kernel-syms-3.0.101-108.71.1.x86_64", product: { name: "kernel-syms-3.0.101-108.71.1.x86_64", product_id: "kernel-syms-3.0.101-108.71.1.x86_64", }, }, { category: "product_version", name: "kernel-trace-3.0.101-108.71.1.x86_64", product: { name: "kernel-trace-3.0.101-108.71.1.x86_64", product_id: "kernel-trace-3.0.101-108.71.1.x86_64", }, }, { category: "product_version", name: "kernel-trace-base-3.0.101-108.71.1.x86_64", product: { name: "kernel-trace-base-3.0.101-108.71.1.x86_64", product_id: "kernel-trace-base-3.0.101-108.71.1.x86_64", }, }, { category: "product_version", name: "kernel-trace-devel-3.0.101-108.71.1.x86_64", product: { name: "kernel-trace-devel-3.0.101-108.71.1.x86_64", product_id: "kernel-trace-devel-3.0.101-108.71.1.x86_64", }, }, { category: "product_version", name: "kernel-xen-3.0.101-108.71.1.x86_64", product: { name: "kernel-xen-3.0.101-108.71.1.x86_64", product_id: "kernel-xen-3.0.101-108.71.1.x86_64", }, }, { category: "product_version", name: "kernel-xen-base-3.0.101-108.71.1.x86_64", product: { name: "kernel-xen-base-3.0.101-108.71.1.x86_64", product_id: "kernel-xen-base-3.0.101-108.71.1.x86_64", }, }, { category: "product_version", name: "kernel-xen-devel-3.0.101-108.71.1.x86_64", product: { name: "kernel-xen-devel-3.0.101-108.71.1.x86_64", product_id: "kernel-xen-devel-3.0.101-108.71.1.x86_64", }, }, ], category: "architecture", name: "x86_64", }, { branches: [ { category: "product_name", name: "SUSE Linux Enterprise Software Development Kit 11 SP4", product: { name: "SUSE Linux Enterprise Software Development Kit 11 SP4", product_id: "SUSE Linux Enterprise Software Development Kit 11 SP4", product_identification_helper: { cpe: "cpe:/a:suse:sle-sdk:11:sp4", }, }, }, { category: "product_name", name: "SUSE Linux Enterprise Server 11 SP4", product: { name: "SUSE Linux Enterprise Server 11 SP4", product_id: "SUSE Linux Enterprise Server 11 SP4", product_identification_helper: { cpe: "cpe:/o:suse:suse_sles:11:sp4", }, }, }, { category: "product_name", name: "SUSE Linux Enterprise Server for SAP Applications 11 SP4", product: { name: "SUSE Linux Enterprise Server for SAP Applications 11 SP4", product_id: "SUSE Linux Enterprise Server for SAP Applications 11 SP4", product_identification_helper: { cpe: "cpe:/o:suse:sles_sap:11:sp4", }, }, }, ], category: "product_family", name: "SUSE Linux Enterprise", }, ], category: "vendor", name: "SUSE", }, ], relationships: [ { category: "default_component_of", full_product_name: { name: "kernel-docs-3.0.101-108.71.1.noarch as component of SUSE Linux Enterprise Software Development Kit 11 SP4", product_id: "SUSE Linux Enterprise Software Development Kit 11 SP4:kernel-docs-3.0.101-108.71.1.noarch", }, product_reference: "kernel-docs-3.0.101-108.71.1.noarch", relates_to_product_reference: "SUSE Linux Enterprise Software Development Kit 11 SP4", }, { category: "default_component_of", full_product_name: { name: "kernel-bigmem-3.0.101-108.71.1.ppc64 as component of SUSE Linux Enterprise Server 11 SP4", product_id: "SUSE Linux Enterprise Server 11 SP4:kernel-bigmem-3.0.101-108.71.1.ppc64", }, product_reference: "kernel-bigmem-3.0.101-108.71.1.ppc64", relates_to_product_reference: "SUSE Linux Enterprise Server 11 SP4", }, { category: "default_component_of", full_product_name: { name: "kernel-bigmem-base-3.0.101-108.71.1.ppc64 as component of SUSE Linux Enterprise Server 11 SP4", product_id: "SUSE Linux Enterprise Server 11 SP4:kernel-bigmem-base-3.0.101-108.71.1.ppc64", }, product_reference: "kernel-bigmem-base-3.0.101-108.71.1.ppc64", relates_to_product_reference: "SUSE Linux Enterprise Server 11 SP4", }, { category: "default_component_of", full_product_name: { name: "kernel-bigmem-devel-3.0.101-108.71.1.ppc64 as component of SUSE Linux Enterprise Server 11 SP4", product_id: "SUSE Linux Enterprise Server 11 SP4:kernel-bigmem-devel-3.0.101-108.71.1.ppc64", }, product_reference: "kernel-bigmem-devel-3.0.101-108.71.1.ppc64", relates_to_product_reference: "SUSE Linux Enterprise Server 11 SP4", }, { category: "default_component_of", full_product_name: { name: "kernel-default-3.0.101-108.71.1.i586 as component of SUSE Linux Enterprise Server 11 SP4", product_id: "SUSE Linux Enterprise Server 11 SP4:kernel-default-3.0.101-108.71.1.i586", }, product_reference: "kernel-default-3.0.101-108.71.1.i586", relates_to_product_reference: "SUSE Linux Enterprise Server 11 SP4", }, { category: "default_component_of", full_product_name: { name: "kernel-default-3.0.101-108.71.1.ia64 as component of SUSE Linux Enterprise Server 11 SP4", product_id: "SUSE Linux Enterprise Server 11 SP4:kernel-default-3.0.101-108.71.1.ia64", }, product_reference: "kernel-default-3.0.101-108.71.1.ia64", relates_to_product_reference: "SUSE Linux Enterprise Server 11 SP4", }, { category: "default_component_of", full_product_name: { name: "kernel-default-3.0.101-108.71.1.ppc64 as component of SUSE Linux Enterprise Server 11 SP4", product_id: "SUSE Linux Enterprise Server 11 SP4:kernel-default-3.0.101-108.71.1.ppc64", }, product_reference: "kernel-default-3.0.101-108.71.1.ppc64", relates_to_product_reference: "SUSE Linux Enterprise Server 11 SP4", }, { category: "default_component_of", full_product_name: { name: "kernel-default-3.0.101-108.71.1.s390x as component of SUSE Linux Enterprise Server 11 SP4", product_id: "SUSE Linux Enterprise Server 11 SP4:kernel-default-3.0.101-108.71.1.s390x", }, product_reference: "kernel-default-3.0.101-108.71.1.s390x", relates_to_product_reference: "SUSE Linux Enterprise Server 11 SP4", }, { category: "default_component_of", full_product_name: { name: "kernel-default-3.0.101-108.71.1.x86_64 as component of SUSE Linux Enterprise Server 11 SP4", product_id: "SUSE Linux Enterprise Server 11 SP4:kernel-default-3.0.101-108.71.1.x86_64", }, product_reference: "kernel-default-3.0.101-108.71.1.x86_64", relates_to_product_reference: "SUSE Linux Enterprise Server 11 SP4", }, { category: "default_component_of", full_product_name: { name: "kernel-default-base-3.0.101-108.71.1.i586 as component of SUSE Linux Enterprise Server 11 SP4", product_id: "SUSE Linux Enterprise Server 11 SP4:kernel-default-base-3.0.101-108.71.1.i586", }, product_reference: "kernel-default-base-3.0.101-108.71.1.i586", relates_to_product_reference: "SUSE Linux Enterprise Server 11 SP4", }, { category: "default_component_of", full_product_name: { name: "kernel-default-base-3.0.101-108.71.1.ia64 as component of SUSE Linux Enterprise Server 11 SP4", product_id: "SUSE Linux Enterprise Server 11 SP4:kernel-default-base-3.0.101-108.71.1.ia64", }, product_reference: "kernel-default-base-3.0.101-108.71.1.ia64", relates_to_product_reference: "SUSE Linux Enterprise Server 11 SP4", }, { category: "default_component_of", full_product_name: { name: "kernel-default-base-3.0.101-108.71.1.ppc64 as component of SUSE Linux Enterprise Server 11 SP4", product_id: "SUSE Linux Enterprise Server 11 SP4:kernel-default-base-3.0.101-108.71.1.ppc64", }, product_reference: "kernel-default-base-3.0.101-108.71.1.ppc64", relates_to_product_reference: "SUSE Linux Enterprise Server 11 SP4", }, { category: "default_component_of", full_product_name: { name: "kernel-default-base-3.0.101-108.71.1.s390x as component of SUSE Linux Enterprise Server 11 SP4", product_id: "SUSE Linux Enterprise Server 11 SP4:kernel-default-base-3.0.101-108.71.1.s390x", }, product_reference: "kernel-default-base-3.0.101-108.71.1.s390x", relates_to_product_reference: "SUSE Linux Enterprise Server 11 SP4", }, { category: "default_component_of", full_product_name: { name: "kernel-default-base-3.0.101-108.71.1.x86_64 as component of SUSE Linux Enterprise Server 11 SP4", product_id: "SUSE Linux Enterprise Server 11 SP4:kernel-default-base-3.0.101-108.71.1.x86_64", }, product_reference: "kernel-default-base-3.0.101-108.71.1.x86_64", relates_to_product_reference: "SUSE Linux Enterprise Server 11 SP4", }, { category: "default_component_of", full_product_name: { name: "kernel-default-devel-3.0.101-108.71.1.i586 as component of SUSE Linux Enterprise Server 11 SP4", product_id: "SUSE Linux Enterprise Server 11 SP4:kernel-default-devel-3.0.101-108.71.1.i586", }, product_reference: "kernel-default-devel-3.0.101-108.71.1.i586", relates_to_product_reference: "SUSE Linux Enterprise Server 11 SP4", }, { category: "default_component_of", full_product_name: { name: "kernel-default-devel-3.0.101-108.71.1.ia64 as component of SUSE Linux Enterprise Server 11 SP4", product_id: "SUSE Linux Enterprise Server 11 SP4:kernel-default-devel-3.0.101-108.71.1.ia64", }, product_reference: "kernel-default-devel-3.0.101-108.71.1.ia64", relates_to_product_reference: "SUSE Linux Enterprise Server 11 SP4", }, { category: "default_component_of", full_product_name: { name: "kernel-default-devel-3.0.101-108.71.1.ppc64 as component of SUSE Linux Enterprise Server 11 SP4", product_id: "SUSE Linux Enterprise Server 11 SP4:kernel-default-devel-3.0.101-108.71.1.ppc64", }, product_reference: "kernel-default-devel-3.0.101-108.71.1.ppc64", relates_to_product_reference: "SUSE Linux Enterprise Server 11 SP4", }, { category: "default_component_of", full_product_name: { name: "kernel-default-devel-3.0.101-108.71.1.s390x as component of SUSE Linux Enterprise Server 11 SP4", product_id: "SUSE Linux Enterprise Server 11 SP4:kernel-default-devel-3.0.101-108.71.1.s390x", }, product_reference: "kernel-default-devel-3.0.101-108.71.1.s390x", relates_to_product_reference: "SUSE Linux Enterprise Server 11 SP4", }, { category: "default_component_of", full_product_name: { name: "kernel-default-devel-3.0.101-108.71.1.x86_64 as component of SUSE Linux Enterprise Server 11 SP4", product_id: "SUSE Linux Enterprise Server 11 SP4:kernel-default-devel-3.0.101-108.71.1.x86_64", }, product_reference: "kernel-default-devel-3.0.101-108.71.1.x86_64", relates_to_product_reference: "SUSE Linux Enterprise Server 11 SP4", }, { category: "default_component_of", full_product_name: { name: "kernel-default-man-3.0.101-108.71.1.s390x as component of SUSE Linux Enterprise Server 11 SP4", product_id: "SUSE Linux Enterprise Server 11 SP4:kernel-default-man-3.0.101-108.71.1.s390x", }, product_reference: "kernel-default-man-3.0.101-108.71.1.s390x", relates_to_product_reference: "SUSE Linux Enterprise Server 11 SP4", }, { category: "default_component_of", full_product_name: { name: "kernel-ec2-3.0.101-108.71.1.i586 as component of SUSE Linux Enterprise Server 11 SP4", product_id: "SUSE Linux Enterprise Server 11 SP4:kernel-ec2-3.0.101-108.71.1.i586", }, product_reference: "kernel-ec2-3.0.101-108.71.1.i586", relates_to_product_reference: "SUSE Linux Enterprise Server 11 SP4", }, { category: "default_component_of", full_product_name: { name: "kernel-ec2-3.0.101-108.71.1.x86_64 as component of SUSE Linux Enterprise Server 11 SP4", product_id: "SUSE Linux Enterprise Server 11 SP4:kernel-ec2-3.0.101-108.71.1.x86_64", }, product_reference: "kernel-ec2-3.0.101-108.71.1.x86_64", relates_to_product_reference: "SUSE Linux Enterprise Server 11 SP4", }, { category: "default_component_of", full_product_name: { name: "kernel-ec2-base-3.0.101-108.71.1.i586 as component of SUSE Linux Enterprise Server 11 SP4", product_id: "SUSE Linux Enterprise Server 11 SP4:kernel-ec2-base-3.0.101-108.71.1.i586", }, product_reference: "kernel-ec2-base-3.0.101-108.71.1.i586", relates_to_product_reference: "SUSE Linux Enterprise Server 11 SP4", }, { category: "default_component_of", full_product_name: { name: "kernel-ec2-base-3.0.101-108.71.1.x86_64 as component of SUSE Linux Enterprise Server 11 SP4", product_id: "SUSE Linux Enterprise Server 11 SP4:kernel-ec2-base-3.0.101-108.71.1.x86_64", }, product_reference: "kernel-ec2-base-3.0.101-108.71.1.x86_64", relates_to_product_reference: "SUSE Linux Enterprise Server 11 SP4", }, { category: "default_component_of", full_product_name: { name: "kernel-ec2-devel-3.0.101-108.71.1.i586 as component of SUSE Linux Enterprise Server 11 SP4", product_id: "SUSE Linux Enterprise Server 11 SP4:kernel-ec2-devel-3.0.101-108.71.1.i586", }, product_reference: "kernel-ec2-devel-3.0.101-108.71.1.i586", relates_to_product_reference: "SUSE Linux Enterprise Server 11 SP4", }, { category: "default_component_of", full_product_name: { name: "kernel-ec2-devel-3.0.101-108.71.1.x86_64 as component of SUSE Linux Enterprise Server 11 SP4", product_id: "SUSE Linux Enterprise Server 11 SP4:kernel-ec2-devel-3.0.101-108.71.1.x86_64", }, product_reference: "kernel-ec2-devel-3.0.101-108.71.1.x86_64", relates_to_product_reference: "SUSE Linux Enterprise Server 11 SP4", }, { category: "default_component_of", full_product_name: { name: "kernel-pae-3.0.101-108.71.1.i586 as component of SUSE Linux Enterprise Server 11 SP4", product_id: "SUSE Linux Enterprise Server 11 SP4:kernel-pae-3.0.101-108.71.1.i586", }, product_reference: "kernel-pae-3.0.101-108.71.1.i586", relates_to_product_reference: "SUSE Linux Enterprise Server 11 SP4", }, { category: "default_component_of", full_product_name: { name: "kernel-pae-base-3.0.101-108.71.1.i586 as component of SUSE Linux Enterprise Server 11 SP4", product_id: "SUSE Linux Enterprise Server 11 SP4:kernel-pae-base-3.0.101-108.71.1.i586", }, product_reference: "kernel-pae-base-3.0.101-108.71.1.i586", relates_to_product_reference: "SUSE Linux Enterprise Server 11 SP4", }, { category: "default_component_of", full_product_name: { name: "kernel-pae-devel-3.0.101-108.71.1.i586 as component of SUSE Linux Enterprise Server 11 SP4", product_id: "SUSE Linux Enterprise Server 11 SP4:kernel-pae-devel-3.0.101-108.71.1.i586", }, product_reference: "kernel-pae-devel-3.0.101-108.71.1.i586", relates_to_product_reference: "SUSE Linux Enterprise Server 11 SP4", }, { category: "default_component_of", full_product_name: { name: "kernel-ppc64-3.0.101-108.71.1.ppc64 as component of SUSE Linux Enterprise Server 11 SP4", product_id: "SUSE Linux Enterprise Server 11 SP4:kernel-ppc64-3.0.101-108.71.1.ppc64", }, product_reference: "kernel-ppc64-3.0.101-108.71.1.ppc64", relates_to_product_reference: "SUSE Linux Enterprise Server 11 SP4", }, { category: "default_component_of", full_product_name: { name: "kernel-ppc64-base-3.0.101-108.71.1.ppc64 as component of SUSE Linux Enterprise Server 11 SP4", product_id: "SUSE Linux Enterprise Server 11 SP4:kernel-ppc64-base-3.0.101-108.71.1.ppc64", }, product_reference: "kernel-ppc64-base-3.0.101-108.71.1.ppc64", relates_to_product_reference: "SUSE Linux Enterprise Server 11 SP4", }, { category: "default_component_of", full_product_name: { name: "kernel-ppc64-devel-3.0.101-108.71.1.ppc64 as component of SUSE Linux Enterprise Server 11 SP4", product_id: "SUSE Linux Enterprise Server 11 SP4:kernel-ppc64-devel-3.0.101-108.71.1.ppc64", }, product_reference: "kernel-ppc64-devel-3.0.101-108.71.1.ppc64", relates_to_product_reference: "SUSE Linux Enterprise Server 11 SP4", }, { category: "default_component_of", full_product_name: { name: "kernel-source-3.0.101-108.71.1.i586 as component of SUSE Linux Enterprise Server 11 SP4", product_id: "SUSE Linux Enterprise Server 11 SP4:kernel-source-3.0.101-108.71.1.i586", }, product_reference: "kernel-source-3.0.101-108.71.1.i586", relates_to_product_reference: "SUSE Linux Enterprise Server 11 SP4", }, { category: "default_component_of", full_product_name: { name: "kernel-source-3.0.101-108.71.1.ia64 as component of SUSE Linux Enterprise Server 11 SP4", product_id: "SUSE Linux Enterprise Server 11 SP4:kernel-source-3.0.101-108.71.1.ia64", }, product_reference: "kernel-source-3.0.101-108.71.1.ia64", relates_to_product_reference: "SUSE Linux Enterprise Server 11 SP4", }, { category: "default_component_of", full_product_name: { name: "kernel-source-3.0.101-108.71.1.ppc64 as component of SUSE Linux Enterprise Server 11 SP4", product_id: "SUSE Linux Enterprise Server 11 SP4:kernel-source-3.0.101-108.71.1.ppc64", }, product_reference: "kernel-source-3.0.101-108.71.1.ppc64", relates_to_product_reference: "SUSE Linux Enterprise Server 11 SP4", }, { category: "default_component_of", full_product_name: { name: "kernel-source-3.0.101-108.71.1.s390x as component of SUSE Linux Enterprise Server 11 SP4", product_id: "SUSE Linux Enterprise Server 11 SP4:kernel-source-3.0.101-108.71.1.s390x", }, product_reference: "kernel-source-3.0.101-108.71.1.s390x", relates_to_product_reference: "SUSE Linux Enterprise Server 11 SP4", }, { category: "default_component_of", full_product_name: { name: "kernel-source-3.0.101-108.71.1.x86_64 as component of SUSE Linux Enterprise Server 11 SP4", product_id: "SUSE Linux Enterprise Server 11 SP4:kernel-source-3.0.101-108.71.1.x86_64", }, product_reference: "kernel-source-3.0.101-108.71.1.x86_64", relates_to_product_reference: "SUSE Linux Enterprise Server 11 SP4", }, { category: "default_component_of", full_product_name: { name: "kernel-syms-3.0.101-108.71.1.i586 as component of SUSE Linux Enterprise Server 11 SP4", product_id: "SUSE Linux Enterprise Server 11 SP4:kernel-syms-3.0.101-108.71.1.i586", }, product_reference: "kernel-syms-3.0.101-108.71.1.i586", relates_to_product_reference: "SUSE Linux Enterprise Server 11 SP4", }, { category: "default_component_of", full_product_name: { name: "kernel-syms-3.0.101-108.71.1.ia64 as component of SUSE Linux Enterprise Server 11 SP4", product_id: "SUSE Linux Enterprise Server 11 SP4:kernel-syms-3.0.101-108.71.1.ia64", }, product_reference: "kernel-syms-3.0.101-108.71.1.ia64", relates_to_product_reference: "SUSE Linux Enterprise Server 11 SP4", }, { category: "default_component_of", full_product_name: { name: "kernel-syms-3.0.101-108.71.1.ppc64 as component of SUSE Linux Enterprise Server 11 SP4", product_id: "SUSE Linux Enterprise Server 11 SP4:kernel-syms-3.0.101-108.71.1.ppc64", }, product_reference: "kernel-syms-3.0.101-108.71.1.ppc64", relates_to_product_reference: "SUSE Linux Enterprise Server 11 SP4", }, { category: "default_component_of", full_product_name: { name: "kernel-syms-3.0.101-108.71.1.s390x as component of SUSE Linux Enterprise Server 11 SP4", product_id: "SUSE Linux Enterprise Server 11 SP4:kernel-syms-3.0.101-108.71.1.s390x", }, product_reference: "kernel-syms-3.0.101-108.71.1.s390x", relates_to_product_reference: "SUSE Linux Enterprise Server 11 SP4", }, { category: "default_component_of", full_product_name: { name: "kernel-syms-3.0.101-108.71.1.x86_64 as component of SUSE Linux Enterprise Server 11 SP4", product_id: "SUSE Linux Enterprise Server 11 SP4:kernel-syms-3.0.101-108.71.1.x86_64", }, product_reference: "kernel-syms-3.0.101-108.71.1.x86_64", relates_to_product_reference: "SUSE Linux Enterprise Server 11 SP4", }, { category: "default_component_of", full_product_name: { name: "kernel-trace-3.0.101-108.71.1.i586 as component of SUSE Linux Enterprise Server 11 SP4", product_id: "SUSE Linux Enterprise Server 11 SP4:kernel-trace-3.0.101-108.71.1.i586", }, product_reference: "kernel-trace-3.0.101-108.71.1.i586", relates_to_product_reference: "SUSE Linux Enterprise Server 11 SP4", }, { category: "default_component_of", full_product_name: { name: "kernel-trace-3.0.101-108.71.1.ia64 as component of SUSE Linux Enterprise Server 11 SP4", product_id: "SUSE Linux Enterprise Server 11 SP4:kernel-trace-3.0.101-108.71.1.ia64", }, product_reference: "kernel-trace-3.0.101-108.71.1.ia64", relates_to_product_reference: "SUSE Linux Enterprise Server 11 SP4", }, { category: "default_component_of", full_product_name: { name: "kernel-trace-3.0.101-108.71.1.ppc64 as component of SUSE Linux Enterprise Server 11 SP4", product_id: "SUSE Linux Enterprise Server 11 SP4:kernel-trace-3.0.101-108.71.1.ppc64", }, product_reference: "kernel-trace-3.0.101-108.71.1.ppc64", relates_to_product_reference: "SUSE Linux Enterprise Server 11 SP4", }, { category: "default_component_of", full_product_name: { name: "kernel-trace-3.0.101-108.71.1.s390x as component of SUSE Linux Enterprise Server 11 SP4", product_id: "SUSE Linux Enterprise Server 11 SP4:kernel-trace-3.0.101-108.71.1.s390x", }, product_reference: "kernel-trace-3.0.101-108.71.1.s390x", relates_to_product_reference: "SUSE Linux Enterprise Server 11 SP4", }, { category: "default_component_of", full_product_name: { name: "kernel-trace-3.0.101-108.71.1.x86_64 as component of SUSE Linux Enterprise Server 11 SP4", product_id: "SUSE Linux Enterprise Server 11 SP4:kernel-trace-3.0.101-108.71.1.x86_64", }, product_reference: "kernel-trace-3.0.101-108.71.1.x86_64", relates_to_product_reference: "SUSE Linux Enterprise Server 11 SP4", }, { category: "default_component_of", full_product_name: { name: "kernel-trace-base-3.0.101-108.71.1.i586 as component of SUSE Linux Enterprise Server 11 SP4", product_id: "SUSE Linux Enterprise Server 11 SP4:kernel-trace-base-3.0.101-108.71.1.i586", }, product_reference: "kernel-trace-base-3.0.101-108.71.1.i586", relates_to_product_reference: "SUSE Linux Enterprise Server 11 SP4", }, { category: "default_component_of", full_product_name: { name: "kernel-trace-base-3.0.101-108.71.1.ia64 as component of SUSE Linux Enterprise Server 11 SP4", product_id: "SUSE Linux Enterprise Server 11 SP4:kernel-trace-base-3.0.101-108.71.1.ia64", }, product_reference: "kernel-trace-base-3.0.101-108.71.1.ia64", relates_to_product_reference: "SUSE Linux Enterprise Server 11 SP4", }, { category: "default_component_of", full_product_name: { name: "kernel-trace-base-3.0.101-108.71.1.ppc64 as component of SUSE Linux Enterprise Server 11 SP4", product_id: "SUSE Linux Enterprise Server 11 SP4:kernel-trace-base-3.0.101-108.71.1.ppc64", }, product_reference: "kernel-trace-base-3.0.101-108.71.1.ppc64", relates_to_product_reference: "SUSE Linux Enterprise Server 11 SP4", }, { category: "default_component_of", full_product_name: { name: "kernel-trace-base-3.0.101-108.71.1.s390x as component of SUSE Linux Enterprise Server 11 SP4", product_id: "SUSE Linux Enterprise Server 11 SP4:kernel-trace-base-3.0.101-108.71.1.s390x", }, product_reference: "kernel-trace-base-3.0.101-108.71.1.s390x", relates_to_product_reference: "SUSE Linux Enterprise Server 11 SP4", }, { category: "default_component_of", full_product_name: { name: "kernel-trace-base-3.0.101-108.71.1.x86_64 as component of SUSE Linux Enterprise Server 11 SP4", product_id: "SUSE Linux Enterprise Server 11 SP4:kernel-trace-base-3.0.101-108.71.1.x86_64", }, product_reference: "kernel-trace-base-3.0.101-108.71.1.x86_64", relates_to_product_reference: "SUSE Linux Enterprise Server 11 SP4", }, { category: "default_component_of", full_product_name: { name: "kernel-trace-devel-3.0.101-108.71.1.i586 as component of SUSE Linux Enterprise Server 11 SP4", product_id: "SUSE Linux Enterprise Server 11 SP4:kernel-trace-devel-3.0.101-108.71.1.i586", }, product_reference: "kernel-trace-devel-3.0.101-108.71.1.i586", relates_to_product_reference: "SUSE Linux Enterprise Server 11 SP4", }, { category: "default_component_of", full_product_name: { name: "kernel-trace-devel-3.0.101-108.71.1.ia64 as component of SUSE Linux Enterprise Server 11 SP4", product_id: "SUSE Linux Enterprise Server 11 SP4:kernel-trace-devel-3.0.101-108.71.1.ia64", }, product_reference: "kernel-trace-devel-3.0.101-108.71.1.ia64", relates_to_product_reference: "SUSE Linux Enterprise Server 11 SP4", }, { category: "default_component_of", full_product_name: { name: "kernel-trace-devel-3.0.101-108.71.1.ppc64 as component of SUSE Linux Enterprise Server 11 SP4", product_id: "SUSE Linux Enterprise Server 11 SP4:kernel-trace-devel-3.0.101-108.71.1.ppc64", }, product_reference: "kernel-trace-devel-3.0.101-108.71.1.ppc64", relates_to_product_reference: "SUSE Linux Enterprise Server 11 SP4", }, { category: "default_component_of", full_product_name: { name: "kernel-trace-devel-3.0.101-108.71.1.s390x as component of SUSE Linux Enterprise Server 11 SP4", product_id: "SUSE Linux Enterprise Server 11 SP4:kernel-trace-devel-3.0.101-108.71.1.s390x", }, product_reference: "kernel-trace-devel-3.0.101-108.71.1.s390x", relates_to_product_reference: "SUSE Linux Enterprise Server 11 SP4", }, { category: "default_component_of", full_product_name: { name: "kernel-trace-devel-3.0.101-108.71.1.x86_64 as component of SUSE Linux Enterprise Server 11 SP4", product_id: "SUSE Linux Enterprise Server 11 SP4:kernel-trace-devel-3.0.101-108.71.1.x86_64", }, product_reference: "kernel-trace-devel-3.0.101-108.71.1.x86_64", relates_to_product_reference: "SUSE Linux Enterprise Server 11 SP4", }, { category: "default_component_of", full_product_name: { name: "kernel-xen-3.0.101-108.71.1.i586 as component of SUSE Linux Enterprise Server 11 SP4", product_id: "SUSE Linux Enterprise Server 11 SP4:kernel-xen-3.0.101-108.71.1.i586", }, product_reference: "kernel-xen-3.0.101-108.71.1.i586", relates_to_product_reference: "SUSE Linux Enterprise Server 11 SP4", }, { category: "default_component_of", full_product_name: { name: "kernel-xen-3.0.101-108.71.1.x86_64 as component of SUSE Linux Enterprise Server 11 SP4", product_id: "SUSE Linux Enterprise Server 11 SP4:kernel-xen-3.0.101-108.71.1.x86_64", }, product_reference: "kernel-xen-3.0.101-108.71.1.x86_64", relates_to_product_reference: "SUSE Linux Enterprise Server 11 SP4", }, { category: "default_component_of", full_product_name: { name: "kernel-xen-base-3.0.101-108.71.1.i586 as component of SUSE Linux Enterprise Server 11 SP4", product_id: "SUSE Linux Enterprise Server 11 SP4:kernel-xen-base-3.0.101-108.71.1.i586", }, product_reference: "kernel-xen-base-3.0.101-108.71.1.i586", relates_to_product_reference: "SUSE Linux Enterprise Server 11 SP4", }, { category: "default_component_of", full_product_name: { name: "kernel-xen-base-3.0.101-108.71.1.x86_64 as component of SUSE Linux Enterprise Server 11 SP4", product_id: "SUSE Linux Enterprise Server 11 SP4:kernel-xen-base-3.0.101-108.71.1.x86_64", }, product_reference: "kernel-xen-base-3.0.101-108.71.1.x86_64", relates_to_product_reference: "SUSE Linux Enterprise Server 11 SP4", }, { category: "default_component_of", full_product_name: { name: "kernel-xen-devel-3.0.101-108.71.1.i586 as component of SUSE Linux Enterprise Server 11 SP4", product_id: "SUSE Linux Enterprise Server 11 SP4:kernel-xen-devel-3.0.101-108.71.1.i586", }, product_reference: "kernel-xen-devel-3.0.101-108.71.1.i586", relates_to_product_reference: "SUSE Linux Enterprise Server 11 SP4", }, { category: "default_component_of", full_product_name: { name: "kernel-xen-devel-3.0.101-108.71.1.x86_64 as component of SUSE Linux Enterprise Server 11 SP4", product_id: "SUSE Linux Enterprise Server 11 SP4:kernel-xen-devel-3.0.101-108.71.1.x86_64", }, product_reference: "kernel-xen-devel-3.0.101-108.71.1.x86_64", relates_to_product_reference: "SUSE Linux Enterprise Server 11 SP4", }, { category: "default_component_of", full_product_name: { name: "kernel-bigmem-3.0.101-108.71.1.ppc64 as component of SUSE Linux Enterprise Server for SAP Applications 11 SP4", product_id: "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-bigmem-3.0.101-108.71.1.ppc64", }, product_reference: "kernel-bigmem-3.0.101-108.71.1.ppc64", relates_to_product_reference: "SUSE Linux Enterprise Server for SAP Applications 11 SP4", }, { category: "default_component_of", full_product_name: { name: "kernel-bigmem-base-3.0.101-108.71.1.ppc64 as component of SUSE Linux Enterprise Server for SAP Applications 11 SP4", product_id: "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-bigmem-base-3.0.101-108.71.1.ppc64", }, product_reference: "kernel-bigmem-base-3.0.101-108.71.1.ppc64", relates_to_product_reference: "SUSE Linux Enterprise Server for SAP Applications 11 SP4", }, { category: "default_component_of", full_product_name: { name: "kernel-bigmem-devel-3.0.101-108.71.1.ppc64 as component of SUSE Linux Enterprise Server for SAP Applications 11 SP4", product_id: "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-bigmem-devel-3.0.101-108.71.1.ppc64", }, product_reference: "kernel-bigmem-devel-3.0.101-108.71.1.ppc64", relates_to_product_reference: "SUSE Linux Enterprise Server for SAP Applications 11 SP4", }, { category: "default_component_of", full_product_name: { name: "kernel-default-3.0.101-108.71.1.i586 as component of SUSE Linux Enterprise Server for SAP Applications 11 SP4", product_id: "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-default-3.0.101-108.71.1.i586", }, product_reference: "kernel-default-3.0.101-108.71.1.i586", relates_to_product_reference: "SUSE Linux Enterprise Server for SAP Applications 11 SP4", }, { category: "default_component_of", full_product_name: { name: "kernel-default-3.0.101-108.71.1.ia64 as component of SUSE Linux Enterprise Server for SAP Applications 11 SP4", product_id: "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-default-3.0.101-108.71.1.ia64", }, product_reference: "kernel-default-3.0.101-108.71.1.ia64", relates_to_product_reference: "SUSE Linux Enterprise Server for SAP Applications 11 SP4", }, { category: "default_component_of", full_product_name: { name: "kernel-default-3.0.101-108.71.1.ppc64 as component of SUSE Linux Enterprise Server for SAP Applications 11 SP4", product_id: "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-default-3.0.101-108.71.1.ppc64", }, product_reference: "kernel-default-3.0.101-108.71.1.ppc64", relates_to_product_reference: "SUSE Linux Enterprise Server for SAP Applications 11 SP4", }, { category: "default_component_of", full_product_name: { name: "kernel-default-3.0.101-108.71.1.s390x as component of SUSE Linux Enterprise Server for SAP Applications 11 SP4", product_id: "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-default-3.0.101-108.71.1.s390x", }, product_reference: "kernel-default-3.0.101-108.71.1.s390x", relates_to_product_reference: "SUSE Linux Enterprise Server for SAP Applications 11 SP4", }, { category: "default_component_of", full_product_name: { name: "kernel-default-3.0.101-108.71.1.x86_64 as component of SUSE Linux Enterprise Server for SAP Applications 11 SP4", product_id: "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-default-3.0.101-108.71.1.x86_64", }, product_reference: "kernel-default-3.0.101-108.71.1.x86_64", relates_to_product_reference: "SUSE Linux Enterprise Server for SAP Applications 11 SP4", }, { category: "default_component_of", full_product_name: { name: "kernel-default-base-3.0.101-108.71.1.i586 as component of SUSE Linux Enterprise Server for SAP Applications 11 SP4", product_id: "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-default-base-3.0.101-108.71.1.i586", }, product_reference: "kernel-default-base-3.0.101-108.71.1.i586", relates_to_product_reference: "SUSE Linux Enterprise Server for SAP Applications 11 SP4", }, { category: "default_component_of", full_product_name: { name: "kernel-default-base-3.0.101-108.71.1.ia64 as component of SUSE Linux Enterprise Server for SAP Applications 11 SP4", product_id: "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-default-base-3.0.101-108.71.1.ia64", }, product_reference: "kernel-default-base-3.0.101-108.71.1.ia64", relates_to_product_reference: "SUSE Linux Enterprise Server for SAP Applications 11 SP4", }, { category: "default_component_of", full_product_name: { name: "kernel-default-base-3.0.101-108.71.1.ppc64 as component of SUSE Linux Enterprise Server for SAP Applications 11 SP4", product_id: "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-default-base-3.0.101-108.71.1.ppc64", }, product_reference: "kernel-default-base-3.0.101-108.71.1.ppc64", relates_to_product_reference: "SUSE Linux Enterprise Server for SAP Applications 11 SP4", }, { category: "default_component_of", full_product_name: { name: "kernel-default-base-3.0.101-108.71.1.s390x as component of SUSE Linux Enterprise Server for SAP Applications 11 SP4", product_id: "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-default-base-3.0.101-108.71.1.s390x", }, product_reference: "kernel-default-base-3.0.101-108.71.1.s390x", relates_to_product_reference: "SUSE Linux Enterprise Server for SAP Applications 11 SP4", }, { category: "default_component_of", full_product_name: { name: "kernel-default-base-3.0.101-108.71.1.x86_64 as component of SUSE Linux Enterprise Server for SAP Applications 11 SP4", product_id: "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-default-base-3.0.101-108.71.1.x86_64", }, product_reference: "kernel-default-base-3.0.101-108.71.1.x86_64", relates_to_product_reference: "SUSE Linux Enterprise Server for SAP Applications 11 SP4", }, { category: "default_component_of", full_product_name: { name: "kernel-default-devel-3.0.101-108.71.1.i586 as component of SUSE Linux Enterprise Server for SAP Applications 11 SP4", product_id: "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-default-devel-3.0.101-108.71.1.i586", }, product_reference: "kernel-default-devel-3.0.101-108.71.1.i586", relates_to_product_reference: "SUSE Linux Enterprise Server for SAP Applications 11 SP4", }, { category: "default_component_of", full_product_name: { name: "kernel-default-devel-3.0.101-108.71.1.ia64 as component of SUSE Linux Enterprise Server for SAP Applications 11 SP4", product_id: "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-default-devel-3.0.101-108.71.1.ia64", }, product_reference: "kernel-default-devel-3.0.101-108.71.1.ia64", relates_to_product_reference: "SUSE Linux Enterprise Server for SAP Applications 11 SP4", }, { category: "default_component_of", full_product_name: { name: "kernel-default-devel-3.0.101-108.71.1.ppc64 as component of SUSE Linux Enterprise Server for SAP Applications 11 SP4", product_id: "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-default-devel-3.0.101-108.71.1.ppc64", }, product_reference: "kernel-default-devel-3.0.101-108.71.1.ppc64", relates_to_product_reference: "SUSE Linux Enterprise Server for SAP Applications 11 SP4", }, { category: "default_component_of", full_product_name: { name: "kernel-default-devel-3.0.101-108.71.1.s390x as component of SUSE Linux Enterprise Server for SAP Applications 11 SP4", product_id: "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-default-devel-3.0.101-108.71.1.s390x", }, product_reference: "kernel-default-devel-3.0.101-108.71.1.s390x", relates_to_product_reference: "SUSE Linux Enterprise Server for SAP Applications 11 SP4", }, { category: "default_component_of", full_product_name: { name: "kernel-default-devel-3.0.101-108.71.1.x86_64 as component of SUSE Linux Enterprise Server for SAP Applications 11 SP4", product_id: "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-default-devel-3.0.101-108.71.1.x86_64", }, product_reference: "kernel-default-devel-3.0.101-108.71.1.x86_64", relates_to_product_reference: "SUSE Linux Enterprise Server for SAP Applications 11 SP4", }, { category: "default_component_of", full_product_name: { name: "kernel-default-man-3.0.101-108.71.1.s390x as component of SUSE Linux Enterprise Server for SAP Applications 11 SP4", product_id: "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-default-man-3.0.101-108.71.1.s390x", }, product_reference: "kernel-default-man-3.0.101-108.71.1.s390x", relates_to_product_reference: "SUSE Linux Enterprise Server for SAP Applications 11 SP4", }, { category: "default_component_of", full_product_name: { name: "kernel-ec2-3.0.101-108.71.1.i586 as component of SUSE Linux Enterprise Server for SAP Applications 11 SP4", product_id: "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-ec2-3.0.101-108.71.1.i586", }, product_reference: "kernel-ec2-3.0.101-108.71.1.i586", relates_to_product_reference: "SUSE Linux Enterprise Server for SAP Applications 11 SP4", }, { category: "default_component_of", full_product_name: { name: "kernel-ec2-3.0.101-108.71.1.x86_64 as component of SUSE Linux Enterprise Server for SAP Applications 11 SP4", product_id: "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-ec2-3.0.101-108.71.1.x86_64", }, product_reference: "kernel-ec2-3.0.101-108.71.1.x86_64", relates_to_product_reference: "SUSE Linux Enterprise Server for SAP Applications 11 SP4", }, { category: "default_component_of", full_product_name: { name: "kernel-ec2-base-3.0.101-108.71.1.i586 as component of SUSE Linux Enterprise Server for SAP Applications 11 SP4", product_id: "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-ec2-base-3.0.101-108.71.1.i586", }, product_reference: "kernel-ec2-base-3.0.101-108.71.1.i586", relates_to_product_reference: "SUSE Linux Enterprise Server for SAP Applications 11 SP4", }, { category: "default_component_of", full_product_name: { name: "kernel-ec2-base-3.0.101-108.71.1.x86_64 as component of SUSE Linux Enterprise Server for SAP Applications 11 SP4", product_id: "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-ec2-base-3.0.101-108.71.1.x86_64", }, product_reference: "kernel-ec2-base-3.0.101-108.71.1.x86_64", relates_to_product_reference: "SUSE Linux Enterprise Server for SAP Applications 11 SP4", }, { category: "default_component_of", full_product_name: { name: "kernel-ec2-devel-3.0.101-108.71.1.i586 as component of SUSE Linux Enterprise Server for SAP Applications 11 SP4", product_id: "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-ec2-devel-3.0.101-108.71.1.i586", }, product_reference: "kernel-ec2-devel-3.0.101-108.71.1.i586", relates_to_product_reference: "SUSE Linux Enterprise Server for SAP Applications 11 SP4", }, { category: "default_component_of", full_product_name: { name: "kernel-ec2-devel-3.0.101-108.71.1.x86_64 as component of SUSE Linux Enterprise Server for SAP Applications 11 SP4", product_id: "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-ec2-devel-3.0.101-108.71.1.x86_64", }, product_reference: "kernel-ec2-devel-3.0.101-108.71.1.x86_64", relates_to_product_reference: "SUSE Linux Enterprise Server for SAP Applications 11 SP4", }, { category: "default_component_of", full_product_name: { name: "kernel-pae-3.0.101-108.71.1.i586 as component of SUSE Linux Enterprise Server for SAP Applications 11 SP4", product_id: "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-pae-3.0.101-108.71.1.i586", }, product_reference: "kernel-pae-3.0.101-108.71.1.i586", relates_to_product_reference: "SUSE Linux Enterprise Server for SAP Applications 11 SP4", }, { category: "default_component_of", full_product_name: { name: "kernel-pae-base-3.0.101-108.71.1.i586 as component of SUSE Linux Enterprise Server for SAP Applications 11 SP4", product_id: "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-pae-base-3.0.101-108.71.1.i586", }, product_reference: "kernel-pae-base-3.0.101-108.71.1.i586", relates_to_product_reference: "SUSE Linux Enterprise Server for SAP Applications 11 SP4", }, { category: "default_component_of", full_product_name: { name: "kernel-pae-devel-3.0.101-108.71.1.i586 as component of SUSE Linux Enterprise Server for SAP Applications 11 SP4", product_id: "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-pae-devel-3.0.101-108.71.1.i586", }, product_reference: "kernel-pae-devel-3.0.101-108.71.1.i586", relates_to_product_reference: "SUSE Linux Enterprise Server for SAP Applications 11 SP4", }, { category: "default_component_of", full_product_name: { name: "kernel-ppc64-3.0.101-108.71.1.ppc64 as component of SUSE Linux Enterprise Server for SAP Applications 11 SP4", product_id: "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-ppc64-3.0.101-108.71.1.ppc64", }, product_reference: "kernel-ppc64-3.0.101-108.71.1.ppc64", relates_to_product_reference: "SUSE Linux Enterprise Server for SAP Applications 11 SP4", }, { category: "default_component_of", full_product_name: { name: "kernel-ppc64-base-3.0.101-108.71.1.ppc64 as component of SUSE Linux Enterprise Server for SAP Applications 11 SP4", product_id: "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-ppc64-base-3.0.101-108.71.1.ppc64", }, product_reference: "kernel-ppc64-base-3.0.101-108.71.1.ppc64", relates_to_product_reference: "SUSE Linux Enterprise Server for SAP Applications 11 SP4", }, { category: "default_component_of", full_product_name: { name: "kernel-ppc64-devel-3.0.101-108.71.1.ppc64 as component of SUSE Linux Enterprise Server for SAP Applications 11 SP4", product_id: "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-ppc64-devel-3.0.101-108.71.1.ppc64", }, product_reference: "kernel-ppc64-devel-3.0.101-108.71.1.ppc64", relates_to_product_reference: "SUSE Linux Enterprise Server for SAP Applications 11 SP4", }, { category: "default_component_of", full_product_name: { name: "kernel-source-3.0.101-108.71.1.i586 as component of SUSE Linux Enterprise Server for SAP Applications 11 SP4", product_id: "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-source-3.0.101-108.71.1.i586", }, product_reference: "kernel-source-3.0.101-108.71.1.i586", relates_to_product_reference: "SUSE Linux Enterprise Server for SAP Applications 11 SP4", }, { category: "default_component_of", full_product_name: { name: "kernel-source-3.0.101-108.71.1.ia64 as component of SUSE Linux Enterprise Server for SAP Applications 11 SP4", product_id: "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-source-3.0.101-108.71.1.ia64", }, product_reference: "kernel-source-3.0.101-108.71.1.ia64", relates_to_product_reference: "SUSE Linux Enterprise Server for SAP Applications 11 SP4", }, { category: "default_component_of", full_product_name: { name: "kernel-source-3.0.101-108.71.1.ppc64 as component of SUSE Linux Enterprise Server for SAP Applications 11 SP4", product_id: "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-source-3.0.101-108.71.1.ppc64", }, product_reference: "kernel-source-3.0.101-108.71.1.ppc64", relates_to_product_reference: "SUSE Linux Enterprise Server for SAP Applications 11 SP4", }, { category: "default_component_of", full_product_name: { name: "kernel-source-3.0.101-108.71.1.s390x as component of SUSE Linux Enterprise Server for SAP Applications 11 SP4", product_id: "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-source-3.0.101-108.71.1.s390x", }, product_reference: "kernel-source-3.0.101-108.71.1.s390x", relates_to_product_reference: "SUSE Linux Enterprise Server for SAP Applications 11 SP4", }, { category: "default_component_of", full_product_name: { name: "kernel-source-3.0.101-108.71.1.x86_64 as component of SUSE Linux Enterprise Server for SAP Applications 11 SP4", product_id: "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-source-3.0.101-108.71.1.x86_64", }, product_reference: "kernel-source-3.0.101-108.71.1.x86_64", relates_to_product_reference: "SUSE Linux Enterprise Server for SAP Applications 11 SP4", }, { category: "default_component_of", full_product_name: { name: "kernel-syms-3.0.101-108.71.1.i586 as component of SUSE Linux Enterprise Server for SAP Applications 11 SP4", product_id: "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-syms-3.0.101-108.71.1.i586", }, product_reference: "kernel-syms-3.0.101-108.71.1.i586", relates_to_product_reference: "SUSE Linux Enterprise Server for SAP Applications 11 SP4", }, { category: "default_component_of", full_product_name: { name: "kernel-syms-3.0.101-108.71.1.ia64 as component of SUSE Linux Enterprise Server for SAP Applications 11 SP4", product_id: "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-syms-3.0.101-108.71.1.ia64", }, product_reference: "kernel-syms-3.0.101-108.71.1.ia64", relates_to_product_reference: "SUSE Linux Enterprise Server for SAP Applications 11 SP4", }, { category: "default_component_of", full_product_name: { name: "kernel-syms-3.0.101-108.71.1.ppc64 as component of SUSE Linux Enterprise Server for SAP Applications 11 SP4", product_id: "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-syms-3.0.101-108.71.1.ppc64", }, product_reference: "kernel-syms-3.0.101-108.71.1.ppc64", relates_to_product_reference: "SUSE Linux Enterprise Server for SAP Applications 11 SP4", }, { category: "default_component_of", full_product_name: { name: "kernel-syms-3.0.101-108.71.1.s390x as component of SUSE Linux Enterprise Server for SAP Applications 11 SP4", product_id: "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-syms-3.0.101-108.71.1.s390x", }, product_reference: "kernel-syms-3.0.101-108.71.1.s390x", relates_to_product_reference: "SUSE Linux Enterprise Server for SAP Applications 11 SP4", }, { category: "default_component_of", full_product_name: { name: "kernel-syms-3.0.101-108.71.1.x86_64 as component of SUSE Linux Enterprise Server for SAP Applications 11 SP4", product_id: "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-syms-3.0.101-108.71.1.x86_64", }, product_reference: "kernel-syms-3.0.101-108.71.1.x86_64", relates_to_product_reference: "SUSE Linux Enterprise Server for SAP Applications 11 SP4", }, { category: "default_component_of", full_product_name: { name: "kernel-trace-3.0.101-108.71.1.i586 as component of SUSE Linux Enterprise Server for SAP Applications 11 SP4", product_id: "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-trace-3.0.101-108.71.1.i586", }, product_reference: "kernel-trace-3.0.101-108.71.1.i586", relates_to_product_reference: "SUSE Linux Enterprise Server for SAP Applications 11 SP4", }, { category: "default_component_of", full_product_name: { name: "kernel-trace-3.0.101-108.71.1.ia64 as component of SUSE Linux Enterprise Server for SAP Applications 11 SP4", product_id: "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-trace-3.0.101-108.71.1.ia64", }, product_reference: "kernel-trace-3.0.101-108.71.1.ia64", relates_to_product_reference: "SUSE Linux Enterprise Server for SAP Applications 11 SP4", }, { category: "default_component_of", full_product_name: { name: "kernel-trace-3.0.101-108.71.1.ppc64 as component of SUSE Linux Enterprise Server for SAP Applications 11 SP4", product_id: "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-trace-3.0.101-108.71.1.ppc64", }, product_reference: "kernel-trace-3.0.101-108.71.1.ppc64", relates_to_product_reference: "SUSE Linux Enterprise Server for SAP Applications 11 SP4", }, { category: "default_component_of", full_product_name: { name: "kernel-trace-3.0.101-108.71.1.s390x as component of SUSE Linux Enterprise Server for SAP Applications 11 SP4", product_id: "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-trace-3.0.101-108.71.1.s390x", }, product_reference: "kernel-trace-3.0.101-108.71.1.s390x", relates_to_product_reference: "SUSE Linux Enterprise Server for SAP Applications 11 SP4", }, { category: "default_component_of", full_product_name: { name: "kernel-trace-3.0.101-108.71.1.x86_64 as component of SUSE Linux Enterprise Server for SAP Applications 11 SP4", product_id: "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-trace-3.0.101-108.71.1.x86_64", }, product_reference: "kernel-trace-3.0.101-108.71.1.x86_64", relates_to_product_reference: "SUSE Linux Enterprise Server for SAP Applications 11 SP4", }, { category: "default_component_of", full_product_name: { name: "kernel-trace-base-3.0.101-108.71.1.i586 as component of SUSE Linux Enterprise Server for SAP Applications 11 SP4", product_id: "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-trace-base-3.0.101-108.71.1.i586", }, product_reference: "kernel-trace-base-3.0.101-108.71.1.i586", relates_to_product_reference: "SUSE Linux Enterprise Server for SAP Applications 11 SP4", }, { category: "default_component_of", full_product_name: { name: "kernel-trace-base-3.0.101-108.71.1.ia64 as component of SUSE Linux Enterprise Server for SAP Applications 11 SP4", product_id: "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-trace-base-3.0.101-108.71.1.ia64", }, product_reference: "kernel-trace-base-3.0.101-108.71.1.ia64", relates_to_product_reference: "SUSE Linux Enterprise Server for SAP Applications 11 SP4", }, { category: "default_component_of", full_product_name: { name: "kernel-trace-base-3.0.101-108.71.1.ppc64 as component of SUSE Linux Enterprise Server for SAP Applications 11 SP4", product_id: "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-trace-base-3.0.101-108.71.1.ppc64", }, product_reference: "kernel-trace-base-3.0.101-108.71.1.ppc64", relates_to_product_reference: "SUSE Linux Enterprise Server for SAP Applications 11 SP4", }, { category: "default_component_of", full_product_name: { name: "kernel-trace-base-3.0.101-108.71.1.s390x as component of SUSE Linux Enterprise Server for SAP Applications 11 SP4", product_id: "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-trace-base-3.0.101-108.71.1.s390x", }, product_reference: "kernel-trace-base-3.0.101-108.71.1.s390x", relates_to_product_reference: "SUSE Linux Enterprise Server for SAP Applications 11 SP4", }, { category: "default_component_of", full_product_name: { name: "kernel-trace-base-3.0.101-108.71.1.x86_64 as component of SUSE Linux Enterprise Server for SAP Applications 11 SP4", product_id: "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-trace-base-3.0.101-108.71.1.x86_64", }, product_reference: "kernel-trace-base-3.0.101-108.71.1.x86_64", relates_to_product_reference: "SUSE Linux Enterprise Server for SAP Applications 11 SP4", }, { category: "default_component_of", full_product_name: { name: "kernel-trace-devel-3.0.101-108.71.1.i586 as component of SUSE Linux Enterprise Server for SAP Applications 11 SP4", product_id: "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-trace-devel-3.0.101-108.71.1.i586", }, product_reference: "kernel-trace-devel-3.0.101-108.71.1.i586", relates_to_product_reference: "SUSE Linux Enterprise Server for SAP Applications 11 SP4", }, { category: "default_component_of", full_product_name: { name: "kernel-trace-devel-3.0.101-108.71.1.ia64 as component of SUSE Linux Enterprise Server for SAP Applications 11 SP4", product_id: "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-trace-devel-3.0.101-108.71.1.ia64", }, product_reference: "kernel-trace-devel-3.0.101-108.71.1.ia64", relates_to_product_reference: "SUSE Linux Enterprise Server for SAP Applications 11 SP4", }, { category: "default_component_of", full_product_name: { name: "kernel-trace-devel-3.0.101-108.71.1.ppc64 as component of SUSE Linux Enterprise Server for SAP Applications 11 SP4", product_id: "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-trace-devel-3.0.101-108.71.1.ppc64", }, product_reference: "kernel-trace-devel-3.0.101-108.71.1.ppc64", relates_to_product_reference: "SUSE Linux Enterprise Server for SAP Applications 11 SP4", }, { category: "default_component_of", full_product_name: { name: "kernel-trace-devel-3.0.101-108.71.1.s390x as component of SUSE Linux Enterprise Server for SAP Applications 11 SP4", product_id: "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-trace-devel-3.0.101-108.71.1.s390x", }, product_reference: "kernel-trace-devel-3.0.101-108.71.1.s390x", relates_to_product_reference: "SUSE Linux Enterprise Server for SAP Applications 11 SP4", }, { category: "default_component_of", full_product_name: { name: "kernel-trace-devel-3.0.101-108.71.1.x86_64 as component of SUSE Linux Enterprise Server for SAP Applications 11 SP4", product_id: "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-trace-devel-3.0.101-108.71.1.x86_64", }, product_reference: "kernel-trace-devel-3.0.101-108.71.1.x86_64", relates_to_product_reference: "SUSE Linux Enterprise Server for SAP Applications 11 SP4", }, { category: "default_component_of", full_product_name: { name: "kernel-xen-3.0.101-108.71.1.i586 as component of SUSE Linux Enterprise Server for SAP Applications 11 SP4", product_id: "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-xen-3.0.101-108.71.1.i586", }, product_reference: "kernel-xen-3.0.101-108.71.1.i586", relates_to_product_reference: "SUSE Linux Enterprise Server for SAP Applications 11 SP4", }, { category: "default_component_of", full_product_name: { name: "kernel-xen-3.0.101-108.71.1.x86_64 as component of SUSE Linux Enterprise Server for SAP Applications 11 SP4", product_id: "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-xen-3.0.101-108.71.1.x86_64", }, product_reference: "kernel-xen-3.0.101-108.71.1.x86_64", relates_to_product_reference: "SUSE Linux Enterprise Server for SAP Applications 11 SP4", }, { category: "default_component_of", full_product_name: { name: "kernel-xen-base-3.0.101-108.71.1.i586 as component of SUSE Linux Enterprise Server for SAP Applications 11 SP4", product_id: "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-xen-base-3.0.101-108.71.1.i586", }, product_reference: "kernel-xen-base-3.0.101-108.71.1.i586", relates_to_product_reference: "SUSE Linux Enterprise Server for SAP Applications 11 SP4", }, { category: "default_component_of", full_product_name: { name: "kernel-xen-base-3.0.101-108.71.1.x86_64 as component of SUSE Linux Enterprise Server for SAP Applications 11 SP4", product_id: "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-xen-base-3.0.101-108.71.1.x86_64", }, product_reference: "kernel-xen-base-3.0.101-108.71.1.x86_64", relates_to_product_reference: "SUSE Linux Enterprise Server for SAP Applications 11 SP4", }, { category: "default_component_of", full_product_name: { name: "kernel-xen-devel-3.0.101-108.71.1.i586 as component of SUSE Linux Enterprise Server for SAP Applications 11 SP4", product_id: "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-xen-devel-3.0.101-108.71.1.i586", }, product_reference: "kernel-xen-devel-3.0.101-108.71.1.i586", relates_to_product_reference: "SUSE Linux Enterprise Server for SAP Applications 11 SP4", }, { category: "default_component_of", full_product_name: { name: "kernel-xen-devel-3.0.101-108.71.1.x86_64 as component of SUSE Linux Enterprise Server for SAP Applications 11 SP4", product_id: "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-xen-devel-3.0.101-108.71.1.x86_64", }, product_reference: "kernel-xen-devel-3.0.101-108.71.1.x86_64", relates_to_product_reference: "SUSE Linux Enterprise Server for SAP Applications 11 SP4", }, ], }, vulnerabilities: [ { cve: "CVE-2018-10902", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2018-10902", }, ], notes: [ { category: "general", text: "It was found that the raw midi kernel driver does not protect against concurrent access which leads to a double realloc (double free) in snd_rawmidi_input_params() and snd_rawmidi_output_status() which are part of snd_rawmidi_ioctl() handler in rawmidi.c file. A malicious local attacker could possibly use this for privilege escalation.", title: "CVE description", }, ], product_status: { recommended: [ "SUSE Linux Enterprise Server 11 SP4:kernel-bigmem-3.0.101-108.71.1.ppc64", "SUSE Linux Enterprise Server 11 SP4:kernel-bigmem-base-3.0.101-108.71.1.ppc64", "SUSE Linux Enterprise Server 11 SP4:kernel-bigmem-devel-3.0.101-108.71.1.ppc64", "SUSE Linux Enterprise Server 11 SP4:kernel-default-3.0.101-108.71.1.i586", "SUSE Linux Enterprise Server 11 SP4:kernel-default-3.0.101-108.71.1.ia64", "SUSE Linux Enterprise Server 11 SP4:kernel-default-3.0.101-108.71.1.ppc64", "SUSE Linux Enterprise Server 11 SP4:kernel-default-3.0.101-108.71.1.s390x", "SUSE Linux Enterprise Server 11 SP4:kernel-default-3.0.101-108.71.1.x86_64", "SUSE Linux Enterprise Server 11 SP4:kernel-default-base-3.0.101-108.71.1.i586", "SUSE Linux Enterprise Server 11 SP4:kernel-default-base-3.0.101-108.71.1.ia64", "SUSE Linux Enterprise Server 11 SP4:kernel-default-base-3.0.101-108.71.1.ppc64", "SUSE Linux Enterprise Server 11 SP4:kernel-default-base-3.0.101-108.71.1.s390x", "SUSE Linux Enterprise Server 11 SP4:kernel-default-base-3.0.101-108.71.1.x86_64", "SUSE Linux Enterprise Server 11 SP4:kernel-default-devel-3.0.101-108.71.1.i586", "SUSE Linux Enterprise Server 11 SP4:kernel-default-devel-3.0.101-108.71.1.ia64", "SUSE Linux Enterprise Server 11 SP4:kernel-default-devel-3.0.101-108.71.1.ppc64", "SUSE Linux Enterprise Server 11 SP4:kernel-default-devel-3.0.101-108.71.1.s390x", "SUSE Linux Enterprise Server 11 SP4:kernel-default-devel-3.0.101-108.71.1.x86_64", "SUSE Linux Enterprise Server 11 SP4:kernel-default-man-3.0.101-108.71.1.s390x", "SUSE Linux Enterprise Server 11 SP4:kernel-ec2-3.0.101-108.71.1.i586", "SUSE Linux Enterprise Server 11 SP4:kernel-ec2-3.0.101-108.71.1.x86_64", "SUSE Linux Enterprise Server 11 SP4:kernel-ec2-base-3.0.101-108.71.1.i586", "SUSE Linux Enterprise Server 11 SP4:kernel-ec2-base-3.0.101-108.71.1.x86_64", "SUSE Linux Enterprise Server 11 SP4:kernel-ec2-devel-3.0.101-108.71.1.i586", "SUSE Linux Enterprise Server 11 SP4:kernel-ec2-devel-3.0.101-108.71.1.x86_64", "SUSE Linux Enterprise Server 11 SP4:kernel-pae-3.0.101-108.71.1.i586", "SUSE Linux Enterprise Server 11 SP4:kernel-pae-base-3.0.101-108.71.1.i586", "SUSE Linux Enterprise Server 11 SP4:kernel-pae-devel-3.0.101-108.71.1.i586", "SUSE Linux Enterprise Server 11 SP4:kernel-ppc64-3.0.101-108.71.1.ppc64", "SUSE Linux Enterprise Server 11 SP4:kernel-ppc64-base-3.0.101-108.71.1.ppc64", "SUSE Linux Enterprise Server 11 SP4:kernel-ppc64-devel-3.0.101-108.71.1.ppc64", "SUSE Linux Enterprise Server 11 SP4:kernel-source-3.0.101-108.71.1.i586", "SUSE Linux Enterprise Server 11 SP4:kernel-source-3.0.101-108.71.1.ia64", "SUSE Linux Enterprise Server 11 SP4:kernel-source-3.0.101-108.71.1.ppc64", "SUSE Linux Enterprise Server 11 SP4:kernel-source-3.0.101-108.71.1.s390x", "SUSE Linux Enterprise Server 11 SP4:kernel-source-3.0.101-108.71.1.x86_64", "SUSE Linux Enterprise Server 11 SP4:kernel-syms-3.0.101-108.71.1.i586", "SUSE Linux Enterprise Server 11 SP4:kernel-syms-3.0.101-108.71.1.ia64", "SUSE Linux Enterprise Server 11 SP4:kernel-syms-3.0.101-108.71.1.ppc64", "SUSE Linux Enterprise Server 11 SP4:kernel-syms-3.0.101-108.71.1.s390x", "SUSE Linux Enterprise Server 11 SP4:kernel-syms-3.0.101-108.71.1.x86_64", "SUSE Linux Enterprise Server 11 SP4:kernel-trace-3.0.101-108.71.1.i586", "SUSE Linux Enterprise Server 11 SP4:kernel-trace-3.0.101-108.71.1.ia64", "SUSE Linux Enterprise Server 11 SP4:kernel-trace-3.0.101-108.71.1.ppc64", "SUSE Linux Enterprise Server 11 SP4:kernel-trace-3.0.101-108.71.1.s390x", "SUSE Linux Enterprise Server 11 SP4:kernel-trace-3.0.101-108.71.1.x86_64", "SUSE Linux Enterprise Server 11 SP4:kernel-trace-base-3.0.101-108.71.1.i586", "SUSE Linux Enterprise Server 11 SP4:kernel-trace-base-3.0.101-108.71.1.ia64", "SUSE Linux Enterprise Server 11 SP4:kernel-trace-base-3.0.101-108.71.1.ppc64", "SUSE Linux Enterprise Server 11 SP4:kernel-trace-base-3.0.101-108.71.1.s390x", "SUSE Linux Enterprise Server 11 SP4:kernel-trace-base-3.0.101-108.71.1.x86_64", "SUSE Linux Enterprise Server 11 SP4:kernel-trace-devel-3.0.101-108.71.1.i586", "SUSE Linux Enterprise Server 11 SP4:kernel-trace-devel-3.0.101-108.71.1.ia64", "SUSE Linux Enterprise Server 11 SP4:kernel-trace-devel-3.0.101-108.71.1.ppc64", "SUSE Linux Enterprise Server 11 SP4:kernel-trace-devel-3.0.101-108.71.1.s390x", "SUSE Linux Enterprise Server 11 SP4:kernel-trace-devel-3.0.101-108.71.1.x86_64", "SUSE Linux Enterprise Server 11 SP4:kernel-xen-3.0.101-108.71.1.i586", "SUSE Linux Enterprise Server 11 SP4:kernel-xen-3.0.101-108.71.1.x86_64", "SUSE Linux Enterprise Server 11 SP4:kernel-xen-base-3.0.101-108.71.1.i586", "SUSE Linux Enterprise Server 11 SP4:kernel-xen-base-3.0.101-108.71.1.x86_64", "SUSE Linux Enterprise Server 11 SP4:kernel-xen-devel-3.0.101-108.71.1.i586", "SUSE Linux Enterprise Server 11 SP4:kernel-xen-devel-3.0.101-108.71.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-bigmem-3.0.101-108.71.1.ppc64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-bigmem-base-3.0.101-108.71.1.ppc64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-bigmem-devel-3.0.101-108.71.1.ppc64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-default-3.0.101-108.71.1.i586", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-default-3.0.101-108.71.1.ia64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-default-3.0.101-108.71.1.ppc64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-default-3.0.101-108.71.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-default-3.0.101-108.71.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-default-base-3.0.101-108.71.1.i586", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-default-base-3.0.101-108.71.1.ia64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-default-base-3.0.101-108.71.1.ppc64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-default-base-3.0.101-108.71.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-default-base-3.0.101-108.71.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-default-devel-3.0.101-108.71.1.i586", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-default-devel-3.0.101-108.71.1.ia64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-default-devel-3.0.101-108.71.1.ppc64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-default-devel-3.0.101-108.71.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-default-devel-3.0.101-108.71.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-default-man-3.0.101-108.71.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-ec2-3.0.101-108.71.1.i586", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-ec2-3.0.101-108.71.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-ec2-base-3.0.101-108.71.1.i586", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-ec2-base-3.0.101-108.71.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-ec2-devel-3.0.101-108.71.1.i586", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-ec2-devel-3.0.101-108.71.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-pae-3.0.101-108.71.1.i586", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-pae-base-3.0.101-108.71.1.i586", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-pae-devel-3.0.101-108.71.1.i586", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-ppc64-3.0.101-108.71.1.ppc64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-ppc64-base-3.0.101-108.71.1.ppc64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-ppc64-devel-3.0.101-108.71.1.ppc64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-source-3.0.101-108.71.1.i586", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-source-3.0.101-108.71.1.ia64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-source-3.0.101-108.71.1.ppc64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-source-3.0.101-108.71.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-source-3.0.101-108.71.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-syms-3.0.101-108.71.1.i586", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-syms-3.0.101-108.71.1.ia64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-syms-3.0.101-108.71.1.ppc64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-syms-3.0.101-108.71.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-syms-3.0.101-108.71.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-trace-3.0.101-108.71.1.i586", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-trace-3.0.101-108.71.1.ia64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-trace-3.0.101-108.71.1.ppc64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-trace-3.0.101-108.71.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-trace-3.0.101-108.71.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-trace-base-3.0.101-108.71.1.i586", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-trace-base-3.0.101-108.71.1.ia64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-trace-base-3.0.101-108.71.1.ppc64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-trace-base-3.0.101-108.71.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-trace-base-3.0.101-108.71.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-trace-devel-3.0.101-108.71.1.i586", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-trace-devel-3.0.101-108.71.1.ia64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-trace-devel-3.0.101-108.71.1.ppc64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-trace-devel-3.0.101-108.71.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-trace-devel-3.0.101-108.71.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-xen-3.0.101-108.71.1.i586", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-xen-3.0.101-108.71.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-xen-base-3.0.101-108.71.1.i586", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-xen-base-3.0.101-108.71.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-xen-devel-3.0.101-108.71.1.i586", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-xen-devel-3.0.101-108.71.1.x86_64", "SUSE Linux Enterprise Software Development Kit 11 SP4:kernel-docs-3.0.101-108.71.1.noarch", ], }, references: [ { category: "external", summary: "CVE-2018-10902", url: "https://www.suse.com/security/cve/CVE-2018-10902", }, { category: "external", summary: "SUSE Bug 1105322 for CVE-2018-10902", url: "https://bugzilla.suse.com/1105322", }, { category: "external", summary: "SUSE Bug 1105323 for CVE-2018-10902", url: "https://bugzilla.suse.com/1105323", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE Linux Enterprise Server 11 SP4:kernel-bigmem-3.0.101-108.71.1.ppc64", "SUSE Linux Enterprise Server 11 SP4:kernel-bigmem-base-3.0.101-108.71.1.ppc64", "SUSE Linux Enterprise Server 11 SP4:kernel-bigmem-devel-3.0.101-108.71.1.ppc64", "SUSE Linux Enterprise Server 11 SP4:kernel-default-3.0.101-108.71.1.i586", "SUSE Linux Enterprise Server 11 SP4:kernel-default-3.0.101-108.71.1.ia64", "SUSE Linux Enterprise Server 11 SP4:kernel-default-3.0.101-108.71.1.ppc64", "SUSE Linux Enterprise Server 11 SP4:kernel-default-3.0.101-108.71.1.s390x", "SUSE Linux Enterprise Server 11 SP4:kernel-default-3.0.101-108.71.1.x86_64", "SUSE Linux Enterprise Server 11 SP4:kernel-default-base-3.0.101-108.71.1.i586", "SUSE Linux Enterprise Server 11 SP4:kernel-default-base-3.0.101-108.71.1.ia64", "SUSE Linux Enterprise Server 11 SP4:kernel-default-base-3.0.101-108.71.1.ppc64", "SUSE Linux Enterprise Server 11 SP4:kernel-default-base-3.0.101-108.71.1.s390x", "SUSE Linux Enterprise Server 11 SP4:kernel-default-base-3.0.101-108.71.1.x86_64", "SUSE Linux Enterprise Server 11 SP4:kernel-default-devel-3.0.101-108.71.1.i586", "SUSE Linux Enterprise Server 11 SP4:kernel-default-devel-3.0.101-108.71.1.ia64", "SUSE Linux Enterprise Server 11 SP4:kernel-default-devel-3.0.101-108.71.1.ppc64", "SUSE Linux Enterprise Server 11 SP4:kernel-default-devel-3.0.101-108.71.1.s390x", "SUSE Linux Enterprise Server 11 SP4:kernel-default-devel-3.0.101-108.71.1.x86_64", "SUSE Linux Enterprise Server 11 SP4:kernel-default-man-3.0.101-108.71.1.s390x", "SUSE Linux Enterprise Server 11 SP4:kernel-ec2-3.0.101-108.71.1.i586", "SUSE Linux Enterprise Server 11 SP4:kernel-ec2-3.0.101-108.71.1.x86_64", "SUSE Linux Enterprise Server 11 SP4:kernel-ec2-base-3.0.101-108.71.1.i586", "SUSE Linux Enterprise Server 11 SP4:kernel-ec2-base-3.0.101-108.71.1.x86_64", "SUSE Linux Enterprise Server 11 SP4:kernel-ec2-devel-3.0.101-108.71.1.i586", "SUSE Linux Enterprise Server 11 SP4:kernel-ec2-devel-3.0.101-108.71.1.x86_64", "SUSE Linux Enterprise Server 11 SP4:kernel-pae-3.0.101-108.71.1.i586", "SUSE Linux Enterprise Server 11 SP4:kernel-pae-base-3.0.101-108.71.1.i586", "SUSE Linux Enterprise Server 11 SP4:kernel-pae-devel-3.0.101-108.71.1.i586", "SUSE Linux Enterprise Server 11 SP4:kernel-ppc64-3.0.101-108.71.1.ppc64", "SUSE Linux Enterprise Server 11 SP4:kernel-ppc64-base-3.0.101-108.71.1.ppc64", "SUSE Linux Enterprise Server 11 SP4:kernel-ppc64-devel-3.0.101-108.71.1.ppc64", "SUSE Linux Enterprise Server 11 SP4:kernel-source-3.0.101-108.71.1.i586", "SUSE Linux Enterprise Server 11 SP4:kernel-source-3.0.101-108.71.1.ia64", "SUSE Linux Enterprise Server 11 SP4:kernel-source-3.0.101-108.71.1.ppc64", "SUSE Linux Enterprise Server 11 SP4:kernel-source-3.0.101-108.71.1.s390x", "SUSE Linux Enterprise Server 11 SP4:kernel-source-3.0.101-108.71.1.x86_64", "SUSE Linux Enterprise Server 11 SP4:kernel-syms-3.0.101-108.71.1.i586", "SUSE Linux Enterprise Server 11 SP4:kernel-syms-3.0.101-108.71.1.ia64", "SUSE Linux Enterprise Server 11 SP4:kernel-syms-3.0.101-108.71.1.ppc64", "SUSE Linux Enterprise Server 11 SP4:kernel-syms-3.0.101-108.71.1.s390x", "SUSE Linux Enterprise Server 11 SP4:kernel-syms-3.0.101-108.71.1.x86_64", "SUSE Linux Enterprise Server 11 SP4:kernel-trace-3.0.101-108.71.1.i586", "SUSE Linux Enterprise Server 11 SP4:kernel-trace-3.0.101-108.71.1.ia64", "SUSE Linux Enterprise Server 11 SP4:kernel-trace-3.0.101-108.71.1.ppc64", "SUSE Linux Enterprise Server 11 SP4:kernel-trace-3.0.101-108.71.1.s390x", "SUSE Linux Enterprise Server 11 SP4:kernel-trace-3.0.101-108.71.1.x86_64", "SUSE Linux Enterprise Server 11 SP4:kernel-trace-base-3.0.101-108.71.1.i586", "SUSE Linux Enterprise Server 11 SP4:kernel-trace-base-3.0.101-108.71.1.ia64", "SUSE Linux Enterprise Server 11 SP4:kernel-trace-base-3.0.101-108.71.1.ppc64", "SUSE Linux Enterprise Server 11 SP4:kernel-trace-base-3.0.101-108.71.1.s390x", "SUSE Linux Enterprise Server 11 SP4:kernel-trace-base-3.0.101-108.71.1.x86_64", "SUSE Linux Enterprise Server 11 SP4:kernel-trace-devel-3.0.101-108.71.1.i586", "SUSE Linux Enterprise Server 11 SP4:kernel-trace-devel-3.0.101-108.71.1.ia64", "SUSE Linux Enterprise Server 11 SP4:kernel-trace-devel-3.0.101-108.71.1.ppc64", "SUSE Linux Enterprise Server 11 SP4:kernel-trace-devel-3.0.101-108.71.1.s390x", "SUSE Linux Enterprise Server 11 SP4:kernel-trace-devel-3.0.101-108.71.1.x86_64", "SUSE Linux Enterprise Server 11 SP4:kernel-xen-3.0.101-108.71.1.i586", "SUSE Linux Enterprise Server 11 SP4:kernel-xen-3.0.101-108.71.1.x86_64", "SUSE Linux Enterprise Server 11 SP4:kernel-xen-base-3.0.101-108.71.1.i586", "SUSE Linux Enterprise Server 11 SP4:kernel-xen-base-3.0.101-108.71.1.x86_64", "SUSE Linux Enterprise Server 11 SP4:kernel-xen-devel-3.0.101-108.71.1.i586", "SUSE Linux Enterprise Server 11 SP4:kernel-xen-devel-3.0.101-108.71.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-bigmem-3.0.101-108.71.1.ppc64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-bigmem-base-3.0.101-108.71.1.ppc64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-bigmem-devel-3.0.101-108.71.1.ppc64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-default-3.0.101-108.71.1.i586", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-default-3.0.101-108.71.1.ia64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-default-3.0.101-108.71.1.ppc64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-default-3.0.101-108.71.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-default-3.0.101-108.71.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-default-base-3.0.101-108.71.1.i586", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-default-base-3.0.101-108.71.1.ia64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-default-base-3.0.101-108.71.1.ppc64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-default-base-3.0.101-108.71.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-default-base-3.0.101-108.71.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-default-devel-3.0.101-108.71.1.i586", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-default-devel-3.0.101-108.71.1.ia64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-default-devel-3.0.101-108.71.1.ppc64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-default-devel-3.0.101-108.71.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-default-devel-3.0.101-108.71.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-default-man-3.0.101-108.71.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-ec2-3.0.101-108.71.1.i586", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-ec2-3.0.101-108.71.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-ec2-base-3.0.101-108.71.1.i586", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-ec2-base-3.0.101-108.71.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-ec2-devel-3.0.101-108.71.1.i586", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-ec2-devel-3.0.101-108.71.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-pae-3.0.101-108.71.1.i586", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-pae-base-3.0.101-108.71.1.i586", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-pae-devel-3.0.101-108.71.1.i586", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-ppc64-3.0.101-108.71.1.ppc64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-ppc64-base-3.0.101-108.71.1.ppc64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-ppc64-devel-3.0.101-108.71.1.ppc64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-source-3.0.101-108.71.1.i586", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-source-3.0.101-108.71.1.ia64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-source-3.0.101-108.71.1.ppc64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-source-3.0.101-108.71.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-source-3.0.101-108.71.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-syms-3.0.101-108.71.1.i586", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-syms-3.0.101-108.71.1.ia64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-syms-3.0.101-108.71.1.ppc64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-syms-3.0.101-108.71.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-syms-3.0.101-108.71.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-trace-3.0.101-108.71.1.i586", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-trace-3.0.101-108.71.1.ia64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-trace-3.0.101-108.71.1.ppc64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-trace-3.0.101-108.71.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-trace-3.0.101-108.71.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-trace-base-3.0.101-108.71.1.i586", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-trace-base-3.0.101-108.71.1.ia64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-trace-base-3.0.101-108.71.1.ppc64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-trace-base-3.0.101-108.71.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-trace-base-3.0.101-108.71.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-trace-devel-3.0.101-108.71.1.i586", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-trace-devel-3.0.101-108.71.1.ia64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-trace-devel-3.0.101-108.71.1.ppc64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-trace-devel-3.0.101-108.71.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-trace-devel-3.0.101-108.71.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-xen-3.0.101-108.71.1.i586", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-xen-3.0.101-108.71.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-xen-base-3.0.101-108.71.1.i586", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-xen-base-3.0.101-108.71.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-xen-devel-3.0.101-108.71.1.i586", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-xen-devel-3.0.101-108.71.1.x86_64", "SUSE Linux Enterprise Software Development Kit 11 SP4:kernel-docs-3.0.101-108.71.1.noarch", ], }, ], scores: [ { cvss_v3: { baseScore: 7, baseSeverity: "HIGH", vectorString: "CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H", version: "3.0", }, products: [ "SUSE Linux Enterprise Server 11 SP4:kernel-bigmem-3.0.101-108.71.1.ppc64", "SUSE Linux Enterprise Server 11 SP4:kernel-bigmem-base-3.0.101-108.71.1.ppc64", "SUSE Linux Enterprise Server 11 SP4:kernel-bigmem-devel-3.0.101-108.71.1.ppc64", "SUSE Linux Enterprise Server 11 SP4:kernel-default-3.0.101-108.71.1.i586", "SUSE Linux Enterprise Server 11 SP4:kernel-default-3.0.101-108.71.1.ia64", "SUSE Linux Enterprise Server 11 SP4:kernel-default-3.0.101-108.71.1.ppc64", "SUSE Linux Enterprise Server 11 SP4:kernel-default-3.0.101-108.71.1.s390x", "SUSE Linux Enterprise Server 11 SP4:kernel-default-3.0.101-108.71.1.x86_64", "SUSE Linux Enterprise Server 11 SP4:kernel-default-base-3.0.101-108.71.1.i586", "SUSE Linux Enterprise Server 11 SP4:kernel-default-base-3.0.101-108.71.1.ia64", "SUSE Linux Enterprise Server 11 SP4:kernel-default-base-3.0.101-108.71.1.ppc64", "SUSE Linux Enterprise Server 11 SP4:kernel-default-base-3.0.101-108.71.1.s390x", "SUSE Linux Enterprise Server 11 SP4:kernel-default-base-3.0.101-108.71.1.x86_64", "SUSE Linux Enterprise Server 11 SP4:kernel-default-devel-3.0.101-108.71.1.i586", "SUSE Linux Enterprise Server 11 SP4:kernel-default-devel-3.0.101-108.71.1.ia64", "SUSE Linux Enterprise Server 11 SP4:kernel-default-devel-3.0.101-108.71.1.ppc64", "SUSE Linux Enterprise Server 11 SP4:kernel-default-devel-3.0.101-108.71.1.s390x", "SUSE Linux Enterprise Server 11 SP4:kernel-default-devel-3.0.101-108.71.1.x86_64", "SUSE Linux Enterprise Server 11 SP4:kernel-default-man-3.0.101-108.71.1.s390x", "SUSE Linux Enterprise Server 11 SP4:kernel-ec2-3.0.101-108.71.1.i586", "SUSE Linux Enterprise Server 11 SP4:kernel-ec2-3.0.101-108.71.1.x86_64", "SUSE Linux Enterprise Server 11 SP4:kernel-ec2-base-3.0.101-108.71.1.i586", "SUSE Linux Enterprise Server 11 SP4:kernel-ec2-base-3.0.101-108.71.1.x86_64", "SUSE Linux Enterprise Server 11 SP4:kernel-ec2-devel-3.0.101-108.71.1.i586", "SUSE Linux Enterprise Server 11 SP4:kernel-ec2-devel-3.0.101-108.71.1.x86_64", "SUSE Linux Enterprise Server 11 SP4:kernel-pae-3.0.101-108.71.1.i586", "SUSE Linux Enterprise Server 11 SP4:kernel-pae-base-3.0.101-108.71.1.i586", "SUSE Linux Enterprise Server 11 SP4:kernel-pae-devel-3.0.101-108.71.1.i586", "SUSE Linux Enterprise Server 11 SP4:kernel-ppc64-3.0.101-108.71.1.ppc64", "SUSE Linux Enterprise Server 11 SP4:kernel-ppc64-base-3.0.101-108.71.1.ppc64", "SUSE Linux Enterprise Server 11 SP4:kernel-ppc64-devel-3.0.101-108.71.1.ppc64", "SUSE Linux Enterprise Server 11 SP4:kernel-source-3.0.101-108.71.1.i586", "SUSE Linux Enterprise Server 11 SP4:kernel-source-3.0.101-108.71.1.ia64", "SUSE Linux Enterprise Server 11 SP4:kernel-source-3.0.101-108.71.1.ppc64", "SUSE Linux Enterprise Server 11 SP4:kernel-source-3.0.101-108.71.1.s390x", "SUSE Linux Enterprise Server 11 SP4:kernel-source-3.0.101-108.71.1.x86_64", "SUSE Linux Enterprise Server 11 SP4:kernel-syms-3.0.101-108.71.1.i586", "SUSE Linux Enterprise Server 11 SP4:kernel-syms-3.0.101-108.71.1.ia64", "SUSE Linux Enterprise Server 11 SP4:kernel-syms-3.0.101-108.71.1.ppc64", "SUSE Linux Enterprise Server 11 SP4:kernel-syms-3.0.101-108.71.1.s390x", "SUSE Linux Enterprise Server 11 SP4:kernel-syms-3.0.101-108.71.1.x86_64", "SUSE Linux Enterprise Server 11 SP4:kernel-trace-3.0.101-108.71.1.i586", "SUSE Linux Enterprise Server 11 SP4:kernel-trace-3.0.101-108.71.1.ia64", "SUSE Linux Enterprise Server 11 SP4:kernel-trace-3.0.101-108.71.1.ppc64", "SUSE Linux Enterprise Server 11 SP4:kernel-trace-3.0.101-108.71.1.s390x", "SUSE Linux Enterprise Server 11 SP4:kernel-trace-3.0.101-108.71.1.x86_64", "SUSE Linux Enterprise Server 11 SP4:kernel-trace-base-3.0.101-108.71.1.i586", "SUSE Linux Enterprise Server 11 SP4:kernel-trace-base-3.0.101-108.71.1.ia64", "SUSE Linux Enterprise Server 11 SP4:kernel-trace-base-3.0.101-108.71.1.ppc64", "SUSE Linux Enterprise Server 11 SP4:kernel-trace-base-3.0.101-108.71.1.s390x", "SUSE Linux Enterprise Server 11 SP4:kernel-trace-base-3.0.101-108.71.1.x86_64", "SUSE Linux Enterprise Server 11 SP4:kernel-trace-devel-3.0.101-108.71.1.i586", "SUSE Linux Enterprise Server 11 SP4:kernel-trace-devel-3.0.101-108.71.1.ia64", "SUSE Linux Enterprise Server 11 SP4:kernel-trace-devel-3.0.101-108.71.1.ppc64", "SUSE Linux Enterprise Server 11 SP4:kernel-trace-devel-3.0.101-108.71.1.s390x", "SUSE Linux Enterprise Server 11 SP4:kernel-trace-devel-3.0.101-108.71.1.x86_64", "SUSE Linux Enterprise Server 11 SP4:kernel-xen-3.0.101-108.71.1.i586", "SUSE Linux Enterprise Server 11 SP4:kernel-xen-3.0.101-108.71.1.x86_64", "SUSE Linux Enterprise Server 11 SP4:kernel-xen-base-3.0.101-108.71.1.i586", "SUSE Linux Enterprise Server 11 SP4:kernel-xen-base-3.0.101-108.71.1.x86_64", "SUSE Linux Enterprise Server 11 SP4:kernel-xen-devel-3.0.101-108.71.1.i586", "SUSE Linux Enterprise Server 11 SP4:kernel-xen-devel-3.0.101-108.71.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-bigmem-3.0.101-108.71.1.ppc64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-bigmem-base-3.0.101-108.71.1.ppc64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-bigmem-devel-3.0.101-108.71.1.ppc64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-default-3.0.101-108.71.1.i586", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-default-3.0.101-108.71.1.ia64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-default-3.0.101-108.71.1.ppc64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-default-3.0.101-108.71.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-default-3.0.101-108.71.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-default-base-3.0.101-108.71.1.i586", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-default-base-3.0.101-108.71.1.ia64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-default-base-3.0.101-108.71.1.ppc64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-default-base-3.0.101-108.71.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-default-base-3.0.101-108.71.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-default-devel-3.0.101-108.71.1.i586", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-default-devel-3.0.101-108.71.1.ia64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-default-devel-3.0.101-108.71.1.ppc64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-default-devel-3.0.101-108.71.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-default-devel-3.0.101-108.71.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-default-man-3.0.101-108.71.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-ec2-3.0.101-108.71.1.i586", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-ec2-3.0.101-108.71.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-ec2-base-3.0.101-108.71.1.i586", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-ec2-base-3.0.101-108.71.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-ec2-devel-3.0.101-108.71.1.i586", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-ec2-devel-3.0.101-108.71.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-pae-3.0.101-108.71.1.i586", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-pae-base-3.0.101-108.71.1.i586", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-pae-devel-3.0.101-108.71.1.i586", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-ppc64-3.0.101-108.71.1.ppc64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-ppc64-base-3.0.101-108.71.1.ppc64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-ppc64-devel-3.0.101-108.71.1.ppc64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-source-3.0.101-108.71.1.i586", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-source-3.0.101-108.71.1.ia64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-source-3.0.101-108.71.1.ppc64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-source-3.0.101-108.71.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-source-3.0.101-108.71.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-syms-3.0.101-108.71.1.i586", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-syms-3.0.101-108.71.1.ia64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-syms-3.0.101-108.71.1.ppc64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-syms-3.0.101-108.71.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-syms-3.0.101-108.71.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-trace-3.0.101-108.71.1.i586", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-trace-3.0.101-108.71.1.ia64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-trace-3.0.101-108.71.1.ppc64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-trace-3.0.101-108.71.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-trace-3.0.101-108.71.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-trace-base-3.0.101-108.71.1.i586", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-trace-base-3.0.101-108.71.1.ia64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-trace-base-3.0.101-108.71.1.ppc64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-trace-base-3.0.101-108.71.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-trace-base-3.0.101-108.71.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-trace-devel-3.0.101-108.71.1.i586", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-trace-devel-3.0.101-108.71.1.ia64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-trace-devel-3.0.101-108.71.1.ppc64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-trace-devel-3.0.101-108.71.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-trace-devel-3.0.101-108.71.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-xen-3.0.101-108.71.1.i586", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-xen-3.0.101-108.71.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-xen-base-3.0.101-108.71.1.i586", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-xen-base-3.0.101-108.71.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-xen-devel-3.0.101-108.71.1.i586", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-xen-devel-3.0.101-108.71.1.x86_64", "SUSE Linux Enterprise Software Development Kit 11 SP4:kernel-docs-3.0.101-108.71.1.noarch", ], }, ], threats: [ { category: "impact", date: "2018-09-26T12:53:30Z", details: "moderate", }, ], title: "CVE-2018-10902", }, { cve: "CVE-2018-10940", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2018-10940", }, ], notes: [ { category: "general", text: "The cdrom_ioctl_media_changed function in drivers/cdrom/cdrom.c in the Linux kernel before 4.16.6 allows local attackers to use a incorrect bounds check in the CDROM driver CDROM_MEDIA_CHANGED ioctl to read out kernel memory.", title: "CVE description", }, ], product_status: { recommended: [ "SUSE Linux Enterprise Server 11 SP4:kernel-bigmem-3.0.101-108.71.1.ppc64", "SUSE Linux Enterprise Server 11 SP4:kernel-bigmem-base-3.0.101-108.71.1.ppc64", "SUSE Linux Enterprise Server 11 SP4:kernel-bigmem-devel-3.0.101-108.71.1.ppc64", "SUSE Linux Enterprise Server 11 SP4:kernel-default-3.0.101-108.71.1.i586", "SUSE Linux Enterprise Server 11 SP4:kernel-default-3.0.101-108.71.1.ia64", "SUSE Linux Enterprise Server 11 SP4:kernel-default-3.0.101-108.71.1.ppc64", "SUSE Linux Enterprise Server 11 SP4:kernel-default-3.0.101-108.71.1.s390x", "SUSE Linux Enterprise Server 11 SP4:kernel-default-3.0.101-108.71.1.x86_64", "SUSE Linux Enterprise Server 11 SP4:kernel-default-base-3.0.101-108.71.1.i586", "SUSE Linux Enterprise Server 11 SP4:kernel-default-base-3.0.101-108.71.1.ia64", "SUSE Linux Enterprise Server 11 SP4:kernel-default-base-3.0.101-108.71.1.ppc64", "SUSE Linux Enterprise Server 11 SP4:kernel-default-base-3.0.101-108.71.1.s390x", "SUSE Linux Enterprise Server 11 SP4:kernel-default-base-3.0.101-108.71.1.x86_64", "SUSE Linux Enterprise Server 11 SP4:kernel-default-devel-3.0.101-108.71.1.i586", "SUSE Linux Enterprise Server 11 SP4:kernel-default-devel-3.0.101-108.71.1.ia64", "SUSE Linux Enterprise Server 11 SP4:kernel-default-devel-3.0.101-108.71.1.ppc64", "SUSE Linux Enterprise Server 11 SP4:kernel-default-devel-3.0.101-108.71.1.s390x", "SUSE Linux Enterprise Server 11 SP4:kernel-default-devel-3.0.101-108.71.1.x86_64", "SUSE Linux Enterprise Server 11 SP4:kernel-default-man-3.0.101-108.71.1.s390x", "SUSE Linux Enterprise Server 11 SP4:kernel-ec2-3.0.101-108.71.1.i586", "SUSE Linux Enterprise Server 11 SP4:kernel-ec2-3.0.101-108.71.1.x86_64", "SUSE Linux Enterprise Server 11 SP4:kernel-ec2-base-3.0.101-108.71.1.i586", "SUSE Linux Enterprise Server 11 SP4:kernel-ec2-base-3.0.101-108.71.1.x86_64", "SUSE Linux Enterprise Server 11 SP4:kernel-ec2-devel-3.0.101-108.71.1.i586", "SUSE Linux Enterprise Server 11 SP4:kernel-ec2-devel-3.0.101-108.71.1.x86_64", "SUSE Linux Enterprise Server 11 SP4:kernel-pae-3.0.101-108.71.1.i586", "SUSE Linux Enterprise Server 11 SP4:kernel-pae-base-3.0.101-108.71.1.i586", "SUSE Linux Enterprise Server 11 SP4:kernel-pae-devel-3.0.101-108.71.1.i586", "SUSE Linux Enterprise Server 11 SP4:kernel-ppc64-3.0.101-108.71.1.ppc64", "SUSE Linux Enterprise Server 11 SP4:kernel-ppc64-base-3.0.101-108.71.1.ppc64", "SUSE Linux Enterprise Server 11 SP4:kernel-ppc64-devel-3.0.101-108.71.1.ppc64", "SUSE Linux Enterprise Server 11 SP4:kernel-source-3.0.101-108.71.1.i586", "SUSE Linux Enterprise Server 11 SP4:kernel-source-3.0.101-108.71.1.ia64", "SUSE Linux Enterprise Server 11 SP4:kernel-source-3.0.101-108.71.1.ppc64", "SUSE Linux Enterprise Server 11 SP4:kernel-source-3.0.101-108.71.1.s390x", "SUSE Linux Enterprise Server 11 SP4:kernel-source-3.0.101-108.71.1.x86_64", "SUSE Linux Enterprise Server 11 SP4:kernel-syms-3.0.101-108.71.1.i586", "SUSE Linux Enterprise Server 11 SP4:kernel-syms-3.0.101-108.71.1.ia64", "SUSE Linux Enterprise Server 11 SP4:kernel-syms-3.0.101-108.71.1.ppc64", "SUSE Linux Enterprise Server 11 SP4:kernel-syms-3.0.101-108.71.1.s390x", "SUSE Linux Enterprise Server 11 SP4:kernel-syms-3.0.101-108.71.1.x86_64", "SUSE Linux Enterprise Server 11 SP4:kernel-trace-3.0.101-108.71.1.i586", "SUSE Linux Enterprise Server 11 SP4:kernel-trace-3.0.101-108.71.1.ia64", "SUSE Linux Enterprise Server 11 SP4:kernel-trace-3.0.101-108.71.1.ppc64", "SUSE Linux Enterprise Server 11 SP4:kernel-trace-3.0.101-108.71.1.s390x", "SUSE Linux Enterprise Server 11 SP4:kernel-trace-3.0.101-108.71.1.x86_64", "SUSE Linux Enterprise Server 11 SP4:kernel-trace-base-3.0.101-108.71.1.i586", "SUSE Linux Enterprise Server 11 SP4:kernel-trace-base-3.0.101-108.71.1.ia64", "SUSE Linux Enterprise Server 11 SP4:kernel-trace-base-3.0.101-108.71.1.ppc64", "SUSE Linux Enterprise Server 11 SP4:kernel-trace-base-3.0.101-108.71.1.s390x", "SUSE Linux Enterprise Server 11 SP4:kernel-trace-base-3.0.101-108.71.1.x86_64", "SUSE Linux Enterprise Server 11 SP4:kernel-trace-devel-3.0.101-108.71.1.i586", "SUSE Linux Enterprise Server 11 SP4:kernel-trace-devel-3.0.101-108.71.1.ia64", "SUSE Linux Enterprise Server 11 SP4:kernel-trace-devel-3.0.101-108.71.1.ppc64", "SUSE Linux Enterprise Server 11 SP4:kernel-trace-devel-3.0.101-108.71.1.s390x", "SUSE Linux Enterprise Server 11 SP4:kernel-trace-devel-3.0.101-108.71.1.x86_64", "SUSE Linux Enterprise Server 11 SP4:kernel-xen-3.0.101-108.71.1.i586", "SUSE Linux Enterprise Server 11 SP4:kernel-xen-3.0.101-108.71.1.x86_64", "SUSE Linux Enterprise Server 11 SP4:kernel-xen-base-3.0.101-108.71.1.i586", "SUSE Linux Enterprise Server 11 SP4:kernel-xen-base-3.0.101-108.71.1.x86_64", "SUSE Linux Enterprise Server 11 SP4:kernel-xen-devel-3.0.101-108.71.1.i586", "SUSE Linux Enterprise Server 11 SP4:kernel-xen-devel-3.0.101-108.71.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-bigmem-3.0.101-108.71.1.ppc64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-bigmem-base-3.0.101-108.71.1.ppc64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-bigmem-devel-3.0.101-108.71.1.ppc64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-default-3.0.101-108.71.1.i586", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-default-3.0.101-108.71.1.ia64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-default-3.0.101-108.71.1.ppc64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-default-3.0.101-108.71.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-default-3.0.101-108.71.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-default-base-3.0.101-108.71.1.i586", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-default-base-3.0.101-108.71.1.ia64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-default-base-3.0.101-108.71.1.ppc64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-default-base-3.0.101-108.71.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-default-base-3.0.101-108.71.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-default-devel-3.0.101-108.71.1.i586", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-default-devel-3.0.101-108.71.1.ia64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-default-devel-3.0.101-108.71.1.ppc64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-default-devel-3.0.101-108.71.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-default-devel-3.0.101-108.71.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-default-man-3.0.101-108.71.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-ec2-3.0.101-108.71.1.i586", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-ec2-3.0.101-108.71.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-ec2-base-3.0.101-108.71.1.i586", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-ec2-base-3.0.101-108.71.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-ec2-devel-3.0.101-108.71.1.i586", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-ec2-devel-3.0.101-108.71.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-pae-3.0.101-108.71.1.i586", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-pae-base-3.0.101-108.71.1.i586", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-pae-devel-3.0.101-108.71.1.i586", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-ppc64-3.0.101-108.71.1.ppc64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-ppc64-base-3.0.101-108.71.1.ppc64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-ppc64-devel-3.0.101-108.71.1.ppc64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-source-3.0.101-108.71.1.i586", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-source-3.0.101-108.71.1.ia64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-source-3.0.101-108.71.1.ppc64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-source-3.0.101-108.71.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-source-3.0.101-108.71.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-syms-3.0.101-108.71.1.i586", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-syms-3.0.101-108.71.1.ia64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-syms-3.0.101-108.71.1.ppc64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-syms-3.0.101-108.71.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-syms-3.0.101-108.71.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-trace-3.0.101-108.71.1.i586", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-trace-3.0.101-108.71.1.ia64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-trace-3.0.101-108.71.1.ppc64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-trace-3.0.101-108.71.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-trace-3.0.101-108.71.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-trace-base-3.0.101-108.71.1.i586", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-trace-base-3.0.101-108.71.1.ia64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-trace-base-3.0.101-108.71.1.ppc64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-trace-base-3.0.101-108.71.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-trace-base-3.0.101-108.71.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-trace-devel-3.0.101-108.71.1.i586", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-trace-devel-3.0.101-108.71.1.ia64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-trace-devel-3.0.101-108.71.1.ppc64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-trace-devel-3.0.101-108.71.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-trace-devel-3.0.101-108.71.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-xen-3.0.101-108.71.1.i586", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-xen-3.0.101-108.71.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-xen-base-3.0.101-108.71.1.i586", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-xen-base-3.0.101-108.71.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-xen-devel-3.0.101-108.71.1.i586", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-xen-devel-3.0.101-108.71.1.x86_64", "SUSE Linux Enterprise Software Development Kit 11 SP4:kernel-docs-3.0.101-108.71.1.noarch", ], }, references: [ { category: "external", summary: "CVE-2018-10940", url: "https://www.suse.com/security/cve/CVE-2018-10940", }, { category: "external", summary: "SUSE Bug 1087082 for CVE-2018-10940", url: "https://bugzilla.suse.com/1087082", }, { category: "external", summary: "SUSE Bug 1092903 for CVE-2018-10940", url: "https://bugzilla.suse.com/1092903", }, { category: "external", summary: "SUSE Bug 1107689 for CVE-2018-10940", url: "https://bugzilla.suse.com/1107689", }, { category: "external", summary: "SUSE Bug 1113751 for CVE-2018-10940", url: "https://bugzilla.suse.com/1113751", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE Linux Enterprise Server 11 SP4:kernel-bigmem-3.0.101-108.71.1.ppc64", "SUSE Linux Enterprise Server 11 SP4:kernel-bigmem-base-3.0.101-108.71.1.ppc64", "SUSE Linux Enterprise Server 11 SP4:kernel-bigmem-devel-3.0.101-108.71.1.ppc64", "SUSE Linux Enterprise Server 11 SP4:kernel-default-3.0.101-108.71.1.i586", "SUSE Linux Enterprise Server 11 SP4:kernel-default-3.0.101-108.71.1.ia64", "SUSE Linux Enterprise Server 11 SP4:kernel-default-3.0.101-108.71.1.ppc64", "SUSE Linux Enterprise Server 11 SP4:kernel-default-3.0.101-108.71.1.s390x", "SUSE Linux Enterprise Server 11 SP4:kernel-default-3.0.101-108.71.1.x86_64", "SUSE Linux Enterprise Server 11 SP4:kernel-default-base-3.0.101-108.71.1.i586", "SUSE Linux Enterprise Server 11 SP4:kernel-default-base-3.0.101-108.71.1.ia64", "SUSE Linux Enterprise Server 11 SP4:kernel-default-base-3.0.101-108.71.1.ppc64", "SUSE Linux Enterprise Server 11 SP4:kernel-default-base-3.0.101-108.71.1.s390x", "SUSE Linux Enterprise Server 11 SP4:kernel-default-base-3.0.101-108.71.1.x86_64", "SUSE Linux Enterprise Server 11 SP4:kernel-default-devel-3.0.101-108.71.1.i586", "SUSE Linux Enterprise Server 11 SP4:kernel-default-devel-3.0.101-108.71.1.ia64", "SUSE Linux Enterprise Server 11 SP4:kernel-default-devel-3.0.101-108.71.1.ppc64", "SUSE Linux Enterprise Server 11 SP4:kernel-default-devel-3.0.101-108.71.1.s390x", "SUSE Linux Enterprise Server 11 SP4:kernel-default-devel-3.0.101-108.71.1.x86_64", "SUSE Linux Enterprise Server 11 SP4:kernel-default-man-3.0.101-108.71.1.s390x", "SUSE Linux Enterprise Server 11 SP4:kernel-ec2-3.0.101-108.71.1.i586", "SUSE Linux Enterprise Server 11 SP4:kernel-ec2-3.0.101-108.71.1.x86_64", "SUSE Linux Enterprise Server 11 SP4:kernel-ec2-base-3.0.101-108.71.1.i586", "SUSE Linux Enterprise Server 11 SP4:kernel-ec2-base-3.0.101-108.71.1.x86_64", "SUSE Linux Enterprise Server 11 SP4:kernel-ec2-devel-3.0.101-108.71.1.i586", "SUSE Linux Enterprise Server 11 SP4:kernel-ec2-devel-3.0.101-108.71.1.x86_64", "SUSE Linux Enterprise Server 11 SP4:kernel-pae-3.0.101-108.71.1.i586", "SUSE Linux Enterprise Server 11 SP4:kernel-pae-base-3.0.101-108.71.1.i586", "SUSE Linux Enterprise Server 11 SP4:kernel-pae-devel-3.0.101-108.71.1.i586", "SUSE Linux Enterprise Server 11 SP4:kernel-ppc64-3.0.101-108.71.1.ppc64", "SUSE Linux Enterprise Server 11 SP4:kernel-ppc64-base-3.0.101-108.71.1.ppc64", "SUSE Linux Enterprise Server 11 SP4:kernel-ppc64-devel-3.0.101-108.71.1.ppc64", "SUSE Linux Enterprise Server 11 SP4:kernel-source-3.0.101-108.71.1.i586", "SUSE Linux Enterprise Server 11 SP4:kernel-source-3.0.101-108.71.1.ia64", "SUSE Linux Enterprise Server 11 SP4:kernel-source-3.0.101-108.71.1.ppc64", "SUSE Linux Enterprise Server 11 SP4:kernel-source-3.0.101-108.71.1.s390x", "SUSE Linux Enterprise Server 11 SP4:kernel-source-3.0.101-108.71.1.x86_64", "SUSE Linux Enterprise Server 11 SP4:kernel-syms-3.0.101-108.71.1.i586", "SUSE Linux Enterprise Server 11 SP4:kernel-syms-3.0.101-108.71.1.ia64", "SUSE Linux Enterprise Server 11 SP4:kernel-syms-3.0.101-108.71.1.ppc64", "SUSE Linux Enterprise Server 11 SP4:kernel-syms-3.0.101-108.71.1.s390x", "SUSE Linux Enterprise Server 11 SP4:kernel-syms-3.0.101-108.71.1.x86_64", "SUSE Linux Enterprise Server 11 SP4:kernel-trace-3.0.101-108.71.1.i586", "SUSE Linux Enterprise Server 11 SP4:kernel-trace-3.0.101-108.71.1.ia64", "SUSE Linux Enterprise Server 11 SP4:kernel-trace-3.0.101-108.71.1.ppc64", "SUSE Linux Enterprise Server 11 SP4:kernel-trace-3.0.101-108.71.1.s390x", "SUSE Linux Enterprise Server 11 SP4:kernel-trace-3.0.101-108.71.1.x86_64", "SUSE Linux Enterprise Server 11 SP4:kernel-trace-base-3.0.101-108.71.1.i586", "SUSE Linux Enterprise Server 11 SP4:kernel-trace-base-3.0.101-108.71.1.ia64", "SUSE Linux Enterprise Server 11 SP4:kernel-trace-base-3.0.101-108.71.1.ppc64", "SUSE Linux Enterprise Server 11 SP4:kernel-trace-base-3.0.101-108.71.1.s390x", "SUSE Linux Enterprise Server 11 SP4:kernel-trace-base-3.0.101-108.71.1.x86_64", "SUSE Linux Enterprise Server 11 SP4:kernel-trace-devel-3.0.101-108.71.1.i586", "SUSE Linux Enterprise Server 11 SP4:kernel-trace-devel-3.0.101-108.71.1.ia64", "SUSE Linux Enterprise Server 11 SP4:kernel-trace-devel-3.0.101-108.71.1.ppc64", "SUSE Linux Enterprise Server 11 SP4:kernel-trace-devel-3.0.101-108.71.1.s390x", "SUSE Linux Enterprise Server 11 SP4:kernel-trace-devel-3.0.101-108.71.1.x86_64", "SUSE Linux Enterprise Server 11 SP4:kernel-xen-3.0.101-108.71.1.i586", "SUSE Linux Enterprise Server 11 SP4:kernel-xen-3.0.101-108.71.1.x86_64", "SUSE Linux Enterprise Server 11 SP4:kernel-xen-base-3.0.101-108.71.1.i586", "SUSE Linux Enterprise Server 11 SP4:kernel-xen-base-3.0.101-108.71.1.x86_64", "SUSE Linux Enterprise Server 11 SP4:kernel-xen-devel-3.0.101-108.71.1.i586", "SUSE Linux Enterprise Server 11 SP4:kernel-xen-devel-3.0.101-108.71.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-bigmem-3.0.101-108.71.1.ppc64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-bigmem-base-3.0.101-108.71.1.ppc64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-bigmem-devel-3.0.101-108.71.1.ppc64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-default-3.0.101-108.71.1.i586", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-default-3.0.101-108.71.1.ia64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-default-3.0.101-108.71.1.ppc64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-default-3.0.101-108.71.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-default-3.0.101-108.71.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-default-base-3.0.101-108.71.1.i586", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-default-base-3.0.101-108.71.1.ia64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-default-base-3.0.101-108.71.1.ppc64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-default-base-3.0.101-108.71.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-default-base-3.0.101-108.71.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-default-devel-3.0.101-108.71.1.i586", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-default-devel-3.0.101-108.71.1.ia64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-default-devel-3.0.101-108.71.1.ppc64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-default-devel-3.0.101-108.71.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-default-devel-3.0.101-108.71.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-default-man-3.0.101-108.71.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-ec2-3.0.101-108.71.1.i586", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-ec2-3.0.101-108.71.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-ec2-base-3.0.101-108.71.1.i586", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-ec2-base-3.0.101-108.71.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-ec2-devel-3.0.101-108.71.1.i586", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-ec2-devel-3.0.101-108.71.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-pae-3.0.101-108.71.1.i586", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-pae-base-3.0.101-108.71.1.i586", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-pae-devel-3.0.101-108.71.1.i586", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-ppc64-3.0.101-108.71.1.ppc64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-ppc64-base-3.0.101-108.71.1.ppc64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-ppc64-devel-3.0.101-108.71.1.ppc64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-source-3.0.101-108.71.1.i586", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-source-3.0.101-108.71.1.ia64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-source-3.0.101-108.71.1.ppc64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-source-3.0.101-108.71.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-source-3.0.101-108.71.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-syms-3.0.101-108.71.1.i586", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-syms-3.0.101-108.71.1.ia64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-syms-3.0.101-108.71.1.ppc64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-syms-3.0.101-108.71.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-syms-3.0.101-108.71.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-trace-3.0.101-108.71.1.i586", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-trace-3.0.101-108.71.1.ia64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-trace-3.0.101-108.71.1.ppc64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-trace-3.0.101-108.71.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-trace-3.0.101-108.71.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-trace-base-3.0.101-108.71.1.i586", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-trace-base-3.0.101-108.71.1.ia64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-trace-base-3.0.101-108.71.1.ppc64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-trace-base-3.0.101-108.71.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-trace-base-3.0.101-108.71.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-trace-devel-3.0.101-108.71.1.i586", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-trace-devel-3.0.101-108.71.1.ia64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-trace-devel-3.0.101-108.71.1.ppc64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-trace-devel-3.0.101-108.71.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-trace-devel-3.0.101-108.71.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-xen-3.0.101-108.71.1.i586", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-xen-3.0.101-108.71.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-xen-base-3.0.101-108.71.1.i586", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-xen-base-3.0.101-108.71.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-xen-devel-3.0.101-108.71.1.i586", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-xen-devel-3.0.101-108.71.1.x86_64", "SUSE Linux Enterprise Software Development Kit 11 SP4:kernel-docs-3.0.101-108.71.1.noarch", ], }, ], scores: [ { cvss_v3: { baseScore: 6.2, baseSeverity: "MEDIUM", vectorString: "CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N", version: "3.0", }, products: [ "SUSE Linux Enterprise Server 11 SP4:kernel-bigmem-3.0.101-108.71.1.ppc64", "SUSE Linux Enterprise Server 11 SP4:kernel-bigmem-base-3.0.101-108.71.1.ppc64", "SUSE Linux Enterprise Server 11 SP4:kernel-bigmem-devel-3.0.101-108.71.1.ppc64", "SUSE Linux Enterprise Server 11 SP4:kernel-default-3.0.101-108.71.1.i586", "SUSE Linux Enterprise Server 11 SP4:kernel-default-3.0.101-108.71.1.ia64", "SUSE Linux Enterprise Server 11 SP4:kernel-default-3.0.101-108.71.1.ppc64", "SUSE Linux Enterprise Server 11 SP4:kernel-default-3.0.101-108.71.1.s390x", "SUSE Linux Enterprise Server 11 SP4:kernel-default-3.0.101-108.71.1.x86_64", "SUSE Linux Enterprise Server 11 SP4:kernel-default-base-3.0.101-108.71.1.i586", "SUSE Linux Enterprise Server 11 SP4:kernel-default-base-3.0.101-108.71.1.ia64", "SUSE Linux Enterprise Server 11 SP4:kernel-default-base-3.0.101-108.71.1.ppc64", "SUSE Linux Enterprise Server 11 SP4:kernel-default-base-3.0.101-108.71.1.s390x", "SUSE Linux Enterprise Server 11 SP4:kernel-default-base-3.0.101-108.71.1.x86_64", "SUSE Linux Enterprise Server 11 SP4:kernel-default-devel-3.0.101-108.71.1.i586", "SUSE Linux Enterprise Server 11 SP4:kernel-default-devel-3.0.101-108.71.1.ia64", "SUSE Linux Enterprise Server 11 SP4:kernel-default-devel-3.0.101-108.71.1.ppc64", "SUSE Linux Enterprise Server 11 SP4:kernel-default-devel-3.0.101-108.71.1.s390x", "SUSE Linux Enterprise Server 11 SP4:kernel-default-devel-3.0.101-108.71.1.x86_64", "SUSE Linux Enterprise Server 11 SP4:kernel-default-man-3.0.101-108.71.1.s390x", "SUSE Linux Enterprise Server 11 SP4:kernel-ec2-3.0.101-108.71.1.i586", "SUSE Linux Enterprise Server 11 SP4:kernel-ec2-3.0.101-108.71.1.x86_64", "SUSE Linux Enterprise Server 11 SP4:kernel-ec2-base-3.0.101-108.71.1.i586", "SUSE Linux Enterprise Server 11 SP4:kernel-ec2-base-3.0.101-108.71.1.x86_64", "SUSE Linux Enterprise Server 11 SP4:kernel-ec2-devel-3.0.101-108.71.1.i586", "SUSE Linux Enterprise Server 11 SP4:kernel-ec2-devel-3.0.101-108.71.1.x86_64", "SUSE Linux Enterprise Server 11 SP4:kernel-pae-3.0.101-108.71.1.i586", "SUSE Linux Enterprise Server 11 SP4:kernel-pae-base-3.0.101-108.71.1.i586", "SUSE Linux Enterprise Server 11 SP4:kernel-pae-devel-3.0.101-108.71.1.i586", "SUSE Linux Enterprise Server 11 SP4:kernel-ppc64-3.0.101-108.71.1.ppc64", "SUSE Linux Enterprise Server 11 SP4:kernel-ppc64-base-3.0.101-108.71.1.ppc64", "SUSE Linux Enterprise Server 11 SP4:kernel-ppc64-devel-3.0.101-108.71.1.ppc64", "SUSE Linux Enterprise Server 11 SP4:kernel-source-3.0.101-108.71.1.i586", "SUSE Linux Enterprise Server 11 SP4:kernel-source-3.0.101-108.71.1.ia64", "SUSE Linux Enterprise Server 11 SP4:kernel-source-3.0.101-108.71.1.ppc64", "SUSE Linux Enterprise Server 11 SP4:kernel-source-3.0.101-108.71.1.s390x", "SUSE Linux Enterprise Server 11 SP4:kernel-source-3.0.101-108.71.1.x86_64", "SUSE Linux Enterprise Server 11 SP4:kernel-syms-3.0.101-108.71.1.i586", "SUSE Linux Enterprise Server 11 SP4:kernel-syms-3.0.101-108.71.1.ia64", "SUSE Linux Enterprise Server 11 SP4:kernel-syms-3.0.101-108.71.1.ppc64", "SUSE Linux Enterprise Server 11 SP4:kernel-syms-3.0.101-108.71.1.s390x", "SUSE Linux Enterprise Server 11 SP4:kernel-syms-3.0.101-108.71.1.x86_64", "SUSE Linux Enterprise Server 11 SP4:kernel-trace-3.0.101-108.71.1.i586", "SUSE Linux Enterprise Server 11 SP4:kernel-trace-3.0.101-108.71.1.ia64", "SUSE Linux Enterprise Server 11 SP4:kernel-trace-3.0.101-108.71.1.ppc64", "SUSE Linux Enterprise Server 11 SP4:kernel-trace-3.0.101-108.71.1.s390x", "SUSE Linux Enterprise Server 11 SP4:kernel-trace-3.0.101-108.71.1.x86_64", "SUSE Linux Enterprise Server 11 SP4:kernel-trace-base-3.0.101-108.71.1.i586", "SUSE Linux Enterprise Server 11 SP4:kernel-trace-base-3.0.101-108.71.1.ia64", "SUSE Linux Enterprise Server 11 SP4:kernel-trace-base-3.0.101-108.71.1.ppc64", "SUSE Linux Enterprise Server 11 SP4:kernel-trace-base-3.0.101-108.71.1.s390x", "SUSE Linux Enterprise Server 11 SP4:kernel-trace-base-3.0.101-108.71.1.x86_64", "SUSE Linux Enterprise Server 11 SP4:kernel-trace-devel-3.0.101-108.71.1.i586", "SUSE Linux Enterprise Server 11 SP4:kernel-trace-devel-3.0.101-108.71.1.ia64", "SUSE Linux Enterprise Server 11 SP4:kernel-trace-devel-3.0.101-108.71.1.ppc64", "SUSE Linux Enterprise Server 11 SP4:kernel-trace-devel-3.0.101-108.71.1.s390x", "SUSE Linux Enterprise Server 11 SP4:kernel-trace-devel-3.0.101-108.71.1.x86_64", "SUSE Linux Enterprise Server 11 SP4:kernel-xen-3.0.101-108.71.1.i586", "SUSE Linux Enterprise Server 11 SP4:kernel-xen-3.0.101-108.71.1.x86_64", "SUSE Linux Enterprise Server 11 SP4:kernel-xen-base-3.0.101-108.71.1.i586", "SUSE Linux Enterprise Server 11 SP4:kernel-xen-base-3.0.101-108.71.1.x86_64", "SUSE Linux Enterprise Server 11 SP4:kernel-xen-devel-3.0.101-108.71.1.i586", "SUSE Linux Enterprise Server 11 SP4:kernel-xen-devel-3.0.101-108.71.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-bigmem-3.0.101-108.71.1.ppc64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-bigmem-base-3.0.101-108.71.1.ppc64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-bigmem-devel-3.0.101-108.71.1.ppc64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-default-3.0.101-108.71.1.i586", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-default-3.0.101-108.71.1.ia64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-default-3.0.101-108.71.1.ppc64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-default-3.0.101-108.71.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-default-3.0.101-108.71.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-default-base-3.0.101-108.71.1.i586", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-default-base-3.0.101-108.71.1.ia64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-default-base-3.0.101-108.71.1.ppc64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-default-base-3.0.101-108.71.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-default-base-3.0.101-108.71.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-default-devel-3.0.101-108.71.1.i586", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-default-devel-3.0.101-108.71.1.ia64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-default-devel-3.0.101-108.71.1.ppc64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-default-devel-3.0.101-108.71.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-default-devel-3.0.101-108.71.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-default-man-3.0.101-108.71.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-ec2-3.0.101-108.71.1.i586", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-ec2-3.0.101-108.71.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-ec2-base-3.0.101-108.71.1.i586", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-ec2-base-3.0.101-108.71.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-ec2-devel-3.0.101-108.71.1.i586", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-ec2-devel-3.0.101-108.71.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-pae-3.0.101-108.71.1.i586", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-pae-base-3.0.101-108.71.1.i586", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-pae-devel-3.0.101-108.71.1.i586", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-ppc64-3.0.101-108.71.1.ppc64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-ppc64-base-3.0.101-108.71.1.ppc64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-ppc64-devel-3.0.101-108.71.1.ppc64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-source-3.0.101-108.71.1.i586", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-source-3.0.101-108.71.1.ia64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-source-3.0.101-108.71.1.ppc64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-source-3.0.101-108.71.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-source-3.0.101-108.71.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-syms-3.0.101-108.71.1.i586", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-syms-3.0.101-108.71.1.ia64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-syms-3.0.101-108.71.1.ppc64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-syms-3.0.101-108.71.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-syms-3.0.101-108.71.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-trace-3.0.101-108.71.1.i586", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-trace-3.0.101-108.71.1.ia64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-trace-3.0.101-108.71.1.ppc64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-trace-3.0.101-108.71.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-trace-3.0.101-108.71.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-trace-base-3.0.101-108.71.1.i586", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-trace-base-3.0.101-108.71.1.ia64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-trace-base-3.0.101-108.71.1.ppc64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-trace-base-3.0.101-108.71.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-trace-base-3.0.101-108.71.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-trace-devel-3.0.101-108.71.1.i586", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-trace-devel-3.0.101-108.71.1.ia64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-trace-devel-3.0.101-108.71.1.ppc64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-trace-devel-3.0.101-108.71.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-trace-devel-3.0.101-108.71.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-xen-3.0.101-108.71.1.i586", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-xen-3.0.101-108.71.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-xen-base-3.0.101-108.71.1.i586", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-xen-base-3.0.101-108.71.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-xen-devel-3.0.101-108.71.1.i586", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-xen-devel-3.0.101-108.71.1.x86_64", "SUSE Linux Enterprise Software Development Kit 11 SP4:kernel-docs-3.0.101-108.71.1.noarch", ], }, ], threats: [ { category: "impact", date: "2018-09-26T12:53:30Z", details: "moderate", }, ], title: "CVE-2018-10940", }, { cve: "CVE-2018-12896", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2018-12896", }, ], notes: [ { category: "general", text: "An issue was discovered in the Linux kernel through 4.17.3. An Integer Overflow in kernel/time/posix-timers.c in the POSIX timer code is caused by the way the overrun accounting works. Depending on interval and expiry time values, the overrun can be larger than INT_MAX, but the accounting is int based. This basically makes the accounting values, which are visible to user space via timer_getoverrun(2) and siginfo::si_overrun, random. For example, a local user can cause a denial of service (signed integer overflow) via crafted mmap, futex, timer_create, and timer_settime system calls.", title: "CVE description", }, ], product_status: { recommended: [ "SUSE Linux Enterprise Server 11 SP4:kernel-bigmem-3.0.101-108.71.1.ppc64", "SUSE Linux Enterprise Server 11 SP4:kernel-bigmem-base-3.0.101-108.71.1.ppc64", "SUSE Linux Enterprise Server 11 SP4:kernel-bigmem-devel-3.0.101-108.71.1.ppc64", "SUSE Linux Enterprise Server 11 SP4:kernel-default-3.0.101-108.71.1.i586", "SUSE Linux Enterprise Server 11 SP4:kernel-default-3.0.101-108.71.1.ia64", "SUSE Linux Enterprise Server 11 SP4:kernel-default-3.0.101-108.71.1.ppc64", "SUSE Linux Enterprise Server 11 SP4:kernel-default-3.0.101-108.71.1.s390x", "SUSE Linux Enterprise Server 11 SP4:kernel-default-3.0.101-108.71.1.x86_64", "SUSE Linux Enterprise Server 11 SP4:kernel-default-base-3.0.101-108.71.1.i586", "SUSE Linux Enterprise Server 11 SP4:kernel-default-base-3.0.101-108.71.1.ia64", "SUSE Linux Enterprise Server 11 SP4:kernel-default-base-3.0.101-108.71.1.ppc64", "SUSE Linux Enterprise Server 11 SP4:kernel-default-base-3.0.101-108.71.1.s390x", "SUSE Linux Enterprise Server 11 SP4:kernel-default-base-3.0.101-108.71.1.x86_64", "SUSE Linux Enterprise Server 11 SP4:kernel-default-devel-3.0.101-108.71.1.i586", "SUSE Linux Enterprise Server 11 SP4:kernel-default-devel-3.0.101-108.71.1.ia64", "SUSE Linux Enterprise Server 11 SP4:kernel-default-devel-3.0.101-108.71.1.ppc64", "SUSE Linux Enterprise Server 11 SP4:kernel-default-devel-3.0.101-108.71.1.s390x", "SUSE Linux Enterprise Server 11 SP4:kernel-default-devel-3.0.101-108.71.1.x86_64", "SUSE Linux Enterprise Server 11 SP4:kernel-default-man-3.0.101-108.71.1.s390x", "SUSE Linux Enterprise Server 11 SP4:kernel-ec2-3.0.101-108.71.1.i586", "SUSE Linux Enterprise Server 11 SP4:kernel-ec2-3.0.101-108.71.1.x86_64", "SUSE Linux Enterprise Server 11 SP4:kernel-ec2-base-3.0.101-108.71.1.i586", "SUSE Linux Enterprise Server 11 SP4:kernel-ec2-base-3.0.101-108.71.1.x86_64", "SUSE Linux Enterprise Server 11 SP4:kernel-ec2-devel-3.0.101-108.71.1.i586", "SUSE Linux Enterprise Server 11 SP4:kernel-ec2-devel-3.0.101-108.71.1.x86_64", "SUSE Linux Enterprise Server 11 SP4:kernel-pae-3.0.101-108.71.1.i586", "SUSE Linux Enterprise Server 11 SP4:kernel-pae-base-3.0.101-108.71.1.i586", "SUSE Linux Enterprise Server 11 SP4:kernel-pae-devel-3.0.101-108.71.1.i586", "SUSE Linux Enterprise Server 11 SP4:kernel-ppc64-3.0.101-108.71.1.ppc64", "SUSE Linux Enterprise Server 11 SP4:kernel-ppc64-base-3.0.101-108.71.1.ppc64", "SUSE Linux Enterprise Server 11 SP4:kernel-ppc64-devel-3.0.101-108.71.1.ppc64", "SUSE Linux Enterprise Server 11 SP4:kernel-source-3.0.101-108.71.1.i586", "SUSE Linux Enterprise Server 11 SP4:kernel-source-3.0.101-108.71.1.ia64", "SUSE Linux Enterprise Server 11 SP4:kernel-source-3.0.101-108.71.1.ppc64", "SUSE Linux Enterprise Server 11 SP4:kernel-source-3.0.101-108.71.1.s390x", "SUSE Linux Enterprise Server 11 SP4:kernel-source-3.0.101-108.71.1.x86_64", "SUSE Linux Enterprise Server 11 SP4:kernel-syms-3.0.101-108.71.1.i586", "SUSE Linux Enterprise Server 11 SP4:kernel-syms-3.0.101-108.71.1.ia64", "SUSE Linux Enterprise Server 11 SP4:kernel-syms-3.0.101-108.71.1.ppc64", "SUSE Linux Enterprise Server 11 SP4:kernel-syms-3.0.101-108.71.1.s390x", "SUSE Linux Enterprise Server 11 SP4:kernel-syms-3.0.101-108.71.1.x86_64", "SUSE Linux Enterprise Server 11 SP4:kernel-trace-3.0.101-108.71.1.i586", "SUSE Linux Enterprise Server 11 SP4:kernel-trace-3.0.101-108.71.1.ia64", "SUSE Linux Enterprise Server 11 SP4:kernel-trace-3.0.101-108.71.1.ppc64", "SUSE Linux Enterprise Server 11 SP4:kernel-trace-3.0.101-108.71.1.s390x", "SUSE Linux Enterprise Server 11 SP4:kernel-trace-3.0.101-108.71.1.x86_64", "SUSE Linux Enterprise Server 11 SP4:kernel-trace-base-3.0.101-108.71.1.i586", "SUSE Linux Enterprise Server 11 SP4:kernel-trace-base-3.0.101-108.71.1.ia64", "SUSE Linux Enterprise Server 11 SP4:kernel-trace-base-3.0.101-108.71.1.ppc64", "SUSE Linux Enterprise Server 11 SP4:kernel-trace-base-3.0.101-108.71.1.s390x", "SUSE Linux Enterprise Server 11 SP4:kernel-trace-base-3.0.101-108.71.1.x86_64", "SUSE Linux Enterprise Server 11 SP4:kernel-trace-devel-3.0.101-108.71.1.i586", "SUSE Linux Enterprise Server 11 SP4:kernel-trace-devel-3.0.101-108.71.1.ia64", "SUSE Linux Enterprise Server 11 SP4:kernel-trace-devel-3.0.101-108.71.1.ppc64", "SUSE Linux Enterprise Server 11 SP4:kernel-trace-devel-3.0.101-108.71.1.s390x", "SUSE Linux Enterprise Server 11 SP4:kernel-trace-devel-3.0.101-108.71.1.x86_64", "SUSE Linux Enterprise Server 11 SP4:kernel-xen-3.0.101-108.71.1.i586", "SUSE Linux Enterprise Server 11 SP4:kernel-xen-3.0.101-108.71.1.x86_64", "SUSE Linux Enterprise Server 11 SP4:kernel-xen-base-3.0.101-108.71.1.i586", "SUSE Linux Enterprise Server 11 SP4:kernel-xen-base-3.0.101-108.71.1.x86_64", "SUSE Linux Enterprise Server 11 SP4:kernel-xen-devel-3.0.101-108.71.1.i586", "SUSE Linux Enterprise Server 11 SP4:kernel-xen-devel-3.0.101-108.71.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-bigmem-3.0.101-108.71.1.ppc64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-bigmem-base-3.0.101-108.71.1.ppc64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-bigmem-devel-3.0.101-108.71.1.ppc64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-default-3.0.101-108.71.1.i586", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-default-3.0.101-108.71.1.ia64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-default-3.0.101-108.71.1.ppc64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-default-3.0.101-108.71.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-default-3.0.101-108.71.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-default-base-3.0.101-108.71.1.i586", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-default-base-3.0.101-108.71.1.ia64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-default-base-3.0.101-108.71.1.ppc64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-default-base-3.0.101-108.71.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-default-base-3.0.101-108.71.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-default-devel-3.0.101-108.71.1.i586", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-default-devel-3.0.101-108.71.1.ia64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-default-devel-3.0.101-108.71.1.ppc64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-default-devel-3.0.101-108.71.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-default-devel-3.0.101-108.71.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-default-man-3.0.101-108.71.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-ec2-3.0.101-108.71.1.i586", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-ec2-3.0.101-108.71.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-ec2-base-3.0.101-108.71.1.i586", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-ec2-base-3.0.101-108.71.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-ec2-devel-3.0.101-108.71.1.i586", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-ec2-devel-3.0.101-108.71.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-pae-3.0.101-108.71.1.i586", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-pae-base-3.0.101-108.71.1.i586", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-pae-devel-3.0.101-108.71.1.i586", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-ppc64-3.0.101-108.71.1.ppc64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-ppc64-base-3.0.101-108.71.1.ppc64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-ppc64-devel-3.0.101-108.71.1.ppc64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-source-3.0.101-108.71.1.i586", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-source-3.0.101-108.71.1.ia64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-source-3.0.101-108.71.1.ppc64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-source-3.0.101-108.71.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-source-3.0.101-108.71.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-syms-3.0.101-108.71.1.i586", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-syms-3.0.101-108.71.1.ia64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-syms-3.0.101-108.71.1.ppc64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-syms-3.0.101-108.71.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-syms-3.0.101-108.71.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-trace-3.0.101-108.71.1.i586", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-trace-3.0.101-108.71.1.ia64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-trace-3.0.101-108.71.1.ppc64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-trace-3.0.101-108.71.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-trace-3.0.101-108.71.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-trace-base-3.0.101-108.71.1.i586", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-trace-base-3.0.101-108.71.1.ia64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-trace-base-3.0.101-108.71.1.ppc64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-trace-base-3.0.101-108.71.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-trace-base-3.0.101-108.71.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-trace-devel-3.0.101-108.71.1.i586", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-trace-devel-3.0.101-108.71.1.ia64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-trace-devel-3.0.101-108.71.1.ppc64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-trace-devel-3.0.101-108.71.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-trace-devel-3.0.101-108.71.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-xen-3.0.101-108.71.1.i586", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-xen-3.0.101-108.71.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-xen-base-3.0.101-108.71.1.i586", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-xen-base-3.0.101-108.71.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-xen-devel-3.0.101-108.71.1.i586", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-xen-devel-3.0.101-108.71.1.x86_64", "SUSE Linux Enterprise Software Development Kit 11 SP4:kernel-docs-3.0.101-108.71.1.noarch", ], }, references: [ { category: "external", summary: "CVE-2018-12896", url: "https://www.suse.com/security/cve/CVE-2018-12896", }, { category: "external", summary: "SUSE Bug 1099922 for CVE-2018-12896", url: "https://bugzilla.suse.com/1099922", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE Linux Enterprise Server 11 SP4:kernel-bigmem-3.0.101-108.71.1.ppc64", "SUSE Linux Enterprise Server 11 SP4:kernel-bigmem-base-3.0.101-108.71.1.ppc64", "SUSE Linux Enterprise Server 11 SP4:kernel-bigmem-devel-3.0.101-108.71.1.ppc64", "SUSE Linux Enterprise Server 11 SP4:kernel-default-3.0.101-108.71.1.i586", "SUSE Linux Enterprise Server 11 SP4:kernel-default-3.0.101-108.71.1.ia64", "SUSE Linux Enterprise Server 11 SP4:kernel-default-3.0.101-108.71.1.ppc64", "SUSE Linux Enterprise Server 11 SP4:kernel-default-3.0.101-108.71.1.s390x", "SUSE Linux Enterprise Server 11 SP4:kernel-default-3.0.101-108.71.1.x86_64", "SUSE Linux Enterprise Server 11 SP4:kernel-default-base-3.0.101-108.71.1.i586", "SUSE Linux Enterprise Server 11 SP4:kernel-default-base-3.0.101-108.71.1.ia64", "SUSE Linux Enterprise Server 11 SP4:kernel-default-base-3.0.101-108.71.1.ppc64", "SUSE Linux Enterprise Server 11 SP4:kernel-default-base-3.0.101-108.71.1.s390x", "SUSE Linux Enterprise Server 11 SP4:kernel-default-base-3.0.101-108.71.1.x86_64", "SUSE Linux Enterprise Server 11 SP4:kernel-default-devel-3.0.101-108.71.1.i586", "SUSE Linux Enterprise Server 11 SP4:kernel-default-devel-3.0.101-108.71.1.ia64", "SUSE Linux Enterprise Server 11 SP4:kernel-default-devel-3.0.101-108.71.1.ppc64", "SUSE Linux Enterprise Server 11 SP4:kernel-default-devel-3.0.101-108.71.1.s390x", "SUSE Linux Enterprise Server 11 SP4:kernel-default-devel-3.0.101-108.71.1.x86_64", "SUSE Linux Enterprise Server 11 SP4:kernel-default-man-3.0.101-108.71.1.s390x", "SUSE Linux Enterprise Server 11 SP4:kernel-ec2-3.0.101-108.71.1.i586", "SUSE Linux Enterprise Server 11 SP4:kernel-ec2-3.0.101-108.71.1.x86_64", "SUSE Linux Enterprise Server 11 SP4:kernel-ec2-base-3.0.101-108.71.1.i586", "SUSE Linux Enterprise Server 11 SP4:kernel-ec2-base-3.0.101-108.71.1.x86_64", "SUSE Linux Enterprise Server 11 SP4:kernel-ec2-devel-3.0.101-108.71.1.i586", "SUSE Linux Enterprise Server 11 SP4:kernel-ec2-devel-3.0.101-108.71.1.x86_64", "SUSE Linux Enterprise Server 11 SP4:kernel-pae-3.0.101-108.71.1.i586", "SUSE Linux Enterprise Server 11 SP4:kernel-pae-base-3.0.101-108.71.1.i586", "SUSE Linux Enterprise Server 11 SP4:kernel-pae-devel-3.0.101-108.71.1.i586", "SUSE Linux Enterprise Server 11 SP4:kernel-ppc64-3.0.101-108.71.1.ppc64", "SUSE Linux Enterprise Server 11 SP4:kernel-ppc64-base-3.0.101-108.71.1.ppc64", "SUSE Linux Enterprise Server 11 SP4:kernel-ppc64-devel-3.0.101-108.71.1.ppc64", "SUSE Linux Enterprise Server 11 SP4:kernel-source-3.0.101-108.71.1.i586", "SUSE Linux Enterprise Server 11 SP4:kernel-source-3.0.101-108.71.1.ia64", "SUSE Linux Enterprise Server 11 SP4:kernel-source-3.0.101-108.71.1.ppc64", "SUSE Linux Enterprise Server 11 SP4:kernel-source-3.0.101-108.71.1.s390x", "SUSE Linux Enterprise Server 11 SP4:kernel-source-3.0.101-108.71.1.x86_64", "SUSE Linux Enterprise Server 11 SP4:kernel-syms-3.0.101-108.71.1.i586", "SUSE Linux Enterprise Server 11 SP4:kernel-syms-3.0.101-108.71.1.ia64", "SUSE Linux Enterprise Server 11 SP4:kernel-syms-3.0.101-108.71.1.ppc64", "SUSE Linux Enterprise Server 11 SP4:kernel-syms-3.0.101-108.71.1.s390x", "SUSE Linux Enterprise Server 11 SP4:kernel-syms-3.0.101-108.71.1.x86_64", "SUSE Linux Enterprise Server 11 SP4:kernel-trace-3.0.101-108.71.1.i586", "SUSE Linux Enterprise Server 11 SP4:kernel-trace-3.0.101-108.71.1.ia64", "SUSE Linux Enterprise Server 11 SP4:kernel-trace-3.0.101-108.71.1.ppc64", "SUSE Linux Enterprise Server 11 SP4:kernel-trace-3.0.101-108.71.1.s390x", "SUSE Linux Enterprise Server 11 SP4:kernel-trace-3.0.101-108.71.1.x86_64", "SUSE Linux Enterprise Server 11 SP4:kernel-trace-base-3.0.101-108.71.1.i586", "SUSE Linux Enterprise Server 11 SP4:kernel-trace-base-3.0.101-108.71.1.ia64", "SUSE Linux Enterprise Server 11 SP4:kernel-trace-base-3.0.101-108.71.1.ppc64", "SUSE Linux Enterprise Server 11 SP4:kernel-trace-base-3.0.101-108.71.1.s390x", "SUSE Linux Enterprise Server 11 SP4:kernel-trace-base-3.0.101-108.71.1.x86_64", "SUSE Linux Enterprise Server 11 SP4:kernel-trace-devel-3.0.101-108.71.1.i586", "SUSE Linux Enterprise Server 11 SP4:kernel-trace-devel-3.0.101-108.71.1.ia64", "SUSE Linux Enterprise Server 11 SP4:kernel-trace-devel-3.0.101-108.71.1.ppc64", "SUSE Linux Enterprise Server 11 SP4:kernel-trace-devel-3.0.101-108.71.1.s390x", "SUSE Linux Enterprise Server 11 SP4:kernel-trace-devel-3.0.101-108.71.1.x86_64", "SUSE Linux Enterprise Server 11 SP4:kernel-xen-3.0.101-108.71.1.i586", "SUSE Linux Enterprise Server 11 SP4:kernel-xen-3.0.101-108.71.1.x86_64", "SUSE Linux Enterprise Server 11 SP4:kernel-xen-base-3.0.101-108.71.1.i586", "SUSE Linux Enterprise Server 11 SP4:kernel-xen-base-3.0.101-108.71.1.x86_64", "SUSE Linux Enterprise Server 11 SP4:kernel-xen-devel-3.0.101-108.71.1.i586", "SUSE Linux Enterprise Server 11 SP4:kernel-xen-devel-3.0.101-108.71.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-bigmem-3.0.101-108.71.1.ppc64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-bigmem-base-3.0.101-108.71.1.ppc64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-bigmem-devel-3.0.101-108.71.1.ppc64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-default-3.0.101-108.71.1.i586", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-default-3.0.101-108.71.1.ia64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-default-3.0.101-108.71.1.ppc64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-default-3.0.101-108.71.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-default-3.0.101-108.71.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-default-base-3.0.101-108.71.1.i586", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-default-base-3.0.101-108.71.1.ia64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-default-base-3.0.101-108.71.1.ppc64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-default-base-3.0.101-108.71.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-default-base-3.0.101-108.71.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-default-devel-3.0.101-108.71.1.i586", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-default-devel-3.0.101-108.71.1.ia64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-default-devel-3.0.101-108.71.1.ppc64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-default-devel-3.0.101-108.71.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-default-devel-3.0.101-108.71.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-default-man-3.0.101-108.71.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-ec2-3.0.101-108.71.1.i586", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-ec2-3.0.101-108.71.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-ec2-base-3.0.101-108.71.1.i586", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-ec2-base-3.0.101-108.71.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-ec2-devel-3.0.101-108.71.1.i586", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-ec2-devel-3.0.101-108.71.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-pae-3.0.101-108.71.1.i586", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-pae-base-3.0.101-108.71.1.i586", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-pae-devel-3.0.101-108.71.1.i586", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-ppc64-3.0.101-108.71.1.ppc64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-ppc64-base-3.0.101-108.71.1.ppc64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-ppc64-devel-3.0.101-108.71.1.ppc64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-source-3.0.101-108.71.1.i586", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-source-3.0.101-108.71.1.ia64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-source-3.0.101-108.71.1.ppc64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-source-3.0.101-108.71.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-source-3.0.101-108.71.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-syms-3.0.101-108.71.1.i586", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-syms-3.0.101-108.71.1.ia64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-syms-3.0.101-108.71.1.ppc64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-syms-3.0.101-108.71.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-syms-3.0.101-108.71.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-trace-3.0.101-108.71.1.i586", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-trace-3.0.101-108.71.1.ia64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-trace-3.0.101-108.71.1.ppc64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-trace-3.0.101-108.71.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-trace-3.0.101-108.71.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-trace-base-3.0.101-108.71.1.i586", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-trace-base-3.0.101-108.71.1.ia64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-trace-base-3.0.101-108.71.1.ppc64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-trace-base-3.0.101-108.71.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-trace-base-3.0.101-108.71.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-trace-devel-3.0.101-108.71.1.i586", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-trace-devel-3.0.101-108.71.1.ia64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-trace-devel-3.0.101-108.71.1.ppc64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-trace-devel-3.0.101-108.71.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-trace-devel-3.0.101-108.71.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-xen-3.0.101-108.71.1.i586", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-xen-3.0.101-108.71.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-xen-base-3.0.101-108.71.1.i586", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-xen-base-3.0.101-108.71.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-xen-devel-3.0.101-108.71.1.i586", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-xen-devel-3.0.101-108.71.1.x86_64", "SUSE Linux Enterprise Software Development Kit 11 SP4:kernel-docs-3.0.101-108.71.1.noarch", ], }, ], scores: [ { cvss_v3: { baseScore: 3.3, baseSeverity: "LOW", vectorString: "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L", version: "3.0", }, products: [ "SUSE Linux Enterprise Server 11 SP4:kernel-bigmem-3.0.101-108.71.1.ppc64", "SUSE Linux Enterprise Server 11 SP4:kernel-bigmem-base-3.0.101-108.71.1.ppc64", "SUSE Linux Enterprise Server 11 SP4:kernel-bigmem-devel-3.0.101-108.71.1.ppc64", "SUSE Linux Enterprise Server 11 SP4:kernel-default-3.0.101-108.71.1.i586", "SUSE Linux Enterprise Server 11 SP4:kernel-default-3.0.101-108.71.1.ia64", "SUSE Linux Enterprise Server 11 SP4:kernel-default-3.0.101-108.71.1.ppc64", "SUSE Linux Enterprise Server 11 SP4:kernel-default-3.0.101-108.71.1.s390x", "SUSE Linux Enterprise Server 11 SP4:kernel-default-3.0.101-108.71.1.x86_64", "SUSE Linux Enterprise Server 11 SP4:kernel-default-base-3.0.101-108.71.1.i586", "SUSE Linux Enterprise Server 11 SP4:kernel-default-base-3.0.101-108.71.1.ia64", "SUSE Linux Enterprise Server 11 SP4:kernel-default-base-3.0.101-108.71.1.ppc64", "SUSE Linux Enterprise Server 11 SP4:kernel-default-base-3.0.101-108.71.1.s390x", "SUSE Linux Enterprise Server 11 SP4:kernel-default-base-3.0.101-108.71.1.x86_64", "SUSE Linux Enterprise Server 11 SP4:kernel-default-devel-3.0.101-108.71.1.i586", "SUSE Linux Enterprise Server 11 SP4:kernel-default-devel-3.0.101-108.71.1.ia64", "SUSE Linux Enterprise Server 11 SP4:kernel-default-devel-3.0.101-108.71.1.ppc64", "SUSE Linux Enterprise Server 11 SP4:kernel-default-devel-3.0.101-108.71.1.s390x", "SUSE Linux Enterprise Server 11 SP4:kernel-default-devel-3.0.101-108.71.1.x86_64", "SUSE Linux Enterprise Server 11 SP4:kernel-default-man-3.0.101-108.71.1.s390x", "SUSE Linux Enterprise Server 11 SP4:kernel-ec2-3.0.101-108.71.1.i586", "SUSE Linux Enterprise Server 11 SP4:kernel-ec2-3.0.101-108.71.1.x86_64", "SUSE Linux Enterprise Server 11 SP4:kernel-ec2-base-3.0.101-108.71.1.i586", "SUSE Linux Enterprise Server 11 SP4:kernel-ec2-base-3.0.101-108.71.1.x86_64", "SUSE Linux Enterprise Server 11 SP4:kernel-ec2-devel-3.0.101-108.71.1.i586", "SUSE Linux Enterprise Server 11 SP4:kernel-ec2-devel-3.0.101-108.71.1.x86_64", "SUSE Linux Enterprise Server 11 SP4:kernel-pae-3.0.101-108.71.1.i586", "SUSE Linux Enterprise Server 11 SP4:kernel-pae-base-3.0.101-108.71.1.i586", "SUSE Linux Enterprise Server 11 SP4:kernel-pae-devel-3.0.101-108.71.1.i586", "SUSE Linux Enterprise Server 11 SP4:kernel-ppc64-3.0.101-108.71.1.ppc64", "SUSE Linux Enterprise Server 11 SP4:kernel-ppc64-base-3.0.101-108.71.1.ppc64", "SUSE Linux Enterprise Server 11 SP4:kernel-ppc64-devel-3.0.101-108.71.1.ppc64", "SUSE Linux Enterprise Server 11 SP4:kernel-source-3.0.101-108.71.1.i586", "SUSE Linux Enterprise Server 11 SP4:kernel-source-3.0.101-108.71.1.ia64", "SUSE Linux Enterprise Server 11 SP4:kernel-source-3.0.101-108.71.1.ppc64", "SUSE Linux Enterprise Server 11 SP4:kernel-source-3.0.101-108.71.1.s390x", "SUSE Linux Enterprise Server 11 SP4:kernel-source-3.0.101-108.71.1.x86_64", "SUSE Linux Enterprise Server 11 SP4:kernel-syms-3.0.101-108.71.1.i586", "SUSE Linux Enterprise Server 11 SP4:kernel-syms-3.0.101-108.71.1.ia64", "SUSE Linux Enterprise Server 11 SP4:kernel-syms-3.0.101-108.71.1.ppc64", "SUSE Linux Enterprise Server 11 SP4:kernel-syms-3.0.101-108.71.1.s390x", "SUSE Linux Enterprise Server 11 SP4:kernel-syms-3.0.101-108.71.1.x86_64", "SUSE Linux Enterprise Server 11 SP4:kernel-trace-3.0.101-108.71.1.i586", "SUSE Linux Enterprise Server 11 SP4:kernel-trace-3.0.101-108.71.1.ia64", "SUSE Linux Enterprise Server 11 SP4:kernel-trace-3.0.101-108.71.1.ppc64", "SUSE Linux Enterprise Server 11 SP4:kernel-trace-3.0.101-108.71.1.s390x", "SUSE Linux Enterprise Server 11 SP4:kernel-trace-3.0.101-108.71.1.x86_64", "SUSE Linux Enterprise Server 11 SP4:kernel-trace-base-3.0.101-108.71.1.i586", "SUSE Linux Enterprise Server 11 SP4:kernel-trace-base-3.0.101-108.71.1.ia64", "SUSE Linux Enterprise Server 11 SP4:kernel-trace-base-3.0.101-108.71.1.ppc64", "SUSE Linux Enterprise Server 11 SP4:kernel-trace-base-3.0.101-108.71.1.s390x", "SUSE Linux Enterprise Server 11 SP4:kernel-trace-base-3.0.101-108.71.1.x86_64", "SUSE Linux Enterprise Server 11 SP4:kernel-trace-devel-3.0.101-108.71.1.i586", "SUSE Linux Enterprise Server 11 SP4:kernel-trace-devel-3.0.101-108.71.1.ia64", "SUSE Linux Enterprise Server 11 SP4:kernel-trace-devel-3.0.101-108.71.1.ppc64", "SUSE Linux Enterprise Server 11 SP4:kernel-trace-devel-3.0.101-108.71.1.s390x", "SUSE Linux Enterprise Server 11 SP4:kernel-trace-devel-3.0.101-108.71.1.x86_64", "SUSE Linux Enterprise Server 11 SP4:kernel-xen-3.0.101-108.71.1.i586", "SUSE Linux Enterprise Server 11 SP4:kernel-xen-3.0.101-108.71.1.x86_64", "SUSE Linux Enterprise Server 11 SP4:kernel-xen-base-3.0.101-108.71.1.i586", "SUSE Linux Enterprise Server 11 SP4:kernel-xen-base-3.0.101-108.71.1.x86_64", "SUSE Linux Enterprise Server 11 SP4:kernel-xen-devel-3.0.101-108.71.1.i586", "SUSE Linux Enterprise Server 11 SP4:kernel-xen-devel-3.0.101-108.71.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-bigmem-3.0.101-108.71.1.ppc64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-bigmem-base-3.0.101-108.71.1.ppc64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-bigmem-devel-3.0.101-108.71.1.ppc64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-default-3.0.101-108.71.1.i586", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-default-3.0.101-108.71.1.ia64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-default-3.0.101-108.71.1.ppc64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-default-3.0.101-108.71.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-default-3.0.101-108.71.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-default-base-3.0.101-108.71.1.i586", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-default-base-3.0.101-108.71.1.ia64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-default-base-3.0.101-108.71.1.ppc64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-default-base-3.0.101-108.71.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-default-base-3.0.101-108.71.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-default-devel-3.0.101-108.71.1.i586", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-default-devel-3.0.101-108.71.1.ia64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-default-devel-3.0.101-108.71.1.ppc64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-default-devel-3.0.101-108.71.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-default-devel-3.0.101-108.71.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-default-man-3.0.101-108.71.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-ec2-3.0.101-108.71.1.i586", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-ec2-3.0.101-108.71.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-ec2-base-3.0.101-108.71.1.i586", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-ec2-base-3.0.101-108.71.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-ec2-devel-3.0.101-108.71.1.i586", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-ec2-devel-3.0.101-108.71.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-pae-3.0.101-108.71.1.i586", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-pae-base-3.0.101-108.71.1.i586", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-pae-devel-3.0.101-108.71.1.i586", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-ppc64-3.0.101-108.71.1.ppc64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-ppc64-base-3.0.101-108.71.1.ppc64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-ppc64-devel-3.0.101-108.71.1.ppc64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-source-3.0.101-108.71.1.i586", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-source-3.0.101-108.71.1.ia64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-source-3.0.101-108.71.1.ppc64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-source-3.0.101-108.71.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-source-3.0.101-108.71.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-syms-3.0.101-108.71.1.i586", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-syms-3.0.101-108.71.1.ia64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-syms-3.0.101-108.71.1.ppc64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-syms-3.0.101-108.71.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-syms-3.0.101-108.71.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-trace-3.0.101-108.71.1.i586", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-trace-3.0.101-108.71.1.ia64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-trace-3.0.101-108.71.1.ppc64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-trace-3.0.101-108.71.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-trace-3.0.101-108.71.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-trace-base-3.0.101-108.71.1.i586", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-trace-base-3.0.101-108.71.1.ia64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-trace-base-3.0.101-108.71.1.ppc64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-trace-base-3.0.101-108.71.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-trace-base-3.0.101-108.71.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-trace-devel-3.0.101-108.71.1.i586", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-trace-devel-3.0.101-108.71.1.ia64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-trace-devel-3.0.101-108.71.1.ppc64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-trace-devel-3.0.101-108.71.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-trace-devel-3.0.101-108.71.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-xen-3.0.101-108.71.1.i586", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-xen-3.0.101-108.71.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-xen-base-3.0.101-108.71.1.i586", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-xen-base-3.0.101-108.71.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-xen-devel-3.0.101-108.71.1.i586", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-xen-devel-3.0.101-108.71.1.x86_64", "SUSE Linux Enterprise Software Development Kit 11 SP4:kernel-docs-3.0.101-108.71.1.noarch", ], }, ], threats: [ { category: "impact", date: "2018-09-26T12:53:30Z", details: "low", }, ], title: "CVE-2018-12896", }, { cve: "CVE-2018-14617", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2018-14617", }, ], notes: [ { category: "general", text: "An issue was discovered in the Linux kernel through 4.17.10. There is a NULL pointer dereference and panic in hfsplus_lookup() in fs/hfsplus/dir.c when opening a file (that is purportedly a hard link) in an hfs+ filesystem that has malformed catalog data, and is mounted read-only without a metadata directory.", title: "CVE description", }, ], product_status: { recommended: [ "SUSE Linux Enterprise Server 11 SP4:kernel-bigmem-3.0.101-108.71.1.ppc64", "SUSE Linux Enterprise Server 11 SP4:kernel-bigmem-base-3.0.101-108.71.1.ppc64", "SUSE Linux Enterprise Server 11 SP4:kernel-bigmem-devel-3.0.101-108.71.1.ppc64", "SUSE Linux Enterprise Server 11 SP4:kernel-default-3.0.101-108.71.1.i586", "SUSE Linux Enterprise Server 11 SP4:kernel-default-3.0.101-108.71.1.ia64", "SUSE Linux Enterprise Server 11 SP4:kernel-default-3.0.101-108.71.1.ppc64", "SUSE Linux Enterprise Server 11 SP4:kernel-default-3.0.101-108.71.1.s390x", "SUSE Linux Enterprise Server 11 SP4:kernel-default-3.0.101-108.71.1.x86_64", "SUSE Linux Enterprise Server 11 SP4:kernel-default-base-3.0.101-108.71.1.i586", "SUSE Linux Enterprise Server 11 SP4:kernel-default-base-3.0.101-108.71.1.ia64", "SUSE Linux Enterprise Server 11 SP4:kernel-default-base-3.0.101-108.71.1.ppc64", "SUSE Linux Enterprise Server 11 SP4:kernel-default-base-3.0.101-108.71.1.s390x", "SUSE Linux Enterprise Server 11 SP4:kernel-default-base-3.0.101-108.71.1.x86_64", "SUSE Linux Enterprise Server 11 SP4:kernel-default-devel-3.0.101-108.71.1.i586", "SUSE Linux Enterprise Server 11 SP4:kernel-default-devel-3.0.101-108.71.1.ia64", "SUSE Linux Enterprise Server 11 SP4:kernel-default-devel-3.0.101-108.71.1.ppc64", "SUSE Linux Enterprise Server 11 SP4:kernel-default-devel-3.0.101-108.71.1.s390x", "SUSE Linux Enterprise Server 11 SP4:kernel-default-devel-3.0.101-108.71.1.x86_64", "SUSE Linux Enterprise Server 11 SP4:kernel-default-man-3.0.101-108.71.1.s390x", "SUSE Linux Enterprise Server 11 SP4:kernel-ec2-3.0.101-108.71.1.i586", "SUSE Linux Enterprise Server 11 SP4:kernel-ec2-3.0.101-108.71.1.x86_64", "SUSE Linux Enterprise Server 11 SP4:kernel-ec2-base-3.0.101-108.71.1.i586", "SUSE Linux Enterprise Server 11 SP4:kernel-ec2-base-3.0.101-108.71.1.x86_64", "SUSE Linux Enterprise Server 11 SP4:kernel-ec2-devel-3.0.101-108.71.1.i586", "SUSE Linux Enterprise Server 11 SP4:kernel-ec2-devel-3.0.101-108.71.1.x86_64", "SUSE Linux Enterprise Server 11 SP4:kernel-pae-3.0.101-108.71.1.i586", "SUSE Linux Enterprise Server 11 SP4:kernel-pae-base-3.0.101-108.71.1.i586", "SUSE Linux Enterprise Server 11 SP4:kernel-pae-devel-3.0.101-108.71.1.i586", "SUSE Linux Enterprise Server 11 SP4:kernel-ppc64-3.0.101-108.71.1.ppc64", "SUSE Linux Enterprise Server 11 SP4:kernel-ppc64-base-3.0.101-108.71.1.ppc64", "SUSE Linux Enterprise Server 11 SP4:kernel-ppc64-devel-3.0.101-108.71.1.ppc64", "SUSE Linux Enterprise Server 11 SP4:kernel-source-3.0.101-108.71.1.i586", "SUSE Linux Enterprise Server 11 SP4:kernel-source-3.0.101-108.71.1.ia64", "SUSE Linux Enterprise Server 11 SP4:kernel-source-3.0.101-108.71.1.ppc64", "SUSE Linux Enterprise Server 11 SP4:kernel-source-3.0.101-108.71.1.s390x", "SUSE Linux Enterprise Server 11 SP4:kernel-source-3.0.101-108.71.1.x86_64", "SUSE Linux Enterprise Server 11 SP4:kernel-syms-3.0.101-108.71.1.i586", "SUSE Linux Enterprise Server 11 SP4:kernel-syms-3.0.101-108.71.1.ia64", "SUSE Linux Enterprise Server 11 SP4:kernel-syms-3.0.101-108.71.1.ppc64", "SUSE Linux Enterprise Server 11 SP4:kernel-syms-3.0.101-108.71.1.s390x", "SUSE Linux Enterprise Server 11 SP4:kernel-syms-3.0.101-108.71.1.x86_64", "SUSE Linux Enterprise Server 11 SP4:kernel-trace-3.0.101-108.71.1.i586", "SUSE Linux Enterprise Server 11 SP4:kernel-trace-3.0.101-108.71.1.ia64", "SUSE Linux Enterprise Server 11 SP4:kernel-trace-3.0.101-108.71.1.ppc64", "SUSE Linux Enterprise Server 11 SP4:kernel-trace-3.0.101-108.71.1.s390x", "SUSE Linux Enterprise Server 11 SP4:kernel-trace-3.0.101-108.71.1.x86_64", "SUSE Linux Enterprise Server 11 SP4:kernel-trace-base-3.0.101-108.71.1.i586", "SUSE Linux Enterprise Server 11 SP4:kernel-trace-base-3.0.101-108.71.1.ia64", "SUSE Linux Enterprise Server 11 SP4:kernel-trace-base-3.0.101-108.71.1.ppc64", "SUSE Linux Enterprise Server 11 SP4:kernel-trace-base-3.0.101-108.71.1.s390x", "SUSE Linux Enterprise Server 11 SP4:kernel-trace-base-3.0.101-108.71.1.x86_64", "SUSE Linux Enterprise Server 11 SP4:kernel-trace-devel-3.0.101-108.71.1.i586", "SUSE Linux Enterprise Server 11 SP4:kernel-trace-devel-3.0.101-108.71.1.ia64", "SUSE Linux Enterprise Server 11 SP4:kernel-trace-devel-3.0.101-108.71.1.ppc64", "SUSE Linux Enterprise Server 11 SP4:kernel-trace-devel-3.0.101-108.71.1.s390x", "SUSE Linux Enterprise Server 11 SP4:kernel-trace-devel-3.0.101-108.71.1.x86_64", "SUSE Linux Enterprise Server 11 SP4:kernel-xen-3.0.101-108.71.1.i586", "SUSE Linux Enterprise Server 11 SP4:kernel-xen-3.0.101-108.71.1.x86_64", "SUSE Linux Enterprise Server 11 SP4:kernel-xen-base-3.0.101-108.71.1.i586", "SUSE Linux Enterprise Server 11 SP4:kernel-xen-base-3.0.101-108.71.1.x86_64", "SUSE Linux Enterprise Server 11 SP4:kernel-xen-devel-3.0.101-108.71.1.i586", "SUSE Linux Enterprise Server 11 SP4:kernel-xen-devel-3.0.101-108.71.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-bigmem-3.0.101-108.71.1.ppc64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-bigmem-base-3.0.101-108.71.1.ppc64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-bigmem-devel-3.0.101-108.71.1.ppc64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-default-3.0.101-108.71.1.i586", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-default-3.0.101-108.71.1.ia64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-default-3.0.101-108.71.1.ppc64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-default-3.0.101-108.71.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-default-3.0.101-108.71.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-default-base-3.0.101-108.71.1.i586", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-default-base-3.0.101-108.71.1.ia64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-default-base-3.0.101-108.71.1.ppc64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-default-base-3.0.101-108.71.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-default-base-3.0.101-108.71.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-default-devel-3.0.101-108.71.1.i586", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-default-devel-3.0.101-108.71.1.ia64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-default-devel-3.0.101-108.71.1.ppc64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-default-devel-3.0.101-108.71.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-default-devel-3.0.101-108.71.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-default-man-3.0.101-108.71.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-ec2-3.0.101-108.71.1.i586", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-ec2-3.0.101-108.71.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-ec2-base-3.0.101-108.71.1.i586", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-ec2-base-3.0.101-108.71.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-ec2-devel-3.0.101-108.71.1.i586", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-ec2-devel-3.0.101-108.71.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-pae-3.0.101-108.71.1.i586", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-pae-base-3.0.101-108.71.1.i586", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-pae-devel-3.0.101-108.71.1.i586", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-ppc64-3.0.101-108.71.1.ppc64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-ppc64-base-3.0.101-108.71.1.ppc64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-ppc64-devel-3.0.101-108.71.1.ppc64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-source-3.0.101-108.71.1.i586", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-source-3.0.101-108.71.1.ia64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-source-3.0.101-108.71.1.ppc64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-source-3.0.101-108.71.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-source-3.0.101-108.71.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-syms-3.0.101-108.71.1.i586", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-syms-3.0.101-108.71.1.ia64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-syms-3.0.101-108.71.1.ppc64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-syms-3.0.101-108.71.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-syms-3.0.101-108.71.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-trace-3.0.101-108.71.1.i586", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-trace-3.0.101-108.71.1.ia64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-trace-3.0.101-108.71.1.ppc64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-trace-3.0.101-108.71.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-trace-3.0.101-108.71.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-trace-base-3.0.101-108.71.1.i586", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-trace-base-3.0.101-108.71.1.ia64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-trace-base-3.0.101-108.71.1.ppc64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-trace-base-3.0.101-108.71.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-trace-base-3.0.101-108.71.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-trace-devel-3.0.101-108.71.1.i586", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-trace-devel-3.0.101-108.71.1.ia64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-trace-devel-3.0.101-108.71.1.ppc64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-trace-devel-3.0.101-108.71.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-trace-devel-3.0.101-108.71.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-xen-3.0.101-108.71.1.i586", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-xen-3.0.101-108.71.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-xen-base-3.0.101-108.71.1.i586", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-xen-base-3.0.101-108.71.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-xen-devel-3.0.101-108.71.1.i586", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-xen-devel-3.0.101-108.71.1.x86_64", "SUSE Linux Enterprise Software Development Kit 11 SP4:kernel-docs-3.0.101-108.71.1.noarch", ], }, references: [ { category: "external", summary: "CVE-2018-14617", url: "https://www.suse.com/security/cve/CVE-2018-14617", }, { category: "external", summary: "SUSE Bug 1102870 for CVE-2018-14617", url: "https://bugzilla.suse.com/1102870", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE Linux Enterprise Server 11 SP4:kernel-bigmem-3.0.101-108.71.1.ppc64", "SUSE Linux Enterprise Server 11 SP4:kernel-bigmem-base-3.0.101-108.71.1.ppc64", "SUSE Linux Enterprise Server 11 SP4:kernel-bigmem-devel-3.0.101-108.71.1.ppc64", "SUSE Linux Enterprise Server 11 SP4:kernel-default-3.0.101-108.71.1.i586", "SUSE Linux Enterprise Server 11 SP4:kernel-default-3.0.101-108.71.1.ia64", "SUSE Linux Enterprise Server 11 SP4:kernel-default-3.0.101-108.71.1.ppc64", "SUSE Linux Enterprise Server 11 SP4:kernel-default-3.0.101-108.71.1.s390x", "SUSE Linux Enterprise Server 11 SP4:kernel-default-3.0.101-108.71.1.x86_64", "SUSE Linux Enterprise Server 11 SP4:kernel-default-base-3.0.101-108.71.1.i586", "SUSE Linux Enterprise Server 11 SP4:kernel-default-base-3.0.101-108.71.1.ia64", "SUSE Linux Enterprise Server 11 SP4:kernel-default-base-3.0.101-108.71.1.ppc64", "SUSE Linux Enterprise Server 11 SP4:kernel-default-base-3.0.101-108.71.1.s390x", "SUSE Linux Enterprise Server 11 SP4:kernel-default-base-3.0.101-108.71.1.x86_64", "SUSE Linux Enterprise Server 11 SP4:kernel-default-devel-3.0.101-108.71.1.i586", "SUSE Linux Enterprise Server 11 SP4:kernel-default-devel-3.0.101-108.71.1.ia64", "SUSE Linux Enterprise Server 11 SP4:kernel-default-devel-3.0.101-108.71.1.ppc64", "SUSE Linux Enterprise Server 11 SP4:kernel-default-devel-3.0.101-108.71.1.s390x", "SUSE Linux Enterprise Server 11 SP4:kernel-default-devel-3.0.101-108.71.1.x86_64", "SUSE Linux Enterprise Server 11 SP4:kernel-default-man-3.0.101-108.71.1.s390x", "SUSE Linux Enterprise Server 11 SP4:kernel-ec2-3.0.101-108.71.1.i586", "SUSE Linux Enterprise Server 11 SP4:kernel-ec2-3.0.101-108.71.1.x86_64", "SUSE Linux Enterprise Server 11 SP4:kernel-ec2-base-3.0.101-108.71.1.i586", "SUSE Linux Enterprise Server 11 SP4:kernel-ec2-base-3.0.101-108.71.1.x86_64", "SUSE Linux Enterprise Server 11 SP4:kernel-ec2-devel-3.0.101-108.71.1.i586", "SUSE Linux Enterprise Server 11 SP4:kernel-ec2-devel-3.0.101-108.71.1.x86_64", "SUSE Linux Enterprise Server 11 SP4:kernel-pae-3.0.101-108.71.1.i586", "SUSE Linux Enterprise Server 11 SP4:kernel-pae-base-3.0.101-108.71.1.i586", "SUSE Linux Enterprise Server 11 SP4:kernel-pae-devel-3.0.101-108.71.1.i586", "SUSE Linux Enterprise Server 11 SP4:kernel-ppc64-3.0.101-108.71.1.ppc64", "SUSE Linux Enterprise Server 11 SP4:kernel-ppc64-base-3.0.101-108.71.1.ppc64", "SUSE Linux Enterprise Server 11 SP4:kernel-ppc64-devel-3.0.101-108.71.1.ppc64", "SUSE Linux Enterprise Server 11 SP4:kernel-source-3.0.101-108.71.1.i586", "SUSE Linux Enterprise Server 11 SP4:kernel-source-3.0.101-108.71.1.ia64", "SUSE Linux Enterprise Server 11 SP4:kernel-source-3.0.101-108.71.1.ppc64", "SUSE Linux Enterprise Server 11 SP4:kernel-source-3.0.101-108.71.1.s390x", "SUSE Linux Enterprise Server 11 SP4:kernel-source-3.0.101-108.71.1.x86_64", "SUSE Linux Enterprise Server 11 SP4:kernel-syms-3.0.101-108.71.1.i586", "SUSE Linux Enterprise Server 11 SP4:kernel-syms-3.0.101-108.71.1.ia64", "SUSE Linux Enterprise Server 11 SP4:kernel-syms-3.0.101-108.71.1.ppc64", "SUSE Linux Enterprise Server 11 SP4:kernel-syms-3.0.101-108.71.1.s390x", "SUSE Linux Enterprise Server 11 SP4:kernel-syms-3.0.101-108.71.1.x86_64", "SUSE Linux Enterprise Server 11 SP4:kernel-trace-3.0.101-108.71.1.i586", "SUSE Linux Enterprise Server 11 SP4:kernel-trace-3.0.101-108.71.1.ia64", "SUSE Linux Enterprise Server 11 SP4:kernel-trace-3.0.101-108.71.1.ppc64", "SUSE Linux Enterprise Server 11 SP4:kernel-trace-3.0.101-108.71.1.s390x", "SUSE Linux Enterprise Server 11 SP4:kernel-trace-3.0.101-108.71.1.x86_64", "SUSE Linux Enterprise Server 11 SP4:kernel-trace-base-3.0.101-108.71.1.i586", "SUSE Linux Enterprise Server 11 SP4:kernel-trace-base-3.0.101-108.71.1.ia64", "SUSE Linux Enterprise Server 11 SP4:kernel-trace-base-3.0.101-108.71.1.ppc64", "SUSE Linux Enterprise Server 11 SP4:kernel-trace-base-3.0.101-108.71.1.s390x", "SUSE Linux Enterprise Server 11 SP4:kernel-trace-base-3.0.101-108.71.1.x86_64", "SUSE Linux Enterprise Server 11 SP4:kernel-trace-devel-3.0.101-108.71.1.i586", "SUSE Linux Enterprise Server 11 SP4:kernel-trace-devel-3.0.101-108.71.1.ia64", "SUSE Linux Enterprise Server 11 SP4:kernel-trace-devel-3.0.101-108.71.1.ppc64", "SUSE Linux Enterprise Server 11 SP4:kernel-trace-devel-3.0.101-108.71.1.s390x", "SUSE Linux Enterprise Server 11 SP4:kernel-trace-devel-3.0.101-108.71.1.x86_64", "SUSE Linux Enterprise Server 11 SP4:kernel-xen-3.0.101-108.71.1.i586", "SUSE Linux Enterprise Server 11 SP4:kernel-xen-3.0.101-108.71.1.x86_64", "SUSE Linux Enterprise Server 11 SP4:kernel-xen-base-3.0.101-108.71.1.i586", "SUSE Linux Enterprise Server 11 SP4:kernel-xen-base-3.0.101-108.71.1.x86_64", "SUSE Linux Enterprise Server 11 SP4:kernel-xen-devel-3.0.101-108.71.1.i586", "SUSE Linux Enterprise Server 11 SP4:kernel-xen-devel-3.0.101-108.71.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-bigmem-3.0.101-108.71.1.ppc64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-bigmem-base-3.0.101-108.71.1.ppc64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-bigmem-devel-3.0.101-108.71.1.ppc64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-default-3.0.101-108.71.1.i586", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-default-3.0.101-108.71.1.ia64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-default-3.0.101-108.71.1.ppc64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-default-3.0.101-108.71.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-default-3.0.101-108.71.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-default-base-3.0.101-108.71.1.i586", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-default-base-3.0.101-108.71.1.ia64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-default-base-3.0.101-108.71.1.ppc64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-default-base-3.0.101-108.71.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-default-base-3.0.101-108.71.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-default-devel-3.0.101-108.71.1.i586", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-default-devel-3.0.101-108.71.1.ia64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-default-devel-3.0.101-108.71.1.ppc64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-default-devel-3.0.101-108.71.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-default-devel-3.0.101-108.71.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-default-man-3.0.101-108.71.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-ec2-3.0.101-108.71.1.i586", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-ec2-3.0.101-108.71.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-ec2-base-3.0.101-108.71.1.i586", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-ec2-base-3.0.101-108.71.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-ec2-devel-3.0.101-108.71.1.i586", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-ec2-devel-3.0.101-108.71.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-pae-3.0.101-108.71.1.i586", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-pae-base-3.0.101-108.71.1.i586", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-pae-devel-3.0.101-108.71.1.i586", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-ppc64-3.0.101-108.71.1.ppc64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-ppc64-base-3.0.101-108.71.1.ppc64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-ppc64-devel-3.0.101-108.71.1.ppc64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-source-3.0.101-108.71.1.i586", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-source-3.0.101-108.71.1.ia64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-source-3.0.101-108.71.1.ppc64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-source-3.0.101-108.71.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-source-3.0.101-108.71.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-syms-3.0.101-108.71.1.i586", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-syms-3.0.101-108.71.1.ia64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-syms-3.0.101-108.71.1.ppc64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-syms-3.0.101-108.71.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-syms-3.0.101-108.71.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-trace-3.0.101-108.71.1.i586", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-trace-3.0.101-108.71.1.ia64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-trace-3.0.101-108.71.1.ppc64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-trace-3.0.101-108.71.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-trace-3.0.101-108.71.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-trace-base-3.0.101-108.71.1.i586", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-trace-base-3.0.101-108.71.1.ia64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-trace-base-3.0.101-108.71.1.ppc64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-trace-base-3.0.101-108.71.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-trace-base-3.0.101-108.71.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-trace-devel-3.0.101-108.71.1.i586", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-trace-devel-3.0.101-108.71.1.ia64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-trace-devel-3.0.101-108.71.1.ppc64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-trace-devel-3.0.101-108.71.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-trace-devel-3.0.101-108.71.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-xen-3.0.101-108.71.1.i586", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-xen-3.0.101-108.71.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-xen-base-3.0.101-108.71.1.i586", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-xen-base-3.0.101-108.71.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-xen-devel-3.0.101-108.71.1.i586", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-xen-devel-3.0.101-108.71.1.x86_64", "SUSE Linux Enterprise Software Development Kit 11 SP4:kernel-docs-3.0.101-108.71.1.noarch", ], }, ], scores: [ { cvss_v3: { baseScore: 5.5, baseSeverity: "MEDIUM", vectorString: "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", version: "3.0", }, products: [ "SUSE Linux Enterprise Server 11 SP4:kernel-bigmem-3.0.101-108.71.1.ppc64", "SUSE Linux Enterprise Server 11 SP4:kernel-bigmem-base-3.0.101-108.71.1.ppc64", "SUSE Linux Enterprise Server 11 SP4:kernel-bigmem-devel-3.0.101-108.71.1.ppc64", "SUSE Linux Enterprise Server 11 SP4:kernel-default-3.0.101-108.71.1.i586", "SUSE Linux Enterprise Server 11 SP4:kernel-default-3.0.101-108.71.1.ia64", "SUSE Linux Enterprise Server 11 SP4:kernel-default-3.0.101-108.71.1.ppc64", "SUSE Linux Enterprise Server 11 SP4:kernel-default-3.0.101-108.71.1.s390x", "SUSE Linux Enterprise Server 11 SP4:kernel-default-3.0.101-108.71.1.x86_64", "SUSE Linux Enterprise Server 11 SP4:kernel-default-base-3.0.101-108.71.1.i586", "SUSE Linux Enterprise Server 11 SP4:kernel-default-base-3.0.101-108.71.1.ia64", "SUSE Linux Enterprise Server 11 SP4:kernel-default-base-3.0.101-108.71.1.ppc64", "SUSE Linux Enterprise Server 11 SP4:kernel-default-base-3.0.101-108.71.1.s390x", "SUSE Linux Enterprise Server 11 SP4:kernel-default-base-3.0.101-108.71.1.x86_64", "SUSE Linux Enterprise Server 11 SP4:kernel-default-devel-3.0.101-108.71.1.i586", "SUSE Linux Enterprise Server 11 SP4:kernel-default-devel-3.0.101-108.71.1.ia64", "SUSE Linux Enterprise Server 11 SP4:kernel-default-devel-3.0.101-108.71.1.ppc64", "SUSE Linux Enterprise Server 11 SP4:kernel-default-devel-3.0.101-108.71.1.s390x", "SUSE Linux Enterprise Server 11 SP4:kernel-default-devel-3.0.101-108.71.1.x86_64", "SUSE Linux Enterprise Server 11 SP4:kernel-default-man-3.0.101-108.71.1.s390x", "SUSE Linux Enterprise Server 11 SP4:kernel-ec2-3.0.101-108.71.1.i586", "SUSE Linux Enterprise Server 11 SP4:kernel-ec2-3.0.101-108.71.1.x86_64", "SUSE Linux Enterprise Server 11 SP4:kernel-ec2-base-3.0.101-108.71.1.i586", "SUSE Linux Enterprise Server 11 SP4:kernel-ec2-base-3.0.101-108.71.1.x86_64", "SUSE Linux Enterprise Server 11 SP4:kernel-ec2-devel-3.0.101-108.71.1.i586", "SUSE Linux Enterprise Server 11 SP4:kernel-ec2-devel-3.0.101-108.71.1.x86_64", "SUSE Linux Enterprise Server 11 SP4:kernel-pae-3.0.101-108.71.1.i586", "SUSE Linux Enterprise Server 11 SP4:kernel-pae-base-3.0.101-108.71.1.i586", "SUSE Linux Enterprise Server 11 SP4:kernel-pae-devel-3.0.101-108.71.1.i586", "SUSE Linux Enterprise Server 11 SP4:kernel-ppc64-3.0.101-108.71.1.ppc64", "SUSE Linux Enterprise Server 11 SP4:kernel-ppc64-base-3.0.101-108.71.1.ppc64", "SUSE Linux Enterprise Server 11 SP4:kernel-ppc64-devel-3.0.101-108.71.1.ppc64", "SUSE Linux Enterprise Server 11 SP4:kernel-source-3.0.101-108.71.1.i586", "SUSE Linux Enterprise Server 11 SP4:kernel-source-3.0.101-108.71.1.ia64", "SUSE Linux Enterprise Server 11 SP4:kernel-source-3.0.101-108.71.1.ppc64", "SUSE Linux Enterprise Server 11 SP4:kernel-source-3.0.101-108.71.1.s390x", "SUSE Linux Enterprise Server 11 SP4:kernel-source-3.0.101-108.71.1.x86_64", "SUSE Linux Enterprise Server 11 SP4:kernel-syms-3.0.101-108.71.1.i586", "SUSE Linux Enterprise Server 11 SP4:kernel-syms-3.0.101-108.71.1.ia64", "SUSE Linux Enterprise Server 11 SP4:kernel-syms-3.0.101-108.71.1.ppc64", "SUSE Linux Enterprise Server 11 SP4:kernel-syms-3.0.101-108.71.1.s390x", "SUSE Linux Enterprise Server 11 SP4:kernel-syms-3.0.101-108.71.1.x86_64", "SUSE Linux Enterprise Server 11 SP4:kernel-trace-3.0.101-108.71.1.i586", "SUSE Linux Enterprise Server 11 SP4:kernel-trace-3.0.101-108.71.1.ia64", "SUSE Linux Enterprise Server 11 SP4:kernel-trace-3.0.101-108.71.1.ppc64", "SUSE Linux Enterprise Server 11 SP4:kernel-trace-3.0.101-108.71.1.s390x", "SUSE Linux Enterprise Server 11 SP4:kernel-trace-3.0.101-108.71.1.x86_64", "SUSE Linux Enterprise Server 11 SP4:kernel-trace-base-3.0.101-108.71.1.i586", "SUSE Linux Enterprise Server 11 SP4:kernel-trace-base-3.0.101-108.71.1.ia64", "SUSE Linux Enterprise Server 11 SP4:kernel-trace-base-3.0.101-108.71.1.ppc64", "SUSE Linux Enterprise Server 11 SP4:kernel-trace-base-3.0.101-108.71.1.s390x", "SUSE Linux Enterprise Server 11 SP4:kernel-trace-base-3.0.101-108.71.1.x86_64", "SUSE Linux Enterprise Server 11 SP4:kernel-trace-devel-3.0.101-108.71.1.i586", "SUSE Linux Enterprise Server 11 SP4:kernel-trace-devel-3.0.101-108.71.1.ia64", "SUSE Linux Enterprise Server 11 SP4:kernel-trace-devel-3.0.101-108.71.1.ppc64", "SUSE Linux Enterprise Server 11 SP4:kernel-trace-devel-3.0.101-108.71.1.s390x", "SUSE Linux Enterprise Server 11 SP4:kernel-trace-devel-3.0.101-108.71.1.x86_64", "SUSE Linux Enterprise Server 11 SP4:kernel-xen-3.0.101-108.71.1.i586", "SUSE Linux Enterprise Server 11 SP4:kernel-xen-3.0.101-108.71.1.x86_64", "SUSE Linux Enterprise Server 11 SP4:kernel-xen-base-3.0.101-108.71.1.i586", "SUSE Linux Enterprise Server 11 SP4:kernel-xen-base-3.0.101-108.71.1.x86_64", "SUSE Linux Enterprise Server 11 SP4:kernel-xen-devel-3.0.101-108.71.1.i586", "SUSE Linux Enterprise Server 11 SP4:kernel-xen-devel-3.0.101-108.71.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-bigmem-3.0.101-108.71.1.ppc64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-bigmem-base-3.0.101-108.71.1.ppc64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-bigmem-devel-3.0.101-108.71.1.ppc64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-default-3.0.101-108.71.1.i586", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-default-3.0.101-108.71.1.ia64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-default-3.0.101-108.71.1.ppc64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-default-3.0.101-108.71.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-default-3.0.101-108.71.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-default-base-3.0.101-108.71.1.i586", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-default-base-3.0.101-108.71.1.ia64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-default-base-3.0.101-108.71.1.ppc64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-default-base-3.0.101-108.71.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-default-base-3.0.101-108.71.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-default-devel-3.0.101-108.71.1.i586", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-default-devel-3.0.101-108.71.1.ia64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-default-devel-3.0.101-108.71.1.ppc64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-default-devel-3.0.101-108.71.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-default-devel-3.0.101-108.71.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-default-man-3.0.101-108.71.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-ec2-3.0.101-108.71.1.i586", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-ec2-3.0.101-108.71.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-ec2-base-3.0.101-108.71.1.i586", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-ec2-base-3.0.101-108.71.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-ec2-devel-3.0.101-108.71.1.i586", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-ec2-devel-3.0.101-108.71.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-pae-3.0.101-108.71.1.i586", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-pae-base-3.0.101-108.71.1.i586", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-pae-devel-3.0.101-108.71.1.i586", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-ppc64-3.0.101-108.71.1.ppc64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-ppc64-base-3.0.101-108.71.1.ppc64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-ppc64-devel-3.0.101-108.71.1.ppc64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-source-3.0.101-108.71.1.i586", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-source-3.0.101-108.71.1.ia64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-source-3.0.101-108.71.1.ppc64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-source-3.0.101-108.71.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-source-3.0.101-108.71.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-syms-3.0.101-108.71.1.i586", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-syms-3.0.101-108.71.1.ia64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-syms-3.0.101-108.71.1.ppc64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-syms-3.0.101-108.71.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-syms-3.0.101-108.71.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-trace-3.0.101-108.71.1.i586", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-trace-3.0.101-108.71.1.ia64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-trace-3.0.101-108.71.1.ppc64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-trace-3.0.101-108.71.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-trace-3.0.101-108.71.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-trace-base-3.0.101-108.71.1.i586", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-trace-base-3.0.101-108.71.1.ia64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-trace-base-3.0.101-108.71.1.ppc64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-trace-base-3.0.101-108.71.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-trace-base-3.0.101-108.71.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-trace-devel-3.0.101-108.71.1.i586", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-trace-devel-3.0.101-108.71.1.ia64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-trace-devel-3.0.101-108.71.1.ppc64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-trace-devel-3.0.101-108.71.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-trace-devel-3.0.101-108.71.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-xen-3.0.101-108.71.1.i586", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-xen-3.0.101-108.71.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-xen-base-3.0.101-108.71.1.i586", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-xen-base-3.0.101-108.71.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-xen-devel-3.0.101-108.71.1.i586", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-xen-devel-3.0.101-108.71.1.x86_64", "SUSE Linux Enterprise Software Development Kit 11 SP4:kernel-docs-3.0.101-108.71.1.noarch", ], }, ], threats: [ { category: "impact", date: "2018-09-26T12:53:30Z", details: "moderate", }, ], title: "CVE-2018-14617", }, { cve: "CVE-2018-14634", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2018-14634", }, ], notes: [ { category: "general", text: "An integer overflow flaw was found in the Linux kernel's create_elf_tables() function. An unprivileged local user with access to SUID (or otherwise privileged) binary could use this flaw to escalate their privileges on the system. Kernel versions 2.6.x, 3.10.x and 4.14.x are believed to be vulnerable.", title: "CVE description", }, ], product_status: { recommended: [ "SUSE Linux Enterprise Server 11 SP4:kernel-bigmem-3.0.101-108.71.1.ppc64", "SUSE Linux Enterprise Server 11 SP4:kernel-bigmem-base-3.0.101-108.71.1.ppc64", "SUSE Linux Enterprise Server 11 SP4:kernel-bigmem-devel-3.0.101-108.71.1.ppc64", "SUSE Linux Enterprise Server 11 SP4:kernel-default-3.0.101-108.71.1.i586", "SUSE Linux Enterprise Server 11 SP4:kernel-default-3.0.101-108.71.1.ia64", "SUSE Linux Enterprise Server 11 SP4:kernel-default-3.0.101-108.71.1.ppc64", "SUSE Linux Enterprise Server 11 SP4:kernel-default-3.0.101-108.71.1.s390x", "SUSE Linux Enterprise Server 11 SP4:kernel-default-3.0.101-108.71.1.x86_64", "SUSE Linux Enterprise Server 11 SP4:kernel-default-base-3.0.101-108.71.1.i586", "SUSE Linux Enterprise Server 11 SP4:kernel-default-base-3.0.101-108.71.1.ia64", "SUSE Linux Enterprise Server 11 SP4:kernel-default-base-3.0.101-108.71.1.ppc64", "SUSE Linux Enterprise Server 11 SP4:kernel-default-base-3.0.101-108.71.1.s390x", "SUSE Linux Enterprise Server 11 SP4:kernel-default-base-3.0.101-108.71.1.x86_64", "SUSE Linux Enterprise Server 11 SP4:kernel-default-devel-3.0.101-108.71.1.i586", "SUSE Linux Enterprise Server 11 SP4:kernel-default-devel-3.0.101-108.71.1.ia64", "SUSE Linux Enterprise Server 11 SP4:kernel-default-devel-3.0.101-108.71.1.ppc64", "SUSE Linux Enterprise Server 11 SP4:kernel-default-devel-3.0.101-108.71.1.s390x", "SUSE Linux Enterprise Server 11 SP4:kernel-default-devel-3.0.101-108.71.1.x86_64", "SUSE Linux Enterprise Server 11 SP4:kernel-default-man-3.0.101-108.71.1.s390x", "SUSE Linux Enterprise Server 11 SP4:kernel-ec2-3.0.101-108.71.1.i586", "SUSE Linux Enterprise Server 11 SP4:kernel-ec2-3.0.101-108.71.1.x86_64", "SUSE Linux Enterprise Server 11 SP4:kernel-ec2-base-3.0.101-108.71.1.i586", "SUSE Linux Enterprise Server 11 SP4:kernel-ec2-base-3.0.101-108.71.1.x86_64", "SUSE Linux Enterprise Server 11 SP4:kernel-ec2-devel-3.0.101-108.71.1.i586", "SUSE Linux Enterprise Server 11 SP4:kernel-ec2-devel-3.0.101-108.71.1.x86_64", "SUSE Linux Enterprise Server 11 SP4:kernel-pae-3.0.101-108.71.1.i586", "SUSE Linux Enterprise Server 11 SP4:kernel-pae-base-3.0.101-108.71.1.i586", "SUSE Linux Enterprise Server 11 SP4:kernel-pae-devel-3.0.101-108.71.1.i586", "SUSE Linux Enterprise Server 11 SP4:kernel-ppc64-3.0.101-108.71.1.ppc64", "SUSE Linux Enterprise Server 11 SP4:kernel-ppc64-base-3.0.101-108.71.1.ppc64", "SUSE Linux Enterprise Server 11 SP4:kernel-ppc64-devel-3.0.101-108.71.1.ppc64", "SUSE Linux Enterprise Server 11 SP4:kernel-source-3.0.101-108.71.1.i586", "SUSE Linux Enterprise Server 11 SP4:kernel-source-3.0.101-108.71.1.ia64", "SUSE Linux Enterprise Server 11 SP4:kernel-source-3.0.101-108.71.1.ppc64", "SUSE Linux Enterprise Server 11 SP4:kernel-source-3.0.101-108.71.1.s390x", "SUSE Linux Enterprise Server 11 SP4:kernel-source-3.0.101-108.71.1.x86_64", "SUSE Linux Enterprise Server 11 SP4:kernel-syms-3.0.101-108.71.1.i586", "SUSE Linux Enterprise Server 11 SP4:kernel-syms-3.0.101-108.71.1.ia64", "SUSE Linux Enterprise Server 11 SP4:kernel-syms-3.0.101-108.71.1.ppc64", "SUSE Linux Enterprise Server 11 SP4:kernel-syms-3.0.101-108.71.1.s390x", "SUSE Linux Enterprise Server 11 SP4:kernel-syms-3.0.101-108.71.1.x86_64", "SUSE Linux Enterprise Server 11 SP4:kernel-trace-3.0.101-108.71.1.i586", "SUSE Linux Enterprise Server 11 SP4:kernel-trace-3.0.101-108.71.1.ia64", "SUSE Linux Enterprise Server 11 SP4:kernel-trace-3.0.101-108.71.1.ppc64", "SUSE Linux Enterprise Server 11 SP4:kernel-trace-3.0.101-108.71.1.s390x", "SUSE Linux Enterprise Server 11 SP4:kernel-trace-3.0.101-108.71.1.x86_64", "SUSE Linux Enterprise Server 11 SP4:kernel-trace-base-3.0.101-108.71.1.i586", "SUSE Linux Enterprise Server 11 SP4:kernel-trace-base-3.0.101-108.71.1.ia64", "SUSE Linux Enterprise Server 11 SP4:kernel-trace-base-3.0.101-108.71.1.ppc64", "SUSE Linux Enterprise Server 11 SP4:kernel-trace-base-3.0.101-108.71.1.s390x", "SUSE Linux Enterprise Server 11 SP4:kernel-trace-base-3.0.101-108.71.1.x86_64", "SUSE Linux Enterprise Server 11 SP4:kernel-trace-devel-3.0.101-108.71.1.i586", "SUSE Linux Enterprise Server 11 SP4:kernel-trace-devel-3.0.101-108.71.1.ia64", "SUSE Linux Enterprise Server 11 SP4:kernel-trace-devel-3.0.101-108.71.1.ppc64", "SUSE Linux Enterprise Server 11 SP4:kernel-trace-devel-3.0.101-108.71.1.s390x", "SUSE Linux Enterprise Server 11 SP4:kernel-trace-devel-3.0.101-108.71.1.x86_64", "SUSE Linux Enterprise Server 11 SP4:kernel-xen-3.0.101-108.71.1.i586", "SUSE Linux Enterprise Server 11 SP4:kernel-xen-3.0.101-108.71.1.x86_64", "SUSE Linux Enterprise Server 11 SP4:kernel-xen-base-3.0.101-108.71.1.i586", "SUSE Linux Enterprise Server 11 SP4:kernel-xen-base-3.0.101-108.71.1.x86_64", "SUSE Linux Enterprise Server 11 SP4:kernel-xen-devel-3.0.101-108.71.1.i586", "SUSE Linux Enterprise Server 11 SP4:kernel-xen-devel-3.0.101-108.71.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-bigmem-3.0.101-108.71.1.ppc64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-bigmem-base-3.0.101-108.71.1.ppc64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-bigmem-devel-3.0.101-108.71.1.ppc64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-default-3.0.101-108.71.1.i586", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-default-3.0.101-108.71.1.ia64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-default-3.0.101-108.71.1.ppc64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-default-3.0.101-108.71.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-default-3.0.101-108.71.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-default-base-3.0.101-108.71.1.i586", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-default-base-3.0.101-108.71.1.ia64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-default-base-3.0.101-108.71.1.ppc64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-default-base-3.0.101-108.71.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-default-base-3.0.101-108.71.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-default-devel-3.0.101-108.71.1.i586", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-default-devel-3.0.101-108.71.1.ia64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-default-devel-3.0.101-108.71.1.ppc64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-default-devel-3.0.101-108.71.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-default-devel-3.0.101-108.71.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-default-man-3.0.101-108.71.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-ec2-3.0.101-108.71.1.i586", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-ec2-3.0.101-108.71.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-ec2-base-3.0.101-108.71.1.i586", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-ec2-base-3.0.101-108.71.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-ec2-devel-3.0.101-108.71.1.i586", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-ec2-devel-3.0.101-108.71.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-pae-3.0.101-108.71.1.i586", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-pae-base-3.0.101-108.71.1.i586", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-pae-devel-3.0.101-108.71.1.i586", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-ppc64-3.0.101-108.71.1.ppc64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-ppc64-base-3.0.101-108.71.1.ppc64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-ppc64-devel-3.0.101-108.71.1.ppc64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-source-3.0.101-108.71.1.i586", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-source-3.0.101-108.71.1.ia64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-source-3.0.101-108.71.1.ppc64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-source-3.0.101-108.71.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-source-3.0.101-108.71.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-syms-3.0.101-108.71.1.i586", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-syms-3.0.101-108.71.1.ia64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-syms-3.0.101-108.71.1.ppc64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-syms-3.0.101-108.71.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-syms-3.0.101-108.71.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-trace-3.0.101-108.71.1.i586", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-trace-3.0.101-108.71.1.ia64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-trace-3.0.101-108.71.1.ppc64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-trace-3.0.101-108.71.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-trace-3.0.101-108.71.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-trace-base-3.0.101-108.71.1.i586", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-trace-base-3.0.101-108.71.1.ia64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-trace-base-3.0.101-108.71.1.ppc64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-trace-base-3.0.101-108.71.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-trace-base-3.0.101-108.71.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-trace-devel-3.0.101-108.71.1.i586", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-trace-devel-3.0.101-108.71.1.ia64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-trace-devel-3.0.101-108.71.1.ppc64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-trace-devel-3.0.101-108.71.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-trace-devel-3.0.101-108.71.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-xen-3.0.101-108.71.1.i586", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-xen-3.0.101-108.71.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-xen-base-3.0.101-108.71.1.i586", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-xen-base-3.0.101-108.71.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-xen-devel-3.0.101-108.71.1.i586", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-xen-devel-3.0.101-108.71.1.x86_64", "SUSE Linux Enterprise Software Development Kit 11 SP4:kernel-docs-3.0.101-108.71.1.noarch", ], }, references: [ { category: "external", summary: "CVE-2018-14634", url: "https://www.suse.com/security/cve/CVE-2018-14634", }, { category: "external", summary: "SUSE Bug 1108912 for CVE-2018-14634", url: "https://bugzilla.suse.com/1108912", }, { category: "external", summary: "SUSE Bug 1108963 for CVE-2018-14634", url: "https://bugzilla.suse.com/1108963", }, { category: "external", summary: "SUSE Bug 1115893 for CVE-2018-14634", url: "https://bugzilla.suse.com/1115893", }, { category: "external", summary: "SUSE Bug 1120323 for CVE-2018-14634", url: "https://bugzilla.suse.com/1120323", }, { category: "external", summary: "SUSE Bug 1122265 for CVE-2018-14634", url: "https://bugzilla.suse.com/1122265", }, { category: "external", summary: "SUSE Bug 1188063 for CVE-2018-14634", url: "https://bugzilla.suse.com/1188063", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE Linux Enterprise Server 11 SP4:kernel-bigmem-3.0.101-108.71.1.ppc64", "SUSE Linux Enterprise Server 11 SP4:kernel-bigmem-base-3.0.101-108.71.1.ppc64", "SUSE Linux Enterprise Server 11 SP4:kernel-bigmem-devel-3.0.101-108.71.1.ppc64", "SUSE Linux Enterprise Server 11 SP4:kernel-default-3.0.101-108.71.1.i586", "SUSE Linux Enterprise Server 11 SP4:kernel-default-3.0.101-108.71.1.ia64", "SUSE Linux Enterprise Server 11 SP4:kernel-default-3.0.101-108.71.1.ppc64", "SUSE Linux Enterprise Server 11 SP4:kernel-default-3.0.101-108.71.1.s390x", "SUSE Linux Enterprise Server 11 SP4:kernel-default-3.0.101-108.71.1.x86_64", "SUSE Linux Enterprise Server 11 SP4:kernel-default-base-3.0.101-108.71.1.i586", "SUSE Linux Enterprise Server 11 SP4:kernel-default-base-3.0.101-108.71.1.ia64", "SUSE Linux Enterprise Server 11 SP4:kernel-default-base-3.0.101-108.71.1.ppc64", "SUSE Linux Enterprise Server 11 SP4:kernel-default-base-3.0.101-108.71.1.s390x", "SUSE Linux Enterprise Server 11 SP4:kernel-default-base-3.0.101-108.71.1.x86_64", "SUSE Linux Enterprise Server 11 SP4:kernel-default-devel-3.0.101-108.71.1.i586", "SUSE Linux Enterprise Server 11 SP4:kernel-default-devel-3.0.101-108.71.1.ia64", "SUSE Linux Enterprise Server 11 SP4:kernel-default-devel-3.0.101-108.71.1.ppc64", "SUSE Linux Enterprise Server 11 SP4:kernel-default-devel-3.0.101-108.71.1.s390x", "SUSE Linux Enterprise Server 11 SP4:kernel-default-devel-3.0.101-108.71.1.x86_64", "SUSE Linux Enterprise Server 11 SP4:kernel-default-man-3.0.101-108.71.1.s390x", "SUSE Linux Enterprise Server 11 SP4:kernel-ec2-3.0.101-108.71.1.i586", "SUSE Linux Enterprise Server 11 SP4:kernel-ec2-3.0.101-108.71.1.x86_64", "SUSE Linux Enterprise Server 11 SP4:kernel-ec2-base-3.0.101-108.71.1.i586", "SUSE Linux Enterprise Server 11 SP4:kernel-ec2-base-3.0.101-108.71.1.x86_64", "SUSE Linux Enterprise Server 11 SP4:kernel-ec2-devel-3.0.101-108.71.1.i586", "SUSE Linux Enterprise Server 11 SP4:kernel-ec2-devel-3.0.101-108.71.1.x86_64", "SUSE Linux Enterprise Server 11 SP4:kernel-pae-3.0.101-108.71.1.i586", "SUSE Linux Enterprise Server 11 SP4:kernel-pae-base-3.0.101-108.71.1.i586", "SUSE Linux Enterprise Server 11 SP4:kernel-pae-devel-3.0.101-108.71.1.i586", "SUSE Linux Enterprise Server 11 SP4:kernel-ppc64-3.0.101-108.71.1.ppc64", "SUSE Linux Enterprise Server 11 SP4:kernel-ppc64-base-3.0.101-108.71.1.ppc64", "SUSE Linux Enterprise Server 11 SP4:kernel-ppc64-devel-3.0.101-108.71.1.ppc64", "SUSE Linux Enterprise Server 11 SP4:kernel-source-3.0.101-108.71.1.i586", "SUSE Linux Enterprise Server 11 SP4:kernel-source-3.0.101-108.71.1.ia64", "SUSE Linux Enterprise Server 11 SP4:kernel-source-3.0.101-108.71.1.ppc64", "SUSE Linux Enterprise Server 11 SP4:kernel-source-3.0.101-108.71.1.s390x", "SUSE Linux Enterprise Server 11 SP4:kernel-source-3.0.101-108.71.1.x86_64", "SUSE Linux Enterprise Server 11 SP4:kernel-syms-3.0.101-108.71.1.i586", "SUSE Linux Enterprise Server 11 SP4:kernel-syms-3.0.101-108.71.1.ia64", "SUSE Linux Enterprise Server 11 SP4:kernel-syms-3.0.101-108.71.1.ppc64", "SUSE Linux Enterprise Server 11 SP4:kernel-syms-3.0.101-108.71.1.s390x", "SUSE Linux Enterprise Server 11 SP4:kernel-syms-3.0.101-108.71.1.x86_64", "SUSE Linux Enterprise Server 11 SP4:kernel-trace-3.0.101-108.71.1.i586", "SUSE Linux Enterprise Server 11 SP4:kernel-trace-3.0.101-108.71.1.ia64", "SUSE Linux Enterprise Server 11 SP4:kernel-trace-3.0.101-108.71.1.ppc64", "SUSE Linux Enterprise Server 11 SP4:kernel-trace-3.0.101-108.71.1.s390x", "SUSE Linux Enterprise Server 11 SP4:kernel-trace-3.0.101-108.71.1.x86_64", "SUSE Linux Enterprise Server 11 SP4:kernel-trace-base-3.0.101-108.71.1.i586", "SUSE Linux Enterprise Server 11 SP4:kernel-trace-base-3.0.101-108.71.1.ia64", "SUSE Linux Enterprise Server 11 SP4:kernel-trace-base-3.0.101-108.71.1.ppc64", "SUSE Linux Enterprise Server 11 SP4:kernel-trace-base-3.0.101-108.71.1.s390x", "SUSE Linux Enterprise Server 11 SP4:kernel-trace-base-3.0.101-108.71.1.x86_64", "SUSE Linux Enterprise Server 11 SP4:kernel-trace-devel-3.0.101-108.71.1.i586", "SUSE Linux Enterprise Server 11 SP4:kernel-trace-devel-3.0.101-108.71.1.ia64", "SUSE Linux Enterprise Server 11 SP4:kernel-trace-devel-3.0.101-108.71.1.ppc64", "SUSE Linux Enterprise Server 11 SP4:kernel-trace-devel-3.0.101-108.71.1.s390x", "SUSE Linux Enterprise Server 11 SP4:kernel-trace-devel-3.0.101-108.71.1.x86_64", "SUSE Linux Enterprise Server 11 SP4:kernel-xen-3.0.101-108.71.1.i586", "SUSE Linux Enterprise Server 11 SP4:kernel-xen-3.0.101-108.71.1.x86_64", "SUSE Linux Enterprise Server 11 SP4:kernel-xen-base-3.0.101-108.71.1.i586", "SUSE Linux Enterprise Server 11 SP4:kernel-xen-base-3.0.101-108.71.1.x86_64", "SUSE Linux Enterprise Server 11 SP4:kernel-xen-devel-3.0.101-108.71.1.i586", "SUSE Linux Enterprise Server 11 SP4:kernel-xen-devel-3.0.101-108.71.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-bigmem-3.0.101-108.71.1.ppc64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-bigmem-base-3.0.101-108.71.1.ppc64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-bigmem-devel-3.0.101-108.71.1.ppc64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-default-3.0.101-108.71.1.i586", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-default-3.0.101-108.71.1.ia64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-default-3.0.101-108.71.1.ppc64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-default-3.0.101-108.71.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-default-3.0.101-108.71.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-default-base-3.0.101-108.71.1.i586", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-default-base-3.0.101-108.71.1.ia64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-default-base-3.0.101-108.71.1.ppc64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-default-base-3.0.101-108.71.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-default-base-3.0.101-108.71.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-default-devel-3.0.101-108.71.1.i586", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-default-devel-3.0.101-108.71.1.ia64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-default-devel-3.0.101-108.71.1.ppc64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-default-devel-3.0.101-108.71.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-default-devel-3.0.101-108.71.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-default-man-3.0.101-108.71.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-ec2-3.0.101-108.71.1.i586", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-ec2-3.0.101-108.71.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-ec2-base-3.0.101-108.71.1.i586", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-ec2-base-3.0.101-108.71.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-ec2-devel-3.0.101-108.71.1.i586", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-ec2-devel-3.0.101-108.71.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-pae-3.0.101-108.71.1.i586", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-pae-base-3.0.101-108.71.1.i586", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-pae-devel-3.0.101-108.71.1.i586", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-ppc64-3.0.101-108.71.1.ppc64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-ppc64-base-3.0.101-108.71.1.ppc64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-ppc64-devel-3.0.101-108.71.1.ppc64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-source-3.0.101-108.71.1.i586", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-source-3.0.101-108.71.1.ia64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-source-3.0.101-108.71.1.ppc64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-source-3.0.101-108.71.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-source-3.0.101-108.71.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-syms-3.0.101-108.71.1.i586", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-syms-3.0.101-108.71.1.ia64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-syms-3.0.101-108.71.1.ppc64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-syms-3.0.101-108.71.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-syms-3.0.101-108.71.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-trace-3.0.101-108.71.1.i586", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-trace-3.0.101-108.71.1.ia64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-trace-3.0.101-108.71.1.ppc64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-trace-3.0.101-108.71.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-trace-3.0.101-108.71.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-trace-base-3.0.101-108.71.1.i586", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-trace-base-3.0.101-108.71.1.ia64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-trace-base-3.0.101-108.71.1.ppc64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-trace-base-3.0.101-108.71.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-trace-base-3.0.101-108.71.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-trace-devel-3.0.101-108.71.1.i586", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-trace-devel-3.0.101-108.71.1.ia64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-trace-devel-3.0.101-108.71.1.ppc64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-trace-devel-3.0.101-108.71.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-trace-devel-3.0.101-108.71.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-xen-3.0.101-108.71.1.i586", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-xen-3.0.101-108.71.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-xen-base-3.0.101-108.71.1.i586", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-xen-base-3.0.101-108.71.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-xen-devel-3.0.101-108.71.1.i586", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-xen-devel-3.0.101-108.71.1.x86_64", "SUSE Linux Enterprise Software Development Kit 11 SP4:kernel-docs-3.0.101-108.71.1.noarch", ], }, ], scores: [ { cvss_v3: { baseScore: 7.8, baseSeverity: "HIGH", vectorString: "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", version: "3.0", }, products: [ "SUSE Linux Enterprise Server 11 SP4:kernel-bigmem-3.0.101-108.71.1.ppc64", "SUSE Linux Enterprise Server 11 SP4:kernel-bigmem-base-3.0.101-108.71.1.ppc64", "SUSE Linux Enterprise Server 11 SP4:kernel-bigmem-devel-3.0.101-108.71.1.ppc64", "SUSE Linux Enterprise Server 11 SP4:kernel-default-3.0.101-108.71.1.i586", "SUSE Linux Enterprise Server 11 SP4:kernel-default-3.0.101-108.71.1.ia64", "SUSE Linux Enterprise Server 11 SP4:kernel-default-3.0.101-108.71.1.ppc64", "SUSE Linux Enterprise Server 11 SP4:kernel-default-3.0.101-108.71.1.s390x", "SUSE Linux Enterprise Server 11 SP4:kernel-default-3.0.101-108.71.1.x86_64", "SUSE Linux Enterprise Server 11 SP4:kernel-default-base-3.0.101-108.71.1.i586", "SUSE Linux Enterprise Server 11 SP4:kernel-default-base-3.0.101-108.71.1.ia64", "SUSE Linux Enterprise Server 11 SP4:kernel-default-base-3.0.101-108.71.1.ppc64", "SUSE Linux Enterprise Server 11 SP4:kernel-default-base-3.0.101-108.71.1.s390x", "SUSE Linux Enterprise Server 11 SP4:kernel-default-base-3.0.101-108.71.1.x86_64", "SUSE Linux Enterprise Server 11 SP4:kernel-default-devel-3.0.101-108.71.1.i586", "SUSE Linux Enterprise Server 11 SP4:kernel-default-devel-3.0.101-108.71.1.ia64", "SUSE Linux Enterprise Server 11 SP4:kernel-default-devel-3.0.101-108.71.1.ppc64", "SUSE Linux Enterprise Server 11 SP4:kernel-default-devel-3.0.101-108.71.1.s390x", "SUSE Linux Enterprise Server 11 SP4:kernel-default-devel-3.0.101-108.71.1.x86_64", "SUSE Linux Enterprise Server 11 SP4:kernel-default-man-3.0.101-108.71.1.s390x", "SUSE Linux Enterprise Server 11 SP4:kernel-ec2-3.0.101-108.71.1.i586", "SUSE Linux Enterprise Server 11 SP4:kernel-ec2-3.0.101-108.71.1.x86_64", "SUSE Linux Enterprise Server 11 SP4:kernel-ec2-base-3.0.101-108.71.1.i586", "SUSE Linux Enterprise Server 11 SP4:kernel-ec2-base-3.0.101-108.71.1.x86_64", "SUSE Linux Enterprise Server 11 SP4:kernel-ec2-devel-3.0.101-108.71.1.i586", "SUSE Linux Enterprise Server 11 SP4:kernel-ec2-devel-3.0.101-108.71.1.x86_64", "SUSE Linux Enterprise Server 11 SP4:kernel-pae-3.0.101-108.71.1.i586", "SUSE Linux Enterprise Server 11 SP4:kernel-pae-base-3.0.101-108.71.1.i586", "SUSE Linux Enterprise Server 11 SP4:kernel-pae-devel-3.0.101-108.71.1.i586", "SUSE Linux Enterprise Server 11 SP4:kernel-ppc64-3.0.101-108.71.1.ppc64", "SUSE Linux Enterprise Server 11 SP4:kernel-ppc64-base-3.0.101-108.71.1.ppc64", "SUSE Linux Enterprise Server 11 SP4:kernel-ppc64-devel-3.0.101-108.71.1.ppc64", "SUSE Linux Enterprise Server 11 SP4:kernel-source-3.0.101-108.71.1.i586", "SUSE Linux Enterprise Server 11 SP4:kernel-source-3.0.101-108.71.1.ia64", "SUSE Linux Enterprise Server 11 SP4:kernel-source-3.0.101-108.71.1.ppc64", "SUSE Linux Enterprise Server 11 SP4:kernel-source-3.0.101-108.71.1.s390x", "SUSE Linux Enterprise Server 11 SP4:kernel-source-3.0.101-108.71.1.x86_64", "SUSE Linux Enterprise Server 11 SP4:kernel-syms-3.0.101-108.71.1.i586", "SUSE Linux Enterprise Server 11 SP4:kernel-syms-3.0.101-108.71.1.ia64", "SUSE Linux Enterprise Server 11 SP4:kernel-syms-3.0.101-108.71.1.ppc64", "SUSE Linux Enterprise Server 11 SP4:kernel-syms-3.0.101-108.71.1.s390x", "SUSE Linux Enterprise Server 11 SP4:kernel-syms-3.0.101-108.71.1.x86_64", "SUSE Linux Enterprise Server 11 SP4:kernel-trace-3.0.101-108.71.1.i586", "SUSE Linux Enterprise Server 11 SP4:kernel-trace-3.0.101-108.71.1.ia64", "SUSE Linux Enterprise Server 11 SP4:kernel-trace-3.0.101-108.71.1.ppc64", "SUSE Linux Enterprise Server 11 SP4:kernel-trace-3.0.101-108.71.1.s390x", "SUSE Linux Enterprise Server 11 SP4:kernel-trace-3.0.101-108.71.1.x86_64", "SUSE Linux Enterprise Server 11 SP4:kernel-trace-base-3.0.101-108.71.1.i586", "SUSE Linux Enterprise Server 11 SP4:kernel-trace-base-3.0.101-108.71.1.ia64", "SUSE Linux Enterprise Server 11 SP4:kernel-trace-base-3.0.101-108.71.1.ppc64", "SUSE Linux Enterprise Server 11 SP4:kernel-trace-base-3.0.101-108.71.1.s390x", "SUSE Linux Enterprise Server 11 SP4:kernel-trace-base-3.0.101-108.71.1.x86_64", "SUSE Linux Enterprise Server 11 SP4:kernel-trace-devel-3.0.101-108.71.1.i586", "SUSE Linux Enterprise Server 11 SP4:kernel-trace-devel-3.0.101-108.71.1.ia64", "SUSE Linux Enterprise Server 11 SP4:kernel-trace-devel-3.0.101-108.71.1.ppc64", "SUSE Linux Enterprise Server 11 SP4:kernel-trace-devel-3.0.101-108.71.1.s390x", "SUSE Linux Enterprise Server 11 SP4:kernel-trace-devel-3.0.101-108.71.1.x86_64", "SUSE Linux Enterprise Server 11 SP4:kernel-xen-3.0.101-108.71.1.i586", "SUSE Linux Enterprise Server 11 SP4:kernel-xen-3.0.101-108.71.1.x86_64", "SUSE Linux Enterprise Server 11 SP4:kernel-xen-base-3.0.101-108.71.1.i586", "SUSE Linux Enterprise Server 11 SP4:kernel-xen-base-3.0.101-108.71.1.x86_64", "SUSE Linux Enterprise Server 11 SP4:kernel-xen-devel-3.0.101-108.71.1.i586", "SUSE Linux Enterprise Server 11 SP4:kernel-xen-devel-3.0.101-108.71.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-bigmem-3.0.101-108.71.1.ppc64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-bigmem-base-3.0.101-108.71.1.ppc64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-bigmem-devel-3.0.101-108.71.1.ppc64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-default-3.0.101-108.71.1.i586", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-default-3.0.101-108.71.1.ia64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-default-3.0.101-108.71.1.ppc64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-default-3.0.101-108.71.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-default-3.0.101-108.71.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-default-base-3.0.101-108.71.1.i586", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-default-base-3.0.101-108.71.1.ia64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-default-base-3.0.101-108.71.1.ppc64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-default-base-3.0.101-108.71.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-default-base-3.0.101-108.71.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-default-devel-3.0.101-108.71.1.i586", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-default-devel-3.0.101-108.71.1.ia64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-default-devel-3.0.101-108.71.1.ppc64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-default-devel-3.0.101-108.71.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-default-devel-3.0.101-108.71.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-default-man-3.0.101-108.71.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-ec2-3.0.101-108.71.1.i586", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-ec2-3.0.101-108.71.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-ec2-base-3.0.101-108.71.1.i586", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-ec2-base-3.0.101-108.71.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-ec2-devel-3.0.101-108.71.1.i586", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-ec2-devel-3.0.101-108.71.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-pae-3.0.101-108.71.1.i586", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-pae-base-3.0.101-108.71.1.i586", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-pae-devel-3.0.101-108.71.1.i586", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-ppc64-3.0.101-108.71.1.ppc64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-ppc64-base-3.0.101-108.71.1.ppc64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-ppc64-devel-3.0.101-108.71.1.ppc64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-source-3.0.101-108.71.1.i586", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-source-3.0.101-108.71.1.ia64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-source-3.0.101-108.71.1.ppc64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-source-3.0.101-108.71.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-source-3.0.101-108.71.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-syms-3.0.101-108.71.1.i586", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-syms-3.0.101-108.71.1.ia64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-syms-3.0.101-108.71.1.ppc64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-syms-3.0.101-108.71.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-syms-3.0.101-108.71.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-trace-3.0.101-108.71.1.i586", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-trace-3.0.101-108.71.1.ia64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-trace-3.0.101-108.71.1.ppc64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-trace-3.0.101-108.71.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-trace-3.0.101-108.71.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-trace-base-3.0.101-108.71.1.i586", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-trace-base-3.0.101-108.71.1.ia64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-trace-base-3.0.101-108.71.1.ppc64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-trace-base-3.0.101-108.71.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-trace-base-3.0.101-108.71.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-trace-devel-3.0.101-108.71.1.i586", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-trace-devel-3.0.101-108.71.1.ia64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-trace-devel-3.0.101-108.71.1.ppc64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-trace-devel-3.0.101-108.71.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-trace-devel-3.0.101-108.71.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-xen-3.0.101-108.71.1.i586", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-xen-3.0.101-108.71.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-xen-base-3.0.101-108.71.1.i586", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-xen-base-3.0.101-108.71.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-xen-devel-3.0.101-108.71.1.i586", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-xen-devel-3.0.101-108.71.1.x86_64", "SUSE Linux Enterprise Software Development Kit 11 SP4:kernel-docs-3.0.101-108.71.1.noarch", ], }, ], threats: [ { category: "impact", date: "2018-09-26T12:53:30Z", details: "important", }, ], title: "CVE-2018-14634", }, { cve: "CVE-2018-14734", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2018-14734", }, ], notes: [ { category: "general", text: "drivers/infiniband/core/ucma.c in the Linux kernel through 4.17.11 allows ucma_leave_multicast to access a certain data structure after a cleanup step in ucma_process_join, which allows attackers to cause a denial of service (use-after-free).", title: "CVE description", }, ], product_status: { recommended: [ "SUSE Linux Enterprise Server 11 SP4:kernel-bigmem-3.0.101-108.71.1.ppc64", "SUSE Linux Enterprise Server 11 SP4:kernel-bigmem-base-3.0.101-108.71.1.ppc64", "SUSE Linux Enterprise Server 11 SP4:kernel-bigmem-devel-3.0.101-108.71.1.ppc64", "SUSE Linux Enterprise Server 11 SP4:kernel-default-3.0.101-108.71.1.i586", "SUSE Linux Enterprise Server 11 SP4:kernel-default-3.0.101-108.71.1.ia64", "SUSE Linux Enterprise Server 11 SP4:kernel-default-3.0.101-108.71.1.ppc64", "SUSE Linux Enterprise Server 11 SP4:kernel-default-3.0.101-108.71.1.s390x", "SUSE Linux Enterprise Server 11 SP4:kernel-default-3.0.101-108.71.1.x86_64", "SUSE Linux Enterprise Server 11 SP4:kernel-default-base-3.0.101-108.71.1.i586", "SUSE Linux Enterprise Server 11 SP4:kernel-default-base-3.0.101-108.71.1.ia64", "SUSE Linux Enterprise Server 11 SP4:kernel-default-base-3.0.101-108.71.1.ppc64", "SUSE Linux Enterprise Server 11 SP4:kernel-default-base-3.0.101-108.71.1.s390x", "SUSE Linux Enterprise Server 11 SP4:kernel-default-base-3.0.101-108.71.1.x86_64", "SUSE Linux Enterprise Server 11 SP4:kernel-default-devel-3.0.101-108.71.1.i586", "SUSE Linux Enterprise Server 11 SP4:kernel-default-devel-3.0.101-108.71.1.ia64", "SUSE Linux Enterprise Server 11 SP4:kernel-default-devel-3.0.101-108.71.1.ppc64", "SUSE Linux Enterprise Server 11 SP4:kernel-default-devel-3.0.101-108.71.1.s390x", "SUSE Linux Enterprise Server 11 SP4:kernel-default-devel-3.0.101-108.71.1.x86_64", "SUSE Linux Enterprise Server 11 SP4:kernel-default-man-3.0.101-108.71.1.s390x", "SUSE Linux Enterprise Server 11 SP4:kernel-ec2-3.0.101-108.71.1.i586", "SUSE Linux Enterprise Server 11 SP4:kernel-ec2-3.0.101-108.71.1.x86_64", "SUSE Linux Enterprise Server 11 SP4:kernel-ec2-base-3.0.101-108.71.1.i586", "SUSE Linux Enterprise Server 11 SP4:kernel-ec2-base-3.0.101-108.71.1.x86_64", "SUSE Linux Enterprise Server 11 SP4:kernel-ec2-devel-3.0.101-108.71.1.i586", "SUSE Linux Enterprise Server 11 SP4:kernel-ec2-devel-3.0.101-108.71.1.x86_64", "SUSE Linux Enterprise Server 11 SP4:kernel-pae-3.0.101-108.71.1.i586", "SUSE Linux Enterprise Server 11 SP4:kernel-pae-base-3.0.101-108.71.1.i586", "SUSE Linux Enterprise Server 11 SP4:kernel-pae-devel-3.0.101-108.71.1.i586", "SUSE Linux Enterprise Server 11 SP4:kernel-ppc64-3.0.101-108.71.1.ppc64", "SUSE Linux Enterprise Server 11 SP4:kernel-ppc64-base-3.0.101-108.71.1.ppc64", "SUSE Linux Enterprise Server 11 SP4:kernel-ppc64-devel-3.0.101-108.71.1.ppc64", "SUSE Linux Enterprise Server 11 SP4:kernel-source-3.0.101-108.71.1.i586", "SUSE Linux Enterprise Server 11 SP4:kernel-source-3.0.101-108.71.1.ia64", "SUSE Linux Enterprise Server 11 SP4:kernel-source-3.0.101-108.71.1.ppc64", "SUSE Linux Enterprise Server 11 SP4:kernel-source-3.0.101-108.71.1.s390x", "SUSE Linux Enterprise Server 11 SP4:kernel-source-3.0.101-108.71.1.x86_64", "SUSE Linux Enterprise Server 11 SP4:kernel-syms-3.0.101-108.71.1.i586", "SUSE Linux Enterprise Server 11 SP4:kernel-syms-3.0.101-108.71.1.ia64", "SUSE Linux Enterprise Server 11 SP4:kernel-syms-3.0.101-108.71.1.ppc64", "SUSE Linux Enterprise Server 11 SP4:kernel-syms-3.0.101-108.71.1.s390x", "SUSE Linux Enterprise Server 11 SP4:kernel-syms-3.0.101-108.71.1.x86_64", "SUSE Linux Enterprise Server 11 SP4:kernel-trace-3.0.101-108.71.1.i586", "SUSE Linux Enterprise Server 11 SP4:kernel-trace-3.0.101-108.71.1.ia64", "SUSE Linux Enterprise Server 11 SP4:kernel-trace-3.0.101-108.71.1.ppc64", "SUSE Linux Enterprise Server 11 SP4:kernel-trace-3.0.101-108.71.1.s390x", "SUSE Linux Enterprise Server 11 SP4:kernel-trace-3.0.101-108.71.1.x86_64", "SUSE Linux Enterprise Server 11 SP4:kernel-trace-base-3.0.101-108.71.1.i586", "SUSE Linux Enterprise Server 11 SP4:kernel-trace-base-3.0.101-108.71.1.ia64", "SUSE Linux Enterprise Server 11 SP4:kernel-trace-base-3.0.101-108.71.1.ppc64", "SUSE Linux Enterprise Server 11 SP4:kernel-trace-base-3.0.101-108.71.1.s390x", "SUSE Linux Enterprise Server 11 SP4:kernel-trace-base-3.0.101-108.71.1.x86_64", "SUSE Linux Enterprise Server 11 SP4:kernel-trace-devel-3.0.101-108.71.1.i586", "SUSE Linux Enterprise Server 11 SP4:kernel-trace-devel-3.0.101-108.71.1.ia64", "SUSE Linux Enterprise Server 11 SP4:kernel-trace-devel-3.0.101-108.71.1.ppc64", "SUSE Linux Enterprise Server 11 SP4:kernel-trace-devel-3.0.101-108.71.1.s390x", "SUSE Linux Enterprise Server 11 SP4:kernel-trace-devel-3.0.101-108.71.1.x86_64", "SUSE Linux Enterprise Server 11 SP4:kernel-xen-3.0.101-108.71.1.i586", "SUSE Linux Enterprise Server 11 SP4:kernel-xen-3.0.101-108.71.1.x86_64", "SUSE Linux Enterprise Server 11 SP4:kernel-xen-base-3.0.101-108.71.1.i586", "SUSE Linux Enterprise Server 11 SP4:kernel-xen-base-3.0.101-108.71.1.x86_64", "SUSE Linux Enterprise Server 11 SP4:kernel-xen-devel-3.0.101-108.71.1.i586", "SUSE Linux Enterprise Server 11 SP4:kernel-xen-devel-3.0.101-108.71.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-bigmem-3.0.101-108.71.1.ppc64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-bigmem-base-3.0.101-108.71.1.ppc64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-bigmem-devel-3.0.101-108.71.1.ppc64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-default-3.0.101-108.71.1.i586", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-default-3.0.101-108.71.1.ia64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-default-3.0.101-108.71.1.ppc64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-default-3.0.101-108.71.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-default-3.0.101-108.71.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-default-base-3.0.101-108.71.1.i586", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-default-base-3.0.101-108.71.1.ia64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-default-base-3.0.101-108.71.1.ppc64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-default-base-3.0.101-108.71.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-default-base-3.0.101-108.71.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-default-devel-3.0.101-108.71.1.i586", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-default-devel-3.0.101-108.71.1.ia64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-default-devel-3.0.101-108.71.1.ppc64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-default-devel-3.0.101-108.71.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-default-devel-3.0.101-108.71.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-default-man-3.0.101-108.71.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-ec2-3.0.101-108.71.1.i586", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-ec2-3.0.101-108.71.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-ec2-base-3.0.101-108.71.1.i586", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-ec2-base-3.0.101-108.71.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-ec2-devel-3.0.101-108.71.1.i586", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-ec2-devel-3.0.101-108.71.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-pae-3.0.101-108.71.1.i586", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-pae-base-3.0.101-108.71.1.i586", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-pae-devel-3.0.101-108.71.1.i586", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-ppc64-3.0.101-108.71.1.ppc64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-ppc64-base-3.0.101-108.71.1.ppc64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-ppc64-devel-3.0.101-108.71.1.ppc64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-source-3.0.101-108.71.1.i586", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-source-3.0.101-108.71.1.ia64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-source-3.0.101-108.71.1.ppc64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-source-3.0.101-108.71.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-source-3.0.101-108.71.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-syms-3.0.101-108.71.1.i586", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-syms-3.0.101-108.71.1.ia64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-syms-3.0.101-108.71.1.ppc64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-syms-3.0.101-108.71.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-syms-3.0.101-108.71.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-trace-3.0.101-108.71.1.i586", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-trace-3.0.101-108.71.1.ia64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-trace-3.0.101-108.71.1.ppc64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-trace-3.0.101-108.71.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-trace-3.0.101-108.71.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-trace-base-3.0.101-108.71.1.i586", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-trace-base-3.0.101-108.71.1.ia64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-trace-base-3.0.101-108.71.1.ppc64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-trace-base-3.0.101-108.71.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-trace-base-3.0.101-108.71.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-trace-devel-3.0.101-108.71.1.i586", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-trace-devel-3.0.101-108.71.1.ia64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-trace-devel-3.0.101-108.71.1.ppc64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-trace-devel-3.0.101-108.71.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-trace-devel-3.0.101-108.71.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-xen-3.0.101-108.71.1.i586", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-xen-3.0.101-108.71.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-xen-base-3.0.101-108.71.1.i586", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-xen-base-3.0.101-108.71.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-xen-devel-3.0.101-108.71.1.i586", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-xen-devel-3.0.101-108.71.1.x86_64", "SUSE Linux Enterprise Software Development Kit 11 SP4:kernel-docs-3.0.101-108.71.1.noarch", ], }, references: [ { category: "external", summary: "CVE-2018-14734", url: "https://www.suse.com/security/cve/CVE-2018-14734", }, { category: "external", summary: "SUSE Bug 1103119 for CVE-2018-14734", url: "https://bugzilla.suse.com/1103119", }, { category: "external", summary: "SUSE Bug 1131390 for CVE-2018-14734", url: "https://bugzilla.suse.com/1131390", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE Linux Enterprise Server 11 SP4:kernel-bigmem-3.0.101-108.71.1.ppc64", "SUSE Linux Enterprise Server 11 SP4:kernel-bigmem-base-3.0.101-108.71.1.ppc64", "SUSE Linux Enterprise Server 11 SP4:kernel-bigmem-devel-3.0.101-108.71.1.ppc64", "SUSE Linux Enterprise Server 11 SP4:kernel-default-3.0.101-108.71.1.i586", "SUSE Linux Enterprise Server 11 SP4:kernel-default-3.0.101-108.71.1.ia64", "SUSE Linux Enterprise Server 11 SP4:kernel-default-3.0.101-108.71.1.ppc64", "SUSE Linux Enterprise Server 11 SP4:kernel-default-3.0.101-108.71.1.s390x", "SUSE Linux Enterprise Server 11 SP4:kernel-default-3.0.101-108.71.1.x86_64", "SUSE Linux Enterprise Server 11 SP4:kernel-default-base-3.0.101-108.71.1.i586", "SUSE Linux Enterprise Server 11 SP4:kernel-default-base-3.0.101-108.71.1.ia64", "SUSE Linux Enterprise Server 11 SP4:kernel-default-base-3.0.101-108.71.1.ppc64", "SUSE Linux Enterprise Server 11 SP4:kernel-default-base-3.0.101-108.71.1.s390x", "SUSE Linux Enterprise Server 11 SP4:kernel-default-base-3.0.101-108.71.1.x86_64", "SUSE Linux Enterprise Server 11 SP4:kernel-default-devel-3.0.101-108.71.1.i586", "SUSE Linux Enterprise Server 11 SP4:kernel-default-devel-3.0.101-108.71.1.ia64", "SUSE Linux Enterprise Server 11 SP4:kernel-default-devel-3.0.101-108.71.1.ppc64", "SUSE Linux Enterprise Server 11 SP4:kernel-default-devel-3.0.101-108.71.1.s390x", "SUSE Linux Enterprise Server 11 SP4:kernel-default-devel-3.0.101-108.71.1.x86_64", "SUSE Linux Enterprise Server 11 SP4:kernel-default-man-3.0.101-108.71.1.s390x", "SUSE Linux Enterprise Server 11 SP4:kernel-ec2-3.0.101-108.71.1.i586", "SUSE Linux Enterprise Server 11 SP4:kernel-ec2-3.0.101-108.71.1.x86_64", "SUSE Linux Enterprise Server 11 SP4:kernel-ec2-base-3.0.101-108.71.1.i586", "SUSE Linux Enterprise Server 11 SP4:kernel-ec2-base-3.0.101-108.71.1.x86_64", "SUSE Linux Enterprise Server 11 SP4:kernel-ec2-devel-3.0.101-108.71.1.i586", "SUSE Linux Enterprise Server 11 SP4:kernel-ec2-devel-3.0.101-108.71.1.x86_64", "SUSE Linux Enterprise Server 11 SP4:kernel-pae-3.0.101-108.71.1.i586", "SUSE Linux Enterprise Server 11 SP4:kernel-pae-base-3.0.101-108.71.1.i586", "SUSE Linux Enterprise Server 11 SP4:kernel-pae-devel-3.0.101-108.71.1.i586", "SUSE Linux Enterprise Server 11 SP4:kernel-ppc64-3.0.101-108.71.1.ppc64", "SUSE Linux Enterprise Server 11 SP4:kernel-ppc64-base-3.0.101-108.71.1.ppc64", "SUSE Linux Enterprise Server 11 SP4:kernel-ppc64-devel-3.0.101-108.71.1.ppc64", "SUSE Linux Enterprise Server 11 SP4:kernel-source-3.0.101-108.71.1.i586", "SUSE Linux Enterprise Server 11 SP4:kernel-source-3.0.101-108.71.1.ia64", "SUSE Linux Enterprise Server 11 SP4:kernel-source-3.0.101-108.71.1.ppc64", "SUSE Linux Enterprise Server 11 SP4:kernel-source-3.0.101-108.71.1.s390x", "SUSE Linux Enterprise Server 11 SP4:kernel-source-3.0.101-108.71.1.x86_64", "SUSE Linux Enterprise Server 11 SP4:kernel-syms-3.0.101-108.71.1.i586", "SUSE Linux Enterprise Server 11 SP4:kernel-syms-3.0.101-108.71.1.ia64", "SUSE Linux Enterprise Server 11 SP4:kernel-syms-3.0.101-108.71.1.ppc64", "SUSE Linux Enterprise Server 11 SP4:kernel-syms-3.0.101-108.71.1.s390x", "SUSE Linux Enterprise Server 11 SP4:kernel-syms-3.0.101-108.71.1.x86_64", "SUSE Linux Enterprise Server 11 SP4:kernel-trace-3.0.101-108.71.1.i586", "SUSE Linux Enterprise Server 11 SP4:kernel-trace-3.0.101-108.71.1.ia64", "SUSE Linux Enterprise Server 11 SP4:kernel-trace-3.0.101-108.71.1.ppc64", "SUSE Linux Enterprise Server 11 SP4:kernel-trace-3.0.101-108.71.1.s390x", "SUSE Linux Enterprise Server 11 SP4:kernel-trace-3.0.101-108.71.1.x86_64", "SUSE Linux Enterprise Server 11 SP4:kernel-trace-base-3.0.101-108.71.1.i586", "SUSE Linux Enterprise Server 11 SP4:kernel-trace-base-3.0.101-108.71.1.ia64", "SUSE Linux Enterprise Server 11 SP4:kernel-trace-base-3.0.101-108.71.1.ppc64", "SUSE Linux Enterprise Server 11 SP4:kernel-trace-base-3.0.101-108.71.1.s390x", "SUSE Linux Enterprise Server 11 SP4:kernel-trace-base-3.0.101-108.71.1.x86_64", "SUSE Linux Enterprise Server 11 SP4:kernel-trace-devel-3.0.101-108.71.1.i586", "SUSE Linux Enterprise Server 11 SP4:kernel-trace-devel-3.0.101-108.71.1.ia64", "SUSE Linux Enterprise Server 11 SP4:kernel-trace-devel-3.0.101-108.71.1.ppc64", "SUSE Linux Enterprise Server 11 SP4:kernel-trace-devel-3.0.101-108.71.1.s390x", "SUSE Linux Enterprise Server 11 SP4:kernel-trace-devel-3.0.101-108.71.1.x86_64", "SUSE Linux Enterprise Server 11 SP4:kernel-xen-3.0.101-108.71.1.i586", "SUSE Linux Enterprise Server 11 SP4:kernel-xen-3.0.101-108.71.1.x86_64", "SUSE Linux Enterprise Server 11 SP4:kernel-xen-base-3.0.101-108.71.1.i586", "SUSE Linux Enterprise Server 11 SP4:kernel-xen-base-3.0.101-108.71.1.x86_64", "SUSE Linux Enterprise Server 11 SP4:kernel-xen-devel-3.0.101-108.71.1.i586", "SUSE Linux Enterprise Server 11 SP4:kernel-xen-devel-3.0.101-108.71.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-bigmem-3.0.101-108.71.1.ppc64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-bigmem-base-3.0.101-108.71.1.ppc64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-bigmem-devel-3.0.101-108.71.1.ppc64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-default-3.0.101-108.71.1.i586", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-default-3.0.101-108.71.1.ia64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-default-3.0.101-108.71.1.ppc64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-default-3.0.101-108.71.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-default-3.0.101-108.71.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-default-base-3.0.101-108.71.1.i586", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-default-base-3.0.101-108.71.1.ia64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-default-base-3.0.101-108.71.1.ppc64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-default-base-3.0.101-108.71.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-default-base-3.0.101-108.71.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-default-devel-3.0.101-108.71.1.i586", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-default-devel-3.0.101-108.71.1.ia64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-default-devel-3.0.101-108.71.1.ppc64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-default-devel-3.0.101-108.71.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-default-devel-3.0.101-108.71.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-default-man-3.0.101-108.71.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-ec2-3.0.101-108.71.1.i586", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-ec2-3.0.101-108.71.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-ec2-base-3.0.101-108.71.1.i586", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-ec2-base-3.0.101-108.71.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-ec2-devel-3.0.101-108.71.1.i586", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-ec2-devel-3.0.101-108.71.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-pae-3.0.101-108.71.1.i586", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-pae-base-3.0.101-108.71.1.i586", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-pae-devel-3.0.101-108.71.1.i586", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-ppc64-3.0.101-108.71.1.ppc64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-ppc64-base-3.0.101-108.71.1.ppc64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-ppc64-devel-3.0.101-108.71.1.ppc64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-source-3.0.101-108.71.1.i586", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-source-3.0.101-108.71.1.ia64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-source-3.0.101-108.71.1.ppc64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-source-3.0.101-108.71.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-source-3.0.101-108.71.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-syms-3.0.101-108.71.1.i586", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-syms-3.0.101-108.71.1.ia64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-syms-3.0.101-108.71.1.ppc64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-syms-3.0.101-108.71.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-syms-3.0.101-108.71.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-trace-3.0.101-108.71.1.i586", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-trace-3.0.101-108.71.1.ia64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-trace-3.0.101-108.71.1.ppc64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-trace-3.0.101-108.71.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-trace-3.0.101-108.71.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-trace-base-3.0.101-108.71.1.i586", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-trace-base-3.0.101-108.71.1.ia64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-trace-base-3.0.101-108.71.1.ppc64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-trace-base-3.0.101-108.71.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-trace-base-3.0.101-108.71.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-trace-devel-3.0.101-108.71.1.i586", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-trace-devel-3.0.101-108.71.1.ia64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-trace-devel-3.0.101-108.71.1.ppc64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-trace-devel-3.0.101-108.71.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-trace-devel-3.0.101-108.71.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-xen-3.0.101-108.71.1.i586", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-xen-3.0.101-108.71.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-xen-base-3.0.101-108.71.1.i586", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-xen-base-3.0.101-108.71.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-xen-devel-3.0.101-108.71.1.i586", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-xen-devel-3.0.101-108.71.1.x86_64", "SUSE Linux Enterprise Software Development Kit 11 SP4:kernel-docs-3.0.101-108.71.1.noarch", ], }, ], scores: [ { cvss_v3: { baseScore: 7, baseSeverity: "HIGH", vectorString: "CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H", version: "3.0", }, products: [ "SUSE Linux Enterprise Server 11 SP4:kernel-bigmem-3.0.101-108.71.1.ppc64", "SUSE Linux Enterprise Server 11 SP4:kernel-bigmem-base-3.0.101-108.71.1.ppc64", "SUSE Linux Enterprise Server 11 SP4:kernel-bigmem-devel-3.0.101-108.71.1.ppc64", "SUSE Linux Enterprise Server 11 SP4:kernel-default-3.0.101-108.71.1.i586", "SUSE Linux Enterprise Server 11 SP4:kernel-default-3.0.101-108.71.1.ia64", "SUSE Linux Enterprise Server 11 SP4:kernel-default-3.0.101-108.71.1.ppc64", "SUSE Linux Enterprise Server 11 SP4:kernel-default-3.0.101-108.71.1.s390x", "SUSE Linux Enterprise Server 11 SP4:kernel-default-3.0.101-108.71.1.x86_64", "SUSE Linux Enterprise Server 11 SP4:kernel-default-base-3.0.101-108.71.1.i586", "SUSE Linux Enterprise Server 11 SP4:kernel-default-base-3.0.101-108.71.1.ia64", "SUSE Linux Enterprise Server 11 SP4:kernel-default-base-3.0.101-108.71.1.ppc64", "SUSE Linux Enterprise Server 11 SP4:kernel-default-base-3.0.101-108.71.1.s390x", "SUSE Linux Enterprise Server 11 SP4:kernel-default-base-3.0.101-108.71.1.x86_64", "SUSE Linux Enterprise Server 11 SP4:kernel-default-devel-3.0.101-108.71.1.i586", "SUSE Linux Enterprise Server 11 SP4:kernel-default-devel-3.0.101-108.71.1.ia64", "SUSE Linux Enterprise Server 11 SP4:kernel-default-devel-3.0.101-108.71.1.ppc64", "SUSE Linux Enterprise Server 11 SP4:kernel-default-devel-3.0.101-108.71.1.s390x", "SUSE Linux Enterprise Server 11 SP4:kernel-default-devel-3.0.101-108.71.1.x86_64", "SUSE Linux Enterprise Server 11 SP4:kernel-default-man-3.0.101-108.71.1.s390x", "SUSE Linux Enterprise Server 11 SP4:kernel-ec2-3.0.101-108.71.1.i586", "SUSE Linux Enterprise Server 11 SP4:kernel-ec2-3.0.101-108.71.1.x86_64", "SUSE Linux Enterprise Server 11 SP4:kernel-ec2-base-3.0.101-108.71.1.i586", "SUSE Linux Enterprise Server 11 SP4:kernel-ec2-base-3.0.101-108.71.1.x86_64", "SUSE Linux Enterprise Server 11 SP4:kernel-ec2-devel-3.0.101-108.71.1.i586", "SUSE Linux Enterprise Server 11 SP4:kernel-ec2-devel-3.0.101-108.71.1.x86_64", "SUSE Linux Enterprise Server 11 SP4:kernel-pae-3.0.101-108.71.1.i586", "SUSE Linux Enterprise Server 11 SP4:kernel-pae-base-3.0.101-108.71.1.i586", "SUSE Linux Enterprise Server 11 SP4:kernel-pae-devel-3.0.101-108.71.1.i586", "SUSE Linux Enterprise Server 11 SP4:kernel-ppc64-3.0.101-108.71.1.ppc64", "SUSE Linux Enterprise Server 11 SP4:kernel-ppc64-base-3.0.101-108.71.1.ppc64", "SUSE Linux Enterprise Server 11 SP4:kernel-ppc64-devel-3.0.101-108.71.1.ppc64", "SUSE Linux Enterprise Server 11 SP4:kernel-source-3.0.101-108.71.1.i586", "SUSE Linux Enterprise Server 11 SP4:kernel-source-3.0.101-108.71.1.ia64", "SUSE Linux Enterprise Server 11 SP4:kernel-source-3.0.101-108.71.1.ppc64", "SUSE Linux Enterprise Server 11 SP4:kernel-source-3.0.101-108.71.1.s390x", "SUSE Linux Enterprise Server 11 SP4:kernel-source-3.0.101-108.71.1.x86_64", "SUSE Linux Enterprise Server 11 SP4:kernel-syms-3.0.101-108.71.1.i586", "SUSE Linux Enterprise Server 11 SP4:kernel-syms-3.0.101-108.71.1.ia64", "SUSE Linux Enterprise Server 11 SP4:kernel-syms-3.0.101-108.71.1.ppc64", "SUSE Linux Enterprise Server 11 SP4:kernel-syms-3.0.101-108.71.1.s390x", "SUSE Linux Enterprise Server 11 SP4:kernel-syms-3.0.101-108.71.1.x86_64", "SUSE Linux Enterprise Server 11 SP4:kernel-trace-3.0.101-108.71.1.i586", "SUSE Linux Enterprise Server 11 SP4:kernel-trace-3.0.101-108.71.1.ia64", "SUSE Linux Enterprise Server 11 SP4:kernel-trace-3.0.101-108.71.1.ppc64", "SUSE Linux Enterprise Server 11 SP4:kernel-trace-3.0.101-108.71.1.s390x", "SUSE Linux Enterprise Server 11 SP4:kernel-trace-3.0.101-108.71.1.x86_64", "SUSE Linux Enterprise Server 11 SP4:kernel-trace-base-3.0.101-108.71.1.i586", "SUSE Linux Enterprise Server 11 SP4:kernel-trace-base-3.0.101-108.71.1.ia64", "SUSE Linux Enterprise Server 11 SP4:kernel-trace-base-3.0.101-108.71.1.ppc64", "SUSE Linux Enterprise Server 11 SP4:kernel-trace-base-3.0.101-108.71.1.s390x", "SUSE Linux Enterprise Server 11 SP4:kernel-trace-base-3.0.101-108.71.1.x86_64", "SUSE Linux Enterprise Server 11 SP4:kernel-trace-devel-3.0.101-108.71.1.i586", "SUSE Linux Enterprise Server 11 SP4:kernel-trace-devel-3.0.101-108.71.1.ia64", "SUSE Linux Enterprise Server 11 SP4:kernel-trace-devel-3.0.101-108.71.1.ppc64", "SUSE Linux Enterprise Server 11 SP4:kernel-trace-devel-3.0.101-108.71.1.s390x", "SUSE Linux Enterprise Server 11 SP4:kernel-trace-devel-3.0.101-108.71.1.x86_64", "SUSE Linux Enterprise Server 11 SP4:kernel-xen-3.0.101-108.71.1.i586", "SUSE Linux Enterprise Server 11 SP4:kernel-xen-3.0.101-108.71.1.x86_64", "SUSE Linux Enterprise Server 11 SP4:kernel-xen-base-3.0.101-108.71.1.i586", "SUSE Linux Enterprise Server 11 SP4:kernel-xen-base-3.0.101-108.71.1.x86_64", "SUSE Linux Enterprise Server 11 SP4:kernel-xen-devel-3.0.101-108.71.1.i586", "SUSE Linux Enterprise Server 11 SP4:kernel-xen-devel-3.0.101-108.71.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-bigmem-3.0.101-108.71.1.ppc64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-bigmem-base-3.0.101-108.71.1.ppc64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-bigmem-devel-3.0.101-108.71.1.ppc64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-default-3.0.101-108.71.1.i586", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-default-3.0.101-108.71.1.ia64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-default-3.0.101-108.71.1.ppc64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-default-3.0.101-108.71.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-default-3.0.101-108.71.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-default-base-3.0.101-108.71.1.i586", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-default-base-3.0.101-108.71.1.ia64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-default-base-3.0.101-108.71.1.ppc64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-default-base-3.0.101-108.71.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-default-base-3.0.101-108.71.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-default-devel-3.0.101-108.71.1.i586", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-default-devel-3.0.101-108.71.1.ia64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-default-devel-3.0.101-108.71.1.ppc64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-default-devel-3.0.101-108.71.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-default-devel-3.0.101-108.71.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-default-man-3.0.101-108.71.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-ec2-3.0.101-108.71.1.i586", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-ec2-3.0.101-108.71.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-ec2-base-3.0.101-108.71.1.i586", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-ec2-base-3.0.101-108.71.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-ec2-devel-3.0.101-108.71.1.i586", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-ec2-devel-3.0.101-108.71.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-pae-3.0.101-108.71.1.i586", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-pae-base-3.0.101-108.71.1.i586", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-pae-devel-3.0.101-108.71.1.i586", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-ppc64-3.0.101-108.71.1.ppc64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-ppc64-base-3.0.101-108.71.1.ppc64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-ppc64-devel-3.0.101-108.71.1.ppc64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-source-3.0.101-108.71.1.i586", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-source-3.0.101-108.71.1.ia64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-source-3.0.101-108.71.1.ppc64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-source-3.0.101-108.71.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-source-3.0.101-108.71.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-syms-3.0.101-108.71.1.i586", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-syms-3.0.101-108.71.1.ia64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-syms-3.0.101-108.71.1.ppc64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-syms-3.0.101-108.71.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-syms-3.0.101-108.71.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-trace-3.0.101-108.71.1.i586", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-trace-3.0.101-108.71.1.ia64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-trace-3.0.101-108.71.1.ppc64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-trace-3.0.101-108.71.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-trace-3.0.101-108.71.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-trace-base-3.0.101-108.71.1.i586", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-trace-base-3.0.101-108.71.1.ia64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-trace-base-3.0.101-108.71.1.ppc64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-trace-base-3.0.101-108.71.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-trace-base-3.0.101-108.71.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-trace-devel-3.0.101-108.71.1.i586", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-trace-devel-3.0.101-108.71.1.ia64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-trace-devel-3.0.101-108.71.1.ppc64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-trace-devel-3.0.101-108.71.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-trace-devel-3.0.101-108.71.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-xen-3.0.101-108.71.1.i586", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-xen-3.0.101-108.71.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-xen-base-3.0.101-108.71.1.i586", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-xen-base-3.0.101-108.71.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-xen-devel-3.0.101-108.71.1.i586", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-xen-devel-3.0.101-108.71.1.x86_64", "SUSE Linux Enterprise Software Development Kit 11 SP4:kernel-docs-3.0.101-108.71.1.noarch", ], }, ], threats: [ { category: "impact", date: "2018-09-26T12:53:30Z", details: "moderate", }, ], title: "CVE-2018-14734", }, { cve: "CVE-2018-15572", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2018-15572", }, ], notes: [ { category: "general", text: "The spectre_v2_select_mitigation function in arch/x86/kernel/cpu/bugs.c in the Linux kernel before 4.18.1 does not always fill RSB upon a context switch, which makes it easier for attackers to conduct userspace-userspace spectreRSB attacks.", title: "CVE description", }, ], product_status: { recommended: [ "SUSE Linux Enterprise Server 11 SP4:kernel-bigmem-3.0.101-108.71.1.ppc64", "SUSE Linux Enterprise Server 11 SP4:kernel-bigmem-base-3.0.101-108.71.1.ppc64", "SUSE Linux Enterprise Server 11 SP4:kernel-bigmem-devel-3.0.101-108.71.1.ppc64", "SUSE Linux Enterprise Server 11 SP4:kernel-default-3.0.101-108.71.1.i586", "SUSE Linux Enterprise Server 11 SP4:kernel-default-3.0.101-108.71.1.ia64", "SUSE Linux Enterprise Server 11 SP4:kernel-default-3.0.101-108.71.1.ppc64", "SUSE Linux Enterprise Server 11 SP4:kernel-default-3.0.101-108.71.1.s390x", "SUSE Linux Enterprise Server 11 SP4:kernel-default-3.0.101-108.71.1.x86_64", "SUSE Linux Enterprise Server 11 SP4:kernel-default-base-3.0.101-108.71.1.i586", "SUSE Linux Enterprise Server 11 SP4:kernel-default-base-3.0.101-108.71.1.ia64", "SUSE Linux Enterprise Server 11 SP4:kernel-default-base-3.0.101-108.71.1.ppc64", "SUSE Linux Enterprise Server 11 SP4:kernel-default-base-3.0.101-108.71.1.s390x", "SUSE Linux Enterprise Server 11 SP4:kernel-default-base-3.0.101-108.71.1.x86_64", "SUSE Linux Enterprise Server 11 SP4:kernel-default-devel-3.0.101-108.71.1.i586", "SUSE Linux Enterprise Server 11 SP4:kernel-default-devel-3.0.101-108.71.1.ia64", "SUSE Linux Enterprise Server 11 SP4:kernel-default-devel-3.0.101-108.71.1.ppc64", "SUSE Linux Enterprise Server 11 SP4:kernel-default-devel-3.0.101-108.71.1.s390x", "SUSE Linux Enterprise Server 11 SP4:kernel-default-devel-3.0.101-108.71.1.x86_64", "SUSE Linux Enterprise Server 11 SP4:kernel-default-man-3.0.101-108.71.1.s390x", "SUSE Linux Enterprise Server 11 SP4:kernel-ec2-3.0.101-108.71.1.i586", "SUSE Linux Enterprise Server 11 SP4:kernel-ec2-3.0.101-108.71.1.x86_64", "SUSE Linux Enterprise Server 11 SP4:kernel-ec2-base-3.0.101-108.71.1.i586", "SUSE Linux Enterprise Server 11 SP4:kernel-ec2-base-3.0.101-108.71.1.x86_64", "SUSE Linux Enterprise Server 11 SP4:kernel-ec2-devel-3.0.101-108.71.1.i586", "SUSE Linux Enterprise Server 11 SP4:kernel-ec2-devel-3.0.101-108.71.1.x86_64", "SUSE Linux Enterprise Server 11 SP4:kernel-pae-3.0.101-108.71.1.i586", "SUSE Linux Enterprise Server 11 SP4:kernel-pae-base-3.0.101-108.71.1.i586", "SUSE Linux Enterprise Server 11 SP4:kernel-pae-devel-3.0.101-108.71.1.i586", "SUSE Linux Enterprise Server 11 SP4:kernel-ppc64-3.0.101-108.71.1.ppc64", "SUSE Linux Enterprise Server 11 SP4:kernel-ppc64-base-3.0.101-108.71.1.ppc64", "SUSE Linux Enterprise Server 11 SP4:kernel-ppc64-devel-3.0.101-108.71.1.ppc64", "SUSE Linux Enterprise Server 11 SP4:kernel-source-3.0.101-108.71.1.i586", "SUSE Linux Enterprise Server 11 SP4:kernel-source-3.0.101-108.71.1.ia64", "SUSE Linux Enterprise Server 11 SP4:kernel-source-3.0.101-108.71.1.ppc64", "SUSE Linux Enterprise Server 11 SP4:kernel-source-3.0.101-108.71.1.s390x", "SUSE Linux Enterprise Server 11 SP4:kernel-source-3.0.101-108.71.1.x86_64", "SUSE Linux Enterprise Server 11 SP4:kernel-syms-3.0.101-108.71.1.i586", "SUSE Linux Enterprise Server 11 SP4:kernel-syms-3.0.101-108.71.1.ia64", "SUSE Linux Enterprise Server 11 SP4:kernel-syms-3.0.101-108.71.1.ppc64", "SUSE Linux Enterprise Server 11 SP4:kernel-syms-3.0.101-108.71.1.s390x", "SUSE Linux Enterprise Server 11 SP4:kernel-syms-3.0.101-108.71.1.x86_64", "SUSE Linux Enterprise Server 11 SP4:kernel-trace-3.0.101-108.71.1.i586", "SUSE Linux Enterprise Server 11 SP4:kernel-trace-3.0.101-108.71.1.ia64", "SUSE Linux Enterprise Server 11 SP4:kernel-trace-3.0.101-108.71.1.ppc64", "SUSE Linux Enterprise Server 11 SP4:kernel-trace-3.0.101-108.71.1.s390x", "SUSE Linux Enterprise Server 11 SP4:kernel-trace-3.0.101-108.71.1.x86_64", "SUSE Linux Enterprise Server 11 SP4:kernel-trace-base-3.0.101-108.71.1.i586", "SUSE Linux Enterprise Server 11 SP4:kernel-trace-base-3.0.101-108.71.1.ia64", "SUSE Linux Enterprise Server 11 SP4:kernel-trace-base-3.0.101-108.71.1.ppc64", "SUSE Linux Enterprise Server 11 SP4:kernel-trace-base-3.0.101-108.71.1.s390x", "SUSE Linux Enterprise Server 11 SP4:kernel-trace-base-3.0.101-108.71.1.x86_64", "SUSE Linux Enterprise Server 11 SP4:kernel-trace-devel-3.0.101-108.71.1.i586", "SUSE Linux Enterprise Server 11 SP4:kernel-trace-devel-3.0.101-108.71.1.ia64", "SUSE Linux Enterprise Server 11 SP4:kernel-trace-devel-3.0.101-108.71.1.ppc64", "SUSE Linux Enterprise Server 11 SP4:kernel-trace-devel-3.0.101-108.71.1.s390x", "SUSE Linux Enterprise Server 11 SP4:kernel-trace-devel-3.0.101-108.71.1.x86_64", "SUSE Linux Enterprise Server 11 SP4:kernel-xen-3.0.101-108.71.1.i586", "SUSE Linux Enterprise Server 11 SP4:kernel-xen-3.0.101-108.71.1.x86_64", "SUSE Linux Enterprise Server 11 SP4:kernel-xen-base-3.0.101-108.71.1.i586", "SUSE Linux Enterprise Server 11 SP4:kernel-xen-base-3.0.101-108.71.1.x86_64", "SUSE Linux Enterprise Server 11 SP4:kernel-xen-devel-3.0.101-108.71.1.i586", "SUSE Linux Enterprise Server 11 SP4:kernel-xen-devel-3.0.101-108.71.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-bigmem-3.0.101-108.71.1.ppc64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-bigmem-base-3.0.101-108.71.1.ppc64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-bigmem-devel-3.0.101-108.71.1.ppc64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-default-3.0.101-108.71.1.i586", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-default-3.0.101-108.71.1.ia64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-default-3.0.101-108.71.1.ppc64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-default-3.0.101-108.71.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-default-3.0.101-108.71.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-default-base-3.0.101-108.71.1.i586", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-default-base-3.0.101-108.71.1.ia64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-default-base-3.0.101-108.71.1.ppc64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-default-base-3.0.101-108.71.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-default-base-3.0.101-108.71.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-default-devel-3.0.101-108.71.1.i586", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-default-devel-3.0.101-108.71.1.ia64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-default-devel-3.0.101-108.71.1.ppc64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-default-devel-3.0.101-108.71.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-default-devel-3.0.101-108.71.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-default-man-3.0.101-108.71.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-ec2-3.0.101-108.71.1.i586", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-ec2-3.0.101-108.71.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-ec2-base-3.0.101-108.71.1.i586", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-ec2-base-3.0.101-108.71.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-ec2-devel-3.0.101-108.71.1.i586", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-ec2-devel-3.0.101-108.71.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-pae-3.0.101-108.71.1.i586", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-pae-base-3.0.101-108.71.1.i586", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-pae-devel-3.0.101-108.71.1.i586", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-ppc64-3.0.101-108.71.1.ppc64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-ppc64-base-3.0.101-108.71.1.ppc64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-ppc64-devel-3.0.101-108.71.1.ppc64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-source-3.0.101-108.71.1.i586", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-source-3.0.101-108.71.1.ia64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-source-3.0.101-108.71.1.ppc64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-source-3.0.101-108.71.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-source-3.0.101-108.71.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-syms-3.0.101-108.71.1.i586", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-syms-3.0.101-108.71.1.ia64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-syms-3.0.101-108.71.1.ppc64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-syms-3.0.101-108.71.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-syms-3.0.101-108.71.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-trace-3.0.101-108.71.1.i586", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-trace-3.0.101-108.71.1.ia64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-trace-3.0.101-108.71.1.ppc64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-trace-3.0.101-108.71.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-trace-3.0.101-108.71.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-trace-base-3.0.101-108.71.1.i586", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-trace-base-3.0.101-108.71.1.ia64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-trace-base-3.0.101-108.71.1.ppc64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-trace-base-3.0.101-108.71.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-trace-base-3.0.101-108.71.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-trace-devel-3.0.101-108.71.1.i586", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-trace-devel-3.0.101-108.71.1.ia64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-trace-devel-3.0.101-108.71.1.ppc64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-trace-devel-3.0.101-108.71.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-trace-devel-3.0.101-108.71.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-xen-3.0.101-108.71.1.i586", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-xen-3.0.101-108.71.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-xen-base-3.0.101-108.71.1.i586", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-xen-base-3.0.101-108.71.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-xen-devel-3.0.101-108.71.1.i586", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-xen-devel-3.0.101-108.71.1.x86_64", "SUSE Linux Enterprise Software Development Kit 11 SP4:kernel-docs-3.0.101-108.71.1.noarch", ], }, references: [ { category: "external", summary: "CVE-2018-15572", url: "https://www.suse.com/security/cve/CVE-2018-15572", }, { category: "external", summary: "SUSE Bug 1102517 for CVE-2018-15572", url: "https://bugzilla.suse.com/1102517", }, { category: "external", summary: "SUSE Bug 1105296 for CVE-2018-15572", url: "https://bugzilla.suse.com/1105296", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE Linux Enterprise Server 11 SP4:kernel-bigmem-3.0.101-108.71.1.ppc64", "SUSE Linux Enterprise Server 11 SP4:kernel-bigmem-base-3.0.101-108.71.1.ppc64", "SUSE Linux Enterprise Server 11 SP4:kernel-bigmem-devel-3.0.101-108.71.1.ppc64", "SUSE Linux Enterprise Server 11 SP4:kernel-default-3.0.101-108.71.1.i586", "SUSE Linux Enterprise Server 11 SP4:kernel-default-3.0.101-108.71.1.ia64", "SUSE Linux Enterprise Server 11 SP4:kernel-default-3.0.101-108.71.1.ppc64", "SUSE Linux Enterprise Server 11 SP4:kernel-default-3.0.101-108.71.1.s390x", "SUSE Linux Enterprise Server 11 SP4:kernel-default-3.0.101-108.71.1.x86_64", "SUSE Linux Enterprise Server 11 SP4:kernel-default-base-3.0.101-108.71.1.i586", "SUSE Linux Enterprise Server 11 SP4:kernel-default-base-3.0.101-108.71.1.ia64", "SUSE Linux Enterprise Server 11 SP4:kernel-default-base-3.0.101-108.71.1.ppc64", "SUSE Linux Enterprise Server 11 SP4:kernel-default-base-3.0.101-108.71.1.s390x", "SUSE Linux Enterprise Server 11 SP4:kernel-default-base-3.0.101-108.71.1.x86_64", "SUSE Linux Enterprise Server 11 SP4:kernel-default-devel-3.0.101-108.71.1.i586", "SUSE Linux Enterprise Server 11 SP4:kernel-default-devel-3.0.101-108.71.1.ia64", "SUSE Linux Enterprise Server 11 SP4:kernel-default-devel-3.0.101-108.71.1.ppc64", "SUSE Linux Enterprise Server 11 SP4:kernel-default-devel-3.0.101-108.71.1.s390x", "SUSE Linux Enterprise Server 11 SP4:kernel-default-devel-3.0.101-108.71.1.x86_64", "SUSE Linux Enterprise Server 11 SP4:kernel-default-man-3.0.101-108.71.1.s390x", "SUSE Linux Enterprise Server 11 SP4:kernel-ec2-3.0.101-108.71.1.i586", "SUSE Linux Enterprise Server 11 SP4:kernel-ec2-3.0.101-108.71.1.x86_64", "SUSE Linux Enterprise Server 11 SP4:kernel-ec2-base-3.0.101-108.71.1.i586", "SUSE Linux Enterprise Server 11 SP4:kernel-ec2-base-3.0.101-108.71.1.x86_64", "SUSE Linux Enterprise Server 11 SP4:kernel-ec2-devel-3.0.101-108.71.1.i586", "SUSE Linux Enterprise Server 11 SP4:kernel-ec2-devel-3.0.101-108.71.1.x86_64", "SUSE Linux Enterprise Server 11 SP4:kernel-pae-3.0.101-108.71.1.i586", "SUSE Linux Enterprise Server 11 SP4:kernel-pae-base-3.0.101-108.71.1.i586", "SUSE Linux Enterprise Server 11 SP4:kernel-pae-devel-3.0.101-108.71.1.i586", "SUSE Linux Enterprise Server 11 SP4:kernel-ppc64-3.0.101-108.71.1.ppc64", "SUSE Linux Enterprise Server 11 SP4:kernel-ppc64-base-3.0.101-108.71.1.ppc64", "SUSE Linux Enterprise Server 11 SP4:kernel-ppc64-devel-3.0.101-108.71.1.ppc64", "SUSE Linux Enterprise Server 11 SP4:kernel-source-3.0.101-108.71.1.i586", "SUSE Linux Enterprise Server 11 SP4:kernel-source-3.0.101-108.71.1.ia64", "SUSE Linux Enterprise Server 11 SP4:kernel-source-3.0.101-108.71.1.ppc64", "SUSE Linux Enterprise Server 11 SP4:kernel-source-3.0.101-108.71.1.s390x", "SUSE Linux Enterprise Server 11 SP4:kernel-source-3.0.101-108.71.1.x86_64", "SUSE Linux Enterprise Server 11 SP4:kernel-syms-3.0.101-108.71.1.i586", "SUSE Linux Enterprise Server 11 SP4:kernel-syms-3.0.101-108.71.1.ia64", "SUSE Linux Enterprise Server 11 SP4:kernel-syms-3.0.101-108.71.1.ppc64", "SUSE Linux Enterprise Server 11 SP4:kernel-syms-3.0.101-108.71.1.s390x", "SUSE Linux Enterprise Server 11 SP4:kernel-syms-3.0.101-108.71.1.x86_64", "SUSE Linux Enterprise Server 11 SP4:kernel-trace-3.0.101-108.71.1.i586", "SUSE Linux Enterprise Server 11 SP4:kernel-trace-3.0.101-108.71.1.ia64", "SUSE Linux Enterprise Server 11 SP4:kernel-trace-3.0.101-108.71.1.ppc64", "SUSE Linux Enterprise Server 11 SP4:kernel-trace-3.0.101-108.71.1.s390x", "SUSE Linux Enterprise Server 11 SP4:kernel-trace-3.0.101-108.71.1.x86_64", "SUSE Linux Enterprise Server 11 SP4:kernel-trace-base-3.0.101-108.71.1.i586", "SUSE Linux Enterprise Server 11 SP4:kernel-trace-base-3.0.101-108.71.1.ia64", "SUSE Linux Enterprise Server 11 SP4:kernel-trace-base-3.0.101-108.71.1.ppc64", "SUSE Linux Enterprise Server 11 SP4:kernel-trace-base-3.0.101-108.71.1.s390x", "SUSE Linux Enterprise Server 11 SP4:kernel-trace-base-3.0.101-108.71.1.x86_64", "SUSE Linux Enterprise Server 11 SP4:kernel-trace-devel-3.0.101-108.71.1.i586", "SUSE Linux Enterprise Server 11 SP4:kernel-trace-devel-3.0.101-108.71.1.ia64", "SUSE Linux Enterprise Server 11 SP4:kernel-trace-devel-3.0.101-108.71.1.ppc64", "SUSE Linux Enterprise Server 11 SP4:kernel-trace-devel-3.0.101-108.71.1.s390x", "SUSE Linux Enterprise Server 11 SP4:kernel-trace-devel-3.0.101-108.71.1.x86_64", "SUSE Linux Enterprise Server 11 SP4:kernel-xen-3.0.101-108.71.1.i586", "SUSE Linux Enterprise Server 11 SP4:kernel-xen-3.0.101-108.71.1.x86_64", "SUSE Linux Enterprise Server 11 SP4:kernel-xen-base-3.0.101-108.71.1.i586", "SUSE Linux Enterprise Server 11 SP4:kernel-xen-base-3.0.101-108.71.1.x86_64", "SUSE Linux Enterprise Server 11 SP4:kernel-xen-devel-3.0.101-108.71.1.i586", "SUSE Linux Enterprise Server 11 SP4:kernel-xen-devel-3.0.101-108.71.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-bigmem-3.0.101-108.71.1.ppc64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-bigmem-base-3.0.101-108.71.1.ppc64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-bigmem-devel-3.0.101-108.71.1.ppc64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-default-3.0.101-108.71.1.i586", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-default-3.0.101-108.71.1.ia64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-default-3.0.101-108.71.1.ppc64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-default-3.0.101-108.71.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-default-3.0.101-108.71.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-default-base-3.0.101-108.71.1.i586", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-default-base-3.0.101-108.71.1.ia64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-default-base-3.0.101-108.71.1.ppc64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-default-base-3.0.101-108.71.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-default-base-3.0.101-108.71.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-default-devel-3.0.101-108.71.1.i586", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-default-devel-3.0.101-108.71.1.ia64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-default-devel-3.0.101-108.71.1.ppc64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-default-devel-3.0.101-108.71.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-default-devel-3.0.101-108.71.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-default-man-3.0.101-108.71.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-ec2-3.0.101-108.71.1.i586", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-ec2-3.0.101-108.71.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-ec2-base-3.0.101-108.71.1.i586", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-ec2-base-3.0.101-108.71.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-ec2-devel-3.0.101-108.71.1.i586", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-ec2-devel-3.0.101-108.71.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-pae-3.0.101-108.71.1.i586", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-pae-base-3.0.101-108.71.1.i586", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-pae-devel-3.0.101-108.71.1.i586", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-ppc64-3.0.101-108.71.1.ppc64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-ppc64-base-3.0.101-108.71.1.ppc64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-ppc64-devel-3.0.101-108.71.1.ppc64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-source-3.0.101-108.71.1.i586", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-source-3.0.101-108.71.1.ia64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-source-3.0.101-108.71.1.ppc64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-source-3.0.101-108.71.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-source-3.0.101-108.71.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-syms-3.0.101-108.71.1.i586", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-syms-3.0.101-108.71.1.ia64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-syms-3.0.101-108.71.1.ppc64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-syms-3.0.101-108.71.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-syms-3.0.101-108.71.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-trace-3.0.101-108.71.1.i586", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-trace-3.0.101-108.71.1.ia64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-trace-3.0.101-108.71.1.ppc64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-trace-3.0.101-108.71.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-trace-3.0.101-108.71.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-trace-base-3.0.101-108.71.1.i586", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-trace-base-3.0.101-108.71.1.ia64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-trace-base-3.0.101-108.71.1.ppc64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-trace-base-3.0.101-108.71.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-trace-base-3.0.101-108.71.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-trace-devel-3.0.101-108.71.1.i586", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-trace-devel-3.0.101-108.71.1.ia64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-trace-devel-3.0.101-108.71.1.ppc64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-trace-devel-3.0.101-108.71.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-trace-devel-3.0.101-108.71.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-xen-3.0.101-108.71.1.i586", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-xen-3.0.101-108.71.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-xen-base-3.0.101-108.71.1.i586", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-xen-base-3.0.101-108.71.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-xen-devel-3.0.101-108.71.1.i586", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-xen-devel-3.0.101-108.71.1.x86_64", "SUSE Linux Enterprise Software Development Kit 11 SP4:kernel-docs-3.0.101-108.71.1.noarch", ], }, ], scores: [ { cvss_v3: { baseScore: 4.7, baseSeverity: "MEDIUM", vectorString: "CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N", version: "3.0", }, products: [ "SUSE Linux Enterprise Server 11 SP4:kernel-bigmem-3.0.101-108.71.1.ppc64", "SUSE Linux Enterprise Server 11 SP4:kernel-bigmem-base-3.0.101-108.71.1.ppc64", "SUSE Linux Enterprise Server 11 SP4:kernel-bigmem-devel-3.0.101-108.71.1.ppc64", "SUSE Linux Enterprise Server 11 SP4:kernel-default-3.0.101-108.71.1.i586", "SUSE Linux Enterprise Server 11 SP4:kernel-default-3.0.101-108.71.1.ia64", "SUSE Linux Enterprise Server 11 SP4:kernel-default-3.0.101-108.71.1.ppc64", "SUSE Linux Enterprise Server 11 SP4:kernel-default-3.0.101-108.71.1.s390x", "SUSE Linux Enterprise Server 11 SP4:kernel-default-3.0.101-108.71.1.x86_64", "SUSE Linux Enterprise Server 11 SP4:kernel-default-base-3.0.101-108.71.1.i586", "SUSE Linux Enterprise Server 11 SP4:kernel-default-base-3.0.101-108.71.1.ia64", "SUSE Linux Enterprise Server 11 SP4:kernel-default-base-3.0.101-108.71.1.ppc64", "SUSE Linux Enterprise Server 11 SP4:kernel-default-base-3.0.101-108.71.1.s390x", "SUSE Linux Enterprise Server 11 SP4:kernel-default-base-3.0.101-108.71.1.x86_64", "SUSE Linux Enterprise Server 11 SP4:kernel-default-devel-3.0.101-108.71.1.i586", "SUSE Linux Enterprise Server 11 SP4:kernel-default-devel-3.0.101-108.71.1.ia64", "SUSE Linux Enterprise Server 11 SP4:kernel-default-devel-3.0.101-108.71.1.ppc64", "SUSE Linux Enterprise Server 11 SP4:kernel-default-devel-3.0.101-108.71.1.s390x", "SUSE Linux Enterprise Server 11 SP4:kernel-default-devel-3.0.101-108.71.1.x86_64", "SUSE Linux Enterprise Server 11 SP4:kernel-default-man-3.0.101-108.71.1.s390x", "SUSE Linux Enterprise Server 11 SP4:kernel-ec2-3.0.101-108.71.1.i586", "SUSE Linux Enterprise Server 11 SP4:kernel-ec2-3.0.101-108.71.1.x86_64", "SUSE Linux Enterprise Server 11 SP4:kernel-ec2-base-3.0.101-108.71.1.i586", "SUSE Linux Enterprise Server 11 SP4:kernel-ec2-base-3.0.101-108.71.1.x86_64", "SUSE Linux Enterprise Server 11 SP4:kernel-ec2-devel-3.0.101-108.71.1.i586", "SUSE Linux Enterprise Server 11 SP4:kernel-ec2-devel-3.0.101-108.71.1.x86_64", "SUSE Linux Enterprise Server 11 SP4:kernel-pae-3.0.101-108.71.1.i586", "SUSE Linux Enterprise Server 11 SP4:kernel-pae-base-3.0.101-108.71.1.i586", "SUSE Linux Enterprise Server 11 SP4:kernel-pae-devel-3.0.101-108.71.1.i586", "SUSE Linux Enterprise Server 11 SP4:kernel-ppc64-3.0.101-108.71.1.ppc64", "SUSE Linux Enterprise Server 11 SP4:kernel-ppc64-base-3.0.101-108.71.1.ppc64", "SUSE Linux Enterprise Server 11 SP4:kernel-ppc64-devel-3.0.101-108.71.1.ppc64", "SUSE Linux Enterprise Server 11 SP4:kernel-source-3.0.101-108.71.1.i586", "SUSE Linux Enterprise Server 11 SP4:kernel-source-3.0.101-108.71.1.ia64", "SUSE Linux Enterprise Server 11 SP4:kernel-source-3.0.101-108.71.1.ppc64", "SUSE Linux Enterprise Server 11 SP4:kernel-source-3.0.101-108.71.1.s390x", "SUSE Linux Enterprise Server 11 SP4:kernel-source-3.0.101-108.71.1.x86_64", "SUSE Linux Enterprise Server 11 SP4:kernel-syms-3.0.101-108.71.1.i586", "SUSE Linux Enterprise Server 11 SP4:kernel-syms-3.0.101-108.71.1.ia64", "SUSE Linux Enterprise Server 11 SP4:kernel-syms-3.0.101-108.71.1.ppc64", "SUSE Linux Enterprise Server 11 SP4:kernel-syms-3.0.101-108.71.1.s390x", "SUSE Linux Enterprise Server 11 SP4:kernel-syms-3.0.101-108.71.1.x86_64", "SUSE Linux Enterprise Server 11 SP4:kernel-trace-3.0.101-108.71.1.i586", "SUSE Linux Enterprise Server 11 SP4:kernel-trace-3.0.101-108.71.1.ia64", "SUSE Linux Enterprise Server 11 SP4:kernel-trace-3.0.101-108.71.1.ppc64", "SUSE Linux Enterprise Server 11 SP4:kernel-trace-3.0.101-108.71.1.s390x", "SUSE Linux Enterprise Server 11 SP4:kernel-trace-3.0.101-108.71.1.x86_64", "SUSE Linux Enterprise Server 11 SP4:kernel-trace-base-3.0.101-108.71.1.i586", "SUSE Linux Enterprise Server 11 SP4:kernel-trace-base-3.0.101-108.71.1.ia64", "SUSE Linux Enterprise Server 11 SP4:kernel-trace-base-3.0.101-108.71.1.ppc64", "SUSE Linux Enterprise Server 11 SP4:kernel-trace-base-3.0.101-108.71.1.s390x", "SUSE Linux Enterprise Server 11 SP4:kernel-trace-base-3.0.101-108.71.1.x86_64", "SUSE Linux Enterprise Server 11 SP4:kernel-trace-devel-3.0.101-108.71.1.i586", "SUSE Linux Enterprise Server 11 SP4:kernel-trace-devel-3.0.101-108.71.1.ia64", "SUSE Linux Enterprise Server 11 SP4:kernel-trace-devel-3.0.101-108.71.1.ppc64", "SUSE Linux Enterprise Server 11 SP4:kernel-trace-devel-3.0.101-108.71.1.s390x", "SUSE Linux Enterprise Server 11 SP4:kernel-trace-devel-3.0.101-108.71.1.x86_64", "SUSE Linux Enterprise Server 11 SP4:kernel-xen-3.0.101-108.71.1.i586", "SUSE Linux Enterprise Server 11 SP4:kernel-xen-3.0.101-108.71.1.x86_64", "SUSE Linux Enterprise Server 11 SP4:kernel-xen-base-3.0.101-108.71.1.i586", "SUSE Linux Enterprise Server 11 SP4:kernel-xen-base-3.0.101-108.71.1.x86_64", "SUSE Linux Enterprise Server 11 SP4:kernel-xen-devel-3.0.101-108.71.1.i586", "SUSE Linux Enterprise Server 11 SP4:kernel-xen-devel-3.0.101-108.71.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-bigmem-3.0.101-108.71.1.ppc64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-bigmem-base-3.0.101-108.71.1.ppc64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-bigmem-devel-3.0.101-108.71.1.ppc64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-default-3.0.101-108.71.1.i586", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-default-3.0.101-108.71.1.ia64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-default-3.0.101-108.71.1.ppc64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-default-3.0.101-108.71.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-default-3.0.101-108.71.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-default-base-3.0.101-108.71.1.i586", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-default-base-3.0.101-108.71.1.ia64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-default-base-3.0.101-108.71.1.ppc64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-default-base-3.0.101-108.71.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-default-base-3.0.101-108.71.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-default-devel-3.0.101-108.71.1.i586", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-default-devel-3.0.101-108.71.1.ia64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-default-devel-3.0.101-108.71.1.ppc64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-default-devel-3.0.101-108.71.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-default-devel-3.0.101-108.71.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-default-man-3.0.101-108.71.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-ec2-3.0.101-108.71.1.i586", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-ec2-3.0.101-108.71.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-ec2-base-3.0.101-108.71.1.i586", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-ec2-base-3.0.101-108.71.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-ec2-devel-3.0.101-108.71.1.i586", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-ec2-devel-3.0.101-108.71.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-pae-3.0.101-108.71.1.i586", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-pae-base-3.0.101-108.71.1.i586", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-pae-devel-3.0.101-108.71.1.i586", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-ppc64-3.0.101-108.71.1.ppc64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-ppc64-base-3.0.101-108.71.1.ppc64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-ppc64-devel-3.0.101-108.71.1.ppc64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-source-3.0.101-108.71.1.i586", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-source-3.0.101-108.71.1.ia64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-source-3.0.101-108.71.1.ppc64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-source-3.0.101-108.71.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-source-3.0.101-108.71.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-syms-3.0.101-108.71.1.i586", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-syms-3.0.101-108.71.1.ia64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-syms-3.0.101-108.71.1.ppc64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-syms-3.0.101-108.71.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-syms-3.0.101-108.71.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-trace-3.0.101-108.71.1.i586", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-trace-3.0.101-108.71.1.ia64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-trace-3.0.101-108.71.1.ppc64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-trace-3.0.101-108.71.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-trace-3.0.101-108.71.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-trace-base-3.0.101-108.71.1.i586", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-trace-base-3.0.101-108.71.1.ia64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-trace-base-3.0.101-108.71.1.ppc64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-trace-base-3.0.101-108.71.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-trace-base-3.0.101-108.71.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-trace-devel-3.0.101-108.71.1.i586", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-trace-devel-3.0.101-108.71.1.ia64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-trace-devel-3.0.101-108.71.1.ppc64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-trace-devel-3.0.101-108.71.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-trace-devel-3.0.101-108.71.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-xen-3.0.101-108.71.1.i586", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-xen-3.0.101-108.71.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-xen-base-3.0.101-108.71.1.i586", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-xen-base-3.0.101-108.71.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-xen-devel-3.0.101-108.71.1.i586", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-xen-devel-3.0.101-108.71.1.x86_64", "SUSE Linux Enterprise Software Development Kit 11 SP4:kernel-docs-3.0.101-108.71.1.noarch", ], }, ], threats: [ { category: "impact", date: "2018-09-26T12:53:30Z", details: "important", }, ], title: "CVE-2018-15572", }, { cve: "CVE-2018-15594", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2018-15594", }, ], notes: [ { category: "general", text: "arch/x86/kernel/paravirt.c in the Linux kernel before 4.18.1 mishandles certain indirect calls, which makes it easier for attackers to conduct Spectre-v2 attacks against paravirtual guests.", title: "CVE description", }, ], product_status: { recommended: [ "SUSE Linux Enterprise Server 11 SP4:kernel-bigmem-3.0.101-108.71.1.ppc64", "SUSE Linux Enterprise Server 11 SP4:kernel-bigmem-base-3.0.101-108.71.1.ppc64", "SUSE Linux Enterprise Server 11 SP4:kernel-bigmem-devel-3.0.101-108.71.1.ppc64", "SUSE Linux Enterprise Server 11 SP4:kernel-default-3.0.101-108.71.1.i586", "SUSE Linux Enterprise Server 11 SP4:kernel-default-3.0.101-108.71.1.ia64", "SUSE Linux Enterprise Server 11 SP4:kernel-default-3.0.101-108.71.1.ppc64", "SUSE Linux Enterprise Server 11 SP4:kernel-default-3.0.101-108.71.1.s390x", "SUSE Linux Enterprise Server 11 SP4:kernel-default-3.0.101-108.71.1.x86_64", "SUSE Linux Enterprise Server 11 SP4:kernel-default-base-3.0.101-108.71.1.i586", "SUSE Linux Enterprise Server 11 SP4:kernel-default-base-3.0.101-108.71.1.ia64", "SUSE Linux Enterprise Server 11 SP4:kernel-default-base-3.0.101-108.71.1.ppc64", "SUSE Linux Enterprise Server 11 SP4:kernel-default-base-3.0.101-108.71.1.s390x", "SUSE Linux Enterprise Server 11 SP4:kernel-default-base-3.0.101-108.71.1.x86_64", "SUSE Linux Enterprise Server 11 SP4:kernel-default-devel-3.0.101-108.71.1.i586", "SUSE Linux Enterprise Server 11 SP4:kernel-default-devel-3.0.101-108.71.1.ia64", "SUSE Linux Enterprise Server 11 SP4:kernel-default-devel-3.0.101-108.71.1.ppc64", "SUSE Linux Enterprise Server 11 SP4:kernel-default-devel-3.0.101-108.71.1.s390x", "SUSE Linux Enterprise Server 11 SP4:kernel-default-devel-3.0.101-108.71.1.x86_64", "SUSE Linux Enterprise Server 11 SP4:kernel-default-man-3.0.101-108.71.1.s390x", "SUSE Linux Enterprise Server 11 SP4:kernel-ec2-3.0.101-108.71.1.i586", "SUSE Linux Enterprise Server 11 SP4:kernel-ec2-3.0.101-108.71.1.x86_64", "SUSE Linux Enterprise Server 11 SP4:kernel-ec2-base-3.0.101-108.71.1.i586", "SUSE Linux Enterprise Server 11 SP4:kernel-ec2-base-3.0.101-108.71.1.x86_64", "SUSE Linux Enterprise Server 11 SP4:kernel-ec2-devel-3.0.101-108.71.1.i586", "SUSE Linux Enterprise Server 11 SP4:kernel-ec2-devel-3.0.101-108.71.1.x86_64", "SUSE Linux Enterprise Server 11 SP4:kernel-pae-3.0.101-108.71.1.i586", "SUSE Linux Enterprise Server 11 SP4:kernel-pae-base-3.0.101-108.71.1.i586", "SUSE Linux Enterprise Server 11 SP4:kernel-pae-devel-3.0.101-108.71.1.i586", "SUSE Linux Enterprise Server 11 SP4:kernel-ppc64-3.0.101-108.71.1.ppc64", "SUSE Linux Enterprise Server 11 SP4:kernel-ppc64-base-3.0.101-108.71.1.ppc64", "SUSE Linux Enterprise Server 11 SP4:kernel-ppc64-devel-3.0.101-108.71.1.ppc64", "SUSE Linux Enterprise Server 11 SP4:kernel-source-3.0.101-108.71.1.i586", "SUSE Linux Enterprise Server 11 SP4:kernel-source-3.0.101-108.71.1.ia64", "SUSE Linux Enterprise Server 11 SP4:kernel-source-3.0.101-108.71.1.ppc64", "SUSE Linux Enterprise Server 11 SP4:kernel-source-3.0.101-108.71.1.s390x", "SUSE Linux Enterprise Server 11 SP4:kernel-source-3.0.101-108.71.1.x86_64", "SUSE Linux Enterprise Server 11 SP4:kernel-syms-3.0.101-108.71.1.i586", "SUSE Linux Enterprise Server 11 SP4:kernel-syms-3.0.101-108.71.1.ia64", "SUSE Linux Enterprise Server 11 SP4:kernel-syms-3.0.101-108.71.1.ppc64", "SUSE Linux Enterprise Server 11 SP4:kernel-syms-3.0.101-108.71.1.s390x", "SUSE Linux Enterprise Server 11 SP4:kernel-syms-3.0.101-108.71.1.x86_64", "SUSE Linux Enterprise Server 11 SP4:kernel-trace-3.0.101-108.71.1.i586", "SUSE Linux Enterprise Server 11 SP4:kernel-trace-3.0.101-108.71.1.ia64", "SUSE Linux Enterprise Server 11 SP4:kernel-trace-3.0.101-108.71.1.ppc64", "SUSE Linux Enterprise Server 11 SP4:kernel-trace-3.0.101-108.71.1.s390x", "SUSE Linux Enterprise Server 11 SP4:kernel-trace-3.0.101-108.71.1.x86_64", "SUSE Linux Enterprise Server 11 SP4:kernel-trace-base-3.0.101-108.71.1.i586", "SUSE Linux Enterprise Server 11 SP4:kernel-trace-base-3.0.101-108.71.1.ia64", "SUSE Linux Enterprise Server 11 SP4:kernel-trace-base-3.0.101-108.71.1.ppc64", "SUSE Linux Enterprise Server 11 SP4:kernel-trace-base-3.0.101-108.71.1.s390x", "SUSE Linux Enterprise Server 11 SP4:kernel-trace-base-3.0.101-108.71.1.x86_64", "SUSE Linux Enterprise Server 11 SP4:kernel-trace-devel-3.0.101-108.71.1.i586", "SUSE Linux Enterprise Server 11 SP4:kernel-trace-devel-3.0.101-108.71.1.ia64", "SUSE Linux Enterprise Server 11 SP4:kernel-trace-devel-3.0.101-108.71.1.ppc64", "SUSE Linux Enterprise Server 11 SP4:kernel-trace-devel-3.0.101-108.71.1.s390x", "SUSE Linux Enterprise Server 11 SP4:kernel-trace-devel-3.0.101-108.71.1.x86_64", "SUSE Linux Enterprise Server 11 SP4:kernel-xen-3.0.101-108.71.1.i586", "SUSE Linux Enterprise Server 11 SP4:kernel-xen-3.0.101-108.71.1.x86_64", "SUSE Linux Enterprise Server 11 SP4:kernel-xen-base-3.0.101-108.71.1.i586", "SUSE Linux Enterprise Server 11 SP4:kernel-xen-base-3.0.101-108.71.1.x86_64", "SUSE Linux Enterprise Server 11 SP4:kernel-xen-devel-3.0.101-108.71.1.i586", "SUSE Linux Enterprise Server 11 SP4:kernel-xen-devel-3.0.101-108.71.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-bigmem-3.0.101-108.71.1.ppc64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-bigmem-base-3.0.101-108.71.1.ppc64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-bigmem-devel-3.0.101-108.71.1.ppc64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-default-3.0.101-108.71.1.i586", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-default-3.0.101-108.71.1.ia64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-default-3.0.101-108.71.1.ppc64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-default-3.0.101-108.71.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-default-3.0.101-108.71.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-default-base-3.0.101-108.71.1.i586", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-default-base-3.0.101-108.71.1.ia64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-default-base-3.0.101-108.71.1.ppc64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-default-base-3.0.101-108.71.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-default-base-3.0.101-108.71.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-default-devel-3.0.101-108.71.1.i586", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-default-devel-3.0.101-108.71.1.ia64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-default-devel-3.0.101-108.71.1.ppc64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-default-devel-3.0.101-108.71.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-default-devel-3.0.101-108.71.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-default-man-3.0.101-108.71.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-ec2-3.0.101-108.71.1.i586", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-ec2-3.0.101-108.71.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-ec2-base-3.0.101-108.71.1.i586", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-ec2-base-3.0.101-108.71.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-ec2-devel-3.0.101-108.71.1.i586", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-ec2-devel-3.0.101-108.71.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-pae-3.0.101-108.71.1.i586", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-pae-base-3.0.101-108.71.1.i586", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-pae-devel-3.0.101-108.71.1.i586", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-ppc64-3.0.101-108.71.1.ppc64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-ppc64-base-3.0.101-108.71.1.ppc64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-ppc64-devel-3.0.101-108.71.1.ppc64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-source-3.0.101-108.71.1.i586", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-source-3.0.101-108.71.1.ia64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-source-3.0.101-108.71.1.ppc64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-source-3.0.101-108.71.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-source-3.0.101-108.71.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-syms-3.0.101-108.71.1.i586", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-syms-3.0.101-108.71.1.ia64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-syms-3.0.101-108.71.1.ppc64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-syms-3.0.101-108.71.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-syms-3.0.101-108.71.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-trace-3.0.101-108.71.1.i586", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-trace-3.0.101-108.71.1.ia64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-trace-3.0.101-108.71.1.ppc64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-trace-3.0.101-108.71.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-trace-3.0.101-108.71.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-trace-base-3.0.101-108.71.1.i586", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-trace-base-3.0.101-108.71.1.ia64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-trace-base-3.0.101-108.71.1.ppc64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-trace-base-3.0.101-108.71.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-trace-base-3.0.101-108.71.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-trace-devel-3.0.101-108.71.1.i586", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-trace-devel-3.0.101-108.71.1.ia64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-trace-devel-3.0.101-108.71.1.ppc64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-trace-devel-3.0.101-108.71.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-trace-devel-3.0.101-108.71.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-xen-3.0.101-108.71.1.i586", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-xen-3.0.101-108.71.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-xen-base-3.0.101-108.71.1.i586", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-xen-base-3.0.101-108.71.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-xen-devel-3.0.101-108.71.1.i586", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-xen-devel-3.0.101-108.71.1.x86_64", "SUSE Linux Enterprise Software Development Kit 11 SP4:kernel-docs-3.0.101-108.71.1.noarch", ], }, references: [ { category: "external", summary: "CVE-2018-15594", url: "https://www.suse.com/security/cve/CVE-2018-15594", }, { category: "external", summary: "SUSE Bug 1105348 for CVE-2018-15594", url: "https://bugzilla.suse.com/1105348", }, { category: "external", summary: "SUSE Bug 1133319 for CVE-2018-15594", url: "https://bugzilla.suse.com/1133319", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE Linux Enterprise Server 11 SP4:kernel-bigmem-3.0.101-108.71.1.ppc64", "SUSE Linux Enterprise Server 11 SP4:kernel-bigmem-base-3.0.101-108.71.1.ppc64", "SUSE Linux Enterprise Server 11 SP4:kernel-bigmem-devel-3.0.101-108.71.1.ppc64", "SUSE Linux Enterprise Server 11 SP4:kernel-default-3.0.101-108.71.1.i586", "SUSE Linux Enterprise Server 11 SP4:kernel-default-3.0.101-108.71.1.ia64", "SUSE Linux Enterprise Server 11 SP4:kernel-default-3.0.101-108.71.1.ppc64", "SUSE Linux Enterprise Server 11 SP4:kernel-default-3.0.101-108.71.1.s390x", "SUSE Linux Enterprise Server 11 SP4:kernel-default-3.0.101-108.71.1.x86_64", "SUSE Linux Enterprise Server 11 SP4:kernel-default-base-3.0.101-108.71.1.i586", "SUSE Linux Enterprise Server 11 SP4:kernel-default-base-3.0.101-108.71.1.ia64", "SUSE Linux Enterprise Server 11 SP4:kernel-default-base-3.0.101-108.71.1.ppc64", "SUSE Linux Enterprise Server 11 SP4:kernel-default-base-3.0.101-108.71.1.s390x", "SUSE Linux Enterprise Server 11 SP4:kernel-default-base-3.0.101-108.71.1.x86_64", "SUSE Linux Enterprise Server 11 SP4:kernel-default-devel-3.0.101-108.71.1.i586", "SUSE Linux Enterprise Server 11 SP4:kernel-default-devel-3.0.101-108.71.1.ia64", "SUSE Linux Enterprise Server 11 SP4:kernel-default-devel-3.0.101-108.71.1.ppc64", "SUSE Linux Enterprise Server 11 SP4:kernel-default-devel-3.0.101-108.71.1.s390x", "SUSE Linux Enterprise Server 11 SP4:kernel-default-devel-3.0.101-108.71.1.x86_64", "SUSE Linux Enterprise Server 11 SP4:kernel-default-man-3.0.101-108.71.1.s390x", "SUSE Linux Enterprise Server 11 SP4:kernel-ec2-3.0.101-108.71.1.i586", "SUSE Linux Enterprise Server 11 SP4:kernel-ec2-3.0.101-108.71.1.x86_64", "SUSE Linux Enterprise Server 11 SP4:kernel-ec2-base-3.0.101-108.71.1.i586", "SUSE Linux Enterprise Server 11 SP4:kernel-ec2-base-3.0.101-108.71.1.x86_64", "SUSE Linux Enterprise Server 11 SP4:kernel-ec2-devel-3.0.101-108.71.1.i586", "SUSE Linux Enterprise Server 11 SP4:kernel-ec2-devel-3.0.101-108.71.1.x86_64", "SUSE Linux Enterprise Server 11 SP4:kernel-pae-3.0.101-108.71.1.i586", "SUSE Linux Enterprise Server 11 SP4:kernel-pae-base-3.0.101-108.71.1.i586", "SUSE Linux Enterprise Server 11 SP4:kernel-pae-devel-3.0.101-108.71.1.i586", "SUSE Linux Enterprise Server 11 SP4:kernel-ppc64-3.0.101-108.71.1.ppc64", "SUSE Linux Enterprise Server 11 SP4:kernel-ppc64-base-3.0.101-108.71.1.ppc64", "SUSE Linux Enterprise Server 11 SP4:kernel-ppc64-devel-3.0.101-108.71.1.ppc64", "SUSE Linux Enterprise Server 11 SP4:kernel-source-3.0.101-108.71.1.i586", "SUSE Linux Enterprise Server 11 SP4:kernel-source-3.0.101-108.71.1.ia64", "SUSE Linux Enterprise Server 11 SP4:kernel-source-3.0.101-108.71.1.ppc64", "SUSE Linux Enterprise Server 11 SP4:kernel-source-3.0.101-108.71.1.s390x", "SUSE Linux Enterprise Server 11 SP4:kernel-source-3.0.101-108.71.1.x86_64", "SUSE Linux Enterprise Server 11 SP4:kernel-syms-3.0.101-108.71.1.i586", "SUSE Linux Enterprise Server 11 SP4:kernel-syms-3.0.101-108.71.1.ia64", "SUSE Linux Enterprise Server 11 SP4:kernel-syms-3.0.101-108.71.1.ppc64", "SUSE Linux Enterprise Server 11 SP4:kernel-syms-3.0.101-108.71.1.s390x", "SUSE Linux Enterprise Server 11 SP4:kernel-syms-3.0.101-108.71.1.x86_64", "SUSE Linux Enterprise Server 11 SP4:kernel-trace-3.0.101-108.71.1.i586", "SUSE Linux Enterprise Server 11 SP4:kernel-trace-3.0.101-108.71.1.ia64", "SUSE Linux Enterprise Server 11 SP4:kernel-trace-3.0.101-108.71.1.ppc64", "SUSE Linux Enterprise Server 11 SP4:kernel-trace-3.0.101-108.71.1.s390x", "SUSE Linux Enterprise Server 11 SP4:kernel-trace-3.0.101-108.71.1.x86_64", "SUSE Linux Enterprise Server 11 SP4:kernel-trace-base-3.0.101-108.71.1.i586", "SUSE Linux Enterprise Server 11 SP4:kernel-trace-base-3.0.101-108.71.1.ia64", "SUSE Linux Enterprise Server 11 SP4:kernel-trace-base-3.0.101-108.71.1.ppc64", "SUSE Linux Enterprise Server 11 SP4:kernel-trace-base-3.0.101-108.71.1.s390x", "SUSE Linux Enterprise Server 11 SP4:kernel-trace-base-3.0.101-108.71.1.x86_64", "SUSE Linux Enterprise Server 11 SP4:kernel-trace-devel-3.0.101-108.71.1.i586", "SUSE Linux Enterprise Server 11 SP4:kernel-trace-devel-3.0.101-108.71.1.ia64", "SUSE Linux Enterprise Server 11 SP4:kernel-trace-devel-3.0.101-108.71.1.ppc64", "SUSE Linux Enterprise Server 11 SP4:kernel-trace-devel-3.0.101-108.71.1.s390x", "SUSE Linux Enterprise Server 11 SP4:kernel-trace-devel-3.0.101-108.71.1.x86_64", "SUSE Linux Enterprise Server 11 SP4:kernel-xen-3.0.101-108.71.1.i586", "SUSE Linux Enterprise Server 11 SP4:kernel-xen-3.0.101-108.71.1.x86_64", "SUSE Linux Enterprise Server 11 SP4:kernel-xen-base-3.0.101-108.71.1.i586", "SUSE Linux Enterprise Server 11 SP4:kernel-xen-base-3.0.101-108.71.1.x86_64", "SUSE Linux Enterprise Server 11 SP4:kernel-xen-devel-3.0.101-108.71.1.i586", "SUSE Linux Enterprise Server 11 SP4:kernel-xen-devel-3.0.101-108.71.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-bigmem-3.0.101-108.71.1.ppc64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-bigmem-base-3.0.101-108.71.1.ppc64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-bigmem-devel-3.0.101-108.71.1.ppc64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-default-3.0.101-108.71.1.i586", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-default-3.0.101-108.71.1.ia64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-default-3.0.101-108.71.1.ppc64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-default-3.0.101-108.71.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-default-3.0.101-108.71.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-default-base-3.0.101-108.71.1.i586", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-default-base-3.0.101-108.71.1.ia64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-default-base-3.0.101-108.71.1.ppc64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-default-base-3.0.101-108.71.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-default-base-3.0.101-108.71.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-default-devel-3.0.101-108.71.1.i586", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-default-devel-3.0.101-108.71.1.ia64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-default-devel-3.0.101-108.71.1.ppc64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-default-devel-3.0.101-108.71.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-default-devel-3.0.101-108.71.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-default-man-3.0.101-108.71.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-ec2-3.0.101-108.71.1.i586", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-ec2-3.0.101-108.71.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-ec2-base-3.0.101-108.71.1.i586", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-ec2-base-3.0.101-108.71.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-ec2-devel-3.0.101-108.71.1.i586", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-ec2-devel-3.0.101-108.71.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-pae-3.0.101-108.71.1.i586", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-pae-base-3.0.101-108.71.1.i586", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-pae-devel-3.0.101-108.71.1.i586", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-ppc64-3.0.101-108.71.1.ppc64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-ppc64-base-3.0.101-108.71.1.ppc64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-ppc64-devel-3.0.101-108.71.1.ppc64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-source-3.0.101-108.71.1.i586", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-source-3.0.101-108.71.1.ia64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-source-3.0.101-108.71.1.ppc64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-source-3.0.101-108.71.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-source-3.0.101-108.71.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-syms-3.0.101-108.71.1.i586", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-syms-3.0.101-108.71.1.ia64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-syms-3.0.101-108.71.1.ppc64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-syms-3.0.101-108.71.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-syms-3.0.101-108.71.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-trace-3.0.101-108.71.1.i586", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-trace-3.0.101-108.71.1.ia64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-trace-3.0.101-108.71.1.ppc64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-trace-3.0.101-108.71.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-trace-3.0.101-108.71.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-trace-base-3.0.101-108.71.1.i586", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-trace-base-3.0.101-108.71.1.ia64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-trace-base-3.0.101-108.71.1.ppc64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-trace-base-3.0.101-108.71.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-trace-base-3.0.101-108.71.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-trace-devel-3.0.101-108.71.1.i586", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-trace-devel-3.0.101-108.71.1.ia64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-trace-devel-3.0.101-108.71.1.ppc64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-trace-devel-3.0.101-108.71.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-trace-devel-3.0.101-108.71.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-xen-3.0.101-108.71.1.i586", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-xen-3.0.101-108.71.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-xen-base-3.0.101-108.71.1.i586", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-xen-base-3.0.101-108.71.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-xen-devel-3.0.101-108.71.1.i586", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-xen-devel-3.0.101-108.71.1.x86_64", "SUSE Linux Enterprise Software Development Kit 11 SP4:kernel-docs-3.0.101-108.71.1.noarch", ], }, ], scores: [ { cvss_v3: { baseScore: 5.5, baseSeverity: "MEDIUM", vectorString: "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N", version: "3.0", }, products: [ "SUSE Linux Enterprise Server 11 SP4:kernel-bigmem-3.0.101-108.71.1.ppc64", "SUSE Linux Enterprise Server 11 SP4:kernel-bigmem-base-3.0.101-108.71.1.ppc64", "SUSE Linux Enterprise Server 11 SP4:kernel-bigmem-devel-3.0.101-108.71.1.ppc64", "SUSE Linux Enterprise Server 11 SP4:kernel-default-3.0.101-108.71.1.i586", "SUSE Linux Enterprise Server 11 SP4:kernel-default-3.0.101-108.71.1.ia64", "SUSE Linux Enterprise Server 11 SP4:kernel-default-3.0.101-108.71.1.ppc64", "SUSE Linux Enterprise Server 11 SP4:kernel-default-3.0.101-108.71.1.s390x", "SUSE Linux Enterprise Server 11 SP4:kernel-default-3.0.101-108.71.1.x86_64", "SUSE Linux Enterprise Server 11 SP4:kernel-default-base-3.0.101-108.71.1.i586", "SUSE Linux Enterprise Server 11 SP4:kernel-default-base-3.0.101-108.71.1.ia64", "SUSE Linux Enterprise Server 11 SP4:kernel-default-base-3.0.101-108.71.1.ppc64", "SUSE Linux Enterprise Server 11 SP4:kernel-default-base-3.0.101-108.71.1.s390x", "SUSE Linux Enterprise Server 11 SP4:kernel-default-base-3.0.101-108.71.1.x86_64", "SUSE Linux Enterprise Server 11 SP4:kernel-default-devel-3.0.101-108.71.1.i586", "SUSE Linux Enterprise Server 11 SP4:kernel-default-devel-3.0.101-108.71.1.ia64", "SUSE Linux Enterprise Server 11 SP4:kernel-default-devel-3.0.101-108.71.1.ppc64", "SUSE Linux Enterprise Server 11 SP4:kernel-default-devel-3.0.101-108.71.1.s390x", "SUSE Linux Enterprise Server 11 SP4:kernel-default-devel-3.0.101-108.71.1.x86_64", "SUSE Linux Enterprise Server 11 SP4:kernel-default-man-3.0.101-108.71.1.s390x", "SUSE Linux Enterprise Server 11 SP4:kernel-ec2-3.0.101-108.71.1.i586", "SUSE Linux Enterprise Server 11 SP4:kernel-ec2-3.0.101-108.71.1.x86_64", "SUSE Linux Enterprise Server 11 SP4:kernel-ec2-base-3.0.101-108.71.1.i586", "SUSE Linux Enterprise Server 11 SP4:kernel-ec2-base-3.0.101-108.71.1.x86_64", "SUSE Linux Enterprise Server 11 SP4:kernel-ec2-devel-3.0.101-108.71.1.i586", "SUSE Linux Enterprise Server 11 SP4:kernel-ec2-devel-3.0.101-108.71.1.x86_64", "SUSE Linux Enterprise Server 11 SP4:kernel-pae-3.0.101-108.71.1.i586", "SUSE Linux Enterprise Server 11 SP4:kernel-pae-base-3.0.101-108.71.1.i586", "SUSE Linux Enterprise Server 11 SP4:kernel-pae-devel-3.0.101-108.71.1.i586", "SUSE Linux Enterprise Server 11 SP4:kernel-ppc64-3.0.101-108.71.1.ppc64", "SUSE Linux Enterprise Server 11 SP4:kernel-ppc64-base-3.0.101-108.71.1.ppc64", "SUSE Linux Enterprise Server 11 SP4:kernel-ppc64-devel-3.0.101-108.71.1.ppc64", "SUSE Linux Enterprise Server 11 SP4:kernel-source-3.0.101-108.71.1.i586", "SUSE Linux Enterprise Server 11 SP4:kernel-source-3.0.101-108.71.1.ia64", "SUSE Linux Enterprise Server 11 SP4:kernel-source-3.0.101-108.71.1.ppc64", "SUSE Linux Enterprise Server 11 SP4:kernel-source-3.0.101-108.71.1.s390x", "SUSE Linux Enterprise Server 11 SP4:kernel-source-3.0.101-108.71.1.x86_64", "SUSE Linux Enterprise Server 11 SP4:kernel-syms-3.0.101-108.71.1.i586", "SUSE Linux Enterprise Server 11 SP4:kernel-syms-3.0.101-108.71.1.ia64", "SUSE Linux Enterprise Server 11 SP4:kernel-syms-3.0.101-108.71.1.ppc64", "SUSE Linux Enterprise Server 11 SP4:kernel-syms-3.0.101-108.71.1.s390x", "SUSE Linux Enterprise Server 11 SP4:kernel-syms-3.0.101-108.71.1.x86_64", "SUSE Linux Enterprise Server 11 SP4:kernel-trace-3.0.101-108.71.1.i586", "SUSE Linux Enterprise Server 11 SP4:kernel-trace-3.0.101-108.71.1.ia64", "SUSE Linux Enterprise Server 11 SP4:kernel-trace-3.0.101-108.71.1.ppc64", "SUSE Linux Enterprise Server 11 SP4:kernel-trace-3.0.101-108.71.1.s390x", "SUSE Linux Enterprise Server 11 SP4:kernel-trace-3.0.101-108.71.1.x86_64", "SUSE Linux Enterprise Server 11 SP4:kernel-trace-base-3.0.101-108.71.1.i586", "SUSE Linux Enterprise Server 11 SP4:kernel-trace-base-3.0.101-108.71.1.ia64", "SUSE Linux Enterprise Server 11 SP4:kernel-trace-base-3.0.101-108.71.1.ppc64", "SUSE Linux Enterprise Server 11 SP4:kernel-trace-base-3.0.101-108.71.1.s390x", "SUSE Linux Enterprise Server 11 SP4:kernel-trace-base-3.0.101-108.71.1.x86_64", "SUSE Linux Enterprise Server 11 SP4:kernel-trace-devel-3.0.101-108.71.1.i586", "SUSE Linux Enterprise Server 11 SP4:kernel-trace-devel-3.0.101-108.71.1.ia64", "SUSE Linux Enterprise Server 11 SP4:kernel-trace-devel-3.0.101-108.71.1.ppc64", "SUSE Linux Enterprise Server 11 SP4:kernel-trace-devel-3.0.101-108.71.1.s390x", "SUSE Linux Enterprise Server 11 SP4:kernel-trace-devel-3.0.101-108.71.1.x86_64", "SUSE Linux Enterprise Server 11 SP4:kernel-xen-3.0.101-108.71.1.i586", "SUSE Linux Enterprise Server 11 SP4:kernel-xen-3.0.101-108.71.1.x86_64", "SUSE Linux Enterprise Server 11 SP4:kernel-xen-base-3.0.101-108.71.1.i586", "SUSE Linux Enterprise Server 11 SP4:kernel-xen-base-3.0.101-108.71.1.x86_64", "SUSE Linux Enterprise Server 11 SP4:kernel-xen-devel-3.0.101-108.71.1.i586", "SUSE Linux Enterprise Server 11 SP4:kernel-xen-devel-3.0.101-108.71.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-bigmem-3.0.101-108.71.1.ppc64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-bigmem-base-3.0.101-108.71.1.ppc64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-bigmem-devel-3.0.101-108.71.1.ppc64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-default-3.0.101-108.71.1.i586", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-default-3.0.101-108.71.1.ia64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-default-3.0.101-108.71.1.ppc64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-default-3.0.101-108.71.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-default-3.0.101-108.71.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-default-base-3.0.101-108.71.1.i586", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-default-base-3.0.101-108.71.1.ia64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-default-base-3.0.101-108.71.1.ppc64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-default-base-3.0.101-108.71.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-default-base-3.0.101-108.71.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-default-devel-3.0.101-108.71.1.i586", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-default-devel-3.0.101-108.71.1.ia64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-default-devel-3.0.101-108.71.1.ppc64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-default-devel-3.0.101-108.71.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-default-devel-3.0.101-108.71.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-default-man-3.0.101-108.71.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-ec2-3.0.101-108.71.1.i586", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-ec2-3.0.101-108.71.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-ec2-base-3.0.101-108.71.1.i586", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-ec2-base-3.0.101-108.71.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-ec2-devel-3.0.101-108.71.1.i586", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-ec2-devel-3.0.101-108.71.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-pae-3.0.101-108.71.1.i586", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-pae-base-3.0.101-108.71.1.i586", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-pae-devel-3.0.101-108.71.1.i586", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-ppc64-3.0.101-108.71.1.ppc64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-ppc64-base-3.0.101-108.71.1.ppc64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-ppc64-devel-3.0.101-108.71.1.ppc64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-source-3.0.101-108.71.1.i586", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-source-3.0.101-108.71.1.ia64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-source-3.0.101-108.71.1.ppc64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-source-3.0.101-108.71.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-source-3.0.101-108.71.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-syms-3.0.101-108.71.1.i586", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-syms-3.0.101-108.71.1.ia64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-syms-3.0.101-108.71.1.ppc64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-syms-3.0.101-108.71.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-syms-3.0.101-108.71.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-trace-3.0.101-108.71.1.i586", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-trace-3.0.101-108.71.1.ia64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-trace-3.0.101-108.71.1.ppc64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-trace-3.0.101-108.71.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-trace-3.0.101-108.71.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-trace-base-3.0.101-108.71.1.i586", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-trace-base-3.0.101-108.71.1.ia64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-trace-base-3.0.101-108.71.1.ppc64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-trace-base-3.0.101-108.71.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-trace-base-3.0.101-108.71.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-trace-devel-3.0.101-108.71.1.i586", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-trace-devel-3.0.101-108.71.1.ia64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-trace-devel-3.0.101-108.71.1.ppc64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-trace-devel-3.0.101-108.71.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-trace-devel-3.0.101-108.71.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-xen-3.0.101-108.71.1.i586", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-xen-3.0.101-108.71.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-xen-base-3.0.101-108.71.1.i586", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-xen-base-3.0.101-108.71.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-xen-devel-3.0.101-108.71.1.i586", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-xen-devel-3.0.101-108.71.1.x86_64", "SUSE Linux Enterprise Software Development Kit 11 SP4:kernel-docs-3.0.101-108.71.1.noarch", ], }, ], threats: [ { category: "impact", date: "2018-09-26T12:53:30Z", details: "moderate", }, ], title: "CVE-2018-15594", }, { cve: "CVE-2018-16276", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2018-16276", }, ], notes: [ { category: "general", text: "An issue was discovered in yurex_read in drivers/usb/misc/yurex.c in the Linux kernel before 4.17.7. Local attackers could use user access read/writes with incorrect bounds checking in the yurex USB driver to crash the kernel or potentially escalate privileges.", title: "CVE description", }, ], product_status: { recommended: [ "SUSE Linux Enterprise Server 11 SP4:kernel-bigmem-3.0.101-108.71.1.ppc64", "SUSE Linux Enterprise Server 11 SP4:kernel-bigmem-base-3.0.101-108.71.1.ppc64", "SUSE Linux Enterprise Server 11 SP4:kernel-bigmem-devel-3.0.101-108.71.1.ppc64", "SUSE Linux Enterprise Server 11 SP4:kernel-default-3.0.101-108.71.1.i586", "SUSE Linux Enterprise Server 11 SP4:kernel-default-3.0.101-108.71.1.ia64", "SUSE Linux Enterprise Server 11 SP4:kernel-default-3.0.101-108.71.1.ppc64", "SUSE Linux Enterprise Server 11 SP4:kernel-default-3.0.101-108.71.1.s390x", "SUSE Linux Enterprise Server 11 SP4:kernel-default-3.0.101-108.71.1.x86_64", "SUSE Linux Enterprise Server 11 SP4:kernel-default-base-3.0.101-108.71.1.i586", "SUSE Linux Enterprise Server 11 SP4:kernel-default-base-3.0.101-108.71.1.ia64", "SUSE Linux Enterprise Server 11 SP4:kernel-default-base-3.0.101-108.71.1.ppc64", "SUSE Linux Enterprise Server 11 SP4:kernel-default-base-3.0.101-108.71.1.s390x", "SUSE Linux Enterprise Server 11 SP4:kernel-default-base-3.0.101-108.71.1.x86_64", "SUSE Linux Enterprise Server 11 SP4:kernel-default-devel-3.0.101-108.71.1.i586", "SUSE Linux Enterprise Server 11 SP4:kernel-default-devel-3.0.101-108.71.1.ia64", "SUSE Linux Enterprise Server 11 SP4:kernel-default-devel-3.0.101-108.71.1.ppc64", "SUSE Linux Enterprise Server 11 SP4:kernel-default-devel-3.0.101-108.71.1.s390x", "SUSE Linux Enterprise Server 11 SP4:kernel-default-devel-3.0.101-108.71.1.x86_64", "SUSE Linux Enterprise Server 11 SP4:kernel-default-man-3.0.101-108.71.1.s390x", "SUSE Linux Enterprise Server 11 SP4:kernel-ec2-3.0.101-108.71.1.i586", "SUSE Linux Enterprise Server 11 SP4:kernel-ec2-3.0.101-108.71.1.x86_64", "SUSE Linux Enterprise Server 11 SP4:kernel-ec2-base-3.0.101-108.71.1.i586", "SUSE Linux Enterprise Server 11 SP4:kernel-ec2-base-3.0.101-108.71.1.x86_64", "SUSE Linux Enterprise Server 11 SP4:kernel-ec2-devel-3.0.101-108.71.1.i586", "SUSE Linux Enterprise Server 11 SP4:kernel-ec2-devel-3.0.101-108.71.1.x86_64", "SUSE Linux Enterprise Server 11 SP4:kernel-pae-3.0.101-108.71.1.i586", "SUSE Linux Enterprise Server 11 SP4:kernel-pae-base-3.0.101-108.71.1.i586", "SUSE Linux Enterprise Server 11 SP4:kernel-pae-devel-3.0.101-108.71.1.i586", "SUSE Linux Enterprise Server 11 SP4:kernel-ppc64-3.0.101-108.71.1.ppc64", "SUSE Linux Enterprise Server 11 SP4:kernel-ppc64-base-3.0.101-108.71.1.ppc64", "SUSE Linux Enterprise Server 11 SP4:kernel-ppc64-devel-3.0.101-108.71.1.ppc64", "SUSE Linux Enterprise Server 11 SP4:kernel-source-3.0.101-108.71.1.i586", "SUSE Linux Enterprise Server 11 SP4:kernel-source-3.0.101-108.71.1.ia64", "SUSE Linux Enterprise Server 11 SP4:kernel-source-3.0.101-108.71.1.ppc64", "SUSE Linux Enterprise Server 11 SP4:kernel-source-3.0.101-108.71.1.s390x", "SUSE Linux Enterprise Server 11 SP4:kernel-source-3.0.101-108.71.1.x86_64", "SUSE Linux Enterprise Server 11 SP4:kernel-syms-3.0.101-108.71.1.i586", "SUSE Linux Enterprise Server 11 SP4:kernel-syms-3.0.101-108.71.1.ia64", "SUSE Linux Enterprise Server 11 SP4:kernel-syms-3.0.101-108.71.1.ppc64", "SUSE Linux Enterprise Server 11 SP4:kernel-syms-3.0.101-108.71.1.s390x", "SUSE Linux Enterprise Server 11 SP4:kernel-syms-3.0.101-108.71.1.x86_64", "SUSE Linux Enterprise Server 11 SP4:kernel-trace-3.0.101-108.71.1.i586", "SUSE Linux Enterprise Server 11 SP4:kernel-trace-3.0.101-108.71.1.ia64", "SUSE Linux Enterprise Server 11 SP4:kernel-trace-3.0.101-108.71.1.ppc64", "SUSE Linux Enterprise Server 11 SP4:kernel-trace-3.0.101-108.71.1.s390x", "SUSE Linux Enterprise Server 11 SP4:kernel-trace-3.0.101-108.71.1.x86_64", "SUSE Linux Enterprise Server 11 SP4:kernel-trace-base-3.0.101-108.71.1.i586", "SUSE Linux Enterprise Server 11 SP4:kernel-trace-base-3.0.101-108.71.1.ia64", "SUSE Linux Enterprise Server 11 SP4:kernel-trace-base-3.0.101-108.71.1.ppc64", "SUSE Linux Enterprise Server 11 SP4:kernel-trace-base-3.0.101-108.71.1.s390x", "SUSE Linux Enterprise Server 11 SP4:kernel-trace-base-3.0.101-108.71.1.x86_64", "SUSE Linux Enterprise Server 11 SP4:kernel-trace-devel-3.0.101-108.71.1.i586", "SUSE Linux Enterprise Server 11 SP4:kernel-trace-devel-3.0.101-108.71.1.ia64", "SUSE Linux Enterprise Server 11 SP4:kernel-trace-devel-3.0.101-108.71.1.ppc64", "SUSE Linux Enterprise Server 11 SP4:kernel-trace-devel-3.0.101-108.71.1.s390x", "SUSE Linux Enterprise Server 11 SP4:kernel-trace-devel-3.0.101-108.71.1.x86_64", "SUSE Linux Enterprise Server 11 SP4:kernel-xen-3.0.101-108.71.1.i586", "SUSE Linux Enterprise Server 11 SP4:kernel-xen-3.0.101-108.71.1.x86_64", "SUSE Linux Enterprise Server 11 SP4:kernel-xen-base-3.0.101-108.71.1.i586", "SUSE Linux Enterprise Server 11 SP4:kernel-xen-base-3.0.101-108.71.1.x86_64", "SUSE Linux Enterprise Server 11 SP4:kernel-xen-devel-3.0.101-108.71.1.i586", "SUSE Linux Enterprise Server 11 SP4:kernel-xen-devel-3.0.101-108.71.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-bigmem-3.0.101-108.71.1.ppc64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-bigmem-base-3.0.101-108.71.1.ppc64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-bigmem-devel-3.0.101-108.71.1.ppc64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-default-3.0.101-108.71.1.i586", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-default-3.0.101-108.71.1.ia64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-default-3.0.101-108.71.1.ppc64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-default-3.0.101-108.71.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-default-3.0.101-108.71.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-default-base-3.0.101-108.71.1.i586", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-default-base-3.0.101-108.71.1.ia64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-default-base-3.0.101-108.71.1.ppc64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-default-base-3.0.101-108.71.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-default-base-3.0.101-108.71.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-default-devel-3.0.101-108.71.1.i586", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-default-devel-3.0.101-108.71.1.ia64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-default-devel-3.0.101-108.71.1.ppc64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-default-devel-3.0.101-108.71.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-default-devel-3.0.101-108.71.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-default-man-3.0.101-108.71.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-ec2-3.0.101-108.71.1.i586", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-ec2-3.0.101-108.71.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-ec2-base-3.0.101-108.71.1.i586", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-ec2-base-3.0.101-108.71.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-ec2-devel-3.0.101-108.71.1.i586", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-ec2-devel-3.0.101-108.71.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-pae-3.0.101-108.71.1.i586", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-pae-base-3.0.101-108.71.1.i586", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-pae-devel-3.0.101-108.71.1.i586", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-ppc64-3.0.101-108.71.1.ppc64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-ppc64-base-3.0.101-108.71.1.ppc64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-ppc64-devel-3.0.101-108.71.1.ppc64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-source-3.0.101-108.71.1.i586", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-source-3.0.101-108.71.1.ia64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-source-3.0.101-108.71.1.ppc64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-source-3.0.101-108.71.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-source-3.0.101-108.71.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-syms-3.0.101-108.71.1.i586", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-syms-3.0.101-108.71.1.ia64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-syms-3.0.101-108.71.1.ppc64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-syms-3.0.101-108.71.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-syms-3.0.101-108.71.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-trace-3.0.101-108.71.1.i586", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-trace-3.0.101-108.71.1.ia64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-trace-3.0.101-108.71.1.ppc64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-trace-3.0.101-108.71.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-trace-3.0.101-108.71.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-trace-base-3.0.101-108.71.1.i586", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-trace-base-3.0.101-108.71.1.ia64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-trace-base-3.0.101-108.71.1.ppc64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-trace-base-3.0.101-108.71.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-trace-base-3.0.101-108.71.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-trace-devel-3.0.101-108.71.1.i586", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-trace-devel-3.0.101-108.71.1.ia64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-trace-devel-3.0.101-108.71.1.ppc64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-trace-devel-3.0.101-108.71.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-trace-devel-3.0.101-108.71.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-xen-3.0.101-108.71.1.i586", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-xen-3.0.101-108.71.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-xen-base-3.0.101-108.71.1.i586", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-xen-base-3.0.101-108.71.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-xen-devel-3.0.101-108.71.1.i586", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-xen-devel-3.0.101-108.71.1.x86_64", "SUSE Linux Enterprise Software Development Kit 11 SP4:kernel-docs-3.0.101-108.71.1.noarch", ], }, references: [ { category: "external", summary: "CVE-2018-16276", url: "https://www.suse.com/security/cve/CVE-2018-16276", }, { category: "external", summary: "SUSE Bug 1106095 for CVE-2018-16276", url: "https://bugzilla.suse.com/1106095", }, { category: "external", summary: "SUSE Bug 1115593 for CVE-2018-16276", url: "https://bugzilla.suse.com/1115593", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE Linux Enterprise Server 11 SP4:kernel-bigmem-3.0.101-108.71.1.ppc64", "SUSE Linux Enterprise Server 11 SP4:kernel-bigmem-base-3.0.101-108.71.1.ppc64", "SUSE Linux Enterprise Server 11 SP4:kernel-bigmem-devel-3.0.101-108.71.1.ppc64", "SUSE Linux Enterprise Server 11 SP4:kernel-default-3.0.101-108.71.1.i586", "SUSE Linux Enterprise Server 11 SP4:kernel-default-3.0.101-108.71.1.ia64", "SUSE Linux Enterprise Server 11 SP4:kernel-default-3.0.101-108.71.1.ppc64", "SUSE Linux Enterprise Server 11 SP4:kernel-default-3.0.101-108.71.1.s390x", "SUSE Linux Enterprise Server 11 SP4:kernel-default-3.0.101-108.71.1.x86_64", "SUSE Linux Enterprise Server 11 SP4:kernel-default-base-3.0.101-108.71.1.i586", "SUSE Linux Enterprise Server 11 SP4:kernel-default-base-3.0.101-108.71.1.ia64", "SUSE Linux Enterprise Server 11 SP4:kernel-default-base-3.0.101-108.71.1.ppc64", "SUSE Linux Enterprise Server 11 SP4:kernel-default-base-3.0.101-108.71.1.s390x", "SUSE Linux Enterprise Server 11 SP4:kernel-default-base-3.0.101-108.71.1.x86_64", "SUSE Linux Enterprise Server 11 SP4:kernel-default-devel-3.0.101-108.71.1.i586", "SUSE Linux Enterprise Server 11 SP4:kernel-default-devel-3.0.101-108.71.1.ia64", "SUSE Linux Enterprise Server 11 SP4:kernel-default-devel-3.0.101-108.71.1.ppc64", "SUSE Linux Enterprise Server 11 SP4:kernel-default-devel-3.0.101-108.71.1.s390x", "SUSE Linux Enterprise Server 11 SP4:kernel-default-devel-3.0.101-108.71.1.x86_64", "SUSE Linux Enterprise Server 11 SP4:kernel-default-man-3.0.101-108.71.1.s390x", "SUSE Linux Enterprise Server 11 SP4:kernel-ec2-3.0.101-108.71.1.i586", "SUSE Linux Enterprise Server 11 SP4:kernel-ec2-3.0.101-108.71.1.x86_64", "SUSE Linux Enterprise Server 11 SP4:kernel-ec2-base-3.0.101-108.71.1.i586", "SUSE Linux Enterprise Server 11 SP4:kernel-ec2-base-3.0.101-108.71.1.x86_64", "SUSE Linux Enterprise Server 11 SP4:kernel-ec2-devel-3.0.101-108.71.1.i586", "SUSE Linux Enterprise Server 11 SP4:kernel-ec2-devel-3.0.101-108.71.1.x86_64", "SUSE Linux Enterprise Server 11 SP4:kernel-pae-3.0.101-108.71.1.i586", "SUSE Linux Enterprise Server 11 SP4:kernel-pae-base-3.0.101-108.71.1.i586", "SUSE Linux Enterprise Server 11 SP4:kernel-pae-devel-3.0.101-108.71.1.i586", "SUSE Linux Enterprise Server 11 SP4:kernel-ppc64-3.0.101-108.71.1.ppc64", "SUSE Linux Enterprise Server 11 SP4:kernel-ppc64-base-3.0.101-108.71.1.ppc64", "SUSE Linux Enterprise Server 11 SP4:kernel-ppc64-devel-3.0.101-108.71.1.ppc64", "SUSE Linux Enterprise Server 11 SP4:kernel-source-3.0.101-108.71.1.i586", "SUSE Linux Enterprise Server 11 SP4:kernel-source-3.0.101-108.71.1.ia64", "SUSE Linux Enterprise Server 11 SP4:kernel-source-3.0.101-108.71.1.ppc64", "SUSE Linux Enterprise Server 11 SP4:kernel-source-3.0.101-108.71.1.s390x", "SUSE Linux Enterprise Server 11 SP4:kernel-source-3.0.101-108.71.1.x86_64", "SUSE Linux Enterprise Server 11 SP4:kernel-syms-3.0.101-108.71.1.i586", "SUSE Linux Enterprise Server 11 SP4:kernel-syms-3.0.101-108.71.1.ia64", "SUSE Linux Enterprise Server 11 SP4:kernel-syms-3.0.101-108.71.1.ppc64", "SUSE Linux Enterprise Server 11 SP4:kernel-syms-3.0.101-108.71.1.s390x", "SUSE Linux Enterprise Server 11 SP4:kernel-syms-3.0.101-108.71.1.x86_64", "SUSE Linux Enterprise Server 11 SP4:kernel-trace-3.0.101-108.71.1.i586", "SUSE Linux Enterprise Server 11 SP4:kernel-trace-3.0.101-108.71.1.ia64", "SUSE Linux Enterprise Server 11 SP4:kernel-trace-3.0.101-108.71.1.ppc64", "SUSE Linux Enterprise Server 11 SP4:kernel-trace-3.0.101-108.71.1.s390x", "SUSE Linux Enterprise Server 11 SP4:kernel-trace-3.0.101-108.71.1.x86_64", "SUSE Linux Enterprise Server 11 SP4:kernel-trace-base-3.0.101-108.71.1.i586", "SUSE Linux Enterprise Server 11 SP4:kernel-trace-base-3.0.101-108.71.1.ia64", "SUSE Linux Enterprise Server 11 SP4:kernel-trace-base-3.0.101-108.71.1.ppc64", "SUSE Linux Enterprise Server 11 SP4:kernel-trace-base-3.0.101-108.71.1.s390x", "SUSE Linux Enterprise Server 11 SP4:kernel-trace-base-3.0.101-108.71.1.x86_64", "SUSE Linux Enterprise Server 11 SP4:kernel-trace-devel-3.0.101-108.71.1.i586", "SUSE Linux Enterprise Server 11 SP4:kernel-trace-devel-3.0.101-108.71.1.ia64", "SUSE Linux Enterprise Server 11 SP4:kernel-trace-devel-3.0.101-108.71.1.ppc64", "SUSE Linux Enterprise Server 11 SP4:kernel-trace-devel-3.0.101-108.71.1.s390x", "SUSE Linux Enterprise Server 11 SP4:kernel-trace-devel-3.0.101-108.71.1.x86_64", "SUSE Linux Enterprise Server 11 SP4:kernel-xen-3.0.101-108.71.1.i586", "SUSE Linux Enterprise Server 11 SP4:kernel-xen-3.0.101-108.71.1.x86_64", "SUSE Linux Enterprise Server 11 SP4:kernel-xen-base-3.0.101-108.71.1.i586", "SUSE Linux Enterprise Server 11 SP4:kernel-xen-base-3.0.101-108.71.1.x86_64", "SUSE Linux Enterprise Server 11 SP4:kernel-xen-devel-3.0.101-108.71.1.i586", "SUSE Linux Enterprise Server 11 SP4:kernel-xen-devel-3.0.101-108.71.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-bigmem-3.0.101-108.71.1.ppc64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-bigmem-base-3.0.101-108.71.1.ppc64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-bigmem-devel-3.0.101-108.71.1.ppc64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-default-3.0.101-108.71.1.i586", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-default-3.0.101-108.71.1.ia64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-default-3.0.101-108.71.1.ppc64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-default-3.0.101-108.71.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-default-3.0.101-108.71.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-default-base-3.0.101-108.71.1.i586", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-default-base-3.0.101-108.71.1.ia64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-default-base-3.0.101-108.71.1.ppc64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-default-base-3.0.101-108.71.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-default-base-3.0.101-108.71.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-default-devel-3.0.101-108.71.1.i586", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-default-devel-3.0.101-108.71.1.ia64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-default-devel-3.0.101-108.71.1.ppc64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-default-devel-3.0.101-108.71.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-default-devel-3.0.101-108.71.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-default-man-3.0.101-108.71.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-ec2-3.0.101-108.71.1.i586", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-ec2-3.0.101-108.71.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-ec2-base-3.0.101-108.71.1.i586", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-ec2-base-3.0.101-108.71.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-ec2-devel-3.0.101-108.71.1.i586", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-ec2-devel-3.0.101-108.71.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-pae-3.0.101-108.71.1.i586", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-pae-base-3.0.101-108.71.1.i586", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-pae-devel-3.0.101-108.71.1.i586", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-ppc64-3.0.101-108.71.1.ppc64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-ppc64-base-3.0.101-108.71.1.ppc64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-ppc64-devel-3.0.101-108.71.1.ppc64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-source-3.0.101-108.71.1.i586", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-source-3.0.101-108.71.1.ia64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-source-3.0.101-108.71.1.ppc64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-source-3.0.101-108.71.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-source-3.0.101-108.71.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-syms-3.0.101-108.71.1.i586", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-syms-3.0.101-108.71.1.ia64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-syms-3.0.101-108.71.1.ppc64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-syms-3.0.101-108.71.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-syms-3.0.101-108.71.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-trace-3.0.101-108.71.1.i586", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-trace-3.0.101-108.71.1.ia64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-trace-3.0.101-108.71.1.ppc64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-trace-3.0.101-108.71.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-trace-3.0.101-108.71.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-trace-base-3.0.101-108.71.1.i586", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-trace-base-3.0.101-108.71.1.ia64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-trace-base-3.0.101-108.71.1.ppc64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-trace-base-3.0.101-108.71.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-trace-base-3.0.101-108.71.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-trace-devel-3.0.101-108.71.1.i586", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-trace-devel-3.0.101-108.71.1.ia64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-trace-devel-3.0.101-108.71.1.ppc64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-trace-devel-3.0.101-108.71.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-trace-devel-3.0.101-108.71.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-xen-3.0.101-108.71.1.i586", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-xen-3.0.101-108.71.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-xen-base-3.0.101-108.71.1.i586", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-xen-base-3.0.101-108.71.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-xen-devel-3.0.101-108.71.1.i586", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-xen-devel-3.0.101-108.71.1.x86_64", "SUSE Linux Enterprise Software Development Kit 11 SP4:kernel-docs-3.0.101-108.71.1.noarch", ], }, ], scores: [ { cvss_v3: { baseScore: 7.3, baseSeverity: "HIGH", vectorString: "CVSS:3.0/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H", version: "3.0", }, products: [ "SUSE Linux Enterprise Server 11 SP4:kernel-bigmem-3.0.101-108.71.1.ppc64", "SUSE Linux Enterprise Server 11 SP4:kernel-bigmem-base-3.0.101-108.71.1.ppc64", "SUSE Linux Enterprise Server 11 SP4:kernel-bigmem-devel-3.0.101-108.71.1.ppc64", "SUSE Linux Enterprise Server 11 SP4:kernel-default-3.0.101-108.71.1.i586", "SUSE Linux Enterprise Server 11 SP4:kernel-default-3.0.101-108.71.1.ia64", "SUSE Linux Enterprise Server 11 SP4:kernel-default-3.0.101-108.71.1.ppc64", "SUSE Linux Enterprise Server 11 SP4:kernel-default-3.0.101-108.71.1.s390x", "SUSE Linux Enterprise Server 11 SP4:kernel-default-3.0.101-108.71.1.x86_64", "SUSE Linux Enterprise Server 11 SP4:kernel-default-base-3.0.101-108.71.1.i586", "SUSE Linux Enterprise Server 11 SP4:kernel-default-base-3.0.101-108.71.1.ia64", "SUSE Linux Enterprise Server 11 SP4:kernel-default-base-3.0.101-108.71.1.ppc64", "SUSE Linux Enterprise Server 11 SP4:kernel-default-base-3.0.101-108.71.1.s390x", "SUSE Linux Enterprise Server 11 SP4:kernel-default-base-3.0.101-108.71.1.x86_64", "SUSE Linux Enterprise Server 11 SP4:kernel-default-devel-3.0.101-108.71.1.i586", "SUSE Linux Enterprise Server 11 SP4:kernel-default-devel-3.0.101-108.71.1.ia64", "SUSE Linux Enterprise Server 11 SP4:kernel-default-devel-3.0.101-108.71.1.ppc64", "SUSE Linux Enterprise Server 11 SP4:kernel-default-devel-3.0.101-108.71.1.s390x", "SUSE Linux Enterprise Server 11 SP4:kernel-default-devel-3.0.101-108.71.1.x86_64", "SUSE Linux Enterprise Server 11 SP4:kernel-default-man-3.0.101-108.71.1.s390x", "SUSE Linux Enterprise Server 11 SP4:kernel-ec2-3.0.101-108.71.1.i586", "SUSE Linux Enterprise Server 11 SP4:kernel-ec2-3.0.101-108.71.1.x86_64", "SUSE Linux Enterprise Server 11 SP4:kernel-ec2-base-3.0.101-108.71.1.i586", "SUSE Linux Enterprise Server 11 SP4:kernel-ec2-base-3.0.101-108.71.1.x86_64", "SUSE Linux Enterprise Server 11 SP4:kernel-ec2-devel-3.0.101-108.71.1.i586", "SUSE Linux Enterprise Server 11 SP4:kernel-ec2-devel-3.0.101-108.71.1.x86_64", "SUSE Linux Enterprise Server 11 SP4:kernel-pae-3.0.101-108.71.1.i586", "SUSE Linux Enterprise Server 11 SP4:kernel-pae-base-3.0.101-108.71.1.i586", "SUSE Linux Enterprise Server 11 SP4:kernel-pae-devel-3.0.101-108.71.1.i586", "SUSE Linux Enterprise Server 11 SP4:kernel-ppc64-3.0.101-108.71.1.ppc64", "SUSE Linux Enterprise Server 11 SP4:kernel-ppc64-base-3.0.101-108.71.1.ppc64", "SUSE Linux Enterprise Server 11 SP4:kernel-ppc64-devel-3.0.101-108.71.1.ppc64", "SUSE Linux Enterprise Server 11 SP4:kernel-source-3.0.101-108.71.1.i586", "SUSE Linux Enterprise Server 11 SP4:kernel-source-3.0.101-108.71.1.ia64", "SUSE Linux Enterprise Server 11 SP4:kernel-source-3.0.101-108.71.1.ppc64", "SUSE Linux Enterprise Server 11 SP4:kernel-source-3.0.101-108.71.1.s390x", "SUSE Linux Enterprise Server 11 SP4:kernel-source-3.0.101-108.71.1.x86_64", "SUSE Linux Enterprise Server 11 SP4:kernel-syms-3.0.101-108.71.1.i586", "SUSE Linux Enterprise Server 11 SP4:kernel-syms-3.0.101-108.71.1.ia64", "SUSE Linux Enterprise Server 11 SP4:kernel-syms-3.0.101-108.71.1.ppc64", "SUSE Linux Enterprise Server 11 SP4:kernel-syms-3.0.101-108.71.1.s390x", "SUSE Linux Enterprise Server 11 SP4:kernel-syms-3.0.101-108.71.1.x86_64", "SUSE Linux Enterprise Server 11 SP4:kernel-trace-3.0.101-108.71.1.i586", "SUSE Linux Enterprise Server 11 SP4:kernel-trace-3.0.101-108.71.1.ia64", "SUSE Linux Enterprise Server 11 SP4:kernel-trace-3.0.101-108.71.1.ppc64", "SUSE Linux Enterprise Server 11 SP4:kernel-trace-3.0.101-108.71.1.s390x", "SUSE Linux Enterprise Server 11 SP4:kernel-trace-3.0.101-108.71.1.x86_64", "SUSE Linux Enterprise Server 11 SP4:kernel-trace-base-3.0.101-108.71.1.i586", "SUSE Linux Enterprise Server 11 SP4:kernel-trace-base-3.0.101-108.71.1.ia64", "SUSE Linux Enterprise Server 11 SP4:kernel-trace-base-3.0.101-108.71.1.ppc64", "SUSE Linux Enterprise Server 11 SP4:kernel-trace-base-3.0.101-108.71.1.s390x", "SUSE Linux Enterprise Server 11 SP4:kernel-trace-base-3.0.101-108.71.1.x86_64", "SUSE Linux Enterprise Server 11 SP4:kernel-trace-devel-3.0.101-108.71.1.i586", "SUSE Linux Enterprise Server 11 SP4:kernel-trace-devel-3.0.101-108.71.1.ia64", "SUSE Linux Enterprise Server 11 SP4:kernel-trace-devel-3.0.101-108.71.1.ppc64", "SUSE Linux Enterprise Server 11 SP4:kernel-trace-devel-3.0.101-108.71.1.s390x", "SUSE Linux Enterprise Server 11 SP4:kernel-trace-devel-3.0.101-108.71.1.x86_64", "SUSE Linux Enterprise Server 11 SP4:kernel-xen-3.0.101-108.71.1.i586", "SUSE Linux Enterprise Server 11 SP4:kernel-xen-3.0.101-108.71.1.x86_64", "SUSE Linux Enterprise Server 11 SP4:kernel-xen-base-3.0.101-108.71.1.i586", "SUSE Linux Enterprise Server 11 SP4:kernel-xen-base-3.0.101-108.71.1.x86_64", "SUSE Linux Enterprise Server 11 SP4:kernel-xen-devel-3.0.101-108.71.1.i586", "SUSE Linux Enterprise Server 11 SP4:kernel-xen-devel-3.0.101-108.71.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-bigmem-3.0.101-108.71.1.ppc64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-bigmem-base-3.0.101-108.71.1.ppc64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-bigmem-devel-3.0.101-108.71.1.ppc64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-default-3.0.101-108.71.1.i586", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-default-3.0.101-108.71.1.ia64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-default-3.0.101-108.71.1.ppc64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-default-3.0.101-108.71.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-default-3.0.101-108.71.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-default-base-3.0.101-108.71.1.i586", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-default-base-3.0.101-108.71.1.ia64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-default-base-3.0.101-108.71.1.ppc64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-default-base-3.0.101-108.71.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-default-base-3.0.101-108.71.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-default-devel-3.0.101-108.71.1.i586", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-default-devel-3.0.101-108.71.1.ia64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-default-devel-3.0.101-108.71.1.ppc64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-default-devel-3.0.101-108.71.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-default-devel-3.0.101-108.71.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-default-man-3.0.101-108.71.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-ec2-3.0.101-108.71.1.i586", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-ec2-3.0.101-108.71.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-ec2-base-3.0.101-108.71.1.i586", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-ec2-base-3.0.101-108.71.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-ec2-devel-3.0.101-108.71.1.i586", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-ec2-devel-3.0.101-108.71.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-pae-3.0.101-108.71.1.i586", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-pae-base-3.0.101-108.71.1.i586", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-pae-devel-3.0.101-108.71.1.i586", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-ppc64-3.0.101-108.71.1.ppc64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-ppc64-base-3.0.101-108.71.1.ppc64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-ppc64-devel-3.0.101-108.71.1.ppc64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-source-3.0.101-108.71.1.i586", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-source-3.0.101-108.71.1.ia64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-source-3.0.101-108.71.1.ppc64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-source-3.0.101-108.71.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-source-3.0.101-108.71.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-syms-3.0.101-108.71.1.i586", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-syms-3.0.101-108.71.1.ia64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-syms-3.0.101-108.71.1.ppc64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-syms-3.0.101-108.71.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-syms-3.0.101-108.71.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-trace-3.0.101-108.71.1.i586", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-trace-3.0.101-108.71.1.ia64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-trace-3.0.101-108.71.1.ppc64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-trace-3.0.101-108.71.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-trace-3.0.101-108.71.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-trace-base-3.0.101-108.71.1.i586", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-trace-base-3.0.101-108.71.1.ia64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-trace-base-3.0.101-108.71.1.ppc64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-trace-base-3.0.101-108.71.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-trace-base-3.0.101-108.71.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-trace-devel-3.0.101-108.71.1.i586", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-trace-devel-3.0.101-108.71.1.ia64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-trace-devel-3.0.101-108.71.1.ppc64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-trace-devel-3.0.101-108.71.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-trace-devel-3.0.101-108.71.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-xen-3.0.101-108.71.1.i586", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-xen-3.0.101-108.71.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-xen-base-3.0.101-108.71.1.i586", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-xen-base-3.0.101-108.71.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-xen-devel-3.0.101-108.71.1.i586", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-xen-devel-3.0.101-108.71.1.x86_64", "SUSE Linux Enterprise Software Development Kit 11 SP4:kernel-docs-3.0.101-108.71.1.noarch", ], }, ], threats: [ { category: "impact", date: "2018-09-26T12:53:30Z", details: "important", }, ], title: "CVE-2018-16276", }, { cve: "CVE-2018-16658", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2018-16658", }, ], notes: [ { category: "general", text: "An issue was discovered in the Linux kernel before 4.18.6. An information leak in cdrom_ioctl_drive_status in drivers/cdrom/cdrom.c could be used by local attackers to read kernel memory because a cast from unsigned long to int interferes with bounds checking. This is similar to CVE-2018-10940.", title: "CVE description", }, ], product_status: { recommended: [ "SUSE Linux Enterprise Server 11 SP4:kernel-bigmem-3.0.101-108.71.1.ppc64", "SUSE Linux Enterprise Server 11 SP4:kernel-bigmem-base-3.0.101-108.71.1.ppc64", "SUSE Linux Enterprise Server 11 SP4:kernel-bigmem-devel-3.0.101-108.71.1.ppc64", "SUSE Linux Enterprise Server 11 SP4:kernel-default-3.0.101-108.71.1.i586", "SUSE Linux Enterprise Server 11 SP4:kernel-default-3.0.101-108.71.1.ia64", "SUSE Linux Enterprise Server 11 SP4:kernel-default-3.0.101-108.71.1.ppc64", "SUSE Linux Enterprise Server 11 SP4:kernel-default-3.0.101-108.71.1.s390x", "SUSE Linux Enterprise Server 11 SP4:kernel-default-3.0.101-108.71.1.x86_64", "SUSE Linux Enterprise Server 11 SP4:kernel-default-base-3.0.101-108.71.1.i586", "SUSE Linux Enterprise Server 11 SP4:kernel-default-base-3.0.101-108.71.1.ia64", "SUSE Linux Enterprise Server 11 SP4:kernel-default-base-3.0.101-108.71.1.ppc64", "SUSE Linux Enterprise Server 11 SP4:kernel-default-base-3.0.101-108.71.1.s390x", "SUSE Linux Enterprise Server 11 SP4:kernel-default-base-3.0.101-108.71.1.x86_64", "SUSE Linux Enterprise Server 11 SP4:kernel-default-devel-3.0.101-108.71.1.i586", "SUSE Linux Enterprise Server 11 SP4:kernel-default-devel-3.0.101-108.71.1.ia64", "SUSE Linux Enterprise Server 11 SP4:kernel-default-devel-3.0.101-108.71.1.ppc64", "SUSE Linux Enterprise Server 11 SP4:kernel-default-devel-3.0.101-108.71.1.s390x", "SUSE Linux Enterprise Server 11 SP4:kernel-default-devel-3.0.101-108.71.1.x86_64", "SUSE Linux Enterprise Server 11 SP4:kernel-default-man-3.0.101-108.71.1.s390x", "SUSE Linux Enterprise Server 11 SP4:kernel-ec2-3.0.101-108.71.1.i586", "SUSE Linux Enterprise Server 11 SP4:kernel-ec2-3.0.101-108.71.1.x86_64", "SUSE Linux Enterprise Server 11 SP4:kernel-ec2-base-3.0.101-108.71.1.i586", "SUSE Linux Enterprise Server 11 SP4:kernel-ec2-base-3.0.101-108.71.1.x86_64", "SUSE Linux Enterprise Server 11 SP4:kernel-ec2-devel-3.0.101-108.71.1.i586", "SUSE Linux Enterprise Server 11 SP4:kernel-ec2-devel-3.0.101-108.71.1.x86_64", "SUSE Linux Enterprise Server 11 SP4:kernel-pae-3.0.101-108.71.1.i586", "SUSE Linux Enterprise Server 11 SP4:kernel-pae-base-3.0.101-108.71.1.i586", "SUSE Linux Enterprise Server 11 SP4:kernel-pae-devel-3.0.101-108.71.1.i586", "SUSE Linux Enterprise Server 11 SP4:kernel-ppc64-3.0.101-108.71.1.ppc64", "SUSE Linux Enterprise Server 11 SP4:kernel-ppc64-base-3.0.101-108.71.1.ppc64", "SUSE Linux Enterprise Server 11 SP4:kernel-ppc64-devel-3.0.101-108.71.1.ppc64", "SUSE Linux Enterprise Server 11 SP4:kernel-source-3.0.101-108.71.1.i586", "SUSE Linux Enterprise Server 11 SP4:kernel-source-3.0.101-108.71.1.ia64", "SUSE Linux Enterprise Server 11 SP4:kernel-source-3.0.101-108.71.1.ppc64", "SUSE Linux Enterprise Server 11 SP4:kernel-source-3.0.101-108.71.1.s390x", "SUSE Linux Enterprise Server 11 SP4:kernel-source-3.0.101-108.71.1.x86_64", "SUSE Linux Enterprise Server 11 SP4:kernel-syms-3.0.101-108.71.1.i586", "SUSE Linux Enterprise Server 11 SP4:kernel-syms-3.0.101-108.71.1.ia64", "SUSE Linux Enterprise Server 11 SP4:kernel-syms-3.0.101-108.71.1.ppc64", "SUSE Linux Enterprise Server 11 SP4:kernel-syms-3.0.101-108.71.1.s390x", "SUSE Linux Enterprise Server 11 SP4:kernel-syms-3.0.101-108.71.1.x86_64", "SUSE Linux Enterprise Server 11 SP4:kernel-trace-3.0.101-108.71.1.i586", "SUSE Linux Enterprise Server 11 SP4:kernel-trace-3.0.101-108.71.1.ia64", "SUSE Linux Enterprise Server 11 SP4:kernel-trace-3.0.101-108.71.1.ppc64", "SUSE Linux Enterprise Server 11 SP4:kernel-trace-3.0.101-108.71.1.s390x", "SUSE Linux Enterprise Server 11 SP4:kernel-trace-3.0.101-108.71.1.x86_64", "SUSE Linux Enterprise Server 11 SP4:kernel-trace-base-3.0.101-108.71.1.i586", "SUSE Linux Enterprise Server 11 SP4:kernel-trace-base-3.0.101-108.71.1.ia64", "SUSE Linux Enterprise Server 11 SP4:kernel-trace-base-3.0.101-108.71.1.ppc64", "SUSE Linux Enterprise Server 11 SP4:kernel-trace-base-3.0.101-108.71.1.s390x", "SUSE Linux Enterprise Server 11 SP4:kernel-trace-base-3.0.101-108.71.1.x86_64", "SUSE Linux Enterprise Server 11 SP4:kernel-trace-devel-3.0.101-108.71.1.i586", "SUSE Linux Enterprise Server 11 SP4:kernel-trace-devel-3.0.101-108.71.1.ia64", "SUSE Linux Enterprise Server 11 SP4:kernel-trace-devel-3.0.101-108.71.1.ppc64", "SUSE Linux Enterprise Server 11 SP4:kernel-trace-devel-3.0.101-108.71.1.s390x", "SUSE Linux Enterprise Server 11 SP4:kernel-trace-devel-3.0.101-108.71.1.x86_64", "SUSE Linux Enterprise Server 11 SP4:kernel-xen-3.0.101-108.71.1.i586", "SUSE Linux Enterprise Server 11 SP4:kernel-xen-3.0.101-108.71.1.x86_64", "SUSE Linux Enterprise Server 11 SP4:kernel-xen-base-3.0.101-108.71.1.i586", "SUSE Linux Enterprise Server 11 SP4:kernel-xen-base-3.0.101-108.71.1.x86_64", "SUSE Linux Enterprise Server 11 SP4:kernel-xen-devel-3.0.101-108.71.1.i586", "SUSE Linux Enterprise Server 11 SP4:kernel-xen-devel-3.0.101-108.71.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-bigmem-3.0.101-108.71.1.ppc64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-bigmem-base-3.0.101-108.71.1.ppc64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-bigmem-devel-3.0.101-108.71.1.ppc64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-default-3.0.101-108.71.1.i586", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-default-3.0.101-108.71.1.ia64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-default-3.0.101-108.71.1.ppc64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-default-3.0.101-108.71.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-default-3.0.101-108.71.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-default-base-3.0.101-108.71.1.i586", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-default-base-3.0.101-108.71.1.ia64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-default-base-3.0.101-108.71.1.ppc64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-default-base-3.0.101-108.71.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-default-base-3.0.101-108.71.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-default-devel-3.0.101-108.71.1.i586", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-default-devel-3.0.101-108.71.1.ia64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-default-devel-3.0.101-108.71.1.ppc64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-default-devel-3.0.101-108.71.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-default-devel-3.0.101-108.71.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-default-man-3.0.101-108.71.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-ec2-3.0.101-108.71.1.i586", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-ec2-3.0.101-108.71.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-ec2-base-3.0.101-108.71.1.i586", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-ec2-base-3.0.101-108.71.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-ec2-devel-3.0.101-108.71.1.i586", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-ec2-devel-3.0.101-108.71.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-pae-3.0.101-108.71.1.i586", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-pae-base-3.0.101-108.71.1.i586", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-pae-devel-3.0.101-108.71.1.i586", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-ppc64-3.0.101-108.71.1.ppc64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-ppc64-base-3.0.101-108.71.1.ppc64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-ppc64-devel-3.0.101-108.71.1.ppc64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-source-3.0.101-108.71.1.i586", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-source-3.0.101-108.71.1.ia64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-source-3.0.101-108.71.1.ppc64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-source-3.0.101-108.71.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-source-3.0.101-108.71.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-syms-3.0.101-108.71.1.i586", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-syms-3.0.101-108.71.1.ia64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-syms-3.0.101-108.71.1.ppc64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-syms-3.0.101-108.71.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-syms-3.0.101-108.71.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-trace-3.0.101-108.71.1.i586", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-trace-3.0.101-108.71.1.ia64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-trace-3.0.101-108.71.1.ppc64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-trace-3.0.101-108.71.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-trace-3.0.101-108.71.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-trace-base-3.0.101-108.71.1.i586", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-trace-base-3.0.101-108.71.1.ia64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-trace-base-3.0.101-108.71.1.ppc64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-trace-base-3.0.101-108.71.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-trace-base-3.0.101-108.71.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-trace-devel-3.0.101-108.71.1.i586", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-trace-devel-3.0.101-108.71.1.ia64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-trace-devel-3.0.101-108.71.1.ppc64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-trace-devel-3.0.101-108.71.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-trace-devel-3.0.101-108.71.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-xen-3.0.101-108.71.1.i586", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-xen-3.0.101-108.71.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-xen-base-3.0.101-108.71.1.i586", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-xen-base-3.0.101-108.71.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-xen-devel-3.0.101-108.71.1.i586", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-xen-devel-3.0.101-108.71.1.x86_64", "SUSE Linux Enterprise Software Development Kit 11 SP4:kernel-docs-3.0.101-108.71.1.noarch", ], }, references: [ { category: "external", summary: "CVE-2018-16658", url: "https://www.suse.com/security/cve/CVE-2018-16658", }, { category: "external", summary: "SUSE Bug 1092903 for CVE-2018-16658", url: "https://bugzilla.suse.com/1092903", }, { category: "external", summary: "SUSE Bug 1107689 for CVE-2018-16658", url: "https://bugzilla.suse.com/1107689", }, { category: "external", summary: "SUSE Bug 1113751 for CVE-2018-16658", url: "https://bugzilla.suse.com/1113751", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE Linux Enterprise Server 11 SP4:kernel-bigmem-3.0.101-108.71.1.ppc64", "SUSE Linux Enterprise Server 11 SP4:kernel-bigmem-base-3.0.101-108.71.1.ppc64", "SUSE Linux Enterprise Server 11 SP4:kernel-bigmem-devel-3.0.101-108.71.1.ppc64", "SUSE Linux Enterprise Server 11 SP4:kernel-default-3.0.101-108.71.1.i586", "SUSE Linux Enterprise Server 11 SP4:kernel-default-3.0.101-108.71.1.ia64", "SUSE Linux Enterprise Server 11 SP4:kernel-default-3.0.101-108.71.1.ppc64", "SUSE Linux Enterprise Server 11 SP4:kernel-default-3.0.101-108.71.1.s390x", "SUSE Linux Enterprise Server 11 SP4:kernel-default-3.0.101-108.71.1.x86_64", "SUSE Linux Enterprise Server 11 SP4:kernel-default-base-3.0.101-108.71.1.i586", "SUSE Linux Enterprise Server 11 SP4:kernel-default-base-3.0.101-108.71.1.ia64", "SUSE Linux Enterprise Server 11 SP4:kernel-default-base-3.0.101-108.71.1.ppc64", "SUSE Linux Enterprise Server 11 SP4:kernel-default-base-3.0.101-108.71.1.s390x", "SUSE Linux Enterprise Server 11 SP4:kernel-default-base-3.0.101-108.71.1.x86_64", "SUSE Linux Enterprise Server 11 SP4:kernel-default-devel-3.0.101-108.71.1.i586", "SUSE Linux Enterprise Server 11 SP4:kernel-default-devel-3.0.101-108.71.1.ia64", "SUSE Linux Enterprise Server 11 SP4:kernel-default-devel-3.0.101-108.71.1.ppc64", "SUSE Linux Enterprise Server 11 SP4:kernel-default-devel-3.0.101-108.71.1.s390x", "SUSE Linux Enterprise Server 11 SP4:kernel-default-devel-3.0.101-108.71.1.x86_64", "SUSE Linux Enterprise Server 11 SP4:kernel-default-man-3.0.101-108.71.1.s390x", "SUSE Linux Enterprise Server 11 SP4:kernel-ec2-3.0.101-108.71.1.i586", "SUSE Linux Enterprise Server 11 SP4:kernel-ec2-3.0.101-108.71.1.x86_64", "SUSE Linux Enterprise Server 11 SP4:kernel-ec2-base-3.0.101-108.71.1.i586", "SUSE Linux Enterprise Server 11 SP4:kernel-ec2-base-3.0.101-108.71.1.x86_64", "SUSE Linux Enterprise Server 11 SP4:kernel-ec2-devel-3.0.101-108.71.1.i586", "SUSE Linux Enterprise Server 11 SP4:kernel-ec2-devel-3.0.101-108.71.1.x86_64", "SUSE Linux Enterprise Server 11 SP4:kernel-pae-3.0.101-108.71.1.i586", "SUSE Linux Enterprise Server 11 SP4:kernel-pae-base-3.0.101-108.71.1.i586", "SUSE Linux Enterprise Server 11 SP4:kernel-pae-devel-3.0.101-108.71.1.i586", "SUSE Linux Enterprise Server 11 SP4:kernel-ppc64-3.0.101-108.71.1.ppc64", "SUSE Linux Enterprise Server 11 SP4:kernel-ppc64-base-3.0.101-108.71.1.ppc64", "SUSE Linux Enterprise Server 11 SP4:kernel-ppc64-devel-3.0.101-108.71.1.ppc64", "SUSE Linux Enterprise Server 11 SP4:kernel-source-3.0.101-108.71.1.i586", "SUSE Linux Enterprise Server 11 SP4:kernel-source-3.0.101-108.71.1.ia64", "SUSE Linux Enterprise Server 11 SP4:kernel-source-3.0.101-108.71.1.ppc64", "SUSE Linux Enterprise Server 11 SP4:kernel-source-3.0.101-108.71.1.s390x", "SUSE Linux Enterprise Server 11 SP4:kernel-source-3.0.101-108.71.1.x86_64", "SUSE Linux Enterprise Server 11 SP4:kernel-syms-3.0.101-108.71.1.i586", "SUSE Linux Enterprise Server 11 SP4:kernel-syms-3.0.101-108.71.1.ia64", "SUSE Linux Enterprise Server 11 SP4:kernel-syms-3.0.101-108.71.1.ppc64", "SUSE Linux Enterprise Server 11 SP4:kernel-syms-3.0.101-108.71.1.s390x", "SUSE Linux Enterprise Server 11 SP4:kernel-syms-3.0.101-108.71.1.x86_64", "SUSE Linux Enterprise Server 11 SP4:kernel-trace-3.0.101-108.71.1.i586", "SUSE Linux Enterprise Server 11 SP4:kernel-trace-3.0.101-108.71.1.ia64", "SUSE Linux Enterprise Server 11 SP4:kernel-trace-3.0.101-108.71.1.ppc64", "SUSE Linux Enterprise Server 11 SP4:kernel-trace-3.0.101-108.71.1.s390x", "SUSE Linux Enterprise Server 11 SP4:kernel-trace-3.0.101-108.71.1.x86_64", "SUSE Linux Enterprise Server 11 SP4:kernel-trace-base-3.0.101-108.71.1.i586", "SUSE Linux Enterprise Server 11 SP4:kernel-trace-base-3.0.101-108.71.1.ia64", "SUSE Linux Enterprise Server 11 SP4:kernel-trace-base-3.0.101-108.71.1.ppc64", "SUSE Linux Enterprise Server 11 SP4:kernel-trace-base-3.0.101-108.71.1.s390x", "SUSE Linux Enterprise Server 11 SP4:kernel-trace-base-3.0.101-108.71.1.x86_64", "SUSE Linux Enterprise Server 11 SP4:kernel-trace-devel-3.0.101-108.71.1.i586", "SUSE Linux Enterprise Server 11 SP4:kernel-trace-devel-3.0.101-108.71.1.ia64", "SUSE Linux Enterprise Server 11 SP4:kernel-trace-devel-3.0.101-108.71.1.ppc64", "SUSE Linux Enterprise Server 11 SP4:kernel-trace-devel-3.0.101-108.71.1.s390x", "SUSE Linux Enterprise Server 11 SP4:kernel-trace-devel-3.0.101-108.71.1.x86_64", "SUSE Linux Enterprise Server 11 SP4:kernel-xen-3.0.101-108.71.1.i586", "SUSE Linux Enterprise Server 11 SP4:kernel-xen-3.0.101-108.71.1.x86_64", "SUSE Linux Enterprise Server 11 SP4:kernel-xen-base-3.0.101-108.71.1.i586", "SUSE Linux Enterprise Server 11 SP4:kernel-xen-base-3.0.101-108.71.1.x86_64", "SUSE Linux Enterprise Server 11 SP4:kernel-xen-devel-3.0.101-108.71.1.i586", "SUSE Linux Enterprise Server 11 SP4:kernel-xen-devel-3.0.101-108.71.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-bigmem-3.0.101-108.71.1.ppc64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-bigmem-base-3.0.101-108.71.1.ppc64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-bigmem-devel-3.0.101-108.71.1.ppc64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-default-3.0.101-108.71.1.i586", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-default-3.0.101-108.71.1.ia64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-default-3.0.101-108.71.1.ppc64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-default-3.0.101-108.71.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-default-3.0.101-108.71.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-default-base-3.0.101-108.71.1.i586", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-default-base-3.0.101-108.71.1.ia64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-default-base-3.0.101-108.71.1.ppc64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-default-base-3.0.101-108.71.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-default-base-3.0.101-108.71.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-default-devel-3.0.101-108.71.1.i586", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-default-devel-3.0.101-108.71.1.ia64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-default-devel-3.0.101-108.71.1.ppc64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-default-devel-3.0.101-108.71.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-default-devel-3.0.101-108.71.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-default-man-3.0.101-108.71.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-ec2-3.0.101-108.71.1.i586", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-ec2-3.0.101-108.71.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-ec2-base-3.0.101-108.71.1.i586", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-ec2-base-3.0.101-108.71.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-ec2-devel-3.0.101-108.71.1.i586", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-ec2-devel-3.0.101-108.71.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-pae-3.0.101-108.71.1.i586", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-pae-base-3.0.101-108.71.1.i586", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-pae-devel-3.0.101-108.71.1.i586", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-ppc64-3.0.101-108.71.1.ppc64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-ppc64-base-3.0.101-108.71.1.ppc64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-ppc64-devel-3.0.101-108.71.1.ppc64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-source-3.0.101-108.71.1.i586", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-source-3.0.101-108.71.1.ia64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-source-3.0.101-108.71.1.ppc64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-source-3.0.101-108.71.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-source-3.0.101-108.71.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-syms-3.0.101-108.71.1.i586", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-syms-3.0.101-108.71.1.ia64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-syms-3.0.101-108.71.1.ppc64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-syms-3.0.101-108.71.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-syms-3.0.101-108.71.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-trace-3.0.101-108.71.1.i586", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-trace-3.0.101-108.71.1.ia64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-trace-3.0.101-108.71.1.ppc64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-trace-3.0.101-108.71.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-trace-3.0.101-108.71.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-trace-base-3.0.101-108.71.1.i586", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-trace-base-3.0.101-108.71.1.ia64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-trace-base-3.0.101-108.71.1.ppc64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-trace-base-3.0.101-108.71.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-trace-base-3.0.101-108.71.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-trace-devel-3.0.101-108.71.1.i586", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-trace-devel-3.0.101-108.71.1.ia64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-trace-devel-3.0.101-108.71.1.ppc64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-trace-devel-3.0.101-108.71.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-trace-devel-3.0.101-108.71.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-xen-3.0.101-108.71.1.i586", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-xen-3.0.101-108.71.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-xen-base-3.0.101-108.71.1.i586", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-xen-base-3.0.101-108.71.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-xen-devel-3.0.101-108.71.1.i586", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-xen-devel-3.0.101-108.71.1.x86_64", "SUSE Linux Enterprise Software Development Kit 11 SP4:kernel-docs-3.0.101-108.71.1.noarch", ], }, ], scores: [ { cvss_v3: { baseScore: 4, baseSeverity: "MEDIUM", vectorString: "CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N", version: "3.0", }, products: [ "SUSE Linux Enterprise Server 11 SP4:kernel-bigmem-3.0.101-108.71.1.ppc64", "SUSE Linux Enterprise Server 11 SP4:kernel-bigmem-base-3.0.101-108.71.1.ppc64", "SUSE Linux Enterprise Server 11 SP4:kernel-bigmem-devel-3.0.101-108.71.1.ppc64", "SUSE Linux Enterprise Server 11 SP4:kernel-default-3.0.101-108.71.1.i586", "SUSE Linux Enterprise Server 11 SP4:kernel-default-3.0.101-108.71.1.ia64", "SUSE Linux Enterprise Server 11 SP4:kernel-default-3.0.101-108.71.1.ppc64", "SUSE Linux Enterprise Server 11 SP4:kernel-default-3.0.101-108.71.1.s390x", "SUSE Linux Enterprise Server 11 SP4:kernel-default-3.0.101-108.71.1.x86_64", "SUSE Linux Enterprise Server 11 SP4:kernel-default-base-3.0.101-108.71.1.i586", "SUSE Linux Enterprise Server 11 SP4:kernel-default-base-3.0.101-108.71.1.ia64", "SUSE Linux Enterprise Server 11 SP4:kernel-default-base-3.0.101-108.71.1.ppc64", "SUSE Linux Enterprise Server 11 SP4:kernel-default-base-3.0.101-108.71.1.s390x", "SUSE Linux Enterprise Server 11 SP4:kernel-default-base-3.0.101-108.71.1.x86_64", "SUSE Linux Enterprise Server 11 SP4:kernel-default-devel-3.0.101-108.71.1.i586", "SUSE Linux Enterprise Server 11 SP4:kernel-default-devel-3.0.101-108.71.1.ia64", "SUSE Linux Enterprise Server 11 SP4:kernel-default-devel-3.0.101-108.71.1.ppc64", "SUSE Linux Enterprise Server 11 SP4:kernel-default-devel-3.0.101-108.71.1.s390x", "SUSE Linux Enterprise Server 11 SP4:kernel-default-devel-3.0.101-108.71.1.x86_64", "SUSE Linux Enterprise Server 11 SP4:kernel-default-man-3.0.101-108.71.1.s390x", "SUSE Linux Enterprise Server 11 SP4:kernel-ec2-3.0.101-108.71.1.i586", "SUSE Linux Enterprise Server 11 SP4:kernel-ec2-3.0.101-108.71.1.x86_64", "SUSE Linux Enterprise Server 11 SP4:kernel-ec2-base-3.0.101-108.71.1.i586", "SUSE Linux Enterprise Server 11 SP4:kernel-ec2-base-3.0.101-108.71.1.x86_64", "SUSE Linux Enterprise Server 11 SP4:kernel-ec2-devel-3.0.101-108.71.1.i586", "SUSE Linux Enterprise Server 11 SP4:kernel-ec2-devel-3.0.101-108.71.1.x86_64", "SUSE Linux Enterprise Server 11 SP4:kernel-pae-3.0.101-108.71.1.i586", "SUSE Linux Enterprise Server 11 SP4:kernel-pae-base-3.0.101-108.71.1.i586", "SUSE Linux Enterprise Server 11 SP4:kernel-pae-devel-3.0.101-108.71.1.i586", "SUSE Linux Enterprise Server 11 SP4:kernel-ppc64-3.0.101-108.71.1.ppc64", "SUSE Linux Enterprise Server 11 SP4:kernel-ppc64-base-3.0.101-108.71.1.ppc64", "SUSE Linux Enterprise Server 11 SP4:kernel-ppc64-devel-3.0.101-108.71.1.ppc64", "SUSE Linux Enterprise Server 11 SP4:kernel-source-3.0.101-108.71.1.i586", "SUSE Linux Enterprise Server 11 SP4:kernel-source-3.0.101-108.71.1.ia64", "SUSE Linux Enterprise Server 11 SP4:kernel-source-3.0.101-108.71.1.ppc64", "SUSE Linux Enterprise Server 11 SP4:kernel-source-3.0.101-108.71.1.s390x", "SUSE Linux Enterprise Server 11 SP4:kernel-source-3.0.101-108.71.1.x86_64", "SUSE Linux Enterprise Server 11 SP4:kernel-syms-3.0.101-108.71.1.i586", "SUSE Linux Enterprise Server 11 SP4:kernel-syms-3.0.101-108.71.1.ia64", "SUSE Linux Enterprise Server 11 SP4:kernel-syms-3.0.101-108.71.1.ppc64", "SUSE Linux Enterprise Server 11 SP4:kernel-syms-3.0.101-108.71.1.s390x", "SUSE Linux Enterprise Server 11 SP4:kernel-syms-3.0.101-108.71.1.x86_64", "SUSE Linux Enterprise Server 11 SP4:kernel-trace-3.0.101-108.71.1.i586", "SUSE Linux Enterprise Server 11 SP4:kernel-trace-3.0.101-108.71.1.ia64", "SUSE Linux Enterprise Server 11 SP4:kernel-trace-3.0.101-108.71.1.ppc64", "SUSE Linux Enterprise Server 11 SP4:kernel-trace-3.0.101-108.71.1.s390x", "SUSE Linux Enterprise Server 11 SP4:kernel-trace-3.0.101-108.71.1.x86_64", "SUSE Linux Enterprise Server 11 SP4:kernel-trace-base-3.0.101-108.71.1.i586", "SUSE Linux Enterprise Server 11 SP4:kernel-trace-base-3.0.101-108.71.1.ia64", "SUSE Linux Enterprise Server 11 SP4:kernel-trace-base-3.0.101-108.71.1.ppc64", "SUSE Linux Enterprise Server 11 SP4:kernel-trace-base-3.0.101-108.71.1.s390x", "SUSE Linux Enterprise Server 11 SP4:kernel-trace-base-3.0.101-108.71.1.x86_64", "SUSE Linux Enterprise Server 11 SP4:kernel-trace-devel-3.0.101-108.71.1.i586", "SUSE Linux Enterprise Server 11 SP4:kernel-trace-devel-3.0.101-108.71.1.ia64", "SUSE Linux Enterprise Server 11 SP4:kernel-trace-devel-3.0.101-108.71.1.ppc64", "SUSE Linux Enterprise Server 11 SP4:kernel-trace-devel-3.0.101-108.71.1.s390x", "SUSE Linux Enterprise Server 11 SP4:kernel-trace-devel-3.0.101-108.71.1.x86_64", "SUSE Linux Enterprise Server 11 SP4:kernel-xen-3.0.101-108.71.1.i586", "SUSE Linux Enterprise Server 11 SP4:kernel-xen-3.0.101-108.71.1.x86_64", "SUSE Linux Enterprise Server 11 SP4:kernel-xen-base-3.0.101-108.71.1.i586", "SUSE Linux Enterprise Server 11 SP4:kernel-xen-base-3.0.101-108.71.1.x86_64", "SUSE Linux Enterprise Server 11 SP4:kernel-xen-devel-3.0.101-108.71.1.i586", "SUSE Linux Enterprise Server 11 SP4:kernel-xen-devel-3.0.101-108.71.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-bigmem-3.0.101-108.71.1.ppc64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-bigmem-base-3.0.101-108.71.1.ppc64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-bigmem-devel-3.0.101-108.71.1.ppc64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-default-3.0.101-108.71.1.i586", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-default-3.0.101-108.71.1.ia64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-default-3.0.101-108.71.1.ppc64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-default-3.0.101-108.71.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-default-3.0.101-108.71.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-default-base-3.0.101-108.71.1.i586", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-default-base-3.0.101-108.71.1.ia64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-default-base-3.0.101-108.71.1.ppc64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-default-base-3.0.101-108.71.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-default-base-3.0.101-108.71.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-default-devel-3.0.101-108.71.1.i586", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-default-devel-3.0.101-108.71.1.ia64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-default-devel-3.0.101-108.71.1.ppc64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-default-devel-3.0.101-108.71.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-default-devel-3.0.101-108.71.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-default-man-3.0.101-108.71.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-ec2-3.0.101-108.71.1.i586", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-ec2-3.0.101-108.71.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-ec2-base-3.0.101-108.71.1.i586", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-ec2-base-3.0.101-108.71.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-ec2-devel-3.0.101-108.71.1.i586", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-ec2-devel-3.0.101-108.71.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-pae-3.0.101-108.71.1.i586", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-pae-base-3.0.101-108.71.1.i586", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-pae-devel-3.0.101-108.71.1.i586", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-ppc64-3.0.101-108.71.1.ppc64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-ppc64-base-3.0.101-108.71.1.ppc64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-ppc64-devel-3.0.101-108.71.1.ppc64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-source-3.0.101-108.71.1.i586", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-source-3.0.101-108.71.1.ia64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-source-3.0.101-108.71.1.ppc64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-source-3.0.101-108.71.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-source-3.0.101-108.71.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-syms-3.0.101-108.71.1.i586", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-syms-3.0.101-108.71.1.ia64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-syms-3.0.101-108.71.1.ppc64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-syms-3.0.101-108.71.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-syms-3.0.101-108.71.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-trace-3.0.101-108.71.1.i586", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-trace-3.0.101-108.71.1.ia64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-trace-3.0.101-108.71.1.ppc64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-trace-3.0.101-108.71.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-trace-3.0.101-108.71.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-trace-base-3.0.101-108.71.1.i586", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-trace-base-3.0.101-108.71.1.ia64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-trace-base-3.0.101-108.71.1.ppc64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-trace-base-3.0.101-108.71.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-trace-base-3.0.101-108.71.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-trace-devel-3.0.101-108.71.1.i586", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-trace-devel-3.0.101-108.71.1.ia64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-trace-devel-3.0.101-108.71.1.ppc64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-trace-devel-3.0.101-108.71.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-trace-devel-3.0.101-108.71.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-xen-3.0.101-108.71.1.i586", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-xen-3.0.101-108.71.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-xen-base-3.0.101-108.71.1.i586", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-xen-base-3.0.101-108.71.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-xen-devel-3.0.101-108.71.1.i586", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-xen-devel-3.0.101-108.71.1.x86_64", "SUSE Linux Enterprise Software Development Kit 11 SP4:kernel-docs-3.0.101-108.71.1.noarch", ], }, ], threats: [ { category: "impact", date: "2018-09-26T12:53:30Z", details: "low", }, ], title: "CVE-2018-16658", }, { cve: "CVE-2018-6554", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2018-6554", }, ], notes: [ { category: "general", text: "Memory leak in the irda_bind function in net/irda/af_irda.c and later in drivers/staging/irda/net/af_irda.c in the Linux kernel before 4.17 allows local users to cause a denial of service (memory consumption) by repeatedly binding an AF_IRDA socket.", title: "CVE description", }, ], product_status: { recommended: [ "SUSE Linux Enterprise Server 11 SP4:kernel-bigmem-3.0.101-108.71.1.ppc64", "SUSE Linux Enterprise Server 11 SP4:kernel-bigmem-base-3.0.101-108.71.1.ppc64", "SUSE Linux Enterprise Server 11 SP4:kernel-bigmem-devel-3.0.101-108.71.1.ppc64", "SUSE Linux Enterprise Server 11 SP4:kernel-default-3.0.101-108.71.1.i586", "SUSE Linux Enterprise Server 11 SP4:kernel-default-3.0.101-108.71.1.ia64", "SUSE Linux Enterprise Server 11 SP4:kernel-default-3.0.101-108.71.1.ppc64", "SUSE Linux Enterprise Server 11 SP4:kernel-default-3.0.101-108.71.1.s390x", "SUSE Linux Enterprise Server 11 SP4:kernel-default-3.0.101-108.71.1.x86_64", "SUSE Linux Enterprise Server 11 SP4:kernel-default-base-3.0.101-108.71.1.i586", "SUSE Linux Enterprise Server 11 SP4:kernel-default-base-3.0.101-108.71.1.ia64", "SUSE Linux Enterprise Server 11 SP4:kernel-default-base-3.0.101-108.71.1.ppc64", "SUSE Linux Enterprise Server 11 SP4:kernel-default-base-3.0.101-108.71.1.s390x", "SUSE Linux Enterprise Server 11 SP4:kernel-default-base-3.0.101-108.71.1.x86_64", "SUSE Linux Enterprise Server 11 SP4:kernel-default-devel-3.0.101-108.71.1.i586", "SUSE Linux Enterprise Server 11 SP4:kernel-default-devel-3.0.101-108.71.1.ia64", "SUSE Linux Enterprise Server 11 SP4:kernel-default-devel-3.0.101-108.71.1.ppc64", "SUSE Linux Enterprise Server 11 SP4:kernel-default-devel-3.0.101-108.71.1.s390x", "SUSE Linux Enterprise Server 11 SP4:kernel-default-devel-3.0.101-108.71.1.x86_64", "SUSE Linux Enterprise Server 11 SP4:kernel-default-man-3.0.101-108.71.1.s390x", "SUSE Linux Enterprise Server 11 SP4:kernel-ec2-3.0.101-108.71.1.i586", "SUSE Linux Enterprise Server 11 SP4:kernel-ec2-3.0.101-108.71.1.x86_64", "SUSE Linux Enterprise Server 11 SP4:kernel-ec2-base-3.0.101-108.71.1.i586", "SUSE Linux Enterprise Server 11 SP4:kernel-ec2-base-3.0.101-108.71.1.x86_64", "SUSE Linux Enterprise Server 11 SP4:kernel-ec2-devel-3.0.101-108.71.1.i586", "SUSE Linux Enterprise Server 11 SP4:kernel-ec2-devel-3.0.101-108.71.1.x86_64", "SUSE Linux Enterprise Server 11 SP4:kernel-pae-3.0.101-108.71.1.i586", "SUSE Linux Enterprise Server 11 SP4:kernel-pae-base-3.0.101-108.71.1.i586", "SUSE Linux Enterprise Server 11 SP4:kernel-pae-devel-3.0.101-108.71.1.i586", "SUSE Linux Enterprise Server 11 SP4:kernel-ppc64-3.0.101-108.71.1.ppc64", "SUSE Linux Enterprise Server 11 SP4:kernel-ppc64-base-3.0.101-108.71.1.ppc64", "SUSE Linux Enterprise Server 11 SP4:kernel-ppc64-devel-3.0.101-108.71.1.ppc64", "SUSE Linux Enterprise Server 11 SP4:kernel-source-3.0.101-108.71.1.i586", "SUSE Linux Enterprise Server 11 SP4:kernel-source-3.0.101-108.71.1.ia64", "SUSE Linux Enterprise Server 11 SP4:kernel-source-3.0.101-108.71.1.ppc64", "SUSE Linux Enterprise Server 11 SP4:kernel-source-3.0.101-108.71.1.s390x", "SUSE Linux Enterprise Server 11 SP4:kernel-source-3.0.101-108.71.1.x86_64", "SUSE Linux Enterprise Server 11 SP4:kernel-syms-3.0.101-108.71.1.i586", "SUSE Linux Enterprise Server 11 SP4:kernel-syms-3.0.101-108.71.1.ia64", "SUSE Linux Enterprise Server 11 SP4:kernel-syms-3.0.101-108.71.1.ppc64", "SUSE Linux Enterprise Server 11 SP4:kernel-syms-3.0.101-108.71.1.s390x", "SUSE Linux Enterprise Server 11 SP4:kernel-syms-3.0.101-108.71.1.x86_64", "SUSE Linux Enterprise Server 11 SP4:kernel-trace-3.0.101-108.71.1.i586", "SUSE Linux Enterprise Server 11 SP4:kernel-trace-3.0.101-108.71.1.ia64", "SUSE Linux Enterprise Server 11 SP4:kernel-trace-3.0.101-108.71.1.ppc64", "SUSE Linux Enterprise Server 11 SP4:kernel-trace-3.0.101-108.71.1.s390x", "SUSE Linux Enterprise Server 11 SP4:kernel-trace-3.0.101-108.71.1.x86_64", "SUSE Linux Enterprise Server 11 SP4:kernel-trace-base-3.0.101-108.71.1.i586", "SUSE Linux Enterprise Server 11 SP4:kernel-trace-base-3.0.101-108.71.1.ia64", "SUSE Linux Enterprise Server 11 SP4:kernel-trace-base-3.0.101-108.71.1.ppc64", "SUSE Linux Enterprise Server 11 SP4:kernel-trace-base-3.0.101-108.71.1.s390x", "SUSE Linux Enterprise Server 11 SP4:kernel-trace-base-3.0.101-108.71.1.x86_64", "SUSE Linux Enterprise Server 11 SP4:kernel-trace-devel-3.0.101-108.71.1.i586", "SUSE Linux Enterprise Server 11 SP4:kernel-trace-devel-3.0.101-108.71.1.ia64", "SUSE Linux Enterprise Server 11 SP4:kernel-trace-devel-3.0.101-108.71.1.ppc64", "SUSE Linux Enterprise Server 11 SP4:kernel-trace-devel-3.0.101-108.71.1.s390x", "SUSE Linux Enterprise Server 11 SP4:kernel-trace-devel-3.0.101-108.71.1.x86_64", "SUSE Linux Enterprise Server 11 SP4:kernel-xen-3.0.101-108.71.1.i586", "SUSE Linux Enterprise Server 11 SP4:kernel-xen-3.0.101-108.71.1.x86_64", "SUSE Linux Enterprise Server 11 SP4:kernel-xen-base-3.0.101-108.71.1.i586", "SUSE Linux Enterprise Server 11 SP4:kernel-xen-base-3.0.101-108.71.1.x86_64", "SUSE Linux Enterprise Server 11 SP4:kernel-xen-devel-3.0.101-108.71.1.i586", "SUSE Linux Enterprise Server 11 SP4:kernel-xen-devel-3.0.101-108.71.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-bigmem-3.0.101-108.71.1.ppc64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-bigmem-base-3.0.101-108.71.1.ppc64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-bigmem-devel-3.0.101-108.71.1.ppc64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-default-3.0.101-108.71.1.i586", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-default-3.0.101-108.71.1.ia64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-default-3.0.101-108.71.1.ppc64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-default-3.0.101-108.71.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-default-3.0.101-108.71.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-default-base-3.0.101-108.71.1.i586", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-default-base-3.0.101-108.71.1.ia64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-default-base-3.0.101-108.71.1.ppc64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-default-base-3.0.101-108.71.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-default-base-3.0.101-108.71.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-default-devel-3.0.101-108.71.1.i586", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-default-devel-3.0.101-108.71.1.ia64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-default-devel-3.0.101-108.71.1.ppc64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-default-devel-3.0.101-108.71.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-default-devel-3.0.101-108.71.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-default-man-3.0.101-108.71.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-ec2-3.0.101-108.71.1.i586", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-ec2-3.0.101-108.71.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-ec2-base-3.0.101-108.71.1.i586", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-ec2-base-3.0.101-108.71.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-ec2-devel-3.0.101-108.71.1.i586", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-ec2-devel-3.0.101-108.71.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-pae-3.0.101-108.71.1.i586", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-pae-base-3.0.101-108.71.1.i586", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-pae-devel-3.0.101-108.71.1.i586", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-ppc64-3.0.101-108.71.1.ppc64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-ppc64-base-3.0.101-108.71.1.ppc64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-ppc64-devel-3.0.101-108.71.1.ppc64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-source-3.0.101-108.71.1.i586", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-source-3.0.101-108.71.1.ia64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-source-3.0.101-108.71.1.ppc64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-source-3.0.101-108.71.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-source-3.0.101-108.71.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-syms-3.0.101-108.71.1.i586", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-syms-3.0.101-108.71.1.ia64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-syms-3.0.101-108.71.1.ppc64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-syms-3.0.101-108.71.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-syms-3.0.101-108.71.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-trace-3.0.101-108.71.1.i586", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-trace-3.0.101-108.71.1.ia64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-trace-3.0.101-108.71.1.ppc64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-trace-3.0.101-108.71.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-trace-3.0.101-108.71.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-trace-base-3.0.101-108.71.1.i586", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-trace-base-3.0.101-108.71.1.ia64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-trace-base-3.0.101-108.71.1.ppc64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-trace-base-3.0.101-108.71.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-trace-base-3.0.101-108.71.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-trace-devel-3.0.101-108.71.1.i586", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-trace-devel-3.0.101-108.71.1.ia64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-trace-devel-3.0.101-108.71.1.ppc64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-trace-devel-3.0.101-108.71.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-trace-devel-3.0.101-108.71.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-xen-3.0.101-108.71.1.i586", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-xen-3.0.101-108.71.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-xen-base-3.0.101-108.71.1.i586", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-xen-base-3.0.101-108.71.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-xen-devel-3.0.101-108.71.1.i586", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-xen-devel-3.0.101-108.71.1.x86_64", "SUSE Linux Enterprise Software Development Kit 11 SP4:kernel-docs-3.0.101-108.71.1.noarch", ], }, references: [ { category: "external", summary: "CVE-2018-6554", url: "https://www.suse.com/security/cve/CVE-2018-6554", }, { category: "external", summary: "SUSE Bug 1106509 for CVE-2018-6554", url: "https://bugzilla.suse.com/1106509", }, { category: "external", summary: "SUSE Bug 1106511 for CVE-2018-6554", url: "https://bugzilla.suse.com/1106511", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE Linux Enterprise Server 11 SP4:kernel-bigmem-3.0.101-108.71.1.ppc64", "SUSE Linux Enterprise Server 11 SP4:kernel-bigmem-base-3.0.101-108.71.1.ppc64", "SUSE Linux Enterprise Server 11 SP4:kernel-bigmem-devel-3.0.101-108.71.1.ppc64", "SUSE Linux Enterprise Server 11 SP4:kernel-default-3.0.101-108.71.1.i586", "SUSE Linux Enterprise Server 11 SP4:kernel-default-3.0.101-108.71.1.ia64", "SUSE Linux Enterprise Server 11 SP4:kernel-default-3.0.101-108.71.1.ppc64", "SUSE Linux Enterprise Server 11 SP4:kernel-default-3.0.101-108.71.1.s390x", "SUSE Linux Enterprise Server 11 SP4:kernel-default-3.0.101-108.71.1.x86_64", "SUSE Linux Enterprise Server 11 SP4:kernel-default-base-3.0.101-108.71.1.i586", "SUSE Linux Enterprise Server 11 SP4:kernel-default-base-3.0.101-108.71.1.ia64", "SUSE Linux Enterprise Server 11 SP4:kernel-default-base-3.0.101-108.71.1.ppc64", "SUSE Linux Enterprise Server 11 SP4:kernel-default-base-3.0.101-108.71.1.s390x", "SUSE Linux Enterprise Server 11 SP4:kernel-default-base-3.0.101-108.71.1.x86_64", "SUSE Linux Enterprise Server 11 SP4:kernel-default-devel-3.0.101-108.71.1.i586", "SUSE Linux Enterprise Server 11 SP4:kernel-default-devel-3.0.101-108.71.1.ia64", "SUSE Linux Enterprise Server 11 SP4:kernel-default-devel-3.0.101-108.71.1.ppc64", "SUSE Linux Enterprise Server 11 SP4:kernel-default-devel-3.0.101-108.71.1.s390x", "SUSE Linux Enterprise Server 11 SP4:kernel-default-devel-3.0.101-108.71.1.x86_64", "SUSE Linux Enterprise Server 11 SP4:kernel-default-man-3.0.101-108.71.1.s390x", "SUSE Linux Enterprise Server 11 SP4:kernel-ec2-3.0.101-108.71.1.i586", "SUSE Linux Enterprise Server 11 SP4:kernel-ec2-3.0.101-108.71.1.x86_64", "SUSE Linux Enterprise Server 11 SP4:kernel-ec2-base-3.0.101-108.71.1.i586", "SUSE Linux Enterprise Server 11 SP4:kernel-ec2-base-3.0.101-108.71.1.x86_64", "SUSE Linux Enterprise Server 11 SP4:kernel-ec2-devel-3.0.101-108.71.1.i586", "SUSE Linux Enterprise Server 11 SP4:kernel-ec2-devel-3.0.101-108.71.1.x86_64", "SUSE Linux Enterprise Server 11 SP4:kernel-pae-3.0.101-108.71.1.i586", "SUSE Linux Enterprise Server 11 SP4:kernel-pae-base-3.0.101-108.71.1.i586", "SUSE Linux Enterprise Server 11 SP4:kernel-pae-devel-3.0.101-108.71.1.i586", "SUSE Linux Enterprise Server 11 SP4:kernel-ppc64-3.0.101-108.71.1.ppc64", "SUSE Linux Enterprise Server 11 SP4:kernel-ppc64-base-3.0.101-108.71.1.ppc64", "SUSE Linux Enterprise Server 11 SP4:kernel-ppc64-devel-3.0.101-108.71.1.ppc64", "SUSE Linux Enterprise Server 11 SP4:kernel-source-3.0.101-108.71.1.i586", "SUSE Linux Enterprise Server 11 SP4:kernel-source-3.0.101-108.71.1.ia64", "SUSE Linux Enterprise Server 11 SP4:kernel-source-3.0.101-108.71.1.ppc64", "SUSE Linux Enterprise Server 11 SP4:kernel-source-3.0.101-108.71.1.s390x", "SUSE Linux Enterprise Server 11 SP4:kernel-source-3.0.101-108.71.1.x86_64", "SUSE Linux Enterprise Server 11 SP4:kernel-syms-3.0.101-108.71.1.i586", "SUSE Linux Enterprise Server 11 SP4:kernel-syms-3.0.101-108.71.1.ia64", "SUSE Linux Enterprise Server 11 SP4:kernel-syms-3.0.101-108.71.1.ppc64", "SUSE Linux Enterprise Server 11 SP4:kernel-syms-3.0.101-108.71.1.s390x", "SUSE Linux Enterprise Server 11 SP4:kernel-syms-3.0.101-108.71.1.x86_64", "SUSE Linux Enterprise Server 11 SP4:kernel-trace-3.0.101-108.71.1.i586", "SUSE Linux Enterprise Server 11 SP4:kernel-trace-3.0.101-108.71.1.ia64", "SUSE Linux Enterprise Server 11 SP4:kernel-trace-3.0.101-108.71.1.ppc64", "SUSE Linux Enterprise Server 11 SP4:kernel-trace-3.0.101-108.71.1.s390x", "SUSE Linux Enterprise Server 11 SP4:kernel-trace-3.0.101-108.71.1.x86_64", "SUSE Linux Enterprise Server 11 SP4:kernel-trace-base-3.0.101-108.71.1.i586", "SUSE Linux Enterprise Server 11 SP4:kernel-trace-base-3.0.101-108.71.1.ia64", "SUSE Linux Enterprise Server 11 SP4:kernel-trace-base-3.0.101-108.71.1.ppc64", "SUSE Linux Enterprise Server 11 SP4:kernel-trace-base-3.0.101-108.71.1.s390x", "SUSE Linux Enterprise Server 11 SP4:kernel-trace-base-3.0.101-108.71.1.x86_64", "SUSE Linux Enterprise Server 11 SP4:kernel-trace-devel-3.0.101-108.71.1.i586", "SUSE Linux Enterprise Server 11 SP4:kernel-trace-devel-3.0.101-108.71.1.ia64", "SUSE Linux Enterprise Server 11 SP4:kernel-trace-devel-3.0.101-108.71.1.ppc64", "SUSE Linux Enterprise Server 11 SP4:kernel-trace-devel-3.0.101-108.71.1.s390x", "SUSE Linux Enterprise Server 11 SP4:kernel-trace-devel-3.0.101-108.71.1.x86_64", "SUSE Linux Enterprise Server 11 SP4:kernel-xen-3.0.101-108.71.1.i586", "SUSE Linux Enterprise Server 11 SP4:kernel-xen-3.0.101-108.71.1.x86_64", "SUSE Linux Enterprise Server 11 SP4:kernel-xen-base-3.0.101-108.71.1.i586", "SUSE Linux Enterprise Server 11 SP4:kernel-xen-base-3.0.101-108.71.1.x86_64", "SUSE Linux Enterprise Server 11 SP4:kernel-xen-devel-3.0.101-108.71.1.i586", "SUSE Linux Enterprise Server 11 SP4:kernel-xen-devel-3.0.101-108.71.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-bigmem-3.0.101-108.71.1.ppc64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-bigmem-base-3.0.101-108.71.1.ppc64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-bigmem-devel-3.0.101-108.71.1.ppc64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-default-3.0.101-108.71.1.i586", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-default-3.0.101-108.71.1.ia64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-default-3.0.101-108.71.1.ppc64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-default-3.0.101-108.71.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-default-3.0.101-108.71.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-default-base-3.0.101-108.71.1.i586", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-default-base-3.0.101-108.71.1.ia64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-default-base-3.0.101-108.71.1.ppc64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-default-base-3.0.101-108.71.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-default-base-3.0.101-108.71.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-default-devel-3.0.101-108.71.1.i586", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-default-devel-3.0.101-108.71.1.ia64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-default-devel-3.0.101-108.71.1.ppc64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-default-devel-3.0.101-108.71.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-default-devel-3.0.101-108.71.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-default-man-3.0.101-108.71.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-ec2-3.0.101-108.71.1.i586", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-ec2-3.0.101-108.71.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-ec2-base-3.0.101-108.71.1.i586", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-ec2-base-3.0.101-108.71.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-ec2-devel-3.0.101-108.71.1.i586", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-ec2-devel-3.0.101-108.71.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-pae-3.0.101-108.71.1.i586", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-pae-base-3.0.101-108.71.1.i586", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-pae-devel-3.0.101-108.71.1.i586", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-ppc64-3.0.101-108.71.1.ppc64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-ppc64-base-3.0.101-108.71.1.ppc64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-ppc64-devel-3.0.101-108.71.1.ppc64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-source-3.0.101-108.71.1.i586", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-source-3.0.101-108.71.1.ia64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-source-3.0.101-108.71.1.ppc64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-source-3.0.101-108.71.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-source-3.0.101-108.71.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-syms-3.0.101-108.71.1.i586", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-syms-3.0.101-108.71.1.ia64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-syms-3.0.101-108.71.1.ppc64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-syms-3.0.101-108.71.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-syms-3.0.101-108.71.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-trace-3.0.101-108.71.1.i586", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-trace-3.0.101-108.71.1.ia64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-trace-3.0.101-108.71.1.ppc64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-trace-3.0.101-108.71.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-trace-3.0.101-108.71.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-trace-base-3.0.101-108.71.1.i586", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-trace-base-3.0.101-108.71.1.ia64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-trace-base-3.0.101-108.71.1.ppc64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-trace-base-3.0.101-108.71.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-trace-base-3.0.101-108.71.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-trace-devel-3.0.101-108.71.1.i586", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-trace-devel-3.0.101-108.71.1.ia64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-trace-devel-3.0.101-108.71.1.ppc64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-trace-devel-3.0.101-108.71.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-trace-devel-3.0.101-108.71.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-xen-3.0.101-108.71.1.i586", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-xen-3.0.101-108.71.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-xen-base-3.0.101-108.71.1.i586", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-xen-base-3.0.101-108.71.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-xen-devel-3.0.101-108.71.1.i586", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-xen-devel-3.0.101-108.71.1.x86_64", "SUSE Linux Enterprise Software Development Kit 11 SP4:kernel-docs-3.0.101-108.71.1.noarch", ], }, ], scores: [ { cvss_v3: { baseScore: 3.3, baseSeverity: "LOW", vectorString: "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L", version: "3.0", }, products: [ "SUSE Linux Enterprise Server 11 SP4:kernel-bigmem-3.0.101-108.71.1.ppc64", "SUSE Linux Enterprise Server 11 SP4:kernel-bigmem-base-3.0.101-108.71.1.ppc64", "SUSE Linux Enterprise Server 11 SP4:kernel-bigmem-devel-3.0.101-108.71.1.ppc64", "SUSE Linux Enterprise Server 11 SP4:kernel-default-3.0.101-108.71.1.i586", "SUSE Linux Enterprise Server 11 SP4:kernel-default-3.0.101-108.71.1.ia64", "SUSE Linux Enterprise Server 11 SP4:kernel-default-3.0.101-108.71.1.ppc64", "SUSE Linux Enterprise Server 11 SP4:kernel-default-3.0.101-108.71.1.s390x", "SUSE Linux Enterprise Server 11 SP4:kernel-default-3.0.101-108.71.1.x86_64", "SUSE Linux Enterprise Server 11 SP4:kernel-default-base-3.0.101-108.71.1.i586", "SUSE Linux Enterprise Server 11 SP4:kernel-default-base-3.0.101-108.71.1.ia64", "SUSE Linux Enterprise Server 11 SP4:kernel-default-base-3.0.101-108.71.1.ppc64", "SUSE Linux Enterprise Server 11 SP4:kernel-default-base-3.0.101-108.71.1.s390x", "SUSE Linux Enterprise Server 11 SP4:kernel-default-base-3.0.101-108.71.1.x86_64", "SUSE Linux Enterprise Server 11 SP4:kernel-default-devel-3.0.101-108.71.1.i586", "SUSE Linux Enterprise Server 11 SP4:kernel-default-devel-3.0.101-108.71.1.ia64", "SUSE Linux Enterprise Server 11 SP4:kernel-default-devel-3.0.101-108.71.1.ppc64", "SUSE Linux Enterprise Server 11 SP4:kernel-default-devel-3.0.101-108.71.1.s390x", "SUSE Linux Enterprise Server 11 SP4:kernel-default-devel-3.0.101-108.71.1.x86_64", "SUSE Linux Enterprise Server 11 SP4:kernel-default-man-3.0.101-108.71.1.s390x", "SUSE Linux Enterprise Server 11 SP4:kernel-ec2-3.0.101-108.71.1.i586", "SUSE Linux Enterprise Server 11 SP4:kernel-ec2-3.0.101-108.71.1.x86_64", "SUSE Linux Enterprise Server 11 SP4:kernel-ec2-base-3.0.101-108.71.1.i586", "SUSE Linux Enterprise Server 11 SP4:kernel-ec2-base-3.0.101-108.71.1.x86_64", "SUSE Linux Enterprise Server 11 SP4:kernel-ec2-devel-3.0.101-108.71.1.i586", "SUSE Linux Enterprise Server 11 SP4:kernel-ec2-devel-3.0.101-108.71.1.x86_64", "SUSE Linux Enterprise Server 11 SP4:kernel-pae-3.0.101-108.71.1.i586", "SUSE Linux Enterprise Server 11 SP4:kernel-pae-base-3.0.101-108.71.1.i586", "SUSE Linux Enterprise Server 11 SP4:kernel-pae-devel-3.0.101-108.71.1.i586", "SUSE Linux Enterprise Server 11 SP4:kernel-ppc64-3.0.101-108.71.1.ppc64", "SUSE Linux Enterprise Server 11 SP4:kernel-ppc64-base-3.0.101-108.71.1.ppc64", "SUSE Linux Enterprise Server 11 SP4:kernel-ppc64-devel-3.0.101-108.71.1.ppc64", "SUSE Linux Enterprise Server 11 SP4:kernel-source-3.0.101-108.71.1.i586", "SUSE Linux Enterprise Server 11 SP4:kernel-source-3.0.101-108.71.1.ia64", "SUSE Linux Enterprise Server 11 SP4:kernel-source-3.0.101-108.71.1.ppc64", "SUSE Linux Enterprise Server 11 SP4:kernel-source-3.0.101-108.71.1.s390x", "SUSE Linux Enterprise Server 11 SP4:kernel-source-3.0.101-108.71.1.x86_64", "SUSE Linux Enterprise Server 11 SP4:kernel-syms-3.0.101-108.71.1.i586", "SUSE Linux Enterprise Server 11 SP4:kernel-syms-3.0.101-108.71.1.ia64", "SUSE Linux Enterprise Server 11 SP4:kernel-syms-3.0.101-108.71.1.ppc64", "SUSE Linux Enterprise Server 11 SP4:kernel-syms-3.0.101-108.71.1.s390x", "SUSE Linux Enterprise Server 11 SP4:kernel-syms-3.0.101-108.71.1.x86_64", "SUSE Linux Enterprise Server 11 SP4:kernel-trace-3.0.101-108.71.1.i586", "SUSE Linux Enterprise Server 11 SP4:kernel-trace-3.0.101-108.71.1.ia64", "SUSE Linux Enterprise Server 11 SP4:kernel-trace-3.0.101-108.71.1.ppc64", "SUSE Linux Enterprise Server 11 SP4:kernel-trace-3.0.101-108.71.1.s390x", "SUSE Linux Enterprise Server 11 SP4:kernel-trace-3.0.101-108.71.1.x86_64", "SUSE Linux Enterprise Server 11 SP4:kernel-trace-base-3.0.101-108.71.1.i586", "SUSE Linux Enterprise Server 11 SP4:kernel-trace-base-3.0.101-108.71.1.ia64", "SUSE Linux Enterprise Server 11 SP4:kernel-trace-base-3.0.101-108.71.1.ppc64", "SUSE Linux Enterprise Server 11 SP4:kernel-trace-base-3.0.101-108.71.1.s390x", "SUSE Linux Enterprise Server 11 SP4:kernel-trace-base-3.0.101-108.71.1.x86_64", "SUSE Linux Enterprise Server 11 SP4:kernel-trace-devel-3.0.101-108.71.1.i586", "SUSE Linux Enterprise Server 11 SP4:kernel-trace-devel-3.0.101-108.71.1.ia64", "SUSE Linux Enterprise Server 11 SP4:kernel-trace-devel-3.0.101-108.71.1.ppc64", "SUSE Linux Enterprise Server 11 SP4:kernel-trace-devel-3.0.101-108.71.1.s390x", "SUSE Linux Enterprise Server 11 SP4:kernel-trace-devel-3.0.101-108.71.1.x86_64", "SUSE Linux Enterprise Server 11 SP4:kernel-xen-3.0.101-108.71.1.i586", "SUSE Linux Enterprise Server 11 SP4:kernel-xen-3.0.101-108.71.1.x86_64", "SUSE Linux Enterprise Server 11 SP4:kernel-xen-base-3.0.101-108.71.1.i586", "SUSE Linux Enterprise Server 11 SP4:kernel-xen-base-3.0.101-108.71.1.x86_64", "SUSE Linux Enterprise Server 11 SP4:kernel-xen-devel-3.0.101-108.71.1.i586", "SUSE Linux Enterprise Server 11 SP4:kernel-xen-devel-3.0.101-108.71.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-bigmem-3.0.101-108.71.1.ppc64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-bigmem-base-3.0.101-108.71.1.ppc64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-bigmem-devel-3.0.101-108.71.1.ppc64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-default-3.0.101-108.71.1.i586", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-default-3.0.101-108.71.1.ia64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-default-3.0.101-108.71.1.ppc64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-default-3.0.101-108.71.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-default-3.0.101-108.71.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-default-base-3.0.101-108.71.1.i586", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-default-base-3.0.101-108.71.1.ia64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-default-base-3.0.101-108.71.1.ppc64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-default-base-3.0.101-108.71.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-default-base-3.0.101-108.71.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-default-devel-3.0.101-108.71.1.i586", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-default-devel-3.0.101-108.71.1.ia64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-default-devel-3.0.101-108.71.1.ppc64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-default-devel-3.0.101-108.71.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-default-devel-3.0.101-108.71.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-default-man-3.0.101-108.71.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-ec2-3.0.101-108.71.1.i586", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-ec2-3.0.101-108.71.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-ec2-base-3.0.101-108.71.1.i586", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-ec2-base-3.0.101-108.71.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-ec2-devel-3.0.101-108.71.1.i586", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-ec2-devel-3.0.101-108.71.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-pae-3.0.101-108.71.1.i586", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-pae-base-3.0.101-108.71.1.i586", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-pae-devel-3.0.101-108.71.1.i586", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-ppc64-3.0.101-108.71.1.ppc64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-ppc64-base-3.0.101-108.71.1.ppc64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-ppc64-devel-3.0.101-108.71.1.ppc64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-source-3.0.101-108.71.1.i586", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-source-3.0.101-108.71.1.ia64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-source-3.0.101-108.71.1.ppc64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-source-3.0.101-108.71.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-source-3.0.101-108.71.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-syms-3.0.101-108.71.1.i586", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-syms-3.0.101-108.71.1.ia64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-syms-3.0.101-108.71.1.ppc64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-syms-3.0.101-108.71.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-syms-3.0.101-108.71.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-trace-3.0.101-108.71.1.i586", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-trace-3.0.101-108.71.1.ia64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-trace-3.0.101-108.71.1.ppc64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-trace-3.0.101-108.71.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-trace-3.0.101-108.71.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-trace-base-3.0.101-108.71.1.i586", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-trace-base-3.0.101-108.71.1.ia64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-trace-base-3.0.101-108.71.1.ppc64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-trace-base-3.0.101-108.71.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-trace-base-3.0.101-108.71.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-trace-devel-3.0.101-108.71.1.i586", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-trace-devel-3.0.101-108.71.1.ia64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-trace-devel-3.0.101-108.71.1.ppc64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-trace-devel-3.0.101-108.71.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-trace-devel-3.0.101-108.71.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-xen-3.0.101-108.71.1.i586", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-xen-3.0.101-108.71.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-xen-base-3.0.101-108.71.1.i586", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-xen-base-3.0.101-108.71.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-xen-devel-3.0.101-108.71.1.i586", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-xen-devel-3.0.101-108.71.1.x86_64", "SUSE Linux Enterprise Software Development Kit 11 SP4:kernel-docs-3.0.101-108.71.1.noarch", ], }, ], threats: [ { category: "impact", date: "2018-09-26T12:53:30Z", details: "low", }, ], title: "CVE-2018-6554", }, { cve: "CVE-2018-6555", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2018-6555", }, ], notes: [ { category: "general", text: "The irda_setsockopt function in net/irda/af_irda.c and later in drivers/staging/irda/net/af_irda.c in the Linux kernel before 4.17 allows local users to cause a denial of service (ias_object use-after-free and system crash) or possibly have unspecified other impact via an AF_IRDA socket.", title: "CVE description", }, ], product_status: { recommended: [ "SUSE Linux Enterprise Server 11 SP4:kernel-bigmem-3.0.101-108.71.1.ppc64", "SUSE Linux Enterprise Server 11 SP4:kernel-bigmem-base-3.0.101-108.71.1.ppc64", "SUSE Linux Enterprise Server 11 SP4:kernel-bigmem-devel-3.0.101-108.71.1.ppc64", "SUSE Linux Enterprise Server 11 SP4:kernel-default-3.0.101-108.71.1.i586", "SUSE Linux Enterprise Server 11 SP4:kernel-default-3.0.101-108.71.1.ia64", "SUSE Linux Enterprise Server 11 SP4:kernel-default-3.0.101-108.71.1.ppc64", "SUSE Linux Enterprise Server 11 SP4:kernel-default-3.0.101-108.71.1.s390x", "SUSE Linux Enterprise Server 11 SP4:kernel-default-3.0.101-108.71.1.x86_64", "SUSE Linux Enterprise Server 11 SP4:kernel-default-base-3.0.101-108.71.1.i586", "SUSE Linux Enterprise Server 11 SP4:kernel-default-base-3.0.101-108.71.1.ia64", "SUSE Linux Enterprise Server 11 SP4:kernel-default-base-3.0.101-108.71.1.ppc64", "SUSE Linux Enterprise Server 11 SP4:kernel-default-base-3.0.101-108.71.1.s390x", "SUSE Linux Enterprise Server 11 SP4:kernel-default-base-3.0.101-108.71.1.x86_64", "SUSE Linux Enterprise Server 11 SP4:kernel-default-devel-3.0.101-108.71.1.i586", "SUSE Linux Enterprise Server 11 SP4:kernel-default-devel-3.0.101-108.71.1.ia64", "SUSE Linux Enterprise Server 11 SP4:kernel-default-devel-3.0.101-108.71.1.ppc64", "SUSE Linux Enterprise Server 11 SP4:kernel-default-devel-3.0.101-108.71.1.s390x", "SUSE Linux Enterprise Server 11 SP4:kernel-default-devel-3.0.101-108.71.1.x86_64", "SUSE Linux Enterprise Server 11 SP4:kernel-default-man-3.0.101-108.71.1.s390x", "SUSE Linux Enterprise Server 11 SP4:kernel-ec2-3.0.101-108.71.1.i586", "SUSE Linux Enterprise Server 11 SP4:kernel-ec2-3.0.101-108.71.1.x86_64", "SUSE Linux Enterprise Server 11 SP4:kernel-ec2-base-3.0.101-108.71.1.i586", "SUSE Linux Enterprise Server 11 SP4:kernel-ec2-base-3.0.101-108.71.1.x86_64", "SUSE Linux Enterprise Server 11 SP4:kernel-ec2-devel-3.0.101-108.71.1.i586", "SUSE Linux Enterprise Server 11 SP4:kernel-ec2-devel-3.0.101-108.71.1.x86_64", "SUSE Linux Enterprise Server 11 SP4:kernel-pae-3.0.101-108.71.1.i586", "SUSE Linux Enterprise Server 11 SP4:kernel-pae-base-3.0.101-108.71.1.i586", "SUSE Linux Enterprise Server 11 SP4:kernel-pae-devel-3.0.101-108.71.1.i586", "SUSE Linux Enterprise Server 11 SP4:kernel-ppc64-3.0.101-108.71.1.ppc64", "SUSE Linux Enterprise Server 11 SP4:kernel-ppc64-base-3.0.101-108.71.1.ppc64", "SUSE Linux Enterprise Server 11 SP4:kernel-ppc64-devel-3.0.101-108.71.1.ppc64", "SUSE Linux Enterprise Server 11 SP4:kernel-source-3.0.101-108.71.1.i586", "SUSE Linux Enterprise Server 11 SP4:kernel-source-3.0.101-108.71.1.ia64", "SUSE Linux Enterprise Server 11 SP4:kernel-source-3.0.101-108.71.1.ppc64", "SUSE Linux Enterprise Server 11 SP4:kernel-source-3.0.101-108.71.1.s390x", "SUSE Linux Enterprise Server 11 SP4:kernel-source-3.0.101-108.71.1.x86_64", "SUSE Linux Enterprise Server 11 SP4:kernel-syms-3.0.101-108.71.1.i586", "SUSE Linux Enterprise Server 11 SP4:kernel-syms-3.0.101-108.71.1.ia64", "SUSE Linux Enterprise Server 11 SP4:kernel-syms-3.0.101-108.71.1.ppc64", "SUSE Linux Enterprise Server 11 SP4:kernel-syms-3.0.101-108.71.1.s390x", "SUSE Linux Enterprise Server 11 SP4:kernel-syms-3.0.101-108.71.1.x86_64", "SUSE Linux Enterprise Server 11 SP4:kernel-trace-3.0.101-108.71.1.i586", "SUSE Linux Enterprise Server 11 SP4:kernel-trace-3.0.101-108.71.1.ia64", "SUSE Linux Enterprise Server 11 SP4:kernel-trace-3.0.101-108.71.1.ppc64", "SUSE Linux Enterprise Server 11 SP4:kernel-trace-3.0.101-108.71.1.s390x", "SUSE Linux Enterprise Server 11 SP4:kernel-trace-3.0.101-108.71.1.x86_64", "SUSE Linux Enterprise Server 11 SP4:kernel-trace-base-3.0.101-108.71.1.i586", "SUSE Linux Enterprise Server 11 SP4:kernel-trace-base-3.0.101-108.71.1.ia64", "SUSE Linux Enterprise Server 11 SP4:kernel-trace-base-3.0.101-108.71.1.ppc64", "SUSE Linux Enterprise Server 11 SP4:kernel-trace-base-3.0.101-108.71.1.s390x", "SUSE Linux Enterprise Server 11 SP4:kernel-trace-base-3.0.101-108.71.1.x86_64", "SUSE Linux Enterprise Server 11 SP4:kernel-trace-devel-3.0.101-108.71.1.i586", "SUSE Linux Enterprise Server 11 SP4:kernel-trace-devel-3.0.101-108.71.1.ia64", "SUSE Linux Enterprise Server 11 SP4:kernel-trace-devel-3.0.101-108.71.1.ppc64", "SUSE Linux Enterprise Server 11 SP4:kernel-trace-devel-3.0.101-108.71.1.s390x", "SUSE Linux Enterprise Server 11 SP4:kernel-trace-devel-3.0.101-108.71.1.x86_64", "SUSE Linux Enterprise Server 11 SP4:kernel-xen-3.0.101-108.71.1.i586", "SUSE Linux Enterprise Server 11 SP4:kernel-xen-3.0.101-108.71.1.x86_64", "SUSE Linux Enterprise Server 11 SP4:kernel-xen-base-3.0.101-108.71.1.i586", "SUSE Linux Enterprise Server 11 SP4:kernel-xen-base-3.0.101-108.71.1.x86_64", "SUSE Linux Enterprise Server 11 SP4:kernel-xen-devel-3.0.101-108.71.1.i586", "SUSE Linux Enterprise Server 11 SP4:kernel-xen-devel-3.0.101-108.71.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-bigmem-3.0.101-108.71.1.ppc64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-bigmem-base-3.0.101-108.71.1.ppc64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-bigmem-devel-3.0.101-108.71.1.ppc64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-default-3.0.101-108.71.1.i586", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-default-3.0.101-108.71.1.ia64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-default-3.0.101-108.71.1.ppc64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-default-3.0.101-108.71.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-default-3.0.101-108.71.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-default-base-3.0.101-108.71.1.i586", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-default-base-3.0.101-108.71.1.ia64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-default-base-3.0.101-108.71.1.ppc64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-default-base-3.0.101-108.71.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-default-base-3.0.101-108.71.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-default-devel-3.0.101-108.71.1.i586", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-default-devel-3.0.101-108.71.1.ia64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-default-devel-3.0.101-108.71.1.ppc64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-default-devel-3.0.101-108.71.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-default-devel-3.0.101-108.71.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-default-man-3.0.101-108.71.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-ec2-3.0.101-108.71.1.i586", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-ec2-3.0.101-108.71.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-ec2-base-3.0.101-108.71.1.i586", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-ec2-base-3.0.101-108.71.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-ec2-devel-3.0.101-108.71.1.i586", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-ec2-devel-3.0.101-108.71.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-pae-3.0.101-108.71.1.i586", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-pae-base-3.0.101-108.71.1.i586", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-pae-devel-3.0.101-108.71.1.i586", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-ppc64-3.0.101-108.71.1.ppc64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-ppc64-base-3.0.101-108.71.1.ppc64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-ppc64-devel-3.0.101-108.71.1.ppc64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-source-3.0.101-108.71.1.i586", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-source-3.0.101-108.71.1.ia64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-source-3.0.101-108.71.1.ppc64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-source-3.0.101-108.71.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-source-3.0.101-108.71.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-syms-3.0.101-108.71.1.i586", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-syms-3.0.101-108.71.1.ia64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-syms-3.0.101-108.71.1.ppc64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-syms-3.0.101-108.71.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-syms-3.0.101-108.71.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-trace-3.0.101-108.71.1.i586", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-trace-3.0.101-108.71.1.ia64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-trace-3.0.101-108.71.1.ppc64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-trace-3.0.101-108.71.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-trace-3.0.101-108.71.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-trace-base-3.0.101-108.71.1.i586", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-trace-base-3.0.101-108.71.1.ia64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-trace-base-3.0.101-108.71.1.ppc64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-trace-base-3.0.101-108.71.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-trace-base-3.0.101-108.71.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-trace-devel-3.0.101-108.71.1.i586", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-trace-devel-3.0.101-108.71.1.ia64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-trace-devel-3.0.101-108.71.1.ppc64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-trace-devel-3.0.101-108.71.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-trace-devel-3.0.101-108.71.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-xen-3.0.101-108.71.1.i586", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-xen-3.0.101-108.71.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-xen-base-3.0.101-108.71.1.i586", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-xen-base-3.0.101-108.71.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-xen-devel-3.0.101-108.71.1.i586", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-xen-devel-3.0.101-108.71.1.x86_64", "SUSE Linux Enterprise Software Development Kit 11 SP4:kernel-docs-3.0.101-108.71.1.noarch", ], }, references: [ { category: "external", summary: "CVE-2018-6555", url: "https://www.suse.com/security/cve/CVE-2018-6555", }, { category: "external", summary: "SUSE Bug 1106509 for CVE-2018-6555", url: "https://bugzilla.suse.com/1106509", }, { category: "external", summary: "SUSE Bug 1106511 for CVE-2018-6555", url: "https://bugzilla.suse.com/1106511", }, { category: "external", summary: "SUSE Bug 1115893 for CVE-2018-6555", url: "https://bugzilla.suse.com/1115893", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE Linux Enterprise Server 11 SP4:kernel-bigmem-3.0.101-108.71.1.ppc64", "SUSE Linux Enterprise Server 11 SP4:kernel-bigmem-base-3.0.101-108.71.1.ppc64", "SUSE Linux Enterprise Server 11 SP4:kernel-bigmem-devel-3.0.101-108.71.1.ppc64", "SUSE Linux Enterprise Server 11 SP4:kernel-default-3.0.101-108.71.1.i586", "SUSE Linux Enterprise Server 11 SP4:kernel-default-3.0.101-108.71.1.ia64", "SUSE Linux Enterprise Server 11 SP4:kernel-default-3.0.101-108.71.1.ppc64", "SUSE Linux Enterprise Server 11 SP4:kernel-default-3.0.101-108.71.1.s390x", "SUSE Linux Enterprise Server 11 SP4:kernel-default-3.0.101-108.71.1.x86_64", "SUSE Linux Enterprise Server 11 SP4:kernel-default-base-3.0.101-108.71.1.i586", "SUSE Linux Enterprise Server 11 SP4:kernel-default-base-3.0.101-108.71.1.ia64", "SUSE Linux Enterprise Server 11 SP4:kernel-default-base-3.0.101-108.71.1.ppc64", "SUSE Linux Enterprise Server 11 SP4:kernel-default-base-3.0.101-108.71.1.s390x", "SUSE Linux Enterprise Server 11 SP4:kernel-default-base-3.0.101-108.71.1.x86_64", "SUSE Linux Enterprise Server 11 SP4:kernel-default-devel-3.0.101-108.71.1.i586", "SUSE Linux Enterprise Server 11 SP4:kernel-default-devel-3.0.101-108.71.1.ia64", "SUSE Linux Enterprise Server 11 SP4:kernel-default-devel-3.0.101-108.71.1.ppc64", "SUSE Linux Enterprise Server 11 SP4:kernel-default-devel-3.0.101-108.71.1.s390x", "SUSE Linux Enterprise Server 11 SP4:kernel-default-devel-3.0.101-108.71.1.x86_64", "SUSE Linux Enterprise Server 11 SP4:kernel-default-man-3.0.101-108.71.1.s390x", "SUSE Linux Enterprise Server 11 SP4:kernel-ec2-3.0.101-108.71.1.i586", "SUSE Linux Enterprise Server 11 SP4:kernel-ec2-3.0.101-108.71.1.x86_64", "SUSE Linux Enterprise Server 11 SP4:kernel-ec2-base-3.0.101-108.71.1.i586", "SUSE Linux Enterprise Server 11 SP4:kernel-ec2-base-3.0.101-108.71.1.x86_64", "SUSE Linux Enterprise Server 11 SP4:kernel-ec2-devel-3.0.101-108.71.1.i586", "SUSE Linux Enterprise Server 11 SP4:kernel-ec2-devel-3.0.101-108.71.1.x86_64", "SUSE Linux Enterprise Server 11 SP4:kernel-pae-3.0.101-108.71.1.i586", "SUSE Linux Enterprise Server 11 SP4:kernel-pae-base-3.0.101-108.71.1.i586", "SUSE Linux Enterprise Server 11 SP4:kernel-pae-devel-3.0.101-108.71.1.i586", "SUSE Linux Enterprise Server 11 SP4:kernel-ppc64-3.0.101-108.71.1.ppc64", "SUSE Linux Enterprise Server 11 SP4:kernel-ppc64-base-3.0.101-108.71.1.ppc64", "SUSE Linux Enterprise Server 11 SP4:kernel-ppc64-devel-3.0.101-108.71.1.ppc64", "SUSE Linux Enterprise Server 11 SP4:kernel-source-3.0.101-108.71.1.i586", "SUSE Linux Enterprise Server 11 SP4:kernel-source-3.0.101-108.71.1.ia64", "SUSE Linux Enterprise Server 11 SP4:kernel-source-3.0.101-108.71.1.ppc64", "SUSE Linux Enterprise Server 11 SP4:kernel-source-3.0.101-108.71.1.s390x", "SUSE Linux Enterprise Server 11 SP4:kernel-source-3.0.101-108.71.1.x86_64", "SUSE Linux Enterprise Server 11 SP4:kernel-syms-3.0.101-108.71.1.i586", "SUSE Linux Enterprise Server 11 SP4:kernel-syms-3.0.101-108.71.1.ia64", "SUSE Linux Enterprise Server 11 SP4:kernel-syms-3.0.101-108.71.1.ppc64", "SUSE Linux Enterprise Server 11 SP4:kernel-syms-3.0.101-108.71.1.s390x", "SUSE Linux Enterprise Server 11 SP4:kernel-syms-3.0.101-108.71.1.x86_64", "SUSE Linux Enterprise Server 11 SP4:kernel-trace-3.0.101-108.71.1.i586", "SUSE Linux Enterprise Server 11 SP4:kernel-trace-3.0.101-108.71.1.ia64", "SUSE Linux Enterprise Server 11 SP4:kernel-trace-3.0.101-108.71.1.ppc64", "SUSE Linux Enterprise Server 11 SP4:kernel-trace-3.0.101-108.71.1.s390x", "SUSE Linux Enterprise Server 11 SP4:kernel-trace-3.0.101-108.71.1.x86_64", "SUSE Linux Enterprise Server 11 SP4:kernel-trace-base-3.0.101-108.71.1.i586", "SUSE Linux Enterprise Server 11 SP4:kernel-trace-base-3.0.101-108.71.1.ia64", "SUSE Linux Enterprise Server 11 SP4:kernel-trace-base-3.0.101-108.71.1.ppc64", "SUSE Linux Enterprise Server 11 SP4:kernel-trace-base-3.0.101-108.71.1.s390x", "SUSE Linux Enterprise Server 11 SP4:kernel-trace-base-3.0.101-108.71.1.x86_64", "SUSE Linux Enterprise Server 11 SP4:kernel-trace-devel-3.0.101-108.71.1.i586", "SUSE Linux Enterprise Server 11 SP4:kernel-trace-devel-3.0.101-108.71.1.ia64", "SUSE Linux Enterprise Server 11 SP4:kernel-trace-devel-3.0.101-108.71.1.ppc64", "SUSE Linux Enterprise Server 11 SP4:kernel-trace-devel-3.0.101-108.71.1.s390x", "SUSE Linux Enterprise Server 11 SP4:kernel-trace-devel-3.0.101-108.71.1.x86_64", "SUSE Linux Enterprise Server 11 SP4:kernel-xen-3.0.101-108.71.1.i586", "SUSE Linux Enterprise Server 11 SP4:kernel-xen-3.0.101-108.71.1.x86_64", "SUSE Linux Enterprise Server 11 SP4:kernel-xen-base-3.0.101-108.71.1.i586", "SUSE Linux Enterprise Server 11 SP4:kernel-xen-base-3.0.101-108.71.1.x86_64", "SUSE Linux Enterprise Server 11 SP4:kernel-xen-devel-3.0.101-108.71.1.i586", "SUSE Linux Enterprise Server 11 SP4:kernel-xen-devel-3.0.101-108.71.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-bigmem-3.0.101-108.71.1.ppc64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-bigmem-base-3.0.101-108.71.1.ppc64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-bigmem-devel-3.0.101-108.71.1.ppc64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-default-3.0.101-108.71.1.i586", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-default-3.0.101-108.71.1.ia64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-default-3.0.101-108.71.1.ppc64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-default-3.0.101-108.71.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-default-3.0.101-108.71.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-default-base-3.0.101-108.71.1.i586", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-default-base-3.0.101-108.71.1.ia64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-default-base-3.0.101-108.71.1.ppc64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-default-base-3.0.101-108.71.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-default-base-3.0.101-108.71.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-default-devel-3.0.101-108.71.1.i586", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-default-devel-3.0.101-108.71.1.ia64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-default-devel-3.0.101-108.71.1.ppc64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-default-devel-3.0.101-108.71.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-default-devel-3.0.101-108.71.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-default-man-3.0.101-108.71.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-ec2-3.0.101-108.71.1.i586", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-ec2-3.0.101-108.71.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-ec2-base-3.0.101-108.71.1.i586", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-ec2-base-3.0.101-108.71.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-ec2-devel-3.0.101-108.71.1.i586", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-ec2-devel-3.0.101-108.71.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-pae-3.0.101-108.71.1.i586", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-pae-base-3.0.101-108.71.1.i586", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-pae-devel-3.0.101-108.71.1.i586", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-ppc64-3.0.101-108.71.1.ppc64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-ppc64-base-3.0.101-108.71.1.ppc64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-ppc64-devel-3.0.101-108.71.1.ppc64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-source-3.0.101-108.71.1.i586", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-source-3.0.101-108.71.1.ia64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-source-3.0.101-108.71.1.ppc64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-source-3.0.101-108.71.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-source-3.0.101-108.71.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-syms-3.0.101-108.71.1.i586", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-syms-3.0.101-108.71.1.ia64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-syms-3.0.101-108.71.1.ppc64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-syms-3.0.101-108.71.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-syms-3.0.101-108.71.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-trace-3.0.101-108.71.1.i586", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-trace-3.0.101-108.71.1.ia64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-trace-3.0.101-108.71.1.ppc64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-trace-3.0.101-108.71.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-trace-3.0.101-108.71.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-trace-base-3.0.101-108.71.1.i586", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-trace-base-3.0.101-108.71.1.ia64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-trace-base-3.0.101-108.71.1.ppc64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-trace-base-3.0.101-108.71.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-trace-base-3.0.101-108.71.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-trace-devel-3.0.101-108.71.1.i586", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-trace-devel-3.0.101-108.71.1.ia64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-trace-devel-3.0.101-108.71.1.ppc64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-trace-devel-3.0.101-108.71.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-trace-devel-3.0.101-108.71.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-xen-3.0.101-108.71.1.i586", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-xen-3.0.101-108.71.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-xen-base-3.0.101-108.71.1.i586", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-xen-base-3.0.101-108.71.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-xen-devel-3.0.101-108.71.1.i586", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-xen-devel-3.0.101-108.71.1.x86_64", "SUSE Linux Enterprise Software Development Kit 11 SP4:kernel-docs-3.0.101-108.71.1.noarch", ], }, ], scores: [ { cvss_v3: { baseScore: 4.4, baseSeverity: "MEDIUM", vectorString: "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:L", version: "3.0", }, products: [ "SUSE Linux Enterprise Server 11 SP4:kernel-bigmem-3.0.101-108.71.1.ppc64", "SUSE Linux Enterprise Server 11 SP4:kernel-bigmem-base-3.0.101-108.71.1.ppc64", "SUSE Linux Enterprise Server 11 SP4:kernel-bigmem-devel-3.0.101-108.71.1.ppc64", "SUSE Linux Enterprise Server 11 SP4:kernel-default-3.0.101-108.71.1.i586", "SUSE Linux Enterprise Server 11 SP4:kernel-default-3.0.101-108.71.1.ia64", "SUSE Linux Enterprise Server 11 SP4:kernel-default-3.0.101-108.71.1.ppc64", "SUSE Linux Enterprise Server 11 SP4:kernel-default-3.0.101-108.71.1.s390x", "SUSE Linux Enterprise Server 11 SP4:kernel-default-3.0.101-108.71.1.x86_64", "SUSE Linux Enterprise Server 11 SP4:kernel-default-base-3.0.101-108.71.1.i586", "SUSE Linux Enterprise Server 11 SP4:kernel-default-base-3.0.101-108.71.1.ia64", "SUSE Linux Enterprise Server 11 SP4:kernel-default-base-3.0.101-108.71.1.ppc64", "SUSE Linux Enterprise Server 11 SP4:kernel-default-base-3.0.101-108.71.1.s390x", "SUSE Linux Enterprise Server 11 SP4:kernel-default-base-3.0.101-108.71.1.x86_64", "SUSE Linux Enterprise Server 11 SP4:kernel-default-devel-3.0.101-108.71.1.i586", "SUSE Linux Enterprise Server 11 SP4:kernel-default-devel-3.0.101-108.71.1.ia64", "SUSE Linux Enterprise Server 11 SP4:kernel-default-devel-3.0.101-108.71.1.ppc64", "SUSE Linux Enterprise Server 11 SP4:kernel-default-devel-3.0.101-108.71.1.s390x", "SUSE Linux Enterprise Server 11 SP4:kernel-default-devel-3.0.101-108.71.1.x86_64", "SUSE Linux Enterprise Server 11 SP4:kernel-default-man-3.0.101-108.71.1.s390x", "SUSE Linux Enterprise Server 11 SP4:kernel-ec2-3.0.101-108.71.1.i586", "SUSE Linux Enterprise Server 11 SP4:kernel-ec2-3.0.101-108.71.1.x86_64", "SUSE Linux Enterprise Server 11 SP4:kernel-ec2-base-3.0.101-108.71.1.i586", "SUSE Linux Enterprise Server 11 SP4:kernel-ec2-base-3.0.101-108.71.1.x86_64", "SUSE Linux Enterprise Server 11 SP4:kernel-ec2-devel-3.0.101-108.71.1.i586", "SUSE Linux Enterprise Server 11 SP4:kernel-ec2-devel-3.0.101-108.71.1.x86_64", "SUSE Linux Enterprise Server 11 SP4:kernel-pae-3.0.101-108.71.1.i586", "SUSE Linux Enterprise Server 11 SP4:kernel-pae-base-3.0.101-108.71.1.i586", "SUSE Linux Enterprise Server 11 SP4:kernel-pae-devel-3.0.101-108.71.1.i586", "SUSE Linux Enterprise Server 11 SP4:kernel-ppc64-3.0.101-108.71.1.ppc64", "SUSE Linux Enterprise Server 11 SP4:kernel-ppc64-base-3.0.101-108.71.1.ppc64", "SUSE Linux Enterprise Server 11 SP4:kernel-ppc64-devel-3.0.101-108.71.1.ppc64", "SUSE Linux Enterprise Server 11 SP4:kernel-source-3.0.101-108.71.1.i586", "SUSE Linux Enterprise Server 11 SP4:kernel-source-3.0.101-108.71.1.ia64", "SUSE Linux Enterprise Server 11 SP4:kernel-source-3.0.101-108.71.1.ppc64", "SUSE Linux Enterprise Server 11 SP4:kernel-source-3.0.101-108.71.1.s390x", "SUSE Linux Enterprise Server 11 SP4:kernel-source-3.0.101-108.71.1.x86_64", "SUSE Linux Enterprise Server 11 SP4:kernel-syms-3.0.101-108.71.1.i586", "SUSE Linux Enterprise Server 11 SP4:kernel-syms-3.0.101-108.71.1.ia64", "SUSE Linux Enterprise Server 11 SP4:kernel-syms-3.0.101-108.71.1.ppc64", "SUSE Linux Enterprise Server 11 SP4:kernel-syms-3.0.101-108.71.1.s390x", "SUSE Linux Enterprise Server 11 SP4:kernel-syms-3.0.101-108.71.1.x86_64", "SUSE Linux Enterprise Server 11 SP4:kernel-trace-3.0.101-108.71.1.i586", "SUSE Linux Enterprise Server 11 SP4:kernel-trace-3.0.101-108.71.1.ia64", "SUSE Linux Enterprise Server 11 SP4:kernel-trace-3.0.101-108.71.1.ppc64", "SUSE Linux Enterprise Server 11 SP4:kernel-trace-3.0.101-108.71.1.s390x", "SUSE Linux Enterprise Server 11 SP4:kernel-trace-3.0.101-108.71.1.x86_64", "SUSE Linux Enterprise Server 11 SP4:kernel-trace-base-3.0.101-108.71.1.i586", "SUSE Linux Enterprise Server 11 SP4:kernel-trace-base-3.0.101-108.71.1.ia64", "SUSE Linux Enterprise Server 11 SP4:kernel-trace-base-3.0.101-108.71.1.ppc64", "SUSE Linux Enterprise Server 11 SP4:kernel-trace-base-3.0.101-108.71.1.s390x", "SUSE Linux Enterprise Server 11 SP4:kernel-trace-base-3.0.101-108.71.1.x86_64", "SUSE Linux Enterprise Server 11 SP4:kernel-trace-devel-3.0.101-108.71.1.i586", "SUSE Linux Enterprise Server 11 SP4:kernel-trace-devel-3.0.101-108.71.1.ia64", "SUSE Linux Enterprise Server 11 SP4:kernel-trace-devel-3.0.101-108.71.1.ppc64", "SUSE Linux Enterprise Server 11 SP4:kernel-trace-devel-3.0.101-108.71.1.s390x", "SUSE Linux Enterprise Server 11 SP4:kernel-trace-devel-3.0.101-108.71.1.x86_64", "SUSE Linux Enterprise Server 11 SP4:kernel-xen-3.0.101-108.71.1.i586", "SUSE Linux Enterprise Server 11 SP4:kernel-xen-3.0.101-108.71.1.x86_64", "SUSE Linux Enterprise Server 11 SP4:kernel-xen-base-3.0.101-108.71.1.i586", "SUSE Linux Enterprise Server 11 SP4:kernel-xen-base-3.0.101-108.71.1.x86_64", "SUSE Linux Enterprise Server 11 SP4:kernel-xen-devel-3.0.101-108.71.1.i586", "SUSE Linux Enterprise Server 11 SP4:kernel-xen-devel-3.0.101-108.71.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-bigmem-3.0.101-108.71.1.ppc64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-bigmem-base-3.0.101-108.71.1.ppc64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-bigmem-devel-3.0.101-108.71.1.ppc64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-default-3.0.101-108.71.1.i586", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-default-3.0.101-108.71.1.ia64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-default-3.0.101-108.71.1.ppc64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-default-3.0.101-108.71.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-default-3.0.101-108.71.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-default-base-3.0.101-108.71.1.i586", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-default-base-3.0.101-108.71.1.ia64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-default-base-3.0.101-108.71.1.ppc64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-default-base-3.0.101-108.71.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-default-base-3.0.101-108.71.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-default-devel-3.0.101-108.71.1.i586", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-default-devel-3.0.101-108.71.1.ia64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-default-devel-3.0.101-108.71.1.ppc64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-default-devel-3.0.101-108.71.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-default-devel-3.0.101-108.71.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-default-man-3.0.101-108.71.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-ec2-3.0.101-108.71.1.i586", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-ec2-3.0.101-108.71.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-ec2-base-3.0.101-108.71.1.i586", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-ec2-base-3.0.101-108.71.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-ec2-devel-3.0.101-108.71.1.i586", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-ec2-devel-3.0.101-108.71.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-pae-3.0.101-108.71.1.i586", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-pae-base-3.0.101-108.71.1.i586", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-pae-devel-3.0.101-108.71.1.i586", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-ppc64-3.0.101-108.71.1.ppc64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-ppc64-base-3.0.101-108.71.1.ppc64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-ppc64-devel-3.0.101-108.71.1.ppc64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-source-3.0.101-108.71.1.i586", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-source-3.0.101-108.71.1.ia64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-source-3.0.101-108.71.1.ppc64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-source-3.0.101-108.71.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-source-3.0.101-108.71.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-syms-3.0.101-108.71.1.i586", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-syms-3.0.101-108.71.1.ia64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-syms-3.0.101-108.71.1.ppc64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-syms-3.0.101-108.71.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-syms-3.0.101-108.71.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-trace-3.0.101-108.71.1.i586", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-trace-3.0.101-108.71.1.ia64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-trace-3.0.101-108.71.1.ppc64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-trace-3.0.101-108.71.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-trace-3.0.101-108.71.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-trace-base-3.0.101-108.71.1.i586", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-trace-base-3.0.101-108.71.1.ia64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-trace-base-3.0.101-108.71.1.ppc64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-trace-base-3.0.101-108.71.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-trace-base-3.0.101-108.71.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-trace-devel-3.0.101-108.71.1.i586", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-trace-devel-3.0.101-108.71.1.ia64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-trace-devel-3.0.101-108.71.1.ppc64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-trace-devel-3.0.101-108.71.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-trace-devel-3.0.101-108.71.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-xen-3.0.101-108.71.1.i586", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-xen-3.0.101-108.71.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-xen-base-3.0.101-108.71.1.i586", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-xen-base-3.0.101-108.71.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-xen-devel-3.0.101-108.71.1.i586", "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-xen-devel-3.0.101-108.71.1.x86_64", "SUSE Linux Enterprise Software Development Kit 11 SP4:kernel-docs-3.0.101-108.71.1.noarch", ], }, ], threats: [ { category: "impact", date: "2018-09-26T12:53:30Z", details: "moderate", }, ], title: "CVE-2018-6555", }, ], }
suse-su-2018:2775-1
Vulnerability from csaf_suse
Published
2018-09-20 16:27
Modified
2018-09-20 16:27
Summary
Security update for the Linux Kernel
Notes
Title of the patch
Security update for the Linux Kernel
Description of the patch
The SUSE Linux Enterprise 12 SP3 kernel was updated to 4.4.155 to receive various security and bugfixes.
The following security bugs were fixed:
- CVE-2018-13093: Prevent NULL pointer dereference and panic in lookup_slow()
on a NULL inode->i_ops pointer when doing pathwalks on a corrupted xfs image.
This occured because of a lack of proper validation that cached inodes are free
during allocation (bnc#1100001).
- CVE-2018-13095: Prevent denial of service (memory corruption and BUG) that
could have occurred for a corrupted xfs image upon encountering an inode that
is in extent format, but has more extents than fit in the inode fork
(bnc#1099999).
- CVE-2018-13094: Prevent OOPS that may have occured for a corrupted xfs image
after xfs_da_shrink_inode() is called with a NULL bp (bnc#1100000).
- CVE-2018-12896: Prevent integer overflow in the POSIX timer code that was
caused by the way the overrun accounting works. Depending on interval and
expiry time values, the overrun can be larger than INT_MAX, but the accounting
is int based. This basically made the accounting values, which are visible to
user space via timer_getoverrun(2) and siginfo::si_overrun, random. This
allowed a local user to cause a denial of service (signed integer overflow) via
crafted mmap, futex, timer_create, and timer_settime system calls
(bnc#1099922).
- CVE-2018-16658: Prevent information leak in cdrom_ioctl_drive_status that
could have been used by local attackers to read kernel memory (bnc#1107689).
- CVE-2018-6555: The irda_setsockopt function allowed local users to cause a
denial of service (ias_object use-after-free and system crash) or possibly have
unspecified other impact via an AF_IRDA socket (bnc#1106511).
- CVE-2018-6554: Prevent memory leak in the irda_bind function that allowed
local users to cause a denial of service (memory consumption) by repeatedly
binding an AF_IRDA socket (bnc#1106509).
- CVE-2018-1129: A flaw was found in the way signature calculation was handled
by cephx authentication protocol. An attacker having access to ceph cluster
network who is able to alter the message payload was able to bypass signature
checks done by cephx protocol (bnc#1096748).
- CVE-2018-1128: It was found that cephx authentication protocol did not verify
ceph clients correctly and was vulnerable to replay attack. Any attacker having
access to ceph cluster network who is able to sniff packets on network can use
this vulnerability to authenticate with ceph service and perform actions
allowed by ceph service (bnc#1096748).
- CVE-2018-10938: A crafted network packet sent remotely by an attacker forced
the kernel to enter an infinite loop in the cipso_v4_optptr() function leading
to a denial-of-service (bnc#1106016).
- CVE-2018-15572: The spectre_v2_select_mitigation function did not always fill
RSB upon a context switch, which made it easier for attackers to conduct
userspace-userspace spectreRSB attacks (bnc#1102517).
- CVE-2018-10902: Protect against concurrent access to prevent double realloc
(double free) in snd_rawmidi_input_params() and snd_rawmidi_output_status(). A
malicious local attacker could have used this for privilege escalation
(bnc#1105322 1105323).
- CVE-2018-9363: Prevent buffer overflow in hidp_process_report (bsc#1105292)
- CVE-2018-10883: A local user could have caused an out-of-bounds write in
jbd2_journal_dirty_metadata(), a denial of service, and a system crash by
mounting and operating on a crafted ext4 filesystem image (bsc#1099863).
- CVE-2018-10879: A local user could have caused a use-after-free in
ext4_xattr_set_entry function and a denial of service or unspecified other
impact by renaming a file in a crafted ext4 filesystem image (bsc#1099844).
- CVE-2018-10878: A local user could have caused an out-of-bounds write and a
denial of service or unspecified other impact by mounting and operating a
crafted ext4 filesystem image (bsc#1099813).
- CVE-2018-10876: A use-after-free was possible in ext4_ext_remove_space()
function when mounting and operating a crafted ext4 image (bsc#1099811).
- CVE-2018-10877: Prevent out-of-bound access in the ext4_ext_drop_refs()
function when operating on a crafted ext4 filesystem image (bsc#1099846).
- CVE-2018-10881: A local user could have caused an out-of-bound access in
ext4_get_group_info function, a denial of service, and a system crash by
mounting and operating on a crafted ext4 filesystem image (bsc#1099864).
- CVE-2018-10882: A local user could have caused an out-of-bound write, a
denial of service, and a system crash by unmounting a crafted ext4 filesystem
image (bsc#1099849).
- CVE-2018-10880: Prevent stack-out-of-bounds write in the ext4 filesystem code
when mounting and writing to a crafted ext4 image in ext4_update_inline_data().
An attacker could have used this to cause a system crash and a denial of
service (bsc#1099845).
The following non-security bugs were fixed:
- 9p/net: Fix zero-copy path in the 9p virtio transport (bnc#1012382).
- 9p/virtio: fix off-by-one error in sg list bounds check (bnc#1012382).
- 9p: fix multiple NULL-pointer-dereferences (bnc#1012382).
- ACPI / LPSS: Add missing prv_offset setting for byt/cht PWM devices (bnc#1012382).
- ACPI / PCI: Bail early in acpi_pci_add_bus() if there is no ACPI handle (bnc#1012382).
- ACPI / PM: save NVS memory for ASUS 1025C laptop (bnc#1012382).
- ACPI: save NVS memory for Lenovo G50-45 (bnc#1012382).
- ALSA: cs5535audio: Fix invalid endian conversion (bnc#1012382).
- ALSA: emu10k1: Rate-limit error messages about page errors (bnc#1012382).
- ALSA: emu10k1: add error handling for snd_ctl_add (bnc#1012382).
- ALSA: fm801: add error handling for snd_ctl_add (bnc#1012382).
- ALSA: hda - Sleep for 10ms after entering D3 on Conexant codecs (bnc#1012382).
- ALSA: hda - Turn CX8200 into D3 as well upon reboot (bnc#1012382).
- ALSA: hda/ca0132: fix build failure when a local macro is defined (bnc#1012382).
- ALSA: hda: Correct Asrock B85M-ITX power_save blacklist entry (bnc#1012382).
- ALSA: memalloc: Do not exceed over the requested size (bnc#1012382).
- ALSA: rawmidi: Change resized buffers atomically (bnc#1012382).
- ALSA: snd-aoa: add of_node_put() in error path (bsc#1099810).
- ALSA: usb-audio: Apply rate limit to warning messages in URB complete callback (bnc#1012382).
- ALSA: virmidi: Fix too long output trigger loop (bnc#1012382).
- ALSA: vx222: Fix invalid endian conversions (bnc#1012382).
- ALSA: vxpocket: Fix invalid endian conversions (bnc#1012382).
- ARC: Enable machine_desc->init_per_cpu for !CONFIG_SMP (bnc#1012382).
- ARC: Explicitly add -mmedium-calls to CFLAGS (bnc#1012382).
- ARC: Fix CONFIG_SWAP (bnc#1012382).
- ARC: mm: allow mprotect to make stack mappings executable (bnc#1012382).
- ARM: 8780/1: ftrace: Only set kernel memory back to read-only after boot (bnc#1012382).
- ARM: dts: Cygnus: Fix I2C controller interrupt type (bnc#1012382).
- ARM: dts: am3517.dtsi: Disable reference to OMAP3 OTG controller (bnc#1012382).
- ARM: dts: am437x: make edt-ft5x06 a wakeup source (bnc#1012382).
- ARM: dts: da850: Fix interrups property for gpio (bnc#1012382).
- ARM: dts: imx6sx: fix irq for pcie bridge (bnc#1012382).
- ARM: fix put_user() for gcc-8 (bnc#1012382).
- ARM: imx_v4_v5_defconfig: Select ULPI support (bnc#1012382).
- ARM: imx_v6_v7_defconfig: Select ULPI support (bnc#1012382).
- ARM: pxa: irq: fix handling of ICMR registers in suspend/resume (bnc#1012382).
- ARM: tegra: Fix Tegra30 Cardhu PCA954x reset (bnc#1012382).
- ASoC: Intel: cht_bsw_max98090: remove useless code, align with ChromeOS driver.
- ASoC: Intel: cht_bsw_max98090_ti: Fix jack initialization (bnc#1012382).
- ASoC: dpcm: do not merge format from invalid codec dai (bnc#1012382).
- ASoC: dpcm: fix BE dai not hw_free and shutdown (bnc#1012382).
- ASoC: pxa: Fix module autoload for platform drivers (bnc#1012382).
- ASoC: sirf: Fix potential NULL pointer dereference (bnc#1012382).
- Add reference to bsc#1091171 (bnc#1012382; bsc#1091171).
- Bluetooth: avoid killing an already killed socket (bnc#1012382).
- Bluetooth: btusb: Add a new Realtek 8723DE ID 2ff8:b011 (bnc#1012382).
- Bluetooth: btusb: Remove Yoga 920 from the btusb_needs_reset_resume_table (bsc#1087092).
- Bluetooth: btusb: Use DMI matching for QCA reset_resume quirking (bsc#1087092).
- Bluetooth: hci_qca: Fix 'Sleep inside atomic section' warning (bnc#1012382).
- Documentation/spec_ctrl: Do some minor cleanups (bnc#1012382).
- HID: hid-plantronics: Re-resend Update to map button for PTT products (bnc#1012382).
- HID: i2c-hid: check if device is there before really probing (bnc#1012382).
- HID: wacom: Correct touch maximum XY of 2nd-gen Intuos (bnc#1012382).
- IB/core: Make testing MR flags for writability a static inline function (bnc#1012382).
- IB/core: Remove duplicate declaration of gid_cache_wq (bsc#1056596).
- IB/iser: Do not reduce max_sectors (bsc#1063646).
- IB/mlx4: Fix an error handling path in 'mlx4_ib_rereg_user_mr()'.
- IB/mlx4: Mark user MR as writable if actual virtual memory is writable (bnc#1012382).
- IB/mlx5: Fetch soft WQE's on fatal error state (bsc#1015342 bsc#1015343).
- IB/mlx5: Use 'kvfree()' for memory allocated by 'kvzalloc()' (bsc#1015342 bsc#1015343).
- IB/ocrdma: fix out of bounds access to local buffer (bnc#1012382).
- Input: elan_i2c - add ACPI ID for lenovo ideapad 330 (bnc#1012382).
- Input: elan_i2c - add another ACPI ID for Lenovo Ideapad 330-15AST (bnc#1012382).
- Input: i8042 - add Lenovo LaVie Z to the i8042 reset list (bnc#1012382).
- KVM/Eventfd: Avoid crash when assign and deassign specific eventfd in parallel (bnc#1012382).
- KVM: MMU: always terminate page walks at level 1 (bsc#1062604).
- KVM: MMU: simplify last_pte_bitmap (bsc#1062604).
- KVM: VMX: Work around kABI breakage in 'enum vmx_l1d_flush_state' (bsc#1106369).
- KVM: VMX: fixes for vmentry_l1d_flush module parameter (bsc#1106369).
- KVM: arm/arm64: Skip updating PMD entry if no change (bnc#1012382).
- KVM: arm/arm64: Skip updating PTE entry if no change (bnc#1012382).
- KVM: irqfd: fix race between EPOLLHUP and irq_bypass_register_consumer (bnc#1012382).
- KVM: nVMX: update last_nonleaf_level when initializing nested EPT (bsc#1062604).
- MIPS: Correct the 64-bit DSP accumulator register size (bnc#1012382).
- MIPS: Fix off-by-one in pci_resource_to_user() (bnc#1012382).
- MIPS: ath79: fix register address in ath79_ddr_wb_flush() (bnc#1012382).
- MIPS: lib: Provide MIPS64r6 __multi3() for GCC lower than < 7 (bnc#1012382).
- NET: stmmac: align DMA stuff to largest cache line length (bnc#1012382).
- PCI: Prevent sysfs disable of device while driver is attached (bnc#1012382).
- PCI: Skip MPS logic for Virtual Functions (VFs) (bnc#1012382).
- PCI: hotplug: Do not leak pci_slot on registration failure (bnc#1012382).
- PCI: pciehp: Fix use-after-free on unplug (bnc#1012382).
- PCI: pciehp: Request control of native hotplug only if supported (bnc#1012382).
- PM / sleep: wakeup: Fix build error caused by missing SRCU support (bnc#1012382).
- RDMA/i40iw: Avoid panic when objects are being created and destroyed (bsc#969476 bsc#969477).
- RDMA/i40iw: Avoid panic when reading back the IRQ affinity hint (bsc#969476 bsc#969477).
- RDMA/i40iw: Avoid reference leaks when processing the AEQ (bsc#969476 bsc#969477).
- RDMA/i40w: Hold read semaphore while looking after VMA (bsc#1024376).
- RDMA/mad: Convert BUG_ONs to error flows (bnc#1012382).
- RDMA/mlx5: Use proper spec flow label type (bsc#1015342 bsc#1015343).
- Revert 'MIPS: BCM47XX: Enable 74K Core ExternalSync for PCIe erratum' (bnc#1012382).
- Revert 'UBIFS: Fix potential integer overflow in allocation' (bnc#1012382).
- Revert 'f2fs: handle dirty segments inside refresh_sit_entry' (bsc#1106281).
- Revert 'mm: page_alloc: skip over regions of invalid pfns where possible' (bnc#1107078).
- Revert 'block-cancel-workqueue-entries-on-blk_mq_freeze_queue' (bsc#1103717).
- Smack: Mark inode instant in smack_task_to_inode (bnc#1012382).
- USB: musb: fix external abort on suspend (bsc#1085536).
- USB: option: add support for DW5821e (bnc#1012382).
- USB: serial: metro-usb: stop I/O after failed open (bsc#1085539).
- USB: serial: sierra: fix potential deadlock at close (bnc#1012382).
- Workaround kABI breakage by __must_check drop of strscpy() (bsc#1107319).
- afs: Fix directory permissions check (bsc#1106283).
- arc: fix build errors in arc/include/asm/delay.h (bnc#1012382).
- arc: fix type warnings in arc/mm/cache.c (bnc#1012382).
- arm64: make secondary_start_kernel() notrace (bnc#1012382).
- arm64: mm: check for upper PAGE_SHIFT bits in pfn_valid() (bnc#1012382).
- ath: Add regulatory mapping for APL13_WORLD (bnc#1012382).
- ath: Add regulatory mapping for APL2_FCCA (bnc#1012382).
- ath: Add regulatory mapping for Bahamas (bnc#1012382).
- ath: Add regulatory mapping for Bermuda (bnc#1012382).
- ath: Add regulatory mapping for ETSI8_WORLD (bnc#1012382).
- ath: Add regulatory mapping for FCC3_ETSIC (bnc#1012382).
- ath: Add regulatory mapping for Serbia (bnc#1012382).
- ath: Add regulatory mapping for Tanzania (bnc#1012382).
- ath: Add regulatory mapping for Uganda (bnc#1012382).
- atl1c: reserve min skb headroom (bnc#1012382).
- atm: Preserve value of skb->truesize when accounting to vcc (bsc#1089066).
- audit: allow not equal op for audit by executable (bnc#1012382).
- backlight: as3711_bl: Fix Device Tree node leaks (bsc#1106929).
- backlight: lm3630a: Bump REG_MAX value to 0x50 instead of 0x1F (bsc#1106929).
- bcache: avoid unncessary cache prefetch bch_btree_node_get() (bsc#1064232).
- bcache: calculate the number of incremental GC nodes according to the total of btree nodes (bsc#1064232).
- bcache: display rate debug parameters to 0 when writeback is not running (bsc#1064232).
- bcache: do not check return value of debugfs_create_dir() (bsc#1064232).
- bcache: finish incremental GC (bsc#1064232).
- bcache: fix I/O significant decline while backend devices registering (bsc#1064232).
- bcache: fix error setting writeback_rate through sysfs interface (bsc#1064232).
- bcache: free heap cache_set->flush_btree in bch_journal_free (bsc#1064232).
- bcache: make the pr_err statement used for ENOENT only in sysfs_attatch section (bsc#1064232).
- bcache: release dc->writeback_lock properly in bch_writeback_thread() (bsc#1064232).
- bcache: set max writeback rate when I/O request is idle (bsc#1064232).
- bcache: simplify the calculation of the total amount of flash dirty data (bsc#1064232).
- be2net: remove unused old custom busy-poll fields (bsc#1021121 ).
- blkdev: __blkdev_direct_IO_simple: fix leak in error case (bsc#1083663).
- block: bio_iov_iter_get_pages: fix size of last iovec (bsc#1083663).
- block: bio_iov_iter_get_pages: pin more pages for multi-segment IOs (bsc#1083663).
- block: do not use interruptible wait anywhere (bnc#1012382).
- bnx2x: Fix invalid memory access in rss hash config path (bnc#1012382).
- bnx2x: Fix receiving tx-timeout in error or recovery state (bnc#1012382).
- bnxt_en: Always set output parameters in bnxt_get_max_rings() (bsc#963575).
- bnxt_en: Fix for system hang if request_irq fails (bnc#1012382).
- bnxt_en: Fix inconsistent BNXT_FLAG_AGG_RINGS logic (bsc#1020412 ).
- bpf: fix references to free_bpf_prog_info() in comments (bnc#1012382).
- brcmfmac: Add support for bcm43364 wireless chipset (bnc#1012382).
- brcmfmac: stop watchdog before detach and free everything (bnc#1012382).
- bridge: Propagate vlan add failure to user (bnc#1012382).
- btrfs: Do not remove block group still has pinned down bytes (bsc#1086457).
- btrfs: add barriers to btrfs_sync_log before log_commit_wait wakeups (bnc#1012382).
- btrfs: do not leak ret from do_chunk_alloc (bnc#1012382).
- btrfs: qgroup: Finish rescan when hit the last leaf of extent tree (bnc#1012382).
- btrfs: quota: Set rescan progress to (u64)-1 if we hit last leaf.
- btrfs: round down size diff when shrinking/growing device (bsc#1097105).
- can: ems_usb: Fix memory leak on ems_usb_disconnect() (bnc#1012382).
- can: mpc5xxx_can: check of_iomap return before use (bnc#1012382).
- can: xilinx_can: fix RX loop if RXNEMP is asserted without RXOK (bnc#1012382).
- can: xilinx_can: fix RX overflow interrupt not being enabled (bnc#1012382).
- can: xilinx_can: fix device dropping off bus on RX overrun (bnc#1012382).
- can: xilinx_can: fix incorrect clear of non-processed interrupts (bnc#1012382).
- can: xilinx_can: fix recovery from error states not being propagated (bnc#1012382).
- can: xilinx_can: keep only 1-2 frames in TX FIFO to fix TX accounting (bnc#1012382).
- cdrom: Fix info leak/OOB read in cdrom_ioctl_drive_status (bnc#1012382).
- ceph: fix incorrect use of strncpy (bsc#1107319).
- ceph: return errors from posix_acl_equiv_mode() correctly (bsc#1107320).
- cifs: Fix stack out-of-bounds in smb{2,3}_create_lease_buf() (bsc#1012382).
- cifs: add missing debug entries for kconfig options (bnc#1012382).
- cifs: check kmalloc before use (bsc#1012382).
- cifs: store the leaseKey in the fid on SMB2_open (bsc#1012382).
- clk: tegra: Fix PLL_U post divider and initial rate on Tegra30 (bnc#1012382).
- crypto: ablkcipher - fix crash flushing dcache in error path (bnc#1012382).
- crypto: authenc - do not leak pointers to authenc keys (bnc#1012382).
- crypto: authencesn - do not leak pointers to authenc keys (bnc#1012382).
- crypto: blkcipher - fix crash flushing dcache in error path (bnc#1012382).
- crypto: padlock-aes - Fix Nano workaround data corruption (bnc#1012382).
- crypto: vmac - require a block cipher with 128-bit block size (bnc#1012382).
- crypto: vmac - separate tfm and request context (bnc#1012382).
- crypto: vmx - Fix sleep-in-atomic bugs (bsc#1048317).
- cxgb4: when disabling dcb set txq dcb priority to 0 (bnc#1012382).
- cxl: Fix wrong comparison in cxl_adapter_context_get() (bsc#1055014).
- dccp: fix undefined behavior with 'cwnd' shift in ccid2_cwnd_restart() (bnc#1012382).
- disable loading f2fs module on PAGE_SIZE > 4KB (bnc#1012382).
- dm cache metadata: save in-core policy_hint_size to on-disk superblock (bnc#1012382).
- dma-iommu: Fix compilation when !CONFIG_IOMMU_DMA (bnc#1012382).
- dmaengine: k3dma: Off by one in k3_of_dma_simple_xlate() (bnc#1012382).
- dmaengine: pxa_dma: remove duplicate const qualifier (bnc#1012382).
- driver core: Partially revert 'driver core: correct device's shutdown order' (bnc#1012382).
- drivers: net: lmc: fix case value for target abort error (bnc#1012382).
- drm/armada: fix colorkey mode property (bnc#1012382).
- drm/atmel-hlcdc: check stride values in the first plane (bsc#1106929).
- drm/atomic: Handling the case when setting old crtc for plane (bnc#1012382).
- drm/bridge: adv7511: Reset registers on hotplug (bnc#1012382).
- drm/cirrus: Use drm_framebuffer_put to avoid kernel oops in clean-up (bsc#1101822).
- drm/drivers: add support for using the arch wc mapping API.
- drm/exynos/dsi: mask frame-done interrupt (bsc#1106929).
- drm/exynos: decon5433: Fix WINCONx reset value (bnc#1012382).
- drm/exynos: decon5433: Fix per-plane global alpha for XRGB modes (bnc#1012382).
- drm/exynos: gsc: Fix support for NV16/61, YUV420/YVU420 and YUV422 modes (bnc#1012382).
- drm/gma500: fix psb_intel_lvds_mode_valid()'s return type (bnc#1012382).
- drm/i915/userptr: reject zero user_size (bsc#1090888).
- drm/i915: Correctly handle limited range YCbCr data on VLV/CHV (bsc#1087092).
- drm/imx: fix typo in ipu_plane_formats (bsc#1106929).
- drm/imx: imx-ldb: check if channel is enabled before printing warning (bnc#1012382).
- drm/imx: imx-ldb: disable LDB on driver bind (bnc#1012382).
- drm/msm/hdmi: Use bitwise operators when building register values (bsc#1106929).
- drm/nouveau/gem: off by one bugs in nouveau_gem_pushbuf_reloc_apply() (bnc#1012382).
- drm/panel: type promotion bug in s6e8aa0_read_mtp_id() (bsc#1105769).
- drm/radeon: fix mode_valid's return type (bnc#1012382).
- drm: Add DP PSR2 sink enable bit (bnc#1012382).
- drm: Reject getfb for multi-plane framebuffers (bsc#1106929).
- enic: do not call enic_change_mtu in enic_probe
- enic: handle mtu change for vf properly (bnc#1012382).
- enic: initialize enic->rfs_h.lock in enic_probe (bnc#1012382).
- esp6: fix memleak on error path in esp6_input
- ext4: check for NUL characters in extended attribute's name (bnc#1012382).
- ext4: check for allocation block validity with block group locked (bsc#1104495).
- ext4: do not update s_last_mounted of a frozen fs (bsc#1101841).
- ext4: factor out helper ext4_sample_last_mounted() (bsc#1101841).
- ext4: fix check to prevent initializing reserved inodes (bsc#1104319).
- ext4: fix false negatives *and* false positives in ext4_check_descriptors() (bsc#1103445).
- ext4: fix inline data updates with checksums enabled (bsc#1104494).
- ext4: fix spectre gadget in ext4_mb_regular_allocator() (bnc#1012382).
- ext4: reset error code in ext4_find_entry in fallback (bnc#1012382).
- ext4: sysfs: print ext4_super_block fields as little-endian (bsc#1106229).
- f2fs: fix to do not trigger writeback during recovery (bnc#1012382).
- fat: fix memory allocation failure handling of match_strdup() (bnc#1012382).
- fb: fix lost console when the user unplugs a USB adapter (bnc#1012382).
- fbdev: omapfb: off by one in omapfb_register_client() (bsc#1106929).
- fix __legitimize_mnt()/mntput() race (bnc#1012382).
- fix mntput/mntput race (bnc#1012382).
- fork: unconditionally clear stack on fork (bnc#1012382).
- fs/9p/xattr.c: catch the error of p9_client_clunk when setting xattr failed (bnc#1012382).
- fs/dax.c: fix inefficiency in dax_writeback_mapping_range() (bsc#1106185).
- fs/quota: Fix spectre gadget in do_quotactl (bnc#1012382).
- fs: aio: fix the increment of aio-nr and counting against aio-max-nr (bsc#1068075, bsc#1078921).
- fuse: Add missed unlock_page() to fuse_readpages_fill() (bnc#1012382).
- fuse: Do not access pipe->buffers without pipe_lock() (bnc#1012382).
- fuse: Fix oops at process_init_reply() (bnc#1012382).
- fuse: fix double request_end() (bnc#1012382).
- fuse: fix unlocked access to processing queue (bnc#1012382).
- fuse: umount should wait for all requests (bnc#1012382).
- genirq/proc: Return proper error code when irq_set_affinity() fails (bnc#1105392).
- getxattr: use correct xattr length (bnc#1012382).
- hfsplus: Do not clear SGID when inheriting ACLs (bsc#1030552).
- hvc_opal: do not set tb_ticks_per_usec in udbg_init_opal_common() (bnc#1012382).
- hwrng: exynos - Disable runtime PM on driver unbind.
- i2c: davinci: Avoid zero value of CLKH (bnc#1012382).
- i2c: imx: Fix race condition in dma read (bnc#1012382).
- i2c: imx: Fix reinit_completion() use (bnc#1012382).
- i2c: ismt: fix wrong device address when unmap the data buffer (bnc#1012382).
- i40e: use cpumask_copy instead of direct assignment (bsc#1053685).
- i40iw: Fix memory leak in error path of create QP (bsc#969476 bsc#969477).
- i40iw: Use correct address in dst_neigh_lookup for IPv6 (bsc#969476 bsc#969477).
- ibmvnic: Include missing return code checks in reset function (bnc#1107966).
- ieee802154: at86rf230: switch from BUG_ON() to WARN_ON() on problem (bnc#1012382).
- ieee802154: at86rf230: use __func__ macro for debug messages (bnc#1012382).
- ieee802154: fakelb: switch from BUG_ON() to WARN_ON() on problem (bnc#1012382).
- igb: Fix not adding filter elements to the list (bsc#1024361 bsc#1024365).
- iio: ad9523: Fix displayed phase (bnc#1012382).
- iio: ad9523: Fix return value for ad952x_store() (bnc#1012382).
- inet: frag: enforce memory limits earlier (bnc#1012382 bsc#970506).
- iommu/amd: make sure TLB to be flushed before IOVA freed (bsc#1106105).
- iommu/vt-d: Add definitions for PFSID (bnc#1012382).
- iommu/vt-d: Fix dev iotlb pfsid use (bnc#1012382).
- iommu/vt-d: Ratelimit each dmar fault printing (bsc#1106105).
- ioremap: Update pgtable free interfaces with addr (bnc#1012382).
- ip: hash fragments consistently (bnc#1012382).
- ip: in cmsg IP(V6)_ORIGDSTADDR call pskb_may_pull (bnc#1012382).
- ipconfig: Correctly initialise ic_nameservers (bnc#1012382).
- ipv4+ipv6: Make INET*_ESP select CRYPTO_ECHAINIV (bnc#1012382).
- ipv4: Return EINVAL when ping_group_range sysctl does not map to user ns (bnc#1012382).
- ipv4: remove BUG_ON() from fib_compute_spec_dst (bnc#1012382).
- ipv6: fix useless rol32 call on hash (bnc#1012382).
- ipv6: mcast: fix unsolicited report interval after receiving querys (bnc#1012382).
- ipvlan: use ETH_MAX_MTU as max mtu (bsc#1033962).
- iscsi target: fix session creation failure handling (bnc#1012382).
- isdn: Disable IIOCDBGVAR (bnc#1012382).
- iw_cxgb4: remove duplicate memcpy() in c4iw_create_listen() (bsc#969476 bsc#969477).
- iwlwifi: pcie: fix race in Rx buffer allocator (bnc#1012382).
- ixgbe: Be more careful when modifying MAC filters (bnc#1012382).
- jfs: Do not clear SGID when inheriting ACLs (bsc#1030552).
- jump_label: Add RELEASE barrier after text changes (bsc#1105271).
- jump_label: Fix concurrent static_key_enable/disable() (bsc#1105271).
- jump_label: Move CPU hotplug locking (bsc#1105271).
- jump_label: Provide hotplug context variants (bsc#1105271).
- jump_label: Reduce the size of struct static_key (bsc#1105271).
- jump_label: Reorder hotplug lock and jump_label_lock (bsc#1105271).
- jump_label: Split out code under the hotplug lock (bsc#1105271).
- jump_label: remove bug.h, atomic.h dependencies for HAVE_JUMP_LABEL (bsc#1105271).
- kABI: protect enum tcp_ca_event (kabi).
- kABI: reexport tcp_send_ack (kabi).
- kabi/severities: Ignore missing cpu_tss_tramp (bsc#1099597)
- kabi: x86/speculation/l1tf: Increase l1tf memory limit for Nehalem+ (bnc#1105536).
- kasan: do not emit builtin calls when sanitization is off (bnc#1012382).
- kasan: fix shadow_size calculation error in kasan_module_alloc (bnc#1012382).
- kbuild: verify that $DEPMOD is installed (bnc#1012382).
- kernel: improve spectre mitigation (bnc#1106934, LTC#171029).
- kprobes/x86: Fix %p uses in error messages (bnc#1012382).
- kprobes: Make list and blacklist root user read only (bnc#1012382).
- kthread, tracing: Do not expose half-written comm when creating kthreads (bsc#1104897).
- kvm: x86: vmx: fix vpid leak (bnc#1012382).
- l2tp: use sk_dst_check() to avoid race on sk->sk_dst_cache (bnc#1012382).
- lib/rhashtable: consider param->min_size when setting initial table size (bnc#1012382).
- libata: Fix command retry decision (bnc#1012382).
- libceph: check authorizer reply/challenge length before reading (bsc#1096748).
- libceph: factor out __ceph_x_decrypt() (bsc#1096748).
- libceph: factor out __prepare_write_connect() (bsc#1096748).
- libceph: factor out encrypt_authorizer() (bsc#1096748).
- libceph: store ceph_auth_handshake pointer in ceph_connection (bsc#1096748).
- libceph: weaken sizeof check in ceph_x_verify_authorizer_reply() (bsc#1096748).
- llc: use refcount_inc_not_zero() for llc_sap_find() (bnc#1012382).
- locking/lockdep: Do not record IRQ state within lockdep code (bnc#1012382).
- locks: pass inode pointer to locks_free_lock_context (bsc@1099832).
- locks: prink more detail when there are leaked locks (bsc#1099832).
- locks: restore a warn for leaked locks on close (bsc#1099832).
- m68k: fix 'bad page state' oops on ColdFire boot (bnc#1012382).
- mac80211: add stations tied to AP_VLANs during hw reconfig (bnc#1012382).
- md/raid10: fix that replacement cannot complete recovery after reassemble (bnc#1012382).
- md: fix NULL dereference of mddev->pers in remove_and_add_spares() (bnc#1012382).
- media: omap3isp: fix unbalanced dma_iommu_mapping (bnc#1012382).
- media: rcar_jpu: Add missing clk_disable_unprepare() on error in jpu_open() (bnc#1012382).
- media: rtl28xxu: be sure that it won't go past the array size (bsc#1050431).
- media: s5p-jpeg: fix number of components macro (bsc#1050431).
- media: saa7164: Fix driver name in debug output (bnc#1012382).
- media: si470x: fix __be16 annotations (bnc#1012382).
- media: siano: get rid of __le32/__le16 cast warnings (bnc#1012382).
- media: staging: omap4iss: Include asm/cacheflush.h after generic includes (bnc#1012382).
- media: videobuf2-core: do not call memop 'finish' when queueing (bnc#1012382).
- memory: tegra: Apply interrupts mask per SoC (bnc#1012382).
- memory: tegra: Do not handle spurious interrupts (bnc#1012382).
- mfd: cros_ec: Fail early if we cannot identify the EC (bnc#1012382).
- microblaze: Fix simpleImage format generation (bnc#1012382).
- mm/hugetlb: filter out hugetlb pages if HUGEPAGE migration is not supported (bnc#1106697).
- mm/memory.c: check return value of ioremap_prot (bnc#1012382).
- mm/slub.c: add __printf verification to slab_err() (bnc#1012382).
- mm/tlb: Remove tlb_remove_table() non-concurrent condition (bnc#1012382).
- mm: Add vm_insert_pfn_prot() (bnc#1012382).
- mm: fix cache mode tracking in vm_insert_mixed() (bnc#1012382).
- mm: memcg: fix use after free in mem_cgroup_iter() (bnc#1012382).
- mm: vmalloc: avoid racy handling of debugobjects in vunmap (bnc#1012382).
- mm: x86: move _PAGE_SWP_SOFT_DIRTY from bit 7 to bit 1 (bnc#1012382).
- mtd: rawnand: fsl_ifc: fix FSL NAND driver to read all ONFI parameter pages (bnc#1012382).
- mtd: ubi: wl: Fix error return code in ubi_wl_init().
- mwifiex: correct histogram data with appropriate index (bnc#1012382).
- mwifiex: handle race during mwifiex_usb_disconnect (bnc#1012382).
- net/9p/client.c: version pointer uninitialized (bnc#1012382).
- net/9p/trans_fd.c: fix race-condition by flushing workqueue before the kfree() (bnc#1012382).
- net/ethernet/freescale/fman: fix cross-build error (bnc#1012382).
- net/ipv4: Set oif in fib_compute_spec_dst (bnc#1012382).
- net/mlx4_core: Save the qpn from the input modifier in RST2INIT wrapper (bnc#1012382).
- net/mlx5: Add missing SET_DRIVER_VERSION command translation (bsc#1015342 bsc#1015343).
- net/mlx5: E-Switch, Include VF RDMA stats in vport statistics (bsc#966170 bsc#966172).
- net/mlx5: Eswitch, Use 'kvfree()' for memory allocated by 'kvzalloc()' (bsc#1015342 bsc#1015343).
- net/mlx5: Fix wrong size allocation for QoS ETC TC regitster (bsc#966170 bsc#966172).
- net/mlx5: Vport, Use 'kvfree()' for memory allocated by 'kvzalloc()' (bsc#966170 bsc#966172).
- net/mlx5e: Do not allow aRFS for encapsulated packets (bsc#1015342 bsc#1015343).
- net/mlx5e: Err if asked to offload TC match on frag being first (bsc#1015342 bsc#1015343).
- net/mlx5e: Fix quota counting in aRFS expire flow (bsc#1015342 bsc#1015343).
- net/mlx5e: Refine ets validation function (bsc#966170 bsc#966172).
- net: 6lowpan: fix reserved space for single frames (bnc#1012382).
- net: Do not copy pfmemalloc flag in __copy_skb_header() (bnc#1012382).
- net: add skb_condense() helper (bsc#1089066).
- net: adjust skb->truesize in ___pskb_trim() (bsc#1089066).
- net: adjust skb->truesize in pskb_expand_head() (bsc#1089066).
- net: axienet: Fix double deregister of mdio (bnc#1012382).
- net: caif: Add a missing rcu_read_unlock() in caif_flow_cb (bnc#1012382).
- net: davinci_emac: match the mdio device against its compatible if possible (bnc#1012382).
- net: dsa: Do not suspend/resume closed slave_dev (bnc#1012382).
- net: ena: Fix use of uninitialized DMA address bits field (bsc#1027968).
- net: fix amd-xgbe flow-control issue (bnc#1012382).
- net: hamradio: use eth_broadcast_addr (bnc#1012382).
- net: lan78xx: Fix misplaced tasklet_schedule() call (bnc#1012382).
- net: lan78xx: fix rx handling before first packet is send (bnc#1012382).
- net: mac802154: tx: expand tailroom if necessary (bnc#1012382).
- net: phy: fix flag masking in __set_phy_supported (bnc#1012382).
- net: prevent ISA drivers from building on PPC32 (bnc#1012382).
- net: propagate dev_get_valid_name return code (bnc#1012382).
- net: qca_spi: Avoid packet drop during initial sync (bnc#1012382).
- net: qca_spi: Fix log level if probe fails (bnc#1012382).
- net: qca_spi: Make sure the QCA7000 reset is triggered (bnc#1012382).
- net: socket: fix potential spectre v1 gadget in socketcall (bnc#1012382).
- net: usb: rtl8150: demote allmulti message to dev_dbg() (bnc#1012382).
- net: vmxnet3: use new api ethtool_{get|set}_link_ksettings (bsc#1091860 bsc#1098253).
- net_sched: Fix missing res info when create new tc_index filter (bnc#1012382).
- net_sched: fix NULL pointer dereference when delete tcindex filter (bnc#1012382).
- netfilter: conntrack: dccp: treat SYNC/SYNCACK as invalid if no prior state (bnc#1012382).
- netfilter: ipset: List timing out entries with 'timeout 1' instead of zero (bnc#1012382).
- netfilter: ipv6: nf_defrag: reduce struct net memory waste (bnc#1012382).
- netfilter: ipvs: do not create conn for ABORT packet in sctp_conn_schedule (bsc#1102797).
- netfilter: ipvs: fix the issue that sctp_conn_schedule drops non-INIT packet (bsc#1102797).
- netfilter: x_tables: set module owner for icmp(6) matches (bnc#1012382).
- netlink: Do not shift on 64 for ngroups (bnc#1012382).
- netlink: Do not shift with UB on nlk->ngroups (bnc#1012382).
- netlink: Do not subscribe to non-existent groups (bnc#1012382).
- netlink: Fix spectre v1 gadget in netlink_create() (bnc#1012382).
- netlink: do not enter direct reclaim from netlink_trim() (bsc#1042286).
- nfsd: fix potential use-after-free in nfsd4_decode_getdeviceinfo (bnc#1012382).
- nl80211: Add a missing break in parse_station_flags (bnc#1012382).
- nohz: Fix local_timer_softirq_pending() (bnc#1012382).
- nvme-fc: release io queues to allow fast fail (bsc#1102486).
- nvme: if_ready checks to fail io to deleting controller (bsc#1102486).
- nvme: kABI-compliant version of nvmf_fail_nonready_command() (bsc#1102486).
- nvmet-fc: fix target sgl list on large transfers (bsc#1102486).
- osf_getdomainname(): use copy_to_user() (bnc#1012382).
- ovl: Do d_type check only if work dir creation was successful (bnc#1012382).
- ovl: Ensure upper filesystem supports d_type (bnc#1012382).
- ovl: warn instead of error if d_type is not supported (bnc#1012382).
- packet: refine ring v3 block size test to hold one frame (bnc#1012382).
- packet: reset network header if packet shorter than ll reserved space (bnc#1012382).
- parisc: Define mb() and add memory barriers to assembler unlock sequences (bnc#1012382).
- parisc: Enable CONFIG_MLONGCALLS by default (bnc#1012382).
- parisc: Remove ordered stores from syscall.S (bnc#1012382).
- parisc: Remove unnecessary barriers from spinlock.h (bnc#1012382).
- perf auxtrace: Fix queue resize (bnc#1012382).
- perf llvm-utils: Remove bashism from kernel include fetch script (bnc#1012382).
- perf report powerpc: Fix crash if callchain is empty (bnc#1012382).
- perf test session topology: Fix test on s390 (bnc#1012382).
- perf/x86/intel/uncore: Correct fixed counter index check for NHM (bnc#1012382).
- perf/x86/intel/uncore: Correct fixed counter index check in generic code (bnc#1012382).
- perf: fix invalid bit in diagnostic entry (bnc#1012382).
- pinctrl: at91-pio4: add missing of_node_put (bnc#1012382).
- pinctrl: freescale: off by one in imx1_pinconf_group_dbg_show() (bnc#1012382).
- pnfs/blocklayout: off by one in bl_map_stripe() (bnc#1012382).
- powerpc/32: Add a missing include header (bnc#1012382).
- powerpc/64s: Default l1d_size to 64K in RFI fallback flush (bsc#1068032).
- powerpc/64s: Fix compiler store ordering to SLB shadow area (bnc#1012382).
- powerpc/8xx: fix invalid register expression in head_8xx.S (bnc#1012382).
- powerpc/chrp/time: Make some functions static, add missing header include (bnc#1012382).
- powerpc/embedded6xx/hlwd-pic: Prevent interrupts from being handled by Starlet (bnc#1012382).
- powerpc/fadump: handle crash memory ranges array index overflow (bsc#1103269).
- powerpc/fadump: merge adjacent memory ranges to reduce PT_LOAD segements (bsc#1103269).
- powerpc/lib: Fix the feature fixup tests to actually work (bsc#1066223).
- powerpc/powermac: Add missing prototype for note_bootable_part() (bnc#1012382).
- powerpc/powermac: Mark variable x as unused (bnc#1012382).
- powerpc/pseries: Fix endianness while restoring of r3 in MCE handler (bnc#1012382).
- powerpc/topology: Get topology for shared processors at boot (bsc#1104683).
- powerpc64s: Show ori31 availability in spectre_v1 sysfs file not v2 (bsc#1068032, bsc#1080157).
- powerpc: Avoid code patching freed init sections (bnc#1107735).
- powerpc: make feature-fixup tests fortify-safe (bsc#1066223).
- provide special timeout module parameters for EC2 (bsc#1065364).
- ptp: fix missing break in switch (bnc#1012382).
- pwm: tiehrpwm: Fix disabling of output of PWMs (bnc#1012382).
- qed: Add sanity check for SIMD fastpath handler (bnc#1012382).
- qed: Correct Multicast API to reflect existence of 256 approximate buckets (bsc#1019695 bsc#1019699 bsc#1022604).
- qed: Do not advertise DCBX_LLD_MANAGED capability (bsc#1019695 bsc#1019699 bsc#1022604).
- qed: Fix possible memory leak in Rx error path handling (bsc#1019695 bsc#1019699 bsc#1022604 ).
- qed: Fix possible race for the link state value (bnc#1012382).
- qed: Fix setting of incorrect eswitch mode (bsc#1019695 bsc#1019699 bsc#1022604).
- qed: Fix use of incorrect size in memcpy call (bsc#1019695 bsc#1019699 bsc#1022604).
- qede: Adverstise software timestamp caps when PHC is not available (bsc#1019695 bsc#1019699 bsc#1022604).
- qlge: Fix netdev features configuration (bsc#1098822).
- qlogic: check kstrtoul() for errors (bnc#1012382).
- random: mix rdrand with entropy sent in from userspace (bnc#1012382).
- readahead: stricter check for bdi io_pages (VM Functionality).
- regulator: pfuze100: add .is_enable() for pfuze100_swb_regulator_ops (bnc#1012382).
- reiserfs: fix broken xattr handling (heap corruption, bad retval) (bnc#1012382).
- ring_buffer: tracing: Inherit the tracing setting to next ring buffer (bnc#1012382).
- root dentries need RCU-delayed freeing (bnc#1012382).
- rsi: Fix 'invalid vdd' warning in mmc (bnc#1012382).
- rtc: ensure rtc_set_alarm fails when alarms are not supported (bnc#1012382).
- rtnetlink: add rtnl_link_state check in rtnl_configure_link (bnc#1012382).
- s390/cpum_sf: Add data entry sizes to sampling trailer entry (bnc#1012382).
- s390/kvm: fix deadlock when killed by oom (bnc#1012382).
- s390/lib: use expoline for all bcr instructions (bnc#1106934, LTC#171029).
- s390/pci: fix out of bounds access during irq setup (bnc#1012382).
- s390/qdio: reset old sbal_state flags (bnc#1012382).
- s390/qeth: do not clobber buffer on async TX completion (bnc#1104485, LTC#170349).
- s390/qeth: fix race when setting MAC address (bnc#1104485, LTC#170726).
- s390: add explicit <linux/stringify.h> for jump label (bsc#1105271).
- s390: detect etoken facility (bnc#1106934, LTC#171029).
- s390: fix br_r1_trampoline for machines without exrl (bnc#1012382 bnc#1106934 LTC#171029).
- sched/fair: Avoid divide by zero when rebalancing domains (bsc#1096254).
- scripts/tar-up.sh: Do not package gitlog-excludes file Also fix the evaluation of gitlog-excludes file, too
- scsi: 3w-xxxx: fix a missing-check bug (bnc#1012382).
- scsi: core: Avoid that SCSI device removal through sysfs triggers a deadlock (bnc#1012382).
- scsi: fcoe: drop frames in ELS LOGO error path (bnc#1012382).
- scsi: hpsa: limit transfer length to 1MB, not 512kB (bsc#1102346).
- scsi: libiscsi: fix possible NULL pointer dereference in case of TMF (bnc#1012382).
- scsi: megaraid: silence a static checker bug (bnc#1012382).
- scsi: megaraid_sas: Increase timeout by 1 sec for non-RAID fastpath IOs (bnc#1012382).
- scsi: qla2xxx: Fix ISP recovery on unload (bnc#1012382).
- scsi: qla2xxx: Return error when TMF returns (bnc#1012382).
- scsi: scsi_dh: replace too broad 'TP9' string with the exact models (bnc#1012382).
- scsi: sr: Avoid that opening a CD-ROM hangs with runtime power management enabled (bnc#1012382).
- scsi: sysfs: Introduce sysfs_{un,}break_active_protection() (bnc#1012382).
- scsi: ufs: fix exception event handling (bnc#1012382).
- scsi: vmw_pvscsi: Return DID_RESET for status SAM_STAT_COMMAND_TERMINATED (bnc#1012382).
- scsi: xen-scsifront: add error handling for xenbus_printf (bnc#1012382).
- scsi_debug: call resp_XXX function after setting host_scribble (bsc#1069138).
- scsi_debug: reset injection flags for every_nth > 0 (bsc#1069138).
- selftest/seccomp: Fix the flag name SECCOMP_FILTER_FLAG_TSYNC (bnc#1012382).
- selftest/seccomp: Fix the seccomp(2) signature (bnc#1012382).
- selftests/ftrace: Add snapshot and tracing_on test case (bnc#1012382).
- selftests/x86/sigreturn/64: Fix spurious failures on AMD CPUs (bnc#1012382).
- selftests: pstore: return Kselftest Skip code for skipped tests (bnc#1012382).
- selftests: static_keys: return Kselftest Skip code for skipped tests (bnc#1012382).
- selftests: sync: add config fragment for testing sync framework (bnc#1012382).
- selftests: user: return Kselftest Skip code for skipped tests (bnc#1012382).
- selftests: zram: return Kselftest Skip code for skipped tests (bnc#1012382).
- serial: 8250_dw: always set baud rate in dw8250_set_termios (bnc#1012382).
- sfc: stop the TX queue before pushing new buffers (bsc#1017967 ).
- skbuff: Unconditionally copy pfmemalloc in __skb_clone() (bnc#1012382).
- slab: __GFP_ZERO is incompatible with a constructor (bnc#1107060).
- smb3: Do not send SMB3 SET_INFO if nothing changed (bnc#1012382).
- smb3: do not request leases in symlink creation and query (bnc#1012382).
- spi: davinci: fix a NULL pointer dereference (bnc#1012382).
- squashfs: be more careful about metadata corruption (bnc#1012382).
- squashfs: more metadata hardening (bnc#1012382).
- squashfs: more metadata hardenings (bnc#1012382).
- staging: android: ion: check for kref overflow (bnc#1012382).
- string: drop __must_check from strscpy() and restore strscpy() usages in cgroup (bsc#1107319).
- sys: do not hold uts_sem while accessing userspace memory (bnc#1106995).
- target_core_rbd: use RCU in free_device (bsc#1105524).
- tcp: Fix missing range_truesize enlargement in the backport (bnc#1012382).
- tcp: add max_quickacks param to tcp_incr_quickack and tcp_enter_quickack_mode (bnc#1012382).
- tcp: add one more quick ack after after ECN events (bnc#1012382).
- tcp: do not aggressively quick ack after ECN events (bnc#1012382).
- tcp: do not cancel delay-AcK on DCTCP special ACK (bnc#1012382).
- tcp: do not delay ACK in DCTCP upon CE status change (bnc#1012382).
- tcp: do not force quickack when receiving out-of-order packets (bnc#1012382).
- tcp: fix dctcp delayed ACK schedule (bnc#1012382).
- tcp: helpers to send special DCTCP ack (bnc#1012382).
- tcp: identify cryptic messages as TCP seq # bugs (bnc#1012382).
- tcp: refactor tcp_ecn_check_ce to remove sk type cast (bnc#1012382).
- tcp: remove DELAYED ACK events in DCTCP (bnc#1012382).
- tg3: Add higher cpu clock for 5762 (bnc#1012382).
- thermal: exynos: fix setting rising_threshold for Exynos5433 (bnc#1012382).
- timekeeping: Eliminate the stale declaration of ktime_get_raw_and_real_ts64() (bsc#969470).
- tools/power turbostat: Read extended processor family from CPUID (bnc#1012382).
- tools/power turbostat: fix -S on UP systems (bnc#1012382).
- tools: usb: ffs-test: Fix build on big endian systems (bnc#1012382).
- tpm: fix race condition in tpm_common_write() (bnc#1012382).
- tracing/blktrace: Fix to allow setting same value (bnc#1012382).
- tracing/kprobes: Fix trace_probe flags on enable_trace_kprobe() failure (bnc#1012382).
- tracing: Do not call start/stop() functions when tracing_on does not change (bnc#1012382).
- tracing: Fix double free of event_trigger_data (bnc#1012382).
- tracing: Fix possible double free in event_enable_trigger_func() (bnc#1012382).
- tracing: Quiet gcc warning about maybe unused link variable (bnc#1012382).
- tracing: Use __printf markup to silence compiler (bnc#1012382).
- tty: Fix data race in tty_insert_flip_string_fixed_flag (bnc#1012382).
- turn off -Wattribute-alias (bnc#1012382).
- ubi: Be more paranoid while seaching for the most recent Fastmap (bnc#1012382).
- ubi: Fix Fastmap's update_vol() (bnc#1012382).
- ubi: Fix races around ubi_refill_pools() (bnc#1012382).
- ubi: Introduce vol_ignored() (bnc#1012382).
- ubi: Rework Fastmap attach base code (bnc#1012382).
- ubi: fastmap: Erase outdated anchor PEBs during attach (bnc#1012382).
- ubifs: Check data node size before truncate (bsc#1106276).
- ubifs: Fix memory leak in lprobs self-check (bsc#1106278).
- ubifs: Fix synced_i_size calculation for xattr inodes (bsc#1106275).
- ubifs: xattr: Do not operate on deleted inodes (bsc#1106271).
- udl-kms: change down_interruptible to down (bnc#1012382).
- udl-kms: fix crash due to uninitialized memory (bnc#1012382).
- udl-kms: handle allocation failure (bnc#1012382).
- udlfb: set optimal write delay (bnc#1012382).
- uprobes: Use synchronize_rcu() not synchronize_sched() (bnc#1012382).
- usb/phy: fix PPC64 build errors in phy-fsl-usb.c (bnc#1012382).
- usb: audio-v2: Correct the comment for struct uac_clock_selector_descriptor (bsc#1099810).
- usb: cdc_acm: Add quirk for Castles VEGA3000 (bnc#1012382).
- usb: dwc2: debugfs: Do not touch RX FIFO during register dump (bsc#1100132).
- usb: dwc2: fix isoc split in transfer with no data (bnc#1012382).
- usb: gadget: composite: fix delayed_status race condition when set_interface (bnc#1012382).
- usb: gadget: dwc2: fix memory leak in gadget_init() (bnc#1012382).
- usb: gadget: f_fs: Only return delayed status when len is 0 (bnc#1012382).
- usb: gadget: f_uac2: fix endianness of 'struct cntrl_*_lay3' (bnc#1012382).
- usb: gadget: r8a66597: Fix a possible sleep-in-atomic-context bugs in r8a66597_queue() (bnc#1012382).
- usb: gadget: r8a66597: Fix two possible sleep-in-atomic-context bugs in init_controller() (bnc#1012382).
- usb: hub: Do not wait for connect state at resume for powered-off ports (bnc#1012382).
- usb: renesas_usbhs: gadget: fix spin_lock_init() for &uep->lock (bsc#1085536).
- usb: xhci: increase CRS timeout value (bnc#1012382).
- usbip: usbip_detach: Fix memory, udev context and udev leak (bnc#1012382).
- userns: move user access out of the mutex (bnc#1012382).
- vfs: add the sb_start_intwrite_trylock() helper (bsc#1101841).
- virtio_balloon: fix another race between migration and ballooning (bnc#1012382).
- vmw_balloon: VMCI_DOORBELL_SET does not check status (bnc#1012382).
- vmw_balloon: do not use 2MB without batching (bnc#1012382).
- vmw_balloon: fix VMCI use when balloon built into kernel (bnc#1012382).
- vmw_balloon: fix inflation of 64-bit GFNs (bnc#1012382).
- vmxnet3: Replace msleep(1) with usleep_range() (bsc#1091860 bsc#1098253).
- vmxnet3: add receive data ring support (bsc#1091860 bsc#1098253).
- vmxnet3: add support for get_coalesce, set_coalesce ethtool operations (bsc#1091860 bsc#1098253).
- vmxnet3: allow variable length transmit data ring buffer (bsc#1091860 bsc#1098253).
- vmxnet3: avoid assumption about invalid dma_pa in vmxnet3_set_mc() (bsc#1091860 bsc#1098253).
- vmxnet3: avoid format strint overflow warning (bsc#1091860 bsc#1098253).
- vmxnet3: avoid xmit reset due to a race in vmxnet3 (bsc#1091860 bsc#1098253).
- vmxnet3: fix incorrect dereference when rxvlan is disabled (bsc#1091860 bsc#1098253).
- vmxnet3: fix non static symbol warning (bsc#1091860 bsc#1098253).
- vmxnet3: fix tx data ring copy for variable size (bsc#1091860 bsc#1098253).
- vmxnet3: increase default rx ring sizes (bsc#1091860 bsc#1098253).
- vmxnet3: introduce command to register memory region (bsc#1091860 bsc#1098253).
- vmxnet3: introduce generalized command interface to configure the device (bsc#1091860 bsc#1098253).
- vmxnet3: prepare for version 3 changes (bsc#1091860 bsc#1098253).
- vmxnet3: remove redundant initialization of pointer 'rq' (bsc#1091860 bsc#1098253).
- vmxnet3: remove unused flag 'rxcsum' from struct vmxnet3_adapter (bsc#1091860 bsc#1098253).
- vmxnet3: set the DMA mask before the first DMA map operation (bsc#1091860 bsc#1098253).
- vmxnet3: update to version 3 (bsc#1091860 bsc#1098253).
- vmxnet3: use DMA memory barriers where required (bsc#1091860 bsc#1098253).
- vmxnet3: use correct flag to indicate LRO feature (bsc#1091860 bsc#1098253).
- vsock: split dwork to avoid reinitializations (bnc#1012382).
- vti6: Fix dev->max_mtu setting (bsc#1033962).
- vti6: fix PMTU caching and reporting on xmit (bnc#1012382).
- wlcore: sdio: check for valid platform device data before suspend (bnc#1012382).
- x86/MCE: Remove min interval polling limitation (bnc#1012382).
- x86/amd: do not set X86_BUG_SYSRET_SS_ATTRS when running under Xen (bnc#1012382).
- x86/asm/entry/32: Simplify pushes of zeroed pt_regs->REGs (bnc#1012382).
- x86/bugs: Move the l1tf function and define pr_fmt properly (bnc#1012382).
- x86/bugs: Respect nospec command line option (bsc#1068032).
- x86/cpu/AMD: Fix erratum 1076 (CPB bit) (bnc#1012382).
- x86/cpu: Make alternative_msr_write work for 32-bit code (bnc#1012382).
- x86/cpu: Re-apply forced caps every time CPU caps are re-read (bnc#1012382).
- x86/cpufeatures: Add CPUID_7_EDX CPUID leaf (bnc#1012382).
- x86/cpufeatures: Clean up Spectre v2 related CPUID flags (bnc#1012382).
- x86/entry/64/compat: Clear registers for compat syscalls, to reduce speculation attack surface (bnc#1012382).
- x86/entry/64: Remove %ebx handling from error_entry/exit (bnc#1102715).
- x86/init: fix build with CONFIG_SWAP=n (bnc#1012382).
- x86/irqflags: Mark native_restore_fl extern inline (bnc#1012382).
- x86/irqflags: Provide a declaration for native_save_fl.
- x86/mm/kmmio: Make the tracer robust against L1TF (bnc#1012382).
- x86/mm/pat: Fix L1TF stable backport for CPA (bnc#1012382).
- x86/mm/pat: Fix L1TF stable backport for CPA, 2nd call (bnc#1012382).
- x86/mm/pat: Make set_memory_np() L1TF safe (bnc#1012382).
- x86/mm: Add TLB purge to free pmd/pte page interfaces (bnc#1012382).
- x86/mm: Disable ioremap free page handling on x86-PAE (bnc#1012382).
- x86/mm: Give each mm TLB flush generation a unique ID (bnc#1012382).
- x86/paravirt: Fix spectre-v2 mitigations for paravirt guests (bnc#1012382).
- x86/paravirt: Make native_save_fl() extern inline (bnc#1012382).
- x86/process: Correct and optimize TIF_BLOCKSTEP switch (bnc#1012382).
- x86/process: Optimize TIF checks in __switch_to_xtra() (bnc#1012382).
- x86/process: Optimize TIF_NOTSC switch (bnc#1012382).
- x86/process: Re-export start_thread() (bnc#1012382).
- x86/spectre: Add missing family 6 check to microcode check (bnc#1012382).
- x86/spectre_v2: Do not check microcode versions when running under hypervisors (bnc#1012382).
- x86/speculation/l1tf: Exempt zeroed PTEs from inversion (bnc#1012382).
- x86/speculation/l1tf: Extend 64bit swap file size limit (bnc#1012382).
- x86/speculation/l1tf: Fix off-by-one error when warning that system has too much RAM (bnc#1105536).
- x86/speculation/l1tf: Fix overflow in l1tf_pfn_limit() on 32bit (bnc#1012382).
- x86/speculation/l1tf: Fix up CPU feature flags (bnc#1012382).
- x86/speculation/l1tf: Fix up pte->pfn conversion for PAE (bnc#1012382).
- x86/speculation/l1tf: Increase l1tf memory limit for Nehalem+ (bnc#1105536).
- x86/speculation/l1tf: Invert all not present mappings (bnc#1012382).
- x86/speculation/l1tf: Make pmd/pud_mknotpresent() invert (bnc#1012382).
- x86/speculation/l1tf: Protect PAE swap entries against L1TF (bnc#1012382).
- x86/speculation/l1tf: Suggest what to do on systems with too much RAM (bnc#1105536).
- x86/speculation/l1tf: Unbreak !__HAVE_ARCH_PFN_MODIFY_ALLOWED architectures (bnc#1012382).
- x86/speculation: Add <asm/msr-index.h> dependency (bnc#1012382).
- x86/speculation: Add basic IBPB (Indirect Branch Prediction Barrier) support (bnc#1012382).
- x86/speculation: Clean up various Spectre related details (bnc#1012382).
- x86/speculation: Correct Speculation Control microcode blacklist again (bnc#1012382).
- x86/speculation: Move firmware_restrict_branch_speculation_*() from C to CPP (bnc#1012382).
- x86/speculation: Update Speculation Control microcode blacklist (bnc#1012382).
- x86/speculation: Use ARCH_CAPABILITIES to skip L1D flush on vmentry (bsc#1106369).
- x86/speculation: Use IBRS if available before calling into firmware (bnc#1012382).
- x86/speculation: Use Indirect Branch Prediction Barrier in context switch (bnc#1012382).
- x86/xen: Add call of speculative_store_bypass_ht_init() to PV paths (bnc#1012382).
- xen-netfront: wait xenbus state change when load module manually (bnc#1012382).
- xen/blkback: do not keep persistent grants too long (bsc#1085042).
- xen/blkback: move persistent grants flags to bool (bsc#1085042).
- xen/blkfront: cleanup stale persistent grants (bsc#1085042).
- xen/blkfront: reorder tests in xlblk_init() (bsc#1085042).
- xen/netfront: do not cache skb_shinfo() (bnc#1012382).
- xen: set cpu capabilities from xen_start_kernel() (bnc#1012382).
- xfrm: fix missing dst_release() after policy blocking lbcast and multicast (bnc#1012382).
- xfrm: free skb if nlsk pointer is NULL (bnc#1012382).
- xfrm_user: prevent leaking 2 bytes of kernel memory (bnc#1012382).
- xfs: Remove dead code from inode recover function (bsc#1105396).
- xfs: repair malformed inode items during log recovery (bsc#1105396).
- xhci: Fix perceived dead host due to runtime suspend race with event handler (bnc#1012382).
- zswap: re-check zswap_is_full() after do zswap_shrink() (bnc#1012382).
Patchnames
SUSE-SLE-Live-Patching-12-SP3-2018-1941
Terms of use
CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).
{ document: { aggregate_severity: { namespace: "https://www.suse.com/support/security/rating/", text: "important", }, category: "csaf_security_advisory", csaf_version: "2.0", distribution: { text: "Copyright 2024 SUSE LLC. All rights reserved.", tlp: { label: "WHITE", url: "https://www.first.org/tlp/", }, }, lang: "en", notes: [ { category: "summary", text: "Security update for the Linux Kernel", title: "Title of the patch", }, { category: "description", text: "\nThe SUSE Linux Enterprise 12 SP3 kernel was updated to 4.4.155 to receive various security and bugfixes.\n\nThe following security bugs were fixed:\n\n- CVE-2018-13093: Prevent NULL pointer dereference and panic in lookup_slow()\n on a NULL inode->i_ops pointer when doing pathwalks on a corrupted xfs image.\n This occured because of a lack of proper validation that cached inodes are free\n during allocation (bnc#1100001).\n- CVE-2018-13095: Prevent denial of service (memory corruption and BUG) that\n could have occurred for a corrupted xfs image upon encountering an inode that\n is in extent format, but has more extents than fit in the inode fork\n (bnc#1099999).\n- CVE-2018-13094: Prevent OOPS that may have occured for a corrupted xfs image\n after xfs_da_shrink_inode() is called with a NULL bp (bnc#1100000).\n- CVE-2018-12896: Prevent integer overflow in the POSIX timer code that was\n caused by the way the overrun accounting works. Depending on interval and\n expiry time values, the overrun can be larger than INT_MAX, but the accounting\n is int based. This basically made the accounting values, which are visible to\n user space via timer_getoverrun(2) and siginfo::si_overrun, random. This\n allowed a local user to cause a denial of service (signed integer overflow) via\n crafted mmap, futex, timer_create, and timer_settime system calls\n (bnc#1099922).\n- CVE-2018-16658: Prevent information leak in cdrom_ioctl_drive_status that\n could have been used by local attackers to read kernel memory (bnc#1107689).\n- CVE-2018-6555: The irda_setsockopt function allowed local users to cause a\n denial of service (ias_object use-after-free and system crash) or possibly have\n unspecified other impact via an AF_IRDA socket (bnc#1106511).\n- CVE-2018-6554: Prevent memory leak in the irda_bind function that allowed\n local users to cause a denial of service (memory consumption) by repeatedly\n binding an AF_IRDA socket (bnc#1106509).\n- CVE-2018-1129: A flaw was found in the way signature calculation was handled\n by cephx authentication protocol. An attacker having access to ceph cluster\n network who is able to alter the message payload was able to bypass signature\n checks done by cephx protocol (bnc#1096748).\n- CVE-2018-1128: It was found that cephx authentication protocol did not verify\n ceph clients correctly and was vulnerable to replay attack. Any attacker having\n access to ceph cluster network who is able to sniff packets on network can use\n this vulnerability to authenticate with ceph service and perform actions\n allowed by ceph service (bnc#1096748).\n- CVE-2018-10938: A crafted network packet sent remotely by an attacker forced\n the kernel to enter an infinite loop in the cipso_v4_optptr() function leading\n to a denial-of-service (bnc#1106016).\n- CVE-2018-15572: The spectre_v2_select_mitigation function did not always fill\n RSB upon a context switch, which made it easier for attackers to conduct\n userspace-userspace spectreRSB attacks (bnc#1102517).\n- CVE-2018-10902: Protect against concurrent access to prevent double realloc\n (double free) in snd_rawmidi_input_params() and snd_rawmidi_output_status(). A\n malicious local attacker could have used this for privilege escalation\n (bnc#1105322 1105323).\n- CVE-2018-9363: Prevent buffer overflow in hidp_process_report (bsc#1105292)\n- CVE-2018-10883: A local user could have caused an out-of-bounds write in\n jbd2_journal_dirty_metadata(), a denial of service, and a system crash by\n mounting and operating on a crafted ext4 filesystem image (bsc#1099863).\n- CVE-2018-10879: A local user could have caused a use-after-free in\n ext4_xattr_set_entry function and a denial of service or unspecified other\n impact by renaming a file in a crafted ext4 filesystem image (bsc#1099844).\n- CVE-2018-10878: A local user could have caused an out-of-bounds write and a\n denial of service or unspecified other impact by mounting and operating a\n crafted ext4 filesystem image (bsc#1099813).\n- CVE-2018-10876: A use-after-free was possible in ext4_ext_remove_space()\n function when mounting and operating a crafted ext4 image (bsc#1099811).\n- CVE-2018-10877: Prevent out-of-bound access in the ext4_ext_drop_refs()\n function when operating on a crafted ext4 filesystem image (bsc#1099846).\n- CVE-2018-10881: A local user could have caused an out-of-bound access in\n ext4_get_group_info function, a denial of service, and a system crash by\n mounting and operating on a crafted ext4 filesystem image (bsc#1099864).\n- CVE-2018-10882: A local user could have caused an out-of-bound write, a\n denial of service, and a system crash by unmounting a crafted ext4 filesystem\n image (bsc#1099849).\n- CVE-2018-10880: Prevent stack-out-of-bounds write in the ext4 filesystem code\n when mounting and writing to a crafted ext4 image in ext4_update_inline_data().\n An attacker could have used this to cause a system crash and a denial of\n service (bsc#1099845).\n\nThe following non-security bugs were fixed:\n\n- 9p/net: Fix zero-copy path in the 9p virtio transport (bnc#1012382).\n- 9p/virtio: fix off-by-one error in sg list bounds check (bnc#1012382).\n- 9p: fix multiple NULL-pointer-dereferences (bnc#1012382).\n- ACPI / LPSS: Add missing prv_offset setting for byt/cht PWM devices (bnc#1012382).\n- ACPI / PCI: Bail early in acpi_pci_add_bus() if there is no ACPI handle (bnc#1012382).\n- ACPI / PM: save NVS memory for ASUS 1025C laptop (bnc#1012382).\n- ACPI: save NVS memory for Lenovo G50-45 (bnc#1012382).\n- ALSA: cs5535audio: Fix invalid endian conversion (bnc#1012382).\n- ALSA: emu10k1: Rate-limit error messages about page errors (bnc#1012382).\n- ALSA: emu10k1: add error handling for snd_ctl_add (bnc#1012382).\n- ALSA: fm801: add error handling for snd_ctl_add (bnc#1012382).\n- ALSA: hda - Sleep for 10ms after entering D3 on Conexant codecs (bnc#1012382).\n- ALSA: hda - Turn CX8200 into D3 as well upon reboot (bnc#1012382).\n- ALSA: hda/ca0132: fix build failure when a local macro is defined (bnc#1012382).\n- ALSA: hda: Correct Asrock B85M-ITX power_save blacklist entry (bnc#1012382).\n- ALSA: memalloc: Do not exceed over the requested size (bnc#1012382).\n- ALSA: rawmidi: Change resized buffers atomically (bnc#1012382).\n- ALSA: snd-aoa: add of_node_put() in error path (bsc#1099810).\n- ALSA: usb-audio: Apply rate limit to warning messages in URB complete callback (bnc#1012382).\n- ALSA: virmidi: Fix too long output trigger loop (bnc#1012382).\n- ALSA: vx222: Fix invalid endian conversions (bnc#1012382).\n- ALSA: vxpocket: Fix invalid endian conversions (bnc#1012382).\n- ARC: Enable machine_desc->init_per_cpu for !CONFIG_SMP (bnc#1012382).\n- ARC: Explicitly add -mmedium-calls to CFLAGS (bnc#1012382).\n- ARC: Fix CONFIG_SWAP (bnc#1012382).\n- ARC: mm: allow mprotect to make stack mappings executable (bnc#1012382).\n- ARM: 8780/1: ftrace: Only set kernel memory back to read-only after boot (bnc#1012382).\n- ARM: dts: Cygnus: Fix I2C controller interrupt type (bnc#1012382).\n- ARM: dts: am3517.dtsi: Disable reference to OMAP3 OTG controller (bnc#1012382).\n- ARM: dts: am437x: make edt-ft5x06 a wakeup source (bnc#1012382).\n- ARM: dts: da850: Fix interrups property for gpio (bnc#1012382).\n- ARM: dts: imx6sx: fix irq for pcie bridge (bnc#1012382).\n- ARM: fix put_user() for gcc-8 (bnc#1012382).\n- ARM: imx_v4_v5_defconfig: Select ULPI support (bnc#1012382).\n- ARM: imx_v6_v7_defconfig: Select ULPI support (bnc#1012382).\n- ARM: pxa: irq: fix handling of ICMR registers in suspend/resume (bnc#1012382).\n- ARM: tegra: Fix Tegra30 Cardhu PCA954x reset (bnc#1012382).\n- ASoC: Intel: cht_bsw_max98090: remove useless code, align with ChromeOS driver.\n- ASoC: Intel: cht_bsw_max98090_ti: Fix jack initialization (bnc#1012382).\n- ASoC: dpcm: do not merge format from invalid codec dai (bnc#1012382).\n- ASoC: dpcm: fix BE dai not hw_free and shutdown (bnc#1012382).\n- ASoC: pxa: Fix module autoload for platform drivers (bnc#1012382).\n- ASoC: sirf: Fix potential NULL pointer dereference (bnc#1012382).\n- Add reference to bsc#1091171 (bnc#1012382; bsc#1091171).\n- Bluetooth: avoid killing an already killed socket (bnc#1012382).\n- Bluetooth: btusb: Add a new Realtek 8723DE ID 2ff8:b011 (bnc#1012382).\n- Bluetooth: btusb: Remove Yoga 920 from the btusb_needs_reset_resume_table (bsc#1087092).\n- Bluetooth: btusb: Use DMI matching for QCA reset_resume quirking (bsc#1087092).\n- Bluetooth: hci_qca: Fix 'Sleep inside atomic section' warning (bnc#1012382).\n- Documentation/spec_ctrl: Do some minor cleanups (bnc#1012382).\n- HID: hid-plantronics: Re-resend Update to map button for PTT products (bnc#1012382).\n- HID: i2c-hid: check if device is there before really probing (bnc#1012382).\n- HID: wacom: Correct touch maximum XY of 2nd-gen Intuos (bnc#1012382).\n- IB/core: Make testing MR flags for writability a static inline function (bnc#1012382).\n- IB/core: Remove duplicate declaration of gid_cache_wq (bsc#1056596).\n- IB/iser: Do not reduce max_sectors (bsc#1063646).\n- IB/mlx4: Fix an error handling path in 'mlx4_ib_rereg_user_mr()'.\n- IB/mlx4: Mark user MR as writable if actual virtual memory is writable (bnc#1012382).\n- IB/mlx5: Fetch soft WQE's on fatal error state (bsc#1015342 bsc#1015343).\n- IB/mlx5: Use 'kvfree()' for memory allocated by 'kvzalloc()' (bsc#1015342 bsc#1015343).\n- IB/ocrdma: fix out of bounds access to local buffer (bnc#1012382).\n- Input: elan_i2c - add ACPI ID for lenovo ideapad 330 (bnc#1012382).\n- Input: elan_i2c - add another ACPI ID for Lenovo Ideapad 330-15AST (bnc#1012382).\n- Input: i8042 - add Lenovo LaVie Z to the i8042 reset list (bnc#1012382).\n- KVM/Eventfd: Avoid crash when assign and deassign specific eventfd in parallel (bnc#1012382).\n- KVM: MMU: always terminate page walks at level 1 (bsc#1062604).\n- KVM: MMU: simplify last_pte_bitmap (bsc#1062604).\n- KVM: VMX: Work around kABI breakage in 'enum vmx_l1d_flush_state' (bsc#1106369).\n- KVM: VMX: fixes for vmentry_l1d_flush module parameter (bsc#1106369).\n- KVM: arm/arm64: Skip updating PMD entry if no change (bnc#1012382).\n- KVM: arm/arm64: Skip updating PTE entry if no change (bnc#1012382).\n- KVM: irqfd: fix race between EPOLLHUP and irq_bypass_register_consumer (bnc#1012382).\n- KVM: nVMX: update last_nonleaf_level when initializing nested EPT (bsc#1062604).\n- MIPS: Correct the 64-bit DSP accumulator register size (bnc#1012382).\n- MIPS: Fix off-by-one in pci_resource_to_user() (bnc#1012382).\n- MIPS: ath79: fix register address in ath79_ddr_wb_flush() (bnc#1012382).\n- MIPS: lib: Provide MIPS64r6 __multi3() for GCC lower than < 7 (bnc#1012382).\n- NET: stmmac: align DMA stuff to largest cache line length (bnc#1012382).\n- PCI: Prevent sysfs disable of device while driver is attached (bnc#1012382).\n- PCI: Skip MPS logic for Virtual Functions (VFs) (bnc#1012382).\n- PCI: hotplug: Do not leak pci_slot on registration failure (bnc#1012382).\n- PCI: pciehp: Fix use-after-free on unplug (bnc#1012382).\n- PCI: pciehp: Request control of native hotplug only if supported (bnc#1012382).\n- PM / sleep: wakeup: Fix build error caused by missing SRCU support (bnc#1012382).\n- RDMA/i40iw: Avoid panic when objects are being created and destroyed (bsc#969476 bsc#969477).\n- RDMA/i40iw: Avoid panic when reading back the IRQ affinity hint (bsc#969476 bsc#969477).\n- RDMA/i40iw: Avoid reference leaks when processing the AEQ (bsc#969476 bsc#969477).\n- RDMA/i40w: Hold read semaphore while looking after VMA (bsc#1024376).\n- RDMA/mad: Convert BUG_ONs to error flows (bnc#1012382).\n- RDMA/mlx5: Use proper spec flow label type (bsc#1015342 bsc#1015343).\n- Revert 'MIPS: BCM47XX: Enable 74K Core ExternalSync for PCIe erratum' (bnc#1012382).\n- Revert 'UBIFS: Fix potential integer overflow in allocation' (bnc#1012382).\n- Revert 'f2fs: handle dirty segments inside refresh_sit_entry' (bsc#1106281).\n- Revert 'mm: page_alloc: skip over regions of invalid pfns where possible' (bnc#1107078).\n- Revert 'block-cancel-workqueue-entries-on-blk_mq_freeze_queue' (bsc#1103717).\n- Smack: Mark inode instant in smack_task_to_inode (bnc#1012382).\n- USB: musb: fix external abort on suspend (bsc#1085536).\n- USB: option: add support for DW5821e (bnc#1012382).\n- USB: serial: metro-usb: stop I/O after failed open (bsc#1085539).\n- USB: serial: sierra: fix potential deadlock at close (bnc#1012382).\n- Workaround kABI breakage by __must_check drop of strscpy() (bsc#1107319).\n- afs: Fix directory permissions check (bsc#1106283).\n- arc: fix build errors in arc/include/asm/delay.h (bnc#1012382).\n- arc: fix type warnings in arc/mm/cache.c (bnc#1012382).\n- arm64: make secondary_start_kernel() notrace (bnc#1012382).\n- arm64: mm: check for upper PAGE_SHIFT bits in pfn_valid() (bnc#1012382).\n- ath: Add regulatory mapping for APL13_WORLD (bnc#1012382).\n- ath: Add regulatory mapping for APL2_FCCA (bnc#1012382).\n- ath: Add regulatory mapping for Bahamas (bnc#1012382).\n- ath: Add regulatory mapping for Bermuda (bnc#1012382).\n- ath: Add regulatory mapping for ETSI8_WORLD (bnc#1012382).\n- ath: Add regulatory mapping for FCC3_ETSIC (bnc#1012382).\n- ath: Add regulatory mapping for Serbia (bnc#1012382).\n- ath: Add regulatory mapping for Tanzania (bnc#1012382).\n- ath: Add regulatory mapping for Uganda (bnc#1012382).\n- atl1c: reserve min skb headroom (bnc#1012382).\n- atm: Preserve value of skb->truesize when accounting to vcc (bsc#1089066).\n- audit: allow not equal op for audit by executable (bnc#1012382).\n- backlight: as3711_bl: Fix Device Tree node leaks (bsc#1106929).\n- backlight: lm3630a: Bump REG_MAX value to 0x50 instead of 0x1F (bsc#1106929).\n- bcache: avoid unncessary cache prefetch bch_btree_node_get() (bsc#1064232).\n- bcache: calculate the number of incremental GC nodes according to the total of btree nodes (bsc#1064232).\n- bcache: display rate debug parameters to 0 when writeback is not running (bsc#1064232).\n- bcache: do not check return value of debugfs_create_dir() (bsc#1064232).\n- bcache: finish incremental GC (bsc#1064232).\n- bcache: fix I/O significant decline while backend devices registering (bsc#1064232).\n- bcache: fix error setting writeback_rate through sysfs interface (bsc#1064232).\n- bcache: free heap cache_set->flush_btree in bch_journal_free (bsc#1064232).\n- bcache: make the pr_err statement used for ENOENT only in sysfs_attatch section (bsc#1064232).\n- bcache: release dc->writeback_lock properly in bch_writeback_thread() (bsc#1064232).\n- bcache: set max writeback rate when I/O request is idle (bsc#1064232).\n- bcache: simplify the calculation of the total amount of flash dirty data (bsc#1064232).\n- be2net: remove unused old custom busy-poll fields (bsc#1021121 ).\n- blkdev: __blkdev_direct_IO_simple: fix leak in error case (bsc#1083663).\n- block: bio_iov_iter_get_pages: fix size of last iovec (bsc#1083663).\n- block: bio_iov_iter_get_pages: pin more pages for multi-segment IOs (bsc#1083663).\n- block: do not use interruptible wait anywhere (bnc#1012382).\n- bnx2x: Fix invalid memory access in rss hash config path (bnc#1012382).\n- bnx2x: Fix receiving tx-timeout in error or recovery state (bnc#1012382).\n- bnxt_en: Always set output parameters in bnxt_get_max_rings() (bsc#963575).\n- bnxt_en: Fix for system hang if request_irq fails (bnc#1012382).\n- bnxt_en: Fix inconsistent BNXT_FLAG_AGG_RINGS logic (bsc#1020412 ).\n- bpf: fix references to free_bpf_prog_info() in comments (bnc#1012382).\n- brcmfmac: Add support for bcm43364 wireless chipset (bnc#1012382).\n- brcmfmac: stop watchdog before detach and free everything (bnc#1012382).\n- bridge: Propagate vlan add failure to user (bnc#1012382).\n- btrfs: Do not remove block group still has pinned down bytes (bsc#1086457).\n- btrfs: add barriers to btrfs_sync_log before log_commit_wait wakeups (bnc#1012382).\n- btrfs: do not leak ret from do_chunk_alloc (bnc#1012382).\n- btrfs: qgroup: Finish rescan when hit the last leaf of extent tree (bnc#1012382).\n- btrfs: quota: Set rescan progress to (u64)-1 if we hit last leaf.\n- btrfs: round down size diff when shrinking/growing device (bsc#1097105).\n- can: ems_usb: Fix memory leak on ems_usb_disconnect() (bnc#1012382).\n- can: mpc5xxx_can: check of_iomap return before use (bnc#1012382).\n- can: xilinx_can: fix RX loop if RXNEMP is asserted without RXOK (bnc#1012382).\n- can: xilinx_can: fix RX overflow interrupt not being enabled (bnc#1012382).\n- can: xilinx_can: fix device dropping off bus on RX overrun (bnc#1012382).\n- can: xilinx_can: fix incorrect clear of non-processed interrupts (bnc#1012382).\n- can: xilinx_can: fix recovery from error states not being propagated (bnc#1012382).\n- can: xilinx_can: keep only 1-2 frames in TX FIFO to fix TX accounting (bnc#1012382).\n- cdrom: Fix info leak/OOB read in cdrom_ioctl_drive_status (bnc#1012382).\n- ceph: fix incorrect use of strncpy (bsc#1107319).\n- ceph: return errors from posix_acl_equiv_mode() correctly (bsc#1107320).\n- cifs: Fix stack out-of-bounds in smb{2,3}_create_lease_buf() (bsc#1012382).\n- cifs: add missing debug entries for kconfig options (bnc#1012382).\n- cifs: check kmalloc before use (bsc#1012382).\n- cifs: store the leaseKey in the fid on SMB2_open (bsc#1012382).\n- clk: tegra: Fix PLL_U post divider and initial rate on Tegra30 (bnc#1012382).\n- crypto: ablkcipher - fix crash flushing dcache in error path (bnc#1012382).\n- crypto: authenc - do not leak pointers to authenc keys (bnc#1012382).\n- crypto: authencesn - do not leak pointers to authenc keys (bnc#1012382).\n- crypto: blkcipher - fix crash flushing dcache in error path (bnc#1012382).\n- crypto: padlock-aes - Fix Nano workaround data corruption (bnc#1012382).\n- crypto: vmac - require a block cipher with 128-bit block size (bnc#1012382).\n- crypto: vmac - separate tfm and request context (bnc#1012382).\n- crypto: vmx - Fix sleep-in-atomic bugs (bsc#1048317).\n- cxgb4: when disabling dcb set txq dcb priority to 0 (bnc#1012382).\n- cxl: Fix wrong comparison in cxl_adapter_context_get() (bsc#1055014).\n- dccp: fix undefined behavior with 'cwnd' shift in ccid2_cwnd_restart() (bnc#1012382).\n- disable loading f2fs module on PAGE_SIZE > 4KB (bnc#1012382).\n- dm cache metadata: save in-core policy_hint_size to on-disk superblock (bnc#1012382).\n- dma-iommu: Fix compilation when !CONFIG_IOMMU_DMA (bnc#1012382).\n- dmaengine: k3dma: Off by one in k3_of_dma_simple_xlate() (bnc#1012382).\n- dmaengine: pxa_dma: remove duplicate const qualifier (bnc#1012382).\n- driver core: Partially revert 'driver core: correct device's shutdown order' (bnc#1012382).\n- drivers: net: lmc: fix case value for target abort error (bnc#1012382).\n- drm/armada: fix colorkey mode property (bnc#1012382).\n- drm/atmel-hlcdc: check stride values in the first plane (bsc#1106929).\n- drm/atomic: Handling the case when setting old crtc for plane (bnc#1012382).\n- drm/bridge: adv7511: Reset registers on hotplug (bnc#1012382).\n- drm/cirrus: Use drm_framebuffer_put to avoid kernel oops in clean-up (bsc#1101822).\n- drm/drivers: add support for using the arch wc mapping API.\n- drm/exynos/dsi: mask frame-done interrupt (bsc#1106929).\n- drm/exynos: decon5433: Fix WINCONx reset value (bnc#1012382).\n- drm/exynos: decon5433: Fix per-plane global alpha for XRGB modes (bnc#1012382).\n- drm/exynos: gsc: Fix support for NV16/61, YUV420/YVU420 and YUV422 modes (bnc#1012382).\n- drm/gma500: fix psb_intel_lvds_mode_valid()'s return type (bnc#1012382).\n- drm/i915/userptr: reject zero user_size (bsc#1090888).\n- drm/i915: Correctly handle limited range YCbCr data on VLV/CHV (bsc#1087092).\n- drm/imx: fix typo in ipu_plane_formats (bsc#1106929).\n- drm/imx: imx-ldb: check if channel is enabled before printing warning (bnc#1012382).\n- drm/imx: imx-ldb: disable LDB on driver bind (bnc#1012382).\n- drm/msm/hdmi: Use bitwise operators when building register values (bsc#1106929).\n- drm/nouveau/gem: off by one bugs in nouveau_gem_pushbuf_reloc_apply() (bnc#1012382).\n- drm/panel: type promotion bug in s6e8aa0_read_mtp_id() (bsc#1105769).\n- drm/radeon: fix mode_valid's return type (bnc#1012382).\n- drm: Add DP PSR2 sink enable bit (bnc#1012382).\n- drm: Reject getfb for multi-plane framebuffers (bsc#1106929).\n- enic: do not call enic_change_mtu in enic_probe\n- enic: handle mtu change for vf properly (bnc#1012382).\n- enic: initialize enic->rfs_h.lock in enic_probe (bnc#1012382).\n- esp6: fix memleak on error path in esp6_input\n- ext4: check for NUL characters in extended attribute's name (bnc#1012382).\n- ext4: check for allocation block validity with block group locked (bsc#1104495).\n- ext4: do not update s_last_mounted of a frozen fs (bsc#1101841).\n- ext4: factor out helper ext4_sample_last_mounted() (bsc#1101841).\n- ext4: fix check to prevent initializing reserved inodes (bsc#1104319).\n- ext4: fix false negatives *and* false positives in ext4_check_descriptors() (bsc#1103445).\n- ext4: fix inline data updates with checksums enabled (bsc#1104494).\n- ext4: fix spectre gadget in ext4_mb_regular_allocator() (bnc#1012382).\n- ext4: reset error code in ext4_find_entry in fallback (bnc#1012382).\n- ext4: sysfs: print ext4_super_block fields as little-endian (bsc#1106229).\n- f2fs: fix to do not trigger writeback during recovery (bnc#1012382).\n- fat: fix memory allocation failure handling of match_strdup() (bnc#1012382).\n- fb: fix lost console when the user unplugs a USB adapter (bnc#1012382).\n- fbdev: omapfb: off by one in omapfb_register_client() (bsc#1106929).\n- fix __legitimize_mnt()/mntput() race (bnc#1012382).\n- fix mntput/mntput race (bnc#1012382).\n- fork: unconditionally clear stack on fork (bnc#1012382).\n- fs/9p/xattr.c: catch the error of p9_client_clunk when setting xattr failed (bnc#1012382).\n- fs/dax.c: fix inefficiency in dax_writeback_mapping_range() (bsc#1106185).\n- fs/quota: Fix spectre gadget in do_quotactl (bnc#1012382).\n- fs: aio: fix the increment of aio-nr and counting against aio-max-nr (bsc#1068075, bsc#1078921).\n- fuse: Add missed unlock_page() to fuse_readpages_fill() (bnc#1012382).\n- fuse: Do not access pipe->buffers without pipe_lock() (bnc#1012382).\n- fuse: Fix oops at process_init_reply() (bnc#1012382).\n- fuse: fix double request_end() (bnc#1012382).\n- fuse: fix unlocked access to processing queue (bnc#1012382).\n- fuse: umount should wait for all requests (bnc#1012382).\n- genirq/proc: Return proper error code when irq_set_affinity() fails (bnc#1105392).\n- getxattr: use correct xattr length (bnc#1012382).\n- hfsplus: Do not clear SGID when inheriting ACLs (bsc#1030552).\n- hvc_opal: do not set tb_ticks_per_usec in udbg_init_opal_common() (bnc#1012382).\n- hwrng: exynos - Disable runtime PM on driver unbind.\n- i2c: davinci: Avoid zero value of CLKH (bnc#1012382).\n- i2c: imx: Fix race condition in dma read (bnc#1012382).\n- i2c: imx: Fix reinit_completion() use (bnc#1012382).\n- i2c: ismt: fix wrong device address when unmap the data buffer (bnc#1012382).\n- i40e: use cpumask_copy instead of direct assignment (bsc#1053685).\n- i40iw: Fix memory leak in error path of create QP (bsc#969476 bsc#969477).\n- i40iw: Use correct address in dst_neigh_lookup for IPv6 (bsc#969476 bsc#969477).\n- ibmvnic: Include missing return code checks in reset function (bnc#1107966).\n- ieee802154: at86rf230: switch from BUG_ON() to WARN_ON() on problem (bnc#1012382).\n- ieee802154: at86rf230: use __func__ macro for debug messages (bnc#1012382).\n- ieee802154: fakelb: switch from BUG_ON() to WARN_ON() on problem (bnc#1012382).\n- igb: Fix not adding filter elements to the list (bsc#1024361 bsc#1024365).\n- iio: ad9523: Fix displayed phase (bnc#1012382).\n- iio: ad9523: Fix return value for ad952x_store() (bnc#1012382).\n- inet: frag: enforce memory limits earlier (bnc#1012382 bsc#970506).\n- iommu/amd: make sure TLB to be flushed before IOVA freed (bsc#1106105).\n- iommu/vt-d: Add definitions for PFSID (bnc#1012382).\n- iommu/vt-d: Fix dev iotlb pfsid use (bnc#1012382).\n- iommu/vt-d: Ratelimit each dmar fault printing (bsc#1106105).\n- ioremap: Update pgtable free interfaces with addr (bnc#1012382).\n- ip: hash fragments consistently (bnc#1012382).\n- ip: in cmsg IP(V6)_ORIGDSTADDR call pskb_may_pull (bnc#1012382).\n- ipconfig: Correctly initialise ic_nameservers (bnc#1012382).\n- ipv4+ipv6: Make INET*_ESP select CRYPTO_ECHAINIV (bnc#1012382).\n- ipv4: Return EINVAL when ping_group_range sysctl does not map to user ns (bnc#1012382).\n- ipv4: remove BUG_ON() from fib_compute_spec_dst (bnc#1012382).\n- ipv6: fix useless rol32 call on hash (bnc#1012382).\n- ipv6: mcast: fix unsolicited report interval after receiving querys (bnc#1012382).\n- ipvlan: use ETH_MAX_MTU as max mtu (bsc#1033962).\n- iscsi target: fix session creation failure handling (bnc#1012382).\n- isdn: Disable IIOCDBGVAR (bnc#1012382).\n- iw_cxgb4: remove duplicate memcpy() in c4iw_create_listen() (bsc#969476 bsc#969477).\n- iwlwifi: pcie: fix race in Rx buffer allocator (bnc#1012382).\n- ixgbe: Be more careful when modifying MAC filters (bnc#1012382).\n- jfs: Do not clear SGID when inheriting ACLs (bsc#1030552).\n- jump_label: Add RELEASE barrier after text changes (bsc#1105271).\n- jump_label: Fix concurrent static_key_enable/disable() (bsc#1105271).\n- jump_label: Move CPU hotplug locking (bsc#1105271).\n- jump_label: Provide hotplug context variants (bsc#1105271).\n- jump_label: Reduce the size of struct static_key (bsc#1105271).\n- jump_label: Reorder hotplug lock and jump_label_lock (bsc#1105271).\n- jump_label: Split out code under the hotplug lock (bsc#1105271).\n- jump_label: remove bug.h, atomic.h dependencies for HAVE_JUMP_LABEL (bsc#1105271).\n- kABI: protect enum tcp_ca_event (kabi).\n- kABI: reexport tcp_send_ack (kabi).\n- kabi/severities: Ignore missing cpu_tss_tramp (bsc#1099597)\n- kabi: x86/speculation/l1tf: Increase l1tf memory limit for Nehalem+ (bnc#1105536).\n- kasan: do not emit builtin calls when sanitization is off (bnc#1012382).\n- kasan: fix shadow_size calculation error in kasan_module_alloc (bnc#1012382).\n- kbuild: verify that $DEPMOD is installed (bnc#1012382).\n- kernel: improve spectre mitigation (bnc#1106934, LTC#171029).\n- kprobes/x86: Fix %p uses in error messages (bnc#1012382).\n- kprobes: Make list and blacklist root user read only (bnc#1012382).\n- kthread, tracing: Do not expose half-written comm when creating kthreads (bsc#1104897).\n- kvm: x86: vmx: fix vpid leak (bnc#1012382).\n- l2tp: use sk_dst_check() to avoid race on sk->sk_dst_cache (bnc#1012382).\n- lib/rhashtable: consider param->min_size when setting initial table size (bnc#1012382).\n- libata: Fix command retry decision (bnc#1012382).\n- libceph: check authorizer reply/challenge length before reading (bsc#1096748).\n- libceph: factor out __ceph_x_decrypt() (bsc#1096748).\n- libceph: factor out __prepare_write_connect() (bsc#1096748).\n- libceph: factor out encrypt_authorizer() (bsc#1096748).\n- libceph: store ceph_auth_handshake pointer in ceph_connection (bsc#1096748).\n- libceph: weaken sizeof check in ceph_x_verify_authorizer_reply() (bsc#1096748).\n- llc: use refcount_inc_not_zero() for llc_sap_find() (bnc#1012382).\n- locking/lockdep: Do not record IRQ state within lockdep code (bnc#1012382).\n- locks: pass inode pointer to locks_free_lock_context (bsc@1099832).\n- locks: prink more detail when there are leaked locks (bsc#1099832).\n- locks: restore a warn for leaked locks on close (bsc#1099832).\n- m68k: fix 'bad page state' oops on ColdFire boot (bnc#1012382).\n- mac80211: add stations tied to AP_VLANs during hw reconfig (bnc#1012382).\n- md/raid10: fix that replacement cannot complete recovery after reassemble (bnc#1012382).\n- md: fix NULL dereference of mddev->pers in remove_and_add_spares() (bnc#1012382).\n- media: omap3isp: fix unbalanced dma_iommu_mapping (bnc#1012382).\n- media: rcar_jpu: Add missing clk_disable_unprepare() on error in jpu_open() (bnc#1012382).\n- media: rtl28xxu: be sure that it won't go past the array size (bsc#1050431).\n- media: s5p-jpeg: fix number of components macro (bsc#1050431).\n- media: saa7164: Fix driver name in debug output (bnc#1012382).\n- media: si470x: fix __be16 annotations (bnc#1012382).\n- media: siano: get rid of __le32/__le16 cast warnings (bnc#1012382).\n- media: staging: omap4iss: Include asm/cacheflush.h after generic includes (bnc#1012382).\n- media: videobuf2-core: do not call memop 'finish' when queueing (bnc#1012382).\n- memory: tegra: Apply interrupts mask per SoC (bnc#1012382).\n- memory: tegra: Do not handle spurious interrupts (bnc#1012382).\n- mfd: cros_ec: Fail early if we cannot identify the EC (bnc#1012382).\n- microblaze: Fix simpleImage format generation (bnc#1012382).\n- mm/hugetlb: filter out hugetlb pages if HUGEPAGE migration is not supported (bnc#1106697).\n- mm/memory.c: check return value of ioremap_prot (bnc#1012382).\n- mm/slub.c: add __printf verification to slab_err() (bnc#1012382).\n- mm/tlb: Remove tlb_remove_table() non-concurrent condition (bnc#1012382).\n- mm: Add vm_insert_pfn_prot() (bnc#1012382).\n- mm: fix cache mode tracking in vm_insert_mixed() (bnc#1012382).\n- mm: memcg: fix use after free in mem_cgroup_iter() (bnc#1012382).\n- mm: vmalloc: avoid racy handling of debugobjects in vunmap (bnc#1012382).\n- mm: x86: move _PAGE_SWP_SOFT_DIRTY from bit 7 to bit 1 (bnc#1012382).\n- mtd: rawnand: fsl_ifc: fix FSL NAND driver to read all ONFI parameter pages (bnc#1012382).\n- mtd: ubi: wl: Fix error return code in ubi_wl_init().\n- mwifiex: correct histogram data with appropriate index (bnc#1012382).\n- mwifiex: handle race during mwifiex_usb_disconnect (bnc#1012382).\n- net/9p/client.c: version pointer uninitialized (bnc#1012382).\n- net/9p/trans_fd.c: fix race-condition by flushing workqueue before the kfree() (bnc#1012382).\n- net/ethernet/freescale/fman: fix cross-build error (bnc#1012382).\n- net/ipv4: Set oif in fib_compute_spec_dst (bnc#1012382).\n- net/mlx4_core: Save the qpn from the input modifier in RST2INIT wrapper (bnc#1012382).\n- net/mlx5: Add missing SET_DRIVER_VERSION command translation (bsc#1015342 bsc#1015343).\n- net/mlx5: E-Switch, Include VF RDMA stats in vport statistics (bsc#966170 bsc#966172).\n- net/mlx5: Eswitch, Use 'kvfree()' for memory allocated by 'kvzalloc()' (bsc#1015342 bsc#1015343).\n- net/mlx5: Fix wrong size allocation for QoS ETC TC regitster (bsc#966170 bsc#966172).\n- net/mlx5: Vport, Use 'kvfree()' for memory allocated by 'kvzalloc()' (bsc#966170 bsc#966172).\n- net/mlx5e: Do not allow aRFS for encapsulated packets (bsc#1015342 bsc#1015343).\n- net/mlx5e: Err if asked to offload TC match on frag being first (bsc#1015342 bsc#1015343).\n- net/mlx5e: Fix quota counting in aRFS expire flow (bsc#1015342 bsc#1015343).\n- net/mlx5e: Refine ets validation function (bsc#966170 bsc#966172).\n- net: 6lowpan: fix reserved space for single frames (bnc#1012382).\n- net: Do not copy pfmemalloc flag in __copy_skb_header() (bnc#1012382).\n- net: add skb_condense() helper (bsc#1089066).\n- net: adjust skb->truesize in ___pskb_trim() (bsc#1089066).\n- net: adjust skb->truesize in pskb_expand_head() (bsc#1089066).\n- net: axienet: Fix double deregister of mdio (bnc#1012382).\n- net: caif: Add a missing rcu_read_unlock() in caif_flow_cb (bnc#1012382).\n- net: davinci_emac: match the mdio device against its compatible if possible (bnc#1012382).\n- net: dsa: Do not suspend/resume closed slave_dev (bnc#1012382).\n- net: ena: Fix use of uninitialized DMA address bits field (bsc#1027968).\n- net: fix amd-xgbe flow-control issue (bnc#1012382).\n- net: hamradio: use eth_broadcast_addr (bnc#1012382).\n- net: lan78xx: Fix misplaced tasklet_schedule() call (bnc#1012382).\n- net: lan78xx: fix rx handling before first packet is send (bnc#1012382).\n- net: mac802154: tx: expand tailroom if necessary (bnc#1012382).\n- net: phy: fix flag masking in __set_phy_supported (bnc#1012382).\n- net: prevent ISA drivers from building on PPC32 (bnc#1012382).\n- net: propagate dev_get_valid_name return code (bnc#1012382).\n- net: qca_spi: Avoid packet drop during initial sync (bnc#1012382).\n- net: qca_spi: Fix log level if probe fails (bnc#1012382).\n- net: qca_spi: Make sure the QCA7000 reset is triggered (bnc#1012382).\n- net: socket: fix potential spectre v1 gadget in socketcall (bnc#1012382).\n- net: usb: rtl8150: demote allmulti message to dev_dbg() (bnc#1012382).\n- net: vmxnet3: use new api ethtool_{get|set}_link_ksettings (bsc#1091860 bsc#1098253).\n- net_sched: Fix missing res info when create new tc_index filter (bnc#1012382).\n- net_sched: fix NULL pointer dereference when delete tcindex filter (bnc#1012382).\n- netfilter: conntrack: dccp: treat SYNC/SYNCACK as invalid if no prior state (bnc#1012382).\n- netfilter: ipset: List timing out entries with 'timeout 1' instead of zero (bnc#1012382).\n- netfilter: ipv6: nf_defrag: reduce struct net memory waste (bnc#1012382).\n- netfilter: ipvs: do not create conn for ABORT packet in sctp_conn_schedule (bsc#1102797).\n- netfilter: ipvs: fix the issue that sctp_conn_schedule drops non-INIT packet (bsc#1102797).\n- netfilter: x_tables: set module owner for icmp(6) matches (bnc#1012382).\n- netlink: Do not shift on 64 for ngroups (bnc#1012382).\n- netlink: Do not shift with UB on nlk->ngroups (bnc#1012382).\n- netlink: Do not subscribe to non-existent groups (bnc#1012382).\n- netlink: Fix spectre v1 gadget in netlink_create() (bnc#1012382).\n- netlink: do not enter direct reclaim from netlink_trim() (bsc#1042286).\n- nfsd: fix potential use-after-free in nfsd4_decode_getdeviceinfo (bnc#1012382).\n- nl80211: Add a missing break in parse_station_flags (bnc#1012382).\n- nohz: Fix local_timer_softirq_pending() (bnc#1012382).\n- nvme-fc: release io queues to allow fast fail (bsc#1102486).\n- nvme: if_ready checks to fail io to deleting controller (bsc#1102486).\n- nvme: kABI-compliant version of nvmf_fail_nonready_command() (bsc#1102486).\n- nvmet-fc: fix target sgl list on large transfers (bsc#1102486).\n- osf_getdomainname(): use copy_to_user() (bnc#1012382).\n- ovl: Do d_type check only if work dir creation was successful (bnc#1012382).\n- ovl: Ensure upper filesystem supports d_type (bnc#1012382).\n- ovl: warn instead of error if d_type is not supported (bnc#1012382).\n- packet: refine ring v3 block size test to hold one frame (bnc#1012382).\n- packet: reset network header if packet shorter than ll reserved space (bnc#1012382).\n- parisc: Define mb() and add memory barriers to assembler unlock sequences (bnc#1012382).\n- parisc: Enable CONFIG_MLONGCALLS by default (bnc#1012382).\n- parisc: Remove ordered stores from syscall.S (bnc#1012382).\n- parisc: Remove unnecessary barriers from spinlock.h (bnc#1012382).\n- perf auxtrace: Fix queue resize (bnc#1012382).\n- perf llvm-utils: Remove bashism from kernel include fetch script (bnc#1012382).\n- perf report powerpc: Fix crash if callchain is empty (bnc#1012382).\n- perf test session topology: Fix test on s390 (bnc#1012382).\n- perf/x86/intel/uncore: Correct fixed counter index check for NHM (bnc#1012382).\n- perf/x86/intel/uncore: Correct fixed counter index check in generic code (bnc#1012382).\n- perf: fix invalid bit in diagnostic entry (bnc#1012382).\n- pinctrl: at91-pio4: add missing of_node_put (bnc#1012382).\n- pinctrl: freescale: off by one in imx1_pinconf_group_dbg_show() (bnc#1012382).\n- pnfs/blocklayout: off by one in bl_map_stripe() (bnc#1012382).\n- powerpc/32: Add a missing include header (bnc#1012382).\n- powerpc/64s: Default l1d_size to 64K in RFI fallback flush (bsc#1068032).\n- powerpc/64s: Fix compiler store ordering to SLB shadow area (bnc#1012382).\n- powerpc/8xx: fix invalid register expression in head_8xx.S (bnc#1012382).\n- powerpc/chrp/time: Make some functions static, add missing header include (bnc#1012382).\n- powerpc/embedded6xx/hlwd-pic: Prevent interrupts from being handled by Starlet (bnc#1012382).\n- powerpc/fadump: handle crash memory ranges array index overflow (bsc#1103269).\n- powerpc/fadump: merge adjacent memory ranges to reduce PT_LOAD segements (bsc#1103269).\n- powerpc/lib: Fix the feature fixup tests to actually work (bsc#1066223).\n- powerpc/powermac: Add missing prototype for note_bootable_part() (bnc#1012382).\n- powerpc/powermac: Mark variable x as unused (bnc#1012382).\n- powerpc/pseries: Fix endianness while restoring of r3 in MCE handler (bnc#1012382).\n- powerpc/topology: Get topology for shared processors at boot (bsc#1104683).\n- powerpc64s: Show ori31 availability in spectre_v1 sysfs file not v2 (bsc#1068032, bsc#1080157).\n- powerpc: Avoid code patching freed init sections (bnc#1107735).\n- powerpc: make feature-fixup tests fortify-safe (bsc#1066223).\n- provide special timeout module parameters for EC2 (bsc#1065364).\n- ptp: fix missing break in switch (bnc#1012382).\n- pwm: tiehrpwm: Fix disabling of output of PWMs (bnc#1012382).\n- qed: Add sanity check for SIMD fastpath handler (bnc#1012382).\n- qed: Correct Multicast API to reflect existence of 256 approximate buckets (bsc#1019695 bsc#1019699 bsc#1022604).\n- qed: Do not advertise DCBX_LLD_MANAGED capability (bsc#1019695 bsc#1019699 bsc#1022604).\n- qed: Fix possible memory leak in Rx error path handling (bsc#1019695 bsc#1019699 bsc#1022604 ).\n- qed: Fix possible race for the link state value (bnc#1012382).\n- qed: Fix setting of incorrect eswitch mode (bsc#1019695 bsc#1019699 bsc#1022604).\n- qed: Fix use of incorrect size in memcpy call (bsc#1019695 bsc#1019699 bsc#1022604).\n- qede: Adverstise software timestamp caps when PHC is not available (bsc#1019695 bsc#1019699 bsc#1022604).\n- qlge: Fix netdev features configuration (bsc#1098822).\n- qlogic: check kstrtoul() for errors (bnc#1012382).\n- random: mix rdrand with entropy sent in from userspace (bnc#1012382).\n- readahead: stricter check for bdi io_pages (VM Functionality).\n- regulator: pfuze100: add .is_enable() for pfuze100_swb_regulator_ops (bnc#1012382).\n- reiserfs: fix broken xattr handling (heap corruption, bad retval) (bnc#1012382).\n- ring_buffer: tracing: Inherit the tracing setting to next ring buffer (bnc#1012382).\n- root dentries need RCU-delayed freeing (bnc#1012382).\n- rsi: Fix 'invalid vdd' warning in mmc (bnc#1012382).\n- rtc: ensure rtc_set_alarm fails when alarms are not supported (bnc#1012382).\n- rtnetlink: add rtnl_link_state check in rtnl_configure_link (bnc#1012382).\n- s390/cpum_sf: Add data entry sizes to sampling trailer entry (bnc#1012382).\n- s390/kvm: fix deadlock when killed by oom (bnc#1012382).\n- s390/lib: use expoline for all bcr instructions (bnc#1106934, LTC#171029).\n- s390/pci: fix out of bounds access during irq setup (bnc#1012382).\n- s390/qdio: reset old sbal_state flags (bnc#1012382).\n- s390/qeth: do not clobber buffer on async TX completion (bnc#1104485, LTC#170349).\n- s390/qeth: fix race when setting MAC address (bnc#1104485, LTC#170726).\n- s390: add explicit <linux/stringify.h> for jump label (bsc#1105271).\n- s390: detect etoken facility (bnc#1106934, LTC#171029).\n- s390: fix br_r1_trampoline for machines without exrl (bnc#1012382 bnc#1106934 LTC#171029).\n- sched/fair: Avoid divide by zero when rebalancing domains (bsc#1096254).\n- scripts/tar-up.sh: Do not package gitlog-excludes file Also fix the evaluation of gitlog-excludes file, too\n- scsi: 3w-xxxx: fix a missing-check bug (bnc#1012382).\n- scsi: core: Avoid that SCSI device removal through sysfs triggers a deadlock (bnc#1012382).\n- scsi: fcoe: drop frames in ELS LOGO error path (bnc#1012382).\n- scsi: hpsa: limit transfer length to 1MB, not 512kB (bsc#1102346).\n- scsi: libiscsi: fix possible NULL pointer dereference in case of TMF (bnc#1012382).\n- scsi: megaraid: silence a static checker bug (bnc#1012382).\n- scsi: megaraid_sas: Increase timeout by 1 sec for non-RAID fastpath IOs (bnc#1012382).\n- scsi: qla2xxx: Fix ISP recovery on unload (bnc#1012382).\n- scsi: qla2xxx: Return error when TMF returns (bnc#1012382).\n- scsi: scsi_dh: replace too broad 'TP9' string with the exact models (bnc#1012382).\n- scsi: sr: Avoid that opening a CD-ROM hangs with runtime power management enabled (bnc#1012382).\n- scsi: sysfs: Introduce sysfs_{un,}break_active_protection() (bnc#1012382).\n- scsi: ufs: fix exception event handling (bnc#1012382).\n- scsi: vmw_pvscsi: Return DID_RESET for status SAM_STAT_COMMAND_TERMINATED (bnc#1012382).\n- scsi: xen-scsifront: add error handling for xenbus_printf (bnc#1012382).\n- scsi_debug: call resp_XXX function after setting host_scribble (bsc#1069138).\n- scsi_debug: reset injection flags for every_nth > 0 (bsc#1069138).\n- selftest/seccomp: Fix the flag name SECCOMP_FILTER_FLAG_TSYNC (bnc#1012382).\n- selftest/seccomp: Fix the seccomp(2) signature (bnc#1012382).\n- selftests/ftrace: Add snapshot and tracing_on test case (bnc#1012382).\n- selftests/x86/sigreturn/64: Fix spurious failures on AMD CPUs (bnc#1012382).\n- selftests: pstore: return Kselftest Skip code for skipped tests (bnc#1012382).\n- selftests: static_keys: return Kselftest Skip code for skipped tests (bnc#1012382).\n- selftests: sync: add config fragment for testing sync framework (bnc#1012382).\n- selftests: user: return Kselftest Skip code for skipped tests (bnc#1012382).\n- selftests: zram: return Kselftest Skip code for skipped tests (bnc#1012382).\n- serial: 8250_dw: always set baud rate in dw8250_set_termios (bnc#1012382).\n- sfc: stop the TX queue before pushing new buffers (bsc#1017967 ).\n- skbuff: Unconditionally copy pfmemalloc in __skb_clone() (bnc#1012382).\n- slab: __GFP_ZERO is incompatible with a constructor (bnc#1107060).\n- smb3: Do not send SMB3 SET_INFO if nothing changed (bnc#1012382).\n- smb3: do not request leases in symlink creation and query (bnc#1012382).\n- spi: davinci: fix a NULL pointer dereference (bnc#1012382).\n- squashfs: be more careful about metadata corruption (bnc#1012382).\n- squashfs: more metadata hardening (bnc#1012382).\n- squashfs: more metadata hardenings (bnc#1012382).\n- staging: android: ion: check for kref overflow (bnc#1012382).\n- string: drop __must_check from strscpy() and restore strscpy() usages in cgroup (bsc#1107319).\n- sys: do not hold uts_sem while accessing userspace memory (bnc#1106995).\n- target_core_rbd: use RCU in free_device (bsc#1105524).\n- tcp: Fix missing range_truesize enlargement in the backport (bnc#1012382).\n- tcp: add max_quickacks param to tcp_incr_quickack and tcp_enter_quickack_mode (bnc#1012382).\n- tcp: add one more quick ack after after ECN events (bnc#1012382).\n- tcp: do not aggressively quick ack after ECN events (bnc#1012382).\n- tcp: do not cancel delay-AcK on DCTCP special ACK (bnc#1012382).\n- tcp: do not delay ACK in DCTCP upon CE status change (bnc#1012382).\n- tcp: do not force quickack when receiving out-of-order packets (bnc#1012382).\n- tcp: fix dctcp delayed ACK schedule (bnc#1012382).\n- tcp: helpers to send special DCTCP ack (bnc#1012382).\n- tcp: identify cryptic messages as TCP seq # bugs (bnc#1012382).\n- tcp: refactor tcp_ecn_check_ce to remove sk type cast (bnc#1012382).\n- tcp: remove DELAYED ACK events in DCTCP (bnc#1012382).\n- tg3: Add higher cpu clock for 5762 (bnc#1012382).\n- thermal: exynos: fix setting rising_threshold for Exynos5433 (bnc#1012382).\n- timekeeping: Eliminate the stale declaration of ktime_get_raw_and_real_ts64() (bsc#969470).\n- tools/power turbostat: Read extended processor family from CPUID (bnc#1012382).\n- tools/power turbostat: fix -S on UP systems (bnc#1012382).\n- tools: usb: ffs-test: Fix build on big endian systems (bnc#1012382).\n- tpm: fix race condition in tpm_common_write() (bnc#1012382).\n- tracing/blktrace: Fix to allow setting same value (bnc#1012382).\n- tracing/kprobes: Fix trace_probe flags on enable_trace_kprobe() failure (bnc#1012382).\n- tracing: Do not call start/stop() functions when tracing_on does not change (bnc#1012382).\n- tracing: Fix double free of event_trigger_data (bnc#1012382).\n- tracing: Fix possible double free in event_enable_trigger_func() (bnc#1012382).\n- tracing: Quiet gcc warning about maybe unused link variable (bnc#1012382).\n- tracing: Use __printf markup to silence compiler (bnc#1012382).\n- tty: Fix data race in tty_insert_flip_string_fixed_flag (bnc#1012382).\n- turn off -Wattribute-alias (bnc#1012382).\n- ubi: Be more paranoid while seaching for the most recent Fastmap (bnc#1012382).\n- ubi: Fix Fastmap's update_vol() (bnc#1012382).\n- ubi: Fix races around ubi_refill_pools() (bnc#1012382).\n- ubi: Introduce vol_ignored() (bnc#1012382).\n- ubi: Rework Fastmap attach base code (bnc#1012382).\n- ubi: fastmap: Erase outdated anchor PEBs during attach (bnc#1012382).\n- ubifs: Check data node size before truncate (bsc#1106276).\n- ubifs: Fix memory leak in lprobs self-check (bsc#1106278).\n- ubifs: Fix synced_i_size calculation for xattr inodes (bsc#1106275).\n- ubifs: xattr: Do not operate on deleted inodes (bsc#1106271).\n- udl-kms: change down_interruptible to down (bnc#1012382).\n- udl-kms: fix crash due to uninitialized memory (bnc#1012382).\n- udl-kms: handle allocation failure (bnc#1012382).\n- udlfb: set optimal write delay (bnc#1012382).\n- uprobes: Use synchronize_rcu() not synchronize_sched() (bnc#1012382).\n- usb/phy: fix PPC64 build errors in phy-fsl-usb.c (bnc#1012382).\n- usb: audio-v2: Correct the comment for struct uac_clock_selector_descriptor (bsc#1099810).\n- usb: cdc_acm: Add quirk for Castles VEGA3000 (bnc#1012382).\n- usb: dwc2: debugfs: Do not touch RX FIFO during register dump (bsc#1100132).\n- usb: dwc2: fix isoc split in transfer with no data (bnc#1012382).\n- usb: gadget: composite: fix delayed_status race condition when set_interface (bnc#1012382).\n- usb: gadget: dwc2: fix memory leak in gadget_init() (bnc#1012382).\n- usb: gadget: f_fs: Only return delayed status when len is 0 (bnc#1012382).\n- usb: gadget: f_uac2: fix endianness of 'struct cntrl_*_lay3' (bnc#1012382).\n- usb: gadget: r8a66597: Fix a possible sleep-in-atomic-context bugs in r8a66597_queue() (bnc#1012382).\n- usb: gadget: r8a66597: Fix two possible sleep-in-atomic-context bugs in init_controller() (bnc#1012382).\n- usb: hub: Do not wait for connect state at resume for powered-off ports (bnc#1012382).\n- usb: renesas_usbhs: gadget: fix spin_lock_init() for &uep->lock (bsc#1085536).\n- usb: xhci: increase CRS timeout value (bnc#1012382).\n- usbip: usbip_detach: Fix memory, udev context and udev leak (bnc#1012382).\n- userns: move user access out of the mutex (bnc#1012382).\n- vfs: add the sb_start_intwrite_trylock() helper (bsc#1101841).\n- virtio_balloon: fix another race between migration and ballooning (bnc#1012382).\n- vmw_balloon: VMCI_DOORBELL_SET does not check status (bnc#1012382).\n- vmw_balloon: do not use 2MB without batching (bnc#1012382).\n- vmw_balloon: fix VMCI use when balloon built into kernel (bnc#1012382).\n- vmw_balloon: fix inflation of 64-bit GFNs (bnc#1012382).\n- vmxnet3: Replace msleep(1) with usleep_range() (bsc#1091860 bsc#1098253).\n- vmxnet3: add receive data ring support (bsc#1091860 bsc#1098253).\n- vmxnet3: add support for get_coalesce, set_coalesce ethtool operations (bsc#1091860 bsc#1098253).\n- vmxnet3: allow variable length transmit data ring buffer (bsc#1091860 bsc#1098253).\n- vmxnet3: avoid assumption about invalid dma_pa in vmxnet3_set_mc() (bsc#1091860 bsc#1098253).\n- vmxnet3: avoid format strint overflow warning (bsc#1091860 bsc#1098253).\n- vmxnet3: avoid xmit reset due to a race in vmxnet3 (bsc#1091860 bsc#1098253).\n- vmxnet3: fix incorrect dereference when rxvlan is disabled (bsc#1091860 bsc#1098253).\n- vmxnet3: fix non static symbol warning (bsc#1091860 bsc#1098253).\n- vmxnet3: fix tx data ring copy for variable size (bsc#1091860 bsc#1098253).\n- vmxnet3: increase default rx ring sizes (bsc#1091860 bsc#1098253).\n- vmxnet3: introduce command to register memory region (bsc#1091860 bsc#1098253).\n- vmxnet3: introduce generalized command interface to configure the device (bsc#1091860 bsc#1098253).\n- vmxnet3: prepare for version 3 changes (bsc#1091860 bsc#1098253).\n- vmxnet3: remove redundant initialization of pointer 'rq' (bsc#1091860 bsc#1098253).\n- vmxnet3: remove unused flag 'rxcsum' from struct vmxnet3_adapter (bsc#1091860 bsc#1098253).\n- vmxnet3: set the DMA mask before the first DMA map operation (bsc#1091860 bsc#1098253).\n- vmxnet3: update to version 3 (bsc#1091860 bsc#1098253).\n- vmxnet3: use DMA memory barriers where required (bsc#1091860 bsc#1098253).\n- vmxnet3: use correct flag to indicate LRO feature (bsc#1091860 bsc#1098253).\n- vsock: split dwork to avoid reinitializations (bnc#1012382).\n- vti6: Fix dev->max_mtu setting (bsc#1033962).\n- vti6: fix PMTU caching and reporting on xmit (bnc#1012382).\n- wlcore: sdio: check for valid platform device data before suspend (bnc#1012382).\n- x86/MCE: Remove min interval polling limitation (bnc#1012382).\n- x86/amd: do not set X86_BUG_SYSRET_SS_ATTRS when running under Xen (bnc#1012382).\n- x86/asm/entry/32: Simplify pushes of zeroed pt_regs->REGs (bnc#1012382).\n- x86/bugs: Move the l1tf function and define pr_fmt properly (bnc#1012382).\n- x86/bugs: Respect nospec command line option (bsc#1068032).\n- x86/cpu/AMD: Fix erratum 1076 (CPB bit) (bnc#1012382).\n- x86/cpu: Make alternative_msr_write work for 32-bit code (bnc#1012382).\n- x86/cpu: Re-apply forced caps every time CPU caps are re-read (bnc#1012382).\n- x86/cpufeatures: Add CPUID_7_EDX CPUID leaf (bnc#1012382).\n- x86/cpufeatures: Clean up Spectre v2 related CPUID flags (bnc#1012382).\n- x86/entry/64/compat: Clear registers for compat syscalls, to reduce speculation attack surface (bnc#1012382).\n- x86/entry/64: Remove %ebx handling from error_entry/exit (bnc#1102715).\n- x86/init: fix build with CONFIG_SWAP=n (bnc#1012382).\n- x86/irqflags: Mark native_restore_fl extern inline (bnc#1012382).\n- x86/irqflags: Provide a declaration for native_save_fl.\n- x86/mm/kmmio: Make the tracer robust against L1TF (bnc#1012382).\n- x86/mm/pat: Fix L1TF stable backport for CPA (bnc#1012382).\n- x86/mm/pat: Fix L1TF stable backport for CPA, 2nd call (bnc#1012382).\n- x86/mm/pat: Make set_memory_np() L1TF safe (bnc#1012382).\n- x86/mm: Add TLB purge to free pmd/pte page interfaces (bnc#1012382).\n- x86/mm: Disable ioremap free page handling on x86-PAE (bnc#1012382).\n- x86/mm: Give each mm TLB flush generation a unique ID (bnc#1012382).\n- x86/paravirt: Fix spectre-v2 mitigations for paravirt guests (bnc#1012382).\n- x86/paravirt: Make native_save_fl() extern inline (bnc#1012382).\n- x86/process: Correct and optimize TIF_BLOCKSTEP switch (bnc#1012382).\n- x86/process: Optimize TIF checks in __switch_to_xtra() (bnc#1012382).\n- x86/process: Optimize TIF_NOTSC switch (bnc#1012382).\n- x86/process: Re-export start_thread() (bnc#1012382).\n- x86/spectre: Add missing family 6 check to microcode check (bnc#1012382).\n- x86/spectre_v2: Do not check microcode versions when running under hypervisors (bnc#1012382).\n- x86/speculation/l1tf: Exempt zeroed PTEs from inversion (bnc#1012382).\n- x86/speculation/l1tf: Extend 64bit swap file size limit (bnc#1012382).\n- x86/speculation/l1tf: Fix off-by-one error when warning that system has too much RAM (bnc#1105536).\n- x86/speculation/l1tf: Fix overflow in l1tf_pfn_limit() on 32bit (bnc#1012382).\n- x86/speculation/l1tf: Fix up CPU feature flags (bnc#1012382).\n- x86/speculation/l1tf: Fix up pte->pfn conversion for PAE (bnc#1012382).\n- x86/speculation/l1tf: Increase l1tf memory limit for Nehalem+ (bnc#1105536).\n- x86/speculation/l1tf: Invert all not present mappings (bnc#1012382).\n- x86/speculation/l1tf: Make pmd/pud_mknotpresent() invert (bnc#1012382).\n- x86/speculation/l1tf: Protect PAE swap entries against L1TF (bnc#1012382).\n- x86/speculation/l1tf: Suggest what to do on systems with too much RAM (bnc#1105536).\n- x86/speculation/l1tf: Unbreak !__HAVE_ARCH_PFN_MODIFY_ALLOWED architectures (bnc#1012382).\n- x86/speculation: Add <asm/msr-index.h> dependency (bnc#1012382).\n- x86/speculation: Add basic IBPB (Indirect Branch Prediction Barrier) support (bnc#1012382).\n- x86/speculation: Clean up various Spectre related details (bnc#1012382).\n- x86/speculation: Correct Speculation Control microcode blacklist again (bnc#1012382).\n- x86/speculation: Move firmware_restrict_branch_speculation_*() from C to CPP (bnc#1012382).\n- x86/speculation: Update Speculation Control microcode blacklist (bnc#1012382).\n- x86/speculation: Use ARCH_CAPABILITIES to skip L1D flush on vmentry (bsc#1106369).\n- x86/speculation: Use IBRS if available before calling into firmware (bnc#1012382).\n- x86/speculation: Use Indirect Branch Prediction Barrier in context switch (bnc#1012382).\n- x86/xen: Add call of speculative_store_bypass_ht_init() to PV paths (bnc#1012382).\n- xen-netfront: wait xenbus state change when load module manually (bnc#1012382).\n- xen/blkback: do not keep persistent grants too long (bsc#1085042).\n- xen/blkback: move persistent grants flags to bool (bsc#1085042).\n- xen/blkfront: cleanup stale persistent grants (bsc#1085042).\n- xen/blkfront: reorder tests in xlblk_init() (bsc#1085042).\n- xen/netfront: do not cache skb_shinfo() (bnc#1012382).\n- xen: set cpu capabilities from xen_start_kernel() (bnc#1012382).\n- xfrm: fix missing dst_release() after policy blocking lbcast and multicast (bnc#1012382).\n- xfrm: free skb if nlsk pointer is NULL (bnc#1012382).\n- xfrm_user: prevent leaking 2 bytes of kernel memory (bnc#1012382).\n- xfs: Remove dead code from inode recover function (bsc#1105396).\n- xfs: repair malformed inode items during log recovery (bsc#1105396).\n- xhci: Fix perceived dead host due to runtime suspend race with event handler (bnc#1012382).\n- zswap: re-check zswap_is_full() after do zswap_shrink() (bnc#1012382).\n", title: "Description of the patch", }, { category: "details", text: "SUSE-SLE-Live-Patching-12-SP3-2018-1941", title: "Patchnames", }, { category: "legal_disclaimer", text: "CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).", title: "Terms of use", }, ], publisher: { category: "vendor", contact_details: "https://www.suse.com/support/security/contact/", name: "SUSE Product Security Team", namespace: "https://www.suse.com/", }, references: [ { category: "external", summary: "SUSE ratings", url: "https://www.suse.com/support/security/rating/", }, { category: "self", summary: "URL of this CSAF notice", url: "https://ftp.suse.com/pub/projects/security/csaf/suse-su-2018_2775-1.json", }, { category: "self", summary: "URL for SUSE-SU-2018:2775-1", url: "https://www.suse.com/support/update/announcement/2018/suse-su-20182775-1/", }, { category: "self", summary: "E-Mail link for SUSE-SU-2018:2775-1", url: "https://lists.suse.com/pipermail/sle-security-updates/2018-September/004571.html", }, { category: "self", summary: "SUSE Bug 1012382", url: "https://bugzilla.suse.com/1012382", }, { category: "self", summary: "SUSE Bug 1015342", url: "https://bugzilla.suse.com/1015342", }, { category: "self", summary: "SUSE Bug 1015343", url: "https://bugzilla.suse.com/1015343", }, { category: "self", summary: "SUSE Bug 1017967", url: "https://bugzilla.suse.com/1017967", }, { category: "self", summary: "SUSE Bug 1019695", url: "https://bugzilla.suse.com/1019695", }, { category: "self", summary: "SUSE Bug 1019699", url: "https://bugzilla.suse.com/1019699", }, { category: "self", summary: "SUSE Bug 1020412", url: "https://bugzilla.suse.com/1020412", }, { category: "self", summary: "SUSE Bug 1021121", url: "https://bugzilla.suse.com/1021121", }, { category: "self", summary: "SUSE Bug 1022604", url: "https://bugzilla.suse.com/1022604", }, { category: "self", summary: "SUSE Bug 1024361", url: "https://bugzilla.suse.com/1024361", }, { category: "self", summary: "SUSE Bug 1024365", url: "https://bugzilla.suse.com/1024365", }, { category: "self", summary: "SUSE Bug 1024376", url: "https://bugzilla.suse.com/1024376", }, { category: "self", summary: "SUSE Bug 1027968", url: "https://bugzilla.suse.com/1027968", }, { category: "self", summary: "SUSE Bug 1030552", url: "https://bugzilla.suse.com/1030552", }, { category: "self", summary: "SUSE Bug 1031492", url: "https://bugzilla.suse.com/1031492", }, { category: "self", summary: "SUSE Bug 1033962", url: "https://bugzilla.suse.com/1033962", }, { category: "self", summary: "SUSE Bug 1042286", url: "https://bugzilla.suse.com/1042286", }, { category: "self", summary: "SUSE Bug 1048317", url: "https://bugzilla.suse.com/1048317", }, { category: "self", summary: "SUSE Bug 1050431", url: "https://bugzilla.suse.com/1050431", }, { category: "self", summary: "SUSE Bug 1053685", url: "https://bugzilla.suse.com/1053685", }, { category: "self", summary: "SUSE Bug 1055014", url: "https://bugzilla.suse.com/1055014", }, { category: "self", summary: "SUSE Bug 1056596", url: "https://bugzilla.suse.com/1056596", }, { category: "self", summary: "SUSE Bug 1062604", url: "https://bugzilla.suse.com/1062604", }, { category: "self", summary: "SUSE Bug 1063646", url: "https://bugzilla.suse.com/1063646", }, { category: "self", summary: "SUSE Bug 1064232", url: "https://bugzilla.suse.com/1064232", }, { category: "self", summary: "SUSE Bug 1065364", url: "https://bugzilla.suse.com/1065364", }, { category: "self", summary: "SUSE Bug 1066223", url: "https://bugzilla.suse.com/1066223", }, { category: "self", summary: "SUSE Bug 1068032", url: "https://bugzilla.suse.com/1068032", }, { category: "self", summary: "SUSE Bug 1068075", url: "https://bugzilla.suse.com/1068075", }, { category: "self", summary: "SUSE Bug 1069138", url: "https://bugzilla.suse.com/1069138", }, { category: "self", summary: "SUSE Bug 1078921", url: "https://bugzilla.suse.com/1078921", }, { category: "self", summary: "SUSE Bug 1080157", url: "https://bugzilla.suse.com/1080157", }, { category: "self", summary: "SUSE Bug 1083663", url: "https://bugzilla.suse.com/1083663", }, { category: "self", summary: "SUSE Bug 1085042", url: "https://bugzilla.suse.com/1085042", }, { category: "self", summary: "SUSE Bug 1085536", url: "https://bugzilla.suse.com/1085536", }, { category: "self", summary: "SUSE Bug 1085539", url: "https://bugzilla.suse.com/1085539", }, { category: "self", summary: "SUSE Bug 1086457", url: "https://bugzilla.suse.com/1086457", }, { category: "self", summary: "SUSE Bug 1087092", url: "https://bugzilla.suse.com/1087092", }, { category: "self", summary: "SUSE Bug 1089066", url: "https://bugzilla.suse.com/1089066", }, { category: "self", summary: "SUSE Bug 1090888", url: "https://bugzilla.suse.com/1090888", }, { category: "self", summary: "SUSE Bug 1091171", url: "https://bugzilla.suse.com/1091171", }, { category: "self", summary: "SUSE Bug 1091860", url: "https://bugzilla.suse.com/1091860", }, { category: "self", summary: "SUSE Bug 1096254", url: "https://bugzilla.suse.com/1096254", }, { category: "self", summary: "SUSE Bug 1096748", url: "https://bugzilla.suse.com/1096748", }, { category: "self", summary: "SUSE Bug 1097105", url: "https://bugzilla.suse.com/1097105", }, { category: "self", summary: "SUSE Bug 1098253", url: "https://bugzilla.suse.com/1098253", }, { category: "self", summary: "SUSE Bug 1098822", url: "https://bugzilla.suse.com/1098822", }, { category: "self", summary: "SUSE Bug 1099597", url: "https://bugzilla.suse.com/1099597", }, { category: "self", summary: "SUSE Bug 1099810", url: "https://bugzilla.suse.com/1099810", }, { category: "self", summary: "SUSE Bug 1099811", url: "https://bugzilla.suse.com/1099811", }, { category: "self", summary: "SUSE Bug 1099813", url: "https://bugzilla.suse.com/1099813", }, { category: "self", summary: "SUSE Bug 1099832", url: "https://bugzilla.suse.com/1099832", }, { category: "self", summary: "SUSE Bug 1099844", url: "https://bugzilla.suse.com/1099844", }, { category: "self", summary: "SUSE Bug 1099845", url: "https://bugzilla.suse.com/1099845", }, { category: "self", summary: "SUSE Bug 1099846", url: "https://bugzilla.suse.com/1099846", }, { category: "self", summary: "SUSE Bug 1099849", url: "https://bugzilla.suse.com/1099849", }, { category: "self", summary: "SUSE Bug 1099863", url: "https://bugzilla.suse.com/1099863", }, { category: "self", summary: "SUSE Bug 1099864", url: "https://bugzilla.suse.com/1099864", }, { category: "self", summary: "SUSE Bug 1099922", url: "https://bugzilla.suse.com/1099922", }, { category: "self", summary: "SUSE Bug 1099999", url: "https://bugzilla.suse.com/1099999", }, { category: "self", summary: "SUSE Bug 1100000", url: "https://bugzilla.suse.com/1100000", }, { category: "self", summary: "SUSE Bug 1100001", url: "https://bugzilla.suse.com/1100001", }, { category: "self", summary: "SUSE Bug 1100132", url: "https://bugzilla.suse.com/1100132", }, { category: "self", summary: "SUSE Bug 1101822", url: "https://bugzilla.suse.com/1101822", }, { category: "self", summary: "SUSE Bug 1101841", url: "https://bugzilla.suse.com/1101841", }, { category: "self", summary: "SUSE Bug 1102346", url: "https://bugzilla.suse.com/1102346", }, { category: "self", summary: "SUSE Bug 1102486", url: "https://bugzilla.suse.com/1102486", }, { category: "self", summary: "SUSE Bug 1102517", url: "https://bugzilla.suse.com/1102517", }, { category: "self", summary: "SUSE Bug 1102715", url: "https://bugzilla.suse.com/1102715", }, { category: "self", summary: "SUSE Bug 1102797", url: "https://bugzilla.suse.com/1102797", }, { category: "self", summary: "SUSE Bug 1103269", url: "https://bugzilla.suse.com/1103269", }, { category: "self", summary: "SUSE Bug 1103445", url: "https://bugzilla.suse.com/1103445", }, { category: "self", summary: "SUSE Bug 1103717", url: "https://bugzilla.suse.com/1103717", }, { category: "self", summary: "SUSE Bug 1104319", url: "https://bugzilla.suse.com/1104319", }, { category: "self", summary: "SUSE Bug 1104485", url: "https://bugzilla.suse.com/1104485", }, { category: "self", summary: "SUSE Bug 1104494", url: "https://bugzilla.suse.com/1104494", }, { category: "self", summary: "SUSE Bug 1104495", url: "https://bugzilla.suse.com/1104495", }, { category: "self", summary: "SUSE Bug 1104683", url: "https://bugzilla.suse.com/1104683", }, { category: "self", summary: "SUSE Bug 1104897", url: "https://bugzilla.suse.com/1104897", }, { category: "self", summary: "SUSE Bug 1105271", url: "https://bugzilla.suse.com/1105271", }, { category: "self", summary: "SUSE Bug 1105292", url: "https://bugzilla.suse.com/1105292", }, { category: "self", summary: "SUSE Bug 1105322", url: "https://bugzilla.suse.com/1105322", }, { category: "self", summary: "SUSE Bug 1105323", url: "https://bugzilla.suse.com/1105323", }, { category: "self", summary: "SUSE Bug 1105392", url: "https://bugzilla.suse.com/1105392", }, { category: "self", summary: "SUSE Bug 1105396", url: "https://bugzilla.suse.com/1105396", }, { category: "self", summary: "SUSE Bug 1105524", url: "https://bugzilla.suse.com/1105524", }, { category: "self", summary: "SUSE Bug 1105536", url: "https://bugzilla.suse.com/1105536", }, { category: "self", summary: "SUSE Bug 1105769", url: "https://bugzilla.suse.com/1105769", }, { category: "self", summary: "SUSE Bug 1106016", url: "https://bugzilla.suse.com/1106016", }, { category: "self", summary: "SUSE Bug 1106105", url: "https://bugzilla.suse.com/1106105", }, { category: "self", summary: "SUSE Bug 1106185", url: "https://bugzilla.suse.com/1106185", }, { category: "self", summary: "SUSE Bug 1106229", url: "https://bugzilla.suse.com/1106229", }, { category: "self", summary: "SUSE Bug 1106271", url: "https://bugzilla.suse.com/1106271", }, { category: "self", summary: "SUSE Bug 1106275", url: "https://bugzilla.suse.com/1106275", }, { category: "self", summary: "SUSE Bug 1106276", url: "https://bugzilla.suse.com/1106276", }, { category: "self", summary: "SUSE Bug 1106278", url: "https://bugzilla.suse.com/1106278", }, { category: "self", summary: "SUSE Bug 1106281", url: "https://bugzilla.suse.com/1106281", }, { category: "self", summary: "SUSE Bug 1106283", url: "https://bugzilla.suse.com/1106283", }, { category: "self", summary: "SUSE Bug 1106369", url: "https://bugzilla.suse.com/1106369", }, { category: "self", summary: "SUSE Bug 1106509", url: "https://bugzilla.suse.com/1106509", }, { category: "self", summary: "SUSE Bug 1106511", url: "https://bugzilla.suse.com/1106511", }, { category: "self", summary: "SUSE Bug 1106697", url: "https://bugzilla.suse.com/1106697", }, { category: "self", summary: "SUSE Bug 1106929", url: "https://bugzilla.suse.com/1106929", }, { category: "self", summary: "SUSE Bug 1106934", url: "https://bugzilla.suse.com/1106934", }, { category: "self", summary: "SUSE Bug 1106995", url: "https://bugzilla.suse.com/1106995", }, { category: "self", summary: "SUSE Bug 1107060", url: "https://bugzilla.suse.com/1107060", }, { category: "self", summary: "SUSE Bug 1107078", url: "https://bugzilla.suse.com/1107078", }, { category: "self", summary: "SUSE Bug 1107319", url: "https://bugzilla.suse.com/1107319", }, { category: "self", summary: "SUSE Bug 1107320", url: "https://bugzilla.suse.com/1107320", }, { category: "self", summary: "SUSE Bug 1107689", url: "https://bugzilla.suse.com/1107689", }, { category: "self", summary: "SUSE Bug 1107735", url: "https://bugzilla.suse.com/1107735", }, { category: "self", summary: "SUSE Bug 1107966", url: "https://bugzilla.suse.com/1107966", }, { category: "self", summary: "SUSE Bug 963575", url: "https://bugzilla.suse.com/963575", }, { category: "self", summary: "SUSE Bug 966170", url: "https://bugzilla.suse.com/966170", }, { category: "self", summary: "SUSE Bug 966172", url: "https://bugzilla.suse.com/966172", }, { category: "self", summary: "SUSE Bug 969470", url: "https://bugzilla.suse.com/969470", }, { category: "self", summary: "SUSE Bug 969476", url: "https://bugzilla.suse.com/969476", }, { category: "self", summary: "SUSE Bug 969477", url: "https://bugzilla.suse.com/969477", }, { category: "self", summary: "SUSE Bug 970506", url: "https://bugzilla.suse.com/970506", }, { category: "self", summary: "SUSE CVE CVE-2018-10876 page", url: "https://www.suse.com/security/cve/CVE-2018-10876/", }, { category: "self", summary: "SUSE CVE CVE-2018-10877 page", url: "https://www.suse.com/security/cve/CVE-2018-10877/", }, { category: "self", summary: "SUSE CVE CVE-2018-10878 page", url: "https://www.suse.com/security/cve/CVE-2018-10878/", }, { category: "self", summary: "SUSE CVE CVE-2018-10879 page", url: "https://www.suse.com/security/cve/CVE-2018-10879/", }, { category: "self", summary: "SUSE CVE CVE-2018-10880 page", url: "https://www.suse.com/security/cve/CVE-2018-10880/", }, { category: "self", summary: "SUSE CVE CVE-2018-10881 page", url: "https://www.suse.com/security/cve/CVE-2018-10881/", }, { category: "self", summary: "SUSE CVE CVE-2018-10882 page", url: "https://www.suse.com/security/cve/CVE-2018-10882/", }, { category: "self", summary: "SUSE CVE CVE-2018-10883 page", url: "https://www.suse.com/security/cve/CVE-2018-10883/", }, { category: "self", summary: "SUSE CVE CVE-2018-10902 page", url: "https://www.suse.com/security/cve/CVE-2018-10902/", }, { category: "self", summary: "SUSE CVE CVE-2018-10938 page", url: "https://www.suse.com/security/cve/CVE-2018-10938/", }, { category: "self", summary: "SUSE CVE CVE-2018-1128 page", url: "https://www.suse.com/security/cve/CVE-2018-1128/", }, { category: "self", summary: "SUSE CVE CVE-2018-1129 page", url: "https://www.suse.com/security/cve/CVE-2018-1129/", }, { category: "self", summary: "SUSE CVE CVE-2018-12896 page", url: "https://www.suse.com/security/cve/CVE-2018-12896/", }, { category: "self", summary: "SUSE CVE CVE-2018-13093 page", url: "https://www.suse.com/security/cve/CVE-2018-13093/", }, { category: "self", summary: "SUSE CVE CVE-2018-13094 page", url: "https://www.suse.com/security/cve/CVE-2018-13094/", }, { category: "self", summary: "SUSE CVE CVE-2018-13095 page", url: "https://www.suse.com/security/cve/CVE-2018-13095/", }, { category: "self", summary: "SUSE CVE CVE-2018-15572 page", url: "https://www.suse.com/security/cve/CVE-2018-15572/", }, { category: "self", summary: "SUSE CVE CVE-2018-16658 page", url: "https://www.suse.com/security/cve/CVE-2018-16658/", }, { category: "self", summary: "SUSE CVE CVE-2018-6554 page", url: "https://www.suse.com/security/cve/CVE-2018-6554/", }, { category: "self", summary: "SUSE CVE CVE-2018-6555 page", url: "https://www.suse.com/security/cve/CVE-2018-6555/", }, { category: "self", summary: "SUSE CVE CVE-2018-9363 page", url: "https://www.suse.com/security/cve/CVE-2018-9363/", }, ], title: "Security update for the Linux Kernel", tracking: { current_release_date: "2018-09-20T16:27:21Z", generator: { date: "2018-09-20T16:27:21Z", engine: { name: "cve-database.git:bin/generate-csaf.pl", version: "1", }, }, id: "SUSE-SU-2018:2775-1", initial_release_date: "2018-09-20T16:27:21Z", revision_history: [ { date: "2018-09-20T16:27:21Z", number: "1", summary: "Current version", }, ], status: "final", version: "1", }, }, product_tree: { branches: [ { branches: [ { branches: [ { category: "product_version", name: "kgraft-patch-4_4_155-94_50-default-1-4.3.1.ppc64le", product: { name: "kgraft-patch-4_4_155-94_50-default-1-4.3.1.ppc64le", product_id: "kgraft-patch-4_4_155-94_50-default-1-4.3.1.ppc64le", }, }, ], category: "architecture", name: "ppc64le", }, { branches: [ { category: "product_version", name: "kgraft-patch-4_4_155-94_50-default-1-4.3.1.x86_64", product: { name: "kgraft-patch-4_4_155-94_50-default-1-4.3.1.x86_64", product_id: "kgraft-patch-4_4_155-94_50-default-1-4.3.1.x86_64", }, }, ], category: "architecture", name: "x86_64", }, { branches: [ { category: "product_name", name: "SUSE Linux Enterprise Live Patching 12 SP3", product: { name: "SUSE Linux Enterprise Live Patching 12 SP3", product_id: "SUSE Linux Enterprise Live Patching 12 SP3", product_identification_helper: { cpe: "cpe:/o:suse:sle-live-patching:12:sp3", }, }, }, ], category: "product_family", name: "SUSE Linux Enterprise", }, ], category: "vendor", name: "SUSE", }, ], relationships: [ { category: "default_component_of", full_product_name: { name: "kgraft-patch-4_4_155-94_50-default-1-4.3.1.ppc64le as component of SUSE Linux Enterprise Live Patching 12 SP3", product_id: "SUSE Linux Enterprise Live Patching 12 SP3:kgraft-patch-4_4_155-94_50-default-1-4.3.1.ppc64le", }, product_reference: "kgraft-patch-4_4_155-94_50-default-1-4.3.1.ppc64le", relates_to_product_reference: "SUSE Linux Enterprise Live Patching 12 SP3", }, { category: "default_component_of", full_product_name: { name: "kgraft-patch-4_4_155-94_50-default-1-4.3.1.x86_64 as component of SUSE Linux Enterprise Live Patching 12 SP3", product_id: "SUSE Linux Enterprise Live Patching 12 SP3:kgraft-patch-4_4_155-94_50-default-1-4.3.1.x86_64", }, product_reference: "kgraft-patch-4_4_155-94_50-default-1-4.3.1.x86_64", relates_to_product_reference: "SUSE Linux Enterprise Live Patching 12 SP3", }, ], }, vulnerabilities: [ { cve: "CVE-2018-10876", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2018-10876", }, ], notes: [ { category: "general", text: "A flaw was found in Linux kernel in the ext4 filesystem code. A use-after-free is possible in ext4_ext_remove_space() function when mounting and operating a crafted ext4 image.", title: "CVE description", }, ], product_status: { recommended: [ "SUSE Linux Enterprise Live Patching 12 SP3:kgraft-patch-4_4_155-94_50-default-1-4.3.1.ppc64le", "SUSE Linux Enterprise Live Patching 12 SP3:kgraft-patch-4_4_155-94_50-default-1-4.3.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2018-10876", url: "https://www.suse.com/security/cve/CVE-2018-10876", }, { category: "external", summary: "SUSE Bug 1099811 for CVE-2018-10876", url: "https://bugzilla.suse.com/1099811", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE Linux Enterprise Live Patching 12 SP3:kgraft-patch-4_4_155-94_50-default-1-4.3.1.ppc64le", "SUSE Linux Enterprise Live Patching 12 SP3:kgraft-patch-4_4_155-94_50-default-1-4.3.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 5, baseSeverity: "MEDIUM", vectorString: "CVSS:3.0/AV:L/AC:L/PR:L/UI:R/S:U/C:N/I:N/A:H", version: "3.0", }, products: [ "SUSE Linux Enterprise Live Patching 12 SP3:kgraft-patch-4_4_155-94_50-default-1-4.3.1.ppc64le", "SUSE Linux Enterprise Live Patching 12 SP3:kgraft-patch-4_4_155-94_50-default-1-4.3.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2018-09-20T16:27:21Z", details: "low", }, ], title: "CVE-2018-10876", }, { cve: "CVE-2018-10877", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2018-10877", }, ], notes: [ { category: "general", text: "Linux kernel ext4 filesystem is vulnerable to an out-of-bound access in the ext4_ext_drop_refs() function when operating on a crafted ext4 filesystem image.", title: "CVE description", }, ], product_status: { recommended: [ "SUSE Linux Enterprise Live Patching 12 SP3:kgraft-patch-4_4_155-94_50-default-1-4.3.1.ppc64le", "SUSE Linux Enterprise Live Patching 12 SP3:kgraft-patch-4_4_155-94_50-default-1-4.3.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2018-10877", url: "https://www.suse.com/security/cve/CVE-2018-10877", }, { category: "external", summary: "SUSE Bug 1087082 for CVE-2018-10877", url: "https://bugzilla.suse.com/1087082", }, { category: "external", summary: "SUSE Bug 1099846 for CVE-2018-10877", url: "https://bugzilla.suse.com/1099846", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE Linux Enterprise Live Patching 12 SP3:kgraft-patch-4_4_155-94_50-default-1-4.3.1.ppc64le", "SUSE Linux Enterprise Live Patching 12 SP3:kgraft-patch-4_4_155-94_50-default-1-4.3.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 6.7, baseSeverity: "MEDIUM", vectorString: "CVSS:3.0/AV:L/AC:H/PR:L/UI:R/S:U/C:H/I:H/A:H", version: "3.0", }, products: [ "SUSE Linux Enterprise Live Patching 12 SP3:kgraft-patch-4_4_155-94_50-default-1-4.3.1.ppc64le", "SUSE Linux Enterprise Live Patching 12 SP3:kgraft-patch-4_4_155-94_50-default-1-4.3.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2018-09-20T16:27:21Z", details: "low", }, ], title: "CVE-2018-10877", }, { cve: "CVE-2018-10878", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2018-10878", }, ], notes: [ { category: "general", text: "A flaw was found in the Linux kernel's ext4 filesystem. A local user can cause an out-of-bounds write and a denial of service or unspecified other impact is possible by mounting and operating a crafted ext4 filesystem image.", title: "CVE description", }, ], product_status: { recommended: [ "SUSE Linux Enterprise Live Patching 12 SP3:kgraft-patch-4_4_155-94_50-default-1-4.3.1.ppc64le", "SUSE Linux Enterprise Live Patching 12 SP3:kgraft-patch-4_4_155-94_50-default-1-4.3.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2018-10878", url: "https://www.suse.com/security/cve/CVE-2018-10878", }, { category: "external", summary: "SUSE Bug 1087082 for CVE-2018-10878", url: "https://bugzilla.suse.com/1087082", }, { category: "external", summary: "SUSE Bug 1099813 for CVE-2018-10878", url: "https://bugzilla.suse.com/1099813", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE Linux Enterprise Live Patching 12 SP3:kgraft-patch-4_4_155-94_50-default-1-4.3.1.ppc64le", "SUSE Linux Enterprise Live Patching 12 SP3:kgraft-patch-4_4_155-94_50-default-1-4.3.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 6.6, baseSeverity: "MEDIUM", vectorString: "CVSS:3.0/AV:L/AC:L/PR:L/UI:R/S:U/C:N/I:H/A:H", version: "3.0", }, products: [ "SUSE Linux Enterprise Live Patching 12 SP3:kgraft-patch-4_4_155-94_50-default-1-4.3.1.ppc64le", "SUSE Linux Enterprise Live Patching 12 SP3:kgraft-patch-4_4_155-94_50-default-1-4.3.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2018-09-20T16:27:21Z", details: "moderate", }, ], title: "CVE-2018-10878", }, { cve: "CVE-2018-10879", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2018-10879", }, ], notes: [ { category: "general", text: "A flaw was found in the Linux kernel's ext4 filesystem. A local user can cause a use-after-free in ext4_xattr_set_entry function and a denial of service or unspecified other impact may occur by renaming a file in a crafted ext4 filesystem image.", title: "CVE description", }, ], product_status: { recommended: [ "SUSE Linux Enterprise Live Patching 12 SP3:kgraft-patch-4_4_155-94_50-default-1-4.3.1.ppc64le", "SUSE Linux Enterprise Live Patching 12 SP3:kgraft-patch-4_4_155-94_50-default-1-4.3.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2018-10879", url: "https://www.suse.com/security/cve/CVE-2018-10879", }, { category: "external", summary: "SUSE Bug 1087082 for CVE-2018-10879", url: "https://bugzilla.suse.com/1087082", }, { category: "external", summary: "SUSE Bug 1099844 for CVE-2018-10879", url: "https://bugzilla.suse.com/1099844", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE Linux Enterprise Live Patching 12 SP3:kgraft-patch-4_4_155-94_50-default-1-4.3.1.ppc64le", "SUSE Linux Enterprise Live Patching 12 SP3:kgraft-patch-4_4_155-94_50-default-1-4.3.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 5, baseSeverity: "MEDIUM", vectorString: "CVSS:3.0/AV:L/AC:L/PR:L/UI:R/S:U/C:N/I:N/A:H", version: "3.0", }, products: [ "SUSE Linux Enterprise Live Patching 12 SP3:kgraft-patch-4_4_155-94_50-default-1-4.3.1.ppc64le", "SUSE Linux Enterprise Live Patching 12 SP3:kgraft-patch-4_4_155-94_50-default-1-4.3.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2018-09-20T16:27:21Z", details: "moderate", }, ], title: "CVE-2018-10879", }, { cve: "CVE-2018-10880", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2018-10880", }, ], notes: [ { category: "general", text: "Linux kernel is vulnerable to a stack-out-of-bounds write in the ext4 filesystem code when mounting and writing to a crafted ext4 image in ext4_update_inline_data(). An attacker could use this to cause a system crash and a denial of service.", title: "CVE description", }, ], product_status: { recommended: [ "SUSE Linux Enterprise Live Patching 12 SP3:kgraft-patch-4_4_155-94_50-default-1-4.3.1.ppc64le", "SUSE Linux Enterprise Live Patching 12 SP3:kgraft-patch-4_4_155-94_50-default-1-4.3.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2018-10880", url: "https://www.suse.com/security/cve/CVE-2018-10880", }, { category: "external", summary: "SUSE Bug 1087082 for CVE-2018-10880", url: "https://bugzilla.suse.com/1087082", }, { category: "external", summary: "SUSE Bug 1099845 for CVE-2018-10880", url: "https://bugzilla.suse.com/1099845", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE Linux Enterprise Live Patching 12 SP3:kgraft-patch-4_4_155-94_50-default-1-4.3.1.ppc64le", "SUSE Linux Enterprise Live Patching 12 SP3:kgraft-patch-4_4_155-94_50-default-1-4.3.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 5.6, baseSeverity: "MEDIUM", vectorString: "CVSS:3.0/AV:L/AC:L/PR:L/UI:R/S:U/C:N/I:L/A:H", version: "3.0", }, products: [ "SUSE Linux Enterprise Live Patching 12 SP3:kgraft-patch-4_4_155-94_50-default-1-4.3.1.ppc64le", "SUSE Linux Enterprise Live Patching 12 SP3:kgraft-patch-4_4_155-94_50-default-1-4.3.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2018-09-20T16:27:21Z", details: "moderate", }, ], title: "CVE-2018-10880", }, { cve: "CVE-2018-10881", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2018-10881", }, ], notes: [ { category: "general", text: "A flaw was found in the Linux kernel's ext4 filesystem. A local user can cause an out-of-bound access in ext4_get_group_info function, a denial of service, and a system crash by mounting and operating on a crafted ext4 filesystem image.", title: "CVE description", }, ], product_status: { recommended: [ "SUSE Linux Enterprise Live Patching 12 SP3:kgraft-patch-4_4_155-94_50-default-1-4.3.1.ppc64le", "SUSE Linux Enterprise Live Patching 12 SP3:kgraft-patch-4_4_155-94_50-default-1-4.3.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2018-10881", url: "https://www.suse.com/security/cve/CVE-2018-10881", }, { category: "external", summary: "SUSE Bug 1087082 for CVE-2018-10881", url: "https://bugzilla.suse.com/1087082", }, { category: "external", summary: "SUSE Bug 1099864 for CVE-2018-10881", url: "https://bugzilla.suse.com/1099864", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE Linux Enterprise Live Patching 12 SP3:kgraft-patch-4_4_155-94_50-default-1-4.3.1.ppc64le", "SUSE Linux Enterprise Live Patching 12 SP3:kgraft-patch-4_4_155-94_50-default-1-4.3.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 5, baseSeverity: "MEDIUM", vectorString: "CVSS:3.0/AV:L/AC:L/PR:L/UI:R/S:U/C:N/I:N/A:H", version: "3.0", }, products: [ "SUSE Linux Enterprise Live Patching 12 SP3:kgraft-patch-4_4_155-94_50-default-1-4.3.1.ppc64le", "SUSE Linux Enterprise Live Patching 12 SP3:kgraft-patch-4_4_155-94_50-default-1-4.3.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2018-09-20T16:27:21Z", details: "moderate", }, ], title: "CVE-2018-10881", }, { cve: "CVE-2018-10882", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2018-10882", }, ], notes: [ { category: "general", text: "A flaw was found in the Linux kernel's ext4 filesystem. A local user can cause an out-of-bound write in in fs/jbd2/transaction.c code, a denial of service, and a system crash by unmounting a crafted ext4 filesystem image.", title: "CVE description", }, ], product_status: { recommended: [ "SUSE Linux Enterprise Live Patching 12 SP3:kgraft-patch-4_4_155-94_50-default-1-4.3.1.ppc64le", "SUSE Linux Enterprise Live Patching 12 SP3:kgraft-patch-4_4_155-94_50-default-1-4.3.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2018-10882", url: "https://www.suse.com/security/cve/CVE-2018-10882", }, { category: "external", summary: "SUSE Bug 1087082 for CVE-2018-10882", url: "https://bugzilla.suse.com/1087082", }, { category: "external", summary: "SUSE Bug 1099849 for CVE-2018-10882", url: "https://bugzilla.suse.com/1099849", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE Linux Enterprise Live Patching 12 SP3:kgraft-patch-4_4_155-94_50-default-1-4.3.1.ppc64le", "SUSE Linux Enterprise Live Patching 12 SP3:kgraft-patch-4_4_155-94_50-default-1-4.3.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 5, baseSeverity: "MEDIUM", vectorString: "CVSS:3.0/AV:L/AC:L/PR:L/UI:R/S:U/C:N/I:N/A:H", version: "3.0", }, products: [ "SUSE Linux Enterprise Live Patching 12 SP3:kgraft-patch-4_4_155-94_50-default-1-4.3.1.ppc64le", "SUSE Linux Enterprise Live Patching 12 SP3:kgraft-patch-4_4_155-94_50-default-1-4.3.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2018-09-20T16:27:21Z", details: "moderate", }, ], title: "CVE-2018-10882", }, { cve: "CVE-2018-10883", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2018-10883", }, ], notes: [ { category: "general", text: "A flaw was found in the Linux kernel's ext4 filesystem. A local user can cause an out-of-bounds write in jbd2_journal_dirty_metadata(), a denial of service, and a system crash by mounting and operating on a crafted ext4 filesystem image.", title: "CVE description", }, ], product_status: { recommended: [ "SUSE Linux Enterprise Live Patching 12 SP3:kgraft-patch-4_4_155-94_50-default-1-4.3.1.ppc64le", "SUSE Linux Enterprise Live Patching 12 SP3:kgraft-patch-4_4_155-94_50-default-1-4.3.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2018-10883", url: "https://www.suse.com/security/cve/CVE-2018-10883", }, { category: "external", summary: "SUSE Bug 1087082 for CVE-2018-10883", url: "https://bugzilla.suse.com/1087082", }, { category: "external", summary: "SUSE Bug 1099863 for CVE-2018-10883", url: "https://bugzilla.suse.com/1099863", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE Linux Enterprise Live Patching 12 SP3:kgraft-patch-4_4_155-94_50-default-1-4.3.1.ppc64le", "SUSE Linux Enterprise Live Patching 12 SP3:kgraft-patch-4_4_155-94_50-default-1-4.3.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 5, baseSeverity: "MEDIUM", vectorString: "CVSS:3.0/AV:L/AC:L/PR:L/UI:R/S:U/C:N/I:N/A:H", version: "3.0", }, products: [ "SUSE Linux Enterprise Live Patching 12 SP3:kgraft-patch-4_4_155-94_50-default-1-4.3.1.ppc64le", "SUSE Linux Enterprise Live Patching 12 SP3:kgraft-patch-4_4_155-94_50-default-1-4.3.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2018-09-20T16:27:21Z", details: "moderate", }, ], title: "CVE-2018-10883", }, { cve: "CVE-2018-10902", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2018-10902", }, ], notes: [ { category: "general", text: "It was found that the raw midi kernel driver does not protect against concurrent access which leads to a double realloc (double free) in snd_rawmidi_input_params() and snd_rawmidi_output_status() which are part of snd_rawmidi_ioctl() handler in rawmidi.c file. A malicious local attacker could possibly use this for privilege escalation.", title: "CVE description", }, ], product_status: { recommended: [ "SUSE Linux Enterprise Live Patching 12 SP3:kgraft-patch-4_4_155-94_50-default-1-4.3.1.ppc64le", "SUSE Linux Enterprise Live Patching 12 SP3:kgraft-patch-4_4_155-94_50-default-1-4.3.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2018-10902", url: "https://www.suse.com/security/cve/CVE-2018-10902", }, { category: "external", summary: "SUSE Bug 1105322 for CVE-2018-10902", url: "https://bugzilla.suse.com/1105322", }, { category: "external", summary: "SUSE Bug 1105323 for CVE-2018-10902", url: "https://bugzilla.suse.com/1105323", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE Linux Enterprise Live Patching 12 SP3:kgraft-patch-4_4_155-94_50-default-1-4.3.1.ppc64le", "SUSE Linux Enterprise Live Patching 12 SP3:kgraft-patch-4_4_155-94_50-default-1-4.3.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 7, baseSeverity: "HIGH", vectorString: "CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H", version: "3.0", }, products: [ "SUSE Linux Enterprise Live Patching 12 SP3:kgraft-patch-4_4_155-94_50-default-1-4.3.1.ppc64le", "SUSE Linux Enterprise Live Patching 12 SP3:kgraft-patch-4_4_155-94_50-default-1-4.3.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2018-09-20T16:27:21Z", details: "moderate", }, ], title: "CVE-2018-10902", }, { cve: "CVE-2018-10938", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2018-10938", }, ], notes: [ { category: "general", text: "A flaw was found in the Linux kernel present since v4.0-rc1 and through v4.13-rc4. A crafted network packet sent remotely by an attacker may force the kernel to enter an infinite loop in the cipso_v4_optptr() function in net/ipv4/cipso_ipv4.c leading to a denial-of-service. A certain non-default configuration of LSM (Linux Security Module) and NetLabel should be set up on a system before an attacker could leverage this flaw.", title: "CVE description", }, ], product_status: { recommended: [ "SUSE Linux Enterprise Live Patching 12 SP3:kgraft-patch-4_4_155-94_50-default-1-4.3.1.ppc64le", "SUSE Linux Enterprise Live Patching 12 SP3:kgraft-patch-4_4_155-94_50-default-1-4.3.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2018-10938", url: "https://www.suse.com/security/cve/CVE-2018-10938", }, { category: "external", summary: "SUSE Bug 1106016 for CVE-2018-10938", url: "https://bugzilla.suse.com/1106016", }, { category: "external", summary: "SUSE Bug 1106191 for CVE-2018-10938", url: "https://bugzilla.suse.com/1106191", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE Linux Enterprise Live Patching 12 SP3:kgraft-patch-4_4_155-94_50-default-1-4.3.1.ppc64le", "SUSE Linux Enterprise Live Patching 12 SP3:kgraft-patch-4_4_155-94_50-default-1-4.3.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 7.5, baseSeverity: "HIGH", vectorString: "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", version: "3.0", }, products: [ "SUSE Linux Enterprise Live Patching 12 SP3:kgraft-patch-4_4_155-94_50-default-1-4.3.1.ppc64le", "SUSE Linux Enterprise Live Patching 12 SP3:kgraft-patch-4_4_155-94_50-default-1-4.3.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2018-09-20T16:27:21Z", details: "important", }, ], title: "CVE-2018-10938", }, { cve: "CVE-2018-1128", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2018-1128", }, ], notes: [ { category: "general", text: "It was found that cephx authentication protocol did not verify ceph clients correctly and was vulnerable to replay attack. Any attacker having access to ceph cluster network who is able to sniff packets on network can use this vulnerability to authenticate with ceph service and perform actions allowed by ceph service. Ceph branches master, mimic, luminous and jewel are believed to be vulnerable.", title: "CVE description", }, ], product_status: { recommended: [ "SUSE Linux Enterprise Live Patching 12 SP3:kgraft-patch-4_4_155-94_50-default-1-4.3.1.ppc64le", "SUSE Linux Enterprise Live Patching 12 SP3:kgraft-patch-4_4_155-94_50-default-1-4.3.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2018-1128", url: "https://www.suse.com/security/cve/CVE-2018-1128", }, { category: "external", summary: "SUSE Bug 1096748 for CVE-2018-1128", url: "https://bugzilla.suse.com/1096748", }, { category: "external", summary: "SUSE Bug 1114710 for CVE-2018-1128", url: "https://bugzilla.suse.com/1114710", }, { category: "external", summary: "SUSE Bug 1177843 for CVE-2018-1128", url: "https://bugzilla.suse.com/1177843", }, { category: "external", summary: "SUSE Bug 1177859 for CVE-2018-1128", url: "https://bugzilla.suse.com/1177859", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE Linux Enterprise Live Patching 12 SP3:kgraft-patch-4_4_155-94_50-default-1-4.3.1.ppc64le", "SUSE Linux Enterprise Live Patching 12 SP3:kgraft-patch-4_4_155-94_50-default-1-4.3.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 8.3, baseSeverity: "HIGH", vectorString: "CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:L", version: "3.0", }, products: [ "SUSE Linux Enterprise Live Patching 12 SP3:kgraft-patch-4_4_155-94_50-default-1-4.3.1.ppc64le", "SUSE Linux Enterprise Live Patching 12 SP3:kgraft-patch-4_4_155-94_50-default-1-4.3.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2018-09-20T16:27:21Z", details: "important", }, ], title: "CVE-2018-1128", }, { cve: "CVE-2018-1129", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2018-1129", }, ], notes: [ { category: "general", text: "A flaw was found in the way signature calculation was handled by cephx authentication protocol. An attacker having access to ceph cluster network who is able to alter the message payload was able to bypass signature checks done by cephx protocol. Ceph branches master, mimic, luminous and jewel are believed to be vulnerable.", title: "CVE description", }, ], product_status: { recommended: [ "SUSE Linux Enterprise Live Patching 12 SP3:kgraft-patch-4_4_155-94_50-default-1-4.3.1.ppc64le", "SUSE Linux Enterprise Live Patching 12 SP3:kgraft-patch-4_4_155-94_50-default-1-4.3.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2018-1129", url: "https://www.suse.com/security/cve/CVE-2018-1129", }, { category: "external", summary: "SUSE Bug 1096748 for CVE-2018-1129", url: "https://bugzilla.suse.com/1096748", }, { category: "external", summary: "SUSE Bug 1114710 for CVE-2018-1129", url: "https://bugzilla.suse.com/1114710", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE Linux Enterprise Live Patching 12 SP3:kgraft-patch-4_4_155-94_50-default-1-4.3.1.ppc64le", "SUSE Linux Enterprise Live Patching 12 SP3:kgraft-patch-4_4_155-94_50-default-1-4.3.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 8.1, baseSeverity: "HIGH", vectorString: "CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N", version: "3.0", }, products: [ "SUSE Linux Enterprise Live Patching 12 SP3:kgraft-patch-4_4_155-94_50-default-1-4.3.1.ppc64le", "SUSE Linux Enterprise Live Patching 12 SP3:kgraft-patch-4_4_155-94_50-default-1-4.3.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2018-09-20T16:27:21Z", details: "important", }, ], title: "CVE-2018-1129", }, { cve: "CVE-2018-12896", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2018-12896", }, ], notes: [ { category: "general", text: "An issue was discovered in the Linux kernel through 4.17.3. An Integer Overflow in kernel/time/posix-timers.c in the POSIX timer code is caused by the way the overrun accounting works. Depending on interval and expiry time values, the overrun can be larger than INT_MAX, but the accounting is int based. This basically makes the accounting values, which are visible to user space via timer_getoverrun(2) and siginfo::si_overrun, random. For example, a local user can cause a denial of service (signed integer overflow) via crafted mmap, futex, timer_create, and timer_settime system calls.", title: "CVE description", }, ], product_status: { recommended: [ "SUSE Linux Enterprise Live Patching 12 SP3:kgraft-patch-4_4_155-94_50-default-1-4.3.1.ppc64le", "SUSE Linux Enterprise Live Patching 12 SP3:kgraft-patch-4_4_155-94_50-default-1-4.3.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2018-12896", url: "https://www.suse.com/security/cve/CVE-2018-12896", }, { category: "external", summary: "SUSE Bug 1099922 for CVE-2018-12896", url: "https://bugzilla.suse.com/1099922", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE Linux Enterprise Live Patching 12 SP3:kgraft-patch-4_4_155-94_50-default-1-4.3.1.ppc64le", "SUSE Linux Enterprise Live Patching 12 SP3:kgraft-patch-4_4_155-94_50-default-1-4.3.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 3.3, baseSeverity: "LOW", vectorString: "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L", version: "3.0", }, products: [ "SUSE Linux Enterprise Live Patching 12 SP3:kgraft-patch-4_4_155-94_50-default-1-4.3.1.ppc64le", "SUSE Linux Enterprise Live Patching 12 SP3:kgraft-patch-4_4_155-94_50-default-1-4.3.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2018-09-20T16:27:21Z", details: "low", }, ], title: "CVE-2018-12896", }, { cve: "CVE-2018-13093", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2018-13093", }, ], notes: [ { category: "general", text: "An issue was discovered in fs/xfs/xfs_icache.c in the Linux kernel through 4.17.3. There is a NULL pointer dereference and panic in lookup_slow() on a NULL inode->i_ops pointer when doing pathwalks on a corrupted xfs image. This occurs because of a lack of proper validation that cached inodes are free during allocation.", title: "CVE description", }, ], product_status: { recommended: [ "SUSE Linux Enterprise Live Patching 12 SP3:kgraft-patch-4_4_155-94_50-default-1-4.3.1.ppc64le", "SUSE Linux Enterprise Live Patching 12 SP3:kgraft-patch-4_4_155-94_50-default-1-4.3.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2018-13093", url: "https://www.suse.com/security/cve/CVE-2018-13093", }, { category: "external", summary: "SUSE Bug 1100001 for CVE-2018-13093", url: "https://bugzilla.suse.com/1100001", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE Linux Enterprise Live Patching 12 SP3:kgraft-patch-4_4_155-94_50-default-1-4.3.1.ppc64le", "SUSE Linux Enterprise Live Patching 12 SP3:kgraft-patch-4_4_155-94_50-default-1-4.3.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 6.1, baseSeverity: "MEDIUM", vectorString: "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:H", version: "3.0", }, products: [ "SUSE Linux Enterprise Live Patching 12 SP3:kgraft-patch-4_4_155-94_50-default-1-4.3.1.ppc64le", "SUSE Linux Enterprise Live Patching 12 SP3:kgraft-patch-4_4_155-94_50-default-1-4.3.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2018-09-20T16:27:21Z", details: "moderate", }, ], title: "CVE-2018-13093", }, { cve: "CVE-2018-13094", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2018-13094", }, ], notes: [ { category: "general", text: "An issue was discovered in fs/xfs/libxfs/xfs_attr_leaf.c in the Linux kernel through 4.17.3. An OOPS may occur for a corrupted xfs image after xfs_da_shrink_inode() is called with a NULL bp.", title: "CVE description", }, ], product_status: { recommended: [ "SUSE Linux Enterprise Live Patching 12 SP3:kgraft-patch-4_4_155-94_50-default-1-4.3.1.ppc64le", "SUSE Linux Enterprise Live Patching 12 SP3:kgraft-patch-4_4_155-94_50-default-1-4.3.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2018-13094", url: "https://www.suse.com/security/cve/CVE-2018-13094", }, { category: "external", summary: "SUSE Bug 1087082 for CVE-2018-13094", url: "https://bugzilla.suse.com/1087082", }, { category: "external", summary: "SUSE Bug 1100000 for CVE-2018-13094", url: "https://bugzilla.suse.com/1100000", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE Linux Enterprise Live Patching 12 SP3:kgraft-patch-4_4_155-94_50-default-1-4.3.1.ppc64le", "SUSE Linux Enterprise Live Patching 12 SP3:kgraft-patch-4_4_155-94_50-default-1-4.3.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 5.5, baseSeverity: "MEDIUM", vectorString: "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H", version: "3.0", }, products: [ "SUSE Linux Enterprise Live Patching 12 SP3:kgraft-patch-4_4_155-94_50-default-1-4.3.1.ppc64le", "SUSE Linux Enterprise Live Patching 12 SP3:kgraft-patch-4_4_155-94_50-default-1-4.3.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2018-09-20T16:27:21Z", details: "moderate", }, ], title: "CVE-2018-13094", }, { cve: "CVE-2018-13095", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2018-13095", }, ], notes: [ { category: "general", text: "An issue was discovered in fs/xfs/libxfs/xfs_inode_buf.c in the Linux kernel through 4.17.3. A denial of service (memory corruption and BUG) can occur for a corrupted xfs image upon encountering an inode that is in extent format, but has more extents than fit in the inode fork.", title: "CVE description", }, ], product_status: { recommended: [ "SUSE Linux Enterprise Live Patching 12 SP3:kgraft-patch-4_4_155-94_50-default-1-4.3.1.ppc64le", "SUSE Linux Enterprise Live Patching 12 SP3:kgraft-patch-4_4_155-94_50-default-1-4.3.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2018-13095", url: "https://www.suse.com/security/cve/CVE-2018-13095", }, { category: "external", summary: "SUSE Bug 1099999 for CVE-2018-13095", url: "https://bugzilla.suse.com/1099999", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE Linux Enterprise Live Patching 12 SP3:kgraft-patch-4_4_155-94_50-default-1-4.3.1.ppc64le", "SUSE Linux Enterprise Live Patching 12 SP3:kgraft-patch-4_4_155-94_50-default-1-4.3.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 6.1, baseSeverity: "MEDIUM", vectorString: "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:H", version: "3.0", }, products: [ "SUSE Linux Enterprise Live Patching 12 SP3:kgraft-patch-4_4_155-94_50-default-1-4.3.1.ppc64le", "SUSE Linux Enterprise Live Patching 12 SP3:kgraft-patch-4_4_155-94_50-default-1-4.3.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2018-09-20T16:27:21Z", details: "moderate", }, ], title: "CVE-2018-13095", }, { cve: "CVE-2018-15572", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2018-15572", }, ], notes: [ { category: "general", text: "The spectre_v2_select_mitigation function in arch/x86/kernel/cpu/bugs.c in the Linux kernel before 4.18.1 does not always fill RSB upon a context switch, which makes it easier for attackers to conduct userspace-userspace spectreRSB attacks.", title: "CVE description", }, ], product_status: { recommended: [ "SUSE Linux Enterprise Live Patching 12 SP3:kgraft-patch-4_4_155-94_50-default-1-4.3.1.ppc64le", "SUSE Linux Enterprise Live Patching 12 SP3:kgraft-patch-4_4_155-94_50-default-1-4.3.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2018-15572", url: "https://www.suse.com/security/cve/CVE-2018-15572", }, { category: "external", summary: "SUSE Bug 1102517 for CVE-2018-15572", url: "https://bugzilla.suse.com/1102517", }, { category: "external", summary: "SUSE Bug 1105296 for CVE-2018-15572", url: "https://bugzilla.suse.com/1105296", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE Linux Enterprise Live Patching 12 SP3:kgraft-patch-4_4_155-94_50-default-1-4.3.1.ppc64le", "SUSE Linux Enterprise Live Patching 12 SP3:kgraft-patch-4_4_155-94_50-default-1-4.3.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 4.7, baseSeverity: "MEDIUM", vectorString: "CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N", version: "3.0", }, products: [ "SUSE Linux Enterprise Live Patching 12 SP3:kgraft-patch-4_4_155-94_50-default-1-4.3.1.ppc64le", "SUSE Linux Enterprise Live Patching 12 SP3:kgraft-patch-4_4_155-94_50-default-1-4.3.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2018-09-20T16:27:21Z", details: "important", }, ], title: "CVE-2018-15572", }, { cve: "CVE-2018-16658", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2018-16658", }, ], notes: [ { category: "general", text: "An issue was discovered in the Linux kernel before 4.18.6. An information leak in cdrom_ioctl_drive_status in drivers/cdrom/cdrom.c could be used by local attackers to read kernel memory because a cast from unsigned long to int interferes with bounds checking. This is similar to CVE-2018-10940.", title: "CVE description", }, ], product_status: { recommended: [ "SUSE Linux Enterprise Live Patching 12 SP3:kgraft-patch-4_4_155-94_50-default-1-4.3.1.ppc64le", "SUSE Linux Enterprise Live Patching 12 SP3:kgraft-patch-4_4_155-94_50-default-1-4.3.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2018-16658", url: "https://www.suse.com/security/cve/CVE-2018-16658", }, { category: "external", summary: "SUSE Bug 1092903 for CVE-2018-16658", url: "https://bugzilla.suse.com/1092903", }, { category: "external", summary: "SUSE Bug 1107689 for CVE-2018-16658", url: "https://bugzilla.suse.com/1107689", }, { category: "external", summary: "SUSE Bug 1113751 for CVE-2018-16658", url: "https://bugzilla.suse.com/1113751", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE Linux Enterprise Live Patching 12 SP3:kgraft-patch-4_4_155-94_50-default-1-4.3.1.ppc64le", "SUSE Linux Enterprise Live Patching 12 SP3:kgraft-patch-4_4_155-94_50-default-1-4.3.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 4, baseSeverity: "MEDIUM", vectorString: "CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N", version: "3.0", }, products: [ "SUSE Linux Enterprise Live Patching 12 SP3:kgraft-patch-4_4_155-94_50-default-1-4.3.1.ppc64le", "SUSE Linux Enterprise Live Patching 12 SP3:kgraft-patch-4_4_155-94_50-default-1-4.3.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2018-09-20T16:27:21Z", details: "low", }, ], title: "CVE-2018-16658", }, { cve: "CVE-2018-6554", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2018-6554", }, ], notes: [ { category: "general", text: "Memory leak in the irda_bind function in net/irda/af_irda.c and later in drivers/staging/irda/net/af_irda.c in the Linux kernel before 4.17 allows local users to cause a denial of service (memory consumption) by repeatedly binding an AF_IRDA socket.", title: "CVE description", }, ], product_status: { recommended: [ "SUSE Linux Enterprise Live Patching 12 SP3:kgraft-patch-4_4_155-94_50-default-1-4.3.1.ppc64le", "SUSE Linux Enterprise Live Patching 12 SP3:kgraft-patch-4_4_155-94_50-default-1-4.3.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2018-6554", url: "https://www.suse.com/security/cve/CVE-2018-6554", }, { category: "external", summary: "SUSE Bug 1106509 for CVE-2018-6554", url: "https://bugzilla.suse.com/1106509", }, { category: "external", summary: "SUSE Bug 1106511 for CVE-2018-6554", url: "https://bugzilla.suse.com/1106511", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE Linux Enterprise Live Patching 12 SP3:kgraft-patch-4_4_155-94_50-default-1-4.3.1.ppc64le", "SUSE Linux Enterprise Live Patching 12 SP3:kgraft-patch-4_4_155-94_50-default-1-4.3.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 3.3, baseSeverity: "LOW", vectorString: "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L", version: "3.0", }, products: [ "SUSE Linux Enterprise Live Patching 12 SP3:kgraft-patch-4_4_155-94_50-default-1-4.3.1.ppc64le", "SUSE Linux Enterprise Live Patching 12 SP3:kgraft-patch-4_4_155-94_50-default-1-4.3.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2018-09-20T16:27:21Z", details: "low", }, ], title: "CVE-2018-6554", }, { cve: "CVE-2018-6555", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2018-6555", }, ], notes: [ { category: "general", text: "The irda_setsockopt function in net/irda/af_irda.c and later in drivers/staging/irda/net/af_irda.c in the Linux kernel before 4.17 allows local users to cause a denial of service (ias_object use-after-free and system crash) or possibly have unspecified other impact via an AF_IRDA socket.", title: "CVE description", }, ], product_status: { recommended: [ "SUSE Linux Enterprise Live Patching 12 SP3:kgraft-patch-4_4_155-94_50-default-1-4.3.1.ppc64le", "SUSE Linux Enterprise Live Patching 12 SP3:kgraft-patch-4_4_155-94_50-default-1-4.3.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2018-6555", url: "https://www.suse.com/security/cve/CVE-2018-6555", }, { category: "external", summary: "SUSE Bug 1106509 for CVE-2018-6555", url: "https://bugzilla.suse.com/1106509", }, { category: "external", summary: "SUSE Bug 1106511 for CVE-2018-6555", url: "https://bugzilla.suse.com/1106511", }, { category: "external", summary: "SUSE Bug 1115893 for CVE-2018-6555", url: "https://bugzilla.suse.com/1115893", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE Linux Enterprise Live Patching 12 SP3:kgraft-patch-4_4_155-94_50-default-1-4.3.1.ppc64le", "SUSE Linux Enterprise Live Patching 12 SP3:kgraft-patch-4_4_155-94_50-default-1-4.3.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 4.4, baseSeverity: "MEDIUM", vectorString: "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:L", version: "3.0", }, products: [ "SUSE Linux Enterprise Live Patching 12 SP3:kgraft-patch-4_4_155-94_50-default-1-4.3.1.ppc64le", "SUSE Linux Enterprise Live Patching 12 SP3:kgraft-patch-4_4_155-94_50-default-1-4.3.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2018-09-20T16:27:21Z", details: "moderate", }, ], title: "CVE-2018-6555", }, { cve: "CVE-2018-9363", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2018-9363", }, ], notes: [ { category: "general", text: "In the hidp_process_report in bluetooth, there is an integer overflow. This could lead to an out of bounds write with no additional execution privileges needed. User interaction is not needed for exploitation. Product: Android Versions: Android kernel Android ID: A-65853588 References: Upstream kernel.", title: "CVE description", }, ], product_status: { recommended: [ "SUSE Linux Enterprise Live Patching 12 SP3:kgraft-patch-4_4_155-94_50-default-1-4.3.1.ppc64le", "SUSE Linux Enterprise Live Patching 12 SP3:kgraft-patch-4_4_155-94_50-default-1-4.3.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2018-9363", url: "https://www.suse.com/security/cve/CVE-2018-9363", }, { category: "external", summary: "SUSE Bug 1087082 for CVE-2018-9363", url: "https://bugzilla.suse.com/1087082", }, { category: "external", summary: "SUSE Bug 1105292 for CVE-2018-9363", url: "https://bugzilla.suse.com/1105292", }, { category: "external", summary: "SUSE Bug 1105293 for CVE-2018-9363", url: "https://bugzilla.suse.com/1105293", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE Linux Enterprise Live Patching 12 SP3:kgraft-patch-4_4_155-94_50-default-1-4.3.1.ppc64le", "SUSE Linux Enterprise Live Patching 12 SP3:kgraft-patch-4_4_155-94_50-default-1-4.3.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 8, baseSeverity: "HIGH", vectorString: "CVSS:3.0/AV:A/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H", version: "3.0", }, products: [ "SUSE Linux Enterprise Live Patching 12 SP3:kgraft-patch-4_4_155-94_50-default-1-4.3.1.ppc64le", "SUSE Linux Enterprise Live Patching 12 SP3:kgraft-patch-4_4_155-94_50-default-1-4.3.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2018-09-20T16:27:21Z", details: "important", }, ], title: "CVE-2018-9363", }, ], }
suse-su-2018:3088-1
Vulnerability from csaf_suse
Published
2018-10-09 11:51
Modified
2018-10-09 11:51
Summary
Security update for the Linux Kernel
Notes
Title of the patch
Security update for the Linux Kernel
Description of the patch
The SUSE Linux Enterprise 11 SP4 RT kernel was updated to receive various security and bugfixes.
The following security bugs were fixed:
- CVE-2018-14634: Prevent integer overflow in create_elf_tables that allowed a
local attacker to exploit this vulnerability via a SUID-root binary and obtain
full root privileges (bsc#1108912)
- CVE-2018-14617: Prevent NULL pointer dereference and panic in
hfsplus_lookup() when opening a file (that is purportedly a hard link) in an
hfs+ filesystem that has malformed catalog data, and is mounted read-only
without a metadata directory (bsc#1102870)
- CVE-2018-16276: Incorrect bounds checking in the yurex USB driver in
yurex_read allowed local attackers to use user access read/writes to crash the
kernel or potentially escalate privileges (bsc#1106095)
- CVE-2018-12896: Prevent integer overflow in the POSIX timer code that was
caused by the way the overrun accounting works. Depending on interval and
expiry time values, the overrun can be larger than INT_MAX, but the accounting
is int based. This basically made the accounting values, which are visible to
user space via timer_getoverrun(2) and siginfo::si_overrun, random. This
allowed a local user to cause a denial of service (signed integer overflow) via
crafted mmap, futex, timer_create, and timer_settime system calls (bnc#1099922)
- CVE-2018-10940: The cdrom_ioctl_media_changed function allowed local
attackers to use a incorrect bounds check in the CDROM driver
CDROM_MEDIA_CHANGED ioctl to read out kernel memory (bsc#1092903)
- CVE-2018-16658: Prevent information leak in cdrom_ioctl_drive_status that
could have been used by local attackers to read kernel memory (bnc#1107689)
- CVE-2018-6555: The irda_setsockopt function allowed local users to cause a
denial of service (ias_object use-after-free and system crash) or possibly have
unspecified other impact via an AF_IRDA socket (bnc#1106511)
- CVE-2018-6554: Prevent memory leak in the irda_bind function that allowed
local users to cause a denial of service (memory consumption) by repeatedly
binding an AF_IRDA socket (bnc#1106509)
- CVE-2018-15594: Ensure correct handling of indirect calls, to prevent
attackers for conducting Spectre-v2 attacks against paravirtual guests
(bsc#1105348)
- CVE-2018-15572: The spectre_v2_select_mitigation function did not always fill
RSB upon a context switch, which made it easier for attackers to conduct
userspace-userspace spectreRSB attacks (bnc#1102517)
- CVE-2018-10902: Protect against concurrent access to prevent double realloc
(double free) in snd_rawmidi_input_params() and snd_rawmidi_output_status(). A
malicious local attacker could have used this for privilege escalation
(bnc#1105322).
- CVE-2018-14734: ucma_leave_multicast accessed a certain data structure after
a cleanup step in ucma_process_join, which allowed attackers to cause a denial
of service (use-after-free) (bsc#1103119)
The following non-security bugs were fixed:
- ACPI: APEI / ERST: Fix missing error handling in erst_reader() (bsc#1045538).
- ALSA: fm801: propagate TUNER_ONLY bit when autodetected (bsc#1045538).
- ALSA: pcm: Fix snd_pcm_hw_params struct copy in compat mode (bsc#1045538).
- ALSA: pcm: Use dma_bytes as size parameter in dma_mmap_coherent() (bsc#1045538).
- ALSA: pcm: fix fifo_size frame calculation (bsc#1045538).
- ALSA: snd-aoa: add of_node_put() in error path (bsc#1045538).
- ALSA: usb-audio: Add sanity checks in v2 clock parsers (bsc#1045538).
- ALSA: usb-audio: Add sanity checks to FE parser (bsc#1045538).
- ALSA: usb-audio: Fix UAC2 get_ctl request with a RANGE attribute (bsc#1045538).
- ALSA: usb-audio: Fix bogus error return in snd_usb_create_stream() (bsc#1045538).
- ALSA: usb-audio: Fix parameter block size for UAC2 control requests (bsc#1045538).
- ALSA: usb-audio: Fix parsing descriptor of UAC2 processing unit (bsc#1045538).
- ALSA: usb-audio: Fix potential out-of-bound access at parsing SU (bsc#1045538).
- ALSA: usb-audio: Set correct type for some UAC2 mixer controls (bsc#1045538).
- ASoC: blackfin: Fix missing break (bsc#1045538).
- Enforce module signatures if the kernel is locked down (bsc#1093666).
- KVM: VMX: Work around kABI breakage in 'enum vmx_l1d_flush_state' (bsc#1106369).
- KVM: VMX: fixes for vmentry_l1d_flush module parameter (bsc#1106369).
- PCI: Fix TI816X class code quirk (bsc#1050431).
- Refresh patches.xen/xen3-x86-l1tf-04-protect-PROT_NONE-ptes.patch (bsc#1105100).
- TPM: Zero buffer whole after copying to userspace (bsc#1050381).
- USB: serial: io_ti: fix NULL-deref in interrupt callback (bsc#1106609).
- USB: serial: sierra: fix potential deadlock at close (bsc#1100132).
- applicom: dereferencing NULL on error path (git-fixes).
- ath5k: Change led pin configuration for compaq c700 laptop (bsc#1048185).
- base: make module_create_drivers_dir race-free (git-fixes).
- block: fix an error code in add_partition() (bsc#1106209).
- btrfs: scrub: Do not use inode page cache in scrub_handle_errored_block() (bsc#1108096).
- btrfs: scrub: Do not use inode pages for device replace (bsc#1107949).
- dasd: Add IFCC notice message (bnc#1104481, LTC#170484).
- drm/i915: Remove bogus __init annotation from DMI callbacks (bsc#1106886).
- drm/nouveau/gem: off by one bugs in nouveau_gem_pushbuf_reloc_apply() (bsc#1106886).
- drm/vmwgfx: Handle vmalloc() failure in vmw_local_fifo_reserve() (bsc#1106886).
- drm: crtc: integer overflow in drm_property_create_blob() (bsc#1106886).
- fbdev: omapfb: off by one in omapfb_register_client() (bsc#1106886).
- iommu/amd: Finish TLB flush in amd_iommu_unmap() (bsc#1106105).
- iommu/amd: Fix the left value check of cmd buffer (bsc#1106105).
- iommu/amd: Free domain id when free a domain of struct dma_ops_domain (bsc#1106105).
- iommu/amd: Update Alias-DTE in update_device_table() (bsc#1106105).
- iommu/vt-d: Do not over-free page table directories (bsc#1106105).
- iommu/vt-d: Ratelimit each dmar fault printing (bsc#1106105).
- ipv6: Regenerate host route according to node pointer upon loopback up (bsc#1100705).
- ipv6: correctly add local routes when lo goes up (bsc#1100705).
- ipv6: introduce ip6_rt_put() (bsc#1100705).
- ipv6: reallocate addrconf router for ipv6 address when lo device up (bsc#1100705).
- kabi: x86/speculation/l1tf: Increase l1tf memory limit for Nehalem+ (bnc#1105536).
- mm/hugetlb: add migration/hwpoisoned entry check in hugetlb_change_protection (bnc#1107071).
- mm/mempolicy.c: avoid use uninitialized preferred_node (bnc#1107064).
- modsign: log module name in the event of an error (bsc#1093666).
- modsign: print module name along with error message (bsc#1093666).
- module: make it clear when we're handling the module copy in info->hdr (bsc#1093666).
- module: setup load info before module_sig_check() (bsc#1093666).
- nbd: ratelimit error msgs after socket close (bsc#1106206).
- ncpfs: return proper error from NCP_IOC_SETROOT ioctl (bsc#1106199).
- perf/x86/intel: Add cpu_(prepare|starting|dying) for core_pmu (bsc#1104901).
- powerpc/64s: Default l1d_size to 64K in RFI fallback flush (bsc#1068032, git-fixes).
- powerpc/fadump: Do not use hugepages when fadump is active (bsc#1092772, bsc#1107650).
- powerpc/fadump: exclude memory holes while reserving memory in second kernel (bsc#1092772, bsc#1107650).
- powerpc/fadump: re-register firmware-assisted dump if already registered (bsc#1108170, bsc#1108823).
- powerpc/lib: Fix off-by-one in alternate feature patching (bsc#1064861).
- powerpc/lib: Fix the feature fixup tests to actually work (bsc#1064861).
- powerpc64s: Show ori31 availability in spectre_v1 sysfs file not v2 (bsc#1068032, bsc#1080157, git-fixes).
- powerpc: Avoid code patching freed init sections (bnc#1107735).
- powerpc: make feature-fixup tests fortify-safe (bsc#1064861).
- ptrace: fix PTRACE_LISTEN race corrupting task->state (bnc#1107001).
- qlge: Fix netdev features configuration (bsc#1098822).
- resource: fix integer overflow at reallocation (bsc#1045538).
- rpm/kernel-docs.spec.in: Expand kernel tree directly from sources (bsc#1057199)
- s390/ftrace: use expoline for indirect branches (bnc#1106930, LTC#171029).
- s390/kernel: use expoline for indirect branches (bnc#1106930, LTC#171029).
- s390/qeth: do not clobber buffer on async TX completion (bnc#1060245, LTC#170349).
- s390: Correct register corruption in critical section cleanup (bnc#1106930, LTC#171029).
- s390: add assembler macros for CPU alternatives (bnc#1106930, LTC#171029).
- s390: detect etoken facility (bnc#1106930, LTC#171029).
- s390: move expoline assembler macros to a header (bnc#1106930, LTC#171029).
- s390: move spectre sysfs attribute code (bnc#1106930, LTC#171029).
- s390: remove indirect branch from do_softirq_own_stack (bnc#1106930, LTC#171029).
- sys: do not hold uts_sem while accessing userspace memory (bnc#1106995).
- tpm: fix race condition in tpm_common_write() (bsc#1050381).
- tracing/blktrace: Fix to allow setting same value (bsc#1106212).
- tty: vt, fix bogus division in csi_J (git-fixes).
- tty: vt, return error when con_startup fails (git-fixes).
- uml: fix hostfs mknod() (bsc#1106202).
- usb: audio-v2: Correct the comment for struct uac_clock_selector_descriptor (bsc#1045538).
- usbip: vhci_sysfs: fix potential Spectre v1 (bsc#1096547).
- x86, l1tf: Protect PROT_NONE PTEs against speculation fixup (bnc#1104684, bnc#1104818).
- x86/speculation/l1tf: Fix overflow in l1tf_pfn_limit() on 32bit (bnc#1087081).
- x86/init: fix build with CONFIG_SWAP=n (bsc#1105723).
- x86/mm: Prevent kernel Oops in PTDUMP code with HIGHPTE=y (bsc#1106105).
- x86/speculation/l1tf: Fix off-by-one error when warning that system has too much RAM (bnc#1105536).
- x86/speculation/l1tf: Increase l1tf memory limit for Nehalem+ (bnc#1105536).
- x86/speculation/l1tf: Suggest what to do on systems with too much RAM (bnc#1105536).
- x86/vdso: Fix vDSO build if a retpoline is emitted (git-fixes).
- xen x86/speculation/l1tf: Fix off-by-one error when warning that system has too much RAM (bnc#1105536).
- xen x86/speculation/l1tf: Increase l1tf memory limit for Nehalem+ (bnc#1105536).
- xen, x86, l1tf: Protect PROT_NONE PTEs against speculation fixup (bnc#1104684, bnc#1104818).
- xen: x86/speculation/l1tf: Fix overflow in l1tf_pfn_limit() on 32bit (bnc#1087081).
Patchnames
slertesp4-linux-kernel-13810
Terms of use
CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).
{ document: { aggregate_severity: { namespace: "https://www.suse.com/support/security/rating/", text: "important", }, category: "csaf_security_advisory", csaf_version: "2.0", distribution: { text: "Copyright 2024 SUSE LLC. All rights reserved.", tlp: { label: "WHITE", url: "https://www.first.org/tlp/", }, }, lang: "en", notes: [ { category: "summary", text: "Security update for the Linux Kernel", title: "Title of the patch", }, { category: "description", text: "\nThe SUSE Linux Enterprise 11 SP4 RT kernel was updated to receive various security and bugfixes.\n\nThe following security bugs were fixed:\n\n- CVE-2018-14634: Prevent integer overflow in create_elf_tables that allowed a\n local attacker to exploit this vulnerability via a SUID-root binary and obtain\n full root privileges (bsc#1108912)\n- CVE-2018-14617: Prevent NULL pointer dereference and panic in\n hfsplus_lookup() when opening a file (that is purportedly a hard link) in an\n hfs+ filesystem that has malformed catalog data, and is mounted read-only\n without a metadata directory (bsc#1102870)\n- CVE-2018-16276: Incorrect bounds checking in the yurex USB driver in\n yurex_read allowed local attackers to use user access read/writes to crash the\n kernel or potentially escalate privileges (bsc#1106095)\n- CVE-2018-12896: Prevent integer overflow in the POSIX timer code that was\n caused by the way the overrun accounting works. Depending on interval and\n expiry time values, the overrun can be larger than INT_MAX, but the accounting\n is int based. This basically made the accounting values, which are visible to\n user space via timer_getoverrun(2) and siginfo::si_overrun, random. This\n allowed a local user to cause a denial of service (signed integer overflow) via\n crafted mmap, futex, timer_create, and timer_settime system calls (bnc#1099922)\n- CVE-2018-10940: The cdrom_ioctl_media_changed function allowed local\n attackers to use a incorrect bounds check in the CDROM driver\n CDROM_MEDIA_CHANGED ioctl to read out kernel memory (bsc#1092903)\n- CVE-2018-16658: Prevent information leak in cdrom_ioctl_drive_status that\n could have been used by local attackers to read kernel memory (bnc#1107689)\n- CVE-2018-6555: The irda_setsockopt function allowed local users to cause a\n denial of service (ias_object use-after-free and system crash) or possibly have\n unspecified other impact via an AF_IRDA socket (bnc#1106511)\n- CVE-2018-6554: Prevent memory leak in the irda_bind function that allowed\n local users to cause a denial of service (memory consumption) by repeatedly\n binding an AF_IRDA socket (bnc#1106509)\n- CVE-2018-15594: Ensure correct handling of indirect calls, to prevent\n attackers for conducting Spectre-v2 attacks against paravirtual guests\n (bsc#1105348)\n- CVE-2018-15572: The spectre_v2_select_mitigation function did not always fill\n RSB upon a context switch, which made it easier for attackers to conduct\n userspace-userspace spectreRSB attacks (bnc#1102517)\n- CVE-2018-10902: Protect against concurrent access to prevent double realloc\n (double free) in snd_rawmidi_input_params() and snd_rawmidi_output_status(). A\n malicious local attacker could have used this for privilege escalation\n (bnc#1105322).\n- CVE-2018-14734: ucma_leave_multicast accessed a certain data structure after\n a cleanup step in ucma_process_join, which allowed attackers to cause a denial\n of service (use-after-free) (bsc#1103119)\n\nThe following non-security bugs were fixed:\n\n- ACPI: APEI / ERST: Fix missing error handling in erst_reader() (bsc#1045538).\n- ALSA: fm801: propagate TUNER_ONLY bit when autodetected (bsc#1045538).\n- ALSA: pcm: Fix snd_pcm_hw_params struct copy in compat mode (bsc#1045538).\n- ALSA: pcm: Use dma_bytes as size parameter in dma_mmap_coherent() (bsc#1045538).\n- ALSA: pcm: fix fifo_size frame calculation (bsc#1045538).\n- ALSA: snd-aoa: add of_node_put() in error path (bsc#1045538).\n- ALSA: usb-audio: Add sanity checks in v2 clock parsers (bsc#1045538).\n- ALSA: usb-audio: Add sanity checks to FE parser (bsc#1045538).\n- ALSA: usb-audio: Fix UAC2 get_ctl request with a RANGE attribute (bsc#1045538).\n- ALSA: usb-audio: Fix bogus error return in snd_usb_create_stream() (bsc#1045538).\n- ALSA: usb-audio: Fix parameter block size for UAC2 control requests (bsc#1045538).\n- ALSA: usb-audio: Fix parsing descriptor of UAC2 processing unit (bsc#1045538).\n- ALSA: usb-audio: Fix potential out-of-bound access at parsing SU (bsc#1045538).\n- ALSA: usb-audio: Set correct type for some UAC2 mixer controls (bsc#1045538).\n- ASoC: blackfin: Fix missing break (bsc#1045538).\n- Enforce module signatures if the kernel is locked down (bsc#1093666).\n- KVM: VMX: Work around kABI breakage in 'enum vmx_l1d_flush_state' (bsc#1106369).\n- KVM: VMX: fixes for vmentry_l1d_flush module parameter (bsc#1106369).\n- PCI: Fix TI816X class code quirk (bsc#1050431).\n- Refresh patches.xen/xen3-x86-l1tf-04-protect-PROT_NONE-ptes.patch (bsc#1105100).\n- TPM: Zero buffer whole after copying to userspace (bsc#1050381).\n- USB: serial: io_ti: fix NULL-deref in interrupt callback (bsc#1106609).\n- USB: serial: sierra: fix potential deadlock at close (bsc#1100132).\n- applicom: dereferencing NULL on error path (git-fixes).\n- ath5k: Change led pin configuration for compaq c700 laptop (bsc#1048185).\n- base: make module_create_drivers_dir race-free (git-fixes).\n- block: fix an error code in add_partition() (bsc#1106209).\n- btrfs: scrub: Do not use inode page cache in scrub_handle_errored_block() (bsc#1108096).\n- btrfs: scrub: Do not use inode pages for device replace (bsc#1107949).\n- dasd: Add IFCC notice message (bnc#1104481, LTC#170484).\n- drm/i915: Remove bogus __init annotation from DMI callbacks (bsc#1106886).\n- drm/nouveau/gem: off by one bugs in nouveau_gem_pushbuf_reloc_apply() (bsc#1106886).\n- drm/vmwgfx: Handle vmalloc() failure in vmw_local_fifo_reserve() (bsc#1106886).\n- drm: crtc: integer overflow in drm_property_create_blob() (bsc#1106886).\n- fbdev: omapfb: off by one in omapfb_register_client() (bsc#1106886).\n- iommu/amd: Finish TLB flush in amd_iommu_unmap() (bsc#1106105).\n- iommu/amd: Fix the left value check of cmd buffer (bsc#1106105).\n- iommu/amd: Free domain id when free a domain of struct dma_ops_domain (bsc#1106105).\n- iommu/amd: Update Alias-DTE in update_device_table() (bsc#1106105).\n- iommu/vt-d: Do not over-free page table directories (bsc#1106105).\n- iommu/vt-d: Ratelimit each dmar fault printing (bsc#1106105).\n- ipv6: Regenerate host route according to node pointer upon loopback up (bsc#1100705).\n- ipv6: correctly add local routes when lo goes up (bsc#1100705).\n- ipv6: introduce ip6_rt_put() (bsc#1100705).\n- ipv6: reallocate addrconf router for ipv6 address when lo device up (bsc#1100705).\n- kabi: x86/speculation/l1tf: Increase l1tf memory limit for Nehalem+ (bnc#1105536).\n- mm/hugetlb: add migration/hwpoisoned entry check in hugetlb_change_protection (bnc#1107071).\n- mm/mempolicy.c: avoid use uninitialized preferred_node (bnc#1107064).\n- modsign: log module name in the event of an error (bsc#1093666).\n- modsign: print module name along with error message (bsc#1093666).\n- module: make it clear when we're handling the module copy in info->hdr (bsc#1093666).\n- module: setup load info before module_sig_check() (bsc#1093666).\n- nbd: ratelimit error msgs after socket close (bsc#1106206).\n- ncpfs: return proper error from NCP_IOC_SETROOT ioctl (bsc#1106199).\n- perf/x86/intel: Add cpu_(prepare|starting|dying) for core_pmu (bsc#1104901).\n- powerpc/64s: Default l1d_size to 64K in RFI fallback flush (bsc#1068032, git-fixes).\n- powerpc/fadump: Do not use hugepages when fadump is active (bsc#1092772, bsc#1107650).\n- powerpc/fadump: exclude memory holes while reserving memory in second kernel (bsc#1092772, bsc#1107650).\n- powerpc/fadump: re-register firmware-assisted dump if already registered (bsc#1108170, bsc#1108823).\n- powerpc/lib: Fix off-by-one in alternate feature patching (bsc#1064861).\n- powerpc/lib: Fix the feature fixup tests to actually work (bsc#1064861).\n- powerpc64s: Show ori31 availability in spectre_v1 sysfs file not v2 (bsc#1068032, bsc#1080157, git-fixes).\n- powerpc: Avoid code patching freed init sections (bnc#1107735).\n- powerpc: make feature-fixup tests fortify-safe (bsc#1064861).\n- ptrace: fix PTRACE_LISTEN race corrupting task->state (bnc#1107001).\n- qlge: Fix netdev features configuration (bsc#1098822).\n- resource: fix integer overflow at reallocation (bsc#1045538).\n- rpm/kernel-docs.spec.in: Expand kernel tree directly from sources (bsc#1057199)\n- s390/ftrace: use expoline for indirect branches (bnc#1106930, LTC#171029).\n- s390/kernel: use expoline for indirect branches (bnc#1106930, LTC#171029).\n- s390/qeth: do not clobber buffer on async TX completion (bnc#1060245, LTC#170349).\n- s390: Correct register corruption in critical section cleanup (bnc#1106930, LTC#171029).\n- s390: add assembler macros for CPU alternatives (bnc#1106930, LTC#171029).\n- s390: detect etoken facility (bnc#1106930, LTC#171029).\n- s390: move expoline assembler macros to a header (bnc#1106930, LTC#171029).\n- s390: move spectre sysfs attribute code (bnc#1106930, LTC#171029).\n- s390: remove indirect branch from do_softirq_own_stack (bnc#1106930, LTC#171029).\n- sys: do not hold uts_sem while accessing userspace memory (bnc#1106995).\n- tpm: fix race condition in tpm_common_write() (bsc#1050381).\n- tracing/blktrace: Fix to allow setting same value (bsc#1106212).\n- tty: vt, fix bogus division in csi_J (git-fixes).\n- tty: vt, return error when con_startup fails (git-fixes).\n- uml: fix hostfs mknod() (bsc#1106202).\n- usb: audio-v2: Correct the comment for struct uac_clock_selector_descriptor (bsc#1045538).\n- usbip: vhci_sysfs: fix potential Spectre v1 (bsc#1096547).\n- x86, l1tf: Protect PROT_NONE PTEs against speculation fixup (bnc#1104684, bnc#1104818).\n- x86/speculation/l1tf: Fix overflow in l1tf_pfn_limit() on 32bit (bnc#1087081).\n- x86/init: fix build with CONFIG_SWAP=n (bsc#1105723).\n- x86/mm: Prevent kernel Oops in PTDUMP code with HIGHPTE=y (bsc#1106105).\n- x86/speculation/l1tf: Fix off-by-one error when warning that system has too much RAM (bnc#1105536).\n- x86/speculation/l1tf: Increase l1tf memory limit for Nehalem+ (bnc#1105536).\n- x86/speculation/l1tf: Suggest what to do on systems with too much RAM (bnc#1105536).\n- x86/vdso: Fix vDSO build if a retpoline is emitted (git-fixes).\n- xen x86/speculation/l1tf: Fix off-by-one error when warning that system has too much RAM (bnc#1105536).\n- xen x86/speculation/l1tf: Increase l1tf memory limit for Nehalem+ (bnc#1105536).\n- xen, x86, l1tf: Protect PROT_NONE PTEs against speculation fixup (bnc#1104684, bnc#1104818).\n- xen: x86/speculation/l1tf: Fix overflow in l1tf_pfn_limit() on 32bit (bnc#1087081).\n", title: "Description of the patch", }, { category: "details", text: "slertesp4-linux-kernel-13810", title: "Patchnames", }, { category: "legal_disclaimer", text: "CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).", title: "Terms of use", }, ], publisher: { category: "vendor", contact_details: "https://www.suse.com/support/security/contact/", name: "SUSE Product Security Team", namespace: "https://www.suse.com/", }, references: [ { category: "external", summary: "SUSE ratings", url: "https://www.suse.com/support/security/rating/", }, { category: "self", summary: "URL of this CSAF notice", url: "https://ftp.suse.com/pub/projects/security/csaf/suse-su-2018_3088-1.json", }, { category: "self", summary: "URL for SUSE-SU-2018:3088-1", url: "https://www.suse.com/support/update/announcement/2018/suse-su-20183088-1/", }, { category: "self", summary: "E-Mail link for SUSE-SU-2018:3088-1", url: "https://lists.suse.com/pipermail/sle-security-updates/2018-October/004661.html", }, { category: "self", summary: "SUSE Bug 1045538", url: "https://bugzilla.suse.com/1045538", }, { category: "self", summary: "SUSE Bug 1048185", url: "https://bugzilla.suse.com/1048185", }, { category: "self", summary: "SUSE Bug 1050381", url: "https://bugzilla.suse.com/1050381", }, { category: "self", summary: "SUSE Bug 1050431", url: "https://bugzilla.suse.com/1050431", }, { category: "self", summary: "SUSE Bug 1057199", url: "https://bugzilla.suse.com/1057199", }, { category: "self", summary: "SUSE Bug 1060245", url: "https://bugzilla.suse.com/1060245", }, { category: "self", summary: "SUSE Bug 1064861", url: "https://bugzilla.suse.com/1064861", }, { category: "self", summary: "SUSE Bug 1068032", url: "https://bugzilla.suse.com/1068032", }, { category: "self", summary: "SUSE Bug 1080157", url: "https://bugzilla.suse.com/1080157", }, { category: "self", summary: "SUSE Bug 1087081", url: "https://bugzilla.suse.com/1087081", }, { category: "self", summary: "SUSE Bug 1092772", url: "https://bugzilla.suse.com/1092772", }, { category: "self", summary: "SUSE Bug 1092903", url: "https://bugzilla.suse.com/1092903", }, { category: "self", summary: "SUSE Bug 1093666", url: "https://bugzilla.suse.com/1093666", }, { category: "self", summary: "SUSE Bug 1096547", url: "https://bugzilla.suse.com/1096547", }, { category: "self", summary: "SUSE Bug 1098822", url: "https://bugzilla.suse.com/1098822", }, { category: "self", summary: "SUSE Bug 1099922", url: "https://bugzilla.suse.com/1099922", }, { category: "self", summary: "SUSE Bug 1100132", url: "https://bugzilla.suse.com/1100132", }, { category: "self", summary: "SUSE Bug 1100705", url: "https://bugzilla.suse.com/1100705", }, { category: "self", summary: "SUSE Bug 1102517", url: "https://bugzilla.suse.com/1102517", }, { category: "self", summary: "SUSE Bug 1102870", url: "https://bugzilla.suse.com/1102870", }, { category: "self", summary: "SUSE Bug 1103119", url: "https://bugzilla.suse.com/1103119", }, { category: "self", summary: "SUSE Bug 1104481", url: "https://bugzilla.suse.com/1104481", }, { category: "self", summary: "SUSE Bug 1104684", url: "https://bugzilla.suse.com/1104684", }, { category: "self", summary: "SUSE Bug 1104818", url: "https://bugzilla.suse.com/1104818", }, { category: "self", summary: "SUSE Bug 1104901", url: "https://bugzilla.suse.com/1104901", }, { category: "self", summary: "SUSE Bug 1105100", url: "https://bugzilla.suse.com/1105100", }, { category: "self", summary: "SUSE Bug 1105322", url: "https://bugzilla.suse.com/1105322", }, { category: "self", summary: "SUSE Bug 1105348", url: "https://bugzilla.suse.com/1105348", }, { category: "self", summary: "SUSE Bug 1105536", url: "https://bugzilla.suse.com/1105536", }, { category: "self", summary: "SUSE Bug 1105723", url: "https://bugzilla.suse.com/1105723", }, { category: "self", summary: "SUSE Bug 1106095", url: "https://bugzilla.suse.com/1106095", }, { category: "self", summary: "SUSE Bug 1106105", url: "https://bugzilla.suse.com/1106105", }, { category: "self", summary: "SUSE Bug 1106199", url: "https://bugzilla.suse.com/1106199", }, { category: "self", summary: "SUSE Bug 1106202", url: "https://bugzilla.suse.com/1106202", }, { category: "self", summary: "SUSE Bug 1106206", url: "https://bugzilla.suse.com/1106206", }, { category: "self", summary: "SUSE Bug 1106209", url: "https://bugzilla.suse.com/1106209", }, { category: "self", summary: "SUSE Bug 1106212", url: "https://bugzilla.suse.com/1106212", }, { category: "self", summary: "SUSE Bug 1106369", url: "https://bugzilla.suse.com/1106369", }, { category: "self", summary: "SUSE Bug 1106509", url: "https://bugzilla.suse.com/1106509", }, { category: "self", summary: "SUSE Bug 1106511", url: "https://bugzilla.suse.com/1106511", }, { category: "self", summary: "SUSE Bug 1106609", url: "https://bugzilla.suse.com/1106609", }, { category: "self", summary: "SUSE Bug 1106886", url: "https://bugzilla.suse.com/1106886", }, { category: "self", summary: "SUSE Bug 1106930", url: "https://bugzilla.suse.com/1106930", }, { category: "self", summary: "SUSE Bug 1106995", url: "https://bugzilla.suse.com/1106995", }, { category: "self", summary: "SUSE Bug 1107001", url: "https://bugzilla.suse.com/1107001", }, { category: "self", summary: "SUSE Bug 1107064", url: "https://bugzilla.suse.com/1107064", }, { category: "self", summary: "SUSE Bug 1107071", url: "https://bugzilla.suse.com/1107071", }, { category: "self", summary: "SUSE Bug 1107650", url: "https://bugzilla.suse.com/1107650", }, { category: "self", summary: "SUSE Bug 1107689", url: "https://bugzilla.suse.com/1107689", }, { category: "self", summary: "SUSE Bug 1107735", url: "https://bugzilla.suse.com/1107735", }, { category: "self", summary: "SUSE Bug 1107949", url: "https://bugzilla.suse.com/1107949", }, { category: "self", summary: "SUSE Bug 1108096", url: "https://bugzilla.suse.com/1108096", }, { category: "self", summary: "SUSE Bug 1108170", url: "https://bugzilla.suse.com/1108170", }, { category: "self", summary: "SUSE Bug 1108823", url: "https://bugzilla.suse.com/1108823", }, { category: "self", summary: "SUSE Bug 1108912", url: "https://bugzilla.suse.com/1108912", }, { category: "self", summary: "SUSE CVE CVE-2018-10902 page", url: "https://www.suse.com/security/cve/CVE-2018-10902/", }, { category: "self", summary: "SUSE CVE CVE-2018-10940 page", url: "https://www.suse.com/security/cve/CVE-2018-10940/", }, { category: "self", summary: "SUSE CVE CVE-2018-12896 page", url: "https://www.suse.com/security/cve/CVE-2018-12896/", }, { category: "self", summary: "SUSE CVE CVE-2018-14617 page", url: "https://www.suse.com/security/cve/CVE-2018-14617/", }, { category: "self", summary: "SUSE CVE CVE-2018-14634 page", url: "https://www.suse.com/security/cve/CVE-2018-14634/", }, { category: "self", summary: "SUSE CVE CVE-2018-14734 page", url: "https://www.suse.com/security/cve/CVE-2018-14734/", }, { category: "self", summary: "SUSE CVE CVE-2018-15572 page", url: "https://www.suse.com/security/cve/CVE-2018-15572/", }, { category: "self", summary: "SUSE CVE CVE-2018-15594 page", url: "https://www.suse.com/security/cve/CVE-2018-15594/", }, { category: "self", summary: "SUSE CVE CVE-2018-16276 page", url: "https://www.suse.com/security/cve/CVE-2018-16276/", }, { category: "self", summary: "SUSE CVE CVE-2018-16658 page", url: "https://www.suse.com/security/cve/CVE-2018-16658/", }, { category: "self", summary: "SUSE CVE CVE-2018-6554 page", url: "https://www.suse.com/security/cve/CVE-2018-6554/", }, { category: "self", summary: "SUSE CVE CVE-2018-6555 page", url: "https://www.suse.com/security/cve/CVE-2018-6555/", }, ], title: "Security update for the Linux Kernel", tracking: { current_release_date: "2018-10-09T11:51:04Z", generator: { date: "2018-10-09T11:51:04Z", engine: { name: "cve-database.git:bin/generate-csaf.pl", version: "1", }, }, id: "SUSE-SU-2018:3088-1", initial_release_date: "2018-10-09T11:51:04Z", revision_history: [ { date: "2018-10-09T11:51:04Z", number: "1", summary: "Current version", }, ], status: "final", version: "1", }, }, product_tree: { branches: [ { branches: [ { branches: [ { category: "product_version", name: "kernel-rt-3.0.101.rt130-69.36.1.x86_64", product: { name: "kernel-rt-3.0.101.rt130-69.36.1.x86_64", product_id: "kernel-rt-3.0.101.rt130-69.36.1.x86_64", }, }, { category: "product_version", name: "kernel-rt-base-3.0.101.rt130-69.36.1.x86_64", product: { name: "kernel-rt-base-3.0.101.rt130-69.36.1.x86_64", product_id: "kernel-rt-base-3.0.101.rt130-69.36.1.x86_64", }, }, { category: "product_version", name: "kernel-rt-devel-3.0.101.rt130-69.36.1.x86_64", product: { name: "kernel-rt-devel-3.0.101.rt130-69.36.1.x86_64", product_id: "kernel-rt-devel-3.0.101.rt130-69.36.1.x86_64", }, }, { category: "product_version", name: "kernel-rt_trace-3.0.101.rt130-69.36.1.x86_64", product: { name: "kernel-rt_trace-3.0.101.rt130-69.36.1.x86_64", product_id: "kernel-rt_trace-3.0.101.rt130-69.36.1.x86_64", }, }, { category: "product_version", name: "kernel-rt_trace-base-3.0.101.rt130-69.36.1.x86_64", product: { name: "kernel-rt_trace-base-3.0.101.rt130-69.36.1.x86_64", product_id: "kernel-rt_trace-base-3.0.101.rt130-69.36.1.x86_64", }, }, { category: "product_version", name: "kernel-rt_trace-devel-3.0.101.rt130-69.36.1.x86_64", product: { name: "kernel-rt_trace-devel-3.0.101.rt130-69.36.1.x86_64", product_id: "kernel-rt_trace-devel-3.0.101.rt130-69.36.1.x86_64", }, }, { category: "product_version", name: "kernel-source-rt-3.0.101.rt130-69.36.1.x86_64", product: { name: "kernel-source-rt-3.0.101.rt130-69.36.1.x86_64", product_id: "kernel-source-rt-3.0.101.rt130-69.36.1.x86_64", }, }, { category: "product_version", name: "kernel-syms-rt-3.0.101.rt130-69.36.1.x86_64", product: { name: "kernel-syms-rt-3.0.101.rt130-69.36.1.x86_64", product_id: "kernel-syms-rt-3.0.101.rt130-69.36.1.x86_64", }, }, ], category: "architecture", name: "x86_64", }, { branches: [ { category: "product_name", name: "SUSE Linux Enterprise Real Time 11 SP4", product: { name: "SUSE Linux Enterprise Real Time 11 SP4", product_id: "SUSE Linux Enterprise Real Time 11 SP4", product_identification_helper: { cpe: "cpe:/a:suse:suse-linux-enterprise-rt:11:sp4", }, }, }, ], category: "product_family", name: "SUSE Linux Enterprise", }, ], category: "vendor", name: "SUSE", }, ], relationships: [ { category: "default_component_of", full_product_name: { name: "kernel-rt-3.0.101.rt130-69.36.1.x86_64 as component of SUSE Linux Enterprise Real Time 11 SP4", product_id: "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-3.0.101.rt130-69.36.1.x86_64", }, product_reference: "kernel-rt-3.0.101.rt130-69.36.1.x86_64", relates_to_product_reference: "SUSE Linux Enterprise Real Time 11 SP4", }, { category: "default_component_of", full_product_name: { name: "kernel-rt-base-3.0.101.rt130-69.36.1.x86_64 as component of SUSE Linux Enterprise Real Time 11 SP4", product_id: "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-base-3.0.101.rt130-69.36.1.x86_64", }, product_reference: "kernel-rt-base-3.0.101.rt130-69.36.1.x86_64", relates_to_product_reference: "SUSE Linux Enterprise Real Time 11 SP4", }, { category: "default_component_of", full_product_name: { name: "kernel-rt-devel-3.0.101.rt130-69.36.1.x86_64 as component of SUSE Linux Enterprise Real Time 11 SP4", product_id: "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-devel-3.0.101.rt130-69.36.1.x86_64", }, product_reference: "kernel-rt-devel-3.0.101.rt130-69.36.1.x86_64", relates_to_product_reference: "SUSE Linux Enterprise Real Time 11 SP4", }, { category: "default_component_of", full_product_name: { name: "kernel-rt_trace-3.0.101.rt130-69.36.1.x86_64 as component of SUSE Linux Enterprise Real Time 11 SP4", product_id: "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-3.0.101.rt130-69.36.1.x86_64", }, product_reference: "kernel-rt_trace-3.0.101.rt130-69.36.1.x86_64", relates_to_product_reference: "SUSE Linux Enterprise Real Time 11 SP4", }, { category: "default_component_of", full_product_name: { name: "kernel-rt_trace-base-3.0.101.rt130-69.36.1.x86_64 as component of SUSE Linux Enterprise Real Time 11 SP4", product_id: "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-base-3.0.101.rt130-69.36.1.x86_64", }, product_reference: "kernel-rt_trace-base-3.0.101.rt130-69.36.1.x86_64", relates_to_product_reference: "SUSE Linux Enterprise Real Time 11 SP4", }, { category: "default_component_of", full_product_name: { name: "kernel-rt_trace-devel-3.0.101.rt130-69.36.1.x86_64 as component of SUSE Linux Enterprise Real Time 11 SP4", product_id: "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-devel-3.0.101.rt130-69.36.1.x86_64", }, product_reference: "kernel-rt_trace-devel-3.0.101.rt130-69.36.1.x86_64", relates_to_product_reference: "SUSE Linux Enterprise Real Time 11 SP4", }, { category: "default_component_of", full_product_name: { name: "kernel-source-rt-3.0.101.rt130-69.36.1.x86_64 as component of SUSE Linux Enterprise Real Time 11 SP4", product_id: "SUSE Linux Enterprise Real Time 11 SP4:kernel-source-rt-3.0.101.rt130-69.36.1.x86_64", }, product_reference: "kernel-source-rt-3.0.101.rt130-69.36.1.x86_64", relates_to_product_reference: "SUSE Linux Enterprise Real Time 11 SP4", }, { category: "default_component_of", full_product_name: { name: "kernel-syms-rt-3.0.101.rt130-69.36.1.x86_64 as component of SUSE Linux Enterprise Real Time 11 SP4", product_id: "SUSE Linux Enterprise Real Time 11 SP4:kernel-syms-rt-3.0.101.rt130-69.36.1.x86_64", }, product_reference: "kernel-syms-rt-3.0.101.rt130-69.36.1.x86_64", relates_to_product_reference: "SUSE Linux Enterprise Real Time 11 SP4", }, ], }, vulnerabilities: [ { cve: "CVE-2018-10902", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2018-10902", }, ], notes: [ { category: "general", text: "It was found that the raw midi kernel driver does not protect against concurrent access which leads to a double realloc (double free) in snd_rawmidi_input_params() and snd_rawmidi_output_status() which are part of snd_rawmidi_ioctl() handler in rawmidi.c file. A malicious local attacker could possibly use this for privilege escalation.", title: "CVE description", }, ], product_status: { recommended: [ "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-3.0.101.rt130-69.36.1.x86_64", "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-base-3.0.101.rt130-69.36.1.x86_64", "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-devel-3.0.101.rt130-69.36.1.x86_64", "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-3.0.101.rt130-69.36.1.x86_64", "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-base-3.0.101.rt130-69.36.1.x86_64", "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-devel-3.0.101.rt130-69.36.1.x86_64", "SUSE Linux Enterprise Real Time 11 SP4:kernel-source-rt-3.0.101.rt130-69.36.1.x86_64", "SUSE Linux Enterprise Real Time 11 SP4:kernel-syms-rt-3.0.101.rt130-69.36.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2018-10902", url: "https://www.suse.com/security/cve/CVE-2018-10902", }, { category: "external", summary: "SUSE Bug 1105322 for CVE-2018-10902", url: "https://bugzilla.suse.com/1105322", }, { category: "external", summary: "SUSE Bug 1105323 for CVE-2018-10902", url: "https://bugzilla.suse.com/1105323", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-3.0.101.rt130-69.36.1.x86_64", "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-base-3.0.101.rt130-69.36.1.x86_64", "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-devel-3.0.101.rt130-69.36.1.x86_64", "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-3.0.101.rt130-69.36.1.x86_64", "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-base-3.0.101.rt130-69.36.1.x86_64", "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-devel-3.0.101.rt130-69.36.1.x86_64", "SUSE Linux Enterprise Real Time 11 SP4:kernel-source-rt-3.0.101.rt130-69.36.1.x86_64", "SUSE Linux Enterprise Real Time 11 SP4:kernel-syms-rt-3.0.101.rt130-69.36.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 7, baseSeverity: "HIGH", vectorString: "CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H", version: "3.0", }, products: [ "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-3.0.101.rt130-69.36.1.x86_64", "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-base-3.0.101.rt130-69.36.1.x86_64", "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-devel-3.0.101.rt130-69.36.1.x86_64", "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-3.0.101.rt130-69.36.1.x86_64", "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-base-3.0.101.rt130-69.36.1.x86_64", "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-devel-3.0.101.rt130-69.36.1.x86_64", "SUSE Linux Enterprise Real Time 11 SP4:kernel-source-rt-3.0.101.rt130-69.36.1.x86_64", "SUSE Linux Enterprise Real Time 11 SP4:kernel-syms-rt-3.0.101.rt130-69.36.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2018-10-09T11:51:04Z", details: "moderate", }, ], title: "CVE-2018-10902", }, { cve: "CVE-2018-10940", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2018-10940", }, ], notes: [ { category: "general", text: "The cdrom_ioctl_media_changed function in drivers/cdrom/cdrom.c in the Linux kernel before 4.16.6 allows local attackers to use a incorrect bounds check in the CDROM driver CDROM_MEDIA_CHANGED ioctl to read out kernel memory.", title: "CVE description", }, ], product_status: { recommended: [ "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-3.0.101.rt130-69.36.1.x86_64", "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-base-3.0.101.rt130-69.36.1.x86_64", "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-devel-3.0.101.rt130-69.36.1.x86_64", "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-3.0.101.rt130-69.36.1.x86_64", "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-base-3.0.101.rt130-69.36.1.x86_64", "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-devel-3.0.101.rt130-69.36.1.x86_64", "SUSE Linux Enterprise Real Time 11 SP4:kernel-source-rt-3.0.101.rt130-69.36.1.x86_64", "SUSE Linux Enterprise Real Time 11 SP4:kernel-syms-rt-3.0.101.rt130-69.36.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2018-10940", url: "https://www.suse.com/security/cve/CVE-2018-10940", }, { category: "external", summary: "SUSE Bug 1087082 for CVE-2018-10940", url: "https://bugzilla.suse.com/1087082", }, { category: "external", summary: "SUSE Bug 1092903 for CVE-2018-10940", url: "https://bugzilla.suse.com/1092903", }, { category: "external", summary: "SUSE Bug 1107689 for CVE-2018-10940", url: "https://bugzilla.suse.com/1107689", }, { category: "external", summary: "SUSE Bug 1113751 for CVE-2018-10940", url: "https://bugzilla.suse.com/1113751", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-3.0.101.rt130-69.36.1.x86_64", "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-base-3.0.101.rt130-69.36.1.x86_64", "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-devel-3.0.101.rt130-69.36.1.x86_64", "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-3.0.101.rt130-69.36.1.x86_64", "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-base-3.0.101.rt130-69.36.1.x86_64", "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-devel-3.0.101.rt130-69.36.1.x86_64", "SUSE Linux Enterprise Real Time 11 SP4:kernel-source-rt-3.0.101.rt130-69.36.1.x86_64", "SUSE Linux Enterprise Real Time 11 SP4:kernel-syms-rt-3.0.101.rt130-69.36.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 6.2, baseSeverity: "MEDIUM", vectorString: "CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N", version: "3.0", }, products: [ "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-3.0.101.rt130-69.36.1.x86_64", "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-base-3.0.101.rt130-69.36.1.x86_64", "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-devel-3.0.101.rt130-69.36.1.x86_64", "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-3.0.101.rt130-69.36.1.x86_64", "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-base-3.0.101.rt130-69.36.1.x86_64", "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-devel-3.0.101.rt130-69.36.1.x86_64", "SUSE Linux Enterprise Real Time 11 SP4:kernel-source-rt-3.0.101.rt130-69.36.1.x86_64", "SUSE Linux Enterprise Real Time 11 SP4:kernel-syms-rt-3.0.101.rt130-69.36.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2018-10-09T11:51:04Z", details: "moderate", }, ], title: "CVE-2018-10940", }, { cve: "CVE-2018-12896", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2018-12896", }, ], notes: [ { category: "general", text: "An issue was discovered in the Linux kernel through 4.17.3. An Integer Overflow in kernel/time/posix-timers.c in the POSIX timer code is caused by the way the overrun accounting works. Depending on interval and expiry time values, the overrun can be larger than INT_MAX, but the accounting is int based. This basically makes the accounting values, which are visible to user space via timer_getoverrun(2) and siginfo::si_overrun, random. For example, a local user can cause a denial of service (signed integer overflow) via crafted mmap, futex, timer_create, and timer_settime system calls.", title: "CVE description", }, ], product_status: { recommended: [ "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-3.0.101.rt130-69.36.1.x86_64", "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-base-3.0.101.rt130-69.36.1.x86_64", "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-devel-3.0.101.rt130-69.36.1.x86_64", "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-3.0.101.rt130-69.36.1.x86_64", "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-base-3.0.101.rt130-69.36.1.x86_64", "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-devel-3.0.101.rt130-69.36.1.x86_64", "SUSE Linux Enterprise Real Time 11 SP4:kernel-source-rt-3.0.101.rt130-69.36.1.x86_64", "SUSE Linux Enterprise Real Time 11 SP4:kernel-syms-rt-3.0.101.rt130-69.36.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2018-12896", url: "https://www.suse.com/security/cve/CVE-2018-12896", }, { category: "external", summary: "SUSE Bug 1099922 for CVE-2018-12896", url: "https://bugzilla.suse.com/1099922", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-3.0.101.rt130-69.36.1.x86_64", "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-base-3.0.101.rt130-69.36.1.x86_64", "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-devel-3.0.101.rt130-69.36.1.x86_64", "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-3.0.101.rt130-69.36.1.x86_64", "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-base-3.0.101.rt130-69.36.1.x86_64", "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-devel-3.0.101.rt130-69.36.1.x86_64", "SUSE Linux Enterprise Real Time 11 SP4:kernel-source-rt-3.0.101.rt130-69.36.1.x86_64", "SUSE Linux Enterprise Real Time 11 SP4:kernel-syms-rt-3.0.101.rt130-69.36.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 3.3, baseSeverity: "LOW", vectorString: "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L", version: "3.0", }, products: [ "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-3.0.101.rt130-69.36.1.x86_64", "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-base-3.0.101.rt130-69.36.1.x86_64", "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-devel-3.0.101.rt130-69.36.1.x86_64", "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-3.0.101.rt130-69.36.1.x86_64", "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-base-3.0.101.rt130-69.36.1.x86_64", "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-devel-3.0.101.rt130-69.36.1.x86_64", "SUSE Linux Enterprise Real Time 11 SP4:kernel-source-rt-3.0.101.rt130-69.36.1.x86_64", "SUSE Linux Enterprise Real Time 11 SP4:kernel-syms-rt-3.0.101.rt130-69.36.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2018-10-09T11:51:04Z", details: "low", }, ], title: "CVE-2018-12896", }, { cve: "CVE-2018-14617", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2018-14617", }, ], notes: [ { category: "general", text: "An issue was discovered in the Linux kernel through 4.17.10. There is a NULL pointer dereference and panic in hfsplus_lookup() in fs/hfsplus/dir.c when opening a file (that is purportedly a hard link) in an hfs+ filesystem that has malformed catalog data, and is mounted read-only without a metadata directory.", title: "CVE description", }, ], product_status: { recommended: [ "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-3.0.101.rt130-69.36.1.x86_64", "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-base-3.0.101.rt130-69.36.1.x86_64", "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-devel-3.0.101.rt130-69.36.1.x86_64", "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-3.0.101.rt130-69.36.1.x86_64", "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-base-3.0.101.rt130-69.36.1.x86_64", "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-devel-3.0.101.rt130-69.36.1.x86_64", "SUSE Linux Enterprise Real Time 11 SP4:kernel-source-rt-3.0.101.rt130-69.36.1.x86_64", "SUSE Linux Enterprise Real Time 11 SP4:kernel-syms-rt-3.0.101.rt130-69.36.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2018-14617", url: "https://www.suse.com/security/cve/CVE-2018-14617", }, { category: "external", summary: "SUSE Bug 1102870 for CVE-2018-14617", url: "https://bugzilla.suse.com/1102870", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-3.0.101.rt130-69.36.1.x86_64", "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-base-3.0.101.rt130-69.36.1.x86_64", "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-devel-3.0.101.rt130-69.36.1.x86_64", "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-3.0.101.rt130-69.36.1.x86_64", "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-base-3.0.101.rt130-69.36.1.x86_64", "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-devel-3.0.101.rt130-69.36.1.x86_64", "SUSE Linux Enterprise Real Time 11 SP4:kernel-source-rt-3.0.101.rt130-69.36.1.x86_64", "SUSE Linux Enterprise Real Time 11 SP4:kernel-syms-rt-3.0.101.rt130-69.36.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 5.5, baseSeverity: "MEDIUM", vectorString: "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", version: "3.0", }, products: [ "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-3.0.101.rt130-69.36.1.x86_64", "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-base-3.0.101.rt130-69.36.1.x86_64", "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-devel-3.0.101.rt130-69.36.1.x86_64", "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-3.0.101.rt130-69.36.1.x86_64", "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-base-3.0.101.rt130-69.36.1.x86_64", "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-devel-3.0.101.rt130-69.36.1.x86_64", "SUSE Linux Enterprise Real Time 11 SP4:kernel-source-rt-3.0.101.rt130-69.36.1.x86_64", "SUSE Linux Enterprise Real Time 11 SP4:kernel-syms-rt-3.0.101.rt130-69.36.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2018-10-09T11:51:04Z", details: "moderate", }, ], title: "CVE-2018-14617", }, { cve: "CVE-2018-14634", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2018-14634", }, ], notes: [ { category: "general", text: "An integer overflow flaw was found in the Linux kernel's create_elf_tables() function. An unprivileged local user with access to SUID (or otherwise privileged) binary could use this flaw to escalate their privileges on the system. Kernel versions 2.6.x, 3.10.x and 4.14.x are believed to be vulnerable.", title: "CVE description", }, ], product_status: { recommended: [ "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-3.0.101.rt130-69.36.1.x86_64", "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-base-3.0.101.rt130-69.36.1.x86_64", "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-devel-3.0.101.rt130-69.36.1.x86_64", "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-3.0.101.rt130-69.36.1.x86_64", "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-base-3.0.101.rt130-69.36.1.x86_64", "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-devel-3.0.101.rt130-69.36.1.x86_64", "SUSE Linux Enterprise Real Time 11 SP4:kernel-source-rt-3.0.101.rt130-69.36.1.x86_64", "SUSE Linux Enterprise Real Time 11 SP4:kernel-syms-rt-3.0.101.rt130-69.36.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2018-14634", url: "https://www.suse.com/security/cve/CVE-2018-14634", }, { category: "external", summary: "SUSE Bug 1108912 for CVE-2018-14634", url: "https://bugzilla.suse.com/1108912", }, { category: "external", summary: "SUSE Bug 1108963 for CVE-2018-14634", url: "https://bugzilla.suse.com/1108963", }, { category: "external", summary: "SUSE Bug 1115893 for CVE-2018-14634", url: "https://bugzilla.suse.com/1115893", }, { category: "external", summary: "SUSE Bug 1120323 for CVE-2018-14634", url: "https://bugzilla.suse.com/1120323", }, { category: "external", summary: "SUSE Bug 1122265 for CVE-2018-14634", url: "https://bugzilla.suse.com/1122265", }, { category: "external", summary: "SUSE Bug 1188063 for CVE-2018-14634", url: "https://bugzilla.suse.com/1188063", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-3.0.101.rt130-69.36.1.x86_64", "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-base-3.0.101.rt130-69.36.1.x86_64", "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-devel-3.0.101.rt130-69.36.1.x86_64", "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-3.0.101.rt130-69.36.1.x86_64", "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-base-3.0.101.rt130-69.36.1.x86_64", "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-devel-3.0.101.rt130-69.36.1.x86_64", "SUSE Linux Enterprise Real Time 11 SP4:kernel-source-rt-3.0.101.rt130-69.36.1.x86_64", "SUSE Linux Enterprise Real Time 11 SP4:kernel-syms-rt-3.0.101.rt130-69.36.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 7.8, baseSeverity: "HIGH", vectorString: "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", version: "3.0", }, products: [ "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-3.0.101.rt130-69.36.1.x86_64", "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-base-3.0.101.rt130-69.36.1.x86_64", "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-devel-3.0.101.rt130-69.36.1.x86_64", "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-3.0.101.rt130-69.36.1.x86_64", "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-base-3.0.101.rt130-69.36.1.x86_64", "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-devel-3.0.101.rt130-69.36.1.x86_64", "SUSE Linux Enterprise Real Time 11 SP4:kernel-source-rt-3.0.101.rt130-69.36.1.x86_64", "SUSE Linux Enterprise Real Time 11 SP4:kernel-syms-rt-3.0.101.rt130-69.36.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2018-10-09T11:51:04Z", details: "important", }, ], title: "CVE-2018-14634", }, { cve: "CVE-2018-14734", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2018-14734", }, ], notes: [ { category: "general", text: "drivers/infiniband/core/ucma.c in the Linux kernel through 4.17.11 allows ucma_leave_multicast to access a certain data structure after a cleanup step in ucma_process_join, which allows attackers to cause a denial of service (use-after-free).", title: "CVE description", }, ], product_status: { recommended: [ "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-3.0.101.rt130-69.36.1.x86_64", "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-base-3.0.101.rt130-69.36.1.x86_64", "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-devel-3.0.101.rt130-69.36.1.x86_64", "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-3.0.101.rt130-69.36.1.x86_64", "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-base-3.0.101.rt130-69.36.1.x86_64", "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-devel-3.0.101.rt130-69.36.1.x86_64", "SUSE Linux Enterprise Real Time 11 SP4:kernel-source-rt-3.0.101.rt130-69.36.1.x86_64", "SUSE Linux Enterprise Real Time 11 SP4:kernel-syms-rt-3.0.101.rt130-69.36.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2018-14734", url: "https://www.suse.com/security/cve/CVE-2018-14734", }, { category: "external", summary: "SUSE Bug 1103119 for CVE-2018-14734", url: "https://bugzilla.suse.com/1103119", }, { category: "external", summary: "SUSE Bug 1131390 for CVE-2018-14734", url: "https://bugzilla.suse.com/1131390", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-3.0.101.rt130-69.36.1.x86_64", "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-base-3.0.101.rt130-69.36.1.x86_64", "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-devel-3.0.101.rt130-69.36.1.x86_64", "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-3.0.101.rt130-69.36.1.x86_64", "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-base-3.0.101.rt130-69.36.1.x86_64", "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-devel-3.0.101.rt130-69.36.1.x86_64", "SUSE Linux Enterprise Real Time 11 SP4:kernel-source-rt-3.0.101.rt130-69.36.1.x86_64", "SUSE Linux Enterprise Real Time 11 SP4:kernel-syms-rt-3.0.101.rt130-69.36.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 7, baseSeverity: "HIGH", vectorString: "CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H", version: "3.0", }, products: [ "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-3.0.101.rt130-69.36.1.x86_64", "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-base-3.0.101.rt130-69.36.1.x86_64", "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-devel-3.0.101.rt130-69.36.1.x86_64", "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-3.0.101.rt130-69.36.1.x86_64", "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-base-3.0.101.rt130-69.36.1.x86_64", "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-devel-3.0.101.rt130-69.36.1.x86_64", "SUSE Linux Enterprise Real Time 11 SP4:kernel-source-rt-3.0.101.rt130-69.36.1.x86_64", "SUSE Linux Enterprise Real Time 11 SP4:kernel-syms-rt-3.0.101.rt130-69.36.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2018-10-09T11:51:04Z", details: "moderate", }, ], title: "CVE-2018-14734", }, { cve: "CVE-2018-15572", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2018-15572", }, ], notes: [ { category: "general", text: "The spectre_v2_select_mitigation function in arch/x86/kernel/cpu/bugs.c in the Linux kernel before 4.18.1 does not always fill RSB upon a context switch, which makes it easier for attackers to conduct userspace-userspace spectreRSB attacks.", title: "CVE description", }, ], product_status: { recommended: [ "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-3.0.101.rt130-69.36.1.x86_64", "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-base-3.0.101.rt130-69.36.1.x86_64", "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-devel-3.0.101.rt130-69.36.1.x86_64", "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-3.0.101.rt130-69.36.1.x86_64", "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-base-3.0.101.rt130-69.36.1.x86_64", "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-devel-3.0.101.rt130-69.36.1.x86_64", "SUSE Linux Enterprise Real Time 11 SP4:kernel-source-rt-3.0.101.rt130-69.36.1.x86_64", "SUSE Linux Enterprise Real Time 11 SP4:kernel-syms-rt-3.0.101.rt130-69.36.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2018-15572", url: "https://www.suse.com/security/cve/CVE-2018-15572", }, { category: "external", summary: "SUSE Bug 1102517 for CVE-2018-15572", url: "https://bugzilla.suse.com/1102517", }, { category: "external", summary: "SUSE Bug 1105296 for CVE-2018-15572", url: "https://bugzilla.suse.com/1105296", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-3.0.101.rt130-69.36.1.x86_64", "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-base-3.0.101.rt130-69.36.1.x86_64", "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-devel-3.0.101.rt130-69.36.1.x86_64", "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-3.0.101.rt130-69.36.1.x86_64", "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-base-3.0.101.rt130-69.36.1.x86_64", "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-devel-3.0.101.rt130-69.36.1.x86_64", "SUSE Linux Enterprise Real Time 11 SP4:kernel-source-rt-3.0.101.rt130-69.36.1.x86_64", "SUSE Linux Enterprise Real Time 11 SP4:kernel-syms-rt-3.0.101.rt130-69.36.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 4.7, baseSeverity: "MEDIUM", vectorString: "CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N", version: "3.0", }, products: [ "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-3.0.101.rt130-69.36.1.x86_64", "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-base-3.0.101.rt130-69.36.1.x86_64", "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-devel-3.0.101.rt130-69.36.1.x86_64", "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-3.0.101.rt130-69.36.1.x86_64", "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-base-3.0.101.rt130-69.36.1.x86_64", "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-devel-3.0.101.rt130-69.36.1.x86_64", "SUSE Linux Enterprise Real Time 11 SP4:kernel-source-rt-3.0.101.rt130-69.36.1.x86_64", "SUSE Linux Enterprise Real Time 11 SP4:kernel-syms-rt-3.0.101.rt130-69.36.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2018-10-09T11:51:04Z", details: "important", }, ], title: "CVE-2018-15572", }, { cve: "CVE-2018-15594", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2018-15594", }, ], notes: [ { category: "general", text: "arch/x86/kernel/paravirt.c in the Linux kernel before 4.18.1 mishandles certain indirect calls, which makes it easier for attackers to conduct Spectre-v2 attacks against paravirtual guests.", title: "CVE description", }, ], product_status: { recommended: [ "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-3.0.101.rt130-69.36.1.x86_64", "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-base-3.0.101.rt130-69.36.1.x86_64", "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-devel-3.0.101.rt130-69.36.1.x86_64", "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-3.0.101.rt130-69.36.1.x86_64", "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-base-3.0.101.rt130-69.36.1.x86_64", "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-devel-3.0.101.rt130-69.36.1.x86_64", "SUSE Linux Enterprise Real Time 11 SP4:kernel-source-rt-3.0.101.rt130-69.36.1.x86_64", "SUSE Linux Enterprise Real Time 11 SP4:kernel-syms-rt-3.0.101.rt130-69.36.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2018-15594", url: "https://www.suse.com/security/cve/CVE-2018-15594", }, { category: "external", summary: "SUSE Bug 1105348 for CVE-2018-15594", url: "https://bugzilla.suse.com/1105348", }, { category: "external", summary: "SUSE Bug 1133319 for CVE-2018-15594", url: "https://bugzilla.suse.com/1133319", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-3.0.101.rt130-69.36.1.x86_64", "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-base-3.0.101.rt130-69.36.1.x86_64", "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-devel-3.0.101.rt130-69.36.1.x86_64", "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-3.0.101.rt130-69.36.1.x86_64", "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-base-3.0.101.rt130-69.36.1.x86_64", "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-devel-3.0.101.rt130-69.36.1.x86_64", "SUSE Linux Enterprise Real Time 11 SP4:kernel-source-rt-3.0.101.rt130-69.36.1.x86_64", "SUSE Linux Enterprise Real Time 11 SP4:kernel-syms-rt-3.0.101.rt130-69.36.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 5.5, baseSeverity: "MEDIUM", vectorString: "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N", version: "3.0", }, products: [ "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-3.0.101.rt130-69.36.1.x86_64", "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-base-3.0.101.rt130-69.36.1.x86_64", "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-devel-3.0.101.rt130-69.36.1.x86_64", "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-3.0.101.rt130-69.36.1.x86_64", "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-base-3.0.101.rt130-69.36.1.x86_64", "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-devel-3.0.101.rt130-69.36.1.x86_64", "SUSE Linux Enterprise Real Time 11 SP4:kernel-source-rt-3.0.101.rt130-69.36.1.x86_64", "SUSE Linux Enterprise Real Time 11 SP4:kernel-syms-rt-3.0.101.rt130-69.36.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2018-10-09T11:51:04Z", details: "moderate", }, ], title: "CVE-2018-15594", }, { cve: "CVE-2018-16276", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2018-16276", }, ], notes: [ { category: "general", text: "An issue was discovered in yurex_read in drivers/usb/misc/yurex.c in the Linux kernel before 4.17.7. Local attackers could use user access read/writes with incorrect bounds checking in the yurex USB driver to crash the kernel or potentially escalate privileges.", title: "CVE description", }, ], product_status: { recommended: [ "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-3.0.101.rt130-69.36.1.x86_64", "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-base-3.0.101.rt130-69.36.1.x86_64", "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-devel-3.0.101.rt130-69.36.1.x86_64", "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-3.0.101.rt130-69.36.1.x86_64", "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-base-3.0.101.rt130-69.36.1.x86_64", "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-devel-3.0.101.rt130-69.36.1.x86_64", "SUSE Linux Enterprise Real Time 11 SP4:kernel-source-rt-3.0.101.rt130-69.36.1.x86_64", "SUSE Linux Enterprise Real Time 11 SP4:kernel-syms-rt-3.0.101.rt130-69.36.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2018-16276", url: "https://www.suse.com/security/cve/CVE-2018-16276", }, { category: "external", summary: "SUSE Bug 1106095 for CVE-2018-16276", url: "https://bugzilla.suse.com/1106095", }, { category: "external", summary: "SUSE Bug 1115593 for CVE-2018-16276", url: "https://bugzilla.suse.com/1115593", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-3.0.101.rt130-69.36.1.x86_64", "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-base-3.0.101.rt130-69.36.1.x86_64", "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-devel-3.0.101.rt130-69.36.1.x86_64", "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-3.0.101.rt130-69.36.1.x86_64", "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-base-3.0.101.rt130-69.36.1.x86_64", "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-devel-3.0.101.rt130-69.36.1.x86_64", "SUSE Linux Enterprise Real Time 11 SP4:kernel-source-rt-3.0.101.rt130-69.36.1.x86_64", "SUSE Linux Enterprise Real Time 11 SP4:kernel-syms-rt-3.0.101.rt130-69.36.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 7.3, baseSeverity: "HIGH", vectorString: "CVSS:3.0/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H", version: "3.0", }, products: [ "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-3.0.101.rt130-69.36.1.x86_64", "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-base-3.0.101.rt130-69.36.1.x86_64", "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-devel-3.0.101.rt130-69.36.1.x86_64", "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-3.0.101.rt130-69.36.1.x86_64", "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-base-3.0.101.rt130-69.36.1.x86_64", "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-devel-3.0.101.rt130-69.36.1.x86_64", "SUSE Linux Enterprise Real Time 11 SP4:kernel-source-rt-3.0.101.rt130-69.36.1.x86_64", "SUSE Linux Enterprise Real Time 11 SP4:kernel-syms-rt-3.0.101.rt130-69.36.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2018-10-09T11:51:04Z", details: "important", }, ], title: "CVE-2018-16276", }, { cve: "CVE-2018-16658", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2018-16658", }, ], notes: [ { category: "general", text: "An issue was discovered in the Linux kernel before 4.18.6. An information leak in cdrom_ioctl_drive_status in drivers/cdrom/cdrom.c could be used by local attackers to read kernel memory because a cast from unsigned long to int interferes with bounds checking. This is similar to CVE-2018-10940.", title: "CVE description", }, ], product_status: { recommended: [ "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-3.0.101.rt130-69.36.1.x86_64", "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-base-3.0.101.rt130-69.36.1.x86_64", "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-devel-3.0.101.rt130-69.36.1.x86_64", "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-3.0.101.rt130-69.36.1.x86_64", "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-base-3.0.101.rt130-69.36.1.x86_64", "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-devel-3.0.101.rt130-69.36.1.x86_64", "SUSE Linux Enterprise Real Time 11 SP4:kernel-source-rt-3.0.101.rt130-69.36.1.x86_64", "SUSE Linux Enterprise Real Time 11 SP4:kernel-syms-rt-3.0.101.rt130-69.36.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2018-16658", url: "https://www.suse.com/security/cve/CVE-2018-16658", }, { category: "external", summary: "SUSE Bug 1092903 for CVE-2018-16658", url: "https://bugzilla.suse.com/1092903", }, { category: "external", summary: "SUSE Bug 1107689 for CVE-2018-16658", url: "https://bugzilla.suse.com/1107689", }, { category: "external", summary: "SUSE Bug 1113751 for CVE-2018-16658", url: "https://bugzilla.suse.com/1113751", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-3.0.101.rt130-69.36.1.x86_64", "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-base-3.0.101.rt130-69.36.1.x86_64", "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-devel-3.0.101.rt130-69.36.1.x86_64", "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-3.0.101.rt130-69.36.1.x86_64", "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-base-3.0.101.rt130-69.36.1.x86_64", "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-devel-3.0.101.rt130-69.36.1.x86_64", "SUSE Linux Enterprise Real Time 11 SP4:kernel-source-rt-3.0.101.rt130-69.36.1.x86_64", "SUSE Linux Enterprise Real Time 11 SP4:kernel-syms-rt-3.0.101.rt130-69.36.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 4, baseSeverity: "MEDIUM", vectorString: "CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N", version: "3.0", }, products: [ "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-3.0.101.rt130-69.36.1.x86_64", "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-base-3.0.101.rt130-69.36.1.x86_64", "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-devel-3.0.101.rt130-69.36.1.x86_64", "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-3.0.101.rt130-69.36.1.x86_64", "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-base-3.0.101.rt130-69.36.1.x86_64", "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-devel-3.0.101.rt130-69.36.1.x86_64", "SUSE Linux Enterprise Real Time 11 SP4:kernel-source-rt-3.0.101.rt130-69.36.1.x86_64", "SUSE Linux Enterprise Real Time 11 SP4:kernel-syms-rt-3.0.101.rt130-69.36.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2018-10-09T11:51:04Z", details: "low", }, ], title: "CVE-2018-16658", }, { cve: "CVE-2018-6554", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2018-6554", }, ], notes: [ { category: "general", text: "Memory leak in the irda_bind function in net/irda/af_irda.c and later in drivers/staging/irda/net/af_irda.c in the Linux kernel before 4.17 allows local users to cause a denial of service (memory consumption) by repeatedly binding an AF_IRDA socket.", title: "CVE description", }, ], product_status: { recommended: [ "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-3.0.101.rt130-69.36.1.x86_64", "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-base-3.0.101.rt130-69.36.1.x86_64", "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-devel-3.0.101.rt130-69.36.1.x86_64", "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-3.0.101.rt130-69.36.1.x86_64", "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-base-3.0.101.rt130-69.36.1.x86_64", "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-devel-3.0.101.rt130-69.36.1.x86_64", "SUSE Linux Enterprise Real Time 11 SP4:kernel-source-rt-3.0.101.rt130-69.36.1.x86_64", "SUSE Linux Enterprise Real Time 11 SP4:kernel-syms-rt-3.0.101.rt130-69.36.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2018-6554", url: "https://www.suse.com/security/cve/CVE-2018-6554", }, { category: "external", summary: "SUSE Bug 1106509 for CVE-2018-6554", url: "https://bugzilla.suse.com/1106509", }, { category: "external", summary: "SUSE Bug 1106511 for CVE-2018-6554", url: "https://bugzilla.suse.com/1106511", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-3.0.101.rt130-69.36.1.x86_64", "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-base-3.0.101.rt130-69.36.1.x86_64", "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-devel-3.0.101.rt130-69.36.1.x86_64", "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-3.0.101.rt130-69.36.1.x86_64", "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-base-3.0.101.rt130-69.36.1.x86_64", "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-devel-3.0.101.rt130-69.36.1.x86_64", "SUSE Linux Enterprise Real Time 11 SP4:kernel-source-rt-3.0.101.rt130-69.36.1.x86_64", "SUSE Linux Enterprise Real Time 11 SP4:kernel-syms-rt-3.0.101.rt130-69.36.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 3.3, baseSeverity: "LOW", vectorString: "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L", version: "3.0", }, products: [ "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-3.0.101.rt130-69.36.1.x86_64", "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-base-3.0.101.rt130-69.36.1.x86_64", "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-devel-3.0.101.rt130-69.36.1.x86_64", "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-3.0.101.rt130-69.36.1.x86_64", "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-base-3.0.101.rt130-69.36.1.x86_64", "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-devel-3.0.101.rt130-69.36.1.x86_64", "SUSE Linux Enterprise Real Time 11 SP4:kernel-source-rt-3.0.101.rt130-69.36.1.x86_64", "SUSE Linux Enterprise Real Time 11 SP4:kernel-syms-rt-3.0.101.rt130-69.36.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2018-10-09T11:51:04Z", details: "low", }, ], title: "CVE-2018-6554", }, { cve: "CVE-2018-6555", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2018-6555", }, ], notes: [ { category: "general", text: "The irda_setsockopt function in net/irda/af_irda.c and later in drivers/staging/irda/net/af_irda.c in the Linux kernel before 4.17 allows local users to cause a denial of service (ias_object use-after-free and system crash) or possibly have unspecified other impact via an AF_IRDA socket.", title: "CVE description", }, ], product_status: { recommended: [ "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-3.0.101.rt130-69.36.1.x86_64", "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-base-3.0.101.rt130-69.36.1.x86_64", "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-devel-3.0.101.rt130-69.36.1.x86_64", "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-3.0.101.rt130-69.36.1.x86_64", "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-base-3.0.101.rt130-69.36.1.x86_64", "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-devel-3.0.101.rt130-69.36.1.x86_64", "SUSE Linux Enterprise Real Time 11 SP4:kernel-source-rt-3.0.101.rt130-69.36.1.x86_64", "SUSE Linux Enterprise Real Time 11 SP4:kernel-syms-rt-3.0.101.rt130-69.36.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2018-6555", url: "https://www.suse.com/security/cve/CVE-2018-6555", }, { category: "external", summary: "SUSE Bug 1106509 for CVE-2018-6555", url: "https://bugzilla.suse.com/1106509", }, { category: "external", summary: "SUSE Bug 1106511 for CVE-2018-6555", url: "https://bugzilla.suse.com/1106511", }, { category: "external", summary: "SUSE Bug 1115893 for CVE-2018-6555", url: "https://bugzilla.suse.com/1115893", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-3.0.101.rt130-69.36.1.x86_64", "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-base-3.0.101.rt130-69.36.1.x86_64", "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-devel-3.0.101.rt130-69.36.1.x86_64", "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-3.0.101.rt130-69.36.1.x86_64", "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-base-3.0.101.rt130-69.36.1.x86_64", "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-devel-3.0.101.rt130-69.36.1.x86_64", "SUSE Linux Enterprise Real Time 11 SP4:kernel-source-rt-3.0.101.rt130-69.36.1.x86_64", "SUSE Linux Enterprise Real Time 11 SP4:kernel-syms-rt-3.0.101.rt130-69.36.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 4.4, baseSeverity: "MEDIUM", vectorString: "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:L", version: "3.0", }, products: [ "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-3.0.101.rt130-69.36.1.x86_64", "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-base-3.0.101.rt130-69.36.1.x86_64", "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-devel-3.0.101.rt130-69.36.1.x86_64", "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-3.0.101.rt130-69.36.1.x86_64", "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-base-3.0.101.rt130-69.36.1.x86_64", "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-devel-3.0.101.rt130-69.36.1.x86_64", "SUSE Linux Enterprise Real Time 11 SP4:kernel-source-rt-3.0.101.rt130-69.36.1.x86_64", "SUSE Linux Enterprise Real Time 11 SP4:kernel-syms-rt-3.0.101.rt130-69.36.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2018-10-09T11:51:04Z", details: "moderate", }, ], title: "CVE-2018-6555", }, ], }
suse-su-2018:2907-1
Vulnerability from csaf_suse
Published
2018-09-27 14:02
Modified
2018-09-27 14:02
Summary
Security update for the Linux Kernel
Notes
Title of the patch
Security update for the Linux Kernel
Description of the patch
The SUSE Linux Enterprise 11 SP3 kernel was updated to receive various security and bugfixes.
The following security bugs were fixed:
- CVE-2018-14634: Prevent integer overflow in create_elf_tables that allowed a
local attacker to exploit this vulnerability via a SUID-root binary and obtain
full root privileges (bsc#1108912).
- CVE-2018-10940: The cdrom_ioctl_media_changed function allowed local
attackers to use a incorrect bounds check in the CDROM driver
CDROM_MEDIA_CHANGED ioctl to read out kernel memory (bsc#1092903)
- CVE-2018-16658: Prevent information leak in cdrom_ioctl_drive_status that
could have been used by local attackers to read kernel memory (bnc#1107689)
- CVE-2018-6555: The irda_setsockopt function allowed local users to cause a
denial of service (ias_object use-after-free and system crash) or possibly have
unspecified other impact via an AF_IRDA socket (bnc#1106511)
- CVE-2018-6554: Prevent memory leak in the irda_bind function that allowed
local users to cause a denial of service (memory consumption) by repeatedly
binding an AF_IRDA socket (bnc#1106509)
- CVE-2018-15572: The spectre_v2_select_mitigation function did not always fill
RSB upon a context switch, which made it easier for attackers to conduct
userspace-userspace spectreRSB attacks (bnc#1102517)
- CVE-2018-10902: Protect against concurrent access to prevent double realloc
(double free) in snd_rawmidi_input_params() and snd_rawmidi_output_status(). A
malicious local attacker could have used this for privilege escalation
(bnc#1105322).
- CVE-2018-14734: ucma_leave_multicast accessed a certain data structure after
a cleanup step in ucma_process_join, which allowed attackers to cause a denial
of service (use-after-free) (bsc#1103119).
The following non-security bugs were fixed:
- KVM: VMX: Work around kABI breakage in 'enum vmx_l1d_flush_state' (bsc#1106369).
- KVM: VMX: fixes for vmentry_l1d_flush module parameter (bsc#1106369).
- KVM: x86: Free vmx_msr_bitmap_longmode while kvm_init failed (bsc#1104367).
- Refresh patches.xen/xen3-x86-l1tf-04-protect-PROT_NONE-ptes.patch (bsc#1105100).
- kabi: x86/speculation/l1tf: Increase l1tf memory limit for Nehalem+ (bnc#1105536).
- kabi: x86/speculation/l1tf: Increase l1tf memory limit for Nehalem+ (bnc#1105536).
- ptrace: fix PTRACE_LISTEN race corrupting task->state (bnc#1107001).
- rpm/kernel-docs.spec.in: Expand kernel tree directly from sources (bsc#1057199)
- x86, l1tf: Protect PROT_NONE PTEs against speculation fixup (bnc#1104684, bnc#1104818).
- x86/speculation/l1tf: Fix off-by-one error when warning that system has too much RAM (bnc#1105536).
- x86/speculation/l1tf: Fix overflow in l1tf_pfn_limit() on 32bit (bnc#1087081).
- x86/speculation/l1tf: Increase l1tf memory limit for Nehalem+ (bnc#1105536).
- x86/speculation/l1tf: Suggest what to do on systems with too much RAM (bnc#1105536).
- xen x86/speculation/l1tf: Fix off-by-one error when warning that system has too much RAM (bnc#1105536).
- xen x86/speculation/l1tf: Increase l1tf memory limit for Nehalem+ (bnc#1105536).
- xen, x86, l1tf: Protect PROT_NONE PTEs against speculation fixup (bnc#1104684, bnc#1104818).
- xen: x86/speculation/l1tf: Fix overflow in l1tf_pfn_limit() on 32bit (bnc#1087081).
Patchnames
sleposp3-kernel-13799,slessp3-kernel-13799,slexsp3-kernel-13799
Terms of use
CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).
{ document: { aggregate_severity: { namespace: "https://www.suse.com/support/security/rating/", text: "important", }, category: "csaf_security_advisory", csaf_version: "2.0", distribution: { text: "Copyright 2024 SUSE LLC. All rights reserved.", tlp: { label: "WHITE", url: "https://www.first.org/tlp/", }, }, lang: "en", notes: [ { category: "summary", text: "Security update for the Linux Kernel", title: "Title of the patch", }, { category: "description", text: "\nThe SUSE Linux Enterprise 11 SP3 kernel was updated to receive various security and bugfixes.\n\nThe following security bugs were fixed:\n\n- CVE-2018-14634: Prevent integer overflow in create_elf_tables that allowed a\n local attacker to exploit this vulnerability via a SUID-root binary and obtain\n full root privileges (bsc#1108912).\n- CVE-2018-10940: The cdrom_ioctl_media_changed function allowed local\n attackers to use a incorrect bounds check in the CDROM driver\n CDROM_MEDIA_CHANGED ioctl to read out kernel memory (bsc#1092903)\n- CVE-2018-16658: Prevent information leak in cdrom_ioctl_drive_status that\n could have been used by local attackers to read kernel memory (bnc#1107689)\n- CVE-2018-6555: The irda_setsockopt function allowed local users to cause a\n denial of service (ias_object use-after-free and system crash) or possibly have\n unspecified other impact via an AF_IRDA socket (bnc#1106511)\n- CVE-2018-6554: Prevent memory leak in the irda_bind function that allowed\n local users to cause a denial of service (memory consumption) by repeatedly\n binding an AF_IRDA socket (bnc#1106509)\n- CVE-2018-15572: The spectre_v2_select_mitigation function did not always fill\n RSB upon a context switch, which made it easier for attackers to conduct\n userspace-userspace spectreRSB attacks (bnc#1102517)\n- CVE-2018-10902: Protect against concurrent access to prevent double realloc\n (double free) in snd_rawmidi_input_params() and snd_rawmidi_output_status(). A\n malicious local attacker could have used this for privilege escalation\n (bnc#1105322).\n- CVE-2018-14734: ucma_leave_multicast accessed a certain data structure after\n a cleanup step in ucma_process_join, which allowed attackers to cause a denial\n of service (use-after-free) (bsc#1103119).\n\nThe following non-security bugs were fixed:\n\n- KVM: VMX: Work around kABI breakage in 'enum vmx_l1d_flush_state' (bsc#1106369).\n- KVM: VMX: fixes for vmentry_l1d_flush module parameter (bsc#1106369).\n- KVM: x86: Free vmx_msr_bitmap_longmode while kvm_init failed (bsc#1104367).\n- Refresh patches.xen/xen3-x86-l1tf-04-protect-PROT_NONE-ptes.patch (bsc#1105100).\n- kabi: x86/speculation/l1tf: Increase l1tf memory limit for Nehalem+ (bnc#1105536).\n- kabi: x86/speculation/l1tf: Increase l1tf memory limit for Nehalem+ (bnc#1105536).\n- ptrace: fix PTRACE_LISTEN race corrupting task->state (bnc#1107001).\n- rpm/kernel-docs.spec.in: Expand kernel tree directly from sources (bsc#1057199)\n- x86, l1tf: Protect PROT_NONE PTEs against speculation fixup (bnc#1104684, bnc#1104818).\n- x86/speculation/l1tf: Fix off-by-one error when warning that system has too much RAM (bnc#1105536).\n- x86/speculation/l1tf: Fix overflow in l1tf_pfn_limit() on 32bit (bnc#1087081).\n- x86/speculation/l1tf: Increase l1tf memory limit for Nehalem+ (bnc#1105536).\n- x86/speculation/l1tf: Suggest what to do on systems with too much RAM (bnc#1105536).\n- xen x86/speculation/l1tf: Fix off-by-one error when warning that system has too much RAM (bnc#1105536).\n- xen x86/speculation/l1tf: Increase l1tf memory limit for Nehalem+ (bnc#1105536).\n- xen, x86, l1tf: Protect PROT_NONE PTEs against speculation fixup (bnc#1104684, bnc#1104818).\n- xen: x86/speculation/l1tf: Fix overflow in l1tf_pfn_limit() on 32bit (bnc#1087081).\n", title: "Description of the patch", }, { category: "details", text: "sleposp3-kernel-13799,slessp3-kernel-13799,slexsp3-kernel-13799", title: "Patchnames", }, { category: "legal_disclaimer", text: "CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).", title: "Terms of use", }, ], publisher: { category: "vendor", contact_details: "https://www.suse.com/support/security/contact/", name: "SUSE Product Security Team", namespace: "https://www.suse.com/", }, references: [ { category: "external", summary: "SUSE ratings", url: "https://www.suse.com/support/security/rating/", }, { category: "self", summary: "URL of this CSAF notice", url: "https://ftp.suse.com/pub/projects/security/csaf/suse-su-2018_2907-1.json", }, { category: "self", summary: "URL for SUSE-SU-2018:2907-1", url: "https://www.suse.com/support/update/announcement/2018/suse-su-20182907-1/", }, { category: "self", summary: "E-Mail link for SUSE-SU-2018:2907-1", url: "https://lists.suse.com/pipermail/sle-security-updates/2018-September/004617.html", }, { category: "self", summary: "SUSE Bug 1057199", url: "https://bugzilla.suse.com/1057199", }, { category: "self", summary: "SUSE Bug 1087081", url: "https://bugzilla.suse.com/1087081", }, { category: "self", summary: "SUSE Bug 1092903", url: "https://bugzilla.suse.com/1092903", }, { category: "self", summary: "SUSE Bug 1102517", url: "https://bugzilla.suse.com/1102517", }, { category: "self", summary: "SUSE Bug 1103119", url: "https://bugzilla.suse.com/1103119", }, { category: "self", summary: "SUSE Bug 1104367", url: "https://bugzilla.suse.com/1104367", }, { category: "self", summary: "SUSE Bug 1104684", url: "https://bugzilla.suse.com/1104684", }, { category: "self", summary: "SUSE Bug 1104818", url: "https://bugzilla.suse.com/1104818", }, { category: "self", summary: "SUSE Bug 1105100", url: "https://bugzilla.suse.com/1105100", }, { category: "self", summary: "SUSE Bug 1105296", url: "https://bugzilla.suse.com/1105296", }, { category: "self", summary: "SUSE Bug 1105322", url: "https://bugzilla.suse.com/1105322", }, { category: "self", summary: "SUSE Bug 1105323", url: "https://bugzilla.suse.com/1105323", }, { category: "self", summary: "SUSE Bug 1105536", url: "https://bugzilla.suse.com/1105536", }, { category: "self", summary: "SUSE Bug 1106369", url: "https://bugzilla.suse.com/1106369", }, { category: "self", summary: "SUSE Bug 1106509", url: "https://bugzilla.suse.com/1106509", }, { category: "self", summary: "SUSE Bug 1106511", url: "https://bugzilla.suse.com/1106511", }, { category: "self", summary: "SUSE Bug 1107001", url: "https://bugzilla.suse.com/1107001", }, { category: "self", summary: "SUSE Bug 1107689", url: "https://bugzilla.suse.com/1107689", }, { category: "self", summary: "SUSE Bug 1108912", url: "https://bugzilla.suse.com/1108912", }, { category: "self", summary: "SUSE CVE CVE-2018-10902 page", url: "https://www.suse.com/security/cve/CVE-2018-10902/", }, { category: "self", summary: "SUSE CVE CVE-2018-10940 page", url: "https://www.suse.com/security/cve/CVE-2018-10940/", }, { category: "self", summary: "SUSE CVE CVE-2018-14634 page", url: "https://www.suse.com/security/cve/CVE-2018-14634/", }, { category: "self", summary: "SUSE CVE CVE-2018-14734 page", url: "https://www.suse.com/security/cve/CVE-2018-14734/", }, { category: "self", summary: "SUSE CVE CVE-2018-15572 page", url: "https://www.suse.com/security/cve/CVE-2018-15572/", }, { category: "self", summary: "SUSE CVE CVE-2018-16658 page", url: "https://www.suse.com/security/cve/CVE-2018-16658/", }, { category: "self", summary: "SUSE CVE CVE-2018-6554 page", url: "https://www.suse.com/security/cve/CVE-2018-6554/", }, { category: "self", summary: "SUSE CVE CVE-2018-6555 page", url: "https://www.suse.com/security/cve/CVE-2018-6555/", }, ], title: "Security update for the Linux Kernel", tracking: { current_release_date: "2018-09-27T14:02:27Z", generator: { date: "2018-09-27T14:02:27Z", engine: { name: "cve-database.git:bin/generate-csaf.pl", version: "1", }, }, id: "SUSE-SU-2018:2907-1", initial_release_date: "2018-09-27T14:02:27Z", revision_history: [ { date: "2018-09-27T14:02:27Z", number: "1", summary: "Current version", }, ], status: "final", version: "1", }, }, product_tree: { branches: [ { branches: [ { branches: [ { category: "product_version", name: "kernel-default-3.0.101-0.47.106.50.1.i586", product: { name: "kernel-default-3.0.101-0.47.106.50.1.i586", product_id: "kernel-default-3.0.101-0.47.106.50.1.i586", }, }, { category: "product_version", name: "kernel-default-base-3.0.101-0.47.106.50.1.i586", product: { name: "kernel-default-base-3.0.101-0.47.106.50.1.i586", product_id: "kernel-default-base-3.0.101-0.47.106.50.1.i586", }, }, { category: "product_version", name: "kernel-default-devel-3.0.101-0.47.106.50.1.i586", product: { name: "kernel-default-devel-3.0.101-0.47.106.50.1.i586", product_id: "kernel-default-devel-3.0.101-0.47.106.50.1.i586", }, }, { category: "product_version", name: "kernel-ec2-3.0.101-0.47.106.50.1.i586", product: { name: "kernel-ec2-3.0.101-0.47.106.50.1.i586", product_id: "kernel-ec2-3.0.101-0.47.106.50.1.i586", }, }, { category: "product_version", name: "kernel-ec2-base-3.0.101-0.47.106.50.1.i586", product: { name: "kernel-ec2-base-3.0.101-0.47.106.50.1.i586", product_id: "kernel-ec2-base-3.0.101-0.47.106.50.1.i586", }, }, { category: "product_version", name: "kernel-ec2-devel-3.0.101-0.47.106.50.1.i586", product: { name: "kernel-ec2-devel-3.0.101-0.47.106.50.1.i586", product_id: "kernel-ec2-devel-3.0.101-0.47.106.50.1.i586", }, }, { category: "product_version", name: "kernel-pae-3.0.101-0.47.106.50.1.i586", product: { name: "kernel-pae-3.0.101-0.47.106.50.1.i586", product_id: "kernel-pae-3.0.101-0.47.106.50.1.i586", }, }, { category: "product_version", name: "kernel-pae-base-3.0.101-0.47.106.50.1.i586", product: { name: "kernel-pae-base-3.0.101-0.47.106.50.1.i586", product_id: "kernel-pae-base-3.0.101-0.47.106.50.1.i586", }, }, { category: "product_version", name: "kernel-pae-devel-3.0.101-0.47.106.50.1.i586", product: { name: "kernel-pae-devel-3.0.101-0.47.106.50.1.i586", product_id: "kernel-pae-devel-3.0.101-0.47.106.50.1.i586", }, }, { category: "product_version", name: "kernel-source-3.0.101-0.47.106.50.1.i586", product: { name: "kernel-source-3.0.101-0.47.106.50.1.i586", product_id: "kernel-source-3.0.101-0.47.106.50.1.i586", }, }, { category: "product_version", name: "kernel-syms-3.0.101-0.47.106.50.1.i586", product: { name: "kernel-syms-3.0.101-0.47.106.50.1.i586", product_id: "kernel-syms-3.0.101-0.47.106.50.1.i586", }, }, { category: "product_version", name: "kernel-trace-3.0.101-0.47.106.50.1.i586", product: { name: "kernel-trace-3.0.101-0.47.106.50.1.i586", product_id: "kernel-trace-3.0.101-0.47.106.50.1.i586", }, }, { category: "product_version", name: "kernel-trace-base-3.0.101-0.47.106.50.1.i586", product: { name: "kernel-trace-base-3.0.101-0.47.106.50.1.i586", product_id: "kernel-trace-base-3.0.101-0.47.106.50.1.i586", }, }, { category: "product_version", name: "kernel-trace-devel-3.0.101-0.47.106.50.1.i586", product: { name: "kernel-trace-devel-3.0.101-0.47.106.50.1.i586", product_id: "kernel-trace-devel-3.0.101-0.47.106.50.1.i586", }, }, { category: "product_version", name: "kernel-xen-3.0.101-0.47.106.50.1.i586", product: { name: "kernel-xen-3.0.101-0.47.106.50.1.i586", product_id: "kernel-xen-3.0.101-0.47.106.50.1.i586", }, }, { category: "product_version", name: "kernel-xen-base-3.0.101-0.47.106.50.1.i586", product: { name: "kernel-xen-base-3.0.101-0.47.106.50.1.i586", product_id: "kernel-xen-base-3.0.101-0.47.106.50.1.i586", }, }, { category: "product_version", name: "kernel-xen-devel-3.0.101-0.47.106.50.1.i586", product: { name: "kernel-xen-devel-3.0.101-0.47.106.50.1.i586", product_id: "kernel-xen-devel-3.0.101-0.47.106.50.1.i586", }, }, ], category: "architecture", name: "i586", }, { branches: [ { category: "product_version", name: "kernel-default-3.0.101-0.47.106.50.1.s390x", product: { name: "kernel-default-3.0.101-0.47.106.50.1.s390x", product_id: "kernel-default-3.0.101-0.47.106.50.1.s390x", }, }, { category: "product_version", name: "kernel-default-base-3.0.101-0.47.106.50.1.s390x", product: { name: "kernel-default-base-3.0.101-0.47.106.50.1.s390x", product_id: "kernel-default-base-3.0.101-0.47.106.50.1.s390x", }, }, { category: "product_version", name: "kernel-default-devel-3.0.101-0.47.106.50.1.s390x", product: { name: "kernel-default-devel-3.0.101-0.47.106.50.1.s390x", product_id: "kernel-default-devel-3.0.101-0.47.106.50.1.s390x", }, }, { category: "product_version", name: "kernel-default-man-3.0.101-0.47.106.50.1.s390x", product: { name: "kernel-default-man-3.0.101-0.47.106.50.1.s390x", product_id: "kernel-default-man-3.0.101-0.47.106.50.1.s390x", }, }, { category: "product_version", name: "kernel-source-3.0.101-0.47.106.50.1.s390x", product: { name: "kernel-source-3.0.101-0.47.106.50.1.s390x", product_id: "kernel-source-3.0.101-0.47.106.50.1.s390x", }, }, { category: "product_version", name: "kernel-syms-3.0.101-0.47.106.50.1.s390x", product: { name: "kernel-syms-3.0.101-0.47.106.50.1.s390x", product_id: "kernel-syms-3.0.101-0.47.106.50.1.s390x", }, }, { category: "product_version", name: "kernel-trace-3.0.101-0.47.106.50.1.s390x", product: { name: "kernel-trace-3.0.101-0.47.106.50.1.s390x", product_id: "kernel-trace-3.0.101-0.47.106.50.1.s390x", }, }, { category: "product_version", name: "kernel-trace-base-3.0.101-0.47.106.50.1.s390x", product: { name: "kernel-trace-base-3.0.101-0.47.106.50.1.s390x", product_id: "kernel-trace-base-3.0.101-0.47.106.50.1.s390x", }, }, { category: "product_version", name: "kernel-trace-devel-3.0.101-0.47.106.50.1.s390x", product: { name: "kernel-trace-devel-3.0.101-0.47.106.50.1.s390x", product_id: "kernel-trace-devel-3.0.101-0.47.106.50.1.s390x", }, }, ], category: "architecture", name: "s390x", }, { branches: [ { category: "product_version", name: "kernel-bigsmp-3.0.101-0.47.106.50.1.x86_64", product: { name: "kernel-bigsmp-3.0.101-0.47.106.50.1.x86_64", product_id: "kernel-bigsmp-3.0.101-0.47.106.50.1.x86_64", }, }, { category: "product_version", name: "kernel-bigsmp-base-3.0.101-0.47.106.50.1.x86_64", product: { name: "kernel-bigsmp-base-3.0.101-0.47.106.50.1.x86_64", product_id: "kernel-bigsmp-base-3.0.101-0.47.106.50.1.x86_64", }, }, { category: "product_version", name: "kernel-bigsmp-devel-3.0.101-0.47.106.50.1.x86_64", product: { name: "kernel-bigsmp-devel-3.0.101-0.47.106.50.1.x86_64", product_id: "kernel-bigsmp-devel-3.0.101-0.47.106.50.1.x86_64", }, }, { category: "product_version", name: "kernel-default-3.0.101-0.47.106.50.1.x86_64", product: { name: "kernel-default-3.0.101-0.47.106.50.1.x86_64", product_id: "kernel-default-3.0.101-0.47.106.50.1.x86_64", }, }, { category: "product_version", name: "kernel-default-base-3.0.101-0.47.106.50.1.x86_64", product: { name: "kernel-default-base-3.0.101-0.47.106.50.1.x86_64", product_id: "kernel-default-base-3.0.101-0.47.106.50.1.x86_64", }, }, { category: "product_version", name: "kernel-default-devel-3.0.101-0.47.106.50.1.x86_64", product: { name: "kernel-default-devel-3.0.101-0.47.106.50.1.x86_64", product_id: "kernel-default-devel-3.0.101-0.47.106.50.1.x86_64", }, }, { category: "product_version", name: "kernel-ec2-3.0.101-0.47.106.50.1.x86_64", product: { name: "kernel-ec2-3.0.101-0.47.106.50.1.x86_64", product_id: "kernel-ec2-3.0.101-0.47.106.50.1.x86_64", }, }, { category: "product_version", name: "kernel-ec2-base-3.0.101-0.47.106.50.1.x86_64", product: { name: "kernel-ec2-base-3.0.101-0.47.106.50.1.x86_64", product_id: "kernel-ec2-base-3.0.101-0.47.106.50.1.x86_64", }, }, { category: "product_version", name: "kernel-ec2-devel-3.0.101-0.47.106.50.1.x86_64", product: { name: "kernel-ec2-devel-3.0.101-0.47.106.50.1.x86_64", product_id: "kernel-ec2-devel-3.0.101-0.47.106.50.1.x86_64", }, }, { category: "product_version", name: "kernel-source-3.0.101-0.47.106.50.1.x86_64", product: { name: "kernel-source-3.0.101-0.47.106.50.1.x86_64", product_id: "kernel-source-3.0.101-0.47.106.50.1.x86_64", }, }, { category: "product_version", name: "kernel-syms-3.0.101-0.47.106.50.1.x86_64", product: { name: "kernel-syms-3.0.101-0.47.106.50.1.x86_64", product_id: "kernel-syms-3.0.101-0.47.106.50.1.x86_64", }, }, { category: "product_version", name: "kernel-trace-3.0.101-0.47.106.50.1.x86_64", product: { name: "kernel-trace-3.0.101-0.47.106.50.1.x86_64", product_id: "kernel-trace-3.0.101-0.47.106.50.1.x86_64", }, }, { category: "product_version", name: "kernel-trace-base-3.0.101-0.47.106.50.1.x86_64", product: { name: "kernel-trace-base-3.0.101-0.47.106.50.1.x86_64", product_id: "kernel-trace-base-3.0.101-0.47.106.50.1.x86_64", }, }, { category: "product_version", name: "kernel-trace-devel-3.0.101-0.47.106.50.1.x86_64", product: { name: "kernel-trace-devel-3.0.101-0.47.106.50.1.x86_64", product_id: "kernel-trace-devel-3.0.101-0.47.106.50.1.x86_64", }, }, { category: "product_version", name: "kernel-xen-3.0.101-0.47.106.50.1.x86_64", product: { name: "kernel-xen-3.0.101-0.47.106.50.1.x86_64", product_id: "kernel-xen-3.0.101-0.47.106.50.1.x86_64", }, }, { category: "product_version", name: "kernel-xen-base-3.0.101-0.47.106.50.1.x86_64", product: { name: "kernel-xen-base-3.0.101-0.47.106.50.1.x86_64", product_id: "kernel-xen-base-3.0.101-0.47.106.50.1.x86_64", }, }, { category: "product_version", name: "kernel-xen-devel-3.0.101-0.47.106.50.1.x86_64", product: { name: "kernel-xen-devel-3.0.101-0.47.106.50.1.x86_64", product_id: "kernel-xen-devel-3.0.101-0.47.106.50.1.x86_64", }, }, ], category: "architecture", name: "x86_64", }, { branches: [ { category: "product_name", name: "SUSE Linux Enterprise Point of Sale 11 SP3", product: { name: "SUSE Linux Enterprise Point of Sale 11 SP3", product_id: "SUSE Linux Enterprise Point of Sale 11 SP3", product_identification_helper: { cpe: "cpe:/o:suse:sle-pos:11:sp3", }, }, }, { category: "product_name", name: "SUSE Linux Enterprise Server 11 SP3-LTSS", product: { name: "SUSE Linux Enterprise Server 11 SP3-LTSS", product_id: "SUSE Linux Enterprise Server 11 SP3-LTSS", product_identification_helper: { cpe: "cpe:/o:suse:suse_sles_ltss:11:sp3", }, }, }, ], category: "product_family", name: "SUSE Linux Enterprise", }, ], category: "vendor", name: "SUSE", }, ], relationships: [ { category: "default_component_of", full_product_name: { name: "kernel-default-3.0.101-0.47.106.50.1.i586 as component of SUSE Linux Enterprise Point of Sale 11 SP3", product_id: "SUSE Linux Enterprise Point of Sale 11 SP3:kernel-default-3.0.101-0.47.106.50.1.i586", }, product_reference: "kernel-default-3.0.101-0.47.106.50.1.i586", relates_to_product_reference: "SUSE Linux Enterprise Point of Sale 11 SP3", }, { category: "default_component_of", full_product_name: { name: "kernel-default-base-3.0.101-0.47.106.50.1.i586 as component of SUSE Linux Enterprise Point of Sale 11 SP3", product_id: "SUSE Linux Enterprise Point of Sale 11 SP3:kernel-default-base-3.0.101-0.47.106.50.1.i586", }, product_reference: "kernel-default-base-3.0.101-0.47.106.50.1.i586", relates_to_product_reference: "SUSE Linux Enterprise Point of Sale 11 SP3", }, { category: "default_component_of", full_product_name: { name: "kernel-default-devel-3.0.101-0.47.106.50.1.i586 as component of SUSE Linux Enterprise Point of Sale 11 SP3", product_id: "SUSE Linux Enterprise Point of Sale 11 SP3:kernel-default-devel-3.0.101-0.47.106.50.1.i586", }, product_reference: "kernel-default-devel-3.0.101-0.47.106.50.1.i586", relates_to_product_reference: "SUSE Linux Enterprise Point of Sale 11 SP3", }, { category: "default_component_of", full_product_name: { name: "kernel-ec2-3.0.101-0.47.106.50.1.i586 as component of SUSE Linux Enterprise Point of Sale 11 SP3", product_id: "SUSE Linux Enterprise Point of Sale 11 SP3:kernel-ec2-3.0.101-0.47.106.50.1.i586", }, product_reference: "kernel-ec2-3.0.101-0.47.106.50.1.i586", relates_to_product_reference: "SUSE Linux Enterprise Point of Sale 11 SP3", }, { category: "default_component_of", full_product_name: { name: "kernel-ec2-base-3.0.101-0.47.106.50.1.i586 as component of SUSE Linux Enterprise Point of Sale 11 SP3", product_id: "SUSE Linux Enterprise Point of Sale 11 SP3:kernel-ec2-base-3.0.101-0.47.106.50.1.i586", }, product_reference: "kernel-ec2-base-3.0.101-0.47.106.50.1.i586", relates_to_product_reference: "SUSE Linux Enterprise Point of Sale 11 SP3", }, { category: "default_component_of", full_product_name: { name: "kernel-ec2-devel-3.0.101-0.47.106.50.1.i586 as component of SUSE Linux Enterprise Point of Sale 11 SP3", product_id: "SUSE Linux Enterprise Point of Sale 11 SP3:kernel-ec2-devel-3.0.101-0.47.106.50.1.i586", }, product_reference: "kernel-ec2-devel-3.0.101-0.47.106.50.1.i586", relates_to_product_reference: "SUSE Linux Enterprise Point of Sale 11 SP3", }, { category: "default_component_of", full_product_name: { name: "kernel-pae-3.0.101-0.47.106.50.1.i586 as component of SUSE Linux Enterprise Point of Sale 11 SP3", product_id: "SUSE Linux Enterprise Point of Sale 11 SP3:kernel-pae-3.0.101-0.47.106.50.1.i586", }, product_reference: "kernel-pae-3.0.101-0.47.106.50.1.i586", relates_to_product_reference: "SUSE Linux Enterprise Point of Sale 11 SP3", }, { category: "default_component_of", full_product_name: { name: "kernel-pae-base-3.0.101-0.47.106.50.1.i586 as component of SUSE Linux Enterprise Point of Sale 11 SP3", product_id: "SUSE Linux Enterprise Point of Sale 11 SP3:kernel-pae-base-3.0.101-0.47.106.50.1.i586", }, product_reference: "kernel-pae-base-3.0.101-0.47.106.50.1.i586", relates_to_product_reference: "SUSE Linux Enterprise Point of Sale 11 SP3", }, { category: "default_component_of", full_product_name: { name: "kernel-pae-devel-3.0.101-0.47.106.50.1.i586 as component of SUSE Linux Enterprise Point of Sale 11 SP3", product_id: "SUSE Linux Enterprise Point of Sale 11 SP3:kernel-pae-devel-3.0.101-0.47.106.50.1.i586", }, product_reference: "kernel-pae-devel-3.0.101-0.47.106.50.1.i586", relates_to_product_reference: "SUSE Linux Enterprise Point of Sale 11 SP3", }, { category: "default_component_of", full_product_name: { name: "kernel-source-3.0.101-0.47.106.50.1.i586 as component of SUSE Linux Enterprise Point of Sale 11 SP3", product_id: "SUSE Linux Enterprise Point of Sale 11 SP3:kernel-source-3.0.101-0.47.106.50.1.i586", }, product_reference: "kernel-source-3.0.101-0.47.106.50.1.i586", relates_to_product_reference: "SUSE Linux Enterprise Point of Sale 11 SP3", }, { category: "default_component_of", full_product_name: { name: "kernel-syms-3.0.101-0.47.106.50.1.i586 as component of SUSE Linux Enterprise Point of Sale 11 SP3", product_id: "SUSE Linux Enterprise Point of Sale 11 SP3:kernel-syms-3.0.101-0.47.106.50.1.i586", }, product_reference: "kernel-syms-3.0.101-0.47.106.50.1.i586", relates_to_product_reference: "SUSE Linux Enterprise Point of Sale 11 SP3", }, { category: "default_component_of", full_product_name: { name: "kernel-trace-3.0.101-0.47.106.50.1.i586 as component of SUSE Linux Enterprise Point of Sale 11 SP3", product_id: "SUSE Linux Enterprise Point of Sale 11 SP3:kernel-trace-3.0.101-0.47.106.50.1.i586", }, product_reference: "kernel-trace-3.0.101-0.47.106.50.1.i586", relates_to_product_reference: "SUSE Linux Enterprise Point of Sale 11 SP3", }, { category: "default_component_of", full_product_name: { name: "kernel-trace-base-3.0.101-0.47.106.50.1.i586 as component of SUSE Linux Enterprise Point of Sale 11 SP3", product_id: "SUSE Linux Enterprise Point of Sale 11 SP3:kernel-trace-base-3.0.101-0.47.106.50.1.i586", }, product_reference: "kernel-trace-base-3.0.101-0.47.106.50.1.i586", relates_to_product_reference: "SUSE Linux Enterprise Point of Sale 11 SP3", }, { category: "default_component_of", full_product_name: { name: "kernel-trace-devel-3.0.101-0.47.106.50.1.i586 as component of SUSE Linux Enterprise Point of Sale 11 SP3", product_id: "SUSE Linux Enterprise Point of Sale 11 SP3:kernel-trace-devel-3.0.101-0.47.106.50.1.i586", }, product_reference: "kernel-trace-devel-3.0.101-0.47.106.50.1.i586", relates_to_product_reference: "SUSE Linux Enterprise Point of Sale 11 SP3", }, { category: "default_component_of", full_product_name: { name: "kernel-xen-3.0.101-0.47.106.50.1.i586 as component of SUSE Linux Enterprise Point of Sale 11 SP3", product_id: "SUSE Linux Enterprise Point of Sale 11 SP3:kernel-xen-3.0.101-0.47.106.50.1.i586", }, product_reference: "kernel-xen-3.0.101-0.47.106.50.1.i586", relates_to_product_reference: "SUSE Linux Enterprise Point of Sale 11 SP3", }, { category: "default_component_of", full_product_name: { name: "kernel-xen-base-3.0.101-0.47.106.50.1.i586 as component of SUSE Linux Enterprise Point of Sale 11 SP3", product_id: "SUSE Linux Enterprise Point of Sale 11 SP3:kernel-xen-base-3.0.101-0.47.106.50.1.i586", }, product_reference: "kernel-xen-base-3.0.101-0.47.106.50.1.i586", relates_to_product_reference: "SUSE Linux Enterprise Point of Sale 11 SP3", }, { category: "default_component_of", full_product_name: { name: "kernel-xen-devel-3.0.101-0.47.106.50.1.i586 as component of SUSE Linux Enterprise Point of Sale 11 SP3", product_id: "SUSE Linux Enterprise Point of Sale 11 SP3:kernel-xen-devel-3.0.101-0.47.106.50.1.i586", }, product_reference: "kernel-xen-devel-3.0.101-0.47.106.50.1.i586", relates_to_product_reference: "SUSE Linux Enterprise Point of Sale 11 SP3", }, { category: "default_component_of", full_product_name: { name: "kernel-bigsmp-3.0.101-0.47.106.50.1.x86_64 as component of SUSE Linux Enterprise Server 11 SP3-LTSS", product_id: "SUSE Linux Enterprise Server 11 SP3-LTSS:kernel-bigsmp-3.0.101-0.47.106.50.1.x86_64", }, product_reference: "kernel-bigsmp-3.0.101-0.47.106.50.1.x86_64", relates_to_product_reference: "SUSE Linux Enterprise Server 11 SP3-LTSS", }, { category: "default_component_of", full_product_name: { name: "kernel-bigsmp-base-3.0.101-0.47.106.50.1.x86_64 as component of SUSE Linux Enterprise Server 11 SP3-LTSS", product_id: "SUSE Linux Enterprise Server 11 SP3-LTSS:kernel-bigsmp-base-3.0.101-0.47.106.50.1.x86_64", }, product_reference: "kernel-bigsmp-base-3.0.101-0.47.106.50.1.x86_64", relates_to_product_reference: "SUSE Linux Enterprise Server 11 SP3-LTSS", }, { category: "default_component_of", full_product_name: { name: "kernel-bigsmp-devel-3.0.101-0.47.106.50.1.x86_64 as component of SUSE Linux Enterprise Server 11 SP3-LTSS", product_id: "SUSE Linux Enterprise Server 11 SP3-LTSS:kernel-bigsmp-devel-3.0.101-0.47.106.50.1.x86_64", }, product_reference: "kernel-bigsmp-devel-3.0.101-0.47.106.50.1.x86_64", relates_to_product_reference: "SUSE Linux Enterprise Server 11 SP3-LTSS", }, { category: "default_component_of", full_product_name: { name: "kernel-default-3.0.101-0.47.106.50.1.i586 as component of SUSE Linux Enterprise Server 11 SP3-LTSS", product_id: "SUSE Linux Enterprise Server 11 SP3-LTSS:kernel-default-3.0.101-0.47.106.50.1.i586", }, product_reference: "kernel-default-3.0.101-0.47.106.50.1.i586", relates_to_product_reference: "SUSE Linux Enterprise Server 11 SP3-LTSS", }, { category: "default_component_of", full_product_name: { name: "kernel-default-3.0.101-0.47.106.50.1.s390x as component of SUSE Linux Enterprise Server 11 SP3-LTSS", product_id: "SUSE Linux Enterprise Server 11 SP3-LTSS:kernel-default-3.0.101-0.47.106.50.1.s390x", }, product_reference: "kernel-default-3.0.101-0.47.106.50.1.s390x", relates_to_product_reference: "SUSE Linux Enterprise Server 11 SP3-LTSS", }, { category: "default_component_of", full_product_name: { name: "kernel-default-3.0.101-0.47.106.50.1.x86_64 as component of SUSE Linux Enterprise Server 11 SP3-LTSS", product_id: "SUSE Linux Enterprise Server 11 SP3-LTSS:kernel-default-3.0.101-0.47.106.50.1.x86_64", }, product_reference: "kernel-default-3.0.101-0.47.106.50.1.x86_64", relates_to_product_reference: "SUSE Linux Enterprise Server 11 SP3-LTSS", }, { category: "default_component_of", full_product_name: { name: "kernel-default-base-3.0.101-0.47.106.50.1.i586 as component of SUSE Linux Enterprise Server 11 SP3-LTSS", product_id: "SUSE Linux Enterprise Server 11 SP3-LTSS:kernel-default-base-3.0.101-0.47.106.50.1.i586", }, product_reference: "kernel-default-base-3.0.101-0.47.106.50.1.i586", relates_to_product_reference: "SUSE Linux Enterprise Server 11 SP3-LTSS", }, { category: "default_component_of", full_product_name: { name: "kernel-default-base-3.0.101-0.47.106.50.1.s390x as component of SUSE Linux Enterprise Server 11 SP3-LTSS", product_id: "SUSE Linux Enterprise Server 11 SP3-LTSS:kernel-default-base-3.0.101-0.47.106.50.1.s390x", }, product_reference: "kernel-default-base-3.0.101-0.47.106.50.1.s390x", relates_to_product_reference: "SUSE Linux Enterprise Server 11 SP3-LTSS", }, { category: "default_component_of", full_product_name: { name: "kernel-default-base-3.0.101-0.47.106.50.1.x86_64 as component of SUSE Linux Enterprise Server 11 SP3-LTSS", product_id: "SUSE Linux Enterprise Server 11 SP3-LTSS:kernel-default-base-3.0.101-0.47.106.50.1.x86_64", }, product_reference: "kernel-default-base-3.0.101-0.47.106.50.1.x86_64", relates_to_product_reference: "SUSE Linux Enterprise Server 11 SP3-LTSS", }, { category: "default_component_of", full_product_name: { name: "kernel-default-devel-3.0.101-0.47.106.50.1.i586 as component of SUSE Linux Enterprise Server 11 SP3-LTSS", product_id: "SUSE Linux Enterprise Server 11 SP3-LTSS:kernel-default-devel-3.0.101-0.47.106.50.1.i586", }, product_reference: "kernel-default-devel-3.0.101-0.47.106.50.1.i586", relates_to_product_reference: "SUSE Linux Enterprise Server 11 SP3-LTSS", }, { category: "default_component_of", full_product_name: { name: "kernel-default-devel-3.0.101-0.47.106.50.1.s390x as component of SUSE Linux Enterprise Server 11 SP3-LTSS", product_id: "SUSE Linux Enterprise Server 11 SP3-LTSS:kernel-default-devel-3.0.101-0.47.106.50.1.s390x", }, product_reference: "kernel-default-devel-3.0.101-0.47.106.50.1.s390x", relates_to_product_reference: "SUSE Linux Enterprise Server 11 SP3-LTSS", }, { category: "default_component_of", full_product_name: { name: "kernel-default-devel-3.0.101-0.47.106.50.1.x86_64 as component of SUSE Linux Enterprise Server 11 SP3-LTSS", product_id: "SUSE Linux Enterprise Server 11 SP3-LTSS:kernel-default-devel-3.0.101-0.47.106.50.1.x86_64", }, product_reference: "kernel-default-devel-3.0.101-0.47.106.50.1.x86_64", relates_to_product_reference: "SUSE Linux Enterprise Server 11 SP3-LTSS", }, { category: "default_component_of", full_product_name: { name: "kernel-default-man-3.0.101-0.47.106.50.1.s390x as component of SUSE Linux Enterprise Server 11 SP3-LTSS", product_id: "SUSE Linux Enterprise Server 11 SP3-LTSS:kernel-default-man-3.0.101-0.47.106.50.1.s390x", }, product_reference: "kernel-default-man-3.0.101-0.47.106.50.1.s390x", relates_to_product_reference: "SUSE Linux Enterprise Server 11 SP3-LTSS", }, { category: "default_component_of", full_product_name: { name: "kernel-ec2-3.0.101-0.47.106.50.1.i586 as component of SUSE Linux Enterprise Server 11 SP3-LTSS", product_id: "SUSE Linux Enterprise Server 11 SP3-LTSS:kernel-ec2-3.0.101-0.47.106.50.1.i586", }, product_reference: "kernel-ec2-3.0.101-0.47.106.50.1.i586", relates_to_product_reference: "SUSE Linux Enterprise Server 11 SP3-LTSS", }, { category: "default_component_of", full_product_name: { name: "kernel-ec2-3.0.101-0.47.106.50.1.x86_64 as component of SUSE Linux Enterprise Server 11 SP3-LTSS", product_id: "SUSE Linux Enterprise Server 11 SP3-LTSS:kernel-ec2-3.0.101-0.47.106.50.1.x86_64", }, product_reference: "kernel-ec2-3.0.101-0.47.106.50.1.x86_64", relates_to_product_reference: "SUSE Linux Enterprise Server 11 SP3-LTSS", }, { category: "default_component_of", full_product_name: { name: "kernel-ec2-base-3.0.101-0.47.106.50.1.i586 as component of SUSE Linux Enterprise Server 11 SP3-LTSS", product_id: "SUSE Linux Enterprise Server 11 SP3-LTSS:kernel-ec2-base-3.0.101-0.47.106.50.1.i586", }, product_reference: "kernel-ec2-base-3.0.101-0.47.106.50.1.i586", relates_to_product_reference: "SUSE Linux Enterprise Server 11 SP3-LTSS", }, { category: "default_component_of", full_product_name: { name: "kernel-ec2-base-3.0.101-0.47.106.50.1.x86_64 as component of SUSE Linux Enterprise Server 11 SP3-LTSS", product_id: "SUSE Linux Enterprise Server 11 SP3-LTSS:kernel-ec2-base-3.0.101-0.47.106.50.1.x86_64", }, product_reference: "kernel-ec2-base-3.0.101-0.47.106.50.1.x86_64", relates_to_product_reference: "SUSE Linux Enterprise Server 11 SP3-LTSS", }, { category: "default_component_of", full_product_name: { name: "kernel-ec2-devel-3.0.101-0.47.106.50.1.i586 as component of SUSE Linux Enterprise Server 11 SP3-LTSS", product_id: "SUSE Linux Enterprise Server 11 SP3-LTSS:kernel-ec2-devel-3.0.101-0.47.106.50.1.i586", }, product_reference: "kernel-ec2-devel-3.0.101-0.47.106.50.1.i586", relates_to_product_reference: "SUSE Linux Enterprise Server 11 SP3-LTSS", }, { category: "default_component_of", full_product_name: { name: "kernel-ec2-devel-3.0.101-0.47.106.50.1.x86_64 as component of SUSE Linux Enterprise Server 11 SP3-LTSS", product_id: "SUSE Linux Enterprise Server 11 SP3-LTSS:kernel-ec2-devel-3.0.101-0.47.106.50.1.x86_64", }, product_reference: "kernel-ec2-devel-3.0.101-0.47.106.50.1.x86_64", relates_to_product_reference: "SUSE Linux Enterprise Server 11 SP3-LTSS", }, { category: "default_component_of", full_product_name: { name: "kernel-pae-3.0.101-0.47.106.50.1.i586 as component of SUSE Linux Enterprise Server 11 SP3-LTSS", product_id: "SUSE Linux Enterprise Server 11 SP3-LTSS:kernel-pae-3.0.101-0.47.106.50.1.i586", }, product_reference: "kernel-pae-3.0.101-0.47.106.50.1.i586", relates_to_product_reference: "SUSE Linux Enterprise Server 11 SP3-LTSS", }, { category: "default_component_of", full_product_name: { name: "kernel-pae-base-3.0.101-0.47.106.50.1.i586 as component of SUSE Linux Enterprise Server 11 SP3-LTSS", product_id: "SUSE Linux Enterprise Server 11 SP3-LTSS:kernel-pae-base-3.0.101-0.47.106.50.1.i586", }, product_reference: "kernel-pae-base-3.0.101-0.47.106.50.1.i586", relates_to_product_reference: "SUSE Linux Enterprise Server 11 SP3-LTSS", }, { category: "default_component_of", full_product_name: { name: "kernel-pae-devel-3.0.101-0.47.106.50.1.i586 as component of SUSE Linux Enterprise Server 11 SP3-LTSS", product_id: "SUSE Linux Enterprise Server 11 SP3-LTSS:kernel-pae-devel-3.0.101-0.47.106.50.1.i586", }, product_reference: "kernel-pae-devel-3.0.101-0.47.106.50.1.i586", relates_to_product_reference: "SUSE Linux Enterprise Server 11 SP3-LTSS", }, { category: "default_component_of", full_product_name: { name: "kernel-source-3.0.101-0.47.106.50.1.i586 as component of SUSE Linux Enterprise Server 11 SP3-LTSS", product_id: "SUSE Linux Enterprise Server 11 SP3-LTSS:kernel-source-3.0.101-0.47.106.50.1.i586", }, product_reference: "kernel-source-3.0.101-0.47.106.50.1.i586", relates_to_product_reference: "SUSE Linux Enterprise Server 11 SP3-LTSS", }, { category: "default_component_of", full_product_name: { name: "kernel-source-3.0.101-0.47.106.50.1.s390x as component of SUSE Linux Enterprise Server 11 SP3-LTSS", product_id: "SUSE Linux Enterprise Server 11 SP3-LTSS:kernel-source-3.0.101-0.47.106.50.1.s390x", }, product_reference: "kernel-source-3.0.101-0.47.106.50.1.s390x", relates_to_product_reference: "SUSE Linux Enterprise Server 11 SP3-LTSS", }, { category: "default_component_of", full_product_name: { name: "kernel-source-3.0.101-0.47.106.50.1.x86_64 as component of SUSE Linux Enterprise Server 11 SP3-LTSS", product_id: "SUSE Linux Enterprise Server 11 SP3-LTSS:kernel-source-3.0.101-0.47.106.50.1.x86_64", }, product_reference: "kernel-source-3.0.101-0.47.106.50.1.x86_64", relates_to_product_reference: "SUSE Linux Enterprise Server 11 SP3-LTSS", }, { category: "default_component_of", full_product_name: { name: "kernel-syms-3.0.101-0.47.106.50.1.i586 as component of SUSE Linux Enterprise Server 11 SP3-LTSS", product_id: "SUSE Linux Enterprise Server 11 SP3-LTSS:kernel-syms-3.0.101-0.47.106.50.1.i586", }, product_reference: "kernel-syms-3.0.101-0.47.106.50.1.i586", relates_to_product_reference: "SUSE Linux Enterprise Server 11 SP3-LTSS", }, { category: "default_component_of", full_product_name: { name: "kernel-syms-3.0.101-0.47.106.50.1.s390x as component of SUSE Linux Enterprise Server 11 SP3-LTSS", product_id: "SUSE Linux Enterprise Server 11 SP3-LTSS:kernel-syms-3.0.101-0.47.106.50.1.s390x", }, product_reference: "kernel-syms-3.0.101-0.47.106.50.1.s390x", relates_to_product_reference: "SUSE Linux Enterprise Server 11 SP3-LTSS", }, { category: "default_component_of", full_product_name: { name: "kernel-syms-3.0.101-0.47.106.50.1.x86_64 as component of SUSE Linux Enterprise Server 11 SP3-LTSS", product_id: "SUSE Linux Enterprise Server 11 SP3-LTSS:kernel-syms-3.0.101-0.47.106.50.1.x86_64", }, product_reference: "kernel-syms-3.0.101-0.47.106.50.1.x86_64", relates_to_product_reference: "SUSE Linux Enterprise Server 11 SP3-LTSS", }, { category: "default_component_of", full_product_name: { name: "kernel-trace-3.0.101-0.47.106.50.1.i586 as component of SUSE Linux Enterprise Server 11 SP3-LTSS", product_id: "SUSE Linux Enterprise Server 11 SP3-LTSS:kernel-trace-3.0.101-0.47.106.50.1.i586", }, product_reference: "kernel-trace-3.0.101-0.47.106.50.1.i586", relates_to_product_reference: "SUSE Linux Enterprise Server 11 SP3-LTSS", }, { category: "default_component_of", full_product_name: { name: "kernel-trace-3.0.101-0.47.106.50.1.s390x as component of SUSE Linux Enterprise Server 11 SP3-LTSS", product_id: "SUSE Linux Enterprise Server 11 SP3-LTSS:kernel-trace-3.0.101-0.47.106.50.1.s390x", }, product_reference: "kernel-trace-3.0.101-0.47.106.50.1.s390x", relates_to_product_reference: "SUSE Linux Enterprise Server 11 SP3-LTSS", }, { category: "default_component_of", full_product_name: { name: "kernel-trace-3.0.101-0.47.106.50.1.x86_64 as component of SUSE Linux Enterprise Server 11 SP3-LTSS", product_id: "SUSE Linux Enterprise Server 11 SP3-LTSS:kernel-trace-3.0.101-0.47.106.50.1.x86_64", }, product_reference: "kernel-trace-3.0.101-0.47.106.50.1.x86_64", relates_to_product_reference: "SUSE Linux Enterprise Server 11 SP3-LTSS", }, { category: "default_component_of", full_product_name: { name: "kernel-trace-base-3.0.101-0.47.106.50.1.i586 as component of SUSE Linux Enterprise Server 11 SP3-LTSS", product_id: "SUSE Linux Enterprise Server 11 SP3-LTSS:kernel-trace-base-3.0.101-0.47.106.50.1.i586", }, product_reference: "kernel-trace-base-3.0.101-0.47.106.50.1.i586", relates_to_product_reference: "SUSE Linux Enterprise Server 11 SP3-LTSS", }, { category: "default_component_of", full_product_name: { name: "kernel-trace-base-3.0.101-0.47.106.50.1.s390x as component of SUSE Linux Enterprise Server 11 SP3-LTSS", product_id: "SUSE Linux Enterprise Server 11 SP3-LTSS:kernel-trace-base-3.0.101-0.47.106.50.1.s390x", }, product_reference: "kernel-trace-base-3.0.101-0.47.106.50.1.s390x", relates_to_product_reference: "SUSE Linux Enterprise Server 11 SP3-LTSS", }, { category: "default_component_of", full_product_name: { name: "kernel-trace-base-3.0.101-0.47.106.50.1.x86_64 as component of SUSE Linux Enterprise Server 11 SP3-LTSS", product_id: "SUSE Linux Enterprise Server 11 SP3-LTSS:kernel-trace-base-3.0.101-0.47.106.50.1.x86_64", }, product_reference: "kernel-trace-base-3.0.101-0.47.106.50.1.x86_64", relates_to_product_reference: "SUSE Linux Enterprise Server 11 SP3-LTSS", }, { category: "default_component_of", full_product_name: { name: "kernel-trace-devel-3.0.101-0.47.106.50.1.i586 as component of SUSE Linux Enterprise Server 11 SP3-LTSS", product_id: "SUSE Linux Enterprise Server 11 SP3-LTSS:kernel-trace-devel-3.0.101-0.47.106.50.1.i586", }, product_reference: "kernel-trace-devel-3.0.101-0.47.106.50.1.i586", relates_to_product_reference: "SUSE Linux Enterprise Server 11 SP3-LTSS", }, { category: "default_component_of", full_product_name: { name: "kernel-trace-devel-3.0.101-0.47.106.50.1.s390x as component of SUSE Linux Enterprise Server 11 SP3-LTSS", product_id: "SUSE Linux Enterprise Server 11 SP3-LTSS:kernel-trace-devel-3.0.101-0.47.106.50.1.s390x", }, product_reference: "kernel-trace-devel-3.0.101-0.47.106.50.1.s390x", relates_to_product_reference: "SUSE Linux Enterprise Server 11 SP3-LTSS", }, { category: "default_component_of", full_product_name: { name: "kernel-trace-devel-3.0.101-0.47.106.50.1.x86_64 as component of SUSE Linux Enterprise Server 11 SP3-LTSS", product_id: "SUSE Linux Enterprise Server 11 SP3-LTSS:kernel-trace-devel-3.0.101-0.47.106.50.1.x86_64", }, product_reference: "kernel-trace-devel-3.0.101-0.47.106.50.1.x86_64", relates_to_product_reference: "SUSE Linux Enterprise Server 11 SP3-LTSS", }, { category: "default_component_of", full_product_name: { name: "kernel-xen-3.0.101-0.47.106.50.1.i586 as component of SUSE Linux Enterprise Server 11 SP3-LTSS", product_id: "SUSE Linux Enterprise Server 11 SP3-LTSS:kernel-xen-3.0.101-0.47.106.50.1.i586", }, product_reference: "kernel-xen-3.0.101-0.47.106.50.1.i586", relates_to_product_reference: "SUSE Linux Enterprise Server 11 SP3-LTSS", }, { category: "default_component_of", full_product_name: { name: "kernel-xen-3.0.101-0.47.106.50.1.x86_64 as component of SUSE Linux Enterprise Server 11 SP3-LTSS", product_id: "SUSE Linux Enterprise Server 11 SP3-LTSS:kernel-xen-3.0.101-0.47.106.50.1.x86_64", }, product_reference: "kernel-xen-3.0.101-0.47.106.50.1.x86_64", relates_to_product_reference: "SUSE Linux Enterprise Server 11 SP3-LTSS", }, { category: "default_component_of", full_product_name: { name: "kernel-xen-base-3.0.101-0.47.106.50.1.i586 as component of SUSE Linux Enterprise Server 11 SP3-LTSS", product_id: "SUSE Linux Enterprise Server 11 SP3-LTSS:kernel-xen-base-3.0.101-0.47.106.50.1.i586", }, product_reference: "kernel-xen-base-3.0.101-0.47.106.50.1.i586", relates_to_product_reference: "SUSE Linux Enterprise Server 11 SP3-LTSS", }, { category: "default_component_of", full_product_name: { name: "kernel-xen-base-3.0.101-0.47.106.50.1.x86_64 as component of SUSE Linux Enterprise Server 11 SP3-LTSS", product_id: "SUSE Linux Enterprise Server 11 SP3-LTSS:kernel-xen-base-3.0.101-0.47.106.50.1.x86_64", }, product_reference: "kernel-xen-base-3.0.101-0.47.106.50.1.x86_64", relates_to_product_reference: "SUSE Linux Enterprise Server 11 SP3-LTSS", }, { category: "default_component_of", full_product_name: { name: "kernel-xen-devel-3.0.101-0.47.106.50.1.i586 as component of SUSE Linux Enterprise Server 11 SP3-LTSS", product_id: "SUSE Linux Enterprise Server 11 SP3-LTSS:kernel-xen-devel-3.0.101-0.47.106.50.1.i586", }, product_reference: "kernel-xen-devel-3.0.101-0.47.106.50.1.i586", relates_to_product_reference: "SUSE Linux Enterprise Server 11 SP3-LTSS", }, { category: "default_component_of", full_product_name: { name: "kernel-xen-devel-3.0.101-0.47.106.50.1.x86_64 as component of SUSE Linux Enterprise Server 11 SP3-LTSS", product_id: "SUSE Linux Enterprise Server 11 SP3-LTSS:kernel-xen-devel-3.0.101-0.47.106.50.1.x86_64", }, product_reference: "kernel-xen-devel-3.0.101-0.47.106.50.1.x86_64", relates_to_product_reference: "SUSE Linux Enterprise Server 11 SP3-LTSS", }, ], }, vulnerabilities: [ { cve: "CVE-2018-10902", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2018-10902", }, ], notes: [ { category: "general", text: "It was found that the raw midi kernel driver does not protect against concurrent access which leads to a double realloc (double free) in snd_rawmidi_input_params() and snd_rawmidi_output_status() which are part of snd_rawmidi_ioctl() handler in rawmidi.c file. A malicious local attacker could possibly use this for privilege escalation.", title: "CVE description", }, ], product_status: { recommended: [ "SUSE Linux Enterprise Point of Sale 11 SP3:kernel-default-3.0.101-0.47.106.50.1.i586", "SUSE Linux Enterprise Point of Sale 11 SP3:kernel-default-base-3.0.101-0.47.106.50.1.i586", "SUSE Linux Enterprise Point of Sale 11 SP3:kernel-default-devel-3.0.101-0.47.106.50.1.i586", "SUSE Linux Enterprise Point of Sale 11 SP3:kernel-ec2-3.0.101-0.47.106.50.1.i586", "SUSE Linux Enterprise Point of Sale 11 SP3:kernel-ec2-base-3.0.101-0.47.106.50.1.i586", "SUSE Linux Enterprise Point of Sale 11 SP3:kernel-ec2-devel-3.0.101-0.47.106.50.1.i586", "SUSE Linux Enterprise Point of Sale 11 SP3:kernel-pae-3.0.101-0.47.106.50.1.i586", "SUSE Linux Enterprise Point of Sale 11 SP3:kernel-pae-base-3.0.101-0.47.106.50.1.i586", "SUSE Linux Enterprise Point of Sale 11 SP3:kernel-pae-devel-3.0.101-0.47.106.50.1.i586", "SUSE Linux Enterprise Point of Sale 11 SP3:kernel-source-3.0.101-0.47.106.50.1.i586", "SUSE Linux Enterprise Point of Sale 11 SP3:kernel-syms-3.0.101-0.47.106.50.1.i586", "SUSE Linux Enterprise Point of Sale 11 SP3:kernel-trace-3.0.101-0.47.106.50.1.i586", "SUSE Linux Enterprise Point of Sale 11 SP3:kernel-trace-base-3.0.101-0.47.106.50.1.i586", "SUSE Linux Enterprise Point of Sale 11 SP3:kernel-trace-devel-3.0.101-0.47.106.50.1.i586", "SUSE Linux Enterprise Point of Sale 11 SP3:kernel-xen-3.0.101-0.47.106.50.1.i586", "SUSE Linux Enterprise Point of Sale 11 SP3:kernel-xen-base-3.0.101-0.47.106.50.1.i586", "SUSE Linux Enterprise Point of Sale 11 SP3:kernel-xen-devel-3.0.101-0.47.106.50.1.i586", "SUSE Linux Enterprise Server 11 SP3-LTSS:kernel-bigsmp-3.0.101-0.47.106.50.1.x86_64", "SUSE Linux Enterprise Server 11 SP3-LTSS:kernel-bigsmp-base-3.0.101-0.47.106.50.1.x86_64", "SUSE Linux Enterprise Server 11 SP3-LTSS:kernel-bigsmp-devel-3.0.101-0.47.106.50.1.x86_64", "SUSE Linux Enterprise Server 11 SP3-LTSS:kernel-default-3.0.101-0.47.106.50.1.i586", "SUSE Linux Enterprise Server 11 SP3-LTSS:kernel-default-3.0.101-0.47.106.50.1.s390x", "SUSE Linux Enterprise Server 11 SP3-LTSS:kernel-default-3.0.101-0.47.106.50.1.x86_64", "SUSE Linux Enterprise Server 11 SP3-LTSS:kernel-default-base-3.0.101-0.47.106.50.1.i586", "SUSE Linux Enterprise Server 11 SP3-LTSS:kernel-default-base-3.0.101-0.47.106.50.1.s390x", "SUSE Linux Enterprise Server 11 SP3-LTSS:kernel-default-base-3.0.101-0.47.106.50.1.x86_64", "SUSE Linux Enterprise Server 11 SP3-LTSS:kernel-default-devel-3.0.101-0.47.106.50.1.i586", "SUSE Linux Enterprise Server 11 SP3-LTSS:kernel-default-devel-3.0.101-0.47.106.50.1.s390x", "SUSE Linux Enterprise Server 11 SP3-LTSS:kernel-default-devel-3.0.101-0.47.106.50.1.x86_64", "SUSE Linux Enterprise Server 11 SP3-LTSS:kernel-default-man-3.0.101-0.47.106.50.1.s390x", "SUSE Linux Enterprise Server 11 SP3-LTSS:kernel-ec2-3.0.101-0.47.106.50.1.i586", "SUSE Linux Enterprise Server 11 SP3-LTSS:kernel-ec2-3.0.101-0.47.106.50.1.x86_64", "SUSE Linux Enterprise Server 11 SP3-LTSS:kernel-ec2-base-3.0.101-0.47.106.50.1.i586", "SUSE Linux Enterprise Server 11 SP3-LTSS:kernel-ec2-base-3.0.101-0.47.106.50.1.x86_64", "SUSE Linux Enterprise Server 11 SP3-LTSS:kernel-ec2-devel-3.0.101-0.47.106.50.1.i586", "SUSE Linux Enterprise Server 11 SP3-LTSS:kernel-ec2-devel-3.0.101-0.47.106.50.1.x86_64", "SUSE Linux Enterprise Server 11 SP3-LTSS:kernel-pae-3.0.101-0.47.106.50.1.i586", "SUSE Linux Enterprise Server 11 SP3-LTSS:kernel-pae-base-3.0.101-0.47.106.50.1.i586", "SUSE Linux Enterprise Server 11 SP3-LTSS:kernel-pae-devel-3.0.101-0.47.106.50.1.i586", "SUSE Linux Enterprise Server 11 SP3-LTSS:kernel-source-3.0.101-0.47.106.50.1.i586", "SUSE Linux Enterprise Server 11 SP3-LTSS:kernel-source-3.0.101-0.47.106.50.1.s390x", "SUSE Linux Enterprise Server 11 SP3-LTSS:kernel-source-3.0.101-0.47.106.50.1.x86_64", "SUSE Linux Enterprise Server 11 SP3-LTSS:kernel-syms-3.0.101-0.47.106.50.1.i586", "SUSE Linux Enterprise Server 11 SP3-LTSS:kernel-syms-3.0.101-0.47.106.50.1.s390x", "SUSE Linux Enterprise Server 11 SP3-LTSS:kernel-syms-3.0.101-0.47.106.50.1.x86_64", "SUSE Linux Enterprise Server 11 SP3-LTSS:kernel-trace-3.0.101-0.47.106.50.1.i586", "SUSE Linux Enterprise Server 11 SP3-LTSS:kernel-trace-3.0.101-0.47.106.50.1.s390x", "SUSE Linux Enterprise Server 11 SP3-LTSS:kernel-trace-3.0.101-0.47.106.50.1.x86_64", "SUSE Linux Enterprise Server 11 SP3-LTSS:kernel-trace-base-3.0.101-0.47.106.50.1.i586", "SUSE Linux Enterprise Server 11 SP3-LTSS:kernel-trace-base-3.0.101-0.47.106.50.1.s390x", "SUSE Linux Enterprise Server 11 SP3-LTSS:kernel-trace-base-3.0.101-0.47.106.50.1.x86_64", "SUSE Linux Enterprise Server 11 SP3-LTSS:kernel-trace-devel-3.0.101-0.47.106.50.1.i586", "SUSE Linux Enterprise Server 11 SP3-LTSS:kernel-trace-devel-3.0.101-0.47.106.50.1.s390x", "SUSE Linux Enterprise Server 11 SP3-LTSS:kernel-trace-devel-3.0.101-0.47.106.50.1.x86_64", "SUSE Linux Enterprise Server 11 SP3-LTSS:kernel-xen-3.0.101-0.47.106.50.1.i586", "SUSE Linux Enterprise Server 11 SP3-LTSS:kernel-xen-3.0.101-0.47.106.50.1.x86_64", "SUSE Linux Enterprise Server 11 SP3-LTSS:kernel-xen-base-3.0.101-0.47.106.50.1.i586", "SUSE Linux Enterprise Server 11 SP3-LTSS:kernel-xen-base-3.0.101-0.47.106.50.1.x86_64", "SUSE Linux Enterprise Server 11 SP3-LTSS:kernel-xen-devel-3.0.101-0.47.106.50.1.i586", "SUSE Linux Enterprise Server 11 SP3-LTSS:kernel-xen-devel-3.0.101-0.47.106.50.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2018-10902", url: "https://www.suse.com/security/cve/CVE-2018-10902", }, { category: "external", summary: "SUSE Bug 1105322 for CVE-2018-10902", url: "https://bugzilla.suse.com/1105322", }, { category: "external", summary: "SUSE Bug 1105323 for CVE-2018-10902", url: "https://bugzilla.suse.com/1105323", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE Linux Enterprise Point of Sale 11 SP3:kernel-default-3.0.101-0.47.106.50.1.i586", "SUSE Linux Enterprise Point of Sale 11 SP3:kernel-default-base-3.0.101-0.47.106.50.1.i586", "SUSE Linux Enterprise Point of Sale 11 SP3:kernel-default-devel-3.0.101-0.47.106.50.1.i586", "SUSE Linux Enterprise Point of Sale 11 SP3:kernel-ec2-3.0.101-0.47.106.50.1.i586", "SUSE Linux Enterprise Point of Sale 11 SP3:kernel-ec2-base-3.0.101-0.47.106.50.1.i586", "SUSE Linux Enterprise Point of Sale 11 SP3:kernel-ec2-devel-3.0.101-0.47.106.50.1.i586", "SUSE Linux Enterprise Point of Sale 11 SP3:kernel-pae-3.0.101-0.47.106.50.1.i586", "SUSE Linux Enterprise Point of Sale 11 SP3:kernel-pae-base-3.0.101-0.47.106.50.1.i586", "SUSE Linux Enterprise Point of Sale 11 SP3:kernel-pae-devel-3.0.101-0.47.106.50.1.i586", "SUSE Linux Enterprise Point of Sale 11 SP3:kernel-source-3.0.101-0.47.106.50.1.i586", "SUSE Linux Enterprise Point of Sale 11 SP3:kernel-syms-3.0.101-0.47.106.50.1.i586", "SUSE Linux Enterprise Point of Sale 11 SP3:kernel-trace-3.0.101-0.47.106.50.1.i586", "SUSE Linux Enterprise Point of Sale 11 SP3:kernel-trace-base-3.0.101-0.47.106.50.1.i586", "SUSE Linux Enterprise Point of Sale 11 SP3:kernel-trace-devel-3.0.101-0.47.106.50.1.i586", "SUSE Linux Enterprise Point of Sale 11 SP3:kernel-xen-3.0.101-0.47.106.50.1.i586", "SUSE Linux Enterprise Point of Sale 11 SP3:kernel-xen-base-3.0.101-0.47.106.50.1.i586", "SUSE Linux Enterprise Point of Sale 11 SP3:kernel-xen-devel-3.0.101-0.47.106.50.1.i586", "SUSE Linux Enterprise Server 11 SP3-LTSS:kernel-bigsmp-3.0.101-0.47.106.50.1.x86_64", "SUSE Linux Enterprise Server 11 SP3-LTSS:kernel-bigsmp-base-3.0.101-0.47.106.50.1.x86_64", "SUSE Linux Enterprise Server 11 SP3-LTSS:kernel-bigsmp-devel-3.0.101-0.47.106.50.1.x86_64", "SUSE Linux Enterprise Server 11 SP3-LTSS:kernel-default-3.0.101-0.47.106.50.1.i586", "SUSE Linux Enterprise Server 11 SP3-LTSS:kernel-default-3.0.101-0.47.106.50.1.s390x", "SUSE Linux Enterprise Server 11 SP3-LTSS:kernel-default-3.0.101-0.47.106.50.1.x86_64", "SUSE Linux Enterprise Server 11 SP3-LTSS:kernel-default-base-3.0.101-0.47.106.50.1.i586", "SUSE Linux Enterprise Server 11 SP3-LTSS:kernel-default-base-3.0.101-0.47.106.50.1.s390x", "SUSE Linux Enterprise Server 11 SP3-LTSS:kernel-default-base-3.0.101-0.47.106.50.1.x86_64", "SUSE Linux Enterprise Server 11 SP3-LTSS:kernel-default-devel-3.0.101-0.47.106.50.1.i586", "SUSE Linux Enterprise Server 11 SP3-LTSS:kernel-default-devel-3.0.101-0.47.106.50.1.s390x", "SUSE Linux Enterprise Server 11 SP3-LTSS:kernel-default-devel-3.0.101-0.47.106.50.1.x86_64", "SUSE Linux Enterprise Server 11 SP3-LTSS:kernel-default-man-3.0.101-0.47.106.50.1.s390x", "SUSE Linux Enterprise Server 11 SP3-LTSS:kernel-ec2-3.0.101-0.47.106.50.1.i586", "SUSE Linux Enterprise Server 11 SP3-LTSS:kernel-ec2-3.0.101-0.47.106.50.1.x86_64", "SUSE Linux Enterprise Server 11 SP3-LTSS:kernel-ec2-base-3.0.101-0.47.106.50.1.i586", "SUSE Linux Enterprise Server 11 SP3-LTSS:kernel-ec2-base-3.0.101-0.47.106.50.1.x86_64", "SUSE Linux Enterprise Server 11 SP3-LTSS:kernel-ec2-devel-3.0.101-0.47.106.50.1.i586", "SUSE Linux Enterprise Server 11 SP3-LTSS:kernel-ec2-devel-3.0.101-0.47.106.50.1.x86_64", "SUSE Linux Enterprise Server 11 SP3-LTSS:kernel-pae-3.0.101-0.47.106.50.1.i586", "SUSE Linux Enterprise Server 11 SP3-LTSS:kernel-pae-base-3.0.101-0.47.106.50.1.i586", "SUSE Linux Enterprise Server 11 SP3-LTSS:kernel-pae-devel-3.0.101-0.47.106.50.1.i586", "SUSE Linux Enterprise Server 11 SP3-LTSS:kernel-source-3.0.101-0.47.106.50.1.i586", "SUSE Linux Enterprise Server 11 SP3-LTSS:kernel-source-3.0.101-0.47.106.50.1.s390x", "SUSE Linux Enterprise Server 11 SP3-LTSS:kernel-source-3.0.101-0.47.106.50.1.x86_64", "SUSE Linux Enterprise Server 11 SP3-LTSS:kernel-syms-3.0.101-0.47.106.50.1.i586", "SUSE Linux Enterprise Server 11 SP3-LTSS:kernel-syms-3.0.101-0.47.106.50.1.s390x", "SUSE Linux Enterprise Server 11 SP3-LTSS:kernel-syms-3.0.101-0.47.106.50.1.x86_64", "SUSE Linux Enterprise Server 11 SP3-LTSS:kernel-trace-3.0.101-0.47.106.50.1.i586", "SUSE Linux Enterprise Server 11 SP3-LTSS:kernel-trace-3.0.101-0.47.106.50.1.s390x", "SUSE Linux Enterprise Server 11 SP3-LTSS:kernel-trace-3.0.101-0.47.106.50.1.x86_64", "SUSE Linux Enterprise Server 11 SP3-LTSS:kernel-trace-base-3.0.101-0.47.106.50.1.i586", "SUSE Linux Enterprise Server 11 SP3-LTSS:kernel-trace-base-3.0.101-0.47.106.50.1.s390x", "SUSE Linux Enterprise Server 11 SP3-LTSS:kernel-trace-base-3.0.101-0.47.106.50.1.x86_64", "SUSE Linux Enterprise Server 11 SP3-LTSS:kernel-trace-devel-3.0.101-0.47.106.50.1.i586", "SUSE Linux Enterprise Server 11 SP3-LTSS:kernel-trace-devel-3.0.101-0.47.106.50.1.s390x", "SUSE Linux Enterprise Server 11 SP3-LTSS:kernel-trace-devel-3.0.101-0.47.106.50.1.x86_64", "SUSE Linux Enterprise Server 11 SP3-LTSS:kernel-xen-3.0.101-0.47.106.50.1.i586", "SUSE Linux Enterprise Server 11 SP3-LTSS:kernel-xen-3.0.101-0.47.106.50.1.x86_64", "SUSE Linux Enterprise Server 11 SP3-LTSS:kernel-xen-base-3.0.101-0.47.106.50.1.i586", "SUSE Linux Enterprise Server 11 SP3-LTSS:kernel-xen-base-3.0.101-0.47.106.50.1.x86_64", "SUSE Linux Enterprise Server 11 SP3-LTSS:kernel-xen-devel-3.0.101-0.47.106.50.1.i586", "SUSE Linux Enterprise Server 11 SP3-LTSS:kernel-xen-devel-3.0.101-0.47.106.50.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 7, baseSeverity: "HIGH", vectorString: "CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H", version: "3.0", }, products: [ "SUSE Linux Enterprise Point of Sale 11 SP3:kernel-default-3.0.101-0.47.106.50.1.i586", "SUSE Linux Enterprise Point of Sale 11 SP3:kernel-default-base-3.0.101-0.47.106.50.1.i586", "SUSE Linux Enterprise Point of Sale 11 SP3:kernel-default-devel-3.0.101-0.47.106.50.1.i586", "SUSE Linux Enterprise Point of Sale 11 SP3:kernel-ec2-3.0.101-0.47.106.50.1.i586", "SUSE Linux Enterprise Point of Sale 11 SP3:kernel-ec2-base-3.0.101-0.47.106.50.1.i586", "SUSE Linux Enterprise Point of Sale 11 SP3:kernel-ec2-devel-3.0.101-0.47.106.50.1.i586", "SUSE Linux Enterprise Point of Sale 11 SP3:kernel-pae-3.0.101-0.47.106.50.1.i586", "SUSE Linux Enterprise Point of Sale 11 SP3:kernel-pae-base-3.0.101-0.47.106.50.1.i586", "SUSE Linux Enterprise Point of Sale 11 SP3:kernel-pae-devel-3.0.101-0.47.106.50.1.i586", "SUSE Linux Enterprise Point of Sale 11 SP3:kernel-source-3.0.101-0.47.106.50.1.i586", "SUSE Linux Enterprise Point of Sale 11 SP3:kernel-syms-3.0.101-0.47.106.50.1.i586", "SUSE Linux Enterprise Point of Sale 11 SP3:kernel-trace-3.0.101-0.47.106.50.1.i586", "SUSE Linux Enterprise Point of Sale 11 SP3:kernel-trace-base-3.0.101-0.47.106.50.1.i586", "SUSE Linux Enterprise Point of Sale 11 SP3:kernel-trace-devel-3.0.101-0.47.106.50.1.i586", "SUSE Linux Enterprise Point of Sale 11 SP3:kernel-xen-3.0.101-0.47.106.50.1.i586", "SUSE Linux Enterprise Point of Sale 11 SP3:kernel-xen-base-3.0.101-0.47.106.50.1.i586", "SUSE Linux Enterprise Point of Sale 11 SP3:kernel-xen-devel-3.0.101-0.47.106.50.1.i586", "SUSE Linux Enterprise Server 11 SP3-LTSS:kernel-bigsmp-3.0.101-0.47.106.50.1.x86_64", "SUSE Linux Enterprise Server 11 SP3-LTSS:kernel-bigsmp-base-3.0.101-0.47.106.50.1.x86_64", "SUSE Linux Enterprise Server 11 SP3-LTSS:kernel-bigsmp-devel-3.0.101-0.47.106.50.1.x86_64", "SUSE Linux Enterprise Server 11 SP3-LTSS:kernel-default-3.0.101-0.47.106.50.1.i586", "SUSE Linux Enterprise Server 11 SP3-LTSS:kernel-default-3.0.101-0.47.106.50.1.s390x", "SUSE Linux Enterprise Server 11 SP3-LTSS:kernel-default-3.0.101-0.47.106.50.1.x86_64", "SUSE Linux Enterprise Server 11 SP3-LTSS:kernel-default-base-3.0.101-0.47.106.50.1.i586", "SUSE Linux Enterprise Server 11 SP3-LTSS:kernel-default-base-3.0.101-0.47.106.50.1.s390x", "SUSE Linux Enterprise Server 11 SP3-LTSS:kernel-default-base-3.0.101-0.47.106.50.1.x86_64", "SUSE Linux Enterprise Server 11 SP3-LTSS:kernel-default-devel-3.0.101-0.47.106.50.1.i586", "SUSE Linux Enterprise Server 11 SP3-LTSS:kernel-default-devel-3.0.101-0.47.106.50.1.s390x", "SUSE Linux Enterprise Server 11 SP3-LTSS:kernel-default-devel-3.0.101-0.47.106.50.1.x86_64", "SUSE Linux Enterprise Server 11 SP3-LTSS:kernel-default-man-3.0.101-0.47.106.50.1.s390x", "SUSE Linux Enterprise Server 11 SP3-LTSS:kernel-ec2-3.0.101-0.47.106.50.1.i586", "SUSE Linux Enterprise Server 11 SP3-LTSS:kernel-ec2-3.0.101-0.47.106.50.1.x86_64", "SUSE Linux Enterprise Server 11 SP3-LTSS:kernel-ec2-base-3.0.101-0.47.106.50.1.i586", "SUSE Linux Enterprise Server 11 SP3-LTSS:kernel-ec2-base-3.0.101-0.47.106.50.1.x86_64", "SUSE Linux Enterprise Server 11 SP3-LTSS:kernel-ec2-devel-3.0.101-0.47.106.50.1.i586", "SUSE Linux Enterprise Server 11 SP3-LTSS:kernel-ec2-devel-3.0.101-0.47.106.50.1.x86_64", "SUSE Linux Enterprise Server 11 SP3-LTSS:kernel-pae-3.0.101-0.47.106.50.1.i586", "SUSE Linux Enterprise Server 11 SP3-LTSS:kernel-pae-base-3.0.101-0.47.106.50.1.i586", "SUSE Linux Enterprise Server 11 SP3-LTSS:kernel-pae-devel-3.0.101-0.47.106.50.1.i586", "SUSE Linux Enterprise Server 11 SP3-LTSS:kernel-source-3.0.101-0.47.106.50.1.i586", "SUSE Linux Enterprise Server 11 SP3-LTSS:kernel-source-3.0.101-0.47.106.50.1.s390x", "SUSE Linux Enterprise Server 11 SP3-LTSS:kernel-source-3.0.101-0.47.106.50.1.x86_64", "SUSE Linux Enterprise Server 11 SP3-LTSS:kernel-syms-3.0.101-0.47.106.50.1.i586", "SUSE Linux Enterprise Server 11 SP3-LTSS:kernel-syms-3.0.101-0.47.106.50.1.s390x", "SUSE Linux Enterprise Server 11 SP3-LTSS:kernel-syms-3.0.101-0.47.106.50.1.x86_64", "SUSE Linux Enterprise Server 11 SP3-LTSS:kernel-trace-3.0.101-0.47.106.50.1.i586", "SUSE Linux Enterprise Server 11 SP3-LTSS:kernel-trace-3.0.101-0.47.106.50.1.s390x", "SUSE Linux Enterprise Server 11 SP3-LTSS:kernel-trace-3.0.101-0.47.106.50.1.x86_64", "SUSE Linux Enterprise Server 11 SP3-LTSS:kernel-trace-base-3.0.101-0.47.106.50.1.i586", "SUSE Linux Enterprise Server 11 SP3-LTSS:kernel-trace-base-3.0.101-0.47.106.50.1.s390x", "SUSE Linux Enterprise Server 11 SP3-LTSS:kernel-trace-base-3.0.101-0.47.106.50.1.x86_64", "SUSE Linux Enterprise Server 11 SP3-LTSS:kernel-trace-devel-3.0.101-0.47.106.50.1.i586", "SUSE Linux Enterprise Server 11 SP3-LTSS:kernel-trace-devel-3.0.101-0.47.106.50.1.s390x", "SUSE Linux Enterprise Server 11 SP3-LTSS:kernel-trace-devel-3.0.101-0.47.106.50.1.x86_64", "SUSE Linux Enterprise Server 11 SP3-LTSS:kernel-xen-3.0.101-0.47.106.50.1.i586", "SUSE Linux Enterprise Server 11 SP3-LTSS:kernel-xen-3.0.101-0.47.106.50.1.x86_64", "SUSE Linux Enterprise Server 11 SP3-LTSS:kernel-xen-base-3.0.101-0.47.106.50.1.i586", "SUSE Linux Enterprise Server 11 SP3-LTSS:kernel-xen-base-3.0.101-0.47.106.50.1.x86_64", "SUSE Linux Enterprise Server 11 SP3-LTSS:kernel-xen-devel-3.0.101-0.47.106.50.1.i586", "SUSE Linux Enterprise Server 11 SP3-LTSS:kernel-xen-devel-3.0.101-0.47.106.50.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2018-09-27T14:02:27Z", details: "moderate", }, ], title: "CVE-2018-10902", }, { cve: "CVE-2018-10940", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2018-10940", }, ], notes: [ { category: "general", text: "The cdrom_ioctl_media_changed function in drivers/cdrom/cdrom.c in the Linux kernel before 4.16.6 allows local attackers to use a incorrect bounds check in the CDROM driver CDROM_MEDIA_CHANGED ioctl to read out kernel memory.", title: "CVE description", }, ], product_status: { recommended: [ "SUSE Linux Enterprise Point of Sale 11 SP3:kernel-default-3.0.101-0.47.106.50.1.i586", "SUSE Linux Enterprise Point of Sale 11 SP3:kernel-default-base-3.0.101-0.47.106.50.1.i586", "SUSE Linux Enterprise Point of Sale 11 SP3:kernel-default-devel-3.0.101-0.47.106.50.1.i586", "SUSE Linux Enterprise Point of Sale 11 SP3:kernel-ec2-3.0.101-0.47.106.50.1.i586", "SUSE Linux Enterprise Point of Sale 11 SP3:kernel-ec2-base-3.0.101-0.47.106.50.1.i586", "SUSE Linux Enterprise Point of Sale 11 SP3:kernel-ec2-devel-3.0.101-0.47.106.50.1.i586", "SUSE Linux Enterprise Point of Sale 11 SP3:kernel-pae-3.0.101-0.47.106.50.1.i586", "SUSE Linux Enterprise Point of Sale 11 SP3:kernel-pae-base-3.0.101-0.47.106.50.1.i586", "SUSE Linux Enterprise Point of Sale 11 SP3:kernel-pae-devel-3.0.101-0.47.106.50.1.i586", "SUSE Linux Enterprise Point of Sale 11 SP3:kernel-source-3.0.101-0.47.106.50.1.i586", "SUSE Linux Enterprise Point of Sale 11 SP3:kernel-syms-3.0.101-0.47.106.50.1.i586", "SUSE Linux Enterprise Point of Sale 11 SP3:kernel-trace-3.0.101-0.47.106.50.1.i586", "SUSE Linux Enterprise Point of Sale 11 SP3:kernel-trace-base-3.0.101-0.47.106.50.1.i586", "SUSE Linux Enterprise Point of Sale 11 SP3:kernel-trace-devel-3.0.101-0.47.106.50.1.i586", "SUSE Linux Enterprise Point of Sale 11 SP3:kernel-xen-3.0.101-0.47.106.50.1.i586", "SUSE Linux Enterprise Point of Sale 11 SP3:kernel-xen-base-3.0.101-0.47.106.50.1.i586", "SUSE Linux Enterprise Point of Sale 11 SP3:kernel-xen-devel-3.0.101-0.47.106.50.1.i586", "SUSE Linux Enterprise Server 11 SP3-LTSS:kernel-bigsmp-3.0.101-0.47.106.50.1.x86_64", "SUSE Linux Enterprise Server 11 SP3-LTSS:kernel-bigsmp-base-3.0.101-0.47.106.50.1.x86_64", "SUSE Linux Enterprise Server 11 SP3-LTSS:kernel-bigsmp-devel-3.0.101-0.47.106.50.1.x86_64", "SUSE Linux Enterprise Server 11 SP3-LTSS:kernel-default-3.0.101-0.47.106.50.1.i586", "SUSE Linux Enterprise Server 11 SP3-LTSS:kernel-default-3.0.101-0.47.106.50.1.s390x", "SUSE Linux Enterprise Server 11 SP3-LTSS:kernel-default-3.0.101-0.47.106.50.1.x86_64", "SUSE Linux Enterprise Server 11 SP3-LTSS:kernel-default-base-3.0.101-0.47.106.50.1.i586", "SUSE Linux Enterprise Server 11 SP3-LTSS:kernel-default-base-3.0.101-0.47.106.50.1.s390x", "SUSE Linux Enterprise Server 11 SP3-LTSS:kernel-default-base-3.0.101-0.47.106.50.1.x86_64", "SUSE Linux Enterprise Server 11 SP3-LTSS:kernel-default-devel-3.0.101-0.47.106.50.1.i586", "SUSE Linux Enterprise Server 11 SP3-LTSS:kernel-default-devel-3.0.101-0.47.106.50.1.s390x", "SUSE Linux Enterprise Server 11 SP3-LTSS:kernel-default-devel-3.0.101-0.47.106.50.1.x86_64", "SUSE Linux Enterprise Server 11 SP3-LTSS:kernel-default-man-3.0.101-0.47.106.50.1.s390x", "SUSE Linux Enterprise Server 11 SP3-LTSS:kernel-ec2-3.0.101-0.47.106.50.1.i586", "SUSE Linux Enterprise Server 11 SP3-LTSS:kernel-ec2-3.0.101-0.47.106.50.1.x86_64", "SUSE Linux Enterprise Server 11 SP3-LTSS:kernel-ec2-base-3.0.101-0.47.106.50.1.i586", "SUSE Linux Enterprise Server 11 SP3-LTSS:kernel-ec2-base-3.0.101-0.47.106.50.1.x86_64", "SUSE Linux Enterprise Server 11 SP3-LTSS:kernel-ec2-devel-3.0.101-0.47.106.50.1.i586", "SUSE Linux Enterprise Server 11 SP3-LTSS:kernel-ec2-devel-3.0.101-0.47.106.50.1.x86_64", "SUSE Linux Enterprise Server 11 SP3-LTSS:kernel-pae-3.0.101-0.47.106.50.1.i586", "SUSE Linux Enterprise Server 11 SP3-LTSS:kernel-pae-base-3.0.101-0.47.106.50.1.i586", "SUSE Linux Enterprise Server 11 SP3-LTSS:kernel-pae-devel-3.0.101-0.47.106.50.1.i586", "SUSE Linux Enterprise Server 11 SP3-LTSS:kernel-source-3.0.101-0.47.106.50.1.i586", "SUSE Linux Enterprise Server 11 SP3-LTSS:kernel-source-3.0.101-0.47.106.50.1.s390x", "SUSE Linux Enterprise Server 11 SP3-LTSS:kernel-source-3.0.101-0.47.106.50.1.x86_64", "SUSE Linux Enterprise Server 11 SP3-LTSS:kernel-syms-3.0.101-0.47.106.50.1.i586", "SUSE Linux Enterprise Server 11 SP3-LTSS:kernel-syms-3.0.101-0.47.106.50.1.s390x", "SUSE Linux Enterprise Server 11 SP3-LTSS:kernel-syms-3.0.101-0.47.106.50.1.x86_64", "SUSE Linux Enterprise Server 11 SP3-LTSS:kernel-trace-3.0.101-0.47.106.50.1.i586", "SUSE Linux Enterprise Server 11 SP3-LTSS:kernel-trace-3.0.101-0.47.106.50.1.s390x", "SUSE Linux Enterprise Server 11 SP3-LTSS:kernel-trace-3.0.101-0.47.106.50.1.x86_64", "SUSE Linux Enterprise Server 11 SP3-LTSS:kernel-trace-base-3.0.101-0.47.106.50.1.i586", "SUSE Linux Enterprise Server 11 SP3-LTSS:kernel-trace-base-3.0.101-0.47.106.50.1.s390x", "SUSE Linux Enterprise Server 11 SP3-LTSS:kernel-trace-base-3.0.101-0.47.106.50.1.x86_64", "SUSE Linux Enterprise Server 11 SP3-LTSS:kernel-trace-devel-3.0.101-0.47.106.50.1.i586", "SUSE Linux Enterprise Server 11 SP3-LTSS:kernel-trace-devel-3.0.101-0.47.106.50.1.s390x", "SUSE Linux Enterprise Server 11 SP3-LTSS:kernel-trace-devel-3.0.101-0.47.106.50.1.x86_64", "SUSE Linux Enterprise Server 11 SP3-LTSS:kernel-xen-3.0.101-0.47.106.50.1.i586", "SUSE Linux Enterprise Server 11 SP3-LTSS:kernel-xen-3.0.101-0.47.106.50.1.x86_64", "SUSE Linux Enterprise Server 11 SP3-LTSS:kernel-xen-base-3.0.101-0.47.106.50.1.i586", "SUSE Linux Enterprise Server 11 SP3-LTSS:kernel-xen-base-3.0.101-0.47.106.50.1.x86_64", "SUSE Linux Enterprise Server 11 SP3-LTSS:kernel-xen-devel-3.0.101-0.47.106.50.1.i586", "SUSE Linux Enterprise Server 11 SP3-LTSS:kernel-xen-devel-3.0.101-0.47.106.50.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2018-10940", url: "https://www.suse.com/security/cve/CVE-2018-10940", }, { category: "external", summary: "SUSE Bug 1087082 for CVE-2018-10940", url: "https://bugzilla.suse.com/1087082", }, { category: "external", summary: "SUSE Bug 1092903 for CVE-2018-10940", url: "https://bugzilla.suse.com/1092903", }, { category: "external", summary: "SUSE Bug 1107689 for CVE-2018-10940", url: "https://bugzilla.suse.com/1107689", }, { category: "external", summary: "SUSE Bug 1113751 for CVE-2018-10940", url: "https://bugzilla.suse.com/1113751", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE Linux Enterprise Point of Sale 11 SP3:kernel-default-3.0.101-0.47.106.50.1.i586", "SUSE Linux Enterprise Point of Sale 11 SP3:kernel-default-base-3.0.101-0.47.106.50.1.i586", "SUSE Linux Enterprise Point of Sale 11 SP3:kernel-default-devel-3.0.101-0.47.106.50.1.i586", "SUSE Linux Enterprise Point of Sale 11 SP3:kernel-ec2-3.0.101-0.47.106.50.1.i586", "SUSE Linux Enterprise Point of Sale 11 SP3:kernel-ec2-base-3.0.101-0.47.106.50.1.i586", "SUSE Linux Enterprise Point of Sale 11 SP3:kernel-ec2-devel-3.0.101-0.47.106.50.1.i586", "SUSE Linux Enterprise Point of Sale 11 SP3:kernel-pae-3.0.101-0.47.106.50.1.i586", "SUSE Linux Enterprise Point of Sale 11 SP3:kernel-pae-base-3.0.101-0.47.106.50.1.i586", "SUSE Linux Enterprise Point of Sale 11 SP3:kernel-pae-devel-3.0.101-0.47.106.50.1.i586", "SUSE Linux Enterprise Point of Sale 11 SP3:kernel-source-3.0.101-0.47.106.50.1.i586", "SUSE Linux Enterprise Point of Sale 11 SP3:kernel-syms-3.0.101-0.47.106.50.1.i586", "SUSE Linux Enterprise Point of Sale 11 SP3:kernel-trace-3.0.101-0.47.106.50.1.i586", "SUSE Linux Enterprise Point of Sale 11 SP3:kernel-trace-base-3.0.101-0.47.106.50.1.i586", "SUSE Linux Enterprise Point of Sale 11 SP3:kernel-trace-devel-3.0.101-0.47.106.50.1.i586", "SUSE Linux Enterprise Point of Sale 11 SP3:kernel-xen-3.0.101-0.47.106.50.1.i586", "SUSE Linux Enterprise Point of Sale 11 SP3:kernel-xen-base-3.0.101-0.47.106.50.1.i586", "SUSE Linux Enterprise Point of Sale 11 SP3:kernel-xen-devel-3.0.101-0.47.106.50.1.i586", "SUSE Linux Enterprise Server 11 SP3-LTSS:kernel-bigsmp-3.0.101-0.47.106.50.1.x86_64", "SUSE Linux Enterprise Server 11 SP3-LTSS:kernel-bigsmp-base-3.0.101-0.47.106.50.1.x86_64", "SUSE Linux Enterprise Server 11 SP3-LTSS:kernel-bigsmp-devel-3.0.101-0.47.106.50.1.x86_64", "SUSE Linux Enterprise Server 11 SP3-LTSS:kernel-default-3.0.101-0.47.106.50.1.i586", "SUSE Linux Enterprise Server 11 SP3-LTSS:kernel-default-3.0.101-0.47.106.50.1.s390x", "SUSE Linux Enterprise Server 11 SP3-LTSS:kernel-default-3.0.101-0.47.106.50.1.x86_64", "SUSE Linux Enterprise Server 11 SP3-LTSS:kernel-default-base-3.0.101-0.47.106.50.1.i586", "SUSE Linux Enterprise Server 11 SP3-LTSS:kernel-default-base-3.0.101-0.47.106.50.1.s390x", "SUSE Linux Enterprise Server 11 SP3-LTSS:kernel-default-base-3.0.101-0.47.106.50.1.x86_64", "SUSE Linux Enterprise Server 11 SP3-LTSS:kernel-default-devel-3.0.101-0.47.106.50.1.i586", "SUSE Linux Enterprise Server 11 SP3-LTSS:kernel-default-devel-3.0.101-0.47.106.50.1.s390x", "SUSE Linux Enterprise Server 11 SP3-LTSS:kernel-default-devel-3.0.101-0.47.106.50.1.x86_64", "SUSE Linux Enterprise Server 11 SP3-LTSS:kernel-default-man-3.0.101-0.47.106.50.1.s390x", "SUSE Linux Enterprise Server 11 SP3-LTSS:kernel-ec2-3.0.101-0.47.106.50.1.i586", "SUSE Linux Enterprise Server 11 SP3-LTSS:kernel-ec2-3.0.101-0.47.106.50.1.x86_64", "SUSE Linux Enterprise Server 11 SP3-LTSS:kernel-ec2-base-3.0.101-0.47.106.50.1.i586", "SUSE Linux Enterprise Server 11 SP3-LTSS:kernel-ec2-base-3.0.101-0.47.106.50.1.x86_64", "SUSE Linux Enterprise Server 11 SP3-LTSS:kernel-ec2-devel-3.0.101-0.47.106.50.1.i586", "SUSE Linux Enterprise Server 11 SP3-LTSS:kernel-ec2-devel-3.0.101-0.47.106.50.1.x86_64", "SUSE Linux Enterprise Server 11 SP3-LTSS:kernel-pae-3.0.101-0.47.106.50.1.i586", "SUSE Linux Enterprise Server 11 SP3-LTSS:kernel-pae-base-3.0.101-0.47.106.50.1.i586", "SUSE Linux Enterprise Server 11 SP3-LTSS:kernel-pae-devel-3.0.101-0.47.106.50.1.i586", "SUSE Linux Enterprise Server 11 SP3-LTSS:kernel-source-3.0.101-0.47.106.50.1.i586", "SUSE Linux Enterprise Server 11 SP3-LTSS:kernel-source-3.0.101-0.47.106.50.1.s390x", "SUSE Linux Enterprise Server 11 SP3-LTSS:kernel-source-3.0.101-0.47.106.50.1.x86_64", "SUSE Linux Enterprise Server 11 SP3-LTSS:kernel-syms-3.0.101-0.47.106.50.1.i586", "SUSE Linux Enterprise Server 11 SP3-LTSS:kernel-syms-3.0.101-0.47.106.50.1.s390x", "SUSE Linux Enterprise Server 11 SP3-LTSS:kernel-syms-3.0.101-0.47.106.50.1.x86_64", "SUSE Linux Enterprise Server 11 SP3-LTSS:kernel-trace-3.0.101-0.47.106.50.1.i586", "SUSE Linux Enterprise Server 11 SP3-LTSS:kernel-trace-3.0.101-0.47.106.50.1.s390x", "SUSE Linux Enterprise Server 11 SP3-LTSS:kernel-trace-3.0.101-0.47.106.50.1.x86_64", "SUSE Linux Enterprise Server 11 SP3-LTSS:kernel-trace-base-3.0.101-0.47.106.50.1.i586", "SUSE Linux Enterprise Server 11 SP3-LTSS:kernel-trace-base-3.0.101-0.47.106.50.1.s390x", "SUSE Linux Enterprise Server 11 SP3-LTSS:kernel-trace-base-3.0.101-0.47.106.50.1.x86_64", "SUSE Linux Enterprise Server 11 SP3-LTSS:kernel-trace-devel-3.0.101-0.47.106.50.1.i586", "SUSE Linux Enterprise Server 11 SP3-LTSS:kernel-trace-devel-3.0.101-0.47.106.50.1.s390x", "SUSE Linux Enterprise Server 11 SP3-LTSS:kernel-trace-devel-3.0.101-0.47.106.50.1.x86_64", "SUSE Linux Enterprise Server 11 SP3-LTSS:kernel-xen-3.0.101-0.47.106.50.1.i586", "SUSE Linux Enterprise Server 11 SP3-LTSS:kernel-xen-3.0.101-0.47.106.50.1.x86_64", "SUSE Linux Enterprise Server 11 SP3-LTSS:kernel-xen-base-3.0.101-0.47.106.50.1.i586", "SUSE Linux Enterprise Server 11 SP3-LTSS:kernel-xen-base-3.0.101-0.47.106.50.1.x86_64", "SUSE Linux Enterprise Server 11 SP3-LTSS:kernel-xen-devel-3.0.101-0.47.106.50.1.i586", "SUSE Linux Enterprise Server 11 SP3-LTSS:kernel-xen-devel-3.0.101-0.47.106.50.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 6.2, baseSeverity: "MEDIUM", vectorString: "CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N", version: "3.0", }, products: [ "SUSE Linux Enterprise Point of Sale 11 SP3:kernel-default-3.0.101-0.47.106.50.1.i586", "SUSE Linux Enterprise Point of Sale 11 SP3:kernel-default-base-3.0.101-0.47.106.50.1.i586", "SUSE Linux Enterprise Point of Sale 11 SP3:kernel-default-devel-3.0.101-0.47.106.50.1.i586", "SUSE Linux Enterprise Point of Sale 11 SP3:kernel-ec2-3.0.101-0.47.106.50.1.i586", "SUSE Linux Enterprise Point of Sale 11 SP3:kernel-ec2-base-3.0.101-0.47.106.50.1.i586", "SUSE Linux Enterprise Point of Sale 11 SP3:kernel-ec2-devel-3.0.101-0.47.106.50.1.i586", "SUSE Linux Enterprise Point of Sale 11 SP3:kernel-pae-3.0.101-0.47.106.50.1.i586", "SUSE Linux Enterprise Point of Sale 11 SP3:kernel-pae-base-3.0.101-0.47.106.50.1.i586", "SUSE Linux Enterprise Point of Sale 11 SP3:kernel-pae-devel-3.0.101-0.47.106.50.1.i586", "SUSE Linux Enterprise Point of Sale 11 SP3:kernel-source-3.0.101-0.47.106.50.1.i586", "SUSE Linux Enterprise Point of Sale 11 SP3:kernel-syms-3.0.101-0.47.106.50.1.i586", "SUSE Linux Enterprise Point of Sale 11 SP3:kernel-trace-3.0.101-0.47.106.50.1.i586", "SUSE Linux Enterprise Point of Sale 11 SP3:kernel-trace-base-3.0.101-0.47.106.50.1.i586", "SUSE Linux Enterprise Point of Sale 11 SP3:kernel-trace-devel-3.0.101-0.47.106.50.1.i586", "SUSE Linux Enterprise Point of Sale 11 SP3:kernel-xen-3.0.101-0.47.106.50.1.i586", "SUSE Linux Enterprise Point of Sale 11 SP3:kernel-xen-base-3.0.101-0.47.106.50.1.i586", "SUSE Linux Enterprise Point of Sale 11 SP3:kernel-xen-devel-3.0.101-0.47.106.50.1.i586", "SUSE Linux Enterprise Server 11 SP3-LTSS:kernel-bigsmp-3.0.101-0.47.106.50.1.x86_64", "SUSE Linux Enterprise Server 11 SP3-LTSS:kernel-bigsmp-base-3.0.101-0.47.106.50.1.x86_64", "SUSE Linux Enterprise Server 11 SP3-LTSS:kernel-bigsmp-devel-3.0.101-0.47.106.50.1.x86_64", "SUSE Linux Enterprise Server 11 SP3-LTSS:kernel-default-3.0.101-0.47.106.50.1.i586", "SUSE Linux Enterprise Server 11 SP3-LTSS:kernel-default-3.0.101-0.47.106.50.1.s390x", "SUSE Linux Enterprise Server 11 SP3-LTSS:kernel-default-3.0.101-0.47.106.50.1.x86_64", "SUSE Linux Enterprise Server 11 SP3-LTSS:kernel-default-base-3.0.101-0.47.106.50.1.i586", "SUSE Linux Enterprise Server 11 SP3-LTSS:kernel-default-base-3.0.101-0.47.106.50.1.s390x", "SUSE Linux Enterprise Server 11 SP3-LTSS:kernel-default-base-3.0.101-0.47.106.50.1.x86_64", "SUSE Linux Enterprise Server 11 SP3-LTSS:kernel-default-devel-3.0.101-0.47.106.50.1.i586", "SUSE Linux Enterprise Server 11 SP3-LTSS:kernel-default-devel-3.0.101-0.47.106.50.1.s390x", "SUSE Linux Enterprise Server 11 SP3-LTSS:kernel-default-devel-3.0.101-0.47.106.50.1.x86_64", "SUSE Linux Enterprise Server 11 SP3-LTSS:kernel-default-man-3.0.101-0.47.106.50.1.s390x", "SUSE Linux Enterprise Server 11 SP3-LTSS:kernel-ec2-3.0.101-0.47.106.50.1.i586", "SUSE Linux Enterprise Server 11 SP3-LTSS:kernel-ec2-3.0.101-0.47.106.50.1.x86_64", "SUSE Linux Enterprise Server 11 SP3-LTSS:kernel-ec2-base-3.0.101-0.47.106.50.1.i586", "SUSE Linux Enterprise Server 11 SP3-LTSS:kernel-ec2-base-3.0.101-0.47.106.50.1.x86_64", "SUSE Linux Enterprise Server 11 SP3-LTSS:kernel-ec2-devel-3.0.101-0.47.106.50.1.i586", "SUSE Linux Enterprise Server 11 SP3-LTSS:kernel-ec2-devel-3.0.101-0.47.106.50.1.x86_64", "SUSE Linux Enterprise Server 11 SP3-LTSS:kernel-pae-3.0.101-0.47.106.50.1.i586", "SUSE Linux Enterprise Server 11 SP3-LTSS:kernel-pae-base-3.0.101-0.47.106.50.1.i586", "SUSE Linux Enterprise Server 11 SP3-LTSS:kernel-pae-devel-3.0.101-0.47.106.50.1.i586", "SUSE Linux Enterprise Server 11 SP3-LTSS:kernel-source-3.0.101-0.47.106.50.1.i586", "SUSE Linux Enterprise Server 11 SP3-LTSS:kernel-source-3.0.101-0.47.106.50.1.s390x", "SUSE Linux Enterprise Server 11 SP3-LTSS:kernel-source-3.0.101-0.47.106.50.1.x86_64", "SUSE Linux Enterprise Server 11 SP3-LTSS:kernel-syms-3.0.101-0.47.106.50.1.i586", "SUSE Linux Enterprise Server 11 SP3-LTSS:kernel-syms-3.0.101-0.47.106.50.1.s390x", "SUSE Linux Enterprise Server 11 SP3-LTSS:kernel-syms-3.0.101-0.47.106.50.1.x86_64", "SUSE Linux Enterprise Server 11 SP3-LTSS:kernel-trace-3.0.101-0.47.106.50.1.i586", "SUSE Linux Enterprise Server 11 SP3-LTSS:kernel-trace-3.0.101-0.47.106.50.1.s390x", "SUSE Linux Enterprise Server 11 SP3-LTSS:kernel-trace-3.0.101-0.47.106.50.1.x86_64", "SUSE Linux Enterprise Server 11 SP3-LTSS:kernel-trace-base-3.0.101-0.47.106.50.1.i586", "SUSE Linux Enterprise Server 11 SP3-LTSS:kernel-trace-base-3.0.101-0.47.106.50.1.s390x", "SUSE Linux Enterprise Server 11 SP3-LTSS:kernel-trace-base-3.0.101-0.47.106.50.1.x86_64", "SUSE Linux Enterprise Server 11 SP3-LTSS:kernel-trace-devel-3.0.101-0.47.106.50.1.i586", "SUSE Linux Enterprise Server 11 SP3-LTSS:kernel-trace-devel-3.0.101-0.47.106.50.1.s390x", "SUSE Linux Enterprise Server 11 SP3-LTSS:kernel-trace-devel-3.0.101-0.47.106.50.1.x86_64", "SUSE Linux Enterprise Server 11 SP3-LTSS:kernel-xen-3.0.101-0.47.106.50.1.i586", "SUSE Linux Enterprise Server 11 SP3-LTSS:kernel-xen-3.0.101-0.47.106.50.1.x86_64", "SUSE Linux Enterprise Server 11 SP3-LTSS:kernel-xen-base-3.0.101-0.47.106.50.1.i586", "SUSE Linux Enterprise Server 11 SP3-LTSS:kernel-xen-base-3.0.101-0.47.106.50.1.x86_64", "SUSE Linux Enterprise Server 11 SP3-LTSS:kernel-xen-devel-3.0.101-0.47.106.50.1.i586", "SUSE Linux Enterprise Server 11 SP3-LTSS:kernel-xen-devel-3.0.101-0.47.106.50.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2018-09-27T14:02:27Z", details: "moderate", }, ], title: "CVE-2018-10940", }, { cve: "CVE-2018-14634", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2018-14634", }, ], notes: [ { category: "general", text: "An integer overflow flaw was found in the Linux kernel's create_elf_tables() function. An unprivileged local user with access to SUID (or otherwise privileged) binary could use this flaw to escalate their privileges on the system. Kernel versions 2.6.x, 3.10.x and 4.14.x are believed to be vulnerable.", title: "CVE description", }, ], product_status: { recommended: [ "SUSE Linux Enterprise Point of Sale 11 SP3:kernel-default-3.0.101-0.47.106.50.1.i586", "SUSE Linux Enterprise Point of Sale 11 SP3:kernel-default-base-3.0.101-0.47.106.50.1.i586", "SUSE Linux Enterprise Point of Sale 11 SP3:kernel-default-devel-3.0.101-0.47.106.50.1.i586", "SUSE Linux Enterprise Point of Sale 11 SP3:kernel-ec2-3.0.101-0.47.106.50.1.i586", "SUSE Linux Enterprise Point of Sale 11 SP3:kernel-ec2-base-3.0.101-0.47.106.50.1.i586", "SUSE Linux Enterprise Point of Sale 11 SP3:kernel-ec2-devel-3.0.101-0.47.106.50.1.i586", "SUSE Linux Enterprise Point of Sale 11 SP3:kernel-pae-3.0.101-0.47.106.50.1.i586", "SUSE Linux Enterprise Point of Sale 11 SP3:kernel-pae-base-3.0.101-0.47.106.50.1.i586", "SUSE Linux Enterprise Point of Sale 11 SP3:kernel-pae-devel-3.0.101-0.47.106.50.1.i586", "SUSE Linux Enterprise Point of Sale 11 SP3:kernel-source-3.0.101-0.47.106.50.1.i586", "SUSE Linux Enterprise Point of Sale 11 SP3:kernel-syms-3.0.101-0.47.106.50.1.i586", "SUSE Linux Enterprise Point of Sale 11 SP3:kernel-trace-3.0.101-0.47.106.50.1.i586", "SUSE Linux Enterprise Point of Sale 11 SP3:kernel-trace-base-3.0.101-0.47.106.50.1.i586", "SUSE Linux Enterprise Point of Sale 11 SP3:kernel-trace-devel-3.0.101-0.47.106.50.1.i586", "SUSE Linux Enterprise Point of Sale 11 SP3:kernel-xen-3.0.101-0.47.106.50.1.i586", "SUSE Linux Enterprise Point of Sale 11 SP3:kernel-xen-base-3.0.101-0.47.106.50.1.i586", "SUSE Linux Enterprise Point of Sale 11 SP3:kernel-xen-devel-3.0.101-0.47.106.50.1.i586", "SUSE Linux Enterprise Server 11 SP3-LTSS:kernel-bigsmp-3.0.101-0.47.106.50.1.x86_64", "SUSE Linux Enterprise Server 11 SP3-LTSS:kernel-bigsmp-base-3.0.101-0.47.106.50.1.x86_64", "SUSE Linux Enterprise Server 11 SP3-LTSS:kernel-bigsmp-devel-3.0.101-0.47.106.50.1.x86_64", "SUSE Linux Enterprise Server 11 SP3-LTSS:kernel-default-3.0.101-0.47.106.50.1.i586", "SUSE Linux Enterprise Server 11 SP3-LTSS:kernel-default-3.0.101-0.47.106.50.1.s390x", "SUSE Linux Enterprise Server 11 SP3-LTSS:kernel-default-3.0.101-0.47.106.50.1.x86_64", "SUSE Linux Enterprise Server 11 SP3-LTSS:kernel-default-base-3.0.101-0.47.106.50.1.i586", "SUSE Linux Enterprise Server 11 SP3-LTSS:kernel-default-base-3.0.101-0.47.106.50.1.s390x", "SUSE Linux Enterprise Server 11 SP3-LTSS:kernel-default-base-3.0.101-0.47.106.50.1.x86_64", "SUSE Linux Enterprise Server 11 SP3-LTSS:kernel-default-devel-3.0.101-0.47.106.50.1.i586", "SUSE Linux Enterprise Server 11 SP3-LTSS:kernel-default-devel-3.0.101-0.47.106.50.1.s390x", "SUSE Linux Enterprise Server 11 SP3-LTSS:kernel-default-devel-3.0.101-0.47.106.50.1.x86_64", "SUSE Linux Enterprise Server 11 SP3-LTSS:kernel-default-man-3.0.101-0.47.106.50.1.s390x", "SUSE Linux Enterprise Server 11 SP3-LTSS:kernel-ec2-3.0.101-0.47.106.50.1.i586", "SUSE Linux Enterprise Server 11 SP3-LTSS:kernel-ec2-3.0.101-0.47.106.50.1.x86_64", "SUSE Linux Enterprise Server 11 SP3-LTSS:kernel-ec2-base-3.0.101-0.47.106.50.1.i586", "SUSE Linux Enterprise Server 11 SP3-LTSS:kernel-ec2-base-3.0.101-0.47.106.50.1.x86_64", "SUSE Linux Enterprise Server 11 SP3-LTSS:kernel-ec2-devel-3.0.101-0.47.106.50.1.i586", "SUSE Linux Enterprise Server 11 SP3-LTSS:kernel-ec2-devel-3.0.101-0.47.106.50.1.x86_64", "SUSE Linux Enterprise Server 11 SP3-LTSS:kernel-pae-3.0.101-0.47.106.50.1.i586", "SUSE Linux Enterprise Server 11 SP3-LTSS:kernel-pae-base-3.0.101-0.47.106.50.1.i586", "SUSE Linux Enterprise Server 11 SP3-LTSS:kernel-pae-devel-3.0.101-0.47.106.50.1.i586", "SUSE Linux Enterprise Server 11 SP3-LTSS:kernel-source-3.0.101-0.47.106.50.1.i586", "SUSE Linux Enterprise Server 11 SP3-LTSS:kernel-source-3.0.101-0.47.106.50.1.s390x", "SUSE Linux Enterprise Server 11 SP3-LTSS:kernel-source-3.0.101-0.47.106.50.1.x86_64", "SUSE Linux Enterprise Server 11 SP3-LTSS:kernel-syms-3.0.101-0.47.106.50.1.i586", "SUSE Linux Enterprise Server 11 SP3-LTSS:kernel-syms-3.0.101-0.47.106.50.1.s390x", "SUSE Linux Enterprise Server 11 SP3-LTSS:kernel-syms-3.0.101-0.47.106.50.1.x86_64", "SUSE Linux Enterprise Server 11 SP3-LTSS:kernel-trace-3.0.101-0.47.106.50.1.i586", "SUSE Linux Enterprise Server 11 SP3-LTSS:kernel-trace-3.0.101-0.47.106.50.1.s390x", "SUSE Linux Enterprise Server 11 SP3-LTSS:kernel-trace-3.0.101-0.47.106.50.1.x86_64", "SUSE Linux Enterprise Server 11 SP3-LTSS:kernel-trace-base-3.0.101-0.47.106.50.1.i586", "SUSE Linux Enterprise Server 11 SP3-LTSS:kernel-trace-base-3.0.101-0.47.106.50.1.s390x", "SUSE Linux Enterprise Server 11 SP3-LTSS:kernel-trace-base-3.0.101-0.47.106.50.1.x86_64", "SUSE Linux Enterprise Server 11 SP3-LTSS:kernel-trace-devel-3.0.101-0.47.106.50.1.i586", "SUSE Linux Enterprise Server 11 SP3-LTSS:kernel-trace-devel-3.0.101-0.47.106.50.1.s390x", "SUSE Linux Enterprise Server 11 SP3-LTSS:kernel-trace-devel-3.0.101-0.47.106.50.1.x86_64", "SUSE Linux Enterprise Server 11 SP3-LTSS:kernel-xen-3.0.101-0.47.106.50.1.i586", "SUSE Linux Enterprise Server 11 SP3-LTSS:kernel-xen-3.0.101-0.47.106.50.1.x86_64", "SUSE Linux Enterprise Server 11 SP3-LTSS:kernel-xen-base-3.0.101-0.47.106.50.1.i586", "SUSE Linux Enterprise Server 11 SP3-LTSS:kernel-xen-base-3.0.101-0.47.106.50.1.x86_64", "SUSE Linux Enterprise Server 11 SP3-LTSS:kernel-xen-devel-3.0.101-0.47.106.50.1.i586", "SUSE Linux Enterprise Server 11 SP3-LTSS:kernel-xen-devel-3.0.101-0.47.106.50.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2018-14634", url: "https://www.suse.com/security/cve/CVE-2018-14634", }, { category: "external", summary: "SUSE Bug 1108912 for CVE-2018-14634", url: "https://bugzilla.suse.com/1108912", }, { category: "external", summary: "SUSE Bug 1108963 for CVE-2018-14634", url: "https://bugzilla.suse.com/1108963", }, { category: "external", summary: "SUSE Bug 1115893 for CVE-2018-14634", url: "https://bugzilla.suse.com/1115893", }, { category: "external", summary: "SUSE Bug 1120323 for CVE-2018-14634", url: "https://bugzilla.suse.com/1120323", }, { category: "external", summary: "SUSE Bug 1122265 for CVE-2018-14634", url: "https://bugzilla.suse.com/1122265", }, { category: "external", summary: "SUSE Bug 1188063 for CVE-2018-14634", url: "https://bugzilla.suse.com/1188063", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE Linux Enterprise Point of Sale 11 SP3:kernel-default-3.0.101-0.47.106.50.1.i586", "SUSE Linux Enterprise Point of Sale 11 SP3:kernel-default-base-3.0.101-0.47.106.50.1.i586", "SUSE Linux Enterprise Point of Sale 11 SP3:kernel-default-devel-3.0.101-0.47.106.50.1.i586", "SUSE Linux Enterprise Point of Sale 11 SP3:kernel-ec2-3.0.101-0.47.106.50.1.i586", "SUSE Linux Enterprise Point of Sale 11 SP3:kernel-ec2-base-3.0.101-0.47.106.50.1.i586", "SUSE Linux Enterprise Point of Sale 11 SP3:kernel-ec2-devel-3.0.101-0.47.106.50.1.i586", "SUSE Linux Enterprise Point of Sale 11 SP3:kernel-pae-3.0.101-0.47.106.50.1.i586", "SUSE Linux Enterprise Point of Sale 11 SP3:kernel-pae-base-3.0.101-0.47.106.50.1.i586", "SUSE Linux Enterprise Point of Sale 11 SP3:kernel-pae-devel-3.0.101-0.47.106.50.1.i586", "SUSE Linux Enterprise Point of Sale 11 SP3:kernel-source-3.0.101-0.47.106.50.1.i586", "SUSE Linux Enterprise Point of Sale 11 SP3:kernel-syms-3.0.101-0.47.106.50.1.i586", "SUSE Linux Enterprise Point of Sale 11 SP3:kernel-trace-3.0.101-0.47.106.50.1.i586", "SUSE Linux Enterprise Point of Sale 11 SP3:kernel-trace-base-3.0.101-0.47.106.50.1.i586", "SUSE Linux Enterprise Point of Sale 11 SP3:kernel-trace-devel-3.0.101-0.47.106.50.1.i586", "SUSE Linux Enterprise Point of Sale 11 SP3:kernel-xen-3.0.101-0.47.106.50.1.i586", "SUSE Linux Enterprise Point of Sale 11 SP3:kernel-xen-base-3.0.101-0.47.106.50.1.i586", "SUSE Linux Enterprise Point of Sale 11 SP3:kernel-xen-devel-3.0.101-0.47.106.50.1.i586", "SUSE Linux Enterprise Server 11 SP3-LTSS:kernel-bigsmp-3.0.101-0.47.106.50.1.x86_64", "SUSE Linux Enterprise Server 11 SP3-LTSS:kernel-bigsmp-base-3.0.101-0.47.106.50.1.x86_64", "SUSE Linux Enterprise Server 11 SP3-LTSS:kernel-bigsmp-devel-3.0.101-0.47.106.50.1.x86_64", "SUSE Linux Enterprise Server 11 SP3-LTSS:kernel-default-3.0.101-0.47.106.50.1.i586", "SUSE Linux Enterprise Server 11 SP3-LTSS:kernel-default-3.0.101-0.47.106.50.1.s390x", "SUSE Linux Enterprise Server 11 SP3-LTSS:kernel-default-3.0.101-0.47.106.50.1.x86_64", "SUSE Linux Enterprise Server 11 SP3-LTSS:kernel-default-base-3.0.101-0.47.106.50.1.i586", "SUSE Linux Enterprise Server 11 SP3-LTSS:kernel-default-base-3.0.101-0.47.106.50.1.s390x", "SUSE Linux Enterprise Server 11 SP3-LTSS:kernel-default-base-3.0.101-0.47.106.50.1.x86_64", "SUSE Linux Enterprise Server 11 SP3-LTSS:kernel-default-devel-3.0.101-0.47.106.50.1.i586", "SUSE Linux Enterprise Server 11 SP3-LTSS:kernel-default-devel-3.0.101-0.47.106.50.1.s390x", "SUSE Linux Enterprise Server 11 SP3-LTSS:kernel-default-devel-3.0.101-0.47.106.50.1.x86_64", "SUSE Linux Enterprise Server 11 SP3-LTSS:kernel-default-man-3.0.101-0.47.106.50.1.s390x", "SUSE Linux Enterprise Server 11 SP3-LTSS:kernel-ec2-3.0.101-0.47.106.50.1.i586", "SUSE Linux Enterprise Server 11 SP3-LTSS:kernel-ec2-3.0.101-0.47.106.50.1.x86_64", "SUSE Linux Enterprise Server 11 SP3-LTSS:kernel-ec2-base-3.0.101-0.47.106.50.1.i586", "SUSE Linux Enterprise Server 11 SP3-LTSS:kernel-ec2-base-3.0.101-0.47.106.50.1.x86_64", "SUSE Linux Enterprise Server 11 SP3-LTSS:kernel-ec2-devel-3.0.101-0.47.106.50.1.i586", "SUSE Linux Enterprise Server 11 SP3-LTSS:kernel-ec2-devel-3.0.101-0.47.106.50.1.x86_64", "SUSE Linux Enterprise Server 11 SP3-LTSS:kernel-pae-3.0.101-0.47.106.50.1.i586", "SUSE Linux Enterprise Server 11 SP3-LTSS:kernel-pae-base-3.0.101-0.47.106.50.1.i586", "SUSE Linux Enterprise Server 11 SP3-LTSS:kernel-pae-devel-3.0.101-0.47.106.50.1.i586", "SUSE Linux Enterprise Server 11 SP3-LTSS:kernel-source-3.0.101-0.47.106.50.1.i586", "SUSE Linux Enterprise Server 11 SP3-LTSS:kernel-source-3.0.101-0.47.106.50.1.s390x", "SUSE Linux Enterprise Server 11 SP3-LTSS:kernel-source-3.0.101-0.47.106.50.1.x86_64", "SUSE Linux Enterprise Server 11 SP3-LTSS:kernel-syms-3.0.101-0.47.106.50.1.i586", "SUSE Linux Enterprise Server 11 SP3-LTSS:kernel-syms-3.0.101-0.47.106.50.1.s390x", "SUSE Linux Enterprise Server 11 SP3-LTSS:kernel-syms-3.0.101-0.47.106.50.1.x86_64", "SUSE Linux Enterprise Server 11 SP3-LTSS:kernel-trace-3.0.101-0.47.106.50.1.i586", "SUSE Linux Enterprise Server 11 SP3-LTSS:kernel-trace-3.0.101-0.47.106.50.1.s390x", "SUSE Linux Enterprise Server 11 SP3-LTSS:kernel-trace-3.0.101-0.47.106.50.1.x86_64", "SUSE Linux Enterprise Server 11 SP3-LTSS:kernel-trace-base-3.0.101-0.47.106.50.1.i586", "SUSE Linux Enterprise Server 11 SP3-LTSS:kernel-trace-base-3.0.101-0.47.106.50.1.s390x", "SUSE Linux Enterprise Server 11 SP3-LTSS:kernel-trace-base-3.0.101-0.47.106.50.1.x86_64", "SUSE Linux Enterprise Server 11 SP3-LTSS:kernel-trace-devel-3.0.101-0.47.106.50.1.i586", "SUSE Linux Enterprise Server 11 SP3-LTSS:kernel-trace-devel-3.0.101-0.47.106.50.1.s390x", "SUSE Linux Enterprise Server 11 SP3-LTSS:kernel-trace-devel-3.0.101-0.47.106.50.1.x86_64", "SUSE Linux Enterprise Server 11 SP3-LTSS:kernel-xen-3.0.101-0.47.106.50.1.i586", "SUSE Linux Enterprise Server 11 SP3-LTSS:kernel-xen-3.0.101-0.47.106.50.1.x86_64", "SUSE Linux Enterprise Server 11 SP3-LTSS:kernel-xen-base-3.0.101-0.47.106.50.1.i586", "SUSE Linux Enterprise Server 11 SP3-LTSS:kernel-xen-base-3.0.101-0.47.106.50.1.x86_64", "SUSE Linux Enterprise Server 11 SP3-LTSS:kernel-xen-devel-3.0.101-0.47.106.50.1.i586", "SUSE Linux Enterprise Server 11 SP3-LTSS:kernel-xen-devel-3.0.101-0.47.106.50.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 7.8, baseSeverity: "HIGH", vectorString: "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", version: "3.0", }, products: [ "SUSE Linux Enterprise Point of Sale 11 SP3:kernel-default-3.0.101-0.47.106.50.1.i586", "SUSE Linux Enterprise Point of Sale 11 SP3:kernel-default-base-3.0.101-0.47.106.50.1.i586", "SUSE Linux Enterprise Point of Sale 11 SP3:kernel-default-devel-3.0.101-0.47.106.50.1.i586", "SUSE Linux Enterprise Point of Sale 11 SP3:kernel-ec2-3.0.101-0.47.106.50.1.i586", "SUSE Linux Enterprise Point of Sale 11 SP3:kernel-ec2-base-3.0.101-0.47.106.50.1.i586", "SUSE Linux Enterprise Point of Sale 11 SP3:kernel-ec2-devel-3.0.101-0.47.106.50.1.i586", "SUSE Linux Enterprise Point of Sale 11 SP3:kernel-pae-3.0.101-0.47.106.50.1.i586", "SUSE Linux Enterprise Point of Sale 11 SP3:kernel-pae-base-3.0.101-0.47.106.50.1.i586", "SUSE Linux Enterprise Point of Sale 11 SP3:kernel-pae-devel-3.0.101-0.47.106.50.1.i586", "SUSE Linux Enterprise Point of Sale 11 SP3:kernel-source-3.0.101-0.47.106.50.1.i586", "SUSE Linux Enterprise Point of Sale 11 SP3:kernel-syms-3.0.101-0.47.106.50.1.i586", "SUSE Linux Enterprise Point of Sale 11 SP3:kernel-trace-3.0.101-0.47.106.50.1.i586", "SUSE Linux Enterprise Point of Sale 11 SP3:kernel-trace-base-3.0.101-0.47.106.50.1.i586", "SUSE Linux Enterprise Point of Sale 11 SP3:kernel-trace-devel-3.0.101-0.47.106.50.1.i586", "SUSE Linux Enterprise Point of Sale 11 SP3:kernel-xen-3.0.101-0.47.106.50.1.i586", "SUSE Linux Enterprise Point of Sale 11 SP3:kernel-xen-base-3.0.101-0.47.106.50.1.i586", "SUSE Linux Enterprise Point of Sale 11 SP3:kernel-xen-devel-3.0.101-0.47.106.50.1.i586", "SUSE Linux Enterprise Server 11 SP3-LTSS:kernel-bigsmp-3.0.101-0.47.106.50.1.x86_64", "SUSE Linux Enterprise Server 11 SP3-LTSS:kernel-bigsmp-base-3.0.101-0.47.106.50.1.x86_64", "SUSE Linux Enterprise Server 11 SP3-LTSS:kernel-bigsmp-devel-3.0.101-0.47.106.50.1.x86_64", "SUSE Linux Enterprise Server 11 SP3-LTSS:kernel-default-3.0.101-0.47.106.50.1.i586", "SUSE Linux Enterprise Server 11 SP3-LTSS:kernel-default-3.0.101-0.47.106.50.1.s390x", "SUSE Linux Enterprise Server 11 SP3-LTSS:kernel-default-3.0.101-0.47.106.50.1.x86_64", "SUSE Linux Enterprise Server 11 SP3-LTSS:kernel-default-base-3.0.101-0.47.106.50.1.i586", "SUSE Linux Enterprise Server 11 SP3-LTSS:kernel-default-base-3.0.101-0.47.106.50.1.s390x", "SUSE Linux Enterprise Server 11 SP3-LTSS:kernel-default-base-3.0.101-0.47.106.50.1.x86_64", "SUSE Linux Enterprise Server 11 SP3-LTSS:kernel-default-devel-3.0.101-0.47.106.50.1.i586", "SUSE Linux Enterprise Server 11 SP3-LTSS:kernel-default-devel-3.0.101-0.47.106.50.1.s390x", "SUSE Linux Enterprise Server 11 SP3-LTSS:kernel-default-devel-3.0.101-0.47.106.50.1.x86_64", "SUSE Linux Enterprise Server 11 SP3-LTSS:kernel-default-man-3.0.101-0.47.106.50.1.s390x", "SUSE Linux Enterprise Server 11 SP3-LTSS:kernel-ec2-3.0.101-0.47.106.50.1.i586", "SUSE Linux Enterprise Server 11 SP3-LTSS:kernel-ec2-3.0.101-0.47.106.50.1.x86_64", "SUSE Linux Enterprise Server 11 SP3-LTSS:kernel-ec2-base-3.0.101-0.47.106.50.1.i586", "SUSE Linux Enterprise Server 11 SP3-LTSS:kernel-ec2-base-3.0.101-0.47.106.50.1.x86_64", "SUSE Linux Enterprise Server 11 SP3-LTSS:kernel-ec2-devel-3.0.101-0.47.106.50.1.i586", "SUSE Linux Enterprise Server 11 SP3-LTSS:kernel-ec2-devel-3.0.101-0.47.106.50.1.x86_64", "SUSE Linux Enterprise Server 11 SP3-LTSS:kernel-pae-3.0.101-0.47.106.50.1.i586", "SUSE Linux Enterprise Server 11 SP3-LTSS:kernel-pae-base-3.0.101-0.47.106.50.1.i586", "SUSE Linux Enterprise Server 11 SP3-LTSS:kernel-pae-devel-3.0.101-0.47.106.50.1.i586", "SUSE Linux Enterprise Server 11 SP3-LTSS:kernel-source-3.0.101-0.47.106.50.1.i586", "SUSE Linux Enterprise Server 11 SP3-LTSS:kernel-source-3.0.101-0.47.106.50.1.s390x", "SUSE Linux Enterprise Server 11 SP3-LTSS:kernel-source-3.0.101-0.47.106.50.1.x86_64", "SUSE Linux Enterprise Server 11 SP3-LTSS:kernel-syms-3.0.101-0.47.106.50.1.i586", "SUSE Linux Enterprise Server 11 SP3-LTSS:kernel-syms-3.0.101-0.47.106.50.1.s390x", "SUSE Linux Enterprise Server 11 SP3-LTSS:kernel-syms-3.0.101-0.47.106.50.1.x86_64", "SUSE Linux Enterprise Server 11 SP3-LTSS:kernel-trace-3.0.101-0.47.106.50.1.i586", "SUSE Linux Enterprise Server 11 SP3-LTSS:kernel-trace-3.0.101-0.47.106.50.1.s390x", "SUSE Linux Enterprise Server 11 SP3-LTSS:kernel-trace-3.0.101-0.47.106.50.1.x86_64", "SUSE Linux Enterprise Server 11 SP3-LTSS:kernel-trace-base-3.0.101-0.47.106.50.1.i586", "SUSE Linux Enterprise Server 11 SP3-LTSS:kernel-trace-base-3.0.101-0.47.106.50.1.s390x", "SUSE Linux Enterprise Server 11 SP3-LTSS:kernel-trace-base-3.0.101-0.47.106.50.1.x86_64", "SUSE Linux Enterprise Server 11 SP3-LTSS:kernel-trace-devel-3.0.101-0.47.106.50.1.i586", "SUSE Linux Enterprise Server 11 SP3-LTSS:kernel-trace-devel-3.0.101-0.47.106.50.1.s390x", "SUSE Linux Enterprise Server 11 SP3-LTSS:kernel-trace-devel-3.0.101-0.47.106.50.1.x86_64", "SUSE Linux Enterprise Server 11 SP3-LTSS:kernel-xen-3.0.101-0.47.106.50.1.i586", "SUSE Linux Enterprise Server 11 SP3-LTSS:kernel-xen-3.0.101-0.47.106.50.1.x86_64", "SUSE Linux Enterprise Server 11 SP3-LTSS:kernel-xen-base-3.0.101-0.47.106.50.1.i586", "SUSE Linux Enterprise Server 11 SP3-LTSS:kernel-xen-base-3.0.101-0.47.106.50.1.x86_64", "SUSE Linux Enterprise Server 11 SP3-LTSS:kernel-xen-devel-3.0.101-0.47.106.50.1.i586", "SUSE Linux Enterprise Server 11 SP3-LTSS:kernel-xen-devel-3.0.101-0.47.106.50.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2018-09-27T14:02:27Z", details: "important", }, ], title: "CVE-2018-14634", }, { cve: "CVE-2018-14734", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2018-14734", }, ], notes: [ { category: "general", text: "drivers/infiniband/core/ucma.c in the Linux kernel through 4.17.11 allows ucma_leave_multicast to access a certain data structure after a cleanup step in ucma_process_join, which allows attackers to cause a denial of service (use-after-free).", title: "CVE description", }, ], product_status: { recommended: [ "SUSE Linux Enterprise Point of Sale 11 SP3:kernel-default-3.0.101-0.47.106.50.1.i586", "SUSE Linux Enterprise Point of Sale 11 SP3:kernel-default-base-3.0.101-0.47.106.50.1.i586", "SUSE Linux Enterprise Point of Sale 11 SP3:kernel-default-devel-3.0.101-0.47.106.50.1.i586", "SUSE Linux Enterprise Point of Sale 11 SP3:kernel-ec2-3.0.101-0.47.106.50.1.i586", "SUSE Linux Enterprise Point of Sale 11 SP3:kernel-ec2-base-3.0.101-0.47.106.50.1.i586", "SUSE Linux Enterprise Point of Sale 11 SP3:kernel-ec2-devel-3.0.101-0.47.106.50.1.i586", "SUSE Linux Enterprise Point of Sale 11 SP3:kernel-pae-3.0.101-0.47.106.50.1.i586", "SUSE Linux Enterprise Point of Sale 11 SP3:kernel-pae-base-3.0.101-0.47.106.50.1.i586", "SUSE Linux Enterprise Point of Sale 11 SP3:kernel-pae-devel-3.0.101-0.47.106.50.1.i586", "SUSE Linux Enterprise Point of Sale 11 SP3:kernel-source-3.0.101-0.47.106.50.1.i586", "SUSE Linux Enterprise Point of Sale 11 SP3:kernel-syms-3.0.101-0.47.106.50.1.i586", "SUSE Linux Enterprise Point of Sale 11 SP3:kernel-trace-3.0.101-0.47.106.50.1.i586", "SUSE Linux Enterprise Point of Sale 11 SP3:kernel-trace-base-3.0.101-0.47.106.50.1.i586", "SUSE Linux Enterprise Point of Sale 11 SP3:kernel-trace-devel-3.0.101-0.47.106.50.1.i586", "SUSE Linux Enterprise Point of Sale 11 SP3:kernel-xen-3.0.101-0.47.106.50.1.i586", "SUSE Linux Enterprise Point of Sale 11 SP3:kernel-xen-base-3.0.101-0.47.106.50.1.i586", "SUSE Linux Enterprise Point of Sale 11 SP3:kernel-xen-devel-3.0.101-0.47.106.50.1.i586", "SUSE Linux Enterprise Server 11 SP3-LTSS:kernel-bigsmp-3.0.101-0.47.106.50.1.x86_64", "SUSE Linux Enterprise Server 11 SP3-LTSS:kernel-bigsmp-base-3.0.101-0.47.106.50.1.x86_64", "SUSE Linux Enterprise Server 11 SP3-LTSS:kernel-bigsmp-devel-3.0.101-0.47.106.50.1.x86_64", "SUSE Linux Enterprise Server 11 SP3-LTSS:kernel-default-3.0.101-0.47.106.50.1.i586", "SUSE Linux Enterprise Server 11 SP3-LTSS:kernel-default-3.0.101-0.47.106.50.1.s390x", "SUSE Linux Enterprise Server 11 SP3-LTSS:kernel-default-3.0.101-0.47.106.50.1.x86_64", "SUSE Linux Enterprise Server 11 SP3-LTSS:kernel-default-base-3.0.101-0.47.106.50.1.i586", "SUSE Linux Enterprise Server 11 SP3-LTSS:kernel-default-base-3.0.101-0.47.106.50.1.s390x", "SUSE Linux Enterprise Server 11 SP3-LTSS:kernel-default-base-3.0.101-0.47.106.50.1.x86_64", "SUSE Linux Enterprise Server 11 SP3-LTSS:kernel-default-devel-3.0.101-0.47.106.50.1.i586", "SUSE Linux Enterprise Server 11 SP3-LTSS:kernel-default-devel-3.0.101-0.47.106.50.1.s390x", "SUSE Linux Enterprise Server 11 SP3-LTSS:kernel-default-devel-3.0.101-0.47.106.50.1.x86_64", "SUSE Linux Enterprise Server 11 SP3-LTSS:kernel-default-man-3.0.101-0.47.106.50.1.s390x", "SUSE Linux Enterprise Server 11 SP3-LTSS:kernel-ec2-3.0.101-0.47.106.50.1.i586", "SUSE Linux Enterprise Server 11 SP3-LTSS:kernel-ec2-3.0.101-0.47.106.50.1.x86_64", "SUSE Linux Enterprise Server 11 SP3-LTSS:kernel-ec2-base-3.0.101-0.47.106.50.1.i586", "SUSE Linux Enterprise Server 11 SP3-LTSS:kernel-ec2-base-3.0.101-0.47.106.50.1.x86_64", "SUSE Linux Enterprise Server 11 SP3-LTSS:kernel-ec2-devel-3.0.101-0.47.106.50.1.i586", "SUSE Linux Enterprise Server 11 SP3-LTSS:kernel-ec2-devel-3.0.101-0.47.106.50.1.x86_64", "SUSE Linux Enterprise Server 11 SP3-LTSS:kernel-pae-3.0.101-0.47.106.50.1.i586", "SUSE Linux Enterprise Server 11 SP3-LTSS:kernel-pae-base-3.0.101-0.47.106.50.1.i586", "SUSE Linux Enterprise Server 11 SP3-LTSS:kernel-pae-devel-3.0.101-0.47.106.50.1.i586", "SUSE Linux Enterprise Server 11 SP3-LTSS:kernel-source-3.0.101-0.47.106.50.1.i586", "SUSE Linux Enterprise Server 11 SP3-LTSS:kernel-source-3.0.101-0.47.106.50.1.s390x", "SUSE Linux Enterprise Server 11 SP3-LTSS:kernel-source-3.0.101-0.47.106.50.1.x86_64", "SUSE Linux Enterprise Server 11 SP3-LTSS:kernel-syms-3.0.101-0.47.106.50.1.i586", "SUSE Linux Enterprise Server 11 SP3-LTSS:kernel-syms-3.0.101-0.47.106.50.1.s390x", "SUSE Linux Enterprise Server 11 SP3-LTSS:kernel-syms-3.0.101-0.47.106.50.1.x86_64", "SUSE Linux Enterprise Server 11 SP3-LTSS:kernel-trace-3.0.101-0.47.106.50.1.i586", "SUSE Linux Enterprise Server 11 SP3-LTSS:kernel-trace-3.0.101-0.47.106.50.1.s390x", "SUSE Linux Enterprise Server 11 SP3-LTSS:kernel-trace-3.0.101-0.47.106.50.1.x86_64", "SUSE Linux Enterprise Server 11 SP3-LTSS:kernel-trace-base-3.0.101-0.47.106.50.1.i586", "SUSE Linux Enterprise Server 11 SP3-LTSS:kernel-trace-base-3.0.101-0.47.106.50.1.s390x", "SUSE Linux Enterprise Server 11 SP3-LTSS:kernel-trace-base-3.0.101-0.47.106.50.1.x86_64", "SUSE Linux Enterprise Server 11 SP3-LTSS:kernel-trace-devel-3.0.101-0.47.106.50.1.i586", "SUSE Linux Enterprise Server 11 SP3-LTSS:kernel-trace-devel-3.0.101-0.47.106.50.1.s390x", "SUSE Linux Enterprise Server 11 SP3-LTSS:kernel-trace-devel-3.0.101-0.47.106.50.1.x86_64", "SUSE Linux Enterprise Server 11 SP3-LTSS:kernel-xen-3.0.101-0.47.106.50.1.i586", "SUSE Linux Enterprise Server 11 SP3-LTSS:kernel-xen-3.0.101-0.47.106.50.1.x86_64", "SUSE Linux Enterprise Server 11 SP3-LTSS:kernel-xen-base-3.0.101-0.47.106.50.1.i586", "SUSE Linux Enterprise Server 11 SP3-LTSS:kernel-xen-base-3.0.101-0.47.106.50.1.x86_64", "SUSE Linux Enterprise Server 11 SP3-LTSS:kernel-xen-devel-3.0.101-0.47.106.50.1.i586", "SUSE Linux Enterprise Server 11 SP3-LTSS:kernel-xen-devel-3.0.101-0.47.106.50.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2018-14734", url: "https://www.suse.com/security/cve/CVE-2018-14734", }, { category: "external", summary: "SUSE Bug 1103119 for CVE-2018-14734", url: "https://bugzilla.suse.com/1103119", }, { category: "external", summary: "SUSE Bug 1131390 for CVE-2018-14734", url: "https://bugzilla.suse.com/1131390", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE Linux Enterprise Point of Sale 11 SP3:kernel-default-3.0.101-0.47.106.50.1.i586", "SUSE Linux Enterprise Point of Sale 11 SP3:kernel-default-base-3.0.101-0.47.106.50.1.i586", "SUSE Linux Enterprise Point of Sale 11 SP3:kernel-default-devel-3.0.101-0.47.106.50.1.i586", "SUSE Linux Enterprise Point of Sale 11 SP3:kernel-ec2-3.0.101-0.47.106.50.1.i586", "SUSE Linux Enterprise Point of Sale 11 SP3:kernel-ec2-base-3.0.101-0.47.106.50.1.i586", "SUSE Linux Enterprise Point of Sale 11 SP3:kernel-ec2-devel-3.0.101-0.47.106.50.1.i586", "SUSE Linux Enterprise Point of Sale 11 SP3:kernel-pae-3.0.101-0.47.106.50.1.i586", "SUSE Linux Enterprise Point of Sale 11 SP3:kernel-pae-base-3.0.101-0.47.106.50.1.i586", "SUSE Linux Enterprise Point of Sale 11 SP3:kernel-pae-devel-3.0.101-0.47.106.50.1.i586", "SUSE Linux Enterprise Point of Sale 11 SP3:kernel-source-3.0.101-0.47.106.50.1.i586", "SUSE Linux Enterprise Point of Sale 11 SP3:kernel-syms-3.0.101-0.47.106.50.1.i586", "SUSE Linux Enterprise Point of Sale 11 SP3:kernel-trace-3.0.101-0.47.106.50.1.i586", "SUSE Linux Enterprise Point of Sale 11 SP3:kernel-trace-base-3.0.101-0.47.106.50.1.i586", "SUSE Linux Enterprise Point of Sale 11 SP3:kernel-trace-devel-3.0.101-0.47.106.50.1.i586", "SUSE Linux Enterprise Point of Sale 11 SP3:kernel-xen-3.0.101-0.47.106.50.1.i586", "SUSE Linux Enterprise Point of Sale 11 SP3:kernel-xen-base-3.0.101-0.47.106.50.1.i586", "SUSE Linux Enterprise Point of Sale 11 SP3:kernel-xen-devel-3.0.101-0.47.106.50.1.i586", "SUSE Linux Enterprise Server 11 SP3-LTSS:kernel-bigsmp-3.0.101-0.47.106.50.1.x86_64", "SUSE Linux Enterprise Server 11 SP3-LTSS:kernel-bigsmp-base-3.0.101-0.47.106.50.1.x86_64", "SUSE Linux Enterprise Server 11 SP3-LTSS:kernel-bigsmp-devel-3.0.101-0.47.106.50.1.x86_64", "SUSE Linux Enterprise Server 11 SP3-LTSS:kernel-default-3.0.101-0.47.106.50.1.i586", "SUSE Linux Enterprise Server 11 SP3-LTSS:kernel-default-3.0.101-0.47.106.50.1.s390x", "SUSE Linux Enterprise Server 11 SP3-LTSS:kernel-default-3.0.101-0.47.106.50.1.x86_64", "SUSE Linux Enterprise Server 11 SP3-LTSS:kernel-default-base-3.0.101-0.47.106.50.1.i586", "SUSE Linux Enterprise Server 11 SP3-LTSS:kernel-default-base-3.0.101-0.47.106.50.1.s390x", "SUSE Linux Enterprise Server 11 SP3-LTSS:kernel-default-base-3.0.101-0.47.106.50.1.x86_64", "SUSE Linux Enterprise Server 11 SP3-LTSS:kernel-default-devel-3.0.101-0.47.106.50.1.i586", "SUSE Linux Enterprise Server 11 SP3-LTSS:kernel-default-devel-3.0.101-0.47.106.50.1.s390x", "SUSE Linux Enterprise Server 11 SP3-LTSS:kernel-default-devel-3.0.101-0.47.106.50.1.x86_64", "SUSE Linux Enterprise Server 11 SP3-LTSS:kernel-default-man-3.0.101-0.47.106.50.1.s390x", "SUSE Linux Enterprise Server 11 SP3-LTSS:kernel-ec2-3.0.101-0.47.106.50.1.i586", "SUSE Linux Enterprise Server 11 SP3-LTSS:kernel-ec2-3.0.101-0.47.106.50.1.x86_64", "SUSE Linux Enterprise Server 11 SP3-LTSS:kernel-ec2-base-3.0.101-0.47.106.50.1.i586", "SUSE Linux Enterprise Server 11 SP3-LTSS:kernel-ec2-base-3.0.101-0.47.106.50.1.x86_64", "SUSE Linux Enterprise Server 11 SP3-LTSS:kernel-ec2-devel-3.0.101-0.47.106.50.1.i586", "SUSE Linux Enterprise Server 11 SP3-LTSS:kernel-ec2-devel-3.0.101-0.47.106.50.1.x86_64", "SUSE Linux Enterprise Server 11 SP3-LTSS:kernel-pae-3.0.101-0.47.106.50.1.i586", "SUSE Linux Enterprise Server 11 SP3-LTSS:kernel-pae-base-3.0.101-0.47.106.50.1.i586", "SUSE Linux Enterprise Server 11 SP3-LTSS:kernel-pae-devel-3.0.101-0.47.106.50.1.i586", "SUSE Linux Enterprise Server 11 SP3-LTSS:kernel-source-3.0.101-0.47.106.50.1.i586", "SUSE Linux Enterprise Server 11 SP3-LTSS:kernel-source-3.0.101-0.47.106.50.1.s390x", "SUSE Linux Enterprise Server 11 SP3-LTSS:kernel-source-3.0.101-0.47.106.50.1.x86_64", "SUSE Linux Enterprise Server 11 SP3-LTSS:kernel-syms-3.0.101-0.47.106.50.1.i586", "SUSE Linux Enterprise Server 11 SP3-LTSS:kernel-syms-3.0.101-0.47.106.50.1.s390x", "SUSE Linux Enterprise Server 11 SP3-LTSS:kernel-syms-3.0.101-0.47.106.50.1.x86_64", "SUSE Linux Enterprise Server 11 SP3-LTSS:kernel-trace-3.0.101-0.47.106.50.1.i586", "SUSE Linux Enterprise Server 11 SP3-LTSS:kernel-trace-3.0.101-0.47.106.50.1.s390x", "SUSE Linux Enterprise Server 11 SP3-LTSS:kernel-trace-3.0.101-0.47.106.50.1.x86_64", "SUSE Linux Enterprise Server 11 SP3-LTSS:kernel-trace-base-3.0.101-0.47.106.50.1.i586", "SUSE Linux Enterprise Server 11 SP3-LTSS:kernel-trace-base-3.0.101-0.47.106.50.1.s390x", "SUSE Linux Enterprise Server 11 SP3-LTSS:kernel-trace-base-3.0.101-0.47.106.50.1.x86_64", "SUSE Linux Enterprise Server 11 SP3-LTSS:kernel-trace-devel-3.0.101-0.47.106.50.1.i586", "SUSE Linux Enterprise Server 11 SP3-LTSS:kernel-trace-devel-3.0.101-0.47.106.50.1.s390x", "SUSE Linux Enterprise Server 11 SP3-LTSS:kernel-trace-devel-3.0.101-0.47.106.50.1.x86_64", "SUSE Linux Enterprise Server 11 SP3-LTSS:kernel-xen-3.0.101-0.47.106.50.1.i586", "SUSE Linux Enterprise Server 11 SP3-LTSS:kernel-xen-3.0.101-0.47.106.50.1.x86_64", "SUSE Linux Enterprise Server 11 SP3-LTSS:kernel-xen-base-3.0.101-0.47.106.50.1.i586", "SUSE Linux Enterprise Server 11 SP3-LTSS:kernel-xen-base-3.0.101-0.47.106.50.1.x86_64", "SUSE Linux Enterprise Server 11 SP3-LTSS:kernel-xen-devel-3.0.101-0.47.106.50.1.i586", "SUSE Linux Enterprise Server 11 SP3-LTSS:kernel-xen-devel-3.0.101-0.47.106.50.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 7, baseSeverity: "HIGH", vectorString: "CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H", version: "3.0", }, products: [ "SUSE Linux Enterprise Point of Sale 11 SP3:kernel-default-3.0.101-0.47.106.50.1.i586", "SUSE Linux Enterprise Point of Sale 11 SP3:kernel-default-base-3.0.101-0.47.106.50.1.i586", "SUSE Linux Enterprise Point of Sale 11 SP3:kernel-default-devel-3.0.101-0.47.106.50.1.i586", "SUSE Linux Enterprise Point of Sale 11 SP3:kernel-ec2-3.0.101-0.47.106.50.1.i586", "SUSE Linux Enterprise Point of Sale 11 SP3:kernel-ec2-base-3.0.101-0.47.106.50.1.i586", "SUSE Linux Enterprise Point of Sale 11 SP3:kernel-ec2-devel-3.0.101-0.47.106.50.1.i586", "SUSE Linux Enterprise Point of Sale 11 SP3:kernel-pae-3.0.101-0.47.106.50.1.i586", "SUSE Linux Enterprise Point of Sale 11 SP3:kernel-pae-base-3.0.101-0.47.106.50.1.i586", "SUSE Linux Enterprise Point of Sale 11 SP3:kernel-pae-devel-3.0.101-0.47.106.50.1.i586", "SUSE Linux Enterprise Point of Sale 11 SP3:kernel-source-3.0.101-0.47.106.50.1.i586", "SUSE Linux Enterprise Point of Sale 11 SP3:kernel-syms-3.0.101-0.47.106.50.1.i586", "SUSE Linux Enterprise Point of Sale 11 SP3:kernel-trace-3.0.101-0.47.106.50.1.i586", "SUSE Linux Enterprise Point of Sale 11 SP3:kernel-trace-base-3.0.101-0.47.106.50.1.i586", "SUSE Linux Enterprise Point of Sale 11 SP3:kernel-trace-devel-3.0.101-0.47.106.50.1.i586", "SUSE Linux Enterprise Point of Sale 11 SP3:kernel-xen-3.0.101-0.47.106.50.1.i586", "SUSE Linux Enterprise Point of Sale 11 SP3:kernel-xen-base-3.0.101-0.47.106.50.1.i586", "SUSE Linux Enterprise Point of Sale 11 SP3:kernel-xen-devel-3.0.101-0.47.106.50.1.i586", "SUSE Linux Enterprise Server 11 SP3-LTSS:kernel-bigsmp-3.0.101-0.47.106.50.1.x86_64", "SUSE Linux Enterprise Server 11 SP3-LTSS:kernel-bigsmp-base-3.0.101-0.47.106.50.1.x86_64", "SUSE Linux Enterprise Server 11 SP3-LTSS:kernel-bigsmp-devel-3.0.101-0.47.106.50.1.x86_64", "SUSE Linux Enterprise Server 11 SP3-LTSS:kernel-default-3.0.101-0.47.106.50.1.i586", "SUSE Linux Enterprise Server 11 SP3-LTSS:kernel-default-3.0.101-0.47.106.50.1.s390x", "SUSE Linux Enterprise Server 11 SP3-LTSS:kernel-default-3.0.101-0.47.106.50.1.x86_64", "SUSE Linux Enterprise Server 11 SP3-LTSS:kernel-default-base-3.0.101-0.47.106.50.1.i586", "SUSE Linux Enterprise Server 11 SP3-LTSS:kernel-default-base-3.0.101-0.47.106.50.1.s390x", "SUSE Linux Enterprise Server 11 SP3-LTSS:kernel-default-base-3.0.101-0.47.106.50.1.x86_64", "SUSE Linux Enterprise Server 11 SP3-LTSS:kernel-default-devel-3.0.101-0.47.106.50.1.i586", "SUSE Linux Enterprise Server 11 SP3-LTSS:kernel-default-devel-3.0.101-0.47.106.50.1.s390x", "SUSE Linux Enterprise Server 11 SP3-LTSS:kernel-default-devel-3.0.101-0.47.106.50.1.x86_64", "SUSE Linux Enterprise Server 11 SP3-LTSS:kernel-default-man-3.0.101-0.47.106.50.1.s390x", "SUSE Linux Enterprise Server 11 SP3-LTSS:kernel-ec2-3.0.101-0.47.106.50.1.i586", "SUSE Linux Enterprise Server 11 SP3-LTSS:kernel-ec2-3.0.101-0.47.106.50.1.x86_64", "SUSE Linux Enterprise Server 11 SP3-LTSS:kernel-ec2-base-3.0.101-0.47.106.50.1.i586", "SUSE Linux Enterprise Server 11 SP3-LTSS:kernel-ec2-base-3.0.101-0.47.106.50.1.x86_64", "SUSE Linux Enterprise Server 11 SP3-LTSS:kernel-ec2-devel-3.0.101-0.47.106.50.1.i586", "SUSE Linux Enterprise Server 11 SP3-LTSS:kernel-ec2-devel-3.0.101-0.47.106.50.1.x86_64", "SUSE Linux Enterprise Server 11 SP3-LTSS:kernel-pae-3.0.101-0.47.106.50.1.i586", "SUSE Linux Enterprise Server 11 SP3-LTSS:kernel-pae-base-3.0.101-0.47.106.50.1.i586", "SUSE Linux Enterprise Server 11 SP3-LTSS:kernel-pae-devel-3.0.101-0.47.106.50.1.i586", "SUSE Linux Enterprise Server 11 SP3-LTSS:kernel-source-3.0.101-0.47.106.50.1.i586", "SUSE Linux Enterprise Server 11 SP3-LTSS:kernel-source-3.0.101-0.47.106.50.1.s390x", "SUSE Linux Enterprise Server 11 SP3-LTSS:kernel-source-3.0.101-0.47.106.50.1.x86_64", "SUSE Linux Enterprise Server 11 SP3-LTSS:kernel-syms-3.0.101-0.47.106.50.1.i586", "SUSE Linux Enterprise Server 11 SP3-LTSS:kernel-syms-3.0.101-0.47.106.50.1.s390x", "SUSE Linux Enterprise Server 11 SP3-LTSS:kernel-syms-3.0.101-0.47.106.50.1.x86_64", "SUSE Linux Enterprise Server 11 SP3-LTSS:kernel-trace-3.0.101-0.47.106.50.1.i586", "SUSE Linux Enterprise Server 11 SP3-LTSS:kernel-trace-3.0.101-0.47.106.50.1.s390x", "SUSE Linux Enterprise Server 11 SP3-LTSS:kernel-trace-3.0.101-0.47.106.50.1.x86_64", "SUSE Linux Enterprise Server 11 SP3-LTSS:kernel-trace-base-3.0.101-0.47.106.50.1.i586", "SUSE Linux Enterprise Server 11 SP3-LTSS:kernel-trace-base-3.0.101-0.47.106.50.1.s390x", "SUSE Linux Enterprise Server 11 SP3-LTSS:kernel-trace-base-3.0.101-0.47.106.50.1.x86_64", "SUSE Linux Enterprise Server 11 SP3-LTSS:kernel-trace-devel-3.0.101-0.47.106.50.1.i586", "SUSE Linux Enterprise Server 11 SP3-LTSS:kernel-trace-devel-3.0.101-0.47.106.50.1.s390x", "SUSE Linux Enterprise Server 11 SP3-LTSS:kernel-trace-devel-3.0.101-0.47.106.50.1.x86_64", "SUSE Linux Enterprise Server 11 SP3-LTSS:kernel-xen-3.0.101-0.47.106.50.1.i586", "SUSE Linux Enterprise Server 11 SP3-LTSS:kernel-xen-3.0.101-0.47.106.50.1.x86_64", "SUSE Linux Enterprise Server 11 SP3-LTSS:kernel-xen-base-3.0.101-0.47.106.50.1.i586", "SUSE Linux Enterprise Server 11 SP3-LTSS:kernel-xen-base-3.0.101-0.47.106.50.1.x86_64", "SUSE Linux Enterprise Server 11 SP3-LTSS:kernel-xen-devel-3.0.101-0.47.106.50.1.i586", "SUSE Linux Enterprise Server 11 SP3-LTSS:kernel-xen-devel-3.0.101-0.47.106.50.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2018-09-27T14:02:27Z", details: "moderate", }, ], title: "CVE-2018-14734", }, { cve: "CVE-2018-15572", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2018-15572", }, ], notes: [ { category: "general", text: "The spectre_v2_select_mitigation function in arch/x86/kernel/cpu/bugs.c in the Linux kernel before 4.18.1 does not always fill RSB upon a context switch, which makes it easier for attackers to conduct userspace-userspace spectreRSB attacks.", title: "CVE description", }, ], product_status: { recommended: [ "SUSE Linux Enterprise Point of Sale 11 SP3:kernel-default-3.0.101-0.47.106.50.1.i586", "SUSE Linux Enterprise Point of Sale 11 SP3:kernel-default-base-3.0.101-0.47.106.50.1.i586", "SUSE Linux Enterprise Point of Sale 11 SP3:kernel-default-devel-3.0.101-0.47.106.50.1.i586", "SUSE Linux Enterprise Point of Sale 11 SP3:kernel-ec2-3.0.101-0.47.106.50.1.i586", "SUSE Linux Enterprise Point of Sale 11 SP3:kernel-ec2-base-3.0.101-0.47.106.50.1.i586", "SUSE Linux Enterprise Point of Sale 11 SP3:kernel-ec2-devel-3.0.101-0.47.106.50.1.i586", "SUSE Linux Enterprise Point of Sale 11 SP3:kernel-pae-3.0.101-0.47.106.50.1.i586", "SUSE Linux Enterprise Point of Sale 11 SP3:kernel-pae-base-3.0.101-0.47.106.50.1.i586", "SUSE Linux Enterprise Point of Sale 11 SP3:kernel-pae-devel-3.0.101-0.47.106.50.1.i586", "SUSE Linux Enterprise Point of Sale 11 SP3:kernel-source-3.0.101-0.47.106.50.1.i586", "SUSE Linux Enterprise Point of Sale 11 SP3:kernel-syms-3.0.101-0.47.106.50.1.i586", "SUSE Linux Enterprise Point of Sale 11 SP3:kernel-trace-3.0.101-0.47.106.50.1.i586", "SUSE Linux Enterprise Point of Sale 11 SP3:kernel-trace-base-3.0.101-0.47.106.50.1.i586", "SUSE Linux Enterprise Point of Sale 11 SP3:kernel-trace-devel-3.0.101-0.47.106.50.1.i586", "SUSE Linux Enterprise Point of Sale 11 SP3:kernel-xen-3.0.101-0.47.106.50.1.i586", "SUSE Linux Enterprise Point of Sale 11 SP3:kernel-xen-base-3.0.101-0.47.106.50.1.i586", "SUSE Linux Enterprise Point of Sale 11 SP3:kernel-xen-devel-3.0.101-0.47.106.50.1.i586", "SUSE Linux Enterprise Server 11 SP3-LTSS:kernel-bigsmp-3.0.101-0.47.106.50.1.x86_64", "SUSE Linux Enterprise Server 11 SP3-LTSS:kernel-bigsmp-base-3.0.101-0.47.106.50.1.x86_64", "SUSE Linux Enterprise Server 11 SP3-LTSS:kernel-bigsmp-devel-3.0.101-0.47.106.50.1.x86_64", "SUSE Linux Enterprise Server 11 SP3-LTSS:kernel-default-3.0.101-0.47.106.50.1.i586", "SUSE Linux Enterprise Server 11 SP3-LTSS:kernel-default-3.0.101-0.47.106.50.1.s390x", "SUSE Linux Enterprise Server 11 SP3-LTSS:kernel-default-3.0.101-0.47.106.50.1.x86_64", "SUSE Linux Enterprise Server 11 SP3-LTSS:kernel-default-base-3.0.101-0.47.106.50.1.i586", "SUSE Linux Enterprise Server 11 SP3-LTSS:kernel-default-base-3.0.101-0.47.106.50.1.s390x", "SUSE Linux Enterprise Server 11 SP3-LTSS:kernel-default-base-3.0.101-0.47.106.50.1.x86_64", "SUSE Linux Enterprise Server 11 SP3-LTSS:kernel-default-devel-3.0.101-0.47.106.50.1.i586", "SUSE Linux Enterprise Server 11 SP3-LTSS:kernel-default-devel-3.0.101-0.47.106.50.1.s390x", "SUSE Linux Enterprise Server 11 SP3-LTSS:kernel-default-devel-3.0.101-0.47.106.50.1.x86_64", "SUSE Linux Enterprise Server 11 SP3-LTSS:kernel-default-man-3.0.101-0.47.106.50.1.s390x", "SUSE Linux Enterprise Server 11 SP3-LTSS:kernel-ec2-3.0.101-0.47.106.50.1.i586", "SUSE Linux Enterprise Server 11 SP3-LTSS:kernel-ec2-3.0.101-0.47.106.50.1.x86_64", "SUSE Linux Enterprise Server 11 SP3-LTSS:kernel-ec2-base-3.0.101-0.47.106.50.1.i586", "SUSE Linux Enterprise Server 11 SP3-LTSS:kernel-ec2-base-3.0.101-0.47.106.50.1.x86_64", "SUSE Linux Enterprise Server 11 SP3-LTSS:kernel-ec2-devel-3.0.101-0.47.106.50.1.i586", "SUSE Linux Enterprise Server 11 SP3-LTSS:kernel-ec2-devel-3.0.101-0.47.106.50.1.x86_64", "SUSE Linux Enterprise Server 11 SP3-LTSS:kernel-pae-3.0.101-0.47.106.50.1.i586", "SUSE Linux Enterprise Server 11 SP3-LTSS:kernel-pae-base-3.0.101-0.47.106.50.1.i586", "SUSE Linux Enterprise Server 11 SP3-LTSS:kernel-pae-devel-3.0.101-0.47.106.50.1.i586", "SUSE Linux Enterprise Server 11 SP3-LTSS:kernel-source-3.0.101-0.47.106.50.1.i586", "SUSE Linux Enterprise Server 11 SP3-LTSS:kernel-source-3.0.101-0.47.106.50.1.s390x", "SUSE Linux Enterprise Server 11 SP3-LTSS:kernel-source-3.0.101-0.47.106.50.1.x86_64", "SUSE Linux Enterprise Server 11 SP3-LTSS:kernel-syms-3.0.101-0.47.106.50.1.i586", "SUSE Linux Enterprise Server 11 SP3-LTSS:kernel-syms-3.0.101-0.47.106.50.1.s390x", "SUSE Linux Enterprise Server 11 SP3-LTSS:kernel-syms-3.0.101-0.47.106.50.1.x86_64", "SUSE Linux Enterprise Server 11 SP3-LTSS:kernel-trace-3.0.101-0.47.106.50.1.i586", "SUSE Linux Enterprise Server 11 SP3-LTSS:kernel-trace-3.0.101-0.47.106.50.1.s390x", "SUSE Linux Enterprise Server 11 SP3-LTSS:kernel-trace-3.0.101-0.47.106.50.1.x86_64", "SUSE Linux Enterprise Server 11 SP3-LTSS:kernel-trace-base-3.0.101-0.47.106.50.1.i586", "SUSE Linux Enterprise Server 11 SP3-LTSS:kernel-trace-base-3.0.101-0.47.106.50.1.s390x", "SUSE Linux Enterprise Server 11 SP3-LTSS:kernel-trace-base-3.0.101-0.47.106.50.1.x86_64", "SUSE Linux Enterprise Server 11 SP3-LTSS:kernel-trace-devel-3.0.101-0.47.106.50.1.i586", "SUSE Linux Enterprise Server 11 SP3-LTSS:kernel-trace-devel-3.0.101-0.47.106.50.1.s390x", "SUSE Linux Enterprise Server 11 SP3-LTSS:kernel-trace-devel-3.0.101-0.47.106.50.1.x86_64", "SUSE Linux Enterprise Server 11 SP3-LTSS:kernel-xen-3.0.101-0.47.106.50.1.i586", "SUSE Linux Enterprise Server 11 SP3-LTSS:kernel-xen-3.0.101-0.47.106.50.1.x86_64", "SUSE Linux Enterprise Server 11 SP3-LTSS:kernel-xen-base-3.0.101-0.47.106.50.1.i586", "SUSE Linux Enterprise Server 11 SP3-LTSS:kernel-xen-base-3.0.101-0.47.106.50.1.x86_64", "SUSE Linux Enterprise Server 11 SP3-LTSS:kernel-xen-devel-3.0.101-0.47.106.50.1.i586", "SUSE Linux Enterprise Server 11 SP3-LTSS:kernel-xen-devel-3.0.101-0.47.106.50.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2018-15572", url: "https://www.suse.com/security/cve/CVE-2018-15572", }, { category: "external", summary: "SUSE Bug 1102517 for CVE-2018-15572", url: "https://bugzilla.suse.com/1102517", }, { category: "external", summary: "SUSE Bug 1105296 for CVE-2018-15572", url: "https://bugzilla.suse.com/1105296", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE Linux Enterprise Point of Sale 11 SP3:kernel-default-3.0.101-0.47.106.50.1.i586", "SUSE Linux Enterprise Point of Sale 11 SP3:kernel-default-base-3.0.101-0.47.106.50.1.i586", "SUSE Linux Enterprise Point of Sale 11 SP3:kernel-default-devel-3.0.101-0.47.106.50.1.i586", "SUSE Linux Enterprise Point of Sale 11 SP3:kernel-ec2-3.0.101-0.47.106.50.1.i586", "SUSE Linux Enterprise Point of Sale 11 SP3:kernel-ec2-base-3.0.101-0.47.106.50.1.i586", "SUSE Linux Enterprise Point of Sale 11 SP3:kernel-ec2-devel-3.0.101-0.47.106.50.1.i586", "SUSE Linux Enterprise Point of Sale 11 SP3:kernel-pae-3.0.101-0.47.106.50.1.i586", "SUSE Linux Enterprise Point of Sale 11 SP3:kernel-pae-base-3.0.101-0.47.106.50.1.i586", "SUSE Linux Enterprise Point of Sale 11 SP3:kernel-pae-devel-3.0.101-0.47.106.50.1.i586", "SUSE Linux Enterprise Point of Sale 11 SP3:kernel-source-3.0.101-0.47.106.50.1.i586", "SUSE Linux Enterprise Point of Sale 11 SP3:kernel-syms-3.0.101-0.47.106.50.1.i586", "SUSE Linux Enterprise Point of Sale 11 SP3:kernel-trace-3.0.101-0.47.106.50.1.i586", "SUSE Linux Enterprise Point of Sale 11 SP3:kernel-trace-base-3.0.101-0.47.106.50.1.i586", "SUSE Linux Enterprise Point of Sale 11 SP3:kernel-trace-devel-3.0.101-0.47.106.50.1.i586", "SUSE Linux Enterprise Point of Sale 11 SP3:kernel-xen-3.0.101-0.47.106.50.1.i586", "SUSE Linux Enterprise Point of Sale 11 SP3:kernel-xen-base-3.0.101-0.47.106.50.1.i586", "SUSE Linux Enterprise Point of Sale 11 SP3:kernel-xen-devel-3.0.101-0.47.106.50.1.i586", "SUSE Linux Enterprise Server 11 SP3-LTSS:kernel-bigsmp-3.0.101-0.47.106.50.1.x86_64", "SUSE Linux Enterprise Server 11 SP3-LTSS:kernel-bigsmp-base-3.0.101-0.47.106.50.1.x86_64", "SUSE Linux Enterprise Server 11 SP3-LTSS:kernel-bigsmp-devel-3.0.101-0.47.106.50.1.x86_64", "SUSE Linux Enterprise Server 11 SP3-LTSS:kernel-default-3.0.101-0.47.106.50.1.i586", "SUSE Linux Enterprise Server 11 SP3-LTSS:kernel-default-3.0.101-0.47.106.50.1.s390x", "SUSE Linux Enterprise Server 11 SP3-LTSS:kernel-default-3.0.101-0.47.106.50.1.x86_64", "SUSE Linux Enterprise Server 11 SP3-LTSS:kernel-default-base-3.0.101-0.47.106.50.1.i586", "SUSE Linux Enterprise Server 11 SP3-LTSS:kernel-default-base-3.0.101-0.47.106.50.1.s390x", "SUSE Linux Enterprise Server 11 SP3-LTSS:kernel-default-base-3.0.101-0.47.106.50.1.x86_64", "SUSE Linux Enterprise Server 11 SP3-LTSS:kernel-default-devel-3.0.101-0.47.106.50.1.i586", "SUSE Linux Enterprise Server 11 SP3-LTSS:kernel-default-devel-3.0.101-0.47.106.50.1.s390x", "SUSE Linux Enterprise Server 11 SP3-LTSS:kernel-default-devel-3.0.101-0.47.106.50.1.x86_64", "SUSE Linux Enterprise Server 11 SP3-LTSS:kernel-default-man-3.0.101-0.47.106.50.1.s390x", "SUSE Linux Enterprise Server 11 SP3-LTSS:kernel-ec2-3.0.101-0.47.106.50.1.i586", "SUSE Linux Enterprise Server 11 SP3-LTSS:kernel-ec2-3.0.101-0.47.106.50.1.x86_64", "SUSE Linux Enterprise Server 11 SP3-LTSS:kernel-ec2-base-3.0.101-0.47.106.50.1.i586", "SUSE Linux Enterprise Server 11 SP3-LTSS:kernel-ec2-base-3.0.101-0.47.106.50.1.x86_64", "SUSE Linux Enterprise Server 11 SP3-LTSS:kernel-ec2-devel-3.0.101-0.47.106.50.1.i586", "SUSE Linux Enterprise Server 11 SP3-LTSS:kernel-ec2-devel-3.0.101-0.47.106.50.1.x86_64", "SUSE Linux Enterprise Server 11 SP3-LTSS:kernel-pae-3.0.101-0.47.106.50.1.i586", "SUSE Linux Enterprise Server 11 SP3-LTSS:kernel-pae-base-3.0.101-0.47.106.50.1.i586", "SUSE Linux Enterprise Server 11 SP3-LTSS:kernel-pae-devel-3.0.101-0.47.106.50.1.i586", "SUSE Linux Enterprise Server 11 SP3-LTSS:kernel-source-3.0.101-0.47.106.50.1.i586", "SUSE Linux Enterprise Server 11 SP3-LTSS:kernel-source-3.0.101-0.47.106.50.1.s390x", "SUSE Linux Enterprise Server 11 SP3-LTSS:kernel-source-3.0.101-0.47.106.50.1.x86_64", "SUSE Linux Enterprise Server 11 SP3-LTSS:kernel-syms-3.0.101-0.47.106.50.1.i586", "SUSE Linux Enterprise Server 11 SP3-LTSS:kernel-syms-3.0.101-0.47.106.50.1.s390x", "SUSE Linux Enterprise Server 11 SP3-LTSS:kernel-syms-3.0.101-0.47.106.50.1.x86_64", "SUSE Linux Enterprise Server 11 SP3-LTSS:kernel-trace-3.0.101-0.47.106.50.1.i586", "SUSE Linux Enterprise Server 11 SP3-LTSS:kernel-trace-3.0.101-0.47.106.50.1.s390x", "SUSE Linux Enterprise Server 11 SP3-LTSS:kernel-trace-3.0.101-0.47.106.50.1.x86_64", "SUSE Linux Enterprise Server 11 SP3-LTSS:kernel-trace-base-3.0.101-0.47.106.50.1.i586", "SUSE Linux Enterprise Server 11 SP3-LTSS:kernel-trace-base-3.0.101-0.47.106.50.1.s390x", "SUSE Linux Enterprise Server 11 SP3-LTSS:kernel-trace-base-3.0.101-0.47.106.50.1.x86_64", "SUSE Linux Enterprise Server 11 SP3-LTSS:kernel-trace-devel-3.0.101-0.47.106.50.1.i586", "SUSE Linux Enterprise Server 11 SP3-LTSS:kernel-trace-devel-3.0.101-0.47.106.50.1.s390x", "SUSE Linux Enterprise Server 11 SP3-LTSS:kernel-trace-devel-3.0.101-0.47.106.50.1.x86_64", "SUSE Linux Enterprise Server 11 SP3-LTSS:kernel-xen-3.0.101-0.47.106.50.1.i586", "SUSE Linux Enterprise Server 11 SP3-LTSS:kernel-xen-3.0.101-0.47.106.50.1.x86_64", "SUSE Linux Enterprise Server 11 SP3-LTSS:kernel-xen-base-3.0.101-0.47.106.50.1.i586", "SUSE Linux Enterprise Server 11 SP3-LTSS:kernel-xen-base-3.0.101-0.47.106.50.1.x86_64", "SUSE Linux Enterprise Server 11 SP3-LTSS:kernel-xen-devel-3.0.101-0.47.106.50.1.i586", "SUSE Linux Enterprise Server 11 SP3-LTSS:kernel-xen-devel-3.0.101-0.47.106.50.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 4.7, baseSeverity: "MEDIUM", vectorString: "CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N", version: "3.0", }, products: [ "SUSE Linux Enterprise Point of Sale 11 SP3:kernel-default-3.0.101-0.47.106.50.1.i586", "SUSE Linux Enterprise Point of Sale 11 SP3:kernel-default-base-3.0.101-0.47.106.50.1.i586", "SUSE Linux Enterprise Point of Sale 11 SP3:kernel-default-devel-3.0.101-0.47.106.50.1.i586", "SUSE Linux Enterprise Point of Sale 11 SP3:kernel-ec2-3.0.101-0.47.106.50.1.i586", "SUSE Linux Enterprise Point of Sale 11 SP3:kernel-ec2-base-3.0.101-0.47.106.50.1.i586", "SUSE Linux Enterprise Point of Sale 11 SP3:kernel-ec2-devel-3.0.101-0.47.106.50.1.i586", "SUSE Linux Enterprise Point of Sale 11 SP3:kernel-pae-3.0.101-0.47.106.50.1.i586", "SUSE Linux Enterprise Point of Sale 11 SP3:kernel-pae-base-3.0.101-0.47.106.50.1.i586", "SUSE Linux Enterprise Point of Sale 11 SP3:kernel-pae-devel-3.0.101-0.47.106.50.1.i586", "SUSE Linux Enterprise Point of Sale 11 SP3:kernel-source-3.0.101-0.47.106.50.1.i586", "SUSE Linux Enterprise Point of Sale 11 SP3:kernel-syms-3.0.101-0.47.106.50.1.i586", "SUSE Linux Enterprise Point of Sale 11 SP3:kernel-trace-3.0.101-0.47.106.50.1.i586", "SUSE Linux Enterprise Point of Sale 11 SP3:kernel-trace-base-3.0.101-0.47.106.50.1.i586", "SUSE Linux Enterprise Point of Sale 11 SP3:kernel-trace-devel-3.0.101-0.47.106.50.1.i586", "SUSE Linux Enterprise Point of Sale 11 SP3:kernel-xen-3.0.101-0.47.106.50.1.i586", "SUSE Linux Enterprise Point of Sale 11 SP3:kernel-xen-base-3.0.101-0.47.106.50.1.i586", "SUSE Linux Enterprise Point of Sale 11 SP3:kernel-xen-devel-3.0.101-0.47.106.50.1.i586", "SUSE Linux Enterprise Server 11 SP3-LTSS:kernel-bigsmp-3.0.101-0.47.106.50.1.x86_64", "SUSE Linux Enterprise Server 11 SP3-LTSS:kernel-bigsmp-base-3.0.101-0.47.106.50.1.x86_64", "SUSE Linux Enterprise Server 11 SP3-LTSS:kernel-bigsmp-devel-3.0.101-0.47.106.50.1.x86_64", "SUSE Linux Enterprise Server 11 SP3-LTSS:kernel-default-3.0.101-0.47.106.50.1.i586", "SUSE Linux Enterprise Server 11 SP3-LTSS:kernel-default-3.0.101-0.47.106.50.1.s390x", "SUSE Linux Enterprise Server 11 SP3-LTSS:kernel-default-3.0.101-0.47.106.50.1.x86_64", "SUSE Linux Enterprise Server 11 SP3-LTSS:kernel-default-base-3.0.101-0.47.106.50.1.i586", "SUSE Linux Enterprise Server 11 SP3-LTSS:kernel-default-base-3.0.101-0.47.106.50.1.s390x", "SUSE Linux Enterprise Server 11 SP3-LTSS:kernel-default-base-3.0.101-0.47.106.50.1.x86_64", "SUSE Linux Enterprise Server 11 SP3-LTSS:kernel-default-devel-3.0.101-0.47.106.50.1.i586", "SUSE Linux Enterprise Server 11 SP3-LTSS:kernel-default-devel-3.0.101-0.47.106.50.1.s390x", "SUSE Linux Enterprise Server 11 SP3-LTSS:kernel-default-devel-3.0.101-0.47.106.50.1.x86_64", "SUSE Linux Enterprise Server 11 SP3-LTSS:kernel-default-man-3.0.101-0.47.106.50.1.s390x", "SUSE Linux Enterprise Server 11 SP3-LTSS:kernel-ec2-3.0.101-0.47.106.50.1.i586", "SUSE Linux Enterprise Server 11 SP3-LTSS:kernel-ec2-3.0.101-0.47.106.50.1.x86_64", "SUSE Linux Enterprise Server 11 SP3-LTSS:kernel-ec2-base-3.0.101-0.47.106.50.1.i586", "SUSE Linux Enterprise Server 11 SP3-LTSS:kernel-ec2-base-3.0.101-0.47.106.50.1.x86_64", "SUSE Linux Enterprise Server 11 SP3-LTSS:kernel-ec2-devel-3.0.101-0.47.106.50.1.i586", "SUSE Linux Enterprise Server 11 SP3-LTSS:kernel-ec2-devel-3.0.101-0.47.106.50.1.x86_64", "SUSE Linux Enterprise Server 11 SP3-LTSS:kernel-pae-3.0.101-0.47.106.50.1.i586", "SUSE Linux Enterprise Server 11 SP3-LTSS:kernel-pae-base-3.0.101-0.47.106.50.1.i586", "SUSE Linux Enterprise Server 11 SP3-LTSS:kernel-pae-devel-3.0.101-0.47.106.50.1.i586", "SUSE Linux Enterprise Server 11 SP3-LTSS:kernel-source-3.0.101-0.47.106.50.1.i586", "SUSE Linux Enterprise Server 11 SP3-LTSS:kernel-source-3.0.101-0.47.106.50.1.s390x", "SUSE Linux Enterprise Server 11 SP3-LTSS:kernel-source-3.0.101-0.47.106.50.1.x86_64", "SUSE Linux Enterprise Server 11 SP3-LTSS:kernel-syms-3.0.101-0.47.106.50.1.i586", "SUSE Linux Enterprise Server 11 SP3-LTSS:kernel-syms-3.0.101-0.47.106.50.1.s390x", "SUSE Linux Enterprise Server 11 SP3-LTSS:kernel-syms-3.0.101-0.47.106.50.1.x86_64", "SUSE Linux Enterprise Server 11 SP3-LTSS:kernel-trace-3.0.101-0.47.106.50.1.i586", "SUSE Linux Enterprise Server 11 SP3-LTSS:kernel-trace-3.0.101-0.47.106.50.1.s390x", "SUSE Linux Enterprise Server 11 SP3-LTSS:kernel-trace-3.0.101-0.47.106.50.1.x86_64", "SUSE Linux Enterprise Server 11 SP3-LTSS:kernel-trace-base-3.0.101-0.47.106.50.1.i586", "SUSE Linux Enterprise Server 11 SP3-LTSS:kernel-trace-base-3.0.101-0.47.106.50.1.s390x", "SUSE Linux Enterprise Server 11 SP3-LTSS:kernel-trace-base-3.0.101-0.47.106.50.1.x86_64", "SUSE Linux Enterprise Server 11 SP3-LTSS:kernel-trace-devel-3.0.101-0.47.106.50.1.i586", "SUSE Linux Enterprise Server 11 SP3-LTSS:kernel-trace-devel-3.0.101-0.47.106.50.1.s390x", "SUSE Linux Enterprise Server 11 SP3-LTSS:kernel-trace-devel-3.0.101-0.47.106.50.1.x86_64", "SUSE Linux Enterprise Server 11 SP3-LTSS:kernel-xen-3.0.101-0.47.106.50.1.i586", "SUSE Linux Enterprise Server 11 SP3-LTSS:kernel-xen-3.0.101-0.47.106.50.1.x86_64", "SUSE Linux Enterprise Server 11 SP3-LTSS:kernel-xen-base-3.0.101-0.47.106.50.1.i586", "SUSE Linux Enterprise Server 11 SP3-LTSS:kernel-xen-base-3.0.101-0.47.106.50.1.x86_64", "SUSE Linux Enterprise Server 11 SP3-LTSS:kernel-xen-devel-3.0.101-0.47.106.50.1.i586", "SUSE Linux Enterprise Server 11 SP3-LTSS:kernel-xen-devel-3.0.101-0.47.106.50.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2018-09-27T14:02:27Z", details: "important", }, ], title: "CVE-2018-15572", }, { cve: "CVE-2018-16658", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2018-16658", }, ], notes: [ { category: "general", text: "An issue was discovered in the Linux kernel before 4.18.6. An information leak in cdrom_ioctl_drive_status in drivers/cdrom/cdrom.c could be used by local attackers to read kernel memory because a cast from unsigned long to int interferes with bounds checking. This is similar to CVE-2018-10940.", title: "CVE description", }, ], product_status: { recommended: [ "SUSE Linux Enterprise Point of Sale 11 SP3:kernel-default-3.0.101-0.47.106.50.1.i586", "SUSE Linux Enterprise Point of Sale 11 SP3:kernel-default-base-3.0.101-0.47.106.50.1.i586", "SUSE Linux Enterprise Point of Sale 11 SP3:kernel-default-devel-3.0.101-0.47.106.50.1.i586", "SUSE Linux Enterprise Point of Sale 11 SP3:kernel-ec2-3.0.101-0.47.106.50.1.i586", "SUSE Linux Enterprise Point of Sale 11 SP3:kernel-ec2-base-3.0.101-0.47.106.50.1.i586", "SUSE Linux Enterprise Point of Sale 11 SP3:kernel-ec2-devel-3.0.101-0.47.106.50.1.i586", "SUSE Linux Enterprise Point of Sale 11 SP3:kernel-pae-3.0.101-0.47.106.50.1.i586", "SUSE Linux Enterprise Point of Sale 11 SP3:kernel-pae-base-3.0.101-0.47.106.50.1.i586", "SUSE Linux Enterprise Point of Sale 11 SP3:kernel-pae-devel-3.0.101-0.47.106.50.1.i586", "SUSE Linux Enterprise Point of Sale 11 SP3:kernel-source-3.0.101-0.47.106.50.1.i586", "SUSE Linux Enterprise Point of Sale 11 SP3:kernel-syms-3.0.101-0.47.106.50.1.i586", "SUSE Linux Enterprise Point of Sale 11 SP3:kernel-trace-3.0.101-0.47.106.50.1.i586", "SUSE Linux Enterprise Point of Sale 11 SP3:kernel-trace-base-3.0.101-0.47.106.50.1.i586", "SUSE Linux Enterprise Point of Sale 11 SP3:kernel-trace-devel-3.0.101-0.47.106.50.1.i586", "SUSE Linux Enterprise Point of Sale 11 SP3:kernel-xen-3.0.101-0.47.106.50.1.i586", "SUSE Linux Enterprise Point of Sale 11 SP3:kernel-xen-base-3.0.101-0.47.106.50.1.i586", "SUSE Linux Enterprise Point of Sale 11 SP3:kernel-xen-devel-3.0.101-0.47.106.50.1.i586", "SUSE Linux Enterprise Server 11 SP3-LTSS:kernel-bigsmp-3.0.101-0.47.106.50.1.x86_64", "SUSE Linux Enterprise Server 11 SP3-LTSS:kernel-bigsmp-base-3.0.101-0.47.106.50.1.x86_64", "SUSE Linux Enterprise Server 11 SP3-LTSS:kernel-bigsmp-devel-3.0.101-0.47.106.50.1.x86_64", "SUSE Linux Enterprise Server 11 SP3-LTSS:kernel-default-3.0.101-0.47.106.50.1.i586", "SUSE Linux Enterprise Server 11 SP3-LTSS:kernel-default-3.0.101-0.47.106.50.1.s390x", "SUSE Linux Enterprise Server 11 SP3-LTSS:kernel-default-3.0.101-0.47.106.50.1.x86_64", "SUSE Linux Enterprise Server 11 SP3-LTSS:kernel-default-base-3.0.101-0.47.106.50.1.i586", "SUSE Linux Enterprise Server 11 SP3-LTSS:kernel-default-base-3.0.101-0.47.106.50.1.s390x", "SUSE Linux Enterprise Server 11 SP3-LTSS:kernel-default-base-3.0.101-0.47.106.50.1.x86_64", "SUSE Linux Enterprise Server 11 SP3-LTSS:kernel-default-devel-3.0.101-0.47.106.50.1.i586", "SUSE Linux Enterprise Server 11 SP3-LTSS:kernel-default-devel-3.0.101-0.47.106.50.1.s390x", "SUSE Linux Enterprise Server 11 SP3-LTSS:kernel-default-devel-3.0.101-0.47.106.50.1.x86_64", "SUSE Linux Enterprise Server 11 SP3-LTSS:kernel-default-man-3.0.101-0.47.106.50.1.s390x", "SUSE Linux Enterprise Server 11 SP3-LTSS:kernel-ec2-3.0.101-0.47.106.50.1.i586", "SUSE Linux Enterprise Server 11 SP3-LTSS:kernel-ec2-3.0.101-0.47.106.50.1.x86_64", "SUSE Linux Enterprise Server 11 SP3-LTSS:kernel-ec2-base-3.0.101-0.47.106.50.1.i586", "SUSE Linux Enterprise Server 11 SP3-LTSS:kernel-ec2-base-3.0.101-0.47.106.50.1.x86_64", "SUSE Linux Enterprise Server 11 SP3-LTSS:kernel-ec2-devel-3.0.101-0.47.106.50.1.i586", "SUSE Linux Enterprise Server 11 SP3-LTSS:kernel-ec2-devel-3.0.101-0.47.106.50.1.x86_64", "SUSE Linux Enterprise Server 11 SP3-LTSS:kernel-pae-3.0.101-0.47.106.50.1.i586", "SUSE Linux Enterprise Server 11 SP3-LTSS:kernel-pae-base-3.0.101-0.47.106.50.1.i586", "SUSE Linux Enterprise Server 11 SP3-LTSS:kernel-pae-devel-3.0.101-0.47.106.50.1.i586", "SUSE Linux Enterprise Server 11 SP3-LTSS:kernel-source-3.0.101-0.47.106.50.1.i586", "SUSE Linux Enterprise Server 11 SP3-LTSS:kernel-source-3.0.101-0.47.106.50.1.s390x", "SUSE Linux Enterprise Server 11 SP3-LTSS:kernel-source-3.0.101-0.47.106.50.1.x86_64", "SUSE Linux Enterprise Server 11 SP3-LTSS:kernel-syms-3.0.101-0.47.106.50.1.i586", "SUSE Linux Enterprise Server 11 SP3-LTSS:kernel-syms-3.0.101-0.47.106.50.1.s390x", "SUSE Linux Enterprise Server 11 SP3-LTSS:kernel-syms-3.0.101-0.47.106.50.1.x86_64", "SUSE Linux Enterprise Server 11 SP3-LTSS:kernel-trace-3.0.101-0.47.106.50.1.i586", "SUSE Linux Enterprise Server 11 SP3-LTSS:kernel-trace-3.0.101-0.47.106.50.1.s390x", "SUSE Linux Enterprise Server 11 SP3-LTSS:kernel-trace-3.0.101-0.47.106.50.1.x86_64", "SUSE Linux Enterprise Server 11 SP3-LTSS:kernel-trace-base-3.0.101-0.47.106.50.1.i586", "SUSE Linux Enterprise Server 11 SP3-LTSS:kernel-trace-base-3.0.101-0.47.106.50.1.s390x", "SUSE Linux Enterprise Server 11 SP3-LTSS:kernel-trace-base-3.0.101-0.47.106.50.1.x86_64", "SUSE Linux Enterprise Server 11 SP3-LTSS:kernel-trace-devel-3.0.101-0.47.106.50.1.i586", "SUSE Linux Enterprise Server 11 SP3-LTSS:kernel-trace-devel-3.0.101-0.47.106.50.1.s390x", "SUSE Linux Enterprise Server 11 SP3-LTSS:kernel-trace-devel-3.0.101-0.47.106.50.1.x86_64", "SUSE Linux Enterprise Server 11 SP3-LTSS:kernel-xen-3.0.101-0.47.106.50.1.i586", "SUSE Linux Enterprise Server 11 SP3-LTSS:kernel-xen-3.0.101-0.47.106.50.1.x86_64", "SUSE Linux Enterprise Server 11 SP3-LTSS:kernel-xen-base-3.0.101-0.47.106.50.1.i586", "SUSE Linux Enterprise Server 11 SP3-LTSS:kernel-xen-base-3.0.101-0.47.106.50.1.x86_64", "SUSE Linux Enterprise Server 11 SP3-LTSS:kernel-xen-devel-3.0.101-0.47.106.50.1.i586", "SUSE Linux Enterprise Server 11 SP3-LTSS:kernel-xen-devel-3.0.101-0.47.106.50.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2018-16658", url: "https://www.suse.com/security/cve/CVE-2018-16658", }, { category: "external", summary: "SUSE Bug 1092903 for CVE-2018-16658", url: "https://bugzilla.suse.com/1092903", }, { category: "external", summary: "SUSE Bug 1107689 for CVE-2018-16658", url: "https://bugzilla.suse.com/1107689", }, { category: "external", summary: "SUSE Bug 1113751 for CVE-2018-16658", url: "https://bugzilla.suse.com/1113751", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE Linux Enterprise Point of Sale 11 SP3:kernel-default-3.0.101-0.47.106.50.1.i586", "SUSE Linux Enterprise Point of Sale 11 SP3:kernel-default-base-3.0.101-0.47.106.50.1.i586", "SUSE Linux Enterprise Point of Sale 11 SP3:kernel-default-devel-3.0.101-0.47.106.50.1.i586", "SUSE Linux Enterprise Point of Sale 11 SP3:kernel-ec2-3.0.101-0.47.106.50.1.i586", "SUSE Linux Enterprise Point of Sale 11 SP3:kernel-ec2-base-3.0.101-0.47.106.50.1.i586", "SUSE Linux Enterprise Point of Sale 11 SP3:kernel-ec2-devel-3.0.101-0.47.106.50.1.i586", "SUSE Linux Enterprise Point of Sale 11 SP3:kernel-pae-3.0.101-0.47.106.50.1.i586", "SUSE Linux Enterprise Point of Sale 11 SP3:kernel-pae-base-3.0.101-0.47.106.50.1.i586", "SUSE Linux Enterprise Point of Sale 11 SP3:kernel-pae-devel-3.0.101-0.47.106.50.1.i586", "SUSE Linux Enterprise Point of Sale 11 SP3:kernel-source-3.0.101-0.47.106.50.1.i586", "SUSE Linux Enterprise Point of Sale 11 SP3:kernel-syms-3.0.101-0.47.106.50.1.i586", "SUSE Linux Enterprise Point of Sale 11 SP3:kernel-trace-3.0.101-0.47.106.50.1.i586", "SUSE Linux Enterprise Point of Sale 11 SP3:kernel-trace-base-3.0.101-0.47.106.50.1.i586", "SUSE Linux Enterprise Point of Sale 11 SP3:kernel-trace-devel-3.0.101-0.47.106.50.1.i586", "SUSE Linux Enterprise Point of Sale 11 SP3:kernel-xen-3.0.101-0.47.106.50.1.i586", "SUSE Linux Enterprise Point of Sale 11 SP3:kernel-xen-base-3.0.101-0.47.106.50.1.i586", "SUSE Linux Enterprise Point of Sale 11 SP3:kernel-xen-devel-3.0.101-0.47.106.50.1.i586", "SUSE Linux Enterprise Server 11 SP3-LTSS:kernel-bigsmp-3.0.101-0.47.106.50.1.x86_64", "SUSE Linux Enterprise Server 11 SP3-LTSS:kernel-bigsmp-base-3.0.101-0.47.106.50.1.x86_64", "SUSE Linux Enterprise Server 11 SP3-LTSS:kernel-bigsmp-devel-3.0.101-0.47.106.50.1.x86_64", "SUSE Linux Enterprise Server 11 SP3-LTSS:kernel-default-3.0.101-0.47.106.50.1.i586", "SUSE Linux Enterprise Server 11 SP3-LTSS:kernel-default-3.0.101-0.47.106.50.1.s390x", "SUSE Linux Enterprise Server 11 SP3-LTSS:kernel-default-3.0.101-0.47.106.50.1.x86_64", "SUSE Linux Enterprise Server 11 SP3-LTSS:kernel-default-base-3.0.101-0.47.106.50.1.i586", "SUSE Linux Enterprise Server 11 SP3-LTSS:kernel-default-base-3.0.101-0.47.106.50.1.s390x", "SUSE Linux Enterprise Server 11 SP3-LTSS:kernel-default-base-3.0.101-0.47.106.50.1.x86_64", "SUSE Linux Enterprise Server 11 SP3-LTSS:kernel-default-devel-3.0.101-0.47.106.50.1.i586", "SUSE Linux Enterprise Server 11 SP3-LTSS:kernel-default-devel-3.0.101-0.47.106.50.1.s390x", "SUSE Linux Enterprise Server 11 SP3-LTSS:kernel-default-devel-3.0.101-0.47.106.50.1.x86_64", "SUSE Linux Enterprise Server 11 SP3-LTSS:kernel-default-man-3.0.101-0.47.106.50.1.s390x", "SUSE Linux Enterprise Server 11 SP3-LTSS:kernel-ec2-3.0.101-0.47.106.50.1.i586", "SUSE Linux Enterprise Server 11 SP3-LTSS:kernel-ec2-3.0.101-0.47.106.50.1.x86_64", "SUSE Linux Enterprise Server 11 SP3-LTSS:kernel-ec2-base-3.0.101-0.47.106.50.1.i586", "SUSE Linux Enterprise Server 11 SP3-LTSS:kernel-ec2-base-3.0.101-0.47.106.50.1.x86_64", "SUSE Linux Enterprise Server 11 SP3-LTSS:kernel-ec2-devel-3.0.101-0.47.106.50.1.i586", "SUSE Linux Enterprise Server 11 SP3-LTSS:kernel-ec2-devel-3.0.101-0.47.106.50.1.x86_64", "SUSE Linux Enterprise Server 11 SP3-LTSS:kernel-pae-3.0.101-0.47.106.50.1.i586", "SUSE Linux Enterprise Server 11 SP3-LTSS:kernel-pae-base-3.0.101-0.47.106.50.1.i586", "SUSE Linux Enterprise Server 11 SP3-LTSS:kernel-pae-devel-3.0.101-0.47.106.50.1.i586", "SUSE Linux Enterprise Server 11 SP3-LTSS:kernel-source-3.0.101-0.47.106.50.1.i586", "SUSE Linux Enterprise Server 11 SP3-LTSS:kernel-source-3.0.101-0.47.106.50.1.s390x", "SUSE Linux Enterprise Server 11 SP3-LTSS:kernel-source-3.0.101-0.47.106.50.1.x86_64", "SUSE Linux Enterprise Server 11 SP3-LTSS:kernel-syms-3.0.101-0.47.106.50.1.i586", "SUSE Linux Enterprise Server 11 SP3-LTSS:kernel-syms-3.0.101-0.47.106.50.1.s390x", "SUSE Linux Enterprise Server 11 SP3-LTSS:kernel-syms-3.0.101-0.47.106.50.1.x86_64", "SUSE Linux Enterprise Server 11 SP3-LTSS:kernel-trace-3.0.101-0.47.106.50.1.i586", "SUSE Linux Enterprise Server 11 SP3-LTSS:kernel-trace-3.0.101-0.47.106.50.1.s390x", "SUSE Linux Enterprise Server 11 SP3-LTSS:kernel-trace-3.0.101-0.47.106.50.1.x86_64", "SUSE Linux Enterprise Server 11 SP3-LTSS:kernel-trace-base-3.0.101-0.47.106.50.1.i586", "SUSE Linux Enterprise Server 11 SP3-LTSS:kernel-trace-base-3.0.101-0.47.106.50.1.s390x", "SUSE Linux Enterprise Server 11 SP3-LTSS:kernel-trace-base-3.0.101-0.47.106.50.1.x86_64", "SUSE Linux Enterprise Server 11 SP3-LTSS:kernel-trace-devel-3.0.101-0.47.106.50.1.i586", "SUSE Linux Enterprise Server 11 SP3-LTSS:kernel-trace-devel-3.0.101-0.47.106.50.1.s390x", "SUSE Linux Enterprise Server 11 SP3-LTSS:kernel-trace-devel-3.0.101-0.47.106.50.1.x86_64", "SUSE Linux Enterprise Server 11 SP3-LTSS:kernel-xen-3.0.101-0.47.106.50.1.i586", "SUSE Linux Enterprise Server 11 SP3-LTSS:kernel-xen-3.0.101-0.47.106.50.1.x86_64", "SUSE Linux Enterprise Server 11 SP3-LTSS:kernel-xen-base-3.0.101-0.47.106.50.1.i586", "SUSE Linux Enterprise Server 11 SP3-LTSS:kernel-xen-base-3.0.101-0.47.106.50.1.x86_64", "SUSE Linux Enterprise Server 11 SP3-LTSS:kernel-xen-devel-3.0.101-0.47.106.50.1.i586", "SUSE Linux Enterprise Server 11 SP3-LTSS:kernel-xen-devel-3.0.101-0.47.106.50.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 4, baseSeverity: "MEDIUM", vectorString: "CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N", version: "3.0", }, products: [ "SUSE Linux Enterprise Point of Sale 11 SP3:kernel-default-3.0.101-0.47.106.50.1.i586", "SUSE Linux Enterprise Point of Sale 11 SP3:kernel-default-base-3.0.101-0.47.106.50.1.i586", "SUSE Linux Enterprise Point of Sale 11 SP3:kernel-default-devel-3.0.101-0.47.106.50.1.i586", "SUSE Linux Enterprise Point of Sale 11 SP3:kernel-ec2-3.0.101-0.47.106.50.1.i586", "SUSE Linux Enterprise Point of Sale 11 SP3:kernel-ec2-base-3.0.101-0.47.106.50.1.i586", "SUSE Linux Enterprise Point of Sale 11 SP3:kernel-ec2-devel-3.0.101-0.47.106.50.1.i586", "SUSE Linux Enterprise Point of Sale 11 SP3:kernel-pae-3.0.101-0.47.106.50.1.i586", "SUSE Linux Enterprise Point of Sale 11 SP3:kernel-pae-base-3.0.101-0.47.106.50.1.i586", "SUSE Linux Enterprise Point of Sale 11 SP3:kernel-pae-devel-3.0.101-0.47.106.50.1.i586", "SUSE Linux Enterprise Point of Sale 11 SP3:kernel-source-3.0.101-0.47.106.50.1.i586", "SUSE Linux Enterprise Point of Sale 11 SP3:kernel-syms-3.0.101-0.47.106.50.1.i586", "SUSE Linux Enterprise Point of Sale 11 SP3:kernel-trace-3.0.101-0.47.106.50.1.i586", "SUSE Linux Enterprise Point of Sale 11 SP3:kernel-trace-base-3.0.101-0.47.106.50.1.i586", "SUSE Linux Enterprise Point of Sale 11 SP3:kernel-trace-devel-3.0.101-0.47.106.50.1.i586", "SUSE Linux Enterprise Point of Sale 11 SP3:kernel-xen-3.0.101-0.47.106.50.1.i586", "SUSE Linux Enterprise Point of Sale 11 SP3:kernel-xen-base-3.0.101-0.47.106.50.1.i586", "SUSE Linux Enterprise Point of Sale 11 SP3:kernel-xen-devel-3.0.101-0.47.106.50.1.i586", "SUSE Linux Enterprise Server 11 SP3-LTSS:kernel-bigsmp-3.0.101-0.47.106.50.1.x86_64", "SUSE Linux Enterprise Server 11 SP3-LTSS:kernel-bigsmp-base-3.0.101-0.47.106.50.1.x86_64", "SUSE Linux Enterprise Server 11 SP3-LTSS:kernel-bigsmp-devel-3.0.101-0.47.106.50.1.x86_64", "SUSE Linux Enterprise Server 11 SP3-LTSS:kernel-default-3.0.101-0.47.106.50.1.i586", "SUSE Linux Enterprise Server 11 SP3-LTSS:kernel-default-3.0.101-0.47.106.50.1.s390x", "SUSE Linux Enterprise Server 11 SP3-LTSS:kernel-default-3.0.101-0.47.106.50.1.x86_64", "SUSE Linux Enterprise Server 11 SP3-LTSS:kernel-default-base-3.0.101-0.47.106.50.1.i586", "SUSE Linux Enterprise Server 11 SP3-LTSS:kernel-default-base-3.0.101-0.47.106.50.1.s390x", "SUSE Linux Enterprise Server 11 SP3-LTSS:kernel-default-base-3.0.101-0.47.106.50.1.x86_64", "SUSE Linux Enterprise Server 11 SP3-LTSS:kernel-default-devel-3.0.101-0.47.106.50.1.i586", "SUSE Linux Enterprise Server 11 SP3-LTSS:kernel-default-devel-3.0.101-0.47.106.50.1.s390x", "SUSE Linux Enterprise Server 11 SP3-LTSS:kernel-default-devel-3.0.101-0.47.106.50.1.x86_64", "SUSE Linux Enterprise Server 11 SP3-LTSS:kernel-default-man-3.0.101-0.47.106.50.1.s390x", "SUSE Linux Enterprise Server 11 SP3-LTSS:kernel-ec2-3.0.101-0.47.106.50.1.i586", "SUSE Linux Enterprise Server 11 SP3-LTSS:kernel-ec2-3.0.101-0.47.106.50.1.x86_64", "SUSE Linux Enterprise Server 11 SP3-LTSS:kernel-ec2-base-3.0.101-0.47.106.50.1.i586", "SUSE Linux Enterprise Server 11 SP3-LTSS:kernel-ec2-base-3.0.101-0.47.106.50.1.x86_64", "SUSE Linux Enterprise Server 11 SP3-LTSS:kernel-ec2-devel-3.0.101-0.47.106.50.1.i586", "SUSE Linux Enterprise Server 11 SP3-LTSS:kernel-ec2-devel-3.0.101-0.47.106.50.1.x86_64", "SUSE Linux Enterprise Server 11 SP3-LTSS:kernel-pae-3.0.101-0.47.106.50.1.i586", "SUSE Linux Enterprise Server 11 SP3-LTSS:kernel-pae-base-3.0.101-0.47.106.50.1.i586", "SUSE Linux Enterprise Server 11 SP3-LTSS:kernel-pae-devel-3.0.101-0.47.106.50.1.i586", "SUSE Linux Enterprise Server 11 SP3-LTSS:kernel-source-3.0.101-0.47.106.50.1.i586", "SUSE Linux Enterprise Server 11 SP3-LTSS:kernel-source-3.0.101-0.47.106.50.1.s390x", "SUSE Linux Enterprise Server 11 SP3-LTSS:kernel-source-3.0.101-0.47.106.50.1.x86_64", "SUSE Linux Enterprise Server 11 SP3-LTSS:kernel-syms-3.0.101-0.47.106.50.1.i586", "SUSE Linux Enterprise Server 11 SP3-LTSS:kernel-syms-3.0.101-0.47.106.50.1.s390x", "SUSE Linux Enterprise Server 11 SP3-LTSS:kernel-syms-3.0.101-0.47.106.50.1.x86_64", "SUSE Linux Enterprise Server 11 SP3-LTSS:kernel-trace-3.0.101-0.47.106.50.1.i586", "SUSE Linux Enterprise Server 11 SP3-LTSS:kernel-trace-3.0.101-0.47.106.50.1.s390x", "SUSE Linux Enterprise Server 11 SP3-LTSS:kernel-trace-3.0.101-0.47.106.50.1.x86_64", "SUSE Linux Enterprise Server 11 SP3-LTSS:kernel-trace-base-3.0.101-0.47.106.50.1.i586", "SUSE Linux Enterprise Server 11 SP3-LTSS:kernel-trace-base-3.0.101-0.47.106.50.1.s390x", "SUSE Linux Enterprise Server 11 SP3-LTSS:kernel-trace-base-3.0.101-0.47.106.50.1.x86_64", "SUSE Linux Enterprise Server 11 SP3-LTSS:kernel-trace-devel-3.0.101-0.47.106.50.1.i586", "SUSE Linux Enterprise Server 11 SP3-LTSS:kernel-trace-devel-3.0.101-0.47.106.50.1.s390x", "SUSE Linux Enterprise Server 11 SP3-LTSS:kernel-trace-devel-3.0.101-0.47.106.50.1.x86_64", "SUSE Linux Enterprise Server 11 SP3-LTSS:kernel-xen-3.0.101-0.47.106.50.1.i586", "SUSE Linux Enterprise Server 11 SP3-LTSS:kernel-xen-3.0.101-0.47.106.50.1.x86_64", "SUSE Linux Enterprise Server 11 SP3-LTSS:kernel-xen-base-3.0.101-0.47.106.50.1.i586", "SUSE Linux Enterprise Server 11 SP3-LTSS:kernel-xen-base-3.0.101-0.47.106.50.1.x86_64", "SUSE Linux Enterprise Server 11 SP3-LTSS:kernel-xen-devel-3.0.101-0.47.106.50.1.i586", "SUSE Linux Enterprise Server 11 SP3-LTSS:kernel-xen-devel-3.0.101-0.47.106.50.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2018-09-27T14:02:27Z", details: "low", }, ], title: "CVE-2018-16658", }, { cve: "CVE-2018-6554", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2018-6554", }, ], notes: [ { category: "general", text: "Memory leak in the irda_bind function in net/irda/af_irda.c and later in drivers/staging/irda/net/af_irda.c in the Linux kernel before 4.17 allows local users to cause a denial of service (memory consumption) by repeatedly binding an AF_IRDA socket.", title: "CVE description", }, ], product_status: { recommended: [ "SUSE Linux Enterprise Point of Sale 11 SP3:kernel-default-3.0.101-0.47.106.50.1.i586", "SUSE Linux Enterprise Point of Sale 11 SP3:kernel-default-base-3.0.101-0.47.106.50.1.i586", "SUSE Linux Enterprise Point of Sale 11 SP3:kernel-default-devel-3.0.101-0.47.106.50.1.i586", "SUSE Linux Enterprise Point of Sale 11 SP3:kernel-ec2-3.0.101-0.47.106.50.1.i586", "SUSE Linux Enterprise Point of Sale 11 SP3:kernel-ec2-base-3.0.101-0.47.106.50.1.i586", "SUSE Linux Enterprise Point of Sale 11 SP3:kernel-ec2-devel-3.0.101-0.47.106.50.1.i586", "SUSE Linux Enterprise Point of Sale 11 SP3:kernel-pae-3.0.101-0.47.106.50.1.i586", "SUSE Linux Enterprise Point of Sale 11 SP3:kernel-pae-base-3.0.101-0.47.106.50.1.i586", "SUSE Linux Enterprise Point of Sale 11 SP3:kernel-pae-devel-3.0.101-0.47.106.50.1.i586", "SUSE Linux Enterprise Point of Sale 11 SP3:kernel-source-3.0.101-0.47.106.50.1.i586", "SUSE Linux Enterprise Point of Sale 11 SP3:kernel-syms-3.0.101-0.47.106.50.1.i586", "SUSE Linux Enterprise Point of Sale 11 SP3:kernel-trace-3.0.101-0.47.106.50.1.i586", "SUSE Linux Enterprise Point of Sale 11 SP3:kernel-trace-base-3.0.101-0.47.106.50.1.i586", "SUSE Linux Enterprise Point of Sale 11 SP3:kernel-trace-devel-3.0.101-0.47.106.50.1.i586", "SUSE Linux Enterprise Point of Sale 11 SP3:kernel-xen-3.0.101-0.47.106.50.1.i586", "SUSE Linux Enterprise Point of Sale 11 SP3:kernel-xen-base-3.0.101-0.47.106.50.1.i586", "SUSE Linux Enterprise Point of Sale 11 SP3:kernel-xen-devel-3.0.101-0.47.106.50.1.i586", "SUSE Linux Enterprise Server 11 SP3-LTSS:kernel-bigsmp-3.0.101-0.47.106.50.1.x86_64", "SUSE Linux Enterprise Server 11 SP3-LTSS:kernel-bigsmp-base-3.0.101-0.47.106.50.1.x86_64", "SUSE Linux Enterprise Server 11 SP3-LTSS:kernel-bigsmp-devel-3.0.101-0.47.106.50.1.x86_64", "SUSE Linux Enterprise Server 11 SP3-LTSS:kernel-default-3.0.101-0.47.106.50.1.i586", "SUSE Linux Enterprise Server 11 SP3-LTSS:kernel-default-3.0.101-0.47.106.50.1.s390x", "SUSE Linux Enterprise Server 11 SP3-LTSS:kernel-default-3.0.101-0.47.106.50.1.x86_64", "SUSE Linux Enterprise Server 11 SP3-LTSS:kernel-default-base-3.0.101-0.47.106.50.1.i586", "SUSE Linux Enterprise Server 11 SP3-LTSS:kernel-default-base-3.0.101-0.47.106.50.1.s390x", "SUSE Linux Enterprise Server 11 SP3-LTSS:kernel-default-base-3.0.101-0.47.106.50.1.x86_64", "SUSE Linux Enterprise Server 11 SP3-LTSS:kernel-default-devel-3.0.101-0.47.106.50.1.i586", "SUSE Linux Enterprise Server 11 SP3-LTSS:kernel-default-devel-3.0.101-0.47.106.50.1.s390x", "SUSE Linux Enterprise Server 11 SP3-LTSS:kernel-default-devel-3.0.101-0.47.106.50.1.x86_64", "SUSE Linux Enterprise Server 11 SP3-LTSS:kernel-default-man-3.0.101-0.47.106.50.1.s390x", "SUSE Linux Enterprise Server 11 SP3-LTSS:kernel-ec2-3.0.101-0.47.106.50.1.i586", "SUSE Linux Enterprise Server 11 SP3-LTSS:kernel-ec2-3.0.101-0.47.106.50.1.x86_64", "SUSE Linux Enterprise Server 11 SP3-LTSS:kernel-ec2-base-3.0.101-0.47.106.50.1.i586", "SUSE Linux Enterprise Server 11 SP3-LTSS:kernel-ec2-base-3.0.101-0.47.106.50.1.x86_64", "SUSE Linux Enterprise Server 11 SP3-LTSS:kernel-ec2-devel-3.0.101-0.47.106.50.1.i586", "SUSE Linux Enterprise Server 11 SP3-LTSS:kernel-ec2-devel-3.0.101-0.47.106.50.1.x86_64", "SUSE Linux Enterprise Server 11 SP3-LTSS:kernel-pae-3.0.101-0.47.106.50.1.i586", "SUSE Linux Enterprise Server 11 SP3-LTSS:kernel-pae-base-3.0.101-0.47.106.50.1.i586", "SUSE Linux Enterprise Server 11 SP3-LTSS:kernel-pae-devel-3.0.101-0.47.106.50.1.i586", "SUSE Linux Enterprise Server 11 SP3-LTSS:kernel-source-3.0.101-0.47.106.50.1.i586", "SUSE Linux Enterprise Server 11 SP3-LTSS:kernel-source-3.0.101-0.47.106.50.1.s390x", "SUSE Linux Enterprise Server 11 SP3-LTSS:kernel-source-3.0.101-0.47.106.50.1.x86_64", "SUSE Linux Enterprise Server 11 SP3-LTSS:kernel-syms-3.0.101-0.47.106.50.1.i586", "SUSE Linux Enterprise Server 11 SP3-LTSS:kernel-syms-3.0.101-0.47.106.50.1.s390x", "SUSE Linux Enterprise Server 11 SP3-LTSS:kernel-syms-3.0.101-0.47.106.50.1.x86_64", "SUSE Linux Enterprise Server 11 SP3-LTSS:kernel-trace-3.0.101-0.47.106.50.1.i586", "SUSE Linux Enterprise Server 11 SP3-LTSS:kernel-trace-3.0.101-0.47.106.50.1.s390x", "SUSE Linux Enterprise Server 11 SP3-LTSS:kernel-trace-3.0.101-0.47.106.50.1.x86_64", "SUSE Linux Enterprise Server 11 SP3-LTSS:kernel-trace-base-3.0.101-0.47.106.50.1.i586", "SUSE Linux Enterprise Server 11 SP3-LTSS:kernel-trace-base-3.0.101-0.47.106.50.1.s390x", "SUSE Linux Enterprise Server 11 SP3-LTSS:kernel-trace-base-3.0.101-0.47.106.50.1.x86_64", "SUSE Linux Enterprise Server 11 SP3-LTSS:kernel-trace-devel-3.0.101-0.47.106.50.1.i586", "SUSE Linux Enterprise Server 11 SP3-LTSS:kernel-trace-devel-3.0.101-0.47.106.50.1.s390x", "SUSE Linux Enterprise Server 11 SP3-LTSS:kernel-trace-devel-3.0.101-0.47.106.50.1.x86_64", "SUSE Linux Enterprise Server 11 SP3-LTSS:kernel-xen-3.0.101-0.47.106.50.1.i586", "SUSE Linux Enterprise Server 11 SP3-LTSS:kernel-xen-3.0.101-0.47.106.50.1.x86_64", "SUSE Linux Enterprise Server 11 SP3-LTSS:kernel-xen-base-3.0.101-0.47.106.50.1.i586", "SUSE Linux Enterprise Server 11 SP3-LTSS:kernel-xen-base-3.0.101-0.47.106.50.1.x86_64", "SUSE Linux Enterprise Server 11 SP3-LTSS:kernel-xen-devel-3.0.101-0.47.106.50.1.i586", "SUSE Linux Enterprise Server 11 SP3-LTSS:kernel-xen-devel-3.0.101-0.47.106.50.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2018-6554", url: "https://www.suse.com/security/cve/CVE-2018-6554", }, { category: "external", summary: "SUSE Bug 1106509 for CVE-2018-6554", url: "https://bugzilla.suse.com/1106509", }, { category: "external", summary: "SUSE Bug 1106511 for CVE-2018-6554", url: "https://bugzilla.suse.com/1106511", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE Linux Enterprise Point of Sale 11 SP3:kernel-default-3.0.101-0.47.106.50.1.i586", "SUSE Linux Enterprise Point of Sale 11 SP3:kernel-default-base-3.0.101-0.47.106.50.1.i586", "SUSE Linux Enterprise Point of Sale 11 SP3:kernel-default-devel-3.0.101-0.47.106.50.1.i586", "SUSE Linux Enterprise Point of Sale 11 SP3:kernel-ec2-3.0.101-0.47.106.50.1.i586", "SUSE Linux Enterprise Point of Sale 11 SP3:kernel-ec2-base-3.0.101-0.47.106.50.1.i586", "SUSE Linux Enterprise Point of Sale 11 SP3:kernel-ec2-devel-3.0.101-0.47.106.50.1.i586", "SUSE Linux Enterprise Point of Sale 11 SP3:kernel-pae-3.0.101-0.47.106.50.1.i586", "SUSE Linux Enterprise Point of Sale 11 SP3:kernel-pae-base-3.0.101-0.47.106.50.1.i586", "SUSE Linux Enterprise Point of Sale 11 SP3:kernel-pae-devel-3.0.101-0.47.106.50.1.i586", "SUSE Linux Enterprise Point of Sale 11 SP3:kernel-source-3.0.101-0.47.106.50.1.i586", "SUSE Linux Enterprise Point of Sale 11 SP3:kernel-syms-3.0.101-0.47.106.50.1.i586", "SUSE Linux Enterprise Point of Sale 11 SP3:kernel-trace-3.0.101-0.47.106.50.1.i586", "SUSE Linux Enterprise Point of Sale 11 SP3:kernel-trace-base-3.0.101-0.47.106.50.1.i586", "SUSE Linux Enterprise Point of Sale 11 SP3:kernel-trace-devel-3.0.101-0.47.106.50.1.i586", "SUSE Linux Enterprise Point of Sale 11 SP3:kernel-xen-3.0.101-0.47.106.50.1.i586", "SUSE Linux Enterprise Point of Sale 11 SP3:kernel-xen-base-3.0.101-0.47.106.50.1.i586", "SUSE Linux Enterprise Point of Sale 11 SP3:kernel-xen-devel-3.0.101-0.47.106.50.1.i586", "SUSE Linux Enterprise Server 11 SP3-LTSS:kernel-bigsmp-3.0.101-0.47.106.50.1.x86_64", "SUSE Linux Enterprise Server 11 SP3-LTSS:kernel-bigsmp-base-3.0.101-0.47.106.50.1.x86_64", "SUSE Linux Enterprise Server 11 SP3-LTSS:kernel-bigsmp-devel-3.0.101-0.47.106.50.1.x86_64", "SUSE Linux Enterprise Server 11 SP3-LTSS:kernel-default-3.0.101-0.47.106.50.1.i586", "SUSE Linux Enterprise Server 11 SP3-LTSS:kernel-default-3.0.101-0.47.106.50.1.s390x", "SUSE Linux Enterprise Server 11 SP3-LTSS:kernel-default-3.0.101-0.47.106.50.1.x86_64", "SUSE Linux Enterprise Server 11 SP3-LTSS:kernel-default-base-3.0.101-0.47.106.50.1.i586", "SUSE Linux Enterprise Server 11 SP3-LTSS:kernel-default-base-3.0.101-0.47.106.50.1.s390x", "SUSE Linux Enterprise Server 11 SP3-LTSS:kernel-default-base-3.0.101-0.47.106.50.1.x86_64", "SUSE Linux Enterprise Server 11 SP3-LTSS:kernel-default-devel-3.0.101-0.47.106.50.1.i586", "SUSE Linux Enterprise Server 11 SP3-LTSS:kernel-default-devel-3.0.101-0.47.106.50.1.s390x", "SUSE Linux Enterprise Server 11 SP3-LTSS:kernel-default-devel-3.0.101-0.47.106.50.1.x86_64", "SUSE Linux Enterprise Server 11 SP3-LTSS:kernel-default-man-3.0.101-0.47.106.50.1.s390x", "SUSE Linux Enterprise Server 11 SP3-LTSS:kernel-ec2-3.0.101-0.47.106.50.1.i586", "SUSE Linux Enterprise Server 11 SP3-LTSS:kernel-ec2-3.0.101-0.47.106.50.1.x86_64", "SUSE Linux Enterprise Server 11 SP3-LTSS:kernel-ec2-base-3.0.101-0.47.106.50.1.i586", "SUSE Linux Enterprise Server 11 SP3-LTSS:kernel-ec2-base-3.0.101-0.47.106.50.1.x86_64", "SUSE Linux Enterprise Server 11 SP3-LTSS:kernel-ec2-devel-3.0.101-0.47.106.50.1.i586", "SUSE Linux Enterprise Server 11 SP3-LTSS:kernel-ec2-devel-3.0.101-0.47.106.50.1.x86_64", "SUSE Linux Enterprise Server 11 SP3-LTSS:kernel-pae-3.0.101-0.47.106.50.1.i586", "SUSE Linux Enterprise Server 11 SP3-LTSS:kernel-pae-base-3.0.101-0.47.106.50.1.i586", "SUSE Linux Enterprise Server 11 SP3-LTSS:kernel-pae-devel-3.0.101-0.47.106.50.1.i586", "SUSE Linux Enterprise Server 11 SP3-LTSS:kernel-source-3.0.101-0.47.106.50.1.i586", "SUSE Linux Enterprise Server 11 SP3-LTSS:kernel-source-3.0.101-0.47.106.50.1.s390x", "SUSE Linux Enterprise Server 11 SP3-LTSS:kernel-source-3.0.101-0.47.106.50.1.x86_64", "SUSE Linux Enterprise Server 11 SP3-LTSS:kernel-syms-3.0.101-0.47.106.50.1.i586", "SUSE Linux Enterprise Server 11 SP3-LTSS:kernel-syms-3.0.101-0.47.106.50.1.s390x", "SUSE Linux Enterprise Server 11 SP3-LTSS:kernel-syms-3.0.101-0.47.106.50.1.x86_64", "SUSE Linux Enterprise Server 11 SP3-LTSS:kernel-trace-3.0.101-0.47.106.50.1.i586", "SUSE Linux Enterprise Server 11 SP3-LTSS:kernel-trace-3.0.101-0.47.106.50.1.s390x", "SUSE Linux Enterprise Server 11 SP3-LTSS:kernel-trace-3.0.101-0.47.106.50.1.x86_64", "SUSE Linux Enterprise Server 11 SP3-LTSS:kernel-trace-base-3.0.101-0.47.106.50.1.i586", "SUSE Linux Enterprise Server 11 SP3-LTSS:kernel-trace-base-3.0.101-0.47.106.50.1.s390x", "SUSE Linux Enterprise Server 11 SP3-LTSS:kernel-trace-base-3.0.101-0.47.106.50.1.x86_64", "SUSE Linux Enterprise Server 11 SP3-LTSS:kernel-trace-devel-3.0.101-0.47.106.50.1.i586", "SUSE Linux Enterprise Server 11 SP3-LTSS:kernel-trace-devel-3.0.101-0.47.106.50.1.s390x", "SUSE Linux Enterprise Server 11 SP3-LTSS:kernel-trace-devel-3.0.101-0.47.106.50.1.x86_64", "SUSE Linux Enterprise Server 11 SP3-LTSS:kernel-xen-3.0.101-0.47.106.50.1.i586", "SUSE Linux Enterprise Server 11 SP3-LTSS:kernel-xen-3.0.101-0.47.106.50.1.x86_64", "SUSE Linux Enterprise Server 11 SP3-LTSS:kernel-xen-base-3.0.101-0.47.106.50.1.i586", "SUSE Linux Enterprise Server 11 SP3-LTSS:kernel-xen-base-3.0.101-0.47.106.50.1.x86_64", "SUSE Linux Enterprise Server 11 SP3-LTSS:kernel-xen-devel-3.0.101-0.47.106.50.1.i586", "SUSE Linux Enterprise Server 11 SP3-LTSS:kernel-xen-devel-3.0.101-0.47.106.50.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 3.3, baseSeverity: "LOW", vectorString: "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L", version: "3.0", }, products: [ "SUSE Linux Enterprise Point of Sale 11 SP3:kernel-default-3.0.101-0.47.106.50.1.i586", "SUSE Linux Enterprise Point of Sale 11 SP3:kernel-default-base-3.0.101-0.47.106.50.1.i586", "SUSE Linux Enterprise Point of Sale 11 SP3:kernel-default-devel-3.0.101-0.47.106.50.1.i586", "SUSE Linux Enterprise Point of Sale 11 SP3:kernel-ec2-3.0.101-0.47.106.50.1.i586", "SUSE Linux Enterprise Point of Sale 11 SP3:kernel-ec2-base-3.0.101-0.47.106.50.1.i586", "SUSE Linux Enterprise Point of Sale 11 SP3:kernel-ec2-devel-3.0.101-0.47.106.50.1.i586", "SUSE Linux Enterprise Point of Sale 11 SP3:kernel-pae-3.0.101-0.47.106.50.1.i586", "SUSE Linux Enterprise Point of Sale 11 SP3:kernel-pae-base-3.0.101-0.47.106.50.1.i586", "SUSE Linux Enterprise Point of Sale 11 SP3:kernel-pae-devel-3.0.101-0.47.106.50.1.i586", "SUSE Linux Enterprise Point of Sale 11 SP3:kernel-source-3.0.101-0.47.106.50.1.i586", "SUSE Linux Enterprise Point of Sale 11 SP3:kernel-syms-3.0.101-0.47.106.50.1.i586", "SUSE Linux Enterprise Point of Sale 11 SP3:kernel-trace-3.0.101-0.47.106.50.1.i586", "SUSE Linux Enterprise Point of Sale 11 SP3:kernel-trace-base-3.0.101-0.47.106.50.1.i586", "SUSE Linux Enterprise Point of Sale 11 SP3:kernel-trace-devel-3.0.101-0.47.106.50.1.i586", "SUSE Linux Enterprise Point of Sale 11 SP3:kernel-xen-3.0.101-0.47.106.50.1.i586", "SUSE Linux Enterprise Point of Sale 11 SP3:kernel-xen-base-3.0.101-0.47.106.50.1.i586", "SUSE Linux Enterprise Point of Sale 11 SP3:kernel-xen-devel-3.0.101-0.47.106.50.1.i586", "SUSE Linux Enterprise Server 11 SP3-LTSS:kernel-bigsmp-3.0.101-0.47.106.50.1.x86_64", "SUSE Linux Enterprise Server 11 SP3-LTSS:kernel-bigsmp-base-3.0.101-0.47.106.50.1.x86_64", "SUSE Linux Enterprise Server 11 SP3-LTSS:kernel-bigsmp-devel-3.0.101-0.47.106.50.1.x86_64", "SUSE Linux Enterprise Server 11 SP3-LTSS:kernel-default-3.0.101-0.47.106.50.1.i586", "SUSE Linux Enterprise Server 11 SP3-LTSS:kernel-default-3.0.101-0.47.106.50.1.s390x", "SUSE Linux Enterprise Server 11 SP3-LTSS:kernel-default-3.0.101-0.47.106.50.1.x86_64", "SUSE Linux Enterprise Server 11 SP3-LTSS:kernel-default-base-3.0.101-0.47.106.50.1.i586", "SUSE Linux Enterprise Server 11 SP3-LTSS:kernel-default-base-3.0.101-0.47.106.50.1.s390x", "SUSE Linux Enterprise Server 11 SP3-LTSS:kernel-default-base-3.0.101-0.47.106.50.1.x86_64", "SUSE Linux Enterprise Server 11 SP3-LTSS:kernel-default-devel-3.0.101-0.47.106.50.1.i586", "SUSE Linux Enterprise Server 11 SP3-LTSS:kernel-default-devel-3.0.101-0.47.106.50.1.s390x", "SUSE Linux Enterprise Server 11 SP3-LTSS:kernel-default-devel-3.0.101-0.47.106.50.1.x86_64", "SUSE Linux Enterprise Server 11 SP3-LTSS:kernel-default-man-3.0.101-0.47.106.50.1.s390x", "SUSE Linux Enterprise Server 11 SP3-LTSS:kernel-ec2-3.0.101-0.47.106.50.1.i586", "SUSE Linux Enterprise Server 11 SP3-LTSS:kernel-ec2-3.0.101-0.47.106.50.1.x86_64", "SUSE Linux Enterprise Server 11 SP3-LTSS:kernel-ec2-base-3.0.101-0.47.106.50.1.i586", "SUSE Linux Enterprise Server 11 SP3-LTSS:kernel-ec2-base-3.0.101-0.47.106.50.1.x86_64", "SUSE Linux Enterprise Server 11 SP3-LTSS:kernel-ec2-devel-3.0.101-0.47.106.50.1.i586", "SUSE Linux Enterprise Server 11 SP3-LTSS:kernel-ec2-devel-3.0.101-0.47.106.50.1.x86_64", "SUSE Linux Enterprise Server 11 SP3-LTSS:kernel-pae-3.0.101-0.47.106.50.1.i586", "SUSE Linux Enterprise Server 11 SP3-LTSS:kernel-pae-base-3.0.101-0.47.106.50.1.i586", "SUSE Linux Enterprise Server 11 SP3-LTSS:kernel-pae-devel-3.0.101-0.47.106.50.1.i586", "SUSE Linux Enterprise Server 11 SP3-LTSS:kernel-source-3.0.101-0.47.106.50.1.i586", "SUSE Linux Enterprise Server 11 SP3-LTSS:kernel-source-3.0.101-0.47.106.50.1.s390x", "SUSE Linux Enterprise Server 11 SP3-LTSS:kernel-source-3.0.101-0.47.106.50.1.x86_64", "SUSE Linux Enterprise Server 11 SP3-LTSS:kernel-syms-3.0.101-0.47.106.50.1.i586", "SUSE Linux Enterprise Server 11 SP3-LTSS:kernel-syms-3.0.101-0.47.106.50.1.s390x", "SUSE Linux Enterprise Server 11 SP3-LTSS:kernel-syms-3.0.101-0.47.106.50.1.x86_64", "SUSE Linux Enterprise Server 11 SP3-LTSS:kernel-trace-3.0.101-0.47.106.50.1.i586", "SUSE Linux Enterprise Server 11 SP3-LTSS:kernel-trace-3.0.101-0.47.106.50.1.s390x", "SUSE Linux Enterprise Server 11 SP3-LTSS:kernel-trace-3.0.101-0.47.106.50.1.x86_64", "SUSE Linux Enterprise Server 11 SP3-LTSS:kernel-trace-base-3.0.101-0.47.106.50.1.i586", "SUSE Linux Enterprise Server 11 SP3-LTSS:kernel-trace-base-3.0.101-0.47.106.50.1.s390x", "SUSE Linux Enterprise Server 11 SP3-LTSS:kernel-trace-base-3.0.101-0.47.106.50.1.x86_64", "SUSE Linux Enterprise Server 11 SP3-LTSS:kernel-trace-devel-3.0.101-0.47.106.50.1.i586", "SUSE Linux Enterprise Server 11 SP3-LTSS:kernel-trace-devel-3.0.101-0.47.106.50.1.s390x", "SUSE Linux Enterprise Server 11 SP3-LTSS:kernel-trace-devel-3.0.101-0.47.106.50.1.x86_64", "SUSE Linux Enterprise Server 11 SP3-LTSS:kernel-xen-3.0.101-0.47.106.50.1.i586", "SUSE Linux Enterprise Server 11 SP3-LTSS:kernel-xen-3.0.101-0.47.106.50.1.x86_64", "SUSE Linux Enterprise Server 11 SP3-LTSS:kernel-xen-base-3.0.101-0.47.106.50.1.i586", "SUSE Linux Enterprise Server 11 SP3-LTSS:kernel-xen-base-3.0.101-0.47.106.50.1.x86_64", "SUSE Linux Enterprise Server 11 SP3-LTSS:kernel-xen-devel-3.0.101-0.47.106.50.1.i586", "SUSE Linux Enterprise Server 11 SP3-LTSS:kernel-xen-devel-3.0.101-0.47.106.50.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2018-09-27T14:02:27Z", details: "low", }, ], title: "CVE-2018-6554", }, { cve: "CVE-2018-6555", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2018-6555", }, ], notes: [ { category: "general", text: "The irda_setsockopt function in net/irda/af_irda.c and later in drivers/staging/irda/net/af_irda.c in the Linux kernel before 4.17 allows local users to cause a denial of service (ias_object use-after-free and system crash) or possibly have unspecified other impact via an AF_IRDA socket.", title: "CVE description", }, ], product_status: { recommended: [ "SUSE Linux Enterprise Point of Sale 11 SP3:kernel-default-3.0.101-0.47.106.50.1.i586", "SUSE Linux Enterprise Point of Sale 11 SP3:kernel-default-base-3.0.101-0.47.106.50.1.i586", "SUSE Linux Enterprise Point of Sale 11 SP3:kernel-default-devel-3.0.101-0.47.106.50.1.i586", "SUSE Linux Enterprise Point of Sale 11 SP3:kernel-ec2-3.0.101-0.47.106.50.1.i586", "SUSE Linux Enterprise Point of Sale 11 SP3:kernel-ec2-base-3.0.101-0.47.106.50.1.i586", "SUSE Linux Enterprise Point of Sale 11 SP3:kernel-ec2-devel-3.0.101-0.47.106.50.1.i586", "SUSE Linux Enterprise Point of Sale 11 SP3:kernel-pae-3.0.101-0.47.106.50.1.i586", "SUSE Linux Enterprise Point of Sale 11 SP3:kernel-pae-base-3.0.101-0.47.106.50.1.i586", "SUSE Linux Enterprise Point of Sale 11 SP3:kernel-pae-devel-3.0.101-0.47.106.50.1.i586", "SUSE Linux Enterprise Point of Sale 11 SP3:kernel-source-3.0.101-0.47.106.50.1.i586", "SUSE Linux Enterprise Point of Sale 11 SP3:kernel-syms-3.0.101-0.47.106.50.1.i586", "SUSE Linux Enterprise Point of Sale 11 SP3:kernel-trace-3.0.101-0.47.106.50.1.i586", "SUSE Linux Enterprise Point of Sale 11 SP3:kernel-trace-base-3.0.101-0.47.106.50.1.i586", "SUSE Linux Enterprise Point of Sale 11 SP3:kernel-trace-devel-3.0.101-0.47.106.50.1.i586", "SUSE Linux Enterprise Point of Sale 11 SP3:kernel-xen-3.0.101-0.47.106.50.1.i586", "SUSE Linux Enterprise Point of Sale 11 SP3:kernel-xen-base-3.0.101-0.47.106.50.1.i586", "SUSE Linux Enterprise Point of Sale 11 SP3:kernel-xen-devel-3.0.101-0.47.106.50.1.i586", "SUSE Linux Enterprise Server 11 SP3-LTSS:kernel-bigsmp-3.0.101-0.47.106.50.1.x86_64", "SUSE Linux Enterprise Server 11 SP3-LTSS:kernel-bigsmp-base-3.0.101-0.47.106.50.1.x86_64", "SUSE Linux Enterprise Server 11 SP3-LTSS:kernel-bigsmp-devel-3.0.101-0.47.106.50.1.x86_64", "SUSE Linux Enterprise Server 11 SP3-LTSS:kernel-default-3.0.101-0.47.106.50.1.i586", "SUSE Linux Enterprise Server 11 SP3-LTSS:kernel-default-3.0.101-0.47.106.50.1.s390x", "SUSE Linux Enterprise Server 11 SP3-LTSS:kernel-default-3.0.101-0.47.106.50.1.x86_64", "SUSE Linux Enterprise Server 11 SP3-LTSS:kernel-default-base-3.0.101-0.47.106.50.1.i586", "SUSE Linux Enterprise Server 11 SP3-LTSS:kernel-default-base-3.0.101-0.47.106.50.1.s390x", "SUSE Linux Enterprise Server 11 SP3-LTSS:kernel-default-base-3.0.101-0.47.106.50.1.x86_64", "SUSE Linux Enterprise Server 11 SP3-LTSS:kernel-default-devel-3.0.101-0.47.106.50.1.i586", "SUSE Linux Enterprise Server 11 SP3-LTSS:kernel-default-devel-3.0.101-0.47.106.50.1.s390x", "SUSE Linux Enterprise Server 11 SP3-LTSS:kernel-default-devel-3.0.101-0.47.106.50.1.x86_64", "SUSE Linux Enterprise Server 11 SP3-LTSS:kernel-default-man-3.0.101-0.47.106.50.1.s390x", "SUSE Linux Enterprise Server 11 SP3-LTSS:kernel-ec2-3.0.101-0.47.106.50.1.i586", "SUSE Linux Enterprise Server 11 SP3-LTSS:kernel-ec2-3.0.101-0.47.106.50.1.x86_64", "SUSE Linux Enterprise Server 11 SP3-LTSS:kernel-ec2-base-3.0.101-0.47.106.50.1.i586", "SUSE Linux Enterprise Server 11 SP3-LTSS:kernel-ec2-base-3.0.101-0.47.106.50.1.x86_64", "SUSE Linux Enterprise Server 11 SP3-LTSS:kernel-ec2-devel-3.0.101-0.47.106.50.1.i586", "SUSE Linux Enterprise Server 11 SP3-LTSS:kernel-ec2-devel-3.0.101-0.47.106.50.1.x86_64", "SUSE Linux Enterprise Server 11 SP3-LTSS:kernel-pae-3.0.101-0.47.106.50.1.i586", "SUSE Linux Enterprise Server 11 SP3-LTSS:kernel-pae-base-3.0.101-0.47.106.50.1.i586", "SUSE Linux Enterprise Server 11 SP3-LTSS:kernel-pae-devel-3.0.101-0.47.106.50.1.i586", "SUSE Linux Enterprise Server 11 SP3-LTSS:kernel-source-3.0.101-0.47.106.50.1.i586", "SUSE Linux Enterprise Server 11 SP3-LTSS:kernel-source-3.0.101-0.47.106.50.1.s390x", "SUSE Linux Enterprise Server 11 SP3-LTSS:kernel-source-3.0.101-0.47.106.50.1.x86_64", "SUSE Linux Enterprise Server 11 SP3-LTSS:kernel-syms-3.0.101-0.47.106.50.1.i586", "SUSE Linux Enterprise Server 11 SP3-LTSS:kernel-syms-3.0.101-0.47.106.50.1.s390x", "SUSE Linux Enterprise Server 11 SP3-LTSS:kernel-syms-3.0.101-0.47.106.50.1.x86_64", "SUSE Linux Enterprise Server 11 SP3-LTSS:kernel-trace-3.0.101-0.47.106.50.1.i586", "SUSE Linux Enterprise Server 11 SP3-LTSS:kernel-trace-3.0.101-0.47.106.50.1.s390x", "SUSE Linux Enterprise Server 11 SP3-LTSS:kernel-trace-3.0.101-0.47.106.50.1.x86_64", "SUSE Linux Enterprise Server 11 SP3-LTSS:kernel-trace-base-3.0.101-0.47.106.50.1.i586", "SUSE Linux Enterprise Server 11 SP3-LTSS:kernel-trace-base-3.0.101-0.47.106.50.1.s390x", "SUSE Linux Enterprise Server 11 SP3-LTSS:kernel-trace-base-3.0.101-0.47.106.50.1.x86_64", "SUSE Linux Enterprise Server 11 SP3-LTSS:kernel-trace-devel-3.0.101-0.47.106.50.1.i586", "SUSE Linux Enterprise Server 11 SP3-LTSS:kernel-trace-devel-3.0.101-0.47.106.50.1.s390x", "SUSE Linux Enterprise Server 11 SP3-LTSS:kernel-trace-devel-3.0.101-0.47.106.50.1.x86_64", "SUSE Linux Enterprise Server 11 SP3-LTSS:kernel-xen-3.0.101-0.47.106.50.1.i586", "SUSE Linux Enterprise Server 11 SP3-LTSS:kernel-xen-3.0.101-0.47.106.50.1.x86_64", "SUSE Linux Enterprise Server 11 SP3-LTSS:kernel-xen-base-3.0.101-0.47.106.50.1.i586", "SUSE Linux Enterprise Server 11 SP3-LTSS:kernel-xen-base-3.0.101-0.47.106.50.1.x86_64", "SUSE Linux Enterprise Server 11 SP3-LTSS:kernel-xen-devel-3.0.101-0.47.106.50.1.i586", "SUSE Linux Enterprise Server 11 SP3-LTSS:kernel-xen-devel-3.0.101-0.47.106.50.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2018-6555", url: "https://www.suse.com/security/cve/CVE-2018-6555", }, { category: "external", summary: "SUSE Bug 1106509 for CVE-2018-6555", url: "https://bugzilla.suse.com/1106509", }, { category: "external", summary: "SUSE Bug 1106511 for CVE-2018-6555", url: "https://bugzilla.suse.com/1106511", }, { category: "external", summary: "SUSE Bug 1115893 for CVE-2018-6555", url: "https://bugzilla.suse.com/1115893", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE Linux Enterprise Point of Sale 11 SP3:kernel-default-3.0.101-0.47.106.50.1.i586", "SUSE Linux Enterprise Point of Sale 11 SP3:kernel-default-base-3.0.101-0.47.106.50.1.i586", "SUSE Linux Enterprise Point of Sale 11 SP3:kernel-default-devel-3.0.101-0.47.106.50.1.i586", "SUSE Linux Enterprise Point of Sale 11 SP3:kernel-ec2-3.0.101-0.47.106.50.1.i586", "SUSE Linux Enterprise Point of Sale 11 SP3:kernel-ec2-base-3.0.101-0.47.106.50.1.i586", "SUSE Linux Enterprise Point of Sale 11 SP3:kernel-ec2-devel-3.0.101-0.47.106.50.1.i586", "SUSE Linux Enterprise Point of Sale 11 SP3:kernel-pae-3.0.101-0.47.106.50.1.i586", "SUSE Linux Enterprise Point of Sale 11 SP3:kernel-pae-base-3.0.101-0.47.106.50.1.i586", "SUSE Linux Enterprise Point of Sale 11 SP3:kernel-pae-devel-3.0.101-0.47.106.50.1.i586", "SUSE Linux Enterprise Point of Sale 11 SP3:kernel-source-3.0.101-0.47.106.50.1.i586", "SUSE Linux Enterprise Point of Sale 11 SP3:kernel-syms-3.0.101-0.47.106.50.1.i586", "SUSE Linux Enterprise Point of Sale 11 SP3:kernel-trace-3.0.101-0.47.106.50.1.i586", "SUSE Linux Enterprise Point of Sale 11 SP3:kernel-trace-base-3.0.101-0.47.106.50.1.i586", "SUSE Linux Enterprise Point of Sale 11 SP3:kernel-trace-devel-3.0.101-0.47.106.50.1.i586", "SUSE Linux Enterprise Point of Sale 11 SP3:kernel-xen-3.0.101-0.47.106.50.1.i586", "SUSE Linux Enterprise Point of Sale 11 SP3:kernel-xen-base-3.0.101-0.47.106.50.1.i586", "SUSE Linux Enterprise Point of Sale 11 SP3:kernel-xen-devel-3.0.101-0.47.106.50.1.i586", "SUSE Linux Enterprise Server 11 SP3-LTSS:kernel-bigsmp-3.0.101-0.47.106.50.1.x86_64", "SUSE Linux Enterprise Server 11 SP3-LTSS:kernel-bigsmp-base-3.0.101-0.47.106.50.1.x86_64", "SUSE Linux Enterprise Server 11 SP3-LTSS:kernel-bigsmp-devel-3.0.101-0.47.106.50.1.x86_64", "SUSE Linux Enterprise Server 11 SP3-LTSS:kernel-default-3.0.101-0.47.106.50.1.i586", "SUSE Linux Enterprise Server 11 SP3-LTSS:kernel-default-3.0.101-0.47.106.50.1.s390x", "SUSE Linux Enterprise Server 11 SP3-LTSS:kernel-default-3.0.101-0.47.106.50.1.x86_64", "SUSE Linux Enterprise Server 11 SP3-LTSS:kernel-default-base-3.0.101-0.47.106.50.1.i586", "SUSE Linux Enterprise Server 11 SP3-LTSS:kernel-default-base-3.0.101-0.47.106.50.1.s390x", "SUSE Linux Enterprise Server 11 SP3-LTSS:kernel-default-base-3.0.101-0.47.106.50.1.x86_64", "SUSE Linux Enterprise Server 11 SP3-LTSS:kernel-default-devel-3.0.101-0.47.106.50.1.i586", "SUSE Linux Enterprise Server 11 SP3-LTSS:kernel-default-devel-3.0.101-0.47.106.50.1.s390x", "SUSE Linux Enterprise Server 11 SP3-LTSS:kernel-default-devel-3.0.101-0.47.106.50.1.x86_64", "SUSE Linux Enterprise Server 11 SP3-LTSS:kernel-default-man-3.0.101-0.47.106.50.1.s390x", "SUSE Linux Enterprise Server 11 SP3-LTSS:kernel-ec2-3.0.101-0.47.106.50.1.i586", "SUSE Linux Enterprise Server 11 SP3-LTSS:kernel-ec2-3.0.101-0.47.106.50.1.x86_64", "SUSE Linux Enterprise Server 11 SP3-LTSS:kernel-ec2-base-3.0.101-0.47.106.50.1.i586", "SUSE Linux Enterprise Server 11 SP3-LTSS:kernel-ec2-base-3.0.101-0.47.106.50.1.x86_64", "SUSE Linux Enterprise Server 11 SP3-LTSS:kernel-ec2-devel-3.0.101-0.47.106.50.1.i586", "SUSE Linux Enterprise Server 11 SP3-LTSS:kernel-ec2-devel-3.0.101-0.47.106.50.1.x86_64", "SUSE Linux Enterprise Server 11 SP3-LTSS:kernel-pae-3.0.101-0.47.106.50.1.i586", "SUSE Linux Enterprise Server 11 SP3-LTSS:kernel-pae-base-3.0.101-0.47.106.50.1.i586", "SUSE Linux Enterprise Server 11 SP3-LTSS:kernel-pae-devel-3.0.101-0.47.106.50.1.i586", "SUSE Linux Enterprise Server 11 SP3-LTSS:kernel-source-3.0.101-0.47.106.50.1.i586", "SUSE Linux Enterprise Server 11 SP3-LTSS:kernel-source-3.0.101-0.47.106.50.1.s390x", "SUSE Linux Enterprise Server 11 SP3-LTSS:kernel-source-3.0.101-0.47.106.50.1.x86_64", "SUSE Linux Enterprise Server 11 SP3-LTSS:kernel-syms-3.0.101-0.47.106.50.1.i586", "SUSE Linux Enterprise Server 11 SP3-LTSS:kernel-syms-3.0.101-0.47.106.50.1.s390x", "SUSE Linux Enterprise Server 11 SP3-LTSS:kernel-syms-3.0.101-0.47.106.50.1.x86_64", "SUSE Linux Enterprise Server 11 SP3-LTSS:kernel-trace-3.0.101-0.47.106.50.1.i586", "SUSE Linux Enterprise Server 11 SP3-LTSS:kernel-trace-3.0.101-0.47.106.50.1.s390x", "SUSE Linux Enterprise Server 11 SP3-LTSS:kernel-trace-3.0.101-0.47.106.50.1.x86_64", "SUSE Linux Enterprise Server 11 SP3-LTSS:kernel-trace-base-3.0.101-0.47.106.50.1.i586", "SUSE Linux Enterprise Server 11 SP3-LTSS:kernel-trace-base-3.0.101-0.47.106.50.1.s390x", "SUSE Linux Enterprise Server 11 SP3-LTSS:kernel-trace-base-3.0.101-0.47.106.50.1.x86_64", "SUSE Linux Enterprise Server 11 SP3-LTSS:kernel-trace-devel-3.0.101-0.47.106.50.1.i586", "SUSE Linux Enterprise Server 11 SP3-LTSS:kernel-trace-devel-3.0.101-0.47.106.50.1.s390x", "SUSE Linux Enterprise Server 11 SP3-LTSS:kernel-trace-devel-3.0.101-0.47.106.50.1.x86_64", "SUSE Linux Enterprise Server 11 SP3-LTSS:kernel-xen-3.0.101-0.47.106.50.1.i586", "SUSE Linux Enterprise Server 11 SP3-LTSS:kernel-xen-3.0.101-0.47.106.50.1.x86_64", "SUSE Linux Enterprise Server 11 SP3-LTSS:kernel-xen-base-3.0.101-0.47.106.50.1.i586", "SUSE Linux Enterprise Server 11 SP3-LTSS:kernel-xen-base-3.0.101-0.47.106.50.1.x86_64", "SUSE Linux Enterprise Server 11 SP3-LTSS:kernel-xen-devel-3.0.101-0.47.106.50.1.i586", "SUSE Linux Enterprise Server 11 SP3-LTSS:kernel-xen-devel-3.0.101-0.47.106.50.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 4.4, baseSeverity: "MEDIUM", vectorString: "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:L", version: "3.0", }, products: [ "SUSE Linux Enterprise Point of Sale 11 SP3:kernel-default-3.0.101-0.47.106.50.1.i586", "SUSE Linux Enterprise Point of Sale 11 SP3:kernel-default-base-3.0.101-0.47.106.50.1.i586", "SUSE Linux Enterprise Point of Sale 11 SP3:kernel-default-devel-3.0.101-0.47.106.50.1.i586", "SUSE Linux Enterprise Point of Sale 11 SP3:kernel-ec2-3.0.101-0.47.106.50.1.i586", "SUSE Linux Enterprise Point of Sale 11 SP3:kernel-ec2-base-3.0.101-0.47.106.50.1.i586", "SUSE Linux Enterprise Point of Sale 11 SP3:kernel-ec2-devel-3.0.101-0.47.106.50.1.i586", "SUSE Linux Enterprise Point of Sale 11 SP3:kernel-pae-3.0.101-0.47.106.50.1.i586", "SUSE Linux Enterprise Point of Sale 11 SP3:kernel-pae-base-3.0.101-0.47.106.50.1.i586", "SUSE Linux Enterprise Point of Sale 11 SP3:kernel-pae-devel-3.0.101-0.47.106.50.1.i586", "SUSE Linux Enterprise Point of Sale 11 SP3:kernel-source-3.0.101-0.47.106.50.1.i586", "SUSE Linux Enterprise Point of Sale 11 SP3:kernel-syms-3.0.101-0.47.106.50.1.i586", "SUSE Linux Enterprise Point of Sale 11 SP3:kernel-trace-3.0.101-0.47.106.50.1.i586", "SUSE Linux Enterprise Point of Sale 11 SP3:kernel-trace-base-3.0.101-0.47.106.50.1.i586", "SUSE Linux Enterprise Point of Sale 11 SP3:kernel-trace-devel-3.0.101-0.47.106.50.1.i586", "SUSE Linux Enterprise Point of Sale 11 SP3:kernel-xen-3.0.101-0.47.106.50.1.i586", "SUSE Linux Enterprise Point of Sale 11 SP3:kernel-xen-base-3.0.101-0.47.106.50.1.i586", "SUSE Linux Enterprise Point of Sale 11 SP3:kernel-xen-devel-3.0.101-0.47.106.50.1.i586", "SUSE Linux Enterprise Server 11 SP3-LTSS:kernel-bigsmp-3.0.101-0.47.106.50.1.x86_64", "SUSE Linux Enterprise Server 11 SP3-LTSS:kernel-bigsmp-base-3.0.101-0.47.106.50.1.x86_64", "SUSE Linux Enterprise Server 11 SP3-LTSS:kernel-bigsmp-devel-3.0.101-0.47.106.50.1.x86_64", "SUSE Linux Enterprise Server 11 SP3-LTSS:kernel-default-3.0.101-0.47.106.50.1.i586", "SUSE Linux Enterprise Server 11 SP3-LTSS:kernel-default-3.0.101-0.47.106.50.1.s390x", "SUSE Linux Enterprise Server 11 SP3-LTSS:kernel-default-3.0.101-0.47.106.50.1.x86_64", "SUSE Linux Enterprise Server 11 SP3-LTSS:kernel-default-base-3.0.101-0.47.106.50.1.i586", "SUSE Linux Enterprise Server 11 SP3-LTSS:kernel-default-base-3.0.101-0.47.106.50.1.s390x", "SUSE Linux Enterprise Server 11 SP3-LTSS:kernel-default-base-3.0.101-0.47.106.50.1.x86_64", "SUSE Linux Enterprise Server 11 SP3-LTSS:kernel-default-devel-3.0.101-0.47.106.50.1.i586", "SUSE Linux Enterprise Server 11 SP3-LTSS:kernel-default-devel-3.0.101-0.47.106.50.1.s390x", "SUSE Linux Enterprise Server 11 SP3-LTSS:kernel-default-devel-3.0.101-0.47.106.50.1.x86_64", "SUSE Linux Enterprise Server 11 SP3-LTSS:kernel-default-man-3.0.101-0.47.106.50.1.s390x", "SUSE Linux Enterprise Server 11 SP3-LTSS:kernel-ec2-3.0.101-0.47.106.50.1.i586", "SUSE Linux Enterprise Server 11 SP3-LTSS:kernel-ec2-3.0.101-0.47.106.50.1.x86_64", "SUSE Linux Enterprise Server 11 SP3-LTSS:kernel-ec2-base-3.0.101-0.47.106.50.1.i586", "SUSE Linux Enterprise Server 11 SP3-LTSS:kernel-ec2-base-3.0.101-0.47.106.50.1.x86_64", "SUSE Linux Enterprise Server 11 SP3-LTSS:kernel-ec2-devel-3.0.101-0.47.106.50.1.i586", "SUSE Linux Enterprise Server 11 SP3-LTSS:kernel-ec2-devel-3.0.101-0.47.106.50.1.x86_64", "SUSE Linux Enterprise Server 11 SP3-LTSS:kernel-pae-3.0.101-0.47.106.50.1.i586", "SUSE Linux Enterprise Server 11 SP3-LTSS:kernel-pae-base-3.0.101-0.47.106.50.1.i586", "SUSE Linux Enterprise Server 11 SP3-LTSS:kernel-pae-devel-3.0.101-0.47.106.50.1.i586", "SUSE Linux Enterprise Server 11 SP3-LTSS:kernel-source-3.0.101-0.47.106.50.1.i586", "SUSE Linux Enterprise Server 11 SP3-LTSS:kernel-source-3.0.101-0.47.106.50.1.s390x", "SUSE Linux Enterprise Server 11 SP3-LTSS:kernel-source-3.0.101-0.47.106.50.1.x86_64", "SUSE Linux Enterprise Server 11 SP3-LTSS:kernel-syms-3.0.101-0.47.106.50.1.i586", "SUSE Linux Enterprise Server 11 SP3-LTSS:kernel-syms-3.0.101-0.47.106.50.1.s390x", "SUSE Linux Enterprise Server 11 SP3-LTSS:kernel-syms-3.0.101-0.47.106.50.1.x86_64", "SUSE Linux Enterprise Server 11 SP3-LTSS:kernel-trace-3.0.101-0.47.106.50.1.i586", "SUSE Linux Enterprise Server 11 SP3-LTSS:kernel-trace-3.0.101-0.47.106.50.1.s390x", "SUSE Linux Enterprise Server 11 SP3-LTSS:kernel-trace-3.0.101-0.47.106.50.1.x86_64", "SUSE Linux Enterprise Server 11 SP3-LTSS:kernel-trace-base-3.0.101-0.47.106.50.1.i586", "SUSE Linux Enterprise Server 11 SP3-LTSS:kernel-trace-base-3.0.101-0.47.106.50.1.s390x", "SUSE Linux Enterprise Server 11 SP3-LTSS:kernel-trace-base-3.0.101-0.47.106.50.1.x86_64", "SUSE Linux Enterprise Server 11 SP3-LTSS:kernel-trace-devel-3.0.101-0.47.106.50.1.i586", "SUSE Linux Enterprise Server 11 SP3-LTSS:kernel-trace-devel-3.0.101-0.47.106.50.1.s390x", "SUSE Linux Enterprise Server 11 SP3-LTSS:kernel-trace-devel-3.0.101-0.47.106.50.1.x86_64", "SUSE Linux Enterprise Server 11 SP3-LTSS:kernel-xen-3.0.101-0.47.106.50.1.i586", "SUSE Linux Enterprise Server 11 SP3-LTSS:kernel-xen-3.0.101-0.47.106.50.1.x86_64", "SUSE Linux Enterprise Server 11 SP3-LTSS:kernel-xen-base-3.0.101-0.47.106.50.1.i586", "SUSE Linux Enterprise Server 11 SP3-LTSS:kernel-xen-base-3.0.101-0.47.106.50.1.x86_64", "SUSE Linux Enterprise Server 11 SP3-LTSS:kernel-xen-devel-3.0.101-0.47.106.50.1.i586", "SUSE Linux Enterprise Server 11 SP3-LTSS:kernel-xen-devel-3.0.101-0.47.106.50.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2018-09-27T14:02:27Z", details: "moderate", }, ], title: "CVE-2018-6555", }, ], }
suse-su-2018:2981-1
Vulnerability from csaf_suse
Published
2018-10-02 14:32
Modified
2018-10-02 14:32
Summary
Security update for the Linux Kernel
Notes
Title of the patch
Security update for the Linux Kernel
Description of the patch
The SUSE Linux Enterprise 15 kernel was updated to receive various security and bugfixes.
The following security bugs were fixed:
- CVE-2018-14617: Prevent NULL pointer dereference and panic in
hfsplus_lookup() when opening a file (that is purportedly a hard link) in an
hfs+ filesystem that has malformed catalog data, and is mounted read-only
without a metadata directory (bsc#1102870)
- CVE-2018-14613: Prevent invalid pointer dereference in io_ctl_map_page() when
mounting and operating a crafted btrfs image, caused by a lack of block group
item validation in check_leaf_item (bsc#1102896).
- CVE-2018-10940: The cdrom_ioctl_media_changed function allowed local
attackers to use a incorrect bounds check in the CDROM driver
CDROM_MEDIA_CHANGED ioctl to read out kernel memory (bsc#1092903)
- CVE-2018-13093: Prevent NULL pointer dereference and panic in lookup_slow()
on a NULL inode->i_ops pointer when doing pathwalks on a corrupted xfs image.
This occured because of a lack of proper validation that cached inodes are free
during allocation (bnc#1100001)
- CVE-2018-13094: Prevent OOPS that may have occured for a corrupted xfs image
after xfs_da_shrink_inode() is called with a NULL bp (bnc#1100000)
- CVE-2018-13095: Prevent denial of service (memory corruption and BUG) that
could have occurred for a corrupted xfs image upon encountering an inode that
is in extent format, but has more extents than fit in the inode fork
(bnc#1099999)
- CVE-2018-12896: Prevent integer overflow in the POSIX timer code that was
caused by the way the overrun accounting works. Depending on interval and
expiry time values, the overrun can be larger than INT_MAX, but the accounting
is int based. This basically made the accounting values, which are visible to
user space via timer_getoverrun(2) and siginfo::si_overrun, random. This
allowed a local user to cause a denial of service (signed integer overflow) via
crafted mmap, futex, timer_create, and timer_settime system calls (bnc#1099922)
- CVE-2018-16658: Prevent information leak in cdrom_ioctl_drive_status that
could have been used by local attackers to read kernel memory (bnc#1107689)
- CVE-2018-6555: The irda_setsockopt function allowed local users to cause a
denial of service (ias_object use-after-free and system crash) or possibly have
unspecified other impact via an AF_IRDA socket (bnc#1106511)
- CVE-2018-6554: Prevent memory leak in the irda_bind function that allowed
local users to cause a denial of service (memory consumption) by repeatedly
binding an AF_IRDA socket (bnc#1106509)
- CVE-2018-1129: A flaw was found in the way signature calculation was handled
by cephx authentication protocol. An attacker having access to ceph cluster
network who is able to alter the message payload was able to bypass signature
checks done by cephx protocol (bnc#1096748)
- CVE-2018-1128: It was found that cephx authentication protocol did not verify
ceph clients correctly and was vulnerable to replay attack. Any attacker having
access to ceph cluster network who is able to sniff packets on network can use
this vulnerability to authenticate with ceph service and perform actions
allowed by ceph service (bnc#1096748)
- CVE-2018-10938: A crafted network packet sent remotely by an attacker forced
the kernel to enter an infinite loop in the cipso_v4_optptr() function leading
to a denial-of-service (bnc#1106016)
The following non-security bugs were fixed:
- /dev/mem: Add bounce buffer for copy-out (git-fixes).
- /dev/mem: Avoid overwriting 'err' in read_mem() (git-fixes).
- 9p/net: Fix zero-copy path in the 9p virtio transport (bsc#1051510).
- 9p/virtio: fix off-by-one error in sg list bounds check (bsc#1051510).
- 9p: fix multiple NULL-pointer-dereferences (bsc#1051510).
- ACPI / EC: Add another entry for Thinkpad X1 Carbon 6th (bsc#1051510).
- ACPI / EC: Add parameter to force disable the GPE on suspend (bsc#1051510).
- ACPI / EC: Use ec_no_wakeup on ThinkPad X1 Yoga 3rd (bsc#1051510).
- ACPI / EC: Use ec_no_wakeup on Thinkpad X1 Carbon 6th (bsc#1051510).
- ACPI / EC: Use ec_no_wakeup on more Thinkpad X1 Carbon 6th systems (bsc#1051510).
- ACPI / PCI: pci_link: Allow the absence of _PRS and change log level (bsc#1104172).
- ACPI / bus: Only call dmi_check_system on X86 (bsc#1105597, bsc#1106178).
- ACPI / scan: Initialize status to ACPI_STA_DEFAULT (bsc#1051510).
- ACPI/IORT: Remove temporary iort_get_id_mapping_index() ACPICA guard (bsc#1103387).
- ACPI/PCI: pci_link: reduce verbosity when IRQ is enabled (bsc#1104172).
- ACPICA: iasl: Add SMMUv3 device ID mapping index support (bsc#1103387).
- ALSA: cs46xx: Deliver indirect-PCM transfer error.
- ALSA: emu10k1: Deliver indirect-PCM transfer error.
- ALSA: fireface: fix memory leak in ff400_switch_fetching_mode() (bsc#1051510).
- ALSA: firewire-digi00x: fix memory leak of private data (bsc#1051510).
- ALSA: firewire-tascam: fix memory leak of private data (bsc#1051510).
- ALSA: hda - Fix cancel_work_sync() stall from jackpoll work (bsc#1051510).
- ALSA: mips: Deliver indirect-PCM transfer error.
- ALSA: oxfw: fix memory leak for model-dependent data at error path (bsc#1051510).
- ALSA: oxfw: fix memory leak of discovered stream formats at error path (bsc#1051510).
- ALSA: oxfw: fix memory leak of private data (bsc#1051510).
- ALSA: pcm: Call ack() whenever appl_ptr is updated.
- ALSA: pcm: Fix negative appl_ptr handling in pcm-indirect helpers.
- ALSA: pcm: Fix possible inconsistent appl_ptr update via mmap.
- ALSA: pcm: Simplify forward/rewind codes.
- ALSA: pcm: Skip ack callback without actual appl_ptr update.
- ALSA: pcm: Use a common helper for PCM state check and hwsync.
- ALSA: pcm: Workaround for weird PulseAudio behavior on rewind error.
- ALSA: rme32: Deliver indirect-PCM transfer error.
- ARM: 8780/1: ftrace: Only set kernel memory back to read-only after boot (bsc#1051510).
- ARM: DRA7/OMAP5: Enable ACTLR[0] (Enable invalidates of BTB) for secondary cores (bsc#1051510).
- ARM: hisi: fix error handling and missing of_node_put (bsc#1051510).
- ARM: hisi: handle of_iomap and fix missing of_node_put (bsc#1051510).
- ARM: imx: flag failure of of_iomap (bsc#1051510).
- ARM: imx_v4_v5_defconfig: Select ULPI support (bsc#1051510).
- ARM: imx_v6_v7_defconfig: Select ULPI support (bsc#1051510).
- ARM: pxa: irq: fix handling of ICMR registers in suspend/resume (bsc#1051510).
- ASoC: rsnd: fixup not to call clk_get/set under non-atomic (bsc#1051510).
- ASoC: rsnd: move rsnd_ssi_config_init() execute condition into it (bsc#1051510).
- ASoC: rsnd: update pointer more accurate (bsc#1051510).
- ASoC: wm8994: Fix missing break in switch (bsc#1051510).
- Apply e666d4e9ceec crypto: vmx - Use skcipher for ctr fallback to SLE12-SP4 (bsc#1106464).
- Bluetooth: h5: Fix missing dependency on BT_HCIUART_SERDEV (bsc#1051510).
- Bluetooth: hidp: Fix handling of strncpy for hid->name information (bsc#1051510).
- Prevent errors at reboot (bsc#1093389)
- Documentation: add some docs for errseq_t (bsc#1107008).
- Fix buggy backport of patches.drivers/libnvdimm-btt-fix-an-incompatibility-in-the-log-layout.patch (bsc#1103961).
- Fix kABI breakage due to enum addition for ath10k (bsc#1051510).
- HID: add quirk for another PIXART OEM mouse used by HP (bsc#1051510).
- HID: i2c-hid: Add no-irq-after-reset quirk for 0911:5288 device.
- IB/core: type promotion bug in rdma_rw_init_one_mr() (bsc#1046306).
- IB/hfi1: Invalid NUMA node information can cause a divide by zero (bsc#1060463).
- IB/hfi1: Remove incorrect call to do_interrupt callback (bsc#1060463).
- IB/hfi1: Set in_use_ctxts bits for user ctxts only (bsc#1060463 ).
- IB/ipoib: Avoid a race condition between start_xmit and cm_rep_handler (bsc#1046307).
- IB/ipoib: Fix error return code in ipoib_dev_init() (bsc#1046307 ).
- IB/mlx4: Test port number before querying type (bsc#1046302 ).
- IB/mlx4: Use 4K pages for kernel QP's WQE buffer (bsc#1046302 ).
- Input: atmel_mxt_ts - only use first T9 instance (bsc#1051510).
- Input: edt-ft5x06 - fix error handling for factory mode on non-M06 (bsc#1051510).
- Input: edt-ft5x06 - implement support for the EDT-M12 series (bsc#1051510).
- Input: edt-ft5x06 - make distinction between m06/m09/generic more clear (bsc#1051510).
- Input: synaptics-rmi4 - fix axis-swap behavior (bsc#1051510).
- KABI: tpm: change relinquish_locality return value back to void (bsc#1082555).
- KABI: tpm: do keep the cmd_ready and go_idle as pm ops (bsc#1082555).
- KVM/x86: remove WARN_ON() for when vm_munmap() fails (bsc#1106240).
- KVM: Enforce error in ioctl for compat tasks when !KVM_COMPAT (bsc#1106240).
- KVM: PPC: Book3S: Fix guest DMA when guest partially backed by THP pages (bsc#1077761, git-fixes, bsc#1103948, bsc#1103949).
- KVM: VMX: Work around kABI breakage in 'enum vmx_l1d_flush_state' (bsc#1106369).
- KVM: VMX: fixes for vmentry_l1d_flush module parameter (bsc#1106369).
- KVM: nVMX: Do not flush TLB when vmcs12 uses VPID (bsc#1106240).
- KVM: nVMX: Fix injection to L2 when L1 do not intercept external-interrupts (bsc#1106240).
- KVM: nVMX: Fix races when sending nested PI while dest enters/leaves L2 (bsc#1106240).
- KVM: nVMX: Re-evaluate L1 pending events when running L2 and L1 got posted-interrupt (bsc#1106240).
- KVM: s390: add etoken support for guests (bsc#1106948, LTC#171029).
- KVM: s390: force bp isolation for VSIE (bsc#1103421).
- KVM: s390: implement CPU model only facilities (bsc#1106948, LTC#171029).
- KVM: x86: Change __kvm_apic_update_irr() to also return if max IRR updated (bsc#1106240).
- KVM: x86: SVM: Call x86_spec_ctrl_set_guest/host() with interrupts disabled (git-fixes 1f50ddb4f418).
- KVM: x86: fix APIC page invalidation (bsc#1106240).
- NET: stmmac: align DMA stuff to largest cache line length (netfilter-stable-18_08_01).
- NFSv4 client live hangs after live data migration recovery (git-fixes).
- NFSv4: Fix a sleep in atomic context in nfs4_callback_sequence() (git-fixes).
- NFSv4: Fix possible 1-byte stack overflow in nfs_idmap_read_and_verify_message (git-fixes).
- Netperf performance issue due to AppArmor net mediation (bsc#1108520)
- PCI: Match Root Port's MPS to endpoint's MPSS as necessary (bsc#1109269).
- PCI: OF: Fix I/O space page leak (git-fixes).
- PCI: aardvark: Fix I/O space page leak (git-fixes).
- PCI: hotplug: Do not leak pci_slot on registration failure (bsc#1051510).
- PCI: hv: Make sure the bus domain is really unique (git-fixes).
- PCI: mvebu: Fix I/O space end address calculation (bsc#1051510).
- PCI: pciehp: Fix use-after-free on unplug (bsc#1051510).
- PM / Domains: Fix error path during attach in genpd (bsc#1051510).
- PM / clk: signedness bug in of_pm_clk_add_clks() (bsc#1051510).
- PM / runtime: Drop usage count for suppliers at device link removal (bsc#1100132).
- RDMA/bnxt_re: Fix a bunch of off by one bugs in qplib_fp.c (bsc#1050244).
- RDMA/bnxt_re: Fix a couple off by one bugs (bsc#1050244 ).
- RDMA/i40w: Hold read semaphore while looking after VMA (bsc#1058659).
- Refresh with the upstream patches for lan78xx fixes (bsc#1085262)
- Replace magic for trusting the secondary keyring with #define (bsc#1051510).
- Revert 'PCI: Add ACS quirk for Intel 300 series' (bsc#1051510).
- Revert 'UBIFS: Fix potential integer overflow in allocation' (bsc#1051510).
- Revert 'mm: page_alloc: skip over regions of invalid pfns where possible' (bnc#1107078).
- Revert 'vhost: cache used event for better performance' (bsc#1090528).
- Revert 'vmalloc: back off when the current task is killed' (bnc#1107073).
- Staging: vc04_services: remove unused variables.
- Tools: hv: vss: fix loop device detection.
- USB: net2280: Fix erroneous synchronization change (bsc#1051510).
- USB: serial: io_ti: fix array underflow in completion handler (bsc#1051510).
- USB: serial: ti_usb_3410_5052: fix array underflow in completion handler (bsc#1051510).
- Update patches.drivers/0016-arm64-vgic-v2-Fix-proxying-of-cpuif-access.patch (bsc#1106901, bsc#1107265).
- Update patches.fixes/4.4.139-043-powerpc-mm-hash-Add-missing-isync-prior-to-ke.patch (bnc#1012382, bsc#1094244).
- Update config files, make CRYPTO_CRCT10DIF_PCLMUL built-in (bsc#1105603).
- Update patch tag of dmi fix (bsc#1105597) Also moved to the sorted section.
- Update patch tags of recent security fixes (bsc#1106426)
- Update references (bsc#1064232)
- Workaround kABI breakage by __must_check drop of strscpy() (bsc#1051510).
- ahci: Add Intel Ice Lake LP PCI ID (bsc#1051510).
- apparmor: Fix regression in profile conflict logic (bsc#1106427)
- apparmor: ensure that undecidable profile attachments fail (bsc#1106427).
- apparmor: fix an error code in __aa_create_ns() (bsc#1106427).
- apparmor: remove no-op permission check in policy_unpack (bsc#1106427).
- arm64/acpi: Create arch specific cpu to acpi id helper (bsc#1106903).
- arm64/kasan: do not allocate extra shadow memory (bsc#1106897).
- arm64/mm/kasan: do not use vmemmap_populate() to initialize shadow (bsc#1106898).
- arm64: Enforce BBM for huge IO/VMAP mappings (bsc#1106890).
- arm64: Ignore hardware dirty bit updates in ptep_set_wrprotect() (bsc#1108010).
- arm64: Make sure permission updates happen for pmd/pud (bsc#1106891).
- arm64: dma-mapping: clear buffers allocated with FORCE_CONTIGUOUS flag (bsc#1106902).
- arm64: export memblock_reserve()d regions via /proc/iomem (bsc#1106892).
- arm64: fix unwind_frame() for filtered out fn for function graph tracing (bsc#1106900).
- arm64: fix vmemmap BUILD_BUG_ON() triggering on !vmemmap setups (bsc#1106896).
- arm64: fpsimd: Avoid FPSIMD context leakage for the init task (bsc#1106894).
- arm64: kasan: avoid pfn_to_nid() before page array is initialized (bsc#1106899).
- arm64: mm: Ensure writes to swapper are ordered wrt subsequent cache maintenance (bsc#1106906).
- arm64: mm: check for upper PAGE_SHIFT bits in pfn_valid() (bsc#1106893).
- arm64: numa: rework ACPI NUMA initialization (bsc#1106905).
- arm64: vgic-v2: Fix proxying of cpuif access (bsc#1106901).
- ata: libahci: Allow reconfigure of DEVSLP register (bsc#1051510).
- ata: libahci: Correct setting of DEVSLP register (bsc#1051510).
- ath10k: disable bundle mgmt tx completion event support (bsc#1051510).
- ath10k: update the phymode along with bandwidth change request (bsc#1051510).
- ath9k: add MSI support.
- ath9k: report tx status on EOSP (bsc#1051510).
- ath9k_hw: fix channel maximum power level test (bsc#1051510).
- b43/leds: Ensure NUL-termination of LED name string (bsc#1051510).
- b43legacy/leds: Ensure NUL-termination of LED name string (bsc#1051510).
- bcache: avoid unncessary cache prefetch bch_btree_node_get().
- bcache: calculate the number of incremental GC nodes according to the total of btree nodes.
- bcache: display rate debug parameters to 0 when writeback is not running.
- bcache: do not check return value of debugfs_create_dir().
- bcache: finish incremental GC.
- bcache: fix I/O significant decline while backend devices registering.
- bcache: fix error setting writeback_rate through sysfs interface.
- bcache: free heap cache_set->flush_btree in bch_journal_free.
- bcache: make the pr_err statement used for ENOENT only in sysfs_attatch section.
- bcache: release dc->writeback_lock properly in bch_writeback_thread().
- bcache: set max writeback rate when I/O request is idle.
- bcache: simplify the calculation of the total amount of flash dirty data.
- Add a blacklist entry for the reverted patch (bsc#1106743)
- blk-mq: avoid to synchronize rcu inside blk_cleanup_queue() (bsc#1077989).
- blkdev: __blkdev_direct_IO_simple: fix leak in error case (bsc#1083663).
- block, bfq: return nbytes and not zero from struct cftype .write() method (bsc#1106238).
- block: bio_iov_iter_get_pages: fix size of last iovec (bsc#1083663).
- block: bio_iov_iter_get_pages: pin more pages for multi-segment IOs (bsc#1083663).
- block: do not print a message when the device went away (bsc#1098459).
- block: do not warn for flush on read-only device (bsc#1107756).
- bnxt_en: Clean up unused functions (bsc#1086282).
- bnxt_en: Do not adjust max_cp_rings by the ones used by RDMA (bsc#1086282).
- bnxt_en: Fix VF mac address regression (bsc#1086282 ).
- bnxt_re: Fix couple of memory leaks that could lead to IOMMU call traces (bsc#1050244).
- bonding: avoid lockdep confusion in bond_get_stats() (netfilter-stable-18_08_04).
- bpf, s390: fix potential memleak when later bpf_jit_prog fails (bsc#1083647).
- bpf: fix references to free_bpf_prog_info() in comments (bsc#1083647).
- bpf: fix uninitialized variable in bpf tools (bsc#1083647).
- bpf: hash map: decrement counter on error (bsc#1083647).
- bpf: powerpc64: pad function address loads with NOPs (bsc#1083647).
- bpf: use GFP_ATOMIC instead of GFP_KERNEL in bpf_parse_prog() (bsc#1083647).
- brcmfmac: stop watchdog before detach and free everything (bsc#1051510).
- btrfs: Add checker for EXTENT_CSUM (bsc#1102882, bsc#1102896, bsc#1102879, bsc#1102877, bsc#1102875,).
- btrfs: Add sanity check for EXTENT_DATA when reading out leaf (bsc#1102882, bsc#1102896, bsc#1102879, bsc#1102877, bsc#1102875,).
- btrfs: Check if item pointer overlaps with the item itself (bsc#1102882, bsc#1102896, bsc#1102879, bsc#1102877, bsc#1102875,).
- btrfs: Check that each block group has corresponding chunk at mount time (bsc#1102882, bsc#1102896, bsc#1102879, bsc#1102877, bsc#1102875,).
- btrfs: Fix use-after-free when cleaning up fs_devs with a single stale device (bsc#1097105).
- btrfs: Handle error from btrfs_uuid_tree_rem call in _btrfs_ioctl_set_received_subvol (bsc#1097105).
- btrfs: Introduce mount time chunk <-> dev extent mapping check (bsc#1102882, bsc#1102896, bsc#1102879, bsc#1102877, bsc#1102875,).
- btrfs: Manually implement device_total_bytes getter/setter (bsc#1043912).
- btrfs: Move leaf and node validation checker to tree-checker.c (bsc#1102882, bsc#1102896, bsc#1102879, bsc#1102877, bsc#1102875,).
- btrfs: Round down values which are written for total_bytes_size (bsc#1043912).
- btrfs: Verify that every chunk has corresponding block group at mount time (bsc#1102882, bsc#1102896, bsc#1102879, bsc#1102877, bsc#1102875,).
- btrfs: fix error handling in btrfs_dev_replace_start (bsc#1107535).
- btrfs: round down size diff when shrinking/growing device (bsc#1097105).
- btrfs: tree-checker: Add checker for dir item (bsc#1102882, bsc#1102896, bsc#1102879, bsc#1102877, bsc#1102875,).
- btrfs: tree-checker: Detect invalid and empty essential trees (bsc#1102882, bsc#1102896, bsc#1102879, bsc#1102877, bsc#1102875,).
- btrfs: tree-checker: Enhance btrfs_check_node output (bsc#1102882, bsc#1102896, bsc#1102879, bsc#1102877, bsc#1102875,).
- btrfs: tree-checker: Enhance output for check_extent_data_item (bsc#1102882, bsc#1102896, bsc#1102879, bsc#1102877, bsc#1102875,).
- btrfs: tree-checker: Enhance output for btrfs_check_leaf (bsc#1102882, bsc#1102896, bsc#1102879, bsc#1102877, bsc#1102875,).
- btrfs: tree-checker: Enhance output for check_csum_item (bsc#1102882, bsc#1102896, bsc#1102879, bsc#1102877, bsc#1102875,).
- btrfs: tree-checker: Fix false panic for sanity test (bsc#1102882, bsc#1102896, bsc#1102879, bsc#1102877, bsc#1102875,).
- btrfs: tree-checker: Replace root parameter with fs_info (bsc#1102882, bsc#1102896, bsc#1102879, bsc#1102877, bsc#1102875,).
- btrfs: tree-checker: Verify block_group_item (bsc#1102882, bsc#1102896, bsc#1102879, bsc#1102877, bsc#1102875,).
- btrfs: tree-checker: use %zu format string for size_t (bsc#1102882, bsc#1102896, bsc#1102879, bsc#1102877, bsc#1102875,).
- btrfs: tree-checker: use %zu format string for size_t (bsc#1102882, bsc#1102896, bsc#1102879, bsc#1102877, bsc#1102875,).
- cdrom: Fix info leak/OOB read in cdrom_ioctl_drive_status (bsc#1051510).
- ceph: fix incorrect use of strncpy (bsc#1107319).
- ceph: return errors from posix_acl_equiv_mode() correctly (bsc#1107320).
- cfg80211: nl80211_update_ft_ies() to validate NL80211_ATTR_IE (bsc#1051510).
- cgroup: avoid copying strings longer than the buffers (bsc#1051510).
- cifs: Fix stack out-of-bounds in smb{2,3}_create_lease_buf() (bsc#1051510).
- cifs: check kmalloc before use (bsc#1051510).
- cifs: store the leaseKey in the fid on SMB2_open (bsc#1051510).
- cls_matchall: fix tcf_unbind_filter missing (networking-stable-18_08_21).
- crypto: caam/jr - fix descriptor DMA unmapping (bsc#1051510).
- crypto: caam/qi - fix error path in xts setkey (bsc#1051510).
- crypto: vmx - Fix sleep-in-atomic bugs (bsc#1051510).
- cxl: Configure PSL to not use APC virtual machines (bsc#1055014, git-fixes).
- cxl: Fix wrong comparison in cxl_adapter_context_get() (bsc#1055014, git-fixes).
- dax: remove VM_MIXEDMAP for fsdax and device dax (bsc#1106007).
- dccp: fix undefined behavior with 'cwnd' shift in ccid2_cwnd_restart() (netfilter-stable-18_08_17).
- drm/amd/pp/Polaris12: Fix a chunk of registers missed to program (bsc#1051510).
- drm/amdgpu: Fix RLC safe mode test in gfx_v9_0_enter_rlc_safe_mode (bsc#1051510).
- drm/amdgpu: fix swapped emit_ib_size in vce3 (bsc#1051510).
- drm/amdgpu: update tmr mc address (bsc#1100132).
- drm/amdgpu:add new firmware id for VCN (bsc#1051510).
- drm/amdgpu:add tmr mc address into amdgpu_firmware_info (bsc#1051510).
- drm/arm/malidp: Preserve LAYER_FORMAT contents when setting format (bsc#1051510).
- drm/armada: fix colorkey mode property (bsc#1051510).
- drm/armada: fix irq handling (bsc#1051510).
- drm/bridge/sii8620: Fix display of packed pixel modes (bsc#1051510).
- drm/bridge/sii8620: fix display of packed pixel modes in MHL2 (bsc#1051510).
- drm/bridge/sii8620: fix loops in EDID fetch logic (bsc#1051510).
- drm/bridge: adv7511: Reset registers on hotplug (bsc#1051510).
- drm/edid: Add 6 bpc quirk for SDC panel in Lenovo B50-80 (bsc#1051510).
- drm/exynos: decon5433: Fix WINCONx reset value (bsc#1051510).
- drm/exynos: decon5433: Fix per-plane global alpha for XRGB modes (bsc#1051510).
- drm/exynos: gsc: Fix support for NV16/61, YUV420/YVU420 and YUV422 modes (bsc#1051510).
- drm/i915/audio: Fix audio enumeration issue on BXT.
- drm/i915/gvt: Fix the incorrect length of child_device_config issue (bsc#1051510).
- drm/i915/gvt: clear ggtt entries when destroy vgpu (bsc#1051510).
- drm/i915/gvt: request srcu_read_lock before checking if one gfn is valid (bsc#1051510).
- drm/i915/kvmgt: Fix potential Spectre v1 (bsc#1051510).
- drm/i915/lpe: Mark LPE audio runtime pm as 'no callbacks' (bsc#1051510).
- drm/i915/overlay: Allocate physical registers from stolen (bsc#1051510).
- drm/i915: Increase LSPCON timeout (bsc#1051510).
- drm/i915: set DP Main Stream Attribute for color range on DDI platforms (bsc#1051510).
- drm/imx: imx-ldb: check if channel is enabled before printing warning (bsc#1051510).
- drm/imx: imx-ldb: disable LDB on driver bind (bsc#1051510).
- drm/modes: Introduce drm_mode_match().
- drm/nouveau/drm/nouveau: Fix bogus drm_kms_helper_poll_enable() placement (bsc#1051510).
- drm/tegra: Check for malformed offsets and sizes in the 'submit' IOCTL (bsc#1106170).
- drm/tegra: Fix comparison operator for buffer size (bsc#1100132).
- drm/vc4: Fix the 'no scaling' case on multi-planar YUV formats (bsc#1051510).
- drm: Add DRM client cap for aspect-ratio.
- drm: Add and handle new aspect ratios in DRM layer.
- drm: Add aspect ratio parsing in DRM layer.
- drm: Expose modes with aspect ratio, only if requested.
- drm: Handle aspect ratio info in legacy modeset path.
- drm: mali-dp: Enable Global SE interrupts mask for DP500 (bsc#1051510).
- dwc2: gadget: Fix ISOC IN DDMA PID bitfield value calculation (bsc#1051510).
- errseq: Add to documentation tree (bsc#1107008).
- errseq: Always report a writeback error once (bsc#1107008).
- ext4: sysfs: print ext4_super_block fields as little-endian (bsc#1106229).
- f2fs: remove unneeded memory footprint accounting (bsc#1106233).
- f2fs: remove unneeded memory footprint accounting (bsc#1106297).
- f2fs: validate before set/clear free nat bitmap (bsc#1106231).
- f2fs: validate before set/clear free nat bitmap (bsc#1106297).
- fat: fix memory allocation failure handling of match_strdup() (bsc#1051510).
- fb: fix lost console when the user unplugs a USB adapter (bsc#1051510).
- fbdev: omapfb: off by one in omapfb_register_client() (bsc#1051510).
- fix __legitimize_mnt()/mntput() race (bsc#1106297).
- fix a page leak in vhost_scsi_iov_to_sgl() error recovery (bsc#1051510).
- fix mntput/mntput race (bsc#1106297).
- fs/9p/xattr.c: catch the error of p9_client_clunk when setting xattr failed (bsc#1051510).
- fs/proc/proc_sysctl.c: fix potential page fault while unregistering sysctl table (bsc#1106297).
- fuse: Add missed unlock_page() to fuse_readpages_fill() (bsc#1106291).
- fuse: Fix oops at process_init_reply() (bsc#1106291).
- fuse: fix double request_end() (bsc#1106291).
- fuse: fix initial parallel dirops (bsc#1106291).
- fuse: fix unlocked access to processing queue (bsc#1106291).
- fuse: umount should wait for all requests (bsc#1106291).
- getxattr: use correct xattr length (bsc#1106235).
- getxattr: use correct xattr length (bsc#1106297).
- gpio: ml-ioh: Fix buffer underwrite on probe error path (bsc#1051510).
- gpio: tegra: Move driver registration to subsys_init level (bsc#1051510).
- gpiolib-acpi: make sure we trigger edge events at least once on boot (bsc#1051510).
- gpiolib: acpi: Switch to cansleep version of GPIO library call (bsc#1051510).
- gpu: host1x: Check whether size of unpin isn't 0 (bsc#1051510).
- gpu: ipu-v3: default to id 0 on missing OF alias (bsc#1051510).
- i2c: core: ACPI: Properly set status byte to 0 for multi-byte writes (bsc#1051510).
- i2c: davinci: Avoid zero value of CLKH (bsc#1051510).
- i2c: i801: Add missing documentation entries for Braswell and Kaby Lake (bsc#1051510).
- i2c: i801: Add support for Intel Cedar Fork (bsc#1051510).
- i2c: i801: Add support for Intel Ice Lake (bsc#1051510).
- i2c: i801: Consolidate chipset names in documentation and Kconfig (bsc#1051510).
- i2c: i801: fix DNV's SMBCTRL register offset (bsc#1051510).
- i2c: imx: Fix race condition in dma read (bsc#1051510).
- i2c: uniphier-f: issue STOP only for last message or I2C_M_STOP (bsc#1051510).
- i2c: uniphier: issue STOP only for last message or I2C_M_STOP (bsc#1051510).
- i2c: xiic: Make the start and the byte count write atomic (bsc#1051510).
- i2c: xlp9xx: Fix case where SSIF read transaction completes early (bsc#1105907).
- i2c: xlp9xx: Fix issue seen when updating receive length (bsc#1105907).
- i2c: xlp9xx: Make sure the transfer size is not more than I2C_SMBUS_BLOCK_SIZE (bsc#1105907).
- i40e: fix condition of WARN_ONCE for stat strings (bsc#1107522).
- ib_srpt: Fix a use-after-free in srpt_close_ch() (bsc#1046306 ).
- ibmvnic: Include missing return code checks in reset function (bnc#1107966).
- iommu/amd: Add support for IOMMU XT mode.
- iommu/amd: Add support for higher 64-bit IOMMU Control Register.
- iommu/amd: Finish TLB flush in amd_iommu_unmap() (bsc#1106105).
- iommu/amd: make sure TLB to be flushed before IOVA freed (bsc#1106105).
- iommu/arm-smmu-v3: Do not free page table ops twice (bsc#1106237).
- iommu/vt-d: Fix a potential memory leak (bsc#1106105).
- iommu/vt-d: Ratelimit each dmar fault printing (bsc#1106105).
- ipmi/powernv: Fix error return code in ipmi_powernv_probe() (git-fixes).
- ipmi: Fix some counter issues (bsc#1105907).
- ipmi: Move BT capabilities detection to the detect call (bsc#1106779).
- ipmi: Remove ACPI SPMI probing from the SSIF (I2C) driver (bsc#1105907).
- ipmi:bt: Set the timeout before doing a capabilities check (bsc#1051510).
- ipv4: remove BUG_ON() from fib_compute_spec_dst (netfilter-stable-18_08_01).
- irqchip/bcm7038-l1: Hide cpu offline callback when building for !SMP (bsc#1051510).
- iw_cxgb4: remove duplicate memcpy() in c4iw_create_listen() (bsc#1046543).
- ixgbe: Refactor queue disable logic to take completion time into account (bsc#1101557).
- ixgbe: Reorder Tx/Rx shutdown to reduce time needed to stop device (bsc#1101557).
- kabi fix for check_disk_size_change() (bsc#1098459).
- kabi protect hnae_ae_ops (bsc#1107924).
- kabi protect struct kvm_sync_regs (bsc#1106948).
- kabi/severities: Whitelist libceph, rbd, and ceph (bsc#1096748).
- kabi: move s390 mm_context_t lock to mm_struct and ignore the change (bsc#1103421).
- kabi: x86/speculation/l1tf: Increase l1tf memory limit for Nehalem+ (bnc#1105536).
- kvm: arm64: Convert kvm_set_s2pte_readonly() from inline asm to cmpxchg() (bsc#1108010).
- kvm: nVMX: Fix fault vector for VMX operation at CPL > 0 (bsc#1106105).
- kvm: nVMX: Use nested_run_pending rather than from_vmentry (bsc#1106240).
- kvm: x86: vmx: fix vpid leak (bsc#1106240).
- l2tp: use sk_dst_check() to avoid race on sk->sk_dst_cache (netfilter-stable-18_08_17).
- lan78xx: Lan7801 Support for Fixed PHY (bsc#1085262).
- lan78xx: Set ASD in MAC_CR when EEE is enabled (bsc#1085262).
- lan78xx: remove redundant initialization of pointer 'phydev' (bsc#1085262).
- lib/test_hexdump.c: fix failure on big endian cpu (bsc#1051510).
- libahci: Fix possible Spectre-v1 pmp indexing in ahci_led_store() (bsc#1051510).
- libbpf: Makefile set specified permission mode (bsc#1083647).
- libceph: check authorizer reply/challenge length before reading (bsc#1096748).
- libceph: factor out __ceph_x_decrypt() (bsc#1096748).
- libceph: factor out __prepare_write_connect() (bsc#1096748).
- libceph: factor out encrypt_authorizer() (bsc#1096748).
- libceph: store ceph_auth_handshake pointer in ceph_connection (bsc#1096748).
- libceph: weaken sizeof check in ceph_x_verify_authorizer_reply() (bsc#1096748).
- libnvdimm, btt: fix uninitialized err_lock (bsc#1103961).
- libnvdimm, nfit: enable support for volatile ranges (bsc#1103961).
- libnvdimm, nfit: move the check on nd_reserved2 to the endpoint (bsc#1103961).
- libnvdimm: Use max contiguous area for namespace size (git-fixes).
- libnvdimm: rename nd_sector_size_{show,store} to nd_size_select_{show,store} (bsc#1103961).
- livepatch: Remove reliable stacktrace check in klp_try_switch_task() (bsc#1071995).
- livepatch: Validate module/old func name length (bsc#1071995).
- llc: use refcount_inc_not_zero() for llc_sap_find() (netfilter-stable-18_08_17).
- mac80211: add stations tied to AP_VLANs during hw reconfig (bsc#1051510).
- mac80211: always account for A-MSDU header changes (bsc#1051510).
- mac80211: avoid kernel panic when building AMSDU from non-linear SKB (bsc#1051510).
- mac80211: fix an off-by-one issue in A-MSDU max_subframe computation (bsc#1051510).
- macros.kernel-source: pass -b properly in kernel module package (bsc#1107870).
- md-cluster: clear another node's suspend_area after the copy is finished (bsc#1106333).
- md-cluster: do not send msg if array is closing (bsc#1106333).
- md-cluster: release RESYNC lock after the last resync message (bsc#1106688).
- md-cluster: show array's status more accurate (bsc#1106333).
- media: Revert '[media] tvp5150: fix pad format frame height' (bsc#1051510).
- mei: do not update offset in write (bsc#1051510).
- mei: me: enable asynchronous probing.
- memcg, thp: do not invoke oom killer on thp charges (bnc#1089663).
- memory: tegra: Apply interrupts mask per SoC (bsc#1051510).
- memory: tegra: Do not handle spurious interrupts (bsc#1051510).
- mfd: intel-lpss: Add Ice Lake PCI IDs (bsc#1051510).
- mfd: lpc_ich: Do not touch SPI-NOR write protection bit on Apollo Lake (bsc#1051510).
- mlxsw: core_acl_flex_actions: Return error for conflicting actions (netfilter-stable-18_08_17).
- mm/huge_memory.c: fix data loss when splitting a file pmd (bnc#1107074).
- mm/hugetlb: filter out hugetlb pages if HUGEPAGE migration is not supported (bnc#1106697).
- mm/vmscan: wake up flushers for legacy cgroups too (bnc#1107061).
- mm: fix devmem_is_allowed() for sub-page System RAM intersections (bsc#1106800).
- mm: memcg: fix use after free in mem_cgroup_iter() (bnc#1107065).
- mmc: omap_hsmmc: fix wakeirq handling on removal (bsc#1051510).
- module: exclude SHN_UNDEF symbols from kallsyms api (bsc#1071995).
- net/9p/client.c: version pointer uninitialized (bsc#1051510).
- net/9p/trans_fd.c: fix race by holding the lock (bsc#1051510).
- net/9p/trans_fd.c: fix race-condition by flushing workqueue before the kfree() (bsc#1051510).
- net/9p: Switch to wait_event_killable() (bsc#1051510).
- net/9p: fix error path of p9_virtio_probe (bsc#1051510).
- net: dsa: Do not suspend/resume closed slave_dev (netfilter-stable-18_08_04).
- net: ena: Eliminate duplicate barriers on weakly-ordered archs (bsc#1108093).
- net: ena: Fix use of uninitialized DMA address bits field (netfilter-stable-18_08_01).
- net: ena: fix device destruction to gracefully free resources (bsc#1108093).
- net: ena: fix driver when PAGE_SIZE == 64kB (bsc#1108093).
- net: ena: fix incorrect usage of memory barriers (bsc#1108093).
- net: ena: fix missing calls to READ_ONCE (bsc#1108093).
- net: ena: fix missing lock during device destruction (bsc#1108093).
- net: ena: fix potential double ena_destroy_device() (bsc#1108093).
- net: ena: fix surprise unplug NULL dereference kernel crash (bsc#1108093).
- net: ethernet: mvneta: Fix napi structure mixup on armada 3700 (networking-stable-18_08_21).
- net: fix amd-xgbe flow-control issue (netfilter-stable-18_08_01).
- net: hns3: Fix for waterline not setting correctly (bsc#1104353 ).
- net: hns3: fix page_offset overflow when CONFIG_ARM64_64K_PAGES (bsc#1104353).
- net: hns: add netif_carrier_off before change speed and duplex (bsc#1107924).
- net: hns: add the code for cleaning pkt in chip (bsc#1107924).
- net: mdio-mux: bcm-iproc: fix wrong getter and setter pair (netfilter-stable-18_08_01).
- net: mvneta: fix mvneta_config_rss on armada 3700 (networking-stable-18_08_21).
- net: rtnl_configure_link: fix dev flags changes arg to __dev_notify_flags (git-fixes).
- net: stmmac: Fix WoL for PCI-based setups (netfilter-stable-18_08_04).
- net: stmmac: mark PM functions as __maybe_unused (git-fixes).
- net_sched: Fix missing res info when create new tc_index filter (netfilter-stable-18_08_17).
- netfilter: ip6t_rpfilter: set F_IFACE for linklocal addresses (git-fixes).
- netlink: Do not shift on 64 for ngroups (git-fixes).
- netlink: Do not shift with UB on nlk->ngroups (netfilter-stable-18_08_01).
- netlink: Do not subscribe to non-existent groups (netfilter-stable-18_08_01).
- netlink: Fix spectre v1 gadget in netlink_create() (netfilter-stable-18_08_04).
- nfs/pnfs: fix nfs_direct_req ref leak when i/o falls back to the mds (git-fixes).
- nfs41: do not return ENOMEM on LAYOUTUNAVAILABLE (git-fixes).
- nfsd: remove blocked locks on client teardown (git-fixes).
- nl80211: Add a missing break in parse_station_flags (bsc#1051510).
- nl80211: check nla_parse_nested() return values (bsc#1051510).
- nvme: register ns_id attributes as default sysfs groups (bsc#1105247).
- nvme_fc: add 'nvme_discovery' sysfs attribute to fc transport device (bsc#1044189).
- pinctrl/amd: only handle irq if it is pending and unmasked (bsc#1051510).
- pipe: actually allow root to exceed the pipe buffer limits (bsc#1106297).
- platform/x86: asus-nb-wmi: Add keymap entry for lid flip action on UX360 (bsc#1051510).
- pnfs/blocklayout: off by one in bl_map_stripe() (git-fixes).
- powerpc/64s: Default l1d_size to 64K in RFI fallback flush (bsc#1068032, git-fixes).
- powerpc/64s: Fix DT CPU features Power9 DD2.1 logic (bsc#1055117).
- powerpc/64s: Fix compiler store ordering to SLB shadow area (bsc#1094244).
- powerpc/64s: move machine check SLB flushing to mm/slb.c (bsc#1094244).
- powerpc/kprobes: Fix call trace due to incorrect preempt count (bsc#1065729).
- powerpc/lib: Fix the feature fixup tests to actually work (bsc#1065729).
- powerpc/mce: Fix SLB rebolting during MCE recovery path (bsc#1094244).
- powerpc/perf: Fix IMC allocation routine (bsc#1054914).
- powerpc/perf: Fix memory allocation for core-imc based on num_possible_cpus() (bsc#1054914).
- powerpc/perf: Remove sched_task function defined for thread-imc (bsc#1054914).
- powerpc/pseries: Avoid using the size greater than RTAS_ERROR_LOG_MAX (bsc#1094244).
- powerpc/pseries: Fix endianness while restoring of r3 in MCE handler (bsc#1094244).
- powerpc/pseries: fix EEH recovery of some IOV devices (bsc#1078720, git-fixes).
- powerpc64s: Show ori31 availability in spectre_v1 sysfs file not v2 (bsc#1068032, bsc#1080157, git-fixes).
- powerpc: Avoid code patching freed init sections (bnc#1107735).
- powerpc: make feature-fixup tests fortify-safe (bsc#1065729).
- pstore: Fix incorrect persistent ram buffer mapping (bsc#1051510).
- pwm: tiehrpwm: Fix disabling of output of PWMs (bsc#1051510).
- qlge: Fix netdev features configuration (bsc#1098822).
- r8169: add support for NCube 8168 network card (bsc#1051510).
- reiserfs: fix broken xattr handling (heap corruption, bad retval) (bsc#1106236).
- rhashtable: add schedule points (bsc#1051510).
- root dentries need RCU-delayed freeing (bsc#1106297).
- rsi: Fix 'invalid vdd' warning in mmc (bsc#1051510).
- rxrpc: Fix user call ID check in rxrpc_service_prealloc_one (netfilter-stable-18_08_04).
- s390/entry.S: use assembler alternatives (bsc#1103421).
- s390/lib: use expoline for all bcr instructions (git-fixes, bsc#1103421).
- s390/mm: fix local TLB flushing vs. detach of an mm address space (bsc#1103421).
- s390/mm: fix race on mm->context.flush_mm (bsc#1103421).
- s390/runtime instrumentation: simplify task exit handling (bsc#1103421).
- s390: always save and restore all registers on context switch (bsc#1103421).
- s390: detect etoken facility (bsc#1103421).
- s390: fix br_r1_trampoline for machines without exrl (git-fixes, bsc#1103421).
- s390: fix compat system call table (bsc#1103421).
- s390: fix handling of -1 in set{,fs}id16 syscalls (bsc#1103421).
- s390: use expoline thunks for all branches generated by the BPF JIT (bsc#1103421).
- samples/bpf: adjust rlimit RLIMIT_MEMLOCK for xdp1 (bsc#1083647).
- sched/fair: Fix vruntime_normalized() for remote non-migration wakeup (git-fixes).
- sched/numa: Do not move imbalanced load purely on the basis of an idle CPU (bnc#1101669 optimise numa balancing for fast migrate).
- sched/numa: Evaluate move once per node (bnc#1101669 optimise numa balancing for fast migrate).
- sched/numa: Remove numa_has_capacity() (bnc#1101669 optimise numa balancing for fast migrate).
- sched/numa: Remove unused task_capacity from 'struct numa_stats' (bnc#1101669 optimise numa balancing for fast migrate).
- sched/numa: Stop comparing tasks for NUMA placement after selecting an idle core (bnc#1101669 optimise numa balancing for fast migrate).
- sched/numa: remove unused code from update_numa_stats() (bnc#1101669 optimise numa balancing for fast migrate).
- sched/numa: remove unused nr_running field (bnc#1101669 optimise numa balancing for fast migrate).
- scripts/git_sort/git_sort.py: Add fixes branch from mkp/scsi.git.
- scripts/git_sort/git_sort.py: add mkp 4.20/scsi-queue
- scripts/tar-up.sh: Do not package gitlog-excludes file Also fix the evaluation of gitlog-excludes file, too
- scripts: modpost: check memory allocation results (bsc#1051510).
- scsi: fcoe: hold disc_mutex when traversing rport lists (bsc#1077989).
- scsi: hpsa: limit transfer length to 1MB, not 512kB (bsc#1102346).
- scsi: libfc: Add lockdep annotations (bsc#1077989).
- scsi: libfc: fixup 'sleeping function called from invalid context' (bsc#1077989).
- scsi: libfc: fixup lockdep annotations (bsc#1077989).
- scsi: libfc: hold disc_mutex in fc_disc_stop_rports() (bsc#1077989).
- scsi: lpfc: Correct MDS diag and nvmet configuration (bsc#1106636).
- scsi: mpt3sas: Fix calltrace observed while running IO and reset (bsc#1077989).
- scsi: qla2xxx: Add appropriate debug info for invalid RX_ID (bsc#1108870).
- scsi: qla2xxx: Add logic to detect ABTS hang and response completion (bsc#1108870).
- scsi: qla2xxx: Add mode control for each physical port (bsc#1108870).
- scsi: qla2xxx: Add support for ZIO6 interrupt threshold (bsc#1108870).
- scsi: qla2xxx: Allow FC-NVMe underrun to be handled by transport (bsc#1108870).
- scsi: qla2xxx: Check for Register disconnect (bsc#1108870).
- scsi: qla2xxx: Decrement login retry count for only plogi (bsc#1108870).
- scsi: qla2xxx: Defer chip reset until target mode is enabled (bsc#1108870).
- scsi: qla2xxx: Fix Remote port registration (bsc#1108870).
- scsi: qla2xxx: Fix deadlock between ATIO and HW lock (bsc#1108870).
- scsi: qla2xxx: Fix double increment of switch scan retry count (bsc#1108870).
- scsi: qla2xxx: Fix dropped srb resource (bsc#1108870).
- scsi: qla2xxx: Fix duplicate switch's Nport ID entries (bsc#1108870).
- scsi: qla2xxx: Fix early srb free on abort (bsc#1108870).
- scsi: qla2xxx: Fix iIDMA error (bsc#1108870).
- scsi: qla2xxx: Fix incorrect port speed being set for FC adapters (bsc#1108870).
- scsi: qla2xxx: Fix out of order Termination and ABTS response (bsc#1108870).
- scsi: qla2xxx: Fix port speed display on chip reset (bsc#1108870).
- scsi: qla2xxx: Fix premature command free (bsc#1108870).
- scsi: qla2xxx: Fix process response queue for ISP26XX and above (bsc#1108870).
- scsi: qla2xxx: Fix race condition for resource cleanup (bsc#1108870).
- scsi: qla2xxx: Fix stuck session in PLOGI state (bsc#1108870).
- scsi: qla2xxx: Force fw cleanup on ADISC error (bsc#1108870).
- scsi: qla2xxx: Increase abort timeout value (bsc#1108870).
- scsi: qla2xxx: Move ABTS code behind qpair (bsc#1108870).
- scsi: qla2xxx: Move rport registration out of internal work_list (bsc#1108870).
- scsi: qla2xxx: Move {get|rel}_sp to base_qpair struct (bsc#1108870).
- scsi: qla2xxx: Reduce holding sess_lock to prevent CPU lock-up (bsc#1108870).
- scsi: qla2xxx: Reject bsg request if chip is down (bsc#1108870).
- scsi: qla2xxx: Remove ASYNC GIDPN switch command (bsc#1108870).
- scsi: qla2xxx: Remove all rports if fabric scan retry fails (bsc#1108870).
- scsi: qla2xxx: Remove redundant check for fcport deletion (bsc#1108870).
- scsi: qla2xxx: Remove stale ADISC_DONE event (bsc#1108870).
- scsi: qla2xxx: Remove stale debug trace message from tcm_qla2xxx (bsc#1108870).
- scsi: qla2xxx: Serialize mailbox request (bsc#1108870).
- scsi: qla2xxx: Terminate Plogi/PRLI if WWN is 0 (bsc#1108870).
- scsi: qla2xxx: Turn off IOCB timeout timer on IOCB completion (bsc#1108870).
- scsi: qla2xxx: Update driver to version 10.00.00.09-k (bsc#1108870).
- scsi: qla2xxx: Update driver version to 10.00.00.10-k (bsc#1108870).
- scsi: qla2xxx: Update driver version to 10.00.00.11-k (bsc#1108870).
- scsi: qla2xxx: Update rscn_rcvd field to more meaningful scan_needed (bsc#1108870).
- scsi: qla2xxx: Use correct qpair for ABTS/CMD (bsc#1108870).
- scsi: qla2xxx: shutdown chip if reset fail (bsc#1108870).
- scsi_debug: call resp_XXX function after setting host_scribble (bsc#1069138).
- scsi_debug: reset injection flags for every_nth > 0 (bsc#1069138).
- selftests/bpf/test_maps: exit child process without error in ENOMEM case (bsc#1083647).
- selftests/bpf: fix a typo in map in map test (bsc#1083647).
- serial: enable spi in sc16is7xx driver References: bsc#1105672
- serial: make sc16is7xx driver supported References: bsc#1105672
- slab: __GFP_ZERO is incompatible with a constructor (bnc#1107060).
- spi-nor: intel-spi: Fix number of protected range registers for BYT/LPT.
- spi: cadence: Change usleep_range() to udelay(), for atomic context (bsc#1051510).
- spi: davinci: fix a NULL pointer dereference (bsc#1051510).
- spi: pxa2xx: Add support for Intel Ice Lake (bsc#1051510).
- staging: bcm2835-audio: Check if workqueue allocation failed.
- staging: bcm2835-audio: Deliver indirect-PCM transfer error.
- staging: bcm2835-audio: Disconnect and free vchi_instance on module_exit().
- staging: bcm2835-audio: Do not leak workqueue if open fails.
- staging: bcm2835-audio: constify snd_pcm_ops structures.
- staging: bcm2835-audio: make snd_pcm_hardware const.
- staging: comedi: ni_mio_common: fix subdevice flags for PFI subdevice (bsc#1051510).
- staging: lustre: Use 'kvfree()' for memory allocated by 'kvzalloc()' (bsc#1051510).
- staging: lustre: disable preempt while sampling processor id (bsc#1051510).
- staging: lustre: fix bug in osc_enter_cache_try (bsc#1051510).
- staging: lustre: ldlm: free resource when ldlm_lock_create() fails (bsc#1051510).
- staging: lustre: libcfs: Prevent harmless read underflow (bsc#1051510).
- staging: lustre: libcfs: fix test for libcfs_ioctl_hdr minimum size (bsc#1051510).
- staging: lustre: llite: correct removexattr detection (bsc#1051510).
- staging: lustre: llite: initialize xattr->xe_namelen (bsc#1051510).
- staging: lustre: lmv: correctly iput lmo_root (bsc#1051510).
- staging: lustre: lov: use correct env in lov_io_data_version_end() (bsc#1051510).
- staging: lustre: o2iblnd: Fix FastReg map/unmap for MLX5 (bsc#1051510).
- staging: lustre: o2iblnd: Fix crash in kiblnd_handle_early_rxs() (bsc#1051510).
- staging: lustre: o2iblnd: fix race at kiblnd_connect_peer (bsc#1051510).
- staging: lustre: obd_mount: use correct niduuid suffix (bsc#1051510).
- staging: lustre: obdclass: return -EFAULT if copy_from_user() fails (bsc#1051510).
- staging: lustre: ptlrpc: kfree used instead of kvfree (bsc#1051510).
- staging: lustre: remove invariant in cl_io_read_ahead() (bsc#1051510).
- staging: lustre: statahead: remove incorrect test on agl_list_empty() (bsc#1051510).
- staging: vc04_services: Fix platform_no_drv_owner.cocci warnings.
- staging: vc04_services: bcm2835-audio Format multiline comment.
- staging: vc04_services: bcm2835-audio: Add blank line after declaration.
- staging: vc04_services: bcm2835-audio: Change to unsigned int *.
- staging: vc04_services: bcm2835-audio: add SPDX identifiers.
- staging: vc04_services: bcm2835-audio: remove redundant license text.
- staging: vc04_services: please do not use multiple blank lines.
- string: drop __must_check from strscpy() and restore strscpy() usages in cgroup (bsc#1051510).
- sunxi-rsb: Include OF based modalias in device uevent (bsc#1051510).
- sys: do not hold uts_sem while accessing userspace memory (bnc#1106995).
- target_core_rbd: break up free_device callback (bsc#1105524).
- target_core_rbd: use RCU in free_device (bsc#1105524).
- tcp: add max_quickacks param to tcp_incr_quickack and tcp_enter_quickack_mode (netfilter-stable-18_08_01).
- tcp: add one more quick ack after after ECN events (netfilter-stable-18_08_01).
- tcp: do not aggressively quick ack after ECN events (netfilter-stable-18_08_01).
- tcp: do not force quickack when receiving out-of-order packets (netfilter-stable-18_08_01).
- tcp: refactor tcp_ecn_check_ce to remove sk type cast (netfilter-stable-18_08_01).
- tcp_bbr: fix bw probing to raise in-flight data for very small BDPs (netfilter-stable-18_08_01).
- thermal: thermal_hwmon: Convert to hwmon_device_register_with_info() (bsc#1103363).
- thermal_hwmon: Pass the originating device down to hwmon_device_register_with_info (bsc#1103363).
- thermal_hwmon: Sanitize attribute name passed to hwmon (bsc#1103363).
- ti: ethernet: cpdma: Use correct format for genpool_* (bsc#1051510).
- tools/power turbostat: Read extended processor family from CPUID (bsc#1051510).
- tools/power turbostat: fix -S on UP systems (bsc#1051510).
- tools: usb: ffs-test: Fix build on big endian systems (bsc#1051510).
- tpm: Introduce flag TPM_TRANSMIT_RAW (bsc#1082555).
- tpm: cmd_ready command can be issued only after granting locality (bsc#1082555).
- tpm: fix race condition in tpm_common_write() (bsc#1082555).
- tpm: fix use after free in tpm2_load_context() (bsc#1082555).
- tpm: separate cmd_ready/go_idle from runtime_pm (bsc#1082555).
- tpm: tpm_crb: relinquish locality on error path (bsc#1082555).
- tpm: vtpm_proxy: Implement request_locality function (bsc#1082555).
- tracepoint: Do not warn on ENOMEM (bsc#1051510).
- uart: fix race between uart_put_char() and uart_shutdown() (bsc#1051510).
- ubifs: Check data node size before truncate (bsc#1051510).
- ubifs: Fix directory size calculation for symlinks (bsc#1106230).
- ubifs: Fix memory leak in lprobs self-check (bsc#1051510).
- ubifs: Fix synced_i_size calculation for xattr inodes (bsc#1051510).
- ubifs: xattr: Do not operate on deleted inodes (bsc#1051510).
- udl-kms: avoid division (bsc#1051510).
- udl-kms: change down_interruptible to down (bsc#1051510).
- udl-kms: fix crash due to uninitialized memory (bsc#1051510).
- udl-kms: handle allocation failure (bsc#1051510).
- udlfb: set optimal write delay (bsc#1051510).
- usb/phy: fix PPC64 build errors in phy-fsl-usb.c (bsc#1051510).
- usb: Do not die twice if PCI xhci host is not responding in resume (bsc#1051510).
- usb: dwc2: fix isoc split in transfer with no data (bsc#1051510).
- usb: dwc2: gadget: Fix issue in dwc2_gadget_start_isoc() (bsc#1051510).
- usb: dwc3: pci: add support for Intel IceLake (bsc#1051510).
- usb: gadget: composite: fix delayed_status race condition when set_interface (bsc#1051510).
- usb: gadget: dwc2: fix memory leak in gadget_init() (bsc#1051510).
- usb: gadget: r8a66597: Fix a possible sleep-in-atomic-context bugs in r8a66597_queue() (bsc#1051510).
- usb: gadget: r8a66597: Fix two possible sleep-in-atomic-context bugs in init_controller() (bsc#1051510).
- usb: gadget: udc: renesas_usb3: fix maxpacket size of ep0 (bsc#1051510).
- usb: xhci: increase CRS timeout value (bsc#1051510).
- userns: move user access out of the mutex (bsc#1051510).
- vfio/pci: Virtualize Maximum Payload Size (bsc#1051510).
- vfio/pci: Virtualize Maximum Read Request Size (bsc#1051510).
- vfio/type1: Fix task tracking for QEMU vCPU hotplug (bsc#1051510).
- vhost: correctly check the iova range when waking virtqueue (bsc#1051510).
- vhost: do not try to access device IOTLB when not initialized (bsc#1051510).
- vhost: reset metadata cache when initializing new IOTLB (netfilter-stable-18_08_17).
- vhost: use mutex_lock_nested() in vhost_dev_lock_vqs() (bsc#1051510).
- video: fbdev: pxafb: clear allocated memory for video modes (bsc#1051510).
- vsock: split dwork to avoid reinitializations (netfilter-stable-18_08_17).
- wlcore: Set rx_status boottime_ns field on rx (bsc#1051510).
- x86/CPU/AMD: Derive CPU topology from CPUID function 0xB when available.
- x86/CPU: Modify detect_extended_topology() to return result.
- x86/events/intel/ds: Fix bts_interrupt_threshold alignment (git-fixes c1961a4631da).
- x86/init: fix build with CONFIG_SWAP=n (bnc#1106121).
- x86/kasan/64: Teach KASAN about the cpu_entry_area (kasan).
- x86/kvm: fix LAPIC timer drift when guest uses periodic mode (bsc#1106240).
- x86/mcelog: Get rid of RCU remnants (git-fixes 5de97c9f6d85).
- x86/mm/kasan: Do not use vmemmap_populate() to initialize shadow (kasan).
- x86/mm/memory_hotplug: determine block size based on the end of boot memory (bsc#1108243).
- x86/platform/UV: Add adjustable set memory block size function (bsc#1108243).
- x86/platform/UV: Add kernel parameter to set memory block size (bsc#1108243).
- x86/platform/UV: Mark memblock related init code and data correctly (bsc#1108243).
- x86/platform/UV: Use new set memory block size function (bsc#1108243).
- x86/spectre: Add missing family 6 check to microcode check (git-fixes a5b296636453).
- x86/speculation/l1tf: Fix off-by-one error when warning that system has too much RAM (bnc#1105536).
- x86/speculation/l1tf: Increase l1tf memory limit for Nehalem+ (bnc#1105536).
- x86/speculation/l1tf: Suggest what to do on systems with too much RAM (bnc#1105536).
- x86/speculation: Use ARCH_CAPABILITIES to skip L1D flush on vmentry (bsc#1106369).
- x86/vdso: Fix vDSO build if a retpoline is emitted (git-fixes 76b043848fd2).
- x86/xen/efi: Initialize only the EFI struct members used by Xen (bnc#1107945).
- x86: irq_remapping: Move irq remapping mode enum.
- xen-netfront-dont-bug-in-case-of-too-many-frags.patch: (bnc#1104824).
- xen-netfront: fix queue name setting (bnc#1065600).
- xen-netfront: fix warn message as irq device name has '/' (bnc#1065600).
- xen/blkback: do not keep persistent grants too long (bsc#1085042).
- xen/blkback: move persistent grants flags to bool (bsc#1085042).
- xen/blkback: remove unused pers_gnts_lock from struct (bsc#1085042).
- xen/blkfront: cleanup stale persistent grants (bsc#1085042).
- xen/blkfront: reorder tests in xlblk_init() (bsc#1085042).
- xen: avoid crash in disable_hotplug_cpu (bsc#1106594).
- xen: xenbus_dev_frontend: Fix XS_TRANSACTION_END handling (bnc#1065600).
- xen: xenbus_dev_frontend: Really return response string (bnc#1065600).
- xenbus: track caller request id (bnc#1065600).
- xfs: Fix per-inode DAX flag inheritance (Git-fixes bsc#1109511).
- xfs: add a new xfs_iext_lookup_extent_before helper (bsc#1095344).
- xfs: add a xfs_bmap_fork_to_state helper (bsc#1095344).
- xfs: add a xfs_iext_update_extent helper (bsc#1095344).
- xfs: add asserts for the mmap lock in xfs_{insert,collapse}_file_space (bsc#1095344).
- xfs: add comments documenting the rebalance algorithm (bsc#1095344).
- xfs: add some comments to xfs_iext_insert/xfs_iext_insert_node (bsc#1095344).
- xfs: allow unaligned extent records in xfs_bmbt_disk_set_all (bsc#1095344).
- xfs: do not create overlapping extents in xfs_bmap_add_extent_delay_real (bsc#1095344).
- xfs: do not rely on extent indices in xfs_bmap_collapse_extents (bsc#1095344).
- xfs: do not rely on extent indices in xfs_bmap_insert_extents (bsc#1095344).
- xfs: do not set XFS_BTCUR_BPRV_WASDEL in xfs_bunmapi (bsc#1095344).
- xfs: fix memory leak in xfs_iext_free_last_leaf (bsc#1095344).
- xfs: fix number of records handling in xfs_iext_split_leaf (bsc#1095344).
- xfs: fix type usage (bsc#1095344).
- xfs: handle zero entries case in xfs_iext_rebalance_leaf (bsc#1095344).
- xfs: inline xfs_shift_file_space into callers (bsc#1095344).
- xfs: introduce the xfs_iext_cursor abstraction (bsc#1095344).
- xfs: iterate backwards in xfs_reflink_cancel_cow_blocks (bsc#1095344).
- xfs: iterate over extents in xfs_bmap_extents_to_btree (bsc#1095344).
- xfs: iterate over extents in xfs_iextents_copy (bsc#1095344).
- xfs: make better use of the 'state' variable in xfs_bmap_del_extent_real (bsc#1095344).
- xfs: merge xfs_bmap_read_extents into xfs_iread_extents (bsc#1095344).
- xfs: move pre/post-bmap tracing into xfs_iext_update_extent (bsc#1095344).
- xfs: move some code around inside xfs_bmap_shift_extents (bsc#1095344).
- xfs: move some more code into xfs_bmap_del_extent_real (bsc#1095344).
- xfs: move xfs_bmbt_irec and xfs_exntst_t to xfs_types.h (bsc#1095344).
- xfs: move xfs_iext_insert tracepoint to report useful information (bsc#1095344).
- xfs: pass a struct xfs_bmbt_irec to xfs_bmbt_lookup_eq (bsc#1095344).
- xfs: pass a struct xfs_bmbt_irec to xfs_bmbt_update (bsc#1095344).
- xfs: pass an on-disk extent to xfs_bmbt_validate_extent (bsc#1095344).
- xfs: pass struct xfs_bmbt_irec to xfs_bmbt_validate_extent (bsc#1095344).
- xfs: preserve i_rdev when recycling a reclaimable inode (bsc#1095344).
- xfs: refactor delalloc accounting in xfs_bmap_add_extent_delay_real (bsc#1095344).
- xfs: refactor dir2 leaf readahead shadow buffer cleverness (bsc#1095344).
- xfs: refactor xfs_bmap_add_extent_delay_real (bsc#1095344).
- xfs: refactor xfs_bmap_add_extent_hole_delay (bsc#1095344).
- xfs: refactor xfs_bmap_add_extent_hole_real (bsc#1095344).
- xfs: refactor xfs_bmap_add_extent_unwritten_real (bsc#1095344).
- xfs: refactor xfs_del_extent_real (bsc#1095344).
- xfs: remove XFS_BMAP_MAX_SHIFT_EXTENTS (bsc#1095344).
- xfs: remove XFS_BMAP_TRACE_EXLIST (bsc#1095344).
- xfs: remove a duplicate assignment in xfs_bmap_add_extent_delay_real (bsc#1095344).
- xfs: remove a superflous assignment in xfs_iext_remove_node (bsc#1095344).
- xfs: remove all xfs_bmbt_set_* helpers except for xfs_bmbt_set_all (bsc#1095344).
- xfs: remove if_rdev (bsc#1095344).
- xfs: remove post-bmap tracing in xfs_bmap_local_to_extents (bsc#1095344).
- xfs: remove support for inlining data/extents into the inode fork (bsc#1095344).
- xfs: remove the never fully implemented UUID fork format (bsc#1095344).
- xfs: remove the nr_extents argument to xfs_iext_insert (bsc#1095344).
- xfs: remove the nr_extents argument to xfs_iext_remove (bsc#1095344).
- xfs: remove xfs_bmbt_get_state (bsc#1095344).
- xfs: remove xfs_bmse_shift_one (bsc#1095344).
- xfs: rename bno to end in __xfs_bunmapi (bsc#1095344).
- xfs: replace xfs_bmbt_lookup_ge with xfs_bmbt_lookup_first (bsc#1095344).
- xfs: replace xfs_qm_get_rtblks with a direct call to xfs_bmap_count_leaves (bsc#1095344).
- xfs: rewrite getbmap using the xfs_iext_* helpers (bsc#1095344).
- xfs: rewrite xfs_bmap_count_leaves using xfs_iext_get_extent (bsc#1095344).
- xfs: rewrite xfs_bmap_first_unused to make better use of xfs_iext_get_extent (bsc#1095344).
- xfs: simplify the xfs_getbmap interface (bsc#1095344).
- xfs: simplify xfs_reflink_convert_cow (bsc#1095344).
- xfs: split xfs_bmap_shift_extents (bsc#1095344).
- xfs: switch xfs_bmap_local_to_extents to use xfs_iext_insert (bsc#1095344).
- xfs: treat idx as a cursor in xfs_bmap_add_extent_delay_real (bsc#1095344).
- xfs: treat idx as a cursor in xfs_bmap_add_extent_hole_delay (bsc#1095344).
- xfs: treat idx as a cursor in xfs_bmap_add_extent_hole_real (bsc#1095344).
- xfs: treat idx as a cursor in xfs_bmap_add_extent_unwritten_real (bsc#1095344).
- xfs: treat idx as a cursor in xfs_bmap_collapse_extents (bsc#1095344).
- xfs: treat idx as a cursor in xfs_bmap_del_extent_* (bsc#1095344).
- xfs: trivial indentation fixup for xfs_iext_remove_node (bsc#1095344).
- xfs: update got in xfs_bmap_shift_update_extent (bsc#1095344).
- xfs: use a b+tree for the in-core extent list (bsc#1095344).
- xfs: use correct state defines in xfs_bmap_del_extent_{cow,delay} (bsc#1095344).
- xfs: use the state defines in xfs_bmap_del_extent_real (bsc#1095344).
- xfs: use xfs_bmap_del_extent_delay for the data fork as well (bsc#1095344).
- xfs: use xfs_iext_*_extent helpers in xfs_bmap_shift_extents (bsc#1095344).
- xfs: use xfs_iext_*_extent helpers in xfs_bmap_split_extent_at (bsc#1095344).
- xfs: use xfs_iext_get_extent in xfs_bmap_first_unused (bsc#1095344).
- xfs: use xfs_iext_get_extent instead of open coding it (bsc#1095344).
Patchnames
SUSE-SLE-Module-Live-Patching-15-2018-2120
Terms of use
CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).
{ document: { aggregate_severity: { namespace: "https://www.suse.com/support/security/rating/", text: "important", }, category: "csaf_security_advisory", csaf_version: "2.0", distribution: { text: "Copyright 2024 SUSE LLC. All rights reserved.", tlp: { label: "WHITE", url: "https://www.first.org/tlp/", }, }, lang: "en", notes: [ { category: "summary", text: "Security update for the Linux Kernel", title: "Title of the patch", }, { category: "description", text: "\nThe SUSE Linux Enterprise 15 kernel was updated to receive various security and bugfixes.\n\nThe following security bugs were fixed:\n\n- CVE-2018-14617: Prevent NULL pointer dereference and panic in\n hfsplus_lookup() when opening a file (that is purportedly a hard link) in an\n hfs+ filesystem that has malformed catalog data, and is mounted read-only\n without a metadata directory (bsc#1102870)\n- CVE-2018-14613: Prevent invalid pointer dereference in io_ctl_map_page() when\n mounting and operating a crafted btrfs image, caused by a lack of block group\n item validation in check_leaf_item (bsc#1102896).\n- CVE-2018-10940: The cdrom_ioctl_media_changed function allowed local\n attackers to use a incorrect bounds check in the CDROM driver\n CDROM_MEDIA_CHANGED ioctl to read out kernel memory (bsc#1092903)\n- CVE-2018-13093: Prevent NULL pointer dereference and panic in lookup_slow()\n on a NULL inode->i_ops pointer when doing pathwalks on a corrupted xfs image.\n This occured because of a lack of proper validation that cached inodes are free\n during allocation (bnc#1100001)\n- CVE-2018-13094: Prevent OOPS that may have occured for a corrupted xfs image\n after xfs_da_shrink_inode() is called with a NULL bp (bnc#1100000)\n- CVE-2018-13095: Prevent denial of service (memory corruption and BUG) that\n could have occurred for a corrupted xfs image upon encountering an inode that\n is in extent format, but has more extents than fit in the inode fork\n (bnc#1099999)\n- CVE-2018-12896: Prevent integer overflow in the POSIX timer code that was\n caused by the way the overrun accounting works. Depending on interval and\n expiry time values, the overrun can be larger than INT_MAX, but the accounting\n is int based. This basically made the accounting values, which are visible to\n user space via timer_getoverrun(2) and siginfo::si_overrun, random. This\n allowed a local user to cause a denial of service (signed integer overflow) via\n crafted mmap, futex, timer_create, and timer_settime system calls (bnc#1099922)\n- CVE-2018-16658: Prevent information leak in cdrom_ioctl_drive_status that\n could have been used by local attackers to read kernel memory (bnc#1107689)\n- CVE-2018-6555: The irda_setsockopt function allowed local users to cause a\n denial of service (ias_object use-after-free and system crash) or possibly have\n unspecified other impact via an AF_IRDA socket (bnc#1106511)\n- CVE-2018-6554: Prevent memory leak in the irda_bind function that allowed\n local users to cause a denial of service (memory consumption) by repeatedly\n binding an AF_IRDA socket (bnc#1106509)\n- CVE-2018-1129: A flaw was found in the way signature calculation was handled\n by cephx authentication protocol. An attacker having access to ceph cluster\n network who is able to alter the message payload was able to bypass signature\n checks done by cephx protocol (bnc#1096748)\n- CVE-2018-1128: It was found that cephx authentication protocol did not verify\n ceph clients correctly and was vulnerable to replay attack. Any attacker having\n access to ceph cluster network who is able to sniff packets on network can use\n this vulnerability to authenticate with ceph service and perform actions\n allowed by ceph service (bnc#1096748)\n- CVE-2018-10938: A crafted network packet sent remotely by an attacker forced\n the kernel to enter an infinite loop in the cipso_v4_optptr() function leading\n to a denial-of-service (bnc#1106016)\n\nThe following non-security bugs were fixed:\n\n- /dev/mem: Add bounce buffer for copy-out (git-fixes).\n- /dev/mem: Avoid overwriting 'err' in read_mem() (git-fixes).\n- 9p/net: Fix zero-copy path in the 9p virtio transport (bsc#1051510).\n- 9p/virtio: fix off-by-one error in sg list bounds check (bsc#1051510).\n- 9p: fix multiple NULL-pointer-dereferences (bsc#1051510).\n- ACPI / EC: Add another entry for Thinkpad X1 Carbon 6th (bsc#1051510).\n- ACPI / EC: Add parameter to force disable the GPE on suspend (bsc#1051510).\n- ACPI / EC: Use ec_no_wakeup on ThinkPad X1 Yoga 3rd (bsc#1051510).\n- ACPI / EC: Use ec_no_wakeup on Thinkpad X1 Carbon 6th (bsc#1051510).\n- ACPI / EC: Use ec_no_wakeup on more Thinkpad X1 Carbon 6th systems (bsc#1051510).\n- ACPI / PCI: pci_link: Allow the absence of _PRS and change log level (bsc#1104172).\n- ACPI / bus: Only call dmi_check_system on X86 (bsc#1105597, bsc#1106178).\n- ACPI / scan: Initialize status to ACPI_STA_DEFAULT (bsc#1051510).\n- ACPI/IORT: Remove temporary iort_get_id_mapping_index() ACPICA guard (bsc#1103387).\n- ACPI/PCI: pci_link: reduce verbosity when IRQ is enabled (bsc#1104172).\n- ACPICA: iasl: Add SMMUv3 device ID mapping index support (bsc#1103387).\n- ALSA: cs46xx: Deliver indirect-PCM transfer error.\n- ALSA: emu10k1: Deliver indirect-PCM transfer error.\n- ALSA: fireface: fix memory leak in ff400_switch_fetching_mode() (bsc#1051510).\n- ALSA: firewire-digi00x: fix memory leak of private data (bsc#1051510).\n- ALSA: firewire-tascam: fix memory leak of private data (bsc#1051510).\n- ALSA: hda - Fix cancel_work_sync() stall from jackpoll work (bsc#1051510).\n- ALSA: mips: Deliver indirect-PCM transfer error.\n- ALSA: oxfw: fix memory leak for model-dependent data at error path (bsc#1051510).\n- ALSA: oxfw: fix memory leak of discovered stream formats at error path (bsc#1051510).\n- ALSA: oxfw: fix memory leak of private data (bsc#1051510).\n- ALSA: pcm: Call ack() whenever appl_ptr is updated.\n- ALSA: pcm: Fix negative appl_ptr handling in pcm-indirect helpers.\n- ALSA: pcm: Fix possible inconsistent appl_ptr update via mmap.\n- ALSA: pcm: Simplify forward/rewind codes.\n- ALSA: pcm: Skip ack callback without actual appl_ptr update.\n- ALSA: pcm: Use a common helper for PCM state check and hwsync.\n- ALSA: pcm: Workaround for weird PulseAudio behavior on rewind error.\n- ALSA: rme32: Deliver indirect-PCM transfer error.\n- ARM: 8780/1: ftrace: Only set kernel memory back to read-only after boot (bsc#1051510).\n- ARM: DRA7/OMAP5: Enable ACTLR[0] (Enable invalidates of BTB) for secondary cores (bsc#1051510).\n- ARM: hisi: fix error handling and missing of_node_put (bsc#1051510).\n- ARM: hisi: handle of_iomap and fix missing of_node_put (bsc#1051510).\n- ARM: imx: flag failure of of_iomap (bsc#1051510).\n- ARM: imx_v4_v5_defconfig: Select ULPI support (bsc#1051510).\n- ARM: imx_v6_v7_defconfig: Select ULPI support (bsc#1051510).\n- ARM: pxa: irq: fix handling of ICMR registers in suspend/resume (bsc#1051510).\n- ASoC: rsnd: fixup not to call clk_get/set under non-atomic (bsc#1051510).\n- ASoC: rsnd: move rsnd_ssi_config_init() execute condition into it (bsc#1051510).\n- ASoC: rsnd: update pointer more accurate (bsc#1051510).\n- ASoC: wm8994: Fix missing break in switch (bsc#1051510).\n- Apply e666d4e9ceec crypto: vmx - Use skcipher for ctr fallback to SLE12-SP4 (bsc#1106464).\n- Bluetooth: h5: Fix missing dependency on BT_HCIUART_SERDEV (bsc#1051510).\n- Bluetooth: hidp: Fix handling of strncpy for hid->name information (bsc#1051510).\n- Prevent errors at reboot (bsc#1093389)\n- Documentation: add some docs for errseq_t (bsc#1107008).\n- Fix buggy backport of patches.drivers/libnvdimm-btt-fix-an-incompatibility-in-the-log-layout.patch (bsc#1103961).\n- Fix kABI breakage due to enum addition for ath10k (bsc#1051510).\n- HID: add quirk for another PIXART OEM mouse used by HP (bsc#1051510).\n- HID: i2c-hid: Add no-irq-after-reset quirk for 0911:5288 device.\n- IB/core: type promotion bug in rdma_rw_init_one_mr() (bsc#1046306).\n- IB/hfi1: Invalid NUMA node information can cause a divide by zero (bsc#1060463).\n- IB/hfi1: Remove incorrect call to do_interrupt callback (bsc#1060463).\n- IB/hfi1: Set in_use_ctxts bits for user ctxts only (bsc#1060463 ).\n- IB/ipoib: Avoid a race condition between start_xmit and cm_rep_handler (bsc#1046307).\n- IB/ipoib: Fix error return code in ipoib_dev_init() (bsc#1046307 ).\n- IB/mlx4: Test port number before querying type (bsc#1046302 ).\n- IB/mlx4: Use 4K pages for kernel QP's WQE buffer (bsc#1046302 ).\n- Input: atmel_mxt_ts - only use first T9 instance (bsc#1051510).\n- Input: edt-ft5x06 - fix error handling for factory mode on non-M06 (bsc#1051510).\n- Input: edt-ft5x06 - implement support for the EDT-M12 series (bsc#1051510).\n- Input: edt-ft5x06 - make distinction between m06/m09/generic more clear (bsc#1051510).\n- Input: synaptics-rmi4 - fix axis-swap behavior (bsc#1051510).\n- KABI: tpm: change relinquish_locality return value back to void (bsc#1082555).\n- KABI: tpm: do keep the cmd_ready and go_idle as pm ops (bsc#1082555).\n- KVM/x86: remove WARN_ON() for when vm_munmap() fails (bsc#1106240).\n- KVM: Enforce error in ioctl for compat tasks when !KVM_COMPAT (bsc#1106240).\n- KVM: PPC: Book3S: Fix guest DMA when guest partially backed by THP pages (bsc#1077761, git-fixes, bsc#1103948, bsc#1103949).\n- KVM: VMX: Work around kABI breakage in 'enum vmx_l1d_flush_state' (bsc#1106369).\n- KVM: VMX: fixes for vmentry_l1d_flush module parameter (bsc#1106369).\n- KVM: nVMX: Do not flush TLB when vmcs12 uses VPID (bsc#1106240).\n- KVM: nVMX: Fix injection to L2 when L1 do not intercept external-interrupts (bsc#1106240).\n- KVM: nVMX: Fix races when sending nested PI while dest enters/leaves L2 (bsc#1106240).\n- KVM: nVMX: Re-evaluate L1 pending events when running L2 and L1 got posted-interrupt (bsc#1106240).\n- KVM: s390: add etoken support for guests (bsc#1106948, LTC#171029).\n- KVM: s390: force bp isolation for VSIE (bsc#1103421).\n- KVM: s390: implement CPU model only facilities (bsc#1106948, LTC#171029).\n- KVM: x86: Change __kvm_apic_update_irr() to also return if max IRR updated (bsc#1106240).\n- KVM: x86: SVM: Call x86_spec_ctrl_set_guest/host() with interrupts disabled (git-fixes 1f50ddb4f418).\n- KVM: x86: fix APIC page invalidation (bsc#1106240).\n- NET: stmmac: align DMA stuff to largest cache line length (netfilter-stable-18_08_01).\n- NFSv4 client live hangs after live data migration recovery (git-fixes).\n- NFSv4: Fix a sleep in atomic context in nfs4_callback_sequence() (git-fixes).\n- NFSv4: Fix possible 1-byte stack overflow in nfs_idmap_read_and_verify_message (git-fixes).\n- Netperf performance issue due to AppArmor net mediation (bsc#1108520) \n- PCI: Match Root Port's MPS to endpoint's MPSS as necessary (bsc#1109269).\n- PCI: OF: Fix I/O space page leak (git-fixes).\n- PCI: aardvark: Fix I/O space page leak (git-fixes).\n- PCI: hotplug: Do not leak pci_slot on registration failure (bsc#1051510).\n- PCI: hv: Make sure the bus domain is really unique (git-fixes).\n- PCI: mvebu: Fix I/O space end address calculation (bsc#1051510).\n- PCI: pciehp: Fix use-after-free on unplug (bsc#1051510).\n- PM / Domains: Fix error path during attach in genpd (bsc#1051510).\n- PM / clk: signedness bug in of_pm_clk_add_clks() (bsc#1051510).\n- PM / runtime: Drop usage count for suppliers at device link removal (bsc#1100132).\n- RDMA/bnxt_re: Fix a bunch of off by one bugs in qplib_fp.c (bsc#1050244).\n- RDMA/bnxt_re: Fix a couple off by one bugs (bsc#1050244 ).\n- RDMA/i40w: Hold read semaphore while looking after VMA (bsc#1058659).\n- Refresh with the upstream patches for lan78xx fixes (bsc#1085262) \n- Replace magic for trusting the secondary keyring with #define (bsc#1051510).\n- Revert 'PCI: Add ACS quirk for Intel 300 series' (bsc#1051510).\n- Revert 'UBIFS: Fix potential integer overflow in allocation' (bsc#1051510).\n- Revert 'mm: page_alloc: skip over regions of invalid pfns where possible' (bnc#1107078).\n- Revert 'vhost: cache used event for better performance' (bsc#1090528).\n- Revert 'vmalloc: back off when the current task is killed' (bnc#1107073).\n- Staging: vc04_services: remove unused variables.\n- Tools: hv: vss: fix loop device detection.\n- USB: net2280: Fix erroneous synchronization change (bsc#1051510).\n- USB: serial: io_ti: fix array underflow in completion handler (bsc#1051510).\n- USB: serial: ti_usb_3410_5052: fix array underflow in completion handler (bsc#1051510).\n- Update patches.drivers/0016-arm64-vgic-v2-Fix-proxying-of-cpuif-access.patch (bsc#1106901, bsc#1107265).\n- Update patches.fixes/4.4.139-043-powerpc-mm-hash-Add-missing-isync-prior-to-ke.patch (bnc#1012382, bsc#1094244).\n- Update config files, make CRYPTO_CRCT10DIF_PCLMUL built-in (bsc#1105603).\n- Update patch tag of dmi fix (bsc#1105597) Also moved to the sorted section.\n- Update patch tags of recent security fixes (bsc#1106426)\n- Update references (bsc#1064232)\n- Workaround kABI breakage by __must_check drop of strscpy() (bsc#1051510).\n- ahci: Add Intel Ice Lake LP PCI ID (bsc#1051510).\n- apparmor: Fix regression in profile conflict logic (bsc#1106427)\n- apparmor: ensure that undecidable profile attachments fail (bsc#1106427).\n- apparmor: fix an error code in __aa_create_ns() (bsc#1106427).\n- apparmor: remove no-op permission check in policy_unpack (bsc#1106427).\n- arm64/acpi: Create arch specific cpu to acpi id helper (bsc#1106903).\n- arm64/kasan: do not allocate extra shadow memory (bsc#1106897).\n- arm64/mm/kasan: do not use vmemmap_populate() to initialize shadow (bsc#1106898).\n- arm64: Enforce BBM for huge IO/VMAP mappings (bsc#1106890).\n- arm64: Ignore hardware dirty bit updates in ptep_set_wrprotect() (bsc#1108010).\n- arm64: Make sure permission updates happen for pmd/pud (bsc#1106891).\n- arm64: dma-mapping: clear buffers allocated with FORCE_CONTIGUOUS flag (bsc#1106902).\n- arm64: export memblock_reserve()d regions via /proc/iomem (bsc#1106892).\n- arm64: fix unwind_frame() for filtered out fn for function graph tracing (bsc#1106900).\n- arm64: fix vmemmap BUILD_BUG_ON() triggering on !vmemmap setups (bsc#1106896).\n- arm64: fpsimd: Avoid FPSIMD context leakage for the init task (bsc#1106894).\n- arm64: kasan: avoid pfn_to_nid() before page array is initialized (bsc#1106899).\n- arm64: mm: Ensure writes to swapper are ordered wrt subsequent cache maintenance (bsc#1106906).\n- arm64: mm: check for upper PAGE_SHIFT bits in pfn_valid() (bsc#1106893).\n- arm64: numa: rework ACPI NUMA initialization (bsc#1106905).\n- arm64: vgic-v2: Fix proxying of cpuif access (bsc#1106901).\n- ata: libahci: Allow reconfigure of DEVSLP register (bsc#1051510).\n- ata: libahci: Correct setting of DEVSLP register (bsc#1051510).\n- ath10k: disable bundle mgmt tx completion event support (bsc#1051510).\n- ath10k: update the phymode along with bandwidth change request (bsc#1051510).\n- ath9k: add MSI support.\n- ath9k: report tx status on EOSP (bsc#1051510).\n- ath9k_hw: fix channel maximum power level test (bsc#1051510).\n- b43/leds: Ensure NUL-termination of LED name string (bsc#1051510).\n- b43legacy/leds: Ensure NUL-termination of LED name string (bsc#1051510).\n- bcache: avoid unncessary cache prefetch bch_btree_node_get().\n- bcache: calculate the number of incremental GC nodes according to the total of btree nodes.\n- bcache: display rate debug parameters to 0 when writeback is not running.\n- bcache: do not check return value of debugfs_create_dir().\n- bcache: finish incremental GC.\n- bcache: fix I/O significant decline while backend devices registering.\n- bcache: fix error setting writeback_rate through sysfs interface.\n- bcache: free heap cache_set->flush_btree in bch_journal_free.\n- bcache: make the pr_err statement used for ENOENT only in sysfs_attatch section.\n- bcache: release dc->writeback_lock properly in bch_writeback_thread().\n- bcache: set max writeback rate when I/O request is idle.\n- bcache: simplify the calculation of the total amount of flash dirty data.\n- Add a blacklist entry for the reverted patch (bsc#1106743)\n- blk-mq: avoid to synchronize rcu inside blk_cleanup_queue() (bsc#1077989).\n- blkdev: __blkdev_direct_IO_simple: fix leak in error case (bsc#1083663).\n- block, bfq: return nbytes and not zero from struct cftype .write() method (bsc#1106238).\n- block: bio_iov_iter_get_pages: fix size of last iovec (bsc#1083663).\n- block: bio_iov_iter_get_pages: pin more pages for multi-segment IOs (bsc#1083663).\n- block: do not print a message when the device went away (bsc#1098459).\n- block: do not warn for flush on read-only device (bsc#1107756).\n- bnxt_en: Clean up unused functions (bsc#1086282).\n- bnxt_en: Do not adjust max_cp_rings by the ones used by RDMA (bsc#1086282).\n- bnxt_en: Fix VF mac address regression (bsc#1086282 ).\n- bnxt_re: Fix couple of memory leaks that could lead to IOMMU call traces (bsc#1050244).\n- bonding: avoid lockdep confusion in bond_get_stats() (netfilter-stable-18_08_04).\n- bpf, s390: fix potential memleak when later bpf_jit_prog fails (bsc#1083647).\n- bpf: fix references to free_bpf_prog_info() in comments (bsc#1083647).\n- bpf: fix uninitialized variable in bpf tools (bsc#1083647).\n- bpf: hash map: decrement counter on error (bsc#1083647).\n- bpf: powerpc64: pad function address loads with NOPs (bsc#1083647).\n- bpf: use GFP_ATOMIC instead of GFP_KERNEL in bpf_parse_prog() (bsc#1083647).\n- brcmfmac: stop watchdog before detach and free everything (bsc#1051510).\n- btrfs: Add checker for EXTENT_CSUM (bsc#1102882, bsc#1102896, bsc#1102879, bsc#1102877, bsc#1102875,).\n- btrfs: Add sanity check for EXTENT_DATA when reading out leaf (bsc#1102882, bsc#1102896, bsc#1102879, bsc#1102877, bsc#1102875,).\n- btrfs: Check if item pointer overlaps with the item itself (bsc#1102882, bsc#1102896, bsc#1102879, bsc#1102877, bsc#1102875,).\n- btrfs: Check that each block group has corresponding chunk at mount time (bsc#1102882, bsc#1102896, bsc#1102879, bsc#1102877, bsc#1102875,).\n- btrfs: Fix use-after-free when cleaning up fs_devs with a single stale device (bsc#1097105).\n- btrfs: Handle error from btrfs_uuid_tree_rem call in _btrfs_ioctl_set_received_subvol (bsc#1097105).\n- btrfs: Introduce mount time chunk <-> dev extent mapping check (bsc#1102882, bsc#1102896, bsc#1102879, bsc#1102877, bsc#1102875,).\n- btrfs: Manually implement device_total_bytes getter/setter (bsc#1043912).\n- btrfs: Move leaf and node validation checker to tree-checker.c (bsc#1102882, bsc#1102896, bsc#1102879, bsc#1102877, bsc#1102875,).\n- btrfs: Round down values which are written for total_bytes_size (bsc#1043912).\n- btrfs: Verify that every chunk has corresponding block group at mount time (bsc#1102882, bsc#1102896, bsc#1102879, bsc#1102877, bsc#1102875,).\n- btrfs: fix error handling in btrfs_dev_replace_start (bsc#1107535).\n- btrfs: round down size diff when shrinking/growing device (bsc#1097105).\n- btrfs: tree-checker: Add checker for dir item (bsc#1102882, bsc#1102896, bsc#1102879, bsc#1102877, bsc#1102875,).\n- btrfs: tree-checker: Detect invalid and empty essential trees (bsc#1102882, bsc#1102896, bsc#1102879, bsc#1102877, bsc#1102875,).\n- btrfs: tree-checker: Enhance btrfs_check_node output (bsc#1102882, bsc#1102896, bsc#1102879, bsc#1102877, bsc#1102875,).\n- btrfs: tree-checker: Enhance output for check_extent_data_item (bsc#1102882, bsc#1102896, bsc#1102879, bsc#1102877, bsc#1102875,).\n- btrfs: tree-checker: Enhance output for btrfs_check_leaf (bsc#1102882, bsc#1102896, bsc#1102879, bsc#1102877, bsc#1102875,).\n- btrfs: tree-checker: Enhance output for check_csum_item (bsc#1102882, bsc#1102896, bsc#1102879, bsc#1102877, bsc#1102875,).\n- btrfs: tree-checker: Fix false panic for sanity test (bsc#1102882, bsc#1102896, bsc#1102879, bsc#1102877, bsc#1102875,).\n- btrfs: tree-checker: Replace root parameter with fs_info (bsc#1102882, bsc#1102896, bsc#1102879, bsc#1102877, bsc#1102875,).\n- btrfs: tree-checker: Verify block_group_item (bsc#1102882, bsc#1102896, bsc#1102879, bsc#1102877, bsc#1102875,).\n- btrfs: tree-checker: use %zu format string for size_t (bsc#1102882, bsc#1102896, bsc#1102879, bsc#1102877, bsc#1102875,).\n- btrfs: tree-checker: use %zu format string for size_t (bsc#1102882, bsc#1102896, bsc#1102879, bsc#1102877, bsc#1102875,).\n- cdrom: Fix info leak/OOB read in cdrom_ioctl_drive_status (bsc#1051510).\n- ceph: fix incorrect use of strncpy (bsc#1107319).\n- ceph: return errors from posix_acl_equiv_mode() correctly (bsc#1107320).\n- cfg80211: nl80211_update_ft_ies() to validate NL80211_ATTR_IE (bsc#1051510).\n- cgroup: avoid copying strings longer than the buffers (bsc#1051510).\n- cifs: Fix stack out-of-bounds in smb{2,3}_create_lease_buf() (bsc#1051510).\n- cifs: check kmalloc before use (bsc#1051510).\n- cifs: store the leaseKey in the fid on SMB2_open (bsc#1051510).\n- cls_matchall: fix tcf_unbind_filter missing (networking-stable-18_08_21).\n- crypto: caam/jr - fix descriptor DMA unmapping (bsc#1051510).\n- crypto: caam/qi - fix error path in xts setkey (bsc#1051510).\n- crypto: vmx - Fix sleep-in-atomic bugs (bsc#1051510).\n- cxl: Configure PSL to not use APC virtual machines (bsc#1055014, git-fixes).\n- cxl: Fix wrong comparison in cxl_adapter_context_get() (bsc#1055014, git-fixes).\n- dax: remove VM_MIXEDMAP for fsdax and device dax (bsc#1106007).\n- dccp: fix undefined behavior with 'cwnd' shift in ccid2_cwnd_restart() (netfilter-stable-18_08_17).\n- drm/amd/pp/Polaris12: Fix a chunk of registers missed to program (bsc#1051510).\n- drm/amdgpu: Fix RLC safe mode test in gfx_v9_0_enter_rlc_safe_mode (bsc#1051510).\n- drm/amdgpu: fix swapped emit_ib_size in vce3 (bsc#1051510).\n- drm/amdgpu: update tmr mc address (bsc#1100132).\n- drm/amdgpu:add new firmware id for VCN (bsc#1051510).\n- drm/amdgpu:add tmr mc address into amdgpu_firmware_info (bsc#1051510).\n- drm/arm/malidp: Preserve LAYER_FORMAT contents when setting format (bsc#1051510).\n- drm/armada: fix colorkey mode property (bsc#1051510).\n- drm/armada: fix irq handling (bsc#1051510).\n- drm/bridge/sii8620: Fix display of packed pixel modes (bsc#1051510).\n- drm/bridge/sii8620: fix display of packed pixel modes in MHL2 (bsc#1051510).\n- drm/bridge/sii8620: fix loops in EDID fetch logic (bsc#1051510).\n- drm/bridge: adv7511: Reset registers on hotplug (bsc#1051510).\n- drm/edid: Add 6 bpc quirk for SDC panel in Lenovo B50-80 (bsc#1051510).\n- drm/exynos: decon5433: Fix WINCONx reset value (bsc#1051510).\n- drm/exynos: decon5433: Fix per-plane global alpha for XRGB modes (bsc#1051510).\n- drm/exynos: gsc: Fix support for NV16/61, YUV420/YVU420 and YUV422 modes (bsc#1051510).\n- drm/i915/audio: Fix audio enumeration issue on BXT.\n- drm/i915/gvt: Fix the incorrect length of child_device_config issue (bsc#1051510).\n- drm/i915/gvt: clear ggtt entries when destroy vgpu (bsc#1051510).\n- drm/i915/gvt: request srcu_read_lock before checking if one gfn is valid (bsc#1051510).\n- drm/i915/kvmgt: Fix potential Spectre v1 (bsc#1051510).\n- drm/i915/lpe: Mark LPE audio runtime pm as 'no callbacks' (bsc#1051510).\n- drm/i915/overlay: Allocate physical registers from stolen (bsc#1051510).\n- drm/i915: Increase LSPCON timeout (bsc#1051510).\n- drm/i915: set DP Main Stream Attribute for color range on DDI platforms (bsc#1051510).\n- drm/imx: imx-ldb: check if channel is enabled before printing warning (bsc#1051510).\n- drm/imx: imx-ldb: disable LDB on driver bind (bsc#1051510).\n- drm/modes: Introduce drm_mode_match().\n- drm/nouveau/drm/nouveau: Fix bogus drm_kms_helper_poll_enable() placement (bsc#1051510).\n- drm/tegra: Check for malformed offsets and sizes in the 'submit' IOCTL (bsc#1106170).\n- drm/tegra: Fix comparison operator for buffer size (bsc#1100132).\n- drm/vc4: Fix the 'no scaling' case on multi-planar YUV formats (bsc#1051510).\n- drm: Add DRM client cap for aspect-ratio.\n- drm: Add and handle new aspect ratios in DRM layer.\n- drm: Add aspect ratio parsing in DRM layer.\n- drm: Expose modes with aspect ratio, only if requested.\n- drm: Handle aspect ratio info in legacy modeset path.\n- drm: mali-dp: Enable Global SE interrupts mask for DP500 (bsc#1051510).\n- dwc2: gadget: Fix ISOC IN DDMA PID bitfield value calculation (bsc#1051510).\n- errseq: Add to documentation tree (bsc#1107008).\n- errseq: Always report a writeback error once (bsc#1107008).\n- ext4: sysfs: print ext4_super_block fields as little-endian (bsc#1106229).\n- f2fs: remove unneeded memory footprint accounting (bsc#1106233).\n- f2fs: remove unneeded memory footprint accounting (bsc#1106297).\n- f2fs: validate before set/clear free nat bitmap (bsc#1106231).\n- f2fs: validate before set/clear free nat bitmap (bsc#1106297).\n- fat: fix memory allocation failure handling of match_strdup() (bsc#1051510).\n- fb: fix lost console when the user unplugs a USB adapter (bsc#1051510).\n- fbdev: omapfb: off by one in omapfb_register_client() (bsc#1051510).\n- fix __legitimize_mnt()/mntput() race (bsc#1106297).\n- fix a page leak in vhost_scsi_iov_to_sgl() error recovery (bsc#1051510).\n- fix mntput/mntput race (bsc#1106297).\n- fs/9p/xattr.c: catch the error of p9_client_clunk when setting xattr failed (bsc#1051510).\n- fs/proc/proc_sysctl.c: fix potential page fault while unregistering sysctl table (bsc#1106297).\n- fuse: Add missed unlock_page() to fuse_readpages_fill() (bsc#1106291).\n- fuse: Fix oops at process_init_reply() (bsc#1106291).\n- fuse: fix double request_end() (bsc#1106291).\n- fuse: fix initial parallel dirops (bsc#1106291).\n- fuse: fix unlocked access to processing queue (bsc#1106291).\n- fuse: umount should wait for all requests (bsc#1106291).\n- getxattr: use correct xattr length (bsc#1106235).\n- getxattr: use correct xattr length (bsc#1106297).\n- gpio: ml-ioh: Fix buffer underwrite on probe error path (bsc#1051510).\n- gpio: tegra: Move driver registration to subsys_init level (bsc#1051510).\n- gpiolib-acpi: make sure we trigger edge events at least once on boot (bsc#1051510).\n- gpiolib: acpi: Switch to cansleep version of GPIO library call (bsc#1051510).\n- gpu: host1x: Check whether size of unpin isn't 0 (bsc#1051510).\n- gpu: ipu-v3: default to id 0 on missing OF alias (bsc#1051510).\n- i2c: core: ACPI: Properly set status byte to 0 for multi-byte writes (bsc#1051510).\n- i2c: davinci: Avoid zero value of CLKH (bsc#1051510).\n- i2c: i801: Add missing documentation entries for Braswell and Kaby Lake (bsc#1051510).\n- i2c: i801: Add support for Intel Cedar Fork (bsc#1051510).\n- i2c: i801: Add support for Intel Ice Lake (bsc#1051510).\n- i2c: i801: Consolidate chipset names in documentation and Kconfig (bsc#1051510).\n- i2c: i801: fix DNV's SMBCTRL register offset (bsc#1051510).\n- i2c: imx: Fix race condition in dma read (bsc#1051510).\n- i2c: uniphier-f: issue STOP only for last message or I2C_M_STOP (bsc#1051510).\n- i2c: uniphier: issue STOP only for last message or I2C_M_STOP (bsc#1051510).\n- i2c: xiic: Make the start and the byte count write atomic (bsc#1051510).\n- i2c: xlp9xx: Fix case where SSIF read transaction completes early (bsc#1105907).\n- i2c: xlp9xx: Fix issue seen when updating receive length (bsc#1105907).\n- i2c: xlp9xx: Make sure the transfer size is not more than I2C_SMBUS_BLOCK_SIZE (bsc#1105907).\n- i40e: fix condition of WARN_ONCE for stat strings (bsc#1107522).\n- ib_srpt: Fix a use-after-free in srpt_close_ch() (bsc#1046306 ).\n- ibmvnic: Include missing return code checks in reset function (bnc#1107966).\n- iommu/amd: Add support for IOMMU XT mode.\n- iommu/amd: Add support for higher 64-bit IOMMU Control Register.\n- iommu/amd: Finish TLB flush in amd_iommu_unmap() (bsc#1106105).\n- iommu/amd: make sure TLB to be flushed before IOVA freed (bsc#1106105).\n- iommu/arm-smmu-v3: Do not free page table ops twice (bsc#1106237).\n- iommu/vt-d: Fix a potential memory leak (bsc#1106105).\n- iommu/vt-d: Ratelimit each dmar fault printing (bsc#1106105).\n- ipmi/powernv: Fix error return code in ipmi_powernv_probe() (git-fixes).\n- ipmi: Fix some counter issues (bsc#1105907).\n- ipmi: Move BT capabilities detection to the detect call (bsc#1106779).\n- ipmi: Remove ACPI SPMI probing from the SSIF (I2C) driver (bsc#1105907).\n- ipmi:bt: Set the timeout before doing a capabilities check (bsc#1051510).\n- ipv4: remove BUG_ON() from fib_compute_spec_dst (netfilter-stable-18_08_01).\n- irqchip/bcm7038-l1: Hide cpu offline callback when building for !SMP (bsc#1051510).\n- iw_cxgb4: remove duplicate memcpy() in c4iw_create_listen() (bsc#1046543).\n- ixgbe: Refactor queue disable logic to take completion time into account (bsc#1101557).\n- ixgbe: Reorder Tx/Rx shutdown to reduce time needed to stop device (bsc#1101557).\n- kabi fix for check_disk_size_change() (bsc#1098459).\n- kabi protect hnae_ae_ops (bsc#1107924).\n- kabi protect struct kvm_sync_regs (bsc#1106948).\n- kabi/severities: Whitelist libceph, rbd, and ceph (bsc#1096748).\n- kabi: move s390 mm_context_t lock to mm_struct and ignore the change (bsc#1103421).\n- kabi: x86/speculation/l1tf: Increase l1tf memory limit for Nehalem+ (bnc#1105536).\n- kvm: arm64: Convert kvm_set_s2pte_readonly() from inline asm to cmpxchg() (bsc#1108010).\n- kvm: nVMX: Fix fault vector for VMX operation at CPL > 0 (bsc#1106105).\n- kvm: nVMX: Use nested_run_pending rather than from_vmentry (bsc#1106240).\n- kvm: x86: vmx: fix vpid leak (bsc#1106240).\n- l2tp: use sk_dst_check() to avoid race on sk->sk_dst_cache (netfilter-stable-18_08_17).\n- lan78xx: Lan7801 Support for Fixed PHY (bsc#1085262).\n- lan78xx: Set ASD in MAC_CR when EEE is enabled (bsc#1085262).\n- lan78xx: remove redundant initialization of pointer 'phydev' (bsc#1085262).\n- lib/test_hexdump.c: fix failure on big endian cpu (bsc#1051510).\n- libahci: Fix possible Spectre-v1 pmp indexing in ahci_led_store() (bsc#1051510).\n- libbpf: Makefile set specified permission mode (bsc#1083647).\n- libceph: check authorizer reply/challenge length before reading (bsc#1096748).\n- libceph: factor out __ceph_x_decrypt() (bsc#1096748).\n- libceph: factor out __prepare_write_connect() (bsc#1096748).\n- libceph: factor out encrypt_authorizer() (bsc#1096748).\n- libceph: store ceph_auth_handshake pointer in ceph_connection (bsc#1096748).\n- libceph: weaken sizeof check in ceph_x_verify_authorizer_reply() (bsc#1096748).\n- libnvdimm, btt: fix uninitialized err_lock (bsc#1103961).\n- libnvdimm, nfit: enable support for volatile ranges (bsc#1103961).\n- libnvdimm, nfit: move the check on nd_reserved2 to the endpoint (bsc#1103961).\n- libnvdimm: Use max contiguous area for namespace size (git-fixes).\n- libnvdimm: rename nd_sector_size_{show,store} to nd_size_select_{show,store} (bsc#1103961).\n- livepatch: Remove reliable stacktrace check in klp_try_switch_task() (bsc#1071995).\n- livepatch: Validate module/old func name length (bsc#1071995).\n- llc: use refcount_inc_not_zero() for llc_sap_find() (netfilter-stable-18_08_17).\n- mac80211: add stations tied to AP_VLANs during hw reconfig (bsc#1051510).\n- mac80211: always account for A-MSDU header changes (bsc#1051510).\n- mac80211: avoid kernel panic when building AMSDU from non-linear SKB (bsc#1051510).\n- mac80211: fix an off-by-one issue in A-MSDU max_subframe computation (bsc#1051510).\n- macros.kernel-source: pass -b properly in kernel module package (bsc#1107870).\n- md-cluster: clear another node's suspend_area after the copy is finished (bsc#1106333).\n- md-cluster: do not send msg if array is closing (bsc#1106333).\n- md-cluster: release RESYNC lock after the last resync message (bsc#1106688).\n- md-cluster: show array's status more accurate (bsc#1106333).\n- media: Revert '[media] tvp5150: fix pad format frame height' (bsc#1051510).\n- mei: do not update offset in write (bsc#1051510).\n- mei: me: enable asynchronous probing.\n- memcg, thp: do not invoke oom killer on thp charges (bnc#1089663).\n- memory: tegra: Apply interrupts mask per SoC (bsc#1051510).\n- memory: tegra: Do not handle spurious interrupts (bsc#1051510).\n- mfd: intel-lpss: Add Ice Lake PCI IDs (bsc#1051510).\n- mfd: lpc_ich: Do not touch SPI-NOR write protection bit on Apollo Lake (bsc#1051510).\n- mlxsw: core_acl_flex_actions: Return error for conflicting actions (netfilter-stable-18_08_17).\n- mm/huge_memory.c: fix data loss when splitting a file pmd (bnc#1107074).\n- mm/hugetlb: filter out hugetlb pages if HUGEPAGE migration is not supported (bnc#1106697).\n- mm/vmscan: wake up flushers for legacy cgroups too (bnc#1107061).\n- mm: fix devmem_is_allowed() for sub-page System RAM intersections (bsc#1106800).\n- mm: memcg: fix use after free in mem_cgroup_iter() (bnc#1107065).\n- mmc: omap_hsmmc: fix wakeirq handling on removal (bsc#1051510).\n- module: exclude SHN_UNDEF symbols from kallsyms api (bsc#1071995).\n- net/9p/client.c: version pointer uninitialized (bsc#1051510).\n- net/9p/trans_fd.c: fix race by holding the lock (bsc#1051510).\n- net/9p/trans_fd.c: fix race-condition by flushing workqueue before the kfree() (bsc#1051510).\n- net/9p: Switch to wait_event_killable() (bsc#1051510).\n- net/9p: fix error path of p9_virtio_probe (bsc#1051510).\n- net: dsa: Do not suspend/resume closed slave_dev (netfilter-stable-18_08_04).\n- net: ena: Eliminate duplicate barriers on weakly-ordered archs (bsc#1108093).\n- net: ena: Fix use of uninitialized DMA address bits field (netfilter-stable-18_08_01).\n- net: ena: fix device destruction to gracefully free resources (bsc#1108093).\n- net: ena: fix driver when PAGE_SIZE == 64kB (bsc#1108093).\n- net: ena: fix incorrect usage of memory barriers (bsc#1108093).\n- net: ena: fix missing calls to READ_ONCE (bsc#1108093).\n- net: ena: fix missing lock during device destruction (bsc#1108093).\n- net: ena: fix potential double ena_destroy_device() (bsc#1108093).\n- net: ena: fix surprise unplug NULL dereference kernel crash (bsc#1108093).\n- net: ethernet: mvneta: Fix napi structure mixup on armada 3700 (networking-stable-18_08_21).\n- net: fix amd-xgbe flow-control issue (netfilter-stable-18_08_01).\n- net: hns3: Fix for waterline not setting correctly (bsc#1104353 ). \n- net: hns3: fix page_offset overflow when CONFIG_ARM64_64K_PAGES (bsc#1104353).\n- net: hns: add netif_carrier_off before change speed and duplex (bsc#1107924).\n- net: hns: add the code for cleaning pkt in chip (bsc#1107924).\n- net: mdio-mux: bcm-iproc: fix wrong getter and setter pair (netfilter-stable-18_08_01).\n- net: mvneta: fix mvneta_config_rss on armada 3700 (networking-stable-18_08_21).\n- net: rtnl_configure_link: fix dev flags changes arg to __dev_notify_flags (git-fixes).\n- net: stmmac: Fix WoL for PCI-based setups (netfilter-stable-18_08_04).\n- net: stmmac: mark PM functions as __maybe_unused (git-fixes).\n- net_sched: Fix missing res info when create new tc_index filter (netfilter-stable-18_08_17).\n- netfilter: ip6t_rpfilter: set F_IFACE for linklocal addresses (git-fixes).\n- netlink: Do not shift on 64 for ngroups (git-fixes).\n- netlink: Do not shift with UB on nlk->ngroups (netfilter-stable-18_08_01).\n- netlink: Do not subscribe to non-existent groups (netfilter-stable-18_08_01).\n- netlink: Fix spectre v1 gadget in netlink_create() (netfilter-stable-18_08_04).\n- nfs/pnfs: fix nfs_direct_req ref leak when i/o falls back to the mds (git-fixes).\n- nfs41: do not return ENOMEM on LAYOUTUNAVAILABLE (git-fixes).\n- nfsd: remove blocked locks on client teardown (git-fixes).\n- nl80211: Add a missing break in parse_station_flags (bsc#1051510).\n- nl80211: check nla_parse_nested() return values (bsc#1051510).\n- nvme: register ns_id attributes as default sysfs groups (bsc#1105247).\n- nvme_fc: add 'nvme_discovery' sysfs attribute to fc transport device (bsc#1044189).\n- pinctrl/amd: only handle irq if it is pending and unmasked (bsc#1051510).\n- pipe: actually allow root to exceed the pipe buffer limits (bsc#1106297).\n- platform/x86: asus-nb-wmi: Add keymap entry for lid flip action on UX360 (bsc#1051510).\n- pnfs/blocklayout: off by one in bl_map_stripe() (git-fixes).\n- powerpc/64s: Default l1d_size to 64K in RFI fallback flush (bsc#1068032, git-fixes).\n- powerpc/64s: Fix DT CPU features Power9 DD2.1 logic (bsc#1055117).\n- powerpc/64s: Fix compiler store ordering to SLB shadow area (bsc#1094244).\n- powerpc/64s: move machine check SLB flushing to mm/slb.c (bsc#1094244).\n- powerpc/kprobes: Fix call trace due to incorrect preempt count (bsc#1065729).\n- powerpc/lib: Fix the feature fixup tests to actually work (bsc#1065729).\n- powerpc/mce: Fix SLB rebolting during MCE recovery path (bsc#1094244).\n- powerpc/perf: Fix IMC allocation routine (bsc#1054914).\n- powerpc/perf: Fix memory allocation for core-imc based on num_possible_cpus() (bsc#1054914).\n- powerpc/perf: Remove sched_task function defined for thread-imc (bsc#1054914).\n- powerpc/pseries: Avoid using the size greater than RTAS_ERROR_LOG_MAX (bsc#1094244).\n- powerpc/pseries: Fix endianness while restoring of r3 in MCE handler (bsc#1094244).\n- powerpc/pseries: fix EEH recovery of some IOV devices (bsc#1078720, git-fixes).\n- powerpc64s: Show ori31 availability in spectre_v1 sysfs file not v2 (bsc#1068032, bsc#1080157, git-fixes).\n- powerpc: Avoid code patching freed init sections (bnc#1107735).\n- powerpc: make feature-fixup tests fortify-safe (bsc#1065729).\n- pstore: Fix incorrect persistent ram buffer mapping (bsc#1051510).\n- pwm: tiehrpwm: Fix disabling of output of PWMs (bsc#1051510).\n- qlge: Fix netdev features configuration (bsc#1098822).\n- r8169: add support for NCube 8168 network card (bsc#1051510).\n- reiserfs: fix broken xattr handling (heap corruption, bad retval) (bsc#1106236).\n- rhashtable: add schedule points (bsc#1051510).\n- root dentries need RCU-delayed freeing (bsc#1106297).\n- rsi: Fix 'invalid vdd' warning in mmc (bsc#1051510).\n- rxrpc: Fix user call ID check in rxrpc_service_prealloc_one (netfilter-stable-18_08_04).\n- s390/entry.S: use assembler alternatives (bsc#1103421).\n- s390/lib: use expoline for all bcr instructions (git-fixes, bsc#1103421).\n- s390/mm: fix local TLB flushing vs. detach of an mm address space (bsc#1103421).\n- s390/mm: fix race on mm->context.flush_mm (bsc#1103421).\n- s390/runtime instrumentation: simplify task exit handling (bsc#1103421).\n- s390: always save and restore all registers on context switch (bsc#1103421).\n- s390: detect etoken facility (bsc#1103421).\n- s390: fix br_r1_trampoline for machines without exrl (git-fixes, bsc#1103421).\n- s390: fix compat system call table (bsc#1103421).\n- s390: fix handling of -1 in set{,fs}id16 syscalls (bsc#1103421).\n- s390: use expoline thunks for all branches generated by the BPF JIT (bsc#1103421).\n- samples/bpf: adjust rlimit RLIMIT_MEMLOCK for xdp1 (bsc#1083647).\n- sched/fair: Fix vruntime_normalized() for remote non-migration wakeup (git-fixes).\n- sched/numa: Do not move imbalanced load purely on the basis of an idle CPU (bnc#1101669 optimise numa balancing for fast migrate).\n- sched/numa: Evaluate move once per node (bnc#1101669 optimise numa balancing for fast migrate).\n- sched/numa: Remove numa_has_capacity() (bnc#1101669 optimise numa balancing for fast migrate).\n- sched/numa: Remove unused task_capacity from 'struct numa_stats' (bnc#1101669 optimise numa balancing for fast migrate).\n- sched/numa: Stop comparing tasks for NUMA placement after selecting an idle core (bnc#1101669 optimise numa balancing for fast migrate).\n- sched/numa: remove unused code from update_numa_stats() (bnc#1101669 optimise numa balancing for fast migrate).\n- sched/numa: remove unused nr_running field (bnc#1101669 optimise numa balancing for fast migrate).\n- scripts/git_sort/git_sort.py: Add fixes branch from mkp/scsi.git.\n- scripts/git_sort/git_sort.py: add mkp 4.20/scsi-queue\n- scripts/tar-up.sh: Do not package gitlog-excludes file Also fix the evaluation of gitlog-excludes file, too\n- scripts: modpost: check memory allocation results (bsc#1051510).\n- scsi: fcoe: hold disc_mutex when traversing rport lists (bsc#1077989).\n- scsi: hpsa: limit transfer length to 1MB, not 512kB (bsc#1102346).\n- scsi: libfc: Add lockdep annotations (bsc#1077989).\n- scsi: libfc: fixup 'sleeping function called from invalid context' (bsc#1077989).\n- scsi: libfc: fixup lockdep annotations (bsc#1077989).\n- scsi: libfc: hold disc_mutex in fc_disc_stop_rports() (bsc#1077989).\n- scsi: lpfc: Correct MDS diag and nvmet configuration (bsc#1106636).\n- scsi: mpt3sas: Fix calltrace observed while running IO and reset (bsc#1077989).\n- scsi: qla2xxx: Add appropriate debug info for invalid RX_ID (bsc#1108870).\n- scsi: qla2xxx: Add logic to detect ABTS hang and response completion (bsc#1108870).\n- scsi: qla2xxx: Add mode control for each physical port (bsc#1108870).\n- scsi: qla2xxx: Add support for ZIO6 interrupt threshold (bsc#1108870).\n- scsi: qla2xxx: Allow FC-NVMe underrun to be handled by transport (bsc#1108870).\n- scsi: qla2xxx: Check for Register disconnect (bsc#1108870).\n- scsi: qla2xxx: Decrement login retry count for only plogi (bsc#1108870).\n- scsi: qla2xxx: Defer chip reset until target mode is enabled (bsc#1108870).\n- scsi: qla2xxx: Fix Remote port registration (bsc#1108870).\n- scsi: qla2xxx: Fix deadlock between ATIO and HW lock (bsc#1108870).\n- scsi: qla2xxx: Fix double increment of switch scan retry count (bsc#1108870).\n- scsi: qla2xxx: Fix dropped srb resource (bsc#1108870).\n- scsi: qla2xxx: Fix duplicate switch's Nport ID entries (bsc#1108870).\n- scsi: qla2xxx: Fix early srb free on abort (bsc#1108870).\n- scsi: qla2xxx: Fix iIDMA error (bsc#1108870).\n- scsi: qla2xxx: Fix incorrect port speed being set for FC adapters (bsc#1108870).\n- scsi: qla2xxx: Fix out of order Termination and ABTS response (bsc#1108870).\n- scsi: qla2xxx: Fix port speed display on chip reset (bsc#1108870).\n- scsi: qla2xxx: Fix premature command free (bsc#1108870).\n- scsi: qla2xxx: Fix process response queue for ISP26XX and above (bsc#1108870).\n- scsi: qla2xxx: Fix race condition for resource cleanup (bsc#1108870).\n- scsi: qla2xxx: Fix stuck session in PLOGI state (bsc#1108870).\n- scsi: qla2xxx: Force fw cleanup on ADISC error (bsc#1108870).\n- scsi: qla2xxx: Increase abort timeout value (bsc#1108870).\n- scsi: qla2xxx: Move ABTS code behind qpair (bsc#1108870).\n- scsi: qla2xxx: Move rport registration out of internal work_list (bsc#1108870).\n- scsi: qla2xxx: Move {get|rel}_sp to base_qpair struct (bsc#1108870).\n- scsi: qla2xxx: Reduce holding sess_lock to prevent CPU lock-up (bsc#1108870).\n- scsi: qla2xxx: Reject bsg request if chip is down (bsc#1108870).\n- scsi: qla2xxx: Remove ASYNC GIDPN switch command (bsc#1108870).\n- scsi: qla2xxx: Remove all rports if fabric scan retry fails (bsc#1108870).\n- scsi: qla2xxx: Remove redundant check for fcport deletion (bsc#1108870).\n- scsi: qla2xxx: Remove stale ADISC_DONE event (bsc#1108870).\n- scsi: qla2xxx: Remove stale debug trace message from tcm_qla2xxx (bsc#1108870).\n- scsi: qla2xxx: Serialize mailbox request (bsc#1108870).\n- scsi: qla2xxx: Terminate Plogi/PRLI if WWN is 0 (bsc#1108870).\n- scsi: qla2xxx: Turn off IOCB timeout timer on IOCB completion (bsc#1108870).\n- scsi: qla2xxx: Update driver to version 10.00.00.09-k (bsc#1108870).\n- scsi: qla2xxx: Update driver version to 10.00.00.10-k (bsc#1108870).\n- scsi: qla2xxx: Update driver version to 10.00.00.11-k (bsc#1108870).\n- scsi: qla2xxx: Update rscn_rcvd field to more meaningful scan_needed (bsc#1108870).\n- scsi: qla2xxx: Use correct qpair for ABTS/CMD (bsc#1108870).\n- scsi: qla2xxx: shutdown chip if reset fail (bsc#1108870).\n- scsi_debug: call resp_XXX function after setting host_scribble (bsc#1069138). \n- scsi_debug: reset injection flags for every_nth > 0 (bsc#1069138).\n- selftests/bpf/test_maps: exit child process without error in ENOMEM case (bsc#1083647).\n- selftests/bpf: fix a typo in map in map test (bsc#1083647).\n- serial: enable spi in sc16is7xx driver References: bsc#1105672\n- serial: make sc16is7xx driver supported References: bsc#1105672\n- slab: __GFP_ZERO is incompatible with a constructor (bnc#1107060).\n- spi-nor: intel-spi: Fix number of protected range registers for BYT/LPT.\n- spi: cadence: Change usleep_range() to udelay(), for atomic context (bsc#1051510).\n- spi: davinci: fix a NULL pointer dereference (bsc#1051510).\n- spi: pxa2xx: Add support for Intel Ice Lake (bsc#1051510).\n- staging: bcm2835-audio: Check if workqueue allocation failed.\n- staging: bcm2835-audio: Deliver indirect-PCM transfer error.\n- staging: bcm2835-audio: Disconnect and free vchi_instance on module_exit().\n- staging: bcm2835-audio: Do not leak workqueue if open fails.\n- staging: bcm2835-audio: constify snd_pcm_ops structures.\n- staging: bcm2835-audio: make snd_pcm_hardware const.\n- staging: comedi: ni_mio_common: fix subdevice flags for PFI subdevice (bsc#1051510).\n- staging: lustre: Use 'kvfree()' for memory allocated by 'kvzalloc()' (bsc#1051510).\n- staging: lustre: disable preempt while sampling processor id (bsc#1051510).\n- staging: lustre: fix bug in osc_enter_cache_try (bsc#1051510).\n- staging: lustre: ldlm: free resource when ldlm_lock_create() fails (bsc#1051510).\n- staging: lustre: libcfs: Prevent harmless read underflow (bsc#1051510).\n- staging: lustre: libcfs: fix test for libcfs_ioctl_hdr minimum size (bsc#1051510).\n- staging: lustre: llite: correct removexattr detection (bsc#1051510).\n- staging: lustre: llite: initialize xattr->xe_namelen (bsc#1051510).\n- staging: lustre: lmv: correctly iput lmo_root (bsc#1051510).\n- staging: lustre: lov: use correct env in lov_io_data_version_end() (bsc#1051510).\n- staging: lustre: o2iblnd: Fix FastReg map/unmap for MLX5 (bsc#1051510).\n- staging: lustre: o2iblnd: Fix crash in kiblnd_handle_early_rxs() (bsc#1051510).\n- staging: lustre: o2iblnd: fix race at kiblnd_connect_peer (bsc#1051510).\n- staging: lustre: obd_mount: use correct niduuid suffix (bsc#1051510).\n- staging: lustre: obdclass: return -EFAULT if copy_from_user() fails (bsc#1051510).\n- staging: lustre: ptlrpc: kfree used instead of kvfree (bsc#1051510).\n- staging: lustre: remove invariant in cl_io_read_ahead() (bsc#1051510).\n- staging: lustre: statahead: remove incorrect test on agl_list_empty() (bsc#1051510).\n- staging: vc04_services: Fix platform_no_drv_owner.cocci warnings.\n- staging: vc04_services: bcm2835-audio Format multiline comment.\n- staging: vc04_services: bcm2835-audio: Add blank line after declaration.\n- staging: vc04_services: bcm2835-audio: Change to unsigned int *.\n- staging: vc04_services: bcm2835-audio: add SPDX identifiers.\n- staging: vc04_services: bcm2835-audio: remove redundant license text.\n- staging: vc04_services: please do not use multiple blank lines.\n- string: drop __must_check from strscpy() and restore strscpy() usages in cgroup (bsc#1051510).\n- sunxi-rsb: Include OF based modalias in device uevent (bsc#1051510).\n- sys: do not hold uts_sem while accessing userspace memory (bnc#1106995).\n- target_core_rbd: break up free_device callback (bsc#1105524).\n- target_core_rbd: use RCU in free_device (bsc#1105524).\n- tcp: add max_quickacks param to tcp_incr_quickack and tcp_enter_quickack_mode (netfilter-stable-18_08_01).\n- tcp: add one more quick ack after after ECN events (netfilter-stable-18_08_01).\n- tcp: do not aggressively quick ack after ECN events (netfilter-stable-18_08_01).\n- tcp: do not force quickack when receiving out-of-order packets (netfilter-stable-18_08_01).\n- tcp: refactor tcp_ecn_check_ce to remove sk type cast (netfilter-stable-18_08_01).\n- tcp_bbr: fix bw probing to raise in-flight data for very small BDPs (netfilter-stable-18_08_01).\n- thermal: thermal_hwmon: Convert to hwmon_device_register_with_info() (bsc#1103363).\n- thermal_hwmon: Pass the originating device down to hwmon_device_register_with_info (bsc#1103363).\n- thermal_hwmon: Sanitize attribute name passed to hwmon (bsc#1103363).\n- ti: ethernet: cpdma: Use correct format for genpool_* (bsc#1051510).\n- tools/power turbostat: Read extended processor family from CPUID (bsc#1051510).\n- tools/power turbostat: fix -S on UP systems (bsc#1051510).\n- tools: usb: ffs-test: Fix build on big endian systems (bsc#1051510).\n- tpm: Introduce flag TPM_TRANSMIT_RAW (bsc#1082555).\n- tpm: cmd_ready command can be issued only after granting locality (bsc#1082555).\n- tpm: fix race condition in tpm_common_write() (bsc#1082555).\n- tpm: fix use after free in tpm2_load_context() (bsc#1082555).\n- tpm: separate cmd_ready/go_idle from runtime_pm (bsc#1082555).\n- tpm: tpm_crb: relinquish locality on error path (bsc#1082555).\n- tpm: vtpm_proxy: Implement request_locality function (bsc#1082555).\n- tracepoint: Do not warn on ENOMEM (bsc#1051510).\n- uart: fix race between uart_put_char() and uart_shutdown() (bsc#1051510).\n- ubifs: Check data node size before truncate (bsc#1051510).\n- ubifs: Fix directory size calculation for symlinks (bsc#1106230).\n- ubifs: Fix memory leak in lprobs self-check (bsc#1051510).\n- ubifs: Fix synced_i_size calculation for xattr inodes (bsc#1051510).\n- ubifs: xattr: Do not operate on deleted inodes (bsc#1051510).\n- udl-kms: avoid division (bsc#1051510).\n- udl-kms: change down_interruptible to down (bsc#1051510).\n- udl-kms: fix crash due to uninitialized memory (bsc#1051510).\n- udl-kms: handle allocation failure (bsc#1051510).\n- udlfb: set optimal write delay (bsc#1051510).\n- usb/phy: fix PPC64 build errors in phy-fsl-usb.c (bsc#1051510).\n- usb: Do not die twice if PCI xhci host is not responding in resume (bsc#1051510).\n- usb: dwc2: fix isoc split in transfer with no data (bsc#1051510).\n- usb: dwc2: gadget: Fix issue in dwc2_gadget_start_isoc() (bsc#1051510).\n- usb: dwc3: pci: add support for Intel IceLake (bsc#1051510).\n- usb: gadget: composite: fix delayed_status race condition when set_interface (bsc#1051510).\n- usb: gadget: dwc2: fix memory leak in gadget_init() (bsc#1051510).\n- usb: gadget: r8a66597: Fix a possible sleep-in-atomic-context bugs in r8a66597_queue() (bsc#1051510).\n- usb: gadget: r8a66597: Fix two possible sleep-in-atomic-context bugs in init_controller() (bsc#1051510).\n- usb: gadget: udc: renesas_usb3: fix maxpacket size of ep0 (bsc#1051510).\n- usb: xhci: increase CRS timeout value (bsc#1051510).\n- userns: move user access out of the mutex (bsc#1051510).\n- vfio/pci: Virtualize Maximum Payload Size (bsc#1051510).\n- vfio/pci: Virtualize Maximum Read Request Size (bsc#1051510).\n- vfio/type1: Fix task tracking for QEMU vCPU hotplug (bsc#1051510).\n- vhost: correctly check the iova range when waking virtqueue (bsc#1051510).\n- vhost: do not try to access device IOTLB when not initialized (bsc#1051510).\n- vhost: reset metadata cache when initializing new IOTLB (netfilter-stable-18_08_17).\n- vhost: use mutex_lock_nested() in vhost_dev_lock_vqs() (bsc#1051510).\n- video: fbdev: pxafb: clear allocated memory for video modes (bsc#1051510).\n- vsock: split dwork to avoid reinitializations (netfilter-stable-18_08_17).\n- wlcore: Set rx_status boottime_ns field on rx (bsc#1051510).\n- x86/CPU/AMD: Derive CPU topology from CPUID function 0xB when available.\n- x86/CPU: Modify detect_extended_topology() to return result.\n- x86/events/intel/ds: Fix bts_interrupt_threshold alignment (git-fixes c1961a4631da).\n- x86/init: fix build with CONFIG_SWAP=n (bnc#1106121).\n- x86/kasan/64: Teach KASAN about the cpu_entry_area (kasan).\n- x86/kvm: fix LAPIC timer drift when guest uses periodic mode (bsc#1106240).\n- x86/mcelog: Get rid of RCU remnants (git-fixes 5de97c9f6d85).\n- x86/mm/kasan: Do not use vmemmap_populate() to initialize shadow (kasan).\n- x86/mm/memory_hotplug: determine block size based on the end of boot memory (bsc#1108243).\n- x86/platform/UV: Add adjustable set memory block size function (bsc#1108243).\n- x86/platform/UV: Add kernel parameter to set memory block size (bsc#1108243).\n- x86/platform/UV: Mark memblock related init code and data correctly (bsc#1108243).\n- x86/platform/UV: Use new set memory block size function (bsc#1108243).\n- x86/spectre: Add missing family 6 check to microcode check (git-fixes a5b296636453).\n- x86/speculation/l1tf: Fix off-by-one error when warning that system has too much RAM (bnc#1105536).\n- x86/speculation/l1tf: Increase l1tf memory limit for Nehalem+ (bnc#1105536).\n- x86/speculation/l1tf: Suggest what to do on systems with too much RAM (bnc#1105536).\n- x86/speculation: Use ARCH_CAPABILITIES to skip L1D flush on vmentry (bsc#1106369).\n- x86/vdso: Fix vDSO build if a retpoline is emitted (git-fixes 76b043848fd2).\n- x86/xen/efi: Initialize only the EFI struct members used by Xen (bnc#1107945).\n- x86: irq_remapping: Move irq remapping mode enum.\n- xen-netfront-dont-bug-in-case-of-too-many-frags.patch: (bnc#1104824).\n- xen-netfront: fix queue name setting (bnc#1065600).\n- xen-netfront: fix warn message as irq device name has '/' (bnc#1065600).\n- xen/blkback: do not keep persistent grants too long (bsc#1085042).\n- xen/blkback: move persistent grants flags to bool (bsc#1085042).\n- xen/blkback: remove unused pers_gnts_lock from struct (bsc#1085042).\n- xen/blkfront: cleanup stale persistent grants (bsc#1085042).\n- xen/blkfront: reorder tests in xlblk_init() (bsc#1085042).\n- xen: avoid crash in disable_hotplug_cpu (bsc#1106594).\n- xen: xenbus_dev_frontend: Fix XS_TRANSACTION_END handling (bnc#1065600).\n- xen: xenbus_dev_frontend: Really return response string (bnc#1065600).\n- xenbus: track caller request id (bnc#1065600).\n- xfs: Fix per-inode DAX flag inheritance (Git-fixes bsc#1109511).\n- xfs: add a new xfs_iext_lookup_extent_before helper (bsc#1095344).\n- xfs: add a xfs_bmap_fork_to_state helper (bsc#1095344).\n- xfs: add a xfs_iext_update_extent helper (bsc#1095344).\n- xfs: add asserts for the mmap lock in xfs_{insert,collapse}_file_space (bsc#1095344).\n- xfs: add comments documenting the rebalance algorithm (bsc#1095344).\n- xfs: add some comments to xfs_iext_insert/xfs_iext_insert_node (bsc#1095344).\n- xfs: allow unaligned extent records in xfs_bmbt_disk_set_all (bsc#1095344).\n- xfs: do not create overlapping extents in xfs_bmap_add_extent_delay_real (bsc#1095344).\n- xfs: do not rely on extent indices in xfs_bmap_collapse_extents (bsc#1095344).\n- xfs: do not rely on extent indices in xfs_bmap_insert_extents (bsc#1095344).\n- xfs: do not set XFS_BTCUR_BPRV_WASDEL in xfs_bunmapi (bsc#1095344).\n- xfs: fix memory leak in xfs_iext_free_last_leaf (bsc#1095344).\n- xfs: fix number of records handling in xfs_iext_split_leaf (bsc#1095344).\n- xfs: fix type usage (bsc#1095344).\n- xfs: handle zero entries case in xfs_iext_rebalance_leaf (bsc#1095344).\n- xfs: inline xfs_shift_file_space into callers (bsc#1095344).\n- xfs: introduce the xfs_iext_cursor abstraction (bsc#1095344).\n- xfs: iterate backwards in xfs_reflink_cancel_cow_blocks (bsc#1095344).\n- xfs: iterate over extents in xfs_bmap_extents_to_btree (bsc#1095344).\n- xfs: iterate over extents in xfs_iextents_copy (bsc#1095344).\n- xfs: make better use of the 'state' variable in xfs_bmap_del_extent_real (bsc#1095344).\n- xfs: merge xfs_bmap_read_extents into xfs_iread_extents (bsc#1095344).\n- xfs: move pre/post-bmap tracing into xfs_iext_update_extent (bsc#1095344).\n- xfs: move some code around inside xfs_bmap_shift_extents (bsc#1095344).\n- xfs: move some more code into xfs_bmap_del_extent_real (bsc#1095344).\n- xfs: move xfs_bmbt_irec and xfs_exntst_t to xfs_types.h (bsc#1095344).\n- xfs: move xfs_iext_insert tracepoint to report useful information (bsc#1095344).\n- xfs: pass a struct xfs_bmbt_irec to xfs_bmbt_lookup_eq (bsc#1095344).\n- xfs: pass a struct xfs_bmbt_irec to xfs_bmbt_update (bsc#1095344).\n- xfs: pass an on-disk extent to xfs_bmbt_validate_extent (bsc#1095344).\n- xfs: pass struct xfs_bmbt_irec to xfs_bmbt_validate_extent (bsc#1095344).\n- xfs: preserve i_rdev when recycling a reclaimable inode (bsc#1095344).\n- xfs: refactor delalloc accounting in xfs_bmap_add_extent_delay_real (bsc#1095344).\n- xfs: refactor dir2 leaf readahead shadow buffer cleverness (bsc#1095344).\n- xfs: refactor xfs_bmap_add_extent_delay_real (bsc#1095344).\n- xfs: refactor xfs_bmap_add_extent_hole_delay (bsc#1095344).\n- xfs: refactor xfs_bmap_add_extent_hole_real (bsc#1095344).\n- xfs: refactor xfs_bmap_add_extent_unwritten_real (bsc#1095344).\n- xfs: refactor xfs_del_extent_real (bsc#1095344).\n- xfs: remove XFS_BMAP_MAX_SHIFT_EXTENTS (bsc#1095344).\n- xfs: remove XFS_BMAP_TRACE_EXLIST (bsc#1095344).\n- xfs: remove a duplicate assignment in xfs_bmap_add_extent_delay_real (bsc#1095344).\n- xfs: remove a superflous assignment in xfs_iext_remove_node (bsc#1095344).\n- xfs: remove all xfs_bmbt_set_* helpers except for xfs_bmbt_set_all (bsc#1095344).\n- xfs: remove if_rdev (bsc#1095344).\n- xfs: remove post-bmap tracing in xfs_bmap_local_to_extents (bsc#1095344).\n- xfs: remove support for inlining data/extents into the inode fork (bsc#1095344).\n- xfs: remove the never fully implemented UUID fork format (bsc#1095344).\n- xfs: remove the nr_extents argument to xfs_iext_insert (bsc#1095344).\n- xfs: remove the nr_extents argument to xfs_iext_remove (bsc#1095344).\n- xfs: remove xfs_bmbt_get_state (bsc#1095344).\n- xfs: remove xfs_bmse_shift_one (bsc#1095344).\n- xfs: rename bno to end in __xfs_bunmapi (bsc#1095344).\n- xfs: replace xfs_bmbt_lookup_ge with xfs_bmbt_lookup_first (bsc#1095344).\n- xfs: replace xfs_qm_get_rtblks with a direct call to xfs_bmap_count_leaves (bsc#1095344).\n- xfs: rewrite getbmap using the xfs_iext_* helpers (bsc#1095344).\n- xfs: rewrite xfs_bmap_count_leaves using xfs_iext_get_extent (bsc#1095344).\n- xfs: rewrite xfs_bmap_first_unused to make better use of xfs_iext_get_extent (bsc#1095344).\n- xfs: simplify the xfs_getbmap interface (bsc#1095344).\n- xfs: simplify xfs_reflink_convert_cow (bsc#1095344).\n- xfs: split xfs_bmap_shift_extents (bsc#1095344).\n- xfs: switch xfs_bmap_local_to_extents to use xfs_iext_insert (bsc#1095344).\n- xfs: treat idx as a cursor in xfs_bmap_add_extent_delay_real (bsc#1095344).\n- xfs: treat idx as a cursor in xfs_bmap_add_extent_hole_delay (bsc#1095344).\n- xfs: treat idx as a cursor in xfs_bmap_add_extent_hole_real (bsc#1095344).\n- xfs: treat idx as a cursor in xfs_bmap_add_extent_unwritten_real (bsc#1095344).\n- xfs: treat idx as a cursor in xfs_bmap_collapse_extents (bsc#1095344).\n- xfs: treat idx as a cursor in xfs_bmap_del_extent_* (bsc#1095344).\n- xfs: trivial indentation fixup for xfs_iext_remove_node (bsc#1095344).\n- xfs: update got in xfs_bmap_shift_update_extent (bsc#1095344).\n- xfs: use a b+tree for the in-core extent list (bsc#1095344).\n- xfs: use correct state defines in xfs_bmap_del_extent_{cow,delay} (bsc#1095344).\n- xfs: use the state defines in xfs_bmap_del_extent_real (bsc#1095344).\n- xfs: use xfs_bmap_del_extent_delay for the data fork as well (bsc#1095344).\n- xfs: use xfs_iext_*_extent helpers in xfs_bmap_shift_extents (bsc#1095344).\n- xfs: use xfs_iext_*_extent helpers in xfs_bmap_split_extent_at (bsc#1095344).\n- xfs: use xfs_iext_get_extent in xfs_bmap_first_unused (bsc#1095344).\n- xfs: use xfs_iext_get_extent instead of open coding it (bsc#1095344).\n", title: "Description of the patch", }, { category: "details", text: "SUSE-SLE-Module-Live-Patching-15-2018-2120", title: "Patchnames", }, { category: "legal_disclaimer", text: "CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).", title: "Terms of use", }, ], publisher: { category: "vendor", contact_details: "https://www.suse.com/support/security/contact/", name: "SUSE Product Security Team", namespace: "https://www.suse.com/", }, references: [ { category: "external", summary: "SUSE ratings", url: "https://www.suse.com/support/security/rating/", }, { category: "self", summary: "URL of this CSAF notice", url: "https://ftp.suse.com/pub/projects/security/csaf/suse-su-2018_2981-1.json", }, { category: "self", summary: "URL for SUSE-SU-2018:2981-1", url: "https://www.suse.com/support/update/announcement/2018/suse-su-20182981-1/", }, { category: "self", summary: "E-Mail link for SUSE-SU-2018:2981-1", url: "https://lists.suse.com/pipermail/sle-security-updates/2018-October/004638.html", }, { category: "self", summary: "SUSE Bug 1012382", url: "https://bugzilla.suse.com/1012382", }, { category: "self", summary: "SUSE Bug 1043912", url: "https://bugzilla.suse.com/1043912", }, { category: "self", summary: "SUSE Bug 1044189", url: "https://bugzilla.suse.com/1044189", }, { category: "self", summary: "SUSE Bug 1046302", url: "https://bugzilla.suse.com/1046302", }, { category: "self", summary: "SUSE Bug 1046306", url: "https://bugzilla.suse.com/1046306", }, { category: "self", summary: "SUSE Bug 1046307", url: "https://bugzilla.suse.com/1046307", }, { category: "self", summary: "SUSE Bug 1046543", url: "https://bugzilla.suse.com/1046543", }, { category: "self", summary: "SUSE Bug 1050244", url: "https://bugzilla.suse.com/1050244", }, { category: "self", summary: "SUSE Bug 1051510", url: "https://bugzilla.suse.com/1051510", }, { category: "self", summary: "SUSE Bug 1054914", url: "https://bugzilla.suse.com/1054914", }, { category: "self", summary: "SUSE Bug 1055014", url: "https://bugzilla.suse.com/1055014", }, { category: "self", summary: "SUSE Bug 1055117", url: "https://bugzilla.suse.com/1055117", }, { category: "self", summary: "SUSE Bug 1058659", url: "https://bugzilla.suse.com/1058659", }, { category: "self", summary: "SUSE Bug 1060463", url: "https://bugzilla.suse.com/1060463", }, { category: "self", summary: "SUSE Bug 1064232", url: "https://bugzilla.suse.com/1064232", }, { category: "self", summary: "SUSE Bug 1065600", url: "https://bugzilla.suse.com/1065600", }, { category: "self", summary: "SUSE Bug 1065729", url: "https://bugzilla.suse.com/1065729", }, { category: "self", summary: "SUSE Bug 1068032", url: "https://bugzilla.suse.com/1068032", }, { category: "self", summary: "SUSE Bug 1069138", url: "https://bugzilla.suse.com/1069138", }, { category: "self", summary: "SUSE Bug 1071995", url: "https://bugzilla.suse.com/1071995", }, { category: "self", summary: "SUSE Bug 1077761", url: "https://bugzilla.suse.com/1077761", }, { category: "self", summary: "SUSE Bug 1077989", url: "https://bugzilla.suse.com/1077989", }, { category: "self", summary: "SUSE Bug 1078720", url: "https://bugzilla.suse.com/1078720", }, { category: "self", summary: "SUSE Bug 1080157", url: "https://bugzilla.suse.com/1080157", }, { category: "self", summary: "SUSE Bug 1082555", url: "https://bugzilla.suse.com/1082555", }, { category: "self", summary: "SUSE Bug 1083647", url: "https://bugzilla.suse.com/1083647", }, { category: "self", summary: "SUSE Bug 1083663", url: "https://bugzilla.suse.com/1083663", }, { category: "self", summary: "SUSE Bug 1084332", url: "https://bugzilla.suse.com/1084332", }, { category: "self", summary: "SUSE Bug 1085042", url: "https://bugzilla.suse.com/1085042", }, { category: "self", summary: "SUSE Bug 1085262", url: "https://bugzilla.suse.com/1085262", }, { category: "self", summary: "SUSE Bug 1086282", url: "https://bugzilla.suse.com/1086282", }, { category: "self", summary: "SUSE Bug 1089663", url: "https://bugzilla.suse.com/1089663", }, { category: "self", summary: "SUSE Bug 1090528", url: "https://bugzilla.suse.com/1090528", }, { category: "self", summary: "SUSE Bug 1092903", url: "https://bugzilla.suse.com/1092903", }, { category: "self", summary: "SUSE Bug 1093389", url: "https://bugzilla.suse.com/1093389", }, { category: "self", summary: "SUSE Bug 1094244", url: "https://bugzilla.suse.com/1094244", }, { category: "self", summary: "SUSE Bug 1095344", url: "https://bugzilla.suse.com/1095344", }, { category: "self", summary: "SUSE Bug 1096748", url: "https://bugzilla.suse.com/1096748", }, { category: "self", summary: "SUSE Bug 1097105", url: "https://bugzilla.suse.com/1097105", }, { category: "self", summary: "SUSE Bug 1098459", url: "https://bugzilla.suse.com/1098459", }, { category: "self", summary: "SUSE Bug 1098822", url: "https://bugzilla.suse.com/1098822", }, { category: "self", summary: "SUSE Bug 1099922", url: "https://bugzilla.suse.com/1099922", }, { category: "self", summary: "SUSE Bug 1099999", url: "https://bugzilla.suse.com/1099999", }, { category: "self", summary: "SUSE Bug 1100000", url: "https://bugzilla.suse.com/1100000", }, { category: "self", summary: "SUSE Bug 1100001", url: "https://bugzilla.suse.com/1100001", }, { category: "self", summary: "SUSE Bug 1100132", url: "https://bugzilla.suse.com/1100132", }, { category: "self", summary: "SUSE Bug 1101557", url: "https://bugzilla.suse.com/1101557", }, { category: "self", summary: "SUSE Bug 1101669", url: "https://bugzilla.suse.com/1101669", }, { category: "self", summary: "SUSE Bug 1102346", url: "https://bugzilla.suse.com/1102346", }, { category: "self", summary: "SUSE Bug 1102870", url: "https://bugzilla.suse.com/1102870", }, { category: "self", summary: "SUSE Bug 1102875", url: "https://bugzilla.suse.com/1102875", }, { category: "self", summary: "SUSE Bug 1102877", url: "https://bugzilla.suse.com/1102877", }, { category: "self", summary: "SUSE Bug 1102879", url: "https://bugzilla.suse.com/1102879", }, { category: "self", summary: "SUSE Bug 1102882", url: "https://bugzilla.suse.com/1102882", }, { category: "self", summary: "SUSE Bug 1102896", url: "https://bugzilla.suse.com/1102896", }, { category: "self", summary: "SUSE Bug 1103363", url: "https://bugzilla.suse.com/1103363", }, { category: "self", summary: "SUSE Bug 1103387", url: "https://bugzilla.suse.com/1103387", }, { category: "self", summary: "SUSE Bug 1103421", url: "https://bugzilla.suse.com/1103421", }, { category: "self", summary: "SUSE Bug 1103948", url: "https://bugzilla.suse.com/1103948", }, { category: "self", summary: "SUSE Bug 1103949", url: "https://bugzilla.suse.com/1103949", }, { category: "self", summary: "SUSE Bug 1103961", url: "https://bugzilla.suse.com/1103961", }, { category: "self", summary: "SUSE Bug 1104172", url: "https://bugzilla.suse.com/1104172", }, { category: "self", summary: "SUSE Bug 1104353", url: "https://bugzilla.suse.com/1104353", }, { category: "self", summary: "SUSE Bug 1104824", url: "https://bugzilla.suse.com/1104824", }, { category: "self", summary: "SUSE Bug 1105247", url: "https://bugzilla.suse.com/1105247", }, { category: "self", summary: "SUSE Bug 1105524", url: "https://bugzilla.suse.com/1105524", }, { category: "self", summary: "SUSE Bug 1105536", url: "https://bugzilla.suse.com/1105536", }, { category: "self", summary: "SUSE Bug 1105597", url: "https://bugzilla.suse.com/1105597", }, { category: "self", summary: "SUSE Bug 1105603", url: "https://bugzilla.suse.com/1105603", }, { category: "self", summary: "SUSE Bug 1105672", url: "https://bugzilla.suse.com/1105672", }, { category: "self", summary: "SUSE Bug 1105907", url: "https://bugzilla.suse.com/1105907", }, { category: "self", summary: "SUSE Bug 1106007", url: "https://bugzilla.suse.com/1106007", }, { category: "self", summary: "SUSE Bug 1106016", url: "https://bugzilla.suse.com/1106016", }, { category: "self", summary: "SUSE Bug 1106105", url: "https://bugzilla.suse.com/1106105", }, { category: "self", summary: "SUSE Bug 1106121", url: "https://bugzilla.suse.com/1106121", }, { category: "self", summary: "SUSE Bug 1106170", url: "https://bugzilla.suse.com/1106170", }, { category: "self", summary: "SUSE Bug 1106178", url: "https://bugzilla.suse.com/1106178", }, { category: "self", summary: "SUSE Bug 1106191", url: "https://bugzilla.suse.com/1106191", }, { category: "self", summary: "SUSE Bug 1106229", url: "https://bugzilla.suse.com/1106229", }, { category: "self", summary: "SUSE Bug 1106230", url: "https://bugzilla.suse.com/1106230", }, { category: "self", summary: "SUSE Bug 1106231", url: "https://bugzilla.suse.com/1106231", }, { category: "self", summary: "SUSE Bug 1106233", url: "https://bugzilla.suse.com/1106233", }, { category: "self", summary: "SUSE Bug 1106235", url: "https://bugzilla.suse.com/1106235", }, { category: "self", summary: "SUSE Bug 1106236", url: "https://bugzilla.suse.com/1106236", }, { category: "self", summary: "SUSE Bug 1106237", url: "https://bugzilla.suse.com/1106237", }, { category: "self", summary: "SUSE Bug 1106238", url: "https://bugzilla.suse.com/1106238", }, { category: "self", summary: "SUSE Bug 1106240", url: "https://bugzilla.suse.com/1106240", }, { category: "self", summary: "SUSE Bug 1106291", url: "https://bugzilla.suse.com/1106291", }, { category: "self", summary: "SUSE Bug 1106297", url: "https://bugzilla.suse.com/1106297", }, { category: "self", summary: "SUSE Bug 1106333", url: "https://bugzilla.suse.com/1106333", }, { category: "self", summary: "SUSE Bug 1106369", url: "https://bugzilla.suse.com/1106369", }, { category: "self", summary: "SUSE Bug 1106426", url: "https://bugzilla.suse.com/1106426", }, { category: "self", summary: "SUSE Bug 1106427", url: "https://bugzilla.suse.com/1106427", }, { category: "self", summary: "SUSE Bug 1106464", url: "https://bugzilla.suse.com/1106464", }, { category: "self", summary: "SUSE Bug 1106509", url: "https://bugzilla.suse.com/1106509", }, { category: "self", summary: "SUSE Bug 1106511", url: "https://bugzilla.suse.com/1106511", }, { category: "self", summary: "SUSE Bug 1106594", url: "https://bugzilla.suse.com/1106594", }, { category: "self", summary: "SUSE Bug 1106636", url: "https://bugzilla.suse.com/1106636", }, { category: "self", summary: "SUSE Bug 1106688", url: "https://bugzilla.suse.com/1106688", }, { category: "self", summary: "SUSE Bug 1106697", url: "https://bugzilla.suse.com/1106697", }, { category: "self", summary: "SUSE Bug 1106743", url: "https://bugzilla.suse.com/1106743", }, { category: "self", summary: "SUSE Bug 1106779", url: "https://bugzilla.suse.com/1106779", }, { category: "self", summary: "SUSE Bug 1106800", url: "https://bugzilla.suse.com/1106800", }, { category: "self", summary: "SUSE Bug 1106890", url: "https://bugzilla.suse.com/1106890", }, { category: "self", summary: "SUSE Bug 1106891", url: "https://bugzilla.suse.com/1106891", }, { category: "self", summary: "SUSE Bug 1106892", url: "https://bugzilla.suse.com/1106892", }, { category: "self", summary: "SUSE Bug 1106893", url: "https://bugzilla.suse.com/1106893", }, { category: "self", summary: "SUSE Bug 1106894", url: "https://bugzilla.suse.com/1106894", }, { category: "self", summary: "SUSE Bug 1106896", url: "https://bugzilla.suse.com/1106896", }, { category: "self", summary: "SUSE Bug 1106897", url: "https://bugzilla.suse.com/1106897", }, { category: "self", summary: "SUSE Bug 1106898", url: "https://bugzilla.suse.com/1106898", }, { category: "self", summary: "SUSE Bug 1106899", url: "https://bugzilla.suse.com/1106899", }, { category: "self", summary: "SUSE Bug 1106900", url: "https://bugzilla.suse.com/1106900", }, { category: "self", summary: "SUSE Bug 1106901", url: "https://bugzilla.suse.com/1106901", }, { category: "self", summary: "SUSE Bug 1106902", url: "https://bugzilla.suse.com/1106902", }, { category: "self", summary: "SUSE Bug 1106903", url: "https://bugzilla.suse.com/1106903", }, { category: "self", summary: "SUSE Bug 1106905", url: "https://bugzilla.suse.com/1106905", }, { category: "self", summary: "SUSE Bug 1106906", url: "https://bugzilla.suse.com/1106906", }, { category: "self", summary: "SUSE Bug 1106948", url: "https://bugzilla.suse.com/1106948", }, { category: "self", summary: "SUSE Bug 1106995", url: "https://bugzilla.suse.com/1106995", }, { category: "self", summary: "SUSE Bug 1107008", url: "https://bugzilla.suse.com/1107008", }, { category: "self", summary: "SUSE Bug 1107060", url: "https://bugzilla.suse.com/1107060", }, { category: "self", summary: "SUSE Bug 1107061", url: "https://bugzilla.suse.com/1107061", }, { category: "self", summary: "SUSE Bug 1107065", url: "https://bugzilla.suse.com/1107065", }, { category: "self", summary: "SUSE Bug 1107073", url: "https://bugzilla.suse.com/1107073", }, { category: "self", summary: "SUSE Bug 1107074", url: "https://bugzilla.suse.com/1107074", }, { category: "self", summary: "SUSE Bug 1107078", url: "https://bugzilla.suse.com/1107078", }, { category: "self", summary: "SUSE Bug 1107265", url: "https://bugzilla.suse.com/1107265", }, { category: "self", summary: "SUSE Bug 1107319", url: "https://bugzilla.suse.com/1107319", }, { category: "self", summary: "SUSE Bug 1107320", url: "https://bugzilla.suse.com/1107320", }, { category: "self", summary: "SUSE Bug 1107522", url: "https://bugzilla.suse.com/1107522", }, { category: "self", summary: "SUSE Bug 1107535", url: "https://bugzilla.suse.com/1107535", }, { category: "self", summary: "SUSE Bug 1107689", url: "https://bugzilla.suse.com/1107689", }, { category: "self", summary: "SUSE Bug 1107735", url: "https://bugzilla.suse.com/1107735", }, { category: "self", summary: "SUSE Bug 1107756", url: "https://bugzilla.suse.com/1107756", }, { category: "self", summary: "SUSE Bug 1107870", url: "https://bugzilla.suse.com/1107870", }, { category: "self", summary: "SUSE Bug 1107924", url: "https://bugzilla.suse.com/1107924", }, { category: "self", summary: "SUSE Bug 1107945", url: "https://bugzilla.suse.com/1107945", }, { category: "self", summary: "SUSE Bug 1107966", url: "https://bugzilla.suse.com/1107966", }, { category: "self", summary: "SUSE Bug 1108010", url: "https://bugzilla.suse.com/1108010", }, { category: "self", summary: "SUSE Bug 1108093", url: "https://bugzilla.suse.com/1108093", }, { category: "self", summary: "SUSE Bug 1108243", url: "https://bugzilla.suse.com/1108243", }, { category: "self", summary: "SUSE Bug 1108520", url: "https://bugzilla.suse.com/1108520", }, { category: "self", summary: "SUSE Bug 1108870", url: "https://bugzilla.suse.com/1108870", }, { category: "self", summary: "SUSE Bug 1109269", url: "https://bugzilla.suse.com/1109269", }, { category: "self", summary: "SUSE Bug 1109511", url: "https://bugzilla.suse.com/1109511", }, { category: "self", summary: "SUSE Bug 920344", url: "https://bugzilla.suse.com/920344", }, { category: "self", summary: "SUSE CVE CVE-2018-10938 page", url: "https://www.suse.com/security/cve/CVE-2018-10938/", }, { category: "self", summary: "SUSE CVE CVE-2018-10940 page", url: "https://www.suse.com/security/cve/CVE-2018-10940/", }, { category: "self", summary: "SUSE CVE CVE-2018-1128 page", url: "https://www.suse.com/security/cve/CVE-2018-1128/", }, { category: "self", summary: "SUSE CVE CVE-2018-1129 page", url: "https://www.suse.com/security/cve/CVE-2018-1129/", }, { category: "self", summary: "SUSE CVE CVE-2018-12896 page", url: "https://www.suse.com/security/cve/CVE-2018-12896/", }, { category: "self", summary: "SUSE CVE CVE-2018-13093 page", url: "https://www.suse.com/security/cve/CVE-2018-13093/", }, { category: "self", summary: "SUSE CVE CVE-2018-13094 page", url: "https://www.suse.com/security/cve/CVE-2018-13094/", }, { category: "self", summary: "SUSE CVE CVE-2018-13095 page", url: "https://www.suse.com/security/cve/CVE-2018-13095/", }, { category: "self", summary: "SUSE CVE CVE-2018-14613 page", url: "https://www.suse.com/security/cve/CVE-2018-14613/", }, { category: "self", summary: "SUSE CVE CVE-2018-14617 page", url: "https://www.suse.com/security/cve/CVE-2018-14617/", }, { category: "self", summary: "SUSE CVE CVE-2018-16658 page", url: "https://www.suse.com/security/cve/CVE-2018-16658/", }, { category: "self", summary: "SUSE CVE CVE-2018-6554 page", url: "https://www.suse.com/security/cve/CVE-2018-6554/", }, { category: "self", summary: "SUSE CVE CVE-2018-6555 page", url: "https://www.suse.com/security/cve/CVE-2018-6555/", }, ], title: "Security update for the Linux Kernel", tracking: { current_release_date: "2018-10-02T14:32:29Z", generator: { date: "2018-10-02T14:32:29Z", engine: { name: "cve-database.git:bin/generate-csaf.pl", version: "1", }, }, id: "SUSE-SU-2018:2981-1", initial_release_date: "2018-10-02T14:32:29Z", revision_history: [ { date: "2018-10-02T14:32:29Z", number: "1", summary: "Current version", }, ], status: "final", version: "1", }, }, product_tree: { branches: [ { branches: [ { branches: [ { category: "product_version", name: "kernel-default-livepatch-4.12.14-25.19.1.ppc64le", product: { name: "kernel-default-livepatch-4.12.14-25.19.1.ppc64le", product_id: "kernel-default-livepatch-4.12.14-25.19.1.ppc64le", }, }, { category: "product_version", name: "kernel-livepatch-4_12_14-25_19-default-1-1.3.1.ppc64le", product: { name: "kernel-livepatch-4_12_14-25_19-default-1-1.3.1.ppc64le", product_id: "kernel-livepatch-4_12_14-25_19-default-1-1.3.1.ppc64le", }, }, ], category: "architecture", name: "ppc64le", }, { branches: [ { category: "product_version", name: "kernel-default-livepatch-4.12.14-25.19.1.x86_64", product: { name: "kernel-default-livepatch-4.12.14-25.19.1.x86_64", product_id: "kernel-default-livepatch-4.12.14-25.19.1.x86_64", }, }, { category: "product_version", name: "kernel-livepatch-4_12_14-25_19-default-1-1.3.1.x86_64", product: { name: "kernel-livepatch-4_12_14-25_19-default-1-1.3.1.x86_64", product_id: "kernel-livepatch-4_12_14-25_19-default-1-1.3.1.x86_64", }, }, ], category: "architecture", name: "x86_64", }, { branches: [ { category: "product_name", name: "SUSE Linux Enterprise Live Patching 15", product: { name: "SUSE Linux Enterprise Live Patching 15", product_id: "SUSE Linux Enterprise Live Patching 15", product_identification_helper: { cpe: "cpe:/o:suse:sle-module-live-patching:15", }, }, }, ], category: "product_family", name: "SUSE Linux Enterprise", }, ], category: "vendor", name: "SUSE", }, ], relationships: [ { category: "default_component_of", full_product_name: { name: "kernel-default-livepatch-4.12.14-25.19.1.ppc64le as component of SUSE Linux Enterprise Live Patching 15", product_id: "SUSE Linux Enterprise Live Patching 15:kernel-default-livepatch-4.12.14-25.19.1.ppc64le", }, product_reference: "kernel-default-livepatch-4.12.14-25.19.1.ppc64le", relates_to_product_reference: "SUSE Linux Enterprise Live Patching 15", }, { category: "default_component_of", full_product_name: { name: "kernel-default-livepatch-4.12.14-25.19.1.x86_64 as component of SUSE Linux Enterprise Live Patching 15", product_id: "SUSE Linux Enterprise Live Patching 15:kernel-default-livepatch-4.12.14-25.19.1.x86_64", }, product_reference: "kernel-default-livepatch-4.12.14-25.19.1.x86_64", relates_to_product_reference: "SUSE Linux Enterprise Live Patching 15", }, { category: "default_component_of", full_product_name: { name: "kernel-livepatch-4_12_14-25_19-default-1-1.3.1.ppc64le as component of SUSE Linux Enterprise Live Patching 15", product_id: "SUSE Linux Enterprise Live Patching 15:kernel-livepatch-4_12_14-25_19-default-1-1.3.1.ppc64le", }, product_reference: "kernel-livepatch-4_12_14-25_19-default-1-1.3.1.ppc64le", relates_to_product_reference: "SUSE Linux Enterprise Live Patching 15", }, { category: "default_component_of", full_product_name: { name: "kernel-livepatch-4_12_14-25_19-default-1-1.3.1.x86_64 as component of SUSE Linux Enterprise Live Patching 15", product_id: "SUSE Linux Enterprise Live Patching 15:kernel-livepatch-4_12_14-25_19-default-1-1.3.1.x86_64", }, product_reference: "kernel-livepatch-4_12_14-25_19-default-1-1.3.1.x86_64", relates_to_product_reference: "SUSE Linux Enterprise Live Patching 15", }, ], }, vulnerabilities: [ { cve: "CVE-2018-10938", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2018-10938", }, ], notes: [ { category: "general", text: "A flaw was found in the Linux kernel present since v4.0-rc1 and through v4.13-rc4. A crafted network packet sent remotely by an attacker may force the kernel to enter an infinite loop in the cipso_v4_optptr() function in net/ipv4/cipso_ipv4.c leading to a denial-of-service. A certain non-default configuration of LSM (Linux Security Module) and NetLabel should be set up on a system before an attacker could leverage this flaw.", title: "CVE description", }, ], product_status: { recommended: [ "SUSE Linux Enterprise Live Patching 15:kernel-default-livepatch-4.12.14-25.19.1.ppc64le", "SUSE Linux Enterprise Live Patching 15:kernel-default-livepatch-4.12.14-25.19.1.x86_64", "SUSE Linux Enterprise Live Patching 15:kernel-livepatch-4_12_14-25_19-default-1-1.3.1.ppc64le", "SUSE Linux Enterprise Live Patching 15:kernel-livepatch-4_12_14-25_19-default-1-1.3.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2018-10938", url: "https://www.suse.com/security/cve/CVE-2018-10938", }, { category: "external", summary: "SUSE Bug 1106016 for CVE-2018-10938", url: "https://bugzilla.suse.com/1106016", }, { category: "external", summary: "SUSE Bug 1106191 for CVE-2018-10938", url: "https://bugzilla.suse.com/1106191", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE Linux Enterprise Live Patching 15:kernel-default-livepatch-4.12.14-25.19.1.ppc64le", "SUSE Linux Enterprise Live Patching 15:kernel-default-livepatch-4.12.14-25.19.1.x86_64", "SUSE Linux Enterprise Live Patching 15:kernel-livepatch-4_12_14-25_19-default-1-1.3.1.ppc64le", "SUSE Linux Enterprise Live Patching 15:kernel-livepatch-4_12_14-25_19-default-1-1.3.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 7.5, baseSeverity: "HIGH", vectorString: "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", version: "3.0", }, products: [ "SUSE Linux Enterprise Live Patching 15:kernel-default-livepatch-4.12.14-25.19.1.ppc64le", "SUSE Linux Enterprise Live Patching 15:kernel-default-livepatch-4.12.14-25.19.1.x86_64", "SUSE Linux Enterprise Live Patching 15:kernel-livepatch-4_12_14-25_19-default-1-1.3.1.ppc64le", "SUSE Linux Enterprise Live Patching 15:kernel-livepatch-4_12_14-25_19-default-1-1.3.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2018-10-02T14:32:29Z", details: "important", }, ], title: "CVE-2018-10938", }, { cve: "CVE-2018-10940", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2018-10940", }, ], notes: [ { category: "general", text: "The cdrom_ioctl_media_changed function in drivers/cdrom/cdrom.c in the Linux kernel before 4.16.6 allows local attackers to use a incorrect bounds check in the CDROM driver CDROM_MEDIA_CHANGED ioctl to read out kernel memory.", title: "CVE description", }, ], product_status: { recommended: [ "SUSE Linux Enterprise Live Patching 15:kernel-default-livepatch-4.12.14-25.19.1.ppc64le", "SUSE Linux Enterprise Live Patching 15:kernel-default-livepatch-4.12.14-25.19.1.x86_64", "SUSE Linux Enterprise Live Patching 15:kernel-livepatch-4_12_14-25_19-default-1-1.3.1.ppc64le", "SUSE Linux Enterprise Live Patching 15:kernel-livepatch-4_12_14-25_19-default-1-1.3.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2018-10940", url: "https://www.suse.com/security/cve/CVE-2018-10940", }, { category: "external", summary: "SUSE Bug 1087082 for CVE-2018-10940", url: "https://bugzilla.suse.com/1087082", }, { category: "external", summary: "SUSE Bug 1092903 for CVE-2018-10940", url: "https://bugzilla.suse.com/1092903", }, { category: "external", summary: "SUSE Bug 1107689 for CVE-2018-10940", url: "https://bugzilla.suse.com/1107689", }, { category: "external", summary: "SUSE Bug 1113751 for CVE-2018-10940", url: "https://bugzilla.suse.com/1113751", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE Linux Enterprise Live Patching 15:kernel-default-livepatch-4.12.14-25.19.1.ppc64le", "SUSE Linux Enterprise Live Patching 15:kernel-default-livepatch-4.12.14-25.19.1.x86_64", "SUSE Linux Enterprise Live Patching 15:kernel-livepatch-4_12_14-25_19-default-1-1.3.1.ppc64le", "SUSE Linux Enterprise Live Patching 15:kernel-livepatch-4_12_14-25_19-default-1-1.3.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 6.2, baseSeverity: "MEDIUM", vectorString: "CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N", version: "3.0", }, products: [ "SUSE Linux Enterprise Live Patching 15:kernel-default-livepatch-4.12.14-25.19.1.ppc64le", "SUSE Linux Enterprise Live Patching 15:kernel-default-livepatch-4.12.14-25.19.1.x86_64", "SUSE Linux Enterprise Live Patching 15:kernel-livepatch-4_12_14-25_19-default-1-1.3.1.ppc64le", "SUSE Linux Enterprise Live Patching 15:kernel-livepatch-4_12_14-25_19-default-1-1.3.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2018-10-02T14:32:29Z", details: "moderate", }, ], title: "CVE-2018-10940", }, { cve: "CVE-2018-1128", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2018-1128", }, ], notes: [ { category: "general", text: "It was found that cephx authentication protocol did not verify ceph clients correctly and was vulnerable to replay attack. Any attacker having access to ceph cluster network who is able to sniff packets on network can use this vulnerability to authenticate with ceph service and perform actions allowed by ceph service. Ceph branches master, mimic, luminous and jewel are believed to be vulnerable.", title: "CVE description", }, ], product_status: { recommended: [ "SUSE Linux Enterprise Live Patching 15:kernel-default-livepatch-4.12.14-25.19.1.ppc64le", "SUSE Linux Enterprise Live Patching 15:kernel-default-livepatch-4.12.14-25.19.1.x86_64", "SUSE Linux Enterprise Live Patching 15:kernel-livepatch-4_12_14-25_19-default-1-1.3.1.ppc64le", "SUSE Linux Enterprise Live Patching 15:kernel-livepatch-4_12_14-25_19-default-1-1.3.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2018-1128", url: "https://www.suse.com/security/cve/CVE-2018-1128", }, { category: "external", summary: "SUSE Bug 1096748 for CVE-2018-1128", url: "https://bugzilla.suse.com/1096748", }, { category: "external", summary: "SUSE Bug 1114710 for CVE-2018-1128", url: "https://bugzilla.suse.com/1114710", }, { category: "external", summary: "SUSE Bug 1177843 for CVE-2018-1128", url: "https://bugzilla.suse.com/1177843", }, { category: "external", summary: "SUSE Bug 1177859 for CVE-2018-1128", url: "https://bugzilla.suse.com/1177859", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE Linux Enterprise Live Patching 15:kernel-default-livepatch-4.12.14-25.19.1.ppc64le", "SUSE Linux Enterprise Live Patching 15:kernel-default-livepatch-4.12.14-25.19.1.x86_64", "SUSE Linux Enterprise Live Patching 15:kernel-livepatch-4_12_14-25_19-default-1-1.3.1.ppc64le", "SUSE Linux Enterprise Live Patching 15:kernel-livepatch-4_12_14-25_19-default-1-1.3.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 8.3, baseSeverity: "HIGH", vectorString: "CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:L", version: "3.0", }, products: [ "SUSE Linux Enterprise Live Patching 15:kernel-default-livepatch-4.12.14-25.19.1.ppc64le", "SUSE Linux Enterprise Live Patching 15:kernel-default-livepatch-4.12.14-25.19.1.x86_64", "SUSE Linux Enterprise Live Patching 15:kernel-livepatch-4_12_14-25_19-default-1-1.3.1.ppc64le", "SUSE Linux Enterprise Live Patching 15:kernel-livepatch-4_12_14-25_19-default-1-1.3.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2018-10-02T14:32:29Z", details: "important", }, ], title: "CVE-2018-1128", }, { cve: "CVE-2018-1129", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2018-1129", }, ], notes: [ { category: "general", text: "A flaw was found in the way signature calculation was handled by cephx authentication protocol. An attacker having access to ceph cluster network who is able to alter the message payload was able to bypass signature checks done by cephx protocol. Ceph branches master, mimic, luminous and jewel are believed to be vulnerable.", title: "CVE description", }, ], product_status: { recommended: [ "SUSE Linux Enterprise Live Patching 15:kernel-default-livepatch-4.12.14-25.19.1.ppc64le", "SUSE Linux Enterprise Live Patching 15:kernel-default-livepatch-4.12.14-25.19.1.x86_64", "SUSE Linux Enterprise Live Patching 15:kernel-livepatch-4_12_14-25_19-default-1-1.3.1.ppc64le", "SUSE Linux Enterprise Live Patching 15:kernel-livepatch-4_12_14-25_19-default-1-1.3.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2018-1129", url: "https://www.suse.com/security/cve/CVE-2018-1129", }, { category: "external", summary: "SUSE Bug 1096748 for CVE-2018-1129", url: "https://bugzilla.suse.com/1096748", }, { category: "external", summary: "SUSE Bug 1114710 for CVE-2018-1129", url: "https://bugzilla.suse.com/1114710", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE Linux Enterprise Live Patching 15:kernel-default-livepatch-4.12.14-25.19.1.ppc64le", "SUSE Linux Enterprise Live Patching 15:kernel-default-livepatch-4.12.14-25.19.1.x86_64", "SUSE Linux Enterprise Live Patching 15:kernel-livepatch-4_12_14-25_19-default-1-1.3.1.ppc64le", "SUSE Linux Enterprise Live Patching 15:kernel-livepatch-4_12_14-25_19-default-1-1.3.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 8.1, baseSeverity: "HIGH", vectorString: "CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N", version: "3.0", }, products: [ "SUSE Linux Enterprise Live Patching 15:kernel-default-livepatch-4.12.14-25.19.1.ppc64le", "SUSE Linux Enterprise Live Patching 15:kernel-default-livepatch-4.12.14-25.19.1.x86_64", "SUSE Linux Enterprise Live Patching 15:kernel-livepatch-4_12_14-25_19-default-1-1.3.1.ppc64le", "SUSE Linux Enterprise Live Patching 15:kernel-livepatch-4_12_14-25_19-default-1-1.3.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2018-10-02T14:32:29Z", details: "important", }, ], title: "CVE-2018-1129", }, { cve: "CVE-2018-12896", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2018-12896", }, ], notes: [ { category: "general", text: "An issue was discovered in the Linux kernel through 4.17.3. An Integer Overflow in kernel/time/posix-timers.c in the POSIX timer code is caused by the way the overrun accounting works. Depending on interval and expiry time values, the overrun can be larger than INT_MAX, but the accounting is int based. This basically makes the accounting values, which are visible to user space via timer_getoverrun(2) and siginfo::si_overrun, random. For example, a local user can cause a denial of service (signed integer overflow) via crafted mmap, futex, timer_create, and timer_settime system calls.", title: "CVE description", }, ], product_status: { recommended: [ "SUSE Linux Enterprise Live Patching 15:kernel-default-livepatch-4.12.14-25.19.1.ppc64le", "SUSE Linux Enterprise Live Patching 15:kernel-default-livepatch-4.12.14-25.19.1.x86_64", "SUSE Linux Enterprise Live Patching 15:kernel-livepatch-4_12_14-25_19-default-1-1.3.1.ppc64le", "SUSE Linux Enterprise Live Patching 15:kernel-livepatch-4_12_14-25_19-default-1-1.3.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2018-12896", url: "https://www.suse.com/security/cve/CVE-2018-12896", }, { category: "external", summary: "SUSE Bug 1099922 for CVE-2018-12896", url: "https://bugzilla.suse.com/1099922", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE Linux Enterprise Live Patching 15:kernel-default-livepatch-4.12.14-25.19.1.ppc64le", "SUSE Linux Enterprise Live Patching 15:kernel-default-livepatch-4.12.14-25.19.1.x86_64", "SUSE Linux Enterprise Live Patching 15:kernel-livepatch-4_12_14-25_19-default-1-1.3.1.ppc64le", "SUSE Linux Enterprise Live Patching 15:kernel-livepatch-4_12_14-25_19-default-1-1.3.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 3.3, baseSeverity: "LOW", vectorString: "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L", version: "3.0", }, products: [ "SUSE Linux Enterprise Live Patching 15:kernel-default-livepatch-4.12.14-25.19.1.ppc64le", "SUSE Linux Enterprise Live Patching 15:kernel-default-livepatch-4.12.14-25.19.1.x86_64", "SUSE Linux Enterprise Live Patching 15:kernel-livepatch-4_12_14-25_19-default-1-1.3.1.ppc64le", "SUSE Linux Enterprise Live Patching 15:kernel-livepatch-4_12_14-25_19-default-1-1.3.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2018-10-02T14:32:29Z", details: "low", }, ], title: "CVE-2018-12896", }, { cve: "CVE-2018-13093", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2018-13093", }, ], notes: [ { category: "general", text: "An issue was discovered in fs/xfs/xfs_icache.c in the Linux kernel through 4.17.3. There is a NULL pointer dereference and panic in lookup_slow() on a NULL inode->i_ops pointer when doing pathwalks on a corrupted xfs image. This occurs because of a lack of proper validation that cached inodes are free during allocation.", title: "CVE description", }, ], product_status: { recommended: [ "SUSE Linux Enterprise Live Patching 15:kernel-default-livepatch-4.12.14-25.19.1.ppc64le", "SUSE Linux Enterprise Live Patching 15:kernel-default-livepatch-4.12.14-25.19.1.x86_64", "SUSE Linux Enterprise Live Patching 15:kernel-livepatch-4_12_14-25_19-default-1-1.3.1.ppc64le", "SUSE Linux Enterprise Live Patching 15:kernel-livepatch-4_12_14-25_19-default-1-1.3.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2018-13093", url: "https://www.suse.com/security/cve/CVE-2018-13093", }, { category: "external", summary: "SUSE Bug 1100001 for CVE-2018-13093", url: "https://bugzilla.suse.com/1100001", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE Linux Enterprise Live Patching 15:kernel-default-livepatch-4.12.14-25.19.1.ppc64le", "SUSE Linux Enterprise Live Patching 15:kernel-default-livepatch-4.12.14-25.19.1.x86_64", "SUSE Linux Enterprise Live Patching 15:kernel-livepatch-4_12_14-25_19-default-1-1.3.1.ppc64le", "SUSE Linux Enterprise Live Patching 15:kernel-livepatch-4_12_14-25_19-default-1-1.3.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 6.1, baseSeverity: "MEDIUM", vectorString: "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:H", version: "3.0", }, products: [ "SUSE Linux Enterprise Live Patching 15:kernel-default-livepatch-4.12.14-25.19.1.ppc64le", "SUSE Linux Enterprise Live Patching 15:kernel-default-livepatch-4.12.14-25.19.1.x86_64", "SUSE Linux Enterprise Live Patching 15:kernel-livepatch-4_12_14-25_19-default-1-1.3.1.ppc64le", "SUSE Linux Enterprise Live Patching 15:kernel-livepatch-4_12_14-25_19-default-1-1.3.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2018-10-02T14:32:29Z", details: "moderate", }, ], title: "CVE-2018-13093", }, { cve: "CVE-2018-13094", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2018-13094", }, ], notes: [ { category: "general", text: "An issue was discovered in fs/xfs/libxfs/xfs_attr_leaf.c in the Linux kernel through 4.17.3. An OOPS may occur for a corrupted xfs image after xfs_da_shrink_inode() is called with a NULL bp.", title: "CVE description", }, ], product_status: { recommended: [ "SUSE Linux Enterprise Live Patching 15:kernel-default-livepatch-4.12.14-25.19.1.ppc64le", "SUSE Linux Enterprise Live Patching 15:kernel-default-livepatch-4.12.14-25.19.1.x86_64", "SUSE Linux Enterprise Live Patching 15:kernel-livepatch-4_12_14-25_19-default-1-1.3.1.ppc64le", "SUSE Linux Enterprise Live Patching 15:kernel-livepatch-4_12_14-25_19-default-1-1.3.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2018-13094", url: "https://www.suse.com/security/cve/CVE-2018-13094", }, { category: "external", summary: "SUSE Bug 1087082 for CVE-2018-13094", url: "https://bugzilla.suse.com/1087082", }, { category: "external", summary: "SUSE Bug 1100000 for CVE-2018-13094", url: "https://bugzilla.suse.com/1100000", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE Linux Enterprise Live Patching 15:kernel-default-livepatch-4.12.14-25.19.1.ppc64le", "SUSE Linux Enterprise Live Patching 15:kernel-default-livepatch-4.12.14-25.19.1.x86_64", "SUSE Linux Enterprise Live Patching 15:kernel-livepatch-4_12_14-25_19-default-1-1.3.1.ppc64le", "SUSE Linux Enterprise Live Patching 15:kernel-livepatch-4_12_14-25_19-default-1-1.3.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 5.5, baseSeverity: "MEDIUM", vectorString: "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H", version: "3.0", }, products: [ "SUSE Linux Enterprise Live Patching 15:kernel-default-livepatch-4.12.14-25.19.1.ppc64le", "SUSE Linux Enterprise Live Patching 15:kernel-default-livepatch-4.12.14-25.19.1.x86_64", "SUSE Linux Enterprise Live Patching 15:kernel-livepatch-4_12_14-25_19-default-1-1.3.1.ppc64le", "SUSE Linux Enterprise Live Patching 15:kernel-livepatch-4_12_14-25_19-default-1-1.3.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2018-10-02T14:32:29Z", details: "moderate", }, ], title: "CVE-2018-13094", }, { cve: "CVE-2018-13095", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2018-13095", }, ], notes: [ { category: "general", text: "An issue was discovered in fs/xfs/libxfs/xfs_inode_buf.c in the Linux kernel through 4.17.3. A denial of service (memory corruption and BUG) can occur for a corrupted xfs image upon encountering an inode that is in extent format, but has more extents than fit in the inode fork.", title: "CVE description", }, ], product_status: { recommended: [ "SUSE Linux Enterprise Live Patching 15:kernel-default-livepatch-4.12.14-25.19.1.ppc64le", "SUSE Linux Enterprise Live Patching 15:kernel-default-livepatch-4.12.14-25.19.1.x86_64", "SUSE Linux Enterprise Live Patching 15:kernel-livepatch-4_12_14-25_19-default-1-1.3.1.ppc64le", "SUSE Linux Enterprise Live Patching 15:kernel-livepatch-4_12_14-25_19-default-1-1.3.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2018-13095", url: "https://www.suse.com/security/cve/CVE-2018-13095", }, { category: "external", summary: "SUSE Bug 1099999 for CVE-2018-13095", url: "https://bugzilla.suse.com/1099999", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE Linux Enterprise Live Patching 15:kernel-default-livepatch-4.12.14-25.19.1.ppc64le", "SUSE Linux Enterprise Live Patching 15:kernel-default-livepatch-4.12.14-25.19.1.x86_64", "SUSE Linux Enterprise Live Patching 15:kernel-livepatch-4_12_14-25_19-default-1-1.3.1.ppc64le", "SUSE Linux Enterprise Live Patching 15:kernel-livepatch-4_12_14-25_19-default-1-1.3.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 6.1, baseSeverity: "MEDIUM", vectorString: "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:H", version: "3.0", }, products: [ "SUSE Linux Enterprise Live Patching 15:kernel-default-livepatch-4.12.14-25.19.1.ppc64le", "SUSE Linux Enterprise Live Patching 15:kernel-default-livepatch-4.12.14-25.19.1.x86_64", "SUSE Linux Enterprise Live Patching 15:kernel-livepatch-4_12_14-25_19-default-1-1.3.1.ppc64le", "SUSE Linux Enterprise Live Patching 15:kernel-livepatch-4_12_14-25_19-default-1-1.3.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2018-10-02T14:32:29Z", details: "moderate", }, ], title: "CVE-2018-13095", }, { cve: "CVE-2018-14613", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2018-14613", }, ], notes: [ { category: "general", text: "An issue was discovered in the Linux kernel through 4.17.10. There is an invalid pointer dereference in io_ctl_map_page() when mounting and operating a crafted btrfs image, because of a lack of block group item validation in check_leaf_item in fs/btrfs/tree-checker.c.", title: "CVE description", }, ], product_status: { recommended: [ "SUSE Linux Enterprise Live Patching 15:kernel-default-livepatch-4.12.14-25.19.1.ppc64le", "SUSE Linux Enterprise Live Patching 15:kernel-default-livepatch-4.12.14-25.19.1.x86_64", "SUSE Linux Enterprise Live Patching 15:kernel-livepatch-4_12_14-25_19-default-1-1.3.1.ppc64le", "SUSE Linux Enterprise Live Patching 15:kernel-livepatch-4_12_14-25_19-default-1-1.3.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2018-14613", url: "https://www.suse.com/security/cve/CVE-2018-14613", }, { category: "external", summary: "SUSE Bug 1102896 for CVE-2018-14613", url: "https://bugzilla.suse.com/1102896", }, { category: "external", summary: "SUSE Bug 1103800 for CVE-2018-14613", url: "https://bugzilla.suse.com/1103800", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE Linux Enterprise Live Patching 15:kernel-default-livepatch-4.12.14-25.19.1.ppc64le", "SUSE Linux Enterprise Live Patching 15:kernel-default-livepatch-4.12.14-25.19.1.x86_64", "SUSE Linux Enterprise Live Patching 15:kernel-livepatch-4_12_14-25_19-default-1-1.3.1.ppc64le", "SUSE Linux Enterprise Live Patching 15:kernel-livepatch-4_12_14-25_19-default-1-1.3.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 4.4, baseSeverity: "MEDIUM", vectorString: "CVSS:3.0/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H", version: "3.0", }, products: [ "SUSE Linux Enterprise Live Patching 15:kernel-default-livepatch-4.12.14-25.19.1.ppc64le", "SUSE Linux Enterprise Live Patching 15:kernel-default-livepatch-4.12.14-25.19.1.x86_64", "SUSE Linux Enterprise Live Patching 15:kernel-livepatch-4_12_14-25_19-default-1-1.3.1.ppc64le", "SUSE Linux Enterprise Live Patching 15:kernel-livepatch-4_12_14-25_19-default-1-1.3.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2018-10-02T14:32:29Z", details: "moderate", }, ], title: "CVE-2018-14613", }, { cve: "CVE-2018-14617", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2018-14617", }, ], notes: [ { category: "general", text: "An issue was discovered in the Linux kernel through 4.17.10. There is a NULL pointer dereference and panic in hfsplus_lookup() in fs/hfsplus/dir.c when opening a file (that is purportedly a hard link) in an hfs+ filesystem that has malformed catalog data, and is mounted read-only without a metadata directory.", title: "CVE description", }, ], product_status: { recommended: [ "SUSE Linux Enterprise Live Patching 15:kernel-default-livepatch-4.12.14-25.19.1.ppc64le", "SUSE Linux Enterprise Live Patching 15:kernel-default-livepatch-4.12.14-25.19.1.x86_64", "SUSE Linux Enterprise Live Patching 15:kernel-livepatch-4_12_14-25_19-default-1-1.3.1.ppc64le", "SUSE Linux Enterprise Live Patching 15:kernel-livepatch-4_12_14-25_19-default-1-1.3.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2018-14617", url: "https://www.suse.com/security/cve/CVE-2018-14617", }, { category: "external", summary: "SUSE Bug 1102870 for CVE-2018-14617", url: "https://bugzilla.suse.com/1102870", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE Linux Enterprise Live Patching 15:kernel-default-livepatch-4.12.14-25.19.1.ppc64le", "SUSE Linux Enterprise Live Patching 15:kernel-default-livepatch-4.12.14-25.19.1.x86_64", "SUSE Linux Enterprise Live Patching 15:kernel-livepatch-4_12_14-25_19-default-1-1.3.1.ppc64le", "SUSE Linux Enterprise Live Patching 15:kernel-livepatch-4_12_14-25_19-default-1-1.3.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 5.5, baseSeverity: "MEDIUM", vectorString: "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", version: "3.0", }, products: [ "SUSE Linux Enterprise Live Patching 15:kernel-default-livepatch-4.12.14-25.19.1.ppc64le", "SUSE Linux Enterprise Live Patching 15:kernel-default-livepatch-4.12.14-25.19.1.x86_64", "SUSE Linux Enterprise Live Patching 15:kernel-livepatch-4_12_14-25_19-default-1-1.3.1.ppc64le", "SUSE Linux Enterprise Live Patching 15:kernel-livepatch-4_12_14-25_19-default-1-1.3.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2018-10-02T14:32:29Z", details: "moderate", }, ], title: "CVE-2018-14617", }, { cve: "CVE-2018-16658", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2018-16658", }, ], notes: [ { category: "general", text: "An issue was discovered in the Linux kernel before 4.18.6. An information leak in cdrom_ioctl_drive_status in drivers/cdrom/cdrom.c could be used by local attackers to read kernel memory because a cast from unsigned long to int interferes with bounds checking. This is similar to CVE-2018-10940.", title: "CVE description", }, ], product_status: { recommended: [ "SUSE Linux Enterprise Live Patching 15:kernel-default-livepatch-4.12.14-25.19.1.ppc64le", "SUSE Linux Enterprise Live Patching 15:kernel-default-livepatch-4.12.14-25.19.1.x86_64", "SUSE Linux Enterprise Live Patching 15:kernel-livepatch-4_12_14-25_19-default-1-1.3.1.ppc64le", "SUSE Linux Enterprise Live Patching 15:kernel-livepatch-4_12_14-25_19-default-1-1.3.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2018-16658", url: "https://www.suse.com/security/cve/CVE-2018-16658", }, { category: "external", summary: "SUSE Bug 1092903 for CVE-2018-16658", url: "https://bugzilla.suse.com/1092903", }, { category: "external", summary: "SUSE Bug 1107689 for CVE-2018-16658", url: "https://bugzilla.suse.com/1107689", }, { category: "external", summary: "SUSE Bug 1113751 for CVE-2018-16658", url: "https://bugzilla.suse.com/1113751", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE Linux Enterprise Live Patching 15:kernel-default-livepatch-4.12.14-25.19.1.ppc64le", "SUSE Linux Enterprise Live Patching 15:kernel-default-livepatch-4.12.14-25.19.1.x86_64", "SUSE Linux Enterprise Live Patching 15:kernel-livepatch-4_12_14-25_19-default-1-1.3.1.ppc64le", "SUSE Linux Enterprise Live Patching 15:kernel-livepatch-4_12_14-25_19-default-1-1.3.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 4, baseSeverity: "MEDIUM", vectorString: "CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N", version: "3.0", }, products: [ "SUSE Linux Enterprise Live Patching 15:kernel-default-livepatch-4.12.14-25.19.1.ppc64le", "SUSE Linux Enterprise Live Patching 15:kernel-default-livepatch-4.12.14-25.19.1.x86_64", "SUSE Linux Enterprise Live Patching 15:kernel-livepatch-4_12_14-25_19-default-1-1.3.1.ppc64le", "SUSE Linux Enterprise Live Patching 15:kernel-livepatch-4_12_14-25_19-default-1-1.3.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2018-10-02T14:32:29Z", details: "low", }, ], title: "CVE-2018-16658", }, { cve: "CVE-2018-6554", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2018-6554", }, ], notes: [ { category: "general", text: "Memory leak in the irda_bind function in net/irda/af_irda.c and later in drivers/staging/irda/net/af_irda.c in the Linux kernel before 4.17 allows local users to cause a denial of service (memory consumption) by repeatedly binding an AF_IRDA socket.", title: "CVE description", }, ], product_status: { recommended: [ "SUSE Linux Enterprise Live Patching 15:kernel-default-livepatch-4.12.14-25.19.1.ppc64le", "SUSE Linux Enterprise Live Patching 15:kernel-default-livepatch-4.12.14-25.19.1.x86_64", "SUSE Linux Enterprise Live Patching 15:kernel-livepatch-4_12_14-25_19-default-1-1.3.1.ppc64le", "SUSE Linux Enterprise Live Patching 15:kernel-livepatch-4_12_14-25_19-default-1-1.3.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2018-6554", url: "https://www.suse.com/security/cve/CVE-2018-6554", }, { category: "external", summary: "SUSE Bug 1106509 for CVE-2018-6554", url: "https://bugzilla.suse.com/1106509", }, { category: "external", summary: "SUSE Bug 1106511 for CVE-2018-6554", url: "https://bugzilla.suse.com/1106511", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE Linux Enterprise Live Patching 15:kernel-default-livepatch-4.12.14-25.19.1.ppc64le", "SUSE Linux Enterprise Live Patching 15:kernel-default-livepatch-4.12.14-25.19.1.x86_64", "SUSE Linux Enterprise Live Patching 15:kernel-livepatch-4_12_14-25_19-default-1-1.3.1.ppc64le", "SUSE Linux Enterprise Live Patching 15:kernel-livepatch-4_12_14-25_19-default-1-1.3.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 3.3, baseSeverity: "LOW", vectorString: "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L", version: "3.0", }, products: [ "SUSE Linux Enterprise Live Patching 15:kernel-default-livepatch-4.12.14-25.19.1.ppc64le", "SUSE Linux Enterprise Live Patching 15:kernel-default-livepatch-4.12.14-25.19.1.x86_64", "SUSE Linux Enterprise Live Patching 15:kernel-livepatch-4_12_14-25_19-default-1-1.3.1.ppc64le", "SUSE Linux Enterprise Live Patching 15:kernel-livepatch-4_12_14-25_19-default-1-1.3.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2018-10-02T14:32:29Z", details: "low", }, ], title: "CVE-2018-6554", }, { cve: "CVE-2018-6555", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2018-6555", }, ], notes: [ { category: "general", text: "The irda_setsockopt function in net/irda/af_irda.c and later in drivers/staging/irda/net/af_irda.c in the Linux kernel before 4.17 allows local users to cause a denial of service (ias_object use-after-free and system crash) or possibly have unspecified other impact via an AF_IRDA socket.", title: "CVE description", }, ], product_status: { recommended: [ "SUSE Linux Enterprise Live Patching 15:kernel-default-livepatch-4.12.14-25.19.1.ppc64le", "SUSE Linux Enterprise Live Patching 15:kernel-default-livepatch-4.12.14-25.19.1.x86_64", "SUSE Linux Enterprise Live Patching 15:kernel-livepatch-4_12_14-25_19-default-1-1.3.1.ppc64le", "SUSE Linux Enterprise Live Patching 15:kernel-livepatch-4_12_14-25_19-default-1-1.3.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2018-6555", url: "https://www.suse.com/security/cve/CVE-2018-6555", }, { category: "external", summary: "SUSE Bug 1106509 for CVE-2018-6555", url: "https://bugzilla.suse.com/1106509", }, { category: "external", summary: "SUSE Bug 1106511 for CVE-2018-6555", url: "https://bugzilla.suse.com/1106511", }, { category: "external", summary: "SUSE Bug 1115893 for CVE-2018-6555", url: "https://bugzilla.suse.com/1115893", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE Linux Enterprise Live Patching 15:kernel-default-livepatch-4.12.14-25.19.1.ppc64le", "SUSE Linux Enterprise Live Patching 15:kernel-default-livepatch-4.12.14-25.19.1.x86_64", "SUSE Linux Enterprise Live Patching 15:kernel-livepatch-4_12_14-25_19-default-1-1.3.1.ppc64le", "SUSE Linux Enterprise Live Patching 15:kernel-livepatch-4_12_14-25_19-default-1-1.3.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 4.4, baseSeverity: "MEDIUM", vectorString: "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:L", version: "3.0", }, products: [ "SUSE Linux Enterprise Live Patching 15:kernel-default-livepatch-4.12.14-25.19.1.ppc64le", "SUSE Linux Enterprise Live Patching 15:kernel-default-livepatch-4.12.14-25.19.1.x86_64", "SUSE Linux Enterprise Live Patching 15:kernel-livepatch-4_12_14-25_19-default-1-1.3.1.ppc64le", "SUSE Linux Enterprise Live Patching 15:kernel-livepatch-4_12_14-25_19-default-1-1.3.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2018-10-02T14:32:29Z", details: "moderate", }, ], title: "CVE-2018-6555", }, ], }
suse-su-2018:2908-2
Vulnerability from csaf_suse
Published
2019-04-27 13:55
Modified
2019-04-27 13:55
Summary
Security update for the Linux Kernel
Notes
Title of the patch
Security update for the Linux Kernel
Description of the patch
The SUSE Linux Enterprise 12 SP1 kernel was updated receive various security and bugfixes.
The following security bugs were fixed:
- CVE-2018-14634: Prevent integer overflow in create_elf_tables that allowed a
local attacker to exploit this vulnerability via a SUID-root binary and obtain
full root privileges (bsc#1108912)
- CVE-2018-14617: Prevent NULL pointer dereference and panic in
hfsplus_lookup() when opening a file (that is purportedly a hard link) in an
hfs+ filesystem that has malformed catalog data, and is mounted read-only
without a metadata directory (bsc#1102870)
- CVE-2018-16276: Incorrect bounds checking in the yurex USB driver in
yurex_read allowed local attackers to use user access read/writes to crash the
kernel or potentially escalate privileges (bsc#1106095)
- CVE-2018-12896: Prevent integer overflow in the POSIX timer code that was
caused by the way the overrun accounting works. Depending on interval and
expiry time values, the overrun can be larger than INT_MAX, but the accounting
is int based. This basically made the accounting values, which are visible to
user space via timer_getoverrun(2) and siginfo::si_overrun, random. This
allowed a local user to cause a denial of service (signed integer overflow) via
crafted mmap, futex, timer_create, and timer_settime system calls (bnc#1099922)
- CVE-2018-13093: Prevent NULL pointer dereference and panic in lookup_slow()
on a NULL inode->i_ops pointer when doing pathwalks on a corrupted xfs image.
This occured because of a lack of proper validation that cached inodes are free
during allocation (bnc#1100001)
- CVE-2018-10940: The cdrom_ioctl_media_changed function allowed local
attackers to use a incorrect bounds check in the CDROM driver
CDROM_MEDIA_CHANGED ioctl to read out kernel memory (bsc#1092903)
- CVE-2018-16658: Prevent information leak in cdrom_ioctl_drive_status that
could have been used by local attackers to read kernel memory (bnc#1107689)
- CVE-2018-6555: The irda_setsockopt function allowed local users to cause a
denial of service (ias_object use-after-free and system crash) or possibly have
unspecified other impact via an AF_IRDA socket (bnc#1106511)
- CVE-2018-6554: Prevent memory leak in the irda_bind function that allowed
local users to cause a denial of service (memory consumption) by repeatedly
binding an AF_IRDA socket (bnc#1106509)
- CVE-2018-10902: Protect against concurrent access to prevent double realloc
(double free) in snd_rawmidi_input_params() and snd_rawmidi_output_status(). A
malicious local attacker could have used this for privilege escalation
(bnc#1105322)
- CVE-2018-10879: A local user could have caused a use-after-free in
ext4_xattr_set_entry function and a denial of service or unspecified other
impact by renaming a file in a crafted ext4 filesystem image (bsc#1099844)
- CVE-2018-10883: A local user could have caused an out-of-bounds write in
jbd2_journal_dirty_metadata(), a denial of service, and a system crash by
mounting and operating on a crafted ext4 filesystem image (bsc#1099863)
- CVE-2018-10880: Prevent stack-out-of-bounds write in the ext4 filesystem code
when mounting and writing to a crafted ext4 image in ext4_update_inline_data().
An attacker could have used this to cause a system crash and a denial of
service (bsc#1099845)
- CVE-2018-10882: A local user could have caused an out-of-bound write, a
denial of service, and a system crash by unmounting a crafted ext4 filesystem
image (bsc#1099849)
- CVE-2018-10881: A local user could have caused an out-of-bound access in
ext4_get_group_info function, a denial of service, and a system crash by
mounting and operating on a crafted ext4 filesystem image (bsc#1099864)
- CVE-2018-10877: Prevent out-of-bound access in the ext4_ext_drop_refs()
function when operating on a crafted ext4 filesystem image (bsc#1099846)
- CVE-2018-10876: A use-after-free was possible in ext4_ext_remove_space()
function when mounting and operating a crafted ext4 image (bsc#1099811)
- CVE-2018-10878: A local user could have caused an out-of-bounds write and a
denial of service or unspecified other impact by mounting and operating a
crafted ext4 filesystem image (bsc#1099813)
- CVE-2018-10853: The KVM hypervisor did not check current privilege(CPL) level
while emulating unprivileged instructions. An unprivileged guest user/process
could have used this flaw to potentially escalate privileges inside guest
(bsc#1097104).
The following non-security bugs were fixed:
- KEYS: prevent creating a different user's keyrings (bnc#1065999).
- KVM: MMU: always terminate page walks at level 1 (bsc#1062604).
- KVM: MMU: simplify last_pte_bitmap (bsc#1062604).
- KVM: VMX: Work around kABI breakage in 'enum vmx_l1d_flush_state' (bsc#1106369).
- KVM: VMX: fixes for vmentry_l1d_flush module parameter (bsc#1106369).
- KVM: nVMX: update last_nonleaf_level when initializing nested EPT (bsc#1062604).
- Refresh patches.xen/xen3-x86-l1tf-04-protect-PROT_NONE-ptes.patch (bsc#1105100).
- Do not report CPU affected by L1TF when ARCH_CAP_RDCL_NO bit is set (bsc#1104906).
- Revert '- Disable patches.arch/x86-mm-Simplify-p-g4um-d_page-macros.patch' (bnc#1104818)
- bcache: avoid unncessary cache prefetch bch_btree_node_get().
- bcache: calculate the number of incremental GC nodes according to the total of btree nodes.
- bcache: display rate debug parameters to 0 when writeback is not running.
- bcache: do not check return value of debugfs_create_dir().
- bcache: finish incremental GC.
- bcache: fix I/O significant decline while backend devices registering.
- bcache: fix error setting writeback_rate through sysfs interface (bsc#1064233).
- bcache: free heap cache_set->flush_btree in bch_journal_free.
- bcache: make the pr_err statement used for ENOENT only in sysfs_attatch section.
- bcache: release dc->writeback_lock properly in bch_writeback_thread().
- bcache: set max writeback rate when I/O request is idle (bsc#1064233).
- bcache: simplify the calculation of the total amount of flash dirty data.
- cifs: Fix infinite loop when using hard mount option (bsc#1091171).
- ext4: check for allocation block validity with block group locked (bsc#1104495).
- ext4: do not update checksum of new initialized bitmaps (bnc#1012382).
- ext4: fix check to prevent initializing reserved inodes (bsc#1104319).
- ext4: fix false negatives *and* false positives in ext4_check_descriptors() (bsc#1103445).
- restore cond_resched() in shrink_dcache_parent().
- usbip: vhci_sysfs: fix potential Spectre v1 (bsc#1096547).
- x86, l1tf: Protect PROT_NONE PTEs against speculation fixup (bnc#1104818).
- x86/speculation: Use ARCH_CAPABILITIES to skip L1D flush on vmentry (bsc#1106369).
- xen, x86, l1tf: Protect PROT_NONE PTEs against speculation fixup (bnc#1104818).
- xfs: Remove dead code from inode recover function (bsc#1105396).
- xfs: convert XFS_AGFL_SIZE to a helper function (bsc#1090955, bsc#1090534).
- xfs: detect agfl count corruption and reset agfl (bsc#1090955, bsc#1090534).
- xfs: do not log/recover swapext extent owner changes for deleted inodes (bsc#1090955).
- xfs: protect inode ->di_dmstate with a spinlock (bsc#1024788).
- xfs: repair malformed inode items during log recovery (bsc#1105396).
Patchnames
SUSE-SLE-SAP-12-SP1-2019-1065
Terms of use
CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).
{ document: { aggregate_severity: { namespace: "https://www.suse.com/support/security/rating/", text: "important", }, category: "csaf_security_advisory", csaf_version: "2.0", distribution: { text: "Copyright 2024 SUSE LLC. All rights reserved.", tlp: { label: "WHITE", url: "https://www.first.org/tlp/", }, }, lang: "en", notes: [ { category: "summary", text: "Security update for the Linux Kernel", title: "Title of the patch", }, { category: "description", text: "\nThe SUSE Linux Enterprise 12 SP1 kernel was updated receive various security and bugfixes.\n\nThe following security bugs were fixed:\n\n- CVE-2018-14634: Prevent integer overflow in create_elf_tables that allowed a\n local attacker to exploit this vulnerability via a SUID-root binary and obtain\n full root privileges (bsc#1108912)\n- CVE-2018-14617: Prevent NULL pointer dereference and panic in\n hfsplus_lookup() when opening a file (that is purportedly a hard link) in an\n hfs+ filesystem that has malformed catalog data, and is mounted read-only\n without a metadata directory (bsc#1102870)\n- CVE-2018-16276: Incorrect bounds checking in the yurex USB driver in\n yurex_read allowed local attackers to use user access read/writes to crash the\n kernel or potentially escalate privileges (bsc#1106095)\n- CVE-2018-12896: Prevent integer overflow in the POSIX timer code that was\n caused by the way the overrun accounting works. Depending on interval and\n expiry time values, the overrun can be larger than INT_MAX, but the accounting\n is int based. This basically made the accounting values, which are visible to\n user space via timer_getoverrun(2) and siginfo::si_overrun, random. This\n allowed a local user to cause a denial of service (signed integer overflow) via\n crafted mmap, futex, timer_create, and timer_settime system calls (bnc#1099922)\n- CVE-2018-13093: Prevent NULL pointer dereference and panic in lookup_slow()\n on a NULL inode->i_ops pointer when doing pathwalks on a corrupted xfs image.\n This occured because of a lack of proper validation that cached inodes are free\n during allocation (bnc#1100001)\n- CVE-2018-10940: The cdrom_ioctl_media_changed function allowed local\n attackers to use a incorrect bounds check in the CDROM driver\n CDROM_MEDIA_CHANGED ioctl to read out kernel memory (bsc#1092903)\n- CVE-2018-16658: Prevent information leak in cdrom_ioctl_drive_status that\n could have been used by local attackers to read kernel memory (bnc#1107689)\n- CVE-2018-6555: The irda_setsockopt function allowed local users to cause a\n denial of service (ias_object use-after-free and system crash) or possibly have\n unspecified other impact via an AF_IRDA socket (bnc#1106511)\n- CVE-2018-6554: Prevent memory leak in the irda_bind function that allowed\n local users to cause a denial of service (memory consumption) by repeatedly\n binding an AF_IRDA socket (bnc#1106509)\n- CVE-2018-10902: Protect against concurrent access to prevent double realloc\n (double free) in snd_rawmidi_input_params() and snd_rawmidi_output_status(). A\n malicious local attacker could have used this for privilege escalation\n (bnc#1105322)\n- CVE-2018-10879: A local user could have caused a use-after-free in\n ext4_xattr_set_entry function and a denial of service or unspecified other\n impact by renaming a file in a crafted ext4 filesystem image (bsc#1099844)\n- CVE-2018-10883: A local user could have caused an out-of-bounds write in\n jbd2_journal_dirty_metadata(), a denial of service, and a system crash by\n mounting and operating on a crafted ext4 filesystem image (bsc#1099863)\n- CVE-2018-10880: Prevent stack-out-of-bounds write in the ext4 filesystem code\n when mounting and writing to a crafted ext4 image in ext4_update_inline_data().\n An attacker could have used this to cause a system crash and a denial of\n service (bsc#1099845)\n- CVE-2018-10882: A local user could have caused an out-of-bound write, a\n denial of service, and a system crash by unmounting a crafted ext4 filesystem\n image (bsc#1099849)\n- CVE-2018-10881: A local user could have caused an out-of-bound access in\n ext4_get_group_info function, a denial of service, and a system crash by\n mounting and operating on a crafted ext4 filesystem image (bsc#1099864)\n- CVE-2018-10877: Prevent out-of-bound access in the ext4_ext_drop_refs()\n function when operating on a crafted ext4 filesystem image (bsc#1099846)\n- CVE-2018-10876: A use-after-free was possible in ext4_ext_remove_space()\n function when mounting and operating a crafted ext4 image (bsc#1099811)\n- CVE-2018-10878: A local user could have caused an out-of-bounds write and a\n denial of service or unspecified other impact by mounting and operating a\n crafted ext4 filesystem image (bsc#1099813)\n- CVE-2018-10853: The KVM hypervisor did not check current privilege(CPL) level\n while emulating unprivileged instructions. An unprivileged guest user/process\n could have used this flaw to potentially escalate privileges inside guest\n (bsc#1097104).\n\nThe following non-security bugs were fixed:\n\n- KEYS: prevent creating a different user's keyrings (bnc#1065999).\n- KVM: MMU: always terminate page walks at level 1 (bsc#1062604).\n- KVM: MMU: simplify last_pte_bitmap (bsc#1062604).\n- KVM: VMX: Work around kABI breakage in 'enum vmx_l1d_flush_state' (bsc#1106369).\n- KVM: VMX: fixes for vmentry_l1d_flush module parameter (bsc#1106369).\n- KVM: nVMX: update last_nonleaf_level when initializing nested EPT (bsc#1062604).\n- Refresh patches.xen/xen3-x86-l1tf-04-protect-PROT_NONE-ptes.patch (bsc#1105100).\n- Do not report CPU affected by L1TF when ARCH_CAP_RDCL_NO bit is set (bsc#1104906).\n- Revert '- Disable patches.arch/x86-mm-Simplify-p-g4um-d_page-macros.patch' (bnc#1104818) \n- bcache: avoid unncessary cache prefetch bch_btree_node_get().\n- bcache: calculate the number of incremental GC nodes according to the total of btree nodes.\n- bcache: display rate debug parameters to 0 when writeback is not running.\n- bcache: do not check return value of debugfs_create_dir().\n- bcache: finish incremental GC.\n- bcache: fix I/O significant decline while backend devices registering.\n- bcache: fix error setting writeback_rate through sysfs interface (bsc#1064233).\n- bcache: free heap cache_set->flush_btree in bch_journal_free.\n- bcache: make the pr_err statement used for ENOENT only in sysfs_attatch section.\n- bcache: release dc->writeback_lock properly in bch_writeback_thread().\n- bcache: set max writeback rate when I/O request is idle (bsc#1064233).\n- bcache: simplify the calculation of the total amount of flash dirty data.\n- cifs: Fix infinite loop when using hard mount option (bsc#1091171).\n- ext4: check for allocation block validity with block group locked (bsc#1104495).\n- ext4: do not update checksum of new initialized bitmaps (bnc#1012382).\n- ext4: fix check to prevent initializing reserved inodes (bsc#1104319).\n- ext4: fix false negatives *and* false positives in ext4_check_descriptors() (bsc#1103445).\n- restore cond_resched() in shrink_dcache_parent().\n- usbip: vhci_sysfs: fix potential Spectre v1 (bsc#1096547).\n- x86, l1tf: Protect PROT_NONE PTEs against speculation fixup (bnc#1104818).\n- x86/speculation: Use ARCH_CAPABILITIES to skip L1D flush on vmentry (bsc#1106369).\n- xen, x86, l1tf: Protect PROT_NONE PTEs against speculation fixup (bnc#1104818).\n- xfs: Remove dead code from inode recover function (bsc#1105396).\n- xfs: convert XFS_AGFL_SIZE to a helper function (bsc#1090955, bsc#1090534).\n- xfs: detect agfl count corruption and reset agfl (bsc#1090955, bsc#1090534).\n- xfs: do not log/recover swapext extent owner changes for deleted inodes (bsc#1090955).\n- xfs: protect inode ->di_dmstate with a spinlock (bsc#1024788).\n- xfs: repair malformed inode items during log recovery (bsc#1105396).\n", title: "Description of the patch", }, { category: "details", text: "SUSE-SLE-SAP-12-SP1-2019-1065", title: "Patchnames", }, { category: "legal_disclaimer", text: "CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).", title: "Terms of use", }, ], publisher: { category: "vendor", contact_details: "https://www.suse.com/support/security/contact/", name: "SUSE Product Security Team", namespace: "https://www.suse.com/", }, references: [ { category: "external", summary: "SUSE ratings", url: "https://www.suse.com/support/security/rating/", }, { category: "self", summary: "URL of this CSAF notice", url: "https://ftp.suse.com/pub/projects/security/csaf/suse-su-2018_2908-2.json", }, { category: "self", summary: "URL for SUSE-SU-2018:2908-2", url: "https://www.suse.com/support/update/announcement/2018/suse-su-20182908-2/", }, { category: "self", summary: "E-Mail link for SUSE-SU-2018:2908-2", url: "https://lists.suse.com/pipermail/sle-security-updates/2019-April/005389.html", }, { category: "self", summary: "SUSE Bug 1012382", url: "https://bugzilla.suse.com/1012382", }, { category: "self", summary: "SUSE Bug 1024788", url: "https://bugzilla.suse.com/1024788", }, { category: "self", summary: "SUSE Bug 1062604", url: "https://bugzilla.suse.com/1062604", }, { category: "self", summary: "SUSE Bug 1064233", url: "https://bugzilla.suse.com/1064233", }, { category: "self", summary: "SUSE Bug 1065999", url: "https://bugzilla.suse.com/1065999", }, { category: "self", summary: "SUSE Bug 1090534", url: "https://bugzilla.suse.com/1090534", }, { category: "self", summary: "SUSE Bug 1090955", url: "https://bugzilla.suse.com/1090955", }, { category: "self", summary: "SUSE Bug 1091171", url: "https://bugzilla.suse.com/1091171", }, { category: "self", summary: "SUSE Bug 1092903", url: "https://bugzilla.suse.com/1092903", }, { category: "self", summary: "SUSE Bug 1096547", url: "https://bugzilla.suse.com/1096547", }, { category: "self", summary: "SUSE Bug 1097104", url: "https://bugzilla.suse.com/1097104", }, { category: "self", summary: "SUSE Bug 1097108", url: "https://bugzilla.suse.com/1097108", }, { category: "self", summary: "SUSE Bug 1099811", url: "https://bugzilla.suse.com/1099811", }, { category: "self", summary: "SUSE Bug 1099813", url: "https://bugzilla.suse.com/1099813", }, { category: "self", summary: "SUSE Bug 1099844", url: "https://bugzilla.suse.com/1099844", }, { category: "self", summary: "SUSE Bug 1099845", url: "https://bugzilla.suse.com/1099845", }, { category: "self", summary: "SUSE Bug 1099846", url: "https://bugzilla.suse.com/1099846", }, { category: "self", summary: "SUSE Bug 1099849", url: "https://bugzilla.suse.com/1099849", }, { category: "self", summary: "SUSE Bug 1099863", url: "https://bugzilla.suse.com/1099863", }, { category: "self", summary: "SUSE Bug 1099864", url: "https://bugzilla.suse.com/1099864", }, { category: "self", summary: "SUSE Bug 1099922", url: "https://bugzilla.suse.com/1099922", }, { category: "self", summary: "SUSE Bug 1100001", url: "https://bugzilla.suse.com/1100001", }, { category: "self", summary: "SUSE Bug 1102870", url: "https://bugzilla.suse.com/1102870", }, { category: "self", summary: "SUSE Bug 1103445", url: "https://bugzilla.suse.com/1103445", }, { category: "self", summary: "SUSE Bug 1104319", url: "https://bugzilla.suse.com/1104319", }, { category: "self", summary: "SUSE Bug 1104495", url: "https://bugzilla.suse.com/1104495", }, { category: "self", summary: "SUSE Bug 1104818", url: "https://bugzilla.suse.com/1104818", }, { category: "self", summary: "SUSE Bug 1104906", url: "https://bugzilla.suse.com/1104906", }, { category: "self", summary: "SUSE Bug 1105100", url: "https://bugzilla.suse.com/1105100", }, { category: "self", summary: "SUSE Bug 1105322", url: "https://bugzilla.suse.com/1105322", }, { category: "self", summary: "SUSE Bug 1105323", url: "https://bugzilla.suse.com/1105323", }, { category: "self", summary: "SUSE Bug 1105396", url: "https://bugzilla.suse.com/1105396", }, { category: "self", summary: "SUSE Bug 1106095", url: "https://bugzilla.suse.com/1106095", }, { category: "self", summary: "SUSE Bug 1106369", url: "https://bugzilla.suse.com/1106369", }, { category: "self", summary: "SUSE Bug 1106509", url: "https://bugzilla.suse.com/1106509", }, { category: "self", summary: "SUSE Bug 1106511", url: "https://bugzilla.suse.com/1106511", }, { category: "self", summary: "SUSE Bug 1107689", url: "https://bugzilla.suse.com/1107689", }, { category: "self", summary: "SUSE Bug 1108912", url: "https://bugzilla.suse.com/1108912", }, { category: "self", summary: "SUSE CVE CVE-2018-10853 page", url: "https://www.suse.com/security/cve/CVE-2018-10853/", }, { category: "self", summary: "SUSE CVE CVE-2018-10876 page", url: "https://www.suse.com/security/cve/CVE-2018-10876/", }, { category: "self", summary: "SUSE CVE CVE-2018-10877 page", url: "https://www.suse.com/security/cve/CVE-2018-10877/", }, { category: "self", summary: "SUSE CVE CVE-2018-10878 page", url: "https://www.suse.com/security/cve/CVE-2018-10878/", }, { category: "self", summary: "SUSE CVE CVE-2018-10879 page", url: "https://www.suse.com/security/cve/CVE-2018-10879/", }, { category: "self", summary: "SUSE CVE CVE-2018-10880 page", url: "https://www.suse.com/security/cve/CVE-2018-10880/", }, { category: "self", summary: "SUSE CVE CVE-2018-10881 page", url: "https://www.suse.com/security/cve/CVE-2018-10881/", }, { category: "self", summary: "SUSE CVE CVE-2018-10882 page", url: "https://www.suse.com/security/cve/CVE-2018-10882/", }, { category: "self", summary: "SUSE CVE CVE-2018-10883 page", url: "https://www.suse.com/security/cve/CVE-2018-10883/", }, { category: "self", summary: "SUSE CVE CVE-2018-10902 page", url: "https://www.suse.com/security/cve/CVE-2018-10902/", }, { category: "self", summary: "SUSE CVE CVE-2018-10940 page", url: "https://www.suse.com/security/cve/CVE-2018-10940/", }, { category: "self", summary: "SUSE CVE CVE-2018-12896 page", url: "https://www.suse.com/security/cve/CVE-2018-12896/", }, { category: "self", summary: "SUSE CVE CVE-2018-13093 page", url: "https://www.suse.com/security/cve/CVE-2018-13093/", }, { category: "self", summary: "SUSE CVE CVE-2018-14617 page", url: "https://www.suse.com/security/cve/CVE-2018-14617/", }, { category: "self", summary: "SUSE CVE CVE-2018-14634 page", url: "https://www.suse.com/security/cve/CVE-2018-14634/", }, { category: "self", summary: "SUSE CVE CVE-2018-16276 page", url: "https://www.suse.com/security/cve/CVE-2018-16276/", }, { category: "self", summary: "SUSE CVE CVE-2018-16658 page", url: "https://www.suse.com/security/cve/CVE-2018-16658/", }, { category: "self", summary: "SUSE CVE CVE-2018-6554 page", url: "https://www.suse.com/security/cve/CVE-2018-6554/", }, { category: "self", summary: "SUSE CVE CVE-2018-6555 page", url: "https://www.suse.com/security/cve/CVE-2018-6555/", }, ], title: "Security update for the Linux Kernel", tracking: { current_release_date: "2019-04-27T13:55:00Z", generator: { date: "2019-04-27T13:55:00Z", engine: { name: "cve-database.git:bin/generate-csaf.pl", version: "1", }, }, id: "SUSE-SU-2018:2908-2", initial_release_date: "2019-04-27T13:55:00Z", revision_history: [ { date: "2019-04-27T13:55:00Z", number: "1", summary: "Current version", }, ], status: "final", version: "1", }, }, product_tree: { branches: [ { branches: [ { branches: [ { category: "product_version", name: "kernel-devel-3.12.74-60.64.104.1.noarch", product: { name: "kernel-devel-3.12.74-60.64.104.1.noarch", product_id: "kernel-devel-3.12.74-60.64.104.1.noarch", }, }, { category: "product_version", name: "kernel-macros-3.12.74-60.64.104.1.noarch", product: { name: "kernel-macros-3.12.74-60.64.104.1.noarch", product_id: "kernel-macros-3.12.74-60.64.104.1.noarch", }, }, { category: "product_version", name: "kernel-source-3.12.74-60.64.104.1.noarch", product: { name: "kernel-source-3.12.74-60.64.104.1.noarch", product_id: "kernel-source-3.12.74-60.64.104.1.noarch", }, }, ], category: "architecture", name: "noarch", }, { branches: [ { category: "product_version", name: "kernel-default-3.12.74-60.64.104.1.x86_64", product: { name: "kernel-default-3.12.74-60.64.104.1.x86_64", product_id: "kernel-default-3.12.74-60.64.104.1.x86_64", }, }, { category: "product_version", name: "kernel-default-base-3.12.74-60.64.104.1.x86_64", product: { name: "kernel-default-base-3.12.74-60.64.104.1.x86_64", product_id: "kernel-default-base-3.12.74-60.64.104.1.x86_64", }, }, { category: "product_version", name: "kernel-default-devel-3.12.74-60.64.104.1.x86_64", product: { name: "kernel-default-devel-3.12.74-60.64.104.1.x86_64", product_id: "kernel-default-devel-3.12.74-60.64.104.1.x86_64", }, }, { category: "product_version", name: "kernel-syms-3.12.74-60.64.104.1.x86_64", product: { name: "kernel-syms-3.12.74-60.64.104.1.x86_64", product_id: "kernel-syms-3.12.74-60.64.104.1.x86_64", }, }, { category: "product_version", name: "kernel-xen-3.12.74-60.64.104.1.x86_64", product: { name: "kernel-xen-3.12.74-60.64.104.1.x86_64", product_id: "kernel-xen-3.12.74-60.64.104.1.x86_64", }, }, { category: "product_version", name: "kernel-xen-base-3.12.74-60.64.104.1.x86_64", product: { name: "kernel-xen-base-3.12.74-60.64.104.1.x86_64", product_id: "kernel-xen-base-3.12.74-60.64.104.1.x86_64", }, }, { category: "product_version", name: "kernel-xen-devel-3.12.74-60.64.104.1.x86_64", product: { name: "kernel-xen-devel-3.12.74-60.64.104.1.x86_64", product_id: "kernel-xen-devel-3.12.74-60.64.104.1.x86_64", }, }, { category: "product_version", name: "kgraft-patch-3_12_74-60_64_104-default-1-2.5.1.x86_64", product: { name: "kgraft-patch-3_12_74-60_64_104-default-1-2.5.1.x86_64", product_id: "kgraft-patch-3_12_74-60_64_104-default-1-2.5.1.x86_64", }, }, { category: "product_version", name: "kgraft-patch-3_12_74-60_64_104-xen-1-2.5.1.x86_64", product: { name: "kgraft-patch-3_12_74-60_64_104-xen-1-2.5.1.x86_64", product_id: "kgraft-patch-3_12_74-60_64_104-xen-1-2.5.1.x86_64", }, }, ], category: "architecture", name: "x86_64", }, { branches: [ { category: "product_name", name: "SUSE Linux Enterprise Server for SAP Applications 12 SP1", product: { name: "SUSE Linux Enterprise Server for SAP Applications 12 SP1", product_id: "SUSE Linux Enterprise Server for SAP Applications 12 SP1", product_identification_helper: { cpe: "cpe:/o:suse:sles_sap:12:sp1", }, }, }, ], category: "product_family", name: "SUSE Linux Enterprise", }, ], category: "vendor", name: "SUSE", }, ], relationships: [ { category: "default_component_of", full_product_name: { name: "kernel-default-3.12.74-60.64.104.1.x86_64 as component of SUSE Linux Enterprise Server for SAP Applications 12 SP1", product_id: "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-3.12.74-60.64.104.1.x86_64", }, product_reference: "kernel-default-3.12.74-60.64.104.1.x86_64", relates_to_product_reference: "SUSE Linux Enterprise Server for SAP Applications 12 SP1", }, { category: "default_component_of", full_product_name: { name: "kernel-default-base-3.12.74-60.64.104.1.x86_64 as component of SUSE Linux Enterprise Server for SAP Applications 12 SP1", product_id: "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-base-3.12.74-60.64.104.1.x86_64", }, product_reference: "kernel-default-base-3.12.74-60.64.104.1.x86_64", relates_to_product_reference: "SUSE Linux Enterprise Server for SAP Applications 12 SP1", }, { category: "default_component_of", full_product_name: { name: "kernel-default-devel-3.12.74-60.64.104.1.x86_64 as component of SUSE Linux Enterprise Server for SAP Applications 12 SP1", product_id: "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-devel-3.12.74-60.64.104.1.x86_64", }, product_reference: "kernel-default-devel-3.12.74-60.64.104.1.x86_64", relates_to_product_reference: "SUSE Linux Enterprise Server for SAP Applications 12 SP1", }, { category: "default_component_of", full_product_name: { name: "kernel-devel-3.12.74-60.64.104.1.noarch as component of SUSE Linux Enterprise Server for SAP Applications 12 SP1", product_id: "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-devel-3.12.74-60.64.104.1.noarch", }, product_reference: "kernel-devel-3.12.74-60.64.104.1.noarch", relates_to_product_reference: "SUSE Linux Enterprise Server for SAP Applications 12 SP1", }, { category: "default_component_of", full_product_name: { name: "kernel-macros-3.12.74-60.64.104.1.noarch as component of SUSE Linux Enterprise Server for SAP Applications 12 SP1", product_id: "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-macros-3.12.74-60.64.104.1.noarch", }, product_reference: "kernel-macros-3.12.74-60.64.104.1.noarch", relates_to_product_reference: "SUSE Linux Enterprise Server for SAP Applications 12 SP1", }, { category: "default_component_of", full_product_name: { name: "kernel-source-3.12.74-60.64.104.1.noarch as component of SUSE Linux Enterprise Server for SAP Applications 12 SP1", product_id: "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-source-3.12.74-60.64.104.1.noarch", }, product_reference: "kernel-source-3.12.74-60.64.104.1.noarch", relates_to_product_reference: "SUSE Linux Enterprise Server for SAP Applications 12 SP1", }, { category: "default_component_of", full_product_name: { name: "kernel-syms-3.12.74-60.64.104.1.x86_64 as component of SUSE Linux Enterprise Server for SAP Applications 12 SP1", product_id: "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-syms-3.12.74-60.64.104.1.x86_64", }, product_reference: "kernel-syms-3.12.74-60.64.104.1.x86_64", relates_to_product_reference: "SUSE Linux Enterprise Server for SAP Applications 12 SP1", }, { category: "default_component_of", full_product_name: { name: "kernel-xen-3.12.74-60.64.104.1.x86_64 as component of SUSE Linux Enterprise Server for SAP Applications 12 SP1", product_id: "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-xen-3.12.74-60.64.104.1.x86_64", }, product_reference: "kernel-xen-3.12.74-60.64.104.1.x86_64", relates_to_product_reference: "SUSE Linux Enterprise Server for SAP Applications 12 SP1", }, { category: "default_component_of", full_product_name: { name: "kernel-xen-base-3.12.74-60.64.104.1.x86_64 as component of SUSE Linux Enterprise Server for SAP Applications 12 SP1", product_id: "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-xen-base-3.12.74-60.64.104.1.x86_64", }, product_reference: "kernel-xen-base-3.12.74-60.64.104.1.x86_64", relates_to_product_reference: "SUSE Linux Enterprise Server for SAP Applications 12 SP1", }, { category: "default_component_of", full_product_name: { name: "kernel-xen-devel-3.12.74-60.64.104.1.x86_64 as component of SUSE Linux Enterprise Server for SAP Applications 12 SP1", product_id: "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-xen-devel-3.12.74-60.64.104.1.x86_64", }, product_reference: "kernel-xen-devel-3.12.74-60.64.104.1.x86_64", relates_to_product_reference: "SUSE Linux Enterprise Server for SAP Applications 12 SP1", }, { category: "default_component_of", full_product_name: { name: "kgraft-patch-3_12_74-60_64_104-default-1-2.5.1.x86_64 as component of SUSE Linux Enterprise Server for SAP Applications 12 SP1", product_id: "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kgraft-patch-3_12_74-60_64_104-default-1-2.5.1.x86_64", }, product_reference: "kgraft-patch-3_12_74-60_64_104-default-1-2.5.1.x86_64", relates_to_product_reference: "SUSE Linux Enterprise Server for SAP Applications 12 SP1", }, { category: "default_component_of", full_product_name: { name: "kgraft-patch-3_12_74-60_64_104-xen-1-2.5.1.x86_64 as component of SUSE Linux Enterprise Server for SAP Applications 12 SP1", product_id: "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kgraft-patch-3_12_74-60_64_104-xen-1-2.5.1.x86_64", }, product_reference: "kgraft-patch-3_12_74-60_64_104-xen-1-2.5.1.x86_64", relates_to_product_reference: "SUSE Linux Enterprise Server for SAP Applications 12 SP1", }, ], }, vulnerabilities: [ { cve: "CVE-2018-10853", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2018-10853", }, ], notes: [ { category: "general", text: "A flaw was found in the way Linux kernel KVM hypervisor before 4.18 emulated instructions such as sgdt/sidt/fxsave/fxrstor. It did not check current privilege(CPL) level while emulating unprivileged instructions. An unprivileged guest user/process could use this flaw to potentially escalate privileges inside guest.", title: "CVE description", }, ], product_status: { recommended: [ "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-3.12.74-60.64.104.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-base-3.12.74-60.64.104.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-devel-3.12.74-60.64.104.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-devel-3.12.74-60.64.104.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-macros-3.12.74-60.64.104.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-source-3.12.74-60.64.104.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-syms-3.12.74-60.64.104.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-xen-3.12.74-60.64.104.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-xen-base-3.12.74-60.64.104.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-xen-devel-3.12.74-60.64.104.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kgraft-patch-3_12_74-60_64_104-default-1-2.5.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kgraft-patch-3_12_74-60_64_104-xen-1-2.5.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2018-10853", url: "https://www.suse.com/security/cve/CVE-2018-10853", }, { category: "external", summary: "SUSE Bug 1097104 for CVE-2018-10853", url: "https://bugzilla.suse.com/1097104", }, { category: "external", summary: "SUSE Bug 1097108 for CVE-2018-10853", url: "https://bugzilla.suse.com/1097108", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-3.12.74-60.64.104.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-base-3.12.74-60.64.104.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-devel-3.12.74-60.64.104.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-devel-3.12.74-60.64.104.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-macros-3.12.74-60.64.104.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-source-3.12.74-60.64.104.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-syms-3.12.74-60.64.104.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-xen-3.12.74-60.64.104.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-xen-base-3.12.74-60.64.104.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-xen-devel-3.12.74-60.64.104.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kgraft-patch-3_12_74-60_64_104-default-1-2.5.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kgraft-patch-3_12_74-60_64_104-xen-1-2.5.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 8.4, baseSeverity: "HIGH", vectorString: "CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", version: "3.0", }, products: [ "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-3.12.74-60.64.104.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-base-3.12.74-60.64.104.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-devel-3.12.74-60.64.104.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-devel-3.12.74-60.64.104.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-macros-3.12.74-60.64.104.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-source-3.12.74-60.64.104.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-syms-3.12.74-60.64.104.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-xen-3.12.74-60.64.104.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-xen-base-3.12.74-60.64.104.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-xen-devel-3.12.74-60.64.104.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kgraft-patch-3_12_74-60_64_104-default-1-2.5.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kgraft-patch-3_12_74-60_64_104-xen-1-2.5.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2019-04-27T13:55:00Z", details: "important", }, ], title: "CVE-2018-10853", }, { cve: "CVE-2018-10876", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2018-10876", }, ], notes: [ { category: "general", text: "A flaw was found in Linux kernel in the ext4 filesystem code. A use-after-free is possible in ext4_ext_remove_space() function when mounting and operating a crafted ext4 image.", title: "CVE description", }, ], product_status: { recommended: [ "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-3.12.74-60.64.104.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-base-3.12.74-60.64.104.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-devel-3.12.74-60.64.104.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-devel-3.12.74-60.64.104.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-macros-3.12.74-60.64.104.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-source-3.12.74-60.64.104.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-syms-3.12.74-60.64.104.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-xen-3.12.74-60.64.104.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-xen-base-3.12.74-60.64.104.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-xen-devel-3.12.74-60.64.104.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kgraft-patch-3_12_74-60_64_104-default-1-2.5.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kgraft-patch-3_12_74-60_64_104-xen-1-2.5.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2018-10876", url: "https://www.suse.com/security/cve/CVE-2018-10876", }, { category: "external", summary: "SUSE Bug 1099811 for CVE-2018-10876", url: "https://bugzilla.suse.com/1099811", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-3.12.74-60.64.104.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-base-3.12.74-60.64.104.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-devel-3.12.74-60.64.104.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-devel-3.12.74-60.64.104.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-macros-3.12.74-60.64.104.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-source-3.12.74-60.64.104.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-syms-3.12.74-60.64.104.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-xen-3.12.74-60.64.104.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-xen-base-3.12.74-60.64.104.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-xen-devel-3.12.74-60.64.104.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kgraft-patch-3_12_74-60_64_104-default-1-2.5.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kgraft-patch-3_12_74-60_64_104-xen-1-2.5.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 5, baseSeverity: "MEDIUM", vectorString: "CVSS:3.0/AV:L/AC:L/PR:L/UI:R/S:U/C:N/I:N/A:H", version: "3.0", }, products: [ "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-3.12.74-60.64.104.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-base-3.12.74-60.64.104.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-devel-3.12.74-60.64.104.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-devel-3.12.74-60.64.104.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-macros-3.12.74-60.64.104.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-source-3.12.74-60.64.104.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-syms-3.12.74-60.64.104.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-xen-3.12.74-60.64.104.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-xen-base-3.12.74-60.64.104.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-xen-devel-3.12.74-60.64.104.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kgraft-patch-3_12_74-60_64_104-default-1-2.5.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kgraft-patch-3_12_74-60_64_104-xen-1-2.5.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2019-04-27T13:55:00Z", details: "low", }, ], title: "CVE-2018-10876", }, { cve: "CVE-2018-10877", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2018-10877", }, ], notes: [ { category: "general", text: "Linux kernel ext4 filesystem is vulnerable to an out-of-bound access in the ext4_ext_drop_refs() function when operating on a crafted ext4 filesystem image.", title: "CVE description", }, ], product_status: { recommended: [ "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-3.12.74-60.64.104.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-base-3.12.74-60.64.104.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-devel-3.12.74-60.64.104.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-devel-3.12.74-60.64.104.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-macros-3.12.74-60.64.104.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-source-3.12.74-60.64.104.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-syms-3.12.74-60.64.104.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-xen-3.12.74-60.64.104.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-xen-base-3.12.74-60.64.104.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-xen-devel-3.12.74-60.64.104.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kgraft-patch-3_12_74-60_64_104-default-1-2.5.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kgraft-patch-3_12_74-60_64_104-xen-1-2.5.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2018-10877", url: "https://www.suse.com/security/cve/CVE-2018-10877", }, { category: "external", summary: "SUSE Bug 1087082 for CVE-2018-10877", url: "https://bugzilla.suse.com/1087082", }, { category: "external", summary: "SUSE Bug 1099846 for CVE-2018-10877", url: "https://bugzilla.suse.com/1099846", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-3.12.74-60.64.104.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-base-3.12.74-60.64.104.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-devel-3.12.74-60.64.104.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-devel-3.12.74-60.64.104.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-macros-3.12.74-60.64.104.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-source-3.12.74-60.64.104.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-syms-3.12.74-60.64.104.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-xen-3.12.74-60.64.104.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-xen-base-3.12.74-60.64.104.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-xen-devel-3.12.74-60.64.104.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kgraft-patch-3_12_74-60_64_104-default-1-2.5.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kgraft-patch-3_12_74-60_64_104-xen-1-2.5.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 6.7, baseSeverity: "MEDIUM", vectorString: "CVSS:3.0/AV:L/AC:H/PR:L/UI:R/S:U/C:H/I:H/A:H", version: "3.0", }, products: [ "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-3.12.74-60.64.104.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-base-3.12.74-60.64.104.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-devel-3.12.74-60.64.104.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-devel-3.12.74-60.64.104.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-macros-3.12.74-60.64.104.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-source-3.12.74-60.64.104.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-syms-3.12.74-60.64.104.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-xen-3.12.74-60.64.104.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-xen-base-3.12.74-60.64.104.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-xen-devel-3.12.74-60.64.104.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kgraft-patch-3_12_74-60_64_104-default-1-2.5.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kgraft-patch-3_12_74-60_64_104-xen-1-2.5.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2019-04-27T13:55:00Z", details: "low", }, ], title: "CVE-2018-10877", }, { cve: "CVE-2018-10878", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2018-10878", }, ], notes: [ { category: "general", text: "A flaw was found in the Linux kernel's ext4 filesystem. A local user can cause an out-of-bounds write and a denial of service or unspecified other impact is possible by mounting and operating a crafted ext4 filesystem image.", title: "CVE description", }, ], product_status: { recommended: [ "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-3.12.74-60.64.104.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-base-3.12.74-60.64.104.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-devel-3.12.74-60.64.104.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-devel-3.12.74-60.64.104.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-macros-3.12.74-60.64.104.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-source-3.12.74-60.64.104.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-syms-3.12.74-60.64.104.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-xen-3.12.74-60.64.104.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-xen-base-3.12.74-60.64.104.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-xen-devel-3.12.74-60.64.104.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kgraft-patch-3_12_74-60_64_104-default-1-2.5.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kgraft-patch-3_12_74-60_64_104-xen-1-2.5.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2018-10878", url: "https://www.suse.com/security/cve/CVE-2018-10878", }, { category: "external", summary: "SUSE Bug 1087082 for CVE-2018-10878", url: "https://bugzilla.suse.com/1087082", }, { category: "external", summary: "SUSE Bug 1099813 for CVE-2018-10878", url: "https://bugzilla.suse.com/1099813", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-3.12.74-60.64.104.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-base-3.12.74-60.64.104.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-devel-3.12.74-60.64.104.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-devel-3.12.74-60.64.104.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-macros-3.12.74-60.64.104.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-source-3.12.74-60.64.104.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-syms-3.12.74-60.64.104.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-xen-3.12.74-60.64.104.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-xen-base-3.12.74-60.64.104.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-xen-devel-3.12.74-60.64.104.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kgraft-patch-3_12_74-60_64_104-default-1-2.5.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kgraft-patch-3_12_74-60_64_104-xen-1-2.5.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 6.6, baseSeverity: "MEDIUM", vectorString: "CVSS:3.0/AV:L/AC:L/PR:L/UI:R/S:U/C:N/I:H/A:H", version: "3.0", }, products: [ "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-3.12.74-60.64.104.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-base-3.12.74-60.64.104.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-devel-3.12.74-60.64.104.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-devel-3.12.74-60.64.104.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-macros-3.12.74-60.64.104.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-source-3.12.74-60.64.104.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-syms-3.12.74-60.64.104.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-xen-3.12.74-60.64.104.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-xen-base-3.12.74-60.64.104.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-xen-devel-3.12.74-60.64.104.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kgraft-patch-3_12_74-60_64_104-default-1-2.5.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kgraft-patch-3_12_74-60_64_104-xen-1-2.5.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2019-04-27T13:55:00Z", details: "moderate", }, ], title: "CVE-2018-10878", }, { cve: "CVE-2018-10879", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2018-10879", }, ], notes: [ { category: "general", text: "A flaw was found in the Linux kernel's ext4 filesystem. A local user can cause a use-after-free in ext4_xattr_set_entry function and a denial of service or unspecified other impact may occur by renaming a file in a crafted ext4 filesystem image.", title: "CVE description", }, ], product_status: { recommended: [ "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-3.12.74-60.64.104.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-base-3.12.74-60.64.104.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-devel-3.12.74-60.64.104.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-devel-3.12.74-60.64.104.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-macros-3.12.74-60.64.104.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-source-3.12.74-60.64.104.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-syms-3.12.74-60.64.104.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-xen-3.12.74-60.64.104.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-xen-base-3.12.74-60.64.104.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-xen-devel-3.12.74-60.64.104.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kgraft-patch-3_12_74-60_64_104-default-1-2.5.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kgraft-patch-3_12_74-60_64_104-xen-1-2.5.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2018-10879", url: "https://www.suse.com/security/cve/CVE-2018-10879", }, { category: "external", summary: "SUSE Bug 1087082 for CVE-2018-10879", url: "https://bugzilla.suse.com/1087082", }, { category: "external", summary: "SUSE Bug 1099844 for CVE-2018-10879", url: "https://bugzilla.suse.com/1099844", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-3.12.74-60.64.104.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-base-3.12.74-60.64.104.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-devel-3.12.74-60.64.104.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-devel-3.12.74-60.64.104.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-macros-3.12.74-60.64.104.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-source-3.12.74-60.64.104.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-syms-3.12.74-60.64.104.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-xen-3.12.74-60.64.104.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-xen-base-3.12.74-60.64.104.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-xen-devel-3.12.74-60.64.104.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kgraft-patch-3_12_74-60_64_104-default-1-2.5.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kgraft-patch-3_12_74-60_64_104-xen-1-2.5.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 5, baseSeverity: "MEDIUM", vectorString: "CVSS:3.0/AV:L/AC:L/PR:L/UI:R/S:U/C:N/I:N/A:H", version: "3.0", }, products: [ "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-3.12.74-60.64.104.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-base-3.12.74-60.64.104.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-devel-3.12.74-60.64.104.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-devel-3.12.74-60.64.104.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-macros-3.12.74-60.64.104.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-source-3.12.74-60.64.104.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-syms-3.12.74-60.64.104.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-xen-3.12.74-60.64.104.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-xen-base-3.12.74-60.64.104.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-xen-devel-3.12.74-60.64.104.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kgraft-patch-3_12_74-60_64_104-default-1-2.5.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kgraft-patch-3_12_74-60_64_104-xen-1-2.5.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2019-04-27T13:55:00Z", details: "moderate", }, ], title: "CVE-2018-10879", }, { cve: "CVE-2018-10880", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2018-10880", }, ], notes: [ { category: "general", text: "Linux kernel is vulnerable to a stack-out-of-bounds write in the ext4 filesystem code when mounting and writing to a crafted ext4 image in ext4_update_inline_data(). An attacker could use this to cause a system crash and a denial of service.", title: "CVE description", }, ], product_status: { recommended: [ "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-3.12.74-60.64.104.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-base-3.12.74-60.64.104.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-devel-3.12.74-60.64.104.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-devel-3.12.74-60.64.104.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-macros-3.12.74-60.64.104.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-source-3.12.74-60.64.104.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-syms-3.12.74-60.64.104.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-xen-3.12.74-60.64.104.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-xen-base-3.12.74-60.64.104.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-xen-devel-3.12.74-60.64.104.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kgraft-patch-3_12_74-60_64_104-default-1-2.5.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kgraft-patch-3_12_74-60_64_104-xen-1-2.5.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2018-10880", url: "https://www.suse.com/security/cve/CVE-2018-10880", }, { category: "external", summary: "SUSE Bug 1087082 for CVE-2018-10880", url: "https://bugzilla.suse.com/1087082", }, { category: "external", summary: "SUSE Bug 1099845 for CVE-2018-10880", url: "https://bugzilla.suse.com/1099845", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-3.12.74-60.64.104.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-base-3.12.74-60.64.104.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-devel-3.12.74-60.64.104.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-devel-3.12.74-60.64.104.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-macros-3.12.74-60.64.104.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-source-3.12.74-60.64.104.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-syms-3.12.74-60.64.104.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-xen-3.12.74-60.64.104.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-xen-base-3.12.74-60.64.104.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-xen-devel-3.12.74-60.64.104.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kgraft-patch-3_12_74-60_64_104-default-1-2.5.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kgraft-patch-3_12_74-60_64_104-xen-1-2.5.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 5.6, baseSeverity: "MEDIUM", vectorString: "CVSS:3.0/AV:L/AC:L/PR:L/UI:R/S:U/C:N/I:L/A:H", version: "3.0", }, products: [ "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-3.12.74-60.64.104.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-base-3.12.74-60.64.104.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-devel-3.12.74-60.64.104.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-devel-3.12.74-60.64.104.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-macros-3.12.74-60.64.104.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-source-3.12.74-60.64.104.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-syms-3.12.74-60.64.104.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-xen-3.12.74-60.64.104.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-xen-base-3.12.74-60.64.104.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-xen-devel-3.12.74-60.64.104.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kgraft-patch-3_12_74-60_64_104-default-1-2.5.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kgraft-patch-3_12_74-60_64_104-xen-1-2.5.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2019-04-27T13:55:00Z", details: "moderate", }, ], title: "CVE-2018-10880", }, { cve: "CVE-2018-10881", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2018-10881", }, ], notes: [ { category: "general", text: "A flaw was found in the Linux kernel's ext4 filesystem. A local user can cause an out-of-bound access in ext4_get_group_info function, a denial of service, and a system crash by mounting and operating on a crafted ext4 filesystem image.", title: "CVE description", }, ], product_status: { recommended: [ "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-3.12.74-60.64.104.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-base-3.12.74-60.64.104.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-devel-3.12.74-60.64.104.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-devel-3.12.74-60.64.104.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-macros-3.12.74-60.64.104.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-source-3.12.74-60.64.104.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-syms-3.12.74-60.64.104.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-xen-3.12.74-60.64.104.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-xen-base-3.12.74-60.64.104.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-xen-devel-3.12.74-60.64.104.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kgraft-patch-3_12_74-60_64_104-default-1-2.5.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kgraft-patch-3_12_74-60_64_104-xen-1-2.5.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2018-10881", url: "https://www.suse.com/security/cve/CVE-2018-10881", }, { category: "external", summary: "SUSE Bug 1087082 for CVE-2018-10881", url: "https://bugzilla.suse.com/1087082", }, { category: "external", summary: "SUSE Bug 1099864 for CVE-2018-10881", url: "https://bugzilla.suse.com/1099864", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-3.12.74-60.64.104.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-base-3.12.74-60.64.104.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-devel-3.12.74-60.64.104.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-devel-3.12.74-60.64.104.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-macros-3.12.74-60.64.104.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-source-3.12.74-60.64.104.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-syms-3.12.74-60.64.104.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-xen-3.12.74-60.64.104.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-xen-base-3.12.74-60.64.104.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-xen-devel-3.12.74-60.64.104.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kgraft-patch-3_12_74-60_64_104-default-1-2.5.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kgraft-patch-3_12_74-60_64_104-xen-1-2.5.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 5, baseSeverity: "MEDIUM", vectorString: "CVSS:3.0/AV:L/AC:L/PR:L/UI:R/S:U/C:N/I:N/A:H", version: "3.0", }, products: [ "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-3.12.74-60.64.104.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-base-3.12.74-60.64.104.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-devel-3.12.74-60.64.104.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-devel-3.12.74-60.64.104.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-macros-3.12.74-60.64.104.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-source-3.12.74-60.64.104.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-syms-3.12.74-60.64.104.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-xen-3.12.74-60.64.104.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-xen-base-3.12.74-60.64.104.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-xen-devel-3.12.74-60.64.104.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kgraft-patch-3_12_74-60_64_104-default-1-2.5.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kgraft-patch-3_12_74-60_64_104-xen-1-2.5.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2019-04-27T13:55:00Z", details: "moderate", }, ], title: "CVE-2018-10881", }, { cve: "CVE-2018-10882", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2018-10882", }, ], notes: [ { category: "general", text: "A flaw was found in the Linux kernel's ext4 filesystem. A local user can cause an out-of-bound write in in fs/jbd2/transaction.c code, a denial of service, and a system crash by unmounting a crafted ext4 filesystem image.", title: "CVE description", }, ], product_status: { recommended: [ "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-3.12.74-60.64.104.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-base-3.12.74-60.64.104.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-devel-3.12.74-60.64.104.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-devel-3.12.74-60.64.104.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-macros-3.12.74-60.64.104.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-source-3.12.74-60.64.104.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-syms-3.12.74-60.64.104.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-xen-3.12.74-60.64.104.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-xen-base-3.12.74-60.64.104.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-xen-devel-3.12.74-60.64.104.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kgraft-patch-3_12_74-60_64_104-default-1-2.5.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kgraft-patch-3_12_74-60_64_104-xen-1-2.5.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2018-10882", url: "https://www.suse.com/security/cve/CVE-2018-10882", }, { category: "external", summary: "SUSE Bug 1087082 for CVE-2018-10882", url: "https://bugzilla.suse.com/1087082", }, { category: "external", summary: "SUSE Bug 1099849 for CVE-2018-10882", url: "https://bugzilla.suse.com/1099849", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-3.12.74-60.64.104.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-base-3.12.74-60.64.104.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-devel-3.12.74-60.64.104.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-devel-3.12.74-60.64.104.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-macros-3.12.74-60.64.104.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-source-3.12.74-60.64.104.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-syms-3.12.74-60.64.104.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-xen-3.12.74-60.64.104.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-xen-base-3.12.74-60.64.104.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-xen-devel-3.12.74-60.64.104.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kgraft-patch-3_12_74-60_64_104-default-1-2.5.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kgraft-patch-3_12_74-60_64_104-xen-1-2.5.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 5, baseSeverity: "MEDIUM", vectorString: "CVSS:3.0/AV:L/AC:L/PR:L/UI:R/S:U/C:N/I:N/A:H", version: "3.0", }, products: [ "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-3.12.74-60.64.104.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-base-3.12.74-60.64.104.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-devel-3.12.74-60.64.104.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-devel-3.12.74-60.64.104.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-macros-3.12.74-60.64.104.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-source-3.12.74-60.64.104.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-syms-3.12.74-60.64.104.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-xen-3.12.74-60.64.104.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-xen-base-3.12.74-60.64.104.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-xen-devel-3.12.74-60.64.104.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kgraft-patch-3_12_74-60_64_104-default-1-2.5.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kgraft-patch-3_12_74-60_64_104-xen-1-2.5.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2019-04-27T13:55:00Z", details: "moderate", }, ], title: "CVE-2018-10882", }, { cve: "CVE-2018-10883", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2018-10883", }, ], notes: [ { category: "general", text: "A flaw was found in the Linux kernel's ext4 filesystem. A local user can cause an out-of-bounds write in jbd2_journal_dirty_metadata(), a denial of service, and a system crash by mounting and operating on a crafted ext4 filesystem image.", title: "CVE description", }, ], product_status: { recommended: [ "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-3.12.74-60.64.104.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-base-3.12.74-60.64.104.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-devel-3.12.74-60.64.104.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-devel-3.12.74-60.64.104.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-macros-3.12.74-60.64.104.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-source-3.12.74-60.64.104.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-syms-3.12.74-60.64.104.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-xen-3.12.74-60.64.104.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-xen-base-3.12.74-60.64.104.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-xen-devel-3.12.74-60.64.104.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kgraft-patch-3_12_74-60_64_104-default-1-2.5.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kgraft-patch-3_12_74-60_64_104-xen-1-2.5.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2018-10883", url: "https://www.suse.com/security/cve/CVE-2018-10883", }, { category: "external", summary: "SUSE Bug 1087082 for CVE-2018-10883", url: "https://bugzilla.suse.com/1087082", }, { category: "external", summary: "SUSE Bug 1099863 for CVE-2018-10883", url: "https://bugzilla.suse.com/1099863", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-3.12.74-60.64.104.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-base-3.12.74-60.64.104.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-devel-3.12.74-60.64.104.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-devel-3.12.74-60.64.104.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-macros-3.12.74-60.64.104.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-source-3.12.74-60.64.104.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-syms-3.12.74-60.64.104.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-xen-3.12.74-60.64.104.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-xen-base-3.12.74-60.64.104.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-xen-devel-3.12.74-60.64.104.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kgraft-patch-3_12_74-60_64_104-default-1-2.5.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kgraft-patch-3_12_74-60_64_104-xen-1-2.5.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 5, baseSeverity: "MEDIUM", vectorString: "CVSS:3.0/AV:L/AC:L/PR:L/UI:R/S:U/C:N/I:N/A:H", version: "3.0", }, products: [ "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-3.12.74-60.64.104.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-base-3.12.74-60.64.104.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-devel-3.12.74-60.64.104.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-devel-3.12.74-60.64.104.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-macros-3.12.74-60.64.104.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-source-3.12.74-60.64.104.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-syms-3.12.74-60.64.104.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-xen-3.12.74-60.64.104.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-xen-base-3.12.74-60.64.104.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-xen-devel-3.12.74-60.64.104.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kgraft-patch-3_12_74-60_64_104-default-1-2.5.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kgraft-patch-3_12_74-60_64_104-xen-1-2.5.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2019-04-27T13:55:00Z", details: "moderate", }, ], title: "CVE-2018-10883", }, { cve: "CVE-2018-10902", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2018-10902", }, ], notes: [ { category: "general", text: "It was found that the raw midi kernel driver does not protect against concurrent access which leads to a double realloc (double free) in snd_rawmidi_input_params() and snd_rawmidi_output_status() which are part of snd_rawmidi_ioctl() handler in rawmidi.c file. A malicious local attacker could possibly use this for privilege escalation.", title: "CVE description", }, ], product_status: { recommended: [ "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-3.12.74-60.64.104.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-base-3.12.74-60.64.104.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-devel-3.12.74-60.64.104.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-devel-3.12.74-60.64.104.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-macros-3.12.74-60.64.104.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-source-3.12.74-60.64.104.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-syms-3.12.74-60.64.104.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-xen-3.12.74-60.64.104.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-xen-base-3.12.74-60.64.104.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-xen-devel-3.12.74-60.64.104.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kgraft-patch-3_12_74-60_64_104-default-1-2.5.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kgraft-patch-3_12_74-60_64_104-xen-1-2.5.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2018-10902", url: "https://www.suse.com/security/cve/CVE-2018-10902", }, { category: "external", summary: "SUSE Bug 1105322 for CVE-2018-10902", url: "https://bugzilla.suse.com/1105322", }, { category: "external", summary: "SUSE Bug 1105323 for CVE-2018-10902", url: "https://bugzilla.suse.com/1105323", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-3.12.74-60.64.104.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-base-3.12.74-60.64.104.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-devel-3.12.74-60.64.104.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-devel-3.12.74-60.64.104.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-macros-3.12.74-60.64.104.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-source-3.12.74-60.64.104.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-syms-3.12.74-60.64.104.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-xen-3.12.74-60.64.104.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-xen-base-3.12.74-60.64.104.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-xen-devel-3.12.74-60.64.104.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kgraft-patch-3_12_74-60_64_104-default-1-2.5.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kgraft-patch-3_12_74-60_64_104-xen-1-2.5.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 7, baseSeverity: "HIGH", vectorString: "CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H", version: "3.0", }, products: [ "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-3.12.74-60.64.104.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-base-3.12.74-60.64.104.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-devel-3.12.74-60.64.104.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-devel-3.12.74-60.64.104.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-macros-3.12.74-60.64.104.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-source-3.12.74-60.64.104.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-syms-3.12.74-60.64.104.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-xen-3.12.74-60.64.104.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-xen-base-3.12.74-60.64.104.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-xen-devel-3.12.74-60.64.104.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kgraft-patch-3_12_74-60_64_104-default-1-2.5.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kgraft-patch-3_12_74-60_64_104-xen-1-2.5.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2019-04-27T13:55:00Z", details: "moderate", }, ], title: "CVE-2018-10902", }, { cve: "CVE-2018-10940", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2018-10940", }, ], notes: [ { category: "general", text: "The cdrom_ioctl_media_changed function in drivers/cdrom/cdrom.c in the Linux kernel before 4.16.6 allows local attackers to use a incorrect bounds check in the CDROM driver CDROM_MEDIA_CHANGED ioctl to read out kernel memory.", title: "CVE description", }, ], product_status: { recommended: [ "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-3.12.74-60.64.104.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-base-3.12.74-60.64.104.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-devel-3.12.74-60.64.104.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-devel-3.12.74-60.64.104.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-macros-3.12.74-60.64.104.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-source-3.12.74-60.64.104.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-syms-3.12.74-60.64.104.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-xen-3.12.74-60.64.104.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-xen-base-3.12.74-60.64.104.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-xen-devel-3.12.74-60.64.104.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kgraft-patch-3_12_74-60_64_104-default-1-2.5.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kgraft-patch-3_12_74-60_64_104-xen-1-2.5.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2018-10940", url: "https://www.suse.com/security/cve/CVE-2018-10940", }, { category: "external", summary: "SUSE Bug 1087082 for CVE-2018-10940", url: "https://bugzilla.suse.com/1087082", }, { category: "external", summary: "SUSE Bug 1092903 for CVE-2018-10940", url: "https://bugzilla.suse.com/1092903", }, { category: "external", summary: "SUSE Bug 1107689 for CVE-2018-10940", url: "https://bugzilla.suse.com/1107689", }, { category: "external", summary: "SUSE Bug 1113751 for CVE-2018-10940", url: "https://bugzilla.suse.com/1113751", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-3.12.74-60.64.104.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-base-3.12.74-60.64.104.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-devel-3.12.74-60.64.104.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-devel-3.12.74-60.64.104.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-macros-3.12.74-60.64.104.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-source-3.12.74-60.64.104.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-syms-3.12.74-60.64.104.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-xen-3.12.74-60.64.104.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-xen-base-3.12.74-60.64.104.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-xen-devel-3.12.74-60.64.104.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kgraft-patch-3_12_74-60_64_104-default-1-2.5.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kgraft-patch-3_12_74-60_64_104-xen-1-2.5.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 6.2, baseSeverity: "MEDIUM", vectorString: "CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N", version: "3.0", }, products: [ "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-3.12.74-60.64.104.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-base-3.12.74-60.64.104.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-devel-3.12.74-60.64.104.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-devel-3.12.74-60.64.104.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-macros-3.12.74-60.64.104.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-source-3.12.74-60.64.104.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-syms-3.12.74-60.64.104.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-xen-3.12.74-60.64.104.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-xen-base-3.12.74-60.64.104.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-xen-devel-3.12.74-60.64.104.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kgraft-patch-3_12_74-60_64_104-default-1-2.5.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kgraft-patch-3_12_74-60_64_104-xen-1-2.5.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2019-04-27T13:55:00Z", details: "moderate", }, ], title: "CVE-2018-10940", }, { cve: "CVE-2018-12896", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2018-12896", }, ], notes: [ { category: "general", text: "An issue was discovered in the Linux kernel through 4.17.3. An Integer Overflow in kernel/time/posix-timers.c in the POSIX timer code is caused by the way the overrun accounting works. Depending on interval and expiry time values, the overrun can be larger than INT_MAX, but the accounting is int based. This basically makes the accounting values, which are visible to user space via timer_getoverrun(2) and siginfo::si_overrun, random. For example, a local user can cause a denial of service (signed integer overflow) via crafted mmap, futex, timer_create, and timer_settime system calls.", title: "CVE description", }, ], product_status: { recommended: [ "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-3.12.74-60.64.104.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-base-3.12.74-60.64.104.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-devel-3.12.74-60.64.104.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-devel-3.12.74-60.64.104.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-macros-3.12.74-60.64.104.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-source-3.12.74-60.64.104.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-syms-3.12.74-60.64.104.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-xen-3.12.74-60.64.104.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-xen-base-3.12.74-60.64.104.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-xen-devel-3.12.74-60.64.104.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kgraft-patch-3_12_74-60_64_104-default-1-2.5.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kgraft-patch-3_12_74-60_64_104-xen-1-2.5.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2018-12896", url: "https://www.suse.com/security/cve/CVE-2018-12896", }, { category: "external", summary: "SUSE Bug 1099922 for CVE-2018-12896", url: "https://bugzilla.suse.com/1099922", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-3.12.74-60.64.104.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-base-3.12.74-60.64.104.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-devel-3.12.74-60.64.104.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-devel-3.12.74-60.64.104.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-macros-3.12.74-60.64.104.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-source-3.12.74-60.64.104.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-syms-3.12.74-60.64.104.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-xen-3.12.74-60.64.104.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-xen-base-3.12.74-60.64.104.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-xen-devel-3.12.74-60.64.104.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kgraft-patch-3_12_74-60_64_104-default-1-2.5.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kgraft-patch-3_12_74-60_64_104-xen-1-2.5.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 3.3, baseSeverity: "LOW", vectorString: "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L", version: "3.0", }, products: [ "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-3.12.74-60.64.104.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-base-3.12.74-60.64.104.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-devel-3.12.74-60.64.104.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-devel-3.12.74-60.64.104.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-macros-3.12.74-60.64.104.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-source-3.12.74-60.64.104.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-syms-3.12.74-60.64.104.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-xen-3.12.74-60.64.104.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-xen-base-3.12.74-60.64.104.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-xen-devel-3.12.74-60.64.104.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kgraft-patch-3_12_74-60_64_104-default-1-2.5.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kgraft-patch-3_12_74-60_64_104-xen-1-2.5.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2019-04-27T13:55:00Z", details: "low", }, ], title: "CVE-2018-12896", }, { cve: "CVE-2018-13093", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2018-13093", }, ], notes: [ { category: "general", text: "An issue was discovered in fs/xfs/xfs_icache.c in the Linux kernel through 4.17.3. There is a NULL pointer dereference and panic in lookup_slow() on a NULL inode->i_ops pointer when doing pathwalks on a corrupted xfs image. This occurs because of a lack of proper validation that cached inodes are free during allocation.", title: "CVE description", }, ], product_status: { recommended: [ "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-3.12.74-60.64.104.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-base-3.12.74-60.64.104.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-devel-3.12.74-60.64.104.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-devel-3.12.74-60.64.104.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-macros-3.12.74-60.64.104.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-source-3.12.74-60.64.104.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-syms-3.12.74-60.64.104.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-xen-3.12.74-60.64.104.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-xen-base-3.12.74-60.64.104.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-xen-devel-3.12.74-60.64.104.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kgraft-patch-3_12_74-60_64_104-default-1-2.5.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kgraft-patch-3_12_74-60_64_104-xen-1-2.5.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2018-13093", url: "https://www.suse.com/security/cve/CVE-2018-13093", }, { category: "external", summary: "SUSE Bug 1100001 for CVE-2018-13093", url: "https://bugzilla.suse.com/1100001", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-3.12.74-60.64.104.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-base-3.12.74-60.64.104.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-devel-3.12.74-60.64.104.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-devel-3.12.74-60.64.104.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-macros-3.12.74-60.64.104.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-source-3.12.74-60.64.104.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-syms-3.12.74-60.64.104.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-xen-3.12.74-60.64.104.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-xen-base-3.12.74-60.64.104.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-xen-devel-3.12.74-60.64.104.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kgraft-patch-3_12_74-60_64_104-default-1-2.5.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kgraft-patch-3_12_74-60_64_104-xen-1-2.5.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 6.1, baseSeverity: "MEDIUM", vectorString: "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:H", version: "3.0", }, products: [ "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-3.12.74-60.64.104.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-base-3.12.74-60.64.104.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-devel-3.12.74-60.64.104.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-devel-3.12.74-60.64.104.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-macros-3.12.74-60.64.104.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-source-3.12.74-60.64.104.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-syms-3.12.74-60.64.104.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-xen-3.12.74-60.64.104.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-xen-base-3.12.74-60.64.104.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-xen-devel-3.12.74-60.64.104.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kgraft-patch-3_12_74-60_64_104-default-1-2.5.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kgraft-patch-3_12_74-60_64_104-xen-1-2.5.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2019-04-27T13:55:00Z", details: "moderate", }, ], title: "CVE-2018-13093", }, { cve: "CVE-2018-14617", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2018-14617", }, ], notes: [ { category: "general", text: "An issue was discovered in the Linux kernel through 4.17.10. There is a NULL pointer dereference and panic in hfsplus_lookup() in fs/hfsplus/dir.c when opening a file (that is purportedly a hard link) in an hfs+ filesystem that has malformed catalog data, and is mounted read-only without a metadata directory.", title: "CVE description", }, ], product_status: { recommended: [ "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-3.12.74-60.64.104.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-base-3.12.74-60.64.104.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-devel-3.12.74-60.64.104.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-devel-3.12.74-60.64.104.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-macros-3.12.74-60.64.104.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-source-3.12.74-60.64.104.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-syms-3.12.74-60.64.104.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-xen-3.12.74-60.64.104.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-xen-base-3.12.74-60.64.104.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-xen-devel-3.12.74-60.64.104.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kgraft-patch-3_12_74-60_64_104-default-1-2.5.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kgraft-patch-3_12_74-60_64_104-xen-1-2.5.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2018-14617", url: "https://www.suse.com/security/cve/CVE-2018-14617", }, { category: "external", summary: "SUSE Bug 1102870 for CVE-2018-14617", url: "https://bugzilla.suse.com/1102870", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-3.12.74-60.64.104.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-base-3.12.74-60.64.104.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-devel-3.12.74-60.64.104.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-devel-3.12.74-60.64.104.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-macros-3.12.74-60.64.104.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-source-3.12.74-60.64.104.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-syms-3.12.74-60.64.104.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-xen-3.12.74-60.64.104.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-xen-base-3.12.74-60.64.104.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-xen-devel-3.12.74-60.64.104.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kgraft-patch-3_12_74-60_64_104-default-1-2.5.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kgraft-patch-3_12_74-60_64_104-xen-1-2.5.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 5.5, baseSeverity: "MEDIUM", vectorString: "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", version: "3.0", }, products: [ "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-3.12.74-60.64.104.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-base-3.12.74-60.64.104.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-devel-3.12.74-60.64.104.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-devel-3.12.74-60.64.104.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-macros-3.12.74-60.64.104.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-source-3.12.74-60.64.104.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-syms-3.12.74-60.64.104.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-xen-3.12.74-60.64.104.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-xen-base-3.12.74-60.64.104.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-xen-devel-3.12.74-60.64.104.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kgraft-patch-3_12_74-60_64_104-default-1-2.5.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kgraft-patch-3_12_74-60_64_104-xen-1-2.5.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2019-04-27T13:55:00Z", details: "moderate", }, ], title: "CVE-2018-14617", }, { cve: "CVE-2018-14634", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2018-14634", }, ], notes: [ { category: "general", text: "An integer overflow flaw was found in the Linux kernel's create_elf_tables() function. An unprivileged local user with access to SUID (or otherwise privileged) binary could use this flaw to escalate their privileges on the system. Kernel versions 2.6.x, 3.10.x and 4.14.x are believed to be vulnerable.", title: "CVE description", }, ], product_status: { recommended: [ "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-3.12.74-60.64.104.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-base-3.12.74-60.64.104.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-devel-3.12.74-60.64.104.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-devel-3.12.74-60.64.104.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-macros-3.12.74-60.64.104.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-source-3.12.74-60.64.104.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-syms-3.12.74-60.64.104.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-xen-3.12.74-60.64.104.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-xen-base-3.12.74-60.64.104.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-xen-devel-3.12.74-60.64.104.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kgraft-patch-3_12_74-60_64_104-default-1-2.5.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kgraft-patch-3_12_74-60_64_104-xen-1-2.5.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2018-14634", url: "https://www.suse.com/security/cve/CVE-2018-14634", }, { category: "external", summary: "SUSE Bug 1108912 for CVE-2018-14634", url: "https://bugzilla.suse.com/1108912", }, { category: "external", summary: "SUSE Bug 1108963 for CVE-2018-14634", url: "https://bugzilla.suse.com/1108963", }, { category: "external", summary: "SUSE Bug 1115893 for CVE-2018-14634", url: "https://bugzilla.suse.com/1115893", }, { category: "external", summary: "SUSE Bug 1120323 for CVE-2018-14634", url: "https://bugzilla.suse.com/1120323", }, { category: "external", summary: "SUSE Bug 1122265 for CVE-2018-14634", url: "https://bugzilla.suse.com/1122265", }, { category: "external", summary: "SUSE Bug 1188063 for CVE-2018-14634", url: "https://bugzilla.suse.com/1188063", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-3.12.74-60.64.104.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-base-3.12.74-60.64.104.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-devel-3.12.74-60.64.104.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-devel-3.12.74-60.64.104.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-macros-3.12.74-60.64.104.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-source-3.12.74-60.64.104.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-syms-3.12.74-60.64.104.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-xen-3.12.74-60.64.104.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-xen-base-3.12.74-60.64.104.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-xen-devel-3.12.74-60.64.104.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kgraft-patch-3_12_74-60_64_104-default-1-2.5.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kgraft-patch-3_12_74-60_64_104-xen-1-2.5.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 7.8, baseSeverity: "HIGH", vectorString: "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", version: "3.0", }, products: [ "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-3.12.74-60.64.104.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-base-3.12.74-60.64.104.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-devel-3.12.74-60.64.104.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-devel-3.12.74-60.64.104.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-macros-3.12.74-60.64.104.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-source-3.12.74-60.64.104.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-syms-3.12.74-60.64.104.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-xen-3.12.74-60.64.104.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-xen-base-3.12.74-60.64.104.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-xen-devel-3.12.74-60.64.104.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kgraft-patch-3_12_74-60_64_104-default-1-2.5.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kgraft-patch-3_12_74-60_64_104-xen-1-2.5.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2019-04-27T13:55:00Z", details: "important", }, ], title: "CVE-2018-14634", }, { cve: "CVE-2018-16276", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2018-16276", }, ], notes: [ { category: "general", text: "An issue was discovered in yurex_read in drivers/usb/misc/yurex.c in the Linux kernel before 4.17.7. Local attackers could use user access read/writes with incorrect bounds checking in the yurex USB driver to crash the kernel or potentially escalate privileges.", title: "CVE description", }, ], product_status: { recommended: [ "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-3.12.74-60.64.104.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-base-3.12.74-60.64.104.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-devel-3.12.74-60.64.104.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-devel-3.12.74-60.64.104.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-macros-3.12.74-60.64.104.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-source-3.12.74-60.64.104.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-syms-3.12.74-60.64.104.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-xen-3.12.74-60.64.104.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-xen-base-3.12.74-60.64.104.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-xen-devel-3.12.74-60.64.104.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kgraft-patch-3_12_74-60_64_104-default-1-2.5.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kgraft-patch-3_12_74-60_64_104-xen-1-2.5.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2018-16276", url: "https://www.suse.com/security/cve/CVE-2018-16276", }, { category: "external", summary: "SUSE Bug 1106095 for CVE-2018-16276", url: "https://bugzilla.suse.com/1106095", }, { category: "external", summary: "SUSE Bug 1115593 for CVE-2018-16276", url: "https://bugzilla.suse.com/1115593", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-3.12.74-60.64.104.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-base-3.12.74-60.64.104.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-devel-3.12.74-60.64.104.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-devel-3.12.74-60.64.104.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-macros-3.12.74-60.64.104.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-source-3.12.74-60.64.104.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-syms-3.12.74-60.64.104.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-xen-3.12.74-60.64.104.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-xen-base-3.12.74-60.64.104.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-xen-devel-3.12.74-60.64.104.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kgraft-patch-3_12_74-60_64_104-default-1-2.5.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kgraft-patch-3_12_74-60_64_104-xen-1-2.5.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 7.3, baseSeverity: "HIGH", vectorString: "CVSS:3.0/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H", version: "3.0", }, products: [ "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-3.12.74-60.64.104.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-base-3.12.74-60.64.104.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-devel-3.12.74-60.64.104.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-devel-3.12.74-60.64.104.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-macros-3.12.74-60.64.104.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-source-3.12.74-60.64.104.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-syms-3.12.74-60.64.104.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-xen-3.12.74-60.64.104.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-xen-base-3.12.74-60.64.104.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-xen-devel-3.12.74-60.64.104.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kgraft-patch-3_12_74-60_64_104-default-1-2.5.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kgraft-patch-3_12_74-60_64_104-xen-1-2.5.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2019-04-27T13:55:00Z", details: "important", }, ], title: "CVE-2018-16276", }, { cve: "CVE-2018-16658", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2018-16658", }, ], notes: [ { category: "general", text: "An issue was discovered in the Linux kernel before 4.18.6. An information leak in cdrom_ioctl_drive_status in drivers/cdrom/cdrom.c could be used by local attackers to read kernel memory because a cast from unsigned long to int interferes with bounds checking. This is similar to CVE-2018-10940.", title: "CVE description", }, ], product_status: { recommended: [ "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-3.12.74-60.64.104.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-base-3.12.74-60.64.104.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-devel-3.12.74-60.64.104.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-devel-3.12.74-60.64.104.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-macros-3.12.74-60.64.104.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-source-3.12.74-60.64.104.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-syms-3.12.74-60.64.104.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-xen-3.12.74-60.64.104.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-xen-base-3.12.74-60.64.104.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-xen-devel-3.12.74-60.64.104.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kgraft-patch-3_12_74-60_64_104-default-1-2.5.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kgraft-patch-3_12_74-60_64_104-xen-1-2.5.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2018-16658", url: "https://www.suse.com/security/cve/CVE-2018-16658", }, { category: "external", summary: "SUSE Bug 1092903 for CVE-2018-16658", url: "https://bugzilla.suse.com/1092903", }, { category: "external", summary: "SUSE Bug 1107689 for CVE-2018-16658", url: "https://bugzilla.suse.com/1107689", }, { category: "external", summary: "SUSE Bug 1113751 for CVE-2018-16658", url: "https://bugzilla.suse.com/1113751", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-3.12.74-60.64.104.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-base-3.12.74-60.64.104.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-devel-3.12.74-60.64.104.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-devel-3.12.74-60.64.104.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-macros-3.12.74-60.64.104.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-source-3.12.74-60.64.104.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-syms-3.12.74-60.64.104.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-xen-3.12.74-60.64.104.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-xen-base-3.12.74-60.64.104.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-xen-devel-3.12.74-60.64.104.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kgraft-patch-3_12_74-60_64_104-default-1-2.5.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kgraft-patch-3_12_74-60_64_104-xen-1-2.5.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 4, baseSeverity: "MEDIUM", vectorString: "CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N", version: "3.0", }, products: [ "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-3.12.74-60.64.104.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-base-3.12.74-60.64.104.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-devel-3.12.74-60.64.104.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-devel-3.12.74-60.64.104.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-macros-3.12.74-60.64.104.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-source-3.12.74-60.64.104.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-syms-3.12.74-60.64.104.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-xen-3.12.74-60.64.104.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-xen-base-3.12.74-60.64.104.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-xen-devel-3.12.74-60.64.104.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kgraft-patch-3_12_74-60_64_104-default-1-2.5.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kgraft-patch-3_12_74-60_64_104-xen-1-2.5.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2019-04-27T13:55:00Z", details: "low", }, ], title: "CVE-2018-16658", }, { cve: "CVE-2018-6554", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2018-6554", }, ], notes: [ { category: "general", text: "Memory leak in the irda_bind function in net/irda/af_irda.c and later in drivers/staging/irda/net/af_irda.c in the Linux kernel before 4.17 allows local users to cause a denial of service (memory consumption) by repeatedly binding an AF_IRDA socket.", title: "CVE description", }, ], product_status: { recommended: [ "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-3.12.74-60.64.104.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-base-3.12.74-60.64.104.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-devel-3.12.74-60.64.104.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-devel-3.12.74-60.64.104.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-macros-3.12.74-60.64.104.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-source-3.12.74-60.64.104.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-syms-3.12.74-60.64.104.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-xen-3.12.74-60.64.104.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-xen-base-3.12.74-60.64.104.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-xen-devel-3.12.74-60.64.104.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kgraft-patch-3_12_74-60_64_104-default-1-2.5.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kgraft-patch-3_12_74-60_64_104-xen-1-2.5.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2018-6554", url: "https://www.suse.com/security/cve/CVE-2018-6554", }, { category: "external", summary: "SUSE Bug 1106509 for CVE-2018-6554", url: "https://bugzilla.suse.com/1106509", }, { category: "external", summary: "SUSE Bug 1106511 for CVE-2018-6554", url: "https://bugzilla.suse.com/1106511", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-3.12.74-60.64.104.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-base-3.12.74-60.64.104.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-devel-3.12.74-60.64.104.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-devel-3.12.74-60.64.104.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-macros-3.12.74-60.64.104.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-source-3.12.74-60.64.104.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-syms-3.12.74-60.64.104.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-xen-3.12.74-60.64.104.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-xen-base-3.12.74-60.64.104.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-xen-devel-3.12.74-60.64.104.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kgraft-patch-3_12_74-60_64_104-default-1-2.5.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kgraft-patch-3_12_74-60_64_104-xen-1-2.5.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 3.3, baseSeverity: "LOW", vectorString: "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L", version: "3.0", }, products: [ "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-3.12.74-60.64.104.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-base-3.12.74-60.64.104.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-devel-3.12.74-60.64.104.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-devel-3.12.74-60.64.104.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-macros-3.12.74-60.64.104.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-source-3.12.74-60.64.104.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-syms-3.12.74-60.64.104.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-xen-3.12.74-60.64.104.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-xen-base-3.12.74-60.64.104.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-xen-devel-3.12.74-60.64.104.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kgraft-patch-3_12_74-60_64_104-default-1-2.5.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kgraft-patch-3_12_74-60_64_104-xen-1-2.5.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2019-04-27T13:55:00Z", details: "low", }, ], title: "CVE-2018-6554", }, { cve: "CVE-2018-6555", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2018-6555", }, ], notes: [ { category: "general", text: "The irda_setsockopt function in net/irda/af_irda.c and later in drivers/staging/irda/net/af_irda.c in the Linux kernel before 4.17 allows local users to cause a denial of service (ias_object use-after-free and system crash) or possibly have unspecified other impact via an AF_IRDA socket.", title: "CVE description", }, ], product_status: { recommended: [ "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-3.12.74-60.64.104.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-base-3.12.74-60.64.104.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-devel-3.12.74-60.64.104.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-devel-3.12.74-60.64.104.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-macros-3.12.74-60.64.104.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-source-3.12.74-60.64.104.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-syms-3.12.74-60.64.104.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-xen-3.12.74-60.64.104.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-xen-base-3.12.74-60.64.104.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-xen-devel-3.12.74-60.64.104.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kgraft-patch-3_12_74-60_64_104-default-1-2.5.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kgraft-patch-3_12_74-60_64_104-xen-1-2.5.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2018-6555", url: "https://www.suse.com/security/cve/CVE-2018-6555", }, { category: "external", summary: "SUSE Bug 1106509 for CVE-2018-6555", url: "https://bugzilla.suse.com/1106509", }, { category: "external", summary: "SUSE Bug 1106511 for CVE-2018-6555", url: "https://bugzilla.suse.com/1106511", }, { category: "external", summary: "SUSE Bug 1115893 for CVE-2018-6555", url: "https://bugzilla.suse.com/1115893", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-3.12.74-60.64.104.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-base-3.12.74-60.64.104.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-devel-3.12.74-60.64.104.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-devel-3.12.74-60.64.104.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-macros-3.12.74-60.64.104.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-source-3.12.74-60.64.104.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-syms-3.12.74-60.64.104.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-xen-3.12.74-60.64.104.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-xen-base-3.12.74-60.64.104.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-xen-devel-3.12.74-60.64.104.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kgraft-patch-3_12_74-60_64_104-default-1-2.5.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kgraft-patch-3_12_74-60_64_104-xen-1-2.5.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 4.4, baseSeverity: "MEDIUM", vectorString: "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:L", version: "3.0", }, products: [ "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-3.12.74-60.64.104.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-base-3.12.74-60.64.104.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-devel-3.12.74-60.64.104.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-devel-3.12.74-60.64.104.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-macros-3.12.74-60.64.104.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-source-3.12.74-60.64.104.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-syms-3.12.74-60.64.104.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-xen-3.12.74-60.64.104.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-xen-base-3.12.74-60.64.104.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-xen-devel-3.12.74-60.64.104.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kgraft-patch-3_12_74-60_64_104-default-1-2.5.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kgraft-patch-3_12_74-60_64_104-xen-1-2.5.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2019-04-27T13:55:00Z", details: "moderate", }, ], title: "CVE-2018-6555", }, ], }
suse-su-2018:3961-1
Vulnerability from csaf_suse
Published
2018-11-30 16:43
Modified
2018-11-30 16:43
Summary
Security update for the Linux Kernel
Notes
Title of the patch
Security update for the Linux Kernel
Description of the patch
The SUSE Linux Enterprise 15 azure kernel was updated to receive various security and bugfixes.
The following security bugs were fixed:
- CVE-2018-9363: Fixed an integer overflow that could have been used for an out of bounds write with no additional execution privileges needed. User interaction is not needed for exploitation (bsc#1105292).
- CVE-2018-6555: The irda_setsockopt function in net/irda/af_irda.c was fixed in drivers/staging/irda/net/af_irda.c that allowed local users to cause a denial of service (ias_object use-after-free and system crash) or possibly have unspecified other impact via an AF_IRDA socket (bsc#1106511).
- CVE-2018-6554: Fixed memory leak in the irda_bind function in net/irda/af_irda.c and later in drivers/staging/irda/net/af_irda.c that allowed local users to cause a denial of service (memory consumption) by repeatedly binding an AF_IRDA socket (bsc#1106509).
- CVE-2018-18710: An information leak was fixed in cdrom_ioctl_select_disc in drivers/cdrom/cdrom.c that could have been used by local attackers to read kernel memory because a cast from unsigned long to int interferes with bounds checking. This is similar to CVE-2018-10940 and CVE-2018-16658 (bsc#1113751).
- CVE-2018-18445: Fixed faulty computation of numeric bounds in the BPF verifier that now permits out-of-bounds memory accesses because adjust_scalar_min_max_vals in kernel/bpf/verifier.c mishandled 32-bit right shifts (bsc#1112372).
- CVE-2018-17182: The vmacache_flush_all function in mm/vmacache.c was fixed that was vulnerable to sequence number overflows. An attacker can trigger a use-after-free (and possibly gain privileges) via certain thread creation, map, unmap, invalidation, and dereference operations. (bsc#1108399).
- CVE-2018-16658: An information leak in cdrom_ioctl_drive_status in drivers/cdrom/cdrom.c was fixed that could have leed to be used by local attackers to read kernel memory because a cast from unsigned long to int interferes with bounds checking. This is similar to CVE-2018-10940 (bsc#1107689).
- CVE-2018-15572: The spectre_v2_select_mitigation function in arch/x86/kernel/cpu/bugs.c was not always fill RSB upon a context switch, which makes it easier for attackers to conduct userspace-userspace spectreRSB attacks. (bsc#1102517)
- CVE-2018-14633: A security flaw was fixed in the chap_server_compute_md5() function in the ISCSI target code in a way an authentication request from an ISCSI initiator is processed. An unauthenticated remote attacker can cause a stack buffer overflow and smash up to 17 bytes of the stack. The attack requires the iSCSI target to be enabled on the victim host. Depending on how the target's code was built (i.e. depending on a compiler, compile flags and hardware architecture) an attack may lead to a system crash and thus to a denial-of-service or possibly to a non-authorized access to data exported by an iSCSI target. Due to the nature of the flaw, privilege escalation cannot be fully ruled out, although we believe it is highly unlikely (bsc#1107829).
- CVE-2018-14617: A NULL pointer dereference and panic in hfsplus_lookup() was fixed when opening a file (that is purportedly a hard link) in an hfs+ filesystem that has malformed catalog data, and is mounted read-only without a metadata directory. (bsc#1102870)
- CVE-2018-14613: An invalid pointer dereference in io_ctl_map_page() was fixed when mounting and operating a crafted btrfs image, because of a lack of block group item validation in check_leaf_item in fs/btrfs/tree-checker.c. (bsc#1102896)
- CVE-2018-13095: A denial of service (memory corruption and BUG) was fixed to prevent a corrupted xfs image upon encountering an inode that is in extent format, but has more extents than fit in the inode fork. (bsc#1099999)
- CVE-2018-13093: A NULL pointer dereference and panic in lookup_slow() on a NULL was fixed to prevent pathwalks on a corrupted xfs image. This occurs because of a lack of proper validation that cached inodes are free during allocation. (bsc#1100001)
- CVE-2018-12896: An integer overflow in the POSIX timer code was fixed to prevent overrun accounting works. Depending on interval and expiry time values, the overrun can be larger than INT_MAX, but the accounting is int based. This basically makes the accounting values, which are visible to user space via timer_getoverrun(2) and siginfo::si_overrun, random. For example, a local user can cause a denial of service (signed integer overflow) via crafted mmap, futex, timer_create, and timer_settime system calls. (bsc#1099922)
- CVE-2018-1129: The signature calculation was fixed to by the cephx authentication protocol. An attacker having access to ceph cluster network who is able to alter the message payload was able to bypass signature checks done by cephx protocol. Ceph branches master, mimic, luminous and jewel are believed to be vulnerable. (bsc#1096748)
- CVE-2018-1128: The cephx authentication protocol was fixed to verify ceph clients correctly and to prevent the vulnerability to replay attack. Any attacker having access to ceph cluster network who is able to sniff packets on network could have used this vulnerability to authenticate with ceph service and perform actions allowed by ceph service. Ceph branches master, mimic, luminous and jewel are believed to be vulnerable (bsc#1096748).
- CVE-2018-10940: The cdrom_ioctl_media_changed function in drivers/cdrom/cdrom.c was fixed to prevent local attackers to use a incorrect bounds check in the CDROM driver CDROM_MEDIA_CHANGED ioctl to read out kernel memory (bsc#1092903).
- CVE-2018-10938: A flaw was fixed how the kernel handled network packet sent remotely by an attacker that may forced the kernel to enter an infinite loop in the cipso_v4_optptr() function in net/ipv4/cipso_ipv4.c leading to a denial-of-service. A certain non-default configuration of LSM (Linux Security Module) and NetLabel should be set up on a system before an attacker could leverage this flaw. (bsc#1106016)
- CVE-2018-10902: The the raw midi kernel driver was fixed to be protected against concurrent access which could have lead to a double realloc (double free) in snd_rawmidi_input_params() and snd_rawmidi_output_status() which are part of snd_rawmidi_ioctl() handler in rawmidi.c file. A malicious local attacker could possibly use this for privilege escalation (bsc#1105322).
- CVE-2017-18224: fs/ocfs2/aops.c omits use of a semaphore and consequently had a race condition for access to the extent tree during read operations in DIRECT mode, which allows local users to cause a denial of service (BUG) by modifying a certain e_cpos field (bsc#1084831).
- CVE-2017-16533: The usbhid_parse function in drivers/hid/usbhid/hid-core.c allowed local users to cause a denial of service (out-of-bounds read and system crash) or possibly have unspecified other impact via a crafted USB device (bsc#1066674).
The following security bug was previously fixed by has now an assigned CVE number:
- CVE-2018-18386: drivers/tty/n_tty.c in the Linux kernel allowed local attackers (who are able to access pseudo terminals) to hang/block further usage of any pseudo terminal devices due to an EXTPROC versus ICANON confusion in TIOCINQ (bnc#1094825).
The following non-security bugs were fixed:
- /dev/mem: Add bounce buffer for copy-out (git-fixes).
- /dev/mem: Avoid overwriting 'err' in read_mem() (git-fixes).
- 9p/net: Fix zero-copy path in the 9p virtio transport (bsc#1051510).
- 9p/virtio: fix off-by-one error in sg list bounds check (bsc#1051510).
- 9p: fix multiple NULL-pointer-dereferences (bsc#1051510).
- ACPI / APEI: Remove ghes_ioremap_area (bsc#1051510).
- ACPI / EC: Add another entry for Thinkpad X1 Carbon 6th (bsc#1051510).
- ACPI / EC: Add parameter to force disable the GPE on suspend (bsc#1051510).
- ACPI / EC: Use ec_no_wakeup on ThinkPad X1 Yoga 3rd (bsc#1051510).
- ACPI / EC: Use ec_no_wakeup on Thinkpad X1 Carbon 6th (bsc#1051510).
- ACPI / EC: Use ec_no_wakeup on more Thinkpad X1 Carbon 6th systems (bsc#1051510).
- ACPI / PCI: pci_link: Allow the absence of _PRS and change log level (bsc#1104172).
- ACPI / PM: save NVS memory for ASUS 1025C laptop (bsc#1051510).
- ACPI / bus: Only call dmi_check_system on X86 (bsc#1105597, bsc#1106178).
- ACPI / processor: Fix the return value of acpi_processor_ids_walk() (bsc#1051510).
- ACPI / scan: Initialize status to ACPI_STA_DEFAULT (bsc#1051510).
- ACPI/IORT: Remove temporary iort_get_id_mapping_index() ACPICA guard (bsc#1103387).
- ACPI/PCI: pci_link: reduce verbosity when IRQ is enabled (bsc#1104172).
- ACPICA: Reference Counts: increase max to 0x4000 for large servers (bsc#1108241).
- ACPICA: iasl: Add SMMUv3 device ID mapping index support (bsc#1103387).
- ALSA: bebob: fix memory leak for M-Audio FW1814 and ProjectMix I/O at error path (bsc#1051510).
- ALSA: bebob: use address returned by kmalloc() instead of kernel stack for streaming DMA mapping (bsc#1051510).
- ALSA: cs46xx: Deliver indirect-PCM transfer error ().
- ALSA: cs5535audio: Fix invalid endian conversion (bsc#1051510).
- ALSA: emu10k1: Deliver indirect-PCM transfer error ().
- ALSA: emu10k1: fix possible info leak to userspace on SNDRV_EMU10K1_IOCTL_INFO (bsc#1051510).
- ALSA: fireface: fix memory leak in ff400_switch_fetching_mode() (bsc#1051510).
- ALSA: firewire-digi00x: fix memory leak of private data (bsc#1051510).
- ALSA: firewire-tascam: fix memory leak of private data (bsc#1051510).
- ALSA: fireworks: fix memory leak of response buffer at error path (bsc#1051510).
- ALSA: hda - Add mic quirk for the Lenovo G50-30 (17aa:3905) (bsc#1051510).
- ALSA: hda - Add quirk for ASUS G751 laptop (bsc#1051510).
- ALSA: hda - Fix cancel_work_sync() stall from jackpoll work (bsc#1051510).
- ALSA: hda - Fix headphone pin config for ASUS G751 (bsc#1051510).
- ALSA: hda - Sleep for 10ms after entering D3 on Conexant codecs (bsc#1051510).
- ALSA: hda - Turn CX8200 into D3 as well upon reboot (bsc#1051510).
- ALSA: hda/realtek - Cannot adjust speaker's volume on Dell XPS 27 7760 (bsc#1051510).
- ALSA: hda/realtek - Fix the problem of the front MIC on the Lenovo M715 (bsc#1051510).
- ALSA: hda: Add 2 more models to the power_save blacklist (bsc#1051510).
- ALSA: hda: Add AZX_DCAPS_PM_RUNTIME for AMD Raven Ridge (bsc#1051510).
- ALSA: hda: Correct Asrock B85M-ITX power_save blacklist entry (bsc#1051510).
- ALSA: hda: fix unused variable warning (bsc#1051510).
- ALSA: memalloc: Do not exceed over the requested size (bsc#1051510).
- ALSA: mips: Deliver indirect-PCM transfer error ().
- ALSA: msnd: Fix the default sample sizes (bsc#1051510).
- ALSA: oxfw: fix memory leak for model-dependent data at error path (bsc#1051510).
- ALSA: oxfw: fix memory leak of discovered stream formats at error path (bsc#1051510).
- ALSA: oxfw: fix memory leak of private data (bsc#1051510).
- ALSA: pcm: Fix negative appl_ptr handling in pcm-indirect helpers ().
- ALSA: pcm: Fix snd_interval_refine first/last with open min/max (bsc#1051510).
- ALSA: pcm: Simplify forward/rewind codes ().
- ALSA: pcm: Use a common helper for PCM state check and hwsync ().
- ALSA: pcm: Workaround for weird PulseAudio behavior on rewind error ().
- ALSA: rme32: Deliver indirect-PCM transfer error ().
- ALSA: usb-audio: Fix multiple definitions in AU0828_DEVICE() macro (bsc#1051510).
- ALSA: usb-audio: update quirk for B W PX to remove microphone (bsc#1051510).
- ALSA: virmidi: Fix too long output trigger loop (bsc#1051510).
- ALSA: vx222: Fix invalid endian conversions (bsc#1051510).
- ALSA: vxpocket: Fix invalid endian conversions (bsc#1051510).
- ARM: 8780/1: ftrace: Only set kernel memory back to read-only after boot (bsc#1051510).
- ARM: 8799/1: mm: fix pci_ioremap_io() offset check (bsc#1051510).
- ARM: DRA7/OMAP5: Enable ACTLR[0] (Enable invalidates of BTB) for secondary cores (bsc#1051510).
- ARM: bcm2835: Add GET_THROTTLED firmware property (bsc#1108468).
- ARM: exynos: Clear global variable on init error path (bsc#1051510).
- ARM: hisi: check of_iomap and fix missing of_node_put (bsc#1051510).
- ARM: hisi: fix error handling and missing of_node_put (bsc#1051510).
- ARM: hisi: handle of_iomap and fix missing of_node_put (bsc#1051510).
- ARM: hwmod: RTC: Do not assume lock/unlock will be called with irq enabled (bsc#1051510).
- ARM: imx: flag failure of of_iomap (bsc#1051510).
- ARM: imx_v4_v5_defconfig: Select ULPI support (bsc#1051510).
- ARM: imx_v6_v7_defconfig: Select ULPI support (bsc#1051510).
- ARM: mvebu: declare asm symbols as character arrays in pmsu.c (bsc#1051510).
- ARM: pxa: irq: fix handling of ICMR registers in suspend/resume (bsc#1051510).
- ASoC: Intel: Skylake: Reset the controller in probe (bsc#1051510).
- ASoC: Intel: cht_bsw_max98090: remove useless code, align with ChromeOS driver (bsc#1051510).
- ASoC: Intel: cht_bsw_max98090_ti: Fix jack initialization (bsc#1051510).
- ASoC: cs4265: fix MMTLR Data switch control (bsc#1051510).
- ASoC: dapm: Fix potential DAI widget pointer deref when linking DAIs (bsc#1051510).
- ASoC: intel: skylake: Add missing break in skl_tplg_get_token() (bsc#1051510).
- ASoC: msm8916-wcd-digital: fix RX2 MIX1 and RX3 MIX1 (bsc#1051510).
- ASoC: rsnd: adg: care clock-frequency size (bsc#1051510).
- ASoC: rsnd: do not fallback to PIO mode when -EPROBE_DEFER (bsc#1051510).
- ASoC: rsnd: fixup not to call clk_get/set under non-atomic (bsc#1051510).
- ASoC: rsnd: move rsnd_ssi_config_init() execute condition into it (bsc#1051510).
- ASoC: rsnd: update pointer more accurate (bsc#1051510).
- ASoC: rt5514: Add the I2S ASRC support (bsc#1051510).
- ASoC: rt5514: Add the missing register in the readable table (bsc#1051510).
- ASoC: rt5514: Eliminate the noise in the ASRC case (bsc#1051510).
- ASoC: rt5514: Fix the issue of the delay volume applied (bsc#1051510).
- ASoC: rt5514: Fix the issue of the delay volume applied again (bsc#1051510).
- ASoC: sigmadsp: safeload should not have lower byte limit (bsc#1051510).
- ASoC: wm8804: Add ACPI support (bsc#1051510).
- ASoC: wm8994: Fix missing break in switch (bsc#1051510).
- Apparmor fixes from git-fixes
- Backport stable-patches for x86 architecture
- Bluetooth: Add a new Realtek 8723DE ID 0bda:b009 (bsc#1051510).
- Bluetooth: Use lock_sock_nested in bt_accept_enqueue (bsc#1051510).
- Bluetooth: avoid killing an already killed socket (bsc#1051510).
- Bluetooth: btsdio: Do not bind to non-removable BCM43430 (bsc#1103587).
- Bluetooth: h5: Fix missing dependency on BT_HCIUART_SERDEV (bsc#1051510).
- Bluetooth: hidp: Fix handling of strncpy for hid->name information (bsc#1051510).
- Bluetooth: hidp: buffer overflow in hidp_process_report (bsc#1051510).
- Btrfs: fix data corruption when deduplicating between different files (bsc#1110647).
- Btrfs: fix duplicate extents after fsync of file with prealloc extents (bsc#1110644).
- Btrfs: fix file data corruption after cloning a range and fsync (bsc#1111901).
- Btrfs: fix fsync after hole punching when using no-holes feature (bsc#1110642).
- Btrfs: fix loss of prealloc extents past i_size after fsync log replay (bsc#1110643).
- Btrfs: fix mount failure after fsync due to hard link recreation (bsc#1103543).
- Btrfs: fix return value on rename exchange failure (bsc#1110645).
- Btrfs: fix send failure when root has deleted files still open (bsc#1110650).
- Btrfs: rework outstanding_extents (dependency for bsc#1031392).
- Btrfs: send, fix invalid access to commit roots due to concurrent snapshotting (bsc#1111904).
- Btrfs: sync log after logging new name (bsc#1110646).
- CIFS: check for STATUS_USER_SESSION_DELETED (bsc#1112902).
- Cleanup out-of-tree subsection
- Disable DRM patches that broke vbox video driver KMP (bsc#1111076)
- Do not leak MNT_INTERNAL away from internal mounts (git-fixes).
- Documentation/l1tf: Fix small spelling typo (bsc#1051510).
- Documentation: add some docs for errseq_t (bsc#1107008).
- Documentation: ip-sysctl.txt: document addr_gen_mode (bsc#1051510).
- Drivers: HV: Send one page worth of kmsg dump over Hyper-V during panic (bsc#1107207).
- Drivers: hv: vmbus: Add comments on ring buffer signaling (bsc#1107207).
- Drivers: hv: vmbus: Cleanup synic memory free path (bsc#1107207).
- Drivers: hv: vmbus: Fix the issue with freeing up hv_ctl_table_hdr (bsc#1107207).
- Drivers: hv: vmbus: Fix the offer_in_progress in vmbus_process_offer() (bsc#1051510).
- Drivers: hv: vmbus: Get rid of MSR access from vmbus_drv.c (bsc#1107207).
- Drivers: hv: vmbus: Implement Direct Mode for stimer0 (bsc#1107207).
- Drivers: hv: vmbus: Make TLFS #define names architecture neutral (bsc#1107207).
- Drivers: hv: vmbus: Remove use of slow_virt_to_phys() (bsc#1107207).
- Drivers: hv: vmbus: Remove x86 MSR refs in arch independent code (bsc#1107207).
- Drivers: hv: vmbus: Remove x86-isms from arch independent drivers (bsc#1107207).
- Drivers: hv: vmbus: Removed an unnecessary cast from void * (bsc#1107207).
- Drivers: hv: vmbus: Reset the channel callback in vmbus_onoffer_rescind() (bsc#1107207).
- Drivers: hv: vmbus: Use get/put_cpu() in vmbus_connect() (bsc#1107207).
- Drivers: hv: vmbus: add numa_node to sysfs (bsc#1107207).
- Drivers: hv: vmbus: do not mark HV_PCIE as perf_device (bsc#1051510).
- Drivers: hv: vmbus: enable VMBus protocol version 5.0 (bsc#1107207).
- Drivers: hv: vmbus: respect what we get from hv_get_synint_state() (bsc#1107207).
- Drivers: hv: vmus: Fix the check for return value from kmsg get dump buffer (bsc#1107207).
- EDAC, ghes: Add DDR4 and NVDIMM memory types (bsc#1099125).
- EDAC, i7core: Fix memleaks and use-after-free on probe and remove (bsc#1051510).
- EDAC, skx: Fix skx_edac build error when ACPI_NFIT=m (bsc#1099125).
- EDAC, skx_edac: Detect non-volatile DIMMs (bsc#1099125).
- EDAC, thunderx: Fix memory leak in thunderx_l2c_threaded_isr() (bsc#1114279).
- EDAC: Add new memory type for non-volatile DIMMs (bsc#1099125).
- EDAC: Fix memleak in module init error path (bsc#1051510).
- EDAC: Raise the maximum number of memory controllers (bsc#1113780).
- Filesystem and FUSE fixes from upstream
- Fix kexec forbidding kernels signed with keys in the secondary keyring to boot (bsc#1110006).
- HID: add quirk for another PIXART OEM mouse used by HP (bsc#1051510).
- HID: add support for Apple Magic Keyboards (bsc#1051510).
- HID: hid-ntrig: add error handling for sysfs_create_group (bsc#1051510).
- HID: hid-saitek: Add device ID for RAT 7 Contagion (bsc#1051510).
- HID: hid-sensor-hub: Force logical minimum to 1 for power and report state (bsc#1051510).
- HID: i2c-hid: Add no-irq-after-reset quirk for 0911:5288 device ().
- HID: quirks: fix support for Apple Magic Keyboards (bsc#1051510).
- HID: sensor-hub: Restore fixup for Lenovo ThinkPad Helix 2 sensor hub report (bsc#1051510).
- IB/IPoIB: Set ah valid flag in multicast send flow (bsc#1046307 ).
- IB/core: type promotion bug in rdma_rw_init_one_mr() (bsc#1046306).
- IB/hfi1: Invalid NUMA node information can cause a divide by zero (bsc#1060463).
- IB/hfi1: Remove incorrect call to do_interrupt callback (bsc#1060463).
- IB/hfi1: Set in_use_ctxts bits for user ctxts only (bsc#1060463 ).
- IB/ipoib: Avoid a race condition between start_xmit and cm_rep_handler (bsc#1046307).
- IB/ipoib: Fix error return code in ipoib_dev_init() (bsc#1046307 ).
- IB/mlx4: Test port number before querying type (bsc#1046302 ).
- IB/mlx4: Use 4K pages for kernel QP's WQE buffer (bsc#1046302 ).
- IB/mlx5: fix uaccess beyond 'count' in debugfs read/write handlers (bsc#1046305).
- Input: atakbd - fix Atari CapsLock behaviour (bsc#1051510).
- Input: atakbd - fix Atari keymap (bsc#1051510).
- Input: atmel_mxt_ts - only use first T9 instance (bsc#1051510).
- Input: edt-ft5x06 - fix error handling for factory mode on non-M06 (bsc#1051510).
- Input: edt-ft5x06 - implement support for the EDT-M12 series (bsc#1051510).
- Input: edt-ft5x06 - make distinction between m06/m09/generic more clear (bsc#1051510).
- Input: elantech - enable middle button of touchpad on ThinkPad P72 (bsc#1051510).
- Input: synaptics-rmi4 - fix axis-swap behavior (bsc#1051510).
- KABI: hide new member in struct iommu_table from genksyms (bsc#1061840).
- KABI: move the new handler to end of machdep_calls and hide it from genksyms (bsc#1094244).
- KABI: powerpc: export __find_linux_pte as __find_linux_pte_or_hugepte (bsc#1061840).
- KABI: tpm: change relinquish_locality return value back to void (bsc#1082555).
- KABI: tpm: do keep the cmd_ready and go_idle as pm ops (bsc#1082555).
- KVM/VMX: Optimize vmx_vcpu_run() and svm_vcpu_run() by marking the RDMSR path as unlikely() (bsc#1110006).
- KVM/x86: remove WARN_ON() for when vm_munmap() fails (bsc#1106240).
- KVM: Enforce error in ioctl for compat tasks when !KVM_COMPAT (bsc#1106240).
- KVM: PPC: Add pt_regs into kvm_vcpu_arch and move vcpu->arch.gpr[] into it (bsc#1061840).
- KVM: PPC: Avoid marking DMA-mapped pages dirty in real mode (bsc#1061840).
- KVM: PPC: Book 3S HV: Do ptesync in radix guest exit path (bsc#1061840).
- KVM: PPC: Book3S HV: Add 'online' register to ONE_REG interface (bsc#1061840).
- KVM: PPC: Book3S HV: Add of_node_put() in success path (bsc#1061840).
- KVM: PPC: Book3S HV: Allow HPT and radix on the same core for POWER9 v2.2 (bsc#1061840).
- KVM: PPC: Book3S HV: Allow creating max number of VCPUs on POWER9 (bsc#1061840).
- KVM: PPC: Book3S HV: Avoid crash from THP collapse during radix page fault (bsc#1061840).
- KVM: PPC: Book3S HV: Avoid shifts by negative amounts (bsc#1061840).
- KVM: PPC: Book3S HV: Check DR not IR to chose real vs virt mode MMIOs (bsc#1061840).
- KVM: PPC: Book3S HV: Do SLB load/unload with guest LPCR value loaded (bsc#1061840).
- KVM: PPC: Book3S HV: Do not truncate HPTE index in xlate function (bsc#1061840).
- KVM: PPC: Book3S HV: Do not use compound_order to determine host mapping size (bsc#1061840).
- KVM: PPC: Book3S HV: Do not use existing 'prodded' flag for XIVE escalations (bsc#1061840).
- KVM: PPC: Book3S HV: Enable migration of decrementer register (bsc#1061840).
- KVM: PPC: Book3S HV: Factor fake-suspend handling out of kvmppc_save/restore_tm (bsc#1061840).
- KVM: PPC: Book3S HV: Fix VRMA initialization with 2MB or 1GB memory backing (bsc#1061840).
- KVM: PPC: Book3S HV: Fix conditions for starting vcpu (bsc#1061840).
- KVM: PPC: Book3S HV: Fix constant size warning (bsc#1061840).
- KVM: PPC: Book3S HV: Fix duplication of host SLB entries (bsc#1061840).
- KVM: PPC: Book3S HV: Fix guest r11 corruption with POWER9 TM workarounds (bsc#1061840).
- KVM: PPC: Book3S HV: Fix handling of large pages in radix page fault handler (bsc#1061840).
- KVM: PPC: Book3S HV: Fix handling of secondary HPTEG in HPT resizing code (bsc#1061840).
- KVM: PPC: Book3S HV: Fix inaccurate comment (bsc#1061840).
- KVM: PPC: Book3S HV: Fix kvmppc_bad_host_intr for real mode interrupts (bsc#1061840).
- KVM: PPC: Book3S HV: Fix trap number return from __kvmppc_vcore_entry (bsc#1061840).
- KVM: PPC: Book3S HV: Fix typo in kvmppc_hv_get_dirty_log_radix() (bsc#1061840).
- KVM: PPC: Book3S HV: Handle 1GB pages in radix page fault handler (bsc#1061840).
- KVM: PPC: Book3S HV: Improve handling of debug-trigger HMIs on POWER9 (bsc#1061840).
- KVM: PPC: Book3S HV: Keep XIVE escalation interrupt masked unless ceded (bsc#1061840).
- KVM: PPC: Book3S HV: Lockless tlbie for HPT hcalls (bsc#1061840).
- KVM: PPC: Book3S HV: Make HPT resizing work on POWER9 (bsc#1061840).
- KVM: PPC: Book3S HV: Make radix clear pte when unmapping (bsc#1061840).
- KVM: PPC: Book3S HV: Make radix use correct tlbie sequence in kvmppc_radix_tlbie_page (bsc#1061840).
- KVM: PPC: Book3S HV: Make xive_pushed a byte, not a word (bsc#1061840).
- KVM: PPC: Book3S HV: Pack VCORE IDs to access full VCPU ID space (bsc#1061840).
- KVM: PPC: Book3S HV: Radix page fault handler optimizations (bsc#1061840).
- KVM: PPC: Book3S HV: Read kvm->arch.emul_smt_mode under kvm->lock (bsc#1061840).
- KVM: PPC: Book3S HV: Recursively unmap all page table entries when unmapping (bsc#1061840).
- KVM: PPC: Book3S HV: Remove useless statement (bsc#1061840).
- KVM: PPC: Book3S HV: Remove vcpu->arch.dec usage (bsc#1061840).
- KVM: PPC: Book3S HV: Send kvmppc_bad_interrupt NMIs to Linux handlers (bsc#1061840).
- KVM: PPC: Book3S HV: Set RWMR on POWER8 so PURR/SPURR count correctly (bsc#1061840).
- KVM: PPC: Book3S HV: Snapshot timebase offset on guest entry (bsc#1061840).
- KVM: PPC: Book3S HV: Streamline setting of reference and change bits (bsc#1061840).
- KVM: PPC: Book3S HV: Use __gfn_to_pfn_memslot() in page fault handler (bsc#1061840).
- KVM: PPC: Book3S HV: Use a helper to unmap ptes in the radix fault path (bsc#1061840).
- KVM: PPC: Book3S HV: Use correct pagesize in kvm_unmap_radix() (bsc#1061840, git-fixes).
- KVM: PPC: Book3S HV: XIVE: Resend re-routed interrupts on CPU priority change (bsc#1061840).
- KVM: PPC: Book3S HV: radix: Do not clear partition PTE when RC or write bits do not match (bsc#1061840).
- KVM: PPC: Book3S HV: radix: Refine IO region partition scope attributes (bsc#1061840).
- KVM: PPC: Book3S PR: Add guest MSR parameter for kvmppc_save_tm()/kvmppc_restore_tm() (bsc#1061840).
- KVM: PPC: Book3S PR: Move kvmppc_save_tm/kvmppc_restore_tm to separate file (bsc#1061840).
- KVM: PPC: Book3S: Add MMIO emulation for VMX instructions (bsc#1061840).
- KVM: PPC: Book3S: Allow backing bigger guest IOMMU pages with smaller physical pages (bsc#1061840).
- KVM: PPC: Book3S: Check KVM_CREATE_SPAPR_TCE_64 parameters (bsc#1061840).
- KVM: PPC: Book3S: Eliminate some unnecessary checks (bsc#1061840).
- KVM: PPC: Book3S: Fix compile error that occurs with some gcc versions (bsc#1061840).
- KVM: PPC: Book3S: Fix guest DMA when guest partially backed by THP pages (bsc#1077761, git-fixes, bsc#1103948, bsc#1103949).
- KVM: PPC: Book3S: Fix matching of hardware and emulated TCE tables (bsc#1061840).
- KVM: PPC: Book3S: Use correct page shift in H_STUFF_TCE (bsc#1061840).
- KVM: PPC: Fix a mmio_host_swabbed uninitialized usage issue (bsc#1061840).
- KVM: PPC: Make iommu_table::it_userspace big endian (bsc#1061840).
- KVM: PPC: Move nip/ctr/lr/xer registers to pt_regs in kvm_vcpu_arch (bsc#1061840).
- KVM: PPC: Use seq_puts() in kvmppc_exit_timing_show() (bsc#1061840).
- KVM: SVM: Add MSR-based feature support for serializing LFENCE (bsc#1106240).
- KVM: VMX: Do not allow reexecute_instruction() when skipping MMIO instr (bsc#1106240).
- KVM: VMX: Tell the nested hypervisor to skip L1D flush on vmentry (bsc#1106240).
- KVM: VMX: Work around kABI breakage in 'enum vmx_l1d_flush_state' (bsc#1106369).
- KVM: VMX: fixes for vmentry_l1d_flush module parameter (bsc#1106369).
- KVM: VMX: raise internal error for exception during invalid protected mode state (bsc#1110006).
- KVM: VMX: support MSR_IA32_ARCH_CAPABILITIES as a feature MSR (bsc#1106240).
- KVM: X86: Fix reserved bits check for MOV to CR3 (bsc#1110006).
- KVM: X86: Introduce kvm_get_msr_feature() (bsc#1106240).
- KVM: X86: fix incorrect reference of trace_kvm_pi_irte_update (bsc#1110006).
- KVM: hyperv: idr_find needs RCU protection (bsc#1107207).
- KVM: introduce kvm_make_vcpus_request_mask() API (bsc#1107207).
- KVM: lapic: stop advertising DIRECTED_EOI when in-kernel IOAPIC is in use (bsc#1110006).
- KVM: nVMX: Do not expose MPX VMX controls when guest MPX disabled (bsc#1106240).
- KVM: nVMX: Do not flush TLB when vmcs12 uses VPID (bsc#1106240).
- KVM: nVMX: Do not halt vcpu when L1 is injecting events to L2 (bsc#1110006).
- KVM: nVMX: Fix injection to L2 when L1 do not intercept external-interrupts (bsc#1106240).
- KVM: nVMX: Fix races when sending nested PI while dest enters/leaves L2 (bsc#1106240).
- KVM: nVMX: Re-evaluate L1 pending events when running L2 and L1 got posted-interrupt (bsc#1106240).
- KVM: s390: add etoken support for guests (bsc#1106948, LTC#171029).
- KVM: s390: force bp isolation for VSIE (bsc#1103421).
- KVM: s390: implement CPU model only facilities (bsc#1106948, LTC#171029).
- KVM: vmx: track host_state.loaded using a loaded_vmcs pointer (bsc#1110006).
- KVM: vmx: use local variable for current_vmptr when emulating VMPTRST (bsc#1110006).
- KVM: x86: Add a framework for supporting MSR-based features (bsc#1106240).
- KVM: x86: Change __kvm_apic_update_irr() to also return if max IRR updated (bsc#1106240).
- KVM: x86: Default to not allowing emulation retry in kvm_mmu_page_fault (bsc#1106240).
- KVM: x86: Do not re-{try,execute} after failed emulation in L2 (bsc#1106240).
- KVM: x86: Do not use kvm_x86_ops->mpx_supported() directly (bsc#1106240).
- KVM: x86: Invert emulation re-execute behavior to make it opt-in (bsc#1106240).
- KVM: x86: Merge EMULTYPE_RETRY and EMULTYPE_ALLOW_REEXECUTE (bsc#1106240).
- KVM: x86: SVM: Call x86_spec_ctrl_set_guest/host() with interrupts disabled (git-fixes 1f50ddb4f418).
- KVM: x86: Update cpuid properly when CR4.OSXAVE or CR4.PKE is changed (bsc#1110006).
- KVM: x86: VMX: hyper-v: Enlightened MSR-Bitmap support (bsc#1107207).
- KVM: x86: define SVM/VMX specific kvm_arch_[alloc|free]_vm (bsc#1111506).
- KVM: x86: ensure all MSRs can always be KVM_GET/SET_MSR'd (bsc#1107207).
- KVM: x86: fix #UD address of failed Hyper-V hypercalls (bsc#1107207).
- KVM: x86: fix #UD address of failed Hyper-V hypercalls (bsc#1110006).
- KVM: x86: fix APIC page invalidation (bsc#1106240).
- KVM: x86: fix escape of guest dr6 to the host (bsc#1110006).
- KVM: x86: hyperv: do rep check for each hypercall separately (bsc#1107207).
- KVM: x86: hyperv: simplistic HVCALL_FLUSH_VIRTUAL_ADDRESS_{LIST,SPACE} implementation (bsc#1107207).
- KVM: x86: hyperv: simplistic HVCALL_FLUSH_VIRTUAL_ADDRESS_{LIST,SPACE}_EX implementation (bsc#1107207).
- KVM: x86: hyperv: use defines when parsing hypercall parameters (bsc#1107207).
- KVM: x86: remove APIC Timer periodic/oneshot spikes (bsc#1110006).
- Kbuild: fix # escaping in .cmd files for future Make (git-fixes).
- Limit kernel-source build to architectures for which we build binaries (bsc#1108281).
- MAINTAINERS: fix location of ina2xx.txt device tree file (bsc#1051510).
- NET: stmmac: align DMA stuff to largest cache line length (netfilter-stable-18_08_01).
- NFC: Fix possible memory corruption when handling SHDLC I-Frame commands (bsc#1051510).
- NFC: nfcmrvl_uart: fix OF child-node lookup (bsc#1051510).
- NFC: trf7970a: fix check of clock frequencies (bsc#1051510).
- NFS/filelayout: Fix racy setting of fl->dsaddr in filelayout_check_deviceid() (bsc#1105190).
- NFS: Avoid quadratic search when freeing delegations (bsc#1084760).
- NFS: Use an appropriate work queue for direct-write completion (bsc#1082519).
- NFSv4 client live hangs after live data migration recovery (git-fixes).
- NFSv4: Fix a sleep in atomic context in nfs4_callback_sequence() (git-fixes).
- NFSv4: Fix possible 1-byte stack overflow in nfs_idmap_read_and_verify_message (git-fixes).
- Netperf performance issue due to AppArmor net mediation (bsc#1108520)
- PCI/ASPM: Fix link_state teardown on device removal (bsc#1051510).
- PCI/portdrv: Compute MSI/MSI-X IRQ vectors after final allocation (bsc#1109806).
- PCI/portdrv: Factor out Interrupt Message Number lookup (bsc#1109806).
- PCI: Add PCI resource type mask #define (bsc#1105355).
- PCI: Add pci_resize_resource() for resizing BARs (bsc#1105355).
- PCI: Add resizable BAR infrastructure (bsc#1105355).
- PCI: Allow release of resources that were never assigned (bsc#1105355).
- PCI: Cleanup PCI_REBAR_CTRL_BAR_SHIFT handling (bsc#1105355).
- PCI: Match Root Port's MPS to endpoint's MPSS as necessary (bsc#1109269).
- PCI: OF: Fix I/O space page leak (git-fixes).
- PCI: Reprogram bridge prefetch registers on resume (bsc#1051510).
- PCI: Restore resized BAR state on resume (bsc#1105355).
- PCI: Skip MPS logic for Virtual Functions (VFs) (bsc#1051510).
- PCI: aardvark: Fix I/O space page leak (git-fixes).
- PCI: aardvark: Size bridges before resources allocation (bsc#1109806).
- PCI: designware: Fix I/O space page leak (bsc#1109806).
- PCI: dwc: Fix scheduling while atomic issues (git-fixes).
- PCI: faraday: Add missing of_node_put() (bsc#1109806).
- PCI: faraday: Fix I/O space page leak (bsc#1109806).
- PCI: hotplug: Do not leak pci_slot on registration failure (bsc#1051510).
- PCI: hv: Convert remove_lock to refcount (bsc#1107207).
- PCI: hv: Do not wait forever on a device that has disappeared (bsc#1107207).
- PCI: hv: Do not wait forever on a device that has disappeared (bsc#1109806).
- PCI: hv: Fix return value check in hv_pci_assign_slots() (bsc#1107207).
- PCI: hv: Make sure the bus domain is really unique (git-fixes).
- PCI: hv: Remove unused reason for refcount handler (bsc#1107207).
- PCI: hv: Replace GFP_ATOMIC with GFP_KERNEL in new_pcichild_device() (bsc#1107207).
- PCI: hv: Use effective affinity mask (bsc#1107207).
- PCI: hv: Use list_for_each_entry() (bsc#1107207).
- PCI: hv: support reporting serial number as slot information (bsc#1107207).
- PCI: mvebu: Fix I/O space end address calculation (bsc#1051510).
- PCI: pciehp: Fix unprotected list iteration in IRQ handler (bsc#1051510).
- PCI: pciehp: Fix use-after-free on unplug (bsc#1051510).
- PCI: versatile: Fix I/O space page leak (bsc#1109806).
- PCI: xgene: Fix I/O space page leak (bsc#1109806).
- PCI: xilinx-nwl: Add missing of_node_put() (bsc#1109806).
- PCI: xilinx: Add missing of_node_put() (bsc#1109806).
- PM / Domains: Fix error path during attach in genpd (bsc#1051510).
- PM / Domains: Fix genpd to deal with drivers returning 1 from ->prepare() (bsc#1051510).
- PM / clk: signedness bug in of_pm_clk_add_clks() (bsc#1051510).
- PM / core: Clear the direct_complete flag on errors (bsc#1051510).
- PM / runtime: Drop usage count for suppliers at device link removal (bsc#1100132).
- PM / sleep: wakeup: Fix build error caused by missing SRCU support (bsc#1051510).
- PM: cpuidle: Fix cpuidle_poll_state_init() prototype (bsc#1110006).
- RAID10 BUG_ON in raise_barrier when force is true and conf->barrier is 0 (git-fixes).
- RDMA/bnxt_re: Fix a bunch of off by one bugs in qplib_fp.c (bsc#1050244).
- RDMA/bnxt_re: Fix a couple off by one bugs (bsc#1050244 ).
- RDMA/bnxt_re: Fix system crash during RDMA resource initialization (bsc#1086283).
- RDMA/i40w: Hold read semaphore while looking after VMA (bsc#1058659).
- RDMA/uverbs: Expand primary and alt AV port checks (bsc#1046306 ).
- Squashfs: Compute expected length from inode size rather than block length (bsc#1051510).
- Tools: hv: Fix a bug in the key delete code (bsc#1107207).
- USB: Add quirk to support DJI CineSSD (bsc#1051510).
- USB: add quirk for WORLDE Controller KS49 or Prodipe MIDI 49C USB controller (bsc#1051510).
- USB: cdc-wdm: do not enable interrupts in USB-giveback (bsc#1051510).
- USB: fix error handling in usb_driver_claim_interface() (bsc#1051510).
- USB: handle NULL config in usb_find_alt_setting() (bsc#1051510).
- USB: net2280: Fix erroneous synchronization change (bsc#1051510).
- USB: option: add support for DW5821e (bsc#1051510).
- USB: remove LPM management from usb_driver_claim_interface() (bsc#1051510).
- USB: serial: cypress_m8: fix interrupt-out transfer length (bsc#1051510).
- USB: serial: io_ti: fix array underflow in completion handler (bsc#1051510).
- USB: serial: kobil_sct: fix modem-status error handling (bsc#1051510).
- USB: serial: pl2303: add a new device id for ATEN (bsc#1051510).
- USB: serial: sierra: fix potential deadlock at close (bsc#1051510).
- USB: serial: simple: add Motorola Tetra MTP6550 id (bsc#1051510).
- USB: serial: ti_usb_3410_5052: fix array underflow in completion handler (bsc#1051510).
- USB: yurex: Check for truncation in yurex_read() (bsc#1051510).
- USB: yurex: Fix buffer over-read in yurex_write() (bsc#1051510).
- Update config files, make CRYPTO_CRCT10DIF_PCLMUL built-in (bsc#1105603).
- VFS: do not test owner for NFS in set_posix_acl() (bsc#1103405).
- Workaround for mysterious NVMe breakage with i915 CFL (bsc#1111040).
- Workaround kABI breakage by __must_check drop of strscpy() (bsc#1051510).
- X86/Hyper-V: Add flush HvFlushGuestPhysicalAddressSpace hypercall support (bsc#1107207).
- X86/Hyper-V: Add hyperv_nested_flush_guest_mapping ftrace support (bsc#1107207).
- X86/Hyper-V: Consolidate code for converting cpumask to vpset (bsc#1107207).
- X86/Hyper-V: Consolidate the allocation of the hypercall input page (bsc#1107207).
- X86/Hyper-V: Enable IPI enlightenments (bsc#1107207).
- X86/Hyper-V: Enhanced IPI enlightenment (bsc#1107207).
- X86/Hyper-V: Enlighten APIC access (bsc#1107207).
- acpi, nfit: Add function to look up nvdimm device and provide SMBIOS handle (bsc#1099125).
- affs_lookup(): close a race with affs_remove_link() (bsc#1105355).
- ahci: Add Intel Ice Lake LP PCI ID (bsc#1051510).
- aio: fix io_destroy(2) vs. lookup_ioctx() race (git-fixes).
- apparmor: Check buffer bounds when mapping permissions mask (git-fixes).
- apparmor: Fix failure to audit context info in build_change_hat (bsc#1051510).
- apparmor: Fix regression in profile conflict logic (bsc#1106427)
- apparmor: Fully initialize aa_perms struct when answering userspace query (bsc#1051510).
- apparmor: ensure that undecidable profile attachments fail (bsc#1106427).
- apparmor: fix an error code in __aa_create_ns() (bsc#1106427).
- apparmor: fix mediation of prlimit (bsc#1051510).
- apparmor: fix memory leak when deduping profile load (bsc#1051510).
- apparmor: fix ptrace read check (bsc#1051510).
- apparmor: remove no-op permission check in policy_unpack (bsc#1106427).
- arm/asm/tlb.h: Fix build error implicit func declaration (bsc#1105467 Reduce IPIs and atomic ops with improved lazy TLB).
- arm64/acpi: Create arch specific cpu to acpi id helper (bsc#1106903).
- arm64/kasan: do not allocate extra shadow memory (bsc#1106897).
- arm64/mm/kasan: do not use vmemmap_populate() to initialize shadow (bsc#1106898).
- arm64: Enforce BBM for huge IO/VMAP mappings (bsc#1106890).
- arm64: Ignore hardware dirty bit updates in ptep_set_wrprotect() (bsc#1108010).
- arm64: Make sure permission updates happen for pmd/pud (bsc#1106891).
- arm64: dma-mapping: clear buffers allocated with FORCE_CONTIGUOUS flag (bsc#1106902).
- arm64: enable thunderx gpio driver
- arm64: export memblock_reserve()d regions via /proc/iomem (bsc#1106892).
- arm64: fix unwind_frame() for filtered out fn for function graph tracing (bsc#1106900).
- arm64: fix vmemmap BUILD_BUG_ON() triggering on !vmemmap setups (bsc#1106896).
- arm64: fpsimd: Avoid FPSIMD context leakage for the init task (bsc#1106894).
- arm64: kasan: avoid pfn_to_nid() before page array is initialized (bsc#1106899).
- arm64: mm: Ensure writes to swapper are ordered wrt subsequent cache maintenance (bsc#1106906).
- arm64: mm: check for upper PAGE_SHIFT bits in pfn_valid() (bsc#1106893).
- arm64: move patches to sorted section
- arm64: numa: rework ACPI NUMA initialization (bsc#1106905).
- arm64: vgic-v2: Fix proxying of cpuif access (bsc#1106901).
- asix: Check for supported Wake-on-LAN modes (bsc#1051510).
- ata: Fix ZBC_OUT all bit handling (bsc#1051510).
- ata: Fix ZBC_OUT command block check (bsc#1051510).
- ata: libahci: Allow reconfigure of DEVSLP register (bsc#1051510).
- ata: libahci: Correct setting of DEVSLP register (bsc#1051510).
- ath10k: disable bundle mgmt tx completion event support (bsc#1051510).
- ath10k: fix kernel panic issue during pci probe (bsc#1051510).
- ath10k: fix scan crash due to incorrect length calculation (bsc#1051510).
- ath10k: fix use-after-free in ath10k_wmi_cmd_send_nowait (bsc#1051510).
- ath10k: prevent active scans on potential unusable channels (bsc#1051510).
- ath10k: protect ath10k_htt_rx_ring_free with rx_ring.lock (bsc#1051510).
- ath10k: update the phymode along with bandwidth change request (bsc#1051510).
- ath9k: add MSI support ().
- ath9k: report tx status on EOSP (bsc#1051510).
- ath9k_hw: fix channel maximum power level test (bsc#1051510).
- atm: Preserve value of skb->truesize when accounting to vcc (networking-stable-18_07_19).
- atm: horizon: Fix irq release error (bsc#1105355).
- atm: zatm: Fix potential Spectre v1 (networking-stable-18_07_19).
- atm: zatm: fix memcmp casting (bsc#1105355).
- audit: Fix extended comparison of GID/EGID (bsc#1051510).
- audit: allow not equal op for audit by executable (bsc#1051510).
- audit: fix use-after-free in audit_add_watch (bsc#1051510).
- autofs: fix autofs_sbi() does not check super block type (git-fixes).
- autofs: fix slab out of bounds read in getname_kernel() (git-fixes).
- autofs: mount point create should honour passed in mode (git-fixes).
- ax88179_178a: Check for supported Wake-on-LAN modes (bsc#1051510).
- b43/leds: Ensure NUL-termination of LED name string (bsc#1051510).
- b43legacy/leds: Ensure NUL-termination of LED name string (bsc#1051510).
- badblocks: fix wrong return value in badblocks_set if badblocks are disabled (git-fixes).
- batman-adv: Avoid probe ELP information leak (bsc#1051510).
- batman-adv: Fix multicast TT issues with bogus ROAM flags (bsc#1051510).
- batman-adv: Fix segfault when writing to sysfs elp_interval (bsc#1051510).
- batman-adv: Fix segfault when writing to throughput_override (bsc#1051510).
- batman-adv: Prevent duplicated gateway_node entry (bsc#1051510).
- batman-adv: Prevent duplicated global TT entry (bsc#1051510).
- batman-adv: Prevent duplicated nc_node entry (bsc#1051510).
- batman-adv: Prevent duplicated softif_vlan entry (bsc#1051510).
- batman-adv: Prevent duplicated tvlv handler (bsc#1051510).
- batman-adv: fix backbone_gw refcount on queue_work() failure (bsc#1051510).
- batman-adv: fix hardif_neigh refcount on queue_work() failure (bsc#1051510).
- bcache: avoid unncessary cache prefetch bch_btree_node_get().
- bcache: calculate the number of incremental GC nodes according to the total of btree nodes.
- bcache: display rate debug parameters to 0 when writeback is not running.
- bcache: do not check return value of debugfs_create_dir().
- bcache: finish incremental GC.
- bcache: fix I/O significant decline while backend devices registering.
- bcache: fix error setting writeback_rate through sysfs interface.
- bcache: free heap cache_set->flush_btree in bch_journal_free.
- bcache: make the pr_err statement used for ENOENT only in sysfs_attatch section.
- bcache: release dc->writeback_lock properly in bch_writeback_thread().
- bcache: set max writeback rate when I/O request is idle.
- bcache: simplify the calculation of the total amount of flash dirty data.
- bdi: Fix another oops in wb_workfn() (bsc#1112746).
- bdi: Preserve kabi when adding cgwb_release_mutex (bsc#1112746).
- be2net: Fix memory leak in be_cmd_get_profile_config() (bsc#1086288).
- be2net: remove unused old AIC info (bsc#1086288).
- be2net: remove unused old custom busy-poll fields (bsc#1086288 ).
- binfmt_elf: Respect error return from `regset->active' (bsc#1051510).
- blk-mq: I/O and timer unplugs are inverted in blktrace (bsc#1112713).
- blk-mq: avoid to synchronize rcu inside blk_cleanup_queue() (bsc#1077989).
- blkdev: __blkdev_direct_IO_simple: fix leak in error case (bsc#1083663).
- blkdev_report_zones_ioctl(): Use vmalloc() to allocate large buffers (bsc#1111819).
- block, bfq: fix wrong init of saved start time for weight raising (bsc#1112708).
- block, bfq: return nbytes and not zero from struct cftype .write() method (bsc#1106238).
- block, dax: remove dead code in blkdev_writepages() (bsc#1104888).
- block: Invalidate cache on discard v2 (bsc#1109992).
- block: bfq: swap puts in bfqg_and_blkg_put (bsc#1112712).
- block: bio_iov_iter_get_pages: fix size of last iovec (bsc#1083663).
- block: bio_iov_iter_get_pages: pin more pages for multi-segment IOs (bsc#1083663).
- block: bvec_nr_vecs() returns value for wrong slab (bsc#1111834).
- block: do not print a message when the device went away (bsc#1098459).
- block: do not warn for flush on read-only device (bsc#1107756).
- block: fix warning when I/O elevator is changed as request_queue is being removed (bsc#1109979).
- block: pass inclusive 'lend' parameter to truncate_inode_pages_range (bsc#1109992).
- block: properly protect the 'queue' kobj in blk_unregister_queue (bsc#1109979).
- bnx2x: Fix invalid memory access in rss hash config path (bsc#1050319).
- bnx2x: Fix receiving tx-timeout in error or recovery state (bsc#1050319).
- bnxt_en: Clean up unused functions (bsc#1086282).
- bnxt_en: Do not adjust max_cp_rings by the ones used by RDMA (bsc#1086282).
- bnxt_en: Fix VF mac address regression (bsc#1086282 ).
- bnxt_re: Fix couple of memory leaks that could lead to IOMMU call traces (bsc#1050244).
- bonding: avoid lockdep confusion in bond_get_stats() (netfilter-stable-18_08_04).
- bpf, s390: fix potential memleak when later bpf_jit_prog fails (bsc#1083647).
- bpf/verifier: disallow pointer subtraction (bsc#1083647).
- bpf: fix references to free_bpf_prog_info() in comments (bsc#1083647).
- bpf: fix uninitialized variable in bpf tools (bsc#1083647).
- bpf: hash map: decrement counter on error (bsc#1083647).
- bpf: make cavium thunder compatible w/ bpf_xdp_adjust_tail (bsc#1110096).
- bpf: powerpc64: pad function address loads with NOPs (bsc#1083647).
- bpf: use GFP_ATOMIC instead of GFP_KERNEL in bpf_parse_prog() (bsc#1083647).
- brcmfmac: stop watchdog before detach and free everything (bsc#1051510).
- brcmsmac: fix wrap around in conversion from constant to s16 (bsc#1051510).
- btrfs: Add checker for EXTENT_CSUM (bsc#1102882, bsc#1102896, bsc#1102879, bsc#1102877, bsc#1102875,).
- btrfs: Add sanity check for EXTENT_DATA when reading out leaf (bsc#1102882, bsc#1102896, bsc#1102879, bsc#1102877, bsc#1102875,).
- btrfs: Check if item pointer overlaps with the item itself (bsc#1102882, bsc#1102896, bsc#1102879, bsc#1102877, bsc#1102875,).
- btrfs: Check that each block group has corresponding chunk at mount time (bsc#1102882, bsc#1102896, bsc#1102879, bsc#1102877, bsc#1102875,).
- btrfs: Enhance btrfs_trim_fs function to handle error better (Dependency for bsc#1113667).
- btrfs: Ensure btrfs_trim_fs can trim the whole filesystem (bsc#1113667).
- btrfs: Fix use-after-free when cleaning up fs_devs with a single stale device (bsc#1097105).
- btrfs: Fix wrong btrfs_delalloc_release_extents parameter (bsc#1031392).
- btrfs: Handle error from btrfs_uuid_tree_rem call in _btrfs_ioctl_set_received_subvol (bsc#1097105).
- btrfs: Introduce mount time chunk dev extent mapping check (bsc#1102882, bsc#1102896, bsc#1102879, bsc#1102877, bsc#1102875,).
- btrfs: Manually implement device_total_bytes getter/setter (bsc#1043912).
- btrfs: Move leaf and node validation checker to tree-checker.c (bsc#1102882, bsc#1102896, bsc#1102879, bsc#1102877, bsc#1102875,).
- btrfs: Remove unused parameters from various functions (bsc#1110649).
- btrfs: Round down values which are written for total_bytes_size (bsc#1043912).
- btrfs: Verify that every chunk has corresponding block group at mount time (bsc#1102882, bsc#1102896, bsc#1102879, bsc#1102877, bsc#1102875,).
- btrfs: add a comp_refs() helper (dependency for bsc#1031392).
- btrfs: add tracepoints for outstanding extents mods (dependency for bsc#1031392).
- btrfs: check-integrity: Fix NULL pointer dereference for degraded mount (bsc#1107947).
- btrfs: cleanup extent locking sequence (dependency for bsc#1031392).
- btrfs: delayed-inode: Remove wrong qgroup meta reservation calls (bsc#1031392).
- btrfs: delayed-inode: Use new qgroup meta rsv for delayed inode and item (bsc#1031392).
- btrfs: fix error handling in btrfs_dev_replace_start (bsc#1107535).
- btrfs: fix missing error return in btrfs_drop_snapshot (Git-fixes bsc#1109919).
- btrfs: handle errors while updating refcounts in update_ref_for_cow (Git-fixes bsc#1109915).
- btrfs: log csums for all modified extents (bsc#1110639).
- btrfs: make the delalloc block rsv per inode (dependency for bsc#1031392).
- btrfs: qgroup: Add quick exit for non-fs extents (dependency for bsc#1031392).
- btrfs: qgroup: Cleanup btrfs_qgroup_prepare_account_extents function (dependency for bsc#1031392).
- btrfs: qgroup: Cleanup the remaining old reservation counters (bsc#1031392).
- btrfs: qgroup: Commit transaction in advance to reduce early EDQUOT (bsc#1031392).
- btrfs: qgroup: Do not use root->qgroup_meta_rsv for qgroup (bsc#1031392).
- btrfs: qgroup: Fix qgroup reserved space underflow by only freeing reserved ranges (dependency for bsc#1031392).
- btrfs: qgroup: Fix qgroup reserved space underflow caused by buffered write and quotas being enabled (dependency for bsc#1031392).
- btrfs: qgroup: Fix wrong qgroup reservation update for relationship modification (bsc#1031392).
- btrfs: qgroup: Introduce extent changeset for qgroup reserve functions (dependency for bsc#1031392).
- btrfs: qgroup: Introduce function to convert META_PREALLOC into META_PERTRANS (bsc#1031392).
- btrfs: qgroup: Introduce helpers to update and access new qgroup rsv (bsc#1031392).
- btrfs: qgroup: Make qgroup_reserve and its callers to use separate reservation type (bsc#1031392).
- btrfs: qgroup: Return actually freed bytes for qgroup release or free data (dependency for bsc#1031392).
- btrfs: qgroup: Skeleton to support separate qgroup reservation type (bsc#1031392).
- btrfs: qgroup: Split meta rsv type into meta_prealloc and meta_pertrans (bsc#1031392).
- btrfs: qgroup: Update trace events for metadata reservation (bsc#1031392).
- btrfs: qgroup: Update trace events to use new separate rsv types (bsc#1031392).
- btrfs: qgroup: Use independent and accurate per inode qgroup rsv (bsc#1031392).
- btrfs: qgroup: Use root::qgroup_meta_rsv_* to record qgroup meta reserved space (bsc#1031392).
- btrfs: qgroup: Use separate meta reservation type for delalloc (bsc#1031392).
- btrfs: remove type argument from comp_tree_refs (dependency for bsc#1031392).
- btrfs: round down size diff when shrinking/growing device (bsc#1097105).
- btrfs: scrub: Do not use inode page cache in scrub_handle_errored_block() (follow up for bsc#1108096).
- btrfs: scrub: Do not use inode pages for device replace (follow up for bsc#1108096).
- btrfs: switch args for comp_*_refs (dependency for bsc#1031392).
- btrfs: tests/qgroup: Fix wrong tree backref level (bsc#1107928).
- btrfs: tree-checker: Add checker for dir item (bsc#1102882, bsc#1102896, bsc#1102879, bsc#1102877, bsc#1102875,).
- btrfs: tree-checker: Detect invalid and empty essential trees (bsc#1102882, bsc#1102896, bsc#1102879, bsc#1102877, bsc#1102875,).
- btrfs: tree-checker: Enhance btrfs_check_node output (bsc#1102882, bsc#1102896, bsc#1102879, bsc#1102877, bsc#1102875,).
- btrfs: tree-checker: Enhance output for btrfs_check_leaf (bsc#1102882, bsc#1102896, bsc#1102879, bsc#1102877, bsc#1102875,).
- btrfs: tree-checker: Enhance output for check_csum_item (bsc#1102882, bsc#1102896, bsc#1102879, bsc#1102877, bsc#1102875,).
- btrfs: tree-checker: Enhance output for check_extent_data_item (bsc#1102882, bsc#1102896, bsc#1102879, bsc#1102877, bsc#1102875,).
- btrfs: tree-checker: Fix false panic for sanity test (bsc#1102882, bsc#1102896, bsc#1102879, bsc#1102877, bsc#1102875,).
- btrfs: tree-checker: Replace root parameter with fs_info (bsc#1102882, bsc#1102896, bsc#1102879, bsc#1102877, bsc#1102875,).
- btrfs: tree-checker: Verify block_group_item (bsc#1102882, bsc#1102896, bsc#1102879, bsc#1102877, bsc#1102875,).
- btrfs: tree-checker: use %zu format string for size_t (bsc#1102882, bsc#1102896, bsc#1102879, bsc#1102877, bsc#1102875,).
- btrfs: tree-checker: use %zu format string for size_t (bsc#1102882, bsc#1102896, bsc#1102879, bsc#1102877, bsc#1102875,).
- cdc-acm: fix race between reset and control messaging (bsc#1051510).
- cdrom: Fix info leak/OOB read in cdrom_ioctl_drive_status (bsc#1051510).
- ceph: avoid a use-after-free in ceph_destroy_options() (bsc#1111983).
- ceph: fix incorrect use of strncpy (bsc#1107319).
- ceph: return errors from posix_acl_equiv_mode() correctly (bsc#1107320).
- cfg80211: fix a type issue in ieee80211_chandef_to_operating_class() (bsc#1051510).
- cfg80211: nl80211_update_ft_ies() to validate NL80211_ATTR_IE (bsc#1051510).
- cfg80211: reg: Init wiphy_idx in regulatory_hint_core() (bsc#1051510).
- cgroup: avoid copying strings longer than the buffers (bsc#1051510).
- cifs: Fix stack out-of-bounds in smb{2,3}_create_lease_buf() (bsc#1051510).
- cifs: Fix use after free of a mid_q_entry (bsc#1112903).
- cifs: check kmalloc before use (bsc#1051510).
- cifs: fix memory leak in SMB2_open() (bsc#1112894).
- cifs: integer overflow in in SMB2_ioctl() (bsc#1051510).
- cifs: store the leaseKey in the fid on SMB2_open (bsc#1051510).
- clk: clk-fixed-factor: Clear OF_POPULATED flag in case of failure (bsc#1051510).
- clk: core: Potentially free connection id (bsc#1051510).
- clk: imx6ul: fix missing of_node_put() (bsc#1051510).
- clk: meson: gxbb: remove HHI_GEN_CLK_CTNL duplicate definition (bsc#1051510).
- clk: mvebu: armada-38x: add support for 1866MHz variants (bsc#1105355).
- clk: mvebu: armada-38x: add support for missing clocks (bsc#1105355).
- clk: rockchip: Add pclk_rkpwm_pmu to PMU critical clocks in rk3399 (bsc#1051510).
- clk: rockchip: fix clk_i2sout parent selection bits on rk3399 (bsc#1051510).
- clk: tegra: bpmp: Do not crash when a clock fails to register (bsc#1051510).
- clk: x86: Stop marking clocks as CLK_IS_CRITICAL (bsc#1051510).
- clk: x86: add 'ether_clk' alias for Bay Trail / Cherry Trail (bsc#1051510).
- clocksource/drivers/ti-32k: Add CLOCK_SOURCE_SUSPEND_NONSTOP flag for non-am43 SoCs (bsc#1051510).
- clocksource/drivers/timer-atmel-pit: Properly handle error cases (bsc#1051510).
- cls_matchall: fix tcf_unbind_filter missing (networking-stable-18_08_21).
- coda: fix 'kernel memory exposure attempt' in fsync (bsc#1051510).
- coresight: Handle errors in finding input/output ports (bsc#1051510).
- coresight: tpiu: Fix disabling timeouts (bsc#1051510).
- cpu/hotplug: Fix SMT supported evaluation (bsc#1110006).
- cpufreq / CPPC: Set platform specific transition_delay_us (bsc#1101480).
- cpufreq, intel_pstate: Allow unspecified FADT profile to probe PPC (bsc#1108841).
- cpufreq: CPPC: Do not set transition_latency (bsc#1101480).
- cpufreq: CPPC: Use transition_delay_us depending transition_latency (bsc#1101480).
- cpufreq: remove setting of policy->cpu in policy->cpus during init (bsc#1101480).
- crypto: ablkcipher - fix crash flushing dcache in error path (bsc#1051510).
- crypto: blkcipher - fix crash flushing dcache in error path (bsc#1051510).
- crypto: caam - fix implicit casts in endianness helpers (bsc#1051510).
- crypto: caam/jr - fix ablkcipher_edesc pointer arithmetic (bsc#1051510).
- crypto: caam/jr - fix descriptor DMA unmapping (bsc#1051510).
- crypto: caam/qi - fix error path in xts setkey (bsc#1051510).
- crypto: cavium/nitrox - fix for command corruption in queue full case with backlog submissions (bsc#1051510).
- crypto: ccp - Check for NULL PSP pointer at module unload (bsc#1051510).
- crypto: ccp - Fix command completion detection race (bsc#1051510).
- crypto: ccp - add timeout support in the SEV command (bsc#1106838).
- crypto: chelsio - Fix memory corruption in DMA Mapped buffers (bsc#1051510).
- crypto: clarify licensing of OpenSSL asm code ().
- crypto: lrw - Fix out-of bounds access on counter overflow (bsc#1051510).
- crypto: mxs-dcp - Fix wait logic on chan threads (bsc#1051510).
- crypto: qat - Fix KASAN stack-out-of-bounds bug in adf_probe() (bsc#1051510).
- crypto: sharah - Unregister correct algorithms for SAHARA 3 (bsc#1051510).
- crypto: skcipher - Fix -Wstringop-truncation warnings (bsc#1051510).
- crypto: skcipher - fix aligning block size in skcipher_copy_iv() (bsc#1051510).
- crypto: skcipher - fix crash flushing dcache in error path (bsc#1051510).
- crypto: tcrypt - fix ghash-generic speed test (bsc#1051510).
- crypto: vmac - require a block cipher with 128-bit block size (bsc#1051510).
- crypto: vmac - separate tfm and request context (bsc#1051510).
- crypto: vmx - Fix sleep-in-atomic bugs (bsc#1051510).
- crypto: vmx - Use skcipher for ctr fallback to SLE12-SP4 (bsc#1106464).
- crypto: x86/sha256-mb - fix digest copy in sha256_mb_mgr_get_comp_job_avx2() (bsc#1051510).
- cxgb4: Fix the condition to check if the card is T5 (bsc#1097585 bsc#1097586 bsc#1097587 bsc#1097588 bsc#1097583 bsc#1097584).
- cxgb4: fix abort_req_rss6 struct (bsc#1046540).
- cxgb4: when disabling dcb set txq dcb priority to 0 (bsc#1046540 ).
- cxl: Configure PSL to not use APC virtual machines (bsc#1055014, git-fixes).
- cxl: Fix wrong comparison in cxl_adapter_context_get() (bsc#1055014, git-fixes).
- dax: Fix deadlock in dax_lock_mapping_entry() (bsc#1109951).
- dax: Introduce a ->copy_to_iter dax operation (bsc#1098782).
- dax: Make extension of dax_operations transparent (bsc#1098782).
- dax: Report bytes remaining in dax_iomap_actor() (bsc#1098782).
- dax: remove VM_MIXEDMAP for fsdax and device dax (bsc#1106007).
- dax: remove default copy_from_iter fallback (bsc#1098782).
- dax: require 'struct page' by default for filesystem dax (bsc#1104888).
- dax: store pfns in the radix (bsc#1104888).
- dccp: fix undefined behavior with 'cwnd' shift in ccid2_cwnd_restart() (netfilter-stable-18_08_17).
- debugobjects: Make stack check warning more informative (bsc#1051510).
- declance: Fix continuation with the adapter identification message (bsc#1051510).
- device-dax: Add missing address_space_operations (bsc#1107783).
- device-dax: Enable page_mapping() (bsc#1107783).
- device-dax: Set page->index (bsc#1107783).
- devicectree: bindings: fix location of leds common file (bsc#1051510).
- dma-buf: remove redundant initialization of sg_table (bsc#1051510).
- dmaengine: hsu: Support dmaengine_terminate_sync() (bsc#1051510).
- dmaengine: idma64: Support dmaengine_terminate_sync() (bsc#1051510).
- dmaengine: mv_xor_v2: kill the tasklets upon exit (bsc#1051510).
- dmaengine: pl330: fix irq race with terminate_all (bsc#1051510).
- do d_instantiate/unlock_new_inode combinations safely (git-fixes).
- doc/README.SUSE: Remove mentions of cloneconfig (bsc#1103636).
- driver core: add __printf verification to __ata_ehi_pushv_desc (bsc#1051510).
- drivers/base: stop new probing during shutdown (bsc#1051510).
- drivers/tty: add error handling for pcmcia_loop_config (bsc#1051510).
- drm/amd/pp/Polaris12: Fix a chunk of registers missed to program (bsc#1051510).
- drm/amdgpu/powerplay: fix missing break in switch statements (bsc#1113722)
- drm/amdgpu: Enable/disable gfx PG feature in rlc safe mode (bsc#1051510).
- drm/amdgpu: Fix RLC safe mode test in gfx_v9_0_enter_rlc_safe_mode (bsc#1051510).
- drm/amdgpu: Fix SDMA HQD destroy error on gfx_v7 (bsc#1051510).
- drm/amdgpu: Fix vce work queue was not cancelled when suspend (bsc#1106110)
- drm/amdgpu: Pulling old prepare and submit for flip back (bsc#1051510).
- drm/amdgpu: Update power state at the end of smu hw_init (bsc#1051510).
- drm/amdgpu: add another ATPX quirk for TOPAZ (bsc#1051510).
- drm/amdgpu: add new polaris pci id (bsc#1051510).
- drm/amdgpu: fix error handling in amdgpu_cs_user_fence_chunk (bsc#1106110)
- drm/amdgpu: fix swapped emit_ib_size in vce3 (bsc#1051510).
- drm/amdgpu: revert 'fix deadlock of reservation between cs and gpu reset v2' (bsc#1051510).
- drm/amdgpu: update tmr mc address (bsc#1100132).
- drm/amdgpu:add new firmware id for VCN (bsc#1051510).
- drm/amdgpu:add tmr mc address into amdgpu_firmware_info (bsc#1051510).
- drm/amdkfd: Fix error codes in kfd_get_process (bsc#1051510).
- drm/arm/malidp: Preserve LAYER_FORMAT contents when setting format (bsc#1051510).
- drm/armada: fix colorkey mode property (bsc#1051510).
- drm/armada: fix irq handling (bsc#1051510).
- drm/bridge/sii8620: Fix display of packed pixel modes (bsc#1051510).
- drm/bridge/sii8620: fix display of packed pixel modes in MHL2 (bsc#1051510).
- drm/bridge/sii8620: fix loops in EDID fetch logic (bsc#1051510).
- drm/bridge: adv7511: Reset registers on hotplug (bsc#1051510).
- drm/edid: Add 6 bpc quirk for SDC panel in Lenovo B50-80 (bsc#1051510).
- drm/edid: VSDB yCBCr420 Deep Color mode bit definitions (bsc#1051510).
- drm/exynos: decon5433: Fix WINCONx reset value (bsc#1051510).
- drm/exynos: decon5433: Fix per-plane global alpha for XRGB modes (bsc#1051510).
- drm/exynos: gsc: Fix support for NV16/61, YUV420/YVU420 and YUV422 modes (bsc#1051510).
- drm/fb-helper: Fix typo on kerneldoc (bsc#1051510).
- drm/hisilicon: hibmc: Do not carry error code in HiBMC framebuffer (bsc#1113722)
- drm/hisilicon: hibmc: Do not overwrite fb helper surface depth (bsc#1113722)
- drm/i915/aml: Introducing Amber Lake platform ().
- drm/i915/audio: Fix audio enumeration issue on BXT ().
- drm/i915/audio: Hook up component bindings even if displays are (bsc#1113722)
- drm/i915/cfl: Add a new CFL PCI ID ().
- drm/i915/dp: Link train Fallback on eDP only if fallback link BW can fit panel's native mode (bsc#1051510).
- drm/i915/gen9+: Fix initial readout for Y tiled framebuffers (bsc#1113722)
- drm/i915/glk: Add Quirk for GLK NUC HDMI port issues (bsc#1051510).
- drm/i915/gvt: Fix the incorrect length of child_device_config issue (bsc#1051510).
- drm/i915/gvt: Off by one in intel_vgpu_write_fence() (bsc#1051510).
- drm/i915/gvt: clear ggtt entries when destroy vgpu (bsc#1051510).
- drm/i915/gvt: request srcu_read_lock before checking if one gfn is valid (bsc#1051510).
- drm/i915/kvmgt: Fix potential Spectre v1 (bsc#1051510).
- drm/i915/lpe: Mark LPE audio runtime pm as 'no callbacks' (bsc#1051510).
- drm/i915/overlay: Allocate physical registers from stolen (bsc#1051510).
- drm/i915/whl: Introducing Whiskey Lake platform ().
- drm/i915: Handle incomplete Z_FINISH for compressed error states (bsc#1100132)
- drm/i915: Increase LSPCON timeout (bsc#1051510).
- drm/i915: Nuke the LVDS lid notifier (bsc#1051510).
- drm/i915: Only show debug for state changes when banning (bsc#1051510).
- drm/i915: Restore user forcewake domains across suspend (bsc#1100132).
- drm/i915: Restore vblank interrupts earlier (bsc#1051510).
- drm/i915: Unmask user interrupts writes into HWSP on snb/ivb/vlv/hsw (bsc#1051510).
- drm/i915: set DP Main Stream Attribute for color range on DDI platforms (bsc#1051510).
- drm/imx: imx-ldb: check if channel is enabled before printing warning (bsc#1051510).
- drm/imx: imx-ldb: disable LDB on driver bind (bsc#1051510).
- drm/mediatek: fix OF sibling-node lookup (bsc#1106110)
- drm/modes: Introduce drm_mode_match() ().
- drm/msm: fix OF child-node lookup (bsc#1106110)
- drm/nouveau/TBDdevinit: do not fail when PMU/PRE_OS is missing from VBIOS (bsc#1051510).
- drm/nouveau/debugfs: Wake up GPU before doing any reclocking (bsc#1051510).
- drm/nouveau/disp: fix DP disable race (bsc#1051510).
- drm/nouveau/drm/nouveau: Do not forget to cancel hpd_work on suspend/unload (bsc#1051510).
- drm/nouveau/drm/nouveau: Fix bogus drm_kms_helper_poll_enable() placement (bsc#1051510).
- drm/nouveau/drm/nouveau: Prevent handling ACPI HPD events too early (bsc#1051510).
- drm/nouveau/drm/nouveau: Use pm_runtime_get_noresume() in connector_detect() (bsc#1051510).
- drm/nouveau: Do not disable polling in fallback mode (bsc#1103356).
- drm/nouveau: Fix deadlocks in nouveau_connector_detect() (bsc#1051510).
- drm/nouveau: Fix runtime PM leak in drm_open() (bsc#1051510).
- drm/nouveau: tegra: Detach from ARM DMA/IOMMU mapping (bsc#1051510).
- drm/panel: type promotion bug in s6e8aa0_read_mtp_id() (bsc#1051510).
- drm/rockchip: lvds: add missing of_node_put (bsc#1051510).
- drm/sti: do not remove the drm_bridge that was never added (bsc#1100132)
- drm/sun4i: Fix an ulong overflow in the dotclock driver (bsc#1106110)
- drm/sun4i: Fix releasing node when enumerating enpoints (bsc#1051510).
- drm/tegra: Check for malformed offsets and sizes in the 'submit' IOCTL (bsc#1106170).
- drm/tegra: Fix comparison operator for buffer size (bsc#1100132).
- drm/vc4: Fix the 'no scaling' case on multi-planar YUV formats (bsc#1051510).
- drm/virtio: fix bounds check in virtio_gpu_cmd_get_capset() (bsc#1113722)
- drm: Add DRM client cap for aspect-ratio ().
- drm: Add and handle new aspect ratios in DRM layer ().
- drm: Add aspect ratio parsing in DRM layer ().
- drm: Expose modes with aspect ratio, only if requested ().
- drm: Handle aspect ratio info in legacy modeset path ().
- drm: mali-dp: Call drm_crtc_vblank_reset on device init (bsc#1051510).
- drm: mali-dp: Enable Global SE interrupts mask for DP500 (bsc#1051510).
- drm: udl: Destroy framebuffer only if it was initialized (bsc#1051510).
- dwc2: gadget: Fix ISOC IN DDMA PID bitfield value calculation (bsc#1051510).
- e1000: check on netif_running() before calling e1000_up() (bsc#1051510).
- e1000: ensure to free old tx/rx rings in set_ringparam() (bsc#1051510).
- eeprom: at24: change nvmem stride to 1 (bsc#1051510).
- eeprom: at24: check at24_read/write arguments (bsc#1051510).
- eeprom: at24: correctly set the size for at24mac402 (bsc#1051510).
- efi: Avoid potential crashes, fix the 'struct efi_pci_io_protocol_32' definition for mixed mode (bsc#1110006).
- enable CONFIG_SCSI_MQ_DEFAULT (bsc#1107207)
- enable MLX5 in azure (bsc#1108260)
- enic: do not call enic_change_mtu in enic_probe (bsc#1051510).
- enic: handle mtu change for vf properly (bsc#1051510).
- enic: initialize enic->rfs_h.lock in enic_probe (bsc#1051510).
- errseq: Add to documentation tree (bsc#1107008).
- errseq: Always report a writeback error once (bsc#1107008).
- ethtool: Remove trailing semicolon for static inline (bsc#1051510).
- ethtool: fix a privilege escalation bug (bsc#1076830).
- evm: Do not deadlock if a crypto algorithm is unavailable (bsc#1051510).
- ext2, dax: introduce ext2_dax_aops (bsc#1104888).
- ext2, dax: set ext2_dax_aops for dax files (bsc#1112554).
- ext2: auto disable dax instead of failing mount (bsc#1104888).
- ext4, dax: add ext4_bmap to ext4_dax_aops (bsc#1104888).
- ext4, dax: introduce ext4_dax_aops (bsc#1104888).
- ext4, dax: set ext4_dax_aops for dax files (bsc#1104888).
- ext4: auto disable dax instead of failing mount (bsc#1104888).
- ext4: avoid arithemetic overflow that can trigger a BUG (bsc#1112736).
- ext4: avoid divide by zero fault when deleting corrupted inline directories (bsc#1112735).
- ext4: check for NUL characters in extended attribute's name (bsc#1112732).
- ext4: check to make sure the rename(2)'s destination is not freed (bsc#1112734).
- ext4: do not mark mmp buffer head dirty (bsc#1112743).
- ext4: fix online resize's handling of a too-small final block group (bsc#1112739).
- ext4: fix online resizing for bigalloc file systems with a 1k block size (bsc#1112740).
- ext4: fix spectre gadget in ext4_mb_regular_allocator() (bsc#1112733).
- ext4: recalucate superblock checksum after updating free blocks/inodes (bsc#1112738).
- ext4: reset error code in ext4_find_entry in fallback (bsc#1112731).
- ext4: show test_dummy_encryption mount option in /proc/mounts (bsc#1112741).
- ext4: sysfs: print ext4_super_block fields as little-endian (bsc#1106229).
- extcon: Release locking when sending the notification of connector state (bsc#1051510).
- f2fs: remove unneeded memory footprint accounting (bsc#1106233).
- f2fs: remove unneeded memory footprint accounting (bsc#1106297).
- f2fs: validate before set/clear free nat bitmap (bsc#1106231).
- f2fs: validate before set/clear free nat bitmap (bsc#1106297).
- fat: fix memory allocation failure handling of match_strdup() (bsc#1051510).
- fb: fix lost console when the user unplugs a USB adapter (bsc#1051510).
- fbdev/omapfb: fix omapfb_memory_read infoleak (bsc#1051510).
- fbdev/via: fix defined but not used warning (bsc#1051510).
- fbdev: Distinguish between interlaced and progressive modes (bsc#1051510).
- fbdev: omapfb: off by one in omapfb_register_client() (bsc#1051510).
- filesystem-dax: Introduce dax_lock_mapping_entry() (bsc#1107783).
- filesystem-dax: Set page->index (bsc#1107783).
- firmware, DMI: Add function to look up a handle and return DIMM size (bsc#1099125).
- firmware: raspberrypi: Register hwmon driver (bsc#1108468).
- fix __legitimize_mnt()/mntput() race (bsc#1106297).
- fix a page leak in vhost_scsi_iov_to_sgl() error recovery (bsc#1051510).
- fix mntput/mntput race (bsc#1106297).
- floppy: Do not copy a kernel pointer to user memory in FDGETPRM ioctl (bsc#1051510).
- fs, dax: prepare for dax-specific address_space_operations (bsc#1104888).
- fs, dax: use page->mapping to warn if truncate collides with a busy page (bsc#1104888).
- fs/9p/xattr.c: catch the error of p9_client_clunk when setting xattr failed (bsc#1051510).
- fs/dcache.c: fix kmemcheck splat at take_dentry_name_snapshot() (git-fixes).
- fs/proc/proc_sysctl.c: fix potential page fault while unregistering sysctl table (bsc#1106297).
- fs/quota: Fix spectre gadget in do_quotactl (bsc#1112745).
- fs: dcache: Avoid livelock between d_alloc_parallel and __d_add (git-fixes).
- fs: dcache: Use READ_ONCE when accessing i_dir_seq (git-fixes).
- fuse: Add missed unlock_page() to fuse_readpages_fill() (bsc#1106291).
- fuse: Do not access pipe->buffers without pipe_lock() (bsc#1051510).
- fuse: Fix oops at process_init_reply() (bsc#1106291).
- fuse: fix double request_end() (bsc#1106291).
- fuse: fix initial parallel dirops (bsc#1106291).
- fuse: fix unlocked access to processing queue (bsc#1106291).
- fuse: umount should wait for all requests (bsc#1106291).
- gen_stats: Fix netlink stats dumping in the presence of padding (netfilter-stable-18_07_23).
- genirq: Add handle_fasteoi_{level,edge}_irq flow handlers (bsc#1105378).
- genirq: Export more irq_chip_*_parent() functions (bsc#1105378).
- getname_kernel() needs to make sure that ->name != ->iname in long case (git-fixes).
- getxattr: use correct xattr length (bsc#1106235).
- getxattr: use correct xattr length (bsc#1106297).
- gpio: Add gpio driver support for ThunderX and OCTEON-TX (bsc#1105378).
- gpio: Fix crash due to registration race (bsc#1051510).
- gpio: Fix wrong rounding in gpio-menz127 (bsc#1051510).
- gpio: adp5588: Fix sleep-in-atomic-context bug (bsc#1051510).
- gpio: mb86s70: Revert 'Return error if requesting an already assigned gpio' (bsc#1051510).
- gpio: ml-ioh: Fix buffer underwrite on probe error path (bsc#1051510).
- gpio: pxa: Fix potential NULL dereference (bsc#1051510).
- gpio: tegra: Move driver registration to subsys_init level (bsc#1051510).
- gpio: thunderx: fix error return code in thunderx_gpio_probe() (bsc#1105378).
- gpio: thunderx: remove unused .map() hook from irq_domain_ops (bsc#1105378).
- gpiolib-acpi: Register GpioInt ACPI event handlers from a late_initcall (bsc#1051510).
- gpiolib-acpi: make sure we trigger edge events at least once on boot (bsc#1051510).
- gpiolib: Free the last requested descriptor (bsc#1051510).
- gpiolib: Mark gpio_suffixes array with __maybe_unused (bsc#1051510).
- gpiolib: acpi: Switch to cansleep version of GPIO library call (bsc#1051510).
- gpu: host1x: Check whether size of unpin isn't 0 (bsc#1051510).
- gpu: ipu-v3: csi: pass back mbus_code_to_bus_cfg error codes (bsc#1051510).
- gpu: ipu-v3: default to id 0 on missing OF alias (bsc#1051510).
- hfs: prevent crash on exit from failed search (bsc#1051510).
- hfsplus: do not return 0 when fill_super() failed (bsc#1051510).
- hfsplus: stop workqueue when fill_super() failed (bsc#1051510).
- hotplug/cpu: Add operation queuing function ().
- hotplug/cpu: Conditionally acquire/release DRC index ().
- hotplug/cpu: Provide CPU readd operation ().
- hv: Synthetic typo correction (bsc#1107207).
- hv: add SPDX license id to Kconfig (bsc#1107207).
- hv: add SPDX license to trace (bsc#1107207).
- hv: avoid crash in vmbus sysfs files (bsc#1108377).
- hv_balloon: trace post_status (bsc#1107207).
- hv_netvsc: Add NetVSP v6 and v6.1 into version negotiation (bsc#1107207).
- hv_netvsc: Add handlers for ethtool get/set msg level (bsc#1107207).
- hv_netvsc: Add per-cpu ethtool stats for netvsc (bsc#1107207).
- hv_netvsc: Add range checking for rx packet offset and length (bsc#1107207).
- hv_netvsc: Clean up extra parameter from rndis_filter_receive_data() (bsc#1107207).
- hv_netvsc: Fix a deadlock by getting rtnl lock earlier in netvsc_probe() (bsc#1107207).
- hv_netvsc: Fix the return status in RX path (bsc#1107207).
- hv_netvsc: Fix the variable sizes in ipsecv2 and rsc offload (bsc#1107207).
- hv_netvsc: Pass net_device parameter to revoke and teardown functions (bsc#1107207).
- hv_netvsc: add trace points (bsc#1107207).
- hv_netvsc: fix bogus ifalias on network device (bsc#1107207).
- hv_netvsc: fix network namespace issues with VF support (bsc#1107207).
- hv_netvsc: fix schedule in RCU context ().
- hv_netvsc: fix schedule in RCU context (bsc#1107207).
- hv_netvsc: fix vf serial matching with pci slot info (bsc#1107207).
- hv_netvsc: ignore devices that are not PCI (bsc#1107207).
- hv_netvsc: move VF to same namespace as netvsc device (bsc#1107207).
- hv_netvsc: pair VF based on serial number (bsc#1107207).
- hv_netvsc: pass netvsc_device to rndis halt (bsc#1107207).
- hv_netvsc: propogate Hyper-V friendly name into interface alias (bsc#1107207).
- hv_netvsc: select needed ucs2_string routine (bsc#1107207).
- hv_netvsc: simplify receive side calling arguments (bsc#1107207).
- hv_netvsc: typo in NDIS RSS parameters structure (bsc#1107207).
- hv_vmbus: Correct the stale comments regarding cpu affinity (bsc#1107207).
- hwmon: (adt7475) Make adt7475_read_word() return errors (bsc#1051510).
- hwmon: (ina2xx) fix sysfs shunt resistor read access (bsc#1051510).
- hwmon: (nct6775) Set weight source to zero correctly (bsc#1051510).
- hwmon: Add support for RPi voltage sensor (bsc#1108468).
- hwmon: rpi: add module alias to raspberrypi-hwmon (bsc#1108468).
- hwrng: core - document the quality field (bsc#1051510).
- hyper-v: use GFP_KERNEL for hv_context.hv_numa_map (bsc#1107207).
- hypfs_kill_super(): deal with failed allocations (bsc#1051510).
- i2c: core: ACPI: Properly set status byte to 0 for multi-byte writes (bsc#1051510).
- i2c: davinci: Avoid zero value of CLKH (bsc#1051510).
- i2c: i2c-scmi: fix for i2c_smbus_write_block_data (bsc#1051510).
- i2c: i801: Add missing documentation entries for Braswell and Kaby Lake (bsc#1051510).
- i2c: i801: Add support for Intel Cedar Fork (bsc#1051510).
- i2c: i801: Add support for Intel Ice Lake (bsc#1051510).
- i2c: i801: Allow ACPI AML access I/O ports not reserved for SMBus (bsc#1051510).
- i2c: i801: Consolidate chipset names in documentation and Kconfig (bsc#1051510).
- i2c: i801: fix DNV's SMBCTRL register offset (bsc#1051510).
- i2c: imx: Fix race condition in dma read (bsc#1051510).
- i2c: rcar: cleanup DMA for all kinds of failure (bsc#1051510).
- i2c: uniphier-f: issue STOP only for last message or I2C_M_STOP (bsc#1051510).
- i2c: uniphier: issue STOP only for last message or I2C_M_STOP (bsc#1051510).
- i2c: xiic: Make the start and the byte count write atomic (bsc#1051510).
- i2c: xlp9xx: Fix case where SSIF read transaction completes early (bsc#1105907).
- i2c: xlp9xx: Fix issue seen when updating receive length (bsc#1105907).
- i2c: xlp9xx: Make sure the transfer size is not more than I2C_SMBUS_BLOCK_SIZE (bsc#1105907).
- i40e: fix condition of WARN_ONCE for stat strings (bsc#1107522).
- ib_srpt: Fix a use-after-free in srpt_close_ch() (bsc#1046306 ).
- ibmvnic: Include missing return code checks in reset function (bsc#1107966).
- ieee802154: ca8210: fix uninitialised data read (bsc#1051510).
- ieee802154: fix gcc-4.9 warnings (bsc#1051510).
- ieee802154: mrf24j40: fix incorrect mask in mrf24j40_stop (bsc#1051510).
- iio: 104-quad-8: Fix off-by-one error in register selection (bsc#1051510).
- iio: ad9523: Fix displayed phase (bsc#1051510).
- iio: ad9523: Fix return value for ad952x_store() (bsc#1051510).
- iio: adc: at91: fix acking DRDY irq on simple conversions (bsc#1051510).
- iio: adc: at91: fix wrong channel number in triggered buffer mode (bsc#1051510).
- iio: adc: imx25-gcq: Fix leak of device_node in mx25_gcq_setup_cfgs() (bsc#1051510).
- iio: adc: ina2xx: avoid kthread_stop() with stale task_struct (bsc#1051510).
- iio: adc: sun4i-gpadc: select REGMAP_IRQ (bsc#1051510).
- iio: sca3000: Fix an error handling path in 'sca3000_probe()' (bsc#1051510).
- iio: sca3000: Fix missing return in switch (bsc#1051510).
- ima: based on policy verify firmware signatures (pre-allocated buffer) (bsc#1051510).
- include/rdma/opa_addr.h: Fix an endianness issue (bsc#1046306 ).
- input: rohm_bu21023: switch to i2c_lock_bus(..., I2C_LOCK_SEGMENT) (bsc#1051510).
- intel_th: Fix device removal logic (bsc#1051510).
- intel_th: pci: Add Ice Lake PCH support (bsc#1051510).
- iommu/amd: Add support for IOMMU XT mode ().
- iommu/amd: Add support for higher 64-bit IOMMU Control Register ().
- iommu/amd: Clear memory encryption mask from physical address (bsc#1106105).
- iommu/amd: Finish TLB flush in amd_iommu_unmap() (bsc#1106105).
- iommu/amd: Return devid as alias for ACPI HID devices (bsc#1106105).
- iommu/amd: make sure TLB to be flushed before IOVA freed (bsc#1106105).
- iommu/arm-smmu-v3: Do not free page table ops twice (bsc#1106237).
- iommu/arm-smmu: Error out only if not enough context interrupts (bsc#1106237).
- iommu/vt-d: Add definitions for PFSID (bsc#1106237).
- iommu/vt-d: Fix a potential memory leak (bsc#1106105).
- iommu/vt-d: Fix dev iotlb pfsid use (bsc#1106237).
- iommu/vt-d: Fix scatterlist offset handling (bsc#1106237).
- iommu/vt-d: Ratelimit each dmar fault printing (bsc#1106105).
- ioremap: Update pgtable free interfaces with addr (bsc#1110006).
- ip: hash fragments consistently (netfilter-stable-18_07_27).
- ip: in cmsg IP(V6)_ORIGDSTADDR call pskb_may_pull (netfilter-stable-18_07_27).
- ipc/shm: fix shmat() nil address after round-down when remapping (bsc#1090078).
- ipmi/powernv: Fix error return code in ipmi_powernv_probe() (git-fixes).
- ipmi: Fix some counter issues (bsc#1105907).
- ipmi: Move BT capabilities detection to the detect call (bsc#1106779).
- ipmi: Remove ACPI SPMI probing from the SSIF (I2C) driver (bsc#1105907).
- ipmi:bt: Set the timeout before doing a capabilities check (bsc#1051510).
- ipmi:ssif: Add support for multi-part transmit messages > 2 parts (bsc#1103308).
- ipv4: Return EINVAL when ping_group_range sysctl does not map to user ns (netfilter-stable-18_07_23).
- ipv4: fix use-after-free in ip_cmsg_recv_dstaddr() (git-fixes).
- ipv4: remove BUG_ON() from fib_compute_spec_dst (netfilter-stable-18_08_01).
- ipv6: fix useless rol32 call on hash (netfilter-stable-18_07_23).
- ipv6: ila: select CONFIG_DST_CACHE (netfilter-stable-18_07_23).
- ipv6: make DAD fail with enhanced DAD when nonce length differs (netfilter-stable-18_07_23).
- ipv6: sr: fix passing wrong flags to crypto_alloc_shash() (networking-stable-18_07_19).
- ipvlan: fix IFLA_MTU ignored on NEWLINK (networking-stable-18_07_19).
- irq/core: Fix boot crash when the irqaffinity= boot parameter is passed on CPUMASK_OFFSTACK=y kernels(v1) (bsc#1051510).
- irqchip/bcm7038-l1: Hide cpu offline callback when building for !SMP (bsc#1051510).
- irqdomain: Add irq_domain_{push,pop}_irq() functions (bsc#1105378).
- irqdomain: Check for NULL function pointer in irq_domain_free_irqs_hierarchy() (bsc#1105378).
- irqdomain: Factor out code to add and remove items to and from the revmap (bsc#1105378).
- irqdomain: Prevent potential NULL pointer dereference in irq_domain_push_irq() (bsc#1105378).
- irqdomain: Update the comments of fwnode field of irq_domain structure (bsc#1051510).
- isdn: Disable IIOCDBGVAR (bsc#1051510).
- iw_cxgb4: remove duplicate memcpy() in c4iw_create_listen() (bsc#1046543).
- iwlwifi: dbg: do not crash if the firmware crashes in the middle of a debug dump (bsc#1051510).
- iwlwifi: mvm: Allow TKIP for AP mode (bsc#1051510).
- iwlwifi: mvm: check for n_profiles validity in EWRD ACPI (bsc#1051510).
- iwlwifi: mvm: clear HW_RESTART_REQUESTED when stopping the interface (bsc#1051510).
- iwlwifi: mvm: open BA session only when sta is authorized (bsc#1051510).
- iwlwifi: mvm: send BCAST management frames to the right station (bsc#1051510).
- iwlwifi: pcie gen2: check iwl_pcie_gen2_set_tb() return value (bsc#1051510).
- iwlwifi: pcie: do not access periphery registers when not available (bsc#1051510).
- iwlwifi: pcie: gen2: build A-MSDU only for GSO (bsc#1051510).
- ixgbe: Refactor queue disable logic to take completion time into account (bsc#1101557).
- ixgbe: Reorder Tx/Rx shutdown to reduce time needed to stop device (bsc#1101557).
- jbd2: fix use after free in jbd2_log_do_checkpoint() (bsc#1113257).
- kABI: Hide get_msr_feature() in kvm_x86_ops (bsc#1106240).
- kABI: protect eswitch.h include (kabi).
- kABI: protect struct nf_conn (kabi).
- kABI: protect struct vsock_sock (kabi).
- kABI: reexport tcp_send_ack (kabi).
- kABI: reexport vsock_pending_work (kabi).
- kabi fix for check_disk_size_change() (bsc#1098459).
- kabi protect enum mem_type (bsc#1099125).
- kabi protect hnae_ae_ops (bsc#1107924).
- kabi protect struct kvm_sync_regs (bsc#1106948).
- kabi/severities: Whitelist libceph, rbd, and ceph (bsc#1096748).
- kabi/severities: add qeth inter-module symbols to ignore list.
- kabi/severities: ignore __xive_vm_h_* KVM internal symbols.
- kabi/severities: ignore ppc64 realmode helpers. KVM fixes remove exports of realmode_pfn_to_page iommu_tce_xchg_rm mm_iommu_lookup_rm mm_iommu_ua_to_hpa_rm. Some are no longer used and others are no longer exported because the code was consolideted in one place. These helpers are to be called in realmode and linking to them from non-KVM modules is a bug. Hence removing them does not break KABI.
- kabi: move s390 mm_context_t lock to mm_struct and ignore the change (bsc#1103421).
- kabi: x86/speculation/l1tf: Increase l1tf memory limit for Nehalem+ (bsc#1105536).
- kernfs: update comment about kernfs_path() return value (bsc#1051510).
- kprobes/x86: Disable preemption in ftrace-based jprobes (bsc#1110006).
- kprobes/x86: Fix %p uses in error messages (bsc#1110006).
- kprobes/x86: Prohibit probing on exception masking instructions (bsc#1110006).
- kprobes/x86: Release insn_slot in failure path (bsc#1110006).
- ksm: fix unlocked iteration over vmas in cmp_and_merge_page() (VM Functionality bsc#1111806).
- kvm, mm: account shadow page tables to kmemcg (bsc#1110006).
- kvm/x86: kABI fix for vm_alloc/vm_free changes (bsc#1111506).
- kvm: Make VM ioctl do valloc for some archs (bsc#1111506).
- kvm: arm64: Convert kvm_set_s2pte_readonly() from inline asm to cmpxchg() (bsc#1108010).
- kvm: nVMX: Fix fault vector for VMX operation at CPL > 0 (bsc#1106105).
- kvm: nVMX: Use nested_run_pending rather than from_vmentry (bsc#1106240).
- kvm: x86: Set highest physical address bits in non-present/reserved SPTEs (bsc#1106240).
- kvm: x86: factor out kvm.arch.hyperv (de)init (bsc#1107207).
- kvm: x86: fix KVM_XEN_HVM_CONFIG ioctl (bsc#1110006).
- kvm: x86: hyperv: delete dead code in kvm_hv_hypercall() (bsc#1107207).
- kvm: x86: hyperv: guest->host event signaling via eventfd (bsc#1107207).
- kvm: x86: vmx: fix vpid leak (bsc#1106240).
- kvmclock: fix TSC calibration for nested guests (bsc#1110006).
- l2tp: use sk_dst_check() to avoid race on sk->sk_dst_cache (netfilter-stable-18_08_17).
- lan78xx: Check for supported Wake-on-LAN modes (bsc#1051510).
- lan78xx: Lan7801 Support for Fixed PHY (bsc#1085262).
- lan78xx: Set ASD in MAC_CR when EEE is enabled (bsc#1085262).
- lan78xx: remove redundant initialization of pointer 'phydev' (bsc#1085262).
- leds: max8997: use mode when calling max8997_led_set_mode (bsc#1051510).
- lib/bug.c: exclude non-BUG/WARN exceptions from report_bug() (bsc#1110006).
- lib/iov_iter: Fix pipe handling in _copy_to_iter_mcsafe() (bsc#1098782).
- lib/rhashtable: consider param->min_size when setting initial table size (bsc#1051510).
- lib/test_hexdump.c: fix failure on big endian cpu (bsc#1051510).
- lib/ubsan.c: s/missaligned/misaligned/ (bsc#1051510).
- lib/ubsan: add type mismatch handler for new GCC/Clang (bsc#1051510).
- lib/vsprintf: Remove atomic-unsafe support for %pCr (bsc#1051510).
- libahci: Fix possible Spectre-v1 pmp indexing in ahci_led_store() (bsc#1051510).
- libata: Fix command retry decision (bsc#1051510).
- libata: Fix compile warning with ATA_DEBUG enabled (bsc#1051510).
- libbpf: Makefile set specified permission mode (bsc#1083647).
- libceph: check authorizer reply/challenge length before reading (bsc#1096748).
- libceph: factor out __ceph_x_decrypt() (bsc#1096748).
- libceph: factor out __prepare_write_connect() (bsc#1096748).
- libceph: factor out encrypt_authorizer() (bsc#1096748).
- libceph: store ceph_auth_handshake pointer in ceph_connection (bsc#1096748).
- libceph: weaken sizeof check in ceph_x_verify_authorizer_reply() (bsc#1096748).
- libertas: call into generic suspend code before turning off power (bsc#1051510).
- libertas: fix suspend and resume for SDIO connected cards (bsc#1051510).
- libnvdimm, btt: fix uninitialized err_lock (bsc#1103961).
- libnvdimm, dimm: Maximize label transfer size (bsc#1111921, bsc#1113408, bsc#1113972).
- libnvdimm, label: Fix sparse warning (bsc#1111921, bsc#1113408, bsc#1113972).
- libnvdimm, label: change nvdimm_num_label_slots per UEFI 2.7 (bsc#1111921, bsc#1113408, bsc#1113972).
- libnvdimm, nfit: enable support for volatile ranges (bsc#1103961).
- libnvdimm, nfit: move the check on nd_reserved2 to the endpoint (bsc#1103961).
- libnvdimm, pmem: Fix memcpy_mcsafe() return code handling in nsio_rw_bytes() (bsc#1098782).
- libnvdimm, pmem: Restore page attributes when clearing errors (bsc#1107783).
- libnvdimm: Use max contiguous area for namespace size (git-fixes).
- libnvdimm: fix ars_status output length calculation (bsc#1104890).
- libnvdimm: rename nd_sector_size_{show,store} to nd_size_select_{show,store} (bsc#1103961).
- liquidio: fix hang when re-binding VF host drv after running DPDK VF driver (bsc#1067126).
- liquidio: fix kernel panic in VF driver (bsc#1067126).
- livepatch: Remove reliable stacktrace check in klp_try_switch_task() (bsc#1071995).
- livepatch: Validate module/old func name length (bsc#1071995).
- livepatch: create and include UAPI headers ().
- llc: use refcount_inc_not_zero() for llc_sap_find() (netfilter-stable-18_08_17).
- lockd: fix 'list_add double add' caused by legacy signal interface (git-fixes).
- loop: add recursion validation to LOOP_CHANGE_FD (bsc#1112711).
- loop: do not call into filesystem while holding lo_ctl_mutex (bsc#1112710).
- loop: fix LOOP_GET_STATUS lock imbalance (bsc#1113284).
- mac80211: Fix station bandwidth setting after channel switch (bsc#1051510).
- mac80211: Run TXQ teardown code before de-registering interfaces (bsc#1051510).
- mac80211: add stations tied to AP_VLANs during hw reconfig (bsc#1051510).
- mac80211: always account for A-MSDU header changes (bsc#1051510).
- mac80211: avoid kernel panic when building AMSDU from non-linear SKB (bsc#1051510).
- mac80211: correct use of IEEE80211_VHT_CAP_RXSTBC_X (bsc#1051510).
- mac80211: do not Tx a deauth frame if the AP forbade Tx (bsc#1051510).
- mac80211: do not convert to A-MSDU if frag/subframe limited (bsc#1051510).
- mac80211: fix a race between restart and CSA flows (bsc#1051510).
- mac80211: fix an off-by-one issue in A-MSDU max_subframe computation (bsc#1051510).
- mac80211: fix pending queue hang due to TX_DROP (bsc#1051510).
- mac80211: fix setting IEEE80211_KEY_FLAG_RX_MGMT for AP mode keys (bsc#1051510).
- mac80211: mesh: fix HWMP sequence numbering to follow standard (bsc#1051510).
- mac80211: minstrel: fix using short preamble CCK rates on HT clients (bsc#1051510).
- mac80211: restrict delayed tailroom needed decrement (bsc#1051510).
- mac80211: shorten the IBSS debug messages (bsc#1051510).
- mac80211_hwsim: correct use of IEEE80211_VHT_CAP_RXSTBC_X (bsc#1051510).
- mac80211_hwsim: require at least one channel (bsc#1051510).
- mach64: detect the dot clock divider correctly on sparc (bsc#1051510).
- macros.kernel-source: pass -b properly in kernel module package (bsc#1107870).
- mailbox: xgene-slimpro: Fix potential NULL pointer dereference (bsc#1051510).
- make sure that __dentry_kill() always invalidates d_seq, unhashed or not (git-fixes).
- md-cluster: clear another node's suspend_area after the copy is finished (bsc#1106333).
- md-cluster: do not send msg if array is closing (bsc#1106333).
- md-cluster: release RESYNC lock after the last resync message (bsc#1106688).
- md-cluster: show array's status more accurate (bsc#1106333).
- md/raid10: fix that replacement cannot complete recovery after reassemble (git-fixes).
- md/raid1: add error handling of read error from FailFast device (git-fixes).
- md/raid5-cache: disable reshape completely (git-fixes).
- md/raid5: fix data corruption of replacements after originals dropped (git-fixes).
- md: fix NULL dereference of mddev->pers in remove_and_add_spares() (git-fixes).
- media: Revert '[media] tvp5150: fix pad format frame height' (bsc#1051510).
- media: af9035: prevent buffer overflow on write (bsc#1051510).
- media: cx231xx: fix potential sign-extension overflow on large shift (bsc#1051510).
- media: davinci: vpif_display: Mix memory leak on probe error path (bsc#1051510).
- media: dvb: fix compat ioctl translation (bsc#1051510).
- media: em28xx: fix input name for Terratec AV 350 (bsc#1051510).
- media: em28xx: use a default format if TRY_FMT fails (bsc#1051510).
- media: exynos4-is: Prevent NULL pointer dereference in __isp_video_try_fmt() (bsc#1051510).
- media: fsl-viu: fix error handling in viu_of_probe() (bsc#1051510).
- media: helene: fix xtal frequency setting at power on (bsc#1051510).
- media: mem2mem: Remove excessive try_run call (bsc#1051510).
- media: omap3isp: zero-initialize the isp cam_xclk{a,b} initial data (bsc#1051510).
- media: pci: cx23885: handle adding to list failure (bsc#1051510).
- media: rtl28xxu: be sure that it won't go past the array size (bsc#1051510).
- media: s3c-camif: ignore -ENOIOCTLCMD from v4l2_subdev_call for s_power (bsc#1051510).
- media: s5p-mfc: Fix buffer look up in s5p_mfc_handle_frame_{new, copy_time} functions (bsc#1051510).
- media: soc_camera: ov772x: correct setting of banding filter (bsc#1051510).
- media: tm6000: add error handling for dvb_register_adapter (bsc#1051510).
- media: tvp5150: avoid going past array on v4l2_querymenu() (bsc#1051510).
- media: tvp5150: fix switch exit in set control handler (bsc#1051510).
- media: tvp5150: fix width alignment during set_selection() (bsc#1051510).
- media: tw686x: Fix oops on buffer alloc failure (bsc#1051510).
- media: uvcvideo: Fix uvc_alloc_entity() allocation alignment (bsc#1051510).
- media: v4l2-mem2mem: Fix missing v4l2_m2m_try_run call (bsc#1051510).
- media: v4l2-tpg: fix kernel oops when enabling HFLIP and OSD (bsc#1051510).
- media: videobuf-dma-sg: Fix dma_{sync,unmap}_sg() calls (bsc#1051510).
- media: videobuf2-core: check for q->error in vb2_core_qbuf() (bsc#1051510).
- media: vsp1: Fix YCbCr planar formats pitch calculation (bsc#1051510).
- mei: bus: type promotion bug in mei_nfc_if_version() (bsc#1051510).
- mei: do not update offset in write (bsc#1051510).
- mei: ignore not found client in the enumeration (bsc#1051510).
- mei: me: enable asynchronous probing ().
- memcg, thp: do not invoke oom killer on thp charges (bsc#1089663).
- memory: tegra: Apply interrupts mask per SoC (bsc#1051510).
- memory: tegra: Do not handle spurious interrupts (bsc#1051510).
- merge hyperv part of f5caf621
- mfd: 88pm860x-i2c: switch to i2c_lock_bus(..., I2C_LOCK_SEGMENT) (bsc#1051510).
- mfd: arizona: Correct calling of runtime_put_sync (bsc#1051510).
- mfd: arizona: Do not use regmap_read_poll_timeout (bsc#1051510).
- mfd: intel-lpss: Add Ice Lake PCI IDs (bsc#1051510).
- mfd: lpc_ich: Do not touch SPI-NOR write protection bit on Apollo Lake (bsc#1051510).
- mfd: sm501: Set coherent_dma_mask when creating subdevices (bsc#1051510).
- mfd: ti_am335x_tscadc: Fix struct clk memory leak (bsc#1051510).
- mlxsw: core_acl_flex_actions: Return error for conflicting actions (netfilter-stable-18_08_17).
- mm, dax: introduce pfn_t_special() (bsc#1104888).
- mm, madvise_inject_error: Disable MADV_SOFT_OFFLINE for ZONE_DEVICE pages (bsc#1107783).
- mm, madvise_inject_error: Let memory_failure() optionally take a page reference (bsc#1107783).
- mm, memory_failure: Collect mapping size in collect_procs() (bsc#1107783).
- mm, memory_failure: Teach memory_failure() about dev_pagemap pages (bsc#1107783).
- mm, numa: Migrate pages to local nodes quicker early in the lifetime of a task (bsc#1101669 optimise numa balancing for fast migrate).
- mm, numa: Remove rate-limiting of automatic numa balancing migration (bsc#1101669 optimise numa balancing for fast migrate).
- mm, numa: Remove rate-limiting of automatic numa balancing migration kabi (bsc#1101669 optimise numa balancing for fast migrate).
- mm, page_alloc: double zone's batchsize (bsc#971975 VM performance -- page allocator).
- mm/huge_memory.c: fix data loss when splitting a file pmd (bsc#1107074).
- mm/hugetlb: filter out hugetlb pages if HUGEPAGE migration is not supported (bsc#1106697).
- mm/migrate: Use spin_trylock() while resetting rate limit ().
- mm/vmalloc: add interfaces to free unmapped page table (bsc#1110006).
- mm/vmscan: wake up flushers for legacy cgroups too (bsc#1107061).
- mm: /proc/pid/pagemap: hide swap entries from unprivileged users (Git-fixes bsc#1109907).
- mm: Preserve _PAGE_DEVMAP across mprotect() calls (bsc#1111028).
- mm: fix BUG_ON() in vmf_insert_pfn_pud() from VM_MIXEDMAP removal (bsc#1111841).
- mm: fix devmem_is_allowed() for sub-page System RAM intersections (bsc#1106800).
- mm: memcg: fix use after free in mem_cgroup_iter() (bsc#1107065).
- mmc: block: avoid multiblock reads for the last sector in SPI mode (bsc#1051510).
- mmc: omap_hsmmc: fix wakeirq handling on removal (bsc#1051510).
- mmc: sdhci-of-esdhc: set proper dma mask for ls104x chips (bsc#1051510).
- mmc: sdhci: do not try to use 3.3V signaling if not supported (bsc#1051510).
- mmc: tegra: prevent HS200 on Tegra 3 (bsc#1051510).
- modpost: ignore livepatch unresolved relocations ().
- module: exclude SHN_UNDEF symbols from kallsyms api (bsc#1071995).
- move a hyperv related patch to correct place in series.conf
- move changes without Git-commit out of sorted section
- mwifiex: handle race during mwifiex_usb_disconnect (bsc#1051510).
- net/9p/client.c: version pointer uninitialized (bsc#1051510).
- net/9p/trans_fd.c: fix race by holding the lock (bsc#1051510).
- net/9p/trans_fd.c: fix race-condition by flushing workqueue before the kfree() (bsc#1051510).
- net/9p: Switch to wait_event_killable() (bsc#1051510).
- net/9p: fix error path of p9_virtio_probe (bsc#1051510).
- net/ipv4: Set oif in fib_compute_spec_dst (netfilter-stable-18_07_23).
- net/mlx5: E-Switch, Avoid setup attempt if not being e-switch manager (networking-stable-18_07_19).
- net/mlx5e: Avoid dealing with vport representors if not being e-switch manager (networking-stable-18_07_19).
- net/packet: fix use-after-free (networking-stable-18_07_19).
- net: add support for Cavium PTP coprocessor (bsc#1110096).
- net: bcmgenet: Fix sparse warnings in bcmgenet_put_tx_csum() (bsc#1051510).
- net: bcmgenet: Fix unmapping of fragments in bcmgenet_xmit() (bsc#1051510).
- net: bcmgenet: correct bad merge (bsc#1051510).
- net: bcmgenet: enable loopback during UniMAC sw_reset (bsc#1051510).
- net: bcmgenet: prevent duplicate calls of bcmgenet_dma_teardown (bsc#1051510).
- net: cavium: fix NULL pointer dereference in cavium_ptp_put (bsc#1110096).
- net: cavium: use module_pci_driver to simplify the code (bsc#1110096).
- net: dccp: avoid crash in ccid3_hc_rx_send_feedback() (networking-stable-18_07_19).
- net: dccp: switch rx_tstamp_last_feedback to monotonic clock (networking-stable-18_07_19).
- net: diag: Do not double-free TCP_NEW_SYN_RECV sockets in tcp_abort (netfilter-stable-18_07_23).
- net: dsa: Do not suspend/resume closed slave_dev (netfilter-stable-18_08_04).
- net: ena: Eliminate duplicate barriers on weakly-ordered archs (bsc#1108093).
- net: ena: Fix use of uninitialized DMA address bits field (netfilter-stable-18_08_01).
- net: ena: fix device destruction to gracefully free resources (bsc#1108093).
- net: ena: fix driver when PAGE_SIZE == 64kB (bsc#1108093).
- net: ena: fix incorrect usage of memory barriers (bsc#1108093).
- net: ena: fix missing calls to READ_ONCE (bsc#1108093).
- net: ena: fix missing lock during device destruction (bsc#1108093).
- net: ena: fix potential double ena_destroy_device() (bsc#1108093).
- net: ena: fix surprise unplug NULL dereference kernel crash (bsc#1108093).
- net: ethernet: mvneta: Fix napi structure mixup on armada 3700 (networking-stable-18_08_21).
- net: fix amd-xgbe flow-control issue (netfilter-stable-18_08_01).
- net: fix use-after-free in GRO with ESP (networking-stable-18_07_19).
- net: hns3: Fix MSIX allocation issue for VF (bsc#1104353 ).
- net: hns3: Fix comments for hclge_get_ring_chain_from_mbx (bsc#1104353).
- net: hns3: Fix desc num set to default when setting channel (bsc#1104353).
- net: hns3: Fix for command format parsing error in hclge_is_all_function_id_zero (bsc#1104353).
- net: hns3: Fix for information of phydev lost problem when down/up (bsc#1104353).
- net: hns3: Fix for l4 checksum offload bug (bsc#1104353 ).
- net: hns3: Fix for mac pause not disable in pfc mode (bsc#1104353).
- net: hns3: Fix for mailbox message truncated problem (bsc#1104353).
- net: hns3: Fix for phy link issue when using marvell phy driver (bsc#1104353).
- net: hns3: Fix for reset_level default assignment probelm (bsc#1104353).
- net: hns3: Fix for using wrong mask and shift in hclge_get_ring_chain_from_mbx (bsc#1104353).
- net: hns3: Fix for waterline not setting correctly (bsc#1104353).
- net: hns3: Fix get_vector ops in hclgevf_main module (bsc#1104353).
- net: hns3: Fix return value error in hns3_reset_notify_down_enet (bsc#1104353).
- net: hns3: Fix warning bug when doing lp selftest (bsc#1104353 ).
- net: hns3: Prevent sending command during global or core reset (bsc#1104353).
- net: hns3: Standardize the handle of return value (bsc#1104353 ).
- net: hns3: add unlikely for error check (bsc#1104353 ).
- net: hns3: fix page_offset overflow when CONFIG_ARM64_64K_PAGES (bsc#1104353).
- net: hns3: fix return value error while hclge_cmd_csq_clean failed (bsc#1104353).
- net: hns3: modify hnae_ to hnae3_ (bsc#1104353).
- net: hns3: remove some redundant assignments (bsc#1104353 ).
- net: hns3: remove unnecessary ring configuration operation while resetting (bsc#1104353).
- net: hns3: simplify hclge_cmd_csq_clean (bsc#1104353 ).
- net: hns: add netif_carrier_off before change speed and duplex (bsc#1107924).
- net: hns: add the code for cleaning pkt in chip (bsc#1107924).
- net: mdio-mux: bcm-iproc: fix wrong getter and setter pair (netfilter-stable-18_08_01).
- net: mvneta: fix mvneta_config_rss on armada 3700 (networking-stable-18_08_21).
- net: mvneta: fix the Rx desc DMA address in the Rx path (networking-stable-18_07_19).
- net: phy: consider PHY_IGNORE_INTERRUPT in phy_start_aneg_priv (netfilter-stable-18_07_27).
- net: phy: fix flag masking in __set_phy_supported (netfilter-stable-18_07_23).
- net: rtnl_configure_link: fix dev flags changes arg to __dev_notify_flags (git-fixes).
- net: skb_segment() should not return NULL (netfilter-stable-18_07_27).
- net: stmmac: Fix WoL for PCI-based setups (netfilter-stable-18_08_04).
- net: stmmac: mark PM functions as __maybe_unused (git-fixes).
- net: sungem: fix rx checksum support (networking-stable-18_07_19).
- net: systemport: Fix CRC forwarding check for SYSTEMPORT Lite (netfilter-stable-18_07_23).
- net: thunder: change q_len's type to handle max ring size (bsc#1110096).
- net: thunderx: Set max queue count taking XDP_TX into account (bsc#1110096).
- net: thunderx: add MAC address filter tracking for LMAC (bsc#1110096).
- net: thunderx: add XCAST messages handlers for PF (bsc#1110096).
- net: thunderx: add multicast filter management support (bsc#1110096).
- net: thunderx: add ndo_set_rx_mode callback implementation for VF (bsc#1110096).
- net: thunderx: add new messages for handle ndo_set_rx_mode callback (bsc#1110096).
- net: thunderx: add timestamping support (bsc#1110096).
- net: thunderx: add workqueue control structures for handle ndo_set_rx_mode request (bsc#1110096).
- net: thunderx: check for failed allocation lmac->dmacs (bsc#1110096).
- net: thunderx: fix double free error (bsc#1110096).
- net: thunderx: move filter register related macro into proper place (bsc#1110096).
- net: thunderx: prevent concurrent data re-writing by nicvf_set_rx_mode (bsc#1110096).
- net: thunderx: remove a couple of redundant assignments (bsc#1110096).
- net: thunderx: rework mac addresses list to u64 array (bsc#1110096).
- net_sched: Fix missing res info when create new tc_index filter (netfilter-stable-18_08_17).
- net_sched: blackhole: tell upper qdisc about dropped packets (networking-stable-18_07_19).
- netfilter: do not set F_IFACE on ipv6 fib lookups (netfilter-stable-18_06_25).
- netfilter: ip6t_rpfilter: provide input interface for route lookup (netfilter-stable-18_06_25).
- netfilter: ip6t_rpfilter: set F_IFACE for linklocal addresses (git-fixes).
- netfilter: nat: Revert 'netfilter: nat: convert nat bysrc hash to rhashtable' (netfilter-stable-17_11_16).
- netfilter: nf_tables: add missing netlink attrs to policies (netfilter-stable-18_06_27).
- netfilter: nf_tables: do not assume chain stats are set when jumplabel is set (netfilter-stable-18_06_27).
- netfilter: nf_tables: fix memory leak on error exit return (netfilter-stable-18_06_27).
- netfilter: nf_tables: nft_compat: fix refcount leak on xt module (netfilter-stable-18_06_27).
- netfilter: nf_tables: use WARN_ON_ONCE instead of BUG_ON in nft_do_chain() (netfilter-stable-18_06_25).
- netfilter: nft_compat: fix handling of large matchinfo size (netfilter-stable-18_06_27).
- netfilter: nft_compat: prepare for indirect info storage (netfilter-stable-18_06_27).
- netfilter: nft_meta: fix wrong value dereference in nft_meta_set_eval (netfilter-stable-18_06_27).
- netlink: Do not shift on 64 for ngroups (git-fixes).
- netlink: Do not shift with UB on nlk->ngroups (netfilter-stable-18_08_01).
- netlink: Do not subscribe to non-existent groups (netfilter-stable-18_08_01).
- netlink: Fix spectre v1 gadget in netlink_create() (netfilter-stable-18_08_04).
- nfs/filelayout: fix oops when freeing filelayout segment (bsc#1105190).
- nfs/pnfs: fix nfs_direct_req ref leak when i/o falls back to the mds (git-fixes).
- nfs41: do not return ENOMEM on LAYOUTUNAVAILABLE (git-fixes).
- nfsd: remove blocked locks on client teardown (git-fixes).
- nl80211: Add a missing break in parse_station_flags (bsc#1051510).
- nl80211: check nla_parse_nested() return values (bsc#1051510).
- nvdimm: Clarify comment in sizeof_namespace_index (bsc#1111921, bsc#1113408, bsc#1113972).
- nvdimm: Remove empty if statement (bsc#1111921, bsc#1113408, bsc#1113972).
- nvdimm: Sanity check labeloff (bsc#1111921, bsc#1113408, bsc#1113972).
- nvdimm: Split label init out from the logic for getting config data (bsc#1111921, bsc#1113408, bsc#1113972).
- nvdimm: Use namespace index data to reduce number of label reads needed (bsc#1111921, bsc#1113408, bsc#1113972).
- nvme: call nvme_complete_rq when nvmf_check_ready fails for mpath I/O (bsc#1107685).
- nvme: register ns_id attributes as default sysfs groups (bsc#1105247).
- nvme_fc: add 'nvme_discovery' sysfs attribute to fc transport device (bsc#1044189).
- objtool, kprobes/x86: Sync the latest asm/insn.h header with tools/objtool/arch/x86/include/asm/insn.h (bsc#1110006).
- of: add helper to lookup compatible child node (bsc#1106110)
- orangefs: fix deadlock; do not write i_size in read_iter (bsc#1051510).
- orangefs: initialize op on loop restart in orangefs_devreq_read (bsc#1051510).
- orangefs: use list_for_each_entry_safe in purge_waiting_ops (bsc#1051510).
- orangefs_kill_sb(): deal with allocation failures (bsc#1051510).
- ovl: Sync upper dirty data when syncing overlayfs (git-fixes).
- ovl: fix format of setxattr debug (git-fixes).
- parport: sunbpp: fix error return code (bsc#1051510).
- partitions/aix: append null character to print data from disk (bsc#1051510).
- partitions/aix: fix usage of uninitialized lv_info and lvname structures (bsc#1051510).
- perf/x86/amd/ibs: Do not access non-started event (bsc#1110006).
- perf/x86/cstate: Fix possible Spectre-v1 indexing for pkg_msr (bsc#1110006).
- perf/x86/intel/lbr: Fix incomplete LBR call stack (bsc#1110006).
- perf/x86/intel/uncore: Correct fixed counter index check for NHM (bsc#1110006).
- perf/x86/intel/uncore: Correct fixed counter index check in generic code (bsc#1110006).
- perf/x86/intel/uncore: Fix Skylake UPI event format (bsc#1110006).
- perf/x86/intel: Do not accidentally clear high bits in bdw_limit_period() (bsc#1110006).
- perf/x86/intel: Fix event update for auto-reload (bsc#1110006).
- perf/x86/intel: Fix large period handling on Broadwell CPUs (bsc#1110006).
- perf/x86/intel: Fix linear IP of PEBS real_ip on Haswell and later CPUs (bsc#1110006).
- perf/x86/intel: Properly save/restore the PMU state in the NMI handler (bsc#1110006).
- perf/x86/msr: Fix possible Spectre-v1 indexing in the MSR driver (bsc#1110006).
- perf/x86: Fix possible Spectre-v1 indexing for hw_perf_event cache_* (bsc#1110006).
- perf/x86: Fix possible Spectre-v1 indexing for x86_pmu::event_map() (bsc#1110006).
- pinctrl/amd: only handle irq if it is pending and unmasked (bsc#1051510).
- pinctrl: cannonlake: Fix HOSTSW_OWN register offset of H variant (bsc#1051510).
- pipe: actually allow root to exceed the pipe buffer limits (bsc#1106297).
- pipe: match pipe_max_size data type with procfs (git-fixes).
- platform/x86: alienware-wmi: Correct a memory leak (bsc#1051510).
- platform/x86: asus-nb-wmi: Add keymap entry for lid flip action on UX360 (bsc#1051510).
- platform/x86: thinkpad_acpi: Proper model/release matching (bsc#1051510).
- platform/x86: toshiba_acpi: Fix defined but not used build warnings (bsc#1051510).
- pmem: Switch to copy_to_iter_mcsafe() (bsc#1098782).
- pnfs/blocklayout: off by one in bl_map_stripe() (git-fixes).
- power: gemini-poweroff: Avoid more spurious poweroffs (bsc#1051510).
- power: generic-adc-battery: check for duplicate properties copied from iio channels (bsc#1051510).
- power: generic-adc-battery: fix out-of-bounds write when copying channel properties (bsc#1051510).
- power: remove possible deadlock when unregistering power_supply (bsc#1051510).
- power: supply: axp288_charger: Fix initial constant_charge_current value (bsc#1051510).
- power: supply: max77693_charger: fix unintentional fall-through (bsc#1051510).
- power: vexpress: fix corruption in notifier registration (bsc#1051510).
- powernv/pseries: consolidate code for mce early handling (bsc#1094244).
- powerpc/64s: Default l1d_size to 64K in RFI fallback flush (bsc#1068032, git-fixes).
- powerpc/64s: Fix DT CPU features Power9 DD2.1 logic (bsc#1055117).
- powerpc/64s: Fix compiler store ordering to SLB shadow area (bsc#1094244).
- powerpc/64s: move machine check SLB flushing to mm/slb.c (bsc#1094244).
- powerpc/fadump: cleanup crash memory ranges support (bsc#1103269).
- powerpc/fadump: re-register firmware-assisted dump if already registered (bsc#1108170, bsc#1108823).
- powerpc/firmware: Add definitions for new drc-info firmware feature (bsc#1109158).
- powerpc/kprobes: Fix call trace due to incorrect preempt count (bsc#1065729).
- powerpc/kvm/booke: Fix altivec related build break (bsc#1061840).
- powerpc/kvm: Switch kvm pmd allocator to custom allocator (bsc#1061840).
- powerpc/lib: Fix the feature fixup tests to actually work (bsc#1065729).
- powerpc/mce: Fix SLB rebolting during MCE recovery path (bsc#1094244).
- powerpc/mm/hugetlb: initialize the pagetable cache correctly for hugetlb (bsc#1091800).
- powerpc/mm: Rename find_linux_pte_or_hugepte() (bsc#1061840).
- powerpc/numa: Skip onlining a offline node in kdump path (bsc#1109784).
- powerpc/numa: Use associativity if VPHN hcall is successful (bsc#1110363).
- powerpc/perf: Fix IMC allocation routine (bsc#1054914).
- powerpc/perf: Fix memory allocation for core-imc based on num_possible_cpus() (bsc#1054914).
- powerpc/perf: Remove sched_task function defined for thread-imc (bsc#1054914).
- powerpc/pkeys: Fix reading of ibm, processor-storage-keys property (bsc#1109244).
- powerpc/powernv/ioda2: Reduce upper limit for DMA window size (bsc#1055120).
- powerpc/powernv/ioda: Allocate indirect TCE levels on demand (bsc#1061840).
- powerpc/powernv/ioda: Finish removing explicit max window size check (bsc#1061840).
- powerpc/powernv/ioda: Remove explicit max window size check (bsc#1061840).
- powerpc/powernv/npu: Do a PID GPU TLB flush when invalidating a large address range (bsc#1055120).
- powerpc/powernv: Add indirect levels to it_userspace (bsc#1061840).
- powerpc/powernv: Move TCE manupulation code to its own file (bsc#1061840).
- powerpc/powernv: Rework TCE level allocation (bsc#1061840).
- powerpc/pseries/mm: Introducing FW_FEATURE_BLOCK_REMOVE (bsc#1109158).
- powerpc/pseries/mm: call H_BLOCK_REMOVE (bsc#1109158).
- powerpc/pseries/mm: factorize PTE slot computation (bsc#1109158).
- powerpc/pseries: Avoid using the size greater than RTAS_ERROR_LOG_MAX (bsc#1094244).
- powerpc/pseries: Defer the logging of rtas error to irq work queue (bsc#1094244).
- powerpc/pseries: Define MCE error event section (bsc#1094244).
- powerpc/pseries: Disable CPU hotplug across migrations (bsc#1065729).
- powerpc/pseries: Display machine check error details (bsc#1094244).
- powerpc/pseries: Dump the SLB contents on SLB MCE errors (bsc#1094244).
- powerpc/pseries: Fix 'OF: ERROR: Bad of_node_put() on /cpus' during DLPAR (bsc#1113295).
- powerpc/pseries: Fix CONFIG_NUMA=n build (bsc#1067906, git-fixes).
- powerpc/pseries: Fix build break for SPLPAR=n and CPU hotplug (bsc#1079524, git-fixes).
- powerpc/pseries: Fix duplicate firmware feature for DRC_INFO (bsc#1109158).
- powerpc/pseries: Fix endianness while restoring of r3 in MCE handler (bsc#1094244).
- powerpc/pseries: Flush SLB contents on SLB MCE errors (bsc#1094244).
- powerpc/pseries: Remove prrn_work workqueue (bsc#1102495, bsc#1109337).
- powerpc/pseries: Remove unneeded uses of dlpar work queue (bsc#1102495, bsc#1109337).
- powerpc/pseries: fix EEH recovery of some IOV devices (bsc#1078720, git-fixes).
- powerpc/rtas: Fix a potential race between CPU-Offline Migration (bsc#1111870).
- powerpc/tm: Avoid possible userspace r1 corruption on reclaim (bsc#1109333).
- powerpc/tm: Fix userspace r13 corruption (bsc#1109333).
- powerpc/topology: Get topology for shared processors at boot (bsc#1104683).
- powerpc/xive: Fix trying to 'push' an already active pool VP (bsc#1085030, git-fixes).
- powerpc/xive: Move definition of ESB bits (bsc#1061840).
- powerpc/xmon: Add ISA v3.0 SPRs to SPR dump (bsc#1061840).
- powerpc64s: Show ori31 availability in spectre_v1 sysfs file not v2 (bsc#1068032, bsc#1080157, git-fixes).
- powerpc: Avoid code patching freed init sections (bsc#1107735).
- powerpc: Fix size calculation using resource_size() (bsc#1012382).
- powerpc: KABI add aux_ptr to hole in paca_struct to extend it with additional members (bsc#1094244).
- powerpc: KABI: move mce_data_buf into paca_aux (bsc#1094244).
- powerpc: make feature-fixup tests fortify-safe (bsc#1065729).
- powerpc: pseries: remove dlpar_attach_node dependency on full path (bsc#1113295).
- ppp: Destroy the mutex when cleanup (bsc#1051510).
- ppp: fix __percpu annotation (bsc#1051510).
- printk/tracing: Do not trace printk_nmi_enter() (bsc#1112208).
- printk: drop in_nmi check from printk_safe_flush_on_panic() (bsc#1112170).
- proc: restrict kernel stack dumps to root (git-fixes). blacklist.conf:
- pstore: Fix incorrect persistent ram buffer mapping (bsc#1051510).
- ptp: fix missing break in switch (bsc#1105355).
- ptr_ring: fail early if queue occupies more than KMALLOC_MAX_SIZE (bsc#1105355).
- ptr_ring: fix up after recent ptr_ring changes (bsc#1105355).
- ptr_ring: prevent integer overflow when calculating size (bsc#1105355).
- ptrace,x86: Make user_64bit_mode() available to 32-bit builds (bsc#1110006).
- pwm: tiehrpwm: Fix disabling of output of PWMs (bsc#1051510).
- qed: Add missing device config for RoCE EDPM in UFP mode (bsc#1109217).
- qed: Avoid sending mailbox commands when MFW is not responsive (bsc#1050536).
- qed: Do not add VLAN 0 tag to untagged frames in multi-function mode (bsc#1050536).
- qed: Fix populating the invalid stag value in multi function mode (bsc#1050536).
- qed: Fix shmem structure inconsistency between driver and the mfw (bsc#1110561).
- qed: Prevent a possible deadlock during driver load and unload (bsc#1050536).
- qed: Wait for MCP halt and resume commands to take place (bsc#1050536).
- qed: Wait for ready indication before rereading the shmem (bsc#1050536).
- qlcnic: fix Tx descriptor corruption on 82xx devices (bsc#1050540).
- qlge: Fix netdev features configuration (bsc#1098822).
- qmi_wwan: Added support for Gemalto's Cinterion ALASxx WWAN interface (bsc#1051510).
- qmi_wwan: set DTR for modems in forced USB2 mode (bsc#1051510).
- qrtr: add MODULE_ALIAS macro to smd (bsc#1051510).
- r8152: Check for supported Wake-on-LAN Modes (bsc#1051510).
- r8169: Clear RTL_FLAG_TASK_*_PENDING when clearing RTL_FLAG_TASK_ENABLED (bsc#1051510).
- r8169: add support for NCube 8168 network card (bsc#1051510).
- race of lockd inetaddr notifiers vs nlmsvc_rqst change (git-fixes).
- random: add new ioctl RNDRESEEDCRNG (bsc#1051510).
- random: fix possible sleeping allocation from irq context (bsc#1051510).
- random: mix rdrand with entropy sent in from userspace (bsc#1051510).
- random: rate limit unseeded randomness warnings (git-fixes).
- random: set up the NUMA crng instances after the CRNG is fully initialized (bsc#1051510).
- rculist: Improve documentation for list_for_each_entry_from_rcu() (bsc#1084760).
- rculist: add list_for_each_entry_from_rcu() (bsc#1084760).
- readahead: stricter check for bdi io_pages (VM Functionality, git fixes).
- regulator: fix crash caused by null driver data (bsc#1051510).
- reiserfs: add check to detect corrupted directory entry (bsc#1109818).
- reiserfs: do not panic on bad directory entries (bsc#1109818).
- reiserfs: fix broken xattr handling (heap corruption, bad retval) (bsc#1106236).
- rename a hv patch to reduce conflicts in -AZURE
- rename/renumber hv patches to simplify upcoming upstream merges Good Bye automerge. Hello Conflicts.
- rename/renumber hv patches to simplify upcoming upstream merges No code changes.
- reorder a qedi patch to allow further work in this branch
- resort series.conf
- resource: Include resource end in walk_*() interfaces (bsc#1114279).
- rhashtable: add schedule points (bsc#1051510).
- rndis_wlan: potential buffer overflow in rndis_wlan_auth_indication() (bsc#1051510).
- root dentries need RCU-delayed freeing (bsc#1106297).
- rpc_pipefs: fix double-dput() (bsc#1051510).
- rpm/kernel-binary.spec.in: fix call of split-modules split-modules is called with some parameters depending on config options. But since we do not use backslash consistelny, the call to split-modules might be evaluated so that also the following cat command is appended. Avoid this behaviour by using backslashes everywhere and add %nil to the end. This perhaps never happens, but stay on the safe side.
- rpm/mkspec: build dtbs for architectures marked -!needs_updating
- rpm/mkspec: fix ppc64 kernel-source build.
- rpmsg: Correct support for MODULE_DEVICE_TABLE() (git-fixes).
- rsi: Fix 'invalid vdd' warning in mmc (bsc#1051510).
- rtc: bq4802: add error handling for devm_ioremap (bsc#1051510).
- rtnetlink: add rtnl_link_state check in rtnl_configure_link (netfilter-stable-18_07_27).
- rxrpc: Fix user call ID check in rxrpc_service_prealloc_one (netfilter-stable-18_08_04).
- s390/crypto: Fix return code checking in cbc_paes_crypt() (bsc#1108323, LTC#171709).
- s390/entry.S: use assembler alternatives (bsc#1103421).
- s390/lib: use expoline for all bcr instructions (git-fixes, bsc#1103421).
- s390/mm: fix local TLB flushing vs. detach of an mm address space (bsc#1103421).
- s390/mm: fix race on mm->context.flush_mm (bsc#1103421).
- s390/pci: fix out of bounds access during irq setup (bsc#1108323, LTC#171068).
- s390/qdio: reset old sbal_state flags (LTC#171525, bsc#1106948).
- s390/qeth: consistently re-enable device features (bsc#1104482, LTC#170340).
- s390/qeth: do not clobber buffer on async TX completion (bsc#1104482, LTC#170340).
- s390/qeth: rely on kernel for feature recovery (bsc#1104482, LTC#170340).
- s390/qeth: use vzalloc for QUERY OAT buffer (LTC#171527, bsc#1106948).
- s390/runtime instrumentation: simplify task exit handling (bsc#1103421).
- s390: Prevent hotplug rwsem recursion (bsc#1105731).
- s390: always save and restore all registers on context switch (bsc#1103421).
- s390: detect etoken facility (bsc#1103421).
- s390: fix br_r1_trampoline for machines without exrl (git-fixes, bsc#1103421).
- s390: fix compat system call table (bsc#1103421).
- s390: fix handling of -1 in set{,fs}id16 syscalls (bsc#1103421).
- s390: use expoline thunks for all branches generated by the BPF JIT (bsc#1103421).
- samples/bpf: adjust rlimit RLIMIT_MEMLOCK for xdp1 (bsc#1083647).
- sched/fair: Fix bandwidth timer clock drift condition (Git-fixes).
- sched/fair: Fix vruntime_normalized() for remote non-migration wakeup (git-fixes).
- sched/isolcpus: Fix 'isolcpus=' boot parameter handling when !CONFIG_CPUMASK_OFFSTACK (bsc#1107207).
- sched/numa: Avoid task migration for small NUMA improvement (bsc#1101669 optimise numa balancing for fast migrate).
- sched/numa: Do not move imbalanced load purely on the basis of an idle CPU (bsc#1101669 optimise numa balancing for fast migrate).
- sched/numa: Evaluate move once per node (bsc#1101669 optimise numa balancing for fast migrate).
- sched/numa: Limit the conditions where scan period is reset ().
- sched/numa: Pass destination CPU as a parameter to migrate_task_rq (bsc#1101669 optimise numa balancing for fast migrate).
- sched/numa: Pass destination CPU as a parameter to migrate_task_rq kabi (bsc#1101669 optimise numa balancing for fast migrate).
- sched/numa: Remove numa_has_capacity() (bsc#1101669 optimise numa balancing for fast migrate).
- sched/numa: Remove unused task_capacity from 'struct numa_stats' (bsc#1101669 optimise numa balancing for fast migrate).
- sched/numa: Reset scan rate whenever task moves across nodes (bsc#1101669 optimise numa balancing for fast migrate).
- sched/numa: Stop comparing tasks for NUMA placement after selecting an idle core (bsc#1101669 optimise numa balancing for fast migrate).
- sched/numa: Stop multiple tasks from moving to the CPU at the same time (bsc#1101669 optimise numa balancing for fast migrate).
- sched/numa: Stop multiple tasks from moving to the CPU at the same time kabi (bsc#1101669 optimise numa balancing for fast migrate).
- sched/numa: remove unused code from update_numa_stats() (bsc#1101669 optimise numa balancing for fast migrate).
- sched/numa: remove unused nr_running field (bsc#1101669 optimise numa balancing for fast migrate).
- scripts/git_sort/git_sort.py: Add fixes branch from mkp/scsi.git.
- scripts/git_sort/git_sort.py: add libnvdimm-for-next branch
- scripts/git_sort/git_sort.py: add mkp 4.20/scsi-queue
- scripts: modpost: check memory allocation results (bsc#1051510).
- scsi: core: Allow state transitions from OFFLINE to BLOCKED (bsc#1112246).
- scsi: cxlflash: Abstract hardware dependent assignments ().
- scsi: cxlflash: Acquire semaphore before invoking ioctl services ().
- scsi: cxlflash: Adapter context init can return error ().
- scsi: cxlflash: Adapter context support for OCXL ().
- scsi: cxlflash: Add argument identifier names ().
- scsi: cxlflash: Add include guards to backend.h ().
- scsi: cxlflash: Avoid clobbering context control register value ().
- scsi: cxlflash: Enable OCXL operations ().
- scsi: cxlflash: Explicitly cache number of interrupts per context ().
- scsi: cxlflash: Handle spurious interrupts ().
- scsi: cxlflash: Hardware AFU for OCXL ().
- scsi: cxlflash: Introduce OCXL backend ().
- scsi: cxlflash: Introduce OCXL context state machine ().
- scsi: cxlflash: Introduce object handle fop ().
- scsi: cxlflash: Isolate external module dependencies ().
- scsi: cxlflash: Limit the debug logs in the IO path ().
- scsi: cxlflash: MMIO map the AFU ().
- scsi: cxlflash: Preserve number of interrupts for master contexts ().
- scsi: cxlflash: Read host AFU configuration ().
- scsi: cxlflash: Read host function configuration ().
- scsi: cxlflash: Register for translation errors ().
- scsi: cxlflash: Remove commmands from pending list on timeout ().
- scsi: cxlflash: Remove embedded CXL work structures ().
- scsi: cxlflash: Setup AFU PASID ().
- scsi: cxlflash: Setup AFU acTag range ().
- scsi: cxlflash: Setup LISNs for master contexts ().
- scsi: cxlflash: Setup LISNs for user contexts ().
- scsi: cxlflash: Setup OCXL transaction layer ().
- scsi: cxlflash: Setup function OCXL link ().
- scsi: cxlflash: Setup function acTag range ().
- scsi: cxlflash: Staging to support future accelerators ().
- scsi: cxlflash: Support AFU interrupt management ().
- scsi: cxlflash: Support AFU interrupt mapping and registration ().
- scsi: cxlflash: Support AFU reset ().
- scsi: cxlflash: Support AFU state toggling ().
- scsi: cxlflash: Support adapter context discovery ().
- scsi: cxlflash: Support adapter context mmap and release ().
- scsi: cxlflash: Support adapter context polling ().
- scsi: cxlflash: Support adapter context reading ().
- scsi: cxlflash: Support adapter file descriptors for OCXL ().
- scsi: cxlflash: Support file descriptor mapping ().
- scsi: cxlflash: Support image reload policy modification ().
- scsi: cxlflash: Support process element lifecycle ().
- scsi: cxlflash: Support process specific mappings ().
- scsi: cxlflash: Support reading adapter VPD data ().
- scsi: cxlflash: Support starting an adapter context ().
- scsi: cxlflash: Support starting user contexts ().
- scsi: cxlflash: Synchronize reset and remove ops ().
- scsi: cxlflash: Use IDR to manage adapter contexts ().
- scsi: cxlflash: Use local mutex for AFU serialization ().
- scsi: cxlflash: Yield to active send threads ().
- scsi: fcoe: hold disc_mutex when traversing rport lists (bsc#1077989).
- scsi: hisi_sas: Add SATA FIS check for v3 hw ().
- scsi: hisi_sas: Add a flag to filter PHY events during reset ().
- scsi: hisi_sas: Add missing PHY spinlock init ().
- scsi: hisi_sas: Adjust task reject period during host reset ().
- scsi: hisi_sas: Drop hisi_sas_slot_abort() ().
- scsi: hisi_sas: Fix the conflict between dev gone and host reset ().
- scsi: hisi_sas: Fix the failure of recovering PHY from STP link timeout ().
- scsi: hisi_sas: Implement handlers of PCIe FLR for v3 hw ().
- scsi: hisi_sas: Only process broadcast change in phy_bcast_v3_hw() ().
- scsi: hisi_sas: Pre-allocate slot DMA buffers ().
- scsi: hisi_sas: Release all remaining resources in clear nexus ha ().
- scsi: hisi_sas: Tidy hisi_sas_task_prep() ().
- scsi: hisi_sas: Use dmam_alloc_coherent() ().
- scsi: hisi_sas: add memory barrier in task delivery function ().
- scsi: hisi_sas: relocate some common code for v3 hw ().
- scsi: hisi_sas: tidy channel interrupt handler for v3 hw ().
- scsi: hisi_sas: tidy host controller reset function a bit ().
- scsi: hpsa: limit transfer length to 1MB, not 512kB (bsc#1102346).
- scsi: ipr: Eliminate duplicate barriers ().
- scsi: ipr: System hung while dlpar adding primary ipr adapter back (bsc#1109336).
- scsi: ipr: Use dma_pool_zalloc() ().
- scsi: ipr: fix incorrect indentation of assignment statement ().
- scsi: libfc: Add lockdep annotations (bsc#1077989).
- scsi: libfc: check fc_frame_payload_get() return value for null (bsc#1104731).
- scsi: libfc: fixup 'sleeping function called from invalid context' (bsc#1077989).
- scsi: libfc: fixup lockdep annotations (bsc#1077989).
- scsi: libfc: hold disc_mutex in fc_disc_stop_rports() (bsc#1077989).
- scsi: libfc: retry PRLI if we cannot analyse the payload (bsc#1104731).
- scsi: lpfc: Correct MDS diag and nvmet configuration (bsc#1106636).
- scsi: mpt3sas: Fix calltrace observed while running IO reset (bsc#1077989).
- scsi: netvsc: Use the vmbus function to calculate ring buffer percentage (bsc#1107207).
- scsi: qedi: Add the CRC size within iSCSI NVM image (bsc#1110538).
- scsi: qedi: Initialize the stats mutex lock (bsc#1110538).
- scsi: qla2xxx: Add appropriate debug info for invalid RX_ID (bsc#1108870).
- scsi: qla2xxx: Add logic to detect ABTS hang and response completion (bsc#1108870).
- scsi: qla2xxx: Add longer window for chip reset (bsc#1086327,).
- scsi: qla2xxx: Add mode control for each physical port (bsc#1108870).
- scsi: qla2xxx: Add support for ZIO6 interrupt threshold (bsc#1108870).
- scsi: qla2xxx: Allow FC-NVMe underrun to be handled by transport (bsc#1108870).
- scsi: qla2xxx: Check for Register disconnect (bsc#1108870).
- scsi: qla2xxx: Cleanup for N2N code (bsc#1086327,).
- scsi: qla2xxx: Decrement login retry count for only plogi (bsc#1108870).
- scsi: qla2xxx: Defer chip reset until target mode is enabled (bsc#1108870).
- scsi: qla2xxx: Fix ISP recovery on unload (bsc#1086327,).
- scsi: qla2xxx: Fix Management Server NPort handle reservation logic (bsc#1086327,).
- scsi: qla2xxx: Fix N2N link re-connect (bsc#1086327,).
- scsi: qla2xxx: Fix NVMe Target discovery (bsc#1108870).
- scsi: qla2xxx: Fix NVMe session hang on unload (bsc#1108870).
- scsi: qla2xxx: Fix Remote port registration (bsc#1108870).
- scsi: qla2xxx: Fix deadlock between ATIO and HW lock (bsc#1108870).
- scsi: qla2xxx: Fix double increment of switch scan retry count (bsc#1108870).
- scsi: qla2xxx: Fix driver hang when FC-NVMe LUNs are configured (bsc#1108870).
- scsi: qla2xxx: Fix dropped srb resource (bsc#1108870).
- scsi: qla2xxx: Fix duplicate switch database entries (bsc#1108870).
- scsi: qla2xxx: Fix duplicate switch's Nport ID entries (bsc#1108870).
- scsi: qla2xxx: Fix early srb free on abort (bsc#1108870).
- scsi: qla2xxx: Fix for double free of SRB structure (bsc#1108870).
- scsi: qla2xxx: Fix iIDMA error (bsc#1108870).
- scsi: qla2xxx: Fix incorrect port speed being set for FC adapters (bsc#1108870).
- scsi: qla2xxx: Fix issue reported by static checker for qla2x00_els_dcmd2_sp_done() (bsc#1086327,).
- scsi: qla2xxx: Fix login retry count (bsc#1086327,).
- scsi: qla2xxx: Fix memory leak for allocating abort IOCB (bsc#1111830).
- scsi: qla2xxx: Fix out of order Termination and ABTS response (bsc#1108870).
- scsi: qla2xxx: Fix port speed display on chip reset (bsc#1108870).
- scsi: qla2xxx: Fix premature command free (bsc#1108870).
- scsi: qla2xxx: Fix process response queue for ISP26XX and above (bsc#1108870).
- scsi: qla2xxx: Fix race between switch cmd completion and timeout (bsc#1086327,).
- scsi: qla2xxx: Fix race condition for resource cleanup (bsc#1108870).
- scsi: qla2xxx: Fix re-using LoopID when handle is in use (bsc#1108870).
- scsi: qla2xxx: Fix recursive mailbox timeout (bsc#1108870).
- scsi: qla2xxx: Fix redundant fc_rport registration (bsc#1086327,).
- scsi: qla2xxx: Fix session state stuck in Get Port DB (bsc#1086327,).
- scsi: qla2xxx: Fix stalled relogin (bsc#1086327,).
- scsi: qla2xxx: Fix stuck session in PLOGI state (bsc#1108870).
- scsi: qla2xxx: Fix unintended Logout (bsc#1086327,).
- scsi: qla2xxx: Flush mailbox commands on chip reset (bsc#1086327,).
- scsi: qla2xxx: Force fw cleanup on ADISC error (bsc#1108870).
- scsi: qla2xxx: Increase abort timeout value (bsc#1108870).
- scsi: qla2xxx: Migrate NVME N2N handling into state machine (bsc#1086327,).
- scsi: qla2xxx: Move ABTS code behind qpair (bsc#1108870).
- scsi: qla2xxx: Move log messages before issuing command to firmware (bsc#1108870).
- scsi: qla2xxx: Move rport registration out of internal work_list (bsc#1108870).
- scsi: qla2xxx: Move {get|rel}_sp to base_qpair struct (bsc#1108870).
- scsi: qla2xxx: Prevent sysfs access when chip is down (bsc#1086327,).
- scsi: qla2xxx: Reduce holding sess_lock to prevent CPU lock-up (bsc#1108870).
- scsi: qla2xxx: Reject bsg request if chip is down (bsc#1108870).
- scsi: qla2xxx: Remove ASYNC GIDPN switch command (bsc#1108870).
- scsi: qla2xxx: Remove all rports if fabric scan retry fails (bsc#1108870).
- scsi: qla2xxx: Remove redundant check for fcport deletion (bsc#1108870).
- scsi: qla2xxx: Remove stale ADISC_DONE event (bsc#1108870).
- scsi: qla2xxx: Remove stale debug trace message from tcm_qla2xxx (bsc#1108870).
- scsi: qla2xxx: Return switch command on a timeout (bsc#1108870).
- scsi: qla2xxx: Save frame payload size from ICB (bsc#1086327,).
- scsi: qla2xxx: Serialize mailbox request (bsc#1108870).
- scsi: qla2xxx: Silent erroneous message (bsc#1086327,).
- scsi: qla2xxx: Spinlock recursion in qla_target (bsc#1086327,).
- scsi: qla2xxx: Terminate Plogi/PRLI if WWN is 0 (bsc#1108870).
- scsi: qla2xxx: Turn off IOCB timeout timer on IOCB completion (bsc#1108870).
- scsi: qla2xxx: Update driver to version 10.00.00.09-k (bsc#1108870).
- scsi: qla2xxx: Update driver version to 10.00.00.08-k (bsc#1086327,).
- scsi: qla2xxx: Update driver version to 10.00.00.10-k (bsc#1108870).
- scsi: qla2xxx: Update driver version to 10.00.00.11-k (bsc#1108870).
- scsi: qla2xxx: Update rscn_rcvd field to more meaningful scan_needed (bsc#1108870).
- scsi: qla2xxx: Use correct qpair for ABTS/CMD (bsc#1108870).
- scsi: qla2xxx: do not allow negative thresholds (bsc#1108870).
- scsi: qla2xxx: shutdown chip if reset fail (bsc#1108870).
- scsi: storsvc: do not set a bounce limit (bsc#1107207).
- scsi: storvsc: Avoid allocating memory for temp cpumasks (bsc#1107207).
- scsi: storvsc: Select channel based on available percentage of ring buffer to write (bsc#1107207).
- scsi: storvsc: Set up correct queue depth values for IDE devices (bsc#1107207).
- scsi: target: prefer dbroot of /etc/target over /var/target (bsc#1111928).
- scsi: vmbus: Add function to report available ring buffer to write in total ring size percentage (bsc#1107207).
- scsi_debug: call resp_XXX function after setting host_scribble (bsc#1069138).
- scsi_debug: reset injection flags for every_nth > 0 (bsc#1069138).
- security: check for kstrdup() failure in lsm_append() (bsc#1051510).
- selftests/bpf/test_maps: exit child process without error in ENOMEM case (bsc#1083647).
- selftests/bpf: fix a typo in map in map test (bsc#1083647).
- selftests/x86: Add tests for User-Mode Instruction Prevention (bsc#1110006).
- selftests/x86: Add tests for the STR and SLDT instructions (bsc#1110006).
- serial: 8250: Do not service RX FIFO if interrupts are disabled (bsc#1051510).
- serial: 8250: Fix clearing FIFOs in RS485 mode again (bsc#1051510).
- serial: 8250_dw: Add ACPI support for uart on Broadcom SoC (bsc#1051510).
- serial: 8250_dw: always set baud rate in dw8250_set_termios (bsc#1051510).
- serial: 8250_exar: Read INT0 from slave device, too (bsc#1051510).
- serial: core: mark port as initialized after successful IRQ change (bsc#1051510).
- serial: cpm_uart: return immediately from console poll (bsc#1051510).
- serial: enable spi in sc16is7xx driver References: bsc#1105672
- serial: imx: restore handshaking irq for imx1 (bsc#1051510).
- serial: make sc16is7xx driver supported References: bsc#1105672
- serial: pxa: Fix an error handling path in 'serial_pxa_probe()' (bsc#1051510).
- serial: sh-sci: Stop RX FIFO timer during port shutdown (bsc#1051510).
- serial: xuartps: fix typo in cdns_uart_startup (bsc#1051510).
- series.conf: moved some Xen patches to the sorted region xen/blkfront: correct purging of persistent grants (bsc#1112514).
- signal: Properly deliver SIGSEGV from x86 uprobes (bsc#1110006).
- slab: __GFP_ZERO is incompatible with a constructor (bsc#1107060).
- smb2: fix missing files in root share directory listing (bsc#1112907).
- smb3: fill in statfs fsid and correct namelen (bsc#1112905).
- smb3: fix reset of bytes read and written stats (bsc#1112906).
- smb3: on reconnect set PreviousSessionId field (bsc#1112899).
- smsc75xx: Check for Wake-on-LAN modes (bsc#1051510).
- smsc95xx: Check for Wake-on-LAN modes (bsc#1051510).
- soc/tegra: pmc: Fix child-node lookup (bsc#1051510).
- soc: fsl: qe: Fix copy/paste bug in ucc_get_tdm_sync_shift() (bsc#1051510).
- soc: mediatek: pwrap: fix cipher init setting error (bsc#1051510).
- sock_diag: fix use-after-free read in __sk_free (bsc#1051510).
- soreuseport: initialise timewait reuseport field (bsc#1051510).
- sound: do not call skl_init_chip() to reset intel skl soc (bsc#1051510).
- sound: enable interrupt after dma buffer initialization (bsc#1051510).
- spi-nor: intel-spi: Fix number of protected range registers for BYT/LPT ().
- spi/bcm63xx-hsspi: keep pll clk enabled (bsc#1051510).
- spi: bcm-qspi: switch back to reading flash using smaller chunks (bsc#1051510).
- spi: cadence: Change usleep_range() to udelay(), for atomic context (bsc#1051510).
- spi: davinci: fix a NULL pointer dereference (bsc#1051510).
- spi: pxa2xx: Add support for Intel Ice Lake (bsc#1051510).
- spi: rspi: Fix interrupted DMA transfers (bsc#1051510).
- spi: rspi: Fix invalid SPI use during system suspend (bsc#1051510).
- spi: sh-msiof: Fix handling of write value for SISTR register (bsc#1051510).
- spi: sh-msiof: Fix invalid SPI use during system suspend (bsc#1051510).
- spi: sh-msiof: fix deferred probing (bsc#1051510).
- spi: tegra20-slink: explicitly enable/disable clock (bsc#1051510).
- squashfs metadata 2: electric boogaloo (bsc#1051510).
- squashfs: be more careful about metadata corruption (bsc#1051510).
- squashfs: more metadata hardening (bsc#1051510).
- squashfs: more metadata hardening (bsc#1051510).
- sr9800: Check for supported Wake-on-LAN modes (bsc#1051510).
- sr: get/drop reference to device in revalidate and check_events (bsc#1109979).
- staging: bcm2835-audio: Check if workqueue allocation failed ().
- staging: bcm2835-audio: Deliver indirect-PCM transfer error ().
- staging: bcm2835-audio: Disconnect and free vchi_instance on module_exit() ().
- staging: bcm2835-audio: Do not leak workqueue if open fails ().
- staging: bcm2835-audio: constify snd_pcm_ops structures ().
- staging: bcm2835-audio: make snd_pcm_hardware const ().
- staging: bcm2835-camera: fix timeout handling in wait_for_completion_timeout (bsc#1051510).
- staging: bcm2835-camera: handle wait_for_completion_timeout return properly (bsc#1051510).
- staging: comedi: ni_mio_common: fix subdevice flags for PFI subdevice (bsc#1051510).
- staging: comedi: ni_mio_common: protect register write overflow (bsc#1051510).
- staging: lustre: Use 'kvfree()' for memory allocated by 'kvzalloc()' (bsc#1051510).
- staging: lustre: disable preempt while sampling processor id (bsc#1051510).
- staging: lustre: fix bug in osc_enter_cache_try (bsc#1051510).
- staging: lustre: ldlm: free resource when ldlm_lock_create() fails (bsc#1051510).
- staging: lustre: libcfs: Prevent harmless read underflow (bsc#1051510).
- staging: lustre: libcfs: fix test for libcfs_ioctl_hdr minimum size (bsc#1051510).
- staging: lustre: llite: correct removexattr detection (bsc#1051510).
- staging: lustre: llite: initialize xattr->xe_namelen (bsc#1051510).
- staging: lustre: lmv: correctly iput lmo_root (bsc#1051510).
- staging: lustre: lov: use correct env in lov_io_data_version_end() (bsc#1051510).
- staging: lustre: o2iblnd: Fix FastReg map/unmap for MLX5 (bsc#1051510).
- staging: lustre: o2iblnd: Fix crash in kiblnd_handle_early_rxs() (bsc#1051510).
- staging: lustre: o2iblnd: fix race at kiblnd_connect_peer (bsc#1051510).
- staging: lustre: obd_mount: use correct niduuid suffix (bsc#1051510).
- staging: lustre: obdclass: return -EFAULT if copy_from_user() fails (bsc#1051510).
- staging: lustre: ptlrpc: kfree used instead of kvfree (bsc#1051510).
- staging: lustre: remove invariant in cl_io_read_ahead() (bsc#1051510).
- staging: lustre: statahead: remove incorrect test on agl_list_empty() (bsc#1051510).
- staging: rts5208: fix missing error check on call to rtsx_write_register (bsc#1051510).
- staging: vc04_services: Fix platform_no_drv_owner.cocci warnings ().
- staging: vc04_services: bcm2835-audio Format multiline comment ().
- staging: vc04_services: bcm2835-audio: Add blank line after declaration ().
- staging: vc04_services: bcm2835-audio: Change to unsigned int * ().
- staging: vc04_services: bcm2835-audio: add SPDX identifiers ().
- staging: vc04_services: bcm2835-audio: remove redundant license text ().
- staging: vc04_services: please do not use multiple blank lines ().
- stm: Potential read overflow in stm_char_policy_set_ioctl() (bsc#1051510).
- stmmac: fix DMA channel hang in half-duplex mode (networking-stable-18_07_19).
- string: drop __must_check from strscpy() and restore strscpy() usages in cgroup (bsc#1051510).
- strparser: Remove early eaten to fix full tcp receive buffer stall (networking-stable-18_07_19).
- sunxi-rsb: Include OF based modalias in device uevent (bsc#1051510).
- switchtec: Fix Spectre v1 vulnerability (bsc#1051510).
- sys: do not hold uts_sem while accessing userspace memory (bsc#1106995).
- sysfs: Do not return POSIX ACL xattrs via listxattr (git-fixes).
- target: log Data-Out timeouts as errors (bsc#1095805).
- target: log NOP ping timeouts as errors (bsc#1095805).
- target: split out helper for cxn timeout error stashing (bsc#1095805).
- target: stash sess_err_stats on Data-Out timeout (bsc#1095805).
- target: use ISCSI_IQN_LEN in iscsi_target_stat (bsc#1095805).
- target_core_rbd: break up free_device callback (bsc#1105524).
- target_core_rbd: use RCU in free_device (bsc#1105524).
- team: Forbid enslaving team device to itself (bsc#1051510).
- thermal: of-thermal: disable passive polling when thermal zone is disabled (bsc#1051510).
- thermal: thermal_hwmon: Convert to hwmon_device_register_with_info() (bsc#1103363).
- thermal_hwmon: Pass the originating device down to hwmon_device_register_with_info (bsc#1103363).
- thermal_hwmon: Sanitize attribute name passed to hwmon (bsc#1103363).
- ti: ethernet: cpdma: Use correct format for genpool_* (bsc#1051510).
- tools build: fix # escaping in .cmd files for future Make (git-fixes).
- tools/hv: Fix IP reporting by KVP daemon with SRIOV (bsc#1107207).
- tools/power turbostat: Read extended processor family from CPUID (bsc#1051510).
- tools/power turbostat: fix -S on UP systems (bsc#1051510).
- tools/vm/page-types.c: fix 'defined but not used' warning (bsc#1051510).
- tools/vm/slabinfo.c: fix sign-compare warning (bsc#1051510).
- tools: hv: fcopy: set 'error' in case an unknown operation was requested (bsc#1107207).
- tools: hv: fix compiler warnings about major/target_fname (bsc#1107207).
- tools: hv: include string.h in hv_fcopy_daemon (bsc#1107207).
- tools: hv: update lsvmbus to be compatible with python3 (bsc#1107207).
- tools: usb: ffs-test: Fix build on big endian systems (bsc#1051510).
- tpm: Introduce flag TPM_TRANSMIT_RAW (bsc#1082555).
- tpm: cmd_ready command can be issued only after granting locality (bsc#1082555).
- tpm: fix race condition in tpm_common_write() (bsc#1082555).
- tpm: fix use after free in tpm2_load_context() (bsc#1082555).
- tpm: separate cmd_ready/go_idle from runtime_pm (bsc#1082555).
- tpm: tpm_crb: relinquish locality on error path (bsc#1082555).
- tpm: vtpm_proxy: Implement request_locality function (bsc#1082555).
- tracepoint: Do not warn on ENOMEM (bsc#1051510).
- tracing/x86/xen: Remove zero data size trace events trace_xen_mmu_flush_tlb{_all} (bsc#1110006).
- tracing: Add barrier to trace_printk() buffer nesting modification (bsc#1112219).
- tsl2550: fix lux1_input error in low light (bsc#1051510).
- tty/ldsem: Add lockdep asserts for ldisc_sem (bsc#1105428).
- tty/ldsem: Convert to regular lockdep annotations (bsc#1105428).
- tty/ldsem: Decrement wait_readers on timeouted down_read() (bsc#1105428).
- tty/ldsem: Wake up readers after timed out down_write() (bsc#1105428).
- tty: Do not block on IO when ldisc change is pending (bsc#1105428).
- tty: Drop tty->count on tty_reopen() failure (bsc#1051510).
- tty: Hold tty_ldisc_lock() during tty_reopen() (bsc#1105428).
- tty: Simplify tty->count math in tty_reopen() (bsc#1105428).
- tty: fix data race between tty_init_dev and flush of buf (bsc#1105428).
- tty: fix termios input-speed encoding (bsc#1051510).
- tty: fix termios input-speed encoding when using BOTHER (bsc#1051510).
- tty: rocket: Fix possible buffer overwrite on register_PCI (bsc#1051510).
- tty: serial: 8250: Revert NXP SC16C2552 workaround (bsc#1051510).
- tty: serial: exar: Relocate sleep wake-up handling (bsc#1051510).
- tty: serial: lpuart: avoid leaking struct tty_struct (bsc#1051510).
- tty: vt_ioctl: fix potential Spectre v1 (bsc#1051510).
- uart: fix race between uart_put_char() and uart_shutdown() (bsc#1051510).
- ubifs: Check data node size before truncate (bsc#1051510).
- ubifs: Check for name being NULL while mounting (bsc#1051510).
- ubifs: Fix directory size calculation for symlinks (bsc#1106230).
- ubifs: Fix memory leak in lprobs self-check (bsc#1051510).
- ubifs: Fix synced_i_size calculation for xattr inodes (bsc#1051510).
- ubifs: xattr: Do not operate on deleted inodes (bsc#1051510).
- udl-kms: avoid division (bsc#1051510).
- udl-kms: change down_interruptible to down (bsc#1051510).
- udl-kms: fix crash due to uninitialized memory (bsc#1051510).
- udl-kms: handle allocation failure (bsc#1051510).
- udlfb: set optimal write delay (bsc#1051510).
- udp: Unbreak modules that rely on external __skb_recv_udp() availability (bsc#1109151).
- uio, lib: Fix CONFIG_ARCH_HAS_UACCESS_MCSAFE compilation (bsc#1098782).
- uio: potential double frees if __uio_register_device() fails (bsc#1051510).
- uio_hv_generic: fix subchannel ring mmap (bsc#1107207).
- uio_hv_generic: make ring buffer attribute for primary channel (bsc#1107207).
- uio_hv_generic: set size of ring buffer attribute (bsc#1107207).
- uio_hv_generic: support sub-channels (bsc#1107207).
- uio_hv_generic: use correct channel in isr (bsc#1107207).
- uprobes/x86: Prohibit probing on MOV SS instruction (bsc#1110006).
- uprobes/x86: Remove incorrect WARN_ON() in uprobe_init_insn() (bsc#1051510).
- uprobes: Use synchronize_rcu() not synchronize_sched() (bsc#1051510).
- usb/phy: fix PPC64 build errors in phy-fsl-usb.c (bsc#1051510).
- usb: Avoid use-after-free by flushing endpoints early in usb_set_interface() (bsc#1051510).
- usb: Do not die twice if PCI xhci host is not responding in resume (bsc#1051510).
- usb: cdc_acm: Do not leak URB buffers (bsc#1051510).
- usb: chipidea: Prevent unbalanced IRQ disable (bsc#1051510).
- usb: dwc2: Turn on uframe_sched on 'amlogic' platforms (bsc#1102881).
- usb: dwc2: Turn on uframe_sched on 'bcm' platforms (bsc#1102881).
- usb: dwc2: Turn on uframe_sched on 'his' platforms (bsc#1102881).
- usb: dwc2: Turn on uframe_sched on 'stm32f4x9_fsotg' platforms (bsc#1102881).
- usb: dwc2: fix isoc split in transfer with no data (bsc#1051510).
- usb: dwc2: gadget: Fix issue in dwc2_gadget_start_isoc() (bsc#1051510).
- usb: dwc3: change stream event enable bit back to 13 (bsc#1051510).
- usb: dwc3: pci: add support for Intel IceLake (bsc#1051510).
- usb: gadget: composite: fix delayed_status race condition when set_interface (bsc#1051510).
- usb: gadget: dwc2: fix memory leak in gadget_init() (bsc#1051510).
- usb: gadget: fotg210-udc: Fix memory leak of fotg210->ep[i] (bsc#1051510).
- usb: gadget: fsl_udc_core: check allocation return value and cleanup on failure (bsc#1051510).
- usb: gadget: fsl_udc_core: fixup struct_udc_setup documentation (bsc#1051510).
- usb: gadget: r8a66597: Fix a possible sleep-in-atomic-context bugs in r8a66597_queue() (bsc#1051510).
- usb: gadget: r8a66597: Fix two possible sleep-in-atomic-context bugs in init_controller() (bsc#1051510).
- usb: gadget: udc: renesas_usb3: fix maxpacket size of ep0 (bsc#1051510).
- usb: host: u132-hcd: Fix a sleep-in-atomic-context bug in u132_get_frame() (bsc#1051510).
- usb: misc: uss720: Fix two sleep-in-atomic-context bugs (bsc#1051510).
- usb: musb: dsps: do not disable CPPI41 irq in driver teardown (bsc#1051510).
- usb: uas: add support for more quirk flags (bsc#1051510).
- usb: wusbcore: security: cast sizeof to int for comparison (bsc#1051510).
- usb: xhci-mtk: resume USB3 roothub first (bsc#1051510).
- usb: xhci: increase CRS timeout value (bsc#1051510).
- usbip: tools: fix atoi() on non-null terminated string (bsc#1051510).
- use the new async probing feature for the hyperv drivers (bsc#1107207).
- userfaultfd: hugetlbfs: fix userfaultfd_huge_must_wait() pte access (bsc#1109739).
- userns: move user access out of the mutex (bsc#1051510).
- uwb: hwa-rc: fix memory leak at probe (bsc#1051510).
- vfio/pci: Virtualize Maximum Payload Size (bsc#1051510).
- vfio/pci: Virtualize Maximum Read Request Size (bsc#1051510).
- vfio/type1: Fix task tracking for QEMU vCPU hotplug (bsc#1051510).
- vfs/proc/kcore, x86/mm/kcore: Fix SMAP fault when dumping vsyscall user page (bsc#1110006).
- vfs: fix freeze protection in mnt_want_write_file() for overlayfs (git-fixes).
- vhost: correctly check the iova range when waking virtqueue (bsc#1051510).
- vhost: do not try to access device IOTLB when not initialized (bsc#1051510).
- vhost: reset metadata cache when initializing new IOTLB (netfilter-stable-18_08_17).
- vhost: use mutex_lock_nested() in vhost_dev_lock_vqs() (bsc#1051510).
- vhost_net: validate sock before trying to put its fd (networking-stable-18_07_19).
- video: fbdev: pxafb: clear allocated memory for video modes (bsc#1051510).
- video: goldfishfb: fix memory leak on driver remove (bsc#1051510).
- virtio: pci-legacy: Validate queue pfn (bsc#1051510).
- vmbus: do not return values for uninitalized channels (bsc#1051510).
- vmbus: do not return values for uninitalized channels (bsc#1107207).
- vmci: type promotion bug in qp_host_get_user_memory() (bsc#1105355).
- vmw_balloon: VMCI_DOORBELL_SET does not check status (bsc#1051510).
- vmw_balloon: do not use 2MB without batching (bsc#1051510).
- vmw_balloon: fix VMCI use when balloon built into kernel (bsc#1051510).
- vmw_balloon: fix inflation of 64-bit GFNs (bsc#1051510).
- vmw_balloon: remove inflation rate limiting (bsc#1051510).
- vsock: split dwork to avoid reinitializations (netfilter-stable-18_08_17).
- vti4: Do not count header length twice on tunnel setup (bsc#1051510).
- vti6: fix PMTU caching and reporting on xmit (bsc#1051510).
- vti6: remove !skb->ignore_df check from vti6_xmit() (bsc#1051510).
- vxlan: add new fdb alloc and create helpers (netfilter-stable-18_07_27).
- vxlan: fix default fdb entry netlink notify ordering during netdev create (netfilter-stable-18_07_27).
- vxlan: make netlink notify in vxlan_fdb_destroy optional (netfilter-stable-18_07_27).
- wan/fsl_ucc_hdlc: use IS_ERR_VALUE() to check return value of qe_muram_alloc (bsc#1051510).
- watchdog: Mark watchdog touch functions as notrace (git-fixes).
- wlcore: Add missing PM call for wlcore_cmd_wait_for_event_or_timeout() (bsc#1051510).
- wlcore: Set rx_status boottime_ns field on rx (bsc#1051510).
- x86-64/realmode: Add instruction suffix (bsc#1110006).
- x86/CPU/AMD: Derive CPU topology from CPUID function 0xB when available ().
- x86/CPU/AMD: Have smp_num_siblings and cpu_llc_id always be present (bsc#1110006).
- x86/CPU: Add a microcode loader callback (bsc#1110006).
- x86/CPU: Check CPU feature bits after microcode upgrade (bsc#1110006).
- x86/CPU: Modify detect_extended_topology() to return result ().
- x86/EISA: Do not probe EISA bus for Xen PV guests (bsc#1110006).
- x86/Hyper-V/hv_apic: Build the Hyper-V APIC conditionally (bsc#1107207).
- x86/Hyper-V/hv_apic: Include asm/apic.h (bsc#1107207).
- x86/KVM/VMX: Do not set l1tf_flush_l1d from vmx_handle_external_intr() (bsc#1110006).
- x86/KVM/VMX: Do not set l1tf_flush_l1d to true from vmx_l1d_flush() (bsc#1110006).
- x86/KVM/VMX: Move the l1tf_flush_l1d test to vmx_l1d_flush() (bsc#1110006).
- x86/KVM/VMX: Replace 'vmx_l1d_flush_always' with 'vmx_l1d_flush_cond' (bsc#1110006).
- x86/Kconfig: Limit NR_CPUS on 32-bit to a sane amount (bsc#1110006).
- x86/LDT: Avoid warning in 32-bit builds with older gcc (bsc#1110006).
- x86/MCE/AMD: Define a function to get SMCA bank type (bsc#1110006).
- x86/MCE: Fix stack out-of-bounds write in mce-inject.c: Flags_read() (bsc#1110006).
- x86/MCE: Remove min interval polling limitation (bsc#1110006).
- x86/MCE: Report only DRAM ECC as memory errors on AMD systems (bsc#1110006).
- x86/MCE: Serialize sysfs changes (bsc#1110006).
- x86/PCI: Make broadcom_postcore_init() check acpi_disabled (bsc#1110006).
- x86/acpi: Prevent X2APIC id 0xffffffff from being accounted (bsc#1110006).
- x86/alternatives: Fixup alternative_call_2 (bsc#1110006).
- x86/apic/vector: Fix off by one in error path (bsc#1110006).
- x86/apic: Fix restoring boot IRQ mode in reboot and kexec/kdump (bsc#1110006).
- x86/apic: Set up through-local-APIC mode on the boot CPU if 'noapic' specified (bsc#1110006).
- x86/apic: Split disable_IO_APIC() into two functions to fix CONFIG_KEXEC_JUMP=y (bsc#1110006).
- x86/apic: Split out restore_boot_irq_mode() from disable_IO_APIC() (bsc#1110006).
- x86/asm/memcpy_mcsafe: Add labels for __memcpy_mcsafe() write fault handling (bsc#1098782).
- x86/asm/memcpy_mcsafe: Add write-protection-fault handling (bsc#1098782).
- x86/asm/memcpy_mcsafe: Define copy_to_iter_mcsafe() (bsc#1098782).
- x86/asm/memcpy_mcsafe: Fix copy_to_user_mcsafe() exception handling (bsc#1098782).
- x86/asm/memcpy_mcsafe: Provide original memcpy_mcsafe_unrolled (bsc#1098782).
- x86/asm/memcpy_mcsafe: Remove loop unrolling (bsc#1098782).
- x86/asm/memcpy_mcsafe: Return bytes remaining (bsc#1098782).
- x86/asm: Add _ASM_ARG* constants for argument registers to asm/asm.h (bsc#1110006).
- x86/asm: Allow again using asm.h when building for the 'bpf' clang target (bsc#1110006).
- x86/asm: Do not use the confusing '.ifeq' directive (bsc#1110006).
- x86/boot/64: Verify alignment of the LOAD segment (bsc#1110006).
- x86/boot/KASLR: Work around firmware bugs by excluding EFI_BOOT_SERVICES_* and EFI_LOADER_* from KASLR's choice (bsc#1112878).
- x86/boot/compressed/64: Print error if 5-level paging is not supported (bsc#1110006).
- x86/boot: Fix if_changed build flip/flop bug (bsc#1110006).
- x86/boot: Fix kexec booting failure in the SEV bit detection code (bsc#1110301).
- x86/boot: Move EISA setup to a separate file (bsc#1110006).
- x86/boot: Relocate definition of the initial state of CR0 (bsc#1110006).
- x86/build/64: Force the linker to use 2MB page size (bsc#1109603).
- x86/build: Beautify build log of syscall headers (bsc#1110006).
- x86/cpu/AMD: Apply the Erratum 688 fix when the BIOS does not (bsc#1110006).
- x86/cpu/intel: Add missing TLB cpuid values (bsc#1110006).
- x86/cpufeature: Add User-Mode Instruction Prevention definitions (bsc#1110006).
- x86/cpufeatures: Add Intel PCONFIG cpufeature (bsc#1110006).
- x86/cpufeatures: Add Intel Total Memory Encryption cpufeature (bsc#1110006).
- x86/debug: Handle warnings before the notifier chain, to fix KGDB crash (bsc#1110006).
- x86/decoder: Add new TEST instruction pattern (bsc#1110006).
- x86/dumpstack: Save first regs set for the executive summary (bsc#1110006).
- x86/dumpstack: Unify show_regs() (bsc#1110006).
- x86/efi: Fix efi_call_phys_epilog() with CONFIG_X86_5LEVEL=y (bsc#1110006).
- x86/eisa: Add missing include (bsc#1110006).
- x86/entry/64: Add two more instruction suffixes (bsc#1110006).
- x86/entry/64: Remove %ebx handling from error_entry/exit (bsc#1102715).
- x86/entry/64: Use 'xorl' for faster register clearing (bsc#1110006).
- x86/entry/64: Wipe KASAN stack shadow before rewind_stack_do_exit() (bsc#1110006).
- x86/entry: Reduce the code footprint of the 'idtentry' macro (bsc#1110006).
- x86/entry: Use SYSCALL_DEFINE() macros for sys_modify_ldt() (bsc#1110006).
- x86/espfix/64: Fix espfix double-fault handling on 5-level systems (bsc#1110006).
- x86/events/intel/ds: Fix bts_interrupt_threshold alignment (git-fixes c1961a4631da).
- x86/fpu/debug: Remove unused 'x86_fpu_state' and 'x86_fpu_deactivate_state' tracepoints (bsc#1110006).
- x86/fpu: Make XSAVE check the base CPUID features before enabling (bsc#1110006).
- x86/fpu: Parse clearcpuid= as early XSAVE argument (bsc#1110006).
- x86/fpu: Remove second definition of fpu in __fpu__restore_sig() (bsc#1110006).
- x86/fpu: Remove the explicit clearing of XSAVE dependent features (bsc#1110006).
- x86/headers/UAPI: Use __u64 instead of u64 in uapi/asm/hyperv.h (bsc#1107207).
- x86/hyper-V: Allocate the IDT entry early in boot (bsc#1107207).
- x86/hyper-v: Check cpumask_to_vpset() return value in hyperv_flush_tlb_others_ex() (bsc#1107207).
- x86/hyper-v: Check for VP_INVAL in hyperv_flush_tlb_others() (bsc#1107207).
- x86/hyper-v: Fix the circular dependency in IPI enlightenment (bsc#1107207).
- x86/hyper-v: Fix wrong merge conflict resolution (bsc#1107207).
- x86/hyper-v: Implement hv_do_fast_hypercall16 (bsc#1107207).
- x86/hyper-v: Trace PV IPI send (bsc#1107207).
- x86/hyper-v: Use 'fast' hypercall for HVCALL_SEND_IPI (bsc#1107207).
- x86/hyper-v: Use cheaper HVCALL_FLUSH_VIRTUAL_ADDRESS_{LIST,SPACE} hypercalls when possible (bsc#1107207).
- x86/hyper-v: Use cheaper HVCALL_SEND_IPI hypercall when possible (bsc#1107207).
- x86/hyper-v: allocate and use Virtual Processor Assist Pages (bsc#1107207).
- x86/hyper-v: define struct hv_enlightened_vmcs and clean field bits (bsc#1107207).
- x86/hyper-v: detect nested features (bsc#1107207).
- x86/hyper-v: move definitions from TLFS to hyperv-tlfs.h (bsc#1107207).
- x86/hyper-v: move hyperv.h out of uapi (bsc#1107207).
- x86/hyper-v: move struct hv_flush_pcpu{,ex} definitions to common header (bsc#1107207).
- x86/hyper-v: rename ipi_arg_{ex,non_ex} structures (bsc#1107207).
- x86/hyperv: Add a function to read both TSC and TSC page value simulateneously (bsc#1107207).
- x86/hyperv: Add interrupt handler annotations (bsc#1107207).
- x86/hyperv: Check for required priviliges in hyperv_init() (bsc#1107207).
- x86/hyperv: Check for required priviliges in hyperv_init() (bsc#1110006).
- x86/hyperv: Redirect reenlightment notifications on CPU offlining (bsc#1107207).
- x86/hyperv: Reenlightenment notifications support (bsc#1107207).
- x86/idt: Load idt early in start_secondary (bsc#1110006).
- x86/init: fix build with CONFIG_SWAP=n (bsc#1106121).
- x86/intel_rdt: Enable CMT and MBM on new Skylake stepping (bsc#1110006).
- x86/intel_rdt: Fix incorrect returned value when creating rdgroup sub-directory in resctrl file system (bsc#1110006).
- x86/intel_rdt: Fix potential deadlock during resctrl mount (bsc#1110006).
- x86/intel_rdt: Fix potential deadlock during resctrl unmount (bsc#1110006).
- x86/irq: Count Hyper-V reenlightenment interrupts (bsc#1107207).
- x86/irq: Remove an old outdated comment about context tracking races (bsc#1110006).
- x86/irq: implement irq_data_get_effective_affinity_mask() for v4.12 (bsc#1109772).
- x86/kasan/64: Teach KASAN about the cpu_entry_area (kasan).
- x86/kasan: Panic if there is not enough memory to boot (bsc#1110006).
- x86/kexec: Avoid double free_page() upon do_kexec_load() failure (bsc#1110006).
- x86/kexec: Correct KEXEC_BACKUP_SRC_END off-by-one error (bsc#1114279).
- x86/kexec: Make kexec (mostly) work in 5-level paging mode (bsc#1110006).
- x86/kprobes: Fix kernel crash when probing .entry_trampoline code (bsc#1110006).
- x86/kvm/hyper-v: add reenlightenment MSRs support (bsc#1107207).
- x86/kvm/hyper-v: inject #GP only when invalid SINTx vector is unmasked (bsc#1107207).
- x86/kvm/hyper-v: remove stale entries from vec_bitmap/auto_eoi_bitmap on vector change (bsc#1107207).
- x86/kvm/vmx: Remove duplicate l1d flush definitions (bsc#1110006).
- x86/kvm: fix LAPIC timer drift when guest uses periodic mode (bsc#1106240).
- x86/kvm: rename HV_X64_MSR_APIC_ASSIST_PAGE to HV_X64_MSR_VP_ASSIST_PAGE (bsc#1107207).
- x86/mce/AMD: Get address from already initialized block (bsc#1110006).
- x86/mce: Add notifier_block forward declaration (bsc#1110006).
- x86/mce: Check for alternate indication of machine check recovery on Skylake (bsc#1110006).
- x86/mce: Do not overwrite MCi_STATUS in mce_no_way_out() (bsc#1110006).
- x86/mce: Fix incorrect 'Machine check from unknown source' message (bsc#1110006).
- x86/mce: Fix set_mce_nospec() to avoid #GP fault (bsc#1107783).
- x86/mce: Improve error message when kernel cannot recover (bsc#1110006).
- x86/mce: Improve error message when kernel cannot recover (bsc#1110301).
- x86/mcelog: Get rid of RCU remnants (git-fixes 5de97c9f6d85).
- x86/memory_failure: Introduce {set, clear}_mce_nospec() (bsc#1107783).
- x86/microcode/intel: Check microcode revision before updating sibling threads (bsc#1110006).
- x86/microcode/intel: Fix memleak in save_microcode_patch() (bsc#1110006).
- x86/microcode/intel: Look into the patch cache first (bsc#1110006).
- x86/microcode/intel: Save microcode patch unconditionally (bsc#1110006).
- x86/microcode/intel: Writeback and invalidate caches before updating microcode (bsc#1110006).
- x86/microcode: Allow late microcode loading with SMT disabled (bsc#1110006).
- x86/microcode: Attempt late loading only when new microcode is present (bsc#1110006).
- x86/microcode: Do not exit early from __reload_late() (bsc#1110006).
- x86/microcode: Do not upload microcode if CPUs are offline (bsc#1110006).
- x86/microcode: Fix CPU synchronization routine (bsc#1110006).
- x86/microcode: Get rid of struct apply_microcode_ctx (bsc#1110006).
- x86/microcode: Make sure boot_cpu_data.microcode is up-to-date (bsc#1110006).
- x86/microcode: Make the late update update_lock a raw lock for RT (bsc#1110006).
- x86/microcode: Propagate return value from updating functions (bsc#1110006).
- x86/microcode: Request microcode on the BSP (bsc#1110006).
- x86/microcode: Synchronize late microcode loading (bsc#1110006).
- x86/microcode: Update the new microcode revision unconditionally (bsc#1110006).
- x86/mm/32: Initialize the CR4 shadow before __flush_tlb_all() (bsc#1110006).
- x86/mm/64: Rename the register_page_bootmem_memmap() 'size' parameter to 'nr_pages' (bsc#1110006).
- x86/mm/kasan: Do not use vmemmap_populate() to initialize shadow (kasan).
- x86/mm/kmmio: Fix mmiotrace for page unaligned addresses (bsc#1110006).
- x86/mm/kmmio: Make the tracer robust against L1TF (bsc#1110006).
- x86/mm/memory_hotplug: determine block size based on the end of boot memory (bsc#1108243).
- x86/mm/pat: Make set_memory_np() L1TF safe (bsc#1110006).
- x86/mm/pat: Prepare {reserve, free}_memtype() for 'decoy' addresses (bsc#1107783).
- x86/mm/pti: Add an overflow check to pti_clone_pmds() (bsc#1110006).
- x86/mm/pti: Fix PTI comment in entry_SYSCALL_64() (bsc#1110006).
- x86/mm/tlb: Always use lazy TLB mode (bsc#1105467 Reduce IPIs and atomic ops with improved lazy TLB).
- x86/mm/tlb: Leave lazy TLB mode at page table free time (bsc#1105467 Reduce IPIs and atomic ops with improved lazy TLB).
- x86/mm/tlb: Make lazy TLB mode lazier (bsc#1105467 Reduce IPIs and atomic ops with improved lazy TLB).
- x86/mm/tlb: Only send page table free TLB flush to lazy TLB CPUs (bsc#1105467 Reduce IPIs and atomic ops with improved lazy TLB).
- x86/mm/tlb: Restructure switch_mm_irqs_off() (bsc#1105467 Reduce IPIs and atomic ops with improved lazy TLB).
- x86/mm/tlb: Skip atomic operations for 'init_mm' in switch_mm_irqs_off() (bsc#1105467 Reduce IPIs and atomic ops with improved lazy TLB).
- x86/mm: Add TLB purge to free pmd/pte page interfaces (bsc#1110006).
- x86/mm: Define _PAGE_TABLE using _KERNPG_TABLE (bsc#1110006).
- x86/mm: Disable ioremap free page handling on x86-PAE (bsc#1110006).
- x86/mm: Do not forbid _PAGE_RW before init for __ro_after_init (bsc#1110006).
- x86/mm: Drop TS_COMPAT on 64-bit exec() syscall (bsc#1110006).
- x86/mm: Expand static page table for fixmap space (bsc#1110006).
- x86/mm: Fix ELF_ET_DYN_BASE for 5-level paging (bsc#1110006).
- x86/mm: Fix bogus warning during EFI bootup, use boot_cpu_has() instead of this_cpu_has() in build_cr3_noflush() (bsc#1110006).
- x86/mm: Relocate page fault error codes to traps.h (bsc#1110006).
- x86/mm: Remove in_nmi() warning from vmalloc_fault() (bsc#1110006).
- x86/mm: implement free pmd/pte page interfaces (bsc#1110006).
- x86/mpx: Do not allow MPX if we have mappings above 47-bit (bsc#1110006).
- x86/nmi: Fix NMI uaccess race against CR3 switching (bsc#1110006).
- x86/numa_emulation: Fix emulated-to-physical node mapping (bsc#1110006).
- x86/oprofile: Fix bogus GCC-8 warning in nmi_setup() (bsc#1110006).
- x86/pae: use 64 bit atomic xchg function in native_ptep_get_and_clear (bsc#1110006).
- x86/paravirt: Fix some warning messages (bsc#1065600).
- x86/paravirt: Fix spectre-v2 mitigations for paravirt guests (bsc#1065600).
- x86/paravirt: Remove 'noreplace-paravirt' cmdline option (bsc#1110006).
- x86/percpu: Fix this_cpu_read() (bsc#1110006).
- x86/pgtable: Do not set huge PUD/PMD on non-leaf entries (bsc#1110006).
- x86/pkeys: Do not special case protection key 0 (bsc#1110006).
- x86/pkeys: Override pkey when moving away from PROT_EXEC (bsc#1110006).
- x86/platform/UV: Add adjustable set memory block size function (bsc#1108243).
- x86/platform/UV: Add kernel parameter to set memory block size (bsc#1108243).
- x86/platform/UV: Mark memblock related init code and data correctly (bsc#1108243).
- x86/platform/UV: Use new set memory block size function (bsc#1108243).
- x86/power: Fix swsusp_arch_resume prototype (bsc#1110006).
- x86/process: Do not mix user/kernel regs in 64bit __show_regs() (bsc#1110006).
- x86/process: Re-export start_thread() (bsc#1110006).
- x86/pti: Check the return value of pti_user_pagetable_walk_p4d() (bsc#1110006).
- x86/pti: Check the return value of pti_user_pagetable_walk_pmd() (bsc#1110006).
- x86/retpoline/checksum32: Convert assembler indirect jumps (bsc#1110006).
- x86/retpoline/irq32: Convert assembler indirect jumps (bsc#1110006).
- x86/smp: fix non-SMP broken build due to redefinition of apic_id_is_primary_thread (bsc#1110006).
- x86/smpboot: Do not use mwait_play_dead() on AMD systems (bsc#1110006).
- x86/spectre: Add missing family 6 check to microcode check (git-fixes a5b296636453).
- x86/spectre: Fix spelling mistake: 'vunerable'-> 'vulnerable' (bsc#1110006).
- x86/speculation, objtool: Annotate indirect calls/jumps for objtool on 32-bit kernels (bsc#1110006).
- x86/speculation/l1tf: Exempt zeroed PTEs from inversion (bsc#1110006).
- x86/speculation/l1tf: Extend 64bit swap file size limit (bsc#1110006).
- x86/speculation/l1tf: Fix off-by-one error when warning that system has too much RAM (bsc#1105536).
- x86/speculation/l1tf: Fix overflow in l1tf_pfn_limit() on 32bit (bsc#1105536).
- x86/speculation/l1tf: Fix up pte->pfn conversion for PAE (bsc#1110006).
- x86/speculation/l1tf: Increase l1tf memory limit for Nehalem+ (bsc#1105536).
- x86/speculation/l1tf: Invert all not present mappings (bsc#1110006).
- x86/speculation/l1tf: Make pmd/pud_mknotpresent() invert (bsc#1110006).
- x86/speculation/l1tf: Protect PAE swap entries against L1TF (bsc#1110006).
- x86/speculation/l1tf: Suggest what to do on systems with too much RAM (bsc#1105536).
- x86/speculation: Simplify sysfs report of VMX L1TF vulnerability (bsc#1110006).
- x86/speculation: Use ARCH_CAPABILITIES to skip L1D flush on vmentry (bsc#1106369).
- x86/time: Correct the attribute on jiffies' definition (bsc#1110006).
- x86/topology: Update the 'cpu cores' field in /proc/cpuinfo correctly across CPU hotplug operations (bsc#1110006).
- x86/tsc: Add missing header to tsc_msr.c (bsc#1110006).
- x86/tsc: Allow TSC calibration without PIT (bsc#1110006).
- x86/tsc: Prevent 32bit truncation in calc_hpet_ref() (bsc#1110006).
- x86/vdso: Fix asm constraints on vDSO syscall fallbacks (bsc#1110006).
- x86/vdso: Fix lsl operand order (bsc#1110006).
- x86/vdso: Fix lsl operand order (bsc#1110301).
- x86/vdso: Fix vDSO syscall fallback asm constraint regression (bsc#1110006).
- x86/xen/efi: Initialize only the EFI struct members used by Xen (bsc#1107945).
- x86/xen: Add call of speculative_store_bypass_ht_init() to PV paths (bsc#1065600).
- x86/xen: Delay get_cpu_cap until stack canary is established (bsc#1110006).
- x86/xen: Drop 5-level paging support code from the XEN_PV code (bsc#1110006).
- x86/xen: Reset VCPU0 info pointer after shared_info remap (bsc#1110006).
- x86/xen: do not write ptes directly in 32-bit PV guests (bsc#1110006).
- x86: Add check for APIC access address for vmentry of L2 guests (bsc#1110006).
- x86: Call fixup_exception() before notify_die() in math_error() (bsc#1110006).
- x86: Delay skip of emulated hypercall instruction (bsc#1107207).
- x86: Delay skip of emulated hypercall instruction (bsc#1110006).
- x86: PM: Make APM idle driver initialize polling state (bsc#1110006).
- x86: i8259: Add missing include file (bsc#1110006).
- x86: irq_remapping: Move irq remapping mode enum ().
- x86: kvm: avoid unused variable warning (bsc#1110006).
- x86: msr-index.h: Correct SNB_C1/C3_AUTO_UNDEMOTE defines (bsc#1110006).
- x86: msr-index.h: Correct SNB_C1/C3_AUTO_UNDEMOTE defines (bsc#1110301).
- xen-netfront: fix bug concerning replacement of MAX_SKB_FRAGS with XEN_NETIF_NR_SLOTS_MIN (bsc#1104824).
- xen-netfront: fix queue name setting (bsc#1065600).
- xen-netfront: fix warn message as irq device name has '/' (bsc#1065600).
- xen-swiotlb: fix the check condition for xen_swiotlb_free_coherent (bsc#1065600).
- xen/PVH: Set up GS segment for stack canary (bsc#1110006).
- xen/blkback: do not keep persistent grants too long (bsc#1085042).
- xen/blkback: move persistent grants flags to bool (bsc#1085042).
- xen/blkback: remove unused pers_gnts_lock from struct (bsc#1085042).
- xen/blkfront: cleanup stale persistent grants (bsc#1085042).
- xen/blkfront: reorder tests in xlblk_init() (bsc#1085042).
- xen/gntdev: avoid out of bounds access in case of partial gntdev_mmap() (bsc#1065600).
- xen/x86/vpmu: Zero struct pt_regs before calling into sample handling code (bsc#1110006).
- xen: Fix {set,clear}_foreign_p2m_mapping on autotranslating guests (bsc#1110006).
- xen: Remove unnecessary BUG_ON from __unbind_from_irq() (bsc#1065600).
- xen: avoid crash in disable_hotplug_cpu (bsc#1106594).
- xen: issue warning message when out of grant maptrack entries (bsc#1105795).
- xen: xenbus_dev_frontend: Fix XS_TRANSACTION_END handling (bsc#1065600).
- xen: xenbus_dev_frontend: Really return response string (bsc#1065600).
- xenbus: track caller request id (bsc#1065600).
- xfrm: use complete IPv6 addresses for hash (bsc#1109330).
- xfs, dax: introduce xfs_dax_aops (bsc#1104888).
- xfs: Fix per-inode DAX flag inheritance (Git-fixes bsc#1109511).
- xfs: Remove dead code from inode recover function (bsc#1105396).
- xfs: add a new xfs_iext_lookup_extent_before helper (bsc#1095344).
- xfs: add a xfs_bmap_fork_to_state helper (bsc#1095344).
- xfs: add a xfs_iext_update_extent helper (bsc#1095344).
- xfs: add asserts for the mmap lock in xfs_{insert,collapse}_file_space (bsc#1095344).
- xfs: add comments documenting the rebalance algorithm (bsc#1095344).
- xfs: add some comments to xfs_iext_insert/xfs_iext_insert_node (bsc#1095344).
- xfs: allow unaligned extent records in xfs_bmbt_disk_set_all (bsc#1095344).
- xfs: do not create overlapping extents in xfs_bmap_add_extent_delay_real (bsc#1095344).
- xfs: do not fail when converting shortform attr to long form during ATTR_REPLACE (bsc#1105025).
- xfs: do not rely on extent indices in xfs_bmap_collapse_extents (bsc#1095344).
- xfs: do not rely on extent indices in xfs_bmap_insert_extents (bsc#1095344).
- xfs: do not set XFS_BTCUR_BPRV_WASDEL in xfs_bunmapi (bsc#1095344).
- xfs: fix memory leak in xfs_iext_free_last_leaf (bsc#1095344).
- xfs: fix number of records handling in xfs_iext_split_leaf (bsc#1095344).
- xfs: fix type usage (bsc#1095344).
- xfs: handle zero entries case in xfs_iext_rebalance_leaf (bsc#1095344).
- xfs: inline xfs_shift_file_space into callers (bsc#1095344).
- xfs: introduce the xfs_iext_cursor abstraction (bsc#1095344).
- xfs: iterate backwards in xfs_reflink_cancel_cow_blocks (bsc#1095344).
- xfs: iterate over extents in xfs_bmap_extents_to_btree (bsc#1095344).
- xfs: iterate over extents in xfs_iextents_copy (bsc#1095344).
- xfs: make better use of the 'state' variable in xfs_bmap_del_extent_real (bsc#1095344).
- xfs: merge xfs_bmap_read_extents into xfs_iread_extents (bsc#1095344).
- xfs: move pre/post-bmap tracing into xfs_iext_update_extent (bsc#1095344).
- xfs: move some code around inside xfs_bmap_shift_extents (bsc#1095344).
- xfs: move some more code into xfs_bmap_del_extent_real (bsc#1095344).
- xfs: move xfs_bmbt_irec and xfs_exntst_t to xfs_types.h (bsc#1095344).
- xfs: move xfs_iext_insert tracepoint to report useful information (bsc#1095344).
- xfs: pass a struct xfs_bmbt_irec to xfs_bmbt_lookup_eq (bsc#1095344).
- xfs: pass a struct xfs_bmbt_irec to xfs_bmbt_update (bsc#1095344).
- xfs: pass an on-disk extent to xfs_bmbt_validate_extent (bsc#1095344).
- xfs: pass struct xfs_bmbt_irec to xfs_bmbt_validate_extent (bsc#1095344).
- xfs: preserve i_rdev when recycling a reclaimable inode (bsc#1095344).
- xfs: refactor delalloc accounting in xfs_bmap_add_extent_delay_real (bsc#1095344).
- xfs: refactor dir2 leaf readahead shadow buffer cleverness (bsc#1095344).
- xfs: refactor xfs_bmap_add_extent_delay_real (bsc#1095344).
- xfs: refactor xfs_bmap_add_extent_hole_delay (bsc#1095344).
- xfs: refactor xfs_bmap_add_extent_hole_real (bsc#1095344).
- xfs: refactor xfs_bmap_add_extent_unwritten_real (bsc#1095344).
- xfs: refactor xfs_del_extent_real (bsc#1095344).
- xfs: remove XFS_BMAP_MAX_SHIFT_EXTENTS (bsc#1095344).
- xfs: remove XFS_BMAP_TRACE_EXLIST (bsc#1095344).
- xfs: remove a duplicate assignment in xfs_bmap_add_extent_delay_real (bsc#1095344).
- xfs: remove a superflous assignment in xfs_iext_remove_node (bsc#1095344).
- xfs: remove all xfs_bmbt_set_* helpers except for xfs_bmbt_set_all (bsc#1095344).
- xfs: remove if_rdev (bsc#1095344).
- xfs: remove post-bmap tracing in xfs_bmap_local_to_extents (bsc#1095344).
- xfs: remove support for inlining data/extents into the inode fork (bsc#1095344).
- xfs: remove the never fully implemented UUID fork format (bsc#1095344).
- xfs: remove the nr_extents argument to xfs_iext_insert (bsc#1095344).
- xfs: remove the nr_extents argument to xfs_iext_remove (bsc#1095344).
- xfs: remove xfs_bmbt_get_state (bsc#1095344).
- xfs: remove xfs_bmse_shift_one (bsc#1095344).
- xfs: rename bno to end in __xfs_bunmapi (bsc#1095344).
- xfs: repair malformed inode items during log recovery (bsc#1105396).
- xfs: replace xfs_bmbt_lookup_ge with xfs_bmbt_lookup_first (bsc#1095344).
- xfs: replace xfs_qm_get_rtblks with a direct call to xfs_bmap_count_leaves (bsc#1095344).
- xfs: rewrite getbmap using the xfs_iext_* helpers (bsc#1095344).
- xfs: rewrite xfs_bmap_count_leaves using xfs_iext_get_extent (bsc#1095344).
- xfs: rewrite xfs_bmap_first_unused to make better use of xfs_iext_get_extent (bsc#1095344).
- xfs: simplify the xfs_getbmap interface (bsc#1095344).
- xfs: simplify xfs_reflink_convert_cow (bsc#1095344).
- xfs: split xfs_bmap_shift_extents (bsc#1095344).
- xfs: switch xfs_bmap_local_to_extents to use xfs_iext_insert (bsc#1095344).
- xfs: treat idx as a cursor in xfs_bmap_add_extent_delay_real (bsc#1095344).
- xfs: treat idx as a cursor in xfs_bmap_add_extent_hole_delay (bsc#1095344).
- xfs: treat idx as a cursor in xfs_bmap_add_extent_hole_real (bsc#1095344).
- xfs: treat idx as a cursor in xfs_bmap_add_extent_unwritten_real (bsc#1095344).
- xfs: treat idx as a cursor in xfs_bmap_collapse_extents (bsc#1095344).
- xfs: treat idx as a cursor in xfs_bmap_del_extent_* (bsc#1095344).
- xfs: trivial indentation fixup for xfs_iext_remove_node (bsc#1095344).
- xfs: update got in xfs_bmap_shift_update_extent (bsc#1095344).
- xfs: use a b+tree for the in-core extent list (bsc#1095344).
- xfs: use correct state defines in xfs_bmap_del_extent_{cow,delay} (bsc#1095344).
- xfs: use the state defines in xfs_bmap_del_extent_real (bsc#1095344).
- xfs: use xfs_bmap_del_extent_delay for the data fork as well (bsc#1095344).
- xfs: use xfs_iext_*_extent helpers in xfs_bmap_shift_extents (bsc#1095344).
- xfs: use xfs_iext_*_extent helpers in xfs_bmap_split_extent_at (bsc#1095344).
- xfs: use xfs_iext_get_extent in xfs_bmap_first_unused (bsc#1095344).
- xfs: use xfs_iext_get_extent instead of open coding it (bsc#1095344).
- xhci: Add missing CAS workaround for Intel Sunrise Point xHCI (bsc#1051510).
- xhci: Do not print a warning when setting link state for disabled ports (bsc#1051510).
- xhci: Fix use after free for URB cancellation on a reallocated endpoint (bsc#1051510).
- zram: fix null dereference of handle (bsc#1105355).
Patchnames
SUSE-SLE-Module-Public-Cloud-15-2018-2819
Terms of use
CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).
{ document: { aggregate_severity: { namespace: "https://www.suse.com/support/security/rating/", text: "important", }, category: "csaf_security_advisory", csaf_version: "2.0", distribution: { text: "Copyright 2024 SUSE LLC. All rights reserved.", tlp: { label: "WHITE", url: "https://www.first.org/tlp/", }, }, lang: "en", notes: [ { category: "summary", text: "Security update for the Linux Kernel", title: "Title of the patch", }, { category: "description", text: "\nThe SUSE Linux Enterprise 15 azure kernel was updated to receive various security and bugfixes.\n\n\nThe following security bugs were fixed:\n\n- CVE-2018-9363: Fixed an integer overflow that could have been used for an out of bounds write with no additional execution privileges needed. User interaction is not needed for exploitation (bsc#1105292).\n- CVE-2018-6555: The irda_setsockopt function in net/irda/af_irda.c was fixed in drivers/staging/irda/net/af_irda.c that allowed local users to cause a denial of service (ias_object use-after-free and system crash) or possibly have unspecified other impact via an AF_IRDA socket (bsc#1106511).\n- CVE-2018-6554: Fixed memory leak in the irda_bind function in net/irda/af_irda.c and later in drivers/staging/irda/net/af_irda.c that allowed local users to cause a denial of service (memory consumption) by repeatedly binding an AF_IRDA socket (bsc#1106509).\n- CVE-2018-18710: An information leak was fixed in cdrom_ioctl_select_disc in drivers/cdrom/cdrom.c that could have been used by local attackers to read kernel memory because a cast from unsigned long to int interferes with bounds checking. This is similar to CVE-2018-10940 and CVE-2018-16658 (bsc#1113751).\n- CVE-2018-18445: Fixed faulty computation of numeric bounds in the BPF verifier that now permits out-of-bounds memory accesses because adjust_scalar_min_max_vals in kernel/bpf/verifier.c mishandled 32-bit right shifts (bsc#1112372).\n- CVE-2018-17182: The vmacache_flush_all function in mm/vmacache.c was fixed that was vulnerable to sequence number overflows. An attacker can trigger a use-after-free (and possibly gain privileges) via certain thread creation, map, unmap, invalidation, and dereference operations. (bsc#1108399).\n- CVE-2018-16658: An information leak in cdrom_ioctl_drive_status in drivers/cdrom/cdrom.c was fixed that could have leed to be used by local attackers to read kernel memory because a cast from unsigned long to int interferes with bounds checking. This is similar to CVE-2018-10940 (bsc#1107689).\n- CVE-2018-15572: The spectre_v2_select_mitigation function in arch/x86/kernel/cpu/bugs.c was not always fill RSB upon a context switch, which makes it easier for attackers to conduct userspace-userspace spectreRSB attacks. (bsc#1102517)\n- CVE-2018-14633: A security flaw was fixed in the chap_server_compute_md5() function in the ISCSI target code in a way an authentication request from an ISCSI initiator is processed. An unauthenticated remote attacker can cause a stack buffer overflow and smash up to 17 bytes of the stack. The attack requires the iSCSI target to be enabled on the victim host. Depending on how the target's code was built (i.e. depending on a compiler, compile flags and hardware architecture) an attack may lead to a system crash and thus to a denial-of-service or possibly to a non-authorized access to data exported by an iSCSI target. Due to the nature of the flaw, privilege escalation cannot be fully ruled out, although we believe it is highly unlikely (bsc#1107829).\n- CVE-2018-14617: A NULL pointer dereference and panic in hfsplus_lookup() was fixed when opening a file (that is purportedly a hard link) in an hfs+ filesystem that has malformed catalog data, and is mounted read-only without a metadata directory. (bsc#1102870)\n- CVE-2018-14613: An invalid pointer dereference in io_ctl_map_page() was fixed when mounting and operating a crafted btrfs image, because of a lack of block group item validation in check_leaf_item in fs/btrfs/tree-checker.c. (bsc#1102896)\n- CVE-2018-13095: A denial of service (memory corruption and BUG) was fixed to prevent a corrupted xfs image upon encountering an inode that is in extent format, but has more extents than fit in the inode fork. (bsc#1099999)\n- CVE-2018-13093: A NULL pointer dereference and panic in lookup_slow() on a NULL was fixed to prevent pathwalks on a corrupted xfs image. This occurs because of a lack of proper validation that cached inodes are free during allocation. (bsc#1100001)\n- CVE-2018-12896: An integer overflow in the POSIX timer code was fixed to prevent overrun accounting works. Depending on interval and expiry time values, the overrun can be larger than INT_MAX, but the accounting is int based. This basically makes the accounting values, which are visible to user space via timer_getoverrun(2) and siginfo::si_overrun, random. For example, a local user can cause a denial of service (signed integer overflow) via crafted mmap, futex, timer_create, and timer_settime system calls. (bsc#1099922)\n- CVE-2018-1129: The signature calculation was fixed to by the cephx authentication protocol. An attacker having access to ceph cluster network who is able to alter the message payload was able to bypass signature checks done by cephx protocol. Ceph branches master, mimic, luminous and jewel are believed to be vulnerable. (bsc#1096748)\n- CVE-2018-1128: The cephx authentication protocol was fixed to verify ceph clients correctly and to prevent the vulnerability to replay attack. Any attacker having access to ceph cluster network who is able to sniff packets on network could have used this vulnerability to authenticate with ceph service and perform actions allowed by ceph service. Ceph branches master, mimic, luminous and jewel are believed to be vulnerable (bsc#1096748).\n- CVE-2018-10940: The cdrom_ioctl_media_changed function in drivers/cdrom/cdrom.c was fixed to prevent local attackers to use a incorrect bounds check in the CDROM driver CDROM_MEDIA_CHANGED ioctl to read out kernel memory (bsc#1092903).\n- CVE-2018-10938: A flaw was fixed how the kernel handled network packet sent remotely by an attacker that may forced the kernel to enter an infinite loop in the cipso_v4_optptr() function in net/ipv4/cipso_ipv4.c leading to a denial-of-service. A certain non-default configuration of LSM (Linux Security Module) and NetLabel should be set up on a system before an attacker could leverage this flaw. (bsc#1106016)\n- CVE-2018-10902: The the raw midi kernel driver was fixed to be protected against concurrent access which could have lead to a double realloc (double free) in snd_rawmidi_input_params() and snd_rawmidi_output_status() which are part of snd_rawmidi_ioctl() handler in rawmidi.c file. A malicious local attacker could possibly use this for privilege escalation (bsc#1105322).\n- CVE-2017-18224: fs/ocfs2/aops.c omits use of a semaphore and consequently had a race condition for access to the extent tree during read operations in DIRECT mode, which allows local users to cause a denial of service (BUG) by modifying a certain e_cpos field (bsc#1084831).\n- CVE-2017-16533: The usbhid_parse function in drivers/hid/usbhid/hid-core.c allowed local users to cause a denial of service (out-of-bounds read and system crash) or possibly have unspecified other impact via a crafted USB device (bsc#1066674).\n\n\nThe following security bug was previously fixed by has now an assigned CVE number:\n\n- CVE-2018-18386: drivers/tty/n_tty.c in the Linux kernel allowed local attackers (who are able to access pseudo terminals) to hang/block further usage of any pseudo terminal devices due to an EXTPROC versus ICANON confusion in TIOCINQ (bnc#1094825).\n\n\nThe following non-security bugs were fixed:\n\n- /dev/mem: Add bounce buffer for copy-out (git-fixes).\n- /dev/mem: Avoid overwriting 'err' in read_mem() (git-fixes).\n- 9p/net: Fix zero-copy path in the 9p virtio transport (bsc#1051510).\n- 9p/virtio: fix off-by-one error in sg list bounds check (bsc#1051510).\n- 9p: fix multiple NULL-pointer-dereferences (bsc#1051510).\n- ACPI / APEI: Remove ghes_ioremap_area (bsc#1051510).\n- ACPI / EC: Add another entry for Thinkpad X1 Carbon 6th (bsc#1051510).\n- ACPI / EC: Add parameter to force disable the GPE on suspend (bsc#1051510).\n- ACPI / EC: Use ec_no_wakeup on ThinkPad X1 Yoga 3rd (bsc#1051510).\n- ACPI / EC: Use ec_no_wakeup on Thinkpad X1 Carbon 6th (bsc#1051510).\n- ACPI / EC: Use ec_no_wakeup on more Thinkpad X1 Carbon 6th systems (bsc#1051510).\n- ACPI / PCI: pci_link: Allow the absence of _PRS and change log level (bsc#1104172).\n- ACPI / PM: save NVS memory for ASUS 1025C laptop (bsc#1051510).\n- ACPI / bus: Only call dmi_check_system on X86 (bsc#1105597, bsc#1106178).\n- ACPI / processor: Fix the return value of acpi_processor_ids_walk() (bsc#1051510).\n- ACPI / scan: Initialize status to ACPI_STA_DEFAULT (bsc#1051510).\n- ACPI/IORT: Remove temporary iort_get_id_mapping_index() ACPICA guard (bsc#1103387).\n- ACPI/PCI: pci_link: reduce verbosity when IRQ is enabled (bsc#1104172).\n- ACPICA: Reference Counts: increase max to 0x4000 for large servers (bsc#1108241).\n- ACPICA: iasl: Add SMMUv3 device ID mapping index support (bsc#1103387).\n- ALSA: bebob: fix memory leak for M-Audio FW1814 and ProjectMix I/O at error path (bsc#1051510).\n- ALSA: bebob: use address returned by kmalloc() instead of kernel stack for streaming DMA mapping (bsc#1051510).\n- ALSA: cs46xx: Deliver indirect-PCM transfer error ().\n- ALSA: cs5535audio: Fix invalid endian conversion (bsc#1051510).\n- ALSA: emu10k1: Deliver indirect-PCM transfer error ().\n- ALSA: emu10k1: fix possible info leak to userspace on SNDRV_EMU10K1_IOCTL_INFO (bsc#1051510).\n- ALSA: fireface: fix memory leak in ff400_switch_fetching_mode() (bsc#1051510).\n- ALSA: firewire-digi00x: fix memory leak of private data (bsc#1051510).\n- ALSA: firewire-tascam: fix memory leak of private data (bsc#1051510).\n- ALSA: fireworks: fix memory leak of response buffer at error path (bsc#1051510).\n- ALSA: hda - Add mic quirk for the Lenovo G50-30 (17aa:3905) (bsc#1051510).\n- ALSA: hda - Add quirk for ASUS G751 laptop (bsc#1051510).\n- ALSA: hda - Fix cancel_work_sync() stall from jackpoll work (bsc#1051510).\n- ALSA: hda - Fix headphone pin config for ASUS G751 (bsc#1051510).\n- ALSA: hda - Sleep for 10ms after entering D3 on Conexant codecs (bsc#1051510).\n- ALSA: hda - Turn CX8200 into D3 as well upon reboot (bsc#1051510).\n- ALSA: hda/realtek - Cannot adjust speaker's volume on Dell XPS 27 7760 (bsc#1051510).\n- ALSA: hda/realtek - Fix the problem of the front MIC on the Lenovo M715 (bsc#1051510).\n- ALSA: hda: Add 2 more models to the power_save blacklist (bsc#1051510).\n- ALSA: hda: Add AZX_DCAPS_PM_RUNTIME for AMD Raven Ridge (bsc#1051510).\n- ALSA: hda: Correct Asrock B85M-ITX power_save blacklist entry (bsc#1051510).\n- ALSA: hda: fix unused variable warning (bsc#1051510).\n- ALSA: memalloc: Do not exceed over the requested size (bsc#1051510).\n- ALSA: mips: Deliver indirect-PCM transfer error ().\n- ALSA: msnd: Fix the default sample sizes (bsc#1051510).\n- ALSA: oxfw: fix memory leak for model-dependent data at error path (bsc#1051510).\n- ALSA: oxfw: fix memory leak of discovered stream formats at error path (bsc#1051510).\n- ALSA: oxfw: fix memory leak of private data (bsc#1051510).\n- ALSA: pcm: Fix negative appl_ptr handling in pcm-indirect helpers ().\n- ALSA: pcm: Fix snd_interval_refine first/last with open min/max (bsc#1051510).\n- ALSA: pcm: Simplify forward/rewind codes ().\n- ALSA: pcm: Use a common helper for PCM state check and hwsync ().\n- ALSA: pcm: Workaround for weird PulseAudio behavior on rewind error ().\n- ALSA: rme32: Deliver indirect-PCM transfer error ().\n- ALSA: usb-audio: Fix multiple definitions in AU0828_DEVICE() macro (bsc#1051510).\n- ALSA: usb-audio: update quirk for B W PX to remove microphone (bsc#1051510).\n- ALSA: virmidi: Fix too long output trigger loop (bsc#1051510).\n- ALSA: vx222: Fix invalid endian conversions (bsc#1051510).\n- ALSA: vxpocket: Fix invalid endian conversions (bsc#1051510).\n- ARM: 8780/1: ftrace: Only set kernel memory back to read-only after boot (bsc#1051510).\n- ARM: 8799/1: mm: fix pci_ioremap_io() offset check (bsc#1051510).\n- ARM: DRA7/OMAP5: Enable ACTLR[0] (Enable invalidates of BTB) for secondary cores (bsc#1051510).\n- ARM: bcm2835: Add GET_THROTTLED firmware property (bsc#1108468).\n- ARM: exynos: Clear global variable on init error path (bsc#1051510).\n- ARM: hisi: check of_iomap and fix missing of_node_put (bsc#1051510).\n- ARM: hisi: fix error handling and missing of_node_put (bsc#1051510).\n- ARM: hisi: handle of_iomap and fix missing of_node_put (bsc#1051510).\n- ARM: hwmod: RTC: Do not assume lock/unlock will be called with irq enabled (bsc#1051510).\n- ARM: imx: flag failure of of_iomap (bsc#1051510).\n- ARM: imx_v4_v5_defconfig: Select ULPI support (bsc#1051510).\n- ARM: imx_v6_v7_defconfig: Select ULPI support (bsc#1051510).\n- ARM: mvebu: declare asm symbols as character arrays in pmsu.c (bsc#1051510).\n- ARM: pxa: irq: fix handling of ICMR registers in suspend/resume (bsc#1051510).\n- ASoC: Intel: Skylake: Reset the controller in probe (bsc#1051510).\n- ASoC: Intel: cht_bsw_max98090: remove useless code, align with ChromeOS driver (bsc#1051510).\n- ASoC: Intel: cht_bsw_max98090_ti: Fix jack initialization (bsc#1051510).\n- ASoC: cs4265: fix MMTLR Data switch control (bsc#1051510).\n- ASoC: dapm: Fix potential DAI widget pointer deref when linking DAIs (bsc#1051510).\n- ASoC: intel: skylake: Add missing break in skl_tplg_get_token() (bsc#1051510).\n- ASoC: msm8916-wcd-digital: fix RX2 MIX1 and RX3 MIX1 (bsc#1051510).\n- ASoC: rsnd: adg: care clock-frequency size (bsc#1051510).\n- ASoC: rsnd: do not fallback to PIO mode when -EPROBE_DEFER (bsc#1051510).\n- ASoC: rsnd: fixup not to call clk_get/set under non-atomic (bsc#1051510).\n- ASoC: rsnd: move rsnd_ssi_config_init() execute condition into it (bsc#1051510).\n- ASoC: rsnd: update pointer more accurate (bsc#1051510).\n- ASoC: rt5514: Add the I2S ASRC support (bsc#1051510).\n- ASoC: rt5514: Add the missing register in the readable table (bsc#1051510).\n- ASoC: rt5514: Eliminate the noise in the ASRC case (bsc#1051510).\n- ASoC: rt5514: Fix the issue of the delay volume applied (bsc#1051510).\n- ASoC: rt5514: Fix the issue of the delay volume applied again (bsc#1051510).\n- ASoC: sigmadsp: safeload should not have lower byte limit (bsc#1051510).\n- ASoC: wm8804: Add ACPI support (bsc#1051510).\n- ASoC: wm8994: Fix missing break in switch (bsc#1051510).\n- Apparmor fixes from git-fixes\n- Backport stable-patches for x86 architecture\n- Bluetooth: Add a new Realtek 8723DE ID 0bda:b009 (bsc#1051510).\n- Bluetooth: Use lock_sock_nested in bt_accept_enqueue (bsc#1051510).\n- Bluetooth: avoid killing an already killed socket (bsc#1051510).\n- Bluetooth: btsdio: Do not bind to non-removable BCM43430 (bsc#1103587).\n- Bluetooth: h5: Fix missing dependency on BT_HCIUART_SERDEV (bsc#1051510).\n- Bluetooth: hidp: Fix handling of strncpy for hid->name information (bsc#1051510).\n- Bluetooth: hidp: buffer overflow in hidp_process_report (bsc#1051510).\n- Btrfs: fix data corruption when deduplicating between different files (bsc#1110647).\n- Btrfs: fix duplicate extents after fsync of file with prealloc extents (bsc#1110644).\n- Btrfs: fix file data corruption after cloning a range and fsync (bsc#1111901).\n- Btrfs: fix fsync after hole punching when using no-holes feature (bsc#1110642).\n- Btrfs: fix loss of prealloc extents past i_size after fsync log replay (bsc#1110643).\n- Btrfs: fix mount failure after fsync due to hard link recreation (bsc#1103543).\n- Btrfs: fix return value on rename exchange failure (bsc#1110645).\n- Btrfs: fix send failure when root has deleted files still open (bsc#1110650).\n- Btrfs: rework outstanding_extents (dependency for bsc#1031392).\n- Btrfs: send, fix invalid access to commit roots due to concurrent snapshotting (bsc#1111904).\n- Btrfs: sync log after logging new name (bsc#1110646).\n- CIFS: check for STATUS_USER_SESSION_DELETED (bsc#1112902).\n- Cleanup out-of-tree subsection\n- Disable DRM patches that broke vbox video driver KMP (bsc#1111076)\n- Do not leak MNT_INTERNAL away from internal mounts (git-fixes).\n- Documentation/l1tf: Fix small spelling typo (bsc#1051510).\n- Documentation: add some docs for errseq_t (bsc#1107008).\n- Documentation: ip-sysctl.txt: document addr_gen_mode (bsc#1051510).\n- Drivers: HV: Send one page worth of kmsg dump over Hyper-V during panic (bsc#1107207).\n- Drivers: hv: vmbus: Add comments on ring buffer signaling (bsc#1107207).\n- Drivers: hv: vmbus: Cleanup synic memory free path (bsc#1107207).\n- Drivers: hv: vmbus: Fix the issue with freeing up hv_ctl_table_hdr (bsc#1107207).\n- Drivers: hv: vmbus: Fix the offer_in_progress in vmbus_process_offer() (bsc#1051510).\n- Drivers: hv: vmbus: Get rid of MSR access from vmbus_drv.c (bsc#1107207).\n- Drivers: hv: vmbus: Implement Direct Mode for stimer0 (bsc#1107207).\n- Drivers: hv: vmbus: Make TLFS #define names architecture neutral (bsc#1107207).\n- Drivers: hv: vmbus: Remove use of slow_virt_to_phys() (bsc#1107207).\n- Drivers: hv: vmbus: Remove x86 MSR refs in arch independent code (bsc#1107207).\n- Drivers: hv: vmbus: Remove x86-isms from arch independent drivers (bsc#1107207).\n- Drivers: hv: vmbus: Removed an unnecessary cast from void * (bsc#1107207).\n- Drivers: hv: vmbus: Reset the channel callback in vmbus_onoffer_rescind() (bsc#1107207).\n- Drivers: hv: vmbus: Use get/put_cpu() in vmbus_connect() (bsc#1107207).\n- Drivers: hv: vmbus: add numa_node to sysfs (bsc#1107207).\n- Drivers: hv: vmbus: do not mark HV_PCIE as perf_device (bsc#1051510).\n- Drivers: hv: vmbus: enable VMBus protocol version 5.0 (bsc#1107207).\n- Drivers: hv: vmbus: respect what we get from hv_get_synint_state() (bsc#1107207).\n- Drivers: hv: vmus: Fix the check for return value from kmsg get dump buffer (bsc#1107207).\n- EDAC, ghes: Add DDR4 and NVDIMM memory types (bsc#1099125).\n- EDAC, i7core: Fix memleaks and use-after-free on probe and remove (bsc#1051510).\n- EDAC, skx: Fix skx_edac build error when ACPI_NFIT=m (bsc#1099125).\n- EDAC, skx_edac: Detect non-volatile DIMMs (bsc#1099125).\n- EDAC, thunderx: Fix memory leak in thunderx_l2c_threaded_isr() (bsc#1114279).\n- EDAC: Add new memory type for non-volatile DIMMs (bsc#1099125).\n- EDAC: Fix memleak in module init error path (bsc#1051510).\n- EDAC: Raise the maximum number of memory controllers (bsc#1113780).\n- Filesystem and FUSE fixes from upstream\n- Fix kexec forbidding kernels signed with keys in the secondary keyring to boot (bsc#1110006).\n- HID: add quirk for another PIXART OEM mouse used by HP (bsc#1051510).\n- HID: add support for Apple Magic Keyboards (bsc#1051510).\n- HID: hid-ntrig: add error handling for sysfs_create_group (bsc#1051510).\n- HID: hid-saitek: Add device ID for RAT 7 Contagion (bsc#1051510).\n- HID: hid-sensor-hub: Force logical minimum to 1 for power and report state (bsc#1051510).\n- HID: i2c-hid: Add no-irq-after-reset quirk for 0911:5288 device ().\n- HID: quirks: fix support for Apple Magic Keyboards (bsc#1051510).\n- HID: sensor-hub: Restore fixup for Lenovo ThinkPad Helix 2 sensor hub report (bsc#1051510).\n- IB/IPoIB: Set ah valid flag in multicast send flow (bsc#1046307 ).\n- IB/core: type promotion bug in rdma_rw_init_one_mr() (bsc#1046306).\n- IB/hfi1: Invalid NUMA node information can cause a divide by zero (bsc#1060463).\n- IB/hfi1: Remove incorrect call to do_interrupt callback (bsc#1060463).\n- IB/hfi1: Set in_use_ctxts bits for user ctxts only (bsc#1060463 ).\n- IB/ipoib: Avoid a race condition between start_xmit and cm_rep_handler (bsc#1046307).\n- IB/ipoib: Fix error return code in ipoib_dev_init() (bsc#1046307 ).\n- IB/mlx4: Test port number before querying type (bsc#1046302 ).\n- IB/mlx4: Use 4K pages for kernel QP's WQE buffer (bsc#1046302 ).\n- IB/mlx5: fix uaccess beyond 'count' in debugfs read/write handlers (bsc#1046305).\n- Input: atakbd - fix Atari CapsLock behaviour (bsc#1051510).\n- Input: atakbd - fix Atari keymap (bsc#1051510).\n- Input: atmel_mxt_ts - only use first T9 instance (bsc#1051510).\n- Input: edt-ft5x06 - fix error handling for factory mode on non-M06 (bsc#1051510).\n- Input: edt-ft5x06 - implement support for the EDT-M12 series (bsc#1051510).\n- Input: edt-ft5x06 - make distinction between m06/m09/generic more clear (bsc#1051510).\n- Input: elantech - enable middle button of touchpad on ThinkPad P72 (bsc#1051510).\n- Input: synaptics-rmi4 - fix axis-swap behavior (bsc#1051510).\n- KABI: hide new member in struct iommu_table from genksyms (bsc#1061840).\n- KABI: move the new handler to end of machdep_calls and hide it from genksyms (bsc#1094244).\n- KABI: powerpc: export __find_linux_pte as __find_linux_pte_or_hugepte (bsc#1061840).\n- KABI: tpm: change relinquish_locality return value back to void (bsc#1082555).\n- KABI: tpm: do keep the cmd_ready and go_idle as pm ops (bsc#1082555).\n- KVM/VMX: Optimize vmx_vcpu_run() and svm_vcpu_run() by marking the RDMSR path as unlikely() (bsc#1110006).\n- KVM/x86: remove WARN_ON() for when vm_munmap() fails (bsc#1106240).\n- KVM: Enforce error in ioctl for compat tasks when !KVM_COMPAT (bsc#1106240).\n- KVM: PPC: Add pt_regs into kvm_vcpu_arch and move vcpu->arch.gpr[] into it (bsc#1061840).\n- KVM: PPC: Avoid marking DMA-mapped pages dirty in real mode (bsc#1061840).\n- KVM: PPC: Book 3S HV: Do ptesync in radix guest exit path (bsc#1061840).\n- KVM: PPC: Book3S HV: Add 'online' register to ONE_REG interface (bsc#1061840).\n- KVM: PPC: Book3S HV: Add of_node_put() in success path (bsc#1061840).\n- KVM: PPC: Book3S HV: Allow HPT and radix on the same core for POWER9 v2.2 (bsc#1061840).\n- KVM: PPC: Book3S HV: Allow creating max number of VCPUs on POWER9 (bsc#1061840).\n- KVM: PPC: Book3S HV: Avoid crash from THP collapse during radix page fault (bsc#1061840).\n- KVM: PPC: Book3S HV: Avoid shifts by negative amounts (bsc#1061840).\n- KVM: PPC: Book3S HV: Check DR not IR to chose real vs virt mode MMIOs (bsc#1061840).\n- KVM: PPC: Book3S HV: Do SLB load/unload with guest LPCR value loaded (bsc#1061840).\n- KVM: PPC: Book3S HV: Do not truncate HPTE index in xlate function (bsc#1061840).\n- KVM: PPC: Book3S HV: Do not use compound_order to determine host mapping size (bsc#1061840).\n- KVM: PPC: Book3S HV: Do not use existing 'prodded' flag for XIVE escalations (bsc#1061840).\n- KVM: PPC: Book3S HV: Enable migration of decrementer register (bsc#1061840).\n- KVM: PPC: Book3S HV: Factor fake-suspend handling out of kvmppc_save/restore_tm (bsc#1061840).\n- KVM: PPC: Book3S HV: Fix VRMA initialization with 2MB or 1GB memory backing (bsc#1061840).\n- KVM: PPC: Book3S HV: Fix conditions for starting vcpu (bsc#1061840).\n- KVM: PPC: Book3S HV: Fix constant size warning (bsc#1061840).\n- KVM: PPC: Book3S HV: Fix duplication of host SLB entries (bsc#1061840).\n- KVM: PPC: Book3S HV: Fix guest r11 corruption with POWER9 TM workarounds (bsc#1061840).\n- KVM: PPC: Book3S HV: Fix handling of large pages in radix page fault handler (bsc#1061840).\n- KVM: PPC: Book3S HV: Fix handling of secondary HPTEG in HPT resizing code (bsc#1061840).\n- KVM: PPC: Book3S HV: Fix inaccurate comment (bsc#1061840).\n- KVM: PPC: Book3S HV: Fix kvmppc_bad_host_intr for real mode interrupts (bsc#1061840).\n- KVM: PPC: Book3S HV: Fix trap number return from __kvmppc_vcore_entry (bsc#1061840).\n- KVM: PPC: Book3S HV: Fix typo in kvmppc_hv_get_dirty_log_radix() (bsc#1061840).\n- KVM: PPC: Book3S HV: Handle 1GB pages in radix page fault handler (bsc#1061840).\n- KVM: PPC: Book3S HV: Improve handling of debug-trigger HMIs on POWER9 (bsc#1061840).\n- KVM: PPC: Book3S HV: Keep XIVE escalation interrupt masked unless ceded (bsc#1061840).\n- KVM: PPC: Book3S HV: Lockless tlbie for HPT hcalls (bsc#1061840).\n- KVM: PPC: Book3S HV: Make HPT resizing work on POWER9 (bsc#1061840).\n- KVM: PPC: Book3S HV: Make radix clear pte when unmapping (bsc#1061840).\n- KVM: PPC: Book3S HV: Make radix use correct tlbie sequence in kvmppc_radix_tlbie_page (bsc#1061840).\n- KVM: PPC: Book3S HV: Make xive_pushed a byte, not a word (bsc#1061840).\n- KVM: PPC: Book3S HV: Pack VCORE IDs to access full VCPU ID space (bsc#1061840).\n- KVM: PPC: Book3S HV: Radix page fault handler optimizations (bsc#1061840).\n- KVM: PPC: Book3S HV: Read kvm->arch.emul_smt_mode under kvm->lock (bsc#1061840).\n- KVM: PPC: Book3S HV: Recursively unmap all page table entries when unmapping (bsc#1061840).\n- KVM: PPC: Book3S HV: Remove useless statement (bsc#1061840).\n- KVM: PPC: Book3S HV: Remove vcpu->arch.dec usage (bsc#1061840).\n- KVM: PPC: Book3S HV: Send kvmppc_bad_interrupt NMIs to Linux handlers (bsc#1061840).\n- KVM: PPC: Book3S HV: Set RWMR on POWER8 so PURR/SPURR count correctly (bsc#1061840).\n- KVM: PPC: Book3S HV: Snapshot timebase offset on guest entry (bsc#1061840).\n- KVM: PPC: Book3S HV: Streamline setting of reference and change bits (bsc#1061840).\n- KVM: PPC: Book3S HV: Use __gfn_to_pfn_memslot() in page fault handler (bsc#1061840).\n- KVM: PPC: Book3S HV: Use a helper to unmap ptes in the radix fault path (bsc#1061840).\n- KVM: PPC: Book3S HV: Use correct pagesize in kvm_unmap_radix() (bsc#1061840, git-fixes).\n- KVM: PPC: Book3S HV: XIVE: Resend re-routed interrupts on CPU priority change (bsc#1061840).\n- KVM: PPC: Book3S HV: radix: Do not clear partition PTE when RC or write bits do not match (bsc#1061840).\n- KVM: PPC: Book3S HV: radix: Refine IO region partition scope attributes (bsc#1061840).\n- KVM: PPC: Book3S PR: Add guest MSR parameter for kvmppc_save_tm()/kvmppc_restore_tm() (bsc#1061840).\n- KVM: PPC: Book3S PR: Move kvmppc_save_tm/kvmppc_restore_tm to separate file (bsc#1061840).\n- KVM: PPC: Book3S: Add MMIO emulation for VMX instructions (bsc#1061840).\n- KVM: PPC: Book3S: Allow backing bigger guest IOMMU pages with smaller physical pages (bsc#1061840).\n- KVM: PPC: Book3S: Check KVM_CREATE_SPAPR_TCE_64 parameters (bsc#1061840).\n- KVM: PPC: Book3S: Eliminate some unnecessary checks (bsc#1061840).\n- KVM: PPC: Book3S: Fix compile error that occurs with some gcc versions (bsc#1061840).\n- KVM: PPC: Book3S: Fix guest DMA when guest partially backed by THP pages (bsc#1077761, git-fixes, bsc#1103948, bsc#1103949).\n- KVM: PPC: Book3S: Fix matching of hardware and emulated TCE tables (bsc#1061840).\n- KVM: PPC: Book3S: Use correct page shift in H_STUFF_TCE (bsc#1061840).\n- KVM: PPC: Fix a mmio_host_swabbed uninitialized usage issue (bsc#1061840).\n- KVM: PPC: Make iommu_table::it_userspace big endian (bsc#1061840).\n- KVM: PPC: Move nip/ctr/lr/xer registers to pt_regs in kvm_vcpu_arch (bsc#1061840).\n- KVM: PPC: Use seq_puts() in kvmppc_exit_timing_show() (bsc#1061840).\n- KVM: SVM: Add MSR-based feature support for serializing LFENCE (bsc#1106240).\n- KVM: VMX: Do not allow reexecute_instruction() when skipping MMIO instr (bsc#1106240).\n- KVM: VMX: Tell the nested hypervisor to skip L1D flush on vmentry (bsc#1106240).\n- KVM: VMX: Work around kABI breakage in 'enum vmx_l1d_flush_state' (bsc#1106369).\n- KVM: VMX: fixes for vmentry_l1d_flush module parameter (bsc#1106369).\n- KVM: VMX: raise internal error for exception during invalid protected mode state (bsc#1110006).\n- KVM: VMX: support MSR_IA32_ARCH_CAPABILITIES as a feature MSR (bsc#1106240).\n- KVM: X86: Fix reserved bits check for MOV to CR3 (bsc#1110006).\n- KVM: X86: Introduce kvm_get_msr_feature() (bsc#1106240).\n- KVM: X86: fix incorrect reference of trace_kvm_pi_irte_update (bsc#1110006).\n- KVM: hyperv: idr_find needs RCU protection (bsc#1107207).\n- KVM: introduce kvm_make_vcpus_request_mask() API (bsc#1107207).\n- KVM: lapic: stop advertising DIRECTED_EOI when in-kernel IOAPIC is in use (bsc#1110006).\n- KVM: nVMX: Do not expose MPX VMX controls when guest MPX disabled (bsc#1106240).\n- KVM: nVMX: Do not flush TLB when vmcs12 uses VPID (bsc#1106240).\n- KVM: nVMX: Do not halt vcpu when L1 is injecting events to L2 (bsc#1110006).\n- KVM: nVMX: Fix injection to L2 when L1 do not intercept external-interrupts (bsc#1106240).\n- KVM: nVMX: Fix races when sending nested PI while dest enters/leaves L2 (bsc#1106240).\n- KVM: nVMX: Re-evaluate L1 pending events when running L2 and L1 got posted-interrupt (bsc#1106240).\n- KVM: s390: add etoken support for guests (bsc#1106948, LTC#171029).\n- KVM: s390: force bp isolation for VSIE (bsc#1103421).\n- KVM: s390: implement CPU model only facilities (bsc#1106948, LTC#171029).\n- KVM: vmx: track host_state.loaded using a loaded_vmcs pointer (bsc#1110006).\n- KVM: vmx: use local variable for current_vmptr when emulating VMPTRST (bsc#1110006).\n- KVM: x86: Add a framework for supporting MSR-based features (bsc#1106240).\n- KVM: x86: Change __kvm_apic_update_irr() to also return if max IRR updated (bsc#1106240).\n- KVM: x86: Default to not allowing emulation retry in kvm_mmu_page_fault (bsc#1106240).\n- KVM: x86: Do not re-{try,execute} after failed emulation in L2 (bsc#1106240).\n- KVM: x86: Do not use kvm_x86_ops->mpx_supported() directly (bsc#1106240).\n- KVM: x86: Invert emulation re-execute behavior to make it opt-in (bsc#1106240).\n- KVM: x86: Merge EMULTYPE_RETRY and EMULTYPE_ALLOW_REEXECUTE (bsc#1106240).\n- KVM: x86: SVM: Call x86_spec_ctrl_set_guest/host() with interrupts disabled (git-fixes 1f50ddb4f418).\n- KVM: x86: Update cpuid properly when CR4.OSXAVE or CR4.PKE is changed (bsc#1110006).\n- KVM: x86: VMX: hyper-v: Enlightened MSR-Bitmap support (bsc#1107207).\n- KVM: x86: define SVM/VMX specific kvm_arch_[alloc|free]_vm (bsc#1111506).\n- KVM: x86: ensure all MSRs can always be KVM_GET/SET_MSR'd (bsc#1107207).\n- KVM: x86: fix #UD address of failed Hyper-V hypercalls (bsc#1107207).\n- KVM: x86: fix #UD address of failed Hyper-V hypercalls (bsc#1110006).\n- KVM: x86: fix APIC page invalidation (bsc#1106240).\n- KVM: x86: fix escape of guest dr6 to the host (bsc#1110006).\n- KVM: x86: hyperv: do rep check for each hypercall separately (bsc#1107207).\n- KVM: x86: hyperv: simplistic HVCALL_FLUSH_VIRTUAL_ADDRESS_{LIST,SPACE} implementation (bsc#1107207).\n- KVM: x86: hyperv: simplistic HVCALL_FLUSH_VIRTUAL_ADDRESS_{LIST,SPACE}_EX implementation (bsc#1107207).\n- KVM: x86: hyperv: use defines when parsing hypercall parameters (bsc#1107207).\n- KVM: x86: remove APIC Timer periodic/oneshot spikes (bsc#1110006).\n- Kbuild: fix # escaping in .cmd files for future Make (git-fixes).\n- Limit kernel-source build to architectures for which we build binaries (bsc#1108281).\n- MAINTAINERS: fix location of ina2xx.txt device tree file (bsc#1051510).\n- NET: stmmac: align DMA stuff to largest cache line length (netfilter-stable-18_08_01).\n- NFC: Fix possible memory corruption when handling SHDLC I-Frame commands (bsc#1051510).\n- NFC: nfcmrvl_uart: fix OF child-node lookup (bsc#1051510).\n- NFC: trf7970a: fix check of clock frequencies (bsc#1051510).\n- NFS/filelayout: Fix racy setting of fl->dsaddr in filelayout_check_deviceid() (bsc#1105190).\n- NFS: Avoid quadratic search when freeing delegations (bsc#1084760).\n- NFS: Use an appropriate work queue for direct-write completion (bsc#1082519).\n- NFSv4 client live hangs after live data migration recovery (git-fixes).\n- NFSv4: Fix a sleep in atomic context in nfs4_callback_sequence() (git-fixes).\n- NFSv4: Fix possible 1-byte stack overflow in nfs_idmap_read_and_verify_message (git-fixes).\n- Netperf performance issue due to AppArmor net mediation (bsc#1108520)\n- PCI/ASPM: Fix link_state teardown on device removal (bsc#1051510).\n- PCI/portdrv: Compute MSI/MSI-X IRQ vectors after final allocation (bsc#1109806).\n- PCI/portdrv: Factor out Interrupt Message Number lookup (bsc#1109806).\n- PCI: Add PCI resource type mask #define (bsc#1105355).\n- PCI: Add pci_resize_resource() for resizing BARs (bsc#1105355).\n- PCI: Add resizable BAR infrastructure (bsc#1105355).\n- PCI: Allow release of resources that were never assigned (bsc#1105355).\n- PCI: Cleanup PCI_REBAR_CTRL_BAR_SHIFT handling (bsc#1105355).\n- PCI: Match Root Port's MPS to endpoint's MPSS as necessary (bsc#1109269).\n- PCI: OF: Fix I/O space page leak (git-fixes).\n- PCI: Reprogram bridge prefetch registers on resume (bsc#1051510).\n- PCI: Restore resized BAR state on resume (bsc#1105355).\n- PCI: Skip MPS logic for Virtual Functions (VFs) (bsc#1051510).\n- PCI: aardvark: Fix I/O space page leak (git-fixes).\n- PCI: aardvark: Size bridges before resources allocation (bsc#1109806).\n- PCI: designware: Fix I/O space page leak (bsc#1109806).\n- PCI: dwc: Fix scheduling while atomic issues (git-fixes).\n- PCI: faraday: Add missing of_node_put() (bsc#1109806).\n- PCI: faraday: Fix I/O space page leak (bsc#1109806).\n- PCI: hotplug: Do not leak pci_slot on registration failure (bsc#1051510).\n- PCI: hv: Convert remove_lock to refcount (bsc#1107207).\n- PCI: hv: Do not wait forever on a device that has disappeared (bsc#1107207).\n- PCI: hv: Do not wait forever on a device that has disappeared (bsc#1109806).\n- PCI: hv: Fix return value check in hv_pci_assign_slots() (bsc#1107207).\n- PCI: hv: Make sure the bus domain is really unique (git-fixes).\n- PCI: hv: Remove unused reason for refcount handler (bsc#1107207).\n- PCI: hv: Replace GFP_ATOMIC with GFP_KERNEL in new_pcichild_device() (bsc#1107207).\n- PCI: hv: Use effective affinity mask (bsc#1107207).\n- PCI: hv: Use list_for_each_entry() (bsc#1107207).\n- PCI: hv: support reporting serial number as slot information (bsc#1107207).\n- PCI: mvebu: Fix I/O space end address calculation (bsc#1051510).\n- PCI: pciehp: Fix unprotected list iteration in IRQ handler (bsc#1051510).\n- PCI: pciehp: Fix use-after-free on unplug (bsc#1051510).\n- PCI: versatile: Fix I/O space page leak (bsc#1109806).\n- PCI: xgene: Fix I/O space page leak (bsc#1109806).\n- PCI: xilinx-nwl: Add missing of_node_put() (bsc#1109806).\n- PCI: xilinx: Add missing of_node_put() (bsc#1109806).\n- PM / Domains: Fix error path during attach in genpd (bsc#1051510).\n- PM / Domains: Fix genpd to deal with drivers returning 1 from ->prepare() (bsc#1051510).\n- PM / clk: signedness bug in of_pm_clk_add_clks() (bsc#1051510).\n- PM / core: Clear the direct_complete flag on errors (bsc#1051510).\n- PM / runtime: Drop usage count for suppliers at device link removal (bsc#1100132).\n- PM / sleep: wakeup: Fix build error caused by missing SRCU support (bsc#1051510).\n- PM: cpuidle: Fix cpuidle_poll_state_init() prototype (bsc#1110006).\n- RAID10 BUG_ON in raise_barrier when force is true and conf->barrier is 0 (git-fixes).\n- RDMA/bnxt_re: Fix a bunch of off by one bugs in qplib_fp.c (bsc#1050244).\n- RDMA/bnxt_re: Fix a couple off by one bugs (bsc#1050244 ).\n- RDMA/bnxt_re: Fix system crash during RDMA resource initialization (bsc#1086283).\n- RDMA/i40w: Hold read semaphore while looking after VMA (bsc#1058659).\n- RDMA/uverbs: Expand primary and alt AV port checks (bsc#1046306 ).\n- Squashfs: Compute expected length from inode size rather than block length (bsc#1051510).\n- Tools: hv: Fix a bug in the key delete code (bsc#1107207).\n- USB: Add quirk to support DJI CineSSD (bsc#1051510).\n- USB: add quirk for WORLDE Controller KS49 or Prodipe MIDI 49C USB controller (bsc#1051510).\n- USB: cdc-wdm: do not enable interrupts in USB-giveback (bsc#1051510).\n- USB: fix error handling in usb_driver_claim_interface() (bsc#1051510).\n- USB: handle NULL config in usb_find_alt_setting() (bsc#1051510).\n- USB: net2280: Fix erroneous synchronization change (bsc#1051510).\n- USB: option: add support for DW5821e (bsc#1051510).\n- USB: remove LPM management from usb_driver_claim_interface() (bsc#1051510).\n- USB: serial: cypress_m8: fix interrupt-out transfer length (bsc#1051510).\n- USB: serial: io_ti: fix array underflow in completion handler (bsc#1051510).\n- USB: serial: kobil_sct: fix modem-status error handling (bsc#1051510).\n- USB: serial: pl2303: add a new device id for ATEN (bsc#1051510).\n- USB: serial: sierra: fix potential deadlock at close (bsc#1051510).\n- USB: serial: simple: add Motorola Tetra MTP6550 id (bsc#1051510).\n- USB: serial: ti_usb_3410_5052: fix array underflow in completion handler (bsc#1051510).\n- USB: yurex: Check for truncation in yurex_read() (bsc#1051510).\n- USB: yurex: Fix buffer over-read in yurex_write() (bsc#1051510).\n- Update config files, make CRYPTO_CRCT10DIF_PCLMUL built-in (bsc#1105603).\n- VFS: do not test owner for NFS in set_posix_acl() (bsc#1103405).\n- Workaround for mysterious NVMe breakage with i915 CFL (bsc#1111040).\n- Workaround kABI breakage by __must_check drop of strscpy() (bsc#1051510).\n- X86/Hyper-V: Add flush HvFlushGuestPhysicalAddressSpace hypercall support (bsc#1107207).\n- X86/Hyper-V: Add hyperv_nested_flush_guest_mapping ftrace support (bsc#1107207).\n- X86/Hyper-V: Consolidate code for converting cpumask to vpset (bsc#1107207).\n- X86/Hyper-V: Consolidate the allocation of the hypercall input page (bsc#1107207).\n- X86/Hyper-V: Enable IPI enlightenments (bsc#1107207).\n- X86/Hyper-V: Enhanced IPI enlightenment (bsc#1107207).\n- X86/Hyper-V: Enlighten APIC access (bsc#1107207).\n- acpi, nfit: Add function to look up nvdimm device and provide SMBIOS handle (bsc#1099125).\n- affs_lookup(): close a race with affs_remove_link() (bsc#1105355).\n- ahci: Add Intel Ice Lake LP PCI ID (bsc#1051510).\n- aio: fix io_destroy(2) vs. lookup_ioctx() race (git-fixes).\n- apparmor: Check buffer bounds when mapping permissions mask (git-fixes).\n- apparmor: Fix failure to audit context info in build_change_hat (bsc#1051510).\n- apparmor: Fix regression in profile conflict logic (bsc#1106427)\n- apparmor: Fully initialize aa_perms struct when answering userspace query (bsc#1051510).\n- apparmor: ensure that undecidable profile attachments fail (bsc#1106427).\n- apparmor: fix an error code in __aa_create_ns() (bsc#1106427).\n- apparmor: fix mediation of prlimit (bsc#1051510).\n- apparmor: fix memory leak when deduping profile load (bsc#1051510).\n- apparmor: fix ptrace read check (bsc#1051510).\n- apparmor: remove no-op permission check in policy_unpack (bsc#1106427).\n- arm/asm/tlb.h: Fix build error implicit func declaration (bsc#1105467 Reduce IPIs and atomic ops with improved lazy TLB).\n- arm64/acpi: Create arch specific cpu to acpi id helper (bsc#1106903).\n- arm64/kasan: do not allocate extra shadow memory (bsc#1106897).\n- arm64/mm/kasan: do not use vmemmap_populate() to initialize shadow (bsc#1106898).\n- arm64: Enforce BBM for huge IO/VMAP mappings (bsc#1106890).\n- arm64: Ignore hardware dirty bit updates in ptep_set_wrprotect() (bsc#1108010).\n- arm64: Make sure permission updates happen for pmd/pud (bsc#1106891).\n- arm64: dma-mapping: clear buffers allocated with FORCE_CONTIGUOUS flag (bsc#1106902).\n- arm64: enable thunderx gpio driver\n- arm64: export memblock_reserve()d regions via /proc/iomem (bsc#1106892).\n- arm64: fix unwind_frame() for filtered out fn for function graph tracing (bsc#1106900).\n- arm64: fix vmemmap BUILD_BUG_ON() triggering on !vmemmap setups (bsc#1106896).\n- arm64: fpsimd: Avoid FPSIMD context leakage for the init task (bsc#1106894).\n- arm64: kasan: avoid pfn_to_nid() before page array is initialized (bsc#1106899).\n- arm64: mm: Ensure writes to swapper are ordered wrt subsequent cache maintenance (bsc#1106906).\n- arm64: mm: check for upper PAGE_SHIFT bits in pfn_valid() (bsc#1106893).\n- arm64: move patches to sorted section\n- arm64: numa: rework ACPI NUMA initialization (bsc#1106905).\n- arm64: vgic-v2: Fix proxying of cpuif access (bsc#1106901).\n- asix: Check for supported Wake-on-LAN modes (bsc#1051510).\n- ata: Fix ZBC_OUT all bit handling (bsc#1051510).\n- ata: Fix ZBC_OUT command block check (bsc#1051510).\n- ata: libahci: Allow reconfigure of DEVSLP register (bsc#1051510).\n- ata: libahci: Correct setting of DEVSLP register (bsc#1051510).\n- ath10k: disable bundle mgmt tx completion event support (bsc#1051510).\n- ath10k: fix kernel panic issue during pci probe (bsc#1051510).\n- ath10k: fix scan crash due to incorrect length calculation (bsc#1051510).\n- ath10k: fix use-after-free in ath10k_wmi_cmd_send_nowait (bsc#1051510).\n- ath10k: prevent active scans on potential unusable channels (bsc#1051510).\n- ath10k: protect ath10k_htt_rx_ring_free with rx_ring.lock (bsc#1051510).\n- ath10k: update the phymode along with bandwidth change request (bsc#1051510).\n- ath9k: add MSI support ().\n- ath9k: report tx status on EOSP (bsc#1051510).\n- ath9k_hw: fix channel maximum power level test (bsc#1051510).\n- atm: Preserve value of skb->truesize when accounting to vcc (networking-stable-18_07_19).\n- atm: horizon: Fix irq release error (bsc#1105355).\n- atm: zatm: Fix potential Spectre v1 (networking-stable-18_07_19).\n- atm: zatm: fix memcmp casting (bsc#1105355).\n- audit: Fix extended comparison of GID/EGID (bsc#1051510).\n- audit: allow not equal op for audit by executable (bsc#1051510).\n- audit: fix use-after-free in audit_add_watch (bsc#1051510).\n- autofs: fix autofs_sbi() does not check super block type (git-fixes).\n- autofs: fix slab out of bounds read in getname_kernel() (git-fixes).\n- autofs: mount point create should honour passed in mode (git-fixes).\n- ax88179_178a: Check for supported Wake-on-LAN modes (bsc#1051510).\n- b43/leds: Ensure NUL-termination of LED name string (bsc#1051510).\n- b43legacy/leds: Ensure NUL-termination of LED name string (bsc#1051510).\n- badblocks: fix wrong return value in badblocks_set if badblocks are disabled (git-fixes).\n- batman-adv: Avoid probe ELP information leak (bsc#1051510).\n- batman-adv: Fix multicast TT issues with bogus ROAM flags (bsc#1051510).\n- batman-adv: Fix segfault when writing to sysfs elp_interval (bsc#1051510).\n- batman-adv: Fix segfault when writing to throughput_override (bsc#1051510).\n- batman-adv: Prevent duplicated gateway_node entry (bsc#1051510).\n- batman-adv: Prevent duplicated global TT entry (bsc#1051510).\n- batman-adv: Prevent duplicated nc_node entry (bsc#1051510).\n- batman-adv: Prevent duplicated softif_vlan entry (bsc#1051510).\n- batman-adv: Prevent duplicated tvlv handler (bsc#1051510).\n- batman-adv: fix backbone_gw refcount on queue_work() failure (bsc#1051510).\n- batman-adv: fix hardif_neigh refcount on queue_work() failure (bsc#1051510).\n- bcache: avoid unncessary cache prefetch bch_btree_node_get().\n- bcache: calculate the number of incremental GC nodes according to the total of btree nodes.\n- bcache: display rate debug parameters to 0 when writeback is not running.\n- bcache: do not check return value of debugfs_create_dir().\n- bcache: finish incremental GC.\n- bcache: fix I/O significant decline while backend devices registering.\n- bcache: fix error setting writeback_rate through sysfs interface.\n- bcache: free heap cache_set->flush_btree in bch_journal_free.\n- bcache: make the pr_err statement used for ENOENT only in sysfs_attatch section.\n- bcache: release dc->writeback_lock properly in bch_writeback_thread().\n- bcache: set max writeback rate when I/O request is idle.\n- bcache: simplify the calculation of the total amount of flash dirty data.\n- bdi: Fix another oops in wb_workfn() (bsc#1112746).\n- bdi: Preserve kabi when adding cgwb_release_mutex (bsc#1112746).\n- be2net: Fix memory leak in be_cmd_get_profile_config() (bsc#1086288).\n- be2net: remove unused old AIC info (bsc#1086288).\n- be2net: remove unused old custom busy-poll fields (bsc#1086288 ).\n- binfmt_elf: Respect error return from `regset->active' (bsc#1051510).\n- blk-mq: I/O and timer unplugs are inverted in blktrace (bsc#1112713).\n- blk-mq: avoid to synchronize rcu inside blk_cleanup_queue() (bsc#1077989).\n- blkdev: __blkdev_direct_IO_simple: fix leak in error case (bsc#1083663).\n- blkdev_report_zones_ioctl(): Use vmalloc() to allocate large buffers (bsc#1111819).\n- block, bfq: fix wrong init of saved start time for weight raising (bsc#1112708).\n- block, bfq: return nbytes and not zero from struct cftype .write() method (bsc#1106238).\n- block, dax: remove dead code in blkdev_writepages() (bsc#1104888).\n- block: Invalidate cache on discard v2 (bsc#1109992).\n- block: bfq: swap puts in bfqg_and_blkg_put (bsc#1112712).\n- block: bio_iov_iter_get_pages: fix size of last iovec (bsc#1083663).\n- block: bio_iov_iter_get_pages: pin more pages for multi-segment IOs (bsc#1083663).\n- block: bvec_nr_vecs() returns value for wrong slab (bsc#1111834).\n- block: do not print a message when the device went away (bsc#1098459).\n- block: do not warn for flush on read-only device (bsc#1107756).\n- block: fix warning when I/O elevator is changed as request_queue is being removed (bsc#1109979).\n- block: pass inclusive 'lend' parameter to truncate_inode_pages_range (bsc#1109992).\n- block: properly protect the 'queue' kobj in blk_unregister_queue (bsc#1109979).\n- bnx2x: Fix invalid memory access in rss hash config path (bsc#1050319).\n- bnx2x: Fix receiving tx-timeout in error or recovery state (bsc#1050319).\n- bnxt_en: Clean up unused functions (bsc#1086282).\n- bnxt_en: Do not adjust max_cp_rings by the ones used by RDMA (bsc#1086282).\n- bnxt_en: Fix VF mac address regression (bsc#1086282 ).\n- bnxt_re: Fix couple of memory leaks that could lead to IOMMU call traces (bsc#1050244).\n- bonding: avoid lockdep confusion in bond_get_stats() (netfilter-stable-18_08_04).\n- bpf, s390: fix potential memleak when later bpf_jit_prog fails (bsc#1083647).\n- bpf/verifier: disallow pointer subtraction (bsc#1083647).\n- bpf: fix references to free_bpf_prog_info() in comments (bsc#1083647).\n- bpf: fix uninitialized variable in bpf tools (bsc#1083647).\n- bpf: hash map: decrement counter on error (bsc#1083647).\n- bpf: make cavium thunder compatible w/ bpf_xdp_adjust_tail (bsc#1110096).\n- bpf: powerpc64: pad function address loads with NOPs (bsc#1083647).\n- bpf: use GFP_ATOMIC instead of GFP_KERNEL in bpf_parse_prog() (bsc#1083647).\n- brcmfmac: stop watchdog before detach and free everything (bsc#1051510).\n- brcmsmac: fix wrap around in conversion from constant to s16 (bsc#1051510).\n- btrfs: Add checker for EXTENT_CSUM (bsc#1102882, bsc#1102896, bsc#1102879, bsc#1102877, bsc#1102875,).\n- btrfs: Add sanity check for EXTENT_DATA when reading out leaf (bsc#1102882, bsc#1102896, bsc#1102879, bsc#1102877, bsc#1102875,).\n- btrfs: Check if item pointer overlaps with the item itself (bsc#1102882, bsc#1102896, bsc#1102879, bsc#1102877, bsc#1102875,).\n- btrfs: Check that each block group has corresponding chunk at mount time (bsc#1102882, bsc#1102896, bsc#1102879, bsc#1102877, bsc#1102875,).\n- btrfs: Enhance btrfs_trim_fs function to handle error better (Dependency for bsc#1113667).\n- btrfs: Ensure btrfs_trim_fs can trim the whole filesystem (bsc#1113667).\n- btrfs: Fix use-after-free when cleaning up fs_devs with a single stale device (bsc#1097105).\n- btrfs: Fix wrong btrfs_delalloc_release_extents parameter (bsc#1031392).\n- btrfs: Handle error from btrfs_uuid_tree_rem call in _btrfs_ioctl_set_received_subvol (bsc#1097105).\n- btrfs: Introduce mount time chunk dev extent mapping check (bsc#1102882, bsc#1102896, bsc#1102879, bsc#1102877, bsc#1102875,).\n- btrfs: Manually implement device_total_bytes getter/setter (bsc#1043912).\n- btrfs: Move leaf and node validation checker to tree-checker.c (bsc#1102882, bsc#1102896, bsc#1102879, bsc#1102877, bsc#1102875,).\n- btrfs: Remove unused parameters from various functions (bsc#1110649).\n- btrfs: Round down values which are written for total_bytes_size (bsc#1043912).\n- btrfs: Verify that every chunk has corresponding block group at mount time (bsc#1102882, bsc#1102896, bsc#1102879, bsc#1102877, bsc#1102875,).\n- btrfs: add a comp_refs() helper (dependency for bsc#1031392).\n- btrfs: add tracepoints for outstanding extents mods (dependency for bsc#1031392).\n- btrfs: check-integrity: Fix NULL pointer dereference for degraded mount (bsc#1107947).\n- btrfs: cleanup extent locking sequence (dependency for bsc#1031392).\n- btrfs: delayed-inode: Remove wrong qgroup meta reservation calls (bsc#1031392).\n- btrfs: delayed-inode: Use new qgroup meta rsv for delayed inode and item (bsc#1031392).\n- btrfs: fix error handling in btrfs_dev_replace_start (bsc#1107535).\n- btrfs: fix missing error return in btrfs_drop_snapshot (Git-fixes bsc#1109919).\n- btrfs: handle errors while updating refcounts in update_ref_for_cow (Git-fixes bsc#1109915).\n- btrfs: log csums for all modified extents (bsc#1110639).\n- btrfs: make the delalloc block rsv per inode (dependency for bsc#1031392).\n- btrfs: qgroup: Add quick exit for non-fs extents (dependency for bsc#1031392).\n- btrfs: qgroup: Cleanup btrfs_qgroup_prepare_account_extents function (dependency for bsc#1031392).\n- btrfs: qgroup: Cleanup the remaining old reservation counters (bsc#1031392).\n- btrfs: qgroup: Commit transaction in advance to reduce early EDQUOT (bsc#1031392).\n- btrfs: qgroup: Do not use root->qgroup_meta_rsv for qgroup (bsc#1031392).\n- btrfs: qgroup: Fix qgroup reserved space underflow by only freeing reserved ranges (dependency for bsc#1031392).\n- btrfs: qgroup: Fix qgroup reserved space underflow caused by buffered write and quotas being enabled (dependency for bsc#1031392).\n- btrfs: qgroup: Fix wrong qgroup reservation update for relationship modification (bsc#1031392).\n- btrfs: qgroup: Introduce extent changeset for qgroup reserve functions (dependency for bsc#1031392).\n- btrfs: qgroup: Introduce function to convert META_PREALLOC into META_PERTRANS (bsc#1031392).\n- btrfs: qgroup: Introduce helpers to update and access new qgroup rsv (bsc#1031392).\n- btrfs: qgroup: Make qgroup_reserve and its callers to use separate reservation type (bsc#1031392).\n- btrfs: qgroup: Return actually freed bytes for qgroup release or free data (dependency for bsc#1031392).\n- btrfs: qgroup: Skeleton to support separate qgroup reservation type (bsc#1031392).\n- btrfs: qgroup: Split meta rsv type into meta_prealloc and meta_pertrans (bsc#1031392).\n- btrfs: qgroup: Update trace events for metadata reservation (bsc#1031392).\n- btrfs: qgroup: Update trace events to use new separate rsv types (bsc#1031392).\n- btrfs: qgroup: Use independent and accurate per inode qgroup rsv (bsc#1031392).\n- btrfs: qgroup: Use root::qgroup_meta_rsv_* to record qgroup meta reserved space (bsc#1031392).\n- btrfs: qgroup: Use separate meta reservation type for delalloc (bsc#1031392).\n- btrfs: remove type argument from comp_tree_refs (dependency for bsc#1031392).\n- btrfs: round down size diff when shrinking/growing device (bsc#1097105).\n- btrfs: scrub: Do not use inode page cache in scrub_handle_errored_block() (follow up for bsc#1108096).\n- btrfs: scrub: Do not use inode pages for device replace (follow up for bsc#1108096).\n- btrfs: switch args for comp_*_refs (dependency for bsc#1031392).\n- btrfs: tests/qgroup: Fix wrong tree backref level (bsc#1107928).\n- btrfs: tree-checker: Add checker for dir item (bsc#1102882, bsc#1102896, bsc#1102879, bsc#1102877, bsc#1102875,).\n- btrfs: tree-checker: Detect invalid and empty essential trees (bsc#1102882, bsc#1102896, bsc#1102879, bsc#1102877, bsc#1102875,).\n- btrfs: tree-checker: Enhance btrfs_check_node output (bsc#1102882, bsc#1102896, bsc#1102879, bsc#1102877, bsc#1102875,).\n- btrfs: tree-checker: Enhance output for btrfs_check_leaf (bsc#1102882, bsc#1102896, bsc#1102879, bsc#1102877, bsc#1102875,).\n- btrfs: tree-checker: Enhance output for check_csum_item (bsc#1102882, bsc#1102896, bsc#1102879, bsc#1102877, bsc#1102875,).\n- btrfs: tree-checker: Enhance output for check_extent_data_item (bsc#1102882, bsc#1102896, bsc#1102879, bsc#1102877, bsc#1102875,).\n- btrfs: tree-checker: Fix false panic for sanity test (bsc#1102882, bsc#1102896, bsc#1102879, bsc#1102877, bsc#1102875,).\n- btrfs: tree-checker: Replace root parameter with fs_info (bsc#1102882, bsc#1102896, bsc#1102879, bsc#1102877, bsc#1102875,).\n- btrfs: tree-checker: Verify block_group_item (bsc#1102882, bsc#1102896, bsc#1102879, bsc#1102877, bsc#1102875,).\n- btrfs: tree-checker: use %zu format string for size_t (bsc#1102882, bsc#1102896, bsc#1102879, bsc#1102877, bsc#1102875,).\n- btrfs: tree-checker: use %zu format string for size_t (bsc#1102882, bsc#1102896, bsc#1102879, bsc#1102877, bsc#1102875,).\n- cdc-acm: fix race between reset and control messaging (bsc#1051510).\n- cdrom: Fix info leak/OOB read in cdrom_ioctl_drive_status (bsc#1051510).\n- ceph: avoid a use-after-free in ceph_destroy_options() (bsc#1111983).\n- ceph: fix incorrect use of strncpy (bsc#1107319).\n- ceph: return errors from posix_acl_equiv_mode() correctly (bsc#1107320).\n- cfg80211: fix a type issue in ieee80211_chandef_to_operating_class() (bsc#1051510).\n- cfg80211: nl80211_update_ft_ies() to validate NL80211_ATTR_IE (bsc#1051510).\n- cfg80211: reg: Init wiphy_idx in regulatory_hint_core() (bsc#1051510).\n- cgroup: avoid copying strings longer than the buffers (bsc#1051510).\n- cifs: Fix stack out-of-bounds in smb{2,3}_create_lease_buf() (bsc#1051510).\n- cifs: Fix use after free of a mid_q_entry (bsc#1112903).\n- cifs: check kmalloc before use (bsc#1051510).\n- cifs: fix memory leak in SMB2_open() (bsc#1112894).\n- cifs: integer overflow in in SMB2_ioctl() (bsc#1051510).\n- cifs: store the leaseKey in the fid on SMB2_open (bsc#1051510).\n- clk: clk-fixed-factor: Clear OF_POPULATED flag in case of failure (bsc#1051510).\n- clk: core: Potentially free connection id (bsc#1051510).\n- clk: imx6ul: fix missing of_node_put() (bsc#1051510).\n- clk: meson: gxbb: remove HHI_GEN_CLK_CTNL duplicate definition (bsc#1051510).\n- clk: mvebu: armada-38x: add support for 1866MHz variants (bsc#1105355).\n- clk: mvebu: armada-38x: add support for missing clocks (bsc#1105355).\n- clk: rockchip: Add pclk_rkpwm_pmu to PMU critical clocks in rk3399 (bsc#1051510).\n- clk: rockchip: fix clk_i2sout parent selection bits on rk3399 (bsc#1051510).\n- clk: tegra: bpmp: Do not crash when a clock fails to register (bsc#1051510).\n- clk: x86: Stop marking clocks as CLK_IS_CRITICAL (bsc#1051510).\n- clk: x86: add 'ether_clk' alias for Bay Trail / Cherry Trail (bsc#1051510).\n- clocksource/drivers/ti-32k: Add CLOCK_SOURCE_SUSPEND_NONSTOP flag for non-am43 SoCs (bsc#1051510).\n- clocksource/drivers/timer-atmel-pit: Properly handle error cases (bsc#1051510).\n- cls_matchall: fix tcf_unbind_filter missing (networking-stable-18_08_21).\n- coda: fix 'kernel memory exposure attempt' in fsync (bsc#1051510).\n- coresight: Handle errors in finding input/output ports (bsc#1051510).\n- coresight: tpiu: Fix disabling timeouts (bsc#1051510).\n- cpu/hotplug: Fix SMT supported evaluation (bsc#1110006).\n- cpufreq / CPPC: Set platform specific transition_delay_us (bsc#1101480).\n- cpufreq, intel_pstate: Allow unspecified FADT profile to probe PPC (bsc#1108841).\n- cpufreq: CPPC: Do not set transition_latency (bsc#1101480).\n- cpufreq: CPPC: Use transition_delay_us depending transition_latency (bsc#1101480).\n- cpufreq: remove setting of policy->cpu in policy->cpus during init (bsc#1101480).\n- crypto: ablkcipher - fix crash flushing dcache in error path (bsc#1051510).\n- crypto: blkcipher - fix crash flushing dcache in error path (bsc#1051510).\n- crypto: caam - fix implicit casts in endianness helpers (bsc#1051510).\n- crypto: caam/jr - fix ablkcipher_edesc pointer arithmetic (bsc#1051510).\n- crypto: caam/jr - fix descriptor DMA unmapping (bsc#1051510).\n- crypto: caam/qi - fix error path in xts setkey (bsc#1051510).\n- crypto: cavium/nitrox - fix for command corruption in queue full case with backlog submissions (bsc#1051510).\n- crypto: ccp - Check for NULL PSP pointer at module unload (bsc#1051510).\n- crypto: ccp - Fix command completion detection race (bsc#1051510).\n- crypto: ccp - add timeout support in the SEV command (bsc#1106838).\n- crypto: chelsio - Fix memory corruption in DMA Mapped buffers (bsc#1051510).\n- crypto: clarify licensing of OpenSSL asm code ().\n- crypto: lrw - Fix out-of bounds access on counter overflow (bsc#1051510).\n- crypto: mxs-dcp - Fix wait logic on chan threads (bsc#1051510).\n- crypto: qat - Fix KASAN stack-out-of-bounds bug in adf_probe() (bsc#1051510).\n- crypto: sharah - Unregister correct algorithms for SAHARA 3 (bsc#1051510).\n- crypto: skcipher - Fix -Wstringop-truncation warnings (bsc#1051510).\n- crypto: skcipher - fix aligning block size in skcipher_copy_iv() (bsc#1051510).\n- crypto: skcipher - fix crash flushing dcache in error path (bsc#1051510).\n- crypto: tcrypt - fix ghash-generic speed test (bsc#1051510).\n- crypto: vmac - require a block cipher with 128-bit block size (bsc#1051510).\n- crypto: vmac - separate tfm and request context (bsc#1051510).\n- crypto: vmx - Fix sleep-in-atomic bugs (bsc#1051510).\n- crypto: vmx - Use skcipher for ctr fallback to SLE12-SP4 (bsc#1106464).\n- crypto: x86/sha256-mb - fix digest copy in sha256_mb_mgr_get_comp_job_avx2() (bsc#1051510).\n- cxgb4: Fix the condition to check if the card is T5 (bsc#1097585 bsc#1097586 bsc#1097587 bsc#1097588 bsc#1097583 bsc#1097584).\n- cxgb4: fix abort_req_rss6 struct (bsc#1046540).\n- cxgb4: when disabling dcb set txq dcb priority to 0 (bsc#1046540 ).\n- cxl: Configure PSL to not use APC virtual machines (bsc#1055014, git-fixes).\n- cxl: Fix wrong comparison in cxl_adapter_context_get() (bsc#1055014, git-fixes).\n- dax: Fix deadlock in dax_lock_mapping_entry() (bsc#1109951).\n- dax: Introduce a ->copy_to_iter dax operation (bsc#1098782).\n- dax: Make extension of dax_operations transparent (bsc#1098782).\n- dax: Report bytes remaining in dax_iomap_actor() (bsc#1098782).\n- dax: remove VM_MIXEDMAP for fsdax and device dax (bsc#1106007).\n- dax: remove default copy_from_iter fallback (bsc#1098782). \n- dax: require 'struct page' by default for filesystem dax (bsc#1104888).\n- dax: store pfns in the radix (bsc#1104888).\n- dccp: fix undefined behavior with 'cwnd' shift in ccid2_cwnd_restart() (netfilter-stable-18_08_17).\n- debugobjects: Make stack check warning more informative (bsc#1051510).\n- declance: Fix continuation with the adapter identification message (bsc#1051510).\n- device-dax: Add missing address_space_operations (bsc#1107783).\n- device-dax: Enable page_mapping() (bsc#1107783).\n- device-dax: Set page->index (bsc#1107783).\n- devicectree: bindings: fix location of leds common file (bsc#1051510).\n- dma-buf: remove redundant initialization of sg_table (bsc#1051510).\n- dmaengine: hsu: Support dmaengine_terminate_sync() (bsc#1051510).\n- dmaengine: idma64: Support dmaengine_terminate_sync() (bsc#1051510).\n- dmaengine: mv_xor_v2: kill the tasklets upon exit (bsc#1051510).\n- dmaengine: pl330: fix irq race with terminate_all (bsc#1051510).\n- do d_instantiate/unlock_new_inode combinations safely (git-fixes).\n- doc/README.SUSE: Remove mentions of cloneconfig (bsc#1103636).\n- driver core: add __printf verification to __ata_ehi_pushv_desc (bsc#1051510).\n- drivers/base: stop new probing during shutdown (bsc#1051510).\n- drivers/tty: add error handling for pcmcia_loop_config (bsc#1051510).\n- drm/amd/pp/Polaris12: Fix a chunk of registers missed to program (bsc#1051510).\n- drm/amdgpu/powerplay: fix missing break in switch statements (bsc#1113722)\n- drm/amdgpu: Enable/disable gfx PG feature in rlc safe mode (bsc#1051510).\n- drm/amdgpu: Fix RLC safe mode test in gfx_v9_0_enter_rlc_safe_mode (bsc#1051510).\n- drm/amdgpu: Fix SDMA HQD destroy error on gfx_v7 (bsc#1051510).\n- drm/amdgpu: Fix vce work queue was not cancelled when suspend (bsc#1106110)\n- drm/amdgpu: Pulling old prepare and submit for flip back (bsc#1051510).\n- drm/amdgpu: Update power state at the end of smu hw_init (bsc#1051510).\n- drm/amdgpu: add another ATPX quirk for TOPAZ (bsc#1051510).\n- drm/amdgpu: add new polaris pci id (bsc#1051510).\n- drm/amdgpu: fix error handling in amdgpu_cs_user_fence_chunk (bsc#1106110)\n- drm/amdgpu: fix swapped emit_ib_size in vce3 (bsc#1051510).\n- drm/amdgpu: revert 'fix deadlock of reservation between cs and gpu reset v2' (bsc#1051510).\n- drm/amdgpu: update tmr mc address (bsc#1100132).\n- drm/amdgpu:add new firmware id for VCN (bsc#1051510).\n- drm/amdgpu:add tmr mc address into amdgpu_firmware_info (bsc#1051510).\n- drm/amdkfd: Fix error codes in kfd_get_process (bsc#1051510).\n- drm/arm/malidp: Preserve LAYER_FORMAT contents when setting format (bsc#1051510).\n- drm/armada: fix colorkey mode property (bsc#1051510).\n- drm/armada: fix irq handling (bsc#1051510).\n- drm/bridge/sii8620: Fix display of packed pixel modes (bsc#1051510).\n- drm/bridge/sii8620: fix display of packed pixel modes in MHL2 (bsc#1051510).\n- drm/bridge/sii8620: fix loops in EDID fetch logic (bsc#1051510).\n- drm/bridge: adv7511: Reset registers on hotplug (bsc#1051510).\n- drm/edid: Add 6 bpc quirk for SDC panel in Lenovo B50-80 (bsc#1051510).\n- drm/edid: VSDB yCBCr420 Deep Color mode bit definitions (bsc#1051510).\n- drm/exynos: decon5433: Fix WINCONx reset value (bsc#1051510).\n- drm/exynos: decon5433: Fix per-plane global alpha for XRGB modes (bsc#1051510).\n- drm/exynos: gsc: Fix support for NV16/61, YUV420/YVU420 and YUV422 modes (bsc#1051510).\n- drm/fb-helper: Fix typo on kerneldoc (bsc#1051510).\n- drm/hisilicon: hibmc: Do not carry error code in HiBMC framebuffer (bsc#1113722)\n- drm/hisilicon: hibmc: Do not overwrite fb helper surface depth (bsc#1113722)\n- drm/i915/aml: Introducing Amber Lake platform ().\n- drm/i915/audio: Fix audio enumeration issue on BXT ().\n- drm/i915/audio: Hook up component bindings even if displays are (bsc#1113722)\n- drm/i915/cfl: Add a new CFL PCI ID ().\n- drm/i915/dp: Link train Fallback on eDP only if fallback link BW can fit panel's native mode (bsc#1051510).\n- drm/i915/gen9+: Fix initial readout for Y tiled framebuffers (bsc#1113722)\n- drm/i915/glk: Add Quirk for GLK NUC HDMI port issues (bsc#1051510).\n- drm/i915/gvt: Fix the incorrect length of child_device_config issue (bsc#1051510).\n- drm/i915/gvt: Off by one in intel_vgpu_write_fence() (bsc#1051510).\n- drm/i915/gvt: clear ggtt entries when destroy vgpu (bsc#1051510).\n- drm/i915/gvt: request srcu_read_lock before checking if one gfn is valid (bsc#1051510).\n- drm/i915/kvmgt: Fix potential Spectre v1 (bsc#1051510).\n- drm/i915/lpe: Mark LPE audio runtime pm as 'no callbacks' (bsc#1051510).\n- drm/i915/overlay: Allocate physical registers from stolen (bsc#1051510).\n- drm/i915/whl: Introducing Whiskey Lake platform ().\n- drm/i915: Handle incomplete Z_FINISH for compressed error states (bsc#1100132)\n- drm/i915: Increase LSPCON timeout (bsc#1051510).\n- drm/i915: Nuke the LVDS lid notifier (bsc#1051510).\n- drm/i915: Only show debug for state changes when banning (bsc#1051510).\n- drm/i915: Restore user forcewake domains across suspend (bsc#1100132).\n- drm/i915: Restore vblank interrupts earlier (bsc#1051510).\n- drm/i915: Unmask user interrupts writes into HWSP on snb/ivb/vlv/hsw (bsc#1051510).\n- drm/i915: set DP Main Stream Attribute for color range on DDI platforms (bsc#1051510).\n- drm/imx: imx-ldb: check if channel is enabled before printing warning (bsc#1051510).\n- drm/imx: imx-ldb: disable LDB on driver bind (bsc#1051510).\n- drm/mediatek: fix OF sibling-node lookup (bsc#1106110)\n- drm/modes: Introduce drm_mode_match() ().\n- drm/msm: fix OF child-node lookup (bsc#1106110)\n- drm/nouveau/TBDdevinit: do not fail when PMU/PRE_OS is missing from VBIOS (bsc#1051510).\n- drm/nouveau/debugfs: Wake up GPU before doing any reclocking (bsc#1051510).\n- drm/nouveau/disp: fix DP disable race (bsc#1051510).\n- drm/nouveau/drm/nouveau: Do not forget to cancel hpd_work on suspend/unload (bsc#1051510).\n- drm/nouveau/drm/nouveau: Fix bogus drm_kms_helper_poll_enable() placement (bsc#1051510).\n- drm/nouveau/drm/nouveau: Prevent handling ACPI HPD events too early (bsc#1051510).\n- drm/nouveau/drm/nouveau: Use pm_runtime_get_noresume() in connector_detect() (bsc#1051510).\n- drm/nouveau: Do not disable polling in fallback mode (bsc#1103356).\n- drm/nouveau: Fix deadlocks in nouveau_connector_detect() (bsc#1051510).\n- drm/nouveau: Fix runtime PM leak in drm_open() (bsc#1051510).\n- drm/nouveau: tegra: Detach from ARM DMA/IOMMU mapping (bsc#1051510).\n- drm/panel: type promotion bug in s6e8aa0_read_mtp_id() (bsc#1051510).\n- drm/rockchip: lvds: add missing of_node_put (bsc#1051510).\n- drm/sti: do not remove the drm_bridge that was never added (bsc#1100132)\n- drm/sun4i: Fix an ulong overflow in the dotclock driver (bsc#1106110)\n- drm/sun4i: Fix releasing node when enumerating enpoints (bsc#1051510).\n- drm/tegra: Check for malformed offsets and sizes in the 'submit' IOCTL (bsc#1106170).\n- drm/tegra: Fix comparison operator for buffer size (bsc#1100132).\n- drm/vc4: Fix the 'no scaling' case on multi-planar YUV formats (bsc#1051510).\n- drm/virtio: fix bounds check in virtio_gpu_cmd_get_capset() (bsc#1113722)\n- drm: Add DRM client cap for aspect-ratio ().\n- drm: Add and handle new aspect ratios in DRM layer ().\n- drm: Add aspect ratio parsing in DRM layer ().\n- drm: Expose modes with aspect ratio, only if requested ().\n- drm: Handle aspect ratio info in legacy modeset path ().\n- drm: mali-dp: Call drm_crtc_vblank_reset on device init (bsc#1051510).\n- drm: mali-dp: Enable Global SE interrupts mask for DP500 (bsc#1051510).\n- drm: udl: Destroy framebuffer only if it was initialized (bsc#1051510).\n- dwc2: gadget: Fix ISOC IN DDMA PID bitfield value calculation (bsc#1051510).\n- e1000: check on netif_running() before calling e1000_up() (bsc#1051510).\n- e1000: ensure to free old tx/rx rings in set_ringparam() (bsc#1051510).\n- eeprom: at24: change nvmem stride to 1 (bsc#1051510).\n- eeprom: at24: check at24_read/write arguments (bsc#1051510).\n- eeprom: at24: correctly set the size for at24mac402 (bsc#1051510).\n- efi: Avoid potential crashes, fix the 'struct efi_pci_io_protocol_32' definition for mixed mode (bsc#1110006).\n- enable CONFIG_SCSI_MQ_DEFAULT (bsc#1107207)\n- enable MLX5 in azure (bsc#1108260)\n- enic: do not call enic_change_mtu in enic_probe (bsc#1051510).\n- enic: handle mtu change for vf properly (bsc#1051510).\n- enic: initialize enic->rfs_h.lock in enic_probe (bsc#1051510).\n- errseq: Add to documentation tree (bsc#1107008).\n- errseq: Always report a writeback error once (bsc#1107008).\n- ethtool: Remove trailing semicolon for static inline (bsc#1051510).\n- ethtool: fix a privilege escalation bug (bsc#1076830).\n- evm: Do not deadlock if a crypto algorithm is unavailable (bsc#1051510).\n- ext2, dax: introduce ext2_dax_aops (bsc#1104888).\n- ext2, dax: set ext2_dax_aops for dax files (bsc#1112554).\n- ext2: auto disable dax instead of failing mount (bsc#1104888).\n- ext4, dax: add ext4_bmap to ext4_dax_aops (bsc#1104888).\n- ext4, dax: introduce ext4_dax_aops (bsc#1104888).\n- ext4, dax: set ext4_dax_aops for dax files (bsc#1104888).\n- ext4: auto disable dax instead of failing mount (bsc#1104888).\n- ext4: avoid arithemetic overflow that can trigger a BUG (bsc#1112736).\n- ext4: avoid divide by zero fault when deleting corrupted inline directories (bsc#1112735).\n- ext4: check for NUL characters in extended attribute's name (bsc#1112732).\n- ext4: check to make sure the rename(2)'s destination is not freed (bsc#1112734).\n- ext4: do not mark mmp buffer head dirty (bsc#1112743).\n- ext4: fix online resize's handling of a too-small final block group (bsc#1112739).\n- ext4: fix online resizing for bigalloc file systems with a 1k block size (bsc#1112740).\n- ext4: fix spectre gadget in ext4_mb_regular_allocator() (bsc#1112733).\n- ext4: recalucate superblock checksum after updating free blocks/inodes (bsc#1112738).\n- ext4: reset error code in ext4_find_entry in fallback (bsc#1112731).\n- ext4: show test_dummy_encryption mount option in /proc/mounts (bsc#1112741).\n- ext4: sysfs: print ext4_super_block fields as little-endian (bsc#1106229).\n- extcon: Release locking when sending the notification of connector state (bsc#1051510).\n- f2fs: remove unneeded memory footprint accounting (bsc#1106233).\n- f2fs: remove unneeded memory footprint accounting (bsc#1106297).\n- f2fs: validate before set/clear free nat bitmap (bsc#1106231).\n- f2fs: validate before set/clear free nat bitmap (bsc#1106297).\n- fat: fix memory allocation failure handling of match_strdup() (bsc#1051510).\n- fb: fix lost console when the user unplugs a USB adapter (bsc#1051510).\n- fbdev/omapfb: fix omapfb_memory_read infoleak (bsc#1051510).\n- fbdev/via: fix defined but not used warning (bsc#1051510).\n- fbdev: Distinguish between interlaced and progressive modes (bsc#1051510).\n- fbdev: omapfb: off by one in omapfb_register_client() (bsc#1051510).\n- filesystem-dax: Introduce dax_lock_mapping_entry() (bsc#1107783).\n- filesystem-dax: Set page->index (bsc#1107783).\n- firmware, DMI: Add function to look up a handle and return DIMM size (bsc#1099125).\n- firmware: raspberrypi: Register hwmon driver (bsc#1108468).\n- fix __legitimize_mnt()/mntput() race (bsc#1106297).\n- fix a page leak in vhost_scsi_iov_to_sgl() error recovery (bsc#1051510).\n- fix mntput/mntput race (bsc#1106297).\n- floppy: Do not copy a kernel pointer to user memory in FDGETPRM ioctl (bsc#1051510).\n- fs, dax: prepare for dax-specific address_space_operations (bsc#1104888).\n- fs, dax: use page->mapping to warn if truncate collides with a busy page (bsc#1104888).\n- fs/9p/xattr.c: catch the error of p9_client_clunk when setting xattr failed (bsc#1051510).\n- fs/dcache.c: fix kmemcheck splat at take_dentry_name_snapshot() (git-fixes).\n- fs/proc/proc_sysctl.c: fix potential page fault while unregistering sysctl table (bsc#1106297).\n- fs/quota: Fix spectre gadget in do_quotactl (bsc#1112745).\n- fs: dcache: Avoid livelock between d_alloc_parallel and __d_add (git-fixes).\n- fs: dcache: Use READ_ONCE when accessing i_dir_seq (git-fixes).\n- fuse: Add missed unlock_page() to fuse_readpages_fill() (bsc#1106291).\n- fuse: Do not access pipe->buffers without pipe_lock() (bsc#1051510).\n- fuse: Fix oops at process_init_reply() (bsc#1106291).\n- fuse: fix double request_end() (bsc#1106291).\n- fuse: fix initial parallel dirops (bsc#1106291).\n- fuse: fix unlocked access to processing queue (bsc#1106291).\n- fuse: umount should wait for all requests (bsc#1106291).\n- gen_stats: Fix netlink stats dumping in the presence of padding (netfilter-stable-18_07_23).\n- genirq: Add handle_fasteoi_{level,edge}_irq flow handlers (bsc#1105378).\n- genirq: Export more irq_chip_*_parent() functions (bsc#1105378).\n- getname_kernel() needs to make sure that ->name != ->iname in long case (git-fixes).\n- getxattr: use correct xattr length (bsc#1106235).\n- getxattr: use correct xattr length (bsc#1106297).\n- gpio: Add gpio driver support for ThunderX and OCTEON-TX (bsc#1105378).\n- gpio: Fix crash due to registration race (bsc#1051510).\n- gpio: Fix wrong rounding in gpio-menz127 (bsc#1051510).\n- gpio: adp5588: Fix sleep-in-atomic-context bug (bsc#1051510).\n- gpio: mb86s70: Revert 'Return error if requesting an already assigned gpio' (bsc#1051510).\n- gpio: ml-ioh: Fix buffer underwrite on probe error path (bsc#1051510).\n- gpio: pxa: Fix potential NULL dereference (bsc#1051510).\n- gpio: tegra: Move driver registration to subsys_init level (bsc#1051510).\n- gpio: thunderx: fix error return code in thunderx_gpio_probe() (bsc#1105378).\n- gpio: thunderx: remove unused .map() hook from irq_domain_ops (bsc#1105378).\n- gpiolib-acpi: Register GpioInt ACPI event handlers from a late_initcall (bsc#1051510).\n- gpiolib-acpi: make sure we trigger edge events at least once on boot (bsc#1051510).\n- gpiolib: Free the last requested descriptor (bsc#1051510).\n- gpiolib: Mark gpio_suffixes array with __maybe_unused (bsc#1051510).\n- gpiolib: acpi: Switch to cansleep version of GPIO library call (bsc#1051510).\n- gpu: host1x: Check whether size of unpin isn't 0 (bsc#1051510).\n- gpu: ipu-v3: csi: pass back mbus_code_to_bus_cfg error codes (bsc#1051510).\n- gpu: ipu-v3: default to id 0 on missing OF alias (bsc#1051510).\n- hfs: prevent crash on exit from failed search (bsc#1051510).\n- hfsplus: do not return 0 when fill_super() failed (bsc#1051510).\n- hfsplus: stop workqueue when fill_super() failed (bsc#1051510).\n- hotplug/cpu: Add operation queuing function ().\n- hotplug/cpu: Conditionally acquire/release DRC index ().\n- hotplug/cpu: Provide CPU readd operation ().\n- hv: Synthetic typo correction (bsc#1107207).\n- hv: add SPDX license id to Kconfig (bsc#1107207).\n- hv: add SPDX license to trace (bsc#1107207).\n- hv: avoid crash in vmbus sysfs files (bsc#1108377).\n- hv_balloon: trace post_status (bsc#1107207).\n- hv_netvsc: Add NetVSP v6 and v6.1 into version negotiation (bsc#1107207).\n- hv_netvsc: Add handlers for ethtool get/set msg level (bsc#1107207).\n- hv_netvsc: Add per-cpu ethtool stats for netvsc (bsc#1107207).\n- hv_netvsc: Add range checking for rx packet offset and length (bsc#1107207).\n- hv_netvsc: Clean up extra parameter from rndis_filter_receive_data() (bsc#1107207).\n- hv_netvsc: Fix a deadlock by getting rtnl lock earlier in netvsc_probe() (bsc#1107207).\n- hv_netvsc: Fix the return status in RX path (bsc#1107207).\n- hv_netvsc: Fix the variable sizes in ipsecv2 and rsc offload (bsc#1107207).\n- hv_netvsc: Pass net_device parameter to revoke and teardown functions (bsc#1107207).\n- hv_netvsc: add trace points (bsc#1107207).\n- hv_netvsc: fix bogus ifalias on network device (bsc#1107207).\n- hv_netvsc: fix network namespace issues with VF support (bsc#1107207).\n- hv_netvsc: fix schedule in RCU context ().\n- hv_netvsc: fix schedule in RCU context (bsc#1107207).\n- hv_netvsc: fix vf serial matching with pci slot info (bsc#1107207).\n- hv_netvsc: ignore devices that are not PCI (bsc#1107207).\n- hv_netvsc: move VF to same namespace as netvsc device (bsc#1107207).\n- hv_netvsc: pair VF based on serial number (bsc#1107207).\n- hv_netvsc: pass netvsc_device to rndis halt (bsc#1107207).\n- hv_netvsc: propogate Hyper-V friendly name into interface alias (bsc#1107207).\n- hv_netvsc: select needed ucs2_string routine (bsc#1107207).\n- hv_netvsc: simplify receive side calling arguments (bsc#1107207).\n- hv_netvsc: typo in NDIS RSS parameters structure (bsc#1107207).\n- hv_vmbus: Correct the stale comments regarding cpu affinity (bsc#1107207).\n- hwmon: (adt7475) Make adt7475_read_word() return errors (bsc#1051510).\n- hwmon: (ina2xx) fix sysfs shunt resistor read access (bsc#1051510).\n- hwmon: (nct6775) Set weight source to zero correctly (bsc#1051510).\n- hwmon: Add support for RPi voltage sensor (bsc#1108468).\n- hwmon: rpi: add module alias to raspberrypi-hwmon (bsc#1108468).\n- hwrng: core - document the quality field (bsc#1051510).\n- hyper-v: use GFP_KERNEL for hv_context.hv_numa_map (bsc#1107207).\n- hypfs_kill_super(): deal with failed allocations (bsc#1051510).\n- i2c: core: ACPI: Properly set status byte to 0 for multi-byte writes (bsc#1051510).\n- i2c: davinci: Avoid zero value of CLKH (bsc#1051510).\n- i2c: i2c-scmi: fix for i2c_smbus_write_block_data (bsc#1051510).\n- i2c: i801: Add missing documentation entries for Braswell and Kaby Lake (bsc#1051510).\n- i2c: i801: Add support for Intel Cedar Fork (bsc#1051510).\n- i2c: i801: Add support for Intel Ice Lake (bsc#1051510).\n- i2c: i801: Allow ACPI AML access I/O ports not reserved for SMBus (bsc#1051510).\n- i2c: i801: Consolidate chipset names in documentation and Kconfig (bsc#1051510).\n- i2c: i801: fix DNV's SMBCTRL register offset (bsc#1051510).\n- i2c: imx: Fix race condition in dma read (bsc#1051510).\n- i2c: rcar: cleanup DMA for all kinds of failure (bsc#1051510).\n- i2c: uniphier-f: issue STOP only for last message or I2C_M_STOP (bsc#1051510).\n- i2c: uniphier: issue STOP only for last message or I2C_M_STOP (bsc#1051510).\n- i2c: xiic: Make the start and the byte count write atomic (bsc#1051510).\n- i2c: xlp9xx: Fix case where SSIF read transaction completes early (bsc#1105907).\n- i2c: xlp9xx: Fix issue seen when updating receive length (bsc#1105907).\n- i2c: xlp9xx: Make sure the transfer size is not more than I2C_SMBUS_BLOCK_SIZE (bsc#1105907).\n- i40e: fix condition of WARN_ONCE for stat strings (bsc#1107522).\n- ib_srpt: Fix a use-after-free in srpt_close_ch() (bsc#1046306 ).\n- ibmvnic: Include missing return code checks in reset function (bsc#1107966).\n- ieee802154: ca8210: fix uninitialised data read (bsc#1051510).\n- ieee802154: fix gcc-4.9 warnings (bsc#1051510).\n- ieee802154: mrf24j40: fix incorrect mask in mrf24j40_stop (bsc#1051510).\n- iio: 104-quad-8: Fix off-by-one error in register selection (bsc#1051510).\n- iio: ad9523: Fix displayed phase (bsc#1051510).\n- iio: ad9523: Fix return value for ad952x_store() (bsc#1051510).\n- iio: adc: at91: fix acking DRDY irq on simple conversions (bsc#1051510).\n- iio: adc: at91: fix wrong channel number in triggered buffer mode (bsc#1051510).\n- iio: adc: imx25-gcq: Fix leak of device_node in mx25_gcq_setup_cfgs() (bsc#1051510).\n- iio: adc: ina2xx: avoid kthread_stop() with stale task_struct (bsc#1051510).\n- iio: adc: sun4i-gpadc: select REGMAP_IRQ (bsc#1051510).\n- iio: sca3000: Fix an error handling path in 'sca3000_probe()' (bsc#1051510).\n- iio: sca3000: Fix missing return in switch (bsc#1051510).\n- ima: based on policy verify firmware signatures (pre-allocated buffer) (bsc#1051510).\n- include/rdma/opa_addr.h: Fix an endianness issue (bsc#1046306 ).\n- input: rohm_bu21023: switch to i2c_lock_bus(..., I2C_LOCK_SEGMENT) (bsc#1051510).\n- intel_th: Fix device removal logic (bsc#1051510).\n- intel_th: pci: Add Ice Lake PCH support (bsc#1051510).\n- iommu/amd: Add support for IOMMU XT mode ().\n- iommu/amd: Add support for higher 64-bit IOMMU Control Register ().\n- iommu/amd: Clear memory encryption mask from physical address (bsc#1106105).\n- iommu/amd: Finish TLB flush in amd_iommu_unmap() (bsc#1106105).\n- iommu/amd: Return devid as alias for ACPI HID devices (bsc#1106105).\n- iommu/amd: make sure TLB to be flushed before IOVA freed (bsc#1106105).\n- iommu/arm-smmu-v3: Do not free page table ops twice (bsc#1106237).\n- iommu/arm-smmu: Error out only if not enough context interrupts (bsc#1106237).\n- iommu/vt-d: Add definitions for PFSID (bsc#1106237).\n- iommu/vt-d: Fix a potential memory leak (bsc#1106105).\n- iommu/vt-d: Fix dev iotlb pfsid use (bsc#1106237).\n- iommu/vt-d: Fix scatterlist offset handling (bsc#1106237).\n- iommu/vt-d: Ratelimit each dmar fault printing (bsc#1106105).\n- ioremap: Update pgtable free interfaces with addr (bsc#1110006).\n- ip: hash fragments consistently (netfilter-stable-18_07_27).\n- ip: in cmsg IP(V6)_ORIGDSTADDR call pskb_may_pull (netfilter-stable-18_07_27).\n- ipc/shm: fix shmat() nil address after round-down when remapping (bsc#1090078).\n- ipmi/powernv: Fix error return code in ipmi_powernv_probe() (git-fixes).\n- ipmi: Fix some counter issues (bsc#1105907).\n- ipmi: Move BT capabilities detection to the detect call (bsc#1106779).\n- ipmi: Remove ACPI SPMI probing from the SSIF (I2C) driver (bsc#1105907).\n- ipmi:bt: Set the timeout before doing a capabilities check (bsc#1051510).\n- ipmi:ssif: Add support for multi-part transmit messages > 2 parts (bsc#1103308).\n- ipv4: Return EINVAL when ping_group_range sysctl does not map to user ns (netfilter-stable-18_07_23).\n- ipv4: fix use-after-free in ip_cmsg_recv_dstaddr() (git-fixes).\n- ipv4: remove BUG_ON() from fib_compute_spec_dst (netfilter-stable-18_08_01).\n- ipv6: fix useless rol32 call on hash (netfilter-stable-18_07_23).\n- ipv6: ila: select CONFIG_DST_CACHE (netfilter-stable-18_07_23).\n- ipv6: make DAD fail with enhanced DAD when nonce length differs (netfilter-stable-18_07_23).\n- ipv6: sr: fix passing wrong flags to crypto_alloc_shash() (networking-stable-18_07_19).\n- ipvlan: fix IFLA_MTU ignored on NEWLINK (networking-stable-18_07_19).\n- irq/core: Fix boot crash when the irqaffinity= boot parameter is passed on CPUMASK_OFFSTACK=y kernels(v1) (bsc#1051510).\n- irqchip/bcm7038-l1: Hide cpu offline callback when building for !SMP (bsc#1051510).\n- irqdomain: Add irq_domain_{push,pop}_irq() functions (bsc#1105378).\n- irqdomain: Check for NULL function pointer in irq_domain_free_irqs_hierarchy() (bsc#1105378).\n- irqdomain: Factor out code to add and remove items to and from the revmap (bsc#1105378).\n- irqdomain: Prevent potential NULL pointer dereference in irq_domain_push_irq() (bsc#1105378).\n- irqdomain: Update the comments of fwnode field of irq_domain structure (bsc#1051510).\n- isdn: Disable IIOCDBGVAR (bsc#1051510).\n- iw_cxgb4: remove duplicate memcpy() in c4iw_create_listen() (bsc#1046543).\n- iwlwifi: dbg: do not crash if the firmware crashes in the middle of a debug dump (bsc#1051510).\n- iwlwifi: mvm: Allow TKIP for AP mode (bsc#1051510).\n- iwlwifi: mvm: check for n_profiles validity in EWRD ACPI (bsc#1051510).\n- iwlwifi: mvm: clear HW_RESTART_REQUESTED when stopping the interface (bsc#1051510).\n- iwlwifi: mvm: open BA session only when sta is authorized (bsc#1051510).\n- iwlwifi: mvm: send BCAST management frames to the right station (bsc#1051510).\n- iwlwifi: pcie gen2: check iwl_pcie_gen2_set_tb() return value (bsc#1051510).\n- iwlwifi: pcie: do not access periphery registers when not available (bsc#1051510).\n- iwlwifi: pcie: gen2: build A-MSDU only for GSO (bsc#1051510).\n- ixgbe: Refactor queue disable logic to take completion time into account (bsc#1101557).\n- ixgbe: Reorder Tx/Rx shutdown to reduce time needed to stop device (bsc#1101557).\n- jbd2: fix use after free in jbd2_log_do_checkpoint() (bsc#1113257).\n- kABI: Hide get_msr_feature() in kvm_x86_ops (bsc#1106240).\n- kABI: protect eswitch.h include (kabi).\n- kABI: protect struct nf_conn (kabi).\n- kABI: protect struct vsock_sock (kabi).\n- kABI: reexport tcp_send_ack (kabi).\n- kABI: reexport vsock_pending_work (kabi).\n- kabi fix for check_disk_size_change() (bsc#1098459).\n- kabi protect enum mem_type (bsc#1099125).\n- kabi protect hnae_ae_ops (bsc#1107924).\n- kabi protect struct kvm_sync_regs (bsc#1106948).\n- kabi/severities: Whitelist libceph, rbd, and ceph (bsc#1096748).\n- kabi/severities: add qeth inter-module symbols to ignore list.\n- kabi/severities: ignore __xive_vm_h_* KVM internal symbols.\n- kabi/severities: ignore ppc64 realmode helpers. KVM fixes remove exports of realmode_pfn_to_page iommu_tce_xchg_rm mm_iommu_lookup_rm mm_iommu_ua_to_hpa_rm. Some are no longer used and others are no longer exported because the code was consolideted in one place. These helpers are to be called in realmode and linking to them from non-KVM modules is a bug. Hence removing them does not break KABI.\n- kabi: move s390 mm_context_t lock to mm_struct and ignore the change (bsc#1103421).\n- kabi: x86/speculation/l1tf: Increase l1tf memory limit for Nehalem+ (bsc#1105536).\n- kernfs: update comment about kernfs_path() return value (bsc#1051510).\n- kprobes/x86: Disable preemption in ftrace-based jprobes (bsc#1110006).\n- kprobes/x86: Fix %p uses in error messages (bsc#1110006).\n- kprobes/x86: Prohibit probing on exception masking instructions (bsc#1110006).\n- kprobes/x86: Release insn_slot in failure path (bsc#1110006).\n- ksm: fix unlocked iteration over vmas in cmp_and_merge_page() (VM Functionality bsc#1111806).\n- kvm, mm: account shadow page tables to kmemcg (bsc#1110006).\n- kvm/x86: kABI fix for vm_alloc/vm_free changes (bsc#1111506).\n- kvm: Make VM ioctl do valloc for some archs (bsc#1111506).\n- kvm: arm64: Convert kvm_set_s2pte_readonly() from inline asm to cmpxchg() (bsc#1108010).\n- kvm: nVMX: Fix fault vector for VMX operation at CPL > 0 (bsc#1106105).\n- kvm: nVMX: Use nested_run_pending rather than from_vmentry (bsc#1106240).\n- kvm: x86: Set highest physical address bits in non-present/reserved SPTEs (bsc#1106240).\n- kvm: x86: factor out kvm.arch.hyperv (de)init (bsc#1107207).\n- kvm: x86: fix KVM_XEN_HVM_CONFIG ioctl (bsc#1110006).\n- kvm: x86: hyperv: delete dead code in kvm_hv_hypercall() (bsc#1107207).\n- kvm: x86: hyperv: guest->host event signaling via eventfd (bsc#1107207).\n- kvm: x86: vmx: fix vpid leak (bsc#1106240).\n- kvmclock: fix TSC calibration for nested guests (bsc#1110006).\n- l2tp: use sk_dst_check() to avoid race on sk->sk_dst_cache (netfilter-stable-18_08_17).\n- lan78xx: Check for supported Wake-on-LAN modes (bsc#1051510).\n- lan78xx: Lan7801 Support for Fixed PHY (bsc#1085262).\n- lan78xx: Set ASD in MAC_CR when EEE is enabled (bsc#1085262).\n- lan78xx: remove redundant initialization of pointer 'phydev' (bsc#1085262).\n- leds: max8997: use mode when calling max8997_led_set_mode (bsc#1051510).\n- lib/bug.c: exclude non-BUG/WARN exceptions from report_bug() (bsc#1110006).\n- lib/iov_iter: Fix pipe handling in _copy_to_iter_mcsafe() (bsc#1098782).\n- lib/rhashtable: consider param->min_size when setting initial table size (bsc#1051510).\n- lib/test_hexdump.c: fix failure on big endian cpu (bsc#1051510).\n- lib/ubsan.c: s/missaligned/misaligned/ (bsc#1051510).\n- lib/ubsan: add type mismatch handler for new GCC/Clang (bsc#1051510).\n- lib/vsprintf: Remove atomic-unsafe support for %pCr (bsc#1051510).\n- libahci: Fix possible Spectre-v1 pmp indexing in ahci_led_store() (bsc#1051510).\n- libata: Fix command retry decision (bsc#1051510).\n- libata: Fix compile warning with ATA_DEBUG enabled (bsc#1051510).\n- libbpf: Makefile set specified permission mode (bsc#1083647).\n- libceph: check authorizer reply/challenge length before reading (bsc#1096748).\n- libceph: factor out __ceph_x_decrypt() (bsc#1096748).\n- libceph: factor out __prepare_write_connect() (bsc#1096748).\n- libceph: factor out encrypt_authorizer() (bsc#1096748).\n- libceph: store ceph_auth_handshake pointer in ceph_connection (bsc#1096748).\n- libceph: weaken sizeof check in ceph_x_verify_authorizer_reply() (bsc#1096748).\n- libertas: call into generic suspend code before turning off power (bsc#1051510).\n- libertas: fix suspend and resume for SDIO connected cards (bsc#1051510).\n- libnvdimm, btt: fix uninitialized err_lock (bsc#1103961).\n- libnvdimm, dimm: Maximize label transfer size (bsc#1111921, bsc#1113408, bsc#1113972).\n- libnvdimm, label: Fix sparse warning (bsc#1111921, bsc#1113408, bsc#1113972).\n- libnvdimm, label: change nvdimm_num_label_slots per UEFI 2.7 (bsc#1111921, bsc#1113408, bsc#1113972).\n- libnvdimm, nfit: enable support for volatile ranges (bsc#1103961).\n- libnvdimm, nfit: move the check on nd_reserved2 to the endpoint (bsc#1103961).\n- libnvdimm, pmem: Fix memcpy_mcsafe() return code handling in nsio_rw_bytes() (bsc#1098782).\n- libnvdimm, pmem: Restore page attributes when clearing errors (bsc#1107783).\n- libnvdimm: Use max contiguous area for namespace size (git-fixes).\n- libnvdimm: fix ars_status output length calculation (bsc#1104890).\n- libnvdimm: rename nd_sector_size_{show,store} to nd_size_select_{show,store} (bsc#1103961).\n- liquidio: fix hang when re-binding VF host drv after running DPDK VF driver (bsc#1067126).\n- liquidio: fix kernel panic in VF driver (bsc#1067126).\n- livepatch: Remove reliable stacktrace check in klp_try_switch_task() (bsc#1071995).\n- livepatch: Validate module/old func name length (bsc#1071995).\n- livepatch: create and include UAPI headers ().\n- llc: use refcount_inc_not_zero() for llc_sap_find() (netfilter-stable-18_08_17).\n- lockd: fix 'list_add double add' caused by legacy signal interface (git-fixes).\n- loop: add recursion validation to LOOP_CHANGE_FD (bsc#1112711).\n- loop: do not call into filesystem while holding lo_ctl_mutex (bsc#1112710).\n- loop: fix LOOP_GET_STATUS lock imbalance (bsc#1113284).\n- mac80211: Fix station bandwidth setting after channel switch (bsc#1051510).\n- mac80211: Run TXQ teardown code before de-registering interfaces (bsc#1051510).\n- mac80211: add stations tied to AP_VLANs during hw reconfig (bsc#1051510).\n- mac80211: always account for A-MSDU header changes (bsc#1051510).\n- mac80211: avoid kernel panic when building AMSDU from non-linear SKB (bsc#1051510).\n- mac80211: correct use of IEEE80211_VHT_CAP_RXSTBC_X (bsc#1051510).\n- mac80211: do not Tx a deauth frame if the AP forbade Tx (bsc#1051510).\n- mac80211: do not convert to A-MSDU if frag/subframe limited (bsc#1051510).\n- mac80211: fix a race between restart and CSA flows (bsc#1051510).\n- mac80211: fix an off-by-one issue in A-MSDU max_subframe computation (bsc#1051510).\n- mac80211: fix pending queue hang due to TX_DROP (bsc#1051510).\n- mac80211: fix setting IEEE80211_KEY_FLAG_RX_MGMT for AP mode keys (bsc#1051510).\n- mac80211: mesh: fix HWMP sequence numbering to follow standard (bsc#1051510).\n- mac80211: minstrel: fix using short preamble CCK rates on HT clients (bsc#1051510).\n- mac80211: restrict delayed tailroom needed decrement (bsc#1051510).\n- mac80211: shorten the IBSS debug messages (bsc#1051510).\n- mac80211_hwsim: correct use of IEEE80211_VHT_CAP_RXSTBC_X (bsc#1051510).\n- mac80211_hwsim: require at least one channel (bsc#1051510).\n- mach64: detect the dot clock divider correctly on sparc (bsc#1051510).\n- macros.kernel-source: pass -b properly in kernel module package (bsc#1107870).\n- mailbox: xgene-slimpro: Fix potential NULL pointer dereference (bsc#1051510).\n- make sure that __dentry_kill() always invalidates d_seq, unhashed or not (git-fixes).\n- md-cluster: clear another node's suspend_area after the copy is finished (bsc#1106333).\n- md-cluster: do not send msg if array is closing (bsc#1106333).\n- md-cluster: release RESYNC lock after the last resync message (bsc#1106688).\n- md-cluster: show array's status more accurate (bsc#1106333).\n- md/raid10: fix that replacement cannot complete recovery after reassemble (git-fixes).\n- md/raid1: add error handling of read error from FailFast device (git-fixes).\n- md/raid5-cache: disable reshape completely (git-fixes).\n- md/raid5: fix data corruption of replacements after originals dropped (git-fixes).\n- md: fix NULL dereference of mddev->pers in remove_and_add_spares() (git-fixes).\n- media: Revert '[media] tvp5150: fix pad format frame height' (bsc#1051510).\n- media: af9035: prevent buffer overflow on write (bsc#1051510).\n- media: cx231xx: fix potential sign-extension overflow on large shift (bsc#1051510).\n- media: davinci: vpif_display: Mix memory leak on probe error path (bsc#1051510).\n- media: dvb: fix compat ioctl translation (bsc#1051510).\n- media: em28xx: fix input name for Terratec AV 350 (bsc#1051510).\n- media: em28xx: use a default format if TRY_FMT fails (bsc#1051510).\n- media: exynos4-is: Prevent NULL pointer dereference in __isp_video_try_fmt() (bsc#1051510).\n- media: fsl-viu: fix error handling in viu_of_probe() (bsc#1051510).\n- media: helene: fix xtal frequency setting at power on (bsc#1051510).\n- media: mem2mem: Remove excessive try_run call (bsc#1051510).\n- media: omap3isp: zero-initialize the isp cam_xclk{a,b} initial data (bsc#1051510).\n- media: pci: cx23885: handle adding to list failure (bsc#1051510).\n- media: rtl28xxu: be sure that it won't go past the array size (bsc#1051510).\n- media: s3c-camif: ignore -ENOIOCTLCMD from v4l2_subdev_call for s_power (bsc#1051510).\n- media: s5p-mfc: Fix buffer look up in s5p_mfc_handle_frame_{new, copy_time} functions (bsc#1051510).\n- media: soc_camera: ov772x: correct setting of banding filter (bsc#1051510).\n- media: tm6000: add error handling for dvb_register_adapter (bsc#1051510).\n- media: tvp5150: avoid going past array on v4l2_querymenu() (bsc#1051510).\n- media: tvp5150: fix switch exit in set control handler (bsc#1051510).\n- media: tvp5150: fix width alignment during set_selection() (bsc#1051510).\n- media: tw686x: Fix oops on buffer alloc failure (bsc#1051510).\n- media: uvcvideo: Fix uvc_alloc_entity() allocation alignment (bsc#1051510).\n- media: v4l2-mem2mem: Fix missing v4l2_m2m_try_run call (bsc#1051510).\n- media: v4l2-tpg: fix kernel oops when enabling HFLIP and OSD (bsc#1051510).\n- media: videobuf-dma-sg: Fix dma_{sync,unmap}_sg() calls (bsc#1051510).\n- media: videobuf2-core: check for q->error in vb2_core_qbuf() (bsc#1051510).\n- media: vsp1: Fix YCbCr planar formats pitch calculation (bsc#1051510).\n- mei: bus: type promotion bug in mei_nfc_if_version() (bsc#1051510).\n- mei: do not update offset in write (bsc#1051510).\n- mei: ignore not found client in the enumeration (bsc#1051510).\n- mei: me: enable asynchronous probing ().\n- memcg, thp: do not invoke oom killer on thp charges (bsc#1089663).\n- memory: tegra: Apply interrupts mask per SoC (bsc#1051510).\n- memory: tegra: Do not handle spurious interrupts (bsc#1051510).\n- merge hyperv part of f5caf621\n- mfd: 88pm860x-i2c: switch to i2c_lock_bus(..., I2C_LOCK_SEGMENT) (bsc#1051510).\n- mfd: arizona: Correct calling of runtime_put_sync (bsc#1051510).\n- mfd: arizona: Do not use regmap_read_poll_timeout (bsc#1051510).\n- mfd: intel-lpss: Add Ice Lake PCI IDs (bsc#1051510).\n- mfd: lpc_ich: Do not touch SPI-NOR write protection bit on Apollo Lake (bsc#1051510).\n- mfd: sm501: Set coherent_dma_mask when creating subdevices (bsc#1051510).\n- mfd: ti_am335x_tscadc: Fix struct clk memory leak (bsc#1051510).\n- mlxsw: core_acl_flex_actions: Return error for conflicting actions (netfilter-stable-18_08_17).\n- mm, dax: introduce pfn_t_special() (bsc#1104888).\n- mm, madvise_inject_error: Disable MADV_SOFT_OFFLINE for ZONE_DEVICE pages (bsc#1107783).\n- mm, madvise_inject_error: Let memory_failure() optionally take a page reference (bsc#1107783).\n- mm, memory_failure: Collect mapping size in collect_procs() (bsc#1107783).\n- mm, memory_failure: Teach memory_failure() about dev_pagemap pages (bsc#1107783).\n- mm, numa: Migrate pages to local nodes quicker early in the lifetime of a task (bsc#1101669 optimise numa balancing for fast migrate).\n- mm, numa: Remove rate-limiting of automatic numa balancing migration (bsc#1101669 optimise numa balancing for fast migrate).\n- mm, numa: Remove rate-limiting of automatic numa balancing migration kabi (bsc#1101669 optimise numa balancing for fast migrate).\n- mm, page_alloc: double zone's batchsize (bsc#971975 VM performance -- page allocator).\n- mm/huge_memory.c: fix data loss when splitting a file pmd (bsc#1107074).\n- mm/hugetlb: filter out hugetlb pages if HUGEPAGE migration is not supported (bsc#1106697).\n- mm/migrate: Use spin_trylock() while resetting rate limit ().\n- mm/vmalloc: add interfaces to free unmapped page table (bsc#1110006).\n- mm/vmscan: wake up flushers for legacy cgroups too (bsc#1107061).\n- mm: /proc/pid/pagemap: hide swap entries from unprivileged users (Git-fixes bsc#1109907).\n- mm: Preserve _PAGE_DEVMAP across mprotect() calls (bsc#1111028).\n- mm: fix BUG_ON() in vmf_insert_pfn_pud() from VM_MIXEDMAP removal (bsc#1111841).\n- mm: fix devmem_is_allowed() for sub-page System RAM intersections (bsc#1106800).\n- mm: memcg: fix use after free in mem_cgroup_iter() (bsc#1107065).\n- mmc: block: avoid multiblock reads for the last sector in SPI mode (bsc#1051510).\n- mmc: omap_hsmmc: fix wakeirq handling on removal (bsc#1051510).\n- mmc: sdhci-of-esdhc: set proper dma mask for ls104x chips (bsc#1051510).\n- mmc: sdhci: do not try to use 3.3V signaling if not supported (bsc#1051510).\n- mmc: tegra: prevent HS200 on Tegra 3 (bsc#1051510).\n- modpost: ignore livepatch unresolved relocations ().\n- module: exclude SHN_UNDEF symbols from kallsyms api (bsc#1071995).\n- move a hyperv related patch to correct place in series.conf\n- move changes without Git-commit out of sorted section\n- mwifiex: handle race during mwifiex_usb_disconnect (bsc#1051510).\n- net/9p/client.c: version pointer uninitialized (bsc#1051510).\n- net/9p/trans_fd.c: fix race by holding the lock (bsc#1051510).\n- net/9p/trans_fd.c: fix race-condition by flushing workqueue before the kfree() (bsc#1051510).\n- net/9p: Switch to wait_event_killable() (bsc#1051510).\n- net/9p: fix error path of p9_virtio_probe (bsc#1051510).\n- net/ipv4: Set oif in fib_compute_spec_dst (netfilter-stable-18_07_23).\n- net/mlx5: E-Switch, Avoid setup attempt if not being e-switch manager (networking-stable-18_07_19).\n- net/mlx5e: Avoid dealing with vport representors if not being e-switch manager (networking-stable-18_07_19).\n- net/packet: fix use-after-free (networking-stable-18_07_19).\n- net: add support for Cavium PTP coprocessor (bsc#1110096).\n- net: bcmgenet: Fix sparse warnings in bcmgenet_put_tx_csum() (bsc#1051510).\n- net: bcmgenet: Fix unmapping of fragments in bcmgenet_xmit() (bsc#1051510).\n- net: bcmgenet: correct bad merge (bsc#1051510).\n- net: bcmgenet: enable loopback during UniMAC sw_reset (bsc#1051510).\n- net: bcmgenet: prevent duplicate calls of bcmgenet_dma_teardown (bsc#1051510).\n- net: cavium: fix NULL pointer dereference in cavium_ptp_put (bsc#1110096).\n- net: cavium: use module_pci_driver to simplify the code (bsc#1110096).\n- net: dccp: avoid crash in ccid3_hc_rx_send_feedback() (networking-stable-18_07_19).\n- net: dccp: switch rx_tstamp_last_feedback to monotonic clock (networking-stable-18_07_19).\n- net: diag: Do not double-free TCP_NEW_SYN_RECV sockets in tcp_abort (netfilter-stable-18_07_23).\n- net: dsa: Do not suspend/resume closed slave_dev (netfilter-stable-18_08_04).\n- net: ena: Eliminate duplicate barriers on weakly-ordered archs (bsc#1108093).\n- net: ena: Fix use of uninitialized DMA address bits field (netfilter-stable-18_08_01).\n- net: ena: fix device destruction to gracefully free resources (bsc#1108093).\n- net: ena: fix driver when PAGE_SIZE == 64kB (bsc#1108093).\n- net: ena: fix incorrect usage of memory barriers (bsc#1108093).\n- net: ena: fix missing calls to READ_ONCE (bsc#1108093).\n- net: ena: fix missing lock during device destruction (bsc#1108093).\n- net: ena: fix potential double ena_destroy_device() (bsc#1108093).\n- net: ena: fix surprise unplug NULL dereference kernel crash (bsc#1108093).\n- net: ethernet: mvneta: Fix napi structure mixup on armada 3700 (networking-stable-18_08_21).\n- net: fix amd-xgbe flow-control issue (netfilter-stable-18_08_01).\n- net: fix use-after-free in GRO with ESP (networking-stable-18_07_19).\n- net: hns3: Fix MSIX allocation issue for VF (bsc#1104353 ).\n- net: hns3: Fix comments for hclge_get_ring_chain_from_mbx (bsc#1104353).\n- net: hns3: Fix desc num set to default when setting channel (bsc#1104353).\n- net: hns3: Fix for command format parsing error in hclge_is_all_function_id_zero (bsc#1104353).\n- net: hns3: Fix for information of phydev lost problem when down/up (bsc#1104353).\n- net: hns3: Fix for l4 checksum offload bug (bsc#1104353 ).\n- net: hns3: Fix for mac pause not disable in pfc mode (bsc#1104353).\n- net: hns3: Fix for mailbox message truncated problem (bsc#1104353).\n- net: hns3: Fix for phy link issue when using marvell phy driver (bsc#1104353).\n- net: hns3: Fix for reset_level default assignment probelm (bsc#1104353).\n- net: hns3: Fix for using wrong mask and shift in hclge_get_ring_chain_from_mbx (bsc#1104353).\n- net: hns3: Fix for waterline not setting correctly (bsc#1104353).\n- net: hns3: Fix get_vector ops in hclgevf_main module (bsc#1104353).\n- net: hns3: Fix return value error in hns3_reset_notify_down_enet (bsc#1104353).\n- net: hns3: Fix warning bug when doing lp selftest (bsc#1104353 ).\n- net: hns3: Prevent sending command during global or core reset (bsc#1104353).\n- net: hns3: Standardize the handle of return value (bsc#1104353 ).\n- net: hns3: add unlikely for error check (bsc#1104353 ).\n- net: hns3: fix page_offset overflow when CONFIG_ARM64_64K_PAGES (bsc#1104353).\n- net: hns3: fix return value error while hclge_cmd_csq_clean failed (bsc#1104353).\n- net: hns3: modify hnae_ to hnae3_ (bsc#1104353).\n- net: hns3: remove some redundant assignments (bsc#1104353 ).\n- net: hns3: remove unnecessary ring configuration operation while resetting (bsc#1104353).\n- net: hns3: simplify hclge_cmd_csq_clean (bsc#1104353 ).\n- net: hns: add netif_carrier_off before change speed and duplex (bsc#1107924).\n- net: hns: add the code for cleaning pkt in chip (bsc#1107924).\n- net: mdio-mux: bcm-iproc: fix wrong getter and setter pair (netfilter-stable-18_08_01).\n- net: mvneta: fix mvneta_config_rss on armada 3700 (networking-stable-18_08_21).\n- net: mvneta: fix the Rx desc DMA address in the Rx path (networking-stable-18_07_19).\n- net: phy: consider PHY_IGNORE_INTERRUPT in phy_start_aneg_priv (netfilter-stable-18_07_27).\n- net: phy: fix flag masking in __set_phy_supported (netfilter-stable-18_07_23).\n- net: rtnl_configure_link: fix dev flags changes arg to __dev_notify_flags (git-fixes).\n- net: skb_segment() should not return NULL (netfilter-stable-18_07_27).\n- net: stmmac: Fix WoL for PCI-based setups (netfilter-stable-18_08_04).\n- net: stmmac: mark PM functions as __maybe_unused (git-fixes).\n- net: sungem: fix rx checksum support (networking-stable-18_07_19).\n- net: systemport: Fix CRC forwarding check for SYSTEMPORT Lite (netfilter-stable-18_07_23).\n- net: thunder: change q_len's type to handle max ring size (bsc#1110096).\n- net: thunderx: Set max queue count taking XDP_TX into account (bsc#1110096).\n- net: thunderx: add MAC address filter tracking for LMAC (bsc#1110096).\n- net: thunderx: add XCAST messages handlers for PF (bsc#1110096).\n- net: thunderx: add multicast filter management support (bsc#1110096).\n- net: thunderx: add ndo_set_rx_mode callback implementation for VF (bsc#1110096).\n- net: thunderx: add new messages for handle ndo_set_rx_mode callback (bsc#1110096).\n- net: thunderx: add timestamping support (bsc#1110096).\n- net: thunderx: add workqueue control structures for handle ndo_set_rx_mode request (bsc#1110096).\n- net: thunderx: check for failed allocation lmac->dmacs (bsc#1110096).\n- net: thunderx: fix double free error (bsc#1110096).\n- net: thunderx: move filter register related macro into proper place (bsc#1110096).\n- net: thunderx: prevent concurrent data re-writing by nicvf_set_rx_mode (bsc#1110096).\n- net: thunderx: remove a couple of redundant assignments (bsc#1110096).\n- net: thunderx: rework mac addresses list to u64 array (bsc#1110096).\n- net_sched: Fix missing res info when create new tc_index filter (netfilter-stable-18_08_17).\n- net_sched: blackhole: tell upper qdisc about dropped packets (networking-stable-18_07_19).\n- netfilter: do not set F_IFACE on ipv6 fib lookups (netfilter-stable-18_06_25).\n- netfilter: ip6t_rpfilter: provide input interface for route lookup (netfilter-stable-18_06_25).\n- netfilter: ip6t_rpfilter: set F_IFACE for linklocal addresses (git-fixes).\n- netfilter: nat: Revert 'netfilter: nat: convert nat bysrc hash to rhashtable' (netfilter-stable-17_11_16).\n- netfilter: nf_tables: add missing netlink attrs to policies (netfilter-stable-18_06_27).\n- netfilter: nf_tables: do not assume chain stats are set when jumplabel is set (netfilter-stable-18_06_27).\n- netfilter: nf_tables: fix memory leak on error exit return (netfilter-stable-18_06_27).\n- netfilter: nf_tables: nft_compat: fix refcount leak on xt module (netfilter-stable-18_06_27).\n- netfilter: nf_tables: use WARN_ON_ONCE instead of BUG_ON in nft_do_chain() (netfilter-stable-18_06_25).\n- netfilter: nft_compat: fix handling of large matchinfo size (netfilter-stable-18_06_27).\n- netfilter: nft_compat: prepare for indirect info storage (netfilter-stable-18_06_27).\n- netfilter: nft_meta: fix wrong value dereference in nft_meta_set_eval (netfilter-stable-18_06_27).\n- netlink: Do not shift on 64 for ngroups (git-fixes).\n- netlink: Do not shift with UB on nlk->ngroups (netfilter-stable-18_08_01).\n- netlink: Do not subscribe to non-existent groups (netfilter-stable-18_08_01).\n- netlink: Fix spectre v1 gadget in netlink_create() (netfilter-stable-18_08_04).\n- nfs/filelayout: fix oops when freeing filelayout segment (bsc#1105190).\n- nfs/pnfs: fix nfs_direct_req ref leak when i/o falls back to the mds (git-fixes).\n- nfs41: do not return ENOMEM on LAYOUTUNAVAILABLE (git-fixes).\n- nfsd: remove blocked locks on client teardown (git-fixes).\n- nl80211: Add a missing break in parse_station_flags (bsc#1051510).\n- nl80211: check nla_parse_nested() return values (bsc#1051510).\n- nvdimm: Clarify comment in sizeof_namespace_index (bsc#1111921, bsc#1113408, bsc#1113972).\n- nvdimm: Remove empty if statement (bsc#1111921, bsc#1113408, bsc#1113972).\n- nvdimm: Sanity check labeloff (bsc#1111921, bsc#1113408, bsc#1113972).\n- nvdimm: Split label init out from the logic for getting config data (bsc#1111921, bsc#1113408, bsc#1113972).\n- nvdimm: Use namespace index data to reduce number of label reads needed (bsc#1111921, bsc#1113408, bsc#1113972).\n- nvme: call nvme_complete_rq when nvmf_check_ready fails for mpath I/O (bsc#1107685).\n- nvme: register ns_id attributes as default sysfs groups (bsc#1105247).\n- nvme_fc: add 'nvme_discovery' sysfs attribute to fc transport device (bsc#1044189).\n- objtool, kprobes/x86: Sync the latest asm/insn.h header with tools/objtool/arch/x86/include/asm/insn.h (bsc#1110006).\n- of: add helper to lookup compatible child node (bsc#1106110)\n- orangefs: fix deadlock; do not write i_size in read_iter (bsc#1051510).\n- orangefs: initialize op on loop restart in orangefs_devreq_read (bsc#1051510).\n- orangefs: use list_for_each_entry_safe in purge_waiting_ops (bsc#1051510).\n- orangefs_kill_sb(): deal with allocation failures (bsc#1051510).\n- ovl: Sync upper dirty data when syncing overlayfs (git-fixes).\n- ovl: fix format of setxattr debug (git-fixes).\n- parport: sunbpp: fix error return code (bsc#1051510).\n- partitions/aix: append null character to print data from disk (bsc#1051510).\n- partitions/aix: fix usage of uninitialized lv_info and lvname structures (bsc#1051510).\n- perf/x86/amd/ibs: Do not access non-started event (bsc#1110006).\n- perf/x86/cstate: Fix possible Spectre-v1 indexing for pkg_msr (bsc#1110006).\n- perf/x86/intel/lbr: Fix incomplete LBR call stack (bsc#1110006).\n- perf/x86/intel/uncore: Correct fixed counter index check for NHM (bsc#1110006).\n- perf/x86/intel/uncore: Correct fixed counter index check in generic code (bsc#1110006).\n- perf/x86/intel/uncore: Fix Skylake UPI event format (bsc#1110006).\n- perf/x86/intel: Do not accidentally clear high bits in bdw_limit_period() (bsc#1110006).\n- perf/x86/intel: Fix event update for auto-reload (bsc#1110006).\n- perf/x86/intel: Fix large period handling on Broadwell CPUs (bsc#1110006).\n- perf/x86/intel: Fix linear IP of PEBS real_ip on Haswell and later CPUs (bsc#1110006).\n- perf/x86/intel: Properly save/restore the PMU state in the NMI handler (bsc#1110006).\n- perf/x86/msr: Fix possible Spectre-v1 indexing in the MSR driver (bsc#1110006).\n- perf/x86: Fix possible Spectre-v1 indexing for hw_perf_event cache_* (bsc#1110006).\n- perf/x86: Fix possible Spectre-v1 indexing for x86_pmu::event_map() (bsc#1110006).\n- pinctrl/amd: only handle irq if it is pending and unmasked (bsc#1051510).\n- pinctrl: cannonlake: Fix HOSTSW_OWN register offset of H variant (bsc#1051510).\n- pipe: actually allow root to exceed the pipe buffer limits (bsc#1106297).\n- pipe: match pipe_max_size data type with procfs (git-fixes).\n- platform/x86: alienware-wmi: Correct a memory leak (bsc#1051510).\n- platform/x86: asus-nb-wmi: Add keymap entry for lid flip action on UX360 (bsc#1051510).\n- platform/x86: thinkpad_acpi: Proper model/release matching (bsc#1051510).\n- platform/x86: toshiba_acpi: Fix defined but not used build warnings (bsc#1051510).\n- pmem: Switch to copy_to_iter_mcsafe() (bsc#1098782).\n- pnfs/blocklayout: off by one in bl_map_stripe() (git-fixes).\n- power: gemini-poweroff: Avoid more spurious poweroffs (bsc#1051510).\n- power: generic-adc-battery: check for duplicate properties copied from iio channels (bsc#1051510).\n- power: generic-adc-battery: fix out-of-bounds write when copying channel properties (bsc#1051510).\n- power: remove possible deadlock when unregistering power_supply (bsc#1051510).\n- power: supply: axp288_charger: Fix initial constant_charge_current value (bsc#1051510).\n- power: supply: max77693_charger: fix unintentional fall-through (bsc#1051510).\n- power: vexpress: fix corruption in notifier registration (bsc#1051510).\n- powernv/pseries: consolidate code for mce early handling (bsc#1094244).\n- powerpc/64s: Default l1d_size to 64K in RFI fallback flush (bsc#1068032, git-fixes).\n- powerpc/64s: Fix DT CPU features Power9 DD2.1 logic (bsc#1055117).\n- powerpc/64s: Fix compiler store ordering to SLB shadow area (bsc#1094244).\n- powerpc/64s: move machine check SLB flushing to mm/slb.c (bsc#1094244).\n- powerpc/fadump: cleanup crash memory ranges support (bsc#1103269).\n- powerpc/fadump: re-register firmware-assisted dump if already registered (bsc#1108170, bsc#1108823).\n- powerpc/firmware: Add definitions for new drc-info firmware feature (bsc#1109158).\n- powerpc/kprobes: Fix call trace due to incorrect preempt count (bsc#1065729).\n- powerpc/kvm/booke: Fix altivec related build break (bsc#1061840).\n- powerpc/kvm: Switch kvm pmd allocator to custom allocator (bsc#1061840).\n- powerpc/lib: Fix the feature fixup tests to actually work (bsc#1065729).\n- powerpc/mce: Fix SLB rebolting during MCE recovery path (bsc#1094244).\n- powerpc/mm/hugetlb: initialize the pagetable cache correctly for hugetlb (bsc#1091800).\n- powerpc/mm: Rename find_linux_pte_or_hugepte() (bsc#1061840).\n- powerpc/numa: Skip onlining a offline node in kdump path (bsc#1109784).\n- powerpc/numa: Use associativity if VPHN hcall is successful (bsc#1110363).\n- powerpc/perf: Fix IMC allocation routine (bsc#1054914).\n- powerpc/perf: Fix memory allocation for core-imc based on num_possible_cpus() (bsc#1054914).\n- powerpc/perf: Remove sched_task function defined for thread-imc (bsc#1054914).\n- powerpc/pkeys: Fix reading of ibm, processor-storage-keys property (bsc#1109244).\n- powerpc/powernv/ioda2: Reduce upper limit for DMA window size (bsc#1055120).\n- powerpc/powernv/ioda: Allocate indirect TCE levels on demand (bsc#1061840).\n- powerpc/powernv/ioda: Finish removing explicit max window size check (bsc#1061840).\n- powerpc/powernv/ioda: Remove explicit max window size check (bsc#1061840).\n- powerpc/powernv/npu: Do a PID GPU TLB flush when invalidating a large address range (bsc#1055120).\n- powerpc/powernv: Add indirect levels to it_userspace (bsc#1061840).\n- powerpc/powernv: Move TCE manupulation code to its own file (bsc#1061840).\n- powerpc/powernv: Rework TCE level allocation (bsc#1061840).\n- powerpc/pseries/mm: Introducing FW_FEATURE_BLOCK_REMOVE (bsc#1109158).\n- powerpc/pseries/mm: call H_BLOCK_REMOVE (bsc#1109158).\n- powerpc/pseries/mm: factorize PTE slot computation (bsc#1109158).\n- powerpc/pseries: Avoid using the size greater than RTAS_ERROR_LOG_MAX (bsc#1094244).\n- powerpc/pseries: Defer the logging of rtas error to irq work queue (bsc#1094244).\n- powerpc/pseries: Define MCE error event section (bsc#1094244).\n- powerpc/pseries: Disable CPU hotplug across migrations (bsc#1065729).\n- powerpc/pseries: Display machine check error details (bsc#1094244).\n- powerpc/pseries: Dump the SLB contents on SLB MCE errors (bsc#1094244).\n- powerpc/pseries: Fix 'OF: ERROR: Bad of_node_put() on /cpus' during DLPAR (bsc#1113295).\n- powerpc/pseries: Fix CONFIG_NUMA=n build (bsc#1067906, git-fixes).\n- powerpc/pseries: Fix build break for SPLPAR=n and CPU hotplug (bsc#1079524, git-fixes).\n- powerpc/pseries: Fix duplicate firmware feature for DRC_INFO (bsc#1109158).\n- powerpc/pseries: Fix endianness while restoring of r3 in MCE handler (bsc#1094244).\n- powerpc/pseries: Flush SLB contents on SLB MCE errors (bsc#1094244).\n- powerpc/pseries: Remove prrn_work workqueue (bsc#1102495, bsc#1109337).\n- powerpc/pseries: Remove unneeded uses of dlpar work queue (bsc#1102495, bsc#1109337).\n- powerpc/pseries: fix EEH recovery of some IOV devices (bsc#1078720, git-fixes).\n- powerpc/rtas: Fix a potential race between CPU-Offline Migration (bsc#1111870).\n- powerpc/tm: Avoid possible userspace r1 corruption on reclaim (bsc#1109333).\n- powerpc/tm: Fix userspace r13 corruption (bsc#1109333).\n- powerpc/topology: Get topology for shared processors at boot (bsc#1104683).\n- powerpc/xive: Fix trying to 'push' an already active pool VP (bsc#1085030, git-fixes).\n- powerpc/xive: Move definition of ESB bits (bsc#1061840).\n- powerpc/xmon: Add ISA v3.0 SPRs to SPR dump (bsc#1061840).\n- powerpc64s: Show ori31 availability in spectre_v1 sysfs file not v2 (bsc#1068032, bsc#1080157, git-fixes).\n- powerpc: Avoid code patching freed init sections (bsc#1107735).\n- powerpc: Fix size calculation using resource_size() (bsc#1012382).\n- powerpc: KABI add aux_ptr to hole in paca_struct to extend it with additional members (bsc#1094244).\n- powerpc: KABI: move mce_data_buf into paca_aux (bsc#1094244).\n- powerpc: make feature-fixup tests fortify-safe (bsc#1065729).\n- powerpc: pseries: remove dlpar_attach_node dependency on full path (bsc#1113295).\n- ppp: Destroy the mutex when cleanup (bsc#1051510).\n- ppp: fix __percpu annotation (bsc#1051510).\n- printk/tracing: Do not trace printk_nmi_enter() (bsc#1112208).\n- printk: drop in_nmi check from printk_safe_flush_on_panic() (bsc#1112170).\n- proc: restrict kernel stack dumps to root (git-fixes). blacklist.conf:\n- pstore: Fix incorrect persistent ram buffer mapping (bsc#1051510).\n- ptp: fix missing break in switch (bsc#1105355).\n- ptr_ring: fail early if queue occupies more than KMALLOC_MAX_SIZE (bsc#1105355).\n- ptr_ring: fix up after recent ptr_ring changes (bsc#1105355).\n- ptr_ring: prevent integer overflow when calculating size (bsc#1105355).\n- ptrace,x86: Make user_64bit_mode() available to 32-bit builds (bsc#1110006).\n- pwm: tiehrpwm: Fix disabling of output of PWMs (bsc#1051510).\n- qed: Add missing device config for RoCE EDPM in UFP mode (bsc#1109217).\n- qed: Avoid sending mailbox commands when MFW is not responsive (bsc#1050536).\n- qed: Do not add VLAN 0 tag to untagged frames in multi-function mode (bsc#1050536).\n- qed: Fix populating the invalid stag value in multi function mode (bsc#1050536).\n- qed: Fix shmem structure inconsistency between driver and the mfw (bsc#1110561).\n- qed: Prevent a possible deadlock during driver load and unload (bsc#1050536).\n- qed: Wait for MCP halt and resume commands to take place (bsc#1050536).\n- qed: Wait for ready indication before rereading the shmem (bsc#1050536).\n- qlcnic: fix Tx descriptor corruption on 82xx devices (bsc#1050540).\n- qlge: Fix netdev features configuration (bsc#1098822).\n- qmi_wwan: Added support for Gemalto's Cinterion ALASxx WWAN interface (bsc#1051510).\n- qmi_wwan: set DTR for modems in forced USB2 mode (bsc#1051510).\n- qrtr: add MODULE_ALIAS macro to smd (bsc#1051510).\n- r8152: Check for supported Wake-on-LAN Modes (bsc#1051510).\n- r8169: Clear RTL_FLAG_TASK_*_PENDING when clearing RTL_FLAG_TASK_ENABLED (bsc#1051510).\n- r8169: add support for NCube 8168 network card (bsc#1051510).\n- race of lockd inetaddr notifiers vs nlmsvc_rqst change (git-fixes).\n- random: add new ioctl RNDRESEEDCRNG (bsc#1051510).\n- random: fix possible sleeping allocation from irq context (bsc#1051510).\n- random: mix rdrand with entropy sent in from userspace (bsc#1051510).\n- random: rate limit unseeded randomness warnings (git-fixes).\n- random: set up the NUMA crng instances after the CRNG is fully initialized (bsc#1051510).\n- rculist: Improve documentation for list_for_each_entry_from_rcu() (bsc#1084760).\n- rculist: add list_for_each_entry_from_rcu() (bsc#1084760).\n- readahead: stricter check for bdi io_pages (VM Functionality, git fixes).\n- regulator: fix crash caused by null driver data (bsc#1051510).\n- reiserfs: add check to detect corrupted directory entry (bsc#1109818).\n- reiserfs: do not panic on bad directory entries (bsc#1109818).\n- reiserfs: fix broken xattr handling (heap corruption, bad retval) (bsc#1106236).\n- rename a hv patch to reduce conflicts in -AZURE\n- rename/renumber hv patches to simplify upcoming upstream merges Good Bye automerge. Hello Conflicts.\n- rename/renumber hv patches to simplify upcoming upstream merges No code changes.\n- reorder a qedi patch to allow further work in this branch\n- resort series.conf\n- resource: Include resource end in walk_*() interfaces (bsc#1114279).\n- rhashtable: add schedule points (bsc#1051510).\n- rndis_wlan: potential buffer overflow in rndis_wlan_auth_indication() (bsc#1051510).\n- root dentries need RCU-delayed freeing (bsc#1106297).\n- rpc_pipefs: fix double-dput() (bsc#1051510).\n- rpm/kernel-binary.spec.in: fix call of split-modules split-modules is called with some parameters depending on config options. But since we do not use backslash consistelny, the call to split-modules might be evaluated so that also the following cat command is appended. Avoid this behaviour by using backslashes everywhere and add %nil to the end. This perhaps never happens, but stay on the safe side.\n- rpm/mkspec: build dtbs for architectures marked -!needs_updating\n- rpm/mkspec: fix ppc64 kernel-source build.\n- rpmsg: Correct support for MODULE_DEVICE_TABLE() (git-fixes).\n- rsi: Fix 'invalid vdd' warning in mmc (bsc#1051510).\n- rtc: bq4802: add error handling for devm_ioremap (bsc#1051510).\n- rtnetlink: add rtnl_link_state check in rtnl_configure_link (netfilter-stable-18_07_27).\n- rxrpc: Fix user call ID check in rxrpc_service_prealloc_one (netfilter-stable-18_08_04).\n- s390/crypto: Fix return code checking in cbc_paes_crypt() (bsc#1108323, LTC#171709).\n- s390/entry.S: use assembler alternatives (bsc#1103421).\n- s390/lib: use expoline for all bcr instructions (git-fixes, bsc#1103421).\n- s390/mm: fix local TLB flushing vs. detach of an mm address space (bsc#1103421).\n- s390/mm: fix race on mm->context.flush_mm (bsc#1103421).\n- s390/pci: fix out of bounds access during irq setup (bsc#1108323, LTC#171068).\n- s390/qdio: reset old sbal_state flags (LTC#171525, bsc#1106948).\n- s390/qeth: consistently re-enable device features (bsc#1104482, LTC#170340).\n- s390/qeth: do not clobber buffer on async TX completion (bsc#1104482, LTC#170340).\n- s390/qeth: rely on kernel for feature recovery (bsc#1104482, LTC#170340).\n- s390/qeth: use vzalloc for QUERY OAT buffer (LTC#171527, bsc#1106948).\n- s390/runtime instrumentation: simplify task exit handling (bsc#1103421).\n- s390: Prevent hotplug rwsem recursion (bsc#1105731).\n- s390: always save and restore all registers on context switch (bsc#1103421).\n- s390: detect etoken facility (bsc#1103421).\n- s390: fix br_r1_trampoline for machines without exrl (git-fixes, bsc#1103421).\n- s390: fix compat system call table (bsc#1103421).\n- s390: fix handling of -1 in set{,fs}id16 syscalls (bsc#1103421).\n- s390: use expoline thunks for all branches generated by the BPF JIT (bsc#1103421).\n- samples/bpf: adjust rlimit RLIMIT_MEMLOCK for xdp1 (bsc#1083647).\n- sched/fair: Fix bandwidth timer clock drift condition (Git-fixes).\n- sched/fair: Fix vruntime_normalized() for remote non-migration wakeup (git-fixes).\n- sched/isolcpus: Fix 'isolcpus=' boot parameter handling when !CONFIG_CPUMASK_OFFSTACK (bsc#1107207).\n- sched/numa: Avoid task migration for small NUMA improvement (bsc#1101669 optimise numa balancing for fast migrate).\n- sched/numa: Do not move imbalanced load purely on the basis of an idle CPU (bsc#1101669 optimise numa balancing for fast migrate).\n- sched/numa: Evaluate move once per node (bsc#1101669 optimise numa balancing for fast migrate).\n- sched/numa: Limit the conditions where scan period is reset ().\n- sched/numa: Pass destination CPU as a parameter to migrate_task_rq (bsc#1101669 optimise numa balancing for fast migrate).\n- sched/numa: Pass destination CPU as a parameter to migrate_task_rq kabi (bsc#1101669 optimise numa balancing for fast migrate).\n- sched/numa: Remove numa_has_capacity() (bsc#1101669 optimise numa balancing for fast migrate).\n- sched/numa: Remove unused task_capacity from 'struct numa_stats' (bsc#1101669 optimise numa balancing for fast migrate).\n- sched/numa: Reset scan rate whenever task moves across nodes (bsc#1101669 optimise numa balancing for fast migrate).\n- sched/numa: Stop comparing tasks for NUMA placement after selecting an idle core (bsc#1101669 optimise numa balancing for fast migrate).\n- sched/numa: Stop multiple tasks from moving to the CPU at the same time (bsc#1101669 optimise numa balancing for fast migrate).\n- sched/numa: Stop multiple tasks from moving to the CPU at the same time kabi (bsc#1101669 optimise numa balancing for fast migrate).\n- sched/numa: remove unused code from update_numa_stats() (bsc#1101669 optimise numa balancing for fast migrate).\n- sched/numa: remove unused nr_running field (bsc#1101669 optimise numa balancing for fast migrate).\n- scripts/git_sort/git_sort.py: Add fixes branch from mkp/scsi.git.\n- scripts/git_sort/git_sort.py: add libnvdimm-for-next branch\n- scripts/git_sort/git_sort.py: add mkp 4.20/scsi-queue\n- scripts: modpost: check memory allocation results (bsc#1051510).\n- scsi: core: Allow state transitions from OFFLINE to BLOCKED (bsc#1112246).\n- scsi: cxlflash: Abstract hardware dependent assignments ().\n- scsi: cxlflash: Acquire semaphore before invoking ioctl services ().\n- scsi: cxlflash: Adapter context init can return error ().\n- scsi: cxlflash: Adapter context support for OCXL ().\n- scsi: cxlflash: Add argument identifier names ().\n- scsi: cxlflash: Add include guards to backend.h ().\n- scsi: cxlflash: Avoid clobbering context control register value ().\n- scsi: cxlflash: Enable OCXL operations ().\n- scsi: cxlflash: Explicitly cache number of interrupts per context ().\n- scsi: cxlflash: Handle spurious interrupts ().\n- scsi: cxlflash: Hardware AFU for OCXL ().\n- scsi: cxlflash: Introduce OCXL backend ().\n- scsi: cxlflash: Introduce OCXL context state machine ().\n- scsi: cxlflash: Introduce object handle fop ().\n- scsi: cxlflash: Isolate external module dependencies ().\n- scsi: cxlflash: Limit the debug logs in the IO path ().\n- scsi: cxlflash: MMIO map the AFU ().\n- scsi: cxlflash: Preserve number of interrupts for master contexts ().\n- scsi: cxlflash: Read host AFU configuration ().\n- scsi: cxlflash: Read host function configuration ().\n- scsi: cxlflash: Register for translation errors ().\n- scsi: cxlflash: Remove commmands from pending list on timeout ().\n- scsi: cxlflash: Remove embedded CXL work structures ().\n- scsi: cxlflash: Setup AFU PASID ().\n- scsi: cxlflash: Setup AFU acTag range ().\n- scsi: cxlflash: Setup LISNs for master contexts ().\n- scsi: cxlflash: Setup LISNs for user contexts ().\n- scsi: cxlflash: Setup OCXL transaction layer ().\n- scsi: cxlflash: Setup function OCXL link ().\n- scsi: cxlflash: Setup function acTag range ().\n- scsi: cxlflash: Staging to support future accelerators ().\n- scsi: cxlflash: Support AFU interrupt management ().\n- scsi: cxlflash: Support AFU interrupt mapping and registration ().\n- scsi: cxlflash: Support AFU reset ().\n- scsi: cxlflash: Support AFU state toggling ().\n- scsi: cxlflash: Support adapter context discovery ().\n- scsi: cxlflash: Support adapter context mmap and release ().\n- scsi: cxlflash: Support adapter context polling ().\n- scsi: cxlflash: Support adapter context reading ().\n- scsi: cxlflash: Support adapter file descriptors for OCXL ().\n- scsi: cxlflash: Support file descriptor mapping ().\n- scsi: cxlflash: Support image reload policy modification ().\n- scsi: cxlflash: Support process element lifecycle ().\n- scsi: cxlflash: Support process specific mappings ().\n- scsi: cxlflash: Support reading adapter VPD data ().\n- scsi: cxlflash: Support starting an adapter context ().\n- scsi: cxlflash: Support starting user contexts ().\n- scsi: cxlflash: Synchronize reset and remove ops ().\n- scsi: cxlflash: Use IDR to manage adapter contexts ().\n- scsi: cxlflash: Use local mutex for AFU serialization ().\n- scsi: cxlflash: Yield to active send threads ().\n- scsi: fcoe: hold disc_mutex when traversing rport lists (bsc#1077989).\n- scsi: hisi_sas: Add SATA FIS check for v3 hw ().\n- scsi: hisi_sas: Add a flag to filter PHY events during reset ().\n- scsi: hisi_sas: Add missing PHY spinlock init ().\n- scsi: hisi_sas: Adjust task reject period during host reset ().\n- scsi: hisi_sas: Drop hisi_sas_slot_abort() ().\n- scsi: hisi_sas: Fix the conflict between dev gone and host reset ().\n- scsi: hisi_sas: Fix the failure of recovering PHY from STP link timeout ().\n- scsi: hisi_sas: Implement handlers of PCIe FLR for v3 hw ().\n- scsi: hisi_sas: Only process broadcast change in phy_bcast_v3_hw() ().\n- scsi: hisi_sas: Pre-allocate slot DMA buffers ().\n- scsi: hisi_sas: Release all remaining resources in clear nexus ha ().\n- scsi: hisi_sas: Tidy hisi_sas_task_prep() ().\n- scsi: hisi_sas: Use dmam_alloc_coherent() ().\n- scsi: hisi_sas: add memory barrier in task delivery function ().\n- scsi: hisi_sas: relocate some common code for v3 hw ().\n- scsi: hisi_sas: tidy channel interrupt handler for v3 hw ().\n- scsi: hisi_sas: tidy host controller reset function a bit ().\n- scsi: hpsa: limit transfer length to 1MB, not 512kB (bsc#1102346).\n- scsi: ipr: Eliminate duplicate barriers ().\n- scsi: ipr: System hung while dlpar adding primary ipr adapter back (bsc#1109336).\n- scsi: ipr: Use dma_pool_zalloc() ().\n- scsi: ipr: fix incorrect indentation of assignment statement ().\n- scsi: libfc: Add lockdep annotations (bsc#1077989).\n- scsi: libfc: check fc_frame_payload_get() return value for null (bsc#1104731).\n- scsi: libfc: fixup 'sleeping function called from invalid context' (bsc#1077989).\n- scsi: libfc: fixup lockdep annotations (bsc#1077989).\n- scsi: libfc: hold disc_mutex in fc_disc_stop_rports() (bsc#1077989).\n- scsi: libfc: retry PRLI if we cannot analyse the payload (bsc#1104731).\n- scsi: lpfc: Correct MDS diag and nvmet configuration (bsc#1106636).\n- scsi: mpt3sas: Fix calltrace observed while running IO reset (bsc#1077989).\n- scsi: netvsc: Use the vmbus function to calculate ring buffer percentage (bsc#1107207).\n- scsi: qedi: Add the CRC size within iSCSI NVM image (bsc#1110538).\n- scsi: qedi: Initialize the stats mutex lock (bsc#1110538).\n- scsi: qla2xxx: Add appropriate debug info for invalid RX_ID (bsc#1108870).\n- scsi: qla2xxx: Add logic to detect ABTS hang and response completion (bsc#1108870).\n- scsi: qla2xxx: Add longer window for chip reset (bsc#1086327,).\n- scsi: qla2xxx: Add mode control for each physical port (bsc#1108870).\n- scsi: qla2xxx: Add support for ZIO6 interrupt threshold (bsc#1108870).\n- scsi: qla2xxx: Allow FC-NVMe underrun to be handled by transport (bsc#1108870).\n- scsi: qla2xxx: Check for Register disconnect (bsc#1108870).\n- scsi: qla2xxx: Cleanup for N2N code (bsc#1086327,).\n- scsi: qla2xxx: Decrement login retry count for only plogi (bsc#1108870).\n- scsi: qla2xxx: Defer chip reset until target mode is enabled (bsc#1108870).\n- scsi: qla2xxx: Fix ISP recovery on unload (bsc#1086327,).\n- scsi: qla2xxx: Fix Management Server NPort handle reservation logic (bsc#1086327,).\n- scsi: qla2xxx: Fix N2N link re-connect (bsc#1086327,).\n- scsi: qla2xxx: Fix NVMe Target discovery (bsc#1108870).\n- scsi: qla2xxx: Fix NVMe session hang on unload (bsc#1108870).\n- scsi: qla2xxx: Fix Remote port registration (bsc#1108870).\n- scsi: qla2xxx: Fix deadlock between ATIO and HW lock (bsc#1108870).\n- scsi: qla2xxx: Fix double increment of switch scan retry count (bsc#1108870).\n- scsi: qla2xxx: Fix driver hang when FC-NVMe LUNs are configured (bsc#1108870).\n- scsi: qla2xxx: Fix dropped srb resource (bsc#1108870).\n- scsi: qla2xxx: Fix duplicate switch database entries (bsc#1108870).\n- scsi: qla2xxx: Fix duplicate switch's Nport ID entries (bsc#1108870).\n- scsi: qla2xxx: Fix early srb free on abort (bsc#1108870).\n- scsi: qla2xxx: Fix for double free of SRB structure (bsc#1108870).\n- scsi: qla2xxx: Fix iIDMA error (bsc#1108870).\n- scsi: qla2xxx: Fix incorrect port speed being set for FC adapters (bsc#1108870).\n- scsi: qla2xxx: Fix issue reported by static checker for qla2x00_els_dcmd2_sp_done() (bsc#1086327,).\n- scsi: qla2xxx: Fix login retry count (bsc#1086327,).\n- scsi: qla2xxx: Fix memory leak for allocating abort IOCB (bsc#1111830).\n- scsi: qla2xxx: Fix out of order Termination and ABTS response (bsc#1108870).\n- scsi: qla2xxx: Fix port speed display on chip reset (bsc#1108870).\n- scsi: qla2xxx: Fix premature command free (bsc#1108870).\n- scsi: qla2xxx: Fix process response queue for ISP26XX and above (bsc#1108870).\n- scsi: qla2xxx: Fix race between switch cmd completion and timeout (bsc#1086327,).\n- scsi: qla2xxx: Fix race condition for resource cleanup (bsc#1108870).\n- scsi: qla2xxx: Fix re-using LoopID when handle is in use (bsc#1108870).\n- scsi: qla2xxx: Fix recursive mailbox timeout (bsc#1108870).\n- scsi: qla2xxx: Fix redundant fc_rport registration (bsc#1086327,).\n- scsi: qla2xxx: Fix session state stuck in Get Port DB (bsc#1086327,).\n- scsi: qla2xxx: Fix stalled relogin (bsc#1086327,).\n- scsi: qla2xxx: Fix stuck session in PLOGI state (bsc#1108870).\n- scsi: qla2xxx: Fix unintended Logout (bsc#1086327,).\n- scsi: qla2xxx: Flush mailbox commands on chip reset (bsc#1086327,).\n- scsi: qla2xxx: Force fw cleanup on ADISC error (bsc#1108870).\n- scsi: qla2xxx: Increase abort timeout value (bsc#1108870).\n- scsi: qla2xxx: Migrate NVME N2N handling into state machine (bsc#1086327,).\n- scsi: qla2xxx: Move ABTS code behind qpair (bsc#1108870).\n- scsi: qla2xxx: Move log messages before issuing command to firmware (bsc#1108870).\n- scsi: qla2xxx: Move rport registration out of internal work_list (bsc#1108870).\n- scsi: qla2xxx: Move {get|rel}_sp to base_qpair struct (bsc#1108870).\n- scsi: qla2xxx: Prevent sysfs access when chip is down (bsc#1086327,).\n- scsi: qla2xxx: Reduce holding sess_lock to prevent CPU lock-up (bsc#1108870).\n- scsi: qla2xxx: Reject bsg request if chip is down (bsc#1108870).\n- scsi: qla2xxx: Remove ASYNC GIDPN switch command (bsc#1108870).\n- scsi: qla2xxx: Remove all rports if fabric scan retry fails (bsc#1108870).\n- scsi: qla2xxx: Remove redundant check for fcport deletion (bsc#1108870).\n- scsi: qla2xxx: Remove stale ADISC_DONE event (bsc#1108870).\n- scsi: qla2xxx: Remove stale debug trace message from tcm_qla2xxx (bsc#1108870).\n- scsi: qla2xxx: Return switch command on a timeout (bsc#1108870).\n- scsi: qla2xxx: Save frame payload size from ICB (bsc#1086327,).\n- scsi: qla2xxx: Serialize mailbox request (bsc#1108870).\n- scsi: qla2xxx: Silent erroneous message (bsc#1086327,).\n- scsi: qla2xxx: Spinlock recursion in qla_target (bsc#1086327,).\n- scsi: qla2xxx: Terminate Plogi/PRLI if WWN is 0 (bsc#1108870).\n- scsi: qla2xxx: Turn off IOCB timeout timer on IOCB completion (bsc#1108870).\n- scsi: qla2xxx: Update driver to version 10.00.00.09-k (bsc#1108870).\n- scsi: qla2xxx: Update driver version to 10.00.00.08-k (bsc#1086327,).\n- scsi: qla2xxx: Update driver version to 10.00.00.10-k (bsc#1108870).\n- scsi: qla2xxx: Update driver version to 10.00.00.11-k (bsc#1108870).\n- scsi: qla2xxx: Update rscn_rcvd field to more meaningful scan_needed (bsc#1108870).\n- scsi: qla2xxx: Use correct qpair for ABTS/CMD (bsc#1108870).\n- scsi: qla2xxx: do not allow negative thresholds (bsc#1108870).\n- scsi: qla2xxx: shutdown chip if reset fail (bsc#1108870).\n- scsi: storsvc: do not set a bounce limit (bsc#1107207).\n- scsi: storvsc: Avoid allocating memory for temp cpumasks (bsc#1107207).\n- scsi: storvsc: Select channel based on available percentage of ring buffer to write (bsc#1107207).\n- scsi: storvsc: Set up correct queue depth values for IDE devices (bsc#1107207).\n- scsi: target: prefer dbroot of /etc/target over /var/target (bsc#1111928).\n- scsi: vmbus: Add function to report available ring buffer to write in total ring size percentage (bsc#1107207).\n- scsi_debug: call resp_XXX function after setting host_scribble (bsc#1069138).\n- scsi_debug: reset injection flags for every_nth > 0 (bsc#1069138).\n- security: check for kstrdup() failure in lsm_append() (bsc#1051510).\n- selftests/bpf/test_maps: exit child process without error in ENOMEM case (bsc#1083647).\n- selftests/bpf: fix a typo in map in map test (bsc#1083647).\n- selftests/x86: Add tests for User-Mode Instruction Prevention (bsc#1110006).\n- selftests/x86: Add tests for the STR and SLDT instructions (bsc#1110006).\n- serial: 8250: Do not service RX FIFO if interrupts are disabled (bsc#1051510).\n- serial: 8250: Fix clearing FIFOs in RS485 mode again (bsc#1051510).\n- serial: 8250_dw: Add ACPI support for uart on Broadcom SoC (bsc#1051510).\n- serial: 8250_dw: always set baud rate in dw8250_set_termios (bsc#1051510).\n- serial: 8250_exar: Read INT0 from slave device, too (bsc#1051510).\n- serial: core: mark port as initialized after successful IRQ change (bsc#1051510).\n- serial: cpm_uart: return immediately from console poll (bsc#1051510).\n- serial: enable spi in sc16is7xx driver References: bsc#1105672\n- serial: imx: restore handshaking irq for imx1 (bsc#1051510).\n- serial: make sc16is7xx driver supported References: bsc#1105672\n- serial: pxa: Fix an error handling path in 'serial_pxa_probe()' (bsc#1051510).\n- serial: sh-sci: Stop RX FIFO timer during port shutdown (bsc#1051510).\n- serial: xuartps: fix typo in cdns_uart_startup (bsc#1051510).\n- series.conf: moved some Xen patches to the sorted region xen/blkfront: correct purging of persistent grants (bsc#1112514).\n- signal: Properly deliver SIGSEGV from x86 uprobes (bsc#1110006).\n- slab: __GFP_ZERO is incompatible with a constructor (bsc#1107060).\n- smb2: fix missing files in root share directory listing (bsc#1112907).\n- smb3: fill in statfs fsid and correct namelen (bsc#1112905).\n- smb3: fix reset of bytes read and written stats (bsc#1112906).\n- smb3: on reconnect set PreviousSessionId field (bsc#1112899).\n- smsc75xx: Check for Wake-on-LAN modes (bsc#1051510).\n- smsc95xx: Check for Wake-on-LAN modes (bsc#1051510).\n- soc/tegra: pmc: Fix child-node lookup (bsc#1051510).\n- soc: fsl: qe: Fix copy/paste bug in ucc_get_tdm_sync_shift() (bsc#1051510).\n- soc: mediatek: pwrap: fix cipher init setting error (bsc#1051510).\n- sock_diag: fix use-after-free read in __sk_free (bsc#1051510).\n- soreuseport: initialise timewait reuseport field (bsc#1051510).\n- sound: do not call skl_init_chip() to reset intel skl soc (bsc#1051510).\n- sound: enable interrupt after dma buffer initialization (bsc#1051510).\n- spi-nor: intel-spi: Fix number of protected range registers for BYT/LPT ().\n- spi/bcm63xx-hsspi: keep pll clk enabled (bsc#1051510).\n- spi: bcm-qspi: switch back to reading flash using smaller chunks (bsc#1051510).\n- spi: cadence: Change usleep_range() to udelay(), for atomic context (bsc#1051510).\n- spi: davinci: fix a NULL pointer dereference (bsc#1051510).\n- spi: pxa2xx: Add support for Intel Ice Lake (bsc#1051510).\n- spi: rspi: Fix interrupted DMA transfers (bsc#1051510).\n- spi: rspi: Fix invalid SPI use during system suspend (bsc#1051510).\n- spi: sh-msiof: Fix handling of write value for SISTR register (bsc#1051510).\n- spi: sh-msiof: Fix invalid SPI use during system suspend (bsc#1051510).\n- spi: sh-msiof: fix deferred probing (bsc#1051510).\n- spi: tegra20-slink: explicitly enable/disable clock (bsc#1051510).\n- squashfs metadata 2: electric boogaloo (bsc#1051510).\n- squashfs: be more careful about metadata corruption (bsc#1051510).\n- squashfs: more metadata hardening (bsc#1051510).\n- squashfs: more metadata hardening (bsc#1051510).\n- sr9800: Check for supported Wake-on-LAN modes (bsc#1051510).\n- sr: get/drop reference to device in revalidate and check_events (bsc#1109979).\n- staging: bcm2835-audio: Check if workqueue allocation failed ().\n- staging: bcm2835-audio: Deliver indirect-PCM transfer error ().\n- staging: bcm2835-audio: Disconnect and free vchi_instance on module_exit() ().\n- staging: bcm2835-audio: Do not leak workqueue if open fails ().\n- staging: bcm2835-audio: constify snd_pcm_ops structures ().\n- staging: bcm2835-audio: make snd_pcm_hardware const ().\n- staging: bcm2835-camera: fix timeout handling in wait_for_completion_timeout (bsc#1051510).\n- staging: bcm2835-camera: handle wait_for_completion_timeout return properly (bsc#1051510).\n- staging: comedi: ni_mio_common: fix subdevice flags for PFI subdevice (bsc#1051510).\n- staging: comedi: ni_mio_common: protect register write overflow (bsc#1051510).\n- staging: lustre: Use 'kvfree()' for memory allocated by 'kvzalloc()' (bsc#1051510).\n- staging: lustre: disable preempt while sampling processor id (bsc#1051510).\n- staging: lustre: fix bug in osc_enter_cache_try (bsc#1051510).\n- staging: lustre: ldlm: free resource when ldlm_lock_create() fails (bsc#1051510).\n- staging: lustre: libcfs: Prevent harmless read underflow (bsc#1051510).\n- staging: lustre: libcfs: fix test for libcfs_ioctl_hdr minimum size (bsc#1051510).\n- staging: lustre: llite: correct removexattr detection (bsc#1051510).\n- staging: lustre: llite: initialize xattr->xe_namelen (bsc#1051510).\n- staging: lustre: lmv: correctly iput lmo_root (bsc#1051510).\n- staging: lustre: lov: use correct env in lov_io_data_version_end() (bsc#1051510).\n- staging: lustre: o2iblnd: Fix FastReg map/unmap for MLX5 (bsc#1051510).\n- staging: lustre: o2iblnd: Fix crash in kiblnd_handle_early_rxs() (bsc#1051510).\n- staging: lustre: o2iblnd: fix race at kiblnd_connect_peer (bsc#1051510).\n- staging: lustre: obd_mount: use correct niduuid suffix (bsc#1051510).\n- staging: lustre: obdclass: return -EFAULT if copy_from_user() fails (bsc#1051510).\n- staging: lustre: ptlrpc: kfree used instead of kvfree (bsc#1051510).\n- staging: lustre: remove invariant in cl_io_read_ahead() (bsc#1051510).\n- staging: lustre: statahead: remove incorrect test on agl_list_empty() (bsc#1051510).\n- staging: rts5208: fix missing error check on call to rtsx_write_register (bsc#1051510).\n- staging: vc04_services: Fix platform_no_drv_owner.cocci warnings ().\n- staging: vc04_services: bcm2835-audio Format multiline comment ().\n- staging: vc04_services: bcm2835-audio: Add blank line after declaration ().\n- staging: vc04_services: bcm2835-audio: Change to unsigned int * ().\n- staging: vc04_services: bcm2835-audio: add SPDX identifiers ().\n- staging: vc04_services: bcm2835-audio: remove redundant license text ().\n- staging: vc04_services: please do not use multiple blank lines ().\n- stm: Potential read overflow in stm_char_policy_set_ioctl() (bsc#1051510).\n- stmmac: fix DMA channel hang in half-duplex mode (networking-stable-18_07_19).\n- string: drop __must_check from strscpy() and restore strscpy() usages in cgroup (bsc#1051510).\n- strparser: Remove early eaten to fix full tcp receive buffer stall (networking-stable-18_07_19).\n- sunxi-rsb: Include OF based modalias in device uevent (bsc#1051510).\n- switchtec: Fix Spectre v1 vulnerability (bsc#1051510).\n- sys: do not hold uts_sem while accessing userspace memory (bsc#1106995).\n- sysfs: Do not return POSIX ACL xattrs via listxattr (git-fixes).\n- target: log Data-Out timeouts as errors (bsc#1095805).\n- target: log NOP ping timeouts as errors (bsc#1095805).\n- target: split out helper for cxn timeout error stashing (bsc#1095805).\n- target: stash sess_err_stats on Data-Out timeout (bsc#1095805).\n- target: use ISCSI_IQN_LEN in iscsi_target_stat (bsc#1095805).\n- target_core_rbd: break up free_device callback (bsc#1105524).\n- target_core_rbd: use RCU in free_device (bsc#1105524).\n- team: Forbid enslaving team device to itself (bsc#1051510).\n- thermal: of-thermal: disable passive polling when thermal zone is disabled (bsc#1051510).\n- thermal: thermal_hwmon: Convert to hwmon_device_register_with_info() (bsc#1103363).\n- thermal_hwmon: Pass the originating device down to hwmon_device_register_with_info (bsc#1103363).\n- thermal_hwmon: Sanitize attribute name passed to hwmon (bsc#1103363).\n- ti: ethernet: cpdma: Use correct format for genpool_* (bsc#1051510).\n- tools build: fix # escaping in .cmd files for future Make (git-fixes).\n- tools/hv: Fix IP reporting by KVP daemon with SRIOV (bsc#1107207).\n- tools/power turbostat: Read extended processor family from CPUID (bsc#1051510).\n- tools/power turbostat: fix -S on UP systems (bsc#1051510).\n- tools/vm/page-types.c: fix 'defined but not used' warning (bsc#1051510).\n- tools/vm/slabinfo.c: fix sign-compare warning (bsc#1051510).\n- tools: hv: fcopy: set 'error' in case an unknown operation was requested (bsc#1107207).\n- tools: hv: fix compiler warnings about major/target_fname (bsc#1107207).\n- tools: hv: include string.h in hv_fcopy_daemon (bsc#1107207).\n- tools: hv: update lsvmbus to be compatible with python3 (bsc#1107207).\n- tools: usb: ffs-test: Fix build on big endian systems (bsc#1051510).\n- tpm: Introduce flag TPM_TRANSMIT_RAW (bsc#1082555).\n- tpm: cmd_ready command can be issued only after granting locality (bsc#1082555).\n- tpm: fix race condition in tpm_common_write() (bsc#1082555).\n- tpm: fix use after free in tpm2_load_context() (bsc#1082555).\n- tpm: separate cmd_ready/go_idle from runtime_pm (bsc#1082555).\n- tpm: tpm_crb: relinquish locality on error path (bsc#1082555).\n- tpm: vtpm_proxy: Implement request_locality function (bsc#1082555).\n- tracepoint: Do not warn on ENOMEM (bsc#1051510).\n- tracing/x86/xen: Remove zero data size trace events trace_xen_mmu_flush_tlb{_all} (bsc#1110006).\n- tracing: Add barrier to trace_printk() buffer nesting modification (bsc#1112219).\n- tsl2550: fix lux1_input error in low light (bsc#1051510).\n- tty/ldsem: Add lockdep asserts for ldisc_sem (bsc#1105428).\n- tty/ldsem: Convert to regular lockdep annotations (bsc#1105428).\n- tty/ldsem: Decrement wait_readers on timeouted down_read() (bsc#1105428).\n- tty/ldsem: Wake up readers after timed out down_write() (bsc#1105428).\n- tty: Do not block on IO when ldisc change is pending (bsc#1105428).\n- tty: Drop tty->count on tty_reopen() failure (bsc#1051510).\n- tty: Hold tty_ldisc_lock() during tty_reopen() (bsc#1105428).\n- tty: Simplify tty->count math in tty_reopen() (bsc#1105428).\n- tty: fix data race between tty_init_dev and flush of buf (bsc#1105428).\n- tty: fix termios input-speed encoding (bsc#1051510).\n- tty: fix termios input-speed encoding when using BOTHER (bsc#1051510).\n- tty: rocket: Fix possible buffer overwrite on register_PCI (bsc#1051510).\n- tty: serial: 8250: Revert NXP SC16C2552 workaround (bsc#1051510).\n- tty: serial: exar: Relocate sleep wake-up handling (bsc#1051510).\n- tty: serial: lpuart: avoid leaking struct tty_struct (bsc#1051510).\n- tty: vt_ioctl: fix potential Spectre v1 (bsc#1051510).\n- uart: fix race between uart_put_char() and uart_shutdown() (bsc#1051510).\n- ubifs: Check data node size before truncate (bsc#1051510).\n- ubifs: Check for name being NULL while mounting (bsc#1051510).\n- ubifs: Fix directory size calculation for symlinks (bsc#1106230).\n- ubifs: Fix memory leak in lprobs self-check (bsc#1051510).\n- ubifs: Fix synced_i_size calculation for xattr inodes (bsc#1051510).\n- ubifs: xattr: Do not operate on deleted inodes (bsc#1051510).\n- udl-kms: avoid division (bsc#1051510).\n- udl-kms: change down_interruptible to down (bsc#1051510).\n- udl-kms: fix crash due to uninitialized memory (bsc#1051510).\n- udl-kms: handle allocation failure (bsc#1051510).\n- udlfb: set optimal write delay (bsc#1051510).\n- udp: Unbreak modules that rely on external __skb_recv_udp() availability (bsc#1109151).\n- uio, lib: Fix CONFIG_ARCH_HAS_UACCESS_MCSAFE compilation (bsc#1098782).\n- uio: potential double frees if __uio_register_device() fails (bsc#1051510).\n- uio_hv_generic: fix subchannel ring mmap (bsc#1107207).\n- uio_hv_generic: make ring buffer attribute for primary channel (bsc#1107207).\n- uio_hv_generic: set size of ring buffer attribute (bsc#1107207).\n- uio_hv_generic: support sub-channels (bsc#1107207).\n- uio_hv_generic: use correct channel in isr (bsc#1107207).\n- uprobes/x86: Prohibit probing on MOV SS instruction (bsc#1110006).\n- uprobes/x86: Remove incorrect WARN_ON() in uprobe_init_insn() (bsc#1051510).\n- uprobes: Use synchronize_rcu() not synchronize_sched() (bsc#1051510).\n- usb/phy: fix PPC64 build errors in phy-fsl-usb.c (bsc#1051510).\n- usb: Avoid use-after-free by flushing endpoints early in usb_set_interface() (bsc#1051510).\n- usb: Do not die twice if PCI xhci host is not responding in resume (bsc#1051510).\n- usb: cdc_acm: Do not leak URB buffers (bsc#1051510).\n- usb: chipidea: Prevent unbalanced IRQ disable (bsc#1051510).\n- usb: dwc2: Turn on uframe_sched on 'amlogic' platforms (bsc#1102881).\n- usb: dwc2: Turn on uframe_sched on 'bcm' platforms (bsc#1102881).\n- usb: dwc2: Turn on uframe_sched on 'his' platforms (bsc#1102881).\n- usb: dwc2: Turn on uframe_sched on 'stm32f4x9_fsotg' platforms (bsc#1102881).\n- usb: dwc2: fix isoc split in transfer with no data (bsc#1051510).\n- usb: dwc2: gadget: Fix issue in dwc2_gadget_start_isoc() (bsc#1051510).\n- usb: dwc3: change stream event enable bit back to 13 (bsc#1051510).\n- usb: dwc3: pci: add support for Intel IceLake (bsc#1051510).\n- usb: gadget: composite: fix delayed_status race condition when set_interface (bsc#1051510).\n- usb: gadget: dwc2: fix memory leak in gadget_init() (bsc#1051510).\n- usb: gadget: fotg210-udc: Fix memory leak of fotg210->ep[i] (bsc#1051510).\n- usb: gadget: fsl_udc_core: check allocation return value and cleanup on failure (bsc#1051510).\n- usb: gadget: fsl_udc_core: fixup struct_udc_setup documentation (bsc#1051510).\n- usb: gadget: r8a66597: Fix a possible sleep-in-atomic-context bugs in r8a66597_queue() (bsc#1051510).\n- usb: gadget: r8a66597: Fix two possible sleep-in-atomic-context bugs in init_controller() (bsc#1051510).\n- usb: gadget: udc: renesas_usb3: fix maxpacket size of ep0 (bsc#1051510).\n- usb: host: u132-hcd: Fix a sleep-in-atomic-context bug in u132_get_frame() (bsc#1051510).\n- usb: misc: uss720: Fix two sleep-in-atomic-context bugs (bsc#1051510).\n- usb: musb: dsps: do not disable CPPI41 irq in driver teardown (bsc#1051510).\n- usb: uas: add support for more quirk flags (bsc#1051510).\n- usb: wusbcore: security: cast sizeof to int for comparison (bsc#1051510).\n- usb: xhci-mtk: resume USB3 roothub first (bsc#1051510).\n- usb: xhci: increase CRS timeout value (bsc#1051510).\n- usbip: tools: fix atoi() on non-null terminated string (bsc#1051510).\n- use the new async probing feature for the hyperv drivers (bsc#1107207).\n- userfaultfd: hugetlbfs: fix userfaultfd_huge_must_wait() pte access (bsc#1109739).\n- userns: move user access out of the mutex (bsc#1051510).\n- uwb: hwa-rc: fix memory leak at probe (bsc#1051510).\n- vfio/pci: Virtualize Maximum Payload Size (bsc#1051510).\n- vfio/pci: Virtualize Maximum Read Request Size (bsc#1051510).\n- vfio/type1: Fix task tracking for QEMU vCPU hotplug (bsc#1051510).\n- vfs/proc/kcore, x86/mm/kcore: Fix SMAP fault when dumping vsyscall user page (bsc#1110006).\n- vfs: fix freeze protection in mnt_want_write_file() for overlayfs (git-fixes).\n- vhost: correctly check the iova range when waking virtqueue (bsc#1051510).\n- vhost: do not try to access device IOTLB when not initialized (bsc#1051510).\n- vhost: reset metadata cache when initializing new IOTLB (netfilter-stable-18_08_17).\n- vhost: use mutex_lock_nested() in vhost_dev_lock_vqs() (bsc#1051510).\n- vhost_net: validate sock before trying to put its fd (networking-stable-18_07_19).\n- video: fbdev: pxafb: clear allocated memory for video modes (bsc#1051510).\n- video: goldfishfb: fix memory leak on driver remove (bsc#1051510).\n- virtio: pci-legacy: Validate queue pfn (bsc#1051510).\n- vmbus: do not return values for uninitalized channels (bsc#1051510).\n- vmbus: do not return values for uninitalized channels (bsc#1107207).\n- vmci: type promotion bug in qp_host_get_user_memory() (bsc#1105355).\n- vmw_balloon: VMCI_DOORBELL_SET does not check status (bsc#1051510).\n- vmw_balloon: do not use 2MB without batching (bsc#1051510).\n- vmw_balloon: fix VMCI use when balloon built into kernel (bsc#1051510).\n- vmw_balloon: fix inflation of 64-bit GFNs (bsc#1051510).\n- vmw_balloon: remove inflation rate limiting (bsc#1051510).\n- vsock: split dwork to avoid reinitializations (netfilter-stable-18_08_17).\n- vti4: Do not count header length twice on tunnel setup (bsc#1051510).\n- vti6: fix PMTU caching and reporting on xmit (bsc#1051510).\n- vti6: remove !skb->ignore_df check from vti6_xmit() (bsc#1051510).\n- vxlan: add new fdb alloc and create helpers (netfilter-stable-18_07_27).\n- vxlan: fix default fdb entry netlink notify ordering during netdev create (netfilter-stable-18_07_27).\n- vxlan: make netlink notify in vxlan_fdb_destroy optional (netfilter-stable-18_07_27).\n- wan/fsl_ucc_hdlc: use IS_ERR_VALUE() to check return value of qe_muram_alloc (bsc#1051510).\n- watchdog: Mark watchdog touch functions as notrace (git-fixes).\n- wlcore: Add missing PM call for wlcore_cmd_wait_for_event_or_timeout() (bsc#1051510).\n- wlcore: Set rx_status boottime_ns field on rx (bsc#1051510).\n- x86-64/realmode: Add instruction suffix (bsc#1110006).\n- x86/CPU/AMD: Derive CPU topology from CPUID function 0xB when available ().\n- x86/CPU/AMD: Have smp_num_siblings and cpu_llc_id always be present (bsc#1110006).\n- x86/CPU: Add a microcode loader callback (bsc#1110006).\n- x86/CPU: Check CPU feature bits after microcode upgrade (bsc#1110006).\n- x86/CPU: Modify detect_extended_topology() to return result ().\n- x86/EISA: Do not probe EISA bus for Xen PV guests (bsc#1110006).\n- x86/Hyper-V/hv_apic: Build the Hyper-V APIC conditionally (bsc#1107207).\n- x86/Hyper-V/hv_apic: Include asm/apic.h (bsc#1107207).\n- x86/KVM/VMX: Do not set l1tf_flush_l1d from vmx_handle_external_intr() (bsc#1110006).\n- x86/KVM/VMX: Do not set l1tf_flush_l1d to true from vmx_l1d_flush() (bsc#1110006).\n- x86/KVM/VMX: Move the l1tf_flush_l1d test to vmx_l1d_flush() (bsc#1110006).\n- x86/KVM/VMX: Replace 'vmx_l1d_flush_always' with 'vmx_l1d_flush_cond' (bsc#1110006).\n- x86/Kconfig: Limit NR_CPUS on 32-bit to a sane amount (bsc#1110006).\n- x86/LDT: Avoid warning in 32-bit builds with older gcc (bsc#1110006).\n- x86/MCE/AMD: Define a function to get SMCA bank type (bsc#1110006).\n- x86/MCE: Fix stack out-of-bounds write in mce-inject.c: Flags_read() (bsc#1110006).\n- x86/MCE: Remove min interval polling limitation (bsc#1110006).\n- x86/MCE: Report only DRAM ECC as memory errors on AMD systems (bsc#1110006).\n- x86/MCE: Serialize sysfs changes (bsc#1110006).\n- x86/PCI: Make broadcom_postcore_init() check acpi_disabled (bsc#1110006).\n- x86/acpi: Prevent X2APIC id 0xffffffff from being accounted (bsc#1110006).\n- x86/alternatives: Fixup alternative_call_2 (bsc#1110006).\n- x86/apic/vector: Fix off by one in error path (bsc#1110006).\n- x86/apic: Fix restoring boot IRQ mode in reboot and kexec/kdump (bsc#1110006).\n- x86/apic: Set up through-local-APIC mode on the boot CPU if 'noapic' specified (bsc#1110006).\n- x86/apic: Split disable_IO_APIC() into two functions to fix CONFIG_KEXEC_JUMP=y (bsc#1110006).\n- x86/apic: Split out restore_boot_irq_mode() from disable_IO_APIC() (bsc#1110006).\n- x86/asm/memcpy_mcsafe: Add labels for __memcpy_mcsafe() write fault handling (bsc#1098782).\n- x86/asm/memcpy_mcsafe: Add write-protection-fault handling (bsc#1098782).\n- x86/asm/memcpy_mcsafe: Define copy_to_iter_mcsafe() (bsc#1098782).\n- x86/asm/memcpy_mcsafe: Fix copy_to_user_mcsafe() exception handling (bsc#1098782).\n- x86/asm/memcpy_mcsafe: Provide original memcpy_mcsafe_unrolled (bsc#1098782).\n- x86/asm/memcpy_mcsafe: Remove loop unrolling (bsc#1098782).\n- x86/asm/memcpy_mcsafe: Return bytes remaining (bsc#1098782).\n- x86/asm: Add _ASM_ARG* constants for argument registers to asm/asm.h (bsc#1110006).\n- x86/asm: Allow again using asm.h when building for the 'bpf' clang target (bsc#1110006).\n- x86/asm: Do not use the confusing '.ifeq' directive (bsc#1110006).\n- x86/boot/64: Verify alignment of the LOAD segment (bsc#1110006).\n- x86/boot/KASLR: Work around firmware bugs by excluding EFI_BOOT_SERVICES_* and EFI_LOADER_* from KASLR's choice (bsc#1112878).\n- x86/boot/compressed/64: Print error if 5-level paging is not supported (bsc#1110006).\n- x86/boot: Fix if_changed build flip/flop bug (bsc#1110006).\n- x86/boot: Fix kexec booting failure in the SEV bit detection code (bsc#1110301).\n- x86/boot: Move EISA setup to a separate file (bsc#1110006).\n- x86/boot: Relocate definition of the initial state of CR0 (bsc#1110006).\n- x86/build/64: Force the linker to use 2MB page size (bsc#1109603).\n- x86/build: Beautify build log of syscall headers (bsc#1110006).\n- x86/cpu/AMD: Apply the Erratum 688 fix when the BIOS does not (bsc#1110006).\n- x86/cpu/intel: Add missing TLB cpuid values (bsc#1110006).\n- x86/cpufeature: Add User-Mode Instruction Prevention definitions (bsc#1110006).\n- x86/cpufeatures: Add Intel PCONFIG cpufeature (bsc#1110006).\n- x86/cpufeatures: Add Intel Total Memory Encryption cpufeature (bsc#1110006).\n- x86/debug: Handle warnings before the notifier chain, to fix KGDB crash (bsc#1110006).\n- x86/decoder: Add new TEST instruction pattern (bsc#1110006).\n- x86/dumpstack: Save first regs set for the executive summary (bsc#1110006).\n- x86/dumpstack: Unify show_regs() (bsc#1110006).\n- x86/efi: Fix efi_call_phys_epilog() with CONFIG_X86_5LEVEL=y (bsc#1110006).\n- x86/eisa: Add missing include (bsc#1110006).\n- x86/entry/64: Add two more instruction suffixes (bsc#1110006).\n- x86/entry/64: Remove %ebx handling from error_entry/exit (bsc#1102715).\n- x86/entry/64: Use 'xorl' for faster register clearing (bsc#1110006).\n- x86/entry/64: Wipe KASAN stack shadow before rewind_stack_do_exit() (bsc#1110006).\n- x86/entry: Reduce the code footprint of the 'idtentry' macro (bsc#1110006).\n- x86/entry: Use SYSCALL_DEFINE() macros for sys_modify_ldt() (bsc#1110006).\n- x86/espfix/64: Fix espfix double-fault handling on 5-level systems (bsc#1110006).\n- x86/events/intel/ds: Fix bts_interrupt_threshold alignment (git-fixes c1961a4631da).\n- x86/fpu/debug: Remove unused 'x86_fpu_state' and 'x86_fpu_deactivate_state' tracepoints (bsc#1110006).\n- x86/fpu: Make XSAVE check the base CPUID features before enabling (bsc#1110006).\n- x86/fpu: Parse clearcpuid= as early XSAVE argument (bsc#1110006).\n- x86/fpu: Remove second definition of fpu in __fpu__restore_sig() (bsc#1110006).\n- x86/fpu: Remove the explicit clearing of XSAVE dependent features (bsc#1110006).\n- x86/headers/UAPI: Use __u64 instead of u64 in uapi/asm/hyperv.h (bsc#1107207).\n- x86/hyper-V: Allocate the IDT entry early in boot (bsc#1107207).\n- x86/hyper-v: Check cpumask_to_vpset() return value in hyperv_flush_tlb_others_ex() (bsc#1107207).\n- x86/hyper-v: Check for VP_INVAL in hyperv_flush_tlb_others() (bsc#1107207).\n- x86/hyper-v: Fix the circular dependency in IPI enlightenment (bsc#1107207).\n- x86/hyper-v: Fix wrong merge conflict resolution (bsc#1107207).\n- x86/hyper-v: Implement hv_do_fast_hypercall16 (bsc#1107207).\n- x86/hyper-v: Trace PV IPI send (bsc#1107207).\n- x86/hyper-v: Use 'fast' hypercall for HVCALL_SEND_IPI (bsc#1107207).\n- x86/hyper-v: Use cheaper HVCALL_FLUSH_VIRTUAL_ADDRESS_{LIST,SPACE} hypercalls when possible (bsc#1107207).\n- x86/hyper-v: Use cheaper HVCALL_SEND_IPI hypercall when possible (bsc#1107207).\n- x86/hyper-v: allocate and use Virtual Processor Assist Pages (bsc#1107207).\n- x86/hyper-v: define struct hv_enlightened_vmcs and clean field bits (bsc#1107207).\n- x86/hyper-v: detect nested features (bsc#1107207).\n- x86/hyper-v: move definitions from TLFS to hyperv-tlfs.h (bsc#1107207).\n- x86/hyper-v: move hyperv.h out of uapi (bsc#1107207).\n- x86/hyper-v: move struct hv_flush_pcpu{,ex} definitions to common header (bsc#1107207).\n- x86/hyper-v: rename ipi_arg_{ex,non_ex} structures (bsc#1107207).\n- x86/hyperv: Add a function to read both TSC and TSC page value simulateneously (bsc#1107207).\n- x86/hyperv: Add interrupt handler annotations (bsc#1107207).\n- x86/hyperv: Check for required priviliges in hyperv_init() (bsc#1107207).\n- x86/hyperv: Check for required priviliges in hyperv_init() (bsc#1110006).\n- x86/hyperv: Redirect reenlightment notifications on CPU offlining (bsc#1107207).\n- x86/hyperv: Reenlightenment notifications support (bsc#1107207).\n- x86/idt: Load idt early in start_secondary (bsc#1110006).\n- x86/init: fix build with CONFIG_SWAP=n (bsc#1106121).\n- x86/intel_rdt: Enable CMT and MBM on new Skylake stepping (bsc#1110006).\n- x86/intel_rdt: Fix incorrect returned value when creating rdgroup sub-directory in resctrl file system (bsc#1110006).\n- x86/intel_rdt: Fix potential deadlock during resctrl mount (bsc#1110006).\n- x86/intel_rdt: Fix potential deadlock during resctrl unmount (bsc#1110006).\n- x86/irq: Count Hyper-V reenlightenment interrupts (bsc#1107207).\n- x86/irq: Remove an old outdated comment about context tracking races (bsc#1110006).\n- x86/irq: implement irq_data_get_effective_affinity_mask() for v4.12 (bsc#1109772).\n- x86/kasan/64: Teach KASAN about the cpu_entry_area (kasan).\n- x86/kasan: Panic if there is not enough memory to boot (bsc#1110006).\n- x86/kexec: Avoid double free_page() upon do_kexec_load() failure (bsc#1110006).\n- x86/kexec: Correct KEXEC_BACKUP_SRC_END off-by-one error (bsc#1114279).\n- x86/kexec: Make kexec (mostly) work in 5-level paging mode (bsc#1110006).\n- x86/kprobes: Fix kernel crash when probing .entry_trampoline code (bsc#1110006).\n- x86/kvm/hyper-v: add reenlightenment MSRs support (bsc#1107207).\n- x86/kvm/hyper-v: inject #GP only when invalid SINTx vector is unmasked (bsc#1107207).\n- x86/kvm/hyper-v: remove stale entries from vec_bitmap/auto_eoi_bitmap on vector change (bsc#1107207).\n- x86/kvm/vmx: Remove duplicate l1d flush definitions (bsc#1110006).\n- x86/kvm: fix LAPIC timer drift when guest uses periodic mode (bsc#1106240).\n- x86/kvm: rename HV_X64_MSR_APIC_ASSIST_PAGE to HV_X64_MSR_VP_ASSIST_PAGE (bsc#1107207).\n- x86/mce/AMD: Get address from already initialized block (bsc#1110006).\n- x86/mce: Add notifier_block forward declaration (bsc#1110006).\n- x86/mce: Check for alternate indication of machine check recovery on Skylake (bsc#1110006).\n- x86/mce: Do not overwrite MCi_STATUS in mce_no_way_out() (bsc#1110006).\n- x86/mce: Fix incorrect 'Machine check from unknown source' message (bsc#1110006).\n- x86/mce: Fix set_mce_nospec() to avoid #GP fault (bsc#1107783).\n- x86/mce: Improve error message when kernel cannot recover (bsc#1110006).\n- x86/mce: Improve error message when kernel cannot recover (bsc#1110301).\n- x86/mcelog: Get rid of RCU remnants (git-fixes 5de97c9f6d85).\n- x86/memory_failure: Introduce {set, clear}_mce_nospec() (bsc#1107783).\n- x86/microcode/intel: Check microcode revision before updating sibling threads (bsc#1110006).\n- x86/microcode/intel: Fix memleak in save_microcode_patch() (bsc#1110006).\n- x86/microcode/intel: Look into the patch cache first (bsc#1110006).\n- x86/microcode/intel: Save microcode patch unconditionally (bsc#1110006).\n- x86/microcode/intel: Writeback and invalidate caches before updating microcode (bsc#1110006).\n- x86/microcode: Allow late microcode loading with SMT disabled (bsc#1110006).\n- x86/microcode: Attempt late loading only when new microcode is present (bsc#1110006).\n- x86/microcode: Do not exit early from __reload_late() (bsc#1110006).\n- x86/microcode: Do not upload microcode if CPUs are offline (bsc#1110006).\n- x86/microcode: Fix CPU synchronization routine (bsc#1110006).\n- x86/microcode: Get rid of struct apply_microcode_ctx (bsc#1110006).\n- x86/microcode: Make sure boot_cpu_data.microcode is up-to-date (bsc#1110006).\n- x86/microcode: Make the late update update_lock a raw lock for RT (bsc#1110006).\n- x86/microcode: Propagate return value from updating functions (bsc#1110006).\n- x86/microcode: Request microcode on the BSP (bsc#1110006).\n- x86/microcode: Synchronize late microcode loading (bsc#1110006).\n- x86/microcode: Update the new microcode revision unconditionally (bsc#1110006).\n- x86/mm/32: Initialize the CR4 shadow before __flush_tlb_all() (bsc#1110006).\n- x86/mm/64: Rename the register_page_bootmem_memmap() 'size' parameter to 'nr_pages' (bsc#1110006).\n- x86/mm/kasan: Do not use vmemmap_populate() to initialize shadow (kasan).\n- x86/mm/kmmio: Fix mmiotrace for page unaligned addresses (bsc#1110006).\n- x86/mm/kmmio: Make the tracer robust against L1TF (bsc#1110006).\n- x86/mm/memory_hotplug: determine block size based on the end of boot memory (bsc#1108243).\n- x86/mm/pat: Make set_memory_np() L1TF safe (bsc#1110006).\n- x86/mm/pat: Prepare {reserve, free}_memtype() for 'decoy' addresses (bsc#1107783).\n- x86/mm/pti: Add an overflow check to pti_clone_pmds() (bsc#1110006).\n- x86/mm/pti: Fix PTI comment in entry_SYSCALL_64() (bsc#1110006).\n- x86/mm/tlb: Always use lazy TLB mode (bsc#1105467 Reduce IPIs and atomic ops with improved lazy TLB).\n- x86/mm/tlb: Leave lazy TLB mode at page table free time (bsc#1105467 Reduce IPIs and atomic ops with improved lazy TLB).\n- x86/mm/tlb: Make lazy TLB mode lazier (bsc#1105467 Reduce IPIs and atomic ops with improved lazy TLB).\n- x86/mm/tlb: Only send page table free TLB flush to lazy TLB CPUs (bsc#1105467 Reduce IPIs and atomic ops with improved lazy TLB).\n- x86/mm/tlb: Restructure switch_mm_irqs_off() (bsc#1105467 Reduce IPIs and atomic ops with improved lazy TLB).\n- x86/mm/tlb: Skip atomic operations for 'init_mm' in switch_mm_irqs_off() (bsc#1105467 Reduce IPIs and atomic ops with improved lazy TLB).\n- x86/mm: Add TLB purge to free pmd/pte page interfaces (bsc#1110006).\n- x86/mm: Define _PAGE_TABLE using _KERNPG_TABLE (bsc#1110006).\n- x86/mm: Disable ioremap free page handling on x86-PAE (bsc#1110006).\n- x86/mm: Do not forbid _PAGE_RW before init for __ro_after_init (bsc#1110006).\n- x86/mm: Drop TS_COMPAT on 64-bit exec() syscall (bsc#1110006).\n- x86/mm: Expand static page table for fixmap space (bsc#1110006).\n- x86/mm: Fix ELF_ET_DYN_BASE for 5-level paging (bsc#1110006).\n- x86/mm: Fix bogus warning during EFI bootup, use boot_cpu_has() instead of this_cpu_has() in build_cr3_noflush() (bsc#1110006).\n- x86/mm: Relocate page fault error codes to traps.h (bsc#1110006).\n- x86/mm: Remove in_nmi() warning from vmalloc_fault() (bsc#1110006).\n- x86/mm: implement free pmd/pte page interfaces (bsc#1110006).\n- x86/mpx: Do not allow MPX if we have mappings above 47-bit (bsc#1110006).\n- x86/nmi: Fix NMI uaccess race against CR3 switching (bsc#1110006).\n- x86/numa_emulation: Fix emulated-to-physical node mapping (bsc#1110006).\n- x86/oprofile: Fix bogus GCC-8 warning in nmi_setup() (bsc#1110006).\n- x86/pae: use 64 bit atomic xchg function in native_ptep_get_and_clear (bsc#1110006).\n- x86/paravirt: Fix some warning messages (bsc#1065600).\n- x86/paravirt: Fix spectre-v2 mitigations for paravirt guests (bsc#1065600).\n- x86/paravirt: Remove 'noreplace-paravirt' cmdline option (bsc#1110006).\n- x86/percpu: Fix this_cpu_read() (bsc#1110006).\n- x86/pgtable: Do not set huge PUD/PMD on non-leaf entries (bsc#1110006).\n- x86/pkeys: Do not special case protection key 0 (bsc#1110006).\n- x86/pkeys: Override pkey when moving away from PROT_EXEC (bsc#1110006).\n- x86/platform/UV: Add adjustable set memory block size function (bsc#1108243).\n- x86/platform/UV: Add kernel parameter to set memory block size (bsc#1108243).\n- x86/platform/UV: Mark memblock related init code and data correctly (bsc#1108243).\n- x86/platform/UV: Use new set memory block size function (bsc#1108243).\n- x86/power: Fix swsusp_arch_resume prototype (bsc#1110006).\n- x86/process: Do not mix user/kernel regs in 64bit __show_regs() (bsc#1110006).\n- x86/process: Re-export start_thread() (bsc#1110006).\n- x86/pti: Check the return value of pti_user_pagetable_walk_p4d() (bsc#1110006).\n- x86/pti: Check the return value of pti_user_pagetable_walk_pmd() (bsc#1110006).\n- x86/retpoline/checksum32: Convert assembler indirect jumps (bsc#1110006).\n- x86/retpoline/irq32: Convert assembler indirect jumps (bsc#1110006).\n- x86/smp: fix non-SMP broken build due to redefinition of apic_id_is_primary_thread (bsc#1110006).\n- x86/smpboot: Do not use mwait_play_dead() on AMD systems (bsc#1110006).\n- x86/spectre: Add missing family 6 check to microcode check (git-fixes a5b296636453).\n- x86/spectre: Fix spelling mistake: 'vunerable'-> 'vulnerable' (bsc#1110006).\n- x86/speculation, objtool: Annotate indirect calls/jumps for objtool on 32-bit kernels (bsc#1110006).\n- x86/speculation/l1tf: Exempt zeroed PTEs from inversion (bsc#1110006).\n- x86/speculation/l1tf: Extend 64bit swap file size limit (bsc#1110006).\n- x86/speculation/l1tf: Fix off-by-one error when warning that system has too much RAM (bsc#1105536).\n- x86/speculation/l1tf: Fix overflow in l1tf_pfn_limit() on 32bit (bsc#1105536).\n- x86/speculation/l1tf: Fix up pte->pfn conversion for PAE (bsc#1110006).\n- x86/speculation/l1tf: Increase l1tf memory limit for Nehalem+ (bsc#1105536).\n- x86/speculation/l1tf: Invert all not present mappings (bsc#1110006).\n- x86/speculation/l1tf: Make pmd/pud_mknotpresent() invert (bsc#1110006).\n- x86/speculation/l1tf: Protect PAE swap entries against L1TF (bsc#1110006).\n- x86/speculation/l1tf: Suggest what to do on systems with too much RAM (bsc#1105536).\n- x86/speculation: Simplify sysfs report of VMX L1TF vulnerability (bsc#1110006).\n- x86/speculation: Use ARCH_CAPABILITIES to skip L1D flush on vmentry (bsc#1106369).\n- x86/time: Correct the attribute on jiffies' definition (bsc#1110006).\n- x86/topology: Update the 'cpu cores' field in /proc/cpuinfo correctly across CPU hotplug operations (bsc#1110006).\n- x86/tsc: Add missing header to tsc_msr.c (bsc#1110006).\n- x86/tsc: Allow TSC calibration without PIT (bsc#1110006).\n- x86/tsc: Prevent 32bit truncation in calc_hpet_ref() (bsc#1110006).\n- x86/vdso: Fix asm constraints on vDSO syscall fallbacks (bsc#1110006).\n- x86/vdso: Fix lsl operand order (bsc#1110006).\n- x86/vdso: Fix lsl operand order (bsc#1110301).\n- x86/vdso: Fix vDSO syscall fallback asm constraint regression (bsc#1110006).\n- x86/xen/efi: Initialize only the EFI struct members used by Xen (bsc#1107945).\n- x86/xen: Add call of speculative_store_bypass_ht_init() to PV paths (bsc#1065600).\n- x86/xen: Delay get_cpu_cap until stack canary is established (bsc#1110006).\n- x86/xen: Drop 5-level paging support code from the XEN_PV code (bsc#1110006).\n- x86/xen: Reset VCPU0 info pointer after shared_info remap (bsc#1110006).\n- x86/xen: do not write ptes directly in 32-bit PV guests (bsc#1110006).\n- x86: Add check for APIC access address for vmentry of L2 guests (bsc#1110006).\n- x86: Call fixup_exception() before notify_die() in math_error() (bsc#1110006).\n- x86: Delay skip of emulated hypercall instruction (bsc#1107207).\n- x86: Delay skip of emulated hypercall instruction (bsc#1110006).\n- x86: PM: Make APM idle driver initialize polling state (bsc#1110006).\n- x86: i8259: Add missing include file (bsc#1110006).\n- x86: irq_remapping: Move irq remapping mode enum ().\n- x86: kvm: avoid unused variable warning (bsc#1110006).\n- x86: msr-index.h: Correct SNB_C1/C3_AUTO_UNDEMOTE defines (bsc#1110006).\n- x86: msr-index.h: Correct SNB_C1/C3_AUTO_UNDEMOTE defines (bsc#1110301).\n- xen-netfront: fix bug concerning replacement of MAX_SKB_FRAGS with XEN_NETIF_NR_SLOTS_MIN (bsc#1104824).\n- xen-netfront: fix queue name setting (bsc#1065600).\n- xen-netfront: fix warn message as irq device name has '/' (bsc#1065600).\n- xen-swiotlb: fix the check condition for xen_swiotlb_free_coherent (bsc#1065600).\n- xen/PVH: Set up GS segment for stack canary (bsc#1110006).\n- xen/blkback: do not keep persistent grants too long (bsc#1085042).\n- xen/blkback: move persistent grants flags to bool (bsc#1085042).\n- xen/blkback: remove unused pers_gnts_lock from struct (bsc#1085042).\n- xen/blkfront: cleanup stale persistent grants (bsc#1085042).\n- xen/blkfront: reorder tests in xlblk_init() (bsc#1085042).\n- xen/gntdev: avoid out of bounds access in case of partial gntdev_mmap() (bsc#1065600).\n- xen/x86/vpmu: Zero struct pt_regs before calling into sample handling code (bsc#1110006).\n- xen: Fix {set,clear}_foreign_p2m_mapping on autotranslating guests (bsc#1110006).\n- xen: Remove unnecessary BUG_ON from __unbind_from_irq() (bsc#1065600).\n- xen: avoid crash in disable_hotplug_cpu (bsc#1106594).\n- xen: issue warning message when out of grant maptrack entries (bsc#1105795).\n- xen: xenbus_dev_frontend: Fix XS_TRANSACTION_END handling (bsc#1065600).\n- xen: xenbus_dev_frontend: Really return response string (bsc#1065600).\n- xenbus: track caller request id (bsc#1065600).\n- xfrm: use complete IPv6 addresses for hash (bsc#1109330).\n- xfs, dax: introduce xfs_dax_aops (bsc#1104888).\n- xfs: Fix per-inode DAX flag inheritance (Git-fixes bsc#1109511).\n- xfs: Remove dead code from inode recover function (bsc#1105396).\n- xfs: add a new xfs_iext_lookup_extent_before helper (bsc#1095344).\n- xfs: add a xfs_bmap_fork_to_state helper (bsc#1095344).\n- xfs: add a xfs_iext_update_extent helper (bsc#1095344).\n- xfs: add asserts for the mmap lock in xfs_{insert,collapse}_file_space (bsc#1095344).\n- xfs: add comments documenting the rebalance algorithm (bsc#1095344).\n- xfs: add some comments to xfs_iext_insert/xfs_iext_insert_node (bsc#1095344).\n- xfs: allow unaligned extent records in xfs_bmbt_disk_set_all (bsc#1095344).\n- xfs: do not create overlapping extents in xfs_bmap_add_extent_delay_real (bsc#1095344).\n- xfs: do not fail when converting shortform attr to long form during ATTR_REPLACE (bsc#1105025).\n- xfs: do not rely on extent indices in xfs_bmap_collapse_extents (bsc#1095344).\n- xfs: do not rely on extent indices in xfs_bmap_insert_extents (bsc#1095344).\n- xfs: do not set XFS_BTCUR_BPRV_WASDEL in xfs_bunmapi (bsc#1095344).\n- xfs: fix memory leak in xfs_iext_free_last_leaf (bsc#1095344).\n- xfs: fix number of records handling in xfs_iext_split_leaf (bsc#1095344).\n- xfs: fix type usage (bsc#1095344).\n- xfs: handle zero entries case in xfs_iext_rebalance_leaf (bsc#1095344).\n- xfs: inline xfs_shift_file_space into callers (bsc#1095344).\n- xfs: introduce the xfs_iext_cursor abstraction (bsc#1095344).\n- xfs: iterate backwards in xfs_reflink_cancel_cow_blocks (bsc#1095344).\n- xfs: iterate over extents in xfs_bmap_extents_to_btree (bsc#1095344).\n- xfs: iterate over extents in xfs_iextents_copy (bsc#1095344).\n- xfs: make better use of the 'state' variable in xfs_bmap_del_extent_real (bsc#1095344).\n- xfs: merge xfs_bmap_read_extents into xfs_iread_extents (bsc#1095344).\n- xfs: move pre/post-bmap tracing into xfs_iext_update_extent (bsc#1095344).\n- xfs: move some code around inside xfs_bmap_shift_extents (bsc#1095344).\n- xfs: move some more code into xfs_bmap_del_extent_real (bsc#1095344).\n- xfs: move xfs_bmbt_irec and xfs_exntst_t to xfs_types.h (bsc#1095344).\n- xfs: move xfs_iext_insert tracepoint to report useful information (bsc#1095344).\n- xfs: pass a struct xfs_bmbt_irec to xfs_bmbt_lookup_eq (bsc#1095344).\n- xfs: pass a struct xfs_bmbt_irec to xfs_bmbt_update (bsc#1095344).\n- xfs: pass an on-disk extent to xfs_bmbt_validate_extent (bsc#1095344).\n- xfs: pass struct xfs_bmbt_irec to xfs_bmbt_validate_extent (bsc#1095344).\n- xfs: preserve i_rdev when recycling a reclaimable inode (bsc#1095344).\n- xfs: refactor delalloc accounting in xfs_bmap_add_extent_delay_real (bsc#1095344).\n- xfs: refactor dir2 leaf readahead shadow buffer cleverness (bsc#1095344).\n- xfs: refactor xfs_bmap_add_extent_delay_real (bsc#1095344).\n- xfs: refactor xfs_bmap_add_extent_hole_delay (bsc#1095344).\n- xfs: refactor xfs_bmap_add_extent_hole_real (bsc#1095344).\n- xfs: refactor xfs_bmap_add_extent_unwritten_real (bsc#1095344).\n- xfs: refactor xfs_del_extent_real (bsc#1095344).\n- xfs: remove XFS_BMAP_MAX_SHIFT_EXTENTS (bsc#1095344).\n- xfs: remove XFS_BMAP_TRACE_EXLIST (bsc#1095344).\n- xfs: remove a duplicate assignment in xfs_bmap_add_extent_delay_real (bsc#1095344).\n- xfs: remove a superflous assignment in xfs_iext_remove_node (bsc#1095344).\n- xfs: remove all xfs_bmbt_set_* helpers except for xfs_bmbt_set_all (bsc#1095344).\n- xfs: remove if_rdev (bsc#1095344).\n- xfs: remove post-bmap tracing in xfs_bmap_local_to_extents (bsc#1095344).\n- xfs: remove support for inlining data/extents into the inode fork (bsc#1095344).\n- xfs: remove the never fully implemented UUID fork format (bsc#1095344).\n- xfs: remove the nr_extents argument to xfs_iext_insert (bsc#1095344).\n- xfs: remove the nr_extents argument to xfs_iext_remove (bsc#1095344).\n- xfs: remove xfs_bmbt_get_state (bsc#1095344).\n- xfs: remove xfs_bmse_shift_one (bsc#1095344).\n- xfs: rename bno to end in __xfs_bunmapi (bsc#1095344).\n- xfs: repair malformed inode items during log recovery (bsc#1105396).\n- xfs: replace xfs_bmbt_lookup_ge with xfs_bmbt_lookup_first (bsc#1095344).\n- xfs: replace xfs_qm_get_rtblks with a direct call to xfs_bmap_count_leaves (bsc#1095344).\n- xfs: rewrite getbmap using the xfs_iext_* helpers (bsc#1095344).\n- xfs: rewrite xfs_bmap_count_leaves using xfs_iext_get_extent (bsc#1095344).\n- xfs: rewrite xfs_bmap_first_unused to make better use of xfs_iext_get_extent (bsc#1095344).\n- xfs: simplify the xfs_getbmap interface (bsc#1095344).\n- xfs: simplify xfs_reflink_convert_cow (bsc#1095344).\n- xfs: split xfs_bmap_shift_extents (bsc#1095344).\n- xfs: switch xfs_bmap_local_to_extents to use xfs_iext_insert (bsc#1095344).\n- xfs: treat idx as a cursor in xfs_bmap_add_extent_delay_real (bsc#1095344).\n- xfs: treat idx as a cursor in xfs_bmap_add_extent_hole_delay (bsc#1095344).\n- xfs: treat idx as a cursor in xfs_bmap_add_extent_hole_real (bsc#1095344).\n- xfs: treat idx as a cursor in xfs_bmap_add_extent_unwritten_real (bsc#1095344).\n- xfs: treat idx as a cursor in xfs_bmap_collapse_extents (bsc#1095344).\n- xfs: treat idx as a cursor in xfs_bmap_del_extent_* (bsc#1095344).\n- xfs: trivial indentation fixup for xfs_iext_remove_node (bsc#1095344).\n- xfs: update got in xfs_bmap_shift_update_extent (bsc#1095344).\n- xfs: use a b+tree for the in-core extent list (bsc#1095344).\n- xfs: use correct state defines in xfs_bmap_del_extent_{cow,delay} (bsc#1095344).\n- xfs: use the state defines in xfs_bmap_del_extent_real (bsc#1095344).\n- xfs: use xfs_bmap_del_extent_delay for the data fork as well (bsc#1095344).\n- xfs: use xfs_iext_*_extent helpers in xfs_bmap_shift_extents (bsc#1095344).\n- xfs: use xfs_iext_*_extent helpers in xfs_bmap_split_extent_at (bsc#1095344).\n- xfs: use xfs_iext_get_extent in xfs_bmap_first_unused (bsc#1095344).\n- xfs: use xfs_iext_get_extent instead of open coding it (bsc#1095344).\n- xhci: Add missing CAS workaround for Intel Sunrise Point xHCI (bsc#1051510).\n- xhci: Do not print a warning when setting link state for disabled ports (bsc#1051510).\n- xhci: Fix use after free for URB cancellation on a reallocated endpoint (bsc#1051510).\n- zram: fix null dereference of handle (bsc#1105355).\n", title: "Description of the patch", }, { category: "details", text: "SUSE-SLE-Module-Public-Cloud-15-2018-2819", title: "Patchnames", }, { category: "legal_disclaimer", text: "CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).", title: "Terms of use", }, ], publisher: { category: "vendor", contact_details: "https://www.suse.com/support/security/contact/", name: "SUSE Product Security Team", namespace: "https://www.suse.com/", }, references: [ { category: "external", summary: "SUSE ratings", url: "https://www.suse.com/support/security/rating/", }, { category: "self", summary: "URL of this CSAF notice", url: "https://ftp.suse.com/pub/projects/security/csaf/suse-su-2018_3961-1.json", }, { category: "self", summary: "URL for SUSE-SU-2018:3961-1", url: "https://www.suse.com/support/update/announcement/2018/suse-su-20183961-1/", }, { category: "self", summary: "E-Mail link for SUSE-SU-2018:3961-1", url: "https://lists.suse.com/pipermail/sle-security-updates/2018-November/004905.html", }, { category: "self", summary: "SUSE Bug 1012382", url: "https://bugzilla.suse.com/1012382", }, { category: "self", summary: "SUSE Bug 1031392", url: "https://bugzilla.suse.com/1031392", }, { category: "self", summary: "SUSE Bug 1043912", url: "https://bugzilla.suse.com/1043912", }, { category: "self", summary: "SUSE Bug 1044189", url: "https://bugzilla.suse.com/1044189", }, { category: "self", summary: "SUSE Bug 1046302", url: "https://bugzilla.suse.com/1046302", }, { category: "self", summary: "SUSE Bug 1046305", url: "https://bugzilla.suse.com/1046305", }, { category: "self", summary: "SUSE Bug 1046306", url: "https://bugzilla.suse.com/1046306", }, { category: "self", summary: "SUSE Bug 1046307", url: "https://bugzilla.suse.com/1046307", }, { category: "self", summary: "SUSE Bug 1046540", url: "https://bugzilla.suse.com/1046540", }, { category: "self", summary: "SUSE Bug 1046543", url: "https://bugzilla.suse.com/1046543", }, { category: "self", summary: "SUSE Bug 1050244", url: "https://bugzilla.suse.com/1050244", }, { category: "self", summary: "SUSE Bug 1050319", url: "https://bugzilla.suse.com/1050319", }, { category: "self", summary: "SUSE Bug 1050536", url: "https://bugzilla.suse.com/1050536", }, { category: "self", summary: "SUSE Bug 1050540", url: "https://bugzilla.suse.com/1050540", }, { category: "self", summary: "SUSE Bug 1051510", url: "https://bugzilla.suse.com/1051510", }, { category: "self", summary: "SUSE Bug 1054914", url: "https://bugzilla.suse.com/1054914", }, { category: "self", summary: "SUSE Bug 1055014", url: "https://bugzilla.suse.com/1055014", }, { category: "self", summary: "SUSE Bug 1055117", url: "https://bugzilla.suse.com/1055117", }, { category: "self", summary: "SUSE Bug 1055120", url: "https://bugzilla.suse.com/1055120", }, { category: "self", summary: "SUSE Bug 1058659", url: "https://bugzilla.suse.com/1058659", }, { category: "self", summary: "SUSE Bug 1060463", url: "https://bugzilla.suse.com/1060463", }, { category: "self", summary: "SUSE Bug 1061840", url: "https://bugzilla.suse.com/1061840", }, { category: "self", summary: "SUSE Bug 1065600", url: "https://bugzilla.suse.com/1065600", }, { category: "self", summary: "SUSE Bug 1065729", url: "https://bugzilla.suse.com/1065729", }, { category: "self", summary: "SUSE Bug 1066674", url: "https://bugzilla.suse.com/1066674", }, { category: "self", summary: "SUSE Bug 1067126", url: "https://bugzilla.suse.com/1067126", }, { category: "self", summary: "SUSE Bug 1067906", url: "https://bugzilla.suse.com/1067906", }, { category: "self", summary: "SUSE Bug 1068032", url: "https://bugzilla.suse.com/1068032", }, { category: "self", summary: "SUSE Bug 1069138", url: "https://bugzilla.suse.com/1069138", }, { category: "self", summary: "SUSE Bug 1071995", url: "https://bugzilla.suse.com/1071995", }, { category: "self", summary: "SUSE Bug 1076830", url: "https://bugzilla.suse.com/1076830", }, { category: "self", summary: "SUSE Bug 1077761", url: "https://bugzilla.suse.com/1077761", }, { category: "self", summary: "SUSE Bug 1077989", url: "https://bugzilla.suse.com/1077989", }, { category: "self", summary: "SUSE Bug 1078720", url: "https://bugzilla.suse.com/1078720", }, { category: "self", summary: "SUSE Bug 1079524", url: "https://bugzilla.suse.com/1079524", }, { category: "self", summary: "SUSE Bug 1080157", url: "https://bugzilla.suse.com/1080157", }, { category: "self", summary: "SUSE Bug 1082519", url: "https://bugzilla.suse.com/1082519", }, { category: "self", summary: "SUSE Bug 1082555", url: "https://bugzilla.suse.com/1082555", }, { category: "self", summary: "SUSE Bug 1083647", url: "https://bugzilla.suse.com/1083647", }, { category: "self", summary: "SUSE Bug 1083663", url: "https://bugzilla.suse.com/1083663", }, { category: "self", summary: "SUSE Bug 1084760", url: "https://bugzilla.suse.com/1084760", }, { category: "self", summary: "SUSE Bug 1084831", url: "https://bugzilla.suse.com/1084831", }, { category: "self", summary: "SUSE Bug 1085030", url: "https://bugzilla.suse.com/1085030", }, { category: "self", summary: "SUSE Bug 1085042", url: "https://bugzilla.suse.com/1085042", }, { category: "self", summary: "SUSE Bug 1085262", url: "https://bugzilla.suse.com/1085262", }, { category: "self", summary: "SUSE Bug 1086282", url: "https://bugzilla.suse.com/1086282", }, { category: "self", summary: "SUSE Bug 1086283", url: "https://bugzilla.suse.com/1086283", }, { category: "self", summary: "SUSE Bug 1086288", url: "https://bugzilla.suse.com/1086288", }, { category: "self", summary: "SUSE Bug 1086327", url: "https://bugzilla.suse.com/1086327", }, { category: "self", summary: "SUSE Bug 1089663", url: "https://bugzilla.suse.com/1089663", }, { category: "self", summary: "SUSE Bug 1090078", url: "https://bugzilla.suse.com/1090078", }, { category: "self", summary: "SUSE Bug 1091800", url: "https://bugzilla.suse.com/1091800", }, { category: "self", summary: "SUSE Bug 1092903", url: "https://bugzilla.suse.com/1092903", }, { category: "self", summary: "SUSE Bug 1094244", url: "https://bugzilla.suse.com/1094244", }, { category: "self", summary: "SUSE Bug 1094825", url: "https://bugzilla.suse.com/1094825", }, { category: "self", summary: "SUSE Bug 1095344", url: "https://bugzilla.suse.com/1095344", }, { category: "self", summary: "SUSE Bug 1095805", url: "https://bugzilla.suse.com/1095805", }, { category: "self", summary: "SUSE Bug 1096748", url: "https://bugzilla.suse.com/1096748", }, { category: "self", summary: "SUSE Bug 1097105", url: "https://bugzilla.suse.com/1097105", }, { category: "self", summary: "SUSE Bug 1097583", url: "https://bugzilla.suse.com/1097583", }, { category: "self", summary: "SUSE Bug 1097584", url: "https://bugzilla.suse.com/1097584", }, { category: "self", summary: "SUSE Bug 1097585", url: "https://bugzilla.suse.com/1097585", }, { category: "self", summary: "SUSE Bug 1097586", url: "https://bugzilla.suse.com/1097586", }, { category: "self", summary: "SUSE Bug 1097587", url: "https://bugzilla.suse.com/1097587", }, { category: "self", summary: "SUSE Bug 1097588", url: "https://bugzilla.suse.com/1097588", }, { category: "self", summary: "SUSE Bug 1098459", url: "https://bugzilla.suse.com/1098459", }, { category: "self", summary: "SUSE Bug 1098782", url: "https://bugzilla.suse.com/1098782", }, { category: "self", summary: "SUSE Bug 1098822", url: "https://bugzilla.suse.com/1098822", }, { category: "self", summary: "SUSE Bug 1099125", url: "https://bugzilla.suse.com/1099125", }, { category: "self", summary: "SUSE Bug 1099922", url: "https://bugzilla.suse.com/1099922", }, { category: "self", summary: "SUSE Bug 1099999", url: "https://bugzilla.suse.com/1099999", }, { category: "self", summary: "SUSE Bug 1100001", url: "https://bugzilla.suse.com/1100001", }, { category: "self", summary: "SUSE Bug 1100132", url: "https://bugzilla.suse.com/1100132", }, { category: "self", summary: "SUSE Bug 1101480", url: "https://bugzilla.suse.com/1101480", }, { category: "self", summary: "SUSE Bug 1101557", url: "https://bugzilla.suse.com/1101557", }, { category: "self", summary: "SUSE Bug 1101669", url: "https://bugzilla.suse.com/1101669", }, { category: "self", summary: "SUSE Bug 1102346", url: "https://bugzilla.suse.com/1102346", }, { category: "self", summary: "SUSE Bug 1102495", url: "https://bugzilla.suse.com/1102495", }, { category: "self", summary: "SUSE Bug 1102517", url: "https://bugzilla.suse.com/1102517", }, { category: "self", summary: "SUSE Bug 1102715", url: "https://bugzilla.suse.com/1102715", }, { category: "self", summary: "SUSE Bug 1102870", url: "https://bugzilla.suse.com/1102870", }, { category: "self", summary: "SUSE Bug 1102875", url: "https://bugzilla.suse.com/1102875", }, { category: "self", summary: "SUSE Bug 1102877", url: "https://bugzilla.suse.com/1102877", }, { category: "self", summary: "SUSE Bug 1102879", url: "https://bugzilla.suse.com/1102879", }, { category: "self", summary: "SUSE Bug 1102881", url: "https://bugzilla.suse.com/1102881", }, { category: "self", summary: "SUSE Bug 1102882", url: "https://bugzilla.suse.com/1102882", }, { category: "self", summary: "SUSE Bug 1102896", url: "https://bugzilla.suse.com/1102896", }, { category: "self", summary: "SUSE Bug 1103269", url: "https://bugzilla.suse.com/1103269", }, { category: "self", summary: "SUSE Bug 1103308", url: "https://bugzilla.suse.com/1103308", }, { category: "self", summary: "SUSE Bug 1103356", url: "https://bugzilla.suse.com/1103356", }, { category: "self", summary: "SUSE Bug 1103363", url: "https://bugzilla.suse.com/1103363", }, { category: "self", summary: "SUSE Bug 1103387", url: "https://bugzilla.suse.com/1103387", }, { category: "self", summary: "SUSE Bug 1103405", url: "https://bugzilla.suse.com/1103405", }, { category: "self", summary: "SUSE Bug 1103421", url: "https://bugzilla.suse.com/1103421", }, { category: "self", summary: "SUSE Bug 1103543", url: "https://bugzilla.suse.com/1103543", }, { category: "self", summary: "SUSE Bug 1103587", url: "https://bugzilla.suse.com/1103587", }, { category: "self", summary: "SUSE Bug 1103636", url: "https://bugzilla.suse.com/1103636", }, { category: "self", summary: "SUSE Bug 1103948", url: "https://bugzilla.suse.com/1103948", }, { category: "self", summary: "SUSE Bug 1103949", url: "https://bugzilla.suse.com/1103949", }, { category: "self", summary: "SUSE Bug 1103961", url: "https://bugzilla.suse.com/1103961", }, { category: "self", summary: "SUSE Bug 1104172", url: "https://bugzilla.suse.com/1104172", }, { category: "self", summary: "SUSE Bug 1104353", url: "https://bugzilla.suse.com/1104353", }, { category: "self", summary: "SUSE Bug 1104482", url: "https://bugzilla.suse.com/1104482", }, { category: "self", summary: "SUSE Bug 1104683", url: "https://bugzilla.suse.com/1104683", }, { category: "self", summary: "SUSE Bug 1104731", url: "https://bugzilla.suse.com/1104731", }, { category: "self", summary: "SUSE Bug 1104824", url: "https://bugzilla.suse.com/1104824", }, { category: "self", summary: "SUSE Bug 1104888", url: "https://bugzilla.suse.com/1104888", }, { category: "self", summary: "SUSE Bug 1104890", url: "https://bugzilla.suse.com/1104890", }, { category: "self", summary: "SUSE Bug 1105025", url: "https://bugzilla.suse.com/1105025", }, { category: "self", summary: "SUSE Bug 1105190", url: "https://bugzilla.suse.com/1105190", }, { category: "self", summary: "SUSE Bug 1105247", url: "https://bugzilla.suse.com/1105247", }, { category: "self", summary: "SUSE Bug 1105292", url: "https://bugzilla.suse.com/1105292", }, { category: "self", summary: "SUSE Bug 1105322", url: "https://bugzilla.suse.com/1105322", }, { category: "self", summary: "SUSE Bug 1105355", url: "https://bugzilla.suse.com/1105355", }, { category: "self", summary: "SUSE Bug 1105378", url: "https://bugzilla.suse.com/1105378", }, { category: "self", summary: "SUSE Bug 1105396", url: "https://bugzilla.suse.com/1105396", }, { category: "self", summary: "SUSE Bug 1105428", url: "https://bugzilla.suse.com/1105428", }, { category: "self", summary: "SUSE Bug 1105467", url: "https://bugzilla.suse.com/1105467", }, { category: "self", summary: "SUSE Bug 1105524", url: "https://bugzilla.suse.com/1105524", }, { category: "self", summary: "SUSE Bug 1105536", url: "https://bugzilla.suse.com/1105536", }, { category: "self", summary: "SUSE Bug 1105597", url: "https://bugzilla.suse.com/1105597", }, { category: "self", summary: "SUSE Bug 1105603", url: "https://bugzilla.suse.com/1105603", }, { category: "self", summary: "SUSE Bug 1105672", url: "https://bugzilla.suse.com/1105672", }, { category: "self", summary: "SUSE Bug 1105731", url: "https://bugzilla.suse.com/1105731", }, { category: "self", summary: "SUSE Bug 1105795", url: "https://bugzilla.suse.com/1105795", }, { category: "self", summary: "SUSE Bug 1105907", url: "https://bugzilla.suse.com/1105907", }, { category: "self", summary: "SUSE Bug 1106007", url: "https://bugzilla.suse.com/1106007", }, { category: "self", summary: "SUSE Bug 1106016", url: "https://bugzilla.suse.com/1106016", }, { category: "self", summary: "SUSE Bug 1106105", url: "https://bugzilla.suse.com/1106105", }, { category: "self", summary: "SUSE Bug 1106110", url: "https://bugzilla.suse.com/1106110", }, { category: "self", summary: "SUSE Bug 1106121", url: "https://bugzilla.suse.com/1106121", }, { category: "self", summary: "SUSE Bug 1106170", url: "https://bugzilla.suse.com/1106170", }, { category: "self", summary: "SUSE Bug 1106178", url: "https://bugzilla.suse.com/1106178", }, { category: "self", summary: "SUSE Bug 1106229", url: "https://bugzilla.suse.com/1106229", }, { category: "self", summary: "SUSE Bug 1106230", url: "https://bugzilla.suse.com/1106230", }, { category: "self", summary: "SUSE Bug 1106231", url: "https://bugzilla.suse.com/1106231", }, { category: "self", summary: "SUSE Bug 1106233", url: "https://bugzilla.suse.com/1106233", }, { category: "self", summary: "SUSE Bug 1106235", url: "https://bugzilla.suse.com/1106235", }, { category: "self", summary: "SUSE Bug 1106236", url: "https://bugzilla.suse.com/1106236", }, { category: "self", summary: "SUSE Bug 1106237", url: "https://bugzilla.suse.com/1106237", }, { category: "self", summary: "SUSE Bug 1106238", url: "https://bugzilla.suse.com/1106238", }, { category: "self", summary: "SUSE Bug 1106240", url: "https://bugzilla.suse.com/1106240", }, { category: "self", summary: "SUSE Bug 1106291", url: "https://bugzilla.suse.com/1106291", }, { category: "self", summary: "SUSE Bug 1106297", url: "https://bugzilla.suse.com/1106297", }, { category: "self", summary: "SUSE Bug 1106333", url: "https://bugzilla.suse.com/1106333", }, { category: "self", summary: "SUSE Bug 1106369", url: "https://bugzilla.suse.com/1106369", }, { category: "self", summary: "SUSE Bug 1106427", url: "https://bugzilla.suse.com/1106427", }, { category: "self", summary: "SUSE Bug 1106464", url: "https://bugzilla.suse.com/1106464", }, { category: "self", summary: "SUSE Bug 1106509", url: "https://bugzilla.suse.com/1106509", }, { category: "self", summary: "SUSE Bug 1106511", url: "https://bugzilla.suse.com/1106511", }, { category: "self", summary: "SUSE Bug 1106594", url: "https://bugzilla.suse.com/1106594", }, { category: "self", summary: "SUSE Bug 1106636", url: "https://bugzilla.suse.com/1106636", }, { category: "self", summary: "SUSE Bug 1106688", url: "https://bugzilla.suse.com/1106688", }, { category: "self", summary: "SUSE Bug 1106697", url: "https://bugzilla.suse.com/1106697", }, { category: "self", summary: "SUSE Bug 1106779", url: "https://bugzilla.suse.com/1106779", }, { category: "self", summary: "SUSE Bug 1106800", url: "https://bugzilla.suse.com/1106800", }, { category: "self", summary: "SUSE Bug 1106838", url: "https://bugzilla.suse.com/1106838", }, { category: "self", summary: "SUSE Bug 1106890", url: "https://bugzilla.suse.com/1106890", }, { category: "self", summary: "SUSE Bug 1106891", url: "https://bugzilla.suse.com/1106891", }, { category: "self", summary: "SUSE Bug 1106892", url: "https://bugzilla.suse.com/1106892", }, { category: "self", summary: "SUSE Bug 1106893", url: "https://bugzilla.suse.com/1106893", }, { category: "self", summary: "SUSE Bug 1106894", url: "https://bugzilla.suse.com/1106894", }, { category: "self", summary: "SUSE Bug 1106896", url: "https://bugzilla.suse.com/1106896", }, { category: "self", summary: "SUSE Bug 1106897", url: "https://bugzilla.suse.com/1106897", }, { category: "self", summary: "SUSE Bug 1106898", url: "https://bugzilla.suse.com/1106898", }, { category: "self", summary: "SUSE Bug 1106899", url: "https://bugzilla.suse.com/1106899", }, { category: "self", summary: "SUSE Bug 1106900", url: "https://bugzilla.suse.com/1106900", }, { category: "self", summary: "SUSE Bug 1106901", url: "https://bugzilla.suse.com/1106901", }, { category: "self", summary: "SUSE Bug 1106902", url: "https://bugzilla.suse.com/1106902", }, { category: "self", summary: "SUSE Bug 1106903", url: "https://bugzilla.suse.com/1106903", }, { category: "self", summary: "SUSE Bug 1106905", url: "https://bugzilla.suse.com/1106905", }, { category: "self", summary: "SUSE Bug 1106906", url: "https://bugzilla.suse.com/1106906", }, { category: "self", summary: "SUSE Bug 1106948", url: "https://bugzilla.suse.com/1106948", }, { category: "self", summary: "SUSE Bug 1106995", url: "https://bugzilla.suse.com/1106995", }, { category: "self", summary: "SUSE Bug 1107008", url: "https://bugzilla.suse.com/1107008", }, { category: "self", summary: "SUSE Bug 1107060", url: "https://bugzilla.suse.com/1107060", }, { category: "self", summary: "SUSE Bug 1107061", url: "https://bugzilla.suse.com/1107061", }, { category: "self", summary: "SUSE Bug 1107065", url: "https://bugzilla.suse.com/1107065", }, { category: "self", summary: "SUSE Bug 1107074", url: "https://bugzilla.suse.com/1107074", }, { category: "self", summary: "SUSE Bug 1107207", url: "https://bugzilla.suse.com/1107207", }, { category: "self", summary: "SUSE Bug 1107319", url: "https://bugzilla.suse.com/1107319", }, { category: "self", summary: "SUSE Bug 1107320", url: "https://bugzilla.suse.com/1107320", }, { category: "self", summary: "SUSE Bug 1107522", url: "https://bugzilla.suse.com/1107522", }, { category: "self", summary: "SUSE Bug 1107535", url: "https://bugzilla.suse.com/1107535", }, { category: "self", summary: "SUSE Bug 1107685", url: "https://bugzilla.suse.com/1107685", }, { category: "self", summary: "SUSE Bug 1107689", url: "https://bugzilla.suse.com/1107689", }, { category: "self", summary: "SUSE Bug 1107735", url: "https://bugzilla.suse.com/1107735", }, { category: "self", summary: "SUSE Bug 1107756", url: "https://bugzilla.suse.com/1107756", }, { category: "self", summary: "SUSE Bug 1107783", url: "https://bugzilla.suse.com/1107783", }, { category: "self", summary: "SUSE Bug 1107829", url: "https://bugzilla.suse.com/1107829", }, { category: "self", summary: "SUSE Bug 1107870", url: "https://bugzilla.suse.com/1107870", }, { category: "self", summary: "SUSE Bug 1107924", url: "https://bugzilla.suse.com/1107924", }, { category: "self", summary: "SUSE Bug 1107928", url: "https://bugzilla.suse.com/1107928", }, { category: "self", summary: "SUSE Bug 1107945", url: "https://bugzilla.suse.com/1107945", }, { category: "self", summary: "SUSE Bug 1107947", url: "https://bugzilla.suse.com/1107947", }, { category: "self", summary: "SUSE Bug 1107966", url: "https://bugzilla.suse.com/1107966", }, { category: "self", summary: "SUSE Bug 1108010", url: "https://bugzilla.suse.com/1108010", }, { category: "self", summary: "SUSE Bug 1108093", url: "https://bugzilla.suse.com/1108093", }, { category: "self", summary: "SUSE Bug 1108096", url: "https://bugzilla.suse.com/1108096", }, { category: "self", summary: "SUSE Bug 1108170", url: "https://bugzilla.suse.com/1108170", }, { category: "self", summary: "SUSE Bug 1108241", url: "https://bugzilla.suse.com/1108241", }, { category: "self", summary: "SUSE Bug 1108243", url: "https://bugzilla.suse.com/1108243", }, { category: "self", summary: "SUSE Bug 1108260", url: "https://bugzilla.suse.com/1108260", }, { category: "self", summary: "SUSE Bug 1108281", url: "https://bugzilla.suse.com/1108281", }, { category: "self", summary: "SUSE Bug 1108323", url: "https://bugzilla.suse.com/1108323", }, { category: "self", summary: "SUSE Bug 1108377", url: "https://bugzilla.suse.com/1108377", }, { category: "self", summary: "SUSE Bug 1108399", url: "https://bugzilla.suse.com/1108399", }, { category: "self", summary: "SUSE Bug 1108468", url: "https://bugzilla.suse.com/1108468", }, { category: "self", summary: "SUSE Bug 1108520", url: "https://bugzilla.suse.com/1108520", }, { category: "self", summary: "SUSE Bug 1108823", url: "https://bugzilla.suse.com/1108823", }, { category: "self", summary: "SUSE Bug 1108841", url: "https://bugzilla.suse.com/1108841", }, { category: "self", summary: "SUSE Bug 1108870", url: "https://bugzilla.suse.com/1108870", }, { category: "self", summary: "SUSE Bug 1109151", url: "https://bugzilla.suse.com/1109151", }, { category: "self", summary: "SUSE Bug 1109158", url: "https://bugzilla.suse.com/1109158", }, { category: "self", summary: "SUSE Bug 1109217", url: "https://bugzilla.suse.com/1109217", }, { category: "self", summary: "SUSE Bug 1109244", url: "https://bugzilla.suse.com/1109244", }, { category: "self", summary: "SUSE Bug 1109269", url: "https://bugzilla.suse.com/1109269", }, { category: "self", summary: "SUSE Bug 1109330", url: "https://bugzilla.suse.com/1109330", }, { category: "self", summary: "SUSE Bug 1109333", url: "https://bugzilla.suse.com/1109333", }, { category: "self", summary: "SUSE Bug 1109336", url: "https://bugzilla.suse.com/1109336", }, { category: "self", summary: "SUSE Bug 1109337", url: "https://bugzilla.suse.com/1109337", }, { category: "self", summary: "SUSE Bug 1109511", url: "https://bugzilla.suse.com/1109511", }, { category: "self", summary: "SUSE Bug 1109603", url: "https://bugzilla.suse.com/1109603", }, { category: "self", summary: "SUSE Bug 1109739", url: "https://bugzilla.suse.com/1109739", }, { category: "self", summary: "SUSE Bug 1109772", url: "https://bugzilla.suse.com/1109772", }, { category: "self", summary: "SUSE Bug 1109784", url: "https://bugzilla.suse.com/1109784", }, { category: "self", summary: "SUSE Bug 1109806", url: "https://bugzilla.suse.com/1109806", }, { category: "self", summary: "SUSE Bug 1109818", url: "https://bugzilla.suse.com/1109818", }, { category: "self", summary: "SUSE Bug 1109907", url: "https://bugzilla.suse.com/1109907", }, { category: "self", summary: "SUSE Bug 1109915", url: "https://bugzilla.suse.com/1109915", }, { category: "self", summary: "SUSE Bug 1109919", url: "https://bugzilla.suse.com/1109919", }, { category: "self", summary: "SUSE Bug 1109951", url: "https://bugzilla.suse.com/1109951", }, { category: "self", summary: "SUSE Bug 1109979", url: "https://bugzilla.suse.com/1109979", }, { category: "self", summary: "SUSE Bug 1109992", url: "https://bugzilla.suse.com/1109992", }, { category: "self", summary: "SUSE Bug 1110006", url: "https://bugzilla.suse.com/1110006", }, { category: "self", summary: "SUSE Bug 1110096", url: "https://bugzilla.suse.com/1110096", }, { category: "self", summary: "SUSE Bug 1110301", url: "https://bugzilla.suse.com/1110301", }, { category: "self", summary: "SUSE Bug 1110363", url: "https://bugzilla.suse.com/1110363", }, { category: "self", summary: "SUSE Bug 1110538", url: "https://bugzilla.suse.com/1110538", }, { category: "self", summary: "SUSE Bug 1110561", url: "https://bugzilla.suse.com/1110561", }, { category: "self", summary: "SUSE Bug 1110639", url: "https://bugzilla.suse.com/1110639", }, { category: "self", summary: "SUSE Bug 1110642", url: "https://bugzilla.suse.com/1110642", }, { category: "self", summary: "SUSE Bug 1110643", url: "https://bugzilla.suse.com/1110643", }, { category: "self", summary: "SUSE Bug 1110644", url: "https://bugzilla.suse.com/1110644", }, { category: "self", summary: "SUSE Bug 1110645", url: "https://bugzilla.suse.com/1110645", }, { category: "self", summary: "SUSE Bug 1110646", url: "https://bugzilla.suse.com/1110646", }, { category: "self", summary: "SUSE Bug 1110647", url: "https://bugzilla.suse.com/1110647", }, { category: "self", summary: "SUSE Bug 1110649", url: "https://bugzilla.suse.com/1110649", }, { category: "self", summary: "SUSE Bug 1110650", url: "https://bugzilla.suse.com/1110650", }, { category: "self", summary: "SUSE Bug 1111028", url: "https://bugzilla.suse.com/1111028", }, { category: "self", summary: "SUSE Bug 1111040", url: "https://bugzilla.suse.com/1111040", }, { category: "self", summary: "SUSE Bug 1111076", url: "https://bugzilla.suse.com/1111076", }, { category: "self", summary: "SUSE Bug 1111506", url: "https://bugzilla.suse.com/1111506", }, { category: "self", summary: "SUSE Bug 1111806", url: "https://bugzilla.suse.com/1111806", }, { category: "self", summary: "SUSE Bug 1111819", url: "https://bugzilla.suse.com/1111819", }, { category: "self", summary: "SUSE Bug 1111830", url: "https://bugzilla.suse.com/1111830", }, { category: "self", summary: "SUSE Bug 1111834", url: "https://bugzilla.suse.com/1111834", }, { category: "self", summary: "SUSE Bug 1111841", url: "https://bugzilla.suse.com/1111841", }, { category: "self", summary: "SUSE Bug 1111870", url: "https://bugzilla.suse.com/1111870", }, { category: "self", summary: "SUSE Bug 1111901", url: "https://bugzilla.suse.com/1111901", }, { category: "self", summary: "SUSE Bug 1111904", url: "https://bugzilla.suse.com/1111904", }, { category: "self", summary: "SUSE Bug 1111921", url: "https://bugzilla.suse.com/1111921", }, { category: "self", summary: "SUSE Bug 1111928", url: "https://bugzilla.suse.com/1111928", }, { category: "self", summary: "SUSE Bug 1111983", url: "https://bugzilla.suse.com/1111983", }, { category: "self", summary: "SUSE Bug 1112170", url: "https://bugzilla.suse.com/1112170", }, { category: "self", summary: "SUSE Bug 1112208", url: "https://bugzilla.suse.com/1112208", }, { category: "self", summary: "SUSE Bug 1112219", url: "https://bugzilla.suse.com/1112219", }, { category: "self", summary: "SUSE Bug 1112246", url: "https://bugzilla.suse.com/1112246", }, { category: "self", summary: "SUSE Bug 1112372", url: "https://bugzilla.suse.com/1112372", }, { category: "self", summary: "SUSE Bug 1112514", url: "https://bugzilla.suse.com/1112514", }, { category: "self", summary: "SUSE Bug 1112554", url: "https://bugzilla.suse.com/1112554", }, { category: "self", summary: "SUSE Bug 1112708", url: "https://bugzilla.suse.com/1112708", }, { category: "self", summary: "SUSE Bug 1112710", url: "https://bugzilla.suse.com/1112710", }, { category: "self", summary: "SUSE Bug 1112711", url: "https://bugzilla.suse.com/1112711", }, { category: "self", summary: "SUSE Bug 1112712", url: "https://bugzilla.suse.com/1112712", }, { category: "self", summary: "SUSE Bug 1112713", url: "https://bugzilla.suse.com/1112713", }, { category: "self", summary: "SUSE Bug 1112731", url: "https://bugzilla.suse.com/1112731", }, { category: "self", summary: "SUSE Bug 1112732", url: "https://bugzilla.suse.com/1112732", }, { category: "self", summary: "SUSE Bug 1112733", url: "https://bugzilla.suse.com/1112733", }, { category: "self", summary: "SUSE Bug 1112734", url: "https://bugzilla.suse.com/1112734", }, { category: "self", summary: "SUSE Bug 1112735", url: "https://bugzilla.suse.com/1112735", }, { category: "self", summary: "SUSE Bug 1112736", url: "https://bugzilla.suse.com/1112736", }, { category: "self", summary: "SUSE Bug 1112738", url: "https://bugzilla.suse.com/1112738", }, { category: "self", summary: "SUSE Bug 1112739", url: "https://bugzilla.suse.com/1112739", }, { category: "self", summary: "SUSE Bug 1112740", url: "https://bugzilla.suse.com/1112740", }, { category: "self", summary: "SUSE Bug 1112741", url: "https://bugzilla.suse.com/1112741", }, { category: "self", summary: "SUSE Bug 1112743", url: "https://bugzilla.suse.com/1112743", }, { category: "self", summary: "SUSE Bug 1112745", url: "https://bugzilla.suse.com/1112745", }, { category: "self", summary: "SUSE Bug 1112746", url: "https://bugzilla.suse.com/1112746", }, { category: "self", summary: "SUSE Bug 1112878", url: "https://bugzilla.suse.com/1112878", }, { category: "self", summary: "SUSE Bug 1112894", url: "https://bugzilla.suse.com/1112894", }, { category: "self", summary: "SUSE Bug 1112899", url: "https://bugzilla.suse.com/1112899", }, { category: "self", summary: "SUSE Bug 1112902", url: "https://bugzilla.suse.com/1112902", }, { category: "self", summary: "SUSE Bug 1112903", url: "https://bugzilla.suse.com/1112903", }, { category: "self", summary: "SUSE Bug 1112905", url: "https://bugzilla.suse.com/1112905", }, { category: "self", summary: "SUSE Bug 1112906", url: "https://bugzilla.suse.com/1112906", }, { category: "self", summary: "SUSE Bug 1112907", url: "https://bugzilla.suse.com/1112907", }, { category: "self", summary: "SUSE Bug 1113257", url: "https://bugzilla.suse.com/1113257", }, { category: "self", summary: "SUSE Bug 1113284", url: "https://bugzilla.suse.com/1113284", }, { category: "self", summary: "SUSE Bug 1113295", url: "https://bugzilla.suse.com/1113295", }, { category: "self", summary: "SUSE Bug 1113408", url: "https://bugzilla.suse.com/1113408", }, { category: "self", summary: "SUSE Bug 1113667", url: "https://bugzilla.suse.com/1113667", }, { category: "self", summary: "SUSE Bug 1113722", url: "https://bugzilla.suse.com/1113722", }, { category: "self", summary: "SUSE Bug 1113751", url: "https://bugzilla.suse.com/1113751", }, { category: "self", summary: "SUSE Bug 1113780", url: "https://bugzilla.suse.com/1113780", }, { category: "self", summary: "SUSE Bug 1113972", url: "https://bugzilla.suse.com/1113972", }, { category: "self", summary: "SUSE Bug 1114279", url: "https://bugzilla.suse.com/1114279", }, { category: "self", summary: "SUSE Bug 971975", url: "https://bugzilla.suse.com/971975", }, { category: "self", summary: "SUSE CVE CVE-2017-16533 page", url: "https://www.suse.com/security/cve/CVE-2017-16533/", }, { category: "self", summary: "SUSE CVE CVE-2017-18224 page", url: "https://www.suse.com/security/cve/CVE-2017-18224/", }, { category: "self", summary: "SUSE CVE CVE-2018-10902 page", url: "https://www.suse.com/security/cve/CVE-2018-10902/", }, { category: "self", summary: "SUSE CVE CVE-2018-10938 page", url: "https://www.suse.com/security/cve/CVE-2018-10938/", }, { category: "self", summary: "SUSE CVE CVE-2018-10940 page", url: "https://www.suse.com/security/cve/CVE-2018-10940/", }, { category: "self", summary: "SUSE CVE CVE-2018-1128 page", url: "https://www.suse.com/security/cve/CVE-2018-1128/", }, { category: "self", summary: "SUSE CVE CVE-2018-1129 page", url: "https://www.suse.com/security/cve/CVE-2018-1129/", }, { category: "self", summary: "SUSE CVE CVE-2018-12896 page", url: "https://www.suse.com/security/cve/CVE-2018-12896/", }, { category: "self", summary: "SUSE CVE CVE-2018-13093 page", url: "https://www.suse.com/security/cve/CVE-2018-13093/", }, { category: "self", summary: "SUSE CVE CVE-2018-13095 page", url: "https://www.suse.com/security/cve/CVE-2018-13095/", }, { category: "self", summary: "SUSE CVE CVE-2018-14613 page", url: "https://www.suse.com/security/cve/CVE-2018-14613/", }, { category: "self", summary: "SUSE CVE CVE-2018-14617 page", url: "https://www.suse.com/security/cve/CVE-2018-14617/", }, { category: "self", summary: "SUSE CVE CVE-2018-14633 page", url: "https://www.suse.com/security/cve/CVE-2018-14633/", }, { category: "self", summary: "SUSE CVE CVE-2018-15572 page", url: "https://www.suse.com/security/cve/CVE-2018-15572/", }, { category: "self", summary: "SUSE CVE CVE-2018-16658 page", url: "https://www.suse.com/security/cve/CVE-2018-16658/", }, { category: "self", summary: "SUSE CVE CVE-2018-17182 page", url: "https://www.suse.com/security/cve/CVE-2018-17182/", }, { category: "self", summary: "SUSE CVE CVE-2018-18386 page", url: "https://www.suse.com/security/cve/CVE-2018-18386/", }, { category: "self", summary: "SUSE CVE CVE-2018-18445 page", url: "https://www.suse.com/security/cve/CVE-2018-18445/", }, { category: "self", summary: "SUSE CVE CVE-2018-18710 page", url: "https://www.suse.com/security/cve/CVE-2018-18710/", }, { category: "self", summary: "SUSE CVE CVE-2018-6554 page", url: "https://www.suse.com/security/cve/CVE-2018-6554/", }, { category: "self", summary: "SUSE CVE CVE-2018-6555 page", url: "https://www.suse.com/security/cve/CVE-2018-6555/", }, { category: "self", summary: "SUSE CVE CVE-2018-9363 page", url: "https://www.suse.com/security/cve/CVE-2018-9363/", }, ], title: "Security update for the Linux Kernel", tracking: { current_release_date: "2018-11-30T16:43:13Z", generator: { date: "2018-11-30T16:43:13Z", engine: { name: "cve-database.git:bin/generate-csaf.pl", version: "1", }, }, id: "SUSE-SU-2018:3961-1", initial_release_date: "2018-11-30T16:43:13Z", revision_history: [ { date: "2018-11-30T16:43:13Z", number: "1", summary: "Current version", }, ], status: "final", version: "1", }, }, product_tree: { branches: [ { branches: [ { branches: [ { category: "product_version", name: "kernel-devel-azure-4.12.14-5.16.1.noarch", product: { name: "kernel-devel-azure-4.12.14-5.16.1.noarch", product_id: "kernel-devel-azure-4.12.14-5.16.1.noarch", }, }, { category: "product_version", name: "kernel-source-azure-4.12.14-5.16.1.noarch", product: { name: "kernel-source-azure-4.12.14-5.16.1.noarch", product_id: "kernel-source-azure-4.12.14-5.16.1.noarch", }, }, ], category: "architecture", name: "noarch", }, { branches: [ { category: "product_version", name: "kernel-azure-4.12.14-5.16.1.x86_64", product: { name: "kernel-azure-4.12.14-5.16.1.x86_64", product_id: "kernel-azure-4.12.14-5.16.1.x86_64", }, }, { category: "product_version", name: "kernel-azure-base-4.12.14-5.16.1.x86_64", product: { name: "kernel-azure-base-4.12.14-5.16.1.x86_64", product_id: "kernel-azure-base-4.12.14-5.16.1.x86_64", }, }, { category: "product_version", name: "kernel-azure-devel-4.12.14-5.16.1.x86_64", product: { name: "kernel-azure-devel-4.12.14-5.16.1.x86_64", product_id: "kernel-azure-devel-4.12.14-5.16.1.x86_64", }, }, { category: "product_version", name: "kernel-syms-azure-4.12.14-5.16.1.x86_64", product: { name: "kernel-syms-azure-4.12.14-5.16.1.x86_64", product_id: "kernel-syms-azure-4.12.14-5.16.1.x86_64", }, }, ], category: "architecture", name: "x86_64", }, { branches: [ { category: "product_name", name: "SUSE Linux Enterprise Module for Public Cloud 15", product: { name: "SUSE Linux Enterprise Module for Public Cloud 15", product_id: "SUSE Linux Enterprise Module for Public Cloud 15", product_identification_helper: { cpe: "cpe:/o:suse:sle-module-public-cloud:15", }, }, }, ], category: "product_family", name: "SUSE Linux Enterprise", }, ], category: "vendor", name: "SUSE", }, ], relationships: [ { category: "default_component_of", full_product_name: { name: "kernel-azure-4.12.14-5.16.1.x86_64 as component of SUSE Linux Enterprise Module for Public Cloud 15", product_id: "SUSE Linux Enterprise Module for Public Cloud 15:kernel-azure-4.12.14-5.16.1.x86_64", }, product_reference: "kernel-azure-4.12.14-5.16.1.x86_64", relates_to_product_reference: "SUSE Linux Enterprise Module for Public Cloud 15", }, { category: "default_component_of", full_product_name: { name: "kernel-azure-base-4.12.14-5.16.1.x86_64 as component of SUSE Linux Enterprise Module for Public Cloud 15", product_id: "SUSE Linux Enterprise Module for Public Cloud 15:kernel-azure-base-4.12.14-5.16.1.x86_64", }, product_reference: "kernel-azure-base-4.12.14-5.16.1.x86_64", relates_to_product_reference: "SUSE Linux Enterprise Module for Public Cloud 15", }, { category: "default_component_of", full_product_name: { name: "kernel-azure-devel-4.12.14-5.16.1.x86_64 as component of SUSE Linux Enterprise Module for Public Cloud 15", product_id: "SUSE Linux Enterprise Module for Public Cloud 15:kernel-azure-devel-4.12.14-5.16.1.x86_64", }, product_reference: "kernel-azure-devel-4.12.14-5.16.1.x86_64", relates_to_product_reference: "SUSE Linux Enterprise Module for Public Cloud 15", }, { category: "default_component_of", full_product_name: { name: "kernel-devel-azure-4.12.14-5.16.1.noarch as component of SUSE Linux Enterprise Module for Public Cloud 15", product_id: "SUSE Linux Enterprise Module for Public Cloud 15:kernel-devel-azure-4.12.14-5.16.1.noarch", }, product_reference: "kernel-devel-azure-4.12.14-5.16.1.noarch", relates_to_product_reference: "SUSE Linux Enterprise Module for Public Cloud 15", }, { category: "default_component_of", full_product_name: { name: "kernel-source-azure-4.12.14-5.16.1.noarch as component of SUSE Linux Enterprise Module for Public Cloud 15", product_id: "SUSE Linux Enterprise Module for Public Cloud 15:kernel-source-azure-4.12.14-5.16.1.noarch", }, product_reference: "kernel-source-azure-4.12.14-5.16.1.noarch", relates_to_product_reference: "SUSE Linux Enterprise Module for Public Cloud 15", }, { category: "default_component_of", full_product_name: { name: "kernel-syms-azure-4.12.14-5.16.1.x86_64 as component of SUSE Linux Enterprise Module for Public Cloud 15", product_id: "SUSE Linux Enterprise Module for Public Cloud 15:kernel-syms-azure-4.12.14-5.16.1.x86_64", }, product_reference: "kernel-syms-azure-4.12.14-5.16.1.x86_64", relates_to_product_reference: "SUSE Linux Enterprise Module for Public Cloud 15", }, ], }, vulnerabilities: [ { cve: "CVE-2017-16533", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2017-16533", }, ], notes: [ { category: "general", text: "The usbhid_parse function in drivers/hid/usbhid/hid-core.c in the Linux kernel before 4.13.8 allows local users to cause a denial of service (out-of-bounds read and system crash) or possibly have unspecified other impact via a crafted USB device.", title: "CVE description", }, ], product_status: { recommended: [ "SUSE Linux Enterprise Module for Public Cloud 15:kernel-azure-4.12.14-5.16.1.x86_64", "SUSE Linux Enterprise Module for Public Cloud 15:kernel-azure-base-4.12.14-5.16.1.x86_64", "SUSE Linux Enterprise Module for Public Cloud 15:kernel-azure-devel-4.12.14-5.16.1.x86_64", "SUSE Linux Enterprise Module for Public Cloud 15:kernel-devel-azure-4.12.14-5.16.1.noarch", "SUSE Linux Enterprise Module for Public Cloud 15:kernel-source-azure-4.12.14-5.16.1.noarch", "SUSE Linux Enterprise Module for Public Cloud 15:kernel-syms-azure-4.12.14-5.16.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2017-16533", url: "https://www.suse.com/security/cve/CVE-2017-16533", }, { category: "external", summary: "SUSE Bug 1066674 for CVE-2017-16533", url: "https://bugzilla.suse.com/1066674", }, { category: "external", summary: "SUSE Bug 1087082 for CVE-2017-16533", url: "https://bugzilla.suse.com/1087082", }, { category: "external", summary: "SUSE Bug 1146519 for CVE-2017-16533", url: "https://bugzilla.suse.com/1146519", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE Linux Enterprise Module for Public Cloud 15:kernel-azure-4.12.14-5.16.1.x86_64", "SUSE Linux Enterprise Module for Public Cloud 15:kernel-azure-base-4.12.14-5.16.1.x86_64", "SUSE Linux Enterprise Module for Public Cloud 15:kernel-azure-devel-4.12.14-5.16.1.x86_64", "SUSE Linux Enterprise Module for Public Cloud 15:kernel-devel-azure-4.12.14-5.16.1.noarch", "SUSE Linux Enterprise Module for Public Cloud 15:kernel-source-azure-4.12.14-5.16.1.noarch", "SUSE Linux Enterprise Module for Public Cloud 15:kernel-syms-azure-4.12.14-5.16.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 4.6, baseSeverity: "MEDIUM", vectorString: "CVSS:3.0/AV:P/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", version: "3.0", }, products: [ "SUSE Linux Enterprise Module for Public Cloud 15:kernel-azure-4.12.14-5.16.1.x86_64", "SUSE Linux Enterprise Module for Public Cloud 15:kernel-azure-base-4.12.14-5.16.1.x86_64", "SUSE Linux Enterprise Module for Public Cloud 15:kernel-azure-devel-4.12.14-5.16.1.x86_64", "SUSE Linux Enterprise Module for Public Cloud 15:kernel-devel-azure-4.12.14-5.16.1.noarch", "SUSE Linux Enterprise Module for Public Cloud 15:kernel-source-azure-4.12.14-5.16.1.noarch", "SUSE Linux Enterprise Module for Public Cloud 15:kernel-syms-azure-4.12.14-5.16.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2018-11-30T16:43:13Z", details: "moderate", }, ], title: "CVE-2017-16533", }, { cve: "CVE-2017-18224", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2017-18224", }, ], notes: [ { category: "general", text: "In the Linux kernel before 4.15, fs/ocfs2/aops.c omits use of a semaphore and consequently has a race condition for access to the extent tree during read operations in DIRECT mode, which allows local users to cause a denial of service (BUG) by modifying a certain e_cpos field.", title: "CVE description", }, ], product_status: { recommended: [ "SUSE Linux Enterprise Module for Public Cloud 15:kernel-azure-4.12.14-5.16.1.x86_64", "SUSE Linux Enterprise Module for Public Cloud 15:kernel-azure-base-4.12.14-5.16.1.x86_64", "SUSE Linux Enterprise Module for Public Cloud 15:kernel-azure-devel-4.12.14-5.16.1.x86_64", "SUSE Linux Enterprise Module for Public Cloud 15:kernel-devel-azure-4.12.14-5.16.1.noarch", "SUSE Linux Enterprise Module for Public Cloud 15:kernel-source-azure-4.12.14-5.16.1.noarch", "SUSE Linux Enterprise Module for Public Cloud 15:kernel-syms-azure-4.12.14-5.16.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2017-18224", url: "https://www.suse.com/security/cve/CVE-2017-18224", }, { category: "external", summary: "SUSE Bug 1084831 for CVE-2017-18224", url: "https://bugzilla.suse.com/1084831", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE Linux Enterprise Module for Public Cloud 15:kernel-azure-4.12.14-5.16.1.x86_64", "SUSE Linux Enterprise Module for Public Cloud 15:kernel-azure-base-4.12.14-5.16.1.x86_64", "SUSE Linux Enterprise Module for Public Cloud 15:kernel-azure-devel-4.12.14-5.16.1.x86_64", "SUSE Linux Enterprise Module for Public Cloud 15:kernel-devel-azure-4.12.14-5.16.1.noarch", "SUSE Linux Enterprise Module for Public Cloud 15:kernel-source-azure-4.12.14-5.16.1.noarch", "SUSE Linux Enterprise Module for Public Cloud 15:kernel-syms-azure-4.12.14-5.16.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 4.7, baseSeverity: "MEDIUM", vectorString: "CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H", version: "3.0", }, products: [ "SUSE Linux Enterprise Module for Public Cloud 15:kernel-azure-4.12.14-5.16.1.x86_64", "SUSE Linux Enterprise Module for Public Cloud 15:kernel-azure-base-4.12.14-5.16.1.x86_64", "SUSE Linux Enterprise Module for Public Cloud 15:kernel-azure-devel-4.12.14-5.16.1.x86_64", "SUSE Linux Enterprise Module for Public Cloud 15:kernel-devel-azure-4.12.14-5.16.1.noarch", "SUSE Linux Enterprise Module for Public Cloud 15:kernel-source-azure-4.12.14-5.16.1.noarch", "SUSE Linux Enterprise Module for Public Cloud 15:kernel-syms-azure-4.12.14-5.16.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2018-11-30T16:43:13Z", details: "moderate", }, ], title: "CVE-2017-18224", }, { cve: "CVE-2018-10902", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2018-10902", }, ], notes: [ { category: "general", text: "It was found that the raw midi kernel driver does not protect against concurrent access which leads to a double realloc (double free) in snd_rawmidi_input_params() and snd_rawmidi_output_status() which are part of snd_rawmidi_ioctl() handler in rawmidi.c file. A malicious local attacker could possibly use this for privilege escalation.", title: "CVE description", }, ], product_status: { recommended: [ "SUSE Linux Enterprise Module for Public Cloud 15:kernel-azure-4.12.14-5.16.1.x86_64", "SUSE Linux Enterprise Module for Public Cloud 15:kernel-azure-base-4.12.14-5.16.1.x86_64", "SUSE Linux Enterprise Module for Public Cloud 15:kernel-azure-devel-4.12.14-5.16.1.x86_64", "SUSE Linux Enterprise Module for Public Cloud 15:kernel-devel-azure-4.12.14-5.16.1.noarch", "SUSE Linux Enterprise Module for Public Cloud 15:kernel-source-azure-4.12.14-5.16.1.noarch", "SUSE Linux Enterprise Module for Public Cloud 15:kernel-syms-azure-4.12.14-5.16.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2018-10902", url: "https://www.suse.com/security/cve/CVE-2018-10902", }, { category: "external", summary: "SUSE Bug 1105322 for CVE-2018-10902", url: "https://bugzilla.suse.com/1105322", }, { category: "external", summary: "SUSE Bug 1105323 for CVE-2018-10902", url: "https://bugzilla.suse.com/1105323", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE Linux Enterprise Module for Public Cloud 15:kernel-azure-4.12.14-5.16.1.x86_64", "SUSE Linux Enterprise Module for Public Cloud 15:kernel-azure-base-4.12.14-5.16.1.x86_64", "SUSE Linux Enterprise Module for Public Cloud 15:kernel-azure-devel-4.12.14-5.16.1.x86_64", "SUSE Linux Enterprise Module for Public Cloud 15:kernel-devel-azure-4.12.14-5.16.1.noarch", "SUSE Linux Enterprise Module for Public Cloud 15:kernel-source-azure-4.12.14-5.16.1.noarch", "SUSE Linux Enterprise Module for Public Cloud 15:kernel-syms-azure-4.12.14-5.16.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 7, baseSeverity: "HIGH", vectorString: "CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H", version: "3.0", }, products: [ "SUSE Linux Enterprise Module for Public Cloud 15:kernel-azure-4.12.14-5.16.1.x86_64", "SUSE Linux Enterprise Module for Public Cloud 15:kernel-azure-base-4.12.14-5.16.1.x86_64", "SUSE Linux Enterprise Module for Public Cloud 15:kernel-azure-devel-4.12.14-5.16.1.x86_64", "SUSE Linux Enterprise Module for Public Cloud 15:kernel-devel-azure-4.12.14-5.16.1.noarch", "SUSE Linux Enterprise Module for Public Cloud 15:kernel-source-azure-4.12.14-5.16.1.noarch", "SUSE Linux Enterprise Module for Public Cloud 15:kernel-syms-azure-4.12.14-5.16.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2018-11-30T16:43:13Z", details: "moderate", }, ], title: "CVE-2018-10902", }, { cve: "CVE-2018-10938", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2018-10938", }, ], notes: [ { category: "general", text: "A flaw was found in the Linux kernel present since v4.0-rc1 and through v4.13-rc4. A crafted network packet sent remotely by an attacker may force the kernel to enter an infinite loop in the cipso_v4_optptr() function in net/ipv4/cipso_ipv4.c leading to a denial-of-service. A certain non-default configuration of LSM (Linux Security Module) and NetLabel should be set up on a system before an attacker could leverage this flaw.", title: "CVE description", }, ], product_status: { recommended: [ "SUSE Linux Enterprise Module for Public Cloud 15:kernel-azure-4.12.14-5.16.1.x86_64", "SUSE Linux Enterprise Module for Public Cloud 15:kernel-azure-base-4.12.14-5.16.1.x86_64", "SUSE Linux Enterprise Module for Public Cloud 15:kernel-azure-devel-4.12.14-5.16.1.x86_64", "SUSE Linux Enterprise Module for Public Cloud 15:kernel-devel-azure-4.12.14-5.16.1.noarch", "SUSE Linux Enterprise Module for Public Cloud 15:kernel-source-azure-4.12.14-5.16.1.noarch", "SUSE Linux Enterprise Module for Public Cloud 15:kernel-syms-azure-4.12.14-5.16.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2018-10938", url: "https://www.suse.com/security/cve/CVE-2018-10938", }, { category: "external", summary: "SUSE Bug 1106016 for CVE-2018-10938", url: "https://bugzilla.suse.com/1106016", }, { category: "external", summary: "SUSE Bug 1106191 for CVE-2018-10938", url: "https://bugzilla.suse.com/1106191", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE Linux Enterprise Module for Public Cloud 15:kernel-azure-4.12.14-5.16.1.x86_64", "SUSE Linux Enterprise Module for Public Cloud 15:kernel-azure-base-4.12.14-5.16.1.x86_64", "SUSE Linux Enterprise Module for Public Cloud 15:kernel-azure-devel-4.12.14-5.16.1.x86_64", "SUSE Linux Enterprise Module for Public Cloud 15:kernel-devel-azure-4.12.14-5.16.1.noarch", "SUSE Linux Enterprise Module for Public Cloud 15:kernel-source-azure-4.12.14-5.16.1.noarch", "SUSE Linux Enterprise Module for Public Cloud 15:kernel-syms-azure-4.12.14-5.16.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 7.5, baseSeverity: "HIGH", vectorString: "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", version: "3.0", }, products: [ "SUSE Linux Enterprise Module for Public Cloud 15:kernel-azure-4.12.14-5.16.1.x86_64", "SUSE Linux Enterprise Module for Public Cloud 15:kernel-azure-base-4.12.14-5.16.1.x86_64", "SUSE Linux Enterprise Module for Public Cloud 15:kernel-azure-devel-4.12.14-5.16.1.x86_64", "SUSE Linux Enterprise Module for Public Cloud 15:kernel-devel-azure-4.12.14-5.16.1.noarch", "SUSE Linux Enterprise Module for Public Cloud 15:kernel-source-azure-4.12.14-5.16.1.noarch", "SUSE Linux Enterprise Module for Public Cloud 15:kernel-syms-azure-4.12.14-5.16.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2018-11-30T16:43:13Z", details: "important", }, ], title: "CVE-2018-10938", }, { cve: "CVE-2018-10940", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2018-10940", }, ], notes: [ { category: "general", text: "The cdrom_ioctl_media_changed function in drivers/cdrom/cdrom.c in the Linux kernel before 4.16.6 allows local attackers to use a incorrect bounds check in the CDROM driver CDROM_MEDIA_CHANGED ioctl to read out kernel memory.", title: "CVE description", }, ], product_status: { recommended: [ "SUSE Linux Enterprise Module for Public Cloud 15:kernel-azure-4.12.14-5.16.1.x86_64", "SUSE Linux Enterprise Module for Public Cloud 15:kernel-azure-base-4.12.14-5.16.1.x86_64", "SUSE Linux Enterprise Module for Public Cloud 15:kernel-azure-devel-4.12.14-5.16.1.x86_64", "SUSE Linux Enterprise Module for Public Cloud 15:kernel-devel-azure-4.12.14-5.16.1.noarch", "SUSE Linux Enterprise Module for Public Cloud 15:kernel-source-azure-4.12.14-5.16.1.noarch", "SUSE Linux Enterprise Module for Public Cloud 15:kernel-syms-azure-4.12.14-5.16.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2018-10940", url: "https://www.suse.com/security/cve/CVE-2018-10940", }, { category: "external", summary: "SUSE Bug 1087082 for CVE-2018-10940", url: "https://bugzilla.suse.com/1087082", }, { category: "external", summary: "SUSE Bug 1092903 for CVE-2018-10940", url: "https://bugzilla.suse.com/1092903", }, { category: "external", summary: "SUSE Bug 1107689 for CVE-2018-10940", url: "https://bugzilla.suse.com/1107689", }, { category: "external", summary: "SUSE Bug 1113751 for CVE-2018-10940", url: "https://bugzilla.suse.com/1113751", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE Linux Enterprise Module for Public Cloud 15:kernel-azure-4.12.14-5.16.1.x86_64", "SUSE Linux Enterprise Module for Public Cloud 15:kernel-azure-base-4.12.14-5.16.1.x86_64", "SUSE Linux Enterprise Module for Public Cloud 15:kernel-azure-devel-4.12.14-5.16.1.x86_64", "SUSE Linux Enterprise Module for Public Cloud 15:kernel-devel-azure-4.12.14-5.16.1.noarch", "SUSE Linux Enterprise Module for Public Cloud 15:kernel-source-azure-4.12.14-5.16.1.noarch", "SUSE Linux Enterprise Module for Public Cloud 15:kernel-syms-azure-4.12.14-5.16.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 6.2, baseSeverity: "MEDIUM", vectorString: "CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N", version: "3.0", }, products: [ "SUSE Linux Enterprise Module for Public Cloud 15:kernel-azure-4.12.14-5.16.1.x86_64", "SUSE Linux Enterprise Module for Public Cloud 15:kernel-azure-base-4.12.14-5.16.1.x86_64", "SUSE Linux Enterprise Module for Public Cloud 15:kernel-azure-devel-4.12.14-5.16.1.x86_64", "SUSE Linux Enterprise Module for Public Cloud 15:kernel-devel-azure-4.12.14-5.16.1.noarch", "SUSE Linux Enterprise Module for Public Cloud 15:kernel-source-azure-4.12.14-5.16.1.noarch", "SUSE Linux Enterprise Module for Public Cloud 15:kernel-syms-azure-4.12.14-5.16.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2018-11-30T16:43:13Z", details: "moderate", }, ], title: "CVE-2018-10940", }, { cve: "CVE-2018-1128", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2018-1128", }, ], notes: [ { category: "general", text: "It was found that cephx authentication protocol did not verify ceph clients correctly and was vulnerable to replay attack. Any attacker having access to ceph cluster network who is able to sniff packets on network can use this vulnerability to authenticate with ceph service and perform actions allowed by ceph service. Ceph branches master, mimic, luminous and jewel are believed to be vulnerable.", title: "CVE description", }, ], product_status: { recommended: [ "SUSE Linux Enterprise Module for Public Cloud 15:kernel-azure-4.12.14-5.16.1.x86_64", "SUSE Linux Enterprise Module for Public Cloud 15:kernel-azure-base-4.12.14-5.16.1.x86_64", "SUSE Linux Enterprise Module for Public Cloud 15:kernel-azure-devel-4.12.14-5.16.1.x86_64", "SUSE Linux Enterprise Module for Public Cloud 15:kernel-devel-azure-4.12.14-5.16.1.noarch", "SUSE Linux Enterprise Module for Public Cloud 15:kernel-source-azure-4.12.14-5.16.1.noarch", "SUSE Linux Enterprise Module for Public Cloud 15:kernel-syms-azure-4.12.14-5.16.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2018-1128", url: "https://www.suse.com/security/cve/CVE-2018-1128", }, { category: "external", summary: "SUSE Bug 1096748 for CVE-2018-1128", url: "https://bugzilla.suse.com/1096748", }, { category: "external", summary: "SUSE Bug 1114710 for CVE-2018-1128", url: "https://bugzilla.suse.com/1114710", }, { category: "external", summary: "SUSE Bug 1177843 for CVE-2018-1128", url: "https://bugzilla.suse.com/1177843", }, { category: "external", summary: "SUSE Bug 1177859 for CVE-2018-1128", url: "https://bugzilla.suse.com/1177859", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE Linux Enterprise Module for Public Cloud 15:kernel-azure-4.12.14-5.16.1.x86_64", "SUSE Linux Enterprise Module for Public Cloud 15:kernel-azure-base-4.12.14-5.16.1.x86_64", "SUSE Linux Enterprise Module for Public Cloud 15:kernel-azure-devel-4.12.14-5.16.1.x86_64", "SUSE Linux Enterprise Module for Public Cloud 15:kernel-devel-azure-4.12.14-5.16.1.noarch", "SUSE Linux Enterprise Module for Public Cloud 15:kernel-source-azure-4.12.14-5.16.1.noarch", "SUSE Linux Enterprise Module for Public Cloud 15:kernel-syms-azure-4.12.14-5.16.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 8.3, baseSeverity: "HIGH", vectorString: "CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:L", version: "3.0", }, products: [ "SUSE Linux Enterprise Module for Public Cloud 15:kernel-azure-4.12.14-5.16.1.x86_64", "SUSE Linux Enterprise Module for Public Cloud 15:kernel-azure-base-4.12.14-5.16.1.x86_64", "SUSE Linux Enterprise Module for Public Cloud 15:kernel-azure-devel-4.12.14-5.16.1.x86_64", "SUSE Linux Enterprise Module for Public Cloud 15:kernel-devel-azure-4.12.14-5.16.1.noarch", "SUSE Linux Enterprise Module for Public Cloud 15:kernel-source-azure-4.12.14-5.16.1.noarch", "SUSE Linux Enterprise Module for Public Cloud 15:kernel-syms-azure-4.12.14-5.16.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2018-11-30T16:43:13Z", details: "important", }, ], title: "CVE-2018-1128", }, { cve: "CVE-2018-1129", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2018-1129", }, ], notes: [ { category: "general", text: "A flaw was found in the way signature calculation was handled by cephx authentication protocol. An attacker having access to ceph cluster network who is able to alter the message payload was able to bypass signature checks done by cephx protocol. Ceph branches master, mimic, luminous and jewel are believed to be vulnerable.", title: "CVE description", }, ], product_status: { recommended: [ "SUSE Linux Enterprise Module for Public Cloud 15:kernel-azure-4.12.14-5.16.1.x86_64", "SUSE Linux Enterprise Module for Public Cloud 15:kernel-azure-base-4.12.14-5.16.1.x86_64", "SUSE Linux Enterprise Module for Public Cloud 15:kernel-azure-devel-4.12.14-5.16.1.x86_64", "SUSE Linux Enterprise Module for Public Cloud 15:kernel-devel-azure-4.12.14-5.16.1.noarch", "SUSE Linux Enterprise Module for Public Cloud 15:kernel-source-azure-4.12.14-5.16.1.noarch", "SUSE Linux Enterprise Module for Public Cloud 15:kernel-syms-azure-4.12.14-5.16.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2018-1129", url: "https://www.suse.com/security/cve/CVE-2018-1129", }, { category: "external", summary: "SUSE Bug 1096748 for CVE-2018-1129", url: "https://bugzilla.suse.com/1096748", }, { category: "external", summary: "SUSE Bug 1114710 for CVE-2018-1129", url: "https://bugzilla.suse.com/1114710", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE Linux Enterprise Module for Public Cloud 15:kernel-azure-4.12.14-5.16.1.x86_64", "SUSE Linux Enterprise Module for Public Cloud 15:kernel-azure-base-4.12.14-5.16.1.x86_64", "SUSE Linux Enterprise Module for Public Cloud 15:kernel-azure-devel-4.12.14-5.16.1.x86_64", "SUSE Linux Enterprise Module for Public Cloud 15:kernel-devel-azure-4.12.14-5.16.1.noarch", "SUSE Linux Enterprise Module for Public Cloud 15:kernel-source-azure-4.12.14-5.16.1.noarch", "SUSE Linux Enterprise Module for Public Cloud 15:kernel-syms-azure-4.12.14-5.16.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 8.1, baseSeverity: "HIGH", vectorString: "CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N", version: "3.0", }, products: [ "SUSE Linux Enterprise Module for Public Cloud 15:kernel-azure-4.12.14-5.16.1.x86_64", "SUSE Linux Enterprise Module for Public Cloud 15:kernel-azure-base-4.12.14-5.16.1.x86_64", "SUSE Linux Enterprise Module for Public Cloud 15:kernel-azure-devel-4.12.14-5.16.1.x86_64", "SUSE Linux Enterprise Module for Public Cloud 15:kernel-devel-azure-4.12.14-5.16.1.noarch", "SUSE Linux Enterprise Module for Public Cloud 15:kernel-source-azure-4.12.14-5.16.1.noarch", "SUSE Linux Enterprise Module for Public Cloud 15:kernel-syms-azure-4.12.14-5.16.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2018-11-30T16:43:13Z", details: "important", }, ], title: "CVE-2018-1129", }, { cve: "CVE-2018-12896", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2018-12896", }, ], notes: [ { category: "general", text: "An issue was discovered in the Linux kernel through 4.17.3. An Integer Overflow in kernel/time/posix-timers.c in the POSIX timer code is caused by the way the overrun accounting works. Depending on interval and expiry time values, the overrun can be larger than INT_MAX, but the accounting is int based. This basically makes the accounting values, which are visible to user space via timer_getoverrun(2) and siginfo::si_overrun, random. For example, a local user can cause a denial of service (signed integer overflow) via crafted mmap, futex, timer_create, and timer_settime system calls.", title: "CVE description", }, ], product_status: { recommended: [ "SUSE Linux Enterprise Module for Public Cloud 15:kernel-azure-4.12.14-5.16.1.x86_64", "SUSE Linux Enterprise Module for Public Cloud 15:kernel-azure-base-4.12.14-5.16.1.x86_64", "SUSE Linux Enterprise Module for Public Cloud 15:kernel-azure-devel-4.12.14-5.16.1.x86_64", "SUSE Linux Enterprise Module for Public Cloud 15:kernel-devel-azure-4.12.14-5.16.1.noarch", "SUSE Linux Enterprise Module for Public Cloud 15:kernel-source-azure-4.12.14-5.16.1.noarch", "SUSE Linux Enterprise Module for Public Cloud 15:kernel-syms-azure-4.12.14-5.16.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2018-12896", url: "https://www.suse.com/security/cve/CVE-2018-12896", }, { category: "external", summary: "SUSE Bug 1099922 for CVE-2018-12896", url: "https://bugzilla.suse.com/1099922", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE Linux Enterprise Module for Public Cloud 15:kernel-azure-4.12.14-5.16.1.x86_64", "SUSE Linux Enterprise Module for Public Cloud 15:kernel-azure-base-4.12.14-5.16.1.x86_64", "SUSE Linux Enterprise Module for Public Cloud 15:kernel-azure-devel-4.12.14-5.16.1.x86_64", "SUSE Linux Enterprise Module for Public Cloud 15:kernel-devel-azure-4.12.14-5.16.1.noarch", "SUSE Linux Enterprise Module for Public Cloud 15:kernel-source-azure-4.12.14-5.16.1.noarch", "SUSE Linux Enterprise Module for Public Cloud 15:kernel-syms-azure-4.12.14-5.16.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 3.3, baseSeverity: "LOW", vectorString: "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L", version: "3.0", }, products: [ "SUSE Linux Enterprise Module for Public Cloud 15:kernel-azure-4.12.14-5.16.1.x86_64", "SUSE Linux Enterprise Module for Public Cloud 15:kernel-azure-base-4.12.14-5.16.1.x86_64", "SUSE Linux Enterprise Module for Public Cloud 15:kernel-azure-devel-4.12.14-5.16.1.x86_64", "SUSE Linux Enterprise Module for Public Cloud 15:kernel-devel-azure-4.12.14-5.16.1.noarch", "SUSE Linux Enterprise Module for Public Cloud 15:kernel-source-azure-4.12.14-5.16.1.noarch", "SUSE Linux Enterprise Module for Public Cloud 15:kernel-syms-azure-4.12.14-5.16.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2018-11-30T16:43:13Z", details: "low", }, ], title: "CVE-2018-12896", }, { cve: "CVE-2018-13093", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2018-13093", }, ], notes: [ { category: "general", text: "An issue was discovered in fs/xfs/xfs_icache.c in the Linux kernel through 4.17.3. There is a NULL pointer dereference and panic in lookup_slow() on a NULL inode->i_ops pointer when doing pathwalks on a corrupted xfs image. This occurs because of a lack of proper validation that cached inodes are free during allocation.", title: "CVE description", }, ], product_status: { recommended: [ "SUSE Linux Enterprise Module for Public Cloud 15:kernel-azure-4.12.14-5.16.1.x86_64", "SUSE Linux Enterprise Module for Public Cloud 15:kernel-azure-base-4.12.14-5.16.1.x86_64", "SUSE Linux Enterprise Module for Public Cloud 15:kernel-azure-devel-4.12.14-5.16.1.x86_64", "SUSE Linux Enterprise Module for Public Cloud 15:kernel-devel-azure-4.12.14-5.16.1.noarch", "SUSE Linux Enterprise Module for Public Cloud 15:kernel-source-azure-4.12.14-5.16.1.noarch", "SUSE Linux Enterprise Module for Public Cloud 15:kernel-syms-azure-4.12.14-5.16.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2018-13093", url: "https://www.suse.com/security/cve/CVE-2018-13093", }, { category: "external", summary: "SUSE Bug 1100001 for CVE-2018-13093", url: "https://bugzilla.suse.com/1100001", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE Linux Enterprise Module for Public Cloud 15:kernel-azure-4.12.14-5.16.1.x86_64", "SUSE Linux Enterprise Module for Public Cloud 15:kernel-azure-base-4.12.14-5.16.1.x86_64", "SUSE Linux Enterprise Module for Public Cloud 15:kernel-azure-devel-4.12.14-5.16.1.x86_64", "SUSE Linux Enterprise Module for Public Cloud 15:kernel-devel-azure-4.12.14-5.16.1.noarch", "SUSE Linux Enterprise Module for Public Cloud 15:kernel-source-azure-4.12.14-5.16.1.noarch", "SUSE Linux Enterprise Module for Public Cloud 15:kernel-syms-azure-4.12.14-5.16.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 6.1, baseSeverity: "MEDIUM", vectorString: "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:H", version: "3.0", }, products: [ "SUSE Linux Enterprise Module for Public Cloud 15:kernel-azure-4.12.14-5.16.1.x86_64", "SUSE Linux Enterprise Module for Public Cloud 15:kernel-azure-base-4.12.14-5.16.1.x86_64", "SUSE Linux Enterprise Module for Public Cloud 15:kernel-azure-devel-4.12.14-5.16.1.x86_64", "SUSE Linux Enterprise Module for Public Cloud 15:kernel-devel-azure-4.12.14-5.16.1.noarch", "SUSE Linux Enterprise Module for Public Cloud 15:kernel-source-azure-4.12.14-5.16.1.noarch", "SUSE Linux Enterprise Module for Public Cloud 15:kernel-syms-azure-4.12.14-5.16.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2018-11-30T16:43:13Z", details: "moderate", }, ], title: "CVE-2018-13093", }, { cve: "CVE-2018-13095", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2018-13095", }, ], notes: [ { category: "general", text: "An issue was discovered in fs/xfs/libxfs/xfs_inode_buf.c in the Linux kernel through 4.17.3. A denial of service (memory corruption and BUG) can occur for a corrupted xfs image upon encountering an inode that is in extent format, but has more extents than fit in the inode fork.", title: "CVE description", }, ], product_status: { recommended: [ "SUSE Linux Enterprise Module for Public Cloud 15:kernel-azure-4.12.14-5.16.1.x86_64", "SUSE Linux Enterprise Module for Public Cloud 15:kernel-azure-base-4.12.14-5.16.1.x86_64", "SUSE Linux Enterprise Module for Public Cloud 15:kernel-azure-devel-4.12.14-5.16.1.x86_64", "SUSE Linux Enterprise Module for Public Cloud 15:kernel-devel-azure-4.12.14-5.16.1.noarch", "SUSE Linux Enterprise Module for Public Cloud 15:kernel-source-azure-4.12.14-5.16.1.noarch", "SUSE Linux Enterprise Module for Public Cloud 15:kernel-syms-azure-4.12.14-5.16.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2018-13095", url: "https://www.suse.com/security/cve/CVE-2018-13095", }, { category: "external", summary: "SUSE Bug 1099999 for CVE-2018-13095", url: "https://bugzilla.suse.com/1099999", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE Linux Enterprise Module for Public Cloud 15:kernel-azure-4.12.14-5.16.1.x86_64", "SUSE Linux Enterprise Module for Public Cloud 15:kernel-azure-base-4.12.14-5.16.1.x86_64", "SUSE Linux Enterprise Module for Public Cloud 15:kernel-azure-devel-4.12.14-5.16.1.x86_64", "SUSE Linux Enterprise Module for Public Cloud 15:kernel-devel-azure-4.12.14-5.16.1.noarch", "SUSE Linux Enterprise Module for Public Cloud 15:kernel-source-azure-4.12.14-5.16.1.noarch", "SUSE Linux Enterprise Module for Public Cloud 15:kernel-syms-azure-4.12.14-5.16.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 6.1, baseSeverity: "MEDIUM", vectorString: "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:H", version: "3.0", }, products: [ "SUSE Linux Enterprise Module for Public Cloud 15:kernel-azure-4.12.14-5.16.1.x86_64", "SUSE Linux Enterprise Module for Public Cloud 15:kernel-azure-base-4.12.14-5.16.1.x86_64", "SUSE Linux Enterprise Module for Public Cloud 15:kernel-azure-devel-4.12.14-5.16.1.x86_64", "SUSE Linux Enterprise Module for Public Cloud 15:kernel-devel-azure-4.12.14-5.16.1.noarch", "SUSE Linux Enterprise Module for Public Cloud 15:kernel-source-azure-4.12.14-5.16.1.noarch", "SUSE Linux Enterprise Module for Public Cloud 15:kernel-syms-azure-4.12.14-5.16.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2018-11-30T16:43:13Z", details: "moderate", }, ], title: "CVE-2018-13095", }, { cve: "CVE-2018-14613", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2018-14613", }, ], notes: [ { category: "general", text: "An issue was discovered in the Linux kernel through 4.17.10. There is an invalid pointer dereference in io_ctl_map_page() when mounting and operating a crafted btrfs image, because of a lack of block group item validation in check_leaf_item in fs/btrfs/tree-checker.c.", title: "CVE description", }, ], product_status: { recommended: [ "SUSE Linux Enterprise Module for Public Cloud 15:kernel-azure-4.12.14-5.16.1.x86_64", "SUSE Linux Enterprise Module for Public Cloud 15:kernel-azure-base-4.12.14-5.16.1.x86_64", "SUSE Linux Enterprise Module for Public Cloud 15:kernel-azure-devel-4.12.14-5.16.1.x86_64", "SUSE Linux Enterprise Module for Public Cloud 15:kernel-devel-azure-4.12.14-5.16.1.noarch", "SUSE Linux Enterprise Module for Public Cloud 15:kernel-source-azure-4.12.14-5.16.1.noarch", "SUSE Linux Enterprise Module for Public Cloud 15:kernel-syms-azure-4.12.14-5.16.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2018-14613", url: "https://www.suse.com/security/cve/CVE-2018-14613", }, { category: "external", summary: "SUSE Bug 1102896 for CVE-2018-14613", url: "https://bugzilla.suse.com/1102896", }, { category: "external", summary: "SUSE Bug 1103800 for CVE-2018-14613", url: "https://bugzilla.suse.com/1103800", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE Linux Enterprise Module for Public Cloud 15:kernel-azure-4.12.14-5.16.1.x86_64", "SUSE Linux Enterprise Module for Public Cloud 15:kernel-azure-base-4.12.14-5.16.1.x86_64", "SUSE Linux Enterprise Module for Public Cloud 15:kernel-azure-devel-4.12.14-5.16.1.x86_64", "SUSE Linux Enterprise Module for Public Cloud 15:kernel-devel-azure-4.12.14-5.16.1.noarch", "SUSE Linux Enterprise Module for Public Cloud 15:kernel-source-azure-4.12.14-5.16.1.noarch", "SUSE Linux Enterprise Module for Public Cloud 15:kernel-syms-azure-4.12.14-5.16.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 4.4, baseSeverity: "MEDIUM", vectorString: "CVSS:3.0/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H", version: "3.0", }, products: [ "SUSE Linux Enterprise Module for Public Cloud 15:kernel-azure-4.12.14-5.16.1.x86_64", "SUSE Linux Enterprise Module for Public Cloud 15:kernel-azure-base-4.12.14-5.16.1.x86_64", "SUSE Linux Enterprise Module for Public Cloud 15:kernel-azure-devel-4.12.14-5.16.1.x86_64", "SUSE Linux Enterprise Module for Public Cloud 15:kernel-devel-azure-4.12.14-5.16.1.noarch", "SUSE Linux Enterprise Module for Public Cloud 15:kernel-source-azure-4.12.14-5.16.1.noarch", "SUSE Linux Enterprise Module for Public Cloud 15:kernel-syms-azure-4.12.14-5.16.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2018-11-30T16:43:13Z", details: "moderate", }, ], title: "CVE-2018-14613", }, { cve: "CVE-2018-14617", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2018-14617", }, ], notes: [ { category: "general", text: "An issue was discovered in the Linux kernel through 4.17.10. There is a NULL pointer dereference and panic in hfsplus_lookup() in fs/hfsplus/dir.c when opening a file (that is purportedly a hard link) in an hfs+ filesystem that has malformed catalog data, and is mounted read-only without a metadata directory.", title: "CVE description", }, ], product_status: { recommended: [ "SUSE Linux Enterprise Module for Public Cloud 15:kernel-azure-4.12.14-5.16.1.x86_64", "SUSE Linux Enterprise Module for Public Cloud 15:kernel-azure-base-4.12.14-5.16.1.x86_64", "SUSE Linux Enterprise Module for Public Cloud 15:kernel-azure-devel-4.12.14-5.16.1.x86_64", "SUSE Linux Enterprise Module for Public Cloud 15:kernel-devel-azure-4.12.14-5.16.1.noarch", "SUSE Linux Enterprise Module for Public Cloud 15:kernel-source-azure-4.12.14-5.16.1.noarch", "SUSE Linux Enterprise Module for Public Cloud 15:kernel-syms-azure-4.12.14-5.16.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2018-14617", url: "https://www.suse.com/security/cve/CVE-2018-14617", }, { category: "external", summary: "SUSE Bug 1102870 for CVE-2018-14617", url: "https://bugzilla.suse.com/1102870", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE Linux Enterprise Module for Public Cloud 15:kernel-azure-4.12.14-5.16.1.x86_64", "SUSE Linux Enterprise Module for Public Cloud 15:kernel-azure-base-4.12.14-5.16.1.x86_64", "SUSE Linux Enterprise Module for Public Cloud 15:kernel-azure-devel-4.12.14-5.16.1.x86_64", "SUSE Linux Enterprise Module for Public Cloud 15:kernel-devel-azure-4.12.14-5.16.1.noarch", "SUSE Linux Enterprise Module for Public Cloud 15:kernel-source-azure-4.12.14-5.16.1.noarch", "SUSE Linux Enterprise Module for Public Cloud 15:kernel-syms-azure-4.12.14-5.16.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 5.5, baseSeverity: "MEDIUM", vectorString: "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", version: "3.0", }, products: [ "SUSE Linux Enterprise Module for Public Cloud 15:kernel-azure-4.12.14-5.16.1.x86_64", "SUSE Linux Enterprise Module for Public Cloud 15:kernel-azure-base-4.12.14-5.16.1.x86_64", "SUSE Linux Enterprise Module for Public Cloud 15:kernel-azure-devel-4.12.14-5.16.1.x86_64", "SUSE Linux Enterprise Module for Public Cloud 15:kernel-devel-azure-4.12.14-5.16.1.noarch", "SUSE Linux Enterprise Module for Public Cloud 15:kernel-source-azure-4.12.14-5.16.1.noarch", "SUSE Linux Enterprise Module for Public Cloud 15:kernel-syms-azure-4.12.14-5.16.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2018-11-30T16:43:13Z", details: "moderate", }, ], title: "CVE-2018-14617", }, { cve: "CVE-2018-14633", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2018-14633", }, ], notes: [ { category: "general", text: "A security flaw was found in the chap_server_compute_md5() function in the ISCSI target code in the Linux kernel in a way an authentication request from an ISCSI initiator is processed. An unauthenticated remote attacker can cause a stack buffer overflow and smash up to 17 bytes of the stack. The attack requires the iSCSI target to be enabled on the victim host. Depending on how the target's code was built (i.e. depending on a compiler, compile flags and hardware architecture) an attack may lead to a system crash and thus to a denial-of-service or possibly to a non-authorized access to data exported by an iSCSI target. Due to the nature of the flaw, privilege escalation cannot be fully ruled out, although we believe it is highly unlikely. Kernel versions 4.18.x, 4.14.x and 3.10.x are believed to be vulnerable.", title: "CVE description", }, ], product_status: { recommended: [ "SUSE Linux Enterprise Module for Public Cloud 15:kernel-azure-4.12.14-5.16.1.x86_64", "SUSE Linux Enterprise Module for Public Cloud 15:kernel-azure-base-4.12.14-5.16.1.x86_64", "SUSE Linux Enterprise Module for Public Cloud 15:kernel-azure-devel-4.12.14-5.16.1.x86_64", "SUSE Linux Enterprise Module for Public Cloud 15:kernel-devel-azure-4.12.14-5.16.1.noarch", "SUSE Linux Enterprise Module for Public Cloud 15:kernel-source-azure-4.12.14-5.16.1.noarch", "SUSE Linux Enterprise Module for Public Cloud 15:kernel-syms-azure-4.12.14-5.16.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2018-14633", url: "https://www.suse.com/security/cve/CVE-2018-14633", }, { category: "external", summary: "SUSE Bug 1107829 for CVE-2018-14633", url: "https://bugzilla.suse.com/1107829", }, { category: "external", summary: "SUSE Bug 1107832 for CVE-2018-14633", url: "https://bugzilla.suse.com/1107832", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE Linux Enterprise Module for Public Cloud 15:kernel-azure-4.12.14-5.16.1.x86_64", "SUSE Linux Enterprise Module for Public Cloud 15:kernel-azure-base-4.12.14-5.16.1.x86_64", "SUSE Linux Enterprise Module for Public Cloud 15:kernel-azure-devel-4.12.14-5.16.1.x86_64", "SUSE Linux Enterprise Module for Public Cloud 15:kernel-devel-azure-4.12.14-5.16.1.noarch", "SUSE Linux Enterprise Module for Public Cloud 15:kernel-source-azure-4.12.14-5.16.1.noarch", "SUSE Linux Enterprise Module for Public Cloud 15:kernel-syms-azure-4.12.14-5.16.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 8.8, baseSeverity: "HIGH", vectorString: "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", version: "3.0", }, products: [ "SUSE Linux Enterprise Module for Public Cloud 15:kernel-azure-4.12.14-5.16.1.x86_64", "SUSE Linux Enterprise Module for Public Cloud 15:kernel-azure-base-4.12.14-5.16.1.x86_64", "SUSE Linux Enterprise Module for Public Cloud 15:kernel-azure-devel-4.12.14-5.16.1.x86_64", "SUSE Linux Enterprise Module for Public Cloud 15:kernel-devel-azure-4.12.14-5.16.1.noarch", "SUSE Linux Enterprise Module for Public Cloud 15:kernel-source-azure-4.12.14-5.16.1.noarch", "SUSE Linux Enterprise Module for Public Cloud 15:kernel-syms-azure-4.12.14-5.16.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2018-11-30T16:43:13Z", details: "important", }, ], title: "CVE-2018-14633", }, { cve: "CVE-2018-15572", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2018-15572", }, ], notes: [ { category: "general", text: "The spectre_v2_select_mitigation function in arch/x86/kernel/cpu/bugs.c in the Linux kernel before 4.18.1 does not always fill RSB upon a context switch, which makes it easier for attackers to conduct userspace-userspace spectreRSB attacks.", title: "CVE description", }, ], product_status: { recommended: [ "SUSE Linux Enterprise Module for Public Cloud 15:kernel-azure-4.12.14-5.16.1.x86_64", "SUSE Linux Enterprise Module for Public Cloud 15:kernel-azure-base-4.12.14-5.16.1.x86_64", "SUSE Linux Enterprise Module for Public Cloud 15:kernel-azure-devel-4.12.14-5.16.1.x86_64", "SUSE Linux Enterprise Module for Public Cloud 15:kernel-devel-azure-4.12.14-5.16.1.noarch", "SUSE Linux Enterprise Module for Public Cloud 15:kernel-source-azure-4.12.14-5.16.1.noarch", "SUSE Linux Enterprise Module for Public Cloud 15:kernel-syms-azure-4.12.14-5.16.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2018-15572", url: "https://www.suse.com/security/cve/CVE-2018-15572", }, { category: "external", summary: "SUSE Bug 1102517 for CVE-2018-15572", url: "https://bugzilla.suse.com/1102517", }, { category: "external", summary: "SUSE Bug 1105296 for CVE-2018-15572", url: "https://bugzilla.suse.com/1105296", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE Linux Enterprise Module for Public Cloud 15:kernel-azure-4.12.14-5.16.1.x86_64", "SUSE Linux Enterprise Module for Public Cloud 15:kernel-azure-base-4.12.14-5.16.1.x86_64", "SUSE Linux Enterprise Module for Public Cloud 15:kernel-azure-devel-4.12.14-5.16.1.x86_64", "SUSE Linux Enterprise Module for Public Cloud 15:kernel-devel-azure-4.12.14-5.16.1.noarch", "SUSE Linux Enterprise Module for Public Cloud 15:kernel-source-azure-4.12.14-5.16.1.noarch", "SUSE Linux Enterprise Module for Public Cloud 15:kernel-syms-azure-4.12.14-5.16.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 4.7, baseSeverity: "MEDIUM", vectorString: "CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N", version: "3.0", }, products: [ "SUSE Linux Enterprise Module for Public Cloud 15:kernel-azure-4.12.14-5.16.1.x86_64", "SUSE Linux Enterprise Module for Public Cloud 15:kernel-azure-base-4.12.14-5.16.1.x86_64", "SUSE Linux Enterprise Module for Public Cloud 15:kernel-azure-devel-4.12.14-5.16.1.x86_64", "SUSE Linux Enterprise Module for Public Cloud 15:kernel-devel-azure-4.12.14-5.16.1.noarch", "SUSE Linux Enterprise Module for Public Cloud 15:kernel-source-azure-4.12.14-5.16.1.noarch", "SUSE Linux Enterprise Module for Public Cloud 15:kernel-syms-azure-4.12.14-5.16.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2018-11-30T16:43:13Z", details: "important", }, ], title: "CVE-2018-15572", }, { cve: "CVE-2018-16658", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2018-16658", }, ], notes: [ { category: "general", text: "An issue was discovered in the Linux kernel before 4.18.6. An information leak in cdrom_ioctl_drive_status in drivers/cdrom/cdrom.c could be used by local attackers to read kernel memory because a cast from unsigned long to int interferes with bounds checking. This is similar to CVE-2018-10940.", title: "CVE description", }, ], product_status: { recommended: [ "SUSE Linux Enterprise Module for Public Cloud 15:kernel-azure-4.12.14-5.16.1.x86_64", "SUSE Linux Enterprise Module for Public Cloud 15:kernel-azure-base-4.12.14-5.16.1.x86_64", "SUSE Linux Enterprise Module for Public Cloud 15:kernel-azure-devel-4.12.14-5.16.1.x86_64", "SUSE Linux Enterprise Module for Public Cloud 15:kernel-devel-azure-4.12.14-5.16.1.noarch", "SUSE Linux Enterprise Module for Public Cloud 15:kernel-source-azure-4.12.14-5.16.1.noarch", "SUSE Linux Enterprise Module for Public Cloud 15:kernel-syms-azure-4.12.14-5.16.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2018-16658", url: "https://www.suse.com/security/cve/CVE-2018-16658", }, { category: "external", summary: "SUSE Bug 1092903 for CVE-2018-16658", url: "https://bugzilla.suse.com/1092903", }, { category: "external", summary: "SUSE Bug 1107689 for CVE-2018-16658", url: "https://bugzilla.suse.com/1107689", }, { category: "external", summary: "SUSE Bug 1113751 for CVE-2018-16658", url: "https://bugzilla.suse.com/1113751", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE Linux Enterprise Module for Public Cloud 15:kernel-azure-4.12.14-5.16.1.x86_64", "SUSE Linux Enterprise Module for Public Cloud 15:kernel-azure-base-4.12.14-5.16.1.x86_64", "SUSE Linux Enterprise Module for Public Cloud 15:kernel-azure-devel-4.12.14-5.16.1.x86_64", "SUSE Linux Enterprise Module for Public Cloud 15:kernel-devel-azure-4.12.14-5.16.1.noarch", "SUSE Linux Enterprise Module for Public Cloud 15:kernel-source-azure-4.12.14-5.16.1.noarch", "SUSE Linux Enterprise Module for Public Cloud 15:kernel-syms-azure-4.12.14-5.16.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 4, baseSeverity: "MEDIUM", vectorString: "CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N", version: "3.0", }, products: [ "SUSE Linux Enterprise Module for Public Cloud 15:kernel-azure-4.12.14-5.16.1.x86_64", "SUSE Linux Enterprise Module for Public Cloud 15:kernel-azure-base-4.12.14-5.16.1.x86_64", "SUSE Linux Enterprise Module for Public Cloud 15:kernel-azure-devel-4.12.14-5.16.1.x86_64", "SUSE Linux Enterprise Module for Public Cloud 15:kernel-devel-azure-4.12.14-5.16.1.noarch", "SUSE Linux Enterprise Module for Public Cloud 15:kernel-source-azure-4.12.14-5.16.1.noarch", "SUSE Linux Enterprise Module for Public Cloud 15:kernel-syms-azure-4.12.14-5.16.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2018-11-30T16:43:13Z", details: "low", }, ], title: "CVE-2018-16658", }, { cve: "CVE-2018-17182", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2018-17182", }, ], notes: [ { category: "general", text: "An issue was discovered in the Linux kernel through 4.18.8. The vmacache_flush_all function in mm/vmacache.c mishandles sequence number overflows. An attacker can trigger a use-after-free (and possibly gain privileges) via certain thread creation, map, unmap, invalidation, and dereference operations.", title: "CVE description", }, ], product_status: { recommended: [ "SUSE Linux Enterprise Module for Public Cloud 15:kernel-azure-4.12.14-5.16.1.x86_64", "SUSE Linux Enterprise Module for Public Cloud 15:kernel-azure-base-4.12.14-5.16.1.x86_64", "SUSE Linux Enterprise Module for Public Cloud 15:kernel-azure-devel-4.12.14-5.16.1.x86_64", "SUSE Linux Enterprise Module for Public Cloud 15:kernel-devel-azure-4.12.14-5.16.1.noarch", "SUSE Linux Enterprise Module for Public Cloud 15:kernel-source-azure-4.12.14-5.16.1.noarch", "SUSE Linux Enterprise Module for Public Cloud 15:kernel-syms-azure-4.12.14-5.16.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2018-17182", url: "https://www.suse.com/security/cve/CVE-2018-17182", }, { category: "external", summary: "SUSE Bug 1108399 for CVE-2018-17182", url: "https://bugzilla.suse.com/1108399", }, { category: "external", summary: "SUSE Bug 1110233 for CVE-2018-17182", url: "https://bugzilla.suse.com/1110233", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE Linux Enterprise Module for Public Cloud 15:kernel-azure-4.12.14-5.16.1.x86_64", "SUSE Linux Enterprise Module for Public Cloud 15:kernel-azure-base-4.12.14-5.16.1.x86_64", "SUSE Linux Enterprise Module for Public Cloud 15:kernel-azure-devel-4.12.14-5.16.1.x86_64", "SUSE Linux Enterprise Module for Public Cloud 15:kernel-devel-azure-4.12.14-5.16.1.noarch", "SUSE Linux Enterprise Module for Public Cloud 15:kernel-source-azure-4.12.14-5.16.1.noarch", "SUSE Linux Enterprise Module for Public Cloud 15:kernel-syms-azure-4.12.14-5.16.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 7, baseSeverity: "HIGH", vectorString: "CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H", version: "3.0", }, products: [ "SUSE Linux Enterprise Module for Public Cloud 15:kernel-azure-4.12.14-5.16.1.x86_64", "SUSE Linux Enterprise Module for Public Cloud 15:kernel-azure-base-4.12.14-5.16.1.x86_64", "SUSE Linux Enterprise Module for Public Cloud 15:kernel-azure-devel-4.12.14-5.16.1.x86_64", "SUSE Linux Enterprise Module for Public Cloud 15:kernel-devel-azure-4.12.14-5.16.1.noarch", "SUSE Linux Enterprise Module for Public Cloud 15:kernel-source-azure-4.12.14-5.16.1.noarch", "SUSE Linux Enterprise Module for Public Cloud 15:kernel-syms-azure-4.12.14-5.16.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2018-11-30T16:43:13Z", details: "moderate", }, ], title: "CVE-2018-17182", }, { cve: "CVE-2018-18386", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2018-18386", }, ], notes: [ { category: "general", text: "drivers/tty/n_tty.c in the Linux kernel before 4.14.11 allows local attackers (who are able to access pseudo terminals) to hang/block further usage of any pseudo terminal devices due to an EXTPROC versus ICANON confusion in TIOCINQ.", title: "CVE description", }, ], product_status: { recommended: [ "SUSE Linux Enterprise Module for Public Cloud 15:kernel-azure-4.12.14-5.16.1.x86_64", "SUSE Linux Enterprise Module for Public Cloud 15:kernel-azure-base-4.12.14-5.16.1.x86_64", "SUSE Linux Enterprise Module for Public Cloud 15:kernel-azure-devel-4.12.14-5.16.1.x86_64", "SUSE Linux Enterprise Module for Public Cloud 15:kernel-devel-azure-4.12.14-5.16.1.noarch", "SUSE Linux Enterprise Module for Public Cloud 15:kernel-source-azure-4.12.14-5.16.1.noarch", "SUSE Linux Enterprise Module for Public Cloud 15:kernel-syms-azure-4.12.14-5.16.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2018-18386", url: "https://www.suse.com/security/cve/CVE-2018-18386", }, { category: "external", summary: "SUSE Bug 1094825 for CVE-2018-18386", url: "https://bugzilla.suse.com/1094825", }, { category: "external", summary: "SUSE Bug 1112039 for CVE-2018-18386", url: "https://bugzilla.suse.com/1112039", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE Linux Enterprise Module for Public Cloud 15:kernel-azure-4.12.14-5.16.1.x86_64", "SUSE Linux Enterprise Module for Public Cloud 15:kernel-azure-base-4.12.14-5.16.1.x86_64", "SUSE Linux Enterprise Module for Public Cloud 15:kernel-azure-devel-4.12.14-5.16.1.x86_64", "SUSE Linux Enterprise Module for Public Cloud 15:kernel-devel-azure-4.12.14-5.16.1.noarch", "SUSE Linux Enterprise Module for Public Cloud 15:kernel-source-azure-4.12.14-5.16.1.noarch", "SUSE Linux Enterprise Module for Public Cloud 15:kernel-syms-azure-4.12.14-5.16.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 6.2, baseSeverity: "MEDIUM", vectorString: "CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", version: "3.0", }, products: [ "SUSE Linux Enterprise Module for Public Cloud 15:kernel-azure-4.12.14-5.16.1.x86_64", "SUSE Linux Enterprise Module for Public Cloud 15:kernel-azure-base-4.12.14-5.16.1.x86_64", "SUSE Linux Enterprise Module for Public Cloud 15:kernel-azure-devel-4.12.14-5.16.1.x86_64", "SUSE Linux Enterprise Module for Public Cloud 15:kernel-devel-azure-4.12.14-5.16.1.noarch", "SUSE Linux Enterprise Module for Public Cloud 15:kernel-source-azure-4.12.14-5.16.1.noarch", "SUSE Linux Enterprise Module for Public Cloud 15:kernel-syms-azure-4.12.14-5.16.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2018-11-30T16:43:13Z", details: "moderate", }, ], title: "CVE-2018-18386", }, { cve: "CVE-2018-18445", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2018-18445", }, ], notes: [ { category: "general", text: "In the Linux kernel 4.14.x, 4.15.x, 4.16.x, 4.17.x, and 4.18.x before 4.18.13, faulty computation of numeric bounds in the BPF verifier permits out-of-bounds memory accesses because adjust_scalar_min_max_vals in kernel/bpf/verifier.c mishandles 32-bit right shifts.", title: "CVE description", }, ], product_status: { recommended: [ "SUSE Linux Enterprise Module for Public Cloud 15:kernel-azure-4.12.14-5.16.1.x86_64", "SUSE Linux Enterprise Module for Public Cloud 15:kernel-azure-base-4.12.14-5.16.1.x86_64", "SUSE Linux Enterprise Module for Public Cloud 15:kernel-azure-devel-4.12.14-5.16.1.x86_64", "SUSE Linux Enterprise Module for Public Cloud 15:kernel-devel-azure-4.12.14-5.16.1.noarch", "SUSE Linux Enterprise Module for Public Cloud 15:kernel-source-azure-4.12.14-5.16.1.noarch", "SUSE Linux Enterprise Module for Public Cloud 15:kernel-syms-azure-4.12.14-5.16.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2018-18445", url: "https://www.suse.com/security/cve/CVE-2018-18445", }, { category: "external", summary: "SUSE Bug 1112372 for CVE-2018-18445", url: "https://bugzilla.suse.com/1112372", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE Linux Enterprise Module for Public Cloud 15:kernel-azure-4.12.14-5.16.1.x86_64", "SUSE Linux Enterprise Module for Public Cloud 15:kernel-azure-base-4.12.14-5.16.1.x86_64", "SUSE Linux Enterprise Module for Public Cloud 15:kernel-azure-devel-4.12.14-5.16.1.x86_64", "SUSE Linux Enterprise Module for Public Cloud 15:kernel-devel-azure-4.12.14-5.16.1.noarch", "SUSE Linux Enterprise Module for Public Cloud 15:kernel-source-azure-4.12.14-5.16.1.noarch", "SUSE Linux Enterprise Module for Public Cloud 15:kernel-syms-azure-4.12.14-5.16.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 3.3, baseSeverity: "LOW", vectorString: "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N", version: "3.0", }, products: [ "SUSE Linux Enterprise Module for Public Cloud 15:kernel-azure-4.12.14-5.16.1.x86_64", "SUSE Linux Enterprise Module for Public Cloud 15:kernel-azure-base-4.12.14-5.16.1.x86_64", "SUSE Linux Enterprise Module for Public Cloud 15:kernel-azure-devel-4.12.14-5.16.1.x86_64", "SUSE Linux Enterprise Module for Public Cloud 15:kernel-devel-azure-4.12.14-5.16.1.noarch", "SUSE Linux Enterprise Module for Public Cloud 15:kernel-source-azure-4.12.14-5.16.1.noarch", "SUSE Linux Enterprise Module for Public Cloud 15:kernel-syms-azure-4.12.14-5.16.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2018-11-30T16:43:13Z", details: "low", }, ], title: "CVE-2018-18445", }, { cve: "CVE-2018-18710", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2018-18710", }, ], notes: [ { category: "general", text: "An issue was discovered in the Linux kernel through 4.19. An information leak in cdrom_ioctl_select_disc in drivers/cdrom/cdrom.c could be used by local attackers to read kernel memory because a cast from unsigned long to int interferes with bounds checking. This is similar to CVE-2018-10940 and CVE-2018-16658.", title: "CVE description", }, ], product_status: { recommended: [ "SUSE Linux Enterprise Module for Public Cloud 15:kernel-azure-4.12.14-5.16.1.x86_64", "SUSE Linux Enterprise Module for Public Cloud 15:kernel-azure-base-4.12.14-5.16.1.x86_64", "SUSE Linux Enterprise Module for Public Cloud 15:kernel-azure-devel-4.12.14-5.16.1.x86_64", "SUSE Linux Enterprise Module for Public Cloud 15:kernel-devel-azure-4.12.14-5.16.1.noarch", "SUSE Linux Enterprise Module for Public Cloud 15:kernel-source-azure-4.12.14-5.16.1.noarch", "SUSE Linux Enterprise Module for Public Cloud 15:kernel-syms-azure-4.12.14-5.16.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2018-18710", url: "https://www.suse.com/security/cve/CVE-2018-18710", }, { category: "external", summary: "SUSE Bug 1113751 for CVE-2018-18710", url: "https://bugzilla.suse.com/1113751", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE Linux Enterprise Module for Public Cloud 15:kernel-azure-4.12.14-5.16.1.x86_64", "SUSE Linux Enterprise Module for Public Cloud 15:kernel-azure-base-4.12.14-5.16.1.x86_64", "SUSE Linux Enterprise Module for Public Cloud 15:kernel-azure-devel-4.12.14-5.16.1.x86_64", "SUSE Linux Enterprise Module for Public Cloud 15:kernel-devel-azure-4.12.14-5.16.1.noarch", "SUSE Linux Enterprise Module for Public Cloud 15:kernel-source-azure-4.12.14-5.16.1.noarch", "SUSE Linux Enterprise Module for Public Cloud 15:kernel-syms-azure-4.12.14-5.16.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 5.5, baseSeverity: "MEDIUM", vectorString: "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N", version: "3.0", }, products: [ "SUSE Linux Enterprise Module for Public Cloud 15:kernel-azure-4.12.14-5.16.1.x86_64", "SUSE Linux Enterprise Module for Public Cloud 15:kernel-azure-base-4.12.14-5.16.1.x86_64", "SUSE Linux Enterprise Module for Public Cloud 15:kernel-azure-devel-4.12.14-5.16.1.x86_64", "SUSE Linux Enterprise Module for Public Cloud 15:kernel-devel-azure-4.12.14-5.16.1.noarch", "SUSE Linux Enterprise Module for Public Cloud 15:kernel-source-azure-4.12.14-5.16.1.noarch", "SUSE Linux Enterprise Module for Public Cloud 15:kernel-syms-azure-4.12.14-5.16.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2018-11-30T16:43:13Z", details: "moderate", }, ], title: "CVE-2018-18710", }, { cve: "CVE-2018-6554", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2018-6554", }, ], notes: [ { category: "general", text: "Memory leak in the irda_bind function in net/irda/af_irda.c and later in drivers/staging/irda/net/af_irda.c in the Linux kernel before 4.17 allows local users to cause a denial of service (memory consumption) by repeatedly binding an AF_IRDA socket.", title: "CVE description", }, ], product_status: { recommended: [ "SUSE Linux Enterprise Module for Public Cloud 15:kernel-azure-4.12.14-5.16.1.x86_64", "SUSE Linux Enterprise Module for Public Cloud 15:kernel-azure-base-4.12.14-5.16.1.x86_64", "SUSE Linux Enterprise Module for Public Cloud 15:kernel-azure-devel-4.12.14-5.16.1.x86_64", "SUSE Linux Enterprise Module for Public Cloud 15:kernel-devel-azure-4.12.14-5.16.1.noarch", "SUSE Linux Enterprise Module for Public Cloud 15:kernel-source-azure-4.12.14-5.16.1.noarch", "SUSE Linux Enterprise Module for Public Cloud 15:kernel-syms-azure-4.12.14-5.16.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2018-6554", url: "https://www.suse.com/security/cve/CVE-2018-6554", }, { category: "external", summary: "SUSE Bug 1106509 for CVE-2018-6554", url: "https://bugzilla.suse.com/1106509", }, { category: "external", summary: "SUSE Bug 1106511 for CVE-2018-6554", url: "https://bugzilla.suse.com/1106511", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE Linux Enterprise Module for Public Cloud 15:kernel-azure-4.12.14-5.16.1.x86_64", "SUSE Linux Enterprise Module for Public Cloud 15:kernel-azure-base-4.12.14-5.16.1.x86_64", "SUSE Linux Enterprise Module for Public Cloud 15:kernel-azure-devel-4.12.14-5.16.1.x86_64", "SUSE Linux Enterprise Module for Public Cloud 15:kernel-devel-azure-4.12.14-5.16.1.noarch", "SUSE Linux Enterprise Module for Public Cloud 15:kernel-source-azure-4.12.14-5.16.1.noarch", "SUSE Linux Enterprise Module for Public Cloud 15:kernel-syms-azure-4.12.14-5.16.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 3.3, baseSeverity: "LOW", vectorString: "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L", version: "3.0", }, products: [ "SUSE Linux Enterprise Module for Public Cloud 15:kernel-azure-4.12.14-5.16.1.x86_64", "SUSE Linux Enterprise Module for Public Cloud 15:kernel-azure-base-4.12.14-5.16.1.x86_64", "SUSE Linux Enterprise Module for Public Cloud 15:kernel-azure-devel-4.12.14-5.16.1.x86_64", "SUSE Linux Enterprise Module for Public Cloud 15:kernel-devel-azure-4.12.14-5.16.1.noarch", "SUSE Linux Enterprise Module for Public Cloud 15:kernel-source-azure-4.12.14-5.16.1.noarch", "SUSE Linux Enterprise Module for Public Cloud 15:kernel-syms-azure-4.12.14-5.16.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2018-11-30T16:43:13Z", details: "low", }, ], title: "CVE-2018-6554", }, { cve: "CVE-2018-6555", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2018-6555", }, ], notes: [ { category: "general", text: "The irda_setsockopt function in net/irda/af_irda.c and later in drivers/staging/irda/net/af_irda.c in the Linux kernel before 4.17 allows local users to cause a denial of service (ias_object use-after-free and system crash) or possibly have unspecified other impact via an AF_IRDA socket.", title: "CVE description", }, ], product_status: { recommended: [ "SUSE Linux Enterprise Module for Public Cloud 15:kernel-azure-4.12.14-5.16.1.x86_64", "SUSE Linux Enterprise Module for Public Cloud 15:kernel-azure-base-4.12.14-5.16.1.x86_64", "SUSE Linux Enterprise Module for Public Cloud 15:kernel-azure-devel-4.12.14-5.16.1.x86_64", "SUSE Linux Enterprise Module for Public Cloud 15:kernel-devel-azure-4.12.14-5.16.1.noarch", "SUSE Linux Enterprise Module for Public Cloud 15:kernel-source-azure-4.12.14-5.16.1.noarch", "SUSE Linux Enterprise Module for Public Cloud 15:kernel-syms-azure-4.12.14-5.16.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2018-6555", url: "https://www.suse.com/security/cve/CVE-2018-6555", }, { category: "external", summary: "SUSE Bug 1106509 for CVE-2018-6555", url: "https://bugzilla.suse.com/1106509", }, { category: "external", summary: "SUSE Bug 1106511 for CVE-2018-6555", url: "https://bugzilla.suse.com/1106511", }, { category: "external", summary: "SUSE Bug 1115893 for CVE-2018-6555", url: "https://bugzilla.suse.com/1115893", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE Linux Enterprise Module for Public Cloud 15:kernel-azure-4.12.14-5.16.1.x86_64", "SUSE Linux Enterprise Module for Public Cloud 15:kernel-azure-base-4.12.14-5.16.1.x86_64", "SUSE Linux Enterprise Module for Public Cloud 15:kernel-azure-devel-4.12.14-5.16.1.x86_64", "SUSE Linux Enterprise Module for Public Cloud 15:kernel-devel-azure-4.12.14-5.16.1.noarch", "SUSE Linux Enterprise Module for Public Cloud 15:kernel-source-azure-4.12.14-5.16.1.noarch", "SUSE Linux Enterprise Module for Public Cloud 15:kernel-syms-azure-4.12.14-5.16.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 4.4, baseSeverity: "MEDIUM", vectorString: "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:L", version: "3.0", }, products: [ "SUSE Linux Enterprise Module for Public Cloud 15:kernel-azure-4.12.14-5.16.1.x86_64", "SUSE Linux Enterprise Module for Public Cloud 15:kernel-azure-base-4.12.14-5.16.1.x86_64", "SUSE Linux Enterprise Module for Public Cloud 15:kernel-azure-devel-4.12.14-5.16.1.x86_64", "SUSE Linux Enterprise Module for Public Cloud 15:kernel-devel-azure-4.12.14-5.16.1.noarch", "SUSE Linux Enterprise Module for Public Cloud 15:kernel-source-azure-4.12.14-5.16.1.noarch", "SUSE Linux Enterprise Module for Public Cloud 15:kernel-syms-azure-4.12.14-5.16.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2018-11-30T16:43:13Z", details: "moderate", }, ], title: "CVE-2018-6555", }, { cve: "CVE-2018-9363", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2018-9363", }, ], notes: [ { category: "general", text: "In the hidp_process_report in bluetooth, there is an integer overflow. This could lead to an out of bounds write with no additional execution privileges needed. User interaction is not needed for exploitation. Product: Android Versions: Android kernel Android ID: A-65853588 References: Upstream kernel.", title: "CVE description", }, ], product_status: { recommended: [ "SUSE Linux Enterprise Module for Public Cloud 15:kernel-azure-4.12.14-5.16.1.x86_64", "SUSE Linux Enterprise Module for Public Cloud 15:kernel-azure-base-4.12.14-5.16.1.x86_64", "SUSE Linux Enterprise Module for Public Cloud 15:kernel-azure-devel-4.12.14-5.16.1.x86_64", "SUSE Linux Enterprise Module for Public Cloud 15:kernel-devel-azure-4.12.14-5.16.1.noarch", "SUSE Linux Enterprise Module for Public Cloud 15:kernel-source-azure-4.12.14-5.16.1.noarch", "SUSE Linux Enterprise Module for Public Cloud 15:kernel-syms-azure-4.12.14-5.16.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2018-9363", url: "https://www.suse.com/security/cve/CVE-2018-9363", }, { category: "external", summary: "SUSE Bug 1087082 for CVE-2018-9363", url: "https://bugzilla.suse.com/1087082", }, { category: "external", summary: "SUSE Bug 1105292 for CVE-2018-9363", url: "https://bugzilla.suse.com/1105292", }, { category: "external", summary: "SUSE Bug 1105293 for CVE-2018-9363", url: "https://bugzilla.suse.com/1105293", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE Linux Enterprise Module for Public Cloud 15:kernel-azure-4.12.14-5.16.1.x86_64", "SUSE Linux Enterprise Module for Public Cloud 15:kernel-azure-base-4.12.14-5.16.1.x86_64", "SUSE Linux Enterprise Module for Public Cloud 15:kernel-azure-devel-4.12.14-5.16.1.x86_64", "SUSE Linux Enterprise Module for Public Cloud 15:kernel-devel-azure-4.12.14-5.16.1.noarch", "SUSE Linux Enterprise Module for Public Cloud 15:kernel-source-azure-4.12.14-5.16.1.noarch", "SUSE Linux Enterprise Module for Public Cloud 15:kernel-syms-azure-4.12.14-5.16.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 8, baseSeverity: "HIGH", vectorString: "CVSS:3.0/AV:A/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H", version: "3.0", }, products: [ "SUSE Linux Enterprise Module for Public Cloud 15:kernel-azure-4.12.14-5.16.1.x86_64", "SUSE Linux Enterprise Module for Public Cloud 15:kernel-azure-base-4.12.14-5.16.1.x86_64", "SUSE Linux Enterprise Module for Public Cloud 15:kernel-azure-devel-4.12.14-5.16.1.x86_64", "SUSE Linux Enterprise Module for Public Cloud 15:kernel-devel-azure-4.12.14-5.16.1.noarch", "SUSE Linux Enterprise Module for Public Cloud 15:kernel-source-azure-4.12.14-5.16.1.noarch", "SUSE Linux Enterprise Module for Public Cloud 15:kernel-syms-azure-4.12.14-5.16.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2018-11-30T16:43:13Z", details: "important", }, ], title: "CVE-2018-9363", }, ], }
suse-su-2018:2776-1
Vulnerability from csaf_suse
Published
2018-09-20 16:27
Modified
2018-09-20 16:27
Summary
Security update for the Linux Kernel
Notes
Title of the patch
Security update for the Linux Kernel
Description of the patch
The SUSE Linux Enterprise 12 SP3 kernel was updated to 4.4.155 to receive various security and bugfixes.
The following security bugs were fixed:
- CVE-2018-13093: Prevent NULL pointer dereference and panic in lookup_slow()
on a NULL inode->i_ops pointer when doing pathwalks on a corrupted xfs image.
This occured because of a lack of proper validation that cached inodes are free
during allocation (bnc#1100001).
- CVE-2018-13095: Prevent denial of service (memory corruption and BUG) that
could have occurred for a corrupted xfs image upon encountering an inode that
is in extent format, but has more extents than fit in the inode fork
(bnc#1099999).
- CVE-2018-13094: Prevent OOPS that may have occured for a corrupted xfs image
after xfs_da_shrink_inode() is called with a NULL bp (bnc#1100000).
- CVE-2018-12896: Prevent integer overflow in the POSIX timer code that was
caused by the way the overrun accounting works. Depending on interval and
expiry time values, the overrun can be larger than INT_MAX, but the accounting
is int based. This basically made the accounting values, which are visible to
user space via timer_getoverrun(2) and siginfo::si_overrun, random. This
allowed a local user to cause a denial of service (signed integer overflow) via
crafted mmap, futex, timer_create, and timer_settime system calls
(bnc#1099922).
- CVE-2018-16658: Prevent information leak in cdrom_ioctl_drive_status that
could have been used by local attackers to read kernel memory (bnc#1107689).
- CVE-2018-6555: The irda_setsockopt function allowed local users to cause a
denial of service (ias_object use-after-free and system crash) or possibly have
unspecified other impact via an AF_IRDA socket (bnc#1106511).
- CVE-2018-6554: Prevent memory leak in the irda_bind function that allowed
local users to cause a denial of service (memory consumption) by repeatedly
binding an AF_IRDA socket (bnc#1106509).
- CVE-2018-1129: A flaw was found in the way signature calculation was handled
by cephx authentication protocol. An attacker having access to ceph cluster
network who is able to alter the message payload was able to bypass signature
checks done by cephx protocol (bnc#1096748).
- CVE-2018-1128: It was found that cephx authentication protocol did not verify
ceph clients correctly and was vulnerable to replay attack. Any attacker having
access to ceph cluster network who is able to sniff packets on network can use
this vulnerability to authenticate with ceph service and perform actions
allowed by ceph service (bnc#1096748).
- CVE-2018-10938: A crafted network packet sent remotely by an attacker forced
the kernel to enter an infinite loop in the cipso_v4_optptr() function leading
to a denial-of-service (bnc#1106016).
- CVE-2018-15572: The spectre_v2_select_mitigation function did not always fill
RSB upon a context switch, which made it easier for attackers to conduct
userspace-userspace spectreRSB attacks (bnc#1102517).
- CVE-2018-10902: Protect against concurrent access to prevent double realloc
(double free) in snd_rawmidi_input_params() and snd_rawmidi_output_status(). A
malicious local attacker could have used this for privilege escalation
(bnc#1105322 1105323).
- CVE-2018-9363: Prevent buffer overflow in hidp_process_report (bsc#1105292)
- CVE-2018-10883: A local user could have caused an out-of-bounds write in
jbd2_journal_dirty_metadata(), a denial of service, and a system crash by
mounting and operating on a crafted ext4 filesystem image (bsc#1099863).
- CVE-2018-10879: A local user could have caused a use-after-free in
ext4_xattr_set_entry function and a denial of service or unspecified other
impact by renaming a file in a crafted ext4 filesystem image (bsc#1099844).
- CVE-2018-10878: A local user could have caused an out-of-bounds write and a
denial of service or unspecified other impact by mounting and operating a
crafted ext4 filesystem image (bsc#1099813).
- CVE-2018-10876: A use-after-free was possible in ext4_ext_remove_space()
function when mounting and operating a crafted ext4 image (bsc#1099811).
- CVE-2018-10877: Prevent out-of-bound access in the ext4_ext_drop_refs()
function when operating on a crafted ext4 filesystem image (bsc#1099846).
- CVE-2018-10881: A local user could have caused an out-of-bound access in
ext4_get_group_info function, a denial of service, and a system crash by
mounting and operating on a crafted ext4 filesystem image (bsc#1099864).
- CVE-2018-10882: A local user could have caused an out-of-bound write, a
denial of service, and a system crash by unmounting a crafted ext4 filesystem
image (bsc#1099849).
- CVE-2018-10880: Prevent stack-out-of-bounds write in the ext4 filesystem code
when mounting and writing to a crafted ext4 image in ext4_update_inline_data().
An attacker could have used this to cause a system crash and a denial of
service (bsc#1099845).
The following non-security bugs were fixed:
- 9p/net: Fix zero-copy path in the 9p virtio transport (bnc#1012382).
- 9p/virtio: fix off-by-one error in sg list bounds check (bnc#1012382).
- 9p: fix multiple NULL-pointer-dereferences (bnc#1012382).
- ACPI / LPSS: Add missing prv_offset setting for byt/cht PWM devices (bnc#1012382).
- ACPI / PCI: Bail early in acpi_pci_add_bus() if there is no ACPI handle (bnc#1012382).
- ACPI / PM: save NVS memory for ASUS 1025C laptop (bnc#1012382).
- ACPI: save NVS memory for Lenovo G50-45 (bnc#1012382).
- ALSA: cs5535audio: Fix invalid endian conversion (bnc#1012382).
- ALSA: emu10k1: Rate-limit error messages about page errors (bnc#1012382).
- ALSA: emu10k1: add error handling for snd_ctl_add (bnc#1012382).
- ALSA: fm801: add error handling for snd_ctl_add (bnc#1012382).
- ALSA: hda - Sleep for 10ms after entering D3 on Conexant codecs (bnc#1012382).
- ALSA: hda - Turn CX8200 into D3 as well upon reboot (bnc#1012382).
- ALSA: hda/ca0132: fix build failure when a local macro is defined (bnc#1012382).
- ALSA: hda: Correct Asrock B85M-ITX power_save blacklist entry (bnc#1012382).
- ALSA: memalloc: Do not exceed over the requested size (bnc#1012382).
- ALSA: rawmidi: Change resized buffers atomically (bnc#1012382).
- ALSA: snd-aoa: add of_node_put() in error path (bsc#1099810).
- ALSA: usb-audio: Apply rate limit to warning messages in URB complete callback (bnc#1012382).
- ALSA: virmidi: Fix too long output trigger loop (bnc#1012382).
- ALSA: vx222: Fix invalid endian conversions (bnc#1012382).
- ALSA: vxpocket: Fix invalid endian conversions (bnc#1012382).
- ARC: Enable machine_desc->init_per_cpu for !CONFIG_SMP (bnc#1012382).
- ARC: Explicitly add -mmedium-calls to CFLAGS (bnc#1012382).
- ARC: Fix CONFIG_SWAP (bnc#1012382).
- ARC: mm: allow mprotect to make stack mappings executable (bnc#1012382).
- ARM: 8780/1: ftrace: Only set kernel memory back to read-only after boot (bnc#1012382).
- ARM: dts: Cygnus: Fix I2C controller interrupt type (bnc#1012382).
- ARM: dts: am3517.dtsi: Disable reference to OMAP3 OTG controller (bnc#1012382).
- ARM: dts: am437x: make edt-ft5x06 a wakeup source (bnc#1012382).
- ARM: dts: da850: Fix interrups property for gpio (bnc#1012382).
- ARM: dts: imx6sx: fix irq for pcie bridge (bnc#1012382).
- ARM: fix put_user() for gcc-8 (bnc#1012382).
- ARM: imx_v4_v5_defconfig: Select ULPI support (bnc#1012382).
- ARM: imx_v6_v7_defconfig: Select ULPI support (bnc#1012382).
- ARM: pxa: irq: fix handling of ICMR registers in suspend/resume (bnc#1012382).
- ARM: tegra: Fix Tegra30 Cardhu PCA954x reset (bnc#1012382).
- ASoC: Intel: cht_bsw_max98090: remove useless code, align with ChromeOS driver.
- ASoC: Intel: cht_bsw_max98090_ti: Fix jack initialization (bnc#1012382).
- ASoC: dpcm: do not merge format from invalid codec dai (bnc#1012382).
- ASoC: dpcm: fix BE dai not hw_free and shutdown (bnc#1012382).
- ASoC: pxa: Fix module autoload for platform drivers (bnc#1012382).
- ASoC: sirf: Fix potential NULL pointer dereference (bnc#1012382).
- Add reference to bsc#1091171 (bnc#1012382; bsc#1091171).
- Bluetooth: avoid killing an already killed socket (bnc#1012382).
- Bluetooth: btusb: Add a new Realtek 8723DE ID 2ff8:b011 (bnc#1012382).
- Bluetooth: btusb: Remove Yoga 920 from the btusb_needs_reset_resume_table (bsc#1087092).
- Bluetooth: btusb: Use DMI matching for QCA reset_resume quirking (bsc#1087092).
- Bluetooth: hci_qca: Fix 'Sleep inside atomic section' warning (bnc#1012382).
- Documentation/spec_ctrl: Do some minor cleanups (bnc#1012382).
- HID: hid-plantronics: Re-resend Update to map button for PTT products (bnc#1012382).
- HID: i2c-hid: check if device is there before really probing (bnc#1012382).
- HID: wacom: Correct touch maximum XY of 2nd-gen Intuos (bnc#1012382).
- IB/core: Make testing MR flags for writability a static inline function (bnc#1012382).
- IB/core: Remove duplicate declaration of gid_cache_wq (bsc#1056596).
- IB/iser: Do not reduce max_sectors (bsc#1063646).
- IB/mlx4: Fix an error handling path in 'mlx4_ib_rereg_user_mr()'.
- IB/mlx4: Mark user MR as writable if actual virtual memory is writable (bnc#1012382).
- IB/mlx5: Fetch soft WQE's on fatal error state (bsc#1015342 bsc#1015343).
- IB/mlx5: Use 'kvfree()' for memory allocated by 'kvzalloc()' (bsc#1015342 bsc#1015343).
- IB/ocrdma: fix out of bounds access to local buffer (bnc#1012382).
- Input: elan_i2c - add ACPI ID for lenovo ideapad 330 (bnc#1012382).
- Input: elan_i2c - add another ACPI ID for Lenovo Ideapad 330-15AST (bnc#1012382).
- Input: i8042 - add Lenovo LaVie Z to the i8042 reset list (bnc#1012382).
- KVM/Eventfd: Avoid crash when assign and deassign specific eventfd in parallel (bnc#1012382).
- KVM: MMU: always terminate page walks at level 1 (bsc#1062604).
- KVM: MMU: simplify last_pte_bitmap (bsc#1062604).
- KVM: VMX: Work around kABI breakage in 'enum vmx_l1d_flush_state' (bsc#1106369).
- KVM: VMX: fixes for vmentry_l1d_flush module parameter (bsc#1106369).
- KVM: arm/arm64: Skip updating PMD entry if no change (bnc#1012382).
- KVM: arm/arm64: Skip updating PTE entry if no change (bnc#1012382).
- KVM: irqfd: fix race between EPOLLHUP and irq_bypass_register_consumer (bnc#1012382).
- KVM: nVMX: update last_nonleaf_level when initializing nested EPT (bsc#1062604).
- MIPS: Correct the 64-bit DSP accumulator register size (bnc#1012382).
- MIPS: Fix off-by-one in pci_resource_to_user() (bnc#1012382).
- MIPS: ath79: fix register address in ath79_ddr_wb_flush() (bnc#1012382).
- MIPS: lib: Provide MIPS64r6 __multi3() for GCC lower than < 7 (bnc#1012382).
- NET: stmmac: align DMA stuff to largest cache line length (bnc#1012382).
- PCI: Prevent sysfs disable of device while driver is attached (bnc#1012382).
- PCI: Skip MPS logic for Virtual Functions (VFs) (bnc#1012382).
- PCI: hotplug: Do not leak pci_slot on registration failure (bnc#1012382).
- PCI: pciehp: Fix use-after-free on unplug (bnc#1012382).
- PCI: pciehp: Request control of native hotplug only if supported (bnc#1012382).
- PM / sleep: wakeup: Fix build error caused by missing SRCU support (bnc#1012382).
- RDMA/i40iw: Avoid panic when objects are being created and destroyed (bsc#969476 bsc#969477).
- RDMA/i40iw: Avoid panic when reading back the IRQ affinity hint (bsc#969476 bsc#969477).
- RDMA/i40iw: Avoid reference leaks when processing the AEQ (bsc#969476 bsc#969477).
- RDMA/i40w: Hold read semaphore while looking after VMA (bsc#1024376).
- RDMA/mad: Convert BUG_ONs to error flows (bnc#1012382).
- RDMA/mlx5: Use proper spec flow label type (bsc#1015342 bsc#1015343).
- Revert 'MIPS: BCM47XX: Enable 74K Core ExternalSync for PCIe erratum' (bnc#1012382).
- Revert 'UBIFS: Fix potential integer overflow in allocation' (bnc#1012382).
- Revert 'f2fs: handle dirty segments inside refresh_sit_entry' (bsc#1106281).
- Revert 'mm: page_alloc: skip over regions of invalid pfns where possible' (bnc#1107078).
- Revert 'block-cancel-workqueue-entries-on-blk_mq_freeze_queue' (bsc#1103717).
- Smack: Mark inode instant in smack_task_to_inode (bnc#1012382).
- USB: musb: fix external abort on suspend (bsc#1085536).
- USB: option: add support for DW5821e (bnc#1012382).
- USB: serial: metro-usb: stop I/O after failed open (bsc#1085539).
- USB: serial: sierra: fix potential deadlock at close (bnc#1012382).
- Workaround kABI breakage by __must_check drop of strscpy() (bsc#1107319).
- afs: Fix directory permissions check (bsc#1106283).
- arc: fix build errors in arc/include/asm/delay.h (bnc#1012382).
- arc: fix type warnings in arc/mm/cache.c (bnc#1012382).
- arm64: make secondary_start_kernel() notrace (bnc#1012382).
- arm64: mm: check for upper PAGE_SHIFT bits in pfn_valid() (bnc#1012382).
- ath: Add regulatory mapping for APL13_WORLD (bnc#1012382).
- ath: Add regulatory mapping for APL2_FCCA (bnc#1012382).
- ath: Add regulatory mapping for Bahamas (bnc#1012382).
- ath: Add regulatory mapping for Bermuda (bnc#1012382).
- ath: Add regulatory mapping for ETSI8_WORLD (bnc#1012382).
- ath: Add regulatory mapping for FCC3_ETSIC (bnc#1012382).
- ath: Add regulatory mapping for Serbia (bnc#1012382).
- ath: Add regulatory mapping for Tanzania (bnc#1012382).
- ath: Add regulatory mapping for Uganda (bnc#1012382).
- atl1c: reserve min skb headroom (bnc#1012382).
- atm: Preserve value of skb->truesize when accounting to vcc (bsc#1089066).
- audit: allow not equal op for audit by executable (bnc#1012382).
- backlight: as3711_bl: Fix Device Tree node leaks (bsc#1106929).
- backlight: lm3630a: Bump REG_MAX value to 0x50 instead of 0x1F (bsc#1106929).
- bcache: avoid unncessary cache prefetch bch_btree_node_get() (bsc#1064232).
- bcache: calculate the number of incremental GC nodes according to the total of btree nodes (bsc#1064232).
- bcache: display rate debug parameters to 0 when writeback is not running (bsc#1064232).
- bcache: do not check return value of debugfs_create_dir() (bsc#1064232).
- bcache: finish incremental GC (bsc#1064232).
- bcache: fix I/O significant decline while backend devices registering (bsc#1064232).
- bcache: fix error setting writeback_rate through sysfs interface (bsc#1064232).
- bcache: free heap cache_set->flush_btree in bch_journal_free (bsc#1064232).
- bcache: make the pr_err statement used for ENOENT only in sysfs_attatch section (bsc#1064232).
- bcache: release dc->writeback_lock properly in bch_writeback_thread() (bsc#1064232).
- bcache: set max writeback rate when I/O request is idle (bsc#1064232).
- bcache: simplify the calculation of the total amount of flash dirty data (bsc#1064232).
- be2net: remove unused old custom busy-poll fields (bsc#1021121 ).
- blkdev: __blkdev_direct_IO_simple: fix leak in error case (bsc#1083663).
- block: bio_iov_iter_get_pages: fix size of last iovec (bsc#1083663).
- block: bio_iov_iter_get_pages: pin more pages for multi-segment IOs (bsc#1083663).
- block: do not use interruptible wait anywhere (bnc#1012382).
- bnx2x: Fix invalid memory access in rss hash config path (bnc#1012382).
- bnx2x: Fix receiving tx-timeout in error or recovery state (bnc#1012382).
- bnxt_en: Always set output parameters in bnxt_get_max_rings() (bsc#963575).
- bnxt_en: Fix for system hang if request_irq fails (bnc#1012382).
- bnxt_en: Fix inconsistent BNXT_FLAG_AGG_RINGS logic (bsc#1020412 ).
- bpf: fix references to free_bpf_prog_info() in comments (bnc#1012382).
- brcmfmac: Add support for bcm43364 wireless chipset (bnc#1012382).
- brcmfmac: stop watchdog before detach and free everything (bnc#1012382).
- bridge: Propagate vlan add failure to user (bnc#1012382).
- btrfs: Do not remove block group still has pinned down bytes (bsc#1086457).
- btrfs: add barriers to btrfs_sync_log before log_commit_wait wakeups (bnc#1012382).
- btrfs: do not leak ret from do_chunk_alloc (bnc#1012382).
- btrfs: qgroup: Finish rescan when hit the last leaf of extent tree (bnc#1012382).
- btrfs: quota: Set rescan progress to (u64)-1 if we hit last leaf.
- btrfs: round down size diff when shrinking/growing device (bsc#1097105).
- can: ems_usb: Fix memory leak on ems_usb_disconnect() (bnc#1012382).
- can: mpc5xxx_can: check of_iomap return before use (bnc#1012382).
- can: xilinx_can: fix RX loop if RXNEMP is asserted without RXOK (bnc#1012382).
- can: xilinx_can: fix RX overflow interrupt not being enabled (bnc#1012382).
- can: xilinx_can: fix device dropping off bus on RX overrun (bnc#1012382).
- can: xilinx_can: fix incorrect clear of non-processed interrupts (bnc#1012382).
- can: xilinx_can: fix recovery from error states not being propagated (bnc#1012382).
- can: xilinx_can: keep only 1-2 frames in TX FIFO to fix TX accounting (bnc#1012382).
- cdrom: Fix info leak/OOB read in cdrom_ioctl_drive_status (bnc#1012382).
- ceph: fix incorrect use of strncpy (bsc#1107319).
- ceph: return errors from posix_acl_equiv_mode() correctly (bsc#1107320).
- cifs: Fix stack out-of-bounds in smb{2,3}_create_lease_buf() (bsc#1012382).
- cifs: add missing debug entries for kconfig options (bnc#1012382).
- cifs: check kmalloc before use (bsc#1012382).
- cifs: store the leaseKey in the fid on SMB2_open (bsc#1012382).
- clk: tegra: Fix PLL_U post divider and initial rate on Tegra30 (bnc#1012382).
- crypto: ablkcipher - fix crash flushing dcache in error path (bnc#1012382).
- crypto: authenc - do not leak pointers to authenc keys (bnc#1012382).
- crypto: authencesn - do not leak pointers to authenc keys (bnc#1012382).
- crypto: blkcipher - fix crash flushing dcache in error path (bnc#1012382).
- crypto: padlock-aes - Fix Nano workaround data corruption (bnc#1012382).
- crypto: vmac - require a block cipher with 128-bit block size (bnc#1012382).
- crypto: vmac - separate tfm and request context (bnc#1012382).
- crypto: vmx - Fix sleep-in-atomic bugs (bsc#1048317).
- cxgb4: when disabling dcb set txq dcb priority to 0 (bnc#1012382).
- cxl: Fix wrong comparison in cxl_adapter_context_get() (bsc#1055014).
- dccp: fix undefined behavior with 'cwnd' shift in ccid2_cwnd_restart() (bnc#1012382).
- disable loading f2fs module on PAGE_SIZE > 4KB (bnc#1012382).
- dm cache metadata: save in-core policy_hint_size to on-disk superblock (bnc#1012382).
- dma-iommu: Fix compilation when !CONFIG_IOMMU_DMA (bnc#1012382).
- dmaengine: k3dma: Off by one in k3_of_dma_simple_xlate() (bnc#1012382).
- dmaengine: pxa_dma: remove duplicate const qualifier (bnc#1012382).
- driver core: Partially revert 'driver core: correct device's shutdown order' (bnc#1012382).
- drivers: net: lmc: fix case value for target abort error (bnc#1012382).
- drm/armada: fix colorkey mode property (bnc#1012382).
- drm/atmel-hlcdc: check stride values in the first plane (bsc#1106929).
- drm/atomic: Handling the case when setting old crtc for plane (bnc#1012382).
- drm/bridge: adv7511: Reset registers on hotplug (bnc#1012382).
- drm/cirrus: Use drm_framebuffer_put to avoid kernel oops in clean-up (bsc#1101822).
- drm/drivers: add support for using the arch wc mapping API.
- drm/exynos/dsi: mask frame-done interrupt (bsc#1106929).
- drm/exynos: decon5433: Fix WINCONx reset value (bnc#1012382).
- drm/exynos: decon5433: Fix per-plane global alpha for XRGB modes (bnc#1012382).
- drm/exynos: gsc: Fix support for NV16/61, YUV420/YVU420 and YUV422 modes (bnc#1012382).
- drm/gma500: fix psb_intel_lvds_mode_valid()'s return type (bnc#1012382).
- drm/i915/userptr: reject zero user_size (bsc#1090888).
- drm/i915: Correctly handle limited range YCbCr data on VLV/CHV (bsc#1087092).
- drm/imx: fix typo in ipu_plane_formats (bsc#1106929).
- drm/imx: imx-ldb: check if channel is enabled before printing warning (bnc#1012382).
- drm/imx: imx-ldb: disable LDB on driver bind (bnc#1012382).
- drm/msm/hdmi: Use bitwise operators when building register values (bsc#1106929).
- drm/nouveau/gem: off by one bugs in nouveau_gem_pushbuf_reloc_apply() (bnc#1012382).
- drm/panel: type promotion bug in s6e8aa0_read_mtp_id() (bsc#1105769).
- drm/radeon: fix mode_valid's return type (bnc#1012382).
- drm: Add DP PSR2 sink enable bit (bnc#1012382).
- drm: Reject getfb for multi-plane framebuffers (bsc#1106929).
- enic: do not call enic_change_mtu in enic_probe
- enic: handle mtu change for vf properly (bnc#1012382).
- enic: initialize enic->rfs_h.lock in enic_probe (bnc#1012382).
- esp6: fix memleak on error path in esp6_input
- ext4: check for NUL characters in extended attribute's name (bnc#1012382).
- ext4: check for allocation block validity with block group locked (bsc#1104495).
- ext4: do not update s_last_mounted of a frozen fs (bsc#1101841).
- ext4: factor out helper ext4_sample_last_mounted() (bsc#1101841).
- ext4: fix check to prevent initializing reserved inodes (bsc#1104319).
- ext4: fix false negatives *and* false positives in ext4_check_descriptors() (bsc#1103445).
- ext4: fix inline data updates with checksums enabled (bsc#1104494).
- ext4: fix spectre gadget in ext4_mb_regular_allocator() (bnc#1012382).
- ext4: reset error code in ext4_find_entry in fallback (bnc#1012382).
- ext4: sysfs: print ext4_super_block fields as little-endian (bsc#1106229).
- f2fs: fix to do not trigger writeback during recovery (bnc#1012382).
- fat: fix memory allocation failure handling of match_strdup() (bnc#1012382).
- fb: fix lost console when the user unplugs a USB adapter (bnc#1012382).
- fbdev: omapfb: off by one in omapfb_register_client() (bsc#1106929).
- fix __legitimize_mnt()/mntput() race (bnc#1012382).
- fix mntput/mntput race (bnc#1012382).
- fork: unconditionally clear stack on fork (bnc#1012382).
- fs/9p/xattr.c: catch the error of p9_client_clunk when setting xattr failed (bnc#1012382).
- fs/dax.c: fix inefficiency in dax_writeback_mapping_range() (bsc#1106185).
- fs/quota: Fix spectre gadget in do_quotactl (bnc#1012382).
- fs: aio: fix the increment of aio-nr and counting against aio-max-nr (bsc#1068075, bsc#1078921).
- fuse: Add missed unlock_page() to fuse_readpages_fill() (bnc#1012382).
- fuse: Do not access pipe->buffers without pipe_lock() (bnc#1012382).
- fuse: Fix oops at process_init_reply() (bnc#1012382).
- fuse: fix double request_end() (bnc#1012382).
- fuse: fix unlocked access to processing queue (bnc#1012382).
- fuse: umount should wait for all requests (bnc#1012382).
- genirq/proc: Return proper error code when irq_set_affinity() fails (bnc#1105392).
- getxattr: use correct xattr length (bnc#1012382).
- hfsplus: Do not clear SGID when inheriting ACLs (bsc#1030552).
- hvc_opal: do not set tb_ticks_per_usec in udbg_init_opal_common() (bnc#1012382).
- hwrng: exynos - Disable runtime PM on driver unbind.
- i2c: davinci: Avoid zero value of CLKH (bnc#1012382).
- i2c: imx: Fix race condition in dma read (bnc#1012382).
- i2c: imx: Fix reinit_completion() use (bnc#1012382).
- i2c: ismt: fix wrong device address when unmap the data buffer (bnc#1012382).
- i40e: use cpumask_copy instead of direct assignment (bsc#1053685).
- i40iw: Fix memory leak in error path of create QP (bsc#969476 bsc#969477).
- i40iw: Use correct address in dst_neigh_lookup for IPv6 (bsc#969476 bsc#969477).
- ibmvnic: Include missing return code checks in reset function (bnc#1107966).
- ieee802154: at86rf230: switch from BUG_ON() to WARN_ON() on problem (bnc#1012382).
- ieee802154: at86rf230: use __func__ macro for debug messages (bnc#1012382).
- ieee802154: fakelb: switch from BUG_ON() to WARN_ON() on problem (bnc#1012382).
- igb: Fix not adding filter elements to the list (bsc#1024361 bsc#1024365).
- iio: ad9523: Fix displayed phase (bnc#1012382).
- iio: ad9523: Fix return value for ad952x_store() (bnc#1012382).
- inet: frag: enforce memory limits earlier (bnc#1012382 bsc#970506).
- iommu/amd: make sure TLB to be flushed before IOVA freed (bsc#1106105).
- iommu/vt-d: Add definitions for PFSID (bnc#1012382).
- iommu/vt-d: Fix dev iotlb pfsid use (bnc#1012382).
- iommu/vt-d: Ratelimit each dmar fault printing (bsc#1106105).
- ioremap: Update pgtable free interfaces with addr (bnc#1012382).
- ip: hash fragments consistently (bnc#1012382).
- ip: in cmsg IP(V6)_ORIGDSTADDR call pskb_may_pull (bnc#1012382).
- ipconfig: Correctly initialise ic_nameservers (bnc#1012382).
- ipv4+ipv6: Make INET*_ESP select CRYPTO_ECHAINIV (bnc#1012382).
- ipv4: Return EINVAL when ping_group_range sysctl does not map to user ns (bnc#1012382).
- ipv4: remove BUG_ON() from fib_compute_spec_dst (bnc#1012382).
- ipv6: fix useless rol32 call on hash (bnc#1012382).
- ipv6: mcast: fix unsolicited report interval after receiving querys (bnc#1012382).
- ipvlan: use ETH_MAX_MTU as max mtu (bsc#1033962).
- iscsi target: fix session creation failure handling (bnc#1012382).
- isdn: Disable IIOCDBGVAR (bnc#1012382).
- iw_cxgb4: remove duplicate memcpy() in c4iw_create_listen() (bsc#969476 bsc#969477).
- iwlwifi: pcie: fix race in Rx buffer allocator (bnc#1012382).
- ixgbe: Be more careful when modifying MAC filters (bnc#1012382).
- jfs: Do not clear SGID when inheriting ACLs (bsc#1030552).
- jump_label: Add RELEASE barrier after text changes (bsc#1105271).
- jump_label: Fix concurrent static_key_enable/disable() (bsc#1105271).
- jump_label: Move CPU hotplug locking (bsc#1105271).
- jump_label: Provide hotplug context variants (bsc#1105271).
- jump_label: Reduce the size of struct static_key (bsc#1105271).
- jump_label: Reorder hotplug lock and jump_label_lock (bsc#1105271).
- jump_label: Split out code under the hotplug lock (bsc#1105271).
- jump_label: remove bug.h, atomic.h dependencies for HAVE_JUMP_LABEL (bsc#1105271).
- kABI: protect enum tcp_ca_event (kabi).
- kABI: reexport tcp_send_ack (kabi).
- kabi/severities: Ignore missing cpu_tss_tramp (bsc#1099597)
- kabi: x86/speculation/l1tf: Increase l1tf memory limit for Nehalem+ (bnc#1105536).
- kasan: do not emit builtin calls when sanitization is off (bnc#1012382).
- kasan: fix shadow_size calculation error in kasan_module_alloc (bnc#1012382).
- kbuild: verify that $DEPMOD is installed (bnc#1012382).
- kernel: improve spectre mitigation (bnc#1106934, LTC#171029).
- kprobes/x86: Fix %p uses in error messages (bnc#1012382).
- kprobes: Make list and blacklist root user read only (bnc#1012382).
- kthread, tracing: Do not expose half-written comm when creating kthreads (bsc#1104897).
- kvm: x86: vmx: fix vpid leak (bnc#1012382).
- l2tp: use sk_dst_check() to avoid race on sk->sk_dst_cache (bnc#1012382).
- lib/rhashtable: consider param->min_size when setting initial table size (bnc#1012382).
- libata: Fix command retry decision (bnc#1012382).
- libceph: check authorizer reply/challenge length before reading (bsc#1096748).
- libceph: factor out __ceph_x_decrypt() (bsc#1096748).
- libceph: factor out __prepare_write_connect() (bsc#1096748).
- libceph: factor out encrypt_authorizer() (bsc#1096748).
- libceph: store ceph_auth_handshake pointer in ceph_connection (bsc#1096748).
- libceph: weaken sizeof check in ceph_x_verify_authorizer_reply() (bsc#1096748).
- llc: use refcount_inc_not_zero() for llc_sap_find() (bnc#1012382).
- locking/lockdep: Do not record IRQ state within lockdep code (bnc#1012382).
- locks: pass inode pointer to locks_free_lock_context (bsc@1099832).
- locks: prink more detail when there are leaked locks (bsc#1099832).
- locks: restore a warn for leaked locks on close (bsc#1099832).
- m68k: fix 'bad page state' oops on ColdFire boot (bnc#1012382).
- mac80211: add stations tied to AP_VLANs during hw reconfig (bnc#1012382).
- md/raid10: fix that replacement cannot complete recovery after reassemble (bnc#1012382).
- md: fix NULL dereference of mddev->pers in remove_and_add_spares() (bnc#1012382).
- media: omap3isp: fix unbalanced dma_iommu_mapping (bnc#1012382).
- media: rcar_jpu: Add missing clk_disable_unprepare() on error in jpu_open() (bnc#1012382).
- media: rtl28xxu: be sure that it won't go past the array size (bsc#1050431).
- media: s5p-jpeg: fix number of components macro (bsc#1050431).
- media: saa7164: Fix driver name in debug output (bnc#1012382).
- media: si470x: fix __be16 annotations (bnc#1012382).
- media: siano: get rid of __le32/__le16 cast warnings (bnc#1012382).
- media: staging: omap4iss: Include asm/cacheflush.h after generic includes (bnc#1012382).
- media: videobuf2-core: do not call memop 'finish' when queueing (bnc#1012382).
- memory: tegra: Apply interrupts mask per SoC (bnc#1012382).
- memory: tegra: Do not handle spurious interrupts (bnc#1012382).
- mfd: cros_ec: Fail early if we cannot identify the EC (bnc#1012382).
- microblaze: Fix simpleImage format generation (bnc#1012382).
- mm/hugetlb: filter out hugetlb pages if HUGEPAGE migration is not supported (bnc#1106697).
- mm/memory.c: check return value of ioremap_prot (bnc#1012382).
- mm/slub.c: add __printf verification to slab_err() (bnc#1012382).
- mm/tlb: Remove tlb_remove_table() non-concurrent condition (bnc#1012382).
- mm: Add vm_insert_pfn_prot() (bnc#1012382).
- mm: fix cache mode tracking in vm_insert_mixed() (bnc#1012382).
- mm: memcg: fix use after free in mem_cgroup_iter() (bnc#1012382).
- mm: vmalloc: avoid racy handling of debugobjects in vunmap (bnc#1012382).
- mm: x86: move _PAGE_SWP_SOFT_DIRTY from bit 7 to bit 1 (bnc#1012382).
- mtd: rawnand: fsl_ifc: fix FSL NAND driver to read all ONFI parameter pages (bnc#1012382).
- mtd: ubi: wl: Fix error return code in ubi_wl_init().
- mwifiex: correct histogram data with appropriate index (bnc#1012382).
- mwifiex: handle race during mwifiex_usb_disconnect (bnc#1012382).
- net/9p/client.c: version pointer uninitialized (bnc#1012382).
- net/9p/trans_fd.c: fix race-condition by flushing workqueue before the kfree() (bnc#1012382).
- net/ethernet/freescale/fman: fix cross-build error (bnc#1012382).
- net/ipv4: Set oif in fib_compute_spec_dst (bnc#1012382).
- net/mlx4_core: Save the qpn from the input modifier in RST2INIT wrapper (bnc#1012382).
- net/mlx5: Add missing SET_DRIVER_VERSION command translation (bsc#1015342 bsc#1015343).
- net/mlx5: E-Switch, Include VF RDMA stats in vport statistics (bsc#966170 bsc#966172).
- net/mlx5: Eswitch, Use 'kvfree()' for memory allocated by 'kvzalloc()' (bsc#1015342 bsc#1015343).
- net/mlx5: Fix wrong size allocation for QoS ETC TC regitster (bsc#966170 bsc#966172).
- net/mlx5: Vport, Use 'kvfree()' for memory allocated by 'kvzalloc()' (bsc#966170 bsc#966172).
- net/mlx5e: Do not allow aRFS for encapsulated packets (bsc#1015342 bsc#1015343).
- net/mlx5e: Err if asked to offload TC match on frag being first (bsc#1015342 bsc#1015343).
- net/mlx5e: Fix quota counting in aRFS expire flow (bsc#1015342 bsc#1015343).
- net/mlx5e: Refine ets validation function (bsc#966170 bsc#966172).
- net: 6lowpan: fix reserved space for single frames (bnc#1012382).
- net: Do not copy pfmemalloc flag in __copy_skb_header() (bnc#1012382).
- net: add skb_condense() helper (bsc#1089066).
- net: adjust skb->truesize in ___pskb_trim() (bsc#1089066).
- net: adjust skb->truesize in pskb_expand_head() (bsc#1089066).
- net: axienet: Fix double deregister of mdio (bnc#1012382).
- net: caif: Add a missing rcu_read_unlock() in caif_flow_cb (bnc#1012382).
- net: davinci_emac: match the mdio device against its compatible if possible (bnc#1012382).
- net: dsa: Do not suspend/resume closed slave_dev (bnc#1012382).
- net: ena: Fix use of uninitialized DMA address bits field (bsc#1027968).
- net: fix amd-xgbe flow-control issue (bnc#1012382).
- net: hamradio: use eth_broadcast_addr (bnc#1012382).
- net: lan78xx: Fix misplaced tasklet_schedule() call (bnc#1012382).
- net: lan78xx: fix rx handling before first packet is send (bnc#1012382).
- net: mac802154: tx: expand tailroom if necessary (bnc#1012382).
- net: phy: fix flag masking in __set_phy_supported (bnc#1012382).
- net: prevent ISA drivers from building on PPC32 (bnc#1012382).
- net: propagate dev_get_valid_name return code (bnc#1012382).
- net: qca_spi: Avoid packet drop during initial sync (bnc#1012382).
- net: qca_spi: Fix log level if probe fails (bnc#1012382).
- net: qca_spi: Make sure the QCA7000 reset is triggered (bnc#1012382).
- net: socket: fix potential spectre v1 gadget in socketcall (bnc#1012382).
- net: usb: rtl8150: demote allmulti message to dev_dbg() (bnc#1012382).
- net: vmxnet3: use new api ethtool_{get|set}_link_ksettings (bsc#1091860 bsc#1098253).
- net_sched: Fix missing res info when create new tc_index filter (bnc#1012382).
- net_sched: fix NULL pointer dereference when delete tcindex filter (bnc#1012382).
- netfilter: conntrack: dccp: treat SYNC/SYNCACK as invalid if no prior state (bnc#1012382).
- netfilter: ipset: List timing out entries with 'timeout 1' instead of zero (bnc#1012382).
- netfilter: ipv6: nf_defrag: reduce struct net memory waste (bnc#1012382).
- netfilter: ipvs: do not create conn for ABORT packet in sctp_conn_schedule (bsc#1102797).
- netfilter: ipvs: fix the issue that sctp_conn_schedule drops non-INIT packet (bsc#1102797).
- netfilter: x_tables: set module owner for icmp(6) matches (bnc#1012382).
- netlink: Do not shift on 64 for ngroups (bnc#1012382).
- netlink: Do not shift with UB on nlk->ngroups (bnc#1012382).
- netlink: Do not subscribe to non-existent groups (bnc#1012382).
- netlink: Fix spectre v1 gadget in netlink_create() (bnc#1012382).
- netlink: do not enter direct reclaim from netlink_trim() (bsc#1042286).
- nfsd: fix potential use-after-free in nfsd4_decode_getdeviceinfo (bnc#1012382).
- nl80211: Add a missing break in parse_station_flags (bnc#1012382).
- nohz: Fix local_timer_softirq_pending() (bnc#1012382).
- nvme-fc: release io queues to allow fast fail (bsc#1102486).
- nvme: if_ready checks to fail io to deleting controller (bsc#1102486).
- nvme: kABI-compliant version of nvmf_fail_nonready_command() (bsc#1102486).
- nvmet-fc: fix target sgl list on large transfers (bsc#1102486).
- osf_getdomainname(): use copy_to_user() (bnc#1012382).
- ovl: Do d_type check only if work dir creation was successful (bnc#1012382).
- ovl: Ensure upper filesystem supports d_type (bnc#1012382).
- ovl: warn instead of error if d_type is not supported (bnc#1012382).
- packet: refine ring v3 block size test to hold one frame (bnc#1012382).
- packet: reset network header if packet shorter than ll reserved space (bnc#1012382).
- parisc: Define mb() and add memory barriers to assembler unlock sequences (bnc#1012382).
- parisc: Enable CONFIG_MLONGCALLS by default (bnc#1012382).
- parisc: Remove ordered stores from syscall.S (bnc#1012382).
- parisc: Remove unnecessary barriers from spinlock.h (bnc#1012382).
- perf auxtrace: Fix queue resize (bnc#1012382).
- perf llvm-utils: Remove bashism from kernel include fetch script (bnc#1012382).
- perf report powerpc: Fix crash if callchain is empty (bnc#1012382).
- perf test session topology: Fix test on s390 (bnc#1012382).
- perf/x86/intel/uncore: Correct fixed counter index check for NHM (bnc#1012382).
- perf/x86/intel/uncore: Correct fixed counter index check in generic code (bnc#1012382).
- perf: fix invalid bit in diagnostic entry (bnc#1012382).
- pinctrl: at91-pio4: add missing of_node_put (bnc#1012382).
- pinctrl: freescale: off by one in imx1_pinconf_group_dbg_show() (bnc#1012382).
- pnfs/blocklayout: off by one in bl_map_stripe() (bnc#1012382).
- powerpc/32: Add a missing include header (bnc#1012382).
- powerpc/64s: Default l1d_size to 64K in RFI fallback flush (bsc#1068032).
- powerpc/64s: Fix compiler store ordering to SLB shadow area (bnc#1012382).
- powerpc/8xx: fix invalid register expression in head_8xx.S (bnc#1012382).
- powerpc/chrp/time: Make some functions static, add missing header include (bnc#1012382).
- powerpc/embedded6xx/hlwd-pic: Prevent interrupts from being handled by Starlet (bnc#1012382).
- powerpc/fadump: handle crash memory ranges array index overflow (bsc#1103269).
- powerpc/fadump: merge adjacent memory ranges to reduce PT_LOAD segements (bsc#1103269).
- powerpc/lib: Fix the feature fixup tests to actually work (bsc#1066223).
- powerpc/powermac: Add missing prototype for note_bootable_part() (bnc#1012382).
- powerpc/powermac: Mark variable x as unused (bnc#1012382).
- powerpc/pseries: Fix endianness while restoring of r3 in MCE handler (bnc#1012382).
- powerpc/topology: Get topology for shared processors at boot (bsc#1104683).
- powerpc64s: Show ori31 availability in spectre_v1 sysfs file not v2 (bsc#1068032, bsc#1080157).
- powerpc: Avoid code patching freed init sections (bnc#1107735).
- powerpc: make feature-fixup tests fortify-safe (bsc#1066223).
- provide special timeout module parameters for EC2 (bsc#1065364).
- ptp: fix missing break in switch (bnc#1012382).
- pwm: tiehrpwm: Fix disabling of output of PWMs (bnc#1012382).
- qed: Add sanity check for SIMD fastpath handler (bnc#1012382).
- qed: Correct Multicast API to reflect existence of 256 approximate buckets (bsc#1019695 bsc#1019699 bsc#1022604).
- qed: Do not advertise DCBX_LLD_MANAGED capability (bsc#1019695 bsc#1019699 bsc#1022604).
- qed: Fix possible memory leak in Rx error path handling (bsc#1019695 bsc#1019699 bsc#1022604 ).
- qed: Fix possible race for the link state value (bnc#1012382).
- qed: Fix setting of incorrect eswitch mode (bsc#1019695 bsc#1019699 bsc#1022604).
- qed: Fix use of incorrect size in memcpy call (bsc#1019695 bsc#1019699 bsc#1022604).
- qede: Adverstise software timestamp caps when PHC is not available (bsc#1019695 bsc#1019699 bsc#1022604).
- qlge: Fix netdev features configuration (bsc#1098822).
- qlogic: check kstrtoul() for errors (bnc#1012382).
- random: mix rdrand with entropy sent in from userspace (bnc#1012382).
- readahead: stricter check for bdi io_pages (VM Functionality).
- regulator: pfuze100: add .is_enable() for pfuze100_swb_regulator_ops (bnc#1012382).
- reiserfs: fix broken xattr handling (heap corruption, bad retval) (bnc#1012382).
- ring_buffer: tracing: Inherit the tracing setting to next ring buffer (bnc#1012382).
- root dentries need RCU-delayed freeing (bnc#1012382).
- rsi: Fix 'invalid vdd' warning in mmc (bnc#1012382).
- rtc: ensure rtc_set_alarm fails when alarms are not supported (bnc#1012382).
- rtnetlink: add rtnl_link_state check in rtnl_configure_link (bnc#1012382).
- s390/cpum_sf: Add data entry sizes to sampling trailer entry (bnc#1012382).
- s390/kvm: fix deadlock when killed by oom (bnc#1012382).
- s390/lib: use expoline for all bcr instructions (bnc#1106934, LTC#171029).
- s390/pci: fix out of bounds access during irq setup (bnc#1012382).
- s390/qdio: reset old sbal_state flags (bnc#1012382).
- s390/qeth: do not clobber buffer on async TX completion (bnc#1104485, LTC#170349).
- s390/qeth: fix race when setting MAC address (bnc#1104485, LTC#170726).
- s390: add explicit <linux/stringify.h> for jump label (bsc#1105271).
- s390: detect etoken facility (bnc#1106934, LTC#171029).
- s390: fix br_r1_trampoline for machines without exrl (bnc#1012382 bnc#1106934 LTC#171029).
- sched/fair: Avoid divide by zero when rebalancing domains (bsc#1096254).
- scripts/tar-up.sh: Do not package gitlog-excludes file Also fix the evaluation of gitlog-excludes file, too
- scsi: 3w-xxxx: fix a missing-check bug (bnc#1012382).
- scsi: core: Avoid that SCSI device removal through sysfs triggers a deadlock (bnc#1012382).
- scsi: fcoe: drop frames in ELS LOGO error path (bnc#1012382).
- scsi: hpsa: limit transfer length to 1MB, not 512kB (bsc#1102346).
- scsi: libiscsi: fix possible NULL pointer dereference in case of TMF (bnc#1012382).
- scsi: megaraid: silence a static checker bug (bnc#1012382).
- scsi: megaraid_sas: Increase timeout by 1 sec for non-RAID fastpath IOs (bnc#1012382).
- scsi: qla2xxx: Fix ISP recovery on unload (bnc#1012382).
- scsi: qla2xxx: Return error when TMF returns (bnc#1012382).
- scsi: scsi_dh: replace too broad 'TP9' string with the exact models (bnc#1012382).
- scsi: sr: Avoid that opening a CD-ROM hangs with runtime power management enabled (bnc#1012382).
- scsi: sysfs: Introduce sysfs_{un,}break_active_protection() (bnc#1012382).
- scsi: ufs: fix exception event handling (bnc#1012382).
- scsi: vmw_pvscsi: Return DID_RESET for status SAM_STAT_COMMAND_TERMINATED (bnc#1012382).
- scsi: xen-scsifront: add error handling for xenbus_printf (bnc#1012382).
- scsi_debug: call resp_XXX function after setting host_scribble (bsc#1069138).
- scsi_debug: reset injection flags for every_nth > 0 (bsc#1069138).
- selftest/seccomp: Fix the flag name SECCOMP_FILTER_FLAG_TSYNC (bnc#1012382).
- selftest/seccomp: Fix the seccomp(2) signature (bnc#1012382).
- selftests/ftrace: Add snapshot and tracing_on test case (bnc#1012382).
- selftests/x86/sigreturn/64: Fix spurious failures on AMD CPUs (bnc#1012382).
- selftests: pstore: return Kselftest Skip code for skipped tests (bnc#1012382).
- selftests: static_keys: return Kselftest Skip code for skipped tests (bnc#1012382).
- selftests: sync: add config fragment for testing sync framework (bnc#1012382).
- selftests: user: return Kselftest Skip code for skipped tests (bnc#1012382).
- selftests: zram: return Kselftest Skip code for skipped tests (bnc#1012382).
- serial: 8250_dw: always set baud rate in dw8250_set_termios (bnc#1012382).
- sfc: stop the TX queue before pushing new buffers (bsc#1017967 ).
- skbuff: Unconditionally copy pfmemalloc in __skb_clone() (bnc#1012382).
- slab: __GFP_ZERO is incompatible with a constructor (bnc#1107060).
- smb3: Do not send SMB3 SET_INFO if nothing changed (bnc#1012382).
- smb3: do not request leases in symlink creation and query (bnc#1012382).
- spi: davinci: fix a NULL pointer dereference (bnc#1012382).
- squashfs: be more careful about metadata corruption (bnc#1012382).
- squashfs: more metadata hardening (bnc#1012382).
- squashfs: more metadata hardenings (bnc#1012382).
- staging: android: ion: check for kref overflow (bnc#1012382).
- string: drop __must_check from strscpy() and restore strscpy() usages in cgroup (bsc#1107319).
- sys: do not hold uts_sem while accessing userspace memory (bnc#1106995).
- target_core_rbd: use RCU in free_device (bsc#1105524).
- tcp: Fix missing range_truesize enlargement in the backport (bnc#1012382).
- tcp: add max_quickacks param to tcp_incr_quickack and tcp_enter_quickack_mode (bnc#1012382).
- tcp: add one more quick ack after after ECN events (bnc#1012382).
- tcp: do not aggressively quick ack after ECN events (bnc#1012382).
- tcp: do not cancel delay-AcK on DCTCP special ACK (bnc#1012382).
- tcp: do not delay ACK in DCTCP upon CE status change (bnc#1012382).
- tcp: do not force quickack when receiving out-of-order packets (bnc#1012382).
- tcp: fix dctcp delayed ACK schedule (bnc#1012382).
- tcp: helpers to send special DCTCP ack (bnc#1012382).
- tcp: identify cryptic messages as TCP seq # bugs (bnc#1012382).
- tcp: refactor tcp_ecn_check_ce to remove sk type cast (bnc#1012382).
- tcp: remove DELAYED ACK events in DCTCP (bnc#1012382).
- tg3: Add higher cpu clock for 5762 (bnc#1012382).
- thermal: exynos: fix setting rising_threshold for Exynos5433 (bnc#1012382).
- timekeeping: Eliminate the stale declaration of ktime_get_raw_and_real_ts64() (bsc#969470).
- tools/power turbostat: Read extended processor family from CPUID (bnc#1012382).
- tools/power turbostat: fix -S on UP systems (bnc#1012382).
- tools: usb: ffs-test: Fix build on big endian systems (bnc#1012382).
- tpm: fix race condition in tpm_common_write() (bnc#1012382).
- tracing/blktrace: Fix to allow setting same value (bnc#1012382).
- tracing/kprobes: Fix trace_probe flags on enable_trace_kprobe() failure (bnc#1012382).
- tracing: Do not call start/stop() functions when tracing_on does not change (bnc#1012382).
- tracing: Fix double free of event_trigger_data (bnc#1012382).
- tracing: Fix possible double free in event_enable_trigger_func() (bnc#1012382).
- tracing: Quiet gcc warning about maybe unused link variable (bnc#1012382).
- tracing: Use __printf markup to silence compiler (bnc#1012382).
- tty: Fix data race in tty_insert_flip_string_fixed_flag (bnc#1012382).
- turn off -Wattribute-alias (bnc#1012382).
- ubi: Be more paranoid while seaching for the most recent Fastmap (bnc#1012382).
- ubi: Fix Fastmap's update_vol() (bnc#1012382).
- ubi: Fix races around ubi_refill_pools() (bnc#1012382).
- ubi: Introduce vol_ignored() (bnc#1012382).
- ubi: Rework Fastmap attach base code (bnc#1012382).
- ubi: fastmap: Erase outdated anchor PEBs during attach (bnc#1012382).
- ubifs: Check data node size before truncate (bsc#1106276).
- ubifs: Fix memory leak in lprobs self-check (bsc#1106278).
- ubifs: Fix synced_i_size calculation for xattr inodes (bsc#1106275).
- ubifs: xattr: Do not operate on deleted inodes (bsc#1106271).
- udl-kms: change down_interruptible to down (bnc#1012382).
- udl-kms: fix crash due to uninitialized memory (bnc#1012382).
- udl-kms: handle allocation failure (bnc#1012382).
- udlfb: set optimal write delay (bnc#1012382).
- uprobes: Use synchronize_rcu() not synchronize_sched() (bnc#1012382).
- usb/phy: fix PPC64 build errors in phy-fsl-usb.c (bnc#1012382).
- usb: audio-v2: Correct the comment for struct uac_clock_selector_descriptor (bsc#1099810).
- usb: cdc_acm: Add quirk for Castles VEGA3000 (bnc#1012382).
- usb: dwc2: debugfs: Do not touch RX FIFO during register dump (bsc#1100132).
- usb: dwc2: fix isoc split in transfer with no data (bnc#1012382).
- usb: gadget: composite: fix delayed_status race condition when set_interface (bnc#1012382).
- usb: gadget: dwc2: fix memory leak in gadget_init() (bnc#1012382).
- usb: gadget: f_fs: Only return delayed status when len is 0 (bnc#1012382).
- usb: gadget: f_uac2: fix endianness of 'struct cntrl_*_lay3' (bnc#1012382).
- usb: gadget: r8a66597: Fix a possible sleep-in-atomic-context bugs in r8a66597_queue() (bnc#1012382).
- usb: gadget: r8a66597: Fix two possible sleep-in-atomic-context bugs in init_controller() (bnc#1012382).
- usb: hub: Do not wait for connect state at resume for powered-off ports (bnc#1012382).
- usb: renesas_usbhs: gadget: fix spin_lock_init() for &uep->lock (bsc#1085536).
- usb: xhci: increase CRS timeout value (bnc#1012382).
- usbip: usbip_detach: Fix memory, udev context and udev leak (bnc#1012382).
- userns: move user access out of the mutex (bnc#1012382).
- vfs: add the sb_start_intwrite_trylock() helper (bsc#1101841).
- virtio_balloon: fix another race between migration and ballooning (bnc#1012382).
- vmw_balloon: VMCI_DOORBELL_SET does not check status (bnc#1012382).
- vmw_balloon: do not use 2MB without batching (bnc#1012382).
- vmw_balloon: fix VMCI use when balloon built into kernel (bnc#1012382).
- vmw_balloon: fix inflation of 64-bit GFNs (bnc#1012382).
- vmxnet3: Replace msleep(1) with usleep_range() (bsc#1091860 bsc#1098253).
- vmxnet3: add receive data ring support (bsc#1091860 bsc#1098253).
- vmxnet3: add support for get_coalesce, set_coalesce ethtool operations (bsc#1091860 bsc#1098253).
- vmxnet3: allow variable length transmit data ring buffer (bsc#1091860 bsc#1098253).
- vmxnet3: avoid assumption about invalid dma_pa in vmxnet3_set_mc() (bsc#1091860 bsc#1098253).
- vmxnet3: avoid format strint overflow warning (bsc#1091860 bsc#1098253).
- vmxnet3: avoid xmit reset due to a race in vmxnet3 (bsc#1091860 bsc#1098253).
- vmxnet3: fix incorrect dereference when rxvlan is disabled (bsc#1091860 bsc#1098253).
- vmxnet3: fix non static symbol warning (bsc#1091860 bsc#1098253).
- vmxnet3: fix tx data ring copy for variable size (bsc#1091860 bsc#1098253).
- vmxnet3: increase default rx ring sizes (bsc#1091860 bsc#1098253).
- vmxnet3: introduce command to register memory region (bsc#1091860 bsc#1098253).
- vmxnet3: introduce generalized command interface to configure the device (bsc#1091860 bsc#1098253).
- vmxnet3: prepare for version 3 changes (bsc#1091860 bsc#1098253).
- vmxnet3: remove redundant initialization of pointer 'rq' (bsc#1091860 bsc#1098253).
- vmxnet3: remove unused flag 'rxcsum' from struct vmxnet3_adapter (bsc#1091860 bsc#1098253).
- vmxnet3: set the DMA mask before the first DMA map operation (bsc#1091860 bsc#1098253).
- vmxnet3: update to version 3 (bsc#1091860 bsc#1098253).
- vmxnet3: use DMA memory barriers where required (bsc#1091860 bsc#1098253).
- vmxnet3: use correct flag to indicate LRO feature (bsc#1091860 bsc#1098253).
- vsock: split dwork to avoid reinitializations (bnc#1012382).
- vti6: Fix dev->max_mtu setting (bsc#1033962).
- vti6: fix PMTU caching and reporting on xmit (bnc#1012382).
- wlcore: sdio: check for valid platform device data before suspend (bnc#1012382).
- x86/MCE: Remove min interval polling limitation (bnc#1012382).
- x86/amd: do not set X86_BUG_SYSRET_SS_ATTRS when running under Xen (bnc#1012382).
- x86/asm/entry/32: Simplify pushes of zeroed pt_regs->REGs (bnc#1012382).
- x86/bugs: Move the l1tf function and define pr_fmt properly (bnc#1012382).
- x86/bugs: Respect nospec command line option (bsc#1068032).
- x86/cpu/AMD: Fix erratum 1076 (CPB bit) (bnc#1012382).
- x86/cpu: Make alternative_msr_write work for 32-bit code (bnc#1012382).
- x86/cpu: Re-apply forced caps every time CPU caps are re-read (bnc#1012382).
- x86/cpufeatures: Add CPUID_7_EDX CPUID leaf (bnc#1012382).
- x86/cpufeatures: Clean up Spectre v2 related CPUID flags (bnc#1012382).
- x86/entry/64/compat: Clear registers for compat syscalls, to reduce speculation attack surface (bnc#1012382).
- x86/entry/64: Remove %ebx handling from error_entry/exit (bnc#1102715).
- x86/init: fix build with CONFIG_SWAP=n (bnc#1012382).
- x86/irqflags: Mark native_restore_fl extern inline (bnc#1012382).
- x86/irqflags: Provide a declaration for native_save_fl.
- x86/mm/kmmio: Make the tracer robust against L1TF (bnc#1012382).
- x86/mm/pat: Fix L1TF stable backport for CPA (bnc#1012382).
- x86/mm/pat: Fix L1TF stable backport for CPA, 2nd call (bnc#1012382).
- x86/mm/pat: Make set_memory_np() L1TF safe (bnc#1012382).
- x86/mm: Add TLB purge to free pmd/pte page interfaces (bnc#1012382).
- x86/mm: Disable ioremap free page handling on x86-PAE (bnc#1012382).
- x86/mm: Give each mm TLB flush generation a unique ID (bnc#1012382).
- x86/paravirt: Fix spectre-v2 mitigations for paravirt guests (bnc#1012382).
- x86/paravirt: Make native_save_fl() extern inline (bnc#1012382).
- x86/process: Correct and optimize TIF_BLOCKSTEP switch (bnc#1012382).
- x86/process: Optimize TIF checks in __switch_to_xtra() (bnc#1012382).
- x86/process: Optimize TIF_NOTSC switch (bnc#1012382).
- x86/process: Re-export start_thread() (bnc#1012382).
- x86/spectre: Add missing family 6 check to microcode check (bnc#1012382).
- x86/spectre_v2: Do not check microcode versions when running under hypervisors (bnc#1012382).
- x86/speculation/l1tf: Exempt zeroed PTEs from inversion (bnc#1012382).
- x86/speculation/l1tf: Extend 64bit swap file size limit (bnc#1012382).
- x86/speculation/l1tf: Fix off-by-one error when warning that system has too much RAM (bnc#1105536).
- x86/speculation/l1tf: Fix overflow in l1tf_pfn_limit() on 32bit (bnc#1012382).
- x86/speculation/l1tf: Fix up CPU feature flags (bnc#1012382).
- x86/speculation/l1tf: Fix up pte->pfn conversion for PAE (bnc#1012382).
- x86/speculation/l1tf: Increase l1tf memory limit for Nehalem+ (bnc#1105536).
- x86/speculation/l1tf: Invert all not present mappings (bnc#1012382).
- x86/speculation/l1tf: Make pmd/pud_mknotpresent() invert (bnc#1012382).
- x86/speculation/l1tf: Protect PAE swap entries against L1TF (bnc#1012382).
- x86/speculation/l1tf: Suggest what to do on systems with too much RAM (bnc#1105536).
- x86/speculation/l1tf: Unbreak !__HAVE_ARCH_PFN_MODIFY_ALLOWED architectures (bnc#1012382).
- x86/speculation: Add <asm/msr-index.h> dependency (bnc#1012382).
- x86/speculation: Add basic IBPB (Indirect Branch Prediction Barrier) support (bnc#1012382).
- x86/speculation: Clean up various Spectre related details (bnc#1012382).
- x86/speculation: Correct Speculation Control microcode blacklist again (bnc#1012382).
- x86/speculation: Move firmware_restrict_branch_speculation_*() from C to CPP (bnc#1012382).
- x86/speculation: Update Speculation Control microcode blacklist (bnc#1012382).
- x86/speculation: Use ARCH_CAPABILITIES to skip L1D flush on vmentry (bsc#1106369).
- x86/speculation: Use IBRS if available before calling into firmware (bnc#1012382).
- x86/speculation: Use Indirect Branch Prediction Barrier in context switch (bnc#1012382).
- x86/xen: Add call of speculative_store_bypass_ht_init() to PV paths (bnc#1012382).
- xen-netfront: wait xenbus state change when load module manually (bnc#1012382).
- xen/blkback: do not keep persistent grants too long (bsc#1085042).
- xen/blkback: move persistent grants flags to bool (bsc#1085042).
- xen/blkfront: cleanup stale persistent grants (bsc#1085042).
- xen/blkfront: reorder tests in xlblk_init() (bsc#1085042).
- xen/netfront: do not cache skb_shinfo() (bnc#1012382).
- xen: set cpu capabilities from xen_start_kernel() (bnc#1012382).
- xfrm: fix missing dst_release() after policy blocking lbcast and multicast (bnc#1012382).
- xfrm: free skb if nlsk pointer is NULL (bnc#1012382).
- xfrm_user: prevent leaking 2 bytes of kernel memory (bnc#1012382).
- xfs: Remove dead code from inode recover function (bsc#1105396).
- xfs: repair malformed inode items during log recovery (bsc#1105396).
- xhci: Fix perceived dead host due to runtime suspend race with event handler (bnc#1012382).
- zswap: re-check zswap_is_full() after do zswap_shrink() (bnc#1012382).
Patchnames
SUSE-SLE-DESKTOP-12-SP3-2018-1941,SUSE-SLE-HA-12-SP3-2018-1941,SUSE-SLE-SDK-12-SP3-2018-1941,SUSE-SLE-SERVER-12-SP3-2018-1941,SUSE-SLE-WE-12-SP3-2018-1941
Terms of use
CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).
{ document: { aggregate_severity: { namespace: "https://www.suse.com/support/security/rating/", text: "important", }, category: "csaf_security_advisory", csaf_version: "2.0", distribution: { text: "Copyright 2024 SUSE LLC. All rights reserved.", tlp: { label: "WHITE", url: "https://www.first.org/tlp/", }, }, lang: "en", notes: [ { category: "summary", text: "Security update for the Linux Kernel", title: "Title of the patch", }, { category: "description", text: "\nThe SUSE Linux Enterprise 12 SP3 kernel was updated to 4.4.155 to receive various security and bugfixes.\n\nThe following security bugs were fixed:\n\n- CVE-2018-13093: Prevent NULL pointer dereference and panic in lookup_slow()\n on a NULL inode->i_ops pointer when doing pathwalks on a corrupted xfs image.\n This occured because of a lack of proper validation that cached inodes are free\n during allocation (bnc#1100001).\n- CVE-2018-13095: Prevent denial of service (memory corruption and BUG) that\n could have occurred for a corrupted xfs image upon encountering an inode that\n is in extent format, but has more extents than fit in the inode fork\n (bnc#1099999).\n- CVE-2018-13094: Prevent OOPS that may have occured for a corrupted xfs image\n after xfs_da_shrink_inode() is called with a NULL bp (bnc#1100000).\n- CVE-2018-12896: Prevent integer overflow in the POSIX timer code that was\n caused by the way the overrun accounting works. Depending on interval and\n expiry time values, the overrun can be larger than INT_MAX, but the accounting\n is int based. This basically made the accounting values, which are visible to\n user space via timer_getoverrun(2) and siginfo::si_overrun, random. This\n allowed a local user to cause a denial of service (signed integer overflow) via\n crafted mmap, futex, timer_create, and timer_settime system calls\n (bnc#1099922).\n- CVE-2018-16658: Prevent information leak in cdrom_ioctl_drive_status that\n could have been used by local attackers to read kernel memory (bnc#1107689).\n- CVE-2018-6555: The irda_setsockopt function allowed local users to cause a\n denial of service (ias_object use-after-free and system crash) or possibly have\n unspecified other impact via an AF_IRDA socket (bnc#1106511).\n- CVE-2018-6554: Prevent memory leak in the irda_bind function that allowed\n local users to cause a denial of service (memory consumption) by repeatedly\n binding an AF_IRDA socket (bnc#1106509).\n- CVE-2018-1129: A flaw was found in the way signature calculation was handled\n by cephx authentication protocol. An attacker having access to ceph cluster\n network who is able to alter the message payload was able to bypass signature\n checks done by cephx protocol (bnc#1096748).\n- CVE-2018-1128: It was found that cephx authentication protocol did not verify\n ceph clients correctly and was vulnerable to replay attack. Any attacker having\n access to ceph cluster network who is able to sniff packets on network can use\n this vulnerability to authenticate with ceph service and perform actions\n allowed by ceph service (bnc#1096748).\n- CVE-2018-10938: A crafted network packet sent remotely by an attacker forced\n the kernel to enter an infinite loop in the cipso_v4_optptr() function leading\n to a denial-of-service (bnc#1106016).\n- CVE-2018-15572: The spectre_v2_select_mitigation function did not always fill\n RSB upon a context switch, which made it easier for attackers to conduct\n userspace-userspace spectreRSB attacks (bnc#1102517).\n- CVE-2018-10902: Protect against concurrent access to prevent double realloc\n (double free) in snd_rawmidi_input_params() and snd_rawmidi_output_status(). A\n malicious local attacker could have used this for privilege escalation\n (bnc#1105322 1105323).\n- CVE-2018-9363: Prevent buffer overflow in hidp_process_report (bsc#1105292)\n- CVE-2018-10883: A local user could have caused an out-of-bounds write in\n jbd2_journal_dirty_metadata(), a denial of service, and a system crash by\n mounting and operating on a crafted ext4 filesystem image (bsc#1099863).\n- CVE-2018-10879: A local user could have caused a use-after-free in\n ext4_xattr_set_entry function and a denial of service or unspecified other\n impact by renaming a file in a crafted ext4 filesystem image (bsc#1099844).\n- CVE-2018-10878: A local user could have caused an out-of-bounds write and a\n denial of service or unspecified other impact by mounting and operating a\n crafted ext4 filesystem image (bsc#1099813).\n- CVE-2018-10876: A use-after-free was possible in ext4_ext_remove_space()\n function when mounting and operating a crafted ext4 image (bsc#1099811).\n- CVE-2018-10877: Prevent out-of-bound access in the ext4_ext_drop_refs()\n function when operating on a crafted ext4 filesystem image (bsc#1099846).\n- CVE-2018-10881: A local user could have caused an out-of-bound access in\n ext4_get_group_info function, a denial of service, and a system crash by\n mounting and operating on a crafted ext4 filesystem image (bsc#1099864).\n- CVE-2018-10882: A local user could have caused an out-of-bound write, a\n denial of service, and a system crash by unmounting a crafted ext4 filesystem\n image (bsc#1099849).\n- CVE-2018-10880: Prevent stack-out-of-bounds write in the ext4 filesystem code\n when mounting and writing to a crafted ext4 image in ext4_update_inline_data().\n An attacker could have used this to cause a system crash and a denial of\n service (bsc#1099845).\n\nThe following non-security bugs were fixed:\n\n- 9p/net: Fix zero-copy path in the 9p virtio transport (bnc#1012382).\n- 9p/virtio: fix off-by-one error in sg list bounds check (bnc#1012382).\n- 9p: fix multiple NULL-pointer-dereferences (bnc#1012382).\n- ACPI / LPSS: Add missing prv_offset setting for byt/cht PWM devices (bnc#1012382).\n- ACPI / PCI: Bail early in acpi_pci_add_bus() if there is no ACPI handle (bnc#1012382).\n- ACPI / PM: save NVS memory for ASUS 1025C laptop (bnc#1012382).\n- ACPI: save NVS memory for Lenovo G50-45 (bnc#1012382).\n- ALSA: cs5535audio: Fix invalid endian conversion (bnc#1012382).\n- ALSA: emu10k1: Rate-limit error messages about page errors (bnc#1012382).\n- ALSA: emu10k1: add error handling for snd_ctl_add (bnc#1012382).\n- ALSA: fm801: add error handling for snd_ctl_add (bnc#1012382).\n- ALSA: hda - Sleep for 10ms after entering D3 on Conexant codecs (bnc#1012382).\n- ALSA: hda - Turn CX8200 into D3 as well upon reboot (bnc#1012382).\n- ALSA: hda/ca0132: fix build failure when a local macro is defined (bnc#1012382).\n- ALSA: hda: Correct Asrock B85M-ITX power_save blacklist entry (bnc#1012382).\n- ALSA: memalloc: Do not exceed over the requested size (bnc#1012382).\n- ALSA: rawmidi: Change resized buffers atomically (bnc#1012382).\n- ALSA: snd-aoa: add of_node_put() in error path (bsc#1099810).\n- ALSA: usb-audio: Apply rate limit to warning messages in URB complete callback (bnc#1012382).\n- ALSA: virmidi: Fix too long output trigger loop (bnc#1012382).\n- ALSA: vx222: Fix invalid endian conversions (bnc#1012382).\n- ALSA: vxpocket: Fix invalid endian conversions (bnc#1012382).\n- ARC: Enable machine_desc->init_per_cpu for !CONFIG_SMP (bnc#1012382).\n- ARC: Explicitly add -mmedium-calls to CFLAGS (bnc#1012382).\n- ARC: Fix CONFIG_SWAP (bnc#1012382).\n- ARC: mm: allow mprotect to make stack mappings executable (bnc#1012382).\n- ARM: 8780/1: ftrace: Only set kernel memory back to read-only after boot (bnc#1012382).\n- ARM: dts: Cygnus: Fix I2C controller interrupt type (bnc#1012382).\n- ARM: dts: am3517.dtsi: Disable reference to OMAP3 OTG controller (bnc#1012382).\n- ARM: dts: am437x: make edt-ft5x06 a wakeup source (bnc#1012382).\n- ARM: dts: da850: Fix interrups property for gpio (bnc#1012382).\n- ARM: dts: imx6sx: fix irq for pcie bridge (bnc#1012382).\n- ARM: fix put_user() for gcc-8 (bnc#1012382).\n- ARM: imx_v4_v5_defconfig: Select ULPI support (bnc#1012382).\n- ARM: imx_v6_v7_defconfig: Select ULPI support (bnc#1012382).\n- ARM: pxa: irq: fix handling of ICMR registers in suspend/resume (bnc#1012382).\n- ARM: tegra: Fix Tegra30 Cardhu PCA954x reset (bnc#1012382).\n- ASoC: Intel: cht_bsw_max98090: remove useless code, align with ChromeOS driver.\n- ASoC: Intel: cht_bsw_max98090_ti: Fix jack initialization (bnc#1012382).\n- ASoC: dpcm: do not merge format from invalid codec dai (bnc#1012382).\n- ASoC: dpcm: fix BE dai not hw_free and shutdown (bnc#1012382).\n- ASoC: pxa: Fix module autoload for platform drivers (bnc#1012382).\n- ASoC: sirf: Fix potential NULL pointer dereference (bnc#1012382).\n- Add reference to bsc#1091171 (bnc#1012382; bsc#1091171).\n- Bluetooth: avoid killing an already killed socket (bnc#1012382).\n- Bluetooth: btusb: Add a new Realtek 8723DE ID 2ff8:b011 (bnc#1012382).\n- Bluetooth: btusb: Remove Yoga 920 from the btusb_needs_reset_resume_table (bsc#1087092).\n- Bluetooth: btusb: Use DMI matching for QCA reset_resume quirking (bsc#1087092).\n- Bluetooth: hci_qca: Fix 'Sleep inside atomic section' warning (bnc#1012382).\n- Documentation/spec_ctrl: Do some minor cleanups (bnc#1012382).\n- HID: hid-plantronics: Re-resend Update to map button for PTT products (bnc#1012382).\n- HID: i2c-hid: check if device is there before really probing (bnc#1012382).\n- HID: wacom: Correct touch maximum XY of 2nd-gen Intuos (bnc#1012382).\n- IB/core: Make testing MR flags for writability a static inline function (bnc#1012382).\n- IB/core: Remove duplicate declaration of gid_cache_wq (bsc#1056596).\n- IB/iser: Do not reduce max_sectors (bsc#1063646).\n- IB/mlx4: Fix an error handling path in 'mlx4_ib_rereg_user_mr()'.\n- IB/mlx4: Mark user MR as writable if actual virtual memory is writable (bnc#1012382).\n- IB/mlx5: Fetch soft WQE's on fatal error state (bsc#1015342 bsc#1015343).\n- IB/mlx5: Use 'kvfree()' for memory allocated by 'kvzalloc()' (bsc#1015342 bsc#1015343).\n- IB/ocrdma: fix out of bounds access to local buffer (bnc#1012382).\n- Input: elan_i2c - add ACPI ID for lenovo ideapad 330 (bnc#1012382).\n- Input: elan_i2c - add another ACPI ID for Lenovo Ideapad 330-15AST (bnc#1012382).\n- Input: i8042 - add Lenovo LaVie Z to the i8042 reset list (bnc#1012382).\n- KVM/Eventfd: Avoid crash when assign and deassign specific eventfd in parallel (bnc#1012382).\n- KVM: MMU: always terminate page walks at level 1 (bsc#1062604).\n- KVM: MMU: simplify last_pte_bitmap (bsc#1062604).\n- KVM: VMX: Work around kABI breakage in 'enum vmx_l1d_flush_state' (bsc#1106369).\n- KVM: VMX: fixes for vmentry_l1d_flush module parameter (bsc#1106369).\n- KVM: arm/arm64: Skip updating PMD entry if no change (bnc#1012382).\n- KVM: arm/arm64: Skip updating PTE entry if no change (bnc#1012382).\n- KVM: irqfd: fix race between EPOLLHUP and irq_bypass_register_consumer (bnc#1012382).\n- KVM: nVMX: update last_nonleaf_level when initializing nested EPT (bsc#1062604).\n- MIPS: Correct the 64-bit DSP accumulator register size (bnc#1012382).\n- MIPS: Fix off-by-one in pci_resource_to_user() (bnc#1012382).\n- MIPS: ath79: fix register address in ath79_ddr_wb_flush() (bnc#1012382).\n- MIPS: lib: Provide MIPS64r6 __multi3() for GCC lower than < 7 (bnc#1012382).\n- NET: stmmac: align DMA stuff to largest cache line length (bnc#1012382).\n- PCI: Prevent sysfs disable of device while driver is attached (bnc#1012382).\n- PCI: Skip MPS logic for Virtual Functions (VFs) (bnc#1012382).\n- PCI: hotplug: Do not leak pci_slot on registration failure (bnc#1012382).\n- PCI: pciehp: Fix use-after-free on unplug (bnc#1012382).\n- PCI: pciehp: Request control of native hotplug only if supported (bnc#1012382).\n- PM / sleep: wakeup: Fix build error caused by missing SRCU support (bnc#1012382).\n- RDMA/i40iw: Avoid panic when objects are being created and destroyed (bsc#969476 bsc#969477).\n- RDMA/i40iw: Avoid panic when reading back the IRQ affinity hint (bsc#969476 bsc#969477).\n- RDMA/i40iw: Avoid reference leaks when processing the AEQ (bsc#969476 bsc#969477).\n- RDMA/i40w: Hold read semaphore while looking after VMA (bsc#1024376).\n- RDMA/mad: Convert BUG_ONs to error flows (bnc#1012382).\n- RDMA/mlx5: Use proper spec flow label type (bsc#1015342 bsc#1015343).\n- Revert 'MIPS: BCM47XX: Enable 74K Core ExternalSync for PCIe erratum' (bnc#1012382).\n- Revert 'UBIFS: Fix potential integer overflow in allocation' (bnc#1012382).\n- Revert 'f2fs: handle dirty segments inside refresh_sit_entry' (bsc#1106281).\n- Revert 'mm: page_alloc: skip over regions of invalid pfns where possible' (bnc#1107078).\n- Revert 'block-cancel-workqueue-entries-on-blk_mq_freeze_queue' (bsc#1103717).\n- Smack: Mark inode instant in smack_task_to_inode (bnc#1012382).\n- USB: musb: fix external abort on suspend (bsc#1085536).\n- USB: option: add support for DW5821e (bnc#1012382).\n- USB: serial: metro-usb: stop I/O after failed open (bsc#1085539).\n- USB: serial: sierra: fix potential deadlock at close (bnc#1012382).\n- Workaround kABI breakage by __must_check drop of strscpy() (bsc#1107319).\n- afs: Fix directory permissions check (bsc#1106283).\n- arc: fix build errors in arc/include/asm/delay.h (bnc#1012382).\n- arc: fix type warnings in arc/mm/cache.c (bnc#1012382).\n- arm64: make secondary_start_kernel() notrace (bnc#1012382).\n- arm64: mm: check for upper PAGE_SHIFT bits in pfn_valid() (bnc#1012382).\n- ath: Add regulatory mapping for APL13_WORLD (bnc#1012382).\n- ath: Add regulatory mapping for APL2_FCCA (bnc#1012382).\n- ath: Add regulatory mapping for Bahamas (bnc#1012382).\n- ath: Add regulatory mapping for Bermuda (bnc#1012382).\n- ath: Add regulatory mapping for ETSI8_WORLD (bnc#1012382).\n- ath: Add regulatory mapping for FCC3_ETSIC (bnc#1012382).\n- ath: Add regulatory mapping for Serbia (bnc#1012382).\n- ath: Add regulatory mapping for Tanzania (bnc#1012382).\n- ath: Add regulatory mapping for Uganda (bnc#1012382).\n- atl1c: reserve min skb headroom (bnc#1012382).\n- atm: Preserve value of skb->truesize when accounting to vcc (bsc#1089066).\n- audit: allow not equal op for audit by executable (bnc#1012382).\n- backlight: as3711_bl: Fix Device Tree node leaks (bsc#1106929).\n- backlight: lm3630a: Bump REG_MAX value to 0x50 instead of 0x1F (bsc#1106929).\n- bcache: avoid unncessary cache prefetch bch_btree_node_get() (bsc#1064232).\n- bcache: calculate the number of incremental GC nodes according to the total of btree nodes (bsc#1064232).\n- bcache: display rate debug parameters to 0 when writeback is not running (bsc#1064232).\n- bcache: do not check return value of debugfs_create_dir() (bsc#1064232).\n- bcache: finish incremental GC (bsc#1064232).\n- bcache: fix I/O significant decline while backend devices registering (bsc#1064232).\n- bcache: fix error setting writeback_rate through sysfs interface (bsc#1064232).\n- bcache: free heap cache_set->flush_btree in bch_journal_free (bsc#1064232).\n- bcache: make the pr_err statement used for ENOENT only in sysfs_attatch section (bsc#1064232).\n- bcache: release dc->writeback_lock properly in bch_writeback_thread() (bsc#1064232).\n- bcache: set max writeback rate when I/O request is idle (bsc#1064232).\n- bcache: simplify the calculation of the total amount of flash dirty data (bsc#1064232).\n- be2net: remove unused old custom busy-poll fields (bsc#1021121 ).\n- blkdev: __blkdev_direct_IO_simple: fix leak in error case (bsc#1083663).\n- block: bio_iov_iter_get_pages: fix size of last iovec (bsc#1083663).\n- block: bio_iov_iter_get_pages: pin more pages for multi-segment IOs (bsc#1083663).\n- block: do not use interruptible wait anywhere (bnc#1012382).\n- bnx2x: Fix invalid memory access in rss hash config path (bnc#1012382).\n- bnx2x: Fix receiving tx-timeout in error or recovery state (bnc#1012382).\n- bnxt_en: Always set output parameters in bnxt_get_max_rings() (bsc#963575).\n- bnxt_en: Fix for system hang if request_irq fails (bnc#1012382).\n- bnxt_en: Fix inconsistent BNXT_FLAG_AGG_RINGS logic (bsc#1020412 ).\n- bpf: fix references to free_bpf_prog_info() in comments (bnc#1012382).\n- brcmfmac: Add support for bcm43364 wireless chipset (bnc#1012382).\n- brcmfmac: stop watchdog before detach and free everything (bnc#1012382).\n- bridge: Propagate vlan add failure to user (bnc#1012382).\n- btrfs: Do not remove block group still has pinned down bytes (bsc#1086457).\n- btrfs: add barriers to btrfs_sync_log before log_commit_wait wakeups (bnc#1012382).\n- btrfs: do not leak ret from do_chunk_alloc (bnc#1012382).\n- btrfs: qgroup: Finish rescan when hit the last leaf of extent tree (bnc#1012382).\n- btrfs: quota: Set rescan progress to (u64)-1 if we hit last leaf.\n- btrfs: round down size diff when shrinking/growing device (bsc#1097105).\n- can: ems_usb: Fix memory leak on ems_usb_disconnect() (bnc#1012382).\n- can: mpc5xxx_can: check of_iomap return before use (bnc#1012382).\n- can: xilinx_can: fix RX loop if RXNEMP is asserted without RXOK (bnc#1012382).\n- can: xilinx_can: fix RX overflow interrupt not being enabled (bnc#1012382).\n- can: xilinx_can: fix device dropping off bus on RX overrun (bnc#1012382).\n- can: xilinx_can: fix incorrect clear of non-processed interrupts (bnc#1012382).\n- can: xilinx_can: fix recovery from error states not being propagated (bnc#1012382).\n- can: xilinx_can: keep only 1-2 frames in TX FIFO to fix TX accounting (bnc#1012382).\n- cdrom: Fix info leak/OOB read in cdrom_ioctl_drive_status (bnc#1012382).\n- ceph: fix incorrect use of strncpy (bsc#1107319).\n- ceph: return errors from posix_acl_equiv_mode() correctly (bsc#1107320).\n- cifs: Fix stack out-of-bounds in smb{2,3}_create_lease_buf() (bsc#1012382).\n- cifs: add missing debug entries for kconfig options (bnc#1012382).\n- cifs: check kmalloc before use (bsc#1012382).\n- cifs: store the leaseKey in the fid on SMB2_open (bsc#1012382).\n- clk: tegra: Fix PLL_U post divider and initial rate on Tegra30 (bnc#1012382).\n- crypto: ablkcipher - fix crash flushing dcache in error path (bnc#1012382).\n- crypto: authenc - do not leak pointers to authenc keys (bnc#1012382).\n- crypto: authencesn - do not leak pointers to authenc keys (bnc#1012382).\n- crypto: blkcipher - fix crash flushing dcache in error path (bnc#1012382).\n- crypto: padlock-aes - Fix Nano workaround data corruption (bnc#1012382).\n- crypto: vmac - require a block cipher with 128-bit block size (bnc#1012382).\n- crypto: vmac - separate tfm and request context (bnc#1012382).\n- crypto: vmx - Fix sleep-in-atomic bugs (bsc#1048317).\n- cxgb4: when disabling dcb set txq dcb priority to 0 (bnc#1012382).\n- cxl: Fix wrong comparison in cxl_adapter_context_get() (bsc#1055014).\n- dccp: fix undefined behavior with 'cwnd' shift in ccid2_cwnd_restart() (bnc#1012382).\n- disable loading f2fs module on PAGE_SIZE > 4KB (bnc#1012382).\n- dm cache metadata: save in-core policy_hint_size to on-disk superblock (bnc#1012382).\n- dma-iommu: Fix compilation when !CONFIG_IOMMU_DMA (bnc#1012382).\n- dmaengine: k3dma: Off by one in k3_of_dma_simple_xlate() (bnc#1012382).\n- dmaengine: pxa_dma: remove duplicate const qualifier (bnc#1012382).\n- driver core: Partially revert 'driver core: correct device's shutdown order' (bnc#1012382).\n- drivers: net: lmc: fix case value for target abort error (bnc#1012382).\n- drm/armada: fix colorkey mode property (bnc#1012382).\n- drm/atmel-hlcdc: check stride values in the first plane (bsc#1106929).\n- drm/atomic: Handling the case when setting old crtc for plane (bnc#1012382).\n- drm/bridge: adv7511: Reset registers on hotplug (bnc#1012382).\n- drm/cirrus: Use drm_framebuffer_put to avoid kernel oops in clean-up (bsc#1101822).\n- drm/drivers: add support for using the arch wc mapping API.\n- drm/exynos/dsi: mask frame-done interrupt (bsc#1106929).\n- drm/exynos: decon5433: Fix WINCONx reset value (bnc#1012382).\n- drm/exynos: decon5433: Fix per-plane global alpha for XRGB modes (bnc#1012382).\n- drm/exynos: gsc: Fix support for NV16/61, YUV420/YVU420 and YUV422 modes (bnc#1012382).\n- drm/gma500: fix psb_intel_lvds_mode_valid()'s return type (bnc#1012382).\n- drm/i915/userptr: reject zero user_size (bsc#1090888).\n- drm/i915: Correctly handle limited range YCbCr data on VLV/CHV (bsc#1087092).\n- drm/imx: fix typo in ipu_plane_formats (bsc#1106929).\n- drm/imx: imx-ldb: check if channel is enabled before printing warning (bnc#1012382).\n- drm/imx: imx-ldb: disable LDB on driver bind (bnc#1012382).\n- drm/msm/hdmi: Use bitwise operators when building register values (bsc#1106929).\n- drm/nouveau/gem: off by one bugs in nouveau_gem_pushbuf_reloc_apply() (bnc#1012382).\n- drm/panel: type promotion bug in s6e8aa0_read_mtp_id() (bsc#1105769).\n- drm/radeon: fix mode_valid's return type (bnc#1012382).\n- drm: Add DP PSR2 sink enable bit (bnc#1012382).\n- drm: Reject getfb for multi-plane framebuffers (bsc#1106929).\n- enic: do not call enic_change_mtu in enic_probe\n- enic: handle mtu change for vf properly (bnc#1012382).\n- enic: initialize enic->rfs_h.lock in enic_probe (bnc#1012382).\n- esp6: fix memleak on error path in esp6_input\n- ext4: check for NUL characters in extended attribute's name (bnc#1012382).\n- ext4: check for allocation block validity with block group locked (bsc#1104495).\n- ext4: do not update s_last_mounted of a frozen fs (bsc#1101841).\n- ext4: factor out helper ext4_sample_last_mounted() (bsc#1101841).\n- ext4: fix check to prevent initializing reserved inodes (bsc#1104319).\n- ext4: fix false negatives *and* false positives in ext4_check_descriptors() (bsc#1103445).\n- ext4: fix inline data updates with checksums enabled (bsc#1104494).\n- ext4: fix spectre gadget in ext4_mb_regular_allocator() (bnc#1012382).\n- ext4: reset error code in ext4_find_entry in fallback (bnc#1012382).\n- ext4: sysfs: print ext4_super_block fields as little-endian (bsc#1106229).\n- f2fs: fix to do not trigger writeback during recovery (bnc#1012382).\n- fat: fix memory allocation failure handling of match_strdup() (bnc#1012382).\n- fb: fix lost console when the user unplugs a USB adapter (bnc#1012382).\n- fbdev: omapfb: off by one in omapfb_register_client() (bsc#1106929).\n- fix __legitimize_mnt()/mntput() race (bnc#1012382).\n- fix mntput/mntput race (bnc#1012382).\n- fork: unconditionally clear stack on fork (bnc#1012382).\n- fs/9p/xattr.c: catch the error of p9_client_clunk when setting xattr failed (bnc#1012382).\n- fs/dax.c: fix inefficiency in dax_writeback_mapping_range() (bsc#1106185).\n- fs/quota: Fix spectre gadget in do_quotactl (bnc#1012382).\n- fs: aio: fix the increment of aio-nr and counting against aio-max-nr (bsc#1068075, bsc#1078921).\n- fuse: Add missed unlock_page() to fuse_readpages_fill() (bnc#1012382).\n- fuse: Do not access pipe->buffers without pipe_lock() (bnc#1012382).\n- fuse: Fix oops at process_init_reply() (bnc#1012382).\n- fuse: fix double request_end() (bnc#1012382).\n- fuse: fix unlocked access to processing queue (bnc#1012382).\n- fuse: umount should wait for all requests (bnc#1012382).\n- genirq/proc: Return proper error code when irq_set_affinity() fails (bnc#1105392).\n- getxattr: use correct xattr length (bnc#1012382).\n- hfsplus: Do not clear SGID when inheriting ACLs (bsc#1030552).\n- hvc_opal: do not set tb_ticks_per_usec in udbg_init_opal_common() (bnc#1012382).\n- hwrng: exynos - Disable runtime PM on driver unbind.\n- i2c: davinci: Avoid zero value of CLKH (bnc#1012382).\n- i2c: imx: Fix race condition in dma read (bnc#1012382).\n- i2c: imx: Fix reinit_completion() use (bnc#1012382).\n- i2c: ismt: fix wrong device address when unmap the data buffer (bnc#1012382).\n- i40e: use cpumask_copy instead of direct assignment (bsc#1053685).\n- i40iw: Fix memory leak in error path of create QP (bsc#969476 bsc#969477).\n- i40iw: Use correct address in dst_neigh_lookup for IPv6 (bsc#969476 bsc#969477).\n- ibmvnic: Include missing return code checks in reset function (bnc#1107966).\n- ieee802154: at86rf230: switch from BUG_ON() to WARN_ON() on problem (bnc#1012382).\n- ieee802154: at86rf230: use __func__ macro for debug messages (bnc#1012382).\n- ieee802154: fakelb: switch from BUG_ON() to WARN_ON() on problem (bnc#1012382).\n- igb: Fix not adding filter elements to the list (bsc#1024361 bsc#1024365).\n- iio: ad9523: Fix displayed phase (bnc#1012382).\n- iio: ad9523: Fix return value for ad952x_store() (bnc#1012382).\n- inet: frag: enforce memory limits earlier (bnc#1012382 bsc#970506).\n- iommu/amd: make sure TLB to be flushed before IOVA freed (bsc#1106105).\n- iommu/vt-d: Add definitions for PFSID (bnc#1012382).\n- iommu/vt-d: Fix dev iotlb pfsid use (bnc#1012382).\n- iommu/vt-d: Ratelimit each dmar fault printing (bsc#1106105).\n- ioremap: Update pgtable free interfaces with addr (bnc#1012382).\n- ip: hash fragments consistently (bnc#1012382).\n- ip: in cmsg IP(V6)_ORIGDSTADDR call pskb_may_pull (bnc#1012382).\n- ipconfig: Correctly initialise ic_nameservers (bnc#1012382).\n- ipv4+ipv6: Make INET*_ESP select CRYPTO_ECHAINIV (bnc#1012382).\n- ipv4: Return EINVAL when ping_group_range sysctl does not map to user ns (bnc#1012382).\n- ipv4: remove BUG_ON() from fib_compute_spec_dst (bnc#1012382).\n- ipv6: fix useless rol32 call on hash (bnc#1012382).\n- ipv6: mcast: fix unsolicited report interval after receiving querys (bnc#1012382).\n- ipvlan: use ETH_MAX_MTU as max mtu (bsc#1033962).\n- iscsi target: fix session creation failure handling (bnc#1012382).\n- isdn: Disable IIOCDBGVAR (bnc#1012382).\n- iw_cxgb4: remove duplicate memcpy() in c4iw_create_listen() (bsc#969476 bsc#969477).\n- iwlwifi: pcie: fix race in Rx buffer allocator (bnc#1012382).\n- ixgbe: Be more careful when modifying MAC filters (bnc#1012382).\n- jfs: Do not clear SGID when inheriting ACLs (bsc#1030552).\n- jump_label: Add RELEASE barrier after text changes (bsc#1105271).\n- jump_label: Fix concurrent static_key_enable/disable() (bsc#1105271).\n- jump_label: Move CPU hotplug locking (bsc#1105271).\n- jump_label: Provide hotplug context variants (bsc#1105271).\n- jump_label: Reduce the size of struct static_key (bsc#1105271).\n- jump_label: Reorder hotplug lock and jump_label_lock (bsc#1105271).\n- jump_label: Split out code under the hotplug lock (bsc#1105271).\n- jump_label: remove bug.h, atomic.h dependencies for HAVE_JUMP_LABEL (bsc#1105271).\n- kABI: protect enum tcp_ca_event (kabi).\n- kABI: reexport tcp_send_ack (kabi).\n- kabi/severities: Ignore missing cpu_tss_tramp (bsc#1099597)\n- kabi: x86/speculation/l1tf: Increase l1tf memory limit for Nehalem+ (bnc#1105536).\n- kasan: do not emit builtin calls when sanitization is off (bnc#1012382).\n- kasan: fix shadow_size calculation error in kasan_module_alloc (bnc#1012382).\n- kbuild: verify that $DEPMOD is installed (bnc#1012382).\n- kernel: improve spectre mitigation (bnc#1106934, LTC#171029).\n- kprobes/x86: Fix %p uses in error messages (bnc#1012382).\n- kprobes: Make list and blacklist root user read only (bnc#1012382).\n- kthread, tracing: Do not expose half-written comm when creating kthreads (bsc#1104897).\n- kvm: x86: vmx: fix vpid leak (bnc#1012382).\n- l2tp: use sk_dst_check() to avoid race on sk->sk_dst_cache (bnc#1012382).\n- lib/rhashtable: consider param->min_size when setting initial table size (bnc#1012382).\n- libata: Fix command retry decision (bnc#1012382).\n- libceph: check authorizer reply/challenge length before reading (bsc#1096748).\n- libceph: factor out __ceph_x_decrypt() (bsc#1096748).\n- libceph: factor out __prepare_write_connect() (bsc#1096748).\n- libceph: factor out encrypt_authorizer() (bsc#1096748).\n- libceph: store ceph_auth_handshake pointer in ceph_connection (bsc#1096748).\n- libceph: weaken sizeof check in ceph_x_verify_authorizer_reply() (bsc#1096748).\n- llc: use refcount_inc_not_zero() for llc_sap_find() (bnc#1012382).\n- locking/lockdep: Do not record IRQ state within lockdep code (bnc#1012382).\n- locks: pass inode pointer to locks_free_lock_context (bsc@1099832).\n- locks: prink more detail when there are leaked locks (bsc#1099832).\n- locks: restore a warn for leaked locks on close (bsc#1099832).\n- m68k: fix 'bad page state' oops on ColdFire boot (bnc#1012382).\n- mac80211: add stations tied to AP_VLANs during hw reconfig (bnc#1012382).\n- md/raid10: fix that replacement cannot complete recovery after reassemble (bnc#1012382).\n- md: fix NULL dereference of mddev->pers in remove_and_add_spares() (bnc#1012382).\n- media: omap3isp: fix unbalanced dma_iommu_mapping (bnc#1012382).\n- media: rcar_jpu: Add missing clk_disable_unprepare() on error in jpu_open() (bnc#1012382).\n- media: rtl28xxu: be sure that it won't go past the array size (bsc#1050431).\n- media: s5p-jpeg: fix number of components macro (bsc#1050431).\n- media: saa7164: Fix driver name in debug output (bnc#1012382).\n- media: si470x: fix __be16 annotations (bnc#1012382).\n- media: siano: get rid of __le32/__le16 cast warnings (bnc#1012382).\n- media: staging: omap4iss: Include asm/cacheflush.h after generic includes (bnc#1012382).\n- media: videobuf2-core: do not call memop 'finish' when queueing (bnc#1012382).\n- memory: tegra: Apply interrupts mask per SoC (bnc#1012382).\n- memory: tegra: Do not handle spurious interrupts (bnc#1012382).\n- mfd: cros_ec: Fail early if we cannot identify the EC (bnc#1012382).\n- microblaze: Fix simpleImage format generation (bnc#1012382).\n- mm/hugetlb: filter out hugetlb pages if HUGEPAGE migration is not supported (bnc#1106697).\n- mm/memory.c: check return value of ioremap_prot (bnc#1012382).\n- mm/slub.c: add __printf verification to slab_err() (bnc#1012382).\n- mm/tlb: Remove tlb_remove_table() non-concurrent condition (bnc#1012382).\n- mm: Add vm_insert_pfn_prot() (bnc#1012382).\n- mm: fix cache mode tracking in vm_insert_mixed() (bnc#1012382).\n- mm: memcg: fix use after free in mem_cgroup_iter() (bnc#1012382).\n- mm: vmalloc: avoid racy handling of debugobjects in vunmap (bnc#1012382).\n- mm: x86: move _PAGE_SWP_SOFT_DIRTY from bit 7 to bit 1 (bnc#1012382).\n- mtd: rawnand: fsl_ifc: fix FSL NAND driver to read all ONFI parameter pages (bnc#1012382).\n- mtd: ubi: wl: Fix error return code in ubi_wl_init().\n- mwifiex: correct histogram data with appropriate index (bnc#1012382).\n- mwifiex: handle race during mwifiex_usb_disconnect (bnc#1012382).\n- net/9p/client.c: version pointer uninitialized (bnc#1012382).\n- net/9p/trans_fd.c: fix race-condition by flushing workqueue before the kfree() (bnc#1012382).\n- net/ethernet/freescale/fman: fix cross-build error (bnc#1012382).\n- net/ipv4: Set oif in fib_compute_spec_dst (bnc#1012382).\n- net/mlx4_core: Save the qpn from the input modifier in RST2INIT wrapper (bnc#1012382).\n- net/mlx5: Add missing SET_DRIVER_VERSION command translation (bsc#1015342 bsc#1015343).\n- net/mlx5: E-Switch, Include VF RDMA stats in vport statistics (bsc#966170 bsc#966172).\n- net/mlx5: Eswitch, Use 'kvfree()' for memory allocated by 'kvzalloc()' (bsc#1015342 bsc#1015343).\n- net/mlx5: Fix wrong size allocation for QoS ETC TC regitster (bsc#966170 bsc#966172).\n- net/mlx5: Vport, Use 'kvfree()' for memory allocated by 'kvzalloc()' (bsc#966170 bsc#966172).\n- net/mlx5e: Do not allow aRFS for encapsulated packets (bsc#1015342 bsc#1015343).\n- net/mlx5e: Err if asked to offload TC match on frag being first (bsc#1015342 bsc#1015343).\n- net/mlx5e: Fix quota counting in aRFS expire flow (bsc#1015342 bsc#1015343).\n- net/mlx5e: Refine ets validation function (bsc#966170 bsc#966172).\n- net: 6lowpan: fix reserved space for single frames (bnc#1012382).\n- net: Do not copy pfmemalloc flag in __copy_skb_header() (bnc#1012382).\n- net: add skb_condense() helper (bsc#1089066).\n- net: adjust skb->truesize in ___pskb_trim() (bsc#1089066).\n- net: adjust skb->truesize in pskb_expand_head() (bsc#1089066).\n- net: axienet: Fix double deregister of mdio (bnc#1012382).\n- net: caif: Add a missing rcu_read_unlock() in caif_flow_cb (bnc#1012382).\n- net: davinci_emac: match the mdio device against its compatible if possible (bnc#1012382).\n- net: dsa: Do not suspend/resume closed slave_dev (bnc#1012382).\n- net: ena: Fix use of uninitialized DMA address bits field (bsc#1027968).\n- net: fix amd-xgbe flow-control issue (bnc#1012382).\n- net: hamradio: use eth_broadcast_addr (bnc#1012382).\n- net: lan78xx: Fix misplaced tasklet_schedule() call (bnc#1012382).\n- net: lan78xx: fix rx handling before first packet is send (bnc#1012382).\n- net: mac802154: tx: expand tailroom if necessary (bnc#1012382).\n- net: phy: fix flag masking in __set_phy_supported (bnc#1012382).\n- net: prevent ISA drivers from building on PPC32 (bnc#1012382).\n- net: propagate dev_get_valid_name return code (bnc#1012382).\n- net: qca_spi: Avoid packet drop during initial sync (bnc#1012382).\n- net: qca_spi: Fix log level if probe fails (bnc#1012382).\n- net: qca_spi: Make sure the QCA7000 reset is triggered (bnc#1012382).\n- net: socket: fix potential spectre v1 gadget in socketcall (bnc#1012382).\n- net: usb: rtl8150: demote allmulti message to dev_dbg() (bnc#1012382).\n- net: vmxnet3: use new api ethtool_{get|set}_link_ksettings (bsc#1091860 bsc#1098253).\n- net_sched: Fix missing res info when create new tc_index filter (bnc#1012382).\n- net_sched: fix NULL pointer dereference when delete tcindex filter (bnc#1012382).\n- netfilter: conntrack: dccp: treat SYNC/SYNCACK as invalid if no prior state (bnc#1012382).\n- netfilter: ipset: List timing out entries with 'timeout 1' instead of zero (bnc#1012382).\n- netfilter: ipv6: nf_defrag: reduce struct net memory waste (bnc#1012382).\n- netfilter: ipvs: do not create conn for ABORT packet in sctp_conn_schedule (bsc#1102797).\n- netfilter: ipvs: fix the issue that sctp_conn_schedule drops non-INIT packet (bsc#1102797).\n- netfilter: x_tables: set module owner for icmp(6) matches (bnc#1012382).\n- netlink: Do not shift on 64 for ngroups (bnc#1012382).\n- netlink: Do not shift with UB on nlk->ngroups (bnc#1012382).\n- netlink: Do not subscribe to non-existent groups (bnc#1012382).\n- netlink: Fix spectre v1 gadget in netlink_create() (bnc#1012382).\n- netlink: do not enter direct reclaim from netlink_trim() (bsc#1042286).\n- nfsd: fix potential use-after-free in nfsd4_decode_getdeviceinfo (bnc#1012382).\n- nl80211: Add a missing break in parse_station_flags (bnc#1012382).\n- nohz: Fix local_timer_softirq_pending() (bnc#1012382).\n- nvme-fc: release io queues to allow fast fail (bsc#1102486).\n- nvme: if_ready checks to fail io to deleting controller (bsc#1102486).\n- nvme: kABI-compliant version of nvmf_fail_nonready_command() (bsc#1102486).\n- nvmet-fc: fix target sgl list on large transfers (bsc#1102486).\n- osf_getdomainname(): use copy_to_user() (bnc#1012382).\n- ovl: Do d_type check only if work dir creation was successful (bnc#1012382).\n- ovl: Ensure upper filesystem supports d_type (bnc#1012382).\n- ovl: warn instead of error if d_type is not supported (bnc#1012382).\n- packet: refine ring v3 block size test to hold one frame (bnc#1012382).\n- packet: reset network header if packet shorter than ll reserved space (bnc#1012382).\n- parisc: Define mb() and add memory barriers to assembler unlock sequences (bnc#1012382).\n- parisc: Enable CONFIG_MLONGCALLS by default (bnc#1012382).\n- parisc: Remove ordered stores from syscall.S (bnc#1012382).\n- parisc: Remove unnecessary barriers from spinlock.h (bnc#1012382).\n- perf auxtrace: Fix queue resize (bnc#1012382).\n- perf llvm-utils: Remove bashism from kernel include fetch script (bnc#1012382).\n- perf report powerpc: Fix crash if callchain is empty (bnc#1012382).\n- perf test session topology: Fix test on s390 (bnc#1012382).\n- perf/x86/intel/uncore: Correct fixed counter index check for NHM (bnc#1012382).\n- perf/x86/intel/uncore: Correct fixed counter index check in generic code (bnc#1012382).\n- perf: fix invalid bit in diagnostic entry (bnc#1012382).\n- pinctrl: at91-pio4: add missing of_node_put (bnc#1012382).\n- pinctrl: freescale: off by one in imx1_pinconf_group_dbg_show() (bnc#1012382).\n- pnfs/blocklayout: off by one in bl_map_stripe() (bnc#1012382).\n- powerpc/32: Add a missing include header (bnc#1012382).\n- powerpc/64s: Default l1d_size to 64K in RFI fallback flush (bsc#1068032).\n- powerpc/64s: Fix compiler store ordering to SLB shadow area (bnc#1012382).\n- powerpc/8xx: fix invalid register expression in head_8xx.S (bnc#1012382).\n- powerpc/chrp/time: Make some functions static, add missing header include (bnc#1012382).\n- powerpc/embedded6xx/hlwd-pic: Prevent interrupts from being handled by Starlet (bnc#1012382).\n- powerpc/fadump: handle crash memory ranges array index overflow (bsc#1103269).\n- powerpc/fadump: merge adjacent memory ranges to reduce PT_LOAD segements (bsc#1103269).\n- powerpc/lib: Fix the feature fixup tests to actually work (bsc#1066223).\n- powerpc/powermac: Add missing prototype for note_bootable_part() (bnc#1012382).\n- powerpc/powermac: Mark variable x as unused (bnc#1012382).\n- powerpc/pseries: Fix endianness while restoring of r3 in MCE handler (bnc#1012382).\n- powerpc/topology: Get topology for shared processors at boot (bsc#1104683).\n- powerpc64s: Show ori31 availability in spectre_v1 sysfs file not v2 (bsc#1068032, bsc#1080157).\n- powerpc: Avoid code patching freed init sections (bnc#1107735).\n- powerpc: make feature-fixup tests fortify-safe (bsc#1066223).\n- provide special timeout module parameters for EC2 (bsc#1065364).\n- ptp: fix missing break in switch (bnc#1012382).\n- pwm: tiehrpwm: Fix disabling of output of PWMs (bnc#1012382).\n- qed: Add sanity check for SIMD fastpath handler (bnc#1012382).\n- qed: Correct Multicast API to reflect existence of 256 approximate buckets (bsc#1019695 bsc#1019699 bsc#1022604).\n- qed: Do not advertise DCBX_LLD_MANAGED capability (bsc#1019695 bsc#1019699 bsc#1022604).\n- qed: Fix possible memory leak in Rx error path handling (bsc#1019695 bsc#1019699 bsc#1022604 ).\n- qed: Fix possible race for the link state value (bnc#1012382).\n- qed: Fix setting of incorrect eswitch mode (bsc#1019695 bsc#1019699 bsc#1022604).\n- qed: Fix use of incorrect size in memcpy call (bsc#1019695 bsc#1019699 bsc#1022604).\n- qede: Adverstise software timestamp caps when PHC is not available (bsc#1019695 bsc#1019699 bsc#1022604).\n- qlge: Fix netdev features configuration (bsc#1098822).\n- qlogic: check kstrtoul() for errors (bnc#1012382).\n- random: mix rdrand with entropy sent in from userspace (bnc#1012382).\n- readahead: stricter check for bdi io_pages (VM Functionality).\n- regulator: pfuze100: add .is_enable() for pfuze100_swb_regulator_ops (bnc#1012382).\n- reiserfs: fix broken xattr handling (heap corruption, bad retval) (bnc#1012382).\n- ring_buffer: tracing: Inherit the tracing setting to next ring buffer (bnc#1012382).\n- root dentries need RCU-delayed freeing (bnc#1012382).\n- rsi: Fix 'invalid vdd' warning in mmc (bnc#1012382).\n- rtc: ensure rtc_set_alarm fails when alarms are not supported (bnc#1012382).\n- rtnetlink: add rtnl_link_state check in rtnl_configure_link (bnc#1012382).\n- s390/cpum_sf: Add data entry sizes to sampling trailer entry (bnc#1012382).\n- s390/kvm: fix deadlock when killed by oom (bnc#1012382).\n- s390/lib: use expoline for all bcr instructions (bnc#1106934, LTC#171029).\n- s390/pci: fix out of bounds access during irq setup (bnc#1012382).\n- s390/qdio: reset old sbal_state flags (bnc#1012382).\n- s390/qeth: do not clobber buffer on async TX completion (bnc#1104485, LTC#170349).\n- s390/qeth: fix race when setting MAC address (bnc#1104485, LTC#170726).\n- s390: add explicit <linux/stringify.h> for jump label (bsc#1105271).\n- s390: detect etoken facility (bnc#1106934, LTC#171029).\n- s390: fix br_r1_trampoline for machines without exrl (bnc#1012382 bnc#1106934 LTC#171029).\n- sched/fair: Avoid divide by zero when rebalancing domains (bsc#1096254).\n- scripts/tar-up.sh: Do not package gitlog-excludes file Also fix the evaluation of gitlog-excludes file, too\n- scsi: 3w-xxxx: fix a missing-check bug (bnc#1012382).\n- scsi: core: Avoid that SCSI device removal through sysfs triggers a deadlock (bnc#1012382).\n- scsi: fcoe: drop frames in ELS LOGO error path (bnc#1012382).\n- scsi: hpsa: limit transfer length to 1MB, not 512kB (bsc#1102346).\n- scsi: libiscsi: fix possible NULL pointer dereference in case of TMF (bnc#1012382).\n- scsi: megaraid: silence a static checker bug (bnc#1012382).\n- scsi: megaraid_sas: Increase timeout by 1 sec for non-RAID fastpath IOs (bnc#1012382).\n- scsi: qla2xxx: Fix ISP recovery on unload (bnc#1012382).\n- scsi: qla2xxx: Return error when TMF returns (bnc#1012382).\n- scsi: scsi_dh: replace too broad 'TP9' string with the exact models (bnc#1012382).\n- scsi: sr: Avoid that opening a CD-ROM hangs with runtime power management enabled (bnc#1012382).\n- scsi: sysfs: Introduce sysfs_{un,}break_active_protection() (bnc#1012382).\n- scsi: ufs: fix exception event handling (bnc#1012382).\n- scsi: vmw_pvscsi: Return DID_RESET for status SAM_STAT_COMMAND_TERMINATED (bnc#1012382).\n- scsi: xen-scsifront: add error handling for xenbus_printf (bnc#1012382).\n- scsi_debug: call resp_XXX function after setting host_scribble (bsc#1069138).\n- scsi_debug: reset injection flags for every_nth > 0 (bsc#1069138).\n- selftest/seccomp: Fix the flag name SECCOMP_FILTER_FLAG_TSYNC (bnc#1012382).\n- selftest/seccomp: Fix the seccomp(2) signature (bnc#1012382).\n- selftests/ftrace: Add snapshot and tracing_on test case (bnc#1012382).\n- selftests/x86/sigreturn/64: Fix spurious failures on AMD CPUs (bnc#1012382).\n- selftests: pstore: return Kselftest Skip code for skipped tests (bnc#1012382).\n- selftests: static_keys: return Kselftest Skip code for skipped tests (bnc#1012382).\n- selftests: sync: add config fragment for testing sync framework (bnc#1012382).\n- selftests: user: return Kselftest Skip code for skipped tests (bnc#1012382).\n- selftests: zram: return Kselftest Skip code for skipped tests (bnc#1012382).\n- serial: 8250_dw: always set baud rate in dw8250_set_termios (bnc#1012382).\n- sfc: stop the TX queue before pushing new buffers (bsc#1017967 ).\n- skbuff: Unconditionally copy pfmemalloc in __skb_clone() (bnc#1012382).\n- slab: __GFP_ZERO is incompatible with a constructor (bnc#1107060).\n- smb3: Do not send SMB3 SET_INFO if nothing changed (bnc#1012382).\n- smb3: do not request leases in symlink creation and query (bnc#1012382).\n- spi: davinci: fix a NULL pointer dereference (bnc#1012382).\n- squashfs: be more careful about metadata corruption (bnc#1012382).\n- squashfs: more metadata hardening (bnc#1012382).\n- squashfs: more metadata hardenings (bnc#1012382).\n- staging: android: ion: check for kref overflow (bnc#1012382).\n- string: drop __must_check from strscpy() and restore strscpy() usages in cgroup (bsc#1107319).\n- sys: do not hold uts_sem while accessing userspace memory (bnc#1106995).\n- target_core_rbd: use RCU in free_device (bsc#1105524).\n- tcp: Fix missing range_truesize enlargement in the backport (bnc#1012382).\n- tcp: add max_quickacks param to tcp_incr_quickack and tcp_enter_quickack_mode (bnc#1012382).\n- tcp: add one more quick ack after after ECN events (bnc#1012382).\n- tcp: do not aggressively quick ack after ECN events (bnc#1012382).\n- tcp: do not cancel delay-AcK on DCTCP special ACK (bnc#1012382).\n- tcp: do not delay ACK in DCTCP upon CE status change (bnc#1012382).\n- tcp: do not force quickack when receiving out-of-order packets (bnc#1012382).\n- tcp: fix dctcp delayed ACK schedule (bnc#1012382).\n- tcp: helpers to send special DCTCP ack (bnc#1012382).\n- tcp: identify cryptic messages as TCP seq # bugs (bnc#1012382).\n- tcp: refactor tcp_ecn_check_ce to remove sk type cast (bnc#1012382).\n- tcp: remove DELAYED ACK events in DCTCP (bnc#1012382).\n- tg3: Add higher cpu clock for 5762 (bnc#1012382).\n- thermal: exynos: fix setting rising_threshold for Exynos5433 (bnc#1012382).\n- timekeeping: Eliminate the stale declaration of ktime_get_raw_and_real_ts64() (bsc#969470).\n- tools/power turbostat: Read extended processor family from CPUID (bnc#1012382).\n- tools/power turbostat: fix -S on UP systems (bnc#1012382).\n- tools: usb: ffs-test: Fix build on big endian systems (bnc#1012382).\n- tpm: fix race condition in tpm_common_write() (bnc#1012382).\n- tracing/blktrace: Fix to allow setting same value (bnc#1012382).\n- tracing/kprobes: Fix trace_probe flags on enable_trace_kprobe() failure (bnc#1012382).\n- tracing: Do not call start/stop() functions when tracing_on does not change (bnc#1012382).\n- tracing: Fix double free of event_trigger_data (bnc#1012382).\n- tracing: Fix possible double free in event_enable_trigger_func() (bnc#1012382).\n- tracing: Quiet gcc warning about maybe unused link variable (bnc#1012382).\n- tracing: Use __printf markup to silence compiler (bnc#1012382).\n- tty: Fix data race in tty_insert_flip_string_fixed_flag (bnc#1012382).\n- turn off -Wattribute-alias (bnc#1012382).\n- ubi: Be more paranoid while seaching for the most recent Fastmap (bnc#1012382).\n- ubi: Fix Fastmap's update_vol() (bnc#1012382).\n- ubi: Fix races around ubi_refill_pools() (bnc#1012382).\n- ubi: Introduce vol_ignored() (bnc#1012382).\n- ubi: Rework Fastmap attach base code (bnc#1012382).\n- ubi: fastmap: Erase outdated anchor PEBs during attach (bnc#1012382).\n- ubifs: Check data node size before truncate (bsc#1106276).\n- ubifs: Fix memory leak in lprobs self-check (bsc#1106278).\n- ubifs: Fix synced_i_size calculation for xattr inodes (bsc#1106275).\n- ubifs: xattr: Do not operate on deleted inodes (bsc#1106271).\n- udl-kms: change down_interruptible to down (bnc#1012382).\n- udl-kms: fix crash due to uninitialized memory (bnc#1012382).\n- udl-kms: handle allocation failure (bnc#1012382).\n- udlfb: set optimal write delay (bnc#1012382).\n- uprobes: Use synchronize_rcu() not synchronize_sched() (bnc#1012382).\n- usb/phy: fix PPC64 build errors in phy-fsl-usb.c (bnc#1012382).\n- usb: audio-v2: Correct the comment for struct uac_clock_selector_descriptor (bsc#1099810).\n- usb: cdc_acm: Add quirk for Castles VEGA3000 (bnc#1012382).\n- usb: dwc2: debugfs: Do not touch RX FIFO during register dump (bsc#1100132).\n- usb: dwc2: fix isoc split in transfer with no data (bnc#1012382).\n- usb: gadget: composite: fix delayed_status race condition when set_interface (bnc#1012382).\n- usb: gadget: dwc2: fix memory leak in gadget_init() (bnc#1012382).\n- usb: gadget: f_fs: Only return delayed status when len is 0 (bnc#1012382).\n- usb: gadget: f_uac2: fix endianness of 'struct cntrl_*_lay3' (bnc#1012382).\n- usb: gadget: r8a66597: Fix a possible sleep-in-atomic-context bugs in r8a66597_queue() (bnc#1012382).\n- usb: gadget: r8a66597: Fix two possible sleep-in-atomic-context bugs in init_controller() (bnc#1012382).\n- usb: hub: Do not wait for connect state at resume for powered-off ports (bnc#1012382).\n- usb: renesas_usbhs: gadget: fix spin_lock_init() for &uep->lock (bsc#1085536).\n- usb: xhci: increase CRS timeout value (bnc#1012382).\n- usbip: usbip_detach: Fix memory, udev context and udev leak (bnc#1012382).\n- userns: move user access out of the mutex (bnc#1012382).\n- vfs: add the sb_start_intwrite_trylock() helper (bsc#1101841).\n- virtio_balloon: fix another race between migration and ballooning (bnc#1012382).\n- vmw_balloon: VMCI_DOORBELL_SET does not check status (bnc#1012382).\n- vmw_balloon: do not use 2MB without batching (bnc#1012382).\n- vmw_balloon: fix VMCI use when balloon built into kernel (bnc#1012382).\n- vmw_balloon: fix inflation of 64-bit GFNs (bnc#1012382).\n- vmxnet3: Replace msleep(1) with usleep_range() (bsc#1091860 bsc#1098253).\n- vmxnet3: add receive data ring support (bsc#1091860 bsc#1098253).\n- vmxnet3: add support for get_coalesce, set_coalesce ethtool operations (bsc#1091860 bsc#1098253).\n- vmxnet3: allow variable length transmit data ring buffer (bsc#1091860 bsc#1098253).\n- vmxnet3: avoid assumption about invalid dma_pa in vmxnet3_set_mc() (bsc#1091860 bsc#1098253).\n- vmxnet3: avoid format strint overflow warning (bsc#1091860 bsc#1098253).\n- vmxnet3: avoid xmit reset due to a race in vmxnet3 (bsc#1091860 bsc#1098253).\n- vmxnet3: fix incorrect dereference when rxvlan is disabled (bsc#1091860 bsc#1098253).\n- vmxnet3: fix non static symbol warning (bsc#1091860 bsc#1098253).\n- vmxnet3: fix tx data ring copy for variable size (bsc#1091860 bsc#1098253).\n- vmxnet3: increase default rx ring sizes (bsc#1091860 bsc#1098253).\n- vmxnet3: introduce command to register memory region (bsc#1091860 bsc#1098253).\n- vmxnet3: introduce generalized command interface to configure the device (bsc#1091860 bsc#1098253).\n- vmxnet3: prepare for version 3 changes (bsc#1091860 bsc#1098253).\n- vmxnet3: remove redundant initialization of pointer 'rq' (bsc#1091860 bsc#1098253).\n- vmxnet3: remove unused flag 'rxcsum' from struct vmxnet3_adapter (bsc#1091860 bsc#1098253).\n- vmxnet3: set the DMA mask before the first DMA map operation (bsc#1091860 bsc#1098253).\n- vmxnet3: update to version 3 (bsc#1091860 bsc#1098253).\n- vmxnet3: use DMA memory barriers where required (bsc#1091860 bsc#1098253).\n- vmxnet3: use correct flag to indicate LRO feature (bsc#1091860 bsc#1098253).\n- vsock: split dwork to avoid reinitializations (bnc#1012382).\n- vti6: Fix dev->max_mtu setting (bsc#1033962).\n- vti6: fix PMTU caching and reporting on xmit (bnc#1012382).\n- wlcore: sdio: check for valid platform device data before suspend (bnc#1012382).\n- x86/MCE: Remove min interval polling limitation (bnc#1012382).\n- x86/amd: do not set X86_BUG_SYSRET_SS_ATTRS when running under Xen (bnc#1012382).\n- x86/asm/entry/32: Simplify pushes of zeroed pt_regs->REGs (bnc#1012382).\n- x86/bugs: Move the l1tf function and define pr_fmt properly (bnc#1012382).\n- x86/bugs: Respect nospec command line option (bsc#1068032).\n- x86/cpu/AMD: Fix erratum 1076 (CPB bit) (bnc#1012382).\n- x86/cpu: Make alternative_msr_write work for 32-bit code (bnc#1012382).\n- x86/cpu: Re-apply forced caps every time CPU caps are re-read (bnc#1012382).\n- x86/cpufeatures: Add CPUID_7_EDX CPUID leaf (bnc#1012382).\n- x86/cpufeatures: Clean up Spectre v2 related CPUID flags (bnc#1012382).\n- x86/entry/64/compat: Clear registers for compat syscalls, to reduce speculation attack surface (bnc#1012382).\n- x86/entry/64: Remove %ebx handling from error_entry/exit (bnc#1102715).\n- x86/init: fix build with CONFIG_SWAP=n (bnc#1012382).\n- x86/irqflags: Mark native_restore_fl extern inline (bnc#1012382).\n- x86/irqflags: Provide a declaration for native_save_fl.\n- x86/mm/kmmio: Make the tracer robust against L1TF (bnc#1012382).\n- x86/mm/pat: Fix L1TF stable backport for CPA (bnc#1012382).\n- x86/mm/pat: Fix L1TF stable backport for CPA, 2nd call (bnc#1012382).\n- x86/mm/pat: Make set_memory_np() L1TF safe (bnc#1012382).\n- x86/mm: Add TLB purge to free pmd/pte page interfaces (bnc#1012382).\n- x86/mm: Disable ioremap free page handling on x86-PAE (bnc#1012382).\n- x86/mm: Give each mm TLB flush generation a unique ID (bnc#1012382).\n- x86/paravirt: Fix spectre-v2 mitigations for paravirt guests (bnc#1012382).\n- x86/paravirt: Make native_save_fl() extern inline (bnc#1012382).\n- x86/process: Correct and optimize TIF_BLOCKSTEP switch (bnc#1012382).\n- x86/process: Optimize TIF checks in __switch_to_xtra() (bnc#1012382).\n- x86/process: Optimize TIF_NOTSC switch (bnc#1012382).\n- x86/process: Re-export start_thread() (bnc#1012382).\n- x86/spectre: Add missing family 6 check to microcode check (bnc#1012382).\n- x86/spectre_v2: Do not check microcode versions when running under hypervisors (bnc#1012382).\n- x86/speculation/l1tf: Exempt zeroed PTEs from inversion (bnc#1012382).\n- x86/speculation/l1tf: Extend 64bit swap file size limit (bnc#1012382).\n- x86/speculation/l1tf: Fix off-by-one error when warning that system has too much RAM (bnc#1105536).\n- x86/speculation/l1tf: Fix overflow in l1tf_pfn_limit() on 32bit (bnc#1012382).\n- x86/speculation/l1tf: Fix up CPU feature flags (bnc#1012382).\n- x86/speculation/l1tf: Fix up pte->pfn conversion for PAE (bnc#1012382).\n- x86/speculation/l1tf: Increase l1tf memory limit for Nehalem+ (bnc#1105536).\n- x86/speculation/l1tf: Invert all not present mappings (bnc#1012382).\n- x86/speculation/l1tf: Make pmd/pud_mknotpresent() invert (bnc#1012382).\n- x86/speculation/l1tf: Protect PAE swap entries against L1TF (bnc#1012382).\n- x86/speculation/l1tf: Suggest what to do on systems with too much RAM (bnc#1105536).\n- x86/speculation/l1tf: Unbreak !__HAVE_ARCH_PFN_MODIFY_ALLOWED architectures (bnc#1012382).\n- x86/speculation: Add <asm/msr-index.h> dependency (bnc#1012382).\n- x86/speculation: Add basic IBPB (Indirect Branch Prediction Barrier) support (bnc#1012382).\n- x86/speculation: Clean up various Spectre related details (bnc#1012382).\n- x86/speculation: Correct Speculation Control microcode blacklist again (bnc#1012382).\n- x86/speculation: Move firmware_restrict_branch_speculation_*() from C to CPP (bnc#1012382).\n- x86/speculation: Update Speculation Control microcode blacklist (bnc#1012382).\n- x86/speculation: Use ARCH_CAPABILITIES to skip L1D flush on vmentry (bsc#1106369).\n- x86/speculation: Use IBRS if available before calling into firmware (bnc#1012382).\n- x86/speculation: Use Indirect Branch Prediction Barrier in context switch (bnc#1012382).\n- x86/xen: Add call of speculative_store_bypass_ht_init() to PV paths (bnc#1012382).\n- xen-netfront: wait xenbus state change when load module manually (bnc#1012382).\n- xen/blkback: do not keep persistent grants too long (bsc#1085042).\n- xen/blkback: move persistent grants flags to bool (bsc#1085042).\n- xen/blkfront: cleanup stale persistent grants (bsc#1085042).\n- xen/blkfront: reorder tests in xlblk_init() (bsc#1085042).\n- xen/netfront: do not cache skb_shinfo() (bnc#1012382).\n- xen: set cpu capabilities from xen_start_kernel() (bnc#1012382).\n- xfrm: fix missing dst_release() after policy blocking lbcast and multicast (bnc#1012382).\n- xfrm: free skb if nlsk pointer is NULL (bnc#1012382).\n- xfrm_user: prevent leaking 2 bytes of kernel memory (bnc#1012382).\n- xfs: Remove dead code from inode recover function (bsc#1105396).\n- xfs: repair malformed inode items during log recovery (bsc#1105396).\n- xhci: Fix perceived dead host due to runtime suspend race with event handler (bnc#1012382).\n- zswap: re-check zswap_is_full() after do zswap_shrink() (bnc#1012382).\n", title: "Description of the patch", }, { category: "details", text: "SUSE-SLE-DESKTOP-12-SP3-2018-1941,SUSE-SLE-HA-12-SP3-2018-1941,SUSE-SLE-SDK-12-SP3-2018-1941,SUSE-SLE-SERVER-12-SP3-2018-1941,SUSE-SLE-WE-12-SP3-2018-1941", title: "Patchnames", }, { category: "legal_disclaimer", text: "CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).", title: "Terms of use", }, ], publisher: { category: "vendor", contact_details: "https://www.suse.com/support/security/contact/", name: "SUSE Product Security Team", namespace: "https://www.suse.com/", }, references: [ { category: "external", summary: "SUSE ratings", url: "https://www.suse.com/support/security/rating/", }, { category: "self", summary: "URL of this CSAF notice", url: "https://ftp.suse.com/pub/projects/security/csaf/suse-su-2018_2776-1.json", }, { category: "self", summary: "URL for SUSE-SU-2018:2776-1", url: "https://www.suse.com/support/update/announcement/2018/suse-su-20182776-1/", }, { category: "self", summary: "E-Mail link for SUSE-SU-2018:2776-1", url: "https://lists.suse.com/pipermail/sle-security-updates/2018-September/004572.html", }, { category: "self", summary: "SUSE Bug 1012382", url: "https://bugzilla.suse.com/1012382", }, { category: "self", summary: "SUSE Bug 1015342", url: "https://bugzilla.suse.com/1015342", }, { category: "self", summary: "SUSE Bug 1015343", url: "https://bugzilla.suse.com/1015343", }, { category: "self", summary: "SUSE Bug 1017967", url: "https://bugzilla.suse.com/1017967", }, { category: "self", summary: "SUSE Bug 1019695", url: "https://bugzilla.suse.com/1019695", }, { category: "self", summary: "SUSE Bug 1019699", url: "https://bugzilla.suse.com/1019699", }, { category: "self", summary: "SUSE Bug 1020412", url: "https://bugzilla.suse.com/1020412", }, { category: "self", summary: "SUSE Bug 1021121", url: "https://bugzilla.suse.com/1021121", }, { category: "self", summary: "SUSE Bug 1022604", url: "https://bugzilla.suse.com/1022604", }, { category: "self", summary: "SUSE Bug 1024361", url: "https://bugzilla.suse.com/1024361", }, { category: "self", summary: "SUSE Bug 1024365", url: "https://bugzilla.suse.com/1024365", }, { category: "self", summary: "SUSE Bug 1024376", url: "https://bugzilla.suse.com/1024376", }, { category: "self", summary: "SUSE Bug 1027968", url: "https://bugzilla.suse.com/1027968", }, { category: "self", summary: "SUSE Bug 1030552", url: "https://bugzilla.suse.com/1030552", }, { category: "self", summary: "SUSE Bug 1031492", url: "https://bugzilla.suse.com/1031492", }, { category: "self", summary: "SUSE Bug 1033962", url: "https://bugzilla.suse.com/1033962", }, { category: "self", summary: "SUSE Bug 1042286", url: "https://bugzilla.suse.com/1042286", }, { category: "self", summary: "SUSE Bug 1048317", url: "https://bugzilla.suse.com/1048317", }, { category: "self", summary: "SUSE Bug 1050431", url: "https://bugzilla.suse.com/1050431", }, { category: "self", summary: "SUSE Bug 1053685", url: "https://bugzilla.suse.com/1053685", }, { category: "self", summary: "SUSE Bug 1055014", url: "https://bugzilla.suse.com/1055014", }, { category: "self", summary: "SUSE Bug 1056596", url: "https://bugzilla.suse.com/1056596", }, { category: "self", summary: "SUSE Bug 1062604", url: "https://bugzilla.suse.com/1062604", }, { category: "self", summary: "SUSE Bug 1063646", url: "https://bugzilla.suse.com/1063646", }, { category: "self", summary: "SUSE Bug 1064232", url: "https://bugzilla.suse.com/1064232", }, { category: "self", summary: "SUSE Bug 1065364", url: "https://bugzilla.suse.com/1065364", }, { category: "self", summary: "SUSE Bug 1066223", url: "https://bugzilla.suse.com/1066223", }, { category: "self", summary: "SUSE Bug 1068032", url: "https://bugzilla.suse.com/1068032", }, { category: "self", summary: "SUSE Bug 1068075", url: "https://bugzilla.suse.com/1068075", }, { category: "self", summary: "SUSE Bug 1069138", url: "https://bugzilla.suse.com/1069138", }, { category: "self", summary: "SUSE Bug 1078921", url: "https://bugzilla.suse.com/1078921", }, { category: "self", summary: "SUSE Bug 1080157", url: "https://bugzilla.suse.com/1080157", }, { category: "self", summary: "SUSE Bug 1083663", url: "https://bugzilla.suse.com/1083663", }, { category: "self", summary: "SUSE Bug 1085042", url: "https://bugzilla.suse.com/1085042", }, { category: "self", summary: "SUSE Bug 1085536", url: "https://bugzilla.suse.com/1085536", }, { category: "self", summary: "SUSE Bug 1085539", url: "https://bugzilla.suse.com/1085539", }, { category: "self", summary: "SUSE Bug 1086457", url: "https://bugzilla.suse.com/1086457", }, { category: "self", summary: "SUSE Bug 1087092", url: "https://bugzilla.suse.com/1087092", }, { category: "self", summary: "SUSE Bug 1089066", url: "https://bugzilla.suse.com/1089066", }, { category: "self", summary: "SUSE Bug 1090888", url: "https://bugzilla.suse.com/1090888", }, { category: "self", summary: "SUSE Bug 1091171", url: "https://bugzilla.suse.com/1091171", }, { category: "self", summary: "SUSE Bug 1091860", url: "https://bugzilla.suse.com/1091860", }, { category: "self", summary: "SUSE Bug 1096254", url: "https://bugzilla.suse.com/1096254", }, { category: "self", summary: "SUSE Bug 1096748", url: "https://bugzilla.suse.com/1096748", }, { category: "self", summary: "SUSE Bug 1097105", url: "https://bugzilla.suse.com/1097105", }, { category: "self", summary: "SUSE Bug 1098253", url: "https://bugzilla.suse.com/1098253", }, { category: "self", summary: "SUSE Bug 1098822", url: "https://bugzilla.suse.com/1098822", }, { category: "self", summary: "SUSE Bug 1099597", url: "https://bugzilla.suse.com/1099597", }, { category: "self", summary: "SUSE Bug 1099810", url: "https://bugzilla.suse.com/1099810", }, { category: "self", summary: "SUSE Bug 1099811", url: "https://bugzilla.suse.com/1099811", }, { category: "self", summary: "SUSE Bug 1099813", url: "https://bugzilla.suse.com/1099813", }, { category: "self", summary: "SUSE Bug 1099832", url: "https://bugzilla.suse.com/1099832", }, { category: "self", summary: "SUSE Bug 1099844", url: "https://bugzilla.suse.com/1099844", }, { category: "self", summary: "SUSE Bug 1099845", url: "https://bugzilla.suse.com/1099845", }, { category: "self", summary: "SUSE Bug 1099846", url: "https://bugzilla.suse.com/1099846", }, { category: "self", summary: "SUSE Bug 1099849", url: "https://bugzilla.suse.com/1099849", }, { category: "self", summary: "SUSE Bug 1099863", url: "https://bugzilla.suse.com/1099863", }, { category: "self", summary: "SUSE Bug 1099864", url: "https://bugzilla.suse.com/1099864", }, { category: "self", summary: "SUSE Bug 1099922", url: "https://bugzilla.suse.com/1099922", }, { category: "self", summary: "SUSE Bug 1099999", url: "https://bugzilla.suse.com/1099999", }, { category: "self", summary: "SUSE Bug 1100000", url: "https://bugzilla.suse.com/1100000", }, { category: "self", summary: "SUSE Bug 1100001", url: "https://bugzilla.suse.com/1100001", }, { category: "self", summary: "SUSE Bug 1100132", url: "https://bugzilla.suse.com/1100132", }, { category: "self", summary: "SUSE Bug 1101822", url: "https://bugzilla.suse.com/1101822", }, { category: "self", summary: "SUSE Bug 1101841", url: "https://bugzilla.suse.com/1101841", }, { category: "self", summary: "SUSE Bug 1102346", url: "https://bugzilla.suse.com/1102346", }, { category: "self", summary: "SUSE Bug 1102486", url: "https://bugzilla.suse.com/1102486", }, { category: "self", summary: "SUSE Bug 1102517", url: "https://bugzilla.suse.com/1102517", }, { category: "self", summary: "SUSE Bug 1102715", url: "https://bugzilla.suse.com/1102715", }, { category: "self", summary: "SUSE Bug 1102797", url: "https://bugzilla.suse.com/1102797", }, { category: "self", summary: "SUSE Bug 1103269", url: "https://bugzilla.suse.com/1103269", }, { category: "self", summary: "SUSE Bug 1103445", url: "https://bugzilla.suse.com/1103445", }, { category: "self", summary: "SUSE Bug 1103717", url: "https://bugzilla.suse.com/1103717", }, { category: "self", summary: "SUSE Bug 1104319", url: "https://bugzilla.suse.com/1104319", }, { category: "self", summary: "SUSE Bug 1104485", url: "https://bugzilla.suse.com/1104485", }, { category: "self", summary: "SUSE Bug 1104494", url: "https://bugzilla.suse.com/1104494", }, { category: "self", summary: "SUSE Bug 1104495", url: "https://bugzilla.suse.com/1104495", }, { category: "self", summary: "SUSE Bug 1104683", url: "https://bugzilla.suse.com/1104683", }, { category: "self", summary: "SUSE Bug 1104897", url: "https://bugzilla.suse.com/1104897", }, { category: "self", summary: "SUSE Bug 1105271", url: "https://bugzilla.suse.com/1105271", }, { category: "self", summary: "SUSE Bug 1105292", url: "https://bugzilla.suse.com/1105292", }, { category: "self", summary: "SUSE Bug 1105322", url: "https://bugzilla.suse.com/1105322", }, { category: "self", summary: "SUSE Bug 1105323", url: "https://bugzilla.suse.com/1105323", }, { category: "self", summary: "SUSE Bug 1105392", url: "https://bugzilla.suse.com/1105392", }, { category: "self", summary: "SUSE Bug 1105396", url: "https://bugzilla.suse.com/1105396", }, { category: "self", summary: "SUSE Bug 1105524", url: "https://bugzilla.suse.com/1105524", }, { category: "self", summary: "SUSE Bug 1105536", url: "https://bugzilla.suse.com/1105536", }, { category: "self", summary: "SUSE Bug 1105769", url: "https://bugzilla.suse.com/1105769", }, { category: "self", summary: "SUSE Bug 1106016", url: "https://bugzilla.suse.com/1106016", }, { category: "self", summary: "SUSE Bug 1106105", url: "https://bugzilla.suse.com/1106105", }, { category: "self", summary: "SUSE Bug 1106185", url: "https://bugzilla.suse.com/1106185", }, { category: "self", summary: "SUSE Bug 1106229", url: "https://bugzilla.suse.com/1106229", }, { category: "self", summary: "SUSE Bug 1106271", url: "https://bugzilla.suse.com/1106271", }, { category: "self", summary: "SUSE Bug 1106275", url: "https://bugzilla.suse.com/1106275", }, { category: "self", summary: "SUSE Bug 1106276", url: "https://bugzilla.suse.com/1106276", }, { category: "self", summary: "SUSE Bug 1106278", url: "https://bugzilla.suse.com/1106278", }, { category: "self", summary: "SUSE Bug 1106281", url: "https://bugzilla.suse.com/1106281", }, { category: "self", summary: "SUSE Bug 1106283", url: "https://bugzilla.suse.com/1106283", }, { category: "self", summary: "SUSE Bug 1106369", url: "https://bugzilla.suse.com/1106369", }, { category: "self", summary: "SUSE Bug 1106509", url: "https://bugzilla.suse.com/1106509", }, { category: "self", summary: "SUSE Bug 1106511", url: "https://bugzilla.suse.com/1106511", }, { category: "self", summary: "SUSE Bug 1106697", url: "https://bugzilla.suse.com/1106697", }, { category: "self", summary: "SUSE Bug 1106929", url: "https://bugzilla.suse.com/1106929", }, { category: "self", summary: "SUSE Bug 1106934", url: "https://bugzilla.suse.com/1106934", }, { category: "self", summary: "SUSE Bug 1106995", url: "https://bugzilla.suse.com/1106995", }, { category: "self", summary: "SUSE Bug 1107060", url: "https://bugzilla.suse.com/1107060", }, { category: "self", summary: "SUSE Bug 1107078", url: "https://bugzilla.suse.com/1107078", }, { category: "self", summary: "SUSE Bug 1107319", url: "https://bugzilla.suse.com/1107319", }, { category: "self", summary: "SUSE Bug 1107320", url: "https://bugzilla.suse.com/1107320", }, { category: "self", summary: "SUSE Bug 1107689", url: "https://bugzilla.suse.com/1107689", }, { category: "self", summary: "SUSE Bug 1107735", url: "https://bugzilla.suse.com/1107735", }, { category: "self", summary: "SUSE Bug 1107966", url: "https://bugzilla.suse.com/1107966", }, { category: "self", summary: "SUSE Bug 963575", url: "https://bugzilla.suse.com/963575", }, { category: "self", summary: "SUSE Bug 966170", url: "https://bugzilla.suse.com/966170", }, { category: "self", summary: "SUSE Bug 966172", url: "https://bugzilla.suse.com/966172", }, { category: "self", summary: "SUSE Bug 969470", url: "https://bugzilla.suse.com/969470", }, { category: "self", summary: "SUSE Bug 969476", url: "https://bugzilla.suse.com/969476", }, { category: "self", summary: "SUSE Bug 969477", url: "https://bugzilla.suse.com/969477", }, { category: "self", summary: "SUSE Bug 970506", url: "https://bugzilla.suse.com/970506", }, { category: "self", summary: "SUSE CVE CVE-2018-10876 page", url: "https://www.suse.com/security/cve/CVE-2018-10876/", }, { category: "self", summary: "SUSE CVE CVE-2018-10877 page", url: "https://www.suse.com/security/cve/CVE-2018-10877/", }, { category: "self", summary: "SUSE CVE CVE-2018-10878 page", url: "https://www.suse.com/security/cve/CVE-2018-10878/", }, { category: "self", summary: "SUSE CVE CVE-2018-10879 page", url: "https://www.suse.com/security/cve/CVE-2018-10879/", }, { category: "self", summary: "SUSE CVE CVE-2018-10880 page", url: "https://www.suse.com/security/cve/CVE-2018-10880/", }, { category: "self", summary: "SUSE CVE CVE-2018-10881 page", url: "https://www.suse.com/security/cve/CVE-2018-10881/", }, { category: "self", summary: "SUSE CVE CVE-2018-10882 page", url: "https://www.suse.com/security/cve/CVE-2018-10882/", }, { category: "self", summary: "SUSE CVE CVE-2018-10883 page", url: "https://www.suse.com/security/cve/CVE-2018-10883/", }, { category: "self", summary: "SUSE CVE CVE-2018-10902 page", url: "https://www.suse.com/security/cve/CVE-2018-10902/", }, { category: "self", summary: "SUSE CVE CVE-2018-10938 page", url: "https://www.suse.com/security/cve/CVE-2018-10938/", }, { category: "self", summary: "SUSE CVE CVE-2018-1128 page", url: "https://www.suse.com/security/cve/CVE-2018-1128/", }, { category: "self", summary: "SUSE CVE CVE-2018-1129 page", url: "https://www.suse.com/security/cve/CVE-2018-1129/", }, { category: "self", summary: "SUSE CVE CVE-2018-12896 page", url: "https://www.suse.com/security/cve/CVE-2018-12896/", }, { category: "self", summary: "SUSE CVE CVE-2018-13093 page", url: "https://www.suse.com/security/cve/CVE-2018-13093/", }, { category: "self", summary: "SUSE CVE CVE-2018-13094 page", url: "https://www.suse.com/security/cve/CVE-2018-13094/", }, { category: "self", summary: "SUSE CVE CVE-2018-13095 page", url: "https://www.suse.com/security/cve/CVE-2018-13095/", }, { category: "self", summary: "SUSE CVE CVE-2018-15572 page", url: "https://www.suse.com/security/cve/CVE-2018-15572/", }, { category: "self", summary: "SUSE CVE CVE-2018-16658 page", url: "https://www.suse.com/security/cve/CVE-2018-16658/", }, { category: "self", summary: "SUSE CVE CVE-2018-6554 page", url: "https://www.suse.com/security/cve/CVE-2018-6554/", }, { category: "self", summary: "SUSE CVE CVE-2018-6555 page", url: "https://www.suse.com/security/cve/CVE-2018-6555/", }, { category: "self", summary: "SUSE CVE CVE-2018-9363 page", url: "https://www.suse.com/security/cve/CVE-2018-9363/", }, ], title: "Security update for the Linux Kernel", tracking: { current_release_date: "2018-09-20T16:27:28Z", generator: { date: "2018-09-20T16:27:28Z", engine: { name: "cve-database.git:bin/generate-csaf.pl", version: "1", }, }, id: "SUSE-SU-2018:2776-1", initial_release_date: "2018-09-20T16:27:28Z", revision_history: [ { date: "2018-09-20T16:27:28Z", number: "1", summary: "Current version", }, ], status: "final", version: "1", }, }, product_tree: { branches: [ { branches: [ { branches: [ { category: "product_version", name: "kernel-obs-build-4.4.155-94.50.1.aarch64", product: { name: "kernel-obs-build-4.4.155-94.50.1.aarch64", product_id: "kernel-obs-build-4.4.155-94.50.1.aarch64", }, }, { category: "product_version", name: "kernel-default-4.4.155-94.50.1.aarch64", product: { name: "kernel-default-4.4.155-94.50.1.aarch64", product_id: "kernel-default-4.4.155-94.50.1.aarch64", }, }, { category: "product_version", name: "kernel-default-base-4.4.155-94.50.1.aarch64", product: { name: "kernel-default-base-4.4.155-94.50.1.aarch64", product_id: "kernel-default-base-4.4.155-94.50.1.aarch64", }, }, { category: "product_version", name: "kernel-default-devel-4.4.155-94.50.1.aarch64", product: { name: "kernel-default-devel-4.4.155-94.50.1.aarch64", product_id: "kernel-default-devel-4.4.155-94.50.1.aarch64", }, }, { category: "product_version", name: "kernel-syms-4.4.155-94.50.1.aarch64", product: { name: "kernel-syms-4.4.155-94.50.1.aarch64", product_id: "kernel-syms-4.4.155-94.50.1.aarch64", }, }, ], category: "architecture", name: "aarch64", }, { branches: [ { category: "product_version", name: "kernel-devel-4.4.155-94.50.1.noarch", product: { name: "kernel-devel-4.4.155-94.50.1.noarch", product_id: "kernel-devel-4.4.155-94.50.1.noarch", }, }, { category: "product_version", name: "kernel-macros-4.4.155-94.50.1.noarch", product: { name: "kernel-macros-4.4.155-94.50.1.noarch", product_id: "kernel-macros-4.4.155-94.50.1.noarch", }, }, { category: "product_version", name: "kernel-source-4.4.155-94.50.1.noarch", product: { name: "kernel-source-4.4.155-94.50.1.noarch", product_id: "kernel-source-4.4.155-94.50.1.noarch", }, }, { category: "product_version", name: "kernel-docs-4.4.155-94.50.1.noarch", product: { name: "kernel-docs-4.4.155-94.50.1.noarch", product_id: "kernel-docs-4.4.155-94.50.1.noarch", }, }, ], category: "architecture", name: "noarch", }, { branches: [ { category: "product_version", name: "cluster-md-kmp-default-4.4.155-94.50.1.ppc64le", product: { name: "cluster-md-kmp-default-4.4.155-94.50.1.ppc64le", product_id: "cluster-md-kmp-default-4.4.155-94.50.1.ppc64le", }, }, { category: "product_version", name: "dlm-kmp-default-4.4.155-94.50.1.ppc64le", product: { name: "dlm-kmp-default-4.4.155-94.50.1.ppc64le", product_id: "dlm-kmp-default-4.4.155-94.50.1.ppc64le", }, }, { category: "product_version", name: "gfs2-kmp-default-4.4.155-94.50.1.ppc64le", product: { name: "gfs2-kmp-default-4.4.155-94.50.1.ppc64le", product_id: "gfs2-kmp-default-4.4.155-94.50.1.ppc64le", }, }, { category: "product_version", name: "ocfs2-kmp-default-4.4.155-94.50.1.ppc64le", product: { name: "ocfs2-kmp-default-4.4.155-94.50.1.ppc64le", product_id: "ocfs2-kmp-default-4.4.155-94.50.1.ppc64le", }, }, { category: "product_version", name: "kernel-obs-build-4.4.155-94.50.1.ppc64le", product: { name: "kernel-obs-build-4.4.155-94.50.1.ppc64le", product_id: "kernel-obs-build-4.4.155-94.50.1.ppc64le", }, }, { category: "product_version", name: "kernel-default-4.4.155-94.50.1.ppc64le", product: { name: "kernel-default-4.4.155-94.50.1.ppc64le", product_id: "kernel-default-4.4.155-94.50.1.ppc64le", }, }, { category: "product_version", name: "kernel-default-base-4.4.155-94.50.1.ppc64le", product: { name: "kernel-default-base-4.4.155-94.50.1.ppc64le", product_id: "kernel-default-base-4.4.155-94.50.1.ppc64le", }, }, { category: "product_version", name: "kernel-default-devel-4.4.155-94.50.1.ppc64le", product: { name: "kernel-default-devel-4.4.155-94.50.1.ppc64le", product_id: "kernel-default-devel-4.4.155-94.50.1.ppc64le", }, }, { category: "product_version", name: "kernel-syms-4.4.155-94.50.1.ppc64le", product: { name: "kernel-syms-4.4.155-94.50.1.ppc64le", product_id: "kernel-syms-4.4.155-94.50.1.ppc64le", }, }, ], category: "architecture", name: "ppc64le", }, { branches: [ { category: "product_version", name: "cluster-md-kmp-default-4.4.155-94.50.1.s390x", product: { name: "cluster-md-kmp-default-4.4.155-94.50.1.s390x", product_id: "cluster-md-kmp-default-4.4.155-94.50.1.s390x", }, }, { category: "product_version", name: "dlm-kmp-default-4.4.155-94.50.1.s390x", product: { name: "dlm-kmp-default-4.4.155-94.50.1.s390x", product_id: "dlm-kmp-default-4.4.155-94.50.1.s390x", }, }, { category: "product_version", name: "gfs2-kmp-default-4.4.155-94.50.1.s390x", product: { name: "gfs2-kmp-default-4.4.155-94.50.1.s390x", product_id: "gfs2-kmp-default-4.4.155-94.50.1.s390x", }, }, { category: "product_version", name: "ocfs2-kmp-default-4.4.155-94.50.1.s390x", product: { name: "ocfs2-kmp-default-4.4.155-94.50.1.s390x", product_id: "ocfs2-kmp-default-4.4.155-94.50.1.s390x", }, }, { category: "product_version", name: "kernel-obs-build-4.4.155-94.50.1.s390x", product: { name: "kernel-obs-build-4.4.155-94.50.1.s390x", product_id: "kernel-obs-build-4.4.155-94.50.1.s390x", }, }, { category: "product_version", name: "kernel-default-4.4.155-94.50.1.s390x", product: { name: "kernel-default-4.4.155-94.50.1.s390x", product_id: "kernel-default-4.4.155-94.50.1.s390x", }, }, { category: "product_version", name: "kernel-default-base-4.4.155-94.50.1.s390x", product: { name: "kernel-default-base-4.4.155-94.50.1.s390x", product_id: "kernel-default-base-4.4.155-94.50.1.s390x", }, }, { category: "product_version", name: "kernel-default-devel-4.4.155-94.50.1.s390x", product: { name: "kernel-default-devel-4.4.155-94.50.1.s390x", product_id: "kernel-default-devel-4.4.155-94.50.1.s390x", }, }, { category: "product_version", name: "kernel-default-man-4.4.155-94.50.1.s390x", product: { name: "kernel-default-man-4.4.155-94.50.1.s390x", product_id: "kernel-default-man-4.4.155-94.50.1.s390x", }, }, { category: "product_version", name: "kernel-syms-4.4.155-94.50.1.s390x", product: { name: "kernel-syms-4.4.155-94.50.1.s390x", product_id: "kernel-syms-4.4.155-94.50.1.s390x", }, }, ], category: "architecture", name: "s390x", }, { branches: [ { category: "product_version", name: "kernel-default-4.4.155-94.50.1.x86_64", product: { name: "kernel-default-4.4.155-94.50.1.x86_64", product_id: "kernel-default-4.4.155-94.50.1.x86_64", }, }, { category: "product_version", name: "kernel-default-devel-4.4.155-94.50.1.x86_64", product: { name: "kernel-default-devel-4.4.155-94.50.1.x86_64", product_id: "kernel-default-devel-4.4.155-94.50.1.x86_64", }, }, { category: "product_version", name: "kernel-default-extra-4.4.155-94.50.1.x86_64", product: { name: "kernel-default-extra-4.4.155-94.50.1.x86_64", product_id: "kernel-default-extra-4.4.155-94.50.1.x86_64", }, }, { category: "product_version", name: "kernel-syms-4.4.155-94.50.1.x86_64", product: { name: "kernel-syms-4.4.155-94.50.1.x86_64", product_id: "kernel-syms-4.4.155-94.50.1.x86_64", }, }, { category: "product_version", name: "cluster-md-kmp-default-4.4.155-94.50.1.x86_64", product: { name: "cluster-md-kmp-default-4.4.155-94.50.1.x86_64", product_id: "cluster-md-kmp-default-4.4.155-94.50.1.x86_64", }, }, { category: "product_version", name: "dlm-kmp-default-4.4.155-94.50.1.x86_64", product: { name: "dlm-kmp-default-4.4.155-94.50.1.x86_64", product_id: "dlm-kmp-default-4.4.155-94.50.1.x86_64", }, }, { category: "product_version", name: "gfs2-kmp-default-4.4.155-94.50.1.x86_64", product: { name: "gfs2-kmp-default-4.4.155-94.50.1.x86_64", product_id: "gfs2-kmp-default-4.4.155-94.50.1.x86_64", }, }, { category: "product_version", name: "ocfs2-kmp-default-4.4.155-94.50.1.x86_64", product: { name: "ocfs2-kmp-default-4.4.155-94.50.1.x86_64", product_id: "ocfs2-kmp-default-4.4.155-94.50.1.x86_64", }, }, { category: "product_version", name: "kernel-obs-build-4.4.155-94.50.1.x86_64", product: { name: "kernel-obs-build-4.4.155-94.50.1.x86_64", product_id: "kernel-obs-build-4.4.155-94.50.1.x86_64", }, }, { category: "product_version", name: "kernel-default-base-4.4.155-94.50.1.x86_64", product: { name: "kernel-default-base-4.4.155-94.50.1.x86_64", product_id: "kernel-default-base-4.4.155-94.50.1.x86_64", }, }, ], category: "architecture", name: "x86_64", }, { branches: [ { category: "product_name", name: "SUSE Linux Enterprise Desktop 12 SP3", product: { name: "SUSE Linux Enterprise Desktop 12 SP3", product_id: "SUSE Linux Enterprise Desktop 12 SP3", product_identification_helper: { cpe: "cpe:/o:suse:sled:12:sp3", }, }, }, { category: "product_name", name: "SUSE Linux Enterprise High Availability Extension 12 SP3", product: { name: "SUSE Linux Enterprise High Availability Extension 12 SP3", product_id: "SUSE Linux Enterprise High Availability Extension 12 SP3", product_identification_helper: { cpe: "cpe:/o:suse:sle-ha:12:sp3", }, }, }, { category: "product_name", name: "SUSE Linux Enterprise Software Development Kit 12 SP3", product: { name: "SUSE Linux Enterprise Software Development Kit 12 SP3", product_id: "SUSE Linux Enterprise Software Development Kit 12 SP3", product_identification_helper: { cpe: "cpe:/o:suse:sle-sdk:12:sp3", }, }, }, { category: "product_name", name: "SUSE Linux Enterprise Server 12 SP3", product: { name: "SUSE Linux Enterprise Server 12 SP3", product_id: "SUSE Linux Enterprise Server 12 SP3", product_identification_helper: { cpe: "cpe:/o:suse:sles:12:sp3", }, }, }, { category: "product_name", name: "SUSE Linux Enterprise Server for SAP Applications 12 SP3", product: { name: "SUSE Linux Enterprise Server for SAP Applications 12 SP3", product_id: "SUSE Linux Enterprise Server for SAP Applications 12 SP3", product_identification_helper: { cpe: "cpe:/o:suse:sles_sap:12:sp3", }, }, }, { category: "product_name", name: "SUSE Linux Enterprise Workstation Extension 12 SP3", product: { name: "SUSE Linux Enterprise Workstation Extension 12 SP3", product_id: "SUSE Linux Enterprise Workstation Extension 12 SP3", product_identification_helper: { cpe: "cpe:/o:suse:sle-we:12:sp3", }, }, }, ], category: "product_family", name: "SUSE Linux Enterprise", }, ], category: "vendor", name: "SUSE", }, ], relationships: [ { category: "default_component_of", full_product_name: { name: "kernel-default-4.4.155-94.50.1.x86_64 as component of SUSE Linux Enterprise Desktop 12 SP3", product_id: "SUSE Linux Enterprise Desktop 12 SP3:kernel-default-4.4.155-94.50.1.x86_64", }, product_reference: "kernel-default-4.4.155-94.50.1.x86_64", relates_to_product_reference: "SUSE Linux Enterprise Desktop 12 SP3", }, { category: "default_component_of", full_product_name: { name: "kernel-default-devel-4.4.155-94.50.1.x86_64 as component of SUSE Linux Enterprise Desktop 12 SP3", product_id: "SUSE Linux Enterprise Desktop 12 SP3:kernel-default-devel-4.4.155-94.50.1.x86_64", }, product_reference: "kernel-default-devel-4.4.155-94.50.1.x86_64", relates_to_product_reference: "SUSE Linux Enterprise Desktop 12 SP3", }, { category: "default_component_of", full_product_name: { name: "kernel-default-extra-4.4.155-94.50.1.x86_64 as component of SUSE Linux Enterprise Desktop 12 SP3", product_id: "SUSE Linux Enterprise Desktop 12 SP3:kernel-default-extra-4.4.155-94.50.1.x86_64", }, product_reference: "kernel-default-extra-4.4.155-94.50.1.x86_64", relates_to_product_reference: "SUSE Linux Enterprise Desktop 12 SP3", }, { category: "default_component_of", full_product_name: { name: "kernel-devel-4.4.155-94.50.1.noarch as component of SUSE Linux Enterprise Desktop 12 SP3", product_id: "SUSE Linux Enterprise Desktop 12 SP3:kernel-devel-4.4.155-94.50.1.noarch", }, product_reference: "kernel-devel-4.4.155-94.50.1.noarch", relates_to_product_reference: "SUSE Linux Enterprise Desktop 12 SP3", }, { category: "default_component_of", full_product_name: { name: "kernel-macros-4.4.155-94.50.1.noarch as component of SUSE Linux Enterprise Desktop 12 SP3", product_id: "SUSE Linux Enterprise Desktop 12 SP3:kernel-macros-4.4.155-94.50.1.noarch", }, product_reference: "kernel-macros-4.4.155-94.50.1.noarch", relates_to_product_reference: "SUSE Linux Enterprise Desktop 12 SP3", }, { category: "default_component_of", full_product_name: { name: "kernel-source-4.4.155-94.50.1.noarch as component of SUSE Linux Enterprise Desktop 12 SP3", product_id: "SUSE Linux Enterprise Desktop 12 SP3:kernel-source-4.4.155-94.50.1.noarch", }, product_reference: "kernel-source-4.4.155-94.50.1.noarch", relates_to_product_reference: "SUSE Linux Enterprise Desktop 12 SP3", }, { category: "default_component_of", full_product_name: { name: "kernel-syms-4.4.155-94.50.1.x86_64 as component of SUSE Linux Enterprise Desktop 12 SP3", product_id: "SUSE Linux Enterprise Desktop 12 SP3:kernel-syms-4.4.155-94.50.1.x86_64", }, product_reference: "kernel-syms-4.4.155-94.50.1.x86_64", relates_to_product_reference: "SUSE Linux Enterprise Desktop 12 SP3", }, { category: "default_component_of", full_product_name: { name: "cluster-md-kmp-default-4.4.155-94.50.1.ppc64le as component of SUSE Linux Enterprise High Availability Extension 12 SP3", product_id: "SUSE Linux Enterprise High Availability Extension 12 SP3:cluster-md-kmp-default-4.4.155-94.50.1.ppc64le", }, product_reference: "cluster-md-kmp-default-4.4.155-94.50.1.ppc64le", relates_to_product_reference: "SUSE Linux Enterprise High Availability Extension 12 SP3", }, { category: "default_component_of", full_product_name: { name: "cluster-md-kmp-default-4.4.155-94.50.1.s390x as component of SUSE Linux Enterprise High Availability Extension 12 SP3", product_id: "SUSE Linux Enterprise High Availability Extension 12 SP3:cluster-md-kmp-default-4.4.155-94.50.1.s390x", }, product_reference: "cluster-md-kmp-default-4.4.155-94.50.1.s390x", relates_to_product_reference: "SUSE Linux Enterprise High Availability Extension 12 SP3", }, { category: "default_component_of", full_product_name: { name: "cluster-md-kmp-default-4.4.155-94.50.1.x86_64 as component of SUSE Linux Enterprise High Availability Extension 12 SP3", product_id: "SUSE Linux Enterprise High Availability Extension 12 SP3:cluster-md-kmp-default-4.4.155-94.50.1.x86_64", }, product_reference: "cluster-md-kmp-default-4.4.155-94.50.1.x86_64", relates_to_product_reference: "SUSE Linux Enterprise High Availability Extension 12 SP3", }, { category: "default_component_of", full_product_name: { name: "dlm-kmp-default-4.4.155-94.50.1.ppc64le as component of SUSE Linux Enterprise High Availability Extension 12 SP3", product_id: "SUSE Linux Enterprise High Availability Extension 12 SP3:dlm-kmp-default-4.4.155-94.50.1.ppc64le", }, product_reference: "dlm-kmp-default-4.4.155-94.50.1.ppc64le", relates_to_product_reference: "SUSE Linux Enterprise High Availability Extension 12 SP3", }, { category: "default_component_of", full_product_name: { name: "dlm-kmp-default-4.4.155-94.50.1.s390x as component of SUSE Linux Enterprise High Availability Extension 12 SP3", product_id: "SUSE Linux Enterprise High Availability Extension 12 SP3:dlm-kmp-default-4.4.155-94.50.1.s390x", }, product_reference: "dlm-kmp-default-4.4.155-94.50.1.s390x", relates_to_product_reference: "SUSE Linux Enterprise High Availability Extension 12 SP3", }, { category: "default_component_of", full_product_name: { name: "dlm-kmp-default-4.4.155-94.50.1.x86_64 as component of SUSE Linux Enterprise High Availability Extension 12 SP3", product_id: "SUSE Linux Enterprise High Availability Extension 12 SP3:dlm-kmp-default-4.4.155-94.50.1.x86_64", }, product_reference: "dlm-kmp-default-4.4.155-94.50.1.x86_64", relates_to_product_reference: "SUSE Linux Enterprise High Availability Extension 12 SP3", }, { category: "default_component_of", full_product_name: { name: "gfs2-kmp-default-4.4.155-94.50.1.ppc64le as component of SUSE Linux Enterprise High Availability Extension 12 SP3", product_id: "SUSE Linux Enterprise High Availability Extension 12 SP3:gfs2-kmp-default-4.4.155-94.50.1.ppc64le", }, product_reference: "gfs2-kmp-default-4.4.155-94.50.1.ppc64le", relates_to_product_reference: "SUSE Linux Enterprise High Availability Extension 12 SP3", }, { category: "default_component_of", full_product_name: { name: "gfs2-kmp-default-4.4.155-94.50.1.s390x as component of SUSE Linux Enterprise High Availability Extension 12 SP3", product_id: "SUSE Linux Enterprise High Availability Extension 12 SP3:gfs2-kmp-default-4.4.155-94.50.1.s390x", }, product_reference: "gfs2-kmp-default-4.4.155-94.50.1.s390x", relates_to_product_reference: "SUSE Linux Enterprise High Availability Extension 12 SP3", }, { category: "default_component_of", full_product_name: { name: "gfs2-kmp-default-4.4.155-94.50.1.x86_64 as component of SUSE Linux Enterprise High Availability Extension 12 SP3", product_id: "SUSE Linux Enterprise High Availability Extension 12 SP3:gfs2-kmp-default-4.4.155-94.50.1.x86_64", }, product_reference: "gfs2-kmp-default-4.4.155-94.50.1.x86_64", relates_to_product_reference: "SUSE Linux Enterprise High Availability Extension 12 SP3", }, { category: "default_component_of", full_product_name: { name: "ocfs2-kmp-default-4.4.155-94.50.1.ppc64le as component of SUSE Linux Enterprise High Availability Extension 12 SP3", product_id: "SUSE Linux Enterprise High Availability Extension 12 SP3:ocfs2-kmp-default-4.4.155-94.50.1.ppc64le", }, product_reference: "ocfs2-kmp-default-4.4.155-94.50.1.ppc64le", relates_to_product_reference: "SUSE Linux Enterprise High Availability Extension 12 SP3", }, { category: "default_component_of", full_product_name: { name: "ocfs2-kmp-default-4.4.155-94.50.1.s390x as component of SUSE Linux Enterprise High Availability Extension 12 SP3", product_id: "SUSE Linux Enterprise High Availability Extension 12 SP3:ocfs2-kmp-default-4.4.155-94.50.1.s390x", }, product_reference: "ocfs2-kmp-default-4.4.155-94.50.1.s390x", relates_to_product_reference: "SUSE Linux Enterprise High Availability Extension 12 SP3", }, { category: "default_component_of", full_product_name: { name: "ocfs2-kmp-default-4.4.155-94.50.1.x86_64 as component of SUSE Linux Enterprise High Availability Extension 12 SP3", product_id: "SUSE Linux Enterprise High Availability Extension 12 SP3:ocfs2-kmp-default-4.4.155-94.50.1.x86_64", }, product_reference: "ocfs2-kmp-default-4.4.155-94.50.1.x86_64", relates_to_product_reference: "SUSE Linux Enterprise High Availability Extension 12 SP3", }, { category: "default_component_of", full_product_name: { name: "kernel-docs-4.4.155-94.50.1.noarch as component of SUSE Linux Enterprise Software Development Kit 12 SP3", product_id: "SUSE Linux Enterprise Software Development Kit 12 SP3:kernel-docs-4.4.155-94.50.1.noarch", }, product_reference: "kernel-docs-4.4.155-94.50.1.noarch", relates_to_product_reference: "SUSE Linux Enterprise Software Development Kit 12 SP3", }, { category: "default_component_of", full_product_name: { name: "kernel-obs-build-4.4.155-94.50.1.aarch64 as component of SUSE Linux Enterprise Software Development Kit 12 SP3", product_id: "SUSE Linux Enterprise Software Development Kit 12 SP3:kernel-obs-build-4.4.155-94.50.1.aarch64", }, product_reference: "kernel-obs-build-4.4.155-94.50.1.aarch64", relates_to_product_reference: "SUSE Linux Enterprise Software Development Kit 12 SP3", }, { category: "default_component_of", full_product_name: { name: "kernel-obs-build-4.4.155-94.50.1.ppc64le as component of SUSE Linux Enterprise Software Development Kit 12 SP3", product_id: "SUSE Linux Enterprise Software Development Kit 12 SP3:kernel-obs-build-4.4.155-94.50.1.ppc64le", }, product_reference: "kernel-obs-build-4.4.155-94.50.1.ppc64le", relates_to_product_reference: "SUSE Linux Enterprise Software Development Kit 12 SP3", }, { category: "default_component_of", full_product_name: { name: "kernel-obs-build-4.4.155-94.50.1.s390x as component of SUSE Linux Enterprise Software Development Kit 12 SP3", product_id: "SUSE Linux Enterprise Software Development Kit 12 SP3:kernel-obs-build-4.4.155-94.50.1.s390x", }, product_reference: "kernel-obs-build-4.4.155-94.50.1.s390x", relates_to_product_reference: "SUSE Linux Enterprise Software Development Kit 12 SP3", }, { category: "default_component_of", full_product_name: { name: "kernel-obs-build-4.4.155-94.50.1.x86_64 as component of SUSE Linux Enterprise Software Development Kit 12 SP3", product_id: "SUSE Linux Enterprise Software Development Kit 12 SP3:kernel-obs-build-4.4.155-94.50.1.x86_64", }, product_reference: "kernel-obs-build-4.4.155-94.50.1.x86_64", relates_to_product_reference: "SUSE Linux Enterprise Software Development Kit 12 SP3", }, { category: "default_component_of", full_product_name: { name: "kernel-default-4.4.155-94.50.1.aarch64 as component of SUSE Linux Enterprise Server 12 SP3", product_id: "SUSE Linux Enterprise Server 12 SP3:kernel-default-4.4.155-94.50.1.aarch64", }, product_reference: "kernel-default-4.4.155-94.50.1.aarch64", relates_to_product_reference: "SUSE Linux Enterprise Server 12 SP3", }, { category: "default_component_of", full_product_name: { name: "kernel-default-4.4.155-94.50.1.ppc64le as component of SUSE Linux Enterprise Server 12 SP3", product_id: "SUSE Linux Enterprise Server 12 SP3:kernel-default-4.4.155-94.50.1.ppc64le", }, product_reference: "kernel-default-4.4.155-94.50.1.ppc64le", relates_to_product_reference: "SUSE Linux Enterprise Server 12 SP3", }, { category: "default_component_of", full_product_name: { name: "kernel-default-4.4.155-94.50.1.s390x as component of SUSE Linux Enterprise Server 12 SP3", product_id: "SUSE Linux Enterprise Server 12 SP3:kernel-default-4.4.155-94.50.1.s390x", }, product_reference: "kernel-default-4.4.155-94.50.1.s390x", relates_to_product_reference: "SUSE Linux Enterprise Server 12 SP3", }, { category: "default_component_of", full_product_name: { name: "kernel-default-4.4.155-94.50.1.x86_64 as component of SUSE Linux Enterprise Server 12 SP3", product_id: "SUSE Linux Enterprise Server 12 SP3:kernel-default-4.4.155-94.50.1.x86_64", }, product_reference: "kernel-default-4.4.155-94.50.1.x86_64", relates_to_product_reference: "SUSE Linux Enterprise Server 12 SP3", }, { category: "default_component_of", full_product_name: { name: "kernel-default-base-4.4.155-94.50.1.aarch64 as component of SUSE Linux Enterprise Server 12 SP3", product_id: "SUSE Linux Enterprise Server 12 SP3:kernel-default-base-4.4.155-94.50.1.aarch64", }, product_reference: "kernel-default-base-4.4.155-94.50.1.aarch64", relates_to_product_reference: "SUSE Linux Enterprise Server 12 SP3", }, { category: "default_component_of", full_product_name: { name: "kernel-default-base-4.4.155-94.50.1.ppc64le as component of SUSE Linux Enterprise Server 12 SP3", product_id: "SUSE Linux Enterprise Server 12 SP3:kernel-default-base-4.4.155-94.50.1.ppc64le", }, product_reference: "kernel-default-base-4.4.155-94.50.1.ppc64le", relates_to_product_reference: "SUSE Linux Enterprise Server 12 SP3", }, { category: "default_component_of", full_product_name: { name: "kernel-default-base-4.4.155-94.50.1.s390x as component of SUSE Linux Enterprise Server 12 SP3", product_id: "SUSE Linux Enterprise Server 12 SP3:kernel-default-base-4.4.155-94.50.1.s390x", }, product_reference: "kernel-default-base-4.4.155-94.50.1.s390x", relates_to_product_reference: "SUSE Linux Enterprise Server 12 SP3", }, { category: "default_component_of", full_product_name: { name: "kernel-default-base-4.4.155-94.50.1.x86_64 as component of SUSE Linux Enterprise Server 12 SP3", product_id: "SUSE Linux Enterprise Server 12 SP3:kernel-default-base-4.4.155-94.50.1.x86_64", }, product_reference: "kernel-default-base-4.4.155-94.50.1.x86_64", relates_to_product_reference: "SUSE Linux Enterprise Server 12 SP3", }, { category: "default_component_of", full_product_name: { name: "kernel-default-devel-4.4.155-94.50.1.aarch64 as component of SUSE Linux Enterprise Server 12 SP3", product_id: "SUSE Linux Enterprise Server 12 SP3:kernel-default-devel-4.4.155-94.50.1.aarch64", }, product_reference: "kernel-default-devel-4.4.155-94.50.1.aarch64", relates_to_product_reference: "SUSE Linux Enterprise Server 12 SP3", }, { category: "default_component_of", full_product_name: { name: "kernel-default-devel-4.4.155-94.50.1.ppc64le as component of SUSE Linux Enterprise Server 12 SP3", product_id: "SUSE Linux Enterprise Server 12 SP3:kernel-default-devel-4.4.155-94.50.1.ppc64le", }, product_reference: "kernel-default-devel-4.4.155-94.50.1.ppc64le", relates_to_product_reference: "SUSE Linux Enterprise Server 12 SP3", }, { category: "default_component_of", full_product_name: { name: "kernel-default-devel-4.4.155-94.50.1.s390x as component of SUSE Linux Enterprise Server 12 SP3", product_id: "SUSE Linux Enterprise Server 12 SP3:kernel-default-devel-4.4.155-94.50.1.s390x", }, product_reference: "kernel-default-devel-4.4.155-94.50.1.s390x", relates_to_product_reference: "SUSE Linux Enterprise Server 12 SP3", }, { category: "default_component_of", full_product_name: { name: "kernel-default-devel-4.4.155-94.50.1.x86_64 as component of SUSE Linux Enterprise Server 12 SP3", product_id: "SUSE Linux Enterprise Server 12 SP3:kernel-default-devel-4.4.155-94.50.1.x86_64", }, product_reference: "kernel-default-devel-4.4.155-94.50.1.x86_64", relates_to_product_reference: "SUSE Linux Enterprise Server 12 SP3", }, { category: "default_component_of", full_product_name: { name: "kernel-default-man-4.4.155-94.50.1.s390x as component of SUSE Linux Enterprise Server 12 SP3", product_id: "SUSE Linux Enterprise Server 12 SP3:kernel-default-man-4.4.155-94.50.1.s390x", }, product_reference: "kernel-default-man-4.4.155-94.50.1.s390x", relates_to_product_reference: "SUSE Linux Enterprise Server 12 SP3", }, { category: "default_component_of", full_product_name: { name: "kernel-devel-4.4.155-94.50.1.noarch as component of SUSE Linux Enterprise Server 12 SP3", product_id: "SUSE Linux Enterprise Server 12 SP3:kernel-devel-4.4.155-94.50.1.noarch", }, product_reference: "kernel-devel-4.4.155-94.50.1.noarch", relates_to_product_reference: "SUSE Linux Enterprise Server 12 SP3", }, { category: "default_component_of", full_product_name: { name: "kernel-macros-4.4.155-94.50.1.noarch as component of SUSE Linux Enterprise Server 12 SP3", product_id: "SUSE Linux Enterprise Server 12 SP3:kernel-macros-4.4.155-94.50.1.noarch", }, product_reference: "kernel-macros-4.4.155-94.50.1.noarch", relates_to_product_reference: "SUSE Linux Enterprise Server 12 SP3", }, { category: "default_component_of", full_product_name: { name: "kernel-source-4.4.155-94.50.1.noarch as component of SUSE Linux Enterprise Server 12 SP3", product_id: "SUSE Linux Enterprise Server 12 SP3:kernel-source-4.4.155-94.50.1.noarch", }, product_reference: "kernel-source-4.4.155-94.50.1.noarch", relates_to_product_reference: "SUSE Linux Enterprise Server 12 SP3", }, { category: "default_component_of", full_product_name: { name: "kernel-syms-4.4.155-94.50.1.aarch64 as component of SUSE Linux Enterprise Server 12 SP3", product_id: "SUSE Linux Enterprise Server 12 SP3:kernel-syms-4.4.155-94.50.1.aarch64", }, product_reference: "kernel-syms-4.4.155-94.50.1.aarch64", relates_to_product_reference: "SUSE Linux Enterprise Server 12 SP3", }, { category: "default_component_of", full_product_name: { name: "kernel-syms-4.4.155-94.50.1.ppc64le as component of SUSE Linux Enterprise Server 12 SP3", product_id: "SUSE Linux Enterprise Server 12 SP3:kernel-syms-4.4.155-94.50.1.ppc64le", }, product_reference: "kernel-syms-4.4.155-94.50.1.ppc64le", relates_to_product_reference: "SUSE Linux Enterprise Server 12 SP3", }, { category: "default_component_of", full_product_name: { name: "kernel-syms-4.4.155-94.50.1.s390x as component of SUSE Linux Enterprise Server 12 SP3", product_id: "SUSE Linux Enterprise Server 12 SP3:kernel-syms-4.4.155-94.50.1.s390x", }, product_reference: "kernel-syms-4.4.155-94.50.1.s390x", relates_to_product_reference: "SUSE Linux Enterprise Server 12 SP3", }, { category: "default_component_of", full_product_name: { name: "kernel-syms-4.4.155-94.50.1.x86_64 as component of SUSE Linux Enterprise Server 12 SP3", product_id: "SUSE Linux Enterprise Server 12 SP3:kernel-syms-4.4.155-94.50.1.x86_64", }, product_reference: "kernel-syms-4.4.155-94.50.1.x86_64", relates_to_product_reference: "SUSE Linux Enterprise Server 12 SP3", }, { category: "default_component_of", full_product_name: { name: "kernel-default-4.4.155-94.50.1.aarch64 as component of SUSE Linux Enterprise Server for SAP Applications 12 SP3", product_id: "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-4.4.155-94.50.1.aarch64", }, product_reference: "kernel-default-4.4.155-94.50.1.aarch64", relates_to_product_reference: "SUSE Linux Enterprise Server for SAP Applications 12 SP3", }, { category: "default_component_of", full_product_name: { name: "kernel-default-4.4.155-94.50.1.ppc64le as component of SUSE Linux Enterprise Server for SAP Applications 12 SP3", product_id: "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-4.4.155-94.50.1.ppc64le", }, product_reference: "kernel-default-4.4.155-94.50.1.ppc64le", relates_to_product_reference: "SUSE Linux Enterprise Server for SAP Applications 12 SP3", }, { category: "default_component_of", full_product_name: { name: "kernel-default-4.4.155-94.50.1.s390x as component of SUSE Linux Enterprise Server for SAP Applications 12 SP3", product_id: "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-4.4.155-94.50.1.s390x", }, product_reference: "kernel-default-4.4.155-94.50.1.s390x", relates_to_product_reference: "SUSE Linux Enterprise Server for SAP Applications 12 SP3", }, { category: "default_component_of", full_product_name: { name: "kernel-default-4.4.155-94.50.1.x86_64 as component of SUSE Linux Enterprise Server for SAP Applications 12 SP3", product_id: "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-4.4.155-94.50.1.x86_64", }, product_reference: "kernel-default-4.4.155-94.50.1.x86_64", relates_to_product_reference: "SUSE Linux Enterprise Server for SAP Applications 12 SP3", }, { category: "default_component_of", full_product_name: { name: "kernel-default-base-4.4.155-94.50.1.aarch64 as component of SUSE Linux Enterprise Server for SAP Applications 12 SP3", product_id: "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-base-4.4.155-94.50.1.aarch64", }, product_reference: "kernel-default-base-4.4.155-94.50.1.aarch64", relates_to_product_reference: "SUSE Linux Enterprise Server for SAP Applications 12 SP3", }, { category: "default_component_of", full_product_name: { name: "kernel-default-base-4.4.155-94.50.1.ppc64le as component of SUSE Linux Enterprise Server for SAP Applications 12 SP3", product_id: "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-base-4.4.155-94.50.1.ppc64le", }, product_reference: "kernel-default-base-4.4.155-94.50.1.ppc64le", relates_to_product_reference: "SUSE Linux Enterprise Server for SAP Applications 12 SP3", }, { category: "default_component_of", full_product_name: { name: "kernel-default-base-4.4.155-94.50.1.s390x as component of SUSE Linux Enterprise Server for SAP Applications 12 SP3", product_id: "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-base-4.4.155-94.50.1.s390x", }, product_reference: "kernel-default-base-4.4.155-94.50.1.s390x", relates_to_product_reference: "SUSE Linux Enterprise Server for SAP Applications 12 SP3", }, { category: "default_component_of", full_product_name: { name: "kernel-default-base-4.4.155-94.50.1.x86_64 as component of SUSE Linux Enterprise Server for SAP Applications 12 SP3", product_id: "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-base-4.4.155-94.50.1.x86_64", }, product_reference: "kernel-default-base-4.4.155-94.50.1.x86_64", relates_to_product_reference: "SUSE Linux Enterprise Server for SAP Applications 12 SP3", }, { category: "default_component_of", full_product_name: { name: "kernel-default-devel-4.4.155-94.50.1.aarch64 as component of SUSE Linux Enterprise Server for SAP Applications 12 SP3", product_id: "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-devel-4.4.155-94.50.1.aarch64", }, product_reference: "kernel-default-devel-4.4.155-94.50.1.aarch64", relates_to_product_reference: "SUSE Linux Enterprise Server for SAP Applications 12 SP3", }, { category: "default_component_of", full_product_name: { name: "kernel-default-devel-4.4.155-94.50.1.ppc64le as component of SUSE Linux Enterprise Server for SAP Applications 12 SP3", product_id: "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-devel-4.4.155-94.50.1.ppc64le", }, product_reference: "kernel-default-devel-4.4.155-94.50.1.ppc64le", relates_to_product_reference: "SUSE Linux Enterprise Server for SAP Applications 12 SP3", }, { category: "default_component_of", full_product_name: { name: "kernel-default-devel-4.4.155-94.50.1.s390x as component of SUSE Linux Enterprise Server for SAP Applications 12 SP3", product_id: "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-devel-4.4.155-94.50.1.s390x", }, product_reference: "kernel-default-devel-4.4.155-94.50.1.s390x", relates_to_product_reference: "SUSE Linux Enterprise Server for SAP Applications 12 SP3", }, { category: "default_component_of", full_product_name: { name: "kernel-default-devel-4.4.155-94.50.1.x86_64 as component of SUSE Linux Enterprise Server for SAP Applications 12 SP3", product_id: "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-devel-4.4.155-94.50.1.x86_64", }, product_reference: "kernel-default-devel-4.4.155-94.50.1.x86_64", relates_to_product_reference: "SUSE Linux Enterprise Server for SAP Applications 12 SP3", }, { category: "default_component_of", full_product_name: { name: "kernel-default-man-4.4.155-94.50.1.s390x as component of SUSE Linux Enterprise Server for SAP Applications 12 SP3", product_id: "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-man-4.4.155-94.50.1.s390x", }, product_reference: "kernel-default-man-4.4.155-94.50.1.s390x", relates_to_product_reference: "SUSE Linux Enterprise Server for SAP Applications 12 SP3", }, { category: "default_component_of", full_product_name: { name: "kernel-devel-4.4.155-94.50.1.noarch as component of SUSE Linux Enterprise Server for SAP Applications 12 SP3", product_id: "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-devel-4.4.155-94.50.1.noarch", }, product_reference: "kernel-devel-4.4.155-94.50.1.noarch", relates_to_product_reference: "SUSE Linux Enterprise Server for SAP Applications 12 SP3", }, { category: "default_component_of", full_product_name: { name: "kernel-macros-4.4.155-94.50.1.noarch as component of SUSE Linux Enterprise Server for SAP Applications 12 SP3", product_id: "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-macros-4.4.155-94.50.1.noarch", }, product_reference: "kernel-macros-4.4.155-94.50.1.noarch", relates_to_product_reference: "SUSE Linux Enterprise Server for SAP Applications 12 SP3", }, { category: "default_component_of", full_product_name: { name: "kernel-source-4.4.155-94.50.1.noarch as component of SUSE Linux Enterprise Server for SAP Applications 12 SP3", product_id: "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-source-4.4.155-94.50.1.noarch", }, product_reference: "kernel-source-4.4.155-94.50.1.noarch", relates_to_product_reference: "SUSE Linux Enterprise Server for SAP Applications 12 SP3", }, { category: "default_component_of", full_product_name: { name: "kernel-syms-4.4.155-94.50.1.aarch64 as component of SUSE Linux Enterprise Server for SAP Applications 12 SP3", product_id: "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-syms-4.4.155-94.50.1.aarch64", }, product_reference: "kernel-syms-4.4.155-94.50.1.aarch64", relates_to_product_reference: "SUSE Linux Enterprise Server for SAP Applications 12 SP3", }, { category: "default_component_of", full_product_name: { name: "kernel-syms-4.4.155-94.50.1.ppc64le as component of SUSE Linux Enterprise Server for SAP Applications 12 SP3", product_id: "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-syms-4.4.155-94.50.1.ppc64le", }, product_reference: "kernel-syms-4.4.155-94.50.1.ppc64le", relates_to_product_reference: "SUSE Linux Enterprise Server for SAP Applications 12 SP3", }, { category: "default_component_of", full_product_name: { name: "kernel-syms-4.4.155-94.50.1.s390x as component of SUSE Linux Enterprise Server for SAP Applications 12 SP3", product_id: "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-syms-4.4.155-94.50.1.s390x", }, product_reference: "kernel-syms-4.4.155-94.50.1.s390x", relates_to_product_reference: "SUSE Linux Enterprise Server for SAP Applications 12 SP3", }, { category: "default_component_of", full_product_name: { name: "kernel-syms-4.4.155-94.50.1.x86_64 as component of SUSE Linux Enterprise Server for SAP Applications 12 SP3", product_id: "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-syms-4.4.155-94.50.1.x86_64", }, product_reference: "kernel-syms-4.4.155-94.50.1.x86_64", relates_to_product_reference: "SUSE Linux Enterprise Server for SAP Applications 12 SP3", }, { category: "default_component_of", full_product_name: { name: "kernel-default-extra-4.4.155-94.50.1.x86_64 as component of SUSE Linux Enterprise Workstation Extension 12 SP3", product_id: "SUSE Linux Enterprise Workstation Extension 12 SP3:kernel-default-extra-4.4.155-94.50.1.x86_64", }, product_reference: "kernel-default-extra-4.4.155-94.50.1.x86_64", relates_to_product_reference: "SUSE Linux Enterprise Workstation Extension 12 SP3", }, ], }, vulnerabilities: [ { cve: "CVE-2018-10876", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2018-10876", }, ], notes: [ { category: "general", text: "A flaw was found in Linux kernel in the ext4 filesystem code. A use-after-free is possible in ext4_ext_remove_space() function when mounting and operating a crafted ext4 image.", title: "CVE description", }, ], product_status: { recommended: [ "SUSE Linux Enterprise Desktop 12 SP3:kernel-default-4.4.155-94.50.1.x86_64", "SUSE Linux Enterprise Desktop 12 SP3:kernel-default-devel-4.4.155-94.50.1.x86_64", "SUSE Linux Enterprise Desktop 12 SP3:kernel-default-extra-4.4.155-94.50.1.x86_64", "SUSE Linux Enterprise Desktop 12 SP3:kernel-devel-4.4.155-94.50.1.noarch", "SUSE Linux Enterprise Desktop 12 SP3:kernel-macros-4.4.155-94.50.1.noarch", "SUSE Linux Enterprise Desktop 12 SP3:kernel-source-4.4.155-94.50.1.noarch", "SUSE Linux Enterprise Desktop 12 SP3:kernel-syms-4.4.155-94.50.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP3:cluster-md-kmp-default-4.4.155-94.50.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP3:cluster-md-kmp-default-4.4.155-94.50.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP3:cluster-md-kmp-default-4.4.155-94.50.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP3:dlm-kmp-default-4.4.155-94.50.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP3:dlm-kmp-default-4.4.155-94.50.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP3:dlm-kmp-default-4.4.155-94.50.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP3:gfs2-kmp-default-4.4.155-94.50.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP3:gfs2-kmp-default-4.4.155-94.50.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP3:gfs2-kmp-default-4.4.155-94.50.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP3:ocfs2-kmp-default-4.4.155-94.50.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP3:ocfs2-kmp-default-4.4.155-94.50.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP3:ocfs2-kmp-default-4.4.155-94.50.1.x86_64", "SUSE Linux Enterprise Server 12 SP3:kernel-default-4.4.155-94.50.1.aarch64", "SUSE Linux Enterprise Server 12 SP3:kernel-default-4.4.155-94.50.1.ppc64le", "SUSE Linux Enterprise Server 12 SP3:kernel-default-4.4.155-94.50.1.s390x", "SUSE Linux Enterprise Server 12 SP3:kernel-default-4.4.155-94.50.1.x86_64", "SUSE Linux Enterprise Server 12 SP3:kernel-default-base-4.4.155-94.50.1.aarch64", "SUSE Linux Enterprise Server 12 SP3:kernel-default-base-4.4.155-94.50.1.ppc64le", "SUSE Linux Enterprise Server 12 SP3:kernel-default-base-4.4.155-94.50.1.s390x", "SUSE Linux Enterprise Server 12 SP3:kernel-default-base-4.4.155-94.50.1.x86_64", "SUSE Linux Enterprise Server 12 SP3:kernel-default-devel-4.4.155-94.50.1.aarch64", "SUSE Linux Enterprise Server 12 SP3:kernel-default-devel-4.4.155-94.50.1.ppc64le", "SUSE Linux Enterprise Server 12 SP3:kernel-default-devel-4.4.155-94.50.1.s390x", "SUSE Linux Enterprise Server 12 SP3:kernel-default-devel-4.4.155-94.50.1.x86_64", "SUSE Linux Enterprise Server 12 SP3:kernel-default-man-4.4.155-94.50.1.s390x", "SUSE Linux Enterprise Server 12 SP3:kernel-devel-4.4.155-94.50.1.noarch", "SUSE Linux Enterprise Server 12 SP3:kernel-macros-4.4.155-94.50.1.noarch", "SUSE Linux Enterprise Server 12 SP3:kernel-source-4.4.155-94.50.1.noarch", "SUSE Linux Enterprise Server 12 SP3:kernel-syms-4.4.155-94.50.1.aarch64", "SUSE Linux Enterprise Server 12 SP3:kernel-syms-4.4.155-94.50.1.ppc64le", "SUSE Linux Enterprise Server 12 SP3:kernel-syms-4.4.155-94.50.1.s390x", "SUSE Linux Enterprise Server 12 SP3:kernel-syms-4.4.155-94.50.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-4.4.155-94.50.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-4.4.155-94.50.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-4.4.155-94.50.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-4.4.155-94.50.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-base-4.4.155-94.50.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-base-4.4.155-94.50.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-base-4.4.155-94.50.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-base-4.4.155-94.50.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-devel-4.4.155-94.50.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-devel-4.4.155-94.50.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-devel-4.4.155-94.50.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-devel-4.4.155-94.50.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-man-4.4.155-94.50.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-devel-4.4.155-94.50.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-macros-4.4.155-94.50.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-source-4.4.155-94.50.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-syms-4.4.155-94.50.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-syms-4.4.155-94.50.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-syms-4.4.155-94.50.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-syms-4.4.155-94.50.1.x86_64", "SUSE Linux Enterprise Software Development Kit 12 SP3:kernel-docs-4.4.155-94.50.1.noarch", "SUSE Linux Enterprise Software Development Kit 12 SP3:kernel-obs-build-4.4.155-94.50.1.aarch64", "SUSE Linux Enterprise Software Development Kit 12 SP3:kernel-obs-build-4.4.155-94.50.1.ppc64le", "SUSE Linux Enterprise Software Development Kit 12 SP3:kernel-obs-build-4.4.155-94.50.1.s390x", "SUSE Linux Enterprise Software Development Kit 12 SP3:kernel-obs-build-4.4.155-94.50.1.x86_64", "SUSE Linux Enterprise Workstation Extension 12 SP3:kernel-default-extra-4.4.155-94.50.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2018-10876", url: "https://www.suse.com/security/cve/CVE-2018-10876", }, { category: "external", summary: "SUSE Bug 1099811 for CVE-2018-10876", url: "https://bugzilla.suse.com/1099811", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE Linux Enterprise Desktop 12 SP3:kernel-default-4.4.155-94.50.1.x86_64", "SUSE Linux Enterprise Desktop 12 SP3:kernel-default-devel-4.4.155-94.50.1.x86_64", "SUSE Linux Enterprise Desktop 12 SP3:kernel-default-extra-4.4.155-94.50.1.x86_64", "SUSE Linux Enterprise Desktop 12 SP3:kernel-devel-4.4.155-94.50.1.noarch", "SUSE Linux Enterprise Desktop 12 SP3:kernel-macros-4.4.155-94.50.1.noarch", "SUSE Linux Enterprise Desktop 12 SP3:kernel-source-4.4.155-94.50.1.noarch", "SUSE Linux Enterprise Desktop 12 SP3:kernel-syms-4.4.155-94.50.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP3:cluster-md-kmp-default-4.4.155-94.50.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP3:cluster-md-kmp-default-4.4.155-94.50.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP3:cluster-md-kmp-default-4.4.155-94.50.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP3:dlm-kmp-default-4.4.155-94.50.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP3:dlm-kmp-default-4.4.155-94.50.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP3:dlm-kmp-default-4.4.155-94.50.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP3:gfs2-kmp-default-4.4.155-94.50.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP3:gfs2-kmp-default-4.4.155-94.50.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP3:gfs2-kmp-default-4.4.155-94.50.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP3:ocfs2-kmp-default-4.4.155-94.50.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP3:ocfs2-kmp-default-4.4.155-94.50.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP3:ocfs2-kmp-default-4.4.155-94.50.1.x86_64", "SUSE Linux Enterprise Server 12 SP3:kernel-default-4.4.155-94.50.1.aarch64", "SUSE Linux Enterprise Server 12 SP3:kernel-default-4.4.155-94.50.1.ppc64le", "SUSE Linux Enterprise Server 12 SP3:kernel-default-4.4.155-94.50.1.s390x", "SUSE Linux Enterprise Server 12 SP3:kernel-default-4.4.155-94.50.1.x86_64", "SUSE Linux Enterprise Server 12 SP3:kernel-default-base-4.4.155-94.50.1.aarch64", "SUSE Linux Enterprise Server 12 SP3:kernel-default-base-4.4.155-94.50.1.ppc64le", "SUSE Linux Enterprise Server 12 SP3:kernel-default-base-4.4.155-94.50.1.s390x", "SUSE Linux Enterprise Server 12 SP3:kernel-default-base-4.4.155-94.50.1.x86_64", "SUSE Linux Enterprise Server 12 SP3:kernel-default-devel-4.4.155-94.50.1.aarch64", "SUSE Linux Enterprise Server 12 SP3:kernel-default-devel-4.4.155-94.50.1.ppc64le", "SUSE Linux Enterprise Server 12 SP3:kernel-default-devel-4.4.155-94.50.1.s390x", "SUSE Linux Enterprise Server 12 SP3:kernel-default-devel-4.4.155-94.50.1.x86_64", "SUSE Linux Enterprise Server 12 SP3:kernel-default-man-4.4.155-94.50.1.s390x", "SUSE Linux Enterprise Server 12 SP3:kernel-devel-4.4.155-94.50.1.noarch", "SUSE Linux Enterprise Server 12 SP3:kernel-macros-4.4.155-94.50.1.noarch", "SUSE Linux Enterprise Server 12 SP3:kernel-source-4.4.155-94.50.1.noarch", "SUSE Linux Enterprise Server 12 SP3:kernel-syms-4.4.155-94.50.1.aarch64", "SUSE Linux Enterprise Server 12 SP3:kernel-syms-4.4.155-94.50.1.ppc64le", "SUSE Linux Enterprise Server 12 SP3:kernel-syms-4.4.155-94.50.1.s390x", "SUSE Linux Enterprise Server 12 SP3:kernel-syms-4.4.155-94.50.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-4.4.155-94.50.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-4.4.155-94.50.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-4.4.155-94.50.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-4.4.155-94.50.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-base-4.4.155-94.50.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-base-4.4.155-94.50.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-base-4.4.155-94.50.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-base-4.4.155-94.50.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-devel-4.4.155-94.50.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-devel-4.4.155-94.50.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-devel-4.4.155-94.50.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-devel-4.4.155-94.50.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-man-4.4.155-94.50.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-devel-4.4.155-94.50.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-macros-4.4.155-94.50.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-source-4.4.155-94.50.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-syms-4.4.155-94.50.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-syms-4.4.155-94.50.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-syms-4.4.155-94.50.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-syms-4.4.155-94.50.1.x86_64", "SUSE Linux Enterprise Software Development Kit 12 SP3:kernel-docs-4.4.155-94.50.1.noarch", "SUSE Linux Enterprise Software Development Kit 12 SP3:kernel-obs-build-4.4.155-94.50.1.aarch64", "SUSE Linux Enterprise Software Development Kit 12 SP3:kernel-obs-build-4.4.155-94.50.1.ppc64le", "SUSE Linux Enterprise Software Development Kit 12 SP3:kernel-obs-build-4.4.155-94.50.1.s390x", "SUSE Linux Enterprise Software Development Kit 12 SP3:kernel-obs-build-4.4.155-94.50.1.x86_64", "SUSE Linux Enterprise Workstation Extension 12 SP3:kernel-default-extra-4.4.155-94.50.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 5, baseSeverity: "MEDIUM", vectorString: "CVSS:3.0/AV:L/AC:L/PR:L/UI:R/S:U/C:N/I:N/A:H", version: "3.0", }, products: [ "SUSE Linux Enterprise Desktop 12 SP3:kernel-default-4.4.155-94.50.1.x86_64", "SUSE Linux Enterprise Desktop 12 SP3:kernel-default-devel-4.4.155-94.50.1.x86_64", "SUSE Linux Enterprise Desktop 12 SP3:kernel-default-extra-4.4.155-94.50.1.x86_64", "SUSE Linux Enterprise Desktop 12 SP3:kernel-devel-4.4.155-94.50.1.noarch", "SUSE Linux Enterprise Desktop 12 SP3:kernel-macros-4.4.155-94.50.1.noarch", "SUSE Linux Enterprise Desktop 12 SP3:kernel-source-4.4.155-94.50.1.noarch", "SUSE Linux Enterprise Desktop 12 SP3:kernel-syms-4.4.155-94.50.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP3:cluster-md-kmp-default-4.4.155-94.50.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP3:cluster-md-kmp-default-4.4.155-94.50.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP3:cluster-md-kmp-default-4.4.155-94.50.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP3:dlm-kmp-default-4.4.155-94.50.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP3:dlm-kmp-default-4.4.155-94.50.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP3:dlm-kmp-default-4.4.155-94.50.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP3:gfs2-kmp-default-4.4.155-94.50.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP3:gfs2-kmp-default-4.4.155-94.50.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP3:gfs2-kmp-default-4.4.155-94.50.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP3:ocfs2-kmp-default-4.4.155-94.50.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP3:ocfs2-kmp-default-4.4.155-94.50.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP3:ocfs2-kmp-default-4.4.155-94.50.1.x86_64", "SUSE Linux Enterprise Server 12 SP3:kernel-default-4.4.155-94.50.1.aarch64", "SUSE Linux Enterprise Server 12 SP3:kernel-default-4.4.155-94.50.1.ppc64le", "SUSE Linux Enterprise Server 12 SP3:kernel-default-4.4.155-94.50.1.s390x", "SUSE Linux Enterprise Server 12 SP3:kernel-default-4.4.155-94.50.1.x86_64", "SUSE Linux Enterprise Server 12 SP3:kernel-default-base-4.4.155-94.50.1.aarch64", "SUSE Linux Enterprise Server 12 SP3:kernel-default-base-4.4.155-94.50.1.ppc64le", "SUSE Linux Enterprise Server 12 SP3:kernel-default-base-4.4.155-94.50.1.s390x", "SUSE Linux Enterprise Server 12 SP3:kernel-default-base-4.4.155-94.50.1.x86_64", "SUSE Linux Enterprise Server 12 SP3:kernel-default-devel-4.4.155-94.50.1.aarch64", "SUSE Linux Enterprise Server 12 SP3:kernel-default-devel-4.4.155-94.50.1.ppc64le", "SUSE Linux Enterprise Server 12 SP3:kernel-default-devel-4.4.155-94.50.1.s390x", "SUSE Linux Enterprise Server 12 SP3:kernel-default-devel-4.4.155-94.50.1.x86_64", "SUSE Linux Enterprise Server 12 SP3:kernel-default-man-4.4.155-94.50.1.s390x", "SUSE Linux Enterprise Server 12 SP3:kernel-devel-4.4.155-94.50.1.noarch", "SUSE Linux Enterprise Server 12 SP3:kernel-macros-4.4.155-94.50.1.noarch", "SUSE Linux Enterprise Server 12 SP3:kernel-source-4.4.155-94.50.1.noarch", "SUSE Linux Enterprise Server 12 SP3:kernel-syms-4.4.155-94.50.1.aarch64", "SUSE Linux Enterprise Server 12 SP3:kernel-syms-4.4.155-94.50.1.ppc64le", "SUSE Linux Enterprise Server 12 SP3:kernel-syms-4.4.155-94.50.1.s390x", "SUSE Linux Enterprise Server 12 SP3:kernel-syms-4.4.155-94.50.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-4.4.155-94.50.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-4.4.155-94.50.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-4.4.155-94.50.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-4.4.155-94.50.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-base-4.4.155-94.50.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-base-4.4.155-94.50.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-base-4.4.155-94.50.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-base-4.4.155-94.50.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-devel-4.4.155-94.50.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-devel-4.4.155-94.50.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-devel-4.4.155-94.50.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-devel-4.4.155-94.50.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-man-4.4.155-94.50.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-devel-4.4.155-94.50.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-macros-4.4.155-94.50.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-source-4.4.155-94.50.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-syms-4.4.155-94.50.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-syms-4.4.155-94.50.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-syms-4.4.155-94.50.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-syms-4.4.155-94.50.1.x86_64", "SUSE Linux Enterprise Software Development Kit 12 SP3:kernel-docs-4.4.155-94.50.1.noarch", "SUSE Linux Enterprise Software Development Kit 12 SP3:kernel-obs-build-4.4.155-94.50.1.aarch64", "SUSE Linux Enterprise Software Development Kit 12 SP3:kernel-obs-build-4.4.155-94.50.1.ppc64le", "SUSE Linux Enterprise Software Development Kit 12 SP3:kernel-obs-build-4.4.155-94.50.1.s390x", "SUSE Linux Enterprise Software Development Kit 12 SP3:kernel-obs-build-4.4.155-94.50.1.x86_64", "SUSE Linux Enterprise Workstation Extension 12 SP3:kernel-default-extra-4.4.155-94.50.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2018-09-20T16:27:28Z", details: "low", }, ], title: "CVE-2018-10876", }, { cve: "CVE-2018-10877", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2018-10877", }, ], notes: [ { category: "general", text: "Linux kernel ext4 filesystem is vulnerable to an out-of-bound access in the ext4_ext_drop_refs() function when operating on a crafted ext4 filesystem image.", title: "CVE description", }, ], product_status: { recommended: [ "SUSE Linux Enterprise Desktop 12 SP3:kernel-default-4.4.155-94.50.1.x86_64", "SUSE Linux Enterprise Desktop 12 SP3:kernel-default-devel-4.4.155-94.50.1.x86_64", "SUSE Linux Enterprise Desktop 12 SP3:kernel-default-extra-4.4.155-94.50.1.x86_64", "SUSE Linux Enterprise Desktop 12 SP3:kernel-devel-4.4.155-94.50.1.noarch", "SUSE Linux Enterprise Desktop 12 SP3:kernel-macros-4.4.155-94.50.1.noarch", "SUSE Linux Enterprise Desktop 12 SP3:kernel-source-4.4.155-94.50.1.noarch", "SUSE Linux Enterprise Desktop 12 SP3:kernel-syms-4.4.155-94.50.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP3:cluster-md-kmp-default-4.4.155-94.50.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP3:cluster-md-kmp-default-4.4.155-94.50.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP3:cluster-md-kmp-default-4.4.155-94.50.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP3:dlm-kmp-default-4.4.155-94.50.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP3:dlm-kmp-default-4.4.155-94.50.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP3:dlm-kmp-default-4.4.155-94.50.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP3:gfs2-kmp-default-4.4.155-94.50.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP3:gfs2-kmp-default-4.4.155-94.50.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP3:gfs2-kmp-default-4.4.155-94.50.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP3:ocfs2-kmp-default-4.4.155-94.50.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP3:ocfs2-kmp-default-4.4.155-94.50.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP3:ocfs2-kmp-default-4.4.155-94.50.1.x86_64", "SUSE Linux Enterprise Server 12 SP3:kernel-default-4.4.155-94.50.1.aarch64", "SUSE Linux Enterprise Server 12 SP3:kernel-default-4.4.155-94.50.1.ppc64le", "SUSE Linux Enterprise Server 12 SP3:kernel-default-4.4.155-94.50.1.s390x", "SUSE Linux Enterprise Server 12 SP3:kernel-default-4.4.155-94.50.1.x86_64", "SUSE Linux Enterprise Server 12 SP3:kernel-default-base-4.4.155-94.50.1.aarch64", "SUSE Linux Enterprise Server 12 SP3:kernel-default-base-4.4.155-94.50.1.ppc64le", "SUSE Linux Enterprise Server 12 SP3:kernel-default-base-4.4.155-94.50.1.s390x", "SUSE Linux Enterprise Server 12 SP3:kernel-default-base-4.4.155-94.50.1.x86_64", "SUSE Linux Enterprise Server 12 SP3:kernel-default-devel-4.4.155-94.50.1.aarch64", "SUSE Linux Enterprise Server 12 SP3:kernel-default-devel-4.4.155-94.50.1.ppc64le", "SUSE Linux Enterprise Server 12 SP3:kernel-default-devel-4.4.155-94.50.1.s390x", "SUSE Linux Enterprise Server 12 SP3:kernel-default-devel-4.4.155-94.50.1.x86_64", "SUSE Linux Enterprise Server 12 SP3:kernel-default-man-4.4.155-94.50.1.s390x", "SUSE Linux Enterprise Server 12 SP3:kernel-devel-4.4.155-94.50.1.noarch", "SUSE Linux Enterprise Server 12 SP3:kernel-macros-4.4.155-94.50.1.noarch", "SUSE Linux Enterprise Server 12 SP3:kernel-source-4.4.155-94.50.1.noarch", "SUSE Linux Enterprise Server 12 SP3:kernel-syms-4.4.155-94.50.1.aarch64", "SUSE Linux Enterprise Server 12 SP3:kernel-syms-4.4.155-94.50.1.ppc64le", "SUSE Linux Enterprise Server 12 SP3:kernel-syms-4.4.155-94.50.1.s390x", "SUSE Linux Enterprise Server 12 SP3:kernel-syms-4.4.155-94.50.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-4.4.155-94.50.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-4.4.155-94.50.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-4.4.155-94.50.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-4.4.155-94.50.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-base-4.4.155-94.50.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-base-4.4.155-94.50.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-base-4.4.155-94.50.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-base-4.4.155-94.50.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-devel-4.4.155-94.50.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-devel-4.4.155-94.50.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-devel-4.4.155-94.50.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-devel-4.4.155-94.50.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-man-4.4.155-94.50.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-devel-4.4.155-94.50.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-macros-4.4.155-94.50.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-source-4.4.155-94.50.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-syms-4.4.155-94.50.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-syms-4.4.155-94.50.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-syms-4.4.155-94.50.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-syms-4.4.155-94.50.1.x86_64", "SUSE Linux Enterprise Software Development Kit 12 SP3:kernel-docs-4.4.155-94.50.1.noarch", "SUSE Linux Enterprise Software Development Kit 12 SP3:kernel-obs-build-4.4.155-94.50.1.aarch64", "SUSE Linux Enterprise Software Development Kit 12 SP3:kernel-obs-build-4.4.155-94.50.1.ppc64le", "SUSE Linux Enterprise Software Development Kit 12 SP3:kernel-obs-build-4.4.155-94.50.1.s390x", "SUSE Linux Enterprise Software Development Kit 12 SP3:kernel-obs-build-4.4.155-94.50.1.x86_64", "SUSE Linux Enterprise Workstation Extension 12 SP3:kernel-default-extra-4.4.155-94.50.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2018-10877", url: "https://www.suse.com/security/cve/CVE-2018-10877", }, { category: "external", summary: "SUSE Bug 1087082 for CVE-2018-10877", url: "https://bugzilla.suse.com/1087082", }, { category: "external", summary: "SUSE Bug 1099846 for CVE-2018-10877", url: "https://bugzilla.suse.com/1099846", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE Linux Enterprise Desktop 12 SP3:kernel-default-4.4.155-94.50.1.x86_64", "SUSE Linux Enterprise Desktop 12 SP3:kernel-default-devel-4.4.155-94.50.1.x86_64", "SUSE Linux Enterprise Desktop 12 SP3:kernel-default-extra-4.4.155-94.50.1.x86_64", "SUSE Linux Enterprise Desktop 12 SP3:kernel-devel-4.4.155-94.50.1.noarch", "SUSE Linux Enterprise Desktop 12 SP3:kernel-macros-4.4.155-94.50.1.noarch", "SUSE Linux Enterprise Desktop 12 SP3:kernel-source-4.4.155-94.50.1.noarch", "SUSE Linux Enterprise Desktop 12 SP3:kernel-syms-4.4.155-94.50.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP3:cluster-md-kmp-default-4.4.155-94.50.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP3:cluster-md-kmp-default-4.4.155-94.50.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP3:cluster-md-kmp-default-4.4.155-94.50.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP3:dlm-kmp-default-4.4.155-94.50.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP3:dlm-kmp-default-4.4.155-94.50.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP3:dlm-kmp-default-4.4.155-94.50.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP3:gfs2-kmp-default-4.4.155-94.50.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP3:gfs2-kmp-default-4.4.155-94.50.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP3:gfs2-kmp-default-4.4.155-94.50.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP3:ocfs2-kmp-default-4.4.155-94.50.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP3:ocfs2-kmp-default-4.4.155-94.50.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP3:ocfs2-kmp-default-4.4.155-94.50.1.x86_64", "SUSE Linux Enterprise Server 12 SP3:kernel-default-4.4.155-94.50.1.aarch64", "SUSE Linux Enterprise Server 12 SP3:kernel-default-4.4.155-94.50.1.ppc64le", "SUSE Linux Enterprise Server 12 SP3:kernel-default-4.4.155-94.50.1.s390x", "SUSE Linux Enterprise Server 12 SP3:kernel-default-4.4.155-94.50.1.x86_64", "SUSE Linux Enterprise Server 12 SP3:kernel-default-base-4.4.155-94.50.1.aarch64", "SUSE Linux Enterprise Server 12 SP3:kernel-default-base-4.4.155-94.50.1.ppc64le", "SUSE Linux Enterprise Server 12 SP3:kernel-default-base-4.4.155-94.50.1.s390x", "SUSE Linux Enterprise Server 12 SP3:kernel-default-base-4.4.155-94.50.1.x86_64", "SUSE Linux Enterprise Server 12 SP3:kernel-default-devel-4.4.155-94.50.1.aarch64", "SUSE Linux Enterprise Server 12 SP3:kernel-default-devel-4.4.155-94.50.1.ppc64le", "SUSE Linux Enterprise Server 12 SP3:kernel-default-devel-4.4.155-94.50.1.s390x", "SUSE Linux Enterprise Server 12 SP3:kernel-default-devel-4.4.155-94.50.1.x86_64", "SUSE Linux Enterprise Server 12 SP3:kernel-default-man-4.4.155-94.50.1.s390x", "SUSE Linux Enterprise Server 12 SP3:kernel-devel-4.4.155-94.50.1.noarch", "SUSE Linux Enterprise Server 12 SP3:kernel-macros-4.4.155-94.50.1.noarch", "SUSE Linux Enterprise Server 12 SP3:kernel-source-4.4.155-94.50.1.noarch", "SUSE Linux Enterprise Server 12 SP3:kernel-syms-4.4.155-94.50.1.aarch64", "SUSE Linux Enterprise Server 12 SP3:kernel-syms-4.4.155-94.50.1.ppc64le", "SUSE Linux Enterprise Server 12 SP3:kernel-syms-4.4.155-94.50.1.s390x", "SUSE Linux Enterprise Server 12 SP3:kernel-syms-4.4.155-94.50.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-4.4.155-94.50.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-4.4.155-94.50.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-4.4.155-94.50.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-4.4.155-94.50.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-base-4.4.155-94.50.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-base-4.4.155-94.50.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-base-4.4.155-94.50.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-base-4.4.155-94.50.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-devel-4.4.155-94.50.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-devel-4.4.155-94.50.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-devel-4.4.155-94.50.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-devel-4.4.155-94.50.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-man-4.4.155-94.50.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-devel-4.4.155-94.50.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-macros-4.4.155-94.50.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-source-4.4.155-94.50.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-syms-4.4.155-94.50.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-syms-4.4.155-94.50.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-syms-4.4.155-94.50.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-syms-4.4.155-94.50.1.x86_64", "SUSE Linux Enterprise Software Development Kit 12 SP3:kernel-docs-4.4.155-94.50.1.noarch", "SUSE Linux Enterprise Software Development Kit 12 SP3:kernel-obs-build-4.4.155-94.50.1.aarch64", "SUSE Linux Enterprise Software Development Kit 12 SP3:kernel-obs-build-4.4.155-94.50.1.ppc64le", "SUSE Linux Enterprise Software Development Kit 12 SP3:kernel-obs-build-4.4.155-94.50.1.s390x", "SUSE Linux Enterprise Software Development Kit 12 SP3:kernel-obs-build-4.4.155-94.50.1.x86_64", "SUSE Linux Enterprise Workstation Extension 12 SP3:kernel-default-extra-4.4.155-94.50.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 6.7, baseSeverity: "MEDIUM", vectorString: "CVSS:3.0/AV:L/AC:H/PR:L/UI:R/S:U/C:H/I:H/A:H", version: "3.0", }, products: [ "SUSE Linux Enterprise Desktop 12 SP3:kernel-default-4.4.155-94.50.1.x86_64", "SUSE Linux Enterprise Desktop 12 SP3:kernel-default-devel-4.4.155-94.50.1.x86_64", "SUSE Linux Enterprise Desktop 12 SP3:kernel-default-extra-4.4.155-94.50.1.x86_64", "SUSE Linux Enterprise Desktop 12 SP3:kernel-devel-4.4.155-94.50.1.noarch", "SUSE Linux Enterprise Desktop 12 SP3:kernel-macros-4.4.155-94.50.1.noarch", "SUSE Linux Enterprise Desktop 12 SP3:kernel-source-4.4.155-94.50.1.noarch", "SUSE Linux Enterprise Desktop 12 SP3:kernel-syms-4.4.155-94.50.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP3:cluster-md-kmp-default-4.4.155-94.50.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP3:cluster-md-kmp-default-4.4.155-94.50.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP3:cluster-md-kmp-default-4.4.155-94.50.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP3:dlm-kmp-default-4.4.155-94.50.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP3:dlm-kmp-default-4.4.155-94.50.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP3:dlm-kmp-default-4.4.155-94.50.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP3:gfs2-kmp-default-4.4.155-94.50.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP3:gfs2-kmp-default-4.4.155-94.50.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP3:gfs2-kmp-default-4.4.155-94.50.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP3:ocfs2-kmp-default-4.4.155-94.50.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP3:ocfs2-kmp-default-4.4.155-94.50.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP3:ocfs2-kmp-default-4.4.155-94.50.1.x86_64", "SUSE Linux Enterprise Server 12 SP3:kernel-default-4.4.155-94.50.1.aarch64", "SUSE Linux Enterprise Server 12 SP3:kernel-default-4.4.155-94.50.1.ppc64le", "SUSE Linux Enterprise Server 12 SP3:kernel-default-4.4.155-94.50.1.s390x", "SUSE Linux Enterprise Server 12 SP3:kernel-default-4.4.155-94.50.1.x86_64", "SUSE Linux Enterprise Server 12 SP3:kernel-default-base-4.4.155-94.50.1.aarch64", "SUSE Linux Enterprise Server 12 SP3:kernel-default-base-4.4.155-94.50.1.ppc64le", "SUSE Linux Enterprise Server 12 SP3:kernel-default-base-4.4.155-94.50.1.s390x", "SUSE Linux Enterprise Server 12 SP3:kernel-default-base-4.4.155-94.50.1.x86_64", "SUSE Linux Enterprise Server 12 SP3:kernel-default-devel-4.4.155-94.50.1.aarch64", "SUSE Linux Enterprise Server 12 SP3:kernel-default-devel-4.4.155-94.50.1.ppc64le", "SUSE Linux Enterprise Server 12 SP3:kernel-default-devel-4.4.155-94.50.1.s390x", "SUSE Linux Enterprise Server 12 SP3:kernel-default-devel-4.4.155-94.50.1.x86_64", "SUSE Linux Enterprise Server 12 SP3:kernel-default-man-4.4.155-94.50.1.s390x", "SUSE Linux Enterprise Server 12 SP3:kernel-devel-4.4.155-94.50.1.noarch", "SUSE Linux Enterprise Server 12 SP3:kernel-macros-4.4.155-94.50.1.noarch", "SUSE Linux Enterprise Server 12 SP3:kernel-source-4.4.155-94.50.1.noarch", "SUSE Linux Enterprise Server 12 SP3:kernel-syms-4.4.155-94.50.1.aarch64", "SUSE Linux Enterprise Server 12 SP3:kernel-syms-4.4.155-94.50.1.ppc64le", "SUSE Linux Enterprise Server 12 SP3:kernel-syms-4.4.155-94.50.1.s390x", "SUSE Linux Enterprise Server 12 SP3:kernel-syms-4.4.155-94.50.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-4.4.155-94.50.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-4.4.155-94.50.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-4.4.155-94.50.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-4.4.155-94.50.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-base-4.4.155-94.50.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-base-4.4.155-94.50.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-base-4.4.155-94.50.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-base-4.4.155-94.50.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-devel-4.4.155-94.50.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-devel-4.4.155-94.50.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-devel-4.4.155-94.50.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-devel-4.4.155-94.50.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-man-4.4.155-94.50.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-devel-4.4.155-94.50.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-macros-4.4.155-94.50.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-source-4.4.155-94.50.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-syms-4.4.155-94.50.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-syms-4.4.155-94.50.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-syms-4.4.155-94.50.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-syms-4.4.155-94.50.1.x86_64", "SUSE Linux Enterprise Software Development Kit 12 SP3:kernel-docs-4.4.155-94.50.1.noarch", "SUSE Linux Enterprise Software Development Kit 12 SP3:kernel-obs-build-4.4.155-94.50.1.aarch64", "SUSE Linux Enterprise Software Development Kit 12 SP3:kernel-obs-build-4.4.155-94.50.1.ppc64le", "SUSE Linux Enterprise Software Development Kit 12 SP3:kernel-obs-build-4.4.155-94.50.1.s390x", "SUSE Linux Enterprise Software Development Kit 12 SP3:kernel-obs-build-4.4.155-94.50.1.x86_64", "SUSE Linux Enterprise Workstation Extension 12 SP3:kernel-default-extra-4.4.155-94.50.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2018-09-20T16:27:28Z", details: "low", }, ], title: "CVE-2018-10877", }, { cve: "CVE-2018-10878", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2018-10878", }, ], notes: [ { category: "general", text: "A flaw was found in the Linux kernel's ext4 filesystem. A local user can cause an out-of-bounds write and a denial of service or unspecified other impact is possible by mounting and operating a crafted ext4 filesystem image.", title: "CVE description", }, ], product_status: { recommended: [ "SUSE Linux Enterprise Desktop 12 SP3:kernel-default-4.4.155-94.50.1.x86_64", "SUSE Linux Enterprise Desktop 12 SP3:kernel-default-devel-4.4.155-94.50.1.x86_64", "SUSE Linux Enterprise Desktop 12 SP3:kernel-default-extra-4.4.155-94.50.1.x86_64", "SUSE Linux Enterprise Desktop 12 SP3:kernel-devel-4.4.155-94.50.1.noarch", "SUSE Linux Enterprise Desktop 12 SP3:kernel-macros-4.4.155-94.50.1.noarch", "SUSE Linux Enterprise Desktop 12 SP3:kernel-source-4.4.155-94.50.1.noarch", "SUSE Linux Enterprise Desktop 12 SP3:kernel-syms-4.4.155-94.50.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP3:cluster-md-kmp-default-4.4.155-94.50.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP3:cluster-md-kmp-default-4.4.155-94.50.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP3:cluster-md-kmp-default-4.4.155-94.50.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP3:dlm-kmp-default-4.4.155-94.50.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP3:dlm-kmp-default-4.4.155-94.50.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP3:dlm-kmp-default-4.4.155-94.50.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP3:gfs2-kmp-default-4.4.155-94.50.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP3:gfs2-kmp-default-4.4.155-94.50.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP3:gfs2-kmp-default-4.4.155-94.50.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP3:ocfs2-kmp-default-4.4.155-94.50.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP3:ocfs2-kmp-default-4.4.155-94.50.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP3:ocfs2-kmp-default-4.4.155-94.50.1.x86_64", "SUSE Linux Enterprise Server 12 SP3:kernel-default-4.4.155-94.50.1.aarch64", "SUSE Linux Enterprise Server 12 SP3:kernel-default-4.4.155-94.50.1.ppc64le", "SUSE Linux Enterprise Server 12 SP3:kernel-default-4.4.155-94.50.1.s390x", "SUSE Linux Enterprise Server 12 SP3:kernel-default-4.4.155-94.50.1.x86_64", "SUSE Linux Enterprise Server 12 SP3:kernel-default-base-4.4.155-94.50.1.aarch64", "SUSE Linux Enterprise Server 12 SP3:kernel-default-base-4.4.155-94.50.1.ppc64le", "SUSE Linux Enterprise Server 12 SP3:kernel-default-base-4.4.155-94.50.1.s390x", "SUSE Linux Enterprise Server 12 SP3:kernel-default-base-4.4.155-94.50.1.x86_64", "SUSE Linux Enterprise Server 12 SP3:kernel-default-devel-4.4.155-94.50.1.aarch64", "SUSE Linux Enterprise Server 12 SP3:kernel-default-devel-4.4.155-94.50.1.ppc64le", "SUSE Linux Enterprise Server 12 SP3:kernel-default-devel-4.4.155-94.50.1.s390x", "SUSE Linux Enterprise Server 12 SP3:kernel-default-devel-4.4.155-94.50.1.x86_64", "SUSE Linux Enterprise Server 12 SP3:kernel-default-man-4.4.155-94.50.1.s390x", "SUSE Linux Enterprise Server 12 SP3:kernel-devel-4.4.155-94.50.1.noarch", "SUSE Linux Enterprise Server 12 SP3:kernel-macros-4.4.155-94.50.1.noarch", "SUSE Linux Enterprise Server 12 SP3:kernel-source-4.4.155-94.50.1.noarch", "SUSE Linux Enterprise Server 12 SP3:kernel-syms-4.4.155-94.50.1.aarch64", "SUSE Linux Enterprise Server 12 SP3:kernel-syms-4.4.155-94.50.1.ppc64le", "SUSE Linux Enterprise Server 12 SP3:kernel-syms-4.4.155-94.50.1.s390x", "SUSE Linux Enterprise Server 12 SP3:kernel-syms-4.4.155-94.50.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-4.4.155-94.50.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-4.4.155-94.50.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-4.4.155-94.50.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-4.4.155-94.50.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-base-4.4.155-94.50.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-base-4.4.155-94.50.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-base-4.4.155-94.50.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-base-4.4.155-94.50.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-devel-4.4.155-94.50.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-devel-4.4.155-94.50.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-devel-4.4.155-94.50.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-devel-4.4.155-94.50.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-man-4.4.155-94.50.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-devel-4.4.155-94.50.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-macros-4.4.155-94.50.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-source-4.4.155-94.50.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-syms-4.4.155-94.50.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-syms-4.4.155-94.50.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-syms-4.4.155-94.50.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-syms-4.4.155-94.50.1.x86_64", "SUSE Linux Enterprise Software Development Kit 12 SP3:kernel-docs-4.4.155-94.50.1.noarch", "SUSE Linux Enterprise Software Development Kit 12 SP3:kernel-obs-build-4.4.155-94.50.1.aarch64", "SUSE Linux Enterprise Software Development Kit 12 SP3:kernel-obs-build-4.4.155-94.50.1.ppc64le", "SUSE Linux Enterprise Software Development Kit 12 SP3:kernel-obs-build-4.4.155-94.50.1.s390x", "SUSE Linux Enterprise Software Development Kit 12 SP3:kernel-obs-build-4.4.155-94.50.1.x86_64", "SUSE Linux Enterprise Workstation Extension 12 SP3:kernel-default-extra-4.4.155-94.50.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2018-10878", url: "https://www.suse.com/security/cve/CVE-2018-10878", }, { category: "external", summary: "SUSE Bug 1087082 for CVE-2018-10878", url: "https://bugzilla.suse.com/1087082", }, { category: "external", summary: "SUSE Bug 1099813 for CVE-2018-10878", url: "https://bugzilla.suse.com/1099813", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE Linux Enterprise Desktop 12 SP3:kernel-default-4.4.155-94.50.1.x86_64", "SUSE Linux Enterprise Desktop 12 SP3:kernel-default-devel-4.4.155-94.50.1.x86_64", "SUSE Linux Enterprise Desktop 12 SP3:kernel-default-extra-4.4.155-94.50.1.x86_64", "SUSE Linux Enterprise Desktop 12 SP3:kernel-devel-4.4.155-94.50.1.noarch", "SUSE Linux Enterprise Desktop 12 SP3:kernel-macros-4.4.155-94.50.1.noarch", "SUSE Linux Enterprise Desktop 12 SP3:kernel-source-4.4.155-94.50.1.noarch", "SUSE Linux Enterprise Desktop 12 SP3:kernel-syms-4.4.155-94.50.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP3:cluster-md-kmp-default-4.4.155-94.50.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP3:cluster-md-kmp-default-4.4.155-94.50.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP3:cluster-md-kmp-default-4.4.155-94.50.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP3:dlm-kmp-default-4.4.155-94.50.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP3:dlm-kmp-default-4.4.155-94.50.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP3:dlm-kmp-default-4.4.155-94.50.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP3:gfs2-kmp-default-4.4.155-94.50.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP3:gfs2-kmp-default-4.4.155-94.50.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP3:gfs2-kmp-default-4.4.155-94.50.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP3:ocfs2-kmp-default-4.4.155-94.50.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP3:ocfs2-kmp-default-4.4.155-94.50.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP3:ocfs2-kmp-default-4.4.155-94.50.1.x86_64", "SUSE Linux Enterprise Server 12 SP3:kernel-default-4.4.155-94.50.1.aarch64", "SUSE Linux Enterprise Server 12 SP3:kernel-default-4.4.155-94.50.1.ppc64le", "SUSE Linux Enterprise Server 12 SP3:kernel-default-4.4.155-94.50.1.s390x", "SUSE Linux Enterprise Server 12 SP3:kernel-default-4.4.155-94.50.1.x86_64", "SUSE Linux Enterprise Server 12 SP3:kernel-default-base-4.4.155-94.50.1.aarch64", "SUSE Linux Enterprise Server 12 SP3:kernel-default-base-4.4.155-94.50.1.ppc64le", "SUSE Linux Enterprise Server 12 SP3:kernel-default-base-4.4.155-94.50.1.s390x", "SUSE Linux Enterprise Server 12 SP3:kernel-default-base-4.4.155-94.50.1.x86_64", "SUSE Linux Enterprise Server 12 SP3:kernel-default-devel-4.4.155-94.50.1.aarch64", "SUSE Linux Enterprise Server 12 SP3:kernel-default-devel-4.4.155-94.50.1.ppc64le", "SUSE Linux Enterprise Server 12 SP3:kernel-default-devel-4.4.155-94.50.1.s390x", "SUSE Linux Enterprise Server 12 SP3:kernel-default-devel-4.4.155-94.50.1.x86_64", "SUSE Linux Enterprise Server 12 SP3:kernel-default-man-4.4.155-94.50.1.s390x", "SUSE Linux Enterprise Server 12 SP3:kernel-devel-4.4.155-94.50.1.noarch", "SUSE Linux Enterprise Server 12 SP3:kernel-macros-4.4.155-94.50.1.noarch", "SUSE Linux Enterprise Server 12 SP3:kernel-source-4.4.155-94.50.1.noarch", "SUSE Linux Enterprise Server 12 SP3:kernel-syms-4.4.155-94.50.1.aarch64", "SUSE Linux Enterprise Server 12 SP3:kernel-syms-4.4.155-94.50.1.ppc64le", "SUSE Linux Enterprise Server 12 SP3:kernel-syms-4.4.155-94.50.1.s390x", "SUSE Linux Enterprise Server 12 SP3:kernel-syms-4.4.155-94.50.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-4.4.155-94.50.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-4.4.155-94.50.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-4.4.155-94.50.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-4.4.155-94.50.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-base-4.4.155-94.50.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-base-4.4.155-94.50.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-base-4.4.155-94.50.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-base-4.4.155-94.50.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-devel-4.4.155-94.50.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-devel-4.4.155-94.50.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-devel-4.4.155-94.50.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-devel-4.4.155-94.50.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-man-4.4.155-94.50.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-devel-4.4.155-94.50.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-macros-4.4.155-94.50.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-source-4.4.155-94.50.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-syms-4.4.155-94.50.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-syms-4.4.155-94.50.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-syms-4.4.155-94.50.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-syms-4.4.155-94.50.1.x86_64", "SUSE Linux Enterprise Software Development Kit 12 SP3:kernel-docs-4.4.155-94.50.1.noarch", "SUSE Linux Enterprise Software Development Kit 12 SP3:kernel-obs-build-4.4.155-94.50.1.aarch64", "SUSE Linux Enterprise Software Development Kit 12 SP3:kernel-obs-build-4.4.155-94.50.1.ppc64le", "SUSE Linux Enterprise Software Development Kit 12 SP3:kernel-obs-build-4.4.155-94.50.1.s390x", "SUSE Linux Enterprise Software Development Kit 12 SP3:kernel-obs-build-4.4.155-94.50.1.x86_64", "SUSE Linux Enterprise Workstation Extension 12 SP3:kernel-default-extra-4.4.155-94.50.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 6.6, baseSeverity: "MEDIUM", vectorString: "CVSS:3.0/AV:L/AC:L/PR:L/UI:R/S:U/C:N/I:H/A:H", version: "3.0", }, products: [ "SUSE Linux Enterprise Desktop 12 SP3:kernel-default-4.4.155-94.50.1.x86_64", "SUSE Linux Enterprise Desktop 12 SP3:kernel-default-devel-4.4.155-94.50.1.x86_64", "SUSE Linux Enterprise Desktop 12 SP3:kernel-default-extra-4.4.155-94.50.1.x86_64", "SUSE Linux Enterprise Desktop 12 SP3:kernel-devel-4.4.155-94.50.1.noarch", "SUSE Linux Enterprise Desktop 12 SP3:kernel-macros-4.4.155-94.50.1.noarch", "SUSE Linux Enterprise Desktop 12 SP3:kernel-source-4.4.155-94.50.1.noarch", "SUSE Linux Enterprise Desktop 12 SP3:kernel-syms-4.4.155-94.50.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP3:cluster-md-kmp-default-4.4.155-94.50.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP3:cluster-md-kmp-default-4.4.155-94.50.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP3:cluster-md-kmp-default-4.4.155-94.50.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP3:dlm-kmp-default-4.4.155-94.50.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP3:dlm-kmp-default-4.4.155-94.50.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP3:dlm-kmp-default-4.4.155-94.50.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP3:gfs2-kmp-default-4.4.155-94.50.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP3:gfs2-kmp-default-4.4.155-94.50.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP3:gfs2-kmp-default-4.4.155-94.50.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP3:ocfs2-kmp-default-4.4.155-94.50.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP3:ocfs2-kmp-default-4.4.155-94.50.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP3:ocfs2-kmp-default-4.4.155-94.50.1.x86_64", "SUSE Linux Enterprise Server 12 SP3:kernel-default-4.4.155-94.50.1.aarch64", "SUSE Linux Enterprise Server 12 SP3:kernel-default-4.4.155-94.50.1.ppc64le", "SUSE Linux Enterprise Server 12 SP3:kernel-default-4.4.155-94.50.1.s390x", "SUSE Linux Enterprise Server 12 SP3:kernel-default-4.4.155-94.50.1.x86_64", "SUSE Linux Enterprise Server 12 SP3:kernel-default-base-4.4.155-94.50.1.aarch64", "SUSE Linux Enterprise Server 12 SP3:kernel-default-base-4.4.155-94.50.1.ppc64le", "SUSE Linux Enterprise Server 12 SP3:kernel-default-base-4.4.155-94.50.1.s390x", "SUSE Linux Enterprise Server 12 SP3:kernel-default-base-4.4.155-94.50.1.x86_64", "SUSE Linux Enterprise Server 12 SP3:kernel-default-devel-4.4.155-94.50.1.aarch64", "SUSE Linux Enterprise Server 12 SP3:kernel-default-devel-4.4.155-94.50.1.ppc64le", "SUSE Linux Enterprise Server 12 SP3:kernel-default-devel-4.4.155-94.50.1.s390x", "SUSE Linux Enterprise Server 12 SP3:kernel-default-devel-4.4.155-94.50.1.x86_64", "SUSE Linux Enterprise Server 12 SP3:kernel-default-man-4.4.155-94.50.1.s390x", "SUSE Linux Enterprise Server 12 SP3:kernel-devel-4.4.155-94.50.1.noarch", "SUSE Linux Enterprise Server 12 SP3:kernel-macros-4.4.155-94.50.1.noarch", "SUSE Linux Enterprise Server 12 SP3:kernel-source-4.4.155-94.50.1.noarch", "SUSE Linux Enterprise Server 12 SP3:kernel-syms-4.4.155-94.50.1.aarch64", "SUSE Linux Enterprise Server 12 SP3:kernel-syms-4.4.155-94.50.1.ppc64le", "SUSE Linux Enterprise Server 12 SP3:kernel-syms-4.4.155-94.50.1.s390x", "SUSE Linux Enterprise Server 12 SP3:kernel-syms-4.4.155-94.50.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-4.4.155-94.50.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-4.4.155-94.50.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-4.4.155-94.50.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-4.4.155-94.50.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-base-4.4.155-94.50.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-base-4.4.155-94.50.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-base-4.4.155-94.50.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-base-4.4.155-94.50.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-devel-4.4.155-94.50.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-devel-4.4.155-94.50.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-devel-4.4.155-94.50.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-devel-4.4.155-94.50.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-man-4.4.155-94.50.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-devel-4.4.155-94.50.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-macros-4.4.155-94.50.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-source-4.4.155-94.50.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-syms-4.4.155-94.50.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-syms-4.4.155-94.50.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-syms-4.4.155-94.50.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-syms-4.4.155-94.50.1.x86_64", "SUSE Linux Enterprise Software Development Kit 12 SP3:kernel-docs-4.4.155-94.50.1.noarch", "SUSE Linux Enterprise Software Development Kit 12 SP3:kernel-obs-build-4.4.155-94.50.1.aarch64", "SUSE Linux Enterprise Software Development Kit 12 SP3:kernel-obs-build-4.4.155-94.50.1.ppc64le", "SUSE Linux Enterprise Software Development Kit 12 SP3:kernel-obs-build-4.4.155-94.50.1.s390x", "SUSE Linux Enterprise Software Development Kit 12 SP3:kernel-obs-build-4.4.155-94.50.1.x86_64", "SUSE Linux Enterprise Workstation Extension 12 SP3:kernel-default-extra-4.4.155-94.50.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2018-09-20T16:27:28Z", details: "moderate", }, ], title: "CVE-2018-10878", }, { cve: "CVE-2018-10879", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2018-10879", }, ], notes: [ { category: "general", text: "A flaw was found in the Linux kernel's ext4 filesystem. A local user can cause a use-after-free in ext4_xattr_set_entry function and a denial of service or unspecified other impact may occur by renaming a file in a crafted ext4 filesystem image.", title: "CVE description", }, ], product_status: { recommended: [ "SUSE Linux Enterprise Desktop 12 SP3:kernel-default-4.4.155-94.50.1.x86_64", "SUSE Linux Enterprise Desktop 12 SP3:kernel-default-devel-4.4.155-94.50.1.x86_64", "SUSE Linux Enterprise Desktop 12 SP3:kernel-default-extra-4.4.155-94.50.1.x86_64", "SUSE Linux Enterprise Desktop 12 SP3:kernel-devel-4.4.155-94.50.1.noarch", "SUSE Linux Enterprise Desktop 12 SP3:kernel-macros-4.4.155-94.50.1.noarch", "SUSE Linux Enterprise Desktop 12 SP3:kernel-source-4.4.155-94.50.1.noarch", "SUSE Linux Enterprise Desktop 12 SP3:kernel-syms-4.4.155-94.50.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP3:cluster-md-kmp-default-4.4.155-94.50.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP3:cluster-md-kmp-default-4.4.155-94.50.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP3:cluster-md-kmp-default-4.4.155-94.50.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP3:dlm-kmp-default-4.4.155-94.50.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP3:dlm-kmp-default-4.4.155-94.50.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP3:dlm-kmp-default-4.4.155-94.50.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP3:gfs2-kmp-default-4.4.155-94.50.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP3:gfs2-kmp-default-4.4.155-94.50.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP3:gfs2-kmp-default-4.4.155-94.50.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP3:ocfs2-kmp-default-4.4.155-94.50.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP3:ocfs2-kmp-default-4.4.155-94.50.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP3:ocfs2-kmp-default-4.4.155-94.50.1.x86_64", "SUSE Linux Enterprise Server 12 SP3:kernel-default-4.4.155-94.50.1.aarch64", "SUSE Linux Enterprise Server 12 SP3:kernel-default-4.4.155-94.50.1.ppc64le", "SUSE Linux Enterprise Server 12 SP3:kernel-default-4.4.155-94.50.1.s390x", "SUSE Linux Enterprise Server 12 SP3:kernel-default-4.4.155-94.50.1.x86_64", "SUSE Linux Enterprise Server 12 SP3:kernel-default-base-4.4.155-94.50.1.aarch64", "SUSE Linux Enterprise Server 12 SP3:kernel-default-base-4.4.155-94.50.1.ppc64le", "SUSE Linux Enterprise Server 12 SP3:kernel-default-base-4.4.155-94.50.1.s390x", "SUSE Linux Enterprise Server 12 SP3:kernel-default-base-4.4.155-94.50.1.x86_64", "SUSE Linux Enterprise Server 12 SP3:kernel-default-devel-4.4.155-94.50.1.aarch64", "SUSE Linux Enterprise Server 12 SP3:kernel-default-devel-4.4.155-94.50.1.ppc64le", "SUSE Linux Enterprise Server 12 SP3:kernel-default-devel-4.4.155-94.50.1.s390x", "SUSE Linux Enterprise Server 12 SP3:kernel-default-devel-4.4.155-94.50.1.x86_64", "SUSE Linux Enterprise Server 12 SP3:kernel-default-man-4.4.155-94.50.1.s390x", "SUSE Linux Enterprise Server 12 SP3:kernel-devel-4.4.155-94.50.1.noarch", "SUSE Linux Enterprise Server 12 SP3:kernel-macros-4.4.155-94.50.1.noarch", "SUSE Linux Enterprise Server 12 SP3:kernel-source-4.4.155-94.50.1.noarch", "SUSE Linux Enterprise Server 12 SP3:kernel-syms-4.4.155-94.50.1.aarch64", "SUSE Linux Enterprise Server 12 SP3:kernel-syms-4.4.155-94.50.1.ppc64le", "SUSE Linux Enterprise Server 12 SP3:kernel-syms-4.4.155-94.50.1.s390x", "SUSE Linux Enterprise Server 12 SP3:kernel-syms-4.4.155-94.50.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-4.4.155-94.50.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-4.4.155-94.50.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-4.4.155-94.50.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-4.4.155-94.50.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-base-4.4.155-94.50.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-base-4.4.155-94.50.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-base-4.4.155-94.50.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-base-4.4.155-94.50.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-devel-4.4.155-94.50.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-devel-4.4.155-94.50.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-devel-4.4.155-94.50.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-devel-4.4.155-94.50.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-man-4.4.155-94.50.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-devel-4.4.155-94.50.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-macros-4.4.155-94.50.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-source-4.4.155-94.50.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-syms-4.4.155-94.50.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-syms-4.4.155-94.50.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-syms-4.4.155-94.50.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-syms-4.4.155-94.50.1.x86_64", "SUSE Linux Enterprise Software Development Kit 12 SP3:kernel-docs-4.4.155-94.50.1.noarch", "SUSE Linux Enterprise Software Development Kit 12 SP3:kernel-obs-build-4.4.155-94.50.1.aarch64", "SUSE Linux Enterprise Software Development Kit 12 SP3:kernel-obs-build-4.4.155-94.50.1.ppc64le", "SUSE Linux Enterprise Software Development Kit 12 SP3:kernel-obs-build-4.4.155-94.50.1.s390x", "SUSE Linux Enterprise Software Development Kit 12 SP3:kernel-obs-build-4.4.155-94.50.1.x86_64", "SUSE Linux Enterprise Workstation Extension 12 SP3:kernel-default-extra-4.4.155-94.50.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2018-10879", url: "https://www.suse.com/security/cve/CVE-2018-10879", }, { category: "external", summary: "SUSE Bug 1087082 for CVE-2018-10879", url: "https://bugzilla.suse.com/1087082", }, { category: "external", summary: "SUSE Bug 1099844 for CVE-2018-10879", url: "https://bugzilla.suse.com/1099844", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE Linux Enterprise Desktop 12 SP3:kernel-default-4.4.155-94.50.1.x86_64", "SUSE Linux Enterprise Desktop 12 SP3:kernel-default-devel-4.4.155-94.50.1.x86_64", "SUSE Linux Enterprise Desktop 12 SP3:kernel-default-extra-4.4.155-94.50.1.x86_64", "SUSE Linux Enterprise Desktop 12 SP3:kernel-devel-4.4.155-94.50.1.noarch", "SUSE Linux Enterprise Desktop 12 SP3:kernel-macros-4.4.155-94.50.1.noarch", "SUSE Linux Enterprise Desktop 12 SP3:kernel-source-4.4.155-94.50.1.noarch", "SUSE Linux Enterprise Desktop 12 SP3:kernel-syms-4.4.155-94.50.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP3:cluster-md-kmp-default-4.4.155-94.50.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP3:cluster-md-kmp-default-4.4.155-94.50.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP3:cluster-md-kmp-default-4.4.155-94.50.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP3:dlm-kmp-default-4.4.155-94.50.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP3:dlm-kmp-default-4.4.155-94.50.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP3:dlm-kmp-default-4.4.155-94.50.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP3:gfs2-kmp-default-4.4.155-94.50.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP3:gfs2-kmp-default-4.4.155-94.50.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP3:gfs2-kmp-default-4.4.155-94.50.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP3:ocfs2-kmp-default-4.4.155-94.50.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP3:ocfs2-kmp-default-4.4.155-94.50.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP3:ocfs2-kmp-default-4.4.155-94.50.1.x86_64", "SUSE Linux Enterprise Server 12 SP3:kernel-default-4.4.155-94.50.1.aarch64", "SUSE Linux Enterprise Server 12 SP3:kernel-default-4.4.155-94.50.1.ppc64le", "SUSE Linux Enterprise Server 12 SP3:kernel-default-4.4.155-94.50.1.s390x", "SUSE Linux Enterprise Server 12 SP3:kernel-default-4.4.155-94.50.1.x86_64", "SUSE Linux Enterprise Server 12 SP3:kernel-default-base-4.4.155-94.50.1.aarch64", "SUSE Linux Enterprise Server 12 SP3:kernel-default-base-4.4.155-94.50.1.ppc64le", "SUSE Linux Enterprise Server 12 SP3:kernel-default-base-4.4.155-94.50.1.s390x", "SUSE Linux Enterprise Server 12 SP3:kernel-default-base-4.4.155-94.50.1.x86_64", "SUSE Linux Enterprise Server 12 SP3:kernel-default-devel-4.4.155-94.50.1.aarch64", "SUSE Linux Enterprise Server 12 SP3:kernel-default-devel-4.4.155-94.50.1.ppc64le", "SUSE Linux Enterprise Server 12 SP3:kernel-default-devel-4.4.155-94.50.1.s390x", "SUSE Linux Enterprise Server 12 SP3:kernel-default-devel-4.4.155-94.50.1.x86_64", "SUSE Linux Enterprise Server 12 SP3:kernel-default-man-4.4.155-94.50.1.s390x", "SUSE Linux Enterprise Server 12 SP3:kernel-devel-4.4.155-94.50.1.noarch", "SUSE Linux Enterprise Server 12 SP3:kernel-macros-4.4.155-94.50.1.noarch", "SUSE Linux Enterprise Server 12 SP3:kernel-source-4.4.155-94.50.1.noarch", "SUSE Linux Enterprise Server 12 SP3:kernel-syms-4.4.155-94.50.1.aarch64", "SUSE Linux Enterprise Server 12 SP3:kernel-syms-4.4.155-94.50.1.ppc64le", "SUSE Linux Enterprise Server 12 SP3:kernel-syms-4.4.155-94.50.1.s390x", "SUSE Linux Enterprise Server 12 SP3:kernel-syms-4.4.155-94.50.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-4.4.155-94.50.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-4.4.155-94.50.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-4.4.155-94.50.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-4.4.155-94.50.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-base-4.4.155-94.50.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-base-4.4.155-94.50.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-base-4.4.155-94.50.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-base-4.4.155-94.50.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-devel-4.4.155-94.50.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-devel-4.4.155-94.50.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-devel-4.4.155-94.50.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-devel-4.4.155-94.50.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-man-4.4.155-94.50.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-devel-4.4.155-94.50.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-macros-4.4.155-94.50.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-source-4.4.155-94.50.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-syms-4.4.155-94.50.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-syms-4.4.155-94.50.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-syms-4.4.155-94.50.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-syms-4.4.155-94.50.1.x86_64", "SUSE Linux Enterprise Software Development Kit 12 SP3:kernel-docs-4.4.155-94.50.1.noarch", "SUSE Linux Enterprise Software Development Kit 12 SP3:kernel-obs-build-4.4.155-94.50.1.aarch64", "SUSE Linux Enterprise Software Development Kit 12 SP3:kernel-obs-build-4.4.155-94.50.1.ppc64le", "SUSE Linux Enterprise Software Development Kit 12 SP3:kernel-obs-build-4.4.155-94.50.1.s390x", "SUSE Linux Enterprise Software Development Kit 12 SP3:kernel-obs-build-4.4.155-94.50.1.x86_64", "SUSE Linux Enterprise Workstation Extension 12 SP3:kernel-default-extra-4.4.155-94.50.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 5, baseSeverity: "MEDIUM", vectorString: "CVSS:3.0/AV:L/AC:L/PR:L/UI:R/S:U/C:N/I:N/A:H", version: "3.0", }, products: [ "SUSE Linux Enterprise Desktop 12 SP3:kernel-default-4.4.155-94.50.1.x86_64", "SUSE Linux Enterprise Desktop 12 SP3:kernel-default-devel-4.4.155-94.50.1.x86_64", "SUSE Linux Enterprise Desktop 12 SP3:kernel-default-extra-4.4.155-94.50.1.x86_64", "SUSE Linux Enterprise Desktop 12 SP3:kernel-devel-4.4.155-94.50.1.noarch", "SUSE Linux Enterprise Desktop 12 SP3:kernel-macros-4.4.155-94.50.1.noarch", "SUSE Linux Enterprise Desktop 12 SP3:kernel-source-4.4.155-94.50.1.noarch", "SUSE Linux Enterprise Desktop 12 SP3:kernel-syms-4.4.155-94.50.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP3:cluster-md-kmp-default-4.4.155-94.50.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP3:cluster-md-kmp-default-4.4.155-94.50.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP3:cluster-md-kmp-default-4.4.155-94.50.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP3:dlm-kmp-default-4.4.155-94.50.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP3:dlm-kmp-default-4.4.155-94.50.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP3:dlm-kmp-default-4.4.155-94.50.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP3:gfs2-kmp-default-4.4.155-94.50.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP3:gfs2-kmp-default-4.4.155-94.50.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP3:gfs2-kmp-default-4.4.155-94.50.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP3:ocfs2-kmp-default-4.4.155-94.50.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP3:ocfs2-kmp-default-4.4.155-94.50.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP3:ocfs2-kmp-default-4.4.155-94.50.1.x86_64", "SUSE Linux Enterprise Server 12 SP3:kernel-default-4.4.155-94.50.1.aarch64", "SUSE Linux Enterprise Server 12 SP3:kernel-default-4.4.155-94.50.1.ppc64le", "SUSE Linux Enterprise Server 12 SP3:kernel-default-4.4.155-94.50.1.s390x", "SUSE Linux Enterprise Server 12 SP3:kernel-default-4.4.155-94.50.1.x86_64", "SUSE Linux Enterprise Server 12 SP3:kernel-default-base-4.4.155-94.50.1.aarch64", "SUSE Linux Enterprise Server 12 SP3:kernel-default-base-4.4.155-94.50.1.ppc64le", "SUSE Linux Enterprise Server 12 SP3:kernel-default-base-4.4.155-94.50.1.s390x", "SUSE Linux Enterprise Server 12 SP3:kernel-default-base-4.4.155-94.50.1.x86_64", "SUSE Linux Enterprise Server 12 SP3:kernel-default-devel-4.4.155-94.50.1.aarch64", "SUSE Linux Enterprise Server 12 SP3:kernel-default-devel-4.4.155-94.50.1.ppc64le", "SUSE Linux Enterprise Server 12 SP3:kernel-default-devel-4.4.155-94.50.1.s390x", "SUSE Linux Enterprise Server 12 SP3:kernel-default-devel-4.4.155-94.50.1.x86_64", "SUSE Linux Enterprise Server 12 SP3:kernel-default-man-4.4.155-94.50.1.s390x", "SUSE Linux Enterprise Server 12 SP3:kernel-devel-4.4.155-94.50.1.noarch", "SUSE Linux Enterprise Server 12 SP3:kernel-macros-4.4.155-94.50.1.noarch", "SUSE Linux Enterprise Server 12 SP3:kernel-source-4.4.155-94.50.1.noarch", "SUSE Linux Enterprise Server 12 SP3:kernel-syms-4.4.155-94.50.1.aarch64", "SUSE Linux Enterprise Server 12 SP3:kernel-syms-4.4.155-94.50.1.ppc64le", "SUSE Linux Enterprise Server 12 SP3:kernel-syms-4.4.155-94.50.1.s390x", "SUSE Linux Enterprise Server 12 SP3:kernel-syms-4.4.155-94.50.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-4.4.155-94.50.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-4.4.155-94.50.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-4.4.155-94.50.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-4.4.155-94.50.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-base-4.4.155-94.50.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-base-4.4.155-94.50.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-base-4.4.155-94.50.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-base-4.4.155-94.50.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-devel-4.4.155-94.50.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-devel-4.4.155-94.50.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-devel-4.4.155-94.50.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-devel-4.4.155-94.50.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-man-4.4.155-94.50.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-devel-4.4.155-94.50.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-macros-4.4.155-94.50.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-source-4.4.155-94.50.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-syms-4.4.155-94.50.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-syms-4.4.155-94.50.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-syms-4.4.155-94.50.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-syms-4.4.155-94.50.1.x86_64", "SUSE Linux Enterprise Software Development Kit 12 SP3:kernel-docs-4.4.155-94.50.1.noarch", "SUSE Linux Enterprise Software Development Kit 12 SP3:kernel-obs-build-4.4.155-94.50.1.aarch64", "SUSE Linux Enterprise Software Development Kit 12 SP3:kernel-obs-build-4.4.155-94.50.1.ppc64le", "SUSE Linux Enterprise Software Development Kit 12 SP3:kernel-obs-build-4.4.155-94.50.1.s390x", "SUSE Linux Enterprise Software Development Kit 12 SP3:kernel-obs-build-4.4.155-94.50.1.x86_64", "SUSE Linux Enterprise Workstation Extension 12 SP3:kernel-default-extra-4.4.155-94.50.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2018-09-20T16:27:28Z", details: "moderate", }, ], title: "CVE-2018-10879", }, { cve: "CVE-2018-10880", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2018-10880", }, ], notes: [ { category: "general", text: "Linux kernel is vulnerable to a stack-out-of-bounds write in the ext4 filesystem code when mounting and writing to a crafted ext4 image in ext4_update_inline_data(). An attacker could use this to cause a system crash and a denial of service.", title: "CVE description", }, ], product_status: { recommended: [ "SUSE Linux Enterprise Desktop 12 SP3:kernel-default-4.4.155-94.50.1.x86_64", "SUSE Linux Enterprise Desktop 12 SP3:kernel-default-devel-4.4.155-94.50.1.x86_64", "SUSE Linux Enterprise Desktop 12 SP3:kernel-default-extra-4.4.155-94.50.1.x86_64", "SUSE Linux Enterprise Desktop 12 SP3:kernel-devel-4.4.155-94.50.1.noarch", "SUSE Linux Enterprise Desktop 12 SP3:kernel-macros-4.4.155-94.50.1.noarch", "SUSE Linux Enterprise Desktop 12 SP3:kernel-source-4.4.155-94.50.1.noarch", "SUSE Linux Enterprise Desktop 12 SP3:kernel-syms-4.4.155-94.50.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP3:cluster-md-kmp-default-4.4.155-94.50.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP3:cluster-md-kmp-default-4.4.155-94.50.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP3:cluster-md-kmp-default-4.4.155-94.50.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP3:dlm-kmp-default-4.4.155-94.50.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP3:dlm-kmp-default-4.4.155-94.50.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP3:dlm-kmp-default-4.4.155-94.50.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP3:gfs2-kmp-default-4.4.155-94.50.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP3:gfs2-kmp-default-4.4.155-94.50.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP3:gfs2-kmp-default-4.4.155-94.50.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP3:ocfs2-kmp-default-4.4.155-94.50.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP3:ocfs2-kmp-default-4.4.155-94.50.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP3:ocfs2-kmp-default-4.4.155-94.50.1.x86_64", "SUSE Linux Enterprise Server 12 SP3:kernel-default-4.4.155-94.50.1.aarch64", "SUSE Linux Enterprise Server 12 SP3:kernel-default-4.4.155-94.50.1.ppc64le", "SUSE Linux Enterprise Server 12 SP3:kernel-default-4.4.155-94.50.1.s390x", "SUSE Linux Enterprise Server 12 SP3:kernel-default-4.4.155-94.50.1.x86_64", "SUSE Linux Enterprise Server 12 SP3:kernel-default-base-4.4.155-94.50.1.aarch64", "SUSE Linux Enterprise Server 12 SP3:kernel-default-base-4.4.155-94.50.1.ppc64le", "SUSE Linux Enterprise Server 12 SP3:kernel-default-base-4.4.155-94.50.1.s390x", "SUSE Linux Enterprise Server 12 SP3:kernel-default-base-4.4.155-94.50.1.x86_64", "SUSE Linux Enterprise Server 12 SP3:kernel-default-devel-4.4.155-94.50.1.aarch64", "SUSE Linux Enterprise Server 12 SP3:kernel-default-devel-4.4.155-94.50.1.ppc64le", "SUSE Linux Enterprise Server 12 SP3:kernel-default-devel-4.4.155-94.50.1.s390x", "SUSE Linux Enterprise Server 12 SP3:kernel-default-devel-4.4.155-94.50.1.x86_64", "SUSE Linux Enterprise Server 12 SP3:kernel-default-man-4.4.155-94.50.1.s390x", "SUSE Linux Enterprise Server 12 SP3:kernel-devel-4.4.155-94.50.1.noarch", "SUSE Linux Enterprise Server 12 SP3:kernel-macros-4.4.155-94.50.1.noarch", "SUSE Linux Enterprise Server 12 SP3:kernel-source-4.4.155-94.50.1.noarch", "SUSE Linux Enterprise Server 12 SP3:kernel-syms-4.4.155-94.50.1.aarch64", "SUSE Linux Enterprise Server 12 SP3:kernel-syms-4.4.155-94.50.1.ppc64le", "SUSE Linux Enterprise Server 12 SP3:kernel-syms-4.4.155-94.50.1.s390x", "SUSE Linux Enterprise Server 12 SP3:kernel-syms-4.4.155-94.50.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-4.4.155-94.50.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-4.4.155-94.50.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-4.4.155-94.50.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-4.4.155-94.50.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-base-4.4.155-94.50.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-base-4.4.155-94.50.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-base-4.4.155-94.50.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-base-4.4.155-94.50.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-devel-4.4.155-94.50.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-devel-4.4.155-94.50.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-devel-4.4.155-94.50.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-devel-4.4.155-94.50.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-man-4.4.155-94.50.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-devel-4.4.155-94.50.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-macros-4.4.155-94.50.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-source-4.4.155-94.50.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-syms-4.4.155-94.50.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-syms-4.4.155-94.50.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-syms-4.4.155-94.50.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-syms-4.4.155-94.50.1.x86_64", "SUSE Linux Enterprise Software Development Kit 12 SP3:kernel-docs-4.4.155-94.50.1.noarch", "SUSE Linux Enterprise Software Development Kit 12 SP3:kernel-obs-build-4.4.155-94.50.1.aarch64", "SUSE Linux Enterprise Software Development Kit 12 SP3:kernel-obs-build-4.4.155-94.50.1.ppc64le", "SUSE Linux Enterprise Software Development Kit 12 SP3:kernel-obs-build-4.4.155-94.50.1.s390x", "SUSE Linux Enterprise Software Development Kit 12 SP3:kernel-obs-build-4.4.155-94.50.1.x86_64", "SUSE Linux Enterprise Workstation Extension 12 SP3:kernel-default-extra-4.4.155-94.50.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2018-10880", url: "https://www.suse.com/security/cve/CVE-2018-10880", }, { category: "external", summary: "SUSE Bug 1087082 for CVE-2018-10880", url: "https://bugzilla.suse.com/1087082", }, { category: "external", summary: "SUSE Bug 1099845 for CVE-2018-10880", url: "https://bugzilla.suse.com/1099845", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE Linux Enterprise Desktop 12 SP3:kernel-default-4.4.155-94.50.1.x86_64", "SUSE Linux Enterprise Desktop 12 SP3:kernel-default-devel-4.4.155-94.50.1.x86_64", "SUSE Linux Enterprise Desktop 12 SP3:kernel-default-extra-4.4.155-94.50.1.x86_64", "SUSE Linux Enterprise Desktop 12 SP3:kernel-devel-4.4.155-94.50.1.noarch", "SUSE Linux Enterprise Desktop 12 SP3:kernel-macros-4.4.155-94.50.1.noarch", "SUSE Linux Enterprise Desktop 12 SP3:kernel-source-4.4.155-94.50.1.noarch", "SUSE Linux Enterprise Desktop 12 SP3:kernel-syms-4.4.155-94.50.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP3:cluster-md-kmp-default-4.4.155-94.50.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP3:cluster-md-kmp-default-4.4.155-94.50.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP3:cluster-md-kmp-default-4.4.155-94.50.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP3:dlm-kmp-default-4.4.155-94.50.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP3:dlm-kmp-default-4.4.155-94.50.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP3:dlm-kmp-default-4.4.155-94.50.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP3:gfs2-kmp-default-4.4.155-94.50.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP3:gfs2-kmp-default-4.4.155-94.50.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP3:gfs2-kmp-default-4.4.155-94.50.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP3:ocfs2-kmp-default-4.4.155-94.50.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP3:ocfs2-kmp-default-4.4.155-94.50.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP3:ocfs2-kmp-default-4.4.155-94.50.1.x86_64", "SUSE Linux Enterprise Server 12 SP3:kernel-default-4.4.155-94.50.1.aarch64", "SUSE Linux Enterprise Server 12 SP3:kernel-default-4.4.155-94.50.1.ppc64le", "SUSE Linux Enterprise Server 12 SP3:kernel-default-4.4.155-94.50.1.s390x", "SUSE Linux Enterprise Server 12 SP3:kernel-default-4.4.155-94.50.1.x86_64", "SUSE Linux Enterprise Server 12 SP3:kernel-default-base-4.4.155-94.50.1.aarch64", "SUSE Linux Enterprise Server 12 SP3:kernel-default-base-4.4.155-94.50.1.ppc64le", "SUSE Linux Enterprise Server 12 SP3:kernel-default-base-4.4.155-94.50.1.s390x", "SUSE Linux Enterprise Server 12 SP3:kernel-default-base-4.4.155-94.50.1.x86_64", "SUSE Linux Enterprise Server 12 SP3:kernel-default-devel-4.4.155-94.50.1.aarch64", "SUSE Linux Enterprise Server 12 SP3:kernel-default-devel-4.4.155-94.50.1.ppc64le", "SUSE Linux Enterprise Server 12 SP3:kernel-default-devel-4.4.155-94.50.1.s390x", "SUSE Linux Enterprise Server 12 SP3:kernel-default-devel-4.4.155-94.50.1.x86_64", "SUSE Linux Enterprise Server 12 SP3:kernel-default-man-4.4.155-94.50.1.s390x", "SUSE Linux Enterprise Server 12 SP3:kernel-devel-4.4.155-94.50.1.noarch", "SUSE Linux Enterprise Server 12 SP3:kernel-macros-4.4.155-94.50.1.noarch", "SUSE Linux Enterprise Server 12 SP3:kernel-source-4.4.155-94.50.1.noarch", "SUSE Linux Enterprise Server 12 SP3:kernel-syms-4.4.155-94.50.1.aarch64", "SUSE Linux Enterprise Server 12 SP3:kernel-syms-4.4.155-94.50.1.ppc64le", "SUSE Linux Enterprise Server 12 SP3:kernel-syms-4.4.155-94.50.1.s390x", "SUSE Linux Enterprise Server 12 SP3:kernel-syms-4.4.155-94.50.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-4.4.155-94.50.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-4.4.155-94.50.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-4.4.155-94.50.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-4.4.155-94.50.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-base-4.4.155-94.50.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-base-4.4.155-94.50.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-base-4.4.155-94.50.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-base-4.4.155-94.50.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-devel-4.4.155-94.50.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-devel-4.4.155-94.50.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-devel-4.4.155-94.50.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-devel-4.4.155-94.50.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-man-4.4.155-94.50.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-devel-4.4.155-94.50.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-macros-4.4.155-94.50.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-source-4.4.155-94.50.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-syms-4.4.155-94.50.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-syms-4.4.155-94.50.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-syms-4.4.155-94.50.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-syms-4.4.155-94.50.1.x86_64", "SUSE Linux Enterprise Software Development Kit 12 SP3:kernel-docs-4.4.155-94.50.1.noarch", "SUSE Linux Enterprise Software Development Kit 12 SP3:kernel-obs-build-4.4.155-94.50.1.aarch64", "SUSE Linux Enterprise Software Development Kit 12 SP3:kernel-obs-build-4.4.155-94.50.1.ppc64le", "SUSE Linux Enterprise Software Development Kit 12 SP3:kernel-obs-build-4.4.155-94.50.1.s390x", "SUSE Linux Enterprise Software Development Kit 12 SP3:kernel-obs-build-4.4.155-94.50.1.x86_64", "SUSE Linux Enterprise Workstation Extension 12 SP3:kernel-default-extra-4.4.155-94.50.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 5.6, baseSeverity: "MEDIUM", vectorString: "CVSS:3.0/AV:L/AC:L/PR:L/UI:R/S:U/C:N/I:L/A:H", version: "3.0", }, products: [ "SUSE Linux Enterprise Desktop 12 SP3:kernel-default-4.4.155-94.50.1.x86_64", "SUSE Linux Enterprise Desktop 12 SP3:kernel-default-devel-4.4.155-94.50.1.x86_64", "SUSE Linux Enterprise Desktop 12 SP3:kernel-default-extra-4.4.155-94.50.1.x86_64", "SUSE Linux Enterprise Desktop 12 SP3:kernel-devel-4.4.155-94.50.1.noarch", "SUSE Linux Enterprise Desktop 12 SP3:kernel-macros-4.4.155-94.50.1.noarch", "SUSE Linux Enterprise Desktop 12 SP3:kernel-source-4.4.155-94.50.1.noarch", "SUSE Linux Enterprise Desktop 12 SP3:kernel-syms-4.4.155-94.50.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP3:cluster-md-kmp-default-4.4.155-94.50.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP3:cluster-md-kmp-default-4.4.155-94.50.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP3:cluster-md-kmp-default-4.4.155-94.50.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP3:dlm-kmp-default-4.4.155-94.50.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP3:dlm-kmp-default-4.4.155-94.50.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP3:dlm-kmp-default-4.4.155-94.50.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP3:gfs2-kmp-default-4.4.155-94.50.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP3:gfs2-kmp-default-4.4.155-94.50.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP3:gfs2-kmp-default-4.4.155-94.50.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP3:ocfs2-kmp-default-4.4.155-94.50.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP3:ocfs2-kmp-default-4.4.155-94.50.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP3:ocfs2-kmp-default-4.4.155-94.50.1.x86_64", "SUSE Linux Enterprise Server 12 SP3:kernel-default-4.4.155-94.50.1.aarch64", "SUSE Linux Enterprise Server 12 SP3:kernel-default-4.4.155-94.50.1.ppc64le", "SUSE Linux Enterprise Server 12 SP3:kernel-default-4.4.155-94.50.1.s390x", "SUSE Linux Enterprise Server 12 SP3:kernel-default-4.4.155-94.50.1.x86_64", "SUSE Linux Enterprise Server 12 SP3:kernel-default-base-4.4.155-94.50.1.aarch64", "SUSE Linux Enterprise Server 12 SP3:kernel-default-base-4.4.155-94.50.1.ppc64le", "SUSE Linux Enterprise Server 12 SP3:kernel-default-base-4.4.155-94.50.1.s390x", "SUSE Linux Enterprise Server 12 SP3:kernel-default-base-4.4.155-94.50.1.x86_64", "SUSE Linux Enterprise Server 12 SP3:kernel-default-devel-4.4.155-94.50.1.aarch64", "SUSE Linux Enterprise Server 12 SP3:kernel-default-devel-4.4.155-94.50.1.ppc64le", "SUSE Linux Enterprise Server 12 SP3:kernel-default-devel-4.4.155-94.50.1.s390x", "SUSE Linux Enterprise Server 12 SP3:kernel-default-devel-4.4.155-94.50.1.x86_64", "SUSE Linux Enterprise Server 12 SP3:kernel-default-man-4.4.155-94.50.1.s390x", "SUSE Linux Enterprise Server 12 SP3:kernel-devel-4.4.155-94.50.1.noarch", "SUSE Linux Enterprise Server 12 SP3:kernel-macros-4.4.155-94.50.1.noarch", "SUSE Linux Enterprise Server 12 SP3:kernel-source-4.4.155-94.50.1.noarch", "SUSE Linux Enterprise Server 12 SP3:kernel-syms-4.4.155-94.50.1.aarch64", "SUSE Linux Enterprise Server 12 SP3:kernel-syms-4.4.155-94.50.1.ppc64le", "SUSE Linux Enterprise Server 12 SP3:kernel-syms-4.4.155-94.50.1.s390x", "SUSE Linux Enterprise Server 12 SP3:kernel-syms-4.4.155-94.50.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-4.4.155-94.50.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-4.4.155-94.50.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-4.4.155-94.50.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-4.4.155-94.50.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-base-4.4.155-94.50.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-base-4.4.155-94.50.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-base-4.4.155-94.50.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-base-4.4.155-94.50.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-devel-4.4.155-94.50.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-devel-4.4.155-94.50.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-devel-4.4.155-94.50.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-devel-4.4.155-94.50.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-man-4.4.155-94.50.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-devel-4.4.155-94.50.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-macros-4.4.155-94.50.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-source-4.4.155-94.50.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-syms-4.4.155-94.50.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-syms-4.4.155-94.50.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-syms-4.4.155-94.50.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-syms-4.4.155-94.50.1.x86_64", "SUSE Linux Enterprise Software Development Kit 12 SP3:kernel-docs-4.4.155-94.50.1.noarch", "SUSE Linux Enterprise Software Development Kit 12 SP3:kernel-obs-build-4.4.155-94.50.1.aarch64", "SUSE Linux Enterprise Software Development Kit 12 SP3:kernel-obs-build-4.4.155-94.50.1.ppc64le", "SUSE Linux Enterprise Software Development Kit 12 SP3:kernel-obs-build-4.4.155-94.50.1.s390x", "SUSE Linux Enterprise Software Development Kit 12 SP3:kernel-obs-build-4.4.155-94.50.1.x86_64", "SUSE Linux Enterprise Workstation Extension 12 SP3:kernel-default-extra-4.4.155-94.50.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2018-09-20T16:27:28Z", details: "moderate", }, ], title: "CVE-2018-10880", }, { cve: "CVE-2018-10881", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2018-10881", }, ], notes: [ { category: "general", text: "A flaw was found in the Linux kernel's ext4 filesystem. A local user can cause an out-of-bound access in ext4_get_group_info function, a denial of service, and a system crash by mounting and operating on a crafted ext4 filesystem image.", title: "CVE description", }, ], product_status: { recommended: [ "SUSE Linux Enterprise Desktop 12 SP3:kernel-default-4.4.155-94.50.1.x86_64", "SUSE Linux Enterprise Desktop 12 SP3:kernel-default-devel-4.4.155-94.50.1.x86_64", "SUSE Linux Enterprise Desktop 12 SP3:kernel-default-extra-4.4.155-94.50.1.x86_64", "SUSE Linux Enterprise Desktop 12 SP3:kernel-devel-4.4.155-94.50.1.noarch", "SUSE Linux Enterprise Desktop 12 SP3:kernel-macros-4.4.155-94.50.1.noarch", "SUSE Linux Enterprise Desktop 12 SP3:kernel-source-4.4.155-94.50.1.noarch", "SUSE Linux Enterprise Desktop 12 SP3:kernel-syms-4.4.155-94.50.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP3:cluster-md-kmp-default-4.4.155-94.50.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP3:cluster-md-kmp-default-4.4.155-94.50.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP3:cluster-md-kmp-default-4.4.155-94.50.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP3:dlm-kmp-default-4.4.155-94.50.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP3:dlm-kmp-default-4.4.155-94.50.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP3:dlm-kmp-default-4.4.155-94.50.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP3:gfs2-kmp-default-4.4.155-94.50.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP3:gfs2-kmp-default-4.4.155-94.50.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP3:gfs2-kmp-default-4.4.155-94.50.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP3:ocfs2-kmp-default-4.4.155-94.50.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP3:ocfs2-kmp-default-4.4.155-94.50.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP3:ocfs2-kmp-default-4.4.155-94.50.1.x86_64", "SUSE Linux Enterprise Server 12 SP3:kernel-default-4.4.155-94.50.1.aarch64", "SUSE Linux Enterprise Server 12 SP3:kernel-default-4.4.155-94.50.1.ppc64le", "SUSE Linux Enterprise Server 12 SP3:kernel-default-4.4.155-94.50.1.s390x", "SUSE Linux Enterprise Server 12 SP3:kernel-default-4.4.155-94.50.1.x86_64", "SUSE Linux Enterprise Server 12 SP3:kernel-default-base-4.4.155-94.50.1.aarch64", "SUSE Linux Enterprise Server 12 SP3:kernel-default-base-4.4.155-94.50.1.ppc64le", "SUSE Linux Enterprise Server 12 SP3:kernel-default-base-4.4.155-94.50.1.s390x", "SUSE Linux Enterprise Server 12 SP3:kernel-default-base-4.4.155-94.50.1.x86_64", "SUSE Linux Enterprise Server 12 SP3:kernel-default-devel-4.4.155-94.50.1.aarch64", "SUSE Linux Enterprise Server 12 SP3:kernel-default-devel-4.4.155-94.50.1.ppc64le", "SUSE Linux Enterprise Server 12 SP3:kernel-default-devel-4.4.155-94.50.1.s390x", "SUSE Linux Enterprise Server 12 SP3:kernel-default-devel-4.4.155-94.50.1.x86_64", "SUSE Linux Enterprise Server 12 SP3:kernel-default-man-4.4.155-94.50.1.s390x", "SUSE Linux Enterprise Server 12 SP3:kernel-devel-4.4.155-94.50.1.noarch", "SUSE Linux Enterprise Server 12 SP3:kernel-macros-4.4.155-94.50.1.noarch", "SUSE Linux Enterprise Server 12 SP3:kernel-source-4.4.155-94.50.1.noarch", "SUSE Linux Enterprise Server 12 SP3:kernel-syms-4.4.155-94.50.1.aarch64", "SUSE Linux Enterprise Server 12 SP3:kernel-syms-4.4.155-94.50.1.ppc64le", "SUSE Linux Enterprise Server 12 SP3:kernel-syms-4.4.155-94.50.1.s390x", "SUSE Linux Enterprise Server 12 SP3:kernel-syms-4.4.155-94.50.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-4.4.155-94.50.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-4.4.155-94.50.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-4.4.155-94.50.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-4.4.155-94.50.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-base-4.4.155-94.50.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-base-4.4.155-94.50.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-base-4.4.155-94.50.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-base-4.4.155-94.50.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-devel-4.4.155-94.50.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-devel-4.4.155-94.50.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-devel-4.4.155-94.50.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-devel-4.4.155-94.50.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-man-4.4.155-94.50.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-devel-4.4.155-94.50.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-macros-4.4.155-94.50.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-source-4.4.155-94.50.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-syms-4.4.155-94.50.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-syms-4.4.155-94.50.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-syms-4.4.155-94.50.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-syms-4.4.155-94.50.1.x86_64", "SUSE Linux Enterprise Software Development Kit 12 SP3:kernel-docs-4.4.155-94.50.1.noarch", "SUSE Linux Enterprise Software Development Kit 12 SP3:kernel-obs-build-4.4.155-94.50.1.aarch64", "SUSE Linux Enterprise Software Development Kit 12 SP3:kernel-obs-build-4.4.155-94.50.1.ppc64le", "SUSE Linux Enterprise Software Development Kit 12 SP3:kernel-obs-build-4.4.155-94.50.1.s390x", "SUSE Linux Enterprise Software Development Kit 12 SP3:kernel-obs-build-4.4.155-94.50.1.x86_64", "SUSE Linux Enterprise Workstation Extension 12 SP3:kernel-default-extra-4.4.155-94.50.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2018-10881", url: "https://www.suse.com/security/cve/CVE-2018-10881", }, { category: "external", summary: "SUSE Bug 1087082 for CVE-2018-10881", url: "https://bugzilla.suse.com/1087082", }, { category: "external", summary: "SUSE Bug 1099864 for CVE-2018-10881", url: "https://bugzilla.suse.com/1099864", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE Linux Enterprise Desktop 12 SP3:kernel-default-4.4.155-94.50.1.x86_64", "SUSE Linux Enterprise Desktop 12 SP3:kernel-default-devel-4.4.155-94.50.1.x86_64", "SUSE Linux Enterprise Desktop 12 SP3:kernel-default-extra-4.4.155-94.50.1.x86_64", "SUSE Linux Enterprise Desktop 12 SP3:kernel-devel-4.4.155-94.50.1.noarch", "SUSE Linux Enterprise Desktop 12 SP3:kernel-macros-4.4.155-94.50.1.noarch", "SUSE Linux Enterprise Desktop 12 SP3:kernel-source-4.4.155-94.50.1.noarch", "SUSE Linux Enterprise Desktop 12 SP3:kernel-syms-4.4.155-94.50.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP3:cluster-md-kmp-default-4.4.155-94.50.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP3:cluster-md-kmp-default-4.4.155-94.50.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP3:cluster-md-kmp-default-4.4.155-94.50.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP3:dlm-kmp-default-4.4.155-94.50.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP3:dlm-kmp-default-4.4.155-94.50.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP3:dlm-kmp-default-4.4.155-94.50.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP3:gfs2-kmp-default-4.4.155-94.50.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP3:gfs2-kmp-default-4.4.155-94.50.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP3:gfs2-kmp-default-4.4.155-94.50.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP3:ocfs2-kmp-default-4.4.155-94.50.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP3:ocfs2-kmp-default-4.4.155-94.50.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP3:ocfs2-kmp-default-4.4.155-94.50.1.x86_64", "SUSE Linux Enterprise Server 12 SP3:kernel-default-4.4.155-94.50.1.aarch64", "SUSE Linux Enterprise Server 12 SP3:kernel-default-4.4.155-94.50.1.ppc64le", "SUSE Linux Enterprise Server 12 SP3:kernel-default-4.4.155-94.50.1.s390x", "SUSE Linux Enterprise Server 12 SP3:kernel-default-4.4.155-94.50.1.x86_64", "SUSE Linux Enterprise Server 12 SP3:kernel-default-base-4.4.155-94.50.1.aarch64", "SUSE Linux Enterprise Server 12 SP3:kernel-default-base-4.4.155-94.50.1.ppc64le", "SUSE Linux Enterprise Server 12 SP3:kernel-default-base-4.4.155-94.50.1.s390x", "SUSE Linux Enterprise Server 12 SP3:kernel-default-base-4.4.155-94.50.1.x86_64", "SUSE Linux Enterprise Server 12 SP3:kernel-default-devel-4.4.155-94.50.1.aarch64", "SUSE Linux Enterprise Server 12 SP3:kernel-default-devel-4.4.155-94.50.1.ppc64le", "SUSE Linux Enterprise Server 12 SP3:kernel-default-devel-4.4.155-94.50.1.s390x", "SUSE Linux Enterprise Server 12 SP3:kernel-default-devel-4.4.155-94.50.1.x86_64", "SUSE Linux Enterprise Server 12 SP3:kernel-default-man-4.4.155-94.50.1.s390x", "SUSE Linux Enterprise Server 12 SP3:kernel-devel-4.4.155-94.50.1.noarch", "SUSE Linux Enterprise Server 12 SP3:kernel-macros-4.4.155-94.50.1.noarch", "SUSE Linux Enterprise Server 12 SP3:kernel-source-4.4.155-94.50.1.noarch", "SUSE Linux Enterprise Server 12 SP3:kernel-syms-4.4.155-94.50.1.aarch64", "SUSE Linux Enterprise Server 12 SP3:kernel-syms-4.4.155-94.50.1.ppc64le", "SUSE Linux Enterprise Server 12 SP3:kernel-syms-4.4.155-94.50.1.s390x", "SUSE Linux Enterprise Server 12 SP3:kernel-syms-4.4.155-94.50.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-4.4.155-94.50.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-4.4.155-94.50.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-4.4.155-94.50.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-4.4.155-94.50.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-base-4.4.155-94.50.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-base-4.4.155-94.50.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-base-4.4.155-94.50.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-base-4.4.155-94.50.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-devel-4.4.155-94.50.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-devel-4.4.155-94.50.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-devel-4.4.155-94.50.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-devel-4.4.155-94.50.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-man-4.4.155-94.50.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-devel-4.4.155-94.50.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-macros-4.4.155-94.50.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-source-4.4.155-94.50.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-syms-4.4.155-94.50.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-syms-4.4.155-94.50.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-syms-4.4.155-94.50.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-syms-4.4.155-94.50.1.x86_64", "SUSE Linux Enterprise Software Development Kit 12 SP3:kernel-docs-4.4.155-94.50.1.noarch", "SUSE Linux Enterprise Software Development Kit 12 SP3:kernel-obs-build-4.4.155-94.50.1.aarch64", "SUSE Linux Enterprise Software Development Kit 12 SP3:kernel-obs-build-4.4.155-94.50.1.ppc64le", "SUSE Linux Enterprise Software Development Kit 12 SP3:kernel-obs-build-4.4.155-94.50.1.s390x", "SUSE Linux Enterprise Software Development Kit 12 SP3:kernel-obs-build-4.4.155-94.50.1.x86_64", "SUSE Linux Enterprise Workstation Extension 12 SP3:kernel-default-extra-4.4.155-94.50.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 5, baseSeverity: "MEDIUM", vectorString: "CVSS:3.0/AV:L/AC:L/PR:L/UI:R/S:U/C:N/I:N/A:H", version: "3.0", }, products: [ "SUSE Linux Enterprise Desktop 12 SP3:kernel-default-4.4.155-94.50.1.x86_64", "SUSE Linux Enterprise Desktop 12 SP3:kernel-default-devel-4.4.155-94.50.1.x86_64", "SUSE Linux Enterprise Desktop 12 SP3:kernel-default-extra-4.4.155-94.50.1.x86_64", "SUSE Linux Enterprise Desktop 12 SP3:kernel-devel-4.4.155-94.50.1.noarch", "SUSE Linux Enterprise Desktop 12 SP3:kernel-macros-4.4.155-94.50.1.noarch", "SUSE Linux Enterprise Desktop 12 SP3:kernel-source-4.4.155-94.50.1.noarch", "SUSE Linux Enterprise Desktop 12 SP3:kernel-syms-4.4.155-94.50.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP3:cluster-md-kmp-default-4.4.155-94.50.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP3:cluster-md-kmp-default-4.4.155-94.50.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP3:cluster-md-kmp-default-4.4.155-94.50.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP3:dlm-kmp-default-4.4.155-94.50.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP3:dlm-kmp-default-4.4.155-94.50.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP3:dlm-kmp-default-4.4.155-94.50.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP3:gfs2-kmp-default-4.4.155-94.50.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP3:gfs2-kmp-default-4.4.155-94.50.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP3:gfs2-kmp-default-4.4.155-94.50.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP3:ocfs2-kmp-default-4.4.155-94.50.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP3:ocfs2-kmp-default-4.4.155-94.50.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP3:ocfs2-kmp-default-4.4.155-94.50.1.x86_64", "SUSE Linux Enterprise Server 12 SP3:kernel-default-4.4.155-94.50.1.aarch64", "SUSE Linux Enterprise Server 12 SP3:kernel-default-4.4.155-94.50.1.ppc64le", "SUSE Linux Enterprise Server 12 SP3:kernel-default-4.4.155-94.50.1.s390x", "SUSE Linux Enterprise Server 12 SP3:kernel-default-4.4.155-94.50.1.x86_64", "SUSE Linux Enterprise Server 12 SP3:kernel-default-base-4.4.155-94.50.1.aarch64", "SUSE Linux Enterprise Server 12 SP3:kernel-default-base-4.4.155-94.50.1.ppc64le", "SUSE Linux Enterprise Server 12 SP3:kernel-default-base-4.4.155-94.50.1.s390x", "SUSE Linux Enterprise Server 12 SP3:kernel-default-base-4.4.155-94.50.1.x86_64", "SUSE Linux Enterprise Server 12 SP3:kernel-default-devel-4.4.155-94.50.1.aarch64", "SUSE Linux Enterprise Server 12 SP3:kernel-default-devel-4.4.155-94.50.1.ppc64le", "SUSE Linux Enterprise Server 12 SP3:kernel-default-devel-4.4.155-94.50.1.s390x", "SUSE Linux Enterprise Server 12 SP3:kernel-default-devel-4.4.155-94.50.1.x86_64", "SUSE Linux Enterprise Server 12 SP3:kernel-default-man-4.4.155-94.50.1.s390x", "SUSE Linux Enterprise Server 12 SP3:kernel-devel-4.4.155-94.50.1.noarch", "SUSE Linux Enterprise Server 12 SP3:kernel-macros-4.4.155-94.50.1.noarch", "SUSE Linux Enterprise Server 12 SP3:kernel-source-4.4.155-94.50.1.noarch", "SUSE Linux Enterprise Server 12 SP3:kernel-syms-4.4.155-94.50.1.aarch64", "SUSE Linux Enterprise Server 12 SP3:kernel-syms-4.4.155-94.50.1.ppc64le", "SUSE Linux Enterprise Server 12 SP3:kernel-syms-4.4.155-94.50.1.s390x", "SUSE Linux Enterprise Server 12 SP3:kernel-syms-4.4.155-94.50.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-4.4.155-94.50.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-4.4.155-94.50.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-4.4.155-94.50.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-4.4.155-94.50.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-base-4.4.155-94.50.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-base-4.4.155-94.50.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-base-4.4.155-94.50.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-base-4.4.155-94.50.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-devel-4.4.155-94.50.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-devel-4.4.155-94.50.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-devel-4.4.155-94.50.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-devel-4.4.155-94.50.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-man-4.4.155-94.50.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-devel-4.4.155-94.50.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-macros-4.4.155-94.50.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-source-4.4.155-94.50.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-syms-4.4.155-94.50.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-syms-4.4.155-94.50.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-syms-4.4.155-94.50.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-syms-4.4.155-94.50.1.x86_64", "SUSE Linux Enterprise Software Development Kit 12 SP3:kernel-docs-4.4.155-94.50.1.noarch", "SUSE Linux Enterprise Software Development Kit 12 SP3:kernel-obs-build-4.4.155-94.50.1.aarch64", "SUSE Linux Enterprise Software Development Kit 12 SP3:kernel-obs-build-4.4.155-94.50.1.ppc64le", "SUSE Linux Enterprise Software Development Kit 12 SP3:kernel-obs-build-4.4.155-94.50.1.s390x", "SUSE Linux Enterprise Software Development Kit 12 SP3:kernel-obs-build-4.4.155-94.50.1.x86_64", "SUSE Linux Enterprise Workstation Extension 12 SP3:kernel-default-extra-4.4.155-94.50.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2018-09-20T16:27:28Z", details: "moderate", }, ], title: "CVE-2018-10881", }, { cve: "CVE-2018-10882", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2018-10882", }, ], notes: [ { category: "general", text: "A flaw was found in the Linux kernel's ext4 filesystem. A local user can cause an out-of-bound write in in fs/jbd2/transaction.c code, a denial of service, and a system crash by unmounting a crafted ext4 filesystem image.", title: "CVE description", }, ], product_status: { recommended: [ "SUSE Linux Enterprise Desktop 12 SP3:kernel-default-4.4.155-94.50.1.x86_64", "SUSE Linux Enterprise Desktop 12 SP3:kernel-default-devel-4.4.155-94.50.1.x86_64", "SUSE Linux Enterprise Desktop 12 SP3:kernel-default-extra-4.4.155-94.50.1.x86_64", "SUSE Linux Enterprise Desktop 12 SP3:kernel-devel-4.4.155-94.50.1.noarch", "SUSE Linux Enterprise Desktop 12 SP3:kernel-macros-4.4.155-94.50.1.noarch", "SUSE Linux Enterprise Desktop 12 SP3:kernel-source-4.4.155-94.50.1.noarch", "SUSE Linux Enterprise Desktop 12 SP3:kernel-syms-4.4.155-94.50.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP3:cluster-md-kmp-default-4.4.155-94.50.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP3:cluster-md-kmp-default-4.4.155-94.50.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP3:cluster-md-kmp-default-4.4.155-94.50.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP3:dlm-kmp-default-4.4.155-94.50.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP3:dlm-kmp-default-4.4.155-94.50.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP3:dlm-kmp-default-4.4.155-94.50.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP3:gfs2-kmp-default-4.4.155-94.50.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP3:gfs2-kmp-default-4.4.155-94.50.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP3:gfs2-kmp-default-4.4.155-94.50.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP3:ocfs2-kmp-default-4.4.155-94.50.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP3:ocfs2-kmp-default-4.4.155-94.50.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP3:ocfs2-kmp-default-4.4.155-94.50.1.x86_64", "SUSE Linux Enterprise Server 12 SP3:kernel-default-4.4.155-94.50.1.aarch64", "SUSE Linux Enterprise Server 12 SP3:kernel-default-4.4.155-94.50.1.ppc64le", "SUSE Linux Enterprise Server 12 SP3:kernel-default-4.4.155-94.50.1.s390x", "SUSE Linux Enterprise Server 12 SP3:kernel-default-4.4.155-94.50.1.x86_64", "SUSE Linux Enterprise Server 12 SP3:kernel-default-base-4.4.155-94.50.1.aarch64", "SUSE Linux Enterprise Server 12 SP3:kernel-default-base-4.4.155-94.50.1.ppc64le", "SUSE Linux Enterprise Server 12 SP3:kernel-default-base-4.4.155-94.50.1.s390x", "SUSE Linux Enterprise Server 12 SP3:kernel-default-base-4.4.155-94.50.1.x86_64", "SUSE Linux Enterprise Server 12 SP3:kernel-default-devel-4.4.155-94.50.1.aarch64", "SUSE Linux Enterprise Server 12 SP3:kernel-default-devel-4.4.155-94.50.1.ppc64le", "SUSE Linux Enterprise Server 12 SP3:kernel-default-devel-4.4.155-94.50.1.s390x", "SUSE Linux Enterprise Server 12 SP3:kernel-default-devel-4.4.155-94.50.1.x86_64", "SUSE Linux Enterprise Server 12 SP3:kernel-default-man-4.4.155-94.50.1.s390x", "SUSE Linux Enterprise Server 12 SP3:kernel-devel-4.4.155-94.50.1.noarch", "SUSE Linux Enterprise Server 12 SP3:kernel-macros-4.4.155-94.50.1.noarch", "SUSE Linux Enterprise Server 12 SP3:kernel-source-4.4.155-94.50.1.noarch", "SUSE Linux Enterprise Server 12 SP3:kernel-syms-4.4.155-94.50.1.aarch64", "SUSE Linux Enterprise Server 12 SP3:kernel-syms-4.4.155-94.50.1.ppc64le", "SUSE Linux Enterprise Server 12 SP3:kernel-syms-4.4.155-94.50.1.s390x", "SUSE Linux Enterprise Server 12 SP3:kernel-syms-4.4.155-94.50.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-4.4.155-94.50.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-4.4.155-94.50.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-4.4.155-94.50.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-4.4.155-94.50.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-base-4.4.155-94.50.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-base-4.4.155-94.50.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-base-4.4.155-94.50.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-base-4.4.155-94.50.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-devel-4.4.155-94.50.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-devel-4.4.155-94.50.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-devel-4.4.155-94.50.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-devel-4.4.155-94.50.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-man-4.4.155-94.50.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-devel-4.4.155-94.50.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-macros-4.4.155-94.50.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-source-4.4.155-94.50.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-syms-4.4.155-94.50.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-syms-4.4.155-94.50.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-syms-4.4.155-94.50.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-syms-4.4.155-94.50.1.x86_64", "SUSE Linux Enterprise Software Development Kit 12 SP3:kernel-docs-4.4.155-94.50.1.noarch", "SUSE Linux Enterprise Software Development Kit 12 SP3:kernel-obs-build-4.4.155-94.50.1.aarch64", "SUSE Linux Enterprise Software Development Kit 12 SP3:kernel-obs-build-4.4.155-94.50.1.ppc64le", "SUSE Linux Enterprise Software Development Kit 12 SP3:kernel-obs-build-4.4.155-94.50.1.s390x", "SUSE Linux Enterprise Software Development Kit 12 SP3:kernel-obs-build-4.4.155-94.50.1.x86_64", "SUSE Linux Enterprise Workstation Extension 12 SP3:kernel-default-extra-4.4.155-94.50.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2018-10882", url: "https://www.suse.com/security/cve/CVE-2018-10882", }, { category: "external", summary: "SUSE Bug 1087082 for CVE-2018-10882", url: "https://bugzilla.suse.com/1087082", }, { category: "external", summary: "SUSE Bug 1099849 for CVE-2018-10882", url: "https://bugzilla.suse.com/1099849", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE Linux Enterprise Desktop 12 SP3:kernel-default-4.4.155-94.50.1.x86_64", "SUSE Linux Enterprise Desktop 12 SP3:kernel-default-devel-4.4.155-94.50.1.x86_64", "SUSE Linux Enterprise Desktop 12 SP3:kernel-default-extra-4.4.155-94.50.1.x86_64", "SUSE Linux Enterprise Desktop 12 SP3:kernel-devel-4.4.155-94.50.1.noarch", "SUSE Linux Enterprise Desktop 12 SP3:kernel-macros-4.4.155-94.50.1.noarch", "SUSE Linux Enterprise Desktop 12 SP3:kernel-source-4.4.155-94.50.1.noarch", "SUSE Linux Enterprise Desktop 12 SP3:kernel-syms-4.4.155-94.50.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP3:cluster-md-kmp-default-4.4.155-94.50.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP3:cluster-md-kmp-default-4.4.155-94.50.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP3:cluster-md-kmp-default-4.4.155-94.50.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP3:dlm-kmp-default-4.4.155-94.50.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP3:dlm-kmp-default-4.4.155-94.50.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP3:dlm-kmp-default-4.4.155-94.50.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP3:gfs2-kmp-default-4.4.155-94.50.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP3:gfs2-kmp-default-4.4.155-94.50.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP3:gfs2-kmp-default-4.4.155-94.50.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP3:ocfs2-kmp-default-4.4.155-94.50.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP3:ocfs2-kmp-default-4.4.155-94.50.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP3:ocfs2-kmp-default-4.4.155-94.50.1.x86_64", "SUSE Linux Enterprise Server 12 SP3:kernel-default-4.4.155-94.50.1.aarch64", "SUSE Linux Enterprise Server 12 SP3:kernel-default-4.4.155-94.50.1.ppc64le", "SUSE Linux Enterprise Server 12 SP3:kernel-default-4.4.155-94.50.1.s390x", "SUSE Linux Enterprise Server 12 SP3:kernel-default-4.4.155-94.50.1.x86_64", "SUSE Linux Enterprise Server 12 SP3:kernel-default-base-4.4.155-94.50.1.aarch64", "SUSE Linux Enterprise Server 12 SP3:kernel-default-base-4.4.155-94.50.1.ppc64le", "SUSE Linux Enterprise Server 12 SP3:kernel-default-base-4.4.155-94.50.1.s390x", "SUSE Linux Enterprise Server 12 SP3:kernel-default-base-4.4.155-94.50.1.x86_64", "SUSE Linux Enterprise Server 12 SP3:kernel-default-devel-4.4.155-94.50.1.aarch64", "SUSE Linux Enterprise Server 12 SP3:kernel-default-devel-4.4.155-94.50.1.ppc64le", "SUSE Linux Enterprise Server 12 SP3:kernel-default-devel-4.4.155-94.50.1.s390x", "SUSE Linux Enterprise Server 12 SP3:kernel-default-devel-4.4.155-94.50.1.x86_64", "SUSE Linux Enterprise Server 12 SP3:kernel-default-man-4.4.155-94.50.1.s390x", "SUSE Linux Enterprise Server 12 SP3:kernel-devel-4.4.155-94.50.1.noarch", "SUSE Linux Enterprise Server 12 SP3:kernel-macros-4.4.155-94.50.1.noarch", "SUSE Linux Enterprise Server 12 SP3:kernel-source-4.4.155-94.50.1.noarch", "SUSE Linux Enterprise Server 12 SP3:kernel-syms-4.4.155-94.50.1.aarch64", "SUSE Linux Enterprise Server 12 SP3:kernel-syms-4.4.155-94.50.1.ppc64le", "SUSE Linux Enterprise Server 12 SP3:kernel-syms-4.4.155-94.50.1.s390x", "SUSE Linux Enterprise Server 12 SP3:kernel-syms-4.4.155-94.50.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-4.4.155-94.50.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-4.4.155-94.50.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-4.4.155-94.50.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-4.4.155-94.50.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-base-4.4.155-94.50.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-base-4.4.155-94.50.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-base-4.4.155-94.50.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-base-4.4.155-94.50.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-devel-4.4.155-94.50.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-devel-4.4.155-94.50.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-devel-4.4.155-94.50.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-devel-4.4.155-94.50.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-man-4.4.155-94.50.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-devel-4.4.155-94.50.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-macros-4.4.155-94.50.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-source-4.4.155-94.50.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-syms-4.4.155-94.50.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-syms-4.4.155-94.50.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-syms-4.4.155-94.50.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-syms-4.4.155-94.50.1.x86_64", "SUSE Linux Enterprise Software Development Kit 12 SP3:kernel-docs-4.4.155-94.50.1.noarch", "SUSE Linux Enterprise Software Development Kit 12 SP3:kernel-obs-build-4.4.155-94.50.1.aarch64", "SUSE Linux Enterprise Software Development Kit 12 SP3:kernel-obs-build-4.4.155-94.50.1.ppc64le", "SUSE Linux Enterprise Software Development Kit 12 SP3:kernel-obs-build-4.4.155-94.50.1.s390x", "SUSE Linux Enterprise Software Development Kit 12 SP3:kernel-obs-build-4.4.155-94.50.1.x86_64", "SUSE Linux Enterprise Workstation Extension 12 SP3:kernel-default-extra-4.4.155-94.50.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 5, baseSeverity: "MEDIUM", vectorString: "CVSS:3.0/AV:L/AC:L/PR:L/UI:R/S:U/C:N/I:N/A:H", version: "3.0", }, products: [ "SUSE Linux Enterprise Desktop 12 SP3:kernel-default-4.4.155-94.50.1.x86_64", "SUSE Linux Enterprise Desktop 12 SP3:kernel-default-devel-4.4.155-94.50.1.x86_64", "SUSE Linux Enterprise Desktop 12 SP3:kernel-default-extra-4.4.155-94.50.1.x86_64", "SUSE Linux Enterprise Desktop 12 SP3:kernel-devel-4.4.155-94.50.1.noarch", "SUSE Linux Enterprise Desktop 12 SP3:kernel-macros-4.4.155-94.50.1.noarch", "SUSE Linux Enterprise Desktop 12 SP3:kernel-source-4.4.155-94.50.1.noarch", "SUSE Linux Enterprise Desktop 12 SP3:kernel-syms-4.4.155-94.50.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP3:cluster-md-kmp-default-4.4.155-94.50.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP3:cluster-md-kmp-default-4.4.155-94.50.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP3:cluster-md-kmp-default-4.4.155-94.50.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP3:dlm-kmp-default-4.4.155-94.50.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP3:dlm-kmp-default-4.4.155-94.50.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP3:dlm-kmp-default-4.4.155-94.50.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP3:gfs2-kmp-default-4.4.155-94.50.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP3:gfs2-kmp-default-4.4.155-94.50.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP3:gfs2-kmp-default-4.4.155-94.50.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP3:ocfs2-kmp-default-4.4.155-94.50.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP3:ocfs2-kmp-default-4.4.155-94.50.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP3:ocfs2-kmp-default-4.4.155-94.50.1.x86_64", "SUSE Linux Enterprise Server 12 SP3:kernel-default-4.4.155-94.50.1.aarch64", "SUSE Linux Enterprise Server 12 SP3:kernel-default-4.4.155-94.50.1.ppc64le", "SUSE Linux Enterprise Server 12 SP3:kernel-default-4.4.155-94.50.1.s390x", "SUSE Linux Enterprise Server 12 SP3:kernel-default-4.4.155-94.50.1.x86_64", "SUSE Linux Enterprise Server 12 SP3:kernel-default-base-4.4.155-94.50.1.aarch64", "SUSE Linux Enterprise Server 12 SP3:kernel-default-base-4.4.155-94.50.1.ppc64le", "SUSE Linux Enterprise Server 12 SP3:kernel-default-base-4.4.155-94.50.1.s390x", "SUSE Linux Enterprise Server 12 SP3:kernel-default-base-4.4.155-94.50.1.x86_64", "SUSE Linux Enterprise Server 12 SP3:kernel-default-devel-4.4.155-94.50.1.aarch64", "SUSE Linux Enterprise Server 12 SP3:kernel-default-devel-4.4.155-94.50.1.ppc64le", "SUSE Linux Enterprise Server 12 SP3:kernel-default-devel-4.4.155-94.50.1.s390x", "SUSE Linux Enterprise Server 12 SP3:kernel-default-devel-4.4.155-94.50.1.x86_64", "SUSE Linux Enterprise Server 12 SP3:kernel-default-man-4.4.155-94.50.1.s390x", "SUSE Linux Enterprise Server 12 SP3:kernel-devel-4.4.155-94.50.1.noarch", "SUSE Linux Enterprise Server 12 SP3:kernel-macros-4.4.155-94.50.1.noarch", "SUSE Linux Enterprise Server 12 SP3:kernel-source-4.4.155-94.50.1.noarch", "SUSE Linux Enterprise Server 12 SP3:kernel-syms-4.4.155-94.50.1.aarch64", "SUSE Linux Enterprise Server 12 SP3:kernel-syms-4.4.155-94.50.1.ppc64le", "SUSE Linux Enterprise Server 12 SP3:kernel-syms-4.4.155-94.50.1.s390x", "SUSE Linux Enterprise Server 12 SP3:kernel-syms-4.4.155-94.50.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-4.4.155-94.50.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-4.4.155-94.50.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-4.4.155-94.50.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-4.4.155-94.50.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-base-4.4.155-94.50.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-base-4.4.155-94.50.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-base-4.4.155-94.50.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-base-4.4.155-94.50.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-devel-4.4.155-94.50.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-devel-4.4.155-94.50.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-devel-4.4.155-94.50.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-devel-4.4.155-94.50.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-man-4.4.155-94.50.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-devel-4.4.155-94.50.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-macros-4.4.155-94.50.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-source-4.4.155-94.50.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-syms-4.4.155-94.50.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-syms-4.4.155-94.50.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-syms-4.4.155-94.50.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-syms-4.4.155-94.50.1.x86_64", "SUSE Linux Enterprise Software Development Kit 12 SP3:kernel-docs-4.4.155-94.50.1.noarch", "SUSE Linux Enterprise Software Development Kit 12 SP3:kernel-obs-build-4.4.155-94.50.1.aarch64", "SUSE Linux Enterprise Software Development Kit 12 SP3:kernel-obs-build-4.4.155-94.50.1.ppc64le", "SUSE Linux Enterprise Software Development Kit 12 SP3:kernel-obs-build-4.4.155-94.50.1.s390x", "SUSE Linux Enterprise Software Development Kit 12 SP3:kernel-obs-build-4.4.155-94.50.1.x86_64", "SUSE Linux Enterprise Workstation Extension 12 SP3:kernel-default-extra-4.4.155-94.50.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2018-09-20T16:27:28Z", details: "moderate", }, ], title: "CVE-2018-10882", }, { cve: "CVE-2018-10883", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2018-10883", }, ], notes: [ { category: "general", text: "A flaw was found in the Linux kernel's ext4 filesystem. A local user can cause an out-of-bounds write in jbd2_journal_dirty_metadata(), a denial of service, and a system crash by mounting and operating on a crafted ext4 filesystem image.", title: "CVE description", }, ], product_status: { recommended: [ "SUSE Linux Enterprise Desktop 12 SP3:kernel-default-4.4.155-94.50.1.x86_64", "SUSE Linux Enterprise Desktop 12 SP3:kernel-default-devel-4.4.155-94.50.1.x86_64", "SUSE Linux Enterprise Desktop 12 SP3:kernel-default-extra-4.4.155-94.50.1.x86_64", "SUSE Linux Enterprise Desktop 12 SP3:kernel-devel-4.4.155-94.50.1.noarch", "SUSE Linux Enterprise Desktop 12 SP3:kernel-macros-4.4.155-94.50.1.noarch", "SUSE Linux Enterprise Desktop 12 SP3:kernel-source-4.4.155-94.50.1.noarch", "SUSE Linux Enterprise Desktop 12 SP3:kernel-syms-4.4.155-94.50.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP3:cluster-md-kmp-default-4.4.155-94.50.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP3:cluster-md-kmp-default-4.4.155-94.50.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP3:cluster-md-kmp-default-4.4.155-94.50.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP3:dlm-kmp-default-4.4.155-94.50.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP3:dlm-kmp-default-4.4.155-94.50.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP3:dlm-kmp-default-4.4.155-94.50.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP3:gfs2-kmp-default-4.4.155-94.50.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP3:gfs2-kmp-default-4.4.155-94.50.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP3:gfs2-kmp-default-4.4.155-94.50.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP3:ocfs2-kmp-default-4.4.155-94.50.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP3:ocfs2-kmp-default-4.4.155-94.50.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP3:ocfs2-kmp-default-4.4.155-94.50.1.x86_64", "SUSE Linux Enterprise Server 12 SP3:kernel-default-4.4.155-94.50.1.aarch64", "SUSE Linux Enterprise Server 12 SP3:kernel-default-4.4.155-94.50.1.ppc64le", "SUSE Linux Enterprise Server 12 SP3:kernel-default-4.4.155-94.50.1.s390x", "SUSE Linux Enterprise Server 12 SP3:kernel-default-4.4.155-94.50.1.x86_64", "SUSE Linux Enterprise Server 12 SP3:kernel-default-base-4.4.155-94.50.1.aarch64", "SUSE Linux Enterprise Server 12 SP3:kernel-default-base-4.4.155-94.50.1.ppc64le", "SUSE Linux Enterprise Server 12 SP3:kernel-default-base-4.4.155-94.50.1.s390x", "SUSE Linux Enterprise Server 12 SP3:kernel-default-base-4.4.155-94.50.1.x86_64", "SUSE Linux Enterprise Server 12 SP3:kernel-default-devel-4.4.155-94.50.1.aarch64", "SUSE Linux Enterprise Server 12 SP3:kernel-default-devel-4.4.155-94.50.1.ppc64le", "SUSE Linux Enterprise Server 12 SP3:kernel-default-devel-4.4.155-94.50.1.s390x", "SUSE Linux Enterprise Server 12 SP3:kernel-default-devel-4.4.155-94.50.1.x86_64", "SUSE Linux Enterprise Server 12 SP3:kernel-default-man-4.4.155-94.50.1.s390x", "SUSE Linux Enterprise Server 12 SP3:kernel-devel-4.4.155-94.50.1.noarch", "SUSE Linux Enterprise Server 12 SP3:kernel-macros-4.4.155-94.50.1.noarch", "SUSE Linux Enterprise Server 12 SP3:kernel-source-4.4.155-94.50.1.noarch", "SUSE Linux Enterprise Server 12 SP3:kernel-syms-4.4.155-94.50.1.aarch64", "SUSE Linux Enterprise Server 12 SP3:kernel-syms-4.4.155-94.50.1.ppc64le", "SUSE Linux Enterprise Server 12 SP3:kernel-syms-4.4.155-94.50.1.s390x", "SUSE Linux Enterprise Server 12 SP3:kernel-syms-4.4.155-94.50.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-4.4.155-94.50.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-4.4.155-94.50.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-4.4.155-94.50.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-4.4.155-94.50.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-base-4.4.155-94.50.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-base-4.4.155-94.50.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-base-4.4.155-94.50.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-base-4.4.155-94.50.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-devel-4.4.155-94.50.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-devel-4.4.155-94.50.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-devel-4.4.155-94.50.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-devel-4.4.155-94.50.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-man-4.4.155-94.50.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-devel-4.4.155-94.50.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-macros-4.4.155-94.50.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-source-4.4.155-94.50.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-syms-4.4.155-94.50.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-syms-4.4.155-94.50.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-syms-4.4.155-94.50.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-syms-4.4.155-94.50.1.x86_64", "SUSE Linux Enterprise Software Development Kit 12 SP3:kernel-docs-4.4.155-94.50.1.noarch", "SUSE Linux Enterprise Software Development Kit 12 SP3:kernel-obs-build-4.4.155-94.50.1.aarch64", "SUSE Linux Enterprise Software Development Kit 12 SP3:kernel-obs-build-4.4.155-94.50.1.ppc64le", "SUSE Linux Enterprise Software Development Kit 12 SP3:kernel-obs-build-4.4.155-94.50.1.s390x", "SUSE Linux Enterprise Software Development Kit 12 SP3:kernel-obs-build-4.4.155-94.50.1.x86_64", "SUSE Linux Enterprise Workstation Extension 12 SP3:kernel-default-extra-4.4.155-94.50.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2018-10883", url: "https://www.suse.com/security/cve/CVE-2018-10883", }, { category: "external", summary: "SUSE Bug 1087082 for CVE-2018-10883", url: "https://bugzilla.suse.com/1087082", }, { category: "external", summary: "SUSE Bug 1099863 for CVE-2018-10883", url: "https://bugzilla.suse.com/1099863", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE Linux Enterprise Desktop 12 SP3:kernel-default-4.4.155-94.50.1.x86_64", "SUSE Linux Enterprise Desktop 12 SP3:kernel-default-devel-4.4.155-94.50.1.x86_64", "SUSE Linux Enterprise Desktop 12 SP3:kernel-default-extra-4.4.155-94.50.1.x86_64", "SUSE Linux Enterprise Desktop 12 SP3:kernel-devel-4.4.155-94.50.1.noarch", "SUSE Linux Enterprise Desktop 12 SP3:kernel-macros-4.4.155-94.50.1.noarch", "SUSE Linux Enterprise Desktop 12 SP3:kernel-source-4.4.155-94.50.1.noarch", "SUSE Linux Enterprise Desktop 12 SP3:kernel-syms-4.4.155-94.50.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP3:cluster-md-kmp-default-4.4.155-94.50.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP3:cluster-md-kmp-default-4.4.155-94.50.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP3:cluster-md-kmp-default-4.4.155-94.50.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP3:dlm-kmp-default-4.4.155-94.50.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP3:dlm-kmp-default-4.4.155-94.50.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP3:dlm-kmp-default-4.4.155-94.50.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP3:gfs2-kmp-default-4.4.155-94.50.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP3:gfs2-kmp-default-4.4.155-94.50.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP3:gfs2-kmp-default-4.4.155-94.50.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP3:ocfs2-kmp-default-4.4.155-94.50.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP3:ocfs2-kmp-default-4.4.155-94.50.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP3:ocfs2-kmp-default-4.4.155-94.50.1.x86_64", "SUSE Linux Enterprise Server 12 SP3:kernel-default-4.4.155-94.50.1.aarch64", "SUSE Linux Enterprise Server 12 SP3:kernel-default-4.4.155-94.50.1.ppc64le", "SUSE Linux Enterprise Server 12 SP3:kernel-default-4.4.155-94.50.1.s390x", "SUSE Linux Enterprise Server 12 SP3:kernel-default-4.4.155-94.50.1.x86_64", "SUSE Linux Enterprise Server 12 SP3:kernel-default-base-4.4.155-94.50.1.aarch64", "SUSE Linux Enterprise Server 12 SP3:kernel-default-base-4.4.155-94.50.1.ppc64le", "SUSE Linux Enterprise Server 12 SP3:kernel-default-base-4.4.155-94.50.1.s390x", "SUSE Linux Enterprise Server 12 SP3:kernel-default-base-4.4.155-94.50.1.x86_64", "SUSE Linux Enterprise Server 12 SP3:kernel-default-devel-4.4.155-94.50.1.aarch64", "SUSE Linux Enterprise Server 12 SP3:kernel-default-devel-4.4.155-94.50.1.ppc64le", "SUSE Linux Enterprise Server 12 SP3:kernel-default-devel-4.4.155-94.50.1.s390x", "SUSE Linux Enterprise Server 12 SP3:kernel-default-devel-4.4.155-94.50.1.x86_64", "SUSE Linux Enterprise Server 12 SP3:kernel-default-man-4.4.155-94.50.1.s390x", "SUSE Linux Enterprise Server 12 SP3:kernel-devel-4.4.155-94.50.1.noarch", "SUSE Linux Enterprise Server 12 SP3:kernel-macros-4.4.155-94.50.1.noarch", "SUSE Linux Enterprise Server 12 SP3:kernel-source-4.4.155-94.50.1.noarch", "SUSE Linux Enterprise Server 12 SP3:kernel-syms-4.4.155-94.50.1.aarch64", "SUSE Linux Enterprise Server 12 SP3:kernel-syms-4.4.155-94.50.1.ppc64le", "SUSE Linux Enterprise Server 12 SP3:kernel-syms-4.4.155-94.50.1.s390x", "SUSE Linux Enterprise Server 12 SP3:kernel-syms-4.4.155-94.50.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-4.4.155-94.50.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-4.4.155-94.50.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-4.4.155-94.50.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-4.4.155-94.50.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-base-4.4.155-94.50.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-base-4.4.155-94.50.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-base-4.4.155-94.50.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-base-4.4.155-94.50.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-devel-4.4.155-94.50.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-devel-4.4.155-94.50.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-devel-4.4.155-94.50.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-devel-4.4.155-94.50.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-man-4.4.155-94.50.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-devel-4.4.155-94.50.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-macros-4.4.155-94.50.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-source-4.4.155-94.50.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-syms-4.4.155-94.50.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-syms-4.4.155-94.50.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-syms-4.4.155-94.50.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-syms-4.4.155-94.50.1.x86_64", "SUSE Linux Enterprise Software Development Kit 12 SP3:kernel-docs-4.4.155-94.50.1.noarch", "SUSE Linux Enterprise Software Development Kit 12 SP3:kernel-obs-build-4.4.155-94.50.1.aarch64", "SUSE Linux Enterprise Software Development Kit 12 SP3:kernel-obs-build-4.4.155-94.50.1.ppc64le", "SUSE Linux Enterprise Software Development Kit 12 SP3:kernel-obs-build-4.4.155-94.50.1.s390x", "SUSE Linux Enterprise Software Development Kit 12 SP3:kernel-obs-build-4.4.155-94.50.1.x86_64", "SUSE Linux Enterprise Workstation Extension 12 SP3:kernel-default-extra-4.4.155-94.50.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 5, baseSeverity: "MEDIUM", vectorString: "CVSS:3.0/AV:L/AC:L/PR:L/UI:R/S:U/C:N/I:N/A:H", version: "3.0", }, products: [ "SUSE Linux Enterprise Desktop 12 SP3:kernel-default-4.4.155-94.50.1.x86_64", "SUSE Linux Enterprise Desktop 12 SP3:kernel-default-devel-4.4.155-94.50.1.x86_64", "SUSE Linux Enterprise Desktop 12 SP3:kernel-default-extra-4.4.155-94.50.1.x86_64", "SUSE Linux Enterprise Desktop 12 SP3:kernel-devel-4.4.155-94.50.1.noarch", "SUSE Linux Enterprise Desktop 12 SP3:kernel-macros-4.4.155-94.50.1.noarch", "SUSE Linux Enterprise Desktop 12 SP3:kernel-source-4.4.155-94.50.1.noarch", "SUSE Linux Enterprise Desktop 12 SP3:kernel-syms-4.4.155-94.50.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP3:cluster-md-kmp-default-4.4.155-94.50.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP3:cluster-md-kmp-default-4.4.155-94.50.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP3:cluster-md-kmp-default-4.4.155-94.50.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP3:dlm-kmp-default-4.4.155-94.50.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP3:dlm-kmp-default-4.4.155-94.50.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP3:dlm-kmp-default-4.4.155-94.50.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP3:gfs2-kmp-default-4.4.155-94.50.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP3:gfs2-kmp-default-4.4.155-94.50.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP3:gfs2-kmp-default-4.4.155-94.50.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP3:ocfs2-kmp-default-4.4.155-94.50.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP3:ocfs2-kmp-default-4.4.155-94.50.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP3:ocfs2-kmp-default-4.4.155-94.50.1.x86_64", "SUSE Linux Enterprise Server 12 SP3:kernel-default-4.4.155-94.50.1.aarch64", "SUSE Linux Enterprise Server 12 SP3:kernel-default-4.4.155-94.50.1.ppc64le", "SUSE Linux Enterprise Server 12 SP3:kernel-default-4.4.155-94.50.1.s390x", "SUSE Linux Enterprise Server 12 SP3:kernel-default-4.4.155-94.50.1.x86_64", "SUSE Linux Enterprise Server 12 SP3:kernel-default-base-4.4.155-94.50.1.aarch64", "SUSE Linux Enterprise Server 12 SP3:kernel-default-base-4.4.155-94.50.1.ppc64le", "SUSE Linux Enterprise Server 12 SP3:kernel-default-base-4.4.155-94.50.1.s390x", "SUSE Linux Enterprise Server 12 SP3:kernel-default-base-4.4.155-94.50.1.x86_64", "SUSE Linux Enterprise Server 12 SP3:kernel-default-devel-4.4.155-94.50.1.aarch64", "SUSE Linux Enterprise Server 12 SP3:kernel-default-devel-4.4.155-94.50.1.ppc64le", "SUSE Linux Enterprise Server 12 SP3:kernel-default-devel-4.4.155-94.50.1.s390x", "SUSE Linux Enterprise Server 12 SP3:kernel-default-devel-4.4.155-94.50.1.x86_64", "SUSE Linux Enterprise Server 12 SP3:kernel-default-man-4.4.155-94.50.1.s390x", "SUSE Linux Enterprise Server 12 SP3:kernel-devel-4.4.155-94.50.1.noarch", "SUSE Linux Enterprise Server 12 SP3:kernel-macros-4.4.155-94.50.1.noarch", "SUSE Linux Enterprise Server 12 SP3:kernel-source-4.4.155-94.50.1.noarch", "SUSE Linux Enterprise Server 12 SP3:kernel-syms-4.4.155-94.50.1.aarch64", "SUSE Linux Enterprise Server 12 SP3:kernel-syms-4.4.155-94.50.1.ppc64le", "SUSE Linux Enterprise Server 12 SP3:kernel-syms-4.4.155-94.50.1.s390x", "SUSE Linux Enterprise Server 12 SP3:kernel-syms-4.4.155-94.50.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-4.4.155-94.50.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-4.4.155-94.50.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-4.4.155-94.50.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-4.4.155-94.50.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-base-4.4.155-94.50.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-base-4.4.155-94.50.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-base-4.4.155-94.50.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-base-4.4.155-94.50.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-devel-4.4.155-94.50.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-devel-4.4.155-94.50.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-devel-4.4.155-94.50.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-devel-4.4.155-94.50.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-man-4.4.155-94.50.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-devel-4.4.155-94.50.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-macros-4.4.155-94.50.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-source-4.4.155-94.50.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-syms-4.4.155-94.50.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-syms-4.4.155-94.50.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-syms-4.4.155-94.50.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-syms-4.4.155-94.50.1.x86_64", "SUSE Linux Enterprise Software Development Kit 12 SP3:kernel-docs-4.4.155-94.50.1.noarch", "SUSE Linux Enterprise Software Development Kit 12 SP3:kernel-obs-build-4.4.155-94.50.1.aarch64", "SUSE Linux Enterprise Software Development Kit 12 SP3:kernel-obs-build-4.4.155-94.50.1.ppc64le", "SUSE Linux Enterprise Software Development Kit 12 SP3:kernel-obs-build-4.4.155-94.50.1.s390x", "SUSE Linux Enterprise Software Development Kit 12 SP3:kernel-obs-build-4.4.155-94.50.1.x86_64", "SUSE Linux Enterprise Workstation Extension 12 SP3:kernel-default-extra-4.4.155-94.50.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2018-09-20T16:27:28Z", details: "moderate", }, ], title: "CVE-2018-10883", }, { cve: "CVE-2018-10902", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2018-10902", }, ], notes: [ { category: "general", text: "It was found that the raw midi kernel driver does not protect against concurrent access which leads to a double realloc (double free) in snd_rawmidi_input_params() and snd_rawmidi_output_status() which are part of snd_rawmidi_ioctl() handler in rawmidi.c file. A malicious local attacker could possibly use this for privilege escalation.", title: "CVE description", }, ], product_status: { recommended: [ "SUSE Linux Enterprise Desktop 12 SP3:kernel-default-4.4.155-94.50.1.x86_64", "SUSE Linux Enterprise Desktop 12 SP3:kernel-default-devel-4.4.155-94.50.1.x86_64", "SUSE Linux Enterprise Desktop 12 SP3:kernel-default-extra-4.4.155-94.50.1.x86_64", "SUSE Linux Enterprise Desktop 12 SP3:kernel-devel-4.4.155-94.50.1.noarch", "SUSE Linux Enterprise Desktop 12 SP3:kernel-macros-4.4.155-94.50.1.noarch", "SUSE Linux Enterprise Desktop 12 SP3:kernel-source-4.4.155-94.50.1.noarch", "SUSE Linux Enterprise Desktop 12 SP3:kernel-syms-4.4.155-94.50.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP3:cluster-md-kmp-default-4.4.155-94.50.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP3:cluster-md-kmp-default-4.4.155-94.50.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP3:cluster-md-kmp-default-4.4.155-94.50.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP3:dlm-kmp-default-4.4.155-94.50.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP3:dlm-kmp-default-4.4.155-94.50.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP3:dlm-kmp-default-4.4.155-94.50.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP3:gfs2-kmp-default-4.4.155-94.50.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP3:gfs2-kmp-default-4.4.155-94.50.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP3:gfs2-kmp-default-4.4.155-94.50.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP3:ocfs2-kmp-default-4.4.155-94.50.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP3:ocfs2-kmp-default-4.4.155-94.50.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP3:ocfs2-kmp-default-4.4.155-94.50.1.x86_64", "SUSE Linux Enterprise Server 12 SP3:kernel-default-4.4.155-94.50.1.aarch64", "SUSE Linux Enterprise Server 12 SP3:kernel-default-4.4.155-94.50.1.ppc64le", "SUSE Linux Enterprise Server 12 SP3:kernel-default-4.4.155-94.50.1.s390x", "SUSE Linux Enterprise Server 12 SP3:kernel-default-4.4.155-94.50.1.x86_64", "SUSE Linux Enterprise Server 12 SP3:kernel-default-base-4.4.155-94.50.1.aarch64", "SUSE Linux Enterprise Server 12 SP3:kernel-default-base-4.4.155-94.50.1.ppc64le", "SUSE Linux Enterprise Server 12 SP3:kernel-default-base-4.4.155-94.50.1.s390x", "SUSE Linux Enterprise Server 12 SP3:kernel-default-base-4.4.155-94.50.1.x86_64", "SUSE Linux Enterprise Server 12 SP3:kernel-default-devel-4.4.155-94.50.1.aarch64", "SUSE Linux Enterprise Server 12 SP3:kernel-default-devel-4.4.155-94.50.1.ppc64le", "SUSE Linux Enterprise Server 12 SP3:kernel-default-devel-4.4.155-94.50.1.s390x", "SUSE Linux Enterprise Server 12 SP3:kernel-default-devel-4.4.155-94.50.1.x86_64", "SUSE Linux Enterprise Server 12 SP3:kernel-default-man-4.4.155-94.50.1.s390x", "SUSE Linux Enterprise Server 12 SP3:kernel-devel-4.4.155-94.50.1.noarch", "SUSE Linux Enterprise Server 12 SP3:kernel-macros-4.4.155-94.50.1.noarch", "SUSE Linux Enterprise Server 12 SP3:kernel-source-4.4.155-94.50.1.noarch", "SUSE Linux Enterprise Server 12 SP3:kernel-syms-4.4.155-94.50.1.aarch64", "SUSE Linux Enterprise Server 12 SP3:kernel-syms-4.4.155-94.50.1.ppc64le", "SUSE Linux Enterprise Server 12 SP3:kernel-syms-4.4.155-94.50.1.s390x", "SUSE Linux Enterprise Server 12 SP3:kernel-syms-4.4.155-94.50.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-4.4.155-94.50.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-4.4.155-94.50.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-4.4.155-94.50.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-4.4.155-94.50.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-base-4.4.155-94.50.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-base-4.4.155-94.50.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-base-4.4.155-94.50.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-base-4.4.155-94.50.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-devel-4.4.155-94.50.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-devel-4.4.155-94.50.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-devel-4.4.155-94.50.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-devel-4.4.155-94.50.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-man-4.4.155-94.50.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-devel-4.4.155-94.50.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-macros-4.4.155-94.50.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-source-4.4.155-94.50.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-syms-4.4.155-94.50.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-syms-4.4.155-94.50.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-syms-4.4.155-94.50.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-syms-4.4.155-94.50.1.x86_64", "SUSE Linux Enterprise Software Development Kit 12 SP3:kernel-docs-4.4.155-94.50.1.noarch", "SUSE Linux Enterprise Software Development Kit 12 SP3:kernel-obs-build-4.4.155-94.50.1.aarch64", "SUSE Linux Enterprise Software Development Kit 12 SP3:kernel-obs-build-4.4.155-94.50.1.ppc64le", "SUSE Linux Enterprise Software Development Kit 12 SP3:kernel-obs-build-4.4.155-94.50.1.s390x", "SUSE Linux Enterprise Software Development Kit 12 SP3:kernel-obs-build-4.4.155-94.50.1.x86_64", "SUSE Linux Enterprise Workstation Extension 12 SP3:kernel-default-extra-4.4.155-94.50.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2018-10902", url: "https://www.suse.com/security/cve/CVE-2018-10902", }, { category: "external", summary: "SUSE Bug 1105322 for CVE-2018-10902", url: "https://bugzilla.suse.com/1105322", }, { category: "external", summary: "SUSE Bug 1105323 for CVE-2018-10902", url: "https://bugzilla.suse.com/1105323", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE Linux Enterprise Desktop 12 SP3:kernel-default-4.4.155-94.50.1.x86_64", "SUSE Linux Enterprise Desktop 12 SP3:kernel-default-devel-4.4.155-94.50.1.x86_64", "SUSE Linux Enterprise Desktop 12 SP3:kernel-default-extra-4.4.155-94.50.1.x86_64", "SUSE Linux Enterprise Desktop 12 SP3:kernel-devel-4.4.155-94.50.1.noarch", "SUSE Linux Enterprise Desktop 12 SP3:kernel-macros-4.4.155-94.50.1.noarch", "SUSE Linux Enterprise Desktop 12 SP3:kernel-source-4.4.155-94.50.1.noarch", "SUSE Linux Enterprise Desktop 12 SP3:kernel-syms-4.4.155-94.50.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP3:cluster-md-kmp-default-4.4.155-94.50.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP3:cluster-md-kmp-default-4.4.155-94.50.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP3:cluster-md-kmp-default-4.4.155-94.50.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP3:dlm-kmp-default-4.4.155-94.50.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP3:dlm-kmp-default-4.4.155-94.50.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP3:dlm-kmp-default-4.4.155-94.50.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP3:gfs2-kmp-default-4.4.155-94.50.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP3:gfs2-kmp-default-4.4.155-94.50.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP3:gfs2-kmp-default-4.4.155-94.50.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP3:ocfs2-kmp-default-4.4.155-94.50.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP3:ocfs2-kmp-default-4.4.155-94.50.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP3:ocfs2-kmp-default-4.4.155-94.50.1.x86_64", "SUSE Linux Enterprise Server 12 SP3:kernel-default-4.4.155-94.50.1.aarch64", "SUSE Linux Enterprise Server 12 SP3:kernel-default-4.4.155-94.50.1.ppc64le", "SUSE Linux Enterprise Server 12 SP3:kernel-default-4.4.155-94.50.1.s390x", "SUSE Linux Enterprise Server 12 SP3:kernel-default-4.4.155-94.50.1.x86_64", "SUSE Linux Enterprise Server 12 SP3:kernel-default-base-4.4.155-94.50.1.aarch64", "SUSE Linux Enterprise Server 12 SP3:kernel-default-base-4.4.155-94.50.1.ppc64le", "SUSE Linux Enterprise Server 12 SP3:kernel-default-base-4.4.155-94.50.1.s390x", "SUSE Linux Enterprise Server 12 SP3:kernel-default-base-4.4.155-94.50.1.x86_64", "SUSE Linux Enterprise Server 12 SP3:kernel-default-devel-4.4.155-94.50.1.aarch64", "SUSE Linux Enterprise Server 12 SP3:kernel-default-devel-4.4.155-94.50.1.ppc64le", "SUSE Linux Enterprise Server 12 SP3:kernel-default-devel-4.4.155-94.50.1.s390x", "SUSE Linux Enterprise Server 12 SP3:kernel-default-devel-4.4.155-94.50.1.x86_64", "SUSE Linux Enterprise Server 12 SP3:kernel-default-man-4.4.155-94.50.1.s390x", "SUSE Linux Enterprise Server 12 SP3:kernel-devel-4.4.155-94.50.1.noarch", "SUSE Linux Enterprise Server 12 SP3:kernel-macros-4.4.155-94.50.1.noarch", "SUSE Linux Enterprise Server 12 SP3:kernel-source-4.4.155-94.50.1.noarch", "SUSE Linux Enterprise Server 12 SP3:kernel-syms-4.4.155-94.50.1.aarch64", "SUSE Linux Enterprise Server 12 SP3:kernel-syms-4.4.155-94.50.1.ppc64le", "SUSE Linux Enterprise Server 12 SP3:kernel-syms-4.4.155-94.50.1.s390x", "SUSE Linux Enterprise Server 12 SP3:kernel-syms-4.4.155-94.50.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-4.4.155-94.50.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-4.4.155-94.50.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-4.4.155-94.50.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-4.4.155-94.50.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-base-4.4.155-94.50.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-base-4.4.155-94.50.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-base-4.4.155-94.50.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-base-4.4.155-94.50.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-devel-4.4.155-94.50.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-devel-4.4.155-94.50.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-devel-4.4.155-94.50.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-devel-4.4.155-94.50.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-man-4.4.155-94.50.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-devel-4.4.155-94.50.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-macros-4.4.155-94.50.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-source-4.4.155-94.50.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-syms-4.4.155-94.50.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-syms-4.4.155-94.50.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-syms-4.4.155-94.50.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-syms-4.4.155-94.50.1.x86_64", "SUSE Linux Enterprise Software Development Kit 12 SP3:kernel-docs-4.4.155-94.50.1.noarch", "SUSE Linux Enterprise Software Development Kit 12 SP3:kernel-obs-build-4.4.155-94.50.1.aarch64", "SUSE Linux Enterprise Software Development Kit 12 SP3:kernel-obs-build-4.4.155-94.50.1.ppc64le", "SUSE Linux Enterprise Software Development Kit 12 SP3:kernel-obs-build-4.4.155-94.50.1.s390x", "SUSE Linux Enterprise Software Development Kit 12 SP3:kernel-obs-build-4.4.155-94.50.1.x86_64", "SUSE Linux Enterprise Workstation Extension 12 SP3:kernel-default-extra-4.4.155-94.50.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 7, baseSeverity: "HIGH", vectorString: "CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H", version: "3.0", }, products: [ "SUSE Linux Enterprise Desktop 12 SP3:kernel-default-4.4.155-94.50.1.x86_64", "SUSE Linux Enterprise Desktop 12 SP3:kernel-default-devel-4.4.155-94.50.1.x86_64", "SUSE Linux Enterprise Desktop 12 SP3:kernel-default-extra-4.4.155-94.50.1.x86_64", "SUSE Linux Enterprise Desktop 12 SP3:kernel-devel-4.4.155-94.50.1.noarch", "SUSE Linux Enterprise Desktop 12 SP3:kernel-macros-4.4.155-94.50.1.noarch", "SUSE Linux Enterprise Desktop 12 SP3:kernel-source-4.4.155-94.50.1.noarch", "SUSE Linux Enterprise Desktop 12 SP3:kernel-syms-4.4.155-94.50.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP3:cluster-md-kmp-default-4.4.155-94.50.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP3:cluster-md-kmp-default-4.4.155-94.50.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP3:cluster-md-kmp-default-4.4.155-94.50.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP3:dlm-kmp-default-4.4.155-94.50.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP3:dlm-kmp-default-4.4.155-94.50.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP3:dlm-kmp-default-4.4.155-94.50.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP3:gfs2-kmp-default-4.4.155-94.50.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP3:gfs2-kmp-default-4.4.155-94.50.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP3:gfs2-kmp-default-4.4.155-94.50.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP3:ocfs2-kmp-default-4.4.155-94.50.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP3:ocfs2-kmp-default-4.4.155-94.50.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP3:ocfs2-kmp-default-4.4.155-94.50.1.x86_64", "SUSE Linux Enterprise Server 12 SP3:kernel-default-4.4.155-94.50.1.aarch64", "SUSE Linux Enterprise Server 12 SP3:kernel-default-4.4.155-94.50.1.ppc64le", "SUSE Linux Enterprise Server 12 SP3:kernel-default-4.4.155-94.50.1.s390x", "SUSE Linux Enterprise Server 12 SP3:kernel-default-4.4.155-94.50.1.x86_64", "SUSE Linux Enterprise Server 12 SP3:kernel-default-base-4.4.155-94.50.1.aarch64", "SUSE Linux Enterprise Server 12 SP3:kernel-default-base-4.4.155-94.50.1.ppc64le", "SUSE Linux Enterprise Server 12 SP3:kernel-default-base-4.4.155-94.50.1.s390x", "SUSE Linux Enterprise Server 12 SP3:kernel-default-base-4.4.155-94.50.1.x86_64", "SUSE Linux Enterprise Server 12 SP3:kernel-default-devel-4.4.155-94.50.1.aarch64", "SUSE Linux Enterprise Server 12 SP3:kernel-default-devel-4.4.155-94.50.1.ppc64le", "SUSE Linux Enterprise Server 12 SP3:kernel-default-devel-4.4.155-94.50.1.s390x", "SUSE Linux Enterprise Server 12 SP3:kernel-default-devel-4.4.155-94.50.1.x86_64", "SUSE Linux Enterprise Server 12 SP3:kernel-default-man-4.4.155-94.50.1.s390x", "SUSE Linux Enterprise Server 12 SP3:kernel-devel-4.4.155-94.50.1.noarch", "SUSE Linux Enterprise Server 12 SP3:kernel-macros-4.4.155-94.50.1.noarch", "SUSE Linux Enterprise Server 12 SP3:kernel-source-4.4.155-94.50.1.noarch", "SUSE Linux Enterprise Server 12 SP3:kernel-syms-4.4.155-94.50.1.aarch64", "SUSE Linux Enterprise Server 12 SP3:kernel-syms-4.4.155-94.50.1.ppc64le", "SUSE Linux Enterprise Server 12 SP3:kernel-syms-4.4.155-94.50.1.s390x", "SUSE Linux Enterprise Server 12 SP3:kernel-syms-4.4.155-94.50.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-4.4.155-94.50.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-4.4.155-94.50.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-4.4.155-94.50.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-4.4.155-94.50.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-base-4.4.155-94.50.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-base-4.4.155-94.50.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-base-4.4.155-94.50.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-base-4.4.155-94.50.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-devel-4.4.155-94.50.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-devel-4.4.155-94.50.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-devel-4.4.155-94.50.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-devel-4.4.155-94.50.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-man-4.4.155-94.50.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-devel-4.4.155-94.50.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-macros-4.4.155-94.50.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-source-4.4.155-94.50.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-syms-4.4.155-94.50.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-syms-4.4.155-94.50.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-syms-4.4.155-94.50.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-syms-4.4.155-94.50.1.x86_64", "SUSE Linux Enterprise Software Development Kit 12 SP3:kernel-docs-4.4.155-94.50.1.noarch", "SUSE Linux Enterprise Software Development Kit 12 SP3:kernel-obs-build-4.4.155-94.50.1.aarch64", "SUSE Linux Enterprise Software Development Kit 12 SP3:kernel-obs-build-4.4.155-94.50.1.ppc64le", "SUSE Linux Enterprise Software Development Kit 12 SP3:kernel-obs-build-4.4.155-94.50.1.s390x", "SUSE Linux Enterprise Software Development Kit 12 SP3:kernel-obs-build-4.4.155-94.50.1.x86_64", "SUSE Linux Enterprise Workstation Extension 12 SP3:kernel-default-extra-4.4.155-94.50.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2018-09-20T16:27:28Z", details: "moderate", }, ], title: "CVE-2018-10902", }, { cve: "CVE-2018-10938", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2018-10938", }, ], notes: [ { category: "general", text: "A flaw was found in the Linux kernel present since v4.0-rc1 and through v4.13-rc4. A crafted network packet sent remotely by an attacker may force the kernel to enter an infinite loop in the cipso_v4_optptr() function in net/ipv4/cipso_ipv4.c leading to a denial-of-service. A certain non-default configuration of LSM (Linux Security Module) and NetLabel should be set up on a system before an attacker could leverage this flaw.", title: "CVE description", }, ], product_status: { recommended: [ "SUSE Linux Enterprise Desktop 12 SP3:kernel-default-4.4.155-94.50.1.x86_64", "SUSE Linux Enterprise Desktop 12 SP3:kernel-default-devel-4.4.155-94.50.1.x86_64", "SUSE Linux Enterprise Desktop 12 SP3:kernel-default-extra-4.4.155-94.50.1.x86_64", "SUSE Linux Enterprise Desktop 12 SP3:kernel-devel-4.4.155-94.50.1.noarch", "SUSE Linux Enterprise Desktop 12 SP3:kernel-macros-4.4.155-94.50.1.noarch", "SUSE Linux Enterprise Desktop 12 SP3:kernel-source-4.4.155-94.50.1.noarch", "SUSE Linux Enterprise Desktop 12 SP3:kernel-syms-4.4.155-94.50.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP3:cluster-md-kmp-default-4.4.155-94.50.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP3:cluster-md-kmp-default-4.4.155-94.50.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP3:cluster-md-kmp-default-4.4.155-94.50.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP3:dlm-kmp-default-4.4.155-94.50.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP3:dlm-kmp-default-4.4.155-94.50.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP3:dlm-kmp-default-4.4.155-94.50.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP3:gfs2-kmp-default-4.4.155-94.50.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP3:gfs2-kmp-default-4.4.155-94.50.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP3:gfs2-kmp-default-4.4.155-94.50.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP3:ocfs2-kmp-default-4.4.155-94.50.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP3:ocfs2-kmp-default-4.4.155-94.50.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP3:ocfs2-kmp-default-4.4.155-94.50.1.x86_64", "SUSE Linux Enterprise Server 12 SP3:kernel-default-4.4.155-94.50.1.aarch64", "SUSE Linux Enterprise Server 12 SP3:kernel-default-4.4.155-94.50.1.ppc64le", "SUSE Linux Enterprise Server 12 SP3:kernel-default-4.4.155-94.50.1.s390x", "SUSE Linux Enterprise Server 12 SP3:kernel-default-4.4.155-94.50.1.x86_64", "SUSE Linux Enterprise Server 12 SP3:kernel-default-base-4.4.155-94.50.1.aarch64", "SUSE Linux Enterprise Server 12 SP3:kernel-default-base-4.4.155-94.50.1.ppc64le", "SUSE Linux Enterprise Server 12 SP3:kernel-default-base-4.4.155-94.50.1.s390x", "SUSE Linux Enterprise Server 12 SP3:kernel-default-base-4.4.155-94.50.1.x86_64", "SUSE Linux Enterprise Server 12 SP3:kernel-default-devel-4.4.155-94.50.1.aarch64", "SUSE Linux Enterprise Server 12 SP3:kernel-default-devel-4.4.155-94.50.1.ppc64le", "SUSE Linux Enterprise Server 12 SP3:kernel-default-devel-4.4.155-94.50.1.s390x", "SUSE Linux Enterprise Server 12 SP3:kernel-default-devel-4.4.155-94.50.1.x86_64", "SUSE Linux Enterprise Server 12 SP3:kernel-default-man-4.4.155-94.50.1.s390x", "SUSE Linux Enterprise Server 12 SP3:kernel-devel-4.4.155-94.50.1.noarch", "SUSE Linux Enterprise Server 12 SP3:kernel-macros-4.4.155-94.50.1.noarch", "SUSE Linux Enterprise Server 12 SP3:kernel-source-4.4.155-94.50.1.noarch", "SUSE Linux Enterprise Server 12 SP3:kernel-syms-4.4.155-94.50.1.aarch64", "SUSE Linux Enterprise Server 12 SP3:kernel-syms-4.4.155-94.50.1.ppc64le", "SUSE Linux Enterprise Server 12 SP3:kernel-syms-4.4.155-94.50.1.s390x", "SUSE Linux Enterprise Server 12 SP3:kernel-syms-4.4.155-94.50.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-4.4.155-94.50.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-4.4.155-94.50.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-4.4.155-94.50.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-4.4.155-94.50.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-base-4.4.155-94.50.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-base-4.4.155-94.50.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-base-4.4.155-94.50.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-base-4.4.155-94.50.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-devel-4.4.155-94.50.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-devel-4.4.155-94.50.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-devel-4.4.155-94.50.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-devel-4.4.155-94.50.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-man-4.4.155-94.50.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-devel-4.4.155-94.50.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-macros-4.4.155-94.50.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-source-4.4.155-94.50.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-syms-4.4.155-94.50.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-syms-4.4.155-94.50.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-syms-4.4.155-94.50.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-syms-4.4.155-94.50.1.x86_64", "SUSE Linux Enterprise Software Development Kit 12 SP3:kernel-docs-4.4.155-94.50.1.noarch", "SUSE Linux Enterprise Software Development Kit 12 SP3:kernel-obs-build-4.4.155-94.50.1.aarch64", "SUSE Linux Enterprise Software Development Kit 12 SP3:kernel-obs-build-4.4.155-94.50.1.ppc64le", "SUSE Linux Enterprise Software Development Kit 12 SP3:kernel-obs-build-4.4.155-94.50.1.s390x", "SUSE Linux Enterprise Software Development Kit 12 SP3:kernel-obs-build-4.4.155-94.50.1.x86_64", "SUSE Linux Enterprise Workstation Extension 12 SP3:kernel-default-extra-4.4.155-94.50.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2018-10938", url: "https://www.suse.com/security/cve/CVE-2018-10938", }, { category: "external", summary: "SUSE Bug 1106016 for CVE-2018-10938", url: "https://bugzilla.suse.com/1106016", }, { category: "external", summary: "SUSE Bug 1106191 for CVE-2018-10938", url: "https://bugzilla.suse.com/1106191", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE Linux Enterprise Desktop 12 SP3:kernel-default-4.4.155-94.50.1.x86_64", "SUSE Linux Enterprise Desktop 12 SP3:kernel-default-devel-4.4.155-94.50.1.x86_64", "SUSE Linux Enterprise Desktop 12 SP3:kernel-default-extra-4.4.155-94.50.1.x86_64", "SUSE Linux Enterprise Desktop 12 SP3:kernel-devel-4.4.155-94.50.1.noarch", "SUSE Linux Enterprise Desktop 12 SP3:kernel-macros-4.4.155-94.50.1.noarch", "SUSE Linux Enterprise Desktop 12 SP3:kernel-source-4.4.155-94.50.1.noarch", "SUSE Linux Enterprise Desktop 12 SP3:kernel-syms-4.4.155-94.50.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP3:cluster-md-kmp-default-4.4.155-94.50.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP3:cluster-md-kmp-default-4.4.155-94.50.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP3:cluster-md-kmp-default-4.4.155-94.50.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP3:dlm-kmp-default-4.4.155-94.50.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP3:dlm-kmp-default-4.4.155-94.50.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP3:dlm-kmp-default-4.4.155-94.50.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP3:gfs2-kmp-default-4.4.155-94.50.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP3:gfs2-kmp-default-4.4.155-94.50.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP3:gfs2-kmp-default-4.4.155-94.50.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP3:ocfs2-kmp-default-4.4.155-94.50.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP3:ocfs2-kmp-default-4.4.155-94.50.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP3:ocfs2-kmp-default-4.4.155-94.50.1.x86_64", "SUSE Linux Enterprise Server 12 SP3:kernel-default-4.4.155-94.50.1.aarch64", "SUSE Linux Enterprise Server 12 SP3:kernel-default-4.4.155-94.50.1.ppc64le", "SUSE Linux Enterprise Server 12 SP3:kernel-default-4.4.155-94.50.1.s390x", "SUSE Linux Enterprise Server 12 SP3:kernel-default-4.4.155-94.50.1.x86_64", "SUSE Linux Enterprise Server 12 SP3:kernel-default-base-4.4.155-94.50.1.aarch64", "SUSE Linux Enterprise Server 12 SP3:kernel-default-base-4.4.155-94.50.1.ppc64le", "SUSE Linux Enterprise Server 12 SP3:kernel-default-base-4.4.155-94.50.1.s390x", "SUSE Linux Enterprise Server 12 SP3:kernel-default-base-4.4.155-94.50.1.x86_64", "SUSE Linux Enterprise Server 12 SP3:kernel-default-devel-4.4.155-94.50.1.aarch64", "SUSE Linux Enterprise Server 12 SP3:kernel-default-devel-4.4.155-94.50.1.ppc64le", "SUSE Linux Enterprise Server 12 SP3:kernel-default-devel-4.4.155-94.50.1.s390x", "SUSE Linux Enterprise Server 12 SP3:kernel-default-devel-4.4.155-94.50.1.x86_64", "SUSE Linux Enterprise Server 12 SP3:kernel-default-man-4.4.155-94.50.1.s390x", "SUSE Linux Enterprise Server 12 SP3:kernel-devel-4.4.155-94.50.1.noarch", "SUSE Linux Enterprise Server 12 SP3:kernel-macros-4.4.155-94.50.1.noarch", "SUSE Linux Enterprise Server 12 SP3:kernel-source-4.4.155-94.50.1.noarch", "SUSE Linux Enterprise Server 12 SP3:kernel-syms-4.4.155-94.50.1.aarch64", "SUSE Linux Enterprise Server 12 SP3:kernel-syms-4.4.155-94.50.1.ppc64le", "SUSE Linux Enterprise Server 12 SP3:kernel-syms-4.4.155-94.50.1.s390x", "SUSE Linux Enterprise Server 12 SP3:kernel-syms-4.4.155-94.50.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-4.4.155-94.50.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-4.4.155-94.50.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-4.4.155-94.50.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-4.4.155-94.50.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-base-4.4.155-94.50.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-base-4.4.155-94.50.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-base-4.4.155-94.50.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-base-4.4.155-94.50.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-devel-4.4.155-94.50.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-devel-4.4.155-94.50.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-devel-4.4.155-94.50.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-devel-4.4.155-94.50.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-man-4.4.155-94.50.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-devel-4.4.155-94.50.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-macros-4.4.155-94.50.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-source-4.4.155-94.50.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-syms-4.4.155-94.50.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-syms-4.4.155-94.50.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-syms-4.4.155-94.50.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-syms-4.4.155-94.50.1.x86_64", "SUSE Linux Enterprise Software Development Kit 12 SP3:kernel-docs-4.4.155-94.50.1.noarch", "SUSE Linux Enterprise Software Development Kit 12 SP3:kernel-obs-build-4.4.155-94.50.1.aarch64", "SUSE Linux Enterprise Software Development Kit 12 SP3:kernel-obs-build-4.4.155-94.50.1.ppc64le", "SUSE Linux Enterprise Software Development Kit 12 SP3:kernel-obs-build-4.4.155-94.50.1.s390x", "SUSE Linux Enterprise Software Development Kit 12 SP3:kernel-obs-build-4.4.155-94.50.1.x86_64", "SUSE Linux Enterprise Workstation Extension 12 SP3:kernel-default-extra-4.4.155-94.50.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 7.5, baseSeverity: "HIGH", vectorString: "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", version: "3.0", }, products: [ "SUSE Linux Enterprise Desktop 12 SP3:kernel-default-4.4.155-94.50.1.x86_64", "SUSE Linux Enterprise Desktop 12 SP3:kernel-default-devel-4.4.155-94.50.1.x86_64", "SUSE Linux Enterprise Desktop 12 SP3:kernel-default-extra-4.4.155-94.50.1.x86_64", "SUSE Linux Enterprise Desktop 12 SP3:kernel-devel-4.4.155-94.50.1.noarch", "SUSE Linux Enterprise Desktop 12 SP3:kernel-macros-4.4.155-94.50.1.noarch", "SUSE Linux Enterprise Desktop 12 SP3:kernel-source-4.4.155-94.50.1.noarch", "SUSE Linux Enterprise Desktop 12 SP3:kernel-syms-4.4.155-94.50.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP3:cluster-md-kmp-default-4.4.155-94.50.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP3:cluster-md-kmp-default-4.4.155-94.50.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP3:cluster-md-kmp-default-4.4.155-94.50.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP3:dlm-kmp-default-4.4.155-94.50.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP3:dlm-kmp-default-4.4.155-94.50.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP3:dlm-kmp-default-4.4.155-94.50.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP3:gfs2-kmp-default-4.4.155-94.50.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP3:gfs2-kmp-default-4.4.155-94.50.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP3:gfs2-kmp-default-4.4.155-94.50.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP3:ocfs2-kmp-default-4.4.155-94.50.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP3:ocfs2-kmp-default-4.4.155-94.50.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP3:ocfs2-kmp-default-4.4.155-94.50.1.x86_64", "SUSE Linux Enterprise Server 12 SP3:kernel-default-4.4.155-94.50.1.aarch64", "SUSE Linux Enterprise Server 12 SP3:kernel-default-4.4.155-94.50.1.ppc64le", "SUSE Linux Enterprise Server 12 SP3:kernel-default-4.4.155-94.50.1.s390x", "SUSE Linux Enterprise Server 12 SP3:kernel-default-4.4.155-94.50.1.x86_64", "SUSE Linux Enterprise Server 12 SP3:kernel-default-base-4.4.155-94.50.1.aarch64", "SUSE Linux Enterprise Server 12 SP3:kernel-default-base-4.4.155-94.50.1.ppc64le", "SUSE Linux Enterprise Server 12 SP3:kernel-default-base-4.4.155-94.50.1.s390x", "SUSE Linux Enterprise Server 12 SP3:kernel-default-base-4.4.155-94.50.1.x86_64", "SUSE Linux Enterprise Server 12 SP3:kernel-default-devel-4.4.155-94.50.1.aarch64", "SUSE Linux Enterprise Server 12 SP3:kernel-default-devel-4.4.155-94.50.1.ppc64le", "SUSE Linux Enterprise Server 12 SP3:kernel-default-devel-4.4.155-94.50.1.s390x", "SUSE Linux Enterprise Server 12 SP3:kernel-default-devel-4.4.155-94.50.1.x86_64", "SUSE Linux Enterprise Server 12 SP3:kernel-default-man-4.4.155-94.50.1.s390x", "SUSE Linux Enterprise Server 12 SP3:kernel-devel-4.4.155-94.50.1.noarch", "SUSE Linux Enterprise Server 12 SP3:kernel-macros-4.4.155-94.50.1.noarch", "SUSE Linux Enterprise Server 12 SP3:kernel-source-4.4.155-94.50.1.noarch", "SUSE Linux Enterprise Server 12 SP3:kernel-syms-4.4.155-94.50.1.aarch64", "SUSE Linux Enterprise Server 12 SP3:kernel-syms-4.4.155-94.50.1.ppc64le", "SUSE Linux Enterprise Server 12 SP3:kernel-syms-4.4.155-94.50.1.s390x", "SUSE Linux Enterprise Server 12 SP3:kernel-syms-4.4.155-94.50.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-4.4.155-94.50.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-4.4.155-94.50.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-4.4.155-94.50.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-4.4.155-94.50.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-base-4.4.155-94.50.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-base-4.4.155-94.50.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-base-4.4.155-94.50.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-base-4.4.155-94.50.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-devel-4.4.155-94.50.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-devel-4.4.155-94.50.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-devel-4.4.155-94.50.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-devel-4.4.155-94.50.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-man-4.4.155-94.50.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-devel-4.4.155-94.50.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-macros-4.4.155-94.50.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-source-4.4.155-94.50.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-syms-4.4.155-94.50.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-syms-4.4.155-94.50.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-syms-4.4.155-94.50.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-syms-4.4.155-94.50.1.x86_64", "SUSE Linux Enterprise Software Development Kit 12 SP3:kernel-docs-4.4.155-94.50.1.noarch", "SUSE Linux Enterprise Software Development Kit 12 SP3:kernel-obs-build-4.4.155-94.50.1.aarch64", "SUSE Linux Enterprise Software Development Kit 12 SP3:kernel-obs-build-4.4.155-94.50.1.ppc64le", "SUSE Linux Enterprise Software Development Kit 12 SP3:kernel-obs-build-4.4.155-94.50.1.s390x", "SUSE Linux Enterprise Software Development Kit 12 SP3:kernel-obs-build-4.4.155-94.50.1.x86_64", "SUSE Linux Enterprise Workstation Extension 12 SP3:kernel-default-extra-4.4.155-94.50.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2018-09-20T16:27:28Z", details: "important", }, ], title: "CVE-2018-10938", }, { cve: "CVE-2018-1128", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2018-1128", }, ], notes: [ { category: "general", text: "It was found that cephx authentication protocol did not verify ceph clients correctly and was vulnerable to replay attack. Any attacker having access to ceph cluster network who is able to sniff packets on network can use this vulnerability to authenticate with ceph service and perform actions allowed by ceph service. Ceph branches master, mimic, luminous and jewel are believed to be vulnerable.", title: "CVE description", }, ], product_status: { recommended: [ "SUSE Linux Enterprise Desktop 12 SP3:kernel-default-4.4.155-94.50.1.x86_64", "SUSE Linux Enterprise Desktop 12 SP3:kernel-default-devel-4.4.155-94.50.1.x86_64", "SUSE Linux Enterprise Desktop 12 SP3:kernel-default-extra-4.4.155-94.50.1.x86_64", "SUSE Linux Enterprise Desktop 12 SP3:kernel-devel-4.4.155-94.50.1.noarch", "SUSE Linux Enterprise Desktop 12 SP3:kernel-macros-4.4.155-94.50.1.noarch", "SUSE Linux Enterprise Desktop 12 SP3:kernel-source-4.4.155-94.50.1.noarch", "SUSE Linux Enterprise Desktop 12 SP3:kernel-syms-4.4.155-94.50.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP3:cluster-md-kmp-default-4.4.155-94.50.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP3:cluster-md-kmp-default-4.4.155-94.50.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP3:cluster-md-kmp-default-4.4.155-94.50.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP3:dlm-kmp-default-4.4.155-94.50.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP3:dlm-kmp-default-4.4.155-94.50.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP3:dlm-kmp-default-4.4.155-94.50.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP3:gfs2-kmp-default-4.4.155-94.50.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP3:gfs2-kmp-default-4.4.155-94.50.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP3:gfs2-kmp-default-4.4.155-94.50.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP3:ocfs2-kmp-default-4.4.155-94.50.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP3:ocfs2-kmp-default-4.4.155-94.50.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP3:ocfs2-kmp-default-4.4.155-94.50.1.x86_64", "SUSE Linux Enterprise Server 12 SP3:kernel-default-4.4.155-94.50.1.aarch64", "SUSE Linux Enterprise Server 12 SP3:kernel-default-4.4.155-94.50.1.ppc64le", "SUSE Linux Enterprise Server 12 SP3:kernel-default-4.4.155-94.50.1.s390x", "SUSE Linux Enterprise Server 12 SP3:kernel-default-4.4.155-94.50.1.x86_64", "SUSE Linux Enterprise Server 12 SP3:kernel-default-base-4.4.155-94.50.1.aarch64", "SUSE Linux Enterprise Server 12 SP3:kernel-default-base-4.4.155-94.50.1.ppc64le", "SUSE Linux Enterprise Server 12 SP3:kernel-default-base-4.4.155-94.50.1.s390x", "SUSE Linux Enterprise Server 12 SP3:kernel-default-base-4.4.155-94.50.1.x86_64", "SUSE Linux Enterprise Server 12 SP3:kernel-default-devel-4.4.155-94.50.1.aarch64", "SUSE Linux Enterprise Server 12 SP3:kernel-default-devel-4.4.155-94.50.1.ppc64le", "SUSE Linux Enterprise Server 12 SP3:kernel-default-devel-4.4.155-94.50.1.s390x", "SUSE Linux Enterprise Server 12 SP3:kernel-default-devel-4.4.155-94.50.1.x86_64", "SUSE Linux Enterprise Server 12 SP3:kernel-default-man-4.4.155-94.50.1.s390x", "SUSE Linux Enterprise Server 12 SP3:kernel-devel-4.4.155-94.50.1.noarch", "SUSE Linux Enterprise Server 12 SP3:kernel-macros-4.4.155-94.50.1.noarch", "SUSE Linux Enterprise Server 12 SP3:kernel-source-4.4.155-94.50.1.noarch", "SUSE Linux Enterprise Server 12 SP3:kernel-syms-4.4.155-94.50.1.aarch64", "SUSE Linux Enterprise Server 12 SP3:kernel-syms-4.4.155-94.50.1.ppc64le", "SUSE Linux Enterprise Server 12 SP3:kernel-syms-4.4.155-94.50.1.s390x", "SUSE Linux Enterprise Server 12 SP3:kernel-syms-4.4.155-94.50.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-4.4.155-94.50.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-4.4.155-94.50.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-4.4.155-94.50.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-4.4.155-94.50.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-base-4.4.155-94.50.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-base-4.4.155-94.50.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-base-4.4.155-94.50.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-base-4.4.155-94.50.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-devel-4.4.155-94.50.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-devel-4.4.155-94.50.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-devel-4.4.155-94.50.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-devel-4.4.155-94.50.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-man-4.4.155-94.50.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-devel-4.4.155-94.50.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-macros-4.4.155-94.50.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-source-4.4.155-94.50.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-syms-4.4.155-94.50.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-syms-4.4.155-94.50.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-syms-4.4.155-94.50.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-syms-4.4.155-94.50.1.x86_64", "SUSE Linux Enterprise Software Development Kit 12 SP3:kernel-docs-4.4.155-94.50.1.noarch", "SUSE Linux Enterprise Software Development Kit 12 SP3:kernel-obs-build-4.4.155-94.50.1.aarch64", "SUSE Linux Enterprise Software Development Kit 12 SP3:kernel-obs-build-4.4.155-94.50.1.ppc64le", "SUSE Linux Enterprise Software Development Kit 12 SP3:kernel-obs-build-4.4.155-94.50.1.s390x", "SUSE Linux Enterprise Software Development Kit 12 SP3:kernel-obs-build-4.4.155-94.50.1.x86_64", "SUSE Linux Enterprise Workstation Extension 12 SP3:kernel-default-extra-4.4.155-94.50.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2018-1128", url: "https://www.suse.com/security/cve/CVE-2018-1128", }, { category: "external", summary: "SUSE Bug 1096748 for CVE-2018-1128", url: "https://bugzilla.suse.com/1096748", }, { category: "external", summary: "SUSE Bug 1114710 for CVE-2018-1128", url: "https://bugzilla.suse.com/1114710", }, { category: "external", summary: "SUSE Bug 1177843 for CVE-2018-1128", url: "https://bugzilla.suse.com/1177843", }, { category: "external", summary: "SUSE Bug 1177859 for CVE-2018-1128", url: "https://bugzilla.suse.com/1177859", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE Linux Enterprise Desktop 12 SP3:kernel-default-4.4.155-94.50.1.x86_64", "SUSE Linux Enterprise Desktop 12 SP3:kernel-default-devel-4.4.155-94.50.1.x86_64", "SUSE Linux Enterprise Desktop 12 SP3:kernel-default-extra-4.4.155-94.50.1.x86_64", "SUSE Linux Enterprise Desktop 12 SP3:kernel-devel-4.4.155-94.50.1.noarch", "SUSE Linux Enterprise Desktop 12 SP3:kernel-macros-4.4.155-94.50.1.noarch", "SUSE Linux Enterprise Desktop 12 SP3:kernel-source-4.4.155-94.50.1.noarch", "SUSE Linux Enterprise Desktop 12 SP3:kernel-syms-4.4.155-94.50.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP3:cluster-md-kmp-default-4.4.155-94.50.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP3:cluster-md-kmp-default-4.4.155-94.50.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP3:cluster-md-kmp-default-4.4.155-94.50.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP3:dlm-kmp-default-4.4.155-94.50.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP3:dlm-kmp-default-4.4.155-94.50.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP3:dlm-kmp-default-4.4.155-94.50.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP3:gfs2-kmp-default-4.4.155-94.50.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP3:gfs2-kmp-default-4.4.155-94.50.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP3:gfs2-kmp-default-4.4.155-94.50.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP3:ocfs2-kmp-default-4.4.155-94.50.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP3:ocfs2-kmp-default-4.4.155-94.50.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP3:ocfs2-kmp-default-4.4.155-94.50.1.x86_64", "SUSE Linux Enterprise Server 12 SP3:kernel-default-4.4.155-94.50.1.aarch64", "SUSE Linux Enterprise Server 12 SP3:kernel-default-4.4.155-94.50.1.ppc64le", "SUSE Linux Enterprise Server 12 SP3:kernel-default-4.4.155-94.50.1.s390x", "SUSE Linux Enterprise Server 12 SP3:kernel-default-4.4.155-94.50.1.x86_64", "SUSE Linux Enterprise Server 12 SP3:kernel-default-base-4.4.155-94.50.1.aarch64", "SUSE Linux Enterprise Server 12 SP3:kernel-default-base-4.4.155-94.50.1.ppc64le", "SUSE Linux Enterprise Server 12 SP3:kernel-default-base-4.4.155-94.50.1.s390x", "SUSE Linux Enterprise Server 12 SP3:kernel-default-base-4.4.155-94.50.1.x86_64", "SUSE Linux Enterprise Server 12 SP3:kernel-default-devel-4.4.155-94.50.1.aarch64", "SUSE Linux Enterprise Server 12 SP3:kernel-default-devel-4.4.155-94.50.1.ppc64le", "SUSE Linux Enterprise Server 12 SP3:kernel-default-devel-4.4.155-94.50.1.s390x", "SUSE Linux Enterprise Server 12 SP3:kernel-default-devel-4.4.155-94.50.1.x86_64", "SUSE Linux Enterprise Server 12 SP3:kernel-default-man-4.4.155-94.50.1.s390x", "SUSE Linux Enterprise Server 12 SP3:kernel-devel-4.4.155-94.50.1.noarch", "SUSE Linux Enterprise Server 12 SP3:kernel-macros-4.4.155-94.50.1.noarch", "SUSE Linux Enterprise Server 12 SP3:kernel-source-4.4.155-94.50.1.noarch", "SUSE Linux Enterprise Server 12 SP3:kernel-syms-4.4.155-94.50.1.aarch64", "SUSE Linux Enterprise Server 12 SP3:kernel-syms-4.4.155-94.50.1.ppc64le", "SUSE Linux Enterprise Server 12 SP3:kernel-syms-4.4.155-94.50.1.s390x", "SUSE Linux Enterprise Server 12 SP3:kernel-syms-4.4.155-94.50.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-4.4.155-94.50.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-4.4.155-94.50.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-4.4.155-94.50.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-4.4.155-94.50.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-base-4.4.155-94.50.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-base-4.4.155-94.50.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-base-4.4.155-94.50.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-base-4.4.155-94.50.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-devel-4.4.155-94.50.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-devel-4.4.155-94.50.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-devel-4.4.155-94.50.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-devel-4.4.155-94.50.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-man-4.4.155-94.50.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-devel-4.4.155-94.50.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-macros-4.4.155-94.50.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-source-4.4.155-94.50.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-syms-4.4.155-94.50.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-syms-4.4.155-94.50.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-syms-4.4.155-94.50.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-syms-4.4.155-94.50.1.x86_64", "SUSE Linux Enterprise Software Development Kit 12 SP3:kernel-docs-4.4.155-94.50.1.noarch", "SUSE Linux Enterprise Software Development Kit 12 SP3:kernel-obs-build-4.4.155-94.50.1.aarch64", "SUSE Linux Enterprise Software Development Kit 12 SP3:kernel-obs-build-4.4.155-94.50.1.ppc64le", "SUSE Linux Enterprise Software Development Kit 12 SP3:kernel-obs-build-4.4.155-94.50.1.s390x", "SUSE Linux Enterprise Software Development Kit 12 SP3:kernel-obs-build-4.4.155-94.50.1.x86_64", "SUSE Linux Enterprise Workstation Extension 12 SP3:kernel-default-extra-4.4.155-94.50.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 8.3, baseSeverity: "HIGH", vectorString: "CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:L", version: "3.0", }, products: [ "SUSE Linux Enterprise Desktop 12 SP3:kernel-default-4.4.155-94.50.1.x86_64", "SUSE Linux Enterprise Desktop 12 SP3:kernel-default-devel-4.4.155-94.50.1.x86_64", "SUSE Linux Enterprise Desktop 12 SP3:kernel-default-extra-4.4.155-94.50.1.x86_64", "SUSE Linux Enterprise Desktop 12 SP3:kernel-devel-4.4.155-94.50.1.noarch", "SUSE Linux Enterprise Desktop 12 SP3:kernel-macros-4.4.155-94.50.1.noarch", "SUSE Linux Enterprise Desktop 12 SP3:kernel-source-4.4.155-94.50.1.noarch", "SUSE Linux Enterprise Desktop 12 SP3:kernel-syms-4.4.155-94.50.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP3:cluster-md-kmp-default-4.4.155-94.50.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP3:cluster-md-kmp-default-4.4.155-94.50.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP3:cluster-md-kmp-default-4.4.155-94.50.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP3:dlm-kmp-default-4.4.155-94.50.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP3:dlm-kmp-default-4.4.155-94.50.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP3:dlm-kmp-default-4.4.155-94.50.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP3:gfs2-kmp-default-4.4.155-94.50.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP3:gfs2-kmp-default-4.4.155-94.50.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP3:gfs2-kmp-default-4.4.155-94.50.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP3:ocfs2-kmp-default-4.4.155-94.50.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP3:ocfs2-kmp-default-4.4.155-94.50.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP3:ocfs2-kmp-default-4.4.155-94.50.1.x86_64", "SUSE Linux Enterprise Server 12 SP3:kernel-default-4.4.155-94.50.1.aarch64", "SUSE Linux Enterprise Server 12 SP3:kernel-default-4.4.155-94.50.1.ppc64le", "SUSE Linux Enterprise Server 12 SP3:kernel-default-4.4.155-94.50.1.s390x", "SUSE Linux Enterprise Server 12 SP3:kernel-default-4.4.155-94.50.1.x86_64", "SUSE Linux Enterprise Server 12 SP3:kernel-default-base-4.4.155-94.50.1.aarch64", "SUSE Linux Enterprise Server 12 SP3:kernel-default-base-4.4.155-94.50.1.ppc64le", "SUSE Linux Enterprise Server 12 SP3:kernel-default-base-4.4.155-94.50.1.s390x", "SUSE Linux Enterprise Server 12 SP3:kernel-default-base-4.4.155-94.50.1.x86_64", "SUSE Linux Enterprise Server 12 SP3:kernel-default-devel-4.4.155-94.50.1.aarch64", "SUSE Linux Enterprise Server 12 SP3:kernel-default-devel-4.4.155-94.50.1.ppc64le", "SUSE Linux Enterprise Server 12 SP3:kernel-default-devel-4.4.155-94.50.1.s390x", "SUSE Linux Enterprise Server 12 SP3:kernel-default-devel-4.4.155-94.50.1.x86_64", "SUSE Linux Enterprise Server 12 SP3:kernel-default-man-4.4.155-94.50.1.s390x", "SUSE Linux Enterprise Server 12 SP3:kernel-devel-4.4.155-94.50.1.noarch", "SUSE Linux Enterprise Server 12 SP3:kernel-macros-4.4.155-94.50.1.noarch", "SUSE Linux Enterprise Server 12 SP3:kernel-source-4.4.155-94.50.1.noarch", "SUSE Linux Enterprise Server 12 SP3:kernel-syms-4.4.155-94.50.1.aarch64", "SUSE Linux Enterprise Server 12 SP3:kernel-syms-4.4.155-94.50.1.ppc64le", "SUSE Linux Enterprise Server 12 SP3:kernel-syms-4.4.155-94.50.1.s390x", "SUSE Linux Enterprise Server 12 SP3:kernel-syms-4.4.155-94.50.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-4.4.155-94.50.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-4.4.155-94.50.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-4.4.155-94.50.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-4.4.155-94.50.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-base-4.4.155-94.50.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-base-4.4.155-94.50.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-base-4.4.155-94.50.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-base-4.4.155-94.50.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-devel-4.4.155-94.50.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-devel-4.4.155-94.50.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-devel-4.4.155-94.50.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-devel-4.4.155-94.50.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-man-4.4.155-94.50.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-devel-4.4.155-94.50.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-macros-4.4.155-94.50.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-source-4.4.155-94.50.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-syms-4.4.155-94.50.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-syms-4.4.155-94.50.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-syms-4.4.155-94.50.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-syms-4.4.155-94.50.1.x86_64", "SUSE Linux Enterprise Software Development Kit 12 SP3:kernel-docs-4.4.155-94.50.1.noarch", "SUSE Linux Enterprise Software Development Kit 12 SP3:kernel-obs-build-4.4.155-94.50.1.aarch64", "SUSE Linux Enterprise Software Development Kit 12 SP3:kernel-obs-build-4.4.155-94.50.1.ppc64le", "SUSE Linux Enterprise Software Development Kit 12 SP3:kernel-obs-build-4.4.155-94.50.1.s390x", "SUSE Linux Enterprise Software Development Kit 12 SP3:kernel-obs-build-4.4.155-94.50.1.x86_64", "SUSE Linux Enterprise Workstation Extension 12 SP3:kernel-default-extra-4.4.155-94.50.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2018-09-20T16:27:28Z", details: "important", }, ], title: "CVE-2018-1128", }, { cve: "CVE-2018-1129", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2018-1129", }, ], notes: [ { category: "general", text: "A flaw was found in the way signature calculation was handled by cephx authentication protocol. An attacker having access to ceph cluster network who is able to alter the message payload was able to bypass signature checks done by cephx protocol. Ceph branches master, mimic, luminous and jewel are believed to be vulnerable.", title: "CVE description", }, ], product_status: { recommended: [ "SUSE Linux Enterprise Desktop 12 SP3:kernel-default-4.4.155-94.50.1.x86_64", "SUSE Linux Enterprise Desktop 12 SP3:kernel-default-devel-4.4.155-94.50.1.x86_64", "SUSE Linux Enterprise Desktop 12 SP3:kernel-default-extra-4.4.155-94.50.1.x86_64", "SUSE Linux Enterprise Desktop 12 SP3:kernel-devel-4.4.155-94.50.1.noarch", "SUSE Linux Enterprise Desktop 12 SP3:kernel-macros-4.4.155-94.50.1.noarch", "SUSE Linux Enterprise Desktop 12 SP3:kernel-source-4.4.155-94.50.1.noarch", "SUSE Linux Enterprise Desktop 12 SP3:kernel-syms-4.4.155-94.50.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP3:cluster-md-kmp-default-4.4.155-94.50.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP3:cluster-md-kmp-default-4.4.155-94.50.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP3:cluster-md-kmp-default-4.4.155-94.50.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP3:dlm-kmp-default-4.4.155-94.50.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP3:dlm-kmp-default-4.4.155-94.50.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP3:dlm-kmp-default-4.4.155-94.50.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP3:gfs2-kmp-default-4.4.155-94.50.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP3:gfs2-kmp-default-4.4.155-94.50.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP3:gfs2-kmp-default-4.4.155-94.50.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP3:ocfs2-kmp-default-4.4.155-94.50.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP3:ocfs2-kmp-default-4.4.155-94.50.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP3:ocfs2-kmp-default-4.4.155-94.50.1.x86_64", "SUSE Linux Enterprise Server 12 SP3:kernel-default-4.4.155-94.50.1.aarch64", "SUSE Linux Enterprise Server 12 SP3:kernel-default-4.4.155-94.50.1.ppc64le", "SUSE Linux Enterprise Server 12 SP3:kernel-default-4.4.155-94.50.1.s390x", "SUSE Linux Enterprise Server 12 SP3:kernel-default-4.4.155-94.50.1.x86_64", "SUSE Linux Enterprise Server 12 SP3:kernel-default-base-4.4.155-94.50.1.aarch64", "SUSE Linux Enterprise Server 12 SP3:kernel-default-base-4.4.155-94.50.1.ppc64le", "SUSE Linux Enterprise Server 12 SP3:kernel-default-base-4.4.155-94.50.1.s390x", "SUSE Linux Enterprise Server 12 SP3:kernel-default-base-4.4.155-94.50.1.x86_64", "SUSE Linux Enterprise Server 12 SP3:kernel-default-devel-4.4.155-94.50.1.aarch64", "SUSE Linux Enterprise Server 12 SP3:kernel-default-devel-4.4.155-94.50.1.ppc64le", "SUSE Linux Enterprise Server 12 SP3:kernel-default-devel-4.4.155-94.50.1.s390x", "SUSE Linux Enterprise Server 12 SP3:kernel-default-devel-4.4.155-94.50.1.x86_64", "SUSE Linux Enterprise Server 12 SP3:kernel-default-man-4.4.155-94.50.1.s390x", "SUSE Linux Enterprise Server 12 SP3:kernel-devel-4.4.155-94.50.1.noarch", "SUSE Linux Enterprise Server 12 SP3:kernel-macros-4.4.155-94.50.1.noarch", "SUSE Linux Enterprise Server 12 SP3:kernel-source-4.4.155-94.50.1.noarch", "SUSE Linux Enterprise Server 12 SP3:kernel-syms-4.4.155-94.50.1.aarch64", "SUSE Linux Enterprise Server 12 SP3:kernel-syms-4.4.155-94.50.1.ppc64le", "SUSE Linux Enterprise Server 12 SP3:kernel-syms-4.4.155-94.50.1.s390x", "SUSE Linux Enterprise Server 12 SP3:kernel-syms-4.4.155-94.50.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-4.4.155-94.50.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-4.4.155-94.50.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-4.4.155-94.50.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-4.4.155-94.50.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-base-4.4.155-94.50.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-base-4.4.155-94.50.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-base-4.4.155-94.50.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-base-4.4.155-94.50.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-devel-4.4.155-94.50.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-devel-4.4.155-94.50.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-devel-4.4.155-94.50.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-devel-4.4.155-94.50.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-man-4.4.155-94.50.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-devel-4.4.155-94.50.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-macros-4.4.155-94.50.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-source-4.4.155-94.50.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-syms-4.4.155-94.50.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-syms-4.4.155-94.50.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-syms-4.4.155-94.50.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-syms-4.4.155-94.50.1.x86_64", "SUSE Linux Enterprise Software Development Kit 12 SP3:kernel-docs-4.4.155-94.50.1.noarch", "SUSE Linux Enterprise Software Development Kit 12 SP3:kernel-obs-build-4.4.155-94.50.1.aarch64", "SUSE Linux Enterprise Software Development Kit 12 SP3:kernel-obs-build-4.4.155-94.50.1.ppc64le", "SUSE Linux Enterprise Software Development Kit 12 SP3:kernel-obs-build-4.4.155-94.50.1.s390x", "SUSE Linux Enterprise Software Development Kit 12 SP3:kernel-obs-build-4.4.155-94.50.1.x86_64", "SUSE Linux Enterprise Workstation Extension 12 SP3:kernel-default-extra-4.4.155-94.50.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2018-1129", url: "https://www.suse.com/security/cve/CVE-2018-1129", }, { category: "external", summary: "SUSE Bug 1096748 for CVE-2018-1129", url: "https://bugzilla.suse.com/1096748", }, { category: "external", summary: "SUSE Bug 1114710 for CVE-2018-1129", url: "https://bugzilla.suse.com/1114710", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE Linux Enterprise Desktop 12 SP3:kernel-default-4.4.155-94.50.1.x86_64", "SUSE Linux Enterprise Desktop 12 SP3:kernel-default-devel-4.4.155-94.50.1.x86_64", "SUSE Linux Enterprise Desktop 12 SP3:kernel-default-extra-4.4.155-94.50.1.x86_64", "SUSE Linux Enterprise Desktop 12 SP3:kernel-devel-4.4.155-94.50.1.noarch", "SUSE Linux Enterprise Desktop 12 SP3:kernel-macros-4.4.155-94.50.1.noarch", "SUSE Linux Enterprise Desktop 12 SP3:kernel-source-4.4.155-94.50.1.noarch", "SUSE Linux Enterprise Desktop 12 SP3:kernel-syms-4.4.155-94.50.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP3:cluster-md-kmp-default-4.4.155-94.50.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP3:cluster-md-kmp-default-4.4.155-94.50.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP3:cluster-md-kmp-default-4.4.155-94.50.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP3:dlm-kmp-default-4.4.155-94.50.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP3:dlm-kmp-default-4.4.155-94.50.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP3:dlm-kmp-default-4.4.155-94.50.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP3:gfs2-kmp-default-4.4.155-94.50.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP3:gfs2-kmp-default-4.4.155-94.50.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP3:gfs2-kmp-default-4.4.155-94.50.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP3:ocfs2-kmp-default-4.4.155-94.50.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP3:ocfs2-kmp-default-4.4.155-94.50.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP3:ocfs2-kmp-default-4.4.155-94.50.1.x86_64", "SUSE Linux Enterprise Server 12 SP3:kernel-default-4.4.155-94.50.1.aarch64", "SUSE Linux Enterprise Server 12 SP3:kernel-default-4.4.155-94.50.1.ppc64le", "SUSE Linux Enterprise Server 12 SP3:kernel-default-4.4.155-94.50.1.s390x", "SUSE Linux Enterprise Server 12 SP3:kernel-default-4.4.155-94.50.1.x86_64", "SUSE Linux Enterprise Server 12 SP3:kernel-default-base-4.4.155-94.50.1.aarch64", "SUSE Linux Enterprise Server 12 SP3:kernel-default-base-4.4.155-94.50.1.ppc64le", "SUSE Linux Enterprise Server 12 SP3:kernel-default-base-4.4.155-94.50.1.s390x", "SUSE Linux Enterprise Server 12 SP3:kernel-default-base-4.4.155-94.50.1.x86_64", "SUSE Linux Enterprise Server 12 SP3:kernel-default-devel-4.4.155-94.50.1.aarch64", "SUSE Linux Enterprise Server 12 SP3:kernel-default-devel-4.4.155-94.50.1.ppc64le", "SUSE Linux Enterprise Server 12 SP3:kernel-default-devel-4.4.155-94.50.1.s390x", "SUSE Linux Enterprise Server 12 SP3:kernel-default-devel-4.4.155-94.50.1.x86_64", "SUSE Linux Enterprise Server 12 SP3:kernel-default-man-4.4.155-94.50.1.s390x", "SUSE Linux Enterprise Server 12 SP3:kernel-devel-4.4.155-94.50.1.noarch", "SUSE Linux Enterprise Server 12 SP3:kernel-macros-4.4.155-94.50.1.noarch", "SUSE Linux Enterprise Server 12 SP3:kernel-source-4.4.155-94.50.1.noarch", "SUSE Linux Enterprise Server 12 SP3:kernel-syms-4.4.155-94.50.1.aarch64", "SUSE Linux Enterprise Server 12 SP3:kernel-syms-4.4.155-94.50.1.ppc64le", "SUSE Linux Enterprise Server 12 SP3:kernel-syms-4.4.155-94.50.1.s390x", "SUSE Linux Enterprise Server 12 SP3:kernel-syms-4.4.155-94.50.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-4.4.155-94.50.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-4.4.155-94.50.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-4.4.155-94.50.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-4.4.155-94.50.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-base-4.4.155-94.50.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-base-4.4.155-94.50.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-base-4.4.155-94.50.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-base-4.4.155-94.50.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-devel-4.4.155-94.50.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-devel-4.4.155-94.50.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-devel-4.4.155-94.50.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-devel-4.4.155-94.50.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-man-4.4.155-94.50.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-devel-4.4.155-94.50.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-macros-4.4.155-94.50.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-source-4.4.155-94.50.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-syms-4.4.155-94.50.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-syms-4.4.155-94.50.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-syms-4.4.155-94.50.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-syms-4.4.155-94.50.1.x86_64", "SUSE Linux Enterprise Software Development Kit 12 SP3:kernel-docs-4.4.155-94.50.1.noarch", "SUSE Linux Enterprise Software Development Kit 12 SP3:kernel-obs-build-4.4.155-94.50.1.aarch64", "SUSE Linux Enterprise Software Development Kit 12 SP3:kernel-obs-build-4.4.155-94.50.1.ppc64le", "SUSE Linux Enterprise Software Development Kit 12 SP3:kernel-obs-build-4.4.155-94.50.1.s390x", "SUSE Linux Enterprise Software Development Kit 12 SP3:kernel-obs-build-4.4.155-94.50.1.x86_64", "SUSE Linux Enterprise Workstation Extension 12 SP3:kernel-default-extra-4.4.155-94.50.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 8.1, baseSeverity: "HIGH", vectorString: "CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N", version: "3.0", }, products: [ "SUSE Linux Enterprise Desktop 12 SP3:kernel-default-4.4.155-94.50.1.x86_64", "SUSE Linux Enterprise Desktop 12 SP3:kernel-default-devel-4.4.155-94.50.1.x86_64", "SUSE Linux Enterprise Desktop 12 SP3:kernel-default-extra-4.4.155-94.50.1.x86_64", "SUSE Linux Enterprise Desktop 12 SP3:kernel-devel-4.4.155-94.50.1.noarch", "SUSE Linux Enterprise Desktop 12 SP3:kernel-macros-4.4.155-94.50.1.noarch", "SUSE Linux Enterprise Desktop 12 SP3:kernel-source-4.4.155-94.50.1.noarch", "SUSE Linux Enterprise Desktop 12 SP3:kernel-syms-4.4.155-94.50.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP3:cluster-md-kmp-default-4.4.155-94.50.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP3:cluster-md-kmp-default-4.4.155-94.50.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP3:cluster-md-kmp-default-4.4.155-94.50.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP3:dlm-kmp-default-4.4.155-94.50.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP3:dlm-kmp-default-4.4.155-94.50.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP3:dlm-kmp-default-4.4.155-94.50.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP3:gfs2-kmp-default-4.4.155-94.50.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP3:gfs2-kmp-default-4.4.155-94.50.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP3:gfs2-kmp-default-4.4.155-94.50.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP3:ocfs2-kmp-default-4.4.155-94.50.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP3:ocfs2-kmp-default-4.4.155-94.50.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP3:ocfs2-kmp-default-4.4.155-94.50.1.x86_64", "SUSE Linux Enterprise Server 12 SP3:kernel-default-4.4.155-94.50.1.aarch64", "SUSE Linux Enterprise Server 12 SP3:kernel-default-4.4.155-94.50.1.ppc64le", "SUSE Linux Enterprise Server 12 SP3:kernel-default-4.4.155-94.50.1.s390x", "SUSE Linux Enterprise Server 12 SP3:kernel-default-4.4.155-94.50.1.x86_64", "SUSE Linux Enterprise Server 12 SP3:kernel-default-base-4.4.155-94.50.1.aarch64", "SUSE Linux Enterprise Server 12 SP3:kernel-default-base-4.4.155-94.50.1.ppc64le", "SUSE Linux Enterprise Server 12 SP3:kernel-default-base-4.4.155-94.50.1.s390x", "SUSE Linux Enterprise Server 12 SP3:kernel-default-base-4.4.155-94.50.1.x86_64", "SUSE Linux Enterprise Server 12 SP3:kernel-default-devel-4.4.155-94.50.1.aarch64", "SUSE Linux Enterprise Server 12 SP3:kernel-default-devel-4.4.155-94.50.1.ppc64le", "SUSE Linux Enterprise Server 12 SP3:kernel-default-devel-4.4.155-94.50.1.s390x", "SUSE Linux Enterprise Server 12 SP3:kernel-default-devel-4.4.155-94.50.1.x86_64", "SUSE Linux Enterprise Server 12 SP3:kernel-default-man-4.4.155-94.50.1.s390x", "SUSE Linux Enterprise Server 12 SP3:kernel-devel-4.4.155-94.50.1.noarch", "SUSE Linux Enterprise Server 12 SP3:kernel-macros-4.4.155-94.50.1.noarch", "SUSE Linux Enterprise Server 12 SP3:kernel-source-4.4.155-94.50.1.noarch", "SUSE Linux Enterprise Server 12 SP3:kernel-syms-4.4.155-94.50.1.aarch64", "SUSE Linux Enterprise Server 12 SP3:kernel-syms-4.4.155-94.50.1.ppc64le", "SUSE Linux Enterprise Server 12 SP3:kernel-syms-4.4.155-94.50.1.s390x", "SUSE Linux Enterprise Server 12 SP3:kernel-syms-4.4.155-94.50.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-4.4.155-94.50.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-4.4.155-94.50.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-4.4.155-94.50.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-4.4.155-94.50.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-base-4.4.155-94.50.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-base-4.4.155-94.50.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-base-4.4.155-94.50.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-base-4.4.155-94.50.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-devel-4.4.155-94.50.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-devel-4.4.155-94.50.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-devel-4.4.155-94.50.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-devel-4.4.155-94.50.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-man-4.4.155-94.50.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-devel-4.4.155-94.50.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-macros-4.4.155-94.50.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-source-4.4.155-94.50.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-syms-4.4.155-94.50.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-syms-4.4.155-94.50.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-syms-4.4.155-94.50.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-syms-4.4.155-94.50.1.x86_64", "SUSE Linux Enterprise Software Development Kit 12 SP3:kernel-docs-4.4.155-94.50.1.noarch", "SUSE Linux Enterprise Software Development Kit 12 SP3:kernel-obs-build-4.4.155-94.50.1.aarch64", "SUSE Linux Enterprise Software Development Kit 12 SP3:kernel-obs-build-4.4.155-94.50.1.ppc64le", "SUSE Linux Enterprise Software Development Kit 12 SP3:kernel-obs-build-4.4.155-94.50.1.s390x", "SUSE Linux Enterprise Software Development Kit 12 SP3:kernel-obs-build-4.4.155-94.50.1.x86_64", "SUSE Linux Enterprise Workstation Extension 12 SP3:kernel-default-extra-4.4.155-94.50.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2018-09-20T16:27:28Z", details: "important", }, ], title: "CVE-2018-1129", }, { cve: "CVE-2018-12896", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2018-12896", }, ], notes: [ { category: "general", text: "An issue was discovered in the Linux kernel through 4.17.3. An Integer Overflow in kernel/time/posix-timers.c in the POSIX timer code is caused by the way the overrun accounting works. Depending on interval and expiry time values, the overrun can be larger than INT_MAX, but the accounting is int based. This basically makes the accounting values, which are visible to user space via timer_getoverrun(2) and siginfo::si_overrun, random. For example, a local user can cause a denial of service (signed integer overflow) via crafted mmap, futex, timer_create, and timer_settime system calls.", title: "CVE description", }, ], product_status: { recommended: [ "SUSE Linux Enterprise Desktop 12 SP3:kernel-default-4.4.155-94.50.1.x86_64", "SUSE Linux Enterprise Desktop 12 SP3:kernel-default-devel-4.4.155-94.50.1.x86_64", "SUSE Linux Enterprise Desktop 12 SP3:kernel-default-extra-4.4.155-94.50.1.x86_64", "SUSE Linux Enterprise Desktop 12 SP3:kernel-devel-4.4.155-94.50.1.noarch", "SUSE Linux Enterprise Desktop 12 SP3:kernel-macros-4.4.155-94.50.1.noarch", "SUSE Linux Enterprise Desktop 12 SP3:kernel-source-4.4.155-94.50.1.noarch", "SUSE Linux Enterprise Desktop 12 SP3:kernel-syms-4.4.155-94.50.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP3:cluster-md-kmp-default-4.4.155-94.50.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP3:cluster-md-kmp-default-4.4.155-94.50.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP3:cluster-md-kmp-default-4.4.155-94.50.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP3:dlm-kmp-default-4.4.155-94.50.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP3:dlm-kmp-default-4.4.155-94.50.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP3:dlm-kmp-default-4.4.155-94.50.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP3:gfs2-kmp-default-4.4.155-94.50.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP3:gfs2-kmp-default-4.4.155-94.50.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP3:gfs2-kmp-default-4.4.155-94.50.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP3:ocfs2-kmp-default-4.4.155-94.50.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP3:ocfs2-kmp-default-4.4.155-94.50.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP3:ocfs2-kmp-default-4.4.155-94.50.1.x86_64", "SUSE Linux Enterprise Server 12 SP3:kernel-default-4.4.155-94.50.1.aarch64", "SUSE Linux Enterprise Server 12 SP3:kernel-default-4.4.155-94.50.1.ppc64le", "SUSE Linux Enterprise Server 12 SP3:kernel-default-4.4.155-94.50.1.s390x", "SUSE Linux Enterprise Server 12 SP3:kernel-default-4.4.155-94.50.1.x86_64", "SUSE Linux Enterprise Server 12 SP3:kernel-default-base-4.4.155-94.50.1.aarch64", "SUSE Linux Enterprise Server 12 SP3:kernel-default-base-4.4.155-94.50.1.ppc64le", "SUSE Linux Enterprise Server 12 SP3:kernel-default-base-4.4.155-94.50.1.s390x", "SUSE Linux Enterprise Server 12 SP3:kernel-default-base-4.4.155-94.50.1.x86_64", "SUSE Linux Enterprise Server 12 SP3:kernel-default-devel-4.4.155-94.50.1.aarch64", "SUSE Linux Enterprise Server 12 SP3:kernel-default-devel-4.4.155-94.50.1.ppc64le", "SUSE Linux Enterprise Server 12 SP3:kernel-default-devel-4.4.155-94.50.1.s390x", "SUSE Linux Enterprise Server 12 SP3:kernel-default-devel-4.4.155-94.50.1.x86_64", "SUSE Linux Enterprise Server 12 SP3:kernel-default-man-4.4.155-94.50.1.s390x", "SUSE Linux Enterprise Server 12 SP3:kernel-devel-4.4.155-94.50.1.noarch", "SUSE Linux Enterprise Server 12 SP3:kernel-macros-4.4.155-94.50.1.noarch", "SUSE Linux Enterprise Server 12 SP3:kernel-source-4.4.155-94.50.1.noarch", "SUSE Linux Enterprise Server 12 SP3:kernel-syms-4.4.155-94.50.1.aarch64", "SUSE Linux Enterprise Server 12 SP3:kernel-syms-4.4.155-94.50.1.ppc64le", "SUSE Linux Enterprise Server 12 SP3:kernel-syms-4.4.155-94.50.1.s390x", "SUSE Linux Enterprise Server 12 SP3:kernel-syms-4.4.155-94.50.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-4.4.155-94.50.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-4.4.155-94.50.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-4.4.155-94.50.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-4.4.155-94.50.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-base-4.4.155-94.50.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-base-4.4.155-94.50.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-base-4.4.155-94.50.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-base-4.4.155-94.50.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-devel-4.4.155-94.50.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-devel-4.4.155-94.50.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-devel-4.4.155-94.50.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-devel-4.4.155-94.50.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-man-4.4.155-94.50.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-devel-4.4.155-94.50.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-macros-4.4.155-94.50.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-source-4.4.155-94.50.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-syms-4.4.155-94.50.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-syms-4.4.155-94.50.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-syms-4.4.155-94.50.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-syms-4.4.155-94.50.1.x86_64", "SUSE Linux Enterprise Software Development Kit 12 SP3:kernel-docs-4.4.155-94.50.1.noarch", "SUSE Linux Enterprise Software Development Kit 12 SP3:kernel-obs-build-4.4.155-94.50.1.aarch64", "SUSE Linux Enterprise Software Development Kit 12 SP3:kernel-obs-build-4.4.155-94.50.1.ppc64le", "SUSE Linux Enterprise Software Development Kit 12 SP3:kernel-obs-build-4.4.155-94.50.1.s390x", "SUSE Linux Enterprise Software Development Kit 12 SP3:kernel-obs-build-4.4.155-94.50.1.x86_64", "SUSE Linux Enterprise Workstation Extension 12 SP3:kernel-default-extra-4.4.155-94.50.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2018-12896", url: "https://www.suse.com/security/cve/CVE-2018-12896", }, { category: "external", summary: "SUSE Bug 1099922 for CVE-2018-12896", url: "https://bugzilla.suse.com/1099922", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE Linux Enterprise Desktop 12 SP3:kernel-default-4.4.155-94.50.1.x86_64", "SUSE Linux Enterprise Desktop 12 SP3:kernel-default-devel-4.4.155-94.50.1.x86_64", "SUSE Linux Enterprise Desktop 12 SP3:kernel-default-extra-4.4.155-94.50.1.x86_64", "SUSE Linux Enterprise Desktop 12 SP3:kernel-devel-4.4.155-94.50.1.noarch", "SUSE Linux Enterprise Desktop 12 SP3:kernel-macros-4.4.155-94.50.1.noarch", "SUSE Linux Enterprise Desktop 12 SP3:kernel-source-4.4.155-94.50.1.noarch", "SUSE Linux Enterprise Desktop 12 SP3:kernel-syms-4.4.155-94.50.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP3:cluster-md-kmp-default-4.4.155-94.50.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP3:cluster-md-kmp-default-4.4.155-94.50.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP3:cluster-md-kmp-default-4.4.155-94.50.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP3:dlm-kmp-default-4.4.155-94.50.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP3:dlm-kmp-default-4.4.155-94.50.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP3:dlm-kmp-default-4.4.155-94.50.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP3:gfs2-kmp-default-4.4.155-94.50.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP3:gfs2-kmp-default-4.4.155-94.50.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP3:gfs2-kmp-default-4.4.155-94.50.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP3:ocfs2-kmp-default-4.4.155-94.50.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP3:ocfs2-kmp-default-4.4.155-94.50.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP3:ocfs2-kmp-default-4.4.155-94.50.1.x86_64", "SUSE Linux Enterprise Server 12 SP3:kernel-default-4.4.155-94.50.1.aarch64", "SUSE Linux Enterprise Server 12 SP3:kernel-default-4.4.155-94.50.1.ppc64le", "SUSE Linux Enterprise Server 12 SP3:kernel-default-4.4.155-94.50.1.s390x", "SUSE Linux Enterprise Server 12 SP3:kernel-default-4.4.155-94.50.1.x86_64", "SUSE Linux Enterprise Server 12 SP3:kernel-default-base-4.4.155-94.50.1.aarch64", "SUSE Linux Enterprise Server 12 SP3:kernel-default-base-4.4.155-94.50.1.ppc64le", "SUSE Linux Enterprise Server 12 SP3:kernel-default-base-4.4.155-94.50.1.s390x", "SUSE Linux Enterprise Server 12 SP3:kernel-default-base-4.4.155-94.50.1.x86_64", "SUSE Linux Enterprise Server 12 SP3:kernel-default-devel-4.4.155-94.50.1.aarch64", "SUSE Linux Enterprise Server 12 SP3:kernel-default-devel-4.4.155-94.50.1.ppc64le", "SUSE Linux Enterprise Server 12 SP3:kernel-default-devel-4.4.155-94.50.1.s390x", "SUSE Linux Enterprise Server 12 SP3:kernel-default-devel-4.4.155-94.50.1.x86_64", "SUSE Linux Enterprise Server 12 SP3:kernel-default-man-4.4.155-94.50.1.s390x", "SUSE Linux Enterprise Server 12 SP3:kernel-devel-4.4.155-94.50.1.noarch", "SUSE Linux Enterprise Server 12 SP3:kernel-macros-4.4.155-94.50.1.noarch", "SUSE Linux Enterprise Server 12 SP3:kernel-source-4.4.155-94.50.1.noarch", "SUSE Linux Enterprise Server 12 SP3:kernel-syms-4.4.155-94.50.1.aarch64", "SUSE Linux Enterprise Server 12 SP3:kernel-syms-4.4.155-94.50.1.ppc64le", "SUSE Linux Enterprise Server 12 SP3:kernel-syms-4.4.155-94.50.1.s390x", "SUSE Linux Enterprise Server 12 SP3:kernel-syms-4.4.155-94.50.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-4.4.155-94.50.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-4.4.155-94.50.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-4.4.155-94.50.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-4.4.155-94.50.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-base-4.4.155-94.50.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-base-4.4.155-94.50.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-base-4.4.155-94.50.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-base-4.4.155-94.50.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-devel-4.4.155-94.50.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-devel-4.4.155-94.50.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-devel-4.4.155-94.50.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-devel-4.4.155-94.50.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-man-4.4.155-94.50.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-devel-4.4.155-94.50.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-macros-4.4.155-94.50.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-source-4.4.155-94.50.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-syms-4.4.155-94.50.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-syms-4.4.155-94.50.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-syms-4.4.155-94.50.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-syms-4.4.155-94.50.1.x86_64", "SUSE Linux Enterprise Software Development Kit 12 SP3:kernel-docs-4.4.155-94.50.1.noarch", "SUSE Linux Enterprise Software Development Kit 12 SP3:kernel-obs-build-4.4.155-94.50.1.aarch64", "SUSE Linux Enterprise Software Development Kit 12 SP3:kernel-obs-build-4.4.155-94.50.1.ppc64le", "SUSE Linux Enterprise Software Development Kit 12 SP3:kernel-obs-build-4.4.155-94.50.1.s390x", "SUSE Linux Enterprise Software Development Kit 12 SP3:kernel-obs-build-4.4.155-94.50.1.x86_64", "SUSE Linux Enterprise Workstation Extension 12 SP3:kernel-default-extra-4.4.155-94.50.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 3.3, baseSeverity: "LOW", vectorString: "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L", version: "3.0", }, products: [ "SUSE Linux Enterprise Desktop 12 SP3:kernel-default-4.4.155-94.50.1.x86_64", "SUSE Linux Enterprise Desktop 12 SP3:kernel-default-devel-4.4.155-94.50.1.x86_64", "SUSE Linux Enterprise Desktop 12 SP3:kernel-default-extra-4.4.155-94.50.1.x86_64", "SUSE Linux Enterprise Desktop 12 SP3:kernel-devel-4.4.155-94.50.1.noarch", "SUSE Linux Enterprise Desktop 12 SP3:kernel-macros-4.4.155-94.50.1.noarch", "SUSE Linux Enterprise Desktop 12 SP3:kernel-source-4.4.155-94.50.1.noarch", "SUSE Linux Enterprise Desktop 12 SP3:kernel-syms-4.4.155-94.50.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP3:cluster-md-kmp-default-4.4.155-94.50.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP3:cluster-md-kmp-default-4.4.155-94.50.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP3:cluster-md-kmp-default-4.4.155-94.50.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP3:dlm-kmp-default-4.4.155-94.50.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP3:dlm-kmp-default-4.4.155-94.50.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP3:dlm-kmp-default-4.4.155-94.50.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP3:gfs2-kmp-default-4.4.155-94.50.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP3:gfs2-kmp-default-4.4.155-94.50.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP3:gfs2-kmp-default-4.4.155-94.50.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP3:ocfs2-kmp-default-4.4.155-94.50.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP3:ocfs2-kmp-default-4.4.155-94.50.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP3:ocfs2-kmp-default-4.4.155-94.50.1.x86_64", "SUSE Linux Enterprise Server 12 SP3:kernel-default-4.4.155-94.50.1.aarch64", "SUSE Linux Enterprise Server 12 SP3:kernel-default-4.4.155-94.50.1.ppc64le", "SUSE Linux Enterprise Server 12 SP3:kernel-default-4.4.155-94.50.1.s390x", "SUSE Linux Enterprise Server 12 SP3:kernel-default-4.4.155-94.50.1.x86_64", "SUSE Linux Enterprise Server 12 SP3:kernel-default-base-4.4.155-94.50.1.aarch64", "SUSE Linux Enterprise Server 12 SP3:kernel-default-base-4.4.155-94.50.1.ppc64le", "SUSE Linux Enterprise Server 12 SP3:kernel-default-base-4.4.155-94.50.1.s390x", "SUSE Linux Enterprise Server 12 SP3:kernel-default-base-4.4.155-94.50.1.x86_64", "SUSE Linux Enterprise Server 12 SP3:kernel-default-devel-4.4.155-94.50.1.aarch64", "SUSE Linux Enterprise Server 12 SP3:kernel-default-devel-4.4.155-94.50.1.ppc64le", "SUSE Linux Enterprise Server 12 SP3:kernel-default-devel-4.4.155-94.50.1.s390x", "SUSE Linux Enterprise Server 12 SP3:kernel-default-devel-4.4.155-94.50.1.x86_64", "SUSE Linux Enterprise Server 12 SP3:kernel-default-man-4.4.155-94.50.1.s390x", "SUSE Linux Enterprise Server 12 SP3:kernel-devel-4.4.155-94.50.1.noarch", "SUSE Linux Enterprise Server 12 SP3:kernel-macros-4.4.155-94.50.1.noarch", "SUSE Linux Enterprise Server 12 SP3:kernel-source-4.4.155-94.50.1.noarch", "SUSE Linux Enterprise Server 12 SP3:kernel-syms-4.4.155-94.50.1.aarch64", "SUSE Linux Enterprise Server 12 SP3:kernel-syms-4.4.155-94.50.1.ppc64le", "SUSE Linux Enterprise Server 12 SP3:kernel-syms-4.4.155-94.50.1.s390x", "SUSE Linux Enterprise Server 12 SP3:kernel-syms-4.4.155-94.50.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-4.4.155-94.50.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-4.4.155-94.50.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-4.4.155-94.50.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-4.4.155-94.50.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-base-4.4.155-94.50.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-base-4.4.155-94.50.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-base-4.4.155-94.50.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-base-4.4.155-94.50.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-devel-4.4.155-94.50.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-devel-4.4.155-94.50.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-devel-4.4.155-94.50.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-devel-4.4.155-94.50.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-man-4.4.155-94.50.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-devel-4.4.155-94.50.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-macros-4.4.155-94.50.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-source-4.4.155-94.50.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-syms-4.4.155-94.50.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-syms-4.4.155-94.50.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-syms-4.4.155-94.50.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-syms-4.4.155-94.50.1.x86_64", "SUSE Linux Enterprise Software Development Kit 12 SP3:kernel-docs-4.4.155-94.50.1.noarch", "SUSE Linux Enterprise Software Development Kit 12 SP3:kernel-obs-build-4.4.155-94.50.1.aarch64", "SUSE Linux Enterprise Software Development Kit 12 SP3:kernel-obs-build-4.4.155-94.50.1.ppc64le", "SUSE Linux Enterprise Software Development Kit 12 SP3:kernel-obs-build-4.4.155-94.50.1.s390x", "SUSE Linux Enterprise Software Development Kit 12 SP3:kernel-obs-build-4.4.155-94.50.1.x86_64", "SUSE Linux Enterprise Workstation Extension 12 SP3:kernel-default-extra-4.4.155-94.50.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2018-09-20T16:27:28Z", details: "low", }, ], title: "CVE-2018-12896", }, { cve: "CVE-2018-13093", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2018-13093", }, ], notes: [ { category: "general", text: "An issue was discovered in fs/xfs/xfs_icache.c in the Linux kernel through 4.17.3. There is a NULL pointer dereference and panic in lookup_slow() on a NULL inode->i_ops pointer when doing pathwalks on a corrupted xfs image. This occurs because of a lack of proper validation that cached inodes are free during allocation.", title: "CVE description", }, ], product_status: { recommended: [ "SUSE Linux Enterprise Desktop 12 SP3:kernel-default-4.4.155-94.50.1.x86_64", "SUSE Linux Enterprise Desktop 12 SP3:kernel-default-devel-4.4.155-94.50.1.x86_64", "SUSE Linux Enterprise Desktop 12 SP3:kernel-default-extra-4.4.155-94.50.1.x86_64", "SUSE Linux Enterprise Desktop 12 SP3:kernel-devel-4.4.155-94.50.1.noarch", "SUSE Linux Enterprise Desktop 12 SP3:kernel-macros-4.4.155-94.50.1.noarch", "SUSE Linux Enterprise Desktop 12 SP3:kernel-source-4.4.155-94.50.1.noarch", "SUSE Linux Enterprise Desktop 12 SP3:kernel-syms-4.4.155-94.50.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP3:cluster-md-kmp-default-4.4.155-94.50.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP3:cluster-md-kmp-default-4.4.155-94.50.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP3:cluster-md-kmp-default-4.4.155-94.50.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP3:dlm-kmp-default-4.4.155-94.50.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP3:dlm-kmp-default-4.4.155-94.50.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP3:dlm-kmp-default-4.4.155-94.50.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP3:gfs2-kmp-default-4.4.155-94.50.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP3:gfs2-kmp-default-4.4.155-94.50.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP3:gfs2-kmp-default-4.4.155-94.50.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP3:ocfs2-kmp-default-4.4.155-94.50.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP3:ocfs2-kmp-default-4.4.155-94.50.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP3:ocfs2-kmp-default-4.4.155-94.50.1.x86_64", "SUSE Linux Enterprise Server 12 SP3:kernel-default-4.4.155-94.50.1.aarch64", "SUSE Linux Enterprise Server 12 SP3:kernel-default-4.4.155-94.50.1.ppc64le", "SUSE Linux Enterprise Server 12 SP3:kernel-default-4.4.155-94.50.1.s390x", "SUSE Linux Enterprise Server 12 SP3:kernel-default-4.4.155-94.50.1.x86_64", "SUSE Linux Enterprise Server 12 SP3:kernel-default-base-4.4.155-94.50.1.aarch64", "SUSE Linux Enterprise Server 12 SP3:kernel-default-base-4.4.155-94.50.1.ppc64le", "SUSE Linux Enterprise Server 12 SP3:kernel-default-base-4.4.155-94.50.1.s390x", "SUSE Linux Enterprise Server 12 SP3:kernel-default-base-4.4.155-94.50.1.x86_64", "SUSE Linux Enterprise Server 12 SP3:kernel-default-devel-4.4.155-94.50.1.aarch64", "SUSE Linux Enterprise Server 12 SP3:kernel-default-devel-4.4.155-94.50.1.ppc64le", "SUSE Linux Enterprise Server 12 SP3:kernel-default-devel-4.4.155-94.50.1.s390x", "SUSE Linux Enterprise Server 12 SP3:kernel-default-devel-4.4.155-94.50.1.x86_64", "SUSE Linux Enterprise Server 12 SP3:kernel-default-man-4.4.155-94.50.1.s390x", "SUSE Linux Enterprise Server 12 SP3:kernel-devel-4.4.155-94.50.1.noarch", "SUSE Linux Enterprise Server 12 SP3:kernel-macros-4.4.155-94.50.1.noarch", "SUSE Linux Enterprise Server 12 SP3:kernel-source-4.4.155-94.50.1.noarch", "SUSE Linux Enterprise Server 12 SP3:kernel-syms-4.4.155-94.50.1.aarch64", "SUSE Linux Enterprise Server 12 SP3:kernel-syms-4.4.155-94.50.1.ppc64le", "SUSE Linux Enterprise Server 12 SP3:kernel-syms-4.4.155-94.50.1.s390x", "SUSE Linux Enterprise Server 12 SP3:kernel-syms-4.4.155-94.50.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-4.4.155-94.50.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-4.4.155-94.50.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-4.4.155-94.50.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-4.4.155-94.50.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-base-4.4.155-94.50.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-base-4.4.155-94.50.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-base-4.4.155-94.50.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-base-4.4.155-94.50.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-devel-4.4.155-94.50.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-devel-4.4.155-94.50.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-devel-4.4.155-94.50.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-devel-4.4.155-94.50.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-man-4.4.155-94.50.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-devel-4.4.155-94.50.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-macros-4.4.155-94.50.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-source-4.4.155-94.50.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-syms-4.4.155-94.50.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-syms-4.4.155-94.50.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-syms-4.4.155-94.50.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-syms-4.4.155-94.50.1.x86_64", "SUSE Linux Enterprise Software Development Kit 12 SP3:kernel-docs-4.4.155-94.50.1.noarch", "SUSE Linux Enterprise Software Development Kit 12 SP3:kernel-obs-build-4.4.155-94.50.1.aarch64", "SUSE Linux Enterprise Software Development Kit 12 SP3:kernel-obs-build-4.4.155-94.50.1.ppc64le", "SUSE Linux Enterprise Software Development Kit 12 SP3:kernel-obs-build-4.4.155-94.50.1.s390x", "SUSE Linux Enterprise Software Development Kit 12 SP3:kernel-obs-build-4.4.155-94.50.1.x86_64", "SUSE Linux Enterprise Workstation Extension 12 SP3:kernel-default-extra-4.4.155-94.50.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2018-13093", url: "https://www.suse.com/security/cve/CVE-2018-13093", }, { category: "external", summary: "SUSE Bug 1100001 for CVE-2018-13093", url: "https://bugzilla.suse.com/1100001", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE Linux Enterprise Desktop 12 SP3:kernel-default-4.4.155-94.50.1.x86_64", "SUSE Linux Enterprise Desktop 12 SP3:kernel-default-devel-4.4.155-94.50.1.x86_64", "SUSE Linux Enterprise Desktop 12 SP3:kernel-default-extra-4.4.155-94.50.1.x86_64", "SUSE Linux Enterprise Desktop 12 SP3:kernel-devel-4.4.155-94.50.1.noarch", "SUSE Linux Enterprise Desktop 12 SP3:kernel-macros-4.4.155-94.50.1.noarch", "SUSE Linux Enterprise Desktop 12 SP3:kernel-source-4.4.155-94.50.1.noarch", "SUSE Linux Enterprise Desktop 12 SP3:kernel-syms-4.4.155-94.50.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP3:cluster-md-kmp-default-4.4.155-94.50.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP3:cluster-md-kmp-default-4.4.155-94.50.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP3:cluster-md-kmp-default-4.4.155-94.50.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP3:dlm-kmp-default-4.4.155-94.50.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP3:dlm-kmp-default-4.4.155-94.50.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP3:dlm-kmp-default-4.4.155-94.50.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP3:gfs2-kmp-default-4.4.155-94.50.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP3:gfs2-kmp-default-4.4.155-94.50.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP3:gfs2-kmp-default-4.4.155-94.50.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP3:ocfs2-kmp-default-4.4.155-94.50.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP3:ocfs2-kmp-default-4.4.155-94.50.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP3:ocfs2-kmp-default-4.4.155-94.50.1.x86_64", "SUSE Linux Enterprise Server 12 SP3:kernel-default-4.4.155-94.50.1.aarch64", "SUSE Linux Enterprise Server 12 SP3:kernel-default-4.4.155-94.50.1.ppc64le", "SUSE Linux Enterprise Server 12 SP3:kernel-default-4.4.155-94.50.1.s390x", "SUSE Linux Enterprise Server 12 SP3:kernel-default-4.4.155-94.50.1.x86_64", "SUSE Linux Enterprise Server 12 SP3:kernel-default-base-4.4.155-94.50.1.aarch64", "SUSE Linux Enterprise Server 12 SP3:kernel-default-base-4.4.155-94.50.1.ppc64le", "SUSE Linux Enterprise Server 12 SP3:kernel-default-base-4.4.155-94.50.1.s390x", "SUSE Linux Enterprise Server 12 SP3:kernel-default-base-4.4.155-94.50.1.x86_64", "SUSE Linux Enterprise Server 12 SP3:kernel-default-devel-4.4.155-94.50.1.aarch64", "SUSE Linux Enterprise Server 12 SP3:kernel-default-devel-4.4.155-94.50.1.ppc64le", "SUSE Linux Enterprise Server 12 SP3:kernel-default-devel-4.4.155-94.50.1.s390x", "SUSE Linux Enterprise Server 12 SP3:kernel-default-devel-4.4.155-94.50.1.x86_64", "SUSE Linux Enterprise Server 12 SP3:kernel-default-man-4.4.155-94.50.1.s390x", "SUSE Linux Enterprise Server 12 SP3:kernel-devel-4.4.155-94.50.1.noarch", "SUSE Linux Enterprise Server 12 SP3:kernel-macros-4.4.155-94.50.1.noarch", "SUSE Linux Enterprise Server 12 SP3:kernel-source-4.4.155-94.50.1.noarch", "SUSE Linux Enterprise Server 12 SP3:kernel-syms-4.4.155-94.50.1.aarch64", "SUSE Linux Enterprise Server 12 SP3:kernel-syms-4.4.155-94.50.1.ppc64le", "SUSE Linux Enterprise Server 12 SP3:kernel-syms-4.4.155-94.50.1.s390x", "SUSE Linux Enterprise Server 12 SP3:kernel-syms-4.4.155-94.50.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-4.4.155-94.50.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-4.4.155-94.50.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-4.4.155-94.50.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-4.4.155-94.50.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-base-4.4.155-94.50.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-base-4.4.155-94.50.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-base-4.4.155-94.50.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-base-4.4.155-94.50.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-devel-4.4.155-94.50.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-devel-4.4.155-94.50.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-devel-4.4.155-94.50.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-devel-4.4.155-94.50.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-man-4.4.155-94.50.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-devel-4.4.155-94.50.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-macros-4.4.155-94.50.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-source-4.4.155-94.50.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-syms-4.4.155-94.50.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-syms-4.4.155-94.50.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-syms-4.4.155-94.50.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-syms-4.4.155-94.50.1.x86_64", "SUSE Linux Enterprise Software Development Kit 12 SP3:kernel-docs-4.4.155-94.50.1.noarch", "SUSE Linux Enterprise Software Development Kit 12 SP3:kernel-obs-build-4.4.155-94.50.1.aarch64", "SUSE Linux Enterprise Software Development Kit 12 SP3:kernel-obs-build-4.4.155-94.50.1.ppc64le", "SUSE Linux Enterprise Software Development Kit 12 SP3:kernel-obs-build-4.4.155-94.50.1.s390x", "SUSE Linux Enterprise Software Development Kit 12 SP3:kernel-obs-build-4.4.155-94.50.1.x86_64", "SUSE Linux Enterprise Workstation Extension 12 SP3:kernel-default-extra-4.4.155-94.50.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 6.1, baseSeverity: "MEDIUM", vectorString: "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:H", version: "3.0", }, products: [ "SUSE Linux Enterprise Desktop 12 SP3:kernel-default-4.4.155-94.50.1.x86_64", "SUSE Linux Enterprise Desktop 12 SP3:kernel-default-devel-4.4.155-94.50.1.x86_64", "SUSE Linux Enterprise Desktop 12 SP3:kernel-default-extra-4.4.155-94.50.1.x86_64", "SUSE Linux Enterprise Desktop 12 SP3:kernel-devel-4.4.155-94.50.1.noarch", "SUSE Linux Enterprise Desktop 12 SP3:kernel-macros-4.4.155-94.50.1.noarch", "SUSE Linux Enterprise Desktop 12 SP3:kernel-source-4.4.155-94.50.1.noarch", "SUSE Linux Enterprise Desktop 12 SP3:kernel-syms-4.4.155-94.50.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP3:cluster-md-kmp-default-4.4.155-94.50.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP3:cluster-md-kmp-default-4.4.155-94.50.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP3:cluster-md-kmp-default-4.4.155-94.50.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP3:dlm-kmp-default-4.4.155-94.50.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP3:dlm-kmp-default-4.4.155-94.50.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP3:dlm-kmp-default-4.4.155-94.50.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP3:gfs2-kmp-default-4.4.155-94.50.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP3:gfs2-kmp-default-4.4.155-94.50.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP3:gfs2-kmp-default-4.4.155-94.50.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP3:ocfs2-kmp-default-4.4.155-94.50.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP3:ocfs2-kmp-default-4.4.155-94.50.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP3:ocfs2-kmp-default-4.4.155-94.50.1.x86_64", "SUSE Linux Enterprise Server 12 SP3:kernel-default-4.4.155-94.50.1.aarch64", "SUSE Linux Enterprise Server 12 SP3:kernel-default-4.4.155-94.50.1.ppc64le", "SUSE Linux Enterprise Server 12 SP3:kernel-default-4.4.155-94.50.1.s390x", "SUSE Linux Enterprise Server 12 SP3:kernel-default-4.4.155-94.50.1.x86_64", "SUSE Linux Enterprise Server 12 SP3:kernel-default-base-4.4.155-94.50.1.aarch64", "SUSE Linux Enterprise Server 12 SP3:kernel-default-base-4.4.155-94.50.1.ppc64le", "SUSE Linux Enterprise Server 12 SP3:kernel-default-base-4.4.155-94.50.1.s390x", "SUSE Linux Enterprise Server 12 SP3:kernel-default-base-4.4.155-94.50.1.x86_64", "SUSE Linux Enterprise Server 12 SP3:kernel-default-devel-4.4.155-94.50.1.aarch64", "SUSE Linux Enterprise Server 12 SP3:kernel-default-devel-4.4.155-94.50.1.ppc64le", "SUSE Linux Enterprise Server 12 SP3:kernel-default-devel-4.4.155-94.50.1.s390x", "SUSE Linux Enterprise Server 12 SP3:kernel-default-devel-4.4.155-94.50.1.x86_64", "SUSE Linux Enterprise Server 12 SP3:kernel-default-man-4.4.155-94.50.1.s390x", "SUSE Linux Enterprise Server 12 SP3:kernel-devel-4.4.155-94.50.1.noarch", "SUSE Linux Enterprise Server 12 SP3:kernel-macros-4.4.155-94.50.1.noarch", "SUSE Linux Enterprise Server 12 SP3:kernel-source-4.4.155-94.50.1.noarch", "SUSE Linux Enterprise Server 12 SP3:kernel-syms-4.4.155-94.50.1.aarch64", "SUSE Linux Enterprise Server 12 SP3:kernel-syms-4.4.155-94.50.1.ppc64le", "SUSE Linux Enterprise Server 12 SP3:kernel-syms-4.4.155-94.50.1.s390x", "SUSE Linux Enterprise Server 12 SP3:kernel-syms-4.4.155-94.50.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-4.4.155-94.50.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-4.4.155-94.50.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-4.4.155-94.50.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-4.4.155-94.50.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-base-4.4.155-94.50.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-base-4.4.155-94.50.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-base-4.4.155-94.50.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-base-4.4.155-94.50.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-devel-4.4.155-94.50.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-devel-4.4.155-94.50.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-devel-4.4.155-94.50.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-devel-4.4.155-94.50.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-man-4.4.155-94.50.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-devel-4.4.155-94.50.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-macros-4.4.155-94.50.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-source-4.4.155-94.50.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-syms-4.4.155-94.50.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-syms-4.4.155-94.50.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-syms-4.4.155-94.50.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-syms-4.4.155-94.50.1.x86_64", "SUSE Linux Enterprise Software Development Kit 12 SP3:kernel-docs-4.4.155-94.50.1.noarch", "SUSE Linux Enterprise Software Development Kit 12 SP3:kernel-obs-build-4.4.155-94.50.1.aarch64", "SUSE Linux Enterprise Software Development Kit 12 SP3:kernel-obs-build-4.4.155-94.50.1.ppc64le", "SUSE Linux Enterprise Software Development Kit 12 SP3:kernel-obs-build-4.4.155-94.50.1.s390x", "SUSE Linux Enterprise Software Development Kit 12 SP3:kernel-obs-build-4.4.155-94.50.1.x86_64", "SUSE Linux Enterprise Workstation Extension 12 SP3:kernel-default-extra-4.4.155-94.50.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2018-09-20T16:27:28Z", details: "moderate", }, ], title: "CVE-2018-13093", }, { cve: "CVE-2018-13094", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2018-13094", }, ], notes: [ { category: "general", text: "An issue was discovered in fs/xfs/libxfs/xfs_attr_leaf.c in the Linux kernel through 4.17.3. An OOPS may occur for a corrupted xfs image after xfs_da_shrink_inode() is called with a NULL bp.", title: "CVE description", }, ], product_status: { recommended: [ "SUSE Linux Enterprise Desktop 12 SP3:kernel-default-4.4.155-94.50.1.x86_64", "SUSE Linux Enterprise Desktop 12 SP3:kernel-default-devel-4.4.155-94.50.1.x86_64", "SUSE Linux Enterprise Desktop 12 SP3:kernel-default-extra-4.4.155-94.50.1.x86_64", "SUSE Linux Enterprise Desktop 12 SP3:kernel-devel-4.4.155-94.50.1.noarch", "SUSE Linux Enterprise Desktop 12 SP3:kernel-macros-4.4.155-94.50.1.noarch", "SUSE Linux Enterprise Desktop 12 SP3:kernel-source-4.4.155-94.50.1.noarch", "SUSE Linux Enterprise Desktop 12 SP3:kernel-syms-4.4.155-94.50.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP3:cluster-md-kmp-default-4.4.155-94.50.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP3:cluster-md-kmp-default-4.4.155-94.50.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP3:cluster-md-kmp-default-4.4.155-94.50.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP3:dlm-kmp-default-4.4.155-94.50.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP3:dlm-kmp-default-4.4.155-94.50.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP3:dlm-kmp-default-4.4.155-94.50.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP3:gfs2-kmp-default-4.4.155-94.50.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP3:gfs2-kmp-default-4.4.155-94.50.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP3:gfs2-kmp-default-4.4.155-94.50.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP3:ocfs2-kmp-default-4.4.155-94.50.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP3:ocfs2-kmp-default-4.4.155-94.50.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP3:ocfs2-kmp-default-4.4.155-94.50.1.x86_64", "SUSE Linux Enterprise Server 12 SP3:kernel-default-4.4.155-94.50.1.aarch64", "SUSE Linux Enterprise Server 12 SP3:kernel-default-4.4.155-94.50.1.ppc64le", "SUSE Linux Enterprise Server 12 SP3:kernel-default-4.4.155-94.50.1.s390x", "SUSE Linux Enterprise Server 12 SP3:kernel-default-4.4.155-94.50.1.x86_64", "SUSE Linux Enterprise Server 12 SP3:kernel-default-base-4.4.155-94.50.1.aarch64", "SUSE Linux Enterprise Server 12 SP3:kernel-default-base-4.4.155-94.50.1.ppc64le", "SUSE Linux Enterprise Server 12 SP3:kernel-default-base-4.4.155-94.50.1.s390x", "SUSE Linux Enterprise Server 12 SP3:kernel-default-base-4.4.155-94.50.1.x86_64", "SUSE Linux Enterprise Server 12 SP3:kernel-default-devel-4.4.155-94.50.1.aarch64", "SUSE Linux Enterprise Server 12 SP3:kernel-default-devel-4.4.155-94.50.1.ppc64le", "SUSE Linux Enterprise Server 12 SP3:kernel-default-devel-4.4.155-94.50.1.s390x", "SUSE Linux Enterprise Server 12 SP3:kernel-default-devel-4.4.155-94.50.1.x86_64", "SUSE Linux Enterprise Server 12 SP3:kernel-default-man-4.4.155-94.50.1.s390x", "SUSE Linux Enterprise Server 12 SP3:kernel-devel-4.4.155-94.50.1.noarch", "SUSE Linux Enterprise Server 12 SP3:kernel-macros-4.4.155-94.50.1.noarch", "SUSE Linux Enterprise Server 12 SP3:kernel-source-4.4.155-94.50.1.noarch", "SUSE Linux Enterprise Server 12 SP3:kernel-syms-4.4.155-94.50.1.aarch64", "SUSE Linux Enterprise Server 12 SP3:kernel-syms-4.4.155-94.50.1.ppc64le", "SUSE Linux Enterprise Server 12 SP3:kernel-syms-4.4.155-94.50.1.s390x", "SUSE Linux Enterprise Server 12 SP3:kernel-syms-4.4.155-94.50.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-4.4.155-94.50.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-4.4.155-94.50.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-4.4.155-94.50.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-4.4.155-94.50.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-base-4.4.155-94.50.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-base-4.4.155-94.50.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-base-4.4.155-94.50.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-base-4.4.155-94.50.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-devel-4.4.155-94.50.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-devel-4.4.155-94.50.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-devel-4.4.155-94.50.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-devel-4.4.155-94.50.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-man-4.4.155-94.50.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-devel-4.4.155-94.50.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-macros-4.4.155-94.50.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-source-4.4.155-94.50.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-syms-4.4.155-94.50.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-syms-4.4.155-94.50.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-syms-4.4.155-94.50.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-syms-4.4.155-94.50.1.x86_64", "SUSE Linux Enterprise Software Development Kit 12 SP3:kernel-docs-4.4.155-94.50.1.noarch", "SUSE Linux Enterprise Software Development Kit 12 SP3:kernel-obs-build-4.4.155-94.50.1.aarch64", "SUSE Linux Enterprise Software Development Kit 12 SP3:kernel-obs-build-4.4.155-94.50.1.ppc64le", "SUSE Linux Enterprise Software Development Kit 12 SP3:kernel-obs-build-4.4.155-94.50.1.s390x", "SUSE Linux Enterprise Software Development Kit 12 SP3:kernel-obs-build-4.4.155-94.50.1.x86_64", "SUSE Linux Enterprise Workstation Extension 12 SP3:kernel-default-extra-4.4.155-94.50.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2018-13094", url: "https://www.suse.com/security/cve/CVE-2018-13094", }, { category: "external", summary: "SUSE Bug 1087082 for CVE-2018-13094", url: "https://bugzilla.suse.com/1087082", }, { category: "external", summary: "SUSE Bug 1100000 for CVE-2018-13094", url: "https://bugzilla.suse.com/1100000", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE Linux Enterprise Desktop 12 SP3:kernel-default-4.4.155-94.50.1.x86_64", "SUSE Linux Enterprise Desktop 12 SP3:kernel-default-devel-4.4.155-94.50.1.x86_64", "SUSE Linux Enterprise Desktop 12 SP3:kernel-default-extra-4.4.155-94.50.1.x86_64", "SUSE Linux Enterprise Desktop 12 SP3:kernel-devel-4.4.155-94.50.1.noarch", "SUSE Linux Enterprise Desktop 12 SP3:kernel-macros-4.4.155-94.50.1.noarch", "SUSE Linux Enterprise Desktop 12 SP3:kernel-source-4.4.155-94.50.1.noarch", "SUSE Linux Enterprise Desktop 12 SP3:kernel-syms-4.4.155-94.50.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP3:cluster-md-kmp-default-4.4.155-94.50.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP3:cluster-md-kmp-default-4.4.155-94.50.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP3:cluster-md-kmp-default-4.4.155-94.50.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP3:dlm-kmp-default-4.4.155-94.50.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP3:dlm-kmp-default-4.4.155-94.50.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP3:dlm-kmp-default-4.4.155-94.50.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP3:gfs2-kmp-default-4.4.155-94.50.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP3:gfs2-kmp-default-4.4.155-94.50.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP3:gfs2-kmp-default-4.4.155-94.50.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP3:ocfs2-kmp-default-4.4.155-94.50.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP3:ocfs2-kmp-default-4.4.155-94.50.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP3:ocfs2-kmp-default-4.4.155-94.50.1.x86_64", "SUSE Linux Enterprise Server 12 SP3:kernel-default-4.4.155-94.50.1.aarch64", "SUSE Linux Enterprise Server 12 SP3:kernel-default-4.4.155-94.50.1.ppc64le", "SUSE Linux Enterprise Server 12 SP3:kernel-default-4.4.155-94.50.1.s390x", "SUSE Linux Enterprise Server 12 SP3:kernel-default-4.4.155-94.50.1.x86_64", "SUSE Linux Enterprise Server 12 SP3:kernel-default-base-4.4.155-94.50.1.aarch64", "SUSE Linux Enterprise Server 12 SP3:kernel-default-base-4.4.155-94.50.1.ppc64le", "SUSE Linux Enterprise Server 12 SP3:kernel-default-base-4.4.155-94.50.1.s390x", "SUSE Linux Enterprise Server 12 SP3:kernel-default-base-4.4.155-94.50.1.x86_64", "SUSE Linux Enterprise Server 12 SP3:kernel-default-devel-4.4.155-94.50.1.aarch64", "SUSE Linux Enterprise Server 12 SP3:kernel-default-devel-4.4.155-94.50.1.ppc64le", "SUSE Linux Enterprise Server 12 SP3:kernel-default-devel-4.4.155-94.50.1.s390x", "SUSE Linux Enterprise Server 12 SP3:kernel-default-devel-4.4.155-94.50.1.x86_64", "SUSE Linux Enterprise Server 12 SP3:kernel-default-man-4.4.155-94.50.1.s390x", "SUSE Linux Enterprise Server 12 SP3:kernel-devel-4.4.155-94.50.1.noarch", "SUSE Linux Enterprise Server 12 SP3:kernel-macros-4.4.155-94.50.1.noarch", "SUSE Linux Enterprise Server 12 SP3:kernel-source-4.4.155-94.50.1.noarch", "SUSE Linux Enterprise Server 12 SP3:kernel-syms-4.4.155-94.50.1.aarch64", "SUSE Linux Enterprise Server 12 SP3:kernel-syms-4.4.155-94.50.1.ppc64le", "SUSE Linux Enterprise Server 12 SP3:kernel-syms-4.4.155-94.50.1.s390x", "SUSE Linux Enterprise Server 12 SP3:kernel-syms-4.4.155-94.50.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-4.4.155-94.50.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-4.4.155-94.50.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-4.4.155-94.50.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-4.4.155-94.50.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-base-4.4.155-94.50.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-base-4.4.155-94.50.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-base-4.4.155-94.50.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-base-4.4.155-94.50.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-devel-4.4.155-94.50.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-devel-4.4.155-94.50.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-devel-4.4.155-94.50.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-devel-4.4.155-94.50.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-man-4.4.155-94.50.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-devel-4.4.155-94.50.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-macros-4.4.155-94.50.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-source-4.4.155-94.50.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-syms-4.4.155-94.50.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-syms-4.4.155-94.50.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-syms-4.4.155-94.50.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-syms-4.4.155-94.50.1.x86_64", "SUSE Linux Enterprise Software Development Kit 12 SP3:kernel-docs-4.4.155-94.50.1.noarch", "SUSE Linux Enterprise Software Development Kit 12 SP3:kernel-obs-build-4.4.155-94.50.1.aarch64", "SUSE Linux Enterprise Software Development Kit 12 SP3:kernel-obs-build-4.4.155-94.50.1.ppc64le", "SUSE Linux Enterprise Software Development Kit 12 SP3:kernel-obs-build-4.4.155-94.50.1.s390x", "SUSE Linux Enterprise Software Development Kit 12 SP3:kernel-obs-build-4.4.155-94.50.1.x86_64", "SUSE Linux Enterprise Workstation Extension 12 SP3:kernel-default-extra-4.4.155-94.50.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 5.5, baseSeverity: "MEDIUM", vectorString: "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H", version: "3.0", }, products: [ "SUSE Linux Enterprise Desktop 12 SP3:kernel-default-4.4.155-94.50.1.x86_64", "SUSE Linux Enterprise Desktop 12 SP3:kernel-default-devel-4.4.155-94.50.1.x86_64", "SUSE Linux Enterprise Desktop 12 SP3:kernel-default-extra-4.4.155-94.50.1.x86_64", "SUSE Linux Enterprise Desktop 12 SP3:kernel-devel-4.4.155-94.50.1.noarch", "SUSE Linux Enterprise Desktop 12 SP3:kernel-macros-4.4.155-94.50.1.noarch", "SUSE Linux Enterprise Desktop 12 SP3:kernel-source-4.4.155-94.50.1.noarch", "SUSE Linux Enterprise Desktop 12 SP3:kernel-syms-4.4.155-94.50.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP3:cluster-md-kmp-default-4.4.155-94.50.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP3:cluster-md-kmp-default-4.4.155-94.50.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP3:cluster-md-kmp-default-4.4.155-94.50.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP3:dlm-kmp-default-4.4.155-94.50.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP3:dlm-kmp-default-4.4.155-94.50.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP3:dlm-kmp-default-4.4.155-94.50.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP3:gfs2-kmp-default-4.4.155-94.50.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP3:gfs2-kmp-default-4.4.155-94.50.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP3:gfs2-kmp-default-4.4.155-94.50.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP3:ocfs2-kmp-default-4.4.155-94.50.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP3:ocfs2-kmp-default-4.4.155-94.50.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP3:ocfs2-kmp-default-4.4.155-94.50.1.x86_64", "SUSE Linux Enterprise Server 12 SP3:kernel-default-4.4.155-94.50.1.aarch64", "SUSE Linux Enterprise Server 12 SP3:kernel-default-4.4.155-94.50.1.ppc64le", "SUSE Linux Enterprise Server 12 SP3:kernel-default-4.4.155-94.50.1.s390x", "SUSE Linux Enterprise Server 12 SP3:kernel-default-4.4.155-94.50.1.x86_64", "SUSE Linux Enterprise Server 12 SP3:kernel-default-base-4.4.155-94.50.1.aarch64", "SUSE Linux Enterprise Server 12 SP3:kernel-default-base-4.4.155-94.50.1.ppc64le", "SUSE Linux Enterprise Server 12 SP3:kernel-default-base-4.4.155-94.50.1.s390x", "SUSE Linux Enterprise Server 12 SP3:kernel-default-base-4.4.155-94.50.1.x86_64", "SUSE Linux Enterprise Server 12 SP3:kernel-default-devel-4.4.155-94.50.1.aarch64", "SUSE Linux Enterprise Server 12 SP3:kernel-default-devel-4.4.155-94.50.1.ppc64le", "SUSE Linux Enterprise Server 12 SP3:kernel-default-devel-4.4.155-94.50.1.s390x", "SUSE Linux Enterprise Server 12 SP3:kernel-default-devel-4.4.155-94.50.1.x86_64", "SUSE Linux Enterprise Server 12 SP3:kernel-default-man-4.4.155-94.50.1.s390x", "SUSE Linux Enterprise Server 12 SP3:kernel-devel-4.4.155-94.50.1.noarch", "SUSE Linux Enterprise Server 12 SP3:kernel-macros-4.4.155-94.50.1.noarch", "SUSE Linux Enterprise Server 12 SP3:kernel-source-4.4.155-94.50.1.noarch", "SUSE Linux Enterprise Server 12 SP3:kernel-syms-4.4.155-94.50.1.aarch64", "SUSE Linux Enterprise Server 12 SP3:kernel-syms-4.4.155-94.50.1.ppc64le", "SUSE Linux Enterprise Server 12 SP3:kernel-syms-4.4.155-94.50.1.s390x", "SUSE Linux Enterprise Server 12 SP3:kernel-syms-4.4.155-94.50.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-4.4.155-94.50.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-4.4.155-94.50.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-4.4.155-94.50.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-4.4.155-94.50.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-base-4.4.155-94.50.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-base-4.4.155-94.50.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-base-4.4.155-94.50.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-base-4.4.155-94.50.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-devel-4.4.155-94.50.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-devel-4.4.155-94.50.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-devel-4.4.155-94.50.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-devel-4.4.155-94.50.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-man-4.4.155-94.50.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-devel-4.4.155-94.50.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-macros-4.4.155-94.50.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-source-4.4.155-94.50.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-syms-4.4.155-94.50.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-syms-4.4.155-94.50.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-syms-4.4.155-94.50.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-syms-4.4.155-94.50.1.x86_64", "SUSE Linux Enterprise Software Development Kit 12 SP3:kernel-docs-4.4.155-94.50.1.noarch", "SUSE Linux Enterprise Software Development Kit 12 SP3:kernel-obs-build-4.4.155-94.50.1.aarch64", "SUSE Linux Enterprise Software Development Kit 12 SP3:kernel-obs-build-4.4.155-94.50.1.ppc64le", "SUSE Linux Enterprise Software Development Kit 12 SP3:kernel-obs-build-4.4.155-94.50.1.s390x", "SUSE Linux Enterprise Software Development Kit 12 SP3:kernel-obs-build-4.4.155-94.50.1.x86_64", "SUSE Linux Enterprise Workstation Extension 12 SP3:kernel-default-extra-4.4.155-94.50.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2018-09-20T16:27:28Z", details: "moderate", }, ], title: "CVE-2018-13094", }, { cve: "CVE-2018-13095", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2018-13095", }, ], notes: [ { category: "general", text: "An issue was discovered in fs/xfs/libxfs/xfs_inode_buf.c in the Linux kernel through 4.17.3. A denial of service (memory corruption and BUG) can occur for a corrupted xfs image upon encountering an inode that is in extent format, but has more extents than fit in the inode fork.", title: "CVE description", }, ], product_status: { recommended: [ "SUSE Linux Enterprise Desktop 12 SP3:kernel-default-4.4.155-94.50.1.x86_64", "SUSE Linux Enterprise Desktop 12 SP3:kernel-default-devel-4.4.155-94.50.1.x86_64", "SUSE Linux Enterprise Desktop 12 SP3:kernel-default-extra-4.4.155-94.50.1.x86_64", "SUSE Linux Enterprise Desktop 12 SP3:kernel-devel-4.4.155-94.50.1.noarch", "SUSE Linux Enterprise Desktop 12 SP3:kernel-macros-4.4.155-94.50.1.noarch", "SUSE Linux Enterprise Desktop 12 SP3:kernel-source-4.4.155-94.50.1.noarch", "SUSE Linux Enterprise Desktop 12 SP3:kernel-syms-4.4.155-94.50.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP3:cluster-md-kmp-default-4.4.155-94.50.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP3:cluster-md-kmp-default-4.4.155-94.50.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP3:cluster-md-kmp-default-4.4.155-94.50.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP3:dlm-kmp-default-4.4.155-94.50.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP3:dlm-kmp-default-4.4.155-94.50.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP3:dlm-kmp-default-4.4.155-94.50.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP3:gfs2-kmp-default-4.4.155-94.50.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP3:gfs2-kmp-default-4.4.155-94.50.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP3:gfs2-kmp-default-4.4.155-94.50.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP3:ocfs2-kmp-default-4.4.155-94.50.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP3:ocfs2-kmp-default-4.4.155-94.50.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP3:ocfs2-kmp-default-4.4.155-94.50.1.x86_64", "SUSE Linux Enterprise Server 12 SP3:kernel-default-4.4.155-94.50.1.aarch64", "SUSE Linux Enterprise Server 12 SP3:kernel-default-4.4.155-94.50.1.ppc64le", "SUSE Linux Enterprise Server 12 SP3:kernel-default-4.4.155-94.50.1.s390x", "SUSE Linux Enterprise Server 12 SP3:kernel-default-4.4.155-94.50.1.x86_64", "SUSE Linux Enterprise Server 12 SP3:kernel-default-base-4.4.155-94.50.1.aarch64", "SUSE Linux Enterprise Server 12 SP3:kernel-default-base-4.4.155-94.50.1.ppc64le", "SUSE Linux Enterprise Server 12 SP3:kernel-default-base-4.4.155-94.50.1.s390x", "SUSE Linux Enterprise Server 12 SP3:kernel-default-base-4.4.155-94.50.1.x86_64", "SUSE Linux Enterprise Server 12 SP3:kernel-default-devel-4.4.155-94.50.1.aarch64", "SUSE Linux Enterprise Server 12 SP3:kernel-default-devel-4.4.155-94.50.1.ppc64le", "SUSE Linux Enterprise Server 12 SP3:kernel-default-devel-4.4.155-94.50.1.s390x", "SUSE Linux Enterprise Server 12 SP3:kernel-default-devel-4.4.155-94.50.1.x86_64", "SUSE Linux Enterprise Server 12 SP3:kernel-default-man-4.4.155-94.50.1.s390x", "SUSE Linux Enterprise Server 12 SP3:kernel-devel-4.4.155-94.50.1.noarch", "SUSE Linux Enterprise Server 12 SP3:kernel-macros-4.4.155-94.50.1.noarch", "SUSE Linux Enterprise Server 12 SP3:kernel-source-4.4.155-94.50.1.noarch", "SUSE Linux Enterprise Server 12 SP3:kernel-syms-4.4.155-94.50.1.aarch64", "SUSE Linux Enterprise Server 12 SP3:kernel-syms-4.4.155-94.50.1.ppc64le", "SUSE Linux Enterprise Server 12 SP3:kernel-syms-4.4.155-94.50.1.s390x", "SUSE Linux Enterprise Server 12 SP3:kernel-syms-4.4.155-94.50.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-4.4.155-94.50.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-4.4.155-94.50.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-4.4.155-94.50.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-4.4.155-94.50.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-base-4.4.155-94.50.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-base-4.4.155-94.50.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-base-4.4.155-94.50.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-base-4.4.155-94.50.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-devel-4.4.155-94.50.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-devel-4.4.155-94.50.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-devel-4.4.155-94.50.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-devel-4.4.155-94.50.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-man-4.4.155-94.50.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-devel-4.4.155-94.50.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-macros-4.4.155-94.50.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-source-4.4.155-94.50.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-syms-4.4.155-94.50.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-syms-4.4.155-94.50.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-syms-4.4.155-94.50.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-syms-4.4.155-94.50.1.x86_64", "SUSE Linux Enterprise Software Development Kit 12 SP3:kernel-docs-4.4.155-94.50.1.noarch", "SUSE Linux Enterprise Software Development Kit 12 SP3:kernel-obs-build-4.4.155-94.50.1.aarch64", "SUSE Linux Enterprise Software Development Kit 12 SP3:kernel-obs-build-4.4.155-94.50.1.ppc64le", "SUSE Linux Enterprise Software Development Kit 12 SP3:kernel-obs-build-4.4.155-94.50.1.s390x", "SUSE Linux Enterprise Software Development Kit 12 SP3:kernel-obs-build-4.4.155-94.50.1.x86_64", "SUSE Linux Enterprise Workstation Extension 12 SP3:kernel-default-extra-4.4.155-94.50.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2018-13095", url: "https://www.suse.com/security/cve/CVE-2018-13095", }, { category: "external", summary: "SUSE Bug 1099999 for CVE-2018-13095", url: "https://bugzilla.suse.com/1099999", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE Linux Enterprise Desktop 12 SP3:kernel-default-4.4.155-94.50.1.x86_64", "SUSE Linux Enterprise Desktop 12 SP3:kernel-default-devel-4.4.155-94.50.1.x86_64", "SUSE Linux Enterprise Desktop 12 SP3:kernel-default-extra-4.4.155-94.50.1.x86_64", "SUSE Linux Enterprise Desktop 12 SP3:kernel-devel-4.4.155-94.50.1.noarch", "SUSE Linux Enterprise Desktop 12 SP3:kernel-macros-4.4.155-94.50.1.noarch", "SUSE Linux Enterprise Desktop 12 SP3:kernel-source-4.4.155-94.50.1.noarch", "SUSE Linux Enterprise Desktop 12 SP3:kernel-syms-4.4.155-94.50.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP3:cluster-md-kmp-default-4.4.155-94.50.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP3:cluster-md-kmp-default-4.4.155-94.50.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP3:cluster-md-kmp-default-4.4.155-94.50.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP3:dlm-kmp-default-4.4.155-94.50.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP3:dlm-kmp-default-4.4.155-94.50.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP3:dlm-kmp-default-4.4.155-94.50.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP3:gfs2-kmp-default-4.4.155-94.50.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP3:gfs2-kmp-default-4.4.155-94.50.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP3:gfs2-kmp-default-4.4.155-94.50.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP3:ocfs2-kmp-default-4.4.155-94.50.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP3:ocfs2-kmp-default-4.4.155-94.50.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP3:ocfs2-kmp-default-4.4.155-94.50.1.x86_64", "SUSE Linux Enterprise Server 12 SP3:kernel-default-4.4.155-94.50.1.aarch64", "SUSE Linux Enterprise Server 12 SP3:kernel-default-4.4.155-94.50.1.ppc64le", "SUSE Linux Enterprise Server 12 SP3:kernel-default-4.4.155-94.50.1.s390x", "SUSE Linux Enterprise Server 12 SP3:kernel-default-4.4.155-94.50.1.x86_64", "SUSE Linux Enterprise Server 12 SP3:kernel-default-base-4.4.155-94.50.1.aarch64", "SUSE Linux Enterprise Server 12 SP3:kernel-default-base-4.4.155-94.50.1.ppc64le", "SUSE Linux Enterprise Server 12 SP3:kernel-default-base-4.4.155-94.50.1.s390x", "SUSE Linux Enterprise Server 12 SP3:kernel-default-base-4.4.155-94.50.1.x86_64", "SUSE Linux Enterprise Server 12 SP3:kernel-default-devel-4.4.155-94.50.1.aarch64", "SUSE Linux Enterprise Server 12 SP3:kernel-default-devel-4.4.155-94.50.1.ppc64le", "SUSE Linux Enterprise Server 12 SP3:kernel-default-devel-4.4.155-94.50.1.s390x", "SUSE Linux Enterprise Server 12 SP3:kernel-default-devel-4.4.155-94.50.1.x86_64", "SUSE Linux Enterprise Server 12 SP3:kernel-default-man-4.4.155-94.50.1.s390x", "SUSE Linux Enterprise Server 12 SP3:kernel-devel-4.4.155-94.50.1.noarch", "SUSE Linux Enterprise Server 12 SP3:kernel-macros-4.4.155-94.50.1.noarch", "SUSE Linux Enterprise Server 12 SP3:kernel-source-4.4.155-94.50.1.noarch", "SUSE Linux Enterprise Server 12 SP3:kernel-syms-4.4.155-94.50.1.aarch64", "SUSE Linux Enterprise Server 12 SP3:kernel-syms-4.4.155-94.50.1.ppc64le", "SUSE Linux Enterprise Server 12 SP3:kernel-syms-4.4.155-94.50.1.s390x", "SUSE Linux Enterprise Server 12 SP3:kernel-syms-4.4.155-94.50.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-4.4.155-94.50.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-4.4.155-94.50.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-4.4.155-94.50.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-4.4.155-94.50.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-base-4.4.155-94.50.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-base-4.4.155-94.50.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-base-4.4.155-94.50.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-base-4.4.155-94.50.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-devel-4.4.155-94.50.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-devel-4.4.155-94.50.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-devel-4.4.155-94.50.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-devel-4.4.155-94.50.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-man-4.4.155-94.50.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-devel-4.4.155-94.50.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-macros-4.4.155-94.50.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-source-4.4.155-94.50.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-syms-4.4.155-94.50.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-syms-4.4.155-94.50.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-syms-4.4.155-94.50.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-syms-4.4.155-94.50.1.x86_64", "SUSE Linux Enterprise Software Development Kit 12 SP3:kernel-docs-4.4.155-94.50.1.noarch", "SUSE Linux Enterprise Software Development Kit 12 SP3:kernel-obs-build-4.4.155-94.50.1.aarch64", "SUSE Linux Enterprise Software Development Kit 12 SP3:kernel-obs-build-4.4.155-94.50.1.ppc64le", "SUSE Linux Enterprise Software Development Kit 12 SP3:kernel-obs-build-4.4.155-94.50.1.s390x", "SUSE Linux Enterprise Software Development Kit 12 SP3:kernel-obs-build-4.4.155-94.50.1.x86_64", "SUSE Linux Enterprise Workstation Extension 12 SP3:kernel-default-extra-4.4.155-94.50.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 6.1, baseSeverity: "MEDIUM", vectorString: "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:H", version: "3.0", }, products: [ "SUSE Linux Enterprise Desktop 12 SP3:kernel-default-4.4.155-94.50.1.x86_64", "SUSE Linux Enterprise Desktop 12 SP3:kernel-default-devel-4.4.155-94.50.1.x86_64", "SUSE Linux Enterprise Desktop 12 SP3:kernel-default-extra-4.4.155-94.50.1.x86_64", "SUSE Linux Enterprise Desktop 12 SP3:kernel-devel-4.4.155-94.50.1.noarch", "SUSE Linux Enterprise Desktop 12 SP3:kernel-macros-4.4.155-94.50.1.noarch", "SUSE Linux Enterprise Desktop 12 SP3:kernel-source-4.4.155-94.50.1.noarch", "SUSE Linux Enterprise Desktop 12 SP3:kernel-syms-4.4.155-94.50.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP3:cluster-md-kmp-default-4.4.155-94.50.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP3:cluster-md-kmp-default-4.4.155-94.50.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP3:cluster-md-kmp-default-4.4.155-94.50.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP3:dlm-kmp-default-4.4.155-94.50.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP3:dlm-kmp-default-4.4.155-94.50.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP3:dlm-kmp-default-4.4.155-94.50.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP3:gfs2-kmp-default-4.4.155-94.50.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP3:gfs2-kmp-default-4.4.155-94.50.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP3:gfs2-kmp-default-4.4.155-94.50.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP3:ocfs2-kmp-default-4.4.155-94.50.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP3:ocfs2-kmp-default-4.4.155-94.50.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP3:ocfs2-kmp-default-4.4.155-94.50.1.x86_64", "SUSE Linux Enterprise Server 12 SP3:kernel-default-4.4.155-94.50.1.aarch64", "SUSE Linux Enterprise Server 12 SP3:kernel-default-4.4.155-94.50.1.ppc64le", "SUSE Linux Enterprise Server 12 SP3:kernel-default-4.4.155-94.50.1.s390x", "SUSE Linux Enterprise Server 12 SP3:kernel-default-4.4.155-94.50.1.x86_64", "SUSE Linux Enterprise Server 12 SP3:kernel-default-base-4.4.155-94.50.1.aarch64", "SUSE Linux Enterprise Server 12 SP3:kernel-default-base-4.4.155-94.50.1.ppc64le", "SUSE Linux Enterprise Server 12 SP3:kernel-default-base-4.4.155-94.50.1.s390x", "SUSE Linux Enterprise Server 12 SP3:kernel-default-base-4.4.155-94.50.1.x86_64", "SUSE Linux Enterprise Server 12 SP3:kernel-default-devel-4.4.155-94.50.1.aarch64", "SUSE Linux Enterprise Server 12 SP3:kernel-default-devel-4.4.155-94.50.1.ppc64le", "SUSE Linux Enterprise Server 12 SP3:kernel-default-devel-4.4.155-94.50.1.s390x", "SUSE Linux Enterprise Server 12 SP3:kernel-default-devel-4.4.155-94.50.1.x86_64", "SUSE Linux Enterprise Server 12 SP3:kernel-default-man-4.4.155-94.50.1.s390x", "SUSE Linux Enterprise Server 12 SP3:kernel-devel-4.4.155-94.50.1.noarch", "SUSE Linux Enterprise Server 12 SP3:kernel-macros-4.4.155-94.50.1.noarch", "SUSE Linux Enterprise Server 12 SP3:kernel-source-4.4.155-94.50.1.noarch", "SUSE Linux Enterprise Server 12 SP3:kernel-syms-4.4.155-94.50.1.aarch64", "SUSE Linux Enterprise Server 12 SP3:kernel-syms-4.4.155-94.50.1.ppc64le", "SUSE Linux Enterprise Server 12 SP3:kernel-syms-4.4.155-94.50.1.s390x", "SUSE Linux Enterprise Server 12 SP3:kernel-syms-4.4.155-94.50.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-4.4.155-94.50.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-4.4.155-94.50.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-4.4.155-94.50.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-4.4.155-94.50.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-base-4.4.155-94.50.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-base-4.4.155-94.50.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-base-4.4.155-94.50.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-base-4.4.155-94.50.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-devel-4.4.155-94.50.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-devel-4.4.155-94.50.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-devel-4.4.155-94.50.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-devel-4.4.155-94.50.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-man-4.4.155-94.50.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-devel-4.4.155-94.50.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-macros-4.4.155-94.50.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-source-4.4.155-94.50.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-syms-4.4.155-94.50.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-syms-4.4.155-94.50.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-syms-4.4.155-94.50.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-syms-4.4.155-94.50.1.x86_64", "SUSE Linux Enterprise Software Development Kit 12 SP3:kernel-docs-4.4.155-94.50.1.noarch", "SUSE Linux Enterprise Software Development Kit 12 SP3:kernel-obs-build-4.4.155-94.50.1.aarch64", "SUSE Linux Enterprise Software Development Kit 12 SP3:kernel-obs-build-4.4.155-94.50.1.ppc64le", "SUSE Linux Enterprise Software Development Kit 12 SP3:kernel-obs-build-4.4.155-94.50.1.s390x", "SUSE Linux Enterprise Software Development Kit 12 SP3:kernel-obs-build-4.4.155-94.50.1.x86_64", "SUSE Linux Enterprise Workstation Extension 12 SP3:kernel-default-extra-4.4.155-94.50.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2018-09-20T16:27:28Z", details: "moderate", }, ], title: "CVE-2018-13095", }, { cve: "CVE-2018-15572", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2018-15572", }, ], notes: [ { category: "general", text: "The spectre_v2_select_mitigation function in arch/x86/kernel/cpu/bugs.c in the Linux kernel before 4.18.1 does not always fill RSB upon a context switch, which makes it easier for attackers to conduct userspace-userspace spectreRSB attacks.", title: "CVE description", }, ], product_status: { recommended: [ "SUSE Linux Enterprise Desktop 12 SP3:kernel-default-4.4.155-94.50.1.x86_64", "SUSE Linux Enterprise Desktop 12 SP3:kernel-default-devel-4.4.155-94.50.1.x86_64", "SUSE Linux Enterprise Desktop 12 SP3:kernel-default-extra-4.4.155-94.50.1.x86_64", "SUSE Linux Enterprise Desktop 12 SP3:kernel-devel-4.4.155-94.50.1.noarch", "SUSE Linux Enterprise Desktop 12 SP3:kernel-macros-4.4.155-94.50.1.noarch", "SUSE Linux Enterprise Desktop 12 SP3:kernel-source-4.4.155-94.50.1.noarch", "SUSE Linux Enterprise Desktop 12 SP3:kernel-syms-4.4.155-94.50.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP3:cluster-md-kmp-default-4.4.155-94.50.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP3:cluster-md-kmp-default-4.4.155-94.50.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP3:cluster-md-kmp-default-4.4.155-94.50.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP3:dlm-kmp-default-4.4.155-94.50.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP3:dlm-kmp-default-4.4.155-94.50.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP3:dlm-kmp-default-4.4.155-94.50.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP3:gfs2-kmp-default-4.4.155-94.50.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP3:gfs2-kmp-default-4.4.155-94.50.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP3:gfs2-kmp-default-4.4.155-94.50.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP3:ocfs2-kmp-default-4.4.155-94.50.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP3:ocfs2-kmp-default-4.4.155-94.50.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP3:ocfs2-kmp-default-4.4.155-94.50.1.x86_64", "SUSE Linux Enterprise Server 12 SP3:kernel-default-4.4.155-94.50.1.aarch64", "SUSE Linux Enterprise Server 12 SP3:kernel-default-4.4.155-94.50.1.ppc64le", "SUSE Linux Enterprise Server 12 SP3:kernel-default-4.4.155-94.50.1.s390x", "SUSE Linux Enterprise Server 12 SP3:kernel-default-4.4.155-94.50.1.x86_64", "SUSE Linux Enterprise Server 12 SP3:kernel-default-base-4.4.155-94.50.1.aarch64", "SUSE Linux Enterprise Server 12 SP3:kernel-default-base-4.4.155-94.50.1.ppc64le", "SUSE Linux Enterprise Server 12 SP3:kernel-default-base-4.4.155-94.50.1.s390x", "SUSE Linux Enterprise Server 12 SP3:kernel-default-base-4.4.155-94.50.1.x86_64", "SUSE Linux Enterprise Server 12 SP3:kernel-default-devel-4.4.155-94.50.1.aarch64", "SUSE Linux Enterprise Server 12 SP3:kernel-default-devel-4.4.155-94.50.1.ppc64le", "SUSE Linux Enterprise Server 12 SP3:kernel-default-devel-4.4.155-94.50.1.s390x", "SUSE Linux Enterprise Server 12 SP3:kernel-default-devel-4.4.155-94.50.1.x86_64", "SUSE Linux Enterprise Server 12 SP3:kernel-default-man-4.4.155-94.50.1.s390x", "SUSE Linux Enterprise Server 12 SP3:kernel-devel-4.4.155-94.50.1.noarch", "SUSE Linux Enterprise Server 12 SP3:kernel-macros-4.4.155-94.50.1.noarch", "SUSE Linux Enterprise Server 12 SP3:kernel-source-4.4.155-94.50.1.noarch", "SUSE Linux Enterprise Server 12 SP3:kernel-syms-4.4.155-94.50.1.aarch64", "SUSE Linux Enterprise Server 12 SP3:kernel-syms-4.4.155-94.50.1.ppc64le", "SUSE Linux Enterprise Server 12 SP3:kernel-syms-4.4.155-94.50.1.s390x", "SUSE Linux Enterprise Server 12 SP3:kernel-syms-4.4.155-94.50.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-4.4.155-94.50.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-4.4.155-94.50.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-4.4.155-94.50.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-4.4.155-94.50.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-base-4.4.155-94.50.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-base-4.4.155-94.50.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-base-4.4.155-94.50.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-base-4.4.155-94.50.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-devel-4.4.155-94.50.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-devel-4.4.155-94.50.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-devel-4.4.155-94.50.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-devel-4.4.155-94.50.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-man-4.4.155-94.50.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-devel-4.4.155-94.50.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-macros-4.4.155-94.50.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-source-4.4.155-94.50.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-syms-4.4.155-94.50.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-syms-4.4.155-94.50.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-syms-4.4.155-94.50.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-syms-4.4.155-94.50.1.x86_64", "SUSE Linux Enterprise Software Development Kit 12 SP3:kernel-docs-4.4.155-94.50.1.noarch", "SUSE Linux Enterprise Software Development Kit 12 SP3:kernel-obs-build-4.4.155-94.50.1.aarch64", "SUSE Linux Enterprise Software Development Kit 12 SP3:kernel-obs-build-4.4.155-94.50.1.ppc64le", "SUSE Linux Enterprise Software Development Kit 12 SP3:kernel-obs-build-4.4.155-94.50.1.s390x", "SUSE Linux Enterprise Software Development Kit 12 SP3:kernel-obs-build-4.4.155-94.50.1.x86_64", "SUSE Linux Enterprise Workstation Extension 12 SP3:kernel-default-extra-4.4.155-94.50.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2018-15572", url: "https://www.suse.com/security/cve/CVE-2018-15572", }, { category: "external", summary: "SUSE Bug 1102517 for CVE-2018-15572", url: "https://bugzilla.suse.com/1102517", }, { category: "external", summary: "SUSE Bug 1105296 for CVE-2018-15572", url: "https://bugzilla.suse.com/1105296", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE Linux Enterprise Desktop 12 SP3:kernel-default-4.4.155-94.50.1.x86_64", "SUSE Linux Enterprise Desktop 12 SP3:kernel-default-devel-4.4.155-94.50.1.x86_64", "SUSE Linux Enterprise Desktop 12 SP3:kernel-default-extra-4.4.155-94.50.1.x86_64", "SUSE Linux Enterprise Desktop 12 SP3:kernel-devel-4.4.155-94.50.1.noarch", "SUSE Linux Enterprise Desktop 12 SP3:kernel-macros-4.4.155-94.50.1.noarch", "SUSE Linux Enterprise Desktop 12 SP3:kernel-source-4.4.155-94.50.1.noarch", "SUSE Linux Enterprise Desktop 12 SP3:kernel-syms-4.4.155-94.50.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP3:cluster-md-kmp-default-4.4.155-94.50.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP3:cluster-md-kmp-default-4.4.155-94.50.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP3:cluster-md-kmp-default-4.4.155-94.50.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP3:dlm-kmp-default-4.4.155-94.50.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP3:dlm-kmp-default-4.4.155-94.50.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP3:dlm-kmp-default-4.4.155-94.50.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP3:gfs2-kmp-default-4.4.155-94.50.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP3:gfs2-kmp-default-4.4.155-94.50.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP3:gfs2-kmp-default-4.4.155-94.50.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP3:ocfs2-kmp-default-4.4.155-94.50.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP3:ocfs2-kmp-default-4.4.155-94.50.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP3:ocfs2-kmp-default-4.4.155-94.50.1.x86_64", "SUSE Linux Enterprise Server 12 SP3:kernel-default-4.4.155-94.50.1.aarch64", "SUSE Linux Enterprise Server 12 SP3:kernel-default-4.4.155-94.50.1.ppc64le", "SUSE Linux Enterprise Server 12 SP3:kernel-default-4.4.155-94.50.1.s390x", "SUSE Linux Enterprise Server 12 SP3:kernel-default-4.4.155-94.50.1.x86_64", "SUSE Linux Enterprise Server 12 SP3:kernel-default-base-4.4.155-94.50.1.aarch64", "SUSE Linux Enterprise Server 12 SP3:kernel-default-base-4.4.155-94.50.1.ppc64le", "SUSE Linux Enterprise Server 12 SP3:kernel-default-base-4.4.155-94.50.1.s390x", "SUSE Linux Enterprise Server 12 SP3:kernel-default-base-4.4.155-94.50.1.x86_64", "SUSE Linux Enterprise Server 12 SP3:kernel-default-devel-4.4.155-94.50.1.aarch64", "SUSE Linux Enterprise Server 12 SP3:kernel-default-devel-4.4.155-94.50.1.ppc64le", "SUSE Linux Enterprise Server 12 SP3:kernel-default-devel-4.4.155-94.50.1.s390x", "SUSE Linux Enterprise Server 12 SP3:kernel-default-devel-4.4.155-94.50.1.x86_64", "SUSE Linux Enterprise Server 12 SP3:kernel-default-man-4.4.155-94.50.1.s390x", "SUSE Linux Enterprise Server 12 SP3:kernel-devel-4.4.155-94.50.1.noarch", "SUSE Linux Enterprise Server 12 SP3:kernel-macros-4.4.155-94.50.1.noarch", "SUSE Linux Enterprise Server 12 SP3:kernel-source-4.4.155-94.50.1.noarch", "SUSE Linux Enterprise Server 12 SP3:kernel-syms-4.4.155-94.50.1.aarch64", "SUSE Linux Enterprise Server 12 SP3:kernel-syms-4.4.155-94.50.1.ppc64le", "SUSE Linux Enterprise Server 12 SP3:kernel-syms-4.4.155-94.50.1.s390x", "SUSE Linux Enterprise Server 12 SP3:kernel-syms-4.4.155-94.50.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-4.4.155-94.50.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-4.4.155-94.50.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-4.4.155-94.50.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-4.4.155-94.50.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-base-4.4.155-94.50.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-base-4.4.155-94.50.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-base-4.4.155-94.50.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-base-4.4.155-94.50.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-devel-4.4.155-94.50.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-devel-4.4.155-94.50.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-devel-4.4.155-94.50.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-devel-4.4.155-94.50.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-man-4.4.155-94.50.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-devel-4.4.155-94.50.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-macros-4.4.155-94.50.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-source-4.4.155-94.50.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-syms-4.4.155-94.50.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-syms-4.4.155-94.50.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-syms-4.4.155-94.50.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-syms-4.4.155-94.50.1.x86_64", "SUSE Linux Enterprise Software Development Kit 12 SP3:kernel-docs-4.4.155-94.50.1.noarch", "SUSE Linux Enterprise Software Development Kit 12 SP3:kernel-obs-build-4.4.155-94.50.1.aarch64", "SUSE Linux Enterprise Software Development Kit 12 SP3:kernel-obs-build-4.4.155-94.50.1.ppc64le", "SUSE Linux Enterprise Software Development Kit 12 SP3:kernel-obs-build-4.4.155-94.50.1.s390x", "SUSE Linux Enterprise Software Development Kit 12 SP3:kernel-obs-build-4.4.155-94.50.1.x86_64", "SUSE Linux Enterprise Workstation Extension 12 SP3:kernel-default-extra-4.4.155-94.50.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 4.7, baseSeverity: "MEDIUM", vectorString: "CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N", version: "3.0", }, products: [ "SUSE Linux Enterprise Desktop 12 SP3:kernel-default-4.4.155-94.50.1.x86_64", "SUSE Linux Enterprise Desktop 12 SP3:kernel-default-devel-4.4.155-94.50.1.x86_64", "SUSE Linux Enterprise Desktop 12 SP3:kernel-default-extra-4.4.155-94.50.1.x86_64", "SUSE Linux Enterprise Desktop 12 SP3:kernel-devel-4.4.155-94.50.1.noarch", "SUSE Linux Enterprise Desktop 12 SP3:kernel-macros-4.4.155-94.50.1.noarch", "SUSE Linux Enterprise Desktop 12 SP3:kernel-source-4.4.155-94.50.1.noarch", "SUSE Linux Enterprise Desktop 12 SP3:kernel-syms-4.4.155-94.50.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP3:cluster-md-kmp-default-4.4.155-94.50.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP3:cluster-md-kmp-default-4.4.155-94.50.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP3:cluster-md-kmp-default-4.4.155-94.50.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP3:dlm-kmp-default-4.4.155-94.50.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP3:dlm-kmp-default-4.4.155-94.50.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP3:dlm-kmp-default-4.4.155-94.50.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP3:gfs2-kmp-default-4.4.155-94.50.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP3:gfs2-kmp-default-4.4.155-94.50.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP3:gfs2-kmp-default-4.4.155-94.50.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP3:ocfs2-kmp-default-4.4.155-94.50.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP3:ocfs2-kmp-default-4.4.155-94.50.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP3:ocfs2-kmp-default-4.4.155-94.50.1.x86_64", "SUSE Linux Enterprise Server 12 SP3:kernel-default-4.4.155-94.50.1.aarch64", "SUSE Linux Enterprise Server 12 SP3:kernel-default-4.4.155-94.50.1.ppc64le", "SUSE Linux Enterprise Server 12 SP3:kernel-default-4.4.155-94.50.1.s390x", "SUSE Linux Enterprise Server 12 SP3:kernel-default-4.4.155-94.50.1.x86_64", "SUSE Linux Enterprise Server 12 SP3:kernel-default-base-4.4.155-94.50.1.aarch64", "SUSE Linux Enterprise Server 12 SP3:kernel-default-base-4.4.155-94.50.1.ppc64le", "SUSE Linux Enterprise Server 12 SP3:kernel-default-base-4.4.155-94.50.1.s390x", "SUSE Linux Enterprise Server 12 SP3:kernel-default-base-4.4.155-94.50.1.x86_64", "SUSE Linux Enterprise Server 12 SP3:kernel-default-devel-4.4.155-94.50.1.aarch64", "SUSE Linux Enterprise Server 12 SP3:kernel-default-devel-4.4.155-94.50.1.ppc64le", "SUSE Linux Enterprise Server 12 SP3:kernel-default-devel-4.4.155-94.50.1.s390x", "SUSE Linux Enterprise Server 12 SP3:kernel-default-devel-4.4.155-94.50.1.x86_64", "SUSE Linux Enterprise Server 12 SP3:kernel-default-man-4.4.155-94.50.1.s390x", "SUSE Linux Enterprise Server 12 SP3:kernel-devel-4.4.155-94.50.1.noarch", "SUSE Linux Enterprise Server 12 SP3:kernel-macros-4.4.155-94.50.1.noarch", "SUSE Linux Enterprise Server 12 SP3:kernel-source-4.4.155-94.50.1.noarch", "SUSE Linux Enterprise Server 12 SP3:kernel-syms-4.4.155-94.50.1.aarch64", "SUSE Linux Enterprise Server 12 SP3:kernel-syms-4.4.155-94.50.1.ppc64le", "SUSE Linux Enterprise Server 12 SP3:kernel-syms-4.4.155-94.50.1.s390x", "SUSE Linux Enterprise Server 12 SP3:kernel-syms-4.4.155-94.50.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-4.4.155-94.50.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-4.4.155-94.50.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-4.4.155-94.50.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-4.4.155-94.50.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-base-4.4.155-94.50.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-base-4.4.155-94.50.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-base-4.4.155-94.50.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-base-4.4.155-94.50.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-devel-4.4.155-94.50.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-devel-4.4.155-94.50.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-devel-4.4.155-94.50.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-devel-4.4.155-94.50.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-man-4.4.155-94.50.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-devel-4.4.155-94.50.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-macros-4.4.155-94.50.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-source-4.4.155-94.50.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-syms-4.4.155-94.50.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-syms-4.4.155-94.50.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-syms-4.4.155-94.50.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-syms-4.4.155-94.50.1.x86_64", "SUSE Linux Enterprise Software Development Kit 12 SP3:kernel-docs-4.4.155-94.50.1.noarch", "SUSE Linux Enterprise Software Development Kit 12 SP3:kernel-obs-build-4.4.155-94.50.1.aarch64", "SUSE Linux Enterprise Software Development Kit 12 SP3:kernel-obs-build-4.4.155-94.50.1.ppc64le", "SUSE Linux Enterprise Software Development Kit 12 SP3:kernel-obs-build-4.4.155-94.50.1.s390x", "SUSE Linux Enterprise Software Development Kit 12 SP3:kernel-obs-build-4.4.155-94.50.1.x86_64", "SUSE Linux Enterprise Workstation Extension 12 SP3:kernel-default-extra-4.4.155-94.50.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2018-09-20T16:27:28Z", details: "important", }, ], title: "CVE-2018-15572", }, { cve: "CVE-2018-16658", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2018-16658", }, ], notes: [ { category: "general", text: "An issue was discovered in the Linux kernel before 4.18.6. An information leak in cdrom_ioctl_drive_status in drivers/cdrom/cdrom.c could be used by local attackers to read kernel memory because a cast from unsigned long to int interferes with bounds checking. This is similar to CVE-2018-10940.", title: "CVE description", }, ], product_status: { recommended: [ "SUSE Linux Enterprise Desktop 12 SP3:kernel-default-4.4.155-94.50.1.x86_64", "SUSE Linux Enterprise Desktop 12 SP3:kernel-default-devel-4.4.155-94.50.1.x86_64", "SUSE Linux Enterprise Desktop 12 SP3:kernel-default-extra-4.4.155-94.50.1.x86_64", "SUSE Linux Enterprise Desktop 12 SP3:kernel-devel-4.4.155-94.50.1.noarch", "SUSE Linux Enterprise Desktop 12 SP3:kernel-macros-4.4.155-94.50.1.noarch", "SUSE Linux Enterprise Desktop 12 SP3:kernel-source-4.4.155-94.50.1.noarch", "SUSE Linux Enterprise Desktop 12 SP3:kernel-syms-4.4.155-94.50.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP3:cluster-md-kmp-default-4.4.155-94.50.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP3:cluster-md-kmp-default-4.4.155-94.50.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP3:cluster-md-kmp-default-4.4.155-94.50.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP3:dlm-kmp-default-4.4.155-94.50.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP3:dlm-kmp-default-4.4.155-94.50.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP3:dlm-kmp-default-4.4.155-94.50.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP3:gfs2-kmp-default-4.4.155-94.50.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP3:gfs2-kmp-default-4.4.155-94.50.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP3:gfs2-kmp-default-4.4.155-94.50.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP3:ocfs2-kmp-default-4.4.155-94.50.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP3:ocfs2-kmp-default-4.4.155-94.50.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP3:ocfs2-kmp-default-4.4.155-94.50.1.x86_64", "SUSE Linux Enterprise Server 12 SP3:kernel-default-4.4.155-94.50.1.aarch64", "SUSE Linux Enterprise Server 12 SP3:kernel-default-4.4.155-94.50.1.ppc64le", "SUSE Linux Enterprise Server 12 SP3:kernel-default-4.4.155-94.50.1.s390x", "SUSE Linux Enterprise Server 12 SP3:kernel-default-4.4.155-94.50.1.x86_64", "SUSE Linux Enterprise Server 12 SP3:kernel-default-base-4.4.155-94.50.1.aarch64", "SUSE Linux Enterprise Server 12 SP3:kernel-default-base-4.4.155-94.50.1.ppc64le", "SUSE Linux Enterprise Server 12 SP3:kernel-default-base-4.4.155-94.50.1.s390x", "SUSE Linux Enterprise Server 12 SP3:kernel-default-base-4.4.155-94.50.1.x86_64", "SUSE Linux Enterprise Server 12 SP3:kernel-default-devel-4.4.155-94.50.1.aarch64", "SUSE Linux Enterprise Server 12 SP3:kernel-default-devel-4.4.155-94.50.1.ppc64le", "SUSE Linux Enterprise Server 12 SP3:kernel-default-devel-4.4.155-94.50.1.s390x", "SUSE Linux Enterprise Server 12 SP3:kernel-default-devel-4.4.155-94.50.1.x86_64", "SUSE Linux Enterprise Server 12 SP3:kernel-default-man-4.4.155-94.50.1.s390x", "SUSE Linux Enterprise Server 12 SP3:kernel-devel-4.4.155-94.50.1.noarch", "SUSE Linux Enterprise Server 12 SP3:kernel-macros-4.4.155-94.50.1.noarch", "SUSE Linux Enterprise Server 12 SP3:kernel-source-4.4.155-94.50.1.noarch", "SUSE Linux Enterprise Server 12 SP3:kernel-syms-4.4.155-94.50.1.aarch64", "SUSE Linux Enterprise Server 12 SP3:kernel-syms-4.4.155-94.50.1.ppc64le", "SUSE Linux Enterprise Server 12 SP3:kernel-syms-4.4.155-94.50.1.s390x", "SUSE Linux Enterprise Server 12 SP3:kernel-syms-4.4.155-94.50.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-4.4.155-94.50.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-4.4.155-94.50.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-4.4.155-94.50.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-4.4.155-94.50.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-base-4.4.155-94.50.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-base-4.4.155-94.50.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-base-4.4.155-94.50.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-base-4.4.155-94.50.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-devel-4.4.155-94.50.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-devel-4.4.155-94.50.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-devel-4.4.155-94.50.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-devel-4.4.155-94.50.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-man-4.4.155-94.50.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-devel-4.4.155-94.50.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-macros-4.4.155-94.50.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-source-4.4.155-94.50.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-syms-4.4.155-94.50.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-syms-4.4.155-94.50.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-syms-4.4.155-94.50.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-syms-4.4.155-94.50.1.x86_64", "SUSE Linux Enterprise Software Development Kit 12 SP3:kernel-docs-4.4.155-94.50.1.noarch", "SUSE Linux Enterprise Software Development Kit 12 SP3:kernel-obs-build-4.4.155-94.50.1.aarch64", "SUSE Linux Enterprise Software Development Kit 12 SP3:kernel-obs-build-4.4.155-94.50.1.ppc64le", "SUSE Linux Enterprise Software Development Kit 12 SP3:kernel-obs-build-4.4.155-94.50.1.s390x", "SUSE Linux Enterprise Software Development Kit 12 SP3:kernel-obs-build-4.4.155-94.50.1.x86_64", "SUSE Linux Enterprise Workstation Extension 12 SP3:kernel-default-extra-4.4.155-94.50.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2018-16658", url: "https://www.suse.com/security/cve/CVE-2018-16658", }, { category: "external", summary: "SUSE Bug 1092903 for CVE-2018-16658", url: "https://bugzilla.suse.com/1092903", }, { category: "external", summary: "SUSE Bug 1107689 for CVE-2018-16658", url: "https://bugzilla.suse.com/1107689", }, { category: "external", summary: "SUSE Bug 1113751 for CVE-2018-16658", url: "https://bugzilla.suse.com/1113751", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE Linux Enterprise Desktop 12 SP3:kernel-default-4.4.155-94.50.1.x86_64", "SUSE Linux Enterprise Desktop 12 SP3:kernel-default-devel-4.4.155-94.50.1.x86_64", "SUSE Linux Enterprise Desktop 12 SP3:kernel-default-extra-4.4.155-94.50.1.x86_64", "SUSE Linux Enterprise Desktop 12 SP3:kernel-devel-4.4.155-94.50.1.noarch", "SUSE Linux Enterprise Desktop 12 SP3:kernel-macros-4.4.155-94.50.1.noarch", "SUSE Linux Enterprise Desktop 12 SP3:kernel-source-4.4.155-94.50.1.noarch", "SUSE Linux Enterprise Desktop 12 SP3:kernel-syms-4.4.155-94.50.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP3:cluster-md-kmp-default-4.4.155-94.50.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP3:cluster-md-kmp-default-4.4.155-94.50.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP3:cluster-md-kmp-default-4.4.155-94.50.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP3:dlm-kmp-default-4.4.155-94.50.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP3:dlm-kmp-default-4.4.155-94.50.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP3:dlm-kmp-default-4.4.155-94.50.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP3:gfs2-kmp-default-4.4.155-94.50.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP3:gfs2-kmp-default-4.4.155-94.50.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP3:gfs2-kmp-default-4.4.155-94.50.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP3:ocfs2-kmp-default-4.4.155-94.50.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP3:ocfs2-kmp-default-4.4.155-94.50.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP3:ocfs2-kmp-default-4.4.155-94.50.1.x86_64", "SUSE Linux Enterprise Server 12 SP3:kernel-default-4.4.155-94.50.1.aarch64", "SUSE Linux Enterprise Server 12 SP3:kernel-default-4.4.155-94.50.1.ppc64le", "SUSE Linux Enterprise Server 12 SP3:kernel-default-4.4.155-94.50.1.s390x", "SUSE Linux Enterprise Server 12 SP3:kernel-default-4.4.155-94.50.1.x86_64", "SUSE Linux Enterprise Server 12 SP3:kernel-default-base-4.4.155-94.50.1.aarch64", "SUSE Linux Enterprise Server 12 SP3:kernel-default-base-4.4.155-94.50.1.ppc64le", "SUSE Linux Enterprise Server 12 SP3:kernel-default-base-4.4.155-94.50.1.s390x", "SUSE Linux Enterprise Server 12 SP3:kernel-default-base-4.4.155-94.50.1.x86_64", "SUSE Linux Enterprise Server 12 SP3:kernel-default-devel-4.4.155-94.50.1.aarch64", "SUSE Linux Enterprise Server 12 SP3:kernel-default-devel-4.4.155-94.50.1.ppc64le", "SUSE Linux Enterprise Server 12 SP3:kernel-default-devel-4.4.155-94.50.1.s390x", "SUSE Linux Enterprise Server 12 SP3:kernel-default-devel-4.4.155-94.50.1.x86_64", "SUSE Linux Enterprise Server 12 SP3:kernel-default-man-4.4.155-94.50.1.s390x", "SUSE Linux Enterprise Server 12 SP3:kernel-devel-4.4.155-94.50.1.noarch", "SUSE Linux Enterprise Server 12 SP3:kernel-macros-4.4.155-94.50.1.noarch", "SUSE Linux Enterprise Server 12 SP3:kernel-source-4.4.155-94.50.1.noarch", "SUSE Linux Enterprise Server 12 SP3:kernel-syms-4.4.155-94.50.1.aarch64", "SUSE Linux Enterprise Server 12 SP3:kernel-syms-4.4.155-94.50.1.ppc64le", "SUSE Linux Enterprise Server 12 SP3:kernel-syms-4.4.155-94.50.1.s390x", "SUSE Linux Enterprise Server 12 SP3:kernel-syms-4.4.155-94.50.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-4.4.155-94.50.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-4.4.155-94.50.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-4.4.155-94.50.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-4.4.155-94.50.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-base-4.4.155-94.50.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-base-4.4.155-94.50.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-base-4.4.155-94.50.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-base-4.4.155-94.50.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-devel-4.4.155-94.50.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-devel-4.4.155-94.50.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-devel-4.4.155-94.50.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-devel-4.4.155-94.50.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-man-4.4.155-94.50.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-devel-4.4.155-94.50.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-macros-4.4.155-94.50.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-source-4.4.155-94.50.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-syms-4.4.155-94.50.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-syms-4.4.155-94.50.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-syms-4.4.155-94.50.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-syms-4.4.155-94.50.1.x86_64", "SUSE Linux Enterprise Software Development Kit 12 SP3:kernel-docs-4.4.155-94.50.1.noarch", "SUSE Linux Enterprise Software Development Kit 12 SP3:kernel-obs-build-4.4.155-94.50.1.aarch64", "SUSE Linux Enterprise Software Development Kit 12 SP3:kernel-obs-build-4.4.155-94.50.1.ppc64le", "SUSE Linux Enterprise Software Development Kit 12 SP3:kernel-obs-build-4.4.155-94.50.1.s390x", "SUSE Linux Enterprise Software Development Kit 12 SP3:kernel-obs-build-4.4.155-94.50.1.x86_64", "SUSE Linux Enterprise Workstation Extension 12 SP3:kernel-default-extra-4.4.155-94.50.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 4, baseSeverity: "MEDIUM", vectorString: "CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N", version: "3.0", }, products: [ "SUSE Linux Enterprise Desktop 12 SP3:kernel-default-4.4.155-94.50.1.x86_64", "SUSE Linux Enterprise Desktop 12 SP3:kernel-default-devel-4.4.155-94.50.1.x86_64", "SUSE Linux Enterprise Desktop 12 SP3:kernel-default-extra-4.4.155-94.50.1.x86_64", "SUSE Linux Enterprise Desktop 12 SP3:kernel-devel-4.4.155-94.50.1.noarch", "SUSE Linux Enterprise Desktop 12 SP3:kernel-macros-4.4.155-94.50.1.noarch", "SUSE Linux Enterprise Desktop 12 SP3:kernel-source-4.4.155-94.50.1.noarch", "SUSE Linux Enterprise Desktop 12 SP3:kernel-syms-4.4.155-94.50.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP3:cluster-md-kmp-default-4.4.155-94.50.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP3:cluster-md-kmp-default-4.4.155-94.50.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP3:cluster-md-kmp-default-4.4.155-94.50.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP3:dlm-kmp-default-4.4.155-94.50.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP3:dlm-kmp-default-4.4.155-94.50.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP3:dlm-kmp-default-4.4.155-94.50.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP3:gfs2-kmp-default-4.4.155-94.50.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP3:gfs2-kmp-default-4.4.155-94.50.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP3:gfs2-kmp-default-4.4.155-94.50.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP3:ocfs2-kmp-default-4.4.155-94.50.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP3:ocfs2-kmp-default-4.4.155-94.50.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP3:ocfs2-kmp-default-4.4.155-94.50.1.x86_64", "SUSE Linux Enterprise Server 12 SP3:kernel-default-4.4.155-94.50.1.aarch64", "SUSE Linux Enterprise Server 12 SP3:kernel-default-4.4.155-94.50.1.ppc64le", "SUSE Linux Enterprise Server 12 SP3:kernel-default-4.4.155-94.50.1.s390x", "SUSE Linux Enterprise Server 12 SP3:kernel-default-4.4.155-94.50.1.x86_64", "SUSE Linux Enterprise Server 12 SP3:kernel-default-base-4.4.155-94.50.1.aarch64", "SUSE Linux Enterprise Server 12 SP3:kernel-default-base-4.4.155-94.50.1.ppc64le", "SUSE Linux Enterprise Server 12 SP3:kernel-default-base-4.4.155-94.50.1.s390x", "SUSE Linux Enterprise Server 12 SP3:kernel-default-base-4.4.155-94.50.1.x86_64", "SUSE Linux Enterprise Server 12 SP3:kernel-default-devel-4.4.155-94.50.1.aarch64", "SUSE Linux Enterprise Server 12 SP3:kernel-default-devel-4.4.155-94.50.1.ppc64le", "SUSE Linux Enterprise Server 12 SP3:kernel-default-devel-4.4.155-94.50.1.s390x", "SUSE Linux Enterprise Server 12 SP3:kernel-default-devel-4.4.155-94.50.1.x86_64", "SUSE Linux Enterprise Server 12 SP3:kernel-default-man-4.4.155-94.50.1.s390x", "SUSE Linux Enterprise Server 12 SP3:kernel-devel-4.4.155-94.50.1.noarch", "SUSE Linux Enterprise Server 12 SP3:kernel-macros-4.4.155-94.50.1.noarch", "SUSE Linux Enterprise Server 12 SP3:kernel-source-4.4.155-94.50.1.noarch", "SUSE Linux Enterprise Server 12 SP3:kernel-syms-4.4.155-94.50.1.aarch64", "SUSE Linux Enterprise Server 12 SP3:kernel-syms-4.4.155-94.50.1.ppc64le", "SUSE Linux Enterprise Server 12 SP3:kernel-syms-4.4.155-94.50.1.s390x", "SUSE Linux Enterprise Server 12 SP3:kernel-syms-4.4.155-94.50.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-4.4.155-94.50.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-4.4.155-94.50.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-4.4.155-94.50.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-4.4.155-94.50.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-base-4.4.155-94.50.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-base-4.4.155-94.50.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-base-4.4.155-94.50.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-base-4.4.155-94.50.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-devel-4.4.155-94.50.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-devel-4.4.155-94.50.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-devel-4.4.155-94.50.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-devel-4.4.155-94.50.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-man-4.4.155-94.50.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-devel-4.4.155-94.50.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-macros-4.4.155-94.50.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-source-4.4.155-94.50.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-syms-4.4.155-94.50.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-syms-4.4.155-94.50.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-syms-4.4.155-94.50.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-syms-4.4.155-94.50.1.x86_64", "SUSE Linux Enterprise Software Development Kit 12 SP3:kernel-docs-4.4.155-94.50.1.noarch", "SUSE Linux Enterprise Software Development Kit 12 SP3:kernel-obs-build-4.4.155-94.50.1.aarch64", "SUSE Linux Enterprise Software Development Kit 12 SP3:kernel-obs-build-4.4.155-94.50.1.ppc64le", "SUSE Linux Enterprise Software Development Kit 12 SP3:kernel-obs-build-4.4.155-94.50.1.s390x", "SUSE Linux Enterprise Software Development Kit 12 SP3:kernel-obs-build-4.4.155-94.50.1.x86_64", "SUSE Linux Enterprise Workstation Extension 12 SP3:kernel-default-extra-4.4.155-94.50.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2018-09-20T16:27:28Z", details: "low", }, ], title: "CVE-2018-16658", }, { cve: "CVE-2018-6554", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2018-6554", }, ], notes: [ { category: "general", text: "Memory leak in the irda_bind function in net/irda/af_irda.c and later in drivers/staging/irda/net/af_irda.c in the Linux kernel before 4.17 allows local users to cause a denial of service (memory consumption) by repeatedly binding an AF_IRDA socket.", title: "CVE description", }, ], product_status: { recommended: [ "SUSE Linux Enterprise Desktop 12 SP3:kernel-default-4.4.155-94.50.1.x86_64", "SUSE Linux Enterprise Desktop 12 SP3:kernel-default-devel-4.4.155-94.50.1.x86_64", "SUSE Linux Enterprise Desktop 12 SP3:kernel-default-extra-4.4.155-94.50.1.x86_64", "SUSE Linux Enterprise Desktop 12 SP3:kernel-devel-4.4.155-94.50.1.noarch", "SUSE Linux Enterprise Desktop 12 SP3:kernel-macros-4.4.155-94.50.1.noarch", "SUSE Linux Enterprise Desktop 12 SP3:kernel-source-4.4.155-94.50.1.noarch", "SUSE Linux Enterprise Desktop 12 SP3:kernel-syms-4.4.155-94.50.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP3:cluster-md-kmp-default-4.4.155-94.50.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP3:cluster-md-kmp-default-4.4.155-94.50.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP3:cluster-md-kmp-default-4.4.155-94.50.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP3:dlm-kmp-default-4.4.155-94.50.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP3:dlm-kmp-default-4.4.155-94.50.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP3:dlm-kmp-default-4.4.155-94.50.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP3:gfs2-kmp-default-4.4.155-94.50.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP3:gfs2-kmp-default-4.4.155-94.50.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP3:gfs2-kmp-default-4.4.155-94.50.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP3:ocfs2-kmp-default-4.4.155-94.50.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP3:ocfs2-kmp-default-4.4.155-94.50.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP3:ocfs2-kmp-default-4.4.155-94.50.1.x86_64", "SUSE Linux Enterprise Server 12 SP3:kernel-default-4.4.155-94.50.1.aarch64", "SUSE Linux Enterprise Server 12 SP3:kernel-default-4.4.155-94.50.1.ppc64le", "SUSE Linux Enterprise Server 12 SP3:kernel-default-4.4.155-94.50.1.s390x", "SUSE Linux Enterprise Server 12 SP3:kernel-default-4.4.155-94.50.1.x86_64", "SUSE Linux Enterprise Server 12 SP3:kernel-default-base-4.4.155-94.50.1.aarch64", "SUSE Linux Enterprise Server 12 SP3:kernel-default-base-4.4.155-94.50.1.ppc64le", "SUSE Linux Enterprise Server 12 SP3:kernel-default-base-4.4.155-94.50.1.s390x", "SUSE Linux Enterprise Server 12 SP3:kernel-default-base-4.4.155-94.50.1.x86_64", "SUSE Linux Enterprise Server 12 SP3:kernel-default-devel-4.4.155-94.50.1.aarch64", "SUSE Linux Enterprise Server 12 SP3:kernel-default-devel-4.4.155-94.50.1.ppc64le", "SUSE Linux Enterprise Server 12 SP3:kernel-default-devel-4.4.155-94.50.1.s390x", "SUSE Linux Enterprise Server 12 SP3:kernel-default-devel-4.4.155-94.50.1.x86_64", "SUSE Linux Enterprise Server 12 SP3:kernel-default-man-4.4.155-94.50.1.s390x", "SUSE Linux Enterprise Server 12 SP3:kernel-devel-4.4.155-94.50.1.noarch", "SUSE Linux Enterprise Server 12 SP3:kernel-macros-4.4.155-94.50.1.noarch", "SUSE Linux Enterprise Server 12 SP3:kernel-source-4.4.155-94.50.1.noarch", "SUSE Linux Enterprise Server 12 SP3:kernel-syms-4.4.155-94.50.1.aarch64", "SUSE Linux Enterprise Server 12 SP3:kernel-syms-4.4.155-94.50.1.ppc64le", "SUSE Linux Enterprise Server 12 SP3:kernel-syms-4.4.155-94.50.1.s390x", "SUSE Linux Enterprise Server 12 SP3:kernel-syms-4.4.155-94.50.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-4.4.155-94.50.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-4.4.155-94.50.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-4.4.155-94.50.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-4.4.155-94.50.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-base-4.4.155-94.50.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-base-4.4.155-94.50.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-base-4.4.155-94.50.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-base-4.4.155-94.50.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-devel-4.4.155-94.50.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-devel-4.4.155-94.50.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-devel-4.4.155-94.50.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-devel-4.4.155-94.50.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-man-4.4.155-94.50.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-devel-4.4.155-94.50.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-macros-4.4.155-94.50.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-source-4.4.155-94.50.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-syms-4.4.155-94.50.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-syms-4.4.155-94.50.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-syms-4.4.155-94.50.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-syms-4.4.155-94.50.1.x86_64", "SUSE Linux Enterprise Software Development Kit 12 SP3:kernel-docs-4.4.155-94.50.1.noarch", "SUSE Linux Enterprise Software Development Kit 12 SP3:kernel-obs-build-4.4.155-94.50.1.aarch64", "SUSE Linux Enterprise Software Development Kit 12 SP3:kernel-obs-build-4.4.155-94.50.1.ppc64le", "SUSE Linux Enterprise Software Development Kit 12 SP3:kernel-obs-build-4.4.155-94.50.1.s390x", "SUSE Linux Enterprise Software Development Kit 12 SP3:kernel-obs-build-4.4.155-94.50.1.x86_64", "SUSE Linux Enterprise Workstation Extension 12 SP3:kernel-default-extra-4.4.155-94.50.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2018-6554", url: "https://www.suse.com/security/cve/CVE-2018-6554", }, { category: "external", summary: "SUSE Bug 1106509 for CVE-2018-6554", url: "https://bugzilla.suse.com/1106509", }, { category: "external", summary: "SUSE Bug 1106511 for CVE-2018-6554", url: "https://bugzilla.suse.com/1106511", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE Linux Enterprise Desktop 12 SP3:kernel-default-4.4.155-94.50.1.x86_64", "SUSE Linux Enterprise Desktop 12 SP3:kernel-default-devel-4.4.155-94.50.1.x86_64", "SUSE Linux Enterprise Desktop 12 SP3:kernel-default-extra-4.4.155-94.50.1.x86_64", "SUSE Linux Enterprise Desktop 12 SP3:kernel-devel-4.4.155-94.50.1.noarch", "SUSE Linux Enterprise Desktop 12 SP3:kernel-macros-4.4.155-94.50.1.noarch", "SUSE Linux Enterprise Desktop 12 SP3:kernel-source-4.4.155-94.50.1.noarch", "SUSE Linux Enterprise Desktop 12 SP3:kernel-syms-4.4.155-94.50.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP3:cluster-md-kmp-default-4.4.155-94.50.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP3:cluster-md-kmp-default-4.4.155-94.50.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP3:cluster-md-kmp-default-4.4.155-94.50.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP3:dlm-kmp-default-4.4.155-94.50.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP3:dlm-kmp-default-4.4.155-94.50.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP3:dlm-kmp-default-4.4.155-94.50.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP3:gfs2-kmp-default-4.4.155-94.50.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP3:gfs2-kmp-default-4.4.155-94.50.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP3:gfs2-kmp-default-4.4.155-94.50.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP3:ocfs2-kmp-default-4.4.155-94.50.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP3:ocfs2-kmp-default-4.4.155-94.50.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP3:ocfs2-kmp-default-4.4.155-94.50.1.x86_64", "SUSE Linux Enterprise Server 12 SP3:kernel-default-4.4.155-94.50.1.aarch64", "SUSE Linux Enterprise Server 12 SP3:kernel-default-4.4.155-94.50.1.ppc64le", "SUSE Linux Enterprise Server 12 SP3:kernel-default-4.4.155-94.50.1.s390x", "SUSE Linux Enterprise Server 12 SP3:kernel-default-4.4.155-94.50.1.x86_64", "SUSE Linux Enterprise Server 12 SP3:kernel-default-base-4.4.155-94.50.1.aarch64", "SUSE Linux Enterprise Server 12 SP3:kernel-default-base-4.4.155-94.50.1.ppc64le", "SUSE Linux Enterprise Server 12 SP3:kernel-default-base-4.4.155-94.50.1.s390x", "SUSE Linux Enterprise Server 12 SP3:kernel-default-base-4.4.155-94.50.1.x86_64", "SUSE Linux Enterprise Server 12 SP3:kernel-default-devel-4.4.155-94.50.1.aarch64", "SUSE Linux Enterprise Server 12 SP3:kernel-default-devel-4.4.155-94.50.1.ppc64le", "SUSE Linux Enterprise Server 12 SP3:kernel-default-devel-4.4.155-94.50.1.s390x", "SUSE Linux Enterprise Server 12 SP3:kernel-default-devel-4.4.155-94.50.1.x86_64", "SUSE Linux Enterprise Server 12 SP3:kernel-default-man-4.4.155-94.50.1.s390x", "SUSE Linux Enterprise Server 12 SP3:kernel-devel-4.4.155-94.50.1.noarch", "SUSE Linux Enterprise Server 12 SP3:kernel-macros-4.4.155-94.50.1.noarch", "SUSE Linux Enterprise Server 12 SP3:kernel-source-4.4.155-94.50.1.noarch", "SUSE Linux Enterprise Server 12 SP3:kernel-syms-4.4.155-94.50.1.aarch64", "SUSE Linux Enterprise Server 12 SP3:kernel-syms-4.4.155-94.50.1.ppc64le", "SUSE Linux Enterprise Server 12 SP3:kernel-syms-4.4.155-94.50.1.s390x", "SUSE Linux Enterprise Server 12 SP3:kernel-syms-4.4.155-94.50.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-4.4.155-94.50.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-4.4.155-94.50.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-4.4.155-94.50.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-4.4.155-94.50.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-base-4.4.155-94.50.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-base-4.4.155-94.50.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-base-4.4.155-94.50.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-base-4.4.155-94.50.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-devel-4.4.155-94.50.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-devel-4.4.155-94.50.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-devel-4.4.155-94.50.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-devel-4.4.155-94.50.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-man-4.4.155-94.50.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-devel-4.4.155-94.50.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-macros-4.4.155-94.50.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-source-4.4.155-94.50.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-syms-4.4.155-94.50.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-syms-4.4.155-94.50.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-syms-4.4.155-94.50.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-syms-4.4.155-94.50.1.x86_64", "SUSE Linux Enterprise Software Development Kit 12 SP3:kernel-docs-4.4.155-94.50.1.noarch", "SUSE Linux Enterprise Software Development Kit 12 SP3:kernel-obs-build-4.4.155-94.50.1.aarch64", "SUSE Linux Enterprise Software Development Kit 12 SP3:kernel-obs-build-4.4.155-94.50.1.ppc64le", "SUSE Linux Enterprise Software Development Kit 12 SP3:kernel-obs-build-4.4.155-94.50.1.s390x", "SUSE Linux Enterprise Software Development Kit 12 SP3:kernel-obs-build-4.4.155-94.50.1.x86_64", "SUSE Linux Enterprise Workstation Extension 12 SP3:kernel-default-extra-4.4.155-94.50.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 3.3, baseSeverity: "LOW", vectorString: "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L", version: "3.0", }, products: [ "SUSE Linux Enterprise Desktop 12 SP3:kernel-default-4.4.155-94.50.1.x86_64", "SUSE Linux Enterprise Desktop 12 SP3:kernel-default-devel-4.4.155-94.50.1.x86_64", "SUSE Linux Enterprise Desktop 12 SP3:kernel-default-extra-4.4.155-94.50.1.x86_64", "SUSE Linux Enterprise Desktop 12 SP3:kernel-devel-4.4.155-94.50.1.noarch", "SUSE Linux Enterprise Desktop 12 SP3:kernel-macros-4.4.155-94.50.1.noarch", "SUSE Linux Enterprise Desktop 12 SP3:kernel-source-4.4.155-94.50.1.noarch", "SUSE Linux Enterprise Desktop 12 SP3:kernel-syms-4.4.155-94.50.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP3:cluster-md-kmp-default-4.4.155-94.50.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP3:cluster-md-kmp-default-4.4.155-94.50.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP3:cluster-md-kmp-default-4.4.155-94.50.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP3:dlm-kmp-default-4.4.155-94.50.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP3:dlm-kmp-default-4.4.155-94.50.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP3:dlm-kmp-default-4.4.155-94.50.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP3:gfs2-kmp-default-4.4.155-94.50.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP3:gfs2-kmp-default-4.4.155-94.50.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP3:gfs2-kmp-default-4.4.155-94.50.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP3:ocfs2-kmp-default-4.4.155-94.50.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP3:ocfs2-kmp-default-4.4.155-94.50.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP3:ocfs2-kmp-default-4.4.155-94.50.1.x86_64", "SUSE Linux Enterprise Server 12 SP3:kernel-default-4.4.155-94.50.1.aarch64", "SUSE Linux Enterprise Server 12 SP3:kernel-default-4.4.155-94.50.1.ppc64le", "SUSE Linux Enterprise Server 12 SP3:kernel-default-4.4.155-94.50.1.s390x", "SUSE Linux Enterprise Server 12 SP3:kernel-default-4.4.155-94.50.1.x86_64", "SUSE Linux Enterprise Server 12 SP3:kernel-default-base-4.4.155-94.50.1.aarch64", "SUSE Linux Enterprise Server 12 SP3:kernel-default-base-4.4.155-94.50.1.ppc64le", "SUSE Linux Enterprise Server 12 SP3:kernel-default-base-4.4.155-94.50.1.s390x", "SUSE Linux Enterprise Server 12 SP3:kernel-default-base-4.4.155-94.50.1.x86_64", "SUSE Linux Enterprise Server 12 SP3:kernel-default-devel-4.4.155-94.50.1.aarch64", "SUSE Linux Enterprise Server 12 SP3:kernel-default-devel-4.4.155-94.50.1.ppc64le", "SUSE Linux Enterprise Server 12 SP3:kernel-default-devel-4.4.155-94.50.1.s390x", "SUSE Linux Enterprise Server 12 SP3:kernel-default-devel-4.4.155-94.50.1.x86_64", "SUSE Linux Enterprise Server 12 SP3:kernel-default-man-4.4.155-94.50.1.s390x", "SUSE Linux Enterprise Server 12 SP3:kernel-devel-4.4.155-94.50.1.noarch", "SUSE Linux Enterprise Server 12 SP3:kernel-macros-4.4.155-94.50.1.noarch", "SUSE Linux Enterprise Server 12 SP3:kernel-source-4.4.155-94.50.1.noarch", "SUSE Linux Enterprise Server 12 SP3:kernel-syms-4.4.155-94.50.1.aarch64", "SUSE Linux Enterprise Server 12 SP3:kernel-syms-4.4.155-94.50.1.ppc64le", "SUSE Linux Enterprise Server 12 SP3:kernel-syms-4.4.155-94.50.1.s390x", "SUSE Linux Enterprise Server 12 SP3:kernel-syms-4.4.155-94.50.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-4.4.155-94.50.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-4.4.155-94.50.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-4.4.155-94.50.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-4.4.155-94.50.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-base-4.4.155-94.50.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-base-4.4.155-94.50.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-base-4.4.155-94.50.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-base-4.4.155-94.50.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-devel-4.4.155-94.50.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-devel-4.4.155-94.50.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-devel-4.4.155-94.50.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-devel-4.4.155-94.50.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-man-4.4.155-94.50.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-devel-4.4.155-94.50.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-macros-4.4.155-94.50.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-source-4.4.155-94.50.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-syms-4.4.155-94.50.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-syms-4.4.155-94.50.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-syms-4.4.155-94.50.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-syms-4.4.155-94.50.1.x86_64", "SUSE Linux Enterprise Software Development Kit 12 SP3:kernel-docs-4.4.155-94.50.1.noarch", "SUSE Linux Enterprise Software Development Kit 12 SP3:kernel-obs-build-4.4.155-94.50.1.aarch64", "SUSE Linux Enterprise Software Development Kit 12 SP3:kernel-obs-build-4.4.155-94.50.1.ppc64le", "SUSE Linux Enterprise Software Development Kit 12 SP3:kernel-obs-build-4.4.155-94.50.1.s390x", "SUSE Linux Enterprise Software Development Kit 12 SP3:kernel-obs-build-4.4.155-94.50.1.x86_64", "SUSE Linux Enterprise Workstation Extension 12 SP3:kernel-default-extra-4.4.155-94.50.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2018-09-20T16:27:28Z", details: "low", }, ], title: "CVE-2018-6554", }, { cve: "CVE-2018-6555", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2018-6555", }, ], notes: [ { category: "general", text: "The irda_setsockopt function in net/irda/af_irda.c and later in drivers/staging/irda/net/af_irda.c in the Linux kernel before 4.17 allows local users to cause a denial of service (ias_object use-after-free and system crash) or possibly have unspecified other impact via an AF_IRDA socket.", title: "CVE description", }, ], product_status: { recommended: [ "SUSE Linux Enterprise Desktop 12 SP3:kernel-default-4.4.155-94.50.1.x86_64", "SUSE Linux Enterprise Desktop 12 SP3:kernel-default-devel-4.4.155-94.50.1.x86_64", "SUSE Linux Enterprise Desktop 12 SP3:kernel-default-extra-4.4.155-94.50.1.x86_64", "SUSE Linux Enterprise Desktop 12 SP3:kernel-devel-4.4.155-94.50.1.noarch", "SUSE Linux Enterprise Desktop 12 SP3:kernel-macros-4.4.155-94.50.1.noarch", "SUSE Linux Enterprise Desktop 12 SP3:kernel-source-4.4.155-94.50.1.noarch", "SUSE Linux Enterprise Desktop 12 SP3:kernel-syms-4.4.155-94.50.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP3:cluster-md-kmp-default-4.4.155-94.50.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP3:cluster-md-kmp-default-4.4.155-94.50.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP3:cluster-md-kmp-default-4.4.155-94.50.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP3:dlm-kmp-default-4.4.155-94.50.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP3:dlm-kmp-default-4.4.155-94.50.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP3:dlm-kmp-default-4.4.155-94.50.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP3:gfs2-kmp-default-4.4.155-94.50.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP3:gfs2-kmp-default-4.4.155-94.50.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP3:gfs2-kmp-default-4.4.155-94.50.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP3:ocfs2-kmp-default-4.4.155-94.50.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP3:ocfs2-kmp-default-4.4.155-94.50.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP3:ocfs2-kmp-default-4.4.155-94.50.1.x86_64", "SUSE Linux Enterprise Server 12 SP3:kernel-default-4.4.155-94.50.1.aarch64", "SUSE Linux Enterprise Server 12 SP3:kernel-default-4.4.155-94.50.1.ppc64le", "SUSE Linux Enterprise Server 12 SP3:kernel-default-4.4.155-94.50.1.s390x", "SUSE Linux Enterprise Server 12 SP3:kernel-default-4.4.155-94.50.1.x86_64", "SUSE Linux Enterprise Server 12 SP3:kernel-default-base-4.4.155-94.50.1.aarch64", "SUSE Linux Enterprise Server 12 SP3:kernel-default-base-4.4.155-94.50.1.ppc64le", "SUSE Linux Enterprise Server 12 SP3:kernel-default-base-4.4.155-94.50.1.s390x", "SUSE Linux Enterprise Server 12 SP3:kernel-default-base-4.4.155-94.50.1.x86_64", "SUSE Linux Enterprise Server 12 SP3:kernel-default-devel-4.4.155-94.50.1.aarch64", "SUSE Linux Enterprise Server 12 SP3:kernel-default-devel-4.4.155-94.50.1.ppc64le", "SUSE Linux Enterprise Server 12 SP3:kernel-default-devel-4.4.155-94.50.1.s390x", "SUSE Linux Enterprise Server 12 SP3:kernel-default-devel-4.4.155-94.50.1.x86_64", "SUSE Linux Enterprise Server 12 SP3:kernel-default-man-4.4.155-94.50.1.s390x", "SUSE Linux Enterprise Server 12 SP3:kernel-devel-4.4.155-94.50.1.noarch", "SUSE Linux Enterprise Server 12 SP3:kernel-macros-4.4.155-94.50.1.noarch", "SUSE Linux Enterprise Server 12 SP3:kernel-source-4.4.155-94.50.1.noarch", "SUSE Linux Enterprise Server 12 SP3:kernel-syms-4.4.155-94.50.1.aarch64", "SUSE Linux Enterprise Server 12 SP3:kernel-syms-4.4.155-94.50.1.ppc64le", "SUSE Linux Enterprise Server 12 SP3:kernel-syms-4.4.155-94.50.1.s390x", "SUSE Linux Enterprise Server 12 SP3:kernel-syms-4.4.155-94.50.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-4.4.155-94.50.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-4.4.155-94.50.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-4.4.155-94.50.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-4.4.155-94.50.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-base-4.4.155-94.50.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-base-4.4.155-94.50.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-base-4.4.155-94.50.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-base-4.4.155-94.50.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-devel-4.4.155-94.50.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-devel-4.4.155-94.50.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-devel-4.4.155-94.50.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-devel-4.4.155-94.50.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-man-4.4.155-94.50.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-devel-4.4.155-94.50.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-macros-4.4.155-94.50.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-source-4.4.155-94.50.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-syms-4.4.155-94.50.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-syms-4.4.155-94.50.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-syms-4.4.155-94.50.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-syms-4.4.155-94.50.1.x86_64", "SUSE Linux Enterprise Software Development Kit 12 SP3:kernel-docs-4.4.155-94.50.1.noarch", "SUSE Linux Enterprise Software Development Kit 12 SP3:kernel-obs-build-4.4.155-94.50.1.aarch64", "SUSE Linux Enterprise Software Development Kit 12 SP3:kernel-obs-build-4.4.155-94.50.1.ppc64le", "SUSE Linux Enterprise Software Development Kit 12 SP3:kernel-obs-build-4.4.155-94.50.1.s390x", "SUSE Linux Enterprise Software Development Kit 12 SP3:kernel-obs-build-4.4.155-94.50.1.x86_64", "SUSE Linux Enterprise Workstation Extension 12 SP3:kernel-default-extra-4.4.155-94.50.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2018-6555", url: "https://www.suse.com/security/cve/CVE-2018-6555", }, { category: "external", summary: "SUSE Bug 1106509 for CVE-2018-6555", url: "https://bugzilla.suse.com/1106509", }, { category: "external", summary: "SUSE Bug 1106511 for CVE-2018-6555", url: "https://bugzilla.suse.com/1106511", }, { category: "external", summary: "SUSE Bug 1115893 for CVE-2018-6555", url: "https://bugzilla.suse.com/1115893", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE Linux Enterprise Desktop 12 SP3:kernel-default-4.4.155-94.50.1.x86_64", "SUSE Linux Enterprise Desktop 12 SP3:kernel-default-devel-4.4.155-94.50.1.x86_64", "SUSE Linux Enterprise Desktop 12 SP3:kernel-default-extra-4.4.155-94.50.1.x86_64", "SUSE Linux Enterprise Desktop 12 SP3:kernel-devel-4.4.155-94.50.1.noarch", "SUSE Linux Enterprise Desktop 12 SP3:kernel-macros-4.4.155-94.50.1.noarch", "SUSE Linux Enterprise Desktop 12 SP3:kernel-source-4.4.155-94.50.1.noarch", "SUSE Linux Enterprise Desktop 12 SP3:kernel-syms-4.4.155-94.50.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP3:cluster-md-kmp-default-4.4.155-94.50.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP3:cluster-md-kmp-default-4.4.155-94.50.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP3:cluster-md-kmp-default-4.4.155-94.50.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP3:dlm-kmp-default-4.4.155-94.50.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP3:dlm-kmp-default-4.4.155-94.50.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP3:dlm-kmp-default-4.4.155-94.50.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP3:gfs2-kmp-default-4.4.155-94.50.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP3:gfs2-kmp-default-4.4.155-94.50.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP3:gfs2-kmp-default-4.4.155-94.50.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP3:ocfs2-kmp-default-4.4.155-94.50.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP3:ocfs2-kmp-default-4.4.155-94.50.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP3:ocfs2-kmp-default-4.4.155-94.50.1.x86_64", "SUSE Linux Enterprise Server 12 SP3:kernel-default-4.4.155-94.50.1.aarch64", "SUSE Linux Enterprise Server 12 SP3:kernel-default-4.4.155-94.50.1.ppc64le", "SUSE Linux Enterprise Server 12 SP3:kernel-default-4.4.155-94.50.1.s390x", "SUSE Linux Enterprise Server 12 SP3:kernel-default-4.4.155-94.50.1.x86_64", "SUSE Linux Enterprise Server 12 SP3:kernel-default-base-4.4.155-94.50.1.aarch64", "SUSE Linux Enterprise Server 12 SP3:kernel-default-base-4.4.155-94.50.1.ppc64le", "SUSE Linux Enterprise Server 12 SP3:kernel-default-base-4.4.155-94.50.1.s390x", "SUSE Linux Enterprise Server 12 SP3:kernel-default-base-4.4.155-94.50.1.x86_64", "SUSE Linux Enterprise Server 12 SP3:kernel-default-devel-4.4.155-94.50.1.aarch64", "SUSE Linux Enterprise Server 12 SP3:kernel-default-devel-4.4.155-94.50.1.ppc64le", "SUSE Linux Enterprise Server 12 SP3:kernel-default-devel-4.4.155-94.50.1.s390x", "SUSE Linux Enterprise Server 12 SP3:kernel-default-devel-4.4.155-94.50.1.x86_64", "SUSE Linux Enterprise Server 12 SP3:kernel-default-man-4.4.155-94.50.1.s390x", "SUSE Linux Enterprise Server 12 SP3:kernel-devel-4.4.155-94.50.1.noarch", "SUSE Linux Enterprise Server 12 SP3:kernel-macros-4.4.155-94.50.1.noarch", "SUSE Linux Enterprise Server 12 SP3:kernel-source-4.4.155-94.50.1.noarch", "SUSE Linux Enterprise Server 12 SP3:kernel-syms-4.4.155-94.50.1.aarch64", "SUSE Linux Enterprise Server 12 SP3:kernel-syms-4.4.155-94.50.1.ppc64le", "SUSE Linux Enterprise Server 12 SP3:kernel-syms-4.4.155-94.50.1.s390x", "SUSE Linux Enterprise Server 12 SP3:kernel-syms-4.4.155-94.50.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-4.4.155-94.50.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-4.4.155-94.50.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-4.4.155-94.50.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-4.4.155-94.50.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-base-4.4.155-94.50.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-base-4.4.155-94.50.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-base-4.4.155-94.50.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-base-4.4.155-94.50.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-devel-4.4.155-94.50.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-devel-4.4.155-94.50.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-devel-4.4.155-94.50.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-devel-4.4.155-94.50.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-man-4.4.155-94.50.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-devel-4.4.155-94.50.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-macros-4.4.155-94.50.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-source-4.4.155-94.50.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-syms-4.4.155-94.50.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-syms-4.4.155-94.50.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-syms-4.4.155-94.50.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-syms-4.4.155-94.50.1.x86_64", "SUSE Linux Enterprise Software Development Kit 12 SP3:kernel-docs-4.4.155-94.50.1.noarch", "SUSE Linux Enterprise Software Development Kit 12 SP3:kernel-obs-build-4.4.155-94.50.1.aarch64", "SUSE Linux Enterprise Software Development Kit 12 SP3:kernel-obs-build-4.4.155-94.50.1.ppc64le", "SUSE Linux Enterprise Software Development Kit 12 SP3:kernel-obs-build-4.4.155-94.50.1.s390x", "SUSE Linux Enterprise Software Development Kit 12 SP3:kernel-obs-build-4.4.155-94.50.1.x86_64", "SUSE Linux Enterprise Workstation Extension 12 SP3:kernel-default-extra-4.4.155-94.50.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 4.4, baseSeverity: "MEDIUM", vectorString: "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:L", version: "3.0", }, products: [ "SUSE Linux Enterprise Desktop 12 SP3:kernel-default-4.4.155-94.50.1.x86_64", "SUSE Linux Enterprise Desktop 12 SP3:kernel-default-devel-4.4.155-94.50.1.x86_64", "SUSE Linux Enterprise Desktop 12 SP3:kernel-default-extra-4.4.155-94.50.1.x86_64", "SUSE Linux Enterprise Desktop 12 SP3:kernel-devel-4.4.155-94.50.1.noarch", "SUSE Linux Enterprise Desktop 12 SP3:kernel-macros-4.4.155-94.50.1.noarch", "SUSE Linux Enterprise Desktop 12 SP3:kernel-source-4.4.155-94.50.1.noarch", "SUSE Linux Enterprise Desktop 12 SP3:kernel-syms-4.4.155-94.50.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP3:cluster-md-kmp-default-4.4.155-94.50.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP3:cluster-md-kmp-default-4.4.155-94.50.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP3:cluster-md-kmp-default-4.4.155-94.50.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP3:dlm-kmp-default-4.4.155-94.50.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP3:dlm-kmp-default-4.4.155-94.50.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP3:dlm-kmp-default-4.4.155-94.50.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP3:gfs2-kmp-default-4.4.155-94.50.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP3:gfs2-kmp-default-4.4.155-94.50.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP3:gfs2-kmp-default-4.4.155-94.50.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP3:ocfs2-kmp-default-4.4.155-94.50.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP3:ocfs2-kmp-default-4.4.155-94.50.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP3:ocfs2-kmp-default-4.4.155-94.50.1.x86_64", "SUSE Linux Enterprise Server 12 SP3:kernel-default-4.4.155-94.50.1.aarch64", "SUSE Linux Enterprise Server 12 SP3:kernel-default-4.4.155-94.50.1.ppc64le", "SUSE Linux Enterprise Server 12 SP3:kernel-default-4.4.155-94.50.1.s390x", "SUSE Linux Enterprise Server 12 SP3:kernel-default-4.4.155-94.50.1.x86_64", "SUSE Linux Enterprise Server 12 SP3:kernel-default-base-4.4.155-94.50.1.aarch64", "SUSE Linux Enterprise Server 12 SP3:kernel-default-base-4.4.155-94.50.1.ppc64le", "SUSE Linux Enterprise Server 12 SP3:kernel-default-base-4.4.155-94.50.1.s390x", "SUSE Linux Enterprise Server 12 SP3:kernel-default-base-4.4.155-94.50.1.x86_64", "SUSE Linux Enterprise Server 12 SP3:kernel-default-devel-4.4.155-94.50.1.aarch64", "SUSE Linux Enterprise Server 12 SP3:kernel-default-devel-4.4.155-94.50.1.ppc64le", "SUSE Linux Enterprise Server 12 SP3:kernel-default-devel-4.4.155-94.50.1.s390x", "SUSE Linux Enterprise Server 12 SP3:kernel-default-devel-4.4.155-94.50.1.x86_64", "SUSE Linux Enterprise Server 12 SP3:kernel-default-man-4.4.155-94.50.1.s390x", "SUSE Linux Enterprise Server 12 SP3:kernel-devel-4.4.155-94.50.1.noarch", "SUSE Linux Enterprise Server 12 SP3:kernel-macros-4.4.155-94.50.1.noarch", "SUSE Linux Enterprise Server 12 SP3:kernel-source-4.4.155-94.50.1.noarch", "SUSE Linux Enterprise Server 12 SP3:kernel-syms-4.4.155-94.50.1.aarch64", "SUSE Linux Enterprise Server 12 SP3:kernel-syms-4.4.155-94.50.1.ppc64le", "SUSE Linux Enterprise Server 12 SP3:kernel-syms-4.4.155-94.50.1.s390x", "SUSE Linux Enterprise Server 12 SP3:kernel-syms-4.4.155-94.50.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-4.4.155-94.50.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-4.4.155-94.50.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-4.4.155-94.50.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-4.4.155-94.50.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-base-4.4.155-94.50.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-base-4.4.155-94.50.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-base-4.4.155-94.50.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-base-4.4.155-94.50.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-devel-4.4.155-94.50.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-devel-4.4.155-94.50.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-devel-4.4.155-94.50.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-devel-4.4.155-94.50.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-man-4.4.155-94.50.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-devel-4.4.155-94.50.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-macros-4.4.155-94.50.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-source-4.4.155-94.50.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-syms-4.4.155-94.50.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-syms-4.4.155-94.50.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-syms-4.4.155-94.50.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-syms-4.4.155-94.50.1.x86_64", "SUSE Linux Enterprise Software Development Kit 12 SP3:kernel-docs-4.4.155-94.50.1.noarch", "SUSE Linux Enterprise Software Development Kit 12 SP3:kernel-obs-build-4.4.155-94.50.1.aarch64", "SUSE Linux Enterprise Software Development Kit 12 SP3:kernel-obs-build-4.4.155-94.50.1.ppc64le", "SUSE Linux Enterprise Software Development Kit 12 SP3:kernel-obs-build-4.4.155-94.50.1.s390x", "SUSE Linux Enterprise Software Development Kit 12 SP3:kernel-obs-build-4.4.155-94.50.1.x86_64", "SUSE Linux Enterprise Workstation Extension 12 SP3:kernel-default-extra-4.4.155-94.50.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2018-09-20T16:27:28Z", details: "moderate", }, ], title: "CVE-2018-6555", }, { cve: "CVE-2018-9363", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2018-9363", }, ], notes: [ { category: "general", text: "In the hidp_process_report in bluetooth, there is an integer overflow. This could lead to an out of bounds write with no additional execution privileges needed. User interaction is not needed for exploitation. Product: Android Versions: Android kernel Android ID: A-65853588 References: Upstream kernel.", title: "CVE description", }, ], product_status: { recommended: [ "SUSE Linux Enterprise Desktop 12 SP3:kernel-default-4.4.155-94.50.1.x86_64", "SUSE Linux Enterprise Desktop 12 SP3:kernel-default-devel-4.4.155-94.50.1.x86_64", "SUSE Linux Enterprise Desktop 12 SP3:kernel-default-extra-4.4.155-94.50.1.x86_64", "SUSE Linux Enterprise Desktop 12 SP3:kernel-devel-4.4.155-94.50.1.noarch", "SUSE Linux Enterprise Desktop 12 SP3:kernel-macros-4.4.155-94.50.1.noarch", "SUSE Linux Enterprise Desktop 12 SP3:kernel-source-4.4.155-94.50.1.noarch", "SUSE Linux Enterprise Desktop 12 SP3:kernel-syms-4.4.155-94.50.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP3:cluster-md-kmp-default-4.4.155-94.50.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP3:cluster-md-kmp-default-4.4.155-94.50.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP3:cluster-md-kmp-default-4.4.155-94.50.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP3:dlm-kmp-default-4.4.155-94.50.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP3:dlm-kmp-default-4.4.155-94.50.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP3:dlm-kmp-default-4.4.155-94.50.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP3:gfs2-kmp-default-4.4.155-94.50.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP3:gfs2-kmp-default-4.4.155-94.50.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP3:gfs2-kmp-default-4.4.155-94.50.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP3:ocfs2-kmp-default-4.4.155-94.50.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP3:ocfs2-kmp-default-4.4.155-94.50.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP3:ocfs2-kmp-default-4.4.155-94.50.1.x86_64", "SUSE Linux Enterprise Server 12 SP3:kernel-default-4.4.155-94.50.1.aarch64", "SUSE Linux Enterprise Server 12 SP3:kernel-default-4.4.155-94.50.1.ppc64le", "SUSE Linux Enterprise Server 12 SP3:kernel-default-4.4.155-94.50.1.s390x", "SUSE Linux Enterprise Server 12 SP3:kernel-default-4.4.155-94.50.1.x86_64", "SUSE Linux Enterprise Server 12 SP3:kernel-default-base-4.4.155-94.50.1.aarch64", "SUSE Linux Enterprise Server 12 SP3:kernel-default-base-4.4.155-94.50.1.ppc64le", "SUSE Linux Enterprise Server 12 SP3:kernel-default-base-4.4.155-94.50.1.s390x", "SUSE Linux Enterprise Server 12 SP3:kernel-default-base-4.4.155-94.50.1.x86_64", "SUSE Linux Enterprise Server 12 SP3:kernel-default-devel-4.4.155-94.50.1.aarch64", "SUSE Linux Enterprise Server 12 SP3:kernel-default-devel-4.4.155-94.50.1.ppc64le", "SUSE Linux Enterprise Server 12 SP3:kernel-default-devel-4.4.155-94.50.1.s390x", "SUSE Linux Enterprise Server 12 SP3:kernel-default-devel-4.4.155-94.50.1.x86_64", "SUSE Linux Enterprise Server 12 SP3:kernel-default-man-4.4.155-94.50.1.s390x", "SUSE Linux Enterprise Server 12 SP3:kernel-devel-4.4.155-94.50.1.noarch", "SUSE Linux Enterprise Server 12 SP3:kernel-macros-4.4.155-94.50.1.noarch", "SUSE Linux Enterprise Server 12 SP3:kernel-source-4.4.155-94.50.1.noarch", "SUSE Linux Enterprise Server 12 SP3:kernel-syms-4.4.155-94.50.1.aarch64", "SUSE Linux Enterprise Server 12 SP3:kernel-syms-4.4.155-94.50.1.ppc64le", "SUSE Linux Enterprise Server 12 SP3:kernel-syms-4.4.155-94.50.1.s390x", "SUSE Linux Enterprise Server 12 SP3:kernel-syms-4.4.155-94.50.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-4.4.155-94.50.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-4.4.155-94.50.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-4.4.155-94.50.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-4.4.155-94.50.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-base-4.4.155-94.50.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-base-4.4.155-94.50.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-base-4.4.155-94.50.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-base-4.4.155-94.50.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-devel-4.4.155-94.50.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-devel-4.4.155-94.50.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-devel-4.4.155-94.50.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-devel-4.4.155-94.50.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-man-4.4.155-94.50.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-devel-4.4.155-94.50.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-macros-4.4.155-94.50.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-source-4.4.155-94.50.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-syms-4.4.155-94.50.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-syms-4.4.155-94.50.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-syms-4.4.155-94.50.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-syms-4.4.155-94.50.1.x86_64", "SUSE Linux Enterprise Software Development Kit 12 SP3:kernel-docs-4.4.155-94.50.1.noarch", "SUSE Linux Enterprise Software Development Kit 12 SP3:kernel-obs-build-4.4.155-94.50.1.aarch64", "SUSE Linux Enterprise Software Development Kit 12 SP3:kernel-obs-build-4.4.155-94.50.1.ppc64le", "SUSE Linux Enterprise Software Development Kit 12 SP3:kernel-obs-build-4.4.155-94.50.1.s390x", "SUSE Linux Enterprise Software Development Kit 12 SP3:kernel-obs-build-4.4.155-94.50.1.x86_64", "SUSE Linux Enterprise Workstation Extension 12 SP3:kernel-default-extra-4.4.155-94.50.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2018-9363", url: "https://www.suse.com/security/cve/CVE-2018-9363", }, { category: "external", summary: "SUSE Bug 1087082 for CVE-2018-9363", url: "https://bugzilla.suse.com/1087082", }, { category: "external", summary: "SUSE Bug 1105292 for CVE-2018-9363", url: "https://bugzilla.suse.com/1105292", }, { category: "external", summary: "SUSE Bug 1105293 for CVE-2018-9363", url: "https://bugzilla.suse.com/1105293", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE Linux Enterprise Desktop 12 SP3:kernel-default-4.4.155-94.50.1.x86_64", "SUSE Linux Enterprise Desktop 12 SP3:kernel-default-devel-4.4.155-94.50.1.x86_64", "SUSE Linux Enterprise Desktop 12 SP3:kernel-default-extra-4.4.155-94.50.1.x86_64", "SUSE Linux Enterprise Desktop 12 SP3:kernel-devel-4.4.155-94.50.1.noarch", "SUSE Linux Enterprise Desktop 12 SP3:kernel-macros-4.4.155-94.50.1.noarch", "SUSE Linux Enterprise Desktop 12 SP3:kernel-source-4.4.155-94.50.1.noarch", "SUSE Linux Enterprise Desktop 12 SP3:kernel-syms-4.4.155-94.50.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP3:cluster-md-kmp-default-4.4.155-94.50.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP3:cluster-md-kmp-default-4.4.155-94.50.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP3:cluster-md-kmp-default-4.4.155-94.50.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP3:dlm-kmp-default-4.4.155-94.50.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP3:dlm-kmp-default-4.4.155-94.50.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP3:dlm-kmp-default-4.4.155-94.50.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP3:gfs2-kmp-default-4.4.155-94.50.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP3:gfs2-kmp-default-4.4.155-94.50.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP3:gfs2-kmp-default-4.4.155-94.50.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP3:ocfs2-kmp-default-4.4.155-94.50.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP3:ocfs2-kmp-default-4.4.155-94.50.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP3:ocfs2-kmp-default-4.4.155-94.50.1.x86_64", "SUSE Linux Enterprise Server 12 SP3:kernel-default-4.4.155-94.50.1.aarch64", "SUSE Linux Enterprise Server 12 SP3:kernel-default-4.4.155-94.50.1.ppc64le", "SUSE Linux Enterprise Server 12 SP3:kernel-default-4.4.155-94.50.1.s390x", "SUSE Linux Enterprise Server 12 SP3:kernel-default-4.4.155-94.50.1.x86_64", "SUSE Linux Enterprise Server 12 SP3:kernel-default-base-4.4.155-94.50.1.aarch64", "SUSE Linux Enterprise Server 12 SP3:kernel-default-base-4.4.155-94.50.1.ppc64le", "SUSE Linux Enterprise Server 12 SP3:kernel-default-base-4.4.155-94.50.1.s390x", "SUSE Linux Enterprise Server 12 SP3:kernel-default-base-4.4.155-94.50.1.x86_64", "SUSE Linux Enterprise Server 12 SP3:kernel-default-devel-4.4.155-94.50.1.aarch64", "SUSE Linux Enterprise Server 12 SP3:kernel-default-devel-4.4.155-94.50.1.ppc64le", "SUSE Linux Enterprise Server 12 SP3:kernel-default-devel-4.4.155-94.50.1.s390x", "SUSE Linux Enterprise Server 12 SP3:kernel-default-devel-4.4.155-94.50.1.x86_64", "SUSE Linux Enterprise Server 12 SP3:kernel-default-man-4.4.155-94.50.1.s390x", "SUSE Linux Enterprise Server 12 SP3:kernel-devel-4.4.155-94.50.1.noarch", "SUSE Linux Enterprise Server 12 SP3:kernel-macros-4.4.155-94.50.1.noarch", "SUSE Linux Enterprise Server 12 SP3:kernel-source-4.4.155-94.50.1.noarch", "SUSE Linux Enterprise Server 12 SP3:kernel-syms-4.4.155-94.50.1.aarch64", "SUSE Linux Enterprise Server 12 SP3:kernel-syms-4.4.155-94.50.1.ppc64le", "SUSE Linux Enterprise Server 12 SP3:kernel-syms-4.4.155-94.50.1.s390x", "SUSE Linux Enterprise Server 12 SP3:kernel-syms-4.4.155-94.50.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-4.4.155-94.50.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-4.4.155-94.50.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-4.4.155-94.50.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-4.4.155-94.50.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-base-4.4.155-94.50.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-base-4.4.155-94.50.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-base-4.4.155-94.50.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-base-4.4.155-94.50.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-devel-4.4.155-94.50.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-devel-4.4.155-94.50.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-devel-4.4.155-94.50.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-devel-4.4.155-94.50.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-man-4.4.155-94.50.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-devel-4.4.155-94.50.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-macros-4.4.155-94.50.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-source-4.4.155-94.50.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-syms-4.4.155-94.50.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-syms-4.4.155-94.50.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-syms-4.4.155-94.50.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-syms-4.4.155-94.50.1.x86_64", "SUSE Linux Enterprise Software Development Kit 12 SP3:kernel-docs-4.4.155-94.50.1.noarch", "SUSE Linux Enterprise Software Development Kit 12 SP3:kernel-obs-build-4.4.155-94.50.1.aarch64", "SUSE Linux Enterprise Software Development Kit 12 SP3:kernel-obs-build-4.4.155-94.50.1.ppc64le", "SUSE Linux Enterprise Software Development Kit 12 SP3:kernel-obs-build-4.4.155-94.50.1.s390x", "SUSE Linux Enterprise Software Development Kit 12 SP3:kernel-obs-build-4.4.155-94.50.1.x86_64", "SUSE Linux Enterprise Workstation Extension 12 SP3:kernel-default-extra-4.4.155-94.50.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 8, baseSeverity: "HIGH", vectorString: "CVSS:3.0/AV:A/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H", version: "3.0", }, products: [ "SUSE Linux Enterprise Desktop 12 SP3:kernel-default-4.4.155-94.50.1.x86_64", "SUSE Linux Enterprise Desktop 12 SP3:kernel-default-devel-4.4.155-94.50.1.x86_64", "SUSE Linux Enterprise Desktop 12 SP3:kernel-default-extra-4.4.155-94.50.1.x86_64", "SUSE Linux Enterprise Desktop 12 SP3:kernel-devel-4.4.155-94.50.1.noarch", "SUSE Linux Enterprise Desktop 12 SP3:kernel-macros-4.4.155-94.50.1.noarch", "SUSE Linux Enterprise Desktop 12 SP3:kernel-source-4.4.155-94.50.1.noarch", "SUSE Linux Enterprise Desktop 12 SP3:kernel-syms-4.4.155-94.50.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP3:cluster-md-kmp-default-4.4.155-94.50.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP3:cluster-md-kmp-default-4.4.155-94.50.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP3:cluster-md-kmp-default-4.4.155-94.50.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP3:dlm-kmp-default-4.4.155-94.50.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP3:dlm-kmp-default-4.4.155-94.50.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP3:dlm-kmp-default-4.4.155-94.50.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP3:gfs2-kmp-default-4.4.155-94.50.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP3:gfs2-kmp-default-4.4.155-94.50.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP3:gfs2-kmp-default-4.4.155-94.50.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP3:ocfs2-kmp-default-4.4.155-94.50.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP3:ocfs2-kmp-default-4.4.155-94.50.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP3:ocfs2-kmp-default-4.4.155-94.50.1.x86_64", "SUSE Linux Enterprise Server 12 SP3:kernel-default-4.4.155-94.50.1.aarch64", "SUSE Linux Enterprise Server 12 SP3:kernel-default-4.4.155-94.50.1.ppc64le", "SUSE Linux Enterprise Server 12 SP3:kernel-default-4.4.155-94.50.1.s390x", "SUSE Linux Enterprise Server 12 SP3:kernel-default-4.4.155-94.50.1.x86_64", "SUSE Linux Enterprise Server 12 SP3:kernel-default-base-4.4.155-94.50.1.aarch64", "SUSE Linux Enterprise Server 12 SP3:kernel-default-base-4.4.155-94.50.1.ppc64le", "SUSE Linux Enterprise Server 12 SP3:kernel-default-base-4.4.155-94.50.1.s390x", "SUSE Linux Enterprise Server 12 SP3:kernel-default-base-4.4.155-94.50.1.x86_64", "SUSE Linux Enterprise Server 12 SP3:kernel-default-devel-4.4.155-94.50.1.aarch64", "SUSE Linux Enterprise Server 12 SP3:kernel-default-devel-4.4.155-94.50.1.ppc64le", "SUSE Linux Enterprise Server 12 SP3:kernel-default-devel-4.4.155-94.50.1.s390x", "SUSE Linux Enterprise Server 12 SP3:kernel-default-devel-4.4.155-94.50.1.x86_64", "SUSE Linux Enterprise Server 12 SP3:kernel-default-man-4.4.155-94.50.1.s390x", "SUSE Linux Enterprise Server 12 SP3:kernel-devel-4.4.155-94.50.1.noarch", "SUSE Linux Enterprise Server 12 SP3:kernel-macros-4.4.155-94.50.1.noarch", "SUSE Linux Enterprise Server 12 SP3:kernel-source-4.4.155-94.50.1.noarch", "SUSE Linux Enterprise Server 12 SP3:kernel-syms-4.4.155-94.50.1.aarch64", "SUSE Linux Enterprise Server 12 SP3:kernel-syms-4.4.155-94.50.1.ppc64le", "SUSE Linux Enterprise Server 12 SP3:kernel-syms-4.4.155-94.50.1.s390x", "SUSE Linux Enterprise Server 12 SP3:kernel-syms-4.4.155-94.50.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-4.4.155-94.50.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-4.4.155-94.50.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-4.4.155-94.50.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-4.4.155-94.50.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-base-4.4.155-94.50.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-base-4.4.155-94.50.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-base-4.4.155-94.50.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-base-4.4.155-94.50.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-devel-4.4.155-94.50.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-devel-4.4.155-94.50.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-devel-4.4.155-94.50.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-devel-4.4.155-94.50.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-man-4.4.155-94.50.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-devel-4.4.155-94.50.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-macros-4.4.155-94.50.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-source-4.4.155-94.50.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-syms-4.4.155-94.50.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-syms-4.4.155-94.50.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-syms-4.4.155-94.50.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-syms-4.4.155-94.50.1.x86_64", "SUSE Linux Enterprise Software Development Kit 12 SP3:kernel-docs-4.4.155-94.50.1.noarch", "SUSE Linux Enterprise Software Development Kit 12 SP3:kernel-obs-build-4.4.155-94.50.1.aarch64", "SUSE Linux Enterprise Software Development Kit 12 SP3:kernel-obs-build-4.4.155-94.50.1.ppc64le", "SUSE Linux Enterprise Software Development Kit 12 SP3:kernel-obs-build-4.4.155-94.50.1.s390x", "SUSE Linux Enterprise Software Development Kit 12 SP3:kernel-obs-build-4.4.155-94.50.1.x86_64", "SUSE Linux Enterprise Workstation Extension 12 SP3:kernel-default-extra-4.4.155-94.50.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2018-09-20T16:27:28Z", details: "important", }, ], title: "CVE-2018-9363", }, ], }
gsd-2018-6555
Vulnerability from gsd
Modified
2023-12-13 01:22
Details
The irda_setsockopt function in net/irda/af_irda.c and later in drivers/staging/irda/net/af_irda.c in the Linux kernel before 4.17 allows local users to cause a denial of service (ias_object use-after-free and system crash) or possibly have unspecified other impact via an AF_IRDA socket.
Aliases
Aliases
{ GSD: { alias: "CVE-2018-6555", description: "The irda_setsockopt function in net/irda/af_irda.c and later in drivers/staging/irda/net/af_irda.c in the Linux kernel before 4.17 allows local users to cause a denial of service (ias_object use-after-free and system crash) or possibly have unspecified other impact via an AF_IRDA socket.", id: "GSD-2018-6555", references: [ "https://www.suse.com/security/cve/CVE-2018-6555.html", "https://www.debian.org/security/2018/dsa-4308", "https://ubuntu.com/security/CVE-2018-6555", "https://advisories.mageia.org/CVE-2018-6555.html", ], }, gsd: { metadata: { exploitCode: "unknown", remediation: "unknown", reportConfidence: "confirmed", type: "vulnerability", }, osvSchema: { aliases: [ "CVE-2018-6555", ], details: "The irda_setsockopt function in net/irda/af_irda.c and later in drivers/staging/irda/net/af_irda.c in the Linux kernel before 4.17 allows local users to cause a denial of service (ias_object use-after-free and system crash) or possibly have unspecified other impact via an AF_IRDA socket.", id: "GSD-2018-6555", modified: "2023-12-13T01:22:35.765277Z", schema_version: "1.4.0", }, }, namespaces: { "cve.org": { CVE_data_meta: { ASSIGNER: "security@ubuntu.com", DATE_PUBLIC: "2018-09-04T15:00:00.000Z", ID: "CVE-2018-6555", STATE: "PUBLIC", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "Linux Kernel", version: { version_data: [ { version_value: "before 4.17", }, ], }, }, ], }, vendor_name: "Linux Kernel", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "The irda_setsockopt function in net/irda/af_irda.c and later in drivers/staging/irda/net/af_irda.c in the Linux kernel before 4.17 allows local users to cause a denial of service (ias_object use-after-free and system crash) or possibly have unspecified other impact via an AF_IRDA socket.", }, ], }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "CWE-416: Use After Free", }, ], }, ], }, references: { reference_data: [ { name: "USN-3776-1", refsource: "UBUNTU", url: "https://usn.ubuntu.com/3776-1/", }, { name: "USN-3776-2", refsource: "UBUNTU", url: "https://usn.ubuntu.com/3776-2/", }, { name: "[stable] 20180904 [PATCH 2/2] irda: Only insert new objects into the global database via setsockopt", refsource: "MLIST", url: "https://www.spinics.net/lists/stable/msg255035.html", }, { name: "USN-3777-1", refsource: "UBUNTU", url: "https://usn.ubuntu.com/3777-1/", }, { name: "USN-3775-1", refsource: "UBUNTU", url: "https://usn.ubuntu.com/3775-1/", }, { name: "[debian-lts-announce] 20181003 [SECURITY] [DLA 1531-1] linux-4.9 security update", refsource: "MLIST", url: "https://lists.debian.org/debian-lts-announce/2018/10/msg00003.html", }, { name: "DSA-4308", refsource: "DEBIAN", url: "https://www.debian.org/security/2018/dsa-4308", }, { name: "USN-3775-2", refsource: "UBUNTU", url: "https://usn.ubuntu.com/3775-2/", }, { name: "105304", refsource: "BID", url: "http://www.securityfocus.com/bid/105304", }, { name: "USN-3777-2", refsource: "UBUNTU", url: "https://usn.ubuntu.com/3777-2/", }, { name: "[stable] 20180904 [PATCH 2/2] irda: Only insert new objects into the global database via setsockopt", refsource: "MLIST", url: "https://www.spinics.net/lists/stable/msg255031.html", }, { name: "USN-3777-3", refsource: "UBUNTU", url: "https://usn.ubuntu.com/3777-3/", }, ], }, source: { discovery: "UNKNOWN", }, }, "nvd.nist.gov": { configurations: { CVE_data_version: "4.0", nodes: [ { children: [], cpe_match: [ { cpe23Uri: "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", cpe_name: [], versionEndExcluding: "4.17", vulnerable: true, }, ], operator: "OR", }, { children: [], cpe_match: [ { cpe23Uri: "cpe:2.3:o:canonical:ubuntu_linux:18.04:*:*:*:lts:*:*:*", cpe_name: [], vulnerable: true, }, { cpe23Uri: "cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:lts:*:*:*", cpe_name: [], vulnerable: true, }, { cpe23Uri: "cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:lts:*:*:*", cpe_name: [], vulnerable: true, }, { cpe23Uri: "cpe:2.3:o:canonical:ubuntu_linux:12.04:*:*:*:esm:*:*:*", cpe_name: [], vulnerable: true, }, { cpe23Uri: "cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*", cpe_name: [], vulnerable: true, }, { cpe23Uri: "cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*", cpe_name: [], vulnerable: true, }, ], operator: "OR", }, ], }, cve: { CVE_data_meta: { ASSIGNER: "security@ubuntu.com", ID: "CVE-2018-6555", }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "en", value: "The irda_setsockopt function in net/irda/af_irda.c and later in drivers/staging/irda/net/af_irda.c in the Linux kernel before 4.17 allows local users to cause a denial of service (ias_object use-after-free and system crash) or possibly have unspecified other impact via an AF_IRDA socket.", }, ], }, problemtype: { problemtype_data: [ { description: [ { lang: "en", value: "CWE-416", }, ], }, ], }, references: { reference_data: [ { name: "[stable] 20180904 [PATCH 2/2] irda: Only insert new objects into the global database via setsockopt", refsource: "MLIST", tags: [ "Patch", "Third Party Advisory", ], url: "https://www.spinics.net/lists/stable/msg255035.html", }, { name: "[stable] 20180904 [PATCH 2/2] irda: Only insert new objects into the global database via setsockopt", refsource: "MLIST", tags: [ "Patch", "Third Party Advisory", ], url: "https://www.spinics.net/lists/stable/msg255031.html", }, { name: "105304", refsource: "BID", tags: [ "Third Party Advisory", "VDB Entry", ], url: "http://www.securityfocus.com/bid/105304", }, { name: "DSA-4308", refsource: "DEBIAN", tags: [ "Third Party Advisory", ], url: "https://www.debian.org/security/2018/dsa-4308", }, { name: "USN-3777-2", refsource: "UBUNTU", tags: [ "Third Party Advisory", ], url: "https://usn.ubuntu.com/3777-2/", }, { name: "USN-3777-1", refsource: "UBUNTU", tags: [ "Third Party Advisory", ], url: "https://usn.ubuntu.com/3777-1/", }, { name: "USN-3776-2", refsource: "UBUNTU", tags: [ "Third Party Advisory", ], url: "https://usn.ubuntu.com/3776-2/", }, { name: "USN-3776-1", refsource: "UBUNTU", tags: [ "Third Party Advisory", ], url: "https://usn.ubuntu.com/3776-1/", }, { name: "USN-3775-2", refsource: "UBUNTU", tags: [ "Third Party Advisory", ], url: "https://usn.ubuntu.com/3775-2/", }, { name: "USN-3775-1", refsource: "UBUNTU", tags: [ "Third Party Advisory", ], url: "https://usn.ubuntu.com/3775-1/", }, { name: "[debian-lts-announce] 20181003 [SECURITY] [DLA 1531-1] linux-4.9 security update", refsource: "MLIST", tags: [ "Third Party Advisory", ], url: "https://lists.debian.org/debian-lts-announce/2018/10/msg00003.html", }, { name: "USN-3777-3", refsource: "UBUNTU", tags: [ "Third Party Advisory", ], url: "https://usn.ubuntu.com/3777-3/", }, ], }, }, impact: { baseMetricV2: { cvssV2: { accessComplexity: "LOW", accessVector: "LOCAL", authentication: "NONE", availabilityImpact: "COMPLETE", baseScore: 7.2, confidentialityImpact: "COMPLETE", integrityImpact: "COMPLETE", vectorString: "AV:L/AC:L/Au:N/C:C/I:C/A:C", version: "2.0", }, exploitabilityScore: 3.9, impactScore: 10, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, severity: "HIGH", userInteractionRequired: false, }, baseMetricV3: { cvssV3: { attackComplexity: "LOW", attackVector: "LOCAL", availabilityImpact: "HIGH", baseScore: 7.8, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "LOW", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", version: "3.0", }, exploitabilityScore: 1.8, impactScore: 5.9, }, }, lastModifiedDate: "2019-10-09T23:41Z", publishedDate: "2018-09-04T18:29Z", }, }, }
ghsa-p95m-33p3-2qfr
Vulnerability from github
Published
2022-05-13 01:32
Modified
2022-05-13 01:32
Severity ?
Details
The irda_setsockopt function in net/irda/af_irda.c and later in drivers/staging/irda/net/af_irda.c in the Linux kernel before 4.17 allows local users to cause a denial of service (ias_object use-after-free and system crash) or possibly have unspecified other impact via an AF_IRDA socket.
{ affected: [], aliases: [ "CVE-2018-6555", ], database_specific: { cwe_ids: [ "CWE-416", ], github_reviewed: false, github_reviewed_at: null, nvd_published_at: "2018-09-04T18:29:00Z", severity: "HIGH", }, details: "The irda_setsockopt function in net/irda/af_irda.c and later in drivers/staging/irda/net/af_irda.c in the Linux kernel before 4.17 allows local users to cause a denial of service (ias_object use-after-free and system crash) or possibly have unspecified other impact via an AF_IRDA socket.", id: "GHSA-p95m-33p3-2qfr", modified: "2022-05-13T01:32:00Z", published: "2022-05-13T01:32:00Z", references: [ { type: "ADVISORY", url: "https://nvd.nist.gov/vuln/detail/CVE-2018-6555", }, { type: "WEB", url: "https://lists.debian.org/debian-lts-announce/2018/10/msg00003.html", }, { type: "WEB", url: "https://usn.ubuntu.com/3775-1", }, { type: "WEB", url: "https://usn.ubuntu.com/3775-2", }, { type: "WEB", url: "https://usn.ubuntu.com/3776-1", }, { type: "WEB", url: "https://usn.ubuntu.com/3776-2", }, { type: "WEB", url: "https://usn.ubuntu.com/3777-1", }, { type: "WEB", url: "https://usn.ubuntu.com/3777-2", }, { type: "WEB", url: "https://usn.ubuntu.com/3777-3", }, { type: "WEB", url: "https://www.debian.org/security/2018/dsa-4308", }, { type: "WEB", url: "https://www.spinics.net/lists/stable/msg255031.html", }, { type: "WEB", url: "https://www.spinics.net/lists/stable/msg255035.html", }, { type: "WEB", url: "http://www.securityfocus.com/bid/105304", }, ], schema_version: "1.4.0", severity: [ { score: "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", type: "CVSS_V3", }, ], }
fkie_cve-2018-6555
Vulnerability from fkie_nvd
Published
2018-09-04 18:29
Modified
2024-11-21 04:10
Severity ?
Summary
The irda_setsockopt function in net/irda/af_irda.c and later in drivers/staging/irda/net/af_irda.c in the Linux kernel before 4.17 allows local users to cause a denial of service (ias_object use-after-free and system crash) or possibly have unspecified other impact via an AF_IRDA socket.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| linux | linux_kernel | * | |
| canonical | ubuntu_linux | 12.04 | |
| canonical | ubuntu_linux | 14.04 | |
| canonical | ubuntu_linux | 16.04 | |
| canonical | ubuntu_linux | 18.04 | |
| debian | debian_linux | 8.0 | |
| debian | debian_linux | 9.0 |
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", matchCriteriaId: "0667D0B1-8AC7-46D8-BB4B-68157115D405", versionEndExcluding: "4.17", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:canonical:ubuntu_linux:12.04:*:*:*:esm:*:*:*", matchCriteriaId: "8D305F7A-D159-4716-AB26-5E38BB5CD991", vulnerable: true, }, { criteria: "cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:lts:*:*:*", matchCriteriaId: "B5A6F2F3-4894-4392-8296-3B8DD2679084", vulnerable: true, }, { criteria: "cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:lts:*:*:*", matchCriteriaId: "F7016A2A-8365-4F1A-89A2-7A19F2BCAE5B", vulnerable: true, }, { criteria: "cpe:2.3:o:canonical:ubuntu_linux:18.04:*:*:*:lts:*:*:*", matchCriteriaId: "23A7C53F-B80F-4E6A-AFA9-58EEA84BE11D", vulnerable: true, }, { criteria: "cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*", matchCriteriaId: "C11E6FB0-C8C0-4527-9AA0-CB9B316F8F43", vulnerable: true, }, { criteria: "cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*", matchCriteriaId: "DEECE5FC-CACF-4496-A3E7-164736409252", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, ], cveTags: [], descriptions: [ { lang: "en", value: "The irda_setsockopt function in net/irda/af_irda.c and later in drivers/staging/irda/net/af_irda.c in the Linux kernel before 4.17 allows local users to cause a denial of service (ias_object use-after-free and system crash) or possibly have unspecified other impact via an AF_IRDA socket.", }, { lang: "es", value: "La función irda_setsockopt en net/irda/af_irda.c y siguientes en drivers/staging/irda/net/af_irda.c en el kernel de Linux en versiones anteriores a la 4.17 permite que usuarios locales provoquen una denegación de servicio (uso de memoria previamente liberada en ias_object y cierre inesperado del sistema) o cualquier otro tipo de impacto sin especificar mediante un socket AF_IRDA.", }, ], id: "CVE-2018-6555", lastModified: "2024-11-21T04:10:53.823", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "HIGH", cvssData: { accessComplexity: "LOW", accessVector: "LOCAL", authentication: "NONE", availabilityImpact: "COMPLETE", baseScore: 7.2, confidentialityImpact: "COMPLETE", integrityImpact: "COMPLETE", vectorString: "AV:L/AC:L/Au:N/C:C/I:C/A:C", version: "2.0", }, exploitabilityScore: 3.9, impactScore: 10, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: false, }, ], cvssMetricV30: [ { cvssData: { attackComplexity: "LOW", attackVector: "LOCAL", availabilityImpact: "HIGH", baseScore: 7.8, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "LOW", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", version: "3.0", }, exploitabilityScore: 1.8, impactScore: 5.9, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2018-09-04T18:29:00.470", references: [ { source: "security@ubuntu.com", tags: [ "Third Party Advisory", "VDB Entry", ], url: "http://www.securityfocus.com/bid/105304", }, { source: "security@ubuntu.com", tags: [ "Third Party Advisory", ], url: "https://lists.debian.org/debian-lts-announce/2018/10/msg00003.html", }, { source: "security@ubuntu.com", tags: [ "Third Party Advisory", ], url: "https://usn.ubuntu.com/3775-1/", }, { source: "security@ubuntu.com", tags: [ "Third Party Advisory", ], url: "https://usn.ubuntu.com/3775-2/", }, { source: "security@ubuntu.com", tags: [ "Third Party Advisory", ], url: "https://usn.ubuntu.com/3776-1/", }, { source: "security@ubuntu.com", tags: [ "Third Party Advisory", ], url: "https://usn.ubuntu.com/3776-2/", }, { source: "security@ubuntu.com", tags: [ "Third Party Advisory", ], url: "https://usn.ubuntu.com/3777-1/", }, { source: "security@ubuntu.com", tags: [ "Third Party Advisory", ], url: "https://usn.ubuntu.com/3777-2/", }, { source: "security@ubuntu.com", tags: [ "Third Party Advisory", ], url: "https://usn.ubuntu.com/3777-3/", }, { source: "security@ubuntu.com", tags: [ "Third Party Advisory", ], url: "https://www.debian.org/security/2018/dsa-4308", }, { source: "security@ubuntu.com", tags: [ "Patch", "Third Party Advisory", ], url: "https://www.spinics.net/lists/stable/msg255031.html", }, { source: "security@ubuntu.com", tags: [ "Patch", "Third Party Advisory", ], url: "https://www.spinics.net/lists/stable/msg255035.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", "VDB Entry", ], url: "http://www.securityfocus.com/bid/105304", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "https://lists.debian.org/debian-lts-announce/2018/10/msg00003.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "https://usn.ubuntu.com/3775-1/", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "https://usn.ubuntu.com/3775-2/", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "https://usn.ubuntu.com/3776-1/", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "https://usn.ubuntu.com/3776-2/", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "https://usn.ubuntu.com/3777-1/", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "https://usn.ubuntu.com/3777-2/", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "https://usn.ubuntu.com/3777-3/", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "https://www.debian.org/security/2018/dsa-4308", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Patch", "Third Party Advisory", ], url: "https://www.spinics.net/lists/stable/msg255031.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Patch", "Third Party Advisory", ], url: "https://www.spinics.net/lists/stable/msg255035.html", }, ], sourceIdentifier: "security@ubuntu.com", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-416", }, ], source: "security@ubuntu.com", type: "Secondary", }, { description: [ { lang: "en", value: "CWE-416", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Log in or create an account to share your comment.
Security Advisory comment format.
This schema specifies the format of a comment related to a security advisory.
UUIDv4 of the comment
UUIDv4 of the Vulnerability-Lookup instance
When the comment was created originally
When the comment was last updated
Title of the comment
Description of the comment
The identifier of the vulnerability (CVE ID, GHSA-ID, PYSEC ID, etc.).
Loading…
Loading…
Loading…
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
- Confirmed: The vulnerability is confirmed from an analyst perspective.
- Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
- Patched: This vulnerability was successfully patched by the user reporting the sighting.
- Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
- Not confirmed: The user expresses doubt about the veracity of the vulnerability.
- Not patched: This vulnerability was not successfully patched by the user reporting the sighting.