SUSE-SU-2017:0471-1
Vulnerability from csaf_suse - Published: 2017-02-15 16:20 - Updated: 2017-02-15 16:20Summary
Security update for the Linux Kernel
Severity
Important
Notes
Title of the patch: Security update for the Linux Kernel
Description of the patch:
The SUSE Linux Enterprise 12 GA LTSS kernel was updated to 3.12.61 to receive various security and bugfixes.
The following feature was implemented:
- The ext2 filesystem got reenabled and supported to allow support for 'XIP' (Execute In Place) (FATE#320805).
The following security bugs were fixed:
- CVE-2017-5551: The tmpfs filesystem implementation in the Linux kernel preserved the setgid bit during a setxattr call, which allowed local users to gain group privileges by leveraging the existence of a setgid program with restrictions on execute permissions (bsc#1021258).
- CVE-2016-7097: The filesystem implementation in the Linux kernel preserved the setgid bit during a setxattr call, which allowed local users to gain group privileges by leveraging the existence of a setgid program with restrictions on execute permissions (bnc#995968).
- CVE-2017-2583: A Linux kernel built with the Kernel-based Virtual Machine (CONFIG_KVM) support was vulnerable to an incorrect segment selector(SS) value error. A user/process inside guest could have used this flaw to crash the guest resulting in DoS or potentially escalate their privileges inside guest. (bsc#1020602).
- CVE-2017-2584: arch/x86/kvm/emulate.c in the Linux kernel allowed local users to obtain sensitive information from kernel memory or cause a denial of service (use-after-free) via a crafted application that leverages instruction emulation for fxrstor, fxsave, sgdt, and sidt (bnc#1019851).
- CVE-2016-10088: The sg implementation in the Linux kernel did not properly restrict write operations in situations where the KERNEL_DS option is set, which allowed local users to read or write to arbitrary kernel memory locations or cause a denial of service (use-after-free) by leveraging access to a /dev/sg device, related to block/bsg.c and drivers/scsi/sg.c. NOTE: this vulnerability exists because of an incomplete fix for CVE-2016-9576 (bnc#1017710).
- CVE-2016-8645: The TCP stack in the Linux kernel mishandled skb truncation, which allowed local users to cause a denial of service (system crash) via a crafted application that made sendto system calls, related to net/ipv4/tcp_ipv4.c and net/ipv6/tcp_ipv6.c (bnc#1009969).
- CVE-2016-8399: An elevation of privilege vulnerability in the kernel networking subsystem could enable a local malicious application to execute arbitrary code within the context of the kernel. This issue is rated as Moderate because it first requires compromising a privileged process and current compiler optimizations restrict access to the vulnerable code. Product: Android. Versions: Kernel-3.10, Kernel-3.18. Android ID: A-31349935 (bnc#1014746).
- CVE-2016-9806: Race condition in the netlink_dump function in net/netlink/af_netlink.c in the Linux kernel allowed local users to cause a denial of service (double free) or possibly have unspecified other impact via a crafted application that made sendmsg system calls, leading to a free operation associated with a new dump that started earlier than anticipated (bnc#1013540).
- CVE-2016-9756: arch/x86/kvm/emulate.c in the Linux kernel did not properly initialize Code Segment (CS) in certain error cases, which allowed local users to obtain sensitive information from kernel stack memory via a crafted application (bnc#1013038).
- CVE-2016-9793: The sock_setsockopt function in net/core/sock.c in the Linux kernel mishandled negative values of sk_sndbuf and sk_rcvbuf, which allowed local users to cause a denial of service (memory corruption and system crash) or possibly have unspecified other impact by leveraging the CAP_NET_ADMIN capability for a crafted setsockopt system call with the (1) SO_SNDBUFFORCE or (2) SO_RCVBUFFORCE option (bnc#1013531).
- CVE-2016-7910: Use-after-free vulnerability in the disk_seqf_stop function in block/genhd.c in the Linux kernel allowed local users to gain privileges by leveraging the execution of a certain stop operation even if the corresponding start operation had failed (bnc#1010716).
- CVE-2015-8962: Double free vulnerability in the sg_common_write function in drivers/scsi/sg.c in the Linux kernel allowed local users to gain privileges or cause a denial of service (memory corruption and system crash) by detaching a device during an SG_IO ioctl call (bnc#1010501).
- CVE-2016-7913: The xc2028_set_config function in drivers/media/tuners/tuner-xc2028.c in the Linux kernel allowed local users to gain privileges or cause a denial of service (use-after-free) via vectors involving omission of the firmware name from a certain data structure (bnc#1010478).
- CVE-2016-7911: Race condition in the get_task_ioprio function in block/ioprio.c in the Linux kernel allowed local users to gain privileges or cause a denial of service (use-after-free) via a crafted ioprio_get system call (bnc#1010711).
- CVE-2015-8964: The tty_set_termios_ldisc function in drivers/tty/tty_ldisc.c in the Linux kernel allowed local users to obtain sensitive information from kernel memory by reading a tty data structure (bnc#1010507).
- CVE-2015-8963: Race condition in kernel/events/core.c in the Linux kernel allowed local users to gain privileges or cause a denial of service (use-after-free) by leveraging incorrect handling of an swevent data structure during a CPU unplug operation (bnc#1010502).
- CVE-2016-7914: The assoc_array_insert_into_terminal_node function in lib/assoc_array.c in the Linux kernel did not check whether a slot is a leaf, which allowed local users to obtain sensitive information from kernel memory or cause a denial of service (invalid pointer dereference and out-of-bounds read) via an application that uses associative-array data structures, as demonstrated by the keyutils test suite (bnc#1010475).
- CVE-2016-8633: drivers/firewire/net.c in the Linux kernel allowed remote attackers to execute arbitrary code via crafted fragmented packets (bnc#1008833).
- CVE-2016-9083: drivers/vfio/pci/vfio_pci.c in the Linux kernel allowed local users to bypass integer overflow checks, and cause a denial of service (memory corruption) or have unspecified other impact, by leveraging access to a vfio PCI device file for a VFIO_DEVICE_SET_IRQS ioctl call, aka a 'state machine confusion bug (bnc#1007197).
- CVE-2016-9084: drivers/vfio/pci/vfio_pci_intrs.c in the Linux kernel misused the kzalloc function, which allowed local users to cause a denial of service (integer overflow) or have unspecified other impact by leveraging access to a vfio PCI device file (bnc#1007197).
- CVE-2016-7042: The proc_keys_show function in security/keys/proc.c in the Linux kernel uses an incorrect buffer size for certain timeout data, which allowed local users to cause a denial of service (stack memory corruption and panic) by reading the /proc/keys file (bnc#1004517).
- CVE-2015-8956: The rfcomm_sock_bind function in net/bluetooth/rfcomm/sock.c in the Linux kernel allowed local users to obtain sensitive information or cause a denial of service (NULL pointer dereference) via vectors involving a bind system call on a Bluetooth RFCOMM socket (bnc#1003925).
- CVE-2016-8658: Stack-based buffer overflow in the brcmf_cfg80211_start_ap function in drivers/net/wireless/broadcom/brcm80211/brcmfmac/cfg80211.c in the Linux kernel allowed local users to cause a denial of service (system crash) or possibly have unspecified other impact via a long SSID Information Element in a command to a Netlink socket (bnc#1004462).
- CVE-2016-7425: The arcmsr_iop_message_xfer function in drivers/scsi/arcmsr/arcmsr_hba.c in the Linux kernel did not restrict a certain length field, which allowed local users to gain privileges or cause a denial of service (heap-based buffer overflow) via an ARCMSR_MESSAGE_WRITE_WQBUFFER control code (bnc#999932).
- CVE-2016-6327: drivers/infiniband/ulp/srpt/ib_srpt.c in the Linux kernel allowed local users to cause a denial of service (NULL pointer dereference and system crash) by using an ABORT_TASK command to abort a device write operation (bnc#994748).
- CVE-2016-6828: The tcp_check_send_head function in include/net/tcp.h in the Linux kernel did not properly maintain certain SACK state after a failed data copy, which allowed local users to cause a denial of service (tcp_xmit_retransmit_queue use-after-free and system crash) via a crafted SACK option (bnc#994296).
- CVE-2016-5696: net/ipv4/tcp_input.c in the Linux kernel did not properly determine the rate of challenge ACK segments, which made it easier for remote attackers to hijack TCP sessions via a blind in-window attack (bnc#989152).
- CVE-2016-6130: Race condition in the sclp_ctl_ioctl_sccb function in drivers/s390/char/sclp_ctl.c in the Linux kernel allowed local users to obtain sensitive information from kernel memory by changing a certain length value, aka a 'double fetch' vulnerability (bnc#987542).
- CVE-2016-6480: Race condition in the ioctl_send_fib function in drivers/scsi/aacraid/commctrl.c in the Linux kernel allowed local users to cause a denial of service (out-of-bounds access or system crash) by changing a certain size value, aka a 'double fetch' vulnerability (bnc#991608).
- CVE-2016-4998: The IPT_SO_SET_REPLACE setsockopt implementation in the netfilter subsystem in the Linux kernel allowed local users to cause a denial of service (out-of-bounds read) or possibly obtain sensitive information from kernel heap memory by leveraging in-container root access to provide a crafted offset value that leads to crossing a ruleset blob boundary (bnc#986362 bnc#986365).
- CVE-2016-5828: The start_thread function in arch/powerpc/kernel/process.c in the Linux kernel on powerpc platforms mishandled transactional state, which allowed local users to cause a denial of service (invalid process state or TM Bad Thing exception, and system crash) or possibly have unspecified other impact by starting and suspending a transaction before an exec system call (bnc#986569).
- CVE-2014-9904: The snd_compress_check_input function in sound/core/compress_offload.c in the ALSA subsystem in the Linux kernel did not properly check for an integer overflow, which allowed local users to cause a denial of service (insufficient memory allocation) or possibly have unspecified other impact via a crafted SNDRV_COMPRESS_SET_PARAMS ioctl call (bnc#986811).
- CVE-2016-5829: Multiple heap-based buffer overflows in the hiddev_ioctl_usage function in drivers/hid/usbhid/hiddev.c in the Linux kernel allow local users to cause a denial of service or possibly have unspecified other impact via a crafted (1) HIDIOCGUSAGES or (2) HIDIOCSUSAGES ioctl call (bnc#986572).
- CVE-2016-4470: The key_reject_and_link function in security/keys/key.c in the Linux kernel did not ensure that a certain data structure is initialized, which allowed local users to cause a denial of service (system crash) via vectors involving a crafted keyctl request2 command (bnc#984755).
The following non-security bugs were fixed:
- base: make module_create_drivers_dir race-free (bnc#983977).
- btrfs-8448-improve-performance-on-fsync-against-new-inode.patch: Disable (bsc#981597).
- btrfs: account for non-CoW'd blocks in btrfs_abort_transaction (bsc#983619).
- btrfs: be more precise on errors when getting an inode from disk (bsc#981038).
- btrfs: do not create or leak aliased root while cleaning up orphans (bsc#994881).
- btrfs: ensure that file descriptor used with subvol ioctls is a dir (bsc#999600).
- btrfs: fix relocation incorrectly dropping data references (bsc#990384).
- btrfs: handle quota reserve failure properly (bsc#1005666).
- btrfs: improve performance on fsync against new inode after rename/unlink (bsc#981038).
- btrfs: increment ctx->pos for every emitted or skipped dirent in readdir (bsc#981709).
- btrfs: remove old tree_root dirent processing in btrfs_real_readdir() (bsc#981709).
- cdc-acm: added sanity checking for probe() (bsc#993891).
- ext2: Enable ext2 driver in config files (bsc#976195, fate#320805)
- ext4: Add parameter for tuning handling of ext2 (bsc#976195).
- ext4: Fixup handling for custom configs in tuning.
- ftrace/x86: Set ftrace_stub to weak to prevent gcc from using short jumps to it (bsc#984419).
- ipv6: Fix improper use or RCU in patches.kabi/ipv6-add-complete-rcu-protection-around-np-opt.kabi.patch. (bsc#961257)
- ipv6: KABI workaround for ipv6: add complete rcu protection around np->opt.
- kabi: prevent spurious modversion changes after bsc#982544 fix (bsc#982544).
- kabi: reintroduce sk_filter (kabi).
- kaweth: fix firmware download (bsc#993890).
- kaweth: fix oops upon failed memory allocation (bsc#993890).
- kgraft/iscsi-target: Do not block kGraft in iscsi_np kthread (bsc#1010612, fate#313296).
- kgraft/xen: Do not block kGraft in xenbus kthread (bsc#1017410, fate#313296).
- kgr: ignore zombie tasks during the patching (bnc#1008979).
- mm/swap.c: flush lru pvecs on compound page arrival (bnc#983721).
- mm: thp: fix SMP race condition between THP page fault and MADV_DONTNEED (VM Functionality, bnc#986445).
- modsign: Print appropriate status message when accessing UEFI variable (bsc#958606).
- mpi: Fix NULL ptr dereference in mpi_powm() [ver #3] (bsc#1011820).
- mpt3sas: Fix panic when aer correct error occurred (bsc#997708, bsc#999943).
- netfilter: allow logging fron non-init netns (bsc#970083).
- netfilter: bridge: do not leak skb in error paths (bsc#982544).
- netfilter: bridge: forward IPv6 fragmented packets (bsc#982544).
- netfilter: bridge: Use __in6_dev_get rather than in6_dev_get in br_validate_ipv6 (bsc#982544).
- nfs: Do not write enable new pages while an invalidation is proceeding (bsc#999584).
- nfs: Fix a regression in the read() syscall (bsc#999584).
- pci/aer: Clear error status registers during enumeration and restore (bsc#985978).
- ppp: defer netns reference release for ppp channel (bsc#980371).
- reiserfs: fix race in prealloc discard (bsc#987576).
- scsi: ibmvfc: Fix I/O hang when port is not mapped (bsc#971989)
- scsi: Increase REPORT_LUNS timeout (bsc#982282).
- series.conf: move stray netfilter patches to the right section
- squashfs3: properly handle dir_emit() failures (bsc#998795).
- supported.conf: Add ext2
- timers: Use proper base migration in add_timer_on() (bnc#993392).
- tty: audit: Fix audit source (bsc#1016482).
- tty: Prevent ldisc drivers from re-using stale tty fields (bnc#1010507).
- usb: fix typo in wMaxPacketSize validation (bsc#991665).
- usb: validate wMaxPacketValue entries in endpoint descriptors (bnc#991665).
- xen: Fix refcnt regression in xen netback introduced by changes made for bug#881008 (bnc#978094)
- xfs: allow lazy sb counter sync during filesystem freeze sequence (bsc#980560).
- xfs: fixed signedness of error code in xfs_inode_buf_verify (bsc#1003153).
- xfs: fix premature enospc on inode allocation (bsc#984148).
- xfs: get rid of XFS_IALLOC_BLOCKS macros (bsc#984148).
- xfs: get rid of XFS_INODE_CLUSTER_SIZE macros (bsc#984148).
- xfs: refactor xlog_recover_process_data() (bsc#1019300).
- xfs: Silence warnings in xfs_vm_releasepage() (bnc#915183 bsc#987565).
- xhci: silence warnings in switch (bnc#991665).
Patchnames: SUSE-SLE-Module-Public-Cloud-12-2017-247,SUSE-SLE-SAP-12-2017-247,SUSE-SLE-SERVER-12-2017-247
Terms of use: CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).
7.8 (High)
Vendor Fix
To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch".
6.1 (Medium)
Vendor Fix
To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch".
Vendor Fix
To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch".
Vendor Fix
To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch".
Vendor Fix
To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch".
Vendor Fix
To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch".
5.5 (Medium)
Vendor Fix
To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch".
7.8 (High)
Vendor Fix
To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch".
4.8 (Medium)
Vendor Fix
To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch".
7.8 (High)
Vendor Fix
To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch".
7.8 (High)
Vendor Fix
To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch".
Vendor Fix
To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch".
5.5 (Medium)
Vendor Fix
To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch".
5.1 (Medium)
Vendor Fix
To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch".
5.5 (Medium)
Vendor Fix
To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch".
6.2 (Medium)
Vendor Fix
To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch".
4.4 (Medium)
Vendor Fix
To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch".
7.8 (High)
Vendor Fix
To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch".
Vendor Fix
To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch".
7.8 (High)
Vendor Fix
To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch".
7.8 (High)
Vendor Fix
To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch".
6.2 (Medium)
Vendor Fix
To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch".
Vendor Fix
To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch".
6.8 (Medium)
Vendor Fix
To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch".
5.5 (Medium)
Vendor Fix
To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch".
6.1 (Medium)
Vendor Fix
To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch".
7.8 (High)
Vendor Fix
To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch".
7.8 (High)
Vendor Fix
To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch".
4.1 (Medium)
Vendor Fix
To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch".
7.8 (High)
Vendor Fix
To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch".
7.8 (High)
Vendor Fix
To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch".
8.4 (High)
Vendor Fix
To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch".
7.1 (High)
Vendor Fix
To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch".
4.4 (Medium)
Vendor Fix
To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch".
References
{
"document": {
"aggregate_severity": {
"namespace": "https://www.suse.com/support/security/rating/",
"text": "important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright 2024 SUSE LLC. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "Security update for the Linux Kernel",
"title": "Title of the patch"
},
{
"category": "description",
"text": "\n\nThe SUSE Linux Enterprise 12 GA LTSS kernel was updated to 3.12.61 to receive various security and bugfixes.\n\nThe following feature was implemented:\n\n- The ext2 filesystem got reenabled and supported to allow support for \u0027XIP\u0027 (Execute In Place) (FATE#320805).\n\n\nThe following security bugs were fixed:\n\n- CVE-2017-5551: The tmpfs filesystem implementation in the Linux kernel preserved the setgid bit during a setxattr call, which allowed local users to gain group privileges by leveraging the existence of a setgid program with restrictions on execute permissions (bsc#1021258).\n- CVE-2016-7097: The filesystem implementation in the Linux kernel preserved the setgid bit during a setxattr call, which allowed local users to gain group privileges by leveraging the existence of a setgid program with restrictions on execute permissions (bnc#995968).\n- CVE-2017-2583: A Linux kernel built with the Kernel-based Virtual Machine (CONFIG_KVM) support was vulnerable to an incorrect segment selector(SS) value error. A user/process inside guest could have used this flaw to crash the guest resulting in DoS or potentially escalate their privileges inside guest. (bsc#1020602).\n- CVE-2017-2584: arch/x86/kvm/emulate.c in the Linux kernel allowed local users to obtain sensitive information from kernel memory or cause a denial of service (use-after-free) via a crafted application that leverages instruction emulation for fxrstor, fxsave, sgdt, and sidt (bnc#1019851).\n- CVE-2016-10088: The sg implementation in the Linux kernel did not properly restrict write operations in situations where the KERNEL_DS option is set, which allowed local users to read or write to arbitrary kernel memory locations or cause a denial of service (use-after-free) by leveraging access to a /dev/sg device, related to block/bsg.c and drivers/scsi/sg.c. NOTE: this vulnerability exists because of an incomplete fix for CVE-2016-9576 (bnc#1017710).\n- CVE-2016-8645: The TCP stack in the Linux kernel mishandled skb truncation, which allowed local users to cause a denial of service (system crash) via a crafted application that made sendto system calls, related to net/ipv4/tcp_ipv4.c and net/ipv6/tcp_ipv6.c (bnc#1009969).\n- CVE-2016-8399: An elevation of privilege vulnerability in the kernel networking subsystem could enable a local malicious application to execute arbitrary code within the context of the kernel. This issue is rated as Moderate because it first requires compromising a privileged process and current compiler optimizations restrict access to the vulnerable code. Product: Android. Versions: Kernel-3.10, Kernel-3.18. Android ID: A-31349935 (bnc#1014746).\n- CVE-2016-9806: Race condition in the netlink_dump function in net/netlink/af_netlink.c in the Linux kernel allowed local users to cause a denial of service (double free) or possibly have unspecified other impact via a crafted application that made sendmsg system calls, leading to a free operation associated with a new dump that started earlier than anticipated (bnc#1013540).\n- CVE-2016-9756: arch/x86/kvm/emulate.c in the Linux kernel did not properly initialize Code Segment (CS) in certain error cases, which allowed local users to obtain sensitive information from kernel stack memory via a crafted application (bnc#1013038).\n- CVE-2016-9793: The sock_setsockopt function in net/core/sock.c in the Linux kernel mishandled negative values of sk_sndbuf and sk_rcvbuf, which allowed local users to cause a denial of service (memory corruption and system crash) or possibly have unspecified other impact by leveraging the CAP_NET_ADMIN capability for a crafted setsockopt system call with the (1) SO_SNDBUFFORCE or (2) SO_RCVBUFFORCE option (bnc#1013531).\n- CVE-2016-7910: Use-after-free vulnerability in the disk_seqf_stop function in block/genhd.c in the Linux kernel allowed local users to gain privileges by leveraging the execution of a certain stop operation even if the corresponding start operation had failed (bnc#1010716).\n- CVE-2015-8962: Double free vulnerability in the sg_common_write function in drivers/scsi/sg.c in the Linux kernel allowed local users to gain privileges or cause a denial of service (memory corruption and system crash) by detaching a device during an SG_IO ioctl call (bnc#1010501).\n- CVE-2016-7913: The xc2028_set_config function in drivers/media/tuners/tuner-xc2028.c in the Linux kernel allowed local users to gain privileges or cause a denial of service (use-after-free) via vectors involving omission of the firmware name from a certain data structure (bnc#1010478).\n- CVE-2016-7911: Race condition in the get_task_ioprio function in block/ioprio.c in the Linux kernel allowed local users to gain privileges or cause a denial of service (use-after-free) via a crafted ioprio_get system call (bnc#1010711).\n- CVE-2015-8964: The tty_set_termios_ldisc function in drivers/tty/tty_ldisc.c in the Linux kernel allowed local users to obtain sensitive information from kernel memory by reading a tty data structure (bnc#1010507).\n- CVE-2015-8963: Race condition in kernel/events/core.c in the Linux kernel allowed local users to gain privileges or cause a denial of service (use-after-free) by leveraging incorrect handling of an swevent data structure during a CPU unplug operation (bnc#1010502).\n- CVE-2016-7914: The assoc_array_insert_into_terminal_node function in lib/assoc_array.c in the Linux kernel did not check whether a slot is a leaf, which allowed local users to obtain sensitive information from kernel memory or cause a denial of service (invalid pointer dereference and out-of-bounds read) via an application that uses associative-array data structures, as demonstrated by the keyutils test suite (bnc#1010475).\n- CVE-2016-8633: drivers/firewire/net.c in the Linux kernel allowed remote attackers to execute arbitrary code via crafted fragmented packets (bnc#1008833).\n- CVE-2016-9083: drivers/vfio/pci/vfio_pci.c in the Linux kernel allowed local users to bypass integer overflow checks, and cause a denial of service (memory corruption) or have unspecified other impact, by leveraging access to a vfio PCI device file for a VFIO_DEVICE_SET_IRQS ioctl call, aka a \u0027state machine confusion bug (bnc#1007197).\n- CVE-2016-9084: drivers/vfio/pci/vfio_pci_intrs.c in the Linux kernel misused the kzalloc function, which allowed local users to cause a denial of service (integer overflow) or have unspecified other impact by leveraging access to a vfio PCI device file (bnc#1007197).\n- CVE-2016-7042: The proc_keys_show function in security/keys/proc.c in the Linux kernel uses an incorrect buffer size for certain timeout data, which allowed local users to cause a denial of service (stack memory corruption and panic) by reading the /proc/keys file (bnc#1004517).\n- CVE-2015-8956: The rfcomm_sock_bind function in net/bluetooth/rfcomm/sock.c in the Linux kernel allowed local users to obtain sensitive information or cause a denial of service (NULL pointer dereference) via vectors involving a bind system call on a Bluetooth RFCOMM socket (bnc#1003925).\n- CVE-2016-8658: Stack-based buffer overflow in the brcmf_cfg80211_start_ap function in drivers/net/wireless/broadcom/brcm80211/brcmfmac/cfg80211.c in the Linux kernel allowed local users to cause a denial of service (system crash) or possibly have unspecified other impact via a long SSID Information Element in a command to a Netlink socket (bnc#1004462).\n- CVE-2016-7425: The arcmsr_iop_message_xfer function in drivers/scsi/arcmsr/arcmsr_hba.c in the Linux kernel did not restrict a certain length field, which allowed local users to gain privileges or cause a denial of service (heap-based buffer overflow) via an ARCMSR_MESSAGE_WRITE_WQBUFFER control code (bnc#999932).\n- CVE-2016-6327: drivers/infiniband/ulp/srpt/ib_srpt.c in the Linux kernel allowed local users to cause a denial of service (NULL pointer dereference and system crash) by using an ABORT_TASK command to abort a device write operation (bnc#994748).\n- CVE-2016-6828: The tcp_check_send_head function in include/net/tcp.h in the Linux kernel did not properly maintain certain SACK state after a failed data copy, which allowed local users to cause a denial of service (tcp_xmit_retransmit_queue use-after-free and system crash) via a crafted SACK option (bnc#994296).\n- CVE-2016-5696: net/ipv4/tcp_input.c in the Linux kernel did not properly determine the rate of challenge ACK segments, which made it easier for remote attackers to hijack TCP sessions via a blind in-window attack (bnc#989152).\n- CVE-2016-6130: Race condition in the sclp_ctl_ioctl_sccb function in drivers/s390/char/sclp_ctl.c in the Linux kernel allowed local users to obtain sensitive information from kernel memory by changing a certain length value, aka a \u0027double fetch\u0027 vulnerability (bnc#987542).\n- CVE-2016-6480: Race condition in the ioctl_send_fib function in drivers/scsi/aacraid/commctrl.c in the Linux kernel allowed local users to cause a denial of service (out-of-bounds access or system crash) by changing a certain size value, aka a \u0027double fetch\u0027 vulnerability (bnc#991608).\n- CVE-2016-4998: The IPT_SO_SET_REPLACE setsockopt implementation in the netfilter subsystem in the Linux kernel allowed local users to cause a denial of service (out-of-bounds read) or possibly obtain sensitive information from kernel heap memory by leveraging in-container root access to provide a crafted offset value that leads to crossing a ruleset blob boundary (bnc#986362 bnc#986365).\n- CVE-2016-5828: The start_thread function in arch/powerpc/kernel/process.c in the Linux kernel on powerpc platforms mishandled transactional state, which allowed local users to cause a denial of service (invalid process state or TM Bad Thing exception, and system crash) or possibly have unspecified other impact by starting and suspending a transaction before an exec system call (bnc#986569).\n- CVE-2014-9904: The snd_compress_check_input function in sound/core/compress_offload.c in the ALSA subsystem in the Linux kernel did not properly check for an integer overflow, which allowed local users to cause a denial of service (insufficient memory allocation) or possibly have unspecified other impact via a crafted SNDRV_COMPRESS_SET_PARAMS ioctl call (bnc#986811).\n- CVE-2016-5829: Multiple heap-based buffer overflows in the hiddev_ioctl_usage function in drivers/hid/usbhid/hiddev.c in the Linux kernel allow local users to cause a denial of service or possibly have unspecified other impact via a crafted (1) HIDIOCGUSAGES or (2) HIDIOCSUSAGES ioctl call (bnc#986572).\n- CVE-2016-4470: The key_reject_and_link function in security/keys/key.c in the Linux kernel did not ensure that a certain data structure is initialized, which allowed local users to cause a denial of service (system crash) via vectors involving a crafted keyctl request2 command (bnc#984755).\n\nThe following non-security bugs were fixed:\n\n- base: make module_create_drivers_dir race-free (bnc#983977).\n- btrfs-8448-improve-performance-on-fsync-against-new-inode.patch: Disable (bsc#981597).\n- btrfs: account for non-CoW\u0027d blocks in btrfs_abort_transaction (bsc#983619).\n- btrfs: be more precise on errors when getting an inode from disk (bsc#981038).\n- btrfs: do not create or leak aliased root while cleaning up orphans (bsc#994881).\n- btrfs: ensure that file descriptor used with subvol ioctls is a dir (bsc#999600).\n- btrfs: fix relocation incorrectly dropping data references (bsc#990384).\n- btrfs: handle quota reserve failure properly (bsc#1005666).\n- btrfs: improve performance on fsync against new inode after rename/unlink (bsc#981038).\n- btrfs: increment ctx-\u003epos for every emitted or skipped dirent in readdir (bsc#981709).\n- btrfs: remove old tree_root dirent processing in btrfs_real_readdir() (bsc#981709).\n- cdc-acm: added sanity checking for probe() (bsc#993891).\n- ext2: Enable ext2 driver in config files (bsc#976195, fate#320805)\n- ext4: Add parameter for tuning handling of ext2 (bsc#976195).\n- ext4: Fixup handling for custom configs in tuning.\n- ftrace/x86: Set ftrace_stub to weak to prevent gcc from using short jumps to it (bsc#984419).\n- ipv6: Fix improper use or RCU in patches.kabi/ipv6-add-complete-rcu-protection-around-np-opt.kabi.patch. (bsc#961257)\n- ipv6: KABI workaround for ipv6: add complete rcu protection around np-\u003eopt.\n- kabi: prevent spurious modversion changes after bsc#982544 fix (bsc#982544).\n- kabi: reintroduce sk_filter (kabi).\n- kaweth: fix firmware download (bsc#993890).\n- kaweth: fix oops upon failed memory allocation (bsc#993890).\n- kgraft/iscsi-target: Do not block kGraft in iscsi_np kthread (bsc#1010612, fate#313296).\n- kgraft/xen: Do not block kGraft in xenbus kthread (bsc#1017410, fate#313296).\n- kgr: ignore zombie tasks during the patching (bnc#1008979).\n- mm/swap.c: flush lru pvecs on compound page arrival (bnc#983721).\n- mm: thp: fix SMP race condition between THP page fault and MADV_DONTNEED (VM Functionality, bnc#986445).\n- modsign: Print appropriate status message when accessing UEFI variable (bsc#958606).\n- mpi: Fix NULL ptr dereference in mpi_powm() [ver #3] (bsc#1011820).\n- mpt3sas: Fix panic when aer correct error occurred (bsc#997708, bsc#999943).\n- netfilter: allow logging fron non-init netns (bsc#970083).\n- netfilter: bridge: do not leak skb in error paths (bsc#982544).\n- netfilter: bridge: forward IPv6 fragmented packets (bsc#982544).\n- netfilter: bridge: Use __in6_dev_get rather than in6_dev_get in br_validate_ipv6 (bsc#982544).\n- nfs: Do not write enable new pages while an invalidation is proceeding (bsc#999584).\n- nfs: Fix a regression in the read() syscall (bsc#999584).\n- pci/aer: Clear error status registers during enumeration and restore (bsc#985978).\n- ppp: defer netns reference release for ppp channel (bsc#980371).\n- reiserfs: fix race in prealloc discard (bsc#987576).\n- scsi: ibmvfc: Fix I/O hang when port is not mapped (bsc#971989)\n- scsi: Increase REPORT_LUNS timeout (bsc#982282).\n- series.conf: move stray netfilter patches to the right section\n- squashfs3: properly handle dir_emit() failures (bsc#998795).\n- supported.conf: Add ext2\n- timers: Use proper base migration in add_timer_on() (bnc#993392).\n- tty: audit: Fix audit source (bsc#1016482).\n- tty: Prevent ldisc drivers from re-using stale tty fields (bnc#1010507).\n- usb: fix typo in wMaxPacketSize validation (bsc#991665).\n- usb: validate wMaxPacketValue entries in endpoint descriptors (bnc#991665).\n- xen: Fix refcnt regression in xen netback introduced by changes made for bug#881008 (bnc#978094)\n- xfs: allow lazy sb counter sync during filesystem freeze sequence (bsc#980560).\n- xfs: fixed signedness of error code in xfs_inode_buf_verify (bsc#1003153).\n- xfs: fix premature enospc on inode allocation (bsc#984148).\n- xfs: get rid of XFS_IALLOC_BLOCKS macros (bsc#984148).\n- xfs: get rid of XFS_INODE_CLUSTER_SIZE macros (bsc#984148).\n- xfs: refactor xlog_recover_process_data() (bsc#1019300).\n- xfs: Silence warnings in xfs_vm_releasepage() (bnc#915183 bsc#987565).\n- xhci: silence warnings in switch (bnc#991665).\n",
"title": "Description of the patch"
},
{
"category": "details",
"text": "SUSE-SLE-Module-Public-Cloud-12-2017-247,SUSE-SLE-SAP-12-2017-247,SUSE-SLE-SERVER-12-2017-247",
"title": "Patchnames"
},
{
"category": "legal_disclaimer",
"text": "CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).",
"title": "Terms of use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://www.suse.com/support/security/contact/",
"name": "SUSE Product Security Team",
"namespace": "https://www.suse.com/"
},
"references": [
{
"category": "external",
"summary": "SUSE ratings",
"url": "https://www.suse.com/support/security/rating/"
},
{
"category": "self",
"summary": "URL of this CSAF notice",
"url": "https://ftp.suse.com/pub/projects/security/csaf/suse-su-2017_0471-1.json"
},
{
"category": "self",
"summary": "URL for SUSE-SU-2017:0471-1",
"url": "https://www.suse.com/support/update/announcement/2017/suse-su-20170471-1/"
},
{
"category": "self",
"summary": "E-Mail link for SUSE-SU-2017:0471-1",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2017-February/002647.html"
},
{
"category": "self",
"summary": "SUSE Bug 1003153",
"url": "https://bugzilla.suse.com/1003153"
},
{
"category": "self",
"summary": "SUSE Bug 1003925",
"url": "https://bugzilla.suse.com/1003925"
},
{
"category": "self",
"summary": "SUSE Bug 1004462",
"url": "https://bugzilla.suse.com/1004462"
},
{
"category": "self",
"summary": "SUSE Bug 1004517",
"url": "https://bugzilla.suse.com/1004517"
},
{
"category": "self",
"summary": "SUSE Bug 1005666",
"url": "https://bugzilla.suse.com/1005666"
},
{
"category": "self",
"summary": "SUSE Bug 1007197",
"url": "https://bugzilla.suse.com/1007197"
},
{
"category": "self",
"summary": "SUSE Bug 1008833",
"url": "https://bugzilla.suse.com/1008833"
},
{
"category": "self",
"summary": "SUSE Bug 1008979",
"url": "https://bugzilla.suse.com/1008979"
},
{
"category": "self",
"summary": "SUSE Bug 1009969",
"url": "https://bugzilla.suse.com/1009969"
},
{
"category": "self",
"summary": "SUSE Bug 1010040",
"url": "https://bugzilla.suse.com/1010040"
},
{
"category": "self",
"summary": "SUSE Bug 1010475",
"url": "https://bugzilla.suse.com/1010475"
},
{
"category": "self",
"summary": "SUSE Bug 1010478",
"url": "https://bugzilla.suse.com/1010478"
},
{
"category": "self",
"summary": "SUSE Bug 1010501",
"url": "https://bugzilla.suse.com/1010501"
},
{
"category": "self",
"summary": "SUSE Bug 1010502",
"url": "https://bugzilla.suse.com/1010502"
},
{
"category": "self",
"summary": "SUSE Bug 1010507",
"url": "https://bugzilla.suse.com/1010507"
},
{
"category": "self",
"summary": "SUSE Bug 1010612",
"url": "https://bugzilla.suse.com/1010612"
},
{
"category": "self",
"summary": "SUSE Bug 1010711",
"url": "https://bugzilla.suse.com/1010711"
},
{
"category": "self",
"summary": "SUSE Bug 1010716",
"url": "https://bugzilla.suse.com/1010716"
},
{
"category": "self",
"summary": "SUSE Bug 1011820",
"url": "https://bugzilla.suse.com/1011820"
},
{
"category": "self",
"summary": "SUSE Bug 1012422",
"url": "https://bugzilla.suse.com/1012422"
},
{
"category": "self",
"summary": "SUSE Bug 1013038",
"url": "https://bugzilla.suse.com/1013038"
},
{
"category": "self",
"summary": "SUSE Bug 1013531",
"url": "https://bugzilla.suse.com/1013531"
},
{
"category": "self",
"summary": "SUSE Bug 1013540",
"url": "https://bugzilla.suse.com/1013540"
},
{
"category": "self",
"summary": "SUSE Bug 1013542",
"url": "https://bugzilla.suse.com/1013542"
},
{
"category": "self",
"summary": "SUSE Bug 1014746",
"url": "https://bugzilla.suse.com/1014746"
},
{
"category": "self",
"summary": "SUSE Bug 1016482",
"url": "https://bugzilla.suse.com/1016482"
},
{
"category": "self",
"summary": "SUSE Bug 1017410",
"url": "https://bugzilla.suse.com/1017410"
},
{
"category": "self",
"summary": "SUSE Bug 1017589",
"url": "https://bugzilla.suse.com/1017589"
},
{
"category": "self",
"summary": "SUSE Bug 1017710",
"url": "https://bugzilla.suse.com/1017710"
},
{
"category": "self",
"summary": "SUSE Bug 1019300",
"url": "https://bugzilla.suse.com/1019300"
},
{
"category": "self",
"summary": "SUSE Bug 1019851",
"url": "https://bugzilla.suse.com/1019851"
},
{
"category": "self",
"summary": "SUSE Bug 1020602",
"url": "https://bugzilla.suse.com/1020602"
},
{
"category": "self",
"summary": "SUSE Bug 1021258",
"url": "https://bugzilla.suse.com/1021258"
},
{
"category": "self",
"summary": "SUSE Bug 881008",
"url": "https://bugzilla.suse.com/881008"
},
{
"category": "self",
"summary": "SUSE Bug 915183",
"url": "https://bugzilla.suse.com/915183"
},
{
"category": "self",
"summary": "SUSE Bug 958606",
"url": "https://bugzilla.suse.com/958606"
},
{
"category": "self",
"summary": "SUSE Bug 961257",
"url": "https://bugzilla.suse.com/961257"
},
{
"category": "self",
"summary": "SUSE Bug 970083",
"url": "https://bugzilla.suse.com/970083"
},
{
"category": "self",
"summary": "SUSE Bug 971989",
"url": "https://bugzilla.suse.com/971989"
},
{
"category": "self",
"summary": "SUSE Bug 976195",
"url": "https://bugzilla.suse.com/976195"
},
{
"category": "self",
"summary": "SUSE Bug 978094",
"url": "https://bugzilla.suse.com/978094"
},
{
"category": "self",
"summary": "SUSE Bug 980371",
"url": "https://bugzilla.suse.com/980371"
},
{
"category": "self",
"summary": "SUSE Bug 980560",
"url": "https://bugzilla.suse.com/980560"
},
{
"category": "self",
"summary": "SUSE Bug 981038",
"url": "https://bugzilla.suse.com/981038"
},
{
"category": "self",
"summary": "SUSE Bug 981597",
"url": "https://bugzilla.suse.com/981597"
},
{
"category": "self",
"summary": "SUSE Bug 981709",
"url": "https://bugzilla.suse.com/981709"
},
{
"category": "self",
"summary": "SUSE Bug 982282",
"url": "https://bugzilla.suse.com/982282"
},
{
"category": "self",
"summary": "SUSE Bug 982544",
"url": "https://bugzilla.suse.com/982544"
},
{
"category": "self",
"summary": "SUSE Bug 983619",
"url": "https://bugzilla.suse.com/983619"
},
{
"category": "self",
"summary": "SUSE Bug 983721",
"url": "https://bugzilla.suse.com/983721"
},
{
"category": "self",
"summary": "SUSE Bug 983977",
"url": "https://bugzilla.suse.com/983977"
},
{
"category": "self",
"summary": "SUSE Bug 984148",
"url": "https://bugzilla.suse.com/984148"
},
{
"category": "self",
"summary": "SUSE Bug 984419",
"url": "https://bugzilla.suse.com/984419"
},
{
"category": "self",
"summary": "SUSE Bug 984755",
"url": "https://bugzilla.suse.com/984755"
},
{
"category": "self",
"summary": "SUSE Bug 985978",
"url": "https://bugzilla.suse.com/985978"
},
{
"category": "self",
"summary": "SUSE Bug 986362",
"url": "https://bugzilla.suse.com/986362"
},
{
"category": "self",
"summary": "SUSE Bug 986365",
"url": "https://bugzilla.suse.com/986365"
},
{
"category": "self",
"summary": "SUSE Bug 986445",
"url": "https://bugzilla.suse.com/986445"
},
{
"category": "self",
"summary": "SUSE Bug 986569",
"url": "https://bugzilla.suse.com/986569"
},
{
"category": "self",
"summary": "SUSE Bug 986572",
"url": "https://bugzilla.suse.com/986572"
},
{
"category": "self",
"summary": "SUSE Bug 986811",
"url": "https://bugzilla.suse.com/986811"
},
{
"category": "self",
"summary": "SUSE Bug 986941",
"url": "https://bugzilla.suse.com/986941"
},
{
"category": "self",
"summary": "SUSE Bug 987542",
"url": "https://bugzilla.suse.com/987542"
},
{
"category": "self",
"summary": "SUSE Bug 987565",
"url": "https://bugzilla.suse.com/987565"
},
{
"category": "self",
"summary": "SUSE Bug 987576",
"url": "https://bugzilla.suse.com/987576"
},
{
"category": "self",
"summary": "SUSE Bug 989152",
"url": "https://bugzilla.suse.com/989152"
},
{
"category": "self",
"summary": "SUSE Bug 990384",
"url": "https://bugzilla.suse.com/990384"
},
{
"category": "self",
"summary": "SUSE Bug 991608",
"url": "https://bugzilla.suse.com/991608"
},
{
"category": "self",
"summary": "SUSE Bug 991665",
"url": "https://bugzilla.suse.com/991665"
},
{
"category": "self",
"summary": "SUSE Bug 993392",
"url": "https://bugzilla.suse.com/993392"
},
{
"category": "self",
"summary": "SUSE Bug 993890",
"url": "https://bugzilla.suse.com/993890"
},
{
"category": "self",
"summary": "SUSE Bug 993891",
"url": "https://bugzilla.suse.com/993891"
},
{
"category": "self",
"summary": "SUSE Bug 994296",
"url": "https://bugzilla.suse.com/994296"
},
{
"category": "self",
"summary": "SUSE Bug 994748",
"url": "https://bugzilla.suse.com/994748"
},
{
"category": "self",
"summary": "SUSE Bug 994881",
"url": "https://bugzilla.suse.com/994881"
},
{
"category": "self",
"summary": "SUSE Bug 995968",
"url": "https://bugzilla.suse.com/995968"
},
{
"category": "self",
"summary": "SUSE Bug 997708",
"url": "https://bugzilla.suse.com/997708"
},
{
"category": "self",
"summary": "SUSE Bug 998795",
"url": "https://bugzilla.suse.com/998795"
},
{
"category": "self",
"summary": "SUSE Bug 999584",
"url": "https://bugzilla.suse.com/999584"
},
{
"category": "self",
"summary": "SUSE Bug 999600",
"url": "https://bugzilla.suse.com/999600"
},
{
"category": "self",
"summary": "SUSE Bug 999932",
"url": "https://bugzilla.suse.com/999932"
},
{
"category": "self",
"summary": "SUSE Bug 999943",
"url": "https://bugzilla.suse.com/999943"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2014-9904 page",
"url": "https://www.suse.com/security/cve/CVE-2014-9904/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2015-8956 page",
"url": "https://www.suse.com/security/cve/CVE-2015-8956/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2015-8962 page",
"url": "https://www.suse.com/security/cve/CVE-2015-8962/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2015-8963 page",
"url": "https://www.suse.com/security/cve/CVE-2015-8963/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2015-8964 page",
"url": "https://www.suse.com/security/cve/CVE-2015-8964/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2016-10088 page",
"url": "https://www.suse.com/security/cve/CVE-2016-10088/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2016-4470 page",
"url": "https://www.suse.com/security/cve/CVE-2016-4470/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2016-4997 page",
"url": "https://www.suse.com/security/cve/CVE-2016-4997/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2016-5696 page",
"url": "https://www.suse.com/security/cve/CVE-2016-5696/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2016-5828 page",
"url": "https://www.suse.com/security/cve/CVE-2016-5828/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2016-5829 page",
"url": "https://www.suse.com/security/cve/CVE-2016-5829/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2016-6130 page",
"url": "https://www.suse.com/security/cve/CVE-2016-6130/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2016-6327 page",
"url": "https://www.suse.com/security/cve/CVE-2016-6327/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2016-6480 page",
"url": "https://www.suse.com/security/cve/CVE-2016-6480/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2016-6828 page",
"url": "https://www.suse.com/security/cve/CVE-2016-6828/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2016-7042 page",
"url": "https://www.suse.com/security/cve/CVE-2016-7042/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2016-7097 page",
"url": "https://www.suse.com/security/cve/CVE-2016-7097/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2016-7425 page",
"url": "https://www.suse.com/security/cve/CVE-2016-7425/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2016-7910 page",
"url": "https://www.suse.com/security/cve/CVE-2016-7910/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2016-7911 page",
"url": "https://www.suse.com/security/cve/CVE-2016-7911/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2016-7913 page",
"url": "https://www.suse.com/security/cve/CVE-2016-7913/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2016-7914 page",
"url": "https://www.suse.com/security/cve/CVE-2016-7914/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2016-8399 page",
"url": "https://www.suse.com/security/cve/CVE-2016-8399/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2016-8633 page",
"url": "https://www.suse.com/security/cve/CVE-2016-8633/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2016-8645 page",
"url": "https://www.suse.com/security/cve/CVE-2016-8645/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2016-8658 page",
"url": "https://www.suse.com/security/cve/CVE-2016-8658/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2016-9083 page",
"url": "https://www.suse.com/security/cve/CVE-2016-9083/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2016-9084 page",
"url": "https://www.suse.com/security/cve/CVE-2016-9084/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2016-9756 page",
"url": "https://www.suse.com/security/cve/CVE-2016-9756/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2016-9793 page",
"url": "https://www.suse.com/security/cve/CVE-2016-9793/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2016-9806 page",
"url": "https://www.suse.com/security/cve/CVE-2016-9806/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2017-2583 page",
"url": "https://www.suse.com/security/cve/CVE-2017-2583/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2017-2584 page",
"url": "https://www.suse.com/security/cve/CVE-2017-2584/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2017-5551 page",
"url": "https://www.suse.com/security/cve/CVE-2017-5551/"
}
],
"title": "Security update for the Linux Kernel",
"tracking": {
"current_release_date": "2017-02-15T16:20:32Z",
"generator": {
"date": "2017-02-15T16:20:32Z",
"engine": {
"name": "cve-database.git:bin/generate-csaf.pl",
"version": "1"
}
},
"id": "SUSE-SU-2017:0471-1",
"initial_release_date": "2017-02-15T16:20:32Z",
"revision_history": [
{
"date": "2017-02-15T16:20:32Z",
"number": "1",
"summary": "Current version"
}
],
"status": "final",
"version": "1"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_version",
"name": "kernel-devel-3.12.61-52.66.1.noarch",
"product": {
"name": "kernel-devel-3.12.61-52.66.1.noarch",
"product_id": "kernel-devel-3.12.61-52.66.1.noarch"
}
},
{
"category": "product_version",
"name": "kernel-macros-3.12.61-52.66.1.noarch",
"product": {
"name": "kernel-macros-3.12.61-52.66.1.noarch",
"product_id": "kernel-macros-3.12.61-52.66.1.noarch"
}
},
{
"category": "product_version",
"name": "kernel-source-3.12.61-52.66.1.noarch",
"product": {
"name": "kernel-source-3.12.61-52.66.1.noarch",
"product_id": "kernel-source-3.12.61-52.66.1.noarch"
}
}
],
"category": "architecture",
"name": "noarch"
},
{
"branches": [
{
"category": "product_version",
"name": "kernel-default-3.12.61-52.66.1.ppc64le",
"product": {
"name": "kernel-default-3.12.61-52.66.1.ppc64le",
"product_id": "kernel-default-3.12.61-52.66.1.ppc64le"
}
},
{
"category": "product_version",
"name": "kernel-default-base-3.12.61-52.66.1.ppc64le",
"product": {
"name": "kernel-default-base-3.12.61-52.66.1.ppc64le",
"product_id": "kernel-default-base-3.12.61-52.66.1.ppc64le"
}
},
{
"category": "product_version",
"name": "kernel-default-devel-3.12.61-52.66.1.ppc64le",
"product": {
"name": "kernel-default-devel-3.12.61-52.66.1.ppc64le",
"product_id": "kernel-default-devel-3.12.61-52.66.1.ppc64le"
}
},
{
"category": "product_version",
"name": "kernel-syms-3.12.61-52.66.1.ppc64le",
"product": {
"name": "kernel-syms-3.12.61-52.66.1.ppc64le",
"product_id": "kernel-syms-3.12.61-52.66.1.ppc64le"
}
}
],
"category": "architecture",
"name": "ppc64le"
},
{
"branches": [
{
"category": "product_version",
"name": "kernel-default-3.12.61-52.66.1.s390x",
"product": {
"name": "kernel-default-3.12.61-52.66.1.s390x",
"product_id": "kernel-default-3.12.61-52.66.1.s390x"
}
},
{
"category": "product_version",
"name": "kernel-default-base-3.12.61-52.66.1.s390x",
"product": {
"name": "kernel-default-base-3.12.61-52.66.1.s390x",
"product_id": "kernel-default-base-3.12.61-52.66.1.s390x"
}
},
{
"category": "product_version",
"name": "kernel-default-devel-3.12.61-52.66.1.s390x",
"product": {
"name": "kernel-default-devel-3.12.61-52.66.1.s390x",
"product_id": "kernel-default-devel-3.12.61-52.66.1.s390x"
}
},
{
"category": "product_version",
"name": "kernel-default-man-3.12.61-52.66.1.s390x",
"product": {
"name": "kernel-default-man-3.12.61-52.66.1.s390x",
"product_id": "kernel-default-man-3.12.61-52.66.1.s390x"
}
},
{
"category": "product_version",
"name": "kernel-syms-3.12.61-52.66.1.s390x",
"product": {
"name": "kernel-syms-3.12.61-52.66.1.s390x",
"product_id": "kernel-syms-3.12.61-52.66.1.s390x"
}
}
],
"category": "architecture",
"name": "s390x"
},
{
"branches": [
{
"category": "product_version",
"name": "kernel-ec2-3.12.61-52.66.1.x86_64",
"product": {
"name": "kernel-ec2-3.12.61-52.66.1.x86_64",
"product_id": "kernel-ec2-3.12.61-52.66.1.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-ec2-devel-3.12.61-52.66.1.x86_64",
"product": {
"name": "kernel-ec2-devel-3.12.61-52.66.1.x86_64",
"product_id": "kernel-ec2-devel-3.12.61-52.66.1.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-ec2-extra-3.12.61-52.66.1.x86_64",
"product": {
"name": "kernel-ec2-extra-3.12.61-52.66.1.x86_64",
"product_id": "kernel-ec2-extra-3.12.61-52.66.1.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-default-3.12.61-52.66.1.x86_64",
"product": {
"name": "kernel-default-3.12.61-52.66.1.x86_64",
"product_id": "kernel-default-3.12.61-52.66.1.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-default-base-3.12.61-52.66.1.x86_64",
"product": {
"name": "kernel-default-base-3.12.61-52.66.1.x86_64",
"product_id": "kernel-default-base-3.12.61-52.66.1.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-default-devel-3.12.61-52.66.1.x86_64",
"product": {
"name": "kernel-default-devel-3.12.61-52.66.1.x86_64",
"product_id": "kernel-default-devel-3.12.61-52.66.1.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-syms-3.12.61-52.66.1.x86_64",
"product": {
"name": "kernel-syms-3.12.61-52.66.1.x86_64",
"product_id": "kernel-syms-3.12.61-52.66.1.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-xen-3.12.61-52.66.1.x86_64",
"product": {
"name": "kernel-xen-3.12.61-52.66.1.x86_64",
"product_id": "kernel-xen-3.12.61-52.66.1.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-xen-base-3.12.61-52.66.1.x86_64",
"product": {
"name": "kernel-xen-base-3.12.61-52.66.1.x86_64",
"product_id": "kernel-xen-base-3.12.61-52.66.1.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-xen-devel-3.12.61-52.66.1.x86_64",
"product": {
"name": "kernel-xen-devel-3.12.61-52.66.1.x86_64",
"product_id": "kernel-xen-devel-3.12.61-52.66.1.x86_64"
}
},
{
"category": "product_version",
"name": "kgraft-patch-3_12_61-52_66-default-1-2.1.x86_64",
"product": {
"name": "kgraft-patch-3_12_61-52_66-default-1-2.1.x86_64",
"product_id": "kgraft-patch-3_12_61-52_66-default-1-2.1.x86_64"
}
},
{
"category": "product_version",
"name": "kgraft-patch-3_12_61-52_66-xen-1-2.1.x86_64",
"product": {
"name": "kgraft-patch-3_12_61-52_66-xen-1-2.1.x86_64",
"product_id": "kgraft-patch-3_12_61-52_66-xen-1-2.1.x86_64"
}
}
],
"category": "architecture",
"name": "x86_64"
},
{
"branches": [
{
"category": "product_name",
"name": "SUSE Linux Enterprise Module for Public Cloud 12",
"product": {
"name": "SUSE Linux Enterprise Module for Public Cloud 12",
"product_id": "SUSE Linux Enterprise Module for Public Cloud 12",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sle-module-public-cloud:12"
}
}
},
{
"category": "product_name",
"name": "SUSE Linux Enterprise Server for SAP Applications 12",
"product": {
"name": "SUSE Linux Enterprise Server for SAP Applications 12",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 12",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sles_sap:12"
}
}
},
{
"category": "product_name",
"name": "SUSE Linux Enterprise Server 12-LTSS",
"product": {
"name": "SUSE Linux Enterprise Server 12-LTSS",
"product_id": "SUSE Linux Enterprise Server 12-LTSS",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sles-ltss:12"
}
}
}
],
"category": "product_family",
"name": "SUSE Linux Enterprise"
}
],
"category": "vendor",
"name": "SUSE"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-ec2-3.12.61-52.66.1.x86_64 as component of SUSE Linux Enterprise Module for Public Cloud 12",
"product_id": "SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-3.12.61-52.66.1.x86_64"
},
"product_reference": "kernel-ec2-3.12.61-52.66.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Public Cloud 12"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-ec2-devel-3.12.61-52.66.1.x86_64 as component of SUSE Linux Enterprise Module for Public Cloud 12",
"product_id": "SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-devel-3.12.61-52.66.1.x86_64"
},
"product_reference": "kernel-ec2-devel-3.12.61-52.66.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Public Cloud 12"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-ec2-extra-3.12.61-52.66.1.x86_64 as component of SUSE Linux Enterprise Module for Public Cloud 12",
"product_id": "SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-extra-3.12.61-52.66.1.x86_64"
},
"product_reference": "kernel-ec2-extra-3.12.61-52.66.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Public Cloud 12"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-default-3.12.61-52.66.1.x86_64 as component of SUSE Linux Enterprise Server for SAP Applications 12",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 12:kernel-default-3.12.61-52.66.1.x86_64"
},
"product_reference": "kernel-default-3.12.61-52.66.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 12"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-default-base-3.12.61-52.66.1.x86_64 as component of SUSE Linux Enterprise Server for SAP Applications 12",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 12:kernel-default-base-3.12.61-52.66.1.x86_64"
},
"product_reference": "kernel-default-base-3.12.61-52.66.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 12"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-default-devel-3.12.61-52.66.1.x86_64 as component of SUSE Linux Enterprise Server for SAP Applications 12",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 12:kernel-default-devel-3.12.61-52.66.1.x86_64"
},
"product_reference": "kernel-default-devel-3.12.61-52.66.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 12"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-devel-3.12.61-52.66.1.noarch as component of SUSE Linux Enterprise Server for SAP Applications 12",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 12:kernel-devel-3.12.61-52.66.1.noarch"
},
"product_reference": "kernel-devel-3.12.61-52.66.1.noarch",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 12"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-macros-3.12.61-52.66.1.noarch as component of SUSE Linux Enterprise Server for SAP Applications 12",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 12:kernel-macros-3.12.61-52.66.1.noarch"
},
"product_reference": "kernel-macros-3.12.61-52.66.1.noarch",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 12"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-source-3.12.61-52.66.1.noarch as component of SUSE Linux Enterprise Server for SAP Applications 12",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 12:kernel-source-3.12.61-52.66.1.noarch"
},
"product_reference": "kernel-source-3.12.61-52.66.1.noarch",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 12"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-syms-3.12.61-52.66.1.x86_64 as component of SUSE Linux Enterprise Server for SAP Applications 12",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 12:kernel-syms-3.12.61-52.66.1.x86_64"
},
"product_reference": "kernel-syms-3.12.61-52.66.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 12"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-xen-3.12.61-52.66.1.x86_64 as component of SUSE Linux Enterprise Server for SAP Applications 12",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 12:kernel-xen-3.12.61-52.66.1.x86_64"
},
"product_reference": "kernel-xen-3.12.61-52.66.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 12"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-xen-base-3.12.61-52.66.1.x86_64 as component of SUSE Linux Enterprise Server for SAP Applications 12",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 12:kernel-xen-base-3.12.61-52.66.1.x86_64"
},
"product_reference": "kernel-xen-base-3.12.61-52.66.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 12"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-xen-devel-3.12.61-52.66.1.x86_64 as component of SUSE Linux Enterprise Server for SAP Applications 12",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 12:kernel-xen-devel-3.12.61-52.66.1.x86_64"
},
"product_reference": "kernel-xen-devel-3.12.61-52.66.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 12"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kgraft-patch-3_12_61-52_66-default-1-2.1.x86_64 as component of SUSE Linux Enterprise Server for SAP Applications 12",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 12:kgraft-patch-3_12_61-52_66-default-1-2.1.x86_64"
},
"product_reference": "kgraft-patch-3_12_61-52_66-default-1-2.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 12"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kgraft-patch-3_12_61-52_66-xen-1-2.1.x86_64 as component of SUSE Linux Enterprise Server for SAP Applications 12",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 12:kgraft-patch-3_12_61-52_66-xen-1-2.1.x86_64"
},
"product_reference": "kgraft-patch-3_12_61-52_66-xen-1-2.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 12"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-default-3.12.61-52.66.1.ppc64le as component of SUSE Linux Enterprise Server 12-LTSS",
"product_id": "SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.66.1.ppc64le"
},
"product_reference": "kernel-default-3.12.61-52.66.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-default-3.12.61-52.66.1.s390x as component of SUSE Linux Enterprise Server 12-LTSS",
"product_id": "SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.66.1.s390x"
},
"product_reference": "kernel-default-3.12.61-52.66.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-default-3.12.61-52.66.1.x86_64 as component of SUSE Linux Enterprise Server 12-LTSS",
"product_id": "SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.66.1.x86_64"
},
"product_reference": "kernel-default-3.12.61-52.66.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-default-base-3.12.61-52.66.1.ppc64le as component of SUSE Linux Enterprise Server 12-LTSS",
"product_id": "SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.66.1.ppc64le"
},
"product_reference": "kernel-default-base-3.12.61-52.66.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-default-base-3.12.61-52.66.1.s390x as component of SUSE Linux Enterprise Server 12-LTSS",
"product_id": "SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.66.1.s390x"
},
"product_reference": "kernel-default-base-3.12.61-52.66.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-default-base-3.12.61-52.66.1.x86_64 as component of SUSE Linux Enterprise Server 12-LTSS",
"product_id": "SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.66.1.x86_64"
},
"product_reference": "kernel-default-base-3.12.61-52.66.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-default-devel-3.12.61-52.66.1.ppc64le as component of SUSE Linux Enterprise Server 12-LTSS",
"product_id": "SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.66.1.ppc64le"
},
"product_reference": "kernel-default-devel-3.12.61-52.66.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-default-devel-3.12.61-52.66.1.s390x as component of SUSE Linux Enterprise Server 12-LTSS",
"product_id": "SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.66.1.s390x"
},
"product_reference": "kernel-default-devel-3.12.61-52.66.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-default-devel-3.12.61-52.66.1.x86_64 as component of SUSE Linux Enterprise Server 12-LTSS",
"product_id": "SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.66.1.x86_64"
},
"product_reference": "kernel-default-devel-3.12.61-52.66.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-default-man-3.12.61-52.66.1.s390x as component of SUSE Linux Enterprise Server 12-LTSS",
"product_id": "SUSE Linux Enterprise Server 12-LTSS:kernel-default-man-3.12.61-52.66.1.s390x"
},
"product_reference": "kernel-default-man-3.12.61-52.66.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-devel-3.12.61-52.66.1.noarch as component of SUSE Linux Enterprise Server 12-LTSS",
"product_id": "SUSE Linux Enterprise Server 12-LTSS:kernel-devel-3.12.61-52.66.1.noarch"
},
"product_reference": "kernel-devel-3.12.61-52.66.1.noarch",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-macros-3.12.61-52.66.1.noarch as component of SUSE Linux Enterprise Server 12-LTSS",
"product_id": "SUSE Linux Enterprise Server 12-LTSS:kernel-macros-3.12.61-52.66.1.noarch"
},
"product_reference": "kernel-macros-3.12.61-52.66.1.noarch",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-source-3.12.61-52.66.1.noarch as component of SUSE Linux Enterprise Server 12-LTSS",
"product_id": "SUSE Linux Enterprise Server 12-LTSS:kernel-source-3.12.61-52.66.1.noarch"
},
"product_reference": "kernel-source-3.12.61-52.66.1.noarch",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-syms-3.12.61-52.66.1.ppc64le as component of SUSE Linux Enterprise Server 12-LTSS",
"product_id": "SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.66.1.ppc64le"
},
"product_reference": "kernel-syms-3.12.61-52.66.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-syms-3.12.61-52.66.1.s390x as component of SUSE Linux Enterprise Server 12-LTSS",
"product_id": "SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.66.1.s390x"
},
"product_reference": "kernel-syms-3.12.61-52.66.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-syms-3.12.61-52.66.1.x86_64 as component of SUSE Linux Enterprise Server 12-LTSS",
"product_id": "SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.66.1.x86_64"
},
"product_reference": "kernel-syms-3.12.61-52.66.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-xen-3.12.61-52.66.1.x86_64 as component of SUSE Linux Enterprise Server 12-LTSS",
"product_id": "SUSE Linux Enterprise Server 12-LTSS:kernel-xen-3.12.61-52.66.1.x86_64"
},
"product_reference": "kernel-xen-3.12.61-52.66.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-xen-base-3.12.61-52.66.1.x86_64 as component of SUSE Linux Enterprise Server 12-LTSS",
"product_id": "SUSE Linux Enterprise Server 12-LTSS:kernel-xen-base-3.12.61-52.66.1.x86_64"
},
"product_reference": "kernel-xen-base-3.12.61-52.66.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-xen-devel-3.12.61-52.66.1.x86_64 as component of SUSE Linux Enterprise Server 12-LTSS",
"product_id": "SUSE Linux Enterprise Server 12-LTSS:kernel-xen-devel-3.12.61-52.66.1.x86_64"
},
"product_reference": "kernel-xen-devel-3.12.61-52.66.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kgraft-patch-3_12_61-52_66-default-1-2.1.x86_64 as component of SUSE Linux Enterprise Server 12-LTSS",
"product_id": "SUSE Linux Enterprise Server 12-LTSS:kgraft-patch-3_12_61-52_66-default-1-2.1.x86_64"
},
"product_reference": "kgraft-patch-3_12_61-52_66-default-1-2.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kgraft-patch-3_12_61-52_66-xen-1-2.1.x86_64 as component of SUSE Linux Enterprise Server 12-LTSS",
"product_id": "SUSE Linux Enterprise Server 12-LTSS:kgraft-patch-3_12_61-52_66-xen-1-2.1.x86_64"
},
"product_reference": "kgraft-patch-3_12_61-52_66-xen-1-2.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12-LTSS"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2014-9904",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2014-9904"
}
],
"notes": [
{
"category": "general",
"text": "The snd_compress_check_input function in sound/core/compress_offload.c in the ALSA subsystem in the Linux kernel before 3.17 does not properly check for an integer overflow, which allows local users to cause a denial of service (insufficient memory allocation) or possibly have unspecified other impact via a crafted SNDRV_COMPRESS_SET_PARAMS ioctl call.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-3.12.61-52.66.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-devel-3.12.61-52.66.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-extra-3.12.61-52.66.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.66.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.66.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.66.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.66.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.66.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.66.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.66.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.66.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.66.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-man-3.12.61-52.66.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:kernel-devel-3.12.61-52.66.1.noarch",
"SUSE Linux Enterprise Server 12-LTSS:kernel-macros-3.12.61-52.66.1.noarch",
"SUSE Linux Enterprise Server 12-LTSS:kernel-source-3.12.61-52.66.1.noarch",
"SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.66.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.66.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.66.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-xen-3.12.61-52.66.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-xen-base-3.12.61-52.66.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-xen-devel-3.12.61-52.66.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kgraft-patch-3_12_61-52_66-default-1-2.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kgraft-patch-3_12_61-52_66-xen-1-2.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-default-3.12.61-52.66.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-default-base-3.12.61-52.66.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-default-devel-3.12.61-52.66.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-devel-3.12.61-52.66.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-macros-3.12.61-52.66.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-source-3.12.61-52.66.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-syms-3.12.61-52.66.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-xen-3.12.61-52.66.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-xen-base-3.12.61-52.66.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-xen-devel-3.12.61-52.66.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:kgraft-patch-3_12_61-52_66-default-1-2.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:kgraft-patch-3_12_61-52_66-xen-1-2.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2014-9904",
"url": "https://www.suse.com/security/cve/CVE-2014-9904"
},
{
"category": "external",
"summary": "SUSE Bug 986811 for CVE-2014-9904",
"url": "https://bugzilla.suse.com/986811"
},
{
"category": "external",
"summary": "SUSE Bug 986941 for CVE-2014-9904",
"url": "https://bugzilla.suse.com/986941"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-3.12.61-52.66.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-devel-3.12.61-52.66.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-extra-3.12.61-52.66.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.66.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.66.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.66.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.66.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.66.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.66.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.66.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.66.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.66.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-man-3.12.61-52.66.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:kernel-devel-3.12.61-52.66.1.noarch",
"SUSE Linux Enterprise Server 12-LTSS:kernel-macros-3.12.61-52.66.1.noarch",
"SUSE Linux Enterprise Server 12-LTSS:kernel-source-3.12.61-52.66.1.noarch",
"SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.66.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.66.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.66.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-xen-3.12.61-52.66.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-xen-base-3.12.61-52.66.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-xen-devel-3.12.61-52.66.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kgraft-patch-3_12_61-52_66-default-1-2.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kgraft-patch-3_12_61-52_66-xen-1-2.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-default-3.12.61-52.66.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-default-base-3.12.61-52.66.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-default-devel-3.12.61-52.66.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-devel-3.12.61-52.66.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-macros-3.12.61-52.66.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-source-3.12.61-52.66.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-syms-3.12.61-52.66.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-xen-3.12.61-52.66.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-xen-base-3.12.61-52.66.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-xen-devel-3.12.61-52.66.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:kgraft-patch-3_12_61-52_66-default-1-2.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:kgraft-patch-3_12_61-52_66-xen-1-2.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-3.12.61-52.66.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-devel-3.12.61-52.66.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-extra-3.12.61-52.66.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.66.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.66.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.66.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.66.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.66.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.66.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.66.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.66.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.66.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-man-3.12.61-52.66.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:kernel-devel-3.12.61-52.66.1.noarch",
"SUSE Linux Enterprise Server 12-LTSS:kernel-macros-3.12.61-52.66.1.noarch",
"SUSE Linux Enterprise Server 12-LTSS:kernel-source-3.12.61-52.66.1.noarch",
"SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.66.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.66.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.66.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-xen-3.12.61-52.66.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-xen-base-3.12.61-52.66.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-xen-devel-3.12.61-52.66.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kgraft-patch-3_12_61-52_66-default-1-2.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kgraft-patch-3_12_61-52_66-xen-1-2.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-default-3.12.61-52.66.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-default-base-3.12.61-52.66.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-default-devel-3.12.61-52.66.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-devel-3.12.61-52.66.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-macros-3.12.61-52.66.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-source-3.12.61-52.66.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-syms-3.12.61-52.66.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-xen-3.12.61-52.66.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-xen-base-3.12.61-52.66.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-xen-devel-3.12.61-52.66.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:kgraft-patch-3_12_61-52_66-default-1-2.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:kgraft-patch-3_12_61-52_66-xen-1-2.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2017-02-15T16:20:32Z",
"details": "moderate"
}
],
"title": "CVE-2014-9904"
},
{
"cve": "CVE-2015-8956",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2015-8956"
}
],
"notes": [
{
"category": "general",
"text": "The rfcomm_sock_bind function in net/bluetooth/rfcomm/sock.c in the Linux kernel before 4.2 allows local users to obtain sensitive information or cause a denial of service (NULL pointer dereference) via vectors involving a bind system call on a Bluetooth RFCOMM socket.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-3.12.61-52.66.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-devel-3.12.61-52.66.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-extra-3.12.61-52.66.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.66.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.66.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.66.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.66.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.66.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.66.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.66.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.66.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.66.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-man-3.12.61-52.66.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:kernel-devel-3.12.61-52.66.1.noarch",
"SUSE Linux Enterprise Server 12-LTSS:kernel-macros-3.12.61-52.66.1.noarch",
"SUSE Linux Enterprise Server 12-LTSS:kernel-source-3.12.61-52.66.1.noarch",
"SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.66.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.66.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.66.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-xen-3.12.61-52.66.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-xen-base-3.12.61-52.66.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-xen-devel-3.12.61-52.66.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kgraft-patch-3_12_61-52_66-default-1-2.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kgraft-patch-3_12_61-52_66-xen-1-2.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-default-3.12.61-52.66.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-default-base-3.12.61-52.66.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-default-devel-3.12.61-52.66.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-devel-3.12.61-52.66.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-macros-3.12.61-52.66.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-source-3.12.61-52.66.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-syms-3.12.61-52.66.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-xen-3.12.61-52.66.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-xen-base-3.12.61-52.66.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-xen-devel-3.12.61-52.66.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:kgraft-patch-3_12_61-52_66-default-1-2.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:kgraft-patch-3_12_61-52_66-xen-1-2.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2015-8956",
"url": "https://www.suse.com/security/cve/CVE-2015-8956"
},
{
"category": "external",
"summary": "SUSE Bug 1003925 for CVE-2015-8956",
"url": "https://bugzilla.suse.com/1003925"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-3.12.61-52.66.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-devel-3.12.61-52.66.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-extra-3.12.61-52.66.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.66.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.66.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.66.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.66.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.66.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.66.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.66.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.66.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.66.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-man-3.12.61-52.66.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:kernel-devel-3.12.61-52.66.1.noarch",
"SUSE Linux Enterprise Server 12-LTSS:kernel-macros-3.12.61-52.66.1.noarch",
"SUSE Linux Enterprise Server 12-LTSS:kernel-source-3.12.61-52.66.1.noarch",
"SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.66.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.66.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.66.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-xen-3.12.61-52.66.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-xen-base-3.12.61-52.66.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-xen-devel-3.12.61-52.66.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kgraft-patch-3_12_61-52_66-default-1-2.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kgraft-patch-3_12_61-52_66-xen-1-2.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-default-3.12.61-52.66.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-default-base-3.12.61-52.66.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-default-devel-3.12.61-52.66.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-devel-3.12.61-52.66.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-macros-3.12.61-52.66.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-source-3.12.61-52.66.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-syms-3.12.61-52.66.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-xen-3.12.61-52.66.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-xen-base-3.12.61-52.66.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-xen-devel-3.12.61-52.66.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:kgraft-patch-3_12_61-52_66-default-1-2.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:kgraft-patch-3_12_61-52_66-xen-1-2.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:L",
"version": "3.0"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-3.12.61-52.66.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-devel-3.12.61-52.66.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-extra-3.12.61-52.66.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.66.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.66.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.66.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.66.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.66.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.66.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.66.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.66.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.66.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-man-3.12.61-52.66.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:kernel-devel-3.12.61-52.66.1.noarch",
"SUSE Linux Enterprise Server 12-LTSS:kernel-macros-3.12.61-52.66.1.noarch",
"SUSE Linux Enterprise Server 12-LTSS:kernel-source-3.12.61-52.66.1.noarch",
"SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.66.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.66.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.66.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-xen-3.12.61-52.66.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-xen-base-3.12.61-52.66.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-xen-devel-3.12.61-52.66.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kgraft-patch-3_12_61-52_66-default-1-2.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kgraft-patch-3_12_61-52_66-xen-1-2.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-default-3.12.61-52.66.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-default-base-3.12.61-52.66.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-default-devel-3.12.61-52.66.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-devel-3.12.61-52.66.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-macros-3.12.61-52.66.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-source-3.12.61-52.66.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-syms-3.12.61-52.66.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-xen-3.12.61-52.66.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-xen-base-3.12.61-52.66.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-xen-devel-3.12.61-52.66.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:kgraft-patch-3_12_61-52_66-default-1-2.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:kgraft-patch-3_12_61-52_66-xen-1-2.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2017-02-15T16:20:32Z",
"details": "moderate"
}
],
"title": "CVE-2015-8956"
},
{
"cve": "CVE-2015-8962",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2015-8962"
}
],
"notes": [
{
"category": "general",
"text": "Double free vulnerability in the sg_common_write function in drivers/scsi/sg.c in the Linux kernel before 4.4 allows local users to gain privileges or cause a denial of service (memory corruption and system crash) by detaching a device during an SG_IO ioctl call.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-3.12.61-52.66.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-devel-3.12.61-52.66.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-extra-3.12.61-52.66.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.66.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.66.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.66.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.66.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.66.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.66.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.66.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.66.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.66.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-man-3.12.61-52.66.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:kernel-devel-3.12.61-52.66.1.noarch",
"SUSE Linux Enterprise Server 12-LTSS:kernel-macros-3.12.61-52.66.1.noarch",
"SUSE Linux Enterprise Server 12-LTSS:kernel-source-3.12.61-52.66.1.noarch",
"SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.66.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.66.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.66.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-xen-3.12.61-52.66.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-xen-base-3.12.61-52.66.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-xen-devel-3.12.61-52.66.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kgraft-patch-3_12_61-52_66-default-1-2.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kgraft-patch-3_12_61-52_66-xen-1-2.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-default-3.12.61-52.66.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-default-base-3.12.61-52.66.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-default-devel-3.12.61-52.66.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-devel-3.12.61-52.66.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-macros-3.12.61-52.66.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-source-3.12.61-52.66.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-syms-3.12.61-52.66.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-xen-3.12.61-52.66.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-xen-base-3.12.61-52.66.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-xen-devel-3.12.61-52.66.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:kgraft-patch-3_12_61-52_66-default-1-2.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:kgraft-patch-3_12_61-52_66-xen-1-2.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2015-8962",
"url": "https://www.suse.com/security/cve/CVE-2015-8962"
},
{
"category": "external",
"summary": "SUSE Bug 1010501 for CVE-2015-8962",
"url": "https://bugzilla.suse.com/1010501"
},
{
"category": "external",
"summary": "SUSE Bug 1115893 for CVE-2015-8962",
"url": "https://bugzilla.suse.com/1115893"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-3.12.61-52.66.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-devel-3.12.61-52.66.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-extra-3.12.61-52.66.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.66.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.66.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.66.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.66.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.66.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.66.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.66.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.66.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.66.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-man-3.12.61-52.66.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:kernel-devel-3.12.61-52.66.1.noarch",
"SUSE Linux Enterprise Server 12-LTSS:kernel-macros-3.12.61-52.66.1.noarch",
"SUSE Linux Enterprise Server 12-LTSS:kernel-source-3.12.61-52.66.1.noarch",
"SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.66.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.66.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.66.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-xen-3.12.61-52.66.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-xen-base-3.12.61-52.66.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-xen-devel-3.12.61-52.66.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kgraft-patch-3_12_61-52_66-default-1-2.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kgraft-patch-3_12_61-52_66-xen-1-2.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-default-3.12.61-52.66.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-default-base-3.12.61-52.66.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-default-devel-3.12.61-52.66.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-devel-3.12.61-52.66.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-macros-3.12.61-52.66.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-source-3.12.61-52.66.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-syms-3.12.61-52.66.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-xen-3.12.61-52.66.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-xen-base-3.12.61-52.66.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-xen-devel-3.12.61-52.66.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:kgraft-patch-3_12_61-52_66-default-1-2.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:kgraft-patch-3_12_61-52_66-xen-1-2.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-3.12.61-52.66.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-devel-3.12.61-52.66.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-extra-3.12.61-52.66.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.66.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.66.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.66.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.66.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.66.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.66.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.66.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.66.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.66.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-man-3.12.61-52.66.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:kernel-devel-3.12.61-52.66.1.noarch",
"SUSE Linux Enterprise Server 12-LTSS:kernel-macros-3.12.61-52.66.1.noarch",
"SUSE Linux Enterprise Server 12-LTSS:kernel-source-3.12.61-52.66.1.noarch",
"SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.66.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.66.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.66.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-xen-3.12.61-52.66.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-xen-base-3.12.61-52.66.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-xen-devel-3.12.61-52.66.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kgraft-patch-3_12_61-52_66-default-1-2.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kgraft-patch-3_12_61-52_66-xen-1-2.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-default-3.12.61-52.66.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-default-base-3.12.61-52.66.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-default-devel-3.12.61-52.66.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-devel-3.12.61-52.66.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-macros-3.12.61-52.66.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-source-3.12.61-52.66.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-syms-3.12.61-52.66.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-xen-3.12.61-52.66.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-xen-base-3.12.61-52.66.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-xen-devel-3.12.61-52.66.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:kgraft-patch-3_12_61-52_66-default-1-2.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:kgraft-patch-3_12_61-52_66-xen-1-2.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2017-02-15T16:20:32Z",
"details": "important"
}
],
"title": "CVE-2015-8962"
},
{
"cve": "CVE-2015-8963",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2015-8963"
}
],
"notes": [
{
"category": "general",
"text": "Race condition in kernel/events/core.c in the Linux kernel before 4.4 allows local users to gain privileges or cause a denial of service (use-after-free) by leveraging incorrect handling of an swevent data structure during a CPU unplug operation.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-3.12.61-52.66.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-devel-3.12.61-52.66.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-extra-3.12.61-52.66.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.66.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.66.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.66.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.66.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.66.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.66.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.66.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.66.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.66.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-man-3.12.61-52.66.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:kernel-devel-3.12.61-52.66.1.noarch",
"SUSE Linux Enterprise Server 12-LTSS:kernel-macros-3.12.61-52.66.1.noarch",
"SUSE Linux Enterprise Server 12-LTSS:kernel-source-3.12.61-52.66.1.noarch",
"SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.66.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.66.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.66.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-xen-3.12.61-52.66.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-xen-base-3.12.61-52.66.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-xen-devel-3.12.61-52.66.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kgraft-patch-3_12_61-52_66-default-1-2.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kgraft-patch-3_12_61-52_66-xen-1-2.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-default-3.12.61-52.66.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-default-base-3.12.61-52.66.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-default-devel-3.12.61-52.66.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-devel-3.12.61-52.66.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-macros-3.12.61-52.66.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-source-3.12.61-52.66.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-syms-3.12.61-52.66.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-xen-3.12.61-52.66.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-xen-base-3.12.61-52.66.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-xen-devel-3.12.61-52.66.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:kgraft-patch-3_12_61-52_66-default-1-2.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:kgraft-patch-3_12_61-52_66-xen-1-2.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2015-8963",
"url": "https://www.suse.com/security/cve/CVE-2015-8963"
},
{
"category": "external",
"summary": "SUSE Bug 1010502 for CVE-2015-8963",
"url": "https://bugzilla.suse.com/1010502"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-3.12.61-52.66.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-devel-3.12.61-52.66.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-extra-3.12.61-52.66.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.66.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.66.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.66.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.66.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.66.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.66.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.66.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.66.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.66.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-man-3.12.61-52.66.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:kernel-devel-3.12.61-52.66.1.noarch",
"SUSE Linux Enterprise Server 12-LTSS:kernel-macros-3.12.61-52.66.1.noarch",
"SUSE Linux Enterprise Server 12-LTSS:kernel-source-3.12.61-52.66.1.noarch",
"SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.66.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.66.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.66.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-xen-3.12.61-52.66.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-xen-base-3.12.61-52.66.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-xen-devel-3.12.61-52.66.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kgraft-patch-3_12_61-52_66-default-1-2.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kgraft-patch-3_12_61-52_66-xen-1-2.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-default-3.12.61-52.66.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-default-base-3.12.61-52.66.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-default-devel-3.12.61-52.66.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-devel-3.12.61-52.66.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-macros-3.12.61-52.66.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-source-3.12.61-52.66.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-syms-3.12.61-52.66.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-xen-3.12.61-52.66.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-xen-base-3.12.61-52.66.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-xen-devel-3.12.61-52.66.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:kgraft-patch-3_12_61-52_66-default-1-2.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:kgraft-patch-3_12_61-52_66-xen-1-2.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-3.12.61-52.66.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-devel-3.12.61-52.66.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-extra-3.12.61-52.66.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.66.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.66.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.66.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.66.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.66.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.66.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.66.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.66.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.66.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-man-3.12.61-52.66.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:kernel-devel-3.12.61-52.66.1.noarch",
"SUSE Linux Enterprise Server 12-LTSS:kernel-macros-3.12.61-52.66.1.noarch",
"SUSE Linux Enterprise Server 12-LTSS:kernel-source-3.12.61-52.66.1.noarch",
"SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.66.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.66.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.66.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-xen-3.12.61-52.66.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-xen-base-3.12.61-52.66.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-xen-devel-3.12.61-52.66.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kgraft-patch-3_12_61-52_66-default-1-2.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kgraft-patch-3_12_61-52_66-xen-1-2.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-default-3.12.61-52.66.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-default-base-3.12.61-52.66.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-default-devel-3.12.61-52.66.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-devel-3.12.61-52.66.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-macros-3.12.61-52.66.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-source-3.12.61-52.66.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-syms-3.12.61-52.66.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-xen-3.12.61-52.66.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-xen-base-3.12.61-52.66.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-xen-devel-3.12.61-52.66.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:kgraft-patch-3_12_61-52_66-default-1-2.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:kgraft-patch-3_12_61-52_66-xen-1-2.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2017-02-15T16:20:32Z",
"details": "important"
}
],
"title": "CVE-2015-8963"
},
{
"cve": "CVE-2015-8964",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2015-8964"
}
],
"notes": [
{
"category": "general",
"text": "The tty_set_termios_ldisc function in drivers/tty/tty_ldisc.c in the Linux kernel before 4.5 allows local users to obtain sensitive information from kernel memory by reading a tty data structure.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-3.12.61-52.66.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-devel-3.12.61-52.66.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-extra-3.12.61-52.66.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.66.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.66.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.66.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.66.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.66.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.66.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.66.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.66.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.66.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-man-3.12.61-52.66.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:kernel-devel-3.12.61-52.66.1.noarch",
"SUSE Linux Enterprise Server 12-LTSS:kernel-macros-3.12.61-52.66.1.noarch",
"SUSE Linux Enterprise Server 12-LTSS:kernel-source-3.12.61-52.66.1.noarch",
"SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.66.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.66.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.66.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-xen-3.12.61-52.66.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-xen-base-3.12.61-52.66.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-xen-devel-3.12.61-52.66.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kgraft-patch-3_12_61-52_66-default-1-2.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kgraft-patch-3_12_61-52_66-xen-1-2.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-default-3.12.61-52.66.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-default-base-3.12.61-52.66.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-default-devel-3.12.61-52.66.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-devel-3.12.61-52.66.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-macros-3.12.61-52.66.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-source-3.12.61-52.66.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-syms-3.12.61-52.66.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-xen-3.12.61-52.66.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-xen-base-3.12.61-52.66.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-xen-devel-3.12.61-52.66.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:kgraft-patch-3_12_61-52_66-default-1-2.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:kgraft-patch-3_12_61-52_66-xen-1-2.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2015-8964",
"url": "https://www.suse.com/security/cve/CVE-2015-8964"
},
{
"category": "external",
"summary": "SUSE Bug 1010507 for CVE-2015-8964",
"url": "https://bugzilla.suse.com/1010507"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-3.12.61-52.66.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-devel-3.12.61-52.66.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-extra-3.12.61-52.66.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.66.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.66.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.66.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.66.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.66.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.66.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.66.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.66.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.66.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-man-3.12.61-52.66.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:kernel-devel-3.12.61-52.66.1.noarch",
"SUSE Linux Enterprise Server 12-LTSS:kernel-macros-3.12.61-52.66.1.noarch",
"SUSE Linux Enterprise Server 12-LTSS:kernel-source-3.12.61-52.66.1.noarch",
"SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.66.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.66.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.66.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-xen-3.12.61-52.66.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-xen-base-3.12.61-52.66.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-xen-devel-3.12.61-52.66.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kgraft-patch-3_12_61-52_66-default-1-2.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kgraft-patch-3_12_61-52_66-xen-1-2.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-default-3.12.61-52.66.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-default-base-3.12.61-52.66.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-default-devel-3.12.61-52.66.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-devel-3.12.61-52.66.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-macros-3.12.61-52.66.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-source-3.12.61-52.66.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-syms-3.12.61-52.66.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-xen-3.12.61-52.66.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-xen-base-3.12.61-52.66.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-xen-devel-3.12.61-52.66.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:kgraft-patch-3_12_61-52_66-default-1-2.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:kgraft-patch-3_12_61-52_66-xen-1-2.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 3.3,
"baseSeverity": "LOW",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-3.12.61-52.66.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-devel-3.12.61-52.66.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-extra-3.12.61-52.66.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.66.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.66.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.66.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.66.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.66.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.66.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.66.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.66.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.66.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-man-3.12.61-52.66.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:kernel-devel-3.12.61-52.66.1.noarch",
"SUSE Linux Enterprise Server 12-LTSS:kernel-macros-3.12.61-52.66.1.noarch",
"SUSE Linux Enterprise Server 12-LTSS:kernel-source-3.12.61-52.66.1.noarch",
"SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.66.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.66.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.66.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-xen-3.12.61-52.66.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-xen-base-3.12.61-52.66.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-xen-devel-3.12.61-52.66.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kgraft-patch-3_12_61-52_66-default-1-2.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kgraft-patch-3_12_61-52_66-xen-1-2.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-default-3.12.61-52.66.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-default-base-3.12.61-52.66.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-default-devel-3.12.61-52.66.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-devel-3.12.61-52.66.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-macros-3.12.61-52.66.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-source-3.12.61-52.66.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-syms-3.12.61-52.66.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-xen-3.12.61-52.66.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-xen-base-3.12.61-52.66.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-xen-devel-3.12.61-52.66.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:kgraft-patch-3_12_61-52_66-default-1-2.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:kgraft-patch-3_12_61-52_66-xen-1-2.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2017-02-15T16:20:32Z",
"details": "low"
}
],
"title": "CVE-2015-8964"
},
{
"cve": "CVE-2016-10088",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2016-10088"
}
],
"notes": [
{
"category": "general",
"text": "The sg implementation in the Linux kernel through 4.9 does not properly restrict write operations in situations where the KERNEL_DS option is set, which allows local users to read or write to arbitrary kernel memory locations or cause a denial of service (use-after-free) by leveraging access to a /dev/sg device, related to block/bsg.c and drivers/scsi/sg.c. NOTE: this vulnerability exists because of an incomplete fix for CVE-2016-9576.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-3.12.61-52.66.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-devel-3.12.61-52.66.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-extra-3.12.61-52.66.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.66.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.66.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.66.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.66.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.66.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.66.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.66.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.66.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.66.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-man-3.12.61-52.66.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:kernel-devel-3.12.61-52.66.1.noarch",
"SUSE Linux Enterprise Server 12-LTSS:kernel-macros-3.12.61-52.66.1.noarch",
"SUSE Linux Enterprise Server 12-LTSS:kernel-source-3.12.61-52.66.1.noarch",
"SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.66.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.66.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.66.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-xen-3.12.61-52.66.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-xen-base-3.12.61-52.66.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-xen-devel-3.12.61-52.66.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kgraft-patch-3_12_61-52_66-default-1-2.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kgraft-patch-3_12_61-52_66-xen-1-2.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-default-3.12.61-52.66.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-default-base-3.12.61-52.66.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-default-devel-3.12.61-52.66.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-devel-3.12.61-52.66.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-macros-3.12.61-52.66.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-source-3.12.61-52.66.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-syms-3.12.61-52.66.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-xen-3.12.61-52.66.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-xen-base-3.12.61-52.66.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-xen-devel-3.12.61-52.66.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:kgraft-patch-3_12_61-52_66-default-1-2.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:kgraft-patch-3_12_61-52_66-xen-1-2.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2016-10088",
"url": "https://www.suse.com/security/cve/CVE-2016-10088"
},
{
"category": "external",
"summary": "SUSE Bug 1013604 for CVE-2016-10088",
"url": "https://bugzilla.suse.com/1013604"
},
{
"category": "external",
"summary": "SUSE Bug 1014271 for CVE-2016-10088",
"url": "https://bugzilla.suse.com/1014271"
},
{
"category": "external",
"summary": "SUSE Bug 1017710 for CVE-2016-10088",
"url": "https://bugzilla.suse.com/1017710"
},
{
"category": "external",
"summary": "SUSE Bug 1019079 for CVE-2016-10088",
"url": "https://bugzilla.suse.com/1019079"
},
{
"category": "external",
"summary": "SUSE Bug 1115893 for CVE-2016-10088",
"url": "https://bugzilla.suse.com/1115893"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-3.12.61-52.66.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-devel-3.12.61-52.66.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-extra-3.12.61-52.66.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.66.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.66.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.66.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.66.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.66.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.66.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.66.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.66.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.66.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-man-3.12.61-52.66.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:kernel-devel-3.12.61-52.66.1.noarch",
"SUSE Linux Enterprise Server 12-LTSS:kernel-macros-3.12.61-52.66.1.noarch",
"SUSE Linux Enterprise Server 12-LTSS:kernel-source-3.12.61-52.66.1.noarch",
"SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.66.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.66.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.66.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-xen-3.12.61-52.66.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-xen-base-3.12.61-52.66.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-xen-devel-3.12.61-52.66.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kgraft-patch-3_12_61-52_66-default-1-2.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kgraft-patch-3_12_61-52_66-xen-1-2.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-default-3.12.61-52.66.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-default-base-3.12.61-52.66.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-default-devel-3.12.61-52.66.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-devel-3.12.61-52.66.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-macros-3.12.61-52.66.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-source-3.12.61-52.66.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-syms-3.12.61-52.66.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-xen-3.12.61-52.66.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-xen-base-3.12.61-52.66.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-xen-devel-3.12.61-52.66.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:kgraft-patch-3_12_61-52_66-default-1-2.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:kgraft-patch-3_12_61-52_66-xen-1-2.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-3.12.61-52.66.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-devel-3.12.61-52.66.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-extra-3.12.61-52.66.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.66.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.66.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.66.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.66.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.66.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.66.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.66.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.66.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.66.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-man-3.12.61-52.66.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:kernel-devel-3.12.61-52.66.1.noarch",
"SUSE Linux Enterprise Server 12-LTSS:kernel-macros-3.12.61-52.66.1.noarch",
"SUSE Linux Enterprise Server 12-LTSS:kernel-source-3.12.61-52.66.1.noarch",
"SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.66.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.66.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.66.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-xen-3.12.61-52.66.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-xen-base-3.12.61-52.66.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-xen-devel-3.12.61-52.66.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kgraft-patch-3_12_61-52_66-default-1-2.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kgraft-patch-3_12_61-52_66-xen-1-2.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-default-3.12.61-52.66.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-default-base-3.12.61-52.66.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-default-devel-3.12.61-52.66.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-devel-3.12.61-52.66.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-macros-3.12.61-52.66.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-source-3.12.61-52.66.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-syms-3.12.61-52.66.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-xen-3.12.61-52.66.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-xen-base-3.12.61-52.66.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-xen-devel-3.12.61-52.66.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:kgraft-patch-3_12_61-52_66-default-1-2.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:kgraft-patch-3_12_61-52_66-xen-1-2.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2017-02-15T16:20:32Z",
"details": "important"
}
],
"title": "CVE-2016-10088"
},
{
"cve": "CVE-2016-4470",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2016-4470"
}
],
"notes": [
{
"category": "general",
"text": "The key_reject_and_link function in security/keys/key.c in the Linux kernel through 4.6.3 does not ensure that a certain data structure is initialized, which allows local users to cause a denial of service (system crash) via vectors involving a crafted keyctl request2 command.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-3.12.61-52.66.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-devel-3.12.61-52.66.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-extra-3.12.61-52.66.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.66.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.66.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.66.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.66.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.66.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.66.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.66.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.66.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.66.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-man-3.12.61-52.66.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:kernel-devel-3.12.61-52.66.1.noarch",
"SUSE Linux Enterprise Server 12-LTSS:kernel-macros-3.12.61-52.66.1.noarch",
"SUSE Linux Enterprise Server 12-LTSS:kernel-source-3.12.61-52.66.1.noarch",
"SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.66.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.66.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.66.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-xen-3.12.61-52.66.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-xen-base-3.12.61-52.66.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-xen-devel-3.12.61-52.66.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kgraft-patch-3_12_61-52_66-default-1-2.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kgraft-patch-3_12_61-52_66-xen-1-2.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-default-3.12.61-52.66.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-default-base-3.12.61-52.66.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-default-devel-3.12.61-52.66.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-devel-3.12.61-52.66.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-macros-3.12.61-52.66.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-source-3.12.61-52.66.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-syms-3.12.61-52.66.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-xen-3.12.61-52.66.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-xen-base-3.12.61-52.66.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-xen-devel-3.12.61-52.66.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:kgraft-patch-3_12_61-52_66-default-1-2.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:kgraft-patch-3_12_61-52_66-xen-1-2.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2016-4470",
"url": "https://www.suse.com/security/cve/CVE-2016-4470"
},
{
"category": "external",
"summary": "SUSE Bug 1020452 for CVE-2016-4470",
"url": "https://bugzilla.suse.com/1020452"
},
{
"category": "external",
"summary": "SUSE Bug 984755 for CVE-2016-4470",
"url": "https://bugzilla.suse.com/984755"
},
{
"category": "external",
"summary": "SUSE Bug 984764 for CVE-2016-4470",
"url": "https://bugzilla.suse.com/984764"
},
{
"category": "external",
"summary": "SUSE Bug 991651 for CVE-2016-4470",
"url": "https://bugzilla.suse.com/991651"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-3.12.61-52.66.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-devel-3.12.61-52.66.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-extra-3.12.61-52.66.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.66.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.66.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.66.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.66.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.66.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.66.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.66.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.66.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.66.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-man-3.12.61-52.66.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:kernel-devel-3.12.61-52.66.1.noarch",
"SUSE Linux Enterprise Server 12-LTSS:kernel-macros-3.12.61-52.66.1.noarch",
"SUSE Linux Enterprise Server 12-LTSS:kernel-source-3.12.61-52.66.1.noarch",
"SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.66.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.66.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.66.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-xen-3.12.61-52.66.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-xen-base-3.12.61-52.66.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-xen-devel-3.12.61-52.66.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kgraft-patch-3_12_61-52_66-default-1-2.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kgraft-patch-3_12_61-52_66-xen-1-2.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-default-3.12.61-52.66.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-default-base-3.12.61-52.66.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-default-devel-3.12.61-52.66.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-devel-3.12.61-52.66.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-macros-3.12.61-52.66.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-source-3.12.61-52.66.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-syms-3.12.61-52.66.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-xen-3.12.61-52.66.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-xen-base-3.12.61-52.66.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-xen-devel-3.12.61-52.66.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:kgraft-patch-3_12_61-52_66-default-1-2.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:kgraft-patch-3_12_61-52_66-xen-1-2.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.0"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-3.12.61-52.66.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-devel-3.12.61-52.66.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-extra-3.12.61-52.66.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.66.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.66.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.66.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.66.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.66.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.66.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.66.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.66.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.66.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-man-3.12.61-52.66.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:kernel-devel-3.12.61-52.66.1.noarch",
"SUSE Linux Enterprise Server 12-LTSS:kernel-macros-3.12.61-52.66.1.noarch",
"SUSE Linux Enterprise Server 12-LTSS:kernel-source-3.12.61-52.66.1.noarch",
"SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.66.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.66.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.66.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-xen-3.12.61-52.66.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-xen-base-3.12.61-52.66.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-xen-devel-3.12.61-52.66.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kgraft-patch-3_12_61-52_66-default-1-2.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kgraft-patch-3_12_61-52_66-xen-1-2.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-default-3.12.61-52.66.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-default-base-3.12.61-52.66.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-default-devel-3.12.61-52.66.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-devel-3.12.61-52.66.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-macros-3.12.61-52.66.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-source-3.12.61-52.66.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-syms-3.12.61-52.66.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-xen-3.12.61-52.66.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-xen-base-3.12.61-52.66.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-xen-devel-3.12.61-52.66.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:kgraft-patch-3_12_61-52_66-default-1-2.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:kgraft-patch-3_12_61-52_66-xen-1-2.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2017-02-15T16:20:32Z",
"details": "moderate"
}
],
"title": "CVE-2016-4470"
},
{
"cve": "CVE-2016-4997",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2016-4997"
}
],
"notes": [
{
"category": "general",
"text": "The compat IPT_SO_SET_REPLACE and IP6T_SO_SET_REPLACE setsockopt implementations in the netfilter subsystem in the Linux kernel before 4.6.3 allow local users to gain privileges or cause a denial of service (memory corruption) by leveraging in-container root access to provide a crafted offset value that triggers an unintended decrement.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-3.12.61-52.66.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-devel-3.12.61-52.66.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-extra-3.12.61-52.66.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.66.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.66.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.66.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.66.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.66.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.66.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.66.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.66.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.66.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-man-3.12.61-52.66.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:kernel-devel-3.12.61-52.66.1.noarch",
"SUSE Linux Enterprise Server 12-LTSS:kernel-macros-3.12.61-52.66.1.noarch",
"SUSE Linux Enterprise Server 12-LTSS:kernel-source-3.12.61-52.66.1.noarch",
"SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.66.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.66.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.66.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-xen-3.12.61-52.66.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-xen-base-3.12.61-52.66.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-xen-devel-3.12.61-52.66.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kgraft-patch-3_12_61-52_66-default-1-2.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kgraft-patch-3_12_61-52_66-xen-1-2.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-default-3.12.61-52.66.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-default-base-3.12.61-52.66.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-default-devel-3.12.61-52.66.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-devel-3.12.61-52.66.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-macros-3.12.61-52.66.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-source-3.12.61-52.66.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-syms-3.12.61-52.66.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-xen-3.12.61-52.66.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-xen-base-3.12.61-52.66.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-xen-devel-3.12.61-52.66.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:kgraft-patch-3_12_61-52_66-default-1-2.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:kgraft-patch-3_12_61-52_66-xen-1-2.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2016-4997",
"url": "https://www.suse.com/security/cve/CVE-2016-4997"
},
{
"category": "external",
"summary": "SUSE Bug 1020452 for CVE-2016-4997",
"url": "https://bugzilla.suse.com/1020452"
},
{
"category": "external",
"summary": "SUSE Bug 986362 for CVE-2016-4997",
"url": "https://bugzilla.suse.com/986362"
},
{
"category": "external",
"summary": "SUSE Bug 986365 for CVE-2016-4997",
"url": "https://bugzilla.suse.com/986365"
},
{
"category": "external",
"summary": "SUSE Bug 986377 for CVE-2016-4997",
"url": "https://bugzilla.suse.com/986377"
},
{
"category": "external",
"summary": "SUSE Bug 991651 for CVE-2016-4997",
"url": "https://bugzilla.suse.com/991651"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-3.12.61-52.66.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-devel-3.12.61-52.66.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-extra-3.12.61-52.66.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.66.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.66.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.66.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.66.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.66.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.66.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.66.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.66.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.66.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-man-3.12.61-52.66.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:kernel-devel-3.12.61-52.66.1.noarch",
"SUSE Linux Enterprise Server 12-LTSS:kernel-macros-3.12.61-52.66.1.noarch",
"SUSE Linux Enterprise Server 12-LTSS:kernel-source-3.12.61-52.66.1.noarch",
"SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.66.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.66.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.66.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-xen-3.12.61-52.66.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-xen-base-3.12.61-52.66.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-xen-devel-3.12.61-52.66.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kgraft-patch-3_12_61-52_66-default-1-2.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kgraft-patch-3_12_61-52_66-xen-1-2.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-default-3.12.61-52.66.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-default-base-3.12.61-52.66.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-default-devel-3.12.61-52.66.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-devel-3.12.61-52.66.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-macros-3.12.61-52.66.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-source-3.12.61-52.66.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-syms-3.12.61-52.66.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-xen-3.12.61-52.66.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-xen-base-3.12.61-52.66.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-xen-devel-3.12.61-52.66.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:kgraft-patch-3_12_61-52_66-default-1-2.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:kgraft-patch-3_12_61-52_66-xen-1-2.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-3.12.61-52.66.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-devel-3.12.61-52.66.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-extra-3.12.61-52.66.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.66.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.66.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.66.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.66.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.66.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.66.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.66.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.66.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.66.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-man-3.12.61-52.66.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:kernel-devel-3.12.61-52.66.1.noarch",
"SUSE Linux Enterprise Server 12-LTSS:kernel-macros-3.12.61-52.66.1.noarch",
"SUSE Linux Enterprise Server 12-LTSS:kernel-source-3.12.61-52.66.1.noarch",
"SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.66.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.66.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.66.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-xen-3.12.61-52.66.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-xen-base-3.12.61-52.66.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-xen-devel-3.12.61-52.66.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kgraft-patch-3_12_61-52_66-default-1-2.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kgraft-patch-3_12_61-52_66-xen-1-2.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-default-3.12.61-52.66.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-default-base-3.12.61-52.66.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-default-devel-3.12.61-52.66.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-devel-3.12.61-52.66.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-macros-3.12.61-52.66.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-source-3.12.61-52.66.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-syms-3.12.61-52.66.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-xen-3.12.61-52.66.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-xen-base-3.12.61-52.66.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-xen-devel-3.12.61-52.66.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:kgraft-patch-3_12_61-52_66-default-1-2.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:kgraft-patch-3_12_61-52_66-xen-1-2.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2017-02-15T16:20:32Z",
"details": "important"
}
],
"title": "CVE-2016-4997"
},
{
"cve": "CVE-2016-5696",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2016-5696"
}
],
"notes": [
{
"category": "general",
"text": "net/ipv4/tcp_input.c in the Linux kernel before 4.7 does not properly determine the rate of challenge ACK segments, which makes it easier for remote attackers to hijack TCP sessions via a blind in-window attack.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-3.12.61-52.66.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-devel-3.12.61-52.66.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-extra-3.12.61-52.66.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.66.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.66.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.66.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.66.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.66.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.66.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.66.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.66.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.66.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-man-3.12.61-52.66.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:kernel-devel-3.12.61-52.66.1.noarch",
"SUSE Linux Enterprise Server 12-LTSS:kernel-macros-3.12.61-52.66.1.noarch",
"SUSE Linux Enterprise Server 12-LTSS:kernel-source-3.12.61-52.66.1.noarch",
"SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.66.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.66.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.66.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-xen-3.12.61-52.66.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-xen-base-3.12.61-52.66.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-xen-devel-3.12.61-52.66.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kgraft-patch-3_12_61-52_66-default-1-2.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kgraft-patch-3_12_61-52_66-xen-1-2.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-default-3.12.61-52.66.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-default-base-3.12.61-52.66.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-default-devel-3.12.61-52.66.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-devel-3.12.61-52.66.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-macros-3.12.61-52.66.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-source-3.12.61-52.66.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-syms-3.12.61-52.66.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-xen-3.12.61-52.66.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-xen-base-3.12.61-52.66.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-xen-devel-3.12.61-52.66.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:kgraft-patch-3_12_61-52_66-default-1-2.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:kgraft-patch-3_12_61-52_66-xen-1-2.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2016-5696",
"url": "https://www.suse.com/security/cve/CVE-2016-5696"
},
{
"category": "external",
"summary": "SUSE Bug 1020452 for CVE-2016-5696",
"url": "https://bugzilla.suse.com/1020452"
},
{
"category": "external",
"summary": "SUSE Bug 1175721 for CVE-2016-5696",
"url": "https://bugzilla.suse.com/1175721"
},
{
"category": "external",
"summary": "SUSE Bug 989152 for CVE-2016-5696",
"url": "https://bugzilla.suse.com/989152"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-3.12.61-52.66.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-devel-3.12.61-52.66.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-extra-3.12.61-52.66.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.66.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.66.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.66.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.66.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.66.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.66.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.66.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.66.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.66.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-man-3.12.61-52.66.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:kernel-devel-3.12.61-52.66.1.noarch",
"SUSE Linux Enterprise Server 12-LTSS:kernel-macros-3.12.61-52.66.1.noarch",
"SUSE Linux Enterprise Server 12-LTSS:kernel-source-3.12.61-52.66.1.noarch",
"SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.66.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.66.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.66.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-xen-3.12.61-52.66.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-xen-base-3.12.61-52.66.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-xen-devel-3.12.61-52.66.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kgraft-patch-3_12_61-52_66-default-1-2.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kgraft-patch-3_12_61-52_66-xen-1-2.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-default-3.12.61-52.66.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-default-base-3.12.61-52.66.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-default-devel-3.12.61-52.66.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-devel-3.12.61-52.66.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-macros-3.12.61-52.66.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-source-3.12.61-52.66.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-syms-3.12.61-52.66.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-xen-3.12.61-52.66.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-xen-base-3.12.61-52.66.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-xen-devel-3.12.61-52.66.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:kgraft-patch-3_12_61-52_66-default-1-2.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:kgraft-patch-3_12_61-52_66-xen-1-2.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.8,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:L",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-3.12.61-52.66.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-devel-3.12.61-52.66.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-extra-3.12.61-52.66.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.66.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.66.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.66.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.66.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.66.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.66.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.66.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.66.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.66.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-man-3.12.61-52.66.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:kernel-devel-3.12.61-52.66.1.noarch",
"SUSE Linux Enterprise Server 12-LTSS:kernel-macros-3.12.61-52.66.1.noarch",
"SUSE Linux Enterprise Server 12-LTSS:kernel-source-3.12.61-52.66.1.noarch",
"SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.66.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.66.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.66.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-xen-3.12.61-52.66.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-xen-base-3.12.61-52.66.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-xen-devel-3.12.61-52.66.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kgraft-patch-3_12_61-52_66-default-1-2.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kgraft-patch-3_12_61-52_66-xen-1-2.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-default-3.12.61-52.66.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-default-base-3.12.61-52.66.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-default-devel-3.12.61-52.66.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-devel-3.12.61-52.66.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-macros-3.12.61-52.66.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-source-3.12.61-52.66.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-syms-3.12.61-52.66.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-xen-3.12.61-52.66.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-xen-base-3.12.61-52.66.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-xen-devel-3.12.61-52.66.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:kgraft-patch-3_12_61-52_66-default-1-2.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:kgraft-patch-3_12_61-52_66-xen-1-2.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2017-02-15T16:20:32Z",
"details": "moderate"
}
],
"title": "CVE-2016-5696"
},
{
"cve": "CVE-2016-5828",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2016-5828"
}
],
"notes": [
{
"category": "general",
"text": "The start_thread function in arch/powerpc/kernel/process.c in the Linux kernel through 4.6.3 on powerpc platforms mishandles transactional state, which allows local users to cause a denial of service (invalid process state or TM Bad Thing exception, and system crash) or possibly have unspecified other impact by starting and suspending a transaction before an exec system call.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-3.12.61-52.66.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-devel-3.12.61-52.66.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-extra-3.12.61-52.66.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.66.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.66.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.66.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.66.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.66.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.66.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.66.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.66.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.66.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-man-3.12.61-52.66.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:kernel-devel-3.12.61-52.66.1.noarch",
"SUSE Linux Enterprise Server 12-LTSS:kernel-macros-3.12.61-52.66.1.noarch",
"SUSE Linux Enterprise Server 12-LTSS:kernel-source-3.12.61-52.66.1.noarch",
"SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.66.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.66.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.66.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-xen-3.12.61-52.66.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-xen-base-3.12.61-52.66.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-xen-devel-3.12.61-52.66.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kgraft-patch-3_12_61-52_66-default-1-2.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kgraft-patch-3_12_61-52_66-xen-1-2.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-default-3.12.61-52.66.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-default-base-3.12.61-52.66.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-default-devel-3.12.61-52.66.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-devel-3.12.61-52.66.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-macros-3.12.61-52.66.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-source-3.12.61-52.66.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-syms-3.12.61-52.66.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-xen-3.12.61-52.66.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-xen-base-3.12.61-52.66.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-xen-devel-3.12.61-52.66.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:kgraft-patch-3_12_61-52_66-default-1-2.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:kgraft-patch-3_12_61-52_66-xen-1-2.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2016-5828",
"url": "https://www.suse.com/security/cve/CVE-2016-5828"
},
{
"category": "external",
"summary": "SUSE Bug 986569 for CVE-2016-5828",
"url": "https://bugzilla.suse.com/986569"
},
{
"category": "external",
"summary": "SUSE Bug 991065 for CVE-2016-5828",
"url": "https://bugzilla.suse.com/991065"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-3.12.61-52.66.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-devel-3.12.61-52.66.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-extra-3.12.61-52.66.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.66.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.66.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.66.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.66.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.66.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.66.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.66.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.66.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.66.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-man-3.12.61-52.66.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:kernel-devel-3.12.61-52.66.1.noarch",
"SUSE Linux Enterprise Server 12-LTSS:kernel-macros-3.12.61-52.66.1.noarch",
"SUSE Linux Enterprise Server 12-LTSS:kernel-source-3.12.61-52.66.1.noarch",
"SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.66.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.66.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.66.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-xen-3.12.61-52.66.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-xen-base-3.12.61-52.66.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-xen-devel-3.12.61-52.66.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kgraft-patch-3_12_61-52_66-default-1-2.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kgraft-patch-3_12_61-52_66-xen-1-2.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-default-3.12.61-52.66.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-default-base-3.12.61-52.66.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-default-devel-3.12.61-52.66.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-devel-3.12.61-52.66.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-macros-3.12.61-52.66.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-source-3.12.61-52.66.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-syms-3.12.61-52.66.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-xen-3.12.61-52.66.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-xen-base-3.12.61-52.66.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-xen-devel-3.12.61-52.66.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:kgraft-patch-3_12_61-52_66-default-1-2.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:kgraft-patch-3_12_61-52_66-xen-1-2.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-3.12.61-52.66.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-devel-3.12.61-52.66.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-extra-3.12.61-52.66.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.66.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.66.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.66.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.66.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.66.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.66.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.66.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.66.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.66.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-man-3.12.61-52.66.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:kernel-devel-3.12.61-52.66.1.noarch",
"SUSE Linux Enterprise Server 12-LTSS:kernel-macros-3.12.61-52.66.1.noarch",
"SUSE Linux Enterprise Server 12-LTSS:kernel-source-3.12.61-52.66.1.noarch",
"SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.66.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.66.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.66.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-xen-3.12.61-52.66.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-xen-base-3.12.61-52.66.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-xen-devel-3.12.61-52.66.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kgraft-patch-3_12_61-52_66-default-1-2.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kgraft-patch-3_12_61-52_66-xen-1-2.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-default-3.12.61-52.66.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-default-base-3.12.61-52.66.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-default-devel-3.12.61-52.66.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-devel-3.12.61-52.66.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-macros-3.12.61-52.66.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-source-3.12.61-52.66.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-syms-3.12.61-52.66.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-xen-3.12.61-52.66.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-xen-base-3.12.61-52.66.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-xen-devel-3.12.61-52.66.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:kgraft-patch-3_12_61-52_66-default-1-2.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:kgraft-patch-3_12_61-52_66-xen-1-2.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2017-02-15T16:20:32Z",
"details": "moderate"
}
],
"title": "CVE-2016-5828"
},
{
"cve": "CVE-2016-5829",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2016-5829"
}
],
"notes": [
{
"category": "general",
"text": "Multiple heap-based buffer overflows in the hiddev_ioctl_usage function in drivers/hid/usbhid/hiddev.c in the Linux kernel through 4.6.3 allow local users to cause a denial of service or possibly have unspecified other impact via a crafted (1) HIDIOCGUSAGES or (2) HIDIOCSUSAGES ioctl call.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-3.12.61-52.66.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-devel-3.12.61-52.66.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-extra-3.12.61-52.66.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.66.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.66.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.66.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.66.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.66.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.66.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.66.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.66.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.66.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-man-3.12.61-52.66.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:kernel-devel-3.12.61-52.66.1.noarch",
"SUSE Linux Enterprise Server 12-LTSS:kernel-macros-3.12.61-52.66.1.noarch",
"SUSE Linux Enterprise Server 12-LTSS:kernel-source-3.12.61-52.66.1.noarch",
"SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.66.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.66.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.66.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-xen-3.12.61-52.66.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-xen-base-3.12.61-52.66.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-xen-devel-3.12.61-52.66.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kgraft-patch-3_12_61-52_66-default-1-2.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kgraft-patch-3_12_61-52_66-xen-1-2.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-default-3.12.61-52.66.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-default-base-3.12.61-52.66.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-default-devel-3.12.61-52.66.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-devel-3.12.61-52.66.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-macros-3.12.61-52.66.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-source-3.12.61-52.66.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-syms-3.12.61-52.66.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-xen-3.12.61-52.66.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-xen-base-3.12.61-52.66.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-xen-devel-3.12.61-52.66.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:kgraft-patch-3_12_61-52_66-default-1-2.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:kgraft-patch-3_12_61-52_66-xen-1-2.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2016-5829",
"url": "https://www.suse.com/security/cve/CVE-2016-5829"
},
{
"category": "external",
"summary": "SUSE Bug 1053919 for CVE-2016-5829",
"url": "https://bugzilla.suse.com/1053919"
},
{
"category": "external",
"summary": "SUSE Bug 1054127 for CVE-2016-5829",
"url": "https://bugzilla.suse.com/1054127"
},
{
"category": "external",
"summary": "SUSE Bug 1115893 for CVE-2016-5829",
"url": "https://bugzilla.suse.com/1115893"
},
{
"category": "external",
"summary": "SUSE Bug 986572 for CVE-2016-5829",
"url": "https://bugzilla.suse.com/986572"
},
{
"category": "external",
"summary": "SUSE Bug 986573 for CVE-2016-5829",
"url": "https://bugzilla.suse.com/986573"
},
{
"category": "external",
"summary": "SUSE Bug 991651 for CVE-2016-5829",
"url": "https://bugzilla.suse.com/991651"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-3.12.61-52.66.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-devel-3.12.61-52.66.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-extra-3.12.61-52.66.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.66.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.66.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.66.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.66.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.66.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.66.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.66.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.66.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.66.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-man-3.12.61-52.66.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:kernel-devel-3.12.61-52.66.1.noarch",
"SUSE Linux Enterprise Server 12-LTSS:kernel-macros-3.12.61-52.66.1.noarch",
"SUSE Linux Enterprise Server 12-LTSS:kernel-source-3.12.61-52.66.1.noarch",
"SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.66.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.66.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.66.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-xen-3.12.61-52.66.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-xen-base-3.12.61-52.66.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-xen-devel-3.12.61-52.66.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kgraft-patch-3_12_61-52_66-default-1-2.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kgraft-patch-3_12_61-52_66-xen-1-2.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-default-3.12.61-52.66.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-default-base-3.12.61-52.66.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-default-devel-3.12.61-52.66.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-devel-3.12.61-52.66.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-macros-3.12.61-52.66.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-source-3.12.61-52.66.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-syms-3.12.61-52.66.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-xen-3.12.61-52.66.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-xen-base-3.12.61-52.66.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-xen-devel-3.12.61-52.66.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:kgraft-patch-3_12_61-52_66-default-1-2.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:kgraft-patch-3_12_61-52_66-xen-1-2.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-3.12.61-52.66.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-devel-3.12.61-52.66.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-extra-3.12.61-52.66.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.66.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.66.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.66.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.66.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.66.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.66.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.66.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.66.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.66.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-man-3.12.61-52.66.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:kernel-devel-3.12.61-52.66.1.noarch",
"SUSE Linux Enterprise Server 12-LTSS:kernel-macros-3.12.61-52.66.1.noarch",
"SUSE Linux Enterprise Server 12-LTSS:kernel-source-3.12.61-52.66.1.noarch",
"SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.66.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.66.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.66.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-xen-3.12.61-52.66.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-xen-base-3.12.61-52.66.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-xen-devel-3.12.61-52.66.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kgraft-patch-3_12_61-52_66-default-1-2.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kgraft-patch-3_12_61-52_66-xen-1-2.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-default-3.12.61-52.66.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-default-base-3.12.61-52.66.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-default-devel-3.12.61-52.66.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-devel-3.12.61-52.66.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-macros-3.12.61-52.66.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-source-3.12.61-52.66.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-syms-3.12.61-52.66.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-xen-3.12.61-52.66.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-xen-base-3.12.61-52.66.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-xen-devel-3.12.61-52.66.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:kgraft-patch-3_12_61-52_66-default-1-2.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:kgraft-patch-3_12_61-52_66-xen-1-2.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2017-02-15T16:20:32Z",
"details": "moderate"
}
],
"title": "CVE-2016-5829"
},
{
"cve": "CVE-2016-6130",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2016-6130"
}
],
"notes": [
{
"category": "general",
"text": "Race condition in the sclp_ctl_ioctl_sccb function in drivers/s390/char/sclp_ctl.c in the Linux kernel before 4.6 allows local users to obtain sensitive information from kernel memory by changing a certain length value, aka a \"double fetch\" vulnerability.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-3.12.61-52.66.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-devel-3.12.61-52.66.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-extra-3.12.61-52.66.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.66.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.66.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.66.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.66.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.66.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.66.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.66.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.66.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.66.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-man-3.12.61-52.66.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:kernel-devel-3.12.61-52.66.1.noarch",
"SUSE Linux Enterprise Server 12-LTSS:kernel-macros-3.12.61-52.66.1.noarch",
"SUSE Linux Enterprise Server 12-LTSS:kernel-source-3.12.61-52.66.1.noarch",
"SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.66.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.66.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.66.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-xen-3.12.61-52.66.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-xen-base-3.12.61-52.66.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-xen-devel-3.12.61-52.66.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kgraft-patch-3_12_61-52_66-default-1-2.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kgraft-patch-3_12_61-52_66-xen-1-2.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-default-3.12.61-52.66.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-default-base-3.12.61-52.66.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-default-devel-3.12.61-52.66.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-devel-3.12.61-52.66.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-macros-3.12.61-52.66.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-source-3.12.61-52.66.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-syms-3.12.61-52.66.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-xen-3.12.61-52.66.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-xen-base-3.12.61-52.66.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-xen-devel-3.12.61-52.66.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:kgraft-patch-3_12_61-52_66-default-1-2.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:kgraft-patch-3_12_61-52_66-xen-1-2.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2016-6130",
"url": "https://www.suse.com/security/cve/CVE-2016-6130"
},
{
"category": "external",
"summary": "SUSE Bug 987542 for CVE-2016-6130",
"url": "https://bugzilla.suse.com/987542"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-3.12.61-52.66.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-devel-3.12.61-52.66.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-extra-3.12.61-52.66.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.66.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.66.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.66.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.66.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.66.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.66.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.66.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.66.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.66.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-man-3.12.61-52.66.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:kernel-devel-3.12.61-52.66.1.noarch",
"SUSE Linux Enterprise Server 12-LTSS:kernel-macros-3.12.61-52.66.1.noarch",
"SUSE Linux Enterprise Server 12-LTSS:kernel-source-3.12.61-52.66.1.noarch",
"SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.66.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.66.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.66.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-xen-3.12.61-52.66.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-xen-base-3.12.61-52.66.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-xen-devel-3.12.61-52.66.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kgraft-patch-3_12_61-52_66-default-1-2.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kgraft-patch-3_12_61-52_66-xen-1-2.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-default-3.12.61-52.66.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-default-base-3.12.61-52.66.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-default-devel-3.12.61-52.66.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-devel-3.12.61-52.66.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-macros-3.12.61-52.66.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-source-3.12.61-52.66.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-syms-3.12.61-52.66.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-xen-3.12.61-52.66.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-xen-base-3.12.61-52.66.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-xen-devel-3.12.61-52.66.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:kgraft-patch-3_12_61-52_66-default-1-2.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:kgraft-patch-3_12_61-52_66-xen-1-2.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 2.2,
"baseSeverity": "LOW",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:R/S:U/C:L/I:N/A:N",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-3.12.61-52.66.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-devel-3.12.61-52.66.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-extra-3.12.61-52.66.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.66.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.66.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.66.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.66.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.66.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.66.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.66.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.66.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.66.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-man-3.12.61-52.66.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:kernel-devel-3.12.61-52.66.1.noarch",
"SUSE Linux Enterprise Server 12-LTSS:kernel-macros-3.12.61-52.66.1.noarch",
"SUSE Linux Enterprise Server 12-LTSS:kernel-source-3.12.61-52.66.1.noarch",
"SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.66.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.66.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.66.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-xen-3.12.61-52.66.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-xen-base-3.12.61-52.66.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-xen-devel-3.12.61-52.66.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kgraft-patch-3_12_61-52_66-default-1-2.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kgraft-patch-3_12_61-52_66-xen-1-2.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-default-3.12.61-52.66.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-default-base-3.12.61-52.66.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-default-devel-3.12.61-52.66.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-devel-3.12.61-52.66.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-macros-3.12.61-52.66.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-source-3.12.61-52.66.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-syms-3.12.61-52.66.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-xen-3.12.61-52.66.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-xen-base-3.12.61-52.66.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-xen-devel-3.12.61-52.66.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:kgraft-patch-3_12_61-52_66-default-1-2.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:kgraft-patch-3_12_61-52_66-xen-1-2.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2017-02-15T16:20:32Z",
"details": "low"
}
],
"title": "CVE-2016-6130"
},
{
"cve": "CVE-2016-6327",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2016-6327"
}
],
"notes": [
{
"category": "general",
"text": "drivers/infiniband/ulp/srpt/ib_srpt.c in the Linux kernel before 4.5.1 allows local users to cause a denial of service (NULL pointer dereference and system crash) by using an ABORT_TASK command to abort a device write operation.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-3.12.61-52.66.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-devel-3.12.61-52.66.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-extra-3.12.61-52.66.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.66.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.66.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.66.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.66.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.66.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.66.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.66.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.66.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.66.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-man-3.12.61-52.66.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:kernel-devel-3.12.61-52.66.1.noarch",
"SUSE Linux Enterprise Server 12-LTSS:kernel-macros-3.12.61-52.66.1.noarch",
"SUSE Linux Enterprise Server 12-LTSS:kernel-source-3.12.61-52.66.1.noarch",
"SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.66.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.66.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.66.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-xen-3.12.61-52.66.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-xen-base-3.12.61-52.66.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-xen-devel-3.12.61-52.66.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kgraft-patch-3_12_61-52_66-default-1-2.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kgraft-patch-3_12_61-52_66-xen-1-2.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-default-3.12.61-52.66.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-default-base-3.12.61-52.66.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-default-devel-3.12.61-52.66.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-devel-3.12.61-52.66.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-macros-3.12.61-52.66.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-source-3.12.61-52.66.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-syms-3.12.61-52.66.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-xen-3.12.61-52.66.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-xen-base-3.12.61-52.66.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-xen-devel-3.12.61-52.66.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:kgraft-patch-3_12_61-52_66-default-1-2.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:kgraft-patch-3_12_61-52_66-xen-1-2.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2016-6327",
"url": "https://www.suse.com/security/cve/CVE-2016-6327"
},
{
"category": "external",
"summary": "SUSE Bug 994748 for CVE-2016-6327",
"url": "https://bugzilla.suse.com/994748"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-3.12.61-52.66.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-devel-3.12.61-52.66.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-extra-3.12.61-52.66.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.66.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.66.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.66.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.66.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.66.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.66.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.66.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.66.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.66.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-man-3.12.61-52.66.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:kernel-devel-3.12.61-52.66.1.noarch",
"SUSE Linux Enterprise Server 12-LTSS:kernel-macros-3.12.61-52.66.1.noarch",
"SUSE Linux Enterprise Server 12-LTSS:kernel-source-3.12.61-52.66.1.noarch",
"SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.66.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.66.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.66.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-xen-3.12.61-52.66.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-xen-base-3.12.61-52.66.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-xen-devel-3.12.61-52.66.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kgraft-patch-3_12_61-52_66-default-1-2.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kgraft-patch-3_12_61-52_66-xen-1-2.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-default-3.12.61-52.66.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-default-base-3.12.61-52.66.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-default-devel-3.12.61-52.66.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-devel-3.12.61-52.66.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-macros-3.12.61-52.66.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-source-3.12.61-52.66.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-syms-3.12.61-52.66.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-xen-3.12.61-52.66.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-xen-base-3.12.61-52.66.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-xen-devel-3.12.61-52.66.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:kgraft-patch-3_12_61-52_66-default-1-2.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:kgraft-patch-3_12_61-52_66-xen-1-2.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.0"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-3.12.61-52.66.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-devel-3.12.61-52.66.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-extra-3.12.61-52.66.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.66.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.66.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.66.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.66.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.66.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.66.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.66.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.66.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.66.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-man-3.12.61-52.66.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:kernel-devel-3.12.61-52.66.1.noarch",
"SUSE Linux Enterprise Server 12-LTSS:kernel-macros-3.12.61-52.66.1.noarch",
"SUSE Linux Enterprise Server 12-LTSS:kernel-source-3.12.61-52.66.1.noarch",
"SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.66.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.66.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.66.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-xen-3.12.61-52.66.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-xen-base-3.12.61-52.66.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-xen-devel-3.12.61-52.66.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kgraft-patch-3_12_61-52_66-default-1-2.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kgraft-patch-3_12_61-52_66-xen-1-2.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-default-3.12.61-52.66.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-default-base-3.12.61-52.66.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-default-devel-3.12.61-52.66.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-devel-3.12.61-52.66.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-macros-3.12.61-52.66.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-source-3.12.61-52.66.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-syms-3.12.61-52.66.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-xen-3.12.61-52.66.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-xen-base-3.12.61-52.66.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-xen-devel-3.12.61-52.66.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:kgraft-patch-3_12_61-52_66-default-1-2.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:kgraft-patch-3_12_61-52_66-xen-1-2.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2017-02-15T16:20:32Z",
"details": "moderate"
}
],
"title": "CVE-2016-6327"
},
{
"cve": "CVE-2016-6480",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2016-6480"
}
],
"notes": [
{
"category": "general",
"text": "Race condition in the ioctl_send_fib function in drivers/scsi/aacraid/commctrl.c in the Linux kernel through 4.7 allows local users to cause a denial of service (out-of-bounds access or system crash) by changing a certain size value, aka a \"double fetch\" vulnerability.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-3.12.61-52.66.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-devel-3.12.61-52.66.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-extra-3.12.61-52.66.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.66.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.66.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.66.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.66.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.66.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.66.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.66.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.66.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.66.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-man-3.12.61-52.66.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:kernel-devel-3.12.61-52.66.1.noarch",
"SUSE Linux Enterprise Server 12-LTSS:kernel-macros-3.12.61-52.66.1.noarch",
"SUSE Linux Enterprise Server 12-LTSS:kernel-source-3.12.61-52.66.1.noarch",
"SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.66.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.66.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.66.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-xen-3.12.61-52.66.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-xen-base-3.12.61-52.66.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-xen-devel-3.12.61-52.66.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kgraft-patch-3_12_61-52_66-default-1-2.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kgraft-patch-3_12_61-52_66-xen-1-2.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-default-3.12.61-52.66.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-default-base-3.12.61-52.66.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-default-devel-3.12.61-52.66.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-devel-3.12.61-52.66.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-macros-3.12.61-52.66.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-source-3.12.61-52.66.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-syms-3.12.61-52.66.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-xen-3.12.61-52.66.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-xen-base-3.12.61-52.66.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-xen-devel-3.12.61-52.66.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:kgraft-patch-3_12_61-52_66-default-1-2.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:kgraft-patch-3_12_61-52_66-xen-1-2.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2016-6480",
"url": "https://www.suse.com/security/cve/CVE-2016-6480"
},
{
"category": "external",
"summary": "SUSE Bug 1004418 for CVE-2016-6480",
"url": "https://bugzilla.suse.com/1004418"
},
{
"category": "external",
"summary": "SUSE Bug 991608 for CVE-2016-6480",
"url": "https://bugzilla.suse.com/991608"
},
{
"category": "external",
"summary": "SUSE Bug 991667 for CVE-2016-6480",
"url": "https://bugzilla.suse.com/991667"
},
{
"category": "external",
"summary": "SUSE Bug 992568 for CVE-2016-6480",
"url": "https://bugzilla.suse.com/992568"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-3.12.61-52.66.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-devel-3.12.61-52.66.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-extra-3.12.61-52.66.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.66.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.66.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.66.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.66.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.66.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.66.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.66.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.66.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.66.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-man-3.12.61-52.66.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:kernel-devel-3.12.61-52.66.1.noarch",
"SUSE Linux Enterprise Server 12-LTSS:kernel-macros-3.12.61-52.66.1.noarch",
"SUSE Linux Enterprise Server 12-LTSS:kernel-source-3.12.61-52.66.1.noarch",
"SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.66.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.66.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.66.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-xen-3.12.61-52.66.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-xen-base-3.12.61-52.66.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-xen-devel-3.12.61-52.66.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kgraft-patch-3_12_61-52_66-default-1-2.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kgraft-patch-3_12_61-52_66-xen-1-2.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-default-3.12.61-52.66.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-default-base-3.12.61-52.66.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-default-devel-3.12.61-52.66.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-devel-3.12.61-52.66.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-macros-3.12.61-52.66.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-source-3.12.61-52.66.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-syms-3.12.61-52.66.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-xen-3.12.61-52.66.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-xen-base-3.12.61-52.66.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-xen-devel-3.12.61-52.66.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:kgraft-patch-3_12_61-52_66-default-1-2.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:kgraft-patch-3_12_61-52_66-xen-1-2.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.1,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-3.12.61-52.66.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-devel-3.12.61-52.66.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-extra-3.12.61-52.66.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.66.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.66.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.66.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.66.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.66.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.66.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.66.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.66.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.66.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-man-3.12.61-52.66.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:kernel-devel-3.12.61-52.66.1.noarch",
"SUSE Linux Enterprise Server 12-LTSS:kernel-macros-3.12.61-52.66.1.noarch",
"SUSE Linux Enterprise Server 12-LTSS:kernel-source-3.12.61-52.66.1.noarch",
"SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.66.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.66.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.66.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-xen-3.12.61-52.66.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-xen-base-3.12.61-52.66.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-xen-devel-3.12.61-52.66.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kgraft-patch-3_12_61-52_66-default-1-2.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kgraft-patch-3_12_61-52_66-xen-1-2.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-default-3.12.61-52.66.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-default-base-3.12.61-52.66.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-default-devel-3.12.61-52.66.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-devel-3.12.61-52.66.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-macros-3.12.61-52.66.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-source-3.12.61-52.66.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-syms-3.12.61-52.66.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-xen-3.12.61-52.66.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-xen-base-3.12.61-52.66.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-xen-devel-3.12.61-52.66.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:kgraft-patch-3_12_61-52_66-default-1-2.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:kgraft-patch-3_12_61-52_66-xen-1-2.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2017-02-15T16:20:32Z",
"details": "moderate"
}
],
"title": "CVE-2016-6480"
},
{
"cve": "CVE-2016-6828",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2016-6828"
}
],
"notes": [
{
"category": "general",
"text": "The tcp_check_send_head function in include/net/tcp.h in the Linux kernel before 4.7.5 does not properly maintain certain SACK state after a failed data copy, which allows local users to cause a denial of service (tcp_xmit_retransmit_queue use-after-free and system crash) via a crafted SACK option.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-3.12.61-52.66.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-devel-3.12.61-52.66.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-extra-3.12.61-52.66.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.66.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.66.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.66.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.66.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.66.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.66.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.66.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.66.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.66.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-man-3.12.61-52.66.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:kernel-devel-3.12.61-52.66.1.noarch",
"SUSE Linux Enterprise Server 12-LTSS:kernel-macros-3.12.61-52.66.1.noarch",
"SUSE Linux Enterprise Server 12-LTSS:kernel-source-3.12.61-52.66.1.noarch",
"SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.66.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.66.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.66.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-xen-3.12.61-52.66.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-xen-base-3.12.61-52.66.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-xen-devel-3.12.61-52.66.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kgraft-patch-3_12_61-52_66-default-1-2.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kgraft-patch-3_12_61-52_66-xen-1-2.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-default-3.12.61-52.66.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-default-base-3.12.61-52.66.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-default-devel-3.12.61-52.66.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-devel-3.12.61-52.66.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-macros-3.12.61-52.66.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-source-3.12.61-52.66.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-syms-3.12.61-52.66.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-xen-3.12.61-52.66.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-xen-base-3.12.61-52.66.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-xen-devel-3.12.61-52.66.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:kgraft-patch-3_12_61-52_66-default-1-2.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:kgraft-patch-3_12_61-52_66-xen-1-2.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2016-6828",
"url": "https://www.suse.com/security/cve/CVE-2016-6828"
},
{
"category": "external",
"summary": "SUSE Bug 1052256 for CVE-2016-6828",
"url": "https://bugzilla.suse.com/1052256"
},
{
"category": "external",
"summary": "SUSE Bug 994296 for CVE-2016-6828",
"url": "https://bugzilla.suse.com/994296"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-3.12.61-52.66.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-devel-3.12.61-52.66.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-extra-3.12.61-52.66.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.66.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.66.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.66.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.66.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.66.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.66.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.66.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.66.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.66.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-man-3.12.61-52.66.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:kernel-devel-3.12.61-52.66.1.noarch",
"SUSE Linux Enterprise Server 12-LTSS:kernel-macros-3.12.61-52.66.1.noarch",
"SUSE Linux Enterprise Server 12-LTSS:kernel-source-3.12.61-52.66.1.noarch",
"SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.66.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.66.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.66.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-xen-3.12.61-52.66.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-xen-base-3.12.61-52.66.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-xen-devel-3.12.61-52.66.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kgraft-patch-3_12_61-52_66-default-1-2.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kgraft-patch-3_12_61-52_66-xen-1-2.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-default-3.12.61-52.66.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-default-base-3.12.61-52.66.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-default-devel-3.12.61-52.66.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-devel-3.12.61-52.66.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-macros-3.12.61-52.66.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-source-3.12.61-52.66.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-syms-3.12.61-52.66.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-xen-3.12.61-52.66.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-xen-base-3.12.61-52.66.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-xen-devel-3.12.61-52.66.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:kgraft-patch-3_12_61-52_66-default-1-2.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:kgraft-patch-3_12_61-52_66-xen-1-2.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.0"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-3.12.61-52.66.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-devel-3.12.61-52.66.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-extra-3.12.61-52.66.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.66.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.66.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.66.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.66.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.66.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.66.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.66.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.66.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.66.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-man-3.12.61-52.66.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:kernel-devel-3.12.61-52.66.1.noarch",
"SUSE Linux Enterprise Server 12-LTSS:kernel-macros-3.12.61-52.66.1.noarch",
"SUSE Linux Enterprise Server 12-LTSS:kernel-source-3.12.61-52.66.1.noarch",
"SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.66.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.66.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.66.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-xen-3.12.61-52.66.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-xen-base-3.12.61-52.66.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-xen-devel-3.12.61-52.66.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kgraft-patch-3_12_61-52_66-default-1-2.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kgraft-patch-3_12_61-52_66-xen-1-2.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-default-3.12.61-52.66.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-default-base-3.12.61-52.66.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-default-devel-3.12.61-52.66.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-devel-3.12.61-52.66.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-macros-3.12.61-52.66.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-source-3.12.61-52.66.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-syms-3.12.61-52.66.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-xen-3.12.61-52.66.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-xen-base-3.12.61-52.66.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-xen-devel-3.12.61-52.66.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:kgraft-patch-3_12_61-52_66-default-1-2.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:kgraft-patch-3_12_61-52_66-xen-1-2.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2017-02-15T16:20:32Z",
"details": "moderate"
}
],
"title": "CVE-2016-6828"
},
{
"cve": "CVE-2016-7042",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2016-7042"
}
],
"notes": [
{
"category": "general",
"text": "The proc_keys_show function in security/keys/proc.c in the Linux kernel through 4.8.2, when the GNU Compiler Collection (gcc) stack protector is enabled, uses an incorrect buffer size for certain timeout data, which allows local users to cause a denial of service (stack memory corruption and panic) by reading the /proc/keys file.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-3.12.61-52.66.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-devel-3.12.61-52.66.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-extra-3.12.61-52.66.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.66.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.66.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.66.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.66.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.66.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.66.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.66.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.66.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.66.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-man-3.12.61-52.66.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:kernel-devel-3.12.61-52.66.1.noarch",
"SUSE Linux Enterprise Server 12-LTSS:kernel-macros-3.12.61-52.66.1.noarch",
"SUSE Linux Enterprise Server 12-LTSS:kernel-source-3.12.61-52.66.1.noarch",
"SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.66.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.66.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.66.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-xen-3.12.61-52.66.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-xen-base-3.12.61-52.66.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-xen-devel-3.12.61-52.66.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kgraft-patch-3_12_61-52_66-default-1-2.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kgraft-patch-3_12_61-52_66-xen-1-2.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-default-3.12.61-52.66.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-default-base-3.12.61-52.66.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-default-devel-3.12.61-52.66.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-devel-3.12.61-52.66.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-macros-3.12.61-52.66.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-source-3.12.61-52.66.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-syms-3.12.61-52.66.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-xen-3.12.61-52.66.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-xen-base-3.12.61-52.66.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-xen-devel-3.12.61-52.66.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:kgraft-patch-3_12_61-52_66-default-1-2.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:kgraft-patch-3_12_61-52_66-xen-1-2.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2016-7042",
"url": "https://www.suse.com/security/cve/CVE-2016-7042"
},
{
"category": "external",
"summary": "SUSE Bug 1004517 for CVE-2016-7042",
"url": "https://bugzilla.suse.com/1004517"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-3.12.61-52.66.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-devel-3.12.61-52.66.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-extra-3.12.61-52.66.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.66.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.66.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.66.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.66.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.66.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.66.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.66.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.66.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.66.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-man-3.12.61-52.66.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:kernel-devel-3.12.61-52.66.1.noarch",
"SUSE Linux Enterprise Server 12-LTSS:kernel-macros-3.12.61-52.66.1.noarch",
"SUSE Linux Enterprise Server 12-LTSS:kernel-source-3.12.61-52.66.1.noarch",
"SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.66.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.66.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.66.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-xen-3.12.61-52.66.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-xen-base-3.12.61-52.66.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-xen-devel-3.12.61-52.66.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kgraft-patch-3_12_61-52_66-default-1-2.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kgraft-patch-3_12_61-52_66-xen-1-2.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-default-3.12.61-52.66.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-default-base-3.12.61-52.66.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-default-devel-3.12.61-52.66.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-devel-3.12.61-52.66.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-macros-3.12.61-52.66.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-source-3.12.61-52.66.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-syms-3.12.61-52.66.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-xen-3.12.61-52.66.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-xen-base-3.12.61-52.66.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-xen-devel-3.12.61-52.66.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:kgraft-patch-3_12_61-52_66-default-1-2.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:kgraft-patch-3_12_61-52_66-xen-1-2.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.2,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.0"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-3.12.61-52.66.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-devel-3.12.61-52.66.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-extra-3.12.61-52.66.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.66.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.66.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.66.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.66.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.66.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.66.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.66.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.66.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.66.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-man-3.12.61-52.66.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:kernel-devel-3.12.61-52.66.1.noarch",
"SUSE Linux Enterprise Server 12-LTSS:kernel-macros-3.12.61-52.66.1.noarch",
"SUSE Linux Enterprise Server 12-LTSS:kernel-source-3.12.61-52.66.1.noarch",
"SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.66.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.66.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.66.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-xen-3.12.61-52.66.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-xen-base-3.12.61-52.66.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-xen-devel-3.12.61-52.66.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kgraft-patch-3_12_61-52_66-default-1-2.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kgraft-patch-3_12_61-52_66-xen-1-2.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-default-3.12.61-52.66.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-default-base-3.12.61-52.66.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-default-devel-3.12.61-52.66.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-devel-3.12.61-52.66.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-macros-3.12.61-52.66.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-source-3.12.61-52.66.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-syms-3.12.61-52.66.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-xen-3.12.61-52.66.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-xen-base-3.12.61-52.66.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-xen-devel-3.12.61-52.66.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:kgraft-patch-3_12_61-52_66-default-1-2.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:kgraft-patch-3_12_61-52_66-xen-1-2.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2017-02-15T16:20:32Z",
"details": "moderate"
}
],
"title": "CVE-2016-7042"
},
{
"cve": "CVE-2016-7097",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2016-7097"
}
],
"notes": [
{
"category": "general",
"text": "The filesystem implementation in the Linux kernel through 4.8.2 preserves the setgid bit during a setxattr call, which allows local users to gain group privileges by leveraging the existence of a setgid program with restrictions on execute permissions.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-3.12.61-52.66.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-devel-3.12.61-52.66.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-extra-3.12.61-52.66.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.66.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.66.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.66.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.66.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.66.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.66.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.66.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.66.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.66.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-man-3.12.61-52.66.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:kernel-devel-3.12.61-52.66.1.noarch",
"SUSE Linux Enterprise Server 12-LTSS:kernel-macros-3.12.61-52.66.1.noarch",
"SUSE Linux Enterprise Server 12-LTSS:kernel-source-3.12.61-52.66.1.noarch",
"SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.66.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.66.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.66.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-xen-3.12.61-52.66.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-xen-base-3.12.61-52.66.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-xen-devel-3.12.61-52.66.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kgraft-patch-3_12_61-52_66-default-1-2.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kgraft-patch-3_12_61-52_66-xen-1-2.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-default-3.12.61-52.66.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-default-base-3.12.61-52.66.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-default-devel-3.12.61-52.66.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-devel-3.12.61-52.66.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-macros-3.12.61-52.66.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-source-3.12.61-52.66.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-syms-3.12.61-52.66.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-xen-3.12.61-52.66.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-xen-base-3.12.61-52.66.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-xen-devel-3.12.61-52.66.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:kgraft-patch-3_12_61-52_66-default-1-2.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:kgraft-patch-3_12_61-52_66-xen-1-2.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2016-7097",
"url": "https://www.suse.com/security/cve/CVE-2016-7097"
},
{
"category": "external",
"summary": "SUSE Bug 1021258 for CVE-2016-7097",
"url": "https://bugzilla.suse.com/1021258"
},
{
"category": "external",
"summary": "SUSE Bug 1052256 for CVE-2016-7097",
"url": "https://bugzilla.suse.com/1052256"
},
{
"category": "external",
"summary": "SUSE Bug 870618 for CVE-2016-7097",
"url": "https://bugzilla.suse.com/870618"
},
{
"category": "external",
"summary": "SUSE Bug 995968 for CVE-2016-7097",
"url": "https://bugzilla.suse.com/995968"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-3.12.61-52.66.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-devel-3.12.61-52.66.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-extra-3.12.61-52.66.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.66.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.66.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.66.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.66.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.66.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.66.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.66.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.66.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.66.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-man-3.12.61-52.66.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:kernel-devel-3.12.61-52.66.1.noarch",
"SUSE Linux Enterprise Server 12-LTSS:kernel-macros-3.12.61-52.66.1.noarch",
"SUSE Linux Enterprise Server 12-LTSS:kernel-source-3.12.61-52.66.1.noarch",
"SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.66.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.66.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.66.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-xen-3.12.61-52.66.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-xen-base-3.12.61-52.66.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-xen-devel-3.12.61-52.66.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kgraft-patch-3_12_61-52_66-default-1-2.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kgraft-patch-3_12_61-52_66-xen-1-2.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-default-3.12.61-52.66.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-default-base-3.12.61-52.66.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-default-devel-3.12.61-52.66.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-devel-3.12.61-52.66.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-macros-3.12.61-52.66.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-source-3.12.61-52.66.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-syms-3.12.61-52.66.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-xen-3.12.61-52.66.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-xen-base-3.12.61-52.66.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-xen-devel-3.12.61-52.66.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:kgraft-patch-3_12_61-52_66-default-1-2.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:kgraft-patch-3_12_61-52_66-xen-1-2.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.4,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N",
"version": "3.0"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-3.12.61-52.66.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-devel-3.12.61-52.66.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-extra-3.12.61-52.66.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.66.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.66.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.66.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.66.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.66.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.66.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.66.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.66.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.66.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-man-3.12.61-52.66.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:kernel-devel-3.12.61-52.66.1.noarch",
"SUSE Linux Enterprise Server 12-LTSS:kernel-macros-3.12.61-52.66.1.noarch",
"SUSE Linux Enterprise Server 12-LTSS:kernel-source-3.12.61-52.66.1.noarch",
"SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.66.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.66.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.66.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-xen-3.12.61-52.66.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-xen-base-3.12.61-52.66.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-xen-devel-3.12.61-52.66.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kgraft-patch-3_12_61-52_66-default-1-2.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kgraft-patch-3_12_61-52_66-xen-1-2.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-default-3.12.61-52.66.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-default-base-3.12.61-52.66.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-default-devel-3.12.61-52.66.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-devel-3.12.61-52.66.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-macros-3.12.61-52.66.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-source-3.12.61-52.66.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-syms-3.12.61-52.66.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-xen-3.12.61-52.66.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-xen-base-3.12.61-52.66.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-xen-devel-3.12.61-52.66.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:kgraft-patch-3_12_61-52_66-default-1-2.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:kgraft-patch-3_12_61-52_66-xen-1-2.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2017-02-15T16:20:32Z",
"details": "low"
}
],
"title": "CVE-2016-7097"
},
{
"cve": "CVE-2016-7425",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2016-7425"
}
],
"notes": [
{
"category": "general",
"text": "The arcmsr_iop_message_xfer function in drivers/scsi/arcmsr/arcmsr_hba.c in the Linux kernel through 4.8.2 does not restrict a certain length field, which allows local users to gain privileges or cause a denial of service (heap-based buffer overflow) via an ARCMSR_MESSAGE_WRITE_WQBUFFER control code.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-3.12.61-52.66.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-devel-3.12.61-52.66.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-extra-3.12.61-52.66.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.66.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.66.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.66.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.66.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.66.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.66.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.66.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.66.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.66.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-man-3.12.61-52.66.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:kernel-devel-3.12.61-52.66.1.noarch",
"SUSE Linux Enterprise Server 12-LTSS:kernel-macros-3.12.61-52.66.1.noarch",
"SUSE Linux Enterprise Server 12-LTSS:kernel-source-3.12.61-52.66.1.noarch",
"SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.66.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.66.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.66.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-xen-3.12.61-52.66.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-xen-base-3.12.61-52.66.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-xen-devel-3.12.61-52.66.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kgraft-patch-3_12_61-52_66-default-1-2.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kgraft-patch-3_12_61-52_66-xen-1-2.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-default-3.12.61-52.66.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-default-base-3.12.61-52.66.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-default-devel-3.12.61-52.66.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-devel-3.12.61-52.66.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-macros-3.12.61-52.66.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-source-3.12.61-52.66.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-syms-3.12.61-52.66.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-xen-3.12.61-52.66.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-xen-base-3.12.61-52.66.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-xen-devel-3.12.61-52.66.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:kgraft-patch-3_12_61-52_66-default-1-2.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:kgraft-patch-3_12_61-52_66-xen-1-2.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2016-7425",
"url": "https://www.suse.com/security/cve/CVE-2016-7425"
},
{
"category": "external",
"summary": "SUSE Bug 1115893 for CVE-2016-7425",
"url": "https://bugzilla.suse.com/1115893"
},
{
"category": "external",
"summary": "SUSE Bug 999932 for CVE-2016-7425",
"url": "https://bugzilla.suse.com/999932"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-3.12.61-52.66.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-devel-3.12.61-52.66.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-extra-3.12.61-52.66.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.66.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.66.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.66.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.66.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.66.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.66.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.66.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.66.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.66.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-man-3.12.61-52.66.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:kernel-devel-3.12.61-52.66.1.noarch",
"SUSE Linux Enterprise Server 12-LTSS:kernel-macros-3.12.61-52.66.1.noarch",
"SUSE Linux Enterprise Server 12-LTSS:kernel-source-3.12.61-52.66.1.noarch",
"SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.66.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.66.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.66.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-xen-3.12.61-52.66.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-xen-base-3.12.61-52.66.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-xen-devel-3.12.61-52.66.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kgraft-patch-3_12_61-52_66-default-1-2.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kgraft-patch-3_12_61-52_66-xen-1-2.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-default-3.12.61-52.66.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-default-base-3.12.61-52.66.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-default-devel-3.12.61-52.66.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-devel-3.12.61-52.66.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-macros-3.12.61-52.66.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-source-3.12.61-52.66.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-syms-3.12.61-52.66.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-xen-3.12.61-52.66.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-xen-base-3.12.61-52.66.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-xen-devel-3.12.61-52.66.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:kgraft-patch-3_12_61-52_66-default-1-2.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:kgraft-patch-3_12_61-52_66-xen-1-2.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-3.12.61-52.66.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-devel-3.12.61-52.66.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-extra-3.12.61-52.66.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.66.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.66.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.66.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.66.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.66.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.66.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.66.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.66.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.66.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-man-3.12.61-52.66.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:kernel-devel-3.12.61-52.66.1.noarch",
"SUSE Linux Enterprise Server 12-LTSS:kernel-macros-3.12.61-52.66.1.noarch",
"SUSE Linux Enterprise Server 12-LTSS:kernel-source-3.12.61-52.66.1.noarch",
"SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.66.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.66.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.66.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-xen-3.12.61-52.66.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-xen-base-3.12.61-52.66.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-xen-devel-3.12.61-52.66.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kgraft-patch-3_12_61-52_66-default-1-2.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kgraft-patch-3_12_61-52_66-xen-1-2.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-default-3.12.61-52.66.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-default-base-3.12.61-52.66.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-default-devel-3.12.61-52.66.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-devel-3.12.61-52.66.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-macros-3.12.61-52.66.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-source-3.12.61-52.66.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-syms-3.12.61-52.66.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-xen-3.12.61-52.66.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-xen-base-3.12.61-52.66.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-xen-devel-3.12.61-52.66.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:kgraft-patch-3_12_61-52_66-default-1-2.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:kgraft-patch-3_12_61-52_66-xen-1-2.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2017-02-15T16:20:32Z",
"details": "moderate"
}
],
"title": "CVE-2016-7425"
},
{
"cve": "CVE-2016-7910",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2016-7910"
}
],
"notes": [
{
"category": "general",
"text": "Use-after-free vulnerability in the disk_seqf_stop function in block/genhd.c in the Linux kernel before 4.7.1 allows local users to gain privileges by leveraging the execution of a certain stop operation even if the corresponding start operation had failed.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-3.12.61-52.66.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-devel-3.12.61-52.66.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-extra-3.12.61-52.66.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.66.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.66.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.66.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.66.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.66.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.66.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.66.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.66.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.66.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-man-3.12.61-52.66.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:kernel-devel-3.12.61-52.66.1.noarch",
"SUSE Linux Enterprise Server 12-LTSS:kernel-macros-3.12.61-52.66.1.noarch",
"SUSE Linux Enterprise Server 12-LTSS:kernel-source-3.12.61-52.66.1.noarch",
"SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.66.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.66.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.66.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-xen-3.12.61-52.66.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-xen-base-3.12.61-52.66.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-xen-devel-3.12.61-52.66.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kgraft-patch-3_12_61-52_66-default-1-2.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kgraft-patch-3_12_61-52_66-xen-1-2.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-default-3.12.61-52.66.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-default-base-3.12.61-52.66.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-default-devel-3.12.61-52.66.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-devel-3.12.61-52.66.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-macros-3.12.61-52.66.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-source-3.12.61-52.66.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-syms-3.12.61-52.66.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-xen-3.12.61-52.66.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-xen-base-3.12.61-52.66.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-xen-devel-3.12.61-52.66.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:kgraft-patch-3_12_61-52_66-default-1-2.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:kgraft-patch-3_12_61-52_66-xen-1-2.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2016-7910",
"url": "https://www.suse.com/security/cve/CVE-2016-7910"
},
{
"category": "external",
"summary": "SUSE Bug 1010716 for CVE-2016-7910",
"url": "https://bugzilla.suse.com/1010716"
},
{
"category": "external",
"summary": "SUSE Bug 1115893 for CVE-2016-7910",
"url": "https://bugzilla.suse.com/1115893"
},
{
"category": "external",
"summary": "SUSE Bug 1196722 for CVE-2016-7910",
"url": "https://bugzilla.suse.com/1196722"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-3.12.61-52.66.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-devel-3.12.61-52.66.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-extra-3.12.61-52.66.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.66.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.66.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.66.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.66.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.66.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.66.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.66.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.66.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.66.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-man-3.12.61-52.66.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:kernel-devel-3.12.61-52.66.1.noarch",
"SUSE Linux Enterprise Server 12-LTSS:kernel-macros-3.12.61-52.66.1.noarch",
"SUSE Linux Enterprise Server 12-LTSS:kernel-source-3.12.61-52.66.1.noarch",
"SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.66.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.66.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.66.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-xen-3.12.61-52.66.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-xen-base-3.12.61-52.66.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-xen-devel-3.12.61-52.66.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kgraft-patch-3_12_61-52_66-default-1-2.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kgraft-patch-3_12_61-52_66-xen-1-2.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-default-3.12.61-52.66.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-default-base-3.12.61-52.66.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-default-devel-3.12.61-52.66.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-devel-3.12.61-52.66.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-macros-3.12.61-52.66.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-source-3.12.61-52.66.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-syms-3.12.61-52.66.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-xen-3.12.61-52.66.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-xen-base-3.12.61-52.66.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-xen-devel-3.12.61-52.66.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:kgraft-patch-3_12_61-52_66-default-1-2.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:kgraft-patch-3_12_61-52_66-xen-1-2.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-3.12.61-52.66.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-devel-3.12.61-52.66.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-extra-3.12.61-52.66.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.66.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.66.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.66.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.66.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.66.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.66.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.66.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.66.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.66.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-man-3.12.61-52.66.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:kernel-devel-3.12.61-52.66.1.noarch",
"SUSE Linux Enterprise Server 12-LTSS:kernel-macros-3.12.61-52.66.1.noarch",
"SUSE Linux Enterprise Server 12-LTSS:kernel-source-3.12.61-52.66.1.noarch",
"SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.66.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.66.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.66.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-xen-3.12.61-52.66.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-xen-base-3.12.61-52.66.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-xen-devel-3.12.61-52.66.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kgraft-patch-3_12_61-52_66-default-1-2.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kgraft-patch-3_12_61-52_66-xen-1-2.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-default-3.12.61-52.66.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-default-base-3.12.61-52.66.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-default-devel-3.12.61-52.66.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-devel-3.12.61-52.66.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-macros-3.12.61-52.66.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-source-3.12.61-52.66.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-syms-3.12.61-52.66.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-xen-3.12.61-52.66.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-xen-base-3.12.61-52.66.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-xen-devel-3.12.61-52.66.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:kgraft-patch-3_12_61-52_66-default-1-2.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:kgraft-patch-3_12_61-52_66-xen-1-2.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2017-02-15T16:20:32Z",
"details": "important"
}
],
"title": "CVE-2016-7910"
},
{
"cve": "CVE-2016-7911",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2016-7911"
}
],
"notes": [
{
"category": "general",
"text": "Race condition in the get_task_ioprio function in block/ioprio.c in the Linux kernel before 4.6.6 allows local users to gain privileges or cause a denial of service (use-after-free) via a crafted ioprio_get system call.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-3.12.61-52.66.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-devel-3.12.61-52.66.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-extra-3.12.61-52.66.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.66.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.66.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.66.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.66.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.66.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.66.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.66.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.66.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.66.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-man-3.12.61-52.66.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:kernel-devel-3.12.61-52.66.1.noarch",
"SUSE Linux Enterprise Server 12-LTSS:kernel-macros-3.12.61-52.66.1.noarch",
"SUSE Linux Enterprise Server 12-LTSS:kernel-source-3.12.61-52.66.1.noarch",
"SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.66.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.66.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.66.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-xen-3.12.61-52.66.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-xen-base-3.12.61-52.66.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-xen-devel-3.12.61-52.66.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kgraft-patch-3_12_61-52_66-default-1-2.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kgraft-patch-3_12_61-52_66-xen-1-2.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-default-3.12.61-52.66.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-default-base-3.12.61-52.66.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-default-devel-3.12.61-52.66.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-devel-3.12.61-52.66.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-macros-3.12.61-52.66.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-source-3.12.61-52.66.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-syms-3.12.61-52.66.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-xen-3.12.61-52.66.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-xen-base-3.12.61-52.66.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-xen-devel-3.12.61-52.66.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:kgraft-patch-3_12_61-52_66-default-1-2.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:kgraft-patch-3_12_61-52_66-xen-1-2.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2016-7911",
"url": "https://www.suse.com/security/cve/CVE-2016-7911"
},
{
"category": "external",
"summary": "SUSE Bug 1010711 for CVE-2016-7911",
"url": "https://bugzilla.suse.com/1010711"
},
{
"category": "external",
"summary": "SUSE Bug 1010713 for CVE-2016-7911",
"url": "https://bugzilla.suse.com/1010713"
},
{
"category": "external",
"summary": "SUSE Bug 1115893 for CVE-2016-7911",
"url": "https://bugzilla.suse.com/1115893"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-3.12.61-52.66.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-devel-3.12.61-52.66.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-extra-3.12.61-52.66.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.66.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.66.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.66.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.66.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.66.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.66.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.66.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.66.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.66.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-man-3.12.61-52.66.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:kernel-devel-3.12.61-52.66.1.noarch",
"SUSE Linux Enterprise Server 12-LTSS:kernel-macros-3.12.61-52.66.1.noarch",
"SUSE Linux Enterprise Server 12-LTSS:kernel-source-3.12.61-52.66.1.noarch",
"SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.66.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.66.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.66.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-xen-3.12.61-52.66.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-xen-base-3.12.61-52.66.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-xen-devel-3.12.61-52.66.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kgraft-patch-3_12_61-52_66-default-1-2.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kgraft-patch-3_12_61-52_66-xen-1-2.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-default-3.12.61-52.66.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-default-base-3.12.61-52.66.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-default-devel-3.12.61-52.66.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-devel-3.12.61-52.66.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-macros-3.12.61-52.66.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-source-3.12.61-52.66.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-syms-3.12.61-52.66.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-xen-3.12.61-52.66.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-xen-base-3.12.61-52.66.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-xen-devel-3.12.61-52.66.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:kgraft-patch-3_12_61-52_66-default-1-2.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:kgraft-patch-3_12_61-52_66-xen-1-2.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-3.12.61-52.66.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-devel-3.12.61-52.66.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-extra-3.12.61-52.66.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.66.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.66.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.66.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.66.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.66.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.66.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.66.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.66.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.66.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-man-3.12.61-52.66.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:kernel-devel-3.12.61-52.66.1.noarch",
"SUSE Linux Enterprise Server 12-LTSS:kernel-macros-3.12.61-52.66.1.noarch",
"SUSE Linux Enterprise Server 12-LTSS:kernel-source-3.12.61-52.66.1.noarch",
"SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.66.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.66.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.66.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-xen-3.12.61-52.66.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-xen-base-3.12.61-52.66.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-xen-devel-3.12.61-52.66.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kgraft-patch-3_12_61-52_66-default-1-2.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kgraft-patch-3_12_61-52_66-xen-1-2.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-default-3.12.61-52.66.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-default-base-3.12.61-52.66.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-default-devel-3.12.61-52.66.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-devel-3.12.61-52.66.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-macros-3.12.61-52.66.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-source-3.12.61-52.66.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-syms-3.12.61-52.66.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-xen-3.12.61-52.66.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-xen-base-3.12.61-52.66.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-xen-devel-3.12.61-52.66.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:kgraft-patch-3_12_61-52_66-default-1-2.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:kgraft-patch-3_12_61-52_66-xen-1-2.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2017-02-15T16:20:32Z",
"details": "moderate"
}
],
"title": "CVE-2016-7911"
},
{
"cve": "CVE-2016-7913",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2016-7913"
}
],
"notes": [
{
"category": "general",
"text": "The xc2028_set_config function in drivers/media/tuners/tuner-xc2028.c in the Linux kernel before 4.6 allows local users to gain privileges or cause a denial of service (use-after-free) via vectors involving omission of the firmware name from a certain data structure.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-3.12.61-52.66.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-devel-3.12.61-52.66.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-extra-3.12.61-52.66.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.66.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.66.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.66.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.66.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.66.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.66.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.66.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.66.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.66.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-man-3.12.61-52.66.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:kernel-devel-3.12.61-52.66.1.noarch",
"SUSE Linux Enterprise Server 12-LTSS:kernel-macros-3.12.61-52.66.1.noarch",
"SUSE Linux Enterprise Server 12-LTSS:kernel-source-3.12.61-52.66.1.noarch",
"SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.66.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.66.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.66.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-xen-3.12.61-52.66.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-xen-base-3.12.61-52.66.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-xen-devel-3.12.61-52.66.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kgraft-patch-3_12_61-52_66-default-1-2.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kgraft-patch-3_12_61-52_66-xen-1-2.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-default-3.12.61-52.66.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-default-base-3.12.61-52.66.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-default-devel-3.12.61-52.66.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-devel-3.12.61-52.66.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-macros-3.12.61-52.66.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-source-3.12.61-52.66.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-syms-3.12.61-52.66.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-xen-3.12.61-52.66.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-xen-base-3.12.61-52.66.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-xen-devel-3.12.61-52.66.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:kgraft-patch-3_12_61-52_66-default-1-2.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:kgraft-patch-3_12_61-52_66-xen-1-2.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2016-7913",
"url": "https://www.suse.com/security/cve/CVE-2016-7913"
},
{
"category": "external",
"summary": "SUSE Bug 1010478 for CVE-2016-7913",
"url": "https://bugzilla.suse.com/1010478"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-3.12.61-52.66.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-devel-3.12.61-52.66.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-extra-3.12.61-52.66.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.66.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.66.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.66.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.66.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.66.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.66.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.66.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.66.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.66.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-man-3.12.61-52.66.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:kernel-devel-3.12.61-52.66.1.noarch",
"SUSE Linux Enterprise Server 12-LTSS:kernel-macros-3.12.61-52.66.1.noarch",
"SUSE Linux Enterprise Server 12-LTSS:kernel-source-3.12.61-52.66.1.noarch",
"SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.66.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.66.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.66.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-xen-3.12.61-52.66.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-xen-base-3.12.61-52.66.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-xen-devel-3.12.61-52.66.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kgraft-patch-3_12_61-52_66-default-1-2.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kgraft-patch-3_12_61-52_66-xen-1-2.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-default-3.12.61-52.66.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-default-base-3.12.61-52.66.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-default-devel-3.12.61-52.66.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-devel-3.12.61-52.66.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-macros-3.12.61-52.66.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-source-3.12.61-52.66.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-syms-3.12.61-52.66.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-xen-3.12.61-52.66.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-xen-base-3.12.61-52.66.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-xen-devel-3.12.61-52.66.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:kgraft-patch-3_12_61-52_66-default-1-2.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:kgraft-patch-3_12_61-52_66-xen-1-2.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-3.12.61-52.66.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-devel-3.12.61-52.66.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-extra-3.12.61-52.66.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.66.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.66.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.66.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.66.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.66.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.66.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.66.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.66.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.66.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-man-3.12.61-52.66.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:kernel-devel-3.12.61-52.66.1.noarch",
"SUSE Linux Enterprise Server 12-LTSS:kernel-macros-3.12.61-52.66.1.noarch",
"SUSE Linux Enterprise Server 12-LTSS:kernel-source-3.12.61-52.66.1.noarch",
"SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.66.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.66.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.66.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-xen-3.12.61-52.66.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-xen-base-3.12.61-52.66.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-xen-devel-3.12.61-52.66.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kgraft-patch-3_12_61-52_66-default-1-2.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kgraft-patch-3_12_61-52_66-xen-1-2.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-default-3.12.61-52.66.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-default-base-3.12.61-52.66.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-default-devel-3.12.61-52.66.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-devel-3.12.61-52.66.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-macros-3.12.61-52.66.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-source-3.12.61-52.66.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-syms-3.12.61-52.66.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-xen-3.12.61-52.66.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-xen-base-3.12.61-52.66.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-xen-devel-3.12.61-52.66.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:kgraft-patch-3_12_61-52_66-default-1-2.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:kgraft-patch-3_12_61-52_66-xen-1-2.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2017-02-15T16:20:32Z",
"details": "important"
}
],
"title": "CVE-2016-7913"
},
{
"cve": "CVE-2016-7914",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2016-7914"
}
],
"notes": [
{
"category": "general",
"text": "The assoc_array_insert_into_terminal_node function in lib/assoc_array.c in the Linux kernel before 4.5.3 does not check whether a slot is a leaf, which allows local users to obtain sensitive information from kernel memory or cause a denial of service (invalid pointer dereference and out-of-bounds read) via an application that uses associative-array data structures, as demonstrated by the keyutils test suite.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-3.12.61-52.66.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-devel-3.12.61-52.66.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-extra-3.12.61-52.66.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.66.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.66.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.66.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.66.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.66.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.66.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.66.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.66.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.66.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-man-3.12.61-52.66.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:kernel-devel-3.12.61-52.66.1.noarch",
"SUSE Linux Enterprise Server 12-LTSS:kernel-macros-3.12.61-52.66.1.noarch",
"SUSE Linux Enterprise Server 12-LTSS:kernel-source-3.12.61-52.66.1.noarch",
"SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.66.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.66.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.66.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-xen-3.12.61-52.66.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-xen-base-3.12.61-52.66.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-xen-devel-3.12.61-52.66.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kgraft-patch-3_12_61-52_66-default-1-2.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kgraft-patch-3_12_61-52_66-xen-1-2.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-default-3.12.61-52.66.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-default-base-3.12.61-52.66.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-default-devel-3.12.61-52.66.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-devel-3.12.61-52.66.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-macros-3.12.61-52.66.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-source-3.12.61-52.66.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-syms-3.12.61-52.66.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-xen-3.12.61-52.66.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-xen-base-3.12.61-52.66.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-xen-devel-3.12.61-52.66.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:kgraft-patch-3_12_61-52_66-default-1-2.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:kgraft-patch-3_12_61-52_66-xen-1-2.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2016-7914",
"url": "https://www.suse.com/security/cve/CVE-2016-7914"
},
{
"category": "external",
"summary": "SUSE Bug 1010475 for CVE-2016-7914",
"url": "https://bugzilla.suse.com/1010475"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-3.12.61-52.66.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-devel-3.12.61-52.66.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-extra-3.12.61-52.66.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.66.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.66.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.66.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.66.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.66.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.66.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.66.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.66.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.66.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-man-3.12.61-52.66.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:kernel-devel-3.12.61-52.66.1.noarch",
"SUSE Linux Enterprise Server 12-LTSS:kernel-macros-3.12.61-52.66.1.noarch",
"SUSE Linux Enterprise Server 12-LTSS:kernel-source-3.12.61-52.66.1.noarch",
"SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.66.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.66.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.66.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-xen-3.12.61-52.66.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-xen-base-3.12.61-52.66.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-xen-devel-3.12.61-52.66.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kgraft-patch-3_12_61-52_66-default-1-2.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kgraft-patch-3_12_61-52_66-xen-1-2.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-default-3.12.61-52.66.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-default-base-3.12.61-52.66.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-default-devel-3.12.61-52.66.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-devel-3.12.61-52.66.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-macros-3.12.61-52.66.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-source-3.12.61-52.66.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-syms-3.12.61-52.66.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-xen-3.12.61-52.66.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-xen-base-3.12.61-52.66.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-xen-devel-3.12.61-52.66.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:kgraft-patch-3_12_61-52_66-default-1-2.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:kgraft-patch-3_12_61-52_66-xen-1-2.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.2,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-3.12.61-52.66.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-devel-3.12.61-52.66.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-extra-3.12.61-52.66.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.66.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.66.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.66.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.66.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.66.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.66.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.66.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.66.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.66.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-man-3.12.61-52.66.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:kernel-devel-3.12.61-52.66.1.noarch",
"SUSE Linux Enterprise Server 12-LTSS:kernel-macros-3.12.61-52.66.1.noarch",
"SUSE Linux Enterprise Server 12-LTSS:kernel-source-3.12.61-52.66.1.noarch",
"SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.66.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.66.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.66.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-xen-3.12.61-52.66.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-xen-base-3.12.61-52.66.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-xen-devel-3.12.61-52.66.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kgraft-patch-3_12_61-52_66-default-1-2.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kgraft-patch-3_12_61-52_66-xen-1-2.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-default-3.12.61-52.66.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-default-base-3.12.61-52.66.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-default-devel-3.12.61-52.66.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-devel-3.12.61-52.66.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-macros-3.12.61-52.66.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-source-3.12.61-52.66.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-syms-3.12.61-52.66.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-xen-3.12.61-52.66.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-xen-base-3.12.61-52.66.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-xen-devel-3.12.61-52.66.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:kgraft-patch-3_12_61-52_66-default-1-2.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:kgraft-patch-3_12_61-52_66-xen-1-2.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2017-02-15T16:20:32Z",
"details": "moderate"
}
],
"title": "CVE-2016-7914"
},
{
"cve": "CVE-2016-8399",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2016-8399"
}
],
"notes": [
{
"category": "general",
"text": "An elevation of privilege vulnerability in the kernel networking subsystem could enable a local malicious application to execute arbitrary code within the context of the kernel. This issue is rated as Moderate because it first requires compromising a privileged process and current compiler optimizations restrict access to the vulnerable code. Product: Android. Versions: Kernel-3.10, Kernel-3.18. Android ID: A-31349935.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-3.12.61-52.66.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-devel-3.12.61-52.66.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-extra-3.12.61-52.66.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.66.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.66.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.66.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.66.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.66.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.66.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.66.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.66.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.66.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-man-3.12.61-52.66.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:kernel-devel-3.12.61-52.66.1.noarch",
"SUSE Linux Enterprise Server 12-LTSS:kernel-macros-3.12.61-52.66.1.noarch",
"SUSE Linux Enterprise Server 12-LTSS:kernel-source-3.12.61-52.66.1.noarch",
"SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.66.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.66.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.66.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-xen-3.12.61-52.66.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-xen-base-3.12.61-52.66.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-xen-devel-3.12.61-52.66.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kgraft-patch-3_12_61-52_66-default-1-2.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kgraft-patch-3_12_61-52_66-xen-1-2.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-default-3.12.61-52.66.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-default-base-3.12.61-52.66.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-default-devel-3.12.61-52.66.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-devel-3.12.61-52.66.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-macros-3.12.61-52.66.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-source-3.12.61-52.66.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-syms-3.12.61-52.66.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-xen-3.12.61-52.66.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-xen-base-3.12.61-52.66.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-xen-devel-3.12.61-52.66.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:kgraft-patch-3_12_61-52_66-default-1-2.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:kgraft-patch-3_12_61-52_66-xen-1-2.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2016-8399",
"url": "https://www.suse.com/security/cve/CVE-2016-8399"
},
{
"category": "external",
"summary": "SUSE Bug 1014746 for CVE-2016-8399",
"url": "https://bugzilla.suse.com/1014746"
},
{
"category": "external",
"summary": "SUSE Bug 1115893 for CVE-2016-8399",
"url": "https://bugzilla.suse.com/1115893"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-3.12.61-52.66.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-devel-3.12.61-52.66.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-extra-3.12.61-52.66.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.66.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.66.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.66.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.66.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.66.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.66.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.66.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.66.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.66.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-man-3.12.61-52.66.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:kernel-devel-3.12.61-52.66.1.noarch",
"SUSE Linux Enterprise Server 12-LTSS:kernel-macros-3.12.61-52.66.1.noarch",
"SUSE Linux Enterprise Server 12-LTSS:kernel-source-3.12.61-52.66.1.noarch",
"SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.66.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.66.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.66.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-xen-3.12.61-52.66.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-xen-base-3.12.61-52.66.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-xen-devel-3.12.61-52.66.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kgraft-patch-3_12_61-52_66-default-1-2.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kgraft-patch-3_12_61-52_66-xen-1-2.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-default-3.12.61-52.66.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-default-base-3.12.61-52.66.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-default-devel-3.12.61-52.66.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-devel-3.12.61-52.66.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-macros-3.12.61-52.66.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-source-3.12.61-52.66.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-syms-3.12.61-52.66.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-xen-3.12.61-52.66.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-xen-base-3.12.61-52.66.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-xen-devel-3.12.61-52.66.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:kgraft-patch-3_12_61-52_66-default-1-2.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:kgraft-patch-3_12_61-52_66-xen-1-2.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-3.12.61-52.66.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-devel-3.12.61-52.66.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-extra-3.12.61-52.66.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.66.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.66.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.66.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.66.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.66.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.66.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.66.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.66.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.66.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-man-3.12.61-52.66.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:kernel-devel-3.12.61-52.66.1.noarch",
"SUSE Linux Enterprise Server 12-LTSS:kernel-macros-3.12.61-52.66.1.noarch",
"SUSE Linux Enterprise Server 12-LTSS:kernel-source-3.12.61-52.66.1.noarch",
"SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.66.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.66.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.66.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-xen-3.12.61-52.66.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-xen-base-3.12.61-52.66.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-xen-devel-3.12.61-52.66.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kgraft-patch-3_12_61-52_66-default-1-2.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kgraft-patch-3_12_61-52_66-xen-1-2.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-default-3.12.61-52.66.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-default-base-3.12.61-52.66.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-default-devel-3.12.61-52.66.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-devel-3.12.61-52.66.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-macros-3.12.61-52.66.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-source-3.12.61-52.66.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-syms-3.12.61-52.66.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-xen-3.12.61-52.66.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-xen-base-3.12.61-52.66.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-xen-devel-3.12.61-52.66.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:kgraft-patch-3_12_61-52_66-default-1-2.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:kgraft-patch-3_12_61-52_66-xen-1-2.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2017-02-15T16:20:32Z",
"details": "moderate"
}
],
"title": "CVE-2016-8399"
},
{
"cve": "CVE-2016-8633",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2016-8633"
}
],
"notes": [
{
"category": "general",
"text": "drivers/firewire/net.c in the Linux kernel before 4.8.7, in certain unusual hardware configurations, allows remote attackers to execute arbitrary code via crafted fragmented packets.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-3.12.61-52.66.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-devel-3.12.61-52.66.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-extra-3.12.61-52.66.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.66.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.66.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.66.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.66.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.66.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.66.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.66.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.66.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.66.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-man-3.12.61-52.66.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:kernel-devel-3.12.61-52.66.1.noarch",
"SUSE Linux Enterprise Server 12-LTSS:kernel-macros-3.12.61-52.66.1.noarch",
"SUSE Linux Enterprise Server 12-LTSS:kernel-source-3.12.61-52.66.1.noarch",
"SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.66.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.66.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.66.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-xen-3.12.61-52.66.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-xen-base-3.12.61-52.66.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-xen-devel-3.12.61-52.66.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kgraft-patch-3_12_61-52_66-default-1-2.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kgraft-patch-3_12_61-52_66-xen-1-2.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-default-3.12.61-52.66.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-default-base-3.12.61-52.66.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-default-devel-3.12.61-52.66.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-devel-3.12.61-52.66.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-macros-3.12.61-52.66.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-source-3.12.61-52.66.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-syms-3.12.61-52.66.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-xen-3.12.61-52.66.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-xen-base-3.12.61-52.66.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-xen-devel-3.12.61-52.66.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:kgraft-patch-3_12_61-52_66-default-1-2.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:kgraft-patch-3_12_61-52_66-xen-1-2.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2016-8633",
"url": "https://www.suse.com/security/cve/CVE-2016-8633"
},
{
"category": "external",
"summary": "SUSE Bug 1008833 for CVE-2016-8633",
"url": "https://bugzilla.suse.com/1008833"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-3.12.61-52.66.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-devel-3.12.61-52.66.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-extra-3.12.61-52.66.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.66.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.66.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.66.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.66.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.66.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.66.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.66.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.66.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.66.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-man-3.12.61-52.66.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:kernel-devel-3.12.61-52.66.1.noarch",
"SUSE Linux Enterprise Server 12-LTSS:kernel-macros-3.12.61-52.66.1.noarch",
"SUSE Linux Enterprise Server 12-LTSS:kernel-source-3.12.61-52.66.1.noarch",
"SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.66.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.66.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.66.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-xen-3.12.61-52.66.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-xen-base-3.12.61-52.66.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-xen-devel-3.12.61-52.66.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kgraft-patch-3_12_61-52_66-default-1-2.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kgraft-patch-3_12_61-52_66-xen-1-2.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-default-3.12.61-52.66.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-default-base-3.12.61-52.66.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-default-devel-3.12.61-52.66.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-devel-3.12.61-52.66.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-macros-3.12.61-52.66.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-source-3.12.61-52.66.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-syms-3.12.61-52.66.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-xen-3.12.61-52.66.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-xen-base-3.12.61-52.66.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-xen-devel-3.12.61-52.66.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:kgraft-patch-3_12_61-52_66-default-1-2.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:kgraft-patch-3_12_61-52_66-xen-1-2.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.8,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-3.12.61-52.66.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-devel-3.12.61-52.66.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-extra-3.12.61-52.66.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.66.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.66.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.66.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.66.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.66.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.66.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.66.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.66.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.66.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-man-3.12.61-52.66.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:kernel-devel-3.12.61-52.66.1.noarch",
"SUSE Linux Enterprise Server 12-LTSS:kernel-macros-3.12.61-52.66.1.noarch",
"SUSE Linux Enterprise Server 12-LTSS:kernel-source-3.12.61-52.66.1.noarch",
"SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.66.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.66.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.66.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-xen-3.12.61-52.66.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-xen-base-3.12.61-52.66.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-xen-devel-3.12.61-52.66.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kgraft-patch-3_12_61-52_66-default-1-2.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kgraft-patch-3_12_61-52_66-xen-1-2.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-default-3.12.61-52.66.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-default-base-3.12.61-52.66.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-default-devel-3.12.61-52.66.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-devel-3.12.61-52.66.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-macros-3.12.61-52.66.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-source-3.12.61-52.66.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-syms-3.12.61-52.66.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-xen-3.12.61-52.66.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-xen-base-3.12.61-52.66.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-xen-devel-3.12.61-52.66.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:kgraft-patch-3_12_61-52_66-default-1-2.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:kgraft-patch-3_12_61-52_66-xen-1-2.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2017-02-15T16:20:32Z",
"details": "moderate"
}
],
"title": "CVE-2016-8633"
},
{
"cve": "CVE-2016-8645",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2016-8645"
}
],
"notes": [
{
"category": "general",
"text": "The TCP stack in the Linux kernel before 4.8.10 mishandles skb truncation, which allows local users to cause a denial of service (system crash) via a crafted application that makes sendto system calls, related to net/ipv4/tcp_ipv4.c and net/ipv6/tcp_ipv6.c.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-3.12.61-52.66.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-devel-3.12.61-52.66.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-extra-3.12.61-52.66.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.66.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.66.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.66.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.66.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.66.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.66.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.66.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.66.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.66.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-man-3.12.61-52.66.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:kernel-devel-3.12.61-52.66.1.noarch",
"SUSE Linux Enterprise Server 12-LTSS:kernel-macros-3.12.61-52.66.1.noarch",
"SUSE Linux Enterprise Server 12-LTSS:kernel-source-3.12.61-52.66.1.noarch",
"SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.66.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.66.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.66.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-xen-3.12.61-52.66.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-xen-base-3.12.61-52.66.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-xen-devel-3.12.61-52.66.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kgraft-patch-3_12_61-52_66-default-1-2.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kgraft-patch-3_12_61-52_66-xen-1-2.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-default-3.12.61-52.66.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-default-base-3.12.61-52.66.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-default-devel-3.12.61-52.66.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-devel-3.12.61-52.66.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-macros-3.12.61-52.66.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-source-3.12.61-52.66.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-syms-3.12.61-52.66.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-xen-3.12.61-52.66.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-xen-base-3.12.61-52.66.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-xen-devel-3.12.61-52.66.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:kgraft-patch-3_12_61-52_66-default-1-2.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:kgraft-patch-3_12_61-52_66-xen-1-2.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2016-8645",
"url": "https://www.suse.com/security/cve/CVE-2016-8645"
},
{
"category": "external",
"summary": "SUSE Bug 1009969 for CVE-2016-8645",
"url": "https://bugzilla.suse.com/1009969"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-3.12.61-52.66.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-devel-3.12.61-52.66.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-extra-3.12.61-52.66.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.66.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.66.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.66.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.66.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.66.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.66.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.66.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.66.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.66.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-man-3.12.61-52.66.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:kernel-devel-3.12.61-52.66.1.noarch",
"SUSE Linux Enterprise Server 12-LTSS:kernel-macros-3.12.61-52.66.1.noarch",
"SUSE Linux Enterprise Server 12-LTSS:kernel-source-3.12.61-52.66.1.noarch",
"SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.66.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.66.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.66.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-xen-3.12.61-52.66.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-xen-base-3.12.61-52.66.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-xen-devel-3.12.61-52.66.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kgraft-patch-3_12_61-52_66-default-1-2.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kgraft-patch-3_12_61-52_66-xen-1-2.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-default-3.12.61-52.66.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-default-base-3.12.61-52.66.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-default-devel-3.12.61-52.66.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-devel-3.12.61-52.66.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-macros-3.12.61-52.66.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-source-3.12.61-52.66.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-syms-3.12.61-52.66.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-xen-3.12.61-52.66.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-xen-base-3.12.61-52.66.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-xen-devel-3.12.61-52.66.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:kgraft-patch-3_12_61-52_66-default-1-2.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:kgraft-patch-3_12_61-52_66-xen-1-2.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.0"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-3.12.61-52.66.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-devel-3.12.61-52.66.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-extra-3.12.61-52.66.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.66.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.66.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.66.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.66.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.66.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.66.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.66.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.66.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.66.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-man-3.12.61-52.66.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:kernel-devel-3.12.61-52.66.1.noarch",
"SUSE Linux Enterprise Server 12-LTSS:kernel-macros-3.12.61-52.66.1.noarch",
"SUSE Linux Enterprise Server 12-LTSS:kernel-source-3.12.61-52.66.1.noarch",
"SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.66.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.66.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.66.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-xen-3.12.61-52.66.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-xen-base-3.12.61-52.66.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-xen-devel-3.12.61-52.66.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kgraft-patch-3_12_61-52_66-default-1-2.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kgraft-patch-3_12_61-52_66-xen-1-2.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-default-3.12.61-52.66.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-default-base-3.12.61-52.66.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-default-devel-3.12.61-52.66.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-devel-3.12.61-52.66.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-macros-3.12.61-52.66.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-source-3.12.61-52.66.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-syms-3.12.61-52.66.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-xen-3.12.61-52.66.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-xen-base-3.12.61-52.66.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-xen-devel-3.12.61-52.66.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:kgraft-patch-3_12_61-52_66-default-1-2.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:kgraft-patch-3_12_61-52_66-xen-1-2.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2017-02-15T16:20:32Z",
"details": "moderate"
}
],
"title": "CVE-2016-8645"
},
{
"cve": "CVE-2016-8658",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2016-8658"
}
],
"notes": [
{
"category": "general",
"text": "Stack-based buffer overflow in the brcmf_cfg80211_start_ap function in drivers/net/wireless/broadcom/brcm80211/brcmfmac/cfg80211.c in the Linux kernel before 4.7.5 allows local users to cause a denial of service (system crash) or possibly have unspecified other impact via a long SSID Information Element in a command to a Netlink socket.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-3.12.61-52.66.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-devel-3.12.61-52.66.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-extra-3.12.61-52.66.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.66.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.66.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.66.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.66.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.66.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.66.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.66.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.66.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.66.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-man-3.12.61-52.66.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:kernel-devel-3.12.61-52.66.1.noarch",
"SUSE Linux Enterprise Server 12-LTSS:kernel-macros-3.12.61-52.66.1.noarch",
"SUSE Linux Enterprise Server 12-LTSS:kernel-source-3.12.61-52.66.1.noarch",
"SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.66.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.66.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.66.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-xen-3.12.61-52.66.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-xen-base-3.12.61-52.66.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-xen-devel-3.12.61-52.66.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kgraft-patch-3_12_61-52_66-default-1-2.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kgraft-patch-3_12_61-52_66-xen-1-2.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-default-3.12.61-52.66.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-default-base-3.12.61-52.66.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-default-devel-3.12.61-52.66.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-devel-3.12.61-52.66.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-macros-3.12.61-52.66.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-source-3.12.61-52.66.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-syms-3.12.61-52.66.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-xen-3.12.61-52.66.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-xen-base-3.12.61-52.66.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-xen-devel-3.12.61-52.66.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:kgraft-patch-3_12_61-52_66-default-1-2.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:kgraft-patch-3_12_61-52_66-xen-1-2.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2016-8658",
"url": "https://www.suse.com/security/cve/CVE-2016-8658"
},
{
"category": "external",
"summary": "SUSE Bug 1004462 for CVE-2016-8658",
"url": "https://bugzilla.suse.com/1004462"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-3.12.61-52.66.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-devel-3.12.61-52.66.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-extra-3.12.61-52.66.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.66.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.66.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.66.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.66.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.66.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.66.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.66.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.66.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.66.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-man-3.12.61-52.66.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:kernel-devel-3.12.61-52.66.1.noarch",
"SUSE Linux Enterprise Server 12-LTSS:kernel-macros-3.12.61-52.66.1.noarch",
"SUSE Linux Enterprise Server 12-LTSS:kernel-source-3.12.61-52.66.1.noarch",
"SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.66.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.66.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.66.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-xen-3.12.61-52.66.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-xen-base-3.12.61-52.66.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-xen-devel-3.12.61-52.66.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kgraft-patch-3_12_61-52_66-default-1-2.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kgraft-patch-3_12_61-52_66-xen-1-2.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-default-3.12.61-52.66.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-default-base-3.12.61-52.66.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-default-devel-3.12.61-52.66.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-devel-3.12.61-52.66.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-macros-3.12.61-52.66.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-source-3.12.61-52.66.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-syms-3.12.61-52.66.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-xen-3.12.61-52.66.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-xen-base-3.12.61-52.66.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-xen-devel-3.12.61-52.66.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:kgraft-patch-3_12_61-52_66-default-1-2.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:kgraft-patch-3_12_61-52_66-xen-1-2.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:H",
"version": "3.0"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-3.12.61-52.66.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-devel-3.12.61-52.66.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-extra-3.12.61-52.66.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.66.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.66.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.66.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.66.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.66.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.66.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.66.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.66.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.66.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-man-3.12.61-52.66.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:kernel-devel-3.12.61-52.66.1.noarch",
"SUSE Linux Enterprise Server 12-LTSS:kernel-macros-3.12.61-52.66.1.noarch",
"SUSE Linux Enterprise Server 12-LTSS:kernel-source-3.12.61-52.66.1.noarch",
"SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.66.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.66.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.66.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-xen-3.12.61-52.66.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-xen-base-3.12.61-52.66.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-xen-devel-3.12.61-52.66.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kgraft-patch-3_12_61-52_66-default-1-2.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kgraft-patch-3_12_61-52_66-xen-1-2.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-default-3.12.61-52.66.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-default-base-3.12.61-52.66.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-default-devel-3.12.61-52.66.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-devel-3.12.61-52.66.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-macros-3.12.61-52.66.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-source-3.12.61-52.66.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-syms-3.12.61-52.66.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-xen-3.12.61-52.66.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-xen-base-3.12.61-52.66.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-xen-devel-3.12.61-52.66.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:kgraft-patch-3_12_61-52_66-default-1-2.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:kgraft-patch-3_12_61-52_66-xen-1-2.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2017-02-15T16:20:32Z",
"details": "moderate"
}
],
"title": "CVE-2016-8658"
},
{
"cve": "CVE-2016-9083",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2016-9083"
}
],
"notes": [
{
"category": "general",
"text": "drivers/vfio/pci/vfio_pci.c in the Linux kernel through 4.8.11 allows local users to bypass integer overflow checks, and cause a denial of service (memory corruption) or have unspecified other impact, by leveraging access to a vfio PCI device file for a VFIO_DEVICE_SET_IRQS ioctl call, aka a \"state machine confusion bug.\"",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-3.12.61-52.66.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-devel-3.12.61-52.66.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-extra-3.12.61-52.66.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.66.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.66.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.66.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.66.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.66.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.66.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.66.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.66.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.66.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-man-3.12.61-52.66.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:kernel-devel-3.12.61-52.66.1.noarch",
"SUSE Linux Enterprise Server 12-LTSS:kernel-macros-3.12.61-52.66.1.noarch",
"SUSE Linux Enterprise Server 12-LTSS:kernel-source-3.12.61-52.66.1.noarch",
"SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.66.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.66.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.66.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-xen-3.12.61-52.66.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-xen-base-3.12.61-52.66.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-xen-devel-3.12.61-52.66.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kgraft-patch-3_12_61-52_66-default-1-2.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kgraft-patch-3_12_61-52_66-xen-1-2.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-default-3.12.61-52.66.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-default-base-3.12.61-52.66.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-default-devel-3.12.61-52.66.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-devel-3.12.61-52.66.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-macros-3.12.61-52.66.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-source-3.12.61-52.66.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-syms-3.12.61-52.66.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-xen-3.12.61-52.66.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-xen-base-3.12.61-52.66.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-xen-devel-3.12.61-52.66.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:kgraft-patch-3_12_61-52_66-default-1-2.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:kgraft-patch-3_12_61-52_66-xen-1-2.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2016-9083",
"url": "https://www.suse.com/security/cve/CVE-2016-9083"
},
{
"category": "external",
"summary": "SUSE Bug 1007197 for CVE-2016-9083",
"url": "https://bugzilla.suse.com/1007197"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-3.12.61-52.66.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-devel-3.12.61-52.66.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-extra-3.12.61-52.66.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.66.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.66.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.66.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.66.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.66.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.66.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.66.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.66.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.66.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-man-3.12.61-52.66.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:kernel-devel-3.12.61-52.66.1.noarch",
"SUSE Linux Enterprise Server 12-LTSS:kernel-macros-3.12.61-52.66.1.noarch",
"SUSE Linux Enterprise Server 12-LTSS:kernel-source-3.12.61-52.66.1.noarch",
"SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.66.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.66.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.66.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-xen-3.12.61-52.66.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-xen-base-3.12.61-52.66.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-xen-devel-3.12.61-52.66.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kgraft-patch-3_12_61-52_66-default-1-2.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kgraft-patch-3_12_61-52_66-xen-1-2.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-default-3.12.61-52.66.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-default-base-3.12.61-52.66.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-default-devel-3.12.61-52.66.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-devel-3.12.61-52.66.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-macros-3.12.61-52.66.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-source-3.12.61-52.66.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-syms-3.12.61-52.66.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-xen-3.12.61-52.66.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-xen-base-3.12.61-52.66.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-xen-devel-3.12.61-52.66.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:kgraft-patch-3_12_61-52_66-default-1-2.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:kgraft-patch-3_12_61-52_66-xen-1-2.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-3.12.61-52.66.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-devel-3.12.61-52.66.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-extra-3.12.61-52.66.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.66.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.66.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.66.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.66.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.66.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.66.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.66.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.66.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.66.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-man-3.12.61-52.66.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:kernel-devel-3.12.61-52.66.1.noarch",
"SUSE Linux Enterprise Server 12-LTSS:kernel-macros-3.12.61-52.66.1.noarch",
"SUSE Linux Enterprise Server 12-LTSS:kernel-source-3.12.61-52.66.1.noarch",
"SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.66.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.66.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.66.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-xen-3.12.61-52.66.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-xen-base-3.12.61-52.66.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-xen-devel-3.12.61-52.66.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kgraft-patch-3_12_61-52_66-default-1-2.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kgraft-patch-3_12_61-52_66-xen-1-2.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-default-3.12.61-52.66.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-default-base-3.12.61-52.66.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-default-devel-3.12.61-52.66.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-devel-3.12.61-52.66.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-macros-3.12.61-52.66.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-source-3.12.61-52.66.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-syms-3.12.61-52.66.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-xen-3.12.61-52.66.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-xen-base-3.12.61-52.66.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-xen-devel-3.12.61-52.66.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:kgraft-patch-3_12_61-52_66-default-1-2.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:kgraft-patch-3_12_61-52_66-xen-1-2.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2017-02-15T16:20:32Z",
"details": "low"
}
],
"title": "CVE-2016-9083"
},
{
"cve": "CVE-2016-9084",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2016-9084"
}
],
"notes": [
{
"category": "general",
"text": "drivers/vfio/pci/vfio_pci_intrs.c in the Linux kernel through 4.8.11 misuses the kzalloc function, which allows local users to cause a denial of service (integer overflow) or have unspecified other impact by leveraging access to a vfio PCI device file.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-3.12.61-52.66.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-devel-3.12.61-52.66.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-extra-3.12.61-52.66.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.66.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.66.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.66.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.66.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.66.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.66.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.66.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.66.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.66.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-man-3.12.61-52.66.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:kernel-devel-3.12.61-52.66.1.noarch",
"SUSE Linux Enterprise Server 12-LTSS:kernel-macros-3.12.61-52.66.1.noarch",
"SUSE Linux Enterprise Server 12-LTSS:kernel-source-3.12.61-52.66.1.noarch",
"SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.66.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.66.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.66.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-xen-3.12.61-52.66.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-xen-base-3.12.61-52.66.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-xen-devel-3.12.61-52.66.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kgraft-patch-3_12_61-52_66-default-1-2.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kgraft-patch-3_12_61-52_66-xen-1-2.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-default-3.12.61-52.66.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-default-base-3.12.61-52.66.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-default-devel-3.12.61-52.66.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-devel-3.12.61-52.66.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-macros-3.12.61-52.66.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-source-3.12.61-52.66.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-syms-3.12.61-52.66.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-xen-3.12.61-52.66.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-xen-base-3.12.61-52.66.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-xen-devel-3.12.61-52.66.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:kgraft-patch-3_12_61-52_66-default-1-2.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:kgraft-patch-3_12_61-52_66-xen-1-2.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2016-9084",
"url": "https://www.suse.com/security/cve/CVE-2016-9084"
},
{
"category": "external",
"summary": "SUSE Bug 1007197 for CVE-2016-9084",
"url": "https://bugzilla.suse.com/1007197"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-3.12.61-52.66.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-devel-3.12.61-52.66.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-extra-3.12.61-52.66.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.66.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.66.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.66.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.66.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.66.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.66.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.66.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.66.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.66.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-man-3.12.61-52.66.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:kernel-devel-3.12.61-52.66.1.noarch",
"SUSE Linux Enterprise Server 12-LTSS:kernel-macros-3.12.61-52.66.1.noarch",
"SUSE Linux Enterprise Server 12-LTSS:kernel-source-3.12.61-52.66.1.noarch",
"SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.66.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.66.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.66.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-xen-3.12.61-52.66.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-xen-base-3.12.61-52.66.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-xen-devel-3.12.61-52.66.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kgraft-patch-3_12_61-52_66-default-1-2.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kgraft-patch-3_12_61-52_66-xen-1-2.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-default-3.12.61-52.66.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-default-base-3.12.61-52.66.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-default-devel-3.12.61-52.66.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-devel-3.12.61-52.66.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-macros-3.12.61-52.66.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-source-3.12.61-52.66.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-syms-3.12.61-52.66.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-xen-3.12.61-52.66.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-xen-base-3.12.61-52.66.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-xen-devel-3.12.61-52.66.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:kgraft-patch-3_12_61-52_66-default-1-2.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:kgraft-patch-3_12_61-52_66-xen-1-2.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-3.12.61-52.66.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-devel-3.12.61-52.66.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-extra-3.12.61-52.66.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.66.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.66.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.66.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.66.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.66.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.66.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.66.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.66.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.66.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-man-3.12.61-52.66.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:kernel-devel-3.12.61-52.66.1.noarch",
"SUSE Linux Enterprise Server 12-LTSS:kernel-macros-3.12.61-52.66.1.noarch",
"SUSE Linux Enterprise Server 12-LTSS:kernel-source-3.12.61-52.66.1.noarch",
"SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.66.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.66.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.66.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-xen-3.12.61-52.66.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-xen-base-3.12.61-52.66.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-xen-devel-3.12.61-52.66.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kgraft-patch-3_12_61-52_66-default-1-2.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kgraft-patch-3_12_61-52_66-xen-1-2.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-default-3.12.61-52.66.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-default-base-3.12.61-52.66.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-default-devel-3.12.61-52.66.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-devel-3.12.61-52.66.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-macros-3.12.61-52.66.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-source-3.12.61-52.66.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-syms-3.12.61-52.66.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-xen-3.12.61-52.66.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-xen-base-3.12.61-52.66.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-xen-devel-3.12.61-52.66.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:kgraft-patch-3_12_61-52_66-default-1-2.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:kgraft-patch-3_12_61-52_66-xen-1-2.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2017-02-15T16:20:32Z",
"details": "low"
}
],
"title": "CVE-2016-9084"
},
{
"cve": "CVE-2016-9756",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2016-9756"
}
],
"notes": [
{
"category": "general",
"text": "arch/x86/kvm/emulate.c in the Linux kernel before 4.8.12 does not properly initialize Code Segment (CS) in certain error cases, which allows local users to obtain sensitive information from kernel stack memory via a crafted application.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-3.12.61-52.66.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-devel-3.12.61-52.66.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-extra-3.12.61-52.66.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.66.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.66.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.66.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.66.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.66.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.66.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.66.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.66.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.66.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-man-3.12.61-52.66.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:kernel-devel-3.12.61-52.66.1.noarch",
"SUSE Linux Enterprise Server 12-LTSS:kernel-macros-3.12.61-52.66.1.noarch",
"SUSE Linux Enterprise Server 12-LTSS:kernel-source-3.12.61-52.66.1.noarch",
"SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.66.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.66.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.66.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-xen-3.12.61-52.66.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-xen-base-3.12.61-52.66.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-xen-devel-3.12.61-52.66.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kgraft-patch-3_12_61-52_66-default-1-2.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kgraft-patch-3_12_61-52_66-xen-1-2.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-default-3.12.61-52.66.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-default-base-3.12.61-52.66.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-default-devel-3.12.61-52.66.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-devel-3.12.61-52.66.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-macros-3.12.61-52.66.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-source-3.12.61-52.66.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-syms-3.12.61-52.66.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-xen-3.12.61-52.66.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-xen-base-3.12.61-52.66.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-xen-devel-3.12.61-52.66.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:kgraft-patch-3_12_61-52_66-default-1-2.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:kgraft-patch-3_12_61-52_66-xen-1-2.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2016-9756",
"url": "https://www.suse.com/security/cve/CVE-2016-9756"
},
{
"category": "external",
"summary": "SUSE Bug 1013038 for CVE-2016-9756",
"url": "https://bugzilla.suse.com/1013038"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-3.12.61-52.66.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-devel-3.12.61-52.66.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-extra-3.12.61-52.66.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.66.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.66.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.66.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.66.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.66.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.66.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.66.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.66.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.66.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-man-3.12.61-52.66.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:kernel-devel-3.12.61-52.66.1.noarch",
"SUSE Linux Enterprise Server 12-LTSS:kernel-macros-3.12.61-52.66.1.noarch",
"SUSE Linux Enterprise Server 12-LTSS:kernel-source-3.12.61-52.66.1.noarch",
"SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.66.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.66.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.66.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-xen-3.12.61-52.66.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-xen-base-3.12.61-52.66.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-xen-devel-3.12.61-52.66.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kgraft-patch-3_12_61-52_66-default-1-2.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kgraft-patch-3_12_61-52_66-xen-1-2.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-default-3.12.61-52.66.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-default-base-3.12.61-52.66.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-default-devel-3.12.61-52.66.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-devel-3.12.61-52.66.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-macros-3.12.61-52.66.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-source-3.12.61-52.66.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-syms-3.12.61-52.66.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-xen-3.12.61-52.66.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-xen-base-3.12.61-52.66.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-xen-devel-3.12.61-52.66.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:kgraft-patch-3_12_61-52_66-default-1-2.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:kgraft-patch-3_12_61-52_66-xen-1-2.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.1,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:C/C:L/I:N/A:N",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-3.12.61-52.66.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-devel-3.12.61-52.66.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-extra-3.12.61-52.66.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.66.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.66.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.66.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.66.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.66.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.66.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.66.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.66.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.66.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-man-3.12.61-52.66.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:kernel-devel-3.12.61-52.66.1.noarch",
"SUSE Linux Enterprise Server 12-LTSS:kernel-macros-3.12.61-52.66.1.noarch",
"SUSE Linux Enterprise Server 12-LTSS:kernel-source-3.12.61-52.66.1.noarch",
"SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.66.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.66.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.66.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-xen-3.12.61-52.66.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-xen-base-3.12.61-52.66.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-xen-devel-3.12.61-52.66.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kgraft-patch-3_12_61-52_66-default-1-2.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kgraft-patch-3_12_61-52_66-xen-1-2.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-default-3.12.61-52.66.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-default-base-3.12.61-52.66.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-default-devel-3.12.61-52.66.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-devel-3.12.61-52.66.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-macros-3.12.61-52.66.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-source-3.12.61-52.66.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-syms-3.12.61-52.66.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-xen-3.12.61-52.66.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-xen-base-3.12.61-52.66.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-xen-devel-3.12.61-52.66.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:kgraft-patch-3_12_61-52_66-default-1-2.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:kgraft-patch-3_12_61-52_66-xen-1-2.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2017-02-15T16:20:32Z",
"details": "moderate"
}
],
"title": "CVE-2016-9756"
},
{
"cve": "CVE-2016-9793",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2016-9793"
}
],
"notes": [
{
"category": "general",
"text": "The sock_setsockopt function in net/core/sock.c in the Linux kernel before 4.8.14 mishandles negative values of sk_sndbuf and sk_rcvbuf, which allows local users to cause a denial of service (memory corruption and system crash) or possibly have unspecified other impact by leveraging the CAP_NET_ADMIN capability for a crafted setsockopt system call with the (1) SO_SNDBUFFORCE or (2) SO_RCVBUFFORCE option.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-3.12.61-52.66.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-devel-3.12.61-52.66.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-extra-3.12.61-52.66.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.66.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.66.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.66.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.66.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.66.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.66.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.66.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.66.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.66.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-man-3.12.61-52.66.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:kernel-devel-3.12.61-52.66.1.noarch",
"SUSE Linux Enterprise Server 12-LTSS:kernel-macros-3.12.61-52.66.1.noarch",
"SUSE Linux Enterprise Server 12-LTSS:kernel-source-3.12.61-52.66.1.noarch",
"SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.66.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.66.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.66.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-xen-3.12.61-52.66.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-xen-base-3.12.61-52.66.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-xen-devel-3.12.61-52.66.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kgraft-patch-3_12_61-52_66-default-1-2.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kgraft-patch-3_12_61-52_66-xen-1-2.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-default-3.12.61-52.66.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-default-base-3.12.61-52.66.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-default-devel-3.12.61-52.66.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-devel-3.12.61-52.66.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-macros-3.12.61-52.66.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-source-3.12.61-52.66.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-syms-3.12.61-52.66.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-xen-3.12.61-52.66.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-xen-base-3.12.61-52.66.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-xen-devel-3.12.61-52.66.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:kgraft-patch-3_12_61-52_66-default-1-2.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:kgraft-patch-3_12_61-52_66-xen-1-2.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2016-9793",
"url": "https://www.suse.com/security/cve/CVE-2016-9793"
},
{
"category": "external",
"summary": "SUSE Bug 1013531 for CVE-2016-9793",
"url": "https://bugzilla.suse.com/1013531"
},
{
"category": "external",
"summary": "SUSE Bug 1013542 for CVE-2016-9793",
"url": "https://bugzilla.suse.com/1013542"
},
{
"category": "external",
"summary": "SUSE Bug 1115893 for CVE-2016-9793",
"url": "https://bugzilla.suse.com/1115893"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-3.12.61-52.66.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-devel-3.12.61-52.66.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-extra-3.12.61-52.66.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.66.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.66.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.66.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.66.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.66.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.66.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.66.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.66.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.66.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-man-3.12.61-52.66.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:kernel-devel-3.12.61-52.66.1.noarch",
"SUSE Linux Enterprise Server 12-LTSS:kernel-macros-3.12.61-52.66.1.noarch",
"SUSE Linux Enterprise Server 12-LTSS:kernel-source-3.12.61-52.66.1.noarch",
"SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.66.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.66.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.66.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-xen-3.12.61-52.66.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-xen-base-3.12.61-52.66.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-xen-devel-3.12.61-52.66.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kgraft-patch-3_12_61-52_66-default-1-2.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kgraft-patch-3_12_61-52_66-xen-1-2.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-default-3.12.61-52.66.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-default-base-3.12.61-52.66.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-default-devel-3.12.61-52.66.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-devel-3.12.61-52.66.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-macros-3.12.61-52.66.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-source-3.12.61-52.66.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-syms-3.12.61-52.66.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-xen-3.12.61-52.66.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-xen-base-3.12.61-52.66.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-xen-devel-3.12.61-52.66.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:kgraft-patch-3_12_61-52_66-default-1-2.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:kgraft-patch-3_12_61-52_66-xen-1-2.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-3.12.61-52.66.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-devel-3.12.61-52.66.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-extra-3.12.61-52.66.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.66.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.66.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.66.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.66.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.66.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.66.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.66.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.66.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.66.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-man-3.12.61-52.66.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:kernel-devel-3.12.61-52.66.1.noarch",
"SUSE Linux Enterprise Server 12-LTSS:kernel-macros-3.12.61-52.66.1.noarch",
"SUSE Linux Enterprise Server 12-LTSS:kernel-source-3.12.61-52.66.1.noarch",
"SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.66.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.66.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.66.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-xen-3.12.61-52.66.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-xen-base-3.12.61-52.66.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-xen-devel-3.12.61-52.66.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kgraft-patch-3_12_61-52_66-default-1-2.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kgraft-patch-3_12_61-52_66-xen-1-2.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-default-3.12.61-52.66.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-default-base-3.12.61-52.66.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-default-devel-3.12.61-52.66.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-devel-3.12.61-52.66.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-macros-3.12.61-52.66.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-source-3.12.61-52.66.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-syms-3.12.61-52.66.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-xen-3.12.61-52.66.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-xen-base-3.12.61-52.66.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-xen-devel-3.12.61-52.66.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:kgraft-patch-3_12_61-52_66-default-1-2.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:kgraft-patch-3_12_61-52_66-xen-1-2.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2017-02-15T16:20:32Z",
"details": "moderate"
}
],
"title": "CVE-2016-9793"
},
{
"cve": "CVE-2016-9806",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2016-9806"
}
],
"notes": [
{
"category": "general",
"text": "Race condition in the netlink_dump function in net/netlink/af_netlink.c in the Linux kernel before 4.6.3 allows local users to cause a denial of service (double free) or possibly have unspecified other impact via a crafted application that makes sendmsg system calls, leading to a free operation associated with a new dump that started earlier than anticipated.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-3.12.61-52.66.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-devel-3.12.61-52.66.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-extra-3.12.61-52.66.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.66.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.66.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.66.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.66.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.66.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.66.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.66.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.66.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.66.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-man-3.12.61-52.66.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:kernel-devel-3.12.61-52.66.1.noarch",
"SUSE Linux Enterprise Server 12-LTSS:kernel-macros-3.12.61-52.66.1.noarch",
"SUSE Linux Enterprise Server 12-LTSS:kernel-source-3.12.61-52.66.1.noarch",
"SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.66.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.66.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.66.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-xen-3.12.61-52.66.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-xen-base-3.12.61-52.66.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-xen-devel-3.12.61-52.66.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kgraft-patch-3_12_61-52_66-default-1-2.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kgraft-patch-3_12_61-52_66-xen-1-2.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-default-3.12.61-52.66.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-default-base-3.12.61-52.66.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-default-devel-3.12.61-52.66.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-devel-3.12.61-52.66.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-macros-3.12.61-52.66.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-source-3.12.61-52.66.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-syms-3.12.61-52.66.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-xen-3.12.61-52.66.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-xen-base-3.12.61-52.66.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-xen-devel-3.12.61-52.66.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:kgraft-patch-3_12_61-52_66-default-1-2.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:kgraft-patch-3_12_61-52_66-xen-1-2.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2016-9806",
"url": "https://www.suse.com/security/cve/CVE-2016-9806"
},
{
"category": "external",
"summary": "SUSE Bug 1013540 for CVE-2016-9806",
"url": "https://bugzilla.suse.com/1013540"
},
{
"category": "external",
"summary": "SUSE Bug 1017589 for CVE-2016-9806",
"url": "https://bugzilla.suse.com/1017589"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-3.12.61-52.66.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-devel-3.12.61-52.66.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-extra-3.12.61-52.66.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.66.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.66.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.66.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.66.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.66.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.66.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.66.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.66.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.66.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-man-3.12.61-52.66.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:kernel-devel-3.12.61-52.66.1.noarch",
"SUSE Linux Enterprise Server 12-LTSS:kernel-macros-3.12.61-52.66.1.noarch",
"SUSE Linux Enterprise Server 12-LTSS:kernel-source-3.12.61-52.66.1.noarch",
"SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.66.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.66.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.66.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-xen-3.12.61-52.66.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-xen-base-3.12.61-52.66.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-xen-devel-3.12.61-52.66.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kgraft-patch-3_12_61-52_66-default-1-2.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kgraft-patch-3_12_61-52_66-xen-1-2.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-default-3.12.61-52.66.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-default-base-3.12.61-52.66.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-default-devel-3.12.61-52.66.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-devel-3.12.61-52.66.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-macros-3.12.61-52.66.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-source-3.12.61-52.66.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-syms-3.12.61-52.66.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-xen-3.12.61-52.66.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-xen-base-3.12.61-52.66.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-xen-devel-3.12.61-52.66.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:kgraft-patch-3_12_61-52_66-default-1-2.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:kgraft-patch-3_12_61-52_66-xen-1-2.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-3.12.61-52.66.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-devel-3.12.61-52.66.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-extra-3.12.61-52.66.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.66.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.66.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.66.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.66.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.66.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.66.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.66.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.66.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.66.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-man-3.12.61-52.66.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:kernel-devel-3.12.61-52.66.1.noarch",
"SUSE Linux Enterprise Server 12-LTSS:kernel-macros-3.12.61-52.66.1.noarch",
"SUSE Linux Enterprise Server 12-LTSS:kernel-source-3.12.61-52.66.1.noarch",
"SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.66.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.66.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.66.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-xen-3.12.61-52.66.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-xen-base-3.12.61-52.66.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-xen-devel-3.12.61-52.66.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kgraft-patch-3_12_61-52_66-default-1-2.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kgraft-patch-3_12_61-52_66-xen-1-2.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-default-3.12.61-52.66.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-default-base-3.12.61-52.66.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-default-devel-3.12.61-52.66.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-devel-3.12.61-52.66.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-macros-3.12.61-52.66.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-source-3.12.61-52.66.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-syms-3.12.61-52.66.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-xen-3.12.61-52.66.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-xen-base-3.12.61-52.66.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-xen-devel-3.12.61-52.66.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:kgraft-patch-3_12_61-52_66-default-1-2.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:kgraft-patch-3_12_61-52_66-xen-1-2.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2017-02-15T16:20:32Z",
"details": "important"
}
],
"title": "CVE-2016-9806"
},
{
"cve": "CVE-2017-2583",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2017-2583"
}
],
"notes": [
{
"category": "general",
"text": "The load_segment_descriptor implementation in arch/x86/kvm/emulate.c in the Linux kernel before 4.9.5 improperly emulates a \"MOV SS, NULL selector\" instruction, which allows guest OS users to cause a denial of service (guest OS crash) or gain guest OS privileges via a crafted application.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-3.12.61-52.66.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-devel-3.12.61-52.66.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-extra-3.12.61-52.66.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.66.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.66.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.66.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.66.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.66.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.66.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.66.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.66.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.66.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-man-3.12.61-52.66.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:kernel-devel-3.12.61-52.66.1.noarch",
"SUSE Linux Enterprise Server 12-LTSS:kernel-macros-3.12.61-52.66.1.noarch",
"SUSE Linux Enterprise Server 12-LTSS:kernel-source-3.12.61-52.66.1.noarch",
"SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.66.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.66.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.66.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-xen-3.12.61-52.66.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-xen-base-3.12.61-52.66.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-xen-devel-3.12.61-52.66.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kgraft-patch-3_12_61-52_66-default-1-2.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kgraft-patch-3_12_61-52_66-xen-1-2.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-default-3.12.61-52.66.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-default-base-3.12.61-52.66.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-default-devel-3.12.61-52.66.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-devel-3.12.61-52.66.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-macros-3.12.61-52.66.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-source-3.12.61-52.66.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-syms-3.12.61-52.66.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-xen-3.12.61-52.66.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-xen-base-3.12.61-52.66.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-xen-devel-3.12.61-52.66.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:kgraft-patch-3_12_61-52_66-default-1-2.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:kgraft-patch-3_12_61-52_66-xen-1-2.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2017-2583",
"url": "https://www.suse.com/security/cve/CVE-2017-2583"
},
{
"category": "external",
"summary": "SUSE Bug 1020602 for CVE-2017-2583",
"url": "https://bugzilla.suse.com/1020602"
},
{
"category": "external",
"summary": "SUSE Bug 1030573 for CVE-2017-2583",
"url": "https://bugzilla.suse.com/1030573"
},
{
"category": "external",
"summary": "SUSE Bug 1087082 for CVE-2017-2583",
"url": "https://bugzilla.suse.com/1087082"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-3.12.61-52.66.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-devel-3.12.61-52.66.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-extra-3.12.61-52.66.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.66.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.66.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.66.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.66.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.66.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.66.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.66.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.66.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.66.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-man-3.12.61-52.66.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:kernel-devel-3.12.61-52.66.1.noarch",
"SUSE Linux Enterprise Server 12-LTSS:kernel-macros-3.12.61-52.66.1.noarch",
"SUSE Linux Enterprise Server 12-LTSS:kernel-source-3.12.61-52.66.1.noarch",
"SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.66.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.66.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.66.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-xen-3.12.61-52.66.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-xen-base-3.12.61-52.66.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-xen-devel-3.12.61-52.66.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kgraft-patch-3_12_61-52_66-default-1-2.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kgraft-patch-3_12_61-52_66-xen-1-2.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-default-3.12.61-52.66.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-default-base-3.12.61-52.66.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-default-devel-3.12.61-52.66.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-devel-3.12.61-52.66.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-macros-3.12.61-52.66.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-source-3.12.61-52.66.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-syms-3.12.61-52.66.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-xen-3.12.61-52.66.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-xen-base-3.12.61-52.66.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-xen-devel-3.12.61-52.66.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:kgraft-patch-3_12_61-52_66-default-1-2.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:kgraft-patch-3_12_61-52_66-xen-1-2.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 8.4,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-3.12.61-52.66.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-devel-3.12.61-52.66.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-extra-3.12.61-52.66.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.66.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.66.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.66.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.66.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.66.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.66.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.66.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.66.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.66.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-man-3.12.61-52.66.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:kernel-devel-3.12.61-52.66.1.noarch",
"SUSE Linux Enterprise Server 12-LTSS:kernel-macros-3.12.61-52.66.1.noarch",
"SUSE Linux Enterprise Server 12-LTSS:kernel-source-3.12.61-52.66.1.noarch",
"SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.66.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.66.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.66.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-xen-3.12.61-52.66.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-xen-base-3.12.61-52.66.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-xen-devel-3.12.61-52.66.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kgraft-patch-3_12_61-52_66-default-1-2.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kgraft-patch-3_12_61-52_66-xen-1-2.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-default-3.12.61-52.66.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-default-base-3.12.61-52.66.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-default-devel-3.12.61-52.66.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-devel-3.12.61-52.66.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-macros-3.12.61-52.66.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-source-3.12.61-52.66.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-syms-3.12.61-52.66.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-xen-3.12.61-52.66.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-xen-base-3.12.61-52.66.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-xen-devel-3.12.61-52.66.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:kgraft-patch-3_12_61-52_66-default-1-2.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:kgraft-patch-3_12_61-52_66-xen-1-2.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2017-02-15T16:20:32Z",
"details": "moderate"
}
],
"title": "CVE-2017-2583"
},
{
"cve": "CVE-2017-2584",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2017-2584"
}
],
"notes": [
{
"category": "general",
"text": "arch/x86/kvm/emulate.c in the Linux kernel through 4.9.3 allows local users to obtain sensitive information from kernel memory or cause a denial of service (use-after-free) via a crafted application that leverages instruction emulation for fxrstor, fxsave, sgdt, and sidt.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-3.12.61-52.66.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-devel-3.12.61-52.66.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-extra-3.12.61-52.66.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.66.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.66.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.66.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.66.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.66.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.66.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.66.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.66.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.66.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-man-3.12.61-52.66.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:kernel-devel-3.12.61-52.66.1.noarch",
"SUSE Linux Enterprise Server 12-LTSS:kernel-macros-3.12.61-52.66.1.noarch",
"SUSE Linux Enterprise Server 12-LTSS:kernel-source-3.12.61-52.66.1.noarch",
"SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.66.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.66.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.66.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-xen-3.12.61-52.66.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-xen-base-3.12.61-52.66.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-xen-devel-3.12.61-52.66.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kgraft-patch-3_12_61-52_66-default-1-2.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kgraft-patch-3_12_61-52_66-xen-1-2.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-default-3.12.61-52.66.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-default-base-3.12.61-52.66.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-default-devel-3.12.61-52.66.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-devel-3.12.61-52.66.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-macros-3.12.61-52.66.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-source-3.12.61-52.66.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-syms-3.12.61-52.66.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-xen-3.12.61-52.66.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-xen-base-3.12.61-52.66.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-xen-devel-3.12.61-52.66.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:kgraft-patch-3_12_61-52_66-default-1-2.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:kgraft-patch-3_12_61-52_66-xen-1-2.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2017-2584",
"url": "https://www.suse.com/security/cve/CVE-2017-2584"
},
{
"category": "external",
"summary": "SUSE Bug 1019851 for CVE-2017-2584",
"url": "https://bugzilla.suse.com/1019851"
},
{
"category": "external",
"summary": "SUSE Bug 1087082 for CVE-2017-2584",
"url": "https://bugzilla.suse.com/1087082"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-3.12.61-52.66.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-devel-3.12.61-52.66.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-extra-3.12.61-52.66.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.66.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.66.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.66.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.66.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.66.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.66.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.66.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.66.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.66.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-man-3.12.61-52.66.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:kernel-devel-3.12.61-52.66.1.noarch",
"SUSE Linux Enterprise Server 12-LTSS:kernel-macros-3.12.61-52.66.1.noarch",
"SUSE Linux Enterprise Server 12-LTSS:kernel-source-3.12.61-52.66.1.noarch",
"SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.66.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.66.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.66.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-xen-3.12.61-52.66.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-xen-base-3.12.61-52.66.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-xen-devel-3.12.61-52.66.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kgraft-patch-3_12_61-52_66-default-1-2.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kgraft-patch-3_12_61-52_66-xen-1-2.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-default-3.12.61-52.66.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-default-base-3.12.61-52.66.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-default-devel-3.12.61-52.66.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-devel-3.12.61-52.66.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-macros-3.12.61-52.66.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-source-3.12.61-52.66.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-syms-3.12.61-52.66.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-xen-3.12.61-52.66.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-xen-base-3.12.61-52.66.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-xen-devel-3.12.61-52.66.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:kgraft-patch-3_12_61-52_66-default-1-2.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:kgraft-patch-3_12_61-52_66-xen-1-2.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.1,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H",
"version": "3.0"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-3.12.61-52.66.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-devel-3.12.61-52.66.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-extra-3.12.61-52.66.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.66.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.66.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.66.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.66.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.66.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.66.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.66.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.66.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.66.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-man-3.12.61-52.66.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:kernel-devel-3.12.61-52.66.1.noarch",
"SUSE Linux Enterprise Server 12-LTSS:kernel-macros-3.12.61-52.66.1.noarch",
"SUSE Linux Enterprise Server 12-LTSS:kernel-source-3.12.61-52.66.1.noarch",
"SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.66.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.66.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.66.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-xen-3.12.61-52.66.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-xen-base-3.12.61-52.66.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-xen-devel-3.12.61-52.66.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kgraft-patch-3_12_61-52_66-default-1-2.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kgraft-patch-3_12_61-52_66-xen-1-2.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-default-3.12.61-52.66.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-default-base-3.12.61-52.66.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-default-devel-3.12.61-52.66.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-devel-3.12.61-52.66.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-macros-3.12.61-52.66.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-source-3.12.61-52.66.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-syms-3.12.61-52.66.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-xen-3.12.61-52.66.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-xen-base-3.12.61-52.66.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-xen-devel-3.12.61-52.66.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:kgraft-patch-3_12_61-52_66-default-1-2.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:kgraft-patch-3_12_61-52_66-xen-1-2.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2017-02-15T16:20:32Z",
"details": "moderate"
}
],
"title": "CVE-2017-2584"
},
{
"cve": "CVE-2017-5551",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2017-5551"
}
],
"notes": [
{
"category": "general",
"text": "The simple_set_acl function in fs/posix_acl.c in the Linux kernel before 4.9.6 preserves the setgid bit during a setxattr call involving a tmpfs filesystem, which allows local users to gain group privileges by leveraging the existence of a setgid program with restrictions on execute permissions. NOTE: this vulnerability exists because of an incomplete fix for CVE-2016-7097.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-3.12.61-52.66.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-devel-3.12.61-52.66.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-extra-3.12.61-52.66.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.66.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.66.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.66.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.66.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.66.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.66.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.66.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.66.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.66.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-man-3.12.61-52.66.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:kernel-devel-3.12.61-52.66.1.noarch",
"SUSE Linux Enterprise Server 12-LTSS:kernel-macros-3.12.61-52.66.1.noarch",
"SUSE Linux Enterprise Server 12-LTSS:kernel-source-3.12.61-52.66.1.noarch",
"SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.66.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.66.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.66.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-xen-3.12.61-52.66.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-xen-base-3.12.61-52.66.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-xen-devel-3.12.61-52.66.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kgraft-patch-3_12_61-52_66-default-1-2.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kgraft-patch-3_12_61-52_66-xen-1-2.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-default-3.12.61-52.66.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-default-base-3.12.61-52.66.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-default-devel-3.12.61-52.66.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-devel-3.12.61-52.66.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-macros-3.12.61-52.66.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-source-3.12.61-52.66.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-syms-3.12.61-52.66.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-xen-3.12.61-52.66.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-xen-base-3.12.61-52.66.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-xen-devel-3.12.61-52.66.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:kgraft-patch-3_12_61-52_66-default-1-2.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:kgraft-patch-3_12_61-52_66-xen-1-2.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2017-5551",
"url": "https://www.suse.com/security/cve/CVE-2017-5551"
},
{
"category": "external",
"summary": "SUSE Bug 1021258 for CVE-2017-5551",
"url": "https://bugzilla.suse.com/1021258"
},
{
"category": "external",
"summary": "SUSE Bug 995968 for CVE-2017-5551",
"url": "https://bugzilla.suse.com/995968"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-3.12.61-52.66.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-devel-3.12.61-52.66.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-extra-3.12.61-52.66.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.66.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.66.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.66.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.66.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.66.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.66.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.66.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.66.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.66.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-man-3.12.61-52.66.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:kernel-devel-3.12.61-52.66.1.noarch",
"SUSE Linux Enterprise Server 12-LTSS:kernel-macros-3.12.61-52.66.1.noarch",
"SUSE Linux Enterprise Server 12-LTSS:kernel-source-3.12.61-52.66.1.noarch",
"SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.66.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.66.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.66.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-xen-3.12.61-52.66.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-xen-base-3.12.61-52.66.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-xen-devel-3.12.61-52.66.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kgraft-patch-3_12_61-52_66-default-1-2.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kgraft-patch-3_12_61-52_66-xen-1-2.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-default-3.12.61-52.66.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-default-base-3.12.61-52.66.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-default-devel-3.12.61-52.66.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-devel-3.12.61-52.66.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-macros-3.12.61-52.66.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-source-3.12.61-52.66.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-syms-3.12.61-52.66.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-xen-3.12.61-52.66.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-xen-base-3.12.61-52.66.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-xen-devel-3.12.61-52.66.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:kgraft-patch-3_12_61-52_66-default-1-2.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:kgraft-patch-3_12_61-52_66-xen-1-2.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.4,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-3.12.61-52.66.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-devel-3.12.61-52.66.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-extra-3.12.61-52.66.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.66.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.66.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.66.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.66.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.66.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.66.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.66.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.66.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.66.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-man-3.12.61-52.66.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:kernel-devel-3.12.61-52.66.1.noarch",
"SUSE Linux Enterprise Server 12-LTSS:kernel-macros-3.12.61-52.66.1.noarch",
"SUSE Linux Enterprise Server 12-LTSS:kernel-source-3.12.61-52.66.1.noarch",
"SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.66.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.66.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.66.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-xen-3.12.61-52.66.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-xen-base-3.12.61-52.66.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-xen-devel-3.12.61-52.66.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kgraft-patch-3_12_61-52_66-default-1-2.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kgraft-patch-3_12_61-52_66-xen-1-2.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-default-3.12.61-52.66.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-default-base-3.12.61-52.66.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-default-devel-3.12.61-52.66.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-devel-3.12.61-52.66.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-macros-3.12.61-52.66.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-source-3.12.61-52.66.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-syms-3.12.61-52.66.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-xen-3.12.61-52.66.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-xen-base-3.12.61-52.66.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-xen-devel-3.12.61-52.66.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:kgraft-patch-3_12_61-52_66-default-1-2.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:kgraft-patch-3_12_61-52_66-xen-1-2.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2017-02-15T16:20:32Z",
"details": "moderate"
}
],
"title": "CVE-2017-5551"
}
]
}
Loading…
Loading…
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or observed by the user.
- Confirmed: The vulnerability has been validated from an analyst's perspective.
- Published Proof of Concept: A public proof of concept is available for this vulnerability.
- Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
- Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
- Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
- Not confirmed: The user expressed doubt about the validity of the vulnerability.
- Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.
Loading…
Loading…