{
  "document": {
    "aggregate_severity": {
      "namespace": "https://www.suse.com/support/security/rating/",
      "text": "important"
    },
    "category": "csaf_security_advisory",
    "csaf_version": "2.0",
    "distribution": {
      "text": "Copyright 2024 SUSE LLC. All rights reserved.",
      "tlp": {
        "label": "WHITE",
        "url": "https://www.first.org/tlp/"
      }
    },
    "lang": "en",
    "notes": [
      {
        "category": "summary",
        "text": "Security update for the Linux Kernel",
        "title": "Title of the patch"
      },
      {
        "category": "description",
        "text": "\n\nThe SUSE Linux Enterprise 15 kernel was updated to receive various security and bugfixes.\n\nThe following security bugs were fixed:\n\n- CVE-2018-18445: A faulty computation of numeric bounds in the BPF verifier permits out-of-bounds memory accesses because adjust_scalar_min_max_vals in kernel/bpf/verifier.c mishandled 32-bit right shifts (bnc#1112372).\n- CVE-2018-18386: drivers/tty/n_tty.c allowed local attackers (who are able to access pseudo terminals) to hang/block further usage of any pseudo terminal devices due to an EXTPROC versus ICANON confusion in TIOCINQ (bnc#1094825).\n- CVE-2017-18224: fs/ocfs2/aops.c omits use of a semaphore and consequently has a race condition for access to the extent tree during read operations in DIRECT mode, which allowed local users to cause a denial of service (BUG) by modifying a certain e_cpos field (bnc#1084831).\n- CVE-2017-16533: The usbhid_parse function in drivers/hid/usbhid/hid-core.c allowed local users to cause a denial of service (out-of-bounds read and system crash) or possibly have unspecified other impact via a crafted USB device (bnc#1066674).\n\nThe following non-security bugs were fixed:\n\n- acpi / processor: Fix the return value of acpi_processor_ids_walk() (bsc#1051510).\n- acpica: Reference Counts: increase max to 0x4000 for large servers (bsc#1108241).\n- alsa: hda/realtek - Cannot adjust speaker\u0027s volume on Dell XPS 27 7760 (bsc#1051510).\n- arm: 8799/1: mm: fix pci_ioremap_io() offset check (bsc#1051510).\n- arm: bcm2835: Add GET_THROTTLED firmware property (bsc#1108468).\n- arm: exynos: Clear global variable on init error path (bsc#1051510).\n- arm: hisi: check of_iomap and fix missing of_node_put (bsc#1051510).\n- arm: hwmod: RTC: Do not assume lock/unlock will be called with irq enabled (bsc#1051510).\n- arm: mvebu: declare asm symbols as character arrays in pmsu.c (bsc#1051510).\n- ASoC: Intel: Skylake: Reset the controller in probe (bsc#1051510).\n- ASoC: rsnd: adg: care clock-frequency size (bsc#1051510).\n- ASoC: rsnd: do not fallback to PIO mode when -EPROBE_DEFER (bsc#1051510).\n- ASoC: rt5514: Fix the issue of the delay volume applied again (bsc#1051510).\n- ASoC: sigmadsp: safeload should not have lower byte limit (bsc#1051510).\n- ASoC: wm8804: Add ACPI support (bsc#1051510).\n- Btrfs: fix file data corruption after cloning a range and fsync (bsc#1111901).\n- Btrfs: fix mount failure after fsync due to hard link recreation (bsc#1103543).\n- Btrfs: send, fix invalid access to commit roots due to concurrent snapshotting (bsc#1111904).\n- cifs: check for STATUS_USER_SESSION_DELETED (bsc#1112902).\n- Delete patches.drivers/IB-qedr-Remove-GID-add-del-dummy-routines.patch. (bsc#1110921)\n- Disable DRM patches that broke vbox video driver KMP (bsc#1111076)\n- EDAC, ghes: Add DDR4 and NVDIMM memory types (bsc#1099125).\n- EDAC, skx: Fix skx_edac build error when ACPI_NFIT=m (bsc#1099125).\n- EDAC, skx_edac: Detect non-volatile DIMMs (bsc#1099125).\n- EDAC: Add new memory type for non-volatile DIMMs (bsc#1099125).\n- HID: add support for Apple Magic Keyboards (bsc#1051510).\n- HID: hid-saitek: Add device ID for RAT 7 Contagion (bsc#1051510).\n- HID: hid-sensor-hub: Force logical minimum to 1 for power and report state (bsc#1051510).\n- HID: quirks: fix support for Apple Magic Keyboards (bsc#1051510).\n- HID: sensor-hub: Restore fixup for Lenovo ThinkPad Helix 2 sensor hub report (bsc#1051510).\n- input: atakbd - fix Atari CapsLock behaviour (bsc#1051510).\n- input: atakbd - fix Atari keymap (bsc#1051510).\n- kvm/vmx: Optimize vmx_vcpu_run() and svm_vcpu_run() by marking the RDMSR path as unlikely() (bsc#1110006).\n- kvm: svm: Add MSR-based feature support for serializing LFENCE (bsc#1106240).\n- kvm: vmx: Tell the nested hypervisor to skip L1D flush on vmentry (bsc#1106240).\n- kvm: vmx: raise internal error for exception during invalid protected mode state (bsc#1110006).\n- kvm: vmx: support MSR_IA32_ARCH_CAPABILITIES as a feature MSR (bsc#1106240).\n- kvm: x86: Fix reserved bits check for MOV to CR3 (bsc#1110006).\n- kvm: x86: Introduce kvm_get_msr_feature() (bsc#1106240).\n- kvm: x86: fix incorrect reference of trace_kvm_pi_irte_update (bsc#1110006).\n- kvm: lapic: stop advertising DIRECTED_EOI when in-kernel IOAPIC is in use (bsc#1110006).\n- kvm: nvmx: Do not expose MPX VMX controls when guest MPX disabled (bsc#1106240).\n- kvm: nvmx: Do not halt vcpu when L1 is injecting events to L2 (bsc#1110006).\n- kvm: vmx: track host_state.loaded using a loaded_vmcs pointer (bsc#1110006).\n- kvm: vmx: use local variable for current_vmptr when emulating VMPTRST (bsc#1110006).\n- kvm: x86: Add a framework for supporting MSR-based features (bsc#1106240).\n- kvm: x86: Do not use kvm_x86_ops-\u003empx_supported() directly (bsc#1106240).\n- kvm: x86: Update cpuid properly when CR4.OSXAVE or CR4.PKE is changed (bsc#1110006).\n- kvm: x86: define SVM/VMX specific kvm_arch_[alloc|free]_vm (bsc#1111506).\n- kvm: x86: fix #UD address of failed Hyper-V hypercalls (bsc#1110006).\n- kvm: x86: fix escape of guest dr6 to the host (bsc#1110006).\n- kvm: x86: remove APIC Timer periodic/oneshot spikes (bsc#1110006).\n- nfc: trf7970a: fix check of clock frequencies, use \u0026\u0026 instead of || (bsc#1051510).\n- nfs: Avoid quadratic search when freeing delegations (bsc#1084760).\n- pci: Reprogram bridge prefetch registers on resume (bsc#1051510).\n- pci: dwc: Fix scheduling while atomic issues (git-fixes).\n- pci: hv: Do not wait forever on a device that has disappeared (bsc#1109806).\n- pm / Domains: Fix genpd to deal with drivers returning 1 from -\u003eprepare() (bsc#1051510).\n- pm / core: Clear the direct_complete flag on errors (bsc#1051510).\n- pm: cpuidle: Fix cpuidle_poll_state_init() prototype (bsc#1110006).\n- rdma/bnxt_re: Fix system crash during RDMA resource initialization (bsc#1086283).\n- Revert \u0027Limit kernel-source build to architectures for which we build binaries\u0027 This reverts commit d6435125446d740016904abe30a60611549ae812.\n- Revert \u0027cdc-acm: implement put_char() and flush_chars()\u0027 (bsc#1051510).\n- Revert \u0027drm/amdgpu: Add an ATPX quirk for hybrid laptop\u0027 (bsc#1051510).\n- Revert \u0027drm/i915/gvt: set max priority for gvt context\u0027 (bsc#1051510).\n- Revert \u0027gpio: set up initial state from .get_direction()\u0027 (bsc#1051510).\n- Revert \u0027iommu/io-pgtable: Avoid redundant TLB syncs\u0027 (bsc#1106237).\n- Revert \u0027mwifiex: fix incorrect ht capability problem\u0027 (bsc#1051510).\n- Revert \u0027mwifiex: handle race during mwifiex_usb_disconnect\u0027 (bsc#1051510).\n- Revert \u0027pinctrl: sunxi: Do not enforce bias disable (for now)\u0027 (bsc#1051510).\n- Revert \u0027slab: __GFP_ZERO is incompatible with a constructor\u0027 (bnc#1108828) This reverts commit de0a67303736262e306a3eb23aa38824b28c2764 because we still seem to have false possitives in the tree.\n- Revert \u0027ubifs: xattr: Do not operate on deleted inodes\u0027 (bsc#1051510).\n- Squashfs: Compute expected length from inode size rather than block length (bsc#1051510).\n- usb: Add quirk to support DJI CineSSD (bsc#1051510).\n- usb: add quirk for WORLDE Controller KS49 or Prodipe MIDI 49C USB controller (bsc#1051510).\n- usb: fix error handling in usb_driver_claim_interface() (bsc#1051510).\n- usb: handle NULL config in usb_find_alt_setting() (bsc#1051510).\n- usb: remove LPM management from usb_driver_claim_interface() (bsc#1051510).\n- usb: serial: simple: add Motorola Tetra MTP6550 id (bsc#1051510).\n- usb: yurex: Check for truncation in yurex_read() (bsc#1051510).\n- usb: yurex: Fix buffer over-read in yurex_write() (bsc#1051510).\n- Use upstream version of pci-hyperv patch (35a88a1)\n- acpi, nfit: Add function to look up nvdimm device and provide SMBIOS handle (bsc#1099125).\n- aio: fix io_destroy(2) vs. lookup_ioctx() race (git-fixes).\n- apparmor: Check buffer bounds when mapping permissions mask (git-fixes).\n- apparmor: Fix failure to audit context info in build_change_hat (bsc#1051510).\n- apparmor: Fully initialize aa_perms struct when answering userspace query (bsc#1051510).\n- apparmor: fix mediation of prlimit (bsc#1051510).\n- apparmor: fix memory leak when deduping profile load (bsc#1051510).\n- apparmor: fix ptrace read check (bsc#1051510).\n- asix: Check for supported Wake-on-LAN modes (bsc#1051510).\n- ath10k: fix kernel panic issue during pci probe (bsc#1051510).\n- ath10k: fix scan crash due to incorrect length calculation (bsc#1051510).\n- ath10k: fix use-after-free in ath10k_wmi_cmd_send_nowait (bsc#1051510).\n- ath10k: protect ath10k_htt_rx_ring_free with rx_ring.lock (bsc#1051510).\n- audit: fix use-after-free in audit_add_watch (bsc#1051510).\n- batman-adv: Avoid probe ELP information leak (bsc#1051510).\n- batman-adv: Fix multicast TT issues with bogus ROAM flags (bsc#1051510).\n- batman-adv: Fix segfault when writing to sysfs elp_interval (bsc#1051510).\n- batman-adv: Fix segfault when writing to throughput_override (bsc#1051510).\n- batman-adv: Prevent duplicated gateway_node entry (bsc#1051510).\n- batman-adv: Prevent duplicated global TT entry (bsc#1051510).\n- batman-adv: Prevent duplicated nc_node entry (bsc#1051510).\n- batman-adv: Prevent duplicated softif_vlan entry (bsc#1051510).\n- batman-adv: Prevent duplicated tvlv handler (bsc#1051510).\n- batman-adv: fix backbone_gw refcount on queue_work() failure (bsc#1051510).\n- batman-adv: fix hardif_neigh refcount on queue_work() failure (bsc#1051510).\n- bdi: Fix another oops in wb_workfn() (bsc#1112746).\n- bdi: Preserve kabi when adding cgwb_release_mutex (bsc#1112746).\n- be2net: Fix memory leak in be_cmd_get_profile_config() (bsc#1086288).\n- be2net: remove unused old AIC info (bsc#1086288).\n- be2net: remove unused old custom busy-poll fields (bsc#1086288 ).\n- blk-mq: I/O and timer unplugs are inverted in blktrace (bsc#1112713).\n- blkdev_report_zones_ioctl(): Use vmalloc() to allocate large buffers (bsc#1111819).\n- block, bfq: fix wrong init of saved start time for weight raising (bsc#1112708).\n- block: bfq: swap puts in bfqg_and_blkg_put (bsc#1112712).\n- block: bvec_nr_vecs() returns value for wrong slab (bsc#1111834).\n- bnx2x: Fix invalid memory access in rss hash config path (bsc#1050319).\n- bnx2x: Fix receiving tx-timeout in error or recovery state (bsc#1050319).\n- bpf/verifier: disallow pointer subtraction (bsc#1083647).\n- bpf: make cavium thunder compatible w/ bpf_xdp_adjust_tail (bsc#1110096).\n- btrfs: fix missing error return in btrfs_drop_snapshot (Git-fixes bsc#1109919).\n- btrfs: handle errors while updating refcounts in update_ref_for_cow (Git-fixes bsc#1109915).\n- cdc-acm: fix race between reset and control messaging (bsc#1051510).\n- ceph: avoid a use-after-free in ceph_destroy_options() (bsc#1111983).\n- cfg80211: fix a type issue in ieee80211_chandef_to_operating_class() (bsc#1051510).\n- cifs: Fix use after free of a mid_q_entry (bsc#1112903).\n- cifs: fix memory leak in SMB2_open() (bsc#1112894).\n- cifs: integer overflow in in SMB2_ioctl() (bsc#1051510).\n- clk: clk-fixed-factor: Clear OF_POPULATED flag in case of failure (bsc#1051510).\n- clk: rockchip: Add pclk_rkpwm_pmu to PMU critical clocks in rk3399 (bsc#1051510).\n- clk: tegra: bpmp: Do not crash when a clock fails to register (bsc#1051510).\n- clk: x86: Stop marking clocks as CLK_IS_CRITICAL (bsc#1051510).\n- clk: x86: add \u0027ether_clk\u0027 alias for Bay Trail / Cherry Trail (bsc#1051510).\n- clocksource/drivers/ti-32k: Add CLOCK_SOURCE_SUSPEND_NONSTOP flag for non-am43 SoCs (bsc#1051510).\n- clocksource/drivers/timer-atmel-pit: Properly handle error cases (bsc#1051510).\n- coda: fix \u0027kernel memory exposure attempt\u0027 in fsync (bsc#1051510).\n- cpu/hotplug: Fix SMT supported evaluation (bsc#1110006).\n- cpufreq, intel_pstate: Allow unspecified FADT profile to probe PPC (bnc#1108841).\n- crypto: caam/jr - fix ablkcipher_edesc pointer arithmetic (bsc#1051510).\n- crypto: cavium/nitrox - fix for command corruption in queue full case with backlog submissions (bsc#1051510).\n- crypto: ccp - add timeout support in the SEV command (bsc#1106838).\n- crypto: chelsio - Fix memory corruption in DMA Mapped buffers (bsc#1051510).\n- crypto: mxs-dcp - Fix wait logic on chan threads (bsc#1051510).\n- crypto: qat - Fix KASAN stack-out-of-bounds bug in adf_probe() (bsc#1051510).\n- cxgb4: fix abort_req_rss6 struct (bsc#1046540).\n- cxgb4: when disabling dcb set txq dcb priority to 0 (bsc#1046540 ).\n- dax: Fix deadlock in dax_lock_mapping_entry() (bsc#1109951).\n- debugobjects: Make stack check warning more informative (bsc#1051510).\n- declance: Fix continuation with the adapter identification message (bsc#1051510).\n- dmaengine: pl330: fix irq race with terminate_all (bsc#1051510).\n- drivers/base: stop new probing during shutdown (bsc#1051510).\n- drivers/tty: add error handling for pcmcia_loop_config (bsc#1051510).\n- drm/amdgpu: Enable/disable gfx PG feature in rlc safe mode (bsc#1051510).\n- drm/amdgpu: Fix SDMA HQD destroy error on gfx_v7 (bsc#1051510).\n- drm/amdgpu: Fix vce work queue was not cancelled when suspend (bsc#1106110)\n- drm/amdgpu: Pulling old prepare and submit for flip back (bsc#1051510).\n- drm/amdgpu: Update power state at the end of smu hw_init (bsc#1051510).\n- drm/amdgpu: add another ATPX quirk for TOPAZ (bsc#1051510).\n- drm/amdgpu: add new polaris pci id (bsc#1051510).\n- drm/amdgpu: fix error handling in amdgpu_cs_user_fence_chunk (bsc#1106110)\n- drm/amdgpu: revert \u0027fix deadlock of reservation between cs and gpu reset v2\u0027 (bsc#1051510).\n- drm/amdkfd: Fix error codes in kfd_get_process (bsc#1051510).\n- drm/edid: VSDB yCBCr420 Deep Color mode bit definitions (bsc#1051510).\n- drm/i915/glk: Add Quirk for GLK NUC HDMI port issues (bsc#1051510).\n- drm/i915: Handle incomplete Z_FINISH for compressed error states (bsc#1100132)\n- drm/nouveau/TBDdevinit: do not fail when PMU/PRE_OS is missing from VBIOS (bsc#1051510).\n- drm/nouveau/debugfs: Wake up GPU before doing any reclocking (bsc#1051510).\n- drm/nouveau/disp: fix DP disable race (bsc#1051510).\n- drm/nouveau/drm/nouveau: Do not forget to cancel hpd_work on suspend/unload (bsc#1051510).\n- drm/nouveau/drm/nouveau: Prevent handling ACPI HPD events too early (bsc#1051510).\n- drm/nouveau/drm/nouveau: Use pm_runtime_get_noresume() in connector_detect() (bsc#1051510).\n- drm/nouveau: Fix deadlocks in nouveau_connector_detect() (bsc#1051510).\n- drm/nouveau: Fix runtime PM leak in drm_open() (bsc#1051510).\n- drm/nouveau: tegra: Detach from ARM DMA/IOMMU mapping (bsc#1051510).\n- drm/sun4i: Fix an ulong overflow in the dotclock driver (bsc#1106110)\n- drm/sun4i: Fix releasing node when enumerating enpoints (bsc#1051510).\n- drm: mali-dp: Call drm_crtc_vblank_reset on device init (bsc#1051510).\n- drm: udl: Destroy framebuffer only if it was initialized (bsc#1051510).\n- e1000: check on netif_running() before calling e1000_up() (bsc#1051510).\n- e1000: ensure to free old tx/rx rings in set_ringparam() (bsc#1051510).\n- eeprom: at24: change nvmem stride to 1 (bsc#1051510).\n- eeprom: at24: check at24_read/write arguments (bsc#1051510).\n- eeprom: at24: correctly set the size for at24mac402 (bsc#1051510).\n- efi: Avoid potential crashes, fix the \u0027struct efi_pci_io_protocol_32\u0027 definition for mixed mode (bsc#1110006).\n- enic: do not call enic_change_mtu in enic_probe (bsc#1051510).\n- enic: handle mtu change for vf properly (bsc#1051510).\n- enic: initialize enic-\u003erfs_h.lock in enic_probe (bsc#1051510).\n- ethtool: Remove trailing semicolon for static inline (bsc#1051510).\n- ethtool: fix a privilege escalation bug (bsc#1076830).\n- evm: Do not deadlock if a crypto algorithm is unavailable (bsc#1051510).\n- ext2, dax: set ext2_dax_aops for dax files (bsc#1112554).\n- ext4: avoid arithemetic overflow that can trigger a BUG (bsc#1112736).\n- ext4: avoid divide by zero fault when deleting corrupted inline directories (bsc#1112735).\n- ext4: check for NUL characters in extended attribute\u0027s name (bsc#1112732).\n- ext4: check to make sure the rename(2)\u0027s destination is not freed (bsc#1112734).\n- ext4: do not mark mmp buffer head dirty (bsc#1112743).\n- ext4: fix online resize\u0027s handling of a too-small final block group (bsc#1112739).\n- ext4: fix online resizing for bigalloc file systems with a 1k block size (bsc#1112740).\n- ext4: fix spectre gadget in ext4_mb_regular_allocator() (bsc#1112733).\n- ext4: recalucate superblock checksum after updating free blocks/inodes (bsc#1112738).\n- ext4: reset error code in ext4_find_entry in fallback (bsc#1112731).\n- ext4: show test_dummy_encryption mount option in /proc/mounts (bsc#1112741).\n- fbdev/omapfb: fix omapfb_memory_read infoleak (bsc#1051510).\n- firmware, DMI: Add function to look up a handle and return DIMM size (bsc#1099125).\n- firmware: raspberrypi: Register hwmon driver (bsc#1108468).\n- floppy: Do not copy a kernel pointer to user memory in FDGETPRM ioctl (bsc#1051510).\n- fs/quota: Fix spectre gadget in do_quotactl (bsc#1112745).\n- fuse: Do not access pipe-\u003ebuffers without pipe_lock() (bsc#1051510).\n- gpio: Fix crash due to registration race (bsc#1051510).\n- gpio: adp5588: Fix sleep-in-atomic-context bug (bsc#1051510).\n- gpio: mb86s70: Revert \u0027Return error if requesting an already assigned gpio\u0027 (bsc#1051510).\n- gpiolib-acpi: Register GpioInt ACPI event handlers from a late_initcall (bsc#1051510).\n- gpiolib: Free the last requested descriptor (bsc#1051510).\n- hfs: prevent crash on exit from failed search (bsc#1051510).\n- hfsplus: do not return 0 when fill_super() failed (bsc#1051510).\n- hfsplus: stop workqueue when fill_super() failed (bsc#1051510).\n- hv: avoid crash in vmbus sysfs files (bnc#1108377).\n- hv_netvsc: fix schedule in RCU context ().\n- hwmon: (adt7475) Make adt7475_read_word() return errors (bsc#1051510).\n- hwmon: (ina2xx) fix sysfs shunt resistor read access (bsc#1051510).\n- hwmon: (nct6775) Set weight source to zero correctly (bsc#1051510).\n- hwmon: Add support for RPi voltage sensor (bsc#1108468).\n- hwmon: rpi: add module alias to raspberrypi-hwmon (bsc#1108468).\n- hypfs_kill_super(): deal with failed allocations (bsc#1051510).\n- i2c: i2c-scmi: fix for i2c_smbus_write_block_data (bsc#1051510).\n- i2c: rcar: cleanup DMA for all kinds of failure (bsc#1051510).\n- intel_th: pci: Add Ice Lake PCH support (bsc#1051510).\n- iommu/amd: Clear memory encryption mask from physical address (bsc#1106105).\n- iommu/arm-smmu: Error out only if not enough context interrupts (bsc#1106237).\n- iommu/vt-d: Add definitions for PFSID (bsc#1106237).\n- iommu/vt-d: Fix dev iotlb pfsid use (bsc#1106237).\n- iommu/vt-d: Fix scatterlist offset handling (bsc#1106237).\n- ipmi:ssif: Add support for multi-part transmit messages \u003e 2 parts (bsc#1103308).\n- ipv4: fix use-after-free in ip_cmsg_recv_dstaddr() (git-fixes).\n- irq/core: Fix boot crash when the irqaffinity= boot parameter is passed on CPUMASK_OFFSTACK=y kernels(v1) (bsc#1051510).\n- iwlwifi: dbg: do not crash if the firmware crashes in the middle of a debug dump (bsc#1051510).\n- iwlwifi: mvm: Allow TKIP for AP mode (bsc#1051510).\n- iwlwifi: mvm: check for n_profiles validity in EWRD ACPI (bsc#1051510).\n- iwlwifi: mvm: clear HW_RESTART_REQUESTED when stopping the interface (bsc#1051510).\n- iwlwifi: mvm: open BA session only when sta is authorized (bsc#1051510).\n- iwlwifi: mvm: send BCAST management frames to the right station (bsc#1051510).\n- iwlwifi: pcie gen2: check iwl_pcie_gen2_set_tb() return value (bsc#1051510).\n- iwlwifi: pcie: gen2: build A-MSDU only for GSO (bsc#1051510).\n- jbd2: fix use after free in jbd2_log_do_checkpoint() (bsc#1113257).\n- kABI: Hide get_msr_feature() in kvm_x86_ops (bsc#1106240).\n- kabi protect enum mem_type (bsc#1099125).\n- kprobes/x86: Disable preemption in ftrace-based jprobes (bsc#1110006).\n- kprobes/x86: Fix %p uses in error messages (bsc#1110006).\n- kprobes/x86: Prohibit probing on exception masking instructions (bsc#1110006).\n- ksm: fix unlocked iteration over vmas in cmp_and_merge_page() (VM Functionality bsc#1111806).\n- kvm, mm: account shadow page tables to kmemcg (bsc#1110006).\n- kvm/x86: kABI fix for vm_alloc/vm_free changes (bsc#1111506).\n- kvm: Make VM ioctl do valloc for some archs (bsc#1111506).\n- kvm: x86: Set highest physical address bits in non-present/reserved SPTEs (bsc#1106240).\n- kvm: x86: fix KVM_XEN_HVM_CONFIG ioctl (bsc#1110006).\n- kvmclock: fix TSC calibration for nested guests (bsc#1110006).\n- lib/bug.c: exclude non-BUG/WARN exceptions from report_bug() (bsc#1110006).\n- lib/ubsan.c: s/missaligned/misaligned/ (bsc#1051510).\n- lib/ubsan: add type mismatch handler for new GCC/Clang (bsc#1051510).\n- libertas: call into generic suspend code before turning off power (bsc#1051510).\n- liquidio: fix hang when re-binding VF host drv after running DPDK VF driver (bsc#1067126).\n- liquidio: fix kernel panic in VF driver (bsc#1067126).\n- loop: add recursion validation to LOOP_CHANGE_FD (bsc#1112711).\n- loop: do not call into filesystem while holding lo_ctl_mutex (bsc#1112710).\n- loop: fix LOOP_GET_STATUS lock imbalance (bsc#1113284).\n- mac80211: Fix station bandwidth setting after channel switch (bsc#1051510).\n- mac80211: Run TXQ teardown code before de-registering interfaces (bsc#1051510).\n- mac80211: correct use of IEEE80211_VHT_CAP_RXSTBC_X (bsc#1051510).\n- mac80211: do not Tx a deauth frame if the AP forbade Tx (bsc#1051510).\n- mac80211: do not convert to A-MSDU if frag/subframe limited (bsc#1051510).\n- mac80211: fix a race between restart and CSA flows (bsc#1051510).\n- mac80211: fix setting IEEE80211_KEY_FLAG_RX_MGMT for AP mode keys (bsc#1051510).\n- mac80211: mesh: fix HWMP sequence numbering to follow standard (bsc#1051510).\n- mac80211: minstrel: fix using short preamble CCK rates on HT clients (bsc#1051510).\n- mac80211: shorten the IBSS debug messages (bsc#1051510).\n- mac80211_hwsim: correct use of IEEE80211_VHT_CAP_RXSTBC_X (bsc#1051510).\n- mac80211_hwsim: require at least one channel (bsc#1051510).\n- mach64: detect the dot clock divider correctly on sparc (bsc#1051510).\n- media: af9035: prevent buffer overflow on write (bsc#1051510).\n- media: davinci: vpif_display: Mix memory leak on probe error path (bsc#1051510).\n- media: fsl-viu: fix error handling in viu_of_probe() (bsc#1051510).\n- media: helene: fix xtal frequency setting at power on (bsc#1051510).\n- media: s3c-camif: ignore -ENOIOCTLCMD from v4l2_subdev_call for s_power (bsc#1051510).\n- media: s5p-mfc: Fix buffer look up in s5p_mfc_handle_frame_{new, copy_time} functions (bsc#1051510).\n- media: soc_camera: ov772x: correct setting of banding filter (bsc#1051510).\n- media: tm6000: add error handling for dvb_register_adapter (bsc#1051510).\n- media: videobuf-dma-sg: Fix dma_{sync,unmap}_sg() calls (bsc#1051510).\n- media: videobuf2-core: check for q-\u003eerror in vb2_core_qbuf() (bsc#1051510).\n- mm/migrate: Use spin_trylock() while resetting rate limit ().\n- mm: /proc/pid/pagemap: hide swap entries from unprivileged users (Git-fixes bsc#1109907).\n- mm: Preserve _PAGE_DEVMAP across mprotect() calls (bsc#1111028).\n- mm: fix BUG_ON() in vmf_insert_pfn_pud() from VM_MIXEDMAP removal (bsc#1111841).\n- mmc: block: avoid multiblock reads for the last sector in SPI mode (bsc#1051510).\n- mwifiex: handle race during mwifiex_usb_disconnect (bsc#1051510).\n- net: add support for Cavium PTP coprocessor (bsc#1110096).\n- net: cavium: fix NULL pointer dereference in cavium_ptp_put (bsc#1110096).\n- net: cavium: use module_pci_driver to simplify the code (bsc#1110096).\n- net: thunder: change q_len\u0027s type to handle max ring size (bsc#1110096).\n- net: thunderx: Set max queue count taking XDP_TX into account (bsc#1110096).\n- net: thunderx: add MAC address filter tracking for LMAC (bsc#1110096).\n- net: thunderx: add XCAST messages handlers for PF (bsc#1110096).\n- net: thunderx: add multicast filter management support (bsc#1110096).\n- net: thunderx: add ndo_set_rx_mode callback implementation for VF (bsc#1110096).\n- net: thunderx: add new messages for handle ndo_set_rx_mode callback (bsc#1110096).\n- net: thunderx: add timestamping support (bsc#1110096).\n- net: thunderx: add workqueue control structures for handle ndo_set_rx_mode request (bsc#1110096).\n- net: thunderx: check for failed allocation lmac-\u003edmacs (bsc#1110096).\n- net: thunderx: fix double free error (bsc#1110096).\n- net: thunderx: move filter register related macro into proper place (bsc#1110096).\n- net: thunderx: prevent concurrent data re-writing by nicvf_set_rx_mode (bsc#1110096).\n- net: thunderx: remove a couple of redundant assignments (bsc#1110096).\n- net: thunderx: rework mac addresses list to u64 array (bsc#1110096).\n- nvme: call nvme_complete_rq when nvmf_check_ready fails for mpath I/O (bsc#1107685).\n- objtool, kprobes/x86: Sync the latest \u003casm/insn.h\u003e header with tools/objtool/arch/x86/include/asm/insn.h (bsc#1110006).\n- orangefs: fix deadlock; do not write i_size in read_iter (bsc#1051510).\n- orangefs: initialize op on loop restart in orangefs_devreq_read (bsc#1051510).\n- orangefs: use list_for_each_entry_safe in purge_waiting_ops (bsc#1051510).\n- orangefs_kill_sb(): deal with allocation failures (bsc#1051510).\n- ovl: Sync upper dirty data when syncing overlayfs (git-fixes).\n- ovl: fix format of setxattr debug (git-fixes).\n- perf/x86/amd/ibs: Do not access non-started event (bsc#1110006).\n- perf/x86/cstate: Fix possible Spectre-v1 indexing for pkg_msr (bsc#1110006).\n- perf/x86/intel/lbr: Fix incomplete LBR call stack (bsc#1110006).\n- perf/x86/intel/uncore: Correct fixed counter index check for NHM (bsc#1110006).\n- perf/x86/intel/uncore: Correct fixed counter index check in generic code (bsc#1110006).\n- perf/x86/intel/uncore: Fix Skylake UPI event format (bsc#1110006).\n- perf/x86/intel: Do not accidentally clear high bits in bdw_limit_period() (bsc#1110006).\n- perf/x86/intel: Fix event update for auto-reload (bsc#1110006).\n- perf/x86/intel: Fix large period handling on Broadwell CPUs (bsc#1110006).\n- perf/x86/intel: Fix linear IP of PEBS real_ip on Haswell and later CPUs (bsc#1110006).\n- perf/x86/intel: Properly save/restore the PMU state in the NMI handler (bsc#1110006).\n- perf/x86/msr: Fix possible Spectre-v1 indexing in the MSR driver (bsc#1110006).\n- perf/x86: Fix possible Spectre-v1 indexing for x86_pmu::event_map() (bsc#1110006).\n- perf/x86: Fix possible Spectre-v1 indexing for hw_perf_event cache_* (bsc#1110006).\n- powerpc/firmware: Add definitions for new drc-info firmware feature (bsc#1109158).\n- powerpc/numa: Skip onlining a offline node in kdump path (bsc#1109784).\n- powerpc/powernv/ioda2: Reduce upper limit for DMA window size (bsc#1055120).\n- powerpc/pseries/mm: Introducing FW_FEATURE_BLOCK_REMOVE (bsc#1109158).\n- powerpc/pseries/mm: call H_BLOCK_REMOVE (bsc#1109158).\n- powerpc/pseries/mm: factorize PTE slot computation (bsc#1109158).\n- powerpc/pseries: Fix CONFIG_NUMA=n build (bsc#1067906, git-fixes).\n- powerpc/pseries: Fix build break for SPLPAR=n and CPU hotplug (bsc#1079524, git-fixes).\n- powerpc/pseries: Fix duplicate firmware feature for DRC_INFO (bsc#1109158).\n- powerpc/rtas: Fix a potential race between CPU-Offline \u0026 Migration (bsc#1111870).\n- printk/tracing: Do not trace printk_nmi_enter() (bsc#1112208).\n- printk: drop in_nmi check from printk_safe_flush_on_panic() (bsc#1112170).\n- proc: restrict kernel stack dumps to root (git-fixes). blacklist.conf:\n- ptrace,x86: Make user_64bit_mode() available to 32-bit builds (bsc#1110006).\n- qed: Add missing device config for RoCE EDPM in UFP mode (bsc#1109217).\n- qed: Avoid sending mailbox commands when MFW is not responsive (bsc#1050536).\n- qed: Do not add VLAN 0 tag to untagged frames in multi-function mode (bsc#1050536).\n- qed: Fix populating the invalid stag value in multi function mode (bsc#1050536).\n- qed: Fix shmem structure inconsistency between driver and the mfw (bsc#1110561).\n- qed: Prevent a possible deadlock during driver load and unload (bsc#1050536).\n- qed: Wait for MCP halt and resume commands to take place (bsc#1050536).\n- qed: Wait for ready indication before rereading the shmem (bsc#1050536).\n- qlcnic: fix Tx descriptor corruption on 82xx devices (bsc#1050540).\n- qmi_wwan: Added support for Gemalto\u0027s Cinterion ALASxx WWAN interface (bsc#1051510).\n- qmi_wwan: set DTR for modems in forced USB2 mode (bsc#1051510).\n- qrtr: add MODULE_ALIAS macro to smd (bsc#1051510).\n- r8169: Clear RTL_FLAG_TASK_*_PENDING when clearing RTL_FLAG_TASK_ENABLED (bsc#1051510).\n- rculist: Improve documentation for list_for_each_entry_from_rcu() (bsc#1084760).\n- rculist: add list_for_each_entry_from_rcu() (bsc#1084760).\n- reiserfs: add check to detect corrupted directory entry (bsc#1109818).\n- reiserfs: do not panic on bad directory entries (bsc#1109818).\n- rename a hv patch to reduce conflicts in -AZURE\n- reorder a qedi patch to allow further work in this branch\n- rpc_pipefs: fix double-dput() (bsc#1051510).\n- rtc: bq4802: add error handling for devm_ioremap (bsc#1051510).\n- sched/numa: Limit the conditions where scan period is reset ().\n- scsi: core: Allow state transitions from OFFLINE to BLOCKED (bsc#1112246).\n- scsi: ipr: Eliminate duplicate barriers ().\n- scsi: ipr: Use dma_pool_zalloc() ().\n- scsi: ipr: fix incorrect indentation of assignment statement ().\n- scsi: libfc: check fc_frame_payload_get() return value for null (bsc#1104731).\n- scsi: libfc: retry PRLI if we cannot analyse the payload (bsc#1104731).\n- scsi: qedi: Add the CRC size within iSCSI NVM image (bsc#1110538).\n- scsi: qedi: Initialize the stats mutex lock (bsc#1110538).\n- scsi: qla2xxx: Fix NVMe Target discovery (bsc#1108870).\n- scsi: qla2xxx: Fix NVMe session hang on unload (bsc#1108870).\n- scsi: qla2xxx: Fix driver hang when FC-NVMe LUNs are configured (bsc#1108870).\n- scsi: qla2xxx: Fix duplicate switch database entries (bsc#1108870).\n- scsi: qla2xxx: Fix for double free of SRB structure (bsc#1108870).\n- scsi: qla2xxx: Fix memory leak for allocating abort IOCB (bsc#1111830).\n- scsi: qla2xxx: Fix re-using LoopID when handle is in use (bsc#1108870).\n- scsi: qla2xxx: Fix recursive mailbox timeout (bsc#1108870).\n- scsi: qla2xxx: Move log messages before issuing command to firmware (bsc#1108870).\n- scsi: qla2xxx: Return switch command on a timeout (bsc#1108870).\n- scsi: qla2xxx: do not allow negative thresholds (bsc#1108870).\n- scsi: target: prefer dbroot of /etc/target over /var/target (bsc#1111928).\n- selftests/x86: Add tests for User-Mode Instruction Prevention (bsc#1110006).\n- selftests/x86: Add tests for the STR and SLDT instructions (bsc#1110006).\n- serial: 8250_exar: Read INT0 from slave device, too (bsc#1051510).\n- serial: cpm_uart: return immediately from console poll (bsc#1051510).\n- serial: imx: restore handshaking irq for imx1 (bsc#1051510).\n- series.conf: moved some Xen patches to the sorted region xen/blkfront: correct purging of persistent grants (bnc#1112514).\n- signal: Properly deliver SIGSEGV from x86 uprobes (bsc#1110006).\n- smb2: fix missing files in root share directory listing (bsc#1112907).\n- smb3: fill in statfs fsid and correct namelen (bsc#1112905).\n- smb3: fix reset of bytes read and written stats (bsc#1112906).\n- smb3: on reconnect set PreviousSessionId field (bsc#1112899).\n- soc: fsl: qe: Fix copy/paste bug in ucc_get_tdm_sync_shift() (bsc#1051510).\n- soc: mediatek: pwrap: fix cipher init setting error (bsc#1051510).\n- sock_diag: fix use-after-free read in __sk_free (bsc#1051510).\n- soreuseport: initialise timewait reuseport field (bsc#1051510).\n- sound: do not call skl_init_chip() to reset intel skl soc (bsc#1051510).\n- sound: enable interrupt after dma buffer initialization (bsc#1051510).\n- spi: rspi: Fix interrupted DMA transfers (bsc#1051510).\n- spi: rspi: Fix invalid SPI use during system suspend (bsc#1051510).\n- spi: sh-msiof: Fix handling of write value for SISTR register (bsc#1051510).\n- spi: sh-msiof: Fix invalid SPI use during system suspend (bsc#1051510).\n- spi: tegra20-slink: explicitly enable/disable clock (bsc#1051510).\n- squashfs metadata 2: electric boogaloo (bsc#1051510).\n- squashfs: be more careful about metadata corruption (bsc#1051510).\n- squashfs: more metadata hardening (bsc#1051510).\n- squashfs: more metadata hardening (bsc#1051510).\n- stm: Potential read overflow in stm_char_policy_set_ioctl() (bsc#1051510).\n- supported.conf: added cavium_ptp\n- supported.conf: mark raspberrypi-hwmon as supported\n- switchtec: Fix Spectre v1 vulnerability (bsc#1051510).\n- sysfs: Do not return POSIX ACL xattrs via listxattr (git-fixes).\n- target: log Data-Out timeouts as errors (bsc#1095805).\n- target: log NOP ping timeouts as errors (bsc#1095805).\n- target: split out helper for cxn timeout error stashing (bsc#1095805).\n- target: stash sess_err_stats on Data-Out timeout (bsc#1095805).\n- target: use ISCSI_IQN_LEN in iscsi_target_stat (bsc#1095805).\n- team: Forbid enslaving team device to itself (bsc#1051510).\n- thermal: of-thermal: disable passive polling when thermal zone is disabled (bsc#1051510).\n- tools/vm/page-types.c: fix \u0027defined but not used\u0027 warning (bsc#1051510).\n- tools/vm/slabinfo.c: fix sign-compare warning (bsc#1051510).\n- tracing/x86/xen: Remove zero data size trace events trace_xen_mmu_flush_tlb{_all} (bsc#1110006).\n- tracing: Add barrier to trace_printk() buffer nesting modification (bsc#1112219).\n- tsl2550: fix lux1_input error in low light (bsc#1051510).\n- tty: Drop tty-\u003ecount on tty_reopen() failure (bsc#1051510).\n- tty: rocket: Fix possible buffer overwrite on register_PCI (bsc#1051510).\n- tty: serial: exar: Relocate sleep wake-up handling (bsc#1051510).\n- tty: serial: lpuart: avoid leaking struct tty_struct (bsc#1051510).\n- tty: vt_ioctl: fix potential Spectre v1 (bsc#1051510).\n- ubifs: Check for name being NULL while mounting (bsc#1051510).\n- udp: Unbreak modules that rely on external __skb_recv_udp() availability (bsc#1109151).\n- uprobes/x86: Prohibit probing on MOV SS instruction (bsc#1110006).\n- usb: Avoid use-after-free by flushing endpoints early in usb_set_interface() (bsc#1051510).\n- usb: cdc_acm: Do not leak URB buffers (bsc#1051510).\n- usb: dwc2: Turn on uframe_sched on \u0027amlogic\u0027 platforms (bsc#1102881).\n- usb: dwc2: Turn on uframe_sched on \u0027bcm\u0027 platforms (bsc#1102881).\n- usb: dwc2: Turn on uframe_sched on \u0027his\u0027 platforms (bsc#1102881).\n- usb: dwc2: Turn on uframe_sched on \u0027stm32f4x9_fsotg\u0027 platforms (bsc#1102881).\n- usb: gadget: fotg210-udc: Fix memory leak of fotg210-\u003eep[i] (bsc#1051510).\n- usb: host: u132-hcd: Fix a sleep-in-atomic-context bug in u132_get_frame() (bsc#1051510).\n- usb: misc: uss720: Fix two sleep-in-atomic-context bugs (bsc#1051510).\n- usb: musb: dsps: do not disable CPPI41 irq in driver teardown (bsc#1051510).\n- usb: uas: add support for more quirk flags (bsc#1051510).\n- usb: wusbcore: security: cast sizeof to int for comparison (bsc#1051510).\n- usb: xhci-mtk: resume USB3 roothub first (bsc#1051510).\n- userfaultfd: hugetlbfs: fix userfaultfd_huge_must_wait() pte access (bsc#1109739).\n- uwb: hwa-rc: fix memory leak at probe (bsc#1051510).\n- vfs/proc/kcore, x86/mm/kcore: Fix SMAP fault when dumping vsyscall user page (bsc#1110006).\n- virtio: pci-legacy: Validate queue pfn (bsc#1051510).\n- vmbus: do not return values for uninitalized channels (bsc#1051510).\n- vti4: Do not count header length twice on tunnel setup (bsc#1051510).\n- vti6: fix PMTU caching and reporting on xmit (bsc#1051510).\n- vti6: remove !skb-\u003eignore_df check from vti6_xmit() (bsc#1051510).\n- x86-64/realmode: Add instruction suffix (bsc#1110006).\n- x86-memory_failure-Introduce-set-clear-_mce_nospec.patch: One more fixup to avoid even warning about statement without effect.\n- x86/CPU/AMD: Have smp_num_siblings and cpu_llc_id always be present (bsc#1110006).\n- x86/CPU: Add a microcode loader callback (bsc#1110006).\n- x86/CPU: Check CPU feature bits after microcode upgrade (bsc#1110006).\n- x86/EISA: Do not probe EISA bus for Xen PV guests (bsc#1110006).\n- x86/KVM/VMX: Do not set l1tf_flush_l1d from vmx_handle_external_intr() (bsc#1110006).\n- x86/KVM/VMX: Do not set l1tf_flush_l1d to true from vmx_l1d_flush() (bsc#1110006).\n- x86/KVM/VMX: Move the l1tf_flush_l1d test to vmx_l1d_flush() (bsc#1110006).\n- x86/KVM/VMX: Replace \u0027vmx_l1d_flush_always\u0027 with \u0027vmx_l1d_flush_cond\u0027 (bsc#1110006).\n- x86/Kconfig: Limit NR_CPUS on 32-bit to a sane amount (bsc#1110006).\n- x86/LDT: Avoid warning in 32-bit builds with older gcc (bsc#1110006).\n- x86/MCE/AMD: Define a function to get SMCA bank type (bsc#1110006).\n- x86/MCE: Fix stack out-of-bounds write in mce-inject.c: Flags_read() (bsc#1110006).\n- x86/MCE: Remove min interval polling limitation (bsc#1110006).\n- x86/MCE: Report only DRAM ECC as memory errors on AMD systems (bsc#1110006).\n- x86/MCE: Serialize sysfs changes (bsc#1110006).\n- x86/acpi: Prevent X2APIC id 0xffffffff from being accounted (bsc#1110006).\n- x86/alternatives: Fixup alternative_call_2 (bsc#1110006).\n- x86/apic: Set up through-local-APIC mode on the boot CPU if \u0027noapic\u0027 specified (bsc#1110006).\n- x86/asm: Add _ASM_ARG* constants for argument registers to \u003casm/asm.h\u003e (bsc#1110006).\n- x86/asm: Allow again using asm.h when building for the \u0027bpf\u0027 clang target (bsc#1110006).\n- x86/asm: Do not use the confusing \u0027.ifeq\u0027 directive (bsc#1110006).\n- x86/boot/64: Verify alignment of the LOAD segment (bsc#1110006).\n- x86/boot/compressed/64: Print error if 5-level paging is not supported (bsc#1110006).\n- x86/boot: Fix if_changed build flip/flop bug (bsc#1110006).\n- x86/boot: Move EISA setup to a separate file (bsc#1110006).\n- x86/boot: Relocate definition of the initial state of CR0 (bsc#1110006).\n- x86/build: Beautify build log of syscall headers (bsc#1110006).\n- x86/cpu/AMD: Apply the Erratum 688 fix when the BIOS does not (bsc#1110006).\n- x86/cpu/intel: Add missing TLB cpuid values (bsc#1110006).\n- x86/cpufeature: Add User-Mode Instruction Prevention definitions (bsc#1110006).\n- x86/cpufeatures: Add Intel PCONFIG cpufeature (bsc#1110006).\n- x86/cpufeatures: Add Intel Total Memory Encryption cpufeature (bsc#1110006).\n- x86/debug: Handle warnings before the notifier chain, to fix KGDB crash (bsc#1110006).\n- x86/decoder: Add new TEST instruction pattern (bsc#1110006).\n- x86/efi: Fix efi_call_phys_epilog() with CONFIG_X86_5LEVEL=y (bsc#1110006).\n- x86/eisa: Add missing include (bsc#1110006).\n- x86/entry/64: Add two more instruction suffixes (bsc#1110006).\n- x86/entry/64: Use \u0027xorl\u0027 for faster register clearing (bsc#1110006).\n- x86/entry: Reduce the code footprint of the \u0027idtentry\u0027 macro (bsc#1110006).\n- x86/entry: Use SYSCALL_DEFINE() macros for sys_modify_ldt() (bsc#1110006).\n- x86/fpu/debug: Remove unused \u0027x86_fpu_state\u0027 and \u0027x86_fpu_deactivate_state\u0027 tracepoints (bsc#1110006).\n- x86/fpu: Make XSAVE check the base CPUID features before enabling (bsc#1110006).\n- x86/fpu: Parse clearcpuid= as early XSAVE argument (bsc#1110006).\n- x86/fpu: Remove second definition of fpu in __fpu__restore_sig() (bsc#1110006).\n- x86/fpu: Remove the explicit clearing of XSAVE dependent features (bsc#1110006).\n- x86/hyperv: Check for required priviliges in hyperv_init() (bsc#1110006).\n- x86/intel_rdt: Enable CMT and MBM on new Skylake stepping (bsc#1110006).\n- x86/intel_rdt: Fix incorrect returned value when creating rdgroup sub-directory in resctrl file system (bsc#1110006).\n- x86/intel_rdt: Fix potential deadlock during resctrl mount (bsc#1110006).\n- x86/intel_rdt: Fix potential deadlock during resctrl unmount (bsc#1110006).\n- x86/irq: Remove an old outdated comment about context tracking races (bsc#1110006).\n- x86/kasan: Panic if there is not enough memory to boot (bsc#1110006).\n- x86/kexec: Make kexec (mostly) work in 5-level paging mode (bsc#1110006).\n- x86/kprobes: Fix kernel crash when probing .entry_trampoline code (bsc#1110006).\n- x86/kvm/vmx: Remove duplicate l1d flush definitions (bsc#1110006).\n- x86/mce/AMD: Get address from already initialized block (bsc#1110006).\n- x86/mce: Add notifier_block forward declaration (bsc#1110006).\n- x86/mce: Check for alternate indication of machine check recovery on Skylake (bsc#1110006).\n- x86/mce: Do not overwrite MCi_STATUS in mce_no_way_out() (bsc#1110006).\n- x86/mce: Fix incorrect \u0027Machine check from unknown source\u0027 message (bsc#1110006).\n- x86/microcode/intel: Check microcode revision before updating sibling threads (bsc#1110006).\n- x86/microcode/intel: Fix memleak in save_microcode_patch() (bsc#1110006).\n- x86/microcode/intel: Look into the patch cache first (bsc#1110006).\n- x86/microcode/intel: Save microcode patch unconditionally (bsc#1110006).\n- x86/microcode/intel: Writeback and invalidate caches before updating microcode (bsc#1110006).\n- x86/microcode: Allow late microcode loading with SMT disabled (bsc#1110006).\n- x86/microcode: Attempt late loading only when new microcode is present (bsc#1110006).\n- x86/microcode: Do not exit early from __reload_late() (bsc#1110006).\n- x86/microcode: Do not upload microcode if CPUs are offline (bsc#1110006).\n- x86/microcode: Fix CPU synchronization routine (bsc#1110006).\n- x86/microcode: Get rid of struct apply_microcode_ctx (bsc#1110006).\n- x86/microcode: Make sure boot_cpu_data.microcode is up-to-date (bsc#1110006).\n- x86/microcode: Make the late update update_lock a raw lock for RT (bsc#1110006).\n- x86/microcode: Propagate return value from updating functions (bsc#1110006).\n- x86/microcode: Request microcode on the BSP (bsc#1110006).\n- x86/microcode: Synchronize late microcode loading (bsc#1110006).\n- x86/microcode: Update the new microcode revision unconditionally (bsc#1110006).\n- x86/mm/32: Initialize the CR4 shadow before __flush_tlb_all() (bsc#1110006).\n- x86/mm/64: Rename the register_page_bootmem_memmap() \u0027size\u0027 parameter to \u0027nr_pages\u0027 (bsc#1110006).\n- x86/mm/kmmio: Fix mmiotrace for page unaligned addresses (bsc#1110006).\n- x86/mm/kmmio: Make the tracer robust against L1TF (bsc#1110006).\n- x86/mm/pat: Make set_memory_np() L1TF safe (bsc#1110006).\n- x86/mm/pti: Add an overflow check to pti_clone_pmds() (bsc#1110006).\n- x86/mm/pti: Fix PTI comment in entry_SYSCALL_64() (bsc#1110006).\n- x86/mm: Define _PAGE_TABLE using _KERNPG_TABLE (bsc#1110006).\n- x86/mm: Do not forbid _PAGE_RW before init for __ro_after_init (bsc#1110006).\n- x86/mm: Fix bogus warning during EFI bootup, use boot_cpu_has() instead of this_cpu_has() in build_cr3_noflush() (bsc#1110006).\n- x86/mm: Relocate page fault error codes to traps.h (bsc#1110006).\n- x86/mm: Remove in_nmi() warning from vmalloc_fault() (bsc#1110006).\n- x86/nmi: Fix NMI uaccess race against CR3 switching (bsc#1110006).\n- x86/numa_emulation: Fix emulated-to-physical node mapping (bsc#1110006).\n- x86/oprofile: Fix bogus GCC-8 warning in nmi_setup() (bsc#1110006).\n- x86/pae: use 64 bit atomic xchg function in native_ptep_get_and_clear (bsc#1110006).\n- x86/paravirt: Fix some warning messages (bnc#1065600).\n- x86/paravirt: Remove \u0027noreplace-paravirt\u0027 cmdline option (bsc#1110006).\n- x86/percpu: Fix this_cpu_read() (bsc#1110006).\n- x86/pgtable: Do not set huge PUD/PMD on non-leaf entries (bsc#1110006).\n- x86/power: Fix swsusp_arch_resume prototype (bsc#1110006).\n- x86/pti: Check the return value of pti_user_pagetable_walk_p4d() (bsc#1110006).\n- x86/pti: Check the return value of pti_user_pagetable_walk_pmd() (bsc#1110006).\n- x86/retpoline/checksum32: Convert assembler indirect jumps (bsc#1110006).\n- x86/retpoline/irq32: Convert assembler indirect jumps (bsc#1110006).\n- x86/smp: fix non-SMP broken build due to redefinition of apic_id_is_primary_thread (bsc#1110006).\n- x86/smpboot: Do not use mwait_play_dead() on AMD systems (bsc#1110006).\n- x86/spectre: Fix spelling mistake: \u0027vunerable\u0027-\u003e \u0027vulnerable\u0027 (bsc#1110006).\n- x86/speculation, objtool: Annotate indirect calls/jumps for objtool on 32-bit kernels (bsc#1110006).\n- x86/speculation/l1tf: Exempt zeroed PTEs from inversion (bsc#1110006).\n- x86/speculation/l1tf: Extend 64bit swap file size limit (bsc#1110006).\n- x86/speculation/l1tf: Fix overflow in l1tf_pfn_limit() on 32bit (bsc#1105536).\n- x86/speculation/l1tf: Fix up pte-\u003epfn conversion for PAE (bsc#1110006).\n- x86/speculation/l1tf: Invert all not present mappings (bsc#1110006).\n- x86/speculation/l1tf: Make pmd/pud_mknotpresent() invert (bsc#1110006).\n- x86/speculation/l1tf: Protect PAE swap entries against L1TF (bsc#1110006).\n- x86/speculation: Simplify sysfs report of VMX L1TF vulnerability (bsc#1110006).\n- x86/time: Correct the attribute on jiffies\u0027 definition (bsc#1110006).\n- x86/topology: Update the \u0027cpu cores\u0027 field in /proc/cpuinfo correctly across CPU hotplug operations (bsc#1110006).\n- x86/tsc: Add missing header to tsc_msr.c (bsc#1110006).\n- x86/tsc: Allow TSC calibration without PIT (bsc#1110006).\n- x86/tsc: Prevent 32bit truncation in calc_hpet_ref() (bsc#1110006).\n- x86/vdso: Fix asm constraints on vDSO syscall fallbacks (bsc#1110006).\n- x86/vdso: Fix vDSO syscall fallback asm constraint regression (bsc#1110006).\n- x86/xen: Delay get_cpu_cap until stack canary is established (bsc#1110006).\n- x86/xen: Drop 5-level paging support code from the XEN_PV code (bsc#1110006).\n- x86/xen: Reset VCPU0 info pointer after shared_info remap (bsc#1110006).\n- x86/xen: do not write ptes directly in 32-bit PV guests (bsc#1110006).\n- x86: Add check for APIC access address for vmentry of L2 guests (bsc#1110006).\n- x86: Call fixup_exception() before notify_die() in math_error() (bsc#1110006).\n- x86: Delay skip of emulated hypercall instruction (bsc#1110006).\n- x86: PM: Make APM idle driver initialize polling state (bsc#1110006).\n- x86: i8259: Add missing include file (bsc#1110006).\n- x86: kvm: avoid unused variable warning (bsc#1110006).\n- xen-swiotlb: fix the check condition for xen_swiotlb_free_coherent (bnc#1065600).\n- xen/PVH: Set up GS segment for stack canary (bsc#1110006).\n- xen/gntdev: avoid out of bounds access in case of partial gntdev_mmap() (bnc#1065600).\n- xen/x86/vpmu: Zero struct pt_regs before calling into sample handling code (bsc#1110006).\n- xen: Fix {set,clear}_foreign_p2m_mapping on autotranslating guests (bsc#1110006).\n- xen: Remove unnecessary BUG_ON from __unbind_from_irq() (bnc#1065600).\n- xfrm: use complete IPv6 addresses for hash (bsc#1109330).\n- xfs: do not fail when converting shortform attr to long form during ATTR_REPLACE (bsc#1105025).\n- xhci: Add missing CAS workaround for Intel Sunrise Point xHCI (bsc#1051510).\n- xhci: Do not print a warning when setting link state for disabled ports (bsc#1051510).\n",
        "title": "Description of the patch"
      },
      {
        "category": "details",
        "text": "SUSE-SLE-Module-Basesystem-15-2018-2547,SUSE-SLE-Module-Development-Tools-15-2018-2547,SUSE-SLE-Module-Development-Tools-OBS-15-2018-2547,SUSE-SLE-Module-Legacy-15-2018-2547,SUSE-SLE-Product-HA-15-2018-2547,SUSE-SLE-Product-WE-15-2018-2547",
        "title": "Patchnames"
      },
      {
        "category": "legal_disclaimer",
        "text": "CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).",
        "title": "Terms of use"
      }
    ],
    "publisher": {
      "category": "vendor",
      "contact_details": "https://www.suse.com/support/security/contact/",
      "name": "SUSE Product Security Team",
      "namespace": "https://www.suse.com/"
    },
    "references": [
      {
        "category": "external",
        "summary": "SUSE ratings",
        "url": "https://www.suse.com/support/security/rating/"
      },
      {
        "category": "self",
        "summary": "URL of this CSAF notice",
        "url": "https://ftp.suse.com/pub/projects/security/csaf/suse-su-2018_3589-1.json"
      },
      {
        "category": "self",
        "summary": "URL for SUSE-SU-2018:3589-1",
        "url": "https://www.suse.com/support/update/announcement/2018/suse-su-20183589-1/"
      },
      {
        "category": "self",
        "summary": "E-Mail link for SUSE-SU-2018:3589-1",
        "url": "https://lists.suse.com/pipermail/sle-security-updates/2018-October/004818.html"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1046540",
        "url": "https://bugzilla.suse.com/1046540"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1050319",
        "url": "https://bugzilla.suse.com/1050319"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1050536",
        "url": "https://bugzilla.suse.com/1050536"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1050540",
        "url": "https://bugzilla.suse.com/1050540"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1051510",
        "url": "https://bugzilla.suse.com/1051510"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1055120",
        "url": "https://bugzilla.suse.com/1055120"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1065600",
        "url": "https://bugzilla.suse.com/1065600"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1066674",
        "url": "https://bugzilla.suse.com/1066674"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1067126",
        "url": "https://bugzilla.suse.com/1067126"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1067906",
        "url": "https://bugzilla.suse.com/1067906"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1076830",
        "url": "https://bugzilla.suse.com/1076830"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1079524",
        "url": "https://bugzilla.suse.com/1079524"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1083647",
        "url": "https://bugzilla.suse.com/1083647"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1084760",
        "url": "https://bugzilla.suse.com/1084760"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1084831",
        "url": "https://bugzilla.suse.com/1084831"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1086283",
        "url": "https://bugzilla.suse.com/1086283"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1086288",
        "url": "https://bugzilla.suse.com/1086288"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1094825",
        "url": "https://bugzilla.suse.com/1094825"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1095805",
        "url": "https://bugzilla.suse.com/1095805"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1099125",
        "url": "https://bugzilla.suse.com/1099125"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1100132",
        "url": "https://bugzilla.suse.com/1100132"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1102881",
        "url": "https://bugzilla.suse.com/1102881"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1103308",
        "url": "https://bugzilla.suse.com/1103308"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1103543",
        "url": "https://bugzilla.suse.com/1103543"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1104731",
        "url": "https://bugzilla.suse.com/1104731"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1105025",
        "url": "https://bugzilla.suse.com/1105025"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1105536",
        "url": "https://bugzilla.suse.com/1105536"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1106105",
        "url": "https://bugzilla.suse.com/1106105"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1106110",
        "url": "https://bugzilla.suse.com/1106110"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1106237",
        "url": "https://bugzilla.suse.com/1106237"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1106240",
        "url": "https://bugzilla.suse.com/1106240"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1106838",
        "url": "https://bugzilla.suse.com/1106838"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1107685",
        "url": "https://bugzilla.suse.com/1107685"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1108241",
        "url": "https://bugzilla.suse.com/1108241"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1108377",
        "url": "https://bugzilla.suse.com/1108377"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1108468",
        "url": "https://bugzilla.suse.com/1108468"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1108828",
        "url": "https://bugzilla.suse.com/1108828"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1108841",
        "url": "https://bugzilla.suse.com/1108841"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1108870",
        "url": "https://bugzilla.suse.com/1108870"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1109151",
        "url": "https://bugzilla.suse.com/1109151"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1109158",
        "url": "https://bugzilla.suse.com/1109158"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1109217",
        "url": "https://bugzilla.suse.com/1109217"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1109330",
        "url": "https://bugzilla.suse.com/1109330"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1109739",
        "url": "https://bugzilla.suse.com/1109739"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1109784",
        "url": "https://bugzilla.suse.com/1109784"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1109806",
        "url": "https://bugzilla.suse.com/1109806"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1109818",
        "url": "https://bugzilla.suse.com/1109818"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1109907",
        "url": "https://bugzilla.suse.com/1109907"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1109911",
        "url": "https://bugzilla.suse.com/1109911"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1109915",
        "url": "https://bugzilla.suse.com/1109915"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1109919",
        "url": "https://bugzilla.suse.com/1109919"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1109951",
        "url": "https://bugzilla.suse.com/1109951"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1110006",
        "url": "https://bugzilla.suse.com/1110006"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1110096",
        "url": "https://bugzilla.suse.com/1110096"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1110538",
        "url": "https://bugzilla.suse.com/1110538"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1110561",
        "url": "https://bugzilla.suse.com/1110561"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1110921",
        "url": "https://bugzilla.suse.com/1110921"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1111028",
        "url": "https://bugzilla.suse.com/1111028"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1111076",
        "url": "https://bugzilla.suse.com/1111076"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1111506",
        "url": "https://bugzilla.suse.com/1111506"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1111806",
        "url": "https://bugzilla.suse.com/1111806"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1111819",
        "url": "https://bugzilla.suse.com/1111819"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1111830",
        "url": "https://bugzilla.suse.com/1111830"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1111834",
        "url": "https://bugzilla.suse.com/1111834"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1111841",
        "url": "https://bugzilla.suse.com/1111841"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1111870",
        "url": "https://bugzilla.suse.com/1111870"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1111901",
        "url": "https://bugzilla.suse.com/1111901"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1111904",
        "url": "https://bugzilla.suse.com/1111904"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1111928",
        "url": "https://bugzilla.suse.com/1111928"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1111983",
        "url": "https://bugzilla.suse.com/1111983"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1112170",
        "url": "https://bugzilla.suse.com/1112170"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1112173",
        "url": "https://bugzilla.suse.com/1112173"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1112208",
        "url": "https://bugzilla.suse.com/1112208"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1112219",
        "url": "https://bugzilla.suse.com/1112219"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1112221",
        "url": "https://bugzilla.suse.com/1112221"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1112246",
        "url": "https://bugzilla.suse.com/1112246"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1112372",
        "url": "https://bugzilla.suse.com/1112372"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1112514",
        "url": "https://bugzilla.suse.com/1112514"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1112554",
        "url": "https://bugzilla.suse.com/1112554"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1112708",
        "url": "https://bugzilla.suse.com/1112708"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1112710",
        "url": "https://bugzilla.suse.com/1112710"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1112711",
        "url": "https://bugzilla.suse.com/1112711"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1112712",
        "url": "https://bugzilla.suse.com/1112712"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1112713",
        "url": "https://bugzilla.suse.com/1112713"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1112731",
        "url": "https://bugzilla.suse.com/1112731"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1112732",
        "url": "https://bugzilla.suse.com/1112732"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1112733",
        "url": "https://bugzilla.suse.com/1112733"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1112734",
        "url": "https://bugzilla.suse.com/1112734"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1112735",
        "url": "https://bugzilla.suse.com/1112735"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1112736",
        "url": "https://bugzilla.suse.com/1112736"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1112738",
        "url": "https://bugzilla.suse.com/1112738"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1112739",
        "url": "https://bugzilla.suse.com/1112739"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1112740",
        "url": "https://bugzilla.suse.com/1112740"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1112741",
        "url": "https://bugzilla.suse.com/1112741"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1112743",
        "url": "https://bugzilla.suse.com/1112743"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1112745",
        "url": "https://bugzilla.suse.com/1112745"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1112746",
        "url": "https://bugzilla.suse.com/1112746"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1112894",
        "url": "https://bugzilla.suse.com/1112894"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1112899",
        "url": "https://bugzilla.suse.com/1112899"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1112902",
        "url": "https://bugzilla.suse.com/1112902"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1112903",
        "url": "https://bugzilla.suse.com/1112903"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1112905",
        "url": "https://bugzilla.suse.com/1112905"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1112906",
        "url": "https://bugzilla.suse.com/1112906"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1112907",
        "url": "https://bugzilla.suse.com/1112907"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1113257",
        "url": "https://bugzilla.suse.com/1113257"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1113284",
        "url": "https://bugzilla.suse.com/1113284"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2017-16533 page",
        "url": "https://www.suse.com/security/cve/CVE-2017-16533/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2017-18224 page",
        "url": "https://www.suse.com/security/cve/CVE-2017-18224/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2018-18386 page",
        "url": "https://www.suse.com/security/cve/CVE-2018-18386/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2018-18445 page",
        "url": "https://www.suse.com/security/cve/CVE-2018-18445/"
      }
    ],
    "title": "Security update for the Linux Kernel",
    "tracking": {
      "current_release_date": "2018-10-31T13:44:41Z",
      "generator": {
        "date": "2018-10-31T13:44:41Z",
        "engine": {
          "name": "cve-database.git:bin/generate-csaf.pl",
          "version": "1"
        }
      },
      "id": "SUSE-SU-2018:3589-1",
      "initial_release_date": "2018-10-31T13:44:41Z",
      "revision_history": [
        {
          "date": "2018-10-31T13:44:41Z",
          "number": "1",
          "summary": "Current version"
        }
      ],
      "status": "final",
      "version": "1"
    }
  },
  "product_tree": {
    "branches": [
      {
        "branches": [
          {
            "branches": [
              {
                "category": "product_version",
                "name": "kernel-default-4.12.14-25.25.1.aarch64",
                "product": {
                  "name": "kernel-default-4.12.14-25.25.1.aarch64",
                  "product_id": "kernel-default-4.12.14-25.25.1.aarch64"
                }
              },
              {
                "category": "product_version",
                "name": "kernel-default-devel-4.12.14-25.25.1.aarch64",
                "product": {
                  "name": "kernel-default-devel-4.12.14-25.25.1.aarch64",
                  "product_id": "kernel-default-devel-4.12.14-25.25.1.aarch64"
                }
              },
              {
                "category": "product_version",
                "name": "kernel-obs-build-4.12.14-25.25.1.aarch64",
                "product": {
                  "name": "kernel-obs-build-4.12.14-25.25.1.aarch64",
                  "product_id": "kernel-obs-build-4.12.14-25.25.1.aarch64"
                }
              },
              {
                "category": "product_version",
                "name": "kernel-syms-4.12.14-25.25.1.aarch64",
                "product": {
                  "name": "kernel-syms-4.12.14-25.25.1.aarch64",
                  "product_id": "kernel-syms-4.12.14-25.25.1.aarch64"
                }
              },
              {
                "category": "product_version",
                "name": "kernel-vanilla-base-4.12.14-25.25.1.aarch64",
                "product": {
                  "name": "kernel-vanilla-base-4.12.14-25.25.1.aarch64",
                  "product_id": "kernel-vanilla-base-4.12.14-25.25.1.aarch64"
                }
              },
              {
                "category": "product_version",
                "name": "reiserfs-kmp-default-4.12.14-25.25.1.aarch64",
                "product": {
                  "name": "reiserfs-kmp-default-4.12.14-25.25.1.aarch64",
                  "product_id": "reiserfs-kmp-default-4.12.14-25.25.1.aarch64"
                }
              },
              {
                "category": "product_version",
                "name": "cluster-md-kmp-default-4.12.14-25.25.1.aarch64",
                "product": {
                  "name": "cluster-md-kmp-default-4.12.14-25.25.1.aarch64",
                  "product_id": "cluster-md-kmp-default-4.12.14-25.25.1.aarch64"
                }
              },
              {
                "category": "product_version",
                "name": "dlm-kmp-default-4.12.14-25.25.1.aarch64",
                "product": {
                  "name": "dlm-kmp-default-4.12.14-25.25.1.aarch64",
                  "product_id": "dlm-kmp-default-4.12.14-25.25.1.aarch64"
                }
              },
              {
                "category": "product_version",
                "name": "gfs2-kmp-default-4.12.14-25.25.1.aarch64",
                "product": {
                  "name": "gfs2-kmp-default-4.12.14-25.25.1.aarch64",
                  "product_id": "gfs2-kmp-default-4.12.14-25.25.1.aarch64"
                }
              },
              {
                "category": "product_version",
                "name": "ocfs2-kmp-default-4.12.14-25.25.1.aarch64",
                "product": {
                  "name": "ocfs2-kmp-default-4.12.14-25.25.1.aarch64",
                  "product_id": "ocfs2-kmp-default-4.12.14-25.25.1.aarch64"
                }
              }
            ],
            "category": "architecture",
            "name": "aarch64"
          },
          {
            "branches": [
              {
                "category": "product_version",
                "name": "kernel-devel-4.12.14-25.25.1.noarch",
                "product": {
                  "name": "kernel-devel-4.12.14-25.25.1.noarch",
                  "product_id": "kernel-devel-4.12.14-25.25.1.noarch"
                }
              },
              {
                "category": "product_version",
                "name": "kernel-macros-4.12.14-25.25.1.noarch",
                "product": {
                  "name": "kernel-macros-4.12.14-25.25.1.noarch",
                  "product_id": "kernel-macros-4.12.14-25.25.1.noarch"
                }
              },
              {
                "category": "product_version",
                "name": "kernel-docs-4.12.14-25.25.1.noarch",
                "product": {
                  "name": "kernel-docs-4.12.14-25.25.1.noarch",
                  "product_id": "kernel-docs-4.12.14-25.25.1.noarch"
                }
              },
              {
                "category": "product_version",
                "name": "kernel-source-4.12.14-25.25.1.noarch",
                "product": {
                  "name": "kernel-source-4.12.14-25.25.1.noarch",
                  "product_id": "kernel-source-4.12.14-25.25.1.noarch"
                }
              }
            ],
            "category": "architecture",
            "name": "noarch"
          },
          {
            "branches": [
              {
                "category": "product_version",
                "name": "kernel-default-4.12.14-25.25.1.ppc64le",
                "product": {
                  "name": "kernel-default-4.12.14-25.25.1.ppc64le",
                  "product_id": "kernel-default-4.12.14-25.25.1.ppc64le"
                }
              },
              {
                "category": "product_version",
                "name": "kernel-default-devel-4.12.14-25.25.1.ppc64le",
                "product": {
                  "name": "kernel-default-devel-4.12.14-25.25.1.ppc64le",
                  "product_id": "kernel-default-devel-4.12.14-25.25.1.ppc64le"
                }
              },
              {
                "category": "product_version",
                "name": "kernel-obs-build-4.12.14-25.25.1.ppc64le",
                "product": {
                  "name": "kernel-obs-build-4.12.14-25.25.1.ppc64le",
                  "product_id": "kernel-obs-build-4.12.14-25.25.1.ppc64le"
                }
              },
              {
                "category": "product_version",
                "name": "kernel-syms-4.12.14-25.25.1.ppc64le",
                "product": {
                  "name": "kernel-syms-4.12.14-25.25.1.ppc64le",
                  "product_id": "kernel-syms-4.12.14-25.25.1.ppc64le"
                }
              },
              {
                "category": "product_version",
                "name": "kernel-vanilla-base-4.12.14-25.25.1.ppc64le",
                "product": {
                  "name": "kernel-vanilla-base-4.12.14-25.25.1.ppc64le",
                  "product_id": "kernel-vanilla-base-4.12.14-25.25.1.ppc64le"
                }
              },
              {
                "category": "product_version",
                "name": "reiserfs-kmp-default-4.12.14-25.25.1.ppc64le",
                "product": {
                  "name": "reiserfs-kmp-default-4.12.14-25.25.1.ppc64le",
                  "product_id": "reiserfs-kmp-default-4.12.14-25.25.1.ppc64le"
                }
              },
              {
                "category": "product_version",
                "name": "cluster-md-kmp-default-4.12.14-25.25.1.ppc64le",
                "product": {
                  "name": "cluster-md-kmp-default-4.12.14-25.25.1.ppc64le",
                  "product_id": "cluster-md-kmp-default-4.12.14-25.25.1.ppc64le"
                }
              },
              {
                "category": "product_version",
                "name": "dlm-kmp-default-4.12.14-25.25.1.ppc64le",
                "product": {
                  "name": "dlm-kmp-default-4.12.14-25.25.1.ppc64le",
                  "product_id": "dlm-kmp-default-4.12.14-25.25.1.ppc64le"
                }
              },
              {
                "category": "product_version",
                "name": "gfs2-kmp-default-4.12.14-25.25.1.ppc64le",
                "product": {
                  "name": "gfs2-kmp-default-4.12.14-25.25.1.ppc64le",
                  "product_id": "gfs2-kmp-default-4.12.14-25.25.1.ppc64le"
                }
              },
              {
                "category": "product_version",
                "name": "ocfs2-kmp-default-4.12.14-25.25.1.ppc64le",
                "product": {
                  "name": "ocfs2-kmp-default-4.12.14-25.25.1.ppc64le",
                  "product_id": "ocfs2-kmp-default-4.12.14-25.25.1.ppc64le"
                }
              }
            ],
            "category": "architecture",
            "name": "ppc64le"
          },
          {
            "branches": [
              {
                "category": "product_version",
                "name": "kernel-default-4.12.14-25.25.1.s390x",
                "product": {
                  "name": "kernel-default-4.12.14-25.25.1.s390x",
                  "product_id": "kernel-default-4.12.14-25.25.1.s390x"
                }
              },
              {
                "category": "product_version",
                "name": "kernel-default-devel-4.12.14-25.25.1.s390x",
                "product": {
                  "name": "kernel-default-devel-4.12.14-25.25.1.s390x",
                  "product_id": "kernel-default-devel-4.12.14-25.25.1.s390x"
                }
              },
              {
                "category": "product_version",
                "name": "kernel-default-man-4.12.14-25.25.1.s390x",
                "product": {
                  "name": "kernel-default-man-4.12.14-25.25.1.s390x",
                  "product_id": "kernel-default-man-4.12.14-25.25.1.s390x"
                }
              },
              {
                "category": "product_version",
                "name": "kernel-zfcpdump-4.12.14-25.25.1.s390x",
                "product": {
                  "name": "kernel-zfcpdump-4.12.14-25.25.1.s390x",
                  "product_id": "kernel-zfcpdump-4.12.14-25.25.1.s390x"
                }
              },
              {
                "category": "product_version",
                "name": "kernel-obs-build-4.12.14-25.25.1.s390x",
                "product": {
                  "name": "kernel-obs-build-4.12.14-25.25.1.s390x",
                  "product_id": "kernel-obs-build-4.12.14-25.25.1.s390x"
                }
              },
              {
                "category": "product_version",
                "name": "kernel-syms-4.12.14-25.25.1.s390x",
                "product": {
                  "name": "kernel-syms-4.12.14-25.25.1.s390x",
                  "product_id": "kernel-syms-4.12.14-25.25.1.s390x"
                }
              },
              {
                "category": "product_version",
                "name": "kernel-vanilla-base-4.12.14-25.25.1.s390x",
                "product": {
                  "name": "kernel-vanilla-base-4.12.14-25.25.1.s390x",
                  "product_id": "kernel-vanilla-base-4.12.14-25.25.1.s390x"
                }
              },
              {
                "category": "product_version",
                "name": "reiserfs-kmp-default-4.12.14-25.25.1.s390x",
                "product": {
                  "name": "reiserfs-kmp-default-4.12.14-25.25.1.s390x",
                  "product_id": "reiserfs-kmp-default-4.12.14-25.25.1.s390x"
                }
              },
              {
                "category": "product_version",
                "name": "cluster-md-kmp-default-4.12.14-25.25.1.s390x",
                "product": {
                  "name": "cluster-md-kmp-default-4.12.14-25.25.1.s390x",
                  "product_id": "cluster-md-kmp-default-4.12.14-25.25.1.s390x"
                }
              },
              {
                "category": "product_version",
                "name": "dlm-kmp-default-4.12.14-25.25.1.s390x",
                "product": {
                  "name": "dlm-kmp-default-4.12.14-25.25.1.s390x",
                  "product_id": "dlm-kmp-default-4.12.14-25.25.1.s390x"
                }
              },
              {
                "category": "product_version",
                "name": "gfs2-kmp-default-4.12.14-25.25.1.s390x",
                "product": {
                  "name": "gfs2-kmp-default-4.12.14-25.25.1.s390x",
                  "product_id": "gfs2-kmp-default-4.12.14-25.25.1.s390x"
                }
              },
              {
                "category": "product_version",
                "name": "ocfs2-kmp-default-4.12.14-25.25.1.s390x",
                "product": {
                  "name": "ocfs2-kmp-default-4.12.14-25.25.1.s390x",
                  "product_id": "ocfs2-kmp-default-4.12.14-25.25.1.s390x"
                }
              }
            ],
            "category": "architecture",
            "name": "s390x"
          },
          {
            "branches": [
              {
                "category": "product_version",
                "name": "kernel-default-4.12.14-25.25.1.x86_64",
                "product": {
                  "name": "kernel-default-4.12.14-25.25.1.x86_64",
                  "product_id": "kernel-default-4.12.14-25.25.1.x86_64"
                }
              },
              {
                "category": "product_version",
                "name": "kernel-default-devel-4.12.14-25.25.1.x86_64",
                "product": {
                  "name": "kernel-default-devel-4.12.14-25.25.1.x86_64",
                  "product_id": "kernel-default-devel-4.12.14-25.25.1.x86_64"
                }
              },
              {
                "category": "product_version",
                "name": "kernel-obs-build-4.12.14-25.25.1.x86_64",
                "product": {
                  "name": "kernel-obs-build-4.12.14-25.25.1.x86_64",
                  "product_id": "kernel-obs-build-4.12.14-25.25.1.x86_64"
                }
              },
              {
                "category": "product_version",
                "name": "kernel-syms-4.12.14-25.25.1.x86_64",
                "product": {
                  "name": "kernel-syms-4.12.14-25.25.1.x86_64",
                  "product_id": "kernel-syms-4.12.14-25.25.1.x86_64"
                }
              },
              {
                "category": "product_version",
                "name": "kernel-vanilla-base-4.12.14-25.25.1.x86_64",
                "product": {
                  "name": "kernel-vanilla-base-4.12.14-25.25.1.x86_64",
                  "product_id": "kernel-vanilla-base-4.12.14-25.25.1.x86_64"
                }
              },
              {
                "category": "product_version",
                "name": "reiserfs-kmp-default-4.12.14-25.25.1.x86_64",
                "product": {
                  "name": "reiserfs-kmp-default-4.12.14-25.25.1.x86_64",
                  "product_id": "reiserfs-kmp-default-4.12.14-25.25.1.x86_64"
                }
              },
              {
                "category": "product_version",
                "name": "cluster-md-kmp-default-4.12.14-25.25.1.x86_64",
                "product": {
                  "name": "cluster-md-kmp-default-4.12.14-25.25.1.x86_64",
                  "product_id": "cluster-md-kmp-default-4.12.14-25.25.1.x86_64"
                }
              },
              {
                "category": "product_version",
                "name": "dlm-kmp-default-4.12.14-25.25.1.x86_64",
                "product": {
                  "name": "dlm-kmp-default-4.12.14-25.25.1.x86_64",
                  "product_id": "dlm-kmp-default-4.12.14-25.25.1.x86_64"
                }
              },
              {
                "category": "product_version",
                "name": "gfs2-kmp-default-4.12.14-25.25.1.x86_64",
                "product": {
                  "name": "gfs2-kmp-default-4.12.14-25.25.1.x86_64",
                  "product_id": "gfs2-kmp-default-4.12.14-25.25.1.x86_64"
                }
              },
              {
                "category": "product_version",
                "name": "ocfs2-kmp-default-4.12.14-25.25.1.x86_64",
                "product": {
                  "name": "ocfs2-kmp-default-4.12.14-25.25.1.x86_64",
                  "product_id": "ocfs2-kmp-default-4.12.14-25.25.1.x86_64"
                }
              },
              {
                "category": "product_version",
                "name": "kernel-default-extra-4.12.14-25.25.1.x86_64",
                "product": {
                  "name": "kernel-default-extra-4.12.14-25.25.1.x86_64",
                  "product_id": "kernel-default-extra-4.12.14-25.25.1.x86_64"
                }
              }
            ],
            "category": "architecture",
            "name": "x86_64"
          },
          {
            "branches": [
              {
                "category": "product_name",
                "name": "SUSE Linux Enterprise Module for Basesystem 15",
                "product": {
                  "name": "SUSE Linux Enterprise Module for Basesystem 15",
                  "product_id": "SUSE Linux Enterprise Module for Basesystem 15",
                  "product_identification_helper": {
                    "cpe": "cpe:/o:suse:sle-module-basesystem:15"
                  }
                }
              },
              {
                "category": "product_name",
                "name": "SUSE Linux Enterprise Module for Development Tools 15",
                "product": {
                  "name": "SUSE Linux Enterprise Module for Development Tools 15",
                  "product_id": "SUSE Linux Enterprise Module for Development Tools 15",
                  "product_identification_helper": {
                    "cpe": "cpe:/o:suse:sle-module-development-tools:15"
                  }
                }
              },
              {
                "category": "product_name",
                "name": "SUSE Linux Enterprise Module for Legacy 15",
                "product": {
                  "name": "SUSE Linux Enterprise Module for Legacy 15",
                  "product_id": "SUSE Linux Enterprise Module for Legacy 15",
                  "product_identification_helper": {
                    "cpe": "cpe:/o:suse:sle-module-legacy:15"
                  }
                }
              },
              {
                "category": "product_name",
                "name": "SUSE Linux Enterprise High Availability Extension 15",
                "product": {
                  "name": "SUSE Linux Enterprise High Availability Extension 15",
                  "product_id": "SUSE Linux Enterprise High Availability Extension 15",
                  "product_identification_helper": {
                    "cpe": "cpe:/o:suse:sle-ha:15"
                  }
                }
              },
              {
                "category": "product_name",
                "name": "SUSE Linux Enterprise Workstation Extension 15",
                "product": {
                  "name": "SUSE Linux Enterprise Workstation Extension 15",
                  "product_id": "SUSE Linux Enterprise Workstation Extension 15",
                  "product_identification_helper": {
                    "cpe": "cpe:/o:suse:sle-we:15"
                  }
                }
              }
            ],
            "category": "product_family",
            "name": "SUSE Linux Enterprise"
          }
        ],
        "category": "vendor",
        "name": "SUSE"
      }
    ],
    "relationships": [
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "kernel-default-4.12.14-25.25.1.aarch64 as component of SUSE Linux Enterprise Module for Basesystem 15",
          "product_id": "SUSE Linux Enterprise Module for Basesystem 15:kernel-default-4.12.14-25.25.1.aarch64"
        },
        "product_reference": "kernel-default-4.12.14-25.25.1.aarch64",
        "relates_to_product_reference": "SUSE Linux Enterprise Module for Basesystem 15"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "kernel-default-4.12.14-25.25.1.ppc64le as component of SUSE Linux Enterprise Module for Basesystem 15",
          "product_id": "SUSE Linux Enterprise Module for Basesystem 15:kernel-default-4.12.14-25.25.1.ppc64le"
        },
        "product_reference": "kernel-default-4.12.14-25.25.1.ppc64le",
        "relates_to_product_reference": "SUSE Linux Enterprise Module for Basesystem 15"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "kernel-default-4.12.14-25.25.1.s390x as component of SUSE Linux Enterprise Module for Basesystem 15",
          "product_id": "SUSE Linux Enterprise Module for Basesystem 15:kernel-default-4.12.14-25.25.1.s390x"
        },
        "product_reference": "kernel-default-4.12.14-25.25.1.s390x",
        "relates_to_product_reference": "SUSE Linux Enterprise Module for Basesystem 15"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "kernel-default-4.12.14-25.25.1.x86_64 as component of SUSE Linux Enterprise Module for Basesystem 15",
          "product_id": "SUSE Linux Enterprise Module for Basesystem 15:kernel-default-4.12.14-25.25.1.x86_64"
        },
        "product_reference": "kernel-default-4.12.14-25.25.1.x86_64",
        "relates_to_product_reference": "SUSE Linux Enterprise Module for Basesystem 15"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "kernel-default-devel-4.12.14-25.25.1.aarch64 as component of SUSE Linux Enterprise Module for Basesystem 15",
          "product_id": "SUSE Linux Enterprise Module for Basesystem 15:kernel-default-devel-4.12.14-25.25.1.aarch64"
        },
        "product_reference": "kernel-default-devel-4.12.14-25.25.1.aarch64",
        "relates_to_product_reference": "SUSE Linux Enterprise Module for Basesystem 15"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "kernel-default-devel-4.12.14-25.25.1.ppc64le as component of SUSE Linux Enterprise Module for Basesystem 15",
          "product_id": "SUSE Linux Enterprise Module for Basesystem 15:kernel-default-devel-4.12.14-25.25.1.ppc64le"
        },
        "product_reference": "kernel-default-devel-4.12.14-25.25.1.ppc64le",
        "relates_to_product_reference": "SUSE Linux Enterprise Module for Basesystem 15"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "kernel-default-devel-4.12.14-25.25.1.s390x as component of SUSE Linux Enterprise Module for Basesystem 15",
          "product_id": "SUSE Linux Enterprise Module for Basesystem 15:kernel-default-devel-4.12.14-25.25.1.s390x"
        },
        "product_reference": "kernel-default-devel-4.12.14-25.25.1.s390x",
        "relates_to_product_reference": "SUSE Linux Enterprise Module for Basesystem 15"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "kernel-default-devel-4.12.14-25.25.1.x86_64 as component of SUSE Linux Enterprise Module for Basesystem 15",
          "product_id": "SUSE Linux Enterprise Module for Basesystem 15:kernel-default-devel-4.12.14-25.25.1.x86_64"
        },
        "product_reference": "kernel-default-devel-4.12.14-25.25.1.x86_64",
        "relates_to_product_reference": "SUSE Linux Enterprise Module for Basesystem 15"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "kernel-default-man-4.12.14-25.25.1.s390x as component of SUSE Linux Enterprise Module for Basesystem 15",
          "product_id": "SUSE Linux Enterprise Module for Basesystem 15:kernel-default-man-4.12.14-25.25.1.s390x"
        },
        "product_reference": "kernel-default-man-4.12.14-25.25.1.s390x",
        "relates_to_product_reference": "SUSE Linux Enterprise Module for Basesystem 15"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "kernel-devel-4.12.14-25.25.1.noarch as component of SUSE Linux Enterprise Module for Basesystem 15",
          "product_id": "SUSE Linux Enterprise Module for Basesystem 15:kernel-devel-4.12.14-25.25.1.noarch"
        },
        "product_reference": "kernel-devel-4.12.14-25.25.1.noarch",
        "relates_to_product_reference": "SUSE Linux Enterprise Module for Basesystem 15"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "kernel-macros-4.12.14-25.25.1.noarch as component of SUSE Linux Enterprise Module for Basesystem 15",
          "product_id": "SUSE Linux Enterprise Module for Basesystem 15:kernel-macros-4.12.14-25.25.1.noarch"
        },
        "product_reference": "kernel-macros-4.12.14-25.25.1.noarch",
        "relates_to_product_reference": "SUSE Linux Enterprise Module for Basesystem 15"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "kernel-zfcpdump-4.12.14-25.25.1.s390x as component of SUSE Linux Enterprise Module for Basesystem 15",
          "product_id": "SUSE Linux Enterprise Module for Basesystem 15:kernel-zfcpdump-4.12.14-25.25.1.s390x"
        },
        "product_reference": "kernel-zfcpdump-4.12.14-25.25.1.s390x",
        "relates_to_product_reference": "SUSE Linux Enterprise Module for Basesystem 15"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "kernel-docs-4.12.14-25.25.1.noarch as component of SUSE Linux Enterprise Module for Development Tools 15",
          "product_id": "SUSE Linux Enterprise Module for Development Tools 15:kernel-docs-4.12.14-25.25.1.noarch"
        },
        "product_reference": "kernel-docs-4.12.14-25.25.1.noarch",
        "relates_to_product_reference": "SUSE Linux Enterprise Module for Development Tools 15"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "kernel-obs-build-4.12.14-25.25.1.aarch64 as component of SUSE Linux Enterprise Module for Development Tools 15",
          "product_id": "SUSE Linux Enterprise Module for Development Tools 15:kernel-obs-build-4.12.14-25.25.1.aarch64"
        },
        "product_reference": "kernel-obs-build-4.12.14-25.25.1.aarch64",
        "relates_to_product_reference": "SUSE Linux Enterprise Module for Development Tools 15"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "kernel-obs-build-4.12.14-25.25.1.ppc64le as component of SUSE Linux Enterprise Module for Development Tools 15",
          "product_id": "SUSE Linux Enterprise Module for Development Tools 15:kernel-obs-build-4.12.14-25.25.1.ppc64le"
        },
        "product_reference": "kernel-obs-build-4.12.14-25.25.1.ppc64le",
        "relates_to_product_reference": "SUSE Linux Enterprise Module for Development Tools 15"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "kernel-obs-build-4.12.14-25.25.1.s390x as component of SUSE Linux Enterprise Module for Development Tools 15",
          "product_id": "SUSE Linux Enterprise Module for Development Tools 15:kernel-obs-build-4.12.14-25.25.1.s390x"
        },
        "product_reference": "kernel-obs-build-4.12.14-25.25.1.s390x",
        "relates_to_product_reference": "SUSE Linux Enterprise Module for Development Tools 15"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "kernel-obs-build-4.12.14-25.25.1.x86_64 as component of SUSE Linux Enterprise Module for Development Tools 15",
          "product_id": "SUSE Linux Enterprise Module for Development Tools 15:kernel-obs-build-4.12.14-25.25.1.x86_64"
        },
        "product_reference": "kernel-obs-build-4.12.14-25.25.1.x86_64",
        "relates_to_product_reference": "SUSE Linux Enterprise Module for Development Tools 15"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "kernel-source-4.12.14-25.25.1.noarch as component of SUSE Linux Enterprise Module for Development Tools 15",
          "product_id": "SUSE Linux Enterprise Module for Development Tools 15:kernel-source-4.12.14-25.25.1.noarch"
        },
        "product_reference": "kernel-source-4.12.14-25.25.1.noarch",
        "relates_to_product_reference": "SUSE Linux Enterprise Module for Development Tools 15"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "kernel-syms-4.12.14-25.25.1.aarch64 as component of SUSE Linux Enterprise Module for Development Tools 15",
          "product_id": "SUSE Linux Enterprise Module for Development Tools 15:kernel-syms-4.12.14-25.25.1.aarch64"
        },
        "product_reference": "kernel-syms-4.12.14-25.25.1.aarch64",
        "relates_to_product_reference": "SUSE Linux Enterprise Module for Development Tools 15"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "kernel-syms-4.12.14-25.25.1.ppc64le as component of SUSE Linux Enterprise Module for Development Tools 15",
          "product_id": "SUSE Linux Enterprise Module for Development Tools 15:kernel-syms-4.12.14-25.25.1.ppc64le"
        },
        "product_reference": "kernel-syms-4.12.14-25.25.1.ppc64le",
        "relates_to_product_reference": "SUSE Linux Enterprise Module for Development Tools 15"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "kernel-syms-4.12.14-25.25.1.s390x as component of SUSE Linux Enterprise Module for Development Tools 15",
          "product_id": "SUSE Linux Enterprise Module for Development Tools 15:kernel-syms-4.12.14-25.25.1.s390x"
        },
        "product_reference": "kernel-syms-4.12.14-25.25.1.s390x",
        "relates_to_product_reference": "SUSE Linux Enterprise Module for Development Tools 15"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "kernel-syms-4.12.14-25.25.1.x86_64 as component of SUSE Linux Enterprise Module for Development Tools 15",
          "product_id": "SUSE Linux Enterprise Module for Development Tools 15:kernel-syms-4.12.14-25.25.1.x86_64"
        },
        "product_reference": "kernel-syms-4.12.14-25.25.1.x86_64",
        "relates_to_product_reference": "SUSE Linux Enterprise Module for Development Tools 15"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "kernel-vanilla-base-4.12.14-25.25.1.aarch64 as component of SUSE Linux Enterprise Module for Development Tools 15",
          "product_id": "SUSE Linux Enterprise Module for Development Tools 15:kernel-vanilla-base-4.12.14-25.25.1.aarch64"
        },
        "product_reference": "kernel-vanilla-base-4.12.14-25.25.1.aarch64",
        "relates_to_product_reference": "SUSE Linux Enterprise Module for Development Tools 15"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "kernel-vanilla-base-4.12.14-25.25.1.ppc64le as component of SUSE Linux Enterprise Module for Development Tools 15",
          "product_id": "SUSE Linux Enterprise Module for Development Tools 15:kernel-vanilla-base-4.12.14-25.25.1.ppc64le"
        },
        "product_reference": "kernel-vanilla-base-4.12.14-25.25.1.ppc64le",
        "relates_to_product_reference": "SUSE Linux Enterprise Module for Development Tools 15"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "kernel-vanilla-base-4.12.14-25.25.1.s390x as component of SUSE Linux Enterprise Module for Development Tools 15",
          "product_id": "SUSE Linux Enterprise Module for Development Tools 15:kernel-vanilla-base-4.12.14-25.25.1.s390x"
        },
        "product_reference": "kernel-vanilla-base-4.12.14-25.25.1.s390x",
        "relates_to_product_reference": "SUSE Linux Enterprise Module for Development Tools 15"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "kernel-vanilla-base-4.12.14-25.25.1.x86_64 as component of SUSE Linux Enterprise Module for Development Tools 15",
          "product_id": "SUSE Linux Enterprise Module for Development Tools 15:kernel-vanilla-base-4.12.14-25.25.1.x86_64"
        },
        "product_reference": "kernel-vanilla-base-4.12.14-25.25.1.x86_64",
        "relates_to_product_reference": "SUSE Linux Enterprise Module for Development Tools 15"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "reiserfs-kmp-default-4.12.14-25.25.1.aarch64 as component of SUSE Linux Enterprise Module for Legacy 15",
          "product_id": "SUSE Linux Enterprise Module for Legacy 15:reiserfs-kmp-default-4.12.14-25.25.1.aarch64"
        },
        "product_reference": "reiserfs-kmp-default-4.12.14-25.25.1.aarch64",
        "relates_to_product_reference": "SUSE Linux Enterprise Module for Legacy 15"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "reiserfs-kmp-default-4.12.14-25.25.1.ppc64le as component of SUSE Linux Enterprise Module for Legacy 15",
          "product_id": "SUSE Linux Enterprise Module for Legacy 15:reiserfs-kmp-default-4.12.14-25.25.1.ppc64le"
        },
        "product_reference": "reiserfs-kmp-default-4.12.14-25.25.1.ppc64le",
        "relates_to_product_reference": "SUSE Linux Enterprise Module for Legacy 15"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "reiserfs-kmp-default-4.12.14-25.25.1.s390x as component of SUSE Linux Enterprise Module for Legacy 15",
          "product_id": "SUSE Linux Enterprise Module for Legacy 15:reiserfs-kmp-default-4.12.14-25.25.1.s390x"
        },
        "product_reference": "reiserfs-kmp-default-4.12.14-25.25.1.s390x",
        "relates_to_product_reference": "SUSE Linux Enterprise Module for Legacy 15"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "reiserfs-kmp-default-4.12.14-25.25.1.x86_64 as component of SUSE Linux Enterprise Module for Legacy 15",
          "product_id": "SUSE Linux Enterprise Module for Legacy 15:reiserfs-kmp-default-4.12.14-25.25.1.x86_64"
        },
        "product_reference": "reiserfs-kmp-default-4.12.14-25.25.1.x86_64",
        "relates_to_product_reference": "SUSE Linux Enterprise Module for Legacy 15"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "cluster-md-kmp-default-4.12.14-25.25.1.aarch64 as component of SUSE Linux Enterprise High Availability Extension 15",
          "product_id": "SUSE Linux Enterprise High Availability Extension 15:cluster-md-kmp-default-4.12.14-25.25.1.aarch64"
        },
        "product_reference": "cluster-md-kmp-default-4.12.14-25.25.1.aarch64",
        "relates_to_product_reference": "SUSE Linux Enterprise High Availability Extension 15"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "cluster-md-kmp-default-4.12.14-25.25.1.ppc64le as component of SUSE Linux Enterprise High Availability Extension 15",
          "product_id": "SUSE Linux Enterprise High Availability Extension 15:cluster-md-kmp-default-4.12.14-25.25.1.ppc64le"
        },
        "product_reference": "cluster-md-kmp-default-4.12.14-25.25.1.ppc64le",
        "relates_to_product_reference": "SUSE Linux Enterprise High Availability Extension 15"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "cluster-md-kmp-default-4.12.14-25.25.1.s390x as component of SUSE Linux Enterprise High Availability Extension 15",
          "product_id": "SUSE Linux Enterprise High Availability Extension 15:cluster-md-kmp-default-4.12.14-25.25.1.s390x"
        },
        "product_reference": "cluster-md-kmp-default-4.12.14-25.25.1.s390x",
        "relates_to_product_reference": "SUSE Linux Enterprise High Availability Extension 15"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "cluster-md-kmp-default-4.12.14-25.25.1.x86_64 as component of SUSE Linux Enterprise High Availability Extension 15",
          "product_id": "SUSE Linux Enterprise High Availability Extension 15:cluster-md-kmp-default-4.12.14-25.25.1.x86_64"
        },
        "product_reference": "cluster-md-kmp-default-4.12.14-25.25.1.x86_64",
        "relates_to_product_reference": "SUSE Linux Enterprise High Availability Extension 15"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "dlm-kmp-default-4.12.14-25.25.1.aarch64 as component of SUSE Linux Enterprise High Availability Extension 15",
          "product_id": "SUSE Linux Enterprise High Availability Extension 15:dlm-kmp-default-4.12.14-25.25.1.aarch64"
        },
        "product_reference": "dlm-kmp-default-4.12.14-25.25.1.aarch64",
        "relates_to_product_reference": "SUSE Linux Enterprise High Availability Extension 15"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "dlm-kmp-default-4.12.14-25.25.1.ppc64le as component of SUSE Linux Enterprise High Availability Extension 15",
          "product_id": "SUSE Linux Enterprise High Availability Extension 15:dlm-kmp-default-4.12.14-25.25.1.ppc64le"
        },
        "product_reference": "dlm-kmp-default-4.12.14-25.25.1.ppc64le",
        "relates_to_product_reference": "SUSE Linux Enterprise High Availability Extension 15"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "dlm-kmp-default-4.12.14-25.25.1.s390x as component of SUSE Linux Enterprise High Availability Extension 15",
          "product_id": "SUSE Linux Enterprise High Availability Extension 15:dlm-kmp-default-4.12.14-25.25.1.s390x"
        },
        "product_reference": "dlm-kmp-default-4.12.14-25.25.1.s390x",
        "relates_to_product_reference": "SUSE Linux Enterprise High Availability Extension 15"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "dlm-kmp-default-4.12.14-25.25.1.x86_64 as component of SUSE Linux Enterprise High Availability Extension 15",
          "product_id": "SUSE Linux Enterprise High Availability Extension 15:dlm-kmp-default-4.12.14-25.25.1.x86_64"
        },
        "product_reference": "dlm-kmp-default-4.12.14-25.25.1.x86_64",
        "relates_to_product_reference": "SUSE Linux Enterprise High Availability Extension 15"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "gfs2-kmp-default-4.12.14-25.25.1.aarch64 as component of SUSE Linux Enterprise High Availability Extension 15",
          "product_id": "SUSE Linux Enterprise High Availability Extension 15:gfs2-kmp-default-4.12.14-25.25.1.aarch64"
        },
        "product_reference": "gfs2-kmp-default-4.12.14-25.25.1.aarch64",
        "relates_to_product_reference": "SUSE Linux Enterprise High Availability Extension 15"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "gfs2-kmp-default-4.12.14-25.25.1.ppc64le as component of SUSE Linux Enterprise High Availability Extension 15",
          "product_id": "SUSE Linux Enterprise High Availability Extension 15:gfs2-kmp-default-4.12.14-25.25.1.ppc64le"
        },
        "product_reference": "gfs2-kmp-default-4.12.14-25.25.1.ppc64le",
        "relates_to_product_reference": "SUSE Linux Enterprise High Availability Extension 15"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "gfs2-kmp-default-4.12.14-25.25.1.s390x as component of SUSE Linux Enterprise High Availability Extension 15",
          "product_id": "SUSE Linux Enterprise High Availability Extension 15:gfs2-kmp-default-4.12.14-25.25.1.s390x"
        },
        "product_reference": "gfs2-kmp-default-4.12.14-25.25.1.s390x",
        "relates_to_product_reference": "SUSE Linux Enterprise High Availability Extension 15"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "gfs2-kmp-default-4.12.14-25.25.1.x86_64 as component of SUSE Linux Enterprise High Availability Extension 15",
          "product_id": "SUSE Linux Enterprise High Availability Extension 15:gfs2-kmp-default-4.12.14-25.25.1.x86_64"
        },
        "product_reference": "gfs2-kmp-default-4.12.14-25.25.1.x86_64",
        "relates_to_product_reference": "SUSE Linux Enterprise High Availability Extension 15"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "ocfs2-kmp-default-4.12.14-25.25.1.aarch64 as component of SUSE Linux Enterprise High Availability Extension 15",
          "product_id": "SUSE Linux Enterprise High Availability Extension 15:ocfs2-kmp-default-4.12.14-25.25.1.aarch64"
        },
        "product_reference": "ocfs2-kmp-default-4.12.14-25.25.1.aarch64",
        "relates_to_product_reference": "SUSE Linux Enterprise High Availability Extension 15"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "ocfs2-kmp-default-4.12.14-25.25.1.ppc64le as component of SUSE Linux Enterprise High Availability Extension 15",
          "product_id": "SUSE Linux Enterprise High Availability Extension 15:ocfs2-kmp-default-4.12.14-25.25.1.ppc64le"
        },
        "product_reference": "ocfs2-kmp-default-4.12.14-25.25.1.ppc64le",
        "relates_to_product_reference": "SUSE Linux Enterprise High Availability Extension 15"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "ocfs2-kmp-default-4.12.14-25.25.1.s390x as component of SUSE Linux Enterprise High Availability Extension 15",
          "product_id": "SUSE Linux Enterprise High Availability Extension 15:ocfs2-kmp-default-4.12.14-25.25.1.s390x"
        },
        "product_reference": "ocfs2-kmp-default-4.12.14-25.25.1.s390x",
        "relates_to_product_reference": "SUSE Linux Enterprise High Availability Extension 15"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "ocfs2-kmp-default-4.12.14-25.25.1.x86_64 as component of SUSE Linux Enterprise High Availability Extension 15",
          "product_id": "SUSE Linux Enterprise High Availability Extension 15:ocfs2-kmp-default-4.12.14-25.25.1.x86_64"
        },
        "product_reference": "ocfs2-kmp-default-4.12.14-25.25.1.x86_64",
        "relates_to_product_reference": "SUSE Linux Enterprise High Availability Extension 15"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "kernel-default-extra-4.12.14-25.25.1.x86_64 as component of SUSE Linux Enterprise Workstation Extension 15",
          "product_id": "SUSE Linux Enterprise Workstation Extension 15:kernel-default-extra-4.12.14-25.25.1.x86_64"
        },
        "product_reference": "kernel-default-extra-4.12.14-25.25.1.x86_64",
        "relates_to_product_reference": "SUSE Linux Enterprise Workstation Extension 15"
      }
    ]
  },
  "vulnerabilities": [
    {
      "cve": "CVE-2017-16533",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2017-16533"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "The usbhid_parse function in drivers/hid/usbhid/hid-core.c in the Linux kernel before 4.13.8 allows local users to cause a denial of service (out-of-bounds read and system crash) or possibly have unspecified other impact via a crafted USB device.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "SUSE Linux Enterprise High Availability Extension 15:cluster-md-kmp-default-4.12.14-25.25.1.aarch64",
          "SUSE Linux Enterprise High Availability Extension 15:cluster-md-kmp-default-4.12.14-25.25.1.ppc64le",
          "SUSE Linux Enterprise High Availability Extension 15:cluster-md-kmp-default-4.12.14-25.25.1.s390x",
          "SUSE Linux Enterprise High Availability Extension 15:cluster-md-kmp-default-4.12.14-25.25.1.x86_64",
          "SUSE Linux Enterprise High Availability Extension 15:dlm-kmp-default-4.12.14-25.25.1.aarch64",
          "SUSE Linux Enterprise High Availability Extension 15:dlm-kmp-default-4.12.14-25.25.1.ppc64le",
          "SUSE Linux Enterprise High Availability Extension 15:dlm-kmp-default-4.12.14-25.25.1.s390x",
          "SUSE Linux Enterprise High Availability Extension 15:dlm-kmp-default-4.12.14-25.25.1.x86_64",
          "SUSE Linux Enterprise High Availability Extension 15:gfs2-kmp-default-4.12.14-25.25.1.aarch64",
          "SUSE Linux Enterprise High Availability Extension 15:gfs2-kmp-default-4.12.14-25.25.1.ppc64le",
          "SUSE Linux Enterprise High Availability Extension 15:gfs2-kmp-default-4.12.14-25.25.1.s390x",
          "SUSE Linux Enterprise High Availability Extension 15:gfs2-kmp-default-4.12.14-25.25.1.x86_64",
          "SUSE Linux Enterprise High Availability Extension 15:ocfs2-kmp-default-4.12.14-25.25.1.aarch64",
          "SUSE Linux Enterprise High Availability Extension 15:ocfs2-kmp-default-4.12.14-25.25.1.ppc64le",
          "SUSE Linux Enterprise High Availability Extension 15:ocfs2-kmp-default-4.12.14-25.25.1.s390x",
          "SUSE Linux Enterprise High Availability Extension 15:ocfs2-kmp-default-4.12.14-25.25.1.x86_64",
          "SUSE Linux Enterprise Module for Basesystem 15:kernel-default-4.12.14-25.25.1.aarch64",
          "SUSE Linux Enterprise Module for Basesystem 15:kernel-default-4.12.14-25.25.1.ppc64le",
          "SUSE Linux Enterprise Module for Basesystem 15:kernel-default-4.12.14-25.25.1.s390x",
          "SUSE Linux Enterprise Module for Basesystem 15:kernel-default-4.12.14-25.25.1.x86_64",
          "SUSE Linux Enterprise Module for Basesystem 15:kernel-default-devel-4.12.14-25.25.1.aarch64",
          "SUSE Linux Enterprise Module for Basesystem 15:kernel-default-devel-4.12.14-25.25.1.ppc64le",
          "SUSE Linux Enterprise Module for Basesystem 15:kernel-default-devel-4.12.14-25.25.1.s390x",
          "SUSE Linux Enterprise Module for Basesystem 15:kernel-default-devel-4.12.14-25.25.1.x86_64",
          "SUSE Linux Enterprise Module for Basesystem 15:kernel-default-man-4.12.14-25.25.1.s390x",
          "SUSE Linux Enterprise Module for Basesystem 15:kernel-devel-4.12.14-25.25.1.noarch",
          "SUSE Linux Enterprise Module for Basesystem 15:kernel-macros-4.12.14-25.25.1.noarch",
          "SUSE Linux Enterprise Module for Basesystem 15:kernel-zfcpdump-4.12.14-25.25.1.s390x",
          "SUSE Linux Enterprise Module for Development Tools 15:kernel-docs-4.12.14-25.25.1.noarch",
          "SUSE Linux Enterprise Module for Development Tools 15:kernel-obs-build-4.12.14-25.25.1.aarch64",
          "SUSE Linux Enterprise Module for Development Tools 15:kernel-obs-build-4.12.14-25.25.1.ppc64le",
          "SUSE Linux Enterprise Module for Development Tools 15:kernel-obs-build-4.12.14-25.25.1.s390x",
          "SUSE Linux Enterprise Module for Development Tools 15:kernel-obs-build-4.12.14-25.25.1.x86_64",
          "SUSE Linux Enterprise Module for Development Tools 15:kernel-source-4.12.14-25.25.1.noarch",
          "SUSE Linux Enterprise Module for Development Tools 15:kernel-syms-4.12.14-25.25.1.aarch64",
          "SUSE Linux Enterprise Module for Development Tools 15:kernel-syms-4.12.14-25.25.1.ppc64le",
          "SUSE Linux Enterprise Module for Development Tools 15:kernel-syms-4.12.14-25.25.1.s390x",
          "SUSE Linux Enterprise Module for Development Tools 15:kernel-syms-4.12.14-25.25.1.x86_64",
          "SUSE Linux Enterprise Module for Development Tools 15:kernel-vanilla-base-4.12.14-25.25.1.aarch64",
          "SUSE Linux Enterprise Module for Development Tools 15:kernel-vanilla-base-4.12.14-25.25.1.ppc64le",
          "SUSE Linux Enterprise Module for Development Tools 15:kernel-vanilla-base-4.12.14-25.25.1.s390x",
          "SUSE Linux Enterprise Module for Development Tools 15:kernel-vanilla-base-4.12.14-25.25.1.x86_64",
          "SUSE Linux Enterprise Module for Legacy 15:reiserfs-kmp-default-4.12.14-25.25.1.aarch64",
          "SUSE Linux Enterprise Module for Legacy 15:reiserfs-kmp-default-4.12.14-25.25.1.ppc64le",
          "SUSE Linux Enterprise Module for Legacy 15:reiserfs-kmp-default-4.12.14-25.25.1.s390x",
          "SUSE Linux Enterprise Module for Legacy 15:reiserfs-kmp-default-4.12.14-25.25.1.x86_64",
          "SUSE Linux Enterprise Workstation Extension 15:kernel-default-extra-4.12.14-25.25.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2017-16533",
          "url": "https://www.suse.com/security/cve/CVE-2017-16533"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1066674 for CVE-2017-16533",
          "url": "https://bugzilla.suse.com/1066674"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1087082 for CVE-2017-16533",
          "url": "https://bugzilla.suse.com/1087082"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1146519 for CVE-2017-16533",
          "url": "https://bugzilla.suse.com/1146519"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "SUSE Linux Enterprise High Availability Extension 15:cluster-md-kmp-default-4.12.14-25.25.1.aarch64",
            "SUSE Linux Enterprise High Availability Extension 15:cluster-md-kmp-default-4.12.14-25.25.1.ppc64le",
            "SUSE Linux Enterprise High Availability Extension 15:cluster-md-kmp-default-4.12.14-25.25.1.s390x",
            "SUSE Linux Enterprise High Availability Extension 15:cluster-md-kmp-default-4.12.14-25.25.1.x86_64",
            "SUSE Linux Enterprise High Availability Extension 15:dlm-kmp-default-4.12.14-25.25.1.aarch64",
            "SUSE Linux Enterprise High Availability Extension 15:dlm-kmp-default-4.12.14-25.25.1.ppc64le",
            "SUSE Linux Enterprise High Availability Extension 15:dlm-kmp-default-4.12.14-25.25.1.s390x",
            "SUSE Linux Enterprise High Availability Extension 15:dlm-kmp-default-4.12.14-25.25.1.x86_64",
            "SUSE Linux Enterprise High Availability Extension 15:gfs2-kmp-default-4.12.14-25.25.1.aarch64",
            "SUSE Linux Enterprise High Availability Extension 15:gfs2-kmp-default-4.12.14-25.25.1.ppc64le",
            "SUSE Linux Enterprise High Availability Extension 15:gfs2-kmp-default-4.12.14-25.25.1.s390x",
            "SUSE Linux Enterprise High Availability Extension 15:gfs2-kmp-default-4.12.14-25.25.1.x86_64",
            "SUSE Linux Enterprise High Availability Extension 15:ocfs2-kmp-default-4.12.14-25.25.1.aarch64",
            "SUSE Linux Enterprise High Availability Extension 15:ocfs2-kmp-default-4.12.14-25.25.1.ppc64le",
            "SUSE Linux Enterprise High Availability Extension 15:ocfs2-kmp-default-4.12.14-25.25.1.s390x",
            "SUSE Linux Enterprise High Availability Extension 15:ocfs2-kmp-default-4.12.14-25.25.1.x86_64",
            "SUSE Linux Enterprise Module for Basesystem 15:kernel-default-4.12.14-25.25.1.aarch64",
            "SUSE Linux Enterprise Module for Basesystem 15:kernel-default-4.12.14-25.25.1.ppc64le",
            "SUSE Linux Enterprise Module for Basesystem 15:kernel-default-4.12.14-25.25.1.s390x",
            "SUSE Linux Enterprise Module for Basesystem 15:kernel-default-4.12.14-25.25.1.x86_64",
            "SUSE Linux Enterprise Module for Basesystem 15:kernel-default-devel-4.12.14-25.25.1.aarch64",
            "SUSE Linux Enterprise Module for Basesystem 15:kernel-default-devel-4.12.14-25.25.1.ppc64le",
            "SUSE Linux Enterprise Module for Basesystem 15:kernel-default-devel-4.12.14-25.25.1.s390x",
            "SUSE Linux Enterprise Module for Basesystem 15:kernel-default-devel-4.12.14-25.25.1.x86_64",
            "SUSE Linux Enterprise Module for Basesystem 15:kernel-default-man-4.12.14-25.25.1.s390x",
            "SUSE Linux Enterprise Module for Basesystem 15:kernel-devel-4.12.14-25.25.1.noarch",
            "SUSE Linux Enterprise Module for Basesystem 15:kernel-macros-4.12.14-25.25.1.noarch",
            "SUSE Linux Enterprise Module for Basesystem 15:kernel-zfcpdump-4.12.14-25.25.1.s390x",
            "SUSE Linux Enterprise Module for Development Tools 15:kernel-docs-4.12.14-25.25.1.noarch",
            "SUSE Linux Enterprise Module for Development Tools 15:kernel-obs-build-4.12.14-25.25.1.aarch64",
            "SUSE Linux Enterprise Module for Development Tools 15:kernel-obs-build-4.12.14-25.25.1.ppc64le",
            "SUSE Linux Enterprise Module for Development Tools 15:kernel-obs-build-4.12.14-25.25.1.s390x",
            "SUSE Linux Enterprise Module for Development Tools 15:kernel-obs-build-4.12.14-25.25.1.x86_64",
            "SUSE Linux Enterprise Module for Development Tools 15:kernel-source-4.12.14-25.25.1.noarch",
            "SUSE Linux Enterprise Module for Development Tools 15:kernel-syms-4.12.14-25.25.1.aarch64",
            "SUSE Linux Enterprise Module for Development Tools 15:kernel-syms-4.12.14-25.25.1.ppc64le",
            "SUSE Linux Enterprise Module for Development Tools 15:kernel-syms-4.12.14-25.25.1.s390x",
            "SUSE Linux Enterprise Module for Development Tools 15:kernel-syms-4.12.14-25.25.1.x86_64",
            "SUSE Linux Enterprise Module for Development Tools 15:kernel-vanilla-base-4.12.14-25.25.1.aarch64",
            "SUSE Linux Enterprise Module for Development Tools 15:kernel-vanilla-base-4.12.14-25.25.1.ppc64le",
            "SUSE Linux Enterprise Module for Development Tools 15:kernel-vanilla-base-4.12.14-25.25.1.s390x",
            "SUSE Linux Enterprise Module for Development Tools 15:kernel-vanilla-base-4.12.14-25.25.1.x86_64",
            "SUSE Linux Enterprise Module for Legacy 15:reiserfs-kmp-default-4.12.14-25.25.1.aarch64",
            "SUSE Linux Enterprise Module for Legacy 15:reiserfs-kmp-default-4.12.14-25.25.1.ppc64le",
            "SUSE Linux Enterprise Module for Legacy 15:reiserfs-kmp-default-4.12.14-25.25.1.s390x",
            "SUSE Linux Enterprise Module for Legacy 15:reiserfs-kmp-default-4.12.14-25.25.1.x86_64",
            "SUSE Linux Enterprise Workstation Extension 15:kernel-default-extra-4.12.14-25.25.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 4.6,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.0/AV:P/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.0"
          },
          "products": [
            "SUSE Linux Enterprise High Availability Extension 15:cluster-md-kmp-default-4.12.14-25.25.1.aarch64",
            "SUSE Linux Enterprise High Availability Extension 15:cluster-md-kmp-default-4.12.14-25.25.1.ppc64le",
            "SUSE Linux Enterprise High Availability Extension 15:cluster-md-kmp-default-4.12.14-25.25.1.s390x",
            "SUSE Linux Enterprise High Availability Extension 15:cluster-md-kmp-default-4.12.14-25.25.1.x86_64",
            "SUSE Linux Enterprise High Availability Extension 15:dlm-kmp-default-4.12.14-25.25.1.aarch64",
            "SUSE Linux Enterprise High Availability Extension 15:dlm-kmp-default-4.12.14-25.25.1.ppc64le",
            "SUSE Linux Enterprise High Availability Extension 15:dlm-kmp-default-4.12.14-25.25.1.s390x",
            "SUSE Linux Enterprise High Availability Extension 15:dlm-kmp-default-4.12.14-25.25.1.x86_64",
            "SUSE Linux Enterprise High Availability Extension 15:gfs2-kmp-default-4.12.14-25.25.1.aarch64",
            "SUSE Linux Enterprise High Availability Extension 15:gfs2-kmp-default-4.12.14-25.25.1.ppc64le",
            "SUSE Linux Enterprise High Availability Extension 15:gfs2-kmp-default-4.12.14-25.25.1.s390x",
            "SUSE Linux Enterprise High Availability Extension 15:gfs2-kmp-default-4.12.14-25.25.1.x86_64",
            "SUSE Linux Enterprise High Availability Extension 15:ocfs2-kmp-default-4.12.14-25.25.1.aarch64",
            "SUSE Linux Enterprise High Availability Extension 15:ocfs2-kmp-default-4.12.14-25.25.1.ppc64le",
            "SUSE Linux Enterprise High Availability Extension 15:ocfs2-kmp-default-4.12.14-25.25.1.s390x",
            "SUSE Linux Enterprise High Availability Extension 15:ocfs2-kmp-default-4.12.14-25.25.1.x86_64",
            "SUSE Linux Enterprise Module for Basesystem 15:kernel-default-4.12.14-25.25.1.aarch64",
            "SUSE Linux Enterprise Module for Basesystem 15:kernel-default-4.12.14-25.25.1.ppc64le",
            "SUSE Linux Enterprise Module for Basesystem 15:kernel-default-4.12.14-25.25.1.s390x",
            "SUSE Linux Enterprise Module for Basesystem 15:kernel-default-4.12.14-25.25.1.x86_64",
            "SUSE Linux Enterprise Module for Basesystem 15:kernel-default-devel-4.12.14-25.25.1.aarch64",
            "SUSE Linux Enterprise Module for Basesystem 15:kernel-default-devel-4.12.14-25.25.1.ppc64le",
            "SUSE Linux Enterprise Module for Basesystem 15:kernel-default-devel-4.12.14-25.25.1.s390x",
            "SUSE Linux Enterprise Module for Basesystem 15:kernel-default-devel-4.12.14-25.25.1.x86_64",
            "SUSE Linux Enterprise Module for Basesystem 15:kernel-default-man-4.12.14-25.25.1.s390x",
            "SUSE Linux Enterprise Module for Basesystem 15:kernel-devel-4.12.14-25.25.1.noarch",
            "SUSE Linux Enterprise Module for Basesystem 15:kernel-macros-4.12.14-25.25.1.noarch",
            "SUSE Linux Enterprise Module for Basesystem 15:kernel-zfcpdump-4.12.14-25.25.1.s390x",
            "SUSE Linux Enterprise Module for Development Tools 15:kernel-docs-4.12.14-25.25.1.noarch",
            "SUSE Linux Enterprise Module for Development Tools 15:kernel-obs-build-4.12.14-25.25.1.aarch64",
            "SUSE Linux Enterprise Module for Development Tools 15:kernel-obs-build-4.12.14-25.25.1.ppc64le",
            "SUSE Linux Enterprise Module for Development Tools 15:kernel-obs-build-4.12.14-25.25.1.s390x",
            "SUSE Linux Enterprise Module for Development Tools 15:kernel-obs-build-4.12.14-25.25.1.x86_64",
            "SUSE Linux Enterprise Module for Development Tools 15:kernel-source-4.12.14-25.25.1.noarch",
            "SUSE Linux Enterprise Module for Development Tools 15:kernel-syms-4.12.14-25.25.1.aarch64",
            "SUSE Linux Enterprise Module for Development Tools 15:kernel-syms-4.12.14-25.25.1.ppc64le",
            "SUSE Linux Enterprise Module for Development Tools 15:kernel-syms-4.12.14-25.25.1.s390x",
            "SUSE Linux Enterprise Module for Development Tools 15:kernel-syms-4.12.14-25.25.1.x86_64",
            "SUSE Linux Enterprise Module for Development Tools 15:kernel-vanilla-base-4.12.14-25.25.1.aarch64",
            "SUSE Linux Enterprise Module for Development Tools 15:kernel-vanilla-base-4.12.14-25.25.1.ppc64le",
            "SUSE Linux Enterprise Module for Development Tools 15:kernel-vanilla-base-4.12.14-25.25.1.s390x",
            "SUSE Linux Enterprise Module for Development Tools 15:kernel-vanilla-base-4.12.14-25.25.1.x86_64",
            "SUSE Linux Enterprise Module for Legacy 15:reiserfs-kmp-default-4.12.14-25.25.1.aarch64",
            "SUSE Linux Enterprise Module for Legacy 15:reiserfs-kmp-default-4.12.14-25.25.1.ppc64le",
            "SUSE Linux Enterprise Module for Legacy 15:reiserfs-kmp-default-4.12.14-25.25.1.s390x",
            "SUSE Linux Enterprise Module for Legacy 15:reiserfs-kmp-default-4.12.14-25.25.1.x86_64",
            "SUSE Linux Enterprise Workstation Extension 15:kernel-default-extra-4.12.14-25.25.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2018-10-31T13:44:41Z",
          "details": "moderate"
        }
      ],
      "title": "CVE-2017-16533"
    },
    {
      "cve": "CVE-2017-18224",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2017-18224"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "In the Linux kernel before 4.15, fs/ocfs2/aops.c omits use of a semaphore and consequently has a race condition for access to the extent tree during read operations in DIRECT mode, which allows local users to cause a denial of service (BUG) by modifying a certain e_cpos field.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "SUSE Linux Enterprise High Availability Extension 15:cluster-md-kmp-default-4.12.14-25.25.1.aarch64",
          "SUSE Linux Enterprise High Availability Extension 15:cluster-md-kmp-default-4.12.14-25.25.1.ppc64le",
          "SUSE Linux Enterprise High Availability Extension 15:cluster-md-kmp-default-4.12.14-25.25.1.s390x",
          "SUSE Linux Enterprise High Availability Extension 15:cluster-md-kmp-default-4.12.14-25.25.1.x86_64",
          "SUSE Linux Enterprise High Availability Extension 15:dlm-kmp-default-4.12.14-25.25.1.aarch64",
          "SUSE Linux Enterprise High Availability Extension 15:dlm-kmp-default-4.12.14-25.25.1.ppc64le",
          "SUSE Linux Enterprise High Availability Extension 15:dlm-kmp-default-4.12.14-25.25.1.s390x",
          "SUSE Linux Enterprise High Availability Extension 15:dlm-kmp-default-4.12.14-25.25.1.x86_64",
          "SUSE Linux Enterprise High Availability Extension 15:gfs2-kmp-default-4.12.14-25.25.1.aarch64",
          "SUSE Linux Enterprise High Availability Extension 15:gfs2-kmp-default-4.12.14-25.25.1.ppc64le",
          "SUSE Linux Enterprise High Availability Extension 15:gfs2-kmp-default-4.12.14-25.25.1.s390x",
          "SUSE Linux Enterprise High Availability Extension 15:gfs2-kmp-default-4.12.14-25.25.1.x86_64",
          "SUSE Linux Enterprise High Availability Extension 15:ocfs2-kmp-default-4.12.14-25.25.1.aarch64",
          "SUSE Linux Enterprise High Availability Extension 15:ocfs2-kmp-default-4.12.14-25.25.1.ppc64le",
          "SUSE Linux Enterprise High Availability Extension 15:ocfs2-kmp-default-4.12.14-25.25.1.s390x",
          "SUSE Linux Enterprise High Availability Extension 15:ocfs2-kmp-default-4.12.14-25.25.1.x86_64",
          "SUSE Linux Enterprise Module for Basesystem 15:kernel-default-4.12.14-25.25.1.aarch64",
          "SUSE Linux Enterprise Module for Basesystem 15:kernel-default-4.12.14-25.25.1.ppc64le",
          "SUSE Linux Enterprise Module for Basesystem 15:kernel-default-4.12.14-25.25.1.s390x",
          "SUSE Linux Enterprise Module for Basesystem 15:kernel-default-4.12.14-25.25.1.x86_64",
          "SUSE Linux Enterprise Module for Basesystem 15:kernel-default-devel-4.12.14-25.25.1.aarch64",
          "SUSE Linux Enterprise Module for Basesystem 15:kernel-default-devel-4.12.14-25.25.1.ppc64le",
          "SUSE Linux Enterprise Module for Basesystem 15:kernel-default-devel-4.12.14-25.25.1.s390x",
          "SUSE Linux Enterprise Module for Basesystem 15:kernel-default-devel-4.12.14-25.25.1.x86_64",
          "SUSE Linux Enterprise Module for Basesystem 15:kernel-default-man-4.12.14-25.25.1.s390x",
          "SUSE Linux Enterprise Module for Basesystem 15:kernel-devel-4.12.14-25.25.1.noarch",
          "SUSE Linux Enterprise Module for Basesystem 15:kernel-macros-4.12.14-25.25.1.noarch",
          "SUSE Linux Enterprise Module for Basesystem 15:kernel-zfcpdump-4.12.14-25.25.1.s390x",
          "SUSE Linux Enterprise Module for Development Tools 15:kernel-docs-4.12.14-25.25.1.noarch",
          "SUSE Linux Enterprise Module for Development Tools 15:kernel-obs-build-4.12.14-25.25.1.aarch64",
          "SUSE Linux Enterprise Module for Development Tools 15:kernel-obs-build-4.12.14-25.25.1.ppc64le",
          "SUSE Linux Enterprise Module for Development Tools 15:kernel-obs-build-4.12.14-25.25.1.s390x",
          "SUSE Linux Enterprise Module for Development Tools 15:kernel-obs-build-4.12.14-25.25.1.x86_64",
          "SUSE Linux Enterprise Module for Development Tools 15:kernel-source-4.12.14-25.25.1.noarch",
          "SUSE Linux Enterprise Module for Development Tools 15:kernel-syms-4.12.14-25.25.1.aarch64",
          "SUSE Linux Enterprise Module for Development Tools 15:kernel-syms-4.12.14-25.25.1.ppc64le",
          "SUSE Linux Enterprise Module for Development Tools 15:kernel-syms-4.12.14-25.25.1.s390x",
          "SUSE Linux Enterprise Module for Development Tools 15:kernel-syms-4.12.14-25.25.1.x86_64",
          "SUSE Linux Enterprise Module for Development Tools 15:kernel-vanilla-base-4.12.14-25.25.1.aarch64",
          "SUSE Linux Enterprise Module for Development Tools 15:kernel-vanilla-base-4.12.14-25.25.1.ppc64le",
          "SUSE Linux Enterprise Module for Development Tools 15:kernel-vanilla-base-4.12.14-25.25.1.s390x",
          "SUSE Linux Enterprise Module for Development Tools 15:kernel-vanilla-base-4.12.14-25.25.1.x86_64",
          "SUSE Linux Enterprise Module for Legacy 15:reiserfs-kmp-default-4.12.14-25.25.1.aarch64",
          "SUSE Linux Enterprise Module for Legacy 15:reiserfs-kmp-default-4.12.14-25.25.1.ppc64le",
          "SUSE Linux Enterprise Module for Legacy 15:reiserfs-kmp-default-4.12.14-25.25.1.s390x",
          "SUSE Linux Enterprise Module for Legacy 15:reiserfs-kmp-default-4.12.14-25.25.1.x86_64",
          "SUSE Linux Enterprise Workstation Extension 15:kernel-default-extra-4.12.14-25.25.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2017-18224",
          "url": "https://www.suse.com/security/cve/CVE-2017-18224"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1084831 for CVE-2017-18224",
          "url": "https://bugzilla.suse.com/1084831"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "SUSE Linux Enterprise High Availability Extension 15:cluster-md-kmp-default-4.12.14-25.25.1.aarch64",
            "SUSE Linux Enterprise High Availability Extension 15:cluster-md-kmp-default-4.12.14-25.25.1.ppc64le",
            "SUSE Linux Enterprise High Availability Extension 15:cluster-md-kmp-default-4.12.14-25.25.1.s390x",
            "SUSE Linux Enterprise High Availability Extension 15:cluster-md-kmp-default-4.12.14-25.25.1.x86_64",
            "SUSE Linux Enterprise High Availability Extension 15:dlm-kmp-default-4.12.14-25.25.1.aarch64",
            "SUSE Linux Enterprise High Availability Extension 15:dlm-kmp-default-4.12.14-25.25.1.ppc64le",
            "SUSE Linux Enterprise High Availability Extension 15:dlm-kmp-default-4.12.14-25.25.1.s390x",
            "SUSE Linux Enterprise High Availability Extension 15:dlm-kmp-default-4.12.14-25.25.1.x86_64",
            "SUSE Linux Enterprise High Availability Extension 15:gfs2-kmp-default-4.12.14-25.25.1.aarch64",
            "SUSE Linux Enterprise High Availability Extension 15:gfs2-kmp-default-4.12.14-25.25.1.ppc64le",
            "SUSE Linux Enterprise High Availability Extension 15:gfs2-kmp-default-4.12.14-25.25.1.s390x",
            "SUSE Linux Enterprise High Availability Extension 15:gfs2-kmp-default-4.12.14-25.25.1.x86_64",
            "SUSE Linux Enterprise High Availability Extension 15:ocfs2-kmp-default-4.12.14-25.25.1.aarch64",
            "SUSE Linux Enterprise High Availability Extension 15:ocfs2-kmp-default-4.12.14-25.25.1.ppc64le",
            "SUSE Linux Enterprise High Availability Extension 15:ocfs2-kmp-default-4.12.14-25.25.1.s390x",
            "SUSE Linux Enterprise High Availability Extension 15:ocfs2-kmp-default-4.12.14-25.25.1.x86_64",
            "SUSE Linux Enterprise Module for Basesystem 15:kernel-default-4.12.14-25.25.1.aarch64",
            "SUSE Linux Enterprise Module for Basesystem 15:kernel-default-4.12.14-25.25.1.ppc64le",
            "SUSE Linux Enterprise Module for Basesystem 15:kernel-default-4.12.14-25.25.1.s390x",
            "SUSE Linux Enterprise Module for Basesystem 15:kernel-default-4.12.14-25.25.1.x86_64",
            "SUSE Linux Enterprise Module for Basesystem 15:kernel-default-devel-4.12.14-25.25.1.aarch64",
            "SUSE Linux Enterprise Module for Basesystem 15:kernel-default-devel-4.12.14-25.25.1.ppc64le",
            "SUSE Linux Enterprise Module for Basesystem 15:kernel-default-devel-4.12.14-25.25.1.s390x",
            "SUSE Linux Enterprise Module for Basesystem 15:kernel-default-devel-4.12.14-25.25.1.x86_64",
            "SUSE Linux Enterprise Module for Basesystem 15:kernel-default-man-4.12.14-25.25.1.s390x",
            "SUSE Linux Enterprise Module for Basesystem 15:kernel-devel-4.12.14-25.25.1.noarch",
            "SUSE Linux Enterprise Module for Basesystem 15:kernel-macros-4.12.14-25.25.1.noarch",
            "SUSE Linux Enterprise Module for Basesystem 15:kernel-zfcpdump-4.12.14-25.25.1.s390x",
            "SUSE Linux Enterprise Module for Development Tools 15:kernel-docs-4.12.14-25.25.1.noarch",
            "SUSE Linux Enterprise Module for Development Tools 15:kernel-obs-build-4.12.14-25.25.1.aarch64",
            "SUSE Linux Enterprise Module for Development Tools 15:kernel-obs-build-4.12.14-25.25.1.ppc64le",
            "SUSE Linux Enterprise Module for Development Tools 15:kernel-obs-build-4.12.14-25.25.1.s390x",
            "SUSE Linux Enterprise Module for Development Tools 15:kernel-obs-build-4.12.14-25.25.1.x86_64",
            "SUSE Linux Enterprise Module for Development Tools 15:kernel-source-4.12.14-25.25.1.noarch",
            "SUSE Linux Enterprise Module for Development Tools 15:kernel-syms-4.12.14-25.25.1.aarch64",
            "SUSE Linux Enterprise Module for Development Tools 15:kernel-syms-4.12.14-25.25.1.ppc64le",
            "SUSE Linux Enterprise Module for Development Tools 15:kernel-syms-4.12.14-25.25.1.s390x",
            "SUSE Linux Enterprise Module for Development Tools 15:kernel-syms-4.12.14-25.25.1.x86_64",
            "SUSE Linux Enterprise Module for Development Tools 15:kernel-vanilla-base-4.12.14-25.25.1.aarch64",
            "SUSE Linux Enterprise Module for Development Tools 15:kernel-vanilla-base-4.12.14-25.25.1.ppc64le",
            "SUSE Linux Enterprise Module for Development Tools 15:kernel-vanilla-base-4.12.14-25.25.1.s390x",
            "SUSE Linux Enterprise Module for Development Tools 15:kernel-vanilla-base-4.12.14-25.25.1.x86_64",
            "SUSE Linux Enterprise Module for Legacy 15:reiserfs-kmp-default-4.12.14-25.25.1.aarch64",
            "SUSE Linux Enterprise Module for Legacy 15:reiserfs-kmp-default-4.12.14-25.25.1.ppc64le",
            "SUSE Linux Enterprise Module for Legacy 15:reiserfs-kmp-default-4.12.14-25.25.1.s390x",
            "SUSE Linux Enterprise Module for Legacy 15:reiserfs-kmp-default-4.12.14-25.25.1.x86_64",
            "SUSE Linux Enterprise Workstation Extension 15:kernel-default-extra-4.12.14-25.25.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 4.7,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.0"
          },
          "products": [
            "SUSE Linux Enterprise High Availability Extension 15:cluster-md-kmp-default-4.12.14-25.25.1.aarch64",
            "SUSE Linux Enterprise High Availability Extension 15:cluster-md-kmp-default-4.12.14-25.25.1.ppc64le",
            "SUSE Linux Enterprise High Availability Extension 15:cluster-md-kmp-default-4.12.14-25.25.1.s390x",
            "SUSE Linux Enterprise High Availability Extension 15:cluster-md-kmp-default-4.12.14-25.25.1.x86_64",
            "SUSE Linux Enterprise High Availability Extension 15:dlm-kmp-default-4.12.14-25.25.1.aarch64",
            "SUSE Linux Enterprise High Availability Extension 15:dlm-kmp-default-4.12.14-25.25.1.ppc64le",
            "SUSE Linux Enterprise High Availability Extension 15:dlm-kmp-default-4.12.14-25.25.1.s390x",
            "SUSE Linux Enterprise High Availability Extension 15:dlm-kmp-default-4.12.14-25.25.1.x86_64",
            "SUSE Linux Enterprise High Availability Extension 15:gfs2-kmp-default-4.12.14-25.25.1.aarch64",
            "SUSE Linux Enterprise High Availability Extension 15:gfs2-kmp-default-4.12.14-25.25.1.ppc64le",
            "SUSE Linux Enterprise High Availability Extension 15:gfs2-kmp-default-4.12.14-25.25.1.s390x",
            "SUSE Linux Enterprise High Availability Extension 15:gfs2-kmp-default-4.12.14-25.25.1.x86_64",
            "SUSE Linux Enterprise High Availability Extension 15:ocfs2-kmp-default-4.12.14-25.25.1.aarch64",
            "SUSE Linux Enterprise High Availability Extension 15:ocfs2-kmp-default-4.12.14-25.25.1.ppc64le",
            "SUSE Linux Enterprise High Availability Extension 15:ocfs2-kmp-default-4.12.14-25.25.1.s390x",
            "SUSE Linux Enterprise High Availability Extension 15:ocfs2-kmp-default-4.12.14-25.25.1.x86_64",
            "SUSE Linux Enterprise Module for Basesystem 15:kernel-default-4.12.14-25.25.1.aarch64",
            "SUSE Linux Enterprise Module for Basesystem 15:kernel-default-4.12.14-25.25.1.ppc64le",
            "SUSE Linux Enterprise Module for Basesystem 15:kernel-default-4.12.14-25.25.1.s390x",
            "SUSE Linux Enterprise Module for Basesystem 15:kernel-default-4.12.14-25.25.1.x86_64",
            "SUSE Linux Enterprise Module for Basesystem 15:kernel-default-devel-4.12.14-25.25.1.aarch64",
            "SUSE Linux Enterprise Module for Basesystem 15:kernel-default-devel-4.12.14-25.25.1.ppc64le",
            "SUSE Linux Enterprise Module for Basesystem 15:kernel-default-devel-4.12.14-25.25.1.s390x",
            "SUSE Linux Enterprise Module for Basesystem 15:kernel-default-devel-4.12.14-25.25.1.x86_64",
            "SUSE Linux Enterprise Module for Basesystem 15:kernel-default-man-4.12.14-25.25.1.s390x",
            "SUSE Linux Enterprise Module for Basesystem 15:kernel-devel-4.12.14-25.25.1.noarch",
            "SUSE Linux Enterprise Module for Basesystem 15:kernel-macros-4.12.14-25.25.1.noarch",
            "SUSE Linux Enterprise Module for Basesystem 15:kernel-zfcpdump-4.12.14-25.25.1.s390x",
            "SUSE Linux Enterprise Module for Development Tools 15:kernel-docs-4.12.14-25.25.1.noarch",
            "SUSE Linux Enterprise Module for Development Tools 15:kernel-obs-build-4.12.14-25.25.1.aarch64",
            "SUSE Linux Enterprise Module for Development Tools 15:kernel-obs-build-4.12.14-25.25.1.ppc64le",
            "SUSE Linux Enterprise Module for Development Tools 15:kernel-obs-build-4.12.14-25.25.1.s390x",
            "SUSE Linux Enterprise Module for Development Tools 15:kernel-obs-build-4.12.14-25.25.1.x86_64",
            "SUSE Linux Enterprise Module for Development Tools 15:kernel-source-4.12.14-25.25.1.noarch",
            "SUSE Linux Enterprise Module for Development Tools 15:kernel-syms-4.12.14-25.25.1.aarch64",
            "SUSE Linux Enterprise Module for Development Tools 15:kernel-syms-4.12.14-25.25.1.ppc64le",
            "SUSE Linux Enterprise Module for Development Tools 15:kernel-syms-4.12.14-25.25.1.s390x",
            "SUSE Linux Enterprise Module for Development Tools 15:kernel-syms-4.12.14-25.25.1.x86_64",
            "SUSE Linux Enterprise Module for Development Tools 15:kernel-vanilla-base-4.12.14-25.25.1.aarch64",
            "SUSE Linux Enterprise Module for Development Tools 15:kernel-vanilla-base-4.12.14-25.25.1.ppc64le",
            "SUSE Linux Enterprise Module for Development Tools 15:kernel-vanilla-base-4.12.14-25.25.1.s390x",
            "SUSE Linux Enterprise Module for Development Tools 15:kernel-vanilla-base-4.12.14-25.25.1.x86_64",
            "SUSE Linux Enterprise Module for Legacy 15:reiserfs-kmp-default-4.12.14-25.25.1.aarch64",
            "SUSE Linux Enterprise Module for Legacy 15:reiserfs-kmp-default-4.12.14-25.25.1.ppc64le",
            "SUSE Linux Enterprise Module for Legacy 15:reiserfs-kmp-default-4.12.14-25.25.1.s390x",
            "SUSE Linux Enterprise Module for Legacy 15:reiserfs-kmp-default-4.12.14-25.25.1.x86_64",
            "SUSE Linux Enterprise Workstation Extension 15:kernel-default-extra-4.12.14-25.25.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2018-10-31T13:44:41Z",
          "details": "moderate"
        }
      ],
      "title": "CVE-2017-18224"
    },
    {
      "cve": "CVE-2018-18386",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2018-18386"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "drivers/tty/n_tty.c in the Linux kernel before 4.14.11 allows local attackers (who are able to access pseudo terminals) to hang/block further usage of any pseudo terminal devices due to an EXTPROC versus ICANON confusion in TIOCINQ.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "SUSE Linux Enterprise High Availability Extension 15:cluster-md-kmp-default-4.12.14-25.25.1.aarch64",
          "SUSE Linux Enterprise High Availability Extension 15:cluster-md-kmp-default-4.12.14-25.25.1.ppc64le",
          "SUSE Linux Enterprise High Availability Extension 15:cluster-md-kmp-default-4.12.14-25.25.1.s390x",
          "SUSE Linux Enterprise High Availability Extension 15:cluster-md-kmp-default-4.12.14-25.25.1.x86_64",
          "SUSE Linux Enterprise High Availability Extension 15:dlm-kmp-default-4.12.14-25.25.1.aarch64",
          "SUSE Linux Enterprise High Availability Extension 15:dlm-kmp-default-4.12.14-25.25.1.ppc64le",
          "SUSE Linux Enterprise High Availability Extension 15:dlm-kmp-default-4.12.14-25.25.1.s390x",
          "SUSE Linux Enterprise High Availability Extension 15:dlm-kmp-default-4.12.14-25.25.1.x86_64",
          "SUSE Linux Enterprise High Availability Extension 15:gfs2-kmp-default-4.12.14-25.25.1.aarch64",
          "SUSE Linux Enterprise High Availability Extension 15:gfs2-kmp-default-4.12.14-25.25.1.ppc64le",
          "SUSE Linux Enterprise High Availability Extension 15:gfs2-kmp-default-4.12.14-25.25.1.s390x",
          "SUSE Linux Enterprise High Availability Extension 15:gfs2-kmp-default-4.12.14-25.25.1.x86_64",
          "SUSE Linux Enterprise High Availability Extension 15:ocfs2-kmp-default-4.12.14-25.25.1.aarch64",
          "SUSE Linux Enterprise High Availability Extension 15:ocfs2-kmp-default-4.12.14-25.25.1.ppc64le",
          "SUSE Linux Enterprise High Availability Extension 15:ocfs2-kmp-default-4.12.14-25.25.1.s390x",
          "SUSE Linux Enterprise High Availability Extension 15:ocfs2-kmp-default-4.12.14-25.25.1.x86_64",
          "SUSE Linux Enterprise Module for Basesystem 15:kernel-default-4.12.14-25.25.1.aarch64",
          "SUSE Linux Enterprise Module for Basesystem 15:kernel-default-4.12.14-25.25.1.ppc64le",
          "SUSE Linux Enterprise Module for Basesystem 15:kernel-default-4.12.14-25.25.1.s390x",
          "SUSE Linux Enterprise Module for Basesystem 15:kernel-default-4.12.14-25.25.1.x86_64",
          "SUSE Linux Enterprise Module for Basesystem 15:kernel-default-devel-4.12.14-25.25.1.aarch64",
          "SUSE Linux Enterprise Module for Basesystem 15:kernel-default-devel-4.12.14-25.25.1.ppc64le",
          "SUSE Linux Enterprise Module for Basesystem 15:kernel-default-devel-4.12.14-25.25.1.s390x",
          "SUSE Linux Enterprise Module for Basesystem 15:kernel-default-devel-4.12.14-25.25.1.x86_64",
          "SUSE Linux Enterprise Module for Basesystem 15:kernel-default-man-4.12.14-25.25.1.s390x",
          "SUSE Linux Enterprise Module for Basesystem 15:kernel-devel-4.12.14-25.25.1.noarch",
          "SUSE Linux Enterprise Module for Basesystem 15:kernel-macros-4.12.14-25.25.1.noarch",
          "SUSE Linux Enterprise Module for Basesystem 15:kernel-zfcpdump-4.12.14-25.25.1.s390x",
          "SUSE Linux Enterprise Module for Development Tools 15:kernel-docs-4.12.14-25.25.1.noarch",
          "SUSE Linux Enterprise Module for Development Tools 15:kernel-obs-build-4.12.14-25.25.1.aarch64",
          "SUSE Linux Enterprise Module for Development Tools 15:kernel-obs-build-4.12.14-25.25.1.ppc64le",
          "SUSE Linux Enterprise Module for Development Tools 15:kernel-obs-build-4.12.14-25.25.1.s390x",
          "SUSE Linux Enterprise Module for Development Tools 15:kernel-obs-build-4.12.14-25.25.1.x86_64",
          "SUSE Linux Enterprise Module for Development Tools 15:kernel-source-4.12.14-25.25.1.noarch",
          "SUSE Linux Enterprise Module for Development Tools 15:kernel-syms-4.12.14-25.25.1.aarch64",
          "SUSE Linux Enterprise Module for Development Tools 15:kernel-syms-4.12.14-25.25.1.ppc64le",
          "SUSE Linux Enterprise Module for Development Tools 15:kernel-syms-4.12.14-25.25.1.s390x",
          "SUSE Linux Enterprise Module for Development Tools 15:kernel-syms-4.12.14-25.25.1.x86_64",
          "SUSE Linux Enterprise Module for Development Tools 15:kernel-vanilla-base-4.12.14-25.25.1.aarch64",
          "SUSE Linux Enterprise Module for Development Tools 15:kernel-vanilla-base-4.12.14-25.25.1.ppc64le",
          "SUSE Linux Enterprise Module for Development Tools 15:kernel-vanilla-base-4.12.14-25.25.1.s390x",
          "SUSE Linux Enterprise Module for Development Tools 15:kernel-vanilla-base-4.12.14-25.25.1.x86_64",
          "SUSE Linux Enterprise Module for Legacy 15:reiserfs-kmp-default-4.12.14-25.25.1.aarch64",
          "SUSE Linux Enterprise Module for Legacy 15:reiserfs-kmp-default-4.12.14-25.25.1.ppc64le",
          "SUSE Linux Enterprise Module for Legacy 15:reiserfs-kmp-default-4.12.14-25.25.1.s390x",
          "SUSE Linux Enterprise Module for Legacy 15:reiserfs-kmp-default-4.12.14-25.25.1.x86_64",
          "SUSE Linux Enterprise Workstation Extension 15:kernel-default-extra-4.12.14-25.25.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2018-18386",
          "url": "https://www.suse.com/security/cve/CVE-2018-18386"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1094825 for CVE-2018-18386",
          "url": "https://bugzilla.suse.com/1094825"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1112039 for CVE-2018-18386",
          "url": "https://bugzilla.suse.com/1112039"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "SUSE Linux Enterprise High Availability Extension 15:cluster-md-kmp-default-4.12.14-25.25.1.aarch64",
            "SUSE Linux Enterprise High Availability Extension 15:cluster-md-kmp-default-4.12.14-25.25.1.ppc64le",
            "SUSE Linux Enterprise High Availability Extension 15:cluster-md-kmp-default-4.12.14-25.25.1.s390x",
            "SUSE Linux Enterprise High Availability Extension 15:cluster-md-kmp-default-4.12.14-25.25.1.x86_64",
            "SUSE Linux Enterprise High Availability Extension 15:dlm-kmp-default-4.12.14-25.25.1.aarch64",
            "SUSE Linux Enterprise High Availability Extension 15:dlm-kmp-default-4.12.14-25.25.1.ppc64le",
            "SUSE Linux Enterprise High Availability Extension 15:dlm-kmp-default-4.12.14-25.25.1.s390x",
            "SUSE Linux Enterprise High Availability Extension 15:dlm-kmp-default-4.12.14-25.25.1.x86_64",
            "SUSE Linux Enterprise High Availability Extension 15:gfs2-kmp-default-4.12.14-25.25.1.aarch64",
            "SUSE Linux Enterprise High Availability Extension 15:gfs2-kmp-default-4.12.14-25.25.1.ppc64le",
            "SUSE Linux Enterprise High Availability Extension 15:gfs2-kmp-default-4.12.14-25.25.1.s390x",
            "SUSE Linux Enterprise High Availability Extension 15:gfs2-kmp-default-4.12.14-25.25.1.x86_64",
            "SUSE Linux Enterprise High Availability Extension 15:ocfs2-kmp-default-4.12.14-25.25.1.aarch64",
            "SUSE Linux Enterprise High Availability Extension 15:ocfs2-kmp-default-4.12.14-25.25.1.ppc64le",
            "SUSE Linux Enterprise High Availability Extension 15:ocfs2-kmp-default-4.12.14-25.25.1.s390x",
            "SUSE Linux Enterprise High Availability Extension 15:ocfs2-kmp-default-4.12.14-25.25.1.x86_64",
            "SUSE Linux Enterprise Module for Basesystem 15:kernel-default-4.12.14-25.25.1.aarch64",
            "SUSE Linux Enterprise Module for Basesystem 15:kernel-default-4.12.14-25.25.1.ppc64le",
            "SUSE Linux Enterprise Module for Basesystem 15:kernel-default-4.12.14-25.25.1.s390x",
            "SUSE Linux Enterprise Module for Basesystem 15:kernel-default-4.12.14-25.25.1.x86_64",
            "SUSE Linux Enterprise Module for Basesystem 15:kernel-default-devel-4.12.14-25.25.1.aarch64",
            "SUSE Linux Enterprise Module for Basesystem 15:kernel-default-devel-4.12.14-25.25.1.ppc64le",
            "SUSE Linux Enterprise Module for Basesystem 15:kernel-default-devel-4.12.14-25.25.1.s390x",
            "SUSE Linux Enterprise Module for Basesystem 15:kernel-default-devel-4.12.14-25.25.1.x86_64",
            "SUSE Linux Enterprise Module for Basesystem 15:kernel-default-man-4.12.14-25.25.1.s390x",
            "SUSE Linux Enterprise Module for Basesystem 15:kernel-devel-4.12.14-25.25.1.noarch",
            "SUSE Linux Enterprise Module for Basesystem 15:kernel-macros-4.12.14-25.25.1.noarch",
            "SUSE Linux Enterprise Module for Basesystem 15:kernel-zfcpdump-4.12.14-25.25.1.s390x",
            "SUSE Linux Enterprise Module for Development Tools 15:kernel-docs-4.12.14-25.25.1.noarch",
            "SUSE Linux Enterprise Module for Development Tools 15:kernel-obs-build-4.12.14-25.25.1.aarch64",
            "SUSE Linux Enterprise Module for Development Tools 15:kernel-obs-build-4.12.14-25.25.1.ppc64le",
            "SUSE Linux Enterprise Module for Development Tools 15:kernel-obs-build-4.12.14-25.25.1.s390x",
            "SUSE Linux Enterprise Module for Development Tools 15:kernel-obs-build-4.12.14-25.25.1.x86_64",
            "SUSE Linux Enterprise Module for Development Tools 15:kernel-source-4.12.14-25.25.1.noarch",
            "SUSE Linux Enterprise Module for Development Tools 15:kernel-syms-4.12.14-25.25.1.aarch64",
            "SUSE Linux Enterprise Module for Development Tools 15:kernel-syms-4.12.14-25.25.1.ppc64le",
            "SUSE Linux Enterprise Module for Development Tools 15:kernel-syms-4.12.14-25.25.1.s390x",
            "SUSE Linux Enterprise Module for Development Tools 15:kernel-syms-4.12.14-25.25.1.x86_64",
            "SUSE Linux Enterprise Module for Development Tools 15:kernel-vanilla-base-4.12.14-25.25.1.aarch64",
            "SUSE Linux Enterprise Module for Development Tools 15:kernel-vanilla-base-4.12.14-25.25.1.ppc64le",
            "SUSE Linux Enterprise Module for Development Tools 15:kernel-vanilla-base-4.12.14-25.25.1.s390x",
            "SUSE Linux Enterprise Module for Development Tools 15:kernel-vanilla-base-4.12.14-25.25.1.x86_64",
            "SUSE Linux Enterprise Module for Legacy 15:reiserfs-kmp-default-4.12.14-25.25.1.aarch64",
            "SUSE Linux Enterprise Module for Legacy 15:reiserfs-kmp-default-4.12.14-25.25.1.ppc64le",
            "SUSE Linux Enterprise Module for Legacy 15:reiserfs-kmp-default-4.12.14-25.25.1.s390x",
            "SUSE Linux Enterprise Module for Legacy 15:reiserfs-kmp-default-4.12.14-25.25.1.x86_64",
            "SUSE Linux Enterprise Workstation Extension 15:kernel-default-extra-4.12.14-25.25.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 6.2,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.0"
          },
          "products": [
            "SUSE Linux Enterprise High Availability Extension 15:cluster-md-kmp-default-4.12.14-25.25.1.aarch64",
            "SUSE Linux Enterprise High Availability Extension 15:cluster-md-kmp-default-4.12.14-25.25.1.ppc64le",
            "SUSE Linux Enterprise High Availability Extension 15:cluster-md-kmp-default-4.12.14-25.25.1.s390x",
            "SUSE Linux Enterprise High Availability Extension 15:cluster-md-kmp-default-4.12.14-25.25.1.x86_64",
            "SUSE Linux Enterprise High Availability Extension 15:dlm-kmp-default-4.12.14-25.25.1.aarch64",
            "SUSE Linux Enterprise High Availability Extension 15:dlm-kmp-default-4.12.14-25.25.1.ppc64le",
            "SUSE Linux Enterprise High Availability Extension 15:dlm-kmp-default-4.12.14-25.25.1.s390x",
            "SUSE Linux Enterprise High Availability Extension 15:dlm-kmp-default-4.12.14-25.25.1.x86_64",
            "SUSE Linux Enterprise High Availability Extension 15:gfs2-kmp-default-4.12.14-25.25.1.aarch64",
            "SUSE Linux Enterprise High Availability Extension 15:gfs2-kmp-default-4.12.14-25.25.1.ppc64le",
            "SUSE Linux Enterprise High Availability Extension 15:gfs2-kmp-default-4.12.14-25.25.1.s390x",
            "SUSE Linux Enterprise High Availability Extension 15:gfs2-kmp-default-4.12.14-25.25.1.x86_64",
            "SUSE Linux Enterprise High Availability Extension 15:ocfs2-kmp-default-4.12.14-25.25.1.aarch64",
            "SUSE Linux Enterprise High Availability Extension 15:ocfs2-kmp-default-4.12.14-25.25.1.ppc64le",
            "SUSE Linux Enterprise High Availability Extension 15:ocfs2-kmp-default-4.12.14-25.25.1.s390x",
            "SUSE Linux Enterprise High Availability Extension 15:ocfs2-kmp-default-4.12.14-25.25.1.x86_64",
            "SUSE Linux Enterprise Module for Basesystem 15:kernel-default-4.12.14-25.25.1.aarch64",
            "SUSE Linux Enterprise Module for Basesystem 15:kernel-default-4.12.14-25.25.1.ppc64le",
            "SUSE Linux Enterprise Module for Basesystem 15:kernel-default-4.12.14-25.25.1.s390x",
            "SUSE Linux Enterprise Module for Basesystem 15:kernel-default-4.12.14-25.25.1.x86_64",
            "SUSE Linux Enterprise Module for Basesystem 15:kernel-default-devel-4.12.14-25.25.1.aarch64",
            "SUSE Linux Enterprise Module for Basesystem 15:kernel-default-devel-4.12.14-25.25.1.ppc64le",
            "SUSE Linux Enterprise Module for Basesystem 15:kernel-default-devel-4.12.14-25.25.1.s390x",
            "SUSE Linux Enterprise Module for Basesystem 15:kernel-default-devel-4.12.14-25.25.1.x86_64",
            "SUSE Linux Enterprise Module for Basesystem 15:kernel-default-man-4.12.14-25.25.1.s390x",
            "SUSE Linux Enterprise Module for Basesystem 15:kernel-devel-4.12.14-25.25.1.noarch",
            "SUSE Linux Enterprise Module for Basesystem 15:kernel-macros-4.12.14-25.25.1.noarch",
            "SUSE Linux Enterprise Module for Basesystem 15:kernel-zfcpdump-4.12.14-25.25.1.s390x",
            "SUSE Linux Enterprise Module for Development Tools 15:kernel-docs-4.12.14-25.25.1.noarch",
            "SUSE Linux Enterprise Module for Development Tools 15:kernel-obs-build-4.12.14-25.25.1.aarch64",
            "SUSE Linux Enterprise Module for Development Tools 15:kernel-obs-build-4.12.14-25.25.1.ppc64le",
            "SUSE Linux Enterprise Module for Development Tools 15:kernel-obs-build-4.12.14-25.25.1.s390x",
            "SUSE Linux Enterprise Module for Development Tools 15:kernel-obs-build-4.12.14-25.25.1.x86_64",
            "SUSE Linux Enterprise Module for Development Tools 15:kernel-source-4.12.14-25.25.1.noarch",
            "SUSE Linux Enterprise Module for Development Tools 15:kernel-syms-4.12.14-25.25.1.aarch64",
            "SUSE Linux Enterprise Module for Development Tools 15:kernel-syms-4.12.14-25.25.1.ppc64le",
            "SUSE Linux Enterprise Module for Development Tools 15:kernel-syms-4.12.14-25.25.1.s390x",
            "SUSE Linux Enterprise Module for Development Tools 15:kernel-syms-4.12.14-25.25.1.x86_64",
            "SUSE Linux Enterprise Module for Development Tools 15:kernel-vanilla-base-4.12.14-25.25.1.aarch64",
            "SUSE Linux Enterprise Module for Development Tools 15:kernel-vanilla-base-4.12.14-25.25.1.ppc64le",
            "SUSE Linux Enterprise Module for Development Tools 15:kernel-vanilla-base-4.12.14-25.25.1.s390x",
            "SUSE Linux Enterprise Module for Development Tools 15:kernel-vanilla-base-4.12.14-25.25.1.x86_64",
            "SUSE Linux Enterprise Module for Legacy 15:reiserfs-kmp-default-4.12.14-25.25.1.aarch64",
            "SUSE Linux Enterprise Module for Legacy 15:reiserfs-kmp-default-4.12.14-25.25.1.ppc64le",
            "SUSE Linux Enterprise Module for Legacy 15:reiserfs-kmp-default-4.12.14-25.25.1.s390x",
            "SUSE Linux Enterprise Module for Legacy 15:reiserfs-kmp-default-4.12.14-25.25.1.x86_64",
            "SUSE Linux Enterprise Workstation Extension 15:kernel-default-extra-4.12.14-25.25.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2018-10-31T13:44:41Z",
          "details": "moderate"
        }
      ],
      "title": "CVE-2018-18386"
    },
    {
      "cve": "CVE-2018-18445",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2018-18445"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "In the Linux kernel 4.14.x, 4.15.x, 4.16.x, 4.17.x, and 4.18.x before 4.18.13, faulty computation of numeric bounds in the BPF verifier permits out-of-bounds memory accesses because adjust_scalar_min_max_vals in kernel/bpf/verifier.c mishandles 32-bit right shifts.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "SUSE Linux Enterprise High Availability Extension 15:cluster-md-kmp-default-4.12.14-25.25.1.aarch64",
          "SUSE Linux Enterprise High Availability Extension 15:cluster-md-kmp-default-4.12.14-25.25.1.ppc64le",
          "SUSE Linux Enterprise High Availability Extension 15:cluster-md-kmp-default-4.12.14-25.25.1.s390x",
          "SUSE Linux Enterprise High Availability Extension 15:cluster-md-kmp-default-4.12.14-25.25.1.x86_64",
          "SUSE Linux Enterprise High Availability Extension 15:dlm-kmp-default-4.12.14-25.25.1.aarch64",
          "SUSE Linux Enterprise High Availability Extension 15:dlm-kmp-default-4.12.14-25.25.1.ppc64le",
          "SUSE Linux Enterprise High Availability Extension 15:dlm-kmp-default-4.12.14-25.25.1.s390x",
          "SUSE Linux Enterprise High Availability Extension 15:dlm-kmp-default-4.12.14-25.25.1.x86_64",
          "SUSE Linux Enterprise High Availability Extension 15:gfs2-kmp-default-4.12.14-25.25.1.aarch64",
          "SUSE Linux Enterprise High Availability Extension 15:gfs2-kmp-default-4.12.14-25.25.1.ppc64le",
          "SUSE Linux Enterprise High Availability Extension 15:gfs2-kmp-default-4.12.14-25.25.1.s390x",
          "SUSE Linux Enterprise High Availability Extension 15:gfs2-kmp-default-4.12.14-25.25.1.x86_64",
          "SUSE Linux Enterprise High Availability Extension 15:ocfs2-kmp-default-4.12.14-25.25.1.aarch64",
          "SUSE Linux Enterprise High Availability Extension 15:ocfs2-kmp-default-4.12.14-25.25.1.ppc64le",
          "SUSE Linux Enterprise High Availability Extension 15:ocfs2-kmp-default-4.12.14-25.25.1.s390x",
          "SUSE Linux Enterprise High Availability Extension 15:ocfs2-kmp-default-4.12.14-25.25.1.x86_64",
          "SUSE Linux Enterprise Module for Basesystem 15:kernel-default-4.12.14-25.25.1.aarch64",
          "SUSE Linux Enterprise Module for Basesystem 15:kernel-default-4.12.14-25.25.1.ppc64le",
          "SUSE Linux Enterprise Module for Basesystem 15:kernel-default-4.12.14-25.25.1.s390x",
          "SUSE Linux Enterprise Module for Basesystem 15:kernel-default-4.12.14-25.25.1.x86_64",
          "SUSE Linux Enterprise Module for Basesystem 15:kernel-default-devel-4.12.14-25.25.1.aarch64",
          "SUSE Linux Enterprise Module for Basesystem 15:kernel-default-devel-4.12.14-25.25.1.ppc64le",
          "SUSE Linux Enterprise Module for Basesystem 15:kernel-default-devel-4.12.14-25.25.1.s390x",
          "SUSE Linux Enterprise Module for Basesystem 15:kernel-default-devel-4.12.14-25.25.1.x86_64",
          "SUSE Linux Enterprise Module for Basesystem 15:kernel-default-man-4.12.14-25.25.1.s390x",
          "SUSE Linux Enterprise Module for Basesystem 15:kernel-devel-4.12.14-25.25.1.noarch",
          "SUSE Linux Enterprise Module for Basesystem 15:kernel-macros-4.12.14-25.25.1.noarch",
          "SUSE Linux Enterprise Module for Basesystem 15:kernel-zfcpdump-4.12.14-25.25.1.s390x",
          "SUSE Linux Enterprise Module for Development Tools 15:kernel-docs-4.12.14-25.25.1.noarch",
          "SUSE Linux Enterprise Module for Development Tools 15:kernel-obs-build-4.12.14-25.25.1.aarch64",
          "SUSE Linux Enterprise Module for Development Tools 15:kernel-obs-build-4.12.14-25.25.1.ppc64le",
          "SUSE Linux Enterprise Module for Development Tools 15:kernel-obs-build-4.12.14-25.25.1.s390x",
          "SUSE Linux Enterprise Module for Development Tools 15:kernel-obs-build-4.12.14-25.25.1.x86_64",
          "SUSE Linux Enterprise Module for Development Tools 15:kernel-source-4.12.14-25.25.1.noarch",
          "SUSE Linux Enterprise Module for Development Tools 15:kernel-syms-4.12.14-25.25.1.aarch64",
          "SUSE Linux Enterprise Module for Development Tools 15:kernel-syms-4.12.14-25.25.1.ppc64le",
          "SUSE Linux Enterprise Module for Development Tools 15:kernel-syms-4.12.14-25.25.1.s390x",
          "SUSE Linux Enterprise Module for Development Tools 15:kernel-syms-4.12.14-25.25.1.x86_64",
          "SUSE Linux Enterprise Module for Development Tools 15:kernel-vanilla-base-4.12.14-25.25.1.aarch64",
          "SUSE Linux Enterprise Module for Development Tools 15:kernel-vanilla-base-4.12.14-25.25.1.ppc64le",
          "SUSE Linux Enterprise Module for Development Tools 15:kernel-vanilla-base-4.12.14-25.25.1.s390x",
          "SUSE Linux Enterprise Module for Development Tools 15:kernel-vanilla-base-4.12.14-25.25.1.x86_64",
          "SUSE Linux Enterprise Module for Legacy 15:reiserfs-kmp-default-4.12.14-25.25.1.aarch64",
          "SUSE Linux Enterprise Module for Legacy 15:reiserfs-kmp-default-4.12.14-25.25.1.ppc64le",
          "SUSE Linux Enterprise Module for Legacy 15:reiserfs-kmp-default-4.12.14-25.25.1.s390x",
          "SUSE Linux Enterprise Module for Legacy 15:reiserfs-kmp-default-4.12.14-25.25.1.x86_64",
          "SUSE Linux Enterprise Workstation Extension 15:kernel-default-extra-4.12.14-25.25.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2018-18445",
          "url": "https://www.suse.com/security/cve/CVE-2018-18445"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1112372 for CVE-2018-18445",
          "url": "https://bugzilla.suse.com/1112372"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "SUSE Linux Enterprise High Availability Extension 15:cluster-md-kmp-default-4.12.14-25.25.1.aarch64",
            "SUSE Linux Enterprise High Availability Extension 15:cluster-md-kmp-default-4.12.14-25.25.1.ppc64le",
            "SUSE Linux Enterprise High Availability Extension 15:cluster-md-kmp-default-4.12.14-25.25.1.s390x",
            "SUSE Linux Enterprise High Availability Extension 15:cluster-md-kmp-default-4.12.14-25.25.1.x86_64",
            "SUSE Linux Enterprise High Availability Extension 15:dlm-kmp-default-4.12.14-25.25.1.aarch64",
            "SUSE Linux Enterprise High Availability Extension 15:dlm-kmp-default-4.12.14-25.25.1.ppc64le",
            "SUSE Linux Enterprise High Availability Extension 15:dlm-kmp-default-4.12.14-25.25.1.s390x",
            "SUSE Linux Enterprise High Availability Extension 15:dlm-kmp-default-4.12.14-25.25.1.x86_64",
            "SUSE Linux Enterprise High Availability Extension 15:gfs2-kmp-default-4.12.14-25.25.1.aarch64",
            "SUSE Linux Enterprise High Availability Extension 15:gfs2-kmp-default-4.12.14-25.25.1.ppc64le",
            "SUSE Linux Enterprise High Availability Extension 15:gfs2-kmp-default-4.12.14-25.25.1.s390x",
            "SUSE Linux Enterprise High Availability Extension 15:gfs2-kmp-default-4.12.14-25.25.1.x86_64",
            "SUSE Linux Enterprise High Availability Extension 15:ocfs2-kmp-default-4.12.14-25.25.1.aarch64",
            "SUSE Linux Enterprise High Availability Extension 15:ocfs2-kmp-default-4.12.14-25.25.1.ppc64le",
            "SUSE Linux Enterprise High Availability Extension 15:ocfs2-kmp-default-4.12.14-25.25.1.s390x",
            "SUSE Linux Enterprise High Availability Extension 15:ocfs2-kmp-default-4.12.14-25.25.1.x86_64",
            "SUSE Linux Enterprise Module for Basesystem 15:kernel-default-4.12.14-25.25.1.aarch64",
            "SUSE Linux Enterprise Module for Basesystem 15:kernel-default-4.12.14-25.25.1.ppc64le",
            "SUSE Linux Enterprise Module for Basesystem 15:kernel-default-4.12.14-25.25.1.s390x",
            "SUSE Linux Enterprise Module for Basesystem 15:kernel-default-4.12.14-25.25.1.x86_64",
            "SUSE Linux Enterprise Module for Basesystem 15:kernel-default-devel-4.12.14-25.25.1.aarch64",
            "SUSE Linux Enterprise Module for Basesystem 15:kernel-default-devel-4.12.14-25.25.1.ppc64le",
            "SUSE Linux Enterprise Module for Basesystem 15:kernel-default-devel-4.12.14-25.25.1.s390x",
            "SUSE Linux Enterprise Module for Basesystem 15:kernel-default-devel-4.12.14-25.25.1.x86_64",
            "SUSE Linux Enterprise Module for Basesystem 15:kernel-default-man-4.12.14-25.25.1.s390x",
            "SUSE Linux Enterprise Module for Basesystem 15:kernel-devel-4.12.14-25.25.1.noarch",
            "SUSE Linux Enterprise Module for Basesystem 15:kernel-macros-4.12.14-25.25.1.noarch",
            "SUSE Linux Enterprise Module for Basesystem 15:kernel-zfcpdump-4.12.14-25.25.1.s390x",
            "SUSE Linux Enterprise Module for Development Tools 15:kernel-docs-4.12.14-25.25.1.noarch",
            "SUSE Linux Enterprise Module for Development Tools 15:kernel-obs-build-4.12.14-25.25.1.aarch64",
            "SUSE Linux Enterprise Module for Development Tools 15:kernel-obs-build-4.12.14-25.25.1.ppc64le",
            "SUSE Linux Enterprise Module for Development Tools 15:kernel-obs-build-4.12.14-25.25.1.s390x",
            "SUSE Linux Enterprise Module for Development Tools 15:kernel-obs-build-4.12.14-25.25.1.x86_64",
            "SUSE Linux Enterprise Module for Development Tools 15:kernel-source-4.12.14-25.25.1.noarch",
            "SUSE Linux Enterprise Module for Development Tools 15:kernel-syms-4.12.14-25.25.1.aarch64",
            "SUSE Linux Enterprise Module for Development Tools 15:kernel-syms-4.12.14-25.25.1.ppc64le",
            "SUSE Linux Enterprise Module for Development Tools 15:kernel-syms-4.12.14-25.25.1.s390x",
            "SUSE Linux Enterprise Module for Development Tools 15:kernel-syms-4.12.14-25.25.1.x86_64",
            "SUSE Linux Enterprise Module for Development Tools 15:kernel-vanilla-base-4.12.14-25.25.1.aarch64",
            "SUSE Linux Enterprise Module for Development Tools 15:kernel-vanilla-base-4.12.14-25.25.1.ppc64le",
            "SUSE Linux Enterprise Module for Development Tools 15:kernel-vanilla-base-4.12.14-25.25.1.s390x",
            "SUSE Linux Enterprise Module for Development Tools 15:kernel-vanilla-base-4.12.14-25.25.1.x86_64",
            "SUSE Linux Enterprise Module for Legacy 15:reiserfs-kmp-default-4.12.14-25.25.1.aarch64",
            "SUSE Linux Enterprise Module for Legacy 15:reiserfs-kmp-default-4.12.14-25.25.1.ppc64le",
            "SUSE Linux Enterprise Module for Legacy 15:reiserfs-kmp-default-4.12.14-25.25.1.s390x",
            "SUSE Linux Enterprise Module for Legacy 15:reiserfs-kmp-default-4.12.14-25.25.1.x86_64",
            "SUSE Linux Enterprise Workstation Extension 15:kernel-default-extra-4.12.14-25.25.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 3.3,
            "baseSeverity": "LOW",
            "vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N",
            "version": "3.0"
          },
          "products": [
            "SUSE Linux Enterprise High Availability Extension 15:cluster-md-kmp-default-4.12.14-25.25.1.aarch64",
            "SUSE Linux Enterprise High Availability Extension 15:cluster-md-kmp-default-4.12.14-25.25.1.ppc64le",
            "SUSE Linux Enterprise High Availability Extension 15:cluster-md-kmp-default-4.12.14-25.25.1.s390x",
            "SUSE Linux Enterprise High Availability Extension 15:cluster-md-kmp-default-4.12.14-25.25.1.x86_64",
            "SUSE Linux Enterprise High Availability Extension 15:dlm-kmp-default-4.12.14-25.25.1.aarch64",
            "SUSE Linux Enterprise High Availability Extension 15:dlm-kmp-default-4.12.14-25.25.1.ppc64le",
            "SUSE Linux Enterprise High Availability Extension 15:dlm-kmp-default-4.12.14-25.25.1.s390x",
            "SUSE Linux Enterprise High Availability Extension 15:dlm-kmp-default-4.12.14-25.25.1.x86_64",
            "SUSE Linux Enterprise High Availability Extension 15:gfs2-kmp-default-4.12.14-25.25.1.aarch64",
            "SUSE Linux Enterprise High Availability Extension 15:gfs2-kmp-default-4.12.14-25.25.1.ppc64le",
            "SUSE Linux Enterprise High Availability Extension 15:gfs2-kmp-default-4.12.14-25.25.1.s390x",
            "SUSE Linux Enterprise High Availability Extension 15:gfs2-kmp-default-4.12.14-25.25.1.x86_64",
            "SUSE Linux Enterprise High Availability Extension 15:ocfs2-kmp-default-4.12.14-25.25.1.aarch64",
            "SUSE Linux Enterprise High Availability Extension 15:ocfs2-kmp-default-4.12.14-25.25.1.ppc64le",
            "SUSE Linux Enterprise High Availability Extension 15:ocfs2-kmp-default-4.12.14-25.25.1.s390x",
            "SUSE Linux Enterprise High Availability Extension 15:ocfs2-kmp-default-4.12.14-25.25.1.x86_64",
            "SUSE Linux Enterprise Module for Basesystem 15:kernel-default-4.12.14-25.25.1.aarch64",
            "SUSE Linux Enterprise Module for Basesystem 15:kernel-default-4.12.14-25.25.1.ppc64le",
            "SUSE Linux Enterprise Module for Basesystem 15:kernel-default-4.12.14-25.25.1.s390x",
            "SUSE Linux Enterprise Module for Basesystem 15:kernel-default-4.12.14-25.25.1.x86_64",
            "SUSE Linux Enterprise Module for Basesystem 15:kernel-default-devel-4.12.14-25.25.1.aarch64",
            "SUSE Linux Enterprise Module for Basesystem 15:kernel-default-devel-4.12.14-25.25.1.ppc64le",
            "SUSE Linux Enterprise Module for Basesystem 15:kernel-default-devel-4.12.14-25.25.1.s390x",
            "SUSE Linux Enterprise Module for Basesystem 15:kernel-default-devel-4.12.14-25.25.1.x86_64",
            "SUSE Linux Enterprise Module for Basesystem 15:kernel-default-man-4.12.14-25.25.1.s390x",
            "SUSE Linux Enterprise Module for Basesystem 15:kernel-devel-4.12.14-25.25.1.noarch",
            "SUSE Linux Enterprise Module for Basesystem 15:kernel-macros-4.12.14-25.25.1.noarch",
            "SUSE Linux Enterprise Module for Basesystem 15:kernel-zfcpdump-4.12.14-25.25.1.s390x",
            "SUSE Linux Enterprise Module for Development Tools 15:kernel-docs-4.12.14-25.25.1.noarch",
            "SUSE Linux Enterprise Module for Development Tools 15:kernel-obs-build-4.12.14-25.25.1.aarch64",
            "SUSE Linux Enterprise Module for Development Tools 15:kernel-obs-build-4.12.14-25.25.1.ppc64le",
            "SUSE Linux Enterprise Module for Development Tools 15:kernel-obs-build-4.12.14-25.25.1.s390x",
            "SUSE Linux Enterprise Module for Development Tools 15:kernel-obs-build-4.12.14-25.25.1.x86_64",
            "SUSE Linux Enterprise Module for Development Tools 15:kernel-source-4.12.14-25.25.1.noarch",
            "SUSE Linux Enterprise Module for Development Tools 15:kernel-syms-4.12.14-25.25.1.aarch64",
            "SUSE Linux Enterprise Module for Development Tools 15:kernel-syms-4.12.14-25.25.1.ppc64le",
            "SUSE Linux Enterprise Module for Development Tools 15:kernel-syms-4.12.14-25.25.1.s390x",
            "SUSE Linux Enterprise Module for Development Tools 15:kernel-syms-4.12.14-25.25.1.x86_64",
            "SUSE Linux Enterprise Module for Development Tools 15:kernel-vanilla-base-4.12.14-25.25.1.aarch64",
            "SUSE Linux Enterprise Module for Development Tools 15:kernel-vanilla-base-4.12.14-25.25.1.ppc64le",
            "SUSE Linux Enterprise Module for Development Tools 15:kernel-vanilla-base-4.12.14-25.25.1.s390x",
            "SUSE Linux Enterprise Module for Development Tools 15:kernel-vanilla-base-4.12.14-25.25.1.x86_64",
            "SUSE Linux Enterprise Module for Legacy 15:reiserfs-kmp-default-4.12.14-25.25.1.aarch64",
            "SUSE Linux Enterprise Module for Legacy 15:reiserfs-kmp-default-4.12.14-25.25.1.ppc64le",
            "SUSE Linux Enterprise Module for Legacy 15:reiserfs-kmp-default-4.12.14-25.25.1.s390x",
            "SUSE Linux Enterprise Module for Legacy 15:reiserfs-kmp-default-4.12.14-25.25.1.x86_64",
            "SUSE Linux Enterprise Workstation Extension 15:kernel-default-extra-4.12.14-25.25.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2018-10-31T13:44:41Z",
          "details": "low"
        }
      ],
      "title": "CVE-2018-18445"
    }
  ]
}