SUSE-SU-2022:3263-1
Vulnerability from csaf_suse - Published: 2022-09-14 04:14 - Updated: 2022-09-14 04:14Summary
Security update for the Linux Kernel
Severity
Important
Notes
Title of the patch: Security update for the Linux Kernel
Description of the patch:
The SUSE Linux Enterprise 12 SP3 kernel was updated to receive various security and bugfixes.
The following security bugs were fixed:
- CVE-2022-39188: Fixed race condition in include/asm-generic/tlb.h where a device driver can free a page while it still has stale TLB entries (bnc#1203107).
- CVE-2022-36879: Fixed an issue in xfrm_expand_policies in net/xfrm/xfrm_policy.c where a refcount could be dropped twice (bnc#1201948).
- CVE-2022-3028: Fixed race condition that was found in the IP framework for transforming packets (XFRM subsystem) (bnc#1202898).
- CVE-2022-2991: Fixed an heap-based overflow in the lightnvm implemenation (bsc#1201420).
- CVE-2022-26373: Fixed non-transparent sharing of return predictor targets between contexts in some Intel Processors (bnc#1201726).
- CVE-2022-2588: Fixed use-after-free in cls_route (bsc#1202096).
- CVE-2022-21385: Fixed a flaw in net_rds_alloc_sgs() that allowed unprivileged local users to crash the machine (bnc#1202897).
- CVE-2022-20369: Fixed out of bounds write in v4l2_m2m_querybuf of v4l2-mem2mem.c (bnc#1202347).
- CVE-2022-20368: Fixed slab-out-of-bounds access in packet_recvmsg() (bsc#1202346).
- CVE-2020-36516: Fixed an issue in the mixed IPID assignment method where an attacker was able to inject data into or terminate a victim's TCP session (bnc#1196616).
- CVE-2019-3900: Fixed infinite loop the vhost_net kernel module that could result in a DoS scenario (bnc#1133374).
The following non-security bugs were fixed:
- net_sched: cls_route: Disallowed handle of 0 (bsc#1202393).
- mm, rmap: Fixed anon_vma->degree ambiguity leading to double-reuse (bsc#1203098).
- lightnvm: Removed lightnvm implemenation (bsc#1191881).
Patchnames: SUSE-2022-3263,SUSE-SLE-SERVER-12-SP3-BCL-2022-3263
Terms of use: CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).
5.5 (Medium)
Vendor Fix
To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch".
8.1 (High)
Vendor Fix
To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch".
5.5 (Medium)
Vendor Fix
To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch".
5.5 (Medium)
Vendor Fix
To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch".
6.2 (Medium)
Vendor Fix
To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch".
7.8 (High)
Vendor Fix
To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch".
5.5 (Medium)
Vendor Fix
To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch".
8.2 (High)
Vendor Fix
To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch".
6.7 (Medium)
Vendor Fix
To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch".
4.1 (Medium)
Vendor Fix
To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch".
Vendor Fix
To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch".
References
{
"document": {
"aggregate_severity": {
"namespace": "https://www.suse.com/support/security/rating/",
"text": "important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright 2024 SUSE LLC. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "Security update for the Linux Kernel",
"title": "Title of the patch"
},
{
"category": "description",
"text": "\nThe SUSE Linux Enterprise 12 SP3 kernel was updated to receive various security and bugfixes.\n\nThe following security bugs were fixed:\n\n- CVE-2022-39188: Fixed race condition in include/asm-generic/tlb.h where a device driver can free a page while it still has stale TLB entries (bnc#1203107).\n- CVE-2022-36879: Fixed an issue in xfrm_expand_policies in net/xfrm/xfrm_policy.c where a refcount could be dropped twice (bnc#1201948).\n- CVE-2022-3028: Fixed race condition that was found in the IP framework for transforming packets (XFRM subsystem) (bnc#1202898).\n- CVE-2022-2991: Fixed an heap-based overflow in the lightnvm implemenation (bsc#1201420).\n- CVE-2022-26373: Fixed non-transparent sharing of return predictor targets between contexts in some Intel Processors (bnc#1201726).\n- CVE-2022-2588: Fixed use-after-free in cls_route (bsc#1202096).\n- CVE-2022-21385: Fixed a flaw in net_rds_alloc_sgs() that allowed unprivileged local users to crash the machine (bnc#1202897).\n- CVE-2022-20369: Fixed out of bounds write in v4l2_m2m_querybuf of v4l2-mem2mem.c (bnc#1202347).\n- CVE-2022-20368: Fixed slab-out-of-bounds access in packet_recvmsg() (bsc#1202346).\n- CVE-2020-36516: Fixed an issue in the mixed IPID assignment method where an attacker was able to inject data into or terminate a victim\u0027s TCP session (bnc#1196616).\n- CVE-2019-3900: Fixed infinite loop the vhost_net kernel module that could result in a DoS scenario (bnc#1133374).\n\nThe following non-security bugs were fixed:\n\n- net_sched: cls_route: Disallowed handle of 0 (bsc#1202393).\n- mm, rmap: Fixed anon_vma-\u003edegree ambiguity leading to double-reuse (bsc#1203098).\n- lightnvm: Removed lightnvm implemenation (bsc#1191881).\n",
"title": "Description of the patch"
},
{
"category": "details",
"text": "SUSE-2022-3263,SUSE-SLE-SERVER-12-SP3-BCL-2022-3263",
"title": "Patchnames"
},
{
"category": "legal_disclaimer",
"text": "CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).",
"title": "Terms of use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://www.suse.com/support/security/contact/",
"name": "SUSE Product Security Team",
"namespace": "https://www.suse.com/"
},
"references": [
{
"category": "external",
"summary": "SUSE ratings",
"url": "https://www.suse.com/support/security/rating/"
},
{
"category": "self",
"summary": "URL of this CSAF notice",
"url": "https://ftp.suse.com/pub/projects/security/csaf/suse-su-2022_3263-1.json"
},
{
"category": "self",
"summary": "URL for SUSE-SU-2022:3263-1",
"url": "https://www.suse.com/support/update/announcement/2022/suse-su-20223263-1/"
},
{
"category": "self",
"summary": "E-Mail link for SUSE-SU-2022:3263-1",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2022-September/012222.html"
},
{
"category": "self",
"summary": "SUSE Bug 1133374",
"url": "https://bugzilla.suse.com/1133374"
},
{
"category": "self",
"summary": "SUSE Bug 1191881",
"url": "https://bugzilla.suse.com/1191881"
},
{
"category": "self",
"summary": "SUSE Bug 1196616",
"url": "https://bugzilla.suse.com/1196616"
},
{
"category": "self",
"summary": "SUSE Bug 1201420",
"url": "https://bugzilla.suse.com/1201420"
},
{
"category": "self",
"summary": "SUSE Bug 1201726",
"url": "https://bugzilla.suse.com/1201726"
},
{
"category": "self",
"summary": "SUSE Bug 1201948",
"url": "https://bugzilla.suse.com/1201948"
},
{
"category": "self",
"summary": "SUSE Bug 1202096",
"url": "https://bugzilla.suse.com/1202096"
},
{
"category": "self",
"summary": "SUSE Bug 1202346",
"url": "https://bugzilla.suse.com/1202346"
},
{
"category": "self",
"summary": "SUSE Bug 1202347",
"url": "https://bugzilla.suse.com/1202347"
},
{
"category": "self",
"summary": "SUSE Bug 1202393",
"url": "https://bugzilla.suse.com/1202393"
},
{
"category": "self",
"summary": "SUSE Bug 1202897",
"url": "https://bugzilla.suse.com/1202897"
},
{
"category": "self",
"summary": "SUSE Bug 1202898",
"url": "https://bugzilla.suse.com/1202898"
},
{
"category": "self",
"summary": "SUSE Bug 1203098",
"url": "https://bugzilla.suse.com/1203098"
},
{
"category": "self",
"summary": "SUSE Bug 1203107",
"url": "https://bugzilla.suse.com/1203107"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2019-3900 page",
"url": "https://www.suse.com/security/cve/CVE-2019-3900/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2020-36516 page",
"url": "https://www.suse.com/security/cve/CVE-2020-36516/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-20368 page",
"url": "https://www.suse.com/security/cve/CVE-2022-20368/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-20369 page",
"url": "https://www.suse.com/security/cve/CVE-2022-20369/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-21385 page",
"url": "https://www.suse.com/security/cve/CVE-2022-21385/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-2588 page",
"url": "https://www.suse.com/security/cve/CVE-2022-2588/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-26373 page",
"url": "https://www.suse.com/security/cve/CVE-2022-26373/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-2991 page",
"url": "https://www.suse.com/security/cve/CVE-2022-2991/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-3028 page",
"url": "https://www.suse.com/security/cve/CVE-2022-3028/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-36879 page",
"url": "https://www.suse.com/security/cve/CVE-2022-36879/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-39188 page",
"url": "https://www.suse.com/security/cve/CVE-2022-39188/"
}
],
"title": "Security update for the Linux Kernel",
"tracking": {
"current_release_date": "2022-09-14T04:14:47Z",
"generator": {
"date": "2022-09-14T04:14:47Z",
"engine": {
"name": "cve-database.git:bin/generate-csaf.pl",
"version": "1"
}
},
"id": "SUSE-SU-2022:3263-1",
"initial_release_date": "2022-09-14T04:14:47Z",
"revision_history": [
{
"date": "2022-09-14T04:14:47Z",
"number": "1",
"summary": "Current version"
}
],
"status": "final",
"version": "1"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_version",
"name": "cluster-md-kmp-default-4.4.180-94.174.1.aarch64",
"product": {
"name": "cluster-md-kmp-default-4.4.180-94.174.1.aarch64",
"product_id": "cluster-md-kmp-default-4.4.180-94.174.1.aarch64"
}
},
{
"category": "product_version",
"name": "dlm-kmp-default-4.4.180-94.174.1.aarch64",
"product": {
"name": "dlm-kmp-default-4.4.180-94.174.1.aarch64",
"product_id": "dlm-kmp-default-4.4.180-94.174.1.aarch64"
}
},
{
"category": "product_version",
"name": "gfs2-kmp-default-4.4.180-94.174.1.aarch64",
"product": {
"name": "gfs2-kmp-default-4.4.180-94.174.1.aarch64",
"product_id": "gfs2-kmp-default-4.4.180-94.174.1.aarch64"
}
},
{
"category": "product_version",
"name": "kernel-default-4.4.180-94.174.1.aarch64",
"product": {
"name": "kernel-default-4.4.180-94.174.1.aarch64",
"product_id": "kernel-default-4.4.180-94.174.1.aarch64"
}
},
{
"category": "product_version",
"name": "kernel-default-base-4.4.180-94.174.1.aarch64",
"product": {
"name": "kernel-default-base-4.4.180-94.174.1.aarch64",
"product_id": "kernel-default-base-4.4.180-94.174.1.aarch64"
}
},
{
"category": "product_version",
"name": "kernel-default-devel-4.4.180-94.174.1.aarch64",
"product": {
"name": "kernel-default-devel-4.4.180-94.174.1.aarch64",
"product_id": "kernel-default-devel-4.4.180-94.174.1.aarch64"
}
},
{
"category": "product_version",
"name": "kernel-default-extra-4.4.180-94.174.1.aarch64",
"product": {
"name": "kernel-default-extra-4.4.180-94.174.1.aarch64",
"product_id": "kernel-default-extra-4.4.180-94.174.1.aarch64"
}
},
{
"category": "product_version",
"name": "kernel-default-kgraft-4.4.180-94.174.1.aarch64",
"product": {
"name": "kernel-default-kgraft-4.4.180-94.174.1.aarch64",
"product_id": "kernel-default-kgraft-4.4.180-94.174.1.aarch64"
}
},
{
"category": "product_version",
"name": "kernel-obs-build-4.4.180-94.174.1.aarch64",
"product": {
"name": "kernel-obs-build-4.4.180-94.174.1.aarch64",
"product_id": "kernel-obs-build-4.4.180-94.174.1.aarch64"
}
},
{
"category": "product_version",
"name": "kernel-obs-qa-4.4.180-94.174.1.aarch64",
"product": {
"name": "kernel-obs-qa-4.4.180-94.174.1.aarch64",
"product_id": "kernel-obs-qa-4.4.180-94.174.1.aarch64"
}
},
{
"category": "product_version",
"name": "kernel-syms-4.4.180-94.174.1.aarch64",
"product": {
"name": "kernel-syms-4.4.180-94.174.1.aarch64",
"product_id": "kernel-syms-4.4.180-94.174.1.aarch64"
}
},
{
"category": "product_version",
"name": "kernel-vanilla-4.4.180-94.174.1.aarch64",
"product": {
"name": "kernel-vanilla-4.4.180-94.174.1.aarch64",
"product_id": "kernel-vanilla-4.4.180-94.174.1.aarch64"
}
},
{
"category": "product_version",
"name": "kernel-vanilla-base-4.4.180-94.174.1.aarch64",
"product": {
"name": "kernel-vanilla-base-4.4.180-94.174.1.aarch64",
"product_id": "kernel-vanilla-base-4.4.180-94.174.1.aarch64"
}
},
{
"category": "product_version",
"name": "kernel-vanilla-devel-4.4.180-94.174.1.aarch64",
"product": {
"name": "kernel-vanilla-devel-4.4.180-94.174.1.aarch64",
"product_id": "kernel-vanilla-devel-4.4.180-94.174.1.aarch64"
}
},
{
"category": "product_version",
"name": "kselftests-kmp-default-4.4.180-94.174.1.aarch64",
"product": {
"name": "kselftests-kmp-default-4.4.180-94.174.1.aarch64",
"product_id": "kselftests-kmp-default-4.4.180-94.174.1.aarch64"
}
},
{
"category": "product_version",
"name": "ocfs2-kmp-default-4.4.180-94.174.1.aarch64",
"product": {
"name": "ocfs2-kmp-default-4.4.180-94.174.1.aarch64",
"product_id": "ocfs2-kmp-default-4.4.180-94.174.1.aarch64"
}
}
],
"category": "architecture",
"name": "aarch64"
},
{
"branches": [
{
"category": "product_version",
"name": "kernel-devel-4.4.180-94.174.1.noarch",
"product": {
"name": "kernel-devel-4.4.180-94.174.1.noarch",
"product_id": "kernel-devel-4.4.180-94.174.1.noarch"
}
},
{
"category": "product_version",
"name": "kernel-docs-4.4.180-94.174.1.noarch",
"product": {
"name": "kernel-docs-4.4.180-94.174.1.noarch",
"product_id": "kernel-docs-4.4.180-94.174.1.noarch"
}
},
{
"category": "product_version",
"name": "kernel-docs-html-4.4.180-94.174.1.noarch",
"product": {
"name": "kernel-docs-html-4.4.180-94.174.1.noarch",
"product_id": "kernel-docs-html-4.4.180-94.174.1.noarch"
}
},
{
"category": "product_version",
"name": "kernel-docs-pdf-4.4.180-94.174.1.noarch",
"product": {
"name": "kernel-docs-pdf-4.4.180-94.174.1.noarch",
"product_id": "kernel-docs-pdf-4.4.180-94.174.1.noarch"
}
},
{
"category": "product_version",
"name": "kernel-macros-4.4.180-94.174.1.noarch",
"product": {
"name": "kernel-macros-4.4.180-94.174.1.noarch",
"product_id": "kernel-macros-4.4.180-94.174.1.noarch"
}
},
{
"category": "product_version",
"name": "kernel-source-4.4.180-94.174.1.noarch",
"product": {
"name": "kernel-source-4.4.180-94.174.1.noarch",
"product_id": "kernel-source-4.4.180-94.174.1.noarch"
}
},
{
"category": "product_version",
"name": "kernel-source-vanilla-4.4.180-94.174.1.noarch",
"product": {
"name": "kernel-source-vanilla-4.4.180-94.174.1.noarch",
"product_id": "kernel-source-vanilla-4.4.180-94.174.1.noarch"
}
}
],
"category": "architecture",
"name": "noarch"
},
{
"branches": [
{
"category": "product_version",
"name": "cluster-md-kmp-debug-4.4.180-94.174.1.ppc64le",
"product": {
"name": "cluster-md-kmp-debug-4.4.180-94.174.1.ppc64le",
"product_id": "cluster-md-kmp-debug-4.4.180-94.174.1.ppc64le"
}
},
{
"category": "product_version",
"name": "cluster-md-kmp-default-4.4.180-94.174.1.ppc64le",
"product": {
"name": "cluster-md-kmp-default-4.4.180-94.174.1.ppc64le",
"product_id": "cluster-md-kmp-default-4.4.180-94.174.1.ppc64le"
}
},
{
"category": "product_version",
"name": "dlm-kmp-debug-4.4.180-94.174.1.ppc64le",
"product": {
"name": "dlm-kmp-debug-4.4.180-94.174.1.ppc64le",
"product_id": "dlm-kmp-debug-4.4.180-94.174.1.ppc64le"
}
},
{
"category": "product_version",
"name": "dlm-kmp-default-4.4.180-94.174.1.ppc64le",
"product": {
"name": "dlm-kmp-default-4.4.180-94.174.1.ppc64le",
"product_id": "dlm-kmp-default-4.4.180-94.174.1.ppc64le"
}
},
{
"category": "product_version",
"name": "gfs2-kmp-debug-4.4.180-94.174.1.ppc64le",
"product": {
"name": "gfs2-kmp-debug-4.4.180-94.174.1.ppc64le",
"product_id": "gfs2-kmp-debug-4.4.180-94.174.1.ppc64le"
}
},
{
"category": "product_version",
"name": "gfs2-kmp-default-4.4.180-94.174.1.ppc64le",
"product": {
"name": "gfs2-kmp-default-4.4.180-94.174.1.ppc64le",
"product_id": "gfs2-kmp-default-4.4.180-94.174.1.ppc64le"
}
},
{
"category": "product_version",
"name": "kernel-debug-4.4.180-94.174.1.ppc64le",
"product": {
"name": "kernel-debug-4.4.180-94.174.1.ppc64le",
"product_id": "kernel-debug-4.4.180-94.174.1.ppc64le"
}
},
{
"category": "product_version",
"name": "kernel-debug-base-4.4.180-94.174.1.ppc64le",
"product": {
"name": "kernel-debug-base-4.4.180-94.174.1.ppc64le",
"product_id": "kernel-debug-base-4.4.180-94.174.1.ppc64le"
}
},
{
"category": "product_version",
"name": "kernel-debug-devel-4.4.180-94.174.1.ppc64le",
"product": {
"name": "kernel-debug-devel-4.4.180-94.174.1.ppc64le",
"product_id": "kernel-debug-devel-4.4.180-94.174.1.ppc64le"
}
},
{
"category": "product_version",
"name": "kernel-debug-extra-4.4.180-94.174.1.ppc64le",
"product": {
"name": "kernel-debug-extra-4.4.180-94.174.1.ppc64le",
"product_id": "kernel-debug-extra-4.4.180-94.174.1.ppc64le"
}
},
{
"category": "product_version",
"name": "kernel-debug-kgraft-4.4.180-94.174.1.ppc64le",
"product": {
"name": "kernel-debug-kgraft-4.4.180-94.174.1.ppc64le",
"product_id": "kernel-debug-kgraft-4.4.180-94.174.1.ppc64le"
}
},
{
"category": "product_version",
"name": "kernel-default-4.4.180-94.174.1.ppc64le",
"product": {
"name": "kernel-default-4.4.180-94.174.1.ppc64le",
"product_id": "kernel-default-4.4.180-94.174.1.ppc64le"
}
},
{
"category": "product_version",
"name": "kernel-default-base-4.4.180-94.174.1.ppc64le",
"product": {
"name": "kernel-default-base-4.4.180-94.174.1.ppc64le",
"product_id": "kernel-default-base-4.4.180-94.174.1.ppc64le"
}
},
{
"category": "product_version",
"name": "kernel-default-devel-4.4.180-94.174.1.ppc64le",
"product": {
"name": "kernel-default-devel-4.4.180-94.174.1.ppc64le",
"product_id": "kernel-default-devel-4.4.180-94.174.1.ppc64le"
}
},
{
"category": "product_version",
"name": "kernel-default-extra-4.4.180-94.174.1.ppc64le",
"product": {
"name": "kernel-default-extra-4.4.180-94.174.1.ppc64le",
"product_id": "kernel-default-extra-4.4.180-94.174.1.ppc64le"
}
},
{
"category": "product_version",
"name": "kernel-default-kgraft-4.4.180-94.174.1.ppc64le",
"product": {
"name": "kernel-default-kgraft-4.4.180-94.174.1.ppc64le",
"product_id": "kernel-default-kgraft-4.4.180-94.174.1.ppc64le"
}
},
{
"category": "product_version",
"name": "kernel-obs-build-4.4.180-94.174.1.ppc64le",
"product": {
"name": "kernel-obs-build-4.4.180-94.174.1.ppc64le",
"product_id": "kernel-obs-build-4.4.180-94.174.1.ppc64le"
}
},
{
"category": "product_version",
"name": "kernel-obs-qa-4.4.180-94.174.1.ppc64le",
"product": {
"name": "kernel-obs-qa-4.4.180-94.174.1.ppc64le",
"product_id": "kernel-obs-qa-4.4.180-94.174.1.ppc64le"
}
},
{
"category": "product_version",
"name": "kernel-syms-4.4.180-94.174.1.ppc64le",
"product": {
"name": "kernel-syms-4.4.180-94.174.1.ppc64le",
"product_id": "kernel-syms-4.4.180-94.174.1.ppc64le"
}
},
{
"category": "product_version",
"name": "kernel-vanilla-4.4.180-94.174.1.ppc64le",
"product": {
"name": "kernel-vanilla-4.4.180-94.174.1.ppc64le",
"product_id": "kernel-vanilla-4.4.180-94.174.1.ppc64le"
}
},
{
"category": "product_version",
"name": "kernel-vanilla-base-4.4.180-94.174.1.ppc64le",
"product": {
"name": "kernel-vanilla-base-4.4.180-94.174.1.ppc64le",
"product_id": "kernel-vanilla-base-4.4.180-94.174.1.ppc64le"
}
},
{
"category": "product_version",
"name": "kernel-vanilla-devel-4.4.180-94.174.1.ppc64le",
"product": {
"name": "kernel-vanilla-devel-4.4.180-94.174.1.ppc64le",
"product_id": "kernel-vanilla-devel-4.4.180-94.174.1.ppc64le"
}
},
{
"category": "product_version",
"name": "kselftests-kmp-debug-4.4.180-94.174.1.ppc64le",
"product": {
"name": "kselftests-kmp-debug-4.4.180-94.174.1.ppc64le",
"product_id": "kselftests-kmp-debug-4.4.180-94.174.1.ppc64le"
}
},
{
"category": "product_version",
"name": "kselftests-kmp-default-4.4.180-94.174.1.ppc64le",
"product": {
"name": "kselftests-kmp-default-4.4.180-94.174.1.ppc64le",
"product_id": "kselftests-kmp-default-4.4.180-94.174.1.ppc64le"
}
},
{
"category": "product_version",
"name": "ocfs2-kmp-debug-4.4.180-94.174.1.ppc64le",
"product": {
"name": "ocfs2-kmp-debug-4.4.180-94.174.1.ppc64le",
"product_id": "ocfs2-kmp-debug-4.4.180-94.174.1.ppc64le"
}
},
{
"category": "product_version",
"name": "ocfs2-kmp-default-4.4.180-94.174.1.ppc64le",
"product": {
"name": "ocfs2-kmp-default-4.4.180-94.174.1.ppc64le",
"product_id": "ocfs2-kmp-default-4.4.180-94.174.1.ppc64le"
}
}
],
"category": "architecture",
"name": "ppc64le"
},
{
"branches": [
{
"category": "product_version",
"name": "cluster-md-kmp-default-4.4.180-94.174.1.s390x",
"product": {
"name": "cluster-md-kmp-default-4.4.180-94.174.1.s390x",
"product_id": "cluster-md-kmp-default-4.4.180-94.174.1.s390x"
}
},
{
"category": "product_version",
"name": "dlm-kmp-default-4.4.180-94.174.1.s390x",
"product": {
"name": "dlm-kmp-default-4.4.180-94.174.1.s390x",
"product_id": "dlm-kmp-default-4.4.180-94.174.1.s390x"
}
},
{
"category": "product_version",
"name": "gfs2-kmp-default-4.4.180-94.174.1.s390x",
"product": {
"name": "gfs2-kmp-default-4.4.180-94.174.1.s390x",
"product_id": "gfs2-kmp-default-4.4.180-94.174.1.s390x"
}
},
{
"category": "product_version",
"name": "kernel-default-4.4.180-94.174.1.s390x",
"product": {
"name": "kernel-default-4.4.180-94.174.1.s390x",
"product_id": "kernel-default-4.4.180-94.174.1.s390x"
}
},
{
"category": "product_version",
"name": "kernel-default-base-4.4.180-94.174.1.s390x",
"product": {
"name": "kernel-default-base-4.4.180-94.174.1.s390x",
"product_id": "kernel-default-base-4.4.180-94.174.1.s390x"
}
},
{
"category": "product_version",
"name": "kernel-default-devel-4.4.180-94.174.1.s390x",
"product": {
"name": "kernel-default-devel-4.4.180-94.174.1.s390x",
"product_id": "kernel-default-devel-4.4.180-94.174.1.s390x"
}
},
{
"category": "product_version",
"name": "kernel-default-extra-4.4.180-94.174.1.s390x",
"product": {
"name": "kernel-default-extra-4.4.180-94.174.1.s390x",
"product_id": "kernel-default-extra-4.4.180-94.174.1.s390x"
}
},
{
"category": "product_version",
"name": "kernel-default-kgraft-4.4.180-94.174.1.s390x",
"product": {
"name": "kernel-default-kgraft-4.4.180-94.174.1.s390x",
"product_id": "kernel-default-kgraft-4.4.180-94.174.1.s390x"
}
},
{
"category": "product_version",
"name": "kernel-default-man-4.4.180-94.174.1.s390x",
"product": {
"name": "kernel-default-man-4.4.180-94.174.1.s390x",
"product_id": "kernel-default-man-4.4.180-94.174.1.s390x"
}
},
{
"category": "product_version",
"name": "kernel-obs-build-4.4.180-94.174.1.s390x",
"product": {
"name": "kernel-obs-build-4.4.180-94.174.1.s390x",
"product_id": "kernel-obs-build-4.4.180-94.174.1.s390x"
}
},
{
"category": "product_version",
"name": "kernel-obs-qa-4.4.180-94.174.1.s390x",
"product": {
"name": "kernel-obs-qa-4.4.180-94.174.1.s390x",
"product_id": "kernel-obs-qa-4.4.180-94.174.1.s390x"
}
},
{
"category": "product_version",
"name": "kernel-syms-4.4.180-94.174.1.s390x",
"product": {
"name": "kernel-syms-4.4.180-94.174.1.s390x",
"product_id": "kernel-syms-4.4.180-94.174.1.s390x"
}
},
{
"category": "product_version",
"name": "kernel-vanilla-4.4.180-94.174.1.s390x",
"product": {
"name": "kernel-vanilla-4.4.180-94.174.1.s390x",
"product_id": "kernel-vanilla-4.4.180-94.174.1.s390x"
}
},
{
"category": "product_version",
"name": "kernel-vanilla-base-4.4.180-94.174.1.s390x",
"product": {
"name": "kernel-vanilla-base-4.4.180-94.174.1.s390x",
"product_id": "kernel-vanilla-base-4.4.180-94.174.1.s390x"
}
},
{
"category": "product_version",
"name": "kernel-vanilla-devel-4.4.180-94.174.1.s390x",
"product": {
"name": "kernel-vanilla-devel-4.4.180-94.174.1.s390x",
"product_id": "kernel-vanilla-devel-4.4.180-94.174.1.s390x"
}
},
{
"category": "product_version",
"name": "kernel-zfcpdump-4.4.180-94.174.1.s390x",
"product": {
"name": "kernel-zfcpdump-4.4.180-94.174.1.s390x",
"product_id": "kernel-zfcpdump-4.4.180-94.174.1.s390x"
}
},
{
"category": "product_version",
"name": "kselftests-kmp-default-4.4.180-94.174.1.s390x",
"product": {
"name": "kselftests-kmp-default-4.4.180-94.174.1.s390x",
"product_id": "kselftests-kmp-default-4.4.180-94.174.1.s390x"
}
},
{
"category": "product_version",
"name": "ocfs2-kmp-default-4.4.180-94.174.1.s390x",
"product": {
"name": "ocfs2-kmp-default-4.4.180-94.174.1.s390x",
"product_id": "ocfs2-kmp-default-4.4.180-94.174.1.s390x"
}
}
],
"category": "architecture",
"name": "s390x"
},
{
"branches": [
{
"category": "product_version",
"name": "cluster-md-kmp-debug-4.4.180-94.174.1.x86_64",
"product": {
"name": "cluster-md-kmp-debug-4.4.180-94.174.1.x86_64",
"product_id": "cluster-md-kmp-debug-4.4.180-94.174.1.x86_64"
}
},
{
"category": "product_version",
"name": "cluster-md-kmp-default-4.4.180-94.174.1.x86_64",
"product": {
"name": "cluster-md-kmp-default-4.4.180-94.174.1.x86_64",
"product_id": "cluster-md-kmp-default-4.4.180-94.174.1.x86_64"
}
},
{
"category": "product_version",
"name": "dlm-kmp-debug-4.4.180-94.174.1.x86_64",
"product": {
"name": "dlm-kmp-debug-4.4.180-94.174.1.x86_64",
"product_id": "dlm-kmp-debug-4.4.180-94.174.1.x86_64"
}
},
{
"category": "product_version",
"name": "dlm-kmp-default-4.4.180-94.174.1.x86_64",
"product": {
"name": "dlm-kmp-default-4.4.180-94.174.1.x86_64",
"product_id": "dlm-kmp-default-4.4.180-94.174.1.x86_64"
}
},
{
"category": "product_version",
"name": "gfs2-kmp-debug-4.4.180-94.174.1.x86_64",
"product": {
"name": "gfs2-kmp-debug-4.4.180-94.174.1.x86_64",
"product_id": "gfs2-kmp-debug-4.4.180-94.174.1.x86_64"
}
},
{
"category": "product_version",
"name": "gfs2-kmp-default-4.4.180-94.174.1.x86_64",
"product": {
"name": "gfs2-kmp-default-4.4.180-94.174.1.x86_64",
"product_id": "gfs2-kmp-default-4.4.180-94.174.1.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-debug-4.4.180-94.174.1.x86_64",
"product": {
"name": "kernel-debug-4.4.180-94.174.1.x86_64",
"product_id": "kernel-debug-4.4.180-94.174.1.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-debug-base-4.4.180-94.174.1.x86_64",
"product": {
"name": "kernel-debug-base-4.4.180-94.174.1.x86_64",
"product_id": "kernel-debug-base-4.4.180-94.174.1.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-debug-devel-4.4.180-94.174.1.x86_64",
"product": {
"name": "kernel-debug-devel-4.4.180-94.174.1.x86_64",
"product_id": "kernel-debug-devel-4.4.180-94.174.1.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-debug-extra-4.4.180-94.174.1.x86_64",
"product": {
"name": "kernel-debug-extra-4.4.180-94.174.1.x86_64",
"product_id": "kernel-debug-extra-4.4.180-94.174.1.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-debug-kgraft-4.4.180-94.174.1.x86_64",
"product": {
"name": "kernel-debug-kgraft-4.4.180-94.174.1.x86_64",
"product_id": "kernel-debug-kgraft-4.4.180-94.174.1.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-default-4.4.180-94.174.1.x86_64",
"product": {
"name": "kernel-default-4.4.180-94.174.1.x86_64",
"product_id": "kernel-default-4.4.180-94.174.1.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-default-base-4.4.180-94.174.1.x86_64",
"product": {
"name": "kernel-default-base-4.4.180-94.174.1.x86_64",
"product_id": "kernel-default-base-4.4.180-94.174.1.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-default-devel-4.4.180-94.174.1.x86_64",
"product": {
"name": "kernel-default-devel-4.4.180-94.174.1.x86_64",
"product_id": "kernel-default-devel-4.4.180-94.174.1.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-default-extra-4.4.180-94.174.1.x86_64",
"product": {
"name": "kernel-default-extra-4.4.180-94.174.1.x86_64",
"product_id": "kernel-default-extra-4.4.180-94.174.1.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-default-kgraft-4.4.180-94.174.1.x86_64",
"product": {
"name": "kernel-default-kgraft-4.4.180-94.174.1.x86_64",
"product_id": "kernel-default-kgraft-4.4.180-94.174.1.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-obs-build-4.4.180-94.174.1.x86_64",
"product": {
"name": "kernel-obs-build-4.4.180-94.174.1.x86_64",
"product_id": "kernel-obs-build-4.4.180-94.174.1.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-obs-qa-4.4.180-94.174.1.x86_64",
"product": {
"name": "kernel-obs-qa-4.4.180-94.174.1.x86_64",
"product_id": "kernel-obs-qa-4.4.180-94.174.1.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-syms-4.4.180-94.174.1.x86_64",
"product": {
"name": "kernel-syms-4.4.180-94.174.1.x86_64",
"product_id": "kernel-syms-4.4.180-94.174.1.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-vanilla-4.4.180-94.174.1.x86_64",
"product": {
"name": "kernel-vanilla-4.4.180-94.174.1.x86_64",
"product_id": "kernel-vanilla-4.4.180-94.174.1.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-vanilla-base-4.4.180-94.174.1.x86_64",
"product": {
"name": "kernel-vanilla-base-4.4.180-94.174.1.x86_64",
"product_id": "kernel-vanilla-base-4.4.180-94.174.1.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-vanilla-devel-4.4.180-94.174.1.x86_64",
"product": {
"name": "kernel-vanilla-devel-4.4.180-94.174.1.x86_64",
"product_id": "kernel-vanilla-devel-4.4.180-94.174.1.x86_64"
}
},
{
"category": "product_version",
"name": "kselftests-kmp-debug-4.4.180-94.174.1.x86_64",
"product": {
"name": "kselftests-kmp-debug-4.4.180-94.174.1.x86_64",
"product_id": "kselftests-kmp-debug-4.4.180-94.174.1.x86_64"
}
},
{
"category": "product_version",
"name": "kselftests-kmp-default-4.4.180-94.174.1.x86_64",
"product": {
"name": "kselftests-kmp-default-4.4.180-94.174.1.x86_64",
"product_id": "kselftests-kmp-default-4.4.180-94.174.1.x86_64"
}
},
{
"category": "product_version",
"name": "ocfs2-kmp-debug-4.4.180-94.174.1.x86_64",
"product": {
"name": "ocfs2-kmp-debug-4.4.180-94.174.1.x86_64",
"product_id": "ocfs2-kmp-debug-4.4.180-94.174.1.x86_64"
}
},
{
"category": "product_version",
"name": "ocfs2-kmp-default-4.4.180-94.174.1.x86_64",
"product": {
"name": "ocfs2-kmp-default-4.4.180-94.174.1.x86_64",
"product_id": "ocfs2-kmp-default-4.4.180-94.174.1.x86_64"
}
}
],
"category": "architecture",
"name": "x86_64"
},
{
"branches": [
{
"category": "product_name",
"name": "SUSE Linux Enterprise Server 12 SP3-BCL",
"product": {
"name": "SUSE Linux Enterprise Server 12 SP3-BCL",
"product_id": "SUSE Linux Enterprise Server 12 SP3-BCL",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sles-bcl:12:sp3"
}
}
}
],
"category": "product_family",
"name": "SUSE Linux Enterprise"
}
],
"category": "vendor",
"name": "SUSE"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-default-4.4.180-94.174.1.x86_64 as component of SUSE Linux Enterprise Server 12 SP3-BCL",
"product_id": "SUSE Linux Enterprise Server 12 SP3-BCL:kernel-default-4.4.180-94.174.1.x86_64"
},
"product_reference": "kernel-default-4.4.180-94.174.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP3-BCL"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-default-base-4.4.180-94.174.1.x86_64 as component of SUSE Linux Enterprise Server 12 SP3-BCL",
"product_id": "SUSE Linux Enterprise Server 12 SP3-BCL:kernel-default-base-4.4.180-94.174.1.x86_64"
},
"product_reference": "kernel-default-base-4.4.180-94.174.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP3-BCL"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-default-devel-4.4.180-94.174.1.x86_64 as component of SUSE Linux Enterprise Server 12 SP3-BCL",
"product_id": "SUSE Linux Enterprise Server 12 SP3-BCL:kernel-default-devel-4.4.180-94.174.1.x86_64"
},
"product_reference": "kernel-default-devel-4.4.180-94.174.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP3-BCL"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-devel-4.4.180-94.174.1.noarch as component of SUSE Linux Enterprise Server 12 SP3-BCL",
"product_id": "SUSE Linux Enterprise Server 12 SP3-BCL:kernel-devel-4.4.180-94.174.1.noarch"
},
"product_reference": "kernel-devel-4.4.180-94.174.1.noarch",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP3-BCL"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-macros-4.4.180-94.174.1.noarch as component of SUSE Linux Enterprise Server 12 SP3-BCL",
"product_id": "SUSE Linux Enterprise Server 12 SP3-BCL:kernel-macros-4.4.180-94.174.1.noarch"
},
"product_reference": "kernel-macros-4.4.180-94.174.1.noarch",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP3-BCL"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-source-4.4.180-94.174.1.noarch as component of SUSE Linux Enterprise Server 12 SP3-BCL",
"product_id": "SUSE Linux Enterprise Server 12 SP3-BCL:kernel-source-4.4.180-94.174.1.noarch"
},
"product_reference": "kernel-source-4.4.180-94.174.1.noarch",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP3-BCL"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-syms-4.4.180-94.174.1.x86_64 as component of SUSE Linux Enterprise Server 12 SP3-BCL",
"product_id": "SUSE Linux Enterprise Server 12 SP3-BCL:kernel-syms-4.4.180-94.174.1.x86_64"
},
"product_reference": "kernel-syms-4.4.180-94.174.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP3-BCL"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2019-3900",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2019-3900"
}
],
"notes": [
{
"category": "general",
"text": "An infinite loop issue was found in the vhost_net kernel module in Linux Kernel up to and including v5.1-rc6, while handling incoming packets in handle_rx(). It could occur if one end sends packets faster than the other end can process them. A guest user, maybe remote one, could use this flaw to stall the vhost_net kernel thread, resulting in a DoS scenario.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Server 12 SP3-BCL:kernel-default-4.4.180-94.174.1.x86_64",
"SUSE Linux Enterprise Server 12 SP3-BCL:kernel-default-base-4.4.180-94.174.1.x86_64",
"SUSE Linux Enterprise Server 12 SP3-BCL:kernel-default-devel-4.4.180-94.174.1.x86_64",
"SUSE Linux Enterprise Server 12 SP3-BCL:kernel-devel-4.4.180-94.174.1.noarch",
"SUSE Linux Enterprise Server 12 SP3-BCL:kernel-macros-4.4.180-94.174.1.noarch",
"SUSE Linux Enterprise Server 12 SP3-BCL:kernel-source-4.4.180-94.174.1.noarch",
"SUSE Linux Enterprise Server 12 SP3-BCL:kernel-syms-4.4.180-94.174.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2019-3900",
"url": "https://www.suse.com/security/cve/CVE-2019-3900"
},
{
"category": "external",
"summary": "SUSE Bug 1133374 for CVE-2019-3900",
"url": "https://bugzilla.suse.com/1133374"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Server 12 SP3-BCL:kernel-default-4.4.180-94.174.1.x86_64",
"SUSE Linux Enterprise Server 12 SP3-BCL:kernel-default-base-4.4.180-94.174.1.x86_64",
"SUSE Linux Enterprise Server 12 SP3-BCL:kernel-default-devel-4.4.180-94.174.1.x86_64",
"SUSE Linux Enterprise Server 12 SP3-BCL:kernel-devel-4.4.180-94.174.1.noarch",
"SUSE Linux Enterprise Server 12 SP3-BCL:kernel-macros-4.4.180-94.174.1.noarch",
"SUSE Linux Enterprise Server 12 SP3-BCL:kernel-source-4.4.180-94.174.1.noarch",
"SUSE Linux Enterprise Server 12 SP3-BCL:kernel-syms-4.4.180-94.174.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.0"
},
"products": [
"SUSE Linux Enterprise Server 12 SP3-BCL:kernel-default-4.4.180-94.174.1.x86_64",
"SUSE Linux Enterprise Server 12 SP3-BCL:kernel-default-base-4.4.180-94.174.1.x86_64",
"SUSE Linux Enterprise Server 12 SP3-BCL:kernel-default-devel-4.4.180-94.174.1.x86_64",
"SUSE Linux Enterprise Server 12 SP3-BCL:kernel-devel-4.4.180-94.174.1.noarch",
"SUSE Linux Enterprise Server 12 SP3-BCL:kernel-macros-4.4.180-94.174.1.noarch",
"SUSE Linux Enterprise Server 12 SP3-BCL:kernel-source-4.4.180-94.174.1.noarch",
"SUSE Linux Enterprise Server 12 SP3-BCL:kernel-syms-4.4.180-94.174.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2022-09-14T04:14:47Z",
"details": "low"
}
],
"title": "CVE-2019-3900"
},
{
"cve": "CVE-2020-36516",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2020-36516"
}
],
"notes": [
{
"category": "general",
"text": "An issue was discovered in the Linux kernel through 5.16.11. The mixed IPID assignment method with the hash-based IPID assignment policy allows an off-path attacker to inject data into a victim\u0027s TCP session or terminate that session.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Server 12 SP3-BCL:kernel-default-4.4.180-94.174.1.x86_64",
"SUSE Linux Enterprise Server 12 SP3-BCL:kernel-default-base-4.4.180-94.174.1.x86_64",
"SUSE Linux Enterprise Server 12 SP3-BCL:kernel-default-devel-4.4.180-94.174.1.x86_64",
"SUSE Linux Enterprise Server 12 SP3-BCL:kernel-devel-4.4.180-94.174.1.noarch",
"SUSE Linux Enterprise Server 12 SP3-BCL:kernel-macros-4.4.180-94.174.1.noarch",
"SUSE Linux Enterprise Server 12 SP3-BCL:kernel-source-4.4.180-94.174.1.noarch",
"SUSE Linux Enterprise Server 12 SP3-BCL:kernel-syms-4.4.180-94.174.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2020-36516",
"url": "https://www.suse.com/security/cve/CVE-2020-36516"
},
{
"category": "external",
"summary": "SUSE Bug 1196616 for CVE-2020-36516",
"url": "https://bugzilla.suse.com/1196616"
},
{
"category": "external",
"summary": "SUSE Bug 1196867 for CVE-2020-36516",
"url": "https://bugzilla.suse.com/1196867"
},
{
"category": "external",
"summary": "SUSE Bug 1204092 for CVE-2020-36516",
"url": "https://bugzilla.suse.com/1204092"
},
{
"category": "external",
"summary": "SUSE Bug 1204183 for CVE-2020-36516",
"url": "https://bugzilla.suse.com/1204183"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Server 12 SP3-BCL:kernel-default-4.4.180-94.174.1.x86_64",
"SUSE Linux Enterprise Server 12 SP3-BCL:kernel-default-base-4.4.180-94.174.1.x86_64",
"SUSE Linux Enterprise Server 12 SP3-BCL:kernel-default-devel-4.4.180-94.174.1.x86_64",
"SUSE Linux Enterprise Server 12 SP3-BCL:kernel-devel-4.4.180-94.174.1.noarch",
"SUSE Linux Enterprise Server 12 SP3-BCL:kernel-macros-4.4.180-94.174.1.noarch",
"SUSE Linux Enterprise Server 12 SP3-BCL:kernel-source-4.4.180-94.174.1.noarch",
"SUSE Linux Enterprise Server 12 SP3-BCL:kernel-syms-4.4.180-94.174.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 8.1,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Server 12 SP3-BCL:kernel-default-4.4.180-94.174.1.x86_64",
"SUSE Linux Enterprise Server 12 SP3-BCL:kernel-default-base-4.4.180-94.174.1.x86_64",
"SUSE Linux Enterprise Server 12 SP3-BCL:kernel-default-devel-4.4.180-94.174.1.x86_64",
"SUSE Linux Enterprise Server 12 SP3-BCL:kernel-devel-4.4.180-94.174.1.noarch",
"SUSE Linux Enterprise Server 12 SP3-BCL:kernel-macros-4.4.180-94.174.1.noarch",
"SUSE Linux Enterprise Server 12 SP3-BCL:kernel-source-4.4.180-94.174.1.noarch",
"SUSE Linux Enterprise Server 12 SP3-BCL:kernel-syms-4.4.180-94.174.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2022-09-14T04:14:47Z",
"details": "important"
}
],
"title": "CVE-2020-36516"
},
{
"cve": "CVE-2022-20368",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-20368"
}
],
"notes": [
{
"category": "general",
"text": "Product: AndroidVersions: Android kernelAndroid ID: A-224546354References: Upstream kernel",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Server 12 SP3-BCL:kernel-default-4.4.180-94.174.1.x86_64",
"SUSE Linux Enterprise Server 12 SP3-BCL:kernel-default-base-4.4.180-94.174.1.x86_64",
"SUSE Linux Enterprise Server 12 SP3-BCL:kernel-default-devel-4.4.180-94.174.1.x86_64",
"SUSE Linux Enterprise Server 12 SP3-BCL:kernel-devel-4.4.180-94.174.1.noarch",
"SUSE Linux Enterprise Server 12 SP3-BCL:kernel-macros-4.4.180-94.174.1.noarch",
"SUSE Linux Enterprise Server 12 SP3-BCL:kernel-source-4.4.180-94.174.1.noarch",
"SUSE Linux Enterprise Server 12 SP3-BCL:kernel-syms-4.4.180-94.174.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-20368",
"url": "https://www.suse.com/security/cve/CVE-2022-20368"
},
{
"category": "external",
"summary": "SUSE Bug 1202346 for CVE-2022-20368",
"url": "https://bugzilla.suse.com/1202346"
},
{
"category": "external",
"summary": "SUSE Bug 1212311 for CVE-2022-20368",
"url": "https://bugzilla.suse.com/1212311"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Server 12 SP3-BCL:kernel-default-4.4.180-94.174.1.x86_64",
"SUSE Linux Enterprise Server 12 SP3-BCL:kernel-default-base-4.4.180-94.174.1.x86_64",
"SUSE Linux Enterprise Server 12 SP3-BCL:kernel-default-devel-4.4.180-94.174.1.x86_64",
"SUSE Linux Enterprise Server 12 SP3-BCL:kernel-devel-4.4.180-94.174.1.noarch",
"SUSE Linux Enterprise Server 12 SP3-BCL:kernel-macros-4.4.180-94.174.1.noarch",
"SUSE Linux Enterprise Server 12 SP3-BCL:kernel-source-4.4.180-94.174.1.noarch",
"SUSE Linux Enterprise Server 12 SP3-BCL:kernel-syms-4.4.180-94.174.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Server 12 SP3-BCL:kernel-default-4.4.180-94.174.1.x86_64",
"SUSE Linux Enterprise Server 12 SP3-BCL:kernel-default-base-4.4.180-94.174.1.x86_64",
"SUSE Linux Enterprise Server 12 SP3-BCL:kernel-default-devel-4.4.180-94.174.1.x86_64",
"SUSE Linux Enterprise Server 12 SP3-BCL:kernel-devel-4.4.180-94.174.1.noarch",
"SUSE Linux Enterprise Server 12 SP3-BCL:kernel-macros-4.4.180-94.174.1.noarch",
"SUSE Linux Enterprise Server 12 SP3-BCL:kernel-source-4.4.180-94.174.1.noarch",
"SUSE Linux Enterprise Server 12 SP3-BCL:kernel-syms-4.4.180-94.174.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2022-09-14T04:14:47Z",
"details": "moderate"
}
],
"title": "CVE-2022-20368"
},
{
"cve": "CVE-2022-20369",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-20369"
}
],
"notes": [
{
"category": "general",
"text": "In v4l2_m2m_querybuf of v4l2-mem2mem.c, there is a possible out of bounds write due to improper input validation. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID: A-223375145References: Upstream kernel",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Server 12 SP3-BCL:kernel-default-4.4.180-94.174.1.x86_64",
"SUSE Linux Enterprise Server 12 SP3-BCL:kernel-default-base-4.4.180-94.174.1.x86_64",
"SUSE Linux Enterprise Server 12 SP3-BCL:kernel-default-devel-4.4.180-94.174.1.x86_64",
"SUSE Linux Enterprise Server 12 SP3-BCL:kernel-devel-4.4.180-94.174.1.noarch",
"SUSE Linux Enterprise Server 12 SP3-BCL:kernel-macros-4.4.180-94.174.1.noarch",
"SUSE Linux Enterprise Server 12 SP3-BCL:kernel-source-4.4.180-94.174.1.noarch",
"SUSE Linux Enterprise Server 12 SP3-BCL:kernel-syms-4.4.180-94.174.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-20369",
"url": "https://www.suse.com/security/cve/CVE-2022-20369"
},
{
"category": "external",
"summary": "SUSE Bug 1202347 for CVE-2022-20369",
"url": "https://bugzilla.suse.com/1202347"
},
{
"category": "external",
"summary": "SUSE Bug 1212321 for CVE-2022-20369",
"url": "https://bugzilla.suse.com/1212321"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Server 12 SP3-BCL:kernel-default-4.4.180-94.174.1.x86_64",
"SUSE Linux Enterprise Server 12 SP3-BCL:kernel-default-base-4.4.180-94.174.1.x86_64",
"SUSE Linux Enterprise Server 12 SP3-BCL:kernel-default-devel-4.4.180-94.174.1.x86_64",
"SUSE Linux Enterprise Server 12 SP3-BCL:kernel-devel-4.4.180-94.174.1.noarch",
"SUSE Linux Enterprise Server 12 SP3-BCL:kernel-macros-4.4.180-94.174.1.noarch",
"SUSE Linux Enterprise Server 12 SP3-BCL:kernel-source-4.4.180-94.174.1.noarch",
"SUSE Linux Enterprise Server 12 SP3-BCL:kernel-syms-4.4.180-94.174.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Server 12 SP3-BCL:kernel-default-4.4.180-94.174.1.x86_64",
"SUSE Linux Enterprise Server 12 SP3-BCL:kernel-default-base-4.4.180-94.174.1.x86_64",
"SUSE Linux Enterprise Server 12 SP3-BCL:kernel-default-devel-4.4.180-94.174.1.x86_64",
"SUSE Linux Enterprise Server 12 SP3-BCL:kernel-devel-4.4.180-94.174.1.noarch",
"SUSE Linux Enterprise Server 12 SP3-BCL:kernel-macros-4.4.180-94.174.1.noarch",
"SUSE Linux Enterprise Server 12 SP3-BCL:kernel-source-4.4.180-94.174.1.noarch",
"SUSE Linux Enterprise Server 12 SP3-BCL:kernel-syms-4.4.180-94.174.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2022-09-14T04:14:47Z",
"details": "moderate"
}
],
"title": "CVE-2022-20369"
},
{
"cve": "CVE-2022-21385",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-21385"
}
],
"notes": [
{
"category": "general",
"text": "A flaw in net_rds_alloc_sgs() in Oracle Linux kernels allows unprivileged local users to crash the machine. CVSS 3.1 Base Score 6.2 (Availability impacts). CVSS Vector (CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H)",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Server 12 SP3-BCL:kernel-default-4.4.180-94.174.1.x86_64",
"SUSE Linux Enterprise Server 12 SP3-BCL:kernel-default-base-4.4.180-94.174.1.x86_64",
"SUSE Linux Enterprise Server 12 SP3-BCL:kernel-default-devel-4.4.180-94.174.1.x86_64",
"SUSE Linux Enterprise Server 12 SP3-BCL:kernel-devel-4.4.180-94.174.1.noarch",
"SUSE Linux Enterprise Server 12 SP3-BCL:kernel-macros-4.4.180-94.174.1.noarch",
"SUSE Linux Enterprise Server 12 SP3-BCL:kernel-source-4.4.180-94.174.1.noarch",
"SUSE Linux Enterprise Server 12 SP3-BCL:kernel-syms-4.4.180-94.174.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-21385",
"url": "https://www.suse.com/security/cve/CVE-2022-21385"
},
{
"category": "external",
"summary": "SUSE Bug 1202897 for CVE-2022-21385",
"url": "https://bugzilla.suse.com/1202897"
},
{
"category": "external",
"summary": "SUSE Bug 1212285 for CVE-2022-21385",
"url": "https://bugzilla.suse.com/1212285"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Server 12 SP3-BCL:kernel-default-4.4.180-94.174.1.x86_64",
"SUSE Linux Enterprise Server 12 SP3-BCL:kernel-default-base-4.4.180-94.174.1.x86_64",
"SUSE Linux Enterprise Server 12 SP3-BCL:kernel-default-devel-4.4.180-94.174.1.x86_64",
"SUSE Linux Enterprise Server 12 SP3-BCL:kernel-devel-4.4.180-94.174.1.noarch",
"SUSE Linux Enterprise Server 12 SP3-BCL:kernel-macros-4.4.180-94.174.1.noarch",
"SUSE Linux Enterprise Server 12 SP3-BCL:kernel-source-4.4.180-94.174.1.noarch",
"SUSE Linux Enterprise Server 12 SP3-BCL:kernel-syms-4.4.180-94.174.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.2,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Server 12 SP3-BCL:kernel-default-4.4.180-94.174.1.x86_64",
"SUSE Linux Enterprise Server 12 SP3-BCL:kernel-default-base-4.4.180-94.174.1.x86_64",
"SUSE Linux Enterprise Server 12 SP3-BCL:kernel-default-devel-4.4.180-94.174.1.x86_64",
"SUSE Linux Enterprise Server 12 SP3-BCL:kernel-devel-4.4.180-94.174.1.noarch",
"SUSE Linux Enterprise Server 12 SP3-BCL:kernel-macros-4.4.180-94.174.1.noarch",
"SUSE Linux Enterprise Server 12 SP3-BCL:kernel-source-4.4.180-94.174.1.noarch",
"SUSE Linux Enterprise Server 12 SP3-BCL:kernel-syms-4.4.180-94.174.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2022-09-14T04:14:47Z",
"details": "moderate"
}
],
"title": "CVE-2022-21385"
},
{
"cve": "CVE-2022-2588",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-2588"
}
],
"notes": [
{
"category": "general",
"text": "It was discovered that the cls_route filter implementation in the Linux kernel would not remove an old filter from the hashtable before freeing it if its handle had the value 0.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Server 12 SP3-BCL:kernel-default-4.4.180-94.174.1.x86_64",
"SUSE Linux Enterprise Server 12 SP3-BCL:kernel-default-base-4.4.180-94.174.1.x86_64",
"SUSE Linux Enterprise Server 12 SP3-BCL:kernel-default-devel-4.4.180-94.174.1.x86_64",
"SUSE Linux Enterprise Server 12 SP3-BCL:kernel-devel-4.4.180-94.174.1.noarch",
"SUSE Linux Enterprise Server 12 SP3-BCL:kernel-macros-4.4.180-94.174.1.noarch",
"SUSE Linux Enterprise Server 12 SP3-BCL:kernel-source-4.4.180-94.174.1.noarch",
"SUSE Linux Enterprise Server 12 SP3-BCL:kernel-syms-4.4.180-94.174.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-2588",
"url": "https://www.suse.com/security/cve/CVE-2022-2588"
},
{
"category": "external",
"summary": "SUSE Bug 1202096 for CVE-2022-2588",
"url": "https://bugzilla.suse.com/1202096"
},
{
"category": "external",
"summary": "SUSE Bug 1203613 for CVE-2022-2588",
"url": "https://bugzilla.suse.com/1203613"
},
{
"category": "external",
"summary": "SUSE Bug 1204183 for CVE-2022-2588",
"url": "https://bugzilla.suse.com/1204183"
},
{
"category": "external",
"summary": "SUSE Bug 1209225 for CVE-2022-2588",
"url": "https://bugzilla.suse.com/1209225"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Server 12 SP3-BCL:kernel-default-4.4.180-94.174.1.x86_64",
"SUSE Linux Enterprise Server 12 SP3-BCL:kernel-default-base-4.4.180-94.174.1.x86_64",
"SUSE Linux Enterprise Server 12 SP3-BCL:kernel-default-devel-4.4.180-94.174.1.x86_64",
"SUSE Linux Enterprise Server 12 SP3-BCL:kernel-devel-4.4.180-94.174.1.noarch",
"SUSE Linux Enterprise Server 12 SP3-BCL:kernel-macros-4.4.180-94.174.1.noarch",
"SUSE Linux Enterprise Server 12 SP3-BCL:kernel-source-4.4.180-94.174.1.noarch",
"SUSE Linux Enterprise Server 12 SP3-BCL:kernel-syms-4.4.180-94.174.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Server 12 SP3-BCL:kernel-default-4.4.180-94.174.1.x86_64",
"SUSE Linux Enterprise Server 12 SP3-BCL:kernel-default-base-4.4.180-94.174.1.x86_64",
"SUSE Linux Enterprise Server 12 SP3-BCL:kernel-default-devel-4.4.180-94.174.1.x86_64",
"SUSE Linux Enterprise Server 12 SP3-BCL:kernel-devel-4.4.180-94.174.1.noarch",
"SUSE Linux Enterprise Server 12 SP3-BCL:kernel-macros-4.4.180-94.174.1.noarch",
"SUSE Linux Enterprise Server 12 SP3-BCL:kernel-source-4.4.180-94.174.1.noarch",
"SUSE Linux Enterprise Server 12 SP3-BCL:kernel-syms-4.4.180-94.174.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2022-09-14T04:14:47Z",
"details": "important"
}
],
"title": "CVE-2022-2588"
},
{
"cve": "CVE-2022-26373",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-26373"
}
],
"notes": [
{
"category": "general",
"text": "Non-transparent sharing of return predictor targets between contexts in some Intel(R) Processors may allow an authorized user to potentially enable information disclosure via local access.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Server 12 SP3-BCL:kernel-default-4.4.180-94.174.1.x86_64",
"SUSE Linux Enterprise Server 12 SP3-BCL:kernel-default-base-4.4.180-94.174.1.x86_64",
"SUSE Linux Enterprise Server 12 SP3-BCL:kernel-default-devel-4.4.180-94.174.1.x86_64",
"SUSE Linux Enterprise Server 12 SP3-BCL:kernel-devel-4.4.180-94.174.1.noarch",
"SUSE Linux Enterprise Server 12 SP3-BCL:kernel-macros-4.4.180-94.174.1.noarch",
"SUSE Linux Enterprise Server 12 SP3-BCL:kernel-source-4.4.180-94.174.1.noarch",
"SUSE Linux Enterprise Server 12 SP3-BCL:kernel-syms-4.4.180-94.174.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-26373",
"url": "https://www.suse.com/security/cve/CVE-2022-26373"
},
{
"category": "external",
"summary": "SUSE Bug 1201726 for CVE-2022-26373",
"url": "https://bugzilla.suse.com/1201726"
},
{
"category": "external",
"summary": "SUSE Bug 1209619 for CVE-2022-26373",
"url": "https://bugzilla.suse.com/1209619"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Server 12 SP3-BCL:kernel-default-4.4.180-94.174.1.x86_64",
"SUSE Linux Enterprise Server 12 SP3-BCL:kernel-default-base-4.4.180-94.174.1.x86_64",
"SUSE Linux Enterprise Server 12 SP3-BCL:kernel-default-devel-4.4.180-94.174.1.x86_64",
"SUSE Linux Enterprise Server 12 SP3-BCL:kernel-devel-4.4.180-94.174.1.noarch",
"SUSE Linux Enterprise Server 12 SP3-BCL:kernel-macros-4.4.180-94.174.1.noarch",
"SUSE Linux Enterprise Server 12 SP3-BCL:kernel-source-4.4.180-94.174.1.noarch",
"SUSE Linux Enterprise Server 12 SP3-BCL:kernel-syms-4.4.180-94.174.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Server 12 SP3-BCL:kernel-default-4.4.180-94.174.1.x86_64",
"SUSE Linux Enterprise Server 12 SP3-BCL:kernel-default-base-4.4.180-94.174.1.x86_64",
"SUSE Linux Enterprise Server 12 SP3-BCL:kernel-default-devel-4.4.180-94.174.1.x86_64",
"SUSE Linux Enterprise Server 12 SP3-BCL:kernel-devel-4.4.180-94.174.1.noarch",
"SUSE Linux Enterprise Server 12 SP3-BCL:kernel-macros-4.4.180-94.174.1.noarch",
"SUSE Linux Enterprise Server 12 SP3-BCL:kernel-source-4.4.180-94.174.1.noarch",
"SUSE Linux Enterprise Server 12 SP3-BCL:kernel-syms-4.4.180-94.174.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2022-09-14T04:14:47Z",
"details": "moderate"
}
],
"title": "CVE-2022-26373"
},
{
"cve": "CVE-2022-2991",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-2991"
}
],
"notes": [
{
"category": "general",
"text": "A heap-based buffer overflow was found in the Linux kernel\u0027s LightNVM subsystem. The issue results from the lack of proper validation of the length of user-supplied data prior to copying it to a fixed-length heap-based buffer. This vulnerability allows a local attacker to escalate privileges and execute arbitrary code in the context of the kernel. The attacker must first obtain the ability to execute high-privileged code on the target system to exploit this vulnerability.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Server 12 SP3-BCL:kernel-default-4.4.180-94.174.1.x86_64",
"SUSE Linux Enterprise Server 12 SP3-BCL:kernel-default-base-4.4.180-94.174.1.x86_64",
"SUSE Linux Enterprise Server 12 SP3-BCL:kernel-default-devel-4.4.180-94.174.1.x86_64",
"SUSE Linux Enterprise Server 12 SP3-BCL:kernel-devel-4.4.180-94.174.1.noarch",
"SUSE Linux Enterprise Server 12 SP3-BCL:kernel-macros-4.4.180-94.174.1.noarch",
"SUSE Linux Enterprise Server 12 SP3-BCL:kernel-source-4.4.180-94.174.1.noarch",
"SUSE Linux Enterprise Server 12 SP3-BCL:kernel-syms-4.4.180-94.174.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-2991",
"url": "https://www.suse.com/security/cve/CVE-2022-2991"
},
{
"category": "external",
"summary": "SUSE Bug 1201420 for CVE-2022-2991",
"url": "https://bugzilla.suse.com/1201420"
},
{
"category": "external",
"summary": "SUSE Bug 1203993 for CVE-2022-2991",
"url": "https://bugzilla.suse.com/1203993"
},
{
"category": "external",
"summary": "SUSE Bug 1211495 for CVE-2022-2991",
"url": "https://bugzilla.suse.com/1211495"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Server 12 SP3-BCL:kernel-default-4.4.180-94.174.1.x86_64",
"SUSE Linux Enterprise Server 12 SP3-BCL:kernel-default-base-4.4.180-94.174.1.x86_64",
"SUSE Linux Enterprise Server 12 SP3-BCL:kernel-default-devel-4.4.180-94.174.1.x86_64",
"SUSE Linux Enterprise Server 12 SP3-BCL:kernel-devel-4.4.180-94.174.1.noarch",
"SUSE Linux Enterprise Server 12 SP3-BCL:kernel-macros-4.4.180-94.174.1.noarch",
"SUSE Linux Enterprise Server 12 SP3-BCL:kernel-source-4.4.180-94.174.1.noarch",
"SUSE Linux Enterprise Server 12 SP3-BCL:kernel-syms-4.4.180-94.174.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 8.2,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Server 12 SP3-BCL:kernel-default-4.4.180-94.174.1.x86_64",
"SUSE Linux Enterprise Server 12 SP3-BCL:kernel-default-base-4.4.180-94.174.1.x86_64",
"SUSE Linux Enterprise Server 12 SP3-BCL:kernel-default-devel-4.4.180-94.174.1.x86_64",
"SUSE Linux Enterprise Server 12 SP3-BCL:kernel-devel-4.4.180-94.174.1.noarch",
"SUSE Linux Enterprise Server 12 SP3-BCL:kernel-macros-4.4.180-94.174.1.noarch",
"SUSE Linux Enterprise Server 12 SP3-BCL:kernel-source-4.4.180-94.174.1.noarch",
"SUSE Linux Enterprise Server 12 SP3-BCL:kernel-syms-4.4.180-94.174.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2022-09-14T04:14:47Z",
"details": "important"
}
],
"title": "CVE-2022-2991"
},
{
"cve": "CVE-2022-3028",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-3028"
}
],
"notes": [
{
"category": "general",
"text": "A race condition was found in the Linux kernel\u0027s IP framework for transforming packets (XFRM subsystem) when multiple calls to xfrm_probe_algs occurred simultaneously. This flaw could allow a local attacker to potentially trigger an out-of-bounds write or leak kernel heap memory by performing an out-of-bounds read and copying it into a socket.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Server 12 SP3-BCL:kernel-default-4.4.180-94.174.1.x86_64",
"SUSE Linux Enterprise Server 12 SP3-BCL:kernel-default-base-4.4.180-94.174.1.x86_64",
"SUSE Linux Enterprise Server 12 SP3-BCL:kernel-default-devel-4.4.180-94.174.1.x86_64",
"SUSE Linux Enterprise Server 12 SP3-BCL:kernel-devel-4.4.180-94.174.1.noarch",
"SUSE Linux Enterprise Server 12 SP3-BCL:kernel-macros-4.4.180-94.174.1.noarch",
"SUSE Linux Enterprise Server 12 SP3-BCL:kernel-source-4.4.180-94.174.1.noarch",
"SUSE Linux Enterprise Server 12 SP3-BCL:kernel-syms-4.4.180-94.174.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-3028",
"url": "https://www.suse.com/security/cve/CVE-2022-3028"
},
{
"category": "external",
"summary": "SUSE Bug 1202898 for CVE-2022-3028",
"url": "https://bugzilla.suse.com/1202898"
},
{
"category": "external",
"summary": "SUSE Bug 1212296 for CVE-2022-3028",
"url": "https://bugzilla.suse.com/1212296"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Server 12 SP3-BCL:kernel-default-4.4.180-94.174.1.x86_64",
"SUSE Linux Enterprise Server 12 SP3-BCL:kernel-default-base-4.4.180-94.174.1.x86_64",
"SUSE Linux Enterprise Server 12 SP3-BCL:kernel-default-devel-4.4.180-94.174.1.x86_64",
"SUSE Linux Enterprise Server 12 SP3-BCL:kernel-devel-4.4.180-94.174.1.noarch",
"SUSE Linux Enterprise Server 12 SP3-BCL:kernel-macros-4.4.180-94.174.1.noarch",
"SUSE Linux Enterprise Server 12 SP3-BCL:kernel-source-4.4.180-94.174.1.noarch",
"SUSE Linux Enterprise Server 12 SP3-BCL:kernel-syms-4.4.180-94.174.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.7,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Server 12 SP3-BCL:kernel-default-4.4.180-94.174.1.x86_64",
"SUSE Linux Enterprise Server 12 SP3-BCL:kernel-default-base-4.4.180-94.174.1.x86_64",
"SUSE Linux Enterprise Server 12 SP3-BCL:kernel-default-devel-4.4.180-94.174.1.x86_64",
"SUSE Linux Enterprise Server 12 SP3-BCL:kernel-devel-4.4.180-94.174.1.noarch",
"SUSE Linux Enterprise Server 12 SP3-BCL:kernel-macros-4.4.180-94.174.1.noarch",
"SUSE Linux Enterprise Server 12 SP3-BCL:kernel-source-4.4.180-94.174.1.noarch",
"SUSE Linux Enterprise Server 12 SP3-BCL:kernel-syms-4.4.180-94.174.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2022-09-14T04:14:47Z",
"details": "moderate"
}
],
"title": "CVE-2022-3028"
},
{
"cve": "CVE-2022-36879",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-36879"
}
],
"notes": [
{
"category": "general",
"text": "An issue was discovered in the Linux kernel through 5.18.14. xfrm_expand_policies in net/xfrm/xfrm_policy.c can cause a refcount to be dropped twice.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Server 12 SP3-BCL:kernel-default-4.4.180-94.174.1.x86_64",
"SUSE Linux Enterprise Server 12 SP3-BCL:kernel-default-base-4.4.180-94.174.1.x86_64",
"SUSE Linux Enterprise Server 12 SP3-BCL:kernel-default-devel-4.4.180-94.174.1.x86_64",
"SUSE Linux Enterprise Server 12 SP3-BCL:kernel-devel-4.4.180-94.174.1.noarch",
"SUSE Linux Enterprise Server 12 SP3-BCL:kernel-macros-4.4.180-94.174.1.noarch",
"SUSE Linux Enterprise Server 12 SP3-BCL:kernel-source-4.4.180-94.174.1.noarch",
"SUSE Linux Enterprise Server 12 SP3-BCL:kernel-syms-4.4.180-94.174.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-36879",
"url": "https://www.suse.com/security/cve/CVE-2022-36879"
},
{
"category": "external",
"summary": "SUSE Bug 1201948 for CVE-2022-36879",
"url": "https://bugzilla.suse.com/1201948"
},
{
"category": "external",
"summary": "SUSE Bug 1212327 for CVE-2022-36879",
"url": "https://bugzilla.suse.com/1212327"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Server 12 SP3-BCL:kernel-default-4.4.180-94.174.1.x86_64",
"SUSE Linux Enterprise Server 12 SP3-BCL:kernel-default-base-4.4.180-94.174.1.x86_64",
"SUSE Linux Enterprise Server 12 SP3-BCL:kernel-default-devel-4.4.180-94.174.1.x86_64",
"SUSE Linux Enterprise Server 12 SP3-BCL:kernel-devel-4.4.180-94.174.1.noarch",
"SUSE Linux Enterprise Server 12 SP3-BCL:kernel-macros-4.4.180-94.174.1.noarch",
"SUSE Linux Enterprise Server 12 SP3-BCL:kernel-source-4.4.180-94.174.1.noarch",
"SUSE Linux Enterprise Server 12 SP3-BCL:kernel-syms-4.4.180-94.174.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.1,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Server 12 SP3-BCL:kernel-default-4.4.180-94.174.1.x86_64",
"SUSE Linux Enterprise Server 12 SP3-BCL:kernel-default-base-4.4.180-94.174.1.x86_64",
"SUSE Linux Enterprise Server 12 SP3-BCL:kernel-default-devel-4.4.180-94.174.1.x86_64",
"SUSE Linux Enterprise Server 12 SP3-BCL:kernel-devel-4.4.180-94.174.1.noarch",
"SUSE Linux Enterprise Server 12 SP3-BCL:kernel-macros-4.4.180-94.174.1.noarch",
"SUSE Linux Enterprise Server 12 SP3-BCL:kernel-source-4.4.180-94.174.1.noarch",
"SUSE Linux Enterprise Server 12 SP3-BCL:kernel-syms-4.4.180-94.174.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2022-09-14T04:14:47Z",
"details": "moderate"
}
],
"title": "CVE-2022-36879"
},
{
"cve": "CVE-2022-39188",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-39188"
}
],
"notes": [
{
"category": "general",
"text": "An issue was discovered in include/asm-generic/tlb.h in the Linux kernel before 5.19. Because of a race condition (unmap_mapping_range versus munmap), a device driver can free a page while it still has stale TLB entries. This only occurs in situations with VM_PFNMAP VMAs.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Server 12 SP3-BCL:kernel-default-4.4.180-94.174.1.x86_64",
"SUSE Linux Enterprise Server 12 SP3-BCL:kernel-default-base-4.4.180-94.174.1.x86_64",
"SUSE Linux Enterprise Server 12 SP3-BCL:kernel-default-devel-4.4.180-94.174.1.x86_64",
"SUSE Linux Enterprise Server 12 SP3-BCL:kernel-devel-4.4.180-94.174.1.noarch",
"SUSE Linux Enterprise Server 12 SP3-BCL:kernel-macros-4.4.180-94.174.1.noarch",
"SUSE Linux Enterprise Server 12 SP3-BCL:kernel-source-4.4.180-94.174.1.noarch",
"SUSE Linux Enterprise Server 12 SP3-BCL:kernel-syms-4.4.180-94.174.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-39188",
"url": "https://www.suse.com/security/cve/CVE-2022-39188"
},
{
"category": "external",
"summary": "SUSE Bug 1203107 for CVE-2022-39188",
"url": "https://bugzilla.suse.com/1203107"
},
{
"category": "external",
"summary": "SUSE Bug 1203116 for CVE-2022-39188",
"url": "https://bugzilla.suse.com/1203116"
},
{
"category": "external",
"summary": "SUSE Bug 1205313 for CVE-2022-39188",
"url": "https://bugzilla.suse.com/1205313"
},
{
"category": "external",
"summary": "SUSE Bug 1209225 for CVE-2022-39188",
"url": "https://bugzilla.suse.com/1209225"
},
{
"category": "external",
"summary": "SUSE Bug 1212326 for CVE-2022-39188",
"url": "https://bugzilla.suse.com/1212326"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Server 12 SP3-BCL:kernel-default-4.4.180-94.174.1.x86_64",
"SUSE Linux Enterprise Server 12 SP3-BCL:kernel-default-base-4.4.180-94.174.1.x86_64",
"SUSE Linux Enterprise Server 12 SP3-BCL:kernel-default-devel-4.4.180-94.174.1.x86_64",
"SUSE Linux Enterprise Server 12 SP3-BCL:kernel-devel-4.4.180-94.174.1.noarch",
"SUSE Linux Enterprise Server 12 SP3-BCL:kernel-macros-4.4.180-94.174.1.noarch",
"SUSE Linux Enterprise Server 12 SP3-BCL:kernel-source-4.4.180-94.174.1.noarch",
"SUSE Linux Enterprise Server 12 SP3-BCL:kernel-syms-4.4.180-94.174.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Server 12 SP3-BCL:kernel-default-4.4.180-94.174.1.x86_64",
"SUSE Linux Enterprise Server 12 SP3-BCL:kernel-default-base-4.4.180-94.174.1.x86_64",
"SUSE Linux Enterprise Server 12 SP3-BCL:kernel-default-devel-4.4.180-94.174.1.x86_64",
"SUSE Linux Enterprise Server 12 SP3-BCL:kernel-devel-4.4.180-94.174.1.noarch",
"SUSE Linux Enterprise Server 12 SP3-BCL:kernel-macros-4.4.180-94.174.1.noarch",
"SUSE Linux Enterprise Server 12 SP3-BCL:kernel-source-4.4.180-94.174.1.noarch",
"SUSE Linux Enterprise Server 12 SP3-BCL:kernel-syms-4.4.180-94.174.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2022-09-14T04:14:47Z",
"details": "important"
}
],
"title": "CVE-2022-39188"
}
]
}
Loading…
Loading…
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or observed by the user.
- Confirmed: The vulnerability has been validated from an analyst's perspective.
- Published Proof of Concept: A public proof of concept is available for this vulnerability.
- Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
- Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
- Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
- Not confirmed: The user expressed doubt about the validity of the vulnerability.
- Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.
Loading…
Loading…