1. Home
  2. Security Advisories
  3. SUSE
  4. SUSE-SU-2017:0464-1

[SUSE-SU-2017:0464-1] Security update for the Linux Kernel

Severity Important
Affected Packages 28
CVEs 19
Info Packages References Vulnerabilities

Security update for the Linux Kernel

The SUSE Linux Enterprise 12 SP1 kernel was updated to 3.12.69 to receive various security and bugfixes.

The following security bugs were fixed:

  • CVE-2015-8962: Double free vulnerability in the sg_common_write function in drivers/scsi/sg.c in the Linux kernel allowed local users to gain privileges or cause a denial of service (memory corruption and system crash) by detaching a device during an SG_IO ioctl call (bnc#1010501).
  • CVE-2015-8963: Race condition in kernel/events/core.c in the Linux kernel allowed local users to gain privileges or cause a denial of service (use-after-free) by leveraging incorrect handling of an swevent data structure during a CPU unplug operation (bnc#1010502).
  • CVE-2015-8964: The tty_set_termios_ldisc function in drivers/tty/tty_ldisc.c in the Linux kernel allowed local users to obtain sensitive information from kernel memory by reading a tty data structure (bnc#1010507).
  • CVE-2016-10088: The sg implementation in the Linux kernel did not properly restrict write operations in situations where the KERNEL_DS option is set, which allowed local users to read or write to arbitrary kernel memory locations or cause a denial of service (use-after-free) by leveraging access to a /dev/sg device, related to block/bsg.c and drivers/scsi/sg.c. NOTE: this vulnerability exists because of an incomplete fix for CVE-2016-9576 (bnc#1017710).
  • CVE-2016-7910: Use-after-free vulnerability in the disk_seqf_stop function in block/genhd.c in the Linux kernel allowed local users to gain privileges by leveraging the execution of a certain stop operation even if the corresponding start operation had failed (bnc#1010716).
  • CVE-2016-7911: Race condition in the get_task_ioprio function in block/ioprio.c in the Linux kernel allowed local users to gain privileges or cause a denial of service (use-after-free) via a crafted ioprio_get system call (bnc#1010711).
  • CVE-2016-7913: The xc2028_set_config function in drivers/media/tuners/tuner-xc2028.c in the Linux kernel allowed local users to gain privileges or cause a denial of service (use-after-free) via vectors involving omission of the firmware name from a certain data structure (bnc#1010478).
  • CVE-2016-7914: The assoc_array_insert_into_terminal_node function in lib/assoc_array.c in the Linux kernel did not check whether a slot is a leaf, which allowed local users to obtain sensitive information from kernel memory or cause a denial of service (invalid pointer dereference and out-of-bounds read) via an application that uses associative-array data structures, as demonstrated by the keyutils test suite (bnc#1010475).
  • CVE-2016-8399: An elevation of privilege vulnerability in the kernel networking subsystem could enable a local malicious application to execute arbitrary code within the context of the kernel. This issue is rated as Moderate because it first requires compromising a privileged process and current compiler optimizations restrict access to the vulnerable code. Product: Android. Versions: Kernel-3.10, Kernel-3.18. Android ID: A-31349935 (bnc#1014746).
  • CVE-2016-8633: drivers/firewire/net.c in the Linux kernel, in certain unusual hardware configurations, allowed remote attackers to execute arbitrary code via crafted fragmented packets (bnc#1008833).
  • CVE-2016-8645: The TCP stack in the Linux kernel mishandled skb truncation, which allowed local users to cause a denial of service (system crash) via a crafted application that made sendto system calls, related to net/ipv4/tcp_ipv4.c and net/ipv6/tcp_ipv6.c (bnc#1009969).
  • CVE-2016-9083: drivers/vfio/pci/vfio_pci.c in the Linux kernel allowed local users to bypass integer overflow checks, and cause a denial of service (memory corruption) or have unspecified other impact, by leveraging access to a vfio PCI device file for a VFIO_DEVICE_SET_IRQS ioctl call, aka a 'state machine confusion bug' (bnc#1007197).
  • CVE-2016-9084: drivers/vfio/pci/vfio_pci_intrs.c in the Linux kernel misuses the kzalloc function, which allowed local users to cause a denial of service (integer overflow) or have unspecified other impact by leveraging access to a vfio PCI device file (bnc#1007197).
  • CVE-2016-9756: arch/x86/kvm/emulate.c in the Linux kernel did not properly initialize Code Segment (CS) in certain error cases, which allowed local users to obtain sensitive information from kernel stack memory via a crafted application (bnc#1013038).
  • CVE-2016-9793: The sock_setsockopt function in net/core/sock.c in the Linux kernel mishandled negative values of sk_sndbuf and sk_rcvbuf, which allowed local users to cause a denial of service (memory corruption and system crash) or possibly have unspecified other impact by leveraging the CAP_NET_ADMIN capability for a crafted setsockopt system call with the (1) SO_SNDBUFFORCE or (2) SO_RCVBUFFORCE option (bnc#1013531 1013542).
  • CVE-2016-9806: Race condition in the netlink_dump function in net/netlink/af_netlink.c in the Linux kernel allowed local users to cause a denial of service (double free) or possibly have unspecified other impact via a crafted application that made sendmsg system calls, leading to a free operation associated with a new dump that started earlier than anticipated (bnc#1013540 1017589).
  • CVE-2017-2584: arch/x86/kvm/emulate.c in the Linux kernel allowed local users to obtain sensitive information from kernel memory or cause a denial of service (use-after-free) via a crafted application that leverages instruction emulation for fxrstor, fxsave, sgdt, and sidt (bsc#1019851).
  • CVE-2017-2583: Fixed broken emulation of 'MOV SS, null selector' (bsc#1020602).
  • CVE-2017-5551: Clear SGID bit when setting file permissions on tmpfs (bsc#1021258).

The following non-security bugs were fixed:

  • Fixup acl reference leak and missing conversions in ext3, gfs2, jfs, hfsplus
  • RAID1: ignore discard error (bsc#1017164).
  • Update patches.suse/btrfs-8446-fix-qgroup-accounting-when-creating-snap.patch (bsc#972993).
  • blacklist: PCI fixes required only for cxl (bsc#1016713).
  • blacklist: cxl fixes on SLE12 SP1 (bsc#1016725)
  • blacklist: ibmvnic fixes on SLE12 SP1 (bsc#1016961)
  • block_dev: do not test bdev->bd_contains when it is not stable (bsc#1008557).
  • bna: Add synchronization for tx ring (bsc#993739).
  • bnx2i/bnx2fc : fix randconfig error in next-20140909 (bsc#922052 fate#318602 bsc#922056 FATE#318604).
  • bnx2x: Correct ringparam estimate when DOWN (bsc#1020214).
  • bnx2x: fix lockdep splat (bsc#922052 fate#318602 bsc#922056 FATE#318604).
  • btrfs: Ensure proper sector alignment for btrfs_free_reserved_data_space (bsc#1005666).
  • btrfs: Export and move leaf/subtree qgroup helpers to qgroup.c (bsc#983087).
  • btrfs: Revert 'Btrfs: do not delay inode ref updates during log replay' (bsc#987192).
  • btrfs: bugfix: handle FS_IOC32_{GETFLAGS,SETFLAGS,GETVERSION} in btrfs_ioctl (bsc#1018100).
  • btrfs: do not delay inode ref updates during log replay (bsc#987192).
  • btrfs: fix incremental send failure caused by balance (bsc#985850).
  • btrfs: fix relocation incorrectly dropping data references (bsc#990384).
  • btrfs: increment ctx->pos for every emitted or skipped dirent in XXXXXXX (bsc#981709).
  • btrfs: qgroup: Fix qgroup data leaking by using subtree tracing (bsc#983087).
  • btrfs: remove old tree_root dirent processing in btrfs_real_readdir() (bsc#981709).
  • btrfs: send, do not bug on inconsistent snapshots (bsc#985850).
  • cpufreq: intel_pstate: Fix divide by zero on Knights Landing (KNL) (bsc#1008876).
  • ext4: fix data exposure after a crash (bsc#1012985).
  • fs: avoid including 'mountproto=' with no protocol in /proc/mounts (bsc#1019260).
  • fuse: do not use iocb after it may have been freed (bsc#1012985).
  • hpilo: Add support for iLO5 (bsc#999101).
  • ib/core: Avoid unsigned int overflow in sg_alloc_table (bsc#924381 FATE#318568 bsc#921338).
  • ib/mlx5: Fix FW version diaplay in sysfs (bnc#923036 FATE#318772).
  • ib/mlx5: Fix entries check in mlx5_ib_resize_cq (bnc#858727 FATE#315946).
  • ib/mlx5: Fix entries checks in mlx5_ib_create_cq (bnc#858727 FATE#315946).
  • ib/mlx5: Remove per-MR pas and dma pointers (bnc#923036 FATE#318772).
  • ibmveth: calculate gso_segs for large packets (bsc#1019148).
  • ibmveth: check return of skb_linearize in ibmveth_start_xmit (bsc#1019148).
  • ibmveth: consolidate kmalloc of array, memset 0 to kcalloc (bsc#1019148).
  • ibmveth: set correct gso_size and gso_type (bsc#1019148).
  • igb: Fix oops caused by missing queue pairing (bnc#857394).
  • ipmi_si: create hardware-independent softdep for ipmi_devintf (bsc#1009062).
  • ipr: Enable SIS pipe commands for SIS-32 devices (bsc#1016961).
  • ipv4: Fix ip_queue_xmit to pass sk into ip_local_out_sk (bsc#938963 FATE#319084).
  • kabi fix (bsc#1014410).
  • kabi: Whitelist KVM KABI changes resulting from adding a hcall. caused by 5246adec59458b5d325b8e1462ea9ef3ead7f6ae powerpc/pseries: Use H_CLEAR_HPT to clear MMU hash table during kexec No problem is expected as result of changing KVM KABI so whitelisting for now. If we get some additional input from IBM we can back out the patch.
  • kabi: protect __sk_mem_reclaim (kabi).
  • kabi: protect struct perf_event_context (kabi).
  • kabi: reintroduce sk_filter (kabi).
  • kbuild: Fix removal of the debian/ directory (bsc#1010213).
  • kernel: remove broken memory detection sanity check (bnc#1008567, LTC#148072).
  • kgr: ignore zombie tasks during the patching (bnc#1008979).
  • kgraft/iscsi-target: Do not block kGraft in iscsi_np kthread (bsc#1010612).
  • kgraft/xen: Do not block kGraft in xenbus kthread (bsc#1017410).
  • move the call of __d_drop(anon) into __d_materialise_unique(dentry, anon) (bsc#984194).
  • net/mlx5: Avoid passing dma address 0 to firmware (bnc#858727 FATE#315946).
  • net/mlx5: Fix typo in mlx5_query_port_pvlc (bnc#923036 FATE#318772).
  • net/mlx5e: Do not modify CQ before it was created (bnc#923036 FATE#318772).
  • net/mlx5e: Do not try to modify CQ moderation if it is not supported (bnc#923036 FATE#318772).
  • net/mlx5e: Fix MLX5E_100BASE_T define (bnc#923036 FATE#318772).
  • net/mlx5e: Remove wrong poll CQ optimization (bnc#923036 FATE#318772).
  • netback: correct array index (bsc#983348).
  • nfsv4: Cap the transport reconnection timer at 1/2 lease period (bsc#1014410).
  • nfsv4: Cleanup the setting of the nfs4 lease period (bsc#1014410).
  • ocfs2: fix BUG_ON() in ocfs2_ci_checkpointed() (bnc#1019783).
  • powerpc/pseries: Use H_CLEAR_HPT to clear MMU hash table during kexec (bsc#1003813).
  • reiserfs: fix race in prealloc discard (bsc#987576).
  • rpm/kernel-binary.spec.in: Export a make-stderr.log file (bsc#1012422)
  • rpm/kernel-spec-macros: Fix the check if there is no rebuild counter (bsc#1012060)
  • rpm/kernel-spec-macros: Ignore too high rebuild counter (bsc#1012060)
  • serial: 8250_pci: Detach low-level driver during PCI error recovery (bsc#1013001).
  • serial: 8250_pci: Fix potential use-after-free in error path (bsc#1013001).
  • sfc: clear napi_hash state when copying channels (bsc#923037 FATE#318563).
  • sfc: fix potential stack corruption from running past stat bitmask (bsc#923037 FATE#318563).
  • sfc: on MC reset, clear PIO buffer linkage in TXQs (bnc#856380 FATE#315942).
  • sunrpc: Enforce an upper limit on the number of cached credentials (bsc#1012917).
  • sunrpc: Fix reconnection timeouts (bsc#1014410).
  • sunrpc: Limit the reconnect backoff timer to the max RPC message timeout (bsc#1014410).
  • supported.conf: Add lib/*.ko to supported.conf (bsc#1019032)
  • target: Make EXTENDED_COPY 0xe4 failure return COPY TARGET DEVICE NOT REACHABLE (bsc#991273).
  • target: add XCOPY target/segment desc sense codes (bsc#991273).
  • target: bounds check XCOPY segment descriptor list (bsc#991273).
  • target: bounds check XCOPY total descriptor list length (bsc#991273).
  • target: check XCOPY segment descriptor CSCD IDs (bsc#1017170).
  • target: check for XCOPY parameter truncation (bsc#991273).
  • target: return UNSUPPORTED TARGET/SEGMENT DESC TYPE CODE sense (bsc#991273).
  • target: simplify XCOPY wwn->se_dev lookup helper (bsc#991273).
  • target: support XCOPY requests without parameters (bsc#991273).
  • target: use XCOPY TOO MANY TARGET DESCRIPTORS sense (bsc#991273).
  • target: use XCOPY segment descriptor CSCD IDs (bsc#1017170).
  • tg3: Avoid NULL pointer dereference in tg3_io_error_detected() (bsc#921778 FATE#318558).
  • tty: Prevent ldisc drivers from re-using stale tty fields (bnc#1010507).
  • x86/apic: Order irq_enter/exit() calls correctly vs. ack_APIC_irq() (bsc#1013479).
  • xen/ftrace/x86: Set ftrace_stub to weak to prevent gcc from using short jumps to it (bsc#984419).
  • xenbus: correctly signal errors from xenstored_local_init() (luckily none so far).
  • xfs: allow lazy sb counter sync during filesystem freeze sequence (bsc#980560).
  • xfs: refactor xlog_recover_process_data() (bsc#1019300).
Package Affected Version
pkg:rpm/suse/kernel-xen?arch=x86_64&distro=sles-12&sp=1 < 3.12.69-60.64.29.1
pkg:rpm/suse/kernel-xen?arch=x86_64&distro=sled-12&sp=1 < 3.12.69-60.64.29.1
pkg:rpm/suse/kernel-xen-devel?arch=x86_64&distro=sles-12&sp=1 < 3.12.69-60.64.29.1
pkg:rpm/suse/kernel-xen-devel?arch=x86_64&distro=sled-12&sp=1 < 3.12.69-60.64.29.1
pkg:rpm/suse/kernel-xen-base?arch=x86_64&distro=sles-12&sp=1 < 3.12.69-60.64.29.1
pkg:rpm/suse/kernel-syms?arch=x86_64&distro=sles-12&sp=1 < 3.12.69-60.64.29.1
pkg:rpm/suse/kernel-syms?arch=x86_64&distro=sled-12&sp=1 < 3.12.69-60.64.29.1
pkg:rpm/suse/kernel-syms?arch=s390x&distro=sles-12&sp=1 < 3.12.69-60.64.29.1
pkg:rpm/suse/kernel-syms?arch=ppc64le&distro=sles-12&sp=1 < 3.12.69-60.64.29.1
pkg:rpm/suse/kernel-source?arch=noarch&distro=sles-12&sp=1 < 3.12.69-60.64.29.1
pkg:rpm/suse/kernel-source?arch=noarch&distro=sled-12&sp=1 < 3.12.69-60.64.29.1
pkg:rpm/suse/kernel-macros?arch=noarch&distro=sles-12&sp=1 < 3.12.69-60.64.29.1
pkg:rpm/suse/kernel-macros?arch=noarch&distro=sled-12&sp=1 < 3.12.69-60.64.29.1
pkg:rpm/suse/kernel-devel?arch=noarch&distro=sles-12&sp=1 < 3.12.69-60.64.29.1
pkg:rpm/suse/kernel-devel?arch=noarch&distro=sled-12&sp=1 < 3.12.69-60.64.29.1
pkg:rpm/suse/kernel-default?arch=x86_64&distro=sles-12&sp=1 < 3.12.69-60.64.29.1
pkg:rpm/suse/kernel-default?arch=x86_64&distro=sled-12&sp=1 < 3.12.69-60.64.29.1
pkg:rpm/suse/kernel-default?arch=s390x&distro=sles-12&sp=1 < 3.12.69-60.64.29.1
pkg:rpm/suse/kernel-default?arch=ppc64le&distro=sles-12&sp=1 < 3.12.69-60.64.29.1
pkg:rpm/suse/kernel-default-man?arch=s390x&distro=sles-12&sp=1 < 3.12.69-60.64.29.1
pkg:rpm/suse/kernel-default-extra?arch=x86_64&distro=sled-12&sp=1 < 3.12.69-60.64.29.1
pkg:rpm/suse/kernel-default-devel?arch=x86_64&distro=sles-12&sp=1 < 3.12.69-60.64.29.1
pkg:rpm/suse/kernel-default-devel?arch=x86_64&distro=sled-12&sp=1 < 3.12.69-60.64.29.1
pkg:rpm/suse/kernel-default-devel?arch=s390x&distro=sles-12&sp=1 < 3.12.69-60.64.29.1
pkg:rpm/suse/kernel-default-devel?arch=ppc64le&distro=sles-12&sp=1 < 3.12.69-60.64.29.1
pkg:rpm/suse/kernel-default-base?arch=x86_64&distro=sles-12&sp=1 < 3.12.69-60.64.29.1
pkg:rpm/suse/kernel-default-base?arch=s390x&distro=sles-12&sp=1 < 3.12.69-60.64.29.1
pkg:rpm/suse/kernel-default-base?arch=ppc64le&distro=sles-12&sp=1 < 3.12.69-60.64.29.1
ID
SUSE-SU-2017:0464-1
Severity
important
URL
https://www.suse.com/support/update/announcement/2017/suse-su-20170464-1/
Published
2017-02-14T19:07:43
(7 years ago)
Modified
2017-02-14T19:07:43
(7 years ago)
Rights
Copyright 2024 SUSE LLC. All rights reserved.
Other Advisories
Source # ID Name URL
Suse SUSE ratings https://www.suse.com/support/security/rating/
Suse URL of this CSAF notice https://ftp.suse.com/pub/projects/security/csaf/suse-su-2017_0464-1.json
Suse URL for SUSE-SU-2017:0464-1 https://www.suse.com/support/update/announcement/2017/suse-su-20170464-1/
Suse E-Mail link for SUSE-SU-2017:0464-1 https://lists.suse.com/pipermail/sle-security-updates/2017-February/002643.html
Bugzilla SUSE Bug 1003813 https://bugzilla.suse.com/1003813
Bugzilla SUSE Bug 1005666 https://bugzilla.suse.com/1005666
Bugzilla SUSE Bug 1007197 https://bugzilla.suse.com/1007197
Bugzilla SUSE Bug 1008557 https://bugzilla.suse.com/1008557
Bugzilla SUSE Bug 1008567 https://bugzilla.suse.com/1008567
Bugzilla SUSE Bug 1008833 https://bugzilla.suse.com/1008833
Bugzilla SUSE Bug 1008876 https://bugzilla.suse.com/1008876
Bugzilla SUSE Bug 1008979 https://bugzilla.suse.com/1008979
Bugzilla SUSE Bug 1009062 https://bugzilla.suse.com/1009062
Bugzilla SUSE Bug 1009969 https://bugzilla.suse.com/1009969
Bugzilla SUSE Bug 1010040 https://bugzilla.suse.com/1010040
Bugzilla SUSE Bug 1010213 https://bugzilla.suse.com/1010213
Bugzilla SUSE Bug 1010294 https://bugzilla.suse.com/1010294
Bugzilla SUSE Bug 1010475 https://bugzilla.suse.com/1010475
Bugzilla SUSE Bug 1010478 https://bugzilla.suse.com/1010478
Bugzilla SUSE Bug 1010501 https://bugzilla.suse.com/1010501
Bugzilla SUSE Bug 1010502 https://bugzilla.suse.com/1010502
Bugzilla SUSE Bug 1010507 https://bugzilla.suse.com/1010507
Bugzilla SUSE Bug 1010612 https://bugzilla.suse.com/1010612
Bugzilla SUSE Bug 1010711 https://bugzilla.suse.com/1010711
Bugzilla SUSE Bug 1010716 https://bugzilla.suse.com/1010716
Bugzilla SUSE Bug 1012060 https://bugzilla.suse.com/1012060
Bugzilla SUSE Bug 1012422 https://bugzilla.suse.com/1012422
Bugzilla SUSE Bug 1012917 https://bugzilla.suse.com/1012917
Bugzilla SUSE Bug 1012985 https://bugzilla.suse.com/1012985
Bugzilla SUSE Bug 1013001 https://bugzilla.suse.com/1013001
Bugzilla SUSE Bug 1013038 https://bugzilla.suse.com/1013038
Bugzilla SUSE Bug 1013479 https://bugzilla.suse.com/1013479
Bugzilla SUSE Bug 1013531 https://bugzilla.suse.com/1013531
Bugzilla SUSE Bug 1013540 https://bugzilla.suse.com/1013540
Bugzilla SUSE Bug 1013542 https://bugzilla.suse.com/1013542
Bugzilla SUSE Bug 1014410 https://bugzilla.suse.com/1014410
Bugzilla SUSE Bug 1014746 https://bugzilla.suse.com/1014746
Bugzilla SUSE Bug 1016713 https://bugzilla.suse.com/1016713
Bugzilla SUSE Bug 1016725 https://bugzilla.suse.com/1016725
Bugzilla SUSE Bug 1016961 https://bugzilla.suse.com/1016961
Bugzilla SUSE Bug 1017164 https://bugzilla.suse.com/1017164
Bugzilla SUSE Bug 1017170 https://bugzilla.suse.com/1017170
Bugzilla SUSE Bug 1017410 https://bugzilla.suse.com/1017410
Bugzilla SUSE Bug 1017589 https://bugzilla.suse.com/1017589
Bugzilla SUSE Bug 1017710 https://bugzilla.suse.com/1017710
Bugzilla SUSE Bug 1018100 https://bugzilla.suse.com/1018100
Bugzilla SUSE Bug 1019032 https://bugzilla.suse.com/1019032
Bugzilla SUSE Bug 1019148 https://bugzilla.suse.com/1019148
Bugzilla SUSE Bug 1019260 https://bugzilla.suse.com/1019260
Bugzilla SUSE Bug 1019300 https://bugzilla.suse.com/1019300
Bugzilla SUSE Bug 1019783 https://bugzilla.suse.com/1019783
Bugzilla SUSE Bug 1019851 https://bugzilla.suse.com/1019851
Bugzilla SUSE Bug 1020214 https://bugzilla.suse.com/1020214
Bugzilla SUSE Bug 1020602 https://bugzilla.suse.com/1020602
Bugzilla SUSE Bug 1021258 https://bugzilla.suse.com/1021258
Bugzilla SUSE Bug 856380 https://bugzilla.suse.com/856380
Bugzilla SUSE Bug 857394 https://bugzilla.suse.com/857394
Bugzilla SUSE Bug 858727 https://bugzilla.suse.com/858727
Bugzilla SUSE Bug 921338 https://bugzilla.suse.com/921338
Bugzilla SUSE Bug 921778 https://bugzilla.suse.com/921778
Bugzilla SUSE Bug 922052 https://bugzilla.suse.com/922052
Bugzilla SUSE Bug 922056 https://bugzilla.suse.com/922056
Bugzilla SUSE Bug 923036 https://bugzilla.suse.com/923036
Bugzilla SUSE Bug 923037 https://bugzilla.suse.com/923037
Bugzilla SUSE Bug 924381 https://bugzilla.suse.com/924381
Bugzilla SUSE Bug 938963 https://bugzilla.suse.com/938963
Bugzilla SUSE Bug 972993 https://bugzilla.suse.com/972993
Bugzilla SUSE Bug 980560 https://bugzilla.suse.com/980560
Bugzilla SUSE Bug 981709 https://bugzilla.suse.com/981709
Bugzilla SUSE Bug 983087 https://bugzilla.suse.com/983087
Bugzilla SUSE Bug 983348 https://bugzilla.suse.com/983348
Bugzilla SUSE Bug 984194 https://bugzilla.suse.com/984194
Bugzilla SUSE Bug 984419 https://bugzilla.suse.com/984419
Bugzilla SUSE Bug 985850 https://bugzilla.suse.com/985850
Bugzilla SUSE Bug 987192 https://bugzilla.suse.com/987192
Bugzilla SUSE Bug 987576 https://bugzilla.suse.com/987576
Bugzilla SUSE Bug 990384 https://bugzilla.suse.com/990384
Bugzilla SUSE Bug 991273 https://bugzilla.suse.com/991273
Bugzilla SUSE Bug 993739 https://bugzilla.suse.com/993739
Bugzilla SUSE Bug 997807 https://bugzilla.suse.com/997807
Bugzilla SUSE Bug 999101 https://bugzilla.suse.com/999101
CVE SUSE CVE CVE-2015-8962 page https://www.suse.com/security/cve/CVE-2015-8962/
CVE SUSE CVE CVE-2015-8963 page https://www.suse.com/security/cve/CVE-2015-8963/
CVE SUSE CVE CVE-2015-8964 page https://www.suse.com/security/cve/CVE-2015-8964/
CVE SUSE CVE CVE-2016-10088 page https://www.suse.com/security/cve/CVE-2016-10088/
CVE SUSE CVE CVE-2016-7910 page https://www.suse.com/security/cve/CVE-2016-7910/
CVE SUSE CVE CVE-2016-7911 page https://www.suse.com/security/cve/CVE-2016-7911/
CVE SUSE CVE CVE-2016-7913 page https://www.suse.com/security/cve/CVE-2016-7913/
CVE SUSE CVE CVE-2016-7914 page https://www.suse.com/security/cve/CVE-2016-7914/
CVE SUSE CVE CVE-2016-8399 page https://www.suse.com/security/cve/CVE-2016-8399/
CVE SUSE CVE CVE-2016-8633 page https://www.suse.com/security/cve/CVE-2016-8633/
CVE SUSE CVE CVE-2016-8645 page https://www.suse.com/security/cve/CVE-2016-8645/
CVE SUSE CVE CVE-2016-9083 page https://www.suse.com/security/cve/CVE-2016-9083/
CVE SUSE CVE CVE-2016-9084 page https://www.suse.com/security/cve/CVE-2016-9084/
CVE SUSE CVE CVE-2016-9756 page https://www.suse.com/security/cve/CVE-2016-9756/
CVE SUSE CVE CVE-2016-9793 page https://www.suse.com/security/cve/CVE-2016-9793/
CVE SUSE CVE CVE-2016-9806 page https://www.suse.com/security/cve/CVE-2016-9806/
CVE SUSE CVE CVE-2017-2583 page https://www.suse.com/security/cve/CVE-2017-2583/
CVE SUSE CVE CVE-2017-2584 page https://www.suse.com/security/cve/CVE-2017-2584/
CVE SUSE CVE CVE-2017-5551 page https://www.suse.com/security/cve/CVE-2017-5551/
Type Package URL Namespace Name / Product Version Distribution / Platform Arch Patch / Fix
Affected pkg:rpm/suse/kernel-xen?arch=x86_64&distro=sles-12&sp=1 suse kernel-xen < 3.12.69-60.64.29.1 sles-12 x86_64
Affected pkg:rpm/suse/kernel-xen?arch=x86_64&distro=sled-12&sp=1 suse kernel-xen < 3.12.69-60.64.29.1 sled-12 x86_64
Affected pkg:rpm/suse/kernel-xen-devel?arch=x86_64&distro=sles-12&sp=1 suse kernel-xen-devel < 3.12.69-60.64.29.1 sles-12 x86_64
Affected pkg:rpm/suse/kernel-xen-devel?arch=x86_64&distro=sled-12&sp=1 suse kernel-xen-devel < 3.12.69-60.64.29.1 sled-12 x86_64
Affected pkg:rpm/suse/kernel-xen-base?arch=x86_64&distro=sles-12&sp=1 suse kernel-xen-base < 3.12.69-60.64.29.1 sles-12 x86_64
Affected pkg:rpm/suse/kernel-syms?arch=x86_64&distro=sles-12&sp=1 suse kernel-syms < 3.12.69-60.64.29.1 sles-12 x86_64
Affected pkg:rpm/suse/kernel-syms?arch=x86_64&distro=sled-12&sp=1 suse kernel-syms < 3.12.69-60.64.29.1 sled-12 x86_64
Affected pkg:rpm/suse/kernel-syms?arch=s390x&distro=sles-12&sp=1 suse kernel-syms < 3.12.69-60.64.29.1 sles-12 s390x
Affected pkg:rpm/suse/kernel-syms?arch=ppc64le&distro=sles-12&sp=1 suse kernel-syms < 3.12.69-60.64.29.1 sles-12 ppc64le
Affected pkg:rpm/suse/kernel-source?arch=noarch&distro=sles-12&sp=1 suse kernel-source < 3.12.69-60.64.29.1 sles-12 noarch
Affected pkg:rpm/suse/kernel-source?arch=noarch&distro=sled-12&sp=1 suse kernel-source < 3.12.69-60.64.29.1 sled-12 noarch
Affected pkg:rpm/suse/kernel-macros?arch=noarch&distro=sles-12&sp=1 suse kernel-macros < 3.12.69-60.64.29.1 sles-12 noarch
Affected pkg:rpm/suse/kernel-macros?arch=noarch&distro=sled-12&sp=1 suse kernel-macros < 3.12.69-60.64.29.1 sled-12 noarch
Affected pkg:rpm/suse/kernel-devel?arch=noarch&distro=sles-12&sp=1 suse kernel-devel < 3.12.69-60.64.29.1 sles-12 noarch
Affected pkg:rpm/suse/kernel-devel?arch=noarch&distro=sled-12&sp=1 suse kernel-devel < 3.12.69-60.64.29.1 sled-12 noarch
Affected pkg:rpm/suse/kernel-default?arch=x86_64&distro=sles-12&sp=1 suse kernel-default < 3.12.69-60.64.29.1 sles-12 x86_64
Affected pkg:rpm/suse/kernel-default?arch=x86_64&distro=sled-12&sp=1 suse kernel-default < 3.12.69-60.64.29.1 sled-12 x86_64
Affected pkg:rpm/suse/kernel-default?arch=s390x&distro=sles-12&sp=1 suse kernel-default < 3.12.69-60.64.29.1 sles-12 s390x
Affected pkg:rpm/suse/kernel-default?arch=ppc64le&distro=sles-12&sp=1 suse kernel-default < 3.12.69-60.64.29.1 sles-12 ppc64le
Affected pkg:rpm/suse/kernel-default-man?arch=s390x&distro=sles-12&sp=1 suse kernel-default-man < 3.12.69-60.64.29.1 sles-12 s390x
Affected pkg:rpm/suse/kernel-default-extra?arch=x86_64&distro=sled-12&sp=1 suse kernel-default-extra < 3.12.69-60.64.29.1 sled-12 x86_64
Affected pkg:rpm/suse/kernel-default-devel?arch=x86_64&distro=sles-12&sp=1 suse kernel-default-devel < 3.12.69-60.64.29.1 sles-12 x86_64
Affected pkg:rpm/suse/kernel-default-devel?arch=x86_64&distro=sled-12&sp=1 suse kernel-default-devel < 3.12.69-60.64.29.1 sled-12 x86_64
Affected pkg:rpm/suse/kernel-default-devel?arch=s390x&distro=sles-12&sp=1 suse kernel-default-devel < 3.12.69-60.64.29.1 sles-12 s390x
Affected pkg:rpm/suse/kernel-default-devel?arch=ppc64le&distro=sles-12&sp=1 suse kernel-default-devel < 3.12.69-60.64.29.1 sles-12 ppc64le
Affected pkg:rpm/suse/kernel-default-base?arch=x86_64&distro=sles-12&sp=1 suse kernel-default-base < 3.12.69-60.64.29.1 sles-12 x86_64
Affected pkg:rpm/suse/kernel-default-base?arch=s390x&distro=sles-12&sp=1 suse kernel-default-base < 3.12.69-60.64.29.1 sles-12 s390x
Affected pkg:rpm/suse/kernel-default-base?arch=ppc64le&distro=sles-12&sp=1 suse kernel-default-base < 3.12.69-60.64.29.1 sles-12 ppc64le
# CVE Description CVSS EPSS EPSS Trend (30 days) Affected Products Weaknesses Security Advisories Exploits PoC Pubblication Date Modification Date
# CVE Description CVSS EPSS EPSS Trend (30 days) Affected Products Weaknesses Security Advisories PoC Pubblication Date Modification Date