[SUSE-SU-2017:2525-1] Security update for the Linux Kernel
Severity
Important
Affected Packages
43
CVEs
40
Security update for the Linux Kernel
The SUSE Linux Enterprise 11 SP3 LTSS kernel was updated receive various security and bugfixes.
The following security bugs were fixed:
- CVE-2016-5243: The tipc_nl_compat_link_dump function in net/tipc/netlink_compat.c in the Linux kernel did not properly copy a certain string, which allowed local users to obtain sensitive information from kernel stack memory by reading a Netlink message (bnc#983212)
- CVE-2016-10200: Race condition in the L2TPv3 IP Encapsulation feature in the Linux kernel allowed local users to gain privileges or cause a denial of service (use-after-free) by making multiple bind system calls without properly ascertaining whether a socket has the SOCK_ZAPPED status, related to net/l2tp/l2tp_ip.c and net/l2tp/l2tp_ip6.c (bnc#1028415)
- CVE-2017-2647: The KEYS subsystem in the Linux kernel allowed local users to gain privileges or cause a denial of service (NULL pointer dereference and system crash) via vectors involving a NULL value for a certain match field, related to the keyring_search_iterator function in keyring.c (bsc#1030593).
- CVE-2017-2671: The ping_unhash function in net/ipv4/ping.c in the Linux kernel was too late in obtaining a certain lock and consequently could not ensure that disconnect function calls are safe, which allowed local users to cause a denial of service (panic) by leveraging access to the protocol value of IPPROTO_ICMP in a socket system call (bnc#1031003)
- CVE-2017-5669: The do_shmat function in ipc/shm.c in the Linux kernel did not restrict the address calculated by a certain rounding operation, which allowed local users to map page zero, and consequently bypass a protection mechanism that exists for the mmap system call, by making crafted shmget and shmat system calls in a privileged context (bnc#1026914)
- CVE-2017-5970: The ipv4_pktinfo_prepare function in net/ipv4/ip_sockglue.c in the Linux kernel allowed attackers to cause a denial of service (system crash) via (1) an application that made crafted system calls or possibly (2) IPv4 traffic with invalid IP options (bsc#1024938)
- CVE-2017-5986: Race condition in the sctp_wait_for_sndbuf function in net/sctp/socket.c in the Linux kernel allowed local users to cause a denial of service (assertion failure and panic) via a multithreaded application that peels off an association in a certain buffer-full state (bsc#1025235)
- CVE-2017-6074: The dccp_rcv_state_process function in net/dccp/input.c in the Linux kernel mishandled DCCP_PKT_REQUEST packet data structures in the LISTEN state, which allowed local users to obtain root privileges or cause a denial of service (double free) via an application that made an IPV6_RECVPKTINFO setsockopt system call (bnc#1026024)
- CVE-2017-6214: The tcp_splice_read function in net/ipv4/tcp.c in the Linux kernel allowed remote attackers to cause a denial of service (infinite loop and soft lockup) via vectors involving a TCP packet with the URG flag (bnc#1026722)
- CVE-2017-6348: The hashbin_delete function in net/irda/irqueue.c in the Linux kernel improperly managed lock dropping, which allowed local users to cause a denial of service (deadlock) via crafted operations on IrDA devices (bnc#1027178)
- CVE-2017-6353: net/sctp/socket.c in the Linux kernel did not properly restrict association peel-off operations during certain wait states, which allowed local users to cause a denial of service (invalid unlock and double free) via a multithreaded application. NOTE: this vulnerability exists because of an incorrect fix for CVE-2017-5986 (bnc#1027066)
- CVE-2017-6951: The keyring_search_aux function in security/keys/keyring.c in the Linux kernel allowed local users to cause a denial of service (NULL pointer dereference and OOPS) via a request_key system call for the 'dead' type (bsc#1029850).
- CVE-2017-7184: The xfrm_replay_verify_len function in net/xfrm/xfrm_user.c in the Linux kernel did not validate certain size data after an XFRM_MSG_NEWAE update, which allowed local users to obtain root privileges or cause a denial of service (heap-based out-of-bounds access) by leveraging the CAP_NET_ADMIN capability (bsc#1030573)
- CVE-2017-7187: The sg_ioctl function in drivers/scsi/sg.c in the Linux kernel allowed local users to cause a denial of service (stack-based buffer overflow) or possibly have unspecified other impact via a large command size in an SG_NEXT_CMD_LEN ioctl call, leading to out-of-bounds write access in the sg_write function (bnc#1030213)
- CVE-2017-7261: The vmw_surface_define_ioctl function in drivers/gpu/drm/vmwgfx/vmwgfx_surface.c in the Linux kernel did not check for a zero value of certain levels data, which allowed local users to cause a denial of service (ZERO_SIZE_PTR dereference, and GPF and possibly panic) via a crafted ioctl call for a /dev/dri/renderD* device (bnc#1031052)
- CVE-2017-7294: The vmw_surface_define_ioctl function in drivers/gpu/drm/vmwgfx/vmwgfx_surface.c in the Linux kernel did not validate addition of certain levels data, which allowed local users to trigger an integer overflow and out-of-bounds write, and cause a denial of service (system hang or crash) or possibly gain privileges, via a crafted ioctl call for a /dev/dri/renderD* device (bnc#1031440)
- CVE-2017-7308: The packet_set_ring function in net/packet/af_packet.c in the Linux kernel did not properly validate certain block-size data, which allowed local users to cause a denial of service (overflow) or possibly have unspecified other impact via crafted system calls (bnc#1031579)
- CVE-2017-7482: Several missing length checks ticket decode allowing for information leak or potentially code execution (bsc#1046107).
- CVE-2017-7487: The ipxitf_ioctl function in net/ipx/af_ipx.c in the Linux kernel mishandled reference counts, which allowed local users to cause a denial of service (use-after-free) or possibly have unspecified other impact via a failed SIOCGIFADDR ioctl call for an IPX interface (bsc#1038879).
- CVE-2017-7533: Race condition in the fsnotify implementation in the Linux kernel allowed local users to gain privileges or cause a denial of service (memory corruption) via a crafted application that leverages simultaneous execution of the inotify_handle_event and vfs_rename functions (bnc#1049483 1050677 ).
- CVE-2017-7542: The ip6_find_1stfragopt function in net/ipv6/output_core.c in the Linux kernel allowed local users to cause a denial of service (integer overflow and infinite loop) by leveraging the ability to open a raw socket (bnc#1049882).
- CVE-2017-7616: Incorrect error handling in the set_mempolicy and mbind compat syscalls in mm/mempolicy.c in the Linux kernel allowed local users to obtain sensitive information from uninitialized stack data by triggering failure of a certain bitmap operation (bsc#1033336)
- CVE-2017-8831: The saa7164_bus_get function in drivers/media/pci/saa7164/saa7164-bus.c in the Linux kernel allowed local users to cause a denial of service (out-of-bounds array access) or possibly have unspecified other impact by changing a certain sequence-number value, aka a 'double fetch' vulnerability. This requires a malicious PCI Card. (bnc#1037994).
- CVE-2017-8890: The inet_csk_clone_lock function in net/ipv4/inet_connection_sock.c in the Linux kernel allowed attackers to cause a denial of service (double free) or possibly have unspecified other impact by leveraging use of the accept system call (bsc#1038544).
- CVE-2017-8924: The edge_bulk_in_callback function in drivers/usb/serial/io_ti.c in the Linux kernel allowed local users to obtain sensitive information (in the dmesg ringbuffer and syslog) from uninitialized kernel memory by using a crafted USB device (posing as an io_ti USB serial device) to trigger an integer underflow (bnc#1037182).
- CVE-2017-8925: The omninet_open function in drivers/usb/serial/omninet.c in the Linux kernel allowed local users to cause a denial of service (tty exhaustion) by leveraging reference count mishandling (bnc#1038981).
- CVE-2017-9074: The IPv6 fragmentation implementation in the Linux kernel did not consider that the nexthdr field may be associated with an invalid option, which allowed local users to cause a denial of service (out-of-bounds read and BUG) or possibly have unspecified other impact via crafted socket and send system calls (bnc#1039882).
- CVE-2017-9075: The sctp_v6_create_accept_sk function in net/sctp/ipv6.c in the Linux kernel mishandled inheritance, which allowed local users to cause a denial of service or possibly have unspecified other impact via crafted system calls, a related issue to CVE-2017-8890 (bsc#1039883).
- CVE-2017-9076: The dccp_v6_request_recv_sock function in net/dccp/ipv6.c in the Linux kernel mishandled inheritance, which allowed local users to cause a denial of service or possibly have unspecified other impact via crafted system calls, a related issue to CVE-2017-8890 (bnc#1039885).
- CVE-2017-9077: The tcp_v6_syn_recv_sock function in net/ipv6/tcp_ipv6.c in the Linux kernel mishandled inheritance, which allowed local users to cause a denial of service or possibly have unspecified other impact via crafted system calls, a related issue to CVE-2017-8890 (bsc#1040069).
- CVE-2017-9242: The __ip6_append_data function in net/ipv6/ip6_output.c in the Linux kernel was too late in checking whether an overwrite of an skb data structure may occur, which allowed local users to cause a denial of service (system crash) via crafted system calls (bnc#1041431).
- CVE-2017-10661: Race condition in fs/timerfd.c in the Linux kernel allowed local users to gain privileges or cause a denial of service (list corruption or use-after-free) via simultaneous file-descriptor operations that leverage improper might_cancel queueing (bnc#1053152).
- CVE-2017-11176: The mq_notify function in the Linux kernel did not set the sock pointer to NULL upon entry into the retry logic. During a user-space close of a Netlink socket, it allowed attackers to cause a denial of service (use-after-free) or possibly have unspecified other impact (bnc#1048275).
- CVE-2017-11473: Buffer overflow in the mp_override_legacy_irq() function in arch/x86/kernel/acpi/boot.c in the Linux kernel allowed local users to gain privileges via a crafted ACPI table (bnc#1049603).
- CVE-2017-12762: In /drivers/isdn/i4l/isdn_net.c: A user-controlled buffer is copied into a local buffer of constant size using strcpy without a length check which can cause a buffer overflow. (bnc#1053148).
- CVE-2017-14051: An integer overflow in the qla2x00_sysfs_write_optrom_ctl function in drivers/scsi/qla2xxx/qla_attr.c in the Linux kernel allowed local users to cause a denial of service (memory corruption and system crash) by leveraging root access (bnc#1056588).
- CVE-2017-1000112: Fixed a race condition in net-packet code that could have been exploited by unprivileged users to gain root access. (bsc#1052311).
- CVE-2017-1000363: Linux drivers/char/lp.c Out-of-Bounds Write. Due to a missing bounds check, and the fact that parport_ptr integer is static, a 'secure boot' kernel command line adversary could have overflowed the parport_nr array in the following code (bnc#1039456).
- CVE-2017-1000365: The Linux Kernel imposes a size restriction on the arguments and environmental strings passed through RLIMIT_STACK/RLIM_INFINITY (1/4 of the size), but did not take the argument and environment pointers into account, which allowed attackers to bypass this limitation (bnc#1039354).
- CVE-2017-1000380: sound/core/timer.c in the Linux kernel was vulnerable to a data race in the ALSA /dev/snd/timer driver resulting in local users being able to read information belonging to other users, i.e., uninitialized memory contents may be disclosed when a read and an ioctl happen at the same time (bnc#1044125).
The following non-security bugs were fixed:
- acpi: Disable APEI error injection if securelevel is set (bsc#972891, bsc#1023051).
- blkback/blktap: do not leak stack data via response ring (bsc#1042863 XSA-216).
- btrfs: cleanup code of btrfs_balance_delayed_items() (bsc#1034838).
- btrfs: do not run delayed nodes again after all nodes flush (bsc#1034838).
- btrfs: remove btrfs_end_transaction_dmeta() (bsc#1034838).
- btrfs: remove residual code in delayed inode async helper (bsc#1034838).
- btrfs: use flags instead of the bool variants in delayed node (bsc#1034838).
- cifs: cifs_get_root shouldn't use path with tree name, alternate fix (bsc#963655, bsc#979681, bsc#1027406).
- dentry name snapshots (bsc#1049483).
- firmware: fix directory creation rule matching with make 3.80 (bsc#1012422).
- firmware: fix directory creation rule matching with make 3.82 (bsc#1012422).
- Fix vmalloc_fault oops during lazy MMU updates (bsc#948562) (bsc#948562).
- hv: do not lose pending heartbeat vmbus packets (bnc#1006919, bnc#1053760).
- jbd: do not wait (forever) for stale tid caused by wraparound (bsc#1020229).
- jbd: Fix oops in journal_remove_journal_head() (bsc#1017143).
- kernel-binary.spec: Propagate MAKE_ARGS to %build (bsc#1012422)
- keys: Disallow keyrings beginning with '.' to be joined as session keyrings (bnc#1035576).
- nfs: Avoid getting confused by confused server (bsc#1045416).
- nfsd4: minor NFSv2/v3 write decoding cleanup (bsc#1034670).
- nfsd: check for oversized NFSv2/v3 arguments (bsc#1034670).
- nfsd: do not risk using duplicate owner/file/delegation ids (bsc#1029212).
- nfsd: stricter decoding of write-like NFSv2/v3 ops (bsc#1034670).
- nfs: Make nfs_readdir revalidate less often (bsc#1048232).
- pciback: check PF instead of VF for PCI_COMMAND_MEMORY (bsc#957990).
- pciback: only check PF if actually dealing with a VF (bsc#999245).
- pciback: Save the number of MSI-X entries to be copied later (bsc#957988).
- Remove superfluous make flags (bsc#1012422)
- Return short read or 0 at end of a raw device, not EIO (bsc#1039594).
- Revert 'fs/cifs: fix wrongly prefixed path to root (bsc#963655, bsc#979681)
- scsi: lpfc: avoid double free of resource identifiers (bsc#989896).
- scsi: virtio_scsi: fix memory leak on full queue condition (bsc#1028880).
- sunrpc: Clean up the slot table allocation (bsc#1013862).
- sunrpc: Initalise the struct xprt upon allocation (bsc#1013862).
- usb: serial: kl5kusb105: fix line-state error handling (bsc#1021256).
- usb: wusbcore: fix NULL-deref at probe (bsc#1045487).
- Use make --output-sync feature when available (bsc#1012422).
- Use PF_LESS_THROTTLE in loop device thread (bsc#1027101).
- xen/PCI-MSI: fix sysfs teardown in DomU (bsc#986924).
- ID
- SUSE-SU-2017:2525-1
- Severity
- important
- URL
- https://www.suse.com/support/update/announcement/2017/suse-su-20172525-1/
- Published
-
2017-09-19T08:33:08
(7 years ago) - Modified
-
2017-09-19T08:33:08
(7 years ago) - Rights
- Copyright 2024 SUSE LLC. All rights reserved.
- Other Advisories
-
- ALAS-2016-726
- ALAS-2017-805
- ALAS-2017-811
- ALAS-2017-814
- ALAS-2017-828
- ALAS-2017-846
- ALAS-2017-868
- ALAS-2017-870
- ASA-201702-17
- ASA-201702-18
- DSA-3607-1
- DSA-3791-1
- DSA-3804-1
- DSA-3886-1
- DSA-3927-1
- DSA-3945-1
- DSA-3981-1
- ELSA-2017-0293
- ELSA-2017-0294
- ELSA-2017-0323
- ELSA-2017-1308
- ELSA-2017-1372
- ELSA-2017-1615
- ELSA-2017-1842
- ELSA-2017-2473
- ELSA-2017-2930
- ELSA-2017-3200
- ELSA-2017-3315
- ELSA-2017-3520
- ELSA-2017-3521
- ELSA-2017-3522
- ELSA-2017-3533
- ELSA-2017-3534
- ELSA-2017-3535
- ELSA-2017-3539
- ELSA-2017-3566
- ELSA-2017-3567
- ELSA-2017-3574
- ELSA-2017-3575
- ELSA-2017-3576
- ELSA-2017-3579
- ELSA-2017-3580
- ELSA-2017-3595
- ELSA-2017-3605
- ELSA-2017-3606
- ELSA-2017-3607
- ELSA-2017-3609
- ELSA-2017-3621
- ELSA-2017-3622
- ELSA-2017-3631
- ELSA-2017-3632
- ELSA-2017-3633
- ELSA-2017-3635
- ELSA-2017-3636
- ELSA-2017-3637
- ELSA-2017-3658
- ELSA-2018-0169
- ELSA-2018-1062
- ELSA-2018-1854
- ELSA-2018-3083
- ELSA-2018-4040
- ELSA-2018-4041
- ELSA-2018-4108
- ELSA-2018-4161
- ELSA-2018-4164
- ELSA-2018-4172
- ELSA-2019-4316
- ELSA-2019-4317
- ELSA-2020-3548
- ELSA-2020-5671
- ELSA-2020-5866
- ELSA-2020-5879
- ELSA-2020-5881
- ELSA-2020-5936
- ELSA-2021-9486
- ELSA-2021-9487
- FEDORA-2016-3daf782dfa
- FEDORA-2016-80edb9d511
- FEDORA-2016-e0f3fcd7df
- FEDORA-2017-0054c7b1f0
- FEDORA-2017-02174df32f
- FEDORA-2017-26c9ecd7a4
- FEDORA-2017-273b67d5ee
- FEDORA-2017-2e1f3694b2
- FEDORA-2017-3456ba4c93
- FEDORA-2017-387ff46a66
- FEDORA-2017-39b5facda0
- FEDORA-2017-3a9ec92dd6
- FEDORA-2017-4336d64e21
- FEDORA-2017-466d902289
- FEDORA-2017-4b9f61c68d
- FEDORA-2017-502cf68d68
- FEDORA-2017-544eef948f
- FEDORA-2017-6554692044
- FEDORA-2017-6764d16965
- FEDORA-2017-6f06be3fe9
- FEDORA-2017-73f71456d7
- FEDORA-2017-787bc0d5b4
- FEDORA-2017-85744f8aa9
- FEDORA-2017-8e7549fb91
- FEDORA-2017-93dec9eba5
- FEDORA-2017-98548b066b
- FEDORA-2017-a3a8638a60
- FEDORA-2017-adc7d95627
- FEDORA-2017-deb70b495e
- FEDORA-2017-e75602d3ed
- FEDORA-2017-f519ebb3c4
- FEDORA-2017-fb89ca752a
- FEDORA-2018-4ca01704a2
- FEDORA-2018-6367a17aa3
- FEDORA-2018-884a105c04
- RHSA-2017:0293
- RHSA-2017:0294
- RHSA-2017:0295
- RHSA-2017:1298
- RHSA-2017:1308
- RHSA-2017:1372
- RHSA-2017:1615
- RHSA-2017:1616
- RHSA-2017:1842
- RHSA-2017:2077
- RHSA-2017:2473
- RHSA-2017:2585
- RHSA-2017:2930
- RHSA-2017:2931
- RHSA-2017:3200
- RHSA-2017:3315
- RHSA-2017:3322
- RHSA-2018:0169
- RHSA-2018:0676
- RHSA-2018:1062
- RHSA-2018:1854
- RHSA-2018:3083
- RHSA-2018:3096
- RHSA-2020:3548
- SSA:2017-177-01
- SSA:2017-180-01
- SSA:2017-181-02
- SSA:2017-184-01
- SUSE-SU-2017:0517-1
- SUSE-SU-2017:0575-1
- SUSE-SU-2017:0759-1
- SUSE-SU-2017:0760-1
- SUSE-SU-2017:0762-1
- SUSE-SU-2017:0763-1
- SUSE-SU-2017:0764-1
- SUSE-SU-2017:0766-1
- SUSE-SU-2017:0767-1
- SUSE-SU-2017:0768-1
- SUSE-SU-2017:0769-1
- SUSE-SU-2017:0770-1
- SUSE-SU-2017:0771-1
- SUSE-SU-2017:0772-1
- SUSE-SU-2017:0773-1
- SUSE-SU-2017:0774-1
- SUSE-SU-2017:0775-1
- SUSE-SU-2017:0776-1
- SUSE-SU-2017:0777-1
- SUSE-SU-2017:0778-1
- SUSE-SU-2017:0779-1
- SUSE-SU-2017:0780-1
- SUSE-SU-2017:0781-1
- SUSE-SU-2017:0786-1
- SUSE-SU-2017:0864-1
- SUSE-SU-2017:0865-1
- SUSE-SU-2017:0866-1
- SUSE-SU-2017:0867-1
- SUSE-SU-2017:0868-1
- SUSE-SU-2017:0869-1
- SUSE-SU-2017:0870-1
- SUSE-SU-2017:0871-1
- SUSE-SU-2017:0872-1
- SUSE-SU-2017:0873-1
- SUSE-SU-2017:0874-1
- SUSE-SU-2017:0875-1
- SUSE-SU-2017:0876-1
- SUSE-SU-2017:0877-1
- SUSE-SU-2017:0878-1
- SUSE-SU-2017:0879-1
- SUSE-SU-2017:0880-1
- SUSE-SU-2017:0881-1
- SUSE-SU-2017:0882-1
- SUSE-SU-2017:0883-1
- SUSE-SU-2017:0884-1
- SUSE-SU-2017:0885-1
- SUSE-SU-2017:0886-1
- SUSE-SU-2017:0887-1
- SUSE-SU-2017:0888-1
- SUSE-SU-2017:0889-1
- SUSE-SU-2017:1059-1
- SUSE-SU-2017:1060-1
- SUSE-SU-2017:1064-1
- SUSE-SU-2017:1183-1
- SUSE-SU-2017:1247-1
- SUSE-SU-2017:1277-1
- SUSE-SU-2017:1278-1
- SUSE-SU-2017:1279-1
- SUSE-SU-2017:1280-1
- SUSE-SU-2017:1281-1
- SUSE-SU-2017:1283-1
- SUSE-SU-2017:1284-1
- SUSE-SU-2017:1285-1
- SUSE-SU-2017:1287-1
- SUSE-SU-2017:1288-1
- SUSE-SU-2017:1289-1
- SUSE-SU-2017:1290-1
- SUSE-SU-2017:1291-1
- SUSE-SU-2017:1293-1
- SUSE-SU-2017:1294-1
- SUSE-SU-2017:1295-1
- SUSE-SU-2017:1297-1
- SUSE-SU-2017:1299-1
- SUSE-SU-2017:1300-1
- SUSE-SU-2017:1301-1
- SUSE-SU-2017:1302-1
- SUSE-SU-2017:1303-1
- SUSE-SU-2017:1308-1
- SUSE-SU-2017:1360-1
- SUSE-SU-2017:1853-1
- SUSE-SU-2017:1990-1
- SUSE-SU-2017:2041-1
- SUSE-SU-2017:2042-1
- SUSE-SU-2017:2043-1
- SUSE-SU-2017:2046-1
- SUSE-SU-2017:2049-1
- SUSE-SU-2017:2060-1
- SUSE-SU-2017:2061-1
- SUSE-SU-2017:2062-1
- SUSE-SU-2017:2063-1
- SUSE-SU-2017:2064-1
- SUSE-SU-2017:2065-1
- SUSE-SU-2017:2066-1
- SUSE-SU-2017:2067-1
- SUSE-SU-2017:2068-1
- SUSE-SU-2017:2069-1
- SUSE-SU-2017:2070-1
- SUSE-SU-2017:2072-1
- SUSE-SU-2017:2073-1
- SUSE-SU-2017:2074-1
- SUSE-SU-2017:2088-1
- SUSE-SU-2017:2089-1
- SUSE-SU-2017:2090-1
- SUSE-SU-2017:2091-1
- SUSE-SU-2017:2092-1
- SUSE-SU-2017:2093-1
- SUSE-SU-2017:2094-1
- SUSE-SU-2017:2095-1
- SUSE-SU-2017:2096-1
- SUSE-SU-2017:2098-1
- SUSE-SU-2017:2099-1
- SUSE-SU-2017:2100-1
- SUSE-SU-2017:2102-1
- SUSE-SU-2017:2103-1
- SUSE-SU-2017:2114-1
- SUSE-SU-2017:2131-1
- SUSE-SU-2017:2142-1
- SUSE-SU-2017:2150-1
- SUSE-SU-2017:2286-1
- SUSE-SU-2017:2342-1
- SUSE-SU-2017:2389-1
- SUSE-SU-2017:2423-1
- SUSE-SU-2017:2424-1
- SUSE-SU-2017:2436-1
- SUSE-SU-2017:2437-1
- SUSE-SU-2017:2438-1
- SUSE-SU-2017:2438-2
- SUSE-SU-2017:2439-1
- SUSE-SU-2017:2440-1
- SUSE-SU-2017:2441-1
- SUSE-SU-2017:2442-1
- SUSE-SU-2017:2443-1
- SUSE-SU-2017:2446-1
- SUSE-SU-2017:2447-1
- SUSE-SU-2017:2448-1
- SUSE-SU-2017:2454-1
- SUSE-SU-2017:2455-1
- SUSE-SU-2017:2456-1
- SUSE-SU-2017:2457-1
- SUSE-SU-2017:2458-1
- SUSE-SU-2017:2464-1
- SUSE-SU-2017:2465-1
- SUSE-SU-2017:2467-1
- SUSE-SU-2017:2469-1
- SUSE-SU-2017:2471-1
- SUSE-SU-2017:2472-1
- SUSE-SU-2017:2473-1
- SUSE-SU-2017:2474-1
- SUSE-SU-2017:2475-1
- SUSE-SU-2017:2476-1
- SUSE-SU-2017:2497-1
- SUSE-SU-2017:2498-1
- SUSE-SU-2017:2499-1
- SUSE-SU-2017:2500-1
- SUSE-SU-2017:2506-1
- SUSE-SU-2017:2508-1
- SUSE-SU-2017:2509-1
- SUSE-SU-2017:2510-1
- SUSE-SU-2017:2511-1
- SUSE-SU-2017:2694-1
- SUSE-SU-2017:2775-1
- SUSE-SU-2017:2791-1
- SUSE-SU-2017:2798-1
- SUSE-SU-2017:2799-1
- SUSE-SU-2017:2800-1
- SUSE-SU-2017:2801-1
- SUSE-SU-2017:2802-1
- SUSE-SU-2017:2803-1
- SUSE-SU-2017:2804-1
- SUSE-SU-2017:2805-1
- SUSE-SU-2017:2806-1
- SUSE-SU-2017:2807-1
- SUSE-SU-2017:2809-1
- SUSE-SU-2017:2811-1
- SUSE-SU-2017:2813-1
- SUSE-SU-2017:2816-1
- SUSE-SU-2017:2847-1
- SUSE-SU-2017:2869-1
- SUSE-SU-2017:2908-1
- SUSE-SU-2017:2920-1
- SUSE-SU-2017:2956-1
- SUSE-SU-2017:3265-1
- SUSE-SU-2017:3286-1
- SUSE-SU-2017:3287-1
- SUSE-SU-2017:3288-1
- SUSE-SU-2017:3289-1
- SUSE-SU-2017:3290-1
- SUSE-SU-2017:3291-1
- SUSE-SU-2017:3292-1
- SUSE-SU-2017:3293-1
- SUSE-SU-2017:3296-1
- SUSE-SU-2017:3299-1
- SUSE-SU-2017:3301-1
- SUSE-SU-2017:3302-1
- SUSE-SU-2017:3303-1
- SUSE-SU-2017:3304-1
- SUSE-SU-2017:3305-1
- SUSE-SU-2017:3306-1
- SUSE-SU-2017:3308-1
- SUSE-SU-2017:3309-1
- SUSE-SU-2017:3310-1
- SUSE-SU-2017:3312-1
- SUSE-SU-2017:3313-1
- SUSE-SU-2017:3316-1
- SUSE-SU-2017:3318-1
- SUSE-SU-2017:3320-1
- SUSE-SU-2017:3321-1
- SUSE-SU-2017:3322-1
- SUSE-SU-2017:3323-1
- SUSE-SU-2017:3332-1
- SUSE-SU-2017:3336-1
- SUSE-SU-2017:3337-1
- SUSE-SU-2017:3340-1
- SUSE-SU-2017:3398-1
- SUSE-SU-2017:3410-1
- SUSE-SU-2018:0213-1
- USN-3049-1
- USN-3050-1
- USN-3051-1
- USN-3052-1
- USN-3053-1
- USN-3054-1
- USN-3055-1
- USN-3056-1
- USN-3057-1
- USN-3206-1
- USN-3207-1
- USN-3207-2
- USN-3208-1
- USN-3208-2
- USN-3209-1
- USN-3248-1
- USN-3249-1
- USN-3249-2
- USN-3250-1
- USN-3250-2
- USN-3251-1
- USN-3251-2
- USN-3256-1
- USN-3256-2
- USN-3264-1
- USN-3264-2
- USN-3265-1
- USN-3265-2
- USN-3266-1
- USN-3266-2
- USN-3291-1
- USN-3291-2
- USN-3291-3
- USN-3293-1
- USN-3312-1
- USN-3312-2
- USN-3314-1
- USN-3342-1
- USN-3342-2
- USN-3343-1
- USN-3343-2
- USN-3344-1
- USN-3344-2
- USN-3345-1
- USN-3358-1
- USN-3359-1
- USN-3360-1
- USN-3360-2
- USN-3361-1
- USN-3364-1
- USN-3364-2
- USN-3364-3
- USN-3371-1
- USN-3377-1
- USN-3377-2
- USN-3378-1
- USN-3378-2
- USN-3381-1
- USN-3381-2
- USN-3384-1
- USN-3384-2
- USN-3385-1
- USN-3385-2
- USN-3386-1
- USN-3386-2
- USN-3404-1
- USN-3404-2
- USN-3405-1
- USN-3405-2
- USN-3406-1
- USN-3406-2
- USN-3420-1
- USN-3420-2
- USN-3422-1
- USN-3422-2
- USN-3468-1
- USN-3468-2
- USN-3468-3
- USN-3469-1
- USN-3469-2
- USN-3470-1
- USN-3470-2
- USN-3583-1
- USN-3583-2
- USN-3620-1
- USN-3620-2
- USN-3754-1
- USN-3849-1
- USN-3849-2
Type | Package URL | Namespace | Name / Product | Version | Distribution / Platform | Arch | Patch / Fix |
---|---|---|---|---|---|---|---|
Affected | pkg:rpm/suse/kernel-xen?arch=x86_64&distro=sles-11&sp=3 | suse | kernel-xen | < 3.0.101-0.47.106.5.1 | sles-11 | x86_64 | |
Affected | pkg:rpm/suse/kernel-xen?arch=i586&distro=sles-11&sp=3 | suse | kernel-xen | < 3.0.101-0.47.106.5.1 | sles-11 | i586 | |
Affected | pkg:rpm/suse/kernel-xen-devel?arch=x86_64&distro=sles-11&sp=3 | suse | kernel-xen-devel | < 3.0.101-0.47.106.5.1 | sles-11 | x86_64 | |
Affected | pkg:rpm/suse/kernel-xen-devel?arch=i586&distro=sles-11&sp=3 | suse | kernel-xen-devel | < 3.0.101-0.47.106.5.1 | sles-11 | i586 | |
Affected | pkg:rpm/suse/kernel-xen-base?arch=x86_64&distro=sles-11&sp=3 | suse | kernel-xen-base | < 3.0.101-0.47.106.5.1 | sles-11 | x86_64 | |
Affected | pkg:rpm/suse/kernel-xen-base?arch=i586&distro=sles-11&sp=3 | suse | kernel-xen-base | < 3.0.101-0.47.106.5.1 | sles-11 | i586 | |
Affected | pkg:rpm/suse/kernel-trace?arch=x86_64&distro=sles-11&sp=3 | suse | kernel-trace | < 3.0.101-0.47.106.5.1 | sles-11 | x86_64 | |
Affected | pkg:rpm/suse/kernel-trace?arch=s390x&distro=sles-11&sp=3 | suse | kernel-trace | < 3.0.101-0.47.106.5.1 | sles-11 | s390x | |
Affected | pkg:rpm/suse/kernel-trace?arch=i586&distro=sles-11&sp=3 | suse | kernel-trace | < 3.0.101-0.47.106.5.1 | sles-11 | i586 | |
Affected | pkg:rpm/suse/kernel-trace-devel?arch=x86_64&distro=sles-11&sp=3 | suse | kernel-trace-devel | < 3.0.101-0.47.106.5.1 | sles-11 | x86_64 | |
Affected | pkg:rpm/suse/kernel-trace-devel?arch=s390x&distro=sles-11&sp=3 | suse | kernel-trace-devel | < 3.0.101-0.47.106.5.1 | sles-11 | s390x | |
Affected | pkg:rpm/suse/kernel-trace-devel?arch=i586&distro=sles-11&sp=3 | suse | kernel-trace-devel | < 3.0.101-0.47.106.5.1 | sles-11 | i586 | |
Affected | pkg:rpm/suse/kernel-trace-base?arch=x86_64&distro=sles-11&sp=3 | suse | kernel-trace-base | < 3.0.101-0.47.106.5.1 | sles-11 | x86_64 | |
Affected | pkg:rpm/suse/kernel-trace-base?arch=s390x&distro=sles-11&sp=3 | suse | kernel-trace-base | < 3.0.101-0.47.106.5.1 | sles-11 | s390x | |
Affected | pkg:rpm/suse/kernel-trace-base?arch=i586&distro=sles-11&sp=3 | suse | kernel-trace-base | < 3.0.101-0.47.106.5.1 | sles-11 | i586 | |
Affected | pkg:rpm/suse/kernel-syms?arch=x86_64&distro=sles-11&sp=3 | suse | kernel-syms | < 3.0.101-0.47.106.5.1 | sles-11 | x86_64 | |
Affected | pkg:rpm/suse/kernel-syms?arch=s390x&distro=sles-11&sp=3 | suse | kernel-syms | < 3.0.101-0.47.106.5.1 | sles-11 | s390x | |
Affected | pkg:rpm/suse/kernel-syms?arch=i586&distro=sles-11&sp=3 | suse | kernel-syms | < 3.0.101-0.47.106.5.1 | sles-11 | i586 | |
Affected | pkg:rpm/suse/kernel-source?arch=x86_64&distro=sles-11&sp=3 | suse | kernel-source | < 3.0.101-0.47.106.5.1 | sles-11 | x86_64 | |
Affected | pkg:rpm/suse/kernel-source?arch=s390x&distro=sles-11&sp=3 | suse | kernel-source | < 3.0.101-0.47.106.5.1 | sles-11 | s390x | |
Affected | pkg:rpm/suse/kernel-source?arch=i586&distro=sles-11&sp=3 | suse | kernel-source | < 3.0.101-0.47.106.5.1 | sles-11 | i586 | |
Affected | pkg:rpm/suse/kernel-pae?arch=i586&distro=sles-11&sp=3 | suse | kernel-pae | < 3.0.101-0.47.106.5.1 | sles-11 | i586 | |
Affected | pkg:rpm/suse/kernel-pae-devel?arch=i586&distro=sles-11&sp=3 | suse | kernel-pae-devel | < 3.0.101-0.47.106.5.1 | sles-11 | i586 | |
Affected | pkg:rpm/suse/kernel-pae-base?arch=i586&distro=sles-11&sp=3 | suse | kernel-pae-base | < 3.0.101-0.47.106.5.1 | sles-11 | i586 | |
Affected | pkg:rpm/suse/kernel-ec2?arch=x86_64&distro=sles-11&sp=3 | suse | kernel-ec2 | < 3.0.101-0.47.106.5.1 | sles-11 | x86_64 | |
Affected | pkg:rpm/suse/kernel-ec2?arch=i586&distro=sles-11&sp=3 | suse | kernel-ec2 | < 3.0.101-0.47.106.5.1 | sles-11 | i586 | |
Affected | pkg:rpm/suse/kernel-ec2-devel?arch=x86_64&distro=sles-11&sp=3 | suse | kernel-ec2-devel | < 3.0.101-0.47.106.5.1 | sles-11 | x86_64 | |
Affected | pkg:rpm/suse/kernel-ec2-devel?arch=i586&distro=sles-11&sp=3 | suse | kernel-ec2-devel | < 3.0.101-0.47.106.5.1 | sles-11 | i586 | |
Affected | pkg:rpm/suse/kernel-ec2-base?arch=x86_64&distro=sles-11&sp=3 | suse | kernel-ec2-base | < 3.0.101-0.47.106.5.1 | sles-11 | x86_64 | |
Affected | pkg:rpm/suse/kernel-ec2-base?arch=i586&distro=sles-11&sp=3 | suse | kernel-ec2-base | < 3.0.101-0.47.106.5.1 | sles-11 | i586 | |
Affected | pkg:rpm/suse/kernel-default?arch=x86_64&distro=sles-11&sp=3 | suse | kernel-default | < 3.0.101-0.47.106.5.1 | sles-11 | x86_64 | |
Affected | pkg:rpm/suse/kernel-default?arch=s390x&distro=sles-11&sp=3 | suse | kernel-default | < 3.0.101-0.47.106.5.1 | sles-11 | s390x | |
Affected | pkg:rpm/suse/kernel-default?arch=i586&distro=sles-11&sp=3 | suse | kernel-default | < 3.0.101-0.47.106.5.1 | sles-11 | i586 | |
Affected | pkg:rpm/suse/kernel-default-man?arch=s390x&distro=sles-11&sp=3 | suse | kernel-default-man | < 3.0.101-0.47.106.5.1 | sles-11 | s390x | |
Affected | pkg:rpm/suse/kernel-default-devel?arch=x86_64&distro=sles-11&sp=3 | suse | kernel-default-devel | < 3.0.101-0.47.106.5.1 | sles-11 | x86_64 | |
Affected | pkg:rpm/suse/kernel-default-devel?arch=s390x&distro=sles-11&sp=3 | suse | kernel-default-devel | < 3.0.101-0.47.106.5.1 | sles-11 | s390x | |
Affected | pkg:rpm/suse/kernel-default-devel?arch=i586&distro=sles-11&sp=3 | suse | kernel-default-devel | < 3.0.101-0.47.106.5.1 | sles-11 | i586 | |
Affected | pkg:rpm/suse/kernel-default-base?arch=x86_64&distro=sles-11&sp=3 | suse | kernel-default-base | < 3.0.101-0.47.106.5.1 | sles-11 | x86_64 | |
Affected | pkg:rpm/suse/kernel-default-base?arch=s390x&distro=sles-11&sp=3 | suse | kernel-default-base | < 3.0.101-0.47.106.5.1 | sles-11 | s390x | |
Affected | pkg:rpm/suse/kernel-default-base?arch=i586&distro=sles-11&sp=3 | suse | kernel-default-base | < 3.0.101-0.47.106.5.1 | sles-11 | i586 | |
Affected | pkg:rpm/suse/kernel-bigsmp?arch=x86_64&distro=sles-11&sp=3 | suse | kernel-bigsmp | < 3.0.101-0.47.106.5.1 | sles-11 | x86_64 | |
Affected | pkg:rpm/suse/kernel-bigsmp-devel?arch=x86_64&distro=sles-11&sp=3 | suse | kernel-bigsmp-devel | < 3.0.101-0.47.106.5.1 | sles-11 | x86_64 | |
Affected | pkg:rpm/suse/kernel-bigsmp-base?arch=x86_64&distro=sles-11&sp=3 | suse | kernel-bigsmp-base | < 3.0.101-0.47.106.5.1 | sles-11 | x86_64 |
# CVE | Description | CVSS | EPSS | EPSS Trend (30 days) | Affected Products | Weaknesses | Security Advisories | Exploits | PoC | Pubblication Date | Modification Date |
---|---|---|---|---|---|---|---|---|---|---|---|
# CVE | Description | CVSS | EPSS | EPSS Trend (30 days) | Affected Products | Weaknesses | Security Advisories | PoC | Pubblication Date | Modification Date |