1. Home
  2. Security Advisories
  3. SUSE
  4. SUSE-SU-2017:2525-1

[SUSE-SU-2017:2525-1] Security update for the Linux Kernel

Severity Important
Affected Packages 43
CVEs 40
Info Packages References Vulnerabilities

Security update for the Linux Kernel

The SUSE Linux Enterprise 11 SP3 LTSS kernel was updated receive various security and bugfixes.

The following security bugs were fixed:

  • CVE-2016-5243: The tipc_nl_compat_link_dump function in net/tipc/netlink_compat.c in the Linux kernel did not properly copy a certain string, which allowed local users to obtain sensitive information from kernel stack memory by reading a Netlink message (bnc#983212)
  • CVE-2016-10200: Race condition in the L2TPv3 IP Encapsulation feature in the Linux kernel allowed local users to gain privileges or cause a denial of service (use-after-free) by making multiple bind system calls without properly ascertaining whether a socket has the SOCK_ZAPPED status, related to net/l2tp/l2tp_ip.c and net/l2tp/l2tp_ip6.c (bnc#1028415)
  • CVE-2017-2647: The KEYS subsystem in the Linux kernel allowed local users to gain privileges or cause a denial of service (NULL pointer dereference and system crash) via vectors involving a NULL value for a certain match field, related to the keyring_search_iterator function in keyring.c (bsc#1030593).
  • CVE-2017-2671: The ping_unhash function in net/ipv4/ping.c in the Linux kernel was too late in obtaining a certain lock and consequently could not ensure that disconnect function calls are safe, which allowed local users to cause a denial of service (panic) by leveraging access to the protocol value of IPPROTO_ICMP in a socket system call (bnc#1031003)
  • CVE-2017-5669: The do_shmat function in ipc/shm.c in the Linux kernel did not restrict the address calculated by a certain rounding operation, which allowed local users to map page zero, and consequently bypass a protection mechanism that exists for the mmap system call, by making crafted shmget and shmat system calls in a privileged context (bnc#1026914)
  • CVE-2017-5970: The ipv4_pktinfo_prepare function in net/ipv4/ip_sockglue.c in the Linux kernel allowed attackers to cause a denial of service (system crash) via (1) an application that made crafted system calls or possibly (2) IPv4 traffic with invalid IP options (bsc#1024938)
  • CVE-2017-5986: Race condition in the sctp_wait_for_sndbuf function in net/sctp/socket.c in the Linux kernel allowed local users to cause a denial of service (assertion failure and panic) via a multithreaded application that peels off an association in a certain buffer-full state (bsc#1025235)
  • CVE-2017-6074: The dccp_rcv_state_process function in net/dccp/input.c in the Linux kernel mishandled DCCP_PKT_REQUEST packet data structures in the LISTEN state, which allowed local users to obtain root privileges or cause a denial of service (double free) via an application that made an IPV6_RECVPKTINFO setsockopt system call (bnc#1026024)
  • CVE-2017-6214: The tcp_splice_read function in net/ipv4/tcp.c in the Linux kernel allowed remote attackers to cause a denial of service (infinite loop and soft lockup) via vectors involving a TCP packet with the URG flag (bnc#1026722)
  • CVE-2017-6348: The hashbin_delete function in net/irda/irqueue.c in the Linux kernel improperly managed lock dropping, which allowed local users to cause a denial of service (deadlock) via crafted operations on IrDA devices (bnc#1027178)
  • CVE-2017-6353: net/sctp/socket.c in the Linux kernel did not properly restrict association peel-off operations during certain wait states, which allowed local users to cause a denial of service (invalid unlock and double free) via a multithreaded application. NOTE: this vulnerability exists because of an incorrect fix for CVE-2017-5986 (bnc#1027066)
  • CVE-2017-6951: The keyring_search_aux function in security/keys/keyring.c in the Linux kernel allowed local users to cause a denial of service (NULL pointer dereference and OOPS) via a request_key system call for the 'dead' type (bsc#1029850).
  • CVE-2017-7184: The xfrm_replay_verify_len function in net/xfrm/xfrm_user.c in the Linux kernel did not validate certain size data after an XFRM_MSG_NEWAE update, which allowed local users to obtain root privileges or cause a denial of service (heap-based out-of-bounds access) by leveraging the CAP_NET_ADMIN capability (bsc#1030573)
  • CVE-2017-7187: The sg_ioctl function in drivers/scsi/sg.c in the Linux kernel allowed local users to cause a denial of service (stack-based buffer overflow) or possibly have unspecified other impact via a large command size in an SG_NEXT_CMD_LEN ioctl call, leading to out-of-bounds write access in the sg_write function (bnc#1030213)
  • CVE-2017-7261: The vmw_surface_define_ioctl function in drivers/gpu/drm/vmwgfx/vmwgfx_surface.c in the Linux kernel did not check for a zero value of certain levels data, which allowed local users to cause a denial of service (ZERO_SIZE_PTR dereference, and GPF and possibly panic) via a crafted ioctl call for a /dev/dri/renderD* device (bnc#1031052)
  • CVE-2017-7294: The vmw_surface_define_ioctl function in drivers/gpu/drm/vmwgfx/vmwgfx_surface.c in the Linux kernel did not validate addition of certain levels data, which allowed local users to trigger an integer overflow and out-of-bounds write, and cause a denial of service (system hang or crash) or possibly gain privileges, via a crafted ioctl call for a /dev/dri/renderD* device (bnc#1031440)
  • CVE-2017-7308: The packet_set_ring function in net/packet/af_packet.c in the Linux kernel did not properly validate certain block-size data, which allowed local users to cause a denial of service (overflow) or possibly have unspecified other impact via crafted system calls (bnc#1031579)
  • CVE-2017-7482: Several missing length checks ticket decode allowing for information leak or potentially code execution (bsc#1046107).
  • CVE-2017-7487: The ipxitf_ioctl function in net/ipx/af_ipx.c in the Linux kernel mishandled reference counts, which allowed local users to cause a denial of service (use-after-free) or possibly have unspecified other impact via a failed SIOCGIFADDR ioctl call for an IPX interface (bsc#1038879).
  • CVE-2017-7533: Race condition in the fsnotify implementation in the Linux kernel allowed local users to gain privileges or cause a denial of service (memory corruption) via a crafted application that leverages simultaneous execution of the inotify_handle_event and vfs_rename functions (bnc#1049483 1050677 ).
  • CVE-2017-7542: The ip6_find_1stfragopt function in net/ipv6/output_core.c in the Linux kernel allowed local users to cause a denial of service (integer overflow and infinite loop) by leveraging the ability to open a raw socket (bnc#1049882).
  • CVE-2017-7616: Incorrect error handling in the set_mempolicy and mbind compat syscalls in mm/mempolicy.c in the Linux kernel allowed local users to obtain sensitive information from uninitialized stack data by triggering failure of a certain bitmap operation (bsc#1033336)
  • CVE-2017-8831: The saa7164_bus_get function in drivers/media/pci/saa7164/saa7164-bus.c in the Linux kernel allowed local users to cause a denial of service (out-of-bounds array access) or possibly have unspecified other impact by changing a certain sequence-number value, aka a 'double fetch' vulnerability. This requires a malicious PCI Card. (bnc#1037994).
  • CVE-2017-8890: The inet_csk_clone_lock function in net/ipv4/inet_connection_sock.c in the Linux kernel allowed attackers to cause a denial of service (double free) or possibly have unspecified other impact by leveraging use of the accept system call (bsc#1038544).
  • CVE-2017-8924: The edge_bulk_in_callback function in drivers/usb/serial/io_ti.c in the Linux kernel allowed local users to obtain sensitive information (in the dmesg ringbuffer and syslog) from uninitialized kernel memory by using a crafted USB device (posing as an io_ti USB serial device) to trigger an integer underflow (bnc#1037182).
  • CVE-2017-8925: The omninet_open function in drivers/usb/serial/omninet.c in the Linux kernel allowed local users to cause a denial of service (tty exhaustion) by leveraging reference count mishandling (bnc#1038981).
  • CVE-2017-9074: The IPv6 fragmentation implementation in the Linux kernel did not consider that the nexthdr field may be associated with an invalid option, which allowed local users to cause a denial of service (out-of-bounds read and BUG) or possibly have unspecified other impact via crafted socket and send system calls (bnc#1039882).
  • CVE-2017-9075: The sctp_v6_create_accept_sk function in net/sctp/ipv6.c in the Linux kernel mishandled inheritance, which allowed local users to cause a denial of service or possibly have unspecified other impact via crafted system calls, a related issue to CVE-2017-8890 (bsc#1039883).
  • CVE-2017-9076: The dccp_v6_request_recv_sock function in net/dccp/ipv6.c in the Linux kernel mishandled inheritance, which allowed local users to cause a denial of service or possibly have unspecified other impact via crafted system calls, a related issue to CVE-2017-8890 (bnc#1039885).
  • CVE-2017-9077: The tcp_v6_syn_recv_sock function in net/ipv6/tcp_ipv6.c in the Linux kernel mishandled inheritance, which allowed local users to cause a denial of service or possibly have unspecified other impact via crafted system calls, a related issue to CVE-2017-8890 (bsc#1040069).
  • CVE-2017-9242: The __ip6_append_data function in net/ipv6/ip6_output.c in the Linux kernel was too late in checking whether an overwrite of an skb data structure may occur, which allowed local users to cause a denial of service (system crash) via crafted system calls (bnc#1041431).
  • CVE-2017-10661: Race condition in fs/timerfd.c in the Linux kernel allowed local users to gain privileges or cause a denial of service (list corruption or use-after-free) via simultaneous file-descriptor operations that leverage improper might_cancel queueing (bnc#1053152).
  • CVE-2017-11176: The mq_notify function in the Linux kernel did not set the sock pointer to NULL upon entry into the retry logic. During a user-space close of a Netlink socket, it allowed attackers to cause a denial of service (use-after-free) or possibly have unspecified other impact (bnc#1048275).
  • CVE-2017-11473: Buffer overflow in the mp_override_legacy_irq() function in arch/x86/kernel/acpi/boot.c in the Linux kernel allowed local users to gain privileges via a crafted ACPI table (bnc#1049603).
  • CVE-2017-12762: In /drivers/isdn/i4l/isdn_net.c: A user-controlled buffer is copied into a local buffer of constant size using strcpy without a length check which can cause a buffer overflow. (bnc#1053148).
  • CVE-2017-14051: An integer overflow in the qla2x00_sysfs_write_optrom_ctl function in drivers/scsi/qla2xxx/qla_attr.c in the Linux kernel allowed local users to cause a denial of service (memory corruption and system crash) by leveraging root access (bnc#1056588).
  • CVE-2017-1000112: Fixed a race condition in net-packet code that could have been exploited by unprivileged users to gain root access. (bsc#1052311).
  • CVE-2017-1000363: Linux drivers/char/lp.c Out-of-Bounds Write. Due to a missing bounds check, and the fact that parport_ptr integer is static, a 'secure boot' kernel command line adversary could have overflowed the parport_nr array in the following code (bnc#1039456).
  • CVE-2017-1000365: The Linux Kernel imposes a size restriction on the arguments and environmental strings passed through RLIMIT_STACK/RLIM_INFINITY (1/4 of the size), but did not take the argument and environment pointers into account, which allowed attackers to bypass this limitation (bnc#1039354).
  • CVE-2017-1000380: sound/core/timer.c in the Linux kernel was vulnerable to a data race in the ALSA /dev/snd/timer driver resulting in local users being able to read information belonging to other users, i.e., uninitialized memory contents may be disclosed when a read and an ioctl happen at the same time (bnc#1044125).

The following non-security bugs were fixed:

  • acpi: Disable APEI error injection if securelevel is set (bsc#972891, bsc#1023051).
  • blkback/blktap: do not leak stack data via response ring (bsc#1042863 XSA-216).
  • btrfs: cleanup code of btrfs_balance_delayed_items() (bsc#1034838).
  • btrfs: do not run delayed nodes again after all nodes flush (bsc#1034838).
  • btrfs: remove btrfs_end_transaction_dmeta() (bsc#1034838).
  • btrfs: remove residual code in delayed inode async helper (bsc#1034838).
  • btrfs: use flags instead of the bool variants in delayed node (bsc#1034838).
  • cifs: cifs_get_root shouldn't use path with tree name, alternate fix (bsc#963655, bsc#979681, bsc#1027406).
  • dentry name snapshots (bsc#1049483).
  • firmware: fix directory creation rule matching with make 3.80 (bsc#1012422).
  • firmware: fix directory creation rule matching with make 3.82 (bsc#1012422).
  • Fix vmalloc_fault oops during lazy MMU updates (bsc#948562) (bsc#948562).
  • hv: do not lose pending heartbeat vmbus packets (bnc#1006919, bnc#1053760).
  • jbd: do not wait (forever) for stale tid caused by wraparound (bsc#1020229).
  • jbd: Fix oops in journal_remove_journal_head() (bsc#1017143).
  • kernel-binary.spec: Propagate MAKE_ARGS to %build (bsc#1012422)
  • keys: Disallow keyrings beginning with '.' to be joined as session keyrings (bnc#1035576).
  • nfs: Avoid getting confused by confused server (bsc#1045416).
  • nfsd4: minor NFSv2/v3 write decoding cleanup (bsc#1034670).
  • nfsd: check for oversized NFSv2/v3 arguments (bsc#1034670).
  • nfsd: do not risk using duplicate owner/file/delegation ids (bsc#1029212).
  • nfsd: stricter decoding of write-like NFSv2/v3 ops (bsc#1034670).
  • nfs: Make nfs_readdir revalidate less often (bsc#1048232).
  • pciback: check PF instead of VF for PCI_COMMAND_MEMORY (bsc#957990).
  • pciback: only check PF if actually dealing with a VF (bsc#999245).
  • pciback: Save the number of MSI-X entries to be copied later (bsc#957988).
  • Remove superfluous make flags (bsc#1012422)
  • Return short read or 0 at end of a raw device, not EIO (bsc#1039594).
  • Revert 'fs/cifs: fix wrongly prefixed path to root (bsc#963655, bsc#979681)
  • scsi: lpfc: avoid double free of resource identifiers (bsc#989896).
  • scsi: virtio_scsi: fix memory leak on full queue condition (bsc#1028880).
  • sunrpc: Clean up the slot table allocation (bsc#1013862).
  • sunrpc: Initalise the struct xprt upon allocation (bsc#1013862).
  • usb: serial: kl5kusb105: fix line-state error handling (bsc#1021256).
  • usb: wusbcore: fix NULL-deref at probe (bsc#1045487).
  • Use make --output-sync feature when available (bsc#1012422).
  • Use PF_LESS_THROTTLE in loop device thread (bsc#1027101).
  • xen/PCI-MSI: fix sysfs teardown in DomU (bsc#986924).
Package Affected Version
pkg:rpm/suse/kernel-xen?arch=x86_64&distro=sles-11&sp=3 < 3.0.101-0.47.106.5.1
pkg:rpm/suse/kernel-xen?arch=i586&distro=sles-11&sp=3 < 3.0.101-0.47.106.5.1
pkg:rpm/suse/kernel-xen-devel?arch=x86_64&distro=sles-11&sp=3 < 3.0.101-0.47.106.5.1
pkg:rpm/suse/kernel-xen-devel?arch=i586&distro=sles-11&sp=3 < 3.0.101-0.47.106.5.1
pkg:rpm/suse/kernel-xen-base?arch=x86_64&distro=sles-11&sp=3 < 3.0.101-0.47.106.5.1
pkg:rpm/suse/kernel-xen-base?arch=i586&distro=sles-11&sp=3 < 3.0.101-0.47.106.5.1
pkg:rpm/suse/kernel-trace?arch=x86_64&distro=sles-11&sp=3 < 3.0.101-0.47.106.5.1
pkg:rpm/suse/kernel-trace?arch=s390x&distro=sles-11&sp=3 < 3.0.101-0.47.106.5.1
pkg:rpm/suse/kernel-trace?arch=i586&distro=sles-11&sp=3 < 3.0.101-0.47.106.5.1
pkg:rpm/suse/kernel-trace-devel?arch=x86_64&distro=sles-11&sp=3 < 3.0.101-0.47.106.5.1
pkg:rpm/suse/kernel-trace-devel?arch=s390x&distro=sles-11&sp=3 < 3.0.101-0.47.106.5.1
pkg:rpm/suse/kernel-trace-devel?arch=i586&distro=sles-11&sp=3 < 3.0.101-0.47.106.5.1
pkg:rpm/suse/kernel-trace-base?arch=x86_64&distro=sles-11&sp=3 < 3.0.101-0.47.106.5.1
pkg:rpm/suse/kernel-trace-base?arch=s390x&distro=sles-11&sp=3 < 3.0.101-0.47.106.5.1
pkg:rpm/suse/kernel-trace-base?arch=i586&distro=sles-11&sp=3 < 3.0.101-0.47.106.5.1
pkg:rpm/suse/kernel-syms?arch=x86_64&distro=sles-11&sp=3 < 3.0.101-0.47.106.5.1
pkg:rpm/suse/kernel-syms?arch=s390x&distro=sles-11&sp=3 < 3.0.101-0.47.106.5.1
pkg:rpm/suse/kernel-syms?arch=i586&distro=sles-11&sp=3 < 3.0.101-0.47.106.5.1
pkg:rpm/suse/kernel-source?arch=x86_64&distro=sles-11&sp=3 < 3.0.101-0.47.106.5.1
pkg:rpm/suse/kernel-source?arch=s390x&distro=sles-11&sp=3 < 3.0.101-0.47.106.5.1
pkg:rpm/suse/kernel-source?arch=i586&distro=sles-11&sp=3 < 3.0.101-0.47.106.5.1
pkg:rpm/suse/kernel-pae?arch=i586&distro=sles-11&sp=3 < 3.0.101-0.47.106.5.1
pkg:rpm/suse/kernel-pae-devel?arch=i586&distro=sles-11&sp=3 < 3.0.101-0.47.106.5.1
pkg:rpm/suse/kernel-pae-base?arch=i586&distro=sles-11&sp=3 < 3.0.101-0.47.106.5.1
pkg:rpm/suse/kernel-ec2?arch=x86_64&distro=sles-11&sp=3 < 3.0.101-0.47.106.5.1
pkg:rpm/suse/kernel-ec2?arch=i586&distro=sles-11&sp=3 < 3.0.101-0.47.106.5.1
pkg:rpm/suse/kernel-ec2-devel?arch=x86_64&distro=sles-11&sp=3 < 3.0.101-0.47.106.5.1
pkg:rpm/suse/kernel-ec2-devel?arch=i586&distro=sles-11&sp=3 < 3.0.101-0.47.106.5.1
pkg:rpm/suse/kernel-ec2-base?arch=x86_64&distro=sles-11&sp=3 < 3.0.101-0.47.106.5.1
pkg:rpm/suse/kernel-ec2-base?arch=i586&distro=sles-11&sp=3 < 3.0.101-0.47.106.5.1
pkg:rpm/suse/kernel-default?arch=x86_64&distro=sles-11&sp=3 < 3.0.101-0.47.106.5.1
pkg:rpm/suse/kernel-default?arch=s390x&distro=sles-11&sp=3 < 3.0.101-0.47.106.5.1
pkg:rpm/suse/kernel-default?arch=i586&distro=sles-11&sp=3 < 3.0.101-0.47.106.5.1
pkg:rpm/suse/kernel-default-man?arch=s390x&distro=sles-11&sp=3 < 3.0.101-0.47.106.5.1
pkg:rpm/suse/kernel-default-devel?arch=x86_64&distro=sles-11&sp=3 < 3.0.101-0.47.106.5.1
pkg:rpm/suse/kernel-default-devel?arch=s390x&distro=sles-11&sp=3 < 3.0.101-0.47.106.5.1
pkg:rpm/suse/kernel-default-devel?arch=i586&distro=sles-11&sp=3 < 3.0.101-0.47.106.5.1
pkg:rpm/suse/kernel-default-base?arch=x86_64&distro=sles-11&sp=3 < 3.0.101-0.47.106.5.1
pkg:rpm/suse/kernel-default-base?arch=s390x&distro=sles-11&sp=3 < 3.0.101-0.47.106.5.1
pkg:rpm/suse/kernel-default-base?arch=i586&distro=sles-11&sp=3 < 3.0.101-0.47.106.5.1
pkg:rpm/suse/kernel-bigsmp?arch=x86_64&distro=sles-11&sp=3 < 3.0.101-0.47.106.5.1
pkg:rpm/suse/kernel-bigsmp-devel?arch=x86_64&distro=sles-11&sp=3 < 3.0.101-0.47.106.5.1
pkg:rpm/suse/kernel-bigsmp-base?arch=x86_64&distro=sles-11&sp=3 < 3.0.101-0.47.106.5.1
ID
SUSE-SU-2017:2525-1
Severity
important
URL
https://www.suse.com/support/update/announcement/2017/suse-su-20172525-1/
Published
2017-09-19T08:33:08
(7 years ago)
Modified
2017-09-19T08:33:08
(7 years ago)
Rights
Copyright 2024 SUSE LLC. All rights reserved.
Other Advisories
Source # ID Name URL
Suse SUSE ratings https://www.suse.com/support/security/rating/
Suse URL of this CSAF notice https://ftp.suse.com/pub/projects/security/csaf/suse-su-2017_2525-1.json
Suse URL for SUSE-SU-2017:2525-1 https://www.suse.com/support/update/announcement/2017/suse-su-20172525-1/
Suse E-Mail link for SUSE-SU-2017:2525-1 https://lists.suse.com/pipermail/sle-security-updates/2017-September/003248.html
Bugzilla SUSE Bug 1006919 https://bugzilla.suse.com/1006919
Bugzilla SUSE Bug 1012422 https://bugzilla.suse.com/1012422
Bugzilla SUSE Bug 1013862 https://bugzilla.suse.com/1013862
Bugzilla SUSE Bug 1017143 https://bugzilla.suse.com/1017143
Bugzilla SUSE Bug 1020229 https://bugzilla.suse.com/1020229
Bugzilla SUSE Bug 1021256 https://bugzilla.suse.com/1021256
Bugzilla SUSE Bug 1023051 https://bugzilla.suse.com/1023051
Bugzilla SUSE Bug 1024938 https://bugzilla.suse.com/1024938
Bugzilla SUSE Bug 1025013 https://bugzilla.suse.com/1025013
Bugzilla SUSE Bug 1025235 https://bugzilla.suse.com/1025235
Bugzilla SUSE Bug 1026024 https://bugzilla.suse.com/1026024
Bugzilla SUSE Bug 1026722 https://bugzilla.suse.com/1026722
Bugzilla SUSE Bug 1026914 https://bugzilla.suse.com/1026914
Bugzilla SUSE Bug 1027066 https://bugzilla.suse.com/1027066
Bugzilla SUSE Bug 1027101 https://bugzilla.suse.com/1027101
Bugzilla SUSE Bug 1027178 https://bugzilla.suse.com/1027178
Bugzilla SUSE Bug 1027179 https://bugzilla.suse.com/1027179
Bugzilla SUSE Bug 1027406 https://bugzilla.suse.com/1027406
Bugzilla SUSE Bug 1028415 https://bugzilla.suse.com/1028415
Bugzilla SUSE Bug 1028880 https://bugzilla.suse.com/1028880
Bugzilla SUSE Bug 1029212 https://bugzilla.suse.com/1029212
Bugzilla SUSE Bug 1029850 https://bugzilla.suse.com/1029850
Bugzilla SUSE Bug 1030213 https://bugzilla.suse.com/1030213
Bugzilla SUSE Bug 1030573 https://bugzilla.suse.com/1030573
Bugzilla SUSE Bug 1030575 https://bugzilla.suse.com/1030575
Bugzilla SUSE Bug 1030593 https://bugzilla.suse.com/1030593
Bugzilla SUSE Bug 1031003 https://bugzilla.suse.com/1031003
Bugzilla SUSE Bug 1031052 https://bugzilla.suse.com/1031052
Bugzilla SUSE Bug 1031440 https://bugzilla.suse.com/1031440
Bugzilla SUSE Bug 1031481 https://bugzilla.suse.com/1031481
Bugzilla SUSE Bug 1031579 https://bugzilla.suse.com/1031579
Bugzilla SUSE Bug 1031660 https://bugzilla.suse.com/1031660
Bugzilla SUSE Bug 1033287 https://bugzilla.suse.com/1033287
Bugzilla SUSE Bug 1033336 https://bugzilla.suse.com/1033336
Bugzilla SUSE Bug 1034670 https://bugzilla.suse.com/1034670
Bugzilla SUSE Bug 1034838 https://bugzilla.suse.com/1034838
Bugzilla SUSE Bug 1035576 https://bugzilla.suse.com/1035576
Bugzilla SUSE Bug 1037182 https://bugzilla.suse.com/1037182
Bugzilla SUSE Bug 1037183 https://bugzilla.suse.com/1037183
Bugzilla SUSE Bug 1037994 https://bugzilla.suse.com/1037994
Bugzilla SUSE Bug 1038544 https://bugzilla.suse.com/1038544
Bugzilla SUSE Bug 1038564 https://bugzilla.suse.com/1038564
Bugzilla SUSE Bug 1038879 https://bugzilla.suse.com/1038879
Bugzilla SUSE Bug 1038883 https://bugzilla.suse.com/1038883
Bugzilla SUSE Bug 1038981 https://bugzilla.suse.com/1038981
Bugzilla SUSE Bug 1038982 https://bugzilla.suse.com/1038982
Bugzilla SUSE Bug 1039349 https://bugzilla.suse.com/1039349
Bugzilla SUSE Bug 1039354 https://bugzilla.suse.com/1039354
Bugzilla SUSE Bug 1039456 https://bugzilla.suse.com/1039456
Bugzilla SUSE Bug 1039594 https://bugzilla.suse.com/1039594
Bugzilla SUSE Bug 1039882 https://bugzilla.suse.com/1039882
Bugzilla SUSE Bug 1039883 https://bugzilla.suse.com/1039883
Bugzilla SUSE Bug 1039885 https://bugzilla.suse.com/1039885
Bugzilla SUSE Bug 1040069 https://bugzilla.suse.com/1040069
Bugzilla SUSE Bug 1041431 https://bugzilla.suse.com/1041431
Bugzilla SUSE Bug 1042364 https://bugzilla.suse.com/1042364
Bugzilla SUSE Bug 1042863 https://bugzilla.suse.com/1042863
Bugzilla SUSE Bug 1042892 https://bugzilla.suse.com/1042892
Bugzilla SUSE Bug 1044125 https://bugzilla.suse.com/1044125
Bugzilla SUSE Bug 1045416 https://bugzilla.suse.com/1045416
Bugzilla SUSE Bug 1045487 https://bugzilla.suse.com/1045487
Bugzilla SUSE Bug 1046107 https://bugzilla.suse.com/1046107
Bugzilla SUSE Bug 1048232 https://bugzilla.suse.com/1048232
Bugzilla SUSE Bug 1048275 https://bugzilla.suse.com/1048275
Bugzilla SUSE Bug 1049483 https://bugzilla.suse.com/1049483
Bugzilla SUSE Bug 1049603 https://bugzilla.suse.com/1049603
Bugzilla SUSE Bug 1049882 https://bugzilla.suse.com/1049882
Bugzilla SUSE Bug 1050677 https://bugzilla.suse.com/1050677
Bugzilla SUSE Bug 1052311 https://bugzilla.suse.com/1052311
Bugzilla SUSE Bug 1053148 https://bugzilla.suse.com/1053148
Bugzilla SUSE Bug 1053152 https://bugzilla.suse.com/1053152
Bugzilla SUSE Bug 1053760 https://bugzilla.suse.com/1053760
Bugzilla SUSE Bug 1056588 https://bugzilla.suse.com/1056588
Bugzilla SUSE Bug 870618 https://bugzilla.suse.com/870618
Bugzilla SUSE Bug 948562 https://bugzilla.suse.com/948562
Bugzilla SUSE Bug 957988 https://bugzilla.suse.com/957988
Bugzilla SUSE Bug 957990 https://bugzilla.suse.com/957990
Bugzilla SUSE Bug 963655 https://bugzilla.suse.com/963655
Bugzilla SUSE Bug 972891 https://bugzilla.suse.com/972891
Bugzilla SUSE Bug 979681 https://bugzilla.suse.com/979681
Bugzilla SUSE Bug 983212 https://bugzilla.suse.com/983212
Bugzilla SUSE Bug 986924 https://bugzilla.suse.com/986924
Bugzilla SUSE Bug 989896 https://bugzilla.suse.com/989896
Bugzilla SUSE Bug 999245 https://bugzilla.suse.com/999245
CVE SUSE CVE CVE-2016-10200 page https://www.suse.com/security/cve/CVE-2016-10200/
CVE SUSE CVE CVE-2016-5243 page https://www.suse.com/security/cve/CVE-2016-5243/
CVE SUSE CVE CVE-2017-1000112 page https://www.suse.com/security/cve/CVE-2017-1000112/
CVE SUSE CVE CVE-2017-1000363 page https://www.suse.com/security/cve/CVE-2017-1000363/
CVE SUSE CVE CVE-2017-1000365 page https://www.suse.com/security/cve/CVE-2017-1000365/
CVE SUSE CVE CVE-2017-1000380 page https://www.suse.com/security/cve/CVE-2017-1000380/
CVE SUSE CVE CVE-2017-10661 page https://www.suse.com/security/cve/CVE-2017-10661/
CVE SUSE CVE CVE-2017-11176 page https://www.suse.com/security/cve/CVE-2017-11176/
CVE SUSE CVE CVE-2017-11473 page https://www.suse.com/security/cve/CVE-2017-11473/
CVE SUSE CVE CVE-2017-12762 page https://www.suse.com/security/cve/CVE-2017-12762/
CVE SUSE CVE CVE-2017-14051 page https://www.suse.com/security/cve/CVE-2017-14051/
CVE SUSE CVE CVE-2017-2647 page https://www.suse.com/security/cve/CVE-2017-2647/
CVE SUSE CVE CVE-2017-2671 page https://www.suse.com/security/cve/CVE-2017-2671/
CVE SUSE CVE CVE-2017-5669 page https://www.suse.com/security/cve/CVE-2017-5669/
CVE SUSE CVE CVE-2017-5970 page https://www.suse.com/security/cve/CVE-2017-5970/
CVE SUSE CVE CVE-2017-5986 page https://www.suse.com/security/cve/CVE-2017-5986/
CVE SUSE CVE CVE-2017-6074 page https://www.suse.com/security/cve/CVE-2017-6074/
CVE SUSE CVE CVE-2017-6214 page https://www.suse.com/security/cve/CVE-2017-6214/
CVE SUSE CVE CVE-2017-6348 page https://www.suse.com/security/cve/CVE-2017-6348/
CVE SUSE CVE CVE-2017-6353 page https://www.suse.com/security/cve/CVE-2017-6353/
CVE SUSE CVE CVE-2017-6951 page https://www.suse.com/security/cve/CVE-2017-6951/
CVE SUSE CVE CVE-2017-7184 page https://www.suse.com/security/cve/CVE-2017-7184/
CVE SUSE CVE CVE-2017-7187 page https://www.suse.com/security/cve/CVE-2017-7187/
CVE SUSE CVE CVE-2017-7261 page https://www.suse.com/security/cve/CVE-2017-7261/
CVE SUSE CVE CVE-2017-7294 page https://www.suse.com/security/cve/CVE-2017-7294/
CVE SUSE CVE CVE-2017-7308 page https://www.suse.com/security/cve/CVE-2017-7308/
CVE SUSE CVE CVE-2017-7482 page https://www.suse.com/security/cve/CVE-2017-7482/
CVE SUSE CVE CVE-2017-7487 page https://www.suse.com/security/cve/CVE-2017-7487/
CVE SUSE CVE CVE-2017-7533 page https://www.suse.com/security/cve/CVE-2017-7533/
CVE SUSE CVE CVE-2017-7542 page https://www.suse.com/security/cve/CVE-2017-7542/
CVE SUSE CVE CVE-2017-7616 page https://www.suse.com/security/cve/CVE-2017-7616/
CVE SUSE CVE CVE-2017-8831 page https://www.suse.com/security/cve/CVE-2017-8831/
CVE SUSE CVE CVE-2017-8890 page https://www.suse.com/security/cve/CVE-2017-8890/
CVE SUSE CVE CVE-2017-8924 page https://www.suse.com/security/cve/CVE-2017-8924/
CVE SUSE CVE CVE-2017-8925 page https://www.suse.com/security/cve/CVE-2017-8925/
CVE SUSE CVE CVE-2017-9074 page https://www.suse.com/security/cve/CVE-2017-9074/
CVE SUSE CVE CVE-2017-9075 page https://www.suse.com/security/cve/CVE-2017-9075/
CVE SUSE CVE CVE-2017-9076 page https://www.suse.com/security/cve/CVE-2017-9076/
CVE SUSE CVE CVE-2017-9077 page https://www.suse.com/security/cve/CVE-2017-9077/
CVE SUSE CVE CVE-2017-9242 page https://www.suse.com/security/cve/CVE-2017-9242/
Type Package URL Namespace Name / Product Version Distribution / Platform Arch Patch / Fix
Affected pkg:rpm/suse/kernel-xen?arch=x86_64&distro=sles-11&sp=3 suse kernel-xen < 3.0.101-0.47.106.5.1 sles-11 x86_64
Affected pkg:rpm/suse/kernel-xen?arch=i586&distro=sles-11&sp=3 suse kernel-xen < 3.0.101-0.47.106.5.1 sles-11 i586
Affected pkg:rpm/suse/kernel-xen-devel?arch=x86_64&distro=sles-11&sp=3 suse kernel-xen-devel < 3.0.101-0.47.106.5.1 sles-11 x86_64
Affected pkg:rpm/suse/kernel-xen-devel?arch=i586&distro=sles-11&sp=3 suse kernel-xen-devel < 3.0.101-0.47.106.5.1 sles-11 i586
Affected pkg:rpm/suse/kernel-xen-base?arch=x86_64&distro=sles-11&sp=3 suse kernel-xen-base < 3.0.101-0.47.106.5.1 sles-11 x86_64
Affected pkg:rpm/suse/kernel-xen-base?arch=i586&distro=sles-11&sp=3 suse kernel-xen-base < 3.0.101-0.47.106.5.1 sles-11 i586
Affected pkg:rpm/suse/kernel-trace?arch=x86_64&distro=sles-11&sp=3 suse kernel-trace < 3.0.101-0.47.106.5.1 sles-11 x86_64
Affected pkg:rpm/suse/kernel-trace?arch=s390x&distro=sles-11&sp=3 suse kernel-trace < 3.0.101-0.47.106.5.1 sles-11 s390x
Affected pkg:rpm/suse/kernel-trace?arch=i586&distro=sles-11&sp=3 suse kernel-trace < 3.0.101-0.47.106.5.1 sles-11 i586
Affected pkg:rpm/suse/kernel-trace-devel?arch=x86_64&distro=sles-11&sp=3 suse kernel-trace-devel < 3.0.101-0.47.106.5.1 sles-11 x86_64
Affected pkg:rpm/suse/kernel-trace-devel?arch=s390x&distro=sles-11&sp=3 suse kernel-trace-devel < 3.0.101-0.47.106.5.1 sles-11 s390x
Affected pkg:rpm/suse/kernel-trace-devel?arch=i586&distro=sles-11&sp=3 suse kernel-trace-devel < 3.0.101-0.47.106.5.1 sles-11 i586
Affected pkg:rpm/suse/kernel-trace-base?arch=x86_64&distro=sles-11&sp=3 suse kernel-trace-base < 3.0.101-0.47.106.5.1 sles-11 x86_64
Affected pkg:rpm/suse/kernel-trace-base?arch=s390x&distro=sles-11&sp=3 suse kernel-trace-base < 3.0.101-0.47.106.5.1 sles-11 s390x
Affected pkg:rpm/suse/kernel-trace-base?arch=i586&distro=sles-11&sp=3 suse kernel-trace-base < 3.0.101-0.47.106.5.1 sles-11 i586
Affected pkg:rpm/suse/kernel-syms?arch=x86_64&distro=sles-11&sp=3 suse kernel-syms < 3.0.101-0.47.106.5.1 sles-11 x86_64
Affected pkg:rpm/suse/kernel-syms?arch=s390x&distro=sles-11&sp=3 suse kernel-syms < 3.0.101-0.47.106.5.1 sles-11 s390x
Affected pkg:rpm/suse/kernel-syms?arch=i586&distro=sles-11&sp=3 suse kernel-syms < 3.0.101-0.47.106.5.1 sles-11 i586
Affected pkg:rpm/suse/kernel-source?arch=x86_64&distro=sles-11&sp=3 suse kernel-source < 3.0.101-0.47.106.5.1 sles-11 x86_64
Affected pkg:rpm/suse/kernel-source?arch=s390x&distro=sles-11&sp=3 suse kernel-source < 3.0.101-0.47.106.5.1 sles-11 s390x
Affected pkg:rpm/suse/kernel-source?arch=i586&distro=sles-11&sp=3 suse kernel-source < 3.0.101-0.47.106.5.1 sles-11 i586
Affected pkg:rpm/suse/kernel-pae?arch=i586&distro=sles-11&sp=3 suse kernel-pae < 3.0.101-0.47.106.5.1 sles-11 i586
Affected pkg:rpm/suse/kernel-pae-devel?arch=i586&distro=sles-11&sp=3 suse kernel-pae-devel < 3.0.101-0.47.106.5.1 sles-11 i586
Affected pkg:rpm/suse/kernel-pae-base?arch=i586&distro=sles-11&sp=3 suse kernel-pae-base < 3.0.101-0.47.106.5.1 sles-11 i586
Affected pkg:rpm/suse/kernel-ec2?arch=x86_64&distro=sles-11&sp=3 suse kernel-ec2 < 3.0.101-0.47.106.5.1 sles-11 x86_64
Affected pkg:rpm/suse/kernel-ec2?arch=i586&distro=sles-11&sp=3 suse kernel-ec2 < 3.0.101-0.47.106.5.1 sles-11 i586
Affected pkg:rpm/suse/kernel-ec2-devel?arch=x86_64&distro=sles-11&sp=3 suse kernel-ec2-devel < 3.0.101-0.47.106.5.1 sles-11 x86_64
Affected pkg:rpm/suse/kernel-ec2-devel?arch=i586&distro=sles-11&sp=3 suse kernel-ec2-devel < 3.0.101-0.47.106.5.1 sles-11 i586
Affected pkg:rpm/suse/kernel-ec2-base?arch=x86_64&distro=sles-11&sp=3 suse kernel-ec2-base < 3.0.101-0.47.106.5.1 sles-11 x86_64
Affected pkg:rpm/suse/kernel-ec2-base?arch=i586&distro=sles-11&sp=3 suse kernel-ec2-base < 3.0.101-0.47.106.5.1 sles-11 i586
Affected pkg:rpm/suse/kernel-default?arch=x86_64&distro=sles-11&sp=3 suse kernel-default < 3.0.101-0.47.106.5.1 sles-11 x86_64
Affected pkg:rpm/suse/kernel-default?arch=s390x&distro=sles-11&sp=3 suse kernel-default < 3.0.101-0.47.106.5.1 sles-11 s390x
Affected pkg:rpm/suse/kernel-default?arch=i586&distro=sles-11&sp=3 suse kernel-default < 3.0.101-0.47.106.5.1 sles-11 i586
Affected pkg:rpm/suse/kernel-default-man?arch=s390x&distro=sles-11&sp=3 suse kernel-default-man < 3.0.101-0.47.106.5.1 sles-11 s390x
Affected pkg:rpm/suse/kernel-default-devel?arch=x86_64&distro=sles-11&sp=3 suse kernel-default-devel < 3.0.101-0.47.106.5.1 sles-11 x86_64
Affected pkg:rpm/suse/kernel-default-devel?arch=s390x&distro=sles-11&sp=3 suse kernel-default-devel < 3.0.101-0.47.106.5.1 sles-11 s390x
Affected pkg:rpm/suse/kernel-default-devel?arch=i586&distro=sles-11&sp=3 suse kernel-default-devel < 3.0.101-0.47.106.5.1 sles-11 i586
Affected pkg:rpm/suse/kernel-default-base?arch=x86_64&distro=sles-11&sp=3 suse kernel-default-base < 3.0.101-0.47.106.5.1 sles-11 x86_64
Affected pkg:rpm/suse/kernel-default-base?arch=s390x&distro=sles-11&sp=3 suse kernel-default-base < 3.0.101-0.47.106.5.1 sles-11 s390x
Affected pkg:rpm/suse/kernel-default-base?arch=i586&distro=sles-11&sp=3 suse kernel-default-base < 3.0.101-0.47.106.5.1 sles-11 i586
Affected pkg:rpm/suse/kernel-bigsmp?arch=x86_64&distro=sles-11&sp=3 suse kernel-bigsmp < 3.0.101-0.47.106.5.1 sles-11 x86_64
Affected pkg:rpm/suse/kernel-bigsmp-devel?arch=x86_64&distro=sles-11&sp=3 suse kernel-bigsmp-devel < 3.0.101-0.47.106.5.1 sles-11 x86_64
Affected pkg:rpm/suse/kernel-bigsmp-base?arch=x86_64&distro=sles-11&sp=3 suse kernel-bigsmp-base < 3.0.101-0.47.106.5.1 sles-11 x86_64
# CVE Description CVSS EPSS EPSS Trend (30 days) Affected Products Weaknesses Security Advisories Exploits PoC Pubblication Date Modification Date
# CVE Description CVSS EPSS EPSS Trend (30 days) Affected Products Weaknesses Security Advisories PoC Pubblication Date Modification Date